Commit Graph

78 Commits

Author SHA1 Message Date
Huangbin Zhan
fed9bfbfeb base-files: coreutil-sha256sum breaks status code
With package "coreutil-sha256sum" installed "sysupgrade" fails to perform 'sha256sum -s' and instead returns 'invalid option -- 's''.
This is caused due to:
	different syntax for a sha256sum status check ('sha256sum --status' with "coreutil-sha256sum")
	'/usr/bin/sha256sum' being symlinked to '/usr/bin/gnu-sha256sum' (after installation of "coreutil-sha256sum")
"coreutil-sha256sum" package from the packages feed replaces the Busybox sha256sum
This patch restores for 'sysupgrade' the busybox call to its sha256sum applet.

Signed-off-by: Huangbin Zhan <zhanhb88@gmail.com>
2020-06-27 00:19:13 +02:00
Florian Eckert
0f33c6b74a base-files: use jshn lib for ubus sysupgrade argument generation
With this change the well known jshn library will be used, to build the
json arguments for the ubus sysupgrade method. This is also used in all
other shell program that uses JSON. This commit unifies that.

Signed-off-by: Florian Eckert <fe@dev.tdt.de>
2020-01-14 00:06:03 +01:00
Petr Štetiar
cf3da66d2c base-files: sysupgrade: exit if the firmware download failed
Sysupgrade process shouldn't continue if the firmware image couldn't be
downloaded.

Ref: http://lists.infradead.org/pipermail/openwrt-devel/2019-December/020940.html
Reported-by: Petr Novák <petrn@me.com>
Signed-off-by: Petr Štetiar <ynezz@true.cz>
2020-01-05 14:13:01 +01:00
Rafał Miłecki
a858db3136 treewide: sysupgrade: use $UPGRADE_BACKUP to check for backup
Now that $UPGRADE_BACKUP is set conditionally there is no need to check
the $UPGRADE_OPT_SAVE_CONFIG anymore. All conditions can be simplified.

Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
2019-09-11 09:05:35 +02:00
Rafał Miłecki
c5223b26a4 base-files: sysupgrade: pass "backup" ubus attribute
This explicitly tells procd what backup file should be used during
sysupgrade (if any). It's much more generic this way compared to the
magic /tmp/sysupgrade.tgz file that had to be created before a call.

Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
2019-09-11 08:57:24 +02:00
Rafał Miłecki
b71962da16 base-files: pass "force" parameter to the "sysupgrade" call
This makes sysupgrade work with the most recent procd that validates
firmware before proceeding.

Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
2019-09-04 11:07:41 +02:00
Rafał Miłecki
f522047958 base-files: use JSON for storing firmware validation info
So far firmware validation result was binary limited: it was either
successful or not. That meant various limitations, e.g.:
1) Lack of proper feedback on validation problems
2) No way of marking firmware as totally broken (impossible to install)

This change introduces JSON for storing detailed validation info. It
provides a list of performed validation tests and their results. It
allows marking firmware as non-forceable (broken image that can't be
even forced to install).
Example:
{
        "tests": {
                "fwtool_signature": true,
                "fwtool_device_match": true
        },
        "valid": true,
        "forceable": true
}

Implementation is based on *internal* check_image bash script that:
1) Uses existing validation functions
2) Provides helpers for setting extra validation info

This allows e.g. platform_check_image() to call notify_check_broken()
when needed & prevent user from bricking a device.

Right now the new JSON info is used by /sbin/sysupgrade only. It still
doesn't make use of "forceable" as that is planned for later
development.

Further plans for this feature are:
1) Expose firmware validation using some new ubus method
2) Move validation step from /sbin/sysupgrade into "sysupgrade" ubus
   method so:
   a) It's possible to safely sysupgrade using ubus only
   b) /sbin/sysupgrade can be more like just a CLI

Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
2019-08-30 08:34:10 +02:00
Rafał Miłecki
b6f4cd57e1 treewide: sysupgrade: pass "save_partitions" option to the "sysupgrade" method
This explicitly lets stage2 know if partitions should be preserved. No
more "touch /tmp/sysupgrade.always.overwrite.bootdisk.partmap" hack.

Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
2019-08-22 13:47:51 +02:00
Rafał Miłecki
b534ba9611 base-files: pass "save_config" option to the "sysupgrade" method
This explicitly lets stage2 know if config should be preserved.

Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
2019-08-22 13:47:47 +02:00
Rafał Miłecki
3f4c785a6b base-files: don't set ARGV and ARGC
Those are not used by any image check function anymore.

Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
2019-07-17 08:10:40 +02:00
Rafał Miłecki
f7edd94a65 base-files: move stage2 upgrade to separated file
do_upgrade_stage2() isn't really any common code. It isn't used anywhere
except for /sbin/sysupgrade that passes it to the stage2.

Moving its code to separated file also simplifies COMMAND variable.

Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
2019-07-11 17:05:20 +02:00
David Bauer
28cd2caa35 base-files: sysupgrade: support additional mtd options
Add support for passing additional parameters to mtd called during
sysupgrade. It will be required to toggle the "recovery moe" flag
supported by recent tp-link boards.

Signed-off-by: David Bauer <mail@david-bauer.net>
[split code from board support patch; add commit message]
Signed-off-by: Mathias Kresin <dev@kresin.me>
2019-01-26 21:46:32 +01:00
Luiz Angelo Daros de Luca
5cb1dce542 base-files: add sysupgrade -k to save list of pkgs
When '-k' is used, sysupgrade inserts into backup a new file
/etc/backup/installed_packages.txt which contains pkgname and origin (rom,
overlay, unknown) without touching rootfs.

It's mainly used to reinstall all extra packages:

 # opkg update
 # grep "\toverlay" /etc/backup/installed_packages.txt | cut -f1 | xargs -r opkg install
 # rm /etc/backup/installed_packages.txt

Signed-off-by: Luiz Angelo Daros de Luca <luizluca@gmail.com>
2018-12-09 18:04:11 +00:00
Luiz Angelo Daros de Luca
96392e5da4 base-files: add sysupgrade -o to save all overlay files
Add sysupgrade '-o' option in order to include all overlay files in
backup, except for those that are from packages but including files
listed in conffiles, sysupgrade.conf or /lib/upgrade/keep.d.

With '-u' option, it will skip files equals to /rom and conffiles that
were not changed.

Signed-off-by: Luiz Angelo Daros de Luca <luizluca@gmail.com>
2018-12-09 18:04:11 +00:00
Luiz Angelo Daros de Luca
20b23270b7 base-files: add sysupgrade -u to skip unchanged files
With '-u', for a file /aaa/bbb/ccc enlisted for backup,
it will only get into backup if /rom/aaa/bbb/ccc does not
exist or /aaa/bbb/ccc is different from /rom/aaa/bbb/ccc.

It also works with '-c', but only effective for files touched
but not modified.

Signed-off-by: Luiz Angelo Daros de Luca <luizluca@gmail.com>
2018-12-09 18:04:11 +00:00
Luiz Angelo Daros de Luca
e8711daede base-files: minor cleanups on sysupgrade
Renamed add_uci_conffiles to add_conffiles as it includes
any conffiles listed, not only UCI ones.

Make do_save_conffiles arg mandatory

Allow other options after -l (like -c)

Do not use stdout for error messages (fixes backup to stdout)

Signed-off-by: Luiz Angelo Daros de Luca <luizluca@gmail.com>
2018-12-09 18:04:11 +00:00
Petr Štetiar
7c104a8358 base-files: sysupgrade: Allow downloading of firmware images using HTTPS
Currently it's only possible to download images over HTTP.

Signed-off-by: Petr Štetiar <ynezz@true.cz>
2018-11-25 19:26:50 +01:00
Daniel Golle
8174853c78 base-files: introduce sysupgrade signature chain verification
Verify ucert signature chains in sysupgrade images in case ucert is
installed and $CHECK_IMAGE_SIGNARURE = 1.
Also make sure ucert host binary is present and generate a self-signed
ucert in case $TOPDIR/key-build.ucert is missing.

Signed-off-by: Daniel Golle <daniel@makrotopia.org>
2018-08-08 02:22:54 +02:00
Andreas Ziegler
72489ebeb6 base-files: sysupgrade: abort if config backup fails
Sysupgrade shouldn't proceed, if the backup of the configuration
fails because tar (or gzip) exit with a non-zero code.

Signed-off-by: Andreas Ziegler <dev@andreas-ziegler.de>
2018-08-06 06:51:44 +02:00
John Crispin
5e1b4c57de base-files: drop fwtool_pre_upgrade
this feature has never worked, the fw image name was not passed and the -t
parameter was missing in the tool invocation. drop the feature.

Signed-off-by: John Crispin <john@phrozen.org>
2018-07-30 17:42:39 +02:00
Kevin Darbyshire-Bryant
edf338f248 basefiles: Reword sysupgrade message
sysupgrade 'upgrade' message more verbose than needs be.

Signed-off-by: Kevin Darbyshire-Bryant <ldir@darbyshire-bryant.me.uk>
2018-07-08 09:41:53 +01:00
Matthias Schiffer
6ed389da85
base-files: sysupgrade: do not rely on opkg to list changed conffiles
Many packages use the opkg conffiles field to list configuration files that
are to be retained on upgrades. Make this work on systems without opkg.

Signed-off-by: Matthias Schiffer <mschiffer@universe-factory.net>
2018-03-07 08:49:39 +01:00
Kevin Darbyshire-Bryant
89233a8c49 base-files: sysupgrade: correct command help text
Commit 30f61a34b4 claimed to drop -d & -p
options. In reality only -d was dropped.  Update command help text to
reflect that -d is no longer a supported option.

Fixes FS#1187

Signed-off-by: Kevin Darbyshire-Bryant <ldir@darbyshire-bryant.me.uk>
2018-01-12 16:06:04 +01:00
Luiz Angelo Daros de Luca
3e98674bcf base-files: fix sysupgrade -b/-l when -c is used
Since /overlay/upper appeared, -b ignored -c silently (cause it was
still checking for /overlay/etc). Now, if /overlay/upper is absent,
sysupgrade -c will fail and exit verbosely.

Fix -l to consider -c (it never did).

Clean up to always use /overlay/upper/xxx instead of still checking
for /overlay/xxx.

Signed-off-by: Luiz Angelo Daros de Luca <luizluca@gmail.com>
2017-12-14 09:29:30 +01:00
Matthias Schiffer
438dcbfe74
base-files: automatically handle paths and symlinks for RAMFS_COPY_BIN
Depending on busybox applet selection, paths of basic utiilties may differ,
and may not work as symlinks to busybox. Simply using whatever binary is
found in PATH and detecting symlinks automatically is more robust and
easier to maintain.

The list of binaries is also slightly cleaned up and duplicates are
removed.

Signed-off-by: Matthias Schiffer <mschiffer@universe-factory.net>
2017-07-11 17:26:32 +02:00
Matthias Schiffer
a5428244d9
base-files: add support for staged sysupgrades from failsafe mode
Signed-off-by: Matthias Schiffer <mschiffer@universe-factory.net>
2017-05-29 23:50:33 +02:00
Matthias Schiffer
b2adb9a7b5
base-files: sysupgrade cleanup
Some functions only used by stage2 are moved there from common.sh.

One piece that could still use more cleanup is platform_pre_upgrade: many
targets reference files from there are aren't available in the ramfs, so
we need to evaluate it before the switch; conversely, flash writes happen
in that function on some targets. Targets that do the latter should be
fixed eventually to use platform_do_upgrade for that purpose.

Signed-off-by: Matthias Schiffer <mschiffer@universe-factory.net>
2017-05-29 23:50:33 +02:00
Matthias Schiffer
30f61a34b4
base-files: always use staged sysupgrade
Support for the -d and -p options is dropped; it may be added again at some
point by adding these flags to the ubus sysupgrade call.

A downside of this is that we get a lot less information about the progress
of the upgrade: as soon as the actual upgrade starts, all shell sessions
are killed to allow unmounting the root filesystem.

Signed-off-by: Matthias Schiffer <mschiffer@universe-factory.net>
2017-05-29 23:50:32 +02:00
Jo-Philipp Wich
361c8b4ee4 Revert "sysupgrade: run only one instance at a time."
This reverts commit e96a9a9af8.

The change breaks sysupgrade through LuCI and two-stage sysupgrade on
NAND targets. There is also a mismatch of file paths in lock and unlock
operations.

This commit was apparently neither properly tested, nor reviewed, so
drop it for now.

Signed-off-by: Jo-Philipp Wich <jo@mein.io>
2017-05-26 14:49:08 +02:00
Kenneth Johansson
e96a9a9af8 sysupgrade: run only one instance at a time.
Things do not work well if running multiple instances of
upgrade at the same time.

Signed-off-by: Kenneth Johansson <kenneth.johansson@inteno.se>
2017-05-25 09:22:43 +02:00
Felix Fietkau
cc853810a4 base-files: validate metadata of sysupgrade images
Use fwtool to extract it, only require metadata to be present if the
platform sysupgrade script sets REQUIRE_IMAGE_METADATA=1

Image metadata is in JSON format and contains a list of supported
devices, along with version information that could be displayed by a UI
later before the actual upgrade happens.

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2016-11-19 11:24:09 +01:00
Jo-Philipp Wich
4aeeead303 x86: preserve partition table on sysupgrade
With this patch sysupgrade will write directly to the partitions
instead of to the main disk.  The UUID is copied from the image
to the MBR as well.  This prevents the mbr from being completely
overwritten and losing the partition table.  The -p option has
been added to maintain the original behavior and overwite the
entire disk with the new image.  Tests have been added to ensure
that the image partitions match up with the active partitions.

Signed-off-by: Rob Mosher <nyt-openwrt@countercultured.net>

SVN-Revision: 48682
2016-02-09 12:33:17 +00:00
Jo-Philipp Wich
740a2ee163 base-files: Fix sysupgrade overlay saving
A previous change to sysupgrade moved the overlay files into upper/
The -c switch generates a list of files to backup, but the sed
calls did not take this into consideration.

Signed-off-by: Rob Mosher <nyt-openwrt@countercultured.net>

SVN-Revision: 48281
2016-01-17 18:24:30 +00:00
John Crispin
5d8f9e03f1 base-files: add support for platform_pre_upgrade function
Current NAND sysupgrade process is a bit hard to follow due to the way
of triggering stage1. Currently this is done by leaving a /mark/ in the
form of /tmp/sysupgrade-nand-path during nand_do_platform_check.
Existence of this mark stops standard sysupgrade process (as the result
of sysupgrade_pre_upgrade exit). This may be a bit misleading.

Proposed solution adds a new function that will allow platform.sh
trigger NAND sysupgrade consciously. This will also allow cleaning
nand_do_platform_check limiting it to just checking the image.

Signed-off-by: Rafał Miłecki <zajec5@gmail.com>

SVN-Revision: 45338
2015-04-09 14:33:03 +00:00
Imre Kaloz
2e3b84c3b5 fix sysupgrade on overlayfs v23+
Signed-off-by: Imre Kaloz <kaloz@openwrt.org>

SVN-Revision: 43365
2014-11-24 15:55:52 +00:00
John Crispin
7860c9707a sysupgrade: preserve symlinks in backups
Signed-off-by: Catalin Patulea <catalinp@google.com>

SVN-Revision: 42783
2014-10-06 04:51:56 +00:00
John Crispin
3dca5a158d procd: various cleanups to /lib/upgrade/nand.sh
Signed-off-by: John Crispin <blogic@openwrt.org>

SVN-Revision: 41222
2014-06-16 18:55:14 +00:00
John Crispin
c43d614f89 base-files: add an ugly hack for nand to sysupgrade
Signed-off-by: John Crispin <blogic@openwrt.org>

SVN-Revision: 41126
2014-06-11 12:59:37 +00:00
Felix Fietkau
4a9ea80ef0 /lib/functions.sh: move rarely used mtd and macaddr related functions to /lib/functions/system.sh
Signed-off-by: Felix Fietkau <nbd@openwrt.org>

SVN-Revision: 40411
2014-04-07 10:29:47 +00:00
John Crispin
f18112883f sysupgrade: do not kill any processes in failsafe
sysugrade killed the lock causing failsafe to stop

Signed-off-by: Alexander Couzens <lynxis@fe80.eu>

SVN-Revision: 39318
2014-01-17 22:12:05 +00:00
Luka Perkov
3ceb6b3274 base-files: fix whitespaces
Signed-off-by: Luka Perkov <luka@openwrt.org>

SVN-Revision: 39006
2013-12-09 11:30:14 +00:00
Felix Fietkau
ff17114ba1 ar71xx: Unifi AP Pro sysupgrade patch
The current implementation of mtd will not append the backup
file created by sysupgrade to the correct partition, as mtd will append
the data to first jffs2 partition it finds. As the kernel is also
stored on a jffs2 partition (which resides before the overlay
partition), the data will be appended to this partition.

To fix this problem, a new option

-s <number>             skip the first n bytes when appending data to the jffs2 partiton, defaults to "0"

is added to mtd.

Signed-off-by: Peter Wagner <tripolar@gmx.at>

SVN-Revision: 38807
2013-11-14 19:38:54 +00:00
Jo-Philipp Wich
b7f8f212ae base-files: implement -l (--list-backup) sysupgrade parameter to list the files that would be backed up
SVN-Revision: 37627
2013-07-31 18:11:55 +00:00
Jo-Philipp Wich
2a1ccf1830 base-files: abort sysupgrade if file specified with --restore-config is not found
SVN-Revision: 37624
2013-07-31 14:10:34 +00:00
Jo-Philipp Wich
2771edf647 base-files: implement -T (--test) sysupgrade parameter to verify image without actually flashing it
SVN-Revision: 37620
2013-07-30 16:42:05 +00:00
John Crispin
1f52c5a72c sysupgrade: create state file so procd knows when a sysupgrade is in progress
Signed-off-by: John Crispin <blogic@openwrt.org>

SVN-Revision: 36893
2013-06-10 08:24:31 +00:00
John Crispin
811d90ff40 mount_root: prepare base-files
Signed-off-by: John Crispin <blogic@openwrt.org>

SVN-Revision: 36429
2013-04-25 19:02:32 +00:00
Jo-Philipp Wich
70b0ef6322 sysupgrade: clarify online help
Fixes #12346.

Signed-off-by: Paul Fertser <fercerpav@gmail.com>

SVN-Revision: 34975
2013-01-02 16:21:30 +00:00
Jo-Philipp Wich
58070b0083 sysupgrade: do not require an extra argument after --restore-backup
Neither --create-backup nor --restore-backup need an image name (following
the backup filename). Treat them in uniform way.

Mostly fixes #12346.

Signed-off-by: Paul Fertser <fercerpav@gmail.com>

SVN-Revision: 34974
2013-01-02 16:21:26 +00:00
Jo-Philipp Wich
70aaa116eb base-files: provide a sysupgrade -r (--restore-backup) option as convenience wrapper for tar -C / -x(v)zf
SVN-Revision: 33147
2012-08-12 13:20:27 +00:00