Commit Graph

91 Commits (02f815d1907cdd7e042415a2b4a749c819087168)

Author SHA1 Message Date
Daniel Golle 267873ac9b
base-files: don't evaluate block-device uevent
Current code and also before commit da52dd0c83 was vulnerable to shell
injection using volume lables in the GPT partition table of block
devices. Given that partition names can be freely defined in GPT tables
we really shouldn't evaluate a string which is potentially crafted with
evil intentions. Hence rather use `export -n` to absorb the uevent's
variables into the environment.

Fixes commit da52dd0c83 (base-files: quote values when evaluating uevent)
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
[mschiffer@universe-factory.net: suggested export -n usage]
2018-02-13 00:01:44 +01:00
Daniel Golle da52dd0c83 base-files: quote values when evaluating uevent
When sourcing /sys/class/block/*/uevent values have to be quoted as
they may contain spaces (e.g. in PARTNAME).
Fix this by pre-processing with sed before sourcing.

Signed-off-by: Daniel Golle <daniel@makrotopia.org>
2018-02-11 16:42:01 +01:00
Mathias Kresin 93bd46b719 procd: nand: remove nand_board_name platform override
It isn't uses anymore by any target.

Signed-off-by: Mathias Kresin <dev@kresin.me>
2017-12-08 20:57:12 +01:00
Mathias Kresin c90a8cb755 procd: nand: dont rely on boardname in nand_upgrade_tar
Kernel and rootfs in a subdirectory matching the userspace boardname,
was intended to use a single sysupgrade-tar archive for multiple boards
with different kernel/rootfs images. This feature was never used.

Use the first found directory in the tar archive instead of relying on
a directory named according to the userspace boardname.

It allows to change the boardname without adding another compatibility
layer - using the nand_board_name() function - for (sub)targets using
the metadata based image validation in favour to
nand_do_platform_check().

Signed-off-by: Mathias Kresin <dev@kresin.me>
2017-12-08 20:57:12 +01:00
Christian Lamparter 4e3f6dae04 base-files: upgrade: make get_partitions() endian agnostic
This patch fixes two issues with the current get_partitions()
function.

First: "Invalid partition table on $disk" will pop up on
legitimate images on big endian system.

This is because the little-endian representation of "55 AA" is
assumed in the context of little-endian architectures. On these
comparing it to the 16-bit word 0xAA55 does work as intented.
Whereas on big-endian systems, this would have to be 0x55AA.

This patch fixes the issue by replacing the integer conversion
and value match check with just a string comparision.

Second: The extraction of the type, start LBA and LBA num from
the partition table has the same endianness issue. This has been
fixed by using the new hex_le32_to_cpu() function. This function
will translate the stored little-endian data to the correct
byte-order if necessary.

Signed-off-by: Christian Lamparter <chunkeey@gmail.com>
2017-12-08 19:54:16 +01:00
Mat Trudel 2dca7177e7 sysupgrade: don't kill our own parent
Add the parent of the sysupgrade script to the list of pids not getting
killed

Signed-off-by: Mat Trudel <mat@geeky.net>
Signed-off-by: John Crispin <john@phrozen.org>
2017-11-15 21:11:23 +01:00
Matthias Schiffer 1ab227d688
base-files: upgrade: don't loop forever trying to kill processes
When processes don't die on SIGKILL (usually because of kernel bugs), it's
better to give up instead of looping forever.

upgraded will trigger a reboot in this case (and if this fails, a hardware
watchdog will eventually time out and reset the system, if present).

Signed-off-by: Matthias Schiffer <mschiffer@universe-factory.net>
2017-07-20 21:41:33 +02:00
Matthias Schiffer 438dcbfe74
base-files: automatically handle paths and symlinks for RAMFS_COPY_BIN
Depending on busybox applet selection, paths of basic utiilties may differ,
and may not work as symlinks to busybox. Simply using whatever binary is
found in PATH and detecting symlinks automatically is more robust and
easier to maintain.

The list of binaries is also slightly cleaned up and duplicates are
removed.

Signed-off-by: Matthias Schiffer <mschiffer@universe-factory.net>
2017-07-11 17:26:32 +02:00
Matthias Schiffer 73f675415c
bcm53xx: upgrade: fix RAMFS_COPY_*
Fixes: 30f61a34b4 "base-files: always use staged sysupgrade"
Signed-off-by: Matthias Schiffer <mschiffer@universe-factory.net>
2017-07-11 17:19:23 +02:00
Matthias Schiffer 7a29e44f90
base-files: upgrade: correctly handle nand_do_upgrade argument passed from preupgrade
Fixes: 30f61a34b4 "base-files: always use staged sysupgrade"
Signed-off-by: Matthias Schiffer <mschiffer@universe-factory.net>
2017-07-11 17:19:23 +02:00
Matthias Schiffer 5654a03768
mvebu: fix sysupgrade
mvebu was modifying RAMFS_COPY_BIN and RAMFS_COPY_DATA from a
sysupgrade_pre_upgrade hook. As the ramfs is created from stage2, this
did not have an effect anymore after the staged sysupgrade changes.

As it doesn't really hurt to copy fw_printenv and fw_setenv
unconditionally, simply add them in /lib/upgrade/platform.sh, so stage2
will see them.

Config copying is moved to a function called by platform_copy_config, where
it belongs.

Signed-off-by: Matthias Schiffer <mschiffer@universe-factory.net>
Fixes: FS#821
Fixes: 30f61a34b4 "base-files: always use staged sysupgrade"
2017-06-01 20:41:19 +02:00
Christian Lamparter 7783f31359 base-files: nand: use CI_KERNPART whenever the kernel volume is needed
The sender domain has a DMARC Reject/Quarantine policy which disallows
sending mailing list messages using the original "From" header.

To mitigate this problem, the original message has been wrapped
automatically by the mailing list software.
This patch is in continuation of: commit 93aa860405
"procd: nand: make it possible to configure kernel and ubi partition"

The $CI_KERNPART variable should be used in place
of the fixed "kernel" partition name. This allows
targets to specifiy alternate names for the kernel
partition.

Cc: Chris Blake <chrisrblake93@gmail.com>
Signed-off-by: Christian Lamparter <chunkeey@googlemail.com>
2017-05-31 09:55:01 +02:00
Matthias Schiffer b2adb9a7b5
base-files: sysupgrade cleanup
Some functions only used by stage2 are moved there from common.sh.

One piece that could still use more cleanup is platform_pre_upgrade: many
targets reference files from there are aren't available in the ramfs, so
we need to evaluate it before the switch; conversely, flash writes happen
in that function on some targets. Targets that do the latter should be
fixed eventually to use platform_do_upgrade for that purpose.

Signed-off-by: Matthias Schiffer <mschiffer@universe-factory.net>
2017-05-29 23:50:33 +02:00
Matthias Schiffer 30f61a34b4
base-files: always use staged sysupgrade
Support for the -d and -p options is dropped; it may be added again at some
point by adding these flags to the ubus sysupgrade call.

A downside of this is that we get a lot less information about the progress
of the upgrade: as soon as the actual upgrade starts, all shell sessions
are killed to allow unmounting the root filesystem.

Signed-off-by: Matthias Schiffer <mschiffer@universe-factory.net>
2017-05-29 23:50:32 +02:00
Matthias Schiffer 393817df5d
procd: remove procd-nand package
We always want to support staged upgrades now, so it's better to include
upgraded into the main package. /lib/upgrade/nand.sh is moved to
base-files.

The procd-nand-firstboot package is removed for now, it may return later
as a separate package.

Signed-off-by: Matthias Schiffer <mschiffer@universe-factory.net>
2017-05-29 23:50:32 +02:00
Felix Fietkau 7304510392 base-files: save /bin/mknod for sysupgrade
It is used on NAND devices in case hotplug is too slow

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2017-01-06 15:34:14 +01:00
Yousong Zhou 6f61d8511e base-files: export x86 platform upgrade functions to common.sh
Signed-off-by: Yousong Zhou <yszhou4tech@gmail.com>
2017-01-05 11:09:14 +01:00
Felix Fietkau 81b5e8e5d2 base-files: add a hint in sysupgrade that shows what to do when the image metadata check fails
Signed-off-by: Felix Fietkau <nbd@nbd.name>
2016-12-04 11:41:49 +01:00
Felix Fietkau cc853810a4 base-files: validate metadata of sysupgrade images
Use fwtool to extract it, only require metadata to be present if the
platform sysupgrade script sets REQUIRE_IMAGE_METADATA=1

Image metadata is in JSON format and contains a list of supported
devices, along with version information that could be displayed by a UI
later before the actual upgrade happens.

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2016-11-19 11:24:09 +01:00
André Valentin 783875f18b package/basefiles: add mkfs.ext4 and losetup binaries to ramfs list
mkfs.ext4 und losetup are needed for sysupgrade support on mmc devices
with automatic rootfs split (loopback device usage).

Signed-off-by: André Valentin <avalentin@marcant.net>
2016-10-26 12:37:47 +02:00
Mathias Kresin 3004298e62 sysupgrade: unmount filesystems before reboot
sysupgrade immediately reboots after flashing an image and doesn't
allow to unmount filesystems. At least in case the image used for
sysupgrade is stored on a FAT formatted usb flash drive, the following
warning is printed during the next mount of the flash drive:

FAT-fs (sda1): Volume was not properly unmounted. Some data may be
corrupt. Please run fsck.

Although a data corruption during read operations is unlikely, there is
no need to scare the users.

Signed-off-by: Mathias Kresin <dev@kresin.me>
2016-08-04 18:19:46 +02:00
Conn O'Griofa e1406cd31a base-files: sysupgrade: fix pseudobridge upgrades
Treat 'relayd' as an essential service to avoid connection interruptions during sysupgrade on devices configured as a pseudobridge.

Signed-off-by: Conn O'Griofa <connogriofa@gmail.com>
2016-07-24 06:54:40 +02:00
Jo-Philipp Wich 1012701014 x86: generalize partition discovery for sysupgrade
Generalize the partition discovery in sysupgrade in order to fix sysupgrade
and config backup/recovery on MMC block devices which use a different naming
scheme compared to mtdblock or sd* devices.

The change also adds the find applet to the ramdisk utilities so that upgrade
code can rely on it.

The commit is based on the initial submission by Russell Senior at
http://patchwork.ozlabs.org/patch/625440/ .

Signed-off-by: Russell Senior <russell@personaltelco.net>
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
2016-05-24 13:30:58 +02:00
Jo-Philipp Wich 4aeeead303 x86: preserve partition table on sysupgrade
With this patch sysupgrade will write directly to the partitions
instead of to the main disk.  The UUID is copied from the image
to the MBR as well.  This prevents the mbr from being completely
overwritten and losing the partition table.  The -p option has
been added to maintain the original behavior and overwite the
entire disk with the new image.  Tests have been added to ensure
that the image partitions match up with the active partitions.

Signed-off-by: Rob Mosher <nyt-openwrt@countercultured.net>

SVN-Revision: 48682
2016-02-09 12:33:17 +00:00
Felix Fietkau b7ab6c66cc base-files: fix sysupgrade 'wget' handling for uclient-fetch
change 48451 tried to add support for uclient-fetch by moving
/usr/bin/wget to /bin/wget, but this change kept the symbolic
link to /bin/busybox as install_bin creates links to param 1

the desired fix is to link to uclient-fetch to wget:
  install_bin /bin/uclient-fetch /bin/wget

Signed-off-by: John Clark <inindev@gmail.com>

SVN-Revision: 48483
2016-01-25 12:35:21 +00:00
Felix Fietkau f57419d26e base-files: fix sysupgrade 'wget' handling
with r48379 and r48386 the path of wget changed.
respect that and adjust the dirname.

this fixes #21680

Signed-off-by: Bastian Bittorf <bittorf@bluebottle.com>

SVN-Revision: 48451
2016-01-22 09:41:58 +00:00
John Crispin 4ef319fad2 base-files: sysupgrade: quote source image name
get_image() eval a filename without quoting it, resulting in errors with
filenames containing characters that need to be escaped.
    $ sysupgrade -T -f ./cfg\(12\).tar.gz img.bin; echo $?
    Image check 'platform_check_image' failed.
    Invalid config file. Please use only .tar.gz files
    1
    $ mv cfg\(12\).tar.gz cfg_12.tar.gz
    $ mv img\(1\).bin img.bin
    sysupgrade -T -f ./cfg_12.tar.gz img.bin; echo $?
    0

Enclose the content of $from in double quotes.

Signed-off-by: Adrien Schildknecht <adrien+dev@schischi.me>

SVN-Revision: 46919
2015-09-14 20:09:06 +00:00
John Crispin f57076956e base-files: default_do_upgrade: accept & forward image extraction command
get_image allows passing 2nd argument that is used in a pipe for
extracting firmware from a non-native format. By accepting such command
in default_do_upgrade we allow platforms to use this helper for vendor
specific images.

Signed-off-by: Rafał Miłecki <zajec5@gmail.com>

SVN-Revision: 45900
2015-06-05 14:12:05 +00:00
Luka Perkov 0a4bcd5be6 base-files: remove ubi tool
ubi tool was removed from fstools in r41128.

Signed-off-by: Luka Perkov <luka@openwrt.org>

SVN-Revision: 45813
2015-05-29 08:14:38 +00:00
Jonas Gorski 02c6798a0d base-files: supress errors from ldd
ldd might be called for shell scrips during sysupgrade, causing it to
complain that they are not a dynamic executables.

This is a harmless error, so supress it to avoid confusing about them
being serious ones.

Signed-off-by: Jonas Gorski <jogo@openwrt.org>

SVN-Revision: 43315
2014-11-19 12:17:37 +00:00
Jonas Gorski 2e95b1fda7 base-files: properly fix copying ld*.so with eglibc
r36107 ("base-files: sysupgrade fail with eglibc") tried to fix
sysupgrade by changing the ld-soname to what is expected, but only
fixed MIPS while breaking ARM.

The underlying issue is that the ld.so name varies widely across
different architectures for eglibc:

eglibc-2.19-r25243$ grep -r "ld-soname :=" . | awk '{ print $3 }' | sort -u
ld64.so.1
ld64.so.2
ld-linux-aarch64_be.so.1
ld-linux-aarch64.so.1
ld-linux-armhf.so.3
ld-linux-mipsn8.so.1
ld-linux.so.2
ld-linux.so.3
ld-linux-x32.so.2
ld-linux-x86-64.so.2
ld.so.1

Instead of adding each different soname to check for and copy it,
replace the awk script with a sed script to extract it properly and
drop the hardcoded so-name.

Signed-off-by: Jonas Gorski <jogo@openwrt.org>

SVN-Revision: 43295
2014-11-18 15:19:46 +00:00
Felix Fietkau 7a5002ec9d base-files: add /etc/shadow to list of essential files to keep in sysupgrade (bug 18206)
Based on bug #18206 sysupgrade can lead to loss of password information in
certain situations. Most likely all users who will upgrade from versions
r43017-43040, will lose their current passwords. :-(
https://dev.openwrt.org/ticket/18206

Currently /etc/shadow is defined as a conffile in base-files:
https://dev.openwrt.org/browser/trunk/package/base-files/Makefile#L37

But it is not defined in the default list of essential files to keep in
sysupgrade:
https://dev.openwrt.org/browser/trunk/package/base-files/files/lib/upgrade/keep.d/base-files-essential

If exporting conffiles info fails, /etc/shadow can get lost.

Shadow passwords are now the default, so saying that preserving /etc/passwd
is essential while /etc/shadow is not, makes no sense.

The attached patch adds /etc/shadow to the list of essential files.

Signed-off-by: Hannu Nyman <hannu.nyman@iki.fi>

SVN-Revision: 43061
2014-10-25 17:22:46 +00:00
Felix Fietkau 0ef474a118 base-files: fix ldd definition if /usr/bin/ldd exists
Signed-off-by: Felix Fietkau <nbd@openwrt.org>

SVN-Revision: 42976
2014-10-19 21:46:08 +00:00
John Crispin be26421f45 sysupgrade: Enable killing of all processes under upgraded
If the sysupgrade scripts is called under upgraded, it will not kill all
other processes as it should to avoid interference by locked filesystem.
This patch checks the parent and if it is upgraded, it kills all.

Signed-off-by: André Valentin <avalentin@marcant.net>

SVN-Revision: 41563
2014-07-10 19:16:27 +00:00
John Crispin 66ae4803e2 base-files: fix ramfs / nand upgrade
/lib/{imx6,lantiq,...}.sh are needed in the ramfs for sysupgrade to work.

Signed-off-by: John Crispin <blogic@openwrt.org>

SVN-Revision: 41440
2014-07-01 10:26:14 +00:00
John Crispin 09273f5c0a base-files: regenerate the /lib64 symlink when switching to a ramdisk
Signed-off-by: John Crispin <blogic@openwrt.org>

SVN-Revision: 41284
2014-06-20 13:41:08 +00:00
John Crispin 4b1c48bc93 base-files: add upgraded to the list of daemons not killed
Signed-off-by: John Crispin <blogic@openwrt.org>

SVN-Revision: 41268
2014-06-19 14:12:55 +00:00
John Crispin bedd6f44a5 base-files: properly remove stderr from zcat/bzcat
Signed-off-by: John Crispin <blogic@openwrt.org>

SVN-Revision: 41135
2014-06-11 13:00:25 +00:00
John Crispin e73538ba56 base-files: include more ubi* tools in sysupgrade ramdisk
Also add some more busybox symlinks which are useful for sysupgrade
on UBI-enabled devices.

Signed-off-by: Daniel Golle <daniel@makrotopia.org>

SVN-Revision: 41125
2014-06-11 12:59:33 +00:00
John Crispin 0de0310a9c base-files: Allow installation of symlinks using RAMFS_COPY_BIN env var.
http://patchwork.openwrt.org/patch/5086/

Signed-off-by: karl.vogel@gmail.com

SVN-Revision: 40943
2014-06-02 12:45:13 +00:00
John Crispin 665d39f698 base-files: the ubi tol should be installed when jumping to ram_fs
Signed-off-by: John Crispin <blogic@openwrt.org>

SVN-Revision: 40420
2014-04-07 15:35:20 +00:00
John Crispin 1d5ac95850 base-files: make use of new fstools
Signed-off-by: John Crispin <blogic@openwrt.org>

SVN-Revision: 40416
2014-04-07 15:10:15 +00:00
Felix Fietkau 4a9ea80ef0 /lib/functions.sh: move rarely used mtd and macaddr related functions to /lib/functions/system.sh
Signed-off-by: Felix Fietkau <nbd@openwrt.org>

SVN-Revision: 40411
2014-04-07 10:29:47 +00:00
John Crispin 08b4924401 ubi-utils: mini version of mtd-utils that only includes ubi tools
Signed-off-by: John Crispin <blogic@openwrt.org>

SVN-Revision: 40367
2014-04-03 14:26:42 +00:00
John Crispin 0dc9d8d6ff fstools: add the new fstools package
Signed-off-by: John Crispin <blogic@openwrt.org>

SVN-Revision: 39895
2014-03-12 19:32:51 +00:00
John Crispin 834204bda6 base-files: fix mount-utils incompatibility
Signed-off-by: Toke Høiland-Jørgensen <toke@toke.dk>

SVN-Revision: 39169
2013-12-27 21:15:09 +00:00
Luka Perkov 3ceb6b3274 base-files: fix whitespaces
Signed-off-by: Luka Perkov <luka@openwrt.org>

SVN-Revision: 39006
2013-12-09 11:30:14 +00:00
Felix Fietkau ff17114ba1 ar71xx: Unifi AP Pro sysupgrade patch
The current implementation of mtd will not append the backup
file created by sysupgrade to the correct partition, as mtd will append
the data to first jffs2 partition it finds. As the kernel is also
stored on a jffs2 partition (which resides before the overlay
partition), the data will be appended to this partition.

To fix this problem, a new option

-s <number>             skip the first n bytes when appending data to the jffs2 partiton, defaults to "0"

is added to mtd.

Signed-off-by: Peter Wagner <tripolar@gmx.at>

SVN-Revision: 38807
2013-11-14 19:38:54 +00:00
Hauke Mehrtens 0d82bbb1fb base-files: don't kill nas for sysupgrade
Signed-off-by: Nathan Hintz <nlhintz@hotmail.com>

SVN-Revision: 38766
2013-11-11 22:12:58 +00:00
Felix Fietkau b95bdc8ab5 kernel/base-files: clean up old code related to refreshing mtd partitions, it is no longer used anywhere
Signed-off-by: Felix Fietkau <nbd@openwrt.org>

SVN-Revision: 37282
2013-07-14 12:56:58 +00:00