aboutsummaryrefslogtreecommitdiffstats
path: root/package/base-files/files/sbin/sysupgrade
diff options
context:
space:
mode:
authorRafał Miłecki <rafal@milecki.pl>2019-08-23 08:15:23 +0200
committerRafał Miłecki <rafal@milecki.pl>2019-08-30 08:34:10 +0200
commitf522047958f99ab7b506ec550f796c0460af1a85 (patch)
treec10790cf26e64f9ada7cfee8c83912b3900c3c5f /package/base-files/files/sbin/sysupgrade
parent7f9edadf85299cd4fc965a811b40eaa57a368486 (diff)
downloadupstream-f522047958f99ab7b506ec550f796c0460af1a85.tar.gz
upstream-f522047958f99ab7b506ec550f796c0460af1a85.tar.bz2
upstream-f522047958f99ab7b506ec550f796c0460af1a85.zip
base-files: use JSON for storing firmware validation info
So far firmware validation result was binary limited: it was either successful or not. That meant various limitations, e.g.: 1) Lack of proper feedback on validation problems 2) No way of marking firmware as totally broken (impossible to install) This change introduces JSON for storing detailed validation info. It provides a list of performed validation tests and their results. It allows marking firmware as non-forceable (broken image that can't be even forced to install). Example: { "tests": { "fwtool_signature": true, "fwtool_device_match": true }, "valid": true, "forceable": true } Implementation is based on *internal* check_image bash script that: 1) Uses existing validation functions 2) Provides helpers for setting extra validation info This allows e.g. platform_check_image() to call notify_check_broken() when needed & prevent user from bricking a device. Right now the new JSON info is used by /sbin/sysupgrade only. It still doesn't make use of "forceable" as that is planned for later development. Further plans for this feature are: 1) Expose firmware validation using some new ubus method 2) Move validation step from /sbin/sysupgrade into "sysupgrade" ubus method so: a) It's possible to safely sysupgrade using ubus only b) /sbin/sysupgrade can be more like just a CLI Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
Diffstat (limited to 'package/base-files/files/sbin/sysupgrade')
-rwxr-xr-xpackage/base-files/files/sbin/sysupgrade28
1 files changed, 14 insertions, 14 deletions
diff --git a/package/base-files/files/sbin/sysupgrade b/package/base-files/files/sbin/sysupgrade
index c27c1fbc47..42f0f6bd22 100755
--- a/package/base-files/files/sbin/sysupgrade
+++ b/package/base-files/files/sbin/sysupgrade
@@ -2,6 +2,7 @@
. /lib/functions.sh
. /lib/functions/system.sh
+. /usr/share/libubox/jshn.sh
# initialize defaults
export MTD_ARGS=""
@@ -191,9 +192,6 @@ add_overlayfiles() {
return 0
}
-# hooks
-sysupgrade_image_check="fwtool_check_signature fwtool_check_image platform_check_image"
-
if [ $SAVE_OVERLAY = 1 ]; then
[ ! -d /overlay/upper/etc ] && {
echo "Cannot find '/overlay/upper/etc', required for '-c'" >&2
@@ -316,17 +314,19 @@ case "$IMAGE" in
;;
esac
-for check in $sysupgrade_image_check; do
- ( $check "$IMAGE" ) || {
- if [ $FORCE -eq 1 ]; then
- echo "Image check '$check' failed but --force given - will update anyway!" >&2
- break
- else
- echo "Image check '$check' failed." >&2
- exit 1
- fi
- }
-done
+json_load "$(/usr/libexec/validate_firmware_image "$IMAGE")" || {
+ echo "Failed to check image"
+ exit 1
+}
+json_get_var valid "valid"
+[ "$valid" -eq 0 ] && {
+ if [ $FORCE -eq 1 ]; then
+ echo "Image check failed but --force given - will update anyway!" >&2
+ else
+ echo "Image check failed." >&2
+ exit 1
+ fi
+}
if [ -n "$CONF_IMAGE" ]; then
case "$(get_magic_word $CONF_IMAGE cat)" in