From 9ca3d1d1f1cc73fc34a21d108992b6ddcc6fcd32 Mon Sep 17 00:00:00 2001 From: Jeon Sang-Heon Date: Wed, 29 Jul 2020 10:29:23 +0000 Subject: [PATCH 01/16] Fix systemd setting file path to /usr/lib - systemd setting file should be in /usr/lib at 64bit Change-Id: Id3edb1390ecc4bf53dc35d817bac7260c992d345 Signed-off-by: Jeon Sang-Heon --- packaging/system-rw-update.spec | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/packaging/system-rw-update.spec b/packaging/system-rw-update.spec index 7ef6465..070f222 100644 --- a/packaging/system-rw-update.spec +++ b/packaging/system-rw-update.spec @@ -56,11 +56,11 @@ cp -f rw-script-list/rw-script.list %{buildroot}%{_datadir}/upgrade rm -rf %{buildroot} %posttrans -if [ -e %{_libdir}/udev/rules.d/99-sdb-switch.rules ]; then +if [ -e /usr/lib/udev/rules.d/99-sdb-switch.rules ]; then echo "Exist 99-sdb-switch.rules, Skip!" else - mkdir -p %{_libdir}/udev/rules.d - ln -s /opt/data/update/99-sdb-switch.rules %{_libdir}/udev/rules.d + mkdir -p /usr/lib/udev/rules.d + ln -s /opt/data/update/99-sdb-switch.rules /usr/lib/udev/rules.d fi if [ ! -e %{_bindir}/rstsmack ]; then ln -s %{_bindir}/rstsmack-for-update %{_bindir}/rstsmack -- 2.7.4 From ae8bd7b881c7574a03ac87071d7583bcc95de28b Mon Sep 17 00:00:00 2001 From: Kichan Kwon Date: Tue, 15 Dec 2020 14:58:25 +0900 Subject: [PATCH 02/16] Remove rstsmack and use factory-reset's instead - NOTICE : rstsmack is provided by Public factory-reset please consider it when you migrate this package Change-Id: I9c77bb3b81973b2531f33fd8ee58e5ae5ee025c6 Signed-off-by: Kichan Kwon --- CMakeLists.txt | 3 - packaging/system-rw-update.spec | 9 ++- rstsmack/CMakeLists.txt | 17 ----- rstsmack/rstsmack.c | 154 ---------------------------------------- 4 files changed, 4 insertions(+), 179 deletions(-) delete mode 100755 rstsmack/CMakeLists.txt delete mode 100644 rstsmack/rstsmack.c diff --git a/CMakeLists.txt b/CMakeLists.txt index d2e8a78..fdf84fd 100755 --- a/CMakeLists.txt +++ b/CMakeLists.txt @@ -7,6 +7,3 @@ CONFIGURE_FILE(upgrade/update.sh.in upgrade/update.sh @ONL CONFIGURE_FILE(upgrade/record-version.sh.in upgrade/record-version.sh @ONLY) CONFIGURE_FILE(units/udev-sdb-init.service.in units/udev-sdb-init.service @ONLY) CONFIGURE_FILE(units/offline-update.service.in units/offline-update.service @ONLY) - -#add sub directory -ADD_SUBDIRECTORY(rstsmack) diff --git a/packaging/system-rw-update.spec b/packaging/system-rw-update.spec index 070f222..a6387a6 100644 --- a/packaging/system-rw-update.spec +++ b/packaging/system-rw-update.spec @@ -11,6 +11,10 @@ BuildRequires: cmake BuildRequires: pkgconfig(libsmack) BuildRequires: pkgconfig(libtzplatform-config) +# rstsmack is provided by Public factory-reset +# Please consider it when you migrate this package +Requires: %{_bindir}/rstsmack + %description This package provides files for RW update which is implemented by using systemd offline update. @@ -29,7 +33,6 @@ cmake . -DCMAKE_INSTALL_PREFIX=%{_prefix} \ %__make %{?_smp_mflags} %install -%make_install %define upgrade_dir %TZ_SYS_UPGRADE mkdir -p %{buildroot}%{upgrade_dir} @@ -62,9 +65,6 @@ else mkdir -p /usr/lib/udev/rules.d ln -s /opt/data/update/99-sdb-switch.rules /usr/lib/udev/rules.d fi -if [ ! -e %{_bindir}/rstsmack ]; then - ln -s %{_bindir}/rstsmack-for-update %{_bindir}/rstsmack -fi %files %manifest %{name}.manifest @@ -73,4 +73,3 @@ fi %{_unitdir}/offline-update.service %{_unitdir}/system-update.target.wants %{_unitdir}/udev-sdb-init.service -%{_bindir}/rstsmack-for-update diff --git a/rstsmack/CMakeLists.txt b/rstsmack/CMakeLists.txt deleted file mode 100755 index edfbb89..0000000 --- a/rstsmack/CMakeLists.txt +++ /dev/null @@ -1,17 +0,0 @@ -CMAKE_MINIMUM_REQUIRED(VERSION 2.6) -PROJECT(rstsmack-for-update C) - -SET(SRCS rstsmack.c) -INCLUDE(FindPkgConfig) -pkg_check_modules(pkgs REQUIRED libsmack) - -FOREACH(flag ${pkgs_CFLAGS}) - SET(EXTRA_CFLAGS "${EXTRA_CFLAGS} ${flag}") -ENDFOREACH(flag) - -SET(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} ${EXTRA_CFLAGS} -fPIC") - -ADD_EXECUTABLE(${PROJECT_NAME} ${SRCS}) -TARGET_LINK_LIBRARIES(${PROJECT_NAME} ${pkgs_LDFLAGS} -pie) - -INSTALL(PROGRAMS ${CMAKE_CURRENT_SOURCE_DIR}/${PROJECT_NAME} DESTINATION bin) diff --git a/rstsmack/rstsmack.c b/rstsmack/rstsmack.c deleted file mode 100644 index e17d696..0000000 --- a/rstsmack/rstsmack.c +++ /dev/null @@ -1,154 +0,0 @@ -/* - * rstsmack - Restore smack attributes on files - * - * Copyright (c) 2000 - 2017 Samsung Electronics Co., Ltd. - * - * Contact: MyoungJune Park - * Created by Wonil Choi - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - * - */ - -#include -#include -#include -#include -#include -#include -#include -#include -#include - -#ifdef DEBUG -# define LOGINFO(fmt, arg...) printf(fmt, ##arg) -#else -# define LOGINFO(fmt, arg...) -#endif - -void print_help(const char *cmd) -{ - printf("Usage: %s \n", cmd); - printf(" INPUT FILE should be same format as generated by" - " chsmack.\n\n"); - printf(" Ex) # chsmack /usr/bin/* > /tmp/rstsmack_input.txt\n"); -} - -static inline int abandonqm(char *label) -{ - int ret = 0; - /* ignore last character which must be a quotation mark */ - ret = (int) strlen(label); - ret--; - if (ret > SMACK_LABEL_LEN || ret <= 0) - return -1; - label[ret] = '\0'; - return 0; -} - -static void set_label(const char *pathname, char *label, int type) -{ - int ret = -1; - - if (abandonqm(label) == 0) { - ret = smack_lsetlabel(pathname, label, type); - if (ret < 0) - perror(pathname); - } else - fprintf(stderr, "The input file has wrong format, %s\n", - pathname); -} - -static int parse_and_set(const char *srcfile) -{ - /* We assume the text format of input file is same as chsmack output */ - FILE *fp; - int ret = 0; - char linebuf[PATH_MAX + 5 * SMACK_LABEL_LEN], pathname[PATH_MAX]; - char label[SMACK_LABEL_LEN + 1]; - char *plabel; /* pointer of beginning smack label */ - fp = fopen(srcfile, "r"); - if (fp == NULL) - return -1; - - while (fgets(linebuf, sizeof(linebuf), fp)) { - plabel = strstr(linebuf, " access="); - - if (plabel && strlen(plabel) >= SMACK_LABEL_LEN) { // handling "The maximum input length is not specified" - fclose(fp); - return -1; - } - if (plabel && linebuf != plabel) { - *plabel = '\0'; - strncpy(pathname, linebuf, sizeof(pathname)); - pathname[sizeof(pathname) - 1] = '\0'; - plabel++; - } else { - linebuf[strlen(linebuf) - 1] = '\0'; - LOGINFO("no label, set label: %s, access=\"_\"(floor)\n", linebuf); - strncpy(label, "_\"", SMACK_LABEL_LEN); - set_label(linebuf, label, SMACK_LABEL_ACCESS); - /* TODO: If file name contains " access=" then it would - * not be processed */ - continue; - } - - LOGINFO("set label: %s,", pathname); - - ret = sscanf(plabel, "access=\"%s", label); - if (ret > 0) { - LOGINFO(" access: \"%s", label); - set_label(pathname, label, SMACK_LABEL_ACCESS); - plabel = plabel + sizeof(" access=\"") + strlen(label); - } - - ret = sscanf(plabel, "execute=\"%s", label); - if (ret > 0) { - LOGINFO(", exec: \"%s", label); - set_label(pathname, label, SMACK_LABEL_EXEC); - plabel = plabel + sizeof(" execute=\"") + strlen(label); - } - - ret = sscanf(plabel, "mmap=\"%s", label); - if (ret > 0) { - LOGINFO(", mmap: \"%s", label); - set_label(pathname, label, SMACK_LABEL_MMAP); - plabel = plabel + sizeof(" mmap=\"") + strlen(label); - } - - ret = sscanf(plabel, "transmute=\"%s", label); - if (ret > 0) { - LOGINFO(", transmute: \"%s", label); - strncpy(label, "1\"", SMACK_LABEL_LEN); - set_label(pathname, label, SMACK_LABEL_TRANSMUTE); - } - LOGINFO("\n"); - - } - - fclose(fp); - return 0; -} - -int main(int argc, char *argv[]) -{ - if (argc < 2) { - print_help(argv[0]); - return -1; - } - if (parse_and_set(argv[1]) < 0) { - print_help(argv[0]); - return -1; - } - return 0; -} -- 2.7.4 From 4b23623f4eaf6455df2b1eb1652943c94ba6fee7 Mon Sep 17 00:00:00 2001 From: Jeon Sang-Heon Date: Fri, 18 Dec 2020 12:32:50 +0000 Subject: [PATCH 03/16] link dbus sockets to system-update.target.wants - End of RW update, reboot doesn't work because dbus doesn't activated. - To solve above problem, force active dbus socket with rw update Change-Id: Ifae69bf649ca180a538ce5851b9ba455daee587e Signed-off-by: Jeon Sang-Heon --- packaging/system-rw-update.spec | 1 + 1 file changed, 1 insertion(+) diff --git a/packaging/system-rw-update.spec b/packaging/system-rw-update.spec index 070f222..68afecb 100644 --- a/packaging/system-rw-update.spec +++ b/packaging/system-rw-update.spec @@ -44,6 +44,7 @@ install -m 644 units/offline-update.service %{buildroot}%{_unitdir} ln -s ../offline-update.service %{buildroot}%{_unitdir}/system-update.target.wants/offline-update.service ln -s ../getty.target %{buildroot}%{_unitdir}/system-update.target.wants ln -s ../cynara.socket %{buildroot}%{_unitdir}/system-update.target.wants +ln -s ../dbus.socket %{buildroot}%{_unitdir}/system-update.target.wants # SDB debugging install -m 644 units/udev-sdb-init.service %{buildroot}%{_unitdir} -- 2.7.4 From 4b4e2889239f180b07eab62e1c4e8319cf1ad6c8 Mon Sep 17 00:00:00 2001 From: Kunhoon Baik Date: Mon, 21 Dec 2020 17:11:14 +0900 Subject: [PATCH 04/16] Change output of stdout/stderr to log file. Remove previous case by case log mechasim. Instead of such way, system-rw-update will log whole stdout/stderr into the @TZ_SYS_VAR@/log/system-rw-update.log Change-Id: If265c863be7bc317277bdbd98628995230d72b56 --- units/offline-update.service.in | 3 ++ upgrade/update.sh.in | 61 +++++++++++++++++++++++++++++------------ 2 files changed, 47 insertions(+), 17 deletions(-) diff --git a/units/offline-update.service.in b/units/offline-update.service.in index 5fb87e2..3634da5 100644 --- a/units/offline-update.service.in +++ b/units/offline-update.service.in @@ -7,4 +7,7 @@ After=sysinit.target [Service] Type=oneshot SmackProcessLabel=System::Privileged +ExecStartPre=/bin/rm -f @TZ_SYS_VAR@/log/system-rw-update.log ExecStart=@TZ_SYS_UPGRADE@/update-init.sh +StandardOutput=file:@TZ_SYS_VAR@/log/system-rw-update.log +StandardError=file:@TZ_SYS_VAR@/log/system-rw-update.log diff --git a/upgrade/update.sh.in b/upgrade/update.sh.in index 014f21f..7cce7b2 100755 --- a/upgrade/update.sh.in +++ b/upgrade/update.sh.in @@ -4,6 +4,11 @@ # PATH=/bin:/usr/bin:/sbin:/usr/sbin +COLOR_ERROR='\033[01;31m' +COLOR_DEBUG='\033[01;34m' +COLOR_NOTIFY='\033[01;33m' +COLOR_RESET='\033[00;00m' + RW_UPDATE_ERROR_NONE=00 UPI_RW_UPDATE_ERROR_PREFIX=FA @@ -11,18 +16,35 @@ UPI_RW_UPDATE_ERROR=${UPI_RW_UPDATE_ERROR_PREFIX}1A TMP_DIR=/tmp/upgrade UPDATE_DIR=@TZ_SYS_UPGRADE@ -PATCH_DIR=@TZ_SYS_UPGRADE_SCRIPTS@ +UPDATE_SCRIPT_DIR=@TZ_SYS_UPGRADE_SCRIPTS@ UPDATE_DATA_DIR=/opt/data/update -LOG_FILE=${UPDATE_DATA_DIR}/rw_update.log RESULT_FILE=${UPDATE_DATA_DIR}/result SDB_RULE=${UPDATE_DATA_DIR}/99-sdb-switch.rules VERSION_FILE=/opt/etc/version RW_MACRO=${UPDATE_DIR}/rw-update-macro.inc -RUN=/bin/sh +SHELL=/bin/bash RW_GUI= RW_ANI=/usr/bin/rw-update-ani +DEBUG() +{ + LOG_TEXT=$1 + echo -e "${COLOR_DEBUG}${LOG_TEXT}${COLOR_RESET}" +} + +ERROR() +{ + LOG_TEXT=$1 + echo -e "${COLOR_ERROR}${LOG_TEXT}${COLOR_RESET}" +} + +NOTIFY() +{ + LOG_TEXT=$1 + echo -e "${COLOR_NOTIFY}${LOG_TEXT}${COLOR_RESET}" +} + #------------------------------------------------ # shell script verity check # return 0 : pass @@ -32,7 +54,7 @@ RW_ANI=/usr/bin/rw-update-ani Verity_Check() { if [ "z$1" = "z" ]; then - echo "Input Shell Script Null" >> ${LOG_FILE} + DEBUG "Verity_Check: Input is Null" return 1 fi @@ -47,18 +69,18 @@ Verity_Check() { md5list=`/usr/bin/grep ${SC_FILE} ${SC_LIST} | /usr/bin/awk -F' ' '{print $2}'` if [ "$md5result" = "$md5list" ]; then - echo "[PASS ] ${SC_FILE} verity check" >> ${LOG_FILE} + DEBUG "Verity_Check: [PASS] ${SC_FILE} verity check" return 0 else - echo "[MISMATCH] ${SC_FILE} md5sum" >> ${LOG_FILE} + ERROR "Verity_Check: [MISMATCH] ${SC_FILE} md5sum" return 2 fi else - echo "[No entry] ${SC_FILE} in ${SC_LIST}" >> ${LOG_FILE} + ERROR "Verity_Check: [NO ENTRY] ${SC_FILE} in ${SC_LIST}" return 1 fi else - echo "No such file ${SC_LIST}" >> ${LOG_FILE} + ERROR "Verity_Check: No script list file ${SC_LIST}" return 1 fi } @@ -74,17 +96,17 @@ fi mkdir -p ${RECOVERY_DIR} -echo "System RW update: rw update started" > ${LOG_FILE} +NOTIFY "System RW update: rw update started" # Execute update scripts -if [ ! -d ${PATCH_DIR} ] +if [ ! -d ${UPDATE_SCRIPT_DIR} ] then - echo "FAIL: Upgrade directory does not exist" >> ${LOG_FILE} + ERROR "FAIL: Upgrade directory does not exist" echo "${UPI_RW_UPDATE_ERROR}" > ${RESULT_FILE} else if [ "${RW_GUI}" = "1" ]; then progress=0 - total=`ls -l ${PATCH_DIR} | grep -c '^-'` + total=`ls -l ${UPDATE_SCRIPT_DIR} | grep -c '^-'` mkdir -p ${TMP_DIR} echo ${total} > ${TMP_DIR}/total export XDG_RUNTIME_DIR=/run @@ -92,21 +114,26 @@ else /usr/bin/rw-update-ani --wait & fi - PATCHES=`/bin/ls ${PATCH_DIR}` + UPDATE_SCRIPTS=`/bin/ls ${UPDATE_SCRIPT_DIR}` - for PATCH in ${PATCHES}; do + for UPSCRIPT in ${UPDATE_SCRIPTS}; do if [ "${RW_GUI}" = "1" ]; then progress=$((progress+1)) echo ${progress} > ${TMP_DIR}/progress fi - Verity_Check ${PATCH_DIR}/${PATCH} + Verity_Check ${UPDATE_SCRIPT_DIR}/${UPSCRIPT} # Without verification result, run all scripts - ${RUN} ${PATCH_DIR}/${PATCH} + ${SHELL} ${UPDATE_SCRIPT_DIR}/${UPSCRIPT} + if [ $? -ne 0 ]; then + ERROR "[FAIL] ${UPSCRIPT}" + else + DEBUG "[DONE] ${UPSCRIPT}" + fi done sync - echo "SUCCESS: Upgrade successfully finished" >> ${LOG_FILE} + NOTIFY "SUCCESS: Upgrade successfully finished" echo "${RW_UPDATE_ERROR_NONE}" > ${RESULT_FILE} fi -- 2.7.4 From c018d6f4ca27882927dc3b5d70cb654bf2049ea1 Mon Sep 17 00:00:00 2001 From: Kichan Kwon Date: Mon, 21 Dec 2020 17:38:16 +0900 Subject: [PATCH 05/16] No more check hash value of RW script - Hash checking is for MCD FOTA - To prevent modification without notice - MCD no more uses ours, so we don't have to retain it which bothers script developer Change-Id: Ib473ce99adfe592a574fc01975e61fdff2479fce Signed-off-by: Kichan Kwon --- packaging/system-rw-update.spec | 3 --- rw-script-list/add_rwscript.sh | 31 ------------------------------ rw-script-list/del_rwscript.sh | 22 --------------------- rw-script-list/extract_list.sh | 23 ---------------------- rw-script-list/image_info.txt | 2 -- rw-script-list/rw-script.list | 16 ---------------- upgrade/update.sh.in | 42 ----------------------------------------- 7 files changed, 139 deletions(-) delete mode 100755 rw-script-list/add_rwscript.sh delete mode 100755 rw-script-list/del_rwscript.sh delete mode 100755 rw-script-list/extract_list.sh delete mode 100644 rw-script-list/image_info.txt delete mode 100755 rw-script-list/rw-script.list diff --git a/packaging/system-rw-update.spec b/packaging/system-rw-update.spec index 4bacce7..ffe2c4e 100644 --- a/packaging/system-rw-update.spec +++ b/packaging/system-rw-update.spec @@ -53,9 +53,6 @@ ln -s ../dbus.socket %{buildroot}%{_unitdir}/system-update.target.wants install -m 644 units/udev-sdb-init.service %{buildroot}%{_unitdir} ln -s ../udev-sdb-init.service %{buildroot}%{_unitdir}/system-update.target.wants -# rw-script-list -cp -f rw-script-list/rw-script.list %{buildroot}%{_datadir}/upgrade - %clean rm -rf %{buildroot} diff --git a/rw-script-list/add_rwscript.sh b/rw-script-list/add_rwscript.sh deleted file mode 100755 index 326079b..0000000 --- a/rw-script-list/add_rwscript.sh +++ /dev/null @@ -1,31 +0,0 @@ -#!/bin/bash - -if [ "$#" != "1" ]; then - echo "Usage:" - echo "add_rwscript.sh " - echo " ex) add_rwscript.sh /home/work3/rw-updater/model/common/scripts/100.rw-updater.recovery.patch.sh" - exit; -fi - -FULLPATH=$1 -SC_NAME=`basename "${FULLPATH}"` - -grep ${SC_NAME} rw-script.list > /dev/null 2>&1 -if [ $? -eq 0 ]; then - cp rw-script.list rw-script.bak - grep -v ${SC_NAME} rw-script.bak > rw-script.list - rm -f rw-script.bak -fi - -POST=`date +"%d%H%M%S"` - -ret=`md5sum ${FULLPATH}` -mret=($(/bin/echo $ret)) -md5result=${mret[0]} - -cp rw-script.list rw-script.bak -echo "${SC_NAME} ${md5result}" >> rw-script.bak -sort -d rw-script.bak > rw-script.list - -rm -f rw-script.bak -echo "Add DONE: ${SC_NAME} ${md5sum}" diff --git a/rw-script-list/del_rwscript.sh b/rw-script-list/del_rwscript.sh deleted file mode 100755 index cc2346a..0000000 --- a/rw-script-list/del_rwscript.sh +++ /dev/null @@ -1,22 +0,0 @@ -#!/bin/bash - -if [ "$#" != "1" ]; then - echo "Usage:" - echo "del_rwscript.sh " - echo " ex) del_rwscript.sh 220.evas.patch.sh" - exit; -fi - -SC_NAME="$1" - -grep ${SC_NAME} rw-script.list > /dev/null 2>&1 -if [ $? -ne 0 ]; then - echo "No entry ${SC_NAME} in rw-script list" - exit -fi - -cp rw-script.list rw-script.bak -grep -v ${SC_NAME} rw-script.bak > rw-script.list - -rm -f rw-script.bak -echo "Remove DONE: ${SC_NAME} ${GIT_NAME}" diff --git a/rw-script-list/extract_list.sh b/rw-script-list/extract_list.sh deleted file mode 100755 index 50a0db3..0000000 --- a/rw-script-list/extract_list.sh +++ /dev/null @@ -1,23 +0,0 @@ -#!/bin/bash -# -# extract_list.sh -# Extract RW script list from target device -# - -TEMP_DIR=extract_scripts -SCRIPTS_PATH=/usr/share/upgrade/scripts -MODEL_CONFIG=/etc/config/model-config.xml - -if [ -e ${TEMP_DIR} ]; then - rm -rf ${TEMP_DIR} -fi -mkdir ${TEMP_DIR} - -sdb root on -sdb pull ${SCRIPTS_PATH} ${TEMP_DIR} - -for SCRIPT in ${TEMP_DIR}/*; do - ./add_rwscript.sh ${SCRIPT} -done - -rm -rf ${TEMP_DIR} diff --git a/rw-script-list/image_info.txt b/rw-script-list/image_info.txt deleted file mode 100644 index 2aa1b26..0000000 --- a/rw-script-list/image_info.txt +++ /dev/null @@ -1,2 +0,0 @@ -Base image of RW script list: -tizen-4.0-unified_20171215.1_wearable-wayland-armv7l-tw1 diff --git a/rw-script-list/rw-script.list b/rw-script-list/rw-script.list deleted file mode 100755 index 6de84fe..0000000 --- a/rw-script-list/rw-script.list +++ /dev/null @@ -1,16 +0,0 @@ -201.security_upgrade.sh 869f8e1ba11ee37a17abe1d519a95bc8 -290.buxton2_upgrade.sh ff3ec647dd4c0360b56b3757ae43829a -295.key-manager_upgrade.sh 646b5031c415222c71b4b767c817e7d0 -500.account-manager.sh 43f8ff185180167241e1cd091f66dc06 -500.connman_upgrade.sh 14efbfe125f33d44b22ade08ea64968c -500.crash-manager-upgrade.sh 28c936a201035b086c37dd0438468726 -500.edge-orchestration-upgrade.sh 3284627d8fcfda64b5a50356740ecc4a -500.efl-misc.sh a74f47437c226f3723c02e5759de2ea0 -500.ode_upgrade.sh 1d9b1b99222f780d3b450194fcb75ea9 -500.stc-manager_upgrade.sh d8d98fd0881ec7e3db0a521389c99a6e -500.winsys_upgrade.sh 29ac61e4ac32a27705580614646bf7f0 -501.component_upgrade.sh aa728b7c613daa45e187f7663dc184e8 -502.syspopup_upgrade.sh 369ec9ab48fae5598e24091d76df4175 -504.watchface_complication_upgrade.sh bb3dfebd83cf95cda1a73738b27538a5 -505.notification_upgrade.sh 11dab5281d1a5965ff6a22d8aa37ba4c -700.pkgmgr.patch.sh f2a3ad5d4c7e25b152b2d50d4d7d9117 diff --git a/upgrade/update.sh.in b/upgrade/update.sh.in index 7cce7b2..5620347 100755 --- a/upgrade/update.sh.in +++ b/upgrade/update.sh.in @@ -46,46 +46,6 @@ NOTIFY() } #------------------------------------------------ -# shell script verity check -# return 0 : pass -# return 1 : no entry in rw-script.list -# return 2 : verity fail -#------------------------------------------------ -Verity_Check() { - - if [ "z$1" = "z" ]; then - DEBUG "Verity_Check: Input is Null" - return 1 - fi - - SC_FILE=`/usr/bin/basename $1` - SC_LIST=${UPDATE_DIR}/rw-script.list - if [ -f ${SC_LIST} ]; then - grep ${SC_FILE} ${SC_LIST} > /dev/null 2>&1 - if [ "$?" = "0" ]; then - ret=`/usr/bin/md5sum "$1"` - mret=($(/bin/echo $ret)) - md5result=${mret[0]} - - md5list=`/usr/bin/grep ${SC_FILE} ${SC_LIST} | /usr/bin/awk -F' ' '{print $2}'` - if [ "$md5result" = "$md5list" ]; then - DEBUG "Verity_Check: [PASS] ${SC_FILE} verity check" - return 0 - else - ERROR "Verity_Check: [MISMATCH] ${SC_FILE} md5sum" - return 2 - fi - else - ERROR "Verity_Check: [NO ENTRY] ${SC_FILE} in ${SC_LIST}" - return 1 - fi - else - ERROR "Verity_Check: No script list file ${SC_LIST}" - return 1 - fi -} - -#------------------------------------------------ # main #------------------------------------------------ @@ -121,8 +81,6 @@ else progress=$((progress+1)) echo ${progress} > ${TMP_DIR}/progress fi - Verity_Check ${UPDATE_SCRIPT_DIR}/${UPSCRIPT} - # Without verification result, run all scripts ${SHELL} ${UPDATE_SCRIPT_DIR}/${UPSCRIPT} if [ $? -ne 0 ]; then ERROR "[FAIL] ${UPSCRIPT}" -- 2.7.4 From 38cd1f62cfbe350f3859fd3bdda3076dc6ca2ab4 Mon Sep 17 00:00:00 2001 From: Kunhoon Baik Date: Mon, 21 Dec 2020 18:03:29 +0900 Subject: [PATCH 06/16] Add missing Tizen platform config Change-Id: Iaf6a4d95c45ea61e34fc83840796807f0892b1bc --- packaging/system-rw-update.spec | 1 + 1 file changed, 1 insertion(+) diff --git a/packaging/system-rw-update.spec b/packaging/system-rw-update.spec index ffe2c4e..fadcaaa 100644 --- a/packaging/system-rw-update.spec +++ b/packaging/system-rw-update.spec @@ -28,6 +28,7 @@ cp %{SOURCE1001} . export LDFLAGS+="-Wl,--rpath=%{_prefix}/lib -Wl,--as-needed" LDFLAGS="$LDFLAGS" cmake . -DCMAKE_INSTALL_PREFIX=%{_prefix} \ + -DTZ_SYS_VAR=%TZ_SYS_VAR \ -DTZ_SYS_UPGRADE=%TZ_SYS_UPGRADE \ -DTZ_SYS_UPGRADE_SCRIPTS=%TZ_SYS_UPGRADE_SCRIPTS %__make %{?_smp_mflags} -- 2.7.4 From 757901f3929a2f94b99ad80727b2a9f974bc093e Mon Sep 17 00:00:00 2001 From: Kunhoon Baik Date: Tue, 22 Dec 2020 11:01:25 +0900 Subject: [PATCH 07/16] Refactoring RW Update - Separation of Update Progress Function - Seperation of Update Result Function with Error Change-Id: I316c8afe2410e565927e5be9c7535843580f8fd4 Signed-off-by: Kunhoon Baik --- packaging/system-rw-update.spec | 12 ++-- upgrade/update.sh.in | 125 ++++++++++++++++++++++++---------------- 2 files changed, 80 insertions(+), 57 deletions(-) diff --git a/packaging/system-rw-update.spec b/packaging/system-rw-update.spec index fadcaaa..a361b6e 100644 --- a/packaging/system-rw-update.spec +++ b/packaging/system-rw-update.spec @@ -1,5 +1,5 @@ Name: system-rw-update -Summary: System RW update management +Summary: System RW Update Manager Version: 1.2.4 Release: 0 Group: Base/Startup @@ -8,16 +8,17 @@ Source0: %{name}-%{version}.tar.bz2 Source1001: %{name}.manifest BuildRequires: cmake -BuildRequires: pkgconfig(libsmack) BuildRequires: pkgconfig(libtzplatform-config) # rstsmack is provided by Public factory-reset # Please consider it when you migrate this package Requires: %{_bindir}/rstsmack +%define upgrade_dir %TZ_SYS_UPGRADE + %description -This package provides files for RW update -which is implemented by using systemd offline update. +System RW update manager provides interface for running platform/application update scripts +after software is updated to new version which is implemented by using systemd offline update. %prep %setup -q @@ -35,7 +36,6 @@ cmake . -DCMAKE_INSTALL_PREFIX=%{_prefix} \ %install -%define upgrade_dir %TZ_SYS_UPGRADE mkdir -p %{buildroot}%{upgrade_dir} cp upgrade/99-sdb-switch.rules %{buildroot}%{upgrade_dir} cp upgrade/install-sdb-rule.sh %{buildroot}%{upgrade_dir} @@ -45,7 +45,7 @@ cp upgrade/update-init.sh %{buildroot}%{upgrade_dir} cp upgrade/update.sh %{buildroot}%{upgrade_dir} mkdir -p %{buildroot}%{_unitdir}/system-update.target.wants install -m 644 units/offline-update.service %{buildroot}%{_unitdir} -ln -s ../offline-update.service %{buildroot}%{_unitdir}/system-update.target.wants/offline-update.service +ln -s ../offline-update.service %{buildroot}%{_unitdir}/system-update.target.wants/ ln -s ../getty.target %{buildroot}%{_unitdir}/system-update.target.wants ln -s ../cynara.socket %{buildroot}%{_unitdir}/system-update.target.wants ln -s ../dbus.socket %{buildroot}%{_unitdir}/system-update.target.wants diff --git a/upgrade/update.sh.in b/upgrade/update.sh.in index 5620347..3377c2c 100755 --- a/upgrade/update.sh.in +++ b/upgrade/update.sh.in @@ -1,31 +1,20 @@ #!/bin/sh # -# RW update script +# System RW Update Script # -PATH=/bin:/usr/bin:/sbin:/usr/sbin COLOR_ERROR='\033[01;31m' COLOR_DEBUG='\033[01;34m' COLOR_NOTIFY='\033[01;33m' COLOR_RESET='\033[00;00m' +PATH=/bin:/usr/bin:/sbin:/usr/sbin +SHELL=/bin/bash -RW_UPDATE_ERROR_NONE=00 - -UPI_RW_UPDATE_ERROR_PREFIX=FA -UPI_RW_UPDATE_ERROR=${UPI_RW_UPDATE_ERROR_PREFIX}1A - -TMP_DIR=/tmp/upgrade -UPDATE_DIR=@TZ_SYS_UPGRADE@ UPDATE_SCRIPT_DIR=@TZ_SYS_UPGRADE_SCRIPTS@ UPDATE_DATA_DIR=/opt/data/update -RESULT_FILE=${UPDATE_DATA_DIR}/result SDB_RULE=${UPDATE_DATA_DIR}/99-sdb-switch.rules -VERSION_FILE=/opt/etc/version -RW_MACRO=${UPDATE_DIR}/rw-update-macro.inc -SHELL=/bin/bash -RW_GUI= -RW_ANI=/usr/bin/rw-update-ani +RW_MACRO=@TZ_SYS_UPGRADE@/rw-update-macro.inc DEBUG() { @@ -45,67 +34,101 @@ NOTIFY() echo -e "${COLOR_NOTIFY}${LOG_TEXT}${COLOR_RESET}" } -#------------------------------------------------ -# main -#------------------------------------------------ +PROGRESS_DIR=/tmp/upgrade +PROGRESS_INIT() +{ + mkdir -p ${PROGRESS_DIR} + echo "$1" > ${PROGRESS_DIR}/total + echo "0" > ${PROGRESS_DIR}/progress -# Check GUI availability -if [ -e ${RW_ANI} ]; then - RW_GUI=1 -fi + # if GUI is available, run the GUI + if [ -e "/usr/bin/rw-update-ani" ]; then + export XDG_RUNTIME_DIR=/run + export TBM_DISPLAY_SERVER=1 + /usr/bin/rw-update-ani --wait & + fi +} + +PROGRESS() +{ + echo "$1" > ${PROGRESS_DIR}/progress +} -mkdir -p ${RECOVERY_DIR} +# This result file will be used for Platform Update Control API to get update result. +UPDATE_RESULT_FILE=${UPDATE_DATA_DIR}/result +UPI_RW_UPDATE_ERROR_NONE=00 +UPI_RW_UPDATE_ERROR_PREFIX=FA +UPI_RW_UPDATE_ERROR_FAIL=${UPI_RW_UPDATE_ERROR_PREFIX}1A +SET_UPDATE_RESULT() +{ + echo "$1" > ${UPDATE_RESULT_FILE} +} +NOTIFY "----------------------------------------------------------------------" NOTIFY "System RW update: rw update started" -# Execute update scripts +UPDATE_PREPARE_ERR=0 +UPDATE_PROGRESS_ERR=0 + +if [ -f $RW_MACRO ]; +then + source $RW_MACRO +else + ERROR "FAIL: Upgrade macro does not exist" + UPDATE_PREPARE_ERR=1 +fi + if [ ! -d ${UPDATE_SCRIPT_DIR} ] then ERROR "FAIL: Upgrade directory does not exist" - echo "${UPI_RW_UPDATE_ERROR}" > ${RESULT_FILE} + UPDATE_PREPARE_ERR=1 +fi + +# Execute update scripts +if [ ${UPDATE_PREPARE_ERR} = "1" ] +then + ERROR "FAIL: Update preparation was failed" + SET_UPDATE_RESULT ${UPI_RW_UPDATE_ERROR_FAIL} else - if [ "${RW_GUI}" = "1" ]; then - progress=0 - total=`ls -l ${UPDATE_SCRIPT_DIR} | grep -c '^-'` - mkdir -p ${TMP_DIR} - echo ${total} > ${TMP_DIR}/total - export XDG_RUNTIME_DIR=/run - export TBM_DISPLAY_SERVER=1 - /usr/bin/rw-update-ani --wait & - fi + get_version_info + DEBUG "Version OLD: ${OLD_VER}, NEW: ${NEW_VER}" - UPDATE_SCRIPTS=`/bin/ls ${UPDATE_SCRIPT_DIR}` + TOTAL_TASKS=`ls -l ${UPDATE_SCRIPT_DIR} | grep -c '^-'` + PROGRESS_INIT ${TOTAL_TASKS} + UPDATE_SCRIPTS=`/bin/ls ${UPDATE_SCRIPT_DIR}` + NOTIFY "TOTAL TASKS: ${TOTAL_TASKS}" for UPSCRIPT in ${UPDATE_SCRIPTS}; do - if [ "${RW_GUI}" = "1" ]; then - progress=$((progress+1)) - echo ${progress} > ${TMP_DIR}/progress - fi + NOTIFY "CURRENT TASK: ${CURRENT_TASK} ${UPSCRIPT}" ${SHELL} ${UPDATE_SCRIPT_DIR}/${UPSCRIPT} if [ $? -ne 0 ]; then ERROR "[FAIL] ${UPSCRIPT}" + UPDATE_PROGRESS_ERR=1 else DEBUG "[DONE] ${UPSCRIPT}" fi + PROGRESS ${CURRENT_TASK} + CURRENT_TASK=$(( ${CURRENT_TASK} + 1 )) done - sync + write_version_info - NOTIFY "SUCCESS: Upgrade successfully finished" - echo "${RW_UPDATE_ERROR_NONE}" > ${RESULT_FILE} + if [ ${UPDATE_PROGRESS_ERR} = "1" ] + then + NOTIFY "SUCCESS: Upgrade finished, but some scripts are failed" + SET_UPDATE_RESULT ${UPI_RW_UPDATE_ERROR_FAIL} + else + NOTIFY "SUCCESS: Upgrade successfully finished" + SET_UPDATE_RESULT ${UPI_RW_UPDATE_ERROR_NONE} + fi fi if [ -e ${SDB_RULE} ]; then rm ${SDB_RULE} fi -if [ -e ${VERSION_FILE} ]; then - rm ${VERSION_FILE} - if [ -e ${RW_MACRO} ]; then - source ${RW_MACRO} - write_version_info - fi -fi +/bin/sync +NOTIFY "----------------------------------------------------------------------" -# Reboot -reboot -f +#Reboot +/sbin/reboot -f -- 2.7.4 From 37510617ecd3220197406c30b0ac8a9e6a7665e6 Mon Sep 17 00:00:00 2001 From: Mateusz Moscicki Date: Mon, 1 Mar 2021 15:09:28 +0100 Subject: [PATCH 08/16] Add checkpoint for user and system_data partitions. Change-Id: Ibde9fb6e98d6128549d5a11e417a3d461dce293b --- CMakeLists.txt | 1 + packaging/system-rw-update.spec | 18 +++++++++- units/data-checkpoint.service.in | 17 +++++++++ units/data-checkpoint.target | 7 ++++ units/udev-trigger-dmbow@.service | 17 +++++++++ upgrade/update-checkpoint-create.sh | 69 +++++++++++++++++++++++++++++++++++++ upgrade/update.sh.in | 2 +- 7 files changed, 129 insertions(+), 2 deletions(-) create mode 100644 units/data-checkpoint.service.in create mode 100644 units/data-checkpoint.target create mode 100644 units/udev-trigger-dmbow@.service create mode 100755 upgrade/update-checkpoint-create.sh diff --git a/CMakeLists.txt b/CMakeLists.txt index fdf84fd..5481ce4 100755 --- a/CMakeLists.txt +++ b/CMakeLists.txt @@ -7,3 +7,4 @@ CONFIGURE_FILE(upgrade/update.sh.in upgrade/update.sh @ONL CONFIGURE_FILE(upgrade/record-version.sh.in upgrade/record-version.sh @ONLY) CONFIGURE_FILE(units/udev-sdb-init.service.in units/udev-sdb-init.service @ONLY) CONFIGURE_FILE(units/offline-update.service.in units/offline-update.service @ONLY) +CONFIGURE_FILE(units/data-checkpoint.service.in units/data-checkpoint.service @ONLY) diff --git a/packaging/system-rw-update.spec b/packaging/system-rw-update.spec index a361b6e..aa184e2 100644 --- a/packaging/system-rw-update.spec +++ b/packaging/system-rw-update.spec @@ -1,6 +1,6 @@ Name: system-rw-update Summary: System RW Update Manager -Version: 1.2.4 +Version: 1.3.0 Release: 0 Group: Base/Startup License: Apache-2.0 @@ -43,6 +43,7 @@ cp upgrade/record-version.sh %{buildroot}%{upgrade_dir} cp upgrade/rw-update-macro.inc %{buildroot}%{upgrade_dir} cp upgrade/update-init.sh %{buildroot}%{upgrade_dir} cp upgrade/update.sh %{buildroot}%{upgrade_dir} +cp upgrade/update-checkpoint-create.sh %{buildroot}%{upgrade_dir} mkdir -p %{buildroot}%{_unitdir}/system-update.target.wants install -m 644 units/offline-update.service %{buildroot}%{_unitdir} ln -s ../offline-update.service %{buildroot}%{_unitdir}/system-update.target.wants/ @@ -54,6 +55,17 @@ ln -s ../dbus.socket %{buildroot}%{_unitdir}/system-update.target.wants install -m 644 units/udev-sdb-init.service %{buildroot}%{_unitdir} ln -s ../udev-sdb-init.service %{buildroot}%{_unitdir}/system-update.target.wants +# DM-BOW device prepare +install -m 644 units/udev-trigger-dmbow@.service %{buildroot}%{_unitdir} +ln -s ../udev-trigger-dmbow@.service %{buildroot}%{_unitdir}/system-update.target.wants/udev-trigger-dmbow@user.service + +# data checkpoint target +install -m 644 units/data-checkpoint.target %{buildroot}%{_unitdir} +install -m 644 units/data-checkpoint.service %{buildroot}%{_unitdir} +ln -s ../data-checkpoint.target %{buildroot}%{_unitdir}/system-update.target.wants +mkdir -p %{buildroot}%{_unitdir}/data-checkpoint.target.wants +ln -s ../data-checkpoint.service %{buildroot}%{_unitdir}/data-checkpoint.target.wants/data-checkpoint.service + %clean rm -rf %{buildroot} @@ -72,3 +84,7 @@ fi %{_unitdir}/offline-update.service %{_unitdir}/system-update.target.wants %{_unitdir}/udev-sdb-init.service +%{_unitdir}/udev-trigger-dmbow@.service +%{_unitdir}/data-checkpoint.target +%{_unitdir}/data-checkpoint.service +%{_unitdir}/data-checkpoint.target.wants/data-checkpoint.service diff --git a/units/data-checkpoint.service.in b/units/data-checkpoint.service.in new file mode 100644 index 0000000..566d935 --- /dev/null +++ b/units/data-checkpoint.service.in @@ -0,0 +1,17 @@ +[Unit] +Description=Data checkpoint +DefaultDependencies=no +Before=systemd-journald.service opt.mount opt-usr.mount + + +[Service] +Type=oneshot +ExecStart=@TZ_SYS_UPGRADE@/update-checkpoint-create.sh +RemainAfterExit=yes +StandardOutput=journal+console +StandardError=journal+console +SmackProcessLabel=System::Privileged + +[Install] +WantedBy=data-checkpoint.target + diff --git a/units/data-checkpoint.target b/units/data-checkpoint.target new file mode 100644 index 0000000..b4694c5 --- /dev/null +++ b/units/data-checkpoint.target @@ -0,0 +1,7 @@ +[Unit] +Description=Data checkpoint +DefaultDependencies=no +Conflicts=shutdown.target +Before=local-fs-pre.target +OnFailure=emergency.target +OnFailureJobMode=replace-irreversibly diff --git a/units/udev-trigger-dmbow@.service b/units/udev-trigger-dmbow@.service new file mode 100644 index 0000000..294619f --- /dev/null +++ b/units/udev-trigger-dmbow@.service @@ -0,0 +1,17 @@ +# If coldplug (systemd-udev-trigger.service) is called before the "local file +# system" target is reached, it will not be possible to mount created bow +# device because it will have the "SYSTEMD_READY=0" flag. This unit trigger the +# change action on the bow device to remove that flag, then systemd sees the +# device as available. + +[Unit] +Description=Trigger the change action on DM-BOW device if system update +DefaultDependencies=no +After=systemd-udev-trigger.service +Before=opt.mount opt-usr.mount +ConditionPathExists=/dev/mapper/bowdev_%i + +[Service] +SmackProcessLabel=System +Type=oneshot +ExecStart=/usr/sbin/udevadm trigger -c change /dev/mapper/bowdev_%i diff --git a/upgrade/update-checkpoint-create.sh b/upgrade/update-checkpoint-create.sh new file mode 100755 index 0000000..4f8ba2a --- /dev/null +++ b/upgrade/update-checkpoint-create.sh @@ -0,0 +1,69 @@ +#!/bin/bash +PATH="/usr/bin:/bin:/usr/sbin:/sbin" + +SYNC="/bin/sync" +REBOOT="/sbin/reboot" +MOUNT="/bin/mount" +UMOUNT="/bin/umount" +BLKID="/usr/sbin/blkid" +DMSETUP="/usr/sbin/dmsetup" +FSTRIM="/usr/sbin/fstrim" +STAT="/usr/bin/stat" + +SYSTEM_DATA_MNT="opt" +USER_MNT="opt/usr" + + +get_partition_id() { + PART_ROOTFS=$("$BLKID" --match-token PARTLABEL=rootfs -o device || "$BLKID" --match-token LABEL=rootfs -o device) + PART_SYSTEM_DATA=$("$BLKID" --match-token PARTLABEL=system-data -o device || "$BLKID" --match-token LABEL=system-data -o device) + PART_USER=$("$BLKID" --match-token PARTLABEL=user -o device || "$BLKID" --match-token LABEL=user -o device) +} + +mount_bow_partition() { + LABEL=${1} + PARTITION=${2} + DIRECTORY=${3} + BOWDEV_NAME=bowdev_${LABEL} + BOWDEV_PATH=/dev/mapper/${BOWDEV_NAME} + SECTORS=$( /sys/block/dm-${DM_NUMBER}/bow/state + echo "[Debug] Mounted ${PARTITION} as DM-BOW" +} + +mount_f2fs_partition() { + LABEL=${1} + PARTITION=${2} + DIRECTORY=${3} + "${MOUNT}" -o checkpoint=disable ${PARTITION} ${DIRECTORY} + echo "[Debug] Mounted ${PARTITION} as F2FS checkpoint=disable" +} + +mount_checkpoint_partition() { + LABEL=${1} + PARTITION=${2} + DIRECTORY=${3} + FSTYPE=$(lsblk -o FSTYPE -n "${PARTITION}") + + if [ "${FSTYPE}" = "ext4" ]; then + mount_bow_partition ${LABEL} ${PARTITION} ${DIRECTORY} + elif [ "${FSTYPE}" = "f2fs" ]; then + mount_f2fs_partition ${LABEL} ${PARTITION} ${DIRECTORY} + else + mount ${PARTITION} ${DIRECTORY} + fi +} + +get_partition_id + +mount_checkpoint_partition system-data ${PART_SYSTEM_DATA} /${SYSTEM_DATA_MNT} +if [ ! -z "${PART_USER}" ]; then + mount_checkpoint_partition user ${PART_USER} /${USER_MNT} +fi diff --git a/upgrade/update.sh.in b/upgrade/update.sh.in index 3377c2c..2d065dd 100755 --- a/upgrade/update.sh.in +++ b/upgrade/update.sh.in @@ -131,4 +131,4 @@ fi NOTIFY "----------------------------------------------------------------------" #Reboot -/sbin/reboot -f +reboot -f -- 2.7.4 From d173eb0c6cbda13ff7d44960b8e57ef7c8bc89f8 Mon Sep 17 00:00:00 2001 From: Mateusz Moscicki Date: Thu, 17 Jun 2021 13:48:52 +0200 Subject: [PATCH 09/16] Commit data changes after the upgrade success Change-Id: I87d238fce61ebbabe2710e143edd0b7646c36e96 --- upgrade/update.sh.in | 50 +++++++++++++++++++++++++++++++++++++++++++++++++- 1 file changed, 49 insertions(+), 1 deletion(-) diff --git a/upgrade/update.sh.in b/upgrade/update.sh.in index 2d065dd..4339f95 100755 --- a/upgrade/update.sh.in +++ b/upgrade/update.sh.in @@ -2,7 +2,8 @@ # # System RW Update Script # - +STATUS_FILE="/opt/data/update/RW.STATUS" +STAT="/usr/bin/stat" COLOR_ERROR='\033[01;31m' COLOR_DEBUG='\033[01;34m' COLOR_NOTIFY='\033[01;33m' @@ -64,6 +65,52 @@ SET_UPDATE_RESULT() echo "$1" > ${UPDATE_RESULT_FILE} } +COMMIT_BOW_PARTITION() +{ + LABEL=${1} + + BOWDEV_PATH=/dev/mapper/bowdev_${LABEL} + DM_NUMBER=$(($("${STAT}" -c "0x%T" $(readlink -f ${BOWDEV_PATH})))) + echo 2 > /sys/block/dm-${DM_NUMBER}/bow/state + NOTIFY "Changes on partition ${LABEL} commited (dm-bow)" +} + +COMMIT_F2FS_PARTITION() +{ + LABEL=${1} + PART_DEVICE=${2} + + mount -o remount,checkpoint=enable "${PART_DEVICE}" + NOTIFY "Changes on partition ${LABEL} commited (f2fs)" +} + +COMMIT_PARTITION() +{ + LABEL=${1} + + PART_DEVICE=$(blkid --match-token PARTLABEL="${LABEL}" -o device || blkid --match-token LABEL="${LABEL}" -o device) + if [ -z "${PART_DEVICE}" ]; then + NOTIFY "WARNING: Partition ${LABEL} not found" + return + fi + + TYPE=$(blkid --match-token LABEL="${LABEL}" -o value -s TYPE | tail -n 1) + if [ "${TYPE}" = "ext4" ]; then + COMMIT_BOW_PARTITION "${LABEL}" + elif [ "${TYPE}" = "f2fs" ]; then + COMMIT_F2FS_PARTITION "${LABEL}" ${PART_DEVICE} + else + ERROR "ERROR: Cannot commit ${LABEL}: Unsupported filesystem ${TYPE}" + fi +} + +COMMIT_CHANGES() +{ + rm ${STATUS_FILE} + COMMIT_PARTITION system-data + COMMIT_PARTITION user +} + NOTIFY "----------------------------------------------------------------------" NOTIFY "System RW update: rw update started" @@ -130,5 +177,6 @@ fi /bin/sync NOTIFY "----------------------------------------------------------------------" +COMMIT_CHANGES #Reboot reboot -f -- 2.7.4 From 274a7eac0599f259c1328f5bd32f61625bfe989c Mon Sep 17 00:00:00 2001 From: Mateusz Moscicki Date: Thu, 1 Jul 2021 15:52:43 +0200 Subject: [PATCH 10/16] Allow access to the progress file This is needed to automatic validation of checkpont & restore procedure. Change-Id: I72f6607b92e6612f06430c6e7a52259053e577f8 --- upgrade/update.sh.in | 3 +++ 1 file changed, 3 insertions(+) diff --git a/upgrade/update.sh.in b/upgrade/update.sh.in index 4339f95..747b4bc 100755 --- a/upgrade/update.sh.in +++ b/upgrade/update.sh.in @@ -41,6 +41,9 @@ PROGRESS_INIT() mkdir -p ${PROGRESS_DIR} echo "$1" > ${PROGRESS_DIR}/total echo "0" > ${PROGRESS_DIR}/progress + chsmack -a _ ${PROGRESS_DIR} + chsmack -a _ ${PROGRESS_DIR}/total + chsmack -a _ ${PROGRESS_DIR}/progress # if GUI is available, run the GUI if [ -e "/usr/bin/rw-update-ani" ]; then -- 2.7.4 From 2ebe5979b33174eab65958e7033fceb5c6fc6247 Mon Sep 17 00:00:00 2001 From: Ernest Borowski Date: Fri, 2 Jul 2021 21:59:26 +0000 Subject: [PATCH 11/16] Add support for btrfs partition type in checkpoint & restore Change-Id: I7fb05550e0a80537facc47e47a9c3fa267a9c97b Signed-off-by: Ernest Borowski --- upgrade/update-checkpoint-create.sh | 14 +++++++++++++- upgrade/update.sh.in | 24 ++++++++++++++++++++++++ 2 files changed, 37 insertions(+), 1 deletion(-) diff --git a/upgrade/update-checkpoint-create.sh b/upgrade/update-checkpoint-create.sh index 4f8ba2a..cb614ec 100755 --- a/upgrade/update-checkpoint-create.sh +++ b/upgrade/update-checkpoint-create.sh @@ -12,7 +12,7 @@ STAT="/usr/bin/stat" SYSTEM_DATA_MNT="opt" USER_MNT="opt/usr" - +BTRFS="/usr/sbin/btrfs" get_partition_id() { PART_ROOTFS=$("$BLKID" --match-token PARTLABEL=rootfs -o device || "$BLKID" --match-token LABEL=rootfs -o device) @@ -46,6 +46,16 @@ mount_f2fs_partition() { echo "[Debug] Mounted ${PARTITION} as F2FS checkpoint=disable" } +mount_btrfs_partition() { + LABEL=${1} + PARTITION=${2} + DIRECTORY=${3} + "${MOUNT}" -o rw ${PARTITION} ${DIRECTORY} + mkdir -p "${DIRECTORY}/fota" + "$BTRFS" subvolume snapshot "$DIRECTORY" "$DIRECTORY/fota/RO_update" + echo "[Debug] Mounted ${PARTITION} as btrfs" +} + mount_checkpoint_partition() { LABEL=${1} PARTITION=${2} @@ -56,6 +66,8 @@ mount_checkpoint_partition() { mount_bow_partition ${LABEL} ${PARTITION} ${DIRECTORY} elif [ "${FSTYPE}" = "f2fs" ]; then mount_f2fs_partition ${LABEL} ${PARTITION} ${DIRECTORY} + elif [ "${FSTYPE}" = "btrfs" ]; then + mount_btrfs_partition ${LABEL} ${PARTITION} ${DIRECTORY} else mount ${PARTITION} ${DIRECTORY} fi diff --git a/upgrade/update.sh.in b/upgrade/update.sh.in index 747b4bc..e2988f9 100755 --- a/upgrade/update.sh.in +++ b/upgrade/update.sh.in @@ -87,6 +87,28 @@ COMMIT_F2FS_PARTITION() NOTIFY "Changes on partition ${LABEL} commited (f2fs)" } +DELETE_BTRFS_PARTITION() { + PART="$1" + MNT_POINT="$("$FINDMNT" "$PART" -o TARGET)" + if [ "$MNT_POINT" = "" ]; then + ERROR "Unable to find btrfs mountpoint for: $PART" + return + fi + NOTIFY "Deleting btrfs snapshot" + mount -o remount,rw "${MNT_POINT}" + btrfs subvolume delete "$MNT_POINT"/fota/RO_update + rm -rf "$MNT_POINT/fota/RO_update" +} + + +COMMIT_BTRFS_PARTITION() +{ + LABEL=${1} + PART_SYSTEM_DATA=$(blkid --match-token PARTLABEL="${LABEL}" -o device || blkid --match-token LABEL="${LABEL}" -o device) + DELETE_BTRFS_PARTITION "${PART_SYSTEM_DATA}" + NOTIFY "Changes on partition ${LABEL} commited (btrfs)" +} + COMMIT_PARTITION() { LABEL=${1} @@ -102,6 +124,8 @@ COMMIT_PARTITION() COMMIT_BOW_PARTITION "${LABEL}" elif [ "${TYPE}" = "f2fs" ]; then COMMIT_F2FS_PARTITION "${LABEL}" ${PART_DEVICE} + elif [ "${TYPE}" = "btrfs" ]; then + COMMIT_BTRFS_PARTITION "${LABEL}" else ERROR "ERROR: Cannot commit ${LABEL}: Unsupported filesystem ${TYPE}" fi -- 2.7.4 From dc305775edaeb59b32897687d35dc78ebdc79f83 Mon Sep 17 00:00:00 2001 From: Mateusz Moscicki Date: Mon, 2 Aug 2021 16:43:46 +0200 Subject: [PATCH 12/16] Change the SMACK label for data-checkpoint.service The System label is sufficient to correctly create dm-bow device and mount partitions. Change-Id: Ica123bb8c71b3fa0cf14f045440a0de26c5eb207 --- units/data-checkpoint.service.in | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/units/data-checkpoint.service.in b/units/data-checkpoint.service.in index 566d935..866611f 100644 --- a/units/data-checkpoint.service.in +++ b/units/data-checkpoint.service.in @@ -10,7 +10,7 @@ ExecStart=@TZ_SYS_UPGRADE@/update-checkpoint-create.sh RemainAfterExit=yes StandardOutput=journal+console StandardError=journal+console -SmackProcessLabel=System::Privileged +SmackProcessLabel=System [Install] WantedBy=data-checkpoint.target -- 2.7.4 From 5e7db98f0b615daa88879dbe5eca09d69fd3dc56 Mon Sep 17 00:00:00 2001 From: Mateusz Moscicki Date: Fri, 6 Aug 2021 10:24:27 +0200 Subject: [PATCH 13/16] Change permissions with which the udev-trigger-dmbow@.service is started Change-Id: I2f0f383e4aff19e016fad410ab634f95b81e648e --- units/udev-trigger-dmbow@.service | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/units/udev-trigger-dmbow@.service b/units/udev-trigger-dmbow@.service index 294619f..85c92ef 100644 --- a/units/udev-trigger-dmbow@.service +++ b/units/udev-trigger-dmbow@.service @@ -14,4 +14,8 @@ ConditionPathExists=/dev/mapper/bowdev_%i [Service] SmackProcessLabel=System Type=oneshot +User=system_fw +Group=system_fw +Capabilities=cap_dac_override=i +SecureBits=keep-caps ExecStart=/usr/sbin/udevadm trigger -c change /dev/mapper/bowdev_%i -- 2.7.4 From c6490c7f1fe7029b6619d16196d12aa8d02fce92 Mon Sep 17 00:00:00 2001 From: Ernest Borowski Date: Thu, 19 Aug 2021 22:03:29 +0000 Subject: [PATCH 14/16] change restore mechanism on btrfs filesystem. Use subvolumes instead of cp to restore files, this will speedup restore and reduce local memory requirements. After update system will have ROOTFS subvolume located at root volume. / -- root volume /ROOTFS -- subvolume with actual data. ROOTFS subvolume is set as default one, so it will be transparent to system after update because mount will mount it at /. Change-Id: I36d40cf771b8d3cce662aa58fc669fc4c1f1df18 Signed-off-by: Ernest Borowski --- upgrade/update-checkpoint-create.sh | 6 ++++-- upgrade/update.sh.in | 5 ++++- 2 files changed, 8 insertions(+), 3 deletions(-) diff --git a/upgrade/update-checkpoint-create.sh b/upgrade/update-checkpoint-create.sh index cb614ec..452e463 100755 --- a/upgrade/update-checkpoint-create.sh +++ b/upgrade/update-checkpoint-create.sh @@ -50,9 +50,11 @@ mount_btrfs_partition() { LABEL=${1} PARTITION=${2} DIRECTORY=${3} - "${MOUNT}" -o rw ${PARTITION} ${DIRECTORY} + "${MOUNT}" -o subvolid=5,rw "${PARTITION}" "${DIRECTORY}" mkdir -p "${DIRECTORY}/fota" - "$BTRFS" subvolume snapshot "$DIRECTORY" "$DIRECTORY/fota/RO_update" + "$BTRFS" subvolume snapshot "$DIRECTORY/ROOTFS" "$DIRECTORY/fota/RO_update" + "$UMOUNT" "${DIRECTORY}" + "$MOUNT" -o rw "${PARTITION}" "${DIRECTORY}" echo "[Debug] Mounted ${PARTITION} as btrfs" } diff --git a/upgrade/update.sh.in b/upgrade/update.sh.in index e2988f9..4fc63a6 100755 --- a/upgrade/update.sh.in +++ b/upgrade/update.sh.in @@ -95,9 +95,12 @@ DELETE_BTRFS_PARTITION() { return fi NOTIFY "Deleting btrfs snapshot" - mount -o remount,rw "${MNT_POINT}" + umount "${MNT_POINT}" + mount -o subvolid=5,rw "${PART}" "${MNT_POINT}" btrfs subvolume delete "$MNT_POINT"/fota/RO_update rm -rf "$MNT_POINT/fota/RO_update" + umount "${MOUNT_POINT}" + mount -o rw "${PART}" "${MNT_POINT}" } -- 2.7.4 From 5de54625129ace255632429104e2f80709da4187 Mon Sep 17 00:00:00 2001 From: Mateusz Moscicki Date: Mon, 27 Sep 2021 18:56:21 +0200 Subject: [PATCH 15/16] Fix the updating of the RPM database Until now the RPM database has only been updated if the system version has changed. However such an update is needed even if the version number does not change. Change-Id: Ide8a6d7c5b79c18559c916895274145ae71c9b7b --- upgrade/update-init.sh.in | 9 +++------ 1 file changed, 3 insertions(+), 6 deletions(-) diff --git a/upgrade/update-init.sh.in b/upgrade/update-init.sh.in index 8f1d15b..c23c525 100755 --- a/upgrade/update-init.sh.in +++ b/upgrade/update-init.sh.in @@ -9,14 +9,11 @@ DEBUG_MODE_FILE=/opt/usr/.upgdebug if [ -f $RW_MACRO ]; then source $RW_MACRO - get_version_info fi -if [ ! "$OLD_VER" = "$NEW_VER" ]; then - # Restore rpm db - rm -rf /var/lib/rpm/* - restore_backup_file -f /opt/var/lib/rpm -fi +# Restore rpm db +rm -rf /var/lib/rpm/* +restore_backup_file -f /opt/var/lib/rpm # Permission Update for shared directories /etc/gumd/useradd.d/91_user-dbspace-permissions.post owner -- 2.7.4 From fff6248f7527c062ae3e7922643f38098272ef16 Mon Sep 17 00:00:00 2001 From: Mateusz Moscicki Date: Thu, 28 Oct 2021 17:08:40 +0200 Subject: [PATCH 16/16] No reboot after RW Update if there is A/B Update Change-Id: Ic2fa8cd56972b5c3676ebd6294bedf2eab5a8720 --- packaging/system-rw-update.spec | 6 ++++++ units/update-post.service | 12 ++++++++++++ upgrade/update-post.sh | 9 +++++++++ upgrade/update.sh.in | 5 +++-- 4 files changed, 30 insertions(+), 2 deletions(-) create mode 100644 units/update-post.service create mode 100755 upgrade/update-post.sh diff --git a/packaging/system-rw-update.spec b/packaging/system-rw-update.spec index aa184e2..4ede81a 100644 --- a/packaging/system-rw-update.spec +++ b/packaging/system-rw-update.spec @@ -44,6 +44,7 @@ cp upgrade/rw-update-macro.inc %{buildroot}%{upgrade_dir} cp upgrade/update-init.sh %{buildroot}%{upgrade_dir} cp upgrade/update.sh %{buildroot}%{upgrade_dir} cp upgrade/update-checkpoint-create.sh %{buildroot}%{upgrade_dir} +cp upgrade/update-post.sh %{buildroot}%{upgrade_dir} mkdir -p %{buildroot}%{_unitdir}/system-update.target.wants install -m 644 units/offline-update.service %{buildroot}%{_unitdir} ln -s ../offline-update.service %{buildroot}%{_unitdir}/system-update.target.wants/ @@ -66,6 +67,10 @@ ln -s ../data-checkpoint.target %{buildroot}%{_unitdir}/system-update.target.wan mkdir -p %{buildroot}%{_unitdir}/data-checkpoint.target.wants ln -s ../data-checkpoint.service %{buildroot}%{_unitdir}/data-checkpoint.target.wants/data-checkpoint.service +# RW-Update finalize +install -m 644 units/update-post.service %{buildroot}%{_unitdir} +ln -s ../update-post.service %{buildroot}%{_unitdir}/system-update.target.wants + %clean rm -rf %{buildroot} @@ -82,6 +87,7 @@ fi %license LICENSE.Apache-2.0 %TZ_SYS_UPGRADE/* %{_unitdir}/offline-update.service +%{_unitdir}/update-post.service %{_unitdir}/system-update.target.wants %{_unitdir}/udev-sdb-init.service %{_unitdir}/udev-trigger-dmbow@.service diff --git a/units/update-post.service b/units/update-post.service new file mode 100644 index 0000000..1c9ee29 --- /dev/null +++ b/units/update-post.service @@ -0,0 +1,12 @@ +[Unit] +Description=RW Update finalization +DefaultDependencies=no +Wants=offline-update.service +After=offline-update.service +IgnoreOnIsolate=true + +[Service] +Type=oneshot +SmackProcessLabel=System::Privileged +ExecStart=/usr/share/upgrade/update-post.sh + diff --git a/upgrade/update-post.sh b/upgrade/update-post.sh new file mode 100755 index 0000000..8f454c7 --- /dev/null +++ b/upgrade/update-post.sh @@ -0,0 +1,9 @@ +#!/bin/bash + +if [[ $(