f522047958
So far firmware validation result was binary limited: it was either
successful or not. That meant various limitations, e.g.:
1) Lack of proper feedback on validation problems
2) No way of marking firmware as totally broken (impossible to install)
This change introduces JSON for storing detailed validation info. It
provides a list of performed validation tests and their results. It
allows marking firmware as non-forceable (broken image that can't be
even forced to install).
Example:
{
"tests": {
"fwtool_signature": true,
"fwtool_device_match": true
},
"valid": true,
"forceable": true
}
Implementation is based on *internal* check_image bash script that:
1) Uses existing validation functions
2) Provides helpers for setting extra validation info
This allows e.g. platform_check_image() to call notify_check_broken()
when needed & prevent user from bricking a device.
Right now the new JSON info is used by /sbin/sysupgrade only. It still
doesn't make use of "forceable" as that is planned for later
development.
Further plans for this feature are:
1) Expose firmware validation using some new ubus method
2) Move validation step from /sbin/sysupgrade into "sysupgrade" ubus
method so:
a) It's possible to safely sysupgrade using ubus only
b) /sbin/sysupgrade can be more like just a CLI
Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
60 lines
1.4 KiB
Bash
Executable File
60 lines
1.4 KiB
Bash
Executable File
#!/bin/sh
|
|
|
|
. /lib/functions.sh
|
|
. /lib/functions/system.sh
|
|
. /usr/share/libubox/jshn.sh
|
|
|
|
include /lib/upgrade
|
|
|
|
VALID=1
|
|
FORCEABLE=1
|
|
|
|
# Mark image as invalid but still possible to install
|
|
notify_firmware_invalid() {
|
|
VALID=0
|
|
}
|
|
|
|
# Mark image as broken (impossible to install)
|
|
notify_firmware_broken() {
|
|
VALID=0
|
|
FORCEABLE=0
|
|
}
|
|
|
|
# Add result of validation test
|
|
notify_firmware_test_result() {
|
|
local old_ns
|
|
|
|
json_set_namespace validate_firmware_image old_ns
|
|
json_add_boolean "$1" "$2"
|
|
json_set_namespace $old_ns
|
|
}
|
|
|
|
err_to_bool() {
|
|
[ "$1" -ne 0 ] && echo 0 || echo 1
|
|
}
|
|
|
|
fwtool_check_signature "$1" >&2
|
|
FWTOOL_SIGNATURE=$?
|
|
[ "$FWTOOL_SIGNATURE" -ne 0 ] && notify_firmware_invalid
|
|
|
|
fwtool_check_image "$1" >&2
|
|
FWTOOL_DEVICE_MATCH=$?
|
|
[ "$FWTOOL_DEVICE_MATCH" -ne 0 ] && notify_firmware_invalid
|
|
|
|
json_set_namespace validate_firmware_image old_ns
|
|
json_init
|
|
json_add_object "tests"
|
|
json_add_boolean fwtool_signature "$(err_to_bool $FWTOOL_SIGNATURE)"
|
|
json_add_boolean fwtool_device_match "$(err_to_bool $FWTOOL_DEVICE_MATCH)"
|
|
|
|
# Call platform_check_image() here so it can add its test
|
|
# results and still mark image properly.
|
|
json_set_namespace $old_ns
|
|
platform_check_image "$1" >&2 || notify_firmware_invalid
|
|
json_set_namespace validate_firmware_image old_ns
|
|
json_close_object
|
|
json_add_boolean valid "$VALID"
|
|
json_add_boolean forceable "$FORCEABLE"
|
|
json_dump -i
|
|
json_set_namespace $old_ns
|