Changes between Version 47 and Version 48 of buildroot

Timestamp:

12/01/2021 11:22:30 PM (3 years ago)

Author:

Cale Collins

Comment:

added venice SWupdate section

buildroot

@@ -924 +924 @@
 Note that if you require support for SWUpdate to complete an install that isn't already there (for example you want to add the capability to update GSC firmware via the gsc_update utility) you will either need to a) add a static linked version of that tool to your image or b) do a 2-stage update where you add the required tools first, then use them in a future update
 
+=== For Venice
+
+In this example Buildroot branch 2021.08.x was used.
+
+Here are the relevant files to add to your buildroot directory:
+ * '''configs/venice_swupdate_defconfig''': Buildroot defconfig (represents the minimal 'changes' made to buildroot default config):
+{{{#!bash
+cat << EOF > configs/venice_swupdate_defconfig
+BR2_aarch64=y
+BR2_KERNEL_HEADERS_5_10=y
+BR2_ROOTFS_OVERLAY="overlay"
+BR2_LINUX_KERNEL=y
+BR2_LINUX_KERNEL_CUSTOM_GIT=y
+BR2_LINUX_KERNEL_CUSTOM_REPO_URL="https://github.com/Gateworks/linux-venice.git"
+BR2_LINUX_KERNEL_CUSTOM_REPO_VERSION="v5.10.18-venice"
+BR2_LINUX_KERNEL_USE_CUSTOM_CONFIG=y
+BR2_LINUX_KERNEL_CUSTOM_CONFIG_FILE="venice_minimal_kernel_defconfig"
+BR2_LINUX_KERNEL_INSTALL_TARGET=y
+BR2_PACKAGE_UBOOT_TOOLS=y
+BR2_PACKAGE_OPENSSL=y
+BR2_PACKAGE_LIBCONFIG=y
+BR2_PACKAGE_JSON_C=y
+BR2_PACKAGE_LIBCURL=y
+BR2_PACKAGE_SWUPDATE=y
+BR2_PACKAGE_SWUPDATE_CONFIG="swupdate.config"
+BR2_TARGET_ROOTFS_EXT2=y
+BR2_TARGET_ROOTFS_EXT2_4=y
+BR2_TARGET_ROOTFS_EXT2_GZIP=y
+EOF
+}}}
+  - Note that SWupdate reuqires ZLIB if we are going to use gzip compression
+
+ * '''Download or create a defconfig:'''
+{{{#!bash
+wget http://dev.gateworks.com/buildroot/venice/minimal/venice_minimal_kernel_defconfig
+}}}
+ * '''overlay/etc/fw_env.config''': config file for u-boot env tools fw_setenv
+{{{#!bash
+mkdir overlay
+mkdir overlay/etc
+cat << EOF > overlay/etc/fw_env.config
+# Device               offset          Env. size
+/dev/mmcblk2           0xff0000        0x8000
+/dev/mmcblk2           0xff8000        0x8000
+EOF
+}}}
+  - Note that this file is whitespace sensitive
+ * '''Create swupdate.config config file to build swupdate executable which drives the update process.'''
+{{{#!bash
+cat << EOF > swupdate.config
+# We do not need MTD or LUA support
+# CONFIG_MTD is not set
+# CONFIG_LUA is not set
+CONFIG_SIGNED_IMAGES=y
+CONFIG_ENCRYPTED_IMAGES=y
+# Suricatta provides support for fetching updates via a Hawkbit server if desired
+CONFIG_SURICATTA=y
+CONFIG_SURICATTA_SSL=y
+CONFIG_SURICATTA_STATE_CHOICE_BOOTLOADER=y
+# We need the raw handler to image to an MMC partition 
+CONFIG_RAW=y
+# We need the shellscript handler for our update.sh shellscript
+CONFIG_SHELLSCRIPTHANDLER=y
+# We need the bootloader handler to alter the u-boot environment
+CONFIG_BOOTLOADERHANDLER=y
+EOF
+}}}
+  * Note: The "BR2_PACKAGE_SWUPDATE_CONFIG=" Buildroot config argument could potenially point to an existing file, edit this peramater using menuconfig to point to the file you're creating here. 
+ * '''sw-description''': part of the actual firmware OTA which describes the process and file manifest of the update image. See [https://sbabic.github.io/swupdate/sw-description.html# here] for syntax
+{{{#!bash
+cat << EOF > sw-description
+software =
+{
+        version = "0.1.0";
+        description = "Firmware update for XXXXX Project";
+
+        /* images installed to the system */
+        images: (
+                {
+                        filename = "venice_swupdate.ext2.gz";
+                        device = "/dev/update";
+                        type = "raw";
+                        sha256 = "b443d32b1f2036d731a423f1c9fd6c05731eb107b48b84bc42be95c0c7b31f03";
+                        compressed = true;
+                }
+        );
+
+        scripts: (
+                {
+                        filename = "update.sh";
+                        type = "shellscript";
+                        sha256 = "80463da620c42e02f51b360a33a34d0f180992cbd398c0ea6db0a5d838fa3739";
+                }
+        );
+}
+EOF
+}}}
+  * Note: You will need to generate your own sha256, use the "sha256sum" command to do this.  Check that your filename is accurate.
+
+- '''update.sh''': This is the script that SWUpdate runs which we use as both a preinst and psotinst script (via cmdline). We determine the current root device and, flip it, and symlink /dev/update to the device to update to. We don't have to do the image install as we've configured SWUpdate to do that for us in sw-descrption images.
+{{{#!bash
+#!/bin/sh
+cat << EOF > sw-descrption
+if [ $# -lt 1 ]; then
+        exit 0;
+fi
+
+function get_current_root_device
+{
+        for i in `cat /proc/cmdline`; do
+                if [ ${i:0:5} = "root=" ]; then
+                        CURRENT_ROOT="${i:5}"
+                fi
+        done
+}
+
+# ping-pong between /dev/mmcblk2p1 and /dev/mmcblk2p2
+# (adapt for your partitioning scheme and/or root device type)
+function get_update_part
+{
+        CURRENT_PART="${CURRENT_ROOT:-/dev/mmcblk2p1}"
+        if [ $CURRENT_PART = "/dev/mmcblk2p1" ]; then
+                UPDATE_PART="2";
+        else
+                UPDATE_PART="1";
+        fi
+}
+
+function get_update_device
+{
+        UPDATE_ROOT=${CURRENT_ROOT%?}${UPDATE_PART}
+}
+
+
+if [ $1 == "preinst" ]; then
+        # get the current root device
+        get_current_root_device
+
+        # get the device to be updated
+        get_update_part
+        get_update_device
+
+        # create a symlink for the update process
+        ln -sf $UPDATE_ROOT /dev/update
+fi
+
+if [ $1 == "postinst" ]; then
+        # get the current root device
+        get_current_root_device
+
+        # get the device to be updated
+        get_update_part
+        get_update_device
+
+        # toggle rootpart
+        # we do it twice to write to both primary/secondary env
+        fw_setenv mmcbootpart $UPDATE_PART
+        fw_setenv mmcbootpart $UPDATE_PART
+fi
+EOF
+}}}
+
+* '''With these files created proceed with the build:'''
+{{{#!bash
+# build buildroot rootfs
+make venice_swupdate_defconfig
+make
+# create a private/public key combo for signature verifcation
+openssl genrsa -out swupdate-priv.pem # private
+openssl rsa -in swupdate-priv.pem -out swupdate-public.pem -outform PEM -pubout # public
+# sign the sw-description
+openssl dgst -sha256 -sign swupdate-priv.pem sw-description > sw-description.sig
+# build swupdate image
+cp output/images/rootfs.ext2.gz ./venice_swupdate.ext2.gz
+for i in sw-description sw-description.sig update.sh venice_swupdate.ext2.gz; do
+        echo $i; done | cpio -ov -H crc > my-software.swu
+}}}
+ * Note that you can skip the inclusion of sw-description.sig and the pub/priv key if you don't care about signatures and have not define CONFIG_SIGNED_IMAGES in your swupdate.config
+* '''create an MBR partition table that defines LinuxA and LinuxB partitions we will ping-pong between.'''
+{{{#!bash
+# 1: 32768:4194304 (2GiB) LinuxA
+# 2: 4227072:4194304 (2GiB) LinuxB
+# 3: 8421376:4194304(2GiB) userdata
+wget -q https://raw.githubusercontent.com/Gateworks/bsp-newport/sdk-10.1.1.0-newport/ptgen
+/bin/bash ptgen \
+-p 0x83:32768:4194304 \
+-p 0x83:4227072:4194304 \
+-p 0x83:8421376:4194304 \
+> output/images/mbr.bin
+}}}
+ * Note: How did we arive at these values?  "0x83" is the Linux partition type, "32768" is 16MB (the boot firmware offset) in 512 byte blocks, "4194304" is 2GiB in 512 byte blocks, this will be the length of the partition, "4227072" is the offset plus the length of the partition, this is where the next partion will start.  
+ * Bonus fact, here's a way to calculate these values on the command line:
+{{{#!bash
+echo $((16*1024*1024)) # 16MB in bytes
+echo $((16*1024*1024/512)) # to 512 byte blocks.
+printf "0x%x\n" $((16*1024*1024)) # to hex
+}}}
+* '''Boot the board, break out in the bootlader, then update the partition table:'''
+{{{#!bash
+tftpboot ${loadaddr} mbr.bin && mmc dev 2 && mmc write ${loadaddr} 0 1 # mbr is at 0 and 1 sector long
+}}}
+* '''While in U-Boot install the Buildroot rootfs to the first Linux partition offset (LinuxA)'''
+{{{#!bash
+tftpboot ${loadaddr} venice_swupdate.ext2.gz && gzwrite mmc 0 ${loadaddr} ${filesize} 0x100000 0x2000000 # rootfsA is at 0x2000000 (32MiB) and we use a 1MiB buffer
+}}}
+* '''In U-Boot set the env to use the ''mmcbootpart'' variable that our update.sh will need in order to toggle the partition after a successful update. Custom bootargs will also be applied in this step.'''
+{{{#!bash
+setenv mmcbootpart 2
+
+setenv bootcmd 'setenv bootargs console=${console} root=/dev/mmcblk2p${mmcbootpart} rootwait rw; setenv fsload load mmc 2:${mmcbootpart}; setenv dir /boot; run loadfdt && $fsload ${kernel_addr_r} boot/Image && booti ${kernel_addr_r} - ${fdt_addr_r}'                                                              
+
+saveenv 
+}}} 
+  - Note the single quotes around the bootargs value as we do not want U-Boot to expand the args until runtime
+
+* '''After you boot to buildroot you can fetch and install the SWUpdate image with:'''
+{{{#!bash
+# bring up networking
+udhcpc -i eth0
+# fetch image
+cd /tmp
+wget http://myserver/my-software.swu
+wget http://myserver/swupdate-public.pem
+swupdate -i my-software.swu -k swupdate-public.pem
+}}}
+ * Note that you can skip the -k param have not enabled signed images via CONFIG_SIGNED_IMAGES in your swupdate.config
+
+'''If you would like these files pre-compiled, download them [http://dev.gateworks.com/fae/swupdate-files.tar.gz Here].'''
+
+
 == Other Buildroot Wiki Pages
 See also: