swugenerator does not work properly

679 views

Skip to first unread message

esad ergül

unread,

Aug 7, 2022, 7:14:23 PM8/7/22

to swupdate

Hi Stefano,

I wanted to use the swugenerator to generate swu image. For this I tried to understand how the tool works. I did the following:
First, I created a file in the system to update it with SWUpdate.

$ cat /SWUpdate
v1

Then I created the following SWUpdate file and the sw-description template.

$ echo "v2" > SWUpdate

$ ls artifactory/

SWUpdate

$ cat sw-description

software = {
version = "@@VERSION@@";

Myboard = {
hardware-compatibility = ["1.0"];

files: ({
filename = "SWUpdate";
path = "/SWUpdate";
compressed = true;
type = "rawfile";
});
scripts: ({
filename = "update.sh";
type = "shellscript";
});
};
};

$ cat swugenerator.conf

variables = {
VERSION="1.2.3";
};

For signing I used self-signed certificates. With the following command I started swugenerator.

$ swugenerator -s sw-description -k CMS,swupdate.key.pem,swupdate.cert.pem -c swugenerator.conf -o demo.swu -a artifactory create

After generating the swu image I checked the cpio archiv and sw-description file. It seems that the SWUpdate file has been compressed with zlib. But I noticed that the filename in sw-description has not been changed. (filename should be SWUpdate.zlib because it was compressed).

$ cpio -idv < ../demo.swu
sw-description
sw-description.sig
SWUpdate.zlib
update.sh
8 blocks

$ cat sw-description

software =
{
version = "1.2.3";
Myboard =
{
hardware-compatibility =
[
"1.0"
];
files =
(
{
filename = "SWUpdate";
path = "/SWUpdate";
compressed = True;
type = "rawfile";
sha256 = "24e61894c83076374341afe723179534f506f56e1014c88144103e163a70c772";
}
);
scripts =
(
{
filename = "update.sh";
type = "shellscript";
sha256 = "28754888aa0d88e4dbfe201e40c1d09f966b4359b874d65781acdbc6d803d429";
}
);
};
};

I still started swupdate with the following command to update the file /SWUpdate

$ swupdate -v -l 5 -k swupdate.cert.pem -H Myboard:1.0 -i swu/demo.swu

[TRACE] : SWUPDATE running : [load_cert_chain] : Read PEM #1: /O=SWUpdate /CN=target /O=SWUpdate /CN=target
SWUpdate v

Licensed under GPLv2. See source distribution for detailed copyright notices.

[INFO ] : SWUPDATE running : [print_registered_bootloaders] : Registered bootloaders:
[INFO ] : SWUPDATE running : [print_registered_bootloaders] : none loaded.
[INFO ] : SWUPDATE running : [print_registered_bootloaders] : grub loaded.
[INFO ] : SWUPDATE running : [main] : Using default bootloader interface: none
[INFO ] : SWUPDATE running : [lua_handlers_init] : External Lua handler(s) not found.
[TRACE] : SWUPDATE running : [lua_report_exception] : Lua exception:
[TRACE] : SWUPDATE running : [lua_report_exception] : [string "require ("swupdate_handlers")"]:1: module 'swupdate_handlers' not found:
[TRACE] : SWUPDATE running : [lua_report_exception] : no field package.preload['swupdate_handlers']
[TRACE] : SWUPDATE running : [lua_report_exception] : no file '/usr/local/share/lua/5.3/swupdate_handlers.lua'
[TRACE] : SWUPDATE running : [lua_report_exception] : no file '/usr/local/share/lua/5.3/swupdate_handlers/init.lua'
[TRACE] : SWUPDATE running : [lua_report_exception] : no file '/usr/local/lib/lua/5.3/swupdate_handlers.lua'
[TRACE] : SWUPDATE running : [lua_report_exception] : no file '/usr/local/lib/lua/5.3/swupdate_handlers/init.lua'
[TRACE] : SWUPDATE running : [lua_report_exception] : no file '/usr/share/lua/5.3/swupdate_handlers.lua'
[TRACE] : SWUPDATE running : [lua_report_exception] : no file '/usr/share/lua/5.3/swupdate_handlers/init.lua'
[TRACE] : SWUPDATE running : [lua_report_exception] : no file './swupdate_handlers.lua'
[TRACE] : SWUPDATE running : [lua_report_exception] : no file './swupdate_handlers/init.lua'
[TRACE] : SWUPDATE running : [lua_report_exception] : no file '/usr/local/lib/lua/5.3/swupdate_handlers.so'
[TRACE] : SWUPDATE running : [lua_report_exception] : no file '/usr/lib/x86_64-linux-gnu/lua/5.3/swupdate_handlers.so'
[TRACE] : SWUPDATE running : [lua_report_exception] : no file '/usr/lib/lua/5.3/swupdate_handlers.so'
[TRACE] : SWUPDATE running : [lua_report_exception] : no file '/usr/local/lib/lua/5.3/loadall.so'
[TRACE] : SWUPDATE running : [lua_report_exception] : no file './swupdate_handlers.so'
[INFO ] : SWUPDATE running : [main] : Running on Myboard Revision 1.0
[INFO ] : SWUPDATE running : [print_registered_handlers] : Registered handlers:
[INFO ] : SWUPDATE running : [print_registered_handlers] : dummy
[INFO ] : SWUPDATE running : [print_registered_handlers] : archive
[INFO ] : SWUPDATE running : [print_registered_handlers] : tar
[INFO ] : SWUPDATE running : [print_registered_handlers] : uboot
[INFO ] : SWUPDATE running : [print_registered_handlers] : bootloader
[INFO ] : SWUPDATE running : [print_registered_handlers] : diskformat
[INFO ] : SWUPDATE running : [print_registered_handlers] : diskpart
[INFO ] : SWUPDATE running : [print_registered_handlers] : toggleboot
[INFO ] : SWUPDATE running : [print_registered_handlers] : uniqueuuid
[INFO ] : SWUPDATE running : [print_registered_handlers] : lua
[INFO ] : SWUPDATE running : [print_registered_handlers] : raw
[INFO ] : SWUPDATE running : [print_registered_handlers] : rawfile
[INFO ] : SWUPDATE running : [print_registered_handlers] : rawcopy
[INFO ] : SWUPDATE running : [print_registered_handlers] : rdiff_image
[INFO ] : SWUPDATE running : [print_registered_handlers] : rdiff_file
[INFO ] : SWUPDATE running : [print_registered_handlers] : readback
[INFO ] : SWUPDATE running : [print_registered_handlers] : shellscript
[INFO ] : SWUPDATE running : [print_registered_handlers] : preinstall
[INFO ] : SWUPDATE running : [print_registered_handlers] : postinstall

[DEBUG] : SWUPDATE running : [read_module_settings] : No config settings found for module versions
[TRACE] : SWUPDATE running : [listener_create] : got no socket at /tmp/swupdateprog from systemd
[TRACE] : SWUPDATE running : [listener_create] : creating socket at /tmp/swupdateprog
[TRACE] : SWUPDATE running : [network_initializer] : Main loop daemon
[TRACE] : SWUPDATE running : [listener_create] : got no socket at /tmp/sockinstctrl from systemd
[TRACE] : SWUPDATE running : [listener_create] : creating socket at /tmp/sockinstctrl
[TRACE] : SWUPDATE running : [network_thread] : Incoming network request: processing...
[INFO ] : SWUPDATE started : Software Update started !
[TRACE] : SWUPDATE running : [network_initializer] : Software update started
[TRACE] : SWUPDATE running : [extract_file_to_tmp] : Found file
[TRACE] : SWUPDATE running : [extract_file_to_tmp] : filename sw-description
[TRACE] : SWUPDATE running : [extract_file_to_tmp] : size 678
[TRACE] : SWUPDATE running : [extract_file_to_tmp] : Found file
[TRACE] : SWUPDATE running : [extract_file_to_tmp] : filename sw-description.sig
[TRACE] : SWUPDATE running : [extract_file_to_tmp] : size 2110
[TRACE] : SWUPDATE running : [swupdate_verify_file] : Verified OK
[DEBUG] : SWUPDATE running : [parse_cfg] : Parsing config file /tmp/sw-description
[TRACE] : SWUPDATE running : [get_common_fields] : Version 1.2.3
[TRACE] : SWUPDATE running : [parse_hw_compatibility] : Accepted Hw Revision : 1.0
[TRACE] : SWUPDATE running : [_parse_files] : Found compressed File: SWUpdate --> /SWUpdate (ROOTFS)
[TRACE] : SWUPDATE running : [_parse_scripts] : Found Script: update.sh
[TRACE] : SWUPDATE running : [check_hw_compatibility] : Hardware Myboard Revision: 1.0
[TRACE] : SWUPDATE running : [check_hw_compatibility] : Hardware compatibility verified
[DEBUG] : SWUPDATE running : [preupdatecmd] : Running Pre-update command
[TRACE] : SWUPDATE running : [extract_files] : Found file
[TRACE] : SWUPDATE running : [extract_files] : filename SWUpdate.zlib
[TRACE] : SWUPDATE running : [extract_files] : size 32 Not required: skipping
[TRACE] : SWUPDATE running : [extract_files] : Found file
[TRACE] : SWUPDATE running : [extract_files] : filename update.sh
[TRACE] : SWUPDATE running : [extract_files] : size 307 required
[TRACE] : SWUPDATE running : [extract_padding] : Expecting 80 padding bytes at end-of-file
[ERROR] : SWUPDATE failed [0] ERROR core/stream_interface.c : extract_files : 304 : Required image file SWUpdate missing...aborting !
[ERROR] : SWUPDATE failed [1] Image invalid or corrupted. Not installing ...
[TRACE] : SWUPDATE running : [network_initializer] : Main thread sleep again !
[INFO ] : No SWUPDATE running : Waiting for requests...
[INFO ] : SWUPDATE running : [endupdate] : SWUpdate *failed* !

In my opinion the SWupdate failed because filename in sw-description is not correct. It must be SWUpdate.zlib instead of SWUpdate.

Next I wanted to test software collections and operations modes with swugenerator to implement a dual copy strateigy.

I have created the following sw-description template. Here I wanted to test the encryption, pre-post install scripts and bootloader variables as well.

$ cat swupdate.encryption.key

ce0c52229be71323cb599afddd41f847467d7a263dfca9486a701dac0daed72d 322783ebd39cdbb4acc21e4f99f598e3

$ ls artifactory

SWUpdate update.sh

$ cat sw-description

software = {
version = "@@VERSION@@";

Myboard = {
hardware-compatibility = ["1.0"];

stable: {
copy-1: {
files: ({
filename = "SWUpdate";
path = "/SWUpdate";
device = "/dev/sda2";
compressed = true;
encrypted = true;
type = "rawfile";
});
bootenv: ({
name = "bootentry";
value = "0";
});
scripts: ({
filename = "update.sh";
type = "shellscript";
});
};
copy-2: {
files: ({
filename = "SWUpdate";
path = "/SWUpdate";
device = "/dev/sda4";
compressed = true;
encrypted = true;
type = "rawfile";
});
bootenv: ({
name = "bootentry";
value = "1";
});
scripts: ({
filename = "update.sh";
type = "shellscript";
});
};
};
};
};

With the following command I started swugenerator

$ swugenerator -s sw-description -k CMS,swupdate.key.pem,swupdate.cert.pem -K swupdate.encryption.key -c swugenerator.conf -o demo.swu -a artifactory create

After generating the swu image I checked the cpio archiv and sw-description file again.

$ cpio -idv < ../demo.swu

sw-description
sw-description.sig
SWUpdate.zlib
update.sh
11 blocks

In the cpio archive I saw that SWUpdate file was compressed with zlib, but no .enc extension was added to it. Therefore it is not possible to see if the file was encrypted or not.

In the sw-description the attribute "filename" has not been changed either. It is still just "SWUpdate". This must be e.g. "SWUpdate.zlib.enc".

$ cat sw-description

software =
{
version = "1.2.3";
Myboard =
{
hardware-compatibility =
[
"1.0"
];
stable =
{
copy-1 =
{
files =
(
{
filename = "SWUpdate";
path = "/SWUpdate";
device = "/dev/sda2";
compressed = True;
encrypted = True;
type = "rawfile";
ivt = "1c6de7f1035a5d863a17f45a5d89df44";
sha256 = "01ac877b63d69179b301a9396d692fb5cd45b74baedf5f572e90e4f60fa2b6d7";
}
);
bootenv =
(
{
name = "next_entry";
value = "0";
}
);
scripts =
(
{
filename = "update.sh";
type = "shellscript";
sha256 = "28754888aa0d88e4dbfe201e40c1d09f966b4359b874d65781acdbc6d803d429";
}
);
};
copy-2 =
{
files =
(

{
filename = "SWUpdate";
path = "/SWUpdate";
device = "/dev/sda4";
compressed = True;
encrypted = True;
type = "rawfile";
sha256 = "01ac877b63d69179b301a9396d692fb5cd45b74baedf5f572e90e4f60fa2b6d7";
}
);
bootenv =
(
{
name = "next_entry";
value = "1";
}
);
scripts =
(
{
filename = "update.sh";

type = "shellscript";
sha256 = "28754888aa0d88e4dbfe201e40c1d09f966b4359b874d65781acdbc6d803d429";
}
);
};
};
};
};

I found that the ivt value was only added in the first copy in the sw-description. But ivt value should be included in both operation modes (copy-1, copy-2).

The sha256 value of SWUpdate.zlib, which is in the cpio archive, does not match the sha256 value in the sw-description file. But the sha256 value of update.sh file is correct

$ sha256sum SWUpdate.zlib
47a01815f124ffaa7160e5c1c70d93eaba46f468144fc232d1bb0212e32e6022 SWUpdate.zlib
$ sha256sum update.sh
28754888aa0d88e4dbfe201e40c1d09f966b4359b874d65781acdbc6d803d429 update.sh

If I remove the attribute "encrypted" from the sw-description template and run swugenerator without aes key, the sha256 value of SWUpdate.zlib in the cpio archive still does not match the sha256s value in the sw-description.

Am I doing something wrong in the sw-description template? or am I running swugenerator wrong somehow?

Best regards,
Esad Ergül

Stefano Babic

unread,

Aug 11, 2022, 12:31:41 PM8/11/22

to esad ergül, swupdate

Hi Esad,

Confirmed - filename in sw-description must be the same as in CPIO,
something is going wrong here. Just a short look at the code, file is
renamed after compressing, what can be suprfluous. So it is something to
be fixed.

Agree.

> It must be SWUpdate.zlib instead of SWUpdate.

Right, filename in sw-description and in CPIO must be identical.

About encryption., there are already patches from Ayoub. I will first
apply his patches, that were already reviewed, before going on.

No, there are some bugs that must be addressed.

Regards,
Stefano Babic

--
=====================================================================
DENX Software Engineering GmbH, Managing Director: Wolfgang Denk
HRB 165235 Munich, Office: Kirchenstr.5, 82194 Groebenzell, Germany
Phone: +49-8142-66989-53 Fax: +49-8142-66989-80 Email: sba...@denx.de
=====================================================================

Reply all

Reply to author

Forward

0 new messages