| #!/bin/bash |
| |
| # Copyright (c) 2011 The Chromium OS Authors. All rights reserved. |
| # Use of this source code is governed by a BSD-style license that can be |
| # found in the LICENSE file. |
| |
| # Script to generate a Chromium OS update for use by the update engine. |
| # If a source .bin is specified, the update is assumed to be a delta update. |
| |
| # Load common CrOS utilities. Inside the chroot this file is installed in |
| # /usr/lib/crosutils. This script may also be called from a zipfile, in which |
| # case common.sh will be in the current directory. |
| find_common_sh() { |
| local thisdir="$(dirname "$(readlink -f "$0")")" |
| local common_paths=(/usr/lib/crosutils "${thisdir}") |
| local path |
| |
| SCRIPT_ROOT="${common_paths[0]}" |
| for path in "${common_paths[@]}"; do |
| if [ -r "${path}/common.sh" ]; then |
| SCRIPT_ROOT="${path}" |
| break |
| fi |
| done |
| |
| # HACK(zbehan): We have to fake GCLIENT_ROOT in case we're running inside |
| # au_zip enviroment. GCLIENT_ROOT detection became fatal... |
| [ "${SCRIPT_ROOT}" == "${thisdir}" ] && export GCLIENT_ROOT="." |
| } |
| |
| find_common_sh |
| . "${SCRIPT_ROOT}/common.sh" || exit 1 |
| |
| # Load functions and constants for chromeos-install |
| # NOTE: Needs to be called from outside the chroot. |
| . "/usr/lib/installer/chromeos-common.sh" &> /dev/null || \ |
| . "${SRC_ROOT}/platform/installer/chromeos-common.sh" &> /dev/null || \ |
| . "./chromeos-common.sh" || \ |
| die "Unable to load /usr/lib/installer/chromeos-common.sh" |
| |
| SRC_MNT="" |
| DST_MNT="" |
| SRC_KERNEL="" |
| SRC_ROOT="" |
| DST_KERNEL="" |
| DST_ROOT="" |
| STATE_MNT="" |
| |
| # Pass an arg to not exit 1 at the end |
| cleanup() { |
| set +e |
| if [ -n "$SRC_MNT" ]; then |
| sudo umount "$SRC_MNT" |
| [ -d "$SRC_MNT" ] && rmdir "$SRC_MNT" |
| SRC_MNT="" |
| fi |
| if [ -n "$DST_MNT" ]; then |
| sudo umount "$DST_MNT" |
| [ -d "$DST_MNT" ] && rmdir "$DST_MNT" |
| DST_MNT="" |
| fi |
| if [ -n "$STATE_MNT" ]; then |
| sudo umount "$STATE_MNT" || true |
| [ -d "$STATE_MNT" ] && rmdir "$STATE_MNT" |
| STATE_MNT="" |
| fi |
| if [ -z "$FLAGS_src_kern_path" ]; then |
| rm -f "$SRC_KERNEL" |
| fi |
| if [ -z "$FLAGS_src_root_path" ]; then |
| rm -f "$SRC_ROOT" |
| fi |
| if [ -z "$FLAGS_kern_path" ]; then |
| rm -f "$DST_KERNEL" |
| fi |
| if [ -z "$FLAGS_root_path" ]; then |
| rm -f "$DST_ROOT" |
| fi |
| [ -n "$1" ] || exit 1 |
| } |
| |
| extract_partition_to_temp_file() { |
| local filename="$1" |
| local partition="$2" |
| local temp_file="$3" |
| if [ -z "$temp_file" ]; then |
| temp_file=$(mktemp --tmpdir="${FLAGS_work_dir}" \ |
| cros_generate_update_payload.XXXXXX) |
| fi |
| echo "$temp_file" |
| |
| # Keep `local` decl split from assignment so return code is checked. |
| local offset length |
| offset=$(partoffset "${filename}" ${partition}) # 512-byte sectors |
| length=$(partsize "${filename}" ${partition}) # 512-byte sectors |
| local bs=512 |
| local sectors_per_two_mib=$((2 * 1024 * 1024 / 512)) |
| if [ $(( $offset % $sectors_per_two_mib )) -eq 0 -a \ |
| $(( $length % $sectors_per_two_mib )) -eq 0 ]; then |
| bs=$((2 * 1024 * 1024)) |
| offset=$(($offset / $sectors_per_two_mib)) |
| length=$(($length / $sectors_per_two_mib)) |
| else |
| warn "partition offset or length not at 2MiB boundary" |
| fi |
| dd if="$filename" of="$temp_file" bs=$bs count="$length" \ |
| skip="$offset" 2>/dev/null |
| } |
| |
| patch_kernel() { |
| local IMAGE="$1" |
| local KERN_FILE="$2" |
| |
| echo "Patching kernel" $KERN_FILE |
| echo " into" $IMAGE |
| # Keep `local` decl split from assignment so return code is checked. |
| local offset |
| offset=$(partoffset "${IMAGE}" 1) |
| : $(( offset *= 512 )) |
| STATE_MNT=$(mktemp -d --tmpdir="${FLAGS_work_dir}" state.XXXXXX) |
| sudo mount -o ro,loop,offset=$offset "$IMAGE" "$STATE_MNT" |
| dd if="$STATE_MNT"/vmlinuz_hd.vblock of="$KERN_FILE" conv=notrunc 2>/dev/null |
| sudo umount "$STATE_MNT" |
| rmdir "$STATE_MNT" |
| STATE_MNT="" |
| } |
| |
| extract_kern_root() { |
| local bin_file="$1" |
| local kern_out="$2" |
| local root_out="$3" |
| |
| if [ -z "$kern_out" ]; then |
| die "missing kernel output filename" |
| fi |
| if [ -z "$root_out" ]; then |
| die "missing root output filename" |
| fi |
| |
| extract_partition_to_temp_file "$bin_file" 2 "$kern_out" > /dev/null |
| if [ "$FLAGS_patch_kernel" -eq "$FLAGS_TRUE" ]; then |
| patch_kernel "$bin_file" "$kern_out" |
| fi |
| extract_partition_to_temp_file "$bin_file" 3 "$root_out" > /dev/null |
| } |
| |
| DEFINE_string image "" "The image that should be sent to clients." |
| DEFINE_string src_image "" "Optional: a source image. If specified, this makes\ |
| a delta update." |
| DEFINE_string output "" "Output file" |
| DEFINE_boolean outside_chroot "$FLAGS_FALSE" "Running outside of chroot." |
| DEFINE_boolean patch_kernel "$FLAGS_FALSE" "Whether or not to patch the kernel \ |
| with the patch from the stateful partition (default: false)" |
| DEFINE_string private_key "" "Path to private key in .pem format." |
| DEFINE_string out_metadata_hash_file "" "Path to output metadata hash file." |
| DEFINE_boolean extract "$FLAGS_FALSE" "If set, extract old/new kernel/rootfs \ |
| to [old|new]_[kern|root].dat. Useful for debugging (default: false)" |
| DEFINE_boolean full_kernel "$FLAGS_FALSE" "Generate a full kernel update even \ |
| if generating a delta update (default: false)" |
| DEFINE_integer chunk_size -1 \ |
| "Delta payload chunk size (default -1 means whole files)" |
| |
| DEFINE_string src_channel "" "Channel of the src image." |
| DEFINE_string src_board "" "Board of the src image." |
| DEFINE_string src_version "" "Version of the src image." |
| DEFINE_string src_key "" "Key of the src image." |
| DEFINE_string src_build_channel "" "Channel of the build of the src image." |
| DEFINE_string src_build_version "" "Version of the build of the src image." |
| |
| DEFINE_string channel "" "Channel of the target image." |
| DEFINE_string board "" "Board of the target image." |
| DEFINE_string version "" "Version of the target image." |
| DEFINE_string key "" "Key of the target image." |
| DEFINE_string build_channel "" "Channel of the build of the target image." |
| DEFINE_string build_version "" "Version of the build of the target image." |
| |
| # Specifying any of the following will cause it to not be cleaned up upon exit. |
| DEFINE_string kern_path "" "File path for extracting the kernel partition." |
| DEFINE_string root_path "" "File path for extracting the rootfs partition." |
| DEFINE_string src_kern_path "" \ |
| "File path for extracting the source kernel partition." |
| DEFINE_string src_root_path "" \ |
| "File path for extracting the source rootfs partition." |
| |
| DEFINE_string work_dir "" "Where to dump temporary files." |
| |
| |
| # Parse command line |
| FLAGS "$@" || exit 1 |
| eval set -- "${FLAGS_ARGV}" |
| |
| set -e |
| |
| if [ -n "$FLAGS_src_image" ] && \ |
| [ "$FLAGS_outside_chroot" -eq "$FLAGS_FALSE" ]; then |
| # We need to be in the chroot for generating delta images. |
| # by specifying --outside_chroot you can choose not to assert |
| # this will allow us to run this script outside chroot. |
| # Running this script outside chroot requires copying delta_generator binary |
| # and also copying few shared libraries with it. |
| assert_inside_chroot |
| fi |
| |
| locate_gpt |
| |
| if [ "$FLAGS_extract" -eq "$FLAGS_TRUE" ]; then |
| if [ -n "$FLAGS_src_image" ]; then |
| SRC_KERN_PATH="${FLAGS_src_kern_path:-old_kern.dat}" |
| SRC_ROOT_PATH="${FLAGS_src_root_path:-old_root.dat}" |
| extract_kern_root "$FLAGS_src_image" "$SRC_KERN_PATH" "$SRC_ROOT_PATH" |
| fi |
| if [ -n "$FLAGS_image" ]; then |
| KERN_PATH="${FLAGS_kern_path:-new_kern.dat}" |
| ROOT_PATH="${FLAGS_root_path:-new_root.dat}" |
| extract_kern_root "$FLAGS_image" "$KERN_PATH" "$ROOT_PATH" |
| fi |
| echo Done extracting kernel/root |
| exit 0 |
| fi |
| |
| [ -n "$FLAGS_output" ] || |
| die "Error: you must specify an output filename with --output FILENAME" |
| |
| DELTA=$FLAGS_TRUE |
| PAYLOAD_TYPE="delta" |
| if [ -z "$FLAGS_src_image" ]; then |
| DELTA=$FLAGS_FALSE |
| PAYLOAD_TYPE="full" |
| fi |
| |
| echo "Generating $PAYLOAD_TYPE update" |
| |
| # Sanity check that the real generator exists: |
| GENERATOR="$(which delta_generator)" |
| [ -x "$GENERATOR" ] || die "can't find delta_generator" |
| |
| trap cleanup INT TERM EXIT |
| if [ "$DELTA" -eq "$FLAGS_TRUE" ]; then |
| if [ "$FLAGS_full_kernel" -eq "$FLAGS_FALSE" ]; then |
| SRC_KERNEL=$(extract_partition_to_temp_file "$FLAGS_src_image" 2 \ |
| "$FLAGS_src_kern_path") |
| if [ "$FLAGS_patch_kernel" -eq "$FLAGS_TRUE" ]; then |
| patch_kernel "$FLAGS_src_image" "$SRC_KERNEL" |
| fi |
| echo md5sum of src kernel: |
| md5sum "$SRC_KERNEL" |
| else |
| echo "Generating a full kernel update." |
| fi |
| SRC_ROOT=$(extract_partition_to_temp_file "$FLAGS_src_image" 3 \ |
| "$FLAGS_src_root_path") |
| |
| echo md5sum of src root: |
| md5sum "$SRC_ROOT" |
| fi |
| |
| DST_KERNEL=$(extract_partition_to_temp_file "$FLAGS_image" 2 \ |
| "$FLAGS_kern_path") |
| if [ "$FLAGS_patch_kernel" -eq "$FLAGS_TRUE" ]; then |
| patch_kernel "$FLAGS_image" "$DST_KERNEL" |
| fi |
| DST_ROOT=$(extract_partition_to_temp_file "$FLAGS_image" 3 \ |
| "$FLAGS_root_path") |
| |
| DST_MNT=$(mktemp -d --tmpdir="${FLAGS_work_dir}" src_root.XXXXXX) |
| sudo mount -o loop,ro "$DST_ROOT" "$DST_MNT" |
| |
| source "$DST_MNT"/usr/sbin/write_gpt.sh || warn "Could not read write_gpt.sh" |
| |
| PARTITION_SIZE_PARAM= |
| if [ -n "$ROOTFS_PARTITION_SIZE" ]; then |
| echo "Using rootfs partition size: $ROOTFS_PARTITION_SIZE"; |
| PARTITION_SIZE_PARAM="-rootfs_partition_size=$ROOTFS_PARTITION_SIZE" |
| else |
| echo "Using the default partition size." |
| fi |
| |
| if [ "$DELTA" -eq "$FLAGS_TRUE" ]; then |
| SRC_MNT=$(mktemp -d --tmpdir="${FLAGS_work_dir}" src_root.XXXXXX) |
| sudo mount -o loop,ro "$SRC_ROOT" "$SRC_MNT" |
| |
| sudo LD_LIBRARY_PATH=${LD_LIBRARY_PATH} PATH=${PATH} "$GENERATOR" \ |
| -new_dir "$DST_MNT" -new_image "$DST_ROOT" -new_kernel "$DST_KERNEL" \ |
| -old_dir "$SRC_MNT" -old_image "$SRC_ROOT" -old_kernel "$SRC_KERNEL" \ |
| -out_file "$FLAGS_output" -private_key "$FLAGS_private_key" \ |
| -chunk_size "$FLAGS_chunk_size" \ |
| "$PARTITION_SIZE_PARAM" \ |
| -old_channel "$FLAGS_src_channel" -old_board "$FLAGS_src_board" \ |
| -old_version "$FLAGS_src_version" -old_key "$FLAGS_src_key" \ |
| -old_build_channel "$FLAGS_src_build_channel" \ |
| -old_build_version "$FLAGS_src_build_version" \ |
| -new_channel "$FLAGS_channel" -new_board "$FLAGS_board" \ |
| -new_version "$FLAGS_version" -new_key "$FLAGS_key" \ |
| -new_build_channel "$FLAGS_build_channel" \ |
| -new_build_version "$FLAGS_build_version" |
| else |
| "$GENERATOR" \ |
| -new_image "$DST_ROOT" -new_kernel "$DST_KERNEL" \ |
| -out_file "$FLAGS_output" -private_key "$FLAGS_private_key" \ |
| "$PARTITION_SIZE_PARAM" \ |
| -new_channel "$FLAGS_channel" -new_board "$FLAGS_board" \ |
| -new_version "$FLAGS_version" -new_key "$FLAGS_key" \ |
| -new_build_channel "$FLAGS_build_channel" \ |
| -new_build_version "$FLAGS_build_version" |
| fi |
| |
| if [ -n "$FLAGS_out_metadata_hash_file" ]; then |
| # The manifest - unfortunately - contain two fields called |
| # signature_offset and signature_size with data about the how the |
| # manifest is signed. This means we have to pass the signature |
| # size used. The value 256 is the number of bytes the SHA-256 hash |
| # value of the manifest signed with a 2048-bit RSA key occupies. |
| "$GENERATOR" \ |
| -in_file "$FLAGS_output" \ |
| -signature_size 256 \ |
| -out_metadata_hash_file "$FLAGS_out_metadata_hash_file" |
| fi |
| |
| trap - INT TERM EXIT |
| cleanup noexit |
| |
| echo "Done generating $PAYLOAD_TYPE update." |