From: Enrico Jorns <ejo@pengutronix.de>
To: ptxdist@pengutronix.de
Cc: Enrico Jorns <ejo@pengutronix.de>, jlu@pengutronix.de
Subject: [ptxdist] [PATCH 1/3] rauc: new package
Date: Mon, 20 Mar 2017 12:36:25 +0100 [thread overview]
Message-ID: <20170320113627.25060-2-ejo@pengutronix.de> (raw)
In-Reply-To: <20170320113627.25060-1-ejo@pengutronix.de>
This adds recipes for building the RAUC update tool both as a host
tool as well as a target update tool and service.
When using systemd, the package will install a rauc.service that allows
to start RAUC, by default RAUC does not start automatically but uses
D-Bus activation when invoked by your application or by the command line
tool ./rauc.
You will also get a rauc-mark-good.service in your rootfs by default
that is wanted by multi-user.taget and is used to notify the underlying
bootloader implementation about having booted successfully in userspace.
You can also make it depend on your application services being started.
For integrating RAUC with your platform, you need to have a system
description file /etc/rauc/system.conf in your platforms projectroot/
dir. This defines all relevant slots and provides information and
configuration RAUC requires to properly handle the platform it is
running on.
You also have to place a valid keyring file into you platforms
projectroot/ as /etc/rauc/ca.cert.pem to allow RAUC verifying update
Bundles before installing them.
There are dummy files installed by default for ca.cert.pem and
system.conf which only contain hints on how to set up correct
project-specific ones.
The additional good-marking-service installed by the recipe runs after
user space is brought up and notifies the underlying bootloader
implementation about a successful boot of the system.
This is typically used in conjunction with a boot attempts counter
in the bootloader that is decremented before starting the systemd and
reset by `rauc status mark-good` to indicate a successfully system
startup.
Signed-off-by: Enrico Jorns <ejo@pengutronix.de>
---
projectroot/etc/rauc/ca.cert.pem | 7 ++
projectroot/etc/rauc/system.conf | 36 +++++++++
.../lib/systemd/system/rauc-mark-good.service | 10 +++
rules/host-rauc.in | 8 ++
rules/host-rauc.make | 32 ++++++++
rules/rauc.in | 34 ++++++++
rules/rauc.make | 90 ++++++++++++++++++++++
7 files changed, 217 insertions(+)
create mode 100644 projectroot/etc/rauc/ca.cert.pem
create mode 100644 projectroot/etc/rauc/system.conf
create mode 100644 projectroot/lib/systemd/system/rauc-mark-good.service
create mode 100644 rules/host-rauc.in
create mode 100644 rules/host-rauc.make
create mode 100644 rules/rauc.in
create mode 100644 rules/rauc.make
diff --git a/projectroot/etc/rauc/ca.cert.pem b/projectroot/etc/rauc/ca.cert.pem
new file mode 100644
index 000000000..be1aa7c30
--- /dev/null
+++ b/projectroot/etc/rauc/ca.cert.pem
@@ -0,0 +1,7 @@
+# This is a dummy keyring file. Please overwrite this with one that matches
+# your X.509 infrastructure if you intend to use RAUC for secure updates!
+#
+# If you really do not intend to actively use the security features (or for
+# testing purpose) you may create a development certificate by executing the
+# script `rauc-gen-test-certs.sh` from the `scripts` folder in your PTXdist
+# installation.
diff --git a/projectroot/etc/rauc/system.conf b/projectroot/etc/rauc/system.conf
new file mode 100644
index 000000000..2881ab2f8
--- /dev/null
+++ b/projectroot/etc/rauc/system.conf
@@ -0,0 +1,36 @@
+## This is an example RAUC system configuration. This file will be installed
+## into /etc/rauc/system.conf on your target and describes your system from the
+## perspective of the RAUC update service.
+##
+## If you find this file in your build rootfs, your have not set up a
+## system.conf for your platform, yet.
+## Create one according to this dummy template from
+## `projectroot/etc/rauc/system.conf` in your PTXdist installation and place it
+## in the platform directory of you project under
+## `projectroot/etc/rauc/system.conf`.
+##
+## ---
+##
+# [system]
+# compatible=@RAUC_BUNDLE_COMPATIBLE@
+# bootloader=<barebox|uboot|grub>
+#
+# [slot.rootfs.0]
+# device=/dev/mmcblkXp1
+# type=ext4
+# bootname=system0
+#
+# [slot.rootfs.1]
+# device=/dev/mmcblkXp2
+# type=ext4
+# bootname=system1
+#
+# [slot.appfs.0]
+# device=/dev/mmcblkXp3
+# type=ext4
+# parent=rootfs.0
+#
+# [slot.appfs.1]
+# device=/dev/mmcblkXp4
+# type=ext4
+# parent=rootfs.1
diff --git a/projectroot/lib/systemd/system/rauc-mark-good.service b/projectroot/lib/systemd/system/rauc-mark-good.service
new file mode 100644
index 000000000..af4daab9f
--- /dev/null
+++ b/projectroot/lib/systemd/system/rauc-mark-good.service
@@ -0,0 +1,10 @@
+[Unit]
+Description=RAUC Good-marking Service
+ConditionKernelCommandLine=|bootchooser.active
+ConditionKernelCommandLine=|rauc.slot
+
+[Service]
+ExecStart=/usr/bin/rauc status mark-good
+
+[Install]
+WantedBy=multi-user.target
diff --git a/rules/host-rauc.in b/rules/host-rauc.in
new file mode 100644
index 000000000..0e02743c7
--- /dev/null
+++ b/rules/host-rauc.in
@@ -0,0 +1,8 @@
+## SECTION=hosttools_noprompt
+## SECTION=hosttools_platform
+
+config HOST_RAUC
+ tristate
+ select HOST_GLIB
+ select HOST_OPENSSL
+ select HOST_SQUASHFS_TOOLS
diff --git a/rules/host-rauc.make b/rules/host-rauc.make
new file mode 100644
index 000000000..4345ae8f5
--- /dev/null
+++ b/rules/host-rauc.make
@@ -0,0 +1,32 @@
+# -*-makefile-*-
+#
+# Copyright (C) 2015 by Michael Grzeschik <mgr@pengutronix.de>
+#
+# See CREDITS for details about who has contributed to this project.
+#
+# For further information about the PTXdist project and license conditions
+# see the README file.
+#
+
+#
+# We provide this package
+#
+HOST_PACKAGES-$(PTXCONF_HOST_RAUC) += host-rauc
+
+# ----------------------------------------------------------------------------
+# Prepare
+# ----------------------------------------------------------------------------
+
+#
+# autoconf
+#
+HOST_RAUC_CONF_TOOL := autoconf
+HOST_RAUC_CONF_OPT := \
+ $(HOST_AUTOCONF) \
+ --disable-code-coverage \
+ --disable-valgrind \
+ --disable-service \
+ --disable-network \
+ --disable-json
+
+# vim: syntax=make
diff --git a/rules/rauc.in b/rules/rauc.in
new file mode 100644
index 000000000..263a67bf1
--- /dev/null
+++ b/rules/rauc.in
@@ -0,0 +1,34 @@
+## SECTION=applications
+
+menuconfig RAUC
+ tristate
+ prompt "Rauc Update Tool "
+ select OPENSSL
+ select GLIB
+ select LIBCURL if RAUC_NETWORK
+ select JSON_GLIB if RAUC_JSON
+ help
+ Robust Auto-Update Controller. RAUC controls the update process on embedded linux systems.
+
+if RAUC
+
+config RAUC_NETWORK
+ bool
+ prompt "network support"
+
+config RAUC_JSON
+ bool
+ prompt "JSON support"
+
+config RAUC_COMPATIBLE
+ prompt "RAUC Compatible"
+ string
+ default "${PTXCONF_PROJECT_VENDOR}\ ${PTXCONF_PROJECT}"
+ help
+ An explicit identification string that RAUC uses to assure an update
+ bundle matches with the correct root filesystem on the target.
+
+ Only if the compatible in the targets RAUC system.conf file and those
+ in the Bundle's manifest match exactly, an update will be performed
+
+endif
diff --git a/rules/rauc.make b/rules/rauc.make
new file mode 100644
index 000000000..ba7152bbd
--- /dev/null
+++ b/rules/rauc.make
@@ -0,0 +1,90 @@
+# -*-makefile-*-
+#
+# Copyright (C) 2015 by Enrico Joerns <e.joerns@pengutronix.de>
+#
+# See CREDITS for details about who has contributed to this project.
+#
+# For further information about the PTXdist project and license conditions
+# see the README file.
+#
+
+#
+# We provide this package
+#
+PACKAGES-$(PTXCONF_RAUC) += rauc
+
+#
+# Paths and names
+#
+RAUC_VERSION := v0.1
+RAUC_MD5 := 33c6f45b71f9b9c082fa852c3d5915d9
+RAUC := rauc-$(RAUC_VERSION)
+RAUC_SUFFIX := tar.xz
+RAUC_URL := https://github.com/rauc/rauc/releases/download/v0.1/rauc-0.1.tar.xz
+RAUC_SOURCE := $(SRCDIR)/$(RAUC).$(RAUC_SUFFIX)
+RAUC_DIR := $(BUILDDIR)/$(RAUC)
+RAUC_LICENSE := LGPL-2.1
+
+# ----------------------------------------------------------------------------
+# Prepare
+# ----------------------------------------------------------------------------
+
+#RAUC_CONF_ENV := $(CROSS_ENV)
+
+#
+# autoconf
+#
+RAUC_CONF_TOOL := autoconf
+RAUC_CONF_OPT := \
+ $(CROSS_AUTOCONF_USR) \
+ --enable-debug=info \
+ $(GLOBAL_LARGE_FILE_OPTION) \
+ --disable-code-coverage \
+ --disable-valgrind \
+ --enable-service \
+ --$(call ptx/endis,PTXCONF_RAUC_NETWORK)-network \
+ --$(call ptx/endis,PTXCONF_RAUC_JSON)-json \
+ --with-systemdunitdir=/lib/systemd/system \
+ --with-dbuspolicydir=/usr/share/dbus-1/system.d \
+ --with-dbussystemservicedir=/usr/share/dbus-1/system-services
+
+# ----------------------------------------------------------------------------
+# Target-Install
+# ----------------------------------------------------------------------------
+
+$(STATEDIR)/rauc.targetinstall:
+ @$(call targetinfo)
+
+ @$(call install_init, rauc)
+ @$(call install_fixup, rauc,PRIORITY,optional)
+ @$(call install_fixup, rauc,SECTION,base)
+ @$(call install_fixup, rauc,AUTHOR,"Enrico Joerns <e.joerns@pengutronix.de>")
+ @$(call install_fixup, rauc,DESCRIPTION,missing)
+
+ @$(call install_copy, rauc, 0, 0, 0755, -, /usr/bin/rauc)
+ @$(call install_alternative, rauc, 0, 0, 0644, /etc/rauc/system.conf)
+ @$(call install_replace, rauc, /etc/rauc/system.conf, \
+ @RAUC_BUNDLE_COMPATIBLE@, \
+ $(PTXCONF_RAUC_COMPATIBLE))
+ @$(call install_alternative, rauc, 0, 0, 0644, /etc/rauc/ca.cert.pem)
+
+ @$(call install_copy, rauc, 0, 0, 0644, -, \
+ /usr/share/dbus-1/system-services/de.pengutronix.rauc.service)
+ @$(call install_copy, rauc, 0, 0, 0644, -, \
+ /usr/share/dbus-1/system.d/de.pengutronix.rauc.conf)
+
+ifdef PTXCONF_INITMETHOD_SYSTEMD
+ @$(call install_alternative, rauc, 0, 0, 0644, \
+ /lib/systemd/system/rauc.service)
+
+ @$(call install_alternative, rauc, 0, 0, 0644, \
+ /lib/systemd/system/rauc-mark-good.service)
+ @$(call install_link, rauc, ../rauc-mark-good.service, \
+ /lib/systemd/system/multi-user.target.wants/rauc-mark-good.service)
+endif
+
+ @$(call install_finish, rauc)
+
+ @$(call touch)
+
+# vim: syntax=make
--
2.11.0
_______________________________________________
ptxdist mailing list
ptxdist@pengutronix.de
next prev parent reply other threads:[~2017-03-20 11:36 UTC|newest]
Thread overview: 6+ messages / expand[flat|nested] mbox.gz Atom feed top
2017-03-20 11:36 [ptxdist] [PATCHv2 0/3] Add basic support for the RAUC update tool Enrico Jorns
2017-03-20 11:36 ` Enrico Jorns [this message]
2017-03-20 11:36 ` [ptxdist] [PATCH 2/3] image-rauc: new package Enrico Jorns
2017-03-20 11:36 ` [ptxdist] [PATCH 3/3] scripts: add script that generates test certificates for RAUC Enrico Jorns
2017-03-24 14:34 ` [ptxdist] [PATCHv2 0/3] Add basic support for the RAUC update tool Michael Olbrich
2017-03-24 19:00 ` Alexander Dahl
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20170320113627.25060-2-ejo@pengutronix.de \
--to=ejo@pengutronix.de \
--cc=jlu@pengutronix.de \
--cc=ptxdist@pengutronix.de \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox