| version 1.14, 2021/10/17 23:25:14 |
version 1.47, 2021/12/02 03:48:13 |
|
|
| #!/bin/ksh |
#!/bin/ksh |
| |
# $OpenBSD$ |
| set -e |
set -e |
| |
|
| scan_dmesg() { |
# Copyright (c) 2021 Andrew Hewus Fresh <afresh1@openbsd.org> |
| # no bsort for now |
# |
| sed -n "$1" /var/run/dmesg.boot |
# Permission to use, copy, modify, and distribute this software for any |
| } |
# purpose with or without fee is hereby granted, provided that the above |
| |
# copyright notice and this permission notice appear in all copies. |
| |
# |
| |
# THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES |
| |
# WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF |
| |
# MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR |
| |
# ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES |
| |
# WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN |
| |
# ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF |
| |
# OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. |
| |
|
| installed_firmware() { |
# Fake up some things from install.sub that we don't need to actually do |
| for fw in ${PKGDIR}/$1-firmware*; do |
prefetcharea_fs_list() { |
| [ -e "$fw" ] || continue |
echo "${DESTDIR}/tmp" |
| echo ${fw##*/} |
|
| done |
|
| } |
} |
| |
|
| # tmpdir, do_as, unpriv, and unpriv2 are from install.sub |
# tmpdir, do_as, and unpriv are from install.sub |
| |
# modified to use su(1) when not in the installer. |
| |
# modified to use mktemp(1) when not in the installer. |
| |
|
| # Create a temporary directory based on the supplied directory name prefix. |
# Create a temporary directory based on the supplied directory name prefix. |
| tmpdir() { |
tmpdir() { |
| local _i=1 _dir |
local _i=1 _dir |
| |
if [[ -z $1 ]]; then |
| |
echo No tmpdir >&2 |
| |
exit 1 |
| |
fi |
| |
|
| until _dir="${1?}.$_i.$RANDOM" && mkdir -- "$_dir" 2>/dev/null; do |
if [[ -e /usr/bin/mktemp ]]; then |
| ((++_i < 10000)) || return 1 |
_dir=$( /usr/bin/mktemp -d $1 ) |
| done |
chown _sndio "$_dir" |
| |
else |
| |
until _dir="${1%-+(X)}.$_i.$RANDOM" && mkdir -- "$_dir" 2>/dev/null; do |
| |
((++_i < 10000)) || return 1 |
| |
done |
| |
fi |
| echo "$_dir" |
echo "$_dir" |
| } |
} |
| |
|
|
|
| chown "$_user" "$_file" |
chown "$_user" "$_file" |
| fi |
fi |
| |
|
| doas -u "$_user" "$@" |
if [[ -x /usr/bin/su ]]; then |
| |
/usr/bin/su -s /bin/ksh "$_user" -c "$*" |
| |
else |
| |
doas -u "$_user" "$@" |
| |
fi |
| _rc=$? |
_rc=$? |
| |
|
| while doas -u "$_user" kill -9 -1 2>/dev/null; do |
while doas -u "$_user" kill -9 -1 2>/dev/null; do |
|
|
| do_as _sndio "$@" |
do_as _sndio "$@" |
| } |
} |
| |
|
| unpriv2() { |
VNAME=${VNAME:-$(sysctl -n kern.osrelease)} |
| do_as _file "$@" |
VERSION=${VERSION:-"${VNAME%.*}${VNAME#*.}"} |
| } |
FWDIR=${FWDIR:-$VNAME} |
| |
|
| _issue= |
|
| fail() { |
|
| echo $_issue >&2 |
|
| exit 1 |
|
| } |
|
| |
|
| VNAME=$(sysctl -n kern.osrelease) |
|
| VERSION="${VNAME%.*}${VNAME#*.}" |
|
| FWDIR="$VNAME" |
|
| |
|
| # TODO: We need the firmware for the system we just installed |
# TODO: We need the firmware for the system we just installed |
| # not the one we booted from. For example: |
# not the one we booted from. For example: |
| # * booting from a snapshot bsd.rd that thinks it is the 7.0 release |
# * booting from a snapshot bsd.rd that thinks it is the 7.0 release |
|
|
| # Otherwise, the fw_update after first boot will fix it up for us. |
# Otherwise, the fw_update after first boot will fix it up for us. |
| |
|
| HTTP_FWDIR=$FWDIR |
HTTP_FWDIR=$FWDIR |
| set -- $(scan_dmesg "/^OpenBSD $VNAME\([^ ]*\).*$/s//\1/p") |
set -- sed -n "/^OpenBSD $VNAME\([^ ]*\).*$/s//\1/p" /var/run/dmesg.boot |
| [[ $1 == -!(stable) ]] && HTTP_FWDIR=snapshots |
[[ $1 == -!(stable) ]] && HTTP_FWDIR=snapshots |
| |
|
| FWURL=http://firmware.openbsd.org/firmware/${HTTP_FWDIR} |
FWURL=http://firmware.openbsd.org/firmware/${HTTP_FWDIR} |
| FWPUB_KEY=${DESTDIR}/etc/signify/openbsd-${VERSION}-fw.pub |
FWPUB_KEY=${DESTDIR}/etc/signify/openbsd-${VERSION}-fw.pub |
| PKGDIR=${DESTDIR}/var/db/pkg |
FWPATTERNS="${DESTDIR}/usr/share/misc/firmware_patterns" |
| PATTERNS="file:${0%/*}/firmware_patterns" |
|
| |
|
| fw_update() { |
# TODO: support srclocal installation of firmware somehow |
| local _tmpsrc _f _remove _r |
fw_install() { |
| local _src=$FWURL _t=Get _cfile="/tmp/SHA256" _srclocal=false |
local _src=$1 _tmpfs_list _tmpfs _tmpsrc \ |
| local _drivers=$( |
_t=Get _cfile="/tmp/SHA256" _pkgdir=${DESTDIR}/var/db/pkg \ |
| |
_f _r _remove _i _installed |
| |
local _srclocal=false _unpriv=unpriv |
| |
|
| |
local _d _drivers=$( |
| last='' |
last='' |
| ftp -D "Detecting" -Vmo- $PATTERNS | |
while read _d _m; do |
| while read d m; do |
|
| grep=grep |
grep=grep |
| [ "$last" = "$d" ] && continue |
[ "$last" = "$_d" ] && continue |
| [ "$m" ] || m="^$d[0-9][0-9]* at " |
[ "$_m" ] || _m="^$_d[0-9][0-9]* at " |
| [ "$m" = "${m#^}" ] && grep=fgrep |
[ "$_m" = "${_m#^}" ] && grep=fgrep |
| $grep -q "$m" /var/run/dmesg.boot || continue |
$grep -q "$_m" /var/run/dmesg.boot || continue |
| echo $d |
echo $_d |
| last=$d |
last=$_d |
| done |
done < $FWPATTERNS |
| ) |
) |
| |
|
| if [ -z "$_drivers" ]; then |
if [ -z "$_drivers" ]; then |
| echo "No devices found which need firmware files to be downloaded." >&2 |
echo "No devices found which need firmware files to be downloaded." |
| return |
return |
| fi |
fi |
| |
|
| if _tmpsrc=$( tmpdir "${DESTDIR}/tmp/fw_update" ); then |
! _tmpfs_list=$(prefetcharea_fs_list) && |
| ( |
echo "Cannot determine prefetch area" >&2 && return |
| >$_tmpsrc/t && |
|
| $_unpriv cat $_tmpsrc/t |
|
| ) >/dev/null 2>&1 || |
|
| rm -r $_tmpsrc |
|
| fi |
|
| |
|
| |
for _tmpfs in $_tmpfs_list; do |
| |
# Try to clean up from previous runs, assuming |
| |
# the _tmpfs selection yields the same mount |
| |
# point. |
| |
for _tmpsrc in $_tmpfs/firmware.+([0-9]).+([0-9]); do |
| |
[[ -d $_tmpsrc ]] && rm -r $_tmpsrc |
| |
done |
| |
|
| |
# Create a download directory for the firmware and |
| |
# check that the _sndio user can read files from |
| |
# it. Otherwise cleanup and skip the filesystem. |
| |
if _tmpsrc=$(tmpdir "$_tmpfs/firmware-XXXXXXXXX"); then |
| |
( |
| |
>$_tmpsrc/t && |
| |
$_unpriv cat $_tmpsrc/t |
| |
) >/dev/null 2>&1 && break || |
| |
rm -r $_tmpsrc |
| |
fi |
| |
done |
| |
|
| [[ ! -d $_tmpsrc ]] && |
[[ ! -d $_tmpsrc ]] && |
| _issue="Cannot create prefetch area" && fail |
echo "Cannot create prefetch area" >&2 && return 1 |
| |
|
| |
# Cleanup from previous runs. |
| |
rm -f $_cfile $_cfile.sig |
| |
|
| |
_t=Get/Verify |
| |
|
| ! $_unpriv ftp -D "$_t" -Vmo - "$_src/SHA256.sig" >"$_cfile.sig" && |
! $_unpriv ftp -D "$_t" -Vmo - "$_src/SHA256.sig" >"$_cfile.sig" && |
| _issue="Cannot fetch SHA256.sig" && fail |
echo "Cannot fetch SHA256.sig" >&2 && return 1 |
| |
|
| # Verify signature file with public keys. |
# Verify signature file with public keys. |
| ! unpriv -f "$_cfile" \ |
! signify -Vep $FWPUB_KEY -x "$_cfile.sig" -m "$_cfile" && |
| signify -Vep $FWPUB_KEY -x "$_cfile.sig" -m "$_cfile" && |
echo "Signature check of SHA256.sig failed" >&2 && return 1 |
| _issue="Signature check of SHA256.sig failed" && fail |
|
| |
|
| for d in $_drivers; do |
for _d in $_drivers; do |
| _f=$( sed -n "s/.*(\($d-firmware-.*\.tgz\)).*/\1/p" "$_cfile" ) |
_f=$( sed -n "s/.*(\($_d-firmware-.*\.tgz\)).*/\1/p" "$_cfile" | sed '$!d' ) |
| installed=$( installed_firmware "$d" ) |
_installed=$( |
| |
for fw in "${_pkgdir}/$_d-firmware"*; do |
| |
[ -e "$fw" ] || continue |
| |
echo ${fw##*/} |
| |
done |
| |
) |
| |
|
| for i in $installed; do |
for _i in $_installed; do |
| if [ "$_f" = "$i.tgz" ]; then |
if [ "$_f" = "$_i.tgz" ]; then |
| echo "Firmware for $d already installed ($installed)" |
echo "$_i already installed" |
| continue 2 |
continue 2 |
| fi |
fi |
| done |
done |
| |
|
| rm -f /tmp/h /tmp/fail |
rm -f /tmp/h /tmp/fail |
| |
|
| _t=Get/Verify |
|
| # Fetch firmware file and create a checksum by piping through |
# Fetch firmware file and create a checksum by piping through |
| # sha256. Create a flag file in case ftp failed. Firmware |
# sha256. Create a flag file in case ftp failed. Firmware |
| # from net is written to the prefetch area. |
# from net is written to the prefetch area. |
| ( $_unpriv ftp -D "$_t" -Vmo - "$_src/$_f" || >/tmp/fail ) | |
( $_unpriv ftp -D "$_t" -Vmo - "$_src/$_f" || >/tmp/fail ) | |
| ( $_srclocal && unpriv2 sha256 -b >/tmp/h || |
( $_srclocal && sha256 -b >/tmp/h || |
| unpriv2 -f /tmp/h sha256 -bph /tmp/h >"$_tmpsrc/$_f" ) |
sha256 -bph /tmp/h >"$_tmpsrc/$_f" ) |
| |
|
| # Handle failed transfer. |
# Handle failed transfer. |
| if [[ -f /tmp/fail ]]; then |
if [[ -f /tmp/fail ]]; then |
| rm -f "$_tmpsrc/$_f" |
rm -f "$_tmpsrc/$_f" |
| _issue="Fetching of $_f failed!" |
echo "Fetching of $_f failed!" >&2 |
| fail |
continue |
| fi |
fi |
| |
|
| # Verify firmware by comparing its checksum with SHA256. |
# Verify firmware by comparing its checksum with SHA256. |
| if fgrep -qx "SHA256 ($_f) = $(</tmp/h)" "$_cfile"; then |
if ! fgrep -qx "SHA256 ($_f) = $(</tmp/h)" "$_cfile"; then |
| #_unver=$(rmel $_f $_unver) |
|
| true |
|
| else |
|
| [[ -d "$_tmpsrc" ]] && rm -rf "$_tmpsrc" |
[[ -d "$_tmpsrc" ]] && rm -rf "$_tmpsrc" |
| _issue="Checksum test for $_f failed." |
echo "Checksum test for $_f failed." >&2 |
| fail |
continue |
| fi |
fi |
| |
|
| # TODO: Check hash for files before deleting |
# TODO: Check hash for files before deleting |
| if [ "$installed" ] && [ -e "${PKGDIR}/$installed/+CONTENTS" ]; then |
if [ "$_installed" ] && [ -e "${_pkgdir}/$_installed/+CONTENTS" ]; then |
| echo "Uninstalling $installed" |
echo "Uninstalling $_installed" |
| cwd=${PKGDIR}/$installed |
cwd=${_pkgdir}/$_installed |
| |
|
| set -A _remove -- "${cwd}/+CONTENTS" "${cwd}" |
set -A _remove -- "${cwd}/+CONTENTS" "${cwd}" |
| |
|
|
|
| *) set -A _remove -- "$cwd/$c" "${_remove[@]}" |
*) set -A _remove -- "$cwd/$c" "${_remove[@]}" |
| ;; |
;; |
| esac |
esac |
| done < "${PKGDIR}/$installed/+CONTENTS" |
done < "${_pkgdir}/$_installed/+CONTENTS" |
| |
|
| |
# We specifically rm -f here because not removing files/dirs |
| |
# is probably not worth failing over. |
| for _r in "${_remove[@]}" ; do |
for _r in "${_remove[@]}" ; do |
| if [ -d "$_r" ]; then |
if [ -d "$_r" ]; then |
| # Try hard not to actually remove recursively |
# Try hard not to actually remove recursively |
|
|
| done |
done |
| fi |
fi |
| |
|
| # TODO: Add some details about the install to +CONTENTS like pkg_add |
# TODO: Should we mark these so real fw_update can -Drepair? |
| # TODO: Or, maybe we save the firmware someplace and make pkg_add reinstall |
ftp -D "Install" -Vmo- "file:$_tmpsrc/$_f" | |
| echo "Installing $_f" |
tar -s ",^\+,${_pkgdir}/${_f%.tgz}/+," \ |
| tar -zxphf "$_tmpsrc/$_f" -C "${DESTDIR}/etc" "firmware/*" |
-s ",^firmware,${DESTDIR}/etc/firmware," \ |
| mkdir -p ${PKGDIR}/${_f%.tgz}/ |
-C / -zxphf - "+*" "firmware/*" |
| tar -zxphf "$_tmpsrc/$_f" -C "${PKGDIR}/${_f%.tgz}" "+*" |
|
| ed -s "${PKGDIR}/${_f%.tgz}/+CONTENTS" <<EOL |
ed -s "${_pkgdir}/${_f%.tgz}/+CONTENTS" <<EOL |
| /^@comment pkgpath/ -1a |
/^@comment pkgpath/ -1a |
| @option manual-installation |
@option manual-installation |
| @option firmware |
@option firmware |
|
|
| done |
done |
| } |
} |
| |
|
| fw_update |
fw_install "$FWURL" |
![[BACK]](/icons/cvsweb/back.gif){kind=icon}
Return to fw_install.sh CVS log ![[TXT]](/icons/cvsweb/text.gif){kind=icon}
![[DIR]](/icons/cvsweb/dir.gif){kind=icon}
Up to [local] / openbsd / fw_update