From patchwork Fri Feb 22 21:22:16 2019 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: James Hilliard X-Patchwork-Id: 1047132 Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@bilbo.ozlabs.org Authentication-Results: ozlabs.org; spf=pass (mailfrom) smtp.mailfrom=googlegroups.com (client-ip=2607:f8b0:4864:20::a3a; helo=mail-vk1-xa3a.google.com; envelope-from=swupdate+bncbcl4hcw73qcbbegqyhrqkgqeuagqd5y@googlegroups.com; receiver=) Authentication-Results: ozlabs.org; dmarc=pass (p=none dis=none) header.from=gmail.com Authentication-Results: ozlabs.org; dkim=pass (2048-bit key; unprotected) header.d=googlegroups.com header.i=@googlegroups.com header.b="ohp0rsf/"; dkim=pass (2048-bit key; unprotected) header.d=gmail.com header.i=@gmail.com header.b="SFfycVBD"; dkim-atps=neutral Received: from mail-vk1-xa3a.google.com (mail-vk1-xa3a.google.com [IPv6:2607:f8b0:4864:20::a3a]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ozlabs.org (Postfix) with ESMTPS id 445knb2lRXz9s9L for ; Sat, 23 Feb 2019 08:22:26 +1100 (AEDT) Received: by mail-vk1-xa3a.google.com with SMTP id 5sf1639615vkg.20 for ; Fri, 22 Feb 2019 13:22:26 -0800 (PST) ARC-Seal: i=2; a=rsa-sha256; t=1550870544; cv=pass; d=google.com; s=arc-20160816; b=XnRi16xZqLcIvq5N16nMDF8Fg1HOdx9IxXSJVEa8Qeyvyvt18zKMkCoxR96T85/mpn 0HO3az/n14jmdFl5FoQG3+j39dBQG8+OnvtjTneKhosHeZMBVzUOjKdPOn1aemW8qyT/ 8z7iFLMLxFWzg1aQY6A2yFDF2HI68SoOPbPOCFdhFJDQeZ8F+AF2Ku/YldGc463u4/D7 KGpqI8aLzqrcQuEbgHoEisunOMTRn5Iio+TrGTlUWD07obMAz2PpHr4HPecn5InukpcE ATM8sSNY+XxDTGZsQanVZtWrh5l6gGVFBHp/RMiwyxaOMsK3tt+uhCC/TlVy/pYxRx6R RgSw== ARC-Message-Signature: i=2; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-unsubscribe:list-subscribe:list-archive:list-help:list-post :list-id:mailing-list:precedence:message-id:date:subject:cc:to:from :mime-version:sender:dkim-signature:dkim-signature; bh=SRP8W6pcbwVrW/87SHfOlcYdSrjC/VJA0btfNfPJ3oc=; b=ODzxHHb0ccWQQ8I1to8clPU2Sq14R2dp5Pj19lfvbUIgtKgIP8feorDb+/qvhN2UWF 61P7IsdsIi2a3IRx4x0BEA+dSsyXxO6BJpQ2Ln1jEWNnu+maXsdm0mRwVT0/9MKjVvi4 wHF2etTYY7/MAIwm8SxCgyKOPeor8PB4EnYEK4Zmj/APLuUdhprwP3Gf9U71fzfRC7/9 0JDSd4+lv8oSW6nkTlc7wp014yGSocbdtfaa+KBJqWB0D29tG6nN2VVCVDpPPDZ9lpxo xbv/pUwMoU6/KtkEtJyPfN5IFQL9c6GqipqOQ2kK8FPVMIuc4y+H8ag635jYO71tjQMa y5jQ== ARC-Authentication-Results: i=2; gmr-mx.google.com; dkim=pass header.i=@gmail.com header.s=20161025 header.b=U3ONq7w8; spf=pass (google.com: domain of james.hilliard1@gmail.com designates 2607:f8b0:4864:20::d42 as permitted sender) smtp.mailfrom=james.hilliard1@gmail.com; dmarc=pass (p=NONE sp=QUARANTINE dis=NONE) header.from=gmail.com DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=googlegroups.com; s=20161025; h=sender:mime-version:from:to:cc:subject:date:message-id :x-original-sender:x-original-authentication-results:precedence :mailing-list:list-id:list-post:list-help:list-archive :list-subscribe:list-unsubscribe; bh=SRP8W6pcbwVrW/87SHfOlcYdSrjC/VJA0btfNfPJ3oc=; b=ohp0rsf/k5ViTnwck8nFj2pmn/8+mVXrJeV/z6l1u73E9mE7dRR67RFl4YLwrBQolF ru4uellu7beHRtwvD7vJcpyx7W+WVpk7eYJU6jMywoD2icnuzpfRgt3e8/5RMjGYGuxG nHuGPZatGrYPtfJZN8U8y5EW5/qSJiPduHgKRY+L/f30qloeWx5NZ0xyO7izTfbDXwD1 OZG6UPIiUL0KOnTZdGdqwsKCXig94WExuDE1ACaeMgRtRcbgxHHHTaoAgfCGRV5MEOZE xHYrW8zUzcq7Ng3pbcKmtFTrrMEZpXUnpwCSh0KSAQ2hF16DIn9P0/IlqEYlnsW7jsNW VZfQ== DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:from:to:cc:subject:date:message-id:x-original-sender :x-original-authentication-results:precedence:mailing-list:list-id :list-post:list-help:list-archive:list-subscribe:list-unsubscribe; bh=SRP8W6pcbwVrW/87SHfOlcYdSrjC/VJA0btfNfPJ3oc=; b=SFfycVBDK9NzF1+Lc3UoVgolch3dr6BVInWF0zh6q2xhmRVsrqBBj9KS+82KgEjYFl 1rxVX5ckk/YLDqibAM+uVHJfdBSLjn3XbUrvypbUAWAiHO4ZThXI9wwbNbFnk8bcWBKP Ohh2KAm3cQxiP8bd3v7lo2uD+5dz4n/r5iZCY9STHMsySkLWti+5kLVdN7woS8OyTJPh r8O7yeCWZRlsBMoIg0Gu+tJa2edpYLSxf48vJZDVgvqTOraduKFREnghVx92jBhzvEdI 8jI9PzojtwSFq+y8xX0i31wnK9ZuhGyi1VvDj8vOoOMfoXXNRhhz3W4w+6MkDabFHonX 3phg== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=sender:x-gm-message-state:mime-version:from:to:cc:subject:date :message-id:x-original-sender:x-original-authentication-results :precedence:mailing-list:list-id:x-spam-checked-in-group:list-post :list-help:list-archive:list-subscribe:list-unsubscribe; bh=SRP8W6pcbwVrW/87SHfOlcYdSrjC/VJA0btfNfPJ3oc=; b=Kx5D0hIi3OzupSyBgS0apBGDwkRcHXd83k78te8kyeKGstv+Y+dGV/8uZZYzUoq3GX BDq+ZfSzmYrkhevdUOpOohbmHhSAxSmV83gbyu6X7DszwpQCH9wPyd2uzrs/Khev8GYE 5cUC21pH/YHoJoGHyCv9cJ8pdgvioT+Sdf6VC4UTXIsUbXwhFLUx1K0kibAfDq8gjxbr RV/z6xjfhQEsXa9iS6hygaN0+5o34DrcQUxBQ7wSWapYC83PW7gHnq1BlhVtRTwCwhZd z2LwKGbG13AD69q0M9DwT+WKKcNSX1RSYarxG/0NaytoQOqyTaIrtwLz701KeFa2WLH4 19dw== Sender: swupdate@googlegroups.com X-Gm-Message-State: AHQUAuaiXciUaV2tZEm6EhC88goCpL7lIpcIOdef3e1YKCuNUfzTeBto Z29aUIXUZ6HzRspLeFQ5FOU= X-Google-Smtp-Source: AHgI3IbUm4M/KfXn8iBbpzap0WuwfNjZ/PcDQ7G4nTBgyW0xu10NyYBh9ff8wa72a9X1kAu7gVy4sw== X-Received: by 2002:a67:7688:: with SMTP id r130mr13223vsc.4.1550870544339; Fri, 22 Feb 2019 13:22:24 -0800 (PST) MIME-Version: 1.0 X-BeenThere: swupdate@googlegroups.com Received: by 2002:ab0:204:: with SMTP id 4ls1757523uas.1.gmail; Fri, 22 Feb 2019 13:22:23 -0800 (PST) X-Received: by 2002:ab0:22ce:: with SMTP id z14mr357228uam.20.1550870543945; Fri, 22 Feb 2019 13:22:23 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1550870543; cv=none; d=google.com; s=arc-20160816; b=x4yrB/JA8jgGO6Cs8DugxZzUd12IHD47hySeXoDbBoZ/YEWqAQBCCSPeHgu6VujZVK 7IxKHhJSwie6Xhhlklbx/h45qJUXTZgo2myE8eopU+NvjPmTN5kLLMcxf9XTqceGMPet V9AAUpHpYFGest/9OzuZewY28Up22fVuTMmql0OI2Q+qgYx88BN7+M7tuOdgt/Ce7kem CC+VMBDRQJDL9F5VHFdxK49NtCS+NG3iOmMEU19WIm4vE3jk85nDPjUKpmKHNEdRSQC6 qAu0L1S/sWHc0bWGrqOWqz5nOcZYVf8sJ//emkS/svpdAqytjWA/j/WblVfxE2O5748B nj5Q== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=message-id:date:subject:cc:to:from:dkim-signature; bh=zyrjkKBznt4xAmGfhR4EJnE+YHaskIIM8hrV20Yab64=; b=RSDNnB3tL1nok034BSkCvJ0dxcfiPY+E93gIU0RP3u8wHzHcd5hJaYo/oohiO7Ju8w RpbT+M5HiubEUm532tW/MSCGja5vx3eqLcPVYrSWIuppAWy+2eovnFDlFRMeViOPnn15 AQFS5EfUFdLJ3uP5k74KtkjQXFNAO+22FPV6Gix0kVKQUL/t4BTp9F+3DsYBYEWYZu/B zAePULJ2l7khmLUPCUsz9H6ME2DkyIJAZ6RXjBhmc1N9Sc8yUM2WeTRbK3rux9czIbTk dhx5wqYTHwQZC9W9wv7fg9FFMWwVEiivHwUvjFowFVLh5v6KqLL4tz9ympJwaphukSEZ 21sw== ARC-Authentication-Results: i=1; gmr-mx.google.com; dkim=pass header.i=@gmail.com header.s=20161025 header.b=U3ONq7w8; spf=pass (google.com: domain of james.hilliard1@gmail.com designates 2607:f8b0:4864:20::d42 as permitted sender) smtp.mailfrom=james.hilliard1@gmail.com; dmarc=pass (p=NONE sp=QUARANTINE dis=NONE) header.from=gmail.com Received: from mail-io1-xd42.google.com (mail-io1-xd42.google.com. [2607:f8b0:4864:20::d42]) by gmr-mx.google.com with ESMTPS id v187si89784vkd.5.2019.02.22.13.22.23 for (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Fri, 22 Feb 2019 13:22:23 -0800 (PST) Received-SPF: pass (google.com: domain of james.hilliard1@gmail.com designates 2607:f8b0:4864:20::d42 as permitted sender) client-ip=2607:f8b0:4864:20::d42; Received: by mail-io1-xd42.google.com with SMTP id x9so2895321iog.12 for ; Fri, 22 Feb 2019 13:22:23 -0800 (PST) X-Received: by 2002:a5e:c30a:: with SMTP id a10mr3734751iok.193.1550870543181; Fri, 22 Feb 2019 13:22:23 -0800 (PST) Received: from dragon.Home (75-166-122-9.hlrn.qwest.net. [75.166.122.9]) by smtp.gmail.com with ESMTPSA id b92sm1224635itd.39.2019.02.22.13.22.22 (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Fri, 22 Feb 2019 13:22:22 -0800 (PST) From: james.hilliard1@gmail.com To: swupdate@googlegroups.com Cc: James Hilliard Subject: [swupdate] [PATCH v2 1/1] no-reinstalling feature Date: Sat, 23 Feb 2019 05:22:16 +0800 Message-Id: <20190222212216.1850-1-james.hilliard1@gmail.com> X-Mailer: git-send-email 2.17.1 X-Original-Sender: james.hilliard1@gmail.com X-Original-Authentication-Results: gmr-mx.google.com; dkim=pass header.i=@gmail.com header.s=20161025 header.b=U3ONq7w8; spf=pass (google.com: domain of james.hilliard1@gmail.com designates 2607:f8b0:4864:20::d42 as permitted sender) smtp.mailfrom=james.hilliard1@gmail.com; dmarc=pass (p=NONE sp=QUARANTINE dis=NONE) header.from=gmail.com Precedence: list Mailing-list: list swupdate@googlegroups.com; contact swupdate+owners@googlegroups.com List-ID: X-Spam-Checked-In-Group: swupdate@googlegroups.com X-Google-Group-Id: 605343134186 List-Post: , List-Help: , List-Archive: , List-Unsubscribe: , From: James Hilliard Some projects require a way to prevent reinstallation of the current firmware version to prevent repeated updates. For such cases, a new command line parameter is introduced (-R ) to inform SWUpdate about the current version. SWUpdate performs a simple string comparision to determine if the current version is the same as the installed version. We do this so that no-reinstalling can be used with any versioning format. We also ensure that the no-downgrading feature doesn't prevent installation of the existing firmware, it's expected that the no-downgrading feature is used to enforce a minimum firmware version as opposed to preventing reinstallation of the existing firmware version, there may be cases where the minimum version is not the same as the current version, for example a device may have multiple firmware versions to choose from with the minimum required version being lower than the current version. For this reason we enforce the no-downgrading requirement separately from no-reinstalling. Signed-off-by: James Hilliard --- core/parser.c | 17 +++++++++++++++-- core/swupdate.c | 17 ++++++++++++++--- doc/source/swupdate.rst | 7 ++++++- include/swupdate.h | 2 ++ 4 files changed, 37 insertions(+), 6 deletions(-) diff --git a/core/parser.c b/core/parser.c index 65dc8d1..313201f 100644 --- a/core/parser.c +++ b/core/parser.c @@ -257,11 +257,24 @@ int parse(struct swupdate_cfg *sw, const char *descfile) * newer version */ if (sw->globals.no_downgrading) { - __u64 currentversion = version_to_number(sw->globals.current_version); + __u64 minimum_version = version_to_number(sw->globals.minimum_version); __u64 newversion = version_to_number(sw->version); - if (newversion <= currentversion) { + if (newversion < minimum_version) { ERROR("No downgrading allowed: new version %s <= installed %s", + sw->version, sw->globals.minimum_version); + return -EPERM; + } + } + + /* + * If reinstalling is not allowed, compare + * version strings + */ + if (sw->globals.no_reinstalling) { + + if (strcmp(sw->version, sw->globals.current_version) == 0) { + ERROR("No reinstalling allowed: new version %s == installed %s", sw->version, sw->globals.current_version); return -EPERM; } diff --git a/core/swupdate.c b/core/swupdate.c index 4f3d9d6..476358b 100644 --- a/core/swupdate.c +++ b/core/swupdate.c @@ -79,6 +79,7 @@ static struct option long_options[] = { {"output", required_argument, NULL, 'o'}, {"dry-run", no_argument, NULL, 'n'}, {"no-downgrading", required_argument, NULL, 'N'}, + {"no-reinstalling", required_argument, NULL, 'R'}, #ifdef CONFIG_SIGNED_IMAGES {"key", required_argument, NULL, 'k'}, {"ca-path", required_argument, NULL, 'k'}, @@ -140,6 +141,7 @@ static void usage(char *programname) #endif " -n, --dry-run : run SWUpdate without installing the software\n" " -N, --no-downgrading : not install a release older as \n" + " -R, --no-reinstalling : not install a release same as \n" " -o, --output : saves the incoming stream\n" " -v, --verbose : be verbose, set maximum loglevel\n" " --version : print SWUpdate version and exit\n" @@ -503,9 +505,13 @@ static int read_globals_settings(void *elem, void *data) get_field(LIBCFG_PARSER, elem, "loglevel", &sw->globals.loglevel); get_field(LIBCFG_PARSER, elem, "syslog", &sw->globals.syslog_enabled); GET_FIELD_STRING(LIBCFG_PARSER, elem, - "no-downgrading", sw->globals.current_version); - if (strlen(sw->globals.current_version)) + "no-downgrading", sw->globals.minimum_version); + if (strlen(sw->globals.minimum_version)) sw->globals.no_downgrading = 1; + GET_FIELD_STRING(LIBCFG_PARSER, elem, + "no-reinstalling", sw->globals.current_version); + if (strlen(sw->globals.current_version)) + sw->globals.no_reinstalling = 1; GET_FIELD_STRING(LIBCFG_PARSER, elem, "cert-purpose", tmp); if (tmp[0] != '\0') @@ -598,7 +604,7 @@ int main(int argc, char **argv) #endif memset(main_options, 0, sizeof(main_options)); memset(image_url, 0, sizeof(image_url)); - strcpy(main_options, "vhni:e:l:Lcf:p:o:N:"); + strcpy(main_options, "vhni:e:l:Lcf:p:o:N:R:"); #ifdef CONFIG_MTD strcat(main_options, "b:"); #endif @@ -741,6 +747,11 @@ int main(int argc, char **argv) #endif case 'N': swcfg.globals.no_downgrading = 1; + strncpy(swcfg.globals.minimum_version, optarg, + sizeof(swcfg.globals.minimum_version)); + break; + case 'R': + swcfg.globals.no_reinstalling = 1; strncpy(swcfg.globals.current_version, optarg, sizeof(swcfg.globals.current_version)); break; diff --git a/doc/source/swupdate.rst b/doc/source/swupdate.rst index 9e36924..8d664b7 100644 --- a/doc/source/swupdate.rst +++ b/doc/source/swupdate.rst @@ -501,7 +501,7 @@ Command line parameters +-------------+----------+--------------------------------------------+ | -n | - | run SWUpdate in dry-run mode. | +-------------+----------+--------------------------------------------+ -| -N | string | passed the current installed version of | +| -N | string | passed the minimum required version of | | | | software. This will be checked with the | | | | version of new software and forbids | | | | downgrading. | @@ -509,6 +509,11 @@ Command line parameters | | | major.minor.rev.build | | | | each field is in the range 0..65535 | +-------------+----------+--------------------------------------------+ +| -R | string | passed the current installed version of | +| | | software. This will be checked with the | +| | | version of new software and forbids | +| | | reinstalling. | ++-------------+----------+--------------------------------------------+ | -o | string | saves the stream (SWU) on a file | +-------------+----------+--------------------------------------------+ | -v | - | activate verbose output | diff --git a/include/swupdate.h b/include/swupdate.h index b54b904..69f2a7f 100644 --- a/include/swupdate.h +++ b/include/swupdate.h @@ -111,9 +111,11 @@ struct swupdate_global_cfg { int syslog_enabled; int dry_run; int no_downgrading; + int no_reinstalling; char publickeyfname[SWUPDATE_GENERAL_STRING_SIZE]; char aeskeyfname[SWUPDATE_GENERAL_STRING_SIZE]; char postupdatecmd[SWUPDATE_GENERAL_STRING_SIZE]; + char minimum_version[SWUPDATE_GENERAL_STRING_SIZE]; char current_version[SWUPDATE_GENERAL_STRING_SIZE]; int cert_purpose; char forced_signer_name[SWUPDATE_GENERAL_STRING_SIZE];