From 2ff7a1f248a1f10d0b923eece22ce80fee89d2f7 Mon Sep 17 00:00:00 2001 From: Milosz Wasilewski Date: Tue, 7 Nov 2023 18:07:31 +0000 Subject: [PATCH] automated: linux: OTA upgrade u-boot variable persistence This patch adds another check to OTA upgrade test. u-boot of RPMB variable is set before the upgrade. It should not be removed or altered by the upgrade process which is checked after the update. Signed-off-by: Milosz Wasilewski --- automated/linux/ota-update/download-update.sh | 25 +++++++++++++++++-- .../linux/ota-update/download-update.yaml | 4 ++- automated/linux/ota-update/verify-reboot.sh | 17 +++++++++++-- automated/linux/ota-update/verify-reboot.yaml | 4 ++- automated/linux/ota-update/verify-update.sh | 17 +++++++++++-- automated/linux/ota-update/verify-update.yaml | 4 ++- 6 files changed, 62 insertions(+), 9 deletions(-) diff --git a/automated/linux/ota-update/download-update.sh b/automated/linux/ota-update/download-update.sh index d90cf5fda..25afc813c 100755 --- a/automated/linux/ota-update/download-update.sh +++ b/automated/linux/ota-update/download-update.sh @@ -13,10 +13,12 @@ export UBOOT_VAR_TOOL UBOOT_VAR_SET_TOOL=fw_setenv export UBOOT_VAR_SET_TOOL PACMAN_TYPE="ostree+compose_apps" +U_BOOT_VARIABLE_NAME="foobar" +U_BOOT_VARIABLE_VALUE="baz" usage() { echo "\ - Usage: $0 [-t ] [-u ] [-s ] [-o ] + Usage: $0 [-t ] [-u ] [-s ] [-o ] [-V ] [-w ] -t This determines type of upgrade test performed: @@ -36,15 +38,22 @@ usage() { These change the 'type' variable in 'pacman' section of the final .toml file used by aklite. Default is ostree+compose_apps + -V u-boot variable name to be set before the OTA upgrade + It is expected that this variable will be preserved through + the update process. Default: foobar + -w u-boot variable value. This is assigned to the variable set + with -v flag. Default: baz " } -while getopts "t:u:s:o:h" opts; do +while getopts "t:u:s:o:V:w:h" opts; do case "$opts" in t) TYPE="${OPTARG}";; u) UBOOT_VAR_TOOL="${OPTARG}";; s) UBOOT_VAR_SET_TOOL="${OPTARG}";; o) PACMAN_TYPE="${OPTARG}";; + w) U_BOOT_VARIABLE_VALUE="${OPTARG}";; + V) U_BOOT_VARIABLE_NAME="${OPTARG}";; h|*) usage ; exit 1 ;; esac done @@ -90,6 +99,9 @@ touch /var/sota/ota.signal touch /var/sota/ota.result report_pass "${TYPE}-create-signal-files" +if [ "${TYPE}" = "uboot" ]; then + "${UBOOT_VAR_SET_TOOL}" "${U_BOOT_VARIABLE_NAME}" "${U_BOOT_VARIABLE_VALUE}" +fi #systemctl mask aktualizr-lite # enabling lmp-device-auto-register will fail because aklite is masked systemctl enable --now lmp-device-auto-register || error_fatal "Unable to register device" @@ -113,6 +125,10 @@ rollback_before_download=$(uboot_variable_value rollback) compare_test_value "${TYPE}_rollback_before_download" "${ref_rollback_before_download}" "${rollback_before_download}" upgrade_available_before_download=$(uboot_variable_value upgrade_available) compare_test_value "${TYPE}_upgrade_available_before_download" "${ref_upgrade_available_before_download}" "${upgrade_available_before_download}" +if [ "${TYPE}" = "uboot" ]; then + uboot_variable_before_download=$(uboot_variable_value "${U_BOOT_VARIABLE_NAME}") + compare_test_value "${TYPE}_uboot_variable_value_before_download" "${U_BOOT_VARIABLE_VALUE}" "${uboot_variable_before_download}" +fi if [ -f /usr/lib/firmware/version.txt ]; then # boot firmware is upgreadable @@ -174,6 +190,11 @@ else report_skip "${TYPE}_fiovb_is_secondary_boot_after_download" fi +if [ "${TYPE}" = "uboot" ]; then + uboot_variable_after_download=$(uboot_variable_value "${U_BOOT_VARIABLE_NAME}") + compare_test_value "${TYPE}_uboot_variable_value_after_download" "${U_BOOT_VARIABLE_VALUE}" "${uboot_variable_after_download}" +fi + UPGRADE_AVAILABLE="${upgrade_available_after_download}" if [ "${TYPE}" = "uboot" ]; then UPGRADE_AVAILABLE="${bootupgrade_available_after_download}" diff --git a/automated/linux/ota-update/download-update.yaml b/automated/linux/ota-update/download-update.yaml index 06df98d3f..51429e2f7 100644 --- a/automated/linux/ota-update/download-update.yaml +++ b/automated/linux/ota-update/download-update.yaml @@ -22,8 +22,10 @@ params: UBOOT_VAR_SET_TOOL: "fw_setenv" TYPE: "kernel" PACMAN_TYPE: "ostree+compose_apps" + UBOOT_VARIABLE_NAME: "foobar" + UBOOT_VARIABLE_VALUE: "baz" run: steps: - cd ./automated/linux/ota-update - - ./download-update.sh -t "${TYPE}" -u "${UBOOT_VAR_TOOL}" -s "${UBOOT_VAR_SET_TOOL}" -o "${PACMAN_TYPE}" + - ./download-update.sh -t "${TYPE}" -u "${UBOOT_VAR_TOOL}" -s "${UBOOT_VAR_SET_TOOL}" -o "${PACMAN_TYPE}" -V "${UBOOT_VARIABLE_NAME}" -w "${UBOOT_VARIABLE_VALUE}" - ../../utils/send-to-lava.sh ./output/result.txt diff --git a/automated/linux/ota-update/verify-reboot.sh b/automated/linux/ota-update/verify-reboot.sh index 37df363ac..c30837356 100755 --- a/automated/linux/ota-update/verify-reboot.sh +++ b/automated/linux/ota-update/verify-reboot.sh @@ -12,10 +12,12 @@ UBOOT_VAR_TOOL=fw_printenv export UBOOT_VAR_TOOL UBOOT_VAR_SET_TOOL=fw_setenv export UBOOT_VAR_SET_TOOL +U_BOOT_VARIABLE_NAME="foobar" +U_BOOT_VARIABLE_VALUE="baz" usage() { echo "\ - Usage: $0 [-u ] [-s ] [-v ] + Usage: $0 [-u ] [-s ] [-v ] [-V ] [-w ] -v Version of the target expected after reboot. @@ -30,14 +32,21 @@ usage() { On the unsecured systems it will usually be fw_setenv. On secured systems it might be fiovb_setenv + -V u-boot variable name to be set before the OTA upgrade + It is expected that this variable will be preserved through + the update process. Default: foobar + -w u-boot variable value. This is assigned to the variable set + with -v flag. Default: baz " } -while getopts "u:s:v:h" opts; do +while getopts "u:s:v:V:w:h" opts; do case "$opts" in u) UBOOT_VAR_TOOL="${OPTARG}";; s) UBOOT_VAR_SET_TOOL="${OPTARG}";; v) REF_TARGET_VERSION="${OPTARG}";; + w) U_BOOT_VARIABLE_VALUE="${OPTARG}";; + V) U_BOOT_VARIABLE_NAME="${OPTARG}";; h|*) usage ; exit 1 ;; esac done @@ -73,6 +82,10 @@ compare_test_value "bootfirmware_version_after_upgrade" "${ref_bootfirmware_vers fiovb_is_secondary_boot_after_upgrade=$(uboot_variable_value "${SECONDARY_BOOT_VAR_NAME}") compare_test_value "fiovb_is_secondary_boot_after_upgrade" "${ref_fiovb_is_secondary_boot_after_upgrade}" "${fiovb_is_secondary_boot_after_upgrade}" +if [ "${TYPE}" = "uboot" ]; then + uboot_variable_after_upgrade=$(uboot_variable_value "${U_BOOT_VARIABLE_NAME}") + compare_test_value "${TYPE}_uboot_variable_value_after_upgrade" "${U_BOOT_VARIABLE_VALUE}" "${uboot_variable_after_upgrade}" +fi . /etc/os-release # shellcheck disable=SC2154 compare_test_value "target_version_after_upgrade" "${REF_TARGET_VERSION}" "${IMAGE_VERSION}" diff --git a/automated/linux/ota-update/verify-reboot.yaml b/automated/linux/ota-update/verify-reboot.yaml index 5d627eeed..65eb09124 100644 --- a/automated/linux/ota-update/verify-reboot.yaml +++ b/automated/linux/ota-update/verify-reboot.yaml @@ -22,8 +22,10 @@ params: UBOOT_VAR_TOOL: "fw_printenv" UBOOT_VAR_SET_TOOL: "fw_setenv" TARGET_VERSION: "1" + UBOOT_VARIABLE_NAME: "foobar" + UBOOT_VARIABLE_VALUE: "baz" run: steps: - cd ./automated/linux/ota-update - - ./verify-reboot.sh -u "${UBOOT_VAR_TOOL}" -s "${UBOOT_VAR_SET_TOOL}" -v "${TARGET_VERSION}" + - ./verify-reboot.sh -u "${UBOOT_VAR_TOOL}" -s "${UBOOT_VAR_SET_TOOL}" -v "${TARGET_VERSION}" -V "${UBOOT_VARIABLE_NAME}" -w "${UBOOT_VARIABLE_VALUE}" - ../../utils/send-to-lava.sh ./output/result.txt diff --git a/automated/linux/ota-update/verify-update.sh b/automated/linux/ota-update/verify-update.sh index 77730a74e..9063d41b1 100755 --- a/automated/linux/ota-update/verify-update.sh +++ b/automated/linux/ota-update/verify-update.sh @@ -14,10 +14,12 @@ export UBOOT_VAR_TOOL UBOOT_VAR_SET_TOOL=fw_setenv export UBOOT_VAR_SET_TOOL BOOTROM_USE_SECONDARY="true" +U_BOOT_VARIABLE_NAME="foobar" +U_BOOT_VARIABLE_VALUE="baz" usage() { echo "\ - Usage: $0 [-t ] [-u ] [-s ] [-v ] + Usage: $0 [-t ] [-u ] [-s ] [-v ] [-V ] [-w ] -t Defauts to 'kernel'. It either enables or disables @@ -39,16 +41,23 @@ usage() { Defaults to 'true'. When set to 'false' the test 'fiovb_is_secondary_boot_after_rollback' will use 0 as a reference value. + -V u-boot variable name to be set before the OTA upgrade + It is expected that this variable will be preserved through + the update process. Default: foobar + -w u-boot variable value. This is assigned to the variable set + with -v flag. Default: baz " } -while getopts "t:u:s:v:b:h" opts; do +while getopts "t:u:s:v:b:V:w:h" opts; do case "$opts" in t) TYPE="${OPTARG}";; u) UBOOT_VAR_TOOL="${OPTARG}";; s) UBOOT_VAR_SET_TOOL="${OPTARG}";; v) REF_TARGET_VERSION="${OPTARG}";; b) BOOTROM_USE_SECONDARY="${OPTARG}";; + w) U_BOOT_VARIABLE_VALUE="${OPTARG}";; + V) U_BOOT_VARIABLE_NAME="${OPTARG}";; h|*) usage ; exit 1 ;; esac done @@ -103,6 +112,10 @@ compare_test_value "bootfirmware_version_after_upgrade" "${ref_bootfirmware_vers fiovb_is_secondary_boot_after_upgrade=$(uboot_variable_value "${SECONDARY_BOOT_VAR_NAME}") compare_test_value "fiovb_is_secondary_boot_after_upgrade" "${ref_fiovb_is_secondary_boot_after_upgrade}" "${fiovb_is_secondary_boot_after_upgrade}" +if [ "${TYPE}" = "uboot" ]; then + uboot_variable_after_upgrade=$(uboot_variable_value "${U_BOOT_VARIABLE_NAME}") + compare_test_value "${TYPE}_uboot_variable_value_after_upgrade" "${U_BOOT_VARIABLE_VALUE}" "${uboot_variable_after_upgrade}" +fi . /etc/os-release # shellcheck disable=SC2154 compare_test_value "target_version_after_upgrade" "${REF_TARGET_VERSION}" "${IMAGE_VERSION}" diff --git a/automated/linux/ota-update/verify-update.yaml b/automated/linux/ota-update/verify-update.yaml index 94ef3bc62..075f06bbe 100644 --- a/automated/linux/ota-update/verify-update.yaml +++ b/automated/linux/ota-update/verify-update.yaml @@ -23,8 +23,10 @@ params: TYPE: "kernel" TARGET_VERSION: "1" BOOTROM_USE_SECONDARY: "true" + UBOOT_VARIABLE_NAME: "foobar" + UBOOT_VARIABLE_VALUE: "baz" run: steps: - cd ./automated/linux/ota-update - - ./verify-update.sh -t "${TYPE}" -u "${UBOOT_VAR_TOOL}" -s "${UBOOT_VAR_SET_TOOL}" -v "${TARGET_VERSION}" -b "${BOOTROM_USE_SECONDARY}" + - ./verify-update.sh -t "${TYPE}" -u "${UBOOT_VAR_TOOL}" -s "${UBOOT_VAR_SET_TOOL}" -v "${TARGET_VERSION}" -b "${BOOTROM_USE_SECONDARY}" -V "${UBOOT_VARIABLE_NAME}" -w "${UBOOT_VARIABLE_VALUE}" - ../../utils/send-to-lava.sh ./output/result.txt