blob: 9c773c3f9e54f1d89db6cfeb65d2eae540bfd77b [file] [log] [blame]
#!/bin/bash
# Copyright 2021 Google LLC
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
[ -z "${gbmc_upgrade-}" ] || exit
: "${GBMC_UPGRADE_SIG=/tmp/bmc.sig}"
GBMC_UPGRADE_UNPACK_FILES=()
# shellcheck disable=SC2034
GBMC_UPGRADE_HOOKS=(gbmc_upgrade_internal)
if machine="$(source /etc/os-release && echo "$GBMC_TARGET_MACHINE")"; then
GBMC_UPGRADE_UNPACK_FILES+=("*/firmware-gbmc/$machine")
else
echo 'Failed to find GBMC machine type from /etc/os-release' >&2
fi
gbmc_upgrade_dl_unpack() {
echo "Fetching $bootfile_url" >&2
# We only support tarballs at the moment, our URLs will always denote
# this with a URI query param of `format=TAR`.
local tflags=()
if [[ "$bootfile_url" =~ [\&?]format=TAR(_GZIP)?(&|$) ]]; then
local t="${BASH_REMATCH[1]}"
[ "$t" = '_GZIP' ] && tflags+=('-z')
else
echo "Unknown upgrade unpack method: $bootfile_url" >&2
return 1
fi
# Ensure some sane output file limit
# Currently no BMC image is larger than 64M
# We want to allow 2 images and a small amount of metadata (2*64+2)M
local max_mb=$((2*64 + 2))
ulimit -f $((max_mb * 1024 * 1024 / 512)) || return
timeout=$((SECONDS + 300))
stime=5
while true; do
local st=()
curl -LSsk --max-time $((timeout - SECONDS)) "$bootfile_url" |
tar "${tflags[@]}" --wildcards -xC "$tmpdir" "${GBMC_UPGRADE_UNPACK_FILES[@]}" 2>"$tmpdir"/tarerr \
&& st=("${PIPESTATUS[@]}") || st=("${PIPESTATUS[@]}")
# Curl failures should continue
if (( st[0] == 0 )); then
# Tar failures when curl succeeds are hard errors to start over.
# shellcheck disable=SC2143
if (( st[1] != 0 )) && [[ -n $(grep -v '\(Exiting with failure status\|Not found in archive\|Cannot hard link\)' "$tmpdir"/tarerr) ]]; then
echo 'Unpacking failed' >&2
return 1
fi
# Success should continue without retry
break
fi
if (( SECONDS + stime >= timeout )); then
echo 'Timed out fetching image' >&2
return 1
fi
(shopt -s nullglob dotglob; rm -rf -- "${tmpdir:?}"/*)
sleep $stime
done
}
gbmc_upgrade_hook() {
[ -n "${bootfile_url-}" ] || return 0
local tmpdir
tmpdir="$(mktemp -d)" || return
# shellcheck disable=SC2015
gbmc_upgrade_dl_unpack && gbmc_br_run_hooks GBMC_UPGRADE_HOOKS || true
# shellcheck disable=SC2153
rm -rf -- "$tmpdir" "$GBMC_UPGRADE_SIG" "$GBMC_UPGRADE_IMG"
}
gbmc_upgrade_fetch() (
local sig
sig="$(find "$tmpdir" -name 'image-*.sig' | head -n 1)" || return
local img="${sig%.sig}"
mv "$sig" "$GBMC_UPGRADE_SIG" || return
mv "$img" "$GBMC_UPGRADE_IMG" || return
# Regular packages have a VERSION file with the image
local imgdir="${sig%/*}"
if [ -f "$imgdir/VERSION" ]; then
cat "$imgdir/VERSION" || return
return 0
fi
# Staging packages have a directory named after the version
local vdir="${imgdir##*/}"
if [[ "$vdir" =~ ([0-9]+[.]){3}[0-9]+ ]]; then
echo "$vdir"
return 0
fi
return 1
)
GBMC_BR_DHCP_HOOKS+=(gbmc_upgrade_hook)
gbmc_upgrade=1