update-kernel.in 8.62 KB
Newer Older
1
2
3
4
5
6
7
8
#!/bin/sh -e

# update-kernel
#
# Kernel and firmware update script for Alpine installations set up
# with setup-bootable
#
# Copyright (c) 2014 Timo Teräs
9
# Copyright (c) 2014-2021 Kaarle Ritvanen
10

11
12
PREFIX=
. $PREFIX/lib/libalpine.sh
13
14
15
16

SCRIPT=update-kernel
VIRTUAL=.tmp-$SCRIPT

17
18
SUPERUSER=
[ $(id -u) -eq 0 ] && SUPERUSER=Y
19
20
21
if [ -z "$SUPERUSER" ] && [ -z "$FAKEROOTKEY" ]; then
	exec fakeroot "$0" "$@"
fi
22

23
ARCH=
24
BUILDDIR=
25
FLAVOR=
26
MEDIA=
27
MNTDIR=
28
PACKAGES=
29
30
MKINITFS_ARGS=
REPOSITORIES_FILE=/etc/apk/repositories
31
KEYS_DIR=/etc/apk/keys
32
SIGNALS="HUP INT TERM"
33
tmpdir=
34
features=
35
modloopfw=
36

Kaarle Ritvanen's avatar
Kaarle Ritvanen committed
37
error() {
38
	echo "$SCRIPT: $1" >&2
Kaarle Ritvanen's avatar
Kaarle Ritvanen committed
39
40
41
}

usage() {
42
43
44
	[ "$2" ] && error "$2"
	local opts="[-F <feature>]... [-p <package>]..."
	local dest_args="[-a <arch>] <dest_dir>"
45
	cat >&2 <<-__EOF__
Kaarle Ritvanen's avatar
Kaarle Ritvanen committed
46

47
48
49
		Syntax: $SCRIPT $opts [$dest_args]
		        $SCRIPT -f <flavor> $opts $dest_args
		        $SCRIPT -b <build_dir> $opts [$dest_args]
Kaarle Ritvanen's avatar
Kaarle Ritvanen committed
50

51
		Options: -a|--arch <arch>          Install kernel for specified architecture
52
		         -b|--build-dir <dir>      Install custom-built kernel
53
54
55
56
57
58
59
60
61
62
		         -e|--modloopfw <firmware> Install extra firmware in modloop
		         -f|--flavor <flavor>      Install kernel of specified flavor
		         -F|--feature <feature>    Enable initfs feature
		         -p|--package <package>    Additional module or firmware package
		         -s|--modloopsign          Sign modloop with abuild key
		         -v|--verbose              Verbose output
		         -k|--apk-pubkey <key>     Include given key in initramfs
		         -K|--hostkeys             Include host keys in initramfs
		         -C|--compression          Initramfs compression (see mkinitfs for options)
		         -M|--media                Boot media directory layout
63
		         -d|--keys-dir             Override directory of trusted keys for apk
64
		         --repositories-file <f>   apk repositories file
Kaarle Ritvanen's avatar
Kaarle Ritvanen committed
65

66
67
68
		On low-memory systems, you may want to point the TMPDIR environment variable to
		a storage-backed directory.

69
	__EOF__
70
	exit $1
Kaarle Ritvanen's avatar
Kaarle Ritvanen committed
71
72
}

73
QUIET_OPT="--quiet"
74
75
OPTS=$(getopt -l arch:,build-dir:,flavor:,feature:,modloopfw:,help,package:,modloopsign,verbose,apk-pubkey:,hostkeys,compression:,media,repositories-file:,keys-dir: \
	-n $SCRIPT -o a:b:f:F:hp:svk:KC:Md: -- "$@") || usage 1
76

77
78
eval set -- "$OPTS"
while :; do
79
	case "$1" in
80
	-a|--arch)
81
82
83
		shift
		ARCH=$1
		;;
84
	-b|--build-dir)
85
86
87
		shift
		BUILDDIR=$1
		;;
88
	-f|--flavor)
89
90
91
		shift
		FLAVOR=$1
		;;
92
	-F|--feature)
93
94
95
		shift
		features="$features $1"
		;;
96
97
98
99
	-e|--modloopfw)
		shift
		modloopfw="$modloopfw $1"
		;;
Kaarle Ritvanen's avatar
Kaarle Ritvanen committed
100
	-h|--help)
101
102
103
		echo "$SCRIPT @VERSION@" >&2
		usage 0
		;;
104
	-p|--package)
105
106
107
		shift
		PACKAGES="$PACKAGES $1"
		;;
108
109
110
	-s|--modloopsign)
		MODLOOPSIGN=1
		;;
111
	-v|--verbose)
112
113
		QUIET_OPT=
		;;
114
115
116
117
	-k|--apk-pubkey)
		shift
		APK_PUBKEY="$1"
		;;
118
	-K|--hostkeys)
119
120
		MKINITFS_ARGS="$MKINITFS_ARGS -K"
		;;
121
122
123
124
	-C|--compression)
		shift
		MKINITFS_ARGS="$MKINITFS_ARGS -C $1"
		;;
125
126
127
	-M|--media)
		MEDIA=yes
		;;
128
129
130
	-d|--keys-dir)
		KEYS_DIR="$1"
		;;
131
132
133
134
	--repositories-file)
		shift
		REPOSITORIES_FILE=$1
		;;
135
	--)
136
137
138
139
		break
		;;
	esac
	shift
140
141
142
143
144
done

DESTDIR=$2


145
[ "$BUILDDIR" -a "$FLAVOR" ] && \
146
	usage 1 "Cannot specify both build directory and flavor"
147

148
if [ -z "$DESTDIR" ]; then
149
150
151
152
153
154
155
156
157
158
159
160
	[ "$ARCH" ] && \
		usage 1 "Cannot specify architecture when updating the current kernel"

	[ "$FLAVOR" ] && \
		usage 1 "Cannot specify flavor when updating the current kernel"

	[ "$SUPERUSER" ] || \
		usage 1 "Specify destination directory or run as superuser"

	while read MOUNT; do
		set -- $MOUNT
		[ $2 = /.modloop ] || continue
161
		DESTDIR=$(dirname $(busybox losetup $1 | cut -d " " -f 3))
162
163
164
165
166
167
168
169
		MNTDIR=$(dirname "$DESTDIR")
		break
	done < /proc/mounts

	if [ -z "$MNTDIR" ]; then
		error "Module loopback device not mounted"
		exit 1
	fi
170
171
172
fi

remount() {
173
	mount $1 -o remount "$MNTDIR"
174
175
176
177
}


ignore_sigs() {
178
	trap "" $SIGNALS
179
180
181
}

clean_up() {
182
183
	set +e
	ignore_sigs
184

185
186
187
	if [ "$SUPERUSER" ] && [ -z "$FAKEROOTKEY" ]; then
		apk del $QUIET_OPT $VIRTUAL
	fi
188
	rm -fr $tmpdir
189
190
}

191
192
193
194
195
196
197
198
199
200
201
sign_modloop() {
	local in="$1"
	local abuild_conf=${ABUILD_CONF:-"/etc/abuild.conf"}
	local abuild_home=${ABUILD_USERDIR:-"$HOME/.abuild"}
	local abuild_userconf=${ABUILD_USERCONF:-"$abuild_home/abuild.conf"}
	[ -f "$abuild_userconf" ] && . "$abuild_userconf"
	local privkey="$PACKAGER_PRIVKEY"
	local pubkey=${PACKAGER_PUBKEY:-"${privkey}.pub"}
	MODLOOPSIG=${in##*/}.SIGN.RSA.${pubkey##*/}
	echo "Signing: $in"
	openssl dgst -sha1 -sign "$privkey" \
202
		-out "$tmpdir/$MODLOOPSIG" \
203
204
205
		"$in"
}

206
207
208
trap clean_up EXIT $SIGNALS


209
if [ "$SUPERUSER" ] && [ -z "$FAKEROOTKEY" ]; then
210
	apk add $QUIET_OPT --update-cache -t $VIRTUAL mkinitfs squashfs-tools kmod
211
fi
212

213
if [ -z "$features" ]; then
214
	. /etc/mkinitfs/mkinitfs.conf
215
fi
216

217
if [ -z "$FLAVOR" ]; then
218
219
	FLAVOR=$(uname -r | cut -d - -f 3-)
	[ "$FLAVOR" ] || FLAVOR=vanilla
220
221
fi

222
223
[ "$ARCH" ] || ARCH=$(apk --print-arch)

224
tmpdir=$(mktemp -dt $SCRIPT.XXXXXX)
225
ROOT=$tmpdir/root
226
BOOT=$ROOT/boot
227

228
_apk() {
229
230
231
	local cmd=$1
	shift

232
	apk $cmd $QUIET_OPT -p $ROOT --arch "$ARCH" \
233
		--keys-dir $KEYS_DIR \
234
		--repositories-file "$REPOSITORIES_FILE" $*
235
236
}

237
extra_pkgs() {
238
239
240
241
	local res=$(_apk search -x $1)
	if [ "$res" ]; then
		echo $*
	fi
242
243
}

244
# set up the root and get the APKINDEX for search
245
_apk add --initdb --update-cache
246

247
if [ "$BUILDDIR" ]; then
248
249
	case "$ARCH" in
		arm*|aarch64*)	_install="zinstall dtbs_install" ;;
Drew DeVault's avatar
Drew DeVault committed
250
		riscv64)	_install="zinstall dtbs_install" ;;
251
252
253
254
255
256
257
258
		*)		_install="install" ;;
	esac

	mkdir -p $BOOT
	make -C "$BUILDDIR" $_install firmware_install modules_install \
		INSTALL_MOD_PATH=$ROOT \
		INSTALL_PATH=$BOOT \
		INSTALL_DTBS_PATH='$ROOT/usr/lib/linux-$(KERNELRELEASE)'
259
else
260
261
262
263
264
	if [ -z "$PACKAGES" ]; then
		PACKAGES="$(extra_pkgs "dahdi-linux-$FLAVOR" dahdi-linux)
			$(extra_pkgs "xtables-addons-$FLAVOR")"
	fi
	PACKAGES="$PACKAGES linux-$FLAVOR linux-firmware"
265
fi
266
_apk add --no-scripts alpine-base $PACKAGES
267

268
269
270
271
if [ -n "$APK_PUBKEY" ]; then
	mkdir -p "$ROOT"/etc/apk/keys
	cp "$APK_PUBKEY" "$ROOT"/etc/apk/keys/
fi
272

273
274
KVER_FLAVOR=
[ "$FLAVOR" = vanilla ] || KVER_FLAVOR=-$FLAVOR
275
KVER=$(basename $(ls -d $ROOT/lib/modules/*"$KVER_FLAVOR"))
Natanael Copa's avatar
Natanael Copa committed
276
DTBDIR=$ROOT/boot/dtbs-$FLAVOR
277
[ -d "$DTBDIR" ] || DTBDIR=$ROOT/usr/lib/linux-$KVER
278
[ -d "$DTBDIR" ] || DTBDIR=$ROOT/boot
279
depmod -b $ROOT "$KVER"
280
281


282
283
STAGING=$tmpdir/boot
MODLOOP=$tmpdir/modloop
284
MODIMG=modloop-$FLAVOR
285

286
mkdir $MODLOOP $STAGING
287
cp -a $ROOT/lib/modules $MODLOOP
288
mkdir -p $MODLOOP/modules/firmware
289
find $ROOT/lib/modules -type f -name "*.ko*" | xargs modinfo -F firmware | sort -u | while read FW; do
Timo Teräs's avatar
Timo Teräs committed
290
291
	if [ -e "$ROOT/lib/firmware/$FW" ]; then
		install -pD $ROOT/lib/firmware/$FW $MODLOOP/modules/firmware/$FW
292
293
294
295
		# copy also all potentially associated files
		for _file in "$ROOT"/lib/firmware/"${FW%.*}".*; do
			install -pD "$_file" "$MODLOOP/modules/firmware/${_file#*/lib/firmware/}"
		done
Timo Teräs's avatar
Timo Teräs committed
296
	fi
297
done
298

299
# install extra firmware files in modloop (i.e. not detected by modinfo)
300
301
302
303
304
305
306
307
308
309
if [ -n "$modloopfw" ]; then
	for _xfw in "$modloopfw"; do
		if [ -f "$ROOT/lib/firmware/$_xfw" ]; then
			install -pD "$ROOT/lib/firmware/$_xfw" \
				"$MODLOOP"/modules/firmware/"$_xfw"
		elif [ -n "$_xfw" ]; then
			echo "Warning: extra firmware \"$_xfw\" not found!"
		fi
	done
fi
310

311
# wireless regulatory db
312
if [ -e "$ROOT"/lib/modules/*/kernel/net/wireless/cfg80211.ko* ]; then
313
314
315
316
317
	for _regdb in "$ROOT"/lib/firmware/regulatory.db*; do
		[ -e "$_regdb" ] && install -pD "$_regdb" "$MODLOOP"/modules/firmware/"${_regdb##*/}"
	done
fi

318
# include bluetooth firmware in modloop
319
if [ -e "$ROOT"/lib/modules/*/kernel/drivers/bluetooth/btbcm.ko* ]; then
320
321
322
323
324
325
	for _btfw in "$ROOT"/lib/firmware/brcm/*.hcd; do
		install -pD "$_btfw" \
			"$MODLOOP"/modules/firmware/brcm/"${_btfw##*/}"
	done
fi

326
327
328
329
330
331
case $ARCH in
	armhf) mksfs="-Xbcj arm" ;;
	armv7|aarch64) mksfs="-Xbcj arm,armthumb" ;;
	x86|x86_64) mksfs="-Xbcj x86" ;;
	*) mksfs=
esac
332
mksquashfs $MODLOOP "$STAGING/$MODIMG" -comp xz -exit-on-error $mksfs
333

334
335
if [ -n "$MODLOOPSIGN" ]; then
	sign_modloop "$STAGING/$MODIMG"
336
	MKINITFS_ARGS="$MKINITFS_ARGS -s $tmpdir/$MODLOOPSIG"
337
338
fi

339
mkinitfs $MKINITFS_ARGS -q -b $ROOT -F "$features base squashfs" \
340
	-o "$STAGING/initramfs-$FLAVOR" "$KVER"
341
342

for file in System.map config vmlinuz; do
343
344
345
346
347
	if [ -f "$BOOT/$file-$FLAVOR" ]; then
		cp "$BOOT/$file-$FLAVOR" $STAGING
	else
		cp "$BOOT/$file" $STAGING
	fi
348
done
349

350
if [ "$MNTDIR" ]; then
351
352
353
	ignore_sigs
	umount /.modloop
	remount -w
354
fi
355

356
357
mkdir -p "$DESTDIR"/${MEDIA:+boot/}
mv $STAGING/* "$DESTDIR"/${MEDIA:+boot/}
358

359
if [ -d "$DTBDIR" ]; then
360
	_opwd=$PWD
361
362
	case "$MEDIA,$FLAVOR" in
	yes,rpi*) _dtb="$DESTDIR/" ;;
Natanael Copa's avatar
Natanael Copa committed
363
364
	yes,*)    _dtb="$DESTDIR/boot/dtbs-$FLAVOR" ;;
	*,*)      _dtb="$DESTDIR/dtbs/dtbs-$FLAVOR" ;;
365
366
367
368
369
370
	esac
	mkdir -p "$_dtb"
	_dtb=$(realpath "$_dtb")
	cd "$DTBDIR"
	find -type f \( -name "*.dtb" -o -name "*.dtbo" \) | cpio -pudm "$_dtb" 2> /dev/null
	cd "$_opwd"
371
372
fi

373
if [ "$MNTDIR" ]; then
374
375
376
377
	set +e
	sync
	remount -r
	mount -o loop "$DESTDIR/$MODIMG" /.modloop
378
fi
379
380

exit 0