update-kernel.in 8.43 KB
Newer Older
1 2 3 4 5 6 7 8
#!/bin/sh -e

# update-kernel
#
# Kernel and firmware update script for Alpine installations set up
# with setup-bootable
#
# Copyright (c) 2014 Timo Teräs
9
# Copyright (c) 2014-2015 Kaarle Ritvanen
10

11 12
PREFIX=
. $PREFIX/lib/libalpine.sh
13 14 15 16

SCRIPT=update-kernel
VIRTUAL=.tmp-$SCRIPT

17 18
SUPERUSER=
[ $(id -u) -eq 0 ] && SUPERUSER=Y
19 20 21
if [ -z "$SUPERUSER" ] && [ -z "$FAKEROOTKEY" ]; then
	exec fakeroot "$0" "$@"
fi
22

23
ARCH=
24
BUILDDIR=
25
FLAVOR=
26
MEDIA=
27
MNTDIR=
28
PACKAGES=
29 30
MKINITFS_ARGS=
REPOSITORIES_FILE=/etc/apk/repositories
31
KEYS_DIR=/etc/apk/keys
32 33 34
SIGNALS="HUP INT TERM"
TMPDIR=
features=
35
modloopfw=
36

Kaarle Ritvanen's avatar
Kaarle Ritvanen committed
37
error() {
38
	echo "$SCRIPT: $1" >&2
Kaarle Ritvanen's avatar
Kaarle Ritvanen committed
39 40 41
}

usage() {
42 43 44
	[ "$2" ] && error "$2"
	local opts="[-F <feature>]... [-p <package>]..."
	local dest_args="[-a <arch>] <dest_dir>"
45
	cat >&2 <<-__EOF__
Kaarle Ritvanen's avatar
Kaarle Ritvanen committed
46

47 48 49
		Syntax: $SCRIPT $opts [$dest_args]
		        $SCRIPT -f <flavor> $opts $dest_args
		        $SCRIPT -b <build_dir> $opts [$dest_args]
Kaarle Ritvanen's avatar
Kaarle Ritvanen committed
50

51
		Options: -a|--arch <arch>          Install kernel for specified architecture
52
		         -b|--build-dir <dir>      Install custom-built kernel
53 54 55 56 57 58 59 60 61 62
		         -e|--modloopfw <firmware> Install extra firmware in modloop
		         -f|--flavor <flavor>      Install kernel of specified flavor
		         -F|--feature <feature>    Enable initfs feature
		         -p|--package <package>    Additional module or firmware package
		         -s|--modloopsign          Sign modloop with abuild key
		         -v|--verbose              Verbose output
		         -k|--apk-pubkey <key>     Include given key in initramfs
		         -K|--hostkeys             Include host keys in initramfs
		         -C|--compression          Initramfs compression (see mkinitfs for options)
		         -M|--media                Boot media directory layout
63
		         -d|--keys-dir             Override directory of trusted keys for apk
64
		         --repositories-file <f>   apk repositories file
Kaarle Ritvanen's avatar
Kaarle Ritvanen committed
65

66
	__EOF__
67
	exit $1
Kaarle Ritvanen's avatar
Kaarle Ritvanen committed
68 69
}

70
QUIET_OPT="--quiet"
71 72
OPTS=$(getopt -l arch:,build-dir:,flavor:,feature:,modloopfw:,help,package:,modloopsign,verbose,apk-pubkey:,hostkeys,compression:,media,repositories-file:,keys-dir: \
	-n $SCRIPT -o a:b:f:F:hp:svk:KC:Md: -- "$@") || usage 1
73

74 75
eval set -- "$OPTS"
while :; do
76
	case "$1" in
77
	-a|--arch)
78 79 80
		shift
		ARCH=$1
		;;
81
	-b|--build-dir)
82 83 84
		shift
		BUILDDIR=$1
		;;
85
	-f|--flavor)
86 87 88
		shift
		FLAVOR=$1
		;;
89
	-F|--feature)
90 91 92
		shift
		features="$features $1"
		;;
93 94 95 96
	-e|--modloopfw)
		shift
		modloopfw="$modloopfw $1"
		;;
Kaarle Ritvanen's avatar
Kaarle Ritvanen committed
97
	-h|--help)
98 99 100
		echo "$SCRIPT @VERSION@" >&2
		usage 0
		;;
101
	-p|--package)
102 103 104
		shift
		PACKAGES="$PACKAGES $1"
		;;
105 106 107
	-s|--modloopsign)
		MODLOOPSIGN=1
		;;
108
	-v|--verbose)
109 110
		QUIET_OPT=
		;;
111 112 113 114
	-k|--apk-pubkey)
		shift
		APK_PUBKEY="$1"
		;;
115
	-K|--hostkeys)
116 117
		MKINITFS_ARGS="$MKINITFS_ARGS -K"
		;;
118 119 120 121
	-C|--compression)
		shift
		MKINITFS_ARGS="$MKINITFS_ARGS -C $1"
		;;
122 123 124
	-M|--media)
		MEDIA=yes
		;;
125 126 127
	-d|--keys-dir)
		KEYS_DIR="$1"
		;;
128 129 130 131
	--repositories-file)
		shift
		REPOSITORIES_FILE=$1
		;;
132
	--)
133 134 135 136
		break
		;;
	esac
	shift
137 138 139 140 141
done

DESTDIR=$2


142
[ "$BUILDDIR" -a "$FLAVOR" ] && \
143
	usage 1 "Cannot specify both build directory and flavor"
144

145
if [ -z "$DESTDIR" ]; then
146 147 148 149 150 151 152 153 154 155 156 157
	[ "$ARCH" ] && \
		usage 1 "Cannot specify architecture when updating the current kernel"

	[ "$FLAVOR" ] && \
		usage 1 "Cannot specify flavor when updating the current kernel"

	[ "$SUPERUSER" ] || \
		usage 1 "Specify destination directory or run as superuser"

	while read MOUNT; do
		set -- $MOUNT
		[ $2 = /.modloop ] || continue
158
		DESTDIR=$(dirname $(busybox losetup $1 | cut -d " " -f 3))
159 160 161 162 163 164 165 166
		MNTDIR=$(dirname "$DESTDIR")
		break
	done < /proc/mounts

	if [ -z "$MNTDIR" ]; then
		error "Module loopback device not mounted"
		exit 1
	fi
167 168 169
fi

remount() {
170
	mount $1 -o remount "$MNTDIR"
171 172 173 174
}


ignore_sigs() {
175
	trap "" $SIGNALS
176 177 178
}

clean_up() {
179 180
	set +e
	ignore_sigs
181

182 183 184
	if [ "$SUPERUSER" ] && [ -z "$FAKEROOTKEY" ]; then
		apk del $QUIET_OPT $VIRTUAL
	fi
185
	rm -fr $TMPDIR
186 187
}

188 189 190 191 192 193 194 195 196 197 198 199 200 201 202
sign_modloop() {
	local in="$1"
	local abuild_conf=${ABUILD_CONF:-"/etc/abuild.conf"}
	local abuild_home=${ABUILD_USERDIR:-"$HOME/.abuild"}
	local abuild_userconf=${ABUILD_USERCONF:-"$abuild_home/abuild.conf"}
	[ -f "$abuild_userconf" ] && . "$abuild_userconf"
	local privkey="$PACKAGER_PRIVKEY"
	local pubkey=${PACKAGER_PUBKEY:-"${privkey}.pub"}
	MODLOOPSIG=${in##*/}.SIGN.RSA.${pubkey##*/}
	echo "Signing: $in"
	openssl dgst -sha1 -sign "$privkey" \
		-out "$TMPDIR/$MODLOOPSIG" \
		"$in"
}

203 204 205
trap clean_up EXIT $SIGNALS


206
if [ "$SUPERUSER" ] && [ -z "$FAKEROOTKEY" ]; then
207
	apk add $QUIET_OPT --update-cache -t $VIRTUAL mkinitfs squashfs-tools kmod
208
fi
209

210
if [ -z "$features" ]; then
211
	. /etc/mkinitfs/mkinitfs.conf
212
fi
213

214
if [ -z "$FLAVOR" ]; then
215 216
	FLAVOR=$(uname -r | cut -d - -f 3-)
	[ "$FLAVOR" ] || FLAVOR=vanilla
217 218
fi

219 220
[ "$ARCH" ] || ARCH=$(apk --print-arch)

221
TMPDIR=$(mktemp -d /tmp/$SCRIPT.XXXXXX)
222
ROOT=$TMPDIR/root
223
BOOT=$ROOT/boot
224

225
_apk() {
226 227 228
	local cmd=$1
	shift

229
	apk $cmd $QUIET_OPT -p $ROOT --arch "$ARCH" \
230
		--keys-dir $KEYS_DIR \
231
		--repositories-file "$REPOSITORIES_FILE" $*
232 233
}

234
extra_pkgs() {
235 236 237 238
	local res=$(_apk search -x $1)
	if [ "$res" ]; then
		echo $*
	fi
239 240
}

241
# set up the root and get the APKINDEX for search
242
_apk add --initdb --update-cache
243

244
if [ "$BUILDDIR" ]; then
245 246 247 248 249 250 251 252 253 254
	case "$ARCH" in
		arm*|aarch64*)	_install="zinstall dtbs_install" ;;
		*)		_install="install" ;;
	esac

	mkdir -p $BOOT
	make -C "$BUILDDIR" $_install firmware_install modules_install \
		INSTALL_MOD_PATH=$ROOT \
		INSTALL_PATH=$BOOT \
		INSTALL_DTBS_PATH='$ROOT/usr/lib/linux-$(KERNELRELEASE)'
255
else
256 257 258 259 260
	if [ -z "$PACKAGES" ]; then
		PACKAGES="$(extra_pkgs "dahdi-linux-$FLAVOR" dahdi-linux)
			$(extra_pkgs "xtables-addons-$FLAVOR")"
	fi
	PACKAGES="$PACKAGES linux-$FLAVOR linux-firmware"
261
fi
262
_apk add --no-scripts alpine-base $PACKAGES
263

264 265 266 267
if [ -n "$APK_PUBKEY" ]; then
	mkdir -p "$ROOT"/etc/apk/keys
	cp "$APK_PUBKEY" "$ROOT"/etc/apk/keys/
fi
268

269 270
KVER_FLAVOR=
[ "$FLAVOR" = vanilla ] || KVER_FLAVOR=-$FLAVOR
271
KVER=$(basename $(ls -d $ROOT/lib/modules/*"$KVER_FLAVOR"))
Natanael Copa's avatar
Natanael Copa committed
272
DTBDIR=$ROOT/boot/dtbs-$FLAVOR
273
[ -d "$DTBDIR" ] || DTBDIR=$ROOT/usr/lib/linux-$KVER
274
[ -d "$DTBDIR" ] || DTBDIR=$ROOT/boot
275
depmod -b $ROOT "$KVER"
276 277 278 279


STAGING=$TMPDIR/boot
MODLOOP=$TMPDIR/modloop
280
MODIMG=modloop-$FLAVOR
281

282
mkdir $MODLOOP $STAGING
283
cp -a $ROOT/lib/modules $MODLOOP
284 285
mkdir -p $MODLOOP/modules/firmware
find $ROOT/lib/modules -type f -name "*.ko" | xargs modinfo -F firmware | sort -u | while read FW; do
Timo Teräs's avatar
Timo Teräs committed
286 287
	if [ -e "$ROOT/lib/firmware/$FW" ]; then
		install -pD $ROOT/lib/firmware/$FW $MODLOOP/modules/firmware/$FW
288 289 290 291
		# copy also all potentially associated files
		for _file in "$ROOT"/lib/firmware/"${FW%.*}".*; do
			install -pD "$_file" "$MODLOOP/modules/firmware/${_file#*/lib/firmware/}"
		done
Timo Teräs's avatar
Timo Teräs committed
292
	fi
293
done
294

295 296 297 298 299
# install extra firmware files in modloop (i.e. not detected by modinfo)
for _xfw in "$modloopfw"; do
	if [ -f "$ROOT/lib/firmware/$_xfw" ]; then
		install -pD "$ROOT/lib/firmware/$_xfw" \
			"$MODLOOP"/modules/firmware/"$_xfw"
300
	elif [ -n "$_xfw" ]; then
301 302 303 304
		echo "Warning: extra firmware \"$_xfw\" not found!"
	fi
done

305 306 307 308 309 310 311
# wireless regulatory db
if [ -e "$ROOT"/lib/modules/*/kernel/net/wireless/cfg80211.ko ]; then
	for _regdb in "$ROOT"/lib/firmware/regulatory.db*; do
		[ -e "$_regdb" ] && install -pD "$_regdb" "$MODLOOP"/modules/firmware/"${_regdb##*/}"
	done
fi

312
# include bluetooth firmware in modloop
313
if [ -e "$ROOT"/lib/modules/*/kernel/drivers/bluetooth/btbcm.ko ]; then
314 315 316 317 318 319
	for _btfw in "$ROOT"/lib/firmware/brcm/*.hcd; do
		install -pD "$_btfw" \
			"$MODLOOP"/modules/firmware/brcm/"${_btfw##*/}"
	done
fi

320 321 322 323 324 325
case $ARCH in
	armhf) mksfs="-Xbcj arm" ;;
	armv7|aarch64) mksfs="-Xbcj arm,armthumb" ;;
	x86|x86_64) mksfs="-Xbcj x86" ;;
	*) mksfs=
esac
326
mksquashfs $MODLOOP "$STAGING/$MODIMG" -comp xz -exit-on-error $mksfs
327

328 329 330 331 332
if [ -n "$MODLOOPSIGN" ]; then
	sign_modloop "$STAGING/$MODIMG"
	MKINITFS_ARGS="$MKINITFS_ARGS -s $TMPDIR/$MODLOOPSIG"
fi

333
mkinitfs $MKINITFS_ARGS -q -b $ROOT -F "$features base squashfs" \
334
	-o "$STAGING/initramfs-$FLAVOR" "$KVER"
335 336

for file in System.map config vmlinuz; do
337 338 339 340 341
	if [ -f "$BOOT/$file-$FLAVOR" ]; then
		cp "$BOOT/$file-$FLAVOR" $STAGING
	else
		cp "$BOOT/$file" $STAGING
	fi
342
done
343

344
if [ "$MNTDIR" ]; then
345 346 347
	ignore_sigs
	umount /.modloop
	remount -w
348
fi
349

350 351
mkdir -p "$DESTDIR"/${MEDIA:+boot/}
mv $STAGING/* "$DESTDIR"/${MEDIA:+boot/}
352

353
if [ -d "$DTBDIR" ]; then
354
	_opwd=$PWD
355 356
	case "$MEDIA,$FLAVOR" in
	yes,rpi*) _dtb="$DESTDIR/" ;;
Natanael Copa's avatar
Natanael Copa committed
357 358
	yes,*)    _dtb="$DESTDIR/boot/dtbs-$FLAVOR" ;;
	*,*)      _dtb="$DESTDIR/dtbs/dtbs-$FLAVOR" ;;
359 360 361 362 363 364
	esac
	mkdir -p "$_dtb"
	_dtb=$(realpath "$_dtb")
	cd "$DTBDIR"
	find -type f \( -name "*.dtb" -o -name "*.dtbo" \) | cpio -pudm "$_dtb" 2> /dev/null
	cd "$_opwd"
365 366
fi

367
if [ "$MNTDIR" ]; then
368 369 370 371
	set +e
	sync
	remount -r
	mount -o loop "$DESTDIR/$MODIMG" /.modloop
372
fi
373 374

exit 0