1#!/bin/bash 2# Copyright 2021 Google LLC 3# 4# Licensed under the Apache License, Version 2.0 (the "License"); 5# you may not use this file except in compliance with the License. 6# You may obtain a copy of the License at 7# 8# http://www.apache.org/licenses/LICENSE-2.0 9# 10# Unless required by applicable law or agreed to in writing, software 11# distributed under the License is distributed on an "AS IS" BASIS, 12# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13# See the License for the specific language governing permissions and 14# limitations under the License. 15 16[ -z "${gbmc_upgrade-}" ] || exit 17 18: "${GBMC_UPGRADE_SIG=/tmp/bmc.sig}" 19 20GBMC_UPGRADE_UNPACK_FILES=() 21# shellcheck disable=SC2034 22GBMC_UPGRADE_HOOKS=(gbmc_upgrade_internal) 23 24if machine="$(source /etc/os-release && echo "$GBMC_TARGET_MACHINE")"; then 25 GBMC_UPGRADE_UNPACK_FILES+=("*/firmware-gbmc/$machine") 26else 27 echo 'Failed to find GBMC machine type from /etc/os-release' >&2 28fi 29 30gbmc_upgrade_dl_unpack() { 31 echo "Fetching $bootfile_url" >&2 32 33 # We only support tarballs at the moment, our URLs will always denote 34 # this with a URI query param of `format=TAR`. 35 local tflags=() 36 if [[ "$bootfile_url" =~ [\&?]format=TAR(_GZIP)?(&|$) ]]; then 37 local t="${BASH_REMATCH[1]}" 38 [ "$t" = '_GZIP' ] && tflags+=('-z') 39 else 40 echo "Unknown upgrade unpack method: $bootfile_url" >&2 41 return 1 42 fi 43 44 # Ensure some sane output file limit 45 # Currently no BMC image is larger than 64M 46 # We want to allow 2 images and a small amount of metadata (2*64+2)M 47 local max_mb=$((2*64 + 2)) 48 ulimit -f $((max_mb * 1024 * 1024 / 512)) || return 49 timeout=$((SECONDS + 300)) 50 stime=5 51 while true; do 52 local st=() 53 curl -LSsk --max-time $((timeout - SECONDS)) "$bootfile_url" | 54 tar "${tflags[@]}" --wildcards -xC "$tmpdir" "${GBMC_UPGRADE_UNPACK_FILES[@]}" 2>"$tmpdir"/tarerr \ 55 && st=("${PIPESTATUS[@]}") || st=("${PIPESTATUS[@]}") 56 # Curl failures should continue 57 if (( st[0] == 0 )); then 58 # Tar failures when curl succeeds are hard errors to start over. 59 # shellcheck disable=SC2143 60 if (( st[1] != 0 )) && [[ -n $(grep -v '\(Exiting with failure status\|Not found in archive\|Cannot hard link\)' "$tmpdir"/tarerr) ]]; then 61 echo 'Unpacking failed' >&2 62 return 1 63 fi 64 # Success should continue without retry 65 break 66 fi 67 if (( SECONDS + stime >= timeout )); then 68 echo 'Timed out fetching image' >&2 69 return 1 70 fi 71 (shopt -s nullglob dotglob; rm -rf -- "${tmpdir:?}"/*) 72 sleep $stime 73 done 74} 75 76gbmc_upgrade_hook() { 77 [ -n "${bootfile_url-}" ] || return 0 78 79 local tmpdir 80 tmpdir="$(mktemp -d)" || return 81 # shellcheck disable=SC2015 82 gbmc_upgrade_dl_unpack && gbmc_br_run_hooks GBMC_UPGRADE_HOOKS || true 83 # shellcheck disable=SC2153 84 rm -rf -- "$tmpdir" "$GBMC_UPGRADE_SIG" "$GBMC_UPGRADE_IMG" 85} 86 87gbmc_upgrade_fetch() ( 88 local sig 89 sig="$(find "$tmpdir" -name 'image-*.sig' | head -n 1)" || return 90 local img="${sig%.sig}" 91 mv "$sig" "$GBMC_UPGRADE_SIG" || return 92 mv "$img" "$GBMC_UPGRADE_IMG" || return 93 94 # Regular packages have a VERSION file with the image 95 local imgdir="${sig%/*}" 96 if [ -f "$imgdir/VERSION" ]; then 97 cat "$imgdir/VERSION" || return 98 return 0 99 fi 100 101 # Staging packages have a directory named after the version 102 local vdir="${imgdir##*/}" 103 if [[ "$vdir" =~ ([0-9]+[.]){3}[0-9]+ ]]; then 104 echo "$vdir" 105 return 0 106 fi 107 108 return 1 109) 110 111GBMC_BR_DHCP_HOOKS+=(gbmc_upgrade_hook) 112 113gbmc_upgrade=1 114