[yocto] Yocto-ish upgrade-in-place strategy
Craig McQueen
craig.mcqueen at innerrange.com
Mon May 4 21:55:36 PDT 2015
I’m working on this for a BeagleBone Black type system, which uses eMMC (i.e. disk partitions). I’m considering:
Partition 1: FAT16 “BOOT”, with MLO, u-boot.img, and custom uEnv.txt (U-Boot rules to append)
Partition 2: ext4 “KERNEL1”, which contains a zImage with attached initramfs, and device tree
Partition 3: ext4 “KERNEL2”, which contains a zImage with attached initramfs, and device tree
Partition 4: ext4 “DATA”, a read/write filesystem
The DATA partition should contain a SquashFS file named /lib/firmware/rootro1 and/or rootro2.
At boot up, U-Boot loads the custom rules from uEnv.txt. That checks for the presence of a BOOT2 file on the DATA partition. If it exists, it boots the kernel from KERNEL2, otherwise from KERNEL1. It passes kernel arguments:
rootrw=/dev/mmcblk1p4
rootro=/mnt/rootrw/lib/firmware/rootro1 -- or rootro2 depending on whether booting KERNEL1 or KERNEL2.
The kernel contains an initramfs (using initramfs-framework) which mounts the DATA partition as /mnt/rootrw. Then it mounts a SquashFS partition /mnt/rootrw/lib/firmware/rootro1 according to the passed kernel argument ‘rootro’, as /mnt/rootro. Then it mounts an OverlayFS with the rootrw mount over the rootro mount.
This is development in-progress, but it seems to be working well for me so far.
Then, I need to have an upgrade image which is an archive of:
· SquashFS rootro image
· Kernel with attached initramfs
· Device tree
· Any metadata for the upgrade, README, etc
The user can upload it onto the device through a web interface, or something like that. Then it gets processed after upload:
· The integrity is verified somehow (e.g. hash)
· The kernel and device tree are copied to the KERNEL1 or KERNEL2 partition that’s not currently in-use.
· The SquashFS rootro gets copied to /lib/firmware/rootro1 or rootro2, whichever is not currently in-use.
· The partition 4 file BOOT2 is created or deleted, as needed, to cause U-Boot to boot the “other image”.
· Reboot
The BeagleBone Black U-Boot implements an incrementing ‘bootcount’, stored in RTC scratch, I believe. A Linux kernel driver could be written which allows for this to be reset to 0 by the kernel or userspace app. Then, U-Boot could do some alternative action if bootcount gets too big (meaning it’s not successfully booting)—such as revert to the other older image, if present.
I should also mention that I used a kernel bbappend file with:
RDEPENDS_kernel-base = ""
That results in my rootfs image (which is the SquashFS rootfs) NOT containing the kernel and device tree in its /boot directory—since in this setup the kernel and device tree are in a different location KERNELx partition.
Currently, I’m wondering how to get Yocto to build the upgrade image for me. I am not sure whether I can use a custom “image” which has just 4 or 5 files in it. Or maybe if the “wic” tool is suitable for this purpose. Or if I should just use my own script. One possible complication is if I want to use encryption. If so, I probably need to encrypt the archive except for the metadata, README. And I would need to save the encryption keys somehow securely in my build system.
Craig McQueen
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.yoctoproject.org/pipermail/yocto/attachments/20150505/ed880535/attachment.html>
More information about the yocto
mailing list