This document demonstrates how SWUpdate updates the software on the SP7350 platforms.
Table of Contents
Ubuntu MATE 24.04 - eMMC boot
When you run “make config” to configure your build environment and after selecting the board, you will be prompted to choose a boot device. Refer to the picture below and Enter “1” to select eMMC.
After selecting eMMC size, you will be prompted to choose a root file system. Refer to the picture below and Enter “7” to select Ubuntu MATE 24.04.1.
swupdate installation
After booting the system of the platform, connect to the internet and use the following commands to install swupdate.
sudo apt update sudo apt-get install swupdate
Apache HTTP Server installation
Use the following command to install apache2.
sudo apt install apache2
chromium installation
Use the following commands to install chromium.
sudo add-apt-repository ppa:xtradeb/apps -y sudo apt install chromium
Generate self-signed certificates
Use the following command to generate self-signed certificates.
openssl req -x509 -newkey rsa:4096 -nodes -keyout mycert.key.pem -out mycert.cert.pem -subj "/O=SWUpdate /CN=target"
It will create mycert.key.pem containing the private key, and mycert.cert.pem containing the public key and certificate. The default validity period of mycert.cert.pem is 30 days and you can use the following command to check it.
openssl x509 -in mycert.cert.pem -noout -dates
If you want to set the validity period by yourself, you can use the following command to generate self-signed certificates. The command adds a parameter of “-days 365” to set the validity period to 365 days.
openssl req -x509 -newkey rsa:4096 -nodes -keyout mycert.key.pem -out mycert.cert.pem -subj "/O=SWUpdate /CN=target" -days 365
sw-description configuration file
The sw-description file created describes the structure and content of the software update (packed in a .swu file) and defines what actions SWUpdate should take when performing the update.
A sw-description file below is an example for updating xboot、uboot and kernel simultaneously for eMMC.
software = {
version = "1.0";
hardware-compatibility: [ "v1.0" ];
images: (
{
filename = "xboot.img";
device = "/dev/mmcblk0boot0";
compressed = false;
type = "raw";
sha256 = "91fc277640036ab292b709bbf762b018f95a8cd2224058f48754a0587451de70";
},
{
filename = "u-boot.img";
device = "/dev/mmcblk0p2";
compressed = false;
type = "raw";
sha256 = "f72733756552297cd719b0a5a8ab26215ca862af67d00fb2a8d6d6bec2840111";
},
{
filename = "uImage";
device = "/dev/mmcblk0p7";
compressed = false;
type = "raw";
sha256 = "c288fbd009205f3d5b30328908a3f820fb0020c9f5acd49d49b79c0db92d5b3a";
}
);
};
“device” is the partition corresponding to the image. Please refer to https://sunplus.atlassian.net/wiki/spaces/C3/pages/1995309077/Exploring+Partitions+of+All+Boot+Devices?atl_f=content-tree.
“sha256” is the hash of the image. Each image must have the attribute. You can use the following command to get the hash of the image.
sha256sum xboot.img
Building a signed SWU image with CMS signature
There are two files, sw-description and its signature sw-description.sig. The signature file must always directly follow the description file.
A simple script to create a signed image can be:
#!/bin/bash
IMAGES="xboot.img u-boot.img uImage"
FILES="sw-description sw-description.sig $IMAGES"
openssl cms -sign -in sw-description -out sw-description.sig -signer /home/sunplus/work/my_key/mycert.cert.pem -inkey /home/sunplus/work/my_key/mycert.key.pem -outform DER -nosmimecap -binary
for i in $FILES;do
echo $i;done | cpio -ov -H crc > update.swu
After executing the script, sw-description.sig will be produced and the “FILES” in the script will be packed (cpio was chosen for its simplicity and because can be streamed) together to the file of update.swu.
HW_FILE
Create and edit a file (/etc/hwrevision) in the platform if it does not exist. The example of the contents is shown below.
SP7350 v1.0
“SP7350” is the hardware board name.
“v1.0” is the hardware revision and it must be the same as “hardware-compatibility” in sw-description.
Update images
The Ubuntu platform can update images (update.swu) via the command or web server.
Run SWUpdate
You can use the following command to update images.
sudo swupdate -i update.swu -k /home/sunplus/work/my_key/mycert.cert.pem -v
The verbose logging is as shown below. After the update process, the system will reboot.
sunplus@ubuntu:~/work/swu_ubuntu$ sudo swupdate -i update.swu -k /home/sunplus/work/my_key/mycert.cert.pem -v
[TRACE] : SWUPDATE running : [load_cert_chain] : Read PEM #1: /O=SWUpdate /CN=target /O=SWUpdate /CN=target
SWUpdate v
Licensed under GPLv2. See source distribution for detailed copyright notices.
[TRACE] : SWUPDATE running : [print_registered_bootloaders] : Registered bootloaders:
[TRACE] : SWUPDATE running : [print_registered_bootloaders] : uboot loaded.
[TRACE] : SWUPDATE running : [print_registered_bootloaders] : none loaded.
[TRACE] : SWUPDATE running : [print_registered_bootloaders] : grub loaded.
[TRACE] : SWUPDATE running : [print_registered_bootloaders] : ebg loaded.
[INFO ] : SWUPDATE running : [main] : Using default bootloader interface: none
[INFO ] : SWUPDATE running : [lua_handlers_init] : External Lua handler(s) not found.
[TRACE] : SWUPDATE running : [lua_report_exception] : Lua exception:
[TRACE] : SWUPDATE running : [lua_report_exception] : [string "require ("swupdate_handlers")"]:1: module 'swupdate_handlers' not found:
[TRACE] : SWUPDATE running : [lua_report_exception] : no field package.preload['swupdate_handlers']
[TRACE] : SWUPDATE running : [lua_report_exception] : no file '/usr/local/share/lua/5.4/swupdate_handlers.lua'
[TRACE] : SWUPDATE running : [lua_report_exception] : no file '/usr/local/share/lua/5.4/swupdate_handlers/init.lua'
[TRACE] : SWUPDATE running : [lua_report_exception] : no file '/usr/local/lib/lua/5.4/swupdate_handlers.lua'
[TRACE] : SWUPDATE running : [lua_report_exception] : no file '/usr/local/lib/lua/5.4/swupdate_handlers/init.lua'
[TRACE] : SWUPDATE running : [lua_report_exception] : no file '/usr/share/lua/5.4/swupdate_handlers.lua'
[TRACE] : SWUPDATE running : [lua_report_exception] : no file '/usr/share/lua/5.4/swupdate_handlers/init.lua'
[TRACE] : SWUPDATE running : [lua_report_exception] : no file './swupdate_handlers.lua'
[TRACE] : SWUPDATE running : [lua_report_exception] : no file './swupdate_handlers/init.lua'
[TRACE] : SWUPDATE running : [lua_report_exception] : no file '/usr/local/lib/lua/5.4/swupdate_handlers.so'
[TRACE] : SWUPDATE running : [lua_report_exception] : no file '/usr/lib/aarch64-linux-gnu/lua/5.4/swupdate_handlers.so'
[TRACE] : SWUPDATE running : [lua_report_exception] : no file '/usr/lib/lua/5.4/swupdate_handlers.so'
[TRACE] : SWUPDATE running : [lua_report_exception] : no file '/usr/local/lib/lua/5.4/loadall.so'
[TRACE] : SWUPDATE running : [lua_report_exception] : no file './swupdate_handlers.so'
[INFO ] : SWUPDATE running : [main] : Running on SP7350 Revision v1.0
[INFO ] : SWUPDATE running : [print_registered_handlers] : Registered handlers:
[INFO ] : SWUPDATE running : [print_registered_handlers] : dummy
[INFO ] : SWUPDATE running : [print_registered_handlers] : archive
[INFO ] : SWUPDATE running : [print_registered_handlers] : tar
[INFO ] : SWUPDATE running : [print_registered_handlers] : uboot
[INFO ] : SWUPDATE running : [print_registered_handlers] : bootloader
[INFO ] : SWUPDATE running : [print_registered_handlers] : btrfs
[INFO ] : SWUPDATE running : [print_registered_handlers] : copy
[INFO ] : SWUPDATE running : [print_registered_handlers] : rawcopy
[INFO ] : SWUPDATE running : [print_registered_handlers] : flash
[INFO ] : SWUPDATE running : [print_registered_handlers] : delta
[INFO ] : SWUPDATE running : [print_registered_handlers] : diskformat
[INFO ] : SWUPDATE running : [print_registered_handlers] : diskpart
[INFO ] : SWUPDATE running : [print_registered_handlers] : toggleboot
[INFO ] : SWUPDATE running : [print_registered_handlers] : gptswap
[INFO ] : SWUPDATE running : [print_registered_handlers] : gptpart
[INFO ] : SWUPDATE running : [print_registered_handlers] : uniqueuuid
[INFO ] : SWUPDATE running : [print_registered_handlers] : flash-hamming1
[INFO ] : SWUPDATE running : [print_registered_handlers] : lua
[INFO ] : SWUPDATE running : [print_registered_handlers] : raw
[INFO ] : SWUPDATE running : [print_registered_handlers] : rawfile
[INFO ] : SWUPDATE running : [print_registered_handlers] : rdiff_image
[INFO ] : SWUPDATE running : [print_registered_handlers] : rdiff_file
[INFO ] : SWUPDATE running : [print_registered_handlers] : readback
[INFO ] : SWUPDATE running : [print_registered_handlers] : shellscript
[INFO ] : SWUPDATE running : [print_registered_handlers] : preinstall
[INFO ] : SWUPDATE running : [print_registered_handlers] : postinstall
[INFO ] : SWUPDATE running : [print_registered_handlers] : ssblswitch
[INFO ] : SWUPDATE running : [print_registered_handlers] : swuforward
[INFO ] : SWUPDATE running : [print_registered_handlers] : ubivol
[INFO ] : SWUPDATE running : [print_registered_handlers] : ubipartition
[INFO ] : SWUPDATE running : [print_registered_handlers] : ubiswap
[INFO ] : SWUPDATE running : [print_registered_handlers] : ucfw
[INFO ] : SWUPDATE running : [print_registered_handlers] : docker_imageload
[INFO ] : SWUPDATE running : [print_registered_handlers] : docker_imagedelete
[INFO ] : SWUPDATE running : [print_registered_handlers] : docker_imageprune
[INFO ] : SWUPDATE running : [print_registered_handlers] : docker_containercreate
[INFO ] : SWUPDATE running : [print_registered_handlers] : docker_containerdelete
[INFO ] : SWUPDATE running : [print_registered_handlers] : docker_containerstart
[INFO ] : SWUPDATE running : [print_registered_handlers] : docker_networkcreate
[INFO ] : SWUPDATE running : [print_registered_handlers] : docker_networkdelete
[INFO ] : SWUPDATE running : [print_registered_handlers] : docker_volumecreate
[INFO ] : SWUPDATE running : [print_registered_handlers] : docker_volumedelete
[DEBUG] : SWUPDATE running : [read_module_settings] : No config settings found for module versions
[TRACE] : SWUPDATE running : [listener_create] : got no socket at /tmp/swupdateprog from systemd
[TRACE] : SWUPDATE running : [network_initializer] : Main loop daemon
[TRACE] : SWUPDATE running : [listener_create] : creating socket at /tmp/swupdateprog
[TRACE] : SWUPDATE running : [listener_create] : got no socket at /tmp/sockinstctrl from systemd
[TRACE] : SWUPDATE running : [listener_create] : creating socket at /tmp/sockinstctrl
[DEBUG] : SWUPDATE running : [read_module_settings] : No config settings found for module download
[TRACE] : SWUPDATE running : [start_swupdate_subprocess] : Started chunks_downloader with pid 2054 and fd 8
[TRACE] : SWUPDATE running : [network_thread] : Incoming network request: processing...
[INFO ] : SWUPDATE started : Software Update started !
[TRACE] : SWUPDATE running : [network_initializer] : Software update started
[TRACE] : SWUPDATE running : [start_delta_downloader] : Starting Internal process for downloading chunks
[WARN ] : SWUPDATE running : [scan_mtd_devices] : MTD is not present on the target
[WARN ] : SWUPDATE running : [mtd_init] : MTD is not present in the system
[WARN ] : SWUPDATE running : [mtd_init] : cannot open libmtd
[TRACE] : SWUPDATE running : [extract_file_to_tmp] : Found file
[TRACE] : SWUPDATE running : [extract_file_to_tmp] : filename sw-description
[TRACE] : SWUPDATE running : [extract_file_to_tmp] : size 828
[TRACE] : SWUPDATE running : [extract_file_to_tmp] : Found file
[TRACE] : SWUPDATE running : [extract_file_to_tmp] : filename sw-description.sig
[TRACE] : SWUPDATE running : [extract_file_to_tmp] : size 2110
[WARN ] : SWUPDATE running : [check_signer_name] : The X.509 common name might not be equal to .
[TRACE] : SWUPDATE running : [swupdate_verify_file] : Verified OK
[DEBUG] : SWUPDATE running : [parse_cfg] : Parsing config file /tmp/sw-description
[TRACE] : SWUPDATE running : [get_common_fields] : Version 1.0
[TRACE] : SWUPDATE running : [get_common_fields] : reboot_required 1
[TRACE] : SWUPDATE running : [parse_hw_compatibility] : Accepted Hw Revision : v1.0
[TRACE] : SWUPDATE running : [_parse_images] : Found Image: uImage in device : /dev/mmcblk0p7 for handler raw
[TRACE] : SWUPDATE running : [_parse_images] : Found Image: u-boot.img in device : /dev/mmcblk0p2 for handler raw
[TRACE] : SWUPDATE running : [_parse_images] : Found Image: xboot.img in device : /dev/mmcblk0boot0 for handler raw
[TRACE] : SWUPDATE running : [parse] : Number of found artifacts: 3
[TRACE] : SWUPDATE running : [parse] : Number of scripts: 0
[TRACE] : SWUPDATE running : [parse] : Number of steps to be run: 3
[TRACE] : SWUPDATE running : [check_hw_compatibility] : Hardware SP7350 Revision: v1.0
[TRACE] : SWUPDATE running : [check_hw_compatibility] : Hardware compatibility verified
[DEBUG] : SWUPDATE running : [preupdatecmd] : Running Pre-update command
[TRACE] : SWUPDATE running : [extract_files] : Found file
[TRACE] : SWUPDATE running : [extract_files] : filename xboot.img
[TRACE] : SWUPDATE running : [extract_files] : size 139052 required
[TRACE] : SWUPDATE running : [extract_files] : Found file
[TRACE] : SWUPDATE running : [extract_files] : filename u-boot.img
[TRACE] : SWUPDATE running : [extract_files] : size 937816 required
[TRACE] : SWUPDATE running : [extract_files] : Found file
[TRACE] : SWUPDATE running : [extract_files] : filename uImage
[TRACE] : SWUPDATE running : [extract_files] : size 9354240 required
[TRACE] : SWUPDATE running : [extract_padding] : Expecting up to 512 padding bytes at end-of-file
[TRACE] : SWUPDATE running : [network_initializer] : Valid image found: copying to FLASH
[INFO ] : SWUPDATE running : Installation in progress
[TRACE] : SWUPDATE running : [install_single_image] : Found installer for stream xboot.img raw
[TRACE] : SWUPDATE running : [blkprotect] : Device /dev/mmcblk0boot0: changed force_ro to 0
[TRACE] : SWUPDATE running : [blkprotect] : Device /dev/mmcblk0boot0: changed force_ro to 1
[TRACE] : SWUPDATE running : [install_single_image] : Found installer for stream u-boot.img raw
[TRACE] : SWUPDATE running : [install_single_image] : Found installer for stream uImage raw
[INFO ] : SWUPDATE successful ! SWUPDATE successful !
[TRACE] : SWUPDATE running : [network_initializer] : Main thread sleep again !
[INFO ] : No SWUPDATE running : Waiting for requests...
[INFO ] : SWUPDATE running : [endupdate] : SWUpdate was successful !
[DEBUG] : SWUPDATE running : [postupdate] : Running Post-update command
[TRACE] : SWUPDATE running : [unlink_sockets] : unlink socket /tmp/swupdateprog
[TRACE] : SWUPDATE running : [unlink_sockets] : unlink socket /tmp/sockinstctrl
sunplus@ubuntu:~/work/swu_ubuntu$ [ 1215.274202] [dhd] STATIC-MSG) dhd_static_buf_exit : Enter
[ 1215.981005] reboot: Restarting system
INFO: PSCI Power Domain Map:
INFO: Domain Node : Level 2, parent_node -1, State ON (0x0)
INFO: Domain Node : Level 1, parent_node 0, State ON (0x0)
INFO: CPU Node : MPID 0x0, parent_node 1, State ON (0x0)
INFO: CPU Node : MPID 0x100, parent_node 1, State ON (0x0)
INFO: CPU Node : MPID 0x200, parent_node 1, State ON (0x0)
INFO: CPU Node : MPID 0x300, parent_node 1, State ON (0x0)
Web server
The Ubuntu platform can update images via the web server by itself or other Ubuntu platforms.
SWUpdate web interface files
Use the following command to download the SWUpdate GitHub repository.
git clone https://github.com/sbabic/swupdate.git
Make a directory named “swupdate” in /var/www/ of the platform. Copy all the directories and files in /examples/www/v2/ of the SWUpdate repository into /var/www/swupdate/ of the platform.
Shell script - swupdate.sh
Add the parameters of “-k /home/sunplus/my_key/mycert.cert.pem“ for SWUPDATE_ARGS and “-r /var/www/swupdate -p 8080“ for SWUPDATE_WEBSERVER_ARGS in /usr/lib/swupdate/swupdate.sh of the platform shown below. Then reboot the system to activate the web server.
#!/bin/sh
# Override these variables in sourced script(s) located
# in /usr/lib/swupdate/conf.d or /etc/swupdate/conf.d
SWUPDATE_ARGS="-k /home/sunplus/work/my_key/mycert.cert.pem -v ${SWUPDATE_EXTRA_ARGS}"
SWUPDATE_WEBSERVER_ARGS="-r /var/www/swupdate -p 8080"
SWUPDATE_SURICATTA_ARGS=""
# source all files from /etc/swupdate/conf.d and /usr/lib/swupdate/conf.d/
# A file found in /etc replaces the same file in /usr
for f in `(test -d /usr/lib/swupdate/conf.d/ && ls -1 /usr/lib/swupdate/conf.d/; test -d /etc/swupdate/conf.d && ls -1 /etc/swupdate/conf.d) | sort -u`; do
if [ -f /etc/swupdate/conf.d/$f ]; then
. /etc/swupdate/conf.d/$f
else
. /usr/lib/swupdate/conf.d/$f
fi
done
# handle variable escaping in a simple way. Use exec to forward open filedescriptors from systemd open.
if [ "$SWUPDATE_WEBSERVER_ARGS" != "" -a "$SWUPDATE_SURICATTA_ARGS" != "" ]; then
exec /usr/bin/swupdate $SWUPDATE_ARGS -w "$SWUPDATE_WEBSERVER_ARGS" -u "$SWUPDATE_SURICATTA_ARGS"
elif [ "$SWUPDATE_WEBSERVER_ARGS" != "" ]; then
exec /usr/bin/swupdate $SWUPDATE_ARGS -w "$SWUPDATE_WEBSERVER_ARGS"
elif [ "$SWUPDATE_SURICATTA_ARGS" != "" ]; then
exec /usr/bin/swupdate $SWUPDATE_ARGS -u "$SWUPDATE_SURICATTA_ARGS"
else
exec /usr/bin/swupdate $SWUPDATE_ARGS
fi
Localhost web server
Open chrominum and connect to the localhost web server with:
http://localhost:8080
The default port of SWUpdate web server is 8080. It can update images for itself via localhost.
Click the blank area and select update.swu packed earlier.
After selecting update.swu, SWUpdate will start to process the received images and then restart the system.
Another platform's web server
You can use chrominum to connect to another platform’s web server to update the images for it which must accomplish the following steps first.
Install swupdate.
Install apache2.
Copy swupdate inferface files into /var/www/swupdate/.
Create and edit /etc/hwrevision.
Copy the public key (mycert.cert.pem) from the platform which packs update.swu.
Make sure the platform system clock is within the validity period of the public key (mycert.cert.pem).
Modify /usr/lib/swupdate/swupdate.sh.
Reboot the system to activate its web server.
Connect to the internet.
After the steps above, you can use the browser to connect to the platform’s SWUpdate web server with:
http://<target_ip>:8080
Therefore, you can update the images for it.
Buildroot 2024.02 - eMMC boot
When you run 'make config' to configure your build environment and after selecting the board, you will be prompted to choose a boot device. Refer to the picture below and Enter “1” to select eMMC.
After selecting eMMC size, you will be prompted to choose a root file system. Refer to the picture below and Enter “11” to select Buildroot 2024.02.
Buildroot Setup
After the completion of running “make config”, enter the buildroot configuration by running the following command in the top directory of project.
make bconfig
Select submenus for swupdate : Target packages → System tools. Select <*> for swupdate . Save the configuration and exit. Then execute “make” command to build the images.
Generate self-signed certificates
After updating the images to the platform and boot the system of it, it would fail to start SWUpdate daemon as shown below. It lacks a public key to activate the web server.
The procedure to generate self-signed certificates is the same as that in Ubuntu MATE 24.04 - eMMC boot. After generating the public key (mycert.cert.pem) by itself or coping it from other platforms which generate it, pack update.swu and will update the images for this Buildroot platform, add the parameter of SWUPDATE_ARGS=”-k /root/work/my_key/mycert.cert.pem -v” to /usr/lib/swupdate/conf.d/10-mongoose-args of the Buildroot platform and the web server will be activated successfully after reboot.
sw-description configuration file
Reference it in Ubuntu MATE 24.04 - eMMC boot.
Building a signed SWU image with CMS signature
Reference it in Ubuntu MATE 24.04 - eMMC boot.
HW_FILE
Reference it in Ubuntu MATE 24.04 - eMMC boot.
Update images
The Buildroot platform can update images (update.swu) via the command by itself or web server only by other Ubuntu platforms.
Run SWUpdate
Reference it in Ubuntu MATE 24.04 - eMMC boot.
Web server
Besides adding the parameter (the path of the public key) to /usr/lib/swupdate/conf.d/10-mongoose-args for activating the web server, make sure the platform system clock is within the validity period of the public key (mycert.cert.pem) and reference the procedure of updating images by other Ubuntu platforms in Ubuntu MATE 24.04 - eMMC boot.