aboutsummaryrefslogtreecommitdiffstats
path: root/recipes-core/swupd-server
diff options
context:
space:
mode:
authorDmitry Rozhkov <dmitry.rozhkov@linux.intel.com>2016-03-23 10:47:19 +0200
committerJoshua Lock <joshua.g.lock@intel.com>2016-03-30 21:36:58 +0100
commit40e43db58f41779d368abf71e5dcd5e26a5a9149 (patch)
tree88982d1c112316a5678f7158ad330c8a68bc056d /recipes-core/swupd-server
parentbca8b080378389c49fa5c7b0382c4b5e947589c2 (diff)
downloadmeta-swupd-40e43db58f41779d368abf71e5dcd5e26a5a9149.tar.gz
meta-swupd-40e43db58f41779d368abf71e5dcd5e26a5a9149.tar.bz2
meta-swupd-40e43db58f41779d368abf71e5dcd5e26a5a9149.zip
swupd-client: Update the client and server to use bsdtar
This patch adds bsdtar support to swupd-client and swupd-server and enables it. The reason why it's done this way is that: - bsdtar works better with IMA (opens files only once and then updates content and xattrs together); - swupd remains fully functional, including xattrs support, even when a distro disables GPLv3 licensed code. Signed-off-by: Dmitry Rozhkov <dmitry.rozhkov@linux.intel.com>
Diffstat (limited to 'recipes-core/swupd-server')
-rw-r--r--recipes-core/swupd-server/swupd-server/0007-Clean-up-tar-options-drop-a-for-the-extract-mode.patch31
-rw-r--r--recipes-core/swupd-server/swupd-server/0008-Clean-up-tar-commands-always-put-files-after-options.patch44
-rw-r--r--recipes-core/swupd-server/swupd-server/0009-Add-compatibility-with-libarchive-s-bsdtar-command.patch168
-rw-r--r--recipes-core/swupd-server/swupd-server_2.53.bb9
4 files changed, 250 insertions, 2 deletions
diff --git a/recipes-core/swupd-server/swupd-server/0007-Clean-up-tar-options-drop-a-for-the-extract-mode.patch b/recipes-core/swupd-server/swupd-server/0007-Clean-up-tar-options-drop-a-for-the-extract-mode.patch
new file mode 100644
index 0000000..2f933d0
--- /dev/null
+++ b/recipes-core/swupd-server/swupd-server/0007-Clean-up-tar-options-drop-a-for-the-extract-mode.patch
@@ -0,0 +1,31 @@
+From 4431ad34734632c439881a30ca90617a1fd1dde4 Mon Sep 17 00:00:00 2001
+From: Dmitry Rozhkov <dmitry.rozhkov@linux.intel.com>
+Date: Tue, 23 Feb 2016 14:50:37 +0200
+Subject: [PATCH] Clean up tar options: drop -a for the extract mode.
+
+The -a option is not needed for the extract mode since tar
+auto-detects compression type from file format.
+
+Upstream-Status: Accepted
+
+Signed-off-by: Dmitry Rozhkov <dmitry.rozhkov@linux.intel.com>
+---
+ src/pack.c | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/src/pack.c b/src/pack.c
+index 5bb99b8..e5203d0 100644
+--- a/src/pack.c
++++ b/src/pack.c
+@@ -114,7 +114,7 @@ static void explode_pack_stage(int version, char *module)
+ * time on the client...
+ */
+ string_or_die(&tar, "tar --directory=%s/%s/%i/staged --warning=no-timestamp "
+- TAR_PERM_ATTR_ARGS " -axf %s", packstage_dir, module, version, path);
++ TAR_PERM_ATTR_ARGS " -xf %s", packstage_dir, module, version, path);
+ ret = system(tar);
+ if (!ret) {
+ unlink(path);
+--
+2.5.0
+
diff --git a/recipes-core/swupd-server/swupd-server/0008-Clean-up-tar-commands-always-put-files-after-options.patch b/recipes-core/swupd-server/swupd-server/0008-Clean-up-tar-commands-always-put-files-after-options.patch
new file mode 100644
index 0000000..3dabcc8
--- /dev/null
+++ b/recipes-core/swupd-server/swupd-server/0008-Clean-up-tar-commands-always-put-files-after-options.patch
@@ -0,0 +1,44 @@
+From 9ecb744f0ca6faca02cc7be7539802c040cd2922 Mon Sep 17 00:00:00 2001
+From: Dmitry Rozhkov <dmitry.rozhkov@linux.intel.com>
+Date: Tue, 23 Feb 2016 15:01:25 +0200
+Subject: [PATCH] Clean up tar commands: always put files after options
+
+Unify tar commands to have files enumerated always at the end of
+the commands. This would follow the scheme used in tar's man page
+and simplify adoption of other tar implementation should the need
+arise.
+
+Upstream-Status: Accepted
+
+Signed-off-by: Dmitry Rozhkov <dmitry.rozhkov@linux.intel.com>
+---
+ src/fullfiles.c | 6 +++---
+ 1 file changed, 3 insertions(+), 3 deletions(-)
+
+diff --git a/src/fullfiles.c b/src/fullfiles.c
+index fa78293..23e95db 100644
+--- a/src/fullfiles.c
++++ b/src/fullfiles.c
+@@ -93,7 +93,7 @@ static void create_fullfile(struct file *file)
+ assert(0);
+ }
+
+- string_or_die(&tarcommand, "tar -C %s " TAR_PERM_ATTR_ARGS " -cf - '%s' --exclude='%s'/* 2> /dev/null | "
++ string_or_die(&tarcommand, "tar -C %s " TAR_PERM_ATTR_ARGS " -cf - --exclude='%s'/* '%s' 2> /dev/null | "
+ "tar -C %s " TAR_PERM_ATTR_ARGS " -xf - 2> /dev/null",
+ dir, base, base, rename_tmpdir);
+ if (system(tarcommand) != 0) {
+@@ -111,8 +111,8 @@ static void create_fullfile(struct file *file)
+ free(rename_source);
+
+ /* for a directory file, tar up simply with gzip */
+- string_or_die(&tarcommand, "tar -C %s %s " TAR_PERM_ATTR_ARGS " -zcf %s/%i/files/%s.tar",
+- rename_tmpdir, file->hash, outdir, file->last_change, file->hash);
++ string_or_die(&tarcommand, "tar -C %s " TAR_PERM_ATTR_ARGS " -zcf %s/%i/files/%s.tar %s",
++ rename_tmpdir, outdir, file->last_change, file->hash, file->hash);
+ if (system(tarcommand) != 0) {
+ LOG(NULL, "Failed to run command:", "%s", tarcommand);
+ assert(0);
+--
+2.5.0
+
diff --git a/recipes-core/swupd-server/swupd-server/0009-Add-compatibility-with-libarchive-s-bsdtar-command.patch b/recipes-core/swupd-server/swupd-server/0009-Add-compatibility-with-libarchive-s-bsdtar-command.patch
new file mode 100644
index 0000000..7821938
--- /dev/null
+++ b/recipes-core/swupd-server/swupd-server/0009-Add-compatibility-with-libarchive-s-bsdtar-command.patch
@@ -0,0 +1,168 @@
+From e72a040628d7b8b5fd193653c13304f47cba611b Mon Sep 17 00:00:00 2001
+From: Dmitry Rozhkov <dmitry.rozhkov@linux.intel.com>
+Date: Tue, 23 Feb 2016 15:11:58 +0200
+Subject: [PATCH] Add compatibility with libarchive's bsdtar command
+
+Since GNU tar fails to extract files with xattrs preserved when
+Integrity Measurement Architecture (IMA) is enabled some vendors
+may choose to install libarchive-based tar (bsdtar) on their embedded
+devices, so the swupd server needs to be able to create archives
+in its format.
+
+This patch adds one compile-time options --enable-bsdtar that is used
+to enable/disable GNU tar specific options. Also it harmonizes
+the command strings to be compatible with both GNU tar and bsdtar.
+Particularly it
+- changes --exclude pattern from '%s'/* to more explicit '%s/?*' because
+ bsdtar's pattern matching is greedier than in tar: it uses tcsh's
+ globbing where '*' can be anything including the null string and the
+ original pattern would include the directory itself;
+- OS file names are escaped with leading ./ to avoid collisions with
+ file names starting with @ which has special meaning in bsdtar.
+
+Upstream-Status: Accepted
+
+Signed-off-by: Dmitry Rozhkov <dmitry.rozhkov@linux.intel.com>
+---
+ configure.ac | 8 ++++++++
+ include/swupd.h | 14 ++++++++++++--
+ src/fullfiles.c | 12 ++++++------
+ src/manifest.c | 2 +-
+ src/pack.c | 4 ++--
+ 5 files changed, 29 insertions(+), 11 deletions(-)
+
+diff --git a/configure.ac b/configure.ac
+index 47256b6..32d1412 100644
+--- a/configure.ac
++++ b/configure.ac
+@@ -15,6 +15,14 @@ PKG_CHECK_MODULES([openssl], [libcrypto >= 0.9.8])
+ AC_CHECK_LIB([magic], [magic_open], [], [AC_MSG_ERROR([the magic library is missing])])
+ AC_CHECK_PROGS(TAR, tar)
+ AC_ARG_ENABLE(
++ bsdtar,
++ AS_HELP_STRING([--enable-bsdtar],[Use alternative bsdtar command (uses tar by default)]),
++ AS_IF([test "x$enable_bsdtar" = "xyes"],
++ AC_DEFINE([SWUPD_WITH_BSDTAR], 1, [Use alternative bsdtar]),
++ AC_DEFINE([SWUPD_WITH_BSDTAR], 0, [Use default tar command])),
++ AC_DEFINE([SWUPD_WITH_BSDTAR], 0, [Use default tar command])
++)
++AC_ARG_ENABLE(
+ bzip2,
+ AS_HELP_STRING([--disable-bzip2],[Do not use bzip2 compression (uses bzip2 by default)]),
+ AC_DEFINE(SWUPD_WITHOUT_BZIP2,1,[Do not use bzip2 compression]) ,
+diff --git a/include/swupd.h b/include/swupd.h
+index d45ca9c..b049135 100644
+--- a/include/swupd.h
++++ b/include/swupd.h
+@@ -17,10 +17,20 @@
+
+ #define SWUPD_SERVER_STATE_DIR "/var/lib/update"
+
++#if SWUPD_WITH_BSDTAR
++#define TAR_COMMAND "bsdtar"
++#define TAR_XATTR_ARGS ""
++#define TAR_WARN_ARGS ""
++#else
++#define TAR_COMMAND "tar"
++#define TAR_XATTR_ARGS "--xattrs --xattrs-include='*'"
++#define TAR_WARN_ARGS "--warning=no-timestamp"
++#endif
++
+ #if SWUPD_WITH_SELINUX
+-#define TAR_PERM_ATTR_ARGS "--preserve-permissions --xattrs --xattrs-include='*' --selinux"
++#define TAR_PERM_ATTR_ARGS "--preserve-permissions --selinux " TAR_XATTR_ARGS
+ #else
+-#define TAR_PERM_ATTR_ARGS "--preserve-permissions --xattrs --xattrs-include='*'"
++#define TAR_PERM_ATTR_ARGS "--preserve-permissions " TAR_XATTR_ARGS
+ #endif
+
+ #if SWUPD_WITH_STATELESS
+diff --git a/src/fullfiles.c b/src/fullfiles.c
+index 23e95db..cf77e74 100644
+--- a/src/fullfiles.c
++++ b/src/fullfiles.c
+@@ -93,8 +93,8 @@ static void create_fullfile(struct file *file)
+ assert(0);
+ }
+
+- string_or_die(&tarcommand, "tar -C %s " TAR_PERM_ATTR_ARGS " -cf - --exclude='%s'/* '%s' 2> /dev/null | "
+- "tar -C %s " TAR_PERM_ATTR_ARGS " -xf - 2> /dev/null",
++ string_or_die(&tarcommand, TAR_COMMAND " -C %s " TAR_PERM_ATTR_ARGS " -cf - --exclude='%s/?*' './%s' 2> /dev/null | "
++ TAR_COMMAND " -C %s " TAR_PERM_ATTR_ARGS " -xf - 2> /dev/null",
+ dir, base, base, rename_tmpdir);
+ if (system(tarcommand) != 0) {
+ LOG(NULL, "Failed to run command:", "%s", tarcommand);
+@@ -111,7 +111,7 @@ static void create_fullfile(struct file *file)
+ free(rename_source);
+
+ /* for a directory file, tar up simply with gzip */
+- string_or_die(&tarcommand, "tar -C %s " TAR_PERM_ATTR_ARGS " -zcf %s/%i/files/%s.tar %s",
++ string_or_die(&tarcommand, TAR_COMMAND " -C %s " TAR_PERM_ATTR_ARGS " -zcf %s/%i/files/%s.tar %s",
+ rename_tmpdir, outdir, file->last_change, file->hash, file->hash);
+ if (system(tarcommand) != 0) {
+ LOG(NULL, "Failed to run command:", "%s", tarcommand);
+@@ -146,7 +146,7 @@ static void create_fullfile(struct file *file)
+
+ /* step 2a: tar it with each compression type */
+ // lzma
+- string_or_die(&tarcommand, "tar --directory=%s " TAR_PERM_ATTR_ARGS " -Jcf %s/%i/files/%s.tar.xz %s",
++ string_or_die(&tarcommand, TAR_COMMAND " --directory=%s " TAR_PERM_ATTR_ARGS " -Jcf %s/%i/files/%s.tar.xz %s",
+ empty, outdir, file->last_change, file->hash, file->hash);
+ if (system(tarcommand) != 0) {
+ LOG(NULL, "Failed to run command:", "%s", tarcommand);
+@@ -154,7 +154,7 @@ static void create_fullfile(struct file *file)
+ }
+ free(tarcommand);
+ // gzip
+- string_or_die(&tarcommand, "tar --directory=%s " TAR_PERM_ATTR_ARGS " -zcf %s/%i/files/%s.tar.gz %s",
++ string_or_die(&tarcommand, TAR_COMMAND " --directory=%s " TAR_PERM_ATTR_ARGS " -zcf %s/%i/files/%s.tar.gz %s",
+ empty, outdir, file->last_change, file->hash, file->hash);
+ if (system(tarcommand) != 0) {
+ LOG(NULL, "Failed to run command:", "%s", tarcommand);
+@@ -162,7 +162,7 @@ static void create_fullfile(struct file *file)
+ }
+ free(tarcommand);
+ #ifdef SWUPD_WITH_BZIP2
+- string_or_die(&tarcommand, "tar --directory=%s " TAR_PERM_ATTR_ARGS " -jcf %s/%i/files/%s.tar.bz2 %s",
++ string_or_die(&tarcommand, TAR_COMMAND " --directory=%s " TAR_PERM_ATTR_ARGS " -jcf %s/%i/files/%s.tar.bz2 %s",
+ empty, outdir, file->last_change, file->hash, file->hash);
+ if (system(tarcommand) != 0) {
+ LOG(NULL, "Failed to run command:", "%s", tarcommand);
+diff --git a/src/manifest.c b/src/manifest.c
+index e878288..cf0cabf 100644
+--- a/src/manifest.c
++++ b/src/manifest.c
+@@ -750,7 +750,7 @@ static int write_manifest_tar(struct manifest *manifest)
+
+ /* now, tar the thing up for efficient full file download */
+ /* and put the signature of the plain manifest into the archive, too */
+- string_or_die(&tarcmd, "tar --directory=%s/%i " TAR_PERM_ATTR_ARGS " -Jcf "
++ string_or_die(&tarcmd, TAR_COMMAND " --directory=%s/%i " TAR_PERM_ATTR_ARGS " -Jcf "
+ "%s/%i/Manifest.%s.tar Manifest.%s Manifest.%s.signed",
+ conf, manifest->version, conf, manifest->version, manifest->component,
+ manifest->component, manifest->component);
+diff --git a/src/pack.c b/src/pack.c
+index e5203d0..1a11a03 100644
+--- a/src/pack.c
++++ b/src/pack.c
+@@ -113,7 +113,7 @@ static void explode_pack_stage(int version, char *module)
+ * the resulting pack is slightly smaller, and in addition, we're saving CPU
+ * time on the client...
+ */
+- string_or_die(&tar, "tar --directory=%s/%s/%i/staged --warning=no-timestamp "
++ string_or_die(&tar, TAR_COMMAND " --directory=%s/%s/%i/staged " TAR_WARN_ARGS " "
+ TAR_PERM_ATTR_ARGS " -xf %s", packstage_dir, module, version, path);
+ ret = system(tar);
+ if (!ret) {
+@@ -442,7 +442,7 @@ static int make_final_pack(struct packdata *pack)
+
+ /* tar the staging directory up */
+ LOG(NULL, "starting tar for pack", "%s: %i to %i", pack->module, pack->from, pack->to);
+- string_or_die(&tar, "tar " TAR_PERM_ATTR_ARGS " --directory=%s/%s/%i/ "
++ string_or_die(&tar, TAR_COMMAND " " TAR_PERM_ATTR_ARGS " --directory=%s/%s/%i/ "
+ "--numeric-owner -Jcf %s/%i/pack-%s-from-%i.tar delta staged",
+ packstage_dir, pack->module, pack->from, staging_dir, pack->to, pack->module, pack->from);
+ ret = system(tar);
+--
+2.5.0
+
diff --git a/recipes-core/swupd-server/swupd-server_2.53.bb b/recipes-core/swupd-server/swupd-server_2.53.bb
index a57f2cf..321fadc 100644
--- a/recipes-core/swupd-server/swupd-server_2.53.bb
+++ b/recipes-core/swupd-server/swupd-server_2.53.bb
@@ -13,6 +13,9 @@ SRC_URI = "\
file://0004-Fix-regression-that-introduced-a-directory-named.patch \
file://0005-xattrs.c-Avoid-freeing-dangling-pointers.patch \
file://0006-Always-use-xattrs-when.patch \
+ file://0007-Clean-up-tar-options-drop-a-for-the-extract-mode.patch \
+ file://0008-Clean-up-tar-commands-always-put-files-after-options.patch \
+ file://0009-Add-compatibility-with-libarchive-s-bsdtar-command.patch \
"
SRC_URI[md5sum] = "14f25677b5a4f0b33785910b03860939"
@@ -20,7 +23,7 @@ SRC_URI[sha256sum] = "c2d0e595444fe198c4092dd83d20a929fd1402a13b66b410b76677ed3a
inherit autotools
-EXTRA_OECONF = "--enable-bzip2 --enable-lzma --disable-stateless"
+EXTRA_OECONF = "--enable-bzip2 --enable-lzma --disable-stateless --enable-bsdtar"
# safer-calls-to-system-utilities.patch uses for loop initial declaration
CFLAGS_append = " -std=c99"
@@ -30,6 +33,8 @@ do_install_append () {
install -m 0755 ${S}/test/signature/* ${D}${sysconfdir}/swupd-certs/
}
-RDEPENDS_${PN} = "tar rsync"
+# Work around lack of "RPROVIDES = bsdtar-native" in libarchive-native.
+RDEPENDS_${PN}_class-target = "bsdtar rsync"
+RDEPENDS_${PN}_class-native = "libarchive rsync"
BBCLASSEXTEND = "native"