Documentation
¶
Overview ¶
Package update provides functionality for fetching updates, verifying them, and installing them onto the armory device.
Index ¶
- func BinaryPath(fr ftlog.FirmwareRelease) (string, error)
- func HABSignaturePath(fr ftlog.FirmwareRelease) (string, error)
- type BinaryFetcher
- type Fetcher
- func (f *Fetcher) GetApplet(ctx context.Context) (firmware.Bundle, error)
- func (f *Fetcher) GetBoot(ctx context.Context) (firmware.Bundle, error)
- func (f *Fetcher) GetLatestVersions(_ context.Context) (os semver.Version, applet semver.Version, err error)
- func (f *Fetcher) GetOS(ctx context.Context) (firmware.Bundle, error)
- func (f *Fetcher) GetRecovery(ctx context.Context) (firmware.Bundle, error)
- func (f *Fetcher) Scan(ctx context.Context) error
- type FetcherOpts
- type FirmwareVerifier
- type Local
- type Remote
- type Updater
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
func BinaryPath ¶
func BinaryPath(fr ftlog.FirmwareRelease) (string, error)
BinaryPath returns the relative path within a bucket for the binary referenced by the manifest.
func HABSignaturePath ¶
func HABSignaturePath(fr ftlog.FirmwareRelease) (string, error)
HABSignaturePath returns the relative path within a bucket for the HAB signature referenced by the manifest.
Types ¶
type BinaryFetcher ¶
BinaryFetcher returns the firmware image and HAB signature (if applicable) corresponding to the given release.
type Fetcher ¶
type Fetcher struct {
// contains filtered or unexported fields
}
func NewFetcher ¶
func NewFetcher(ctx context.Context, opts FetcherOpts) (*Fetcher, error)
NewFetcher returns an implementation of a Remote that uses the given log client to fetch release data from the log.
func (*Fetcher) GetLatestVersions ¶
func (*Fetcher) GetRecovery ¶
type FetcherOpts ¶
type FetcherOpts struct {
// BinaryFetcher should be able to return binaries referenced from entries in the log.
BinaryFetcher BinaryFetcher
// LogFetcher should be able to communicate with the target FT log.
LogFetcher client.Fetcher
// LogOrigin is the Origin string associated with the target FT log.
LogOrigin string
// LogVerifier is used to verify checkpoint signatures from the target FT log.
LogVerifier note.Verifier
// AppletVerifier is used to verify signatures on applet manifests.
AppletVerifier note.Verifier
// BootVerifier is used to verify signatures on bootloader manifests.
BootVerifier note.Verifier
// OSVerifiers are used to verify signatures on OS manifests.
OSVerifiers [2]note.Verifier
// RecoveryVerifier is used to verify signatures on recovery manifests.
RecoveryVerifier note.Verifier
// HABTarget, if set, will require that manifest HAB.Target values must match for
// Bootloader and Recovery entries.
// This is to help ensure that HAB-fused devices get boot firmware with the correct
// signature.
HABTarget string
// PreviousCheckpointRaw is optional and should contain the raw bytes of the checkpoint
// used during the last firmware update.
// Leaving this unset will cause the Fetcher to consider all entries in the log, rather than
// just those added since the last update.
PreviousCheckpointRaw []byte
}
FetcherOpts holds configuration options for creating a new Fetcher.
type FirmwareVerifier ¶
type FirmwareVerifier interface {
// Verify checks the firmware bundle and returns an error if invalid, or nil
// if the firmware is safe to install.
Verify(firmware.Bundle) error
}
A FirmwareVerifier checks that the given Bundle passes installation policy.
type Local ¶
type Local interface {
// GetInstalledVersions returns the semantic versions of the OS and Applet
// installed on this device. These will be the same versions that are
// currently running.
GetInstalledVersions() (os, applet semver.Version, err error)
// InstallOS updates the OS to the version contained in the firmware bundle.
// If the update is successful, the RPC will not return.
InstallOS(firmware.Bundle) error
// InstallApplet updates the Applet to the version contained in the firmware bundle.
// If the update is successful, the RPC will not return.
InstallApplet(firmware.Bundle) error
}
Local allows access to query the firmware installed on this device and operations to install new versions of the firmware.
type Remote ¶
type Remote interface {
// GetLatestVersions returns the latest available versions of the OS and Applet.
GetLatestVersions(context.Context) (os, applet semver.Version, err error)
// GetOS fetches the operating system executable and associated metadata.
GetOS(context.Context) (firmware.Bundle, error)
// GetApplet fetches the applet executable and associated metadata.
GetApplet(context.Context) (firmware.Bundle, error)
}
A Remote represents the connection to the Internet and allows access to query and fetch new versions of firmware.
type Updater ¶
type Updater struct {
// contains filtered or unexported fields
}
Updater should be periodically invoked via Update to check for and install firmware udpates for the OS and applet.
func NewUpdater ¶
func NewUpdater(local Local, remote Remote, verifier FirmwareVerifier) (*Updater, error)
NewUpdater returns an Updater that uses local to query/update the device, remote to query/fetch new updates, and verifier to ensure that downloaded content passes installation policy.
func (Updater) Update ¶
Update checks whether newer versions of installed firmware are available, and if so it fetches, verifies, and installs the firmware. If any changes are made to the firmware on disk then this function will not return because a reboot will be scheduled. This function is designed to be called periodically by a single thread. It is not thread safe.
Source Files