orchestrated android style system upgrades for embedded
play

Orchestrated Android-Style System Upgrades for Embedded Linux Diego - PowerPoint PPT Presentation

May 26, 2023 •196 likes •664 views

Orchestrated Android-Style System Upgrades for Embedded Linux Diego Rondini Embedded Linux Conference Europe 2017, Prague Diego Rondini, www.kynetics.com What this session is about Manage and rollout software updates on Embedded Linux devices

  1. Orchestrated Android-Style System Upgrades for Embedded Linux Diego Rondini Embedded Linux Conference Europe 2017, Prague Diego Rondini, www.kynetics.com

  2. What this session is about Manage and rollout software updates on Embedded Linux devices and apply them like Android does. Embedded Linux Conference Europe 2017, Prague Diego Rondini, www.kynetics.com

  3. Agenda ❯ Motivations for our work with OTA updates on Embedded Linux ❯ The Android way for managing updates ❯ Embedded Linux updates agent: SWUpdate ❯ Remote management and rollout campaigns: Eclipse hawkBit ❯ Our implementation to manage and deploy software updates Android-like: Update Factory ❯ Demo. Embedded Linux Conference Europe 2017, Prague Diego Rondini, www.kynetics.com

  4. Motivations ❯ Support medium scale general purpose CPU-SOC modules ❯ Install atomically a new OS on a device 》 Atomicity of the update ❯ Track updates and divide them per device types and use cases ❯ Support custom device metadata sent to the Remote Update Management Platform Embedded Linux Conference Europe 2017, Prague Diego Rondini, www.kynetics.com

  5. Preamble ❯ Boundary Devices Nitrogen6x as reference 》 NXP i.MX6 platform (meta-freescale) 》 U-Boot on NOR flash 》 boot and root partition ❯ we refer to traditional Android single copy OTA 》 recent Pixel devices with big storage use Chrome OS based double copy OTA ❯ designed for biggest freedom of storage access while still running in a Linux OS Embedded Linux Conference Europe 2017, Prague Diego Rondini, www.kynetics.com

  6. Android update: approach to OTA updates ❯ Android approach splits the upgrade process in two phases: 》 preparation for the upgrade → performed in the full fledged Regular OS execution of the upgrade → performed in a purpose built Recovery OS 》 ❯ Execution performed by the recovery binary Embedded Linux Conference Europe 2017, Prague Diego Rondini, www.kynetics.com

  7. Android update Workflow Bootloader Recovery Partition Recovery OS Recovery bin Regular OS Update bin Update script Reboot Embedded Linux Conference Europe 2017, Prague Diego Rondini, www.kynetics.com

  8. Android update: preparation ❯ Preparation on the Device flow: 》 registers to the cloud 》 polls for available updates 》 notifies update is available (Download? Y/n) 》 notifies update is ready to install (Proceed? Y/n) 》 reboot to Recovery OS ❯ Verification of package signatures https://developer.android.com/reference/android/os/RecoverySystem.html#verifyPac kage(java.io.File,%20android.os.RecoverySystem.ProgressListener,%20java.io.File) ❯ Installation setup and reboot in recovery mode https://developer.android.com/reference/android/os/RecoverySystem.html#installPa ckage(android.content.Context,%20java.io.File) Embedded Linux Conference Europe 2017, Prague Diego Rondini, www.kynetics.com

  9. Android update: execution ❯ Bootloader/bootscript gets “reset cause” (i.MX6 Family) and boots in ramdisk-based Recovery Mode ❯ recovery starts ❯ recovery unpacks the update file provided (signed zip) ❯ update-binary executes actions in the updater-script (edify) ❯ log and result files are written in the partition ❯ reboot to Regular OS ❯ https://source.android.com/devices/tech/ota/device_code ❯ https://github.com/boundarydevices/android_device_boundary/commit/f069efd28d7d55 e1cc298662881b9ceabb4650e3#diff-a55e09ca16b027ed99c01ca6765d9cca Embedded Linux Conference Europe 2017, Prague Diego Rondini, www.kynetics.com

  10. Snippet: bootscript (i.MX6) +setenv bootpart 1 + +setexpr rval *0x020CC068 \& 0x180 # get reset cause +if itest.s "x$rval" -eq "x100"; then + echo "----------- run fastboot here"; +else + if itest.s "x$rval" -eq "x80"; then + setenv bootpart 2; + fi +fi + +mw.l 0x020cc068 0 1 Embedded Linux Conference Europe 2017, Prague Diego Rondini, www.kynetics.com

  11. Android Update: advantages ❯ Single copy update featuring a recovery OS ❯ OTA agent runs in regular OS 》 No need to interrupt normal operation (yet) 》 Network access (e.g. Wifi setup by the user) 》 Interaction with the user (notifications / acknowledgment) 》 Full API access (Wifi or 3G/4G? Low battery?) ❯ Recovery has no need of network access, all artifacts are pre-fetched ❯ Update script support binary writing (no mount is required) ❯ Recovery environment is RO, minimal, isolated Embedded Linux Conference Europe 2017, Prague Diego Rondini, www.kynetics.com

  12. Part One: Device Update Approaches ❯ ❯ Double copy: Single copy: 》 》 The devices features two copies A separate upgrade OS is required 》 of the Application/OS/RootFS You may update Kernel and Device 》 Each copy must contain the Tree if the update environment is kernel, the root file system, segregated 》 and each further component that Cooperation with the bootloader is can be updated necessary to boot in update mode 》 Cooperation with the boot loader is necessary to decide which copy should be booted Embedded Linux Conference Europe 2017, Prague Diego Rondini, www.kynetics.com

  13. Unpartitioned Space Double copy bootloader Dual Boot Partition boot selection bootenv Bootable system 2 Bootable system 1 Boot partition 2 Boot partition 1 bootscript bootscript device tree device tree kernel kernel ramdisk ramdisk rootfs partition 2 rootfs partition 1 rootfs rootfs Embedded Linux Conference Europe 2017, Prague Diego Rondini, www.kynetics.com

  14. Double copy Unpartitioned Space Single Boot bootloader Partition bootenv boot selection Boot partition 1 rootfs partition 1 bootscript rootfs device tree kernel rootfs partition 2 ramdisk rootfs Embedded Linux Conference Europe 2017, Prague Diego Rondini, www.kynetics.com

  15. Single copy Unpartitioned Space bootloader Simple bootenv boot selection system recovery BLOB Boot partition 1 bootscript device tree Bootable system 1 kernel rootfs partition 1 rootfs ramdisk system recovery Embedded Linux Conference Europe 2017, Prague Diego Rondini, www.kynetics.com

  16. Double Copy: Pros and Cons ❯ Pros: 》 Fallback in case of failure 》 Pretty easy to implement ❯ Cons: 》 Expensive in terms of storage resources, double the space 》 Requires a mechanism to switch between running and other copy if multiple partitions are doubled (e.g. boot, root) 》 Identify which copy is running Embedded Linux Conference Europe 2017, Prague Diego Rondini, www.kynetics.com

  17. Single Copy: Pros and Cons ❯ Pros: 》 Requires smaller amount of space 》 “Update mode” lives in RAM 》 Can freely access whole storage (rewrite from scratch, including partition table) 》 Can be used for factory reset (tftpboot / USB boot) ❯ Cons: 》 No fallback if write fails (e.g. power interruption). Restart recovery mode to try again Embedded Linux Conference Europe 2017, Prague Diego Rondini, www.kynetics.com

  18. Embedded Linux like Android ? ❯ A good option for building a recovery system “Android Like” Linux is SWUpdate: 》 Written in C by Stefano Babic (Denx) and contributors 》 Runs as Daemon or direct invocation 》 Update files (.swu) based on CPIO format 》 Several handlers (e.g. write raw data, write single file) 》 Update files scripting features (LUA) Embedded Linux Conference Europe 2017, Prague Diego Rondini, www.kynetics.com

  19. SWUpdate: Architecture Local START,RUN, SUCCESS, FAILURE, DOWLOAD, DONE Storage Notifier Remote file Default server Parser Installer Web Server LUA Parser Custom MCU Handler Manager protocol LUA UBI MTD RAW ENV hawkBit Embedded Linux Conference Europe 2017, Prague Diego Rondini, www.kynetics.com

  20. SWUpdate: features ❯ Local interfaces: 》 Local storage (USB, SD) as artifacts source 》 Support local peripheral devices, through USB/UART for streaming update (i.e MCU) 》 Embedded Web Server as local UI ❯ Remote interfaces: 》 HTTP, FTP 》 hawkBit (Suricatta embedded client) ❯ Signature and encryption of update files ❯ Handlers 》 U-boot for reading environment variables 》 Shell pre/post install scripts (also LUA) 》 Default config parser using libconfig (to parse update description file) Embedded Linux Conference Europe 2017, Prague Diego Rondini, www.kynetics.com

  21. SWUpdate: single image format CPIO Header software = { version = "0.1.0"; target = { sw-descriptor hardware-compatibility: [ "1.0"]; Images: ( { filename = “rootfs.ext4.”; device = /dev/mmcblk0p2”; Image 1 type = “raw”; compressed = true; } ); Image 2 scripts:( { filename = “installscript.sh”; type = “schellscript”; sha256 = “faaaa30c … .”; } ); } } Image (n) Embedded Linux Conference Europe 2017, Prague Diego Rondini, www.kynetics.com

  22. Security notes ❯ SWUpdate combines signed sw-description with the verification of hashes for each single image. 》 RSA PKCS#1 (public/private) 》 CMS PKCS#7 (certificates) ❯ This means that only signed sw-description, generated by a verified source, can be trusted by the installer. 》 sw-description.sig 》 Public.pem can be passed to SWUpdate daemon (on the device) ❯ sw-description contains hashes for each sub-image to verify that each delivered subimage really belongs to the release. 》 Each image inside sw-description must have the attribute “sha256” Embedded Linux Conference Europe 2017, Prague Diego Rondini, www.kynetics.com

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

Customing Android: Looking inside the droids belly Embedded Android Appliances What do I mean by

Customing Android: Looking inside the droids belly Embedded Android Appliances What do I mean by

Customing Android: Looking inside the droids belly Embedded Android Appliances What do I mean by Appliances? appliance / pl ns/ Noun A device designed to perform a specific task, typically a domestic one. Digital Signage

1.04k views • 55 slides
I/O Performance Improvement - Using ext2 in Android - 2011.04.14 Hansung Chun Embedded S/W

I/O Performance Improvement - Using ext2 in Android - 2011.04.14 Hansung Chun Embedded S/W

I/O Performance Improvement - Using ext2 in Android - 2011.04.14 Hansung Chun Embedded S/W Research Division Embedded S/W Research Division 1 Motive q Samsung Galaxy S l /system: OneNAND + STL + RFS, 300MB l /data: moviNAND + RFS, 1918MB l

276 views • 25 slides
Headless Android Strikes Back! ABS2014 04/29/2014 Gary Bisson Embedded Software Engineer ABOUT

Headless Android Strikes Back! ABS2014 04/29/2014 Gary Bisson Embedded Software Engineer ABOUT

Headless Android Strikes Back! ABS2014 04/29/2014 Gary Bisson Embedded Software Engineer ABOUT THE PRESENTER Embedded Software Engineer at Adeneo Embedded (Bellevue, WA) BSP Adaptation Driver Development System Integration

347 views • 32 slides
Leveraging the Android Accessory Protocol Gary Bisson Adeneo Embedded

Leveraging the Android Accessory Protocol Gary Bisson Adeneo Embedded

Leveraging the Android Accessory Protocol Gary Bisson Adeneo Embedded gbisson@adeneo-embedded.com Android Builders Summit 2013 1 Gary Bisson - ABS2013 Session Overview Introduction to Android Open Accessory Protocol specifications

554 views • 39 slides
TACKYDROID Pentesting Android Applications in Style THIS TALK IS ABOUT AN APP WE ARE MAKING

TACKYDROID Pentesting Android Applications in Style THIS TALK IS ABOUT AN APP WE ARE MAKING

TACKYDROID Pentesting Android Applications in Style THIS TALK IS ABOUT AN APP WE ARE MAKING This talk IS NOT about Android platform itself This talk IS about how we want to contribute auditing apps that run on Android systems With

975 views • 74 slides
development upgrades Michael Brown NGM Firmware Lead Technologist Dell EMC Embedded Linux

development upgrades Michael Brown NGM Firmware Lead Technologist Dell EMC Embedded Linux

Reducing the pain of Yocto development upgrades Michael Brown NGM Firmware Lead Technologist Dell EMC Embedded Linux Conference 2017 Outline Easier Yocto upgrades in development - Introduction - Problem Statement - Dell EMC

167 views • 15 slides
LBNF/NuMI-Style target, for Horn A, revision 2, & other upgrades. Paul Lebrun ND/Fermilab.

LBNF/NuMI-Style target, for Horn A, revision 2, & other upgrades. Paul Lebrun ND/Fermilab.

LBNF/NuMI-Style target, for Horn A, revision 2, & other upgrades. Paul Lebrun ND/Fermilab. Nov 17 2016 NuMI Target upgrade, + others 1 A confusing sequence of code upgrades.. I HornA, revision 2 => Coded up. Target: revised:

197 views • 19 slides
APPLICATIONS UDAY LINGALA CSCI 5448, Fall 2012 Content Introduction to Android system

APPLICATIONS UDAY LINGALA CSCI 5448, Fall 2012 Content Introduction to Android system

ANDROID AND ANDROID APPLICATIONS UDAY LINGALA CSCI 5448, Fall 2012 Content Introduction to Android system What is android? History Android Market Why Android Design philosophy System Architecture Features

802 views • 40 slides
Introduction to Android Development What is Android? Android is the customizable, easy to

Introduction to Android Development What is Android? Android is the customizable, easy to

Introduction to Android Development What is Android? Android is the customizable, easy to use operating system that powers more than a billion devices across the globe - from phones and tablets to watches, TV, cars and more to come.

464 views • 21 slides
ELC 2013 Security: Best Practices for Embedded Systems John Mehaffey Senior System Architect

ELC 2013 Security: Best Practices for Embedded Systems John Mehaffey Senior System Architect

ELC 2013 Security: Best Practices for Embedded Systems John Mehaffey Senior System Architect Embedded Systems Division mentor.com/embedded Android is a trademark of Google Inc. Use of this trademark is subject to Google Permissions. Linux

544 views • 17 slides
1 How are embedded systems different Timing and Concurrency than traditional software? Fire

1 How are embedded systems different Timing and Concurrency than traditional software? Fire

What is an Embedded System? Definition of an embedded computer system: Embedded Systems is a digital system. Introduction uses a microprocessor (usually). runs software for some or all of its functions. frequently used as a

158 views • 3 slides
Mobile Development Workshop ANDROID REFRESHER Overview The Android operating system Views,

Mobile Development Workshop ANDROID REFRESHER Overview The Android operating system Views,

Mobile Development Workshop ANDROID REFRESHER Overview The Android operating system Views, Layouts and Activities Event listeners Using Intents to request actions First up Start a new project in Android Studio Call it Before and After

4.96k views • 19 slides
Bringing Android Apps to Tizen Kevin Menice, OpenMobile World Wide, Inc. SVP & GM, Embedded

Bringing Android Apps to Tizen Kevin Menice, OpenMobile World Wide, Inc. SVP & GM, Embedded

Bringing Android Apps to Tizen Kevin Menice, OpenMobile World Wide, Inc. SVP & GM, Embedded and Core Technologies November 11, 2013 Session Abstract Enable your Android apps on the Tizen platform with OpenMobile Application

331 views • 29 slides
2019 BETTER PLANTS SUMMIT AGROPUR AMMONIA SYSTEM UPGRADES M ark M int er CEM 2

2019 BETTER PLANTS SUMMIT AGROPUR AMMONIA SYSTEM UPGRADES M ark M int er CEM 2

2019 BETTER PLANTS SUMMIT AGROPUR AMMONIA SYSTEM UPGRADES M ark M int er CEM 2 INTRODUCTION Better Dairy. Better World. www.agropur.com 3 AGROPUR - AMMONIA SYSTEM UPGRADES Background Historically ran at 20.4 PSI suction

114 views • 10 slides
CS371m - Mobile Computing Android Overview and Android Development Environment What is Android?

CS371m - Mobile Computing Android Overview and Android Development Environment What is Android?

CS371m - Mobile Computing Android Overview and Android Development Environment What is Android? A software stack for mobile devices that includes An operating system Middleware Key Applications Uses Linux to provide core

1.49k views • 70 slides
CS378 - Mobile Computing Android Overview and Android Development Environment What is Android?

CS378 - Mobile Computing Android Overview and Android Development Environment What is Android?

CS378 - Mobile Computing Android Overview and Android Development Environment What is Android? A software stack for mobile devices that includes An operating system Middleware Key Applications Uses Linux to provide core

583 views • 31 slides
CSLab Outline 1 Dijkstras Basics 2 Straightforward Parallelization Scheme 3 Helper-Threading

CSLab Outline 1 Dijkstras Basics 2 Straightforward Parallelization Scheme 3 Helper-Threading

Early Experiences on Accelerating Dijkstras Algorithm Using Transactional Memory Nikos Anastopoulos, Konstantinos Nikas, Georgios Goumas and Nectarios Koziris Computing Systems Laboratory School of Electrical and Computer Engineering

310 views • 19 slides
Generation Analytic Platforms How to embed disruptors in your business strategy? October 6 th ,

Generation Analytic Platforms How to embed disruptors in your business strategy? October 6 th ,

Disruptors and their applicability to Next Generation Analytic Platforms How to embed disruptors in your business strategy? October 6 th , 2015 Ashish Verma, Hybrid Services and Innovation Leader, Deloitte Consulting LLP Agenda 1. An

470 views • 21 slides
Truthful Cake Cutting Egor Ianovski University of Auckland CMSS Summer Workshop 2012 Egor

Truthful Cake Cutting Egor Ianovski University of Auckland CMSS Summer Workshop 2012 Egor

Truthful Cake Cutting Egor Ianovski University of Auckland CMSS Summer Workshop 2012 Egor Ianovski (University of Auckland) Truthful Cake Cutting CMSS 2012 1 / 24 A Framework for Cake Cutting 1 Truthful Mechanisms 2 Egor Ianovski

407 views • 28 slides
On#the#Fault+tolerance#and#High# Performance#of#Replicated#Transactional# Systems Dr.#Sachin

On#the#Fault+tolerance#and#High# Performance#of#Replicated#Transactional# Systems Dr.#Sachin

On#the#Fault+tolerance#and#High# Performance#of#Replicated#Transactional# Systems Dr.#Sachin Hirve Virginia#Tech 10 th September#2015 Distributed#Operations In#todays#world#distributed#operations#are#ubiquitous# Example#+ 2 Image

763 views • 64 slides
Programmability in the Era of Parallel Computing Per Stenstrm Department of Computer Science

Programmability in the Era of Parallel Computing Per Stenstrm Department of Computer Science

Programmability in the Era of Parallel Computing Per Stenstrm Department of Computer Science and Engineering Chalmers University of Technology Sweden Multicore Scaling Cores/chip 100s cores 16 cores Source: Computer Performance : Game

285 views • 9 slides
Transformation Languages Eugene Syriani Ph.D. Candidate in the Modelling, Simulation and Design

Transformation Languages Eugene Syriani Ph.D. Candidate in the Modelling, Simulation and Design

MSDL08 De-/Re-constructing Model Transformation Languages Eugene Syriani Ph.D. Candidate in the Modelling, Simulation and Design Lab School of Computer Science McGill University MSDL08 OVERVIEW Context De-Constructing

292 views • 25 slides
Hands-on Cassandra OSCON July 20, 2010 Eric Evans eevans@rackspace.com @jericevans

Hands-on Cassandra OSCON July 20, 2010 Eric Evans eevans@rackspace.com @jericevans

Hands-on Cassandra OSCON July 20, 2010 Eric Evans eevans@rackspace.com @jericevans http://blog.sym-link.com Background 2 2 Influential Papers BigTable Strong consistency Sparse map data model GFS, Chubby, et al Dynamo

1.05k views • 70 slides
Making smart contract smarter Loi Luu, Duc-Hiep Chu, Hrishi Olickel, Prateek Saxena, Aquinas Hobor

Making smart contract smarter Loi Luu, Duc-Hiep Chu, Hrishi Olickel, Prateek Saxena, Aquinas Hobor

Making smart contract smarter Loi Luu, Duc-Hiep Chu, Hrishi Olickel, Prateek Saxena, Aquinas Hobor <EE817/IS893: Blockchain and Cryptocurrency> Presented by Daejun Kim (2019. 05) Index Background Introduction Security bugs in

1.39k views • 85 slides

More recommend