SWUpdate can be used to restore complete a device if it gets broken or it helps in the factory to install for the first time the software on a new branded device. The diskpart handler can set up partitions (for NAND flash the ubipartition) handler is used. This feature is often used together with a rescue system, that can restore even in field a broken device by initializing the device. Up now, SWUpdate was able to partition disks but it required external tools (like mkfs) to initialize a filesystem. However, an update agent like SWUpdate must be as much as possible self contained. This increase both reliability and security.
In fact, a common goal for an attacker is to replace some system tools and the shell with an own implementation to get control of the attacked device. Any call to “system” or the execution of an external tool could become potentially a security leak. SWUpdate does not call “system” with the exception of shell scripts, and it is also strongly encouraged to replace shell scripts with Lua, as Lua is called in the process context of the updater without spawning new processes.
Going on in the direction to provide a very flexible updater without reducing security, SWUpdate has now support to initialize without external tools the partitions it creates. An open source library is added to SWUpdate to support VFAT filesystem, while support to initialize a Linux ext (ext2 / ext3 or more common ext4) is implemented by porting part of the mkfs tool into SWUpdate sources and linking to the standard libextfs libraries. You can easy set in sw-description which partitions should be formatted by setting the new property fstype as done in the following example:
partitions: (
{
type = “diskpart”;
device = “/dev/sde”;
properties: {
labeltype = “gpt”;
partition-1 = [ “size=64M”, “start=2048”, “name=bigrootfs”, “type=C12A7328-F81F-11D2-BA4B-00A0C93EC93B”];
partition-2 = [“size=256M”, “start=133120”, “name=ldata”, “type=EBD0A0A2-B9E5-4433-87C0-68B6B72699C7”, “fstype=vfat“];
partition-3 = [“size=512M”, “start=657408″,”name=log”, “fstype =ext4“, 63DAF-8483-4772-8E79-3D69D8477DE4”];
partition-4 = [“size=4G”, “start=1705984″,”name=system”, “type=0FC63DAF-8483-4772-8E79-3D69D8477DE4”];
partition-5 = [“size=512M”, “start=10094592″,”name=part5”, “type=0FC63DAF-8483-4772-8E79-3D69D8477DE4”];
}
