Early boot
Jump to navigation
Jump to search
This page is monitored by the OLPC team.
|
NOTE: The contents of this page are not set in stone, and are subject to change! This page is a draft in active flux ... |
|
Draft of early boot upgrade/init procedures designed by Michael Stone and C. Scott Ananian.
Early userland startup steps
[initrd]
v
python2.5 (pid 1)
v
network_setup(), mount usb/sd, etc
v
antitheft client (ATC)
olpc.atc.run(fqdn of schoolserver, callback)
(sometime later, or immediately if already activated)
v
callback (as pid 2)
v
mount /sysroot, unmount usb/sd
copy /security/lease to /sysroot/security/lease if first boot
parse chosen/bootpath, swing /pristine/current
v
make minimal userland context (mount --move /sysroot /)
vserver (protect PID 1, RTC <- vserver delta time)
v
--------------------> (post-FRS) debian w/ developer key:
| def run():
| os.exec('/sbin/init')
if booting from a backup:
1. make new config w/ swapped current and alt
(ie. create a /pristine/configs/XXX w/ new current, alt)
2. then swing /pristine/boot symlink
create /pristine/running
xo boot:
$current = basename of realpath of /pristine/boot/current (a hash)
mnt /home /run/$current/home
mnt /security /run/$current/security
mnt /pristine /run/$current/pristine
chroot /run/$current (mount --move ?) [ actually vserver container here ]
v
if exists '/sbin/olpc_init.py':
sys.path = ['/sbin'] + sys.path
from olpc_init import run
run(<parameters?>)
else:
exec '/sbin/init --init'
---------------------> debian w/o developer key (in run)
|
pyinit + rainbow stuff (take over legacy init's job)
fork run-parts (/etc/inittab stuff)
listen for shutdown, etc.
vserver (- CONTEXT)
Notes on P_SF_RUN
P_SF_RUN:
off = allow mod = run from /run/X
on = pristine = run from /run/X
switch on->off: set the unlink flags on /run
off->on: create immutably-tagged /run/a,b from /pristine/a,b
List of directories in root
/sys, /proc, /ofw vfs
/pristine/trees/{hashes}
/pristine/configs/`mkdtemp`/current
/pristine/configs/`mkdtemp`/alt
/pristine/boot -> configs/<something>
/pristine/running -> /pristine/tree/<hash> (version we booted from)
/pristine/updates/<hash> (temporary space for updates, preserved in case update
net connection drops & updater is restarted)
/run/{hashes}
/security
/home
/boot -> /pristine/boot/current
/boot-alt -> /pristine/boot/alt
Upgrade procedure
Upgrade procedure, creating new b from a (w.l.o.g)
Rainbow: (ATC gives <version> <hash> <priority>)
-1: Check that /pristine/tree/<hash> doesn't already exist.
0. Create new /pristine/config/$c <- where $c = mkdtemp
1. Create /pristine/config/$c/current -> realpath(/pristine/running)
2. Swap /pristine/boot to point to /pristine/config/$c, save old contents in $old
3. Delete the tree(s) pointed to from /pristine/config/$old which are not pointed to by
/pristine/running (revisit when multiple trees)
4. Delete /pristine/config/$old.
5. Invoke 'olpc-updater <version>'
in new container:
[MICHAEL WILL REWRITE STARTING FROM HERE]
/current (ro-bind mount from /pristine/a)
/upgrade (initially empty)
OLPC updater:
6. clone /current to /upgrade
7. upgrade /upgrade by hook or crook
[END MICHAEL REWRITES]
8. exit
Rainbow:
9. Verify /pristine/updates/<hash> matches <hash>
10. Move /pristine/updates/<hash> to /pristine/trees/<hash>
11. Make a new config /pristine/configs/$d (d = mkdtemp)
12. Create 'current' symlink to /pristine/trees/<hash>
13. Create 'alt' symlink to *realpath of* /pristine/running
14. Swing /pristine/boot to /pristine/configs/$d
(atomic! iff we do file move of new symlink)
12. Delete /pristine/configs/$c
13. If <priority> reboot. (Ask Eben & sugar folks)