Skip to content
This repository has been archived by the owner on Feb 25, 2023. It is now read-only.

hsm: add possibility to update HSM firmware from middleware #314

Open
wants to merge 2 commits into
base: master
Choose a base branch
from
Open

hsm: add possibility to update HSM firmware from middleware #314

wants to merge 2 commits into from

Conversation

Tomasvrba
Copy link
Contributor

This commit:

  • Adds the AvailableHSMVersion Redis key: hsm:firmware:version
  • Adds the HSMUpdateAvailable() method to the middleware which
    compares the version of the running HSM firmware and the
    AvailableHSMVersion Redis key
  • If a new version is available, the main() function executes the
    update via the hsm immediately after the middleware is started
  • The signed firmware file is assumed to be in
    /opt/shift/hsm/firmware-bitboxbase.signed.bin which is the default
    value of the hsmFirmwareFile flag
  • Together with the updateHSMFirmware, this can be used to force flash
    firmware from a custom location
  • If an update is successful, reboot back into the firmware via the
    middleware so that the middleware has access to the new hsmFirmware

@Tomasvrba
Copy link
Contributor Author

@Stadicus We will also need to set the AvailableHSMVersion Redis key on build. I'll leave that to you?

@Stadicus Stadicus mentioned this pull request Dec 12, 2019
Merged
Stadicus
Stadicus approved these changes Dec 12, 2019
View reviewed changes
Copy link
Collaborator

@Stadicus Stadicus left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

utACK c42bbc0

@Tomasvrba Tomasvrba mentioned this pull request Dec 12, 2019
Merged
benma
benma suggested changes Dec 17, 2019
View reviewed changes
middleware/cmd/middleware/main.go Show resolved Hide resolved
middleware/src/hsm/hsm.go Outdated Show resolved Hide resolved
middleware/src/hsm/hsm.go Show resolved Hide resolved
middleware/src/middleware.go Outdated Show resolved Hide resolved
middleware/cmd/middleware/main.go Outdated Show resolved Hide resolved
middleware/src/hsm/hsm.go Outdated Show resolved Hide resolved
@Tomasvrba
hsm: add possibility to update HSM firmware from middleware
a772c34 
This commit:
- Adds the `AvailableHSMVersion` Redis key: `hsm:firmware:version`
- Adds the `HSMUpdateAvailable()` method to the middleware which
compares the version of the running HSM firmware and the
AvailableHSMVersion Redis key
- If a new version is available, the `main()` function executes the
update via the hsm immediately after the middleware is started
- The signed firmware file is assumed to be in
`/opt/shift/hsm/firmware-bitboxbase.signed.bin` which is the default
value of the `hsmFirmwareFile` flag
- Together with the `updateHSMFirmware`, this can be used to force flash
firmware from a custom location
- If an update is successful, reboot back into the firmware via the
middleware so that the middleware has access to the new `hsmFirmware`
@Tomasvrba Tomasvrba force-pushed the update-hsm-firmware branch 2 times, most recently from dc4eefa to cd0fcd3 Compare December 19, 2019 11:11
@Tomasvrba Tomasvrba requested a review from benma December 19, 2019 11:34
@Tomasvrba
Copy link
Contributor Author

@benma Could you please take another quick look over my changes which address your review?

Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Reviewers

@benma benma benma requested changes

@Stadicus Stadicus Stadicus approved these changes

Assignees

@Tomasvrba Tomasvrba

Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@Tomasvrba @benma @Stadicus