Amino Multicast Upgrade - hinditron

Amino Multicast Upgrade 

A Simple Overview 

Applies To 

All Multicast Amino Set Top Boxes 

Summary 

A simplistic overview to the configuration of a Amino Multicast upgrade server. 

Revision History 

Revision Date Author Comments 

1.0 05/05/05 Paul Rae Initial Revision 

The information contained in this Application Note is subject to non disclosure agreements, and 

must not be passed into other third parties without the express permission of Amino 

Communications Ltd.

Applies To....................................................................................................................................... 1 

Summary......................................................................................................................................... 1 

Revision History ............................................................................................................................. 1 

Terminology................................................................................................................................3 

Multicast-aware .................................................................................................................. 3 

Multicast Upgrade.............................................................................................................. 3 

Multicast Upgrade Image................................................................................................. 3 

Multicast Bootstrap............................................................................................................ 3 

Multicast Bootstrap Image............................................................................................... 3 

Overview..................................................................................................................................... 4 

Multicast Bootstrap..................................................................................................................... 5 

Multicast Upgrade....................................................................................................................... 7 

Multicast Server Software........................................................................................................... 8 

Installing Multicast Server Software .......................................................................................... 8 

Software Installation Process.......................................................................................................... 9 

LED Flashing Codes..................................................................................................................... 12 

Summary................................................................................................................................... 12 

Fatal errors (major numbers 8 & 9) .......................................................................................... 13 

Full list (with actions) ............................................................................................................... 13 

2/15

Terminology 

Multicast-aware 

An AmiNET STB is Multicast-aware if it uses the Multicast Upgrade scheme. Every STB either 

uses TFTP for upgrading software or Multicast Upgrade. 

Multicast Upgrade 

Refers to the system which Multicast-aware STBs use for software upgrades. Specifically a 

Multicast Upgrade is the process of receiving a Multicast Upgrade Image, verifying and writing 

it to the flash. However, it also generally refers to the entire system including the server side 

(mcastbootd and DHCP) and Multicast Bootstrap. 

Multicast Upgrade Image 

A file containing a complete software upgrade. This is in the form of a filesystem image with an 

RSA digital signature. 

Multicast Bootstrap 

The system used by the AmiNET boot loader to attain and execute a Multicast Bootstrap Image. 

This is enough software for the STB to perform Multicast Upgrade. 

Multicast Bootstrap Image 

A file containing boot software for an AmiNET STB. This is in the form of a combined Linux 

kernel and RAM disk image with an RSA digital signature. This file is referred to as 

bootstrap. 

3/15

Overview 

The lifetime of a Set-Top-Box using Multicast Upgrade is split into four stages, flash booting, 

multicast bootstrapping, multicast upgrade and running normally. See Figure 1. 

STB power on 

Execute 

bootloader 

Software reset 

Boot from NAND 

flash 

Yes 

Valid software in 

NAND flash? 

No 

Multicast 

Bootstrap 

failure 

Verify and 

execute 

bootstrap 

failure 

success 

Normal use 

Software upgrade request 


Upgrade 

Verify software 

upgrade 

success 

Copy upgrade to 

NAND flash 

Figure 1 STB States 

4/15

Multicast Bootstrap 

When a Set-Top-Box boots and finds no usable software in the NAND flash it enters the 

Multicast Bootstrap state. This is a recovery mode allowing the STB to securely download and 

install a software release automatically. 


Bootstrap 

DHCP request, 

mboot 

AMINET103 

timeout 

failure 

DHCP returned 

multicast 

address/port 

success 

IGMP join 

multicast address 

Data received 

Yes 

Assemble 

bootstrap image in 

memory from 

multicast carousel 

Verify and 

execute 

bootstrap 

Figure 2 Multicast Bootstrap 

5/15

Through the entire Multicast Bootstrap and Multicast Upgrade stage the STB display will display 

a “Loading…” logo, see Figure 3. 

Figure 3 Multicast Bootstrap Loading Screen 

On entering Multicast Bootstrap, the STB sends out a DHCP request containing vendor 

encapsulated options mboot and AMINET103 1 . The DHCP reply should contain a multicast 

group and port on which a bootstrap image is being transmitted, see later sections for details 

of Multicast Boot and DHCP server configuration. The multicast group is joined and data is 

collected. If this data verifies correctly against the RSA Customer key (see the Amino Security 

Policies document for further details of the security systems involved) then it is executed. 

The bootstrap image contains a combined Linux kernel and RAM disk. This is enough to 

boot up the STB and move into the Multicast Upgrade stage. 

1 Different hardware platforms will send relevant hardware identifiers such as AMINET110. 

6/15

Multicast Upgrade 

On entering the Multicast Upgrade state, all non-essential applications are closed 2 . If this state is 

entered from Multicast Bootstrap, a DHCP request is sent containing the vendor encapsulated 

options upgrd and the hardware platform (aminet103). As with Multicast Boot, DHCP must 

be configured to return a multicast group and port. These must point to a Multicast Upgrade 

transmission. If the upgrade is triggered by STBremoteconf or the management pages the 

multicast group and port are supplied by the user. 


Upgrade 

Software 

reset 

Send DHCP 

request, upgrd, 

aminet103 

failure 

timeout 

DHCP returned 

multicast 

address/port 

success 

Software 

upgrade 

request 

IGMP join 

multicast address 

Data received 

Yes 

Verify 

software 

upgrade 

Figure 4 Multicast Upgrade 

Once a complete Multicast Upgrade Image has been received it is verified against the RSA 

Customer key (see the Amino Security Policy document for details) and copied into the NAND 

flash. At this point the NAND flash could potentially be corrupted by a power outage or other 

failure. If this occurs then when the STB reboots it will detect the failure and enter Multicast 

Bootstrap. 

2 A RAM disk is used to store data as it is being received so all applications are closed to free RAM. 

7/15

Multicast Server Software 

Amino provide a software multicast boot server, mcastbootd, which is used to transmit 

Multicast Upgrade and Multicast Bootstrap images to STBs. 

The multicast boot server is normally run as a daemon and controlled via the imgcfg command 

line program. This can be used to add or remove images as well as to modify streaming attributes 

such as bitrate and packet size 3 . The server supports streaming many concurrent images across a 

range of multicast groups. This means that it can be used to transmit many versions of software 

to a selection of AmiNET STB variants. 

Installing Multicast Server Software 

Amino supply the multicast server software alongside each Multicast Upgrade STB software 

release together with a configuration tool and several example files. The directory structure of a 

release is shown below: 

 

upgradeimage 

bootstrap 

romupgrade 

mcastserver 

utils 

Figure 5 Release Directory Structure 

upgradeimage: 

Contains the Multicast Upgrade Image, typically called mc2.mcfs 

bootstrap: 

Contains the bootstrap image used for Multicast Bootstrap. 

romupgrade: 

Contains the files needed to upgrade a TFTP booting STB to Multicast Upgrade. 

mcastserver: 

Contains the mcastbootd binary and an example dhcpd.conf file. 

utils: 

Contains the binaries rsakey, imgcfg and STBremoteconf as well as Amino’s dummy 

RSA keys. 

3 Advanced users may choose to edit /etc/mcastbootd.conf, an example is provided in each release. 

8/15

Software Installation Process 

This document is intended to be a basic guide on how to install the Amino Multicast Upgrade 

Server. It is by no means intended to be a comprehensive document, and will not go into great 

detail. It will only cover the bare minimum required to get a multicast server up and running, for 

further information you should refer to document Amino Secure Multicast Server. 

This document assumes that you have a tftd and dhcpd daemon installed and will be using the 

configuration supplied by Amino. If you plan on using a different configuration you should use 

the example configs as a guide when setting up your servers. 

1. Log on to your linux server as root 

2. Create the following directories: 

* mkdir /usr/local/amino 

* mkdir /usr/local/amino/images 

* mkdir /usr/local/amino/keys 

* mkdir /usr/local/amino/releases 

* mkdir /usr/local/amino/releases/A103 

* mkdir /usr/local/amino/releases/A110 

3. Download the appropriate software for product i.e. A103.fresco.0.8.5.tgz (AmiNET103 0.8.5 

Fresco release). 

4. Move this file to the appropriate folder i.e. /usr/local/amino/releases/A103 

* mv A103.fresco.0.8.5.tgz /usr/local/amino/releases/A103 

5. Unpack the software image 

* cd /usr/local/amino/releases/A103 

* tar zxvf A103.fresco.0.8.5.tgz 

6. You will now have a directory called "0.8.5" which will contain all the software components, 

change to this directory: 

* cd 0.8.5 

7. You will see the following directories: 

bootsrap - contains the files needed for signing a bootstrap image 

romupgrade - contains the files needed when doing a tftp to multicast rom conversion 

server - contains files needed for the mcastbood server 

upgradeimage - contains the files needed for signing a upgrade image 

utils - contains the generic amino keys, STBremoteconf and misc binaries required for 

above processes. 

9/15

8. Change to the utils directory and do the following: 

* cd utils 

* cd keys 

* cd amino 

* cp * /usr/local/amino/keys 

* cd ../../ 

* cp * /usr/local/bin 

( You will see a warning message about it skipping the keys directory - do not worry this 

is expected) 

* cd .. 

9. Change to the server directory and do the following: 

(If you have a preconfigured dhcpd server you should skip step 3 - you will however need to 

ensure you have all the additional sections configured.) 

* cd server 

* cp mcastbootd /usr/local/bin 

* cp mcastbootd.conf /etc 

* cp dhcpd.conf /etc 

* cd .. 

10. Edit the mcastbootd config file: 

* vi /etc/mcastbootd.conf 

* In the server section add the line: 

ImageDir=/usr/local/amino/images 

* Edit the Multicast Address for the bootstrap i.e 225.50.50.50 

* Edit the Multicast Port for the bootstrap 11111 

* Edit the Multicast Address for the bootstrap i.e 225.50.50.51 

* Edit the Multicast Port for the bootstrap 11111 

(The values for these items can be any address and port of your choosing. However they 

must both use a unique multicast address. The important thing to keep in mind is these values 

must match what you have configured in your dhcpd server.) 

11. Edit the dhcpd config file: 

* vi /etc/dhcpd.conf 

* Confirm that the Multicast Addresses & Ports match those in your 

mcastbood.conf 

12. Prepare tftpd for tftp to multicast conversions if required: 

* cd rompupgrade 

* cd tftpboot 

* cp * /tftpboot 

* cd .. 

* cd .. 

13. Export customer key 

* export CUSTOMER_KEY=/usr/local/amino/keys/KEY.private 

14. Create and sign the bootstrap image 

* cd bootstrap 

* ./signbootstrap 

* when prompted enter the passphrase "markskey" 

* mv bootstrap.signed /usr/local/amino/images 

10/15

* cd .. 

15. Create and sign the upgrade image 

* cd upgradeimage 

* ./signupgrade 0 

* when prompted enter the passphrase "markskey" 

* mv mc2.mcfs /usr/local/amino/images 

At this point your Amino Multicast Server is now fully installed and configured, you should 

restart dhcpd to make sure all changes have taken effect: 

* /etc/init.d/dhcpd restart 

To run mcastbood: 

* mcastbootd 

or to start it in debug mode 

* mcastbootd -D 

11/15

LED Flashing Codes 

Summary 

LED flashing was introduced at version 1.26 of the BootROM as a standard feature. 

Some customer builds had an early development version, which didn't conform to the 

LED flashing standard as listed below. 

The LED flash codes are in a major / minor configuration using the following scheme: 

< major number of flashes > 

< short pause > 

< minor number of flashes > 

< long pause > 

< repeat > 

Errors are split into two main groups: 

• fatal (longer flash codes and generally no reboot) and 

• info (shorter flash and generally a reboot) 

The following info errors were found. There are some errors which do not require a 

reboot since the box will boot up. An example of this is booting up with no network cable 

attached. The rest of the errors can be divided up into "error during code upgrade", 

"code image is no longer secure", and miscellaneous errors 

The major numbers have been allocated as: 

1. Not full functionality but the box will startup fully 

2. Code upgrade failure 

3. Security / crypto issue (IntactOS) 

4. Security / crypto issue (Linux) 

5. Miscellaneous 

6. (blank) 

7. (blank) 

12/15

Fatal errors (major numbers 8 & 9) 

The following fatal errors were found. These errors fall into two groups: crypto failure 

and hardware failure. The action for each of these is to sit in a while(1) loop and keep 

flashing. If the box is rebooted (especially after a NORflash write failure) the box may 

never respond back, so rebooting isn't a useful action 

Full list (with actions) 

Error 

Not full functionality 1 

Major 

# 

Minor 

# 

13/15 

Action 

No network connection 1 1 Flash 3 times and continue booting N 

DHCP lookup failure 1 2 Flash 3 times and continue booting N 

I2C communication failed 1 3 Flash 3 times and continue booting N 

Code upgrade failure 2 

TFTP download failure 2 1 !poweron not saved so just reboot Y 

BOOTP server not found 2 2 !poweron not saved so just reboot Y 

Multicast group not found 2 3 

Multicast download timeout 2 4 

Product file missing from running software 2 5 

bin/products file missing from downloaded 

software upgrade 

bin/products file doesn't match STB product 

(ie. Upgrade not suitable for this STB 

product/platform type 

Security / crypto issue (IntactOS) 3 

Verification of the download image failed 3 1 

Signature check of the listfile.sig failed 3 2 

Listfile.sig is missing 3 3 

Missing file in the NAND flash according to 

listfile.sig 

Retry 3 times If still unsuccessful 

reboot 

Retry 3 times >If still unsuccessful 

reboot 

reboot. Upgrade system broken - 

use REFLASH 

2 6 STB reboots Y* 

2 7 STB reboots Y* 

3 4 

File check failed against listfile.sig 3 5 

File found on the NAND flash not in listfile.sig 3 6 

Delete the image if saved on the 

flash Retry up to 3 times. If 

unsuccessful reboot. 


flash Retry up to 3 times. If 

unsuccessful reboot 

Erase the flash (which must be 

assumed to be unsafe) 







Reboot 

Y* 

Y* 

Y* 

Y* 

Y* 

Y 

Y 

Y 

Y

Unable to decode the customer public key on 

3 7 Y 

the box 

Security / crypto issue (Linux) 4 

Verification of the download image failed 4 1 

Signature check of the listfile.sig failed 4 2 

Listfile.sig is missing or corrupted 4 3 

DI is going backwards 4 4 

Set DI failed 4 5 

14/15 


flash. Retry up to 3 times. If 



flash. Retry up to 3 times If 





flash. Retry up to 3 times If 


Delete the code contents of the 

flash and reboot 

STBremoteconf key not found 4 6 N 

STBremoteconf key failed to verify 4 7 N 

MD5 sum failure 4 8 N 

Number of entries in the listfile does not 

match with what was downloaded 

4 9 N 

No DI file found 4 10 Y 

Misc. Errors 5 

NAND flash corruption 5 1 Reformat the NAND flash Y 

PID mismatch when upgrading the ROM 5 2 Reboot Y 

Failed to remove files on upgrade 5 3 Reboot and try again Y 

Failed to set execute / start address in NAND 

5 4 Clear the NAND flash Y 

flash 

Kernel panic / no root FS 5 5 

Invalid type of GIF file saved on the NAND 

flash 

Reboot? (can’t clear the NAND 

flash) 

5 6 Delete the file splash.gif Y 

Failed to write files onto the NAND flash 5 7 Clear the NAND flash Y 

Failed to gunzip the boot ROM image 5 8 Y 

(blank) 6 

(blank) 7 

Crypto failure 8 

>No master key found 8 1 Keep flashing in a while(1) loop N 

>No customer key found 8 2 N 

>Signature check of customer key failed 8 3 N 

Y* 

>Y* 

Y 

Y* 

Y

(blank) 8 4 N 

>(blank) 8 5 N 

>Verify of IntactOS code failed 8 6 N 

Hardware failure 9 

Page write to ROM failed 9 1 N 

NAND flash hardware / format failure 9 2 N 

SDRAM access failure 9 3 N 

Communication to the Ethernet chip failed 9 4 

15/15

Amino Multicast Upgrade - hinditron

Create successful ePaper yourself

Delete template?

Save as template?