Amino Multicast Upgrade - hinditron
Amino Multicast Upgrade - hinditron
Amino Multicast Upgrade - hinditron
Create successful ePaper yourself
Turn your PDF publications into a flip-book with our unique Google optimized e-Paper software.
<strong>Amino</strong> <strong>Multicast</strong> <strong>Upgrade</strong><br />
A Simple Overview<br />
Applies To<br />
All <strong>Multicast</strong> <strong>Amino</strong> Set Top Boxes<br />
Summary<br />
A simplistic overview to the configuration of a <strong>Amino</strong> <strong>Multicast</strong> upgrade server.<br />
Revision History<br />
Revision Date Author Comments<br />
1.0 05/05/05 Paul Rae Initial Revision<br />
The information contained in this Application Note is subject to non disclosure agreements, and<br />
must not be passed into other third parties without the express permission of <strong>Amino</strong><br />
Communications Ltd.
Applies To....................................................................................................................................... 1<br />
Summary......................................................................................................................................... 1<br />
Revision History ............................................................................................................................. 1<br />
Terminology................................................................................................................................3<br />
<strong>Multicast</strong>-aware .................................................................................................................. 3<br />
<strong>Multicast</strong> <strong>Upgrade</strong>.............................................................................................................. 3<br />
<strong>Multicast</strong> <strong>Upgrade</strong> Image................................................................................................. 3<br />
<strong>Multicast</strong> Bootstrap............................................................................................................ 3<br />
<strong>Multicast</strong> Bootstrap Image............................................................................................... 3<br />
Overview..................................................................................................................................... 4<br />
<strong>Multicast</strong> Bootstrap..................................................................................................................... 5<br />
<strong>Multicast</strong> <strong>Upgrade</strong>....................................................................................................................... 7<br />
<strong>Multicast</strong> Server Software........................................................................................................... 8<br />
Installing <strong>Multicast</strong> Server Software .......................................................................................... 8<br />
Software Installation Process.......................................................................................................... 9<br />
LED Flashing Codes..................................................................................................................... 12<br />
Summary................................................................................................................................... 12<br />
Fatal errors (major numbers 8 & 9) .......................................................................................... 13<br />
Full list (with actions) ............................................................................................................... 13<br />
2/15
Terminology<br />
<strong>Multicast</strong>-aware<br />
An AmiNET STB is <strong>Multicast</strong>-aware if it uses the <strong>Multicast</strong> <strong>Upgrade</strong> scheme. Every STB either<br />
uses TFTP for upgrading software or <strong>Multicast</strong> <strong>Upgrade</strong>.<br />
<strong>Multicast</strong> <strong>Upgrade</strong><br />
Refers to the system which <strong>Multicast</strong>-aware STBs use for software upgrades. Specifically a<br />
<strong>Multicast</strong> <strong>Upgrade</strong> is the process of receiving a <strong>Multicast</strong> <strong>Upgrade</strong> Image, verifying and writing<br />
it to the flash. However, it also generally refers to the entire system including the server side<br />
(mcastbootd and DHCP) and <strong>Multicast</strong> Bootstrap.<br />
<strong>Multicast</strong> <strong>Upgrade</strong> Image<br />
A file containing a complete software upgrade. This is in the form of a filesystem image with an<br />
RSA digital signature.<br />
<strong>Multicast</strong> Bootstrap<br />
The system used by the AmiNET boot loader to attain and execute a <strong>Multicast</strong> Bootstrap Image.<br />
This is enough software for the STB to perform <strong>Multicast</strong> <strong>Upgrade</strong>.<br />
<strong>Multicast</strong> Bootstrap Image<br />
A file containing boot software for an AmiNET STB. This is in the form of a combined Linux<br />
kernel and RAM disk image with an RSA digital signature. This file is referred to as<br />
bootstrap.<br />
3/15
Overview<br />
The lifetime of a Set-Top-Box using <strong>Multicast</strong> <strong>Upgrade</strong> is split into four stages, flash booting,<br />
multicast bootstrapping, multicast upgrade and running normally. See Figure 1.<br />
STB power on<br />
Execute<br />
bootloader<br />
Software reset<br />
Boot from NAND<br />
flash<br />
Yes<br />
Valid software in<br />
NAND flash?<br />
No<br />
<strong>Multicast</strong><br />
Bootstrap<br />
failure<br />
Verify and<br />
execute<br />
bootstrap<br />
failure<br />
success<br />
Normal use<br />
Software upgrade request<br />
<strong>Multicast</strong><br />
<strong>Upgrade</strong><br />
Verify software<br />
upgrade<br />
success<br />
Copy upgrade to<br />
NAND flash<br />
Figure 1 STB States<br />
4/15
<strong>Multicast</strong> Bootstrap<br />
When a Set-Top-Box boots and finds no usable software in the NAND flash it enters the<br />
<strong>Multicast</strong> Bootstrap state. This is a recovery mode allowing the STB to securely download and<br />
install a software release automatically.<br />
<strong>Multicast</strong><br />
Bootstrap<br />
DHCP request,<br />
mboot<br />
AMINET103<br />
timeout<br />
failure<br />
DHCP returned<br />
multicast<br />
address/port<br />
success<br />
IGMP join<br />
multicast address<br />
Data received<br />
Yes<br />
Assemble<br />
bootstrap image in<br />
memory from<br />
multicast carousel<br />
Verify and<br />
execute<br />
bootstrap<br />
Figure 2 <strong>Multicast</strong> Bootstrap<br />
5/15
Through the entire <strong>Multicast</strong> Bootstrap and <strong>Multicast</strong> <strong>Upgrade</strong> stage the STB display will display<br />
a “Loading…” logo, see Figure 3.<br />
Figure 3 <strong>Multicast</strong> Bootstrap Loading Screen<br />
On entering <strong>Multicast</strong> Bootstrap, the STB sends out a DHCP request containing vendor<br />
encapsulated options mboot and AMINET103 1 . The DHCP reply should contain a multicast<br />
group and port on which a bootstrap image is being transmitted, see later sections for details<br />
of <strong>Multicast</strong> Boot and DHCP server configuration. The multicast group is joined and data is<br />
collected. If this data verifies correctly against the RSA Customer key (see the <strong>Amino</strong> Security<br />
Policies document for further details of the security systems involved) then it is executed.<br />
The bootstrap image contains a combined Linux kernel and RAM disk. This is enough to<br />
boot up the STB and move into the <strong>Multicast</strong> <strong>Upgrade</strong> stage.<br />
1 Different hardware platforms will send relevant hardware identifiers such as AMINET110.<br />
6/15
<strong>Multicast</strong> <strong>Upgrade</strong><br />
On entering the <strong>Multicast</strong> <strong>Upgrade</strong> state, all non-essential applications are closed 2 . If this state is<br />
entered from <strong>Multicast</strong> Bootstrap, a DHCP request is sent containing the vendor encapsulated<br />
options upgrd and the hardware platform (aminet103). As with <strong>Multicast</strong> Boot, DHCP must<br />
be configured to return a multicast group and port. These must point to a <strong>Multicast</strong> <strong>Upgrade</strong><br />
transmission. If the upgrade is triggered by STBremoteconf or the management pages the<br />
multicast group and port are supplied by the user.<br />
<strong>Multicast</strong><br />
<strong>Upgrade</strong><br />
Software<br />
reset<br />
Send DHCP<br />
request, upgrd,<br />
aminet103<br />
failure<br />
timeout<br />
DHCP returned<br />
multicast<br />
address/port<br />
success<br />
Software<br />
upgrade<br />
request<br />
IGMP join<br />
multicast address<br />
Data received<br />
Yes<br />
Verify<br />
software<br />
upgrade<br />
Figure 4 <strong>Multicast</strong> <strong>Upgrade</strong><br />
Once a complete <strong>Multicast</strong> <strong>Upgrade</strong> Image has been received it is verified against the RSA<br />
Customer key (see the <strong>Amino</strong> Security Policy document for details) and copied into the NAND<br />
flash. At this point the NAND flash could potentially be corrupted by a power outage or other<br />
failure. If this occurs then when the STB reboots it will detect the failure and enter <strong>Multicast</strong><br />
Bootstrap.<br />
2 A RAM disk is used to store data as it is being received so all applications are closed to free RAM.<br />
7/15
<strong>Multicast</strong> Server Software<br />
<strong>Amino</strong> provide a software multicast boot server, mcastbootd, which is used to transmit<br />
<strong>Multicast</strong> <strong>Upgrade</strong> and <strong>Multicast</strong> Bootstrap images to STBs.<br />
The multicast boot server is normally run as a daemon and controlled via the imgcfg command<br />
line program. This can be used to add or remove images as well as to modify streaming attributes<br />
such as bitrate and packet size 3 . The server supports streaming many concurrent images across a<br />
range of multicast groups. This means that it can be used to transmit many versions of software<br />
to a selection of AmiNET STB variants.<br />
Installing <strong>Multicast</strong> Server Software<br />
<strong>Amino</strong> supply the multicast server software alongside each <strong>Multicast</strong> <strong>Upgrade</strong> STB software<br />
release together with a configuration tool and several example files. The directory structure of a<br />
release is shown below:<br />
<br />
upgradeimage<br />
bootstrap<br />
romupgrade<br />
mcastserver<br />
utils<br />
Figure 5 Release Directory Structure<br />
upgradeimage:<br />
Contains the <strong>Multicast</strong> <strong>Upgrade</strong> Image, typically called mc2.mcfs<br />
bootstrap:<br />
Contains the bootstrap image used for <strong>Multicast</strong> Bootstrap.<br />
romupgrade:<br />
Contains the files needed to upgrade a TFTP booting STB to <strong>Multicast</strong> <strong>Upgrade</strong>.<br />
mcastserver:<br />
Contains the mcastbootd binary and an example dhcpd.conf file.<br />
utils:<br />
Contains the binaries rsakey, imgcfg and STBremoteconf as well as <strong>Amino</strong>’s dummy<br />
RSA keys.<br />
3 Advanced users may choose to edit /etc/mcastbootd.conf, an example is provided in each release.<br />
8/15
Software Installation Process<br />
This document is intended to be a basic guide on how to install the <strong>Amino</strong> <strong>Multicast</strong> <strong>Upgrade</strong><br />
Server. It is by no means intended to be a comprehensive document, and will not go into great<br />
detail. It will only cover the bare minimum required to get a multicast server up and running, for<br />
further information you should refer to document <strong>Amino</strong> Secure <strong>Multicast</strong> Server.<br />
This document assumes that you have a tftd and dhcpd daemon installed and will be using the<br />
configuration supplied by <strong>Amino</strong>. If you plan on using a different configuration you should use<br />
the example configs as a guide when setting up your servers.<br />
1. Log on to your linux server as root<br />
2. Create the following directories:<br />
* mkdir /usr/local/amino<br />
* mkdir /usr/local/amino/images<br />
* mkdir /usr/local/amino/keys<br />
* mkdir /usr/local/amino/releases<br />
* mkdir /usr/local/amino/releases/A103<br />
* mkdir /usr/local/amino/releases/A110<br />
3. Download the appropriate software for product i.e. A103.fresco.0.8.5.tgz (AmiNET103 0.8.5<br />
Fresco release).<br />
4. Move this file to the appropriate folder i.e. /usr/local/amino/releases/A103<br />
* mv A103.fresco.0.8.5.tgz /usr/local/amino/releases/A103<br />
5. Unpack the software image<br />
* cd /usr/local/amino/releases/A103<br />
* tar zxvf A103.fresco.0.8.5.tgz<br />
6. You will now have a directory called "0.8.5" which will contain all the software components,<br />
change to this directory:<br />
* cd 0.8.5<br />
7. You will see the following directories:<br />
bootsrap - contains the files needed for signing a bootstrap image<br />
romupgrade - contains the files needed when doing a tftp to multicast rom conversion<br />
server - contains files needed for the mcastbood server<br />
upgradeimage - contains the files needed for signing a upgrade image<br />
utils - contains the generic amino keys, STBremoteconf and misc binaries required for<br />
above processes.<br />
9/15
8. Change to the utils directory and do the following:<br />
* cd utils<br />
* cd keys<br />
* cd amino<br />
* cp * /usr/local/amino/keys<br />
* cd ../../<br />
* cp * /usr/local/bin<br />
( You will see a warning message about it skipping the keys directory - do not worry this<br />
is expected)<br />
* cd ..<br />
9. Change to the server directory and do the following:<br />
(If you have a preconfigured dhcpd server you should skip step 3 - you will however need to<br />
ensure you have all the additional sections configured.)<br />
* cd server<br />
* cp mcastbootd /usr/local/bin<br />
* cp mcastbootd.conf /etc<br />
* cp dhcpd.conf /etc<br />
* cd ..<br />
10. Edit the mcastbootd config file:<br />
* vi /etc/mcastbootd.conf<br />
* In the server section add the line:<br />
ImageDir=/usr/local/amino/images<br />
* Edit the <strong>Multicast</strong> Address for the bootstrap i.e 225.50.50.50<br />
* Edit the <strong>Multicast</strong> Port for the bootstrap 11111<br />
* Edit the <strong>Multicast</strong> Address for the bootstrap i.e 225.50.50.51<br />
* Edit the <strong>Multicast</strong> Port for the bootstrap 11111<br />
(The values for these items can be any address and port of your choosing. However they<br />
must both use a unique multicast address. The important thing to keep in mind is these values<br />
must match what you have configured in your dhcpd server.)<br />
11. Edit the dhcpd config file:<br />
* vi /etc/dhcpd.conf<br />
* Confirm that the <strong>Multicast</strong> Addresses & Ports match those in your<br />
mcastbood.conf<br />
12. Prepare tftpd for tftp to multicast conversions if required:<br />
* cd rompupgrade<br />
* cd tftpboot<br />
* cp * /tftpboot<br />
* cd ..<br />
* cd ..<br />
13. Export customer key<br />
* export CUSTOMER_KEY=/usr/local/amino/keys/KEY.private<br />
14. Create and sign the bootstrap image<br />
* cd bootstrap<br />
* ./signbootstrap<br />
* when prompted enter the passphrase "markskey"<br />
* mv bootstrap.signed /usr/local/amino/images<br />
10/15
* cd ..<br />
15. Create and sign the upgrade image<br />
* cd upgradeimage<br />
* ./signupgrade 0<br />
* when prompted enter the passphrase "markskey"<br />
* mv mc2.mcfs /usr/local/amino/images<br />
At this point your <strong>Amino</strong> <strong>Multicast</strong> Server is now fully installed and configured, you should<br />
restart dhcpd to make sure all changes have taken effect:<br />
* /etc/init.d/dhcpd restart<br />
To run mcastbood:<br />
* mcastbootd<br />
or to start it in debug mode<br />
* mcastbootd -D<br />
11/15
LED Flashing Codes<br />
Summary<br />
LED flashing was introduced at version 1.26 of the BootROM as a standard feature.<br />
Some customer builds had an early development version, which didn't conform to the<br />
LED flashing standard as listed below.<br />
The LED flash codes are in a major / minor configuration using the following scheme:<br />
< major number of flashes ><br />
< short pause ><br />
< minor number of flashes ><br />
< long pause ><br />
< repeat ><br />
Errors are split into two main groups:<br />
• fatal (longer flash codes and generally no reboot) and<br />
• info (shorter flash and generally a reboot)<br />
The following info errors were found. There are some errors which do not require a<br />
reboot since the box will boot up. An example of this is booting up with no network cable<br />
attached. The rest of the errors can be divided up into "error during code upgrade",<br />
"code image is no longer secure", and miscellaneous errors<br />
The major numbers have been allocated as:<br />
1. Not full functionality but the box will startup fully<br />
2. Code upgrade failure<br />
3. Security / crypto issue (IntactOS)<br />
4. Security / crypto issue (Linux)<br />
5. Miscellaneous<br />
6. (blank)<br />
7. (blank)<br />
12/15
Fatal errors (major numbers 8 & 9)<br />
The following fatal errors were found. These errors fall into two groups: crypto failure<br />
and hardware failure. The action for each of these is to sit in a while(1) loop and keep<br />
flashing. If the box is rebooted (especially after a NORflash write failure) the box may<br />
never respond back, so rebooting isn't a useful action<br />
Full list (with actions)<br />
Error<br />
Not full functionality 1<br />
Major<br />
#<br />
Minor<br />
#<br />
13/15<br />
Action<br />
No network connection 1 1 Flash 3 times and continue booting N<br />
DHCP lookup failure 1 2 Flash 3 times and continue booting N<br />
I2C communication failed 1 3 Flash 3 times and continue booting N<br />
Code upgrade failure 2<br />
TFTP download failure 2 1 !poweron not saved so just reboot Y<br />
BOOTP server not found 2 2 !poweron not saved so just reboot Y<br />
<strong>Multicast</strong> group not found 2 3<br />
<strong>Multicast</strong> download timeout 2 4<br />
Product file missing from running software 2 5<br />
bin/products file missing from downloaded<br />
software upgrade<br />
bin/products file doesn't match STB product<br />
(ie. <strong>Upgrade</strong> not suitable for this STB<br />
product/platform type<br />
Security / crypto issue (IntactOS) 3<br />
Verification of the download image failed 3 1<br />
Signature check of the listfile.sig failed 3 2<br />
Listfile.sig is missing 3 3<br />
Missing file in the NAND flash according to<br />
listfile.sig<br />
Retry 3 times If still unsuccessful<br />
reboot<br />
Retry 3 times >If still unsuccessful<br />
reboot<br />
reboot. <strong>Upgrade</strong> system broken -<br />
use REFLASH<br />
2 6 STB reboots Y*<br />
2 7 STB reboots Y*<br />
3 4<br />
File check failed against listfile.sig 3 5<br />
File found on the NAND flash not in listfile.sig 3 6<br />
Delete the image if saved on the<br />
flash Retry up to 3 times. If<br />
unsuccessful reboot.<br />
Delete the image if saved on the<br />
flash Retry up to 3 times. If<br />
unsuccessful reboot<br />
Erase the flash (which must be<br />
assumed to be unsafe)<br />
Erase the flash (which must be<br />
assumed to be unsafe)<br />
Erase the flash (which must be<br />
assumed to be unsafe)<br />
Erase the flash (which must be<br />
assumed to be unsafe)<br />
Reboot<br />
Y*<br />
Y*<br />
Y*<br />
Y*<br />
Y*<br />
Y<br />
Y<br />
Y<br />
Y
Unable to decode the customer public key on<br />
3 7 Y<br />
the box<br />
Security / crypto issue (Linux) 4<br />
Verification of the download image failed 4 1<br />
Signature check of the listfile.sig failed 4 2<br />
Listfile.sig is missing or corrupted 4 3<br />
DI is going backwards 4 4<br />
Set DI failed 4 5<br />
14/15<br />
Delete the image if saved on the<br />
flash. Retry up to 3 times. If<br />
unsuccessful reboot<br />
Delete the image if saved on the<br />
flash. Retry up to 3 times If<br />
unsuccessful reboot<br />
Erase the flash (which must be<br />
assumed to be unsafe)<br />
Delete the image if saved on the<br />
flash. Retry up to 3 times If<br />
unsuccessful reboot<br />
Delete the code contents of the<br />
flash and reboot<br />
STBremoteconf key not found 4 6 N<br />
STBremoteconf key failed to verify 4 7 N<br />
MD5 sum failure 4 8 N<br />
Number of entries in the listfile does not<br />
match with what was downloaded<br />
4 9 N<br />
No DI file found 4 10 Y<br />
Misc. Errors 5<br />
NAND flash corruption 5 1 Reformat the NAND flash Y<br />
PID mismatch when upgrading the ROM 5 2 Reboot Y<br />
Failed to remove files on upgrade 5 3 Reboot and try again Y<br />
Failed to set execute / start address in NAND<br />
5 4 Clear the NAND flash Y<br />
flash<br />
Kernel panic / no root FS 5 5<br />
Invalid type of GIF file saved on the NAND<br />
flash<br />
Reboot? (can’t clear the NAND<br />
flash)<br />
5 6 Delete the file splash.gif Y<br />
Failed to write files onto the NAND flash 5 7 Clear the NAND flash Y<br />
Failed to gunzip the boot ROM image 5 8 Y<br />
(blank) 6<br />
(blank) 7<br />
Crypto failure 8<br />
>No master key found 8 1 Keep flashing in a while(1) loop N<br />
>No customer key found 8 2 N<br />
>Signature check of customer key failed 8 3 N<br />
Y*<br />
>Y*<br />
Y<br />
Y*<br />
Y
(blank) 8 4 N<br />
>(blank) 8 5 N<br />
>Verify of IntactOS code failed 8 6 N<br />
Hardware failure 9<br />
Page write to ROM failed 9 1 N<br />
NAND flash hardware / format failure 9 2 N<br />
SDRAM access failure 9 3 N<br />
Communication to the Ethernet chip failed 9 4<br />
15/15