Server IP : 103.119.228.120 / Your IP : 18.227.72.24 Web Server : Apache System : Linux v8.techscape8.com 3.10.0-1160.119.1.el7.tuxcare.els2.x86_64 #1 SMP Mon Jul 15 12:09:18 UTC 2024 x86_64 User : nobody ( 99) PHP Version : 5.6.40 Disable Function : shell_exec,symlink,system,exec,proc_get_status,proc_nice,proc_terminate,define_syslog_variables,syslog,openlog,closelog,escapeshellcmd,passthru,ocinum cols,ini_alter,leak,listen,chgrp,apache_note,apache_setenv,debugger_on,debugger_off,ftp_exec,dl,dll,myshellexec,proc_open,socket_bind,proc_close,escapeshellarg,parse_ini_filepopen,fpassthru,exec,passthru,escapeshellarg,escapeshellcmd,proc_close,proc_open,ini_alter,popen,show_source,proc_nice,proc_terminate,proc_get_status,proc_close,pfsockopen,leak,apache_child_terminate,posix_kill,posix_mkfifo,posix_setpgid,posix_setsid,posix_setuid,dl,symlink,shell_exec,system,dl,passthru,escapeshellarg,escapeshellcmd,myshellexec,c99_buff_prepare,c99_sess_put,fpassthru,getdisfunc,fx29exec,fx29exec2,is_windows,disp_freespace,fx29sh_getupdate,fx29_buff_prepare,fx29_sess_put,fx29shexit,fx29fsearch,fx29ftpbrutecheck,fx29sh_tools,fx29sh_about,milw0rm,imagez,sh_name,myshellexec,checkproxyhost,dosyayicek,c99_buff_prepare,c99_sess_put,c99getsource,c99sh_getupdate,c99fsearch,c99shexit,view_perms,posix_getpwuid,posix_getgrgid,posix_kill,parse_perms,parsesort,view_perms_color,set_encoder_input,ls_setcheckboxall,ls_reverse_all,rsg_read,rsg_glob,selfURL,dispsecinfo,unix2DosTime,addFile,system,get_users,view_size,DirFiles,DirFilesWide,DirPrintHTMLHeaders,GetFilesTotal,GetTitles,GetTimeTotal,GetMatchesCount,GetFileMatchesCount,GetResultFiles,fs_copy_dir,fs_copy_obj,fs_move_dir,fs_move_obj,fs_rmdir,SearchText,getmicrotime MySQL : ON | cURL : ON | WGET : ON | Perl : ON | Python : ON | Sudo : ON | Pkexec : ON Directory : /usr/local/ssl/libexec/microcode_ctl/ |
Upload File : |
#! /bin/bash -eu # Maintain kernel-version-specific symlinks in /lib/firmware based on # configuration present in /usr/share/microcode_ctl/ucode_with_caveats. # # SPDX-License-Identifier: CC0-1.0 export LC_ALL=C usage() { echo "Usage: update_ucode [--action {add|remove|refresh|list}]" \ "[--kernel KERNELVER]* [--verbose] [--dry-run]" \ "[--cleanup intel_ucode caveats_ucode]" \ "[--skip-common] [--skip-kernel-specific]" >&2 } debug() { [ 0 = "$verbose" ] || echo "$*" >&2; } # Calls find only if the first argument exists and is a directory. # Avoids spurious "find: '...' No such file or directory" for the directories # that may not exist. find_d() { [ \! -d "$1" ] || find "$@"; } MC_DIR=/usr/share/microcode_ctl INTEL_UCODE_DIR=intel-ucode DATA_DIR=/usr/share/microcode_ctl/ucode_with_caveats FW_DIR=/lib/firmware check_caveats=/usr/libexec/microcode_ctl/check_caveats action=refresh kernel= verbose=0 verbose_opt= dry_run=0 remove_cleanup=0 cleanup_intel= cleanup_caveats= skip_common=0 skip_caveats=0 while [ 1 -le "$#" ]; do case "$1" in -C|--skip-common) skip_common=1 ;; -K|--skip-kernel-specific) skip_caveats=1 ;; -a|--action) shift action="$1" ;; -k|--kernel) shift kernel="$kernel $1" ;; -v|--verbose) verbose=1 verbose_opt="-v" ;; -n|--dry-run) dry_run=1 ;; -c|--cleanup) remove_cleanup=1 shift cleanup_intel="$1" shift cleanup_caveats="$1" ;; *) echo "Unknown argument \"$1\"" >&2 usage exit 1 esac shift done cmd= [ 0 -eq "$dry_run" ] || cmd=echo case "$action" in add|remove|refresh|list) # Scan all directories in FW_DIR and all existing kernels if [ -z "$kernel" ]; then debug "No kernel versions provided, scanning..." kvers=$(find_d /lib/modules/ -name '[2-9].*' -print) for k_dir in $kvers; do k="${k_dir#/lib/modules/}" [ ! -e "/boot/symvers-$k.gz" ] || { debug " Adding $k (from /lib/modules)" kernel="$kernel $k" } done kvers=$(find_d /lib/firmware/ -name '[2-9].*' -print) for k_dir in $kvers; do k="${k_dir#/lib/firmware/}" [ ! -d "$k_dir" ] || { debug " Adding $k (from /lib/firmware)" kernel="$kernel $k" } done kernel=$(printf "%s" "$kernel" | xargs -n 1 | sort -u) fi ;; *) echo "Unknown action \"$action\"" >&2 usage exit 1 ;; esac # Generic part: managing intel ucode debug "Running action \"$action\" on common Intel microcode directory" while :; do [ 0 -eq "$skip_common" ] || break [ ! -e "/etc/microcode_ctl/intel-ucode-disallow" ] || { debug " Skipping \"$i\":" \ "\"/etc/microcode_ctl/intel-ucode-disallow\"" \ "present" break } [ ! -e "$FW_DIR/intel-ucode-disallow" ] || { debug " Found \"$FW_DIR/intel-ucode-disallow\"," \ "skipping" break } # Removing old files case "$action" in refresh|remove|list) debug " Removing old files from ${FW_DIR}/${INTEL_UCODE_DIR}" if [ 0 = "$remove_cleanup" ]; then find_d "${MC_DIR}/${INTEL_UCODE_DIR}" \ -maxdepth 1 -mindepth 1 \ -type f -printf '%f\n' else cat "$cleanup_intel" fi | while read -r fname; do name="${FW_DIR}/${INTEL_UCODE_DIR}/${fname}" # Needed in case we downgrade to a version where # no symlinks in /lib/firmware were used if [ 1 = "$remove_cleanup" ]; then [ -L "$name" ] || continue fi [ "xlist" != "x$action" ] || { echo "$name" continue } $cmd rm -f $verbose_opt "$name" done [ "xlist" = "x$action" ] || { # Removing possible dangling symlinks find_d "${FW_DIR}/${INTEL_UCODE_DIR}" \ -maxdepth 1 -mindepth 1 \ -type l -printf '%p\n' \ | while read -r fname; do [ -e "$fname" ] || { debug " Removing danging symlink \"$fname\"" $cmd rm -f $verbose_opt "$fname" } done $cmd rmdir -p $verbose_opt \ "${FW_DIR}/${INTEL_UCODE_DIR}" 2>/dev/null \ || true } ;; esac # Adding new ones case "$action" in add|refresh) debug " Creating symlinks in ${FW_DIR}/${INTEL_UCODE_DIR}" $cmd mkdir -p $verbose_opt "${FW_DIR}/${INTEL_UCODE_DIR}" $cmd find "${MC_DIR}/${INTEL_UCODE_DIR}" -maxdepth 1 -mindepth 1 \ -type f -exec bash -c 'ln -fs '"$verbose_opt"' '\''{}'\'' \ "'"${FW_DIR}/${INTEL_UCODE_DIR}/"'$(basename '\''{}'\'')"' \; ;; esac break done debug "Running action \"$action\" on kernels $kernel" if [ 0 = "$remove_cleanup" ]; then ls "$DATA_DIR" else cat "$cleanup_caveats" fi | while read -r i; do [ 0 -eq "$skip_caveats" ] || break debug "Processing data directory \"$i\"..." for k in $(echo "$kernel"); do debug " Processing kernel version \"$k\"" { out=$($check_caveats -k "$k" -c "$i" $verbose_opt) ret="$?" } || : paths=$(printf "%s" "$out" | sed -n 's/^paths //p') ignore=$(printf "%s" "$out" | sed -n 's/^skip_cfgs //p') [ -z "$ignore" ] || { debug " Configuration is ignored, skipping" continue } case "$action" in remove|refresh|list) [ "xlist" = "x$action" ] || \ debug " Removing \"$paths\" (part of $action)..." for p in $(printf "%s" "$paths"); do find_d "$DATA_DIR/$i" -path "$DATA_DIR/$i/$p" \ -printf "%P\n" done | while read -r path; do [ -e "$FW_DIR/$k/readme-$i" ] || { debug " \"$FW_DIR/$k/readme-$i\"" \ "is not found, skipping" \ "\"$paths\" removal" break } if [ "xlist" = "x$action" ]; then echo "$FW_DIR/$k/$path" else debug " Removing \"$FW_DIR/$k/$path\"" $cmd rm -f $verbose_opt "$FW_DIR/$k/$path" $cmd rmdir -p $verbose_opt \ "$FW_DIR/$k/$(dirname $path)" 2>/dev/null \ || true fi done if [ -e "$FW_DIR/$k/readme-$i" ]; then if [ "xlist" = "x$action" ]; then echo "$FW_DIR/$k/readme-$i" else $cmd rm -f $verbose_opt \ "$FW_DIR/$k/readme-$i" $cmd rmdir -p $verbose_opt \ "$FW_DIR/$k" 2>/dev/null || true fi fi ;; esac [ 0 -eq "$ret" ] || { debug " Checking for caveats failed" \ "(kernel version \"$k\"), skipping" continue } [ -n "$paths" ] || { debug " List of paths to add is empty, skipping" continue } case "$action" in add|refresh) debug " Adding $paths (part of $action)..." [ -e "/boot/symvers-$k.gz" ] || { debug " \"/boot/symvers-$k.gz\"" \ "does not exist, skipping" continue } for p in $(printf "%s" "$paths"); do find_d "$DATA_DIR/$i" -path "$DATA_DIR/$i/$p" \ -printf "%P\n" done | while read -r path; do [ ! -e "$FW_DIR/$k/$path" ] || { debug " $FW_DIR/$k/$path already" \ "exists, skipping" continue } debug " Adding \"$FW_DIR/$k/$path\"" $cmd mkdir -p $verbose_opt \ "$(dirname "$FW_DIR/$k/$path")" $cmd ln -fs $verbose_opt "$DATA_DIR/$i/$path" \ "$FW_DIR/$k/$path" done if [ -e "$FW_DIR/$k/readme-$i" ]; then debug " $FW_DIR/$k/readme-$i already" \ "exists, skipping creation" else $cmd cp $verbose_opt "$DATA_DIR/$i/readme" \ "$FW_DIR/$k/readme-$i" fi ;; remove) esac done done # Removing possible dangling symlinks in kernel-specific directories debug "Checking for dangling symlinks..." for k in $(echo "$kernel"); do debug " Processing kernel version \"$k\"" find_d "${FW_DIR}/${k}" \ -mindepth 1 -type l -printf '%p\n' \ | while read -r fname; do [ -e "$fname" ] || { debug " Removing danging symlink \"$fname\"" $cmd rm -f $verbose_opt "$fname" } done done