ExternalVendorCode/heads
1
0
Fork 0
mirror of https://github.com/linuxboot/heads.git synced 2025-02-01 00:45:25 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity
heads/initrd/bin/network-init-recovery
Thierry Laurion 7cbcdd8ed7
Tethering refresh for CDC NCM/CDC EEM mobile phones (tested on GrapheneOS Pixel 6a, no more RNDIS support) 
- Add additional requirements to linux config
- Add additional CONFIG_MOBILE_TETHERING=y to all maximized board configs
- Fix issue under network-recovery-init to NTP sync against NTP server pool
- Extend network-recovery-init to first try NTP sync against DNS server returned by DHCP answer
- Remove network-recovery-init earlytty and tty0 redirection (console should be setuped properly by init in all cases)
- If CONFIG_MOBILE_TETHERING=y added to board config and network-recovery-init called, wait to user input on instructions and warning 30 secs before proceeding (non-blocking)
- Machines having STATIC_IP under board config won't benefit of autoatic NTP sync

Since network-recovery-init can only be called from recovery shell now, and recovery shell can be guarded by GPG auth, this is PoC code to be used to complement TOTP being out of sync

TODO(Future PR):
- Refactor into functions and reuse into TOTP/HOTP being out of sync automatically.

Signed-off-by: Thierry Laurion <insurgo@riseup.net>
2024-02-21 13:50:18 -05:00

108 lines
4.1 KiB
Bash
Executable File
Raw Blame History

#!/bin/bash
. /etc/functions
TRACE_FUNC
# bring up the ethernet interface
ifconfig lo 127.0.0.1
echo "Loading Ethernet network modules..."
network_modules="e1000 e1000e igb sfc mdio mlx4_core mlx4_en"
for module in $(echo $network_modules); do
if [ -f /lib/modules/$module.ko ]; then
#check if module is already loaded and load it if not
lsmod | grep -q $module || insmod /lib/modules/$module.ko
fi
done
#Tethering over USB for Mobile phones supporting CDC (Android Pixel 6a+, Librem phone, etc.)
if [ -e /lib/modules/cdc_ether.ko ]; then
#first enable USB controllers
enable_usb
echo ""
echo "Please verify that your mobile (CDC NCM/EEM tethering compatible phone) is networked in the desired way (WIFI/mobile + VPN/Orbot/etc)"
echo "Please connect mobile phone to this machine's fast USB port (blue identified) through a known working data cable"
echo "Please enable USB tethering prior of going further (Android: select 'Charging this device via USB' notification and enable tethering option)"
read -p "Press Enter to continue now or wait 30 seconds..." -n 1 -r -t 30
network_modules="mii usbnet cdc_ether cdc_ncm cdc_eem"
echo "Loading USB tethering network related modules: $network_modules..."
for module in $(echo $network_modules); do
if [ -f /lib/modules/$module.ko ]; then
#check if module is already loaded and load it if not
lsmod | grep -q $module || insmod /lib/modules/$module.ko
fi
done
if ! [ -e /sys/class/net/usb0 ]; then
echo ""
echo "Tethering USB network interface was NOT detected with loaded kernel modules : $network_modules"
echo "Please check your phone's linux drivers requirements"
echo "Note that RNDIS kernel module inclusion was discussed and rejected due to security implications and planned deprecation under Linux kernel altogether"
echo "CDC NCM/CDC EEM support is known to be available on a majority of Android/GrapheneOS as well as Librem phones"
echo "Non-exhaustive exeptions: Pixel 4a* known to only tether over RNDIS and won't be supported"
echo "Apple phones won't be supported due to size and complexity of the drivers and toolstack required to support tethering"
read -p "Press Enter to continue now or wait 30 seconds..." -n 1 -r -t 30
fi
fi
if [ -e /sys/class/net/usb0 ]; then
dev=usb0
echo "USB tethering network interface detected as $dev"
elif [ -e /sys/class/net/eth0 ]; then
dev=eth0
echo "Ethernet network interface detected as $dev"
#Randomize eth0 MAC address of maximized boards
if echo "$CONFIG_BOARD" | grep -q maximized; then
ifconfig $dev down
echo "Generating random MAC address..."
mac=$(generate_random_mac_address)
echo "Assigning randomly generated MAC: $mac to eth0..."
ifconfig $dev hw ether $mac
echo "Bringing up $dev... Connect a network cable to the $dev port and make sure status LEDs are on"
ifconfig $dev up
fi
fi
# Set up static IP
if [ ! -z "$CONFIG_BOOT_STATIC_IP" ]; then
echo "Setting static IP: $CONFIG_BOOT_STATIC_IP"
ifconfig $dev $CONFIG_BOOT_STATIC_IP
echo "No NTP sync with static IP: no DNS server nor gateway defined, set time manually"
elif [ -e /sbin/udhcpc ]; then
echo "Getting IP from first DHCP server answering. This may take a while..."
if udhcpc -T 1 -i $dev -q; then
if [ -e /sbin/ntpd ]; then
DNS_SERVER=$(grep nameserver /etc/resolv.conf | awk -F " " {'print $2'})
killall ntpd 2 &>1 >/dev/null
echo "Attempting to sync time with NTP server: $DNS_SERVER..."
if ! ntpd -d -N -n -q -p $DNS_SERVER; then
echo "NTP sync unsuccessful with DNS server"
echo "Attempting NTP time sync with pool.ntp.org..."
if ! ntpd -d -d -N -n -q -p pool.ntp.org; then
echo "NTP sync unsuccessful."
else
echo "NTP time sync successful."
fi
fi
echo "Syncing hardware clock with system time in UTC/GMT timezone... NOT LOCAL TIMEZONE!"
hwclock -w
echo ""
date=$(date "+%Y-%m-%d %H:%M:%S %Z")
echo "Time: $date"
fi
fi
fi
if [ -e /bin/dropbear ]; then
# Set up the ssh server, allow root logins and log to stderr
if [ ! -d /etc/dropbear ]; then
mkdir /etc/dropbear
fi
echo "Starting dropbear ssh server..."
dropbear -B -R
fi
echo ""
echo "Network setup complete:"
ifconfig
Reference in New Issue View Git Blame Copy Permalink