While an image layout based on MBR and 'bootfs' partition may be easy
to understand for users who are very used to the IBM PC and always have
the option to access the SD card outside of the device (and hence don't
really depend on other recovery methods or dual-boot), in my opinion
it's a dead end for many desirable features on embedded systems,
especially when managed remotely (and hence without an easy option to
access the SD card using another device in case things go wrong, for
example).
Let me explain:
* using a MSDOS/VFAT filesystem to store kernel(s) is problematic, as a
single corruption of the bootfs can render the system into a state
that it no longer boots at all. This makes dual-boot useless, or at
least very tedious to setup with then 2 independent boot partitions
to avoid the single point of failure on a "hot" block (the FAT index
of the boot partition, written every time a file is changed in
bootfs). And well: most targets even store the bootloader environment
in a file in that very same FAT filesystem, hence it cannot be used
to script a reliable dual-boot method (as loading the environment
itself will already fail if the filesystem is corrupted).
* loading the kernel uImage from bootfs and using rootfs inside an
additional partition means the bootloader can only validate the
kernel -- if rootfs is broken or corrupted, this can lead to a reboot
loop, which is often a quite costly thing to happen in terms of
hardware lifetime.
* imitating MBR-boot behavior with a FAT-formatted bootfs partition
(like IBM PC in the 80s and 90s) is just one of many choices on
embedded targets. There are much better options with modern U-Boot
(which is what we use and build from source for all targets booting
off SD cards), see examples in mediatek/mt7622 and mediatek/mt7623.
Hence rename the 'sdcard' feature to 'legacy-sdcard', and prefix
functions with 'legacy_sdcard_' instead of 'sdcard_'.
Tested-by: Stijn Tintel <stijn@linux-ipv6.be>
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
Add a generic sdcard upgrade method instead of duplicating code in yet
another target, and add a feature flag to only install this upgrade
method in targets that set this flag. Copied from mvebu.
Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be>
Try umount on device mapper and loop devices still mounted, so the
subsequent call to disactivate all physical volumes and delete all
loop devices is more likely to succeed.
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
If the busybox applet losetup was selected, `command -v` selects that
during sysupgrade. As this applet is in another path and doesn't cover
the '-D' option which is used to make sure user-defined loop devices
are no longer active during sysupgrade.
Detect losetup at the path of the full utility to avoid error messages
in case of the busybox applet being selected.
Reported-by: fda77 <fda77@users.noreply.github.com>
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
Vlan subinterface was never brought up when using vlan-based preinit network.
Tested forcing ifname="" before preinit_ip() on a Tp-Link Archer C5v4.
Signed-off-by: Luiz Angelo Daros de Luca <luizluca@gmail.com>
Some interfaces have a VLAN modifier like :t in lan1:t, this modifier
should be removed from the interface before calling preinit_ip_config().
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
Adapt the preinit_config_board() to the board.json network changes. It
now looks for the device and the ports variables to configure the LAN
network.
This works with swconfig configurations.
Fixes: FS#3866
Fixes: d42640e389 ("base-files: use "ports" array in board.json network for bridges")
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
Reviewed-by: Rafał Miłecki <rafal@milecki.pl>
If one of the programmes is not running, then we see the following
output in the logs.
`killall: telnetd: no process killed`
To ensure that the log is clean, redirect the output to /dev/null
Signed-off-by: Florian Eckert <fe@dev.tdt.de>
The remaining vn calls have been ported to v.
Therefore, these functions are no longer needed and will be removed.
Signed-off-by: Florian Eckert <fe@dev.tdt.de>
The logging output should not only be displayed in the calling shell
session but also in the syslog. A sysupgrade and a configuration
import, export can thus be traced in the syslog.
Signed-off-by: Florian Eckert <fe@dev.tdt.de>
Calling `switch_to_ramfs()` will not copy the gzip executable
(/bin/gzip) to ramfs, but `/bin/zcat` will call `/bin/gzip` when
package gzip is installed, instead of the busybox-supplied zcat.
This will cause `zcat` to fail to find `gzip`, then cause the
sysupgrade to fail. Adding the `busybox` prefix here will solve
the problem.
Signed-off-by: Chuck Fan <fanck0605@qq.com>
bzip2 adds about 8kb of size. For tiny builds it's often disabled.
It's not directly used by stock OpenWrt programs.
Kernel images compressed with bzip2 are also not fully supported.
Signed-off-by: Sergey Ponomarev <stokito@gmail.com>
[fix \ indention]
Signed-off-by: Paul Spooren <mail@aparcar.org>
These processes are managed by procd and set to start again when killed
via the procd instance parameter "respawn" being set during init.
Example:
procd_set_param respawn 3600 1 0
When they are killed manually during sysupgrade,
they are started again in 5 seconds or less, depending on
how the "respawn" parameter is set.
Use procd through ubus to disable the instances that respawn them,
however, allow dnsmasq, netifd, and logd to restart for remote logging.
Properly closing all these processes increases free memory by about 3 MB,
which should help low memory devices upgrade without crashing.
For very low memory devices (set to 32 MB for now)
also kill dnsmasq, netifd, and logd for an additional 3 MB of free memory.
Also, bump sleep values to allow at least 10 seconds
for network interfaces and daemons
to come up after they are killed and restarted
before caches are dropped.
Signed-off-by: Michael Pratt <mcpratt@pm.me>
Replace "ifname" with "device" as netifd has been recently patches to
used the later one. It's more clear and accurate.
Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
Bridge aggregates multiple ports so use a more accurate name ("ports")
and format (array) for storing them in board.json.
Example:
"network": {
"lan": {
"ports": [
"lan1",
"lan2",
"lan3",
"lan4"
],
"protocol": "static"
},
"wan": {
"ifname": "wan",
"protocol": "dhcp"
}
}
Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
Remove vn call in favour of v call. This commit serves as preparation
for removing the v function call.
Signed-off-by: Florian Eckert <fe@dev.tdt.de>
[alter slightly to prevent double space after colon]
Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
Users of devices with large block storage may choose to have an LVM
partition on the same device which is used for booting OpenWrt.
The presents a problem during sysupgrade as the root device is then
still busy and changing partitions will not work as desired,
leading to data corruption in case the newly flashed image is larger
than the currently installed one.
Having loop devices setup causes similar havoc.
Make sure all volume groups are offline and all loop devices have been
released before sysupgrade.
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
Introduce cmdline_get_var() to /lib/function.sh and make use of it in
export_rootdev() in /lib/upgrade/common.sh, making the code more
simple and removing one level of indentation.
Introduce get_partition_by_name() to /lib/upgrade/common.sh which is
useful on non-EFI GPT platforms like mt7622.
Remove some dead-code while at it.
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
Instead of only relying in /sysupgrade.tgz being present in rootfs to
restore configuration, also grab /tmp/sysupgrade.tar which may have
magically gotten there during preinit...
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
When using Shell arithmetric evaluation via $((..)) the variables in
the expression do not need to be prefixed by the '$' sign.
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
Check if firmware environment variable 'rootfs_data_max' exists and is
set to a numerical value greater than 0. If so, limit rootfs_data
volume to that size instead of using the maximum available size.
This is useful on devices with lots of flash where users may want to
have eg. a volume for persistent logs and statistics or for external
applications/containers. Persistence on rootfs overlay is limited by
the size of memory available during the sysugprade process as that
data needs to be copied to RAM while the volume is being recreated
during sysupgrade. Hence it is unsuitable for keeping larger amounts
of data accross upgrade which makes additional volume(s) for
application data desirable.
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
Allow for single (external-data) FIT image to hold kernel, dtb and
squashfs. In that way, the bootloader verifies the system integrity
including the rootfs, because what's the point of checking that the
hash of the kernel is correct if it won't boot in case of squashfs
being corrupted? Better allow bootloader to check everything needed
to make it at least up to failsafe mode. As a positive side effect
this change also makes the sysupgrade process on nand potentially
much easier as it is now.
In short: mkimage has a parameter '-E' which allows generating FIT
images with 'external' data rather than embedding the data into the
device-tree blob itself. In this way, the FIT structure itself remains
small and can be parsed easily (rather than having to page around
megabytes of image content). This patch makes use of that and adds
support for adding sub-images of type 'filesystem' which are used to
store the squashfs. Now U-Boot can verify the whole OS and the new
partition parsers added in the Linux kernel can detect the filesystem
sub-images, create partitions for them, and select the active rootfs
volume based on the configuration in FIT (passing configuration via
device tree could be implemented easily at a later stage).
This new FIT partition parser works for NOR flash (on top of mtdblock),
NAND flash (on top of ubiblock) as well as classic block devices
(ie. eMMC, SDcard, SATA, NVME, ...).
It could even be used to mount such FIT images via `losetup -P` on a
user PC if this patch gets included in Linux upstream one day ;)
Signed-off-by: John Crispin <john@phrozen.org>
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
/lib/functions.sh was executable for no obvious reason and its
execute property was even checked in package-ipkg.mk just to
source it afterwards.
Remove the execute bit and shebang as this is clearly a library.
Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
Reviewed-by: Philip Prindeville <philipp@redfish-solutions.com>
This drops the shebang from another bunch of files in various /lib
folders, as these are sourced and the shebang is useless.
Fix execute bit in one case, too.
This should cover almost all trivial cases now, i.e. where /lib is
actually used for library files.
Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
While the speed improvement might be negligible, there is still no
reason to read individual bytes.
Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
Adds a new function get_magic_fat32() in base-files to read FAT32 magic.
Now FAT32 EFI system partition can be handled in the same way as FAT12/FAT16.
Signed-off-by: Kagurazaka Kotori <kagurazakakotori@gmail.com>
[replace '-o' with '] || [' to satisfy shellsheck]
Signed-off-by: Paul Spooren <mail@aparcar.org>
The `functions.sh` script has `config_get_bool()` function, which is
usable when using UCI config direct access API, but there is no
equivalent for the callback API. Introduce `get_bool()` function to
allow reusing it from init scripts.
Example:
```sh
option_cb() {
local option="$1"
local value="$(get_bool "$2")"
...
}
```
Signed-off-by: Oldřich Jedlička <oldium.pro@gmail.com>
Flush kernel memory caches during sysupgrade in order
to mitigate the impact from memory consumption spikes
in low-RAM devices.
This may help to prevent sysupgrade causing a reboot
before the actual flashing starts.
Signed-off-by: Hannu Nyman <hannu.nyman@iki.fi>
This dd flag ensures that the requested size
is retrieved from pipes or special filesystems (if available).
Without this flag, on multi-core systems,
Piped or special filesystem data can be truncated
when a size greater than PIPE_BUF is requested.
Fixes: FS#3494
Fixes: 7557e7f ("package/base-files: caldata: work around dd's
limitation")
Cc: Thibaut VARÈNE <hacks@slashdirt.org>
Signed-off-by: John Thomson <git@johnthomson.fastmail.com.au>
Add code for setting mac addresses inside board.json and rendering
them out to uci. On switches we want to have a unique MAC on each port.
With 48 port switches that would require 48 device sections in
/etc/config/network. Doing so via board.json is easier.
Signed-off-by: John Crispin <john@phrozen.org>
Support installations without root-overlayfs (and hence without /rom)
when migrating user accounts.
Signed-off-by: Imran Khan <gururug@gmail.com>
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
[simplified patch, bumped PKG_RELEASE, cleaned message]
Strictly speaking, ash does not support it.
From https://wiki.ubuntu.com/DashAsBinSh#A.5B.5E.5D
Not to be confused by sed's and other program's regular expression
syntax. Uses of [^...] in case (parameter/word expansion in general) need
to be replaced with [!...].
Found with shellcheck: https://github.com/koalaman/shellcheck/wiki/SC2169
Signed-off-by: Rosen Penev <rosenp@gmail.com>
[minor commit title/message adjustments]
Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
The intent is to make it sound more like info level message, not some
error like "404 not found". x86 target at the moment makes image with
only signature but no metadata (ref commit f8141216 "x86: append
metadata to combined images").
Signed-off-by: Yousong Zhou <yszhou4tech@gmail.com>
Reviewed-By: Philip Prindeville <philipp@redfish-solutions.com>
This will have at least the following effects
- Log lines will have common prefix
- They will be output to stderr instead of stdout
Signed-off-by: Yousong Zhou <yszhou4tech@gmail.com>
This is mainly to handle stderr message "Broken pipe", "F+P records
in/out" by common pattern "xcat | dd .."
Ref: https://bugs.openwrt.org/index.php?do=details&task_id=3140
Reported-by: Philip Prindeville <philipp@redfish-solutions.com>
Signed-off-by: Yousong Zhou <yszhou4tech@gmail.com>
Reviewed-By: Philip Prindeville <philipp@redfish-solutions.com>
Latest netifd allows us to setup network bridges with implicit vlan
tagging. For this to work, we need to setup several additional uci
sections. This feature is particularly usefull for DSA tupe devices.
Add board.d and uci-defaults support for generating the sections.
Signed-off-by: John Crispin <john@phrozen.org>
Without the model-based devicename for LEDs, there are still cases
where a third component is required, typically when it refers to
internal "devices" like phys etc. An example are the following two
found on ramips:
- rt2800soc-phy0::radio
- rt2800pci-phy0::radio
So far, the rt2800*-phy: prefixes would be removed by the devicename
removal ("migration") script, and the configuration for these LEDs
would be broken.
To address this, this patch allows to add arguments to a call of
remove_devicename_leds, which will be compared against the first
part of the LED names/labels, and then be ignored by the routine,
and thus not removed:
remove_devicename_leds "rt2800soc-phy0" "rt2800pci-phy0"
This mechanism is supposed to be used when a "devicename" applies
to several devices. If only a single device is affected, it might
be more effective to use a case statement and exclude the device
from migration by that entirely.
Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
Currently, we request LED labels in OpenWrt to follow the scheme
modelname:color:function
However, specifying the modelname at the beginning is actually
entirely useless for the devices we support in OpenWrt. In patches
subsequent to this one, we will thus remove the modelname from
the label definitions on various targets.
To migrate the existing definitions from older installations,
a migration script needs to be deployed that does
modelname:color:function -> color:function
e.g.
dir-789:green:status -> green:status
This patch introduces two functions that do exactly that:
For each entry in /etc/config/system, the routine will check whether
two (or more) colons are present, and then remove everything up to
(and including) the first colon.
For now, this will be applied unconditionally, i.e. if the function
is called for a device, all labels will be cut like this.
However, for a future case of mixed three-part and two-part labels,
it should not be too hard to provide a function argument with
exceptions to the removal.
Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
The LED's "label" property has been deprecated in upstream by:
|commit c5d18dd6b64e09dd6984bda9bdd55160af537a8c
|Author: Jacek Anaszewski <jacek.anaszewski@gmail.com>
|Date: Sun Jun 9 20:19:04 2019 +0200
|
| dt-bindings: leds: Add properties for LED name construction
|
| Introduce dedicated properties for conveying information about
| LED function and color. Mark old "label" property as deprecated.
|
| Additionally function-enumerator property is being provided
| for the cases when neither function nor color can be used
| for LED differentiation.
in order to be somewhat prepared, this patch adds a fallback
as a last resort to make the current led code work by falling
back to the node-name as the "label".
Signed-off-by: Christian Lamparter <chunkeey@gmail.com>
Fix typo in comment.
Signed-off-by: Walter Sonius <walterav1984@gmail.com>
[commit title/message facelift]
Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
Fix shellcheck SC2230
> which is non-standard. Use builtin 'command -v' instead.
Using `command -v` is POSIX compliant while `which` is not. Also to
mention, `command -v` is a shell builtin whereas `which` is a separate
busybox applet.
Once applied to everything concerning OpenWrt we can disable the busybox
feature `which` and save 3.8kB.
Acked-by: Stijn Tintel <stijn@linux-ipv6.be>
Signed-off-by: Paul Spooren <mail@aparcar.org>
[also replace cases in zram-swap]
Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
When passing a section or option value to config_get() which contains
characters that happen to be valid variable interpolation expressions,
the function returns a nonsensical expression result instead of the
expected empty string.
When the passed section or option name contains other characters which
are not valid within a shell variable name, a substitution error is
occuring instead.
The issue can be easily reproduced by one of the following examples:
root@OpenWrt:~# . /lib/functions.sh
root@OpenWrt:~# config load system
root@OpenWrt:~# config_get variable invalid-section option
root@OpenWrt:~# echo "$variable"
section_option:-
root@OpenWrt:~# . /lib/functions.sh
root@OpenWrt:~# config load system
root@OpenWrt:~# config_get variable section invalid-option
root@OpenWrt:~# echo "$variable"
option:-
root@OpenWrt:~# . /lib/functions.sh
root@OpenWrt:~# config load system
root@OpenWrt:~# config_get variable section invalid@option
-ash: eval: syntax error: bad substitution
Fix this issue by only performing interpolations when the given section
and option arguments are free of illegal characters.
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
So far, the compatibility mechanism only works if both device and
image are already updated to the new routines. This patch extends
the sysupgrade metadata and fwtool_check_image() to account for
"older" images as well:
The basic mechanism for older devices to check for image compatibility
is the supported_devices entry. This can be exploited by putting
a custom message into this variable of the metadata, so older FW
will produce a mismatch and print the message as it thinks it's the
list of supported devices. So, we have two cases:
device 1.0, image 1.0:
The metadata will just contain supported_devices as before.
device 1.0, image 1.1:
The metadata will contain:
"new_supported_devices":["device_string1", "device_string2", ...],
"supported_devices":["Image version 1.1 incompatible to device: ..."]
If the device is "legacy", i.e. does not have the updated fwtool.sh,
it will just fail with image check and print the content of
supported_devices. If DEVICE_COMPAT_MESSAGE is set, this will be
printed on old devices as well through the same mechanism. Otherwise
a generic "Please check documentation ..." is appended.
Upgrade can still be performed with -F like when
SUPPORTED_DEVICES has been removed to prevent bricking.
If the device has updated fwtool.sh (but is 1.0), it will just use
the new_supported_devices instead, and work as intended (flashing
with -n will work, flashing without will print the appropriate
warning).
This mechanism should provide a fair tradeoff between simplicity
and functionality.
Since we touched a lot of fields in metadata, this also bumps
metadata_version to 1.1.
Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
