Merge pull request 'feat: add proper A/B schema' (#1) from preinit-ab into main

Reviewed-on: #1
This commit is contained in:
Ryan Lahfa 2024-05-24 17:22:45 +02:00
commit 1e9204f2f0
12 changed files with 68 additions and 186 deletions

1
.gitignore vendored
View file

@ -7,3 +7,4 @@ _build
*-secrets.nix *-secrets.nix
examples/static-leases.nix examples/static-leases.nix
/doc/hardware.rst /doc/hardware.rst
.ccls-cache

View file

@ -4,7 +4,6 @@
, liminix-config ? <liminix-config> , liminix-config ? <liminix-config>
, nixpkgs ? <nixpkgs> , nixpkgs ? <nixpkgs>
, borderVmConf ? ./bordervm.conf.nix , borderVmConf ? ./bordervm.conf.nix
, imageType ? "primary"
}: }:
let let
@ -14,8 +13,7 @@ let
config = { config = {
allowUnsupportedSystem = true; # mipsel allowUnsupportedSystem = true; # mipsel
permittedInsecurePackages = [ permittedInsecurePackages = [
"python-2.7.18.6" # kernel backports needs python <3 "python-2.7.18.8" # kernel backports needs python <3
"python-2.7.18.7"
]; ];
}; };
}); });
@ -36,9 +34,6 @@ let
./modules/s6 ./modules/s6
./modules/users.nix ./modules/users.nix
./modules/outputs.nix ./modules/outputs.nix
{
boot.imageType = imageType;
}
]; ];
}; };
config = eval.config; config = eval.config;
@ -66,6 +61,13 @@ in {
# cross-compiling nix-shell for any package we're customizing # cross-compiling nix-shell for any package we're customizing
inherit pkgs; inherit pkgs;
deployEnv = pkgs.mkShell {
packages = with pkgs.pkgsBuildBuild; [
tufted
min-copy-closure
];
};
buildEnv = pkgs.mkShell { buildEnv = pkgs.mkShell {
packages = with pkgs.pkgsBuildBuild; [ packages = with pkgs.pkgsBuildBuild; [
tufted tufted

View file

@ -1,155 +0,0 @@
#include "mt7621.dtsi"
#include <dt-bindings/gpio/gpio.h>
#include <dt-bindings/input/input.h>
/ {
aliases {
label-mac-device = &gmac0;
};
};
&nand {
status = "okay";
mediatek,nmbm;
mediatek,bmt-max-ratio = <15>;
mediatek,bmt-max-reserved-blocks = <64>;
mediatek,bmt-remap-range =
<0x0 0x980000>,
<0x2980000 0x7800000>;
partitions {
compatible = "fixed-partitions";
#address-cells = <1>;
#size-cells = <1>;
partition@0 {
label = "u-boot";
reg = <0x0 0x80000>;
read-only;
};
partition@80000 {
label = "u-boot-env";
reg = <0x80000 0x80000>;
read-only;
};
factory: partition@100000 {
label = "factory";
reg = <0x100000 0x80000>;
read-only;
};
partition@2980000 {
label = "firmware_b";
reg = <0x2980000 0x2800000>;
compatible = "fixed-partitions";
#address-cells = <1>;
#size-cells = <1>;
partition@0 {
label = "kernel_b";
reg = <0x0 0x800000>;
};
partition@400000 {
label = "ubi";
reg = <0x800000 0x2000000>;
};
};
partition@180000 {
label = "firmware_a";
reg = <0x180000 0x2800000>;
compatible = "fixed-partitions";
#address-cells = <1>;
#size-cells = <1>;
partition@0 {
label = "kernel_a";
reg = <0x0 0x800000>;
};
partition@400000 {
label = "ubi_a";
reg = <0x800000 0x2000000>;
};
};
partition@5180000 {
label = "rootfs_data";
reg = <0x5180000 0x1400000>;
};
partition@6580000 {
label = "logs";
reg = <0x6580000 0xd00000>;
};
partition@7280000 {
label = "vendor-myzyxel";
reg = <0x7280000 0x480000>;
read-only;
};
partition@7700000 {
label = "bootconfig";
reg = <0x7700000 0x80000>;
};
mrd: partition@7780000 {
label = "mrd";
reg = <0x7780000 0x80000>;
read-only;
nvmem-layout {
compatible = "fixed-layout";
#address-cells = <1>;
#size-cells = <1>;
macaddr_mrd_1fff8: macaddr@1fff8 {
reg = <0x1fff8 0x6>;
};
};
};
};
};
&pcie {
status = "okay";
};
&pcie1 {
wlan_5g: wifi@0,0 {
reg = <0x0 0 0 0 0>;
compatible = "mediatek,mt76";
mediatek,mtd-eeprom = <&factory 0x0>;
/* MAC-Address set in userspace */
};
};
&gmac0 {
nvmem-cells = <&macaddr_mrd_1fff8>;
nvmem-cell-names = "mac-address";
};
&switch0 {
ports {
port@4 {
status = "okay";
label = "lan";
};
};
};
&state_default {
gpio {
groups = "uart3";
function = "gpio";
};
};

View file

@ -91,7 +91,6 @@
- Mount the logs partition, mount / as overlayfs of firmware ? rootfs and rootfs_data for extended data. - Mount the logs partition, mount / as overlayfs of firmware ? rootfs and rootfs_data for extended data.
- Jitter-based entropy injection? Device can be slow to initialize its CRNG and hostapd will reject few clients at the start because of that. - Jitter-based entropy injection? Device can be slow to initialize its CRNG and hostapd will reject few clients at the start because of that.
- Defaults for hostapd based on MT7915 capabilities? See the example for one possible list. - Defaults for hostapd based on MT7915 capabilities? See the example for one possible list.
- Remove primary/secondary hack and put it in preinit.
- Offer ways to reflash the *bootloader* itself to support direct boot via UBI and kernel upgrades via filesystem rewrite. - Offer ways to reflash the *bootloader* itself to support direct boot via UBI and kernel upgrades via filesystem rewrite.
Vendor web page: https://www.zyxel.com/fr/fr/products/wireless/ax1800-wifi-6-dual-radio-nebulaflex-access-point-nwa50ax Vendor web page: https://www.zyxel.com/fr/fr/products/wireless/ax1800-wifi-6-dual-radio-nebulaflex-access-point-nwa50ax
@ -171,6 +170,8 @@
maxLEBcount = "256"; maxLEBcount = "256";
}; };
flash.eraseBlockSize = 65536;
# This is a FIT containing a kernel padded and # This is a FIT containing a kernel padded and
# a UBI volume rootfs. # a UBI volume rootfs.
defaultOutput = "zyxel-nwa-fit"; defaultOutput = "zyxel-nwa-fit";
@ -181,22 +182,18 @@
alignment = 2048; alignment = 2048;
rootDevice = "ubi:rootfs"; rootDevice = "ubi:rootfs";
alternativeRootDevice = "ubi:rootfs";
# Auto-attach MTD devices: ubi_a then ubi_b.
ubi.mtds = [ "ubi_a" "ubi_b" ];
dts = { dts = {
# Actually, this is not what we want. # Strong DTB assumptions:
# This DTS is insufficient. # ubi_a and ubi_b are two MTD devices.
src = ./mt7621_zyxel_nwa50ax.dtsi; # If those changes, disaster will occur.
src = ./dtb/mt7621_zyxel_nwa50ax.dtsi;
includes = [ includes = [
# Here's one weird trick to make `ubi` detection "${./dtb}"
# out of the box.
# We will write ubi on /dev/firmware_a:rootfs location
# and same for /dev/firmware_b:rootfs.
# How do we distinguish both?
# We can just use the DTS to point ubi at A or B.
# This, unfortunately, means that we have "two images".
# But they are really just 1 image with 2 different DTS.
# TODO: improve this hack in preinit?
(if config.boot.imageType == "primary" then "${./a_image}" else "${./b_image}")
"${openwrt.src}/target/linux/ramips/dts" "${openwrt.src}/target/linux/ramips/dts"
]; ];
}; };

View file

@ -56,7 +56,7 @@
}; };
partition@400000 { partition@400000 {
label = "ubi"; label = "ubi_a";
reg = <0x800000 0x2000000>; reg = <0x800000 0x2000000>;
}; };
}; };

View file

@ -64,10 +64,6 @@ in {
default = "bootargs"; default = "bootargs";
description = "Kernel command line's devicetree node"; description = "Kernel command line's devicetree node";
}; };
imageType = mkOption {
type = types.enum [ "primary" "secondary" ];
default = "primary";
};
imageFormat = mkOption { imageFormat = mkOption {
type = types.enum ["fit" "uimage"]; type = types.enum ["fit" "uimage"];
default = "uimage"; default = "uimage";
@ -110,7 +106,10 @@ in {
"root=${config.hardware.rootDevice}" "root=${config.hardware.rootDevice}"
"rootfstype=${config.rootfsType}" "rootfstype=${config.rootfsType}"
"fw_devlink=off" "fw_devlink=off"
] ++ lib.optional (config.rootOptions != null) "rootflags=${config.rootOptions}"; ]
++ (map (mtd: "ubi.mtd=${mtd}") config.hardware.ubi.mtds)
++ lib.optional (config.rootOptions != null) "rootflags=${config.rootOptions}"
++ lib.optional (config.hardware.alternativeRootDevice != null) "altroot=${config.hardware.alternativeRootDevice}";
system.callService = path : parameters : system.callService = path : parameters :
let let

View file

@ -82,6 +82,18 @@ in {
type = types.str; type = types.str;
example = "/dev/mtdblock3"; example = "/dev/mtdblock3";
}; };
alternativeRootDevice = mkOption {
description = "Full path to alternative preferred root device (the B partition of your rootfs)";
type = types.nullOr types.str;
example = "ubi_b:rootfs";
default = null;
};
ubi.mtds = mkOption {
description = "List of MTD device to attach";
type = types.listOf types.str;
example = [ "ubi_a" "ubi_b" "data" ];
default = null;
};
networkInterfaces = mkOption { networkInterfaces = mkOption {
type = types.attrsOf types.anything; type = types.attrsOf types.anything;
}; };

View file

@ -62,7 +62,7 @@ on a system with pre-existing firmware and OS.
}; };
''; '';
in in
pkgs.runCommand "zyxel-nwa-fit-${config.boot.imageType}" { pkgs.runCommand "zyxel-nwa-fit" {
nativeBuildInputs = [ pkgs.pkgsBuildBuild.ubootTools pkgs.pkgsBuildBuild.dtc ]; nativeBuildInputs = [ pkgs.pkgsBuildBuild.ubootTools pkgs.pkgsBuildBuild.dtc ];
} '' } ''
mkimage -f ${dts} $out mkimage -f ${dts} $out

View file

@ -1,5 +1,6 @@
struct root_opts { struct root_opts {
char *device; char *device;
char *altdevice; /* For A/B schemas */
char *fstype; char *fstype;
char *mount_opts; char *mount_opts;
}; };

View file

@ -70,6 +70,7 @@ void parseopts(char * cmdline, struct root_opts *opts) {
p = eat_param(p, "root=", &(opts->device)); p = eat_param(p, "root=", &(opts->device));
p = eat_param(p, "rootfstype=", &(opts->fstype)); p = eat_param(p, "rootfstype=", &(opts->fstype));
p = eat_param(p, "rootflags=", &(opts->mount_opts)); p = eat_param(p, "rootflags=", &(opts->mount_opts));
p = eat_param(p, "altroot=", &(opts->altdevice));
}; };
} }
@ -102,6 +103,14 @@ int main()
expect_equal(opts.fstype, "ubifs"); expect_equal(opts.fstype, "ubifs");
expect_equal(opts.mount_opts, "subvol=1"); expect_equal(opts.mount_opts, "subvol=1");
// finds altroot= options
buf = strdup("liminix console=ttyS0,115200 panic=10 oops=panic init=/bin/init loglevel=8 root=/dev/ubi0_4 rootfstype=ubifs rootflags=subvol=1 fw_devlink=off mtdparts=phram0:18M(rootfs) phram.phram=phram0,0x40400000,18874368,65536 root=/dev/mtdblock0 altroot=/dev/mtdblock6 foo");
memset(&opts, '\0', sizeof opts); parseopts(buf, &opts);
expect_equal(opts.device, "/dev/mtdblock0");
expect_equal(opts.altdevice, "/dev/mtdblock6");
expect_equal(opts.fstype, "ubifs");
expect_equal(opts.mount_opts, "subvol=1");
// in case of duplicates, chooses the latter // in case of duplicates, chooses the latter
// also: works if the option is end of string // also: works if the option is end of string
buf = strdup("liminix console=ttyS0,115200 panic=10 oops=panic init=/bin/init loglevel=8 root=/dev/ubi0_4 rootfstype=ubifs fw_devlink=off mtdparts=phram0:18M(rootfs) phram.phram=phram0,0x40400000,18874368,65536 root=/dev/mtdblock0"); buf = strdup("liminix console=ttyS0,115200 panic=10 oops=panic init=/bin/init loglevel=8 root=/dev/ubi0_4 rootfstype=ubifs fw_devlink=off mtdparts=phram0:18M(rootfs) phram.phram=phram0,0x40400000,18874368,65536 root=/dev/mtdblock0");
@ -134,13 +143,15 @@ int main()
if(opts.fstype) die("expected null rootfstype, got \"%s\"", opts.fstype); if(opts.fstype) die("expected null rootfstype, got \"%s\"", opts.fstype);
if(opts.device) die("expected null root, got \"%s\"", opts.device); if(opts.device) die("expected null root, got \"%s\"", opts.device);
if(opts.mount_opts) die("expected null mount_opts, got \"%s\"", opts.mount_opts); if(opts.mount_opts) die("expected null mount_opts, got \"%s\"", opts.mount_opts);
if(opts.altdevice) die("expected null altdevice, got \"%s\"", opts.altdevice);
// provides empty strings for empty options // provides empty strings for empty options
buf = strdup("liminix rootfstype= fw_devlink=off root= /dev/hda1"); buf = strdup("liminix rootfstype= fw_devlink=off root= altroot= /dev/hda1");
memset(&opts, '\0', sizeof opts); parseopts(buf, &opts); memset(&opts, '\0', sizeof opts); parseopts(buf, &opts);
if(strlen(opts.fstype)) die("expected empty rootfstype, got \"%s\"", opts.fstype); if(strlen(opts.fstype)) die("expected empty rootfstype, got \"%s\"", opts.fstype);
if(strlen(opts.device)) die("expected null root, got \"%s\"", opts.device); if(strlen(opts.device)) die("expected empty root, got \"%s\"", opts.device);
if(strlen(opts.altdevice)) die("expected empty altroot, got \"%s\"", opts.altdevice);
expect_equal("01", pr_u32(1)); expect_equal("01", pr_u32(1));
expect_equal("ab", pr_u32(0xab)); expect_equal("ab", pr_u32(0xab));

View file

@ -13,7 +13,7 @@
#include "opts.h" #include "opts.h"
#define ERR(x) write(2, x, strlen(x)) #define ERR(x) write(2, x, strlen(x))
#define AVER(c) do { if(c < 0) { ERR("failed: " #c ": error=0x" ); pr_u32(errno); ERR("\n"); } } while(0) #define AVER(c) do { if(c < 0) { ERR("failed: " #c ": error=0x" ); pr_u32(errno); ERR ( " - "); ERR(strerror(errno)); ERR("\n"); } } while(0)
char * pr_u32(int32_t input); char * pr_u32(int32_t input);
@ -88,8 +88,21 @@ int main(int argc, char *argv[], char *envp[])
write(1, ", opts=", 7); write(1, ", opts=", 7);
write(1, opts.mount_opts, strlen(opts.mount_opts)); write(1, opts.mount_opts, strlen(opts.mount_opts));
} }
if(opts.altdevice) {
write(1, ", altdevice=", 12);
write(1, opts.altdevice, strlen(opts.altdevice));
}
write(1, ")\n", 2); write(1, ")\n", 2);
if(!opts.altdevice) {
AVER(mount(opts.device, "/target/persist", opts.fstype, 0, opts.mount_opts)); AVER(mount(opts.device, "/target/persist", opts.fstype, 0, opts.mount_opts));
} else {
if(mount(opts.device, "/target/persist", opts.fstype, 0, opts.mount_opts) < 0) {
AVER(mount(opts.altdevice, "/target/persist", opts.fstype, 0, opts.mount_opts));
}
}
// FUTUREWORK: any failure using `opts.device` should force us to consider rerunning this with the alternative rootfs.
AVER(mount("/target/persist/nix", "/target/nix", AVER(mount("/target/persist/nix", "/target/nix",
"bind", MS_BIND, NULL)); "bind", MS_BIND, NULL));
@ -102,6 +115,7 @@ int main(int argc, char *argv[], char *envp[])
argv[0] = "init"; argv[0] = "init";
argv[1] = NULL; argv[1] = NULL;
AVER(execve("/persist/init", argv, envp)); AVER(execve("/persist/init", argv, envp));
} }
die(); die();