1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
|
#!/bin/sh
# Copyright 2017-2019 Intel Corporation
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
#
#
# provide a couple of places in the RO root filesystem
# that can be made RW with an overlayfs
log() {
[ -c /dev/kmsg ] && echo "init: $@" > /dev/kmsg
echo "init: $@"
}
# start with /proc and /tmp mounted
[ -e /proc/mounts ] || mount -t proc proc /proc
# FIXME: add size limits to /tmp
grep -q /tmp /proc/mounts || mount -t tmpfs -o rw,nosuid,nodev tmp /tmp
grep -q /sys /proc/mounts || mount -t sysfs -o rw,nosuid,nodev,noexec sys /sys
# fix up /srv to be RW
mkdir -p /tmp/srv
mount --bind /tmp/srv /srv
if grep -q debug-init /proc/cmdline; then
exec > /tmp/init.log 2>&1
set -x
env
else
# silent bob
exec >/dev/null 2>&1
fi
# list of things that need to be rw at boot
NV_OVERLAYS="/etc /var /home"
# place to mount the overlay backing store
OVERLAY_MNT=/tmp/.overlay
OVERLAY_SIZE=16384
# place to mount NV
RWFS_MNT=/tmp/.rwfs
# NV overlay storage
OVERLAY_SYNC=${RWFS_MNT}/.overlay
if grep -q "$RWFS_MNT" /proc/mounts; then
# quit - we have already run
exit 0
fi
mkdir -p "$OVERLAY_MNT"
# TODO: remount the overlay with a size limit?
# mount -t tmpfs -o rw,size=${OVERLAY_SIZE} oltmp ${OVERLAY_MNT}
mtd_by_name() {
local name="$1"
local mtd="/dev/$(grep "$name" /proc/mtd | cut -d : -f 1)"
echo "$mtd"
}
mtdnum_by_name() {
local name="$1"
local mtdnum="$(grep "$name" /proc/mtd | cut -c 4)"
echo "$mtdnum"
}
NV_MTD=rwfs
NV_MTD_DEV="$(mtd_by_name ${NV_MTD})"
NV_MTD_NUM="$(mtdnum_by_name ${NV_MTD})"
nvrw() {
local p="$1"
# Clear the work dir doing overlay mount
rm -rf "${OVERLAY_MNT}${p}.work"
mkdir -p "${OVERLAY_MNT}${p}" "${OVERLAY_MNT}${p}.work"
local mname=$(echo "ol${p}" | sed 's,/,,g')
local opts="lowerdir=${p},upperdir=${OVERLAY_MNT}${p},workdir=${OVERLAY_MNT}${p}.work,sync"
mount -t overlay -o "$opts" "$mname" "$p"
}
targeted_clean() {
log "restore-defaults: targeted_clean"
# Do not delete FRU info, ssh/ssl certs, or machine-id
(
cd "${OVERLAY_SYNC}/etc"
find . ! -regex '.*\(/ssl\|/dropbear\|/machine-id\(_bkup\)\?\|/fru\).*' -exec rm -rf {} +
)
# nothing should be in the workdir, but clear it just in case
rm -rf "${OVERLAY_SYNC}/etc.work"
# clean everything out of /home
rm -rf "${OVERLAY_SYNC}/home" "${OVERLAY_SYNC}/home.work"
# clean everything out of /var
rm -rf "${OVERLAY_SYNC}/var" "${OVERLAY_SYNC}/var.work"
echo "Files remaining: $(find $OVERLAY_SYNC/)"
sync
}
full_clean() {
log "restore-defaults: full_clean"
local OVL=''
for OVL in $NV_OVERLAYS; do
rm -rf "${OVERLAY_SYNC}${OVL}" "${OVERLAY_SYNC}${OVL}.work"
done
sync
}
# attach a UBI device to the MTD device
prepare_ubi_volume() {
local nv_num="$1"
local mtd="/dev/mtd${nv_num}"
local ubi="/dev/ubi${nv_num}"
if [ ! -e $ubi ]; then
if ! ubiattach -m "$nv_num" -d "$nv_num"; then
# the attach failed, so format the MTD device and try again
log "Warning! Failed to attach $ubi to $mtd."
log "UBI-formatting $mtd to attach again. Data on this device will be lost."
ubiformat -y "$mtd"
ubiattach -m "$nv_num" -d "$nv_num"
fi
fi
# make a UBI volume on the UBI device
local vol="${ubi}_0"
if [ ! -e $vol ]; then
ubimkvol "$ubi" -N "$mtd" -m
fi
}
reformat_ubi_volume() {
local nv_num="$1"
local mnt="$2"
local mtd="/dev/mtd${nv_num}"
local ubi="/dev/ubi${nv_num}"
local vol="${ubi}_0"
# unmount the volume to reformat it
umount -f "$mnt"
ubidetach -m $nv_num
ubiformat -y "$mtd"
prepare_ubi_volume $nv_num
# remount the UBIFS on the UBI volume
mount -t ubifs -o sync "$vol" "$mnt"
if [ $? -ne 0 ]; then
log "Failed to mount reformatted NV volume; system unstable"
fi
}
clear_ubenv() {
log "Clearing U-Boot environment"
flash_erase /dev/mtd/u-boot-env 0 0
}
# mount NV filesystem
mkdir -p "$RWFS_MNT"
prepare_ubi_volume $NV_MTD_NUM
mount -t ubifs -o sync "/dev/ubi${NV_MTD_NUM}_0" "$RWFS_MNT"
if [ $? -ne 0 ]; then
log "Failed to mount NV volume; attempting recovery"
reformat_ubi_volume $NV_MTD_NUM $RWFS_MNT
fi
# check for full factory reset: if so, ubiformat $NV_MTD_DEV
RESTORE_FLAG=$RWFS_MNT/.restore_op
restore_op=$(cat $RESTORE_FLAG) # read from NV
restore_op=${restore_op:-0} # set default value 0
restore_op=$((restore_op & 3)) # mask off 2 bits
if [ $restore_op -eq 1 ]; then
targeted_clean
elif [ $restore_op -eq 2 ]; then
full_clean
clear_ubenv
elif [ $restore_op -eq 3 ]; then
log "restore-defaults: reformat"
reformat_ubi_volume $NV_MTD_NUM $RWFS_MNT
clear_ubenv
fi
rm -f $RESTORE_FLAG
# Restore the overlay saved in the sync
rsync -a --delete "${OVERLAY_SYNC}/" "${OVERLAY_MNT}"
log "Restored overlay from sync location"
for FS in $NV_OVERLAYS; do
nvrw "$FS"
done
# work around bug where /etc/machine-id will be mounted with a temporary file
# if rootfs is read-only and the file is empty
MACHINE_ID=/etc/machine-id
generate_machine_id() {
systemd-machine-id-setup
cp -pf "$MACHINE_ID" "${MACHINE_ID}_bkup"
}
if [ ! -s "$MACHINE_ID" ]; then
# work around - Bug: Overlay fs fails for machine-id due to
# origin mismatch. Clean it up, from overlay fs before re-creating
# the same.
if [ -e "$OVERLAY_MNT$MACHINE_ID" ]; then
umount "/etc"
rm -f "$OVERLAY_MNT$MACHINE_ID"
nvrw "/etc"
# Restore the machine-id from backup, else generate it.
if [ -s "${MACHINE_ID}_bkup" ]; then
cp -pf "${MACHINE_ID}_bkup" "${MACHINE_ID}"
else
generate_machine_id
fi
log "Remounted /etc for machine-id origin mismatch"
else
generate_machine_id
fi
fi
# mount persistent NV filesystem, where immortal settings live
SOFS_MNT=/var/sofs
if ! grep -q sofs /proc/mounts; then
mkdir -p $SOFS_MNT
SOFS_MTD=sofs
SOFS_MTD_NUM="$(mtdnum_by_name ${SOFS_MTD})"
# mount a UBIFS on the UBI volume
prepare_ubi_volume $SOFS_MTD_NUM
mount -t ubifs -o sync "/dev/ubi${SOFS_MTD_NUM}_0" "$SOFS_MNT"
if [ $? -ne 0 ]; then
log "Failed to mount SOFS volume; attempting recovery"
reformat_ubi_volume $SOFS_MTD_NUM $SOFS_MNT
fi
fi
log "Finished mounting nv and overlays"
exec /lib/systemd/systemd
|
