1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
|
#!/bin/sh
# Copyright 2017-2019 Intel Corporation
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
#
#
# provide a couple of places in the RO root filesystem
# that can be made RW with an overlayfs
log() {
[ -c /dev/kmsg ] && echo "init: $@" > /dev/kmsg
echo "init: $@"
}
# start with /proc and /tmp mounted
[ -e /proc/mounts ] || mount -t proc proc /proc
grep -q /tmp /proc/mounts || mount -t tmpfs -o rw,nosuid,nodev tmp /tmp
grep -q /sys /proc/mounts || mount -t sysfs -o rw,nosuid,nodev,noexec sys /sys
if grep -q debug-init /proc/cmdline; then
exec > /tmp/init.log 2>&1
set -x
else
# silent bob
exec >/dev/null 2>&1
fi
# list of things that need to be rw at boot
NV_OVERLAYS="/etc /var /home"
# place to mount the real ubifs backing store
RWFS_MNT=/tmp/.rwfs
if grep -q "$RWFS_MNT" /proc/mounts; then
# quit - we have already run
exit 0
fi
mkdir -p "$RWFS_MNT"
mtd_by_name() {
local name="$1"
local mtd="/dev/$(grep "$name" /proc/mtd | cut -d : -f 1)"
echo "$mtd"
}
mtdnum_by_name() {
local name="$1"
local mtdnum="$(grep "$name" /proc/mtd | cut -c 4)"
echo "$mtdnum"
}
NV_MTD=rwfs
NV_MTD_DEV="$(mtd_by_name ${NV_MTD})"
NV_MTD_NUM="$(mtdnum_by_name ${NV_MTD})"
nvrw() {
local p="$1"
# Clear the work dir doing overlay mount
rm -rf "${RWFS_MNT}${p}.work"
mkdir -p "${RWFS_MNT}${p}" "${RWFS_MNT}${p}.work"
local mname=$(echo "rwnv${p}" | sed 's,/,,g')
local opts="lowerdir=${p},upperdir=${RWFS_MNT}${p},workdir=${RWFS_MNT}${p}.work,sync"
mount -t overlay -o "$opts" "$mname" "$p"
}
targeted_clean() {
log "restore-defaults: targeted_clean"
# Do not delete FRU info, ssh/ssl certs, or machine-id
(
cd "${RWFS_MNT}/etc"
find . ! -regex '.*\(/ssl\|/dropbear\|/machine-id\(_bkup\)\?\|/fru\).*' -exec rm -rf {} +
)
# nothing should be in the workdir, but clear it just in case
rm -rf "${RWFS_MNT}/etc.work"
# clean everything out of /home
rm -rf "${RWFS_MNT}/home" "${RWFS_MNT}/home.work"
# clean everything out of /var
rm -rf "${RWFS_MNT}/var" "${RWFS_MNT}/var.work"
echo "Files remaining: $(find $RWFS_MNT/)"
sync
}
full_clean() {
log "restore-defaults: full_clean"
local OVL=''
for OVL in $NV_OVERLAYS; do
rm -rf "${RWFS_MNT}${OVL}" "${RWFS_MNT}${OVL}.work"
done
sync
}
# attach a UBI device to the MTD device
prepare_ubi_volume() {
local nv_num="$1"
local mtd="/dev/mtd${nv_num}"
local ubi="/dev/ubi${nv_num}"
if [ ! -e $ubi ]; then
if ! ubiattach -m "$nv_num" -d "$nv_num"; then
# the attach failed, so format the MTD device and try again
log "Warning! Failed to attach $ubi to $mtd."
log "UBI-formatting $mtd to attach again. Data on this device will be lost."
ubiformat -y "$mtd"
ubiattach -m "$nv_num" -d "$nv_num"
fi
fi
# make a UBI volume on the UBI device
local vol="${ubi}_0"
if [ ! -e $vol ]; then
ubimkvol "$ubi" -N "$mtd" -m
fi
}
reformat_ubi_volume() {
local nv_num="$1"
local mnt="$2"
local ubi="/dev/ubi${nv_num}"
local vol="${ubi}_0"
# unmount the volume to reformat it
umount -f "$mnt"
ubidetach -m $nv_num
ubiformat -y "$ubi"
prepare_ubi_volume $nv_num
# remount the UBIFS on the UBI volume
mount -t ubifs "$vol" "$mnt"
if [ $? -ne 0 ]; then
log "Failed to mount reformatted NV volume; system unstable"
fi
}
# mount a UBIFS on the UBI volume
prepare_ubi_volume $NV_MTD_NUM
mount -t ubifs "/dev/ubi${NV_MTD_NUM}_0" "$RWFS_MNT"
if [ $? -ne 0 ]; then
log "Failed to mount NV volume; attempting recovery"
reformat_ubi_volume $NV_MTD_NUM $RWFS_MNT
fi
# check for full factory reset: if so, ubiformat $NV_MTD_DEV
RESTORE_FLAG=$RWFS_MNT/.restore_op
restore_op=$(cat $RESTORE_FLAG) # read from NV
restore_op=${restore_op:-0} # set default value 0
restore_op=$((restore_op & 3)) # mask off 2 bits
if [ $restore_op -eq 1 ]; then
targeted_clean
elif [ $restore_op -eq 2 ]; then
full_clean
elif [ $restore_op -eq 3 ]; then
log "restore-defaults: reformat"
reformat_ubi_volume $NV_MTD_NUM $RWFS_MNT
fi
rm -f $RESTORE_FLAG
for FS in $NV_OVERLAYS; do
nvrw "$FS"
done
# work around bug where /etc/machine-id will be mounted with a temporary file
# if rootfs is read-only and the file is empty
MACHINE_ID=/etc/machine-id
generate_machine_id() {
systemd-machine-id-setup
cp -pf "$MACHINE_ID" "${MACHINE_ID}_bkup"
}
if [ ! -s "$MACHINE_ID" ]; then
# work around - Bug: Overlay fs fails for machine-id due to
# origin mismatch. Clean it up, from overlay fs before re-creating
# the same.
if [ -e "$RWFS_MNT$MACHINE_ID" ]; then
umount "/etc"
rm -f "$RWFS_MNT$MACHINE_ID"
nvrw "/etc"
# Restore the machine-id from backup, else generate it.
if [ -s "${MACHINE_ID}_bkup" ]; then
cp -pf "${MACHINE_ID}_bkup" "${MACHINE_ID}"
else
generate_machine_id
fi
log "Remounted /etc for machine-id origin mismatch"
else
generate_machine_id
fi
fi
# mount persistent NV filesystem, where immortal settings live
SOFS_MNT=/var/sofs
if ! grep -q sofs /proc/mounts; then
mkdir -p $SOFS_MNT
SOFS_MTD=sofs
SOFS_MTD_NUM="$(mtdnum_by_name ${SOFS_MTD})"
# mount a UBIFS on the UBI volume
prepare_ubi_volume $SOFS_MTD_NUM
mount -t ubifs "/dev/ubi${SOFS_MTD_NUM}_0" "$SOFS_MNT"
if [ $? -ne 0 ]; then
log "Failed to mount SOFS volume; attempting recovery"
reformat_ubi_volume $SOFS_MTD_NUM $SOFS_MNT
fi
fi
log "Finished mounting non-volatile overlays"
exec /lib/systemd/systemd
|