From 7cbcdd8ed7041132b78589588034208c944ac1dd Mon Sep 17 00:00:00 2001 From: Thierry Laurion Date: Sat, 25 Nov 2023 14:50:32 -0500 Subject: [PATCH 01/10] Tethering refresh for CDC NCM/CDC EEM mobile phones (tested on GrapheneOS Pixel 6a, no more RNDIS support) - Add additional requirements to linux config - Add additional CONFIG_MOBILE_TETHERING=y to all maximized board configs - Fix issue under network-recovery-init to NTP sync against NTP server pool - Extend network-recovery-init to first try NTP sync against DNS server returned by DHCP answer - Remove network-recovery-init earlytty and tty0 redirection (console should be setuped properly by init in all cases) - If CONFIG_MOBILE_TETHERING=y added to board config and network-recovery-init called, wait to user input on instructions and warning 30 secs before proceeding (non-blocking) - Machines having STATIC_IP under board config won't benefit of autoatic NTP sync Since network-recovery-init can only be called from recovery shell now, and recovery shell can be guarded by GPG auth, this is PoC code to be used to complement TOTP being out of sync TODO(Future PR): - Refactor into functions and reuse into TOTP/HOTP being out of sync automatically. Signed-off-by: Thierry Laurion --- ...UNTESTED_p8z77-m_pro-tpm1-maximized.config | 1 + .../UNTESTED_t520-hotp-maximized.config | 1 + .../UNTESTED_t520-maximized.config | 1 + .../UNTESTED_t530-dgpu-hotp-maximized.config | 1 + .../UNTESTED_t530-dgpu-maximized.config | 1 + .../UNTESTED_t530-hotp-maximized.config | 1 + .../UNTESTED_t530-maximized.config | 1 + ...TED_w530-dgpu-K1000m-hotp-maximized.config | 1 + ...UNTESTED_w530-dgpu-K1000m-maximized.config | 1 + ...TED_w530-dgpu-K2000m-hotp-maximized.config | 1 + ...UNTESTED_w530-dgpu-K2000m-maximized.config | 1 + .../t420-hotp-maximized.config | 1 + boards/t420-maximized/t420-maximized.config | 1 + .../t430-hotp-maximized.config | 1 + boards/t430-maximized/t430-maximized.config | 1 + boards/t440p-maximized/t440p-maximized.config | 1 + .../w530-hotp-maximized.config | 1 + boards/w530-maximized/w530-maximized.config | 1 + boards/w541-maximized/w541-maximized.config | 1 + .../x220-hotp-maximized.config | 1 + boards/x220-maximized/x220-maximized.config | 1 + .../x230-hotp-maximized-fhd_edp.config | 1 + .../x230-hotp-maximized.config | 1 + .../x230-hotp-maximized_usb-kb.config | 40 +++++- .../x230-maximized-fhd_edp.config | 1 + boards/x230-maximized/x230-maximized.config | 1 + .../z220-cmt-maximized.config | 1 + config/linux-c216.config | 44 ++++++- config/linux-t440p.config | 44 ++++++- config/linux-w541.config | 44 ++++++- config/linux-x230-maximized.config | 44 ++++++- initrd/bin/network-init-recovery | 120 ++++++++++++------ modules/linux | 7 + 33 files changed, 321 insertions(+), 48 deletions(-) diff --git a/boards/UNTESTED_p8z77-m_pro-tpm1-maximized/UNTESTED_p8z77-m_pro-tpm1-maximized.config b/boards/UNTESTED_p8z77-m_pro-tpm1-maximized/UNTESTED_p8z77-m_pro-tpm1-maximized.config index 2ac199768..220513091 100644 --- a/boards/UNTESTED_p8z77-m_pro-tpm1-maximized/UNTESTED_p8z77-m_pro-tpm1-maximized.config +++ b/boards/UNTESTED_p8z77-m_pro-tpm1-maximized/UNTESTED_p8z77-m_pro-tpm1-maximized.config @@ -65,6 +65,7 @@ CONFIG_CAIRO=y CONFIG_FBWHIPTAIL=y CONFIG_LINUX_USB=y +CONFIG_MOBILE_TETHERING=y export CONFIG_TPM=y export CONFIG_BOOTSCRIPT=/bin/gui-init diff --git a/boards/UNTESTED_t520-hotp-maximized/UNTESTED_t520-hotp-maximized.config b/boards/UNTESTED_t520-hotp-maximized/UNTESTED_t520-hotp-maximized.config index cd3752942..dc4a3c671 100644 --- a/boards/UNTESTED_t520-hotp-maximized/UNTESTED_t520-hotp-maximized.config +++ b/boards/UNTESTED_t520-hotp-maximized/UNTESTED_t520-hotp-maximized.config @@ -14,6 +14,7 @@ CONFIG_LINUX_CONFIG=config/linux-x230-maximized.config #Additional hardware support CONFIG_LINUX_USB=y CONFIG_LINUX_E1000E=y +CONFIG_MOBILE_TETHERING=y CONFIG_CRYPTSETUP=y CONFIG_FLASHROM=y diff --git a/boards/UNTESTED_t520-maximized/UNTESTED_t520-maximized.config b/boards/UNTESTED_t520-maximized/UNTESTED_t520-maximized.config index f23da0aa4..2edc71393 100644 --- a/boards/UNTESTED_t520-maximized/UNTESTED_t520-maximized.config +++ b/boards/UNTESTED_t520-maximized/UNTESTED_t520-maximized.config @@ -14,6 +14,7 @@ CONFIG_LINUX_CONFIG=config/linux-x230-maximized.config #Additional hardware support CONFIG_LINUX_USB=y CONFIG_LINUX_E1000E=y +CONFIG_MOBILE_TETHERING=y CONFIG_CRYPTSETUP=y CONFIG_FLASHROM=y diff --git a/boards/UNTESTED_t530-dgpu-hotp-maximized/UNTESTED_t530-dgpu-hotp-maximized.config b/boards/UNTESTED_t530-dgpu-hotp-maximized/UNTESTED_t530-dgpu-hotp-maximized.config index 2bee0e424..c0d3df922 100644 --- a/boards/UNTESTED_t530-dgpu-hotp-maximized/UNTESTED_t530-dgpu-hotp-maximized.config +++ b/boards/UNTESTED_t530-dgpu-hotp-maximized/UNTESTED_t530-dgpu-hotp-maximized.config @@ -17,6 +17,7 @@ CONFIG_LINUX_CONFIG=config/linux-x230-maximized.config #Additional hardware support CONFIG_LINUX_USB=y CONFIG_LINUX_E1000E=y +CONFIG_MOBILE_TETHERING=y CONFIG_CRYPTSETUP2=y CONFIG_FLASHROM=y diff --git a/boards/UNTESTED_t530-dgpu-maximized/UNTESTED_t530-dgpu-maximized.config b/boards/UNTESTED_t530-dgpu-maximized/UNTESTED_t530-dgpu-maximized.config index 9266ad803..420b455c3 100644 --- a/boards/UNTESTED_t530-dgpu-maximized/UNTESTED_t530-dgpu-maximized.config +++ b/boards/UNTESTED_t530-dgpu-maximized/UNTESTED_t530-dgpu-maximized.config @@ -17,6 +17,7 @@ CONFIG_LINUX_CONFIG=config/linux-x230-maximized.config #Additional hardware support CONFIG_LINUX_USB=y CONFIG_LINUX_E1000E=y +CONFIG_MOBILE_TETHERING=y CONFIG_CRYPTSETUP2=y CONFIG_FLASHROM=y diff --git a/boards/UNTESTED_t530-hotp-maximized/UNTESTED_t530-hotp-maximized.config b/boards/UNTESTED_t530-hotp-maximized/UNTESTED_t530-hotp-maximized.config index 2a4cb5a46..d8a027c7a 100644 --- a/boards/UNTESTED_t530-hotp-maximized/UNTESTED_t530-hotp-maximized.config +++ b/boards/UNTESTED_t530-hotp-maximized/UNTESTED_t530-hotp-maximized.config @@ -17,6 +17,7 @@ CONFIG_LINUX_CONFIG=config/linux-x230-maximized.config #Additional hardware support CONFIG_LINUX_USB=y CONFIG_LINUX_E1000E=y +CONFIG_MOBILE_TETHERING=y CONFIG_CRYPTSETUP2=y CONFIG_FLASHROM=y diff --git a/boards/UNTESTED_t530-maximized/UNTESTED_t530-maximized.config b/boards/UNTESTED_t530-maximized/UNTESTED_t530-maximized.config index 42eab8f3b..dc568db6d 100644 --- a/boards/UNTESTED_t530-maximized/UNTESTED_t530-maximized.config +++ b/boards/UNTESTED_t530-maximized/UNTESTED_t530-maximized.config @@ -17,6 +17,7 @@ CONFIG_LINUX_CONFIG=config/linux-x230-maximized.config #Additional hardware support CONFIG_LINUX_USB=y CONFIG_LINUX_E1000E=y +CONFIG_MOBILE_TETHERING=y CONFIG_CRYPTSETUP2=y CONFIG_FLASHROM=y diff --git a/boards/UNTESTED_w530-dgpu-K1000m-hotp-maximized/UNTESTED_w530-dgpu-K1000m-hotp-maximized.config b/boards/UNTESTED_w530-dgpu-K1000m-hotp-maximized/UNTESTED_w530-dgpu-K1000m-hotp-maximized.config index e008d6f59..7aeeff62a 100644 --- a/boards/UNTESTED_w530-dgpu-K1000m-hotp-maximized/UNTESTED_w530-dgpu-K1000m-hotp-maximized.config +++ b/boards/UNTESTED_w530-dgpu-K1000m-hotp-maximized/UNTESTED_w530-dgpu-K1000m-hotp-maximized.config @@ -17,6 +17,7 @@ CONFIG_LINUX_CONFIG=config/linux-x230-maximized.config #Additional hardware support CONFIG_LINUX_USB=y CONFIG_LINUX_E1000E=y +CONFIG_MOBILE_TETHERING=y CONFIG_CRYPTSETUP2=y CONFIG_FLASHROM=y diff --git a/boards/UNTESTED_w530-dgpu-K1000m-maximized/UNTESTED_w530-dgpu-K1000m-maximized.config b/boards/UNTESTED_w530-dgpu-K1000m-maximized/UNTESTED_w530-dgpu-K1000m-maximized.config index d913a4c11..851541367 100644 --- a/boards/UNTESTED_w530-dgpu-K1000m-maximized/UNTESTED_w530-dgpu-K1000m-maximized.config +++ b/boards/UNTESTED_w530-dgpu-K1000m-maximized/UNTESTED_w530-dgpu-K1000m-maximized.config @@ -17,6 +17,7 @@ CONFIG_LINUX_CONFIG=config/linux-x230-maximized.config #Additional hardware support CONFIG_LINUX_USB=y CONFIG_LINUX_E1000E=y +CONFIG_MOBILE_TETHERING=y CONFIG_CRYPTSETUP2=y CONFIG_FLASHROM=y diff --git a/boards/UNTESTED_w530-dgpu-K2000m-hotp-maximized/UNTESTED_w530-dgpu-K2000m-hotp-maximized.config b/boards/UNTESTED_w530-dgpu-K2000m-hotp-maximized/UNTESTED_w530-dgpu-K2000m-hotp-maximized.config index b006a12c9..72ffa9bce 100644 --- a/boards/UNTESTED_w530-dgpu-K2000m-hotp-maximized/UNTESTED_w530-dgpu-K2000m-hotp-maximized.config +++ b/boards/UNTESTED_w530-dgpu-K2000m-hotp-maximized/UNTESTED_w530-dgpu-K2000m-hotp-maximized.config @@ -17,6 +17,7 @@ CONFIG_LINUX_CONFIG=config/linux-x230-maximized.config #Additional hardware support CONFIG_LINUX_USB=y CONFIG_LINUX_E1000E=y +CONFIG_MOBILE_TETHERING=y CONFIG_CRYPTSETUP2=y CONFIG_FLASHROM=y diff --git a/boards/UNTESTED_w530-dgpu-K2000m-maximized/UNTESTED_w530-dgpu-K2000m-maximized.config b/boards/UNTESTED_w530-dgpu-K2000m-maximized/UNTESTED_w530-dgpu-K2000m-maximized.config index 4de99bc92..9cb1abcf2 100644 --- a/boards/UNTESTED_w530-dgpu-K2000m-maximized/UNTESTED_w530-dgpu-K2000m-maximized.config +++ b/boards/UNTESTED_w530-dgpu-K2000m-maximized/UNTESTED_w530-dgpu-K2000m-maximized.config @@ -17,6 +17,7 @@ CONFIG_LINUX_CONFIG=config/linux-x230-maximized.config #Additional hardware support CONFIG_LINUX_USB=y CONFIG_LINUX_E1000E=y +CONFIG_MOBILE_TETHERING=y CONFIG_CRYPTSETUP2=y CONFIG_FLASHROM=y diff --git a/boards/t420-hotp-maximized/t420-hotp-maximized.config b/boards/t420-hotp-maximized/t420-hotp-maximized.config index d248c8c3b..b9c0fae10 100644 --- a/boards/t420-hotp-maximized/t420-hotp-maximized.config +++ b/boards/t420-hotp-maximized/t420-hotp-maximized.config @@ -18,6 +18,7 @@ CONFIG_LINUX_CONFIG=config/linux-x230-maximized.config #Additional hardware support CONFIG_LINUX_USB=y CONFIG_LINUX_E1000E=y +CONFIG_MOBILE_TETHERING=y CONFIG_CRYPTSETUP2=y CONFIG_FLASHROM=y diff --git a/boards/t420-maximized/t420-maximized.config b/boards/t420-maximized/t420-maximized.config index 431079d4c..2b951c4ad 100644 --- a/boards/t420-maximized/t420-maximized.config +++ b/boards/t420-maximized/t420-maximized.config @@ -17,6 +17,7 @@ CONFIG_LINUX_CONFIG=config/linux-x230-maximized.config #Additional hardware support CONFIG_LINUX_USB=y CONFIG_LINUX_E1000E=y +CONFIG_MOBILE_TETHERING=y CONFIG_CRYPTSETUP2=y CONFIG_FLASHROM=y diff --git a/boards/t430-hotp-maximized/t430-hotp-maximized.config b/boards/t430-hotp-maximized/t430-hotp-maximized.config index 0a09feb11..3ae3140ef 100644 --- a/boards/t430-hotp-maximized/t430-hotp-maximized.config +++ b/boards/t430-hotp-maximized/t430-hotp-maximized.config @@ -16,6 +16,7 @@ CONFIG_LINUX_CONFIG=config/linux-x230-maximized.config #Additional hardware support CONFIG_LINUX_USB=y CONFIG_LINUX_E1000E=y +CONFIG_MOBILE_TETHERING=y CONFIG_CRYPTSETUP2=y CONFIG_FLASHROM=y diff --git a/boards/t430-maximized/t430-maximized.config b/boards/t430-maximized/t430-maximized.config index 8c2a5e132..7fbe36d81 100644 --- a/boards/t430-maximized/t430-maximized.config +++ b/boards/t430-maximized/t430-maximized.config @@ -16,6 +16,7 @@ CONFIG_LINUX_CONFIG=config/linux-x230-maximized.config #Additional hardware support CONFIG_LINUX_USB=y CONFIG_LINUX_E1000E=y +CONFIG_MOBILE_TETHERING=y CONFIG_CRYPTSETUP2=y CONFIG_FLASHROM=y diff --git a/boards/t440p-maximized/t440p-maximized.config b/boards/t440p-maximized/t440p-maximized.config index 4df8061d5..48929000d 100644 --- a/boards/t440p-maximized/t440p-maximized.config +++ b/boards/t440p-maximized/t440p-maximized.config @@ -31,6 +31,7 @@ CONFIG_CAIRO=y CONFIG_FBWHIPTAIL=y CONFIG_LINUX_USB=y +CONFIG_MOBILE_TETHERING=y export CONFIG_TPM=y export CONFIG_BOOTSCRIPT=/bin/gui-init diff --git a/boards/w530-hotp-maximized/w530-hotp-maximized.config b/boards/w530-hotp-maximized/w530-hotp-maximized.config index 76a6691a6..4b78c22ef 100644 --- a/boards/w530-hotp-maximized/w530-hotp-maximized.config +++ b/boards/w530-hotp-maximized/w530-hotp-maximized.config @@ -17,6 +17,7 @@ CONFIG_LINUX_CONFIG=config/linux-x230-maximized.config #Additional hardware support CONFIG_LINUX_USB=y CONFIG_LINUX_E1000E=y +CONFIG_MOBILE_TETHERING=y CONFIG_CRYPTSETUP2=y CONFIG_FLASHROM=y diff --git a/boards/w530-maximized/w530-maximized.config b/boards/w530-maximized/w530-maximized.config index f210e638e..f0adab5a8 100644 --- a/boards/w530-maximized/w530-maximized.config +++ b/boards/w530-maximized/w530-maximized.config @@ -17,6 +17,7 @@ CONFIG_LINUX_CONFIG=config/linux-x230-maximized.config #Additional hardware support CONFIG_LINUX_USB=y CONFIG_LINUX_E1000E=y +CONFIG_MOBILE_TETHERING=y CONFIG_CRYPTSETUP2=y CONFIG_FLASHROM=y diff --git a/boards/w541-maximized/w541-maximized.config b/boards/w541-maximized/w541-maximized.config index 60006edda..c0c56bc23 100644 --- a/boards/w541-maximized/w541-maximized.config +++ b/boards/w541-maximized/w541-maximized.config @@ -31,6 +31,7 @@ CONFIG_CAIRO=y CONFIG_FBWHIPTAIL=y CONFIG_LINUX_USB=y +CONFIG_MOBILE_TETHERING=y export CONFIG_TPM=y export CONFIG_BOOTSCRIPT=/bin/gui-init diff --git a/boards/x220-hotp-maximized/x220-hotp-maximized.config b/boards/x220-hotp-maximized/x220-hotp-maximized.config index 905da3c27..dc583c8e2 100644 --- a/boards/x220-hotp-maximized/x220-hotp-maximized.config +++ b/boards/x220-hotp-maximized/x220-hotp-maximized.config @@ -18,6 +18,7 @@ CONFIG_LINUX_CONFIG=config/linux-x230-maximized.config #Additional hardware support CONFIG_LINUX_USB=y CONFIG_LINUX_E1000E=y +CONFIG_MOBILE_TETHERING=y CONFIG_CRYPTSETUP2=y CONFIG_FLASHROM=y diff --git a/boards/x220-maximized/x220-maximized.config b/boards/x220-maximized/x220-maximized.config index abbfd0c8f..4d5490815 100644 --- a/boards/x220-maximized/x220-maximized.config +++ b/boards/x220-maximized/x220-maximized.config @@ -18,6 +18,7 @@ CONFIG_LINUX_CONFIG=config/linux-x230-maximized.config #Additional hardware support CONFIG_LINUX_USB=y CONFIG_LINUX_E1000E=y +CONFIG_MOBILE_TETHERING=y CONFIG_CRYPTSETUP2=y CONFIG_FLASHROM=y diff --git a/boards/x230-hotp-maximized-fhd_edp/x230-hotp-maximized-fhd_edp.config b/boards/x230-hotp-maximized-fhd_edp/x230-hotp-maximized-fhd_edp.config index 2f68545fd..de6311540 100644 --- a/boards/x230-hotp-maximized-fhd_edp/x230-hotp-maximized-fhd_edp.config +++ b/boards/x230-hotp-maximized-fhd_edp/x230-hotp-maximized-fhd_edp.config @@ -28,6 +28,7 @@ CONFIG_LINUX_CONFIG=config/linux-x230-maximized.config #Additional hardware support CONFIG_LINUX_USB=y CONFIG_LINUX_E1000E=y +CONFIG_MOBILE_TETHERING=y CONFIG_CRYPTSETUP2=y CONFIG_FLASHROM=y diff --git a/boards/x230-hotp-maximized/x230-hotp-maximized.config b/boards/x230-hotp-maximized/x230-hotp-maximized.config index 040d99905..1ae2225da 100644 --- a/boards/x230-hotp-maximized/x230-hotp-maximized.config +++ b/boards/x230-hotp-maximized/x230-hotp-maximized.config @@ -20,6 +20,7 @@ CONFIG_LINUX_CONFIG=config/linux-x230-maximized.config #Additional hardware support CONFIG_LINUX_USB=y CONFIG_LINUX_E1000E=y +CONFIG_MOBILE_TETHERING=y CONFIG_CRYPTSETUP2=y CONFIG_FLASHROM=y diff --git a/boards/x230-hotp-maximized_usb-kb/x230-hotp-maximized_usb-kb.config b/boards/x230-hotp-maximized_usb-kb/x230-hotp-maximized_usb-kb.config index a2e616600..811ecda6c 100644 --- a/boards/x230-hotp-maximized_usb-kb/x230-hotp-maximized_usb-kb.config +++ b/boards/x230-hotp-maximized_usb-kb/x230-hotp-maximized_usb-kb.config @@ -18,6 +18,9 @@ CONFIG_LINUX_CONFIG=config/linux-x230-maximized.config #Additional hardware support CONFIG_LINUX_USB=y CONFIG_LINUX_E1000E=y +CONFIG_MOBILE_TETHERING=y + +#Additional features export CONFIG_USB_KEYBOARD_REQUIRED=y CONFIG_CRYPTSETUP2=y @@ -44,7 +47,6 @@ CONFIG_TPMTOTP=y #HOTP based remote attestation for supported USB Security dongle #With/Without TPM support CONFIG_HOTPKEY=y -export CONFIG_AUTO_BOOT_TIMEOUT=5 #Nitrokey Storage admin tool CONFIG_NKSTORECLI=n @@ -64,14 +66,38 @@ CONFIG_DROPBEAR=y export CONFIG_BOOTSCRIPT=/bin/gui-init export CONFIG_BOOT_REQ_HASH=n export CONFIG_BOOT_REQ_ROLLBACK=n -export CONFIG_BOOT_KERNEL_ADD="" -export CONFIG_BOOT_KERNEL_REMOVE="intel_iommu=on intel_iommu=igfx_off" +export CONFIG_BOOT_KERNEL_ADD="intel_iommu=on intel_iommu=igfx_off" +export CONFIG_BOOT_KERNEL_REMOVE="quiet" export CONFIG_BOOT_DEV="/dev/sda1" export CONFIG_BOARD_NAME="Thinkpad X230-hotp-maximized_usb-kb" export CONFIG_FLASHROM_OPTIONS="--force --noverify-all -p internal" -#Include bits related to ivybridge ME blob download/neutering down to BUP+ROMP -BOARD_TARGETS := xx30_me_blobs +# xx30-*-maximized boards require of you initially call one of the +# following to have gbe.bin ifd.bin and me.bin +# - blobs/xx30/download_clean_me.sh +# To download Lenovo original ME binary, neuter+deactivate ME, produce +# reduced IFD ME region and expanded BIOS IFD region. +# - blobs/xx30/extract.sh +# To extract from backuped 8M (bottom SPI) ME binary, GBE and IFD blobs. +# +# This board has two SPI flash chips, an 8 MB that holds the IFD, +# the ME image and part of the coreboot image, and a 4 MB one that +# has the rest of the coreboot and the reset vector. +# +# As a consequence, this replaces the need of having to flash x230-flash +# and expands available CBFS region (11.5Mb available CBFS space) +# +# When flashing via an external programmer it is easiest to have +# two separate files for these pieces. +all: $(board_build)/$(CB_OUTPUT_FILE) + @sha256sum $@ | tee -a "$(HASHES)" + +all: $(board_build)/heads-$(BOARD)-$(HEADS_GIT_VERSION)-bottom.rom +$(board_build)/heads-$(BOARD)-$(HEADS_GIT_VERSION)-bottom.rom: $(board_build)/$(CB_OUTPUT_FILE) + $(call do,DD 8MB,$@,dd of=$@ if=$< bs=65536 count=128 skip=0 status=none) + @sha256sum $@ | tee -a "$(HASHES)" -# Generate split 4MB top / 8MB bottom ROMs -BOARD_TARGETS += split_8mb4mb +all: $(board_build)/heads-$(BOARD)-$(HEADS_GIT_VERSION)-top.rom +$(board_build)/heads-$(BOARD)-$(HEADS_GIT_VERSION)-top.rom: $(board_build)/$(CB_OUTPUT_FILE) + $(call do,DD 4MB,$@,dd of=$@ if=$< bs=65536 count=64 skip=128 status=none) + @sha256sum $@ | tee -a "$(HASHES)" diff --git a/boards/x230-maximized-fhd_edp/x230-maximized-fhd_edp.config b/boards/x230-maximized-fhd_edp/x230-maximized-fhd_edp.config index 938e96c7e..f13767766 100644 --- a/boards/x230-maximized-fhd_edp/x230-maximized-fhd_edp.config +++ b/boards/x230-maximized-fhd_edp/x230-maximized-fhd_edp.config @@ -28,6 +28,7 @@ CONFIG_LINUX_CONFIG=config/linux-x230-maximized.config #Additional hardware support CONFIG_LINUX_USB=y CONFIG_LINUX_E1000E=y +CONFIG_MOBILE_TETHERING=y CONFIG_CRYPTSETUP2=y CONFIG_FLASHROM=y diff --git a/boards/x230-maximized/x230-maximized.config b/boards/x230-maximized/x230-maximized.config index 58a81476d..11da6fd55 100644 --- a/boards/x230-maximized/x230-maximized.config +++ b/boards/x230-maximized/x230-maximized.config @@ -20,6 +20,7 @@ CONFIG_LINUX_CONFIG=config/linux-x230-maximized.config #Additional hardware support CONFIG_LINUX_USB=y CONFIG_LINUX_E1000E=y +CONFIG_MOBILE_TETHERING=y CONFIG_CRYPTSETUP2=y CONFIG_FLASHROM=y diff --git a/boards/z220-cmt-maximized/z220-cmt-maximized.config b/boards/z220-cmt-maximized/z220-cmt-maximized.config index 6a62f851a..7a9cfec82 100644 --- a/boards/z220-cmt-maximized/z220-cmt-maximized.config +++ b/boards/z220-cmt-maximized/z220-cmt-maximized.config @@ -51,6 +51,7 @@ CONFIG_CAIRO=y CONFIG_FBWHIPTAIL=y CONFIG_LINUX_USB=y +CONFIG_MOBILE_TETHERING=y export CONFIG_TPM=y export CONFIG_BOOTSCRIPT=/bin/gui-init diff --git a/config/linux-c216.config b/config/linux-c216.config index 68383a4f8..252a7a65f 100644 --- a/config/linux-c216.config +++ b/config/linux-c216.config @@ -1141,6 +1141,7 @@ CONFIG_DM_VERITY_FEC=y # CONFIG_MACINTOSH_DRIVERS is not set CONFIG_NETDEVICES=y +CONFIG_MII=m CONFIG_NET_CORE=y # CONFIG_BONDING is not set # CONFIG_DUMMY is not set @@ -1262,7 +1263,48 @@ CONFIG_E1000E_HWTS=y # CONFIG_PPP is not set # CONFIG_SLIP is not set -# CONFIG_USB_NET_DRIVERS is not set +CONFIG_USB_NET_DRIVERS=m +# CONFIG_USB_CATC is not set +# CONFIG_USB_KAWETH is not set +# CONFIG_USB_PEGASUS is not set +# CONFIG_USB_RTL8150 is not set +# CONFIG_USB_RTL8152 is not set +# CONFIG_USB_LAN78XX is not set +CONFIG_USB_USBNET=m +# CONFIG_USB_NET_AX8817X is not set +# CONFIG_USB_NET_AX88179_178A is not set +CONFIG_USB_NET_CDCETHER=m +CONFIG_USB_NET_CDC_EEM=m +CONFIG_USB_NET_CDC_NCM=m +# CONFIG_USB_NET_HUAWEI_CDC_NCM is not set +# CONFIG_USB_NET_CDC_MBIM is not set +# CONFIG_USB_NET_DM9601 is not set +# CONFIG_USB_NET_SR9700 is not set +# CONFIG_USB_NET_SR9800 is not set +# CONFIG_USB_NET_SMSC75XX is not set +# CONFIG_USB_NET_SMSC95XX is not set +# CONFIG_USB_NET_GL620A is not set +# CONFIG_USB_NET_NET1080 is not set +# CONFIG_USB_NET_PLUSB is not set +# CONFIG_USB_NET_MCS7830 is not set +# CONFIG_USB_NET_RNDIS_HOST is not set +CONFIG_USB_NET_CDC_SUBSET=m +# CONFIG_USB_ALI_M5632 is not set +# CONFIG_USB_AN2720 is not set +# CONFIG_USB_BELKIN is not set +# CONFIG_USB_ARMLINUX is not set +# CONFIG_USB_EPSON2888 is not set +# CONFIG_USB_KC2190 is not set +# CONFIG_USB_NET_ZAURUS is not set +# CONFIG_USB_NET_CX82310_ETH is not set +# CONFIG_USB_NET_KALMIA is not set +# CONFIG_USB_NET_QMI_WWAN is not set +# CONFIG_USB_NET_INT51X1 is not set +# CONFIG_USB_IPHETH is not set +# CONFIG_USB_SIERRA_NET is not set +# CONFIG_USB_VL600 is not set +# CONFIG_USB_NET_CH9200 is not set +# CONFIG_USB_NET_AQC111 is not set # CONFIG_WLAN is not set # diff --git a/config/linux-t440p.config b/config/linux-t440p.config index fd144e3e0..7e520b220 100644 --- a/config/linux-t440p.config +++ b/config/linux-t440p.config @@ -1195,6 +1195,7 @@ CONFIG_DM_VERITY_FEC=y # CONFIG_MACINTOSH_DRIVERS is not set CONFIG_NETDEVICES=y +CONFIG_MII=m CONFIG_NET_CORE=y # CONFIG_BONDING is not set # CONFIG_DUMMY is not set @@ -1316,7 +1317,48 @@ CONFIG_E1000E_HWTS=y # CONFIG_PPP is not set # CONFIG_SLIP is not set -# CONFIG_USB_NET_DRIVERS is not set +CONFIG_USB_NET_DRIVERS=m +# CONFIG_USB_CATC is not set +# CONFIG_USB_KAWETH is not set +# CONFIG_USB_PEGASUS is not set +# CONFIG_USB_RTL8150 is not set +# CONFIG_USB_RTL8152 is not set +# CONFIG_USB_LAN78XX is not set +CONFIG_USB_USBNET=m +# CONFIG_USB_NET_AX8817X is not set +# CONFIG_USB_NET_AX88179_178A is not set +CONFIG_USB_NET_CDCETHER=m +CONFIG_USB_NET_CDC_EEM=m +CONFIG_USB_NET_CDC_NCM=m +# CONFIG_USB_NET_HUAWEI_CDC_NCM is not set +# CONFIG_USB_NET_CDC_MBIM is not set +# CONFIG_USB_NET_DM9601 is not set +# CONFIG_USB_NET_SR9700 is not set +# CONFIG_USB_NET_SR9800 is not set +# CONFIG_USB_NET_SMSC75XX is not set +# CONFIG_USB_NET_SMSC95XX is not set +# CONFIG_USB_NET_GL620A is not set +# CONFIG_USB_NET_NET1080 is not set +# CONFIG_USB_NET_PLUSB is not set +# CONFIG_USB_NET_MCS7830 is not set +# CONFIG_USB_NET_RNDIS_HOST is not set +CONFIG_USB_NET_CDC_SUBSET=m +# CONFIG_USB_ALI_M5632 is not set +# CONFIG_USB_AN2720 is not set +# CONFIG_USB_BELKIN is not set +# CONFIG_USB_ARMLINUX is not set +# CONFIG_USB_EPSON2888 is not set +# CONFIG_USB_KC2190 is not set +# CONFIG_USB_NET_ZAURUS is not set +# CONFIG_USB_NET_CX82310_ETH is not set +# CONFIG_USB_NET_KALMIA is not set +# CONFIG_USB_NET_QMI_WWAN is not set +# CONFIG_USB_NET_INT51X1 is not set +# CONFIG_USB_IPHETH is not set +# CONFIG_USB_SIERRA_NET is not set +# CONFIG_USB_VL600 is not set +# CONFIG_USB_NET_CH9200 is not set +# CONFIG_USB_NET_AQC111 is not set # CONFIG_WLAN is not set # diff --git a/config/linux-w541.config b/config/linux-w541.config index fd144e3e0..7e520b220 100644 --- a/config/linux-w541.config +++ b/config/linux-w541.config @@ -1195,6 +1195,7 @@ CONFIG_DM_VERITY_FEC=y # CONFIG_MACINTOSH_DRIVERS is not set CONFIG_NETDEVICES=y +CONFIG_MII=m CONFIG_NET_CORE=y # CONFIG_BONDING is not set # CONFIG_DUMMY is not set @@ -1316,7 +1317,48 @@ CONFIG_E1000E_HWTS=y # CONFIG_PPP is not set # CONFIG_SLIP is not set -# CONFIG_USB_NET_DRIVERS is not set +CONFIG_USB_NET_DRIVERS=m +# CONFIG_USB_CATC is not set +# CONFIG_USB_KAWETH is not set +# CONFIG_USB_PEGASUS is not set +# CONFIG_USB_RTL8150 is not set +# CONFIG_USB_RTL8152 is not set +# CONFIG_USB_LAN78XX is not set +CONFIG_USB_USBNET=m +# CONFIG_USB_NET_AX8817X is not set +# CONFIG_USB_NET_AX88179_178A is not set +CONFIG_USB_NET_CDCETHER=m +CONFIG_USB_NET_CDC_EEM=m +CONFIG_USB_NET_CDC_NCM=m +# CONFIG_USB_NET_HUAWEI_CDC_NCM is not set +# CONFIG_USB_NET_CDC_MBIM is not set +# CONFIG_USB_NET_DM9601 is not set +# CONFIG_USB_NET_SR9700 is not set +# CONFIG_USB_NET_SR9800 is not set +# CONFIG_USB_NET_SMSC75XX is not set +# CONFIG_USB_NET_SMSC95XX is not set +# CONFIG_USB_NET_GL620A is not set +# CONFIG_USB_NET_NET1080 is not set +# CONFIG_USB_NET_PLUSB is not set +# CONFIG_USB_NET_MCS7830 is not set +# CONFIG_USB_NET_RNDIS_HOST is not set +CONFIG_USB_NET_CDC_SUBSET=m +# CONFIG_USB_ALI_M5632 is not set +# CONFIG_USB_AN2720 is not set +# CONFIG_USB_BELKIN is not set +# CONFIG_USB_ARMLINUX is not set +# CONFIG_USB_EPSON2888 is not set +# CONFIG_USB_KC2190 is not set +# CONFIG_USB_NET_ZAURUS is not set +# CONFIG_USB_NET_CX82310_ETH is not set +# CONFIG_USB_NET_KALMIA is not set +# CONFIG_USB_NET_QMI_WWAN is not set +# CONFIG_USB_NET_INT51X1 is not set +# CONFIG_USB_IPHETH is not set +# CONFIG_USB_SIERRA_NET is not set +# CONFIG_USB_VL600 is not set +# CONFIG_USB_NET_CH9200 is not set +# CONFIG_USB_NET_AQC111 is not set # CONFIG_WLAN is not set # diff --git a/config/linux-x230-maximized.config b/config/linux-x230-maximized.config index b2e2d1df1..b408cd0e5 100644 --- a/config/linux-x230-maximized.config +++ b/config/linux-x230-maximized.config @@ -1138,6 +1138,7 @@ CONFIG_DM_VERITY_FEC=y # CONFIG_MACINTOSH_DRIVERS is not set CONFIG_NETDEVICES=y +CONFIG_MII=m CONFIG_NET_CORE=y # CONFIG_BONDING is not set # CONFIG_DUMMY is not set @@ -1259,7 +1260,48 @@ CONFIG_E1000E_HWTS=y # CONFIG_PPP is not set # CONFIG_SLIP is not set -# CONFIG_USB_NET_DRIVERS is not set +CONFIG_USB_NET_DRIVERS=m +# CONFIG_USB_CATC is not set +# CONFIG_USB_KAWETH is not set +# CONFIG_USB_PEGASUS is not set +# CONFIG_USB_RTL8150 is not set +# CONFIG_USB_RTL8152 is not set +# CONFIG_USB_LAN78XX is not set +CONFIG_USB_USBNET=m +# CONFIG_USB_NET_AX8817X is not set +# CONFIG_USB_NET_AX88179_178A is not set +CONFIG_USB_NET_CDCETHER=m +CONFIG_USB_NET_CDC_EEM=m +CONFIG_USB_NET_CDC_NCM=m +# CONFIG_USB_NET_HUAWEI_CDC_NCM is not set +# CONFIG_USB_NET_CDC_MBIM is not set +# CONFIG_USB_NET_DM9601 is not set +# CONFIG_USB_NET_SR9700 is not set +# CONFIG_USB_NET_SR9800 is not set +# CONFIG_USB_NET_SMSC75XX is not set +# CONFIG_USB_NET_SMSC95XX is not set +# CONFIG_USB_NET_GL620A is not set +# CONFIG_USB_NET_NET1080 is not set +# CONFIG_USB_NET_PLUSB is not set +# CONFIG_USB_NET_MCS7830 is not set +# CONFIG_USB_NET_RNDIS_HOST is not set +CONFIG_USB_NET_CDC_SUBSET=m +# CONFIG_USB_ALI_M5632 is not set +# CONFIG_USB_AN2720 is not set +# CONFIG_USB_BELKIN is not set +# CONFIG_USB_ARMLINUX is not set +# CONFIG_USB_EPSON2888 is not set +# CONFIG_USB_KC2190 is not set +# CONFIG_USB_NET_ZAURUS is not set +# CONFIG_USB_NET_CX82310_ETH is not set +# CONFIG_USB_NET_KALMIA is not set +# CONFIG_USB_NET_QMI_WWAN is not set +# CONFIG_USB_NET_INT51X1 is not set +# CONFIG_USB_IPHETH is not set +# CONFIG_USB_SIERRA_NET is not set +# CONFIG_USB_VL600 is not set +# CONFIG_USB_NET_CH9200 is not set +# CONFIG_USB_NET_AQC111 is not set # CONFIG_WLAN is not set # diff --git a/initrd/bin/network-init-recovery b/initrd/bin/network-init-recovery index d952d1759..ed430f018 100755 --- a/initrd/bin/network-init-recovery +++ b/initrd/bin/network-init-recovery @@ -4,58 +4,104 @@ TRACE_FUNC -# bring up the ethernet; maybe should do DHCP? +# bring up the ethernet interface ifconfig lo 127.0.0.1 +echo "Loading Ethernet network modules..." network_modules="e1000 e1000e igb sfc mdio mlx4_core mlx4_en" -for module in `echo $network_modules`; do +for module in $(echo $network_modules); do if [ -f /lib/modules/$module.ko ]; then - insmod /lib/modules/$module.ko + #check if module is already loaded and load it if not + lsmod | grep -q $module || insmod /lib/modules/$module.ko fi done -if [ -e /sys/class/net/eth0 ]; then +#Tethering over USB for Mobile phones supporting CDC (Android Pixel 6a+, Librem phone, etc.) +if [ -e /lib/modules/cdc_ether.ko ]; then + #first enable USB controllers + enable_usb + echo "" + echo "Please verify that your mobile (CDC NCM/EEM tethering compatible phone) is networked in the desired way (WIFI/mobile + VPN/Orbot/etc)" + echo "Please connect mobile phone to this machine's fast USB port (blue identified) through a known working data cable" + echo "Please enable USB tethering prior of going further (Android: select 'Charging this device via USB' notification and enable tethering option)" + read -p "Press Enter to continue now or wait 30 seconds..." -n 1 -r -t 30 + + network_modules="mii usbnet cdc_ether cdc_ncm cdc_eem" + echo "Loading USB tethering network related modules: $network_modules..." + for module in $(echo $network_modules); do + if [ -f /lib/modules/$module.ko ]; then + #check if module is already loaded and load it if not + lsmod | grep -q $module || insmod /lib/modules/$module.ko + fi + done + if ! [ -e /sys/class/net/usb0 ]; then + echo "" + echo "Tethering USB network interface was NOT detected with loaded kernel modules : $network_modules" + echo "Please check your phone's linux drivers requirements" + echo "Note that RNDIS kernel module inclusion was discussed and rejected due to security implications and planned deprecation under Linux kernel altogether" + echo "CDC NCM/CDC EEM support is known to be available on a majority of Android/GrapheneOS as well as Librem phones" + echo "Non-exhaustive exeptions: Pixel 4a* known to only tether over RNDIS and won't be supported" + echo "Apple phones won't be supported due to size and complexity of the drivers and toolstack required to support tethering" + read -p "Press Enter to continue now or wait 30 seconds..." -n 1 -r -t 30 + fi +fi + +if [ -e /sys/class/net/usb0 ]; then + dev=usb0 + echo "USB tethering network interface detected as $dev" +elif [ -e /sys/class/net/eth0 ]; then + dev=eth0 + echo "Ethernet network interface detected as $dev" #Randomize eth0 MAC address of maximized boards if echo "$CONFIG_BOARD" | grep -q maximized; then - ifconfig eth0 down - echo "Generating random MAC address (might take a while)..." + ifconfig $dev down + echo "Generating random MAC address..." mac=$(generate_random_mac_address) echo "Assigning randomly generated MAC: $mac to eth0..." - ifconfig eth0 hw ether $mac - ifconfig eth0 up + ifconfig $dev hw ether $mac + echo "Bringing up $dev... Connect a network cable to the $dev port and make sure status LEDs are on" + ifconfig $dev up fi +fi - # Set up static IP - if [ ! -z "$CONFIG_BOOT_STATIC_IP" ]; then - ifconfig eth0 $CONFIG_BOOT_STATIC_IP - #Get ip from DHCP - elif [ -e /sbin/udhcpc ];then - if udhcpc -T 1 -q; then - if [ -e /sbin/ntpd ]; then - DNS_SERVER=$(grep nameserver /etc/resolv.conf|awk -F " " {'print $2'}) - killall ntpd 2&>1 > /dev/null - if ! ntpd -d -N -n -q -p $DNS_SERVER > /dev/ttyprintk; then - if ! ntpd -d -d -N -n -q -p ntp.pool.org> /dev/ttyprintk; then - echo "NTP sync unsuccessful." > /dev/tty0 - fi +# Set up static IP +if [ ! -z "$CONFIG_BOOT_STATIC_IP" ]; then + echo "Setting static IP: $CONFIG_BOOT_STATIC_IP" + ifconfig $dev $CONFIG_BOOT_STATIC_IP + echo "No NTP sync with static IP: no DNS server nor gateway defined, set time manually" +elif [ -e /sbin/udhcpc ]; then + echo "Getting IP from first DHCP server answering. This may take a while..." + if udhcpc -T 1 -i $dev -q; then + if [ -e /sbin/ntpd ]; then + DNS_SERVER=$(grep nameserver /etc/resolv.conf | awk -F " " {'print $2'}) + killall ntpd 2 &>1 >/dev/null + echo "Attempting to sync time with NTP server: $DNS_SERVER..." + if ! ntpd -d -N -n -q -p $DNS_SERVER; then + echo "NTP sync unsuccessful with DNS server" + echo "Attempting NTP time sync with pool.ntp.org..." + if ! ntpd -d -d -N -n -q -p pool.ntp.org; then + echo "NTP sync unsuccessful." + else + echo "NTP time sync successful." fi - hwclock -w - echo "" > /dev/tty0 - date=`date "+%Y-%m-%d %H:%M:%S %Z"` - echo "Time: $date" > /dev/tty0 fi - fi - fi - - ifconfig eth0 > /dev/ttyprintk - - if [ -e /bin/dropbear ]; then - # Set up the ssh server, allow root logins and log to stderr - if [ ! -d /etc/dropbear ]; then - mkdir /etc/dropbear + echo "Syncing hardware clock with system time in UTC/GMT timezone... NOT LOCAL TIMEZONE!" + hwclock -w + echo "" + date=$(date "+%Y-%m-%d %H:%M:%S %Z") + echo "Time: $date" fi - dropbear -B -R 2>/dev/ttyprintk fi - echo "" > /dev/tty0 - ifconfig eth0 | head -2 > /dev/tty0 fi + +if [ -e /bin/dropbear ]; then + # Set up the ssh server, allow root logins and log to stderr + if [ ! -d /etc/dropbear ]; then + mkdir /etc/dropbear + fi + echo "Starting dropbear ssh server..." + dropbear -B -R +fi +echo "" +echo "Network setup complete:" +ifconfig diff --git a/modules/linux b/modules/linux index 07b592a10..ea08916d9 100644 --- a/modules/linux +++ b/modules/linux @@ -125,6 +125,13 @@ linux_modules-$(CONFIG_LINUX_USB) += drivers/usb/storage/usb-storage.ko #USB modules when a USB keyboard is defined in board config linux_modules-$(CONFIG_SUPPORT_USB_KEYBOARD) += drivers/hid/usbhid/usbhid.ko +#USB modules for Mobile USB Tethering (Most Android phones, Librem phone, etc) +linux_modules-$(CONFIG_MOBILE_TETHERING) += drivers/net/mii.ko +linux_modules-$(CONFIG_MOBILE_TETHERING) += drivers/net/usb/usbnet.ko +linux_modules-$(CONFIG_MOBILE_TETHERING) += drivers/net/usb/cdc_ether.ko +linux_modules-$(CONFIG_MOBILE_TETHERING) += drivers/net/usb/cdc_ncm.ko +linux_modules-$(CONFIG_MOBILE_TETHERING) += drivers/net/usb/cdc_eem.ko + # NVMe driver for winterfell and other servers linux_modules-$(CONFIG_LINUX_NVME) += drivers/nvme/host/nvme.ko linux_modules-$(CONFIG_LINUX_NVME) += drivers/nvme/host/nvme-core.ko From 9b69f1b66a29ea90045eabe1d679994810beb17a Mon Sep 17 00:00:00 2001 From: Thierry Laurion Date: Wed, 21 Feb 2024 11:55:23 -0500 Subject: [PATCH 02/10] boards/x230-hotp-maximized_usb-kb/x230-hotp-maximized_usb-kb.config: unify with x230-hotp-maximized Signed-off-by: Thierry Laurion --- .../x230-hotp-maximized_usb-kb.config | 41 +++++-------------- 1 file changed, 11 insertions(+), 30 deletions(-) diff --git a/boards/x230-hotp-maximized_usb-kb/x230-hotp-maximized_usb-kb.config b/boards/x230-hotp-maximized_usb-kb/x230-hotp-maximized_usb-kb.config index 811ecda6c..5bdcfdbe9 100644 --- a/boards/x230-hotp-maximized_usb-kb/x230-hotp-maximized_usb-kb.config +++ b/boards/x230-hotp-maximized_usb-kb/x230-hotp-maximized_usb-kb.config @@ -15,6 +15,10 @@ export CONFIG_LINUX_VERSION=5.10.5 CONFIG_COREBOOT_CONFIG=config/coreboot-x230-maximized.config CONFIG_LINUX_CONFIG=config/linux-x230-maximized.config +#Enable DEBUG output +#export CONFIG_DEBUG_OUTPUT=y +#export CONFIG_ENABLE_FUNCTION_TRACING_OUTPUT=y + #Additional hardware support CONFIG_LINUX_USB=y CONFIG_LINUX_E1000E=y @@ -47,6 +51,7 @@ CONFIG_TPMTOTP=y #HOTP based remote attestation for supported USB Security dongle #With/Without TPM support CONFIG_HOTPKEY=y +export CONFIG_AUTO_BOOT_TIMEOUT=5 #Nitrokey Storage admin tool CONFIG_NKSTORECLI=n @@ -66,38 +71,14 @@ CONFIG_DROPBEAR=y export CONFIG_BOOTSCRIPT=/bin/gui-init export CONFIG_BOOT_REQ_HASH=n export CONFIG_BOOT_REQ_ROLLBACK=n -export CONFIG_BOOT_KERNEL_ADD="intel_iommu=on intel_iommu=igfx_off" -export CONFIG_BOOT_KERNEL_REMOVE="quiet" +export CONFIG_BOOT_KERNEL_ADD="" +export CONFIG_BOOT_KERNEL_REMOVE="intel_iommu=on intel_iommu=igfx_off" export CONFIG_BOOT_DEV="/dev/sda1" export CONFIG_BOARD_NAME="Thinkpad X230-hotp-maximized_usb-kb" export CONFIG_FLASHROM_OPTIONS="--force --noverify-all -p internal" -# xx30-*-maximized boards require of you initially call one of the -# following to have gbe.bin ifd.bin and me.bin -# - blobs/xx30/download_clean_me.sh -# To download Lenovo original ME binary, neuter+deactivate ME, produce -# reduced IFD ME region and expanded BIOS IFD region. -# - blobs/xx30/extract.sh -# To extract from backuped 8M (bottom SPI) ME binary, GBE and IFD blobs. -# -# This board has two SPI flash chips, an 8 MB that holds the IFD, -# the ME image and part of the coreboot image, and a 4 MB one that -# has the rest of the coreboot and the reset vector. -# -# As a consequence, this replaces the need of having to flash x230-flash -# and expands available CBFS region (11.5Mb available CBFS space) -# -# When flashing via an external programmer it is easiest to have -# two separate files for these pieces. -all: $(board_build)/$(CB_OUTPUT_FILE) - @sha256sum $@ | tee -a "$(HASHES)" - -all: $(board_build)/heads-$(BOARD)-$(HEADS_GIT_VERSION)-bottom.rom -$(board_build)/heads-$(BOARD)-$(HEADS_GIT_VERSION)-bottom.rom: $(board_build)/$(CB_OUTPUT_FILE) - $(call do,DD 8MB,$@,dd of=$@ if=$< bs=65536 count=128 skip=0 status=none) - @sha256sum $@ | tee -a "$(HASHES)" +#Include bits related to ivybridge ME blob download/neutering down to BUP+ROMP +BOARD_TARGETS := xx30_me_blobs -all: $(board_build)/heads-$(BOARD)-$(HEADS_GIT_VERSION)-top.rom -$(board_build)/heads-$(BOARD)-$(HEADS_GIT_VERSION)-top.rom: $(board_build)/$(CB_OUTPUT_FILE) - $(call do,DD 4MB,$@,dd of=$@ if=$< bs=65536 count=64 skip=128 status=none) - @sha256sum $@ | tee -a "$(HASHES)" +# Generate split 4MB top / 8MB bottom ROMs +BOARD_TARGETS += split_8mb4mb From 65f0b905f6e4d9a0ee6c3609b44009867cf906f4 Mon Sep 17 00:00:00 2001 From: Jonathon Hall Date: Thu, 22 Feb 2024 10:11:21 -0500 Subject: [PATCH 03/10] boards/librem*, config/linux-librem*: Enable mobile tethering Enable mobile tethering on all Librem boards. Signed-off-by: Jonathon Hall --- boards/librem_11/librem_11.config | 1 + boards/librem_13v2/librem_13v2.config | 1 + boards/librem_13v4/librem_13v4.config | 1 + boards/librem_14/librem_14.config | 1 + boards/librem_15v3/librem_15v3.config | 1 + boards/librem_15v4/librem_15v4.config | 1 + boards/librem_l1um/librem_l1um.config | 1 + boards/librem_l1um_v2/librem_l1um_v2.config | 1 + boards/librem_mini/librem_mini.config | 1 + boards/librem_mini_v2/librem_mini_v2.config | 1 + config/linux-librem_common-6.1.8.config | 45 +++++++++++++++++++- config/linux-librem_common.config | 46 ++++++++++++++++++++- 12 files changed, 98 insertions(+), 3 deletions(-) diff --git a/boards/librem_11/librem_11.config b/boards/librem_11/librem_11.config index 75de0ed54..63025aff3 100644 --- a/boards/librem_11/librem_11.config +++ b/boards/librem_11/librem_11.config @@ -26,6 +26,7 @@ CONFIG_FBWHIPTAIL=y CONFIG_HOTPKEY=y CONFIG_LINUX_USB=y +CONFIG_MOBILE_TETHERING=y export CONFIG_TPM=n diff --git a/boards/librem_13v2/librem_13v2.config b/boards/librem_13v2/librem_13v2.config index f6d44990f..835831aad 100644 --- a/boards/librem_13v2/librem_13v2.config +++ b/boards/librem_13v2/librem_13v2.config @@ -26,6 +26,7 @@ CONFIG_FBWHIPTAIL=y CONFIG_HOTPKEY=y CONFIG_LINUX_USB=y +CONFIG_MOBILE_TETHERING=y export CONFIG_SUPPORT_USB_KEYBOARD=y export CONFIG_TPM=y diff --git a/boards/librem_13v4/librem_13v4.config b/boards/librem_13v4/librem_13v4.config index f92c249a7..afded52a7 100644 --- a/boards/librem_13v4/librem_13v4.config +++ b/boards/librem_13v4/librem_13v4.config @@ -26,6 +26,7 @@ CONFIG_FBWHIPTAIL=y CONFIG_HOTPKEY=y CONFIG_LINUX_USB=y +CONFIG_MOBILE_TETHERING=y export CONFIG_SUPPORT_USB_KEYBOARD=y export CONFIG_TPM=y diff --git a/boards/librem_14/librem_14.config b/boards/librem_14/librem_14.config index c04f95ac3..7eb296d60 100644 --- a/boards/librem_14/librem_14.config +++ b/boards/librem_14/librem_14.config @@ -24,6 +24,7 @@ CONFIG_FBWHIPTAIL=y CONFIG_HOTPKEY=y CONFIG_LINUX_USB=y +CONFIG_MOBILE_TETHERING=y export CONFIG_TPM=y export CONFIG_SUPPORT_USB_KEYBOARD=y diff --git a/boards/librem_15v3/librem_15v3.config b/boards/librem_15v3/librem_15v3.config index 14049aba2..e3c55575a 100644 --- a/boards/librem_15v3/librem_15v3.config +++ b/boards/librem_15v3/librem_15v3.config @@ -26,6 +26,7 @@ CONFIG_FBWHIPTAIL=y CONFIG_HOTPKEY=y CONFIG_LINUX_USB=y +CONFIG_MOBILE_TETHERING=y export CONFIG_SUPPORT_USB_KEYBOARD=y export CONFIG_TPM=y diff --git a/boards/librem_15v4/librem_15v4.config b/boards/librem_15v4/librem_15v4.config index c95e61015..d57830552 100644 --- a/boards/librem_15v4/librem_15v4.config +++ b/boards/librem_15v4/librem_15v4.config @@ -27,6 +27,7 @@ CONFIG_FBWHIPTAIL=y CONFIG_HOTPKEY=y CONFIG_LINUX_USB=y +CONFIG_MOBILE_TETHERING=y export CONFIG_SUPPORT_USB_KEYBOARD=y export CONFIG_TPM=y diff --git a/boards/librem_l1um/librem_l1um.config b/boards/librem_l1um/librem_l1um.config index c5d960b11..1956c63a6 100644 --- a/boards/librem_l1um/librem_l1um.config +++ b/boards/librem_l1um/librem_l1um.config @@ -25,6 +25,7 @@ CONFIG_FBWHIPTAIL=y CONFIG_HOTPKEY=y CONFIG_LINUX_USB=y +CONFIG_MOBILE_TETHERING=y export CONFIG_TPM=y diff --git a/boards/librem_l1um_v2/librem_l1um_v2.config b/boards/librem_l1um_v2/librem_l1um_v2.config index 32bdfa1e3..bc5153516 100644 --- a/boards/librem_l1um_v2/librem_l1um_v2.config +++ b/boards/librem_l1um_v2/librem_l1um_v2.config @@ -24,6 +24,7 @@ CONFIG_FBWHIPTAIL=y CONFIG_HOTPKEY=y CONFIG_LINUX_USB=y +CONFIG_MOBILE_TETHERING=y export CONFIG_TPM=y export CONFIG_TPM2_TOOLS=y diff --git a/boards/librem_mini/librem_mini.config b/boards/librem_mini/librem_mini.config index a460a21a4..bc0208789 100644 --- a/boards/librem_mini/librem_mini.config +++ b/boards/librem_mini/librem_mini.config @@ -26,6 +26,7 @@ CONFIG_FBWHIPTAIL=y CONFIG_HOTPKEY=y CONFIG_LINUX_USB=y +CONFIG_MOBILE_TETHERING=y export CONFIG_TPM=n diff --git a/boards/librem_mini_v2/librem_mini_v2.config b/boards/librem_mini_v2/librem_mini_v2.config index ed1be16f5..eb0349c12 100644 --- a/boards/librem_mini_v2/librem_mini_v2.config +++ b/boards/librem_mini_v2/librem_mini_v2.config @@ -26,6 +26,7 @@ CONFIG_FBWHIPTAIL=y CONFIG_HOTPKEY=y CONFIG_LINUX_USB=y +CONFIG_MOBILE_TETHERING=y export CONFIG_TPM=n diff --git a/config/linux-librem_common-6.1.8.config b/config/linux-librem_common-6.1.8.config index 9d83a8db2..9e4752357 100644 --- a/config/linux-librem_common-6.1.8.config +++ b/config/linux-librem_common-6.1.8.config @@ -1274,6 +1274,7 @@ CONFIG_DM_VERITY_FEC=y # CONFIG_MACINTOSH_DRIVERS is not set CONFIG_NETDEVICES=y +CONFIG_MII=m CONFIG_NET_CORE=y # CONFIG_BONDING is not set # CONFIG_DUMMY is not set @@ -1401,7 +1402,49 @@ CONFIG_NET_VENDOR_VERTEXCOM=y # CONFIG_PPP is not set # CONFIG_SLIP is not set -# CONFIG_USB_NET_DRIVERS is not set +CONFIG_USB_NET_DRIVERS=m +# CONFIG_USB_CATC is not set +# CONFIG_USB_KAWETH is not set +# CONFIG_USB_PEGASUS is not set +# CONFIG_USB_RTL8150 is not set +# CONFIG_USB_RTL8152 is not set +# CONFIG_USB_LAN78XX is not set +CONFIG_USB_USBNET=m +# CONFIG_USB_NET_AX8817X is not set +# CONFIG_USB_NET_AX88179_178A is not set +CONFIG_USB_NET_CDCETHER=m +CONFIG_USB_NET_CDC_EEM=m +CONFIG_USB_NET_CDC_NCM=m +# CONFIG_USB_NET_HUAWEI_CDC_NCM is not set +# CONFIG_USB_NET_CDC_MBIM is not set +# CONFIG_USB_NET_DM9601 is not set +# CONFIG_USB_NET_SR9700 is not set +# CONFIG_USB_NET_SR9800 is not set +# CONFIG_USB_NET_SMSC75XX is not set +# CONFIG_USB_NET_SMSC95XX is not set +# CONFIG_USB_NET_GL620A is not set +# CONFIG_USB_NET_NET1080 is not set +# CONFIG_USB_NET_PLUSB is not set +# CONFIG_USB_NET_MCS7830 is not set +# CONFIG_USB_NET_RNDIS_HOST is not set +CONFIG_USB_NET_CDC_SUBSET=m +# CONFIG_USB_ALI_M5632 is not set +# CONFIG_USB_AN2720 is not set +# CONFIG_USB_BELKIN is not set +# CONFIG_USB_ARMLINUX is not set +# CONFIG_USB_EPSON2888 is not set +# CONFIG_USB_KC2190 is not set +# CONFIG_USB_NET_ZAURUS is not set +# CONFIG_USB_NET_CX82310_ETH is not set +# CONFIG_USB_NET_KALMIA is not set +# CONFIG_USB_NET_QMI_WWAN is not set +# CONFIG_USB_NET_INT51X1 is not set +# CONFIG_USB_IPHETH is not set +# CONFIG_USB_SIERRA_NET is not set +# CONFIG_USB_VL600 is not set +# CONFIG_USB_NET_CH9200 is not set +# CONFIG_USB_NET_AQC111 is not set +CONFIG_USB_RTL8153_ECM=m # CONFIG_WLAN is not set # CONFIG_WAN is not set diff --git a/config/linux-librem_common.config b/config/linux-librem_common.config index c201f9716..a3edda0f4 100644 --- a/config/linux-librem_common.config +++ b/config/linux-librem_common.config @@ -1175,6 +1175,7 @@ CONFIG_DM_VERITY_FEC=y # CONFIG_MACINTOSH_DRIVERS is not set CONFIG_NETDEVICES=y +CONFIG_MII=m CONFIG_NET_CORE=y # CONFIG_BONDING is not set # CONFIG_DUMMY is not set @@ -1296,7 +1297,48 @@ CONFIG_E1000E_HWTS=y # CONFIG_PPP is not set # CONFIG_SLIP is not set -# CONFIG_USB_NET_DRIVERS is not set +CONFIG_USB_NET_DRIVERS=m +# CONFIG_USB_CATC is not set +# CONFIG_USB_KAWETH is not set +# CONFIG_USB_PEGASUS is not set +# CONFIG_USB_RTL8150 is not set +# CONFIG_USB_RTL8152 is not set +# CONFIG_USB_LAN78XX is not set +CONFIG_USB_USBNET=m +# CONFIG_USB_NET_AX8817X is not set +# CONFIG_USB_NET_AX88179_178A is not set +CONFIG_USB_NET_CDCETHER=m +CONFIG_USB_NET_CDC_EEM=m +CONFIG_USB_NET_CDC_NCM=m +# CONFIG_USB_NET_HUAWEI_CDC_NCM is not set +# CONFIG_USB_NET_CDC_MBIM is not set +# CONFIG_USB_NET_DM9601 is not set +# CONFIG_USB_NET_SR9700 is not set +# CONFIG_USB_NET_SR9800 is not set +# CONFIG_USB_NET_SMSC75XX is not set +# CONFIG_USB_NET_SMSC95XX is not set +# CONFIG_USB_NET_GL620A is not set +# CONFIG_USB_NET_NET1080 is not set +# CONFIG_USB_NET_PLUSB is not set +# CONFIG_USB_NET_MCS7830 is not set +# CONFIG_USB_NET_RNDIS_HOST is not set +CONFIG_USB_NET_CDC_SUBSET=m +# CONFIG_USB_ALI_M5632 is not set +# CONFIG_USB_AN2720 is not set +# CONFIG_USB_BELKIN is not set +# CONFIG_USB_ARMLINUX is not set +# CONFIG_USB_EPSON2888 is not set +# CONFIG_USB_KC2190 is not set +# CONFIG_USB_NET_ZAURUS is not set +# CONFIG_USB_NET_CX82310_ETH is not set +# CONFIG_USB_NET_KALMIA is not set +# CONFIG_USB_NET_QMI_WWAN is not set +# CONFIG_USB_NET_INT51X1 is not set +# CONFIG_USB_IPHETH is not set +# CONFIG_USB_SIERRA_NET is not set +# CONFIG_USB_VL600 is not set +# CONFIG_USB_NET_CH9200 is not set +# CONFIG_USB_NET_AQC111 is not set # CONFIG_WLAN is not set # @@ -1453,7 +1495,7 @@ CONFIG_DEVPORT=y # CONFIG_HPET is not set # CONFIG_HANGCHECK_TIMER is not set CONFIG_TCG_TPM=y -CONFIG_HW_RANDOM_TPM=n +# CONFIG_HW_RANDOM_TPM is not set CONFIG_TCG_TIS_CORE=y CONFIG_TCG_TIS=y # CONFIG_TCG_TIS_I2C_ATMEL is not set From bec25456887fb201e4aa186f8ea044aa77b9dc16 Mon Sep 17 00:00:00 2001 From: Thierry Laurion Date: Thu, 22 Feb 2024 13:36:25 -0500 Subject: [PATCH 04/10] insmod: check if module already loaded and if so exit early Signed-off-by: Thierry Laurion --- initrd/bin/network-init-recovery | 6 ++---- initrd/sbin/insmod | 10 +++++++++- 2 files changed, 11 insertions(+), 5 deletions(-) diff --git a/initrd/bin/network-init-recovery b/initrd/bin/network-init-recovery index ed430f018..814eb32c2 100755 --- a/initrd/bin/network-init-recovery +++ b/initrd/bin/network-init-recovery @@ -11,8 +11,7 @@ echo "Loading Ethernet network modules..." network_modules="e1000 e1000e igb sfc mdio mlx4_core mlx4_en" for module in $(echo $network_modules); do if [ -f /lib/modules/$module.ko ]; then - #check if module is already loaded and load it if not - lsmod | grep -q $module || insmod /lib/modules/$module.ko + insmod /lib/modules/$module.ko fi done @@ -30,8 +29,7 @@ if [ -e /lib/modules/cdc_ether.ko ]; then echo "Loading USB tethering network related modules: $network_modules..." for module in $(echo $network_modules); do if [ -f /lib/modules/$module.ko ]; then - #check if module is already loaded and load it if not - lsmod | grep -q $module || insmod /lib/modules/$module.ko + insmod /lib/modules/$module.ko fi done if ! [ -e /sys/class/net/usb0 ]; then diff --git a/initrd/sbin/insmod b/initrd/sbin/insmod index 8545482b2..c00aab35b 100755 --- a/initrd/sbin/insmod +++ b/initrd/sbin/insmod @@ -23,6 +23,14 @@ if [ ! -r "$MODULE" ]; then die "$MODULE: not found?" fi +# Check if module is already loaded while remove trailing .ko if present +module=$(basename "$MODULE") +module=${module%.ko} +if lsmod | grep -q "^$module\\b"; then + DEBUG "$module: already loaded" + exit 0 +fi + if [ ! -r /sys/class/tpm/tpm0/pcrs -o ! -x /bin/tpm ]; then if [ ! -c /dev/tpmrm0 -o ! -x /bin/tpm2 ]; then tpm_missing=1 @@ -48,4 +56,4 @@ fi # the busybox insmod via the original executable DEBUG "Loading $MODULE with busybox insmod" busybox insmod "$MODULE" "$@" \ -|| die "$MODULE: insmod failed" + || die "$MODULE: insmod failed" From 35de23483ac99707e6486206ccb5c8f020ae3e68 Mon Sep 17 00:00:00 2001 From: Thierry Laurion Date: Thu, 22 Feb 2024 14:35:26 -0500 Subject: [PATCH 05/10] etc/ash_functions: remove redundant lsmod prior of insmod Signed-off-by: Thierry Laurion --- initrd/etc/ash_functions | 41 +++++++++------------------------------- 1 file changed, 9 insertions(+), 32 deletions(-) diff --git a/initrd/etc/ash_functions b/initrd/etc/ash_functions index 58634307a..d31b034dc 100644 --- a/initrd/etc/ash_functions +++ b/initrd/etc/ash_functions @@ -318,35 +318,15 @@ enable_usb() { TRACE "Under /etc/ash_functions:enable_usb" #insmod ehci_hcd prior of uhdc_hcd and ohci_hcd to suppress dmesg warning - if ! lsmod | grep -q ehci_hcd; then - insmod /lib/modules/ehci-hcd.ko \ - || die "ehci_hcd: module load failed" - fi + insmod /lib/modules/ehci-hcd.ko || die "ehci_hcd: module load failed" + if [ "$CONFIG_LINUX_USB_COMPANION_CONTROLLER" = y ]; then - if ! lsmod | grep -q uhci_hcd; then - insmod /lib/modules/uhci-hcd.ko \ - || die "uhci_hcd: module load failed" - fi - if ! lsmod | grep -q ohci_hcd; then - insmod /lib/modules/ohci-hcd.ko \ - || die "ohci_hcd: module load failed" - fi - if ! lsmod | grep -q ohci_pci; then - insmod /lib/modules/ohci-pci.ko \ - || die "ohci_pci: module load failed" - fi - fi - if ! lsmod | grep -q ehci_pci; then - insmod /lib/modules/ehci-pci.ko \ - || die "ehci_pci: module load failed" - fi - if ! lsmod | grep -q xhci_hcd; then - insmod /lib/modules/xhci-hcd.ko \ - || die "xhci_hcd: module load failed" - fi - if ! lsmod | grep -q xhci_pci; then - insmod /lib/modules/xhci-pci.ko \ - || die "xhci_pci: module load failed" + insmod /lib/modules/uhci-hcd.ko || die "uhci_hcd: module load failed" + insmod /lib/modules/ohci-hcd.ko || die "ohci_hcd: module load failed" + insmod /lib/modules/ohci-pci.ko || die "ohci_pci: module load failed" + insmod /lib/modules/ehci-pci.ko || die "ehci_pci: module load failed" + insmod /lib/modules/xhci-hcd.ko || die "xhci_hcd: module load failed" + insmod /lib/modules/xhci-pci.ko || die "xhci_pci: module load failed" sleep 2 fi @@ -357,9 +337,6 @@ enable_usb() # desktop/server), they could lock themselves out, only recoverable by # hardware flash. if [ "$CONFIG_USB_KEYBOARD_REQUIRED" = y ] || [ "$CONFIG_USER_USB_KEYBOARD" = y ]; then - if ! lsmod | grep -q usbhid; then - insmod /lib/modules/usbhid.ko \ - || die "usbhid: module load failed" - fi + insmod /lib/modules/usbhid.ko || die "usbhid: module load failed" fi } From 5f8cb5a15921494decd1ff2403a30cec638971dc Mon Sep 17 00:00:00 2001 From: Thierry Laurion Date: Thu, 22 Feb 2024 15:03:12 -0500 Subject: [PATCH 06/10] initrd/bin/network-init-recovery: put usb tethering and ethernet activation in functions and ask user prior of using each mode Also remove output of attempted module loading since DEBUG will show if needed Remove timeout after 30 seconds to unify UX and block Change UX wording Should address all PR review comments Signed-off-by: Thierry Laurion --- initrd/bin/network-init-recovery | 174 +++++++++++++++++++------------ 1 file changed, 106 insertions(+), 68 deletions(-) diff --git a/initrd/bin/network-init-recovery b/initrd/bin/network-init-recovery index 814eb32c2..86ecd6403 100755 --- a/initrd/bin/network-init-recovery +++ b/initrd/bin/network-init-recovery @@ -4,45 +4,76 @@ TRACE_FUNC -# bring up the ethernet interface -ifconfig lo 127.0.0.1 +mobile_tethering() +{ + TRACE_FUNC + #Tethering over USB for Mobile phones supporting CDC (Android Pixel 6a+, Librem phone, etc.) + if [ -e /lib/modules/cdc_ether.ko ]; then + #prompt user if he wants to enable USB tethering and skip if not + echo "" + echo "USB tethering support is available for mobile phones supporting CDC NCM/EEM tethering" + read -p "Do you want to enable USB tethering now? (Y/n)" -n 1 -r REPLY + echo "" + if [[ $REPLY =~ ^[Nn]$ ]]; then + echo "USB tethering not enabled, skipping..." + return 0 + fi + + #first enable USB controllers + enable_usb + + echo "" + echo "Please connect your mobile phone to a USB port and enable internet connection sharing." + echo "* Android: Select the 'Charging this device via USB' notification and enable tethering." + echo "* Linux: Set the wired connection's IPv4 method on the mobile phone to 'Shared to other computers'." + echo "Heads supports CDC-NCM and CDC-EEM. Android phones using RNDIS and Apple phones are not supported." + echo "" + read -p "Press Enter to continue..." -n 1 -r -echo "Loading Ethernet network modules..." -network_modules="e1000 e1000e igb sfc mdio mlx4_core mlx4_en" -for module in $(echo $network_modules); do - if [ -f /lib/modules/$module.ko ]; then - insmod /lib/modules/$module.ko + network_modules="mii usbnet cdc_ether cdc_ncm cdc_eem" + for module in $(echo $network_modules); do + if [ -f /lib/modules/$module.ko ]; then + insmod /lib/modules/$module.ko + fi + done + + if ! [ -e /sys/class/net/usb0 ]; then + echo "" + echo "No tethering network interface was found." + echo "* Make sure the phone supports CDC-NCM or CDC-EEM. Many, but not all, Android and Linux phones support these." + echo "* Android phones requiring RNDIS and Apple phones are not supported." + echo "* Make sure the cable used works with data and that the phone has tethering enabled." + echo "" + read -p "Press Enter to continue..." -n 1 -r fi -done +fi +} -#Tethering over USB for Mobile phones supporting CDC (Android Pixel 6a+, Librem phone, etc.) -if [ -e /lib/modules/cdc_ether.ko ]; then - #first enable USB controllers - enable_usb +ethernet_activation() +{ + TRACE_FUNC + #Prompt user if he wants to enable ethernet and skip if not + read -p "Do you want to enable Ethernet now? (Y/n)" -n 1 -r REPLY echo "" - echo "Please verify that your mobile (CDC NCM/EEM tethering compatible phone) is networked in the desired way (WIFI/mobile + VPN/Orbot/etc)" - echo "Please connect mobile phone to this machine's fast USB port (blue identified) through a known working data cable" - echo "Please enable USB tethering prior of going further (Android: select 'Charging this device via USB' notification and enable tethering option)" - read -p "Press Enter to continue now or wait 30 seconds..." -n 1 -r -t 30 - - network_modules="mii usbnet cdc_ether cdc_ncm cdc_eem" - echo "Loading USB tethering network related modules: $network_modules..." + if [[ $REPLY =~ ^[Nn]$ ]]; then + echo "Ethernet not enabled, skipping..." + return 0 + fi + + echo "Loading Ethernet network modules..." + network_modules="e1000 e1000e igb sfc mdio mlx4_core mlx4_en" for module in $(echo $network_modules); do if [ -f /lib/modules/$module.ko ]; then insmod /lib/modules/$module.ko fi done - if ! [ -e /sys/class/net/usb0 ]; then - echo "" - echo "Tethering USB network interface was NOT detected with loaded kernel modules : $network_modules" - echo "Please check your phone's linux drivers requirements" - echo "Note that RNDIS kernel module inclusion was discussed and rejected due to security implications and planned deprecation under Linux kernel altogether" - echo "CDC NCM/CDC EEM support is known to be available on a majority of Android/GrapheneOS as well as Librem phones" - echo "Non-exhaustive exeptions: Pixel 4a* known to only tether over RNDIS and won't be supported" - echo "Apple phones won't be supported due to size and complexity of the drivers and toolstack required to support tethering" - read -p "Press Enter to continue now or wait 30 seconds..." -n 1 -r -t 30 - fi -fi +} + +# bring up the ethernet interface +ifconfig lo 127.0.0.1 + +mobile_tethering +ethernet_activation if [ -e /sys/class/net/usb0 ]; then dev=usb0 @@ -50,56 +81,63 @@ if [ -e /sys/class/net/usb0 ]; then elif [ -e /sys/class/net/eth0 ]; then dev=eth0 echo "Ethernet network interface detected as $dev" - #Randomize eth0 MAC address of maximized boards +else + echo "No network interface detected, please check your hardware and board configuration" + exit 1 +fi + +if [ -n "$dev" ]; then + + #Randomize MAC address for maximized boards if echo "$CONFIG_BOARD" | grep -q maximized; then ifconfig $dev down echo "Generating random MAC address..." mac=$(generate_random_mac_address) - echo "Assigning randomly generated MAC: $mac to eth0..." + echo "Assigning randomly generated MAC: $mac to $dev..." ifconfig $dev hw ether $mac - echo "Bringing up $dev... Connect a network cable to the $dev port and make sure status LEDs are on" ifconfig $dev up fi -fi -# Set up static IP -if [ ! -z "$CONFIG_BOOT_STATIC_IP" ]; then - echo "Setting static IP: $CONFIG_BOOT_STATIC_IP" - ifconfig $dev $CONFIG_BOOT_STATIC_IP - echo "No NTP sync with static IP: no DNS server nor gateway defined, set time manually" -elif [ -e /sbin/udhcpc ]; then - echo "Getting IP from first DHCP server answering. This may take a while..." - if udhcpc -T 1 -i $dev -q; then - if [ -e /sbin/ntpd ]; then - DNS_SERVER=$(grep nameserver /etc/resolv.conf | awk -F " " {'print $2'}) - killall ntpd 2 &>1 >/dev/null - echo "Attempting to sync time with NTP server: $DNS_SERVER..." - if ! ntpd -d -N -n -q -p $DNS_SERVER; then - echo "NTP sync unsuccessful with DNS server" - echo "Attempting NTP time sync with pool.ntp.org..." - if ! ntpd -d -d -N -n -q -p pool.ntp.org; then - echo "NTP sync unsuccessful." - else - echo "NTP time sync successful." + # Set up static IP if configured in board config + if [ ! -z "$CONFIG_BOOT_STATIC_IP" ]; then + echo "Setting static IP: $CONFIG_BOOT_STATIC_IP" + ifconfig $dev $CONFIG_BOOT_STATIC_IP + echo "No NTP sync with static IP: no DNS server nor gateway defined, set time manually" + # Set up DHCP if no static IP + elif [ -e /sbin/udhcpc ]; then + echo "Getting IP from first DHCP server answering. This may take a while..." + if udhcpc -T 1 -i $dev -q; then + if [ -e /sbin/ntpd ]; then + DNS_SERVER=$(grep nameserver /etc/resolv.conf | awk -F " " {'print $2'}) + killall ntpd 2 &>1 >/dev/null + echo "Attempting to sync time with NTP server: $DNS_SERVER..." + if ! ntpd -d -N -n -q -p $DNS_SERVER; then + echo "NTP sync unsuccessful with DNS server" + echo "Attempting NTP time sync with pool.ntp.org..." + if ! ntpd -d -d -N -n -q -p pool.ntp.org; then + echo "NTP sync unsuccessful." + else + echo "NTP time sync successful." + fi fi + echo "Syncing hardware clock with system time in UTC/GMT timezone..." + hwclock -w + echo "" + date=$(date "+%Y-%m-%d %H:%M:%S %Z") + echo "Time: $date" fi - echo "Syncing hardware clock with system time in UTC/GMT timezone... NOT LOCAL TIMEZONE!" - hwclock -w - echo "" - date=$(date "+%Y-%m-%d %H:%M:%S %Z") - echo "Time: $date" fi fi -fi -if [ -e /bin/dropbear ]; then - # Set up the ssh server, allow root logins and log to stderr - if [ ! -d /etc/dropbear ]; then - mkdir /etc/dropbear + if [ -e /bin/dropbear ]; then + # Set up the ssh server, allow root logins and log to stderr + if [ ! -d /etc/dropbear ]; then + mkdir /etc/dropbear + fi + echo "Starting dropbear ssh server..." + dropbear -B -R fi - echo "Starting dropbear ssh server..." - dropbear -B -R + echo "" + echo "Network setup complete:" + ifconfig $dev fi -echo "" -echo "Network setup complete:" -ifconfig From a5ab32b761afc51f4aa4e0219ff844df0caf52dc Mon Sep 17 00:00:00 2001 From: Thierry Laurion Date: Thu, 22 Feb 2024 16:20:14 -0500 Subject: [PATCH 07/10] insmod: uniformize module name and lsmod output prior of comapring if module already insmodded (ehci-hcd.ko module name is ehci_hcd...) Signed-off-by: Thierry Laurion --- initrd/sbin/insmod | 11 ++++++----- 1 file changed, 6 insertions(+), 5 deletions(-) diff --git a/initrd/sbin/insmod b/initrd/sbin/insmod index c00aab35b..97614fc65 100755 --- a/initrd/sbin/insmod +++ b/initrd/sbin/insmod @@ -23,11 +23,12 @@ if [ ! -r "$MODULE" ]; then die "$MODULE: not found?" fi -# Check if module is already loaded while remove trailing .ko if present -module=$(basename "$MODULE") -module=${module%.ko} -if lsmod | grep -q "^$module\\b"; then - DEBUG "$module: already loaded" +# Check if module is already loaded +# Transform module name changing _ for - and trailing .ko if present +# Unify lsmod output to use - instead of _ for comparison +module_name=$(basename "$MODULE" | sed 's/_/-/g' | sed 's/\.ko$//') +if lsmod | sed 's/_/-/g' | grep -q "^$module_name\\b"; then + DEBUG "$MODULE: already loaded" exit 0 fi From 031f885aaa8431c21341b45557cfa386c7b3c1f4 Mon Sep 17 00:00:00 2001 From: Jonathon Hall Date: Fri, 23 Feb 2024 09:43:50 -0500 Subject: [PATCH 08/10] initrd/bin/network-init-recovery: Trivial indentation fix Signed-off-by: Jonathon Hall --- initrd/bin/network-init-recovery | 18 +++++++++--------- 1 file changed, 9 insertions(+), 9 deletions(-) diff --git a/initrd/bin/network-init-recovery b/initrd/bin/network-init-recovery index 86ecd6403..dbd593ffb 100755 --- a/initrd/bin/network-init-recovery +++ b/initrd/bin/network-init-recovery @@ -37,16 +37,16 @@ mobile_tethering() fi done - if ! [ -e /sys/class/net/usb0 ]; then - echo "" - echo "No tethering network interface was found." - echo "* Make sure the phone supports CDC-NCM or CDC-EEM. Many, but not all, Android and Linux phones support these." - echo "* Android phones requiring RNDIS and Apple phones are not supported." - echo "* Make sure the cable used works with data and that the phone has tethering enabled." - echo "" - read -p "Press Enter to continue..." -n 1 -r + if ! [ -e /sys/class/net/usb0 ]; then + echo "" + echo "No tethering network interface was found." + echo "* Make sure the phone supports CDC-NCM or CDC-EEM. Many, but not all, Android and Linux phones support these." + echo "* Android phones requiring RNDIS and Apple phones are not supported." + echo "* Make sure the cable used works with data and that the phone has tethering enabled." + echo "" + read -p "Press Enter to continue..." -n 1 -r + fi fi -fi } ethernet_activation() From 2aeab5edbb4090f176e918e460ab7e6d02effb40 Mon Sep 17 00:00:00 2001 From: Jonathon Hall Date: Fri, 23 Feb 2024 09:44:40 -0500 Subject: [PATCH 09/10] initrd/etc/ash_functions: ehci_pci/xhci-* aren't companion controllers All boards with CONFIG_LINUX_USB=y ship ehci-* and xhci-*, they are not controlled by CONFIG_LINUX_USB_COMPANION_CONTROLLER. Always insert them when initializing USB. Fixes commit 35de2348 Signed-off-by: Jonathon Hall --- initrd/etc/ash_functions | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/initrd/etc/ash_functions b/initrd/etc/ash_functions index d31b034dc..8b52ab6a4 100644 --- a/initrd/etc/ash_functions +++ b/initrd/etc/ash_functions @@ -324,11 +324,11 @@ enable_usb() insmod /lib/modules/uhci-hcd.ko || die "uhci_hcd: module load failed" insmod /lib/modules/ohci-hcd.ko || die "ohci_hcd: module load failed" insmod /lib/modules/ohci-pci.ko || die "ohci_pci: module load failed" - insmod /lib/modules/ehci-pci.ko || die "ehci_pci: module load failed" - insmod /lib/modules/xhci-hcd.ko || die "xhci_hcd: module load failed" - insmod /lib/modules/xhci-pci.ko || die "xhci_pci: module load failed" sleep 2 fi + insmod /lib/modules/ehci-pci.ko || die "ehci_pci: module load failed" + insmod /lib/modules/xhci-hcd.ko || die "xhci_hcd: module load failed" + insmod /lib/modules/xhci-pci.ko || die "xhci_pci: module load failed" # For resiliency, test CONFIG_USB_KEYBOARD_REQUIRED explicitly rather # than having it imply CONFIG_USER_USB_KEYBOARD at build time. From ebe9db435043d916f412b219c6d3cca7cb109871 Mon Sep 17 00:00:00 2001 From: Thierry Laurion Date: Fri, 23 Feb 2024 12:17:47 -0500 Subject: [PATCH 10/10] initrd/bin/network-init-recovery: kill dropbear unconditionally prior of starting it Signed-off-by: Thierry Laurion --- initrd/bin/network-init-recovery | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/initrd/bin/network-init-recovery b/initrd/bin/network-init-recovery index dbd593ffb..fb09d2ff9 100755 --- a/initrd/bin/network-init-recovery +++ b/initrd/bin/network-init-recovery @@ -135,6 +135,11 @@ if [ -n "$dev" ]; then mkdir /etc/dropbear fi echo "Starting dropbear ssh server..." + # Make sure dropbear is not already running + killall dropbear > /dev/null 2>&1 || true + # Start dropbear with root login and log to stderr + # -B background + # -R create host keys dropbear -B -R fi echo ""