Merged changes for the v4.3.8 firmware

srlabs · Oct 18, 2023 · 9c08efc · 9c08efc
2 parents 5163b47 + d4886a5
commit 9c08efc
Show file tree

Hide file tree

Showing 20 changed files with 850 additions and 455 deletions.
diff --git a/Makefile b/Makefile
@@ -1,7 +1,7 @@
 include $(TOPDIR)/rules.mk
 
 PKG_NAME:=blue-merle
-PKG_VERSION:=1.1.0
+PKG_VERSION:=2.0.0
 PKG_RELEASE:=$(AUTORELEASE)
 
 PKG_MAINTAINER:=Matthias <[email protected]>
@@ -12,7 +12,7 @@ include $(INCLUDE_DIR)/package.mk
 define Package/blue-merle
 	SECTION:=utils
 	CATEGORY:=Utilities
-	EXTRA_DEPENDS:=gl-ui gl-e750-mcu bash coreutils-shred python3 python3-pyserial patch
+	EXTRA_DEPENDS:=luci-base, gl-sdk4-mcu, coreutils-shred, python3-pyserial
 	TITLE:=Anonymity Enhancements for GL-E750 Mudi
 endef
 
@@ -29,8 +29,11 @@ endef
 define Package/blue-merle/install
 	$(CP) ./files/* $(1)/
 	$(INSTALL_BIN) ./files/etc/init.d/* $(1)/etc/init.d/
+	$(INSTALL_BIN) ./files/etc/gl-switch.d/* $(1)/etc/gl-switch.d/
 	$(INSTALL_BIN) ./files/lib/blue-merle/mac-wipe.sh $(1)/lib/blue-merle/mac-wipe.sh
-	$(INSTALL_BIN) ./files/usr/bin/blue-merle $(1)/usr/bin/blue-merle
+	$(INSTALL_BIN) ./files/usr/bin/* $(1)/usr/bin/
+	$(INSTALL_BIN) ./files/usr/libexec/blue-merle $(1)/usr/libexec/blue-merle
+	$(INSTALL_BIN) ./files/lib/blue-merle/imei_generate.py  $(1)/lib/blue-merle/imei_generate.py
 endef
 
 define Package/blue-merle/preinst
@@ -42,7 +45,7 @@ define Package/blue-merle/preinst
 		if [ -f "/tmp/sysinfo/model" ] && [ -f "/etc/glversion" ]; then
 			echo "You have a `cat /tmp/sysinfo/model`, running firmware version `cat /etc/glversion`."
 		fi
-		echo "blue-merle has only been tested with GL-E750 Mudi Version 3.215."
+		echo "blue-merle has only been tested with GL-E750 Mudi Version 4.3.8."
 		echo "The device or firmware version you are using have not been verified to work with blue-merle."
 		echo -n "Would you like to continue on your own risk? (y/N): "
 		read answer
@@ -58,56 +61,14 @@ define Package/blue-merle/preinst
 		fi
 	}
 
-	UPDATE_MCU() {
-		echo "6e6b86e3ad7fec0d5e426eb9a41c51c6f0d6b68a4d341ec553edeeade3e4b470  /tmp/e750-mcu-V1.0.7.bin" > /tmp/e750-mcu.bin.sha256
-		wget -O /tmp/e750-mcu-V1.0.7.bin https://github.com/gl-inet/GL-E750-MCU-instruction/blob/master/e750-mcu-V1.0.7-56a1cad7f0eb8318ebe3c3c46a4cf3ff.bin?raw=true
-		if sha256sum -cs /tmp/e750-mcu.bin.sha256; then
-			ubus call service delete '{"name":"e750_mcu"}'
-			mcu_update /tmp/e750-mcu-V1.0.7.bin
-		else
-			echo "Failed to update MCU, verification of the binary failed."
-			echo "Your device needs to be connected to the Internet in order to download the MCU binary."
-			exit 1
-		fi
-	}
-
-	CHECK_MCUVERSION() {
-		function version { echo "$$@" | cut -d' ' -f2 | awk -F. '{ printf("%d%03d%03d%03d\n", $$1,$$2,$$3,$$4); }'; }
-		mcu_version=`echo \{\"version\": \"1\"} > /dev/ttyS0; sleep 0.1; cat /dev/ttyS0|tr -d '\n'`
-		if [ $$(version "$$mcu_version") -ge $$(version "V 1.0.7") ]; then
-			return 0
-		else
-			echo
-			echo "Your MCU version has not been verified to work with blue-merle."
-						echo "Automatic shutdown may not work."
-						echo "The install script can initiate an update of the MCU."
-						echo "The device will reboot and, after reboot, you need to run opkg install blue-merle again."
-						echo -n "Would you like to update your MCU? (y/N): "
-						read answer
-						case $$answer in
-								Y*) answer=0;;
-								y*) answer=0;;
-								*) answer=1;;
-						esac
-						if [[ "$$answer" -eq 0 ]]; then
-								UPDATE_MCU
-						fi
-				fi
-		}
-
 	if grep -q "GL.iNet GL-E750" /proc/cpuinfo; then
 	    GL_VERSION=$$(cat /etc/glversion)
 	    case $$GL_VERSION in
-	        4.*)
-	            echo Version $$GL_VERSION is not supported
-	            exit 1
-	            ;;
-	        3.215)
+	        4.3.8)
 	            echo Version $$GL_VERSION is supported
-	            CHECK_MCUVERSION
 	            exit 0
 	            ;;
-	        3.*)
+	        4.*)
 	            echo Version $$GL_VERSION is *probably* supported
 	            ABORT_GLVERSION
 	            ;;
@@ -120,32 +81,26 @@ define Package/blue-merle/preinst
 	else
 		ABORT_GLVERSION
 	fi
+
+    # Our volatile-mac service gets started during the installation
+    # but it modifies the client database held by the gl_clients process.
+    # So we stop that process now, have the database put onto volatile storage
+    # and start the service after installation
+    /etc/init.d/gl_clients stop
 endef
 
 define Package/blue-merle/postinst
 	#!/bin/sh
+	uci set switch-button.@main[0].func='sim'
+	uci commit switch-button
 
-	patch -b /www/src/temple/settings/index.js /lib/blue-merle/patches/index.js.patch
-	patch -b /www/src/temple/settings/index.html /lib/blue-merle/patches/index.html.patch
-	patch -b /usr/bin/switchaction /lib/blue-merle/patches/switchaction.patch
-	patch -b /usr/bin/switch_queue /lib/blue-merle/patches/switch_queue.patch
+	/etc/init.d/gl_clients start
 
-	uci set glconfig.switch_button='service'
-	uci set glconfig.switch_button.enable='1'
-	uci set glconfig.switch_button.function='sim'
-	uci commit glconfig
+	echo {\"msg\": \"Successfully installed Blue Merle\"} > /dev/ttyS0
 endef
 
 define Package/blue-merle/postrm
 	#!/bin/sh
-
-	mv /www/src/temple/settings/index.js.orig /www/src/temple/settings/index.js
-	mv /www/src/temple/settings/index.html.orig /www/src/temple/settings/index.html
-	mv /usr/bin/switchaction.orig /usr/bin/switchaction
-	mv /usr/bin/switch_queue.orig /usr/bin/switch_queue
-
-	rm -f /tmp/sim_change_start
-	rm -f /tmp/sim_change_switch
+	uci set switch-button.@main[0].func='tor'
 endef
 $(eval $(call BuildPackage,$(PKG_NAME)))
-
diff --git a/files/etc/gl-switch.d/sim.sh b/files/etc/gl-switch.d/sim.sh
@@ -0,0 +1,30 @@
+#!/bin/sh
+action=$1
+logger -p notice -t blue-merle-toggle  "Called... ${action}"
+
+
+. /lib/functions/gl_util.sh
+
+
+
+if [ "$action" = "on" ];then
+    mcu_send_message "Blue Merle ${action}"
+    echo "on" > /tmp/sim_change_switch
+    flock -n /tmp/blue-merle-switch.lock logger -p notice -t blue-merle-toggle "Running Stage 1" ||  logger -p notice -t blue-merle-toggle  "Lockfile busy"
+    flock -n /tmp/blue-merle-switch.lock  timeout 90  /usr/bin/blue-merle-switch-stage1
+
+elif [ "$action" = "off" ];then
+    # We check for any previous run and eventually execute the second stage. We could check for the age of this marker and only activate the second stage is the marker is young enough.
+    if [ -f /tmp/blue-merle-stage1 ]; then
+        flock -n /tmp/blue-merle-switch.lock  ||  logger -p notice -t blue-merle-toggle  "Lockfile busy" &
+        flock -n /tmp/blue-merle-switch.lock  timeout 90  /usr/bin/blue-merle-switch-stage2
+    else
+        logger -p notice -t blue-merle-toggle  "No Stage 1; Toggling Off"
+    fi
+    echo "off" > /tmp/sim_change_switch
+
+else
+    echo "off" > /tmp/sim_change_switch
+fi
+logger -p notice -t blue-merle-toggle  "Finished Switch $action"
+sleep 1
diff --git a/files/etc/init.d/blue-merle b/files/etc/init.d/blue-merle
@@ -2,16 +2,15 @@
 
 . /lib/blue-merle/functions.sh
 
-START=81
+# We intend to be started before the first network-related service is started.
+# According to https://openwrt.org/docs/techref/initscripts, /etc/rc.d/ determines
+# the order of the services to be started (or stopped). The lower the number,
+# the earlier the service is started.
+# We observe "repeater" having the value 15. "network" 20. We certainly want to ahead of those.
+START=14
 STOP=99
-
-start() {        
-	/lib/blue-merle/mac-wipe.sh
-	CHECKMACSYMLINK
+
+start() {
 	RESET_BSSIDS
-}                 
-
-stop() {          
-	/lib/blue-merle/mac-wipe.sh
+	RANDOMIZE_MACADDR
 }
-
diff --git a/files/etc/init.d/volatile-client-macs b/files/etc/init.d/volatile-client-macs
@@ -0,0 +1,30 @@
+#!/bin/sh /etc/rc.common
+
+# MAC addresses of connected clients are stored in a sqlite database.
+# Having the database seems to be necessary for the device to be working properly.
+# We intent to have the device store the database in RAM rather than on flash.
+# We replace the directory with a memory-backed tmpfs which is as volatile as we can make it.
+
+# We want to run ahead of "gl-tertf" which, currently, has a prioprity of 60.
+# We also want to run ahead of "gl_clients" which has 99.
+START=59
+STOP=99
+
+start() {
+    tmpdir="$(mktemp -d)"
+    # We mount a tmpfs so that the client database will be stored in memory only
+    mount -t tmpfs / "$tmpdir"
+    cp -a /etc/oui-tertf/client.db "$tmpdir"
+    shred /etc/oui-tertf/client.db ||  rm -f /etc/oui-tertf/client.db
+    # If this script runs multiple times, we accumulate mounts; we try to avoid having mounts over mounts, so we unmount any existing tmpfs
+    umount -t tmpfs -l /etc/oui-tertf
+
+    mount -t tmpfs / /etc/oui-tertf
+    cp -a "$tmpdir/client.db" /etc/oui-tertf/client.db
+    umount -t tmpfs -l "$tmpdir"
+}
+
+stop() {
+	shred /etc/oui-tertf/client.db ||  rm -f /etc/oui-tertf/client.db
+}
+
diff --git a/files/lib/blue-merle/functions.sh b/files/lib/blue-merle/functions.sh
@@ -2,27 +2,6 @@
 
 # This script provides helper functions for blue-merle
 
-# check that MAC wiping/linking to dev/null is still in place
-CHECKMACSYMLINK () {
-	local loc_file="/etc/init.d/gl_tertf"
-    if [ $(readlink -f "$loc_file") == "/dev/null" ]
-    then 
-        echo "TEST: EXISTS"
-    else
-        echo "TEST: DOES NOT EXIST"
-        cp "$loc_file" "$loc_file.bak" # todo: consider if we need to move this backup elsewhere?
-        ln -sf /dev/null "$loc_file"
-    fi
-}
-
-# Restore gl_tertf from back-up
-RESTORE_GL_TERTF () {
-    local loc_file="/etc/init.d/gl_tertf"
-    local loc_backup="/etc/init.d/gl_tertf.bak"
-    #local loc_location="/etc/init.d"
-    rm "$loc_file"
-    mv "$loc_backup" "$loc_file"
-}
 
 UNICAST_MAC_GEN () {
     loc_mac_numgen=`python3 -c "import random; print(f'{random.randint(0,2**48) & 0b111111101111111111111111111111111111111111111111:0x}'.zfill(12))"`
@@ -35,7 +14,16 @@ RESET_BSSIDS () {
     uci set wireless.@wifi-iface[1].macaddr=`UNICAST_MAC_GEN`
     uci set wireless.@wifi-iface[0].macaddr=`UNICAST_MAC_GEN`
     uci commit wireless
-    wifi # need to reset wifi for changes to apply
+    # you need to reset wifi for changes to apply, i.e. executing "wifi"
+}
+
+
+# This chaneges the MAC address clients see when connecting to the WiFi spawned by the device.
+# You can check with "arp -a" that your endpoint, e.g. your laptop, sees a different MAC after a reboot of the Mudi.
+RANDOMIZE_MACADDR () {
+    uci set network.@device[1].macaddr=`UNICAST_MAC_GEN`
+    uci commit network
+    # You need to restart the network, i.e. /etc/init.d/network restart
 }
 
 READ_IMEI () {
@@ -82,11 +70,22 @@ READ_IMSI () {
 	echo $imsi
 }
 
+
+SET_IMEI() {
+    imei="$1"
+
+    if [[ ${#imei} -eq 14 ]]; then
+        gl_modem AT AT+EGMR=1,7,${imei}
+    else
+        echo "IMEI is ${#imei} not 14 characters long"
+    fi
+}
+
 CHECK_ABORT () {
         sim_change_switch=`cat /tmp/sim_change_switch`
-        if [[ "$sim_change_switch" = "off" ]]; then   
-                e750-mcu "SIM change      aborted."   
-                sleep 1                               
-                exit 1                                
+        if [[ "$sim_change_switch" = "off" ]]; then
+                echo '{ "msg": "SIM change      aborted." }' > /dev/ttyS0
+                sleep 1
+                exit 1
         fi
 }
diff --git a/files/lib/blue-merle/imei_generate.py b/files/lib/blue-merle/imei_generate.py
@@ -17,6 +17,8 @@ class Modes(Enum):
 ap = argparse.ArgumentParser()
 ap.add_argument("-v", "--verbose", help="Enables verbose output",
                 action="store_true")
+ap.add_argument("-g", "--generate-only", help="Only generates an IMEI rather than setting it",
+                   action="store_true")
 modes = ap.add_mutually_exclusive_group()
 modes.add_argument("-d", "--deterministic", help="Switches IMEI generation to deterministic mode", action="store_true")
 modes.add_argument("-s", "--static", help="Sets user-defined IMEI",
@@ -42,7 +44,11 @@ class Modes(Enum):
 
 
 def get_imsi():
+    if (verbose):
+        print(f'Obtaining Serial {TTY} with timeout {TIMEOUT}...')
     with serial.Serial(TTY, BAUDRATE, timeout=TIMEOUT, exclusive=True) as ser:
+        if (verbose):
+            print('Getting IMSI')
         ser.write(b'AT+CIMI\r')
         # TODO: read loop until we have 'enough' of what to expect
         output = ser.read(64)
@@ -176,10 +182,12 @@ def validate_imei(imei):
 
 if __name__ == '__main__':
     args = ap.parse_args()
+    imsi_d = None
     if args.verbose:
         verbose = args.verbose
     if args.deterministic:
         mode = Modes.DETERMINISTIC
+        imsi_d = get_imsi()
     if args.random:
         mode = Modes.RANDOM
     if args.static is not None:
@@ -192,11 +200,11 @@ def validate_imei(imei):
         else:
             exit(-1)
     else:
-        imsi_d = get_imsi()
         imei = generate_imei(imei_prefix, imsi_d)
         if (verbose):
             print(f"Generated new IMEI: {imei}")
-        if not set_imei(imei):
-            exit(-1)
+        if not args.generate_only:
+            if not set_imei(imei):
+                exit(-1)
 
     exit(0)