Hello Enrico,
On 11/22/21 11:55, Enrico Mioso wrote:
When flashing a broken kernel, or an image where failsafe mode is no more
accessible, recoverying these devices can become needlessly painful.
Allow for easier recovery by unconditionally trying to get an initramfs image
over TFTP once before booting, thereby giving the user a chance to sysupgrade
to a working image.
As I've already explained, I don't like increasing the time necessary for the
device to boot.
Also, introducig such a method on a 4040 does not make sense, as its NOR flash
can be rewritten
from EVA.
That being said, unconditionally requesting a bootable image over the network
is a security
risk in itself. NAND based ipq40xx boards from AVM also only allow connections
to their
bootloader on cold-boots for exactly this reason.
For example, if an attacker is able to create a kernel-panic, your patch would
enable him
to modify the router in case he is on the same network. A Pushbutton TFTP
procedure mitigates
this problem, as it depends on the attacker having physical access to the
device.
Recovery is - for all boards - possible using the AVM recovery tool or manually
patching the
U-Boot and sideloading via EVA. So a network request for a boot image raises
more problems than
it tries to solve.
Best
David
Signed-off-by: Enrico Mioso <[email protected]>
CC: Christian Lamparter <[email protected]>
CC: David Bauer <[email protected]>
---
Reasons for this patch:
1 - There are situations where it can be nice to recover a device without the
AVM Recovery tool. In some cases the tool won't even be an option (as far as I
know, it exists only for Windows, or am I wrong?).
2 - Since the effort of creating a second-stage bootloader for these devices
has been carried out (thanks a lot for this!), I think it makes sense to allow
for things to be more friendly to developers and users.
Side effects:
When nandboot fails, there will be TWO tftp requests with no delay between
them, then the sleep will kick in.
Possible "improvements":
Implementing a push-button method may be preferred. Still, I have no easy way
to attach an UART to the device right now.
Moreover, being able to do this "more" remotely would be a vaulable feature to
me.
Enrico
include/configs/fritz1200.h | 2 +-
include/configs/fritz3000.h | 2 +-
include/configs/fritz4040.h | 2 +-
include/configs/fritz7530.h | 2 +-
4 files changed, 4 insertions(+), 4 deletions(-)
diff --git a/include/configs/fritz1200.h b/include/configs/fritz1200.h
index 90d5186..16152a3 100644
--- a/include/configs/fritz1200.h
+++ b/include/configs/fritz1200.h
@@ -23,7 +23,7 @@
"mtdparts=" MTDPARTS_DEFAULT "\0" \
"nandboot=ubi part ubi && ubi read 0x85000000 kernel && bootm\0" \
"tftpboot=tftpboot && bootm; sleep 5; run tftpboot\0" \
- "fritzboot=run nandboot || run tftpboot;\0" \
+ "fritzboot=tftpboot && bootm; run nandboot || run tftpboot;\0"
\
#undef V_PROMPT
#define V_PROMPT "(" CONFIG_MODEL ") # "
diff --git a/include/configs/fritz3000.h b/include/configs/fritz3000.h
index e383ffb..3440550 100644
--- a/include/configs/fritz3000.h
+++ b/include/configs/fritz3000.h
@@ -23,7 +23,7 @@
"mtdparts=" MTDPARTS_DEFAULT "\0" \
"nandboot=ubi part ubi && ubi read 0x85000000 kernel && bootm\0" \
"tftpboot=tftpboot && bootm; sleep 5; run tftpboot\0" \
- "fritzboot=run nandboot || run tftpboot;\0" \
+ "fritzboot=tftpboot && bootm; run nandboot || run tftpboot;\0"
\
#undef V_PROMPT
#define V_PROMPT "(" CONFIG_MODEL ") # "
diff --git a/include/configs/fritz4040.h b/include/configs/fritz4040.h
index 060afb0..582edfd 100644
--- a/include/configs/fritz4040.h
+++ b/include/configs/fritz4040.h
@@ -23,7 +23,7 @@
"mtdparts=" MTDPARTS_DEFAULT "\0" \
"nandboot=nboot firmware && bootm\0" \
"tftpboot=tftpsrv && bootm; sleep 5; run tftpboot\0" \
- "fritzboot=run nandboot || run tftpboot;\0" \
+ "fritzboot=tftpboot && bootm; run nandboot || run tftpboot;\0"
\
#undef V_PROMPT
#define V_PROMPT "(" CONFIG_MODEL ") # "
diff --git a/include/configs/fritz7530.h b/include/configs/fritz7530.h
index b07ecfc..caecd5d 100644
--- a/include/configs/fritz7530.h
+++ b/include/configs/fritz7530.h
@@ -23,7 +23,7 @@
"mtdparts=" MTDPARTS_DEFAULT "\0" \
"nandboot=ubi part ubi && ubi read 0x85000000 kernel && bootm\0" \
"tftpboot=tftpboot && bootm; sleep 5; run tftpboot\0" \
- "fritzboot=run nandboot || run tftpboot;\0" \
+ "fritzboot=tftpboot && bootm; run nandboot || run tftpboot;\0"
\
#undef V_PROMPT
#define V_PROMPT "(" CONFIG_MODEL ") # "
_______________________________________________
openwrt-devel mailing list
[email protected]
https://lists.openwrt.org/mailman/listinfo/openwrt-devel
