<slh>
at least my ax3600 seems to boot/ sysupgrade reliably (I do take down hostapd before sysupgrades, as the time needed to kill it might exceed procd's patience and then fail sysupgrade (as in just rebooting, without upgrading))
mangix has quit [Read error: Connection reset by peer]
mangix has joined #openwrt-devel
Ansuel has quit [Ping timeout: 480 seconds]
minimal has quit [Quit: Leaving]
danitool has quit [Quit: Cubum autem in duos cubos, aut quadratoquadratum in duos quadratoquadratos]
mzvd has quit [Read error: Connection reset by peer]
mzvd has joined #openwrt-devel
mzvd has quit [Read error: Connection reset by peer]
mzvd has joined #openwrt-devel
mzvd has quit [Read error: Connection reset by peer]
<robimarko_>
Thats all fine, but I dont know of a mechanism to choose what rootfs to use other than bootconf when bootqca/bootipq is used as the bootcmd
<mrnuke>
Is bootconf flu-boot patching the DTS?
<robimarko_>
No
<robimarko_>
Its a partition
<robimarko_>
Only updaetable via SCM call
<robimarko_>
Or Netgear could have again modified U-boot
<robimarko_>
Wouldnt be strange for them
cmonroe_ has joined #openwrt-devel
<mrnuke>
robimarko_: I tried hexdumping out of curiosity. A few of those partitions have ELF signatures
<robimarko_>
Yeah, its a custom QCA ELF header
<robimarko_>
The same is used if secure boot is enforced
<enyc>
f00b4r0: yes .... saw all that chaos ;o
<f00b4r0>
?
<mrnuke>
robimarko_: What is a good way to check if bootconf is used, or if some other mechanism to select the rootfs?
minimal has quit [Quit: Leaving]
robimarko has joined #openwrt-devel
<robimarko>
mrnuke: Well, the easiest way would be to look at the upgrade script in the stock FW
<robimarko>
Cause, they gotta toggle it
<robimarko>
Then GPL sources, as SCM is used for bootconfig so it can be found
<mrnuke>
robimarko: I found "change_active_partition() {". And woohoo! They use their binary "setconfig"
<robimarko>
If its netgear, they have GPL sources that are usually complete
<mrnuke>
They use "setconfig -a 2 -s 38 -d [0 or 1]". I thought that only changes the uboot env.
<mrnuke>
I downloaded their "GPL" sources, and it was a dump of the rootfs (Yikes)
<robimarko>
LOL
<Habbie>
lol
<robimarko>
U-boot env is easy to check if it changed
<Habbie>
i've found that sometimes that's all you need to get into a device, but it's not what you asked for
<mrnuke>
I know that command changes the uboot env. I don't know if it changes anything else
<robimarko>
IF its only changing the env and bootqca is used then I suspect they modified u-boot
<mrnuke>
Yikes! The command is "bootipq". I don't see a bootqca in uboot
<robimarko>
Thats it
<robimarko>
QCA changed the name some time ago
<robimarko>
Same thing
<mrnuke>
SSDD? Same shit different day?
<robimarko>
pretty much
danitool has quit [Ping timeout: 480 seconds]
<robimarko>
They are moving away from QCA-anything
<robimarko>
To QTI
<robimarko>
They want to get rid of Atheros name completely
<mrnuke>
So I have to figure out (a) what triggers u-boot to patch the DTS correctly, and (b) if that is upstreamable. If not, we can't support dual image
danitool has joined #openwrt-devel
<mrnuke>
Of course, we could provide our own u-boot in the update image. The format does support it <evil_grin>
<robimarko>
But why do you even care about it updating the DTS?
<robimarko>
Does it actually change partition names after active rootfs is changed?
<robimarko>
Cause bootipq doesnt do that for sure, it just parses the SMEM table and patches that in
<robimarko>
And in a shitty way
<mrnuke>
Yeah. mtd14 is "rootfs" when booting of the second partition, and mtd12 is "rootfs" when booting off the first partition
<mrnuke>
fun, right?!!!!
<robimarko>
OMG, they really went that route
<mrnuke>
How do I prove it to you?
<robimarko>
No need to prove it, seen crazier stuff
<robimarko>
The thing is that even if patched partitions trick worked right now, its just a matter of time when it will crap out
<robimarko>
Cause, the partitions are being patched in incorrectly
<robimarko>
Last time I checked, they were patching them in under the NAND controller and not the NAND flash subnode
<mrnuke>
Netgear's motto: "If it ain't broken, fix it till it is"
<robimarko>
Even worse is that the partition nodes use the legacy bindings which is again just a matter of time when they will die
<robimarko>
It would be interesting to see what they modified in the bootloader
<robimarko>
It will work, however they really need to be under a partitions subnode with fixed-partitions compatible
<robimarko>
Its just a matter of time
<robimarko>
Currently, I think those will get ignored and SMEM will be used
<mrnuke>
Question is what to do for the OpenWRT port then. (a) support their shitty way to patch the dts. (b) Only support -initramfs -> -sysupgrade upgrades via vendor web interface. (c) Ship our own u-boot in the FIT .ubi
<mrnuke>
(c) might be an accident waiting to happen if the factory uboot is signed
<mrnuke>
I'll have to check that, though
<robimarko>
Option a) will most likely break in future
<mrnuke>
Okay, (a) is off the list then :(
<mrnuke>
I should be happy though. It's less work for me
<robimarko>
You can check c) really easily, there is a command in u-boot to tell you if secure boot is enabled
<mrnuke>
secure boot is not enabled
<robimarko>
Then you can freely replace u-boot
<robimarko>
Though not ideal
<mrnuke>
My concern is that, even though secure boot is not enabled, if the image is signed, any future vendor FW update could enable secure boot
<robimarko>
Well, in theory they can enable it
<robimarko>
As it just requires efuse to get blown
<robimarko>
Which is easily doable with QSDK
<robimarko>
Even mainline could do it as I have exposed the regulator for QFPROM
<mrnuke>
So do we take the risk of replacing the bootloader?
<robimarko>
You could try to add a partitions subnode with fixed-partitions compatible which is empty
<robimarko>
And hope that bootloader is smart enought to patch that one
<robimarko>
That is the least likely to get broken
<mrnuke>
I will try it later tonight. I think I tried a few things, and none worked. I'll look through my notes
<robimarko>
You should dump the live DTS with DTC and see how broken the partition nodes that are added are
<robimarko>
But yeah, they are patching the partitions directly under the device
<mrnuke>
I haven't yet figured out how to get it to patch the OpenWRT devicetree
<robimarko>
It will only patch when bootipq is used
<robimarko>
If you run initramfs with bootm it wont mess with the DTB except for the usual ethernet MAC-s
<robimarko>
So, its gotta be flashed
<mrnuke>
Ooh, it doesn't do the ethernet MAC's. I had to write a script to do that :D
<mrnuke>
Gotta be flashed... I am going to brick this device before I can port it :P
<robimarko>
Hmm, if you set the DP aliases correctly it should set them
<mrnuke>
Look at the DTS I posted from the vendor FW, and let me know if you think it looks patched :p. What would the correct alias look like? I think I tried it
<mrnuke>
("let me know it it looks patched" was sarcasm. all the macs are 0)
<robimarko>
Ughh, like how did they mess MAC setting up
<robimarko>
Even Xiaomi couldnt break that as its a generic feature
<mrnuke>
"If it ain't broken, fix it till it is"
<robimarko>
They just look at ART part at 0x0, 0x6 etc
<mrnuke>
uboot complains that the MAC in ART in invalid
<robimarko>
Oh no
<mrnuke>
Oh yes!
<robimarko>
Did they pull the MAC in ASCII card again
<mrnuke>
in the u-boot env
<robimarko>
Please dont tell me that MAC-s are only stored in the env and dont have a actual factory written copy in flash?
<robimarko>
Like, why?
<mrnuke>
I won't tell you that then
<mrnuke>
I also won't tell you how I wiped my MACs by only resetting the uboot env
<robimarko>
Ok, so they have outdone themselves
<mrnuke>
They're keeping us proud!
robimarko has quit [Quit: Leaving]
Tapper has quit [Quit: Tapper]
Tapper has joined #openwrt-devel
robimarko_ has quit [Quit: Leaving]
goliath has joined #openwrt-devel
Tapper has quit [Quit: Tapper]
<will[m]1>
i also won't tell you how FriendlyElec generates their MACs dynamically... using a different algorithm from what OpenWRT uses
<mrnuke>
will[m]1: You can tell me. Just don't tell robimarko