diff --git a/modules/initramfs.nix b/modules/initramfs.nix index a0359f8..a459fcf 100644 --- a/modules/initramfs.nix +++ b/modules/initramfs.nix @@ -16,85 +16,25 @@ in }; }; config = mkIf config.boot.initramfs.enable { - kernel.config.BLK_DEV_INITRD = "y"; - kernel.config.INITRAMFS_SOURCE = builtins.toJSON "${config.outputs.initramfs}"; + kernel.config = { + BLK_DEV_INITRD = "y"; + INITRAMFS_SOURCE = builtins.toJSON "${config.outputs.initramfs}"; +# INITRAMFS_COMPRESSION_LZO = "y"; + }; outputs = { initramfs = - let - bb1 = pkgs.busybox.override { - enableStatic = true; - enableMinimal = true; - enableAppletSymlinks = false; - - extraConfig = '' - CONFIG_DESKTOP n - CONFIG_ASH n - CONFIG_HUSH y - CONFIG_HUSH_TICK y - CONFIG_HUSH_LOOPS y - CONFIG_HUSH_CASE y - CONFIG_HUSH_ECHO y - CONFIG_HUSH_SET y - CONFIG_LN y - CONFIG_CAT y - CONFIG_MOUNT y - CONFIG_PRINTF y - CONFIG_FEATURE_MOUNT_FLAGS y - CONFIG_FEATURE_MOUNT_VERBOSE y - CONFIG_ECHO y - CONFIG_CHROOT y - CONFIG_CHMOD y - CONFIG_MKDIR y - CONFIG_MKNOD y - CONFIG_BASH_IS_NONE y - CONFIG_SH_IS_NONE y - CONFIG_SH_IS_ASH n - CONFIG_FEATURE_SH_STANDALONE y - CONFIG_FEATURE_PREFER_APPLETS y - CONFIG_BUSYBOX_EXEC_PATH "/bin/busybox" - ''; - }; - bb = bb1.overrideAttrs(o: { - makeFlags = []; - }); - slashinit = pkgs.writeScript "init" '' - #!/bin/hush - exec >/dev/console - echo Running in initramfs - mount -t proc none /proc - set -- `cat /proc/cmdline` - for i in "$@" ; do - case "''${i}" in - root=*) - rootdevice="''${i#root=}" - ;; - esac - done - echo mount -t jffs2 ''${rootdevice} /target/persist - mount -t jffs2 ''${rootdevice} /target/persist - mount -o bind /target/persist/nix /target/nix - hush /target/persist/activate /target - cd /target - mount -o bind /target / - exec chroot . /bin/init "$@" - ''; - refs = pkgs.writeReferencesToFile bb; - gen_init_cpio = pkgs.pkgsBuildBuild.gen_init_cpio; + let inherit (pkgs.pkgsBuildBuild) gen_init_cpio; in runCommand "initramfs.cpio" {} '' cat << SPECIALS | ${gen_init_cpio}/bin/gen_init_cpio /dev/stdin > $out dir /proc 0755 0 0 dir /dev 0755 0 0 + nod /dev/console 0600 0 0 c 5 1 nod /dev/mtdblock0 0600 0 0 b 31 0 dir /target 0755 0 0 dir /target/persist 0755 0 0 dir /target/nix 0755 0 0 - nod /dev/console 0600 0 0 c 5 1 - dir /bin 0755 0 0 - file /bin/busybox ${bb}/bin/busybox 0755 0 0 - slink /bin/hush /bin/busybox 0755 0 0 - slink /bin/chroot /bin/busybox 0755 0 0 - file /init ${slashinit} 0755 0 0 + file /init ${pkgs.preinit}/bin/preinit 0755 0 0 SPECIALS ''; }; diff --git a/pkgs/default.nix b/pkgs/default.nix index a284f53..0389663 100644 --- a/pkgs/default.nix +++ b/pkgs/default.nix @@ -40,6 +40,7 @@ # https://sourceforge.net/p/squashfs/mailman/message/26599379/ lzma = callPackage ./lzma {}; + preinit = callPackage ./preinit {}; swconfig = callPackage ./swconfig {}; openwrt = callPackage ./openwrt {}; diff --git a/pkgs/preinit/default.nix b/pkgs/preinit/default.nix new file mode 100644 index 0000000..4b5ef5c --- /dev/null +++ b/pkgs/preinit/default.nix @@ -0,0 +1,30 @@ +{ + stdenv +, fetchzip +, gdb + }: +let kernel = fetchzip { + name = "linux"; + url = "https://cdn.kernel.org/pub/linux/kernel/v5.x/linux-5.15.71.tar.gz"; + hash = "sha256-pq6QNa0PJVeheaZkuvAPD0rLuEeKrViKk65dz+y4kqo="; + }; +in +stdenv.mkDerivation { + name = "preinit"; + src = ./.; + + # NIX_DEBUG=2; + hardeningDisable = [ "all" ]; + CFLAGS = "-Os -nostartfiles -nostdlib -fno-stack-protector -fpic -fPIC -I ./ -I ${kernel}/tools/include/nolibc"; + + postBuild = '' + $STRIP --remove-section=.note --remove-section=.comment preinit + ''; + + makeFlags = ["preinit"]; + stripAllList = ["bin"]; + installPhase = '' + mkdir -p $out/bin + cp preinit $out/bin + ''; +} diff --git a/pkgs/preinit/preinit.c b/pkgs/preinit/preinit.c new file mode 100644 index 0000000..16f24b5 --- /dev/null +++ b/pkgs/preinit/preinit.c @@ -0,0 +1,87 @@ +#ifdef USE_LIBC +#include +#include +#include +#include +#include +#else +#include +#endif +#include + +#define ERR(x) write(2, x, strlen(x)) +#define AVER(c) do { if(c < 0) ERR("failed: " #c); } while(0) + +static int begins_with(char * str, char * prefix) +{ + while(*prefix) { + if(*str == '\0') return 0; + if(*str != *prefix) return 0; + str++; + prefix++; + } + return 1; +} + +static void fork_exec(char * command, char *args[]) +{ + int fork_pid = fork(); + AVER(fork_pid); + if(fork_pid > 0) + wait(NULL); + else + AVER(execve(command, args, NULL)); +} + +char banner[] = "Running pre-init...\n"; +char buf[COMMAND_LINE_SIZE]; + +int main(int argc, char *argv[], char *envp[]) +{ + asm("la $gp, _gp\nsw $gp,16($sp)"); + char *rootdevice = 0; + char *p = buf; + write(1, banner, strlen(banner)); + + mount("none", "/proc", "proc", 0, NULL); + + int cmdline = open("/proc/cmdline", O_RDONLY, 0); + + if(cmdline>=0) { + int len = read(cmdline, buf, sizeof buf - 1); + buf[len]='\0'; + write(1, "cmdline ", 8); + write(1, buf, len); + }; + + while(*p) { + if(begins_with(p, "root=")) { + rootdevice = p + 5; + while(*p && (*p != ' ')) p++; + *p= '\0'; + } + while(*p && (*p != ' ')) p++; + p++; + } + + if(rootdevice) { + write(1, "rootdevice ", 11); + write(1, rootdevice, strlen(rootdevice)); + write(1, "\n", 1); + + AVER(mount(rootdevice, "/target/persist", "jffs2", 0, NULL)); + AVER(mount("/target/persist/nix", "/target/nix", + "bind", MS_BIND, NULL)); + + char *exec_args[] = { "activate", "/target" }; + fork_exec("/target/persist/activate", exec_args); + AVER(chdir("/target")); + + AVER(mount("/target", "/", "bind", MS_BIND | MS_REC, NULL)); + AVER(chroot(".")); + argv[0] = "init"; + argv[1] = NULL; + + AVER(execve("/persist/init", argv, envp)); + } +}