Compare commits
No commits in common. "c70d556f44a095dc4f3849610129e680c0c49207" and "a1a1abb8c744966731553c7d2078def3b2e26902" have entirely different histories.
c70d556f44
...
a1a1abb8c7
16
README.md
16
README.md
|
@ -116,22 +116,6 @@ Assuming you have nixpkgs checked out in a peer directory of this one,
|
||||||
|
|
||||||
Some of the tests require the emulated upstream connection to be running.
|
Some of the tests require the emulated upstream connection to be running.
|
||||||
|
|
||||||
## Hardware
|
|
||||||
|
|
||||||
How you get the thing onto hardware will vary according to the device,
|
|
||||||
but is likely to involve U-Boot and TFTP.
|
|
||||||
|
|
||||||
There is a rudimentary TFTP server bundled with the system which runs
|
|
||||||
from the command line, has an allowlist for client connections, and
|
|
||||||
follows symlinks, so you can have your device download images direct
|
|
||||||
from the `./result` directory without exposing `/nix/store/` to the
|
|
||||||
internet or mucking about copying files to `/tftproot`. If the
|
|
||||||
permitted device is to be given the IP address 192.168.8.251 you might
|
|
||||||
do something like this:
|
|
||||||
|
|
||||||
$ NIX_PATH=nixpkgs=../nixpkgs:$NIX_PATH NIXPKGS_ALLOW_UNSUPPORTED_SYSTEM=1 nix-build -I liminix-config=./tests/smoke/configuration.nix --arg device "import ./devices/gl-ar750.nix" -A outputs.tftpd -o tftpd
|
|
||||||
$ ./tftpd/bin/tufted -a 192.168.8.251 result
|
|
||||||
|
|
||||||
|
|
||||||
## Troubleshooting
|
## Troubleshooting
|
||||||
|
|
||||||
|
|
21
default.nix
21
default.nix
|
@ -16,21 +16,10 @@ let
|
||||||
kernel = callPackage ./kernel {
|
kernel = callPackage ./kernel {
|
||||||
inherit (config.kernel) config checkedConfig;
|
inherit (config.kernel) config checkedConfig;
|
||||||
};
|
};
|
||||||
outputs = rec {
|
in {
|
||||||
|
outputs = {
|
||||||
inherit squashfs kernel;
|
inherit squashfs kernel;
|
||||||
uimage = kernel.uimage {
|
default = nixpkgs.pkgs.runCommand "both-kinds" {} ''
|
||||||
inherit (device.boot) loadAddress entryPoint;
|
|
||||||
inherit (kernel) vmlinux;
|
|
||||||
};
|
|
||||||
|
|
||||||
combined-image = nixpkgs.pkgs.runCommand "firmware.bin" {
|
|
||||||
nativeBuildInputs = [ nixpkgs.buildPackages.ubootTools ];
|
|
||||||
} ''
|
|
||||||
mkdir $out
|
|
||||||
dd if=${uimage} of=$out/firmware.bin bs=128k conv=sync
|
|
||||||
dd if=${squashfs} of=$out/firmware.bin bs=128k conv=sync,nocreat,notrunc oflag=append
|
|
||||||
'';
|
|
||||||
directory = nixpkgs.pkgs.runCommand "both-kinds" {} ''
|
|
||||||
mkdir $out
|
mkdir $out
|
||||||
cd $out
|
cd $out
|
||||||
ln -s ${squashfs} squashfs
|
ln -s ${squashfs} squashfs
|
||||||
|
@ -39,11 +28,7 @@ let
|
||||||
# this exists so that you can run "nix-store -q --tree" on it and find
|
# this exists so that you can run "nix-store -q --tree" on it and find
|
||||||
# out what's in the image, which is nice if it's unexpectedly huge
|
# out what's in the image, which is nice if it's unexpectedly huge
|
||||||
manifest = writeText "manifest.json" (builtins.toJSON config.filesystem.contents);
|
manifest = writeText "manifest.json" (builtins.toJSON config.filesystem.contents);
|
||||||
tftpd = nixpkgs.pkgs.buildPackages.tufted;
|
|
||||||
};
|
};
|
||||||
in {
|
|
||||||
outputs = outputs // { default = outputs.${device.outputs.default}; };
|
|
||||||
|
|
||||||
# this is just here as a convenience, so that we can get a
|
# this is just here as a convenience, so that we can get a
|
||||||
# cross-compiling nix-shell for any package we're customizing
|
# cross-compiling nix-shell for any package we're customizing
|
||||||
inherit (nixpkgs) pkgs;
|
inherit (nixpkgs) pkgs;
|
||||||
|
|
|
@ -1,21 +1,3 @@
|
||||||
# GL.INet GL-AR750 "Creta" travel router
|
|
||||||
# - QCA9531 @650Mhz SoC
|
|
||||||
# - dual band wireless: IEEE 802.11a/b/g/n/ac
|
|
||||||
# - two 10/100Mbps LAN ports and one WAN
|
|
||||||
# - 128MB DDR2 RAM / 16MB NOR Flash
|
|
||||||
# - "ath79" soc family
|
|
||||||
# https://www.gl-inet.com/products/gl-ar750/
|
|
||||||
|
|
||||||
# I like GL.iNet devices because they're relatively accessible to
|
|
||||||
# DIY users: the serial port connections have headers preinstalled
|
|
||||||
# and don't need soldering
|
|
||||||
|
|
||||||
# The default output is a combined image containing a kernel
|
|
||||||
# packaged as a "uimage" and initrd filesystem. This can be
|
|
||||||
# downloaded to the device using TFTP and then written into
|
|
||||||
# flash, or if PHRAM suport is enabled (handy for development)
|
|
||||||
# unpacked and run directly into RAM
|
|
||||||
|
|
||||||
{
|
{
|
||||||
system = {
|
system = {
|
||||||
crossSystem = {
|
crossSystem = {
|
||||||
|
@ -26,55 +8,4 @@
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
kernel = {
|
|
||||||
checkedConfig = {
|
|
||||||
"MIPS_RAW_APPENDED_DTB" = "y";
|
|
||||||
};
|
|
||||||
config = {
|
|
||||||
# this is all copied from nixwrt ath79 config. Clearly not all
|
|
||||||
# of it is device config, some of it is wifi config or
|
|
||||||
# installation method config or ...
|
|
||||||
"BLK_DEV_INITRD" = "n";
|
|
||||||
"CMDLINE_PARTITION" = "y";
|
|
||||||
"DEBUG_INFO" = "y";
|
|
||||||
"DEVTMPFS" = "y";
|
|
||||||
"EARLY_PRINTK" = "y";
|
|
||||||
"FW_LOADER" = "y";
|
|
||||||
# we don't have a user helper, so we get multiple 60s pauses
|
|
||||||
# at boot time unless we disable trying to call it
|
|
||||||
"FW_LOADER_USER_HELPER" = "n";
|
|
||||||
"IMAGE_CMDLINE_HACK" = "n";
|
|
||||||
"IP_PNP" = "y";
|
|
||||||
"JFFS2_FS" = "n";
|
|
||||||
"MIPS_RAW_APPENDED_DTB" = "y";
|
|
||||||
"MODULE_SIG" = "y";
|
|
||||||
"MTD_CMDLINE_PARTS" = "y";
|
|
||||||
"MTD_SPLIT_FIRMWARE" = "y";
|
|
||||||
"PARTITION_ADVANCED" = "y";
|
|
||||||
"PRINTK_TIME" = "y";
|
|
||||||
"SQUASHFS" = "y";
|
|
||||||
"SQUASHFS_XZ" = "y";
|
|
||||||
"ASN1" = "y";
|
|
||||||
"ASYMMETRIC_KEY_TYPE" = "y";
|
|
||||||
"ASYMMETRIC_PUBLIC_KEY_SUBTYPE" = "y";
|
|
||||||
"CRC_CCITT" = "y";
|
|
||||||
"CRYPTO" = "y";
|
|
||||||
"CRYPTO_ARC4" = "y";
|
|
||||||
"CRYPTO_CBC" = "y";
|
|
||||||
"CRYPTO_CCM" = "y";
|
|
||||||
"CRYPTO_CMAC" = "y";
|
|
||||||
"CRYPTO_GCM" = "y";
|
|
||||||
"CRYPTO_HASH_INFO" = "y";
|
|
||||||
"CRYPTO_LIB_ARC4" = "y";
|
|
||||||
"CRYPTO_RSA" = "y";
|
|
||||||
"CRYPTO_SHA1" = "y";
|
|
||||||
"ENCRYPTED_KEYS" = "y";
|
|
||||||
"KEYS" = "y";
|
|
||||||
};
|
|
||||||
};
|
|
||||||
outputs.default = "combined-image";
|
|
||||||
boot = {
|
|
||||||
loadAddress = "0x80060000";
|
|
||||||
entryPoint = "0x80060000";
|
|
||||||
};
|
|
||||||
}
|
}
|
||||||
|
|
|
@ -1,7 +1,3 @@
|
||||||
# This "device" generates images that can be used with the QEMU
|
|
||||||
# emulator. The default output is a directory containing separate
|
|
||||||
# kernel (uncompressed vmlinux) and initrd (squashfs) images
|
|
||||||
|
|
||||||
{
|
{
|
||||||
system = {
|
system = {
|
||||||
crossSystem = {
|
crossSystem = {
|
||||||
|
@ -450,5 +446,4 @@
|
||||||
VIRTIO_NET = "y";
|
VIRTIO_NET = "y";
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
outputs.default = "directory";
|
|
||||||
}
|
}
|
||||||
|
|
|
@ -34,9 +34,9 @@ let
|
||||||
cp -a . $out
|
cp -a . $out
|
||||||
'';
|
'';
|
||||||
};
|
};
|
||||||
in rec {
|
in
|
||||||
|
{
|
||||||
vmlinux = callPackage ./vmlinux.nix {
|
vmlinux = callPackage ./vmlinux.nix {
|
||||||
inherit tree config checkedConfig;
|
inherit tree config checkedConfig;
|
||||||
};
|
};
|
||||||
uimage = callPackage ./uimage.nix { };
|
|
||||||
}
|
}
|
||||||
|
|
|
@ -1,42 +0,0 @@
|
||||||
{
|
|
||||||
lzma
|
|
||||||
, stdenv
|
|
||||||
, ubootTools
|
|
||||||
} :
|
|
||||||
let
|
|
||||||
objcopy = "${stdenv.cc.bintools.targetPrefix}objcopy";
|
|
||||||
in {
|
|
||||||
vmlinux
|
|
||||||
# , commandLine
|
|
||||||
# , fdt ? null
|
|
||||||
, entryPoint
|
|
||||||
# , extraName ? "" # e.g. socFamily
|
|
||||||
, loadAddress
|
|
||||||
} :
|
|
||||||
# patchDtbCommand = if (fdt != null) then ''
|
|
||||||
# ( cat vmlinux.stripped ${fdt} > vmlinux.tmp ) && mv vmlinux.tmp vmlinux.stripped
|
|
||||||
# '' else ''
|
|
||||||
# echo patch-cmdline vmlinux.stripped '${commandLine}'
|
|
||||||
# patch-cmdline vmlinux.stripped '${commandLine}'
|
|
||||||
# echo
|
|
||||||
# '';
|
|
||||||
stdenv.mkDerivation {
|
|
||||||
name = "kernel.image";
|
|
||||||
phases = [ "buildPhase" "installPhase" ];
|
|
||||||
nativeBuildInputs = [
|
|
||||||
# patchImage
|
|
||||||
lzma
|
|
||||||
stdenv.cc
|
|
||||||
ubootTools
|
|
||||||
];
|
|
||||||
buildPhase = ''
|
|
||||||
${objcopy} -O binary -R .reginfo -R .notes -R .note -R .comment -R .mdebug -R .note.gnu.build-id -S ${vmlinux} vmlinux.stripped
|
|
||||||
# {patchDtbCommand}
|
|
||||||
rm -f vmlinux.stripped.lzma
|
|
||||||
lzma -k -z vmlinux.stripped
|
|
||||||
mkimage -A mips -O linux -T kernel -C lzma -a ${loadAddress} -e ${entryPoint} -n 'MIPS Liminix Linux ' -d vmlinux.stripped.lzma kernel.image
|
|
||||||
'';
|
|
||||||
installPhase = ''
|
|
||||||
cp kernel.image $out
|
|
||||||
'';
|
|
||||||
}
|
|
|
@ -31,7 +31,6 @@ in {
|
||||||
};
|
};
|
||||||
checkedConfig = mkOption {
|
checkedConfig = mkOption {
|
||||||
type = types.attrsOf types.nonEmptyStr;
|
type = types.attrsOf types.nonEmptyStr;
|
||||||
default = {};
|
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
groups = mkOption {
|
groups = mkOption {
|
||||||
|
|
|
@ -16,8 +16,6 @@ final: prev: {
|
||||||
dbusSupport = false;
|
dbusSupport = false;
|
||||||
};
|
};
|
||||||
|
|
||||||
tufted = final.callPackage ./pkgs/tufted {};
|
|
||||||
|
|
||||||
pppoe = final.callPackage ./pkgs/pppoe {};
|
pppoe = final.callPackage ./pkgs/pppoe {};
|
||||||
ppp =
|
ppp =
|
||||||
(prev.ppp.override {
|
(prev.ppp.override {
|
||||||
|
|
|
@ -1,44 +0,0 @@
|
||||||
{
|
|
||||||
lua5_3
|
|
||||||
, stdenv
|
|
||||||
, fennel
|
|
||||||
, fetchFromGitHub
|
|
||||||
, makeWrapper
|
|
||||||
} :
|
|
||||||
let
|
|
||||||
tufty-lua = lua.pkgs.buildLuaPackage {
|
|
||||||
pname = "tufty";
|
|
||||||
version = "1";
|
|
||||||
src = fetchFromGitHub {
|
|
||||||
owner = "telent";
|
|
||||||
repo = "tufty";
|
|
||||||
sha256 = "sha256-m5UEfcCNdG0Ku380cPhu1inNQmSfQJ5NcRIxLohUOh8=";
|
|
||||||
rev = "75c6d38713a82f4197f91dcb182a2e34f255bf7c";
|
|
||||||
};
|
|
||||||
buildPhase = ":";
|
|
||||||
installPhase = ''
|
|
||||||
mkdir -p "$out/share/lua/${lua5_3.luaversion}"
|
|
||||||
cp src/*.lua "$out/share/lua/${lua5_3.luaversion}/"
|
|
||||||
'';
|
|
||||||
};
|
|
||||||
lua = lua5_3.withPackages (ps: with ps; [
|
|
||||||
tufty-lua luasocket luaposix
|
|
||||||
]);
|
|
||||||
fennel_ = (fennel.override { inherit lua; });
|
|
||||||
in stdenv.mkDerivation {
|
|
||||||
pname = "tufted";
|
|
||||||
version = "1";
|
|
||||||
phases = [ "unpackPhase" "installPhase" ];
|
|
||||||
buildInputs = [ lua fennel_ ];
|
|
||||||
nativeBuildInputs = [ makeWrapper ];
|
|
||||||
src = ./.;
|
|
||||||
installPhase = ''
|
|
||||||
mkdir -p $out/lib
|
|
||||||
cp tufted.fnl $out/lib
|
|
||||||
makeWrapper ${fennel_}/bin/fennel \
|
|
||||||
$out/bin/tufted \
|
|
||||||
--add-flags "--add-fennel-path $out/lib/?.fnl" \
|
|
||||||
--add-flags "--add-package-path $out/lib/?.lua" \
|
|
||||||
--add-flags "$out/lib/tufted.fnl"
|
|
||||||
'';
|
|
||||||
}
|
|
|
@ -1,51 +0,0 @@
|
||||||
(local tftp (require :tftp))
|
|
||||||
(local { : realpath} (require :posix.stdlib))
|
|
||||||
(local { : view } (require :fennel))
|
|
||||||
|
|
||||||
(local options
|
|
||||||
(match arg
|
|
||||||
["-a" ip-address dir]
|
|
||||||
{ :allow ip-address :base-directory (realpath dir)}
|
|
||||||
|
|
||||||
[dir]
|
|
||||||
{ :allow nil :base-directory (realpath dir)}
|
|
||||||
|
|
||||||
[]
|
|
||||||
(error "missing command line parameters")
|
|
||||||
))
|
|
||||||
|
|
||||||
(print (.. "TFTP serving from " options.base-directory))
|
|
||||||
|
|
||||||
(fn merge-pathname [directory filename]
|
|
||||||
(if (directory:match "/$")
|
|
||||||
(.. directory filename)
|
|
||||||
(.. directory "/" filename)))
|
|
||||||
|
|
||||||
(->
|
|
||||||
(tftp:listen
|
|
||||||
(fn [file host port]
|
|
||||||
(if (or (not options.allow) (= host options.allow))
|
|
||||||
(let [pathname (merge-pathname options.base-directory file)
|
|
||||||
f (io.open pathname "rb")
|
|
||||||
size (f:seek "end")]
|
|
||||||
(f:seek "set" 0)
|
|
||||||
(var eof? false)
|
|
||||||
(values
|
|
||||||
(fn handler [reqlen]
|
|
||||||
(let [bytes (f:read reqlen)]
|
|
||||||
(if eof?
|
|
||||||
false
|
|
||||||
bytes
|
|
||||||
(values true bytes)
|
|
||||||
(do
|
|
||||||
;; if the file length is divisible by the block
|
|
||||||
;; length, need to send an empty block at eof
|
|
||||||
(set eof? true)
|
|
||||||
(values true "")))))
|
|
||||||
size))
|
|
||||||
(error "host not allowed")))
|
|
||||||
nil
|
|
||||||
["*"]
|
|
||||||
69)
|
|
||||||
|
|
||||||
(os.exit))
|
|
Loading…
Reference in New Issue