NEWS

@@ -23,13 +23,5 @@ the name of an outputs that gloms together other filesystem-like
 outputs with some kind of partition table - so we might in future have
 gptimage or lvmimage or ubimage.
 
-2024-01-03
-
-Liminix is now targeted to Nixpkgs 23.11 (not 23.05 as previously).
-Upstream changes that have led to incompatible Liminix changes are:
-
-* newer U-Boot version
-* util-linux can now be built (previously depended on systemd)
-
 
 

THOUGHTS.txt

@@ -3707,10 +3707,9 @@ Here is scope of work for Turris:
 recovery/install.
 
 - disk partitioning tools and mkfs stuff
-- kernel with all the filesystems
 - dhcp client for connecting to wired network
 
-(II) we need instructions for building the real system
+(II) we need insttuctions for building the real system
 and using min-copy-closure to copy and install the system
 configuration of the real one into /mnt
 
@@ -3743,147 +3742,14 @@ To be any use, the test needs to be end-to-end - as in, rather than
 just checking some files are copied, test that the machine rebooted
 successfully
 
-Fri Dec 29 18:36:16 GMT 2023
-
-Our test for liminix-rebuild uses qemu block device and ext4 instead
-of phram because -device loader doesn't seem to survive a reboot.
-And it needs some free space in the ext4 partition inside the
-mbr image so that it can install new stuff. However, the
-filesystem is sized to be near-full.
-
-If the mbrimage output is to be much use, probably there should be
-some way of telling it how big the disk is. Maybe it should use
-hardware.flash.size?
-
-UBI also does a bad job of integrating into the hardware.flash hierarchy
-(but ubi is also more complicated as the ubi volumes are "nested" inside
-an MTD partition)
-
-To move forwards with this test I think I will make it not depend on
-mbrimage for now, but we have to come back to this. Maybe importing
-the mbrimage module provides new hardware.disk = { partitions, size etc}
-config options.
-
-Sun Dec 31 23:52:04 GMT 2023
-
-https://developer.ridgerun.com/wiki/index.php/Setting_up_fw_printenv_to_modify_u-boot_environment_variables#Preparing_the_fw_env.config_file
-
-can we extract the fw_env config data somehow to produce an appropriate
-file for the device?
-
-the device config needs to specify partition name and offset at minimum,
-possibly also size.
-
-we can create a service that writes the config based on those values. but
-if we are to be using fw_setenv from the shell, there is no service
-which depends on that service. whatever defines the service also needs
-to add it to system.services so that the recovery system can specify it
-
-Sat Jan  6 12:30:27 GMT 2024
-
-How do we min-copy-closure to the device when we don't have anything
-hooked to the LAN port? It's rather easy to break the WAN  connection
-when it involves going out to the internet and back
-
-* Don't want to plug it into the actual lan because it's doing dhcp service
- and that is going to confuse
-
-* the machine we're copying from is loaclhost
-
-* we could do some kind of port forwarding thing? maybe a port forward on
-  run-border-vm qemu user networking ...
-
-* static route on loaclhost?
-
-  512  sudo ip netns add test-lan
-  514  sudo ip link set dev enp1s0 netns test-lan
-
-  525  sudo ip link add veth-test-lan type veth peer veth1 netns test-lan
-  533  sudo  ip netns exec test-lan ip link add name br0 type bridge
-  536  sudo  ip netns exec test-lan ip link set veth1 master br0
-  537  sudo  ip netns exec test-lan ip link set enp1s0 master br0
-       sudo  ip netns exec test-lan /nix/store/dh66q9k402pwpmmgc983xwmwb3vvvjbr-busybox-1.36.1/bin/busybox udhcpc -i br0
-
-then we could add a route to 10.8.0.1/32 with dev veth-test-lan ?
-
-Sat Jan  6 20:52:45 GMT 2024
-
-This is all beside the point right now because the _recovery_ system
-does not run all this stuff - it just has a dhcp client on the lan
-interface. We could plug it straight into the switch.
 
 
-As we already just plugged it into enp1s0 on loaclhost, could we
-do somethin to put it on the lan from there? add it to vbridge0?
-
-Sun Jan  7 15:30:57 GMT 2024
-
-Turns out we should have used a working ethernet cable.
-
-Sun Jan  7 15:31:14 GMT 2024
-
-OK, so
-
-# on device
-mount /dev/mmcblk0p1 /mnt
- [ take a snapshot if needed ]
- [ clear out the turrisos files ]
-ls /mnt/@
-
-# on build
-
-$ nix-build -I liminix-config=./examples/rotuer.nix --arg device "import ./devices/turris-omnia" -A outputs.systemConfiguration
-$ nix-shell --run "min-copy-closure -r /mnt/@  root@recovery.lan   result "
-
-# on device
-
-$ mkdir /mnt/@/persist
-$ /mnt/@/nix/store/swf3vn9bzx198c0cwp6naq0glqa9192n-make-stuff-armv7l-unknown-linux-musleabihf/bin/install /mnt/@/
-
-this fails because it tries to copy from the unprefixed nix
-store. Also probably it should mkdir $prefix/persist. Also it needs to
-create $prefix/boot: it's too late to do that with `activate`
-because u-boot will need it to exist in order to load the initramfs
-that runs activate
-
-Thu Jan 11 23:36:47 GMT 2024
-
-squashfs rootfsType doesn't rebuild when the kernel config is changed
-
-Mon Jan 22 19:04:45 GMT 2024
-
-setenv serverip 10.0.0.1
-setenv ipaddr 10.0.0.8
-compraddr=0x01000000
-tftpboot ${compraddr} recovery.img.lzma
-setexpr writeaddr ${filesize} + $compraddr
-lzmadec ${compraddr} $writeaddr
-usb start
-usb dev 0
-wdt dev watchdog@20300
-wdt stop
-usb write ${writeaddr} 0 ${filesize}
+COPYING /nix/store/dlz86nip271ybaz0cip7bgkbzijk0cr7-make-stuff-mips-unknown-linux-musl TO //persist
 
 
-Thu Jan 25 11:55:36 GMT 2024
+/nix/store/gr255qjxijksf9361glsj5lz0cklassx-profile
 
-openwrt:
-CONFIG_BROADCOM_PHY=m
-CONFIG_FIXED_PHY=y
-CONFIG_GENERIC_PHY=y
-CONFIG_IP17XX_PHY=m    ?
-CONFIG_MARVELL_PHY=y
-CONFIG_MVSW61XX_PHY=y  ?
-CONFIG_RTL8366RB_PHY=m ?
-CONFIG_RTL8366S_PHY=m ?
-CONFIG_RTL8367B_PHY=m ?
-CONFIG_SWPHY=y
-CONFIG_USB_PHY=y
-
-CONFIG_FIXED_PHY=y
-CONFIG_GENERIC_PHY=y
-CONFIG_MARVELL_PHY=y
-CONFIG_PHY_MVEBU_A3700_COMPHY=y
-CONFIG_PHY_MVEBU_A38X_COMPHY=y
-CONFIG_SWPHY=y
-#
+md5sum /persist/activate
+8eb0760c39cdee0b141b15bbafbc94a0  /persist/activate BAD
+6c27b75cbe9f2ce87c1fd1425362108f  /persist/activate GOOD
+8eb0760c39cdee0b141b15bbafbc94a0  /persist/activate

default.nix

@@ -67,7 +67,6 @@ in {
       go-l2tp
       min-copy-closure
       fennelrepl
-      lzma
     ];
   };
 }

devices/belkin-rt3200/default.nix

@@ -57,8 +57,8 @@
     kernel = {
       src = pkgs.pkgsBuildBuild.fetchurl {
         name = "linux.tar.gz";
-        url = "https://cdn.kernel.org/pub/linux/kernel/v5.x/linux-5.15.137.tar.gz";
-        hash = "sha256-PkdzUKZ0IpBiWe/RS70J76JKnBFzRblWcKlaIFNxnHQ=";
+        url = "https://cdn.kernel.org/pub/linux/kernel/v5.x/linux-5.15.71.tar.gz";
+        hash = "sha256-yhO2cXIeIgUxkSZf/4aAsF11uxyh+UUZu6D1h92vCD8=";
       };
       extraPatchPhase = ''
           ${pkgs.openwrt.applyPatches.mediatek}
@@ -144,10 +144,6 @@
         # SERIAL_8250_NR_UARTS="3";
         # SERIAL_8250_RUNTIME_UARTS="3";
         SERIAL_OF_PLATFORM="y";
-
-        # Must enble hardware watchdog drivers. Else the device reboots after several seconds
-        WATCHDOG = "y";
-        MEDIATEK_WATCHDOG = "y";
       };
     };
     boot = {

devices/families/qemu.nix

@@ -7,8 +7,8 @@
     kernel = {
       src = pkgs.pkgsBuildBuild.fetchurl {
         name = "linux.tar.gz";
-        url = "https://cdn.kernel.org/pub/linux/kernel/v5.x/linux-5.15.137.tar.gz";
-        hash = "sha256-PkdzUKZ0IpBiWe/RS70J76JKnBFzRblWcKlaIFNxnHQ=";
+        url = "https://cdn.kernel.org/pub/linux/kernel/v5.x/linux-5.15.71.tar.gz";
+        hash = "sha256-yhO2cXIeIgUxkSZf/4aAsF11uxyh+UUZu6D1h92vCD8=";
       };
       config = {
         MTD = "y";

devices/gl-ar750/default.nix

@@ -152,8 +152,8 @@
       kernel = {
         src = pkgs.pkgsBuildBuild.fetchurl {
           name = "linux.tar.gz";
-          url = "https://cdn.kernel.org/pub/linux/kernel/v5.x/linux-5.15.137.tar.gz";
-          hash = "sha256-PkdzUKZ0IpBiWe/RS70J76JKnBFzRblWcKlaIFNxnHQ=";
+          url = "https://cdn.kernel.org/pub/linux/kernel/v5.x/linux-5.15.71.tar.gz";
+          hash = "sha256-yhO2cXIeIgUxkSZf/4aAsF11uxyh+UUZu6D1h92vCD8=";
         };
 
         # Mainline linux 5.19 doesn't have device-tree support for

devices/gl-mt300a/default.nix

@@ -131,8 +131,8 @@
       kernel = {
         src = pkgs.fetchurl {
           name = "linux.tar.gz";
-          url = "https://cdn.kernel.org/pub/linux/kernel/v5.x/linux-5.15.137.tar.gz";
-          hash = "sha256-PkdzUKZ0IpBiWe/RS70J76JKnBFzRblWcKlaIFNxnHQ=";
+          url = "https://cdn.kernel.org/pub/linux/kernel/v5.x/linux-5.15.71.tar.gz";
+          hash = "sha256-yhO2cXIeIgUxkSZf/4aAsF11uxyh+UUZu6D1h92vCD8=";
         };
         extraPatchPhase = ''
           ${openwrt.applyPatches.ramips}

devices/gl-mt300n-v2/default.nix

@@ -127,8 +127,8 @@
       kernel = {
         src = pkgs.fetchurl {
           name = "linux.tar.gz";
-          url = "https://cdn.kernel.org/pub/linux/kernel/v5.x/linux-5.15.137.tar.gz";
-          hash = "sha256-PkdzUKZ0IpBiWe/RS70J76JKnBFzRblWcKlaIFNxnHQ=";
+          url = "https://cdn.kernel.org/pub/linux/kernel/v5.x/linux-5.15.71.tar.gz";
+          hash = "sha256-yhO2cXIeIgUxkSZf/4aAsF11uxyh+UUZu6D1h92vCD8=";
         };
         extraPatchPhase = ''
           ${openwrt.applyPatches.ramips}

devices/turris-omnia/default.nix

@@ -2,27 +2,6 @@
   description = ''
     Turris Omnia
     ************
-
-    This is a 32 bit ARMv7 MVEBU device, which is usually shipped with
-    TurrisOS, an OpenWrt-based system. Rather than reformatting the
-    builtin storage, we install Liminix on to the existing btrfs
-    filesystem so that the vendor snapshot/recovery system continues
-    to work (and provides you an easy rollback if you decide you don't
-    like Liminix after all).
-
-    The install process is designed so that you should not need to open
-    the device and add a serial console (although it may be handy
-    for visibility  and in case anything goes wrong). In outline
-
-      1. build a "recovery" system with useful btrfs tools
-      2. boot that system using TFTP or a USB stick
-      3. once booted, mount the real root filesystem on /mnt
-      4. take a snapshot using schnapps, and then delete everything
-      5. use min-copy-closure -d /mnt/@ to copy the real configuration
-         to the device
-      6. reboot into a fully operational system
-
-    Detailed instructions to follow...
   '';
 
   system = {
@@ -51,6 +30,7 @@
       imports = [
         ../../modules/arch/arm.nix
         ../../modules/outputs/tftpboot.nix
+        ../../modules/outputs/ext4fs.nix
         ../../modules/outputs/mbrimage.nix
         ../../modules/outputs/extlinux.nix
       ];
@@ -60,8 +40,8 @@
         kernel = {
           src = pkgs.pkgsBuildBuild.fetchurl {
             name = "linux.tar.gz";
-            url = "https://cdn.kernel.org/pub/linux/kernel/v5.x/linux-5.15.137.tar.gz";
-            hash = "sha256-PkdzUKZ0IpBiWe/RS70J76JKnBFzRblWcKlaIFNxnHQ=";
+            url = "https://cdn.kernel.org/pub/linux/kernel/v5.x/linux-5.15.71.tar.gz";
+            hash = "sha256-yhO2cXIeIgUxkSZf/4aAsF11uxyh+UUZu6D1h92vCD8=";
           };
           extraPatchPhase = ''
           ${pkgs.openwrt.applyPatches.mvebu}
@@ -130,10 +110,6 @@
             MVNETA_BM_ENABLE = "y";
             SRAM = "y"; # mmio-sram is "compatible" for bm_bppi reqd by BM
             PHY_MVEBU_A38X_COMPHY = "y"; # for eth2
-            MARVELL_PHY = "y";
-
-            USB_XHCI_MVEBU = "y";
-            USB_XHCI_HCD = "y";
 
             MVPP2 = "y";
             MV_XOR = "y";
@@ -151,12 +127,13 @@
             NET_DSA_MV88E6XXX = "y"; # depends on PTP_1588_CLOCK_OPTIONAL
           };
         };
-
+        rootfsType = "ext4";
         boot = {
           commandLine = [
             "console=ttyS0,115200"
             "pcie_aspm=off" # ath9k pci incompatible with PCIe ASPM
           ];
+          imageFormat = "fit";
         };
         filesystem =
           let
@@ -165,9 +142,9 @@
               name = "wlan-firmware";
               phases = ["installPhase"];
               installPhase = ''
-                mkdir $out
-                cp -r ${pkgs.linux-firmware}/lib/firmware/ath10k/QCA988X $out
-              '';
+            mkdir $out
+            cp -r ${pkgs.linux-firmware}/lib/firmware/ath10k/QCA988X $out
+          '';
             };
           in dir {
             lib = dir {
@@ -199,7 +176,7 @@
           defaultOutput = "mtdimage";
           loadAddress = lim.parseInt "0x00800000"; # "0x00008000";
           entryPoint = lim.parseInt "0x00800000"; # "0x00008000";
-          rootDevice = "/dev/mmcblk0p1";
+          rootDevice = "/dev/mtdblock0";
 
           dts = {
             src = "${config.system.outputs.kernel.modulesupport}/arch/arm/boot/dts/armada-385-turris-omnia.dts";
@@ -233,7 +210,7 @@
               # per
               # https://www.kernel.org/doc/html/latest/networking/dsa/configuration.html#affinity-of-user-ports-to-cpu-ports
               # but apparently OpenWrt doesn't either so maybe it's more
-              # complicated than it looks.
+              # complicated than it looks
 
               wan = link.build {
                 # in armada-38x.dtsi this is eth2. It may be connected to
@@ -242,13 +219,9 @@
                 ifname = "wan";
               };
 
-              lan0 = link.build { ifname = "lan0"; };
-              lan1 = link.build { ifname = "lan1"; };
-              lan2 = link.build { ifname = "lan2"; };
-              lan3 = link.build { ifname = "lan3"; };
-              lan4 = link.build { ifname = "lan4"; };
-              lan5 = link.build { ifname = "lan5"; };
-              lan = lan0; # maybe we should build a bridge?
+              lan = link.build {
+                ifname = "lan1";
+              };
 
               wlan = link.build {
                 ifname = "wlan0";

examples/recovery.nix

@@ -1,104 +0,0 @@
-{ config, pkgs, lib, ... } :
-let
-  inherit (pkgs) serviceFns;
-  svc = config.system.service;
-  inherit (pkgs.pseudofile) dir symlink;
-  inherit (pkgs.liminix.services) oneshot longrun bundle target;
-  some-util-linux = pkgs.runCommand "some-util-linux" {} ''
-    mkdir -p $out/bin
-    cd ${pkgs.util-linux-small}/bin
-    cp fdisk sfdisk mkswap $out/bin
-  '';
-in rec {
-  imports = [
-    ../modules/network
-    ../modules/ssh
-    ../modules/usb.nix
-    ../modules/schnapps
-    ../modules/outputs/mtdimage.nix
-    ../modules/outputs/mbrimage.nix
-    ../modules/outputs/tftpboot.nix
-    ../modules/outputs/ubifs.nix
-    ../modules/outputs/ubimage.nix
-    ../modules/outputs/jffs2.nix
-    ../modules/outputs/ext4fs.nix
-  ];
-
-  kernel.config = {
-    BTRFS_FS = "y";
-  };
-
-  boot.tftp = {
-    ipaddr = "10.0.0.8"; # my address
-    serverip = "10.0.0.1"; # build machine or other tftp server
-    freeSpaceBytes = 1024 * 1024 * 4;
-  };
-
-  hostname = "recovery";
-
-  services.dhcpc = svc.network.dhcp.client.build {
-    interface = config.hardware.networkInterfaces.lan2;
-
-    # don't start DHCP until the hostname is configured,
-    # so it can identify itself to the DHCP server
-    dependencies = [ config.services.hostname ];
-  };
-
-  services.sshd = svc.ssh.build {
-    dependencies = [ config.services.growfs ];
-  };
-
-  services.defaultroute4 = svc.network.route.build {
-    via = "$(output ${services.dhcpc} router)";
-    target = "default";
-    dependencies = [services.dhcpc];
-  };
-
-  services.resolvconf = oneshot rec {
-    dependencies = [ services.dhcpc ];
-    name = "resolvconf";
-    up = ''
-      . ${serviceFns}
-      ( in_outputs ${name}
-      for i in $(output ${services.dhcpc} dns); do
-        echo "nameserver $i" > resolv.conf
-      done
-      )
-    '';
-  };
-
-  services.growfs = let name = "growfs"; in oneshot {
-    inherit name;
-    up = ''
-      . ${serviceFns}
-      device=$(grep /persist /proc/1/mountinfo | cut -f9 -d' ')
-      ${pkgs.e2fsprogs}/bin/resize2fs $device
-    '';
-  };
-
-  filesystem = dir {
-    etc = dir {
-      "resolv.conf" = symlink "${services.resolvconf}/.outputs/resolv.conf";
-    };
-    mnt = dir {};
-  };
-  rootfsType = "ext4";
-  # sda is most likely correct for the boot-from-USB case. For tftp
-  # it's overridden by the boot.scr anyway, so maybe it all works out
-  hardware.rootDevice = "/dev/sda1";
-  users.root = {
-    # the password is "secret". Use mkpasswd -m sha512crypt to
-    # create this hashed password string
-    passwd = "$6$y7WZ5hM6l5nriLmo$5AJlmzQZ6WA.7uBC7S8L4o19ESR28Dg25v64/vDvvCN01Ms9QoHeGByj8lGlJ4/b.dbwR9Hq2KXurSnLigt1W1";
-  };
-
-  defaultProfile.packages = with pkgs; [
-    e2fsprogs # ext4
-    btrfs-progs
-    mtdutils # mtd, jffs2, ubifs
-    dtc      # you never know when you might need device tree stuff
-    some-util-linux
-    libubootenv # fw_{set,print}env
-    pciutils
-  ];
-}

examples/rotuer.nix

@@ -43,13 +43,8 @@ in rec {
     ../modules/bridge
     ../modules/ntp
     ../modules/ssh
-    ../modules/outputs/btrfs.nix
-    ../modules/outputs/extlinux.nix
   ];
   hostname = "rotuer";
-  rootfsType = "btrfs";
-  rootOptions = "subvol=@";
-  boot.loader.extlinux.enable = true;
 
   services.hostap = svc.hostapd.build {
     interface = config.hardware.networkInterfaces.wlan;

modules/base.nix

@@ -40,18 +40,12 @@ in {
     rootfsType =  mkOption {
       default = "squashfs";
       type = types.enum [
-        "btrfs"
         "ext4"
         "jffs2"
         "squashfs"
         "ubifs"
       ];
     };
-    rootOptions =  mkOption {
-      type = types.nullOr types.str;
-      default = null;
-    };
-
     boot = {
       commandLine = mkOption {
         type = types.listOf types.nonEmptyStr;
@@ -100,8 +94,7 @@ in {
       "root=${config.hardware.rootDevice}"
       "rootfstype=${config.rootfsType}"
       "fw_devlink=off"
-    ] ++ lib.optional (config.rootOptions != null) "rootflags=${config.rootOptions}";
-
+    ];
     users.root = {
       uid = 0; gid= 0; gecos = "Root of all evaluation";
       dir = "/home/root/";
@@ -141,7 +134,6 @@ in {
       proc = dir {};
       run = dir {};
       sys = dir {};
-      tmp = dir {};
     };
   };
 }

modules/outputs/btrfs.nix

@@ -1,37 +0,0 @@
-{
-  config
-, pkgs
-, lib
-, ...
-}:
-let
-  inherit (lib) mkIf mkOption types;
-  o = config.system.outputs;
-in
-{
-  imports = [
-    ./initramfs.nix
-  ];
-  config = mkIf (config.rootfsType == "btrfs") {
-    kernel.config = {
-      BTRFS_FS = "y";
-    };
-    boot.initramfs.enable = true;
-    system.outputs = {
-      rootfs =
-        let
-          inherit (pkgs.pkgsBuildBuild) runCommand e2fsprogs;
-        in runCommand "mkfs.btrfs" {
-          depsBuildBuild = [ e2fsprogs ];
-        } ''
-          tree=${o.bootablerootdir}
-          size=$(du -s --apparent-size --block-size 1024 $tree |cut -f1)
-          # add 25% for filesystem overhead
-          size=$(( 5 * $size / 4))
-          dd if=/dev/zero of=$out bs=1024 count=$size
-          echo "not implemented" ; exit 1
-          # mke2fs -t ext4 -j -d $tree $out
-        '';
-    };
-  };
-}

modules/outputs/extlinux.nix

@@ -6,7 +6,6 @@
 }:
 let
   inherit (lib) mkIf mkEnableOption mkOption types concatStringsSep;
-  inherit (pkgs.pseudofile) dir symlink;
   cfg = config.boot.loader.extlinux;
   o = config.system.outputs;
   cmdline = concatStringsSep " " config.boot.commandLine;
@@ -18,7 +17,7 @@ in {
   };
   options.boot.loader.extlinux.enable = mkEnableOption "extlinux";
 
-  config = mkIf cfg.enable {
+  config =  { # mkIf cfg.enable {
     system.outputs.extlinux = pkgs.runCommand "extlinux" {} ''
       mkdir $out
       cd $out
@@ -28,16 +27,13 @@ in {
       mkdir extlinux
       cat > extlinux/extlinux.conf << _EOF
       menu title Liminix
-      timeout 40
+      timeout 100
       label Liminix
         kernel /boot/kernel
         # initrd /boot/initramfs
-        append ${cmdline} 
+        append ${cmdline} root=/dev/vda1
         ${if wantsDtb then "fdt /boot/dtb" else ""}
       _EOF
     '';
-    filesystem = dir {
-      boot = symlink config.system.outputs.extlinux;
-    };
   };
 }

modules/outputs/tftpboot.nix

@@ -63,13 +63,8 @@ in {
             zimage = "bootz";
           }; in choices.${cfg.kernelFormat};
           cmdline = concatStringsSep " " config.boot.commandLine;
-          objcopy = "${pkgs.stdenv.cc.bintools.targetPrefix}objcopy";
-          stripAndZip = ''
-            ${objcopy} -O binary -R .reginfo -R .notes -R .note -R .comment -R .mdebug -R .note.gnu.build-id -S vmlinux.elf vmlinux.bin
-            rm -f vmlinux.bin.lzma ; lzma -k -z  vmlinux.bin
-          '';
         in
-          pkgs.runCommand "tftpboot" { nativeBuildInputs = with pkgs.pkgsBuildBuild; [ lzma dtc pkgs.stdenv.cc ubootTools ];  } ''
+          pkgs.runCommand "tftpboot" { nativeBuildInputs = with pkgs.pkgsBuildBuild; [ lzma dtc ];  } ''
             mkdir $out
             cd $out
             binsize() { local s=$(stat -L -c %s $1); echo $(($s + 0x1000 &(~0xfff))); }
@@ -77,17 +72,18 @@ in {
             hex() { printf "0x%x" $1; }
             rootfsStart=${toString cfg.loadAddress}
             rootfsSize=$(binsize64k ${o.rootfs} )
-            rootfsSize=$(($rootfsSize + ${toString cfg.freeSpaceBytes} ))
             dtbStart=$(($rootfsStart + $rootfsSize))
+            dtbSize=$(binsize ${o.dtb} )
+            imageStart=$(($dtbStart + $dtbSize))
             imageSize=$(binsize ${image})
 
             ln -s ${o.manifest} manifest
+            ln -s ${image} image
             ln -s ${o.kernel} vmlinux  # handy for gdb
 
             ${if cfg.compressRoot
               then ''
                 lzma -z9cv ${o.rootfs} > rootfs.lz
-                # TODO this is no longer correct
                 rootfsLzStart=$(($imageStart + $imageSize))
                 rootfsLzSize=$(binsize rootfs.lz)
               ''
@@ -106,19 +102,9 @@ in {
             fdtput -p -t s dtb /reserved-memory/$node compatible phram
             fdtput -p -t lx dtb /reserved-memory/$node reg $ac_prefix $(hex $rootfsStart) $sz_prefix $(hex $rootfsSize)
 
-            dtbSize=$(binsize ./dtb )
-            imageStart=$(($dtbStart + $dtbSize))
-
             cmd="liminix ${cmdline} mtdparts=phram0:''${rootfsSize}(rootfs) phram.phram=phram0,''${rootfsStart},''${rootfsSize},${toString config.hardware.flash.eraseBlockSize} root=/dev/mtdblock0";
             fdtput -t s dtb /chosen bootargs "$cmd"
 
-            # re-package image with updated dtb
-            cp ${o.kernel} vmlinux.elf; chmod +w vmlinux.elf
-            ${objcopy} --update-section .appended_dtb=dtb vmlinux.elf
-            ${stripAndZip}
-            # TODO don't hardcode mips, entryPoint, loadAddress, name
-            mkimage -A mips -O linux -T kernel -C lzma -a 0x80001000 -e 0x80001000 -n 'MIPS Liminix Linux' -d vmlinux.bin.lzma image
-
             # dtc -I dtb -O dts -o /dev/stdout dtb | grep -A10 chosen ; exit 1
 
             cat > boot.scr << EOF

modules/s6/scripts/rc.init

@@ -17,7 +17,6 @@ shift
 
 mount -t proc none /proc
 mount -t sysfs none /sys
-mount -t tmpfs none /tmp
 # s6-linux-init mounts /dev before this script is called
 mkdir /dev/pts
 mount -t devpts none /dev/pts

modules/schnapps/default.nix

@@ -1,19 +0,0 @@
-{ config, pkgs, lib, ... } :
-{
-  config = {
-    programs.busybox = {
-      options = {
-        # schnapps is a shell script that needs
-        # [ command
-        # find -maxdepth  -mindepth
-        # head -c
-        # echo -n
-        ASH_TEST = "y";
-        FEATURE_FIND_MAXDEPTH = "y";
-        FEATURE_FANCY_HEAD = "y";
-        FEATURE_FANCY_ECHO = "y";
-      };
-    };
-    defaultProfile.packages = [ pkgs.schnapps ] ;
-  };
-}

modules/usb.nix

@@ -1,31 +0,0 @@
-# support for USB block devices and the common filesystems
-# they're likely to provide
-
-{lib, config, ... }:
-{
-  kernel = {
-    config = {
-      USB = "y";
-      USB_EHCI_HCD = "y";
-      USB_EHCI_HCD_PLATFORM = "y";
-      USB_OHCI_HCD = "y";
-      USB_OHCI_HCD_PLATFORM = "y";
-      USB_SUPPORT = "y";
-      USB_COMMON = "y";
-      USB_STORAGE = "y";
-      USB_STORAGE_DEBUG = "n";
-      USB_UAS = "y";
-      USB_ANNOUNCE_NEW_DEVICES = "y";
-      SCSI = "y";
-      BLK_DEV_SD = "y";
-      USB_PRINTER = "y";
-      MSDOS_PARTITION = "y";
-      EFI_PARTITION = "y";
-      EXT4_FS = "y";
-      EXT4_USE_FOR_EXT2 = "y";
-      FS_ENCRYPTION = "y";
-
-
-    };
-  };
-}

overlay.nix

@@ -50,12 +50,6 @@ extraPkgs // {
   };
 
   # keep these alphabetical
-
-  btrfs-progs = prev.btrfs-progs.override {
-    udevSupport = false;
-    udev = null;
-  };
-
   chrony =
     let chrony' = prev.chrony.overrideAttrs(o: {
           configureFlags = [

pkgs/default.nix

@@ -10,7 +10,10 @@ let
       type' = types.submodule { options = type; };
     in (mergeDefinitions [] type' defs).mergedValue;
 in {
+  pseudofile = callPackage ./pseudofile {};
   liminix = {
+    services = callPackage ./liminix-tools/services {};
+    networking =  callPackage ./liminix-tools/networking {};
     builders =  {
       squashfs = callPackage ./liminix-tools/builders/squashfs.nix {};
       dtb = callPackage ./kernel/dtb.nix {};
@@ -49,26 +52,32 @@ in {
         };
       inherit typeChecked;
     };
-    networking =  callPackage ./liminix-tools/networking {};
-    services = callPackage ./liminix-tools/services {};
   };
+  writeFennelScript = callPackage ./write-fennel-script {};
+  writeFennel = callPackage ./write-fennel {};
+  writeAshScript = callPackage ./write-ash-script {};
+  systemconfig = callPackage ./systemconfig {};
+  s6-init-bin =  callPackage ./s6-init-bin {};
+  s6-rc-database = callPackage ./s6-rc-database {};
+  run-liminix-vm = callPackage ./run-liminix-vm {};
+  ppp = callPackage ./ppp {};
+  pppoe = callPackage ./pppoe {};
 
-  # please keep the rest of this list alphabetised :-)
-
-  anoia = callPackage ./anoia {};
-  fennel = callPackage ./fennel {};
-  fennelrepl = callPackage ./fennelrepl {};
-  firewallgen  = callPackage ./firewallgen {};
-  gen_init_cpio = callPackage ./gen_init_cpio {};
-  go-l2tp = callPackage ./go-l2tp {};
-  hi = callPackage ./hi {};
-  ifwait = callPackage ./ifwait {};
-  initramfs-peek = callPackage ./initramfs-peek {};
   kernel-backport = callPackage ./kernel-backport {};
-  kernel-modules  = callPackage ./kernel-modules {};
-  levitate = callPackage ./levitate {};
-  libubootenv = callPackage ./libubootenv {};
+  mac80211 = callPackage ./mac80211 {};
+  netlink-lua = callPackage ./netlink-lua {};
   linotify = callPackage ./linotify {};
+  ifwait = callPackage ./ifwait {};
+
+  gen_init_cpio = callPackage ./gen_init_cpio {};
+
+  serviceFns = callPackage ./service-fns {};
+
+  # these are packages for the build system not the host/target
+
+  tufted = callPackage ./tufted {};
+  routeros = callPackage ./routeros {};
+  go-l2tp = callPackage ./go-l2tp {};
 
   # we need to build real lzma instead of using xz, because the lzma
   # decoder in u-boot doesn't understand streaming lzma archives
@@ -77,33 +86,24 @@ in {
   # https://sourceforge.net/p/squashfs/mailman/message/26599379/
   lzma = callPackage ./lzma {};
 
-  mac80211 = callPackage ./mac80211 {};
+  preinit = callPackage ./preinit {};
+  swconfig = callPackage ./swconfig {};
+  odhcp6c = callPackage ./odhcp6c {};
+
+  openwrt = callPackage ./openwrt {};
+
+  initramfs-peek = callPackage ./initramfs-peek {};
   min-collect-garbage = callPackage ./min-collect-garbage {};
   min-copy-closure = callPackage ./min-copy-closure {};
-  netlink-lua = callPackage ./netlink-lua {};
+  hi = callPackage ./hi {};
+  firewallgen  = callPackage ./firewallgen {};
+  kernel-modules  = callPackage ./kernel-modules {};
   odhcp-script = callPackage ./odhcp-script {};
-  odhcp6c = callPackage ./odhcp6c {};
-  openwrt = callPackage ./openwrt {};
-  ppp = callPackage ./ppp {};
-  pppoe = callPackage ./pppoe {};
-  preinit = callPackage ./preinit {};
-  pseudofile = callPackage ./pseudofile {};
-  routeros = callPackage ./routeros {};
-  run-liminix-vm = callPackage ./run-liminix-vm {};
-  s6-init-bin =  callPackage ./s6-init-bin {};
-  s6-rc-database = callPackage ./s6-rc-database {};
+  fennel = callPackage ./fennel {};
+  fennelrepl = callPackage ./fennelrepl {};
+  anoia = callPackage ./anoia {};
 
-  # schnapps is written by Turris and provides a high-level interface
-  # to btrfs snapshots. It may be useful on the Turris Omnia to
-  # install Liminix while retaining the ability to rollback to the
-  # vendor OS, or even to derisk Liminix updates on that device
-  schnapps = callPackage ./schnapps {};
+  levitate = callPackage ./levitate {};
 
-  serviceFns = callPackage ./service-fns {};
-  swconfig = callPackage ./swconfig {};
-  systemconfig = callPackage ./systemconfig {};
-  tufted = callPackage ./tufted {};
-  writeAshScript = callPackage ./write-ash-script {};
-  writeFennel = callPackage ./write-fennel {};
-  writeFennelScript = callPackage ./write-fennel-script {};
+  libubootenv = callPackage ./libubootenv {};
 }

pkgs/min-copy-closure/liminix-rebuild.sh

@@ -12,7 +12,7 @@ target_host=$1
 shift
 
 if [ -z "$target_host" ] ; then
-    echo Usage: liminix-rebuild \[--no-reboot\] target-host params
+    echo Usage: liminix-rebuild [--no-reboot] target-host params
     exit 1
 fi
 

pkgs/openwrt/default.nix

@@ -7,8 +7,8 @@ let
     name = "openwrt-source";
     repo = "openwrt";
     owner = "openwrt";
-    rev = "refs/tags/v23.05.2";
-    hash = "sha256-kP+cSOB6LiOMWs7g+ji7P7ehiDYDwRdmT4R5jSzw6K4=";
+    rev = "a5265497a4f6da158e95d6a450cb2cb6dc085cab";
+    hash = "sha256-YYi4gkpLjbOK7bM2MGQjAyEBuXJ9JNXoz/JEmYf8xE8=";
   };
   doPatch = family : ''
     cp -av ${src}/target/linux/generic/files/* .

pkgs/preinit/opts.h

@@ -1,7 +0,0 @@
-struct root_opts {
-    char *device;
-    char *fstype;
-    char *mount_opts;
-};
-
-void parseopts(char * cmdline, struct root_opts *opts);

pkgs/preinit/parseopts.c

@@ -3,9 +3,6 @@
 #include <string.h>
 #include <unistd.h>
 
-#include "opts.h"
-
-
 static int begins_with(char * str, char * prefix)
 {
 	while(*prefix) {
@@ -39,37 +36,34 @@ char * pr_u32(int32_t input) {
     i+=2;
 
     buf[i] ='\0';
-    if(write(2, buf, i))
-	return buf;
-    else
-	return NULL;
+    write(2, buf, i);
+
+    return buf;
 }
 
-static char *eat_word(char *p)
-{
-    while(*p && (*p != ' ')) p++;
 
-    if(*p) {
-	*p = '\0';
-	p++;
-    };
-    return p;
-}
+void parseopts(char * cmdline, char **root, char **rootfstype) {
+    *root = 0;
+    *rootfstype = 0;
 
-static char * eat_param(char *p, char *param_name, char **out)
-{
-    if(begins_with(p, param_name)) {
-	*out = p + strlen(param_name);
-	p = eat_word(p);
-    };
-    return p;
-}
-
-void parseopts(char * cmdline, struct root_opts *opts) {
     for(char *p = cmdline; *p; p++) {
-	p = eat_param(p, "root=", &(opts->device));
-	p = eat_param(p, "rootfstype=", &(opts->fstype));
-	p = eat_param(p, "rootflags=", &(opts->mount_opts));
+	if(begins_with(p, "root=")) {
+	    *root = p + strlen("root=");
+	    while(*p && (*p != ' ')) p++;
+
+	    if(*p) {
+		*p = '\0';
+		p++;
+	    };
+	};
+	if(begins_with(p, "rootfstype=")) {
+	    *rootfstype = p + strlen("rootfstype=");
+	    while(*p && (*p != ' ')) p++;
+	    if(*p) {
+		*p = '\0';
+		p++;
+	    };
+	};
     };
 }
 
@@ -88,59 +82,45 @@ void parseopts(char * cmdline, struct root_opts *opts) {
 
 int main()
 {
-    struct root_opts opts = {
-	.device = "/dev/hda1",
-	.fstype = "xiafs",
-	.mount_opts = NULL
-    };
+    char * root = "/dev/hda1";
+    char * rootfstype = "xiafs";
     char *buf;
 
-    // finds root= rootfstype= rootflags= options
-    buf = strdup("liminix console=ttyS0,115200 panic=10 oops=panic init=/bin/init loglevel=8 root=/dev/ubi0_4 rootfstype=ubifs rootflags=subvol=1 fw_devlink=off mtdparts=phram0:18M(rootfs) phram.phram=phram0,0x40400000,18874368,65536 root=/dev/mtdblock0 foo");
-    memset(&opts, '\0', sizeof opts); parseopts(buf, &opts);
-    expect_equal(opts.device, "/dev/mtdblock0");
-    expect_equal(opts.fstype, "ubifs");
-    expect_equal(opts.mount_opts, "subvol=1");
+    // finds root= and rootfstype= options
+    buf = strdup("liminix console=ttyS0,115200 panic=10 oops=panic init=/bin/init loglevel=8 root=/dev/ubi0_4 rootfstype=ubifs fw_devlink=off mtdparts=phram0:18M(rootfs) phram.phram=phram0,0x40400000,18874368,65536 root=/dev/mtdblock0 foo");
+    parseopts(buf, &root, &rootfstype);
+    expect_equal(root, "/dev/mtdblock0");
+    expect_equal(rootfstype, "ubifs");
 
     // in case of duplicates, chooses the latter
     // also: works if the option is end of string
     buf = strdup("liminix console=ttyS0,115200 panic=10 oops=panic init=/bin/init loglevel=8 root=/dev/ubi0_4 rootfstype=ubifs fw_devlink=off mtdparts=phram0:18M(rootfs) phram.phram=phram0,0x40400000,18874368,65536 root=/dev/mtdblock0");
-    memset(&opts, '\0', sizeof opts); parseopts(buf, &opts);
-    expect_equal(opts.device, "/dev/mtdblock0");
-    expect_equal(opts.fstype, "ubifs");
+    parseopts(buf, &root, &rootfstype);
+    expect_equal(root, "/dev/mtdblock0");
+    expect_equal(rootfstype, "ubifs");
 
     // options may appear in either order
     buf = strdup("liminix fw_devlink=off root=/dev/hda1 rootfstype=ubifs  foo");
-    memset(&opts, '\0', sizeof opts); parseopts(buf, &opts);
-    expect_equal(opts.device, "/dev/hda1");
-    expect_equal(opts.fstype, "ubifs");
-
-    // works when rootflags is the last option
-    buf = strdup("liminix fw_devlink=off root=/dev/hda1 rootfstype=ubifs rootflags=subvol=@");
-    memset(&opts, '\0', sizeof opts); parseopts(buf, &opts);
-    expect_equal(opts.device, "/dev/hda1");
-    expect_equal(opts.fstype, "ubifs");
-    expect_equal(opts.mount_opts, "subvol=@");
+    parseopts(buf, &root, &rootfstype);
+    expect_equal(root, "/dev/hda1");
+    expect_equal(rootfstype, "ubifs");
 
     buf = strdup("liminix rootfstype=ubifs fw_devlink=off root=/dev/hda1 foo");
-    memset(&opts, '\0', sizeof opts); parseopts(buf, &opts);
-    expect_equal(opts.fstype, "ubifs");
-    expect_equal(opts.device, "/dev/hda1");
+    parseopts(buf, &root, &rootfstype);
+    expect_equal(rootfstype, "ubifs");
+    expect_equal(root, "/dev/hda1");
 
     // provides NULL for missing options
     buf = strdup("liminix rufustype=ubifs fw_devlink=off foot=/dev/hda1");
-    memset(&opts, '\0', sizeof opts);  parseopts(buf, &opts);
-
-    if(opts.fstype) die("expected null rootfstype, got \"%s\"", opts.fstype);
-    if(opts.device) die("expected null root, got \"%s\"", opts.device);
-    if(opts.mount_opts) die("expected null mount_opts, got \"%s\"", opts.mount_opts);
+    parseopts(buf, &root, &rootfstype);
+    if(rootfstype) die("expected null rootfstype, got \"%s\"", rootfstype);
+    if(root) die("expected null root, got \"%s\"", root);
 
     // provides empty strings for empty options
     buf = strdup("liminix rootfstype= fw_devlink=off root= /dev/hda1");
-    memset(&opts, '\0', sizeof opts);  parseopts(buf, &opts);
-
-    if(strlen(opts.fstype)) die("expected empty rootfstype, got \"%s\"", opts.fstype);
-    if(strlen(opts.device)) die("expected null root, got \"%s\"", opts.device);
+    parseopts(buf, &root, &rootfstype);
+    if(strlen(rootfstype)) die("expected empty rootfstype, got \"%s\"", rootfstype);
+    if(strlen(root)) die("expected null root, got \"%s\"", root);
 
     expect_equal("01", pr_u32(1));
     expect_equal("ab", pr_u32(0xab));

pkgs/preinit/preinit.c

@@ -10,7 +10,7 @@
 
 #include <asm/setup.h>		/* for COMMAND_LINE_SIZE */
 
-#include "opts.h"
+void parseopts(char * cmdline, char **root, char **rootfstype);
 
 #define ERR(x) write(2, x, strlen(x))
 #define AVER(c) do { if(c < 0) { ERR("failed: "  #c ": error=0x" ); pr_u32(errno); ERR("\n"); } } while(0)
@@ -49,11 +49,8 @@ char buf[COMMAND_LINE_SIZE];
 
 int main(int argc, char *argv[], char *envp[])
 {
-    struct root_opts opts = {
-	.device = NULL,
-	.fstype = NULL,
-	.mount_opts = NULL
-    };
+    char *rootdevice = 0;
+    char *rootfstype = 0;
 
     write(1, banner, strlen(banner));
 
@@ -76,20 +73,16 @@ int main(int argc, char *argv[], char *envp[])
 	ERR("failed: open(\"/proc/cmdline\")\n");
 	die();
     }
-    parseopts(buf, &opts);
+    parseopts(buf, &rootdevice, &rootfstype);
 
-    if(opts.device) {
-	if(!opts.fstype) opts.fstype = "jffs2"; /* backward compatibility */
+    if(rootdevice) {
+	if(!rootfstype) rootfstype = "jffs2"; /* backward compatibility */
 	write(1, "rootdevice ", 11);
-	write(1, opts.device, strlen(opts.device));
+	write(1, rootdevice, strlen(rootdevice));
 	write(1, " (", 2);
-	write(1, opts.fstype, strlen(opts.fstype));
-	if(opts.mount_opts) {
-	    write(1, ", opts=", 7);
-	    write(1, opts.mount_opts, strlen(opts.mount_opts));
-	}
+	write(1, rootfstype, strlen(rootfstype));
 	write(1, ")\n", 2);
-	AVER(mount(opts.device, "/target/persist", opts.fstype, 0, opts.mount_opts));
+	AVER(mount(rootdevice, "/target/persist", rootfstype, 0, NULL));
 	AVER(mount("/target/persist/nix", "/target/nix",
 		   "bind", MS_BIND, NULL));
 

pkgs/schnapps/default.nix

@@ -1,27 +0,0 @@
-{
-  stdenv
-, fetchFromGitLab
-, makeWrapper
-, btrfs-progs
-, lib
-}:
-let search_path = lib.makeBinPath [btrfs-progs];
-in stdenv.mkDerivation {
-  pname = "schnapps";
-  version = "2.13.0";
-
-  src =fetchFromGitLab {
-    domain = "gitlab.nic.cz";
-    owner = "turris";
-    repo = "schnapps";
-    rev = "53ac92c765d670be4b98dba2c948859a9ac7607f";
-    hash = "sha256-yVgXK+V2wrcOPLB6X6qm3hyBcWcyzNhfJjFF7YRk5Lc=";
-  };
-
-  nativeBuildInputs = [ makeWrapper ];
-  buildPhase = ":";
-  installPhase = ''
-    install -D schnapps.sh $out/bin/schnapps
-    wrapProgram $out/bin/schnapps --prefix PATH : "${search_path}"
-  '';
-}

pkgs/systemconfig/default.nix

@@ -81,22 +81,8 @@ in attrset:
       $STRIP --remove-section=.note  --remove-section=.comment --strip-all makedevs -o $out/bin/activate
       ln -s ${s6-init-bin}/bin/init $out/bin/init
       cat > $out/bin/install <<EOF
-      #!/bin/sh -e
-      prefix=\''${1-/}
-      src=\''${prefix}$out
-      dest=\$prefix
-      ${# if we are running on a normal mounted system then
-        # the actual device root is mounted on /persist
-        # and /nix is bind mounted from /persist/nix
-        # (see the code in preinit). So we need to check for this
-        # case otherwise we will install into a ramfs/rootfs
-        ""
-      }
-      if test -d $dest/persist; then dest=$dest/persist; fi
-      cp -v -fP \$src/bin/* \$src/etc/* \$dest
-      ${if attrset ? boot then ''
-        (cd \$dest && rm ./boot && ln -sf ${lib.strings.removePrefix "/" attrset.boot.target} ./boot)
-      '' else ""}
+      #!/bin/sh
+      cp -v -fP $out/bin/* $out/etc/* \''${1-/}/persist
       EOF
       chmod +x $out/bin/install
     '';