From 361d29abbbbbc313d01ea95862742ad890ad6eea Mon Sep 17 00:00:00 2001 From: Waldemar Brodkorb Date: Sat, 22 Aug 2009 20:58:58 +0200 Subject: make lemote yeelong finally usable - moved startup script for all targets to /start - add kernel patch to use /start - add cryptinit package - make an encrypted rootfilesystem as choice for lemote --- target/Config.in | 30 +++++++++++++++++++++++-- target/foxboard/kernel.config | 2 +- target/lemote/Makefile | 35 +++++++++++++++++++++++++++++ target/lemote/files/boot/boot.cfg | 7 ++++++ target/lemote/files/etc/inittab | 1 - target/lemote/kernel.config | 14 ++++++++---- target/linux/config/Config.in.block | 11 +++++++++ target/linux/config/Config.in.crypto | 15 +++++++++++++ target/linux/config/Config.in.fs | 10 +++++++++ target/linux/config/Config.in.misc | 5 +++++ target/linux/patches/2.6.30.5/startup.patch | 20 +++++++++++++++++ target/qemu-cris/kernel.config | 2 +- target/qemu-mips/kernel.config | 2 +- target/qemu-mips64/kernel.config | 2 +- target/qemu-mips64el/kernel.config | 2 +- target/qemu-mipsel/kernel.config | 2 +- target/rb411/kernel.config | 2 +- target/rb433/kernel.config | 2 +- target/rb532/kernel.config | 2 +- target/wag54g/kernel.config | 2 +- 20 files changed, 151 insertions(+), 17 deletions(-) create mode 100644 target/lemote/files/boot/boot.cfg create mode 100644 target/linux/patches/2.6.30.5/startup.patch (limited to 'target') diff --git a/target/Config.in b/target/Config.in index 2fff7ea52..e40674ad5 100644 --- a/target/Config.in +++ b/target/Config.in @@ -361,8 +361,7 @@ config ADK_TARGET_ROOTFS_INITRAMFS ADK_LINUX_MIPSEL_QEMU || \ ADK_LINUX_MIPS64_QEMU || \ ADK_LINUX_MIPS64EL_QEMU || \ - ADK_LINUX_RESCUE || \ - ADK_LINUX_MIPS64_LEMOTE + ADK_LINUX_RESCUE select ADK_KERNEL_BLK_DEV_INITRD help create an read-only initramfs system. @@ -418,6 +417,33 @@ config ADK_TARGET_ROOTFS_EXT2 select ADK_KERNEL_EXT2_FS help Use this option if your rootfs is ext2. + +config ADK_TARGET_ROOTFS_ENCRYPTED + bool "Encrypted read-write root filesystem" + depends on ADK_LINUX_MIPS64_LEMOTE + select ADK_LINUX_INITRAMFS_BUILTIN + select ADK_PACKAGE_CRYPTINIT + select ADK_KERNEL_BLK_DEV_DM + select ADK_KERNEL_DM_CRYPT + select ADK_KERNEL_CRYPTO_AES + select ADK_KERNEL_CRYPTO_CBC + select ADK_KERNEL_CRYPTO_SHA256 + select ADK_KERNEL_XFS_FS + help + Use this option if you want an encrypted rootfs. + Default is XFS filesystem. Use following commands to setup + your hard disk, after booting via NFS or USB: + cryptsetup luksFormat /dev/sda2 + cryptsetup luksOpen /dev/sda2 crypt + mkfs.xfs /dev/mapper/crypt + mount /dev/mapper/crypt /mnt + tar xzvf lemote-mips-encryptedroot.tar.gz -C /mnt + umount /mnt + mount /dev/sda1 /mnt + cp lemote-mips-kernel /mnt/ + mkdir /mnt/boot + Create boot.cfg ... + endchoice config ADK_SSP diff --git a/target/foxboard/kernel.config b/target/foxboard/kernel.config index 3cd568a60..e4f870878 100644 --- a/target/foxboard/kernel.config +++ b/target/foxboard/kernel.config @@ -109,7 +109,7 @@ CONFIG_BINFMT_ELF=y # CONFIG_HAVE_AOUT is not set # CONFIG_BINFMT_MISC is not set CONFIG_GENERIC_HARDIRQS=y -CONFIG_ETRAX_CMDLINE="init=/init console=ttyS0,115200" +CONFIG_ETRAX_CMDLINE="console=ttyS0,115200" # CONFIG_ETRAX_WATCHDOG is not set CONFIG_ETRAX_FAST_TIMER=y # CONFIG_ETRAX_KMALLOCED_MODULES is not set diff --git a/target/lemote/Makefile b/target/lemote/Makefile index 4a4d4b78f..f354ad6a5 100644 --- a/target/lemote/Makefile +++ b/target/lemote/Makefile @@ -13,6 +13,15 @@ kernel-install: $(KERNEL_CROSS)objcopy $(OSTRIP) -S $(LINUX_DIR)/vmlinux \ $(BIN_DIR)/${DEVICE}-${ARCH}-kernel +createinit: + $(SED) 's#^CONFIG_INITRAMFS_SOURCE.*#CONFIG_INITRAMFS_SOURCE="./initramfs_list"#' $(LINUX_DIR)/.config + echo 'CONFIG_INITRAMFS_ROOT_UID=0' >> $(LINUX_DIR)/.config + echo 'CONFIG_INITRAMFS_ROOT_GID=0' >> $(LINUX_DIR)/.config + $(MAKE) -C $(LINUX_DIR) V=0 CROSS_COMPILE="$(KERNEL_CROSS)" ARCH=$(ARCH) \ + CC="$(TARGET_CC)" $(MAKE_TRACE) + $(CP) $(LINUX_DIR)/arch/mips/loongson/image/vmlinuz \ + $(BIN_DIR)/${DEVICE}-${ARCH}-kernel + ifeq ($(FS),nfsroot) imageinstall: $(BIN_DIR)/$(ROOTFSTARBALL) @echo 'The kernel file is: ${BIN_DIR}/${DEVICE}-${ARCH}-kernel' @@ -22,6 +31,32 @@ imageinstall: $(BIN_DIR)/$(ROOTFSTARBALL) @echo 'PMON> load tftp:///lemote-mips-kernel' @echo 'PMON> g no_auto_cmd root=/dev/nfs ip=dhcp init=/init' endif +ifeq ($(FS),encrypted) +imageinstall: $(BIN_DIR)/$(ROOTFSTARBALL) createinit + @echo 'The kernel+cryptinit file is: ${BIN_DIR}/${DEVICE}-${ARCH}-kernel' + @echo "The RootFS tarball is: $(BIN_DIR)/$(ROOTFSTARBALL)," + @echo 'Boot your lemote via NFS or USB.' + @echo 'Then create at least three partitions with fdisk:' + @echo '/dev/sda1 (ext2)' + @echo '/dev/sda2 (encrypted root)' + @echo '/dev/sda3 (swap)' + @echo 'mkdir /mnt/{boot,root}' + @echo 'mke2fs /dev/sda1' + @echo 'mkfs.xfs /dev/sda2' + @echo 'cryptsetup luksFormat /dev/sda2' + @echo 'cryptsetup luksFormat /dev/sda3' + @echo 'cryptsetup luksOpen /dev/sda2 crypt' + @echo 'mount /dev/sda1 /mnt/boot' + @echo 'mount /dev/mapper/crypt /mnt/root' + @echo 'mkdir /mnt/boot/boot' + @echo + @echo 'Copy $(ROOTFSTARBALL) via scp to /mnt/root and extract it' + @echo 'cd /mnt/root ; gunzip $(ROOTFSTARBALL); tar xpvf $(ROOTFSTARBALL)' + @echo 'Copy ${DEVICE}-${ARCH}-kernel via scp to /mnt/boot/boot' + @echo 'Move boot.cfg to /mnt/boot/boot' + @echo 'mv /mnt/root/boot/boot.cfg /mnt/boot/boot' + @echo 'cd /mnt/root ; mknod -m 644 console c 5 1' +endif ifeq ($(FS),initramfs) imageinstall: $(BIN_DIR)/$(INITRAMFS) @echo 'The kernel file is: ${BIN_DIR}/${DEVICE}-${ARCH}-kernel' diff --git a/target/lemote/files/boot/boot.cfg b/target/lemote/files/boot/boot.cfg new file mode 100644 index 000000000..63f740928 --- /dev/null +++ b/target/lemote/files/boot/boot.cfg @@ -0,0 +1,7 @@ +timeout 4 +default 0 +showmenu 1 + +title Linux + kernel /dev/fs/ext2@wd0/boot/lemote-mips-kernel + args no_auto_cmd root=/dev/mapper/root resume=/dev/mapper/swap diff --git a/target/lemote/files/etc/inittab b/target/lemote/files/etc/inittab index b6dd0bd3b..f14e0d568 100644 --- a/target/lemote/files/etc/inittab +++ b/target/lemote/files/etc/inittab @@ -1,4 +1,3 @@ ::sysinit:/etc/init.d/rcS ::shutdown:/etc/init.d/rcK -tty::respawn:/sbin/getty -i -L tty 115200 vt100 tty1::respawn:/sbin/getty -i -L tty1 115200 vt100 diff --git a/target/lemote/kernel.config b/target/lemote/kernel.config index a1fc83cc1..95d638ee4 100644 --- a/target/lemote/kernel.config +++ b/target/lemote/kernel.config @@ -1,7 +1,7 @@ # # Automatically generated make config: don't edit # Linux kernel version: 2.6.30.5 -# Sat Aug 22 13:14:36 2009 +# Sat Aug 22 17:10:45 2009 # CONFIG_MIPS=y @@ -185,9 +185,9 @@ CONFIG_LOCALVERSION="" CONFIG_HAVE_KERNEL_GZIP=y CONFIG_HAVE_KERNEL_BZIP2=y CONFIG_HAVE_KERNEL_LZMA=y -CONFIG_KERNEL_GZIP=y +# CONFIG_KERNEL_GZIP is not set # CONFIG_KERNEL_BZIP2 is not set -# CONFIG_KERNEL_LZMA is not set +CONFIG_KERNEL_LZMA=y CONFIG_SWAP=y CONFIG_SYSVIPC=y CONFIG_SYSVIPC_SYSCTL=y @@ -212,7 +212,11 @@ CONFIG_LOG_BUF_SHIFT=15 # CONFIG_SYSFS_DEPRECATED_V2 is not set # CONFIG_RELAY is not set # CONFIG_NAMESPACES is not set -# CONFIG_BLK_DEV_INITRD is not set +CONFIG_BLK_DEV_INITRD=y +CONFIG_INITRAMFS_SOURCE="" +# CONFIG_RD_GZIP is not set +# CONFIG_RD_BZIP2 is not set +CONFIG_RD_LZMA=y CONFIG_CC_OPTIMIZE_FOR_SIZE=y CONFIG_SYSCTL=y CONFIG_ANON_INODES=y @@ -272,6 +276,7 @@ CONFIG_DEFAULT_AS=y # CONFIG_DEFAULT_CFQ is not set # CONFIG_DEFAULT_NOOP is not set CONFIG_DEFAULT_IOSCHED="anticipatory" +# CONFIG_PROBE_INITRD_HEADER is not set CONFIG_FREEZER=y # @@ -1240,6 +1245,7 @@ CONFIG_GENERIC_FIND_LAST_BIT=y CONFIG_CRC32=y # CONFIG_CRC7 is not set # CONFIG_LIBCRC32C is not set +CONFIG_DECOMPRESS_LZMA=y CONFIG_HAS_IOMEM=y CONFIG_HAS_IOPORT=y CONFIG_HAS_DMA=y diff --git a/target/linux/config/Config.in.block b/target/linux/config/Config.in.block index 5ceacf608..15c3f27d6 100644 --- a/target/linux/config/Config.in.block +++ b/target/linux/config/Config.in.block @@ -40,6 +40,15 @@ config ADK_KERNEL_BLK_DEV_SD boolean default n +config ADK_KERNEL_DM_CRYPT + boolean + default n + +config ADK_KERNEL_BLK_DEV_DM + select ADK_KERNEL_MD + boolean + default n + #config ADK_KERNEL_IDE # boolean # default n @@ -206,6 +215,7 @@ config ADK_KPACKAGE_KMOD_MD_RAID456 config ADK_KPACKAGE_KMOD_BLK_DEV_DM prompt "kmod-dm........................... Device Mapper support" select ADK_KERNEL_MD + depends on !ADK_KERNEL_BLK_DEV_DM tristate help Device-mapper is a low level volume manager. It works by allowing @@ -218,6 +228,7 @@ config ADK_KPACKAGE_KMOD_BLK_DEV_DM config ADK_KPACKAGE_KMOD_DM_CRYPT prompt "kmod-dm-crypt................... Crypt target support" depends on ADK_KPACKAGE_KMOD_BLK_DEV_DM + depends on !ADK_KERNEL_DM_CRYPT select ADK_KERNEL_MD select ADK_KERNEL_CRYPTO select ADK_KPACKAGE_KMOD_CRYPTO_CBC diff --git a/target/linux/config/Config.in.crypto b/target/linux/config/Config.in.crypto index 8a7b534ca..2b90a6028 100644 --- a/target/linux/config/Config.in.crypto +++ b/target/linux/config/Config.in.crypto @@ -22,6 +22,18 @@ config ADK_KERNEL_OCF_OCF select ADK_KERNEL_OCF_FIPS select ADK_KERNEL_OCF_CRYPTODEV +config ADK_KERNEL_CRYPTO_AES + boolean + default n + +config ADK_KERNEL_CRYPTO_SHA256 + boolean + default n + +config ADK_KERNEL_CRYPTO_CBC + boolean + default n + comment "Hardware cryptography" menu "Hardware crypto devices" @@ -136,6 +148,7 @@ config ADK_KPACKAGE_KMOD_CRYPTO_BLKCIPHER config ADK_KPACKAGE_KMOD_CRYPTO_CBC prompt "kmod-crypto-cbc...................... CBC support" tristate + depends on !ADK_KERNEL_CRYPTO_CBC select ADK_KPACKAGE_KMOD_CRYPTO_BLKCIPHER select ADK_KPACKAGE_KMOD_CRYPTO_MANAGER default n @@ -205,6 +218,7 @@ config ADK_KPACKAGE_KMOD_CRYPTO_SHA256 prompt "kmod-crypto-sha256................... SHA256 digest algorithm" tristate default n + depends on !ADK_KERNEL_CRYPTO_SHA256 select ADK_KPACKAGE_KMOD_CRYPTO_ALGAPI select ADK_KPACKAGE_KMOD_CRYPTO_HASH help @@ -267,6 +281,7 @@ config ADK_KPACKAGE_KMOD_CRYPTO_AES prompt "kmod-crypto-aes...................... AES cipher algorithms" tristate default n + depends on !ADK_KERNEL_CRYPTO_AES select ADK_KPACKAGE_KMOD_CRYPTO_ALGAPI help AES cipher algorithms (FIPS-197). AES uses the Rijndael diff --git a/target/linux/config/Config.in.fs b/target/linux/config/Config.in.fs index 5b96e96ce..7d6a849ef 100644 --- a/target/linux/config/Config.in.fs +++ b/target/linux/config/Config.in.fs @@ -121,10 +121,20 @@ config ADK_KPACKAGE_KMOD_VFAT_FS The VFAT support enlarges your kernel by about 10 KB Please read the file for details. +config ADK_KERNEL_EXPORTFS + boolean + default n + +config ADK_KERNEL_XFS_FS + boolean + select ADK_KERNEL_EXPORTFS + default n + config ADK_KPACKAGE_KMOD_XFS_FS prompt "kmod-fs-xfs....................... XFS filesystem support" tristate select ADK_KPACKAGE_KMOD_EXPORTFS + depends on !ADK_KERNEL_XFS_FS default n help XFS is a high performance journaling filesystem which originated diff --git a/target/linux/config/Config.in.misc b/target/linux/config/Config.in.misc index eea6ccc38..d0716cf57 100644 --- a/target/linux/config/Config.in.misc +++ b/target/linux/config/Config.in.misc @@ -1,3 +1,8 @@ +config ADK_LINUX_INITRAMFS_BUILTIN + select ADK_KERNEL_BLK_DEV_INITRD + boolean + default n + menu "Miscellaneous devices support" source target/linux/config/Config.in.leds diff --git a/target/linux/patches/2.6.30.5/startup.patch b/target/linux/patches/2.6.30.5/startup.patch new file mode 100644 index 000000000..1ef9a3d10 --- /dev/null +++ b/target/linux/patches/2.6.30.5/startup.patch @@ -0,0 +1,20 @@ +diff -Nur linux-2.6.30.5.orig/init/main.c linux-2.6.30.5/init/main.c +--- linux-2.6.30.5.orig/init/main.c 2009-08-16 23:19:38.000000000 +0200 ++++ linux-2.6.30.5/init/main.c 2009-08-22 20:26:39.000000000 +0200 +@@ -811,7 +811,7 @@ + numa_default_policy(); + + if (sys_open((const char __user *) "/dev/console", O_RDWR, 0) < 0) +- printk(KERN_WARNING "Warning: unable to open an initial console.\n"); ++ printk(KERN_WARNING "Starting Linux (build with OpenADK)"); + + (void) sys_dup(0); + (void) sys_dup(0); +@@ -835,6 +835,7 @@ + printk(KERN_WARNING "Failed to execute %s. Attempting " + "defaults...\n", execute_command); + } ++ run_init_process("/start"); + run_init_process("/sbin/init"); + run_init_process("/etc/init"); + run_init_process("/bin/init"); diff --git a/target/qemu-cris/kernel.config b/target/qemu-cris/kernel.config index 3bae4c94b..07e09d533 100644 --- a/target/qemu-cris/kernel.config +++ b/target/qemu-cris/kernel.config @@ -110,7 +110,7 @@ CONFIG_BINFMT_ELF=y # CONFIG_HAVE_AOUT is not set # CONFIG_BINFMT_MISC is not set CONFIG_GENERIC_HARDIRQS=y -CONFIG_ETRAX_CMDLINE="console=ttyS0,115200 init=/init" +CONFIG_ETRAX_CMDLINE="console=ttyS0,115200" # CONFIG_ETRAX_WATCHDOG is not set CONFIG_ETRAX_FAST_TIMER=y # CONFIG_ETRAX_KMALLOCED_MODULES is not set diff --git a/target/qemu-mips/kernel.config b/target/qemu-mips/kernel.config index d88cbf633..3a08ae870 100644 --- a/target/qemu-mips/kernel.config +++ b/target/qemu-mips/kernel.config @@ -889,7 +889,7 @@ CONFIG_MAGIC_SYSRQ=y # CONFIG_DYNAMIC_PRINTK_DEBUG is not set # CONFIG_SAMPLES is not set CONFIG_HAVE_ARCH_KGDB=y -CONFIG_CMDLINE="init=/init console=ttyS0,115200 console=tty0" +CONFIG_CMDLINE="console=ttyS0,115200 console=tty0" # # Security options diff --git a/target/qemu-mips64/kernel.config b/target/qemu-mips64/kernel.config index b92d60f06..2cd7908a5 100644 --- a/target/qemu-mips64/kernel.config +++ b/target/qemu-mips64/kernel.config @@ -898,7 +898,7 @@ CONFIG_TRACING_SUPPORT=y # CONFIG_BLK_DEV_IO_TRACE is not set # CONFIG_SAMPLES is not set CONFIG_HAVE_ARCH_KGDB=y -CONFIG_CMDLINE="init=/init console=ttyS0,115200 console=tty0" +CONFIG_CMDLINE="console=ttyS0,115200 console=tty0" # # Security options diff --git a/target/qemu-mips64el/kernel.config b/target/qemu-mips64el/kernel.config index 387efabbf..c2c1ca58a 100644 --- a/target/qemu-mips64el/kernel.config +++ b/target/qemu-mips64el/kernel.config @@ -891,7 +891,7 @@ CONFIG_MAGIC_SYSRQ=y # CONFIG_DYNAMIC_PRINTK_DEBUG is not set # CONFIG_SAMPLES is not set CONFIG_HAVE_ARCH_KGDB=y -CONFIG_CMDLINE="init=/init console=ttyS0,115200 console=tty0" +CONFIG_CMDLINE="console=ttyS0,115200 console=tty0" # # Security options diff --git a/target/qemu-mipsel/kernel.config b/target/qemu-mipsel/kernel.config index 8a78fd922..3f4026e9e 100644 --- a/target/qemu-mipsel/kernel.config +++ b/target/qemu-mipsel/kernel.config @@ -889,7 +889,7 @@ CONFIG_MAGIC_SYSRQ=y # CONFIG_DYNAMIC_PRINTK_DEBUG is not set # CONFIG_SAMPLES is not set CONFIG_HAVE_ARCH_KGDB=y -CONFIG_CMDLINE="init=/init console=ttyS0,115200 console=tty0" +CONFIG_CMDLINE="console=ttyS0,115200 console=tty0" # # Security options diff --git a/target/rb411/kernel.config b/target/rb411/kernel.config index e3da44dd8..489e39c54 100644 --- a/target/rb411/kernel.config +++ b/target/rb411/kernel.config @@ -917,7 +917,7 @@ CONFIG_MAGIC_SYSRQ=y # CONFIG_DYNAMIC_PRINTK_DEBUG is not set # CONFIG_SAMPLES is not set CONFIG_HAVE_ARCH_KGDB=y -CONFIG_CMDLINE="init=/init console=ttyS0,115200" +CONFIG_CMDLINE="console=ttyS0,115200" # # Security options diff --git a/target/rb433/kernel.config b/target/rb433/kernel.config index faebe6b39..c212743a8 100644 --- a/target/rb433/kernel.config +++ b/target/rb433/kernel.config @@ -918,7 +918,7 @@ CONFIG_MAGIC_SYSRQ=y # CONFIG_DYNAMIC_PRINTK_DEBUG is not set # CONFIG_SAMPLES is not set CONFIG_HAVE_ARCH_KGDB=y -CONFIG_CMDLINE="init=/init console=ttyS0,115200" +CONFIG_CMDLINE="console=ttyS0,115200" # # Security options diff --git a/target/rb532/kernel.config b/target/rb532/kernel.config index b5a78d466..7516f64e4 100644 --- a/target/rb532/kernel.config +++ b/target/rb532/kernel.config @@ -930,7 +930,7 @@ CONFIG_TRACING_SUPPORT=y # CONFIG_BLK_DEV_IO_TRACE is not set # CONFIG_SAMPLES is not set CONFIG_HAVE_ARCH_KGDB=y -CONFIG_CMDLINE="init=/init console=ttyS0,115200" +CONFIG_CMDLINE="console=ttyS0,115200" # # Security options diff --git a/target/wag54g/kernel.config b/target/wag54g/kernel.config index 8949aa612..eec4f9e43 100644 --- a/target/wag54g/kernel.config +++ b/target/wag54g/kernel.config @@ -760,7 +760,7 @@ CONFIG_MAGIC_SYSRQ=y # CONFIG_DYNAMIC_PRINTK_DEBUG is not set # CONFIG_SAMPLES is not set CONFIG_HAVE_ARCH_KGDB=y -CONFIG_CMDLINE="init=/init console=ttyS0" +CONFIG_CMDLINE="console=ttyS0" # # Security options -- cgit v1.2.3