Skip to content
rcS-root 11.1 KiB
Newer Older
Nicolas Mailloux's avatar
Nicolas Mailloux committed
#!/bin/sh

rotate_screen() {
	if [ "${DEVICE}" == "n705" ] || [ "${DEVICE}" == "n905b" ] || [ "${DEVICE}" == "n905c" ] || [ "${DEVICE}" == "n613" ]; then
		FB_UR=3
	elif [ "${DEVICE}" == "n873" ]; then
		FB_UR=0
	else
		FB_UR=3
	fi

	echo ${FB_UR} > /sys/class/graphics/fb0/rotate
}

mount_alpine_udev() {
	mkdir -p /alpine
	mount /mnt/opt/recovery/restore/alpine-udev.sqsh /alpine
	mount --rbind /proc /mnt/proc
	mount --rbind /proc /alpine/proc
	mount --rbind /sys /mnt/sys
	mount --rbind /sys /alpine/sys
	mount --rbind /dev /mnt/dev
	mount --rbind /dev /alpine/dev
	mount -t tmpfs tmpfs -o nosuid /mnt/tmp
	mount -t tmpfs tmpfs -o nosuid /alpine/tmp
	mount -t tmpfs tmpfs -o nosuid /alpine/run
}

Nicolas Mailloux's avatar
Nicolas Mailloux committed
mount -t proc proc /proc
mount -t sysfs sysfs /sys
sleep 1
mount -t devtmpfs devtmpfs /dev
mount -t tmpfs tmpfs /tmp
Nicolas Mailloux's avatar
Nicolas Mailloux committed
hostname kobo
ifconfig lo up
tar -xvf /opt/usr_lib.tar.xz -C /usr/lib
Nicolas Mailloux's avatar
Nicolas Mailloux committed

KERNEL_VERSION=`uname -a`
KERNEL_BUILD_ID=`cat /opt/build_id`
Nicolas Mailloux's avatar
Nicolas Mailloux committed
DEVICE=`cat /opt/device`
Nicolas Mailloux's avatar
Nicolas Mailloux committed
echo "$KERNEL_VERSION"
echo "InkBox OS, kernel build $KERNEL_BUILD_ID"
echo "Copyright (C) 2021 Nicolas Mailloux <nicolecrivain@gmail.com>"
echo

Nicolas Mailloux's avatar
Nicolas Mailloux committed
echo "Checking filesystems ..."
Nicolas Mailloux's avatar
Nicolas Mailloux committed
/usr/bin/fsck.ext4 -y /dev/mmcblk0p1
Nicolas Mailloux's avatar
Nicolas Mailloux committed
if [ "$DEVICE" == "n705" ] || [ "$DEVICE" == "n905b" ] || [ "$DEVICE" == "n905c" ] || [ "$DEVICE" == "n613" ]; then
	/usr/bin/fsck.ext4 -y /dev/mmcblk0p2
elif [ "$DEVICE" == "n873" ]; then
	/usr/bin/fsck.ext4 -y /dev/mmcblk0p5
Nicolas Mailloux's avatar
Nicolas Mailloux committed
else
	/usr/bin/fsck.ext4 -y /dev/mmcblk0p2
fi
Nicolas Mailloux's avatar
Nicolas Mailloux committed
if [ "$DEVICE" == "n705" ] || [ "$DEVICE" == "n905b" ] || [ "$DEVICE" == "n905c" ] || [ "$DEVICE" == "n613" ]; then
	/usr/bin/fsck.ext4 -y /dev/mmcblk0p3
elif [ "$DEVICE" == "n873" ]; then
Nicolas Mailloux's avatar
Nicolas Mailloux committed
	/usr/bin/fsck.fat -y /dev/mmcblk0p3
else
	/usr/bin/fsck.ext4 -y /dev/mmcblk0p3
Nicolas Mailloux's avatar
Nicolas Mailloux committed
fi
Nicolas Mailloux's avatar
Nicolas Mailloux committed
/usr/bin/fsck.ext4 -y /dev/mmcblk0p4
echo

UID_FLAG_RAW=`dd if=/dev/mmcblk0 bs=256 skip=3 count=1 status=none`
UID_FLAG=${UID_FLAG_RAW:0:1}
if [ "$UID_FLAG" != "1" ]; then
	/opt/bin/uidgen write-mmc
	echo "1" | dd of=/dev/mmcblk0 bs=256 seek=3
else
	:
fi

Nicolas Mailloux's avatar
Nicolas Mailloux committed
# Upgrading kernel if needed
Nicolas Mailloux's avatar
Nicolas Mailloux committed
mount -t ext4 /dev/mmcblk0p1 /mnt
KERNEL_FLASH=`cat /mnt/flags/KERNEL_FLASH` 2>/dev/null
WILL_UPDATE=`cat /mnt/flags/WILL_UPDATE` 2>/dev/null
DIAGS_BOOT=`cat /mnt/flags/DIAGS_BOOT` 2>/dev/null
STARTX=`cat /mnt/flags/X11_START` 2>/dev/null
Nicolas Mailloux's avatar
Nicolas Mailloux committed
MOUNT_RW=`cat /mnt/flags/RW_ROOTFS` 2>/dev/null
INITRD_DEBUG=`cat /mnt/flags/INITRD_DEBUG` 2>/dev/null
DONT_BOOT=`cat /mnt/flags/DONT_BOOT` 2>/dev/null

if [ "$DONT_BOOT" == "true" ]; then
	echo "Device is locked down and will not boot."
	/etc/init.d/inkbox-splash alert_splash 1

## DEBUG ##
if [ "$INITRD_DEBUG" == "true" ]; then
	mkdir -p /dev/pts
	mount -t devpts devpts /dev/pts
	busybox telnetd
fi
Nicolas Mailloux's avatar
Nicolas Mailloux committed

if [ "$KERNEL_FLASH" == "true" ]; then
	cp /mnt/boot/uImage /
	sync
	echo "Flashing new kernel..."
	dd if=/uImage of=/dev/mmcblk0 bs=512 seek=81920
Nicolas Mailloux's avatar
Nicolas Mailloux committed
	sync
	echo "false" > /mnt/flags/KERNEL_FLASH
	rm /mnt/boot/uImage
	echo "Done, rebooting..."
	reboot
else
	umount /mnt
	evtest /dev/input/event0 > /tmp/input-log &
	EVTEST_PID=$!
Nicolas Mailloux's avatar
Nicolas Mailloux committed

Nicolas Mailloux's avatar
Nicolas Mailloux committed
	read -t 5 -n 1 -s -r -p "(initrd) Hit any key to stop auto-boot ... " KEY
Nicolas Mailloux's avatar
Nicolas Mailloux committed

	if [ "$KEY" == "" ]; then
		INPUT_LOG=`cat /tmp/input-log | grep value`
		export INPUT_LOG

		# Device should have been wiped and restored to a factory state
		# Checking if there is still a "noroot" flag in the unpartitioned space
		export ROOT_FLAG=`dd if=/dev/mmcblk0 bs=512 skip=79872 count=1 status=none | head -c6`
		if [ "$ROOT_FLAG" == "rooted" ]; then
Nicolas Mailloux's avatar
Nicolas Mailloux committed
			echo "Security policy not enforced; root access permitted."
		else
			/etc/init.d/overlay-mount recovery
Nicolas Mailloux's avatar
Nicolas Mailloux committed
			mount -t ext4 /dev/mmcblk0p1 /mnt/boot
Nicolas Mailloux's avatar
Nicolas Mailloux committed

			echo "WARNING: User violated security policy!"
			echo "Flashing a new kernel that does not allow root access..."
			dd if=/mnt/opt/recovery/restore/uImage-std of=/dev/mmcblk0 bs=512 seek=81920
Nicolas Mailloux's avatar
Nicolas Mailloux committed
			sync
			# We set the ALERT flag to show a GUI warning about what happened
                        echo "true" > /mnt/boot/flags/ALERT
			sync
Nicolas Mailloux's avatar
Nicolas Mailloux committed
			echo "Done, rebooting..."
			reboot
			exit 0
		fi

		if [ "$INPUT_LOG" == "" ]; then
			if [ "$DIAGS_BOOT" != "true" ]; then
				# If the security policy was violated, we would not be there anymore, so from now on we are booting as usual.
Nicolas Mailloux's avatar
Nicolas Mailloux committed
				if [ "$WILL_UPDATE" != "true" ]; then
					/etc/init.d/inkbox-splash
Nicolas Mailloux's avatar
Nicolas Mailloux committed
				else
					/etc/init.d/inkbox-splash update_splash &
					UPDATE_SPLASH_PID=$!
					export UPDATE_SPLASH_PID
Nicolas Mailloux's avatar
Nicolas Mailloux committed
				fi
Nicolas Mailloux's avatar
Nicolas Mailloux committed

				# Wi-Fi connection
				if [ "$DEVICE" == "n905b" ] || [ "$DEVICE" == "n873" ]; then
					EXPRESS_VERIFICATION=1 /etc/init.d/overlay-mount recovery
					if [ $? == 0 ]; then
						mount_alpine_udev
						chroot /alpine /sbin/openrc "sysinit" &>/dev/null
						if [ $? == 0 ]; then
							timeout 15s /sbin/setup-wifi
						fi
						killall udevd
						umount -l -f /alpine
						umount -l -f /mnt
						umount -l -f /overlaymount-rootfs
						umount -l -f /recoveryfs-part
						losetup -d /dev/loop1
					fi
				fi

Nicolas Mailloux's avatar
Nicolas Mailloux committed
				# Root filesystem
Nicolas Mailloux's avatar
Nicolas Mailloux committed
				if [ "$MOUNT_RW" == "true" ]; then
					/etc/init.d/overlay-mount rw
					OVERLAYMOUNT_EXITCODE=$?
					if [ $OVERLAYMOUNT_EXITCODE != 0 ]; then
						exit $OVERLAYMOUNT_EXITCODE
					fi
Nicolas Mailloux's avatar
Nicolas Mailloux committed
				else
					/etc/init.d/overlay-mount ro
					OVERLAYMOUNT_EXITCODE=$?
					if [ $OVERLAYMOUNT_EXITCODE != 0 ]; then
						exit $OVERLAYMOUNT_EXITCODE
					fi
Nicolas Mailloux's avatar
Nicolas Mailloux committed
				fi
Nicolas Mailloux's avatar
Nicolas Mailloux committed
				mount -t ext4 /dev/mmcblk0p1 /mnt/boot

				# Bind-mount a valid passwd file to allow login
				cp /opt/passwd-root /tmp/passwd
				mount --bind /tmp/passwd /mnt/etc/passwd

Nicolas Mailloux's avatar
Nicolas Mailloux committed
				## User storage
Nicolas Mailloux's avatar
Nicolas Mailloux committed
				mount -t ext4 /dev/mmcblk0p4 /mnt/opt/storage
				# Config
				mkdir -p /mnt/opt/storage/config
				mkdir -p /mnt/opt/config
				mount --bind /mnt/opt/storage/config /mnt/opt/config
Nicolas Mailloux's avatar
Nicolas Mailloux committed
				# Update bundle
				mkdir -p /mnt/opt/storage/update
				mkdir -p /mnt/opt/update
				mount --bind /mnt/opt/storage/update /mnt/opt/update
				# X11/KoBox
				mkdir -p /mnt/opt/storage/X11/rootfs/work
				mkdir -p /mnt/opt/storage/X11/rootfs/write
Nicolas Mailloux's avatar
Nicolas Mailloux committed
				mkdir -p /mnt/opt/X11/rootfs
				mount --bind /mnt/opt/storage/X11/rootfs /mnt/opt/X11/rootfs
Nicolas Mailloux's avatar
Nicolas Mailloux committed
				# InkBox GUI's rootfs
				mkdir -p /mnt/opt/storage/gui_rootfs
				mkdir -p /mnt/opt/gui_rootfs
				mount --bind /mnt/opt/storage/gui_rootfs /mnt/opt/gui_rootfs
				# SSHd
				mkdir -p /mnt/opt/storage/ssh
				touch /mnt/opt/storage/ssh/sshd_config
				mount --bind /mnt/opt/storage/ssh /mnt/etc/ssh
Nicolas Mailloux's avatar
Nicolas Mailloux committed
				mkdir -p /mnt/opt/root
				mkdir -p /mnt/opt/key
				mkdir -p /mnt/selinux
				mkdir -p /mnt/modules
Nicolas Mailloux's avatar
Nicolas Mailloux committed
				losetup /dev/loop7 /opt/root.sqsh
				mount /dev/loop7 /mnt/opt/root -o ro,nodev,nosuid,noexec
				losetup /dev/loop6 /opt/key.sqsh
				mount /dev/loop6 /mnt/opt/key -o ro,nodev,nosuid,noexec
				losetup /dev/loop5 /opt/modules.sqsh
				mount /dev/loop5 /mnt/modules -o ro,nodev,nosuid,noexec
Nicolas Mailloux's avatar
Nicolas Mailloux committed

				mount --rbind /proc /mnt/proc
				mount --rbind /sys /mnt/sys
				mount --rbind /dev /mnt/dev
Nicolas Mailloux's avatar
Nicolas Mailloux committed
				mount -t tmpfs tmpfs /mnt/tmp
				mount -t tmpfs tmpfs /mnt/var/log
				mount -t tmpfs tmpfs /mnt/opt/developer

				# Wi-Fi & Internet
Nicolas Mailloux's avatar
Nicolas Mailloux committed
				if [ -e "/opt/firmware.sqsh" ]; then
					losetup /dev/loop4 /opt/firmware.sqsh
					mount /dev/loop4 /mnt/lib/firmware
Nicolas Mailloux's avatar
Nicolas Mailloux committed
				fi
				cp /opt/device /tmp/device
				mount --bind /tmp/device /mnt/opt/inkbox_device
				touch /tmp/resolv.conf
				mount --bind /tmp/resolv.conf /mnt/etc/resolv.conf
				
				mount -t tmpfs tmpfs -o nosuid,noexec,nodev,size=2M /mnt/var/db/dhcpcd
				touch /mnt/var/db/dhcpcd/duid
				touch /mnt/opt/storage/dhcpcd_duid
				mount --bind /mnt/opt/storage/dhcpcd_duid /mnt/var/db/dhcpcd/duid
								
Nicolas Mailloux's avatar
Nicolas Mailloux committed
				mount -t selinuxfs selinuxfs /mnt/selinux 2>/dev/null

				# Developer key
				/etc/init.d/developer-key
				OVERRIDE_SIGNATURE_VERIFICATION=`cat /mnt/opt/developer/key/valid-key 2>/dev/null`
				# InkBox GUI's rootfs
				busybox chroot /mnt "/usr/bin/openssl" "dgst" "-sha256" "-verify" "/opt/key/public.pem" "-signature" "/opt/storage/gui_rootfs.isa.dgst" "/opt/storage/gui_rootfs.isa" &>/dev/null
				if [ $? != 0 ] && [ "$OVERRIDE_SIGNATURE_VERIFICATION" != "true" ]; then
					echo "FATAL: InkBox GUI root filesystem's signature is invalid!"
					echo "Aborting boot and powering off ..."
					killall -q inkbox-splash
					/etc/init.d/inkbox-splash alert_splash 2
					busybox poweroff
					exit 1
				else
					busybox chroot /mnt "/bin/squashfuse" "/opt/storage/gui_rootfs.isa" "/opt/gui_rootfs/read"
					busybox chroot /mnt "/bin/fuse-overlayfs" "-o" "lowerdir=/opt/gui_rootfs/read,upperdir=/opt/gui_rootfs/write,workdir=/opt/gui_rootfs/work" "/kobo"
Nicolas Mailloux's avatar
Nicolas Mailloux committed

					echo true > /mnt/kobo/inkbox/remount
					echo false > /mnt/boot/flags/X11_STARTED
					# Starting an X server
					if [ "$STARTX" == "true" ]; then
						/etc/init.d/startx
					fi

					chroot /mnt /sbin/openrc "sysinit"
					/etc/init.d/initrd-fifo
					chroot /mnt /sbin/openrc "boot"
					chroot /mnt /sbin/openrc "default"
					exit 0
				fi
Nicolas Mailloux's avatar
Nicolas Mailloux committed
			else
				echo "DIAGS_BOOT is set to 'true', booting into diagnostics..."
Nicolas Mailloux's avatar
Nicolas Mailloux committed
				mkdir -p /alpine
Nicolas Mailloux's avatar
Nicolas Mailloux committed
				/etc/init.d/overlay-mount recovery
				OVERLAYMOUNT_EXITCODE=$?
				if [ $OVERLAYMOUNT_EXITCODE != 0 ]; then
					exit $OVERLAYMOUNT_EXITCODE
				fi
Nicolas Mailloux's avatar
Nicolas Mailloux committed
				mount -t ext4 /dev/mmcblk0p1 /mnt/boot
Nicolas Mailloux's avatar
Nicolas Mailloux committed

				losetup /dev/loop7 /opt/root.sqsh
				mount /dev/loop7 /mnt/opt/root -o ro,nodev,nosuid,noexec
				losetup /dev/loop6 /opt/key.sqsh
				mount /dev/loop6 /mnt/opt/key -o ro,nodev,nosuid,noexec
				losetup /dev/loop5 /opt/modules.sqsh
				mount /dev/loop5 /mnt/modules -o ro,nodev,nosuid,noexec
Nicolas Mailloux's avatar
Nicolas Mailloux committed

				mount /mnt/opt/recovery/restore/alpine-udev.sqsh /alpine
				mount --rbind /proc /mnt/proc
				mount --rbind /proc /alpine/proc
				mount --rbind /sys /mnt/sys
				mount --rbind /sys /alpine/sys
Nicolas Mailloux's avatar
Nicolas Mailloux committed
				mount --rbind /dev /mnt/dev
				mount --rbind /dev /alpine/dev
Nicolas Mailloux's avatar
Nicolas Mailloux committed
				mount -t tmpfs tmpfs /mnt/tmp
				mount -t tmpfs tmpfs /alpine/tmp
				mount -t tmpfs tmpfs /alpine/run
Nicolas Mailloux's avatar
Nicolas Mailloux committed
				chroot /alpine /sbin/openrc "sysinit" &>/dev/null
Nicolas Mailloux's avatar
Nicolas Mailloux committed
				chroot /mnt /opt/bin/diagnostics_splash
				sleep 2
				chroot /mnt /opt/recovery/launch.sh &
				exit 0
			fi
		else
			echo "Input event caught, booting into recovery partition..."
Nicolas Mailloux's avatar
Nicolas Mailloux committed
			mkdir -p /alpine
Nicolas Mailloux's avatar
Nicolas Mailloux committed
			/etc/init.d/overlay-mount recovery
			OVERLAYMOUNT_EXITCODE=$?
			if [ $OVERLAYMOUNT_EXITCODE != 0 ]; then
				exit $OVERLAYMOUNT_EXITCODE
			fi
Nicolas Mailloux's avatar
Nicolas Mailloux committed
			mount -t ext4 /dev/mmcblk0p1 /mnt/boot
Nicolas Mailloux's avatar
Nicolas Mailloux committed

			losetup /dev/loop7 /opt/root.sqsh
			mount /dev/loop7 /mnt/opt/root -o ro,nodev,nosuid,noexec
			losetup /dev/loop6 /opt/key.sqsh
			mount /dev/loop6 /mnt/opt/key -o ro,nodev,nosuid,noexec
			losetup /dev/loop5 /opt/modules.sqsh
			mount /dev/loop5 /mnt/modules -o ro,nodev,nosuid,noexec
Nicolas Mailloux's avatar
Nicolas Mailloux committed

			mount /mnt/opt/recovery/restore/alpine-udev.sqsh /alpine
			mount --rbind /proc /mnt/proc
			mount --rbind /proc /alpine/proc
			mount --rbind /sys /mnt/sys
			mount --rbind /sys /alpine/sys
Nicolas Mailloux's avatar
Nicolas Mailloux committed
			mount --rbind /dev /mnt/dev
			mount --rbind /dev /alpine/dev
Nicolas Mailloux's avatar
Nicolas Mailloux committed
			mount -t tmpfs tmpfs /mnt/tmp
			mount -t tmpfs tmpfs /alpine/tmp
			mount -t tmpfs tmpfs /alpine/run
Nicolas Mailloux's avatar
Nicolas Mailloux committed
			chroot /alpine /sbin/openrc "sysinit" &>/dev/null
Nicolas Mailloux's avatar
Nicolas Mailloux committed
			chroot /mnt /opt/bin/diagnostics_splash
			sleep 2
			chroot /mnt /opt/recovery/launch.sh &
			exit 0
		fi
	else
		rm /usr/sbin/chroot
		echo -e "#!/bin/sh\n\n/sbin/getty -L ttymxc0 115200 vt100" > /usr/sbin/chroot
		chmod +x /usr/sbin/chroot
		exit 0
	fi
fi

kill -9 $EVTEST_PID