Divested-WRT: No-nonsense hardened builds for Linksys WRT series

@wally_walrus

you are off a bit in this case

out of the box factory on mamba it seems that uboot is configured to read in a 4MB kernel from a certain address.
the kernel partition as defined by the Linux device tree (DTS) is 40MB(, yes 40MB)
BUT
the root partition is overlapped into the kernel partition and is 37MB
leaving only 3MB for the actual kernel

these patches merely reduce the root to 36MB, allowing the kernel to grow up to the 4MB
as 4MB is the max for this uboot without having to modify uboot

uboot is completely unmodified with these patches
uboot being unmodified and the layout of the "factory" flash images is why you can keep oem/stock compatible

--

as to why uboot is set to 4MB, but OpenWrt only 3MB, that is unknown to us

2 Likes

Hi,

I can share another successful story of migrating from well known davidc build to this one. As the author suggests, the hard-self-building way works(such a nice way of stress-test the cpu), and baking nlbw into rom is an easy process. Thanks a lot for your work!

However, I'm curious is there any way of interactive merging of multiple config.seeds or configs in general? I have in mind a case where I want to bring my own packages into further releases. Should I use quilt, mark all important for me packages then apply the newly created diff into all new .config file, or should I use another tool?

1 Like

Thanks @SkewedZeppelin! I hope you don't mind me re-phrasing your explanation Re: Linux Device Tree so please bear with me, or simply tell me to go RTFM :slight_smile:

You said "kernel partition as defined by the Linux device tree (DTS) is 40MB (yes 40MB) BUT the root partition is overlapped into the kernel partition and is 37MB leaving only 3MB for the actual kernel"

  • So the size of the generated root partition is constrained at 37MB in the normal build process (for unknown, possibly historical reasons) and that's what your patch is reducing down to 36MB in order to end up with more usable space for the kernel. Thus environment variables (alt_kern_addr and alt_kern_size) merely only tell uBoot where to start reading and how much to read in order to load the kernel in memory. And since alt_kern_size already references a 4MB "chunk" then uBoot will happily read and load an extra 1MB of code instead of 1MB of 0x00 padding, so that's what you meant by "uBoot being unmodified - did I get this right?

Many thanks again for your patience!

@wally_walrus

That is the gist of it!

@erxyi

Use whatever tools you are comfortable with.
I usually use meld for comparing larger files, and diff for smaller ones.

hi,

probably a newb question but I have the 3200acm and I see on your build - mamba and venom I think mamba is 1900 version and venom is 32x... so what I have to do to resize and upgrade to new kernel?
thanks

@PerkelSimon

You don't need to do anything.
You can use any available 'wrt3200acm' build with no special handling.

Resizing is only required on mamba and venom because they have a small kernel partition compared to the others.

1 Like

ok thanks, but I have to uncheck ''keep setting'' with sysupgrade, right?
and my current build is snapshot master, I can sysupgrade without a problem?

thanks for your help, time and development

@PerkelSimon
If you are currently running a recent OpenWrt snapshot and not 19.xx series you should be able to install with keep settings checked.
If you are on 19.xx or earlier you need to manually migrate to DSA from swconfig.

These builds aside from a handful of patches and configs are vanilla from master/trunk.

2 Likes

ok perfect, last question, that last kernel, improves some things, brings some new features?

I can confirm I can flash your resized build on my venom from the stock linksys firmware and can switch back to the linksys firmware from resized build.

3 Likes

likewise can confirm working and reverting on wrt1900 V1
!thanks

2 Likes

someone can confirm me that wireguard does not work with kernel 5.10?
thanks

I thought your last build was 5.10 :wink:
finaly I flashed but still 5.4.96

@PerkelSimon

last kernel, improves some things, brings some new features

Mostly bug fixes and security improvements.

@larrynz @ghoffman

That is good to hear!

@ninjanoir78

By the time OpenWrt fully supports 5.10, I am sure that WireGuard will be working.
iirc it is just some build issues, nothing big blocking it.

--

None of my builds are 5.10, as OpenWrt is still 5.4.
There is a wiki page detailing the update policy, but I can't seem to find it.
Basically don't rush to prevent constant rebasing.

3 Likes

I just flashed the latest (Feb 12) build on my mamba, and noticed the following in Status - System Log:

Fri Feb 12 20:11:11 2021 user.notice advanced-reboot: attempting to mount alternative partition (mtd5)
Fri Feb 12 20:11:12 2021 kern.notice kernel: [ 4693.269221] ubi2: attaching mtd5
Fri Feb 12 20:11:12 2021 kern.notice kernel: [ 4693.431877] ubi2: scanning is finished
Fri Feb 12 20:11:12 2021 kern.err kernel: [ 4693.435654] ubi2 error: 0xc0519ca0: the layout volume was not found
Fri Feb 12 20:11:12 2021 kern.err kernel: [ 4693.457959] ubi2 error: 0xc051d5ec: failed to attach mtd5, error -22
Fri Feb 12 20:11:12 2021 user.notice advanced-reboot: attempting to unmount alternative partition (mtd5)

as well as in Status - Kernel Log:

[ 4693.269221] ubi2: attaching mtd5
[ 4693.431877] ubi2: scanning is finished
[ 4693.435654] ubi2 error: 0xc0519ca0: the layout volume was not found
[ 4693.457959] ubi2 error: 0xc051d5ec: failed to attach mtd5, error -22

could this have something to do with the resized partition?

@wally_walrus

You mentioned earlier that you keep OEM in the alternative partition set.
That error is likely expected then, as it doesn't see the right magic values at the start of it.
That shouldn't show if you had a resized version flashed on both, as would be usual.
As long as you don't see any other issues such as settings not saving, it should be OK.

Thanks @SkewedZeppelin for the explanation! You're right, I kept the OEM firmware on the 1st partition and always flash from there. I was a little worried as I mistakenly loaded the configuration files from a mamba to a cobra once when I started using your build. I learned that lesson now :slight_smile:

@SkewedZeppelin

I hope this question is not too dumb. Can some of the postbuild items you reference on your website " Anything to change after install?" not be executed in an automated way at first boot using something like UCI?

2 Likes

@lamelogin
You are correct.
They could be scripted/baked in.
It is on my TODO list, I plan to do it eventually, just not the highest priority.

1 Like

Hi @SkewedZeppelin is there a way to include a set of configuration files in your build so router comes up pre-configured upon first boot after being flashed?

Thanks in advance,

1 Like