[LEDE-DEV] Proper way to deal with "dual firmware" ar71xx devices
Bjørn Mork
bjorn at mork.no
Sun Apr 23 11:40:10 PDT 2017
Hello,
Many devices make use of "dual firmware" configurations, splitting the
available flash and allowing two complete and independent installations.
This works fine for devices like the Linksys WRT1900AC etc, where the
boot loader make sure the kernel command line "root=" parameter matches
the booted kernel.
It does not work so well with ar71xx devices like the Ubiquiti UniFi AC
Pro. The original firmware use this layout:
dev: size erasesize name
mtd0: 00060000 00010000 "u-boot"
mtd1: 00010000 00010000 "u-boot-env"
mtd2: 00790000 00010000 "kernel0"
mtd3: 00790000 00010000 "kernel1"
mtd4: 00020000 00010000 "bs"
mtd5: 00040000 00010000 "cfg"
mtd6: 00010000 00010000 "EEPROM"
The current LEDE images configure this as:
MTDPARTS = spi0.0:384k(u-boot)ro,64k(u-boot-env)ro,7744k(firmware),7744k(ubnt-airos)ro,128k(bs)ro,256k(cfg)ro,64k(EEPROM)ro
Note that "kernel0" is statically mapped to "firmware", and that
"kernel1" (or "ubnt-airos") is made read-only. This sort of works as
long as LEDE is installed on "kernel0". But LEDE/OpenWrt does its magic
partition splitting based of the "firmware" partifion name. And it will
do this even if the currently booting LEDE kernel is located on
"ubnt-airos"/"kernel1".
Due to limited understanding of how the Ubiquiti U-Boot selects between
"kernel0" and "kernel1", there are instructions out there telling users
to try to install LEDE on both "kernel0" and "kernel1". But what
happens if the boot loader is actually loading the "kernel1" image? We
will then have a system with the kernel loaded from "kernel1" but the
rootfs loaded from "kernel0". This is bad. When sysupgrading, the
image on "kernel0" (aka "firmare") is replaced, But the boot loader will
still continue to load the old LEDE kernel from "kernel1". If you are
lucky, it will boot successfully using the new rootfs. You can then use
the mtd-rw package to make "ubnt-airos" writeable and copy the new
kernel there. Extremely confusing and unfriendly to users...
This should be fixed somehow. But I don't know how. The best would be
to make the kernel dynamically figure out which of the partitions it
booted from and then force the rootfs there. But I don't know if this
can be done without the help of the boot loader?
Another option would be to make two different systems, where the command
line for the "kernel1" installation switched the order of the "firmware"
and "ubnt-airos" partitions. But this would require the user to select
the correct image on installation. Not exactly user friendy...
Any better ideas or advice is appreciated.
Until this problem is resolved, I believe all installation instructions
for such devices should emphasize that LEDE/OpenWrt *must* be installed
on "kernel0" only!
Note that the boot loader appears to select "kernel0" or "kernel1" based
on the first bit of the "bs" partition. This partition contains two
32bit numbers, where the first one is 0x80000000 if "kernel1" is booted
and 0x00000000 if "kernel0". The second number appears to be a magic,
and is always 0xa34de82b (both numbers given as big endian here). The
rest of the partition are zeroes.
Bjørn
More information about the Lede-dev
mailing list