发现
- uci-defaults 看起来可以注入设置文件
#!/bin/sh uci -q show system.@restorefactory[0] || { uci add system restorefactory uci set system.@restorefactory[0].button=reset uci set system.@restorefactory[0].action=pressed uci set system.@restorefactory[0].timeout=5 uci commit }
森亮号修改镜像
https://code.google.com/p/openwrt-restorefactory-slboat/
修改
增加LED显示,10秒默认超时
- 按下复位按钮将2.5秒一次开始显示,如果按住保持了10秒,那就开始快速闪烁,代表已经开始复位了
- 当中途取消的时候,LED恢复点亮
- 默认超时时间改为了10秒,5秒可能容易误触发
源码
#!/bin/sh # let's loag the led . /etc/diag.sh get_status_led # for failsafe mode,it cant read everything button="reset" action="pressed" timeout=10 system_config() { config_get button "$1" button "reset" config_get action "$1" action "pressed" config_get timeout "$1" timeout "10" } config_load system config_foreach system_config restorefactory [ "$BUTTON" = "$button" ] && { [ -f /tmp/run/restore_now.pid ] && logger -p user.info -t "restorefactory" "restore to factory are start working now!" && exit 1 # if we cancal one,then Let the led just normal ON [ -f /tmp/run/restorefactory.pid ] && read PID < /tmp/run/restorefactory.pid && kill $PID && rm /tmp/run/restorefactory.pid && logger -p user.info -t "restorefactory" "restore to factory defaults aborted" && set_state done && [ -f /tmp/.failsafe ] && set_state failsafe [ "$ACTION" = "$action" ] && { if [ "$timeout" -gt 0 ] then # make the led slow ,so we know now are doing restore status_led_set_timer 250 250 # make sure we can use the folder/tmp/run,mostly just not easy use it in failsafemode mkdir -p /tmp/run/ # wait the time and let led flash like failsafe sleep "$timeout" && status_led_set_timer 80 200 && rm /tmp/run/restorefactory.pid && echo work > /tmp/run/restore_now.pid && firstboot && set_state done && sleep 2 && reboot -f & echo $! > /tmp/run/restorefactory.pid logger -p user.info -t "restorefactory" "restoring to factory defaults in $timeout seconds" elif [ "$timeout" -eq 0 ] then # make the led feelsafe set_state failsafe firstboot && reboot & else logger -p user.info -t "restorefactory" "invalid timeout value ($timeout)" fi } }
failsafe hook补丁增加
- 注入一个开启hotplug的文件
将它命名为:50_hotplug_for_failsafe.sh
#!/bin/sh # This is strart hotplud for failsafe # the mod is by slboat start_hotplug2() { killall -q hotplug2 [ -x /sbin/hotplug2 ] && /sbin/hotplug2 --override --persistent \ --set-rules-file /etc/hotplug2.rules \ --set-coldplug-cmd /sbin/udevtrigger \ --max-children 1 >/dev/null 2>&1 & echo -e "\n SLBoat: The hotplug2 for the reset button has start!" echo "IF you like,you can push reset button more than 10 second for firstboot" } boot_hook_add failsafe start_hotplug2
- 它的效果看起来就像是这样
源码欣赏
/etc/hotplug.d/button/50-restorefactory
#!/bin/sh #像是初始化设置 system_config() { # 绑定按钮,复位按钮 config_get button "$1" button "reset" # 只有按下去后触发 config_get action "$1" action "pressed" # 默认超时时间5秒 config_get timeout "$1" timeout "5" } # 从系统中载入设置,看起来通过的是UCI config_load system # 翟茹每一项restorefactory的系统设置 config_foreach system_config restorefactory # 如果触发按钮匹配了 [ "$BUTTON" = "$button" ] && { # 如果存在进程,读取进程id,杀死进程,删除进程id文件,记录本次事件 [ -f /tmp/run/restorefactory.pid ] && read PID < /tmp/run/restorefactory.pid && kill $PID && rm /tmp/run/restorefactory.pid && logger -p user.info -t "restorefactory" "restore to factory defaults aborted" # 发生了指定触发事件,在这里是复位按钮的按下信息,松开将触发上面那个玩意 [ "$ACTION" = "$action" ] && { if [ "$timeout" -gt 0 ] then # 等待若干秒,之后执行复位重启,如果中间再次按下就会终止运行,这里最后的&是后台运行的玩意 sleep "$timeout" && firstboot && reboot & # 有趣的是下面会直接执行,并不会等待上面的 # 写入当前的进程ID到一个文件里 echo $! > /tmp/run/restorefactory.pid logger -p user.info -t "restorefactory" "restoring to factory defaults in $timeout seconds" elif [ "$timeout" -eq 0 ] # 如果超时时间设置是0,那么直接的重启 then firstboot && reboot & else # 超时时间无效 logger -p user.info -t "restorefactory" "invalid timeout value ($timeout)" fi } }
发现于
软件包包含文件
root@OpenWrt:/# opkg files restorefactory Package restorefactory (1-6) is installed on root and has the following files: /etc/uci-defaults/50-restorefactory /etc/hotplug.d/button/50-restorefactory
工作原理
- 利用复位按键的信息获取来进行重置一切
[展开]
原始源码
困扰
已失去困扰
- failsafe模式下是否有用呢?
完全无用这玩意
音频想法
- 复位按钮,openwrt自身的很实用(应该是tp的),按住它保持十几秒开机的时候让它复位所有数据听起来很号,如果能够源码注入那就很好了,这样复位按钮更好的作用
- (tplink官方固件的)reset按钮是如何扑捉的呢?如果能扑捉它的话,那wr703启动安全模式的时候直接捕捉它,然后或许它就能进入安全模式,这听起来真是个不坏的主意。
- 如何安全模式捕获reset按钮是否按下呢?读取cpu寄存器吗?
- 利用控制ldo(reset?)这个按钮或者什么可以控制别的
- 在Openwrt修改版中一直重启出现一个莫名其妙的堆栈错误,事实上有一定机会触发到,那就是直接执行到firstboot,然后在reboot,这样看起来就不会这般混乱里.
[后来-401天后]->但是这个reboot的则看起来是因为注入了hotplug所致.
编译需添加
kernel modules
---> other modules
--->kmod-button-hotplug
kmod-gpio-button-hotplug