4bc16d0a00
Allow for single (external-data) FIT image to hold kernel, dtb and squashfs. In that way, the bootloader verifies the system integrity including the rootfs, because what's the point of checking that the hash of the kernel is correct if it won't boot in case of squashfs being corrupted? Better allow bootloader to check everything needed to make it at least up to failsafe mode. As a positive side effect this change also makes the sysupgrade process on nand potentially much easier as it is now. In short: mkimage has a parameter '-E' which allows generating FIT images with 'external' data rather than embedding the data into the device-tree blob itself. In this way, the FIT structure itself remains small and can be parsed easily (rather than having to page around megabytes of image content). This patch makes use of that and adds support for adding sub-images of type 'filesystem' which are used to store the squashfs. Now U-Boot can verify the whole OS and the new partition parsers added in the Linux kernel can detect the filesystem sub-images, create partitions for them, and select the active rootfs volume based on the configuration in FIT (passing configuration via device tree could be implemented easily at a later stage). This new FIT partition parser works for NOR flash (on top of mtdblock), NAND flash (on top of ubiblock) as well as classic block devices (ie. eMMC, SDcard, SATA, NVME, ...). It could even be used to mount such FIT images via `losetup -P` on a user PC if this patch gets included in Linux upstream one day ;) |
||
|---|---|---|
| .github | ||
| contributors | ||
| patches | ||
| root | ||
| .gitignore | ||
| build.sh | ||
| CLA-entity.md | ||
| CLA-individual.md | ||
| CODE_OF_CONDUCT.md | ||
| config | ||
| config-bpi-r1 | ||
| config-bpi-r2 | ||
| config-bpi-r64 | ||
| config-cm520-79f | ||
| config-espressobin | ||
| config-espressobin1 | ||
| config-nanopi_neo | ||
| config-p2w_r619ac | ||
| config-r2s | ||
| config-rpi2 | ||
| config-rpi3 | ||
| config-rpi4 | ||
| config-ubnt-erx | ||
| config-wrt32x | ||
| config-wrt3200acm | ||
| config-x86 | ||
| config-x86_64 | ||
| CONTRIBUTING.md | ||
| deploy_rsa.enc | ||
| LICENSE | ||
| README.md | ||
| sign.sh | ||
OpenMPTCProuter
OpenMPTCProuter is an open source solution to aggregate and encrypt multiple internet connections and terminates it over any VPS which make clients benefit security, reliability, net neutrality, as well as dedicated public IP.
The aggregation is based on Multipath TCP (MPTCP), which is ISP, WAN type, and latency independent "whether it was Fiber, VDSL, SHDSL, ADSL, 4G or even 5G", different scenarios can be configured to have either aggregation or failover based on MPTCP.
Aggregation via Multi-link VPN (MLVPN) and Glorytun UDP with multipath support are also supported.
The solution takes advantage of the OpenWRT/LEDE system, which is user friendly and also adds the possibility of installing other packages like VPN, QoS, routing protocols, monitoring, etc. through web-interface or terminal.
Main website: https://www.openmptcprouter.com/
Packages made for OpenMPTCProuter are available here: https://github.com/Ysurac/openmptcprouter-feeds
OpenMPTCProuter VPS script part: https://github.com/Ysurac/openmptcprouter-vps
Install from pre-compiled images
You can download precompiled images from https://www.openmptcprouter.com/
Then copy it to a sdcard:
gunzip omr-*.img.gz
dd bs=4M if=omr-*.img of=/dev/sdX conv=fsync
Install from source
Credits
Our solution is mainly based on: