NixWRT: purely functional firmware images for IoT
This is a modal window.
Das Video konnte nicht geladen werden, da entweder ein Server- oder Netzwerkfehler auftrat oder das Format nicht unterstützt wird.
Formale Metadaten
| Titel |
| |
| Serientitel | ||
| Anzahl der Teile | 27 | |
| Autor | ||
| Lizenz | CC-Namensnennung 3.0 Unported: Sie dürfen das Werk bzw. den Inhalt zu jedem legalen Zweck nutzen, verändern und in unveränderter oder veränderter Form vervielfältigen, verbreiten und öffentlich zugänglich machen, sofern Sie den Namen des Autors/Rechteinhabers in der von ihm festgelegten Weise nennen. | |
| Identifikatoren | 10.5446/39604 (DOI) | |
| Herausgeber | ||
| Erscheinungsjahr | ||
| Sprache |
Inhaltliche Metadaten
| Fachgebiet | ||
| Genre | ||
| Abstract |
|
NixCon201811 / 27
3
5
6
7
10
13
16
19
20
22
24
25
00:00
Gebäude <Mathematik>RouterBitMathematikWort <Informatik>Divergenz <Vektoranalysis>HackerBildgebendes VerfahrenWurzel <Mathematik>Rippen <Informatik>Radon-TransformationKugelkappeQuick-SortTermDatenverwaltungTreiber <Programm>GrenzschichtablösungUnrundheitDifferenteFlash-SpeicherDerivation <Algebra>InformationsspeicherungOffene MengeNetzwerk <Graphentheorie>TeilbarkeitSicherungskopieKonfigurationsverwaltungLineare OptimierungSoftwareentwicklerQuadratzahlOffice-PaketComputerSpannweite <Stochastik>BootenSoftwareWidgetSampler <Musikinstrument>Kernel <Informatik>Zentrische StreckungHardwareBeobachtungsstudieMaßerweiterungFirmwareServerSoftwaretestFormale SpracheIn-System-ProgrammierungGraphische BenutzeroberflächeGüte der AnpassungBildschirmsymbolZellularer AutomatRandomisierungNotebook-ComputerKontrast <Statistik>Rekursive FunktionRoutingFaktor <Algebra>Kongruenzuntergruppe
05:42
Diskrete-Elemente-MethodeHardwareKernel <Informatik>Elektronische PublikationPersönliche IdentifikationsnummerPhysikalisches SystemSystemprogrammierungOverlay-NetzVarietät <Mathematik>CASE <Informatik>E-MailWhiteboardSerielle SchnittstelleMathematische LogikDerivation <Algebra>SoftwareSchreiben <Datenverarbeitung>Lineare OptimierungEinsMomentenproblemPunktBootenEmulatorTropfenComputerarchitekturMixed RealityARM <Computerarchitektur>WidgetInformationReelle ZahlTopologieSoftwaretestBinärcodePolarkoordinatenBitGraphfärbungCodeTermVirtuelle MaschineMinimalgradSpielkonsoleMAPSampler <Musikinstrument>Einfach zusammenhängender RaumComputerZählenProgrammbibliothekRadon-TransformationÄußere Algebra eines ModulsPatch <Software>InternetworkingHypermediaDifferenteLeistung <Physik>Demo <Programm>WellenlehreComputeranimation
11:25
Diskrete-Elemente-MethodeNabel <Mathematik>Hill-DifferentialgleichungMenütechnikMIDI <Musikelektronik>Metropolitan area networkGraphische BenutzeroberflächeModul <Datentyp>BildschirmfensterLoginRechter WinkelMultiplikationsoperatorGrundsätze ordnungsmäßiger DatenverarbeitungTypentheorieTelnetPhysikalisches SystemComputeranimationProgramm/Quellcode
12:19
BinärdatenExplosion <Stochastik>Machsches PrinzipZeichenketteNabel <Mathematik>BildschirmfensterElektronische PublikationPasswortGebäude <Mathematik>ParametersystemVerzeichnisdienstSchlüsselverwaltungServerInverser LimesKreisbogenDerivation <Algebra>FirmwareComputeranimation
13:16
BildschirmfensterSkriptspracheNabel <Mathematik>FirmwareBootenModul <Datentyp>Funktion <Mathematik>MusterspracheDienst <Informatik>Interface <Schaltung>Kernel <Informatik>HydrostatikKonfiguration <Informatik>PufferspeicherElektronische PublikationVererbungshierarchieGruppenoperationPhysikalisches SystemBitMinkowski-MetrikFirmwareDerivation <Algebra>Computeranimation
14:00
GruppenoperationSystemprogrammierungBootenSkriptspracheNormierter RaumNabel <Mathematik>BildschirmfensterFirmwarePhysikalisches SystemKonfigurationsraumBootenMAPGarbentheorieSpezifisches VolumenHardwareSerielle SchnittstelleComputeranimation
14:32
ROM <Informatik>AdressraumVerschlingungDatensichtgerätLastSerielle SchnittstelleATMBootenSpezialrechnerVersionsverwaltungAliasingFlash-SpeicherProgrammierumgebungVariableBefehlsprozessorInformationsspeicherungFiletransferprotokollProtokoll <Datenverarbeitungssystem>RechnernetzGruppenoperationHash-AlgorithmusBildschirmfensterNabel <Mathematik>Physikalisches SystemKonfigurationsraumSeidelPhysikalische TheorieFlash-SpeicherElektronische PublikationBootenVirtuelle MaschineSpeicheradresseProgrammierumgebungParametersystemSoftware Development KitSkriptspracheBitHochdruckTypentheorieGrundraumDebuggingVariableVersionsverwaltungGeradeSpeicherabzugNotebook-ComputerEinfach zusammenhängender RaumHalbleiterspeicherHardwareComputeranimation
16:25
GruppenoperationROM <Informatik>VersionsverwaltungAdressraumVariableProgrammierumgebungBefehlsprozessorInformationsspeicherungRechnernetzBootenSpezialrechnerFiletransferprotokollProtokoll <Datenverarbeitungssystem>SeidelPhysikalisches SystemLokales MinimumNormierter RaumNabel <Mathematik>ServerLastKonfigurationsraumBildschirmfensterRippen <Informatik>DatentypKernel <Informatik>BimodulGamecontrollerKartesische KoordinatenSchnelltasteFamilie <Mathematik>RoutingBridge <Kommunikationstechnik>DateiverwaltungComputerarchitekturZufallszahlenVerschlingungElektronische PublikationDienst <Informatik>Prozess <Informatik>BootenAdressraumHalbleiterspeicherComputeranimation
17:13
SpezialrechnerKernel <Informatik>DatentypFirmwareLastGruppenoperationBildschirmfensterNabel <Mathematik>AdressraumPunktKontrollstrukturPhysikalisches SystemKonfigurationsraumVersionsverwaltungProzess <Informatik>VerschlingungDienst <Informatik>CoprozessorDatenmodellInterrupt <Informatik>HardwareAbschattungSchnittmengeSpeicherabzugKernel <Informatik>TouchscreenEndliche ModelltheorieComputersicherheitHypermediaNabel <Mathematik>Wurzel <Mathematik>Überlagerung <Mathematik>SpielkonsoleLineare OptimierungComputeranimation
18:13
VererbungshierarchieKonfigurationsraumFirmwarePasswortInterface <Schaltung>Konfiguration <Informatik>Ext-FunktorTopologieFlash-SpeicherAutomatische HandlungsplanungSicherungskopieKonfigurationsraumMomentenproblemDateiverwaltungWurzel <Mathematik>MinimumObjekt <Kategorie>FirmwareFunktion <Mathematik>ErzeugendeBildgebendes VerfahrenBimodulMusterspracheMultiplikationsoperatorMini-DiscDateiformatParametersystemPunktFigurierte ZahlBitOverlay-NetzDimension 3Rechter WinkelRadon-TransformationDerivation <Algebra>DatenstrukturClientVererbungshierarchieElektronische PublikationHash-AlgorithmusQuick-SortSoftwareentwicklerAttributierte GrammatikHardwareFamilie <Mathematik>MAPServerMiddlewareProjektive EbeneModulare ProgrammierungSchreiben <Datenverarbeitung>FunktionalKernel <Informatik>Deskriptive StatistikFolge <Mathematik>InternetworkingSoftwareRuhmasseDrahtloses lokales NetzInhalt <Mathematik>CompilerProgrammbibliothekHackerMaßerweiterungImplementierungGebäude <Mathematik>RouterApp <Programm>ZeichenketteSkriptspracheNabel <Mathematik>QuaderInformationLeistung <Physik>Güte der AnpassungCodecVirtuelle MaschineNavigierenDienst <Informatik>Prozess <Informatik>Patch <Software>Array <Informatik>HalbleiterspeicherVerschlingungAlgebraisch abgeschlossener KörperATMBinärcodeTypentheorieGenerator <Informatik>Minkowski-MetrikPasswortSchreib-Lese-KopfVarietät <Mathematik>TesselationRoutingKonfiguration <Informatik>RPCInverser LimesRechenschieberWellenlehreDämon <Informatik>Automatische IndexierungBestimmtheitsmaßStandardabweichungHypermediaExistenzaussage
Transkript: Englisch(automatisch erzeugt)
00:04
12 o'clock, let's continue with the next talk, which is going to be given by Daniel Barlow, and it's going to be about Nix WRT Which is a collection of derivations to basically build To build to build flash images from west to flesh. Yes flash with a network driver and hopefully not break it
00:26
So yeah, give you a round of applause and enjoy the talk Thank you very much. Yeah, my name is Daniel Barlow. I'm here to talk about
00:41
Using the Nix package collection to build images for embedded routers IOT devices things like this little widget here, which you can't see but don't worry. There's pictures I'd like to start by saying welcome to London There's a nice iconic image here of Piccadilly Square with one of our London black cabs in it
01:01
If you're not local, you might not know they have to take a Knowledge test to memorize every road name within six miles of Charing Cross before they're allowed to drive one of these cars Unfortunately, you can't see the contrast quite so well there This is my iconic black x1 think bad carbon after a black cab driver ran over it the other week. So
01:25
It doesn't boot anymore surprisingly enough. Yeah, so any any problems with the the Quality or the polish in this talk. That's what I'm blaming is on So yeah, next WRT or next words. I came up with a name like six months ago and only just today realized
01:44
I don't know how to pronounce it I'm gonna go with next words, but I'm not going to be standard about it. So When I started out with it, it's an experiment to see if I could use the next package collection to build Images for Wi-Fi routers of the kind you should run open works or
02:03
DDW RT or tomato that kind of thing on a show of hands I mean who's got one of these things at home who's tried flashing their router at home? Very few people. Yeah. Okay, so This isn't Nick sauce on your router The image you get out of it is just an image. It's immutable
02:23
You can't log into it and and you know Compile packages or anything like that. It's got no compilers Yeah So why? Last November I built a new computer for my home office. You see it there. It's not actually on fire
02:41
It's got LEDs inside it And I wanted to be able to back it up Didn't want to build another computers backup hosts because that feels a bit sort of recursive So I've got a USB disk drive. I've got a spare router with a USB port What if you know, I know there's some kind of Embedded Linux thing inside that route so maybe I can repurpose that and get some use out of it instead of throwing it into e-waste
03:07
Why not use open wrt and the first thing I have to say here is open it is great And there's so much work going into it So many people working on different Random problems, which you would never even hope to have to replicate as a small developer
03:22
You know, I didn't realize how great it was So I tried bringing the mainstream next Linux kernel up on a MIPS device and found I had no ethernet divider And a router with no ethernet driver is a little bit It doesn't root much Yeah However, I'm not gonna be telling anyone anything
03:42
You don't already know but when you're talking about divergent convergent and congruent change management Open wrt is on the left-hand end of the scale to a big extent You know, you have 60 billion different packages in open wrt You install them imperatively by typing commands on the thing itself. Then you configure it using a GUI
04:04
Six months later, you know You upgrade the firmware or the router blows up and you need new hardware or your ISP says try factory resetting it Can you remember everything you did? Maybe some people are diligent enough to back these things up properly
04:20
But I'm certainly not so I got to thinking, you know Maybe there is a more general problem to be solved here than just somewhere safe to store my rip CDs So yeah did some hacking did some blogging I got distracted Got distracted again the government laptop trashed and and you know managed to crash my own home network in several different fun ways
04:42
And here we are a year on There's a little bit of scope creep. I did the backup server. The backup server is working fine. That's great You know, I did what I came for I Repurposed the the wireless range extender in my study upstairs To run next wrt as well
05:01
The router downstairs, which is the one that actually connects to broadband. I'm still working on that Take over the world. It's kind of a stretch goal And the other question I said it was an experiment so, you know, what what were the findings I guess isn't it's good for this stuff and emphatically. Yes, it is
05:21
Okay, I'm kind of preaching to the converted but the next language I mean is You know compared to anything else I've used in terms of you know, configuration management or or building is is superb The Everyone knows that the cross compilation stuff. You might not know unless you've been involved with it
05:41
But as all sort of beginning of 2018 a lot of work being done last year on cross compilation in Nix And it's it's really made it easy to build knit MIPS binaries from an x86 system and the support for muzzle which is or
06:01
Alternative C libraries of the GC library, it's smaller and faster and more compliant and works better embedded systems and I mean, I think that's pretty new as well It's certainly the case that I have hardly ever hit problems trying to use a C library There's not the GC library. So on those three counts MIPS. Sorry on those three counts. Nix is pretty awesome
06:25
Overlays Again you know you could there were various ways of customizing derivations before overlays came in But having a consistent way of doing this reasonably principled is is really useful and really helpful for making patches smaller
06:40
And I will talk about a lot more in a minute So Yeah There are things I have learned along the way That if you wanted to get into it you would also end up learning sooner or later You know how to read and write next derivations stuff about Linux stuff about how the kernel is put together
07:05
Things about networks switches TCP ethernet. What's a Mac? What's a fi? overlays fixed points Fixed points are awesome. I I I know enough to hand wave about them I don't know enough to explain them. So I'm gonna do some hand waving in a minute
07:22
If you have enough coffee the rest of it is easy So so what do you actually need obviously you need some kind of thing to run it on This is the GL I net MT 300 N
07:40
Which is like and GL I net MT 300 a but it's a different color It's slightly cheaper And the hardware inside it's slightly different so you know these things these are not your typical pcs They're smaller slower No graphics hardware. So you establish a console connection to it by attaching three wires to it
08:04
Which is more or less complicated depending on whether there are pin headers to attach them to or you need to go Do some bad soldering? Obviously the architecture different it runs some variety of MIPS Or the ones I've tried so far do anyway, I guess some people using ARM for this stuff
08:23
You don't boots from the BIOS or from UAFE. You didn't use a grub users and called you boots Which I'll be showing you in a minute and The way the the Particular board knows about all the bits that are in it Like, you know where the GPI opens are where the LEDs are
08:45
How to make the the the internet how to initialize this little network switch inside it On a grown-up computer like a PC you've got things like a CPI where it can sort of go and enumerate the bus and
09:01
Find out where all the things are because all the things will say look I'm over here On these older smaller systems either that knowledge is compiled into the kernel for the particular board you're using Or on some varieties of Device tree which basically a data file with the same information in it. So we abstracted that code into data
09:24
The device tree is a better way of doing it, but not all ports have been updated to use it yet Yeah, so in terms of mix WRT if you want to play with it, it's the best supported boards So the ones based on the AI 9330 Or the the ones based on the media tech
09:41
socks And I say the the the the blue one and the yellow one are both cheap and both easy to get hold of and Also, no soldering required. You just pop the top off Is there an emulator QEMU works, but the hardware emulates not very much like the real hardware
10:03
Testing on the real hardware is actually not that bad so Obviously need to connect it together to something This is my test setup is a little bit more baroque than it needs to be That that you will see is the the device itself
10:20
With three cables coming out of it for the serial console Serial console is TTL level logic. It runs into something which understands that in my case at the moment. That's a Raspberry Pi Because I blew up my serial cable And then that that is the the most overkill use ever of an Arduino young
10:42
Which basically exists to toggle the USP power off and off so when I wedge it solid I can turn it off and on again without having to go upstairs And pull the USB cable out So I'm gonna do a little demonstration of what it looks like to build on or what the actual hardware looks like
11:03
I'm not gonna demo on this This thing here because it would take too long to plug everything together I'm gonna attempt to SSH in my system at home and show you it there You ask what could go wrong well this guy here actually My son has jots of the age where he really likes to turn the power on or off in the front of the machine
11:24
So hopefully it's still there when we get there. We're just about to go find out Right
11:41
There is it it was that one, okay? So let's have 80 columns as the good Lord intended My handle on most online system is talent which I chose a long time ago because I couldn't type telnet correctly without typing it
12:12
So the the hostname theme is is all typos as well
12:22
So here we are I'm gonna start by making it And it does nothing of course because I made it last night to check that everything worked And and therefore there's nothing to be done, so there's a little make file Just because there's an awful lot of parameters to give to nick builds
12:44
So it's a particular Derivation we're using I'll show you that in a minute. It's called backup host. We're building the target called firmware Various parameters we're passing it for things like SSH keys and an rsync password and and other stuff and you'll see it is eventually built a
13:02
File in that directory there And then it's passing it into my TFTP server directory, and I'm just going to show you that
13:23
Yeah, there it says so that is my firmware file, which is about four and a half megabytes in size Which is okay for that particular target device Put that back in the stand so I'm going to introduce some insignificant white space into one of these derivations
13:54
Or I'll come back to that bit
14:08
so this is Is that volume level okay for everyone yeah? So this is yet the device itself I'm connected to it Over an SSH section over an SSH section over a minicom serial session
14:26
Over the three wires you saw in the picture into the actual the hardware device I'm just going to reset it just to show you it's there, and I'm going to stop auto boots So this is this single new boots It's the universal bootloader
14:44
It's called the universal bootloader what actually happens is that? Hardware manufacturers take it fork it Hack it up burn it onto their machines Getting a new version of you be onto your device is a bit like trying to put core boots onto your
15:03
You know laptop is it can be done But if it goes wrong you need JTAC debuggers and stuff like that so generally speaking The one you've got is you know the one you're gonna live with Unless you want to get more complicated than I've got So anyway, you've got a connection of commands in new boot here
15:25
Which do things like print the environment variable boots change memory addresses? Let you do things as flash and so on So if I just do print env they are more or less defective depending on the manufacturer
15:44
So you know in theory if you've done a proper good install of you boots then This environment will be writable and you can change parameters here Often you'll find that the hardener actually just hard coded the environment, and you can't actually save anything
16:01
which is annoying but not insurable So I'm gonna boot this device And I'm gonna do it the slightly cheesy way by inserting a file Empty boot script because there's a five or six lines I have to type
16:21
To get it to boot from RAM. Hey off it goes Okay, and then it's doing exciting stuff
16:46
Just going back through the scroll back here in tmux quite a lot of it So what did it do these are all you boot commands that's typing in it's boosting the TFTP
17:01
It's boost There's the TFTP command is copying into a particular start address, which is carefully chosen not to clash with anything else And then the boot em command is a boot from memory. So there you see the TFTP happening there. It's loading the thing down That's where it's sorry. I'm pointing up my screen instead of your screen
17:24
That's that's the actual where Linux actually starts happening and starting kernel and the rest of it is all Linux and There it is and just to show you that we're not in x86 anymore
17:42
Yes, it is running your root shell on console This could be considered as a security problem if your threat model includes people praying the covers off and attaching three wires to the That can be configured. Of course. So there we are. It's a media tech empty six seven six twenty g l3m
18:01
Today is running on the MIPS. It's three days ago bother MIPS if they can't for anything anymore and And various other stuff there That concludes the demonstration I think probably so, how does it work?
18:21
I Don't know if any of that writing is readable from where anyone is sitting It surprisingly took longer to draw that than I thought it was going to so What I'd like you to focus on here is This is a description of the build process This is our output at the bottom, which is the firmware binary that we just saw being TFTP booted
18:46
In that image, you've got a kernel image, which is this you image thing here You've got a file system image for the root file system and the two of them basically just splattered together with DD The file system image is generated from a configuration, which is a nix value. I'll show you in a moment
19:04
Which has got it's an actual set with various different things You want to go into your image and the image builder that makes the image out of it Some of the things I'm gonna talk about modules in a minute I know a lot of people talk about modules these aren't nixos modules. These are something else. I named them badly
19:23
So you start with an empty configuration you're applying modules to it until you've got the config you want And then you send it into the builder and it builds your image some of the things in your Some of the things your figuration of package references. So we also set nix package answers there
19:43
we've got an overlay to make them smaller and kinda and so on The other half of the picture is the kernel build which comes from the kernel dog Upstream it also comes from open wrt They get merged together. It gets built we get the VM Linux file out of it
20:02
We stick the device tree into it Which is the data file I was telling you about earlier that gets you the bootable image And so that's the the other half of the output there So I think the three things in that picture, which you would have to touch if you're hacking on this are
20:23
The package overlay For including packages and making sure your packages are going to build on it The module system which is badly named and potentially the kernel build if you want to get detailed about it And we're gonna have a look at each of those So there's good news. There's lots of good news. Lots of these packages already just works, which is awesome
20:45
We quite often have to patch our packages because we're not using the standard C library Something's don't cross-compile so we need to disable the do check clauses where they're in if they're Unconditional
21:01
Sometimes you get very big closures and Melco was talking about big closures yesterday And I really feel it on this thing because you're you know we have a limited very limited amount of flash space It can be as little as four megabytes You don't want to be getting one and a half gigabytes of Firefox in there
21:20
So there are various hacks we've done to You know remove library dependencies for optional features where the original derivation included them Get rid of shell scripts that depend on bash because bash is huge Yeah, if all those fails just run strings and grep for next door, that's that's a good way of finding
21:44
Leaky bits in your closures make sure you stripped everything and we also slightly hacked up the squash FX Generation to remove static libraries from the generated output because who is ever going to use those when you don't have compiler So here's an example This is one of the entries in our package overlay for the host app demon
22:04
You see it's based on the upstream one index packages We've overrided the SQLite attribute because we don't need it. We've Sorry, the SQLite parameter we've overridden then we want to override the attributes as well And we said we don't want extra config and we're going to use this
22:24
Configure file which we generated here instead of using what the the next package is one does And that's that's a huge saving on host app D. And that's how I've got a wireless extender running in four megs of flash Modules not the next module system
22:42
We've had a lot as we just a couple of days about the module system The chief reason for writing it differently was that it seemed like fun Middle wares might be a better name a module is a function which applies to configuration and generates new configuration And we apply them repeatedly in the same kind of pattern as overlays do
23:04
Except we're applying them to the configuration rather than applying them to the next package derivation So your configuration object That's really bad, I don't have a picture of the configuration object. Oh
23:22
Wow Skip forward a little bit there. What's it doing? Hey, right, okay
23:44
There's reveal.js. It's three-dimensional slide navigation. It's funky So the essence of it is that in your Derivation you'll start with the base configuration which has almost nothing in it. It has empty arrays of files packages
24:02
some other stuff You will then apply each module in sequence to it, so that's the hardware module for the device That's in going to include an rsync server. That's going to an SSH server That's going to a busy box. Which is pretty fundamental This particular device is my backup host so it's got a USB disk module in it with some parameters
24:26
There's some stuff for the kernel. There's some stuff for configuring the network switch which is integrated into the device and We're running syslogd. We're running NTPd. We're running a DHCP client and To build the firmware we merge all the modules together
24:43
And pass it to the firmware generation function, and there's our firmware.bin The modules themselves actually look like this you see the whole fixed point pattern up here with itself and the super
25:01
La la la la la la so that's our parent module We're adding a service called hostupd We're adding the hostupd package, and we're adding a right down at the bottom I don't know if anyone can see over and over his head. Right down at the bottom We're adding a file called etc.hostupd.psk
25:22
Which is it's also got some content and a mode in it And those tiles are written into flash the same as everything else I'm running out of time to talk about adding new hardware devices Which is great because this is the complicated bit, and I'm going to skim through it
25:41
New hardware devices, I've I think I've had it running on four different devices so far Which are all sort of one or two of the various MIPS families It is much much much easier if it already works in openwrt in fact I wouldn't even bother trying it unless you want a project to try and build something that isn't in openwrt already
26:02
There's kind of things you'll expect to have to do is find out what stock family it runs on is a Atheros is it an ra-link is it a media tech is it something else? Because that's gonna Impact whether it is a device tree or something else Find out how to attach a serial cable to it. I've burnt one router by doing some really bad soldering on it already
26:24
As I does it use the device tree, and then you find these find out things like where is where in memory is the flash? How do I configure the network switch such that the Ethernet in the kernel actually gets out to the box? All of this information for all the support of devices in the file called devices dot nix
26:44
And there's a lot of commentary in there as well if you are minded to do your own device you would do that And yeah, if you can cobble together something to turn its power on and off remotely You'll find remote development a lot easier for the earliest ages to bring up No, I can I can show you my Arduino. It's not pretty
27:04
But it was stuff I had around so future plans Obviously the first thing to do is Finish the PPP over internet supports because then I can actually run it on my primary route at home Which the family will love I'm sure when it starts crashing
27:20
Better story for upgrades I've got a plan for upgrading without having to flash here every time Better story for the first time support which doesn't involve attaching cables to the device That's going to depend on the device because you know your vendor firmware may allow you to upgrade freely or may have restrictions on the format
27:42
So that's gonna be a bit of fun working it out and a better story for secrets, so at the moment we We don't put secrets in the next door on the build machine. I've been quite careful about that Because I check my into github But they do end up burns is the image
28:02
And if you want to change your password then you end up having to reflash the image, which doesn't feel quite right so Design something which will get them for a writeable file system or over a network or something else I can quite see the appeal of network based secrets if you're managing a
28:22
decent sized fleet of devices And perhaps even get some users It's just me So that's it Two minutes of questions. Ask me anything. I might not know the answer. I'm pretty hand wave
28:47
Alrighty, thank you for your questions. Yes, we've got a question. I have a pile of WRT54GL routers up in my attic is the four megabytes of RAM is that it looked like your
29:02
Image was a little bit bigger Is there a little bit more that could be cut to get this running on him? That image is is bigger than Smaller people have running has four megabytes of flash and that's the wireless extender upstairs I had to work quite hard to get it into four four megs, but things can be done with the whole mega image here
29:23
More people with stuff in their basement Sorry Hello, thanks for the talk I'm wondering about Whether we can implement dm variety onto this dm variety like the Merkle hash trees just to check the
29:42
hashes of the file system It's not something I thought about It would be good idea. Yeah another question Nope, then. Thank you very much again for your wonderful talk. Thank you
30:05
next