PublicMirrors/MikroTikPatch
1
0
Fork 0
mirror of https://github.com/elseif/MikroTikPatch.git synced 2025-01-23 05:25:00 +03:00
Code Issues Actions 2 Packages Projects Releases Wiki Activity

new file: .github/workflows/mikrotik_patch_test.yml

Browse Source 
modified:   .gitignore
	new file:   busybox/busybox_aarch64
	modified:   busybox/busybox_x86_64
	modified:   patch.py
This commit is contained in:
zyb 2024-07-12 02:51:02 +08:00
parent f788dc702d
commit 65e4343802
5 changed files with 452 additions and 7 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

396
.github/workflows/mikrotik_patch_test.yml vendored Normal file
View File

@ -0,0 +1,396 @@
name: Patch Mikrotik RouterOS
on:
# push:
# branches: [ "main" ]
# schedule:
# - cron: "0 0 * * *"
workflow_dispatch:
inputs:
version:
description: 'RouterOS version, blank for latest'
required: false
default: ''
type: string
permissions:
contents: write
jobs:
Patch_RouterOS_7:
runs-on: ubuntu-22.04
strategy:
matrix:
arch: [x86_64,arm64]
channel: [stable, testing]
env:
TZ: 'Asia/Shanghai'
LATEST_VERSION_URL: 'https://upgrade.mikrotik.com/routeros/NEWESTa7'
LATEST_VERSION: ""
BUILD_TIME: "0"
ARCH: ""
CUSTOM_LICENSE_PRIVATE_KEY: ${{ secrets.CUSTOM_LICENSE_PRIVATE_KEY }}
CUSTOM_LICENSE_PUBLIC_KEY: ${{ secrets.CUSTOM_LICENSE_PUBLIC_KEY }}
CUSTOM_NPK_SIGN_PRIVATE_KEY: ${{ secrets.CUSTOM_NPK_SIGN_PRIVATE_KEY }}
CUSTOM_NPK_SIGN_PUBLIC_KEY: ${{ secrets.CUSTOM_NPK_SIGN_PUBLIC_KEY }}
MIKRO_LICENSE_PUBLIC_KEY: ${{ secrets.MIKRO_LICENSE_PUBLIC_KEY }}
MIKRO_NPK_SIGN_PUBLIC_LKEY: ${{ secrets.MIKRO_NPK_SIGN_PUBLIC_LKEY }}
MIKRO_LICENCE_URL: ${{ secrets.MIKRO_LICENCE_URL }}
CUSTOM_LICENCE_URL: ${{ secrets.CUSTOM_LICENCE_URL }}
MIKRO_UPGRADE_URL: ${{ secrets.MIKRO_UPGRADE_URL }}
CUSTOM_UPGRADE_URL: ${{ secrets.CUSTOM_UPGRADE_URL }}
steps:
- name: Checkout repository
uses: actions/checkout@v4
- name: Set up Python
uses: actions/setup-python@v5
with:
python-version: '3.11'
- name: Cache Squashfs
id: cache-squashfs
uses: actions/cache@v4
with:
path: |
python3.sfs
option.sfs
key: busybox-python3-squashfs-${{ matrix.arch }}
- name: Create Squashfs for option and python3
if: steps.cache-squashfs.outputs.cache-hit != 'true'
run: |
sudo mkdir -p ./option-root/bin/
if [ "${{ matrix.arch }}" == "x86_64" ]; then
sudo cp busybox/busybox_x86_64 ./option-root/bin/busybox
sudo chmod +x ./option-root/bin/busybox
else if [ "${{ matrix.arch }}" == "arm64" ]; then
sudo cp busybox/busybox_aarch64 ./option-root/bin/busybox
sudo chmod +x ./option-root/bin/busybox
fi
sudo chmod +x ./busybox/busybox_x86_64
COMMANDS=$(./busybox/busybox_x86_64 --list)
for cmd in $COMMANDS; do
sudo ln -sf /pckg/option/bin/busybox ./option-root/bin/$cmd
done
sudo mksquashfs option-root option.sfs -quiet -comp xz -no-xattrs -b 256k
sudo rm -rf option-root
if [ "${{ matrix.arch }}" == "x86_64" ]; then
sudo wget -O cpython-3.11.9.tar.gz -nv https://github.com/indygreg/python-build-standalone/releases/download/20240415/cpython-3.11.9+20240415-x86_64-unknown-linux-gnu-install_only.tar.gz
else if [ "${{ matrix.arch }}" == "arm64" ]; then
sudo wget -O cpython-3.11.9.tar.gz -nv https://github.com/indygreg/python-build-standalone/releases/download/20240415/cpython-3.11.9+20240415-aarch64-unknown-linux-gnu-install_only.tar.gz
fi
sudo tar -xf cpython-3.11.9.tar.gz
sudo rm cpython-3.11.9.tar.gz
sudo rm -rf ./python/include
sudo rm -rf ./python/share
sudo mksquashfs python python3.sfs -quiet -comp xz -no-xattrs -b 256k
sudo rm -rf python
- name: Get latest routeros version
run: |
echo $(uname -a)
if [ "${{ inputs.version }}" == "" ]; then
LATEST_VERSION=$(wget -nv -O - ${{ env.LATEST_VERSION_URL }}.${{ matrix.channel }} | cut -d ' ' -f1)
else
LATEST_VERSION=${{ inputs.version }}
fi
BUILD_TIME=$(date +"%s")
echo Latest Version:$LATEST_VERSION
echo Build Time:$BUILD_TIME
wget -nv -O CHANGELOG https://upgrade.mikrotik.com/routeros/$LATEST_VERSION/CHANGELOG
cat CHANGELOG
echo "LATEST_VERSION=${LATEST_VERSION}" >> $GITHUB_ENV
echo "BUILD_TIME=${BUILD_TIME}" >> $GITHUB_ENV
if [ "${{ matrix.arch }}" == "x86_64" ]; then
echo "ARCH=''" >> $GITHUB_ENV
else if [ "${{ matrix.arch }}" == "arm64" ]; then
echo "ARCH='-arm64'" >> $GITHUB_ENV
fi
- name: Cache NetInstall ${{ env.LATEST_VERSION }}
if: matrix.arch == 'x86_64'
id: cache-netinstall
uses: actions/cache@v4
with:
path: |
netinstall.zip
key: netinstall-${{ env.LATEST_VERSION }}
- name: Get netinstall-${{ env.LATEST_VERSION }}.zip
if: matrix.arch == 'x86_64' && steps.cache-netinstall.outputs.cache-hit != 'true'
run: |
sudo wget -nv -O netinstall.zip https://download.mikrotik.com/routeros/$LATEST_VERSION/netinstall-$LATEST_VERSION.zip
- name: Patch netinstall.exe
if: matrix.arch == 'x86_64'
run: |
sudo unzip netinstall.zip
sudo -E python3 patch.py netinstall netinstall.exe
sudo zip netinstall-$LATEST_VERSION.zip ./netinstall.exe
- name: Cache Mikrotik-${{ env.LATEST_VERSION }}${{ env.ARCH }}.ISO
id: cache-mikrotik
uses: actions/cache@v4
with:
path: |
mikrotik.iso
key: mikrotik-${{ env.LATEST_VERSION }}${{ env.ARCH }}
- name: Get mikrotik-${{ env.LATEST_VERSION }}${{ env.ARCH }}.iso
if: steps.cache-mikrotik.outputs.cache-hit != 'true'
run: |
sudo wget -nv -O mikrotik.iso https://download.mikrotik.com/routeros/$LATEST_VERSION/mikrotik-$LATEST_VERSION$ARCH.iso
- name: Patch mikrotik-${{ env.LATEST_VERSION }}${{ env.ARCH }}.iso
run: |
sudo apt-get install -y mkisofs > /dev/null
sudo mkdir ./iso
sudo mount -o loop,ro mikrotik.iso ./iso
sudo mkdir ./new_iso
sudo cp -r ./iso/* ./new_iso/
sudo rsync -a ./iso/ ./new_iso/
sudo umount ./iso
sudo rm -rf ./iso
sudo mv ./new_iso/routeros-$LATEST_VERSION$ARCH.npk ./
sudo -E python3 patch.py npk routeros-$LATEST_VERSION$ARCH.npk
NPK_FILES=$(find ./new_iso/*.npk)
for file in $NPK_FILES; do
sudo -E python3 npk.py sign $file $file
done
sudo cp routeros-$LATEST_VERSION$ARCH.npk ./new_iso/
sudo -E python3 npk.py create ./new_iso/gps-$LATEST_VERSION$ARCH.npk ./option-$LATEST_VERSION$ARCH.npk option ./option.sfs -desc="busybox"
sudo cp option-$LATEST_VERSION$ARCH.npk ./new_iso/
sudo -E python3 npk.py create ./new_iso/gps-$LATEST_VERSION$ARCH.npk ./python3-$LATEST_VERSION$ARCH.npk python3 ./python3.sfs -desc="python 3.11.9"
sudo cp python3-$LATEST_VERSION$ARCH.npk ./new_iso/
sudo mkdir ./efiboot
sudo mount -o loop ./new_iso/efiboot.img ./efiboot
if [ "${{ matrix.arch }}" == "x86_64" ]; then
sudo -E python3 patch.py kernel ./efiboot/EFI/BOOT/BOOTX64.EFI
sudo cp ./efiboot/EFI/BOOT/BOOTX64.EFI ./BOOTX64.EFI
sudo cp ./BOOTX64.EFI ./new_iso/isolinux/linux
sudo umount ./efiboot
sudo rm -rf ./efiboot
sudo mkisofs -o mikrotik-$LATEST_VERSION$ARCH.iso \
-V "MikroTik $LATEST_VERSION ${{ matrix.arch }} Patched" \
-sysid "" -preparer "MiKroTiK" \
-publisher "" -A "MiKroTiK RouterOS" \
-b isolinux/isolinux.bin \
-c isolinux/boot.cat \
-no-emul-boot \
-boot-load-size 4 \
-boot-info-table \
-eltorito-alt-boot \
-e efiboot.img \
-no-emul-boot \
-R -J \
./new_iso
else if [ "${{ matrix.arch }}" == "arm64" ]; then
sudo -E python3 patch.py kernel ./efiboot/EFI/BOOT/BOOTAA64.EFI
sudo cp ./efiboot/EFI/BOOT/BOOTAA64.EFI ./BOOTAA64.EFI
sudo umount ./efiboot
sudo rm -rf ./efiboot
sudo mkisofs -o mikrotik-$LATEST_VERSION$ARCH.iso \
-V "MikroTik $LATEST_VERSION ${{ matrix.arch }} Patched" \
-sysid "" -preparer "MiKroTiK" \
-publisher "" -A "MiKroTiK RouterOS" \
-eltorito-alt-boot \
-e efiboot.img \
-no-emul-boot \
-R -J \
./new_iso
fi
sudo mkdir ./all_packages
sudo cp ./new_iso/*.npk ./all_packages/
sudo rm -rf ./new_iso
cd ./all_packages
if [ "${{ matrix.arch }}" == "x86_64" ]; then
sudo zip ../all_packages-x86-$LATEST_VERSION.zip *.npk
else if [ "${{ matrix.arch }}" == "arm64" ]; then
sudo zip ../all_packages-arm64-$LATEST_VERSION.zip *.npk
fi
cd ..
- name: Cache refind
if: matrix.arch == 'x86_64'
id: cache-refind
uses: actions/cache@v4
with:
path: refind-bin-0.14.2.zip
key: refind
- name: Get refind
if: matrix.arch == 'x86_64' && steps.cache-refind.outputs.cache-hit != 'true'
run: sudo wget -nv -O refind-bin-0.14.2.zip https://nchc.dl.sourceforge.net/project/refind/0.14.2/refind-bin-0.14.2.zip
- name: Create install-image-${{ env.LATEST_VERSION }}.img
if: matrix.arch == 'x86_64'
run: |
sudo modprobe nbd
sudo apt-get install -y qemu-utils extlinux > /dev/null
# Loading system
# Copyright (C) 1994-2015 H. Peter Anvin et al
# 20210811
# CHS EDD
sudo xxd -p -u /usr/bin/extlinux | tr -d '\n' | sed \
-e 's/0D0A5359534C494E555820362E30342000/4C6F6164696E672073797374656D0D0A00/g' \
-e 's/20436F707972696768742028432920313939342D3230313520482E20506574657220416E76696E20657420616C0D0A/00436F707972696768742028432920313939342D3230313520482E20506574657220416E76696E20657420616C0D0A/g' \
-e 's/203230323130383131/003230323130383131/g' \
-e 's/43485300454444/00485300004444/g' | xxd -p -r >extlinux
sudo chmod +x extlinux
truncate --size 128M install-image-$LATEST_VERSION.img
sudo qemu-nbd -c /dev/nbd0 -f raw install-image-$LATEST_VERSION.img
sudo mkfs.vfat -n "Install" /dev/nbd0
sudo mkdir ./install
sudo mount /dev/nbd0 ./install
sudo mkdir -p ./install/EFI/BOOT
sudo unzip refind-bin-0.14.2.zip refind-bin-0.14.2/refind/refind_x64.efi
sudo cp refind-bin-0.14.2/refind/refind_x64.efi ./install/EFI/BOOT/BOOTX64.EFI
sudo rm -rf refind-bin-0.14.2
echo -e 'timeout 0\ntextonly\ntextmode 0\nshowtools shutdown, reboot, exit\nmenuentry "Install RouterOS" {\n\tloader /linux\n\toptions "load_ramdisk=1 root=/dev/ram0 -install -hdd"\n}\ndefault_selection /EFI/BOOT/BOOTX64.EFI' \
> refind.conf
sudo cp refind.conf ./install/EFI/BOOT/
sudo rm refind.conf
sudo ./extlinux --install -H 64 -S 32 ./install/
echo -e 'default system\nLABEL system\n\tKERNEL linux\n\tAPPEND load_ramdisk=1 -install -hdd' \
> syslinux.cfg
sudo cp syslinux.cfg ./install/
sudo rm syslinux.cfg
sudo cp ./BOOTX64.EFI ./install/linux
NPK_FILES=($(find ./all_packages/*.npk))
for ((i=1; i<=${#NPK_FILES[@]}; i++))
do
echo "${NPK_FILES[$i-1]}=>$i.npk"
sudo cp ${NPK_FILES[$i-1]} ./install/$i.npk
done
sudo touch ./install/CHOOSE
sudo touch ./install/autorun.scr
sudo umount /dev/nbd0
sudo qemu-nbd -d /dev/nbd0
sudo rm -rf ./install
sudo zip install-image-$LATEST_VERSION.zip ./install-image-$LATEST_VERSION.img
sudo rm ./install-image-$LATEST_VERSION.img
- name: Create chr-${{ env.LATEST_VERSION }}${{ env.ARCH }}.img
run: |
truncate --size 128M chr-$LATEST_VERSION$ARCH.img
sgdisk --clear --set-alignment=2 \
--new=1::+32M --typecode=1:8300 --change-name=1:"RouterOS Boot" --attributes=1:set:2 \
--new=2::-0 --typecode=2:8300 --change-name=2:"RouterOS" \
--gpttombr=1:2 \
chr-$LATEST_VERSION$ARCH.img
dd if=chr-$LATEST_VERSION$ARCH.img of=pt.bin bs=1 count=66 skip=446
echo -e "\x80" | dd of=pt.bin bs=1 count=1 conv=notrunc
sgdisk --mbrtogpt --clear --set-alignment=2 \
--new=1::+32M --typecode=1:8300 --change-name=1:"RouterOS Boot" --attributes=1:set:2 \
--new=2::-0 --typecode=2:8300 --change-name=2:"RouterOS" \
chr-$LATEST_VERSION$ARCH.img
dd if=mbr.bin of=chr-$LATEST_VERSION$ARCH.img bs=1 count=446 conv=notrunc
dd if=pt.bin of=chr-$LATEST_VERSION$ARCH.img bs=1 count=66 seek=446 conv=notrunc
sudo qemu-nbd -c /dev/nbd0 -f raw chr-$LATEST_VERSION$ARCH.img
sudo mkfs.vfat -n "Boot" /dev/nbd0p1
sudo mkfs.ext4 -F -L "RouterOS" -m 0 /dev/nbd0p2
sudo mkdir -p ./img/{boot,routeros}
sudo mount /dev/nbd0p1 ./img/boot/
sudo mkdir -p ./img/boot/{BOOT,EFI/BOOT}
if [ "${{ matrix.arch }}" == "x86_64" ]; then
sudo cp BOOTX64.EFI ./img/boot/EFI/BOOT/BOOTX64.EFI
sudo ./extlinux --install -H 64 -S 32 ./img/boot/BOOT
echo -e "default system\nlabel system\n\tkernel /EFI/BOOT/BOOTX64.EFI\n\tappend load_ramdisk=1 root=/dev/ram0 quiet" > syslinux.cfg
sudo cp syslinux.cfg ./img/boot/BOOT/
sudo rm syslinux.cfg
else if [ "${{ matrix.arch }}" == "amd64" ]; then
sudo cp BOOTAA64.EFI ./img/boot/EFI/BOOT/BOOTAA64.EFI
fi
sudo umount /dev/nbd0p1
sudo mount /dev/nbd0p2 ./img/routeros/
sudo mkdir -p ./img/routeros/{var/pdb/{system,option},boot}
sudo cp ./all_packages/option-$LATEST_VERSION$ARCH.npk ./img/routeros/var/pdb/option/image
sudo cp ./all_packages/routeros-$LATEST_VERSION$ARCH.npk ./img/routeros/var/pdb/system/image
sudo umount /dev/nbd0p2
sudo rm -rf ./img
sudo qemu-nbd -d /dev/nbd0
sudo qemu-img convert -f raw -O qcow2 chr-$LATEST_VERSION$ARCH.img chr-$LATEST_VERSION$ARCH.qcow2
sudo qemu-img convert -f raw -O vmdk chr-$LATEST_VERSION$ARCH.img chr-$LATEST_VERSION$ARCH.vmdk
sudo qemu-img convert -f raw -O vpc chr-$LATEST_VERSION$ARCH.img chr-$LATEST_VERSION$ARCH.vhd
sudo qemu-img convert -f raw -O vhdx chr-$LATEST_VERSION$ARCH.img chr-$LATEST_VERSION$ARCH.vhdx
sudo qemu-img convert -f raw -O vdi chr-$LATEST_VERSION$ARCH.img chr-$LATEST_VERSION$ARCH.vdi
sudo zip chr-$LATEST_VERSION$ARCH.qcow2.zip chr-$LATEST_VERSION$ARCH.qcow2
sudo zip chr-$LATEST_VERSION$ARCH.vmdk.zip chr-$LATEST_VERSION$ARCH.vmdk
sudo zip chr-$LATEST_VERSION$ARCH.vhd.zip chr-$LATEST_VERSION$ARCH.vhd
sudo zip chr-$LATEST_VERSION$ARCH.vhdx.zip chr-$LATEST_VERSION$ARCH.vhdx
sudo zip chr-$LATEST_VERSION$ARCH.vdi.zip chr-$LATEST_VERSION$ARCH.vdi
sudo zip chr-$LATEST_VERSION$ARCH.img.zip chr-$LATEST_VERSION$ARCH.img
sudo rm *.qcow2
sudo rm *.vmdk
sudo rm *.vhd
sudo rm *.vhdx
sudo rm *.vdi
sudo rm *.img
- name: Upload artifact
uses: actions/upload-artifact@v4
with:
name: "RouterOS ${{ env.LATEST_VERSION }}"
path: |
mikrotik-${{ env.LATEST_VERSION }}${{ env.ARCH }}.iso
chr-${{ env.LATEST_VERSION }}*.zip
netinstall-${{ env.LATEST_VERSION }}.zip
install-image-${{ env.LATEST_VERSION }}.zip
routeros-${{ env.LATEST_VERSION }}${{ env.ARCH }}.npk
option-${{ env.LATEST_VERSION }}${{ env.ARCH }}.npk
all_packages-*-${{ env.LATEST_VERSION }}.zip
# - name: Upload Files
# run: |
# mkdir -p ./publish/$LATEST_VERSION
# echo $LATEST_VERSION $BUILD_TIME > ./publish/NEWESTa7.${{ matrix.channel }}
# cp CHANGELOG ./publish/$LATEST_VERSION/
# cp ./all_packages/*.npk ./publish/$LATEST_VERSION/
# cp *.EFI ./publish/$LATEST_VERSION/
# sudo apt-get install -y lftp > /dev/null 2>&1
# sudo -E lftp -u ${{ secrets.SSH_USERNAME }},'${{ secrets.SSH_PASSWORD }}' sftp://${{ secrets.SSH_SERVER }}:${{ secrets.SSH_PORT }} <<EOF
# set sftp:auto-confirm yes
# mirror --reverse --verbose --only-newer ./publish ${{ secrets.SSH_DIRECTORY }}
# bye
# EOF
# - name: Delete Release tag ${{ env.LATEST_VERSION }}
# run: |
# HEADER="Authorization: token ${{ secrets.GITHUB_TOKEN }}"
# RELEASE_INFO=$(curl -s -H $HEADER https://api.github.com/repos/${{ github.repository }}/releases/tags/$LATEST_VERSION)
# RELEASE_ID=$(echo $RELEASE_INFO | jq -r '.id')
# echo "Release ID: $RELEASE_ID"
# if [ "$RELEASE_ID" != "null" ]; then
# curl -X DELETE -H "$HEADER" https://api.github.com/repos/${{ github.repository }}/git/refs/tags/$LATEST_VERSION
# echo "Tag $LATEST_VERSION deleted successfully."
# curl -X DELETE -H "$HEADER" https://api.github.com/repos/${{ github.repository }}/releases/$RELEASE_ID
# echo "Release with tag $LATEST_VERSION deleted successfully."
# else
# echo "Release not found for tag: $LATEST_VERSION)"
# fi
# - name: Create Release tag ${{ env.LATEST_VERSION }}
# uses: softprops/action-gh-release@v2
# with:
# name: "RouterOS ${{ env.LATEST_VERSION }}"
# body_path: "CHANGELOG"
# tag_name: ${{ env.LATEST_VERSION }}
# make_latest: ${{ matrix.channel == 'stable'}}
# prerelease: ${{ matrix.channel == 'testing' }}
# files: |
# mikrotik-${{ env.LATEST_VERSION }}${{ env.ARCH }}.iso
# chr-${{ env.LATEST_VERSION }}*.zip
# netinstall-${{ env.LATEST_VERSION }}.zip
# install-image-${{ env.LATEST_VERSION }}.zip
# routeros-${{ env.LATEST_VERSION }}${{ env.ARCH }}.npk
# option-${{ env.LATEST_VERSION }}${{ env.ARCH }}.npk
# all_packages-*-${{ env.LATEST_VERSION }}.zip

3
.gitignore vendored
View File

@ -2,5 +2,4 @@ __pycache__/
venv/
keygen/
app/
test_*.py
mikrotik*
test_*.py

BIN
busybox/busybox_aarch64 Normal file
View File

Binary file not shown.

BIN
busybox/busybox_x86_64
View File

Binary file not shown.

60
patch.py
View File

@ -72,6 +72,52 @@ def patch_squashfs(path,key_dict):
open(file,'wb').write(data)
def patch_elf(data: bytes,key_dict:dict):
def find_7zXZ_data(data:bytes):
offset1 = 0
_data = data
while b'\xFD7zXZ\x00\x00\x01' in _data:
offset1 = offset1 + _data.index(b'\xFD7zXZ\x00\x00\x01') + 8
_data = _data[offset1:]
offset1 -= 8
offset2 = 0
_data = data
while b'\x00\x01\x59\x5A' in _data:
offset2 = offset2 + _data.index(b'\x00\x01\x59\x5A') + 4
_data = _data[offset2:]
offset2
return data[offset1:offset2]
initrd_xz = find_7zXZ_data(data)
initrd = lzma.decompress(initrd_xz)
new_initrd = initrd
for old_public_key,new_public_key in key_dict.items():
if old_public_key in new_initrd:
print(f'initramfs public key patched {old_public_key[:16].hex().upper()}...')
new_initrd = new_initrd.replace(old_public_key,new_public_key)
filters=[{"id": lzma.FILTER_LZMA2, "preset": 9,}]
new_initrd_xz = lzma.compress(new_initrd,check=lzma.CHECK_CRC32,filters=filters)
assert len(new_initrd_xz) <= len(initrd_xz),'new initrd xz size is too big'
new_initrd_xz = new_initrd_xz.ljust(len(initrd_xz),b'\0')
new_data = data.replace(initrd_xz,new_initrd_xz)
return new_data
def patch_kernel(data:bytes,key_dict):
assert data[:2] == b'MZ', 'not a valid pe file'
if data[:2] == b'MZ':
print('patching EFI Kernel')
if data[56:60] == b'ARM\x64':
print('patching arm64')
return patch_elf(data,key_dict)
else:
print('patching x86_64')
return patch_bzimage(data,key_dict)
elif data[:4] == b'\x7FELF':
print('patching ELF')
return patch_elf(data,key_dict)
else:
raise Exception('unknown kernel format')
def patch_npk_file(key_dict,kcdsa_private_key,eddsa_private_key,input_file,output_file=None):
npk = NovaPackage.load(input_file)
if npk[NpkPartID.NAME_INFO].data.name == 'system':
@ -79,13 +125,10 @@ def patch_npk_file(key_dict,kcdsa_private_key,eddsa_private_key,input_file,outpu
for item in file_container:
if item.name == b'boot/EFI/BOOT/BOOTX64.EFI':
print(f'patch {item.name} ...')
item.data = patch_bzimage(item.data,key_dict)
open('linux','wb').write(item.data)
item.data = patch_kernel(item.data,key_dict)
elif item.name == b'boot/kernel':
from netinstall import patch_elf
print(f'patch {item.name} ...')
item.data = patch_elf(item.data,key_dict)
open('linux','wb').write(item.data)
item.data = patch_kernel(item.data,key_dict)
npk[NpkPartID.FILE_CONTAINER].data = file_container.serialize()
try:
@ -123,6 +166,9 @@ if __name__ == '__main__':
npk_parser = subparsers.add_parser('npk',help='patch and sign npk file')
npk_parser.add_argument('input',type=str, help='Input file')
npk_parser.add_argument('-o','--output',type=str,help='Output file')
kernel_parser = subparsers.add_parser('kernel',help='patch kernel file')
kernel_parser.add_argument('input',type=str, help='Input file')
kernel_parser.add_argument('-o','--output',type=str,help='Output file')
netinstall_parser = subparsers.add_parser('netinstall',help='patch netinstall file')
netinstall_parser.add_argument('input',type=str, help='Input file')
netinstall_parser.add_argument('-o','--output',type=str,help='Output file')
@ -136,6 +182,10 @@ if __name__ == '__main__':
if args.command =='npk':
print(f'patching {args.input} ...')
patch_npk_file(key_dict,kcdsa_private_key,eddsa_private_key,args.input,args.output)
elif args.command == 'kernel':
print(f'patching {args.input} ...')
data = patch_kernel(open(args.input,'rb').read(),key_dict)
open(args.output or args.input,'wb').write(data)
elif args.command == 'netinstall':
from netinstall import patch_netinstall
print(f'patching {args.input} ...')