From b4e33a1c08f7e0b980b14687ef601bd30634464a Mon Sep 17 00:00:00 2001
From: John Crispin <blogic@openwrt.org>
Date: Tue, 19 Apr 2016 10:07:35 +0200
Subject: [PATCH] base-files: Allow to disable failsafe mode

Signed-off-by: Daniel Dickinson <openwrt@daniel.thecshore.com>
---
 package/base-files/Makefile                   |  3 ++-
 .../files/lib/preinit/10_indicate_failsafe    |  1 +
 .../files/lib/preinit/30_failsafe_wait        |  6 +++++-
 .../files/lib/preinit/40_run_failsafe_hook    |  1 +
 package/base-files/image-config.in            | 19 +++++++++++++++----
 5 files changed, 24 insertions(+), 6 deletions(-)

diff --git a/package/base-files/Makefile b/package/base-files/Makefile
index 2bc4d15ca4a..2286e172084 100644
--- a/package/base-files/Makefile
+++ b/package/base-files/Makefile
@@ -18,7 +18,7 @@ PKG_FILE_DEPENDS:=$(PLATFORM_DIR)/ $(GENERIC_PLATFORM_DIR)/base-files/
 PKG_BUILD_DEPENDS:=usign/host
 PKG_LICENSE:=GPL-2.0
 
-PKG_CONFIG_DEPENDS := CONFIG_SIGNED_PACKAGES CONFIG_TARGET_INIT_PATH
+PKG_CONFIG_DEPENDS := CONFIG_SIGNED_PACKAGES CONFIG_TARGET_INIT_PATH CONFIG_TARGET_PREINIT_DISABLE_FAILSAFE
 
 include $(INCLUDE_DIR)/package.mk
 
@@ -82,6 +82,7 @@ define ImageConfigOptions
 	echo 'pi_broadcast=$(if $(CONFIG_TARGET_PREINIT_BROADCAST),$(CONFIG_TARGET_PREINIT_BROADCAST),"192.168.1.255")' >>$(1)/lib/preinit/00_preinit.conf
 	echo 'pi_preinit_net_messages="$(CONFIG_TARGET_PREINIT_SHOW_NETMSG)"' >>$(1)/lib/preinit/00_preinit.conf
 	echo 'pi_preinit_no_failsafe_netmsg="$(CONFIG_TARGET_PREINIT_SUPPRESS_FAILSAFE_NETMSG)"' >>$(1)/lib/preinit/00_preinit.conf
+	echo 'pi_preinit_no_failsafe="$(CONFIG_TARGET_PREINIT_DISABLE_FAILSAFE)"' >>$(1)/lib/preinit/00_preinit.conf
 endef
 endif
 
diff --git a/package/base-files/files/lib/preinit/10_indicate_failsafe b/package/base-files/files/lib/preinit/10_indicate_failsafe
index 6afae410b68..27b94c140fb 100644
--- a/package/base-files/files/lib/preinit/10_indicate_failsafe
+++ b/package/base-files/files/lib/preinit/10_indicate_failsafe
@@ -9,6 +9,7 @@ indicate_failsafe_led () {
 }
 
 indicate_failsafe() {
+	[ "$pi_preinit_no_failsafe" = "y" ] && return
 	echo "- failsafe -"
 	preinit_net_echo "Entering Failsafe!\n"
 	indicate_failsafe_led
diff --git a/package/base-files/files/lib/preinit/30_failsafe_wait b/package/base-files/files/lib/preinit/30_failsafe_wait
index 3d69baf3a4b..9a34f2de4cb 100644
--- a/package/base-files/files/lib/preinit/30_failsafe_wait
+++ b/package/base-files/files/lib/preinit/30_failsafe_wait
@@ -39,7 +39,7 @@ fs_wait_for_key () {
 		rm -f $keypress_wait
 	} &
 
-	echo "Press the [$1] key and hit [enter] $2"
+	[ "$pi_preinit_no_failsafe" != "y" ] && echo "Press the [$1] key and hit [enter] $2"
 	echo "Press the [1], [2], [3] or [4] key and hit [enter] to select the debug level"
 	# if we're on the console we wait for input
 	{
@@ -82,6 +82,10 @@ fs_wait_for_key () {
 
 failsafe_wait() {
 	FAILSAFE=
+	[ "$pi_preinit_no_failsafe" == "y" ] && {
+		fs_wait_for_key "" "" $fs_failsafe_wait_timeout
+		return
+	}
 	grep -q 'failsafe=' /proc/cmdline && FAILSAFE=true && export FAILSAFE
 	if [ "$FAILSAFE" != "true" ]; then
 		pi_failsafe_net_message=true
diff --git a/package/base-files/files/lib/preinit/40_run_failsafe_hook b/package/base-files/files/lib/preinit/40_run_failsafe_hook
index cb43ad39cba..7301f77349a 100644
--- a/package/base-files/files/lib/preinit/40_run_failsafe_hook
+++ b/package/base-files/files/lib/preinit/40_run_failsafe_hook
@@ -3,6 +3,7 @@
 # Copyright (C) 2010 Vertical Communications
 
 run_failsafe_hook() {
+    [ "$pi_preinit_no_failsafe" = "y" ] && return
     if [ "$FAILSAFE" = "true" ]; then
 	boot_run_hook failsafe
 	lock -w /tmp/.failsafe
diff --git a/package/base-files/image-config.in b/package/base-files/image-config.in
index c68f0b4a37d..ef1d76790a4 100644
--- a/package/base-files/image-config.in
+++ b/package/base-files/image-config.in
@@ -24,13 +24,24 @@ config TARGET_PREINIT_SUPPRESS_STDERR
 		the ash shell launched by inittab will display stderr).  That's
 		the same behaviour as seen in previous version of OpenWrt.
 
+config TARGET_PREINIT_DISABLE_FAILSAFE
+	bool
+	prompt "Disable failsafe" if PREINITOPT
+	default n
+	help
+		Disable failsafe mode.  While it is very handy while
+		experimenting or developing it really ought to be
+		disabled in production environments as it is a major
+		security loophole.
+
 config TARGET_PREINIT_TIMEOUT
 	int
-	prompt "Failsafe wait timeout" if PREINITOPT
+	prompt "Failsafe/Debug wait timeout" if PREINITOPT
 	default 2
 	help
-		How long to wait for failsafe mode to be entered before
-		continuing with a regular boot if failsafe not selected.
+		How long to wait for failsafe mode to be entered or for
+		a debug option to be pressed before continuing with a
+		regular boot.
 
 config TARGET_PREINIT_SHOW_NETMSG
 	bool
@@ -45,7 +56,7 @@ config TARGET_PREINIT_SHOW_NETMSG
 
 config TARGET_PREINIT_SUPPRESS_FAILSAFE_NETMSG
 	bool
-	prompt "Suppress network message indicating failsafe" if PREINITOPT
+	prompt "Suppress network message indicating failsafe" if ( PREINITOPT && !TARGET_PREINIT_SHOW_NETMSG && !TARGET_PREINIT_DISABLE_FAILSAFE )
 	default n
 	help
 		If "Show all preinit network messages" above is not set, then
-- 
GitLab