Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Update README.md: add hardening paragraph #109

Open
wants to merge 1 commit into
base: main
Choose a base branch
from
Open

Update README.md: add hardening paragraph #109

wants to merge 1 commit into from

Conversation

manio
Copy link
Contributor

@manio manio commented May 5, 2024

No description provided.

@nisargjhaveri
Copy link
Owner

Are you seeing any issues because the sdcard is writable? We should not be writing anything apart from the bt config anyway. If we're not writing anything, sdcard should be safe anyway, no? Is some other process trying to write to sdcard?

@manio
Copy link
Contributor Author

manio commented May 10, 2024

Not exactly. I had a problem with the Pi Zero 2 W stopped booting. I was plugging it to the car's USB multiple times and it was not booting at all. Finally I just inserted the SD card to my main linux machine and mounted the filesystem, dmesg told "recovery complete" and It was working back again in the Pi and AndroidAuto was working fine again.
In fact when the fs is mounted read-write a lot of changes are written to this filesystem, like last timestamp for accessing files, timestamp for filesystem mount, whole journal, etc. So overall a lot of writes are done to the SD even when there are no file changes at all.
Read-only mode is much more safe, especially for system with unexpected power offs (like in the car).

@hkfuertes
Copy link
Contributor

I think I also have my sdcard corrupted, I will try this with a new card.... In the mean time... how about this?
https://github.com/azlux/log2ram

@hkfuertes
Copy link
Contributor

hkfuertes commented May 19, 2024
edited
Loading

Also, this could be even automated via ansible or something similar... maybe a bash script with ssh... or with Termux, from the phone itself (so that it could be mounted/remounted at will from the phone...)

@manio manio mentioned this pull request May 20, 2024
Open
@krish-ag
Copy link

I think I also have my sdcard corrupted, I will try this with a new card.... In the mean time... how about this? https://github.com/azlux/log2ram

I also have faced this issue on both raspberry pi 4 and zero 2 w that it does not work after some switching between android devices

I can make fs read only but I dont want to lose Android switching functionality

@anegrin anegrin mentioned this pull request Jun 27, 2024
Closed
@anegrin
Copy link

anegrin commented Jun 27, 2024

this looks like a good idea in general:

  • as far as i can see it's still writing logs
  • system can shutdown abruptly as the power goes off when car is shut down

this project is fantastic...i hope i will have time in the future to create some companion app to do:

  • change country_code
  • change AAWG_CONNECTION_STRATEGY
  • hardening/unhardening the system

@nisargjhaveri nisargjhaveri mentioned this pull request Aug 20, 2024
Open
@nisargjhaveri nisargjhaveri mentioned this pull request Aug 29, 2024
Merged
@nisargjhaveri
Copy link
Owner

We already log on RAM, but even then looks like there was continuous activity. Couldn't really figure out who and what it was trying to write.

See #159, which makes root readonly and creates a new partition for required persistent data. Have a look if it makes sense? My hunch is that it should greatly reduce chances of SD card failure.

@manio manio mentioned this pull request Nov 12, 2024
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
5 participants
@manio @nisargjhaveri @hkfuertes @krish-ag @anegrin