User Tools

Site Tools


This shows you the differences between two versions of the page.

Link to this comparison view

Both sides previous revision Previous revision
Next revision
Previous revision [2012/12/22 23:56]
freier.radikaler [2016/11/07 03:38] (current)
aharvey you need kmod-crypto-crc32c for some encrypted partitions. otherwise mount fails with 'EXT4-fs (dm-0): Cannot load crc32c driver.' in the kernel log
Line 1: Line 1:
 +====== USB Storage ======
 +Once you have obtained [[usb.essentials|Basic USB support]], you may want to connect a USB storage device to your router, for example a USB stick, a USB hard disk, etc. This article will tell you the steps and requirements to do this.\\
 +Note that this article is mainly about adding external space in addition to the [[doc/​techref/​flash.layout|internal flash usage]]. Moving the root-fs to an external storage space is described in the article [[doc:​howto:​extroot]].
 +===== Preparations =====
 +The main course of action is as follows:
 +  - Obtain [[usb.essentials|basic USB support]] on your OpenWrt-powered device;
 +  - Install USB storage prerequisites as shown [[​Required Packages for USB Storage|below]]. A connected USB storage device (e.g. hard disc) can now be recognised by the system;
 +  - If not already done, partition the device and create the file systems you want (see [[Storage]] on how to do this from within OpenWrt). The device itself and its partitions should immediately be available as [[wp>​Device file]]s under ''/​dev/''​. For example ''/​dev/​sda''​ as the device, with ''/​dev/​sda1'',​ ''/​dev/​sda2'',​ ... , the partitions. Or, in case it is not partitioned with a partition table and it has a single file system it may be directly accessible under e.g. ''/​dev/​sda''​. Subsequent devices you add will be ''/​dev/​sdb'',​ ''/​dev/​sdc''​ and so on. Make sure that the file system requirements are satisfied by installing the proper kernel packages for specific file system support (see [[Storage]]);​
 +  - These file systems can then be mounted and accessed, see [[Storage]]. Optionally, you can now configure automatic mounting at boot using ''​[[doc:​uci:​fstab|/​etc/​config/​fstab]]''​ and you can configure it as [[doc:​howto:​extroot|root file system using extroot]].
 +===== Required Packages for USB Storage =====
 +When your USB device is properly recognised by the system, using the proper driver kernel packages listed in [[usb.essentials|Basic USB support]], the following packages facilitate USB storage support:
 +  ***''​kmod-usb-storage''​** //​required//​ ... Kernel support for USB Mass Storage devices.
 +  ***''​kmod-fs-<​file_system>''​** //​required//​ ... the file system you formatted your partition in. Common examples include kmod-fs-ext4,​ kmod-fs-hfs,​ kmod-fs-hfsplus,​ kmod-fs-msdos,​ kmod-fs-ntfs,​ kmod-fs-reiserfs and kmod-fs-xfs.
 +  ***''​kmod-usb-storage-extras''​** //​optional//​ ... Kernel support for some more drivers, such as for SmartMedia card readers.
 +  ***''​block-mount''​** //​recommended//​ & //required (if using [[doc:​uci:​fstab]] UCI configuration or [[luci]] Mount Points)// ... Scripts used to mount and check block devices (filesystems and swap) and hotplug capability (recognition when device is plugged in).
 +  ***''​kmod-scsi-core''​** Any mass storage is a generic SCSI device.
 +| {{:​meta:​icons:​tango:​48px-outdated.svg.png?​nolink}} | Before the [[about:​history#​timeline|Attitude Adjustment]] release, other optional packages included: ''​block-hotplug''​ for USB recognition upon plug-in and ''​block-extroot''​ required for [[doc:​howto:​extroot|rootfs on external storage]]. In [[https://​​changeset/​26314/​trunk|r26314]] the three opkg packages ''​block-mount'',​ ''​block-extroot''​ and ''​block-hotplug''​ have been merged into a single package **''​block-mount''​**. |
 +===== Additional Packages for USB Storage =====
 +  ***''​e2fsprogs''​** //​additional//​ This package contains essential ext2/​ext3/​ext4 filesystem utilities for formatting and checking for errors on ext2/​ext3/​ext4 filesystems like mkfs.ext3, mkfs.ext4, fsck and other core utilities.
 +===== Examples =====
 +The following will install USB storage support, assuming USB works already, install ext4 file system support and mount a connected USB drive, pre-partitioned with a Linux swap partition and an ext4 partition. ​
 +opkg update
 +opkg install kmod-usb-storage block-mount kmod-fs-ext4
 +mkswap /dev/sda1
 +swapon /dev/sda1
 +mkdir -p /mnt/share
 +mount -t ext4 /dev/sda2 /mnt/share -o rw,sync
 +Note that partitions are usually auto detected, so this should work as well using default settings:
 +    mount /dev/sda2 /mnt/share
 +Another example is how to use an external usb stick with a FAT32 partition (but we'll keep ext4 support also). See also [[Storage]].
 +opkg update
 +opkg install kmod-usb-storage block-mount block-hotplug kmod-fs-ext4 kmod-fs-vfat kmod-nls-cp437 kmod-nls-iso8859-1
 +mkdir -p /mnt/usb
 +mount -t vfat /dev/sda1 /mnt/usb
 +===== Disable writing when not mounted =====
 +You may create an empty file to indicate that the disk is not plugged in so that you don't put files directly onto NAND by doing
 +umount /​mnt/​usb ​  #make sure the disk isn't mounted before doing this
 +touch /​mnt/​usb/​USB_DISK_NOT_PRESENT
 +chmod 555 /​mnt/​usb ​
 +chmod 444 /​mnt/​usb/​USB_DISK_NOT_PRESENT
 +This will prevent only processes not running as root from writing onto NAND (see [[https://​​viewtopic.php?​id=42351|this discussion]]). You can of course also use this file in your own scripts.
 +===== LUKS and dm-crypt=====
 +The good news first: OpenWrt can use encrypted disks almost out-of-the-box.
 +==== Drawbacks ====
 +The bad news is, there are some things to keep in mind.
 +=== Memory ===
 +Devices with 32 MB memory may run short of free memory. Symptoms can be that LUCI is displaying the Login page instead of the actual target page or that the out-of-memory killer starts killing tasks, so strange failures happen. Monitor the memory, e,g. using the ''​free''​ command.
 +=== I/O performance ===
 +Decryption and encryption may slow down the system. ''​cryptsetup benchmark''​ will show some numbers that can be compare for different platform.
 +==== Mounting existing encrypted partitions ====
 +Using Linux hard disk encryption with LUKS is straight forward:
 +  - Install required packages: <​code>​opkg install cryptsetup lvm2 kmod-crypto-aes kmod-crypto-misc kmod-crypto-xts kmod-crypto-iv kmod-crypto-cbc kmod-crypto-crc32c kmod-crypto-hash kmod-dm kmod-crypto-user</​code>​
 +  - Create necessary config files: Most of the kmod-crypto-* packages create file in /​etc/​modules.d folder that automatically installs provided modules at boot time. However kmod-crypto-misc containing sha256 module (among others) is an exception to this, hence we need to create such a file manually: <​code>​echo sha256_generic >/​etc/​modules.d/​11-crypto-misc</​code>​
 +  - Mounting your encrypted partition: Replace /​dev/​encrypted_partition with a path to the device file of your encrypted partition and /​mnt/​mountpoit with your desired mount point: <​code>​cryptsetup luksOpen /​dev/​encrypted_partition usbstorage_luks && mount /​dev/​mapper/​usbstorage_luks /​mnt/​mountpoint</​code>​
 +  - Umounting: <​code>​umount /​mnt/​mountpoint && cryptsetup luksClose usbstorage_luks</​code>​
 +==== Creating encrypted partitions ====
 +Please refer to the existing documentations,​ e.g.
 +    * [[https://​​index.php/​Dm-crypt/​Device_encryption]]
 +    * [[wp>​dm-crypt]]
 +===== Notes =====
 +<none yet> ​
 +/* the previous note was moved to the OPKG page since it was specific to that */