HP Probook 430 G8 System MAC not passing through USB Type-C Dongle
-
@sebastian-roth said in HP Probook 430 G8 System MAC not passing through USB Type-C Dongle:
@michaeloberg Ok, I just build a new kernel without the cdc_ether driver included (latest 5.10.83): https://fogproject.org/kernels/bzImage-no-cdc_ether
Give that a try and let us know.
I’m sorry, I don’t mean to threadjack, but I have been strugglebussing for years (literally) trying to get these Lenovo ThinkPad x1 Carbon Gens 7, 8 and 9 to image with a dongle but have had no luck. Using this kernal has solved the USB adapter problems. How do I go about making it the main kernal so I don’t have to pre-create a machine and specify the kernal?
Please feel free to break this off into another thread (I just wanted it to have some context,) as there are a few other things that I have questions about.
Thank you so much for the amazing things y’all do!
-
@george1421
Update - HP has a Mac Address Management software they had me install in the Windows environment that worked, however it doesn’t do anything for FOS or Deepin. The program is called hpmamsrv.exe.Here is the software: https://ftp.hp.com/pub/softpaq/sp95501-96000/sp95997.exe
I have requested more information after relaying that this issue is not resolved as it doesn’t work for the Operating Systems.
I will let you know when I hear back from HP.
Michael
-
@michaeloberg Digging into the code a bit deeper I see that the stock linux kernel 8153 nic driver (v1.11) has support for mac pass through for lenovo. The realtek v2.15 driver (I added to one of the test kernels bzImage-rt-215) has additional support for Dell. Both Lenovo and Dell are specifically called out in the driver, but not HP. It looks like HP got around the windows driver issue by issuing a <snark>hack</snark> shim app that updates the mac address outside of the nic driver.
So if we think about it from a hacker’s perspective (1980’s terms not 2000’s terms for hacker) iPXE (which is reading the right value) is passing the mac address to bzImage as a kernel parameter (at least it should be). We might be able to use the “HP fix way” and use ethtool to replace the mac address of the detected nic. I know for a linux router project I worked on I was able to change the mac address of the nic to present itself as an Xbox mac. We would need to do this before the nic adapter is initialized in FOS linux (totally possible) so that means we might need a custom init.xz (also possible). Let me do some testing.
-
@george1421 This post is to just get my thoughts documented.
If we edit the FOS
/etc/init.d/S40network
startup script and add a flag check after the network interface has been confirmed. If that flag says swap out the mac address with the one provided by iPXE then use theip
program to replace the mac address.UNDERSTAND: NOTHING has been tested here. I just finished gluing it together from different code snippets.
The heart of the code would be this section.
for retry in $(seq 3); do /sbin/udhcpc -i $iface --now ustat="$?" curl -Ikfso /dev/null "${web}"/index.php --connect-timeout 5 cstat="$?" # If the udhcp is okay AND we can curl our web # we know we have link so no need to continue on. # NOTE: the link to web is kind of important, just # exiting on dhcp request is not sufficient. if [[ $ustat -eq 0 && $cstat -eq 0 ]]; then if [[ ! -z $mac0 && ! -z $domacset ]]; then # Update the mac address if the DOMACSET flag # has been raised ip link set dev $iface down ip link set dev $iface address $mac0 ip link set dev $iface up fi exit 0 fi echo "Either DHCP failed or we were unable to access ${web}/index.php for connection testing." # If we are on the 2nd loop, lets check too seeif # spanning tree is blocking dhcp if [ $seq -eq 2 ]; then echo "Waiting for Spanning Tree timeout on $iface" sleep 27 else sleep 1 fi done
I also added in a bonus that on the 3rd try to init the interface, I added in a 27 second delay for spanning tree to start forwarding data. I figure if we get to the 3rd try the interface will probably not come up cause it either works right away or it doesn’t. One reason why it doesn’t is that spanning tree has the port in a blocking state.
The complete S40network file would be this:
#!/bin/bash # # Start the network.... # if [[ -n $has_usb_nic ]]; then echo "Please unplug your device and replug it into the usb port" echo -n "Please press enter key to connect [Enter]" read -p "$*" echo "Sleeping for 5 seconds to allow USB to sync back with system" sleep 5 fi # Geo-Grabbing kernel parameters because the variables are probably not set yet for var in $(cat /proc/cmdline); do var=$(echo "${var}" | awk -F= '{name=$1; gsub(/[+][_][+]/," ",$2); gsub(/"/,"\\\"", $2); value=$2; if (length($2) == 0 || $0 !~ /=/ || $0 ~ /nvme_core\.default_ps_max_latency_us=/) {print "";} else {printf("%s=%s", name, value)}}') [[ -z $var ]] && continue; eval "export ${var}" 2>/dev/null done # Enable loopback interface echo -e "auto lo\niface lo inet loopback\n\n" > /etc/network/interfaces /sbin/ip addr add 127.0.0.1/8 dev lo /sbin/ip link set lo up sleep 10 # Generated a sorted list with primary interfaces first read p_ifaces <<< $(/sbin/ip -0 addr show | awk 'ORS=NR%2?FS:RS' | awk -F'[: ]+' 'tolower($0) ~ /link[/]?ether/ && tolower($0) ~ /'$mac'/ {print $2}' | tr '\n' ' ') read o_ifaces <<< $(/sbin/ip -0 addr show | awk 'ORS=NR%2?FS:RS' | awk -F'[: ]+' 'tolower($0) ~ /link[/]?ether/ && tolower($0) !~ /'$mac'/ {print $2}' | tr '\n' ' ') ifaces="$p_ifaces $o_ifaces" for iface in $ifaces; do echo "Starting $iface interface and waiting for the link to come up" echo -e "auto $iface\niface $iface inet dhcp\n\n" >> /etc/network/interfaces /sbin/ip link set $iface up # Wait till the interface is fully up and ready (spanning tree) timeout=0 linkstate=0 until [[ $linkstate -eq 1 || $timeout -ge 35 ]]; do let timeout+=1 linkstate=$(/bin/cat /sys/class/net/$iface/carrier) [[ $linkstate -eq 0 ]] && sleep 1 || break done [[ $linkstate -eq 0 ]] && echo "No link detected on $iface for $timeout seconds, skipping it." && continue for retry in $(seq 3); do /sbin/udhcpc -i $iface --now ustat="$?" curl -Ikfso /dev/null "${web}"/index.php --connect-timeout 5 cstat="$?" # If the udhcp is okay AND we can curl our web # we know we have link so no need to continue on. # NOTE: the link to web is kind of important, just # exiting on dhcp request is not sufficient. if [[ $ustat -eq 0 && $cstat -eq 0 ]]; then # Geo-Checking to see if we should swap out the mac address if [[ ! -z $mac && ! -z $domacset ]]; then # Update the mac address if the DoMACSet flag # has been raised ip link set dev $iface down ip link set dev $iface address $mac ip link set dev $iface up fi exit 0 fi echo "Either DHCP failed or we were unable to access ${web}/index.php for connection testing." # Geo-If we are on the 2nd loop, lets check too seeif # spanning tree is blocking dhcp if [ $seq -eq 2 ]; then echo "Waiting for Spanning Tree timeout on ${iface}..." sleep 27 else sleep 1 fi done echo "No DHCP response on interface $iface, skipping it." done # If we end up here something went wrong as we do exit the script as soon as we get an IP! if [[ -z "$(echo $ifaces | tr -d ' ')" ]]; then # because ifaces is constructed with a space, we must strip it echo "No network interfaces found, your kernel is most probably missing the correct driver!" else echo "Failed to get an IP via DHCP! Tried on interface(s): $ifaces" fi echo "Please check your network setup and try again!" [[ -z $isdebug ]] && sleep 60 && reboot echo "Press enter to continue" read exit 1
-
@michaeloberg OK I have a new one-off init built. Download this file to
/var/www/html/fog/service/ipxe
directory. I debugged and replaced the script below in this this init to support mac spoofing like HP is doing. https://drive.google.com/file/d/1cFsPlkrqlwOjblHErCGr-OXHiKZd8jeZ/view?usp=sharingWe are still debugging here. So lets take baby steps. Once this is downloaded go into the host definition for this specific computer. We need to update some values.
Host Init: init_macset.xz
Host Kernel Arguments: domacset=1This tells this specific computer to use the new init (virtual hard drive). And the kernel parameter flags the mac replacement code to run. That way without that flag the network inits normally.
Schedule another task in debug mode on this dongled computer. Once in the FOS Linux CLI key in
ip a s
lets see if the nic has the mac address of the pass through mac. If not key in this commandcat /proc/cmdline
and post the results here. -
Thank you for the explanation and work on this. You mentioned to download the init_macset and place it in the /var/www/html/fog/service/ipxe directory. I have the file downloaded to my computer, how do I go about transferring that to my FOG Server? When I was downloading and testing kernels, I did that directly in the cli of the FOG server through Putty from the shared google drive.
TIA,
Michael
-
@michaeloberg You can use pscp from command line. That is putty’s copy program. Understand its all command line. Or you can use WinSCP which is a gui based copy program much like filezilla client or windows exporer (ish).
or we can hack up the URL that Tom provided below
wget -O /var/www/fog/service/ipxe/init_macset.xz https://drive.google.com/uc?id=1cFsPlkrqlwOjblHErCGr-OXHiKZd8jeZ&export=download
-
The test results are below, circled in red is the system MAC (not the dongle).
-
@michaeloberg Excellent! The MAC pass through (hack) worked. So now it would be interested in seeing if you can get a working capture or deploy.
For full disclosure (for the Devs mainly) I had a problem building the inits with buildroot. gpartdisk (or something like that) failed to apply the patch that was in the package. That patch failed because it said it was already installed. There was another build root package that threw a similar error. In box cases I just removed the patch from the packages directory and then it built correctly.
My confidence level with this init is 90% just because I had errors with the build. The hack to the startup script was simple and as long as it passes syntax checking it should work so that bit is 99% confidence.
-
@george1421 said in HP Probook 430 G8 System MAC not passing through USB Type-C Dongle:
For full disclosure (for the Devs mainly) I had a problem building the inits with buildroot. gpartdisk (or something like that) failed to apply the patch that was in the package. That patch failed because it said it was already installed. There was another build root package that threw a similar error. In box cases I just removed the patch from the packages directory and then it built correctly.
Please tell us which version of buildroot you use? The official FOS init is still build with 2020.02.12. I know it’s a shame but I didn’t get to work on updating this as well testing and all that. Should really do soon to hopefully have a newer version in the next official FOG release - needs a few weeks of people testing it.
-
@sebastian-roth said in HP Probook 430 G8 System MAC not passing through USB Type-C Dongle:
Please tell us which version of buildroot you use?
21.02.7. I remembered the 02 release from before, but I didn’t think it was 2020. Wow time flies during a pandemic…
I suppose I can reset buildroot and recompile the inits again and document the errors. But all of the errors were patch files failing saying the patch was already installed. Plus the gptdisk did have several versions of updates past what fog is using. I did not change that in the linked inits. So everything “should” be the same except for the update S40network init file.
-
@george1421
I am not able to deploy an image to this machine, it shows “attempting to check in”I also tried to do this by manually imaging (PXE Booting, then choosing deploy image) to no avail, it repeats the username/password 3 times then brings me to the FOG Compatibility menu and when I choose show MAC address it still shows the Dongle MAC:
In Debug mode using ip a s it shows the system MAC.
-
Just wanting to update this post as it’s been a while. I have been working with HP support and they still have not fixed this issue (expect for the previously mentioned installer that only works in Windows).
I hope everyone has a Great Holiday Season and a Happy New Year!
I will continue to work off and on until January 5th when we return to school. If I don’t get anywhere with HP prior to that, I won’t be updating this.
Thanks again!
Michael
-
@michaeloberg Ok thank you for the update. I haven’t had time to dig into the script to where it checks in with the FOG server and to see why its failing. The “hack” that I did with the network boot up script to replace the mac address should hold through the imaging process. I think from the fog side we can get this moving even if HP doesn’t have a solution. I just need a few quite hours around the holiday to look at what its doing wrong. I think we are close to a solution, though.
Thank you for the update and have a splendid holiday with your family.
-
-
@michaeloberg I know this is an old topic, but there’s a piece that I noticed missing in all the instructions:
At registration time, the domacset flag isn’t set, so it would use the non-passed through device.
Please see this post:
https://forums.fogproject.org/post/154826it should help as there is a “global” method to set domacset regardless of if the device is registered or not and I suspect that will FIX the problem for new devices.
I’m sure you’ve worked around this by now, but just wanted to make it informed.
-
@Tom-Elliott I think this post helps fix the issues:
https://forums.fogproject.org/post/154920