This reverts commit b8f50680e5.
The support to read and write to an encrypted environment has been added, so
there is no need to exclude the u-boot-fw-utils anymore.
https://jira.digi.com/browse/DEL-2836
Signed-off-by: Diaz de Grenu, Jose <Jose.DiazdeGrenu@digi.com>
Add commented lines as example to configure and run the wlan0 interface in AP
mode using hostapd daemon.
https://jira.digi.com/browse/DEL-2913
Signed-off-by: Isaac Hermida <isaac.hermida@digi.com>
Do not autostart hostapd daemon on boot because because it will conflict with
wpa-supplicant process and add a custom hostapd.conf file with WPA2-AES
encryption.
https://jira.digi.com/browse/DEL-2913
Signed-off-by: Isaac Hermida <isaac.hermida@digi.com>
Currently we don't support booting encrypted images from an SDCARD, so
just disable the generation of such images.
https://jira.digi.com/browse/DEL-2876
Signed-off-by: Javier Viguera <javier.viguera@digi.com>
enabled
There is currently no support on fw_printenv/fw_setenv to access an
encrypted environment.
This commit removes the package if U-Boot environment encryption is
enabled to avoid environment corruption on access.
It also documents the issue as a known issue.
https://jira.digi.com/browse/DEL-2625
Signed-off-by: Alex Gonzalez <alex.gonzalez@digi.com>
According to 'grep' manual '\s' is a synonym for [[:space:]] which
matches spaces, TABs, but also newlines, etc. We want to only match
spaces and TABs, so use [[:blank:]] instead.
Signed-off-by: Javier Viguera <javier.viguera@digi.com>
* set cellular user and password
* stricter replace to not match set values
* only set cellular interface to auto
Internal merge of Github's PR:
https://github.com/digi-embedded/meta-digi/pull/2
Signed-off-by: Javier Viguera <javier.viguera@digi.com>
By default, on closed devices you cannot revoke any key. To do so, it is
required to compile a U-Boot which instructs the HAB not to set the sticky
bit which write protects that field in the OCOTP controller.
This patch introduces a Yocto macro which allows to configure U-Boot in
that way.
In the ConnectCore 6, the value of this settings is ignored, because HAB never
sets the sticky bit which write protects that field.
https://jira.digi.com/browse/DUB-665
Signed-off-by: Diaz de Grenu, Jose <Jose.DiazdeGrenu@digi.com>
While performing usability testing on the TrustFence documentation, it has
been noted that in order to follow the secure boot instructions the
console needs to be enabled.
We have now moved the secure console section to the end of the
documentation so that disabling the console is the last configuration to
make in a secure system.
Signed-off-by: Alex Gonzalez <alex.gonzalez@digi.com>
Down the bluetooth interface before entering suspend and up it after resuming
if it is present and up.
https://jira.digi.com/browse/DEL-2806
Signed-off-by: Isaac Hermida <isaac.hermida@digi.com>
Start syslog earlier (from 20 to 02) so it is running and other init scripts
can use it to log into the system like the S03networking script.
https://jira.digi.com/browse/DEL-2812
Signed-off-by: Isaac Hermida <isaac.hermida@digi.com>
This is needed so the encrypted rootfs is properly resized to the
partition size.
https://jira.digi.com/browse/DEL-2765
Signed-off-by: Javier Viguera <javier.viguera@digi.com>
New functionality has been implemented in trustfence-tool application,
so there is no need to call cryptsetup command.
Signed-off-by: Javier Viguera <javier.viguera@digi.com>
Get filesystem type of rootfs block device and pass it explicitly to the
mount command to clean following warnings on boot:
EXT4-fs (dm-0): couldn't mount as ext3 due to feature incompatibilities
EXT4-fs (dm-0): couldn't mount as ext2 due to feature incompatibilities
Signed-off-by: Javier Viguera <javier.viguera@digi.com>
We need a different configuration file, because the SoftAP functionality is
supported using the hostapd package instead of the wpa_supplicant.
https://jira.digi.com/browse/DEL-2744
Signed-off-by: Isaac Hermida <isaac.hermida@digi.com>
Extend the report with more details about:
- memory usage
- all network ports (-a) with their related PIDs (-p)
- network link details (to determine if interface is up)
Signed-off-by: Isaac Hermida <isaac.hermida@digi.com>
Using module-detect there are some audio reverb problems. Reverting that commit
will make pulseaudio use module-udev-detect again instead, which takes longer
to initialize but does not have that problem.
This reverts commit e021f738ee.
https://jira.digi.com/browse/DEL-2587
Signed-off-by: Jose Diaz de Grenu de Pedro <Jose.DiazdeGrenudePedro@digi.com>
When module-alsa-sink is used, the audio is sometimes heard with
reverb. We will go back to module-udev-detect, so the functionality
introduced in the commit being reverted won't longer work.
This reverts commit fca507d316.
https://jira.digi.com/browse/DEL-2587
Signed-off-by: Jose Diaz de Grenu de Pedro <Jose.DiazdeGrenudePedro@digi.com>
Add a couple of bluez patches: one for increasing the number of connection
showed with "hcitool con" command and remove "refresh" option in hcitool
help that is not supported.
The qca6564 chip can support more than 10 simultaneous BLE connections.
https://jira.digi.com/browse/DEL-2735
Signed-off-by: Isaac Hermida <isaac.hermida@digi.com>
qtwebengine does not support armv5 platforms (for example ccardimx28js),
so we need to restrict that package to the ccimx6sbc
Signed-off-by: Javier Viguera <javier.viguera@digi.com>
When Trustfence is enabled, this adds a dependence on the TF initramfs,
so it's built and added to the boot image.
It also modifies the u-boot boot script on the fly, to boot correctly
using the Trustfence initramfs.
https://jira.digi.com/browse/DEL-2278
Signed-off-by: Javier Viguera <javier.viguera@digi.com>
This recipe builds the initramfs image that is used to boot from an
encrypted rootfs.
https://jira.digi.com/browse/DEL-2278
Signed-off-by: Javier Viguera <javier.viguera@digi.com>
This package adds some files needed by the trustfence initramfs and that
are not included in other packages.
https://jira.digi.com/browse/DEL-2278
Signed-off-by: Javier Viguera <javier.viguera@digi.com>
lvm2 package provides some user-space tools, but also some dynamic
libraries: libdevmapper, libdevmapper-event, etc.
This commit allows to package the LVM2 libraries in a different package
than the LVM2 user-space tools. This way other user-space tools (e.g.
cryptsetup) that runtime depends on the LVM2 libs can only add that libs
package to the rootfs, instead of the whole LVM2 utilities.
Signed-off-by: Javier Viguera <javier.viguera@digi.com>
The ccimx6ul or ccardimx28 do not have hdmi interface, so do not install the
hdmi hotplug script.
https://jira.digi.com/browse/DEL-2654
Signed-off-by: Isaac Hermida <isaac.hermida@digi.com>
The TRUSTFENCE_UBOOT_DEK_SIZE Yocto macro maps to the UBOOT_DEK_SIZE U-Boot
Kconfig entry, which is defined as a choice entry. This makes necessary
to explicitly define the choice Kconfig entry for the configuration to
work.
Signed-off-by: Diaz de Grenu, Jose <Jose.DiazdeGrenu@digi.com>
There are several possible values for TRUSTFENCE_UBOOT_ENV_DEK:
* Not defined: if the trustfence support is not included.
Should not include the feature.
* 32 characters: when defining a valid key.
Should include the feature.
* "0": when explicitly disabling the feature.
Should not include the feature
* <other>: Invalid value, should trigger the error.
This commits fixes the logic so that 'None' (no defined) is taken as a valid
value.
Signed-off-by: Diaz de Grenu, Jose <Jose.DiazdeGrenu@digi.com>
The following utilities are supposed to be available on the environment's
PATH:
uptime, uname, cat, zcat, free, ps, mount, netstat, route, ifconfig, gzip
https://jira.digi.com/browse/DEL-2447
Signed-off-by: Alex Gonzalez <alex.gonzalez@digi.com>
This commit changes the CONFIG_CCIMX6SBC_CONSOLE_ENABLE_GPIO_NR define
into a platform independent setting.
Signed-off-by: Mike Engel <Mike.Engel@digi.com>
https://jira.digi.com/browse/DEL-2641
The power regulator connected to the qca6554 chip is always on, which causes
the Bluetooth part to not work correctly after a software-reset.
This commit asserts momentarily the BT_EN line during the start-up sequence
to reset the Bluetooth controller so that it is in a predictable state after a
reset.
https://jira.digi.com/browse/DEL-2623
Signed-off-by: Isaac Hermida <isaac.hermida@digi.com>
This function is deprecated in favor of bb.utils.contains. The same
change has been done in other layers.
Signed-off-by: Javier Viguera <javier.viguera@digi.com>
https://jira.digi.com/browse/DEL-2603
Signed-off-by: Alex Gonzalez <alex.gonzalez@digi.com>
Signed-off-by: Jose Diaz de Grenu de Pedro <Jose.DiazdeGrenudePedro@digi.com>
The steps to set the bluetooth MAC address is send an specific hci command
and an hci reset, so the bluetooth interface need to be up in order to
configure it.
Additionally we have generalized the way to read the MAC address from the
device tree and removed some old code for getting the MAC address in
kernel version 2.
https://jira.digi.com/browse/DUB-595
Signed-off-by: Isaac Hermida <isaac.hermida@digi.com>
Add a software workaround to disable the HW flow control because the SOM
revision 3 (and older) has swapped the bluetooth TX and RX lines so we need
to operate in DTE mode which implies that the HW control lines are swapped.
This also implies reducing the baudrate to avoid the need for HW flow control.
https://jira.digi.com/browse/DEL-2611
Signed-off-by: Isaac Hermida <isaac.hermida@digi.com>
Implement the set of TRUSTFENCE_ macros to configure each secure boot feature
available in U-Boot.
https://jira.digi.com/browse/DUB-570
Signed-off-by: Jose Diaz de Grenu de Pedro <Jose.DiazdeGrenudePedro@digi.com>
sysinfo is a bash script which gathers all the relevant information
from a running system on a timestamped compressed file.
https://jira.digi.com/browse/DEL-2447
Signed-off-by: Victor Rubio Victor.RubioTorroba@digi.com
Signed-off-by: Alex Gonzalez <alex.gonzalez@digi.com>
Signed-off-by: Javier Viguera <javier.viguera@digi.com>
This commit adds a trustfence class to encapsulate all trustfence
configurations.
https://jira.digi.com/browse/DEL-2257
Signed-off-by: Alex Gonzalez <alex.gonzalez@digi.com>
This support comes from meta-linaro @9f899282caa9 and adds the ability
to configure getty dynamically from the console argument in the kernel
command line.
This will make it possible to enable/disable the console dynamically as
signalled by U-Boot.
Signed-off-by: Alex Gonzalez <alex.gonzalez@digi.com>
Port the bluez5 qca6564 support based on 5.19 to the current version 5.33.
The ported version is based on qualcomm tag r110048.3.
https://jira.digi.com/browse/DEL-2581
Signed-off-by: Isaac Hermida <isaac.hermida@digi.com>
This daemon (rngd) feeds random data from hardware device to kernel
entropy pool.
https://jira.digi.com/browse/DEL-2501
Signed-off-by: Javier Viguera <javier.viguera@digi.com>
As of Yocto 2.0, the cryptodev module used as interface between
user-space and hardware encryption is the version 1.7.
According to that cryptodev's version documentation, the cryptodev
engine in openssh is outdated:
https://github.com/cryptodev-linux/cryptodev-linux/blob/cryptodev-linux-1.7/README
They provide an URL with two patches to update openssl. This commit
forward port those patches to the Openssl version used in this version
of Yocto.
https://jira.digi.com/browse/DEL-2501
Signed-off-by: Javier Viguera <javier.viguera@digi.com>
COMPATIBLE_MACHINE is a regular expression, so we need to update the current
pattern for ccimx6 due to it will also match with ccimx6ul.
Signed-off-by: Isaac Hermida <isaac.hermida@digi.com>
That restriction does not make any difference in the final image
contents, because no package depending on X11 is added to the image, and
it prevents the image from being built with the default DEY
configuration (that has X11 distro feature enabled).
This also allows to build the image in the buildserver with the same job
that builds other X11 based images.
https://jira.digi.com/browse/DEL-2106
Signed-off-by: Javier Viguera <javier.viguera@digi.com>
Use LAYERDEPENDS to configure the layer dependences for meta-digi-arm
and meta-digi-dey.
https://jira.digi.com/browse/DEL-1129
Signed-off-by: Javier Viguera <javier.viguera@digi.com>
Otherwise building the demo application fails with:
| DEBUG: Executing shell function do_configure
| Project ERROR: Unknown module(s) in QT: svg
Signed-off-by: Javier Viguera <javier.viguera@digi.com>
This patch adds a udev rule and a script to detect HDMI hotplug and create
the HDMI audio pulseaudio sink if needed (that is, if the system was
booted with no HDMI cable plugged).
https://jira.digi.com/browse/DEL-2327
Signed-off-by: Jose Diaz de Grenu de Pedro <Jose.DiazdeGrenudePedro@digi.com>
A patch sent upstream has been finally merged so this commit is not
needed anymore.
This reverts commit 6a66656161.
Signed-off-by: Javier Viguera <javier.viguera@digi.com>
module-udev-detect blocks the sound interface on boot for about five
seconds while detecting the hardware. This patch removes it so that
module-detect is used instead, which uses static hardware detection and is
faster.
https://jira.digi.com/browse/DEL-2218
Signed-off-by: Jose Diaz de Grenu de Pedro <Jose.DiazdeGrenudePedro@digi.com>
Move this variable to DEY distro conf so that it is available for any
recipe built with the distro.
Signed-off-by: Hector Palacios <hector.palacios@digi.com>
https://jira.digi.com/browse/DEL-2192
There is another OpenGL demo application QT5 Hello Windows for testing
purposes.
https://jira.digi.com/browse/DEL-2184
Signed-off-by: Javier Viguera <javier.viguera@digi.com>
It has been observed that the wireless interface ocassionally fails to resume
from suspend on extensive long run validation testing, so we workaround it by
bringing the interface down before suspend and bring it up again after resume
This reverts commit a77cd1406d.
https://jira.digi.com/browse/DEL-2217
Signed-off-by: Isaac Hermida <isaac.hermida@digi.com>
This image provides a demo rootfs with QT. It can be built for
framebuffer and also for X11.
https://jira.digi.com/browse/DEL-2196
Signed-off-by: Javier Viguera <javier.viguera@digi.com>
We were masking meta-fsl-arm linux recipes to clean some warnings on
bitbake parsing. This does not happen anymore with new versions of
Yocto, so just remove this BBMASK.
Signed-off-by: Javier Viguera <javier.viguera@digi.com>
This install the 'obexd' server which is needed for the QT5 bluetooth
file transfer example applications.
https://jira.digi.com/browse/DEL-2147
Signed-off-by: Javier Viguera <javier.viguera@digi.com>
Generalize bluetooth support so it can be used not only with bluez4 but
with bluez5 as well. Use EXTRA_QMAKEVARS_PRE to pass the packageconfig
options to the do_configure task.
https://jira.digi.com/browse/DEL-2147
Signed-off-by: Javier Viguera <javier.viguera@digi.com>
This is a user-space workaround for the reboot/poweroff problems we
are having in the ccimx6sbc. Seems that they are not reproducible when
only one core is enabled, so the workaround is to disable the rest of
the cores for rebooting/halting.
https://jira.digi.com/browse/DEL-2133https://jira.digi.com/browse/DEL-2148
Signed-off-by: Javier Viguera <javier.viguera@digi.com>
(cherry picked from commit a9e36a74bb20ab38f220116ba2742dca3d80c293)
Also initialize the video sink to 'glimagesink' in case it has not been
configured from the environment, but only for the X11 application
(gtk-play). This recipe also provides a command line application for
framebuffer (gst-play) that is not affected by this change.
https://jira.digi.com/browse/DEL-2132
Signed-off-by: Javier Viguera <javier.viguera@digi.com>
The example applications are not packaged by default, so extend the
recipe to create a package with the example applications.
https://jira.digi.com/browse/DEL-1960
Signed-off-by: Javier Viguera <javier.viguera@digi.com>
The script toggles the BT power GPIO regardless of the value being
undefined.
Check that the GPIO is defined before trying to toggle it.
Signed-off-by: Hector Palacios <hector.palacios@digi.com>
The BT power GPIOgpio was determined basing on machine name on device tree.
This corresponds to the name of the board, and might be changed by a user
that designs his own carrier board to use the module on.
Besides, the BT power GPIO is a pin that's routed on the module (both on
the ConnectCore 6 and on the ConnectCard for i.MX28) not on the carrier
board.
This commit determines the BT power GPIO basing on the module string inside
the 'compatible' property. This must exactly match the module name and is
a required property for using Digi module's BSP.
Signed-off-by: Hector Palacios <hector.palacios@digi.com>
https://jira.digi.com/browse/DEL-2109
So we can build a 'dey-image-graphical' image for framebuffer with
support for QT5.
https://jira.digi.com/browse/DEL-2017
Signed-off-by: Javier Viguera <javier.viguera@digi.com>
No functional change, as 'package-management' is added via the included
dey-image-minimal recipe, and 'pointercal-xinput' is a dependence of
xinput-calibrator which is added for X11 images.
Signed-off-by: Javier Viguera <javier.viguera@digi.com>
By default QT5 applications use 'xcb' platform plugin but this can be
changed using the QT_QPA_PLATFORM environment variable. On non-X11
images the 'xcb' platform plugin obviously does not work, so just
configure 'eglfs' for non-X11 images.
https://jira.digi.com/browse/DEL-2017
Signed-off-by: Javier Viguera <javier.viguera@digi.com>
There are some demo apps that otherwise fail with:
QSqlDatabase: QSQLITE driver not loaded
QSqlDatabase: available drivers:
Signed-off-by: Javier Viguera <javier.viguera@digi.com>
This demo app is very generic and does not play well with FSL gstreamer
plugin, so using it just crashes in different ways (doing a camera zoom,
recording a video, etc)
This reverts commit 2776dcd654.
Signed-off-by: Javier Viguera <javier.viguera@digi.com>
Diaz de Grenu, Jose
Isaac Hermida
Javier Viguera
Alex Gonzalez
Stephan Klatt
Mike Engel
Jose Diaz de Grenu de Pedro
Victor Rubio
Arturo Buzarra
Hector Palacios