ST updated the AI layer from v6.1.1 to v6.2.0, which means our v6.1.% bbappend
is no longer applied. Update the recipe version to match the new X-LINUX-AI
release.
https://onedigi.atlassian.net/browse/DEL-10027
Signed-off-by: Arturo Buzarra <arturo.buzarra@digi.com>
The latest ST release (openstlinux-6.6-yocto-scarthgap-mpu-v26.02.18) checks for
the presence of several TF-M-related variables at parse time, even when they are
not used. This triggers build failures with the new M33-TD flavor variables
required by the TF-M recipe.
Set default (dummy) values for these variables to avoid the parse-time failures.
This is a workaround until full support for building secure TF-M binaries is
integrated.
https://onedigi.atlassian.net/browse/DEL-10022
Signed-off-by: Arturo Buzarra <arturo.buzarra@digi.com>
Remove options that aren't supported in v9.3.0 (LV_MEM_CUSTOM and
LV_TICK_CUSTOM_*) and move the lvgl-demo's default values to lv-conf.inc so
they can be changed via local.conf
Signed-off-by: Gabriel Valcazar <gabriel.valcazar@digi.com>
LVGL v9.3.0 added support for multi-touch gestures via the
USE_GESTURE_RECOGNITION option, but in doing so, they made all touchscreen
support depend on said symbol, at least for the wayland backend. Since the
option is disabled by default, touchscreen support wasn't working in the
wayland version of the demo.
Enable gesture recognition/touchscreen support by default when using the
wayland backend. This depends on LVGL's floating number support, so make sure
this is reflected in the recipe as well.
https://onedigi.atlassian.net/browse/DEL-9925
Signed-off-by: Gabriel Valcazar <gabriel.valcazar@digi.com>
Now that we support the LVGL wayland backend, include the weston desktop in
dey-image-lvgl images, like we used to in older DEY versions.
This reverts commit db3e526b31.
https://onedigi.atlassian.net/browse/DEL-9925
Signed-off-by: Gabriel Valcazar <gabriel.valcazar@digi.com>
We only want to recover the libinput patch that fixes the cursor issue in the
LVGL demo, don't recover the wl_shell patch.
This partially reverts commit 7afc4a67de.
https://onedigi.atlassian.net/browse/DEL-9925
Signed-off-by: Gabriel Valcazar <gabriel.valcazar@digi.com>
Rework our customizations and apply them as full files instead of patches to
make it easier for users to inspect.
Instead of having one cmake file for all backends, provide a separate file for
each backend and select it dynamically based on the selected backend. To do
this, create a new LVGL_BACKEND variable in lv-conf.inc.
While at it, increase the demo's memory from 256 KiB to 2 MiB to ensure that
the wayland flavor of the demo works properly.
https://onedigi.atlassian.net/browse/DEL-9925
Signed-off-by: Gabriel Valcazar <gabriel.valcazar@digi.com>
This backend depends on libsdl2, a library we don't include in our default
images. Even when this library is included, the LVGL demo doesn't work properly
when using the SDL backend on any of our platforms, so remove it.
https://onedigi.atlassian.net/browse/DEL-9925
Signed-off-by: Gabriel Valcazar <gabriel.valcazar@digi.com>
We're going to be adding support for LVGL's wayland backend in the following
commits, so recover the initscript logic that ties in with said backend
This reverts commit 21d9c4f17b.
https://onedigi.atlassian.net/browse/DEL-9925
Signed-off-by: Gabriel Valcazar <gabriel.valcazar@digi.com>
This is mostly logic to convert the backend configured in the PACKAGECONFIG to
the lv_conf.h file, based on the DEY 4.0 version of the recipe. Add weston as
a runtime dependency to make sure the final image has a wayland compositor and
recover DEY 4.0's mechanism to fall back to a minimal backend if wayland is
missing from DISTRO_FEATURES
Use the wayland backend by default in all platforms except the ccimx6ul
https://onedigi.atlassian.net/browse/DEL-9925
Signed-off-by: Gabriel Valcazar <gabriel.valcazar@digi.com>
Synchronize the dcmipp-isp-ctrl recipe with the meta-OpenSTLinux layer from the
openstlinux-6.6-yocto-scarthgap-mpu-v26.02.18 tag. Although the version string
appears to be a downgrade, the recipe points to a newer commit (SHA1),
following ST’s versioning.
https://onedigi.atlassian.net/browse/DEL-10021
Signed-off-by: Arturo Buzarra <arturo.buzarra@digi.com>
This fixes the build failure caused by the OpenSSL update in Poky.
Import the OpenSSL patch set from NXP's whinlatter release. Since NXP's
whinlatter release is based on OpenSSL 3.5.4, rebase the patches on top
of OpenSSL 3.5.5 to match the current version.
https://onedigi.atlassian.net/browse/DEL-10019
Signed-off-by: Javier Viguera <javier.viguera@digi.com>
Use placeholders and machine-configurable variables to determine systemd
behavior when receiving power key events.
By default, these are:
- short press: suspend
- long press: graceful poweroff
Signed-off-by: Hector Palacios <hector.palacios@digi.com>
The neo-ipa-uguzzi package provides uGuzzi IPA (image processing
algorithms) for NXP's Neo ISP on the ccimx95. The recipe is backported
from NXP’s lf-6.12.49_2.2.0 release, and enabled at runtime as part of
the gstreamer packagegroup.
https://onedigi.atlassian.net/browse/DEL-10003
Signed-off-by: Javier Viguera <javier.viguera@digi.com>
Add new `glinswup-PLSx3_1.0.5.bb` binary recipe to package the
Cinterion PLSx3 firmware update tool.
Include `pls3_fw_update.sh` helper script to:
- validate input firmware file and modem port
- stop modem-related services before update
- run `glinswup_PLSx3` firmware update
- restore services on exit
https://onedigi.atlassian.net/browse/DEL-9989
Signed-off-by: Francisco Gil <francisco.gilmartinez@digi.com>
This commit updates the secure boot support for STM platforms based on the
STM32 MPU Ecosystem v6.1.1. It introduces support for encrypted boot artifacts,
including TF-A and FIP for the ConnectCore MP13 platform.
https://onedigi.atlassian.net/browse/DEL-8535
Signed-off-by: Arturo Buzarra <arturo.buzarra@digi.com>
Warn when the deprecated TRUSTFENCE_DEK_PATH variable is detected, and fail the
build if it is used to disable artifact encryption. This prevents accidental
wrong compilations and guides users to replacement variables.
https://onedigi.atlassian.net/browse/DEL-9929
Signed-off-by: Arturo Buzarra <arturo.buzarra@digi.com>
Add libcamera from NXP’s lf-6.12.49_2.2.0 release, and enable libcamera
gstreamer support for ccimx95.
Signed-off-by: Javier Viguera <javier.viguera@digi.com>
ETHOS_U_PKGS appended packages are already set in the bitbake recipe,
so there is no need to add them also in this bbappend.
Signed-off-by: Javier Viguera <javier.viguera@digi.com>
This commit add secure storage service and helper
script to setup the secure storage at boot up.
Signed-off-by: Mike Engel <Mike.Engel@digi.com>
https://onedigi.atlassian.net/browse/DEL-9891
Add IEEE 802.11ax (HE) support to enable High Efficiency capabilities when
operating in the 6 GHz band.
https://onedigi.atlassian.net/browse/DEL-9952
Signed-off-by: Arturo Buzarra <arturo.buzarra@digi.com>
Optimize the script to remove unneeded code.
As the BT_REG_ON is managed by the driver, the REG_POWER_ON is not
needed at all.
Loading the hci_uart pulls btbcm, so no need to load it explicitly.
https://onedigi.atlassian.net/browse/DEL-9949
Signed-off-by: Isaac Hermida <isaac.hermida@digi.com>
Consolidate the init script for platforms based on the same driver with
the same logic.
The btbmc and hciuart drivers are used in the ccmp1 and cc95.
The btnxpuart driver is used in the cc91 and cc93.
The btdigi driver is used in the cc8 platforms with the qca65x4 driver.
https://onedigi.atlassian.net/browse/DEL-9949
Signed-off-by: Isaac Hermida <isaac.hermida@digi.com>
The ConnectCore 95 SOM v2 uses the Murata 2EC wireless combo chip, so this
confirmation includes the firmware recipe for Bluetooth initialization.
https://onedigi.atlassian.net/browse/DEL-9949
Signed-off-by: Isaac Hermida <isaac.hermida@digi.com>
ccimx6 was the only platform using wpa_supplicant instead of hostapd for
SoftAP configuration, requiring additional platform-specific logic.
Since SoftAP works correctly with hostapd, drop the wpa_supplicant path
and unify the AP implementation across platforms.
https://onedigi.atlassian.net/browse/DEL-9923
Signed-off-by: Francisco Gil <francisco.gilmartinez@digi.com>
Enable signed firmware to prevent unauthenticated code on the Cortex-M4
co-processor by verifying images against custom public key from OP-TEE.
https://onedigi.atlassian.net/browse/DEL-9920
Signed-off-by: Arturo Buzarra <arturo.buzarra@digi.com>
This commit adds a retry to the swu_package_path function of
the recovery-initramfs-init script. It has been seen that
with some USB memory stick a retry is necessary to mount
the external storage device containing the SWU package.
If the SWU package file is found before the max retries
is reached the loop will be exited and the SWU installation
will start. If max retry is reached and the SWU package
wasn't found it finishes with an error.
Signed-off-by: Mike Engel <Mike.Engel@digi.com>
https://onedigi.atlassian.net/browse/DEL-9908
Introduce a dynamic layer to integrate X-LINUX-ISP v6.1.0 ST layer into DEY,
providing ISP image quality software, tools, and example applications for
STM32MP25x series.
https://onedigi.atlassian.net/browse/DEL-9890
Signed-off-by: Arturo Buzarra <arturo.buzarra@digi.com>
In previous versions of swupdate, only one SIGALG_* option could be chosen at
build-time, with SIGALG_RAWRSA being the default option. However, in 2025.12,
multiple SIGALG_* options can now be configured at build-time, allowing users
to choose the signature verification algorithm used at runtime via the
"digest-provider" parameter. We weren't explicitly setting any of these
algorithms in our defconfig, so the resulting builds didn't have any digest
providers, causing swupdate to fail early on when signed images are enabled.
To restore the behavior of previous swupdate versions, explicitly enable
SIGALG_RAWRSA when signed images are enabled. Since we only enable one digest
provider, it will be chosen automatically, without having to explicitly set the
"digest-provider" parameter at runtime.
Signed-off-by: Gabriel Valcazar <gabriel.valcazar@digi.com>
Commit 619ca8b2a8 changed the ccimx6ul's default endpoint URL and client cert
path in order to prevent performance issues if the client cert is erased before
registering the device.
In reality, the client cert path doesn't really matter after this change since
the remotemanager.digi.com endpoint won't make use of it, and we now ensure
that /mnt/data is writable; so we might as well keep using that path.
Signed-off-by: Gabriel Valcazar <gabriel.valcazar@digi.com>
In these platforms, /dev/fb0 corresponds to the LVDS display, so change the
demo's output framebuffer to /dev/fb3 to use the HDMI display instead.
https://onedigi.atlassian.net/browse/DEL-9878
Signed-off-by: Gabriel Valcazar <gabriel.valcazar@digi.com>
lv-conf.inc is a general configuration file, meant for any LVGL application,
while lvgl-demo_9.3.0.bb is the recipe for our example demo. Make sure any
modification made to the demo or its initscript is made in its corresponding
recipe.
This is cosmetic, no functional change.
Signed-off-by: Gabriel Valcazar <gabriel.valcazar@digi.com>
In platforms that support wayland/xwayland, dey-image-lvgl images have most
weston/wayland packages removed from the filesystem, save for the main wayland
package (because DISTRO_FEATURES still contains "wayland"). Because of this,
the wait_for_wayland() function is called in lvgl-demo-init, but the wayland
display never gets created, causing the function to time out after 20 seconds.
Get rid of this check to have the lvgl-demo launch as soon as possible.
While at it, get rid of other wayland-related logic, since we only use LVGL's
drm or fbdev backends at the moment.
Signed-off-by: Gabriel Valcazar <gabriel.valcazar@digi.com>
If a target's DRM certificate is lost/erased before registering said target,
the CCCS server will reject all connection attempts from the target. This
can happen during development, as our installer scripts format the data
partition where the certificate is stored by default (see commit c17af3fd47).
Since the ccimx6ul uses sysvinit, we respawn the cccsd daemon via inittab if
process ends unexpectedly (see commit b154154a7e). When the server always
rejects connections due to a missing certificate, the cccsd daemon is
constantly respawning and terminating prematurely. Said daemon is very
CPU-intensive during initialization, so this causes the overall system's
performance to be hindered.
For now, to avoid this situation, use the CCCS endpoint that doesn't require
a certificate in order to ensure stable connections even if the data partition
gets formatted.
https://onedigi.atlassian.net/browse/DEL-9892https://onedigi.atlassian.net/browse/DEL-9894
This reverts commit 4f8ed2d434.
Signed-off-by: Gabriel Valcazar <gabriel.valcazar@digi.com>
Francisco Gil
Arturo Buzarra
Gabriel Valcazar
Javier Viguera
Hector Palacios
Mike Engel
Isaac Hermida
Gonzalo Ruiz