This commit fixes the pulseaudio recipe to launch the pulseaudio-server
service at boot time for sysvinit systems.
Signed-off-by: Arturo Buzarra <arturo.buzarra@digi.com>
This commit exports the environment variable XDG_RUNTIME_DIR if does not exists
for services that require sharing a pulseaudio instance.
Signed-off-by: Arturo Buzarra <arturo.buzarra@digi.com>
The new DVKs of the cc8mn, cc8mm and ccmp1 have a new ftdi
usb to serial chip that is recognized as a thermal device by default.
With the install_usb_driver.sh script this driver is replaced
to a USB to serial driver.
This script is included for the needed platforms in the zip
installer provided in the getting started.
https://onedigi.atlassian.net/browse/DEL-8126
Signed-off-by: Francisco Gil <francisco.gilmartinez@digi.com>
Now the cloud connector has all the logic to detect if its
running in a dual_boot system, so it is not needed this anymore.
We need to modify on the fly the path to save the image in a
dualboot system.
Signed-off-by: Francisco Gil <francisco.gilmartinez@digi.com>
Use the same name for both firmware update mechanism.
Add a dependency to only add recovery-utils used by the
non dual-boot firmware update system.
Adding this only one binary/script called update-firmware will
be added.
Signed-off-by: Francisco Gil <francisco.gilmartinez@digi.com>
- create dualboot.bbclass that
- sets DUALBOOT_ENABLED variable
- defines partition names and function for changing the sw-description
for swupdate
- move files from layer into meta-digi
https://onedigi.atlassian.net/browse/DEL-7962
Signed-off-by: Hector Palacios <hector.palacios@digi.com>
Signed-off-by: Francisco Gil <francisco.gilmartinez@digi.com>
Crank demo was not working on CCMP15 devices due to several changes on weston
service and the user launching it. This commit makes several fixes to make
the demo to work again:
- Add 'DEMO_USER' parameter to determine which user will launch the demo. Update
recipe and start script accordingly.
- Add 'DEMO_DISPLAY' parameter to determine the display that will be used to
launch the demo. Update recipe and start script accordingly.
- Parameterize the name of the Weston service after which the demo must be started.
Update recipe and service file accordingly.
- Give Crank engine read and execution permissions so the engine can be started
by any user.
- Add new method to the demo start script to wait until Wayland is fully setup
before actually starting the demo.
Signed-off-by: David Escalona <david.escalona@digi.com>
The new ConnectCore demo functionality makes use of some new Python libraries. Add these libraries
as a dependency in the demo recipe.
Signed-off-by: David Escalona <david.escalona@digi.com>
If a package with a postsints script requires ldconfig, the package class adds
a ldconfig postinst fragment to initialize it before. Systemd has its own
ldconfig.service to initialize it and sometimes if both services are running
at the same time in the first boot, the first one will work, but the second
one will fail with the following error:
ldconfig[141]: /sbin/ldconfig: Renaming of /etc/ld.so.cache~ to /etc/ld.so.cache failed: No such file or directory
This commit adds an ordering dependency between them to make sure that only one
service is running at the same time
https://onedigi.atlassian.net/browse/DEL-8133
Signed-off-by: Arturo Buzarra <arturo.buzarra@digi.com>
This commit improves the sysinfo script to skip error on platforms that don't
provide some variables.
Signed-off-by: Arturo Buzarra <arturo.buzarra@digi.com>
If we add the demo to the graphical images (dey-image-qt) the resulting
image does not fit on the rootfs partition for the smallest variant.
https://onedigi.atlassian.net/browse/DEL-8004
Signed-off-by: Javier Viguera <javier.viguera@digi.com>
The demo now has a "Play music" feature, which requires pulseaudio to be running in the device.
This commit checks if pulseaudio is running before starting the demo, and starts the service in
the case it is not.
Signed-off-by: David Escalona <david.escalona@digi.com>
These packages were added only for graphical images, however it could be used
also in non-graphical environments. This commit removes this restriction.
Signed-off-by: Arturo Buzarra <arturo.buzarra@digi.com>
The latest ConnectCore demo updates introduced support for audio controls that
use the mpg123 library to manage audio on the device. This commit adds a
runtime dependency for that package.
Signed-off-by: Arturo Buzarra <arturo.buzarra@digi.com>
Also clean some dead code: libjpeg-turbo is the only jpeg implementation
in poky since long ago. Also "remove-libtool" is enabled by default in
bitbake so there is no need to do it in our distro configuration.
Signed-off-by: Javier Viguera <javier.viguera@digi.com>
The start/stop script of the service was using "killproc" and "pidofproc" functions from
"/etc/init.d/functions" to find the process PID. These functions rely on "pidof", which does
not work very well with Python scripts. Instead, use "pkill" and "pgrep" which allow to
search the executable in the full command line to retrieve the correct PID with the -f modifier.
Signed-off-by: David Escalona <david.escalona@digi.com>
The library recently added support for Python bindings. This commit
adds support to compile and install these Python bindings using a
new package: 'libdigiapix-python3'.
Signed-off-by: David Escalona <david.escalona@digi.com>
This patch has been integrated in meta-freescale's bbappend for
pulseaudio, so having it also in our bbappend results in Yocto trying to
apply it twice, which obviously fails and breaks the build.
Signed-off-by: Javier Viguera <javier.viguera@digi.com>
The crank storyboard engine is provided in binary format. The RPM
package manager that creates the rootfs needs and explicit runtime
provider for 'libEGL.so', which in the ccmp15 is provided by the
'libegl-gcnano' runtime package.
Fix build failure:
--> Finished dependency resolution
Error:
Problem: package packagegroup-dey-crank-1.0-r0.0.ccmp15_dvk requires crank-sbengine, but none of the providers can be installed
- conflicting requests
- nothing provides libEGL.so needed by crank-sbengine-7.1-r0.3.ccmp15_dvk
Signed-off-by: Javier Viguera <javier.viguera@digi.com>
meta-freescale updated to version '10.0.0.imx', so our bbappend fails
with:
ERROR: No recipes in default available for:
... meta-digi-dey/dynamic-layers/freescale-layer/recipes-graphics/wayland/weston_9.0.0.imx.bbappend
Signed-off-by: Javier Viguera <javier.viguera@digi.com>
This recipe downloads a tarball with the pre-built Crank engines for DEY
devices (http://log-sln-jenkins.digi.com/yocto/downloads/crank-sbengine-7.1.tar.gz):
* ConnectCore 8M Mini
* ConnectCore 8M Nano
* ConnectCore 8X
* ConnectCore 6UL
* ConnectCore 6
* ConnectCore MP1x
It installs the corresponding engine inside '/usr/share/crank/sbengine' and the
launcher script '/usr/bin/sb-launcher'.
https://onedigi.atlassian.net/browse/DEL-7969
Signed-off-by: Tatiana Leon <Tatiana.Leon@digi.com>
Required for some Crank engine libraries. They are linked against
'libts-1.0.so.0' instead of 'libts.so.0'.
https://onedigi.atlassian.net/browse/DEL-7969
Signed-off-by: Tatiana Leon <Tatiana.Leon@digi.com>
Required for some Crank engine libraries. They are linked against libwayland-egl
library without version, 'libwayland-egl.so'.
https://onedigi.atlassian.net/browse/DEL-7969
Signed-off-by: Tatiana Leon <Tatiana.Leon@digi.com>
Building the wpewebkit recipe with more than 16 threads throws an unexpected
error "ninja: build stopped: subcommand failed.", so this commit limits it
to a safe value.
Signed-off-by: Arturo Buzarra <arturo.buzarra@digi.com>
This commit adds a cairo bbappend from meta-st-openstlinux layer to add support
to EGL and libgles2 graphical libaries.
Signed-off-by: Arturo Buzarra <arturo.buzarra@digi.com>
The Webkit version of the ConnectCore demo implements some new functionality:
- The COG browser is automatically started when the device boots loading the demo in the
primary display.
- A new Multimedia section is available to reproduce some demo videos and WebGL examples
in the device's browser.
Signed-off-by: David Escalona <david.escalona@digi.com>
The ConnectCore Demo is launched on startup and starts the web server. Demo can be accessed
by any computer in the LAN by just typing the IP address of the device in the web browser.
Signed-off-by: David Escalona <david.escalona@digi.com>
The ConnectCore Demo web page will be the new default landing page for all products,
so remove the default landing page that was created for the ccimx6ulsbc platform.
Signed-off-by: David Escalona <david.escalona@digi.com>
The ConnectCore Demo will be installed by default in all the platforms, so this recipe
is no longer required.
Signed-off-by: David Escalona <david.escalona@digi.com>
The video examples and WebGL samples will be part of the new ConnectCore Demo, so move these
recipes to a more appropriate folder. While on it, remove dependencies with 'digi-webkit-examples'
recipe as it will be obsoleted.
Signed-off-by: David Escalona <david.escalona@digi.com>
Signed-off-by: Isaac Hermida <isaac.hermida@digi.com>
Signed-off-by: David Escalona <david.escalona@digi.com>
(cherry picked from commit ccc9211d00dad7be6cb2c2d0cf179a62563e26c6)
NetworkManager package moved from autotools to meson build system, so
some of the configs we added in the bbappend do not apply anymore.
Remove dead code and clean up the bbappend.
Signed-off-by: Javier Viguera <javier.viguera@digi.com>
It's just a waste of space as we already have the kernel image in the
'linux' partition and that gets mounted under /mnt/linux.
Signed-off-by: Javier Viguera <javier.viguera@digi.com>
We need to relax what ciphers are allowed with openssl-3.0 so that we do
not break Digi/RM. See DAL commit ec586a621c24f840ac7cc4f91241c55581698ba3
https://onedigi.atlassian.net/browse/DEL-7999
Signed-off-by: Isaac Hermida <isaac.hermida@digi.com>
This is the only python2-based recipe in our layer, so remove it to be
able to remove the 'meta-python2' layer from DEY as well.
Apparently it was introduced for some Optee dependence and it was used
in previous versions of 'meta-imx', but 'meta-imx' removed it as well
for Kirkstone, so we do the same here.
Signed-off-by: Javier Viguera <javier.viguera@digi.com>
Since Yocto 3.4 the package "clutter-1.0" was considered a legacy component,
and moved to meta-gnome.
https://onedigi.atlassian.net/browse/DEL-7981
Signed-off-by: Arturo Buzarra <arturo.buzarra@digi.com>
When building an SDK (with populate_sdk), all '-dev' packages are
installed. And empty 'openssh-dev' package would pull in 'openssh-sshd'
package even if our image is only depending on 'openssh-sftp'.
This causes a conflict with 'dropbear' server, which is only using
openssh-sftp.
Fix:
Problem: package dropbear-dev-2020.81-r0.4.cortexa7t2hf_neon requires dropbear = 2020.81-r0.4, but none of the providers can be installed
- package dropbear-2020.81-r0.4.cortexa7t2hf_neon conflicts with openssh provided by openssh-8.9p1-r0.7.cortexa7t2hf_neon
- package openssh-8.9p1-r0.7.cortexa7t2hf_neon conflicts with dropbear provided by dropbear-2020.81-r0.4.cortexa7t2hf_neon
- package openssh-dev-8.9p1-r0.7.cortexa7t2hf_neon requires openssh = 8.9p1-r0.7, but none of the providers can be installed
- conflicting requests
Signed-off-by: Javier Viguera <javier.viguera@digi.com>
This commit integrates by default support to WPA3-Enterprise modes
128-bits (WPA-EAP-SUITE-B) and 192-bits (WPA-EAP-SUITE-B-192)
Signed-off-by: Arturo Buzarra <arturo.buzarra@digi.com>
Those variables are used to hold integer data parsed from bluetooth
config file. The parsing function "get_value_from_config" returns an INT,
so the variables cannot be unsigned.
Signed-off-by: Javier Viguera <javier.viguera@digi.com>
Remove deprecated versions of recipes updated in other general layers
(poky, meta-openembedded). Also remove duplicated IMX specific recipes that
are available in other BSP layers (meta-freescale, meta-fsl-demos, etc).
Signed-off-by: Javier Viguera <javier.viguera@digi.com>
Mainly, refresh patches so they apply on top of wpa-supplicant 2.10
Murata patches from release: cypress-fmac-v5.10.9-2022_0331
NOTE: the wpa-supplicant patches in the cypress release apply on top of
1759a8e3f36a commit of the hostapd.git repository. That repository
includes both the wpa-supplicant and the hostapd packages code. In Yocto
the wpa-supplicant recipe uses the release tarball, so there is no
'hostapd' folder included. Thus, the cypress patches that changed code
in 'hostapd' and 'wpa_supplicant' folders, have been splitted in two
(the hostapd changes and the rest). In the recipe the patches that
changed 'hostapd' code have been marked as 'apply=no' because they won't
apply to the tarball, but they have not been deleted for traceability.
Signed-off-by: Javier Viguera <javier.viguera@digi.com>
* Refresh the 5.56 patches on top of new version 5.64
* Separate the patches for 5.41 and 5.64. The code base has changed a
lot between those two releases, so having common patch files under
'bluez5' directory makes maintenance more cumbersome.
Signed-off-by: Javier Viguera <javier.viguera@digi.com>
One patch adds support for building the library statically and the other is a
fix for performing firmware update on the fly. These patches have been moved
from the meta-digi-dualboot layer
https://onedigi.atlassian.net/browse/DEL-7903
Signed-off-by: Arturo Buzarra <arturo.buzarra@digi.com>
(cherry picked from commit 94018f7402586b916c5c7836eb355a19a78a9c51)
Recent improvements in the cloudconnector core added a dependency with the
swupdate library, so this commit adds a build dependency with the
swupdate package.
https://onedigi.atlassian.net/browse/DEL-7903
Signed-off-by: Arturo Buzarra <arturo.buzarra@digi.com>
(cherry picked from commit 654ef8686fd3916ae5ad257f72bd41ed2198d958)
Commit 8c396281 ("layer: add dynamic-layers for NXP platform") introduced a
typo in the dynamic layer name.
Signed-off-by: Arturo Buzarra <arturo.buzarra@digi.com>
This commit fixes the following build warning with the swupdate v2021.11:
WARNING: dey-image-qt-swu-1.0-r0 do_swuimage: Syntax for sha256 changed,
please use $swupdate_get_sha256(dey-image-qt-xxxxxx.boot.ubifs)
WARNING: dey-image-qt-swu-1.0-r0 do_swuimage: Syntax for sha256 changed,
please use $swupdate_get_sha256(dey-image-qt-xxxxxx.ubifs)
Signed-off-by: Arturo Buzarra <arturo.buzarra@digi.com>
Recent improvements in the cloudconnector core added a dependency with the
libdigiapix library, so this commit adds a build dependency with the
libdigiapix package.
Signed-off-by: Arturo Buzarra <arturo.buzarra@digi.com>
This patch series is based on the support software package
"Infineon-cypress-fmac-v5.4.18-2021_0527" which is the latest based on
Hostap v2.9.
Signed-off-by: Arturo Buzarra <arturo.buzarra@digi.com>
This commit moves all the work related with the initialization process to a new
recipe to allow disgregate the init scripts from the bluez5 recipe.
Signed-off-by: Arturo Buzarra <arturo.buzarra@digi.com>
Port the recipe from the dunfell poky branch. This version contains the latest
vulnerability fixes, including CVE-2022-0778.
https://onedigi.atlassian.net/browse/DEL-7868
Signed-off-by: Gabriel Valcazar <gabriel.valcazar@digi.com>
(cherry picked from commit be046db4faae911b2a858d748551c6c91fc54043)
Signed image support in U-Boot has been split into two separate configurations:
one that adds artifact authentication support and another that signs the U-Boot
binary at the end of the build. Reflect this change in meta-digi.
https://onedigi.atlassian.net/browse/DEL-7862
Signed-off-by: Gabriel Valcazar <gabriel.valcazar@digi.com>
In meta-openembedded commit 35d249bb9a575a5a48491052896e121266d515f0,
libconfig, one of swupdate's dependencies, was split into two packages: one for
the C library and another for the C++ one. swupdate depends only on the C
library, but the C++ library was implicitly pulling in other dependencies, such
as libgcc.
After the commit mentioned above, libgcc stopped being pulled into our recovery
image, causing the following error to appear when swupdate terminates:
libgcc_s.so.1 must be installed for pthread_cancel to work
Aborting
Even if the action carried out by swupdate is successful, our recovery script
detects this as an error and aborts the update operation. Avoid this by
explicitly adding libgcc as a runtime dependency for swupdate.
Signed-off-by: Gabriel Valcazar <gabriel.valcazar@digi.com>
This commit adds power safe and reboot safe script for the MCA
and substitute default reboot and poweroff busybox commands.
Signed-off-by: Mike Engel <Mike.Engel@digi.com>
https://onedigi.atlassian.net/browse/DEL-7828
We originally included this recipe to fix some vulnerabilities in the dnsmasq
version used in zeus (v2.80), but the recipe has been updated since then. The
current version used by default in hardknott is v2.85.
Signed-off-by: Gabriel Valcazar <gabriel.valcazar@digi.com>
Now that the "--platform" parameter is optional, we don't need to hardcode the
platform anymore, so remove the first patch.
In this version, the FDO platform has been renamed to WL, and since the default
PACKAGECONFIG is meant to work with older cog versions, we need to manually
append the "wl" PACKAGECONFIG to build the wayland platform.
Signed-off-by: Gabriel Valcazar <gabriel.valcazar@digi.com>
This is a partial revert of commit 3819ee6672.
NXP simplified the profile script when updating to hardknott-5.10.72-2.2.0, but
since the /run/user/0 directory isn't automatically created in sysvinit
environments, the weston desktop fails to start in these cases. The previous
version of the script automatically creates said directory if it's missing, so
use that version instead.
Signed-off-by: Gabriel Valcazar <gabriel.valcazar@digi.com>
We already have a copy of NXP's weston.ini, so there's no need to manuallly
append to it in our do_install_append(). Simply add our changes for our custom
desktop background directly in the source file.
Signed-off-by: Gabriel Valcazar <gabriel.valcazar@digi.com>
In older Yocto versions, weston was launched via a udev rule, but now it gets
launched as part of the "graphical" system target. Since this target isn't
reached automatically on boot, the weston desktop will only appear if you
manually launch said target (or the weston service itself).
To make the desktop launch automatically, change the target to "multi-user",
which is the default target laucnhed on boot.
Signed-off-by: Gabriel Valcazar <gabriel.valcazar@digi.com>
This makes it possible to distinguish between two different packages:
* NXP's tensorflow-lite, which contains modifications for i.MX platforms
* Our tensorflow-lite, which is meant to be used with Google Coral
Since tensorflow-lite-coral provides a subset of the files provided by
tensorflow-lite (specifically, the python libraries), make the packages
conflict during runtime.
Signed-off-by: Gabriel Valcazar <gabriel.valcazar@digi.com>
Update a patch so it applies cleanly and remove another one, since it has
already been applied upstream
Signed-off-by: Gabriel Valcazar <gabriel.valcazar@digi.com>
This package was originally being added via RDEPENDS, and its removal was
missing when porting the newer file from NXP's meta-imx. Re-incorporate the
removal to avoid including the package in our images, but do so by adding it
to our images' BAD_RECOMMENDATIONS.
Signed-off-by: Gabriel Valcazar <gabriel.valcazar@digi.com>
Even though our busybox recipe (v1.34.1) is backported from poky's honister
branch, it has many elements in common with the recipe provided from poky's
hardknott branch (v1.33.1). To simplify our backport, re-use poky's busybox
files when possible, replacing them only when strictly necessary.
While at it, remove the busybox-inittab recipe, since there are barely any
differences between the honister and hardknott versions.
Signed-off-by: Gabriel Valcazar <gabriel.valcazar@digi.com>
This PACKAGECONFIG existed in gatesgarth, but it's included by default in
hardknott and it pulls in libgbm as a dependency. This package isn't available
for i.MX6 platforms, causing the build to fail immediately. Remove this from
the ccimx6 PACKAGECONFIG and leave it how it was on gatesgarth.
Signed-off-by: Gabriel Valcazar <gabriel.valcazar@digi.com>
For packages such as weston or opencv, bitbake will sometimes choose the poky
recipes, causing build errors. Explicitly set the NXP version of these packages
as the preferred version by mimicking the layer.conf configuration in the
meta-bsp layer of meta-imx.
Signed-off-by: Gabriel Valcazar <gabriel.valcazar@digi.com>
We now use the meta-freescale recipe as a base for our .bbappend, so remove
the filter.
This reverts commit 9e68d61f7c465800d62913c044e43c541f2eacd7.
Signed-off-by: Gabriel Valcazar <gabriel.valcazar@digi.com>
Aside from the file paths changing, there are a few cosmetic differences
between v1.22.14 and v1.30.4 that prevented the patches from applying, so
re-work them.
Signed-off-by: Gabriel Valcazar <gabriel.valcazar@digi.com>
The common license file GPL-2.0 is now called GPL-2.0-only in poky, so we need
to reflect this name change to avoid errors
Signed-off-by: Gabriel Valcazar <gabriel.valcazar@digi.com>
This is a generic package that is currently being used by NXP to load firmware
on the target, so include it in our images as well. Since it only works with
systemd, leave it out of builds that use sysvinit.
Signed-off-by: Gabriel Valcazar <gabriel.valcazar@digi.com>
poky now provides glibc v2.33 by default, and there aren't any alternative
versions available, so there's no need for this.
This reverts commit e7921dfd93.
Signed-off-by: Gabriel Valcazar <gabriel.valcazar@digi.com>
Remove the v3.0.8 version of the recipe to use the v3.0.9 recipe in poky. Also,
adapt our .bbappend since some of its changes are outdated.
Signed-off-by: Gabriel Valcazar <gabriel.valcazar@digi.com>
Most of the changes are cosmetic (copyright years and whitespace). Update
gstreamer1.0-plugins-good-qt to v1.18.5, remove outdated patch for said package
and sync qtwayland recipe.
Signed-off-by: Gabriel Valcazar <gabriel.valcazar@digi.com>
We initially backported v4.5.2.imx into gatesgarth, but since that version is
already available in meta-freescale, remove the base recipe and keep only the
.bbappend.
Signed-off-by: Gabriel Valcazar <gabriel.valcazar@digi.com>
Add custom NXP daemon.conf, new NXP patch and adapt ccimx6ulsbc patch to apply
cleanly over v14.2
Signed-off-by: Gabriel Valcazar <gabriel.valcazar@digi.com>
Sync the .bbappend while keeping our ccimx6 patch and remove the 9.0.0.imx
recipe, since it's already available in meta-freescale.
Signed-off-by: Gabriel Valcazar <gabriel.valcazar@digi.com>
Remove recipes that are available in the community layers, include a new
.bbappend for python3-matplotlib and update the .bbappend for python3-wheel
Signed-off-by: Gabriel Valcazar <gabriel.valcazar@digi.com>
This patch was initially needed for a specific version combination of
NetworkManager (>= v1.22) and glib-2.0 (v2.63.3 - v2.64.X), but since the
hardknott branch of poky now provides glib-2.0 v2.66.7, the patch isn't
needed anymore.
Signed-off-by: Gabriel Valcazar <gabriel.valcazar@digi.com>
We initially added newer versions of the recipes related to WPE Webkit in order
to incorporate performance improvements, but the hardknott branch of
meta-webkit includes even newer versions, so we can remove our recipes.
Reflect this change in our distro config file.
Signed-off-by: Gabriel Valcazar <gabriel.valcazar@digi.com>
The weston recipe we ported from NXP's meta-imx layer has the same name,
causing warnings to appear when applying our patches. To avoid confusion,
ignore the meta-freescale version of the recipe so that ours is the only
option.
Signed-off-by: Gabriel Valcazar <gabriel.valcazar@digi.com>
(cherry picked from commit 9e68d61f7c465800d62913c044e43c541f2eacd7)
Otherwise, the .bbappend applies to all existing weston recipes, and since our
patch is only available in our layer, bitbake will print warnings about the
patch not being found for those other recipes. This is harmless, since DEY
always uses NXP's version of weston, but it can be confusing, so avoid the
warnings altogether.
Signed-off-by: Gabriel Valcazar <gabriel.valcazar@digi.com>
(cherry picked from commit d4464a8211bff6b315a8ed5d094b8c25099f4130)
Digi Embedded Yocto 3.2-r2.2
Manually changed recipes to use the master branches instead of the fixed SHA1
from the last release.
Signed-off-by: Gabriel Valcazar <gabriel.valcazar@digi.com>
SQUASHFS read-only rootfs cannot be unencrypted on-the-fly
so skip encryption if read-only-rootfs is active.
Signed-off-by: Hector Palacios <hector.palacios@digi.com>
When TrustFence and a read-only rootfs are enabled, U-Boot must
authenticate the SQUASHFS root file system. Add config switch to force
U-Boot to authenticate this image.
Signed-off-by: Hector Palacios <hector.palacios@digi.com>
This mode is necessary in the recovery initramfs to be able to properly detect
any external storage device that might contain an update package. The
configuration option associated with this mode became explicit after upgrading
busybox to v1.34.1, so enable it in our defconfig.
Signed-off-by: Gabriel Valcazar <gabriel.valcazar@digi.com>
The nand devices doesn't need to call the mount_cryptrootfs
script.
Reported-by: Francisco Gil <francisco.gilmartinez@digi.com>
Signed-off-by: Arturo Buzarra <arturo.buzarra@digi.com>
Some recipes were forcibly removing conflicting packages.
This does not allow to add those packages back for users that
want to use meta-digi layer, but a different distro than 'dey'.
With the 'dey' distro override, such removals are only done
if using this distro.
Reported-by: Michael Burr <michael.burr@digi.com>
Signed-off-by: Hector Palacios <hector.palacios@digi.com>
https://onedigi.atlassian.net/browse/DEL-7712
In the cc6ul we are not powering-off the supply of the XBee.
This is making that after a suspend/resume action the XBee
hangs due to ModemManager hasn't been stopped before the suspend.
Stopping ModemManager before going to suspend solves the issue.
https://onedigi.atlassian.net/browse/DEL-7701
Signed-off-by: Francisco Gil <francisco.gilmartinez@digi.com>
Since commit 11558352 ("swu-images: add "installed-directly" flag to
sw-description") the swu package images are streamed into the target without
any temporary copy to support devices with low memory available, that forces a
different order according with the swupdate documentation because scripts
should packed before the rest. This means that all the pre, post and shell
scripts will be executed after the images will be installed. This behavior
breaks the current support to mount the cryptorootfs node before install an
encrypted rootfs.
This commit moves the shell script to mount the cryptorootfs node to the
recovery initramfs and modifies the swupdate command line to call the shell
script before the images installation.
https://onedigi.atlassian.net/browse/CC8X-320
Signed-off-by: Arturo Buzarra <arturo.buzarra@digi.com>
Since we added support for compressing rootfs images, we need to manage SWU
packages with a regular rootfs image and with compressed images. That support
was missing in the identification process when the SWU packet was verified.
This commit fixes the identification of compressed rootfs images.
https://onedigi.atlassian.net/browse/CC8X-320
Signed-off-by: Arturo Buzarra <arturo.buzarra@digi.com>
This recipe had a post install script to do the following:
- create runlevel symlinks.
- comment the 'auto' lines of /etc/network/interfaces if running on
a non-Wi-Fi variant.
- add Atheros or QCA bridge examples depending on the detected chip.
- add wlan1 interface only if QCA chip is detected.
This post install cannot run on a read-only-rootfs so the recipe has been
reworked to do the same things at build time:
- the runlevel symlinks have been removed because they are taken care
of by a poky class.
- add a pre-up condition (the existance of a wireless entry on the device
tree) so that the interface is not brought up if the condition is not met.
- for the cc6/cc6n, since the Wi-Fi chip can be Atheros or QCA, add
specific wlan1 and br0 fragments with a pre-up condition basing on the
detected ID of the Wi-Fi chip
Signed-off-by: Hector Palacios <hector.palacios@digi.com>
https://onedigi.atlassian.net/browse/DEL-7708
The access point configuration files are dynamically modified on a post
install script to generate an SSID name based on the last digits of the
MAC address (physical or virtual) assigned to a wlanX interface.
On read-only file systems, this is not possible, so add some conditional
code to the do_install() to use instead the $DIGI_FAMILY name.
Caveat: if several identical SOMs with read-only-rootfs co-exist on the
same network as APs, they will identify with the same SSID.
Signed-off-by: Hector Palacios <hector.palacios@digi.com>
https://onedigi.atlassian.net/browse/DEL-7708
Some packages require different scripts, configuration files or installations
depending on the wireless chip assembled on the target. In general, the way
to support both chips in one image is to have the recipes install both
versions of the aforementioned files, then leave only the strictly necessary
version once the wireless chip can be deduced.
In the case of the init-ifupdown recipe, this involves installing temporary
configuration fragments that are later erased. In the case of the standby
script, the logic can be implemented in a single file.
https://onedigi.atlassian.net/browse/DEL-7661https://onedigi.atlassian.net/browse/DEL-7666
Signed-off-by: Gabriel Valcazar <gabriel.valcazar@digi.com>
This allows the packages to be included in the ccimx6sbc images. While at it,
include the Qualcomm bluez patches in ccimx6 builds. These patches aren't
destructive, they simply add functionality required by the Qualcomm chip, so
they shouldn't have any secondary effects when using the Atheros chip.
https://onedigi.atlassian.net/browse/DEL-7661https://onedigi.atlassian.net/browse/DEL-7666
Signed-off-by: Gabriel Valcazar <gabriel.valcazar@digi.com>
The latest version of psplash changed the default path to store the
communication FIFO with other processes to "/run" to allow keeping the
information between reboots, however we are using this tool from an initramfs
where "/run" does not exist, producing multiple errors trying to write to a
nonexistent path, delaying the update process.
This commit forces psplash to use an existing path like "/tmp" to handle the
communication FIFO, because we don't need to maintain the update information.
https://onedigi.atlassian.net/browse/CC8X-318
Signed-off-by: Arturo Buzarra <arturo.buzarra@digi.com>
The latest version of psplash changed the default path to store the
communication FIFO with other processes to "/run" to allow keeping the
information between reboots, however we are using this tool from an initramfs
where "/run" does not exist, producing multiple errors trying to write to a
nonexistent path, delaying the update process.
This commit forces psplash to use an existing path like "/tmp" to handle the
communication FIFO, because we don't need to maintain the update information.
https://onedigi.atlassian.net/browse/CC8X-318
Signed-off-by: Arturo Buzarra <arturo.buzarra@digi.com>
These options should only be enabled when using SELinux, so apply them only
when "selinux" is in the DISTRO_FEATURES. The fragment is a copy of the one in
meta-selinux with the addition of DEFAULT_SECURITY_DAC and LSM.
https://onedigi.atlassian.net/browse/DEL-7641
Signed-off-by: Gabriel Valcazar <gabriel.valcazar@digi.com>
The default policy provided by meta-selinux breaks a lot of the features in
DEY, so adapt it to make most features work. Note that this is simply an
example, end users should create their own policies for their own needs.
Make these changes toggleable so that users can use the reference policy
instead.
https://onedigi.atlassian.net/browse/DEL-7641
Signed-off-by: Gabriel Valcazar <gabriel.valcazar@digi.com>
This packagegroup includes all of the userspace packages needed to use SELinux.
For now, use the same variant of the packagegroup, which contains all available
packages.
Since the meta-selinux layer isn't available in all platforms, implement this
change via a dynamic layer.
https://onedigi.atlassian.net/browse/DEL-7641
Signed-off-by: Gabriel Valcazar <gabriel.valcazar@digi.com>
This fixes the following CVEs:
* CVE-2021-3711
* CVE-2021-3712
Port the recipe and patches from the dunfell poky branch, since the hardknott
version contains additional changes aside from the revision update.
https://onedigi.atlassian.net/browse/DEL-7647
Signed-off-by: Gabriel Valcazar <gabriel.valcazar@digi.com>
This fixes the following CVEs:
* CVE-2021-3711
* CVE-2021-3712
Port the recipe and patches from the dunfell poky branch, since the hardknott
version contains additional changes aside from the revision update.
https://onedigi.atlassian.net/browse/DEL-7647
Signed-off-by: Gabriel Valcazar <gabriel.valcazar@digi.com>
Adapt the format_ubi_volume() function to wipe out UBI volumes
instead of formatting MTD partitions.
Signed-off-by: Hector Palacios <hector.palacios@digi.com>
https://onedigi.atlassian.net/browse/DEL-7614
The function uboot_getenv() is a wrapper over libuboot_get_env() and
requires that the returned strings are freed when no longer in use.
Signed-off-by: Hector Palacios <hector.palacios@digi.com>
https://onedigi.atlassian.net/browse/DEL-7645
(cherry picked from commit 27ce7a4f20)
- The function is only used internally in this file, so make it static.
- Convert the function from 'int' to 'bool', since no other values are
evaluated.
- Only return true if the variable 'dualboot' is set to 'yes'. Before,
the function returned true if 'dualboot' was different than 'no'.
Signed-off-by: Hector Palacios <hector.palacios@digi.com>
(cherry picked from commit 9a519570ba)
The use of this function, which is a wrapper over libuboot_get_env(),
requires checking if the returned string is NULL.
Manipulations of such string without checking whether it's NULL may lead
to segfault errors.
This was seen during firmware update on a device that didn't have the
'dualboot' variable set.
Reported-by: Chandrababu Pigilam <chandrababu.pigilam@digi.com>
Signed-off-by: Hector Palacios <hector.palacios@digi.com>
https://onedigi.atlassian.net/browse/DEL-7645
(cherry picked from commit 8a4484bbd6)
The function uboot_getenv() is a wrapper over libuboot_get_env() and
requires that the returned strings are freed when no longer in use.
Signed-off-by: Hector Palacios <hector.palacios@digi.com>
https://onedigi.atlassian.net/browse/DEL-7645
- The function is only used internally in this file, so make it static.
- Convert the function from 'int' to 'bool', since no other values are
evaluated.
- Only return true if the variable 'dualboot' is set to 'yes'. Before,
the function returned true if 'dualboot' was different than 'no'.
Signed-off-by: Hector Palacios <hector.palacios@digi.com>
The use of this function, which is a wrapper over libuboot_get_env(),
requires checking if the returned string is NULL.
Manipulations of such string without checking whether it's NULL may lead
to segfault errors.
This was seen during firmware update on a device that didn't have the
'dualboot' variable set.
Reported-by: Chandrababu Pigilam <chandrababu.pigilam@digi.com>
Signed-off-by: Hector Palacios <hector.palacios@digi.com>
https://onedigi.atlassian.net/browse/DEL-7645
NetworkManager's main library went through a major overhaul in v1.22, changing
the way it interacts with glib among other things. When using a NetworkManager
version equal or newer than v1.22 along with a glib version between 2.63.3 and
2.65, a race condition can happen, randomly causing segmentation faults.
Since Yocto 3.2 uses NetworkManager 1.22.14 and glib 2.64.5, the race condition
is reproducible, but it can be fixed with the patch introduced in this commit.
The patch in question is commit e4a690f5dd959e74b2d6054826f61509892c8aa7 in the
glib git repo.
https://onedigi.atlassian.net/browse/DEL-7523
Signed-off-by: Gabriel Valcazar <gabriel.valcazar@digi.com>
NetworkManager's main library went through a major overhaul in v1.22, changing
the way it interacts with glib among other things. When using a NetworkManager
version equal or newer than v1.22 along with a glib version between 2.63.3 and
2.65, a race condition can happen, randomly causing segmentation faults.
Since Yocto 3.2 uses NetworkManager 1.22.14 and glib 2.64.5, the race condition
is reproducible, but it can be fixed with the patch introduced in this commit.
The patch in question is commit e4a690f5dd959e74b2d6054826f61509892c8aa7 in the
glib git repo.
https://onedigi.atlassian.net/browse/DEL-7523
Signed-off-by: Gabriel Valcazar <gabriel.valcazar@digi.com>
This commit sets the GLIBC version to 2.32. The newest
eIQ packages require a newer glibc, but since said packages
are optional, make sure to use the gatesgarth glibc version
by default.
Signed-off-by: Mike Engel <Mike.Engel@digi.com>
https://onedigi.atlassian.net/browse/DEL-7625
This commit add a verification into the recovery library to avoid
that it is executed when in dualboot mode.
Signed-off-by: Mike Engel <Mike.Engel@digi.com>
https://onedigi.atlassian.net/browse/DEL-7580
(cherry picked from commit 30aa4a7444)
This commit add a verification into the recovery library to avoid
that it is executed when in dualboot mode.
Signed-off-by: Mike Engel <Mike.Engel@digi.com>
https://onedigi.atlassian.net/browse/DEL-7580
Arturo Buzarra
Francisco Gil
Hector Palacios
David Escalona
Javier Viguera
Tatiana Leon
Isaac Hermida
Mike Engel
Gabriel Valcazar
Gonzalo Ruiz