There is a problem when building the SDK because two binaries
have the same name (update-firmware) and makes the compilation
to fail.
Change the name to update-firmware.recovery and create a wrapper
over the update-firmware to check if the system is not dual boot
to call it.
Rework the code to make it more reliable.
Remove the umount of the alternative linux partition, now it is
not needed because only the active linux partition is mounted now.
Signed-off-by: Francisco Gil <francisco.gilmartinez@digi.com>
Now in the file descriptor we have three different names:
platform, primary and secondary.
Also a link from 'platform' to 'single' to keep backward
compatibility.
Signed-off-by: Francisco Gil <francisco.gilmartinez@digi.com>
All the dualboot logic will be checked in run time.
To do this:
* Include the altboot.src by default in all the images
* Create a post installation script to change the
firmware_download_path in the cloud connector
* Unify the swupdate file descriptor for dual and single boot
Signed-off-by: Francisco Gil <francisco.gilmartinez@digi.com>
As a result of the dualboot support we may end up with two
'update-firmware' commands in the rootfs. To prevent file name clashing,
we may need to install the recovery-utils update-firmware as
update-firmware.recovery, and then the current command mode check would
fail.
Relax the check, by just looking at the first character.
Signed-off-by: Javier Viguera <javier.viguera@digi.com>
Generated Crank rootfs image for the ConnectCore MP15 is too big to fit in a
dual boot system. This commit removes gstreamer and package-management features.
Signed-off-by: Tatiana Leon <Tatiana.Leon@digi.com>
- create dualboot.bbclass that
- sets DUALBOOT_ENABLED variable
- defines partition names and function for changing the sw-description
for swupdate
- move files from layer into meta-digi
https://onedigi.atlassian.net/browse/DEL-7962
Signed-off-by: Hector Palacios <hector.palacios@digi.com>
Signed-off-by: Francisco Gil <francisco.gilmartinez@digi.com>
If we add the demo to the graphical images (dey-image-qt) the resulting
image does not fit on the rootfs partition for the smallest variant.
https://onedigi.atlassian.net/browse/DEL-8004
Signed-off-by: Javier Viguera <javier.viguera@digi.com>
The ConnectCore Demo web page will be the new default landing page for all products,
so remove the default landing page that was created for the ccimx6ulsbc platform.
Signed-off-by: David Escalona <david.escalona@digi.com>
Since Yocto 3.4 the package "clutter-1.0" was considered a legacy component,
and moved to meta-gnome.
https://onedigi.atlassian.net/browse/DEL-7981
Signed-off-by: Arturo Buzarra <arturo.buzarra@digi.com>
This commit adds power safe and reboot safe script for the MCA
and substitute default reboot and poweroff busybox commands.
Signed-off-by: Mike Engel <Mike.Engel@digi.com>
https://onedigi.atlassian.net/browse/DEL-7828
Even though our busybox recipe (v1.34.1) is backported from poky's honister
branch, it has many elements in common with the recipe provided from poky's
hardknott branch (v1.33.1). To simplify our backport, re-use poky's busybox
files when possible, replacing them only when strictly necessary.
While at it, remove the busybox-inittab recipe, since there are barely any
differences between the honister and hardknott versions.
Signed-off-by: Gabriel Valcazar <gabriel.valcazar@digi.com>
The common license file GPL-2.0 is now called GPL-2.0-only in poky, so we need
to reflect this name change to avoid errors
Signed-off-by: Gabriel Valcazar <gabriel.valcazar@digi.com>
This is a generic package that is currently being used by NXP to load firmware
on the target, so include it in our images as well. Since it only works with
systemd, leave it out of builds that use sysvinit.
Signed-off-by: Gabriel Valcazar <gabriel.valcazar@digi.com>
This patch was initially needed for a specific version combination of
NetworkManager (>= v1.22) and glib-2.0 (v2.63.3 - v2.64.X), but since the
hardknott branch of poky now provides glib-2.0 v2.66.7, the patch isn't
needed anymore.
Signed-off-by: Gabriel Valcazar <gabriel.valcazar@digi.com>
This mode is necessary in the recovery initramfs to be able to properly detect
any external storage device that might contain an update package. The
configuration option associated with this mode became explicit after upgrading
busybox to v1.34.1, so enable it in our defconfig.
Signed-off-by: Gabriel Valcazar <gabriel.valcazar@digi.com>
The nand devices doesn't need to call the mount_cryptrootfs
script.
Reported-by: Francisco Gil <francisco.gilmartinez@digi.com>
Signed-off-by: Arturo Buzarra <arturo.buzarra@digi.com>
Some recipes were forcibly removing conflicting packages.
This does not allow to add those packages back for users that
want to use meta-digi layer, but a different distro than 'dey'.
With the 'dey' distro override, such removals are only done
if using this distro.
Reported-by: Michael Burr <michael.burr@digi.com>
Signed-off-by: Hector Palacios <hector.palacios@digi.com>
https://onedigi.atlassian.net/browse/DEL-7712
Since commit 11558352 ("swu-images: add "installed-directly" flag to
sw-description") the swu package images are streamed into the target without
any temporary copy to support devices with low memory available, that forces a
different order according with the swupdate documentation because scripts
should packed before the rest. This means that all the pre, post and shell
scripts will be executed after the images will be installed. This behavior
breaks the current support to mount the cryptorootfs node before install an
encrypted rootfs.
This commit moves the shell script to mount the cryptorootfs node to the
recovery initramfs and modifies the swupdate command line to call the shell
script before the images installation.
https://onedigi.atlassian.net/browse/CC8X-320
Signed-off-by: Arturo Buzarra <arturo.buzarra@digi.com>
Since we added support for compressing rootfs images, we need to manage SWU
packages with a regular rootfs image and with compressed images. That support
was missing in the identification process when the SWU packet was verified.
This commit fixes the identification of compressed rootfs images.
https://onedigi.atlassian.net/browse/CC8X-320
Signed-off-by: Arturo Buzarra <arturo.buzarra@digi.com>
This recipe had a post install script to do the following:
- create runlevel symlinks.
- comment the 'auto' lines of /etc/network/interfaces if running on
a non-Wi-Fi variant.
- add Atheros or QCA bridge examples depending on the detected chip.
- add wlan1 interface only if QCA chip is detected.
This post install cannot run on a read-only-rootfs so the recipe has been
reworked to do the same things at build time:
- the runlevel symlinks have been removed because they are taken care
of by a poky class.
- add a pre-up condition (the existance of a wireless entry on the device
tree) so that the interface is not brought up if the condition is not met.
- for the cc6/cc6n, since the Wi-Fi chip can be Atheros or QCA, add
specific wlan1 and br0 fragments with a pre-up condition basing on the
detected ID of the Wi-Fi chip
Signed-off-by: Hector Palacios <hector.palacios@digi.com>
https://onedigi.atlassian.net/browse/DEL-7708
Some packages require different scripts, configuration files or installations
depending on the wireless chip assembled on the target. In general, the way
to support both chips in one image is to have the recipes install both
versions of the aforementioned files, then leave only the strictly necessary
version once the wireless chip can be deduced.
In the case of the init-ifupdown recipe, this involves installing temporary
configuration fragments that are later erased. In the case of the standby
script, the logic can be implemented in a single file.
https://onedigi.atlassian.net/browse/DEL-7661https://onedigi.atlassian.net/browse/DEL-7666
Signed-off-by: Gabriel Valcazar <gabriel.valcazar@digi.com>
The latest version of psplash changed the default path to store the
communication FIFO with other processes to "/run" to allow keeping the
information between reboots, however we are using this tool from an initramfs
where "/run" does not exist, producing multiple errors trying to write to a
nonexistent path, delaying the update process.
This commit forces psplash to use an existing path like "/tmp" to handle the
communication FIFO, because we don't need to maintain the update information.
https://onedigi.atlassian.net/browse/CC8X-318
Signed-off-by: Arturo Buzarra <arturo.buzarra@digi.com>
The latest version of psplash changed the default path to store the
communication FIFO with other processes to "/run" to allow keeping the
information between reboots, however we are using this tool from an initramfs
where "/run" does not exist, producing multiple errors trying to write to a
nonexistent path, delaying the update process.
This commit forces psplash to use an existing path like "/tmp" to handle the
communication FIFO, because we don't need to maintain the update information.
https://onedigi.atlassian.net/browse/CC8X-318
Signed-off-by: Arturo Buzarra <arturo.buzarra@digi.com>
Adapt the format_ubi_volume() function to wipe out UBI volumes
instead of formatting MTD partitions.
Signed-off-by: Hector Palacios <hector.palacios@digi.com>
https://onedigi.atlassian.net/browse/DEL-7614
The function uboot_getenv() is a wrapper over libuboot_get_env() and
requires that the returned strings are freed when no longer in use.
Signed-off-by: Hector Palacios <hector.palacios@digi.com>
https://onedigi.atlassian.net/browse/DEL-7645
(cherry picked from commit 27ce7a4f20)
- The function is only used internally in this file, so make it static.
- Convert the function from 'int' to 'bool', since no other values are
evaluated.
- Only return true if the variable 'dualboot' is set to 'yes'. Before,
the function returned true if 'dualboot' was different than 'no'.
Signed-off-by: Hector Palacios <hector.palacios@digi.com>
(cherry picked from commit 9a519570ba)
The use of this function, which is a wrapper over libuboot_get_env(),
requires checking if the returned string is NULL.
Manipulations of such string without checking whether it's NULL may lead
to segfault errors.
This was seen during firmware update on a device that didn't have the
'dualboot' variable set.
Reported-by: Chandrababu Pigilam <chandrababu.pigilam@digi.com>
Signed-off-by: Hector Palacios <hector.palacios@digi.com>
https://onedigi.atlassian.net/browse/DEL-7645
(cherry picked from commit 8a4484bbd6)
The function uboot_getenv() is a wrapper over libuboot_get_env() and
requires that the returned strings are freed when no longer in use.
Signed-off-by: Hector Palacios <hector.palacios@digi.com>
https://onedigi.atlassian.net/browse/DEL-7645
- The function is only used internally in this file, so make it static.
- Convert the function from 'int' to 'bool', since no other values are
evaluated.
- Only return true if the variable 'dualboot' is set to 'yes'. Before,
the function returned true if 'dualboot' was different than 'no'.
Signed-off-by: Hector Palacios <hector.palacios@digi.com>
The use of this function, which is a wrapper over libuboot_get_env(),
requires checking if the returned string is NULL.
Manipulations of such string without checking whether it's NULL may lead
to segfault errors.
This was seen during firmware update on a device that didn't have the
'dualboot' variable set.
Reported-by: Chandrababu Pigilam <chandrababu.pigilam@digi.com>
Signed-off-by: Hector Palacios <hector.palacios@digi.com>
https://onedigi.atlassian.net/browse/DEL-7645
NetworkManager's main library went through a major overhaul in v1.22, changing
the way it interacts with glib among other things. When using a NetworkManager
version equal or newer than v1.22 along with a glib version between 2.63.3 and
2.65, a race condition can happen, randomly causing segmentation faults.
Since Yocto 3.2 uses NetworkManager 1.22.14 and glib 2.64.5, the race condition
is reproducible, but it can be fixed with the patch introduced in this commit.
The patch in question is commit e4a690f5dd959e74b2d6054826f61509892c8aa7 in the
glib git repo.
https://onedigi.atlassian.net/browse/DEL-7523
Signed-off-by: Gabriel Valcazar <gabriel.valcazar@digi.com>
NetworkManager's main library went through a major overhaul in v1.22, changing
the way it interacts with glib among other things. When using a NetworkManager
version equal or newer than v1.22 along with a glib version between 2.63.3 and
2.65, a race condition can happen, randomly causing segmentation faults.
Since Yocto 3.2 uses NetworkManager 1.22.14 and glib 2.64.5, the race condition
is reproducible, but it can be fixed with the patch introduced in this commit.
The patch in question is commit e4a690f5dd959e74b2d6054826f61509892c8aa7 in the
glib git repo.
https://onedigi.atlassian.net/browse/DEL-7523
Signed-off-by: Gabriel Valcazar <gabriel.valcazar@digi.com>
This commit add a verification into the recovery library to avoid
that it is executed when in dualboot mode.
Signed-off-by: Mike Engel <Mike.Engel@digi.com>
https://onedigi.atlassian.net/browse/DEL-7580
(cherry picked from commit 30aa4a7444)
This commit add a verification into the recovery library to avoid
that it is executed when in dualboot mode.
Signed-off-by: Mike Engel <Mike.Engel@digi.com>
https://onedigi.atlassian.net/browse/DEL-7580
'mdev -s' run on ramfs initialization is able to mount external media already
detected but fails to automatically mount any media detected afterwards.
Running it as a daemon first it will also be able to mount any media detected
after 'mdev -s' is run.
Use argument '-d' to first run mdev as daemon in background.
Move 2 seconds delay to after mdev has been initialized to give external
hardware all the time possible to be successfully detected and mounted.
https://onedigi.atlassian.net/browse/DEL-7285
Signed-off-by: Gonzalo Ruiz <Gonzalo.Ruiz@digi.com>
This commit adds some swupdate parameter to select the sw-description
configuration depending on the used platform.
Signed-off-by: Mike Engel <Mike.Engel@digi.com>
Technically, partition unencryption is safe to do in open devices, although it
implies that at least one partition has already been encrypted. If we aren't
going to encrypt any partitions, there's no need to print the warning.
Signed-off-by: Gabriel Valcazar <gabriel.valcazar@digi.com>
Instead of checking for the existence of /proc/mtd, which might lead to false
positives, check the "root" parameter in /proc/cmdline. Assume eMMC in case of
any error.
https://onedigi.atlassian.net/browse/DEL-7539
Signed-off-by: Gabriel Valcazar <gabriel.valcazar@digi.com>
There are some init packages from the poky layer that remain using only a SysV
init script. Systemd converts these init scripts to systemd service format on
boot and shows an ugly warning for each one. To avoid flooding the console with
this kind of messages, we reduce the verbosity of these messages.
https://onedigi.atlassian.net/browse/DEL-7540
Signed-off-by: Arturo Buzarra <arturo.buzarra@digi.com>
In the libubootenv implementation of fw_setenv, multiple variables can be set
in one call. When setting a variable with a space-separated list, the app
interprets the list as new variable/value tuples, for example:
fw_setenv myvar value1 value2 value3
Results in:
myvar=value1
value2=value3
This was causing the encrypted eMMC partition mechanism to break, because the
list of encrypted partitions is stored as a space-separated list in an
environment variable. Avoid this by enclosing the variable argument of
set_uboot_var() with double quotes.
Signed-off-by: Gabriel Valcazar <gabriel.valcazar@digi.com>
Before using the encrypted partition functionality, users have to manually
install the encryption key in the system. Failing to install said key will
result in errors later on.
Even though the installation isn't a difficult operation from a user's point of
view, the recovery script has the necessary logic to detect cases where a
partition is going to be encrypted with no key installed. Automatically
generate a key in these cases to avoid undesired behavior and to improve the
overall user experience.
Signed-off-by: Gabriel Valcazar <gabriel.valcazar@digi.com>
This version adds new functionality to check if an encryption key is installed
as well as a fix for an issue that happens when encrypting partitions with long
names (over 12 characters).
https://onedigi.atlassian.net/browse/DEL-7535
Signed-off-by: Gabriel Valcazar <gabriel.valcazar@digi.com>
If we trigger a key change while there are partitions that are encrypted,
print a warning and ask for confirmation so users know that the operation will
erase the contents of said partitions.
Like in the partition (un)encryption mechanism, add the possibility to skip
both the warning message and the confirmation prompt.
Signed-off-by: Gabriel Valcazar <gabriel.valcazar@digi.com>
This initramfs only makes sense in platforms with an eMMC as the internal
storage, due to how the partition encryption support is implemented. In
plaatforms that use NAND instead, ths initramfs offers no functionality and
increases the recovery image size, so remove it.
https://onedigi.atlassian.net/browse/DEL-7534
Signed-off-by: Gabriel Valcazar <gabriel.valcazar@digi.com>
If we allow users to manually change the encryption status of the rootfs
partition, we run the risk of wiping it without flashing a proper replacement
image. Because of this, rootfs encryption status should be determined
automatically using information from the update package.
Have the recovery script parse the update package's description to determine
whether to encrypt the rootfs or not.
https://onedigi.atlassian.net/browse/DEL-7174
Signed-off-by: Gabriel Valcazar <gabriel.valcazar@digi.com>
This partition isn't blacklisted, but it should only be (un)encrypted when
providing an update package. Make it so that manual encryption status changes
for this partition aren't possible from the recovery library.
https://onedigi.atlassian.net/browse/DEL-7174
Signed-off-by: Gabriel Valcazar <gabriel.valcazar@digi.com>
Previously, TRUSTFENCE_INITRAMFS_IMAGE was the only variable used to configure
rootfs encryption. Now that any partition can be encrypted and the rootfs
encryption still needs to be handled differently, use two variables instead.
* TRUSTFENCE_ENCRYPT_PARTITIONS to control partition encryption in general
* TRUSTFENCE_ENCRYPT_ROOTFS to control rootfs encryption
As with most trustfence functionality, enable both by default. Leave
TRUSTFENCE_INITRAMFS_IMAGE as an internal variable only.
https://onedigi.atlassian.net/browse/DEL-7174
Signed-off-by: Gabriel Valcazar <gabriel.valcazar@digi.com>
Since the update partition might be involved during a software update, we need
to make sure that its contents are accesible and safe when using the partition
encryption feature at the same time.
Mount and unmount the partition correctly if it's encrypted and cancel any
operations that will result in the deletion of the update package.
https://onedigi.atlassian.net/browse/DEL-7174https://onedigi.atlassian.net/browse/DEL-7422
Signed-off-by: Gabriel Valcazar <gabriel.valcazar@digi.com>
Add a new function to the recovery library to be able to encrypt/unencrypt any
partition on the internal storage media. Since it's a destructive operation,
add a warning message and a confirmation prompt that can be skipped if needed.
Reflect this new functionality in the recovery-reboot app. Change the logic so
that an encryption key can be set even if there's no update package, because
now it's possible to encrypt other partitions while leaving the rootfs intact.
Also change the logic so that the app doesn't reboot into recovery mode if
there's no recovery command set.
Implement the same blacklist as the one in the recovery script.
https://onedigi.atlassian.net/browse/DEL-7174
Signed-off-by: Gabriel Valcazar <gabriel.valcazar@digi.com>
Modify the recovery and trustfence initramfs scripts to be able to encrypt any
partition on the internal storage media, not just the rootfs.
To implement this functionality, add a new recovery command called
'encrypt_partitions'. When used, this command must contain a comma-separated
list of the partitions that are to be encrypted by the end of the recovery
process, including partitions that were already encrypted beforehand. Any
partition that isn't in the list will be unencrypted. If the command is absent,
no changes will be made, but it's possible to pass an empty command to
unencrypt all partitions.
Include a blacklist to avoid encrypting partitions that shouldn't be encrypted,
such as partitions that need to be accessed by the ROM code/U-Boot or
partitions that contain encryption keys.
While at it, remove unnecessary "get_kernel_version" function from the script.
https://onedigi.atlassian.net/browse/DEL-7174
Signed-off-by: Gabriel Valcazar <gabriel.valcazar@digi.com>
Now libgpiod is not added automatically and we need to add the
dependence manually.
For more info see commit 4339c28ff4aa0264c34f4f183349aea20a5ff127 in
meta-openembedded layer.
https://jira.digi.com/browse/DEL-7522
Signed-off-by: Francisco Gil Martinez <francisco.gilmartinez@digi.com>
Recipe system-monitor has a dependency with systemd package, however it was
added unconditionally for all platforms. This commit adds a protection to
include this recipe only when systemd is present in the DISTRO_FEATURES
https://jira.digi.com/browse/DEL-7508
Signed-off-by: Arturo Buzarra <arturo.buzarra@digi.com>
Commit f7a354d("Generate image headers from their PNG source, while still
including them in dist tarball") provides a default PNG files removing the image
generation in build time. This commit overwrites the default PNG with one
customized by Digi.
https://jira.digi.com/browse/DEL-7508
Signed-off-by: Arturo Buzarra <arturo.buzarra@digi.com>
Modify the recovery-utils code to reflect the change (change in C header and
linked libraries)
https://jira.digi.com/browse/DEL-7410
Signed-off-by: Gabriel Valcazar <gabriel.valcazar@digi.com>
The 'distro_features_check' class has had its functionality expanded, as
a result the class has now been renamed to 'features_check'
https://jira.digi.com/browse/DEL-7508
Signed-off-by: Arturo Buzarra <arturo.buzarra@digi.com>
NetworkManager recipe split the command line util in a different package, so we
added it in our default images.
https://jira.digi.com/browse/DEL-7508
Signed-off-by: Arturo Buzarra <arturo.buzarra@digi.com>
Use the same common files for both ConnectCore 8M platforms
https://jira.digi.com/browse/DEL-7397
Signed-off-by: Arturo Buzarra <arturo.buzarra@digi.com>
We're going to be using the busybox http server to house the WebKit examples,
so we need to get rid of any files that might interfere with it. Keep the files
for the ccimx6ul, since it doesn't support WebKit.
https://jira.digi.com/browse/DEL-7314https://jira.digi.com/browse/DEL-7339
Signed-off-by: Gabriel Valcazar <gabriel.valcazar@digi.com>
This image is very similar to dey-image-qt, but it includes the WebKit
packagegroup instead of the Qt one. Said packagegroup contains all of the
elements needed to run a WebKit-based browser environment in DEY.
This image requires the meta-webkit layer, so include it in our default
bblayers template. For now, include all WebKit related recipes in a dynamic
layer, because the ccimx6ul doesn't support WebKit and its projects don't need
meta-webkit at all.
https://jira.digi.com/browse/DEL-7339
Signed-off-by: Gabriel Valcazar <gabriel.valcazar@digi.com>
configure power LED for blinking in standby
configure power LED solid on after resume
https://jira.digi.com/browse/DEL-7330
Signed-off-by: Hector Bujanda <Hector.Bujanda@digi.com>
This version includes changes needed to reflect the OTP driver update in the
kernel.
https://jira.digi.com/browse/DEL-7261
Signed-off-by: Gabriel Valcazar <gabriel.valcazar@digi.com>
This package was being included as a RRECOMMENDS from libcrypto, but we don't
need it in the initramfs at all. Since our recovery image is already pretty big
compared with the recovery partition size on ccimx6ul platforms with 256 MB of
storage, remove it to make sure the image can fit.
https://jira.digi.com/browse/DEL-7253
Signed-off-by: Gabriel Valcazar <gabriel.valcazar@digi.com>
The old fsl_otp driver is deprecated and we need to determine
if the device is closed using a new property of the device tree
called 'digi,tf-closed'.
Assume the device is open if the property is not found.
Signed-off-by: Hector Palacios <hector.palacios@digi.com>
https://jira.digi.com/browse/DEL-7185
(cherry picked from commit fc1a736758)
The old fsl_otp driver is deprecated and we need to determine
if the device is closed using a new property of the device tree
called 'digi,tf-closed'.
Assume the device is open if the property is not found.
Signed-off-by: Hector Palacios <hector.palacios@digi.com>
https://jira.digi.com/browse/DEL-7185
By default, we generate SWU files which update both the linux and rootfs
partitions. This, along with the fact that platforms using NAND as the storage
media require a reboot for the rootfs partition's "enc" flag to take effect,
makes it safe to format the NAND's rootfs partition before performing an
update, regardless of having to encrypt the rootfs or not.
However, customers that wish to use the swupdate feature to update just the
linux partition will find that the rootfs is completely erased after the update
is finished, because a new rootfs hasn't been written in its place.
To avoid this scenario, parse the SWU package's description to verify that it
contains a rootfs image before formatting the partition.
https://jira.digi.com/browse/DEL-7067
Signed-off-by: Gabriel Valcazar <gabriel.valcazar@digi.com>
Busybox's device manager mdev was originally meant to be set up by writing its
path to /proc/sys/kernel/hotplug before launching it, but that entry no longer
exists in Linux v5.4's procfs and mdev can be launched directly.
Since mdev is the element in the recovery initramfs that is in charge of
mounting all partitions where .swu packages can be found (update partition on
the eMMC/MTD, uSD and USB), checking for the existence of the hotplug entry in
the procfs before launching mdev in v5.4 was preventing the partitions from
being mounted, and causing all software updates to fail.
While at it, move the two second delay to before mdev is launched, so all
partitions can be mounted. Otherwise, some devices such as the USB might not
be ready when mdev is launched, causing its partition to not be mounted.
https://jira.digi.com/browse/DEL-7143
Signed-off-by: Gabriel Valcazar <gabriel.valcazar@digi.com>
MMC core block has changed in kernel 5.4 so Replay Protected Memory Block (RPMB)
and boot partitions are not listed under /proc/partitions anymore.
get_emmc_block_device() function in pkg_postinst_ontarget() method was looking
for these entries to identify the MMC partition where to execute resize2fs.
This function has been modified to do the checks inside /dev/mmcblk* where RPMB
and boot entries are still listed.
https://jira.digi.com/browse/DEL-7094
Signed-off-by: Hector Bujanda <hector.bujanda@digi.com>
This interface should be the last item defined in the
/etc/network/interfaces file.
When you try to enable the interface br0 (bridge interface),
all the other interfaces should be available.
If the br0 interface is located before the other interfaces
involved in the bridge, it will fail.
Signed-off-by: Francisco Gil <francisco.gilmartinez@digi.com>
* prefix TRUSTFENCE_ to variable SIGN_MODE for DEY
* prefix CONFIG_ to variable SIGN_MODE for script
Signed-off-by: Hector Palacios <hector.palacios@digi.com>
The poweroff command is not available in the initramfs due to a missing
sysvinit/systemd dependency. Use the busybox "halt" command, since it's
available regardless of the init manager used. Rework the error message and
script variables accordingly.
https://jira.digi.com/browse/DEL-6983
Signed-off-by: Gabriel Valcazar <gabriel.valcazar@digi.com>
Userspace firmware loading support is required for the Linux imx-sdma driver.
The patches that accomplish this were originally in poky, but were removed in
the thud upgrade. Re-work the patches so they apply over systemd v239.
https://jira.digi.com/browse/DEL-6932
Signed-off-by: Gabriel Valcazar <gabriel.valcazar@digi.com>
In very rare cases, random services would hang when powering off the system,
causing the poweroff process to stall for 90 seconds before timing out the stop
job. To avoid this behaviour, minimize the effect of these random freezes by
decreasing the timeout.
The default services in our system take well under 15 seconds to stop
gracefully, so we can guarantee that a timeout will never happen under normal
circumstances.
https://jira.digi.com/browse/DEL-6794
Signed-off-by: Gabriel Valcazar <gabriel.valcazar@digi.com>
Use ifupdown variable 'p2p-network-id' to pass a WPA supplicant network
id, to pre-populate some parameters (SSID/passphrase) when creating the
group where this device is the GO.
Also replace go_intent=7 with the auto parameter. According to the
documentation:
"auto" can be used to request wpa_supplicant to automatically
figure out whether the peer device is operating as a GO and if so,
use join-a-group operation rather than GO Negotiation.
https://jira.digi.com/browse/DEL-6741
Signed-off-by: Javier Viguera <javier.viguera@digi.com>
This commit fixes the error message when specific network scripts
are launched.
Signed-off-by: Mike Engel <Mike.Engel@digi.com>
https://jira.digi.com/browse/DEL-6728
Commit 074e3ba3 ("meta-digi-dey: add cryptsetup tool into initramfs") added
the runtime dependency to cryptsetup for all platforms, but it is
required only to encrypt/decrypt block devices.
Signed-off-by: Arturo Buzarra <arturo.buzarra@digi.com>
This commit disables file system check on the root file system when it is encrypted.
This prevents the service from failing on encrypted rootfs with the message:
[FAILED] Failed to mount /run/media/mmcblk0p3.
See 'systemctl status run-media-mmcblk0p3.mount' for details.
Signed-off-by: Mike Engel <Mike.Engel@digi.com>
https://jira.digi.com/browse/DEL-6655
To avoid possible conflicts with NetworkManager, remove systemd-networkd
entirely.
https://jira.digi.com/browse/DEL-6610
Signed-off-by: Gabriel Valcazar <gabriel.valcazar@digi.com>
The Replay Protected Memory Block (RPMB) is an special storage
partition that cannot be accessed via standard block layer.
When a user space tool like blkid, tries to read it the kernel
suffers buffer I/O errors and timeouts.
This commit modifies the post installation script to filter the RPMB
partitions from the mmc block devices, to avoid multiple kernel
errors during the script execution.
https://jira.digi.com/browse/DEL-6609
Signed-off-by: Arturo Buzarra <arturo.buzarra@digi.com>
Removed the platform dependency to apply the resize to all platforms.
https://jira.digi.com/browse/DEL-6609
Signed-off-by: Arturo Buzarra <arturo.buzarra@digi.com>
This recipe is an example for customer for a system-monitor. Scripts that
verify the system status can be added to /etc/system-monitor.d
The recovery mechanisms can be implemented on those scripts or in the
system-monitor script. The software watchdog systemd support is used to
guarantee that the system-monitor is running.
When using this it is recommended to enable the systemd hardware watchdog
support, refer to the systemd documentation for this.
The systemd service provided by this recipe is not enabled by default as it
is an example that needs customization.
https://jira.digi.com/browse/DEL-6593
Signed-off-by: Jose Diaz de Grenu <Jose.DiazdeGrenu@digi.com>
Currently in a systemd based init, the httpd server is not launched. A
systemd service is needed, so add it.
Also install a CGI script that allows to use the device for the
NetworkManager connectivity check.
https://jira.digi.com/browse/DEL-6577
Signed-off-by: Javier Viguera <javier.viguera@digi.com>
Even though systemd support is not yet available for these platforms, add the
scripts so bitbake doesn't fail when building the busybox package.
https://jira.digi.com/browse/DEL-6565
Signed-off-by: Gabriel Valcazar <gabriel.valcazar@digi.com>
* Use the same operation order when resuming interfaces
* Remove unnecessary delay in ccimx6sbc standby script
Signed-off-by: Gabriel Valcazar <gabriel.valcazar@digi.com>
Otherwise, packagegroup-dey-core won't get included in ccimx6ulstarter images.
This packagegroup contains fundamental OS elements, such as sysvinit, kernel
modules and so on. Use CORE_IMAGE_BASE_INSTALL instead and make sure to append
to the default value instead of overwriting it.
https://jira.digi.com/browse/DEL-6536
Signed-off-by: Gabriel Valcazar <gabriel.valcazar@digi.com>
This modifies the behavior of the sd-resolve libsystemd component to prevent
the system from freezing whenever a service that uses said component is
stopped. Even though this doesn't free the terminated thread's resources
properly, this procedure only gets executed during the final moments of a
service's process before it exits, so resource leaks aren't an issue.
https://jira.digi.com/browse/DEL-6523
Signed-off-by: Gabriel Valcazar <gabriel.valcazar@digi.com>
This commit removes the following examples that were accessing
hardware interfaces:
- dey-examples-adc
- dey-examples-can
- dey-examples-gpio-sysfs
- dey-examples-spidev
- dey-examples-watchdog
The recipe 'dey-examples-digiapix' builds similar examples that make
use of Digi's APIX for accessing the hardware. Add this recipe to images
- dey-image-qt
- core-image-base
Signed-off-by: Hector Palacios <hector.palacios@digi.com>
https://jira.digi.com/browse/DEL-5169
This way, the wlan1 interface will only be created whenever a user wants to
bring the interface up with ifupdown. Modify the script to be able to delete
the interface whenever it gets brought down and remove its .sh file extension
so run-parts can run it properly during the ifup process.
https://jira.digi.com/browse/DEL-6353
Signed-off-by: Gabriel Valcazar <gabriel.valcazar@digi.com>
Tests have shown that having this interface up hinders wlan0's performance,
so don't bring it up by default.
https://jira.digi.com/browse/DEL-6353
Signed-off-by: Gabriel Valcazar <gabriel.valcazar@digi.com>
This script introduces a minor delay when the own script
launch the wpa_supplicant daemon, however this minor delay
is needed in the boot process when the wireless interface
is loaded, if not the bridge mechanism throws an unexpected
error trying to add the interface to the bridge before the
wireless is ready to use.
Signed-off-by: Arturo Buzarra <arturo.buzarra@digi.com>
Soften the dependencies between the services and start the bluetooth stack
regardless of the existence of a bluetooth chip. Also, update the standby
script to reflect that there is no longer a strong dependency between the
services.
https://jira.digi.com/browse/DEL-6452
Signed-off-by: Gabriel Valcazar <gabriel.valcazar@digi.com>
Unlike eudev, which is used on images without systemd, the list of paths
systemd-udev uses to look for rules is very limited. Include an upstream patch
(commit 116b91e8ccfee1d44fc2b140d831d688e3747902 in the systemd repo) that
expands said list.
This fixes an issue with crda's regulatory domain rule file, which was being
excluded due to it being in a path systemd-udev was ignoring (/usr/lib/udev).
Because of this, the regulatory domain was never set properly and hostapd was
failing when configured to use 5GHz channels (which is the default config).
https://jira.digi.com/browse/DEL-6504
Signed-off-by: Gabriel Valcazar <gabriel.valcazar@digi.com>
To avoid bringing up interfaces before they're created by udev scripts
(specifically wlan1), wait until udev settles before starting the service.
https://jira.digi.com/browse/DEL-6504
Signed-off-by: Gabriel Valcazar <gabriel.valcazar@digi.com>
When using systemd, putting the wlan1 interface up wasn't working because it
was relying on initscripts that are no longer in the filesystem.
Add a parametrized version of the upstream hostapd service to be able to use a
configuration that's different from the default one. Also, modify the
generation of the wlan1 entry in /etc/network/interfaces to be able to use
different post-up/pre-down hooks depending on the init manager that's being
used.
https://jira.digi.com/browse/DEL-6504
Signed-off-by: Gabriel Valcazar <gabriel.valcazar@digi.com>
Latest update to version 1.29.3 in upstream breaks the compatibility
of our bbappend, to avoid it in future updates, this commit
generalizes the bbappend to apply all the 1.29 series.
Signed-off-by: Arturo Buzarra <arturo.buzarra@digi.com>
This script behaves the same way as our custom standby script, with a few
modifications, for example:
* instead of using initscripts to stop/start daemons, it uses systemctl calls
* save variables that are needed when resuming in /tmp, because the script is
executed twice instead of once (when suspending and when resuming)
* remove the locking/unlocking of the critical section and the actual state
change, since that is handled by systemd-suspend now
Also, add a different standby script for when systemd is enabled. Said script
acts as a wrapper for systemd's suspend mechanism.
https://jira.digi.com/browse/DEL-6415
Signed-off-by: Gabriel Valcazar <gabriel.valcazar@digi.com>
These patches don't apply on the latest version of systemd used in Yocto 2.6.
https://jira.digi.com/browse/DEL-6415
Signed-off-by: Gabriel Valcazar <gabriel.valcazar@digi.com>
Without systemd, our KEY_POWER events were handled by the ACPI daemon, which in
turn issued a "poweroff" command. With systemd, the ACPI daemon is no longer
available and the events are handled by systemd-logind instead, which also
powers down the system properly. However, NXP added a patch that prevents
system-logind from handling the events, since they use the sc_powerkey instead.
Remove this patch to be able to power the target off via our power button.
https://jira.digi.com/browse/DEL-6415
Signed-off-by: Gabriel Valcazar <gabriel.valcazar@digi.com>
Otherwise, there will be errors due to missing dependencies.
https://jira.digi.com/browse/DEL-6415
Signed-off-by: Gabriel Valcazar <gabriel.valcazar@digi.com>
These have been ported directly from NXP's meta-fsl-bsp-release layer.
https://jira.digi.com/browse/DEL-6415
Signed-off-by: Gabriel Valcazar <gabriel.valcazar@digi.com>
Since poky commit b6fbb3f3d4d6367b0fd7921078f67057551c7ede
reboot config was moved to init.cfg to provide this configuration
when busybox is selected as the init manager, however it is needed
for initramfs images where no init manager is set (see poky commit
ef4a417ab04779bd9fc8a6540a20cca7d14e98cf).
https://jira.digi.com/browse/DEL-6451
Signed-off-by: Arturo Buzarra <arturo.buzarra@digi.com>
Since commit 4b41d9072a304fadbe1cc37c94575f12a2a47fd3 in poky
busybox removes the RRECOMENDS dependency with busybox-syslog,
then we need to explicitly add this dependency in the recipes.
https://jira.digi.com/browse/DEL-6443
Signed-off-by: Arturo Buzarra <arturo.buzarra@digi.com>
The defconfig file has been refreshed for the current busybox
version 1.29.2 maintaining the same applets enabled.
https://jira.digi.com/browse/DEL-6412
Signed-off-by: Arturo Buzarra <arturo.buzarra@digi.com>
Francisco Gil
Javier Viguera
Tatiana Leon
Hector Palacios
Arturo Buzarra
David Escalona
Mike Engel
Gabriel Valcazar
Gonzalo Ruiz
Hector Bujanda
Mattias Lindblad
Jose Diaz de Grenu