Sometimes, it may be desired that the DEY project does not sign the
artifacts, for example, if they are going to be externally signed on a
secure server. In this case, the user sets TRUSTFENCE_SIGN="0".
On STM platforms, all the variables were being set if TRUSTFENCE_SIGN="1"
and authentication support is not enabled on TF_A otherwise.
Set TF_A_SIGN_ENABLE (which adds authentication support to TF_A) always
for STM platforms (as long as the project inherits the trustfence class)
and set FIP_SIGN_ENABLE="0" if its sibling TRUSTFENCE_SIGN="0", so that
DEY doesn't sign the FIP image either.
Signed-off-by: Hector Palacios <hector.palacios@digi.com>
The root file system requires the public key to authenticate SWU files.
For NXP platforms, the public key is extracted from the certificate.
For STM platforms, simply copy the public key over to the rootfs.
Signed-off-by: Hector Palacios <hector.palacios@digi.com>
For the moment, do not sign aditional artifacts, such as the ramdisk,
the kernel or the boot scripts for STM platforms.
In the specific case of the ramdisk, simply copy it over with the
expected filename extension.
Signed-off-by: Hector Palacios <hector.palacios@digi.com>
Several recipes depend on the PKI creation.
Create a small recipe to just run this function which
is moved from the trustfence.bbclass.
Signed-off-by: Hector Palacios <hector.palacios@digi.com>
dualboot and recovery recipes may require to use the keys so they must
depend on the recipe that installs the script that generates them.
Signed-off-by: Hector Palacios <hector.palacios@digi.com>
Certain platforms share a processor family but need to be differentiated
between them. DEY was using the variable DIGI_FAMILY as the SOM name
rather than the family. It becomes useful to have both (DIGI_SOM as the
more specific, and DIGI_FAMILY as the more generic).
This is the case, for example, of:
- ccmp1 (family)
- ccmp15 (SOM)
- ccmp13 (SOM)
- ccimx8m (family)
- ccimx8mm (SOM)
- ccimx8mn (SOM)
Both variables are used on the machine overrides.
Where DIGI_FAMILY was used, use now DIGI_SOM.
Signed-off-by: Hector Palacios <hector.palacios@digi.com>
Set TRUSTFENCE_DEK_PATH to "0" for CCMP1 (not using dek.bin), as if this
was disabled.
Set temporarily TRUSTFENCE_ENCRYPT_ENVIRONMENT to "0" for CCMP1 until
environment encryption is fully supported.
Signed-off-by: Hector Palacios <hector.palacios@digi.com>
The name of the variable was not very intuitive of what
it contains. This variable expands to the SoC vendor
(NXP or STM).
Signed-off-by: Hector Palacios <hector.palacios@digi.com>
Commit d2c1494bbf36b6392e47ffd4a75307d29681d190 in poky adds this variable
to EXTRA_OESCONS, which breaks the do_compile() task of this recipe. Remove
the variable to be able to build the package.
Signed-off-by: Gabriel Valcazar <gabriel.valcazar@digi.com>
Commit 065cf3e9 ("kirkstone migration: general update to the new override
syntax") incorrectly renamed binaries in a massive change. This commit restores
the binary names to the original.
https://onedigi.atlassian.net/browse/DEL-8478
Signed-off-by: Arturo Buzarra <arturo.buzarra@digi.com>
This package was inadvertantly pulling in a lot of dependencies into our
images that make use of Qt6. Most of these packages consisted of *-dev
packages, which are only useful for development with the SDK.
Remove this package along with its dependencies to significantly reduce the
dey-image-qt rootfs image size.
Signed-off-by: Gabriel Valcazar <gabriel.valcazar@digi.com>
This commit syncs the device request code to match with the latest 'cc_api'
layer implementation.
See commit 99a2ff39b771f0e36af8d15d40f970462352e0b6 in 'cc_api' repository and
commit d8c848fc2f516a6c2197181f7540c9c23feaf44f in 'cc_dey' repository.
Signed-off-by: Tatiana Leon <Tatiana.Leon@digi.com>
Connector creates detached threads and calling to 'wait_for_ccimp_threads()' is
not required.
See commit d34ddfb719932ae59774b388579b7d6a77472c4f in 'cc_dey' repository.
Signed-off-by: Tatiana Leon <Tatiana.Leon@digi.com>
* Remove 'MAX_RESPONSE_SIZE' define and allocate required memory in
'device_request_listener' example.
* Create 'free_timestamp()' function in 'upload_data_points' example.
* Use some sorter variable names.
* Use '__func__' to log function names.
* Remove line feed from log messages.
* Remove not required curly braces for single line loops.
Signed-off-by: Tatiana Leon <Tatiana.Leon@digi.com>
By default, our 'cloudconnector' package is installed.
This can be overriden by defining 'CLOUDCONNECTOR_PKG' in the 'local.conf'
with the custom package that includes this application.
Signed-off-by: Tatiana Leon <Tatiana.Leon@digi.com>
These examples have a gtk+3 dependency that can't be met on the ccmp13 due to
it being a headless device. Remove these examples from the packagegroups so we
can at least build the rest of the ML packages.
Note that all of ST's ML examples are GUI-based and will not be usable on the
ccmp13, but since the remaining examples don't have an explicit gtk+3
dependency, at least they won't trigger build errors when included in the
image.
https://onedigi.atlassian.net/browse/DEL-8308
Signed-off-by: Gabriel Valcazar <gabriel.valcazar@digi.com>
ST's onnxruntime recipe moves a file in a way that triggers a QA error due to
file ownership issues. Copy the do_install() function as-is and modify the
offending line to copy the file instead. Create a dynamic layer for stm32mpu-ai
to include the bbappend.
https://onedigi.atlassian.net/browse/DEL-8308
Signed-off-by: Gabriel Valcazar <gabriel.valcazar@digi.com>
These are recipes we created to support Google Coral on i.MX platforms. ST's
machine learning layer provides similar recipes, so to avoid conflicts, move
the recipes meant for i.MX platforms to a dynamic layer.
https://onedigi.atlassian.net/browse/DEL-8308
Signed-off-by: Gabriel Valcazar <gabriel.valcazar@digi.com>
rename interface sta_name to be "wlan0" instead of "mlan0", so it keeps
compatibility with other platforms.
Signed-off-by: Isaac Hermida <isaac.hermida@digi.com>
Check if the bluetooth-init service is running before going to suspend,
just in case has stopped or disabled it on purpose.
https://onedigi.atlassian.net/browse/DEL-8497
Signed-off-by: Isaac Hermida <isaac.hermida@digi.com>
Otherwise the build fails, with:
ERROR: dey-image-qt-1.0-r0 do_rootfs: The following packages could not be configured offline and rootfs is read-only: ['100-e2fsprogs-mke2fs']
https://onedigi.atlassian.net/browse/DEL-8495
Signed-off-by: Javier Viguera <javier.viguera@digi.com>
Masking the extended advertising flag makes the hcitool lescan work, but
triggers functionality problem such as bluetoothctl scanning or extended
advertisement not working.
Do not mask it, so use bluetoothctl scan instead of hcitool lescan to discover
LE devices.
This reverts commit ac1e4633fb.
Signed-off-by: Isaac Hermida <isaac.hermida@digi.com>
We need to take in account if the IW612 chip (WiFi/Bt) is going to be powered
off on suspend state. In such a case, we need to unload the driver modules and
restore the expected tty speed for Bluetooth, so that functionality is restored
back on resume.
https://onedigi.atlassian.net/browse/DEL-8489
Signed-off-by: Isaac Hermida <isaac.hermida@digi.com>
The BT chip for the ccimx93 cannot be turned off, nor can it be re-uploaded.
Therefore, we need to set some conditions to assume that it is going to be
attached correctly. The changes in this script take care of that.
Upon the first attachment, the rate is set to 3M, and future uses will always
be done at this rate. If, for any reason, it was not stopped and the chip is
already attached, do nothing.
https://onedigi.atlassian.net/browse/DEL-8464
Signed-off-by: Isaac Hermida <isaac.hermida@digi.com>
This fix is needed for bluez-5.65 version.
We can drop it when using a newer version.
https://onedigi.atlassian.net/browse/DEL-8346
Signed-off-by: Isaac Hermida <isaac.hermida@digi.com>
The enabled options are mainly for AP mode, which improve the P2P
performance when the P2P node behaves as an AP, it is, as P2P GO.
https://onedigi.atlassian.net/browse/DEL-8346
Signed-off-by: Isaac Hermida <isaac.hermida@digi.com>
Use the specific hcitool vendor command to set the BT mac address.
It is a custom vendor command (0x3f), and the field is 0x0022.
The BT address is passed from last octet to first octet.
https://onedigi.atlassian.net/browse/DEL-8346
Signed-off-by: Isaac Hermida <isaac.hermida@digi.com>
Sync the defconfig to version 2.10.
Additionally, add support for new features, such as:
* ACS (auto channel selection)
* 802.11AX (Wi-Fi 6)
* SAE (WPA3 Personal)
* SUITEB192 (WPA3 Enterprise 192 bits)
https://onedigi.atlassian.net/browse/DEL-8346
Signed-off-by: Isaac Hermida <isaac.hermida@digi.com>
Codeaurora was retired on April 2023.
Fix bbappends to point to their new location on Github.
Signed-off-by: Hector Palacios <hector.palacios@digi.com>
Cloud Connector configuration file sets:
* 'edp12.devicecloud.com' as the URL to connect to (this end point uses client
certificates)
* '/mnt/data' as the directory to store downloaded certificates, now that
this is also available in emmc platforms (see
62d937df42)
This commit:
* reverts a0842cbcfd to keep
'edp12.devicecloud.com' URL that uses certificates for ccimx8m platforms.
* reverts fd94f10c0b since now the cloud connector
configuration file sets '/mnt/data' as the place to store downloaded
certificates, so no need to modify it for ccmp1 platforms.
* It also configures '/etc/ssl/certs' as the certificates directory for cc6ul
devices. Although by default, these devices are connecting to
'remotemanager.digi.com' that not uses certificates, we prefer to use an
existing directory in that setting. See commit
063a946e7c.
Signed-off-by: Tatiana Leon <Tatiana.Leon@digi.com>
'environment' partition is not available in the ccmp15.
The solution suggested is read the "/proc/mounts" and check if the 'rootfs' is
'ubifs' mounted.
Related to commits 7c07b15370 and
678eaaf0fc4ce74e67682387e3465eb29659bd47
Signed-off-by: Tatiana Leon <Tatiana.Leon@digi.com>
This commit adds a new function to get the active system in a dualboot device
without using 'active_system' U-Boot variable.
This way the script always knows the real active system even when the variable
'active_system' has the value of the next boot active system, for example, after
performing a 'update-firmware --swap-active-system'.
https://onedigi.atlassian.net/browse/DEL-8399
Signed-off-by: Tatiana Leon <Tatiana.Leon@digi.com>
Mike Engel
Javier Viguera
Hector Palacios
Gabriel Valcazar
Arturo Buzarra
Tatiana Leon
Isaac Hermida
David Escalona