This reverts commit b8f50680e5.
The support to read and write to an encrypted environment has been added, so
there is no need to exclude the u-boot-fw-utils anymore.
https://jira.digi.com/browse/DEL-2836
Signed-off-by: Diaz de Grenu, Jose <Jose.DiazdeGrenu@digi.com>
This patch adds the functionality to automatically detect if the enviroment
is encrypted (through the device tree). If it is, the environment is encrypted
and decrypted as required in a transparent way for the user.
https://jira.digi.com/browse/DEL-2836
Signed-off-by: Diaz de Grenu, Jose <Jose.DiazdeGrenu@digi.com>
Add commented lines as example to configure and run the wlan0 interface in AP
mode using hostapd daemon.
https://jira.digi.com/browse/DEL-2913
Signed-off-by: Isaac Hermida <isaac.hermida@digi.com>
Do not autostart hostapd daemon on boot because because it will conflict with
wpa-supplicant process and add a custom hostapd.conf file with WPA2-AES
encryption.
https://jira.digi.com/browse/DEL-2913
Signed-off-by: Isaac Hermida <isaac.hermida@digi.com>
- boot.txt
Sets the device tree filename basing on the SOM variant read from
the HWID and boots from NAND.
- install_linux_fw_sd
Deploys a full system (as generated by Digi Embedded Yocto) from
a FAT formatted micro SD card into the NAND flash.
https://jira.digi.com/browse/DEL-2925
Signed-off-by: Isaac Hermida <isaac.hermida@digi.com>
APM is an ancient power management API mainly for x86. There is an
optional emulation layer for ARM, but none of our platforms is using
it, so just remove the machine feature.
https://jira.digi.com/browse/DEL-2745
Signed-off-by: Isaac Hermida <isaac.hermida@digi.com>
Instead of having one default image target for all platforms allow to
define this per platform.
This is needed because for example for the 'ccimx6ulstarter' we want to
define a default command line image instead of a QT-based one.
Signed-off-by: Javier Viguera <javier.viguera@digi.com>
Tweaked to maintain the u-boot and linux revisions to AUTOREV instead of
the fixed SHA1s from the tag.
Signed-off-by: Javier Viguera <javier.viguera@digi.com>
So the warning message shows the TF variable setting in the correct
syntax that they should be written in the project's local.conf
Signed-off-by: Javier Viguera <javier.viguera@digi.com>
Currently we don't support booting encrypted images from an SDCARD, so
just disable the generation of such images.
https://jira.digi.com/browse/DEL-2876
Signed-off-by: Javier Viguera <javier.viguera@digi.com>
* Add known issues for CC6UL.
* Refer to online documentation for interface and feature list.
* Add uSD encrypted image boot limitation.
Signed-off-by: Alex Gonzalez <alex.gonzalez@digi.com>
When TRUSTFENCE_SIGN is enabled, the u-boot binary for the SDCARD image
needs to be the "signed" one.
https://jira.digi.com/browse/DEL-2876
Signed-off-by: Javier Viguera <javier.viguera@digi.com>
* Add trademark to TrustFence (TM) for consistency.
* Remove CC6UL non-wireless variant from supported products
* Added a note to check the online documentation for an updated known
issues and limitations list.
Signed-off-by: Alex Gonzalez <alex.gonzalez@digi.com>
enabled
There is currently no support on fw_printenv/fw_setenv to access an
encrypted environment.
This commit removes the package if U-Boot environment encryption is
enabled to avoid environment corruption on access.
It also documents the issue as a known issue.
https://jira.digi.com/browse/DEL-2625
Signed-off-by: Alex Gonzalez <alex.gonzalez@digi.com>
According to 'grep' manual '\s' is a synonym for [[:space:]] which
matches spaces, TABs, but also newlines, etc. We want to only match
spaces and TABs, so use [[:blank:]] instead.
Signed-off-by: Javier Viguera <javier.viguera@digi.com>
By default, on closed devices you cannot revoke any key. To do so, it is
required to compile a U-Boot which instructs the HAB not to set the sticky
bit which write protects that field in the OCOTP controller.
This patch introduces a Yocto macro which allows to configure U-Boot in
that way.
In the ConnectCore 6, the value of this settings is ignored, because HAB never
sets the sticky bit which write protects that field.
https://jira.digi.com/browse/DUB-665
Signed-off-by: Diaz de Grenu, Jose <Jose.DiazdeGrenu@digi.com>
* set cellular user and password
* stricter replace to not match set values
* only set cellular interface to auto
Internal merge of Github's PR:
https://github.com/digi-embedded/meta-digi/pull/2
Signed-off-by: Javier Viguera <javier.viguera@digi.com>
By default, on closed devices you cannot revoke any key. To do so, it is
required to compile a U-Boot which instructs the HAB not to set the sticky
bit which write protects that field in the OCOTP controller.
This patch introduces a Yocto macro which allows to configure U-Boot in
that way.
In the ConnectCore 6, the value of this settings is ignored, because HAB never
sets the sticky bit which write protects that field.
https://jira.digi.com/browse/DUB-665
Signed-off-by: Diaz de Grenu, Jose <Jose.DiazdeGrenu@digi.com>
While performing usability testing on the TrustFence documentation, it has
been noted that in order to follow the secure boot instructions the
console needs to be enabled.
We have now moved the secure console section to the end of the
documentation so that disabling the console is the last configuration to
make in a secure system.
Signed-off-by: Alex Gonzalez <alex.gonzalez@digi.com>
When changing any of the secure boot configurable macros the Linux kernel
should be re-deployed so that it can be signed/encrypted as needed.
https://jira.digi.com/browse/DEL-2750
Signed-off-by: Alex Gonzalez <alex.gonzalez@digi.com>
We have seen lately random build failures in the buildserver due to
missing QT5 base libraries that are needed when building some other
QT5 packages.
Examples:
Compiling qtdeclarative:
error: cannot open .../tmp/work/cortexa9hf-vfp-neon-mx6qdl-dey-linux-gnueabi/qtbase/5.5.1+gitAUTOINC+5afc431323-r0/build/lib/libQt5Core.so: No such file or directory
error: cannot open .../tmp/work/cortexa9hf-vfp-neon-mx6qdl-dey-linux-gnueabi/qtbase/5.5.1+gitAUTOINC+5afc431323-r0/build/lib/libQt5Network.so: No such file or directory
error: cannot open .../tmp/work/cortexa9hf-vfp-neon-mx6qdl-dey-linux-gnueabi/qtbase/5.5.1+gitAUTOINC+5afc431323-r0/build/lib/libQt5Widgets.so: No such file or directory
The problem here is that 'qtdeclarative' is trying to get the needed
libraries from the 'qtbase' temporary work directory. But because in the
buildserver we have 'rm_work' enabled to save space, sometimes the
rm-work class has removed the 'qtbase' work directory before
'qtdeclarative' has been built, leading to the compilation error.
This is probably a bug in 'meta-qt5', because the different packages
needing QT5 base libraries should take them at compile time from the
sysroot and not from the qtbase work directory.
At the moment just workaround this adding an exception to the rm-work
class to not remove the 'qtbase' temporary work directory.
Signed-off-by: Javier Viguera <javier.viguera@digi.com>
This package is native only, this patch ensures it can only be built
natively and fix the following problems:
* Add openssl-native rather than openssl to the dependencies.
* Use the $(CC) $(LDFLAGS) and $(CFLAGS) that Yocto provides to avoid a
compilation error.
Signed-off-by: Diaz de Grenu, Jose <Jose.DiazdeGrenu@digi.com>
Down the bluetooth interface before entering suspend and up it after resuming
if it is present and up.
https://jira.digi.com/browse/DEL-2806
Signed-off-by: Isaac Hermida <isaac.hermida@digi.com>
The build script was filtering out toolchain builds for all image
recipes not starting with 'dey-image-', but for the CC6UL we are
building by default 'core-image-base', so update the regular expression
to allow building the toolchain for 'core-image-*' image recipes.
https://jira.digi.com/browse/DEL-2837
Signed-off-by: Javier Viguera <javier.viguera@digi.com>
Start syslog earlier (from 20 to 02) so it is running and other init scripts
can use it to log into the system like the S03networking script.
https://jira.digi.com/browse/DEL-2812
Signed-off-by: Isaac Hermida <isaac.hermida@digi.com>
Diaz de Grenu, Jose
Isaac Hermida
Javier Viguera
Alex Gonzalez
Stephan Klatt