This commit removes the interfaces that are managed by Networkmanager
from the /etc/network/interfaces entry.
Signed-off-by: Mike Engel <Mike.Engel@digi.com>
In the recovery images we are using a custom init so we are not executing
any post-installation that is required for a correct rootfs setup, so call
all the post installation scripts from our custom init.
The package installation could be ipk, rpm or deb, so call to the
*postint folder.
Given that the recovery rootfs is a ramdisk, there is no need to remove the
post installation scripts.
https://jira.digi.com/browse/DEL-4430
Signed-off-by: Isaac Hermida <isaac.hermida@digi.com>
The readlink command on a real file was expanding to nothing and then
the '/etc/resolv.conf' file was not being updated with the nameservers.
With this change we only run the 'readlink' link command after checking
that the file is actually a symbolic link.
Signed-off-by: Javier Viguera <javier.viguera@digi.com>
Added a post-installation script to disable the wireless interfaces on
module variants without wireless support.
This fixes following messages on boot:
wlan: driver load failure
modprobe: can't load module wlan (extra/wlan.ko): No such device
...
https://jira.digi.com/browse/DEL-3781
Signed-off-by: Javier Viguera <javier.viguera@digi.com>
This 'sed' command was used in the past, when DHCP or MANUAL was
configured in the '/etc/network/interfaces' (for cellular). This is no
longer true as we always configure the interface with a custom (manual)
script.
This was breaking the rest of interfaces when configured to use 'dhcp':
iface eth0 inet manual
umanualc_opts -S -b >/dev/null &
Signed-off-by: Javier Viguera <javier.viguera@digi.com>
The recovery init checks if the configured update package exists and it is valid
before setting a new key and/or formatting the rootfs partition.
This change avoids getting non-booting devices after performing a firmware
update with a non-existing or invalid update package.
https://jira.digi.com/browse/DEL-3959
Signed-off-by: Tatiana Leon <tatiana.leon@digi.com>
- The Bluetooth daemon was always executed before setting up the
hardware, generating several problems specifically in the CCIMX6SBC.
This was causing the Bluetooth driver to override the Bluetooth name
and alias, as well as avoiding any host function on Bluetooth profiles.
Only pairing and ping was working, as well as client profile sides.
- This change also fixes some issues in the CCIMX6UL platforms with the
Bluetooth daemon failing to perform several bluetoothctl operations.
https://jira.digi.com/browse/DEL-4000https://jira.digi.com/browse/DEL-4015
Signed-off-by: David Escalona <david.escalona@digi.com>
If the volume is not found, the partition cannot be wiped since it is attached.
Remove 'update' UBI device in:
* mdev automount script if volume is not found
* recovery init script before formatting 'update' partition
https://jira.digi.com/browse/DEL-3962
Signed-off-by: Tatiana Leon <tatiana.leon@digi.com>
This commit adds mdev support into the recovery ramdisk to
mount/unmount storage devices for the firmware up tool.
Signed-off-by: Mike Engel <Mike.Engel@digi.com>
https://jira.digi.com/browse/DEL-3692
udhcpc's '-n' option means 'Exit if lease is not obtained'.
We want to keep udhcp client alive if lease is not obtained, so when it is
possible, an IP is assigned.
https://jira.digi.com/browse/DEL-3821
Signed-off-by: Tatiana Leon <tatiana.leon@digi.com>
udhcpc options added to 'network/interfaces':
* '-S' to log to syslog too.
* Redirect the output to '/dev/null' not to show messages of the tool running
in background (for example when executing 'ifup').
* '&' to send the udhcp client to background.
https://jira.digi.com/browse/DEL-3821
Signed-off-by: Tatiana Leon <tatiana.leon@digi.com>
- Instead of trying to generate the TrustFence keys in this recipe
when they are not present, depend on the 'virtual/kernel' to
ensure they are already generated. This solves a concurrency problem
when two recipes try to generate TrustFence keys at the same time.
https://jira.digi.com/browse/DEL-3913
Signed-off-by: David Escalona <david.escalona@digi.com>
Allowing to boot a non-encrypted rootfs when encryption is enable is a security
hole: if an attacker can somehow write (offline) to the media, he could flash a
custom unencrypted rootfs and break into the system.
If the system is configured to use encryption, only encrypted rootfs will boot.
Trying to boot a non-encrypted rootfs will fail and power off the device.
https://jira.digi.com/browse/DEL-3829
Signed-off-by: Tatiana Leon <tatiana.leon@digi.com>
The recovery ramdisk already contains functionality for encrypted rootfs
installation. The goal is to centralize all this functionality in the recovery
ramdisk.
https://jira.digi.com/browse/DEL-3829
Signed-off-by: Tatiana Leon <tatiana.leon@digi.com>
For CC6UL, when setting a new key, an "enc" flag must be added to the rootfs in
the "mtdparts" U-Boot variable.
After that a reboot is needed, so the recovery command must be modified to
remove the encryption key and proceed with the rest of commands in the next
boot.
When updating the firmware, a format of the rootfs partition is always
performed, independently if a new encryption key has just been configured.
In case only the encryption key is being configured, we also need to reboot to
format the rootfs properly.
https://jira.digi.com/browse/DEL-3685
Signed-off-by: Tatiana Leon <tatiana.leon@digi.com>
This commit verifies that the wlan1 interface is not already created
and will skip creating the virtual interface if it already exist.
Signed-off-by: Mike Engel <Mike.Engel@digi.com>
https://jira.digi.com/browse/DEL-3917
This commit changes the concurrent mode script to enable always the
AP interface through the wireless device but will warn the use
if the virtual MAC addresses used are the default once.
Signed-off-by: Mike Engel <Mike.Engel@digi.com>
https://jira.digi.com/browse/DEL-3900
The flash_eraseall busybox utility is not used in the ccimx6 and ccimx6ul
platforms. Its corresponding patch (and the library it depends on) can be
removed from the busybox recipe.
https://jira.digi.com/browse/DEL-1320
Signed-off-by: Gabriel Valcazar <gabriel.valcazar@digi.com>
This commit adds the wireless concurrent mode as a default
configuration to the CC6UL machine.
Signed-off-by: Mike Engel <Mike.Engel@digi.com>
https://jira.digi.com/browse/DEL-3818
- While trying to update the system using signed swupdate packages, the
swupdate binary requires a new parameter (-k) to specify the location
of the public key that will be used to verify the update package. At
the moment there is no way to check if a package is signed or not, so
we asume that the existence of the public key in the recovery initramfs
is enough to determine that we want to update the system using signed
packages.
https://jira.digi.com/browse/DEL-3775
Signed-off-by: David Escalona <david.escalona@digi.com>
- The swupdate binary included in the recovery partition when the
images to build are trustfence enabled performs a verification
of the swupdate package. For this verification to suceed, it is
mandatory to provide to the swupdate binary the public key that
will be used to verify the swupdate package. This public key must be
included in the recovery initramfs only when 'TRUSTFENCE_SIGN=1'.
https://jira.digi.com/browse/DEL-3772
Signed-off-by: David Escalona <david.escalona@digi.com>
This recipe is expected to create just an initramfs image, so force the
image FSTYPE with a python anonymous function, so there is no way to
change/append/override it from any other configuration file.
This prevents build failures due to circular dependences if for example
you add:
IMAGE_FSTYPES_append = " recovery.vfat"
to your project's local.conf.
Signed-off-by: Javier Viguera <javier.viguera@digi.com>
The LICENSE is added through the packagegroup bbclass and the checksums
were outdated making the build fail with:
The LIC_FILES_CHKSUM does not match for poky/LICENSE;md5=3f40d7994397109285ec7b81fdeb3b58
https://jira.digi.com/browse/DEL-3451
Signed-off-by: Javier Viguera <javier.viguera@digi.com>
Add critical section in suspend script to avoid that more than
one instance can be executed concurrently. This happens, for
instance, when the power button key is pressed while the system
is resuming, causing issues on the wifi interface.
Signed-off-by: Mike Engel <Mike.Engel@digi.com>
https://jira.digi.com/browse/DEL-3694
According to NXP i.MX Linux Reference Manual:
The full CAAM function is exclusive with the Mega/Fast mix off feature
in DSM. If CAAM is enabled, the Mega/Fast mix off feature needs to be
disabled, and the user should
"echo enabled > /sys/bus/platform/devices/2100000.aips-bus/2100000.caam/2101000.jr0/power/wakeup"
after the kernel boots up, and then Mega/Fast mix will keep the power
on in DSM.
Signed-off-by: Hector Palacios <hector.palacios@digi.com>
https://jira.digi.com/browse/DEL-3636
Add critical section in suspend script to avoid that more than
one instance can be executed concurrently. This happens, for
instance, when the power button key is pressed while the system
is resumming, causing issues on the wifi interface.
https://jira.digi.com/browse/DEL-3431
Signed-off-by: Pedro Perez de Heredia <pedro.perez@digi.com>
We have seen corner cases (e.g. when the partition to format has already
some corrupted UBI metadata) where ubiformat stops and ask the user for
confirmation to do the format. We cannot have such interactivity in the
recovery ramdisk so use the '-y' argument to assume yes for all
questions.
Also use the '-q' (quiet) parameter instead of the '/dev/null'
redirections to remove command's output.
Signed-off-by: Javier Viguera <javier.viguera@digi.com>
This commit adds a wpa supplicant P2P configuration file and configures
the p2p0 interface automatically at pre-up.
Signed-off-by: Alex Gonzalez <alex.gonzalez@digi.com>
For the moment the cloudconnector is provided only as static library, so
the recipe can be simplified.
https://jira.digi.com/browse/DEL-3523
Signed-off-by: Javier Viguera <javier.viguera@digi.com>
Instead of using a hardcoded path to the SWU update package, just get
the filename and search the file in the different mounted partitions
(giving priority to the internal 'update' partition over other external
media).
https://jira.digi.com/browse/DEL-3466
Signed-off-by: Javier Viguera <javier.viguera@digi.com>
For block devices we can get the filesystem in the partition using the
'blkid' command.
This cleans up some warnings on mounting:
EXT4-fs (sda2): couldn't mount as ext3 due to feature incompatibilities
EXT4-fs (sda2): couldn't mount as ext2 due to feature incompatibilities
EXT4-fs (mmcblk0p4): couldn't mount as ext3 due to feature incompatibilities
EXT4-fs (mmcblk0p4): couldn't mount as ext2 due to feature incompatibilities
Signed-off-by: Javier Viguera <javier.viguera@digi.com>
"i" variable in the nested loop is expanded to the absolute path
of the device, so prepending it with the ${device} results in
"/dev/sda/dev/sda1" for a 'sda1' partition.
Signed-off-by: Javier Viguera <javier.viguera@digi.com>
Mike Engel
Tatiana Leon
Sebastian Pastor
Isaac Hermida
Javier Viguera
David Escalona
Gabriel Valcazar
Hector Palacios
Pedro Perez de Heredia
Alex Gonzalez