Add a user space application to manage the bootcount from the running system. This application
allows to read, reset and set the bootcount:
Usage: bootcount [options]
-r --read Read the current bootcount value (Default action)
-s <value> --set=<value> Set current bootcount to a specific value.
-x --reset Reset bootcount value to zero.
The binary checks the running platform underneath to perform the correct system access.
While on it, add a service to automatically execute the binary on boot to reset the bootcount value.
https://onedigi.atlassian.net/browse/DEL-8506
Signed-off-by: David Escalona <david.escalona@digi.com>
This commit adds sha256 entry for the script files into
the sw-descrition. It is necessary for the Trustfence
authentication to have the included script files signed.
https://onedigi.atlassian.net/browse/DEL-8649
Signed-off-by: Mike Engel <Mike.Engel@digi.com>
This variable is only needed in the cc6ul, that's the reason
to create another sw-description only for the ccimx6ul.
Signed-off-by: Francisco Gil <francisco.gilmartinez@digi.com>
When TrustFence is enabled, a PKI tree is generated.
In the case of NXP platforms, the PKI contains public certificates
from which the public key needs to be extracted using an openssl
command.
In the case of STM platforms, the PKI contains directly the
public key.
In all cases, we need the public key to be installed in the
rootfs /etc/ssl/certs/ folder, so that it can be used by
swupdate to authenticate signed SWU packages.
Up to now, this was being done on the dualboot recipe, but the
installation of the public key should really be only dependant
on the fact of TF being enabled.
This commit:
- Removes the generation of the public key from dualboot.bb.
- Generates a patch to extract the public key from the certificate
as part of the PKI tree generation (on NXP platforms).
- Installs the public key during a post install function after
the final rootfs has been created.
- For NXP platforms, extracts the public key using openssl if
it does not exist (for backwards compatibility).
Signed-off-by: Hector Palacios <hector.palacios@digi.com>
Implement a new mechanism to allow users to create update packages based on differences for read-only
systems. The update mechanism requires full knowledge of the current software running on the device in order
to compute a sensitive patch. For this reason, only systems without user modifications in the rootfs/boot
partitions are eligible for this kind of updates. At the moment, only the 'rootfs' partition supports the
read-only squashfs file system type, so it is the only partition supporting incremental updates. The 'boot'
partition will still be updated but as a full image.
This new feature is done making use of the SWUpdate 'rdiff' handler, which applies binary deltas with the
functionallity provided by the rsync library. During the update process, the contents of the active 'rootfs'
partition are read as the base and written to the inactive 'rootfs' partition applying the delta binary patch
on-the-fly. To ensure the delta file is applied using the correct base, the firmware update process verifies
the contents of the 'rootfs' base partition before applying the update.
The binary delta file is automatically generated by the DEY build system using the resulting 'rootfs' squashfs
image as target and the user specified file as source. The file is then packaged with the rest of components in
the SWU update image. Users must specify the base source file in their project configuration file using the
new variable 'SWUPDATE_RDIFF_ROOTFS_SOURCE_FILE'. Also, 'read-only-rootfs' image feature should be set in the
project to generate this new SWU update package.
Since a base and a target 'rootfs' partition is required during the update, only 'dualboot' systems can benefit
from this new feature.
Note: If variable 'SWUPDATE_RDIFF_ROOTFS_SOURCE_FILE' is configured in the project but any of 'SWUPDATE_FILES_LIST'
or 'SWUPDATE_FILES_TARGZ_FILE' variables is also set, the build system will prioritize a SWU update package
based on files instead of a differences package.
https://onedigi.atlassian.net/browse/DEL-8624
Signed-off-by: David Escalona <david.escalona@digi.com>
We expect new types of SWU update packages to be created in the future. To avoid splitting
all the code in different classes based on the update type, create the generic class
'dey-swupdate' to hold all the custom code and the 'dey-swupdate-common' class to hold all
the required variables. This basically renames the old 'swupdate-files' and 'swupdate-files-common'
classes.
While on it, reorganize the 'swupdate-images' recipe to move variable declarations and
functionallity to the correct place:
- Move all variable declarations to 'swupdate-digi-common' class and organize them in
functional groups.
- Improve the way files are included in the 'SWUPDATE_IMAGES' by using the update type
variables.
- Move the update script copy to the 'do_swuimage' prepend function. Until now, the copy
process was executed in the 'fill_description' method, which should only touch the
'sw-description' file.
- Rename some variables to use 'SWUPDATE' prefix.
- Minor cosmetic changes.
https://onedigi.atlassian.net/browse/DEL-8624
Signed-off-by: David Escalona <david.escalona@digi.com>
fill_description copies some artifacts to the images deploy directory,
so that should be created beforehand. Otherwise it may fail on the
'do_unpack' task depending on how bitbake schedules the tasks.
Signed-off-by: Javier Viguera <javier.viguera@digi.com>
Implement a new mechanism to allow users to create update packages based on files and folders to modify
the active system.
This is done through the new class 'swupdate-files', which creates a tar.gz update file in the image
distribution output directory containing all the files and directories to create/update. The 'tar.gz'
file is used later by the 'swu-images' recipe to generate the final SWUpdate package. The SWU package
installation process extracts the tar.gz file in the root folder ("/") of the active system.
Users can specify the list of files and directories to include in the update package using the
'SWUPDATE_FILES_LIST' variable. These files will be directly copied from the generated system rootfs and
placed in the tar.gz archive. Additionally, users can provide their custom 'tar.gz' file to use in the update
by specifying its location in the 'SWUPDATE_FILES_TARGZ_FILE' variable. In any case, all the paths to include
in the update package must be relative to "/", as it is the base directory where tar.gz file contents are
extracted.
The update process for dual boot systems sets a new u-boot flag so that active bank is not swapped once
installation is complete and system reboots.
The SWU update mechanism based on files provides a custom update script which takes care of preparing the
system for the installation process. Just like in the SWU updates based on images, users can customize this
script or override it with the 'SWUPDATE_SCRIPT' variable, specifying the location of the new script to use.
If both the 'SWUPDATE_FILES_LIST' and 'SWUPDATE_FILES_TARGZ_FILE' variables are empty, a standard images
SWUpdate package will be generated instead.
Signed-off-by: David Escalona <david.escalona@digi.com>
Enable scripting support during the installation of system images with SWU. A new shell
script is included by default in all the SWU update packages that will be executed just
before the update starts and just after it finishes. The script is empty and contains two
place-holders that will be called in the two scenarios mentioned before.
Users can customize this script to execute specific actions based on their final product
needs or provide their own one by setting its location in the 'SWUPDATE_SCRIPT' variable.
While on it, rename the 'sw-description_template' file to 'sw-description-images_template'
as it is more accurate with the update mechanism it is used for.
Signed-off-by: David Escalona <david.escalona@digi.com>
The fact of including both storage types (mtd and mmc) in the same 'sw-description' file is not providing any kind
of benefit. Instead, it makes the file larger, complex and harder to maintain. Additionally, most of the images
entries share the same structure and contents, changing only names and mount points. This commit simplifies the
'sw-description' file by configuring the storage type and the images to include in the SWU package at build
time, using a generic 'sw-description' template and template files for 'mmc' and 'mtd' images.
While on it, use the new 'DEY_FIRMWARE_VERSION' variable for SWU package version and fix the recipe to not include
all 'SRC_URI' files in the SWU update image, but only the required files for the update. Also, make use of variable
substitution provided by SWU class in the 'sw-description' file.
Note: SWU U-Boot update will be broken after this change. Waiting for official support with a robust implementation.
https://onedigi.atlassian.net/browse/DEL-8537https://onedigi.atlassian.net/browse/DEL-8538
Signed-off-by: David Escalona <david.escalona@digi.com>
While on it, rename the old "Firmware" variable to "DEY version", as it refers explicity to the DEY
distribution version.
https://onedigi.atlassian.net/browse/DEL-8539
Signed-off-by: David Escalona <david.escalona@digi.com>
If 'CC_DEVICE_TYPE' is not defined or it is empty use 'MACHINE' as the device
type in the Cloud Connector configuration file.
This commit also limits its length to a maximum of 255 characters.
https://onedigi.atlassian.net/browse/DEL-8531
Signed-off-by: Tatiana Leon <Tatiana.Leon@digi.com>
In a squashfs the mount points are different and the current logic
wasn't working.
It's more reliable to check the /proc/cmdline to determine if
the system is a nand or an emmc.
Added also logic to get the active partition in nand devices
when the rootfs is squashfs.
https://onedigi.atlassian.net/browse/DEL-8558
Signed-off-by: Francisco Gil <francisco.gilmartinez@digi.com>
When a squashfs image is flashed we need to delete the compression
field in the swupdate descriptor.
Also the rootfstype u-boot variable needs to be set to squashfs.
https://onedigi.atlassian.net/browse/DEL-8558
Signed-off-by: Francisco Gil <francisco.gilmartinez@digi.com>
The root file system requires the public key to authenticate SWU files.
For NXP platforms, the public key is extracted from the certificate.
For STM platforms, simply copy the public key over to the rootfs.
Signed-off-by: Hector Palacios <hector.palacios@digi.com>
Several recipes depend on the PKI creation.
Create a small recipe to just run this function which
is moved from the trustfence.bbclass.
Signed-off-by: Hector Palacios <hector.palacios@digi.com>
dualboot and recovery recipes may require to use the keys so they must
depend on the recipe that installs the script that generates them.
Signed-off-by: Hector Palacios <hector.palacios@digi.com>
This commit syncs the device request code to match with the latest 'cc_api'
layer implementation.
See commit 99a2ff39b771f0e36af8d15d40f970462352e0b6 in 'cc_api' repository and
commit d8c848fc2f516a6c2197181f7540c9c23feaf44f in 'cc_dey' repository.
Signed-off-by: Tatiana Leon <Tatiana.Leon@digi.com>
Connector creates detached threads and calling to 'wait_for_ccimp_threads()' is
not required.
See commit d34ddfb719932ae59774b388579b7d6a77472c4f in 'cc_dey' repository.
Signed-off-by: Tatiana Leon <Tatiana.Leon@digi.com>
* Remove 'MAX_RESPONSE_SIZE' define and allocate required memory in
'device_request_listener' example.
* Create 'free_timestamp()' function in 'upload_data_points' example.
* Use some sorter variable names.
* Use '__func__' to log function names.
* Remove line feed from log messages.
* Remove not required curly braces for single line loops.
Signed-off-by: Tatiana Leon <Tatiana.Leon@digi.com>
Cloud Connector configuration file sets:
* 'edp12.devicecloud.com' as the URL to connect to (this end point uses client
certificates)
* '/mnt/data' as the directory to store downloaded certificates, now that
this is also available in emmc platforms (see
62d937df42)
This commit:
* reverts a0842cbcfd to keep
'edp12.devicecloud.com' URL that uses certificates for ccimx8m platforms.
* reverts fd94f10c0b since now the cloud connector
configuration file sets '/mnt/data' as the place to store downloaded
certificates, so no need to modify it for ccmp1 platforms.
* It also configures '/etc/ssl/certs' as the certificates directory for cc6ul
devices. Although by default, these devices are connecting to
'remotemanager.digi.com' that not uses certificates, we prefer to use an
existing directory in that setting. See commit
063a946e7c.
Signed-off-by: Tatiana Leon <Tatiana.Leon@digi.com>
'environment' partition is not available in the ccmp15.
The solution suggested is read the "/proc/mounts" and check if the 'rootfs' is
'ubifs' mounted.
Related to commits 7c07b15370 and
678eaaf0fc4ce74e67682387e3465eb29659bd47
Signed-off-by: Tatiana Leon <Tatiana.Leon@digi.com>
This commit adds a new function to get the active system in a dualboot device
without using 'active_system' U-Boot variable.
This way the script always knows the real active system even when the variable
'active_system' has the value of the next boot active system, for example, after
performing a 'update-firmware --swap-active-system'.
https://onedigi.atlassian.net/browse/DEL-8399
Signed-off-by: Tatiana Leon <Tatiana.Leon@digi.com>
This option combined with '-a' ('--active') only prints the active block: a or b
The purpose an output to be consumed by other scripts or programs.
https://onedigi.atlassian.net/browse/DEL-8399
Signed-off-by: Tatiana Leon <Tatiana.Leon@digi.com>
Check the second ('/') and third ('ubifs') field of 'rootfs' entry in
'/proc/mounts' as the first one ('rootfs_a' or 'rootfs_b') may be changed by
custormers:
root@ccmp15-dvk:~# cat /proc/mounts
ubi0:rootfs_b / ubifs rw,relatime,assert=read-only,ubi=0,vol=5 0 0
[...]
https://onedigi.atlassian.net/browse/DEL-8399
Signed-off-by: Tatiana Leon <Tatiana.Leon@digi.com>
This is required for the firmware update using Digi Remote Manager. The reboot
is commanded by the server, it that does not happen the update process is not
ended for DRM.
https://onedigi.atlassian.net/browse/DEL-8399
Signed-off-by: Tatiana Leon <Tatiana.Leon@digi.com>
The stand-alone signing script 'trustfence-sign-artifact.sh' checks
if a valid PKI tree exists (by checking the existance of four SRK
files) and if they don't, it calls trustfence-gen-pki.sh (which is
a wrapper over different generators (for HAB or AHAB) to create one.
Recipes such as 'dualboot' or 'recovery-initramfs' may need to call
openssl functions over the PKI tree. These recipes do not currently
generate the PKI tree; they expect it to be already in place.
This might not be the case if the trustfence-sign-artifact.sh script
has not been called yet.
Originally, a fake dependency on virtual/kernel recipe was made to
force it, but it doesn't quite work since the calling only happens
on deploy() while regular DEPENDS doesn't wait for this task.
If the PKI does not exist, a recipe that requires the PKI tree will
fail.
The solution is to create a function on the trustfence.bbclass that
allows any recipe to check for the existance of a PKI tree and
generate it if it doesn't exist. This is repeated inside the
trustfence-sign-artifact.sh, but it needs to be in both places
because this script must work stand-alone.
The generation of the PKI tree takes some seconds so this commit
adds a lock dir to prevent race conditions when called from
different recipes.
It also removes the fake dependency on virtual/kernel and adds a
dependency on trustfence-cst-native (which is the recipe that
provides the PKI generation tool).
Signed-off-by: Hector Palacios <hector.palacios@digi.com>
https://onedigi.atlassian.net/browse/DEL-8430
(cherry picked from commit 6a8bf7afff)
This commit modifies the cloud connector configuration to use
'remotemanager.digi.com' URL since it does not use certificates for the
connection.
'edp12.devicecloud.com' only allows connections with certificates.
The certificate is downloaded during the first device connection to DRM and
stored in '/etc/ssl/certs' directory inside the 'rootfs' partition.
Following connections must use this certificate.
After a firmware update 'rootfs' partition is re-programmed (standard boot)
or changed to use the corresponding partition of the other block (dual boot). In
any case the certificate downloaded is not available anymore, so the device is
not able to reconnect.
Currently there is no a 'immutable' partition to store the certificate, that is,
a place where the certificate is not removed during a firmware update and can
be used by the cloud connector (similar to the 'data' partition on a ccmp1)
Related to commit 063a946e7c.
https://onedigi.atlassian.net/browse/DEL-8400
Signed-off-by: Tatiana Leon <Tatiana.Leon@digi.com>
By launching in system mode it is possible to play music from a shell using
pulseaudio. With change all platforms and images (with or without graphical
support) have pulseaudio working.
https://onedigi.atlassian.net/browse/DEL-8417
Signed-off-by: Tatiana Leon <Tatiana.Leon@digi.com>
True is the default since long time ago, and thus not necessary. This
follows similar changes done in other layers.
Command used:
sed -e 's|\(d\.getVar \?\)( \?\([^,()]*\), \?True)|\1(\2)|g' -i $(git grep -E 'getVar ?\( ?([^,()]*), ?True\)' | cut -d':' -f1 | sort -u)
Signed-off-by: Javier Viguera <javier.viguera@digi.com>
Packages bluez5-init, cloudconnector, and connectcore-demo-example-webkit
provide a launcher script that is used regardless of the init system being
systemd or sysvinit. Those launcher scripts use the '/etc/init.d/functions'
file, which is provided by the 'initscripts-functions' runtime package,
so add that runtime dependence.
Signed-off-by: Javier Viguera <javier.viguera@digi.com>
On boot, ConnectCore 6UL was failing to start pulse audio since it was trying
to use journalctl as log target when systemd is not included.
Boot error:
Starting Dropbear SSH server: dropbear.
W: [pulseaudio] main.c: This program is not intended to be run as root (unless --system is specified).
E: [pulseaudio] log.c: Invalid log target.
E: [pulseaudio] cmdline.c: Invalid log target: use either 'syslog', 'stderr' or 'auto' or a valid file name 'file:<path>', 'newfile:<path>'.
E: [pulseaudio] main.c: Failed to parse command line.
Starting bluetooth: bluetoothd.
While on it change the 'connectcore-demo-server' priority to be launched after
pulseaudio when not using systemd.
Signed-off-by: Tatiana Leon <Tatiana.Leon@digi.com>
Move 'video-examples' and 'webglsamples' recipes outside dynamic-layers/webkit
so platforms without 'webkit' support (such as ConnectCore 6UL) are able to
include and build successfully the complete 'connectcore-demo-example'
Related to 0b9b73afc8
Signed-off-by: Tatiana Leon <Tatiana.Leon@digi.com>
This commit separates the original 'connectcore-demo-example' package in 3
packages:
1. 'server' package. It contains the 'demoserver.py' script and its
corresponding systemd service and init script.
This script is required for the local demo and to be used with the
Bluetooth application (during the get started process)
2. 'example' package. It contains the html and required resources (images,
javascript, etc.) to use the demo locally, except for the multimedia
resources.
This package depends (in runtime) on the 'server' package.
3. 'multimedia' package. It contains the multimedia html and required
resources (images, javascript, videos, etc.) to use the multimedia demo
features locally.
This package depends (in runtime) on the 'example' package and also on
'video-examples' and 'webglsamples' packages.
This split allows to select the required demo packages per platform and image
type.
By default, the 'multimedia' package is the one included in the webkit images,
but the 'example' package is the one included in the rest of images.
Signed-off-by: Tatiana Leon <Tatiana.Leon@digi.com>
This commit is similar to those required to launch crank applications on top of
weston in ConnectCore MP 15 platform, it must wait for the socket
'/run/user/0/wayland-1' after weston is initialized.
See commits 7de8270beda64236cdd1c46857906315a37dc4fe and
1ec5cc172c.
Signed-off-by: Tatiana Leon <Tatiana.Leon@digi.com>
Several fixes to the runtime dependences:
* Use new override syntax with ':'
* There is not "dualboot-init" package only "dualboot"
* Delete dependence on trustfence-tool
While on it, define do_configure and do_compile as noexec, because those
tasks do not need to execute, and remove the wrong PACKAGE_ARCH entry
(as this package is arch/machine agnostic)
Signed-off-by: Javier Viguera <javier.viguera@digi.com>
This commit removes unused platform images to reduce the final size in the
rootfs.
https://onedigi.atlassian.net/browse/DEL-8335
Signed-off-by: Arturo Buzarra <arturo.buzarra@digi.com>
David Escalona
Mike Engel
Francisco Gil
Hector Palacios
Javier Viguera
Tatiana Leon
Isaac Hermida
Arturo Buzarra