In previous versions of swupdate, only one SIGALG_* option could be chosen at
build-time, with SIGALG_RAWRSA being the default option. However, in 2025.12,
multiple SIGALG_* options can now be configured at build-time, allowing users
to choose the signature verification algorithm used at runtime via the
"digest-provider" parameter. We weren't explicitly setting any of these
algorithms in our defconfig, so the resulting builds didn't have any digest
providers, causing swupdate to fail early on when signed images are enabled.
To restore the behavior of previous swupdate versions, explicitly enable
SIGALG_RAWRSA when signed images are enabled. Since we only enable one digest
provider, it will be chosen automatically, without having to explicitly set the
"digest-provider" parameter at runtime.
Signed-off-by: Gabriel Valcazar <gabriel.valcazar@digi.com>
Removed curl_%.bbappend which forced the use of ares over the default
threaded-resolver. We did this customization for NetworkManager long
ago in the context of network failover. Later we dropped it from NM,
but the customization in curl remained.
This saves approx. 100KB in the rootfs (libcares.so).
Signed-off-by: Javier Viguera <javier.viguera@digi.com>
This version of swupdate has a bug that happens if the root of sw-description
is redirected via a link, which is the case is some of our sw-description
templates (such as the one we use for file updates). Backport a fix from
v2025.05.
https://onedigi.atlassian.net/browse/ADK4A-1957
Signed-off-by: Gabriel Valcazar <gabriel.valcazar@digi.com>
dnsmaqs is not able to manage DNS from cellular interface.
Now, DNS is managed by systemd-resolved on platforms with
systemd and by NetworkManager on sysvinit platforms.
https://onedigi.atlassian.net/browse/DEL-9353
Signed-off-by: Francisco Gil <francisco.gilmartinez@digi.com>
This patch includes code that only gets compiled for platforms that use a NAND
as the internal storage. Recent changes in swupdate's "copyfile" API caused
this code to stop building.
Using the normal rdiff handler code as reference, update our custom handler to
fix the build errors. While at it, include another change to prevent a warning.
Signed-off-by: Gabriel Valcazar <gabriel.valcazar@digi.com>
In this version, Config.in files have been renamed to Kconfig, which prevented
one of our patches from applying correctly. Rework the patch to account for
this name change and while at it, update its context.
Signed-off-by: Gabriel Valcazar <gabriel.valcazar@digi.com>
Our distribution is Digi Embedded Yocto (DEY), so use that to mark the
upstream status of the patches in our layer.
Signed-off-by: Javier Viguera <javier.viguera@digi.com>
This commit enables SWU image authentication when TrustFence
is enabled instead of when signing of images is enabled.
This allows the system to authenticate SWU images on images that
have been externally signed.
https://onedigi.atlassian.net/browse/DEL-8891
Signed-off-by: Mike Engel <Mike.Engel@digi.com>
The patch we were using comes from the time during dualboot support development
where said feature was selectable at build time. The patch adds a new build
option, giving the impression that it only gets enabled under certain
circumstances, when in reality:
* The option is never enabled anywhere in our code
* It's a string option that is treated like a boolean, meaning its
respective conditional compilation is always getting compiled even when
disabled
Our current dualboot support is enabled at runtime, so it doesn't make sense to
have a build-time option related to it, especially one that's broken. Replace
the patch with a functionally equivalent one that is less confusing. Also,
remove the related config option from our defconfig.
Signed-off-by: Gabriel Valcazar <gabriel.valcazar@digi.com>
The current log level is very verbose and generates way too much output in some
cases, such as a binary diff update. Reduce the default log level to avoid
this.
Signed-off-by: Gabriel Valcazar <gabriel.valcazar@digi.com>
In theory, libcap's pam_cap module should use libpam's dlopen runtime linking
mechanism, but starting in libcap 2.53, this changed in order to support
distros that can only link it at build-time. Then, in 2.54, a compile-time
option was added (FORCELINKPAM) to allow users to force the link or not. In the
poky recipe for libcap, this option isn't set, so the library was getting
linked by default, dragging all of its dependencies with it.
For more info: https://bugzilla.kernel.org/show_bug.cgi?id=214023
Set the flag to "no" to avoid linking against libpam, removing its dependency
from the recovery image and saving some space.
Signed-off-by: Gabriel Valcazar <gabriel.valcazar@digi.com>
We were using the .cfg suffix for both the build-time config fragments and the
runtime configuration file. During do_configure(), all files in SRC_URI ending
in .cfg were being merged together to create the final build configuration,
including said runtime file, which has a completely different syntax. In most
cases, the contents of this file were being ignored, but when tweaking
swupdate's configuration and re-building the package, sometimes strange errors
would prevent the build from finishing.
Change the runtime file's suffix entirely to separate it from the config
fragments and prevent it from being treated as such, and reflect the name
change in the defconfig and the recovery script.
Signed-off-by: Gabriel Valcazar <gabriel.valcazar@digi.com>
The 'mtd-blacklist' parameter prevents swupdate from acting upon those
partitions that we consider sensitive.
Make such list platform-dependent.
Signed-off-by: Hector Palacios <hector.palacios@digi.com>
The swupdate recipe installs by default a systemd service
and a socket to listen for updates coming from a web server.
DEY only makes use of such service during on-the-fly updates from Cloud
Connector web service.
The default swupdate service fails on images with TrustFence because it's
called with no arguments and there doesn't exist a configuration file.
This commit installs a default configuration file and, if TrustFence is
enabled, sets the parameter 'public-key-file' to point to the public
certificate to use to authenticate SWU packages.
While on it, it removes the same file from the recovery-initramfs recipe
that was the only recipe that was adding such config file for recovery
images only.
Signed-off-by: Hector Palacios <hector.palacios@digi.com>
Commit 429125cce0 created a minimal version 'defconfig'
that doesn't include all the default configuration options
of swupdate.
However, an anonymous python function inside the swupdate
repository establishes dependencies basing on configuration
switches it finds (or not) in the 'defconfig' file and any
additional configuration fragments.
For this reason, a minimal 'defconfig' cannot be used in
this recipe and a full configuration file (that also includes
default options) must be used instead.
Reported-by: Stephan Klatt
Signed-off-by: Hector Palacios <hector.palacios@digi.com>
Signed-off-by: Javier Viguera <javier.viguera@digi.com>
Writing directly into UBI volumes is not allowed, so a special 'rdiff' handler capable of
write data in UBI volumes is required. This commits adds the new handler and enables it in
MTD based systems.
https://onedigi.atlassian.net/browse/DEL-8624
Signed-off-by: David Escalona <david.escalona@digi.com>
The 'RDIFF' handler allows to apply incremental updates using rdiff delta files in the
swu update package. This functionallity is only recommended for read-only file systems,
where the source partition cannot be modified externally by users.
https://onedigi.atlassian.net/browse/DEL-8624
Signed-off-by: David Escalona <david.escalona@digi.com>
Building swupdate with '-j1' fails with:
swupdate$ make -j1
scripts/kconfig/conf --silentoldconfig Kconfig
CC ipc/network_ipc.o
CC ipc/network_ipc-if.o
CC ipc/progress_ipc.o
LD ipc/built-in.o
LD libswupdate.so.0.1
Failed:
aarch64-dey-linux/11.3.0/ld: cannot find ipc-static/lib.a: No such file or directory
collect2: error: ld returned 1 exit status
That's due to trying to link a static library that has not been compiled
yet. That dependence seems spurious and we added it in a patch, so
remove it to fix non-parallel builds.
https://onedigi.atlassian.net/browse/DEL-8445
Signed-off-by: Javier Viguera <javier.viguera@digi.com>
Make the 'defconfig' file a real defconfig by including only differences with respect default
values. While on it, improve the recipe:
- Enable 'BOOTLOADERHANDLER' by default in the 'defconfig'. We were unconditionally setting
this value to 'y' in the recipe, so move it to the default configuration.
- Move 'UBI' configuration values to 'mtd.cfg' file to be added only when device filesystem is
MTD based. Until now, 'UBI' support was always added by default.
- Move the 'SIGNED_IMAGES' configuration entry to a '.cfg' file like we are doing with the rest
of the functionallity. Use 'oe.utils.conditional' checking 'TRUSTFENCE' feature for this.
Signed-off-by: David Escalona <david.escalona@digi.com>
'do_populate_sdk' for dey-image-webkit was not working because of package
nghttp2:
DNF version: 4.11.1
--> Starting dependency resolution
--> Finished dependency resolution
Error:
Problem: package nghttp2-dev-1.47.0-r0.1.cortexa53_crypto requires nghttp2 = 1.47.0-r0.1, but none of the providers can be installed
conflicting requests
nothing provides nghttp2-client >= 1.47.0 needed by nghttp2-1.47.0-r0.1.cortexa53_crypto
nothing provides nghttp2-server >= 1.47.0 needed by nghttp2-1.47.0-r0.1.cortexa53_crypto(try to add '--skip-broken' to skip uninstallable packages)
ERROR: Logfile of failure stored in: proj/ccimx8mm-dvk/tmp/work/ccimx8mm_dvk-dey-linux/dey-image-webkit/1.0-r0/temp/log.do_populate_sdk.2923894
ERROR: Task (dey/4.0/sources/meta-digi/meta-digi-dey/dynamic-layers/webkit/recipes-core/images/dey-image-webkit.bb:do_populate_sdk) failed with exit code '1'
This commit creates a bbapend to allow empty 'nghttp2-client' and
'nghttp2-server' packages because 'nghttp2-dev' depends on 'nghttp2' that
depends on
'${PN}-client (>= ${PV}) ${PN}-proxy (>= ${PV}) ${PN}-server (>= ${PV})' per
the recipe at poky.
https://onedigi.atlassian.net/browse/DEL-8380
Signed-off-by: Tatiana Leon <Tatiana.Leon@digi.com>
The commits in Digi clone have been merged to the public
libsoc repo.
Adjust the SRCREV to the latest available commit at the moment
(545b354968a9d03008e1e86e14c58e3f8423a20c) and remove the
dependency with Digi clone.
Signed-off-by: Hector Palacios <hector.palacios@digi.com>
https://onedigi.atlassian.net/browse/DEL-8218
meta-swupdate updated swupdate to version v2022.12, so we need to update
our bbappend to apply to that version. Otherwise firmware update is
failing due to some missing swupdate handlers.
As our bbappend is generic enough, use a wildcard bbappend so it applies
to all swupdate versions.
Signed-off-by: Javier Viguera <javier.viguera@digi.com>
This commit removes the on-target post installation function for read-only rootfs,
as it will fail trying to edit files.
Signed-off-by: Mike Engel <Mike.Engel@digi.com>
The variable dualboot might not be defined or well have an invalid
value. Just keep the service running if it is a dualboot model.
https://onedigi.atlassian.net/browse/DEL-8264
Signed-off-by: Isaac Hermida <isaac.hermida@digi.com>
On recovery based devices, the swupdate process is executed in the
recovery, so there is no need to have the swupdate daemon running on the
rootfs.
Add a on-target post installation script to disable the swupdate
bootscript on the normal rootfs. This has the side effect of failing in
the recovery initramfs because the initramfs does not have a complete
SysV init system. For that case add a rootfs postprocess function to
delete the postinst script.
Signed-off-by: Javier Viguera <javier.viguera@digi.com>
Since commit 554b97a ("swupdate: Set service type to notify") in meta-swupdate
layer, the swupdate service fails on boot due to the following timeout error:
swupdate.sh[2708]: [TRACE] : SWUPDATE running : [listener_create] : creating socket at /tmp/swupdateprog
swupdate.sh[2708]: [TRACE] : SWUPDATE running : [listener_create] : creating socket at /tmp/sockinstctrl
systemd[1]: swupdate.service: start operation timed out. Terminating.
systemd[1]: swupdate.service: Failed with result 'timeout'.
systemd[1]: Failed to start SWUpdate daemon.
This commit adds a config fragment to enable systemd support to swupdate daemon.
Signed-off-by: Arturo Buzarra <arturo.buzarra@digi.com>
One patch adds support for building the library statically and the other is a
fix for performing firmware update on the fly. These patches have been moved
from the meta-digi-dualboot layer
https://onedigi.atlassian.net/browse/DEL-7903
Signed-off-by: Arturo Buzarra <arturo.buzarra@digi.com>
(cherry picked from commit 94018f7402586b916c5c7836eb355a19a78a9c51)
In meta-openembedded commit 35d249bb9a575a5a48491052896e121266d515f0,
libconfig, one of swupdate's dependencies, was split into two packages: one for
the C library and another for the C++ one. swupdate depends only on the C
library, but the C++ library was implicitly pulling in other dependencies, such
as libgcc.
After the commit mentioned above, libgcc stopped being pulled into our recovery
image, causing the following error to appear when swupdate terminates:
libgcc_s.so.1 must be installed for pthread_cancel to work
Aborting
Even if the action carried out by swupdate is successful, our recovery script
detects this as an error and aborts the update operation. Avoid this by
explicitly adding libgcc as a runtime dependency for swupdate.
Signed-off-by: Gabriel Valcazar <gabriel.valcazar@digi.com>
We originally included this recipe to fix some vulnerabilities in the dnsmasq
version used in zeus (v2.80), but the recipe has been updated since then. The
current version used by default in hardknott is v2.85.
Signed-off-by: Gabriel Valcazar <gabriel.valcazar@digi.com>
Remove the v3.0.8 version of the recipe to use the v3.0.9 recipe in poky. Also,
adapt our .bbappend since some of its changes are outdated.
Signed-off-by: Gabriel Valcazar <gabriel.valcazar@digi.com>
We initially backported v4.5.2.imx into gatesgarth, but since that version is
already available in meta-freescale, remove the base recipe and keep only the
.bbappend.
Signed-off-by: Gabriel Valcazar <gabriel.valcazar@digi.com>
Gabriel Valcazar
Javier Viguera
Francisco Gil
Mike Engel
Isaac Hermida
Hector Palacios
David Escalona
Arturo Buzarra
Tatiana Leon