When changing any of the secure boot configurable macros the Linux kernel
should be re-deployed so that it can be signed/encrypted as needed.
https://jira.digi.com/browse/DEL-2750
Signed-off-by: Alex Gonzalez <alex.gonzalez@digi.com>
We have seen lately random build failures in the buildserver due to
missing QT5 base libraries that are needed when building some other
QT5 packages.
Examples:
Compiling qtdeclarative:
error: cannot open .../tmp/work/cortexa9hf-vfp-neon-mx6qdl-dey-linux-gnueabi/qtbase/5.5.1+gitAUTOINC+5afc431323-r0/build/lib/libQt5Core.so: No such file or directory
error: cannot open .../tmp/work/cortexa9hf-vfp-neon-mx6qdl-dey-linux-gnueabi/qtbase/5.5.1+gitAUTOINC+5afc431323-r0/build/lib/libQt5Network.so: No such file or directory
error: cannot open .../tmp/work/cortexa9hf-vfp-neon-mx6qdl-dey-linux-gnueabi/qtbase/5.5.1+gitAUTOINC+5afc431323-r0/build/lib/libQt5Widgets.so: No such file or directory
The problem here is that 'qtdeclarative' is trying to get the needed
libraries from the 'qtbase' temporary work directory. But because in the
buildserver we have 'rm_work' enabled to save space, sometimes the
rm-work class has removed the 'qtbase' work directory before
'qtdeclarative' has been built, leading to the compilation error.
This is probably a bug in 'meta-qt5', because the different packages
needing QT5 base libraries should take them at compile time from the
sysroot and not from the qtbase work directory.
At the moment just workaround this adding an exception to the rm-work
class to not remove the 'qtbase' temporary work directory.
Signed-off-by: Javier Viguera <javier.viguera@digi.com>
This package is native only, this patch ensures it can only be built
natively and fix the following problems:
* Add openssl-native rather than openssl to the dependencies.
* Use the $(CC) $(LDFLAGS) and $(CFLAGS) that Yocto provides to avoid a
compilation error.
Signed-off-by: Diaz de Grenu, Jose <Jose.DiazdeGrenu@digi.com>
Down the bluetooth interface before entering suspend and up it after resuming
if it is present and up.
https://jira.digi.com/browse/DEL-2806
Signed-off-by: Isaac Hermida <isaac.hermida@digi.com>
The build script was filtering out toolchain builds for all image
recipes not starting with 'dey-image-', but for the CC6UL we are
building by default 'core-image-base', so update the regular expression
to allow building the toolchain for 'core-image-*' image recipes.
https://jira.digi.com/browse/DEL-2837
Signed-off-by: Javier Viguera <javier.viguera@digi.com>
Start syslog earlier (from 20 to 02) so it is running and other init scripts
can use it to log into the system like the S03networking script.
https://jira.digi.com/browse/DEL-2812
Signed-off-by: Isaac Hermida <isaac.hermida@digi.com>
This is needed so the encrypted rootfs is properly resized to the
partition size.
https://jira.digi.com/browse/DEL-2765
Signed-off-by: Javier Viguera <javier.viguera@digi.com>
New functionality has been implemented in trustfence-tool application,
so there is no need to call cryptsetup command.
Signed-off-by: Javier Viguera <javier.viguera@digi.com>
Get filesystem type of rootfs block device and pass it explicitly to the
mount command to clean following warnings on boot:
EXT4-fs (dm-0): couldn't mount as ext3 due to feature incompatibilities
EXT4-fs (dm-0): couldn't mount as ext2 due to feature incompatibilities
Signed-off-by: Javier Viguera <javier.viguera@digi.com>
The region code is programmed in the OTP bits. We want to allow to be able to
override this behavior by setting the new value as a property in the device
tree called "regulatory-domain".
This can be done by setting the variable "regdomain=<code>" in uboot or well
by defining that entry in the device tree.
https://jira.digi.com/browse/DEL-2799
Signed-off-by: Isaac Hermida <isaac.hermida@digi.com>
The country region is programmed in the OTP bits. Based on that value we need
to load the firmware file for the specific country region.
https://jira.digi.com/browse/DEL-2774
Signed-off-by: Isaac Hermida <isaac.hermida@digi.com>
We are including two firmware files: one for setting the country to US and the
other one to set it to the World Wide Roaming region (SKU 0060).
https://jira.digi.com/browse/DEL-2774
Signed-off-by: Isaac Hermida <isaac.hermida@digi.com>
We need a different configuration file, because the SoftAP functionality is
supported using the hostapd package instead of the wpa_supplicant.
https://jira.digi.com/browse/DEL-2744
Signed-off-by: Isaac Hermida <isaac.hermida@digi.com>
TRUSTFENCE_SIGN can be defined to "0" to explicitly disable uImage sign and
encryption.
https://jira.digi.com/browse/DEL-2803
Signed-off-by: Diaz de Grenu, Jose <Jose.DiazdeGrenu@digi.com>
This device tree file corresponds to StarterBoard with ID=129
which corresponds to smart part number CC-WMX6UL-START.
Signed-off-by: Hector Palacios <hector.palacios@digi.com>
The correct U-Boot branch to be used with dey-2.0/master is v2015.04/master, as
it contains the latest development changes (just like dey-2.0/master).
This reverts commit 728619a5bc.
After commit b0a766eafc8 in the U-Boot repository, both signed and
encrypted images will be generated. Copy both of them to the deploy folder
https://jira.digi.com/browse/DUB-642
Signed-off-by: Diaz de Grenu, Jose <Jose.DiazdeGrenu@digi.com>
This allows to automatically create a secure PKI tree without user
interaction.
https://jira.digi.com/browse/DUB-618
Signed-off-by: Diaz de Grenu, Jose <Jose.DiazdeGrenu@digi.com>
NXP Code signing Tool for the High Assurance Boot library is needed for
signing and encrypting different artifacts (U-Boot image, uImage, ...).
As the CST cannot be included in DEY, the user needs to download the
tarball and add it to the recipe folder.
https://jira.digi.com/browse/DUB-618
Signed-off-by: Diaz de Grenu, Jose <Jose.DiazdeGrenu@digi.com>
To build the CC6UL boot image, the u-boot and linux images need to be
already deployed. Also the native mtd-utils package needs to be
available in the sysroot.
Make all this dependences explicit for deterministic reproducibility.
Signed-off-by: Javier Viguera <javier.viguera@digi.com>
U-Boot environment on the CC6UL NAND is located at partition /dev/mtd1:
- original copy is located at offset 0 in the partition
- redundant copy is located 1 erase block (128K) after the original copy
Signed-off-by: Hector Palacios <hector.palacios@digi.com>
https://jira.digi.com/browse/DEL-2552
- Added a checker with the job name to declare the manufacturing var
- Changed the name of the repo manifest file for the manufacturing job
- Added a checker to updated the bblayers.conf file with the mfg layer
Signed-off-by: Diego Escalona <diego.escalona@digi.com>
Extend the report with more details about:
- memory usage
- all network ports (-a) with their related PIDs (-p)
- network link details (to determine if interface is up)
Signed-off-by: Isaac Hermida <isaac.hermida@digi.com>
Alex Gonzalez
Diaz de Grenu, Jose
Javier Viguera
Isaac Hermida
Hector Palacios
Mike Engel
Diego Escalona