The recovery ramdisk already contains functionality for encrypted rootfs
installation. The goal is to centralize all this functionality in the recovery
ramdisk.
https://jira.digi.com/browse/DEL-3829
Signed-off-by: Tatiana Leon <tatiana.leon@digi.com>
For CC6UL, when setting a new key, an "enc" flag must be added to the rootfs in
the "mtdparts" U-Boot variable.
After that a reboot is needed, so the recovery command must be modified to
remove the encryption key and proceed with the rest of commands in the next
boot.
When updating the firmware, a format of the rootfs partition is always
performed, independently if a new encryption key has just been configured.
In case only the encryption key is being configured, we also need to reboot to
format the rootfs properly.
https://jira.digi.com/browse/DEL-3685
Signed-off-by: Tatiana Leon <tatiana.leon@digi.com>
This commit verifies that the wlan1 interface is not already created
and will skip creating the virtual interface if it already exist.
Signed-off-by: Mike Engel <Mike.Engel@digi.com>
https://jira.digi.com/browse/DEL-3917
This commit changes the concurrent mode script to enable always the
AP interface through the wireless device but will warn the use
if the virtual MAC addresses used are the default once.
Signed-off-by: Mike Engel <Mike.Engel@digi.com>
https://jira.digi.com/browse/DEL-3900
The flash_eraseall busybox utility is not used in the ccimx6 and ccimx6ul
platforms. Its corresponding patch (and the library it depends on) can be
removed from the busybox recipe.
https://jira.digi.com/browse/DEL-1320
Signed-off-by: Gabriel Valcazar <gabriel.valcazar@digi.com>
This commit adds the wireless concurrent mode as a default
configuration to the CC6UL machine.
Signed-off-by: Mike Engel <Mike.Engel@digi.com>
https://jira.digi.com/browse/DEL-3818
- While trying to update the system using signed swupdate packages, the
swupdate binary requires a new parameter (-k) to specify the location
of the public key that will be used to verify the update package. At
the moment there is no way to check if a package is signed or not, so
we asume that the existence of the public key in the recovery initramfs
is enough to determine that we want to update the system using signed
packages.
https://jira.digi.com/browse/DEL-3775
Signed-off-by: David Escalona <david.escalona@digi.com>
- The swupdate binary included in the recovery partition when the
images to build are trustfence enabled performs a verification
of the swupdate package. For this verification to suceed, it is
mandatory to provide to the swupdate binary the public key that
will be used to verify the swupdate package. This public key must be
included in the recovery initramfs only when 'TRUSTFENCE_SIGN=1'.
https://jira.digi.com/browse/DEL-3772
Signed-off-by: David Escalona <david.escalona@digi.com>
This recipe is expected to create just an initramfs image, so force the
image FSTYPE with a python anonymous function, so there is no way to
change/append/override it from any other configuration file.
This prevents build failures due to circular dependences if for example
you add:
IMAGE_FSTYPES_append = " recovery.vfat"
to your project's local.conf.
Signed-off-by: Javier Viguera <javier.viguera@digi.com>
The LICENSE is added through the packagegroup bbclass and the checksums
were outdated making the build fail with:
The LIC_FILES_CHKSUM does not match for poky/LICENSE;md5=3f40d7994397109285ec7b81fdeb3b58
https://jira.digi.com/browse/DEL-3451
Signed-off-by: Javier Viguera <javier.viguera@digi.com>
Add critical section in suspend script to avoid that more than
one instance can be executed concurrently. This happens, for
instance, when the power button key is pressed while the system
is resuming, causing issues on the wifi interface.
Signed-off-by: Mike Engel <Mike.Engel@digi.com>
https://jira.digi.com/browse/DEL-3694
According to NXP i.MX Linux Reference Manual:
The full CAAM function is exclusive with the Mega/Fast mix off feature
in DSM. If CAAM is enabled, the Mega/Fast mix off feature needs to be
disabled, and the user should
"echo enabled > /sys/bus/platform/devices/2100000.aips-bus/2100000.caam/2101000.jr0/power/wakeup"
after the kernel boots up, and then Mega/Fast mix will keep the power
on in DSM.
Signed-off-by: Hector Palacios <hector.palacios@digi.com>
https://jira.digi.com/browse/DEL-3636
Add critical section in suspend script to avoid that more than
one instance can be executed concurrently. This happens, for
instance, when the power button key is pressed while the system
is resumming, causing issues on the wifi interface.
https://jira.digi.com/browse/DEL-3431
Signed-off-by: Pedro Perez de Heredia <pedro.perez@digi.com>
We have seen corner cases (e.g. when the partition to format has already
some corrupted UBI metadata) where ubiformat stops and ask the user for
confirmation to do the format. We cannot have such interactivity in the
recovery ramdisk so use the '-y' argument to assume yes for all
questions.
Also use the '-q' (quiet) parameter instead of the '/dev/null'
redirections to remove command's output.
Signed-off-by: Javier Viguera <javier.viguera@digi.com>
This commit adds a wpa supplicant P2P configuration file and configures
the p2p0 interface automatically at pre-up.
Signed-off-by: Alex Gonzalez <alex.gonzalez@digi.com>
For the moment the cloudconnector is provided only as static library, so
the recipe can be simplified.
https://jira.digi.com/browse/DEL-3523
Signed-off-by: Javier Viguera <javier.viguera@digi.com>
Instead of using a hardcoded path to the SWU update package, just get
the filename and search the file in the different mounted partitions
(giving priority to the internal 'update' partition over other external
media).
https://jira.digi.com/browse/DEL-3466
Signed-off-by: Javier Viguera <javier.viguera@digi.com>
For block devices we can get the filesystem in the partition using the
'blkid' command.
This cleans up some warnings on mounting:
EXT4-fs (sda2): couldn't mount as ext3 due to feature incompatibilities
EXT4-fs (sda2): couldn't mount as ext2 due to feature incompatibilities
EXT4-fs (mmcblk0p4): couldn't mount as ext3 due to feature incompatibilities
EXT4-fs (mmcblk0p4): couldn't mount as ext2 due to feature incompatibilities
Signed-off-by: Javier Viguera <javier.viguera@digi.com>
"i" variable in the nested loop is expanded to the absolute path
of the device, so prepending it with the ${device} results in
"/dev/sda/dev/sda1" for a 'sda1' partition.
Signed-off-by: Javier Viguera <javier.viguera@digi.com>
recovery-utils allows to configure recovery commands and reboot into
recovery mode.
Internal recovery-utils.git SHA1: 5555d4c736e3
https://jira.digi.com/browse/DEL-3358
Signed-off-by: Javier Viguera <javier.viguera@digi.com>
This is a clone from the original psplash recipe init script
but with the added fix:
@@ -25,5 +25,7 @@
read rotation < /etc/rotation
fi
-/usr/bin/psplash --angle $rotation &
+if [ -c "${FBDEV:-/dev/fb0}" ]; then
+ /usr/bin/psplash --angle $rotation &
+fi
which avoids running the application when there is no framebuffer
in the system. This prevents the following error message during
boot:
Error opening /dev/fb0: No such file or directory
Signed-off-by: Hector Palacios <hector.palacios@digi.com>
https://jira.digi.com/browse/DEL-2747
- Include psplash package in the recovery initramfs recipe.
- Start psplash in the recovery init.
- Add new methods to communicate with psplash from the init script.
- Show psplash progress information from the init script.
- Start progress binary to update psplash during a firmware update.
https://jira.digi.com/browse/DEL-3356
Signed-off-by: David Escalona <david.escalona@digi.com>
- Added a 5 seconds delay before mounting external disks so they have
time to be recognized in the system.
- Check if UBI volume is mounted before formatting it.
- Check if eMMC block device exists before formatting it.
Signed-off-by: David Escalona <david.escalona@digi.com>
- This recipe generates the recovery ramdisk image with the contents of the
recovery ramdisk tree (recovery-initramfs) and other packages.
Signed-off-by: David Escalona <david.escalona@digi.com>
Bringing the Bluetooth interface down and up during suspend
is not needed and it even showed problems on the Starter Board
where the Bluetooth interface does not come up again after
having been brought down in suspend.
Signed-off-by: Hector Palacios <hector.palacios@digi.com>
https://jira.digi.com/browse/DEL-3416https://jira.digi.com/browse/DEL-3081
Separately add 'dey-gstreamer' to ccimx6ulsbc platform.
This platform does not have 'accel-video' but we want gstreamer
for using it with video/camera.
Signed-off-by: Hector Palacios <hector.palacios@digi.com>
https://jira.digi.com/browse/DEL-2358
Remove preventive delays during the removal of Bluetooth and Wireless
interfaces. Tests revealed they are not needed.
Signed-off-by: Hector Palacios <hector.palacios@digi.com>
The loading of the wireless module without proper arguments does nothing.
Besides, if the interface was down before going to suspend, there is no
need for the wireless module to be loaded.
The wireless module will be loaded nevertheless (with proper arguments)
when the interface is brought up.
Signed-off-by: Hector Palacios <hector.palacios@digi.com>
https://jira.digi.com/browse/DEL-3241
The suspend script was unloading the wireless module driver *only* if the
interface 'wlan0' was previously up. If the interface is down the module
does not unload and the system fails to suspend.
This patch removes the module always if it appears in the list of loaded
modules.
While on it, move the unloading of wireless after the unloading of
Bluetooth, to be in line with the reversed order in which they are loaded
on the resume_interfaces() call.
Signed-off-by: Hector Palacios <hector.palacios@digi.com>
https://jira.digi.com/browse/DEL-3241
Use the static binary from the tarball, which should be common across
different platforms and operating systems.
https://jira.digi.com/browse/DEL-3261
Signed-off-by: Javier Viguera <javier.viguera@digi.com>
The u-boot header is required for U-Boot to boot the image in secure boot.
The cpio.gz.u-boot.tf image gets signed and encrpyted if required.
https://jira.digi.com/browse/DEL-3242
Signed-off-by: Diaz de Grenu, Jose <Jose.DiazdeGrenu@digi.com>
Also change the image type of dey-image-trustfence-initramfs.
https://jira.digi.com/browse/DUB-615
Signed-off-by: Diaz de Grenu, Jose <Jose.DiazdeGrenu@digi.com>
The ccimx6ul has a small NAND flash rootfs partition, and removing
package-management image feature saves around 10MB.
https://jira.digi.com/browse/DEL-3058
Signed-off-by: Isaac Hermida <isaac.hermida@digi.com>
The name "ext-eth" seems to indicate "External Ethernet". Rename that variable
and related ones to a more proper name like second ethernet.
Signed-off-by: Isaac Hermida <isaac.hermida@digi.com>
This reverts commit b8f50680e5.
The support to read and write to an encrypted environment has been added, so
there is no need to exclude the u-boot-fw-utils anymore.
https://jira.digi.com/browse/DEL-2836
Signed-off-by: Diaz de Grenu, Jose <Jose.DiazdeGrenu@digi.com>
Add commented lines as example to configure and run the wlan0 interface in AP
mode using hostapd daemon.
https://jira.digi.com/browse/DEL-2913
Signed-off-by: Isaac Hermida <isaac.hermida@digi.com>
enabled
There is currently no support on fw_printenv/fw_setenv to access an
encrypted environment.
This commit removes the package if U-Boot environment encryption is
enabled to avoid environment corruption on access.
It also documents the issue as a known issue.
https://jira.digi.com/browse/DEL-2625
Signed-off-by: Alex Gonzalez <alex.gonzalez@digi.com>
According to 'grep' manual '\s' is a synonym for [[:space:]] which
matches spaces, TABs, but also newlines, etc. We want to only match
spaces and TABs, so use [[:blank:]] instead.
Signed-off-by: Javier Viguera <javier.viguera@digi.com>
* set cellular user and password
* stricter replace to not match set values
* only set cellular interface to auto
Internal merge of Github's PR:
https://github.com/digi-embedded/meta-digi/pull/2
Signed-off-by: Javier Viguera <javier.viguera@digi.com>
Down the bluetooth interface before entering suspend and up it after resuming
if it is present and up.
https://jira.digi.com/browse/DEL-2806
Signed-off-by: Isaac Hermida <isaac.hermida@digi.com>
Start syslog earlier (from 20 to 02) so it is running and other init scripts
can use it to log into the system like the S03networking script.
https://jira.digi.com/browse/DEL-2812
Signed-off-by: Isaac Hermida <isaac.hermida@digi.com>
This is needed so the encrypted rootfs is properly resized to the
partition size.
https://jira.digi.com/browse/DEL-2765
Signed-off-by: Javier Viguera <javier.viguera@digi.com>
New functionality has been implemented in trustfence-tool application,
so there is no need to call cryptsetup command.
Signed-off-by: Javier Viguera <javier.viguera@digi.com>
Get filesystem type of rootfs block device and pass it explicitly to the
mount command to clean following warnings on boot:
EXT4-fs (dm-0): couldn't mount as ext3 due to feature incompatibilities
EXT4-fs (dm-0): couldn't mount as ext2 due to feature incompatibilities
Signed-off-by: Javier Viguera <javier.viguera@digi.com>
This recipe builds the initramfs image that is used to boot from an
encrypted rootfs.
https://jira.digi.com/browse/DEL-2278
Signed-off-by: Javier Viguera <javier.viguera@digi.com>
This package adds some files needed by the trustfence initramfs and that
are not included in other packages.
https://jira.digi.com/browse/DEL-2278
Signed-off-by: Javier Viguera <javier.viguera@digi.com>
This function is deprecated in favor of bb.utils.contains. The same
change has been done in other layers.
Signed-off-by: Javier Viguera <javier.viguera@digi.com>
sysinfo is a bash script which gathers all the relevant information
from a running system on a timestamped compressed file.
https://jira.digi.com/browse/DEL-2447
Signed-off-by: Victor Rubio Victor.RubioTorroba@digi.com
Signed-off-by: Alex Gonzalez <alex.gonzalez@digi.com>
Signed-off-by: Javier Viguera <javier.viguera@digi.com>
That restriction does not make any difference in the final image
contents, because no package depending on X11 is added to the image, and
it prevents the image from being built with the default DEY
configuration (that has X11 distro feature enabled).
This also allows to build the image in the buildserver with the same job
that builds other X11 based images.
https://jira.digi.com/browse/DEL-2106
Signed-off-by: Javier Viguera <javier.viguera@digi.com>
Move this variable to DEY distro conf so that it is available for any
recipe built with the distro.
Signed-off-by: Hector Palacios <hector.palacios@digi.com>
https://jira.digi.com/browse/DEL-2192
It has been observed that the wireless interface ocassionally fails to resume
from suspend on extensive long run validation testing, so we workaround it by
bringing the interface down before suspend and bring it up again after resume
This reverts commit a77cd1406d.
https://jira.digi.com/browse/DEL-2217
Signed-off-by: Isaac Hermida <isaac.hermida@digi.com>
This image provides a demo rootfs with QT. It can be built for
framebuffer and also for X11.
https://jira.digi.com/browse/DEL-2196
Signed-off-by: Javier Viguera <javier.viguera@digi.com>
This is a user-space workaround for the reboot/poweroff problems we
are having in the ccimx6sbc. Seems that they are not reproducible when
only one core is enabled, so the workaround is to disable the rest of
the cores for rebooting/halting.
https://jira.digi.com/browse/DEL-2133https://jira.digi.com/browse/DEL-2148
Signed-off-by: Javier Viguera <javier.viguera@digi.com>
(cherry picked from commit a9e36a74bb20ab38f220116ba2742dca3d80c293)
So we can build a 'dey-image-graphical' image for framebuffer with
support for QT5.
https://jira.digi.com/browse/DEL-2017
Signed-off-by: Javier Viguera <javier.viguera@digi.com>
No functional change, as 'package-management' is added via the included
dey-image-minimal recipe, and 'pointercal-xinput' is a dependence of
xinput-calibrator which is added for X11 images.
Signed-off-by: Javier Viguera <javier.viguera@digi.com>
We switch to the way it works in Android, short press (<2s) takes the target
to suspend and long press, >2s but <9s, performs a software controlled
power down.
Pressing longer than 9 seconds does the uncontrolled hardware power off
directly from the PMIC.
Signed-off-by: Alex Gonzalez <alex.gonzalez@digi.com>
The suspend script did a ifup/ifdown on wlan0 to workaround issues we
had using wireless drivers on some platforms.
Signed-off-by: Alex Gonzalez <alex.gonzalez@digi.com>
Now that the MX5 platforms have been removed the only value for
WPA_DRIVER is 'nl80211' (used by Atheros wireless driver), so there is
no need to have a platform specific value.
Just initialize the value in the init-ifupdown recipe with a weak
assignment so it can be override from the project's local.conf.
https://jira.digi.com/browse/DEL-1890https://jira.digi.com/browse/DEL-1969
Signed-off-by: Javier Viguera <javier.viguera@digi.com>
It has a hard-coded dependence in bluez4 and this has been removed from
openembedded-core.
There is a different Jira for the bluez5 migration.
https://jira.digi.com/browse/DEL-1890
Signed-off-by: Javier Viguera <javier.viguera@digi.com>
ccimx51js and ccimx53js are not supported in this version of DEY.
Support for those platforms is in previous versions of DEY.
https://jira.digi.com/browse/DEL-1890
Signed-off-by: Javier Viguera <javier.viguera@digi.com>
Microcom is a minimal version of minicom and is extremely useful
for doing basic testing on target (for instance, talking to a modem
or other serial connected device).
Signed-off-by: Alex Gonzalez <alex.gonzalez@digi.com>
(cherry picked from commit 90c6708e948c9b9942b48d425ff21e0affc2f8d7)
Signed-off-by: Javier Viguera <javier.viguera@digi.com>
Add the networking configuration to support the creation of a bridge
interface.
Signed-off-by: Jose Diaz de Grenu de Pedro Jose.DiazdeGrenudePedro@digi.com
Tatiana Leon
Mike Engel
Gabriel Valcazar
David Escalona
Javier Viguera
Hector Palacios
Pedro Perez de Heredia
Alex Gonzalez
Diaz de Grenu, Jose
Isaac Hermida
Stephan Klatt
Victor Rubio
Jose Diaz de Grenu de Pedro
Paul Osborne