In theory, libcap's pam_cap module should use libpam's dlopen runtime linking
mechanism, but starting in libcap 2.53, this changed in order to support
distros that can only link it at build-time. Then, in 2.54, a compile-time
option was added (FORCELINKPAM) to allow users to force the link or not. In the
poky recipe for libcap, this option isn't set, so the library was getting
linked by default, dragging all of its dependencies with it.
For more info: https://bugzilla.kernel.org/show_bug.cgi?id=214023
Set the flag to "no" to avoid linking against libpam, removing its dependency
from the recovery image and saving some space.
Signed-off-by: Gabriel Valcazar <gabriel.valcazar@digi.com>
The TF-A and OP-TEE images have different suffixes depending
on whether TrustFence is enabled or not, but the suffix variables
themselves must exist independently of whether TF is enabled.
Currently, they were defined on the trustfence.bbclass, and the
variables did not exist when TF was disabled, which caused build
problems, for example, building the SWU file.
Signed-off-by: Hector Palacios <hector.palacios@digi.com>
This package is purely vestigial and hasn't been used at all in any of our
initramfs images for over 7 years. It was used in the first implementation
of the trustfence initramfs (commit 4dd7d438af)
to securely erase the key used by cryptsetup, but two weeks later, that logic
was moved to trustfence-tool (commit a8c50c16ea)
and "wipe" was no longer needed. However, the package remained in the
dependencies of the trustfence initramfs, which were then used as reference for
the recovery initramfs, even though this initramfs didn't even need "wipe" to
begin with.
Removing this package saves 30.8 KiB in the ccimx6ul recovery image.
https://onedigi.atlassian.net/browse/DEL-8819
Signed-off-by: Gabriel Valcazar <gabriel.valcazar@digi.com>
This is added as a recommendation for libcrypto and only contains legacy
ciphers which are deemed outdated or unsafe. If any of the packages in the
image actually required this module, they would depend on it explicitly, but
this isn't the case. This saves 66.8 KiB on the ccimx6ul recovery image.
https://onedigi.atlassian.net/browse/DEL-8819
Signed-off-by: Gabriel Valcazar <gabriel.valcazar@digi.com>
We depend on libarchive so that swupdate can perform updates with .tar.gz
files, but by default, libarchive is configured to support a lot of additional
features that pull in even more dependencies. This increases the size of the
recovery image, which barely fits on platforms with limited internal storage
like the ccimx6ul. We already removed zstd support to mitigate this, but the
image size increased again after adding imx-kobs to it in commit
aa2480d1de.
Since libarchive isn't used by any other package in our system, remove the
configurations that bloat the recovery image and are not needed at all for
our file update use case. Note that removing the "lzo" packageconfig doesn't
remove its respective library from the image because mtd-utils also depends on
it, but it still reduces the size of libarchive. On the ccimx6ul, this removes
193 KiB worth of libraries and trims libarchive down by 20.5 KiB in the
recovery image.
https://onedigi.atlassian.net/browse/DEL-8819
Signed-off-by: Gabriel Valcazar <gabriel.valcazar@digi.com>
These fields were added to default files, but not to the
special sw-description files for ccmp1 and cc6ul platforms.
Signed-off-by: Hector Palacios <hector.palacios@digi.com>
When TrustFence is enabled, the boot artifacts (TFA and FIP)
have a 'signed' suffix. Handle this case so that the correct
symlinks are created and the correct artifacts are put into the
SWU file.
Signed-off-by: Mike Engel <Mike.Engel@digi.com>
Signed-off-by: Hector Palacios <hector.palacios@digi.com>
For signing SWU files we need to set a couple of variables:
- SWUPDATE_PRIVATE_KEY_TEMPLATE to the private key file
- SWUPDATE_PASSWORD_FILE to the password of the private key
The latter must only contain one password, whereas the current key_pass.txt
file had (for the ccmp13) the eight keys separated by a white space.
This commit:
- If the file key_pass.txt exists, it extracts each key into a separate
file key_pass0X.txt.
- If the keys don't exist, generates separate files per key.
- Changes the permissions of password files to 400.
- Adapts the sign script to use the single password files.
- Fixes a few quotes
Signed-off-by: Hector Palacios <hector.palacios@digi.com>
We were using the .cfg suffix for both the build-time config fragments and the
runtime configuration file. During do_configure(), all files in SRC_URI ending
in .cfg were being merged together to create the final build configuration,
including said runtime file, which has a completely different syntax. In most
cases, the contents of this file were being ignored, but when tweaking
swupdate's configuration and re-building the package, sometimes strange errors
would prevent the build from finishing.
Change the runtime file's suffix entirely to separate it from the config
fragments and prevent it from being treated as such, and reflect the name
change in the defconfig and the recovery script.
Signed-off-by: Gabriel Valcazar <gabriel.valcazar@digi.com>
meta-swupdate recently added support for swupdate 2023.12 and libubootenv
0.3.5. This upgrade conflicts with our custom functionality in both packages,
so keep using 2023.05 and 0.3.2 respectively so DEY 4.0 can be built without
introducing possible functionality changes.
Signed-off-by: Gabriel Valcazar <gabriel.valcazar@digi.com>
Commit 7e81e706a1 modified the logic used to
determine if a NAND is using multi-MTD or single-MTD, but single quotes were
used in the grep pattern, which prevents the variable inside from expanding.
This makes the script always enter the single-MTD code path, even in multi-MTD
systems, which breaks partition formatting in these cases.
Replace the single quotes with double quotes so the variable can expand and the
condition can be properly checked.
https://onedigi.atlassian.net/browse/DEL-8773
Signed-off-by: Gabriel Valcazar <gabriel.valcazar@digi.com>
Fixed via commit 311a492c21f0f3643f4b764f8b743c4c6908d31b in meta-st-stm32mp
This reverts commit 09c4645894.
Signed-off-by: Gabriel Valcazar <gabriel.valcazar@digi.com>
This commit adds u-boot swupdate support for all platforms.
Now u-boot can be updated with all our supported update
options. Currently it will only update first partition
u-boot partition.
https://onedigi.atlassian.net/browse/DEL-8749
Signed-off-by: Mike Engel <Mike.Engel@digi.com>
The 'mtd-blacklist' parameter prevents swupdate from acting upon those
partitions that we consider sensitive.
Make such list platform-dependent.
Signed-off-by: Hector Palacios <hector.palacios@digi.com>
The swupdate recipe installs by default a systemd service
and a socket to listen for updates coming from a web server.
DEY only makes use of such service during on-the-fly updates from Cloud
Connector web service.
The default swupdate service fails on images with TrustFence because it's
called with no arguments and there doesn't exist a configuration file.
This commit installs a default configuration file and, if TrustFence is
enabled, sets the parameter 'public-key-file' to point to the public
certificate to use to authenticate SWU packages.
While on it, it removes the same file from the recovery-initramfs recipe
that was the only recipe that was adding such config file for recovery
images only.
Signed-off-by: Hector Palacios <hector.palacios@digi.com>
meta-digi layers use many conditionals basing on TRUSTFENCE_SIGN, but this
variable may be disabled when the signing process wants to be isolated
from the image creation.
There are cases when we still need to know if TrustFence is enabled even
if the images are not going to be signed.
Signed-off-by: Hector Palacios <hector.palacios@digi.com>
In commit df9b1cf329, the UBOOT_SIGN_ENABLE is set for all
platforms, and should be only added for FIT images.
This is making the process failing in cc8mn/cc8mm platforms
due to the UBOOT_SIGN_ENABLE is also used there to use a dtb
patched with the signature node.
https://onedigi.atlassian.net/browse/DEL-8764
Signed-off-by: Francisco Gil francisco.gilmartinez@digi.com
Otherwise, bitbake's git client won't be able to fetch the sources if there are
no mirrors available.
Signed-off-by: Gabriel Valcazar <gabriel.valcazar@digi.com>
As part of the integration of the new ML package, also update the
ethos-u-firmware binary built from Stash:
Repo: emp/ethos_u_firmware.git
Revision: a0352b0cf7267c896b55980dedd08daddc780733
Source: NXP's MCUXpresso SDK_2.14.0_MIMX9352xxxxK
And, drop deepview-rt support for ccimx93, as NXP has done the same in
6.1.36-2.1.0 release.
Signed-off-by: Javier Viguera <javier.viguera@digi.com>
- Set variables required for FIT signing inside python function, under the
condition of having TRUSTFENCE_SIGN="1".
- Define two sign keys using TRUSTFENCE_ wrapper constants. Default values:
- 'fitcfg' for configuration nodes inside the FIT
- 'fitimg' for image nodes inside the FIT
- Enable FIT_SIGN_INDIVIDUAL to also sign individual images inside the FIT
- Set FIT_GENERATE_KEYS by default (kernel-fitimage.bbclass already checks
if the keys exist before generating new ones)
Signed-off-by: Hector Palacios <hector.palacios@digi.com>
This change isn't functional, but necessary if we want to be able to separate
the logic in the include file and the demo recipe. This way the include file is
agnostic and can be included into other recipes if needed.
Signed-off-by: Gabriel Valcazar <gabriel.valcazar@digi.com>
Otherwise, launching a Qt5 app will result in errors and the QPA platform will
need to be set manually to get it to work.
Signed-off-by: Gabriel Valcazar <gabriel.valcazar@digi.com>
Backport of graphics package for ccimx93 from NXP's Mickledore-based
6.1.36-2.1.0 release. Mainly copies and appends of graphics recipes
from the new release, and restricted to ccimx93 by changing the
COMPATIBLE_MACHINE, so it does not affect other platforms.
Notice, that the new version of weston used now by the ccimx93 requires
a different profile file (weston-socket.sh). This profile supercedes the
old 'weston.sh'.
Signed-off-by: Javier Viguera <javier.viguera@digi.com>
Backport of multimedia package for ccimx93 from NXP's Mickledore-based
6.1.36-2.1.0 release. Mainly copies and appends of multimedia recipes
from the new release, and restricted to ccimx93 by changing the
COMPATIBLE_MACHINE, so it does not affect other platforms.
Signed-off-by: Javier Viguera <javier.viguera@digi.com>
This is required to build the new version of gstreamer used by NXP for
the ccimx93 and integrated in following commits.
Signed-off-by: Javier Viguera <javier.viguera@digi.com>
LVGL is a free and open-source embedded graphics library that is able to run
in environments with limited resources.
This image includes a desktop environment and an LVGL widget demo (lvgl_demo)
https://onedigi.atlassian.net/browse/DEL-8740
Signed-off-by: Gabriel Valcazar <gabriel.valcazar@digi.com>
Rename the recipe to lvgl-demo to reflect the generalization and select the
most appropriate backend for each platform. Aside from making sure each backend
builds and runs fine, add some usability improvements:
* Specify the mouse as the default evdev device instead of the touchscreen
* Use common resolution variables to be able to configure the app's
dimensions easily
https://onedigi.atlassian.net/browse/DEL-8740
Signed-off-by: Gabriel Valcazar <gabriel.valcazar@digi.com>
This commit adds signed FIT image support for the CCMP1
platforms when using Trustfence.
https://onedigi.atlassian.net/browse/DEL-8591
Signed-off-by: Mike Engel <Mike.Engel@digi.com>
This package was inadvertantly pulling in a lot of dependencies into our
images that make use of Qt6. Most of these packages consisted of *-dev
packages, which are only useful for development with the SDK.
Remove this package along with its dependencies to significantly reduce the
dey-image-qt rootfs image size.
Note that this change was already done in commit
8979331ef8, but it was accidentally reverted when
upgrading to Qt 6.5 in commit a5c6f2b795.
Signed-off-by: Gabriel Valcazar <gabriel.valcazar@digi.com>
(cherry picked from commit 0d6d6d219f)
This fix systemd error on boot:
[ 6.974370] systemd[1]: /lib/systemd/system/connectcore-demo-example.service:3: Failed to add dependency on connectcore-demo-server, ignoring: Invalid argument
Signed-off-by: Tatiana Leon <Tatiana.Leon@digi.com>
Current pattern does not match the SRKs generated for the ccimx93. The
ccimx93 does not support subordinated SGK certs, so the name of the SRKs
do not contain the "_ca_" pattern. So relax the expression used in the
trustfence bbclass to match the SRKs generated for both platforms.
# For the ccimx93
$ ls -1 crts/SRK1*crt.pem
crts/SRK1_sha512_secp521r1_v3_usr_crt.pem
# For the ccimx8x
$ ls -1 crts/SRK1*crt.pem
crts/SRK1_sha512_secp521r1_v3_ca_crt.pem
Signed-off-by: Javier Viguera <javier.viguera@digi.com>
Some platforms do not support signing external artifacts (kernel, dtb,
etc.) yet, so we need to decouple the signing of the bootloader from the
signing of the external artifacts.
This commit generalizes the code, so instead of having platform exceptions
scattered along the recipes, we create a new variable used conditionally
to sign or not the external artifacts.
Signed-off-by: Javier Viguera <javier.viguera@digi.com>
If the system is send to suspend mode, the bluetooth core is reconfigured.
Therefore, restart the service if it is running, to configure the ble
service.
https://onedigi.atlassian.net/browse/DEL-8694
Signed-off-by: Isaac Hermida <isaac.hermida@digi.com>
Bitbake was always copying the public key 1 to the rootfs, no matter what the value specified in
the 'TRUSTFENCE_KEY_INDEX' variable was. This commit fixes the issue by enclosing the variable
between curly braces so that bitbake is able to expand it and calculate the correct key index.
Signed-off-by: David Escalona <david.escalona@digi.com>
Commit 429125cce0 created a minimal version 'defconfig'
that doesn't include all the default configuration options
of swupdate.
However, an anonymous python function inside the swupdate
repository establishes dependencies basing on configuration
switches it finds (or not) in the 'defconfig' file and any
additional configuration fragments.
For this reason, a minimal 'defconfig' cannot be used in
this recipe and a full configuration file (that also includes
default options) must be used instead.
Reported-by: Stephan Klatt
Signed-off-by: Hector Palacios <hector.palacios@digi.com>
Signed-off-by: Javier Viguera <javier.viguera@digi.com>
There was a missmatch between the configuration file and the
correct adc in the ccmp15 platform.
Also a whitespace is removed from ccmp13 configuration file.
https://onedigi.atlassian.net/browse/DEL-8702
Signed-off-by: Francisco Gil <francisco.gilmartinez@digi.com>
Gabriel Valcazar
Hector Palacios
Mike Engel
fgilmar
Javier Viguera
Arturo Buzarra
Tatiana Leon
Isaac Hermida
David Escalona