The generate_installer_zip() function had a hardcoded "u-boot" filename when adding
the bootloader to the list of files that are put in the installer .zip.
https://jira.digi.com/browse/DEL-6174
Signed-off-by: Gabriel Valcazar <gabriel.valcazar@digi.com>
Rename recipe and fix the path of the progress binary. Also on the
rocko branch of meta-swupdate several signing mechanisms are
supported, and the value is used as a string to determine which one
to use.
Signed-off-by: Jose Diaz de Grenu <Jose.DiazdeGrenu@digi.com>
This commit creates a new file called 'dey-version-${REAL_MULTIMACH_TARGET_SYS}'
(for example, 'dey-version-cortexa7hf-neon-dey-linux-gnueabi') at the same level
as 'version-${REAL_MULTIMACH_TARGET_SYS}',
'site-config-${REAL_MULTIMACH_TARGET_SYS}', and
'environment-setup-${REAL_MULTIMACH_TARGET_SYS}' files.
The file contains the following parameters:
* Machine. The name of the platform the toolchain was built for (ccimx6sbc,
ccimx6ulsbc, ccimx6ulstarter).
* Version: A versioning system for the generated toolchains. Currently is the
distro version followed by the timestamp on which the current build started.
* Image: The name of the image that triggered the population of the SDK
(core-image-base, dey-image-aws, dey-image-qt-${GRAPHICAL_BACKEND})
The purpose of the 'dey-version-*' file is to be parsed by Eclipse so toolchains
can be autodetected.
This file is packaged with the rest of SDK/toolchain resources ('version-*',
'site-config-*', and 'environment-setup-*' files, and 'sysroots' directory)
when creating the SDK tarball and later the installation script.
The 'dey-version-*' file could also be created in a 'meta-environment.bbappend'
appending to the 'create_sdk_files()'. But from this recipe there is no access
to the name of the image that triggers the creation of the SDK (core-image-base,
dey-image-aws, dey-image-qt, etc.).
Currently, we are redefining 'SDK_POSTPROCESS_COMMAND' (from
'poky/meta/classes/populate_sdk_base.bbclass') to insert the generation of the
'dey-version-*' file just before creating the SDK tarball.
https://jira.digi.com/browse/DEL-5074
Signed-off-by: Tatiana Leon <tatiana.leon@digi.com>
If values are provided in the local.conf, the package will have the
'config.json' file preconfigured.
https://jira.digi.com/browse/DEL-4274
Signed-off-by: Javier Viguera <javier.viguera@digi.com>
Rename the class so it's not specific to the C version of the AWS IoT
Device SDK, and can be used for anything related with AWS IOT (for
example Greengrass).
https://jira.digi.com/browse/DEL-4274
Signed-off-by: Javier Viguera <javier.viguera@digi.com>
Variable 'AWS_IOT_LOGGING_LEVEL' can be used from the project 'local.conf' to
establish the logging level of the AWS IoT Device SDK.
There are 6 incremental levels: none, error, warn, info, debug, and trace.
Default is 'debug'.
https://jira.digi.com/browse/DEL-4101
Signed-off-by: Tatiana Leon <tatiana.leon@digi.com>
With the migration to Morty, some of the paths to the artifacts (boot
and rootfs images) need to be updated.
While on it, also remove the temporary README.txt file which is not
needed after it has been packed in the zip installer.
https://jira.digi.com/browse/DEL-4013
Signed-off-by: Javier Viguera <javier.viguera@digi.com>
- Trying to set the complete SWU packages signature key in the
TrustFence class was causing a build error when keys were not
yet generated. To avoid this, set only the key wildcard in the
TrustFence class and expand the variable in the SWU packages
recipes, when keys already exist.
https://jira.digi.com/browse/DEL-3913
Signed-off-by: David Escalona <david.escalona@digi.com>
- Enabled signing support while generating the swupdate
packages for 'core-image-base' and 'dey-image-qt'. The
signing support is only enabled when 'TUSTFENCE_SIGN=1'
and requires the recipe to set the private key that will
be used to generate the signature.
- Enabled hash support while generating the swupdate
packages for 'core-image-base' and 'dey-image-qt'. The
hash support requires the sw-description files to include
a new line for each image and/or file that will be added
to the update package. The hash is automatically calculated
and replaced in the sw-description files.
https://jira.digi.com/browse/DEL-3774
Signed-off-by: David Escalona <david.escalona@digi.com>
It's not enabled by default. It's controlled by DEY_IMAGE_INSTALLER
variable in the project's local.conf.
https://jira.digi.com/browse/DEL-3591
Signed-off-by: Javier Viguera <javier.viguera@digi.com>
When encryption is enabled, the signed U-Boot image will be used for the uSD.
This allows the uSD image to boot the device and recover it from the U-Boot
console, which is its main purpose. Nevertheless, the uSD image will not be
able to boot Linux.
https://jira.digi.com/browse/DEL-2877
This reverts commit 2e13e194d9.
Currently we don't support booting encrypted images from an SDCARD, so
just disable the generation of such images.
https://jira.digi.com/browse/DEL-2876
Signed-off-by: Javier Viguera <javier.viguera@digi.com>
By default, on closed devices you cannot revoke any key. To do so, it is
required to compile a U-Boot which instructs the HAB not to set the sticky
bit which write protects that field in the OCOTP controller.
This patch introduces a Yocto macro which allows to configure U-Boot in
that way.
In the ConnectCore 6, the value of this settings is ignored, because HAB never
sets the sticky bit which write protects that field.
https://jira.digi.com/browse/DUB-665
Signed-off-by: Diaz de Grenu, Jose <Jose.DiazdeGrenu@digi.com>
While performing usability testing on the TrustFence documentation, it has
been noted that in order to follow the secure boot instructions the
console needs to be enabled.
We have now moved the secure console section to the end of the
documentation so that disabling the console is the last configuration to
make in a secure system.
Signed-off-by: Alex Gonzalez <alex.gonzalez@digi.com>
When Trustfence is enabled, this adds a dependence on the TF initramfs,
so it's built and added to the boot image.
It also modifies the u-boot boot script on the fly, to boot correctly
using the Trustfence initramfs.
https://jira.digi.com/browse/DEL-2278
Signed-off-by: Javier Viguera <javier.viguera@digi.com>
The TRUSTFENCE_UBOOT_DEK_SIZE Yocto macro maps to the UBOOT_DEK_SIZE U-Boot
Kconfig entry, which is defined as a choice entry. This makes necessary
to explicitly define the choice Kconfig entry for the configuration to
work.
Signed-off-by: Diaz de Grenu, Jose <Jose.DiazdeGrenu@digi.com>
There are several possible values for TRUSTFENCE_UBOOT_ENV_DEK:
* Not defined: if the trustfence support is not included.
Should not include the feature.
* 32 characters: when defining a valid key.
Should include the feature.
* "0": when explicitly disabling the feature.
Should not include the feature
* <other>: Invalid value, should trigger the error.
This commits fixes the logic so that 'None' (no defined) is taken as a valid
value.
Signed-off-by: Diaz de Grenu, Jose <Jose.DiazdeGrenu@digi.com>
This commit changes the CONFIG_CCIMX6SBC_CONSOLE_ENABLE_GPIO_NR define
into a platform independent setting.
Signed-off-by: Mike Engel <Mike.Engel@digi.com>
https://jira.digi.com/browse/DEL-2641
https://jira.digi.com/browse/DEL-2603
Signed-off-by: Alex Gonzalez <alex.gonzalez@digi.com>
Signed-off-by: Jose Diaz de Grenu de Pedro <Jose.DiazdeGrenudePedro@digi.com>
Implement the set of TRUSTFENCE_ macros to configure each secure boot feature
available in U-Boot.
https://jira.digi.com/browse/DUB-570
Signed-off-by: Jose Diaz de Grenu de Pedro <Jose.DiazdeGrenudePedro@digi.com>
This commit adds a trustfence class to encapsulate all trustfence
configurations.
https://jira.digi.com/browse/DEL-2257
Signed-off-by: Alex Gonzalez <alex.gonzalez@digi.com>
The meta-qt5 layer provides a 'populate_sdk_qt5' class with all what's
needed to build a SDK based on an image recipe.
Inherit the class here so it's available for all DEY image recipes
depending on 'dey-qt' image feature.
https://jira.digi.com/browse/DEL-1973
Signed-off-by: Javier Viguera <javier.viguera@digi.com>
This was used just for SARES testing and according to the SA team it is
not needed anymore, so just remove it.
Signed-off-by: Javier Viguera <javier.viguera@digi.com>
This simplifies the code and as an extra allows to override the default
root password from the project's local.conf (setting MD5_ROOT_PASSWD
variable)
https://jira.digi.com/browse/DEL-1558
Signed-off-by: Javier Viguera <javier.viguera@digi.com>
Poky added a new class that provides the same functionality we
implemented in our 'dey-image' class. So just use that class instead
of reimplementing it in our layer.
https://jira.digi.com/browse/DEL-1558
Signed-off-by: Javier Viguera <javier.viguera@digi.com>
Remove 'dey-test' image feature and create a SARES bbclass with the
same functionality. This makes easier the creation of images suitable
for SARES testing just adding:
INHERIT += "sares-image"
to your project's local.conf
https://jira.digi.com/browse/DEL-1558
Signed-off-by: Javier Viguera <javier.viguera@digi.com>
After the upstream commit in d63c8a1597c9bd0a838cb59ca461ac432b630a90,
bitbake checks to see if the image feature has a valid packagegroup
associated.
For this check to work dey features need to be defined for all images,
not only dey images, so the definitions need to move to the distro
configuration file.
https://jira.digi.com/browse/DEL-852
Signed-off-by: Alex Gonzalez <alex.gonzalez@digi.com>
Signed-off-by: Javier Viguera <javier.viguera@digi.com>
SERIAL_CONSOLE variable has been deprecated in poky. The new
SERIAL_CONSOLES allows to configure multiple devices.
Signed-off-by: Javier Viguera <javier.viguera@digi.com>
The final product will be called "Digi Embedded for Yocto" or DEY for
short.
This commit renames all relevant files.
https://jira.digi.com/browse/DEL-474
Signed-off-by: Alex Gonzalez <alex.gonzalez@digi.com>
Gabriel Valcazar
Jose Diaz de Grenu
Tatiana Leon
Javier Viguera
David Escalona
Alex Gonzalez
Mike Engel
Jose Diaz de Grenu de Pedro