Signed-off-by: Isaac Hermida <isaac.hermida@digi.com>
Signed-off-by: David Escalona <david.escalona@digi.com>
(cherry picked from commit ccc9211d00dad7be6cb2c2d0cf179a62563e26c6)
Recent improvements in the cloudconnector core added a dependency with the
swupdate library, so this commit adds a build dependency with the
swupdate package.
https://onedigi.atlassian.net/browse/DEL-7903
Signed-off-by: Arturo Buzarra <arturo.buzarra@digi.com>
(cherry picked from commit 654ef8686fd3916ae5ad257f72bd41ed2198d958)
This commit fixes the following build warning with the swupdate v2021.11:
WARNING: dey-image-qt-swu-1.0-r0 do_swuimage: Syntax for sha256 changed,
please use $swupdate_get_sha256(dey-image-qt-xxxxxx.boot.ubifs)
WARNING: dey-image-qt-swu-1.0-r0 do_swuimage: Syntax for sha256 changed,
please use $swupdate_get_sha256(dey-image-qt-xxxxxx.ubifs)
Signed-off-by: Arturo Buzarra <arturo.buzarra@digi.com>
Recent improvements in the cloudconnector core added a dependency with the
libdigiapix library, so this commit adds a build dependency with the
libdigiapix package.
Signed-off-by: Arturo Buzarra <arturo.buzarra@digi.com>
The common license file GPL-2.0 is now called GPL-2.0-only in poky, so we need
to reflect this name change to avoid errors
Signed-off-by: Gabriel Valcazar <gabriel.valcazar@digi.com>
Since commit 11558352 ("swu-images: add "installed-directly" flag to
sw-description") the swu package images are streamed into the target without
any temporary copy to support devices with low memory available, that forces a
different order according with the swupdate documentation because scripts
should packed before the rest. This means that all the pre, post and shell
scripts will be executed after the images will be installed. This behavior
breaks the current support to mount the cryptorootfs node before install an
encrypted rootfs.
This commit moves the shell script to mount the cryptorootfs node to the
recovery initramfs and modifies the swupdate command line to call the shell
script before the images installation.
https://onedigi.atlassian.net/browse/CC8X-320
Signed-off-by: Arturo Buzarra <arturo.buzarra@digi.com>
swupdate has the necessary logic to handle compressed images, so take advantage
of this to save space and reduce update package transfer times.
https://onedigi.atlassian.net/browse/DEL-7582
Signed-off-by: Gabriel Valcazar <gabriel.valcazar@digi.com>
Otherwise, swupdate will treat the update process like it's an OTA one and it
will try to store the package contents in /tmp, which won't fit.
swupdate commit 8b70ae5796e75c2ff856e8c46b3a3c09cb8fcccd states that all local
SWU packages should include this flag, since the old implementation had this
information implicitly.
Signed-off-by: Gabriel Valcazar <gabriel.valcazar@digi.com>
Since the recovery script checks the update package before installing it, use
the package's description to indicate if the package is meant to encrypt the
rootfs or not. Also, remove the pre-install script from the ccimx6ul packages,
since the logic in the script to remove the encryption flag from the rootfs is
now in the recovery script.
https://onedigi.atlassian.net/browse/DEL-7174
Signed-off-by: Gabriel Valcazar <gabriel.valcazar@digi.com>
Previously, TRUSTFENCE_INITRAMFS_IMAGE was the only variable used to configure
rootfs encryption. Now that any partition can be encrypted and the rootfs
encryption still needs to be handled differently, use two variables instead.
* TRUSTFENCE_ENCRYPT_PARTITIONS to control partition encryption in general
* TRUSTFENCE_ENCRYPT_ROOTFS to control rootfs encryption
As with most trustfence functionality, enable both by default. Leave
TRUSTFENCE_INITRAMFS_IMAGE as an internal variable only.
https://onedigi.atlassian.net/browse/DEL-7174
Signed-off-by: Gabriel Valcazar <gabriel.valcazar@digi.com>
The partition encryption system now uses dynamically generated names for the
decrypted block devices, which are based on the partition name. Reflect this
change in places where the encrypted rootfs is referenced.
https://onedigi.atlassian.net/browse/DEL-7174
Signed-off-by: Gabriel Valcazar <gabriel.valcazar@digi.com>
The indexes of the MCA PWM controllers are different in Linux v5.4, so the
default value used by libdigiapix results in an error. Reflect this change and,
while at it, replace the default PWM with an IO connected to a user LED to make
the example more visual.
Signed-off-by: Gabriel Valcazar <gabriel.valcazar@digi.com>
Commit c24d1d96 ("sysinfo: adapt script after removal of deprecated fsl_otp
driver") introduced a mistake masking the SEC_CONFIG[1] bit read from the OTP.
This commit fix the read command to force it in hex format and finally match
with the mask in the script.
https://jira.digi.com/browse/DEL-7263
Signed-off-by: Arturo Buzarra <arturo.buzarra@digi.com>
Commit c24d1d96 ("sysinfo: adapt script after removal of deprecated fsl_otp
driver") introduced support to determine if a device is closed by checking
a new boolean property on the DT for the CC8X platforms, however the CC8M
platforms use the same mechanism. This commit modifies the sysinfo script to
check also the DT for the CC8M platforms.
https://jira.digi.com/browse/DEL-7263
Signed-off-by: Arturo Buzarra <arturo.buzarra@digi.com>
Commit cbb38440 ("meta-digi-dey: sysinfo: Add chip revision sysinfo output")
introduced a new script variable to determine the SOC revision of the module.
However this entry only is available on the CC8X platforms. This commit checks
if the entry exist and then tries to read it to avoid unexpected issues with
devices without this entry.
https://jira.digi.com/browse/DEL-7263
Signed-off-by: Arturo Buzarra <arturo.buzarra@digi.com>
This commit updates the GPIO udev rules to change the group owner
and permission of the new gpio char driver. This will allow users
that belong to the digiapix group to access the char driver.
Signed-off-by: Mike Engel <Mike.Engel@digi.com>
https://jira.digi.com/browse/DEL-7255
Add systemd auto-getty.service to run agetty on the console defined in the
kernel command line on platforms with systemd support.
This service replaces serial-getty@.service as the one responsible for
opening a tty port and prompting for a login name when
TRUSTFENCE_CONSOLE_DISABLE is configured.
https://jira.digi.com/browse/DEL-7242
Signed-off-by: Gonzalo Ruiz <Gonzalo.Ruiz@digi.com>
Isaac Hermida
Arturo Buzarra
Javier Viguera
Mike Engel
Gabriel Valcazar
Hector Palacios
Gonzalo Ruiz
Hector Bujanda