Switch the Yocto LXC bundle output to tar.gz and require the same format
in the external DCP generator so the DCP can embed the payload
without extra conversion.
This saves time on the device when installing.
https://onedigi.atlassian.net/browse/DEL-10037
Signed-off-by: Isaac Hermida <isaac.hermida@digi.com>
Instead of using the internal logic, move to use the external
script to generate the DCP, so internal and external DCP are
using a common flow.
https://onedigi.atlassian.net/browse/DEL-10037
Signed-off-by: Isaac Hermida <isaac.hermida@digi.com>
Add QR code generation to sysinfo using U-Boot serial and
MAC address information, with support for both standard
and legacy payload formats.
When requested with --qr_display, show the QR code using the
most suitable backend for the running system
https://onedigi.atlassian.net/browse/DEL-9281
Signed-off-by: Francisco Gil <francisco.gilmartinez@digi.com>
Restrict nxp-wlan-utils to ccimx91 and ccimx93. The ccimx95 uses the
Murata wireless chip.
https://onedigi.atlassian.net/browse/DEL-9990
Signed-off-by: Javier Viguera <javier.viguera@digi.com>
Switch ccimx8/ccimx9 wic images to a layout with a u-boot-env
partition. Use a fixed PARTUUID for SD rootfs.
https://onedigi.atlassian.net/browse/DUB-1119
Signed-off-by: Javier Viguera <javier.viguera@digi.com>
Mark the trimmed runtime variants as conflicting with the standard
packages so images cannot include both Podman or LXC flavors at the
same time.
This avoids ambiguous runtime layouts and configuration ownership when a
minimal container-manager image uses the trimmed packages while other
images may select the standard runtimes.
Signed-off-by: Isaac Hermida <isaac.hermida@digi.com>
Generate /etc/containers/containers.conf so Podman does not depend on
its internal default network backend at runtime.
If not, at runtime, the default podman network fails with:
"""
Error: could not find "netavark" in one of {[/usr/local/libexec/podman /usr/local/l
ib/podman /usr/libexec/podman /usr/lib/podman] {<nil>}}. To resolve this error, se
t the helper_binaries_dir key in the `[engine]` section of containers.conf to the d
irectory containing your helper binaries.
"""
Signed-off-by: Isaac Hermida <isaac.hermida@digi.com>
The container entrypoint already runs docker-init, so there is no
need to chain a second instance.
Signed-off-by: Isaac Hermida <isaac.hermida@digi.com>
Include default registration settings in the generated DCP manifest so
future install flows can bootstrap the container configuration directly
from the package metadata.
Add registration_defaults with autostart, monitor and restart policy,
and populate those values for the lvgl and webkit container profiles.
https://onedigi.atlassian.net/browse/DEL-10033
Signed-off-by: Isaac Hermida <isaac.hermida@digi.com>
Populate the DCP manifest for the ccmp25 lvgl and webkit profiles with
the Podman runtime arguments required to create the containers on the
target.
Keep only runtime options in CONTAINER_CREATE_ARGS_PODMAN and compose the
entrypoint automatically from CONTAINER_INIT_MANAGER and
CONTAINER_INIT_SCRIPT when generating the Podman artifact metadata.
https://onedigi.atlassian.net/browse/DEL-10033
Signed-off-by: Isaac Hermida <isaac.hermida@digi.com>
For consistency, rename LVDS overlays:
- Add display model to ccimx93-dvk LVDS overlay
- Convert underscore to dash on ccimx95-dvk LVDS overlays
(the underscore only to separate platform from functionality)
Signed-off-by: Hector Palacios <hector.palacios@digi.com>
Update the recipe to pull Infineon firmware binaries from the official Infineon
repository (aligned with imx-scarthgap-longma Murata branch), avoiding
tarball-related build issues. Firmware remains at Infineon 2026_0108.
Signed-off-by: Arturo Buzarra <arturo.buzarra@digi.com>
The ccmp25 WebKit container needs a small set of extra device nodes
to run the embedded AI demos reliably.
Bind only the device nodes validated on target for the browser demos:
galcore, DRM, framebuffer, input, and the camera video/media/subdevice
nodes used by the AI examples.
https://onedigi.atlassian.net/browse/DEL-10038https://onedigi.atlassian.net/browse/DEL-10039
Signed-off-by: Isaac Hermida <isaac.hermida@digi.com>
The WebKit container profile was missing runtime pieces that are
present in the native WebKit image and required by the embedded
ConnectCore demos.
Add the font and icon packages needed by the fish tank WebGL demo,
include the Weston and GStreamer runtime packages used by the browser
demo stack, and switch the ccmp25 profile to the GCNano userspace
packages used by the native image.
Keep the machine learning packagegroup scoped to ccmp25, since the
ST X-LINUX-AI subset and its demo integration are specific to that
platform.
Signed-off-by: Isaac Hermida <isaac.hermida@digi.com>
Standalone GPU and video tests perform as expected in the WebKit
container, but rendering degrades once Cog runs on top of Weston.
Align the container Weston startup with the native setup by
loading the default Weston options, enabling the systemd-notify
module and exporting WL_EGL_GBM_FENCE=0 before starting the compositor.
https://onedigi.atlassian.net/browse/DEL-10038https://onedigi.atlassian.net/browse/DEL-10039
Signed-off-by: Isaac Hermida <isaac.hermida@digi.com>
Package recommendations are disable, so some recommended packages might
be missed.
For HW detecting add the next explicit packages, which solves the
microSD card detection.
https://onedigi.atlassian.net/browse/DEL-10042
Signed-off-by: Isaac Hermida <isaac.hermida@digi.com>
Remove the ccmp1x machine restriction from the sample recipes, since they
support both CPU and NPU variants.
https://onedigi.atlassian.net/browse/DEL-10045
Signed-off-by: Arturo Buzarra <arturo.buzarra@digi.com>
This commit adds support for environment encryption/decryption of the
u-boot environment on the CCMP2 platform in Linux.
https://onedigi.atlassian.net/browse/DEL-10029
Signed-off-by: Arturo Buzarra <arturo.buzarra@digi.com>
Add a bootscript for the ConnectCore 95 platform, including the default device
tree overlay names.
Signed-off-by: Arturo Buzarra <arturo.buzarra@digi.com>
We initially created this patch when adding XWayland support for the ccimx6 and
ccimx6qp back in dey-3.0-r2.1 (commit eda2f4177e), but we ended up removing
it in dey-4.0-r1.beta1 (commit 526cb3cae0). Even though the blank screen
issue isn't nearly as reproducible as it was back when it was initially
discovered (it used to have a 66% chance of happening), it can still occur
every now and then, especially on the ccimx6 when using an LVDS display.
Adapt the patch to weston 10.0.5.imx and apply it to fix the issue.
https://onedigi.atlassian.net/browse/DEL-7236
Signed-off-by: Gabriel Valcazar <gabriel.valcazar@digi.com>
This partially reverts commit f6d91b9022. The new
mca-tool v1.26 already installs its binaries to /usr/sbin (instead of /sbin),
so the workaround is no longer needed.
Signed-off-by: Arturo Buzarra <arturo.buzarra@digi.com>
ST updated the AI layer from v6.1.1 to v6.2.0, which means our v6.1.% bbappend
is no longer applied. Update the recipe version to match the new X-LINUX-AI
release.
https://onedigi.atlassian.net/browse/DEL-10027
Signed-off-by: Arturo Buzarra <arturo.buzarra@digi.com>
The latest ST release (openstlinux-6.6-yocto-scarthgap-mpu-v26.02.18) checks for
the presence of several TF-M-related variables at parse time, even when they are
not used. This triggers build failures with the new M33-TD flavor variables
required by the TF-M recipe.
Set default (dummy) values for these variables to avoid the parse-time failures.
This is a workaround until full support for building secure TF-M binaries is
integrated.
https://onedigi.atlassian.net/browse/DEL-10022
Signed-off-by: Arturo Buzarra <arturo.buzarra@digi.com>
The original do_install() preserves file ownership, which can contaminate the
SDK build and cause "getpwuid(): uid not found: 1000". Adjust the copy command
to not preserve owner/group.
https://onedigi.atlassian.net/browse/DEL-10022
Signed-off-by: Arturo Buzarra <arturo.buzarra@digi.com>
This commit imports the Digi custom version of sign-stm32mp bbclass to ensure
that the search_path() function does not raise a build exception if the signing
tool or keys are not present in the PATH before starting the build process.
In our case, we do not need to manually install the tools or generate the keys
beforehand, as this is automatically handled by Yocto in our DEY distribution.
https://onedigi.atlassian.net/browse/DEL-10022
Signed-off-by: Arturo Buzarra <arturo.buzarra@digi.com>
Commit 3fdb245765 ("trustfence: add encrypted
boot artifact support for CCMP13 platform") broke PKI tree generation when
encryption is disabled. Fix it for ccmp15.
https://onedigi.atlassian.net/browse/DEL-10022
Signed-off-by: Arturo Buzarra <arturo.buzarra@digi.com>
Commit 52a1111da6d72446530da26e135b65a34b48e279 ("OPTEE: MANAGE signature,
M33TD") in the ST layer incorrectly enables CFG_REMOTEPROC_PUB_KEY_VERIFY=y for
all platforms when SIGN_ENABLE is set.
However, co-processor public key verification against OTP fuses is not
supported on stm32mp1x platforms and causes the build to fail.
Remove CFG_REMOTEPROC_PUB_KEY_VERIFY for ccmp15.
https://onedigi.atlassian.net/browse/DEL-10022
Signed-off-by: Arturo Buzarra <arturo.buzarra@digi.com>
Remove the TF-A specific toolchain from SDK generation to avoid build issues
caused by unresolved runtime library dependencies in nativesdk-gcc-aarch64-none-elf,
including libcrypt.so.1, libncursesw.so.6, libpython3.8.so.1.0, and
libtinfo.so.6.
https://onedigi.atlassian.net/browse/DEL-10022
Signed-off-by: Arturo Buzarra <arturo.buzarra@digi.com>
Update secure boot support for Cortex-M processors by refreshing the patch set
and dropping patches already integrated, aligning the implementation with ST
release openstlinux-6.6-yocto-scarthgap-mpu-v26.02.18.
https://onedigi.atlassian.net/browse/DEL-10022
Signed-off-by: Arturo Buzarra <arturo.buzarra@digi.com>
Since commit d29b92ed9935 ("CLASS: SIGN: manage signature for coprocessor")
in meta-st-stm32mp from tag openstlinux-6.6-yocto-scarthgap-mpu-v26.02.18, the
SIGN_HEADER_VERSION variable is required.
Set the appropriate SIGN_HEADER_VERSION value for each platform.
https://onedigi.atlassian.net/browse/DEL-10022
Signed-off-by: Arturo Buzarra <arturo.buzarra@digi.com>
Set KillMode=process in the systemd unit so 'systemctl stop
cc-containerd' only terminates the daemon itself.
Without this, systemd uses the default control-group kill mode and
can terminate container processes that share the service cgroup,
which changes container runtime state when the service is stopped.
https://onedigi.atlassian.net/browse/DEL-9963https://onedigi.atlassian.net/browse/DEL-10005
Signed-off-by: Isaac Hermida <isaac.hermida@digi.com>
Isaac Hermida
Francisco Gil
Javier Viguera
Hector Palacios
Arturo Buzarra
Mike Engel
Gabriel Valcazar
Hector Bujanda