We haven't included fbtest in our default images for a long time. Also, its
lone dependency, microwindows, is broken due to an outdated SRC_URI that no
longer exists. Remove both recipes
Signed-off-by: Gabriel Valcazar <gabriel.valcazar@digi.com>
Otherwise, the target will immediately power off as soon as the power button is
pressed, even before letting go of it. This customization is already being made
for ccmp1 platforms, so make it common for all stm32mp platforms.
https://onedigi.atlassian.net/browse/DEL-9190
Signed-off-by: Gabriel Valcazar <gabriel.valcazar@digi.com>
In the previous commit, removing the qt6 addons packagegroup has the unintended
side effect of removing all gtsreamer packages from the SDK, presumably because
they were being implicitly pulled in by one of the many qt6 packages. Add our
dey-gstreamer packagegroup to dey-toolchain to recover said packages.
Note that the set of packages we include with our packagegroup is much bigger
than the set that was being pulled in by the qt6 addons, but the size increase
is small compared to the increase caused by the qt6 addons. In the
ccimx8x-sbc-pro toolchain, this increases the installer script's size by around
84 MiB.
Signed-off-by: Gabriel Valcazar <gabriel.valcazar@digi.com>
This slightly increases the SDK's size, but it adds packages that are required
for common use cases such as integration with weston/x11.
https://onedigi.atlassian.net/browse/DEL-9297
Signed-off-by: Gabriel Valcazar <gabriel.valcazar@digi.com>
Our new dey-toolchain recipe was missing the logic needed to create the
"dey-version" file in the SDK's installation path. Move this logic from the
dey-image bbclass to a new bbclass meant exclusively for SDK logic, and inherit
it where needed. While at it, move other common SDK modifications to this
class.
https://onedigi.atlassian.net/browse/DEL-9297
Signed-off-by: Gabriel Valcazar <gabriel.valcazar@digi.com>
This variable is used to determine the types of complementary packages included
in the SDK: dbg-pkgs, dev-pkgs, doc-pkgs, src-pkgs...
We added staticdev-pkgs to this variable back in Yocto 2.0 (45de4d6943), but
instead of appending it to the original list, we redefined it with its original
value ("dev-pkgs dbg-pkgs") plus "staticdev-pkgs".
However, the default value of SDKIMAGE_FEATURES in poky has changed over time:
* Starting in Yocto 2.3 (eb345ca720e5), doc-pkgs is included if
"api-documentation" is in DISTRO_FEATURES. We don't include this feature
by default, but if a customer were to include it manually, the doc
packages wouldn't get included in their custom SDKs.
* Starting in Yocto 2.7 (ba3aa5311291), bitbake changed the default
PACKAGE_DEBUG_SPLIT_STYLE value so debug packages get split in two: one
for binaries with debug symbols and another for the source code. In turn,
src-pkgs was added to the default SDKIMAGE_FEATURES so that SDKs wouldn't
change behavior, but since we overwrite the default value, we aren't
including src-pkgs in our SDKs, only dbg-pkgs.
* Any future changes would be ignored as well, which could potentially lead
to unexpected behavior.
Make sure we don't overwrite the default SDKIMAGE_FEATURES value to include
src-pkgs in our SDKs, as well as the optional doc-pkgs logic. Also, include
staticdev-pkgs in our recently created dey-toolchain recipe.
Signed-off-by: Gabriel Valcazar <gabriel.valcazar@digi.com>
For many DEY releases, we've been providing one SDK per image type, per
platform. In the case of graphical images, this was redundant for a few
reasons:
* Most of the SDK's contents were identical, save for the specific packages
in each image (qt, webkit, lvgl...) and their dependencies. With each SDK
occupying over 1.5 GiB, this results in a lot of storage space overhead
in our servers.
* For some images, namely webkit and lvgl images, their respective SDK
packages aren't necessary for the expected development use cases, so it's
perfectly possible to use the qt SDK instead.
Create a separate recipe for a general-use SDK. Said toolchain includes qt5/qt6
packages by default, except for headless platforms. The advantages of this are:
* We only provide one prebuilt SDK per platform, all with the same base
name. The SDK should cover most if not all of the expected development
use cases, and customers are still able to create their own custom SDKs
if needed.
* Having a separate recipe for the toolchain, not tied to a specific image
type, allows us to fine tune its contents without affecting images and
their recipes. With time, we can incorporate new packages as needed.
https://onedigi.atlassian.net/browse/DEL-9297
Signed-off-by: Gabriel Valcazar <gabriel.valcazar@digi.com>
If the power domain is kept on in suspend, do not disable the Bluetooth as
no new initialization is needed.
Signed-off-by: Isaac Hermida <isaac.hermida@digi.com>
In single boot layout the ccmp1 platforms have two UBI devices:
ubi0: Contains uboot_config_r, linux, and recovery.
ubi1: Contains rootfs, data, and update.
The regular expression used for the update partition needs
to be updated to include the ubi1 device, ensuring proper
handling of the update partition.
https://onedigi.atlassian.net/browse/DEL-9387
Signed-off-by: Francisco Gil francisco.gilmartinez@digi.com
Optee client library updated its major version due to a ABI breaking
change:
3eac340a78
This update provides a new build of the trustfence-fscrypt app, linking
to the new version of libteec.
https://onedigi.atlassian.net/browse/DEL-9341
Signed-off-by: Javier Viguera <javier.viguera@digi.com>
Upon a p2p link, an auxiliar iface "p2p-iface-[0-9]" is created. If
it is not specified to the wpa_cli command, a different interface may
be used (eg, wlan0), leading to a failure.
Make the script more robust by detecting the new interface.
Signed-off-by: Isaac Hermida <isaac.hermida@digi.com>
Commit 998598415a moved this logic to the
trustfence.bbclass file, but in doing so, it removed the TRUSTFENCE_SIGN check
it used to have. The check is needed for two reasons:
* The signing of SWU packages only occurs when TRUSTFENCE_SIGN is enabled, so
there's no need to copy the key if it's disabled
* When building a project from scratch that has Trustfence enabled but
TRUSTFENCE_SIGN disabled, a PKI is never generated and the key doesn't exist.
Because of this, the key won't be found and an error will occur. Note that
if your project is already pointing to a populated PKI, the error won't
happen, only if there's no PKI to begin with.
Although the PKI is guaranteed to exist by the time the rootfs is populated,
make sure to check that it has been properly generated and create it if it
doesn't exist. This logic depends on the trustfence-gen-pki.sh from
trustfence-sign-tools-native, so add it as a dependency for
dey-image-recovery-initramfs. The dependency is already there for another
feature in the dey-image recipes, so simply reflect this new dependency in a
comment.
Signed-off-by: Gabriel Valcazar <gabriel.valcazar@digi.com>
(cherry picked from commit 8e52c27d5a8e8071c3a17754e91c1819bcceee15)
When it comes to inheriting this qt bbclass, we used to do so for every image
inheriting the "dey-image" bbclass that had "dey-qt" in its IMAGE_FEATURES. In
theory, only dey-image-qt follows these requirements.
However, starting in DEY 3.0, we added support for multiple graphical images,
all of them sharing the same characteristics save for a defining IMAGE_FEATURE.
To implement this, all images have the IMAGE_FEATURE "dey-${GRAPHICAL_CORE}",
with GRAPHICAL_CORE having a default value of "qt" and being overwritten in
each image recipe with its respective value: "qt", "webkit", "crank" or "lvgl".
The problem is that, when checking whether to inherit populate_sdk_qt[5/6] or
not, it's still very early in the recipe parsing process and GRAPHICAL_CORE
still has its default value of "qt", meaning the "dey-qt" IMAGE_FEATURE is
considered present for all graphical images. In turn, this results in qt
packages being included in all graphical image SDKs.
Move the inherit clause to the dey-image-qt recipe and remove the check so
that the qt packages only get installed in the dey-image-qt SDK.
Signed-off-by: Gabriel Valcazar <gabriel.valcazar@digi.com>
(cherry picked from commit 593ff866578e6d341ec4d8a09581922c6390e2a4)
Commit 99f1425340 ("image-buildinfo: Improve and extend to SDK coverage too")
in the Poky layer changes the name of the default build information file from
"build" to "buildinfo", so this commit reflects this change by adapting the
sysinfo script.
Signed-off-by: Arturo Buzarra <arturo.buzarra@digi.com>
Our distribution is Digi Embedded Yocto (DEY), so use that to mark the
upstream status of the patches in our layer.
Signed-off-by: Javier Viguera <javier.viguera@digi.com>
These recipes install binaries inside of /sbin, which causes QA errors when
usrmerge is enabled in DISTRO_FEATURES. Said feature is now required for
Yocto 5.0's version of systemd, so keep using the same versions of the tools
and simply move the binaries to /usr/sbin if needed.
https://onedigi.atlassian.net/browse/DEL-9011
Signed-off-by: Gabriel Valcazar <gabriel.valcazar@digi.com>
While at it, add the "Upstream-Status" tag to the patches to avoid QA errors
https://onedigi.atlassian.net/browse/DEL-9011
Signed-off-by: Gabriel Valcazar <gabriel.valcazar@digi.com>
A preprocessed *.h Digi logo file was used for the psplash.
The psplash recipe from Poky admits a PNG file as input and
does the conversion automatically.
Use a Digi PNG logo and set it using SPLASH_IMAGES variable.
This way, it is easier for users to substitute with their own
logos.
Signed-off-by: Hector Palacios <hector.palacios@digi.com>
https://onedigi.atlassian.net/browse/DEL-9239
This commit fixes a build issue by including the procps recipe which also
installs the sysctl.conf file. Since adding this config file in base-file
recipe is something custom from DEY, we include this file only for "dey"
distribution to avoid conflicts.
Signed-off-by: Arturo Buzarra <arturo.buzarra@digi.com>
Some wifi-related functionality was enabled on ccimx93 overrides. The
ccimx91 also needs this functionality but it was not being applied as
the overrides were only for ccimx93.
Generalize the overrides for ccimx9.
https://onedigi.atlassian.net/browse/DEL-9214
Signed-off-by: Javier Viguera <javier.viguera@digi.com>
This commit fixes build issues with optimization=plain.
commit: ec35091c8a358aacbf787afb2bfab6a0996031ed
Signed-off-by: Mike Engel <Mike.Engel@digi.com>
This commit adds a compiler flag to remove certain options from the
recovery-utils, because some features rely on functionality that is
not supported by the CCMP1 platforms.
https://onedigi.atlassian.net/browse/DEL-9116
Signed-off-by: Mike Engel <Mike.Engel@digi.com>
This commit adds the initramfs into the FIT recovery
image. If the RAM disk image is included in the FIT
image we need to create a initramfs file that doesn't
include the u-boot header, because the FIT descriptor
contains all the necessary information to use the
initramfs file.
https://onedigi.atlassian.net/browse/DEL-9168
Signed-off-by: Mike Engel <Mike.Engel@digi.com>
This commits adds the CCMX91 platform to the DEY
build system. Furthermore, it creates generic ccimx9
support to be used for the CCiMX91 and CCiMX93
platform.
https://onedigi.atlassian.net/browse/DEL-9106
Signed-off-by: Isaac Hermida <isaac.hermida@digi.com>
Signed-off-by: Mike Engel <Mike.Engel@digi.com>
In legacy NAND platforms like the ccimx6ul, it's possible to use a single-MTD
configuration with dualboot disabled, which allows access to the functionality
provided by the recovery partition. However, the partition encryption feature
requires a multi-MTD configuation, so said feature shouldn't be accessible in
this case.
Prevent access to partition encryption in a single-MTD system by:
* Adding the "system" partition to the partition blacklist in both the
recovery-utils library and the recovery initscript.
* Checking the "singlemtdsys" environment variable before using any
functionality related to partition encryption.
Signed-off-by: Gabriel Valcazar <gabriel.valcazar@digi.com>
Currently, when wiping the update volume via the recovery partition on a
ccimx6ul with singlemtdsys enabled, the procedure fails with this error:
[RECOVERY] Starting recovery...
[RECOVERY] Wipe 'update' partition requested
[RECOVERY] Formatting 'update' ubi volume
ubi0 error: ubi_open_volume.part.0: cannot open device 0, volume 3, error -16
ubiupdatevol: error!: cannot open "/dev/ubi0_3"
error 16 (Device or resource busy)
This is because the logic used to unmount a volume before formatting it is
expecting this entry format when running "mount":
ubi0:update on /mnt/update type ubifs
While this is the format of the "mount" output in userspace for the rootfs
volume, other trivial volumes have this format instead:
ubi0_3 on /mnt/update type ubifs
Adapt the logic to this format so that the "update" volume wipe procedure can
take place.
Signed-off-by: Gabriel Valcazar <gabriel.valcazar@digi.com>
Add also 'e2fsprogs-tune2fs' to the image, as busybox's version of
tune2fs command does not support setting the "encrypt" feature of the
EXT4 filesystem.
Signed-off-by: Mike Engel <Mike.Engel@digi.com>
Signed-off-by: Javier Viguera <javier.viguera@digi.com>
This commit adds real time test tools to the system.
The hwlatedetct is a program that controls the kernel
hardware latency detector module. This is used to detect
large system latencies independent of Linux itself.
The rt-tests package is a test suite that includes the cyclictest
tool to measure the difference between a thread's intended
wake-up time and the time at which it actually wakes up.
Signed-off-by: Mike Engel <Mike.Engel@digi.com>
This commit fixes a build issue using meta-digi layer with a different distro
than "dey". Also simplified the bbappend to avoid creating a custom
do_patch_png() task before do_configure().
Reported-by: Stephan Klatt <skladd@users.noreply.github.com>
Signed-off-by: Arturo Buzarra <arturo.buzarra@digi.com>
There are some cases in which the loading of the Wi-Fi modules may be
problematic due to timing conditions:
- when a suspend operation in progress is aborted
- when Bluetooth is disabled
The Wi-Fi needs some time for the system to be ready before loading the
modules.
This commit:
- Stops the Bluetooth before bringing down the Wi-Fi on suspend
- Starts the Bluetooth (or adds a small delay) before bringing up the
Wi-Fi on resume
- Reworks the way the resume operations are programmed, to do them in
reverse order (first load the Wi-Fi modules, then bring the interfaces
up (if required). It does so by appending/prepending actions into a
variable and dumping the contents finally to a temp file.
Signed-off-by: Hector Palacios <hector.palacios@digi.com>
The ccimx6ul is the only platform that doesn't include a desktop backend in the
LVGL image, so remove the desktop backend suffix from the image's name. This
affects the image name itself, the corresponding SWU package and the
installation scripts.
Signed-off-by: Gabriel Valcazar <gabriel.valcazar@digi.com>
LVGL graphical library has support for different backends, in the case of the
ccimx6ul we use the fbdev directly, so we don't need the x11 support.
This commit removes x11 support for the ccimx6ul platform for the
dey-image-lvgl image.
Signed-off-by: Arturo Buzarra <arturo.buzarra@digi.com>
When switching off the 3.3V supply from the Wi-Fi during suspend,
around a 10% of the times, when resuming the Wi-Fi driver fails to load.
It was verified that a rebind operation over the mmc interface (which
eventually calls the script that loads the Wi-Fi module) makes it
load successfully, which denotes a timing issue during resume.
Adding a small delay on the resume operation before running the script
makes the Wi-Fi driver load at the first try.
Signed-off-by: Hector Palacios <hector.palacios@digi.com>
https://onedigi.atlassian.net/browse/DEL-8821
We removed this package from the recovery initramfs, but it was getting added
as a recommendation to the trustfence initramfs as well.
Signed-off-by: Gabriel Valcazar <gabriel.valcazar@digi.com>
This package is purely vestigial and hasn't been used at all in any of our
initramfs images for over 7 years. It was used in the first implementation
of the trustfence initramfs (commit 4dd7d438af)
to securely erase the key used by cryptsetup, but two weeks later, that logic
was moved to trustfence-tool (commit a8c50c16ea)
and "wipe" was no longer needed. However, the package remained in the
dependencies of the trustfence initramfs, which were then used as reference for
the recovery initramfs, even though this initramfs didn't even need "wipe" to
begin with.
Removing this package saves 30.8 KiB in the ccimx6ul recovery image.
https://onedigi.atlassian.net/browse/DEL-8819
Signed-off-by: Gabriel Valcazar <gabriel.valcazar@digi.com>
This is added as a recommendation for libcrypto and only contains legacy
ciphers which are deemed outdated or unsafe. If any of the packages in the
image actually required this module, they would depend on it explicitly, but
this isn't the case. This saves 66.8 KiB on the ccimx6ul recovery image.
https://onedigi.atlassian.net/browse/DEL-8819
Signed-off-by: Gabriel Valcazar <gabriel.valcazar@digi.com>
We were using the .cfg suffix for both the build-time config fragments and the
runtime configuration file. During do_configure(), all files in SRC_URI ending
in .cfg were being merged together to create the final build configuration,
including said runtime file, which has a completely different syntax. In most
cases, the contents of this file were being ignored, but when tweaking
swupdate's configuration and re-building the package, sometimes strange errors
would prevent the build from finishing.
Change the runtime file's suffix entirely to separate it from the config
fragments and prevent it from being treated as such, and reflect the name
change in the defconfig and the recovery script.
Signed-off-by: Gabriel Valcazar <gabriel.valcazar@digi.com>
Commit 7e81e706a1 modified the logic used to
determine if a NAND is using multi-MTD or single-MTD, but single quotes were
used in the grep pattern, which prevents the variable inside from expanding.
This makes the script always enter the single-MTD code path, even in multi-MTD
systems, which breaks partition formatting in these cases.
Replace the single quotes with double quotes so the variable can expand and the
condition can be properly checked.
https://onedigi.atlassian.net/browse/DEL-8773
Signed-off-by: Gabriel Valcazar <gabriel.valcazar@digi.com>
The swupdate recipe installs by default a systemd service
and a socket to listen for updates coming from a web server.
DEY only makes use of such service during on-the-fly updates from Cloud
Connector web service.
The default swupdate service fails on images with TrustFence because it's
called with no arguments and there doesn't exist a configuration file.
This commit installs a default configuration file and, if TrustFence is
enabled, sets the parameter 'public-key-file' to point to the public
certificate to use to authenticate SWU packages.
While on it, it removes the same file from the recovery-initramfs recipe
that was the only recipe that was adding such config file for recovery
images only.
Signed-off-by: Hector Palacios <hector.palacios@digi.com>
Gabriel Valcazar
Isaac Hermida
Francisco Gil
Javier Viguera
Arturo Buzarra
Hector Palacios
Mike Engel