Linux Users Group Bulgaria annual meeting is April 6th in Plovdiv

Linux Users Group is annual meeting of people who use and develop with Linux in Bulgaria. The LUG-BG meeting this year is on 6th of April in Plovdiv. The web page of the meeting is here.

I signed for discussion about how to make one ARM Linux system tamper proof.

This is topic which is very interesting for all our OLinuXino customers. OLinuXino is used in many industrial product and machines and the designers want to be sure that no one except them can change the Linux image as these machines pass safety approvals etc and any intervention in the code is illegal.

The Allwinner SoCs do have TrustZone support and also crypto hardware to support a secure boot path for it, but parts of the ARM TrustZone specifications is under NDA and no one has seen it. The secure boot paths are also undocumented. Last time I attempt to receive any useful information about this I got reply: A20 is 5 years old processor and we do not offer technical support for the old processors, when I asked them for info how TrustZone and Secure boot is implemented in their newer processors I didn’t got any reply. My guess is this is something licensed from ARM which they never used so can’t support.

Currently all Allwinner SOC boot without using TrustZone and Secure boot path, they has so caller BROM a small code located in SOC ROM, which initializes the memory and processor registers with some safe values then try to boot from different peripherals. If UBOOT GPIO is held low they enter FEL mode where you can type some commands and load code via USB, else they try to boot from SD-CARD, if fails then try -> internal NAND Flash if fails then try -> SD-CARD2/eMMC, if fails then try -> SPI Flash, if all fails it go in FEL mode.

This is done intentionally so you can never brick your board if internal NAND or EMMC or SPI Flash get corrupted you can always boot from SD-card or USB and replace the image. This of course is big security hole, as anyone with physical access to your board can always replace your images with his own.

The TrustZone and Secure boot path solve this issue, but no one has documentation how this is done on Allwinner SOCs.

I hope to get some interesting ideas how this could be solved, one radical approach is to remove physically the SD-card connectors 🙂

A64-OLinuXino got mainline Linux Kernel 5.0 images

Linux kernel 5.0 was just released and as we were working this week to the release of mainline Linux image for A64-OLinuXino (as till now it has the ugly android based 3.10 kernel) we decided to release latest kernel.

The images are available on our FTP.

There are two images Debian headless or Ubuntu desktop.

Known issues with these images:

• LCDs are not supported yet, HDMI output is only available, we need one more week to figure out how to automatically detect if the Ethernet or LCD are enabled (there is jumper on the board which switch between LCD or Ethernet as both share pins and can’t work together). So to make the DTS configurations  automatic at boot time.
• eMMC do not work in the fastest possible mode yet. We need some time, right now 50MB/s is the max speed to read write instead of 100-200MB/s which the installed eMMC supports, we will update the image soon with HS200/400 modes enabled.
• No CPU thermal. A64 has 3 thermal zones – CPU, GPU0 and GPU1. The driver doesn’t support monitoring them.

How to build the images is explained here.

Mainline Linux Kernel 5.0 images for A13, A20 and A33 OLinuXino and SOMs is in progress.

TERES-I Open Source Hardware Laptop has new experimental Armbian Mainline Linux image for download

We uploaded few days ago Armbian experimental mainline linux image for TERES-I on our ftp.

There are still few known issues which we work on, but we wanted to upload this experimental image so other people can start playing with.

What is new?

• eMMC now run x3 times faster which improves the overall user experience.
• OpenGL with LIMA

Known issues:

• Automatically turns on upon applying power via the PWR_JACK, we need time to patch mainline uboot
• No sleep or suspend, WIP.
• Bluetooth not working out-of-the-box – fixed in Olimex release if you install the package
  ftp://staging.olimex.com/Allwinner_Images/A64-Teres/linux/armbian_experimental/teres-bluetooth_0.2-1_arm64_armbian.deb
  with command:

  dpkg -i teres-bluetooth_0.2-1_arm64_armbian.deb

• Keyboard LEDs not working – fixed in Olimex release – install the package

  ftp://staging.olimex.com/Allwinner_Images/A64-Teres/linux/armbian_experimental/teres1-ledctrl_0.1-1_armbian_arm64.deb

  with command:

  dpkg -i teres1-ledctrl_0.1-1_armbian_arm64.deb

• The LCD brightness is low by default (20%) – fixed in Olimex release – to increase it type in the console

  echo 9 > /sys/class/backlight/backlight/brightness

• no video player acceleration, to be fixed in the next release planned for 22.02.2019

 

Rockchip is releasing low power SOC with NPU targeting deep learning.

We are hacking cheap Chinese soldering robot aiming to make it usable with camera fiducials and solder joint inspection. I shared some info on Hackaday 2018 Belgrade conference.

As we want to make the robot easy to use we are looking around for capable SOC with Deep Learning capability. It seems the only embedded available solution now is nVidia.

Allwinner has put in their V5 SOC info about AI and Trensorflow support, but looking at info for the only available board on the market it looks just statement and no actual implementation.

The AI they advertise looks more like OpenCV / Tensorflow lite libraries using the V5 GPUs, but not real NPU.

Rockchip seems to be this time a little bit ahead of Allwinner and has released RK1808 and RK3399pro SOCs.

Some info also start to appear in their rockchip-linux repositories.

We got RK1808 brief datasheet and here are the SOC internals:

• Dual core Cortex-A35
• Internal 2MB SRAM
• DDR 32-bit data width, 2 ranks max 2GB of DDR3/DDR3L/LPDDR3/LPDDR3L -1600
• Neural Process Unit with 512KB internal buffer and Support for: max 1920 Int8, max 192 Int16 and max 64 FP16 MAC operations per cycle
• eMMC 4.5 1-4-8 bit max 150MB/s
• SD/MMC support
• SPI Flash x1-4-8 data
• video encoder/decoder up to 1080p
• video input DPI 8-10-12-16 bit up to 150MB/s
• camera input MIPI CSI up to 4 data lane, 2.0Gbps, MIPI-HS, MIPI-LP
• LCD RGB 8/8/8 up to 1280×800@60fps
• MIPI DSI 1920×1080 up to 4 data lane, 2.0GbpsA
• Audio I2S
• Gigabit Ethernet
• USB2.0 HOST/OTG
• USB3.0 5Gbps
• PCIe 1/2 links with 2.5Gbps per link
• SPI, I2C, UART
• x4 10bit SAR ADC 1Msps
• -40+125C operating temperature, targeting automotive and industrial vision apps

This chip is definitely not hobby friendly with FCCSP 420 0.3mm balls spaced at 0.5/0.35mm!

Price info is not available yet. First evaluation boards will be ready end of March 2019. Rockchip will sell SDK with the NPU API also at unknown yet price.

Rockchip also upgraded their RK3399 including inside RK1808 and naming it RK3399Pro.
They keep the same RK3399 ball layout, so people who already made RK3399 boards can upgrade with RK3399Pro without changing lot on their PCB layout.

How they do it? They bond RK1808 in the same package and connect RK3399 with RK1808 via USB3.0 this is why RK3399Pro has NO externally available USB3.0:

How they will manage power dissipation when they put together two quite power hungry chips is yet to be seen. RK3399 alone requires quite big heatsink as it dissipates up to 20W when the Cortex-A72 cores are running.

Working with A20 OLinuXino or SOM GPIOs when using new Armbian based A20 universal Linux image

A20 GPIO ports are 32 bit registers listed in alphabetical order PA, PB, PC, PD, PE, PF, PG, PH, PI.

In Armbian GPIO ports are numbered from 0 to 287 corresponding from PA0 to PI31.

The GPIO number is calculating using this formula:

gpioNumber = (Port Letter - 'A') * 32 + pinNumber

 

For instance GREEN STATUS LED on A20-OLinuXino-LIME2 is connected to port PH2. This will correspond to GPIO number:

('H'-'A' = 7) * 32 + 2 = 226

 

All GPIO operations in shell should be made as super user. First we have to register the gpio in the Linux Kernel with this command:

sudo echo 226 > /sys/class/gpio/export

 

to check if we did registered this gpio successfully we use ls command:

sudo ls /sys/class/gpio

 

If you did everything correctly you will see gpio226 listed.

Then you have to specify what will be this GPIO input or output. This is done with writing “in” or “out” in gpioxx direction directory. In this case we want to drive the STATUS LED so we have to make it output:

sudo echo out > /sys/class/gpio/gpio226/direction

 

Once we set the GPIO as output we can write 1 or 0 to it’s value and this will make GPIO port to supply 3.3V when 1 is written or 0V when 0 is written.

To switch the LED on we have to write 1:

sudo echo 1 > /sys/class/gpio/gpio226/value

 

Yay the green LED is now lighting. If we want to switch it off we have to write 0:

sudo echo 0 > /sys/class/gpio/gpio226/value

 

To read the GPIO state it has to be set as input first with the command:

sudo echo in > /sys/class/gpio/gpioXXX/direction

 

where XXX is GPIO port number calculated as described above. Then to read the GPIO state you use this command:

sudo cat /sys/class/gpio/gpioXXX/value

the result will be 0 if the GPIO voltage is between 0.0-1.0V and 1 if the voltage is between 2.3-3.3V. If the voltage on the GPIO is between 1.0 and 2.3V the attempt to read will return randomly value 0 or 1.

Be careful when playing with the GPIO ports, some of them are wired to important peripherials like LCD, Ethernet, USB, SATA etc and writing bad values may break the functionality or even damage the board. Test your knowledge on GPIOs which are not connected to anything is best approach.

We are prepare now new version of PyA20 Python module which will add access to GPIO, SPI, I2C, Serial resources of A20 directly from Python code to work with the new universal A20 Armbian Linux image.

EDIT 2019-01-25 14:24:

We got question how fast is the access to the GPIOs via shell. Sure it’s not fast and made just for slow processes like switching on and off relays, or polling status of buttons or sensors which do not change often their state. Running this code below:

nano toggle_led_lime2.sh

 

Enter inside the file this code:

#!/bin/bash
# the lime2 led is PH2 - 32*(8-1) + 2 = 226

echo 226 > /sys/class/gpio/export
echo out > /sys/class/gpio/gpio226/direction
while [ 1 -eq 1 ]
do
echo 1 > /sys/class/gpio/gpio226/value
echo 0 > /sys/class/gpio/gpio226/value
done

 

Save and exit, then make executable and run

chmod +x toggle_led_lime2.sh
./toggle_led_lime2.sh

 

We can see square wave with oscilloscope on PH2 with frequency between 3 and 4 kHz. i.e. pulses with high state 125-150uS and low state 125-150uS.

Shell is slow, if we write same code in C:

#include <stdio.h>
#include <fcntl.h>
#include <string.h>
#include <errno.h>
#include <unistd.h>

#define PH2        226    // (32 * 7) + 2
#define GPIO_PATH  "/sys/class/gpio/gpio226/value"

int main() {
    int ret;
    int fd;

    fd = open(GPIO_PATH, O_RDWR);
    if (fd < 0)
        return errno;

    while(1) {
        ret = write(fd, "1", 1);
        ret = write(fd, "0", 1);
    }

    return 0;
}

 

The new code produces square wave with 2.13 us high and low state i.e. approx 235 kHz or about 50 times faster than access via shell.

A20-OLinuXino universal image updated – now supporting our new boards with SPI+eMMC

We just uploaded new A20-OLinuXino universal image at our FTP.

With this image we add support for the new OLinuXino boards with eMMC+SPI.

Few things need some more attention and will be fixed in new image next week: boot from SPI with rootFS on HDD or USB Flash. The new LCD-15.6 eDP display also doesn’t like the new kernel and drivers, but will be fixed too. These are explained in the ISSUES.txt.

The new image also support our new 5″, 7″ and 10″ capacitive touch displays (not on our web for sale yet as still testing) automatically i.e. plug and play and no need to run display script, each time at boot it recognizes the connected display and configure the drivers.

All other peripherals and devices are tested to work with: A20-OLinuXino-LIME, A20-OLinuXino-LIME2, A20-OLinuXino-MICRO, A20-SOM and A20-SOM204.

New univeral A20 image released which works with all our A20 boards and auto detect and configure on boot

We are releasing universal A20 Linux image which will boot and work on all our A20 boards:

• A20-OLinuXuno-LIME
• A20-OLinuXino-LIME2
• A20-OLinuXino-MICRO
• A20-SOM
• A20-SOM204

The image is based on Armbian with modifications necessary to support OLinuXino specific features.

There are two image releases – Ubuntu Bionic Desktop image which is the recommended image for beginners or when you want to evaluate the board’s hardware fully – it has good HDMI, audio support and Debian Stretch Server image which contains no binary blobs but is headless and has poor video and audio support.

Currently, our latest Ubuntu Bionic A20 image uses kernel 4.19.10, or to be more specific:

root@olinuxino:~# uname -a
Linux olinuxino 4.19.10-sunxi #5.65 SMP Tue Dec 18 14:19:16 EET 2018 armv7l armv7l armv7l GNU/Linu

Our Armbian Ubuntu Bionic image can be downloaded from FTP or Torrent.

Our Armbian Debian Stretch image can be download from FTP or Torrent.

Username is according to Armbian documentation: root and password: 1234

Since we have a large array of A20 boards and numerous variants there is auto-detection enabled in the image. Information about the model of the board is stored in the EEPROM of each A20 board that had been recently manufactured and this information is used by the new images to load the proper configuration. The EEPROM contents are described here.

The images can be used with boards from early revisions which has no EEPROM or has EEPROM with wrong content after one time set up of the EEPROM during in the first u-boot of the new image. If you have trouble booting interrupt u-boot by pressing space and type “olinuxino”. An example configuration for manually setting the EEPROM of A20-OLinuXino-LIME-e16Gs16MB hardware revision K is given at the end of the post.

The new images have support for both legacy resistive and new capacitive/resistive touch displays with auto detection feature (please bear with us they are not released yet on the web as we test them). The newer versions of the displays has suffix -CTS for capacitive touch screen and -RTS for resistive touch screen and are offered in 5″, 7″ and 10″ size with different resolutions. These displays are automatically detected by boot and drivers properly configured for them. If the LCDs are not detected HDMI output is only enabled and the image can be configured one time at first boot manually as described in this wiki article.

Please note that mainline Kernel now do not support NAND Flash, so if you wish to boot from the flash memory, consider either using the legacy 3.4.xx images which are still available or switch to A20 boards with eMMC. The eMMC boot is supported via armbian-config (nand-sata-install). Due to lack of reliable eMMC 5.X support by Allwonner boot0 and for future compatibility we are adding 16MB SPI flash for all A20 boards with eMMC, this way the board first boots from the SPI then continue to eMMC with properly set configuration. Allwinner Boot0 can’t handle correctly eMMC 5.X and sometime boot sometimes do not boot, as this is binary blob inside SOC there is nothing we can do than to use SPI boot to fix eMMC boot parameters.

Build instructions for the new images can be found here.

An example configuration for manually setting the EEPROM of A20-OLinuXino-LIME-e16GB hardware revision K is given below:

=> olinuxino 
olinuxino - OLinuXino board configurator

Usage:
olinuxino config info - Print current configuration: ID, serial, ram, storage, grade...
olinuxino config list - Print supported boards and their IDs
olinuxino config erase - Erase currently stored configuration
olinuxino config write [id] [revision] [serial] [mac]
arguments:
[id] - Specific board ID
[revision] - Board revision: C, D1, etc...
[serial] - New serial number for the board
[mac] - New MAC address for the board
Format can be:
aa:bb:cc:dd:ee:ff
FF:FF:FF:FF:FF:FF
aabbccddeeff
olinuxino monitor list - Print supported video outputs
olinuxino monitor set - Set specific LCD

=> olinuxino config list

Supported boards:
----------------------------------------
A20-OLinuXino-LIME - 7739 
A20-OLinuXino-LIME-n4GB - 7743 
A20-OLinuXino-LIME-n8GB - 8934 
A20-OLinuXino-LIME-s16MB - 9076 
T2-OLinuXino-LIME-IND - 9211 
T2-OLinuXino-LIME-s16MB-IND - 9215 
T2-OLinuXino-LIME-e4GB-IND - 9219 
A20-OLinuXino-LIME2 - 7701 
A20-OLinuXino-LIME2-e4GB - 8340 
A20-OLinuXino-LIME2-e16GB - 9166 
A20-OLinuXino-LIME2-n4GB - 7624 
A20-OLinuXino-LIME2-n8GB - 8910 
A20-OLinuXino-LIME2-s16MB - 8946 
A20-OLinuXino-LIME2-e16Gs16M - 9604 
A20-OLinuXino-LIME2-e4Gs16M - 9613 
T2-OLinuXino-LIME2-IND - 9239 
T2-OLinuXino-LIME2-s16MB-IND - 9247 
T2-OLinuXino-LIME2-e4GB-IND - 9243 
A20-OLinuXino-MICRO - 4614 
A20-OLinuXino-MICRO-e4GB - 8832 
A20-OLinuXino-MICRO-e16GB - 9042 
A20-OLinuXino-MICRO-e4GB-IND - 8661 
A20-OLinuXino-MICRO-IND - 8828 
A20-OLinuXino-MICRO-n4GB - 4615 
A20-OLinuXino-MICRO-n8GB - 8918 
A20-OLinuXino-MICRO-s16MB - 9231 
T2-OLinuXino-MICRO-IND - 9223 
T2-OLinuXino-MICRO-s16MB-IND - 9235 
T2-OLinuXino-MICRO-e4GB-IND - 9227 
A20-SOM-n4GB - 4673 
A20-SOM - 7664 
A20-SOM-IND - 8849 
A20-SOM-n8GB - 8922 
A20-SOM-e16GB - 9155 
A20-SOM-e16GB-IND - 9148 
T2-SOM-IND - 9259 
A20-SOM204-1G - 8991 
A20-SOM204-1Gs16Me16G-MC - 8958

=> olinuxino config write 9166 k

Erasing EEPROM configuration...
Writting EEPROM configuration...
Writting MMC configuration...

=> saveenv

Saving Environment to EXT4... Recovery required
update journal finished
done
OK

=> reset