wiki:general:software_arch
Differences
This shows you the differences between two versions of the page.
| Both sides previous revision Previous revision Next revision | Previous revision | ||
|
wiki:general:software_arch [2019/09/25 16:09] ghi |
wiki:general:software_arch [2022/10/24 15:36] (current) ehe [KerOS] |
||
|---|---|---|---|
| Line 1: | Line 1: | ||
| ====== Software architecture ====== | ====== Software architecture ====== | ||
| + | |||
| + | ===== Mapping ===== | ||
| + | |||
| + | {{:images:mapping_architecture_4.3.png?1000|}} | ||
| ===== Linux distribution ===== | ===== Linux distribution ===== | ||
| Line 5: | Line 9: | ||
| ==== KerOS ==== | ==== KerOS ==== | ||
| - | The Wirnet™ Productline gateways software is running on a iMx6 Solox processor (ARM processor). The Linux distribution embedded is generated by Kerlink and named KerOS. | + | The Wirnet™ i-series gateways software is running on a iMx6 Solox processor (ARM processor). The Linux distribution embedded is generated by Kerlink and named KerOS. |
| The different file systems are listed in the following table: | The different file systems are listed in the following table: | ||
| ^ Device ^ Mount point ^ Size ^ Format ^ Usage ^ Recommendations ^ | ^ Device ^ Mount point ^ Size ^ Format ^ Usage ^ Recommendations ^ | ||
| - | ^ eMMC| / | 6GB | **OverlayFS (R/W)**| system | system binaries/libraries | | + | ^ eMMC| /user | 6GB<fc #ff0000>*</fc> | ext4 (R/W)| user application | Application binaries, data files, logs | |
| - | ^ eMMC| /user | 6GB | ext4 (R/W)| user application | Application binaries, data files, logs | | + | |
| + | <fc #ff0000>*</fc>For Wirnet iZeptoCell the emmc ''/user'' size is 2GB. \\ | ||
| Rootfs is mounted using the [[https://www.kernel.org/doc/Documentation/filesystems/overlayfs.txt|OverlayFS]] file system. An overlay-filesystem tries to present a filesystem which is the result over overlaying one filesystem on top of the other.\\ | Rootfs is mounted using the [[https://www.kernel.org/doc/Documentation/filesystems/overlayfs.txt|OverlayFS]] file system. An overlay-filesystem tries to present a filesystem which is the result over overlaying one filesystem on top of the other.\\ | ||
| Line 32: | Line 37: | ||
| KerOS distribution includes the OPKG package manager to process software and firmware updates. \\ | KerOS distribution includes the OPKG package manager to process software and firmware updates. \\ | ||
| - | Update packages must respect the ''.ipk'' file format. The specific way of deploying ''ipk'' packages on the Wirnet Productline gateways is described in the [[wiki:keros_custo:sw_updates|Software Update page]]. | + | Update packages must respect the ''.ipk'' file format. The specific way of deploying ''ipk'' packages on the Wirnet i-series gateways is described in the [[wiki:keros_custo:sw_updates|Software Update page]]. |
| <note important> | <note important> | ||
| - | Due to security mechanisms, ''opkg install'' command must not be used on the Wirnet Productline gateways. \\ | + | Due to security mechanisms, ''opkg install'' command must not be used on the Wirnet i-series gateways. \\ |
| Package installation at runtime is not indicated. \\ | Package installation at runtime is not indicated. \\ | ||
| - | Wirnet Productline gateways dedicated software update process is described in the [[wiki:keros_custo:sw_updates|software update]] section. | + | Wirnet i-series gateways dedicated software update process is described in the [[wiki:keros_custo:sw_updates|software update]] section. |
| </note> | </note> | ||
| ===== TrustZone ===== | ===== TrustZone ===== | ||
| - | Wirnet Productline gateways embedds the TrustZone™ security feature provided by ARM microprocessors.\\ | + | Wirnet i-series gateways embedds the TrustZone™ security feature provided by ARM microprocessors.\\ |
| The TrustZone technology is used to run a trusted boot and a trusted OS to create a Trusted Execution Environment.\\ | The TrustZone technology is used to run a trusted boot and a trusted OS to create a Trusted Execution Environment.\\ | ||
| A Trusted Execution Environment (TEE) is a secure area inside a main processor. It runs in parallel of the operating system, in an isolated environment. TrustZone from ARM is an hardware technology that can be used to support TEE implementations. | A Trusted Execution Environment (TEE) is a secure area inside a main processor. It runs in parallel of the operating system, in an isolated environment. TrustZone from ARM is an hardware technology that can be used to support TEE implementations. | ||
| - | The Wirnet Productline gateways trusted OS is ProvenCore, from Prove&Run. | + | The Wirnet i-series gateways trusted OS is ProvenCore, from Prove&Run. |
| The OpenVPN / IPSEC local secrets are secured by the ProvenCore trusted OS. \\ | The OpenVPN / IPSEC local secrets are secured by the ProvenCore trusted OS. \\ | ||
wiki/general/software_arch.1569420571.txt.gz · Last modified: 2019/09/25 16:09 by ghi
