Setups
General information
Wirnet™ iBTS information
Wirnet™ iFemtoCell information
Wirnet™ iFemtoCell-evolution information
Wirnet™ iStation information
System management
Network management
LoRa Features
KerOS customization
Support and resources
Sidebar
wiki:general:software_arch
Table of Contents
Software architecture
Mapping
Linux distribution
KerOS
The Wirnet™ i-series gateways software is running on a iMx6 Solox processor (ARM processor). The Linux distribution embedded is generated by Kerlink and named KerOS.
The different file systems are listed in the following table:
| Device | Mount point | Size | Format | Usage | Recommendations |
|---|---|---|---|---|---|
| eMMC | /user | 6GB* | ext4 (R/W) | user application | Application binaries, data files, logs |
*For Wirnet iZeptoCell the emmc /user size is 2GB.
Rootfs is mounted using the OverlayFS file system. An overlay-filesystem tries to present a filesystem which is the result over overlaying one filesystem on top of the other.
On KerOS, the base layer (lowerdir) is defined by /.rootfs.ro. This base layer is read-only and backed-up. A second layer (upperdir), that override the base layer, is defined under (/user/.rootfs_upper). This second layer is customizable by the user.
The result of these two layers is a fully customizable rootfs with a full backup containing all the original files before they are customized by the user. For further information about the customization backup mechanism, refer to the Sysupgrade process.
Build system
The build system is Yocto. The Yocto Project is a Linux Foundation workgroup whose goal is to produce tools and processes that will enable the creation of Linux distributions for embedded software.
Kerlink doesn’t provide the build system to compile KerOS.
User partition
Applications are recommended to be installed in /user directory.
Cross toolchain
To develop software, Kerlink provides a cross toolchain, libraries and headers necessary to the compilation of customer applicative software.
IPK files
KerOS distribution includes the OPKG package manager to process software and firmware updates.
Update packages must respect the .ipk file format. The specific way of deploying ipk packages on the Wirnet i-series gateways is described in the Software Update page.
Due to security mechanisms,
Package installation at runtime is not indicated.
Wirnet i-series gateways dedicated software update process is described in the software update section.
opkg install command must not be used on the Wirnet i-series gateways. Package installation at runtime is not indicated.
Wirnet i-series gateways dedicated software update process is described in the software update section.
TrustZone
Wirnet i-series gateways embedds the TrustZone™ security feature provided by ARM microprocessors.
The TrustZone technology is used to run a trusted boot and a trusted OS to create a Trusted Execution Environment.
A Trusted Execution Environment (TEE) is a secure area inside a main processor. It runs in parallel of the operating system, in an isolated environment. TrustZone from ARM is an hardware technology that can be used to support TEE implementations.
The Wirnet i-series gateways trusted OS is ProvenCore, from Prove&Run.
The OpenVPN / IPSEC local secrets are secured by the ProvenCore trusted OS.
Information on VPN clients configurations are available in the dedicated page.
TrustZone information on ARM website : https://www.arm.com/products/security-on-arm/trustzone.
wiki/general/software_arch.txt · Last modified: 2022/10/24 15:36 by ehe
