Wandboard

Wandboard is a community-based ARM Board, which comes in three different versions. IPFire supports all of them.

Technichal data

  • CPU: Freescale i.MX6 (amount of cores depends on used board)
  • RAM: 512MB up to 2GB (depends on used board)
  • Storage: 2 MMC card slots
  • 1x GigaBit LAN
  • 1x USB 2.0 HiSpeed
  • 1x eSATA 2.0 (3Gbit) - only wandboard quad
  • 1x 802.11 b/g/n WLAN (need firmware) currently not working
  • 1x Bluetooth 2.1 EDR (need firmware) currently not working
  • 1x RS-232 serial port

https://www.wandboard.org/details

Please note that the HDMI output is not working, you'll have to connect it via a serial port. At the moment we are also lacking support for the onboard WLAN interface.

Hardware Random Number Generator

The Wandboard comes with an onboard Hardware Random Number Generator (HWRNG) and a crypto-chip which accelerates some algorithms. (Details). Currently, IPFire neither recognizes nor uses them.

The cryptographic performance of the Wandboard Quad is more or less the following:

[root@firewall ~]# openssl speed aes-128-cbc aes-256-cbc camellia-128-cbc camellia-256-cbc
Doing aes-128 cbc for 3s on 16 size blocks: 2113745 aes-128 cbc's in 3.00s
Doing aes-128 cbc for 3s on 64 size blocks: 568650 aes-128 cbc's in 3.00s
Doing aes-128 cbc for 3s on 256 size blocks: 145150 aes-128 cbc's in 3.01s
Doing aes-128 cbc for 3s on 1024 size blocks: 36218 aes-128 cbc's in 2.99s
Doing aes-128 cbc for 3s on 8192 size blocks: 4550 aes-128 cbc's in 3.00s
Doing aes-256 cbc for 3s on 16 size blocks: 1594226 aes-256 cbc's in 3.00s
Doing aes-256 cbc for 3s on 64 size blocks: 420192 aes-256 cbc's in 3.00s
Doing aes-256 cbc for 3s on 256 size blocks: 106781 aes-256 cbc's in 3.00s
Doing aes-256 cbc for 3s on 1024 size blocks: 26858 aes-256 cbc's in 3.00s
Doing aes-256 cbc for 3s on 8192 size blocks: 3365 aes-256 cbc's in 3.00s
Doing camellia-128 cbc for 3s on 16 size blocks: 2916450 camellia-128 cbc's in 3.00s
Doing camellia-128 cbc for 3s on 64 size blocks: 808074 camellia-128 cbc's in 2.99s
Doing camellia-128 cbc for 3s on 256 size blocks: 208631 camellia-128 cbc's in 3.00s
Doing camellia-128 cbc for 3s on 1024 size blocks: 52637 camellia-128 cbc's in 3.00s
Doing camellia-128 cbc for 3s on 8192 size blocks: 6591 camellia-128 cbc's in 3.00s
Doing camellia-256 cbc for 3s on 16 size blocks: 2393880 camellia-256 cbc's in 3.00s
Doing camellia-256 cbc for 3s on 64 size blocks: 648481 camellia-256 cbc's in 3.00s
Doing camellia-256 cbc for 3s on 256 size blocks: 166636 camellia-256 cbc's in 3.00s
Doing camellia-256 cbc for 3s on 1024 size blocks: 41958 camellia-256 cbc's in 3.00s
Doing camellia-256 cbc for 3s on 8192 size blocks: 5256 camellia-256 cbc's in 2.99s
OpenSSL 1.0.2e 3 Dec 2015
built on: reproducible build, date unspecified
options:bn(64,32) md2(int) rc4(ptr,char) des(idx,cisc,16,long) aes(partial) blowfish(ptr)
compiler: gcc -I. -I.. -I../include  -fPIC -DOPENSSL_PIC -DZLIB_SHARED -DZLIB -DOPENSSL_THREADS -D_REENTRANT -DDSO_DLFCN -DHAVE_DLFCN_H -DSSL_FORBID_ENULL -O2 -pipe -Wall -Wp,-D_FORTIFY_SOURCE=2 -fexceptions -fPIC -fstack-protector-all --param=ssp-buffer-size=4 -march=armv5te -mfloat-abi=soft -fomit-frame-pointer -DPURIFY -Wall
The 'numbers' are in 1000s of bytes per second processed.
type             16 bytes     64 bytes    256 bytes   1024 bytes   8192 bytes
aes-128 cbc      11273.31k    12131.20k    12344.98k    12403.76k    12424.53k
aes-256 cbc       8502.54k     8964.10k     9111.98k     9167.53k     9188.69k
camellia-128 cbc    15554.40k    17296.57k    17803.18k    17966.76k    17997.82k
camellia-256 cbc    12767.36k    13834.26k    14219.61k    14321.66k    14400.39k
[root@firewall ~]# uptime
 17:53:49 up 15:04,  1 user,  load average: 0.70, 0.29, 0.20

Bluetooth & Wireless

To use the Bluetooth/wlan modul you need to copy the firmware from /lib/firmware/brcm/* from the official wandboard develoment kit.

Since Linux 3.18 the brcm firmware detection and load seems to be broken, IPFire 2.17 uses them as backport drivers, so currently WLAN on wandboard is not useable.

How to install IPFire on Wandboard

Download the latest IPFire ARM Image with serial console from thedownload section, uncompress it and write the image to your SD card. How to perform this can be obtained from How to write a flash image to disk?

Install the Bootloader

The next step will be to install the required u-boot bootloader. All required bootloaders of supported ARM boards are located in the IPFire ARM images.

To access them the SD card has to be unplugged and plugged to the system again. Mount the IPFire root and boot filesystems to desired locations. Furthermore the location to those points will be named as or, for all remaining parts of this text.

Navigate into the/usr/share/u-boot/ directory. Here you can find all u-boot images, but only the "wandboard_quad" one is required. Install this image to your SD card by using:

dd if=wandboard_quad/u-boot.imx of=/dev/sdX bs=1k seek=1

Please note to change the "sdX" to the correct device name!

Create the u-boot configuration

Now we are going to create the u-boot configuration. Therefore navigate into your directory and copy the following content to a new file calledboot.script.

fatload mmc 0:1 0x11500000 zImage-ipfire-multi
fatload mmc 0:1 0x32000000 uInit-ipfire-multi
fatload mmc 0:1 0x11200000 dtb-3.14.33-ipfire-multi/imx6q-wandboard.dtb
setenv bootargs console=ttymxc0,115200n8  smsc95xx.macaddr=$usbethaddr root=/dev/mmcblk0p3 ro
bootz 0x11500000 0x32000000 0x11200000

Please modify the kernel information to the used kernel version. Also the useddtb file needs adjusted when using a different wandboard than the quad.

The next part will be to create a new file calledconvert_bootscript.sh with the following content or directly execute it:

mkimage -A arm -T script -d boot.script boot.scr

Now we are ready to go, simple execute the previously created script with:

bash convert_bootscript.sh

Pakfire automatically executes a custom script (if any) for bootloader updating purposes after an upgrade. Copy the following lines to/pakfire-kernel-update:

filename = pakfire-kernel-update

#!/bin/bash

#  wandboard_update_bootloader.sh

# NOTE: script optimized for automatic processing
logger "wandboard bootloader update script: INFO: now running...";

# first, set some parameters...
# NOTE: if anything is different from defaults (i.e. other filenames), please change the parameters below!
inputbootscript="/boot/boot.script"; # the input file path
inputbootscriptfilename="boot.script"; # input file name
outputbootscr="/boot/boot.scr"; # output file path
outputbootscrfilename="boot.scr"; # input file name
runningkernel=`uname -r`; # the running kernel version (enumerated automatical, no manual change needed)
runningarch=`arch`; # the running architecture, if it's not armv7l, we'll abort

# second, check if we are running on a wandboard; if not, abort...
test -f $inputbootscript;
  if [ "$?" != "0" ];then
  abort="true";
  bootscriptfailed="true";
fi;
test -f $outputbootscr;
  if [ "$?" != "0" ];then
  abort="true";
fi;
  if [ "$runningarch" != "armv7l" ];then
  abort="true";
fi;
  if [ "$bootscriptfailed" != "true" ]; then
  cat $inputbootscript | grep wandboard > /dev/null;
      if [ "$?" != "0" ];then
      abort="true";
    fi;
fi;

# check if we can continue...
if [ "$abort" = "true" ];then
logger "wandboard bootloader update script: ERROR: Aborting due to bad environment.";
exit 1;
fi;

# now everything should fine, so we can work now...
random=`tr -dc A-F0-9 < /dev/urandom | head -c 16 | xargs`; # some random data for a tmp dir...
mkdir /tmp/$random;
cp $inputbootscript /tmp/$random;
cp $outputbootscr /tmp/$random;
mv /tmp/$random/$outputbootscrfilename /tmp/$random/$outputbootscrfilename.orig;

# all we need now is the installed kernel version
# if it is equal to the kernel version we find in boot.script, there is nothing to do...
prrunningkernel=`uname -r | awk -F \- '{ print $1 }'`; # make output useful...

storedkernel=`file /boot/vmlinuz-* | awk 'NR>2{print $1}' | awk -F \- '{ print $2 }'`; # extracting kernel version from file names...

if [ "$prrunningkernel" = "$storedkernel" ];then
# in this case, there is nothing to do...
logger "wandboard bootloader update script: INFO: Stored and running kernel version match. No update needed.";
exit 1;
fi;

mv /tmp/$random/$inputbootscriptfilename /tmp/$random/$inputbootscriptfilename.orig;
touch /tmp/$random/$inputbootscriptfilename;
# writing data into new file...
echo "fatload mmc 0:1 0x11500000 zImage-ipfire-multi" >> /tmp/$random/$inputbootscriptfilename;
echo "fatload mmc 0:1 0x32000000 uInit-ipfire-multi" >> /tmp/$random/$inputbootscriptfilename;
echo "fatload mmc 0:1 0x11200000 dtb-`echo $storedkernel`-ipfire-multi/imx6q-wandboard.dtb" >> /tmp/$random/$inputbootscriptfilename; # insert the version of the stored kernel...
echo 'setenv bootargs console=ttymxc0,115200n8  smsc95xx.macaddr=$usbethaddr root=/dev/mmcblk0p3 ro' >> /tmp/$random/$inputbootscriptfilename;
echo "bootz 0x11500000 0x32000000 0x11200000" >> /tmp/$random/$inputbootscriptfilename;

# new boot.script created, compare it with the old one...
checksumnew=`sha256sum /tmp/$random/$inputbootscriptfilename | awk '{ print $1 }'`;
checksumold=`sha256sum /tmp/$random/$inputbootscriptfilename.orig | awk '{ print $1 }'`;
if [ "$checksumnew" = "$checksumold" ];then
# in this case, something is wrong!
logger "wandboard bootloader update script: ERROR: Checksums of old and new $inputbootscriptfilename match!";
logger "wandboard bootloader update script: FATAL: New file equals old one. Please check manuallly. Quitting.";
exit 1;
fi;

mkimage -A arm -T script -d /tmp/$random/$inputbootscriptfilename /tmp/$random/$outputbootscrfilename;
# check if mkimage returned an error...
if [ "$?" != "0" ];then

logger "wandboard bootloader update script: ERROR: Compiling process failed. Please check manually. Quitting.";
exit 1;
fi;
# otherwise, everything is fine...

rm -rf $inputbootscript;
rm -rf $outputbootscr;

cp /tmp/$random/$inputbootscriptfilename $inputbootscript;
cp /tmp/$random/$outputbootscrfilename $outputbootscr;

# now the new files are located in /boot, cleaning up...
rm -rf /tmp/$random;

logger "wandboard bootloader update script: SUCCESS: Script done, please reboot your system for applying the changes.";
exit 0;

Mark the script as executable by typing

chmod +x pakfire-kernel-update

Whenever an update in installed, the script will compare the stored kernel in /boot and the running kernel (via uname -r). If they are different to each other, a new kernel version has been written to disk and theboot.scr file needs to be updated. After the script did this, it will leave a notice in the system log and quit.

Fix Serial Console Login (Bugfix)

FIXME Remove this section when the bug has been fixed in one of the comming releases.

The current IPFire images have a bug which prevents from log into the system by using the serial port. To fix this simple execute the following command:

echo "ttymxc0" >> <ipfire-root>/etc/securetty

The tricky parts are done, as final steps the mounted filesystems needs to be umounted again and the SD card has to be plugged into your wandboard.

After switching on the wandboard, it can be accessed by using the serial console with a baut-rate of 115200 (default).

Edit Page ‐ Yes, you can edit!
Last changed by Jon, September 6, 2019 View Older Revisions