So I have a dispute with Westjet over a trip I took a few months ago. I was trying to get a phone number for their legal dept but “legal@westjet.com” refused to provide me with one. While I’ve been looking for that number I found some other ones that might be useful as they don’t publish a directory.
So good news there is a micro USB port and boot mode jumpers to be able to get the hub into SDP mode.
[4215213.643950] usb 3-4.4.2: new high-speed USB device number 8 using ehci-pci
[4215213.753446] usb 3-4.4.2: New USB device found, idVendor=15a2, idProduct=007d, bcdDevice= 0.01
[4215213.753448] usb 3-4.4.2: New USB device strings: Mfr=1, Product=2, SerialNumber=0
[4215213.753450] usb 3-4.4.2: Product: SP Blank 6UL
[4215213.753451] usb 3-4.4.2: Manufacturer: Freescale SemiConductor Inc
[4215213.906618] hidraw: raw HID events driver (C) Jiri Kosina
[4215213.924124] usbcore: registered new interface driver usbhid
[4215213.924126] usbhid: USB HID core driver
[4215213.986475] hid-generic 0003:15A2:007D.0001: hiddev0,hidraw0: USB HID v1.10 Device [Freescale SemiConductor Inc SP Blank 6UL ] on usb-0000:00:16.2-4.4.2/input0
For this you’ll need a couple of parts
J8 is the micro USB plug https://www.digikey.ca/en/products/detail/molex/1051330011/4356675
R703 and R704 are 10K 0402 resistors
With all of those populated the board will power from the micro USB slot. To put it into SDP mode short R709 while applying power.
So for a while I’ve been looking at hacking into the wink hub 2. I’ve had it for a number of years and so far it has just worked for what I needed it for. Then wink starts with the subscription nonsense and this morning it refused to connect at all. So time to take it apart.
It’s a pretty easy disassemble.
2 screws under the rubber bumper on the device.
Pull the base free, you’ll see the bottom edge of the PCB.
The one side snaps of with a little bit of pressure separating the 2 halves. I used a spudger to help it along.
Awesome looks like there are headers on the board again. Lets see the other side.
Front side
They were even kind enough to label all of them. So I soldered on a UART header and connected up my FTDI cable.
No surprise here, it’s running u-boot
U-Boot 2015.04 (Sep 02 2016 - 20:09:54)
CPU: Freescale i.MX6UL rev1.1 at 396 MHz
CPU: Temperature 30 C
Reset cause: POR
Board: MX6UL Flex Wink Hub V2
I2C: ready
DRAM: 512 MiB
NAND: 128 MiB
In: serial
Out: serial
Err: serial
Net: FEC0
Normal Boot
Hit any key to stop autoboot: 0
UBI: attaching mtd1 to ubi0
UBI: scanning is finished
UBI: attached mtd1 (name "mtd=2", size 10 MiB) to ubi0
UBI: PEB size: 131072 bytes (128 KiB), LEB size: 126976 bytes
UBI: min./max. I/O unit sizes: 2048/2048, sub-page size 2048
UBI: VID header offset: 2048 (aligned 2048), data offset: 4096
UBI: good PEBs: 80, bad PEBs: 0, corrupted PEBs: 0
UBI: user volume: 1, internal volumes: 1, max. volumes count: 128
UBI: max/mean erase counter: 1444/964, WL threshold: 4096, image sequence number: 720637420
UBI: available PEBs: 0, total reserved PEBs: 80, PEBs reserved for bad PEB handling: 20
Loading file 'DO_UPDATE' to addr 0x83000000 with size 1 (0x00000001)...
Done
Total of 1 word(s) were the same
Loading from nand0, offset 0x3700000
Image Name: Linux-3.14.52
Image Type: ARM Linux Kernel Image (uncompressed)
Data Size: 50856042 Bytes = 48.5 MiB
Load Address: 80800000
Entry Point: 80800000
Secure boot on, reading 50868256 bytes to get SRK data
Authenticate image from DDR location 0x80800000...
Secure boot enabled
HAB Configuration: 0xcc, HAB State: 0x99
No HAB Events Found!
I was trying to install a dkms package on focal and it would ask for the MOC signing password but then on reboot it would not confirm it so I still couldn’t load the module
I figured out how to manually add the signing key. I likely broke the whole secure boot thing while I was at it but that’s a problem for another day.
First make sure that a key has been generated
sudo update-secureboot-policy --new-key
Then copy that key to somewhere accessible during boot
So I finally have a design of the TNC I’ve been working on that I think is ready for release. Initially this started with me wanting a replacement for my mobilinkd and AP510. With feature creep it has turned into much more.
The current board has a VHF radio module, a CHIP Pro computer module running Linux ( NTC calls it gadget OS ) and a Mikrobus slot. I’m currently using the Mikrobus for a GPS module but there are lots of variants.
Features
I’m going to split the features into ones I’ve had the time to test with the current design and features that did work on previous designs but haven’t been tested on the current design or haven’t been tried at all.
Some of the parts are small ( 0805 ) so you will need soldering gear that can do finer parts. All of the fine parts get mounted on the top side of the board near the RF module. The connectors all go on the back of the board.
Next Steps
The software needs some polishing so if anyone wants to contribute patches please do.
It also needs a case designed for it so I’ll likely start doing that in openscad soon.
Since I’ve started this design NTC has become less and less responsive so I don’t know is there’s any future in the CHIP or CHIP Pro boards. I hope there is but I’ve been waiting for a year fro the CHIP pro’s I ordered and it’s been more than 4 months since I received any email from them. If anyone else has actually got an email from them I’d be interested in hearing about it.
Thanks goes out to Herb Peyerl andRob Riggs for design assistance and motivation during the project.
The instructions below assume you are using Ubuntu 16.04 but they will work for other Linuxes with minor modifications. The instructions below will also conflict with a webserver listening on port 443 ( https ) so you’ll need to disable it. Once the setup below is complete your https connections will get seamlessly forwarded to port 80.
Setup letsencrypt keys
For the SSL connection to be secure and trusted by browsers and other software you need to have a certificate signed by a recognised certificate authority. The easiest way to do this is to use letsencypt’s certbot. I’m not going to go into how to get the certificate as there are too many ways depending on your configuration. Just follow letsencrypt’s documentation to generate a key for your "servernname.com" that will get used in the rest of these instructions.
You could also use a self signed key but that may cause you problems with stateful firewalls.
Setup stunnel
With your certificate installed on the server you can now setup stunnel to use it. crow shows a partial setup here. I think he’s limited the ciphers for increased security but I found it was not necessary.
Install stunnel4
sudo apt-get install stunnel4
So the setup in /etc/stunnel/stunnel.conf I am using looks like this
You also need to enable stunnel in /etc/default/stunnel4.conf by setting ENABLED=1
restart stunnel to use the new configuration.
systemctl restart stunnel4
At this point you can test the stunnel setup by going to “http://servername.com” with your browser and you will have a secure connection to your http server.
To prep for the sslh configuration change
connect = localhost:80
in /etc/stunnel/stunnel.conf to
connect = localhost:1022
and then restart stunnel again.
Setup sslh
sslh will redirect the sessions decrypted by stunnel to the correct port on your server.
You need to install sslh
sudo apt-get install sslh
The minimum services I wanted are ssh and http so my configuration in /etc/default/sslh looks like this.
RUN=yes
# binary to use: forked (sslh) or single-thread (sslh-select) version
DAEMON=/usr/sbin/sslh
DAEMON_OPTS="--user sslh --listen 127.0.0.1:1022 --http 127.0.0.1:80 --ssh 127.0.0.1:22 --pidfile /var/run/sslh/sslh.pid"
The sslh documentation says that OpenVPN, tinc, XMPP are also supported but I didn’t need those so my configuration doesn’t support them. You can now restart sslh
sudo systemctl restart sslh
This would be another good time to test the stunnel -> sslh -> httpd redirection by visiting “http://servername.com” in your browser.
Client side ssh setup
Once all of the above is complete and assuming that you have an ssh server that you can connect to on port 22 of your server the ssh client can be setup to use the ssl tunnel. The ssh session needs to wrapped in the ssl session to be able to connect to the server so I used the ssh ProxyCommand to accomplish this. Add the section below to your ~/.ssh/config on your client machine
There is usually one other modification I have in my ssh config and that is a DynamicProxy so that stateful packet inspection doesn’t interfere. So the final configuration looks like this.
I wanted to use letsencrypt keys and stunnel to encrypt sessions with a valid server key. Once setup the system needed to look like a regular https website with a valid certificate. I’ll explain why I did this in a later posting.
I’m not going to go into getting the original key from letsencrypt as there are too many ways to do it and letsencrypt’s certbot is already well documented.
These instructions are also specific to Ubuntu 16.04 but could be modified for other Linux’s. The instructions below will also conflict with any webserver listening on port 443 (https).
Setup stunnel
In all of the instructions and scripts below replace <servername> with your hostname. <servername> also needs to match you letsencrypt hostname.
sudo apt-get install stunnel4
Edit /etc/default/stunnel4 and change ENABLED=1
Now create a new stunnel conf file in /etc/stunnel/ with the contents below
If you want to connect to something other than you local webserver change the “connect = 127.0.0.1:80” line above.
Now because stunnel needs the fullchain.pem and the privkey.pem in the same file we need to combine the letsencrypt files. Here’s a script ( combine_certs.sh ) that will check the md5sums of the letsencrypt file and generate a new stunnel.pem whenever the originals change.
#!/bin/bash
#
# Copyright (c) 2017 Angus Ainslie
#
IN_PATH="/etc/letsencrypt/live"
CERT_NAME=$1
OUT_PATH=$2
PEM_NAME=$3
CHAIN_SUM=`md5sum ${IN_PATH}/${CERT_NAME}/fullchain.pem`
KEY_SUM=`md5sum ${IN_PATH}/${CERT_NAME}/privkey.pem`
echo "Chain sum ${CHAIN_SUM}"
echo "Key sum ${KEY_SUM}"
if [ ! -e ${OUT_PATH}/sums ]; then
echo ${CHAIN_SUM} > ${OUT_PATH}/sums
echo ${KEY_SUM} >> ${OUT_PATH}/sums
fi
md5sum --status -c ${OUT_PATH}/sums
if [ $? -eq 0 ]; then
echo "Keys match"
else
echo "Keys don't match. re-creating pem file"
cat ${IN_PATH}/${CERT_NAME}/fullchain.pem ${IN_PATH}/${CERT_NAME}/privkey.pem > ${OUT_PATH}/${PEM_NAME}
echo ${CHAIN_SUM} > ${OUT_PATH}/sums
echo ${KEY_SUM} >> ${OUT_PATH}/sums
fi
To generate the stunnel.pem file run combine_certs.sh like this
Because the letsencrypt certificates are short lived their install process adds a cron job that will renew any keys expiring in 30 days or less. So we need to rerun the combine script to keep our stunnel.pem current. Put this crontab in /etc/cron.d
I’ve had a mobilinkd for a couple of years now and I like the small form factor and the mobility of the device. I’ve always wanted it to have some additional features such as a connected mode ( either USB or serial ) and the ability to track without the need for a cell phone. Wifi would also be a preferred wireless interface.
I tried using the AP510 to fill some of these features but it’s under powered and prone to burning out it’s LDO.
At the urging of a friend, Herb, I sat down and designed one that fit our needs.
The hardware feature set we decided on
Arm SOC module running Linux for TNC
Audio/PTT interface for Yaesu and Kenwood/BaoFeng
1W RF module ( could be VHF or UHF )
GPS expansion port
XBee header
For the ARM module we chose the C.H.I.P. by Next Thing Co. I has a nice small form factor and the site claims you can order 1 – 1 million with very little lead time ( it turns out they are limiting you to 5 at a time right now ). A couple of other nice features of the module are WiFi, bluetooth, Lipo charger and 2 USB ports.
I used the same audio/PTT interface as the mobilinkd so I could reuse the audio cables.
We chose the SR FRS 1W for the on board RF interface. It’s got a nice small form factor but there are some issues with it’s PTT that we are still debugging.
The GPS expansion port is just a slot in the board with serial RX/TX, i2c, 3V3, 5V and GND. I’ve looked at a few GPS modules but haven’t started designing anything yet. Part of the reason I’m holding off is that the side of the board I wanted to put the expansion on would interfere with the USB ports from the CHIP. Until I design a GPS interface module I’m just using a small ND-105 MicroUSB adapter.
I chose the XBee header because there are a number of boards that are already designed for that form factor that support a large number of RF protocols. Now, because of the issues with the GPS expansion slot I might just design a GPS module to plug in there.
Running the audio interface and the GPS dongle from a 2500mAH battery the board can run for about 4 hours. I need to do some optimisation to try and get that into the 8 hours range.
Software features
Debian – standard CHIP install
Direwolf – so the device can function as a TNC/digipeater/X25 modem
Lighttpd webserver for configuration and UI
Host AP and wifi client simultaneously
APRX for viscous digipeating
I had to make some modifications to Direwolf to get it to handle multiple TCPIP clients, as APRX, the web ui and a message daemon all share Direwolf.
The UI is written in python using the web.py framework and currently supports these features.
List of recent APRS beacons
Settings for APRX, Direwolf and PTT
Send and receive APRS messages
Maps for to show beacon locations
Display Direwolf logs for debugging
These all need cleaning up but for the most part are functional.
For the message interface a message daemon is needed to store messages for the interface and handle message ACKs. It attempts to re-transmit the message 3 times or until it is properly ACKed. The UI can also re-send failed messages.
I want to add a feature that failed messages will be re-transmitted when the messaged receives a beacon from the intended recipient.
Moving forward
The boards arrived a week ago and apart from a few minor difficulties ( wrong parts, reversed RF module foot prints , you know the usual ) are working working well. So a second rev will be required. But a new rev means new features , right ?
REV2 features
Concurrent RF module and audio interface. The unit could be across band digipeater or repeater
I’ve been working with the Freescale i.MX7 Sabre board and I wanted to free up the SD card so I could do some SDIO testing. I decided to boot the board from SPI flash ( I needed to test that out anyway ) and then load a kernel and rootfs across the network.
On the i.MX7 board there is a mikroBUS connector which basically just breaks out SPI/I2C/serial and a couple of GPIOs. There is a 8Mb SPI flash that you can get for this bus called the flash click. Just what I needed so I ordered one.
The documentation the board comes with claims the flash chip is a M25P80, no problem u-boot supports that. I added the config below into “include/configs/mx7dsabresd.h” to enable the u-boot SPI flash tools.
#define CONFIG_CMD_SF
#define CONFIG_MXC_SPI
Also enable SPI flash in the defconfig “configs/mx7dsabresd_secure_defconfig”
CONFIG_SPI_FLASH=y
You also need to add some code to your machine initialisation “board/freescale/mx7dsabresd/mx7dsabresd.c” so that the pads get configured properly.
U-Boot 2016.11-rc3-00044-g38cacda-dirty (Nov 09 2016 - 15:59:35 -0700)
CPU: Freescale i.MX7D rev1.1 996 MHz (running at 792 MHz)
CPU: Commercial temperature grade (0C to 95C) at 35C
Reset cause: POR
Board: i.MX7D SABRESD in secure mode
I2C: ready
DRAM: 1 GiB
PMIC: PFUZE3000 DEV_ID=0x30 REV_ID=0x11
MMC: FSL_SDHC: 0, FSL_SDHC: 1
Video: 480x272x24
In: serial
Out: serial
Err: serial
switch to partitions #0, OK
mmc0 is current device
Net: FEC0
Hit any key to stop autoboot: 0
=>
Excellent now I want to scan for the flash chip so that I can burn my new u-boot to it.
=> sf probe 2:0
SF: Unsupported flash IDs: manuf 1c, jedec 3014, ext_jedec 1c30
Failed to initialize SPI flash at 2:0
WTF that’s not the jedec id for a N25P80. So if you go back to the link near the top of the page the mikroBUS flash click actually uses the EN25Q80B which is not in mainline u-boot. Back to the code we go.
Edit “drivers/mtd/spi/sf_params.c” and right after “#ifdef CONFIG_SPI_FLASH_EON /* EON */” add the line below.
{"EN25Q80B", 0x1c3014, 0x0, 64 * 1024, 16, 0},
You’ll also nee to edit your config again “include/configs/mx7dsabresd.h” and add EON SPI to the configuration.
#define CONFIG_SPI_FLASH_EON
Rebuild it and burn it back to the SD card and try the probe again.
=> sf probe 2:0
SF: Detected EN25Q80B with page size 256 Bytes, erase size 64 KiB, total 1 MiB
So now u-boot can understand the flash, lets erase enough space for u-boot it and flash it.
=> sf erase 0 80000
SF: 524288 bytes @ 0x0 Erased: OK
=> mmc read 0x80000000 2 400
MMC read: dev # 0, block # 2, count 1024 ... 1024 blocks read: OK
=> sf write 0x80000000 400 80000
device 0 offset 0x400, size 0x80000
SF: 524288 bytes @ 0x400 Written: OK
Now set the jumpers to boot from the SPI flash, remove the SD card and reset the board.
