From 262ade8908d8d9a02177e7d5660a095e6dfa2041 Mon Sep 17 00:00:00 2001 From: "Diaz de Grenu, Jose" Date: Thu, 20 Oct 2016 14:53:26 +0200 Subject: [PATCH] Revert "trustfence: disable SDCARD image generation when encryption is enabled" When encryption is enabled, the signed U-Boot image will be used for the uSD. This allows the uSD image to boot the device and recover it from the U-Boot console, which is its main purpose. Nevertheless, the uSD image will not be able to boot Linux. https://jira.digi.com/browse/DEL-2877 This reverts commit 2e13e194d9b86e709157cf11a9756616d8be1b6a. --- README.md | 4 ++-- meta-digi-dey/classes/trustfence.bbclass | 3 --- 2 files changed, 2 insertions(+), 5 deletions(-) diff --git a/README.md b/README.md index 903fd3653..b5b97bfb9 100644 --- a/README.md +++ b/README.md @@ -131,8 +131,8 @@ authentication failure. * The Micrel PHY KSZ9031 may take between five and six seconds to auto-negotiate with Gigabit switches -* Secure uSD booting only supports booting signed images. A uSD image is not -generated if TrustFence (TM) image encryption support is enabled. +* If TrustFence (TM) image encryption support is enabled, the uSD image will +boot a signed U-Boot only. # Support Contact Information diff --git a/meta-digi-dey/classes/trustfence.bbclass b/meta-digi-dey/classes/trustfence.bbclass index c31bb2daf..5ab4060a7 100644 --- a/meta-digi-dey/classes/trustfence.bbclass +++ b/meta-digi-dey/classes/trustfence.bbclass @@ -65,6 +65,3 @@ python () { if (d.getVar("TRUSTFENCE_ENCRYPT_ENVIRONMENT", True) == "1"): d.appendVar("UBOOT_EXTRA_CONF", 'CONFIG_ENV_AES=y CONFIG_ENV_AES_CAAM_KEY=y') } - -# SDCARD image is not supported when encryption is enabled, so disable it in such cases -IMAGE_FSTYPES_remove = "${@'' if d.getVar('TRUSTFENCE_DEK_PATH', True) == '0' else 'sdcard'}"