trustfence: stm: set TF-M variables to fix build issue

The latest ST release (openstlinux-6.6-yocto-scarthgap-mpu-v26.02.18) checks for the presence of several TF-M-related variables at parse time, even when they are not used. This triggers build failures with the new M33-TD flavor variables required by the TF-M recipe. Set default (dummy) values for these variables to avoid the parse-time failures. This is a workaround until full support for building secure TF-M binaries is integrated. https://onedigi.atlassian.net/browse/DEL-10022 Signed-off-by: Arturo Buzarra <arturo.buzarra@digi.com>
2026-03-23 11:03:36 +01:00 · 2026-03-23 11:03:36 +01:00 · 55456629f0
parent ab5f937cb6
commit 55456629f0
1 changed files with 7 additions and 0 deletions
--- a/meta-digi-dey/classes/trustfence.bbclass
+++ b/meta-digi-dey/classes/trustfence.bbclass
@ -221,6 +221,13 @@ python () {
                    d.setVar("TRUSTFENCE_COPRO_PASSWORD_FILE", d.getVar("TRUSTFENCE_KEYS_PATH") + "/rproc-keys/key_pass.txt")
                    d.setVar("SIGN_COPRO_ECC_PASS_%s" % (d.getVar("STM32MP_SOC_NAME").strip()), "UNDEFINED");
            d.setVar("SIGN_KEY_%s" % (d.getVar("STM32MP_SOC_NAME").strip()), d.getVar("SIGN_KEY"));
+            # Set a dummy value to avoid a build issue in ST sign-stm32mp class
+            d.setVar('SIGN_KEY_PASS', "UNDEFINED")
+            d.setVar("SIGN_KEY_PUB_%s" % (d.getVar("STM32MP_SOC_NAME").strip()), "UNDEFINED");
+            d.setVar("SIGN_M33DDR_KEY_%s" % (d.getVar("STM32MP_SOC_NAME").strip()), "UNDEFINED");
+            d.setVar("SIGN_M33FW_KEY_%s" % (d.getVar("STM32MP_SOC_NAME").strip()), "UNDEFINED");
+            d.setVar("SIGN_M33DDR_KEY_PASS_%s" % (d.getVar("STM32MP_SOC_NAME").strip()), "UNDEFINED");
+            d.setVar("SIGN_M33FW_KEY_PASS_%s" % (d.getVar("STM32MP_SOC_NAME").strip()), "UNDEFINED");

        d.appendVar("UBOOT_TF_CONF", "CONFIG_SIGN_IMAGE=y ")
        if (d.getVar("TRUSTFENCE_SIGN_ARTIFACTS") == "1"):