trustfence: disable environment encryption for CC8X

Environment encryption is not yet supported in U-Boot. Unset TRUSTFENCE_ENCRYPT_ENVIRONMENT on the machine configuration and remove the platform conditional on the class. Signed-off-by: Hector Palacios <hector.palacios@digi.com>
2020-02-10 13:22:56 +01:00 · 2020-02-10 13:22:56 +01:00 · 6c9341bd8a
parent 8d77f179df
commit 6c9341bd8a
2 changed files with 3 additions and 5 deletions
--- a/meta-digi-arm/conf/machine/include/ccimx8x.inc
+++ b/meta-digi-arm/conf/machine/include/ccimx8x.inc
@ -78,6 +78,8 @@ MX8_SOC_VAR ?= "QX"
 # TrustFence
 TRUSTFENCE_SIGN_MODE = "AHAB"
 # TODO: not yet supported
 TRUSTFENCE_ENCRYPT_ENVIRONMENT = "0"
 # For Trustfence container header RAM locations
 RAM_CONTAINER_LOC_BOOT = "0x80280000"
 RAM_CONTAINER_LOC_DTB = "0x82000000"
--- a/meta-digi-dey/classes/trustfence.bbclass
+++ b/meta-digi-dey/classes/trustfence.bbclass
@ -63,11 +63,7 @@ python () {
        if (d.getVar("TRUSTFENCE_DEK_PATH", True) not in [None, "0"]):
            d.appendVar("UBOOT_EXTRA_CONF", 'CONFIG_DEK_PATH=\\"%s\\" ' % d.getVar("TRUSTFENCE_DEK_PATH", True))
    if (d.getVar("TRUSTFENCE_ENCRYPT_ENVIRONMENT", True) == "1"):
-        if ("ccimx8x" in d.getVar("MACHINE", True)):
+        d.appendVar("UBOOT_EXTRA_CONF", 'CONFIG_ENV_AES=y CONFIG_ENV_AES_CAAM_KEY=y')
            bb.fatal("Environment encryption is not currently supported on the ccimx8x SOM")
            return
        else:
            d.appendVar("UBOOT_EXTRA_CONF", 'CONFIG_ENV_AES=y CONFIG_ENV_AES_CAAM_KEY=y')
    # Provide sane default values for SWUPDATE class in case Trustfence is enabled
    if (d.getVar("TRUSTFENCE_SIGN", True) == "1"):