Digi
/
meta-digi
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

trustfence: add environment encryption 

Signed-off-by: Mike Engel <Mike.Engel@digi.com>
This commit is contained in:
Mike Engel 2023-05-26 13:08:53 +02:00
parent b1d20d686e
commit e1976ca2fb
1 changed files with 2 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
meta-digi-dey/classes/trustfence.bbclass
View File

@ -24,7 +24,6 @@ TRUSTFENCE_SIGN_KEYS_PATH ?= "default"
TRUSTFENCE_DEK_PATH ?= "default" TRUSTFENCE_DEK_PATH ?= "default"
TRUSTFENCE_DEK_PATH:ccmp1 ?= "0" TRUSTFENCE_DEK_PATH:ccmp1 ?= "0"
TRUSTFENCE_ENCRYPT_ENVIRONMENT ?= "1" TRUSTFENCE_ENCRYPT_ENVIRONMENT ?= "1"
TRUSTFENCE_ENCRYPT_ENVIRONMENT:ccmp1 ?= "0"
TRUSTFENCE_SRK_REVOKE_MASK ?= "0x0" TRUSTFENCE_SRK_REVOKE_MASK ?= "0x0"
TRUSTFENCE_KEY_INDEX ?= "0" TRUSTFENCE_KEY_INDEX ?= "0"
@ -100,6 +99,8 @@ python () {
if (d.getVar("TRUSTFENCE_ENCRYPT_ENVIRONMENT") == "1"): if (d.getVar("TRUSTFENCE_ENCRYPT_ENVIRONMENT") == "1"):
if (d.getVar("DEY_SOC_VENDOR") == "NXP"): if (d.getVar("DEY_SOC_VENDOR") == "NXP"):
d.appendVar("UBOOT_TF_CONF", "CONFIG_ENV_AES=y CONFIG_ENV_AES_CAAM_KEY=y ") d.appendVar("UBOOT_TF_CONF", "CONFIG_ENV_AES=y CONFIG_ENV_AES_CAAM_KEY=y ")
elif (d.getVar("DEY_SOC_VENDOR") == "STM"):
d.appendVar("UBOOT_TF_CONF", "CONFIG_ENV_AES_CCMP1=y ")
# Provide sane default values for SWUPDATE class in case Trustfence is enabled # Provide sane default values for SWUPDATE class in case Trustfence is enabled
if (d.getVar("TRUSTFENCE_SIGN") == "1"): if (d.getVar("TRUSTFENCE_SIGN") == "1"):