This commit updates the firmware binaries for Bluetooth and Wireless interfaces,
aligned with the Cypress Linux WiFi Driver (FMAC) release v6.1.145-2026_0108.
The updated wireless firmware versions are as follows:
- 2FY Wireless chip: v28.10.590.3
- 2EC Wireless chip: v18.53.546.29
These updates are included as part of the imx-styhead-longma_r1.0 Murata release.
https://onedigi.atlassian.net/browse/DEL-9960
Signed-off-by: Arturo Buzarra <arturo.buzarra@digi.com>
Enable signed firmware to prevent unauthenticated code on the Cortex-M4
co-processor by verifying images against custom public key from OP-TEE.
https://onedigi.atlassian.net/browse/DEL-9920
Signed-off-by: Arturo Buzarra <arturo.buzarra@digi.com>
For both wireless and Bluetooth regulatory domain files, install the
files as is and create symlinks for the different regulatory domains.
Then, the drivers are responsible of loading the default files (US for
wireless, FCC for Bluetooth) or other files when specified through the
'regdmn' module parameters.
Signed-off-by: Gonzalo Ruiz <Gonzalo.Ruiz@digi.com>
This commit updates the firmware binaries for Bluetooth and Wireless interfaces,
aligned with the Cypress Linux WiFi Driver (FMAC) release v6.1.110-2025_0718.
The updated wireless firmware versions are as follows:
- 2FY Wireless chip: v28.10.522.8
- 2FY Bluetooth chip: v1.2.32.40.33 FCC and CE.JP
These updates are included as part of the imx-scarthgap-kraken_r1.0 Murata release.
Signed-off-by: Arturo Buzarra <arturo.buzarra@digi.com>
Introduce a configurable variable to enable/disable secure co-processor
firmware when TrustFence is enabled.
https://onedigi.atlassian.net/browse/DEL-9813
Signed-off-by: Arturo Buzarra <arturo.buzarra@digi.com>
Updated error guidance to use `./install_linux_fw_uuu.sh -u <uboot_file>`
instead of setting INSTALL_UBOOT_FILENAME manually.
Signed-off-by: Francisco Gil <francisco.gilmartinez@digi.com>
Enable signed firmware to prevent unauthenticated code on the Cortex-M33
co-processor by verifying images against OTP-stored keys.
https://onedigi.atlassian.net/browse/DEL-9813
Signed-off-by: Arturo Buzarra <arturo.buzarra@digi.com>
Add a variable analogous to TRUSTFENCE_SIGN to enable/disable artifact
encryption. Deprecate TRUSTFENCE_DEK_PATH in favor of TRUSTFENCE_KEYS_PATH to
use a more generic name and avoid overloading it as an on/off flag. Add per-key
variables for encryption key filenames to avoid hardcoded names and allow
platform overrides.
Signed-off-by: Arturo Buzarra <arturo.buzarra@digi.com>
This commit updates the trustfence-stm-signtools package with the latest
versions from the STM32 MPU ecosystem v6.1.0:
- STM32MP_KeyGen_CLI v2.20.0
- STM32MP_SigningTool_CLI v2.20.0
These tools are deployed as part of STM32CubeProgrammer v2.20.0, adding support
for STM32MP21x processors and bug fixing.
Signed-off-by: Arturo Buzarra <arturo.buzarra@digi.com>
vfat images need U-Boot scripts, which are always provided by the U-Boot
recipe, even for imx-boot-based machines. Replace the machine-dependent
BOOTLOADER_IMAGE_RECIPE with virtual/bootloader (which is provided by
u-boot recipes).
https://onedigi.atlassian.net/browse/DEL-9768
Signed-off-by: Javier Viguera <javier.viguera@digi.com>
Notice that we need to create u-boot and imx-boot symlinks in the deploy
directory, as they are required for the bootloader of the wic images.
https://onedigi.atlassian.net/browse/DEL-9768
Signed-off-by: Javier Viguera <javier.viguera@digi.com>
* Replace the hard-coded '/etc' with ${sysconfdir}
* Extend the mmcblk check to prevent updating the environment configuration
when booting from the EMMC (even though the kernel command line root
passed is in the form of /dev/mmcblk).
* Switch the conditional inherit to inherit_defer as it depends on
IMAGE_FEATURES to avoid parse-time ordering issues.
https://onedigi.atlassian.net/browse/DEL-9768
Signed-off-by: Javier Viguera <javier.viguera@digi.com>
This commit updates the secure boot support for STM platforms based on the
STM32 MPU Ecosystem v6.1.0. It introduces support for encrypted boot artifacts,
including TF-A and FIP, and enables this functionality for the ConnectCore MP2
platform.
This enhancement allows secure boot deployments with both authentication and
encryption for improved protection of critical boot components.
Signed-off-by: Arturo Buzarra <arturo.buzarra@digi.com>
Commit b581ac2a3b ("u-boot: rework deploy
symlinks using uboot_deploy_config") removed u-boot symlinks as part of cleanup
process. However, the main symlink is still required for the ccimx6 and
ccimx6qp platforms to generate bootable SD card images.
This commit keeps the symlink for those specific platforms to fix the SD card
image creation process.
https://onedigi.atlassian.net/browse/DEL-9758
Signed-off-by: Arturo Buzarra <arturo.buzarra@digi.com>
This commit updates the CC6 and CC6QP platform configurations to use the latest
NXP BSP based on U-Boot v2024.04, unifying support across all NXP-based
platforms.
https://onedigi.atlassian.net/browse/DEL-9758
Signed-off-by: Arturo Buzarra <arturo.buzarra@digi.com>
Move OpenSSL dependency from the common include file to the specific
recipes:
- trustfence-cst-native: openssl-native
- nativesdk-trustfence-cst: nativesdk-openssl
https://onedigi.atlassian.net/browse/DEL-9760
Signed-off-by: Javier Viguera <javier.viguera@digi.com>
On the multi-MTD layout (default) the 'data' UBI volume is never created
and thus not mounted by the system. This is because with this layout, the
creation of the UBI volume is done by the 'update' command, but nobody
updates this partition cause DEY doesn't generate an image for it.
We want the 'data' UBI volume to be created so that the CC6UL can connect
to the regular Remote Manager URI and store the certificate in it.
As long as a UBI volume is created, Linux will mount it, so this commit
erases the partition and creates the UBI volume.
The same goes for the 'update' partition. The installer was relying on the
recovery mechanism to wipe this partition, but this is not longer required
with UBI. As long as the installer erases the partition and creates the
volume, Linux will be able to mount it, so the boot in recovery mode has
been removed from the script.
Note: the formatting is only done for multi-MTD layout; the ubivolscript
creates all volumes for single-MTD layout.
Signed-off-by: Hector Palacios <hector.palacios@digi.com>
Do not install 'txpower' and 'rutxpower' files from the Murata repo,
which are used for the V1 TX power method, and replace them with custom
'rgpower' files, required for the V2 TX power method.
These files encode the TxPower limitations obtained during the
ConnectCore 93 Certification tests, and there is one file per supported
country. There is a common file for all the European countries, so
create links for each of them, based on the CEPT REC7003E recommendation.
New 'rgpower' files:
- rgpower_CA.bin (MD5SUM: 7c012351f0521a02e3d78615fed5eb54)
- rgpower_EU.bin (MD5SUM: 4d1a54b3c1f12a7d0bb44d0337786a0b)
- rgpower_JP.bin (MD5SUM: b7706bb2718997d933b2bdf1e53e64b4)
- rgpower_US.bin (MD5SUM: 16555f962b025e0426098decd0147f1f)
- rgpower_WW.bin (MD5SUM: 505223c56527e849d4b1e5800c8613b5)
Take the opportunity to just install bt_power_config scripts and prevent
the installation of other unused files (db.txt, ed_mac_ctrl_V2_nw61x.conf
and regulatory.db) from the Murata repository.
https://onedigi.atlassian.net/browse/DEL-8974
Signed-off-by: Gonzalo Ruiz <Gonzalo.Ruiz@digi.com>
Commit ac69566ecd mistakenly removed
the command of cc9, cc8x, and cc8m media installers that sets the
variable that contains the U-Boot file to install.
Signed-off-by: Hector Palacios <hector.palacios@digi.com>
https://onedigi.atlassian.net/browse/DEL-9720
At the point of saving the bootcmd for the second stage of the install
process we want to use the variable value, not the variable name
since this variable doesn't exist after the environment is reset.
Signed-off-by: Hector Palacios <hector.palacios@digi.com>
https://onedigi.atlassian.net/browse/DEL-9711
Use the existing uboot_deploy(_spl)_config function to clean up and rework
the symlinks created in the deploy directory.
Signed-off-by: Javier Viguera <javier.viguera@digi.com>
This gets substituted when TrustFence is enabled to "signed/encrypted"
or removed when TrustFence is disabled.
Signed-off-by: Hector Palacios <hector.palacios@digi.com>
Programming an encrypted bootloader can only be done after the
secure keys have been programed on the OTP bits, and the device
has been closed. Programming on an open device would result in a
non-secure configuration or a non-bootable device after the
close operation.
Create functions to detect the current TrustFence status and exit
the install script if the device is open and the artifacts are
encrypted.
Signed-off-by: Hector Palacios <hector.palacios@digi.com>
https://onedigi.atlassian.net/browse/DEL-9699
The `-t` option to program images with TrustFence didn't make
much sense because the install script is dynamically generated
at build-time with the name of the boot artifacts containing
"signed/encrypted" on their filenames.
This commit:
- Removes `-t` option to simplify the script.
- Determines if programming a signed/encrypted bootloader by
looking at the bootloader filename.
- For NXP platforms, reworks the function that updates the
bootloader to properly program only-signed bootloaders (currently
wrongly using `trustfence update`)
Signed-off-by: Hector Palacios <hector.palacios@digi.com>
The USB and SD installers are U-Boot scripts that are practically
identical.
Merge them into a single template with a couple of machine variables that
determine the default device index in U-Boot for the USB or the microSD
card.
Do dynamic substitutions to create the two installers out of the template.
Signed-off-by: Hector Palacios <hector.palacios@digi.com>
The installer uses the regular rootfs filename or falls back to search
for a squashfs (read-only) rootfs image.
The UUU installers of eMMC-based platforms use an if/elif/else structure
to determine which file exist (in order of preference). Replicate this
structure on the rest of platforms and installers.
This avoids printing an error message if the default rootfs does not exist
but the read-only one does.
Also, reset 'rootfstype' variable if the default rootfs file exists, which
allows to install regular images over a previous read-only system.
Signed-off-by: Hector Palacios <hector.palacios@digi.com>
This commit fixes the rm command in the adapt_uboot_filenames function to
prevent build failures when the target artifact does not exist, ensuring the
operation is safe in all cases.
https://onedigi.atlassian.net/browse/DEL-9634
Signed-off-by: Arturo Buzarra <arturo.buzarra@digi.com>
Since commit 29d32063ac0abb1017756f62f94aec22ce305b60 ("u-boot: kernel-fitimage:
Fix dependency loop if UBOOT_SIGN_ENABLE and UBOOT_ENV enabled") in Poky layer,
the `kernel-fitimage` and `uboot-sign` classes are no longer explicitly
dependent. This change introduced a race condition when inserting the signed
RSA keys into the U-Boot DTB for FIT image verification.
This commit introduces a new step for `do_uboot_assemble_fitimage`, which is
now responsible for injecting the keys into the U-Boot DTB. This logic was
previously handled in the Linux kernel recipe via the `do_assemble_fitimage`
function in previous Yocto versions.
Additionally, a build-time dependency is added between the `do_uboot_assemble_fitimage()`
function and the kernel's `do_kernel_generate_rsa_keys()` task, which is
responsible for generating the RSA keys used to sign the FIT image.
https://onedigi.atlassian.net/browse/DEL-9634
Signed-off-by: Arturo Buzarra <arturo.buzarra@digi.com>
There are several recipes in meta-digi related to features that we haven't
tested in a long time and don't appear in the DEY 5.0 documentation. Remove
them to avoid unexpected behavior.
Said features are:
* Coral TPU support (only supported in DEY 3.2)
* AWS support (removed from default images and docs in DEY 4.0)
* dey-image-tiny (hasn't been maintained since DEY 2.0)
Signed-off-by: Gabriel Valcazar <gabriel.valcazar@digi.com>
Add the following countries to the CLM Blob file:
- Brazil
- Mexico
- Saudi Arabia
- Hong Kong
- Singapore
- Malaysia
- Taiwan
- Korea
This is the new World CLM Blob file:
- cyfmac4373-sdio_World.clm_blob (11d5fab6659eff491aca1a219ad33b00)
https://onedigi.atlassian.net/browse/DEL-9438
Signed-off-by: Gonzalo Ruiz <Gonzalo.Ruiz@digi.com>
This overlay contains a workaround to make the USB-OTG
work as USB device when connected to a host.
Signed-off-by: Hector Palacios <hector.palacios@digi.com>
https://onedigi.atlassian.net/browse/DEL-9610
(cherry picked from commit ec92f5fdd10a61e37ac3778d0d3aa1816bc6b0aa)
Signed-off-by: Hector Palacios <hector.palacios@digi.com>
This commit updates the firmware binaries for Bluetooth and Wireless interfaces,
aligned with the Cypress Linux WiFi Driver (FMAC) release v6.1.97-2025_0219.
The updated wireless firmware versions are as follows:
- 2FY Wireless chip: v28.10.387.16
- 2AE Wireless chip: v13.10.246.356
These updates are included as part of the imx-scarthgap-jaculus_r1.1 Murata release.
Signed-off-by: Arturo Buzarra <arturo.buzarra@digi.com>
This commit updates the installer scripts to support CCMP1 platforms under
Yocto 5.0, aligning them with the current behavior used for CCMP2.
Changes include:
- Adding support for the metadata partition, which is now required
- Including the optee/opteemin flavors in boot artifact filenames
- Ensuring the script structure and logic remain consistent with CCMP2 install scripts
Signed-off-by: Arturo Buzarra <arturo.buzarra@digi.com>
The binaries of certain recipes use 32-bit APIs (ioctl, stat) that produce
build warnings. Add INSANE_SKIP to prevent the warnings.
Signed-off-by: Hector Palacios <hector.palacios@digi.com>
The function had into account the memory variants when copying U-Boot
device trees, but not the U-Boot binaries themselves.
Signed-off-by: Hector Palacios <hector.palacios@digi.com>
Mike Engel
Arturo Buzarra
Hector Palacios
Gonzalo Ruiz
Javier Viguera
Francisco Gil
Gabriel Valcazar