The `-t` option to program images with TrustFence didn't make
much sense because the install script is dynamically generated
at build-time with the name of the boot artifacts containing
"signed/encrypted" on their filenames.
This commit:
- Removes `-t` option to simplify the script.
- Determines if programming a signed/encrypted bootloader by
looking at the bootloader filename.
- For NXP platforms, reworks the function that updates the
bootloader to properly program only-signed bootloaders (currently
wrongly using `trustfence update`)
Signed-off-by: Hector Palacios <hector.palacios@digi.com>
There is a corner case that wasn't cover by the script, if you
use the script using a -k -t the "-t" would be the name of the
dek.bin.
This new implementation solves the issue.
Signed-off-by: Francisco Gil <francisco.gilmartinez@digi.com>
Some variables in the script belong to u-boot, not to the shell
running the script. Escape those variables so the shell does not
expand them.
Signed-off-by: Francisco Gil <francisco.gilmartinez@digi.com>
The command trustfence update doesn't require the partition argument.
Besides of that, remove extra fi on the cc8m platforms.
Signed-off-by: Francisco Gil <francisco.gilmartinez@digi.com>
Some minor fixes:
* return error code if installation fails
* cosmetic: update comment with options
* just exit after error and do not execute boolimit command
Signed-off-by: Isaac Hermida <isaac.hermida@digi.com>
Use the intention of installing dual boot firmware as a condition to set
bootlimit=3 so that the bootcount mechanism is enabled.
Signed-off-by: Hector Palacios <hector.palacios@digi.com>
https://onedigi.atlassian.net/browse/DUB-1058
During firmware install, the target may be reset several times.
We don't want the bootcount to count these as boot attempts.
This was done in a791bb4463 for the ccmp1
but not for the rest of platforms.
Signed-off-by: Hector Palacios <hector.palacios@digi.com>
If the default r/w rootfs is not found it will try to do a
fallback to the squashfs image.
In the nand devices additionally we need to set the rootfstype
to squashfs.
https://onedigi.atlassian.net/browse/DEL-8638
Signed-off-by: Francisco Gil <francisco.gilmartinez@digi.com>
We no longer need logic to determine the SOM's RAM size and bus width, we only
need to know the SOC revision, which is info that is always available.
Signed-off-by: Gabriel Valcazar <gabriel.valcazar@digi.com>
The variable 'dualboot' (and 'singlemtdsys' for CC6UL) was restored
after the bootcmd that runs the first time after programming U-Boot runs
fastboot again to resume the script.
This is ok for the CC6UL but not for the rest of platforms, that run the
partition script on the bootcmd, *before* running fastboot.
Restore the variables for all platforms in the bootcmd right after
resetting the environment.
Signed-off-by: Hector Palacios <hector.palacios@digi.com>
Ensure stdout redirection to the USB interface is removed in every case.
Otherwise, it would be left redirected when INSTALL_UBOOT_FILENAME is
manually set.
Signed-off-by: Gonzalo Ruiz <Gonzalo.Ruiz@digi.com>
Check the status of 'dualboot' env variable.
If set to "yes", use the dualboot partition table in the script and
restore the variable (default is "no") after resetting the environment.
Also, for dualboot, there's no need to wipe the recovery partition or
boot into recovery mode.
For dualboot, this script programs both systems A and B with the same
images.
Signed-off-by: Hector Palacios <hector.palacios@digi.com>
https://onedigi.atlassian.net/browse/DEL-7649
Fastboot is configured on boot with the current MMC configuration.
If we create a GPT partition table, we need to restart fastboot before we
try to program any partition with the 'flash' fastboot command.
Set 'fastboot_dev' to a different device, 'sata' for example an back to 'mmc'
to trigger a fastboot restart after creating the partition table on blank
devices.
Signed-off-by: Gonzalo Ruiz <Gonzalo.Ruiz@digi.com>
The current syntax only works properly when running the script through bash.
Change this so that it works for other shells as well.
While at it, fix a typo in the message that appears when the variant can't be
detected in the 6UL script.
Signed-off-by: Gabriel Valcazar <gabriel.valcazar@digi.com>
We document how to use this script from the Yocto image directory. Now that the
*.ext4 files are compressed by default, the script needs to automatically
decompress said files before starting the update process.
https://onedigi.atlassian.net/browse/DEL-7582
Signed-off-by: Gabriel Valcazar <gabriel.valcazar@digi.com>
The install script of cc8x had errors (using double '==' instead
of single on comparisions).
Besides fixing this typo, this commit changes the logic to:
- default to 2GB U-Boot for variants other than the ones in the
list.
- consider variant code 0x00 (not programmed HWID) as a failure.
thus forcing the user to specify the file on the command line.
This second action is done also on the cc6ul script.
Reported-by: Hector Bujanda <hector.bujanda@digi.com>
Signed-off-by: Hector Palacios <hector.palacios@digi.com>
With the generalization done in previous commits, we have now several files
that are identical and can be merged into a common SOM or SOM family
folder.
Signed-off-by: Hector Palacios <hector.palacios@digi.com>
Hector Palacios
Francisco Gil
Mike Engel
Isaac Hermida
Gabriel Valcazar
Tatiana Leon
Gonzalo Ruiz