When TrustFence encryption is enabled, the TF-A recipe converts the
binary FIP encryption key to a hexadecimal string and passes it to the
TF-A build as ENC_KEY.
hexdump suppresses repeated output by default and emits '*' when it folds
duplicate data. If that happens while converting the key, the generated
ENC_KEY contains the '*' marker instead of the full hex string. The
malformed value then breaks the make command line, and make can interpret
the remaining key fragment as a target, failing for example with:
make ... ENC_KEY=13eb911dfcc316b1b99bbbbf10a7000c3055e863* 166d3c8c9cd6f888b720a9 all
make: *** No rule to make target '166d3c8c9cd6f888b720a9'. Stop.
Use hexdump -v so every byte of the binary key is emitted and ENC_KEY is
always a complete, contiguous hex string.
https://onedigi.atlassian.net/browse/DEL-10115
Signed-off-by: Javier Viguera <javier.viguera@digi.com>
This commit updates the secure boot support for STM platforms based on the
STM32 MPU Ecosystem v6.1.0. It introduces support for encrypted boot artifacts,
including TF-A and FIP, and enables this functionality for the ConnectCore MP2
platform.
This enhancement allows secure boot deployments with both authentication and
encryption for improved protection of critical boot components.
Signed-off-by: Arturo Buzarra <arturo.buzarra@digi.com>
This commit introduces a custom export_binaries() function to resolve a
deployment issue affecting the final TF-A artifact path. The issue occurs when
the SoC name does not match the TF-A device tree name.
This fix is required due to changes introduced in commit f0b4d0d02a
("ccmp15: enable secure_system_service for CCMP15"), which modified the TF-A
artifact generation process.
https://onedigi.atlassian.net/browse/DEL-9734
Signed-off-by: Arturo Buzarra <arturo.buzarra@digi.com>
This commit updates the Digi custom .bbappend recipes for FIP and TF-A to align
with the latest ST BSP release, based on the openstlinux-6.6-yocto-scarthgap-mpu-v25.06.11
tag for Yocto 5.0 (scarthgap).
https://onedigi.atlassian.net/browse/DEL-9734
Signed-off-by: Arturo Buzarra <arturo.buzarra@digi.com>
Moved deploy_symlinks_atf from SYSROOT_PREPROCESS_FUNCS to do_deploy task
to ensure symlinks are created correctly even when rebuilding from the
shared state after a "bitbake -c clean tf-a-stm32mp".
Override do_deploy[sstate-outputdirs] from the original recipe to allow
installing both the deploy artifacts (binaries and symlinks) to the
package deploy directory.
Signed-off-by: Javier Viguera <javier.viguera@digi.com>
We reverted the stub that didn't allow PM when serial boot
was enabled on TF-A. Restore the part of the recipe that
includes USB boot support on NAND boot images.
This reverts commit 24aef482ef.
Signed-off-by: Hector Palacios <hector.palacios@digi.com>
https://onedigi.atlassian.net/browse/DEL-9629
Adding STM32MP_USB_PROGRAMMER=1 to TF-A NAND build allows the images to
boot from either NAND or USB (recovery) however, the source code of TF-A
disallows correct resuming from suspend when either STM32MP_USB_PROGRAMMER
or STM32MP_UART_PROGRAMMER are defined.
Remove this support so that the system can correctly resume from suspend.
Signed-off-by: Hector Palacios <hector.palacios@digi.com>
https://onedigi.atlassian.net/browse/DEL-9629
OP-TEE comes in two flavors: optee and opteemin
For NAND-boot images, add support for USB boot as well,
so that the default tf-a image is valid for booting from
either NAND or USB.
We had this for 'optee' flavor but not for 'opteemin'.
Signed-off-by: Hector Palacios <hector.palacios@digi.com>
Currently, the final metadata symlink is composed using the TF-A Device Tree
configuration, which includes memory variant details. However, these variants
are not relevant for the metadata binary.
To avoid generating multiple redundant metadata files or using confusing names,
this commit updates the symlink to be composed using the MACHINE variable
instead.
Signed-off-by: Arturo Buzarra <arturo.buzarra@digi.com>
On the new BSP the configuration is called 'optee-nand' and the build
parameters have changed.
We do this override in meta-digi only to incorporate
`STM32MP_USB_PROGRAMMER=1`
parameter, which allows to boot the nand image from USB, too.
Signed-off-by: Hector Palacios <hector.palacios@digi.com>
This commit generalizes the symlink generation to allow creating a final
symlink in the deploy directory, supporting different artifact flavors:
regular, signed or encrypted.
https://onedigi.atlassian.net/browse/DEL-9442
Signed-off-by: Arturo Buzarra <arturo.buzarra@digi.com>
This commit imports the sign-stm32mp bbclass from the meta-st-stm32mp layer to
allow customization. The main customization ensures that the search_path()
function does not raise a build exception if the signing tool or keys are not
present in the PATH before starting the build process.
In our case, we do not need to manually install the tools or generate the keys
beforehand, as this is automatically handled by Yocto in our DEY distribution.
https://onedigi.atlassian.net/browse/DEL-9442
Signed-off-by: Arturo Buzarra <arturo.buzarra@digi.com>
This commit introduces a custom do_compile() function to resolve a signing
issue affecting the final TF-A artifact, where the SoC name does not match the
TF-A device tree name.
https://onedigi.atlassian.net/browse/DEL-9442
Signed-off-by: Arturo Buzarra <arturo.buzarra@digi.com>
This commit updates secure boot support based on the STM32 MPU Ecosystem v6.0
and integrates support for the ConnectCore MP2 platform.
https://onedigi.atlassian.net/browse/DEL-9442
Signed-off-by: Arturo Buzarra <arturo.buzarra@digi.com>
We had a SYSROOT_PREPROCESS_FUNCS on the tf-a-stm32mp recipe to
create symlinks to both TF-A and FIP binaries, but the FIP binaries
are now produced by fip-stm32mp recipe.
This had the effect that the files might not be ready.
Duplicate the function in the fip-stm32mp recipe and create the
symlinks for the FIP images there.
Signed-off-by: Hector Palacios <hector.palacios@digi.com>
These are clones of 'optee-programmer-uart' and
'optee-programmer-usb' defined in tf-a-stm32mp-config.inc but
do not require to have the STM32MP_DEVICETREE_PROGRAMMER_ENABLE=1
which causes build problems in U-Boot.
Signed-off-by: Hector Palacios <hector.palacios@digi.com>
https://onedigi.atlassian.net/browse/DEL-9483
The following TF-A artifacts are deployed to subdirectories of
the image deploydir:
- arm-trusted-firmware/tf-a-<platform>-<bootconfig>.stm32
- arm-trusted-firmware/metadata-<platform>.bin
- fip/fip-<platform>-<bootconfig>.bin
- fip/fip-<platform>-ddr-<bootconfig>.bin
These binaries are not copied to the image deploy dir during
the regular do_deploy(), instead, they are deployed by script
tf_a_sysroot_populate() which is added to SYSROOT_PREPROCESS_FUNCS.
To follow this logic, change the previously wrong do_deploy:append
into a new function and append it also to SYSROOT_PREPROCESS_FUNCS,
so that it is called after the artifacts have really been deployed.
In the existing code, fix the paths and commands, which had some
errors.
Signed-off-by: Hector Palacios <hector.palacios@digi.com>
https://onedigi.atlassian.net/browse/DEL-9461
Based on the boot schemes and sources supported for each platform, the boot
artifacts now include this information in their filenames. This commit updates
the filenames accordingly in several recipes.
Signed-off-by: Arturo Buzarra <arturo.buzarra@digi.com>
This commit removes all outdated TF-A recipes and synchronizes the Digi custom
.bbappend with the latest v2.10 from the ST BSP release, based on the
openstlinux-6.6-yocto-scarthgap-mpu-v24.11.06 tag for Yocto 5.0 (scarthgap).
https://onedigi.atlassian.net/browse/DEL-9381
Signed-off-by: Arturo Buzarra <arturo.buzarra@digi.com>
Arturo Buzarra
Javier Viguera
Mike Engel
Hector Palacios