The common license file GPL-2.0 is now called GPL-2.0-only in poky, so we need
to reflect this name change to avoid errors
Signed-off-by: Gabriel Valcazar <gabriel.valcazar@digi.com>
Since commit 11558352 ("swu-images: add "installed-directly" flag to
sw-description") the swu package images are streamed into the target without
any temporary copy to support devices with low memory available, that forces a
different order according with the swupdate documentation because scripts
should packed before the rest. This means that all the pre, post and shell
scripts will be executed after the images will be installed. This behavior
breaks the current support to mount the cryptorootfs node before install an
encrypted rootfs.
This commit moves the shell script to mount the cryptorootfs node to the
recovery initramfs and modifies the swupdate command line to call the shell
script before the images installation.
https://onedigi.atlassian.net/browse/CC8X-320
Signed-off-by: Arturo Buzarra <arturo.buzarra@digi.com>
* prefix TRUSTFENCE_ to variable SIGN_MODE for DEY
* prefix CONFIG_ to variable SIGN_MODE for script
Signed-off-by: Hector Palacios <hector.palacios@digi.com>
Commit 074e3ba3 ("meta-digi-dey: add cryptsetup tool into initramfs") added
the runtime dependency to cryptsetup for all platforms, but it is
required only to encrypt/decrypt block devices.
Signed-off-by: Arturo Buzarra <arturo.buzarra@digi.com>
This tool was only needed for old kernels, newer kernels use the hardware
random number generator themselves.
https://jira.digi.com/browse/DEL-5518
Signed-off-by: Jose Diaz de Grenu <Jose.DiazdeGrenu@digi.com>
This commit modifies different recipes to support the new platform
ccimx6qpsbc and adapt it to maintain the support to ccimx6sbc.
https://jira.digi.com/browse/DEL-5082
Signed-off-by: Arturo Buzarra <arturo.buzarra@digi.com>
This commit adds mdev support into the recovery ramdisk to
mount/unmount storage devices for the firmware up tool.
Signed-off-by: Mike Engel <Mike.Engel@digi.com>
https://jira.digi.com/browse/DEL-3692
- Instead of trying to generate the TrustFence keys in this recipe
when they are not present, depend on the 'virtual/kernel' to
ensure they are already generated. This solves a concurrency problem
when two recipes try to generate TrustFence keys at the same time.
https://jira.digi.com/browse/DEL-3913
Signed-off-by: David Escalona <david.escalona@digi.com>
- The swupdate binary included in the recovery partition when the
images to build are trustfence enabled performs a verification
of the swupdate package. For this verification to suceed, it is
mandatory to provide to the swupdate binary the public key that
will be used to verify the swupdate package. This public key must be
included in the recovery initramfs only when 'TRUSTFENCE_SIGN=1'.
https://jira.digi.com/browse/DEL-3772
Signed-off-by: David Escalona <david.escalona@digi.com>
Javier Viguera
Gabriel Valcazar
Arturo Buzarra
Hector Palacios
Mike Engel
Jose Diaz de Grenu
David Escalona
Tatiana Leon