When changing any of the secure boot configurable macros the Linux kernel
should be re-deployed so that it can be signed/encrypted as needed.
https://jira.digi.com/browse/DEL-2750
Signed-off-by: Alex Gonzalez <alex.gonzalez@digi.com>
TRUSTFENCE_SIGN can be defined to "0" to explicitly disable uImage sign and
encryption.
https://jira.digi.com/browse/DEL-2803
Signed-off-by: Diaz de Grenu, Jose <Jose.DiazdeGrenu@digi.com>
NXP Code signing Tool for the High Assurance Boot library is needed for
signing and encrypting different artifacts (U-Boot image, uImage, ...).
As the CST cannot be included in DEY, the user needs to download the
tarball and add it to the recipe folder.
https://jira.digi.com/browse/DUB-618
Signed-off-by: Diaz de Grenu, Jose <Jose.DiazdeGrenu@digi.com>
As the plan is to use the same git objects (SHA1) in the internal and
github repos, also remove that internal/external SRCREV infrastructure.
https://jira.digi.com/browse/DEL-2205
Signed-off-by: Javier Viguera <javier.viguera@digi.com>
* Move kernel configuration fragments to 2.6.35 recipe (that's the only
kernel version using them)
* Move compile-time dependences to common include linux-dey.inc
Signed-off-by: Javier Viguera <javier.viguera@digi.com>
Also remove kernel configuration fragments for kernel 3.10. This is not
needed for 3.10 as all the configuration is done via device-trees.
https://jira.digi.com/browse/DEL-1695
Signed-off-by: Javier Viguera <javier.viguera@digi.com>
(cherry picked from commit b0031915f1c7f3eeba680161827e78bbac9eebb4)
The way the kernel is built in yocto 1.8 has changed. Now the
build is done under ${WORKDIR}/build while the source code is at
STAGING_KERNEL_DIR, so we need to modify the '.config' in the build
directory instead of in the source directory.
This fixes:
kernel-source is not clean, please run 'make mrproper'
make[2]: *** [prepare3] Error 1
make[1]: *** [sub-make] Error 2
https://jira.digi.com/browse/DEL-1558
Signed-off-by: Javier Viguera <javier.viguera@digi.com>
Needing to set the branch where a specific SHA1 revision is contained is
a unnecessary constraint that can be bypassed setting 'nobranch=1' in
the SRC_URI.
We do that for all the external repos (GitHub) plus the internal ones
for the im-xbootlets and the atheros kernel module (as those two repos
are stable enough and we are not developing actively on them).
For U-Boot and Linux we keep the SRCBRANCH framework for internal repos
as this is needed for the AUTOREV yocto feature.
Signed-off-by: Javier Viguera <javier.viguera@digi.com>
Starting with Yocto 1.6 there is a need to configure in which branch a
specific SHA1 revision is included. We need a framework to set such
branches both for internal git repos and for external ones (Github).
If the branch is not specified in the SRC_URI, the do_fetch task may
fail even though the SHA1 revision exists in the repository.
Signed-off-by: Javier Viguera <javier.viguera@digi.com>
linux-dey.inc is a copy of meta-fsl-arm's linux-imx recipe file, so
instead of copying the whole recipe just use that (including the file)
and code the differences.
While on it, add RDEPENDS_kernel-base="" to remove the dependence of the
rootfs image recipes on the linux image. We don't need/use the kernel
image in the rootfs as we load it from a different partition. This makes
rootfs images a bit smaller.
Signed-off-by: Javier Viguera <javier.viguera@digi.com>
change the directory (cd) and make the symbolic link in a subshell to
preserve the current working directory for any subsequent command.
Signed-off-by: Javier Viguera <javier.viguera@digi.com>
Copy including folders. This was causing problems in kernel version 3.10
as the directory included folders that were omitted in the copy and caused
the do_install to fail.
Signed-off-by: Alex Gonzalez <alex.gonzalez@digi.com>
The final product will be called "Digi Embedded for Yocto" or DEY for
short.
This commit renames all relevant files.
https://jira.digi.com/browse/DEL-474
Signed-off-by: Alex Gonzalez <alex.gonzalez@digi.com>
Alex Gonzalez
Diaz de Grenu, Jose
Javier Viguera