create_st_fip_binary.sh converts binary encryption keys to hex before
passing them to encrypt_fw. hexdump may collapse repeated binary data
into '*', corrupting the key and causing encrypt_fw to reject it with an
invalid key size.
Add a bbappend to patch the helper from meta-digi and use hexdump -v so
the full key is emitted.
https://onedigi.atlassian.net/browse/DEL-10115
Signed-off-by: Javier Viguera <javier.viguera@digi.com>
When TrustFence encryption is enabled, the TF-A recipe converts the
binary FIP encryption key to a hexadecimal string and passes it to the
TF-A build as ENC_KEY.
hexdump suppresses repeated output by default and emits '*' when it folds
duplicate data. If that happens while converting the key, the generated
ENC_KEY contains the '*' marker instead of the full hex string. The
malformed value then breaks the make command line, and make can interpret
the remaining key fragment as a target, failing for example with:
make ... ENC_KEY=13eb911dfcc316b1b99bbbbf10a7000c3055e863* 166d3c8c9cd6f888b720a9 all
make: *** No rule to make target '166d3c8c9cd6f888b720a9'. Stop.
Use hexdump -v so every byte of the binary key is emitted and ENC_KEY is
always a complete, contiguous hex string.
https://onedigi.atlassian.net/browse/DEL-10115
Signed-off-by: Javier Viguera <javier.viguera@digi.com>
Drop the imx-m7-demos dependency and build only the A55 boot target,
since Cortex-M firmware is board-specific and should not be selected as
a default SoC artifact. This follows the same cleanup done upstream in
meta-freescale commit 598f047ef112a0c88f699714cd10dc87c8460c5a.
https://onedigi.atlassian.net/browse/DEL-9882
Signed-off-by: Javier Viguera <javier.viguera@digi.com>
(cherry picked from commit 81cf596834382f87701d701277e13c97316de978)
The original do_install() preserves file ownership, which can contaminate the
SDK build and cause "getpwuid(): uid not found: 1000". Adjust the copy command
to not preserve owner/group.
https://onedigi.atlassian.net/browse/DEL-10022
Signed-off-by: Arturo Buzarra <arturo.buzarra@digi.com>
This commit imports the Digi custom version of sign-stm32mp bbclass to ensure
that the search_path() function does not raise a build exception if the signing
tool or keys are not present in the PATH before starting the build process.
In our case, we do not need to manually install the tools or generate the keys
beforehand, as this is automatically handled by Yocto in our DEY distribution.
https://onedigi.atlassian.net/browse/DEL-10022
Signed-off-by: Arturo Buzarra <arturo.buzarra@digi.com>
Commit 52a1111da6d72446530da26e135b65a34b48e279 ("OPTEE: MANAGE signature,
M33TD") in the ST layer incorrectly enables CFG_REMOTEPROC_PUB_KEY_VERIFY=y for
all platforms when SIGN_ENABLE is set.
However, co-processor public key verification against OTP fuses is not
supported on stm32mp1x platforms and causes the build to fail.
Remove CFG_REMOTEPROC_PUB_KEY_VERIFY for ccmp15.
https://onedigi.atlassian.net/browse/DEL-10022
Signed-off-by: Arturo Buzarra <arturo.buzarra@digi.com>
Update secure boot support for Cortex-M processors by refreshing the patch set
and dropping patches already integrated, aligning the implementation with ST
release openstlinux-6.6-yocto-scarthgap-mpu-v26.02.18.
https://onedigi.atlassian.net/browse/DEL-10022
Signed-off-by: Arturo Buzarra <arturo.buzarra@digi.com>
We only want to recover the libinput patch that fixes the cursor issue in the
LVGL demo, don't recover the wl_shell patch.
This partially reverts commit 7afc4a67de.
https://onedigi.atlassian.net/browse/DEL-9925
Signed-off-by: Gabriel Valcazar <gabriel.valcazar@digi.com>
These libraries are required by libcamera when IPA support is enabled.
Import them from the meta-OpenSTLinux layer at the
openstlinux-6.6-yocto-scarthgap-mpu-v26.02.18 tag.
https://onedigi.atlassian.net/browse/DEL-10021
Signed-off-by: Arturo Buzarra <arturo.buzarra@digi.com>
Synchronize the libcamera recipe with the meta-OpenSTLinux layer from the
openstlinux-6.6-yocto-scarthgap-mpu-v26.02.18 tag.
https://onedigi.atlassian.net/browse/DEL-10021
Signed-off-by: Arturo Buzarra <arturo.buzarra@digi.com>
Remove the local ccimx95 patch series from imx-system-manager bbappend
and fetch the DEY-specific changes directly from the Digi fork.
https://onedigi.atlassian.net/browse/DEL-10009
Signed-off-by: Javier Viguera <javier.viguera@digi.com>
Remove the local ccimx95 patch series from imx-oei bbappend and fetch
the DEY-specific changes directly from the Digi fork.
https://onedigi.atlassian.net/browse/DEL-10009
Signed-off-by: Javier Viguera <javier.viguera@digi.com>
The system manager was not reporting (via SCMI) the size for the 2GiB
ram. This patch is a backport of a newer version of the SM.
https://onedigi.atlassian.net/browse/DUB-1117
Signed-off-by: Javier Viguera <javier.viguera@digi.com>
Use the SDMA firmware provided by linux-firmware for i.MX6 and i.MX8
platforms. The SDMA blobs shipped in linux-firmware and firmware-imx are
identical, so just use the upstream ones as meta-freescale does.
Signed-off-by: Javier Viguera <javier.viguera@digi.com>
Enable signed firmware to prevent unauthenticated code on the Cortex-M4
co-processor by verifying images against custom public key from OP-TEE.
https://onedigi.atlassian.net/browse/DEL-9920
Signed-off-by: Arturo Buzarra <arturo.buzarra@digi.com>
Introduce a configurable variable to enable/disable secure co-processor
firmware when TrustFence is enabled.
https://onedigi.atlassian.net/browse/DEL-9813
Signed-off-by: Arturo Buzarra <arturo.buzarra@digi.com>
GPIO1 port access was not enabled on ATF because NXP
reserved it to have exclusive access from the secure
world on their EVK.
Signed-off-by: Hector Palacios <hector.palacios@digi.com>
https://onedigi.atlassian.net/browse/DEL-9839
Fix runtime undefined symbol by wrapping Awb::queueRequest() call to
configureAwbAlgo() with EVISION_ALGO_ENABLED.
Signed-off-by: Arturo Buzarra <arturo.buzarra@digi.com>
Integrate ST libcamera recipe from meta-st-openstlinux layer at
openstlinux-6.6-yocto-scarthgap-mpu-v25.06.11 tag. This recipe is required by
the NPU demos in meta-st-x-linux-ai.
Signed-off-by: Arturo Buzarra <arturo.buzarra@digi.com>
Enable signed firmware to prevent unauthenticated code on the Cortex-M33
co-processor by verifying images against OTP-stored keys.
https://onedigi.atlassian.net/browse/DEL-9813
Signed-off-by: Arturo Buzarra <arturo.buzarra@digi.com>
Exposing these regulators makes the SM disable them during
a reboot process, which leaves the SoC without power, preventing
it from resetting.
Signed-off-by: Hector Palacios <hector.palacios@digi.com>
https://onedigi.atlassian.net/browse/DEL-9804
Add a patch with the DDR calibration for B0 generated with NXP's config
tool version 2025.09.
https://onedigi.atlassian.net/browse/DEL-9811
Signed-off-by: Javier Viguera <javier.viguera@digi.com>
Add a variable analogous to TRUSTFENCE_SIGN to enable/disable artifact
encryption. Deprecate TRUSTFENCE_DEK_PATH in favor of TRUSTFENCE_KEYS_PATH to
use a more generic name and avoid overloading it as an on/off flag. Add per-key
variables for encryption key filenames to avoid hardcoded names and allow
platform overrides.
Signed-off-by: Arturo Buzarra <arturo.buzarra@digi.com>
Adds support for signing and encrypting Cortex-M firmware on STM platforms,
following the STM32 MPU Ecosystem v6.1.0. This update enables secure boot of
co-processor binaries on ConnectCore MP2, enhancing firmware protection.
Signed-off-by: Arturo Buzarra <arturo.buzarra@digi.com>
Remove obsolete SD card image creation logic and related variables. We
will use WIC images for bootable SD cards.
https://onedigi.atlassian.net/browse/DEL-9768
Signed-off-by: Javier Viguera <javier.viguera@digi.com>
Notice that we need to create u-boot and imx-boot symlinks in the deploy
directory, as they are required for the bootloader of the wic images.
https://onedigi.atlassian.net/browse/DEL-9768
Signed-off-by: Javier Viguera <javier.viguera@digi.com>
Different platforms use different Cortex-M processors, so instead of
using the M4_DEFAULT_IMAGE_MX95 (as meta-imx does) for an M7 processor,
generalize to the CORTEXM_DEFAULT_IMAGE variable name. Also, move it
to the imx-boot recipe (where it is used) and deploy that image to
the imx-boot-tools directory, so the imx-boot image can be regenerated
externally (without yocto).
https://onedigi.atlassian.net/browse/DEL-9768
Signed-off-by: Javier Viguera <javier.viguera@digi.com>
This series of patches expose a number of regulators of
the PMIC to the non-secure world, so that they can be
referenced and used by Linux drivers.
Signed-off-by: Hector Palacios <hector.palacios@digi.com>
This commit updates the secure boot support for STM platforms based on the
STM32 MPU Ecosystem v6.1.0. It introduces support for encrypted boot artifacts,
including TF-A and FIP, and enables this functionality for the ConnectCore MP2
platform.
This enhancement allows secure boot deployments with both authentication and
encryption for improved protection of critical boot components.
Signed-off-by: Arturo Buzarra <arturo.buzarra@digi.com>
This commit imports the Digi custom version of sign-stm32mp bbclass to ensure
that the search_path() function does not raise a build exception if the signing
tool or keys are not present in the PATH before starting the build process.
In our case, we do not need to manually install the tools or generate the keys
beforehand, as this is automatically handled by Yocto in our DEY distribution.
Signed-off-by: Arturo Buzarra <arturo.buzarra@digi.com>
Add support for the ccimx95 and reorganize the recipe so that all machine
patches are applied for the DEY distribution, regardless of the build
target.
Signed-off-by: Javier Viguera <javier.viguera@digi.com>
Javier Viguera
Mike Engel
Francisco Gil
Arturo Buzarra
Gabriel Valcazar
Gonzalo Ruiz
Hector Palacios