The appropriate way to add STM signtools to the SDK is via RDEPENDS on
nativesdk-packagegroup-sdk-host, not through the parent recipe of STM
signtools recipe itself.
Signed-off-by: Hector Palacios <hector.palacios@digi.com>
https://onedigi.atlassian.net/browse/DEL-8720
This fix systemd error on boot:
[ 6.974370] systemd[1]: /lib/systemd/system/connectcore-demo-example.service:3: Failed to add dependency on connectcore-demo-server, ignoring: Invalid argument
Signed-off-by: Tatiana Leon <Tatiana.Leon@digi.com>
Through the inclusion of 'nand-4-256' in BOOTDEVICE_LABELS, the include
file 'st-machine-common-stm32mp.inc' adds strings to MULTIUBI_BUILD and
IMAGE_FSTYPES that result in building ubi and ubifs images.
These are redundant and not needed since meta-digi's
'image_types_digi.bbclass' already generates the needed ubifs images.
Signed-off-by: Hector Palacios <hector.palacios@digi.com>
https://onedigi.atlassian.net/browse/DEL-8714
The STM signtools are precompiled binaries with a fixed RPATH to look for
dynamic libraries.
When the binaries are installed to the regular ${bindir} (either native or
nativesdk), additional toolchain libraries in the regular ${libdir} folder
confuse the binaries, resulting in segmentation faults when running them
or missing symbols.
The package has been reworked to place the directory structure expected
by the binaries, in a subfolder "stm" within the ${bindir}.
Two wrapper scripts with the names of the binaries (STM32MP_KeyGen_CLI and
STM32MP_SigningTool_CLI) have been created to run the binaries in the new
subfolder.
Package version has been bumped to 1.1.
While on it, remove the 'do_install' from trustfence-stm-signtools.inc
which is not needed because the 'bin_package' class already provides the
same functionality.
Signed-off-by: Hector Palacios <hector.palacios@digi.com>
https://onedigi.atlassian.net/browse/DEL-8720
The appropriate way to add STM signtools to the SDK is via RDEPENDS on
nativesdk-packagegroup-sdk-host, not through the parent recipe of STM
signtools recipe itself.
Signed-off-by: Hector Palacios <hector.palacios@digi.com>
https://onedigi.atlassian.net/browse/DEL-8720
This fix systemd error on boot:
[ 6.974370] systemd[1]: /lib/systemd/system/connectcore-demo-example.service:3: Failed to add dependency on connectcore-demo-server, ignoring: Invalid argument
Signed-off-by: Tatiana Leon <Tatiana.Leon@digi.com>
Current pattern does not match the SRKs generated for the ccimx93. The
ccimx93 does not support subordinated SGK certs, so the name of the SRKs
do not contain the "_ca_" pattern. So relax the expression used in the
trustfence bbclass to match the SRKs generated for both platforms.
# For the ccimx93
$ ls -1 crts/SRK1*crt.pem
crts/SRK1_sha512_secp521r1_v3_usr_crt.pem
# For the ccimx8x
$ ls -1 crts/SRK1*crt.pem
crts/SRK1_sha512_secp521r1_v3_ca_crt.pem
Signed-off-by: Javier Viguera <javier.viguera@digi.com>
Some platforms do not support signing external artifacts (kernel, dtb,
etc.) yet, so we need to decouple the signing of the bootloader from the
signing of the external artifacts.
This commit generalizes the code, so instead of having platform exceptions
scattered along the recipes, we create a new variable used conditionally
to sign or not the external artifacts.
Signed-off-by: Javier Viguera <javier.viguera@digi.com>
ARM64 generic overrides where in the middle of the chain with more
precedence than IMX overrides.
From:
MACHINEOVERRIDES="imx-generic-bsp:imx-nxp-bsp:imxdrm:imxpxp:mx9-generic-bsp:mx9-nxp-bsp:mx93-generic-bsp:mx93-nxp-bsp:ccimx93:ccimx93:aarch64:armv8-2a:use-nxp-bsp:ccimx93-dvk"
To:
MACHINEOVERRIDES="aarch64:armv8-2a:use-nxp-bsp:imx-generic-bsp:imx-nxp-bsp:imxdrm:imxpxp:mx9-generic-bsp:mx9-nxp-bsp:mx93-generic-bsp:mx93-nxp-bsp:ccimx93:ccimx93:ccimx93-dvk"
Signed-off-by: Javier Viguera <javier.viguera@digi.com>
mkimage output provides some information (basically image offsets) that
cst (code signing tool) uses to sign imx-boot images.
Signed-off-by: Javier Viguera <javier.viguera@digi.com>
This version supports i.MX8ULP and i.MX9x devices.
NOTICE: changed the "srk_ca" parameter in ahab_pki_tree.sh from "yes" to
"no". This script is shared between cc8x and ccimx93. The imx93 does not
support that option at the moment (generation of subordinate SGK certs)
and for the cc8x we were generating them but never used them to sign
the artifacts.
Signed-off-by: Javier Viguera <javier.viguera@digi.com>
Merge the patches for the PKI tree generation scripts, to ease
maintenance (still keeping two separate patches for HAB4/AHAB).
Signed-off-by: Javier Viguera <javier.viguera@digi.com>
If the system is send to suspend mode, the bluetooth core is reconfigured.
Therefore, restart the service if it is running, to configure the ble
service.
https://onedigi.atlassian.net/browse/DEL-8694
Signed-off-by: Isaac Hermida <isaac.hermida@digi.com>
ARM64 generic overrides were in the middle of the chain with more
precedence than IMX overrides.
From:
MACHINEOVERRIDES="imx-generic-bsp:imx-nxp-bsp:imxdrm:imxpxp:mx9-generic-bsp:mx9-nxp-bsp:mx93-generic-bsp:mx93-nxp-bsp:ccimx93:ccimx93:aarch64:armv8-2a:use-nxp-bsp:ccimx93-dvk"
To:
MACHINEOVERRIDES="aarch64:armv8-2a:use-nxp-bsp:imx-generic-bsp:imx-nxp-bsp:imxdrm:imxpxp:mx9-generic-bsp:mx9-nxp-bsp:mx93-generic-bsp:mx93-nxp-bsp:ccimx93:ccimx93:ccimx93-dvk"
Signed-off-by: Javier Viguera <javier.viguera@digi.com>
Bitbake was always copying the public key 1 to the rootfs, no matter what the value specified in
the 'TRUSTFENCE_KEY_INDEX' variable was. This commit fixes the issue by enclosing the variable
between curly braces so that bitbake is able to expand it and calculate the correct key index.
Signed-off-by: David Escalona <david.escalona@digi.com>
Commit 429125cce0 created a minimal version 'defconfig'
that doesn't include all the default configuration options
of swupdate.
However, an anonymous python function inside the swupdate
repository establishes dependencies basing on configuration
switches it finds (or not) in the 'defconfig' file and any
additional configuration fragments.
For this reason, a minimal 'defconfig' cannot be used in
this recipe and a full configuration file (that also includes
default options) must be used instead.
Reported-by: Stephan Klatt
Signed-off-by: Hector Palacios <hector.palacios@digi.com>
Signed-off-by: Javier Viguera <javier.viguera@digi.com>
There was a missmatch between the configuration file and the
correct adc in the ccmp15 platform.
Also a whitespace is removed from ccmp13 configuration file.
https://onedigi.atlassian.net/browse/DEL-8702
Signed-off-by: Francisco Gil <francisco.gilmartinez@digi.com>
If the default r/w rootfs is not found it will try to do a
fallback to the squashfs image.
In the nand devices additionally we need to set the rootfstype
to squashfs.
https://onedigi.atlassian.net/browse/DEL-8638
Signed-off-by: Francisco Gil <francisco.gilmartinez@digi.com>
When booting from a microSD, the variable 'boot_device' is
set to "mmc". Check this to fall back to booting Linux from
the microSD partitions.
Signed-off-by: Hector Palacios <hector.palacios@digi.com>
These are files for programming images with STM32CubeMX tool.
We don't use the tool or the files. Remove the task to avoid build
warnings.
Signed-off-by: Hector Palacios <hector.palacios@digi.com>
BOOTDEVICE_LABELS defines the supported boot device (NAND by default).
BOOTSCHEME_LABELS defines the which kind of boot is supported.
Signed-off-by: Hector Palacios <hector.palacios@digi.com>
We will use BOOTDEVICE_LABELS as a means to add 'sdcard'
configuration to TF_A_CONFIG within meta-st-stm32 so there
is no need to have a wrapper variable in meta-digi.
This reverts commit 7cf314ba80.
Signed-off-by: Hector Palacios <hector.palacios@digi.com>
We will use BOOTDEVICE_LABELS as a means to add 'sdcard'
configuration to TF_A_CONFIG within meta-st-stm32 so there
is no need to have a wrapper variable in meta-digi.
This reverts commit c6f19a099c.
Signed-off-by: Hector Palacios <hector.palacios@digi.com>
Digi's mechanism to use a custom Linux kernel defconfig is
based on setting the variable KERNEL_DEFCONFIG, however ST
implements their own mechanism with a custom variable
KERNEL_EXTERNAL_DEFCONFIG. When providing an external defconfig,
the variable needs to be set, otherwise a build error
will be generated. So to keep compatibility with NXP
platforms, this commit weakly assigns KERNEL_EXTERNAL_DEFCONFIG
to a default value "defconfig".
Signed-off-by: Francisco Gil <francisco.gilmartinez@digi.com>
ConnectCore Cloud Services examples are included in 'dey-examples' repository
so they can be built from here and also imported in Eclipse/Digi Application
Development Environment for Linux with the samples wizard.
The example 'upload_file' has been removed since currently there is no support
for binary data points in the CCCS daemon/client model.
https://onedigi.atlassian.net/browse/DEL-8628
Signed-off-by: Tatiana Leon <Tatiana.Leon@digi.com>
This recipe generates several packages:
* 'cccs' includes the CCCS shared library
* 'cccs-daemon' includes the binary and resources to execute the CCCS daemon
(daemon, service and init scripts, configuration file)
* 'cccs-cert' includes the required certificate to use CCCS daemon
* 'cccs-gs-demo' includes the binary and resources to execute the CCCS get
started demo (binary, service and init scripts)
* 'cccs-legacy' includes the binary (all-in-one) application to execute
the legacy CCCS application (aka cloud-connector) and the configuration
file
* 'cccs-legacy-dev' includes resources to develop legacy CCCS applications
(all-in-one) (header files inside 'cloud-connector' and 'cloudconnector.pc'
pkg config file)
* 'cccs-legacy-staticdev' includes static resources to develop legacy CCCS
applications (all-in-one) (static library)
This commit also renames:
* 'CLOUDCONNECTOR_PKGS' variable to 'CCCS_PKGS'.
* 'CC_DEVICE_TYPE' variable to 'CCCS_DEVICE_TYPE'.
https://onedigi.atlassian.net/browse/DEL-8628
Signed-off-by: Tatiana Leon <Tatiana.Leon@digi.com>
Until now, for dualboot systems, all boot variables were calculated on each boot depending on the value of the
'active_system'. These variables are used to boot the device but were not saved, which could lead to a missmatch
between their value in the environment and their required values to correctly boot the system. This commit
simplifies a bit the variables calculation and adds a block to synchronize their value in the environment.
Signed-off-by: David Escalona <david.escalona@digi.com>
All the 'altboot' script functionality has been moved directly to the 'altbootcmd' command
in U-Boot, so this script is no longer necessary. Remove it for all platforms.
https://onedigi.atlassian.net/browse/DEL-8674
Signed-off-by: David Escalona <david.escalona@digi.com>
Those bbappends are enabling 'examples' PACKAGECONFIG. This is now done
in the distro config file.
https://onedigi.atlassian.net/browse/DEL-8675
Signed-off-by: Javier Viguera <javier.viguera@digi.com>
QT v6.5 is a long term support (LTS) and is the version used in newer
releases from NXP (based on Yocto 4.2 mickledore)
This commit basically backports the QT v6.5 from meta-freescale community
layer (mickledore) with some recipe's polishing from meta-imx.
https://onedigi.atlassian.net/browse/DEL-8675
Signed-off-by: Javier Viguera <javier.viguera@digi.com>
The install scripts from SD/USB use a fixed image name.
If you are trying to install a different image you need to set
the env variable 'image-name' first.
Add a helper message if default files are not found to
avoid needing to go to the documentation.
Signed-off-by: Hector Palacios <hector.palacios@digi.com>
During firmware install, the target may be reset several times.
We don't want the bootcount to count these as boot attempts.
Signed-off-by: Hector Palacios <hector.palacios@digi.com>
Hector Palacios
Tatiana Leon
Arturo Buzarra
Javier Viguera
Isaac Hermida
Francisco Gil
David Escalona
Mike Engel