Perform AHAB signing process without altering the original file.
https://jira.digi.com/browse/DEL-7024
Signed-off-by: Gonzalo Ruiz <Gonzalo.Ruiz@digi.com>
LINUX_ARM64 images include the padding length in the size property of
their header, so for these images read the header size property instead
of calculating it with 'stat'.
https://jira.digi.com/browse/DEL-7024
Signed-off-by: Gonzalo Ruiz <Gonzalo.Ruiz@digi.com>
If CONFIG_SIGN_MODE is unset, we were assuming the sign mode to be AHAB
whereas it is preferable to abort the signing process and notify with an
error message.
https://jira.digi.com/browse/DEL-7024
Signed-off-by: Gonzalo Ruiz <Gonzalo.Ruiz@digi.com>
The signing script is used for signing multiple artifacts, not just the
kernel, so rename it for a broader use.
https://jira.digi.com/browse/DEL-7047
Signed-off-by: Gonzalo Ruiz <Gonzalo.Ruiz@digi.com>
Includes:
- add io reset support including edge detection.
https://jira.digi.com/browse/CC6UL-1132
Signed-off-by: Pedro Perez de Heredia <pedro.perez@digi.com>
imx-mkimage is a host recipe to provide the mkimage_imx8 binaries, required
for the trustfence support with platform based on AHAB (ccimx8x). Since
these binaries are required to the sign process we need to export it in the
SDK to allow the standalone sign mode, and with that we can simplify the
mechanism to share these binaries with another recipes (u-boot, linux).
Also the do_deploy() from imx-mkimage recipe was removed to avoid overriding
the implementation from the native class and allow populating the mkimage
binaries.
Signed-off-by: Arturo Buzarra <arturo.buzarra@digi.com>
Add Trustfence support for signing imx-boot images:
- Install a different U-Boot signing script for images with U-Boot SPL.
- Store mkimage log for later use in the signing script
- make 'print_hab_log' and store its log for later use in the signing script
https://jira.digi.com/browse/DEL-7023
Signed-off-by: Gonzalo Ruiz <Gonzalo.Ruiz@digi.com>
Digi Embedded Yocto 2.6-r3.1
Manually changed recipes to use the master branches instead of the fixed SHA1
from the last release.
Signed-off-by: Mike Engel <mike.engel@digi.com>
The recipe needs to create a copy of the sign.sh script to be used by
other recipes, but the file is the same whether you use it for HAB or AHAB
images. This is determined through the use of an exported variable with
the mode. There is no need to have the script duplicated.
Signed-off-by: Hector Palacios <hector.palacios@digi.com>
The only script that needs to generate the SRK_efuses is the sign.sh
script in the U-Boot code. For the rest of signed non-bootable artifacts
this is not required and it was creating the SRK_efuses file on every
recipe where the script was called, like linux-dey and others, which
eventually resulted in a conflict when copying the artifacts to the shared
deploy-image-dir.
Signed-off-by: Hector Palacios <hector.palacios@digi.com>
This commit changes the u-boot sources needed to create standalone
signing tools to 2019.04. This u-boot supports all Trustfence
platforms.
Signed-off-by: Mike Engel <Mike.Engel@digi.com>
* prefix TRUSTFENCE_ to variable SIGN_MODE for DEY
* prefix CONFIG_ to variable SIGN_MODE for script
Signed-off-by: Hector Palacios <hector.palacios@digi.com>
This adds the same example application that was used for the old version of the
library, but it has been separated into a proper package this time.
Recommend said package when installing the library.
https://jira.digi.com/browse/DEL-6826
Signed-off-by: Gabriel Valcazar <gabriel.valcazar@digi.com>
This version is based on the 20190517 master release, with the addition of
pkcs11 provisioning support.
The source code now has cmake files, so we don't need as many code
customizations as we used to. Revamp the recipe and its patches.
https://jira.digi.com/browse/DEL-6826https://jira.digi.com/browse/DEL-6835
Signed-off-by: Gabriel Valcazar <gabriel.valcazar@digi.com>
Digi Embedded Yocto 2.6-r2.2
Manually changed recipes to use the master branches instead of the fixed SHA1
from the last release.
Signed-off-by: Arturo Buzarra <arturo.buzarra@digi.com>
Otherwise, users that are behind corporate firewalls might not be able to
obtain the package sources.
https://jira.digi.com/browse/DEL-6663
Signed-off-by: Gabriel Valcazar <gabriel.valcazar@digi.com>
Arturo Buzarra
Hector Palacios
Gabriel Valcazar
Gonzalo Ruiz
Hector Bujanda
Mike Engel