Commit 92969f0c4 ("plat-stm32mp1: Remove CFG_STM32_BSEC_WRITE dependency with
debug configuration OP-TEE") on OP-TEE source code, removed the link between
the BSEC WRITE feature with DEBUG feature, so now by default it is enabled.
This reverts commit 2395378ec4.
https://onedigi.atlassian.net/browse/DEL-8657
DY_MANIFEST parameter allows to do a 'repo init' with a specific
manifest file contained in the manifest repository. For example,
'manufacturing.xml' for building manufacturing projects.
By default no manifest file parameter is provided, so the 'repo init'
command will initialize based on the 'default.xml' manifest file.
Signed-off-by: Gonzalo Ruiz <Gonzalo.Ruiz@digi.com>
This allows to set RTC configuration parameters. For example, the rv3028
RTC included in ccmp1 and ccimx93 has the "backup switching mode"
configuration in a register that is saved to an eeprom. By default the
BSM value is 00, which means backup switchover disabled. This means that
even if you connect a coin cell to our DVK, the RTC will ignore it.
With this commit, the BSM can be configured to direct switching mode
(DSM) or level switching mode (LSM) so the RTC uses the battery when the
device is powered off.
Signed-off-by: Javier Viguera <javier.viguera@digi.com>
DY_MACHINES_LAYER is an optional variable only used once. Use bash's
"alternate value" expansion and get rid of the intermediate MACHINES_LAYER
variable.
While on it, remove the DY_BUILD_VARIANTS reference in the script header
as that was removed long ago.
Signed-off-by: Javier Viguera <javier.viguera@digi.com>
Implement a new mechanism to allow users to create update packages based on differences for read-only
systems. The update mechanism requires full knowledge of the current software running on the device in order
to compute a sensitive patch. For this reason, only systems without user modifications in the rootfs/boot
partitions are eligible for this kind of updates. At the moment, only the 'rootfs' partition supports the
read-only squashfs file system type, so it is the only partition supporting incremental updates. The 'boot'
partition will still be updated but as a full image.
This new feature is done making use of the SWUpdate 'rdiff' handler, which applies binary deltas with the
functionallity provided by the rsync library. During the update process, the contents of the active 'rootfs'
partition are read as the base and written to the inactive 'rootfs' partition applying the delta binary patch
on-the-fly. To ensure the delta file is applied using the correct base, the firmware update process verifies
the contents of the 'rootfs' base partition before applying the update.
The binary delta file is automatically generated by the DEY build system using the resulting 'rootfs' squashfs
image as target and the user specified file as source. The file is then packaged with the rest of components in
the SWU update image. Users must specify the base source file in their project configuration file using the
new variable 'SWUPDATE_RDIFF_ROOTFS_SOURCE_FILE'. Also, 'read-only-rootfs' image feature should be set in the
project to generate this new SWU update package.
Since a base and a target 'rootfs' partition is required during the update, only 'dualboot' systems can benefit
from this new feature.
Note: If variable 'SWUPDATE_RDIFF_ROOTFS_SOURCE_FILE' is configured in the project but any of 'SWUPDATE_FILES_LIST'
or 'SWUPDATE_FILES_TARGZ_FILE' variables is also set, the build system will prioritize a SWU update package
based on files instead of a differences package.
https://onedigi.atlassian.net/browse/DEL-8624
Signed-off-by: David Escalona <david.escalona@digi.com>
We expect new types of SWU update packages to be created in the future. To avoid splitting
all the code in different classes based on the update type, create the generic class
'dey-swupdate' to hold all the custom code and the 'dey-swupdate-common' class to hold all
the required variables. This basically renames the old 'swupdate-files' and 'swupdate-files-common'
classes.
While on it, reorganize the 'swupdate-images' recipe to move variable declarations and
functionallity to the correct place:
- Move all variable declarations to 'swupdate-digi-common' class and organize them in
functional groups.
- Improve the way files are included in the 'SWUPDATE_IMAGES' by using the update type
variables.
- Move the update script copy to the 'do_swuimage' prepend function. Until now, the copy
process was executed in the 'fill_description' method, which should only touch the
'sw-description' file.
- Rename some variables to use 'SWUPDATE' prefix.
- Minor cosmetic changes.
https://onedigi.atlassian.net/browse/DEL-8624
Signed-off-by: David Escalona <david.escalona@digi.com>
Writing directly into UBI volumes is not allowed, so a special 'rdiff' handler capable of
write data in UBI volumes is required. This commits adds the new handler and enables it in
MTD based systems.
https://onedigi.atlassian.net/browse/DEL-8624
Signed-off-by: David Escalona <david.escalona@digi.com>
The 'RDIFF' handler allows to apply incremental updates using rdiff delta files in the
swu update package. This functionallity is only recommended for read-only file systems,
where the source partition cannot be modified externally by users.
https://onedigi.atlassian.net/browse/DEL-8624
Signed-off-by: David Escalona <david.escalona@digi.com>
Create a new script for the generation of PKI tree for STM platforms
and leave the trustfence-sign-artifact script exclusively for signing.
The new gen-pki script only requires the platform as an argument and the
path to where to save the tree (if it doesn't exist) in
CONFIG_SIGN_KEYS_PATH.
This commit also reverts commit 13c136dbc5 by getting rid of the
trustfence-genpki-native.bb recipe and moving back the PKI generation
functions into trustfence.bbclass. This recipe didn't quite guarantee
that the PKI was generated on time for the recipes that required the
keys to exist, anyway.
Instead, the PKI generation function must be called right after
do_compile() of recipe tf-a-stm32mp to be ready for do_deploy() where
the key is used.
Signed-off-by: Hector Palacios <hector.palacios@digi.com>
Starting at kernel 6.1, the maxim98088 driver has been migrated
from the old imx-max98088.c driver to NXP’s new audio framework
fsl-asoc-card.c.
Update the sound stuff to match the new audio card and some of
the new controls.
https://onedigi.atlassian.net/browse/DEL-8596
Signed-off-by: Isaac Hermida <isaac.hermida@digi.com>
DY_MANIFEST parameter allows to do a 'repo init' with a specific
manifest file contained in the manifest repository. For example,
'manufacturing.xml' for building manufacturing projects.
By default no manifest file parameter is provided, so the 'repo init'
command will initialize based on the 'default.xml' manifest file.
Signed-off-by: Gonzalo Ruiz <Gonzalo.Ruiz@digi.com>
(cherry picked from commit c38b4fc4f2c565ab9db20c082016401341e78ce5)
Building swupdate with '-j1' fails with:
swupdate$ make -j1
scripts/kconfig/conf --silentoldconfig Kconfig
CC ipc/network_ipc.o
CC ipc/network_ipc-if.o
CC ipc/progress_ipc.o
LD ipc/built-in.o
LD libswupdate.so.0.1
Failed:
aarch64-dey-linux/11.3.0/ld: cannot find ipc-static/lib.a: No such file or directory
collect2: error: ld returned 1 exit status
That's due to trying to link a static library that has not been compiled
yet. That dependence seems spurious and we added it in a patch, so
remove it to fix non-parallel builds.
https://onedigi.atlassian.net/browse/DEL-8445
Signed-off-by: Javier Viguera <javier.viguera@digi.com>
Commit 7cf314ba80 made a weak assignment of TF_A_CONFIG in the machine
config file, so that it could be overriden from conf/local.conf with a
straight assignment. However, this variable already has a weak assignment
on include files for the tf-a-stm32mp recipe, which apparently take
precedence over the machine files.
This commit creates a new variable DEY_TF_A_CONFIG in the machine config,
and then uses a straight assignment of TF_A_CONFIG to the new variable on the
tf-a-stm32mp.bbappend.
This allows users to override the machine default and avoids the STM recipe
weak assignment.
Signed-off-by: Hector Palacios <hector.palacios@digi.com>
The btnxpuart driver uses internally the serial port to manage the chip, and
loads the BT FW independently of the WiFi subsystem.
While on it, add support in the bluetooth-init script to be able to power the
chip when the WiFi support is not present.
https://onedigi.atlassian.net/browse/DEL-8632
Signed-off-by: Isaac Hermida <isaac.hermida@digi.com>
Do not install the combo FW and install the WiFi and BT FW as separated FWs,
so they are managed independently.
Md5sums are:
44cf5535f3b40784296843544eae159e sd_w61x_v1.bin.se
300c739a4e126a8f430001c41e5b3a5f uartspi_n61x_v1.bin.se
Note: currently these FW files are copied manually here, till the github FW
files are updated.
These firmware files come from the package IW612_18.99.2.p19.5.zip provided
by NXP support page.
https://onedigi.atlassian.net/browse/DEL-8632
Signed-off-by: Isaac Hermida <isaac.hermida@digi.com>
The btnxpuart driver is used for the bluetooth chip. We want to control
when to load and unload it, and when power/unpower the chip.
Therefore, blacklist it, so we can manage it in our scripts.
https://onedigi.atlassian.net/browse/DEL-8632
Signed-off-by: Isaac Hermida <isaac.hermida@digi.com>
This wks file creates the required GPT and partition layout
to have a bootable SD card with the following partitions:
- fsbl1
- fsbl2
- metadata1
- metadata2
- fip-a
- fip-b
- u-boot-env
- linux
- rootfs
- data
Signed-off-by: Hector Palacios <hector.palacios@digi.com>
https://onedigi.atlassian.net/browse/DEL-8120
This includes NXP's code from the SCFW porting kit v1.15.0, support for
variants with 4 GiB of RAM and a fix for an issue when resuming from suspend.
https://onedigi.atlassian.net/browse/DEL-8604
Signed-off-by: Gabriel Valcazar <gabriel.valcazar@digi.com>
This commit adds support for environment encryption/decryption of the
u-boot environment on the CCMP1 platform in Linux.
Signed-off-by: Mike Engel <Mike.Engel@digi.com>
Equivalent commits in meta-freescale:
71d2a1ad49a3e04d0d401d4e9c52d5a50105b6dc
995f2f0a86da9428af348e72e51beb5063ebd729
Signed-off-by: Javier Viguera <javier.viguera@digi.com>
This reuses the same variable from sysvinit (USE_VT) to disable running
getty/login on virtual terminals.
Signed-off-by: Javier Viguera <javier.viguera@digi.com>
When the system runs as read-only with '/etc' overlayfs enabled, '/sbin/init' is not a symlink
to 'systemd', but '/sbin/init.orig' is. This causes the script to wrongly think than 'systemd'
is not being used. The outcome is that partitions are not being automatically mounted in R/O
systems running in mmc with '/etc' overlayfs enabled, as the specific '/usr/bin/systemd-mount'
binary needs to be invoked in these cases.
The proposed fix performs a second check with '/sbin/init.orig' to determine whether systemd is
being used or not. While on it, add an early check to determine if the partition is already
mounted to exit the script.
Signed-off-by: David Escalona <david.escalona@digi.com>
Make a series of changes to make sure the imx-boot signing process works:
* Store separate mkimage logs for each imx-boot build. In our case, this
means storing one log per SoC revision. Each SoC revision has a different
SECO fw binary with varying sizes, which causes offsets of specific
signing regions to differ among revisions. Since we parse the offsets
from the logs, we need to make sure the offset information is correct in
each case.
* Remove u-boot-atf-container.img in each mkimage iteration, otherwise the
ATF offset information will be missing from subsequent logs.
* Implement a separate trustfence_sign_imxboot() function for the ccimx8x
to iterate through all SoC revisions.
Note that the SPL+AHAB signing script doesn't support imx-boot encryption yet.
Signed-off-by: Gabriel Valcazar <gabriel.valcazar@digi.com>
When building imx-boot images with SPL on the ccimx8x, a different signing
procedure is required. We already have a script for this use case in our U-Boot
fork, so make use of it.
Signed-off-by: Gabriel Valcazar <gabriel.valcazar@digi.com>
fill_description copies some artifacts to the images deploy directory,
so that should be created beforehand. Otherwise it may fail on the
'do_unpack' task depending on how bitbake schedules the tasks.
Signed-off-by: Javier Viguera <javier.viguera@digi.com>
Regulatory domain is now provided as a Kernel parameter, and the
wlan driver uses it to select the correct BDF file, so we don't
need to change the symbolic links to point to one file or another
anymore.
https://onedigi.atlassian.net/browse/DEL-8360
Signed-off-by: Gonzalo Ruiz <Gonzalo.Ruiz@digi.com>
New NXP's release is based on upstream v2.8. Use this only for ccimx93,
and keep using the previous Kirkstone release (based on upstream v2.6)
for the rest of the platforms.
Signed-off-by: Javier Viguera <javier.viguera@digi.com>
Implement a new mechanism to allow users to create update packages based on files and folders to modify
the active system.
This is done through the new class 'swupdate-files', which creates a tar.gz update file in the image
distribution output directory containing all the files and directories to create/update. The 'tar.gz'
file is used later by the 'swu-images' recipe to generate the final SWUpdate package. The SWU package
installation process extracts the tar.gz file in the root folder ("/") of the active system.
Users can specify the list of files and directories to include in the update package using the
'SWUPDATE_FILES_LIST' variable. These files will be directly copied from the generated system rootfs and
placed in the tar.gz archive. Additionally, users can provide their custom 'tar.gz' file to use in the update
by specifying its location in the 'SWUPDATE_FILES_TARGZ_FILE' variable. In any case, all the paths to include
in the update package must be relative to "/", as it is the base directory where tar.gz file contents are
extracted.
The update process for dual boot systems sets a new u-boot flag so that active bank is not swapped once
installation is complete and system reboots.
The SWU update mechanism based on files provides a custom update script which takes care of preparing the
system for the installation process. Just like in the SWU updates based on images, users can customize this
script or override it with the 'SWUPDATE_SCRIPT' variable, specifying the location of the new script to use.
If both the 'SWUPDATE_FILES_LIST' and 'SWUPDATE_FILES_TARGZ_FILE' variables are empty, a standard images
SWUpdate package will be generated instead.
Signed-off-by: David Escalona <david.escalona@digi.com>
Make the 'defconfig' file a real defconfig by including only differences with respect default
values. While on it, improve the recipe:
- Enable 'BOOTLOADERHANDLER' by default in the 'defconfig'. We were unconditionally setting
this value to 'y' in the recipe, so move it to the default configuration.
- Move 'UBI' configuration values to 'mtd.cfg' file to be added only when device filesystem is
MTD based. Until now, 'UBI' support was always added by default.
- Move the 'SIGNED_IMAGES' configuration entry to a '.cfg' file like we are doing with the rest
of the functionallity. Use 'oe.utils.conditional' checking 'TRUSTFENCE' feature for this.
Signed-off-by: David Escalona <david.escalona@digi.com>
Arturo Buzarra
Gonzalo Ruiz
Javier Viguera
David Escalona
Hector Palacios
Isaac Hermida
Gabriel Valcazar
Mike Engel