Until now, for dualboot systems, all boot variables were calculated on each boot depending on the value of the
'active_system'. These variables are used to boot the device but were not saved, which could lead to a missmatch
between their value in the environment and their required values to correctly boot the system. This commit
simplifies a bit the variables calculation and adds a block to synchronize their value in the environment.
Signed-off-by: David Escalona <david.escalona@digi.com>
All the 'altboot' script functionality has been moved directly to the 'altbootcmd' command
in U-Boot, so this script is no longer necessary. Remove it for all platforms.
https://onedigi.atlassian.net/browse/DEL-8674
Signed-off-by: David Escalona <david.escalona@digi.com>
The install scripts from SD/USB use a fixed image name.
If you are trying to install a different image you need to set
the env variable 'image-name' first.
Add a helper message if default files are not found to
avoid needing to go to the documentation.
Signed-off-by: Hector Palacios <hector.palacios@digi.com>
During firmware install, the target may be reset several times.
We don't want the bootcount to count these as boot attempts.
Signed-off-by: Hector Palacios <hector.palacios@digi.com>
The 'bootcount' value is now incremented and stored in the system on every boot and
not only then the 'upgrade_available' flag is set. Also, ensure the value is cleared
when the 'altboot' script is executed by running the new U-Boot command 'bootcount reset'.
https://onedigi.atlassian.net/browse/DEL-8506
Signed-off-by: David Escalona <david.escalona@digi.com>
When TrustFence is enabled, a PKI tree is generated.
In the case of NXP platforms, the PKI contains public certificates
from which the public key needs to be extracted using an openssl
command.
In the case of STM platforms, the PKI contains directly the
public key.
In all cases, we need the public key to be installed in the
rootfs /etc/ssl/certs/ folder, so that it can be used by
swupdate to authenticate signed SWU packages.
Up to now, this was being done on the dualboot recipe, but the
installation of the public key should really be only dependant
on the fact of TF being enabled.
This commit:
- Removes the generation of the public key from dualboot.bb.
- Generates a patch to extract the public key from the certificate
as part of the PKI tree generation (on NXP platforms).
- Installs the public key during a post install function after
the final rootfs has been created.
- For NXP platforms, extracts the public key using openssl if
it does not exist (for backwards compatibility).
Signed-off-by: Hector Palacios <hector.palacios@digi.com>
When booting from recovery sdcard, in the imx93 the dualboot is yes by
default, so the mmcroot variable was not set correctly for the uSD.
If we boot from uSD, just assume all the system is in the uSD card, whether
it is a recovery system or a prepared uSD card for demo.
https://onedigi.atlassian.net/browse/DEL-8461
Signed-off-by: Isaac Hermida <isaac.hermida@digi.com>
Starting at kernel 6.1, the maxim98088 driver has been migrated
from the old imx-max98088.c driver to NXP’s new audio framework
fsl-asoc-card.c.
Update the sound stuff to match the new audio card and some of
the new controls.
https://onedigi.atlassian.net/browse/DEL-8596
Signed-off-by: Isaac Hermida <isaac.hermida@digi.com>
This includes NXP's code from the SCFW porting kit v1.15.0, support for
variants with 4 GiB of RAM and a fix for an issue when resuming from suspend.
https://onedigi.atlassian.net/browse/DEL-8604
Signed-off-by: Gabriel Valcazar <gabriel.valcazar@digi.com>
This commit adds support for environment encryption/decryption of the
u-boot environment on the CCMP1 platform in Linux.
Signed-off-by: Mike Engel <Mike.Engel@digi.com>
Regulatory domain is now provided as a Kernel parameter, and the
wlan driver uses it to select the correct BDF file, so we don't
need to change the symbolic links to point to one file or another
anymore.
https://onedigi.atlassian.net/browse/DEL-8360
Signed-off-by: Gonzalo Ruiz <Gonzalo.Ruiz@digi.com>
We can't run a post installation script in a readonly file system.
We need to provide a configuration file beforehand.
https://onedigi.atlassian.net/browse/DEL-8556
Signed-off-by: Francisco Gil <francisco.gilmartinez@digi.com>
We no longer need logic to determine the SOM's RAM size and bus width, we only
need to know the SOC revision, which is info that is always available.
Signed-off-by: Gabriel Valcazar <gabriel.valcazar@digi.com>
Now that both U-Boot and the SCFW can autodetect the RAM configuration, we can
simplify the imx-boot build process to generate two binaries (one per SOC
revision) instead of eight. Build "flash_spl" imx-boot images and use only one
global defconfig for u-boot.
Signed-off-by: Gabriel Valcazar <gabriel.valcazar@digi.com>
This update includes automatic RAM configuration detection, and only one SCFW
binary is needed for all ccimx8x variants. Adapt the imx-boot recipe
accordingly.
Signed-off-by: Gabriel Valcazar <gabriel.valcazar@digi.com>
For the ccimx8x, we changed the order of the steps in do_deploy() from:
Deploy -> Rename files -> Move binaries
To:
Deploy -> Move binaries -> Rename files
When it's time to rename the files, they won't be in their original place and
the process will fail. Make sure we move the files after they've been renamed
to avoid errors.
Also, one move operation is enough for all artifacts, so remove the second
operation.
Signed-off-by: Gabriel Valcazar <gabriel.valcazar@digi.com>
There are two different firmware files for Bluetooth on Murata's type2AE
module:
- JRL: It configures a Bluetooth TxPower of 7dB, to be used in Japan
only.
- FCC.CE: It configures a Bluetooth TxPower of 5dB, to be used in the
rest of the world.
To comply with the FCC requirement that it should not be possible to
configure different regulatory domains, or in this case configurations,
than FCC, only deploy the FCC.CE file by default:
- BCM4373A0_FCC.CE.hcd (md5sum: 1e287a3ab7f83e59352cb321315ea80f)
This file reports the following information during boot time:
Bluetooth: hci0: 89373 UART 37.4 MHz wlbga_BU sLNA muRata Type 2EA 5dBm 20220608-0103
Bluetooth: hci0: BCM4373A0 (001.001.025) build 0155
JRL file will be added via the Worldwide DEY patch addon that customers
can request from Digi.
https://onedigi.atlassian.net/browse/DEL-8453
Signed-off-by: Gonzalo Ruiz <Gonzalo.Ruiz@digi.com>
Replace the CLM blob file from Github, which supports several countries
with a custom US-only CLM blob file. This way, default images will only
have support for US regulatory domain, therefore complying with FCC
requirements.
The Worldwide CLM blob file will be provided by Digi International on
request.
https://onedigi.atlassian.net/browse/DEL-8453
Signed-off-by: Gonzalo Ruiz <Gonzalo.Ruiz@digi.com>
We can't run a post installation script in a readonly file system.
We need to provide a configuration file beforehand.
https://onedigi.atlassian.net/browse/DEL-8556
Signed-off-by: Francisco Gil <francisco.gilmartinez@digi.com>
This commit modifies the boot script condition to apply the overlay for MCA
based on HWID MCA field.
https://onedigi.atlassian.net/browse/DEL-8521
Signed-off-by: Arturo Buzarra <arturo.buzarra@digi.com>
The tools STM32MP_KeyGen_CLI and STM32MP_SigningTool_CLI have
a dependency of libQt5Core.so.5 which is provided by qtbase.
Add this dependency to avoid errors during SDK generation.
Signed-off-by: Hector Palacios <hector.palacios@digi.com>
For the moment, do not sign aditional artifacts, such as the ramdisk,
the kernel or the boot scripts for STM platforms.
In the specific case of the ramdisk, simply copy it over with the
expected filename extension.
Signed-off-by: Hector Palacios <hector.palacios@digi.com>
The do_deploy:append did three things:
- adapt the U-Boot filenames to 'u-boot-<platform>-<config>.<ext>'
- sign/encrypt the U-Boot files (only for iMX6 family)
- sign the boot scripts
Convert the first two actions into functions (the third already was) and
call them conditionally as postfuncs.
Also skip the signing of U-Boot files if the platform is not based on
iMX6 family.
Signed-off-by: Hector Palacios <hector.palacios@digi.com>
Certain platforms share a processor family but need to be differentiated
between them. DEY was using the variable DIGI_FAMILY as the SOM name
rather than the family. It becomes useful to have both (DIGI_SOM as the
more specific, and DIGI_FAMILY as the more generic).
This is the case, for example, of:
- ccmp1 (family)
- ccmp15 (SOM)
- ccmp13 (SOM)
- ccimx8m (family)
- ccimx8mm (SOM)
- ccimx8mn (SOM)
Both variables are used on the machine overrides.
Where DIGI_FAMILY was used, use now DIGI_SOM.
Signed-off-by: Hector Palacios <hector.palacios@digi.com>
This recipe downloads a tarball that contains the binaries:
- STM32MP_KeyGen_CLI
- STM32MP_SigningTool_CLI
from ST Microelectronics STM32CubeProgrammer v2.12.0.
Signed-off-by: Hector Palacios <hector.palacios@digi.com>
The name of the variable was not very intuitive of what
it contains. This variable expands to the SoC vendor
(NXP or STM).
Signed-off-by: Hector Palacios <hector.palacios@digi.com>
Commit 065cf3e9 ("kirkstone migration: general update to the new override
syntax") incorrectly renamed binaries in a massive change. This commit restores
the binary names to the original.
https://onedigi.atlassian.net/browse/DEL-8478
Signed-off-by: Arturo Buzarra <arturo.buzarra@digi.com>
These are recipes we created to support Google Coral on i.MX platforms. ST's
machine learning layer provides similar recipes, so to avoid conflicts, move
the recipes meant for i.MX platforms to a dynamic layer.
https://onedigi.atlassian.net/browse/DEL-8308
Signed-off-by: Gabriel Valcazar <gabriel.valcazar@digi.com>
The HWID is populated on the device tree by the boot loader.
This can be used as a key modifier when encrypting the U-Boot
environment. Some old U-Boot versions however, did not populate
the HWID on the device tree. When updating firmware from an
old version to a new one, the library may not be able to read
the HWID from the DT and then be unable to unencrypt the
environment.
This patch implements a fall-back function to read the HWID
directly from the nvmem node (sysfs). Implementation has been
done for ccimx6 family only, where this case of old U-Boot
can happen.
Signed-off-by: Hector Palacios <hector.palacios@digi.com>
https://onedigi.atlassian.net/browse/DEL-8444
(cherry picked from commit 222a91f213)
The HWID is populated on the device tree by the boot loader.
This can be used as a key modifier when encrypting the U-Boot
environment. Some old U-Boot versions however, did not populate
the HWID on the device tree. When updating firmware from an
old version to a new one, the library may not be able to read
the HWID from the DT and then be unable to unencrypt the
environment.
This patch implements a fall-back function to read the HWID
directly from the nvmem node (sysfs). Implementation has been
done for ccimx6 family only, where this case of old U-Boot
can happen.
Signed-off-by: Hector Palacios <hector.palacios@digi.com>
https://onedigi.atlassian.net/browse/DEL-8444
Arturo Buzarra
David Escalona
Hector Palacios
Isaac Hermida
Gonzalo Ruiz
Javier Viguera
Gabriel Valcazar
Mike Engel
Francisco Gil
Tatiana Leon