Add GPU support based on v6.4.15 version from STM release
openstlinux-6.1-yocto-mickledore-mpu-v24.06.26.
https://onedigi.atlassian.net/browse/DEL-8995
Signed-off-by: Arturo Buzarra <arturo.buzarra@digi.com>
Add support based on v2.8 version from STM release
openstlinux-6.1-yocto-mickledore-mp2-v23.12.06.
https://onedigi.atlassian.net/browse/DEL-8995
Signed-off-by: Arturo Buzarra <arturo.buzarra@digi.com>
Add support based on v3.19.0 version from STM release
openstlinux-6.1-yocto-mickledore-mp2-v23.12.06.
https://onedigi.atlassian.net/browse/DEL-8995
Signed-off-by: Arturo Buzarra <arturo.buzarra@digi.com>
Add initial support cloned from ccmp15, based on v2022.10 from STM release
openstlinux-6.1-yocto-mickledore-mp2-v23.12.06.
https://onedigi.atlassian.net/browse/DEL-8995
Signed-off-by: Arturo Buzarra <arturo.buzarra@digi.com>
This commits adds the CCMX91 platform to the DEY
build system. Furthermore, it creates generic ccimx9
support to be used for the CCiMX91 and CCiMX93
platform.
https://onedigi.atlassian.net/browse/DEL-9106
Signed-off-by: Isaac Hermida <isaac.hermida@digi.com>
Signed-off-by: Mike Engel <Mike.Engel@digi.com>
When TrustFence is enabled, use the HUK programmed on the OTP
bits for the ccmp15 platform.
Signed-off-by: Hector Palacios <hector.palacios@digi.com>
https://onedigi.atlassian.net/browse/DEL-9121
When running the installation script on variants with larger NANDs, two of the
script's commands take longer than our intended timeouts under specific
circumstances:
* When the variant has a NAND with 512 MiB or more and singlemtdsys is set
to "yes", running ubivolscipt takes longer than our 10 second timeout.
The larger the NAND storage size, the longer this command takes.
* When the variant has a 1 GiB NAND, singlemtdsys is set to "yes" and
dualboot is set to "no", the update of the recovery UBI volume takes
longer than our 15 second timeout.
In both of these cases, the script fails and the installation process cannot
continue. Apply the following changes to prevent this:
* Increase the ubivolscript timeout from 10 seconds to 30
* Increase the recovery update timeout from 15 seconds to 20
Also, remove the command immediately before ubivolscript is run, since said
command is already being run at the beginning of ubivolscript.
https://onedigi.atlassian.net/browse/DEL-9097
Signed-off-by: Gabriel Valcazar <gabriel.valcazar@digi.com>
By default, the secure storage path in the REE is "/var/lib/tee". It is
part of the rootfs, and thus, it gets lost on a firmware update.
This commit changes that path to a different partition "/mnt/data/tee"
when Trustfence file-based encryption is enabled.
Signed-off-by: Javier Viguera <javier.viguera@digi.com>
Building Optee trusted applications (TA) depends on optee_client and the TA
devkit provided by optee_os. Our toolchain provides those dependencies, but
the SDK script which configures the environment for standalone building,
is not configuring some variables needed to build trusted applications.
This commit extends the SDK environment script to allow building TAs.
Signed-off-by: Javier Viguera <javier.viguera@digi.com>
Occassionally, the loading the WiFi driver might fail, because of the
MMC node was not correctly initialized.
Fix that by rebinding the MMC node. This fix implements a similar workaround
as in c30b947408.
https://onedigi.atlassian.net/browse/DEL-9083
Signed-off-by: Isaac Hermida <isaac.hermida@digi.com>
One of the conditions used to determine the U-Boot file was missing its
terminator, breaking the script.
Signed-off-by: Gabriel Valcazar <gabriel.valcazar@digi.com>
(cherry picked from commit 26dc437a25)
On devices with NAND as storage media, a post install script
modifies the fw_env.config file basing on the NAND geometry.
This only happens once after deployment, typically on production
environments. If the power is removed soon after the post install
script runs (which is a normal procedure on manufacturing
environments), there are chances that pending file system
operations have not been flushed, which may occasionally lead
to the fw_env.config file end up empty on the next reboot.
This commit adds a sync at the end of the post-install script
to guarantee the changes are written to the file system.
Signed-off-by: Hector Palacios <hector.palacios@digi.com>
https://onedigi.atlassian.net/browse/DEL-9059
There is a corner case that wasn't cover by the script, if you
use the script using a -k -t the "-t" would be the name of the
dek.bin.
This new implementation solves the issue.
Signed-off-by: Francisco Gil <francisco.gilmartinez@digi.com>
By default is trying to install an artifact imx-boot--<platform>
if trustfence is not enabled.
Signed-off-by: Francisco Gil <francisco.gilmartinez@digi.com>
Some variables in the script belong to u-boot, not to the shell
running the script. Escape those variables so the shell does not
expand them.
Signed-off-by: Francisco Gil <francisco.gilmartinez@digi.com>
This commit removes the Cortex-M4 overlay because the M4 has
been enabled now in the DTSI file.
https://onedigi.atlassian.net/browse/DEL-9056
Signed-off-by: Mike Engel <Mike.Engel@digi.com>
The patches have been backported from the lf-6.1.36-2.1.0 release of
imx-mkimage.
https://onedigi.atlassian.net/browse/DUB-1081
Signed-off-by: Gabriel Valcazar <gabriel.valcazar@digi.com>
The patches have been backported from the lf-6.1.36-2.1.0 release of
imx-mkimage.
https://onedigi.atlassian.net/browse/DUB-1081
Signed-off-by: Gabriel Valcazar <gabriel.valcazar@digi.com>
This commit adds some basic TSN support to DEY.
It includes the kernel configuration fragment with
the IEEE 802.1 support and the some user space tools
necessary to configure the network.
https://onedigi.atlassian.net/browse/DEL-9026
Signed-off-by: Mike Engel <Mike.Engel@digi.com>
The command trustfence update doesn't require the partition argument.
Besides of that, remove extra fi on the cc8m platforms.
Signed-off-by: Francisco Gil <francisco.gilmartinez@digi.com>
* Move Digi code out of the upstream files to minimize conflicts in
version migrations.
* Remove all the TEE client copied code and use the libteeclient library.
* Some fixes in the Optee-based environment encryption
* Some simplifications in CAAM-based environment encryption.
https://onedigi.atlassian.net/browse/DUB-1079
Signed-off-by: Javier Viguera <javier.viguera@digi.com>
At the moment, this overlay adds RTC calibration to compensate
the drift observed in the 32kHz input frequency of hardware
version 1 of the SOM.
Signed-off-by: Hector Palacios <hector.palacios@digi.com>
https://onedigi.atlassian.net/browse/DEL-8987
Update BDF file used on CC8MN and CC8MM with a new calibration
(GOLDEN3) to obtain a flatter frequency response and a better EVM
performance.
Reference calibration file is obtained from 'qca6574au-le-2-2-2_qca_oem'
repo at tag 'r00005.1' under path
'wlanfw/cnss_proc/wlan/fw/target/sdio_dst/qc6174/bdwlan30.bin'
(MD5SUM: 8a40d95698825e1718bee640b1f7982a).
Target output powers tables and CTL tables remain intact.
Changes required to pass the EN 300 328 V2.2.2 blocking test also remain
intact.
New BDF file:
- bdwlan30_US.bin (86180198440e6ab53734aabf0112c6ba)
https://onedigi.atlassian.net/browse/DEL-9001
Signed-off-by: Gonzalo Ruiz <Gonzalo.Ruiz@digi.com>
This commit adds RT functionality to CCMP1. The patches
have been extracted from STM RT expansion package and
includes the maineline RT patches and the STM RT driver
patches and RT Kernel defconfig changes.
https://onedigi.atlassian.net/browse/DEL-8880
Signed-off-by: Mike Engel <Mike.Engel@digi.com>
This commit adds RT functionality to the CCiMX93
platform. The patches have been extracted from the
NXP real time edge BSP and include the maineline RT
patches and the NXP RT driver patches and RT Kernel
defconfig changes.
https://onedigi.atlassian.net/browse/DEL-8881
Signed-off-by: Mike Engel <Mike.Engel@digi.com>
Use the generic sys class to check if a mtd device is attached.
The virtual node may not be present in some kernel versions.
Signed-off-by: Isaac Hermida <isaac.hermida@digi.com>
This commit fixes u-boot Trustfence naming for signed and
encrypted images used in the installation script removing
the a duplicated dash in the u-boot name.
https://onedigi.atlassian.net/browse/DEL-8271
Signed-off-by: Mike Engel <Mike.Engel@digi.com>
Optee-client provides the TEE Client API as defined by the GlobalPlatform TEE standard.
It is required to communicate with a Trusted Application (TA) running in a Trusted OS.
https://onedigi.atlassian.net/browse/DEL-8970
Signed-off-by: Arturo Buzarra <arturo.buzarra@digi.com>
Several things were wrong after the latest update to version 4.0: the
tee-supplicant path, some settings in the systemd unit, etc.
This commit fixes the installation so the optee test suite completes again.
https://onedigi.atlassian.net/browse/DEL-8989
Signed-off-by: Javier Viguera <javier.viguera@digi.com>
This commit fixes the set_fip_sign_key() function to match the new keys format
where there is a key_pass file for each key, no longer needing to search with
the key index.
Signed-off-by: Arturo Buzarra <arturo.buzarra@digi.com>
This commit fixes a race condition where, if you have an existing PKI tree with
the new format (one key_pass file for each key), the script detects that the
PKI tree is incomplete because it is always trying to find the key_pass.txt
file with the old format. This commit adds an additional validation step to
verify the new keys format.
Signed-off-by: Arturo Buzarra <arturo.buzarra@digi.com>
Arturo Buzarra
Hector Palacios
Mike Engel
Isaac Hermida
Francisco Gil
Javier Viguera
Gabriel Valcazar
Gonzalo Ruiz