Programming an encrypted bootloader can only be done after the
secure keys have been programed on the OTP bits, and the device
has been closed. Programming on an open device would result in a
non-secure configuration or a non-bootable device after the
close operation.
Create functions to detect the current TrustFence status and exit
the install script if the device is open and the artifacts are
encrypted.
Signed-off-by: Hector Palacios <hector.palacios@digi.com>
https://onedigi.atlassian.net/browse/DEL-9699
The `-t` option to program images with TrustFence didn't make
much sense because the install script is dynamically generated
at build-time with the name of the boot artifacts containing
"signed/encrypted" on their filenames.
This commit:
- Removes `-t` option to simplify the script.
- Determines if programming a signed/encrypted bootloader by
looking at the bootloader filename.
- For NXP platforms, reworks the function that updates the
bootloader to properly program only-signed bootloaders (currently
wrongly using `trustfence update`)
Signed-off-by: Hector Palacios <hector.palacios@digi.com>
There is a corner case that wasn't cover by the script, if you
use the script using a -k -t the "-t" would be the name of the
dek.bin.
This new implementation solves the issue.
Signed-off-by: Francisco Gil <francisco.gilmartinez@digi.com>
Some variables in the script belong to u-boot, not to the shell
running the script. Escape those variables so the shell does not
expand them.
Signed-off-by: Francisco Gil <francisco.gilmartinez@digi.com>
The command trustfence update doesn't require the partition argument.
Besides of that, remove extra fi on the cc8m platforms.
Signed-off-by: Francisco Gil <francisco.gilmartinez@digi.com>
Some minor fixes:
* return error code if installation fails
* cosmetic: update comment with options
* just exit after error and do not execute boolimit command
Signed-off-by: Isaac Hermida <isaac.hermida@digi.com>
Use the intention of installing dual boot firmware as a condition to set
bootlimit=3 so that the bootcount mechanism is enabled.
Signed-off-by: Hector Palacios <hector.palacios@digi.com>
https://onedigi.atlassian.net/browse/DUB-1058
During firmware install, the target may be reset several times.
We don't want the bootcount to count these as boot attempts.
This was done in a791bb4463 for the ccmp1
but not for the rest of platforms.
Signed-off-by: Hector Palacios <hector.palacios@digi.com>
If the default r/w rootfs is not found it will try to do a
fallback to the squashfs image.
In the nand devices additionally we need to set the rootfstype
to squashfs.
https://onedigi.atlassian.net/browse/DEL-8638
Signed-off-by: Francisco Gil <francisco.gilmartinez@digi.com>
The variable 'dualboot' (and 'singlemtdsys' for CC6UL) was restored
after the bootcmd that runs the first time after programming U-Boot runs
fastboot again to resume the script.
This is ok for the CC6UL but not for the rest of platforms, that run the
partition script on the bootcmd, *before* running fastboot.
Restore the variables for all platforms in the bootcmd right after
resetting the environment.
Signed-off-by: Hector Palacios <hector.palacios@digi.com>
Check the status of 'dualboot' env variable.
If set to "yes", use the dualboot partition table in the script and
restore the variable (default is "no") after resetting the environment.
Also, for dualboot, there's no need to wipe the recovery partition or
boot into recovery mode.
For dualboot, this script programs both systems A and B with the same
images.
Signed-off-by: Hector Palacios <hector.palacios@digi.com>
https://onedigi.atlassian.net/browse/DEL-7649
This command was already present on the script used for CC8X. Add it here
so the scripts are as much alike as possible.
Signed-off-by: Gonzalo Ruiz <Gonzalo.Ruiz@digi.com>
Fastboot is configured on boot with the current MMC configuration.
If we create a GPT partition table, we need to restart fastboot before we
try to program any partition with the 'flash' fastboot command.
Set 'fastboot_dev' to a different device, 'sata' for example an back to 'mmc'
to trigger a fastboot restart after creating the partition table on blank
devices.
Signed-off-by: Gonzalo Ruiz <Gonzalo.Ruiz@digi.com>
We document how to use this script from the Yocto image directory. Now that the
*.ext4 files are compressed by default, the script needs to automatically
decompress said files before starting the update process.
https://onedigi.atlassian.net/browse/DEL-7582
Signed-off-by: Gabriel Valcazar <gabriel.valcazar@digi.com>
With the generalization done in previous commits, we have now several files
that are identical and can be merged into a common SOM or SOM family
folder.
Signed-off-by: Hector Palacios <hector.palacios@digi.com>
Hector Palacios
Francisco Gil
Mike Engel
Isaac Hermida
Tatiana Leon
Gonzalo Ruiz
Gabriel Valcazar