This commit adds some basic TSN support to DEY.
It includes the kernel configuration fragment with
the IEEE 802.1 support and the some user space tools
necessary to configure the network.
https://onedigi.atlassian.net/browse/DEL-9026
Signed-off-by: Mike Engel <Mike.Engel@digi.com>
This commit adds RT functionality to CCMP1. The patches
have been extracted from STM RT expansion package and
includes the maineline RT patches and the STM RT driver
patches and RT Kernel defconfig changes.
https://onedigi.atlassian.net/browse/DEL-8880
Signed-off-by: Mike Engel <Mike.Engel@digi.com>
This commit adds RT functionality to the CCiMX93
platform. The patches have been extracted from the
NXP real time edge BSP and include the maineline RT
patches and the NXP RT driver patches and RT Kernel
defconfig changes.
https://onedigi.atlassian.net/browse/DEL-8881
Signed-off-by: Mike Engel <Mike.Engel@digi.com>
Different mechanisms are used to sign FIT images on the ccmp1 platforms and the
ccimx93, and we manage each mechanism via a different variable. The variable
names don't really reflect which platform they affect, which makes maintenance
harder.
Rename the variables so that it's easier to identify the platforms/vendors they
affect:
* Replace TRUSTFENCE_FIT_IMG with TRUSTFENCE_SIGN_FIT_STM
* Replace TRUSTFENCE_SIGN_FIT_ARTIFACT with TRUSTFENCE_SIGN_FIT_NXP
Don't rename TRUSTFENCE_FIT_IMG_SIGN_KEYNAME
Signed-off-by: Gabriel Valcazar <gabriel.valcazar@digi.com>
This logic was fixed in commit e915a14b4b, so we
no longer have to manually copy the bootscript to generate FIT images.
https://onedigi.atlassian.net/browse/DEL-8946
Signed-off-by: Gabriel Valcazar <gabriel.valcazar@digi.com>
We rely on FIT support to implement boot artifact authentication on ccmp1
platforms, but our implementation made it impossible to enable FIT support
outside of the context of Trustfence/secure boot.
Change this so that it's possible to enable FIT support without having to sign
the FIT artifacts. Also, modify the linux-dey 5.15 recipe so that the U-Boot
DTBs with signatures get copied only when FIT signing is enabled.
https://onedigi.atlassian.net/browse/DEL-8946
Signed-off-by: Gabriel Valcazar <gabriel.valcazar@digi.com>
expand the docker defconfig excerpt to add more default options, as some
of them might be enable in some platform defconfigs but not in other ones,
so just set all of them, as it is safe, and nothing happens if they are
already set in the original default defconfig.
To check if all LXC/docker options are enabled for a kernel,
run lxc-checkconfig in the system.
https://onedigi.atlassian.net/browse/DEL-8924
Signed-off-by: Isaac Hermida <isaac.hermida@digi.com>
This commit implements the support to sign the different memory configurations for
the CCMP1 platforms, when trustfence is enabled, using FIT images.
https://onedigi.atlassian.net/browse/DEL-8752
Signed-off-by: Arturo Buzarra <arturo.buzarra@digi.com>
Commit d3f3cfdb62 removed the inclusion of STM's
linux-stm32mp.inc from meta-st-stm32mp in our linux-dey recipe, but this
inadvertently removed the logic in do_configure() necessary to use our custom
ccmp1_defconfig. Since this commit, the kernel was being built with the default
ARM defconfig, which is very different from our custom defconfig and doesn't
even boot on MP1 platforms.
Rework the logic used to copy our platform's defconfigs to prevent this.
Signed-off-by: Gabriel Valcazar <gabriel.valcazar@digi.com>
An anonymous function in linux-stm32mp.inc produces a bbfatal error when
KERNEL_DEVICETREE variable contains more than one device tree. This is our
case since we build the main DT plus a number of DT overlays.
This commit removes the dependency to this include file since we have our
own recipe to build the kernel and it is not needed at all.
It also removes the build of a uImage and the need to provide a
LOADADDR.
Signed-off-by: Hector Palacios <hector.palacios@digi.com>
This commit adds signed FIT image support for the CCMP1
platforms when using Trustfence.
https://onedigi.atlassian.net/browse/DEL-8591
Signed-off-by: Mike Engel <Mike.Engel@digi.com>
Some platforms do not support signing external artifacts (kernel, dtb,
etc.) yet, so we need to decouple the signing of the bootloader from the
signing of the external artifacts.
This commit generalizes the code, so instead of having platform exceptions
scattered along the recipes, we create a new variable used conditionally
to sign or not the external artifacts.
Signed-off-by: Javier Viguera <javier.viguera@digi.com>
This branch contains the latest BSP changes from STM's v5.15-stm32mp-r2.1
release.
https://onedigi.atlassian.net/browse/DEL-8659
Signed-off-by: Gabriel Valcazar <gabriel.valcazar@digi.com>
The btnxpuart driver is used for the bluetooth chip. We want to control
when to load and unload it, and when power/unpower the chip.
Therefore, blacklist it, so we can manage it in our scripts.
https://onedigi.atlassian.net/browse/DEL-8632
Signed-off-by: Isaac Hermida <isaac.hermida@digi.com>
The only user of 'linux-dey-src.inc' was the linux recipe itself, so
instead rename that file to a more generic 'linux-dey.inc' and include
more common code in that renamed file.
This is in preparation for the new linux 6.1.1 recipe for the ccimx93.
Signed-off-by: Javier Viguera <javier.viguera@digi.com>
For the moment, do not sign aditional artifacts, such as the ramdisk,
the kernel or the boot scripts for STM platforms.
In the specific case of the ramdisk, simply copy it over with the
expected filename extension.
Signed-off-by: Hector Palacios <hector.palacios@digi.com>
Certain platforms share a processor family but need to be differentiated
between them. DEY was using the variable DIGI_FAMILY as the SOM name
rather than the family. It becomes useful to have both (DIGI_SOM as the
more specific, and DIGI_FAMILY as the more generic).
This is the case, for example, of:
- ccmp1 (family)
- ccmp15 (SOM)
- ccmp13 (SOM)
- ccimx8m (family)
- ccimx8mm (SOM)
- ccimx8mn (SOM)
Both variables are used on the machine overrides.
Where DIGI_FAMILY was used, use now DIGI_SOM.
Signed-off-by: Hector Palacios <hector.palacios@digi.com>
The name of the variable was not very intuitive of what
it contains. This variable expands to the SoC vendor
(NXP or STM).
Signed-off-by: Hector Palacios <hector.palacios@digi.com>
Symbols are needed for DTB overlays. In the CC6UL we are not using
overlays, so disable symbols generation.
https://onedigi.atlassian.net/browse/DEL-8397
Signed-off-by: Javier Viguera <javier.viguera@digi.com>
Also enable recipe for ccimx93, and pass the correct DTC flags to create
overlays capable DTBs.
Signed-off-by: Javier Viguera <javier.viguera@digi.com>
For development this would not be needed as it points to AUTOREV, but
for releases we need to specify the SHA1 revision, and this recipe
builds two different branches (for NXP and STM platforms), so we need a
place to define two different revisions.
Signed-off-by: Javier Viguera <javier.viguera@digi.com>
The SRCREV may change depending on the version of the kernel, so it
cannot be a common variable for all kernel versions.
Signed-off-by: Javier Viguera <javier.viguera@digi.com>
Use the canonical Stash repository to avoid synchronization problems
between the repo and the mirror.
Moreover the LOG mirror is hosted in an old VM machine with limited
specs, and although the transfer of the objects is faster, the counting
of the objects to transfer (which is done in the server) takes ages to
complete, so at the end, there is no time gain using the mirror.
Signed-off-by: Javier Viguera <javier.viguera@digi.com>
Commit 8cba3aaefb in 'meta-freescale' changed the kernel_localversion
function we are using in our kernel recipe. This leads to a not-properly
configured kernel build, where CONFIG_MODULES is disabled. That
config option is needed to build external kernel modules in other
recipes, so those recipes (kernel-module-qualcomm, cryptodev-module,
etc) fail to build.
The commit makes sure the kernel is properly configured for building by
extending the do_configure function in a "prepend".
Signed-off-by: Javier Viguera <javier.viguera@digi.com>
It's just a waste of space as we already have the kernel image in the
'linux' partition and that gets mounted under /mnt/linux.
Signed-off-by: Javier Viguera <javier.viguera@digi.com>
Mike Engel
Gabriel Valcazar
Javier Viguera
Isaac Hermida
Arturo Buzarra
Hector Palacios