The only script that needs to generate the SRK_efuses is the sign.sh
script in the U-Boot code. For the rest of signed non-bootable artifacts
this is not required and it was creating the SRK_efuses file on every
recipe where the script was called, like linux-dey and others, which
eventually resulted in a conflict when copying the artifacts to the shared
deploy-image-dir.
Signed-off-by: Hector Palacios <hector.palacios@digi.com>
This commit changes the u-boot sources needed to create standalone
signing tools to 2019.04. This u-boot supports all Trustfence
platforms.
Signed-off-by: Mike Engel <Mike.Engel@digi.com>
* prefix TRUSTFENCE_ to variable SIGN_MODE for DEY
* prefix CONFIG_ to variable SIGN_MODE for script
Signed-off-by: Hector Palacios <hector.palacios@digi.com>
This adds the same example application that was used for the old version of the
library, but it has been separated into a proper package this time.
Recommend said package when installing the library.
https://jira.digi.com/browse/DEL-6826
Signed-off-by: Gabriel Valcazar <gabriel.valcazar@digi.com>
This version is based on the 20190517 master release, with the addition of
pkcs11 provisioning support.
The source code now has cmake files, so we don't need as many code
customizations as we used to. Revamp the recipe and its patches.
https://jira.digi.com/browse/DEL-6826https://jira.digi.com/browse/DEL-6835
Signed-off-by: Gabriel Valcazar <gabriel.valcazar@digi.com>
Digi Embedded Yocto 2.6-r2.2
Manually changed recipes to use the master branches instead of the fixed SHA1
from the last release.
Signed-off-by: Arturo Buzarra <arturo.buzarra@digi.com>
Otherwise, users that are behind corporate firewalls might not be able to
obtain the package sources.
https://jira.digi.com/browse/DEL-6663
Signed-off-by: Gabriel Valcazar <gabriel.valcazar@digi.com>
Collects following changes:
- fix compatible string parsing: Only first compatible string
was being parsed from "/proc/device-tree/compatible"
while looking the device the application is running on.
https://jira.digi.com/browse/DEL-6436
Signed-off-by: Hector Bujanda <hector.bujanda@digi.com>
Digi Embedded Yocto 2.4-r2.2
Manually changed recipes to use the master branches instead of the fixed SHA1
from the last release.
Signed-off-by: Gabriel Valcazar <gabriel.valcazar@digi.com>
Collects following changes:
- Added tamper support for cc8x.
https://jira.digi.com/browse/DEL-6226
Signed-off-by: Hector Bujanda <hector.bujanda@digi.com>
Collects following changes:
- Added fw_update support for cc8x.
- Platform is auto recognized by the tool.
- Added boot mode configuration.
https://jira.digi.com/browse/DEL-6247
Signed-off-by: Hector Bujanda <hector.bujanda@digi.com>
During the merge of the maintainance branch and the manual revert of
some recipes, these were forgotten.
Signed-off-by: Hector Palacios <hector.palacios@digi.com>
Update to newest U-Boot v2017.03
Remove the package version since it is based on a git repo and only
used natively.
Signed-off-by: Hector Palacios <hector.palacios@digi.com>
We are going to remove this repo, so the sources will always be fetched from
the official Microchip repo from now on.
Signed-off-by: Gabriel Valcazar <gabriel.valcazar@digi.com>
Install crypto libraries in the rootfs so external applications can made use
of them.
Reworked first patch with all the needed port changes.
https://jira.digi.com/browse/DEL-5710
Signed-off-by: Isaac Hermida <isaac.hermida@digi.com>
Make SRC_URI point to Microchip's standalone repo of the cryptoauth library,
add our customization patches and modify the license variables to point to the
new Microchip license file.
https://jira.digi.com/browse/DEL-5591
Signed-off-by: Gabriel Valcazar <gabriel.valcazar@digi.com>
util-linux is needed as the scripts use 'hexdump'. In previous versions
of Yocto the tool from the host was used, but this has been fixed in
Yocto 2.3
Also fix the other dependencies: the -native suffix is not needed nor
correct, as the native and nativesdk classes already map packages in
the DEPENDS variable to the corresponding packages.
Signed-off-by: Jose Diaz de Grenu <Jose.DiazdeGrenu@digi.com>
The MACHINE_EXTRA_RRECOMMENDS for the ccimx6ul in meta-digi-arm contains
cryptoauthlib. If we want to use meta-digi-arm as a standalone BSP layer
we need to move the cryptoauthlib recipe to meta-digi-arm, that or not make it
a machine dependency.
Signed-off-by: Alex Gonzalez <alex.gonzalez@digi.com>
Tweaked to maintain some recipes' revisions to AUTOREV instead of the
fixed SHA1s from the tag.
Signed-off-by: Javier Viguera <javier.viguera@digi.com>
Tweaked to maintain some recipes' revisions to AUTOREV instead of the
fixed SHA1s from the tag.
Signed-off-by: Javier Viguera <javier.viguera@digi.com>
- The IVT table address inside the kernel image must be aligned at 0x1000
bytes. The calculation of this offset was not working when the kernel image
size was multiple of 0x1000 bytes. In this case the IVT table was moved an
extra offset of 0x1000 bytes, causing U-Boot to fail to validate the image
as the IVT table was not in the expected location.
This fix uses the same offset calculation algorithm as U-Boot, ensuring both,
the sign script and U-Boot will look for the IVT at the same address.
https://jira.digi.com/browse/DEL-3972
Signed-off-by: David Escalona <david.escalona@digi.com>
Tweaked to maintain the u-boot and linux revisions to AUTOREV instead of
the fixed SHA1s from the tag.
Signed-off-by: Javier Viguera <javier.viguera@digi.com>
Hector Palacios
Mike Engel
Arturo Buzarra
Hector Bujanda
Gabriel Valcazar
Gonzalo Ruiz
Isaac Hermida
Javier Viguera
Jose Diaz de Grenu
Alex Gonzalez
Sebastian Pastor
Alejandro Navarro
Tatiana Leon
David Escalona