Since the recovery script checks the update package before installing it, use
the package's description to indicate if the package is meant to encrypt the
rootfs or not. Also, remove the pre-install script from the ccimx6ul packages,
since the logic in the script to remove the encryption flag from the rootfs is
now in the recovery script.
https://onedigi.atlassian.net/browse/DEL-7174
Signed-off-by: Gabriel Valcazar <gabriel.valcazar@digi.com>
Previously, TRUSTFENCE_INITRAMFS_IMAGE was the only variable used to configure
rootfs encryption. Now that any partition can be encrypted and the rootfs
encryption still needs to be handled differently, use two variables instead.
* TRUSTFENCE_ENCRYPT_PARTITIONS to control partition encryption in general
* TRUSTFENCE_ENCRYPT_ROOTFS to control rootfs encryption
As with most trustfence functionality, enable both by default. Leave
TRUSTFENCE_INITRAMFS_IMAGE as an internal variable only.
https://onedigi.atlassian.net/browse/DEL-7174
Signed-off-by: Gabriel Valcazar <gabriel.valcazar@digi.com>
The partition encryption system now uses dynamically generated names for the
decrypted block devices, which are based on the partition name. Reflect this
change in places where the encrypted rootfs is referenced.
https://onedigi.atlassian.net/browse/DEL-7174
Signed-off-by: Gabriel Valcazar <gabriel.valcazar@digi.com>
This commit modifies different recipes to support the new platform
ccimx6qpsbc and adapt it to maintain the support to ccimx6sbc.
https://jira.digi.com/browse/DEL-5082
Signed-off-by: Arturo Buzarra <arturo.buzarra@digi.com>
Gabriel Valcazar
Arturo Buzarra
Tatiana Leon