The TF-A and OP-TEE images have different suffixes depending
on whether TrustFence is enabled or not, but the suffix variables
themselves must exist independently of whether TF is enabled.
Currently, they were defined on the trustfence.bbclass, and the
variables did not exist when TF was disabled, which caused build
problems, for example, building the SWU file.
Signed-off-by: Hector Palacios <hector.palacios@digi.com>
This compression method has a better compression ratio than the default (lzo),
but the (de)compression speed is slower, leading to slower read/write speeds.
However, the recovery partition only gets accessed in specific use cases such
as software updates and partition encryption, and it contains an initramfs. The
UBIFS will only be read at boot time to load its elements, but once the
initramfs is loaded in RAM, there are no more read/write operations to the
UBIFS during runtime, so the speed penalty is minimal.
Take advantage of the improved compression ratio to reduce the size of the
recovery image. On the ccimx6ul, the size is reduced by 248 KiB.
https://onedigi.atlassian.net/browse/DEL-8819https://onedigi.atlassian.net/browse/DEL-8825
Signed-off-by: Gabriel Valcazar <gabriel.valcazar@digi.com>
When TrustFence is enabled, the boot artifacts (TFA and FIP)
have a 'signed' suffix. Handle this case so that the correct
symlinks are created and the correct artifacts are put into the
SWU file.
Signed-off-by: Mike Engel <Mike.Engel@digi.com>
Signed-off-by: Hector Palacios <hector.palacios@digi.com>
For signing SWU files we need to set a couple of variables:
- SWUPDATE_PRIVATE_KEY_TEMPLATE to the private key file
- SWUPDATE_PASSWORD_FILE to the password of the private key
The latter must only contain one password, whereas the current key_pass.txt
file had (for the ccmp13) the eight keys separated by a white space.
This commit:
- If the file key_pass.txt exists, it extracts each key into a separate
file key_pass0X.txt.
- If the keys don't exist, generates separate files per key.
- Changes the permissions of password files to 400.
- Adapts the sign script to use the single password files.
- Fixes a few quotes
Signed-off-by: Hector Palacios <hector.palacios@digi.com>
Starting with NXP release "lf-6.1.55-2.2.0" the IMX optee fork (based on
version 4.0.0) does not support SOC revision A0. This commit recovers
support to build a bootloader for A0, extending the optee patch for
ccimx93 to support A0 with a build time option, and then extending the
optee-os and imx-boot recipes to build two optee binaries and using them
to generate bootloaders for both SOC revisions.
Signed-off-by: Javier Viguera <javier.viguera@digi.com>
This includes also an update and rename of the Edgelock Enclave firmware
package (firmware-ele-imx).
Signed-off-by: Javier Viguera <javier.viguera@digi.com>
Commit d3f3cfdb62 removed the inclusion of STM's
linux-stm32mp.inc from meta-st-stm32mp in our linux-dey recipe, but this
inadvertently removed the logic in do_configure() necessary to use our custom
ccmp1_defconfig. Since this commit, the kernel was being built with the default
ARM defconfig, which is very different from our custom defconfig and doesn't
even boot on MP1 platforms.
Rework the logic used to copy our platform's defconfigs to prevent this.
Signed-off-by: Gabriel Valcazar <gabriel.valcazar@digi.com>
This commit removes the BOOTLOADER_SEEK_OFFSER, because it has been
moved into the swupdate class and renamed into SWUPDATE_UBOOT_OFFSET.
Signed-off-by: Mike Engel <Mike.Engel@digi.com>
This commit adds u-boot swupdate support for all platforms.
Now u-boot can be updated with all our supported update
options. Currently it will only update first partition
u-boot partition.
https://onedigi.atlassian.net/browse/DEL-8749
Signed-off-by: Mike Engel <Mike.Engel@digi.com>
The 'mtd-blacklist' parameter prevents swupdate from acting upon those
partitions that we consider sensitive.
Make such list platform-dependent.
Signed-off-by: Hector Palacios <hector.palacios@digi.com>
The LEGACY_IMAGE_FORMAT defaults to 'y' if there is no FIT
support, which happens after applying the default configuration.
Then, the FIT support is added in a config fragment, but the
LEGACY_IMAGE_FORMAT is not disabled.
Disabling this is recommended to avoid the possibility to boot
unsigned legacy images.
Signed-off-by: Hector Palacios <hector.palacios@digi.com>
As part of the integration of the new ML package, also update the
ethos-u-firmware binary built from Stash:
Repo: emp/ethos_u_firmware.git
Revision: a0352b0cf7267c896b55980dedd08daddc780733
Source: NXP's MCUXpresso SDK_2.14.0_MIMX9352xxxxK
And, drop deepview-rt support for ccimx93, as NXP has done the same in
6.1.36-2.1.0 release.
Signed-off-by: Javier Viguera <javier.viguera@digi.com>
The U-Boot bootscript loads the fitImage into RAM memory to run
this bootscript. This bootscript ends up calling 'dboot' command
to run the FIT default configuration.
To avoid 'dboot' re-loading again the fitImage into RAM memory,
set this temporary variable that will be immediately reset
by 'dboot'.
Signed-off-by: Hector Palacios <hector.palacios@digi.com>
An anonymous function in linux-stm32mp.inc produces a bbfatal error when
KERNEL_DEVICETREE variable contains more than one device tree. This is our
case since we build the main DT plus a number of DT overlays.
This commit removes the dependency to this include file since we have our
own recipe to build the kernel and it is not needed at all.
It also removes the build of a uImage and the need to provide a
LOADADDR.
Signed-off-by: Hector Palacios <hector.palacios@digi.com>
Backport of graphics package for ccimx93 from NXP's Mickledore-based
6.1.36-2.1.0 release. Mainly copies and appends of graphics recipes
from the new release, and restricted to ccimx93 by changing the
COMPATIBLE_MACHINE, so it does not affect other platforms.
Notice, that the new version of weston used now by the ccimx93 requires
a different profile file (weston-socket.sh). This profile supercedes the
old 'weston.sh'.
Signed-off-by: Javier Viguera <javier.viguera@digi.com>
Backport of multimedia package for ccimx93 from NXP's Mickledore-based
6.1.36-2.1.0 release. Mainly copies and appends of multimedia recipes
from the new release, and restricted to ccimx93 by changing the
COMPATIBLE_MACHINE, so it does not affect other platforms.
Signed-off-by: Javier Viguera <javier.viguera@digi.com>
In commit 2fd1dbfed7, we accidentally removed some changes needed to
build imx-boot with Trustfence enabled, which were added in commit
1ce17da864.
This partially reverts commit 2fd1dbfed7
Signed-off-by: Francisco Gil <francisco.gilmartinez@digi.com>
In commit 2fd1dbfed7, we accidentally removed some changes needed to
build imx-boot with Trustfence enabled, which were added in commit
1ce17da864.
This partially reverts commit 2fd1dbfed7
Signed-off-by: Francisco Gil <francisco.gilmartinez@digi.com>
LVGL is a free and open-source embedded graphics library that is able to run
in environments with limited resources.
This image includes a desktop environment and an LVGL widget demo (lvgl_demo)
https://onedigi.atlassian.net/browse/DEL-8740
Signed-off-by: Gabriel Valcazar <gabriel.valcazar@digi.com>
This commit adds several overlays for DVK v2 and modifies the boot script to apply it
based on the board_version variable.
https://onedigi.atlassian.net/browse/DEL-8746
Signed-off-by: Arturo Buzarra <arturo.buzarra@digi.com>
The nodes "/dev/ramX" and "/dev/loopX" are mounted on boot.
Each node calls the mount.sh script, but they are not mounted
because these nodes are blacklisted in the "blacklist.conf" file.
In the ccmp13 adding this modification in the rule saves
around 4 seconds per boot.
In the ccmp15 and ccimx6ul around 2 seconds are saved.
https://onedigi.atlassian.net/browse/DEL-8725
Signed-off-by: Francisco Gil <francisco.gilmartinez@digi.com>
This commit adds signed FIT image support for the CCMP1
platforms when using Trustfence.
https://onedigi.atlassian.net/browse/DEL-8591
Signed-off-by: Mike Engel <Mike.Engel@digi.com>
During firmware install, the target may be reset several times.
We don't want the bootcount to count these as boot attempts.
This was done in a791bb4463 for the ccmp1
but not for the rest of platforms.
Signed-off-by: Hector Palacios <hector.palacios@digi.com>
(cherry picked from commit 961acf48de)
These binaries are installed in subdirectories by default. The uuu
installer expects to find all binaries on the same folder where the script
is. By creating symlinks, the uuu installer can find all the binaries it
needs directly on the deploy folder.
NOTE: variables in 'for' clauses are intentionally without quotes to skip
whitespaces in them.
Signed-off-by: Hector Palacios <hector.palacios@digi.com>
(cherry picked from commit 019deb6313)
Improve boot attempts message showing not only the current boot attempt
but also the limit:
(boot attempt 1/3)
Print the message only when the bootcount mechanism is active, i.e. when
the bootlimit is defined (not zero), and when bootcount is > 0.
Signed-off-by: Hector Palacios <hector.palacios@digi.com>
https://onedigi.atlassian.net/browse/DUB-1056
(cherry picked from commit 918a9caf1d)
Use the intention of installing dual boot firmware as a condition to set
bootlimit=3 so that the bootcount mechanism is enabled.
Signed-off-by: Hector Palacios <hector.palacios@digi.com>
https://onedigi.atlassian.net/browse/DUB-1058
During firmware install, the target may be reset several times.
We don't want the bootcount to count these as boot attempts.
This was done in a791bb4463 for the ccmp1
but not for the rest of platforms.
Signed-off-by: Hector Palacios <hector.palacios@digi.com>
These binaries are installed in subdirectories by default. The uuu
installer expects to find all binaries on the same folder where the script
is. By creating symlinks, the uuu installer can find all the binaries it
needs directly on the deploy folder.
NOTE: variables in 'for' clauses are intentionally without quotes to skip
whitespaces in them.
Signed-off-by: Hector Palacios <hector.palacios@digi.com>
Improve boot attempts message showing not only the current boot attempt
but also the limit:
(boot attempt 1/3)
Print the message only when the bootcount mechanism is active, i.e. when
the bootlimit is defined (not zero), and when bootcount is > 0.
Signed-off-by: Hector Palacios <hector.palacios@digi.com>
https://onedigi.atlassian.net/browse/DUB-1056
New NXP's release is based on upstream v2.8. Use this only for ccimx93,
and keep using the previous Kirkstone release (based on upstream v2.6)
for the rest of the platforms.
Signed-off-by: Javier Viguera <javier.viguera@digi.com>
Recently, meta-freescale backported the support to build multiple boot
artifacts. This clashes with the changes in our imx-boot bbappend,
so update the bbappend to make it compatible with the latest changes
in meta-freescale.
Signed-off-by: Javier Viguera <javier.viguera@digi.com>
(cherry picked from commit 2fd1dbfed7)
Recently, meta-freescale backported the support to build multiple boot
artifacts. This clashes with the changes in our imx-boot bbappend,
so update the bbappend to make it compatible with the latest changes
in meta-freescale.
Signed-off-by: Javier Viguera <javier.viguera@digi.com>
Through the inclusion of 'nand-4-256' in BOOTDEVICE_LABELS, the include
file 'st-machine-common-stm32mp.inc' adds strings to MULTIUBI_BUILD and
IMAGE_FSTYPES that result in building ubi and ubifs images.
These are redundant and not needed since meta-digi's
'image_types_digi.bbclass' already generates the needed ubifs images.
Signed-off-by: Hector Palacios <hector.palacios@digi.com>
https://onedigi.atlassian.net/browse/DEL-8714
The STM signtools are precompiled binaries with a fixed RPATH to look for
dynamic libraries.
When the binaries are installed to the regular ${bindir} (either native or
nativesdk), additional toolchain libraries in the regular ${libdir} folder
confuse the binaries, resulting in segmentation faults when running them
or missing symbols.
The package has been reworked to place the directory structure expected
by the binaries, in a subfolder "stm" within the ${bindir}.
Two wrapper scripts with the names of the binaries (STM32MP_KeyGen_CLI and
STM32MP_SigningTool_CLI) have been created to run the binaries in the new
subfolder.
Package version has been bumped to 1.1.
While on it, remove the 'do_install' from trustfence-stm-signtools.inc
which is not needed because the 'bin_package' class already provides the
same functionality.
Signed-off-by: Hector Palacios <hector.palacios@digi.com>
https://onedigi.atlassian.net/browse/DEL-8720
The appropriate way to add STM signtools to the SDK is via RDEPENDS on
nativesdk-packagegroup-sdk-host, not through the parent recipe of STM
signtools recipe itself.
Signed-off-by: Hector Palacios <hector.palacios@digi.com>
https://onedigi.atlassian.net/browse/DEL-8720
Through the inclusion of 'nand-4-256' in BOOTDEVICE_LABELS, the include
file 'st-machine-common-stm32mp.inc' adds strings to MULTIUBI_BUILD and
IMAGE_FSTYPES that result in building ubi and ubifs images.
These are redundant and not needed since meta-digi's
'image_types_digi.bbclass' already generates the needed ubifs images.
Signed-off-by: Hector Palacios <hector.palacios@digi.com>
https://onedigi.atlassian.net/browse/DEL-8714
The STM signtools are precompiled binaries with a fixed RPATH to look for
dynamic libraries.
When the binaries are installed to the regular ${bindir} (either native or
nativesdk), additional toolchain libraries in the regular ${libdir} folder
confuse the binaries, resulting in segmentation faults when running them
or missing symbols.
The package has been reworked to place the directory structure expected
by the binaries, in a subfolder "stm" within the ${bindir}.
Two wrapper scripts with the names of the binaries (STM32MP_KeyGen_CLI and
STM32MP_SigningTool_CLI) have been created to run the binaries in the new
subfolder.
Package version has been bumped to 1.1.
While on it, remove the 'do_install' from trustfence-stm-signtools.inc
which is not needed because the 'bin_package' class already provides the
same functionality.
Signed-off-by: Hector Palacios <hector.palacios@digi.com>
https://onedigi.atlassian.net/browse/DEL-8720
The appropriate way to add STM signtools to the SDK is via RDEPENDS on
nativesdk-packagegroup-sdk-host, not through the parent recipe of STM
signtools recipe itself.
Signed-off-by: Hector Palacios <hector.palacios@digi.com>
https://onedigi.atlassian.net/browse/DEL-8720
Some platforms do not support signing external artifacts (kernel, dtb,
etc.) yet, so we need to decouple the signing of the bootloader from the
signing of the external artifacts.
This commit generalizes the code, so instead of having platform exceptions
scattered along the recipes, we create a new variable used conditionally
to sign or not the external artifacts.
Signed-off-by: Javier Viguera <javier.viguera@digi.com>
ARM64 generic overrides where in the middle of the chain with more
precedence than IMX overrides.
From:
MACHINEOVERRIDES="imx-generic-bsp:imx-nxp-bsp:imxdrm:imxpxp:mx9-generic-bsp:mx9-nxp-bsp:mx93-generic-bsp:mx93-nxp-bsp:ccimx93:ccimx93:aarch64:armv8-2a:use-nxp-bsp:ccimx93-dvk"
To:
MACHINEOVERRIDES="aarch64:armv8-2a:use-nxp-bsp:imx-generic-bsp:imx-nxp-bsp:imxdrm:imxpxp:mx9-generic-bsp:mx9-nxp-bsp:mx93-generic-bsp:mx93-nxp-bsp:ccimx93:ccimx93:ccimx93-dvk"
Signed-off-by: Javier Viguera <javier.viguera@digi.com>
mkimage output provides some information (basically image offsets) that
cst (code signing tool) uses to sign imx-boot images.
Signed-off-by: Javier Viguera <javier.viguera@digi.com>
This version supports i.MX8ULP and i.MX9x devices.
NOTICE: changed the "srk_ca" parameter in ahab_pki_tree.sh from "yes" to
"no". This script is shared between cc8x and ccimx93. The imx93 does not
support that option at the moment (generation of subordinate SGK certs)
and for the cc8x we were generating them but never used them to sign
the artifacts.
Signed-off-by: Javier Viguera <javier.viguera@digi.com>
Merge the patches for the PKI tree generation scripts, to ease
maintenance (still keeping two separate patches for HAB4/AHAB).
Signed-off-by: Javier Viguera <javier.viguera@digi.com>
ARM64 generic overrides were in the middle of the chain with more
precedence than IMX overrides.
From:
MACHINEOVERRIDES="imx-generic-bsp:imx-nxp-bsp:imxdrm:imxpxp:mx9-generic-bsp:mx9-nxp-bsp:mx93-generic-bsp:mx93-nxp-bsp:ccimx93:ccimx93:aarch64:armv8-2a:use-nxp-bsp:ccimx93-dvk"
To:
MACHINEOVERRIDES="aarch64:armv8-2a:use-nxp-bsp:imx-generic-bsp:imx-nxp-bsp:imxdrm:imxpxp:mx9-generic-bsp:mx9-nxp-bsp:mx93-generic-bsp:mx93-nxp-bsp:ccimx93:ccimx93:ccimx93-dvk"
Signed-off-by: Javier Viguera <javier.viguera@digi.com>
If the default r/w rootfs is not found it will try to do a
fallback to the squashfs image.
In the nand devices additionally we need to set the rootfstype
to squashfs.
https://onedigi.atlassian.net/browse/DEL-8638
Signed-off-by: Francisco Gil <francisco.gilmartinez@digi.com>
When booting from a microSD, the variable 'boot_device' is
set to "mmc". Check this to fall back to booting Linux from
the microSD partitions.
Signed-off-by: Hector Palacios <hector.palacios@digi.com>
These are files for programming images with STM32CubeMX tool.
We don't use the tool or the files. Remove the task to avoid build
warnings.
Signed-off-by: Hector Palacios <hector.palacios@digi.com>
BOOTDEVICE_LABELS defines the supported boot device (NAND by default).
BOOTSCHEME_LABELS defines the which kind of boot is supported.
Signed-off-by: Hector Palacios <hector.palacios@digi.com>
We will use BOOTDEVICE_LABELS as a means to add 'sdcard'
configuration to TF_A_CONFIG within meta-st-stm32 so there
is no need to have a wrapper variable in meta-digi.
This reverts commit 7cf314ba80.
Signed-off-by: Hector Palacios <hector.palacios@digi.com>
We will use BOOTDEVICE_LABELS as a means to add 'sdcard'
configuration to TF_A_CONFIG within meta-st-stm32 so there
is no need to have a wrapper variable in meta-digi.
This reverts commit c6f19a099c.
Signed-off-by: Hector Palacios <hector.palacios@digi.com>
Digi's mechanism to use a custom Linux kernel defconfig is
based on setting the variable KERNEL_DEFCONFIG, however ST
implements their own mechanism with a custom variable
KERNEL_EXTERNAL_DEFCONFIG. When providing an external defconfig,
the variable needs to be set, otherwise a build error
will be generated. So to keep compatibility with NXP
platforms, this commit weakly assigns KERNEL_EXTERNAL_DEFCONFIG
to a default value "defconfig".
Signed-off-by: Francisco Gil <francisco.gilmartinez@digi.com>
ConnectCore Cloud Services examples are included in 'dey-examples' repository
so they can be built from here and also imported in Eclipse/Digi Application
Development Environment for Linux with the samples wizard.
The example 'upload_file' has been removed since currently there is no support
for binary data points in the CCCS daemon/client model.
https://onedigi.atlassian.net/browse/DEL-8628
Signed-off-by: Tatiana Leon <Tatiana.Leon@digi.com>
This recipe generates several packages:
* 'cccs' includes the CCCS shared library
* 'cccs-daemon' includes the binary and resources to execute the CCCS daemon
(daemon, service and init scripts, configuration file)
* 'cccs-cert' includes the required certificate to use CCCS daemon
* 'cccs-gs-demo' includes the binary and resources to execute the CCCS get
started demo (binary, service and init scripts)
* 'cccs-legacy' includes the binary (all-in-one) application to execute
the legacy CCCS application (aka cloud-connector) and the configuration
file
* 'cccs-legacy-dev' includes resources to develop legacy CCCS applications
(all-in-one) (header files inside 'cloud-connector' and 'cloudconnector.pc'
pkg config file)
* 'cccs-legacy-staticdev' includes static resources to develop legacy CCCS
applications (all-in-one) (static library)
This commit also renames:
* 'CLOUDCONNECTOR_PKGS' variable to 'CCCS_PKGS'.
* 'CC_DEVICE_TYPE' variable to 'CCCS_DEVICE_TYPE'.
https://onedigi.atlassian.net/browse/DEL-8628
Signed-off-by: Tatiana Leon <Tatiana.Leon@digi.com>
Until now, for dualboot systems, all boot variables were calculated on each boot depending on the value of the
'active_system'. These variables are used to boot the device but were not saved, which could lead to a missmatch
between their value in the environment and their required values to correctly boot the system. This commit
simplifies a bit the variables calculation and adds a block to synchronize their value in the environment.
Signed-off-by: David Escalona <david.escalona@digi.com>
All the 'altboot' script functionality has been moved directly to the 'altbootcmd' command
in U-Boot, so this script is no longer necessary. Remove it for all platforms.
https://onedigi.atlassian.net/browse/DEL-8674
Signed-off-by: David Escalona <david.escalona@digi.com>
The install scripts from SD/USB use a fixed image name.
If you are trying to install a different image you need to set
the env variable 'image-name' first.
Add a helper message if default files are not found to
avoid needing to go to the documentation.
Signed-off-by: Hector Palacios <hector.palacios@digi.com>
During firmware install, the target may be reset several times.
We don't want the bootcount to count these as boot attempts.
Signed-off-by: Hector Palacios <hector.palacios@digi.com>
Now in the ccmp1X platform the index for the data partition is
hosted in the ubi1 volume instead of the ubi0.
Signed-off-by: Francisco Gil <francisco.gilmartinez@digi.com>
The ccmp1 has two MTD partitions (UBI, UBI_2) with different system
volumes.
Previously, the fact of having two ubi devices was taken as proof of
being on a multi-MTD system (one that has one UBI volume per partition).
Instead, this commit reformulates the condition to having a partition of
the same name than the UBI volume.
Signed-off-by: Hector Palacios <hector.palacios@digi.com>
PKI tree generation for the STM32MP15 cpu provides the undesired file
"publicKeysHashHashes.bin", which is only required by STM32MP13. This commit
generates the PKI tree according to the KeyGen tool documentation to avoid
generate this extra file and avoid confusing the end user.
Signed-off-by: Arturo Buzarra <arturo.buzarra@digi.com>
Any errors in the PKI tree generation are not reported to bitbake, so the
script fails silently. This commit adds a validation of the script execution,
and if it fails, it aborts the execution and notifies to bitbake.
Signed-off-by: Arturo Buzarra <arturo.buzarra@digi.com>
The KeyGen tool to generate 8 key pairs requires 8 consecutive passwords,
however, when the shell expands the passwords variable, it interprets it as a
single string instead of 8 different strings and fails.
Signed-off-by: Arturo Buzarra <arturo.buzarra@digi.com>
The 'bootcount' value is now incremented and stored in the system on every boot and
not only then the 'upgrade_available' flag is set. Also, ensure the value is cleared
when the 'altboot' script is executed by running the new U-Boot command 'bootcount reset'.
https://onedigi.atlassian.net/browse/DEL-8506
Signed-off-by: David Escalona <david.escalona@digi.com>
This branch contains the latest BSP changes from STM's v5.15-stm32mp-r2.1
release.
https://onedigi.atlassian.net/browse/DEL-8659
Signed-off-by: Gabriel Valcazar <gabriel.valcazar@digi.com>
The STM32MP15 SoC can only use one sign key.
Forcibly set TRUSTFENCE_KEY_INDEX on the machine conf so
that it cannot be overriden by mistake on the local.conf.
Signed-off-by: Hector Palacios <hector.palacios@digi.com>
Hector Palacios
Gabriel Valcazar
Mike Engel
Javier Viguera
Hector Bujanda
Isaac Hermida
Francisco Gil
Arturo Buzarra
Tatiana Leon
David Escalona