This commit add secure storage service and helper
script to setup the secure storage at boot up.
Signed-off-by: Mike Engel <Mike.Engel@digi.com>
https://onedigi.atlassian.net/browse/DEL-9891
This commit includes a new tarball based on trustfence-fscrypt v0.2,
cross-compiled against libteec v1.0.0, to enable support for STM32MP1x platforms.
Signed-off-by: Arturo Buzarra <arturo.buzarra@digi.com>
This commit updates the tarball to be based on libteec v1.0.0, as the previous
version was generated without the correct Trusted Application (TA) and did not
work properly.
Signed-off-by: Arturo Buzarra <arturo.buzarra@digi.com>
This commit includes a new tarball based on trustfence-fscrypt v0.2,
cross-compiled against libteec v1.0.0, to enable support for STM32MP platforms.
https://onedigi.atlassian.net/browse/DEL-9442
Signed-off-by: Arturo Buzarra <arturo.buzarra@digi.com>
This commit updates secure boot support based on the STM32 MPU Ecosystem v6.0
and integrates support for the ConnectCore MP2 platform.
https://onedigi.atlassian.net/browse/DEL-9442
Signed-off-by: Arturo Buzarra <arturo.buzarra@digi.com>
Optee client library updated its major version due to a ABI breaking
change:
3eac340a78
This update provides a new build of the trustfence-fscrypt app, linking
to the new version of libteec.
https://onedigi.atlassian.net/browse/DEL-9341
Signed-off-by: Javier Viguera <javier.viguera@digi.com>
These recipes install binaries inside of /sbin, which causes QA errors when
usrmerge is enabled in DISTRO_FEATURES. Said feature is now required for
Yocto 5.0's version of systemd, so keep using the same versions of the tools
and simply move the binaries to /usr/sbin if needed.
https://onedigi.atlassian.net/browse/DEL-9011
Signed-off-by: Gabriel Valcazar <gabriel.valcazar@digi.com>
This commits adds the CCMX91 platform to the DEY
build system. Furthermore, it creates generic ccimx9
support to be used for the CCiMX91 and CCiMX93
platform.
https://onedigi.atlassian.net/browse/DEL-9106
Signed-off-by: Isaac Hermida <isaac.hermida@digi.com>
Signed-off-by: Mike Engel <Mike.Engel@digi.com>
Add also 'e2fsprogs-tune2fs' to the image, as busybox's version of
tune2fs command does not support setting the "encrypt" feature of the
EXT4 filesystem.
Signed-off-by: Mike Engel <Mike.Engel@digi.com>
Signed-off-by: Javier Viguera <javier.viguera@digi.com>
This package is purely vestigial and hasn't been used at all in any of our
initramfs images for over 7 years. It was used in the first implementation
of the trustfence initramfs (commit 4dd7d438af)
to securely erase the key used by cryptsetup, but two weeks later, that logic
was moved to trustfence-tool (commit a8c50c16ea)
and "wipe" was no longer needed. However, the package remained in the
dependencies of the trustfence initramfs, which were then used as reference for
the recovery initramfs, even though this initramfs didn't even need "wipe" to
begin with.
Removing this package saves 30.8 KiB in the ccimx6ul recovery image.
https://onedigi.atlassian.net/browse/DEL-8819
Signed-off-by: Gabriel Valcazar <gabriel.valcazar@digi.com>
The common license file GPL-2.0 is now called GPL-2.0-only in poky, so we need
to reflect this name change to avoid errors
Signed-off-by: Gabriel Valcazar <gabriel.valcazar@digi.com>
This version adds new functionality to check if an encryption key is installed
as well as a fix for an issue that happens when encrypting partitions with long
names (over 12 characters).
https://onedigi.atlassian.net/browse/DEL-7535
Signed-off-by: Gabriel Valcazar <gabriel.valcazar@digi.com>
This initramfs only makes sense in platforms with an eMMC as the internal
storage, due to how the partition encryption support is implemented. In
plaatforms that use NAND instead, ths initramfs offers no functionality and
increases the recovery image size, so remove it.
https://onedigi.atlassian.net/browse/DEL-7534
Signed-off-by: Gabriel Valcazar <gabriel.valcazar@digi.com>
Modify the recovery and trustfence initramfs scripts to be able to encrypt any
partition on the internal storage media, not just the rootfs.
To implement this functionality, add a new recovery command called
'encrypt_partitions'. When used, this command must contain a comma-separated
list of the partitions that are to be encrypted by the end of the recovery
process, including partitions that were already encrypted beforehand. Any
partition that isn't in the list will be unencrypted. If the command is absent,
no changes will be made, but it's possible to pass an empty command to
unencrypt all partitions.
Include a blacklist to avoid encrypting partitions that shouldn't be encrypted,
such as partitions that need to be accessed by the ROM code/U-Boot or
partitions that contain encryption keys.
While at it, remove unnecessary "get_kernel_version" function from the script.
https://onedigi.atlassian.net/browse/DEL-7174
Signed-off-by: Gabriel Valcazar <gabriel.valcazar@digi.com>
Modify the recovery-utils code to reflect the change (change in C header and
linked libraries)
https://jira.digi.com/browse/DEL-7410
Signed-off-by: Gabriel Valcazar <gabriel.valcazar@digi.com>
This version includes changes needed to reflect the OTP driver update in the
kernel.
https://jira.digi.com/browse/DEL-7261
Signed-off-by: Gabriel Valcazar <gabriel.valcazar@digi.com>
The poweroff command is not available in the initramfs due to a missing
sysvinit/systemd dependency. Use the busybox "halt" command, since it's
available regardless of the init manager used. Rework the error message and
script variables accordingly.
https://jira.digi.com/browse/DEL-6983
Signed-off-by: Gabriel Valcazar <gabriel.valcazar@digi.com>
Trustfence is not supported in the CC8X at the moment. This cleans the
following warning:
WARNING: meta-digi/meta-digi-dey/recipes-core/trustfence/trustfence-initramfs.bb: Unable to get checksum for trustfence-initramfs SRC_URI entry trustfence-initramfs-init: file could not be found
Signed-off-by: Jose Diaz de Grenu <Jose.DiazdeGrenu@digi.com>
(cherry picked from commit 778fc424274fc0983c348f4da6ca09e1a7b5b859)
We now have different tarballs for each CPU architecture we compile for. Also,
add support for the aarch64 tarball.
https://jira.digi.com/browse/DEL-6046
Signed-off-by: Gabriel Valcazar <gabriel.valcazar@digi.com>
This tool was only needed for old kernels, newer kernels use the hardware
random number generator themselves.
https://jira.digi.com/browse/DEL-5518
Signed-off-by: Jose Diaz de Grenu <Jose.DiazdeGrenu@digi.com>
This commit modifies different recipes to support the new platform
ccimx6qpsbc and adapt it to maintain the support to ccimx6sbc.
https://jira.digi.com/browse/DEL-5082
Signed-off-by: Arturo Buzarra <arturo.buzarra@digi.com>
Allowing to boot a non-encrypted rootfs when encryption is enable is a security
hole: if an attacker can somehow write (offline) to the media, he could flash a
custom unencrypted rootfs and break into the system.
If the system is configured to use encryption, only encrypted rootfs will boot.
Trying to boot a non-encrypted rootfs will fail and power off the device.
https://jira.digi.com/browse/DEL-3829
Signed-off-by: Tatiana Leon <tatiana.leon@digi.com>
The recovery ramdisk already contains functionality for encrypted rootfs
installation. The goal is to centralize all this functionality in the recovery
ramdisk.
https://jira.digi.com/browse/DEL-3829
Signed-off-by: Tatiana Leon <tatiana.leon@digi.com>
Use the static binary from the tarball, which should be common across
different platforms and operating systems.
https://jira.digi.com/browse/DEL-3261
Signed-off-by: Javier Viguera <javier.viguera@digi.com>
New functionality has been implemented in trustfence-tool application,
so there is no need to call cryptsetup command.
Signed-off-by: Javier Viguera <javier.viguera@digi.com>
Get filesystem type of rootfs block device and pass it explicitly to the
mount command to clean following warnings on boot:
EXT4-fs (dm-0): couldn't mount as ext3 due to feature incompatibilities
EXT4-fs (dm-0): couldn't mount as ext2 due to feature incompatibilities
Signed-off-by: Javier Viguera <javier.viguera@digi.com>
This package adds some files needed by the trustfence initramfs and that
are not included in other packages.
https://jira.digi.com/browse/DEL-2278
Signed-off-by: Javier Viguera <javier.viguera@digi.com>
Mike Engel
Arturo Buzarra
Javier Viguera
Gabriel Valcazar
Isaac Hermida
Jose Diaz de Grenu
Gonzalo Ruiz
Sebastian Pastor
Tatiana Leon
Alex Gonzalez