Correct the bootloader artifact names (TF-A and FIP) for CCMP1/CCMP2 during
.swu generation with TrustFence enabled.
Signed-off-by: Arturo Buzarra <arturo.buzarra@digi.com>
This commit updates the virtual OP-TEE syntax for the CCMP1 and CCMP2 platforms
to align with the changes introduced in the meta-st-stm32mp layer. Specifically,
it mirrors the update made in commit ded46c7d24addf91ec81c9f64309e6376689977a
("Adapt to virtual optee changes").
Signed-off-by: Arturo Buzarra <arturo.buzarra@digi.com>
This commit updates the Digi custom .bbappend recipes for FIP and TF-A to align
with the latest ST BSP release, based on the openstlinux-6.6-yocto-scarthgap-mpu-v25.06.11
tag for Yocto 5.0 (scarthgap).
https://onedigi.atlassian.net/browse/DEL-9734
Signed-off-by: Arturo Buzarra <arturo.buzarra@digi.com>
Move the address where the fitImage is loaded after the addresses
where the binaries in it are decompressed. This way, the fitImage
can grow without size restrictions.
The memory map now looks like this:
0xC0000000 Start of memory
|
| (32 MiB)
v
0xC2000000 Kernel loadaddr ($loadaddr)
|
| (32 MiB)
v
0xC4000000 DTB/DTBO load address ($fdt_addr)
| (4 MiB)
v
0xC4400000 Init ram disk ($initrd_addr)
|
|
| (64 MiB)
|
v
0xC8400000 ZIP/fitImage address ($fit_addr_r)
|
~
|
v
Signed-off-by: Hector Palacios <hector.palacios@digi.com>
IMAGE_FSTYPES was declared on each platform config file, but it has the
same values for all platforms depending on the storage media (mmc or mtd)
and whether read-only is enabled.
Move the conditional weak assignment to digi-default.inc and remove it from
each platform config.
In the case of STM platforms, since IMAGE_FSTYPES is weak-assigned by STM
layer, we still need to append/remove from it inside the platform config,
but move it to the family includes, rather than declaring it on each
specific platform.
Signed-off-by: Hector Palacios <hector.palacios@digi.com>
This commit updates the memory layout to properly allocate space for the
different FIT image components, while ensuring total memory usage stays below
128 MiB. This avoids overlaps and ensures correct loading on memory-constrained
variants.
Final memory map:
Start of memory: # 0xC0000000
# |
# | 32 MiB reserved
# v
FIT image load address: # 0xC2000000
# |
# | 32 MiB for FIT image
# v
Kernel load address: # 0xC4000000
# |
# | 32 MiB for Kernel
# v
DTB/DTBO load address: # 0xC6000000
# |
# | Size for DTB/DTBO
# v
Total memory mapped: 96 MiB
https://onedigi.atlassian.net/browse/DEL-9634
Signed-off-by: Arturo Buzarra <arturo.buzarra@digi.com>
In theory, we already had the necessary changes to remove these images, but
two things needed tweaking:
* MULTIUBI_BUILD values use underscores instead of hyphens, so use
underscores to properly remove the default value inherited from
BOOTDEVICE_LABELS.
* STM used to incorporate a custom "stmultiubi" image type in the stm32mp
builds, but they've replaced this with the upstream "multiubi" type.
Reflect this change to avoid generating additional UBI/UBIFS images in
our builds.
Signed-off-by: Gabriel Valcazar <gabriel.valcazar@digi.com>
Commit 9c3916da94 added INSANE_SKIP
"32bit-time" to certain recipes that use 32bit APIs on the ccmp1
SOMs, but forgot to include the `pn-` prefix to really apply to
those recipes.
While on it, add two additional ones on recipes used by NXP 32-bit
platforms.
Signed-off-by: Hector Palacios <hector.palacios@digi.com>
The binaries of certain recipes use 32-bit APIs (ioctl, stat) that produce
build warnings. Add INSANE_SKIP to prevent the warnings.
Signed-off-by: Hector Palacios <hector.palacios@digi.com>
ALSA_LIST variable is weakly set through an override (stm32mp1common or
stm32mp2common). When the override is in place, the hard assignment of
the plain variable is not enough, and the value weakly set in
meta-st-stm32mp layer takes precedence over the plain variable hard
assignment.
Clear the variable with the override and move it from machine config files
to the include file.
Signed-off-by: Hector Palacios <hector.palacios@digi.com>
Move BOOTSCHEME_LABELS from common include to platform config
Default to:
- 'opteemin' for ccmp15
- 'optee' for ccmp13
This doesn't change the behavior present in DEY-4.0, where OPTEE in ccmp15
was minimal and running on non-secure DDR.
Signed-off-by: Hector Palacios <hector.palacios@digi.com>
This commit removes kernel headers from the SDK package list to
prevent overwriting the default ones, as there are currently no
ST-specific headers required.
Reference: ebadb27d60
Signed-off-by: Hector Palacios <hector.palacios@digi.com>
Now all platforms support setting the GPIO name instead of an index
as the configuration for the GPIO-enabled secure console.
Repurpose the TRUSTFENCE_GPIO_ENABLE macro to directly set the GPIO
name.
Also take the opportunity to remove TRUSTFENCE_GPIO_ENABLE and
TRUSTFENCE_CONSOLE_PASSPHRASE_ENABLE commented definitions from bbclass
and conf files, and remove a duplicated TRUSTFENCE_CONSOLE_DISABLE
definition from ccmp1.inc.
Signed-off-by: Gonzalo Ruiz <Gonzalo.Ruiz@digi.com>
We tested all tarball compression formats supported by poky, and although bz2
has faster (de)compression time, xz is better in terms of compression ratio:
for all of the rootfs tarballs generated for our currently supported
images/platforms (15 at the moment), the xz format saves an average of 30 MiB
per tarball compared to bz2, totalling up to 450 MiB.
No extra dependencies are pulled in, since xz-native is already being pulled in
for all of our image builds, so the only drawback to this change is the
increased compression time (+7.34s on average per tarball).
https://onedigi.atlassian.net/browse/DEL-9459
Signed-off-by: Gabriel Valcazar <gabriel.valcazar@digi.com>
Instead of manually disabling the task, use the ENABLE_FLASHLAYOUT_CONFIG
variable which is meant for that exact purpose.
Signed-off-by: Gabriel Valcazar <gabriel.valcazar@digi.com>
This commit adds the initramfs into the FIT recovery
image. If the RAM disk image is included in the FIT
image we need to create a initramfs file that doesn't
include the u-boot header, because the FIT descriptor
contains all the necessary information to use the
initramfs file.
https://onedigi.atlassian.net/browse/DEL-9168
Signed-off-by: Mike Engel <Mike.Engel@digi.com>
Optee-client provides the TEE Client API as defined by the GlobalPlatform TEE standard.
It is required to communicate with a Trusted Application (TA) running in a Trusted OS.
https://onedigi.atlassian.net/browse/DEL-8970
Signed-off-by: Arturo Buzarra <arturo.buzarra@digi.com>
We rely on FIT support to implement boot artifact authentication on ccmp1
platforms, but our implementation made it impossible to enable FIT support
outside of the context of Trustfence/secure boot.
Change this so that it's possible to enable FIT support without having to sign
the FIT artifacts. Also, modify the linux-dey 5.15 recipe so that the U-Boot
DTBs with signatures get copied only when FIT signing is enabled.
https://onedigi.atlassian.net/browse/DEL-8946
Signed-off-by: Gabriel Valcazar <gabriel.valcazar@digi.com>
This commit implements the support to allow different memory configurations for
the CCMP1 platforms, adding support to 512MB and 1GB memory variants for the CCMP15.
https://onedigi.atlassian.net/browse/DEL-8752
Signed-off-by: Arturo Buzarra <arturo.buzarra@digi.com>
The TF-A and OP-TEE images have different suffixes depending
on whether TrustFence is enabled or not, but the suffix variables
themselves must exist independently of whether TF is enabled.
Currently, they were defined on the trustfence.bbclass, and the
variables did not exist when TF was disabled, which caused build
problems, for example, building the SWU file.
Signed-off-by: Hector Palacios <hector.palacios@digi.com>
This commit removes the BOOTLOADER_SEEK_OFFSER, because it has been
moved into the swupdate class and renamed into SWUPDATE_UBOOT_OFFSET.
Signed-off-by: Mike Engel <Mike.Engel@digi.com>
This commit adds u-boot swupdate support for all platforms.
Now u-boot can be updated with all our supported update
options. Currently it will only update first partition
u-boot partition.
https://onedigi.atlassian.net/browse/DEL-8749
Signed-off-by: Mike Engel <Mike.Engel@digi.com>
The 'mtd-blacklist' parameter prevents swupdate from acting upon those
partitions that we consider sensitive.
Make such list platform-dependent.
Signed-off-by: Hector Palacios <hector.palacios@digi.com>
An anonymous function in linux-stm32mp.inc produces a bbfatal error when
KERNEL_DEVICETREE variable contains more than one device tree. This is our
case since we build the main DT plus a number of DT overlays.
This commit removes the dependency to this include file since we have our
own recipe to build the kernel and it is not needed at all.
It also removes the build of a uImage and the need to provide a
LOADADDR.
Signed-off-by: Hector Palacios <hector.palacios@digi.com>
This commit adds signed FIT image support for the CCMP1
platforms when using Trustfence.
https://onedigi.atlassian.net/browse/DEL-8591
Signed-off-by: Mike Engel <Mike.Engel@digi.com>
Through the inclusion of 'nand-4-256' in BOOTDEVICE_LABELS, the include
file 'st-machine-common-stm32mp.inc' adds strings to MULTIUBI_BUILD and
IMAGE_FSTYPES that result in building ubi and ubifs images.
These are redundant and not needed since meta-digi's
'image_types_digi.bbclass' already generates the needed ubifs images.
Signed-off-by: Hector Palacios <hector.palacios@digi.com>
https://onedigi.atlassian.net/browse/DEL-8714
These are files for programming images with STM32CubeMX tool.
We don't use the tool or the files. Remove the task to avoid build
warnings.
Signed-off-by: Hector Palacios <hector.palacios@digi.com>
BOOTDEVICE_LABELS defines the supported boot device (NAND by default).
BOOTSCHEME_LABELS defines the which kind of boot is supported.
Signed-off-by: Hector Palacios <hector.palacios@digi.com>
This wks file creates the required GPT and partition layout
to have a bootable SD card with the following partitions:
- fsbl1
- fsbl2
- metadata1
- metadata2
- fip-a
- fip-b
- u-boot-env
- linux
- rootfs
- data
Signed-off-by: Hector Palacios <hector.palacios@digi.com>
https://onedigi.atlassian.net/browse/DEL-8120
The name of the variable was not very intuitive of what
it contains. This variable expands to the SoC vendor
(NXP or STM).
Signed-off-by: Hector Palacios <hector.palacios@digi.com>
There are other device managers (e.g. mdev) that do not understand those
udev rules, so do not install them unconditionally.
Signed-off-by: Javier Viguera <javier.viguera@digi.com>
True is the default since long time ago, and thus not necessary. This
follows similar changes done in other layers.
Command used:
sed -e 's|\(d\.getVar \?\)( \?\([^,()]*\), \?True)|\1(\2)|g' -i $(git grep -E 'getVar ?\( ?([^,()]*), ?True\)' | cut -d':' -f1 | sort -u)
Signed-off-by: Javier Viguera <javier.viguera@digi.com>
When read-only feature is enabled, the rootfs should be .squashfs
and not .ubifs.
Signed-off-by: Hector Palacios <hector.palacios@digi.com>
(cherry picked from commit c32278af74cea8cb38aa81590eaa867be1c739c9)
Signed-off-by: Javier Viguera <javier.viguera@digi.com>
All the dualboot logic will be checked in run time.
To do this:
* Include the altboot.src by default in all the images
* Create a post installation script to change the
firmware_download_path in the cloud connector
* Unify the swupdate file descriptor for dual and single boot
Signed-off-by: Francisco Gil <francisco.gilmartinez@digi.com>
This commit removes duplicated and unused build artifacts for the ccmp1
platforms. Also fixes a build warning related with flashlayout config file.
Signed-off-by: Arturo Buzarra <arturo.buzarra@digi.com>
This commit adds the extra machine specific configuration files for udev on
ccmp1 platforms to allow, for example, automount storage devices.
https://onedigi.atlassian.net/browse/DEL-8193
Signed-off-by: Arturo Buzarra <arturo.buzarra@digi.com>
Arturo Buzarra
Hector Palacios
Gabriel Valcazar
Gonzalo Ruiz
Mike Engel
David Escalona
Javier Viguera
Francisco Gil