When Trustfence is enabled, this adds a dependence on the TF initramfs,
so it's built and added to the boot image.
It also modifies the u-boot boot script on the fly, to boot correctly
using the Trustfence initramfs.
https://jira.digi.com/browse/DEL-2278
Signed-off-by: Javier Viguera <javier.viguera@digi.com>
The external module revision has been upgraded in meta-fsl-arm, thus
refresh the patches so they apply cleanly.
https://jira.digi.com/browse/DEL-2305
Signed-off-by: Javier Viguera <javier.viguera@digi.com>
The size of the destination partition (linux) is around 14MiB so the
max-leb-cnt must be reduced compared to the one used for the rootfs
partition.
Signed-off-by: Hector Palacios <hector.palacios@digi.com>
https://jira.digi.com/browse/DEL-2697
This creates a UBIFS file with the kernel, device tree files, and U-Boot
bootscripts generated by Digi Embedded Yocto.
The resulting image can be then programmed into the boot (linux) partition.
Signed-off-by: Hector Palacios <hector.palacios@digi.com>
https://jira.digi.com/browse/DEL-2697
- boot.txt
Sets the device tree filename basing on the SOM variant read from
the HWID and boots from NAND.
- install_linux_fw_sd
Deploys a full system (as generated by Digi Embedded Yocto) from
a FAT formatted micro SD card into the NAND flash.
The u-boot-dey recipe is now fully shared by ccimx6 and ccimx6ul platforms
so we can remove the platform-specific appends.
Signed-off-by: Hector Palacios <hector.palacios@digi.com>
The setting of 'bootcmd' in the script was done using single quotes, which
doesn't expand variables. As a consequence the following variables must
be defined again (during the execution of the second part of the script):
- mmcdev
- INSTALL_LINUX_FILENAME
- INSTALL_ROOTFS_FILENAME
This patch changes the single quotes with double quotes, so that these
variables are expanded during the setting of 'bootcmd' with the values
assigned at the begining of the installation script (notice these are
not dynamically generated so there is no risk to expand them).
At the same time we need to escape with a backslash:
- double quotes containing strings
- variables that we don't want to expand (like the return value $?)
Signed-off-by: Hector Palacios <hector.palacios@digi.com>
- Add semi-colons to instructions inside 'setenv' commands
- Remove semi-colons in instructions where they are not needed (for
consistency with the rest of instructions)
Signed-off-by: Hector Palacios <hector.palacios@digi.com>
By default the driver was being compiled with debug messages. Disabled it
but leave the option there so it can be enabled by user.
Signed-off-by: Isaac Hermida <isaac.hermida@digi.com>
This commit will add the cryptodev module to the CC6UL kernel to use
the CAAM from user space through this device.
Signed-off-by: Mike Engel <Mike.Engel@digi.com>
https://jira.digi.com/browse/DEL-2719
Do not compile the kernel for supporting the static regulatory domain
but force the system to do that by using crda.
https://jira.digi.com/browse/DEL-2539
Signed-off-by: Isaac Hermida <isaac.hermida@digi.com>
The root filesystem can have installed the busybox modprobe implementation or
the kmod modprobe implementation.
Check the version installed and compound the modprobe arguments.
Signed-off-by: Isaac Hermida <isaac.hermida@digi.com>
Add recipe kernel-module-qualcomm to compile kernel module externally with all
the patches for kernel 4.1.15.
https://jira.digi.com/browse/DEL-2653
Signed-off-by: Isaac Hermida <isaac.hermida@digi.com>
We compile those modules as built in to avoid a mismatch
between the current kernel version and the wlan.ko module.
https://jira.digi.com/browse/DEL-2653
Signed-off-by: Isaac Hermida <isaac.hermida@digi.com>
This function is deprecated in favor of bb.utils.contains. The same
change has been done in other layers.
Signed-off-by: Javier Viguera <javier.viguera@digi.com>
The CC6UL does not support booting from SD card, so it does not make
sense to create a SDCARD image by default.
Signed-off-by: Javier Viguera <javier.viguera@digi.com>
There are several possible values for TRUSTFENCE_UBOOT_ENV_DEK:
* Not defined: if the trustfence support is not included.
Should not include the feature.
* 32 characters: when defining a valid key.
Should include the feature.
* "0": when explicetily disabling the feature.
Should not include the feature
* <other>: Invalid value, should trigger the error.
This commits fixes the logic so that 'None' (no defined) is taken as a valid
value.
Signed-off-by: Jose Diaz de Grenu de Pedro <Jose.DiazdeGrenudePedro@digi.com>
https://jira.digi.com/browse/DEL-2603
Signed-off-by: Alex Gonzalez <alex.gonzalez@digi.com>
Signed-off-by: Jose Diaz de Grenu de Pedro <Jose.DiazdeGrenudePedro@digi.com>
Implement the set of TRUSTFENCE_ macros to configure each secure boot feature
available in U-Boot.
https://jira.digi.com/browse/DUB-570
Signed-off-by: Jose Diaz de Grenu de Pedro <Jose.DiazdeGrenudePedro@digi.com>
This enables the Cryptographic Accelerator and Assurance Module (CAAM).
https://jira.digi.com/browse/DEL-2502
Signed-off-by: Javier Viguera <javier.viguera@digi.com>
This daemon (rngd) feeds random data from hardware device to kernel
entropy pool.
https://jira.digi.com/browse/DEL-2501
Signed-off-by: Javier Viguera <javier.viguera@digi.com>
This module is the interface between user-space (openssl, gnutls) and
the hardware cryptographic acceleration support (CAAM).
This commit installs the module in the rootfs and configures it so it is
loaded on boot.
https://jira.digi.com/browse/DEL-2501
Signed-off-by: Javier Viguera <javier.viguera@digi.com>
This enables the Cryptographic Accelerator and Assurance Module (CAAM).
https://jira.digi.com/browse/DEL-2502
Signed-off-by: Javier Viguera <javier.viguera@digi.com>
Adding some early initial support as a copy of ccimx6 files.
https://jira.digi.com/browse/DEL-2529
Signed-off-by: Isaac Hermida <isaac.hermida@digi.com>
Used ccimx6ul_defconfig from v4.1/master repository.
The defconfig file will live under module folder and not specific platform
folder because it will be the same for other ccimx6ul platforms.
https://jira.digi.com/browse/DEL-2381https://jira.digi.com/browse/DEL-2529
Signed-off-by: Isaac Hermida <isaac.hermida@digi.com>
COMPATIBLE_MACHINE is a regular expression, so we need to update the current
pattern for ccimx6 due to it will also match with ccimx6ul.
Signed-off-by: Isaac Hermida <isaac.hermida@digi.com>
Use LAYERDEPENDS to configure the layer dependences for meta-digi-arm
and meta-digi-dey.
https://jira.digi.com/browse/DEL-1129
Signed-off-by: Javier Viguera <javier.viguera@digi.com>
Alex Gonzalez
Javier Viguera
Hector Palacios
Isaac Hermida
Diaz de Grenu, Jose
Mike Engel
Jose Diaz de Grenu de Pedro