* Move Digi code out of the upstream files to minimize conflicts in
version migrations.
* Remove all the TEE client copied code and use the libteeclient library.
* Some fixes in the Optee-based environment encryption
* Some simplifications in CAAM-based environment encryption.
https://onedigi.atlassian.net/browse/DUB-1079
Signed-off-by: Javier Viguera <javier.viguera@digi.com>
libubootenv treats negative offsets as backwards offset from the end of
the block device, so use that to move the environment to the last 16KiB
of the hardware boot partitions.
https://onedigi.atlassian.net/browse/DUB-1064
Signed-off-by: Javier Viguera <javier.viguera@digi.com>
This commit adds support for environment encryption/decryption of the
u-boot environment on the CCMP1 platform in Linux.
Signed-off-by: Mike Engel <Mike.Engel@digi.com>
We can't run a post installation script in a readonly file system.
We need to provide a configuration file beforehand.
https://onedigi.atlassian.net/browse/DEL-8556
Signed-off-by: Francisco Gil <francisco.gilmartinez@digi.com>
The HWID is populated on the device tree by the boot loader.
This can be used as a key modifier when encrypting the U-Boot
environment. Some old U-Boot versions however, did not populate
the HWID on the device tree. When updating firmware from an
old version to a new one, the library may not be able to read
the HWID from the DT and then be unable to unencrypt the
environment.
This patch implements a fall-back function to read the HWID
directly from the nvmem node (sysfs). Implementation has been
done for ccimx6 family only, where this case of old U-Boot
can happen.
Signed-off-by: Hector Palacios <hector.palacios@digi.com>
https://onedigi.atlassian.net/browse/DEL-8444
(cherry picked from commit 222a91f213)
The config file /etc/fw_env.config is generated dynamically basing on
the partition table and, in the case of NAND-based SOMs, on the NAND
geometry. This is done on a postinst script that modifies the file on the
first boot of the target. Since this is not allowed on read-only-rootfs,
this commit adds a default fw_env.config file to use instead when
read-only-rootfs is enabled.
Signed-off-by: Hector Palacios <hector.palacios@digi.com>
https://onedigi.atlassian.net/browse/DEL-7708
This is a replacement for u-boot-fw-utils. Adapt the u-boot-fw-utils patches
to this new library and include the same logic as the u-boot-fw-utils recipe
(generate and install the U-Boot environment configuration file in the rootfs)
For now, remove the u-boot-default-env dependency, since the package doesn't
exist in zeus.
https://jira.digi.com/browse/DEL-7410
Signed-off-by: Gabriel Valcazar <gabriel.valcazar@digi.com>
Javier Viguera
Gabriel Valcazar
Mike Engel
Francisco Gil
Hector Palacios
Arturo Buzarra