An internal build of openssl is compiled as part of the cst build process,
which is later linked statically to the tool. When building the nativesdk
version of cst, openssl's internal "Configure" tool chooses Yocto's nativesdk
compiler for its compilation (x86_64-deysdk-linux-gcc). However, cst's Makefile
uses host tools by default, meaning it will compile its C files with the host's
gcc and link the final binary with the host's ld. This can lead to errors due
to the Yocto nativesdk compiler including symbols in the openssl libraries that
are unknown to the host's linker.
For example, when attempting to build nativesdk-trustfence-cst in Yocto 5.0 on
Ubuntu 2020.04, the following linker error appears multiple times:
undefined reference to `__isoc23_strtol'
Fix this by making sure cst uses the same toolchain as the one used when
building the internal openssl libraries (and ultimately, when the final binary
is linked together). This doesn't affect the native version of cst, which uses
the host's toolchain.
Signed-off-by: Gabriel Valcazar <gabriel.valcazar@digi.com>
This version supports i.MX8ULP and i.MX9x devices.
NOTICE: changed the "srk_ca" parameter in ahab_pki_tree.sh from "yes" to
"no". This script is shared between cc8x and ccimx93. The imx93 does not
support that option at the moment (generation of subordinate SGK certs)
and for the cc8x we were generating them but never used them to sign
the artifacts.
Signed-off-by: Javier Viguera <javier.viguera@digi.com>
Gabriel Valcazar
Isaac Hermida
Javier Viguera