External buildroot tree for Tse'na'hale based on stm32mp157f-dk2 from StMicroelectronics
board/ Tsenahale | 2 years ago | ||
buildroot-patches | 2 years ago | ||
configs | 2 years ago | ||
fs | 2 years ago | ||
packages | 2 years ago | ||
scripts | 2 years ago | ||
.gitignore | 2 years ago | ||
Config.in | 2 years ago | ||
LICENSE | 2 years ago | ||
README.md | 2 years ago | ||
changelog.md | 2 years ago | ||
external.desc | 2 years ago | ||
external.mk | 2 years ago | ||
hardware.md | 2 years ago |
This is the external Buildroot repository used to build system images and updates for the Tse'na'hale project.
The last release of this project to use ATF v2.4, u-boot 2020.10 and kernel 5.10 is 2022-07-13-v5.10-stm32mp. The following releases will use the newest components from ST.
Checkout a new release for example 2022-07-16, proceed through the build steps, then update as follows:
A changelog is available so that users and developers can quickly check what changed between releases.
This project makes use of sudo for any administrative tasks the user might wish to perform. It hence disables the root account entirely, so at least one user on the system must be added in the wheel group (see below) for sudo to be usable.
By default, the project requires you create an users table to build correctly. This was not included in the external tree, as it is considered sensitive data. For instructions on creating the table, please refer to the buildroot user manual, chapter 26. Makeusers syntax documentation.
By default the path was set to $(BR2_EXTERNAL_TSENAHALE_PATH)/board/Tsenahale/utilities/users.table.
If you do not want an user table, or don't need one, simply modify the defconfig after renaming it, and remove the line defining it.
A list of the hardware parts this project makes use of and how to connect everything together is available at this link.
Building Tse'na'hale is an easy process, though it requires decent hardware.
First install Buildroot's required dependencies. See: The buildroot user manual, chapter 2: System requirements
Then set up the required source code:
mkdir Tsenahale && cd Tsenahale wget 'https://github.com/OpenVPN/easy-rsa/releases/download/v3.0.7/EasyRSA-3.0.7.tgz' wget 'https://git.buildroot.net/buildroot/snapshot/buildroot-2022.02.2.tar.gz' tar -xf EasyRSA-3.0.7.tgz tar -xf buildroot-2022.02.2.tar.gz mv EasyRSA-3.0.7 easy-rsa mv buildroot-2022.02.2 buildroot git clone 'https://git.xogium.me/git/xogium/buildroot-Tsenahale.git' export BR2_EXTERNAL="$PWD/buildroot-Tsenahale" cd buildroot for p in ../buildroot-Tsenahale/buildroot-patches/*.patch; do patch -p1 < $p; done cd ..
Create keys for RAUC updates:
cd easy-rsa sed -i "s/extendedKeyUsage/#extendedKeyUsage/g" x509-types/code-signing ./easyrsa init-pki ./easyrsa build-ca ./easyrsa gen-req rauc ./easyrsa sign-req code-signing rauc cd .. cat >buildroot-Tsenahale/scripts/certs.sh <<EOF #!/bin/sh RAUC_CERTIFICATE_AUTHORITY="$PWD/easy-rsa/pki/ca.crt" RAUC_PRIVATE_KEY="$PWD/easy-rsa/pki/private/rauc.key" RAUC_PUBLIC_KEY="$PWD/easy-rsa/pki/issued/rauc.crt" EOF
Build the image:
cd buildroot make O=output_build tsenahale_defconfig make O=output_build -j8 cd ..
For the initial install of Buildroot you'll need to write a full system image to a micro SD.
A 16 GB micro SD card is recommended.
dd if=Tsenahale.img of=/dev/sdX
Replace sdX with the proper device node.
You can use this method to install updates, but it's much slower compared to RAUC.
To update using RAUC you'll need a server to host the files.
In this example I'll be using a web server (www.jookia.org) which serves contents from /var/www/www.jookia.org/.
First, copy RAUC bundles and keys to your server:
ls buildroot/output_build/images/ # Find the file ending in *.raucb # You can also just flash Phoenix.img using dd but it takes a long time mv buildroot/output_build/images/bundle-Tsenahale.2022-06-15.raucb /var/www/www.jookia.org/ cp $PWD/easy-rsa/pki/ca.crt /var/www/www.jookia.org/ chmod a+r /var/www/www.jookia.org/ca.crt
Install the update on the device from the server:
wget 'https://www.jookia.org/ca.crt' cp /etc/rauc/keyring.pem{,.bak} mv ca.crt /etc/rauc/keyring.pem rauc install https://www.jookia.org/bundle-Tsenahale.2022-06-15.raucb mv /etc/rauc/keyring.pem{.bak,} reboot
Future updates won't need to copy the keyring, a single 'rauc install' invocation should download and install the image without trouble.
You should now be running a system you've just built (check the kernel build date):
uname -a # Linux Tsenahale 5.10.61 #1 SMP Wed Jun 15 03:28:26 EDT 2022 armv7l GNU/Linux