meta-swupdate, Yocto layer for deploy tool ========================================== This layer's purpose is to add support for a deployment mechanism of Yocto's images based on swupdate project. Layer dependencies ------------------ This layer depends on: URI: git://github.com/openembedded/meta-openembedded.git subdirectory: meta-oe Image hashing ------------- During creation of the update file, occurrences of @IMAGE (where IMAGE is an image filename) are replaced with the sha256 hash of the image. SWU image signing ------------ To enable signing: Set SWUPDATE_SIGNING = "1" Set SWUPDATE_PRIVATE_KEY to the full path of private key file sw-description is signed with the private key and the signature is writen to sw-description.sig which is included in the SWU file. Encrypted private keys are not currently supported since a secure mechanism must exist to provide the passphrase. SWU image hardware signing -------------------------- One may prefer to sign the SWU image with a hardware token or hardware security module (HSM) which doesn't expose the private key. To enable, SWUPDATE_SIGNING_ENGINE must be set to an available openssl engine. Example: SWUPDATE_SIGNING_ENGINE = "pkcs11" SWUPDATE_SIGNING_ENGINE_PATH may need to be set so that openssl can locate the engine. Example: SWUPDATE_SIGNING_ENGINE_PATH = "/usr/lib" Instead of setting SWUPDATE_PRIVATE_KEY to the full path of a file, set it to a key string recognized by the engine used. Example: SWUPDATE_PRIVATE_KEY = "pkcs11:model=SoftHSM%20v2;" \ "manufacturer=SoftHSM%20project;" \ "serial=1234567890;" \ "token=test-token;pin-value=123456;" \ "object=swupdate-test" Maintainer ---------- Stefano Babic Submitting patches ------------------ You can submit your patches (or post questions reagarding this layer to the swupdate Mailing List: swupdate@googlegroups.com When creating patches, please use something like: git format-patch -s --subject-prefix='meta-swupdate][PATCH' Please use 'git send- email' to send the generated patches to the ML to bypass changes from your mailer.