For Secure boot in WP76xx module, as part of the Rootfs Signing process following files are taken from yocto build :
- mkdir output
- cp /opt/buildserver-git/Legato_Releases/WP76_R16_01/yocto/build_bin/tmp/deploy/images/swi-mdm9x28-wp/mdm9x28-image-minimal-swi-mdm9x28-wp.squashfs ./output/
- cp /opt/buildserver-git/Legato_Releases/WP76_R16_01/yocto/build_bin/tmp/deploy/images/swi-mdm9x28-wp/rootfs.hash ./output/
- cp /opt/buildserver-git/Legato_Releases/WP76_R16_01/yocto/build_bin/tmp/deploy/images/swi-mdm9x28-wp/rootfs.rhash.unsigned ./output/
These 3 files (highlighted) are used while creating the Signed Image. This has been tested and works fine. I want to extract “mdm9x28-image-minimal-swi-mdm9x28-wp.squashfs” add some additional files and repack it into the .squashfs file.
I tried the following to re-create the rootfs.hash & rootfs.rhash.unsigned files but I did not work.
I used the unsquashfs to extract data from "mdm9x28-image-minimal-swi-mdm9x28-wp.squashfs”.
I added a few test files inside the /etc and re-created the squash file.
sudo mksquashfs squashfs-root/ mdm9x28-image-minimal-swi-mdm9x28-wp.squashfs
I found some hints within the yocto build system on how to generate the rootfs.hash & rootfs.rhash.unsigned file, so I used the following commands to generate them.
This will create the file rootfs.hash and I copied the “Root Hash :xxxxx” Contents into rootfs.rhash.unsigned file
Then I used the newly created rootfs.hash, rootfs.rhash.unsigned file and mdm9x28-image-minimal-swi-mdm9x28-wp.squashfs to create the signed Image and it flashed successfully but device is not booting up due to squashfs error.
Need some help/suggestions on this. Thanks