1. Article purpose[edit source]
The purpose of this article is to explain how to integrate Amazon Web Service (AWS) IoT Greengrass[1] on top of OpenSTLinux, included the security part with the connection to a Hardware Security Module (a TPMv2.0).
This article explains step by step how to add the yocto "meta-demo-aws" on top of openSTLinux distribution, to configure the image to add or not the extra elements for executing the AWS greengrass certification tests.
2. Prerequisites[edit source]
2.1. Hardware prerequisites[edit source]
- STM32MP157C-DK2
- STM32MP157V-EV1
2.2. Software prerequisites[edit source]
The STM32MP1 Distribution Package must be install on your host. To do this follow the procedure described in the STM32MP157C-DK2 Let's start article.
The STM32MP157C-DK2 Discovery kit must be populated. To do this, first install the board as described in Install the STM32MP1 OpenSTLinux distribution article
2.3. Software update with meta-st-demo-aws[edit source]
1.Clone following git repository into [your STM32MP1 Distribution path]/layers/meta-st/
Template:Pc$git clone ssh://${USER}@gerrit.st.com:29418/stm32mpuapp/meta/meta-st-stm32mpu-app-aws.git meta-st-demo-aws
2.Update of the meta-security layer to support the pkcs11 with tpm2
Template:Pc$cd [your STM32MP1 Distribution path]/layers/meta-security {{Pc$}git chekout warrior
(commit : 4f7be0d252f68d8e8d442a7ed8c6e8a852872d28)
3.Enable TPM build
Apply the following patch in the file [your STM32MP1 Distribution path]/layers/meta-st/meta-st-openstlinux/conf/distro/include/openstlinux.inc
DISTRO_FEATURES_append = " tpm2 "
4.Setup the build environment
Executes the command, on the host :
Template:Pc$source [your STM32MP1 Distribution path]/layers/meta-st/scripts/envsetup.sh
Select your DISTRO (ex: openstlinux-weston) and Select the demo-aws MACHINE (ex: stm32mp1-demo-aws)
5.Build the image
In the folder [your STM32MP1 Distribution path]//build-openstlinuxweston-stm32mp1-demo-aws
Executes the command :
Template:Pc$bitbake st-image-demo-aws
3. References[edit source]