I rebuild the example image using buildroot, using my private key and replaced the output files boot.img and boot.sig (located under output/images not under output/target/images) in the secure-boot-example in the usbboot repo.
Then using my private key as KEY_FILE, I followed the secure-boot-example starting with:At this point the OS start and login as root with the empty password works.
Then I power cycle the CM4 IO board, and tried to mount the CM4 EMMC after enabling secure-boot.
the output is:
But I cannot see a new mass storage device on the host OS, so I cannot copy the boot.img and boot.sig files from the secure-boot-example folder to the mass storage drive.
What did I do wrong?
Then using my private key as KEY_FILE, I followed the secure-boot-example starting with:
Code:
./rpiboot -d recoverycd secure-boot-recovery# Generate the signed EEPROM image.../tools/update-pieeprom.sh -k "${KEY_FILE}"cd .../rpiboot -d secure-boot-recoverycd secure-boot-example../tools/rpi-eeprom-digest -i boot.img -o boot.sig -k "${KEY_FILE}"cd .../rpiboot -d secure-boot-exampleThen I power cycle the CM4 IO board, and tried to mount the CM4 EMMC after enabling secure-boot.
Code:
cd secure-boot-msd../tools/rpi-eeprom-digest -i boot.img -o boot.sig -k "${KEY_FILE}"cd .../rpiboot -d secure-boot-msdthe output is:
Code:
Loading: secure-boot-msd/bootcode4.binWaiting for BCM2835/6/7/2711/2712...Loading: secure-boot-msd/bootcode4.binSending bootcode.binSuccessful read 4 bytesWaiting for BCM2835/6/7/2711/2712...Loading: secure-boot-msd/bootcode4.binSecond stage boot serverLoading: secure-boot-msd/boot.sigFile read: boot.sigLoading: secure-boot-msd/boot.imgFile read: boot.imgSecond stage boot server doneBut I cannot see a new mass storage device on the host OS, so I cannot copy the boot.img and boot.sig files from the secure-boot-example folder to the mass storage drive.
What did I do wrong?
Statistics: Posted by SBHKoda — Thu Apr 04, 2024 9:49 am