meta-iot2050 icon indicating copy to clipboard operation
meta-iot2050 copied to clipboard

Published 20 hours ago verified publisher icon siemens

secure-boot image not booting in iot2050 PG2 Advanced.

Open rakeshk7097 opened this issue 10 months ago • 5 comments

Hi team,

I am using the IOT2050 PG2 advanced boad and trying to boot the secure boot image(iot2050-image-swu-example-iot2050-debian-iot2050.wci) in there.

I have used the below command to generate the signed image.

  1. Using the below command to generate the signed firmware image, ./kas-container build kas-iot2050-boot.yml:kas/opt/secure-boot.yml:kas/opt/otpcmd/key-provision.yml

  2. Using below command to generate the signed UKI image. ./kas-container build kas-iot2050-swupdate.yml:kas/opt/secure-boot.yml

Currently i am using the default key which is stored in below location. meta-iot2050/recipes-devtools/secure-boot-secrets/files/

I have flashed the signed firmware image and now trying to boot the flashed wic image from USB and getting below error at boot time.

Begin: Loading essential drivers ... done.
Begin: Running /scripts/init-premount ... done.
Begin:	 ... Begin: Running /scripts/local-top ... Device /dev/mmcblk1p4 is not a valid VERITY device.
Device /dev/sda4 is not a valid VERITY device.
Device /dev/sda7 is not a valid VERITY device.
Device /dev/sda6 is not a valid VERITY device.
Begin: Waiting for IMAGE_UUID= ... [   11.503342] random: crng init done
[   21.423475] sd 0:0:0:0: [sda] tag#0 UNKNOWN(0x2003) Result: hostbyte=0x07 driverbyte=DRIVER_OK cmd_age=0s
[   21.423540] usb 3-1.1: USB disconnect, device number 4
[   21.433092] sd 0:0:0:0: [sda] tag#0 CDB: opcode=0x28 28 00 00 00 28 00 00 00 08 00
[   21.433105] I/O error, dev sda, sector 10240 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[   21.454973] device offline error, dev sda, sector 10240 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[   21.464929] Buffer I/O error on dev sda1, logical block 1024, async page read



done.
Device  does not exist or access denied.
Can't open verity rootfs - continuing will lead to a broken trust chain!
Rebooting automatically due to panic= boot argument

Attached the full boot log file. meta-iot2050_boot_log.txt

Please give any suggestions on this error.

rakeshk7097 avatar Apr 18 '24 09:04 rakeshk7097