Secure boot TF-A error - BL2: Failed to load image id 1 (-80) : STM32MP2

Forum|Forum|1 year ago
November 8, 2024
1 reply
1621 views

Hi,

I am trying to boot a signed TF-A image on my STM32m257f compiled with TRUSTED_BOARD_BOOT support (Compiled in f-a-stm32mp.inc recipe from meta-st-stm32mp, mickledore branche).

When the board is powered up, i got this error:

NOTICE: CPU: STM32MP257FAI Rev.B
NOTICE: Model: STMicroelectronics STM32MP257F-EV1 Evaluation Board
NOTICE: Board: MB1936 Var1.0 Rev.C-01
NOTICE: BL2: v2.8-stm32mp2-r2.0(release):lts-v2.8.15-dirty(567af710)
NOTICE: BL2: Built : 00:51:33, Jan 26 2024
NOTICE: TRUSTED_BOARD_BOOT support enabled
ERROR: BL2: Failed to load image id 1 (-80)

I've already fuse my PKHTH with the stm32key command and my binary is signed with the right key. The board boots normally when I install a TF-A binary without TRUSTED_BOARD_BOOT support.

Do you have any idea please?

Thanks

This topic has been closed for replies.

Best answer by zakariazh

After a debug session, the problem is coming when the TF-A tries to check the hash of the fip containing the OPTEE and bootloader.

It was an error when calling cert_create tool with an empty password argument when using a private key without password. If you face this error, make sure to remove this argument if no password if used.

Thank you

Z

zakariazhAuthorAnswer

Visitor II

After a debug session, the problem is coming when the TF-A tries to check the hash of the fip containing the OPTEE and bootloader.

It was an error when calling cert_create tool with an empty password argument when using a private key without password. If you face this error, make sure to remove this argument if no password if used.

Thank you

Sign up

Login with SSO

Login to the community

Login with SSO

Scanning file for viruses.

This file cannot be downloaded