search

kubiko / imx-gadget

1 stars 5 forks source link

UC20 FDE broken #2

Closed RuhanSA079 closed 1 year ago

RuhanSA079 commented 1 year ago 
See 'systemctl status the-tool.service' for details.
[DEPEND] Dependency failed for /sysroot/writable.
[   10.060839] the-tool[286]: 2023/05/05 09:10:22.219190 main.go:63: execution error: error locking access to sealed keys: cannot run fde-reveal-key "lock":
[   10.144536] the-tool[286]: -----
[DEPEND] Dependency failed for populate-writable.service.
[   10.144782] the-tool[286]: main: fde-reveal-key entry point
[   10.180223] the-tool[286]: get_initrd_fde_request
[   10.196483] the-tool[286]: Handling operation: lock
[   10.212751] the-tool[286]: TEEC_InitializeContext fail, result=0xffff0008
[   10.228502] the-tool[286]: service result: exit-code
[   10.240759] the-tool[286]: -----
[   10.256449] the-tool[286]: error: error locking access to sealed keys: cannot run fde-reveal-key "lock":
[   10.276159] the-tool[286]: -----
[   10.288759] the-tool[286]: main: fde-reveal-key entry point
[   10.304445] the-tool[286]: get_initrd_fde_request
[   10.316729] the-tool[286]: Handling operation: lock
[   10.332458] the-tool[286]: TEEC_InitializeContext fail, result=0xffff0008
[   10.348159] the-tool[286]: service result: exit-code
[   10.360177] the-tool[286]: -----

Hello, It seems that the FDE component cannot get access to the TEEC environment, what and how can I diagnose what I am missing?

RuhanSA079 commented 1 year ago

Turns out that I did not use the correct ATF. Make sure that the correct ATF (bl31 with SPD=opteed) is used.