Closed ajaykarthikr closed 1 year ago
This is a duplicate of a forum post that I’ve already answered. It does not brick your pi and has no way of changing the power led. Closing.
NB There’s lots of documentation here including a full tutorial which states that you will need to provide UART logs with debug output.
If secure-boot-msd is running it's not bricked since it's able to load and run code. Can you try the previous version of pieeprom.bin works better when booting from MMC? https://github.com/raspberrypi/usbboot/commit/5b9d1057bbcf9c4fbcb92b031ea7b383fb491f5b
Hi @timg236 I will tried the latest changes, it worked well. I will try to repeat the process with a different PI. I will let you know In case there are any issues.
Closing because the MMC secure-boot fix was confirmed here https://forums.raspberrypi.com/viewtopic.php?p=2051770#p2051917
Hi, I was trying to secure boot my cm4 and the documentation. Secure boot till OTP was working and booting up. By after setting
program_pubkey=1
andrevoke_devkey=1
and flashing it. It never booted again, the ACT led did not even blink. There's no HDMI output after this.I am detailing the steps I followed exactly to provide clarity.
Cloned the Raspberry Pi OS boot files
contents of
cmdline.txt
relevant contents of
config.txt
Then generated boot.img and boot.sig using the following cmds
Then copied
boot.img
&boot.sig
into /boot of CM4Updated the EEPROM using via usbboot.
Then set nRPIBOOT to 1 and EEPROM WP protection to zero, and ran the following command.
Then, I turned on cm4, it booted up correctly after verifying the boot.sig. Things were going great till this step.
To enable OTP, edited
secure-boot-recovery/config.txt
and addedAfter this powering on cm4 doesn't work, there's no led blinking. The ACT light turns on never but never blinks.
Then I tried the recovery methods, ran this from secure-boot-recovery directory itself.
It still it did not boot up.
But I was able to get
secure-boot-msd
working but the cm4 never booted when RPIBOOT was set to 0. Is this board bricked?Is there any mistake in the steps I missed or followed. Some good documentation will help.
Note: I used same private key everywhere which I generated during start.