I get a startup error when using NVIDIA Jetson Linux 35.5.0
I/TC: Reserved shared memory is disabled
I/TC: Dynamic shared memory is enabled
I/TC: Normal World virtualization support is disabled
I/TC: Asynchronous notifications are disabled
ASSERT [FvbNorFlashStandaloneMm] /dvs/git/dirty/git-master_linux/out/nvidia/optee.t194-uefi/StandaloneMmOptee_RELEASE/edk2-nvidia/Silicon/NVIDIA/Drivers/FvbNorFlashDxe/FvbNorFlashStandaloneMm.c(868): ((BOOLEAN)(0==1))
At the same time, I used the eks.img generated by myself
may I have more details about what all security youâve enabled.
BTW,
since youâre now using r35.5.0, you may notice weâve used a sample key for OEM_K1
please refer to example.sh for op-tee tarball,
for example, echo "2d4a614e645267556b58703273357638792f423f4428472b4b6250655368566d" > oem_k1.key
please use this sample key if youâre not fusing the target for OEM_K1 fuse variable.
may I still have more details about what all security youâve enabled.
for instance, PKC, SBK, Disk EncryptionâŠetc, whatâs the combination youâve enabled?
how you generate a EKS image. did you follow the sample script, example.sh?
may I know your steps to update this binary file.
besides, are you using all the same keys within the script, or, youâre using some customize keys.
you must generate EKB according to example.sh, otherwise OP-TEE cannot decrypt EKB correctly.
this will cause the UEFI auth key to not exist, and then fail to boot up normally.
Hi JerryChang,
I found that the UEFI auth key must be set to â00000000000000000000000000000000â before it can boot. Canât I change the UEFI auth key value?
UEFI variable protection feature is always enabled, you should provide UEFI variable authentication key. otherwise UEFI will block the booting.
you may give it a try to specify auth_t234.key in EKS image for confirmation.