Partitions:Hi Timg236
Actually want to understand in secure boot mode enabled, while booting it will always expect boot files packaged in boot.img? if it expects boot.img as file then i have to keep the boot.img and boot.sig in boot partition correct?
In my case the boot.img gets created in build but further while creating the full sd card image (i.e. core-raspberrypi.sdimg) with boot, rootfsA, rootfsB and other partition, it unpacks content of boot.img in boot partition.
Another approach tought of, I have to name the sd card image(i.e. core-raspberrypi.sdimg) to boot.img and create boot.sig of it and copy in sd card as files is this the right approach, but this approach confuses as the sd card image size is approx 1GB and it is mention in document that boot.img cannot be greater than 180MB.
p1: BOOT
p2: ROOTFS_A
p3: ROOTFS_B
in partition p1 (BOOT) you put 2 files: boot.img and boot.sig
boot.img contains start.elf, fixup.dat, raspiberry-pi-blablabla.dtb, config.txt, cmdline.txt, and something to boot from (kernel image or example uboot.bin)
the file boot.img (FAT fs) can be max 180 MB. You want it to be as small as possible because the Pi does a SLOW sha-256 check of it, then compares it to boot.sig, after boot.sig has been rsa decrypted.
~5 MB (FAT12) boot.img is a good target but even that will take a second or so.
Statistics: Posted by wcl55 — Fri Jul 04, 2025 7:59 am