2025-07-08 8:04 PM
How to disable ROTPK_NOT_DEPLOYED in production build?
Porting guideline https://github.com/STMicroelectronics/arm-trusted-firmware/blob/v2.6-stm32mp-r2.1/docs/getting_started/porting-guide.rst says that ROTPK_NOT_DEPLOYED This flag must not be used in a deployed production environment.
If secure boot enabled and if ROTPK_NOT_DEPLOYED flag not disabled then it gives message while boot.
NOTICE: ROTPK is not deployed on platform. Skipping ROTPK verification.
NOTICE: ROTPK is not deployed on platform. Skipping ROTPK verification.
NOTICE: ROTPK is not deployed on platform. Skipping ROTPK verification.
How to disable ROTPK_NOT_DEPLOYED in production build?
I am using STM32MP157F-DK2 board and using TFA 2.6 https://github.com/STMicroelectronics/arm-trusted-firmware/blob/v2.6-stm32mp-r2.1/plat/st/common/stm32mp_trusted_boot.c#L168.
Thank you