Question about security boot?

Dear Nvidia Team and others,

In the Jetson Security and Secure Boot tutorialhttps://www.brainshark.com/nvidia/Jetson_Security_SecureBoot?dm=5&pause=1&nrs=1,mentions a comparison below,

Name	       Description	              Location(s)	           Function(s)
IROM	    Instruction ROM (Boot ROM)	      Internal ROM	           Establish root keys
                                                                        Authenticate & Load BCT
                                                                       Authenticate and jump to MB1

MB1	        Stage 1 	             Internal SRAM               Initialize DRAM
               Boot Loader                                            Authenticate & Load MB2 to DRAM
                                                                          Bring CPU out of reset

(1) The MB1 is located in eMMC, when BPMP run, it is loaded into SRAM, right? And where is IROM loaded after BPMP runs?
(2) For TX2 devKit, the “Public Key Cryptography” is flash into eMMC, then where does SBK, KEK, SSK, DK flash into?
(3) The security boot section of l4t32.2 document note that “Once a fuse bit is set to 1, you cannot change its value back to 0”, that means we must prudently set a fuse bit, cause we can’t reverse it back no more, so how should I test those fuse bits?
(4) I want test security boot relative keys. How to generate SBK Key, DK(KEK), and ODM Fuses?

Thanks

hello garretzou,

  1. you should also refer to Jetson TX2 Boot Flow for the detail booting process.
    there’re loading and authentication flow for MB1, and copies MB1 into SysRAM. MB2 also had similar flows for authentication, but MB1 copy it into DRAM. after that, BPMP-FW own the controls.

  2. there’s hardware crypto security engine key slot for storing SBK, KEK, SSK…etc.

  3. correct, the ODM production fuse is a global lock of all the manufacturing fuses.
    please also refer to Jetson TX2 Series Fuse Specification App Note for reference.

  4. please refer to Preparing the SBK Key chapter for the details to prepare the SBK fuse bits. you may also check the key descriptions for the formats.

Dear JerryChang,

Thanks.

(1) For TX2 boot flow, upon the release of reset button, BPMP execute BootROM. I think the BootROM is hard-coded to the board EEPROM, but which place is it loaded when it is executed, internal RAM, SDRAM, or some else?

(2) Yes, I have read Preparing the SBK Key and Preparing the DK(KEK)/ODM Fuses many times, but still confused about how to make a SBK Key, DK, KEK and SSK. Should I make those keys randomly just make sure their format meet what the sections above say?

hello garretzou,

  1. please check Jetson TX2 Series Module Data Sheet, and please refer to [2.6.6 Tegra Security Controller (TSEC)] for details.

  2. yes, just make sure these key formats follow the description. you could have implementation to generate keys or you would like protect it by yourself.

Dear JerryChang,

Thanks

But I still don’t know which RAM is bootRom loaded in when BPMP runs it. I am clear that when the board is off, it stores in internal ROM. But when it is running, where the data and instruction of bootRom are loaded?

If the bootROM is loaded in a RAM, then what program initialize that RAM?

hello garretzou,

could you please check the documentation, BootROM, for the flow chart and also detail descriptions.
thanks

Dear JerryChang,

Yes, I have studied that document for a long time. As it describes, ‘The NVIDIA® Jetson™ TX2 BootROM (BR) is hard-wired in the Tegra chip,’ and ‘Upon release of reset, BPMP executes from IROM’, that means BPMP exchanges data with internal ROM directly without loading it into RAM first. But as far as I know, every program must run in RAM but not in ROM, so here I bother you.

Thanks again.

Dear JerryChang,

Sorry for my poor knowledge.

I think I find the answer in Bootrom and Booloader.