About boot and TPM

sakata-s · March 15, 2022, 5:45am

Hello, I have the following questions.

Q1.Jetson Xavier NX Product Design Guide Figure5-2 Regarding Power Up Sequence, which phase of bootloader is the timing when SYS_Reset becomes high?
(MB1 → MB2 → C-Boot)

Q2. I am thinking of writing the hash value of each bootloader to the TPM when booting the device and checking the reliability of the bootloader.
Which phase of the bootloader is the external TPM accessible?
Is it after the kernel boots?

Best regards.

JerryChang · March 15, 2022, 8:06am

hello sakata-s,

it’s mb1. please also check Jetson Xavier NX Product Design Guide for the power-on/off sequence.
may I know what’s the actual use-case, could you please also access the sources of power button firmware for reference,
thanks

sakata-s · March 15, 2022, 9:15am

Thank you for your reply, I would like to ask you the following additional questions.

Regarding Xavier NX, is it possible to modify the Cboot source code to access the external TPM?
Is it possible to access the external TPM with UEFI after Jetpack 5.0?
Regarding TX2NX,is it possible to modify Cboot or Uboot source code to access the external TPM?

JerryChang · March 16, 2022, 1:20am

hello sakata-s,

may I know what’s the action for this external TPM,
for example, is it reset the target like software commands… $ sudo reboot?

sakata-s · March 16, 2022, 10:41am

Thank you, I want to write the hash information at boot time to the external TPM.
I would like to do this somewhere in the boot.

Best regards.

sakata-s · March 24, 2022, 5:07am

Hello, how about the above question?
Best regards.

JerryChang · March 24, 2022, 8:44am

hello sakata-s,

is this external TPM a discrete TPM (i.e. dTPM) that attaches on the QSPI or I2C interface.
you may try using TPM event log, to store the hash value in the TPM event log then pass it to the kernel via device tree.
please see-also, TPM Event Log, and device tree property, linux,sml-base for reference,
thanks

sakata-s · March 28, 2022, 2:41pm

Thank you for reply. I understand about TPM.
Will the source code of UEFI implemented from Jetpack 5.0 be released? If the source code released, can the user set the interface and communicate with the external TPM by rewriting the source code?

kayccc · April 13, 2022, 3:26am

We have UEFI bootloader released at JetPAck 5.0 DP version.

system · May 4, 2022, 6:46am

This topic was automatically closed 14 days after the last reply. New replies are no longer allowed.