Any detailed tutorial/docs on encrypting the rootfs with root-of-trust / TPM / master key provided by the fuses?

Hi, I’m new to the Jetson family (and even bootloaders) and I’m looking for some pointers.

My end goal is implementing block-level encryption using dm-crypt + LUKS on the Jetson Xavier NX, using the built-in hardware root-of-trust provided by fuses and the SecureBoot system. Are there any tutorials that step through this process in detail? Nvidia has a lot of documentation describing each section in isolation but it’s not completely clear to me how the parts fit together.

In the meantime I’ve been trying to get dm-crypt working on the Jetson Nano Developer Edition, using a separate boot partition and the rootfs encrypted by dm-crypt as suggested here https://wiki.archlinux.org/index.php/Dm-crypt/Encrypting_an_entire_system#LUKS_on_a_partition. I’ve realised the /boot directory must be located in the APP partition or /dev/sda1 for the Jetson Nano U-boot to find it, everything else (the rootfs, and another copy of /boot) is a new partition.
I then edited APP/boot/extlinux/extlinux.conf to point the rootfs to the new partition’s UUID using APPEND ${cbootargs} root=PARTUUID=..., but the Jetson fails to boot - it says /mnt/proc, /mnt/sys and /mnt/dev don’t exist.

I looked at zymbit’s setup script hosted at https://s3.amazonaws.com/zk-sw-repo/mk_encr_ext_rfs.sh for guidance, and comparing with How to modify L4T-INITRD for Xavier? this suggests that I have to make modifications in initrd. Any detailed guidance on how to separate /boot and the /rootfs into 2 partitions would be appreciated.

hello vladistov,

there’s Security chapter to describes security features. it has two sub-topics: Secureboot and Trusty.
you might also access download center for Secure Boot Tools, and also check L4T sources for trusty_src.tbz2 package.
thanks

Thank you for your reply, but in both chapiter I can’t see any help to decrypt a partition on the fly by using keys on fuse. Can you provide us more information to do that ? encrypt and sign bootloader by using fuse ok, but is it possible to use secureboot to store key to decrypted rootfs ? (I am on prod module Xavier NX with eMMC) . Thank you a lot.

hello julien.moinard,

here’s EKS partition for encrypted key set; keys were encrypted and stored in storage (i.e. eMMC), decrypt them during boot.

please note that,
Secureboot is to prevent execution of unauthorized code during boot process through chain of trust.
Trusty, Secure-OS, to includes security features to ensure code and data on a device is protected.
thanks

Hello JerryChang,
Thank for your answer.
I am so sorry but I am little bit lost.

EKS partition is for secure boot and fuses ?

My idea is because my secure boot on my jetson nx prod can have encrypted bootloader so if I store another key in bootloader maybe I can use it to pass to dm-crypt to decrypt my rootfs. (of course it is not perfect because key can be read somewhere in ram)

But first of all I don’t understand secure boot witch files is secure boot u-boot, kernel ? witch files are encrypted to create secure boot ? Can you explain what is bootloader ? uboot ? in SPI flash to start board or is it in eMMC and loaded in Ram decrypted / signature is checked and start ?
Can I put a file somewere in SecureBoot (encrypt and sign with keys in fuse EKS I think ?) to decrypt later with dm-crypt ? cpu-bootloader seems to be last stage accessible can I store secret here ?

Thank you so much.
Best regards,
Julien.

hello julien.moinard,

had you refer to Security chapter, which describes the details of security features?

SecureBoot establishes the root of trust and maintains the chain of trust by authenticating each stage, boot component is signed using private key.
you may also check Jetson Xavier NX and Jetson AGX Xavier Series Boot Flow for reference,

BTW,
here’re also some similar forum discussion threads you should also check about Jetson security, thanks

• Boot flow and security
• Question about security boot?
• Data encryption using secure boot and odm_reserved fuse in Jetson Nano

Hello,

Thank you, yes I already read theses topics. But It is no clear for me.

To support Secureboot, each kernel binary and kernel-dtb binary must be signed with a signature file. CBoot authenticates the kernel binary and kernel-dtb binary with their respective signature files. CBoot assumes that a signature file is in the same folder as the corresponding binary file, and has the same filename with the extension .sig.

So when I sign and in my case encrypt the bootloader I can implement secureboot but Cboot will be sign and encrypted fine but kernel is loaded from /boot/… in same disk as rootfs so I can’t encrypt my rootfs if /boot is in same partition ? EKS partition can store sensitive data I agree but how to use dm-crypt to decrypt rootfs from key on EKS ?

CBOOT need to load kernel but it seems to be signed but I don’t understand when I use encryption, kernel is not encrypted ? It is another procedure ? Or I don’t undersand how it is works ? I need to separe /boot of the rest of rootfs ?

Thank you for your help.
Julien.

hello julien.moinard,

there’re two ways to load kernel, (1) loads from kernel partition and (2) loads from /boot/Image binary file.

it’s approach (1) taking the sign and encrypt binary for the kernel image; when you perform a flash script, it’ll doing sign and encrypt process locally and flashing that to kernel partition.

for approach (2), that’s CBoot functionality it includes a default booting scan sequence, by using extlinux.conf; you should exclude LINUX entry to have kernel image loads from kernel partition after SecureBoot has enabled.
thanks

Hello JerryChang,

You confirm me that the kernel can be signed and encrypted when used with secure boot (and flash.sh script)

Thank a lot for your answer you help me a lot and my project can continue.

Best regards.

Without wanting to abuse your kindness can you explain me a last thing ?

When I exclude, LINUX from extlinux.conf kernel image will be loaded from kernel partition but
can you tell me if initramfs was encrypted and signed too in secure boot ? It seems that no special partition exist for that purpose ? It was included in kernel partition ? or kernel need to have access to /boot/initramfs to start linux ?

Thank you so much for your gratefully help.

hello JulienMoinard,

you should load binaries from partitions if you would like to enable Jetson security feature.

this is incorrect.
while you load the kernel image by extlinux.conf configuration, it loads the kernel binary file from the LINUX entry.
the LINUX entry specify the path of kernel binary, i.e. /boot/Image, this don’t be signed and encrypted.
thanks

Dear Jerry Chang,

Sorry I think it is a misunderstanding.
Just to keep in mind, my project is to encrypt whole rootfs partition (/boot included). In this case /boot partition need to be elsewhere or not used (prefered). You explain me that I can boot kernel from another location so I am happy but my last step is to manage INITRD /boot/initrd ? Actually I am blocking here.

Question 1 : I agree with you if I follow your previous advise, if I remove LINUX entry from extlinux.conf kernel image will be loaded form kernel partition because CBoot scan and read extlinux.conf file and I can use secure Boot ? I am right ?

Question 2 :
If I want to use Secure Boot can I delete extlinux.conf file from /boot (rootfs) folder instead of just remove LINUX entry from this file ? Like that extlinux.conf can’t be read and booting from special kernel / dtbs partitions occur ? But INITRD /boot/initrd will be missing ? Do I have to keep /boot in /dev/mmcblk0p1 because Cboot use the first partition to boot I need to move my rootfs elsewere ?
.
Question 3 :
In case of secure Boot, booting from special partition, how to manage initrd present in /boot ? We need to keep initrd.img in /boot ? and It will be not signed and encrypted ? In fact, can I remove entire /boot folder because It will be not used in SecureBoot due to loading from special partitions ? (in my case /boot will be encrypted by my own with dm-crypt so /boot can’t be used anymore)

Question 4 :
I read a lot of docs and I see that Kernel-dtb need to be signed to be used with secureBoot (and I see sig file in the same folder) but I can’t read anywere that kernel, dtb is also encrypted by flash.sh script like you explain me ? Do you have references (doc etc ) ? Others partitions when encrypted have encrypted file extension. If is it encrypted on the fly by flash.sh I can’t see that on the script ?

Thank you so much.
Julien.

hello JulienMoinard,

since this topic has already marked as solved.
I think it’s worth to initial another new forum discussion thread for your questions,
once you’d create one, please also leave your topic-id here for tracking,
thanks

Ok, Thank you for you advise.

Please follow this thread to continue.