How can I export the generated flash files for use with manufacturing/deployment, without supplying the PKC/SBK keys?
This is my flash command: sudo ROOTFS_ENC=1 ./flash.sh --no-flash --uefi-keys uefi_keys/uefi_keys.conf -i $sym2file -u $keyfile -v $sbkfile jetson-agx-xavier-devkit mmcblk0p1
It will generate flashcmd.txt in the bootloader directory. However, odmfuse.xml is also present, as well as the unencrypted system.img. In earlier Jetpack versions there was something in the docs about compressing the bootloader directory, however I cant find anything in the current Jetpack 5.1.1 docs about this. Is there something similar like the fuseblob.tbz2, but then for the rootfs?
you may see-also $OUT/Linux_for_Tegra/tools/kernel_flash/README_initrd_flash.txt
please refer to [Workflow 8: Secure initrd Massflash] for the steps by running l4t_initrd_flash.sh to create the mfi package.
you may see-also other workflows for reference, thanks
there’s -p <option> for passing options to flash.sh when generating the image for internal storage.
hence, you may using $ sudo ./l4t_initrd_flash.sh -p "--uefi-keys" <board-name> <rootdev>.
please kindly have a try and sharing the test results.
thanks