Device tree for Orin NX in L4T R36.3 missing nodes for tegra-se

stephen.segal · January 24, 2025, 10:58pm

I noticed on my Orin NX unit the HW crypto (tegra-se) driver wasn’t being activated, and it turns out it’s because the necessary device tree nodes are missing for that SKU but present for all others. Copying those nodes causes the HW crypto to be loaded and used.

Was this an oversight or is there a reason why these nodes are missing?

JerryChang · February 3, 2025, 2:26am

hello stephen.segal,

please see-also developer guide, Security.
may I know what’s the Jetson security function you would like to enable?

stephen.segal · February 5, 2025, 5:12pm

I was trying to enable the HW crypto engine. The device tree nodes to report the existence of the hardware to Linux are missing from tegra234-p3768-0000+p3767-xxxx-nv-common.dtsi but are present in the other similar files for other SKUs:

                       crypto@15810000 {
                               status = "okay";
                       };

                       crypto@15820000 {
                               status = "okay";
                       };

                       crypto@15840000 {
                               status = "okay";
                       };

Adding this causes the HW crypto to be available. Why were these lines missing?

JerryChang · February 6, 2025, 2:23am

hello stephen.segal,

may I know which Orin NX SKU you’re working with?
you may check the flashing logs,
for instance,
Board ID(3767) version(300) sku(0005) revision(K.2)
Chip SKU(00:00:00:D5) ramcode(00:00:00:02) fuselevel(fuselevel_production) board_FAB(300)
or… you may using $ i2cdump -f -y 0 0x50 to check the module EEPROM,

stephen.segal · February 14, 2025, 9:38pm

Board ID 3767
Board SKU 0001
revision N.2
Chip SKU is 00:00:00:D4

JerryChang · February 17, 2025, 2:25am

FYI, it’s cryptsetup utility for using Security Engine (SE) hardware for data encryption and decryption.

stephen.segal · February 18, 2025, 2:08pm

In this case, the driver is isn’t being activated, so cryptsetup will just end up using software encryption.

JerryChang · February 19, 2025, 2:05am

hello stephen.segal,

to be more specific,
although crypto engine is set to disabled, security function will use software mechanism for encryption and decryption. it does not have any functional impact.

we’ve code update to enable crypto accelerators, (i.e. crypto@15820000, crypto@15840000), crypto@15810000 has removed since it is not valid for Orin NX/Nano.
hence, for your use-case,
you may enable them from device tree manually. please expect next JP-6 public release will include those changes as well.

robdamico14 · February 21, 2025, 11:00pm

Hi @JerryChang, could you tell me if the crypto accelerators are in use in JetPack 5.1.2? If not, is there a 5.X.X release that supports them?

system · March 7, 2025, 11:01pm

This topic was automatically closed 14 days after the last reply. New replies are no longer allowed.

Topic		Replies	Views
Encryption/ decryption speeds on Orin NX Jetson Orin NX	8	65	April 28, 2025
Orin NX on Seeed J401 Crashing with custom DTB na HDMI connected Jetson Orin NX device-tree , hdmi	16	1516	October 24, 2023
Tegra_dc_assign_hw_data: no matching compatible node Jetson Orin NX kernel , board-design	4	281	June 5, 2024
Orin NX CTI Hadron TC358743 no /dev/video0 device Jetson Orin NX camera	5	609	March 12, 2024
Orin NX Security Jetson Orin NX security , nvbugs	8	1348	October 31, 2023
DP and PCIe of the Orin NX Jetson Orin NX pcie , board-design , dp-display	7	1642	May 31, 2023
Orin Jetson AGX Orin dp-display	6	2413	April 24, 2022
RT Patch for Jetpack 6 GA Jetson Orin NX preempt_rt	4	138	September 19, 2024
Tegra Security Engine Documentation Jetson Nano security	4	1129	October 18, 2021
Security Engine is Offline Jetson AGX Orin security-acceleration	4	259	June 2, 2024

Device tree for Orin NX in L4T R36.3 missing nodes for tegra-se

Related topics