How to block RCM mode and JTAG by enabling bits in fuse blob?

Autonomous Machines Jetson & Embedded Systems Jetson AGX Xavier
#1

I am trying to block JTAG and RCM mode in production line. I should be able to block them by changing the corresponding bits in fuse blob; however, I do not know how to do it.

I find 3 references from different Nvidia resources and they do not match to each other.

  1. https://developer.download.nvidia.com/assets/embedded/secure/jetson/xavier/docs/Jetson_AGX_Xavier_Fuse_Specification_v1.0.pdf?vYoXUZO2eFPtl7n9Jafc_MLheFVPM2d0_G-6UJvwKniFSsneW15t8zOxu4QUgtOPcut8ZyIHQgY5EapAfTvDgqy-hWkuNoi6nr0hhB6Lww0KweqwELNShI9OH0kFSzn97mNeXeex1Y0HCr3QyY3SkQ-U-LjtGBId4yVEIr7eVC7pPIJV0az-GkJWBpYTB3fYfQAO8lQh

In this file, a fuse name of “FUSE_RESERVED_SW [23:0]” is described as a 24 bit long register and bit[23] can disable entry into RCM mode.

  1. Tegra Linux Driver

In this online reference, “FUSE_RESERVED_SW [23:0]” no longer exists and a new name “sw_reserved” is introduced which has only 8 bits and bits[0:1] matches to FUSE_RESERVED_SW[0:1], which is to select boot device.

  1. In odmfuse.sh, I can also find “sw_reserved”, which is however 32 bits long.

Questions:

  1. Can I block RCM mode by setting up “sw_reserved” in odmfuse.sh? I can set this up by adding “-r 0xXX” to the command for building fuseblob.
  2. If I can block RCM mode in this way, which bit I should set to 1? And what about other bits?
  3. If this is not the right place for blocking RCM mode, can you please let me know the right place and command to make it right?
  4. To block JTAG, should I simply remove “-j” from command “sudo BOARD=2888 FAB=400 BOARDSKU=0001 BOARDREV=H.0 CHIPREV=2 ./odmfuse.sh --noburn -i 0x19 -c PKC -j -p -k key/rsa_priv.pem -S key/sbk.txt jetson-xavier”
Why is Trusty only officially supported on X2 but not X1?
#2

hello liyuanzh,

  1. it’s correct that you should exclude “-j” options in fuse script to set the JTAG disabled.
  2. let me arrange resources for checking how to block RCM mode correctly.
    thanks
#3

Hello Jerry,

Thanks for your response.
The description of JTAG is quite clear in all references and thank you for confirming the solution.
For RCM mode, can you please let me know the solution ASAP? Our production line is blocked because of the unknown RCM disable method.

Your help is highly appreciated.

#4

Hello,
I am also wondering about this. Help is much appreciated :)

#6

hi all,

when you begin production and burn the ODM production fuse, secure boot is enabled, JTAG debug is disabled, and all the fuses become inaccessible except Reserved_ODM. however, Reserved_ODM fuse are programmable until it disabled by the ODM_lock fuse.

please also refer to similar discussion thread as see-also,
for example, Data encryption using secure boot and odm_reserved fuse in Jetson Nano - #7 by JerryChang
thanks

Readout protection