How to do Kernel Module Signing and installation on Secure Boot on Jetson AGX Xavier. Example I have a driver module and I want install .ko file on secured Boot AGX Xavier SOM.
I am not getting exact steps to follow for jetpack 5.1.3. Please share me the complete steps for it.
Thanks!
Hi @sagarkoli159 the Kernel Module Signing for jetson is the same described on the kernel documentation.
https://www.kernel.org/doc/Documentation/admin-guide/module-signing.rst
You can follow the instruction of this developer guide to active for the kernel modules
I don’t think there are step-by-step instructions for out of the tree modules in Jetpack, but the ones used in IGX should serve as a fairly accurate guide as they are the same that in the kernel documentation.
If you have more questions, please let me know!
Best Regards,
Isaac Barrios
Embedded SW Engineer at RidgeRun
Contact us: support@ridgerun.com
Developers wiki: https://developer.ridgerun.com/
Website: www.ridgerun.com
Hello,
Thanks for visiting the NVIDIA Developer Forums.
To ensure better visibility and support, I’ve moved your post to the Jetson category where it’s more appropriate
Cheers,
Tom
hello sagarkoli159,
you’ll see below warning message if you has self-built kernel module applied.
module verification failed: signature and/or required key missing - tainting kernel
by default, kernel has the ability to load unsigned modules, but it taints the kernel as a security precaution. this tainting serves as a warning that the kernel may be running with unverified or unsafe code.
please see-also developer guide, Kernel Module Signing.
Secure Boot is another topic, you’ll need to burn a target to program fuses to enable secure boot, which will have root-of-trust start from the BootROM.
we had confirmed fuse burning and image flashing worked on Xavier series,
please see-also similar topics, such as.. Topic 158361 and Topic 117585 for reference.