How to set DBGEN and NIDEN signals on factory-fresh Orin AGX?

stan9 · September 12, 2023, 11:54am

When I inspect the registers of trace blocks (ETM and TMC-ETR) from the CCPLEX cores, they all show debug disabled in their AUTHSTATUS registers. The board is freshly purchased from distribution and odmfuseread.sh shows all zeros for fuses.

I saw the TRM mentions some PMC DEBUG_AUTHENTICATION registers here and there (but doesn’t actually specify their address or bit fields). Is that something I should be setting from CCPLEX or via some BPMP message? Can that be done at run time?

ShaneCCC · September 19, 2023, 7:27am

Please check below document.

https://docs.nvidia.com/jetson/archives/r35.4.1/DeveloperGuide/text/AT/JetsonLinuxDevelopmentTools/DebuggingOnJetsonPlatforms.html#enabling-debugging-features-through-the-bct-configuration-file

stan9 · September 19, 2023, 2:28pm

Thanks. So even though I have not blown any security fuses, the Orin AGX is a secure target?

kayccc · September 26, 2023, 6:20am

What does this mean? What’s the concern/requirement?

linuxdev · September 26, 2023, 3:33pm

Not sure if this matters, but all partitions, other than rootfs/APP, must be signed or else they are rejected. The default is to sign with a NULL key, but it is still signed. The part which changes when you burn security fuses is that the key is no longer NULL.