Hi all,
I want to customize the kernel but I have a problem.

I downloaded the kernel code from
https://developer.nvidia.com/embedded/l4t/r34_release_v1.0/sources/public_sources.tbz2

and I downloaded L4T Driver Package (Linux_for_Tegra) from
https://developer.nvidia.com/embedded/l4t/r34_release_v1.0/release/jetson_linux_r34.1.0_aarch64.tbz2

I want to put a compiled kernel into AGX Orin board. I did kernel compile and I found that kernel image has built without an error. After that, to sign the kernel image, I copied that image to folder in Linux_for_Tegra.
: cp {$KERNEL_SRC_PATH}/build/arch/arm64/boot/Image Linux_for_Tegra/kernel/

And, I ran the following command to sign the compiled kernel image.
: sudo ./flash.sh --no-flash -k kernel jetson-agx-orin-devkit mmcblk0p1

However, it shows an error. I attach the log.

###############################################################################

L4T BSP Information:

R34 , REVISION: 1.0

###############################################################################
Board ID() version() sku() revision()
copying bctfile(/home/jw.cs.park/NVIDIA-Kernels/Linux_for_Tegra/bootloader/t186ref/BCT/tegra234-p3701-0000-p3737-0000-TE990M-sdram.dts)… done.
copying device_config(/home/jw.cs.park/NVIDIA-Kernels/Linux_for_Tegra/bootloader/t186ref/BCT/tegra234-mb1-bct-device-p3701-0000.dts)… done.
copying misc_config(/home/jw.cs.park/NVIDIA-Kernels/Linux_for_Tegra/bootloader/t186ref/BCT/tegra234-mb1-bct-misc-p3701-0000.dts)… done.
copying pinmux_config(/home/jw.cs.park/NVIDIA-Kernels/Linux_for_Tegra/bootloader/t186ref/BCT/tegra234-mb1-bct-pinmux-p3701-0000.dtsi)… done.
copying gpioint_config(/home/jw.cs.park/NVIDIA-Kernels/Linux_for_Tegra/bootloader/t186ref/BCT/tegra234-mb1-bct-gpioint-p3701-0000.dts)… done.
copying pmic_config(/home/jw.cs.park/NVIDIA-Kernels/Linux_for_Tegra/bootloader/t186ref/BCT/tegra234-mb1-bct-pmic-p3701-0000.dts)… done.
copying pmc_config(/home/jw.cs.park/NVIDIA-Kernels/Linux_for_Tegra/bootloader/t186ref/BCT/tegra234-mb1-bct-padvoltage-p3701-0000.dtsi)… done.
copying deviceprod_config(/home/jw.cs.park/NVIDIA-Kernels/Linux_for_Tegra/bootloader/t186ref/BCT/tegra234-mb1-bct-cprod-p3701-0000.dts)… done.
copying prod_config(/home/jw.cs.park/NVIDIA-Kernels/Linux_for_Tegra/bootloader/t186ref/BCT/tegra234-mb1-bct-prod-p3701-0000.dts)… done.
copying wb0sdram(/home/jw.cs.park/NVIDIA-Kernels/Linux_for_Tegra/bootloader/t186ref/BCT/tegra234-p3701-0000-p3737-0000-TE990M-wb0sdram.dts)… done.
copying bootrom_config(/home/jw.cs.park/NVIDIA-Kernels/Linux_for_Tegra/bootloader/t186ref/BCT/tegra234-mb1-bct-reset-p3701-0000.dts)… done.
copying dev_params(/home/jw.cs.park/NVIDIA-Kernels/Linux_for_Tegra/bootloader/t186ref/BCT/tegra234-br-bct-p3701-0000.dts)… done.
copying mb2bct_cfg(/home/jw.cs.park/NVIDIA-Kernels/Linux_for_Tegra/bootloader/t186ref/BCT/tegra234-mb2-bct-misc-p3701-0000.dts)… done.
Existing pscfwfile(/home/jw.cs.park/NVIDIA-Kernels/Linux_for_Tegra/bootloader/pscfw_t234_prod.bin) reused.
Existing pscbl1file(/home/jw.cs.park/NVIDIA-Kernels/Linux_for_Tegra/bootloader/psc_bl1_t234_prod.bin) reused.
Existing mtsmcefile(/home/jw.cs.park/NVIDIA-Kernels/Linux_for_Tegra/bootloader/mce_flash_o10_cr_prod.bin) reused.
Existing mb2applet(/home/jw.cs.park/NVIDIA-Kernels/Linux_for_Tegra/bootloader/applet_t234.bin) reused.
Existing bootloader(/home/jw.cs.park/NVIDIA-Kernels/Linux_for_Tegra/bootloader/mb2_t234.bin) reused.
copying initrd(/home/jw.cs.park/NVIDIA-Kernels/Linux_for_Tegra/bootloader/l4t_initrd.img)… done.
Making Boot image… done.
Existing sosfile(/home/jw.cs.park/NVIDIA-Kernels/Linux_for_Tegra/bootloader/mb1_t234_prod.bin) reused.
Existing tegraboot(/home/jw.cs.park/NVIDIA-Kernels/Linux_for_Tegra/bootloader/mb2_t234.bin) reused.
Existing cpu_bootloader(/home/jw.cs.park/NVIDIA-Kernels/Linux_for_Tegra/bootloader/mb2_t234.bin) reused.
Existing mb2blfile(/home/jw.cs.park/NVIDIA-Kernels/Linux_for_Tegra/bootloader/mb2_t234.bin) reused.
Existing xusbfile(/home/jw.cs.park/NVIDIA-Kernels/Linux_for_Tegra/bootloader/xusb_t234_prod.bin) reused.
Existing dcefile(/home/jw.cs.park/NVIDIA-Kernels/Linux_for_Tegra/bootloader/dce.bin) reused.
Existing nvdecfile(/home/jw.cs.park/NVIDIA-Kernels/Linux_for_Tegra/bootloader/nvdec_t234_prod.fw) reused.
Existing psc_rf(/home/jw.cs.park/NVIDIA-Kernels/Linux_for_Tegra/bootloader/psc_rf_t234_prod.bin) reused.
Existing mb2_rf(/home/jw.cs.park/NVIDIA-Kernels/Linux_for_Tegra/bootloader/nvtboot_cpurf_t234.bin) reused.
Existing mb1file(/home/jw.cs.park/NVIDIA-Kernels/Linux_for_Tegra/bootloader/mb1_t234_prod.bin) reused.
Existing bpffile(/home/jw.cs.park/NVIDIA-Kernels/Linux_for_Tegra/bootloader/bpmp_t234-TE990M-A1_prod.bin) reused.
copying bpfdtbfile(/home/jw.cs.park/NVIDIA-Kernels/Linux_for_Tegra/bootloader/t186ref/tegra234-bpmp-3701-0000-3737-0000.dtb)… done.
Existing scefile(/home/jw.cs.park/NVIDIA-Kernels/Linux_for_Tegra/bootloader/camera-rtcpu-sce.img) reused.
Existing camerafw(/home/jw.cs.park/NVIDIA-Kernels/Linux_for_Tegra/bootloader/camera-rtcpu-t234-rce.img) reused.
Existing apefile(/home/jw.cs.park/NVIDIA-Kernels/Linux_for_Tegra/bootloader/adsp-fw.bin) reused.
Existing spefile(/home/jw.cs.park/NVIDIA-Kernels/Linux_for_Tegra/bootloader/spe_t234.bin) reused.
Existing wb0boot(/home/jw.cs.park/NVIDIA-Kernels/Linux_for_Tegra/bootloader/sc7_t234_prod.bin) reused.
Existing tosfile(/home/jw.cs.park/NVIDIA-Kernels/Linux_for_Tegra/bootloader/tos-mon-only_t234.img) reused.
Existing eksfile(/home/jw.cs.park/NVIDIA-Kernels/Linux_for_Tegra/bootloader/eks.img) reused.
copying dtbfile(/home/jw.cs.park/NVIDIA-Kernels/Linux_for_Tegra/kernel/dtb/tegra234-p3701-0000-p3737-0000.dtb)… done.
Copying nv_boot_control.conf to rootfs
sed: can’t read /home/jw.cs.park/NVIDIA-Kernels/Linux_for_Tegra/rootfs/etc/nv_boot_control.conf: Not a directory
sed: can’t read /home/jw.cs.park/NVIDIA-Kernels/Linux_for_Tegra/rootfs/etc/nv_boot_control.conf: Not a directory
sed: can’t read /home/jw.cs.park/NVIDIA-Kernels/Linux_for_Tegra/rootfs/etc/nv_boot_control.conf: Not a directory
sed: can’t read /home/jw.cs.park/NVIDIA-Kernels/Linux_for_Tegra/rootfs/etc/nv_boot_control.conf: Not a directory
sed: can’t read /home/jw.cs.park/NVIDIA-Kernels/Linux_for_Tegra/rootfs/etc/nv_boot_control.conf: Not a directory
sed: can’t read /home/jw.cs.park/NVIDIA-Kernels/Linux_for_Tegra/rootfs/etc/nv_boot_control.conf: Not a directory
sed: can’t read /home/jw.cs.park/NVIDIA-Kernels/Linux_for_Tegra/rootfs/etc/nv_boot_control.conf: Not a directory
sed: can’t read /home/jw.cs.park/NVIDIA-Kernels/Linux_for_Tegra/rootfs/etc/nv_boot_control.conf: Not a directory
populating kernel to rootfs… done.
populating initrd to rootfs… done.
populating kernel_tegra234-p3701-0000-p3737-0000.dtb to rootfs… done.
Existing tbcfile(/home/jw.cs.park/NVIDIA-Kernels/Linux_for_Tegra/bootloader/uefi_jetson.bin) reused.
131072+0 records in
131072+0 records out
67108864 bytes (67 MB, 64 MiB) copied, 0.175233 s, 383 MB/s
Sync’ing esp.img … done.
copying tbcdtbfile(/home/jw.cs.park/NVIDIA-Kernels/Linux_for_Tegra/kernel/dtb/tegra234-p3701-0000-p3737-0000.dtb)… done.
copying cfgfile(/home/jw.cs.park/NVIDIA-Kernels/Linux_for_Tegra/bootloader/t186ref/cfg/flash_t234_qspi_sdmmc.xml) to flash.xml… done.
Existing flashapp(/home/jw.cs.park/NVIDIA-Kernels/Linux_for_Tegra/bootloader/tegraflash.py) reused.
*** Signing boot.img ***
Existing overlay_dtb(/home/jw.cs.park/NVIDIA-Kernels/Linux_for_Tegra/bootloader/tegra234-p3737-overlay-pcie.dtbo) reused.
Existing overlay_dtb(/home/jw.cs.park/NVIDIA-Kernels/Linux_for_Tegra/bootloader/tegra234-p3737-audio-codec-rt5658-40pin.dtbo) reused.
Existing overlay_dtb(/home/jw.cs.park/NVIDIA-Kernels/Linux_for_Tegra/bootloader/tegra234-p3737-a04-overlay.dtbo) reused.
Existing overlay_dtb(/home/jw.cs.park/NVIDIA-Kernels/Linux_for_Tegra/bootloader/tegra234-p3737-camera-dual-imx274-overlay.dtbo) reused.
Existing overlay_dtb(/home/jw.cs.park/NVIDIA-Kernels/Linux_for_Tegra/bootloader/tegra234-p3737-camera-e3331-overlay.dtbo) reused.
Existing overlay_dtb(/home/jw.cs.park/NVIDIA-Kernels/Linux_for_Tegra/bootloader/tegra234-p3737-camera-e3333-overlay.dtbo) reused.
Existing overlay_dtb(/home/jw.cs.park/NVIDIA-Kernels/Linux_for_Tegra/bootloader/tegra234-p3737-camera-imx185-overlay.dtbo) reused.
Existing overlay_dtb(/home/jw.cs.park/NVIDIA-Kernels/Linux_for_Tegra/bootloader/tegra234-p3737-camera-imx390-overlay.dtbo) reused.
./tegraflash.py --chip 0x23 --cmd “sign boot.img”
Welcome to Tegra Flash
version 1.0.0
Type ? or help for help and q or quit to exit
Use ! to execute system commands

[ 0.0065 ] tegrasign_v3.py --key None --getmode mode.txt
[ 0.0066 ] Assuming zero filled SBK key
Traceback (most recent call last):
File “./tegraflash.py”, line 1360, in
tegraflash_run_commands()
File “./tegraflash.py”, line 1208, in tegraflash_run_commands
interpreter.onecmd(command)
File “/usr/lib/python3.6/cmd.py”, line 217, in onecmd
return func(arg)
File “./tegraflash.py”, line 720, in do_sign
self.chip_inst.tegraflash_sign(exports, args)
File “/home/jw.cs.park/NVIDIA-Kernels/Linux_for_Tegra/bootloader/tegraflash_impl_t234.py”, line 2347, in tegraflash_sign
file_list = [values[‘–rawkerneldtb’], values[‘–kerneldtb’], values[‘–mb2_bct’], values[‘–mb2_cold_boot_bct’], self.tegrabct_values[‘–membct_rcm’], self.tegrabct_values[‘–membct_cold_boot’]]
KeyError: ‘–rawkerneldtb’
Failed to flash/read t186ref.

I found the webpage that says Secure Boot will be supported in the next public release
Secure Boot — Jetson Linux
Developer Guide 34.1 documentation (nvidia.com)

So my question is, is it possible to sign a compiled kernel with JetPack 5.0 Developer Preview?
If it is possible, How to sign it?

Thank you in advance.

Hi,
SecureBoot is not ready on 5.0 DP. Please wait for next production release.

Basically you should be able to build kernel and flash to the system.

Thank you. I succeeded to flash the built kernel.
I copied files in Linux_for_Tegra/rootfs/boot/ to the system.

This topic was automatically closed 14 days after the last reply. New replies are no longer allowed.