Hello,
We are currently using scp/dd approach to flash TX2 and we would like to keep using that, if possible. With the update to R28.2, new requirement was introduced, that DTB files have to be signed/encrypted now. Best solution for us would be the one not requiring any Linux/Ubuntu binaries, however even that is an acceptable solution.
From reading the forum topics, it seemed that tegraflash.py is the tool to use to achieve this (e.g. https://devtalk.nvidia.com/default/topic/1035622/jetson-tx2/in-system-update-of-dtb-in-r28-2/1) However, I am having trouble using this tool. While it is trying to execute tegrasign (to select the proper binary), I am getting this Python exception:
command = exec_file('tegrasign')
File "...../jetpack/64_TX2/Linux_for_Tegra/bootloader/tegraflash_internal.py", line 1507, in exec_file
if values['--tegraflash_v2']:
KeyError: '--tegraflash_v2'
Checking out these Python files, it seems that --tegraflash_v2 option should be transferred from tegraflash.py to tegraflash_internal.py, however that is not happening. Not sure how is this tool meant to be used - I am hoping someone is using it for signing DTB files and maybe can share a simple example of tegraflash.py call syntax to sign a DTB file?
I tried another thing. From looking at the flash logs, it looked like DTB signing/encryption could be done using another set of tools (tegrahost, tegrasign).
./tegrahost_v2 --align file.dtb
./tegrahost_v2 --appendsigheader file.dtb zerosbk
previous produces file: file_sigheader.dtb
./tegrasign_v2 --key None --file file_sigheader.dtb
previous produces files:
file_sigheader.hash
file_sigheader_encrypt.dtb
Final step:
./tegrahost_v2 --updatesigheader file_sigheader_encrypt.dtb file_sigheader.hash zerosbk
This produces a file which has a header of proper size and looks like what it should be. However, when I upload this as a DTB file to TX2 board, it won’t boot properly. I am getting this:
[0002.760] I> Loading partition kernel-dtb at 0x92000000
[0002.772] I> tegrabl_auth_payload: partition kernel-dtb (bin_type 1)
[0002.779] C> ERROR: Highest Layer Module = 0x1d, Lowest Layer Module = 0x15,
Aux Info = 0x0, Reason = 0x1c
I apologize I’m reporting couple of related subjects in this single topic. However I need to resolve this one way or another, so trying to investigate these different approaches further seemed liked a good idea. Thanks for your time!