I have flashed my jetson nano with /nvidia/nvidia_sdk/JetPack_4.6.6_Linux_JETSON_NANO_TARGETS/Linux_for_Tegra/ and I want to enable the secure boot feature of jetson nano to do IP Protection or security, I have generated the private and public keys but I see that it does not contain the odmfuse.sh file to make it enabled, how to do the secure boot on jetson nano? I have also tried flashing with sdkmanager as well but unable to do secure boot.
hello suryashmic,
let me have confirmation, is it.. Jetson Nano (t210 series)?
if yes.. it’s only the module with internal eMMC version able to enable secureboot.
I am using NVIDIA Jetson Nano Developer Kit (4Gb) version, board is t210ref and the release version is R32.7.6 JetPack 4.6.5, how to do the secure boot feature enabled in this model?
Also, I have tried the secure boot enabling using the steps given in official page by the following steps
The Secure Boot process with PKC and SBK requires to:
- Generate a PKC key pair.
- Prepare an SBK key.
- Prepare KEK keys.
- Prepare the Fuse Configuration file.
- Burn fuses using
odmfuse.shscript with a Fuse Configuration file. - Flash the device with secured images.
The issue is there is no odmfuse.sh file present and the output of ls /sys/devices/platform/tegra-fuse/ is
aid device_key modalias of_node public_key reserved_odm2 reserved_odm5 sec_boot_dev_cfg subsystem arm_jtag_disable driver odm_lock pkc_disable reserved_odm0 reserved_odm3 reserved_odm6 sec_boot_dev_sel uevent
debug_authentication driver_override odm_production_mode power reserved_odm1 reserved_odm4 reserved_odm7 secure_boot_key
all these are present
hello uryashmic,
the Jetson Nano Developer Kit uses a microSD card as a boot device, which doesn’t support secureboot.
please see-also Jetson Nano FAQ, What is the difference between Jetson Developer Kits and Jetson modules?
please visit L4T page, linux-tegra-r3276 to download the secure boot package,
for instance, [Jetson Platform Fuse Burning and Secure Boot Documentation and Tools].
however, you’ll need to arrange production module to enable secureboot.
This means that we cannot do the secure boot feature enabled on the jetson nano developer kit(4gb) version due to the absence of hardware fuses, an internal emmc device?
How to do the secure boot on jetson nano developer kit?
Can we do the secure boot feature on Developer kit?
please have production module to enable secure boot.
where to get the production module? can you please provide any link or sources to see the production module of jetson nano?
please refer to.. Jetson Nano | NVIDIA Developer
I have NVIDIA Jetson nano model: P3448 180-13448-DAA-B01 NVIDIA Santa Clara corp, can i do secure boot here?
Which module of P3448 should support the secure boot feature?
hello suryashmic,
you may check whether it has internal storage, eMMC.
if yes, that’s a production module which may enable secure boot.
Yes, it does have internal emmc and it is a production module how to do the secure boot enabled on the module?
hello suryashmic,
please refer to developer guide for the Secure Boot chapter.