Jetson TX2 custom C-boot boot.img authentication

Hi,

I have managed to burn TX2 fuses by using JetPack_4.2.3 [L4T 32.2.1]. Details are here.

Next I built c-boot from sources (Version 28.3). After flashing it to TX2 I got following error:

[0002.112] initializing target
[0002.115] calling apps_init()
[0002.118] starting app android_boot_app
[0002.122] I> Gpio keyboard init success
[0002.126] I> Kernel type = Normal
[0002.129] I> Loading kernel/boot.img from storage ...
[0002.134] I> A/B: bin_type (0) slot 0
[0002.137] I> Loading partition kernel at 0xa8000000
[0003.764] I> tegrabl_auth_payload: partition kernel (bin_type 0)
[0003.901] I> A/B: bin_type (1) slot 0
[0003.904] I> Loading partition kernel-dtb at 0x92000000
[0003.918] I> tegrabl_auth_payload: partition kernel-dtb (bin_type 1)
[0003.926] I> Kernel DTB @ 0x92000000
[0003.930] I> Checking boot.img header magic ... [0003.934] E> Invalid boot.img @ 0xa8000000 (header magic mismatch)
[0003.940] E> Error 361414684 failed to validate kernel
[0003.945] E> Error 361414684 loading the kernel
[0003.949] E> kernel boot failed

However if I use cboot.bin shipped in the TX2 BSP, everything works well:

[0002.034] initializing target
[0002.037] calling apps_init()
[0002.040] starting app kernel_boot_app
[0002.047] I> found decompressor handler: lz4-legacy
[0002.052] I> decompressing BMP blob ...
[0002.062] I> Kernel type = Normal
[0002.065] I> Loading kernel from partition ...
[0002.069] I> A/B: bin_type (24) slot 0
[0002.077] I> Boot image size read from image header: 2137000
[0002.082] I> Boot image load address: 0x0x80400000
[0002.087] I> Loading partition kernel at 0x80400000 from device(0x1)
[0002.838] I> Kernel hdr @0x80400000
[0002.841] I> Kernel dtb @0x80000000
[0002.845] I> T18x: Authenticate boot.img (bin_type 24), max size 0x4000000
[0002.851] I> cboot: Info: Handle RSA_SBK as RSA.[0002.940] I> T18x: Authenticate tegra194-p2888-0001-p2822-0000.dtb (bin_type 21), max size 0x100000
[0002.950] I> Checking boot.img header magic ... [0002.954] I> [OK]
[0002.956] I> Valid boot.img @ 0x80400000

I am afraid that even if I fix the issue above I will get some new ones due to c-boot sources older than nvidia used to build cboot.bin shipped in the TX2 BSP.

Do you have any public sources of c-boot for TX2 newer than 28.3 ?
I also found c-boot Version 31.1, but as I see it is for Xavier only.

My end goal is to load encrypted kernel and next encrypted rootfs.
Could you please suggest how to proceed further?

Hi,

The release of r32.x cboot is still on going.