I’m facing an issue with Orin NX Module. It happens when I use disk encryption with swupdate. After appying the capsule (I mean after reboot the bootloader loads the bar to complete the update.) It get corrupted and I get only.
Nope I don’t enable UEFI Secureboot now. I’ve enabled disk encryption and tried to update through swupdate. IT updates successfully and then reboots and applies the Capsule. Then it gets corrupted at all. Here is a snippet. edk2-ASSERT-debug.log (526.9 KB)
may I also confirm your commands to create generates bootloader and kernel payloads?
besides, since it’s EKS image for saving disk encryption key, did you updating your host with the latest image file before creating payload?
I’m using yocto right now and generated eks.img from Jetpack using:
python3 gen_ekb.py -chip t234 -oem_k1_key oem_k1.key
-in_sym_key sym_t234.key
-in_sym_key2 sym2_t234.key
-in_auth_key auth_t234.key
-out eks_t234.img
Then I placed the eks in my tegraflash folder and it works fine When I’m using bootslot 0. Then I update using swupdate and reboot. After waiting for uefi load update bar I see the error. I’m becomming. I don’t think That the problem in eks.img as I’m generating it from Jetpack 6 python script.
may I also confirm the Jetpack release version you’re working with,
besides, LUKS disk encryption support with a specific key. in the command-line of running gen_ekb.py, that sym2.key is equivalent to disk encryption key.
I untar a .tegraflash into a folder then replace eks.img and then burn using ./initrd-flash script. The key is working fine as it unlocks when am I on the first boot chain (0). And if I force to change the bootchain using nvbootctrl it also works fine. But When I apply the Update it fires the issue that you can see in the logs.
since initrd_flash took the images under… $OUT/Linux_for_Tegra/tools/kernel_flash/images for flashing.
you may see-also Topic 270934 for steps to update EKS image.