Partition clone in production mode

I have a question regarding Xavier NX production module (eMMC). I have already programmed fuses in the module - PKC, SBK, KEK2, and I am able to use LUKS for partition encryption. Because of the issue with Xavier NX to run it properly I needed to set it in production mode ( with -p argument).

But nevertheless I am using this module mostly as development/testing module so on my desk it has not encrypted rootfs APP partition, but when I try to clone it on host drive I have issue with flash script.

sudo ./ -u signing_key.pem -v sbk.key --user_key ./keys/user.key -r -k APP -G backup.img jetson-xavier-nx-conf mmcblk0p1

But it results in communication error.

[ 0.2112 ] Boot Rom communication
[ 0.2119 ] tegrarcm_v2 --chip 0x19 0 --rcm rcm_list_signed.xml
[ 0.2126 ] BR_CID: 0xd8021911646498000c00000009ff8180
[ 3.2188 ] RCM version 0X190001
[ 3.5416 ] Bootrom returned error 22
[ 3.5694 ] Boot Rom communication failed

I am using Jetpack 4.5.1

Thanks for any help

hello michal.kaczmarek,

SecureBoot is designed for the factory environment to execute, it must have full flashing to be used all the time.

since you have already programmed the fuses, ​the “-k” switch is not supported with the fused device.
please also check similar discussion thread for reference, Topic 59011.

1 Like

@JerryChang - Thank you for explanaition.