Partition configuration for minimal boot

sidalit · August 2, 2024, 9:05am

Hello

I have some general general questions after reading the documentation amd documentation.

General questions:

Is it possible to have minimal partitioning on Jetson Orin Nano, for example instead of having this kind of partitioning

  [02] name=A_kernel start=0 size=262144 sectors
  [03] name=A_kernel-dtb start=0 size=1536 sectors
  [04] name=A_reserved_on_user start=0 size=64768 sectors
  [05] name=B_kernel start=0 size=262144 sectors
  [06] name=B_kernel-dtb start=0 size=1536 sectors
  [07] name=B_reserved_on_user start=0 size=64768 sectors
  [08] name=recovery start=0 size=163840 sectors
  [09] name=recovery-dtb start=0 size=1024 sectors
  [10] name=esp start=0 size=131072 sectors
  [11] name=recovery_alt start=0 size=163840 sectors
  [12] name=recovery-dtb_alt start=0 size=1024 sectors
  [13] name=esp_alt start=0 size=131072 sectors
  [14] name=UDA start=0 size=819200 sectors
  [15] name=reserved start=0 size=982016 sectors
  [01] name=APP (fills to end)

and have minimal partitioning, e.g: only APP partition with kernel/initrd/dtb inside.

From my understanding, I need to configure L4T Configuration → L4T Boot Mode to Extlinux (and later on ONLY allow this value in the source code of edk2 which is UEFI launcher for Tegra boards) which means load Kernel and Initrd and dtb from /boot partition of the filesystem located in the APP partition.
For A/B support, I would only need to add APP_b partition and it should work.

I do not need recovery or boot from kernel partition according to this schema

Basically I want to allow my board to ONLY boot this schema, otherwise it fails the boot

Please consider giving some guidelines and correcting any errors in my wording/understanding of documentation or bootflow.

Thanks

KevinFFF · August 5, 2024, 10:45am

Hi sidalit,

Are you using the devkit or custom board for Orin Nano?
What’s your Jetpack version in use?

You can modify the partition layout for your use case, but we don’t support for those customization since some partition has their function. Let me take recovery partition as example, it would be used when you boot up the board failed or used in OTA update or initrd flash.

sidalit · August 5, 2024, 11:50am

Hi @KevinFFF

I am using devkit 8GB with latest jetpack 36.3.

I am concerned about security features. The end goal is to implement full secure boot chain (from ROM code to encrypted filesystem) and I would like to make sure only one boot chain is possible.
Does having these fallbacks in case of failure can increase chances of attacks?

KevinFFF · August 7, 2024, 2:15pm

Sorry that the boot-chain for A/B slot of bootloader is enabled by default for the fail-safe mechanism.

For the security, you can fuse the board first and enable Secureboot, UEFI Secureboot, Disk-encryption in your case.

sidalit · August 8, 2024, 8:18am

I understand A/B is enabled by default and this is needed for fail-safe mechanism and this is something I do not plan on removing but simplify it as much as possible.

I would like to remove the ability to boot from [ 00 00 00 00 ] - Boot GRUB and [ 02 00 00 00 ] - Boot normal kernel and DTB in partitions

which should allows me to remove the following partitions (if I understood correctly):

  [02] name=A_kernel start=0 size=262144 sectors
  [03] name=A_kernel-dtb start=0 size=1536 sectors
  [04] name=A_reserved_on_user start=0 size=64768 sectors
  [05] name=B_kernel start=0 size=262144 sectors
  [06] name=B_kernel-dtb start=0 size=1536 sectors
  [07] name=B_reserved_on_user start=0 size=64768 sectors

Another clarification I could not find in the documentation is regarding these partitions:
name=A[/B]_reserved_on_user
name=UDA
name=reserved
Could you explain what is the purpose of these partitions?

KevinFFF · August 12, 2024, 6:26am

May I know what’s your use case to remove those partitions?

You could try to customize them for your use case but we’ve verified them so that we can’t guarantee if there may be any side effect due to removing them.

It is the partition for user data. I think it should be fine to remove it.

system · September 11, 2024, 2:07am

This topic was automatically closed 14 days after the last reply. New replies are no longer allowed.

Topic		Replies	Views
ROOTFS_AB does not switch to APP_B partition Jetson Orin Nano security	8	311	June 4, 2024
Orin Nano NVIDIA Partitions Jetson Orin Nano security	3	37	August 13, 2024
Orin Nano 8Gb dev-board issues with flashing encrypted root_fs of Jetpack 5.1.2 Jetson Orin Nano reflash , security	6	248	July 30, 2024
Jetson Orin Nano Developer Kit -- Trouble Getting Started Jetson Orin Nano boot	4	1058	January 20, 2024
Orin nx ota update issue Jetson Orin NX ota	10	53	March 5, 2025
Jetpack 5.2.1 creates 15 partitions on SSD Jetson Orin NX linux	4	55	July 30, 2024
Orin Nano Use Basic Flavor Root File System system boot crash Jetson Orin Nano boot	9	45	July 26, 2024
Development solutions for nano Jetson Nano jetson	4	48	December 3, 2024
Bios Jetson Orin Nano Jetson Orin Nano uefi	18	716	October 8, 2024
Partition Explaination on Orin NX 16GB Jetson Orin NX kernel	5	686	July 5, 2023

Partition configuration for minimal boot

Related topics