We are using Linux nvflash (version 4.13.0000) and fastboot is distributed with R21.4 to flash devices based on Jetson TK1. Our next goal is to enable device security by writing PKC to the device.
Under the nvflash command-line help, there is support for security-enhanced devices with the --blob option. However, no documentation is available on how this file was created and what it contained.
The tegrarcm utility documentation shows that it can be used to generate the signed file for secure RCM communications, but it seems to create three files with the following suffixes: .qry, .ml, and .bl. Are any of these files compatible with nvflash?
Can we use nvflash to flash the device safely or do we have to use some other method?