I have16 GB emmc Xavier NX production module with reComputer J202 Carrier Board and 250 GB SSD. I have flashed the jetpack 4.6.2 through SSD M2 key with the help of sdkmanager.
I want to protect my Xavier NX from tampering with software. I have read few posts but in those cases boot was done from emmc not SSD. Can someone please clear steps so that I do not damage my Xavier in the process. thanks.
you’re having Xavier NX with internal eMMC, and this is external 250GB SSD for storage.
are you going to boot-from SSD, and also enable SecureBoot for that?
thanks
Hey Jerry,
Thanks for the reply. I am not at liberty to share the exact use case, but I can tell you that I need more space as much as possible to store the videos and images, etc for my end goal. I have read the jetsonhacks posts about boosting your production Xavier to ~10 times by transferring the rootfs to your ssd from emmc which I did earlier using their github repo..
But later I found out updated post of jetsonhacks that says, you can directly flash the jetpack on SSD (flash on NVME) from SDKmanager, so I did that.
Now coming to your question that if I am going to boot-from-SSD and secure boot also:
boot-from-ssd is already happening right ?
and second: I want to protect my production module from external tampering or reverse engineering, so I found out about secureboot through generating keys and burning fuses.
Now my question is: in all the post its mentioned that boot is happening from emmc. when I power up my Xavier module, boot will happen from SSD, so are all the steps given in this link applicable to my system ?
If not should I just flash the jetpack on my emmc instead of NVME (and then extend the storage of SSD) and follow the above steps ?
If I misunderstood something, please correct. Thank you.
so, it’s actually NVMe storage device. this must be attached before the device is booted.
please refer to Flashing to an NVMe Drive and also the steps to enable secureboot.
FYI,
please see-also tutorial video for [Jetson Security and Secure Boot].
thanks
hey Jerry,
Thanks for sharing the link of brainshark. I saw the tutorials for concepts.
but question remains unanswered: that whether booting from NVMe will follow the same secure boot process as given here ?