Hi all,
efuse_output.txt (1.8 KB) sign_flash_bootloader_output.txt (2.9 KB)
I have a jetson nano without eMMC only SD card. I tried to set the SecureBoot
I think I am successfully done with the burn eFuses part, here is the command I use and I got the output in the “efus_output.txt”
sudo ./odmfuse.sh -c PKC -k ~/rsa_priv.pem -i 0x21 -p -o 0x56E47A38C5598974BC46903DBA29034900000000000000000000000000000000
Then I tried the sign and flash the bootloader, but I got a failed error(
Boot Rom communication failed Error: Return value 3 Command tegrarcm --chip 0x21 0 --rcm rcm_list_signed.xml --skipuid Reading board information failed.).
I tried with the following command:
sudo ./flash.sh -r -x 0x21 -y PKC -u ~/rsa_priv.pem jetson-nano-emmc mmcblk0p1
The complete output please check in the attachment file, sign_flash_bootloader_output.txt.
Does anyone can help me on that? Thanks in advance!
PS. I am sure that the Jetson Nano is in recovery mode. I put a jumper over the FRC pin and connected with a USB cable with an Ubuntu16.04 laptop.
hello shengnan0509,
SecureBoot only support with eMMC, you cannot enable it with SD-card version.
thanks
Hello JerryChang,
thanks for replying, not a good news for me ;)
Currently I cannot boot the OS of my Jetson Nano. I think its because I already burn the efues there.
But I can read the SD-card(where OS is).
Is there someway to recover and boot the Jetson Nano again?
Btw, I suggest to put this important information(secureboot can"t work only with SD-card version) to the SecureBoot website
Hi JerryChang,
another question:
If I want to set SecureBoot on the Jetson Nano with eMMC and SD-card, should I put the OD in eMMC or SD-card? Or it doesn’t matter?
hello shengnan0509,
programming a fuse is non reversible,
for example, programming a fuse, such as changing a value of a fuse bit from 0 to 1, you cannot change it back as 0.
thanks
hello shengnan0509.chen,
you should works with eMMC since we do not support Jetson security with SD-card.
please check Jetson Nano Boot Flow, you may also refer to Topic 157952 for reference;
FYI,
secure boot is enabled when you begin production and burn the ODM production fuse (i.e. production_mode), it means JTAG debug is disabled, and all the fuses become inaccessible except Reserved_ODM.
however,
Reserved_ODM fuse are programmable until it disabled by the ODM_lock fuse.
thanks