tegrasign replacement for Jetson Nano for DTB file generation

arne.caspari · October 10, 2019, 4:34pm

Hi,

in an effort to get rid of the NVIDIA binaries for creating partitions/boot files/images for the Nano, I wrote a small tool that creates signed DTB files. The idea came from this posting for the TX2: Request for a tool to update device tree locally. - Jetson TX2 - NVIDIA Developer Forums

You can find my version for the Nano here:
https://gist.github.com/TIS-Arne/879f47a0310bb46ae426f1b8bb98e5f9

You could use the tool to create a signed DTB file with the partition header like this:

python mytegrasign.py --offset=560 --dtbheader tegra210-p3448-0000-p3449-0000-a02.dtb

This creates a file called tegra210-p3448-0000-p3449-0000-a02.dtb.encrypt

You can write this file to the SD-Card with dd. It belongs to the partition 10, like this:

dd if=tegra210-p3448-0000-p3449-0000-a02.dtb.encrypt of=/dev/mmcblk0p10

This should also work on the Nano itself (unlike the NVIDIA binaries), so no external development host is needed. Please keep in mind that this tool is written without deeper knowledge of the partition header format or hash generation, as I did not find any documentation on that. I tested it with a locally generated DTB file but it might still fail in other situations and lead to an unbootable system - keep a backup of your SD-Card for this case.

Any feedback is appreciated.

JerryChang · October 17, 2019, 5:41am

hello arne.caspari,

thanks for sharing, this might helps speed-up the development.
please also note that this tool should depends-on JetPack release,
if the tools broken by a future release, please consider working with host-machine via flash script as formal approach.
thanks

Shadowmind · July 10, 2020, 5:30pm

I tried to use your tool, but it generated slightly different files. See attached.

dtb.bin.txt (1 MB)
maza.dtb.encrypt.txt (194.1 KB)

The files are actually binary files. The dtb.bin file is a dump from the DTB partition. The .encrypt file was generated by your tool.

Shadowmind · July 10, 2020, 5:48pm

NVidia,

I’ve also tried the following:
#!/bin/bash

./tegrahost --chip 0x21 --align test.dtb
./tegrahost --magicid DTB --appendsigheader test.dtb test.dtb_blheader
./tegrasign --key None --file test.dtb_blheader
./tegrahost --updatesigheader test_encrypt.dtb_blheader test.hash zerosbk

It seems to generate the correct files, although what looks like the signed key is different than the one I dump from the DTB partitions. NVidia, how can I create a valid DTB partition on the PC WITHOUT connecting to the SOM?

kayccc · July 16, 2020, 6:39am

Hi Shadowmind,

Please open a new topic for your issue. Thanks

Topic		Replies	Views
Request for a tool to update device tree locally. Jetson TX2	24	3523	October 18, 2021
Nano boot process Jetson Nano	11	1623	December 22, 2019
How to update dtb without flashing on Jetson Nano production module Jetson Nano	15	4622	October 14, 2021
How to sign/encrypt DTB file with R28.2 (to update DTB via scp/dd) Jetson TX2	2	909	October 18, 2021
How to disable DTB encryption of L4T 28.2 Jetson TX2	13	1942	October 18, 2021
Building DTB on Jetson Nano Native Board Jetson Nano device-tree	5	671	January 14, 2022
Howto update DTB on Jetson Nano Jetson Nano	24	13600	August 4, 2021
DTB partition format change from R28.1 vs R28.2 Jetson TX1	7	1108	October 18, 2021
Updating the Device Tree in system without using a PC Jetson Nano device-tree	4	851	October 18, 2021
In-system update of DTB in R28.2 Jetson TX2	16	4651	March 11, 2021

tegrasign replacement for Jetson Nano for DTB file generation

Related topics