Dear Nvidia,
we have an Orin AGX SoC (integrated by forecr) for which we would like to implement full disk encryption, where the key encryption key is stored in the TPM. We require Secure Boot to confirm the hardware/firmware configuration and a pre-boot authentication PIN from the user.
As a preliminary step, to get the full disk encryption working in the first place, we followed your guide on https://docs.nvidia.com/jetson/archives/r36.5/DeveloperGuide/SD/Security/DiskEncryption.html.
We were able to create the flashable file system with an encrypted partition using a dummy disk_enc.key (using default values otherwise) and successfully flash it to the board. The board was able to load the BIOS and bootloader, but was unable to continue booting because it was unable to decrypt the encrypted partition with the error “No key available with this passphrase”.
We presume this is either because we were not able to properly configure the EKS image with this key (We were unable to find the OP-TEE tools to do so), or because the system was unable to retrieve the hardware-based passphrase from nvluks-srv-app (which by default should be the UUID of the encrypted disk according to the documentation).
Do you know this passphrase retrieval issue or have any experience with OP-TEE tools? Please provide support on what is the intended way to combine full disk encryption on this ARM SoC with TPM.
Please feel free to get in touch with me directly for contact details, especially if you have any dedicated business to business support line.
Thanks and kind regards,
Pascal Engelbarts
Airbus Defence and Space GmbH
Hello @pascal.eng_ADS ,
Here are some references regarding OP-TEE and TPM from our Platform Security Manual. They describe how to enable firmware TPM (fTPM) on Jetson via OP-TEE, provision keys securely, and integrate TPM-based key sealing into the Secure Boot chain.
We hope some of these resources can help you. Feel free to reach out to us for more details.
Felipe Solano
Embedded SW Engineer at RidgeRun
Contact us: support@ridgerun.com
Developers wiki: https://developer.ridgerun.com
Website: www.ridgerun.com
1 Like
Hi @felipe.solano
Thanks for the response.
We were now able to successfully build and flash an image using the flash.sh script. The system boots from an encrypted partition. We were also able to enroll the key in the TPM2 module.
From there we were not able to proceed because we had issues building the initrd with support for tpm2 decryption. One way we found to do this apparently would be to use tpm2-tss, but in the Ubuntu 22/ Jetpack 6 installation we have this package cannot be found or installed through apt. Is this maybe a known incompatibility on ARM systems? Alternatively, is there a way to create the proper initrd during the image generation before/during the flashing process?
What would be the proper way to link a TPM key to the encrypted partition (through the initrd)?
Kind regards,
Pascal
Hello @pascal.eng_ADS
For the tpm2-tss availability, I checked in a couple of boards with Jetpack 6.x and everything seems to be fine regarding the tool. Can you please provide the output for:
apt-cache policy tpm2-tss tpm2-tools | cat
Regarding the initrd, it should be on the filesystem under Linux_for_Tegra, generated by initramfs.
Also, to link a TPM key to the encrypted partition, it should be enrolled by using LUKS, you can find some references to it here: RidgeRun Platform Security Manual - Embedded Platform Security:Disk Encryption
Feel free to contact us for more details.
Felipe Solano
Embedded SW Engineer at RidgeRun
Contact us: support@ridgerun.com
Developers wiki: https://developer.ridgerun.com
Website: www.ridgerun.com
apt search tmp2
This one looks interesting for initrd tpm2-initramfs-tool
jetson@forecrornx:~$ apt-cache policy tpm2-tools tpm2-tss | cat
tpm2-tools:
Installed: 5.2-1build1
Candidate: 5.2-1build1
Version table:
*** 5.2-1build1 500
500 http://ports.ubuntu.com/ubuntu-ports jammy/universe arm64 Packages
100 /var/lib/dpkg/status
What we do have is a package called tss2, without the tpm2.
Besides that, the following packages would be available:
tssactivatecredential tsscreate tssevictcontrol
tsshmacstart tssnvdefinespace tssobjectchangeauth
tsspolicygetdigest tsspolicyticket tssshutdown
tsscertify tsscreateek tssflushcontext
tssimaextend tssnvextend tsspcrallocate
tsspolicymaker tsspowerup tsssign
tsscertifycreation tsscreateloaded tssgetcapability
tssimport tssnvglobalwritelock tsspcrevent
tsspolicymakerpcr tssquote tsssignapp
tsschangeeps tsscreateprimary tssgetcommandauditdigest
tssimportpem tssnvincrement tsspcrextend
tsspolicynv tssreadclock tssstartauthsession
tsschangepps tssdictionaryattacklockreset tssgetrandom
tssload tssnvread tsspcrread
tsspolicynvwritten tssreadpublic tssstartup
tssclear tssdictionaryattackparameters tssgetsessionauditdigest
tssloadexternal tssnvreadlock tsspcrreset
tsspolicyor tssreturncode tssstirrandom
tssclearcontrol tssduplicate tssgettime
tssmakecredential tssnvreadpublic tsspolicyauthorize
tsspolicypassword tssrewrap tsstimepacket
tssclockrateadjust tsseccparameters tsshash
tssntc2getconfig tssnvsetbits tsspolicyauthorizenv
tsspolicypcr tssrsadecrypt tssunseal
tssclockset tssecephemeral tsshashsequencestart
tssntc2lockconfig tssnvundefinespace tsspolicyauthvalue
tsspolicyrestart tssrsaencrypt tssverifysignature
tsscommit tssencryptdecrypt tsshierarchychangeauth
tssntc2preconfig tssnvundefinespacespecial tsspolicycommandcode
tsspolicysecret tsssequencecomplete tsswriteapp
tsscontextload tsseventextend tsshierarchycontrol
tssnvcertify tssnvwrite tsspolicycountertimer
tsspolicysigned tsssequenceupdate
tsscontextsave tsseventsequencecomplete tsshmac
tssnvchangeauth tssnvwritelock tsspolicycphash
tsspolicytemplate tsssetprimarypolicy