TX1 Boot Flow Issue

(1) Is the boot flow of a board based on Nano module same as that of TX1?

(2) Can’t find Cboot source and Trusty source of jetson Nano moudle.

(3) In the section of TX1 boot flow “Development Guide 32.2 Release”, the boot flow is as following pic.


but there is a sentence saying “As soon as the CPU starts running, CBoot starts in EL3 mode and begins executing TOS. TOS completes its initialization and passes control to CBoot in EL2 mode” which means Cboot runs prior to TOS, obviously, it doesn’t match to the pic.

hello garretzou,

  1. Nano boot flow were same as TX1. according to Jetson Nano Module Data Sheet, you’ll found that Nano were based-on the NVIDIA® Tegra® X1 series SoC.

  2. could you please share your use-case for asking cboot and trusty source. since we only release L4T C-boot Source for TX2, and Jetson AGX Xavier.

  3. you should also note that that flow chart did not include the chain-of-trust.
    due to TOS includes secure monitor that would initial trusty kernel.
    you may setup serial console and check the bootloader messages for the process in detail.
    for example,

[0000.250] [L4T TegraBoot] (version 00.00.2018.01-l4t-de525542)
[0000.256] Processing in cold boot mode Bootloader 2
...
[0001.244] Bpmp FW successfully loaded
[0001.249] WB0 init successfully at 0xff780000
[0001.253] Set NvDecSticky Bits
[0001.257] GSC2 address ff53fffc value c0edbbcc
[0001.263] GSC MC Settings done
[0001.267] TOS Image length 53680
[0001.270]  Monitor size 53680
[0001.273]  OS size 0
[0001.278] Secure Os AES-CMAC Verification Success!
...
[0001.635] Welcome to L4T Cboot
[0001.638] 
[0001.639] Cboot Version: 00.00.2018.01-t210-40c3ff9c

Dear JerryWang,

Thanks

For my asking cboot and trusty sources, I just want to step into the world of trustZone a little further in case our product will need to do some security work.

And in another topic, Open Trusted Environment (TLK) on Jetson Nano, what you said “TrustedOS is a TX2 and Xavier only feature.” makes me confused. Cause here TOS also runs on tx1/Nano.

hello garretzou,

as I mentioned in comment #2, please access the sources from download center for study purpose.

you’ll found the TOS being called during booting because there’re some implementation to enable Trusty for TX1 series.
however, it is not ready for public, and I don’t have release plan for that.
you may also check the documentation, Trusty, a Trusted Execution Environment which still only cover with TX2 and AGX Xavier.

again, please access Jetson Download Center for public sources for the study purpose.
thanks

Dear JerryChang,

Thanks a lot.

Here list several questions as follows,

  1. Not clear about “fuses handled by L4T Secureboot” and “Fuses handled by the user”?

  2. We want encrypt the Bootloader (and TOS) of Nano module devices, can we do that?

  3. The Example table fuses handled by L4T Secureboot as follows,


    Why pkc_disable has no T186, and in the default column T210 is listed only in
    pkc_disable and device_key. Does it means we can only burn the two key fuses to TX1/Nano?
    But I found the SBK in the secure boot slide as below,

hello garretzou,

fuses handled by L4T Secureboot means perform odmfuse.sh to burn fuse.
you should consider handled by the user as it was complete by ODM field.
ODM field play the final step to lock/protect the content before production.

I’m assume you would like to encrypt u-boot, is it correct?

because you should lock fuse with PKC encryption for T186, you could also enable PKC+SBK on it.
also, according to Preparing the SBK Key, you must prepare the SBK fuse bits if you want to encrypt Bootloader (and TOS).

please note that T210 using Device Key (DK), for security applications.
moreover,
suggest you should also access Fuse Specification App Notes and check the details.
thanks

Dear JerryChang,

Thanks for your detail reply.

Yes, we want to encrypt the u-boot of Nano module.

(1) Here seem TOS can be abandoned from my final product based on the Nano module, cause TEE of Nvidia is not for T210?

(2) What’s more, now that Device key can be used for security applications, why TOS is added to TX1 for Implement a New Trusted Application? I also don’t understand that what the difference between security applications owe to device key and Trusted application implemented by TOS.

(3) Follow the “odmflash.sh --help”, I use below command,

sudo bash ./odmfuse.sh --noburn  -i 0x21 -c PKC -k ./rsa_priv.pem -D device.key -o 1-0x44221133 -o 0-0x43424efc  -S sbk.key

and fill the bootloader/odmfuse_pkc.xml as below,

<genericfuse MagicId="0x46555345" version="1.0.0">                                                                                             
<fuse name="JtagDisable" size="4" value="0x1" />                                                    
<fuse name="ReservedOdm" size="32" value="0-0x43424efc" />                                          
<fuse name="DeviceKey" size="8" value="0xe90a394b" />                                               
<fuse name="SecureBootKey" size="16" value="0x72fed2a398badcfef0debc9acefaa375" />                  
<fuse name="PublicKeyHash" size="32" value="0x02a4442626736fd64382e7e255d39d5748f69b7fd7e228465ca1b668cf59d830" />
</genericfuse>

that means we can flash Device Key fuses and SBK fuses to T210 simultaneously. Seem we can use SBK for encrypt bootloader of TX1/Nano, right?

One more thing, I am worried about make the board a brick after I flash some fuse bits, cause the the fuse bits can’t be reversely written.

hello garretzou,

please refer to Flashing U-Boot Only session, the kernel (LNX) partition contains U-Boot binary.
also, you may review the flashing console logs.
that’s already encrypted.

[  14.7134 ] Flashing the device
[  14.7146 ] tegradevflash --pt flash.xml.bin --storageinfo storage_info.bin --create
[ 260.9648 ] Writing partition LNX with boot.img<b>.encrypt</b>
[ 261.0345 ] [................................................] 100%

currently we’re not support to enable secure OS on TX1 series,
you should also found Trusty, a Trusted Execution Environment chapter that only Applies to: Jetson AGX Xavier and TX2 devices.
thanks

Dear JerryChang,
Thank you so much.

That means no matter what u-boot it is, the uboot is automatically encrypted? If so, the SBK is only for TOS, but TOS in TX1 seem meanless, so SBK isn’t needed any more, right?

The device key is used to encrypted application, seem do the same thing like Implement a New Trusted Application, correct?

hello garretzou,

according to Preparing the SBK Key.
you’ll still need to preparing the SBK Key to encrypt Bootloader, i.e. u-boot.

you should note that the extension “.encrypt” means signing with SBK key.
if you did not assign SBK, the key is all zeros, which means the encryption does not really happened.
thanks