I have managed to setup a redundant bootloader (r28.2), based on the instructions described in the file TX1_boot-firmware-redundancy.txt
The bootloader works as expected and can be updated using the flash.sh script (I have a custom bootloader). However, I need to be able to update it remotely, i.e. overwrite the LNX partition from the TX1, using a script and a bootloader file, generated on the host machine. U-boot is contained in boot.img. However, the actual file written is signed i.e. boot.img.signed. I have tried to generate the boot.img.signed file by using the following instruction on the host
sudo ./flash.sh --no-flash -k LNX jetson-tx1 mmcblk0p1
The script fails due to communication issues, but a folder is produced, called signed, which contais a lot of .signed files. This is where I pick up the boot.img.signed file i used to update my TX1. The bootloader is identical with the one currently flashed (using flash.sh), so I know it works. I just compile it at a later time, so that I can spot the difference. I use the following command to update the TX1, issued on the TX1
sudo dd if=boot.img.signed of=/dev/mmcblk0p3 sync sync
When I reboot, the first bootloader (KFS0) fails and it automatically boots from KFS1 instead of KFS0. I have made the necessary changes in the kernel, as described in other threads, so that the boot partitions are visible and writable.
Why does this method fail?
- Do I use the wrong file? If yes, how do I generate the boot.img.signed file?
- Do I need to flash the signed dtb as well? Again, what is the proper way of generating it.
- Do I miss any steps in the update, is my procedure wrong? If yes, what is the correct procedure to update the first bootloader in a r28.2 installation, where multiple bootloaders are enabled. Thanks in advance.