Verified boot stuck on Jetson-TK1?

Robotics & Edge Computing Jetson & Embedded Systems Jetson TK1
1

Dear,

To Add verified boot feature to Jetson-TK1, I followed ./u-boot/doc/uImage.FIT/verified-boot.txt.
zImage works well basically.

ITS file is …

/dts-v1/;

/ {
        description = "OS kernel image with one or more FDT blobs";
        #address-cells = <1>;

        images {
                kernel@1 {
                        description = "Kernel";
                        data = /incbin/("./zImage");
                        type = "kernel";
                        arch = "arm";
                        os = "linux";
                        compression = "none";
                        load = <0x81008000>;
                        entry = <0x81008000>;
                        kernel-version = <1>;
                        hash@1 {
                                algo = "crc32";
                        };
                        hash@2 {
                                algo = "sha1";
                        };
                };
                fdt@1 {
                        description = "Device Tree";
                        data = /incbin/("./tegra124-jetson_tk1-pm375-000-c00-00.dtb");
                        type = "flat_dt";
                        arch = "arm";
                        compression = "none";
                        fdt-version = <1>;
                        hash@1 {
                                algo = "crc32";
                        };
                        hash@2 {
                                algo = "sha1";
                        };
                };
        };
        configurations {
                default = "conf@1";
                conf@1 {
                        description = "Linux Kernel, FDT blob.";
                        kernel = "kernel@1";
                        fdt = "fdt@1";
                        signature@1 {
                                algo = "sha1,rsa2048";
                                key-name-hint = "dev";
                                sign-images = "fdt", "kernel";
                        };
                };
        };
};

When I try to boot the ITB image, booting stuck like this:

Tegra124 (Jetson TK1) # ext2load mmc 0 0x90000000 /boot/zImage_rsa_signed.itb
6099617 bytes read in 449 ms (13 MiB/s)
Tegra124 (Jetson TK1) # bootm 0x90000000
## Loading kernel from FIT Image at 90000000 ...
   Using 'conf@1' configuration
   Verifying Hash Integrity ... sha1,rsa2048:dev+ OK
   Trying 'kernel@1' kernel subimage
     Description:  Kernel
     Created:      2017-05-24  12:28:56 UTC
     Type:         Kernel Image
     Compression:  uncompressed
     Data Start:   0x900000e4
     Data Size:    6037416 Bytes = 5.8 MiB
     Architecture: ARM
     OS:           Linux
     Load Address: 0x81008000
     Entry Point:  0x81008000
     Hash algo:    crc32
     Hash value:   03016d52
     Hash algo:    sha1
     Hash value:   f88f771a166e767b449744e6a23a46c29cb544de
   Verifying Hash Integrity ... crc32+ sha1+ OK
## Loading fdt from FIT Image at 90000000 ...
   Using 'conf@1' configuration
   Trying 'fdt@1' fdt subimage
     Description:  Device Tree
     Created:      2017-05-24  12:28:56 UTC
     Type:         Flat Device Tree
     Compression:  uncompressed
     Data Start:   0x905c21bc
     Data Size:    59661 Bytes = 58.3 KiB
     Architecture: ARM
     Hash algo:    crc32
     Hash value:   45f0a467
     Hash algo:    sha1
     Hash value:   2684084a852a74579900ab37d30fd7dc54bb5e27
   Verifying Hash Integrity ... crc32+ sha1+ OK
   Booting using the fdt blob at 0x905c21bc
   Loading Kernel Image ... OK
   Using Device Tree in place at 905c21bc, end 905d3ac8

Starting kernel ...

When I modify a boot config file, /boot/extlinux/extlinux.conf, to boot standalone, console returns as follow:

TIMEOUT 30
DEFAULT primary

MENU TITLE Jetson-TK1 eMMC boot options

LABEL primary
      MENU LABEL primary kernel
      LINUX /boot/zImage_rsa_signed.itb
      FDT /boot/tegra124-jetson_tk1-pm375-000-c00-00.dtb
      APPEND console=ttyS0,115200n8 console=tty1 no_console_suspend=1 lp0_vec=2064@0xf46ff000 mem=2015M@2048M memtype=255 ddr_die=2048M@2048M section=256M pmuboard=0x0177:0x0000:0x02:0x43:0x00 tsec=32M@3913M otf_key=c75e5bb91eb3bd947560357b64422f85 usbcore.old_scheme_first=1 core_edp_mv=1150 core_edp_ma=4000 tegraid=40.1.1.0.0 debug_uartport=lsport,3 power_supply=Adapter audio_codec=rt5640 modem_id=0 android.kerneltype=normal fbcon=map:1 commchip_id=0 usb_port_owner_info=0 lane_owner_info=6 emc_max_dvfs=0 touch_id=0@0 board_info=0x0177:0x0000:0x02:0x43:0x00 net.ifnames=0 root=/dev/mmcblk0p1 rw rootwait tegraboot=sdmmc gpt

MMC: no card present
switch to partitions #0, OK
mmc0(part 0) is current device
Scanning mmc 0...
Found /boot/extlinux/extlinux.conf
Retrieving file: /boot/extlinux/extlinux.conf
842 bytes read in 316 ms (2 KiB/s)
Jetson-TK1 eMMC boot options
1:      primary kernel
Enter choice: 1:        primary kernel
Retrieving file: /boot/zImage_rsa_signed.img
6099617 bytes read in 449 ms (13 MiB/s)
append: console=ttyS0,115200n8 console=tty1 no_console_suspend=1 lp0_vec=2064@0xf46ff000 mem=2015M@2048M memtype=255 ddr_die=2048M@2048M section=256M pmuboard=0x0177:0x0000:0x02:0x43:0x00 tsec=32M@3913M otf_key=c75e5bb91eb3bd947560357b64422f85 usbcore.old_scheme_first=1 core_edp_mv=1150 core_edp_ma=4000 tegraid=40.1.1.0.0 debug_uartport=lsport,3 power_supply=Adapter audio_codec=rt5640 modem_id=0 android.kerneltype=normal fbcon=map:1 commchip_id=0 usb_port_owner_info=0 lane_owner_info=6 emc_max_dvfs=0 touch_id=0@0 board_info=0x0177:0x0000:0x02:0x43:0x00 net.ifnames=0 root=/dev/mmcblk0p1 rw rootwait tegraboot=sdmmc gpt
Retrieving file: /boot/tegra124-jetson_tk1-pm375-000-c00-00.dtb
59661 bytes read in 238 ms (244.1 KiB/s)
## Loading kernel from FIT Image at 81000000 ...
   Using 'conf@1' configuration
   Verifying Hash Integrity ... sha1,rsa2048:gooroom+ OK
   Trying 'kernel@1' kernel subimage
     Description:  Gooroom Kernel
     Created:      2017-05-24  12:28:56 UTC
     Type:         Kernel Image
     Compression:  uncompressed
     Data Start:   0x810000e4
     Data Size:    6037416 Bytes = 5.8 MiB
     Architecture: ARM
     OS:           Linux
     Load Address: 0x81008000
     Entry Point:  0x81008000
     Hash algo:    crc32
     Hash value:   03016d52
     Hash algo:    sha1
     Hash value:   f88f771a166e767b449744e6a23a46c29cb544de
   Verifying Hash Integrity ... crc32+ sha1+ OK
## Flattened Device Tree blob at 82000000
   Booting using the fdt blob at 0x82000000
   Loading Kernel Image ... OK
ERROR: new format image overwritten - must RESET the board to recover
resetting ...

Where should I investigate?

Regards,

2

Answer to my question ^^

To use bootm command at U-BOOT, bootargs should be configured!

3

I have the same problem too,can you tell me more details about “To use bootm command at U-BOOT, bootargs should be configured!”? thanks!

4

Chenlifu,

Very long time ago I did it.

If I remind what I remember, boot parameters of /boot/extlinux/extlinux.conf, that is “console=ttyS0,115200n8 console=tty1…” should be passed to bootargs of Kernel.
When you use bootm command, the extlinux.conf is not used any more.

Before this job, you would better make sure boot parameters are correct.

mipsan

5

I tried to set bootargs by the command line like " setenv bootargs “${cbootargs} root=/dev/mmcblk0p1 rw rootwait rootfstype=ext4"” in the uboot, but it sames no use, is the command not right? I got the error :
Starting kernel …

“Synchronous Abort” handler, esr 0x02000000
ELR: 800800d0
LR: fff30210

do you know how to resolve this. Thanks

6

Chenlifu,

Although I have a note what I did, it was written in Korean -_-;
Here, I simply attach u-boot logs as follow;
Kernel Image was signed by public key

Tegra124 (Jetson TK1) # setenv bootargs console=ttyS0,115200n8 console=tty1 no_console_suspend=1 lp0_vec=2064@0xf46ff000 mem=2015M@2048M memtype=255 ddr_die=2048M@2048M section=256M pmuboard=0x0177:0x0000:0x02:0x43:0x00 tsec=32M@3913M otf_key=c75e5bb91eb3bd947560357b64422f85 usbcore.old_scheme_first=1 core_edp_mv=1150 core_edp_ma=4000 tegraid=40.1.1.0.0 debug_uartport=lsport,3 power_supply=Adapter audio_codec=rt5640 modem_id=0 android.kerneltype=normal fbcon=map:1 commchip_id=0 usb_port_owner_info=0 lane_owner_info=6 emc_max_dvfs=0 touch_id=0@0 board_info=0x0177:0x0000:0x02:0x43:0x00 net.ifnames=0 root=/dev/mmcblk0p1 rw rootwait tegraboot=sdmmc gpt
Tegra124 (Jetson TK1) # ext2load mmc 0 0x90000000 /boot/zImage_rsa_signed.img
6099617 bytes read in 460 ms (12.6 MiB/s)
Tegra124 (Jetson TK1) # bootm 0x90000000
## Loading kernel from FIT Image at 90000000 ...
   Using 'conf@1' configuration
   Verifying Hash Integrity ... sha1,rsa2048:gooroom+ OK
   Trying 'kernel@1' kernel subimage
     Description:  Kernel
     Created:      2017-05-24  12:28:56 UTC
     Type:         Kernel Image
     Compression:  uncompressed
     Data Start:   0x900000e4
     Data Size:    6037416 Bytes = 5.8 MiB
     Architecture: ARM
     OS:           Linux
     Load Address: 0x81008000
     Entry Point:  0x81008000
     Hash algo:    crc32
     Hash value:   03016d52
     Hash algo:    sha1
     Hash value:   f88f771a166e767b449744e6a23a46c29cb544de
   Verifying Hash Integrity ... crc32+ sha1+ OK
## Loading fdt from FIT Image at 90000000 ...
   Using 'conf@1' configuration
   Trying 'fdt@1' fdt subimage
     Description:  Device Tree
     Created:      2017-05-24  12:28:56 UTC
     Type:         Flat Device Tree
     Compression:  uncompressed
     Data Start:   0x905c21bc
     Data Size:    59661 Bytes = 58.3 KiB
     Architecture: ARM
     Hash algo:    crc32
     Hash value:   45f0a467
     Hash algo:    sha1
     Hash value:   2684084a852a74579900ab37d30fd7dc54bb5e27
   Verifying Hash Integrity ... crc32+ sha1+ OK
   Booting using the fdt blob at 0x905c21bc
   Loading Kernel Image ... OK
   Using Device Tree in place at 905c21bc, end 905d3ac8

Starting kernel ...

[    0.000000] Booting Linux on physical CPU 0x0
[    0.000000] Initializing cgroup subsys cpu
[    0.000000] Initializing cgroup subsys cpuacct
[    0.000000] Linux version 3.10.40-ga7da876-ga7da876 (ubuntu@ubuntu-ThinkCentre-M93p) (gcc version 4.9.4 20150629 (prerelease) (crosstool-NG 1.20.0 - Linaro GCC 2015.06) ) #1 SMP PREEMPT Mon May 22 16:52:28 KST 2017

Hope it would be helpful.
Thanks

7

Thanks for your apply,
The address:0x90000000 is special ? can I use other address? I passed the bootargs to kernel on jetson-Tx2, but it was useless,maybe I should try some other address, On Jetson-tx2,the kernel`s entry address is 80080000, when I use bootm cmd,Where should i download the signed zImage by ext4load cmd.

8

Chenlifu,

0x90000000 of TK1 is DRAM space and free at u-boot. When I made a FDT blob, the blob overwrote other image.
Therefore I moved it to other address space.

You’d better make sure the address 0x90000000 of TX2 is free before use it.

To use bootm at TK1, I used ext2load to download image not ext4load.

Thanks,