/secureboot-tegra

Scripts to automate tegra secureboot related steps in L4T documentation

Primary LanguageShellMIT LicenseMIT

This project contains a set of scripts to automate the secure boot process outlined in the Nvidia L4T Development Guide

The scripts are currently hard-coded to use Jetson TX2 as the target.

The scripts contain a patch provided by Matt Madison (see this link) which fixes fuse programming steps on Jetson TX2.

Downloading Packages and preparing for use

Run

./download-and-prepare-files.sh

Flashing stock image (optional)

Put your device in recovery mode, then run

./flashing-and-booting.sh

Verify your device boots successfully

Installing secureboot

Run

./installing-secureboot.sh

To install secureboot

Creating a Private Key

Follow the instructions in Generating the RSA Key Pair to generate a key file, name it rsa_priv.pem and place it in the same directory as the scripts.

Burning Fuses

Run

./burn-pkc.sh

To burn the PKC fuse on the part

Signing PKC image

Run

./signing-pkc.sh

To sign your local images

Re-flash the bootloader with signed images

Put your device in recovery mode. Run

./bootloader-flash-signed.sh

To write signed images to the part