Can runtime update sdmmc_boot partition after enabling fuse by rcm-boot NFS (or OTA upgrade)

Hi Sir/Madam,

We are considering how to upgrade Xavier after enabling fuse.
We know how to upgrade c-boot, kernel, rootfs partitions because all they are in sdmmc_user partition.

Question 1:
Once we have new c-boot, kernel, rootfs… and resign/re-encryption images, do we need to upgrade sdmmc_boot partition?

Question 2:
Could we runtime update sdmmc_boot like TX1? We are considering to upgrade system on production line without using host-pc.

I found there is TX1 document, could Xavier also supports this method?
[url]https://docs.nvidia.com/jetson/archives/l4t-archived/l4t-281/Tegra%20Linux%20Driver%20Package%20Development%20Guide/baggage/NVIDIA_Runtime_Boot_Loader_Update_Process_for_Jetson_TX1.pdf[/url]

I also found there is a topic to discuss OTA upgrade before. Is it still keeping going?
[url]https://devtalk.nvidia.com/default/topic/1055187/jetson-agx-xavier/is-there-an-existing-mechanism-for-jetson-agx-xavier-system-ota-update-/post/5348954/#5348954[/url]

Thank you

hello JasonFan,

Regarding to your Question-1,
please assign key files to perform partial update with the flash script files.
or, you could enable no-flash option to generate signed files locally, and using dd command for remote update.
for example,

$ sudo ./flash.sh --no-flash -u <keyfile> -v <sbk_keyfile> -k <partition-id> jetson-xavier mmcblk0p1

Hi JerryChang,

Thanks for your reply.
I know the command that you post. Does that mean I don’t need to upgrade sdmmc_boot partition?

Actually I just want to know how to upgrade system including kernel, cboot, rootfs even some partitions in sdmmc_boot if it is needed to upgrade by OTA. If we don’t need to upgrade sdmmc_boot partitions, we can use dd command to upgrade sdmmc_user partitions and all are done.

We also consider that to use rcm-boot to upgrade images from NFS rootfs on production line but we don’t know how to handle sdmmc_boot partition on runtime if need to upgrade sdmmc_boot.

I’m not sure if I misunderstand the TX1 document that I post previously. The document title is “runtime to upgrad bootloader” and need to upgrade sdmmc_boot as well. For Xavier(R32.2) if we generate new cboot image, do we just only need to upgrade “cpu-bootloader” and “bootloader-dtb” partitions.

hello JasonFan,

here’s documentation for Xavier’s runtime bootloader update process, please also check Bootloader Update and Redundancy.
it’s a safe bootloader update process, which ensures a workable bootloader partition remains on boot storage during an update.

according to your use-case, for example, you’ll need to update cpu-bootloader partition to apply new cboot (Xavier/r32.2) binary.
in addition,
due to the board is fused, private key needs to be provided for flashing, so that RCM components will be signed properly.
since RCM code will be signed as long as secure boot is enabled so it should be secure as other signed component, like BCT or bootloader.

BTW,
I’ll also tracking the status for JetPack OTA upgrade internally, will share the conclusion later.
thanks