TegraBootrom¶

General status¶

It's up to the device vendor to decide if the bootrom should enforce signature or not.

Some devices and several development boards (like the Jetson boards) do not enforce code signature by default.

Fusee gelee¶

When code signature is enforced, fusee_gelee can still enable to load unsigned code through USB, as it use a bug in the USB stack, it can only be used when booting through USB.

The downside is that, to boot an unsigned and free software bootloader, you need either:

• To use another computer with some free software tools to load the free bootloader into the device that has the Tegra SOC
• To use an USB dongle when booting as mentioned in that youtube video

Beyond Fusee gelee¶

After loading a free software bootloader through USB, it might be possible to patch the bootrom, as part of it ends up being in the fuse memory region.

This is meant to fix bugs inside the bootrom, but we might also be able to use it to disable code signature completely.