To build NVIDIA Yocto Project-based components

  1. Set the locale and switch the user to "nvidia" (Applicable only for NVIDIA Developer Users using the Docker containers.) 
    sudo locale-gen en_US en_US.UTF-8
    The Yocto build must launch from a non-root userid, because Yocto does not allow builds as root.
    sudo su nvidia
  2. Install the dependent packages:
    • Ensure the host system is connected to the Internet.
    • On the host, enter the following commands:
    sudo add-apt-repository ppa:openjdk-r/ppa; sudo apt-get update; sudo apt-get install openjdk-8-jdk
sudo apt-get install gawk wget git-core diffstat unzip texinfo gcc-multilib build-essential chrpath socat xterm make xsltproc docbook-utils fop dblatex xmlto manpages-pl manpages-fr-extra qemu-user libpulse-dev xxd python3-distutils
  3. Change to the build directory on the host system with the following command: 
    cd <top>/drive-linux_src/yocto

    Where <top> is the directory on the host where the release is installed.

  4. Extract the contents of nvidia-layer.tgz and oss-packages.tgz with the following command: 
    tar xzf nvidia-layer.tgz
tar xzf oss-packages.tgz
  5. Export TEMPLATECONF to use templates from the meta-drive6 layer with the following command: 
    export TEMPLATECONF=$PWD/layers/meta-drive6/conf
  6. Initialize the Yocto project build environment with the following command: 
    source oss/dunfell/poky/oe-init-build-env
  7. Select the type of Image by setting the value of IMAGE_TYPE: 
    export IMAGE_TYPE=<full|minimal|samples|debug-utils>
    • minimal : Rootfs with upstream OSS (baseline Yocto distro) and Tegra SW libraries.
    • samples : Rootfs with contents of minimal, plus DRIVE OS samples (NVmedia, Gfx etc. samples).
    • debug-utils : Rootfs with contents of minimal, plus utilities to support debug and profiling (OSS and NV-proprietary debug utils).
    • full : Superset rootfs with everything in minimal, samples and debug-utils packaged.
      Note: Default image type is set to full.
  8. Select KERNEL_CONFIG_TYPE to choose the flavor of kernel to be built 
    export KERNEL_CONFIG_TYPE=<standard|production|safety|production_debug|safety_debug>
    Note: Default KERNEL_CONFIG_TYPE is set to standard.
  9. Select COPYTARGET_VARIANT 
    export COPYTARGET_VARIANT=<standard|production|safety|production_debug|safety_debug|boot_initramfs>
    Note: Default COPYTARGET_VARIANT is set to standard for tegra-drive-os-av-image and should be set to boot_initramfs for initramfs builds.
  10. Enable network with Yocto build and download sources from upstream by setting BB_NO_NETWORK as follows: 
    export BB_NO_NETWORK='0'
  11. Build component or image, depending on the recipe, with the following command: 
    bitbake <recipe>

    Recipes of interest are:

    bitbake <recipe>

    Function / Remarks

    tegra-drive-os-av-image

    Yocto DRIVE OS AV rootfs
    tegra-initramfs-boot Cold boot initramfs
    tegra-prod-initramfs-boot Cold boot initramfs with production config
  12. Kernel Security Feature Configurations:
    1. The default kernel recipe uses prebuilt components to account for signature matching of the base kernel and Tegra kernel modules. To rebuild the base kernel from the source, launch bitbake on the linux-nvidia recipe manually
    2. SELinux support is enabled in Yocto with default mode as permissive. If you need to begin testing system behavior in enforcing mode, you must modify the DEFAULT_ENFORCING to "enforcing" in <top>/drive-linux_yocto/yocto/layers/meta-drive6/recipes-security/refpolicy/refpolicy-minimum_%.bbappend.
    3. Steps to enable read-only root filesystem and dm-verity kernel security features are described in DM-Verity and Read-Only File System Support
    Note: To disable Auto IP Assignment (APIPA) on the target, append LinkLocalAddressing=no in the [Network] section of the /etc/systemd/networkd.conf file.