This repository contains the source files (code and documentation) of Orin Nx port of the Ghaf Framework — an open-source project for enhancing security through compartmentalization on edge devices. Other repositories that are a part of the Ghaf project:
- https://github.com/tiiuae/sbomnix: a utility that generates SBOMs given Nix derivations or out paths
- https://github.com/tiiuae/ci-public: CI/CD related files
The only difference between original Ghaf framework is that a new target for Orin Nx platform is added.
The build stage is
nix build github:emrahbillur/ghaf-for-nx#nvidia-jetson-orin-nx-debug-flash-script
It will build the Ghaf image and bootloader firmware, and prepare the flashing script. Give "yes" answers to all script questions. The building process takes around 1,5 hours. Here we do not use the flash command directly as the Orin NX does not have local EMMC but find the nixos-disk-image created and use
dd if=./nix/store/......-nixos-disk-image/nixos.img of=/dev/<YOUR_USB_DRIVE> bs=32M
to write image on USB or other device.
Scripts will be upgraded to directly copy image to storage
The Ghaf team uses several licenses to distribute software and documentation:
| License Full Name | SPDX Short Identifier | Description |
|---|---|---|
| Apache License 2.0 | Apache-2.0 | Ghaf source code. |
| Creative Commons Attribution Share Alike 4.0 International | CC-BY-SA-4.0 | Ghaf documentation. |
See LICENSE.Apache-2.0 and LICENSE.CC-BY-SA-4.0 for the full license text.