Hi NV team,

Please refer to the attached log file.
Orin platform also has the same problem as in this topic：Kernl Panic：CPU:0, Error:rce-fabric, Errmon:2 Error Code : FIREWALL_ERR

I refer to the following link to turn off OEM firewall：

But it doesn’t seem to work, because the problem still exists.

My steps：
1，add below context to tegra234-mb2-bct-scr-p3701-0000-override.dts

       reg@4673 { /* CBB_CENTRAL_CBB_FIREWALL_NVCSI_ENGINE_BLF, READ_CTL */
            exclusion-info = <0>;

        reg@4674 { /* CBB_CENTRAL_CBB_FIREWALL_NVCSI_ENGINE_BLF, WRITE_CTL */
            exclusion-info = <0>;

        reg@4675 { /* CBB_CENTRAL_CBB_FIREWALL_NVCSI_ENGINE_BLF, CTL_SETTING */
            exclusion-info = <0>;

2，reflash system img

./tegraflash.py  --bl uefi_jetson_with_dtb.bin  --odmdata gbe-uphy-config-0,hsstp-lane-map-3,nvhs-uphy-config-0,hsio-uphy-config-16  --overlay_dtb L4TConfiguration.dtbo,tegra234-p3737-audio-codec-rt5658-40pin.dtbo,tegra234-p3737-overlay.dtbo,tegra234-p3701-overlay.dtbo,  --bldtb tegra234-p3701-0004-p3737-0000.dtb --applet mb1_t234_prod.bin --cmd "flash; reboot"  --cfg flash.xml --chip 0x23 --concat_cpubl_bldtb --cpubl uefi_jetson.bin --minratchet_config tegra234-mb1-bct-ratchet-p3701-0000.dts --device_config tegra234-mb1-bct-device-p3701-0000.dts --misc_config tegra234-mb1-bct-misc-p3701-0000.dts --pinmux_config tegra234-mb1-bct-pinmux-p3701-0000-a04.dtsi --gpioint_config tegra234-mb1-bct-gpioint-p3701-0000.dts --pmic_config tegra234-mb1-bct-pmic-p3701-0000.dts --pmc_config tegra234-mb1-bct-padvoltage-p3701-0000-a04.dtsi --deviceprod_config tegra234-mb1-bct-cprod-p3701-0000.dts --prod_config tegra234-mb1-bct-prod-p3701-0000.dts --scr_config tegra234-mb2-bct-scr-p3701-0000.dts --wb0sdram_config tegra234-p3701-0000-wb0sdram-l4t.dts --br_cmd_config tegra234-mb1-bct-reset-p3701-0000.dts --uphy tegra234-mb1-bct-uphylane-si.dtsi --dev_params tegra234-br-bct-p3701-0000.dts,tegra234-br-bct_b-p3701-0000.dts --mb2bct_cfg tegra234-mb2-bct-misc-p3701-0000.dts  --bins "psc_fw pscfw_t234_prod.bin; mts_mce mce_flash_o10_cr_prod.bin; mb2_applet applet_t234.bin; mb2_bootloader mb2_t234.bin; xusb_fw xusb_t234_prod.bin; dce_fw display-t234-dce.bin; nvdec nvdec_t234_prod.fw; bpmp_fw bpmp_t234-TE990M-A1_prod.bin; bpmp_fw_dtb tegra234-bpmp-3701-0004-3737-0000.dtb; sce_fw camera-rtcpu-sce.img; rce_fw camera-rtcpu-t234-rce.img; ape_fw adsp-fw.bin; spe_fw spe_t234.bin; tos tos-optee_t234.img; eks eks_t234.img"  --sdram_config tegra234-p3701-0000-sdram-l4t.dts  --secondary_gpt_backup  --bct_backup  --boot_chain A

paltform: AGX Orin
BSP: # R35 (release), REVISION: 3.1, GCID: 32827747, BOARD: t186ref

dmesg_2024-08-11_23-49-49.txt (2.2 MB)

hello future.wang,

could you please running with flash script instead of tegraflash.py.
$ sudo ./flash.sh -r jetson-agx-orin-devkit mmcblk0p1

Hi Jerry,

The problem still exists, log is attached
err.log (556.6 KB)

hello future.wang,

may I double confirm which register you’re trying to access?

Hi Jerry，

No specific registers are accessed.
The reason for this problem is that the following trace is enabled, and then the camera image is obtained using the v4l2 standard API.

This problem will not occur if tarce is not enabled!

echo 1 > /sys/kernel/debug/tracing/tracing_on
echo 30720 > /sys/kernel/debug/tracing/buffer_size_kb
echo 1 > /sys/kernel/debug/tracing/events/tegra_rtcpu/enable
echo 1 > /sys/kernel/debug/tracing/events/freertos/enable
echo 2 > /sys/kernel/debug/camrtc/log-level
echo 1 > /sys/kernel/debug/tracing/events/camera_common/enable

Specific recurrence path:

1. Enable the trace mentioned above
2. Pull the camera video stream
3. Reboot the system

The problem occurs after the reboot command is executed

hello future.wang,

actually, you don’t need to configure OEM firewall to enable VI tracing logs.
here’re steps to check tracing logs.

echo 1 > /sys/kernel/debug/tracing/tracing_on
echo 30720 > /sys/kernel/debug/tracing/buffer_size_kb
echo 1 > /sys/kernel/debug/tracing/events/tegra_rtcpu/enable
echo 1 > /sys/kernel/debug/tracing/events/freertos/enable
echo 2 > /sys/kernel/debug/camrtc/log-level
echo > /sys/kernel/debug/tracing/trace
cat /sys/kernel/debug/tracing/trace

Hi Jerry，

Maybe there is a misunderstanding.
It is not necessary to configure the firewall before enabling trace, but turning on trace will trigger the firewall to report an error.

The current problem is: I need to capture trace, but after enabling trace, it triggers the firewall to report an error. How to solve it?

hello future.wang,

that’s incorrect. we never seen OEM firewall by enabling trace.
may I double confirm your Jetpack release version, please examine with… $ cat /etc/nv_tegra_release

R35 (release), REVISION: 3.1, GCID: 32827747, BOARD: t186ref, EABI: aarch64, DATE: Sun Mar 19 15:19:21 UTC 2023

hello future.wang,

please double check your sensor driver, OEM firewall failure should only report when you’ve access to NVCSI register directly.

Hi Jerry，

When I do not enable the relevant trace log, any operation on the camera will not cause the firewall to report an error，I have tested many different camera models and all of them have this problem.

hello future.wang,

FYI, we don’t see OEM firewall errors on developer kit.
we’ve tested locally, we’ve follow the same steps to configure VI tracing logs, then launching camera for streaming.

This topic was automatically closed 14 days after the last reply. New replies are no longer allowed.