[Jetson Orin Nano] [OTA] [35.5.0][36.3] Failed to boot after OTA upgrade from 35.5.0 to 36.3

Hi Nvidia team,
I’m trying to use OTA upgrade from 35.5.0 to 36.3 with ENC=1 and ROOTFS_AB=1
Here is my step to generate OTA payload

• generate new eks_t234.img by update example.sh(change echo “f0e0d0c0b0a001020304050607080900” > sym2_t234.key)
• echo “f0e0d0c0b0a001020304050607080900” > disk_enc.key
• sudo -E ROOTFS_AB=1 ROOTFS_ENC=1 ./tools/ota_tools/version_upgrade/l4t_generate_ota_package.sh --external-device nvme0n1 -i disk_enc.key jetson-orin-nano-devkit R35-5

After successfully upadate OTA and update UEFI, I met that issue and stuck at boot
I/TC: Non-secure external DT found
I/TC: OP-TEE version: 3.22 (gcc version 11.3.0 (Buildroot 2022.08)) #2 Mon May 6 17:07:49 UTC 2024 aarch64
I/TC: WARNING: This OP-TEE configuration might be insecure!
I/TC: WARNING: Please check Porting guidelines — OP-TEE documentation documentation
I/TC: Primary CPU initializing
I/TC: Test OEM keys are being used. This is insecure for shipping products!
I/TC: Primary CPU switching to normal world boot
▒▒
Jetson UEFI firmware (version 36.3.0-gcid-36191598 built on 2024-05-06T16:58:59+00:00)

▒▒I/TC: Reserved shared memory is disabled
I/TC: Dynamic shared memory is enabled
I/TC: Normal World virtualization support is disabled
I/TC: Asynchronous notifications are disabled

ASSERT [FvbNorFlashStandaloneMm] /out/nvidia/optee.t234-uefi/StandaloneMmOptee_RELEASE/edk2-nvidia/Silicon/NVIDIA/Drivers/FvbNorFlashDxe/FvbNorFlashStandaloneMm.c(937): ((BOOLEAN)(0==1))

Please help me take a look on it.
Do i need update eks_t234 with new parameters? I just updated sym2_t234.key and everything is 0s for all keys as default

Thank you in advance!

Hi anhhao.hcmus,

Are you using the devkit or custom board for Orin Nano?

It seems a known issue in UEFI of R36.3 and should be fixed in the next release.
Currently, please just use initrd flash to flash your board with JP6.0GA + disk-encryption + redundant rootfs enabled.

Hi Kevin,
I’m using devkit.
our production is using 35.5.0 and want to OTA upgrade to 36.3 in the future.

BR//
Hao

Hi Kevin,
After update eks_t234.img, I can update successfully to a new slot.
But On fused device, I updated the eks_t234.img and
using this command :
sudo -E ROOTFS_AB=1 ROOTFS_ENC=1 ./tools/ota_tools/version_upgrade/l4t_generate_ota_package.sh -u rsa.pem -v sbk.key --external-device nvme0n1 -i sym2_t234.key jetson-orin-nano-devkit R35-5
Once I reboot I did see UEFI upgrade to newer version and after that device boot into the old slot, which is not newer version R36.3.
Where am I wrong or missing any required steps for fused device?

Thank you
log.txt (156.2 KB)

Hi Kevin
when I try to reflash the internal QSPI by using:
sudo ROOTFS_AB=1 ./tools/kernel_flash/l4t_initrd_flash.sh --showlogs -p "-c bootloader/generic/cfg/flash_t234_qspi.xml" -u rsa.pem -v sbk.key --network usb0 jetson-orin-nano-devkit internal
I can boot to slot B which was marked Unbootable

BR/
hao

Hi @KevinFFF ,

I’m seeing the same issue on a AGX Orin Devkit 32GB but without any disk encription, and no secure boot. This happens when upgrading from L4T 35.5.0 to 36.3 and then from 36.3 to 36.3, just using the same capsule. There are no changes in the UEFI capsule between the 35.5.0 to 36.3 ,or the 36.3 to 36.3 updates. From this point on the device refuses to boot and I have to re-flash it.

Cvm Eeprom Product Id: 699-13701-0000-500 J.0
Cvb Eeprom data validation failed(Success)
add-symbol-file /build/nvidia-uefi/Build/Jetson/DEBUG_GCC5/AARCH64/Silicon/NVIDIA/Drivers/NvSecureBootProvisionDxe/NvSecureBootProvisionDxe/DEBUG/NvSecureBootProvisionDxe.dll 0x825B9E000
Loading driver at 0x00825B9D000 EntryPoint=0x00825BA339C NvSecureBootProvisionDxe.efi

add-symbol-file /build/nvidia-uefi/Build/Jetson/DEBUG_GCC5/AARCH64/ArmPkg/Drivers/ArmPsciMpServicesDxe/ArmPsciMpServicesDxe/DEBUG/ArmPsciMpServicesDxe.dll 0x825B8F000
Loading driver at 0x00825B8E000 EntryPoint=0x00825B94C90 ArmPsciMpServicesDxe.efi

add-symbol-file /build/nvidia-uefi/Build/Jetson/DEBUG_GCC5/AARCH64/Silicon/NVIDIA/Drivers/MmCommunicationOpteeDxe/MmCommunicationOptee/DEBUG/MmCommunicationOptee.dll 0x826DC0000
Loading driver at 0x00826DB0000 EntryPoint=0x00826DC4B10 MmCommunicationOptee.efi

��I/TC: Reserved shared memory is disabled
I/TC: Dynamic shared memory is enabled
I/TC: Normal World virtualization support is disabled
I/TC: Asynchronous notifications are disabled
I/TC: WARNING: Test UEFI variable auth key is being used !
I/TC: WARNING: UEFI variable protection is not fully enabled !

ASSERT [FvbNorFlashStandaloneMm] /out/nvidia/optee.t234-uefi/StandaloneMmOptee_RELEASE/edk2-nvidia/Silicon/NVIDIA/Drivers/FvbNorFlashDxe/FvbNorFlashStandaloneMm.c(937): ((BOOLEAN)(0==1))

Is there any patch available that I can give a try?

Thanks

Hi AlexCo,
did you generate eks_t234.img for r36.3 L4T?
I regenerated eks.img and the problem doesn’t appear

@anhhao.hcmus no, I didn’t regenerate it, I just created the capsule with the steps from the docs:

Generate a multi-spec, Capsule payload for the AGX Orin series:

$ cd ${ToT_BSP}

# For AGX Orin:
$ sudo ./l4t_generate_soc_bup.sh -e t23x_agx_bl_spec t23x

# For AGX Orin Industrial:
$ sudo ./l4t_generate_soc_bup.sh -e t23x_agx_ind_bl_spec t23x

$ ./generate_capsule/l4t_generate_soc_capsule.sh -i bootloader/payloads_t23x/bl_only_payload -o ./TEGRA_BL.Cap t234

And triggered the update manually with:

$ cd /sys/firmware/efi/efivars/
$ printf "\x07\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00" > /tmp/var_tmp.bin
$ sudo dd if=/tmp/var_tmp.bin of=OsIndications-8be4df61-93ca-11d2-aa0d-00e098032b8c bs=12;sync

I’ve tried the 36.3.0-updates branch from edk2, but am seeing the same problem.

@KevinFFF is the fix in EDK2 Nvidia, or in OPTEE, or somewhere else? When and if there will be a patch, can you please point me to it so I can give it a try? Thanks

Please apply the following patches to check if it could help for ASSERT FvbNorFlashStandaloneMm issue.

1. feat: add a null version of the FwVariableLib · NVIDIA/edk2-nvidia@92bc1c3 · GitHub
2. fix: don't try to erase early vars partition in Jetson · NVIDIA/edk2-nvidia@1b61c74 · GitHub
3. fix: reset the meas buffer after computing the first measurement · NVIDIA/edk2-nvidia@615288a · GitHub

Will check them out and get back to you. Thanks!

@KevinFFF I applied the 3 patches on top of r36.3.0-updates branch and tested this, unfortunately I’m still seeing the problem. I’ve attached the boot logs before and after the capsule update trigger at Before capsule update trigger and after capsule update trigger · GitHub

If there’s any other patches I can try please let me know. Thanks!

I believe the changes in FvbNorFlashStandaloneMm.c are not reflected because those sources end up in the -standalone-optee binary, and not in uefi_jetson.bin.

So I built uefi_StandaloneMmOptee_DEBUG.bin using ./edk2-nvidia/Platform/NVIDIA/StandaloneMmOptee/build.sh from the EDK2 container (including these 3 patches), used strings to confirm that the logs I added are present in the resulting binary, and then copied it to Linux_for_Tegra/bootloader/standalonemm_optee_t234.bin and re-generated the UEFI capsule. Once again that assert happens.

Digging further I found Op-Tee related question - #10 by JerryChang and it appears that tos-optee needs to be re-generated manually using the stmm optee, so I did those steps to generate tos-t234, and finally re-built the capsule with this new tos, applied it, and am now getting:

   Update Progress - 100% **************************************************HandleCapsules: capsule update complete, resetting ...
����Shutdown state requested 1
Rebooting sy��
[0000.062] I> MB1 (version: 1.4.0.2-t234-54845784-08a4de08)
[0000.067] I> t234-A01-0-Silicon (0x12347) Prod
[0000.071] I> Boot-mode : Coldboot
[0000.074] I> Entry timestamp: 0x00000000
[0000.078] I> last_boot_error: 0x0
[0000.081] I> BR-BCT: preprod_dev_sign: 0
[0000.085] I> rst_source: 0xb, rst_level: 0x1
[0000.089] I> Task: SE error check
[0000.092] I> Task: Bootchain select WAR set
[0000.096] I> Task: Enable SLCG
[0000.099] I> Task: CRC check
[0000.102] I> Skip FUSE records CRC check as records_integrity fuse is not burned
[0000.109] I> Task: Initialize MB2 params
[0000.114] I> MB2-params @ 0x40060000
[0000.117] I> Task: Crypto init
[0000.120] I> Task: Perform MB1 KAT tests
[0000.124] I> Task: NVRNG health check
[0000.127] I> NVRNG: Health check success
[0000.131] I> Task: MSS Bandwidth limiter settings for iGPU clients
[0000.137] I> Task: Enabling and initialization of Bandwidth limiter
[0000.143] I> No request to configure MBWT settings for any PC!
[0000.149] I> Task: Secure debug controls
[0000.153] I> Task: strap war set
[0000.156] I> Task: Initialize SOC Therm
[0000.160] I> Task: Program NV master stream id
[0000.164] I> Task: Verify boot mode
[0000.170] I> Task: Alias fuses
[0000.173] W> FUSE_ALIAS: Fuse alias on production fused part is not supported.
[0000.180] I> Task: Print SKU type
[0000.184] I> FUSE_OPT_CCPLEX_CLUSTER_DISABLE = 0x00000000
[0000.189] I> FUSE_OPT_GPC_DISABLE = 0x00000000
[0000.193] I> FUSE_OPT_TPC_DISABLE = 0x00000000
[0000.197] I> FUSE_OPT_DLA_DISABLE = 0x00000000
[0000.202] I> FUSE_OPT_PVA_DISABLE = 0x00000000
[0000.206] I> FUSE_OPT_NVENC_DISABLE = 0x00000000
[0000.210] I> FUSE_OPT_NVDEC_DISABLE = 0x00000000
[0000.215] I> FUSE_OPT_FSI_DISABLE = 0x00000000
[0000.219] I> FUSE_OPT_EMC_DISABLE = 0x00000000
[0000.223] I> FUSE_BOOTROM_PATCH_VERSION = 0x7
[0000.228] I> FUSE_PSCROM_PATCH_VERSION = 0x7
[0000.232] I> FUSE_OPT_ADC_CAL_FUSE_REV = 0x2
[0000.236] I> FUSE_SKU_INFO_0 = 0xd0
[0000.239] I> FUSE_OPT_SAMPLE_TYPE_0 = 0x3 PS 
[0000.243] I> FUSE_PACKAGE_INFO_0 = 0x2
[0000.247] I> SKU: Prod
[0000.249] I> Task: Boost clocks
[0000.252] I> Initializing NAFLL for BPMP_CPU_NIC.
[0000.257] I> BPMP NAFLL: fll_lock = 1, dvco_min_reached = 0
[0000.263] I> BPMP NAFLL lock success.
[0000.266] I> BPMP_CPU_NIC : src = 42, divisor = 0
[0000.271] I> Initializing PLLC2 for AXI_CBB.
[0000.275] I> AXI_CBB : src = 35, divisor = 0
[0000.279] I> Task: Voltage monitor
[0000.282] I> VMON: Vmon re-calibration and fine tuning done
[0000.288] I> Task: UPHY init
[0000.292] I> HSIO UPHY init done
[0000.296] W> Skipping GBE UPHY config
[0000.299] I> Task: Boot device init
[0000.302] I> Boot_device: QSPI_FLASH instance: 0
[0000.307] I> Qspi clock source : pllc_out0
[0000.311] I> QSPI Flash: Macronix 64MB
[0000.315] I> QSPI-0l initialized successfully
[0000.319] I> Task: TSC init
[0000.322] I> Task: Load membct
[0000.325] I> RAM_CODE 0x4000001
[0000.328] I> Loading MEMBCT 
[0000.331] I> Slot: 1
[0000.333] I> Binary[0] block-66816 (partition size: 0x40000)
[0000.338] I> Binary name: MEM-BCT-0
[0000.341] I> Size of crypto header is 8192
[0000.345] I> Size of crypto header is 8192
[0000.349] I> strt_pg_num(66816) num_of_pgs(16) read_buf(0x40050000)
[0000.356] I> BCH of MEM-BCT-0 read from storage
[0000.360] I> BCH address is : 0x40050000
[0000.364] I> MEM-BCT-0 header integrity check is success
[0000.369] I> Binary magic in BCH component 0 is MEM0
[0000.374] I> component binary type is 0
[0000.378] I> strt_pg_num(66832) num_of_pgs(115) read_buf(0x40040000)
[0000.384] I> MEM-BCT-0 binary is read from storage
[0000.389] I> MEM-BCT-0 binary integrity check is success
[0000.394] I> Binary MEM-BCT-0 loaded successfully at 0x40040000 (0xe580)
[0000.401] I> RAM_CODE 0x4000001
[0000.406] I> RAM_CODE 0x4000001
[0000.410] I> Task: Load Page retirement list
[0000.414] I> Task: SDRAM params override
[0000.418] I> Task: Save mem-bct info
[0000.421] I> Task: Carveout allocate
[0000.425] I> RCM blob carveout will not be allocated
[0000.430] I> Update CCPLEX IST carveout from MB1-BCT
[0000.435] I> ECC region[0]: Start:0x0, End:0x0
[0000.439] I> ECC region[1]: Start:0x0, End:0x0
[0000.443] I> ECC region[2]: Start:0x0, End:0x0
[0000.447] I> ECC region[3]: Start:0x0, End:0x0
[0000.452] I> ECC region[4]: Start:0x0, End:0x0
[0000.456] I> Non-ECC region[0]: Start:0x80000000, End:0x880000000
[0000.462] I> Non-ECC region[1]: Start:0x0, End:0x0
[0000.466] I> Non-ECC region[2]: Start:0x0, End:0x0
[0000.471] I> Non-ECC region[3]: Start:0x0, End:0x0
[0000.476] I> Non-ECC region[4]: Start:0x0, End:0x0
[0000.486] I> allocated(CO:44) base:0x849800000 size:0x36800000 align: 0x100000
[0000.494] I> allocated(CO:31) base:0x840000000 size:0x8000000 align: 0x8000000
[0000.501] I> allocated(CO:43) base:0x83c000000 size:0x4000000 align: 0x200000
[0000.508] I> allocated(CO:39) base:0x839e00000 size:0x2200000 align: 0x10000
[0000.515] I> allocated(CO:20) base:0x836000000 size:0x2000000 align: 0x2000000
[0000.522] I> allocated(CO:24) base:0x834000000 size:0x2000000 align: 0x2000000
[0000.529] I> allocated(CO:28) base:0x832000000 size:0x2000000 align: 0x2000000
[0000.536] I> allocated(CO:29) base:0x830000000 size:0x2000000 align: 0x2000000
[0000.543] I> allocated(CO:22) base:0x848000000 size:0x1000000 align: 0x1000000
[0000.550] I> allocated(CO:35) base:0x838e00000 size:0x1000000 align: 0x100000
[0000.557] I> allocated(CO:41) base:0x82f000000 size:0x1000000 align: 0x100000
[0000.564] I> allocated(CO:02) base:0x849000000 size:0x800000 align: 0x800000
[0000.571] I> allocated(CO:03) base:0x838000000 size:0x800000 align: 0x800000
[0000.578] I> allocated(CO:06) base:0x82e800000 size:0x800000 align: 0x800000
[0000.585] I> allocated(CO:56) base:0x82e000000 size:0x800000 align: 0x200000
[0000.592] I> allocated(CO:07) base:0x838800000 size:0x400000 align: 0x400000
[0000.599] I> allocated(CO:33) base:0x82dc00000 size:0x400000 align: 0x200000
[0000.606] I> allocated(CO:19) base:0x82d980000 size:0x280000 align: 0x10000
[0000.613] I> allocated(CO:23) base:0x838c00000 size:0x200000 align: 0x200000
[0000.620] I> allocated(CO:01) base:0x82d800000 size:0x100000 align: 0x100000
[0000.627] I> allocated(CO:05) base:0x82d700000 size:0x100000 align: 0x100000
[0000.634] I> allocated(CO:08) base:0x82d600000 size:0x100000 align: 0x100000
[0000.641] I> allocated(CO:09) base:0x82d500000 size:0x100000 align: 0x100000
[0000.648] I> allocated(CO:12) base:0x82d400000 size:0x100000 align: 0x100000
[0000.655] I> allocated(CO:15) base:0x82d300000 size:0x100000 align: 0x100000
[0000.661] I> allocated(CO:17) base:0x82d200000 size:0x100000 align: 0x100000
[0000.668] I> allocated(CO:27) base:0x82d100000 size:0x100000 align: 0x100000
[0000.675] I> allocated(CO:42) base:0x82d000000 size:0x100000 align: 0x100000
[0000.682] I> allocated(CO:54) base:0x82d900000 size:0x80000 align: 0x80000
[0000.689] I> allocated(CO:34) base:0x82cff0000 size:0x10000 align: 0x10000
[0000.696] I> allocated(CO:72) base:0x82cdf0000 size:0x200000 align: 0x10000
[0000.703] I> allocated(CO:47) base:0x82c800000 size:0x400000 align: 0x200000
[0000.710] I> allocated(CO:50) base:0x82c600000 size:0x200000 align: 0x100000
[0000.717] I> allocated(CO:52) base:0x82cdc0000 size:0x30000 align: 0x10000
[0000.723] I> allocated(CO:48) base:0x82cda0000 size:0x20000 align: 0x10000
[0000.730] I> allocated(CO:69) base:0x82cd80000 size:0x20000 align: 0x10000
[0000.737] I> allocated(CO:49) base:0x82cd70000 size:0x10000 align: 0x10000
[0000.744] I> NSDRAM base: 0x80000000, end: 0x82cdf0000, size: 0x7acdf0000
[0000.750] I> Task: Thermal check
[0000.753] I> Using min_chip_limit as min_tmon_limit
[0000.758] I> Using max_chip_limit as max_tmon_limit
[0000.763] I> BCT max_tmon_limit = 105
[0000.766] I> BCT min_tmon_limit = -28
[0000.770] I> BCT max_tmon_limit = 105
[0000.773] I> BCT min_tmon_limit = -28
[0000.777] I> SKU specific max_chip_limit = 105
[0000.781] I> SKU specific min_chip_limit = -28
[0000.785] I> BCT max_chip_limit = 105
[0000.789] I> BCT min_chip_limit = -28
[0000.792] I> enable_soctherm_polling = 0
[0000.796] I> max temp read = 38
[0000.799] I> min temp read = 38
[0000.802] I> Enabling thermtrip
[0000.805] I> Task: Update FSI SCR with thermal fuse data
[0000.810] I> Task: Enable WDT 5th expiry
[0000.814] I> Task: I2C register
[0000.817] I> Task: Set I2C bus freq
[0000.820] I> Task: Reset FSI
[0000.823] I> Task: Pinmux init
[0000.826] I> Task: Prod config init
[0000.830] I> Task: Pad voltage init
[0000.833] I> Task: Prod init
[0000.836] I> Task: Program rst req config reg
[0000.840] I> Task: Common rail init
[0000.844] I> DONE: Thermal config
[0000.847] W> DEVICE_PROD: module = 13, instance = 4 not found in device prod.
[0000.855] I> DONE: SOC rail config
[0000.859] W> PMIC_CONFIG: Rail: MEMIO rail config not found in MB1 BCT.
[0000.865] I> DONE: MEMIO rail config
[0000.869] I> DONE: GPU rail info
[0000.872] I> DONE: CV rail info
[0000.875] I> Task: Mem clock src
[0000.878] I> Task: Misc. board config
[0000.882] I> PMIC_CONFIG: Platform config not found in MB1 BCT.
[0000.888] I> Task: SDRAM init
[0000.891] I> MemoryType: 4 MemBctRevision: 10
[0000.897] I> MSS CAR: PLLM/HUB programming for MemoryType: 4 and MemBctRevision: 10
[0000.905] I> MSS CAR: Init PLLM
[0000.908] I> MSS CAR: Init PLLHUB
[0000.913] I> Encryption:   MTS: en, TX: en, VPR: en, GSC: en
[0000.924] I> SDRAM initialized!
[0000.927] I> SDRAM Size in Total 0x800000000
[0000.931] I> Task: Dram Ecc scrub
[0000.935] I> Task: DRAM alias check
[0000.951] I> Task: Program NSDRAM carveout
[0000.955] I> NSDRAM carveout encryption is enabled
[0000.960] I> Program NSDRAM carveout
[0000.963] I> Task: Register checker
[0000.967] I> Task: Enable clock-mon
[0000.981] I> FMON: Fmon re-programming done
[0000.985] I> Task: Mapper init
[0000.988] I> Task: SC7 Context Init
[0000.991] I> Task: CCPLEX IST init
[0000.995] I> Task: CPU WP0
[0000.998] I> Loading MCE
[0001.000] I> Slot: 1
[0001.002] I> Binary[8] block-85760 (partition size: 0x80000)
[0001.008] I> Binary name: MCE
[0001.010] I> Size of crypto header is 8192
[0001.014] I> Size of crypto header is 8192
[0001.018] I> strt_pg_num(85760) num_of_pgs(16) read_buf(0x4003e000)
[0001.025] I> BCH of MCE read from storage
[0001.028] I> BCH address is : 0x4003e000
[0001.032] I> MCE header integrity check is success
[0001.037] I> Binary magic in BCH component 0 is MTSM
[0001.042] I> component binary type is 8
[0001.045] I> Size of crypto header is 8192
[0001.049] I> strt_pg_num(85776) num_of_pgs(350) read_buf(0x40000000)
[0001.058] I> MCE binary is read from storage
[0001.062] I> MCE binary integrity check is success
[0001.067] I> Binary MCE loaded successfully at 0x40000000 (0x2baf0)
[0001.073] I> Size of crypto header is 8192
[0001.084] I> Size of crypto header is 8192
[0001.088] I> Sending WP0 mailbox command to PSC
[0001.097] I> Task: XUSB Powergate
[0001.100] I> Skipping powergate XUSB.
[0001.104] I> Task: MB1 fixed firewalls
[0001.110] W> Firewall readback mismatch
[0001.115] I> Task: Load bpmp-fw
[0001.118] I> Slot: 1
[0001.120] I> Binary[15] block-72960 (partition size: 0x180000)
[0001.126] I> Binary name: BPMP_FW
[0001.129] I> Size of crypto header is 8192
[0001.133] I> Size of crypto header is 8192
[0001.137] I> strt_pg_num(72960) num_of_pgs(16) read_buf(0x807fe000)
[0001.143] I> BCH of BPMP_FW read from storage
[0001.147] I> BCH address is : 0x807fe000
[0001.151] I> BPMP_FW header integrity check is success
[0001.156] I> Binary magic in BCH component 0 is BPMF
[0001.161] I> component binary type is 15
[0001.164] I> Size of crypto header is 8192
[0001.168] I> strt_pg_num(72976) num_of_pgs(1990) read_buf(0x80000000)
[0001.186] I> BPMP_FW binary is read from storage
[0001.192] I> BPMP_FW binary integrity check is success
[0001.197] I> Binary BPMP_FW loaded successfully at 0x80000000 (0xf8bc0)
[0001.204] I> Slot: 1
[0001.206] I> Binary[16] block-76032 (partition size: 0x400000)
[0001.212] I> Binary name: BPMP_FW_DTB
[0001.215] I> Size of crypto header is 8192
[0001.219] I> Size of crypto header is 8192
[0001.223] I> strt_pg_num(76032) num_of_pgs(16) read_buf(0x807fc000)
[0001.229] I> BCH of BPMP_FW_DTB read from storage
[0001.234] I> BCH address is : 0x807fc000
[0001.238] I> BPMP_FW_DTB header integrity check is success
[0001.243] I> Binary magic in BCH component 0 is BPMD
[0001.248] I> component binary type is 16
[0001.251] I> Size of crypto header is 8192
[0001.255] I> strt_pg_num(76048) num_of_pgs(736) read_buf(0x8079fff0)
[0001.266] I> BPMP_FW_DTB binary is read from storage
[0001.271] I> BPMP_FW_DTB binary integrity check is success
[0001.277] I> Binary BPMP_FW_DTB loaded successfully at 0x8079fff0 (0x5bf00)
[0001.283] I> Task: BPMP fw ast config
[0001.287] I> Task: Load psc-fw
[0001.290] I> Slot: 1
[0001.292] I> Binary[17] block-84224 (partition size: 0xc0000)
[0001.298] I> Binary name: PSC_FW
[0001.301] I> Size of crypto header is 8192
[0001.305] I> Size of crypto header is 8192
[0001.308] I> strt_pg_num(84224) num_of_pgs(16) read_buf(0x80ffe000)
[0001.315] I> BCH of PSC_FW read from storage
[0001.319] I> BCH address is : 0x80ffe000
[0001.323] I> PSC_FW header integrity check is success
[0001.328] I> Binary magic in BCH component 0 is PFWP
[0001.332] I> component binary type is 17
[0001.336] I> Size of crypto header is 8192
[0001.340] I> strt_pg_num(84240) num_of_pgs(591) read_buf(0x80fb4200)
[0001.350] I> PSC_FW binary is read from storage
[0001.355] I> PSC_FW binary integrity check is success
[0001.359] I> Binary PSC_FW loaded successfully at 0x80fb4200 (0x49df0)
[0001.366] I> Task: Load nvdec-fw
[0001.369] I> Slot: 1
[0001.371] I> Binary[7] block-69376 (partition size: 0x100000)
[0001.377] I> Binary name: NVDEC
[0001.380] I> Size of crypto header is 8192
[0001.383] I> Size of crypto header is 8192
[0001.387] I> strt_pg_num(69376) num_of_pgs(16) read_buf(0x800fe000)
[0001.394] I> BCH of NVDEC read from storage
[0001.398] I> BCH address is : 0x800fe000
[0001.402] I> NVDEC header integrity check is success
[0001.406] I> Binary magic in BCH component 0 is NDEC
[0001.411] I> component binary type is 7
[0001.415] I> Size of crypto header is 8192
[0001.419] I> strt_pg_num(69392) num_of_pgs(560) read_buf(0x80000000)
[0001.428] I> NVDEC binary is read from storage
[0001.433] I> NVDEC binary integrity check is success
[0001.438] I> Binary NVDEC loaded successfully at 0x80000000 (0x46000)
[0001.444] I> Size of crypto header is 8192
[0001.455] I> Task: Load tsec-fw
[0001.458] I> TSEC-FW load support not enabled
[0001.463] I> Task: GPIO interrupt map
[0001.466] I> Task: SC7 context save
[0001.470] I> Slot: 1
[0001.472] I> Binary[27] block-0 (partition size: 0x100000)
[0001.477] I> Binary name: BR_BCT
[0001.480] I> Size of crypto header is 8192
[0001.484] I> Size of crypto header is 8192
[0001.488] I> Size of crypto header is 8192
[0001.492] I> strt_pg_num(0) num_of_pgs(16) read_buf(0xa0000000)
[0001.498] I> BR_BCT binary is read from storage
[0001.502] I> BR_BCT binary integrity check is success
[0001.507] I> Binary BR_BCT loaded successfully at 0xa0000000 (0x2000)
[0001.513] I> Slot: 1
[0001.515] I> Binary[13] block-86784 (partition size: 0x30000)
[0001.521] I> Binary name: SC7-FW
[0001.524] I> Size of crypto header is 8192
[0001.528] I> Size of crypto header is 8192
[0001.532] I> Size of crypto header is 8192
[0001.536] I> Size of crypto header is 8192
[0001.540] I> strt_pg_num(86784) num_of_pgs(16) read_buf(0xa0002000)
[0001.546] I> BCH of SC7-FW read from storage
[0001.550] I> BCH address is : 0xa0002000
[0001.554] I> SC7-FW header integrity check is success
[0001.559] I> Binary magic in BCH component 0 is WB0B
[0001.564] I> component binary type is 13
[0001.567] I> Size of crypto header is 8192
[0001.571] I> strt_pg_num(86800) num_of_pgs(349) read_buf(0xa0004000)
[0001.580] I> SC7-FW binary is read from storage
[0001.584] I> SC7-FW binary integrity check is success
[0001.589] I> Binary SC7-FW loaded successfully at 0xa0004000 (0x2b920)
[0001.596] I> Slot: 1
[0001.598] I> Binary[22] block-87168 (partition size: 0x30000)
[0001.603] I> Binary name: PSC_RF
[0001.606] I> Size of crypto header is 8192
[0001.610] I> Size of crypto header is 8192
[0001.614] I> Size of crypto header is 8192
[0001.618] I> Size of crypto header is 8192
[0001.622] I> strt_pg_num(87168) num_of_pgs(16) read_buf(0xa002f920)
[0001.628] I> BCH of PSC_RF read from storage
[0001.632] I> BCH address is : 0xa002f920
[0001.636] I> PSC_RF header integrity check is success
[0001.641] I> Binary magic in BCH component 0 is PSCR
[0001.646] I> component binary type is 22
[0001.650] I> Size of crypto header is 8192
[0001.654] I> strt_pg_num(87184) num_of_pgs(224) read_buf(0xa0031920)
[0001.661] I> PSC_RF binary is read from storage
[0001.666] I> PSC_RF binary integrity check is success
[0001.671] I> Binary PSC_RF loaded successfully at 0xa0031920 (0x1be60)
[0001.680] I> Task: Save WP0 payload to SC7 ctx
[0001.684] I> Task: Load MB2rf binary to SC7 ctx
[0001.689] I> Slot: 1
[0001.691] I> Binary[14] block-87552 (partition size: 0x20000)
[0001.696] I> Binary name: MB2_RF
[0001.699] I> Size of crypto header is 8192
[0001.703] I> Size of crypto header is 8192
[0001.707] I> Size of crypto header is 8192
[0001.711] I> Size of crypto header is 8192
[0001.715] I> strt_pg_num(87552) num_of_pgs(16) read_buf(0xa00d5d10)
[0001.721] I> BCH of MB2_RF read from storage
[0001.726] I> BCH address is : 0xa00d5d10
[0001.729] I> MB2_RF header integrity check is success
[0001.734] I> Binary magic in BCH component 0 is MB2R
[0001.739] I> component binary type is 14
[0001.743] I> Size of crypto header is 8192
[0001.747] I> strt_pg_num(87568) num_of_pgs(224) read_buf(0xa00d7d10)
[0001.754] I> MB2_RF binary is read from storage
[0001.759] I> MB2_RF binary integrity check is success
[0001.764] I> Binary MB2_RF loaded successfully at 0xa00d7d10 (0x1bf30)
[0001.770] I> Task: Save fuse alias data to SC7 ctx
[0001.775] I> Task: Save PMIC data to SC7 ctx
[0001.779] I> Task: Save Pinmux data to SC7 ctx
[0001.783] I> Task: Save Pad Voltage data to SC7 ctx
[0001.788] I> Task: Save controller prod data to SC7 ctx
[0001.793] I> Task: Save prod cfg data to SC7 ctx
[0001.797] I> Task: Save I2C bus freq data to SC7 ctx
[0001.802] I> Task: Save SOCTherm data to SC7 ctx
[0001.807] I> Task: Save FMON data to SC7 ctx
[0001.811] I> Task: Save VMON data to SC7 ctx
[0001.815] I> Task: Save TZDRAM data to SC7 ctx
[0001.819] I> Task: Save GPIO int data to SC7 ctx
[0001.824] I> Task: Save clock data to SC7 ctx
[0001.828] I> Task: Save debug data to SC7 ctx
[0001.832] I> Task: Save MBWT data to SC7 ctx
[0001.840] I> SC7 context save done
[0001.843] I> Task: Load MB2/Applet/FSKP
[0001.847] I> Loading MB2
[0001.849] I> Slot: 1
[0001.851] I> Binary[6] block-71424 (partition size: 0x80000)
[0001.857] I> Binary name: MB2
[0001.860] I> Size of crypto header is 8192
[0001.864] I> Size of crypto header is 8192
[0001.868] I> strt_pg_num(71424) num_of_pgs(16) read_buf(0x8007e000)
[0001.874] I> BCH of MB2 read from storage
[0001.878] I> BCH address is : 0x8007e000
[0001.882] I> MB2 header integrity check is success
[0001.886] I> Binary magic in BCH component 0 is MB2B
[0001.891] I> component binary type is 6
[0001.895] I> Size of crypto header is 8192
[0001.899] I> strt_pg_num(71440) num_of_pgs(844) read_buf(0x80000000)
[0001.910] I> MB2 binary is read from storage
[0001.915] I> MB2 binary integrity check is success
[0001.919] I> Binary MB2 loaded successfully at 0x80000000 (0x696a0)
[0001.925] I> Task: Map CCPLEX SHARED carveout
[0001.930] I> Task: Prepare MB2 params
[0001.933] I> Task: Dram ecc test
[0001.936] I> Task: Misc NV security settings
[0001.941] I> NVDEC sticky bits programming done
[0001.945] I> Successfully powergated NVDEC
[0001.949] I> Task: Disable/Reload WDT
[0001.953] I> Task: Program misc carveouts
[0001.956] I> Program IPC carveouts
[0001.960] I> Task: Disable SCPM/POD reset
[0001.964] I> SLCG Global override status := 0x0
[0001.968] I> MB1: MSS reconfig completed
I> MB2 (version: 0.0.0.0-t234-54845784-af79ed0a)
I> t234-A01-0-Silicon (0x12347)
I> Boot-mode : Coldboot
I> Emulation: 
I> Entry timestamp: 0x001e79ed
I> Regular heap: [base:0x40040000, size:0x10000]
I> DMA heap: [base:0x82e000000, size:0x800000]
I> Task: SE error check
I> Task: Crypto init
I> Task: MB2 Params integrity check
I> Task: Enable CCPLEX WDT 5th expiry
I> Task: ARI update carveout TZDRAM
I> Task: Configure OEM set LA/PTSA values
I> Task: Check MC errors
I> Task: Enable hot-plug capability
I> Task: PSC mailbox init
I> Task: Enable clock for external modules
I> Task: Measured Boot init
I> Task: fTPM silicon identity init
I> fTPM is not enabled.
I> Task: OEM SC7 context save init
I> Task: I2C register
I> Task: Map CCPLEX_INTERWORLD_SHMEM carveout
I> Task: Program CBB PCIE AMAP regions
I> Task: Boot device init
I> Boot_device: QSPI_FLASH instance: 0
I> Qspi clock source : pllc_out0
I> QSPI Flash: Macronix 64MB
I> QSPI-0l initialized successfully
I> Secondary storage device: QSPI_FLASH instance: 0
I> Secondary storage device: SDMMC_USER instance: 3
I> sdmmc HS400 mode enabled
I> Task: Partition Manager Init
I> strt_pg_num(130592) num_of_pgs(1) read_buf(0x82e001000)
I> strt_pg_num(130560) num_of_pgs(32) read_buf(0x82e001200)
I> Found 60 partitions in QSPI_FLASH (instance 0)
W> Cannot find any partition table for 00000003
W> PARTITION_MANAGER: Failed to publish partition.
I> Found 10 partitions in SDMMC_USER (instance 3)
I> Task: Pass DRAM ECC PRL Flag to FSI
I> Task: Load and authenticate registered FWs
I> Task: Load AUXP FWs
I> Successfully register SPE FW load task with MB2 loader
I> Successfully register RCE FW load task with MB2 loader
I> Successfully register DCE FW load task with MB2 loader
I> Unpowergating APE
I> Unpowergate done
I> Successfully register APE FW load task with MB2 loader
I> Skipping FSI FW load
I> Successfully register XUSB FW load task with MB2 loader
I> Successfully register PVA FW load task with MB2 loader
I> Partition name: B_spe-fw
I> Size of partition: 589824
I> Binary@ device:3/0 block-118016 (partition size: 0x90000), name: B_spe-fw
I> strt_pg_num(118016) num_of_pgs(16) read_buf(0x40066880)
I> strt_pg_num(118032) num_of_pgs(512) read_buf(0x82d600000)
I> Partition name: B_rce-fw
I> Size of partition: 1048576
I> Binary@ device:3/0 block-119168 (partition size: 0x100000), name: B_rce-fw
I> strt_pg_num(119168) num_of_pgs(16) read_buf(0x40066880)
I> strt_pg_num(119184) num_of_pgs(880) read_buf(0x82d200000)
I> spe: Authentication Finalize Done
I> Binary spe loaded successfully at 0x82d600000
I> Partition name: B_dce-fw
I> Size of partition: 5242880
I> Binary@ device:3/0 block-107776 (partition size: 0x500000), name: B_dce-fw
I> strt_pg_num(107776) num_of_pgs(16) read_buf(0x40066880)
I> rce: Authentication Finalize Done
I> Binary rce loaded successfully at 0x82d200000
I> Successfully register RCE FW context save task with MB2 loader
I> dce : oem authentication of header done
I> strt_pg_num(107792) num_of_pgs(1) read_buf(0x82e1403d8)
I> strt_pg_num(107792) num_of_pgs(8) read_buf(0x82e1403d8)
I> dce : meta-blob integrity check is success.
I> strt_pg_num(107800) num_of_pgs(512) read_buf(0x82e0003c0)
I> strt_pg_num(108312) num_of_pgs(512) read_buf(0x82e0403c0)
I> dce : will be decompressed at 0x836000000
I> version 1 Bin 1 BCheckSum 0 content_size 0 Content ChkSum 1 reserved_00  0
I> Reserved10 0 BlockMaxSize 5 Reserved11 0
I> strt_pg_num(108824) num_of_pgs(512) read_buf(0x82e0803c0)
I> dce : decompressed to 12062400 bytes
I> dce: plain binary integrity check is success
I> Partition name: B_adsp-fw
I> Size of partition: 2097152
I> Binary@ device:3/0 block-121216 (partition size: 0x200000), name: B_adsp-fw
I> strt_pg_num(121216) num_of_pgs(16) read_buf(0x40066880)
I> strt_pg_num(121232) num_of_pgs(800) read_buf(0x838800000)
I> dce: Authentication Finalize Done
I> Binary dce loaded successfully at 0x836000000
I> Partition name: B_xusb-fw
I> Size of partition: 262144
I> Binary@ device:3/0 block-72448 (partition size: 0x40000), name: B_xusb-fw
I> strt_pg_num(72448) num_of_pgs(16) read_buf(0x40066880)
I> strt_pg_num(72464) num_of_pgs(312) read_buf(0x82d700000)
I> ape: Authentication Finalize Done
I> Binary ape loaded successfully at 0x838800000
I> Successfully register APE FW context save task with MB2 loader
I> Partition name: B_pva-fw
I> Size of partition: 262144
I> Binary@ device:3/0 block-125312 (partition size: 0x40000), name: B_pva-fw
I> strt_pg_num(125312) num_of_pgs(16) read_buf(0x40066880)
I> xusb: Authentication Finalize Done
I> Binary xusb loaded successfully at 0x82d700000
I> Successfully register XUSB FW context save task with MB2 loader
I> pva-fw : oem authentication of header done
I> strt_pg_num(125328) num_of_pgs(1) read_buf(0x82e1403d8)
I> strt_pg_num(125328) num_of_pgs(8) read_buf(0x82e1403d8)
I> pva-fw : meta-blob integrity check is success.
I> strt_pg_num(125336) num_of_pgs(512) read_buf(0x82e0003c0)
I> pva-fw : will be decompressed at 0x82d980000
I> version 1 Bin 1 BCheckSum 0 content_size 0 Content ChkSum 1 reserved_00  0
I> Reserved10 0 BlockMaxSize 5 Reserved11 0
I> pva-fw : decompressed to 2156512 bytes
I> pva-fw: plain binary integrity check is success
I> pva-fw: Authentication Finalize Done
I> Binary pva-fw loaded successfully at 0x82d980000
I> Successfully register PVA FW context save task with MB2 loader
I> Task: Check MC errors
I> Task: Carveout setup
I> Program remaining OEM carveouts
I> Task: Enable FSITHERM
I> Task: Enable FSI VMON
I> FSI VMON: FSI Vmon re-calibration and fine tuning done
I> Task: Validate FSI Therm readings
I> Task: Restore XUSB sec
I> Task: Enable FSI SE clock
I> Enable FSI-SE clock...
I> Task: Initialize SBSA UART CAR
I> Task: Initialize CPUBL Params
I> CPUBL-params @ 0x832000000
I> Task: Ratchet update
W> Skip ratchet update - OPTIN fuse not set
I> Task: Prepare eeprom data
I> Task: FSI padctl context save
I> Task: Unpowergate APE
W> mb2_unpowergate_ape: skip! APE is in unpowergated state
I> Task: Memctrl reconfig pending clients
I> Task: OEM firewalls
I> OEM firewalls configured
I> Task: Powergate APE
I> Powergating APE
I> Powergate done
I> Task: OEM firewall restore saved settings
I> Task: Unhalt AUXPs
I> Unhalting SPE..
I> Enabling combined UART 
����spe: early_init
����vic initialized
����tsc initialized
����aon lic initialized
����spe: tag is 5243985d1b1eb3f06fac6d36bd7e74ac
����spe: SafeRTOS v8.4
����spe: init
����scheduler initialized
����aon hsp initialized
����tag initialized
����tcu initialized
����bpmp ipc initialized
����spe: late init
����cpu_nic clock initialized
����apb clock initialized
����pm initialized
����bpmp hsp initialized
����top1 hsp initialized
����ccplex ipc initialized
����spe: start scheduler
����
    I> Task: Trigger mailbox for PSC-BL1 exit
I> Sending opcode 0x4d420802 to psc
I> Received ACK from psc
I> Task: Start secure NOR provision
I> Skip Secure NOR provisioning
I> Task: Trigger load FSI keyblob
I> Skipping FSI key blob copy
I> Task: Complete load FSI keyblob
I> Skipping FSI key blob copy
I> Task: MB2-PSC_FW Key Manager Init
I> Sending opcode OP_PSC_KEY_MANAGER to psc-fw
I> Sending opcode 0x4b45594d to p��
                                   hwwdt_init: WDT boot cfg 0x710010 sts 0x10
bpmp: socket 0
bpmp: base binary md5 is 3b0e1a33cf85c7f62a7e8b93c2af97ed
bpmp: combined binary md5 is 2aafe334513692db071cfc4bbbaf4115
bpmp: firmware tag is 2aafe334513692db071c-3b0e1a33cf8
initialized vwdt
initialized mail_early
initialized fuse
initialized vfrel
initialized adc
fmon_populate_monitors: found 199 monitors
initialized fmon
initialized mc
initialized reset
initialized uphy_early
initialized emc_early
initialized pm
465 clocks registered
initialized clk_mach
initialized clk_cal_early
initialized clk_mach_early_config
initialized io_dpd
initialized soctherm
initialized regime
initialized i2c
vrmon_dt_init: vrmon node not found
vrmon_chk_boot_state: found 0 rail monitors
initialized vrmon
initialized regulator
��sc
I> Received ACK from psc
I> Task: Unhalt FSI
I> FSI unhalt skipped
I> Task: Unhalt AUXPs
I> Unhalting RCE
I> RCE unhalt successful
I> Unhalting DCE
I> DCE unhalt successful
I> APE unhalt skipped
I> Task: Load HV/CPUBL
I> Task: Load TOS
I> Task: Trigger load��initialized avfs_clk_platform
initialized powergate
��[     2.578833] Camera-FW on t234-rce-safe started
TCU early console enabled.
�� TS��initialized dvs
initialized clk_mach_config
suspend progress: 0x0
initialized suspend
initialized strap
initialized mce_dbell
��EC leyblob
��
  ��I> Sending opcode 0x53535452 to psc
I> Sent opcode to psc
I> Task: Load and authenticate registered FWs
I> Partition name: B_cpu-bootloader
I> Size of partition: 3670016
I> Binary@ device:3/0 block-87808 (partition size: 0x380000), name: B_cpu-bootloader
��DCE Started
��I> strt_pg_num(87808) num_of_pgs(16) read_buf(0x40066880)
I> cpubl : oem authentication of header done
I> strt_pg_num(87824) num_of_pgs(1) read_buf(0x82e143f98)
��DCE_R5_Init
��I> strt_pg_num(87824) num_of_pgs(8) read_buf(0x82e143f98)
I> cpubl : meta-blob integrity check��initialized emc
initialized emc_mrq
�� is success.
��MPU enabled
��I> strt_pg_num(��initialized clk_cal
initialized uphy_dt
initialized uphy_mrq
HSIO UPHY reset has been de-asserted 0x0
��878��initialized uphy
��32) num_of_pgs(512) read_bu��initialized pg_late
initialized pg_mrq_init
swdtimer_init: reg polling start w period 47 ms
initialized swdtimer
initialized hwwdt_late
initialized bwmgr
initialized thermal_host_trip
initialized thermal_mrq
initialized oc_mrq
initialized reset_mrq
initialized mail_mrq
initialized fmon_mrq
initialized clk_mrq
initialized avfs_mrq
initialized i2c_mrq
initialized tag_mrq
initialized bwmgr_mrq
initialized console_mrq
missing prod DT calibration data for 199 fmons
initialized clk_sync_fmon_post
��DCE_SW_Init
��f(0x82e003f80)
I> strt_pg_num(88344) num_of_pgs(��initialized clk_cal_late
initialized noc_late
initialized cvc
��512) read_buf(0x82e043f80)
I> cpubl : w��initialized avfs_clk_mach_post
initialized avfs_clk_platform_post
initialized cvc_late
initialized rm
initialized console_late
handling unreferenced clks
enable can1_core
enable can1_host
enable can2_core
enable can2_host
enable pwm3
enable mss_encrypt
enable maud
enable pllg_ref
enable dsi_core
enable aza_2xbit
enable pllc4_muxed
enable sdmmc4_axicif
enable xusb_ss
enable xusb_fs
enable xusb_falcon
enable xusb_core_mux
enable dsi_lp
enable sdmmc_legacy_tm
initialized clk_mach_post
initialized pg_post
initialized regulator_post
initialized profile
��[     2.777231] Camer��initialized mrq
initialized patrol_scrubber
initialized cactmon
initialized extras_post
bpmp: init complete
��a-FW on t234-rce-safe ready SHA1=e2238c99 (crt 12.421 ms, total boot 211.892 ms)
��ill be decompressed at 0x82c800000
I> version 1 Bin 1 BCheckSum 0 content_size 0 Content ChkSum 1 reserved_00  0
I> Reserved10 0 BlockMaxSize 5 Reserved11 0
I> strt_pg_num(88856) num_of_pgs(512) read_buf(0x82e083f80)
I> strt_pg_num(89368) num_of_pgs(512) read_buf(0x82e0c3f80)
I> strt_pg_num(89880) num_of_pgs(512) read_buf(0x82e103f80)
I> strt_pg_num(90392) num_of_pgs(512) read_buf(0x82e003f80)
I> strt_pg_num(90904) num_of_pgs(512) read_buf(0x82e043f80)
I> strt_pg_num(91416) num_of_pgs(512) read_buf(0x82e083f80)
I> strt_pg_num(91928) num_of_pgs(512) read_buf(0x82e0c3f80)
I> strt_pg_num(92440) num_of_pgs(512) read_buf(0x82e103f80)
��Admin Task Init
Admin Task Init complete
Print Task Init
RM Task Init
SHA Task Init
Admin Task Started
��I> strt_pg_num(92952) num_of_pgs(512) read_buf(0x82e003f80)
��DCE SC7 SHA Enabled
RM Task Started
RM Task Running
Print Task Started
Print Task Running
��I> strt_pg_num(93464) num_of_pgs(512) read_buf(0x82e043f80)
��SHA Task Started
DCE: FW Boot Complete
Admin Task Running
SHA Task Running
��I> strt_pg_num(93976) num_of_pgs(512) read_buf(0x82e083f80)
I> cpubl : decompressed to 3649664 bytes
I> cpubl: plain binary integrity check is success
I> Partition name: B_secure-os
I> Size of partition: 4194304
I> Binary@ device:3/0 block-94976 (partition size: 0x400000), name: B_secure-os
I> strt_pg_num(94976) num_of_pgs(16) read_buf(0x40066880)
I> strt_pg_num(94992) num_of_pgs(3104) read_buf(0x83fd7c000)
I> MB2-params @ 0x40060000
I> NSDRAM carveout base: 0x80000000, size: 0x7acdf0000
I> cpubl_params: nsdram: carveout: 1, encryption: 1
I> cpubl: Authentication Finalize Done
I> Binary cpubl loaded successfully at 0x82c800000
I> tos: Authentication Finalize Done
I> Binary tos loaded successfully at 0x83fd7c000
I> Relocating OP-TEE dtb from: 0x83feff0f0 to 0x83c040020, size: 0x2889
I> [0] START: 0x80000000, SIZE: 0x7acdf0000
I> [1] START: 0x832000000, SIZE: 0x2000000
I> Setting NS memory ranges to OP-TEE dtb finished.
I> Partition name: B_eks
I> Size of partition: 262144
I> Binary@ device:3/0 block-107264 (partition size: 0x40000), name: B_eks
I> strt_pg_num(107264) num_of_pgs(16) read_buf(0x40066880)
I> strt_pg_num(107280) num_of_pgs(8) read_buf(0x83c020000)
I> eks: Authentication Finalize Done
I> Binary eks loaded successfully at 0x83c020000
I> EKB detected (length: 0x410) @ VA:0x83c020000
I> Task: Add cpubl params integrity check
I> Added cpubl params digest.
I> Task: Prepare TOS params
I> Setting EKB blob info to OPTEE dtb finished.
I> Setting OPTEE arg3: 0x83c040020
I> NVRNG: Health check success
I> NVRNG: Health check success
I> Task: OEM SC7 context save
I> OEM sc7 context saved
I> Task: Disable MSS perf stats
I> Task: Program display sticky bits
I> Task: Storage device deinit
I> Task: SMMU external bypass disable
I> Task: SMMU init
I> Task: Program GICv3 registers
I> Task: Audit firewall settings
I> Task: Bootchain failure check
I> Current Boot-Chain Slot: 1
I> BR-BCT Boot-Chain is 1, and status is 1. Set UPDATE_BRBCT bit to 0
I> Task: Burn RESERVED_ODM0 fuse
I> Task: Lock fusing
I> Task: Clear dec source key
I> MB2 finished

��NOTICE:  BL31: v2.8(release):
NOTICE:  BL31: Built : 18:49:22, Jun 25 2024
I/TC: 
I/TC: Non-secure external DT found
I/TC: OP-TEE version: 3.22 (gcc version 11.3.0 (Buildroot 2022.08)) #2 Tue Jun 25 15:48:24 UTC 2024 aarch64
I/TC: WARNING: This OP-TEE configuration might be insecure!
I/TC: WARNING: Please check https://optee.readthedocs.io/en/latest/architecture/porting_guidelines.html
I/TC: Primary CPU initializing
I/TC: Test OEM keys are being used. This is insecure for shipping products!
I/TC: Primary CPU switching to normal world boot
Unhandled Exception from EL1
x0             = 0xdbe304275a3235eb
x1             = 0x25df610eb3ca152f
x2             = 0x00000000000f4240
x3             = 0x0000000081000000
x4             = 0x0000000000000001
x5             = 0x000000083c1ead38
x6             = 0xffffffffffffffff
x7             = 0x000000083c261ef0
x8             = 0x0000000000000020
x9             = 0x000000083c261ef0
x10            = 0x00000000000010c0
x11            = 0x0000000000000000
x12            = 0x00000000ffffffd8
x13            = 0x000000083c10e755
x14            = 0x000000083c261f94
x15            = 0x0000000842240020
x16            = 0x000000083c0af1c8
x17            = 0x0000000000000000
x18            = 0x000000083c261f44
x19            = 0x0000000000000000
x20            = 0x000000083c040020
x21            = 0x000000083c278b10
x22            = 0x000000083c1eb520
x23            = 0x0000000000000000
x24            = 0x0000000000000000
x25            = 0x0000000000000000
x26            = 0x0000000000000000
x27            = 0x0000000000000000
x28            = 0x0000000000000000
x29            = 0x0000000000000000
x30            = 0x000000083c080170
scr_el3        = 0x0000000000000e34
sctlr_el3      = 0x0000000030cd183f
cptr_el3       = 0x0000000000000000
tcr_el3        = 0x0000000080823518
daif           = 0x00000000000002c0
mair_el3       = 0x00000000004404ff
spsr_el3       = 0x00000000600003c4
elr_el3        = 0x000000083c08017c
ttbr0_el3      = 0x0000000050023e01
esr_el3        = 0x0000000062320802
far_el3        = 0x0000000000000000
spsr_el1       = 0x0000000000000000
elr_el1        = 0x0000000000000000
spsr_abt       = 0x0000000000000000
spsr_und       = 0x0000000000000000
spsr_irq       = 0x0000000000000000
spsr_fiq       = 0x0000000000000000
sctlr_el1      = 0x0000000030d8180d
actlr_el1      = 0x0000000000000000
cpacr_el1      = 0x0000000000000000
csselr_el1     = 0x0000000000000000
sp_el1         = 0x000000083c1eb520
esr_el1        = 0x0000000000000000
ttbr0_el1      = 0x000000083c24b000
ttbr1_el1      = 0x0000000000000000
mair_el1       = 0x00000000ff00ff04
amair_el1      = 0x0000000000000000
tcr_el1        = 0x0000000280803f1a
tpidr_el1      = 0x0000000000000000
tpidr_el0      = 0x0000000000000000
tpidrro_el0    = 0x0000000000000000
par_el1        = 0xff0000083c22e980
mpidr_el1      = 0x0000000081000000
afsr0_el1      = 0x0000000000000000
afsr1_el1      = 0x0000000000000000
contextidr_el1 = 0x0000000000000000
vbar_el1       = 0x000000083c083000
cntp_ctl_el0   = 0x0000000000000000
cntp_cval_el0  = 0x0000000000000000
cntv_ctl_el0   = 0x0000000000000000
cntv_cval_el0  = 0x0000000000000000
cntkctl_el1    = 0x0000000000000000
sp_el0         = 0x0000000050016bf0
isr_el1        = 0x0000000000000000
cpuectlr_el1   = 0xa000000b40543000
gicd_ispendr regs (Offsets 0x200 - 0x278)
 Offset:                        value
0000000000000200:               0x0000000000000000
0000000000000204:               0x0000000000000000
0000000000000208:               0x0000000000000000
000000000000020c:               0x0000000000000000
0000000000000210:               0x0000000000000000
0000000000000214:               0x0000000000000000
0000000000000218:               0x0000000000000000
000000000000021c:               0x0000000000020000
0000000000000220:               0x0000000000000000
0000000000000224:               0x0000000000000000
0000000000000228:               0x0000000000000000
000000000000022c:               0x0000000000000000
0000000000000230:               0x0000000000000000
0000000000000234:               0x0000000000000000
0000000000000238:               0x0000000000000000
000000000000023c:               0x0000000000000000
0000000000000240:               0x0000000000000000
0000000000000244:               0x0000000000000000
0000000000000248:               0x0000000000000000
000000000000024c:               0x0000000000000000
0000000000000250:               0x0000000000000000
0000000000000254:               0x0000000000000000
0000000000000258:               0x0000000000000000
000000000000025c:               0x0000000000000000
0000000000000260:               0x0000000000000000
0000000000000264:               0x0000000000000000
0000000000000268:               0x0000000000000000
000000000000026c:               0x0000000000000000
0000000000000270:               0x0000000000000000
0000000000000274:               0x0000000000000000
0000000000000278:               0x0000000000000000
000000000000027c:               0x0000000000000000

Any help here is much appreciated @KevinFFF . Thanks

The fix may be included in TOS image but I am not sure if there’s other dependency so that you hit EL1 erros.
I’ve verified with our internal release w/o hitting this ASSERT.
I believe that you would get the fix in the next release.

Thanks @KevinFFF , is there any chance the internal release team could share the updated atf_src.tbz2, nvidia-jetson-optee-source.tbz2 as well as the steps they used to build tos-t234.img using the r36.3.0-updates or main branch generated standalone_optee_t234.bin? I would like to try to build them too, and hopefully get rid of this error before the next Jetpack release. Thanks!

Have you tried to run the following command to build this binary?

$ edk2_docker edk2-nvidia/Platform/NVIDIA/StandaloneMmOptee/build.sh

@KevinFFF yes, that’s the command I used to build standalonemm_optee_t234.bin (using 36.3.0-updates branch + the 3 patches), referenced it in UEFI_STMM_PATH, built atf and optee and finally used the gen_tos_part_img.py from Linux_for_Tegra:

./gen_tos_part_img.py --monitor ./atf_build/arm-trusted-firmware/build/tegra/t234/release/bl31.bin --os ./optee/build/t234/core/tee-raw.bin --dtb ./optee/tegra234-optee.dtb --tostype optee ./tos.img

copied tos.img to Linux_for_Tegra/bootloader/tos-optee_t234 , regenerated UEFI capsule, applied capsule.

I assume this would be the process to update optee on the device with those 3 patches, right?

It should be correct.

Could you try using the following command to flash your board and check if the change could be applied?

$ sudo ./flash.sh -k A_secure-os -c bootloader/generic/cfg/flash_t234_qspi.xml jetson-orin-nano-devkit nvme0n1p1

Thanks, I will try and get back with the result