JP5.1.2 REL35.4.1 compiled uefi reports error

Dear nvidia team:
UEFI error will be reported when the system boots up after I replace the uefi with the uefi compiled by myself.
I am using the orin nx custom carrier board with branch JP5.1.2 REL 35.4.1.The uefi source file “L4TLauncher.c” will not take effect after modified and flashed.What’s the reason?Is there any encryption by default?
Error log:
I> Task: Bootchain failure check (0x500025e8)
▒▒E/TC:?? 00 get_rpc_alloc_res:645 RPC allocation failed. Non-secure world result: ret=0xffff0000 ret_origin=0
E/LD: init_elf:486 sys_open_ta_bin(bc50d971-d4c9-42c4-82cb-343fb7f37896)
E/TC:?? 00 ldelf_init_with_ldelf:131 ldelf failed with res: 0xffff000c

Hi 592803276,

Please share the steps how did you clone the UEFI source.

It is included in esp partition and you should also update BOOTAA64.efi.

Firstly I replaced the compiled BOOTAA64.efi and uefi_jetson.bin under the bootloader dir.Then I flash the whole partition.It takes no effect and I check the BOOTAA64.efi md5sum is the same.I also have already tried to update the esp partition by following the way:

  1. check where is esp partition
    $ ls -al /dev/disk/by-partlabel
    lrwxrwxrwx 1 root root 16 Jan 1 1970 esp → …/…/nvme0n1p11

  2. mount and update efi image
    $ sudo mount /dev/nvme0n1p11 /mnt
    $ cd /mnt/EFI/BOOT/
    $ replace BOOTAA64.efi under /mnt/EFI/BOOT/

Please run the following command to flash QSPI only to apply the change.

$ sudo ./flash.sh -c bootloader/t186ref/cfg/flash_t234_qspi.xml jetson-orin-nano-devkit internal

It is the expected flow to update esp partition.
Do you mean that it does not take effect after you do these?

Yes,Is there any uefi encryption restrictions?Because JP5.1.1 REL35.3.1 is OK.I get the uefi source by using the below command:
edk2_docker edkrepo clone nvidia-uefi-r35.4.1-updates NVIDIA-Platforms r35.4.1-updates

$ edk2_docker edkrepo clone nvidia-uefi-r35.4.1 NVIDIA-Platforms r35.4.1

Please use above command instead w/o any customization to check if it can boot successfully.

If it can boot, you can try to customize lines one-by-one and update both uefi_jetson.bin and BOOTAA64.efi to apply the change.

I will try other 35.4.1 uefi branch.This branch also has a bug and reports error below:

I have already known the root cause.Please see the attacted log.I have no nvidia-uefi-r36.3.0 directory under /build/ directory.So no matter how I modify it, it will not take effect.How to fix it?
Key log:
add-symbol-file /build/nvidia-uefi-r36.3.0/Build/Jetson/RELEASE_GCC5/AARCH64/Silicon/NVIDIA/Application/L4TLauncher/L4TLauncher/DEBUG/L4TLauncher.dll 0x447F12000
Loading driver at 0x00447F11000 EntryPoint=0x00447F1972C L4TLauncher.efi
PROGRESS CODE: V03058001 I0
uefi_log.txt (100.4 KB)

It is not the expected message to me since you are using JP5.1.2(R35.4.1).

Please just run the following command to download and build the source for R35.4.1 in your case.

Download source:
$ edk2_docker edkrepo clone nvidia-uefi-r35.4.1 NVIDIA-Platforms r35.4.1

Build binary:
$ cd nvidia-uefi-r35.4.1
$ edk2_docker edk2-nvidia/Platform/NVIDIA/Jetson/build.sh

Copy binary:
$ cp images/uefi_Jetson_RELEASE.bin <Linux_for_Tegra>/bootloader/uefi_jetson.bin

I have tried it.But it always reports errors. How to solve the following compilation errors:

It seems the issue relating to your build environment.
I would suggest you to NOT use root permission to build them.

Normal permission also reports the same error below:


My host vmware machine is ubuntu 18.04.Build environment steps are based Build with docker · NVIDIA/edk2-nvidia Wiki · GitHub:

Can you point out where is the build environment problem? I also change another ubuntu 20.04 computer to have a try and also have the same error.It’s easy to try and can you have a try?
Thanks

Okay.
I’ve checked the log again and also verified it working on my host locally.

Could you modify the following lines to check if it could help in your case?

diff --git a/Platform/NVIDIA/Jetson/Jetson.dsc.inc b/Platform/NVIDIA/Jetson/Jetson.dsc.inc
index 204b04d4..2540b3b0 100644
--- a/Platform/NVIDIA/Jetson/Jetson.dsc.inc
+++ b/Platform/NVIDIA/Jetson/Jetson.dsc.inc
@@ -288,7 +288,7 @@
   #
   # EQOS NIC Support
   #
-  Silicon/NVIDIA/Drivers/EqosDeviceDxe/EqosDeviceDxe.inf
+  #Silicon/NVIDIA/Drivers/EqosDeviceDxe/EqosDeviceDxe.inf
 
   #
   # VPR Support
diff --git a/Platform/NVIDIA/Jetson/Jetson.fdf.inc b/Platform/NVIDIA/Jetson/Jetson.fdf.inc
index 8d74d048..09fd745d 100644
--- a/Platform/NVIDIA/Jetson/Jetson.fdf.inc
+++ b/Platform/NVIDIA/Jetson/Jetson.fdf.inc
@@ -122,7 +122,7 @@
   #
   # EQOS NIC Support
   #
-  INF Silicon/NVIDIA/Drivers/EqosDeviceDxe/EqosDeviceDxe.inf
+  #INF Silicon/NVIDIA/Drivers/EqosDeviceDxe/EqosDeviceDxe.inf
 
   #
   # VPR Suppo

I don’t know what’s the difference between the host. No one can compile it in our company and always report error. In addition, does the DOCK build environment we use have great relationship with the host environment? Can you tell me about your ubuntu environment? Is it different from the steps I configured?

Yes.It works.I will use this method.But after I flash the whole partition the modification of the file “L4Tlauncher.c” is still ineffective. The log is still abnormal below:

add-symbol-file /build/nvidia-uefi-r36.3.0/Build/Jetson/RELEASE_GCC5/AARCH64/Silicon/NVIDIA/Application/L4TLauncher/L4TLauncher/DEBUG/L4TLauncher.dll 0x448C04000
Loading driver at 0x00448C03000 EntryPoint=0x00448C0B72C L4TLauncher.efi
PROGRESS CODE: V03058001 I0

Failed to validate rootfs status: Load Error
L4TLauncher: Attempting GRUB Boot
L4TLauncher: Attempting Direct Boot
uefi_log_r35.4.1.txt (98.4 KB)

After testing, only the r35.3.1-updates branch compiles without errors by default, and the modification of the file “L4Tlaucher.c” can take effect.
add-symbol-file /build/nvidia-uefi-r35.3.1-updates/Build/Jetson/DEBUG_GCC5/AARCH64/Silicon/NVIDIA/Application/L4TLauncher/L4TLauncher/DEBUG/L4TLauncher.dll 0x45F53F000
Loading driver at 0x0045F53E000 EntryPoint=0x0045F548B94 L4TLauncher.efi
PROGRESS CODE: V03058001 I0

L4TLauncher: Attempting Direct Boot
uefi_log-r35.3.1-updates.txt (99.1 KB)

If you are using docker method, then it should not be relating to your host.
shared my host info as following:

$ lsb_release -a
No LSB modules are available.
Distributor ID: Ubuntu
Description:    Ubuntu 18.04.6 LTS
Release:        18.04
Codename:       bionic

$ uname -m
x86_64

How about yours?

Are you using r36.3.0 or r35.4.1?

My vmware ubuntu system info is the same as yours.

I am using branch r35.4.1.So r36.3.0 is not correct.So here is the reason why the L4Tlaucher.c file has never taken effect.

Do you manage to get it work? (i.e. is the previous issue caused from wrong version of UEFI source?)

Could you build UEFI source of JP5.1.2(R35.4.1) and update to your board successfully?

I can compile it using the below method, but the file L4Tlaucher.c will not take effect after flashing the whole partition.

Okay, it seems you can build UEFI binary successfully.

To apply the change in L4Tlaucher.c, you should update esp partition.
Please refer to the following steps to update it.

$ sudo su
# ls -al /dev/disk/by-partlabel
lrwxrwxrwx 1 root root  16 Jan  1  1970 esp -> ../../nvme0n1p10
(check if your esp partition is also at nvme0n1p10)
# mount /dev/nvme0n1p10 /mnt
# cp BOOTAA64_Jetson_RELEASE.efi /mnt/EFI/BOOT/BOOTAA64.efi

Please see the description above. I have tried it before and it takes no effect.I tried it again today, but it still didn’t work.

What did you modify in L4TLauncher.c?
Could you share it with us for further check?

I’ve verified this use case it is working to remove some debug messages during boot.