- Note
- To see the exact sequence of steps in which boardcfg generation is done, see the
makefile
inside the ${SDK_INSTALL_PATH}/tools/sysfw/boardcfg/ folder.
Introduction
This section describes the various tools used in conjunction with System Controller Firmware (SYSFW)
Tool requirements on host PC
- The tools mentioned are implemented using python and needs python version 3.x
- Refer to the page, Python3 , to install python and the required python packages on your PC.
Important files and folders
Folder/Files | Description |
${SDK_INSTALL_PATH}/tools/bin2c/ |
bin2c.py | Tool to convert a binary file to a C array of hexadecimals |
${SDK_INSTALL_PATH}/tools/sysfw/boardcfg/ |
sysfw_boardcfg_validator.py | Python script which validates the boardcfg. Used internally in the boardcfg makefile |
${SDK_INSTALL_PATH}/tools/sysfw/trace_parser/ |
sysfw_trace_parser.py | Python script which decodes SYSFW log file
|
${SDK_INSTALL_PATH}/tools/sysfw/secure_debug/ |
debug_unlock_x509_cert_gen.py | Python script to generate X509 certificate for runtime JTAG debug unlock in HS devices
|
SYSFW Board Config Generation
SYSFW Board Config is a SOC specific configuration data regarding the various system attributes controlled by the SYSFW. These include resources, power and clock, security etc. This configuration is sent to SYSFW during boot time. The default configuration is stored in source/drivers/sciclient/sciclient_defaultBoardCfg/{SOC}/
- Resource Management BoardCfg - sciclient_defaultBoardCfg_rm.c
- Power Management BoardCfg - sciclient_defaultBoardCfg_pm.c
- Security BoardCfg - sciclient_defaultBoardCfg_security.c
- For sending it to SYSFW, these files are converted to hex arrays. We use the bin2c.py python script to do this. This is done internally in the boardcfg makefile. If we change the boardcfg in the above mentioned files, run the following command to generate the hex array header files
cd ${SDK_INSTALL_PATH}
make -s -C tools/sysfw/boardcfg SOC=am62ax
- Once these header files are generated, rebuild the libraries by doing
cd ${SDK_INSTALL_PATH}
make -s libs
- After this, make sure to rebuild the secondary bootloader (SBL) applications. You can do this by
cd ${SDK_INSTALL_PATH}
make -s sbl
SYSFW Trace Enable
To enable the SYSFW trace, change the #undef SYSFW_TRACE_ENABLE
to #define SYSFW_TRACE_ENABLE
on source/drivers/device_manager/sciclient.h
. Then rebuild the boardcfg as explained in the above section.
The DM firmware log shall be available at the wakeup UART (/dev/ttyUSB2). Connect to the UART through minicom to see the logs.
The TIFS logs shall be available at the UART1 (/dev/ttyUSB1). Alternatively it can be obtained from the TIFS memory address as per the system firmware documentation
SYSFW Trace Parser
After taking the TIFS logs as in above section, it can be parsed using the sysfw_trace_parser.py script. This will decode the hex trace values and gives readable text file as output. Using this, the user can interpret the log and debug.
- Run the python script on the Windows command prompt (
cmd.exe
) or Linux bash shell with the required arguments to parse the TIFS logs.
cd ${SDK_INSTALL_PATH}/tools/sysfw/trace_parser
python sysfw_trace_parser.py --log_file ${SYSFW_LOG_FILE} --output_file ${TRACE_OUTPUT_TEXT_FILE}
- To know about the arguments, run the script with help option.
python sysfw_trace_parser.py --help
SYSFW Secure Debug Certificate Generation
On HS-SE devices, the JTAG port is closed by default. If required, the user can open the JTAG port and debug the cores. This can be done by sending a TISCI message with a signed X509 certificate authorizing the debug.
The debug_unlock_x509_cert_gen.py script generate the debug certificate with required debug extensions and save it as a hex header file. The user can include this hex header in their application and send the certificate from a valid host to the TIFS core via the TISCI message.
- Run the python script on the Windows command prompt (
cmd.exe
) or Linux bash shell with the required arguments to generate the debug certificate.
C:> cd ${SDK_INSTALL_PATH}/tools/sysfw/secure_debug
C:> python debug_unlock_x509_cert_gen.py --help
usage: debug_unlock_x509_cert_gen.py [-h] -s SOC [--key KEY] [--swrv SWRV] [--socUID SOCUID] [--debugtype DEBUGTYPE] [--coreDbgEn COREDBGEN]
[--coreDbgSecEn COREDBGSECEN]
Generates a x509 debug certificate for run time JTAG debug unlock in HS device
options:
-h, --help show this help message and exit
-s SOC, --soc SOC SOC for which debug certificate has to be created. Supported SOCs: am62ax
--key KEY File with signing key inside it. Optional
--swrv SWRV Software revision number. Required if you have specified a non-zero debug certificate revision in the secure boardcfg
--socUID SOCUID SOC unique ID. Required if board config does not allow wild card JTAG unlock
--debugtype DEBUGTYPE Debug type. Default to DBG_FULL_ENABLE
--coreDbgEn COREDBGEN List of cores for which non-secure debug has to be enabled. Optional
--coreDbgSecEn COREDBGSECEN List of cores for which secure debug has to be enabled. Optional
C:> cd ${SDK_INSTALL_PATH}/tools/sysfw/secure_debug
C:> python debug_unlock_x509_cert_gen.py --soc=am62ax