Runtime Debug TISCI Description¶
This chapter provides information on available TISCI messages for configuring runtime debug.
| TISCI Message ID | Message Name | Available in GP | Avialable in HS-FS |
|---|---|---|---|
| 0x900C | TISCI_MSG_OPEN_DEBUG_FWLS | No | No |
| 0x9021 | TISCI_MSG_GET_SOC_UID | Yes | Yes |
| 0x9042 | TISCI_MSG_DISABLE_JTAG_UNLOCK | No | No |
| 0x9043 | TISCI_MSG_DISABLE_JTAG_UNLOCK_CHECK | No | No |
Introduction¶
Note
This document is applicable to HS devices only.
Note
Opening the JTAG port through the Secure AP command interface is the primary method of unlocking JTAG on K3 devices. This method is documented in Secure AP Command Interface. For debug flexbility, System Firmware also supports unlocking JTAG on target via a TISCI message documented in this chapter.
API Description¶
TISCI_MSG_GET_SOC_UID - Get SOC UID¶
Usage:
| Message Type | Normal |
| Secure Queue Only? | No |
Unlocking the JTAG port requires a X509 certificate signed with the active root of trust asymmetric key. The X509 certificate must contain the Unique identifier for the SOC (SOC UID). This enables debug certificates to be tied to specific devices. SOC UID is calculated on the device by the BOOT ROM and must be extracted from the device. This TISCI message is used to obtain the SOC UID to populate in the debug unlock certificate. For more information, see System Firmware Debug Extension.
TISCI Message ID¶
TISCI_MSG_GET_SOC_UID (0x9021U)
Message to get SOC UID
struct tisci_msg_get_soc_uid_req
Request to provide the SOC UID via TISCI_MSG_GET_SOC_UID
| Parameter | Type | Description |
|---|---|---|
| hdr | struct tisci_header | Common TI-SCI header |
UID_LEN_WORDS (8U)
struct tisci_msg_get_soc_uid_resp
Response to the TISCI_MSG_GET_SOC_UID message
| Parameter | Type | Description |
|---|---|---|
| hdr | struct tisci_header | Common TI-SCI header |
| soc_uid | u32 | 8 words with the SOC UID |
TISCI_MSG_OPEN_DEBUG_FWLS - Open Debug Firewalls¶
Usage:
| Message Type | Normal |
| Secure Queue Only? | Yes |
Unlocking the JTAG port requires a X509 certificate signed with the active root of trust asymmetric key. This API is used to provide the signed certificate to System Firmware for proceessing and JTAG unlock.
The X509 certificate format is described in Security X509 Certificate Documentation. The fields of the certificate should be filled as specified in the System Firmware Debug Extension. The X509 debug extension is mandatory. The other X509 extensions are not processed by System Firmware while performing JTAG unlock.
TISCI Message ID¶
TISCI_MSG_OPEN_DEBUG_FWLS (0x900CU)
Message to open debug firewalls using a certificate
struct tisci_msg_open_debug_fwls_req
Request to provide the SOC UID via TISCI_MSG_OPEN_DEBUG_FWLS
| Parameter | Type | Description |
|---|---|---|
| hdr | struct tisci_header | Common TI-SCI header |
| debug_cert_addr | u64 | Physical address of the debug unlock certificate |
struct tisci_msg_open_debug_fwls_resp
Response to the TISCI_MSG_OPEN_DEBUG_FWLS message
| Parameter | Type | Description |
|---|---|---|
| hdr | struct tisci_header | Common TI-SCI header |
TISCI_MSG_DISABLE_JTAG_UNLOCK - Disable JTAG unlock Permanently¶
Usage:
| Message Type | Normal |
| Secure Queue Only? | Yes |
Unlocking the JTAG port is allowed in HS-SE devices by sending an X509 certificate. This API permanently disables JTAG unlock by writing to efuse.
Since this API involves writing to efuse, Disable JTAG goes through only if the Disable JTAG unlock check is set. Refer TISCI_MSG_DISABLE_JTAG_UNLOCK_CHECK to see how to set the check.
TISCI Message ID¶
TISCI_MSG_DISABLE_JTAG_UNLOCK (0x9042U)
Message to disable JTAG unlock
struct tisci_msg_disable_jtag_unlock_req
Request message to disable jtag unlock
| Parameter | Type | Description |
|---|---|---|
| hdr | struct tisci_header | Standard TISCI header |
This message can only be sent by the host that is tied to root of trust through the secure boardcfg extended otp extension
struct tisci_msg_disable_jtag_unlock_resp
Response message after disabling jtag unlock
| Parameter | Type | Description |
|---|---|---|
| hdr | struct tisci_header | Standard TISCI header |
TISCI_MSG_DISABLE_JTAG_UNLOCK_CHECK - Flag to Allow Permanent JTAG Disable¶
Usage:
| Message Type | Normal |
| Secure Queue Only? | Yes |
TISCI Message ID¶
TISCI_MSG_DISABLE_JTAG_UNLOCK_CHECK (0x9043U)
Message to set/clear JTAG unlock check
struct tisci_msg_disable_jtag_unlock_check_req
Request message for disabling jtag unlock check
| Parameter | Type | Description |
|---|---|---|
| hdr | struct tisci_header | Standard TISCI header |
| identifier | u8 | One of the entries from enum tisci_jtag_disable_check_identifier |
struct tisci_msg_disable_jtag_unlock_check_resp
Response message after disabling jtag unlock check
| Parameter | Type | Description |
|---|---|---|
| hdr | struct tisci_header | Standard TISCI header |
| value | u8 | Value of jtag unlock check |
JTAG Disable Check Identifier¶
This enumeration is used in TISCI_MSG_DISABLE_JTAG_UNLOCK_CHECK
enum tisci_jtag_disable_check_identifier
JTAG Disable check Identifiers
| Enum | Value | Description |
|---|---|---|
| JTAG_DISABLE_CHECK_SET | 0 | JTAG Disable check set |
| JTAG_DISABLE_CHECK_CLEAR | 1 | JTAG Disable check clear |
| JTAG_DISABLE_CHECK_GET | 2 | JTAG Disable check get |
