This thread has been locked.
If you have a related question, please click the "Ask a related question" button in the top right corner. The newly created question will be automatically linked to this question.
Tool/software:
Hello Expert
I am currently testing the diagnostic measures for CBA9 - Error codes for invalid transactions in the security manual chapter on CBASS.. I would like to know how I should inject this fault, and if there are any example programs or processes for reference?
Thank you,
Best Regards
Jimmy
Hi
I performed a test using a PCIE device (no actual PCIE device was present, and it wasn't initialized), following the manual instructions for read and write operations on an enabled device, which should have triggered a default_err_intr error. My testing process included the following steps:
1. Configured MPU with read and write permissions at 0x69000000.
2. Enabled R5FSS0_CORE0_INTR_IN_133 interrupt.
3. Attempted to read data from address 0x69000000.
/*MPU SET*/ { .baseAddr = 0x68000000u, /* PCIE */ .size = MpuP_RegionSize_128M, .attrs = { .isEnable = 1, .isCacheable = 0, .isBufferable = 1, .isSharable = 1, .isExecuteNever = 0, .tex = 0, .accessPerm = MpuP_AP_ALL_RW, .subregionDisableMask = 0x0u }, }, /*TEST*/ static void InjectCbassCba9ErrorTest(void) { RTS_UI32 ulTestData = 0U; RTS_UI32 *pTransBufAddr = (RTS_UI32*)(0x69000000UL); ulTestData = *pTransBufAddr; }
Thank you,
Best Regards
Jimmy
Hi Jimmy,
1 Although you have enabled address 0x69000000, this address is empty under Chapter 2.1 of the TRM. Therefore, when we access it, the data abort must happen.
2 Could you please disable the data abort firstly, then do the test?
Regards,
Linjun
Hi Linjun
谢谢回复
0x69000000这个地址存在什么漏洞,我在2.1小节中没有看到有提到这个地址的漏洞。
如果这个地址存在问题,那有没有另外的地址可以执行这个测试,我们外设中仅使用了GPMC、SPI、FSI、UART。因为我们底层是有操作系统的,所以关掉数据中止功能还是有些麻烦的,希望能有别的地址能直接执行测试,当然如果没有那就没有办法了。
谢谢
Regards
Jimmy
Hi Jimmy,
The 0x6900000 is empty to system memory mapping. so when access it , will trigger data abort.
Regards,
Linjun
Hi Linjun
Based on understanding, accessing an uninitialized device address triggers not only a 133 interrupt but also generates a data access violation exception. This is considered a normal occurrence. To handle and clear the interrupt, it should be addressed within the data abort exception handler routine. Is this correct?
Regards
Jimmy
Hi Jimmy,
Address is a valid address for Pice. Sorry for my fault check the address to 0x690000.
Since the device is not initialized, the LPSC_PCIE_0 status is OFF, bus errors occur when accessing.
Yes, to clean the interrupt status need in data abort context.
Linjun
It seems a new thread of same topic was opened, so close this one and please continue the discussion in the new thread: