This thread has been locked.

If you have a related question, please click the "Ask a related question" button in the top right corner. The newly created question will be automatically linked to this question.

MCU-PLUS-SDK-AM243X: CBA9 - Implementation of Diagnosis Measures for Invalid Transaction Error Codes

Part Number: MCU-PLUS-SDK-AM243X

Tool/software:

Hello Expert


I am currently testing the diagnostic measures for CBA9 - Error codes for invalid transactions in the security manual chapter on CBASS.. I would like to know how I should inject this fault, and if there are any example programs or processes for reference?

Thank you,
Best Regards

Jimmy

  • Hi

    I performed a test using a PCIE device (no actual PCIE device was present, and it wasn't initialized), following the manual instructions for read and write operations on an enabled device, which should have triggered a default_err_intr error. My testing process included the following steps:
    1. Configured MPU with read and write permissions at 0x69000000.
    2. Enabled R5FSS0_CORE0_INTR_IN_133 interrupt.
    3. Attempted to read data from address 0x69000000.

    Fullscreen
    1
    2
    3
    4
    5
    6
    7
    8
    9
    10
    11
    12
    13
    14
    15
    16
    17
    18
    19
    20
    21
    /*MPU SET*/
    {
    .baseAddr = 0x68000000u, /* PCIE */
    .size = MpuP_RegionSize_128M,
    .attrs = {
    .isEnable = 1,
    .isCacheable = 0,
    .isBufferable = 1,
    .isSharable = 1,
    .isExecuteNever = 0,
    .tex = 0,
    .accessPerm = MpuP_AP_ALL_RW,
    .subregionDisableMask = 0x0u
    },
    },
    /*TEST*/
    static void InjectCbassCba9ErrorTest(void)
    {
    XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX


    Test Results:
    The system entered a data abort exception, and it continuously entered the R5FSS0_CORE0_INTR_IN_133 interrupt callback function, preventing me from clearing the interrupt. Upon reading the register values at address 0x2FFF0480, they all showed as 0x40000020.

    My questions are:
    1. Why did it enter a data abort exception?
    2. Why am I unable to clear the interrupt, and what is the proper method to do so?

    Thank you,
    Best Regards

    Jimmy

  • Hi

    Is there an expert who can provide an answer to this issue?

    Jimmy

  • Hi 

    Do we have any updates here?

    Regards

    Zekun

  • Hi Jimmy,

    1  Although you have enabled address 0x69000000, this address is empty under Chapter 2.1 of the TRM. Therefore, when we access it, the data abort must happen.

    2 Could you please disable the data abort firstly, then do the test?

     Regards,

    Linjun

  • Hi Linjun

    谢谢回复

    0x69000000这个地址存在什么漏洞,我在2.1小节中没有看到有提到这个地址的漏洞。

    如果这个地址存在问题,那有没有另外的地址可以执行这个测试,我们外设中仅使用了GPMC、SPI、FSI、UART。因为我们底层是有操作系统的,所以关掉数据中止功能还是有些麻烦的,希望能有别的地址能直接执行测试,当然如果没有那就没有办法了。

    谢谢

     Regards

    Jimmy

  • Hi Jimmy,

      The 0x6900000 is empty  to system memory mapping. so  when access it , will trigger data abort. 

       Regards,

    Linjun

     

  • Hi Linjun

    Based on understanding, accessing an uninitialized device address triggers not only a 133 interrupt but also generates a data access violation exception. This is considered a normal occurrence. To handle and clear the interrupt, it should be addressed within the data abort exception handler routine. Is this correct?

    Regards

    Jimmy

  • Hi Jimmy,

    Address is a valid address for Pice. Sorry for my fault check the address to  0x690000.
    Since the device is not initialized, the LPSC_PCIE_0 status is OFF, bus errors occur when accessing.

    Yes, to clean the interrupt status need in  data abort context.

    Linjun