TDA4VH-Q1: Firewall for WKUP_GPIO0

Hi,

Can you please tell, which API call is returning error here? Can you also please check TIFS documentation on below link to see if this firewall is not used by TIFS? 

J784S4 Firewall Descriptions — TISCI User Guide

Regards,

Brijesh

 Sciclient_firewallChangeOwnerInfo() returns the error. So, the Sciclient_firewallSetRegion is not called.

Hi,

The previously provided link has sub links which address many of these questions, including the firewall FAQ.

Firewall FAQ — TISCI User Guide

The TDA4VH TRM also contains a firewall chapter in Section 3.2.4 Firewalls(FW).

A recommended approach to configuring a firewall would be to start with a working example and go from there. 

Regarding:

• MEM_ID - Yes this is the Firewall ID
• MEM_TYPE - TRM defines 3 different types of firewalls (Channel, Master, Peripheral), the CSL_FW_SECURITY is a peripheral firewall.
• MMR_BASE should align with the Register Description XLS from TDA4VH TRM.  In a quick check this is not the case, however this particular value is not used in the code.
• NUM_REGIONS - yes 1 region
• PRIV_ID_PER_REGION - Each region can have up to 3 PrivIds
• MEM_START - Start of memory range for which firewalls settings should be applied
• MEM_END - End of memory range for which firewall settings should be applied

Have you tried above test using TISCI_HOST_ID_MCU_0_R5_1?

Regards,

kb

Hi KB,

I have not tried to test using TISCI_HOST_ID_MCU_0_R5_1. However, in my design, this GPIO is used by MCU1_1. So, this is why to use TISCI_HOST_ID_MCU_0_R5_3. 

Also, for my code, I refer to the example to code it. So, it is strange.

In addition, does "NUM_REGIONS - yes 1 region" mean that WKUP_GPIO0 works in Region 1?

Thanks

Hi,

Currently, I use the breakpoint to see the return value. You can refer to the following picture. The code is run in mcu1_1

For running Sciclient_firewallChangeOwnerInfo(&req, &resp, timeout), the resp and req values are shown as following picture. The return is ok.

For running Sciclient_firewallSetRegion(&req_FW_Wkup_GPIO0, &resp_FW_Wkup_GPIO0, timeout), the return is error.

Pls check them, give your suggestion.

In original post, the Change Owner was failing, what has changed?

In regards to failing Set call, please try with host Id set to (5) - TISCI_HOST_ID_MCU_0_R5_2, and see if that works.

Thanks,

kb

Hi KB，

The following debug information shows the result of TISCI_HOST_ID_MCU_0_R5_2.

For running Sciclient_firewallChangeOwnerInfo(&req, &resp, timeout), the resp and req values are ok and shown as following picture.

For running Sciclient_firewallSetRegion(&req_FW_Wkup_GPIO0, &resp_FW_Wkup_GPIO0, timeout), the return is error.

Pls give your suggestion. Thanks

In a previous post it was asked "In addition, does "NUM_REGIONS - yes 1 region" mean that WKUP_GPIO0 works in Region 1?", I had missed this question, and did not note it, until looking at above setting for region.

The number of regions is 1, however the regions are 0 indexed, please retry test using region 0.

Thanks,

kb

Thanks KB,

Another question, how to decide which region is used when a firewall id is set? Where to find a document to describe this? 

I tested it. Now, both Sciclient_firewallChangeOwnerInfo and Sciclient_firewallSetRegion can work. So, does it mean that WKUP_GPIO0 is set to be configured and read by MCU1_1 ONLY? If no, pls give your addition suggestions.

In addition, can you suggest how to test the firewall? Should I test it by the method that other cores read, cache and write the registers of WKUP_GPIO0?

Thanks.

Addition Question:

Referring to my code, I use different values to configure the region which is highlighted.

Glad to hear it is working.

The firewall as shown above will only allow PRIV-ID 0x61, access to memory range CSL_STD_FW_WKUP_GPIO0_MEM_START to CSL_STD_FW_WKUP_GPIO0_MEM_END.

PrivId 0x61 (97) corresponds to host IDs 5,6

J784S4 Firewall Descriptions — TISCI User Guide

J784S4 Host Descriptions — TISCI User Guide

So yes, only MCU1_1 should have access.   It is always good to test accessing the memory range from other cores, to ensure firewall is working as expected.

Regarding region number, as that firewall only has 1 region, a value of 0 should be used.

Regards,

kb

Thanks KB,

For addition question, how to decide which regions are used when a firewall has more than one region? Do you know where to find the detail description about these information? I have read the TRM and TISCI User Guide, but I found that these document did not enough to direct the user to configure the firewall.

Thanks

You could try looking at the below application note, to see if the example there-in provides some additional information:

• https://www.ti.com/lit/an/spracx6/spracx6.pdf

Typical approach is defining background region for full memory, which opens everything up for access, or closes everything down making access restrictive. 

Overlayed on this background region, fore ground regions are created to open up memory ranges, or close down memory ranges.

Regards,

kb

Thanks KB,

I read this document and understood the steps. But I still have some questions about regions. From your answer, full memory can be defined background region which is region 0 defaultly. Then, If I want to limit some memories, I can define foreground region. However, how can I define which foreground region is used? Like the following picture, can you give some detail information about how to define which foreground and background region when a core wants to set a firewall of some memory? Where to find all of necessary configuration information for coding? As the picture shown, which document to show Master 1 can set region 1 as foreground and region 0 as background and Master 2 can set region 2 as background?

Thanks

Thanks KB

I would like to know what the return value is when I try to read the registers of WKUP_GPIO0 after I configure the firewall of WKUP_GPIO0 which is only read/written/cachable by MCU1_1.

Currently, I tested this by that the funcitoin GPIOPinRead_v0 read the register 0x4211000F in MCU2_0. And the fuction is blocked. But, the function can run when I do not set the firewall. Therefore, I think that the firewall is set correctly. But, I did not make sure this. Can you help to confirm this?

Thanks

Dengkuan

Hi Dengkuan,

Another way to verify, is to check if a firewall log has been generated, this can be done by following below FAQ to enable additional logging:

• (99+) [FAQ] System Firmware calls have failed or crashed. What do I do? - Processors forum - Processors - TI E2E support forums

Should a firewall log occur, it can be decoded as per below link.

• Firewall FAQ — TISCI User Guide

In regards to behavior on MCU2_0 the R5 core would likely take an exception, similar to accessing an address that does not exist.

Regards,

kb

Thanks KB,

Except the method, whether to have other ways to test, such writing some test codes?

Hi,

The method you had described above is the method for testing:

• Enable firewall
  • Try accessing (R/W etc) the memory ranges defined by the regions from different initiators, to test that firewall is behaving as expected.
• Disable firewall
  • Try accessing (R/W etc) the memory ranges defined by the regions from different initiators, to test that firewall is behaving as expected.

For design/debug testing, if using a H/W debugger, it is possible to connect to a particular core, then access memory from that core.  In this case the core would be the initiator.

Regards,

kb