Enabling JTAG Support on Secure Targets
On secure targets, where the ODM production fuse has been blown, MB1 locks the JTAG connection interface. To enable the JTAG interface on such a target, a special BCT is required where certain parameters are set.
To enable the JTAG interface on a secure target
- Set the desired debugging features by editing the
.dtsfile in the drive-foundation or drive-foundation-safety folder:./platform-config/hardware/nvidia/platform/t23x/automotive/bct/common/bootrom/tegra234-br-bct-auto-qspi.dts - Generate a new BCT image. This can be done by running the
create_bsp_images.pyorbootburn.pycommand.
To enable debugging features through the BCT configuration file
- Set the ECID attribute to the UID of the target device if needing to update the debug features in u32_secure_debug_control_ecid_checked.
- Set either u32_secure_debug_control_not_ecid_checked or u32_secure_debug_control_ecid_checkedfields to specify the debugging features desired.
The u32_secure_debug_control_not_ecid_checked attribute collection of bit
fields are as follows.
| Bits | Feature enabled by a ‘1’ bit |
|---|---|
| 31:18 | Reserved |
| 17 | FSI non-secure NIDEN |
| 16:14 | Reserved |
| 13 | PVA1 secure debug |
| 12 | PVA0 secure debug |
| 11 | RCE secure debug |
| 10 | SCE secure debug |
| 9 | SPE secure debug |
| 8 | BPMP Secure debug |
| 7:5 | Reserved |
| 4 | NIDEN (disabled when DEBUG_AUTHENTICATION[1] fuse set) |
| 3:0 | Reserved |
The u32_secure_debug_control_ecid_checked attribute collection of bit
fields are as follows.
| Bits | Feature enabled by a ‘1’ bit |
|---|---|
| 31 | Ramdump |
| 30:26 | Reserved |
| 25 | FSI secure NIDEN |
| 24 | FSI secure DBGEN |
| 23:20 | FSI Cluster core debug [3:0] |
| 19 | FSI non-secure HNIDEN |
| 18 | FSI non-secure HIDEN |
| 17 | FSI non-secure NIDEN |
| 16 | FSI non-secure DBGEN |
| 5 | DBGEN |
| 4 | NIDEN |
| 3 | SPIDEN |
| 2 | SPNIDEN |
| 1 | DEVICEEN |
| 0 | JTAG_ENABLE |
On secure targets MB1 compares the UID of the chip to the UID in the BCT and enables debug
features for u32_secure_debug_control_ecid_checked if the UIDs match. The
MB1 enables debug features for u32_secure_debug_control_non_ecid_checked
without verifying the UID.
An example of a flashing configuration file that specifies the UID value for a specific
target device to enable the JTAG interface with all features in
u32_secure_debug_control_ecid_checked except Ramdump is
as follows:
br_bct: brbct {
- ECID = <0x00000000 0x00000000 0x00000000 0x00000000>;
- SecureDebugControlEcid = <0>;
+ ECID = <0x15010200 0x1c000000 0x705dd1c1 0x00000004>;
+ SecureDebugControlEcid = <0x3FF003F>;
SecureDebugControlNoneEcid = <0>;
preprod_dev_sign = <0>;