TIVA C Series TM4C1294 Connected LaunchPad Eval Kit programming via Energia

Procedure:

1. Host environment: Ubuntu 14.04 LTS 64-bit. Connect the debug port of Launchpad to the host machine via USB cable. Check “dmesg” and identify /dev/ttyACM0 as being automatically configured.

2. Download Energia (and untar it into a directory):

http://energia.nu/download/

3. Go to the Energia download directory, and enter “sudo ./energia”. Then File->Example->Basic->Blink to load the Blinker source code (as the example code). Then goto “Tool->Board” to select TM4C129 as the board. And next “Tool->Serial Port” to select /dev/ttyACM0 as the port, which is discovered through “dmesg”.

4. Compile and upload the example code, which will go to the TM4C1294 board automatically.

5. Looking into the console output you can see Energia executing under the hood:

[/home/tthtlc/Downloads/energia-0101E0014/hardware/tools/lm4f/bin/arm-none-eabi-g++, -Os, -nostartfiles, -nostdlib, -Wl,–gc-sections, -T, /home/tthtlc/Downloads/energia-0101E0014/hardware/lm4f/cores/lm4f/lm4fcpp_snowflake.ld, -Wl,–entry=ResetISR, -mthumb, -mcpu=cortex-m4, -mfloat-abi=hard, -mfpu=fpv4-sp-d16, -fsingle-precision-constant, -o, /tmp/build6614371312095748777.tmp/Blink.cpp.elf, /tmp/build6614371312095748777.tmp/Blink.cpp.o, /tmp/build6614371312095748777.tmp/core.a, -L/tmp/build6614371312095748777.tmp, /home/tthtlc/Downloads/energia-0101E0014/hardware/lm4f/cores/lm4f/driverlib/libdriverlib.a, -lm, -lc, -lgcc, -L/tmp/build6614371312095748777.tmp, -lm]

[/home/tthtlc/Downloads/energia-0101E0014/hardware/tools/lm4f/bin/arm-none-eabi-objcopy, -O, binary, /tmp/build6614371312095748777.tmp/Blink.cpp.elf, /tmp/build6614371312095748777.tmp/Blink.cpp.bin]

Binary sketch size: 2,380 bytes (of a 1,048,576 byte maximum)
Found ICDI device with serial: 0F000CFF
ICDI version: 12245

6. Now disassemble the binary (based on the console output above) using the following command:

/home/tthtlc/Downloads/energia-0101E0014/hardware/tools/lm4f/bin>./arm-none-eabi-objdump -d /tmp/build6614371312095748777.tmp/Blink.cpp.elf

The output is here: http://pastebin.com/VSP9GdEW

7. The disassembled codes can be read off as for example:

00000208 :
208: b508 push {r3, lr}
20a: 2101 movs r1, #1
20c: 2051 movs r0, #81 ; 0x51
20e: f000 f867 bl 2e0
212: f44f 707a mov.w r0, #1000 ; 0x3e8
216: f000 f8a9 bl 36c
21a: 2051 movs r0, #81 ; 0x51
21c: 2100 movs r1, #0
21e: f000 f85f bl 2e0
222: f44f 707a mov.w r0, #1000 ; 0x3e8
226: e8bd 4008 ldmia.w sp!, {r3, lr}
22a: f000 b89f b.w 36c
...

00000230 :
230: 4b26 ldr r3, [pc, #152] ; (2cc <pinMode+0x9c>)
232: 4a27 ldr r2, [pc, #156] ; (2d0 <pinMode+0xa0>)
234: b570 push {r4, r5, r6, lr}
236: 5c1d ldrb r5, [r3, r0]
238: 4b26 ldr r3, [pc, #152] ; (2d4 <pinMode+0xa4>)
23a: 5c1b ldrb r3, [r3, r0]
23c: f852 4023 ldr.w r4, [r2, r3, lsl #2]
240: 2b00 cmp r3, #0
242: d042 beq.n 2ca <pinMode+0x9a> 244: 4e24 ldr r6, [pc, #144] ; (2d8 <pinMode+0xa8>)
246: b911 cbnz r1, 24e <pinMode+0x1e> 248: 6833 ldr r3, [r6, #0]
24a: 6b9b ldr r3, [r3, #56] ; 0x38
24c: e03a b.n 2c4 <pinMode+0x94> 24e: 2902 cmp r1, #2
250: d116 bne.n 280 <pinMode+0x50> 252: 4b22 ldr r3, [pc, #136] ; (2dc <pinMode+0xac>)
254: f8c4 3520 str.w r3, [r4, #1312] ; 0x520

References:

http://embeddedcomputing.weebly.com/connected-launchpad-tiva-c-series-tm4c129.html

http://dduino.blogspot.sg/2013/10/using-tiva-c-launchpad-with-energia.html

http://humboldtmcu.blogspot.sg/2014/08/energia-using-eeprom-on-ti-stellaris_4.html

http://tronixstuff.com/tag/tiva-c/

http://www.ti.com/ww/en/launchpad/launchpads-connected-ek-tm4c1294xl.html

https://support.exosite.com/hc/en-us/articles/200778084-EK-TM4C1294XL-Connected-LaunchPad

http://processors.wiki.ti.com/index.php/Tiva_C_Series_TM4C1294_LaunchPad

http://www.ti.com/tool/sw-ek-tm4c1294xl

Getting Genode with TrustZone on the i.MX53 Quick Start Board

First download the toolchain for ARM compilation, and then the Genode OS itself, all listed here:

http://sourceforge.net/projects/genode/files/

Details description of Genode and its installation are found here:

http://genode.org/documentation/developer-resources/getting_started

http://genode.org/documentation/release-notes/14.11

https://github.com/genodelabs/genode/blob/master/doc/getting_started.txt

Install all the necessary packages for Ubuntu 14.04 (present host):

apt-get install libSDL-dev
apt-get install libsdl1.2-dev -> shows it is already newest version
apt-get install tk8.5 tcl8.5
apt-get install expect
apt-get install byacc
apt-get install qemu
apt-get install genisoimage
sudo apt-get install expect
sudo apt-get install udisks

After untarring the genode toolchain /usr/local/genode-gcc directory, next is to untar the Genode OS download to “genode-14.11”.

With some assistance as documented here:

http://sourceforge.net/p/genode/mailman/message/33465225/

cd genode-14.11/
cd tool/

Listing all the hardware:

./create_builddir

‘linux_x86’
‘linux_arm’
‘fiasco_x86’
‘pistachio_x86’
‘okl4_x86’
‘nova_x86_32’
‘nova_x86_64’
‘codezero_vpb926’
‘hw_panda’
‘hw_vea9x4’
‘hw_vea9x4_tz’
‘hw_pbxa9’
‘hw_imx31’
‘hw_imx53’
‘hw_imx53_tz’
‘hw_arndale’
‘hw_odroid_xu’
‘hw_rpi’
‘foc_x86_32’
‘foc_x86_64’
‘foc_pbxa9’
‘foc_imx53’
‘foc_vea9x4’
‘foc_panda’
‘foc_arndale’
‘lx_hybrid_x86’

Now we set the hardware to be imx53:

./create_builddir hw_imx53_tz BUILD_DIR=build_imx53
cd build_imx53/

Setting up it for uboot as the bootloader:

echo "SPECS += trustzone" >> etc/specs.conf
echo "RUN_OPT = --target uboot" >> etc/build.conf
make run/tz_vmm

After this “uImage” is generated in the build_imx53/var/run.

Now, to download u-boot bootloader (and its ARM gcc compiler):

git clone https://github.com/m-stein/uboot uboot_stein

cd uboot_stein/

wget http://releases.linaro.org/14.09/components/toolchain/binaries/gcc-linaro-arm-none-eabi-4.9-2014.09_linux.tar.xz

Extract out the config file:

make ARCH=arm CROSS_COMPILE=/opt/gcc-linaro-arm-none-eabi-4.9-2014.09_linux/bin/arm-none-eabi- usbarmory_config

Now start the make process:

make ARCH=arm CROSS_COMPILE=/opt/gcc-linaro-arm-none-eabi-4.9-2014.09_linux/bin/arm-none-eabi- V=1

Notice a “u-boot.imx” is created. But first we need to format the sdcard.

(from hence onwards my sdcard is detected as /dev/sdg???):

Aim: make a sdcard from uImage, which will require uboot bootloader:

sudo parted /dev/sdg –script mklabel msdos

sudo parted /dev/sdg –script mkpart primary ext4 5M 100%

Upon completion, “dd” the u-boot.imx (which is meant for imx53 as the target) to the sdcard’s 3rd 512-block:

sudo dd if=./u-boot.imx of=/dev/sdg seek=2 bs=512 conv=fsync

Take a look at the partition:

sudo fdisk -l /dev/sdg

sudo mkfs.ext4 /dev/sdg1

Now /dev/sdg1 is ext4-formatted, mount it:

udisks –mount /dev/sdg1

Copy the uImage there to the rootfs:

cp uImage /media/371a8dd7-58c1-4beb-aed3-cb18fb40f7eb/

And umount it:

sudo udisks –umount /dev/sdg1

Now insert the sdcard into i.MX53QSB and connect via serial port, bootup message as follows:

U-Boot 2014.07-g0ca0b0f (Feb 20 2015 – 09:14:08)

Board: USB armory
I2C: ready
DRAM: 256 MiB
MMC: FSL_SDHC: 0, FSL_SDHC: 1
*** Warning – bad CRC, using default environment

In: serial
Out: serial
Err: serial
Net: CPU Net Initialization Failed
No ethernet found.
Hit any key to stop autoboot: 0

=> ext2ls
ext2ls – list files in a directory (default /)

Usage:
ext2ls <interface> <dev[:part]> [directory]
– list files from ‘dev’ on ‘interface’ in a ‘directory’

=> ext2ls mmc 0:1
<DIR> 4096 .
<DIR> 4096 ..
<DIR> 16384 lost+found
7860111 uImage

=> ext2load mmc 0:1 0x70200000 uImage
7860111 bytes read in 583 ms (12.9 MiB/s)

=> bootm 0x70200000
## Booting kernel from Legacy Image at 70200000 …
Image Name:
Image Type: ARM Linux Kernel Image (gzip compressed)
Data Size: 7860047 Bytes = 7.5 MiB
Load Address: 70010000
Entry Point: 70010000
Verifying Checksum … OK
Uncompressing Kernel Image … OK

Starting kernel …

kernel initialized
Genode 14.11
int main(): — create local services —
int main(): — start init —
int main(): transferred 246 MB to init
int main(): — init created, waiting for exit condition —
[init] Could not open file “ld.lib.so”
[init] parent provides
[init] service “ROM”
[init] service “RAM”
[init] service “IRQ”
[init] service “IO_MEM”
[init] service “CAP”
[init] service “PD”
[init] service “RM”
[init] service “CPU”
[init] service “LOG”
[init] service “SIGNAL”
[init] service “VM”
[init] child “tz_vmm”
[init] RAM quota: 3932160
[init] ELF binary: tz_vmm
[init] priority: 0
[init -> tz_vmm] Start virtual machine …
undefined instruction

More debugging needed……

Doing Yoctoproject development on the i.MX53 Quick Start Board

Starting with:

https://community.freescale.com/docs/DOC-1616#jive_content_id_Using_Yocto_and_iMX_Boards_

https://plus.google.com/+TrevorWoerner/posts/Aie1TxjhMT2

Doing this on my Ubuntu 14.04 (64-bit LTS):

sudo apt-get install gawk wget git-core diffstat unzip texinfo build-essential chrpath libsdl1.2-dev xterm curl

Next is to get the latest yocto source code:

$ git clone git://git.yoctoproject.org/poky.git  yocto_latest
$ cd yocto_latest
$ git clone git://github.com/Freescale/meta-fsl-arm
$ git clone git://git.openembedded.org/meta-openembedded meta-oe
$ git checkout -b dizzy origin/dizzy
$ source oe-init-build-env

This additional layer also needs to be added to your bblayers.conf file:
BBLAYERS ?= ” \

/path/to/yocto_latest/meta \
/path/to/yocto_latest/meta-yocto \
/path/to/yocto_latest/meta-oe/meta-oe \
/path/to/yocto_latest/meta-fsl-arm \

”

$ Edit conf/local.conf user config file and set imx53 Quick start board machine and enable parallel build features:

MACHINE ?= “imx53qsb”

BB_NUMBER_THREADS = “4”

PARALLEL_MAKE = “-j 4”

$ bitbake core-image-minimal$ cd tmp/deploy/images:

/sdc8/yocto_latest/build/tmp/deploy/images>tree
.
└── imx53qsb
├── core-image-minimal-imx53qsb-20150216155950.rootfs.ext3
├── core-image-minimal-imx53qsb-20150216155950.rootfs.manifest
├── core-image-minimal-imx53qsb-20150216155950.rootfs.sdcard
├── core-image-minimal-imx53qsb-20150216155950.rootfs.tar.bz2
├── core-image-minimal-imx53qsb.ext3 -> core-image-minimal-imx53qsb-20150216155950.rootfs.ext3
├── core-image-minimal-imx53qsb.manifest -> core-image-minimal-imx53qsb-20150216155950.rootfs.manifest
├── core-image-minimal-imx53qsb.sdcard -> core-image-minimal-imx53qsb-20150216155950.rootfs.sdcard
├── core-image-minimal-imx53qsb.tar.bz2 -> core-image-minimal-imx53qsb-20150216155950.rootfs.tar.bz2
├── modules–2.6.35.3-r45-imx53qsb-20150216155950.tgz
├── modules-imx53qsb.tgz -> modules–2.6.35.3-r45-imx53qsb-20150216155950.tgz
├── README_-_DO_NOT_DELETE_FILES_IN_THIS_DIRECTORY.txt
├── u-boot.imx -> u-boot-imx53qsb-v2015.01+gitAUTOINC+4dab988b9c-r0.imx
├── u-boot-imx53qsb.imx -> u-boot-imx53qsb-v2015.01+gitAUTOINC+4dab988b9c-r0.imx
├── u-boot-imx53qsb-v2015.01+gitAUTOINC+4dab988b9c-r0.imx
├── zImage -> zImage–2.6.35.3-r45-imx53qsb-20150216155950.bin
├── zImage–2.6.35.3-r45-imx53qsb-20150216155950.bin
└── zImage-imx53qsb.bin -> zImage–2.6.35.3-r45-imx53qsb-20150216155950.bin

$ sudo dd if=./core-image-minimal-imx53qsb.sdcard of=<partition of sdcard> bs=1M

where <partition of sdcard> is usually /dev/mmcblk0

Next is to get the latest yocto source code:

$ git clone git://git.yoctoproject.org/poky.git  yocto_latest

Now booting up the sdcard inside i.MX53QSB:

U-Boot 2015.01+fslc+g4dab988 (Feb 17 2015 – 01:03:23)

Board: MX53 LOCO
I2C:   ready
DRAM:  1 GiB
MMC:   FSL_SDHC: 0, FSL_SDHC: 1
*** Warning – bad CRC, using default environment

In:    serial
Out:   serial
Err:   serial
Net:   FEC
Hit any key to stop autoboot:  0
switch to partitions #0, OK
mmc0 is current device
reading boot.scr
** Unable to read file boot.scr **
reading zImage
3110704 bytes read in 234 ms (12.7 MiB/s)
Booting from mmc …
reading imx53-qsb.dtb
** Unable to read file imx53-qsb.dtb **
Kernel image @ 0x72000000 [ 0x000000 – 0x2f7730 ]

Starting kernel …

Initializing cgroup subsys cpuset
Initializing cgroup subsys cpu
Linux version 2.6.35.3-maintain+gb3912bb (tthtlc@mamapapa) (gcc version 4.9.1 (5
CPU: ARMv7 Processor [412fc085] revision 5 (ARMv7), cr=10c53c7d
CPU: VIPT nonaliasing data cache, VIPT nonaliasing instruction cache
Machine: Freescale MX53 LOCO Board
Memory policy: ECC disabled, Data cache writeback
Built 1 zonelists in Zone order, mobility grouping on.  Total pages: 250880
Kernel command line: console=ttymxc0,115200 root=/dev/mmcblk0p2 rw rootwait
PID hash table entries: 4096 (order: 2, 16384 bytes)
Dentry cache hash table entries: 131072 (order: 7, 524288 bytes)
Inode-cache hash table entries: 65536 (order: 6, 262144 bytes)
Memory: 480MB 512MB = 992MB total
Memory: 998016k/998016k available, 17792k reserved, 0K highmem
Virtual kernel memory layout:
vector  : 0xffff0000 – 0xffff1000   (   4 kB)
fixmap  : 0xfff00000 – 0xfffe0000   ( 896 kB)
DMA     : 0xf8e00000 – 0xffe00

References:

http://www.yoctoproject.org/docs/current/yocto-project-qs/yocto-project-qs.html.

http://www.imxdev.org/wiki/index.php?title=Yoctoproject

http://www.freescale.com/webapp/sps/site/prod_summary.jsp?code=IMX53QSB (a little bit out of date)

https://community.freescale.com/docs/DOC-1616

https://community.freescale.com/community/imx?title=Yoctoproject

https://aalonso.wordpress.com/2012/09/14/yoctoproject-meta-fsl-arm-and-imx53-quick-start-board/

http://www.freescale.com/webapp/sps/site/prod_summary.jsp?code=IMX53_SW&parentCode=IMX53QSB&fpsp=1

http://www.freescale.com/webapp/sps/site/prod_summary.jsp?code=IMX53QSB

http://www.adeneo-embedded.com/Products/Board-Support-Packages/Freescale-i.MX53-QSB

ARM TrustZone technology for iMX53

How TrustZone is used at runtime?

How it integrate with virtualization:

How does TrustZone interact with untrusted interrupt handler? (TZIC, or TrustZone aware Interrupt Controller)

Or the sequence flow can be enumerated as follows:

https://genode.org/documentation/articles/usb_armory

Here is how signalling of secure device events to the guest OS via IRQ injection is done:

Here is how transfer between TZ VMM and normal world memory:

Genode – An Exploration of ARM TrustZone Technology

http://genode.org/documentation/articles/trustzone

http://www.slideshare.net/SampathKumar19/freescale-imx53

What are the Attacks possible against Trustzone?

Rowhammer Attack:   http://www.eshard.com/wp-content/plugins/email-before-download/download.php?dl=9465aa084ff0f070a3acedb56bcb34f5

How to enable the TrustZone?

http://www.openvirtualization.org/open-source-arm-trustzone.html

https://github.com/genodelabs/genode/blob/510efce3a16bab6261608d2e3943933ba5aa3e4f/repos/base-hw/src/core/kernel/kernel.cc

This kernel is the only code except the mode transition PIC, that runs in privileged CPU mode. It has two tasks. First it initializes the process ‘core’, enriches it with the whole identically mapped address range, joins and applies it, assigns one thread to it with a userdefined entrypoint (the core main thread) and starts this thread in userland. Afterwards it is called each time an exception occurs in userland to do a minimum of appropriate exception handling. Thus it holds a CPU context for itself as for any other thread. But due to the fact that it never relies on prior kernel runs this context only holds some constant pointers such as SP and IP.

https://github.com/genodelabs/genode/blob/8f57ff1f2708239a32cfb79849add1fbb7dae5a9/doc/release_notes-14-05.txt

https://github.com/genodelabs/genode

http://stackoverflow.com/questions/11033696/how-are-trustzone-components-used-in-i-mx53

http://stackoverflow.com/questions/7955982/arm-trustzone-development?rq=1

https://github.com/finallyjustice/imx53qsb-code/blob/master/trustzone-smc/main.c

https://github.com/finallyjustice/imx53qsb-code: a set of codes for iMX53

https://github.com/finallyjustice/imx53qsb-code/tree/master/trustzone-smc:

This is the bare metal program running on i.MX53 QSB to test the TrustZone Secure-Normal World Transition.

If you want to use your own mkimage in your u-boot code, please change MKIMAGE in Makefile.

https://github.com/skalk/genode

MMU registers: https://github.com/skalk/genode/commit/d793743497f7bc765a410cc77c5e0cc2f2367af4

https://github.com/genodelabs/genode/search?p=1&q=enable+trustzone&utf8=%E2%9C%93

Learning Javascript Object Model

Loop through JavaScript object – Stack Overflow

http://stackoverflow.com/questions/684672/loop-through-javascript-object/684692#684692

https://developer.mozilla.org/en-US/docs/Web/JavaScript/Guide/Details_of_the_Object_Model

http://www.garrettmedia.com/mission/javascript_presentation/javascript_presentation1.htm

Javascript HTML DOM:
http://www.w3schools.com/js/js_htmldom.asp

http://www.tutorialspoint.com/javascript/javascript_html_dom.htm

http://www.w3schools.com/js/js_window.asp

https://developer.mozilla.org/en-US/docs/Web/JavaScript/Introduction_to_Object-Oriented_JavaScript

http://stackoverflow.com/questions/6157497/node-js-printing-to-console-without-a-trailing-newline

http://howtonode.org/hello-node

http://nodejs.org/api/util.html#util_util_print

https://devcenter.heroku.com/articles/nodejs-mongoose