11:57 <ayaka> There is an (ARM) platform that have the password protection for the jtag. I could only first enable the first Access port in the DAP

11:58 <ayaka> then write the password to that mem-ap. So I want to separate the configuration file into three ones

11:59 <ayaka> but when I try to use the dap or tap defined in the first file, it seems that it can't find that define

11:59 <ayaka> or it ask me to do it in the proc board_init

13:20 <zapb__> ayaka, do you have a link to this ARM spec?

13:32 <zapb__> or the MCU spec

14:11 <PaulFertser> Protecting JTAG access with a password sounds like something either wrong or evil though? Why would one do that?

14:51 <braunr> preventing product reverse engineering by competitors ?

14:51 <braunr> o/

14:52 <PaulFertser> That sounds anti-user.

14:52 <PaulFertser> As an owner of hardware I think I have a right to know how it works and modify as needed.

14:52 <Haohmaru> you optimist ;P~

14:53 <PaulFertser> Before trying to help someone I'd like to be sure it's not used against me and my friends.

15:41 <braunr> well sure

15:41 <braunr> i was just stating one reason why some people would do that

15:43 <Haohmaru> the password is "curseyouifyoustealmycodez"

16:29 <braunr> weak password :P

16:30 <Haohmaru> it has a strong supernatural effect

16:30 <ayaka> PaulFertser, because of the arm trustzone

16:31 <ayaka> zapb__, even I work for the chip vendor, I don't have that. I just figure out how to enable the password from the old script

16:37 <PaulFertser> ayaka: you can't enable trustzone without setting a password?

16:39 <ayaka> PaulFertser, no, you can't access to the CPU which would run the trustzone without the password

16:40 <ayaka> the trustzone is for arm video trust path, which would have things like keys for digital right content

16:58 <ayaka> I think I found the answer from 6.3.6 The init_targets procedure. I need to add a proc after all the configuration files are parsed

16:59 <ayaka> but there is another problem, it is only meaningful to add mem-ap for cpus after I enabled the password

17:01 <ayaka> is it proper that declare target in init_targets() which is the running stage?

17:08 <PaulFertser> ayaka: by "digital right content" you mean digital restrictions management? Nobody should be implementing that I think.

18:52 <borneoa___> PaulFertser: there is a new feature from arm named debug authentication. The chip exposes on DAP only one AP, where the debugger can: read the chip id, read the debug level (bit mask of what the debugger can access), and access some register for handshake for the authentication. Then the authentication allows changing debug level and even opening all the debug resources.

18:53 <borneoa___> PaulFertser: there are already chips in the market with DA, and also ST will follow the "fashion"

18:53 <PaulFertser> borneoa___: this doesn't sound like something I would desire in a hardware I can own... :(

18:56 <borneoa___> PaulFertser: yep! If you buy the naked chip it will not be protected, but once added in a product the manufacturer will lock it and keep one certificate or password to reopen it to debug the returned items.

19:43 <karlp> and the world rejoiced....

19:44 <karlp> ewaste the only winner here.