Attend XDA's Second Annual Developer Conference, XDA:DevCon 2014!
5,785,052 Members 44,534 Now Online
XDA Developers Android and Mobile Development Forum

Hardware root/JTAG pinout

Tip us?
 
Determined
Old
#21  
Junior Member - OP
Thanks Meter 6
Posts: 16
Join Date: Sep 2010
Quote:
Originally Posted by jcase View Post
I spent a bit trying today, I never could get a response from RTCK at all
Ignore it, RTCK is not always available and JTAG works without it as long as your clock is within acceptable range. I used 1000khz-3000khz. Don't know if clock is configurable in riffbox that I believe you use. Also, does riffbox support 1.8v levels?
 
jcase
Old
#22  
jcase's Avatar
Forum Moderator / Senior Recognized Developer - Taco Vendor
Thanks Meter 7,207
Posts: 3,627
Join Date: Feb 2010
Location: Sequim WA

 
DONATE TO ME
Quote:
Originally Posted by Determined View Post
Ignore it, RTCK is not always available and JTAG works without it as long as your clock is within acceptable range. I used 1000khz-3000khz. Don't know if clock is configurable in riffbox that I believe you use. Also, does riffbox support 1.8v levels?
Clock is configurable, I believe it does 1.8 but I'm not home now so can't verify

Sent from my HTC One_M8 using XDA Premium 4 mobile app
I'm taking a break of an undetermined length. Please don't contact me about exploits

Something important? jcase@cunninglogic.com
Like Android security topics? Join our G+ community -> https://plus.google.com/communities/...07618051049043
My Bitcoin address : 1Newifz6yETTmbziCsZZstmHHPH6ejNr75
 
krasny2k5
Old
#23  
Member
Thanks Meter 9
Posts: 45
Join Date: Feb 2011
Hi!

One noob question, if you can develop a root method or a way to flash the device using jtag, what kind of device will be necessary to do it?

something like this? http://dangerousprototypes.com/docs/Bus_Blaster

thanks!
 
krasny2k5
Old
#24  
Member
Thanks Meter 9
Posts: 45
Join Date: Feb 2011
Any advances with JTAG?

thanks!
 
cz172638
Old
#25  
Junior Member
Thanks Meter 1
Posts: 1
Join Date: Apr 2011
Quote:
Originally Posted by Determined View Post
Connecting to JTAG with OpenOCD needs a few changes in the cortex_a.c source to enable support for Cortex-A15. If you actually make those changes and play with debug registers, you will discover that DBGEN and SPIDEN signals/fuses are disabled, so debug mode is not accessible.

I have not yet tried flashing.
that's not true, i currently play with openocd, flyswatter2 and ifc6410 (another apq8064 box) and i discovered, that problem is how openocd handles writing to crtlstat register. seems openocd implements dap ver. 0 way, but not dap ver. 1 and dap ver. 2 ways. i'm currently diving to arm coresight documentation and openocd code.
The Following User Says Thank You to cz172638 For This Useful Post: [ Click to Expand ]
 
krasny2k5
Old
#26  
Member
Thanks Meter 9
Posts: 45
Join Date: Feb 2011
Quote:
Originally Posted by cz172638 View Post
that's not true, i currently play with openocd, flyswatter2 and ifc6410 (another apq8064 box) and i discovered, that problem is how openocd handles writing to crtlstat register. seems openocd implements dap ver. 0 way, but not dap ver. 1 and dap ver. 2 ways. i'm currently diving to arm coresight documentation and openocd code.
Good to know that somebody is working in JTAG solution for AFTV box. Let us know your findings!

Thanks!
Thread Tools Search this Thread
Search this Thread:

Advanced Search
Display Modes