I am trying to implement a minimal hypervisor on ARMv8A (Cortext A53 on QEMU Version 6.2.0).I have written a minimal hypervisor code in EL2 and the Linux boots successfully in EL1. Now I want to enable stage-2 MMU. I have written basic page tables in stage2 (Only the necessary page table entries to map to 1GB RAM). If I disable PCI in DTB the kernel boots successfully.The QEMU command line is given below.
qemu-system-aarch64 -machine virt,gic-version=2,virtualization=on -cpu cortex-a53 -nographic -smp 1 -m 4096 -kernel hypvisor/bin/hypervisor.elf -device loader,file=linux-5.10.155/arch/arm64/boot/Image,addr=0x80200000 -device loader,file=1gb_1core.dtb,addr=0x88000000
When the PCI is enabled in DTB, I am getting a kernel panic as shown below.
[ 0.646801] pci_bus 0000:00: root bus resource [mem 0x8000000000-0xffffffffff]
[ 0.647909] Unable to handle kernel paging request at virtual address 0000000093810004
[ 0.648109] Mem abort info:
[ 0.648183] ESR = 0x96000004
[ 0.648282] EC = 0x25: DABT (current EL), IL = 32 bits
[ 0.648403] SET = 0, FnV = 0
[ 0.648484] EA = 0, S1PTW = 0
[ 0.648568] Data abort info:
[ 0.648647] ISV = 0, ISS = 0x00000004
[ 0.648743] CM = 0, WnR = 0
[ 0.648885] [0000000093810004] user address but active_mm is swapper
[ 0.653399] Call trace:
[ 0.653598] pci_generic_config_read+0x38/0xe0
[ 0.653729] pci_bus_read_config_dword+0x80/0xe0
[ 0.653845] pci_bus_generic_read_dev_vendor_id+0x34/0x1b0
[ 0.653974] pci_bus_read_dev_vendor_id+0x4c/0x70
[ 0.654090] pci_scan_single_device+0x80/0x100
I set a GDB breakpoint in 'pci_generic_config_read' and observed that the faulting instruction is
>0xffff80001055d5c8 <pci_generic_config_read+56> ldr w1, [x0]
The value of register X0 is given below
(gdb) p /x $x0
$4 = 0xffff800020000000
The hardware (host) is configured to have 4GB in total and the Linux (guest) is supplied 1GB through command line and DTB. This is a single core system with 'kaslr' disabled.
Excerpt from the DTB containing PCI part is given below.
pcie#10000000 {
interrupt-map-mask = <0x1800 0x00 0x00 0x07>;
interrupt-map = <0x00 0x00 0x00 0x01 0x8001 0x00 0x00 0x00 0x03 0x04 0x00 0x00 0x00 0x02 0x8001 0x00 0x00 0x00 0x04 0x04 0x00 0x00 0x00 0x03 0x8001 0x00 0x00 0x00 0x05 0x04 0x00 0x00 0x00 0x04 0x8001 0x00 0x00 0x00 0x06 0x04 0x800 0x00 0x00 0x01 0x8001 0x00 0x00 0x00 0x04 0x04 0x800 0x00 0x00 0x02 0x8001 0x00 0x00 0x00 0x05 0x04 0x800 0x00 0x00 0x03 0x8001 0x00 0x00 0x00 0x06 0x04 0x800 0x00 0x00 0x04 0x8001 0x00 0x00 0x00 0x03 0x04 0x1000 0x00 0x00 0x01 0x8001 0x00 0x00 0x00 0x05 0x04 0x1000 0x00 0x00 0x02 0x8001 0x00 0x00 0x00 0x06 0x04 0x1000 0x00 0x00 0x03 0x8001 0x00 0x00 0x00 0x03 0x04 0x1000 0x00 0x00 0x04 0x8001 0x00 0x00 0x00 0x04 0x04 0x1800 0x00 0x00 0x01 0x8001 0x00 0x00 0x00 0x06 0x04 0x1800 0x00 0x00 0x02 0x8001 0x00 0x00 0x00 0x03 0x04 0x1800 0x00 0x00 0x03 0x8001 0x00 0x00 0x00 0x04 0x04 0x1800 0x00 0x00 0x04 0x8001 0x00 0x00 0x00 0x05 0x04>;
#interrupt-cells = <0x01>;
ranges = <0x1000000 0x00 0x00 0x00 0x3eff0000 0x00 0x10000 0x2000000 0x00 0x10000000 0x00 0x10000000 0x00 0x2eff0000 0x3000000 0x80 0x00 0x80 0x00 0x80 0x00>;
reg = <0x40 0x10000000 0x00 0x10000000>;
msi-parent = <0x8002>;
dma-coherent;
bus-range = <0x00 0xff>;
linux,pci-domain = <0x00>;
#size-cells = <0x02>;
#address-cells = <0x03>;
device_type = "pci";
compatible = "pci-host-ecam-generic";
};
If my interpretation of DTB is right, the PCI device is mapped to the address range '0x40_1000_0000' (offset) '0x1000_0000' (size 256MB). that is, it starts from 100GB in the physical address space.
I have written a page table entry mapping to this physical address as well (as a device memory).
Is it right for the PCI to map to such a higher address in the physical address space? Any hints on debugging this issue is greatly appreciated.
Yes, for a 64-bit CPU this is the expected place to find the PCI controller ECAM region. The virt board puts some "large" device memory regions beyond the 4GB mark (specifically, PCIE ECAM, a seconD PCIE MMIO window, and redistributors for CPUs above 123). (You can turn this off with -machine highmem=off if you like, though that will limit the amount of RAM you can give the VM to 3GB.)
Depending on what your hypervisor is doing, you might or might not want it to be talking directly to the host PCI controller anyway.
Related
macOS 10.14.3, Xcode 9.4.1:
I am trying to use podofo in my project. I get the following error:
ld: warning: ignoring file /usr/local/lib/libcrypto.dylib, file was built for unsupported file format ( 0x62 0x6F 0x6F 0x6B 0x00 0x00 0x00 0x00 0x6D 0x61 0x72 0x6B 0x00 0x00 0x00 0x00 ) which is not the architecture being linked (x86_64): /usr/local/lib/libcrypto.dylib
ld: warning: ignoring file /usr/local/lib/libcrypto.dylib, file was built for unsupported file format ( 0x62 0x6F 0x6F 0x6B 0x00 0x00 0x00 0x00 0x6D 0x61 0x72 0x6B 0x00 0x00 0x00 0x00 ) which is not the architecture being linked (x86_64): /usr/local/lib/libcrypto.dylib
Undefined symbols for architecture x86_64:
"_EVP_CIPHER_CTX_free", referenced from:
PoDoFo::RC4CryptoEngine::~RC4CryptoEngine() in libpodofo.a(PdfEncrypt.o)
PoDoFo::AESCryptoEngine::~AESCryptoEngine() in libpodofo.a(PdfEncrypt.o)
"_EVP_CIPHER_CTX_new", referenced from:
PoDoFo::RC4CryptoEngine::RC4CryptoEngine() in libpodofo.a(PdfEncrypt.o)
PoDoFo::AESCryptoEngine::AESCryptoEngine() in libpodofo.a(PdfEncrypt.o)
What am I doing wrong? What does that mean?
Thank you so much for your time.
0x62 0x6F 0x6F 0x6B 0x00 0x00 0x00 0x00 0x6D 0x61 0x72 0x6B 0x00 0x00 0x00 0x00
To Ascii is BOOK MARK .
Is /usr/local/lib/libcrypto.dylib here actually the library you want to link in the program?
I've successfully connected PN532 to RPi using SPI. Communication works. I can read a passive tag using IN_LIST_PASSIVE_TARGET. Commands like GET_FIRMWARE_VERSION or SAM_CONFIGURATION work as expected.
Now, I'm trying to emulate NDEF tag type 4. I've created a NDEF message with a text record, with text "ABCD". NDEF is OK, as I've verified it using nfc-tools -> nfc-emulate-forum-tag4.
I'm trying to read this emulated tag by an iOS app.
While using nfc-emulate-forum-tag4, it works as expected. iOS app reads "ABCD" message from the emuulated tag.
But, when I try to use my implementation (Java/Pi4J), nothing happens. iOS cannot read the emulated tag nor I get any error. It keeps showing standard NFC dialog.
Bytes that my implementation interchanges with PN532 is exactly the same like in nfc-emulate-forum-tag4. However, I missed something.
Just to note, nfc-emulate-forum-tag4 output does not show how TG_INIT_AS_TARGET specified. It shows only data exchange once the initiator recognized.
Reference library I used for implementation:
https://github.com/elechouse/PN532
NDEF FILE CONTENT:
0xD1
0x01
0x07
0x54
0x02
0x65
0x6E
0x41
0x42
0x43
0x44
nfc-emulate-forum-tag4 listing (works):
pi#raspberrypi:~/tmp $ nfc-emulate-forum-tag4 ABCD.ndef
NFC device: PN532_via_SPI opened
Emulating NDEF tag now, please touch it with a second NFC device
In: 00 a4 04 00 07 d2 76 00 00 85 01 01 00
Out: 90 00
In: 00 a4 00 0c 02 e1 03
Out: 90 00
In: 00 b0 00 00 0f
Out: 00 0f 20 00 54 00 ff 04 06 e1 04 ff fe 00 00 90 00
In: 00 a4 00 0c 02 e1 04
Out: 90 00
In: 00 b0 00 00 02
Out: 00 0b 90 00
In: 00 a4 00 0c 02 e1 04
Out: 90 00
In: 00 b0 00 00 0b
Out: 00 0b d1 01 07 54 02 65 6e 41 42 90 00
In: 00 b0 00 0b 02
Out: 43 44 90 00
nfc_emulate_target: Target Released
===============================================================
My implementation listing (doesn't work):
pi#raspberrypi:~/tmp $ java -jar pn532_java-1.0.jar
Reset PN532 used pins to system default state
--> Initializing PN532
--> IRQ pin initial state: HIGH
--> GPIO IRQ LISTENER USED
--> PN532 End of initialization
====================================================================================================
-->
COMMAND: Get_Firmware_Version
--> PN532.writeCommand([0x02])
--> PN532.writeByte: 0x01
--> PN532.writeByte: 0x00
--> PN532.writeByte: 0x00
--> PN532.writeByte: 0xFF
--> PN532.writeByte: 0x02
--> PN532.writeByte: 0xFE
--> PN532.writeByte: 0xD4
--> PN532.writeByte: 0x02
--> PN532.writeByte: 0x2A
--> PN532.writeByte: 0x00
--> PN532.waitForAck()
--> PN532.checkSpiAck()
--> RPi - IRQ pin received signal: LOW
--> PN532.writeByte: 0x03
--> ACK reading...
--> PN532.readByte: 0x00
--> PN532.readByte: 0x00
--> PN532.readByte: 0xFF
--> PN532.readByte: 0x00
--> PN532.readByte: 0xFF
--> PN532.readByte: 0x00
--> RPi - IRQ pin received signal: HIGH
--> PN532.readResponse - waiting...
--> RPi - IRQ pin received signal: LOW
--> PN532.readResponse(..., 12, 1000)
--> PN532.writeByte: 0x03
--> Read response started...
--> PN532.readByte: 0x00
--> PN532.readByte: 0xFF
--> PN532.readByte: 0x06
--> PN532.readResponse - data length: 5
--> PN532.readByte: 0xFA
--> PN532.readByte: 0xD5
--> PN532.readByte: 0x03
--> PN532.readByte: 0x32
--> PN532.readByte: 0x01
--> PN532.readByte: 0x06
--> PN532.readByte: 0x07
--> PN532.readByte: 0xE8
--> PN532.readByte: 0x00
--> RPi - IRQ pin received signal: HIGH
====================================================================================================
Found a chip PN532
Firmware version: 1.6
====================================================================================================
-->
COMMAND: SAM_Configuration
--> PN532.writeCommand([0x14 0x01 0x14 0x01])
--> PN532.writeByte: 0x01
--> PN532.writeByte: 0x00
--> PN532.writeByte: 0x00
--> PN532.writeByte: 0xFF
--> PN532.writeByte: 0x05
--> PN532.writeByte: 0xFB
--> PN532.writeByte: 0xD4
--> PN532.writeByte: 0x14
--> PN532.writeByte: 0x01
--> PN532.writeByte: 0x14
--> PN532.writeByte: 0x01
--> PN532.writeByte: 0x02
--> PN532.writeByte: 0x00
--> RPi - IRQ pin received signal: LOW
--> PN532.waitForAck()
--> RPi - IRQ pin received signal: HIGH
--> PN532.readResponse - waiting...
--> RPi - IRQ pin received signal: LOW
--> PN532.readResponse(..., 8, 1000)
--> PN532.writeByte: 0x03
--> Read response started...
--> PN532.readByte: 0x00
--> PN532.readByte: 0xFF
--> PN532.readByte: 0x02
--> PN532.readResponse - data length: 1
--> PN532.readByte: 0xFE
--> PN532.readByte: 0xD5
--> PN532.readByte: 0x15
--> PN532.readByte: 0x16
--> PN532.readByte: 0x00
--> RPi - IRQ pin received signal: HIGH
SAM configuration: true
====================================================================================================
-->
COMMAND: Get_General_Status
--> PN532.writeCommand([0x04])
--> PN532.writeByte: 0x01
--> PN532.writeByte: 0x00
--> PN532.writeByte: 0x00
--> PN532.writeByte: 0xFF
--> PN532.writeByte: 0x02
--> PN532.writeByte: 0xFE
--> PN532.writeByte: 0xD4
--> PN532.writeByte: 0x04
--> PN532.writeByte: 0x28
--> PN532.writeByte: 0x00
--> RPi - IRQ pin received signal: LOW
--> PN532.waitForAck()
--> RPi - IRQ pin received signal: HIGH
--> PN532.readResponse - waiting...
--> RPi - IRQ pin received signal: LOW
--> PN532.readResponse(..., 255, 1000)
--> PN532.writeByte: 0x03
--> Read response started...
--> PN532.readByte: 0x00
--> PN532.readByte: 0xFF
--> PN532.readByte: 0x06
--> PN532.readResponse - data length: 5
--> PN532.readByte: 0xFA
--> PN532.readByte: 0xD5
--> PN532.readByte: 0x05
--> PN532.readByte: 0x00
--> PN532.readByte: 0x00
--> PN532.readByte: 0x00
--> PN532.readByte: 0x80
--> PN532.readByte: 0xA6
--> PN532.readByte: 0x00
--> RPi - IRQ pin received signal: HIGH
GENERAL STATUS: 0x00 0x00 0x00 0x80
====================================================================================================
Waiting for an ISO14443A Card ...
====================================================================================================
================== NDEF FILE START ==================
0xD1
0x01
0x07
0x54
0x02
0x65
0x6E
0x41
0x42
0x43
0x44
================== NDEF FILE END ==================
-->
COMMAND: Tg_Init_As_Target
--> PN532.writeCommand([0x8C 0x05 0x04 0x00 0x00 0x00 0x00 0x20 0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00])
--> PN532.writeByte: 0x01
--> PN532.writeByte: 0x00
--> PN532.writeByte: 0x00
--> PN532.writeByte: 0xFF
--> PN532.writeByte: 0x27
--> PN532.writeByte: 0xD9
--> PN532.writeByte: 0xD4
--> PN532.writeByte: 0x8C
--> PN532.writeByte: 0x05
--> PN532.writeByte: 0x04
--> PN532.writeByte: 0x00
--> PN532.writeByte: 0x00
--> PN532.writeByte: 0x00
--> PN532.writeByte: 0x00
--> PN532.writeByte: 0x20
--> PN532.writeByte: 0x00
--> PN532.writeByte: 0x00
--> PN532.writeByte: 0x00
--> PN532.writeByte: 0x00
--> PN532.writeByte: 0x00
--> PN532.writeByte: 0x00
--> PN532.writeByte: 0x00
--> PN532.writeByte: 0x00
--> PN532.writeByte: 0x00
--> PN532.writeByte: 0x00
--> PN532.writeByte: 0x00
--> PN532.writeByte: 0x00
--> PN532.writeByte: 0x00
--> PN532.writeByte: 0x00
--> PN532.writeByte: 0x00
--> PN532.writeByte: 0x00
--> PN532.writeByte: 0x00
--> PN532.writeByte: 0x00
--> PN532.writeByte: 0x00
--> PN532.writeByte: 0x00
--> PN532.writeByte: 0x00
--> PN532.writeByte: 0x00
--> PN532.writeByte: 0x00
--> PN532.writeByte: 0x00
--> PN532.writeByte: 0x00
--> PN532.writeByte: 0x00
--> PN532.writeByte: 0x00
--> PN532.writeByte: 0x00
--> PN532.writeByte: 0x00
--> PN532.writeByte: 0x00
--> PN532.writeByte: 0x77
--> PN532.writeByte: 0x00
--> RPi - IRQ pin received signal: LOW
--> PN532.waitForAck()
--> RPi - IRQ pin received signal: HIGH
====================================================================================================
--> PN532.readResponse - waiting...
--> RPi - IRQ pin received signal: LOW
--> PN532.readResponse(..., 255, 1000)
--> PN532.writeByte: 0x03
--> Read response started...
--> PN532.readByte: 0x00
--> PN532.readByte: 0x00
--> PN532.readByte: 0xFF
--> PN532.readByte: 0x05
--> PN532.readResponse - data length: 4
--> PN532.readByte: 0xFB
--> PN532.readByte: 0xD5
--> PN532.readByte: 0x8D
--> PN532.readByte: 0x08
--> PN532.readByte: 0xE0
--> PN532.readByte: 0x80
--> PN532.readByte: 0x36
--> PN532.readByte: 0x00
--> RPi - IRQ pin received signal: HIGH
=====================
TAG EMULATION STARTED
=====================
-->
COMMAND: Tg_Get_Data
--> PN532.writeCommand([0x86])
--> PN532.writeByte: 0x01
--> PN532.writeByte: 0x00
--> PN532.writeByte: 0x00
--> PN532.writeByte: 0xFF
--> PN532.writeByte: 0x02
--> PN532.writeByte: 0xFE
--> PN532.writeByte: 0xD4
--> PN532.writeByte: 0x86
--> PN532.writeByte: 0xA6
--> PN532.writeByte: 0x00
--> RPi - IRQ pin received signal: LOW
--> PN532.waitForAck()
--> RPi - IRQ pin received signal: HIGH
--> PN532.readResponse - waiting...
--> RPi - IRQ pin received signal: LOW
--> PN532.readResponse(..., 255, 1000)
--> PN532.writeByte: 0x03
--> Read response started...
--> PN532.readByte: 0x00
--> PN532.readByte: 0x00
--> PN532.readByte: 0xFF
--> PN532.readByte: 0x10
--> PN532.readResponse - data length: 15
--> PN532.readByte: 0xF0
--> PN532.readByte: 0xD5
--> PN532.readByte: 0x87
--> PN532.readByte: 0x00
--> PN532.readByte: 0x00
--> PN532.readByte: 0xA4
--> PN532.readByte: 0x04
--> PN532.readByte: 0x00
--> PN532.readByte: 0x07
--> PN532.readByte: 0xD2
--> PN532.readByte: 0x76
--> PN532.readByte: 0x00
--> PN532.readByte: 0x00
--> PN532.readByte: 0x85
--> PN532.readByte: 0x01
--> PN532.readByte: 0x01
--> PN532.readByte: 0x00
--> PN532.readByte: 0x26
--> PN532.readByte: 0x00
--> RPi - IRQ pin received signal: HIGH
P1: 0x04
P2: 0x00
LC: 0x07
P1-P2-LEN: 0x00
ISO7816_SELECT_FILE
C_APDU_P1_SELECT_BY_NAME
SUPPORTED
-->
COMMAND: Tg_Set_Data - data size: 2
--> PN532.writeCommand([0x8E 0x90 0x00])
--> PN532.writeByte: 0x01
--> PN532.writeByte: 0x00
--> PN532.writeByte: 0x00
--> PN532.writeByte: 0xFF
--> PN532.writeByte: 0x04
--> PN532.writeByte: 0xFC
--> PN532.writeByte: 0xD4
--> PN532.writeByte: 0x8E
--> PN532.writeByte: 0x90
--> PN532.writeByte: 0x00
--> PN532.writeByte: 0x0E
--> PN532.writeByte: 0x00
--> RPi - IRQ pin received signal: LOW
--> PN532.waitForAck()
--> RPi - IRQ pin received signal: HIGH
--> RPi - IRQ pin received signal: LOW
--> PN532.readResponse(..., 255, 1000)
--> PN532.writeByte: 0x03
--> Read response started...
--> PN532.readByte: 0x00
--> PN532.readByte: 0x00
--> PN532.readByte: 0xFF
--> PN532.readByte: 0x03
--> PN532.readResponse - data length: 2
--> PN532.readByte: 0xFD
--> PN532.readByte: 0xD5
--> PN532.readByte: 0x8F
--> PN532.readByte: 0x00
--> PN532.readByte: 0x9C
--> PN532.readByte: 0x00
--> RPi - IRQ pin received signal: HIGH
TG_SET_DATA response: 2
-->
COMMAND: Tg_Get_Data
--> PN532.writeCommand([0x86])
--> PN532.writeByte: 0x01
--> PN532.writeByte: 0x00
--> PN532.writeByte: 0x00
--> PN532.writeByte: 0xFF
--> PN532.writeByte: 0x02
--> PN532.writeByte: 0xFE
--> PN532.writeByte: 0xD4
--> PN532.writeByte: 0x86
--> PN532.writeByte: 0xA6
--> PN532.writeByte: 0x00
--> RPi - IRQ pin received signal: LOW
--> PN532.waitForAck()
--> RPi - IRQ pin received signal: HIGH
--> PN532.readResponse - waiting...
--> RPi - IRQ pin received signal: LOW
--> PN532.readResponse(..., 255, 1000)
--> PN532.writeByte: 0x03
--> Read response started...
--> PN532.readByte: 0x00
--> PN532.readByte: 0x00
--> PN532.readByte: 0xFF
--> PN532.readByte: 0x0A
--> PN532.readResponse - data length: 9
--> PN532.readByte: 0xF6
--> PN532.readByte: 0xD5
--> PN532.readByte: 0x87
--> PN532.readByte: 0x00
--> PN532.readByte: 0x00
--> PN532.readByte: 0xA4
--> PN532.readByte: 0x00
--> PN532.readByte: 0x0C
--> PN532.readByte: 0x02
--> PN532.readByte: 0xE1
--> PN532.readByte: 0x03
--> PN532.readByte: 0x0E
--> PN532.readByte: 0x00
--> RPi - IRQ pin received signal: HIGH
P1: 0x00
P2: 0x0C
LC: 0x02
P1-P2-LEN: 0x0C
ISO7816_SELECT_FILE
C_APDU_P1_SELECT_BY_ID
CURRENT FILE --> CC
-->
COMMAND: Tg_Set_Data - data size: 2
--> PN532.writeCommand([0x8E 0x90 0x00])
--> PN532.writeByte: 0x01
--> PN532.writeByte: 0x00
--> PN532.writeByte: 0x00
--> PN532.writeByte: 0xFF
--> PN532.writeByte: 0x04
--> PN532.writeByte: 0xFC
--> PN532.writeByte: 0xD4
--> PN532.writeByte: 0x8E
--> PN532.writeByte: 0x90
--> PN532.writeByte: 0x00
--> PN532.writeByte: 0x0E
--> PN532.writeByte: 0x00
--> RPi - IRQ pin received signal: LOW
--> PN532.waitForAck()
--> RPi - IRQ pin received signal: HIGH
--> RPi - IRQ pin received signal: LOW
--> PN532.readResponse(..., 255, 1000)
--> PN532.writeByte: 0x03
--> Read response started...
--> PN532.readByte: 0x00
--> PN532.readByte: 0x00
--> PN532.readByte: 0xFF
--> PN532.readByte: 0x03
--> PN532.readResponse - data length: 2
--> PN532.readByte: 0xFD
--> PN532.readByte: 0xD5
--> PN532.readByte: 0x8F
--> PN532.readByte: 0x00
--> PN532.readByte: 0x9C
--> PN532.readByte: 0x00
--> RPi - IRQ pin received signal: HIGH
TG_SET_DATA response: 2
-->
COMMAND: Tg_Get_Data
--> PN532.writeCommand([0x86])
--> PN532.writeByte: 0x01
--> PN532.writeByte: 0x00
--> PN532.writeByte: 0x00
--> PN532.writeByte: 0xFF
--> PN532.writeByte: 0x02
--> PN532.writeByte: 0xFE
--> PN532.writeByte: 0xD4
--> PN532.writeByte: 0x86
--> PN532.writeByte: 0xA6
--> PN532.writeByte: 0x00
--> RPi - IRQ pin received signal: LOW
--> PN532.waitForAck()
--> RPi - IRQ pin received signal: HIGH
--> PN532.readResponse - waiting...
--> RPi - IRQ pin received signal: LOW
--> PN532.readResponse(..., 255, 1000)
--> PN532.writeByte: 0x03
--> Read response started...
--> PN532.readByte: 0x00
--> PN532.readByte: 0x00
--> PN532.readByte: 0xFF
--> PN532.readByte: 0x08
--> PN532.readResponse - data length: 7
--> PN532.readByte: 0xF8
--> PN532.readByte: 0xD5
--> PN532.readByte: 0x87
--> PN532.readByte: 0x00
--> PN532.readByte: 0x00
--> PN532.readByte: 0xB0
--> PN532.readByte: 0x00
--> PN532.readByte: 0x00
--> PN532.readByte: 0x0F
--> PN532.readByte: 0xE5
--> PN532.readByte: 0x00
--> RPi - IRQ pin received signal: HIGH
P1: 0x00
P2: 0x00
LC: 0x0F
P1-P2-LEN: 0x00
ISO7816_READ_BINARY
SEND COMPATIBILITY CONTAINER
-->
COMMAND: Tg_Set_Data - data size: 17
--> PN532.writeCommand([0x8E 0x00 0x0F 0x20 0x00 0x54 0x00 0xFF 0x04 0x06 0xE1 0x04 0xFF 0xFE 0x00 0x00 0x90 0x00])
--> PN532.writeByte: 0x01
--> PN532.writeByte: 0x00
--> PN532.writeByte: 0x00
--> PN532.writeByte: 0xFF
--> PN532.writeByte: 0x13
--> PN532.writeByte: 0xED
--> PN532.writeByte: 0xD4
--> PN532.writeByte: 0x8E
--> PN532.writeByte: 0x00
--> PN532.writeByte: 0x0F
--> PN532.writeByte: 0x20
--> PN532.writeByte: 0x00
--> PN532.writeByte: 0x54
--> PN532.writeByte: 0x00
--> PN532.writeByte: 0xFF
--> PN532.writeByte: 0x04
--> PN532.writeByte: 0x06
--> PN532.writeByte: 0xE1
--> PN532.writeByte: 0x04
--> PN532.writeByte: 0xFF
--> PN532.writeByte: 0xFE
--> PN532.writeByte: 0x00
--> PN532.writeByte: 0x00
--> PN532.writeByte: 0x90
--> PN532.writeByte: 0x00
--> PN532.writeByte: 0xA0
--> PN532.writeByte: 0x00
--> RPi - IRQ pin received signal: LOW
--> PN532.waitForAck()
--> RPi - IRQ pin received signal: HIGH
--> RPi - IRQ pin received signal: LOW
--> PN532.readResponse(..., 255, 1000)
--> PN532.writeByte: 0x03
--> Read response started...
--> PN532.readByte: 0x00
--> PN532.readByte: 0x00
--> PN532.readByte: 0xFF
--> PN532.readByte: 0x03
--> PN532.readResponse - data length: 2
--> PN532.readByte: 0xFD
--> PN532.readByte: 0xD5
--> PN532.readByte: 0x8F
--> PN532.readByte: 0x00
--> PN532.readByte: 0x9C
--> PN532.readByte: 0x00
--> RPi - IRQ pin received signal: HIGH
TG_SET_DATA response: 2
-->
COMMAND: Tg_Get_Data
--> PN532.writeCommand([0x86])
--> PN532.writeByte: 0x01
--> PN532.writeByte: 0x00
--> PN532.writeByte: 0x00
--> PN532.writeByte: 0xFF
--> PN532.writeByte: 0x02
--> PN532.writeByte: 0xFE
--> PN532.writeByte: 0xD4
--> PN532.writeByte: 0x86
--> PN532.writeByte: 0xA6
--> PN532.writeByte: 0x00
--> RPi - IRQ pin received signal: LOW
--> PN532.waitForAck()
--> RPi - IRQ pin received signal: HIGH
--> PN532.readResponse - waiting...
--> RPi - IRQ pin received signal: LOW
--> PN532.readResponse(..., 255, 1000)
--> PN532.writeByte: 0x03
--> Read response started...
--> PN532.readByte: 0x00
--> PN532.readByte: 0x00
--> PN532.readByte: 0xFF
--> PN532.readByte: 0x0A
--> PN532.readResponse - data length: 9
--> PN532.readByte: 0xF6
--> PN532.readByte: 0xD5
--> PN532.readByte: 0x87
--> PN532.readByte: 0x00
--> PN532.readByte: 0x00
--> PN532.readByte: 0xA4
--> PN532.readByte: 0x00
--> PN532.readByte: 0x0C
--> PN532.readByte: 0x02
--> PN532.readByte: 0xE1
--> PN532.readByte: 0x04
--> PN532.readByte: 0x0D
--> PN532.readByte: 0x00
--> RPi - IRQ pin received signal: HIGH
P1: 0x00
P2: 0x0C
LC: 0x02
P1-P2-LEN: 0x0C
ISO7816_SELECT_FILE
C_APDU_P1_SELECT_BY_ID
CURRENT FILE --> NDEF
-->
COMMAND: Tg_Set_Data - data size: 2
--> PN532.writeCommand([0x8E 0x90 0x00])
--> PN532.writeByte: 0x01
--> PN532.writeByte: 0x00
--> PN532.writeByte: 0x00
--> PN532.writeByte: 0xFF
--> PN532.writeByte: 0x04
--> PN532.writeByte: 0xFC
--> PN532.writeByte: 0xD4
--> PN532.writeByte: 0x8E
--> PN532.writeByte: 0x90
--> PN532.writeByte: 0x00
--> PN532.writeByte: 0x0E
--> PN532.writeByte: 0x00
--> RPi - IRQ pin received signal: LOW
--> PN532.waitForAck()
--> RPi - IRQ pin received signal: HIGH
--> PN532.readResponse - waiting...
--> RPi - IRQ pin received signal: LOW
--> PN532.readResponse(..., 255, 1000)
--> PN532.writeByte: 0x03
--> Read response started...
--> PN532.readByte: 0x00
--> PN532.readByte: 0x00
--> PN532.readByte: 0xFF
--> PN532.readByte: 0x03
--> PN532.readResponse - data length: 2
--> PN532.readByte: 0xFD
--> PN532.readByte: 0xD5
--> PN532.readByte: 0x8F
--> PN532.readByte: 0x00
--> PN532.readByte: 0x9C
--> PN532.readByte: 0x00
--> RPi - IRQ pin received signal: HIGH
TG_SET_DATA response: 2
-->
COMMAND: Tg_Get_Data
--> PN532.writeCommand([0x86])
--> PN532.writeByte: 0x01
--> PN532.writeByte: 0x00
--> PN532.writeByte: 0x00
--> PN532.writeByte: 0xFF
--> PN532.writeByte: 0x02
--> PN532.writeByte: 0xFE
--> PN532.writeByte: 0xD4
--> PN532.writeByte: 0x86
--> PN532.writeByte: 0xA6
--> PN532.writeByte: 0x00
--> RPi - IRQ pin received signal: LOW
--> PN532.waitForAck()
--> RPi - IRQ pin received signal: HIGH
--> PN532.readResponse - waiting...
--> RPi - IRQ pin received signal: LOW
--> PN532.readResponse(..., 255, 1000)
--> PN532.writeByte: 0x03
--> Read response started...
--> PN532.readByte: 0x00
--> PN532.readByte: 0x00
--> PN532.readByte: 0xFF
--> PN532.readByte: 0x08
--> PN532.readResponse - data length: 7
--> PN532.readByte: 0xF8
--> PN532.readByte: 0xD5
--> PN532.readByte: 0x87
--> PN532.readByte: 0x00
--> PN532.readByte: 0x00
--> PN532.readByte: 0xB0
--> PN532.readByte: 0x00
--> PN532.readByte: 0x00
--> PN532.readByte: 0x02
--> PN532.readByte: 0xF2
--> PN532.readByte: 0x00
--> RPi - IRQ pin received signal: HIGH
P1: 0x00
P2: 0x00
LC: 0x02
P1-P2-LEN: 0x00
ISO7816_READ_BINARY
-->
COMMAND: Tg_Set_Data - data size: 4
--> PN532.writeCommand([0x8E 0x00 0x0B 0x90 0x00])
--> PN532.writeByte: 0x01
--> PN532.writeByte: 0x00
--> PN532.writeByte: 0x00
--> PN532.writeByte: 0xFF
--> PN532.writeByte: 0x06
--> PN532.writeByte: 0xFA
--> PN532.writeByte: 0xD4
--> PN532.writeByte: 0x8E
--> PN532.writeByte: 0x00
--> PN532.writeByte: 0x0B
--> PN532.writeByte: 0x90
--> PN532.writeByte: 0x00
--> PN532.writeByte: 0x03
--> PN532.writeByte: 0x00
--> RPi - IRQ pin received signal: LOW
--> PN532.waitForAck()
--> RPi - IRQ pin received signal: HIGH
--> PN532.readResponse - waiting...
--> RPi - IRQ pin received signal: LOW
--> PN532.readResponse(..., 255, 1000)
--> PN532.writeByte: 0x03
--> Read response started...
--> PN532.readByte: 0x00
--> PN532.readByte: 0x00
--> PN532.readByte: 0xFF
--> PN532.readByte: 0x03
--> PN532.readResponse - data length: 2
--> PN532.readByte: 0xFD
--> PN532.readByte: 0xD5
--> PN532.readByte: 0x8F
--> PN532.readByte: 0x00
--> PN532.readByte: 0x9C
--> PN532.readByte: 0x00
--> RPi - IRQ pin received signal: HIGH
TG_SET_DATA response: 2
-->
COMMAND: Tg_Get_Data
--> PN532.writeCommand([0x86])
--> PN532.writeByte: 0x01
--> PN532.writeByte: 0x00
--> PN532.writeByte: 0x00
--> PN532.writeByte: 0xFF
--> PN532.writeByte: 0x02
--> PN532.writeByte: 0xFE
--> PN532.writeByte: 0xD4
--> PN532.writeByte: 0x86
--> PN532.writeByte: 0xA6
--> PN532.writeByte: 0x00
--> RPi - IRQ pin received signal: LOW
--> PN532.waitForAck()
--> RPi - IRQ pin received signal: HIGH
--> PN532.readResponse - waiting...
--> RPi - IRQ pin received signal: LOW
--> PN532.readResponse(..., 255, 1000)
--> PN532.writeByte: 0x03
--> Read response started...
--> PN532.readByte: 0x00
--> PN532.readByte: 0x00
--> PN532.readByte: 0xFF
--> PN532.readByte: 0x0A
--> PN532.readResponse - data length: 9
--> PN532.readByte: 0xF6
--> PN532.readByte: 0xD5
--> PN532.readByte: 0x87
--> PN532.readByte: 0x00
--> PN532.readByte: 0x00
--> PN532.readByte: 0xA4
--> PN532.readByte: 0x00
--> PN532.readByte: 0x0C
--> PN532.readByte: 0x02
--> PN532.readByte: 0xE1
--> PN532.readByte: 0x04
--> PN532.readByte: 0x0D
--> PN532.readByte: 0x00
--> RPi - IRQ pin received signal: HIGH
P1: 0x00
P2: 0x0C
LC: 0x02
P1-P2-LEN: 0x0C
ISO7816_SELECT_FILE
C_APDU_P1_SELECT_BY_ID
CURRENT FILE --> NDEF
-->
COMMAND: Tg_Set_Data - data size: 2
--> PN532.writeCommand([0x8E 0x90 0x00])
--> PN532.writeByte: 0x01
--> PN532.writeByte: 0x00
--> PN532.writeByte: 0x00
--> PN532.writeByte: 0xFF
--> PN532.writeByte: 0x04
--> PN532.writeByte: 0xFC
--> PN532.writeByte: 0xD4
--> PN532.writeByte: 0x8E
--> PN532.writeByte: 0x90
--> PN532.writeByte: 0x00
--> PN532.writeByte: 0x0E
--> PN532.writeByte: 0x00
--> RPi - IRQ pin received signal: LOW
--> PN532.waitForAck()
--> RPi - IRQ pin received signal: HIGH
--> PN532.readResponse - waiting...
--> RPi - IRQ pin received signal: LOW
--> PN532.readResponse(..., 255, 1000)
--> PN532.writeByte: 0x03
--> Read response started...
--> PN532.readByte: 0x00
--> PN532.readByte: 0x00
--> PN532.readByte: 0xFF
--> PN532.readByte: 0x03
--> PN532.readResponse - data length: 2
--> PN532.readByte: 0xFD
--> PN532.readByte: 0xD5
--> PN532.readByte: 0x8F
--> PN532.readByte: 0x00
--> PN532.readByte: 0x9C
--> PN532.readByte: 0x00
--> RPi - IRQ pin received signal: HIGH
TG_SET_DATA response: 2
-->
COMMAND: Tg_Get_Data
--> PN532.writeCommand([0x86])
--> PN532.writeByte: 0x01
--> PN532.writeByte: 0x00
--> PN532.writeByte: 0x00
--> PN532.writeByte: 0xFF
--> PN532.writeByte: 0x02
--> PN532.writeByte: 0xFE
--> PN532.writeByte: 0xD4
--> PN532.writeByte: 0x86
--> PN532.writeByte: 0xA6
--> PN532.writeByte: 0x00
--> RPi - IRQ pin received signal: LOW
--> PN532.waitForAck()
--> RPi - IRQ pin received signal: HIGH
--> PN532.readResponse - waiting...
--> RPi - IRQ pin received signal: LOW
--> PN532.readResponse(..., 255, 1000)
--> PN532.writeByte: 0x03
--> Read response started...
--> PN532.readByte: 0x00
--> PN532.readByte: 0x00
--> PN532.readByte: 0xFF
--> PN532.readByte: 0x08
--> PN532.readResponse - data length: 7
--> PN532.readByte: 0xF8
--> PN532.readByte: 0xD5
--> PN532.readByte: 0x87
--> PN532.readByte: 0x00
--> PN532.readByte: 0x00
--> PN532.readByte: 0xB0
--> PN532.readByte: 0x00
--> PN532.readByte: 0x00
--> PN532.readByte: 0x0B
--> PN532.readByte: 0xE9
--> PN532.readByte: 0x00
--> RPi - IRQ pin received signal: HIGH
P1: 0x00
P2: 0x00
LC: 0x0B
P1-P2-LEN: 0x00
ISO7816_READ_BINARY
-->
COMMAND: Tg_Set_Data - data size: 13
--> PN532.writeCommand([0x8E 0x00 0x0B 0xD1 0x01 0x07 0x54 0x02 0x65 0x6E 0x41 0x42 0x90 0x00])
--> PN532.writeByte: 0x01
--> PN532.writeByte: 0x00
--> PN532.writeByte: 0x00
--> PN532.writeByte: 0xFF
--> PN532.writeByte: 0x0F
--> PN532.writeByte: 0xF1
--> PN532.writeByte: 0xD4
--> PN532.writeByte: 0x8E
--> PN532.writeByte: 0x00
--> PN532.writeByte: 0x0B
--> PN532.writeByte: 0xD1
--> PN532.writeByte: 0x01
--> PN532.writeByte: 0x07
--> PN532.writeByte: 0x54
--> PN532.writeByte: 0x02
--> PN532.writeByte: 0x65
--> PN532.writeByte: 0x6E
--> PN532.writeByte: 0x41
--> PN532.writeByte: 0x42
--> PN532.writeByte: 0x90
--> PN532.writeByte: 0x00
--> PN532.writeByte: 0x7E
--> PN532.writeByte: 0x00
--> RPi - IRQ pin received signal: LOW
--> PN532.waitForAck()
--> RPi - IRQ pin received signal: HIGH
--> PN532.readResponse - waiting...
--> RPi - IRQ pin received signal: LOW
--> PN532.readResponse(..., 255, 1000)
--> RPi - IRQ pin received signal: LOW
--> PN532.writeByte: 0x03
--> Read response started...
--> PN532.readByte: 0x00
--> PN532.readByte: 0x00
--> PN532.readByte: 0xFF
--> PN532.readByte: 0x03
--> PN532.readResponse - data length: 2
--> PN532.readByte: 0xFD
--> PN532.readByte: 0xD5
--> PN532.readByte: 0x8F
--> PN532.readByte: 0x00
--> PN532.readByte: 0x9C
--> PN532.readByte: 0x00
--> RPi - IRQ pin received signal: HIGH
TG_SET_DATA response: 2
-->
COMMAND: Tg_Get_Data
--> PN532.writeCommand([0x86])
--> PN532.writeByte: 0x01
--> PN532.writeByte: 0x00
--> PN532.writeByte: 0x00
--> PN532.writeByte: 0xFF
--> PN532.writeByte: 0x02
--> PN532.writeByte: 0xFE
--> PN532.writeByte: 0xD4
--> PN532.writeByte: 0x86
--> PN532.writeByte: 0xA6
--> PN532.writeByte: 0x00
--> RPi - IRQ pin received signal: LOW
--> PN532.waitForAck()
--> RPi - IRQ pin received signal: HIGH
--> PN532.readResponse - waiting...
--> RPi - IRQ pin received signal: LOW
--> PN532.readResponse(..., 255, 1000)
--> PN532.writeByte: 0x03
--> Read response started...
--> PN532.readByte: 0x00
--> PN532.readByte: 0x00
--> PN532.readByte: 0xFF
--> PN532.readByte: 0x08
--> PN532.readResponse - data length: 7
--> PN532.readByte: 0xF8
--> PN532.readByte: 0xD5
--> PN532.readByte: 0x87
--> PN532.readByte: 0x00
--> PN532.readByte: 0x00
--> PN532.readByte: 0xB0
--> PN532.readByte: 0x00
--> PN532.readByte: 0x0B
--> PN532.readByte: 0x02
--> PN532.readByte: 0xE7
--> PN532.readByte: 0x00
--> RPi - IRQ pin received signal: HIGH
P1: 0x00
P2: 0x0B
LC: 0x02
P1-P2-LEN: 0x0B
ISO7816_READ_BINARY
-->
COMMAND: Tg_Set_Data - data size: 4
--> PN532.writeCommand([0x8E 0x43 0x44 0x90 0x00])
--> PN532.writeByte: 0x01
--> PN532.writeByte: 0x00
--> PN532.writeByte: 0x00
--> PN532.writeByte: 0xFF
--> PN532.writeByte: 0x06
--> PN532.writeByte: 0xFA
--> PN532.writeByte: 0xD4
--> PN532.writeByte: 0x8E
--> PN532.writeByte: 0x43
--> PN532.writeByte: 0x44
--> PN532.writeByte: 0x90
--> PN532.writeByte: 0x00
--> PN532.writeByte: 0x87
--> PN532.writeByte: 0x00
--> RPi - IRQ pin received signal: LOW
--> PN532.waitForAck()
--> RPi - IRQ pin received signal: HIGH
--> PN532.readResponse - waiting...
--> RPi - IRQ pin received signal: LOW
--> PN532.readResponse(..., 255, 1000)
--> PN532.writeByte: 0x03
--> Read response started...
--> PN532.readByte: 0x00
--> PN532.readByte: 0x00
--> PN532.readByte: 0xFF
--> PN532.readByte: 0x03
--> PN532.readResponse - data length: 2
--> PN532.readByte: 0xFD
--> PN532.readByte: 0xD5
--> PN532.readByte: 0x8F
--> PN532.readByte: 0x00
--> PN532.readByte: 0x9C
--> PN532.readByte: 0x00
--> RPi - IRQ pin received signal: HIGH
TG_SET_DATA response: 2
-->
COMMAND: In_Release
--> PN532.writeCommand([0x52 0x00])
--> PN532.writeByte: 0x01
--> PN532.writeByte: 0x00
--> PN532.writeByte: 0x00
--> PN532.writeByte: 0xFF
--> PN532.writeByte: 0x03
--> PN532.writeByte: 0xFD
--> PN532.writeByte: 0xD4
--> PN532.writeByte: 0x52
--> PN532.writeByte: 0x00
--> PN532.writeByte: 0xDA
--> PN532.writeByte: 0x00
--> RPi - IRQ pin received signal: LOW
--> PN532.waitForAck()
--> RPi - IRQ pin received signal: HIGH
====================================================================================================
--> PN532.readResponse - waiting...
--> RPi - IRQ pin received signal: LOW
--> PN532.readResponse(..., 255, 1000)
--> PN532.writeByte: 0x03
--> Read response started...
--> PN532.readByte: 0x00
--> PN532.readByte: 0xFF
--> PN532.readByte: 0x03
--> PN532.readResponse - data length: 2
--> PN532.readByte: 0xFD
--> PN532.readByte: 0xD5
--> PN532.readByte: 0x53
--> PN532.readByte: 0x00
--> PN532.readByte: 0xD8
--> PN532.readByte: 0x00
--> RPi - IRQ pin received signal: HIGH
====================================================================================================
Reset PN532 used pins to system default state
pi#raspberrypi:~/tmp $
Any help appreciated (especially I'm very desperate).
Thanks!
Here is the simplified version of the listing in the original question (post as an answer due to characters limit). It starts from Tg_Init_As_Target.
-->
COMMAND: Tg_Init_As_Target
--> PN532.writeCommand([0x8C 0x05 0x04 0x00 0x00 0x00 0x00 0x20 0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00])
--> PN532.writeByte: 0x01
--> PN532.writeByte: 0x00
--> PN532.writeByte: 0x00
--> PN532.writeByte: 0xFF
--> PN532.writeByte: 0x27
--> PN532.writeByte: 0xD9
--> PN532.writeByte: 0xD4
--> PN532.writeByte: 0x8C
--> PN532.writeByte: 0x05
--> PN532.writeByte: 0x04
--> PN532.writeByte: 0x00
--> PN532.writeByte: 0x00
--> PN532.writeByte: 0x00
--> PN532.writeByte: 0x00
--> PN532.writeByte: 0x20
--> PN532.writeByte: 0x00
--> PN532.writeByte: 0x00
--> PN532.writeByte: 0x00
--> PN532.writeByte: 0x00
--> PN532.writeByte: 0x00
--> PN532.writeByte: 0x00
--> PN532.writeByte: 0x00
--> PN532.writeByte: 0x00
--> PN532.writeByte: 0x00
--> PN532.writeByte: 0x00
--> PN532.writeByte: 0x00
--> PN532.writeByte: 0x00
--> PN532.writeByte: 0x00
--> PN532.writeByte: 0x00
--> PN532.writeByte: 0x00
--> PN532.writeByte: 0x00
--> PN532.writeByte: 0x00
--> PN532.writeByte: 0x00
--> PN532.writeByte: 0x00
--> PN532.writeByte: 0x00
--> PN532.writeByte: 0x00
--> PN532.writeByte: 0x00
--> PN532.writeByte: 0x00
--> PN532.writeByte: 0x00
--> PN532.writeByte: 0x00
--> PN532.writeByte: 0x00
--> PN532.writeByte: 0x00
--> PN532.writeByte: 0x00
--> PN532.writeByte: 0x00
--> PN532.writeByte: 0x00
--> PN532.writeByte: 0x77
--> PN532.writeByte: 0x00
--> RPi - IRQ pin received signal: LOW
--> PN532.waitForAck()
--> PN532.checkSpiAck()
--> PN532.writeByte: 0x03
--> ACK reading...
--> PN532.readByte: 0x00
--> PN532.readByte: 0x00
--> PN532.readByte: 0xFF
--> PN532.readByte: 0x00
--> PN532.readByte: 0xFF
--> PN532.readByte: 0x00
--> RPi - IRQ pin received signal: HIGH
====================================================================================================
--> PN532.readResponse - waiting...
--> RPi - IRQ pin received signal: LOW
--> PN532.readResponse(..., 255, 1000)
--> PN532.writeByte: 0x03
--> Read response started...
--> PN532.readByte: 0x00
--> PN532.readByte: 0x00
--> PN532.readByte: 0xFF
--> PN532.readByte: 0x05
--> PN532.readResponse - data length: 4
--> PN532.readByte: 0xFB
--> PN532.readByte: 0xD5
--> PN532.readByte: 0x8D
--> PN532.readByte: 0x08
--> PN532.readByte: 0xE0
--> PN532.readByte: 0x80
--> PN532.readByte: 0x36
--> PN532.readByte: 0x00
--> RPi - IRQ pin received signal: HIGH
=====================
TAG EMULATION STARTED
=====================
-->
COMMAND: Tg_Get_Data
--> PN532.writeCommand([0x86])
--> PN532.readResponse - data length: 15
--> PN532.readByte: 0xF0
--> PN532.readByte: 0xD5
--> PN532.readByte: 0x87
--> PN532.readByte: 0x00
--> PN532.readByte: 0x00
--> PN532.readByte: 0xA4
--> PN532.readByte: 0x04
--> PN532.readByte: 0x00
--> PN532.readByte: 0x07
--> PN532.readByte: 0xD2
--> PN532.readByte: 0x76
--> PN532.readByte: 0x00
--> PN532.readByte: 0x00
--> PN532.readByte: 0x85
--> PN532.readByte: 0x01
--> PN532.readByte: 0x01
--> PN532.readByte: 0x00
--> PN532.readByte: 0x26
--> PN532.readByte: 0x00
--> RPi - IRQ pin received signal: HIGH
P1: 0x04
P2: 0x00
LC: 0x07
P1-P2-LEN: 0x00
ISO7816_SELECT_FILE
C_APDU_P1_SELECT_BY_NAME
SUPPORTED
-->
COMMAND: Tg_Set_Data - data size: 2
--> PN532.writeCommand([0x8E 0x90 0x00])
--> PN532.writeByte: 0x01
--> PN532.writeByte: 0x00
--> PN532.writeByte: 0x00
--> PN532.writeByte: 0xFF
--> PN532.writeByte: 0x04
--> PN532.writeByte: 0xFC
--> PN532.writeByte: 0xD4
--> PN532.writeByte: 0x8E
--> PN532.writeByte: 0x90
--> PN532.writeByte: 0x00
--> PN532.writeByte: 0x0E
--> PN532.writeByte: 0x00
--> RPi - IRQ pin received signal: HIGH
-->
COMMAND: Tg_Get_Data
--> PN532.writeCommand([0x86])
--> PN532.readResponse - data length: 9
--> PN532.readByte: 0xF6
--> PN532.readByte: 0xD5
--> PN532.readByte: 0x87
--> PN532.readByte: 0x00
--> PN532.readByte: 0x00
--> PN532.readByte: 0xA4
--> PN532.readByte: 0x00
--> PN532.readByte: 0x0C
--> PN532.readByte: 0x02
--> PN532.readByte: 0xE1
--> PN532.readByte: 0x03
--> PN532.readByte: 0x0E
--> PN532.readByte: 0x00
--> RPi - IRQ pin received signal: HIGH
P1: 0x00
P2: 0x0C
LC: 0x02
P1-P2-LEN: 0x0C
ISO7816_SELECT_FILE
C_APDU_P1_SELECT_BY_ID
CURRENT FILE --> CC
-->
COMMAND: Tg_Set_Data - data size: 2
--> PN532.writeCommand([0x8E 0x90 0x00])
--> PN532.writeByte: 0x01
--> PN532.writeByte: 0x00
--> PN532.writeByte: 0x00
--> PN532.writeByte: 0xFF
--> PN532.writeByte: 0x04
--> PN532.writeByte: 0xFC
--> PN532.writeByte: 0xD4
--> PN532.writeByte: 0x8E
--> PN532.writeByte: 0x90
--> PN532.writeByte: 0x00
--> PN532.writeByte: 0x0E
--> PN532.writeByte: 0x00
--> RPi - IRQ pin received signal: HIGH
-->
COMMAND: Tg_Get_Data
--> PN532.writeCommand([0x86])
--> PN532.readResponse - data length: 7
--> PN532.readByte: 0xF8
--> PN532.readByte: 0xD5
--> PN532.readByte: 0x87
--> PN532.readByte: 0x00
--> PN532.readByte: 0x00
--> PN532.readByte: 0xB0
--> PN532.readByte: 0x00
--> PN532.readByte: 0x00
--> PN532.readByte: 0x0F
--> PN532.readByte: 0xE5
--> PN532.readByte: 0x00
--> RPi - IRQ pin received signal: HIGH
P1: 0x00
P2: 0x00
LC: 0x0F
P1-P2-LEN: 0x00
ISO7816_READ_BINARY
SEND COMPATIBILITY CONTAINER
-->
COMMAND: Tg_Set_Data - data size: 17
--> PN532.writeCommand([0x8E 0x00 0x0F 0x20 0x00 0x54 0x00 0xFF 0x04 0x06 0xE1 0x04 0xFF 0xFE 0x00 0x00 0x90 0x00])
--> PN532.writeByte: 0x01
--> PN532.writeByte: 0x00
--> PN532.writeByte: 0x00
--> PN532.writeByte: 0xFF
--> PN532.writeByte: 0x13
--> PN532.writeByte: 0xED
--> PN532.writeByte: 0xD4
--> PN532.writeByte: 0x8E
--> PN532.writeByte: 0x00
--> PN532.writeByte: 0x0F
--> PN532.writeByte: 0x20
--> PN532.writeByte: 0x00
--> PN532.writeByte: 0x54
--> PN532.writeByte: 0x00
--> PN532.writeByte: 0xFF
--> PN532.writeByte: 0x04
--> PN532.writeByte: 0x06
--> PN532.writeByte: 0xE1
--> PN532.writeByte: 0x04
--> PN532.writeByte: 0xFF
--> PN532.writeByte: 0xFE
--> PN532.writeByte: 0x00
--> PN532.writeByte: 0x00
--> PN532.writeByte: 0x90
--> PN532.writeByte: 0x00
--> PN532.writeByte: 0xA0
--> PN532.writeByte: 0x00
--> RPi - IRQ pin received signal: HIGH
-->
COMMAND: Tg_Get_Data
--> PN532.writeCommand([0x86])
--> PN532.readResponse - data length: 9
--> PN532.readByte: 0xF6
--> PN532.readByte: 0xD5
--> PN532.readByte: 0x87
--> PN532.readByte: 0x00
--> PN532.readByte: 0x00
--> PN532.readByte: 0xA4
--> PN532.readByte: 0x00
--> PN532.readByte: 0x0C
--> PN532.readByte: 0x02
--> PN532.readByte: 0xE1
--> PN532.readByte: 0x04
--> PN532.readByte: 0x0D
--> PN532.readByte: 0x00
--> RPi - IRQ pin received signal: HIGH
P1: 0x00
P2: 0x0C
LC: 0x02
P1-P2-LEN: 0x0C
ISO7816_SELECT_FILE
C_APDU_P1_SELECT_BY_ID
CURRENT FILE --> NDEF
-->
COMMAND: Tg_Set_Data - data size: 2
--> PN532.writeCommand([0x8E 0x90 0x00])
--> PN532.writeByte: 0x01
--> PN532.writeByte: 0x00
--> PN532.writeByte: 0x00
--> PN532.writeByte: 0xFF
--> PN532.writeByte: 0x04
--> PN532.writeByte: 0xFC
--> PN532.writeByte: 0xD4
--> PN532.writeByte: 0x8E
--> PN532.writeByte: 0x90
--> PN532.writeByte: 0x00
--> PN532.writeByte: 0x0E
--> PN532.writeByte: 0x00
--> RPi - IRQ pin received signal: HIGH
-->
COMMAND: Tg_Get_Data
--> PN532.writeCommand([0x86])
--> PN532.readResponse - data length: 7
--> PN532.readByte: 0xF8
--> PN532.readByte: 0xD5
--> PN532.readByte: 0x87
--> PN532.readByte: 0x00
--> PN532.readByte: 0x00
--> PN532.readByte: 0xB0
--> PN532.readByte: 0x00
--> PN532.readByte: 0x00
--> PN532.readByte: 0x02
--> PN532.readByte: 0xF2
--> PN532.readByte: 0x00
--> RPi - IRQ pin received signal: HIGH
P1: 0x00
P2: 0x00
LC: 0x02
P1-P2-LEN: 0x00
ISO7816_READ_BINARY
-->
COMMAND: Tg_Set_Data - data size: 4
--> PN532.writeCommand([0x8E 0x00 0x0B 0x90 0x00])
--> PN532.writeByte: 0x01
--> PN532.writeByte: 0x00
--> PN532.writeByte: 0x00
--> PN532.writeByte: 0xFF
--> PN532.writeByte: 0x06
--> PN532.writeByte: 0xFA
--> PN532.writeByte: 0xD4
--> PN532.writeByte: 0x8E
--> PN532.writeByte: 0x00
--> PN532.writeByte: 0x0B
--> PN532.writeByte: 0x90
--> PN532.writeByte: 0x00
--> PN532.writeByte: 0x03
--> PN532.writeByte: 0x00
--> RPi - IRQ pin received signal: HIGH
-->
COMMAND: Tg_Get_Data
--> PN532.writeCommand([0x86])
--> PN532.readResponse - data length: 9
--> PN532.readByte: 0xF6
--> PN532.readByte: 0xD5
--> PN532.readByte: 0x87
--> PN532.readByte: 0x00
--> PN532.readByte: 0x00
--> PN532.readByte: 0xA4
--> PN532.readByte: 0x00
--> PN532.readByte: 0x0C
--> PN532.readByte: 0x02
--> PN532.readByte: 0xE1
--> PN532.readByte: 0x04
--> PN532.readByte: 0x0D
--> PN532.readByte: 0x00
--> RPi - IRQ pin received signal: HIGH
P1: 0x00
P2: 0x0C
LC: 0x02
P1-P2-LEN: 0x0C
ISO7816_SELECT_FILE
C_APDU_P1_SELECT_BY_ID
CURRENT FILE --> NDEF
-->
COMMAND: Tg_Set_Data - data size: 2
--> PN532.writeCommand([0x8E 0x90 0x00])
--> PN532.writeByte: 0x01
--> PN532.writeByte: 0x00
--> PN532.writeByte: 0x00
--> PN532.writeByte: 0xFF
--> PN532.writeByte: 0x04
--> PN532.writeByte: 0xFC
--> PN532.writeByte: 0xD4
--> PN532.writeByte: 0x8E
--> PN532.writeByte: 0x90
--> PN532.writeByte: 0x00
--> PN532.writeByte: 0x0E
--> PN532.writeByte: 0x00
--> RPi - IRQ pin received signal: HIGH
-->
COMMAND: Tg_Get_Data
--> PN532.writeCommand([0x86])
--> PN532.readResponse - data length: 7
--> PN532.readByte: 0xF8
--> PN532.readByte: 0xD5
--> PN532.readByte: 0x87
--> PN532.readByte: 0x00
--> PN532.readByte: 0x00
--> PN532.readByte: 0xB0
--> PN532.readByte: 0x00
--> PN532.readByte: 0x00
--> PN532.readByte: 0x0B
--> PN532.readByte: 0xE9
--> PN532.readByte: 0x00
--> RPi - IRQ pin received signal: HIGH
P1: 0x00
P2: 0x00
LC: 0x0B
P1-P2-LEN: 0x00
ISO7816_READ_BINARY
-->
COMMAND: Tg_Set_Data - data size: 13
--> PN532.writeCommand([0x8E 0x00 0x0B 0xD1 0x01 0x07 0x54 0x02 0x65 0x6E 0x41 0x42 0x90 0x00])
--> PN532.writeByte: 0x01
--> PN532.writeByte: 0x00
--> PN532.writeByte: 0x00
--> PN532.writeByte: 0xFF
--> PN532.writeByte: 0x0F
--> PN532.writeByte: 0xF1
--> PN532.writeByte: 0xD4
--> PN532.writeByte: 0x8E
--> PN532.writeByte: 0x00
--> PN532.writeByte: 0x0B
--> PN532.writeByte: 0xD1
--> PN532.writeByte: 0x01
--> PN532.writeByte: 0x07
--> PN532.writeByte: 0x54
--> PN532.writeByte: 0x02
--> PN532.writeByte: 0x65
--> PN532.writeByte: 0x6E
--> PN532.writeByte: 0x41
--> PN532.writeByte: 0x42
--> PN532.writeByte: 0x90
--> PN532.writeByte: 0x00
--> PN532.writeByte: 0x7E
--> PN532.writeByte: 0x00
--> RPi - IRQ pin received signal: HIGH
-->
COMMAND: Tg_Get_Data
--> PN532.writeCommand([0x86])
--> PN532.readResponse - data length: 7
--> PN532.readByte: 0xF8
--> PN532.readByte: 0xD5
--> PN532.readByte: 0x87
--> PN532.readByte: 0x00
--> PN532.readByte: 0x00
--> PN532.readByte: 0xB0
--> PN532.readByte: 0x00
--> PN532.readByte: 0x0B
--> PN532.readByte: 0x02
--> PN532.readByte: 0xE7
--> PN532.readByte: 0x00
--> RPi - IRQ pin received signal: HIGH
P1: 0x00
P2: 0x0B
LC: 0x02
P1-P2-LEN: 0x0B
ISO7816_READ_BINARY
-->
COMMAND: Tg_Set_Data - data size: 4
--> PN532.writeCommand([0x8E 0x43 0x44 0x90 0x00])
--> PN532.writeByte: 0x01
--> PN532.writeByte: 0x00
--> PN532.writeByte: 0x00
--> PN532.writeByte: 0xFF
--> PN532.writeByte: 0x06
--> PN532.writeByte: 0xFA
--> PN532.writeByte: 0xD4
--> PN532.writeByte: 0x8E
--> PN532.writeByte: 0x43
--> PN532.writeByte: 0x44
--> PN532.writeByte: 0x90
--> PN532.writeByte: 0x00
--> PN532.writeByte: 0x87
--> PN532.writeByte: 0x00
--> RPi - IRQ pin received signal: HIGH
-->
COMMAND: In_Release
--> PN532.writeCommand([0x52 0x00])
--> PN532.writeByte: 0x01
--> PN532.writeByte: 0x00
--> PN532.writeByte: 0x00
--> PN532.writeByte: 0xFF
--> PN532.writeByte: 0x03
--> PN532.writeByte: 0xFD
--> PN532.writeByte: 0xD4
--> PN532.writeByte: 0x52
--> PN532.writeByte: 0x00
--> PN532.writeByte: 0xDA
--> PN532.writeByte: 0x00
--> RPi - IRQ pin received signal: LOW
--> PN532.waitForAck()
--> PN532.checkSpiAck()
--> PN532.writeByte: 0x03
--> ACK reading...
--> PN532.readByte: 0x00
--> PN532.readByte: 0x00
--> PN532.readByte: 0xFF
--> PN532.readByte: 0x00
--> PN532.readByte: 0xFF
--> PN532.readByte: 0x00
--> RPi - IRQ pin received signal: HIGH
====================================================================================================
--> PN532.readResponse - waiting...
--> RPi - IRQ pin received signal: LOW
--> PN532.readResponse(..., 255, 1000)
--> PN532.writeByte: 0x03
--> Read response started...
--> PN532.readByte: 0x00
--> PN532.readByte: 0xFF
--> PN532.readByte: 0x03
--> PN532.readResponse - data length: 2
--> PN532.readByte: 0xFD
--> PN532.readByte: 0xD5
--> PN532.readByte: 0x53
--> PN532.readByte: 0x00
--> PN532.readByte: 0xD8
--> PN532.readByte: 0x00
--> RPi - IRQ pin received signal: HIGH
====================================================================================================
Reset PN532 used pins to system default state
pi#raspberrypi:~/tmp $
My probe function is not invoked, when I added unit address and reg property in device tree.
I have a module prototype:
#include <linux/init.h>
#include <linux/module.h>
#include <linux/kernel.h>
#include <linux/miscdevice.h>
#include <linux/platform_device.h>
#ifdef CONFIG_OF
#include <linux/of.h>
#include <linux/of_platform.h>
#endif
static int ect_probe(struct platform_device *pdev) {
struct device *dev = &pdev->dev;
struct device_node *np = dev->of_node;
pr_info("We 're in probe function\n");
pr_info("Reading device tree values\n");
u32 parameter_address;
if (of_property_read_u32(np, "parameter_address", ¶meter_address)) {
return -EINVAL;
}
pr_info("parameter_address is: %d\n", parameter_address);
return 0;
}
static int ect_remove(struct platform_device *pdev)
{
return -EBUSY;
}
static struct of_device_id ect_of_device_ids[] = {
{.compatible = "exynos", },
{},
};
static struct platform_device_id ect_plat_device_ids[] = {
{.name = "ect"},
{},
};
static struct platform_driver ect_parser = {
.probe = ect_probe,
.remove = ect_remove,
.id_table = ect_plat_device_ids,
.driver = {
.name = "ect",
.owner = THIS_MODULE,
.of_match_table = ect_of_device_ids,
},
};
static int __init ect_init(void)
{
printk(KERN_INFO "Init ECT module\n");
return platform_driver_register(&ect_parser);
}
static void ect_exit(void) {
printk(KERN_INFO "Exit ECT module\n");
}
module_init(ect_init)
module_exit(ect_exit)
MODULE_LICENSE("GPL");
MODULE_AUTHOR("Unknown samsung developer");
MODULE_DESCRIPTION("Samsung Exynos calibration table parser module.");
MODULE_VERSION("0.01");
And corresponding entry in device tree root:
ect#67FEB000 {
compatible = "exynos,ect";
reg = <0x00 0x67FEB000 0x00 0x14000>;
parameter_address = <0x67FEB000>;
parameter_size = <0x14000>;
};
When booting, I can see, that ect_init function is called, so I assume, that driver is registered. But probe function is NOT called for some reason.
At the same time, probe function IS called with this device tree entry
ect {
compatible = "exynos,ect";
parameter_address = <0x67FEB000>;
parameter_size = <0x14000>;
};
I thought upon match of compatible property in device and driver linux should execute a probe function.
Why does unit address and reg property broke device-driver matching?
Full device tree:
/dts-v1/;
/ {
interrupt-parent = < 0x8001 >;
#size-cells = < 0x02 >;
#address-cells = < 0x02 >;
compatible = "linux,dummy-virt";
psci {
migrate = < 0xc4000005 >;
cpu_on = < 0xc4000003 >;
cpu_off = < 0x84000002 >;
cpu_suspend = < 0xc4000001 >;
method = "hvc";
compatible = "arm,psci-0.2\0arm,psci";
};
ect#67FEB000 {
compatible = "exynos,ect";
reg = <0x00 0x67FEB000 0x00 0x14000>;
parameter_address = <0x67FEB000>;
parameter_size = <0x14000>;
};
memory#40000000 {
reg = < 0x00 0x40000000 0x00 0x10000000 >;
device_type = "memory";
};
platform#c000000 {
interrupt-parent = < 0x8001 >;
ranges = < 0x00 0x00 0xc000000 0x2000000 >;
#address-cells = < 0x01 >;
#size-cells = < 0x01 >;
compatible = "qemu,platform\0simple-bus";
};
fw-cfg#9020000 {
dma-coherent;
reg = < 0x00 0x9020000 0x00 0x18 >;
compatible = "qemu,fw-cfg-mmio";
};
virtio_mmio#a000000 {
dma-coherent;
interrupts = < 0x00 0x10 0x01 >;
reg = < 0x00 0xa000000 0x00 0x200 >;
compatible = "virtio,mmio";
};
virtio_mmio#a000200 {
dma-coherent;
interrupts = < 0x00 0x11 0x01 >;
reg = < 0x00 0xa000200 0x00 0x200 >;
compatible = "virtio,mmio";
};
virtio_mmio#a000400 {
dma-coherent;
interrupts = < 0x00 0x12 0x01 >;
reg = < 0x00 0xa000400 0x00 0x200 >;
compatible = "virtio,mmio";
};
virtio_mmio#a000600 {
dma-coherent;
interrupts = < 0x00 0x13 0x01 >;
reg = < 0x00 0xa000600 0x00 0x200 >;
compatible = "virtio,mmio";
};
virtio_mmio#a000800 {
dma-coherent;
interrupts = < 0x00 0x14 0x01 >;
reg = < 0x00 0xa000800 0x00 0x200 >;
compatible = "virtio,mmio";
};
virtio_mmio#a000a00 {
dma-coherent;
interrupts = < 0x00 0x15 0x01 >;
reg = < 0x00 0xa000a00 0x00 0x200 >;
compatible = "virtio,mmio";
};
virtio_mmio#a000c00 {
dma-coherent;
interrupts = < 0x00 0x16 0x01 >;
reg = < 0x00 0xa000c00 0x00 0x200 >;
compatible = "virtio,mmio";
};
virtio_mmio#a000e00 {
dma-coherent;
interrupts = < 0x00 0x17 0x01 >;
reg = < 0x00 0xa000e00 0x00 0x200 >;
compatible = "virtio,mmio";
};
virtio_mmio#a001000 {
dma-coherent;
interrupts = < 0x00 0x18 0x01 >;
reg = < 0x00 0xa001000 0x00 0x200 >;
compatible = "virtio,mmio";
};
virtio_mmio#a001200 {
dma-coherent;
interrupts = < 0x00 0x19 0x01 >;
reg = < 0x00 0xa001200 0x00 0x200 >;
compatible = "virtio,mmio";
};
virtio_mmio#a001400 {
dma-coherent;
interrupts = < 0x00 0x1a 0x01 >;
reg = < 0x00 0xa001400 0x00 0x200 >;
compatible = "virtio,mmio";
};
virtio_mmio#a001600 {
dma-coherent;
interrupts = < 0x00 0x1b 0x01 >;
reg = < 0x00 0xa001600 0x00 0x200 >;
compatible = "virtio,mmio";
};
virtio_mmio#a001800 {
dma-coherent;
interrupts = < 0x00 0x1c 0x01 >;
reg = < 0x00 0xa001800 0x00 0x200 >;
compatible = "virtio,mmio";
};
virtio_mmio#a001a00 {
dma-coherent;
interrupts = < 0x00 0x1d 0x01 >;
reg = < 0x00 0xa001a00 0x00 0x200 >;
compatible = "virtio,mmio";
};
virtio_mmio#a001c00 {
dma-coherent;
interrupts = < 0x00 0x1e 0x01 >;
reg = < 0x00 0xa001c00 0x00 0x200 >;
compatible = "virtio,mmio";
};
virtio_mmio#a001e00 {
dma-coherent;
interrupts = < 0x00 0x1f 0x01 >;
reg = < 0x00 0xa001e00 0x00 0x200 >;
compatible = "virtio,mmio";
};
virtio_mmio#a002000 {
dma-coherent;
interrupts = < 0x00 0x20 0x01 >;
reg = < 0x00 0xa002000 0x00 0x200 >;
compatible = "virtio,mmio";
};
virtio_mmio#a002200 {
dma-coherent;
interrupts = < 0x00 0x21 0x01 >;
reg = < 0x00 0xa002200 0x00 0x200 >;
compatible = "virtio,mmio";
};
virtio_mmio#a002400 {
dma-coherent;
interrupts = < 0x00 0x22 0x01 >;
reg = < 0x00 0xa002400 0x00 0x200 >;
compatible = "virtio,mmio";
};
virtio_mmio#a002600 {
dma-coherent;
interrupts = < 0x00 0x23 0x01 >;
reg = < 0x00 0xa002600 0x00 0x200 >;
compatible = "virtio,mmio";
};
virtio_mmio#a002800 {
dma-coherent;
interrupts = < 0x00 0x24 0x01 >;
reg = < 0x00 0xa002800 0x00 0x200 >;
compatible = "virtio,mmio";
};
virtio_mmio#a002a00 {
dma-coherent;
interrupts = < 0x00 0x25 0x01 >;
reg = < 0x00 0xa002a00 0x00 0x200 >;
compatible = "virtio,mmio";
};
virtio_mmio#a002c00 {
dma-coherent;
interrupts = < 0x00 0x26 0x01 >;
reg = < 0x00 0xa002c00 0x00 0x200 >;
compatible = "virtio,mmio";
};
virtio_mmio#a002e00 {
dma-coherent;
interrupts = < 0x00 0x27 0x01 >;
reg = < 0x00 0xa002e00 0x00 0x200 >;
compatible = "virtio,mmio";
};
virtio_mmio#a003000 {
dma-coherent;
interrupts = < 0x00 0x28 0x01 >;
reg = < 0x00 0xa003000 0x00 0x200 >;
compatible = "virtio,mmio";
};
virtio_mmio#a003200 {
dma-coherent;
interrupts = < 0x00 0x29 0x01 >;
reg = < 0x00 0xa003200 0x00 0x200 >;
compatible = "virtio,mmio";
};
virtio_mmio#a003400 {
dma-coherent;
interrupts = < 0x00 0x2a 0x01 >;
reg = < 0x00 0xa003400 0x00 0x200 >;
compatible = "virtio,mmio";
};
virtio_mmio#a003600 {
dma-coherent;
interrupts = < 0x00 0x2b 0x01 >;
reg = < 0x00 0xa003600 0x00 0x200 >;
compatible = "virtio,mmio";
};
virtio_mmio#a003800 {
dma-coherent;
interrupts = < 0x00 0x2c 0x01 >;
reg = < 0x00 0xa003800 0x00 0x200 >;
compatible = "virtio,mmio";
};
virtio_mmio#a003a00 {
dma-coherent;
interrupts = < 0x00 0x2d 0x01 >;
reg = < 0x00 0xa003a00 0x00 0x200 >;
compatible = "virtio,mmio";
};
virtio_mmio#a003c00 {
dma-coherent;
interrupts = < 0x00 0x2e 0x01 >;
reg = < 0x00 0xa003c00 0x00 0x200 >;
compatible = "virtio,mmio";
};
virtio_mmio#a003e00 {
dma-coherent;
interrupts = < 0x00 0x2f 0x01 >;
reg = < 0x00 0xa003e00 0x00 0x200 >;
compatible = "virtio,mmio";
};
gpio-keys {
#address-cells = < 0x01 >;
#size-cells = < 0x00 >;
compatible = "gpio-keys";
poweroff {
gpios = < 0x8003 0x03 0x00 >;
linux,code = < 0x74 >;
label = "GPIO Key Poweroff";
};
};
pl061#9030000 {
phandle = < 0x8003 >;
clock-names = "apb_pclk";
clocks = < 0x8000 >;
interrupts = < 0x00 0x07 0x04 >;
gpio-controller;
#gpio-cells = < 0x02 >;
compatible = "arm,pl061\0arm,primecell";
reg = < 0x00 0x9030000 0x00 0x1000 >;
};
pcie#10000000 {
interrupt-map-mask = < 0x1800 0x00 0x00 0x07 >;
interrupt-map = < 0x00 0x00 0x00 0x01 0x8001 0x00 0x00 0x00 0x03 0x04 0x00 0x00 0x00 0x02 0x8001 0x00 0x00 0x00 0x04 0x04 0x00 0x00 0x00 0x03 0x8001 0x00 0x00 0x00 0x05 0x04 0x00 0x00 0x00 0x04 0x8001 0x00 0x00 0x00 0x06 0x04 0x800 0x00 0x00 0x01 0x8001 0x00 0x00 0x00 0x04 0x04 0x800 0x00 0x00 0x02 0x8001 0x00 0x00 0x00 0x05 0x04 0x800 0x00 0x00 0x03 0x8001 0x00 0x00 0x00 0x06 0x04 0x800 0x00 0x00 0x04 0x8001 0x00 0x00 0x00 0x03 0x04 0x1000 0x00 0x00 0x01 0x8001 0x00 0x00 0x00 0x05 0x04 0x1000 0x00 0x00 0x02 0x8001 0x00 0x00 0x00 0x06 0x04 0x1000 0x00 0x00 0x03 0x8001 0x00 0x00 0x00 0x03 0x04 0x1000 0x00 0x00 0x04 0x8001 0x00 0x00 0x00 0x04 0x04 0x1800 0x00 0x00 0x01 0x8001 0x00 0x00 0x00 0x06 0x04 0x1800 0x00 0x00 0x02 0x8001 0x00 0x00 0x00 0x03 0x04 0x1800 0x00 0x00 0x03 0x8001 0x00 0x00 0x00 0x04 0x04 0x1800 0x00 0x00 0x04 0x8001 0x00 0x00 0x00 0x05 0x04 >;
#interrupt-cells = < 0x01 >;
ranges = < 0x1000000 0x00 0x00 0x00 0x3eff0000 0x00 0x10000 0x2000000 0x00 0x10000000 0x00 0x10000000 0x00 0x2eff0000 0x3000000 0x80 0x00 0x80 0x00 0x80 0x00 >;
reg = < 0x40 0x10000000 0x00 0x10000000 >;
msi-parent = < 0x8002 >;
dma-coherent;
bus-range = < 0x00 0xff >;
linux,pci-domain = < 0x00 >;
#size-cells = < 0x02 >;
#address-cells = < 0x03 >;
device_type = "pci";
compatible = "pci-host-ecam-generic";
};
pl031#9010000 {
clock-names = "apb_pclk";
clocks = < 0x8000 >;
interrupts = < 0x00 0x02 0x04 >;
reg = < 0x00 0x9010000 0x00 0x1000 >;
compatible = "arm,pl031\0arm,primecell";
};
pl011#9000000 {
clock-names = "uartclk\0apb_pclk";
clocks = < 0x8000 0x8000 >;
interrupts = < 0x00 0x01 0x04 >;
reg = < 0x00 0x9000000 0x00 0x1000 >;
compatible = "arm,pl011\0arm,primecell";
};
pmu {
interrupts = < 0x01 0x07 0x104 >;
compatible = "arm,armv8-pmuv3";
};
intc#8000000 {
phandle = < 0x8001 >;
reg = < 0x00 0x8000000 0x00 0x10000 0x00 0x8010000 0x00 0x10000 >;
compatible = "arm,cortex-a15-gic";
ranges;
#size-cells = < 0x02 >;
#address-cells = < 0x02 >;
interrupt-controller;
#interrupt-cells = < 0x03 >;
v2m#8020000 {
phandle = < 0x8002 >;
reg = < 0x00 0x8020000 0x00 0x1000 >;
msi-controller;
compatible = "arm,gic-v2m-frame";
};
};
flash#0 {
bank-width = < 0x04 >;
reg = < 0x00 0x00 0x00 0x4000000 0x00 0x4000000 0x00 0x4000000 >;
compatible = "cfi-flash";
};
cpus {
#size-cells = < 0x00 >;
#address-cells = < 0x01 >;
cpu#0 {
reg = < 0x00 >;
compatible = "arm,cortex-a57";
device_type = "cpu";
};
};
timer {
interrupts = < 0x01 0x0d 0x104 0x01 0x0e 0x104 0x01 0x0b 0x104 0x01 0x0a 0x104 >;
always-on;
compatible = "arm,armv8-timer\0arm,armv7-timer";
};
apb-pclk {
phandle = < 0x8000 >;
clock-output-names = "clk24mhz";
clock-frequency = < 0x16e3600 >;
#clock-cells = < 0x00 >;
compatible = "fixed-clock";
};
chosen {
bootargs = "ect root=/dev/vda console_msg_format=syslog nokaslr norandmaps panic=-1 printk.devkmsg=on printk.time=y rw console=ttyAMA0 - lkmc_home=/lkmc";
stdout-path = "/pl011#9000000";
};
};
The .compatible = "exynos" entry in ect_of_device_ids[] does not match the compatible = "exynos,ect"; entry in the device tree. If you change it to "exynos,ect" your probe function should get called:
static struct of_device_id ect_of_device_ids[] = {
{.compatible = "exynos,ect", },
{},
}
Also, if you want to support auto-loading of external kernel modules by a hotplug handler in userspace, you need to use the MODULE_DEVICE_TABLE macro to include the necessary information in the module:
#ifdef CONFIG_OF
MODULE_DEVICE_TABLE(of, ect_of_device_ids);
#endif
MODULE_DEVICE_TABLE(platform, ect_plat_device_ids);
I am trying to understand how GDB works and how memory is being allocated. When I run the following command, it is suppose to write 72 A's into memory, but when I counted in memory, it only writes 68 A's. Then there's 4 bytes of some random memory before it writes memory of B. When I counted the A's in the print statement, it shows 72 A's.
0xbffff080: 0x14 0x84 0x04 0x08 0x41 0x41 0x41 0x41
0xbffff088: 0x42 0x42 0x42 0x42 0x42 0x42 0x42 0x42
Full command below.
(gdb) run $( python -c "print('A'*72+'BBBB')" )
Starting program: /home/ubuntu/Desktop/test $( python -c "print('A'*72+'BBBB')" )
Breakpoint 2, 0x08048473 in getName (
name=0xbffff32c 'A' <repeats 72 times>, "BBBB") at sample1.c:7
7 printf("Your name is: %s \n", myName);
(gdb) c
Continuing.
Your name is: AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABBBB
Program received signal SIGSEGV, Segmentation fault.
0xbffff32c in ?? ()
(gdb) x/150xb $sp-140
0xbffff038: 0x50 0xf0 0xff 0xbf 0x54 0x82 0x04 0x08
0xbffff040: 0x41 0x41 0x41 0x41 0x41 0x41 0x41 0x41
0xbffff048: 0x41 0x41 0x41 0x41 0x41 0x41 0x41 0x41
0xbffff050: 0x41 0x41 0x41 0x41 0x41 0x41 0x41 0x41
0xbffff058: 0x41 0x41 0x41 0x41 0x41 0x41 0x41 0x41
0xbffff060: 0x41 0x41 0x41 0x41 0x41 0x41 0x41 0x41
0xbffff068: 0x41 0x41 0x41 0x41 0x41 0x41 0x41 0x41
0xbffff070: 0x41 0x41 0x41 0x41 0x41 0x41 0x41 0x41
0xbffff078: 0x41 0x41 0x41 0x41 0x41 0x41 0x41 0x41
0xbffff080: 0x14 0x84 0x04 0x08 0x41 0x41 0x41 0x41
0xbffff088: 0x42 0x42 0x42 0x42 0x42 0x42 0x42 0x42
0xbffff090: 0x2c 0xf3 0xff 0xbf 0x00 0xf0 0xff 0xb7
When I did further testing, and add an additional 4 bytes (4 C's), it shows it properly in memory as well as in the print statement.
(gdb) run $( python -c "print('A'*72+'BBBB'+'CCCC')" )
Starting program: /home/ubuntu/Desktop/test $( python -c "print('A'*72+'BBBB'+'CCCC')" )
Breakpoint 2, 0x08048473 in getName (name=0xbffff300 "") at sample1.c:7
7 printf("Your name is: %s \n", myName);
(gdb) c
Continuing.
Your name is: AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABBBBCCCC
Program received signal SIGSEGV, Segmentation fault.
0x43434343 in ?? ()
(gdb) x/150xb $sp-140
0xbffff02c: 0x54 0x82 0x04 0x08 0x41 0x41 0x41 0x41
0xbffff034: 0x41 0x41 0x41 0x41 0x41 0x41 0x41 0x41
0xbffff03c: 0x41 0x41 0x41 0x41 0x41 0x41 0x41 0x41
0xbffff044: 0x41 0x41 0x41 0x41 0x41 0x41 0x41 0x41
0xbffff04c: 0x41 0x41 0x41 0x41 0x41 0x41 0x41 0x41
0xbffff054: 0x41 0x41 0x41 0x41 0x41 0x41 0x41 0x41
0xbffff05c: 0x41 0x41 0x41 0x41 0x41 0x41 0x41 0x41
0xbffff064: 0x41 0x41 0x41 0x41 0x41 0x41 0x41 0x41
0xbffff06c: 0x41 0x41 0x41 0x41 0x41 0x41 0x41 0x41
0xbffff074: 0x41 0x41 0x41 0x41 0x42 0x42 0x42 0x42
0xbffff07c: 0x43 0x43 0x43 0x43 0x00 0xf3 0xff 0xbf
0xbffff084: 0x00 0xf0 0xff 0xb7 0xab 0x84
Here is the code:
#include <stdio.h>
#include <string.h>
void getName (char* name) {
char myName[64];
strcpy(myName, name);
printf("Your name is: %s \n", myName);
}
int main (int argc, char* argv[]) {
getName(argv[1]);
return 0;
}
A disassembly of getName which shows that 88 bytes were added to the buffer:
Reading symbols from test...done.
(gdb) disas getName
Dump of assembler code for function getName:
0x0804844d <+0>: push %ebp
0x0804844e <+1>: mov %esp,%ebp
0x08048450 <+3>: sub $0x58,%esp
0x08048453 <+6>: mov 0x8(%ebp),%eax
0x08048456 <+9>: mov %eax,0x4(%esp)
0x0804845a <+13>: lea -0x48(%ebp),%eax
0x0804845d <+16>: mov %eax,(%esp)
0x08048460 <+19>: call 0x8048320 <strcpy#plt>
0x08048465 <+24>: lea -0x48(%ebp),%eax
0x08048468 <+27>: mov %eax,0x4(%esp)
0x0804846c <+31>: movl $0x8048530,(%esp)
0x08048473 <+38>: call 0x8048310 <printf#plt>
0x08048478 <+43>: leave
0x08048479 <+44>: ret
End of assembler dump.
Unoptimized code may see extra padding on the stack because of inefficiencies, but most often padding is a result of the compiler trying to align data on the stack. GCC generally tries to allocate arrays on addresses evenly divisible by 16.
After EBP is pushed 0x58 bytes (88 bytes) are allocated. We can see that the buffer starts at EBP-0x48 because of this instruction:
lea -0x48(%ebp),%eax
The address EBP-0x48 is then used to set the parameters on the stack for both the call to strcpy and printf. 0x48 = 72 bytes, despite the buffer being 64 bytes. There are an additional 8 bytes of padding. Why the padding there? Because the compiler has tried to ensure that the beginning of the myName buffer is on a 16 byte boundary.
GCC can keep track of what is on the stack, but an important piece of information about alignment is derived from the calling convention (64-bit System V ABI) that says upon a call to a function (in this case getName) the stack must be 16 byte aligned. The call instruction pushes 4 bytes for a return address and then EBP is pushed for an additional 4. The compiler knows after the PUSH EBP it is misaligned by 8 bytes. 64 + 8 bytes of padding + 4 for EBP + 4 return address = 80. 80 is evenly divisible by 16 (16*5=80). The use of 8 bytes wasn't arbitrary.
In the GDB output you can see the myName array starts on a hexadecimal address ending in 0. Any hexadecimal address that ends in 0 is evenly divisible by 16 and you can see the buffer starts at 0xbffff040:
0xbffff038: 0x50 0xf0 0xff 0xbf 0x54 0x82 0x04 0x08
0xbffff040: 0x41 0x41 0x41 0x41 0x41 0x41 0x41 0x41
With all that being said if you are looking to overwrite the return address it will be at an offset from the beginning of myName that is equal to 64 (array size) + 8 (padding) + 4(EBP on stack) = 76 bytes. You will have to write 76 bytes of data before reaching the point where you can replace the return address.
Note: You may wonder why the myname array has an additional 16 bytes beneath it on the stack (88-72=16 bytes). That space is where the compiler places values for the function calls like strcpy and printf and ensure that the function calls that are made have a stack 16 byte aligned to conform to the 64-bit System V ABI.
Reason for Unusual Data in Middle of myName
I confirmed the following observations by reproducing exactly what you saw on my own Ubuntu 14.04 system.
You were also wondering about the fact that when you inserted 72 A's and 4 B's that you had 4 unexpected bytes in the buffer:
0xbffff080:[0x14 0x84 0x04 0x08] 0x41 0x41 0x41 0x41
0xbffff088: 0x42 0x42 0x42 0x42 0x42 0x42 0x42 0x42
I've marked the 4 bytes with []. You are right that you might expect those 4 bytes to be 0x41 (The letter A) like the rest. What has happened is that although the input you gave on the command line was 76 characters (72+4) strcpy appended a NUL(\0) on the end as a 77th character. This overwrote the lower byte of the return address with 0! You used the c command to continue running after the breakpoint. The debugger terminated when it hit a segmentation fault. What happened was the RET instruction didn't return back to where you expected in main, it returned to a slightly lower location in memory because of the NUL byte being written into the return address. It just so happened that what you didn't see was all the instructions that executed after the RET that placed data back onto the stack. That included writing 32-bits of data into what was once your myName array.
When you wrote 72 A's, 4 B's, and 4 C's you ended up overwriting the return address with CCCC and you got a segmentation fault when the RET tried to start executing code at 0x43434343 as seen here:
0x43434343 in ?? ()
0x43434343 wasn't a valid address where you had execute permissions so it faulted. Because the RET failed to execute any more code the program didn't have a chance to overwrite the myName array. This explains why the buffer wasn't overwritten like the previous test.
I have two 128 bit numbers in memory in hexadecimal, for example (little endian):
x:0x12 0x45 0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00
y:0x36 0xa1 0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00
I've to perform the unsigned multiplication between these two numbers so my new number will be:
z:0xcc 0xe3 0x7e 0x2b 0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00
Now, I'm aware that I can move the half x and y number into rax and rbx registers and, for example, do the mul operation, and do the same with the other half. The problem is that by doing so I lose the carry-over and I've no idea how I can avoid that. It's about 4 hours I'm facing this problem and the only solution that can I see is the conversion in binary (and <-> shl,1).
Can you give me some input about this problem?
I think the best solution is to take one byte par time.
Let μ = 264, then we can decompose your 128 bit numbers a and b into a = a1μ + a2 and b = b1μ + b2. Then we can compute c = ab with 64 · 64 → 128 bit multiplications by first computing partial products:
q1μ + q2 = a2b2
r1μ + r2 = a1b2
s1μ + s2 = a2b1
t1μ + t2 = a1b1
and then accumulating them into a 256 bit result (watch the overflow when doing the additions!):
c = t1μ3 + (t2 + s1 + r1) μ2 + (s2 + r2 + q1) μ + q2
As usual, ask a compiler how to do something efficiently: GNU C on 64-bit platforms supports __int128_t and __uint128_t.
__uint128_t mul128(__uint128_t a, __uint128_t b) { return a*b; }
compiles to (gcc6.2 -O3 on Godbolt)
imul rsi, rdx # a_hi * b_lo
mov rax, rdi
imul rcx, rdi # b_hi * a_lo
mul rdx # a_lo * b_lo widening multiply
add rcx, rsi # add the cross products ...
add rdx, rcx # ... into the high 64 bits.
ret
Since this is targeting the x86-64 System V calling convention, a is in RSI:RDI, while b is in RCX:RDX. The result is returned in RDX:RAX.
Pretty nifty that it only takes one MOV instruction, since gcc doesn't need the high-half result of a_upper * b_lower or vice versa. It can destroy the high halves of the inputs with the faster 2-operand form of IMUL since they're only used once.
With -march=haswell to enable BMI2, gcc uses MULX to avoid even the one MOV.
Sometimes compiler output isn't perfect, but very often the general strategy is a good starting point for optimizing by hand.
Of course, if what you really wanted in the first place was 128-bit multiplies in C, just use the compiler's built-in support for it. That lets the optimizer do its job, often giving better results than if you'd written a couple parts in inline-asm. (https://gcc.gnu.org/wiki/DontUseInlineAsm).
Is there a 128 bit integer in gcc? for GNU C unsigned __int128
https://learn.microsoft.com/en-us/cpp/intrinsics/umul128?view=msvc-170 MSVC's _umul128 that does 64x64 => 128-bit multiply (on 64-bit CPUs only). Takes args as 64-bit halves, returns two halves.
Getting the high part of 64 bit integer multiplication - Including with MSVC intrinsics, but still only for 64-bit CPUs.
An efficient way to do basic 128 bit integer calculations in C++?