引言:
qcom 平台机器,一旦efuse后机器将无法抓取dump log
qcom 原文:
efuse机器抓取dump log的方法如下:
一、修改配置文件:
把kamorta_debugpolicy.xml 在配置了debugpolicy(加入串号和打开开关),编译dp并签了名,efuse的设备才能dump
注意:注意此serial_number是cpu的serial number,不是工厂写的串号。需要按这个命令提供:adb shell cat /sys/devices/soc0/serial_number
cat /sys/devices/soc0/serial_number -> 2937467141 -> 0xaf163105
获取serial number的方法:
- xbl_sc 的日志中有打印:S - Serial Number @ 0x221c8610 = 0x0000044baf163105
- 通过sys/devices/soc0/serial_number 获取
注意:v2中serial_number 定义是64位,由8个字节构成,高位的4字节代表CHIP_ID。所以serial number应该是0x0000044baf163105
二、dp文件 编译、签名:
脚本:
#!/bin/bash
SEC_TOOLS="../Linux/sectools"
SECURITY_PROFILE="../../kamorta_debugpolicy.xml"
DEC_FILE="../../decs/Dec-LimitedDebug-Unconstrained.bin"
SERIAL_NUMBER="0x0000044b9E7DC877"
OEM_HW_ID="0xXXXX"
OEM_PRODUCT_ID="0x0400"
SIGNING_MODE="LOCAL"
OEM_KEYS_PATH="../OEM-keys"
ROOT_KEY="$OEM_KEYS_PATH/qpsa_rootca.key"
ROOT_CERTIFICATE="$OEM_KEYS_PATH/qpsa_rootca.cer"
CA_CERTIFICATE="$OEM_KEYS_PATH/qpsa_ca.cer"
CA_KEY="$OEM_KEYS_PATH/qpsa_ca.key"
OUT_FILE="apdp.mbn"
#../Linux/sectools tme-secure-debug --security-profile ../../kamorta_debugpolicy.xml -h
#用于生成apdp.mbn
$SEC_TOOLS tme-secure-debug \
-v \
--oem-lifecycle-state PRODUCTION \
--generate \
--security-profile $SECURITY_PROFILE \
--dec $DEC_FILE \
--outfile $OUT_FILE \
--serial-number $SERIAL_NUMBER \
--crash-dump MINI_DUMP \
--ap-sec-tz-log-en \
--sign \
--signing-mode $SIGNING_MODE \
--oem-id $OEM_HW_ID \
--oem-product-id $OEM_PRODUCT_ID \
--root-key $ROOT_KEY \
--root-certificate $ROOT_CERTIFICATE \
--ca-certificate $CA_CERTIFICATE \
--ca-key $CA_KEY
签名:
cd Kamorta.LA.2.0/common/sectools/
python sectools.py debugpolicy -i dbgp_ap --sign_id=dbgp_ap -p kamorta -g -s
生成Kamorta.LA.2.0/common/sectools/debugpolicy_output/apdp.mbn 文件并签名
三、把apdp.mbn文件烧录到手机
userdebug版本命令:fastboot flash apdp apdp.mbn
user版本:qile 单独刷apdp文件
四、复现问题抓取dump log
使用qpst 抓取log
使用qcom 在线工具 QCAP解析dump log
demo:
diff --git a/common/sectools/config/kamorta/kamorta_debugpolicy.xml b/common/sectools/config/kamorta/kamorta_debugpolicy.xml
index 942d5e6..9d7b161 100755
--- a/common/sectools/config/kamorta/kamorta_debugpolicy.xml
+++ b/common/sectools/config/kamorta/kamorta_debugpolicy.xml
@@ -23,22 +23,22 @@
<flags>
<flag> <bit_pos>0</bit_pos> <value>0</value> </flag> <!--DP_ENABLE_ONLINE_CRASH_DUMPS-->
- <flag> <bit_pos>1</bit_pos> <value>0</value> </flag> <!--DP_ENABLE_OFFLINE_CRASH_DUMPS-->
- <flag> <bit_pos>1</bit_pos> <value>1</value> </flag> <!--DP_ENABLE_OFFLINE_CRASH_DUMPS-->
<flag> <bit_pos>2</bit_pos> <value>0</value> </flag> <!--DP_ENABLE_JTAG-->
- <flag> <bit_pos>3</bit_pos> <value>0</value> </flag> <!--DP_ENABLE_LOGS-->
- <flag> <bit_pos>3</bit_pos> <value>1</value> </flag> <!--DP_ENABLE_LOGS-->
<flag> <bit_pos>4</bit_pos> <value>0</value> </flag> <!-- DP_ENABLE_MODEM_INV_DEBUG -->
<flag> <bit_pos>5</bit_pos> <value>0</value> </flag> <!-- DP_ENABLE_MODEM_NINV_DEBUG -->
<flag> <bit_pos>6</bit_pos> <value>0</value> </flag> <!-- DP_ENABLE_DEBUG_INV -->
<flag> <bit_pos>7</bit_pos> <value>0</value> </flag> <!-- DP_ENABLE_DEBUG_LEVEL -->
<flag> <bit_pos>8</bit_pos> <value>0</value> </flag> <!-- DP_ENABLE_DEBUG_LEVEL -->
- <flag> <bit_pos>24</bit_pos> <value>0</value> </flag> <!--DP_ENABLE_NONSECURE_CRASH_DUMPS-->
- <flag> <bit_pos>24</bit_pos> <value>1</value> </flag> <!--DP_ENABLE_NONSECURE_CRASH_DUMPS-->
<flag> <bit_pos>25</bit_pos> <value>0</value> </flag> <!--DP_ENABLE_APPS_ENCRYPTED_MINI_DUMPS-->
<flag> <bit_pos>26</bit_pos> <value>0</value> </flag> <!--DP_ENABLE_MPSS_ENCRYPTED_MINI_DUMPS-->
<flag> <bit_pos>27</bit_pos> <value>0</value> </flag> <!--DP_ENABLE_LPASS_ENCRYPTED_MINI_DUMPS-->
<flag> <bit_pos>28</bit_pos> <value>0</value> </flag> <!--DP_ENABLE_CSS_ENCRYPTED_MINI_DUMPS-->
<flag> <bit_pos>29</bit_pos> <value>0</value> </flag> <!--DP_ENABLE_ADSP_ENCRYPTED_MINI_DUMPS-->
<flag> <bit_pos>30</bit_pos> <value>0</value> </flag> <!--DP_ENABLE_CDSP_ENCRYPTED_MINI_DUMPS-->
- <flag> <bit_pos>31</bit_pos> <value>0</value> </flag> <!--DP_ENABLE_WLAN_ENCRYPTED_MINI_DUMPS-->
- <flag> <bit_pos>31</bit_pos> <value>1</value> </flag> <!--DP_ENABLE_WLAN_ENCRYPTED_MINI_DUMPS-->
</flags>
<image_bit_map> <!--Range: 0 to 32-->
@@ -52,7 +52,10 @@
</root_cert_hash_list>
<serial_num_list> <!--Range: 1 to 200-->
- <!--<serial_num>00000000</serial_num>-->
-
<!--<serial_num>00000000</serial_num>-->
-
<serial_num>0x48A5062A</serial_num>
-
<serial_num>0x68EBB529</serial_num>
-
<serial_num>0x635D242A</serial_num>
</serial_num_list>
注:此apdp.mbn 只能刷debugpolicy.xml表格中列的串号的设备,刷其他设备无法开机