ARM connections to FPGA - SSC and Timer Clocks

Tiberius · 2017-01-24 12:58:30

Hello,

Maybe someone can help me with my quest to emulate a conversation to the EM4170 transponder. When I am finished I will gladly provide the code. The problem is: I don't fully understand how the FPGA communicates with the ARM chip.

In the lf sampling routine it seems it happens over a read hold register (RHR) of the SSC.

sample = (uint8_t)AT91C_BASE_SSC->SSC_RHR;

Seems simple enough. But to time it right, it seems that I should use timer clocks. As far as I understand AT91C_BASE_TC1->TC_SR refers to the Timer Clock State Register (TC_SR) of the timer clock 1 (TC1) of the ARM chip (AT91C) and is used to detect falling edges. But there are many of these timer clocks and I don't know which does what. This is an example from the hitag2.c code:

// Receive frame, watch for at most T0*EOF periods
while (AT91C_BASE_TC1->TC_CV < T0*HITAG_T_WAIT_MAX) {

    // Check if falling edge in tag modulation is detected
    if(AT91C_BASE_TC1->TC_SR & AT91C_TC_LDRAS) {
	
        // Retrieve the new timing values 
        int ra = (AT91C_BASE_TC1->TC_RA/T0);
				
	// Reset timer every frame, we have to capture the last edge for timing
	AT91C_BASE_TC0->TC_CCR = AT91C_TC_SWTRG;
       ...}
...}

I found a datasheet of the ARM chip that explains a lot, but I don't know how exactly the proxmark connects ARM to FPGA. (http://www.atmel.com/Images/doc6175.pdf)

My questions are:
- Is there a data sheet that explains the connection between FPGA and ARM?
- Is there an overview over the different timer clocks and when they are triggered?
- What is the difference between the signal at the SSC_RHR and the Timer clocks?
- Is the SSC the same as the SSP, because both turn up from time to time and seem to do the same thing?

Cheers
Stephan

iceman · 2017-01-24 13:27:14

if you need clocks, I've moved it into ticks.c https://github.com/iceman1001/proxmark3 … rc/ticks.c in icemanfork. There you find some clocks which is configured for LF usages and some helper methods.

Tiberius · 2017-01-24 17:45:05

Ah, cool, I might be able to use something of your fork.

In the comments you arite:
Event-Source: TIOB1 (= ssp_clk from FPGA = 13,56MHz/16)
This means the TIOB1 of the ARM is connected to the FPGA. How did you find this out? And is this just a clock from the FPGA or is this the signal coming from the ADC and Antenna?

iceman · 2017-01-24 21:40:24

13.56 MHz is HF. I thought you were doing LF...

Tiberius · 2017-01-24 23:48:32

I know, I just wanted to know how you found this out. I didn't find a useful datasheet.

iceman · 2017-01-25 00:16:19

I've been reading the source code.. there are tidbits of valuable information everywhere. Would be great with a datasheet, or proper documentation but since that will never happen the only advice is to read the source and forum threads.

marshmellow · 2017-01-25 04:13:48

if you can read board diagrams the pm3 hardware design is open source and the originals can be found here http://proxmark.org/files/J.Westhues/

the fpga datasheet is available here https://www.xilinx.com/support/document … /ds001.pdf

unfortunately there is no quick and easy to follow write up on using the timers in the pm3. and i think fully understanding them may lie in understanding the verilog language of the fpga, and the hardware in more detail than i have accomplished...

iceman · 2017-01-25 08:10:12

TC0,TC1,TC3 three clocks, alla 16bits. To make a bigger clock for LF, the TC0 and TC2 is joined.
I missed the fact that they are 16bits and it took me two weeks figure out why it worked only for a short while.. *funny memory*

Tiberius · 2017-01-25 13:57:34

Is the SSC the same as the SSP?

Tiberius · 2017-01-25 22:03:19

@marshmellow: I read the circuit schematics. This already helped alot. Now I understand that it corresponds to the GPIO configurations.
There are also useful comments in the FPGA source code.

Is it true that only the Timer/Counter Channel 1 is used? I think the TC0, TC1, TC2, PIOA, PIOB referenced are always the ones belonging to this channel.

Proxmark3 community

Announcement

#1 2017-01-24 12:58:30

ARM connections to FPGA - SSC and Timer Clocks

#2 2017-01-24 13:27:14

Re: ARM connections to FPGA - SSC and Timer Clocks

#3 2017-01-24 17:45:05

Re: ARM connections to FPGA - SSC and Timer Clocks

#4 2017-01-24 21:40:24

Re: ARM connections to FPGA - SSC and Timer Clocks

#5 2017-01-24 23:48:32

Re: ARM connections to FPGA - SSC and Timer Clocks

#6 2017-01-25 00:16:19

Re: ARM connections to FPGA - SSC and Timer Clocks

#7 2017-01-25 04:13:48

Re: ARM connections to FPGA - SSC and Timer Clocks

#8 2017-01-25 08:10:12

Re: ARM connections to FPGA - SSC and Timer Clocks

#9 2017-01-25 13:57:34

Re: ARM connections to FPGA - SSC and Timer Clocks

#10 2017-01-25 22:03:19

Re: ARM connections to FPGA - SSC and Timer Clocks

Board footer