pcileech over PCIe multiplexer?

saidelike commented 1 year ago

I am using a PCIe multiplexer and have potentially the following connected in the multiplexer: the screamer and another PCIe device.

I've confirmed the following:

1) if I connect the screamer directly without the multiplexer, pcileech works fine:

# pcileech -device fpga probe -v

[+] using FTDI device: 0403:601f (bus 4, device 37)
[+] FTDIFTDI SuperSpeed-FIFO Bridge000000000001
DEVICE: FPGA: ScreamerM2 PCIe gen1 x1 [300,25,500] [v4.10,0100] [SYNC,NORM]
FPGA: TINY PCIe TLP algrithm auto-selected!
 Memory Map:                                     
 START              END               #PAGES   
 0000000000100000 - 00000000050fffff  00005000   
 0000000005300000 - 000000001cffffff  00017d00   

 Current Action: Probing Memory                                               
 Access Mode:    Normal                                                       
 Progress:       464 / 4096 (11%)               
 Speed:          77 MB/s                                 
 Address:        0x000000001D000000                      
 Pages read:     118016 / 1048576 (11%)           
 Pages failed:   768 (0%)                  
^C

2) if I connect just the other PCIe device on the multiplexer, the other PCIe device works fine

3) if I connect the screamer only in the multiplexer, pcileech does not work:

# pcileech -device fpga probe -v

[+] using FTDI device: 0403:601f (bus 4, device 35)
[+] FTDIFTDI SuperSpeed-FIFO Bridge000000000001
DEVICE: FPGA: ScreamerM2 PCIe gen2 x1 [300,25,500] [v4.10,0300] [SYNC,NORM]
FPGA: TINY PCIe TLP algrithm auto-selected!
 Memory Map:                                     
 START              END               #PAGES   

 Current Action: Probing Memory                             
 Access Mode:    Normal                                                       
 Progress:       304 / 4096 (7%)           
 Speed:          38 MB/s                        
 Address:        0x0000000013000000                      
 Pages read:     0 / 1048576 (0%)           
 Pages failed:   77824 (7%)                  
^C

You'll notice the following:

the screamer is detected fine
the memory map is not detected
all the pages being read are failure

I've tried lots of options to increase the delays, read less data, etc. and they all seem to fail (but happy to test more if you have ideas!)

4) if I connect the screamer and the other PCIe device on the multiplexer, the PCIe device works fine, but the screamer does not work (same as 3))

I have tried with PCILeech_files_and_binaries_v4.15.1-linux_x64-20220820 and with PCILeech_files_and_binaries_v4.15.1-linux_x64-20221004 and same behaviour.

ufrisk commented 1 year ago

I think this would require some research, and that it may also be depending on what kind of adapter you're using.

I have had success with this in the past. Also you seem to get a PCIe ID from the adapter which is good.

Interesting would be if you would be able to read memory at all, with pcileech.exe display -min 0x1000 -v -vv -vvv -device fpga

Probe is really aggressive. I recommend against using it since it may break things. Take it from the display command, or possibly by sending raw PCIe TLPs and try to find out what's going on. It may be that you'd need to supply a "memory map" for this.

I'm really sorry I won't be of much help with this one. To really look into it I'd need to take a look at the actual adapter and sit with it a while... Anyway best wishes with this and please let me know how it goes.

saidelike commented 1 year ago

Thank you for your reply, really helpful insights/comments.

At the bottom you'll have the output of all the commands.

from 1) and 2), it does no look like I cannot read any memory at all, indeed.
from 1), 2) and 3), it is unclear why the memory map is not taken into account as afaict the verbose output actually shows it in LcMemMap_AddRange and it looks legit? A bug in pcileech or am I missing something?
from 4), it seems my memmap.txt does not change anything as pcileech had detected it anyway as shown by the duplicated LcMemMap_AddRange, right?
if you have pointers to send raw PCIe TLPs and how that would help me debug the problem, that would be helpful.
if that helps, this is the adapter I am currently using https://www.amazon.co.uk/dp/B097H53Z4P/
may I ask what multiplexer you successfully used in the past with pcileech?
I've stripped output when it was all zeros for consistency.

1) verbose display from 0x1000

# pcileech display -min 0x1000 -v -vv -vvv -device fpga

[+] using FTDI device: 0403:601f (bus 4, device 3)
[+] FTDIFTDI SuperSpeed-FIFO Bridge000000000001
DEVICE: FPGA: ScreamerM2 PCIe gen2 x1 [300,25,500] [v4.10,0300] [SYNC,NORM]

----- FPGA DEVICE CONFIG REGISTERS: CORE-READ-ONLY     SIZE: 40 BYTES -----
0000    89 ab 00 00 28 00 00 00  04 0a 04 00 00 00 00 00   ....(...........
0010    db 21 de a4 00 00 00 00  dd 21 de a4 00 00 00 00   .!.......!......
0020    00 00 02 00 ff ff ff ff                            ........        

----- FPGA DEVICE CONFIG REGISTERS: CORE-READ-WRITE    SIZE: 30 BYTES -----
0000    cd ef 04 00 1e 00 00 00  a0 86 01 00 00 00 00 00   ................
0010    ee 10 07 00 ee 10 66 06  02 3c 00 00 00 00         ......f..<....  

----- FPGA DEVICE CONFIG REGISTERS: PCIE-READ-ONLY     SIZE: 48 BYTES -----
0000    01 23 00 00 30 00 00 00  03 00 16 08 5c 00 00 00   .#..0.......\...
0010    08 00 00 00 00 00 00 00  30 29 00 00 01 00 00 00   ........0)......
0020    12 10 00 00 1e 7f 00 00  00 00 00 00 00 00 00 00   ..... ..........

----- FPGA DEVICE CONFIG REGISTERS: PCIE-READ-WRITE    SIZE: 88 BYTES -----
0000    45 67 00 f0 58 00 00 00  35 0a 00 01 01 00 00 00   Eg..X...5.......
0010    00 00 00 00 00 f0 48 00  00 00 00 0e 00 00 00 00   ......H.........
0020    00 00 00 00 00 00 00 00  00 00 00 00 00 00 00 00   ................
0030    00 00 00 00 00 00 00 00  00 00 00 00 00 00 00 00   ................
0040    00 00 00 00 00 00 00 00  00 00 00 00 00 00 00 00   ................
0050    00 00 00 00 24 f4 00 00                            ....$...        

----- PCIe CORE Dynamic Reconfiguration Port (DRP)  SIZE: 0x100 BYTES -----
0000    00 00 00 01 00 02 00 00  00 00 00 00 00 00 f0 00   ................
0010    ff ff 00 00 00 00 00 00  00 00 00 00 00 00 00 00   ................
0020    00 00 00 00 00 00 00 00  00 00 00 40 00 00 00 00   ...........@....
0030    00 00 09 02 30 00 22 7f  02 00 01 00 00 03 11 0c   ....0." ........
0040    02 a1 00 43 01 00 1f fd  7f ff 09 ff 01 20 01 48   ...C.... .... .H
0050    00 05 01 60 11 9c 00 00  00 00 00 00 00 00 00 00   ...`............
0060    00 00 10 60 00 02 40 21  00 40 3d 48 00 23 00 00   ...`..@!.@=H.#..
0070    00 00 00 00 00 00 00 00  00 00 00 00 00 15 00 01   ................
0080    00 01 00 00 00 01 00 00  00 01 00 00 00 01 00 00   ................
0090    00 01 00 00 00 01 00 00  00 00 00 00 00 00 00 00   ................
00a0    00 00 00 00 00 00 00 00  00 02 00 00 12 34 10 18   .............4..
00b0    00 0b 00 01 00 11 00 00  00 00 00 00 00 01 00 00   ................
00c0    00 28 00 41 ff ff ff ff  00 e0 00 00 80 08 00 22   .(.A..........."
00d0    07 ff 03 52 02 48 00 08  00 40 0e 84 fa ac 00 00   ...R.H...@......
00e0    00 00 00 00 00 00 00 00  00 00 00 00 00 00 00 00   ................
00f0    00 00 00 00 00 00 00 00  00 00 00 00 00 00 00 00   ................

----- PCIe CONFIGURATION SPACE (no user set values) SIZE: 0x200 BYTES -----
0000    ee 10 66 06 00 00 10 00  02 00 00 02 00 00 00 00   ..f.............
0010    00 00 00 00 00 00 00 00  00 00 00 00 00 00 00 00   ................
0020    00 00 00 00 00 00 00 00  00 00 00 00 ee 10 07 00   ................
0030    00 00 00 00 40 00 00 00  00 00 00 00 ff 01 00 00   ....@...........
0040    01 48 03 78 08 00 00 00  05 60 80 00 00 00 00 00   .H.x.....`......
0050    00 00 00 00 00 00 00 00  00 00 00 00 00 00 00 00   ................
0060    10 00 02 00 e2 8f 68 00  30 29 01 00 12 f4 03 00   ......h.0)......
0070    00 00 12 10 00 00 00 00  00 00 00 00 00 00 00 00   ................
0080    00 00 00 00 02 00 00 00  00 00 00 00 00 00 00 00   ................
0090    02 00 00 00 00 00 00 00  00 00 00 00 00 00 00 00   ................
00a0    00 00 00 00 00 00 00 00  00 00 00 00 00 00 00 00   ................
00b0    00 00 00 00 00 00 00 00  00 00 00 00 00 00 00 00   ................
00c0    00 00 00 00 00 00 00 00  00 00 00 00 00 00 00 00   ................
00d0    00 00 00 00 00 00 00 00  00 00 00 00 00 00 00 00   ................
00e0    00 00 00 00 00 00 00 00  00 00 00 00 00 00 00 00   ................
00f0    00 00 00 00 00 00 00 00  00 00 00 00 00 00 00 00   ................
0100    03 00 c1 10 35 0a 00 01  01 00 00 00 00 00 00 00   ....5...........
0110    00 00 00 00 00 00 00 00  00 00 00 00 00 00 00 00   ................
0120    00 00 00 00 00 00 00 00  00 00 00 00 00 00 00 00   ................
0130    00 00 00 00 00 00 00 00  00 00 00 00 00 00 00 00   ................
0140    00 00 00 00 00 00 00 00  00 00 00 00 00 00 00 00   ................
0150    00 00 00 00 00 00 00 00  00 00 00 00 00 00 00 00   ................
0160    00 00 00 00 00 00 00 00  00 00 00 00 00 00 00 00   ................
0170    00 00 00 00 00 00 00 00  00 00 00 00 00 00 00 00   ................
0180    00 00 00 00 00 00 00 00  00 00 00 00 00 00 00 00   ................
0190    00 00 00 00 00 00 00 00  00 00 00 00 00 00 00 00   ................
01a0    00 00 00 00 00 00 00 00  00 00 00 00 00 00 00 00   ................
01b0    00 00 00 00 00 00 00 00  00 00 00 00 00 00 00 00   ................
01c0    00 00 00 00 00 00 00 00  00 00 00 00 00 00 00 00   ................
01d0    00 00 00 00 00 00 00 00  00 00 00 00 00 00 00 00   ................
01e0    00 00 00 00 00 00 00 00  00 00 00 00 00 00 00 00   ................
01f0    00 00 00 00 00 00 00 00  00 00 00 00 00 00 00 00   ................

----- PCIe SHADOW CONFIGURATION SPACE (only user set values) SIZE: 0x1000 BYTES -----
0000    00 00 00 00 00 00 00 00  00 00 00 00 00 00 00 00   ................
[...stripped]
0ff0    00 00 00 00 00 00 00 00  00 00 00 00 00 00 00 00   ................

LcMemMap_AddRange: 0000000000000000-000000000009ffff -> 0000000000000000
LcMemMap_AddRange: 0000000000100000-000000ffffffefff -> 0000000000100000
LeechCore v2.12.0: Open Device: fpga

TX: MRd32:  Len: 000 ReqID: 0300 BE_FL: ff Tag: 80 Addr: 00001000
0000    00 00 00 00 03 00 80 ff  00 00 10 00               ............    

RX: Cpl:    Len: 000 ReqID: 0300 CplID: 0208 Status: 1 BC: 000 Tag: 80 LowAddr: 00
0000    0a 00 00 00 02 08 20 00  03 00 80 00               ...... .....    

TX: MRd32:  Len: 000 ReqID: 0300 BE_FL: ff Tag: 00 Addr: 00001000
0000    00 00 00 00 03 00 00 ff  00 00 10 00               ............    

RX: Cpl:    Len: 000 ReqID: 0300 CplID: 0208 Status: 1 BC: 000 Tag: 00 LowAddr: 00
0000    0a 00 00 00 02 08 20 00  03 00 00 00               ...... .....    

TX: MRd32:  Len: 000 ReqID: 0300 BE_FL: ff Tag: 80 Addr: 00001000
0000    00 00 00 00 03 00 80 ff  00 00 10 00               ............    

RX: Cpl:    Len: 000 ReqID: 0300 CplID: 0208 Status: 1 BC: 000 Tag: 80 LowAddr: 00
0000    0a 00 00 00 02 08 20 00  03 00 80 00               ...... .....    

TX: MRd32:  Len: 000 ReqID: 0300 BE_FL: ff Tag: 00 Addr: 00001000
0000    00 00 00 00 03 00 00 ff  00 00 10 00               ............    

RX: Cpl:    Len: 000 ReqID: 0300 CplID: 0208 Status: 1 BC: 000 Tag: 00 LowAddr: 00
0000    0a 00 00 00 02 08 20 00  03 00 00 00               ...... .....    
Memory Display: Failed reading memory at address: 0x0000000000001000.

2) verbose display from 0x01200000

# pcileech display -min 0x01200000 -v -vv -vvv -device fpga

[+] using FTDI device: 0403:601f (bus 4, device 3)
[+] FTDIFTDI SuperSpeed-FIFO Bridge000000000001
DEVICE: FPGA: ScreamerM2 PCIe gen2 x1 [300,25,500] [v4.10,0300] [SYNC,NORM]

----- FPGA DEVICE CONFIG REGISTERS: CORE-READ-ONLY     SIZE: 40 BYTES -----
0000    89 ab 00 00 28 00 00 00  04 0a 04 00 00 00 00 00   ....(...........
0010    a7 12 02 1f 16 00 00 00  a9 12 02 1f 16 00 00 00   ................
0020    00 00 02 00 ff ff ff ff                            ........        

----- FPGA DEVICE CONFIG REGISTERS: CORE-READ-WRITE    SIZE: 30 BYTES -----
0000    cd ef 04 00 1e 00 00 00  a0 86 01 00 00 00 00 00   ................
0010    ee 10 07 00 ee 10 66 06  02 3c 00 00 7f 00         ......f..<.. .  

----- FPGA DEVICE CONFIG REGISTERS: PCIE-READ-ONLY     SIZE: 48 BYTES -----
0000    01 23 00 00 30 00 00 00  03 00 16 08 5c 00 00 00   .#..0.......\...
0010    00 00 00 00 00 00 00 00  30 29 00 00 01 00 00 00   ........0)......
0020    12 10 00 00 1e 7f 00 00  00 00 7f f8 00 00 00 00   ..... .... .....

----- FPGA DEVICE CONFIG REGISTERS: PCIE-READ-WRITE    SIZE: 88 BYTES -----
0000    45 67 00 f0 58 00 00 00  35 0a 00 01 01 00 00 00   Eg..X...5.......
0010    00 00 00 00 7f f0 48 00  00 00 00 0e 00 00 00 00   .... .H.........
0020    00 00 00 00 00 00 00 00  00 00 00 00 00 00 00 00   ................
0030    00 00 00 00 00 00 00 00  00 00 00 00 00 00 00 00   ................
0040    00 00 00 00 00 00 00 00  00 00 00 00 00 00 00 00   ................
0050    00 00 00 00 24 f4 00 00                            ....$...        

----- PCIe CORE Dynamic Reconfiguration Port (DRP)  SIZE: 0x100 BYTES -----
0000    00 00 00 01 00 02 00 00  00 00 00 00 00 00 f0 00   ................
0010    ff ff 00 00 00 00 00 00  00 00 00 00 00 00 00 00   ................
0020    00 00 00 00 00 00 00 00  00 00 00 40 00 00 00 00   ...........@....
0030    00 00 09 02 30 00 22 7f  02 00 01 00 00 03 11 0c   ....0." ........
0040    02 a1 00 43 01 00 1f fd  7f ff 09 ff 01 20 01 48   ...C.... .... .H
0050    00 05 01 60 11 9c 00 00  00 00 00 00 00 00 00 00   ...`............
0060    00 00 10 60 00 02 40 21  00 40 3d 48 00 23 00 00   ...`..@!.@=H.#..
0070    00 00 00 00 00 00 00 00  00 00 00 00 00 15 00 01   ................
0080    00 01 00 00 00 01 00 00  00 01 00 00 00 01 00 00   ................
0090    00 01 00 00 00 01 00 00  00 00 00 00 00 00 00 00   ................
00a0    00 00 00 00 00 00 00 00  00 02 00 00 12 34 10 18   .............4..
00b0    00 0b 00 01 00 11 00 00  00 00 00 00 00 01 00 00   ................
00c0    00 28 00 41 ff ff ff ff  00 e0 00 00 80 08 00 22   .(.A..........."
00d0    07 ff 03 52 02 48 00 08  00 40 0e 84 fa ac 00 00   ...R.H...@......
00e0    00 00 00 00 00 00 00 00  00 00 00 00 00 00 00 00   ................
00f0    00 00 00 00 00 00 00 00  00 00 00 00 00 00 00 00   ................

----- PCIe CONFIGURATION SPACE (no user set values) SIZE: 0x200 BYTES -----
0000    ee 10 66 06 00 00 10 20  02 00 00 02 00 00 00 00   ..f.... ........
0010    00 00 00 00 00 00 00 00  00 00 00 00 00 00 00 00   ................
0020    00 00 00 00 00 00 00 00  00 00 00 00 ee 10 07 00   ................
0030    00 00 00 00 40 00 00 00  00 00 00 00 ff 01 00 00   ....@...........
0040    01 48 03 78 08 00 00 00  05 60 80 00 00 00 00 00   .H.x.....`......
0050    00 00 00 00 00 00 00 00  00 00 00 00 00 00 00 00   ................
0060    10 00 02 00 e2 8f 68 00  30 29 01 00 12 f4 03 00   ......h.0)......
0070    00 00 12 10 00 00 00 00  00 00 00 00 00 00 00 00   ................
0080    00 00 00 00 02 00 00 00  00 00 00 00 00 00 00 00   ................
0090    02 00 00 00 00 00 00 00  00 00 00 00 00 00 00 00   ................
00a0    00 00 00 00 00 00 00 00  00 00 00 00 00 00 00 00   ................
00b0    00 00 00 00 00 00 00 00  00 00 00 00 00 00 00 00   ................
00c0    00 00 00 00 00 00 00 00  00 00 00 00 00 00 00 00   ................
00d0    00 00 00 00 00 00 00 00  00 00 00 00 00 00 00 00   ................
00e0    00 00 00 00 00 00 00 00  00 00 00 00 00 00 00 00   ................
00f0    00 00 00 00 00 00 00 00  00 00 00 00 00 00 00 00   ................
0100    03 00 c1 10 35 0a 00 01  01 00 00 00 00 00 00 00   ....5...........
0110    00 00 00 00 00 00 00 00  00 00 00 00 00 00 00 00   ................
0120    00 00 00 00 00 00 00 00  00 00 00 00 00 00 00 00   ................
0130    00 00 00 00 00 00 00 00  00 00 00 00 00 00 00 00   ................
0140    00 00 00 00 00 00 00 00  00 00 00 00 00 00 00 00   ................
0150    00 00 00 00 00 00 00 00  00 00 00 00 00 00 00 00   ................
0160    00 00 00 00 00 00 00 00  00 00 00 00 00 00 00 00   ................
0170    00 00 00 00 00 00 00 00  00 00 00 00 00 00 00 00   ................
0180    00 00 00 00 00 00 00 00  00 00 00 00 00 00 00 00   ................
0190    00 00 00 00 00 00 00 00  00 00 00 00 00 00 00 00   ................
01a0    00 00 00 00 00 00 00 00  00 00 00 00 00 00 00 00   ................
01b0    00 00 00 00 00 00 00 00  00 00 00 00 00 00 00 00   ................
01c0    00 00 00 00 00 00 00 00  00 00 00 00 00 00 00 00   ................
01d0    00 00 00 00 00 00 00 00  00 00 00 00 00 00 00 00   ................
01e0    00 00 00 00 00 00 00 00  00 00 00 00 00 00 00 00   ................
01f0    00 00 00 00 00 00 00 00  00 00 00 00 00 00 00 00   ................

----- PCIe SHADOW CONFIGURATION SPACE (only user set values) SIZE: 0x1000 BYTES -----
0000    00 00 00 00 00 00 00 00  00 00 00 00 00 00 00 00   ................
[...stripped]
0ff0    00 00 00 00 00 00 00 00  00 00 00 00 00 00 00 00   ................

LcMemMap_AddRange: 0000000000000000-000000000009ffff -> 0000000000000000
LcMemMap_AddRange: 0000000000100000-000000ffffffefff -> 0000000000100000
LeechCore v2.12.0: Open Device: fpga

TX: MRd32:  Len: 000 ReqID: 0300 BE_FL: ff Tag: 80 Addr: 01200000
0000    00 00 00 00 03 00 80 ff  01 20 00 00               ......... ..    

RX: Cpl:    Len: 000 ReqID: 0300 CplID: 0208 Status: 1 BC: 000 Tag: 80 LowAddr: 00
0000    0a 00 00 00 02 08 20 00  03 00 80 00               ...... .....    

TX: MRd32:  Len: 000 ReqID: 0300 BE_FL: ff Tag: 00 Addr: 01200000
0000    00 00 00 00 03 00 00 ff  01 20 00 00               ......... ..    

RX: Cpl:    Len: 000 ReqID: 0300 CplID: 0208 Status: 1 BC: 000 Tag: 00 LowAddr: 00
0000    0a 00 00 00 02 08 20 00  03 00 00 00               ...... .....    

TX: MRd32:  Len: 000 ReqID: 0300 BE_FL: ff Tag: 80 Addr: 01200000
0000    00 00 00 00 03 00 80 ff  01 20 00 00               ......... ..    

RX: Cpl:    Len: 000 ReqID: 0300 CplID: 0208 Status: 1 BC: 000 Tag: 80 LowAddr: 00
0000    0a 00 00 00 02 08 20 00  03 00 80 00               ...... .....    

TX: MRd32:  Len: 000 ReqID: 0300 BE_FL: ff Tag: 00 Addr: 01200000
0000    00 00 00 00 03 00 00 ff  01 20 00 00               ......... ..    

RX: Cpl:    Len: 000 ReqID: 0300 CplID: 0208 Status: 1 BC: 000 Tag: 00 LowAddr: 00
0000    0a 00 00 00 02 08 20 00  03 00 00 00               ...... .....    
Memory Display: Failed reading memory at address: 0x0000000001200000.

3) verbose probe

# pcileech -device fpga probe -vv

[+] using FTDI device: 0403:601f (bus 4, device 3)
[+] FTDIFTDI SuperSpeed-FIFO Bridge000000000001

----- FPGA DEVICE CONFIG REGISTERS: CORE-READ-ONLY     SIZE: 40 BYTES -----
0000    89 ab 00 00 28 00 00 00  04 0a 04 00 00 00 00 00   ....(...........
0010    30 fa f0 5e 0b 00 00 00  32 fa f0 5e 0b 00 00 00   0..^....2..^....
0020    00 00 02 00 ff ff ff ff                            ........        

----- FPGA DEVICE CONFIG REGISTERS: CORE-READ-WRITE    SIZE: 30 BYTES -----
0000    cd ef 04 00 1e 00 00 00  a0 86 01 00 00 00 00 00   ................
0010    ee 10 07 00 ee 10 66 06  02 3c 00 00 7f 00         ......f..<.. .  

----- FPGA DEVICE CONFIG REGISTERS: PCIE-READ-ONLY     SIZE: 48 BYTES -----
0000    01 23 00 00 30 00 00 00  03 00 16 08 5c 00 00 00   .#..0.......\...
0010    00 00 00 00 00 00 00 00  30 29 00 00 01 00 00 00   ........0)......
0020    12 10 00 00 1e 7f 00 00  00 00 7f f8 00 00 00 00   ..... .... .....

----- FPGA DEVICE CONFIG REGISTERS: PCIE-READ-WRITE    SIZE: 88 BYTES -----
0000    45 67 00 f0 58 00 00 00  35 0a 00 01 01 00 00 00   Eg..X...5.......
0010    00 00 00 00 7f f0 48 00  00 00 00 0e 00 00 00 00   .... .H.........
0020    00 00 00 00 00 00 00 00  00 00 00 00 00 00 00 00   ................
0030    00 00 00 00 00 00 00 00  00 00 00 00 00 00 00 00   ................
0040    00 00 00 00 00 00 00 00  00 00 00 00 00 00 00 00   ................
0050    00 00 00 00 24 f4 00 00                            ....$...        

----- PCIe CORE Dynamic Reconfiguration Port (DRP)  SIZE: 0x100 BYTES -----
0000    00 00 00 01 00 02 00 00  00 00 00 00 00 00 f0 00   ................
0010    ff ff 00 00 00 00 00 00  00 00 00 00 00 00 00 00   ................
0020    00 00 00 00 00 00 00 00  00 00 00 40 00 00 00 00   ...........@....
0030    00 00 09 02 30 00 22 7f  02 00 01 00 00 03 11 0c   ....0." ........
0040    02 a1 00 43 01 00 1f fd  7f ff 09 ff 01 20 01 48   ...C.... .... .H
0050    00 05 01 60 11 9c 00 00  00 00 00 00 00 00 00 00   ...`............
0060    00 00 10 60 00 02 40 21  00 40 3d 48 00 23 00 00   ...`..@!.@=H.#..
0070    00 00 00 00 00 00 00 00  00 00 00 00 00 15 00 01   ................
0080    00 01 00 00 00 01 00 00  00 01 00 00 00 01 00 00   ................
0090    00 01 00 00 00 01 00 00  00 00 00 00 00 00 00 00   ................
00a0    00 00 00 00 00 00 00 00  00 02 00 00 12 34 10 18   .............4..
00b0    00 0b 00 01 00 11 00 00  00 00 00 00 00 01 00 00   ................
00c0    00 28 00 41 ff ff ff ff  00 e0 00 00 80 08 00 22   .(.A..........."
00d0    07 ff 03 52 02 48 00 08  00 40 0e 84 fa ac 00 00   ...R.H...@......
00e0    00 00 00 00 00 00 00 00  00 00 00 00 00 00 00 00   ................
00f0    00 00 00 00 00 00 00 00  00 00 00 00 00 00 00 00   ................

----- PCIe CONFIGURATION SPACE (no user set values) SIZE: 0x200 BYTES -----
0000    ee 10 66 06 00 00 10 20  02 00 00 02 00 00 00 00   ..f.... ........
0010    00 00 00 00 00 00 00 00  00 00 00 00 00 00 00 00   ................
0020    00 00 00 00 00 00 00 00  00 00 00 00 ee 10 07 00   ................
0030    00 00 00 00 40 00 00 00  00 00 00 00 ff 01 00 00   ....@...........
0040    01 48 03 78 08 00 00 00  05 60 80 00 00 00 00 00   .H.x.....`......
0050    00 00 00 00 00 00 00 00  00 00 00 00 00 00 00 00   ................
0060    10 00 02 00 e2 8f 68 00  30 29 01 00 12 f4 03 00   ......h.0)......
0070    00 00 12 10 00 00 00 00  00 00 00 00 00 00 00 00   ................
0080    00 00 00 00 02 00 00 00  00 00 00 00 00 00 00 00   ................
0090    02 00 00 00 00 00 00 00  00 00 00 00 00 00 00 00   ................
00a0    00 00 00 00 00 00 00 00  00 00 00 00 00 00 00 00   ................
00b0    00 00 00 00 00 00 00 00  00 00 00 00 00 00 00 00   ................
00c0    00 00 00 00 00 00 00 00  00 00 00 00 00 00 00 00   ................
00d0    00 00 00 00 00 00 00 00  00 00 00 00 00 00 00 00   ................
00e0    00 00 00 00 00 00 00 00  00 00 00 00 00 00 00 00   ................
00f0    00 00 00 00 00 00 00 00  00 00 00 00 00 00 00 00   ................
0100    03 00 c1 10 35 0a 00 01  01 00 00 00 00 00 00 00   ....5...........
0110    00 00 00 00 00 00 00 00  00 00 00 00 00 00 00 00   ................
0120    00 00 00 00 00 00 00 00  00 00 00 00 00 00 00 00   ................
0130    00 00 00 00 00 00 00 00  00 00 00 00 00 00 00 00   ................
0140    00 00 00 00 00 00 00 00  00 00 00 00 00 00 00 00   ................
0150    00 00 00 00 00 00 00 00  00 00 00 00 00 00 00 00   ................
0160    00 00 00 00 00 00 00 00  00 00 00 00 00 00 00 00   ................
0170    00 00 00 00 00 00 00 00  00 00 00 00 00 00 00 00   ................
0180    00 00 00 00 00 00 00 00  00 00 00 00 00 00 00 00   ................
0190    00 00 00 00 00 00 00 00  00 00 00 00 00 00 00 00   ................
01a0    00 00 00 00 00 00 00 00  00 00 00 00 00 00 00 00   ................
01b0    00 00 00 00 00 00 00 00  00 00 00 00 00 00 00 00   ................
01c0    00 00 00 00 00 00 00 00  00 00 00 00 00 00 00 00   ................
01d0    00 00 00 00 00 00 00 00  00 00 00 00 00 00 00 00   ................
01e0    00 00 00 00 00 00 00 00  00 00 00 00 00 00 00 00   ................
01f0    00 00 00 00 00 00 00 00  00 00 00 00 00 00 00 00   ................

----- PCIe SHADOW CONFIGURATION SPACE (only user set values) SIZE: 0x1000 BYTES -----
0000    00 00 00 00 00 00 00 00  00 00 00 00 00 00 00 00   ................
[...stripped]
0ff0    00 00 00 00 00 00 00 00  00 00 00 00 00 00 00 00   ................

LcMemMap_AddRange: 0000000000000000-000000000009ffff -> 0000000000000000
LcMemMap_AddRange: 0000000000100000-00000000ffffffff -> 0000000000100000
LeechCore v2.12.0: Open Device: fpga
 Memory Map:                                     
 START              END               #PAGES   

 Current Action: Probing Memory                             
 Access Mode:    Normal                                                       
 Progress:       96 / 4096 (2%)           
 Speed:          19 MB/s                        
 Address:        0x0000000006000000                      
 Pages read:     0 / 1048576 (0%)           
 Pages failed:   24576 (2%)                  
^C

4) verbose display from 0x01100000 with hardcoded memmap

# cat memmap.txt 
0x0 0x9ffff
0x100000 0xffffffefff

# pcileech display -min 0x01100000 -device fpga -memmap memmap.txt -vv

[+] using FTDI device: 0403:601f (bus 4, device 3)
[+] FTDIFTDI SuperSpeed-FIFO Bridge000000000001

----- FPGA DEVICE CONFIG REGISTERS: CORE-READ-ONLY     SIZE: 40 BYTES -----
0000    89 ab 00 00 28 00 00 00  04 0a 04 00 00 00 00 00   ....(...........
0010    07 10 86 e7 3b 00 00 00  09 10 86 e7 3b 00 00 00   ....;.......;...
0020    00 00 02 00 ff ff ff ff                            ........        

----- FPGA DEVICE CONFIG REGISTERS: CORE-READ-WRITE    SIZE: 30 BYTES -----
0000    cd ef 04 00 1e 00 00 00  a0 86 01 00 00 00 00 00   ................
0010    ee 10 07 00 ee 10 66 06  02 3c 00 00 7f 00         ......f..<.. .  

----- FPGA DEVICE CONFIG REGISTERS: PCIE-READ-ONLY     SIZE: 48 BYTES -----
0000    01 23 00 00 30 00 00 00  03 00 16 08 5c 00 00 00   .#..0.......\...
0010    00 00 00 00 00 00 00 00  30 29 00 00 01 00 00 00   ........0)......
0020    12 10 00 00 1e 7f 00 00  00 00 7f f8 00 00 00 00   ..... .... .....

----- FPGA DEVICE CONFIG REGISTERS: PCIE-READ-WRITE    SIZE: 88 BYTES -----
0000    45 67 00 f0 58 00 00 00  35 0a 00 01 01 00 00 00   Eg..X...5.......
0010    00 00 00 00 7f f0 48 00  00 00 00 0e 00 00 00 00   .... .H.........
0020    00 00 00 00 00 00 00 00  00 00 00 00 00 00 00 00   ................
0030    00 00 00 00 00 00 00 00  00 00 00 00 00 00 00 00   ................
0040    00 00 00 00 00 00 00 00  00 00 00 00 00 00 00 00   ................
0050    00 00 00 00 24 f4 00 00                            ....$...        

----- PCIe CORE Dynamic Reconfiguration Port (DRP)  SIZE: 0x100 BYTES -----
0000    00 00 00 01 00 02 00 00  00 00 00 00 00 00 f0 00   ................
0010    ff ff 00 00 00 00 00 00  00 00 00 00 00 00 00 00   ................
0020    00 00 00 00 00 00 00 00  00 00 00 40 00 00 00 00   ...........@....
0030    00 00 09 02 30 00 22 7f  02 00 01 00 00 03 11 0c   ....0." ........
0040    02 a1 00 43 01 00 1f fd  7f ff 09 ff 01 20 01 48   ...C.... .... .H
0050    00 05 01 60 11 9c 00 00  00 00 00 00 00 00 00 00   ...`............
0060    00 00 10 60 00 02 40 21  00 40 3d 48 00 23 00 00   ...`..@!.@=H.#..
0070    00 00 00 00 00 00 00 00  00 00 00 00 00 15 00 01   ................
0080    00 01 00 00 00 01 00 00  00 01 00 00 00 01 00 00   ................
0090    00 01 00 00 00 01 00 00  00 00 00 00 00 00 00 00   ................
00a0    00 00 00 00 00 00 00 00  00 02 00 00 12 34 10 18   .............4..
00b0    00 0b 00 01 00 11 00 00  00 00 00 00 00 01 00 00   ................
00c0    00 28 00 41 ff ff ff ff  00 e0 00 00 80 08 00 22   .(.A..........."
00d0    07 ff 03 52 02 48 00 08  00 40 0e 84 fa ac 00 00   ...R.H...@......
00e0    00 00 00 00 00 00 00 00  00 00 00 00 00 00 00 00   ................
00f0    00 00 00 00 00 00 00 00  00 00 00 00 00 00 00 00   ................

----- PCIe CONFIGURATION SPACE (no user set values) SIZE: 0x200 BYTES -----
0000    ee 10 66 06 00 00 10 20  02 00 00 02 00 00 00 00   ..f.... ........
0010    00 00 00 00 00 00 00 00  00 00 00 00 00 00 00 00   ................
0020    00 00 00 00 00 00 00 00  00 00 00 00 ee 10 07 00   ................
0030    00 00 00 00 40 00 00 00  00 00 00 00 ff 01 00 00   ....@...........
0040    01 48 03 78 08 00 00 00  05 60 80 00 00 00 00 00   .H.x.....`......
0050    00 00 00 00 00 00 00 00  00 00 00 00 00 00 00 00   ................
0060    10 00 02 00 e2 8f 68 00  30 29 01 00 12 f4 03 00   ......h.0)......
0070    00 00 12 10 00 00 00 00  00 00 00 00 00 00 00 00   ................
0080    00 00 00 00 02 00 00 00  00 00 00 00 00 00 00 00   ................
0090    02 00 00 00 00 00 00 00  00 00 00 00 00 00 00 00   ................
00a0    00 00 00 00 00 00 00 00  00 00 00 00 00 00 00 00   ................
00b0    00 00 00 00 00 00 00 00  00 00 00 00 00 00 00 00   ................
00c0    00 00 00 00 00 00 00 00  00 00 00 00 00 00 00 00   ................
00d0    00 00 00 00 00 00 00 00  00 00 00 00 00 00 00 00   ................
00e0    00 00 00 00 00 00 00 00  00 00 00 00 00 00 00 00   ................
00f0    00 00 00 00 00 00 00 00  00 00 00 00 00 00 00 00   ................
0100    03 00 c1 10 35 0a 00 01  01 00 00 00 00 00 00 00   ....5...........
0110    00 00 00 00 00 00 00 00  00 00 00 00 00 00 00 00   ................
0120    00 00 00 00 00 00 00 00  00 00 00 00 00 00 00 00   ................
0130    00 00 00 00 00 00 00 00  00 00 00 00 00 00 00 00   ................
0140    00 00 00 00 00 00 00 00  00 00 00 00 00 00 00 00   ................
0150    00 00 00 00 00 00 00 00  00 00 00 00 00 00 00 00   ................
0160    00 00 00 00 00 00 00 00  00 00 00 00 00 00 00 00   ................
0170    00 00 00 00 00 00 00 00  00 00 00 00 00 00 00 00   ................
0180    00 00 00 00 00 00 00 00  00 00 00 00 00 00 00 00   ................
0190    00 00 00 00 00 00 00 00  00 00 00 00 00 00 00 00   ................
01a0    00 00 00 00 00 00 00 00  00 00 00 00 00 00 00 00   ................
01b0    00 00 00 00 00 00 00 00  00 00 00 00 00 00 00 00   ................
01c0    00 00 00 00 00 00 00 00  00 00 00 00 00 00 00 00   ................
01d0    00 00 00 00 00 00 00 00  00 00 00 00 00 00 00 00   ................
01e0    00 00 00 00 00 00 00 00  00 00 00 00 00 00 00 00   ................
01f0    00 00 00 00 00 00 00 00  00 00 00 00 00 00 00 00   ................

----- PCIe SHADOW CONFIGURATION SPACE (only user set values) SIZE: 0x1000 BYTES -----
0000    00 00 00 00 00 00 00 00  00 00 00 00 00 00 00 00   ................
[...stripped]
0ff0    00 00 00 00 00 00 00 00  00 00 00 00 00 00 00 00   ................

LcMemMap_AddRange: 0000000000000000-000000000009ffff -> 0000000000000000
LcMemMap_AddRange: 0000000000100000-000000ffffffefff -> 0000000000100000
LeechCore v2.12.0: Open Device: fpga
LcMemMap_AddRange: 0000000000000000-000000000009ffff -> 0000000000000000
LcMemMap_AddRange: 0000000000100000-000000ffffffefff -> 0000000000100000
Memory Display: Failed reading memory at address: 0x0000000001100000.

ufrisk commented 1 year ago

It's really hard for me to know what the issue is. You seem to receive an error from upstream (The Cpl packet instead of a CplD packet). You also have the master abort flag set in the status register of the config space which may cause issues if the upstream bridge would care about such things.

I assume you did the test above after a fresh reboot / reconnect and not after you did the probe.

Sometimes the OS will disable "busmaster capabilities" (i.e. DMA) when the computer is locked. Windows 11 sometimes does this as part of its DMA protections. After you login this restriction may be lifted. I don't know if this is your issue though.

saidelike commented 1 year ago

I actually hadn't tried the test above after a fresh reboot. So I tried again but it seems the same result. FWIW this is not for a Windows device or similar, it is against an embedded device. I was initially waiting for it to boot, but I've tried to do it earlier at boot below, even if I don't think it matters in my case since when I don't use the PCIe multiplexer and do the DMA attack directly connected, I can do it right after boot or later after it has already booted.

Anyway, the result below is when I plug power for the screamer but I haven't plugged power for the embedded device yet, it seems normal:

# pcileech display -min 0x01200000 -v -vv -vvv -device fpga

[+] using FTDI device: 0403:601f (bus 4, device 5)
[+] FTDIFTDI SuperSpeed-FIFO Bridge000000000001

----- FPGA DEVICE CONFIG REGISTERS: CORE-READ-ONLY     SIZE: 40 BYTES -----
0000    89 ab 00 00 28 00 00 00  04 0a 04 00 00 00 00 00   ....(...........
0010    6f 86 b3 57 00 00 00 00  71 86 b3 57 00 00 00 00   o..W....q..W....
0020    00 00 02 00 ff ff ff ff                            ........        

----- FPGA DEVICE CONFIG REGISTERS: CORE-READ-WRITE    SIZE: 30 BYTES -----
0000    cd ef 04 00 1e 00 00 00  a0 86 01 00 00 00 00 00   ................
0010    ee 10 07 00 ee 10 66 06  02 3c 00 00 7f 00         ......f..<.. .  

----- FPGA DEVICE CONFIG REGISTERS: PCIE-READ-ONLY     SIZE: 48 BYTES -----
0000    01 23 00 00 30 00 00 00  00 00 16 08 5c 00 00 00   .#..0.......\...
0010    ff ff ff ff 00 00 00 00  10 29 00 00 01 00 00 00   .........)......
0020    12 10 00 00 1e 7f 00 00  00 00 00 00 00 00 00 00   ..... ..........

----- FPGA DEVICE CONFIG REGISTERS: PCIE-READ-WRITE    SIZE: 88 BYTES -----
0000    45 67 00 f0 58 00 00 00  35 0a 00 01 01 00 00 00   Eg..X...5.......
0010    00 00 00 00 00 f0 48 00  00 00 00 0e 00 00 00 00   ......H.........
0020    00 00 00 00 00 00 00 00  00 00 00 00 00 00 00 00   ................
0030    00 00 00 00 00 00 00 00  00 00 00 00 00 00 00 00   ................
0040    00 00 00 00 00 00 00 00  00 00 00 00 00 00 00 00   ................
0050    00 00 00 00 24 f4 00 00                            ....$...        

----- PCIe CORE Dynamic Reconfiguration Port (DRP)  SIZE: 0x100 BYTES -----
0000    00 00 00 01 00 02 00 00  00 00 00 00 00 00 f0 00   ................
0010    ff ff 00 00 00 00 00 00  00 00 00 00 00 00 00 00   ................
0020    00 00 00 00 00 00 00 00  00 00 00 40 00 00 00 00   ...........@....
0030    00 00 09 02 30 00 22 7f  02 00 01 00 00 03 11 0c   ....0." ........
0040    02 a1 00 43 01 00 1f fd  7f ff 09 ff 01 20 01 48   ...C.... .... .H
0050    00 05 01 60 11 9c 00 00  00 00 00 00 00 00 00 00   ...`............
0060    00 00 10 60 00 02 40 21  00 40 3d 48 00 23 00 00   ...`..@!.@=H.#..
0070    00 00 00 00 00 00 00 00  00 00 00 00 00 15 00 01   ................
0080    00 01 00 00 00 01 00 00  00 01 00 00 00 01 00 00   ................
0090    00 01 00 00 00 01 00 00  00 00 00 00 00 00 00 00   ................
00a0    00 00 00 00 00 00 00 00  00 02 00 00 12 34 10 18   .............4..
00b0    00 0b 00 01 00 11 00 00  00 00 00 00 00 01 00 00   ................
00c0    00 28 00 41 ff ff ff ff  00 e0 00 00 80 08 00 22   .(.A..........."
00d0    07 ff 03 52 02 48 00 08  00 40 0e 84 fa ac 00 00   ...R.H...@......
00e0    00 00 00 00 00 00 00 00  00 00 00 00 00 00 00 00   ................
00f0    00 00 00 00 00 00 00 00  00 00 00 00 00 00 00 00   ................

----- PCIe CONFIGURATION SPACE (no user set values) SIZE: 0x200 BYTES -----
0000    ee 10 66 06 00 00 10 00  02 00 00 02 00 00 00 00   ..f.............
0010    00 00 00 00 00 00 00 00  00 00 00 00 00 00 00 00   ................
0020    00 00 00 00 00 00 00 00  00 00 00 00 ee 10 07 00   ................
0030    00 00 00 00 40 00 00 00  00 00 00 00 ff 01 00 00   ....@...........
0040    01 48 03 78 08 00 00 00  05 60 80 00 00 00 00 00   .H.x.....`......
0050    00 00 00 00 00 00 00 00  00 00 00 00 00 00 00 00   ................
0060    10 00 02 00 e2 8f 68 00  10 29 01 00 12 f4 03 00   ......h..)......
0070    00 00 12 10 00 00 00 00  00 00 00 00 00 00 00 00   ................
0080    00 00 00 00 02 00 00 00  00 00 00 00 00 00 00 00   ................
0090    02 00 00 00 00 00 00 00  00 00 00 00 00 00 00 00   ................
00a0    00 00 00 00 00 00 00 00  00 00 00 00 00 00 00 00   ................
00b0    00 00 00 00 00 00 00 00  00 00 00 00 00 00 00 00   ................
00c0    00 00 00 00 00 00 00 00  00 00 00 00 00 00 00 00   ................
00d0    00 00 00 00 00 00 00 00  00 00 00 00 00 00 00 00   ................
00e0    00 00 00 00 00 00 00 00  00 00 00 00 00 00 00 00   ................
00f0    00 00 00 00 00 00 00 00  00 00 00 00 00 00 00 00   ................
0100    03 00 c1 10 35 0a 00 01  01 00 00 00 00 00 00 00   ....5...........
0110    00 00 00 00 00 00 00 00  00 00 00 00 00 00 00 00   ................
0120    00 00 00 00 00 00 00 00  00 00 00 00 00 00 00 00   ................
0130    00 00 00 00 00 00 00 00  00 00 00 00 00 00 00 00   ................
0140    00 00 00 00 00 00 00 00  00 00 00 00 00 00 00 00   ................
0150    00 00 00 00 00 00 00 00  00 00 00 00 00 00 00 00   ................
0160    00 00 00 00 00 00 00 00  00 00 00 00 00 00 00 00   ................
0170    00 00 00 00 00 00 00 00  00 00 00 00 00 00 00 00   ................
0180    00 00 00 00 00 00 00 00  00 00 00 00 00 00 00 00   ................
0190    00 00 00 00 00 00 00 00  00 00 00 00 00 00 00 00   ................
01a0    00 00 00 00 00 00 00 00  00 00 00 00 00 00 00 00   ................
01b0    00 00 00 00 00 00 00 00  00 00 00 00 00 00 00 00   ................
01c0    00 00 00 00 00 00 00 00  00 00 00 00 00 00 00 00   ................
01d0    00 00 00 00 00 00 00 00  00 00 00 00 00 00 00 00   ................
01e0    00 00 00 00 00 00 00 00  00 00 00 00 00 00 00 00   ................
01f0    00 00 00 00 00 00 00 00  00 00 00 00 00 00 00 00   ................

----- PCIe SHADOW CONFIGURATION SPACE (only user set values) SIZE: 0x1000 BYTES -----
0000    00 00 00 00 00 00 00 00  00 00 00 00 00 00 00 00   ................
...
0ff0    00 00 00 00 00 00 00 00  00 00 00 00 00 00 00 00   ................

DEVICE: FPGA: ERROR: Unable to retrieve required Device PCIe ID [4,v4.10,0000]
PCILEECH: Failed to connect to the device.

And this is when I plugged power for the embedded device:

# pcileech display -min 0x01200000 -v -vv -vvv -device fpga

[+] using FTDI device: 0403:601f (bus 4, device 5)
[+] FTDIFTDI SuperSpeed-FIFO Bridge000000000001
DEVICE: FPGA: ScreamerM2 PCIe gen2 x1 [300,25,500] [v4.10,0300] [SYNC,NORM]

----- FPGA DEVICE CONFIG REGISTERS: CORE-READ-ONLY     SIZE: 40 BYTES -----
0000    89 ab 00 00 28 00 00 00  04 0a 04 00 00 00 00 00   ....(...........
0010    d4 1e d5 7f 00 00 00 00  d6 1e d5 7f 00 00 00 00   ... ....... ....
0020    00 00 02 00 ff ff ff ff                            ........        

----- FPGA DEVICE CONFIG REGISTERS: CORE-READ-WRITE    SIZE: 30 BYTES -----
0000    cd ef 04 00 1e 00 00 00  a0 86 01 00 00 00 00 00   ................
0010    ee 10 07 00 ee 10 66 06  02 3c 00 00 7f 00         ......f..<.. .  

----- FPGA DEVICE CONFIG REGISTERS: PCIE-READ-ONLY     SIZE: 48 BYTES -----
0000    01 23 00 00 30 00 00 00  03 00 16 08 5c 00 00 00   .#..0.......\...
0010    00 00 00 00 00 00 00 00  30 29 00 00 01 00 00 00   ........0)......
0020    12 10 00 00 1e 7f 00 00  00 00 7f f8 00 00 00 00   ..... .... .....

----- FPGA DEVICE CONFIG REGISTERS: PCIE-READ-WRITE    SIZE: 88 BYTES -----
0000    45 67 00 f0 58 00 00 00  35 0a 00 01 01 00 00 00   Eg..X...5.......
0010    00 00 00 00 7f f0 48 00  00 00 00 0e 00 00 00 00   .... .H.........
0020    00 00 00 00 00 00 00 00  00 00 00 00 00 00 00 00   ................
0030    00 00 00 00 00 00 00 00  00 00 00 00 00 00 00 00   ................
0040    00 00 00 00 00 00 00 00  00 00 00 00 00 00 00 00   ................
0050    00 00 00 00 24 f4 00 00                            ....$...        

----- PCIe CORE Dynamic Reconfiguration Port (DRP)  SIZE: 0x100 BYTES -----
0000    00 00 00 01 00 02 00 00  00 00 00 00 00 00 f0 00   ................
0010    ff ff 00 00 00 00 00 00  00 00 00 00 00 00 00 00   ................
0020    00 00 00 00 00 00 00 00  00 00 00 40 00 00 00 00   ...........@....
0030    00 00 09 02 30 00 22 7f  02 00 01 00 00 03 11 0c   ....0." ........
0040    02 a1 00 43 01 00 1f fd  7f ff 09 ff 01 20 01 48   ...C.... .... .H
0050    00 05 01 60 11 9c 00 00  00 00 00 00 00 00 00 00   ...`............
0060    00 00 10 60 00 02 40 21  00 40 3d 48 00 23 00 00   ...`..@!.@=H.#..
0070    00 00 00 00 00 00 00 00  00 00 00 00 00 15 00 01   ................
0080    00 01 00 00 00 01 00 00  00 01 00 00 00 01 00 00   ................
0090    00 01 00 00 00 01 00 00  00 00 00 00 00 00 00 00   ................
00a0    00 00 00 00 00 00 00 00  00 02 00 00 12 34 10 18   .............4..
00b0    00 0b 00 01 00 11 00 00  00 00 00 00 00 01 00 00   ................
00c0    00 28 00 41 ff ff ff ff  00 e0 00 00 80 08 00 22   .(.A..........."
00d0    07 ff 03 52 02 48 00 08  00 40 0e 84 fa ac 00 00   ...R.H...@......
00e0    00 00 00 00 00 00 00 00  00 00 00 00 00 00 00 00   ................
00f0    00 00 00 00 00 00 00 00  00 00 00 00 00 00 00 00   ................

----- PCIe CONFIGURATION SPACE (no user set values) SIZE: 0x200 BYTES -----
0000    ee 10 66 06 00 00 10 20  02 00 00 02 00 00 00 00   ..f.... ........
0010    00 00 00 00 00 00 00 00  00 00 00 00 00 00 00 00   ................
0020    00 00 00 00 00 00 00 00  00 00 00 00 ee 10 07 00   ................
0030    00 00 00 00 40 00 00 00  00 00 00 00 ff 01 00 00   ....@...........
0040    01 48 03 78 08 00 00 00  05 60 80 00 00 00 00 00   .H.x.....`......
0050    00 00 00 00 00 00 00 00  00 00 00 00 00 00 00 00   ................
0060    10 00 02 00 e2 8f 68 00  30 29 01 00 12 f4 03 00   ......h.0)......
0070    00 00 12 10 00 00 00 00  00 00 00 00 00 00 00 00   ................
0080    00 00 00 00 02 00 00 00  00 00 00 00 00 00 00 00   ................
0090    02 00 00 00 00 00 00 00  00 00 00 00 00 00 00 00   ................
00a0    00 00 00 00 00 00 00 00  00 00 00 00 00 00 00 00   ................
00b0    00 00 00 00 00 00 00 00  00 00 00 00 00 00 00 00   ................
00c0    00 00 00 00 00 00 00 00  00 00 00 00 00 00 00 00   ................
00d0    00 00 00 00 00 00 00 00  00 00 00 00 00 00 00 00   ................
00e0    00 00 00 00 00 00 00 00  00 00 00 00 00 00 00 00   ................
00f0    00 00 00 00 00 00 00 00  00 00 00 00 00 00 00 00   ................
0100    03 00 c1 10 35 0a 00 01  01 00 00 00 00 00 00 00   ....5...........
0110    00 00 00 00 00 00 00 00  00 00 00 00 00 00 00 00   ................
0120    00 00 00 00 00 00 00 00  00 00 00 00 00 00 00 00   ................
0130    00 00 00 00 00 00 00 00  00 00 00 00 00 00 00 00   ................
0140    00 00 00 00 00 00 00 00  00 00 00 00 00 00 00 00   ................
0150    00 00 00 00 00 00 00 00  00 00 00 00 00 00 00 00   ................
0160    00 00 00 00 00 00 00 00  00 00 00 00 00 00 00 00   ................
0170    00 00 00 00 00 00 00 00  00 00 00 00 00 00 00 00   ................
0180    00 00 00 00 00 00 00 00  00 00 00 00 00 00 00 00   ................
0190    00 00 00 00 00 00 00 00  00 00 00 00 00 00 00 00   ................
01a0    00 00 00 00 00 00 00 00  00 00 00 00 00 00 00 00   ................
01b0    00 00 00 00 00 00 00 00  00 00 00 00 00 00 00 00   ................
01c0    00 00 00 00 00 00 00 00  00 00 00 00 00 00 00 00   ................
01d0    00 00 00 00 00 00 00 00  00 00 00 00 00 00 00 00   ................
01e0    00 00 00 00 00 00 00 00  00 00 00 00 00 00 00 00   ................
01f0    00 00 00 00 00 00 00 00  00 00 00 00 00 00 00 00   ................

----- PCIe SHADOW CONFIGURATION SPACE (only user set values) SIZE: 0x1000 BYTES -----
0000    00 00 00 00 00 00 00 00  00 00 00 00 00 00 00 00   ................
...
0ff0    00 00 00 00 00 00 00 00  00 00 00 00 00 00 00 00   ................

LcMemMap_AddRange: 0000000000000000-000000000009ffff -> 0000000000000000
LcMemMap_AddRange: 0000000000100000-000000ffffffefff -> 0000000000100000
LeechCore v2.12.0: Open Device: fpga

TX: MRd32:  Len: 000 ReqID: 0300 BE_FL: ff Tag: 80 Addr: 01200000
0000    00 00 00 00 03 00 80 ff  01 20 00 00               ......... ..    

RX: Cpl:    Len: 000 ReqID: 0300 CplID: 0208 Status: 1 BC: 000 Tag: 80 LowAddr: 00
0000    0a 00 00 00 02 08 20 00  03 00 80 00               ...... .....    

TX: MRd32:  Len: 000 ReqID: 0300 BE_FL: ff Tag: 00 Addr: 01200000
0000    00 00 00 00 03 00 00 ff  01 20 00 00               ......... ..    

RX: Cpl:    Len: 000 ReqID: 0300 CplID: 0208 Status: 1 BC: 000 Tag: 00 LowAddr: 00
0000    0a 00 00 00 02 08 20 00  03 00 00 00               ...... .....    

TX: MRd32:  Len: 000 ReqID: 0300 BE_FL: ff Tag: 80 Addr: 01200000
0000    00 00 00 00 03 00 80 ff  01 20 00 00               ......... ..    

RX: Cpl:    Len: 000 ReqID: 0300 CplID: 0208 Status: 1 BC: 000 Tag: 80 LowAddr: 00
0000    0a 00 00 00 02 08 20 00  03 00 80 00               ...... .....    

TX: MRd32:  Len: 000 ReqID: 0300 BE_FL: ff Tag: 00 Addr: 01200000
0000    00 00 00 00 03 00 00 ff  01 20 00 00               ......... ..    

RX: Cpl:    Len: 000 ReqID: 0300 CplID: 0208 Status: 1 BC: 000 Tag: 00 LowAddr: 00
0000    0a 00 00 00 02 08 20 00  03 00 00 00               ...... .....    
Memory Display: Failed reading memory at address: 0x0000000001200000.

Anyway, nothing new afaict and I don't have any more ideas. Thanks any for your pointers.

ufrisk commented 1 year ago

I really don't know. I see you haven't got a PCIe ID in the 1st log you posted. In the 2nd you got the PCIe ID assigned but you're getting unsupported request completions for your memory read attempts. It seems like DMA is blocked to me. Maybe the OS is actively blocking DMA from rouge devices in your case?

ufrisk commented 1 year ago

I'm closing this issue since it's not much I can do about it. I would really have to sit with the hardware myself to try to debug this.

I know the PCILeech is working with some PCIe multiplexers though, but it may differ between the different onces.

ufrisk / pcileech

pcileech over PCIe multiplexer? #212