Ejtagd [repack] | INSTANT » |

Understanding ejtagd: The Essential EJTAG Debug Daemon

ejtagd (EJTAG Debug Daemon) is a background service that facilitates on-chip debugging for MIPS-based embedded systems using the EJTAG (Enhanced JTAG) specification. It acts as the bridge between your debugger (like GDB) and the target hardware.

2.1 What is EJTAG?

EJTAG (Enhanced JTAG) is a MIPS Technologies extension of the standard IEEE 1149.1 JTAG protocol. While standard JTAG is primarily used for boundary scan testing PCBs, EJTAG adds hardware features specifically for CPU debugging, such as: ejtagd

• Hardware breakpoints.
• Single-stepping execution.
• Access to CPU registers and memory.
• Exception handling for debug events.

Basic Usage Workflow

Technical Report: MIPS EJTAG Daemon (ejtagd)

Date: October 26, 2023 Subject: Analysis of the ejtagd Debugging Daemon Status: Informational Understanding ejtagd : The Essential EJTAG Debug Daemon

3.2 Typical Workflow

1. The daemon is started on the target MIPS device (often via init scripts).
2. It listens on a TCP port or a specific hardware interrupt.
3. A host machine running GDB connects to the target IP/Port.
4. The user sends debug commands (read memory, step, continue) which ejtagd translates into hardware instructions for the EJTAG coprocessor (Coprocessor 0).

5. Conclusion

While ejtagd is not an official standard, defining it as a persistent EJTAG daemon provides a useful model for next-generation debug infrastructure. Future work should implement a proof-of-concept on a MIPS-based SoC. Hardware breakpoints

Key Features

• Remote Debugging: Allows GDB to connect over TCP/IP (default port 1234) to control a target device.
• Low-Level Control: Supports hardware breakpoints, watchpoints, single-stepping, and register/memory inspection.
• Target Agnostic: Works with various MIPS cores (e.g., Cavium Octeon, Broadcom, MediaTek routers) via JTAG adapters or built-in kernel support.

Indicators to investigate

1. Binary location
   • /usr/sbin, /usr/bin, /usr/local/bin, /sbin, /opt, or a firmware image.
2. Startup integration
   • Systemd unit: /etc/systemd/system/ or /lib/systemd/system/ (check systemctl status ejtagd)
   • init scripts: /etc/init.d/
   • crontab entries or custom supervisors.
3. Running process
   • ps aux | grep ejtagd
   • lsof -p to see open files/sockets
4. Network activity
   • ss -ltnup | grep ejtagd
   • netstat -anp | grep
5. Files and configuration
   • /etc/ejtagd.conf, /etc/default/ejtagd, /var/log/ejtagd*, /var/run/ejtagd*
6. Package manager
   • Debian/Ubuntu: dpkg -S ejtagd; apt list --installed | grep ejtagd
   • RPM: rpm -qf $(which ejtagd) or dnf/yum list installed
7. Hash & signatures
   • sha256sum $(which ejtagd) and compare with vendor checksums if available.
8. Binary inspection
   • strings /usr/bin/ejtagd | less
   • ldd /usr/bin/ejtagd (check linked libs)
   • readelf -h /usr/bin/ejtagd
9. Associated hardware
   • Check dmesg for JTAG/JTAG adapter messages
   • lsusb / lspci for connected debug adapters