Shellchat Commands - betrusted-io/betrusted-wiki GitHub Wiki
This is a list of shellchat commands that are available in the stable v0.9.9 Xous release.
Legend:
- :warning: use command with caution (like
rm -r)
- :x: don't use the command (for internal testing only)
- :skull: does irreversible and bad things (like self destruct)
accel
| :warning: |
Subcommand + args |
Notes |
|
(no options) |
returns x/y/z + ID |
backlight
This command will be deprecated soon.
| :warning: |
Subcommand + args |
Notes |
|
on |
backlight set to 100% |
|
off |
backlight set to 0% |
|
0 |
backlight set to 0% |
|
1 |
backlight set to 12.5% |
|
2 |
backlight set to 37.6% |
|
3 |
backlight set to 50% |
|
4 |
backlight set to 76.5% |
|
5 |
backlight set to 100% |
console
| :warning: |
Subcommand + args |
Notes |
|
kernel |
direct kernel output to serial port |
|
log |
direct logging output to serial port |
|
app |
direct app output to serial port |
echo
| :warning: |
Subcommand + args |
Notes |
|
(anything) |
repeats (anything), up to 1024 UTF-8 bytes |
ecup
This command will be deprecated soon, as EC updates are automatic now.
| :warning: |
Subcommand + args |
Notes |
| :x: |
fw |
Update the firmware segment of the EC (do not use!) |
| :x: |
gw |
Update the gateware segment of the EC (do not use!) |
| :x: |
wf200 |
Update the wf200 segment of the EC (do not use!) |
|
auto |
Auto-update the EC |
jtag
| :warning: |
Subcommand + args |
Notes |
|
id |
prints the JTAG ID code of the FPGA |
|
dna |
prints the DNA of the FPGA |
|
efuse |
prints the efuse (backup key) of the FPGA, if it is readable |
|
ir arg |
sends arg to the JTAG ir. arg should be a binary number (e.g. 101101) |
| :warning: |
burn0 |
burns the "0" key to eFuse. Can lead to bricking your device. |
keys
| :warning: |
Subcommand + args |
Notes |
| :warning: |
bbram |
kicks off the BBRAM provisioning. To be run only from the helper script on a connected Rpi, do not run manually. |
|
aes |
Test routine. Requests the data [0u8; 16] to be encrypted and decrypted by the rootkeys server. |
| :skull: |
ppdbrecycle |
Permanently erases the PDDB by deleting the page table. There is no way to recover from this. |
net
| :warning: |
Subcommand + args |
Notes |
|
tcpget short url |
Gets data at a URL of the form bunniefoo.com/bunnie/test.txt (no http:// prefix) |
|
server |
Starts a server on port 80 that responds with the uptime |
|
fountain |
Starts a "fountain" that spews numbers to any host connecting on port 3333 |
|
udp socket [dest] |
For UDP testing. Starts a listener on socket. dest is optional. For example, run net udp 0.0.0.0:6502 and then use netcat -u <precursor ip address> 6502 to send data via UDP to Precursor |
|
dns host |
Attempt to resolve the IP address of host |
|
ping host count |
Sends count pings to host. Default to 1 if no count is specified |
pddb
| :warning: |
Subcommand + args |
Notes |
|
basislist |
Lists open Bases |
|
default |
Reports the current default Basis |
|
basiscreate |
Triggers UX flow to create a new secret Basis. Does not mount the Basis. |
|
basisunlock |
Mounts a secret Basis |
|
basislock |
Unmounts a secret Basis |
| :warning: |
basisdelete |
Deletes a secret basis. Treat it like rm -r /*. |
| :warning: |
dictdelete |
Deletes a dictionary. Treat it like rm -r /*. |
|
query dictionary:key |
Prints the contents of dictionary:key |
| :warning: |
keydelete dictionary:key |
Deletes dictionary:key. Like rm |
|
keylist dictionary |
Lists the first 10 keys in dictionary |
|
dictlist |
Lists the first 10 dictionaries known to the system |
| :warning: |
churn |
Churns the PDDB. This operation takes about 20-30 minutes. Will erase any un-enumerated secret Bases. Used to restore full deniability after a forensic imaging event. |
|
flush |
Flushes the SpaceUpdate log, restoring deniability |
|
sync |
Syncs any RAM buffers to disk. Useful if you're about to unceremoniously reset or power down the device |
rtc
Slated to be deprecated
| :warning: |
Subcommand + args |
Notes |
|
utc |
Prints the UTC time. Time must be set for this to work. |
|
local |
Prints the local time, if timezone is set. |
sensors
| :warning: |
Subcommand + args |
Notes |
|
(no args) |
Prints the output of various system sensors. |
sleep
Lexicon:
- suspend: SoC is off, EC is on, wifi is on, screen on. ~1-2 days battery life. Could "wake from LAN" in this state, if that code existed.
- ship: Battery is disconnected. Can store for "years". Requires external power to turn on again.
Several of these commands are slated for deprecation.
| :warning: |
Subcommand + args |
Notes |
| :x: |
crypton |
Disables power management on the crypto functions. Don't run it. |
| :x: |
cryptoff |
Forces crypto functions off. Don't run it. |
|
sus |
Puts the device into "suspend" mode. Only works if the device is not plugged in. |
| :x: |
stress |
Forces device into a stress-test loop for sleep/suspend. Don't run it. |
|
now |
Identical to sus but using a different code path |
|
current |
Reports the current consumption most recently measured while suspended |
|
ship |
Disconnects internal battery for shipping and storage. Requires external power to reboot. |
|
coldboot |
Attempts to perform a cold boot, e.g. reload the SoC without the paperclip |
| :skull: |
kill |
Self-destruct the device. Once this is run, you cannot use the device until the battery fully runs down and it turns off. The paperclip method won't recover the device. You have to unplug the battery to recover it. Destroys any BBRAM key if set. |
| :skull: |
killbounce |
Similar to kill but before doing it, calls ship. This causes the battery to disconnect after the kill, so you can "bounce" the device by just plugging power in after about 10 seconds |
|
wfioff |
Disables clock gating and forces the CPU clock to run 100% of the time. May slightly improve performance/latency at the expense of much greater power draw. |
|
wfion |
Re-enables clock gating |
|
debugwfi |
Re-routes some WFI signals to the debug header inside the device so you can see the WFI patterns with an osciloscope |
ssid
| :warning: |
Subcommand + args |
Notes |
|
force |
Forces the WF200 to do another SSID scan cycle |
|
scan |
Reports the currently visible list of SSIDs |
test
:x: Don't. None of these command are meant for you. They are run in the factory to make sure your device works and they can get the device into some hairy states.
trng
| :warning: |
Subcommand + args |
Notes |
|
avnist |
Reports the NIST test status for the avalanche generator |
|
ronist |
Reports the NIST test status for the ring oscillator generator |
|
runs |
Reports latest consecutive bit runs stats on the ring oscillator |
|
excur |
Reports the noise excursion of the avalanche generator. This is an indirect measure of its health. |
|
pump |
Pulls 16 x 1024 u32 values out of the generator and throws them away. Reports sample values at 0, 512, and 1023. |
|
errs |
Reports TRNG error stats. It is normal to see some errors in the RO sub-generators (that's why we use four of them) |
usb
| :warning: |
Subcommand + args |
Notes |
|
console |
Tunnel a serial console to your device inside shellchat |
|
debug |
Switches to the debug core (for updates) |
|
hid |
Switches to the HID core (for keyboard emulation, and FIDO) |
|
kbdtest |
Used to check the keyboard mapping. This is useful for users with e.g. dvorak or custom keymaps on their machine. Use with tools/kbdtest.py to generate map files |
|
leds |
Reports the current status of the keyboard "LEDs" |
|
lock |
Fully restricts debug access on the debug USB core |
|
send text |
"Types" text to a host as if Precursor were a USB device. Must be in HID mode first. |
|
status |
Reports the USB core status |
|
unlock |
Restores access to the debug core. Regardless what the command reports, there is also a hardware ACL that now restricts access to sensitive secrets, so the debug core is much more "safe" to leave on now |
ver
| :warning: |
Subcommand + args |
Notes |
|
ec |
Embedded controller gateware and firmware version |
|
wf200 |
WF200 reported firmware version. |
|
soc |
SoC gateware version |
|
dna |
FPGA silicon DNA |
|
xous |
Xous version |
|
ecreset |
Force the EC into a reset, which reloads its gateware and firmware |
vibe
| :warning: |
Subcommand + args |
Notes |
|
on |
Short motor buzz with every key stroke |
|
off |
Tactile feedback turned off |
|
long |
A single long pulse of the motor |
|
double |
A double-pulse of the motor |
wlan
Most of these commands are slated to be incorporated into a more user-friedly UX flow soon, after which they will be deprecated.
| :warning: |
Subcommand + args |
Notes |
|
on |
Sets the WF200 to on, connection manager to RUN |
|
off |
Stops the connection manager, forces the WF200 hardware reset pin to active |
|
setssid ssid |
Sets your SSID. Press-hold keys to make symbols show up. |
|
setpass pass |
Set a WPA2 password. Press-hold keys to make symbols show up. |
|
save |
Write the SSID/pass combo to the PDDB, so the connection manager can automatically search for it |
|
known |
List of saved SSIDs |
|
join |
Try to join the currently set ssid/pass combo |
|
leave |
Leave the current network, stops the connection manager so it doesn't try to re-join |
|
status |
Current network status |
|
debug |
Triggers debugging routines on the COM port |