How to create a non-encrypted factory image with custom secondary bootloader on LPC11U68

d_m_ · ‎03-18-2019

Hi,
We are working on a firmware for the LPC11U68 (custom PCB design), and we try to integrate a secondary bootloader (SBL) because the primary bootloader (DFU via ISP-mode on USB MSC) is not suitable for our application.
I carefully read and follow the instruction of the application note AN12037 (LPC11U6x USB DFU Secondary Bootloader, Rev. 1 – September 2017). However, I did not find a way to create a simple factory image with a custom SBL, i.e. a binary that integrates both the custom SBL and the user application.
The “lpc11xx_secimgcr.exe” provided in the “image-creator-tools” seems to only give the option to create encrypted factory image through the “--factory-image-create” option. Is there another option to create non-encrypted factory image using this tool, or to combine the SBL binary with the application using another tool?

Here are the details of the steps I followed to create the custom SBL and the SBL-compatible firmware. Note that I develop with MCUXpresso v10.

Custom SBL: Based on the project “sbl_dfu_lpc11u60” given in the application note’s sources, I customized the SBL to our needs. When programmed on the LPC11U68, (via SWD or primary bootloader), the SBL works as expected (LpcDevice in device manager and found by “dfu-util.exe” with option “-l”).
SBL-compatible firmware: I modified our firmware to integrate the required header and memory map as described in the application note:
- Automatic linker script disabled,
- Definition of memory region to take into account the SBL space,
- Definition of the image header with the firmware version,
- Generation of the CRC using “lpc11xx_secimgcr.exe”
SBL DFU tests: When the SBL is programmed, the DFU works as expected.

Thanks for your support.

David

d_m_ · ‎03-26-2019

Dear Jun,
Thanks for your answer. Unfortunately, to what I understand and after numerous tests, the command you mention is only to create a DFU capable image (with a generated CRC), and does not create a factory image that integrates both the secondary bootloader and the application.

Note: I tried the command with both a binary (with .bin extension) and a DFU image (with .dfu extension), but the command “lpc11xx_secimgcr.exe <input file> <output file >” with no parameter does not integrate the bootloader for a factory image.

I found a solution to create this factory image (SBL + DFU image) using the SRecord tool, however we have other problems with the SBL. The command to create the factory image with SRecord is:

srec_cat.exe <input bootloader binary with checksum.bin> -binary <input DFU file with CRC.dfu> -binary -offset 0x2000 -o <output factory image.bin> -binary‍‍‍

Since the question has been marked as "assumed answered", I create another post for the "bug" we found in the SBL of AN12037: Hard-fault on SBL re-entry, Application Note AN12037 (LPC11U6x USB DFU Secondary Bootloader)‌

Best,

David

在原帖中查看解决方案

ZhangJennie · ‎03-25-2019

Hi David,

Please See AN chapter 8,

8.1.1 Inserting a CRC checksum in the application image
To make an application image acceptable to the DFU SBL, add a CRC checksum to the application binary. See Section 9.2 for more information on how to perform DFU updates with a DFU capable application image.
The syntax to invoke the tool to create an output binary file with image header from an input binary file is:
lpc11xx_secimgcr.exe <input file name.bin> <output file name.dfu>
The syntax in Fig 23. generates the CRC for the input application binary file ‘app_blinky.bin’ and creates an output file ‘burnhid.dfu’.
The CRC can be generated over the image header or over the entire length of the image.

we can use lpc11xx_secimgcr.exe <input file name.bin> <output file name.dfu> this to generate a non-secure image.

Have a great day,
Jun Zhang

-------------------------------------------------------------------------------
Note:
- If this post answers your question, please click the "Mark Correct" button. Thank you!

- We are following threads for 7 weeks after the last post, later replies are ignored
Please open a new thread and refer to the closed one, if you have a related question at a later point in time.
-------------------------------------------------------------------------------

d_m_ · ‎03-26-2019

Dear Jun,
Thanks for your answer. Unfortunately, to what I understand and after numerous tests, the command you mention is only to create a DFU capable image (with a generated CRC), and does not create a factory image that integrates both the secondary bootloader and the application.

Note: I tried the command with both a binary (with .bin extension) and a DFU image (with .dfu extension), but the command “lpc11xx_secimgcr.exe <input file> <output file >” with no parameter does not integrate the bootloader for a factory image.

I found a solution to create this factory image (SBL + DFU image) using the SRecord tool, however we have other problems with the SBL. The command to create the factory image with SRecord is:

srec_cat.exe <input bootloader binary with checksum.bin> -binary <input DFU file with CRC.dfu> -binary -offset 0x2000 -o <output factory image.bin> -binary‍‍‍

Since the question has been marked as "assumed answered", I create another post for the "bug" we found in the SBL of AN12037: Hard-fault on SBL re-entry, Application Note AN12037 (LPC11U6x USB DFU Secondary Bootloader)‌

Best,

David

ZhangJennie · ‎03-28-2019

Did you try -h option?

What I tested from my side:

The generated blink1_dfu.dfu includes both SBL and application file.

Have a great day,
Jun Zhang

-------------------------------------------------------------------------------
Note:
- If this post answers your question, please click the "Mark Correct" button. Thank you!

- We are following threads for 7 weeks after the last post, later replies are ignored
Please open a new thread and refer to the closed one, if you have a related question at a later point in time.
-------------------------------------------------------------------------------

d_m_ · ‎03-28-2019

Thanks for your answer.

I did look at the “help” of the “lpc11xx_secimgcr.exe”, and as mentioned in the question of my initial post, I tried the “--factory-image-create” (i.e. “-f”) option. I thought that the “<key file name>” argument was mandatory. Personally, I would have use brackets in the help to denote this argument: “[key file name]”.

Unfortunately, this solution with the “-f” argument does not work on my side for two reasons:

The resulting factory image does not work when programmed to the development board (using base address 0). However, with the srec_cat command and the same initial files it works.
The help section of “lpc11xx_secimgcr.exe” mention that the SBL is expected to be a file named “sbl_11uxx_dfu.bin”, but it does not seem to take this file when present (Note: in the “image-creator-tool” folder, the SBL is “sbl_dfu_lpc11u60.bin” and with both names “sbl_dfu_lpc11u60.bin” and “sbl_11uxx_dfu.bin” this does not work). By looking at the binary, the first part of the generated image does not correspond to the provided SBL. Take a look at the resulting factory image binary and compare it to the SBL binary.

I may be doing something wrong, but it seems more that the tool does not provide the expected output.

Thanks for your support.
Best,
David

ZhangJennie · ‎03-28-2019

Hi David,

I contacted the author. you are right the lpc11xx_secimgcr.exe may has problem.

Your method of using srec_cat.exe to combine files is recommended.

Best Regards

Jun Zhang

How to create a non-encrypted factory image with custom secondary bootloader on LPC11U68

How to create a non-encrypted factory image with custom secondary bootloader on LPC11U68

LPC11xx

USB