FAQs
English (US) 日本語 | Japanese 中文 | Chinese (Simplified)

LPC55S69 : runBootloader API

cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 

LPC55S69 : runBootloader API

‎11-22-2019 01:23 PM
925 Views
EugeneHiihtaja
Senior Contributor I

Hello !

Do I undestand right and by using this API , application can enter to bootloader without reboot ?

After that update can happens or whatever and it is possible jump back to application start address  ( without reboot ) ?

Becouse not all areas of SRAM in use by bootloader, I can keep own data in SRAM while update is ongoing and there are retain.

is this so ?

But what is not clear if by ISP command(s) , host can read any data areas what is stored in SRAM ?

Even in case of Secure boot and "SB file format is encrypted and digitally signed", it is always possible to turn MCU to ISP mode and read SRAM  ?

Or if secure boot is enabled already, some areas of flash/sram can be protected  from reading, becouse

initial image is able to apply some protection and any next update ( FOTA like) is not able read all memory areas ?

I can see by default in ISP update is possibel to read/write/erase almost everything. Of couse it dosn't boot after that.

But it is other story.

Can you explain in more details how and what memory areas can be completely hidden from ISP type of update ?

Regards,

Eugene

Labels (1)
Labels
0 Kudos
Reply
2 Replies

‎12-03-2019 03:42 PM
794 Views
Alexis_A
NXP TechSupport
NXP TechSupport

Hi Eugene:

Please check my answers bellow:

 

Do I undestand right and by using this API , application can enter to bootloader without reboot ?

Yes

 

After that update can happens or whatever and it is possible jump back to application start address  ( without reboot ) ?

You can use some commands for it, the easiest way would be use the reset command but you can also use the execute command to set the program counter.

 

Becouse not all areas of SRAM in use by bootloader, I can keep own data in SRAM while update is ongoing and there are retain.

is this so ?

Yes, if you not erase your region using the commands you could keep the SRAM regions

 

But what is not clear if by ISP command(s) , host can read any data areas what is stored in SRAM ?

Any secure region can't be accessed by the ISP.

 

Even in case of Secure boot and "SB file format is encrypted and digitally signed", it is always possible to turn MCU to ISP mode and read SRAM  ?

This would not be possible in case there's a secure environment configured.

 

Can you explain in more details how and what memory areas can be completely hidden from ISP type of update ?

If you already set your secure environment, shouldn't be possible for the ISP to read, write this section

Best Regards,

Alexis Andalon

0 Kudos
Reply

‎12-03-2019 11:53 PM
794 Views
EugeneHiihtaja
Senior Contributor I

Hi Alexis !

Secure environment is not set yat. We verify all documentation if it have sense and really secure or we should start to design own bootloader and disable ISP mode as nonsecure at all.

In blhost v5.0 is no any info about ISP command limitation in case of Secure boot.

For old bootloaders it was like this:

"

When flash security is enabled, only the get-property, set property, reset, flash-security-disable, and flash-erase-all-unsecure
commands are supported. The MCU bootloader returns kStatus_SecurityViolation if a command is received that is not supported
due to flash security settings.

"

May be ReceiveSB file is also should be in this list.

But it should be clearly mentioned what exact limitation secure Boot have to ISP mode.

Regards,

Eugene

0 Kudos
Reply