MCU secure bootloader for RT1170

cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 

MCU secure bootloader for RT1170

5,912 Views
kentseng
Contributor II

Dear sir

I try to build the second bootloader, base on the MCU secure bootloader (SBL) project.

I set the single image mode ( SBL ), without application in slot1 

result : 

kentseng_0-1619162353424.png

flash the "hello world" image to the flash. offset 0x100000.

tools : MCU boot utility.

kentseng_1-1619162988583.png

MCUxpress project setting " XIP_BOOT_HEADER_ENABLE=0 " "XIP_BOOT_HEADER_DCD_ENABLE=0"

Have some document about the SBL application building?

 

Tags (1)
0 Kudos
Reply
13 Replies

5,834 Views
kerryzhou
NXP TechSupport
NXP TechSupport

Hi kentseng,

   I already get the sbl-master@1ba33b08c02.zip.

  We have the FOTA document, but I can't share it with the public directly.

 kerryzhou_1-1619514844892.png

kerryzhou_2-1619514855489.png

 

kerryzhou_0-1619514820540.png

kerryzhou_3-1619515031151.png

Do you have the above content pdf?

I find this content when I download the code:

The application have been prepared in this directory : \sbl\test\

do you have the test folder? as I don't have it, if you have the test folder, you may use the test app at first, whether that works on your side or not:

For the first time to test the SBL, we need to download the first image to the board to run the test. Using the MCUBootUtility tool to download the app1.bin to the first slot of the board, the default location of the slot1 is the flash_offset+0x100000 to flash_offset+0x200000, the whole slot size is 1MB.

 

 

 

About the firmware, I checked your bin, the reset handler is 0X301004E1, it is above 0X100000, I think it is OK.

Now, if you download the code, and reset the board, still can't jump to the app1?

Please check it at first.

Any updated information, please kindly let me know.

Best Regards,

Kerry

 

 

0 Kudos
Reply

5,832 Views
kentseng
Contributor II

My project without the test folder, but i have the document " MCU Secure Bootloader User Guide "

I had upload the app.s19 file.

Thank you.

0 Kudos
Reply

5,814 Views
kerryzhou
NXP TechSupport
NXP TechSupport

Hi kentseng,

   After checking internally, the related app still didn't add to the download package, in the near future, maybe at the end of May, will add the application project.

  Now, get two apps internally, you can test them.

  Your own app can't make it works, as the app needs to add the bootloader header and the signed information.

  This image function can be checked from the print information, you can try it on your side.

 

If you still have questions about it, please kindly let me know.

Best Regards,

kerry

 

0 Kudos
Reply

5,804 Views
kentseng
Contributor II

Hi Kerry

I try to flash your app.bin, it's workable, bootloader can jump to the application.

add the bootloader header : so the hello world project "XIP_BOOT_HEADER_ENABLE & XIP_BOOT_HEADER_DCD_ENABLE " set 1 ?

and the image signature I follow SBL_UG page 22&23

" python imgtool.py sign --key xxxx_priv.pem --align 4 --version "1.1" --header-size 0x400 --slot-size 0x100000 --max-sectors 32 hello_world.bin app1.bin " 

" python imgtool.py sign --key xxxx_priv.pem --align 4 --version "1.2" --header-size 0x400 --slot-size 0x100000 --max-sectors 32 hello_world2.bin app2.bin "

those command fail.

could you have detail document let me signature the image?

0 Kudos
Reply

5,800 Views
kerryzhou
NXP TechSupport
NXP TechSupport

Hi kentseng

   To be honest, I even don't have the SBL_UL previously, I just get it now.

   Then I check your command with the author, he let you try this one:

 
python imgtool.py sign --key xxxx_priv.pem --align 4 --version "1.1" --header-size 0x400 --pad-header --slot-size 0x100000 --max-sectors 32 hello_world.bin app1.bin
 
add the --pad-header
The document also will be modified and will be released in May, the modification is in the process.
Please try it on your side.
If you still have issues, please also share the screenshot, the log is very important to analyze the issues.
 
Best Regards,
Kerry
0 Kudos
Reply

5,794 Views
kentseng
Contributor II

Hi Kerry

Now signature image success, but still can't work like your app.bin image.

kentseng_0-1619682496143.png

I will try other image setting. thank a lot.

 

0 Kudos
Reply

5,789 Views
kerryzhou
NXP TechSupport
NXP TechSupport

Hi kentseng,

  You can try the other app at first.

   As this part, internal team still also in the modification stage, and they will launch the example in the near future, until now, I just have the app.bin, not the example app.

   Anyway, you can try more method on your side, then give me feedback, when I get the modified document, I will also find time to test it. This is really very new!

 

Best Regards,

kerry

0 Kudos
Reply

5,736 Views
kentseng
Contributor II

By the way, now the SBL project just build in GCC? 

due to the Keil and IAR project seem is empty.

and I can signature the bin file, but the application is non-working.

is have any SBL project update, please contact me.

0 Kudos
Reply

5,712 Views
kerryzhou
NXP TechSupport
NXP TechSupport

Hi kentseng

  For IAR and MDK, you need to do this operation:

kerryzhou_0-1620268176420.png

 

kerryzhou_1-1620268189715.png

Then you will find the related project is not empty:

kerryzhou_2-1620268225173.png

About the application note, not only sign the code, it also need to add the header, but until now, I still don't have the application example source code, internal side still recommend us to wait until it is published, at that time, the application example will also be added to the published version.

So, could you please wait more time, the end of the May.

Thanks a lot for your understanding.

Best Regards,

Kerry

 

0 Kudos
Reply

5,827 Views
kerryzhou
NXP TechSupport
NXP TechSupport

Hi kentseng,

  Thanks for your updated information.

  Image seems OK.

  Tomorrow, I will check with the author, then give you the reply!

  Please keep patient, thanks.

 

Kerry

 

 

0 Kudos
Reply

5,904 Views
kerryzhou
NXP TechSupport
NXP TechSupport

Hi kentseng,

  Thank you for your interest in the NXP MIMXRT product, I would like to provide service for you.

  Could you please tell me where you get the secure bootloader (SBL) project, please give me the link.

  In your picture, you are using the MCUBootUtility download the code, do you download the SBL, not the app? If yes, now, exit the serial download mode, enter the internal boot mode, you will run the SBL detail function, you just need to use the SBL function to update your app firmware.

Please give me more information about your mentioned SBL, then I can help you to check more details.

 

Best Regards,

Kerry

0 Kudos
Reply

5,887 Views
kentseng
Contributor II

Hi Kerry

I got the SBL project from NXP Taipei's FAE, 

the link can't download " git clone ssh://git@bitbucket.sw.nxp.com/mcucnapp/sbl.git "

so the FAE help download for me. File name " sbl-master@b55184c65ca.zip "

First, I download build the SBL.bin file, through the MSD upload second bootloader.

and then upload the application the the slot1 offset 0x10000 by MCUBootUtility. as the picture show.

 

"you just need to use the SBL function to update your app firmware." <---- What does that mean?

 

maybe I can upload the scons setting for you. using the EVK1170.

if you need more information please tell me, thanks. 

 

0426.7z : scons setting.

evkmimxrt1170_hello_world_demo_cm7.7z : MCUXpresso IDE v11.3.1 with SDK2.9.1 example, " XIP_BOOT_HEADER_ENABLE=0 " "XIP_BOOT_HEADER_DCD_ENABLE=0"

0 Kudos
Reply

5,879 Views
kerryzhou
NXP TechSupport
NXP TechSupport

Hi kentseng,

  As I still don't have your mentioned SBL project, so I send private message to you, please share me your mentioned FAE email in the private message, then I can check more details about it.

  I need to make sure your SBL will relocated the app to 0x10000. 

About this:"you just need to use the SBL function to update your app firmware." 

I mean, you will use your SBL project to update the APP firmware, right? Now, you use the MCUBootUtility download the app to 0X10000, it means, when your SBL detect the related 0X10000 address, it will jump to the APP and run it, right? As I still don't have the SBL project, so I don't clear about that SBL detail function until now.

Please reply me in the message, then I will check it internally and give you feedback.

 

Best Regards,

Kerry

0 Kudos
Reply