On both the Safety Reference Manual and the Reference Manual, I saw this flow chart
I highlighted the word ImageIndex and the fact that it looks like the ROM bootloader has the ability to attempt to boot multiple images.
I tried searching for 'ImageIndex' in both manuals: it only appears in those flowcharts. Changing search paramenters I found this:
Unfortunately, I cannot figure out the use case for this feature. I would like to know how to operationally exploit this feature. Where should the images be placed in the flash? How do you implement the "backup image" and "old image" scenarios?
In general, I need more documentation. Is there any Manual (maybe of the i.MX6 or i.MX8) or some AN that explains this in detail?
Best regards
Max
could the two images have different keyblobs?
Once again I answer my own question: probably yes!
The point is that I don't know if keyblob remapping is only effective if the key blob is in the ECC, or is it on regardless but changes the offset at which to take it.
Referring to the statement, "When ADDRSTART setting is same as ASFM_BASE, and OTFAD keyblob function is enabled, keyblob is also remapped"
- ASFM_BASE should be 0x30000000, right?
- OTFAD keyblob function is enabled when ENCRYPTED_XIP is enabled, right?
regards
Max
OK! I was able to replicate the example explained in AN12255 on RT1170-EVK. I attach the project.
I configured XIP_BOOT_HEADER_ENABLE=1 to also include boot headers in the binary. I build twice by changing FIRMWARE_INDEX 0 or 1. Then on my EVK I burned 0x08 into xSPI_FLASH_SEC_IMG_OFFSET:
so that the images have an offset of 2MB between them
Using JLINK, I wrote image 0 at the beginning of the flash and image 1 at offset 0x20000. And the result is this:
Then I tried the encrypted versions. The procedure is not as straightforward as for the plain-text version. I had to configure XIP_BOOT_HEADER_ENABLE=0, so that no boot header would be included in the binary. Then:
- using Provisioning tool I wrote image 1, and verified its operation (of course I turned on the ENCRYPTED_XIP_EN switch and in the USER_KEY5 I have the KEK written). I did this because I don't know how to force provisioning tool to write the image to an arbitrary address.
- using JLINK I reread the FW from the flash (paying attention to the length)
- using Provisioning tool I wrote image 0, and verified
- Using JLINK, I wrote at offset 0x200000 the reread image.
Image 0 is executed but image 1 does not start.
What could I have done wrong?
more questions:
Is it possible to input an executable with boot headers to Provisioning Tool? How?
Is it possible to generate the encrypted bootable image (thus containing FCB, IVT, keyblob, etc.) offline (without having an EVK connected)?
Is it possible with Provisioning Tool to force the binary write address?
at resets or power cycles it always starts image 0. Is there any way to persist the index of the image to start?
best regards
Max
I got the point (I had missed it on a first reading)
Please look into the "How to Use Flash Remapping Function" (AN12255)
This document describe Remapping feature for RT1060:
does this apply also to RT117x?
It also assumes the use of MFGTOOL via USB, but on my custom board I don't have USB, and the serial I may have is not the "right" one.
What can be an altertnative way?
regards
Max
could the two images have different keyblobs?
Once again I answer my own question: probably yes!
The point is that I don't know if keyblob remapping is only effective if the key blob is in the ECC, or is it on regardless but changes the offset at which to take it.
Referring to the statement, "When ADDRSTART setting is same as ASFM_BASE, and OTFAD keyblob function is enabled, keyblob is also remapped"
- ASFM_BASE should be 0x30000000, right?
- OTFAD keyblob function is enabled when ENCRYPTED_XIP is enabled, right?
regards
Max
