Versions Compared

Old Version 6

changes.mady.by.user Larry Li

Saved on

compared with

New Version 7

changes.mady.by.user Larry Li

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

  • Closely following e2studio/FSP
  • Project/make files
  • S project
    • src
    • include
    • test
  • NS project
    • src
    • include
    • test
  • Scripts
  • Tools
  • Docs

3.4 Bootloader

3.4.1 Top-level

...

pseudo code

The code block below shows the pseudo code of the bootloader.  After power-on-reset (POR), the MCU startup code shall call bootloader_start().  If the device is sealed, it will immediately call the NS_entry() function and start executing.  Note that g_dev_state is a SRAM variable.  If the device is unsealed prior to POR (e.g., gf_dev_state == STATE_UNSEALED) then bootloader will fall into a communication loop until it receives the CMD_RESET command which will cause the MCU to reset and restart the bootloader, except this time it will immediately call the NS_entry() function.  

While the communication loop is unsealed, the user can command the device to enter the factory state (STATE_FACTORY) through passphrase authentication.  This will unlock additional privileged commands in the process_cmd() that will only be avaialble if the device is in factory state.  


Code Block
void bootloader_start()
{
   gsbootloader_task
{ 
   done = false;
   g_dev_state = gfgsf_dev_state;

   whileif (!donegs_dev_state == STATE_UNSEALED)
   {
      if (g_dev_state == STATE_UNSEALEDbool done = false;
      while (!done)
      {
         rc = read_cmd(&cmd, param);
         if (rc == OK)
         { 
            if (cmd == CMD_RUNRESET)
            {
               flash_write(&gfgsf_dev_state, STATE_SEALED);
               done = truesys_reset();
            }
            else if ((cmd == CMD_FACTORY_AUTH) && (strcmp(param, == gsf_passphrase))
            {
               ggs_dev_state = STATE_FACTORY;
            }
            else
            {
               process_cmd(g_factory_mode, cmd, param);
            }
         }
         print_error(rc, cmd, param); 
      }
      else
      {
         done = true;
      }
   }

   jump_to_NS_entry();
}

...


3.4.2 Updating firmware

Firmware update involves writing new code and data to secure and nonsecure flash memories using the host CMD_FLASH_WR command.  The host PC shall parse an Intel HEX file into series of commands each follow by the checksum.  The Trust Zone memory boundaries are then configured by writing to the the IDAU registers.  

3.4.3 Generalized packet protocol

The bootloader communication shall be adaptable to any packet-based serial communication such as

...

, UART, SMBus, SPI, TCP/IP socket, etc

...

.  The device driver shall convert selected serial communication into packets, and a generlized packet driver process the commands.  


5.0 Application stacks

5.1 Application stack interface

...