• State Resolved
  • Locked Locked
  • Replies 6 replies
  • Subscribers 53 subscribers
  • Views 1650 views
  • Users 0 members are here
Support feedback
Options
Options
Related

This thread has been locked.

If you have a related question, please click the "Ask a related question" button in the top right corner. The newly created question will be automatically linked to this question.

Serial Bootloader Tool Sends Undocumented Command

Ankit Parikh
Intellectual 575 points
Other Parts Discussed in Thread: CC2540

Hello,


Does anyone know what the following command means?

fe 01 4d 10 00 5c

This is what the Serial Bootloader tool sends as the first packet but 0x10 is not a documented command in the following link

http://processors.wiki.ti.com/index.php/SerialBootLoader

Having access to the source code for Serial Bootloader Demo Tool would be beneficial.

regards

Ankit

  • 0
    Intellectual 575 points

    To add to this, there is more confusion.

    This is the format of the handshake command

    SOF Len SubSys CMD (0x04) FCS

    5 bytes in total but the serial bootloader sends

    fe 01 4d 04 02 4a  (Why is there an extra byte 0x02 before FCS?)

    So 4a must be the FCS byte. As per the documentation "The last byte in each command is always the FCS which must match the FCS calculated by the bootloader.  The FCS should be an XOR of the SubSys byte, CMD byte, and payload bytes."

    4d ^ 04 ^ 02 is not equal to 4a.

    Is this document outdated? Is there an update version?

  • 0 in reply to Ankit Parikh
    TI__Guru** 105180 points
    Hi Ankit,

    We will look into this and get back to you.

    Best wishes
  • 0 in reply to JXS
    Genius 3345 points

    I'm seeing similar issues.  Serial Bootloader Demo Tool - v1.2 sends 6 bytes:  0xFE, 0x01, 0x4D, 0x10, 0x00, 0x5C as the first packet when I press the "Load Image" button.  If I press the "Crypt Image" button it sends 5 bytes:  0xFE, 0x00, 0x4D, 0x20, and 0x6D.

    Both of these seem incorrect to me.

  • 0 in reply to Chris Read
    Genius 3345 points

    A couple more datapoints:

    There are two different versions 1.2 of the Serial Bootloader Demo Tool:

    1. http://processors.wiki.ti.com/index.php/File:SerialBootTool.zip
    2. processors.wiki.ti.com/.../File:SerialBootTool_1_2_0.zip

    They are different, but were both posted within 5 minutes of each other on Feb 28th of last year (2014)

    The first one (without _1_2_0 in the file name) sends the sequence that Ankit describes (0xfe, 0x01, 0x4d, 0x04, 0x02, 0x4a) the first time "Load Image" is pressed, but every time afterwards it sends the sequence I described above (0xFE, 0x01, 0x4D, 0x10, 0x00, 0x5C).

    The second one (with _1_2_0 in the file name) always sends the sequence I described above (0xFE, 0x01, 0x4D, 0x10, 0x00, 0x5C).

  • 0 in reply to Chris Read
    Genius 3345 points

    I think I figured out at least part of the issue. The current version of Serial Bootloader Demo Tool (v1.2) is to be used with OAD image signing and encryption. It looks like it may not work with SBL and EBL the way they were used in 1.3.2.

    I say this because by following the guidelines in the OAD_for_CC254x document and adding the SBL_SIGNER and SBL_SECURE=FALSE symbols the crypt button now seems to work.  That is, it seems to talk with the CC2540 with the EBL project installed on it.


    The Wiki also seems to be for release 1.3.2. Can that get updated to 1.4.0 as well? Thanks!

  • 0 in reply to Chris Read
    TI__Mastermind 34660 points

    Hello all. We've updated the SBL wiki for the 1.4.0 installer which uses a new version of the Serial Boot Tool (v1.3.2). The source code for the tool can also now be found on the wiki page.