From 3d7f7dde530b6326948f4f57070242d82fc41174 Mon Sep 17 00:00:00 2001 From: Francisco Molina Date: Fri, 22 Jan 2021 16:38:21 +0100 Subject: [PATCH] otbox.py: when flashing binary files only check CCA region is not overwritten --- otbox.py | 63 +++++++++++++++++++++++++++++++++++++------------------- 1 file changed, 42 insertions(+), 21 deletions(-) diff --git a/otbox.py b/otbox.py index 8f5a6b7..9ebf625 100644 --- a/otbox.py +++ b/otbox.py @@ -46,6 +46,10 @@ IMAGE_THREAD_NAME = 'image_thread' HEARTBEAT_THREAD_NAME = 'heartbeat_thread' + +OPENMOTE_B_FLASHSIZE = 512*1024 +CC2538_FLASHPAGE_SIZE = 2048 + #============================ classes ========================================= def _getThreadsName(): @@ -90,27 +94,44 @@ def bootload_mote(self, serialport, firmware_file): bootloader_backdoor_enabled = False extended_linear_address_found = False - - # make sure bootloader backdoor is configured correctly - with open(firmware_file,'r') as f: - for line in f: - - # looking for data at address 0027FFD4 - # refer to: https://en.wikipedia.org/wiki/Intel_HEX#Record_types - - # looking for upper 16bit address 0027 - if len(line)>=15 and line[:15] == ':020000040027D3': - extended_linear_address_found = True - - # check the lower 16bit address FFD4 - - # | 1:3 byte count | 3:7 address | 9:17 32-bit field of the lock bit page (the last byte is backdoor configuration) | - # 'F6' = 111 1 0 110 - # reserved backdoor and bootloader enable active low PA pin used for backdoor enabling (PA6) - if len(line)>=17 and extended_linear_address_found and line[3:7] == 'FFD4' and int(line[1:3], 16)>4 and line[9:17] == 'FFFFFFF6': - bootloader_backdoor_enabled = True - break - + + # When building RIOT with OpenWSN-fw + SUIT the Customer + # Configuration Area (CCA) is not touched. The Customer + # CCA holds the Bootloader Backdoor Configuration, + # Application Entry Point, flashpage lock bits. + # When using SUIT + cc2538 RIOT does not touch this region so + # that the entry point is not changed when updating the device + # with new firmware (the entry point must allways be riot's + # bootloader). + # The CCA field resides in the last flashpage, for cc2538 + # each flashpage is 2048 bytes. Only openmote-b are present + # in the testbed and the flashsize is allways 512Kb. Since + # flashing at an offset is not supported only check that the + # target firmware does not override the CCA region. + if '.bin' in firmware_file: + if os.path.getsize(firmware_file) < (OPENMOTE_B_FLASHSIZE) - CC2538_FLASHPAGE_SIZE: + bootloader_backdoor_enabled = True + else: + # make sure bootloader backdoor is configured correctly + with open(firmware_file,'r') as f: + for line in f: + + # looking for data at address 0027FFD4 + # refer to: https://en.wikipedia.org/wiki/Intel_HEX#Record_types + + # looking for upper 16bit address 0027 + if len(line)>=15 and line[:15] == ':020000040027D3': + extended_linear_address_found = True + + # check the lower 16bit address FFD4 + + # | 1:3 byte count | 3:7 address | 9:17 32-bit field of the lock bit page (the last byte is backdoor configuration) | + # 'F6' = 111 1 0 110 + # reserved backdoor and bootloader enable active low PA pin used for backdoor enabling (PA6) + if len(line)>=17 and extended_linear_address_found and line[3:7] == 'FFD4' and int(line[1:3], 16)>4 and line[9:17] == 'FFFFFFF6': + bootloader_backdoor_enabled = True + break + assert bootloader_backdoor_enabled return subprocess.Popen(