SSBL

The Second-Stage BootLoader (SSBL) is executed just after the ROM. It includes the following boot modes:

boot from application in MRAM (with CRC verification)
boot from recovery mode
- GAP CLI lib: a command line lib can be used for OTA and other services along with the main runtime.

The SSBL will boot the recovery mode when boot application failed.

When using the GAP CLI, the boot mode will be ONLY from app (Flash). Then you can use command line via uart or spi slave to choose the functionalities. The physical configuration has been specified in: - utils/gap_cli/cli_phy_layer/xxxx_cli_phy.c - utils/gap_cli/include/cli_phy.h

Usage

Compile and flash the SSBL:

cd $GAP_SDK_HOME/utils/ssbl/applications/standalone
gap init
gap menuconfig # Optional. To manage options.
gap flash

After the SSBL has been flashed, power down the board and put the boot pins to boot from MRAM.

cd $GAP_SDK_HOME/utils/ssbl/applications/standalone
gap init
gap menuconfig # Optional. To manage options.
gap run

Dump the sections to flash:

2.1 Dump commands

cd <path_to_the_application>
gap flash_dump_sections

This will generate binaries for all sections, and a json description to be given to updater.

BEWARE, generated description includes all the sections, including unused and system ones (partition tables, volume tables etc).

cd <path_to_the_application>
gap flash_dump_app_sections

This will generate binaries for non-system sections (i.e no partition, volume table etc), and a json description to be given to updater.

2.2 (Optional) Sign the dumped binaries

Note

Using signed binaries for OTA (with actual signature verification) only works with gap_cli based OTA.

To sign the binaries, first generate an RSA private key using openssl. Ensure it is in pem format. Second, in kconfig, under UTILS/SECURITY, activate signing, and pass the path to the private key.

Note

Digest option is only to be used if SSBL was modified. Greenwaves SSBL only supports the default SHA256 for now.

Finally, compile the SSBL with CLI support, and CLI security options.

Flash the application:

Note

Please follow Host GAP CLI guide to know how to run it.

Run Host GAP CLI with the option CONFIG_GAP_CLI_FEATURE_SSBL=y in your sdk.config file.

Secure the flasher

GAP CLI flasher

Run Host GAP CLI with the option CONFIG_GAP_CLI_FEATURE_SECURITY=y in your sdk.config file.

Examples

Explore applications/ folder for examples.

Here are direct links for main ones:

Update your application: Application update
Update your SSBL: SSBL update