• State Not Answered
  • Replies 5 replies
  • Subscribers 68 subscribers
  • Views 2269 views
  • Users 0 members are here
Attachments (0)
Nordic Case Info
  • Case ID: 236261
Options
This post is older than 2 years and might not be relevant anymore
More Info: Consider searching for newer posts

What address to manually flash zephyr and application?

raymond.zhang

Hi,

Is it possible for me to manually flash the zephyr.bin on the nrf9160 located in proj/build/zephr/? I can flash the merge.hex however I do not want to use the merge.hex, I want to flash just the zephyr.bin, but I'm not sure what address is the zephyr image stored at?

Also I want to flash the application as well however the application which is located in proj/build/app/libapp.a is not in a format that is binary or hex which is what SES can flash. If I can convert this to binary or hex, would I be able to flash this too onto the nrf9160?

Forgive my lack of understanding of how the flash is setup and where the application and os images are stored.

Thank you,

Raymond

Parents
  • 0

    First I would like to clear up some different things.

    • The merged.hex file consists of two files
      • The SPM zephyr image (ncs\nrf\samples\nrf9160\<your_project> \build_nrf9160_pca10090ns\spm\zephyr\zephyr.hex)
      • The application zephyr image (ncs\nrf\samples\nrf9160\<your_project>\build_nrf9160_pca10090ns\zephyr\zephyr.hex)
    • The application zephyr image (zephyr.hex) is the result of linking together a lot of static libraries and different files, and libapp.a is the library that contains all the source files (.c) in the src folder (often only main.c). The end result is a zephyr.hex file, which includes a zephyr kernel at the bottom, controlling everything.
    Is it possible for me to manually flash the zephyr.bin on the nrf9160 located in proj/build/zephr/? I can flash the merge.hex however I do not want to use the merge.hex, I want to flash just the zephyr.bin, but I'm not sure what address is the zephyr image stored at?

    Take a look at this thread, which explains how to flash the SPM image and the application image separately. You simply set CONFIG_SPM=n in prj.conf, then you build and flash the non-secure application onto the chip. Next, you build and program the SPM sample (ncs\nrf\samples\nrf9160\spm) as secure, and flash it onto the chip as well.

    I tried both of these approaches. When I programmed the merged.hex, the image was located at 0xC000 and when I programmed them separately the application image was located at 0x40000.

    You can use the configs CONFIG_BUILD_OUPUT_HEX and CONFIG_BUILD_OUPUT_BIN to enable building of .bin and .exe files. See ncs\zephyr\Kconfig.zephyr for other possibilites.

    Also I want to flash the application as well however the application which is located in proj/build/app/libapp.a is not in a format that is binary or hex which is what SES can flash. If I can convert this to binary or hex, would I be able to flash this too onto the nrf9160?

    I am not sure if this is what you mean, or if you are mixing it with spm/application. I am sure it is possible to separate the libapp.a from zephy.hex, and I can look into it if you would like to.

    Best regards,

    Simon

  • 0 in reply to Simon

    Hi Simon,

    I tried your suggestion on following that thread to flash the SPM image and application image separately. I disabled the setting CONFIG_SPM and rebuilt my application. When I flashed onto the chip, I am still seeing that it's booting to the application. 

    What I'm trying to test here is the secure boot aka Secure Partition Manager. Can you provide any background information on how the SPM works? I am trying to determine whether the SPM is validating the application image and zephyr image upon booting so my test was to modify the application or zephyr in a way where the SPM would detect that the application or os failed the security check (e.g. hash or checksum). Correct me if I'm wrong if I misunderstood anything.

    Thanks,

    Raymond

  • 0 in reply to raymond.zhang
    raymond.zhang said:
    Can you provide any background information on how the SPM works?

    Read about the SPM library and the SPM sample in the NCS documentation. Also take a look at the section 1.6 Secure vs. nonsecure in the nRF Connect SDK tutorial.

     

    raymond.zhang said:
    I am trying to determine whether the SPM is validating the application image and zephyr image upon booting

    The SPM sample does not perform any validation of the application image. All it does is to set up the nRF9160 such that it can run a non-secure application (which is required if you are going to use the modem). Also, it includes a function for jumping to the non-secure partition.

    Best regards,

    Simon

  • 0 in reply to Simon

    When you say "The SPM sample does not perform any validation of the application image."

    Does this include the Zephyr RTOS as well? For example, if I modify and flash the Zephyr image, the SPM would not detect any kind of change on there?

    I also read the two links you provided and regarding the secure environment, will that be able to do the validation?

    When you said "....run a non-secure application (which is required if you are going to use the modem). "

    Does this also includes Zephyr not being secure as well?

  • 0 in reply to raymond.zhang

    The SPM does not do any kind of validation. Take a look at the MCUboot, which allows you to validate the application.

    Best regards,

    Simon

Reply Children
No Data
Related