The Bootloader Protocol For Writing Binary Files Using UART
The bootloader protocol on the PC side is implemented in the updater.py tool. After activating the updater mode, the PC side has to query the bootloader version, the currently installed application version, and the flash memory sector size, with the HELLO command. Then the image is transferred and programmed using the PROG command. Once the programming is complete, the device is set to application mode.
A command can consist of several messages, but every message from the PC side must be confirmed by the RSL15 bootloader firmware before the PC side can send the next message. Except for the standard RESP message, every message is appended with a CCITT-CRC.
RESP
The standard response is a two-byte message. In the first byte the type is encoded: 0x55 stands for NEXT and 0xAA stands for END. The second byte for type = NEXT is always 0; for type = END, the second byte contains an error code:
- 0 = NO_ERROR
- 1 = BAD_MSG
- 2 = UNKNOWN_CMD
- 3 = INVALID_CMD
- 4 = GENERAL_FLASH_FAILURE
- 5 = WRITE_FLASH_NOT_ENABLED
- 6 = BAD_FLASH_ADDRESS
- 7 = ERASE_FLASH_FAILED
- 8 = BAD_FLASH_LENGTH
- 9 = INACCESSIBLE_FLASH
- 10 = FLASH_COPIER_BUSY
- 11 = PROG_FLASH_FAILED
- 12 = VERIFY_FLASH_FAILED
- 13 = VERIFY_IMAGE_FAILED
A message from the PC side with a bad CRC is always confirmed with RESP(END, BAD_MSG) by the device running the bootloader firmware. A command message with an unknown command code is confirmed with RESP(END,UNKNOWN_CMD). A message with invalid parameters is confirmed with RESP(END, INVALID_CMD). The standard response is the only message without an appended CCITT-CRC.
HELLO
The HELLO command message has no parameters, but because every command must be of the same length, the HELLO command message is padded with null bytes. The HELLO response message has three parameters:
- The bootloader version <boot_ver> of type Sys_Boot_app_version_t.
- The version of the currently installed application <app_ver>, also of type Sys_Boot_app_version (if no application is installed, <app_ver> is filled with null bytes; if app_version in the interrupt vector table is 0, then the application ID of <app_ver> is set to ??????).
- The sector size of the RSL15 flash memory in bytes.
PROG
The PROG command message has three parameters:
- Image start address
- Image length in bytes
- Image hash as Ethernet CRC32
If the start address and length are valid, the command is confirmed with RESP(NEXT); otherwise, RESP(END, INVALID_CMD) is sent. After a positive confirmation, the PC side sends data messages containing the image data in sector-sized blocks of bytes, until it has sent the last data message containing the last part of the image. Every data message is confirmed with RESP(NEXT) until the last data message, which is confirmed with RESP(END, NO_ERROR). If an error occurs during image transmission or programming, the next confirmation is a RESP(END, <error code>). In this case, the PC side must start the whole sequence over again.
Restart
Similar to the HELLO command, the RESTART command message has no parameters, and the command message is padded with null bytes. If there is a valid bootloader, this command is confirmed with RESP(END, NO_ERROR) and the device is rebooted. Otherwise, it is confirmed with RESP(END, NO_VALID_BOOTLOADER) and no operation is performed. This command is usually executed after a successful firmware update, i.e., a sequence of PROG command messages.
The "Sequence Diagram" figure illustrates a typical message exchange between the bootloader firmware (running on RSL15) and the PC tool: