J-link

All hardware topics
Post Reply
Go4IT
Pro
Posts: 967
Joined: 08 Feb 2019, 12:25

Re: J-link

Post by Go4IT »

Are you really talking about the PBL (PRIMARY Bootloader)?! I think you mixed this up with the SBL (SECONDARY Bootloader), those are two different things! The PBL is fixed on in the Main Flash on the MAC and not touched by an regular update using VBF programming. The SBL is sent within a secured programming session from the programmer into the MEMORY (SRAM) of the MAC and get's executed there. It's only purpose is to create a data channel between the programmer and the MAC to reprogram the MAIN and FLASH firmware parts.
So if "somebody" has changed the PBL to behave different, than this can only be changed by erasing and reprogramming the whole chip (MAC), and that is what GWE89 has done recently.
Top
DGAlexandru
Pro
Posts: 364
Joined: 04 Aug 2019, 22:47

Re: J-link

Post by DGAlexandru »

Well, with JTAG and ModA&B you can erase and reprogram only this PBL section... then you would have a OEM PBL with what was suposed to be a locked MAC7116 for JTAG and also for OEM SBL download / upload by CAN... again, having access to Convers+ JTAG port you can retreive its Main Flash contents unless you secure it with hardware password, case in which you can only erase the Main Flash in order to be able to access it again and flash something else.
Top
Gwe89
Pro
Posts: 332
Joined: 09 Feb 2019, 21:21

Re: J-link

Post by Gwe89 »

Go4IT wrote: 04 Nov 2021, 11:03 Are you really talking about the PBL (PRIMARY Bootloader)?! I think you mixed this up with the SBL (SECONDARY Bootloader), those are two different things! The PBL is fixed on in the Main Flash on the MAC and not touched by an regular update using VBF programming. The SBL is sent within a secured programming session from the programmer into the MEMORY (SRAM) of the MAC and get's executed there. It's only purpose is to create a data channel between the programmer and the MAC to reprogram the MAIN and FLASH firmware parts.
So if "somebody" has changed the PBL to behave different, than this can only be changed by erasing and reprogramming the whole chip (MAC), and that is what GWE89 has done recently.
Yes 100% pbl it's one of my convers that was locked via m0tral, I could read the entire chip with jtag, could do nothing with ucds or ipcupdate always (failed to gain security access) I erased entire chip and wrote back another entire read out from a stock convers, fixed my convers no longer has m0trals new security which locks the convers, he has locked it that much can't even use my milage tool on it to set milage, can't use ucds to read comfig from bcm and write back to ipc
Top
Post Reply

Return to “Hardware”