Page 1 of 1
How the secondary bootloader (SBL) works
Posted: 30 Dec 2019, 12:46
by Go4IT
This thread is to research how the SBL works. It is used for updating the Convers+ and will get downloaded from a VBF file using UDS into the RAM of the MAC7116 and get's called afterwards.
It then takes over control of the whole Convers+ plattform. It's main purpose the is to communicate with the updater, erase the Flash und program the downloaded new one into it.
... to be continued ...
Re: How the secondary bootloader (SBL) works
Posted: 30 Dec 2019, 15:10
by DGAlexandru
IPC with PBL and FW from a FaceLift version.
SBL sent with IPC Updater when selecting "EEPROM Edit", and as soon as it starts to download EEPROM contents I put CPU (MAC7116) into Halt mode and then downloaded its RAM content.
As you can see in the 2 attached dump files, the SBL is loaded in RAM at address 0x0FF8.
For disassembling the code I've used the entire (RAM) file.
Re: How the secondary bootloader (SBL) works
Posted: 30 Dec 2019, 15:34
by Go4IT
DGAlexandru wrote: ↑30 Dec 2019, 15:10
As you can see in the 2 attached dump files, the SBL is loaded in RAM at address 0x0FF8
This must be an offset, because the 48kb RAM starts at 0x4000 0000 up to 0x4000 BFFF.
Re: How the secondary bootloader (SBL) works
Posted: 30 Dec 2019, 16:14
by DGAlexandru
OK mr.
0x40 000 FF8 in RAM
0x0FF8 is the offset in the file I have uploaded, file that represents the entire RAM.