The first step: the OTA upgrade principle explained
TI Official Wiki Detailed introduction
Http://processors.wiki.ti.com/index.php/OAD
Explanation: 2 The first step: the Red box 1 boot is like the bios of the PC, is responsible for selecting the image to run, is image-a, or image-B. Just like a PC with a dual system, choose which system to start. The boot program requires additional burning. 3 4 The second step: the Red box 2Boot will first determine whether image-b exists, if there is a direct run image-b, Green Circle 5; If it does not exist, the Red Box 3 detects if the Imagea exists, and if so, runs directly image-A , Green Circle 5; 5 step three: If none exists, enter PM3 mode, which is also sleep mode. 7 Pseudo-code implementation is as follows: 9 unsigned char image = boot_get_image_type (); if (image = = ' B ' }14 Else if (image = = ' A ' jump (PM3);
The second step: Verify the source code analysis
(Note: The protocol stack version v1.4, need to understand ble related knowledge)
The key to Oad upgrade is to get the image that is currently running, and then upgrade the different image. This step is the firmware verification section.
If the image-a is running, upgrade the image-b;
If you are running Image-b, upgrade the image-a//protocol stack oad_target.c File source
Before upgrading, the host needs to send the "version" and "Size" (actually fixed 124k, which will be discussed later) to upgrade the firmware. BLE peripheral received data will be recalled to the following function
Static bstatus_t Oadimgidentifywrite (UInt16 connhandle, Uint8 *PValue) {img_hdr_t rxhdr;. Stores the data to be upgraded img_hdr_t imghdr;//stores the information that is currently running the firmware
The first two bytes of data are the version number and type of the firmware to be upgraded. Byte2 and Byte3 are the size of the firmware to be upgraded (124k) Rxhdr.ver = Build_uint16 (pvalue[0], pvalue[1] );
Rxhdr.len = Build_uint16 (pvalue[2], pvalue[3] ); (void) osal_memcpy (rxhdr.uid, pvalue+4, sizeof(Rxhdr.uid)); Read information about the current running firmware in Flash
Halflashread (Oad_img_r_page, Oad_img_hdr_oset, (uint8 *) &IMGHDR, sizeof(img_hdr_t));
OAD 16 byte for a piece, figure out how many pieces of data to upgrade, this data is very useful, because the following upgrade, will do two times check oadblktot = Rxhdr.len/(Oad_block_size/Hal_flash_word_size);
#define OAD_IMG_ID (ver) ((ver) & 0x01)
Oad_img_ver (oad_image_version),//15-bit VERSION #, left-shifted 1; OR with Image-b/not-a bit.
The above code is copied from the source, note that the shadow part is clear, high 15bit bit version number, the last one is to judge Image-a or Image-b if ((oad_img_id (imghdr.ver)! = oad_img_id (rxhdr.ver ) &&//Tbd:add customer criteria for initiating OAD here. (Oadblktot <= Oad_block_max) &&(Oadblktot! = 0)) {//Only the image is judged, as long as it is not the same image, and the upgraded block is not equal to 0, less than the maximum upgrade block can be
Oadblknum = 0; oadimgblockreq (connhandle, 0);
When the checksum is passed, a 0 is sent to the data transmission channel, and 0 also indicates the request to send the No. 0 data to be upgraded} else {oadimgidentifyreq (connhandle, &IMGHDR);
If the checksum is not passed, the current running firmware will be sent with the message,} return (SUCCESS);}
Conclusion:
1.TI official software upgrade is also necessary to go through the above verification, as to how to do, no longer introduced, serial port logging can get results.
2. If we write our own app, my idea is to send 0xFFFFFFFF, to the firmware to upgrade, at this time because it is the wrong upgrade information, then the BLE peripheral will reply to the current firmware is running the information, we have to run the firmware information, we can make the appropriate choice.
3. If you do not want TI official app to upgrade our firmware, only need to add some judgment flag.
Step Three: Upgrade source analysis
When data transmission channel received 0, it is proved that through the verification, also indicates that the NO. 0 frame to be upgraded data, the data upgrade callback function as follows.
The upgrade is sent as a sequence block, the app needs to send 18 bytes of data each time, the first two bytes of data is a sequence, and the last 16 bytes is the data to be upgraded.
1 static bstatus_t Oadimgblockwrite (UInt16 connhandle, Uint8 *PValue) 2{
Received sequence of data, fetch first two bytes 3 uint16 blknum = build_uint16 (pvalue[0], pvalue[1] ); 4 5//Make sure the the image we ' re expecting 6 if (Blknum = = 0) 7{///The first piece of data is critical, to illustrate that the sequence of data is manually added to the program, while the data is obtained by reading the bin file directly. The bin file contains some information about the bytes, which is received two times after 2541.8img_hdr_t Imghdr; 9 UInt16 ver = build_uint16 (pvalue[6], pvalue[7]); UInt16 Blktot = Build_uint16 (Pvalue[8], pvalue[9])/(Oad_block_size/Hal_flash_word_size); 11
Read the information stored in Flash again, Halflashread (Oad_img_r_page, Oad_img_hdr_oset, (uint8 *) &IMGHDR, sizeof(img_hdr_t)); 13//Compare the data stored in the second step with the data read from Flash, and if wrong, return if ((oadblknum! = blknum) | | (Oadblktot! = Blktot) | | (oad_img_id (imghdr.ver) = =OAD_IMG_ID (ver)) 17{//18 return(att_err_write_not_permitted); 19}20}21//If the received sequence is right, that is, I want to upgrade the third piece of data, then receive the third piece of data if (Oadblknum = =Blknum) 23{UInt16 addr = Oadblknum * (oad_block_size/hal_flash_word_size) +25 (Oad_img_d_page *Oad_flash_page_mult); oadblknum++; #if defined feature_oad_secure29 if (Blknum = = 0) 30{//Stop attack with CRC0==CRC1 by forcing crc1=0xffff.32 pvalue[4] = 0xFF; Pvalue[5] = 0xFF; 34}35 #endif36 PNS #if defined hal_image_b38//Skip the Image-b area which lies between the lower & upper image-a parts. if (addr >= (Oad_img_b_page *Oad_flash_page_mult)) 40{addr + = Oad_img_b_area *Oad_flash_page_mult;42}43 #endif44 if ((addr% oad_flash_page_mult) = = 0) 45{Halflasherase (addr/Oad_flash_page_mult); 47}48//data to be upgraded is written to Flash49 halflashwrite (addr, pvalue+2, (Oad_block_size/Hal_flash_word_size)); 50}51//If the data upgrade is complete, that means all the blocks have been sent out. if (Oadblknum = = Oadblktot)//If the OAD Image is complete.53 {defined #if feature_oad_secure55 hal_system_reset ();//Only the secure OAD boot loader have the security key to decrypt.56 #else//Checksum data if (CHECKDL ()) + {#if!defined hal_image_a60//The BIM always checks for a Vali D image-b before image-a,61//So image-a never have to invalidate itself.62 uint16 crc[2] = {0x0000, 0xFFFF };63 UI Nt16 addr = oad_img_r_page * Oad_flash_page_mult + oad_img_crc_oset/ hal_flash_word_size;64 halflashwrite (addr, (U int8 *) CRC, 1 ), #endif//restart hal_system_reset (), }68 #endif69 }70 else/Request the next OAD Image block.71 {
///The comments above are written very clearly, send a sequence of data blocks to be upgraded (Connhandle, oadblknum); Oadimgblockreq }74 Eturn (SUCCESS);
Conclusion:
1. The app reads the bin file to be upgraded directly, thanks to the identity check, it is important to note that the firmware type image-a or Image-b, And the size of the upgrade firmware must not be mistaken.
2. Writing data to flash involves a much lower level of operation, which is not explained in detail.
Fourth Step: Bin file analysis
The size of all generated bin files is 124k, such as,
The first question, in the third step above, is to make a judgment on the No. 0 piece of data, so what data is in the No. 0 piece of data?
Open bin File
Line 9th in the third step of the code
UInt16 ver = build_uint16 (pvalue[6], pvalue[7]), if the added sequence is removed, then 0000 is the version number and type, and 007C is the size of the sending block
Second question, is the contents of the bin file the data for all my applications? Answer: No, all non-applied data is populated with FFFF.
But when we upgrade, we still need to upgrade the 124 data
Data block Size: 124K * 1024/(16 bytes) = 7936 pieces of data, which is also illustrated below.
Here, all the analysis has been completed, here is my summary of BLE upgrade when the flowchart and some data.
One: Communication uuid:
II: OTA upgrade flowchart
Mainly divided into two parts:
1. Identity check, the app to send to upgrade the size and type of acient;
2. Transfer the data to be upgraded.
2541 OTA firmware upgrade.