Vault 7: Projects
This publication series is about specific projects related to the Vault 7 main publication.
vectors, high priority interrupt vector and low priority interrupt vector, and they are located at 0x0008 and 0x0018
respectively. PIC16F devices have one interrupt vector located at 0x0004.
3. Bootloader Absolute Entry – This is the absolute entry point into the bootloader firmware, so application projects can jump
into bootloader mode at runtime. The entry address that is currently set in the PIC18 and PIC16 bootloader is 0x001C.
4. Bootloader code – This is where the bootloader code resides. This section handles all of the loading of the new
application code.
5. User Remapped Reset Vector – This section is defined by the bootloader. This is the remapped reset vector address that
indicates start of the main application code.
6. User Remapped Interrupt Vector – Since the hardware interrupt vector is located in the bootloader space, the bootloader
must remap all of the interrupts to the application space. This is done using user remapped interrupt vector. In PIC16 and
PIC18 bootloader implementations, user remapped interrupt vector(s) are defined in the bootloader code.
7. Application code – This section is where the main application code is located.
8. Flash Signature Word – This is the address in program memory in Application Space where Flash Signature Word is
located. This is a special program memory word that gets programmed (only after the entire erase/program/verify process
is completed successfully) with a known value, and indicates to the bootloader code that the application firmware image is
fully intact. It is necessary for the flash signature word to be located on the very first erase page during the erase
sequence, and must also be the very last portion of program memory that gets re-programmed. In the current
implementation, the Flash Signature Word is located within the application program memory space, at a specific fixed
address. Additional details on Flash Signature process are described in the Flash Signature section.
9. Application Firmware Version Word – This word also resides in the application space, but it is used by the bootloader
firmware to read out the application firmware version number. In the current implementation, this word is located at fixed
address in the application space. Additional details on Application Firmware Version Word are described below.
1.6.3.2.3.1.2 QUERY_EXTENDED_INFO Response
This section discusses the results returned by the QUERY_EXTENDED_INFO command for the PIC16/PIC18 devices.
Description
QUERY_EXTENDED_INFO is a command that may be sent from the PC GUI application controlling the bootloading
process, to the bootloader firmware. This command is only supported in bootloader firmware version 1.01 or later.
When the firmware receives this command from the host, the firmware is obligated to send back a response packet on the
HID interrupt IN endpoint. For PIC16 and PIC18 devices, the QUERY_EXTENDED_INFO has the following structure (note:
format is architecture specific, and will not necessarily be the same for devices identifying themselves as PIC24 or other
devices):
//Structure for the QUERY_EXTENDED_INFO command (and response)
struct{
unsigned char Command;
unsigned int BootloaderVersion;
unsigned int ApplicationVersion;
unsigned long SignatureAddress;
unsigned int SignatureValue;
unsigned long ErasePageSize;
unsigned char Config1LMask;
unsigned char Config1HMask;
unsigned char Config2LMask;
unsigned char Config2HMask;
unsigned char Config3LMask;
unsigned char Config3HMask;
unsigned char Config4LMask;
unsigned char Config4HMask;
unsigned char Config5LMask;
unsigned char Config5HMask;
unsigned char Config6LMask;
unsigned char Config6HMask;
unsigned char Config7LMask;
unsigned char Config7HMask;
};
The “ConfigxH/LMask” values in the response structure should be loaded with the appropriate AND mask values that the PC
application should use when performing the verify operation, and comparing the read out contents of memory versus the
.hex file contents. Generally speaking, unimplemented configuration bit positions should be excluded from the verify
1.6 Demos MLA - USB Library Help Device - Boot Loader - HID
252
Protego_Release_01_05-Related-OEM-Documentation-MLA_v2013_12_20-help_mla_usb.pdf