Additionals to document about flashing over Volcano protocol
https://github.com/prometey1982/VolvoTools/blob/master/PrimaryBoot_169.pdfSend data to CM:
A8 + number of bytes. For example for TCM with 6E addr:
Send 6 bytes:
FFFFE 6E AE 11 22 33 44 55 66
Send 5 bytes:
FFFFE 6E AD 11 22 33 44 55
Send 4 bytes:
FFFFE 6E AC 11 22 33 44
Send 3 bytes:
FFFFE 6E AB 11 22 33
Send 2 bytes:
FFFFE 6E AA 11 22
Send 1 byte:
FFFFE 6E A9 11
Send transmission completed:
FFFFE 6E A8
I'm using next sequence to write TCM:
FFFFE FF 86 multiple times to both CAN buses to stop CAN transmission
FFFFE 6E C0 - start primary bootloader
FFFFE 6E 9C FF FF 82 00 - set memory pointer for next command
5 6E 9C FF FF 82 00 - answer from TCM
Then loop with (A8+size) commands with bootloader data.
FFFFE 6E 9C FF FF 82 00 - set memory pointer for jump command
5 6E 9C FF FF 82 00 - answer from TCM
FFFFE 6E A0 - run code at jump point
At this point TCM is running SBL. Then for each block except last
const std::vector<uint32_t> chunks{0x8000, 0x10000, 0x20000,
0x30000, 0x40000, 0x50000,
0x60000, 0x70000, 0x80000};
Erasing and writing should be done.
Erase command for 0x8000 block:
FFFFE 6E C9 00 00 80 00 00 00
5 6E C9 00 00 80 00 00 00 - set pointer complete
FFFFE 6E F8 00 00 00 00 00 00 - erase command
5 6E F9 - erase complete
Write data to 0x8000 block command:
FFFFE 6E C9 00 00 80 00 00 00
5 6E C9 00 00 80 00 00 00 - set pointer complete
loop with block data:
FFFFE 6E AE 11 22 33 44 55 66 - send data to TCM
the last block should be filled with (A8+length) rules.
And this transfer completed command must be send
FFFFE 6E A8
