# Flash images

Flashing images involves writing an entire image, including partitions, file systems, and data, onto a storage device. This process helps maintain the functionality, security, and performance of the device.

Follow these steps to flash the images:

1. See [QFPROM fuses](https://docs.qualcomm.com/doc/80-70018-11/topic/appendix-fuse-configurations.html#appendix-fuse-configurations) for the list of fuses to configure.
2. Replace all the binaries with the signed binaries including `prog_firehose_ddr.elf`.
3. To flash all the signed binaries to the device, see [Qualcomm Linux Build Guide ➝ Build with QSC CLI](https://docs.qualcomm.com/bundle/publicresource/topics/80-70017-254/build_from_source_QSC_CLI.html).
4. After generating the signed images and `sec.elf`, enable secure
boot:

    1. Flash the signed images first without `sec.elf` and ensure that the device boots successfully.
    2. Flash the signed images and `sec.elf` using the flash procedure from [Qualcomm Linux Build Guide ➝ Flash images](https://docs.qualcomm.com/bundle/publicresource/topics/80-70017-254/flash_images.html).
    3. Verify that the secure boot is enabled using [Bring up → Verified secure boot](https://docs.qualcomm.com/doc/80-70018-11/topic/bring-up.html#section-bringup-verify-secure-boot-label).
5. When the secure boot is enabled, the device expects images to be flashed using a secure programming method called validated image programming (VIP). In this release, you can proceed with flashing the images on the secure device by disabling VIP using the following workaround programmer (`prog_firehose_ddr.elf`) image at: `<>/BOOT.MXF.1.0.c1/boot_images/boot/QcomPkg/Library/DevPrgLib/devprg_transfer.c`
6. Set the `vip->state` to `VIP_DISABLED` irrespective of the secure boot enable check in the following function:

int devprg_transfer_init(void)
        {
          int secboot, result;
          struct vip_data *vip = &vip_data;
          devprg_init_vip_state();
          secboot = devprg_is_secure_boot_enabled();
        //  if (secboot == 0) /*comment this to set vip state to VIP_DISABLED
            vip->state = VIP_DISABLED;
          result = devprg_transport_init();
          return result;
        }
        Copy to clipboard
7. To rebuild `prog_firehose_ddr.elf`, see [Qualcomm Linux Build Guide ➝ GitHub workflow (firmware and extras)](https://docs.qualcomm.com/bundle/publicresource/topics/80-70017-254/build_addn_info.html).
8. If any of the PIL signed images aren’t flashed using PCAT, follow these steps to push the PIL images manually using SCP:

push adsp, cdsp, modem, wlan, ipa pil split binaries
        Copy to clipboard

    For instructions, see [Qualcomm Linux Build Guide ➝ How to ➝ Sign in using SSH](https://docs.qualcomm.com/bundle/publicresource/topics/80-70017-254/how_to.html#use-ssh).

    1. Copy and replace the PIL split bins and the `.mdt` files generated in the signed output to the `<<QCM6490.LE.x.x>/common/build/ufs/bin/QCM6490_fw/lib/firmware/qcom/qcm6490/` directory.
    2. Connect to the device as the root using SSH. For instructions, see [Qualcomm Linux Build Guide ➝ How to ➝ Sign in using SSH](https://docs.qualcomm.com/bundle/publicresource/topics/80-70017-254/how_to.html#use-ssh).

        Run the following command:

mount -o rw,remount  /
            scp <QCM6490.LE.x.x>/common/build/ufs/bin/QCM6490_fw/lib/firmware/qcom/qcm6490/. root@<IP_address>:/lib/firmware/qcom/qcm6490/
            Push gfx (a660_zap) pil split binaries, a660_zap.mdt and a660_zap.mbn from signed outout
            scp <a660_zap signed output folder>/. root@<IP_address>:/lib/firmware/
            Push signed Venus binary:
            scp vpu20_1v.mbn root@<IP_address>:/lib/firmware/qcom/vpu-2.0/
            reboot
            Copy to clipboard
9. To check for PIL loading success, check for the following logs in dmesg:

[    7.597009] remoteproc remoteproc0: Booting fw image qcom/qcs6490/modem.mdt, size 6052
        [    8.095883] remoteproc remoteproc0: remote processor 4080000.remoteproc is now up
        [    5.938938] remoteproc remoteproc1: Booting fw image qcom/qcs6490/wpss.mdt, size 4612
        [    6.088524] remoteproc remoteproc1: remote processor 8a00000.remoteproc is now up
        [    5.951047] remoteproc remoteproc2: Booting fw image qcom/qcs6490/adsp.mdt, size 6852
        [    6.107310] remoteproc remoteproc2: remote processor 3000000.remoteproc is now up
        [    5.977966] remoteproc remoteproc3: Booting fw image qcom/qcs6490/cdsp.mdt, size 5252
        [    6.135802] remoteproc remoteproc3: remote processor a300000.remoteproc is now up
        Copy to clipboard

## Next steps

- To enforce strict access controls, see [Enable SELinux](https://docs.qualcomm.com/doc/80-70018-11/topic/enable-selinux.html#enable-selinux).
- To create cryptographic keys and certificates to authenticate and encrypt communications, see [Generate key and certificate](https://docs.qualcomm.com/doc/80-70018-11/topic/generate-key-and-certificate.html#generate-key-and-certificate).

Last Published: Apr 10, 2025

[Previous Topic
Generate signed sec.elf image](https://docs.qualcomm.com/bundle/publicresource/80-70018-11/topics/generate-signed-sec-elf-image.md) [Next Topic
Enable SELinux](https://docs.qualcomm.com/bundle/publicresource/80-70018-11/topics/enable-selinux.md)