Snagboot is an open-source and vendor-neutral tool to recover and reflash a wide variety of embedded platforms, leveraging the communication protocols offered by the boot ROMs of most modern system-on-chips. It replaces unpractical, vendor-specific and often closed-source tools provided by silicon vendors.
Spring 2025 has been especially rich in Snagboot contributions. Various bug fixes, feature requests and even support for additional SoC families have been submitted to the official repository. Version 2.4 of Snagboot was released last Monday, which gives us a good opportunity to take a closer look at some of these improvements.
New and improved CI tests
Bootlin engineer Thomas Perrot is the original author of the Snagboot GitHub CI, a convenient asset for maintaining code quality and validation. For this release, Thomas has modernized and extended these GitHub Actions to include stricter enforcement of certain coding style rules. He has also added Windows 11 as an OS test case, a welcome change now that Snagboot supports this OS.
i.MX HABv4 compatibility
An issue was previously raised by a contributor regarding the handling of HAB-closed i.MX devices by Snagrecover. HAB is an i.MX-specific protocol which plays a central role in Verified Boot procedures on these platforms. Once an i.MX SoC is HAB-closed, it cannot boot on unauthenticated images.
Previously, Snagrecover treated all HAB-closed devices as non-recoverable. This was less than ideal, since factory flashing a device closed for Verified Boot using a properly signed image was a fully valid use case.
The fix itself was quite simple: just ignore HAB-closed return codes in Snagrecover. However, this had to be tested internally using a HAB-closed i.MX6 board, which took some time to setup. Once the change had been validated, it was included in release 2.4. Thus, Snagrecover is now ready to handle i.MX devices closed for Verified Boot!
Intel Keem Bay platforms
Back in 2019, Intel announced the Gen 3 Movidius VPU (Vision Processing Unit), which was integrated in a SoC with codename “Keem Bay”. This chip makes use of an ARM Cortex-A53 quad-core as its CPU.
This led to the unexpected outcome of seeing an Intel brand SoC contributed to the ARM-focused Snagboot! Luxonis, a Colorado-based company specializing in Computer Vision, makes use of the Intel Keem Bay SoC in some of its products. The new Snagrecover support for Intel Keem Bay comes courtesy of a Luxonis employee, and is now available in release 2.4.
Many thanks to everyone who contributed to this release! The Embedded Linux Conference Europe 2025 is right around the corner, and Snagfactory will be featured in a joint conference from TI and Bootlin and will also be demonstrated as part of the Technical Showcase, so stay tuned!