diff options
-rw-r--r-- | doc/usage | 27 | ||||
-rw-r--r-- | src/Makefile | 2 | ||||
-rw-r--r-- | src/fiasco.c | 268 | ||||
-rw-r--r-- | src/main.c | 65 | ||||
-rw-r--r-- | src/main.h | 12 |
5 files changed, 255 insertions, 119 deletions
@@ -8,6 +8,7 @@ Tablets (n770 and n800). - reboot de mother board - extract the current firmware pieces from the device (dump) - set the USB host/slave mode + - pack/unpack fiasco firmwares - fine grained R&D flags support - identify firmware pieces - dump mtd partitions (embedded mtd-utils source code) @@ -19,27 +20,29 @@ Tablets (n770 and n800). This is the help message of the tool: <pre> <b>~$ 0xFFFF -h</b> -0xFFFF v0.2 // The Free Fiasco Firmware Flasher +0xFFFF v0.3 // The Free Fiasco Firmware Flasher -b [arg] boots the kernel with arguments + -c console prompt mode + -C [/dev/mtd] check bad blocks on mtd + -d [vid:pid] injects a usb device into the supported list + -D [0|1|2] sets the root device to flash (0), mmc (1) or usb (2) -e [path] dump and extract pieces to path - -r [0|1] disable/enable R&D mode -f <flags> set the given RD flags (see '-f help') - -p [[p%]file] piece-of-firmware % file-where-this-piece-is - -u [fiasco] unpack target fiasco image - -U [0|1] disable/enable the usb host mode - -s [serial] serial port console (minicom like terminal) - -C [/dev/mtd] check bad blocks on mtd - -c console prompt mode + -F [fiasco] flash a fiasco firmware image -h show this help message + -H [file] calculate hash for file -i show device information (let standby mode) -I [piece] identify a firmware piece - -l list supported usb device ids - -d [vid:pid] injects a usb device into the supported list - -D [0|1|2] sets the root device to flash (0), mmc (1) or usb (2) + -l, -L list supported usb device ids + -p [[p%]file] piece-of-firmware % file-where-this-piece-is + -r [0|1] disable/enable R&D mode -R reboot the omap board - -x extract configuration entries from /dev/mtd1 + -s [serial] serial port console (minicom like terminal) + -u [fiasco] unpack target fiasco image + -U [0|1] disable/enable the usb host mode -v be verbose and noisy -V show 0xFFFF version information + -x extract configuration entries from /dev/mtd1 Pieces are: xloader secondary kernel initfs rootfs omap-nand </pre> diff --git a/src/Makefile b/src/Makefile index 5d9203b..d8547ae 100644 --- a/src/Makefile +++ b/src/Makefile @@ -1,4 +1,4 @@ -VERSION=0.2 +VERSION=0.3 OBJ=main.o fiasco.o hexdump.o dump.o flash.o serial.o OBJ+=hash.o fpid.o query.o pieces.o utils.o devices.o console.o BIN=0xFFFF diff --git a/src/fiasco.c b/src/fiasco.c index 31198dd..d31c846 100644 --- a/src/fiasco.c +++ b/src/fiasco.c @@ -16,119 +16,211 @@ * along with this program. If not, see <http://www.gnu.org/licenses/>. */ -#include "main.h" #include <stdio.h> #include <string.h> #include <stdlib.h> +#include <fcntl.h> #include <unistd.h> #include <sys/types.h> #include <sys/stat.h> -#include <fcntl.h> +#include <arpa/inet.h> +#include "main.h" -#warning The FIASCO format is not yet fully implemented. +void (*fiasco_callback)(struct header_t *header) = NULL; -off_t piece_header_to_size(unsigned char *header) +int openfiasco(char *name) { - off_t sz = 0; - sz += header[0x15+3]; - sz += header[0x15+2] << 8; - sz += header[0x15+1] << 16; - sz += header[0x15+0] << 24; - return sz; -} + struct header_t header; + unsigned char buf[128]; + unsigned char data[128]; + unsigned int namelen; + int i; + int fd = open(name, O_RDONLY); -int piece_header_is_valid(unsigned char *header) -{ - if (header[0]=='T' && header[1]=='\x02') + if (fd == -1) { + fprintf(stderr, "Cannot open %s\n", name); return 1; + } + + /* read header */ + read(fd, buf, 5); + if (buf[0] != 0xb4) { + printf("Invalid header\n"); + return close(fd); + } + memcpy(&namelen,buf+1,4); + namelen = ntohl(namelen); + if (namelen>128) { + printf("Stupid length at header. Is this a joke?\n"); + return close(fd); + } + memset(buf,'\0', 128); + read(fd, buf, namelen); + // 6 first bytes are unknown + // buf 00 00 00 VERSION e8 0e +// printf("6Bytes: %02x %02x %02x %02x %02x %02x\n", +// buf[0], buf[1], buf[2], buf[3], buf[4], buf[5]); + printf("Fiasco version: %2d\n", buf[3]); + strcpy(header.fwname, buf+6); + for(i=6;i<namelen;i+=strlen(buf+i)+1) { + printf("Name: %s\n", buf+i); + } + + /* walk the tree */ + while(1) { + if (read(fd, buf, 9)<9) + break; + + if (buf[0] != 0x54) { // 'T' + printf("unexpected header at %d, found %02x %02x %02x\n", + (int)lseek(fd, 0, SEEK_CUR), + buf[0], buf[1], buf[2]); + break; + } + header.hash = buf[7]<<8|buf[8]; + //printf("BYTE: %02x %02x %02x %02x %02x %02x\n", + // buf[1], buf[2], buf[3], buf[4], buf[5], buf[6]); + + /* piece name */ + memset(data, '\0', 13); + if (read(fd, data, 12)<12) + break; + if (data[0] == 0xff) { + printf(" [eof]\n"); + break; + } else printf(" %s\n", data); + strcpy(header.name, data); + + if (read(fd, buf, 9)<9) + break; + memcpy(&header.size, buf,4); + header.size = ntohl(header.size); + printf(" size: %d bytes\n", header.size); + printf(" hash: %04x\n", header.hash); + //printf("BYTE: %02x %02x %02x %02x %02x\n", + // buf[4], buf[5], buf[6], buf[7], buf[8]); + /* XXX this is not ok */ + //printf("BUF8: %02x\n", buf[8]); + while (buf[8] && buf[8]>'0' && buf[8] < '9') { + if (read(fd, data, 1)<1) + break; + i = data[0]; + if (read(fd, data, i)<i) + break; + if (data[0]) + printf(" version: %s\n", data); + strcpy(header.version, data); + if (read(fd, buf+8, 1)<1) + break; + } + /* callback */ + if (fiasco_callback != NULL) { + header.data = (char *)malloc(header.size); + if (header.data == NULL) { + printf("Cannot alloc %d bytes\n", header.size); + break; + } + read(fd, header.data, header.size); + fiasco_callback(&header); + free(header.data); + continue; + } + lseek(fd, header.size, SEEK_CUR); + } return 0; } -#define piece_header_to_name(x) x+0x9; +/* fiasco writer */ -/* - * Teh Fiasco firmware parser lives here! - */ -int fiasco_read_image(char *file) +int fiasco_new(const char *filename, const char *name) { int fd; - unsigned char header[5]; - unsigned char version[55]; - char *version2; - - fd = open(file, O_RDONLY); + int len = htonl(strlen(name)); + fd = open(filename, O_RDWR|O_CREAT); + if (fd == -1) + return -1; + write(fd, "\xb4", 1); + write(fd, &len, 4); + /* version header */ + write(fd, "\x00\x00\x00\x02\xe8\x0e", 6); + write(fd, name, strlen(name)+1); + return fd; +} - printf("WARNING: Fiasco firmware is not yet fully supported. Don't relay on it ATM.\n"); +int fiasco_add_eof(int fd) +{ + unsigned char buf[32]; + if (fd == -1) + return -1; + memset(buf,'\xff', 32); + write(fd, buf, 32); + return 0; +} - if (fd == -1) { - printf("Cannot open fiasco image.\n"); +int fiasco_add(int fd, const char *name, const char *file, const char *version) +{ + int gd; + unsigned int sz; + unsigned char len; + unsigned short hash; + unsigned char *ptr = &hash; + char bname[13]; + + if (fd == -1) + return -1; + gd = open(file, O_RDONLY); + if (gd == -1) return -1; + sz = htonl((unsigned int) lseek(gd, 0, SEEK_END)); + // 4 bytes big endian + write(fd, "T\x02\x2e\x19\x01\x01\x00", 7); // header? + /* checksum */ + hash = do_hash_file(file); + ptr[0]^=ptr[1]; ptr[1]=ptr[0]^ptr[1]; ptr[0]^=ptr[1]; + write(fd, hash, 2); + + memset(bname, '\0', 13); + strncpy(bname, name, 12); + + write(fd, &sz, 4); + if (version) { + /* append metadata */ + //write(fd, version, + write(fd, "\x00\x00\x00\x00\x31", 5); + len = strlen(version); + write(fd, &len, 1); + write(fd, version, len); + write(fd, "\x00\x9b", 2); + } else { + write(fd, "\x00\x00\x00\x00\x9b", 5); } + return 0; +} - // b4 00 00 00 00 36 - if (read(fd, header, 5) != 5) { - printf("Error reading fiasco header\n"); - goto __fiasco_read_image_end; - } - if (header[0] != 0xb4) { - printf("Invalid fiasco signature.\n"); - goto __fiasco_read_image_end; - } - // skip 6 bytes - read(fd, version, 6); +/* local code */ +#if 0 +void my_callback(struct header_t *header) +{ + printf("Dumping %s\n", header->name); + printf("DATA: %02x\n", header->data[0]); +} - // print version header - if (read(fd, version, 55) != 55) { - printf("Error reading fiasco version.\n"); - goto __fiasco_read_image_end; +int main(int argc, char **argv) +{ + if (argc!=2) { + printf("Usage: unfiasco [file]\n"); + return 1; } - printf("# Fiasco header information:\n"); - printf("# ==========================\n"); - printf("# firmware type: %s\n", version); - version2 = version+strlen((char *)version)+3; - if (*version2=='.') - printf("firmware version: (null) (old firmware? no version string found?)\n"); - else printf("firmware version: %s\n", version2); - - // pieces: - // after the version2 string starts the header-body loop love - lseek(fd, 0xf + strlen(version2) + strlen(version), SEEK_SET); - do { - char piece_header[30]; - char description[256]; - unsigned char desc_len; - char *name; - off_t size; - off_t tmp = lseek(fd, 0, SEEK_CUR); - - size = read(fd, piece_header, 30); - if (size != 30) { - fprintf(stderr, "Unexpected end of file\n"); - break; - } - dump_bytes(piece_header,30); - if (!piece_header_is_valid(piece_header)) { - fprintf(stderr, "Oops. Invalid piece header.\n"); - break; - } - size = piece_header_to_size(piece_header); - name = piece_header_to_name(piece_header); - printf("# %s is %lld bytes\n", name, size); - - read(fd, description, 255); - printf("# version: %s\n", description); - /* lseek foreach subimage */ - lseek(fd, tmp, SEEK_SET); - lseek(fd, strlen(description) + 0x20, SEEK_CUR); - printf("rsc '%s' %lld '%s.bin' 0 %lld\n", file, lseek(fd,0,SEEK_CUR), name, size); - lseek(fd, size, SEEK_CUR); - } while(1); - - //printf("Image '%s', size %d bytes.\n", image, size); - -__fiasco_read_image_end: +/* + fd = fiasco_new("myfiasco", "pancake-edition"); + fiasco_add(fd, "kernel", "zImage", "2.6.22"); close(fd); - return 0; +*/ + +// fiasco_callback = &my_callback; + + return openfiasco(argv[1]); } +#endif @@ -73,27 +73,28 @@ void show_usage() { int i; show_title(); - printf(" -b [arg] boots the kernel with arguments\n"); + printf(" -c console prompt mode\n"); + printf(" -C [/dev/mtd] check bad blocks on mtd\n"); + printf(" -d [vid:pid] injects a usb device into the supported list\n"); + printf(" -D [0|1|2] sets the root device to flash (0), mmc (1) or usb (2)\n"); printf(" -e [path] dump and extract pieces to path\n"); - printf(" -r [0|1] disable/enable R&D mode\n"); printf(" -f <flags> set the given RD flags (see '-f help')\n"); - printf(" -p [[p%%]file] piece-of-firmware %% file-where-this-piece-is\n"); - printf(" -u [fiasco] unpack target fiasco image\n"); - printf(" -U [0|1] disable/enable the usb host mode\n"); - printf(" -s [serial] serial port console (minicom like terminal)\n"); - printf(" -C [/dev/mtd] check bad blocks on mtd\n"); - printf(" -c console prompt mode\n"); + printf(" -F [fiasco] flash a fiasco firmware image\n"); printf(" -h show this help message\n"); + printf(" -H [file] calculate hash for file\n"); printf(" -i show device information (let standby mode)\n"); printf(" -I [piece] identify a firmware piece\n"); - printf(" -l list supported usb device ids\n"); - printf(" -d [vid:pid] injects a usb device into the supported list\n"); - printf(" -D [0|1|2] sets the root device to flash (0), mmc (1) or usb (2)\n"); + printf(" -l, -L list supported usb device ids\n"); + printf(" -p [[p%%]file] piece-of-firmware %% file-where-this-piece-is\n"); + printf(" -r [0|1] disable/enable R&D mode\n"); printf(" -R reboot the omap board\n"); - printf(" -x extract configuration entries from /dev/mtd1\n"); + printf(" -s [serial] serial port console (minicom like terminal)\n"); + printf(" -u [fiasco] unpack target fiasco image\n"); + printf(" -U [0|1] disable/enable the usb host mode\n"); printf(" -v be verbose and noisy\n"); printf(" -V show 0xFFFF version information\n"); + printf(" -x extract configuration entries from /dev/mtd1\n"); printf("Pieces are: "); for(i=0;pieces[i];i++) printf("%s ", pieces[i]); printf("\n"); // serial port support is not yet done (cold flash is for flashing the 8kB nand) @@ -102,10 +103,32 @@ void show_usage() exit(0); } + +void unpack_callback(struct header_t *header) +{ + FILE *fd = fopen(header->name, "wb"); + if (fd == NULL) { + printf("Cannot open file.\n"); + return; + } + fwrite(header->data, header->size, 1, fd); + fclose(fd); +} + void unpack_fiasco_image(char *file) { - fiasco_read_image(file); - // TODO + printf("Dumping firmware pieces to disk.\n"); + fiasco_callback = &unpack_callback; + openfiasco( file ); +} + +int fiasco_flash(char *file) +{ + /* TODO */ + fiasco_callback = NULL; + openfiasco( file ); + + printf("\nTODO: Implement the fiasco flashing here.\n"); } int connect_via_usb() @@ -185,12 +208,17 @@ int main(int argc, char **argv) { int c; - while((c = getopt(argc, argv, "C:cp:vVhRu:ib:U:r:e:ld:I:D:f:s:x")) != -1) { + while((c = getopt(argc, argv, "C:cp:vVhRu:ib:U:r:e:Lld:I:D:f:F:s:xH:")) != -1) { switch(c) { + case 'H': + printf("xorpair: %04x\n", do_hash_file(optarg)); + return 0; case 'x': return dump_config(); case 'c': return console_prompt(); + case 'F': + return fiasco_flash(optarg); case 'd': sscanf(optarg, "%04hx:%04hx", &supported_devices[SUPPORTED_DEVICES-2].vendor_id, @@ -232,6 +260,7 @@ int main(int argc, char **argv) case 'p': add_piece(optarg); break; + case 'L': case 'l': list_valid_devices(); return 0; @@ -274,9 +303,9 @@ int main(int argc, char **argv) && (usb_mode == -1) && (root_device == -1)) { - printf("Usage: 0xFFFF [-hvVRi] [-e path] [-U 0|1] [-p [piece%%]file [-p ...]]\n"); - printf(" [-b boot-args] [-I piece [-I ...]] [-u fiasco-image] [-x]\n"); - printf(" [-D 0|1|2] [-F rd flags] [-s serial-dev] [-c] [-C mtd-dev]\n"); + printf("0xFFFF [-chiLRvVx] [-C mtd-dev] [-d vid:pid] [-D 0|1|2] [-e path] [-f flags]\n"); + printf(" [-F fiasco] [-H hash-file] [-I piece] [-p [piece%%]file]] [-r 0|1]\n"); + printf(" [-s serial-dev] [-u fiasco-image] [-U 0|1]\n"); return 1; } @@ -77,4 +77,16 @@ extern char *pieces[]; extern char *modes[]; extern char *root_devices[]; +// fiasco +extern void (*fiasco_callback)(struct header_t *header); +struct header_t { + char fwname[128]; + char name[128]; + char version[128]; + unsigned short hash; + unsigned int size; + unsigned char *data; +}; + + #endif |