Commit graph

59 commits

Author SHA1 Message Date
Amaury Pouly
4362a7ba33 imxtools/sbtools: add -jump command, fix help
Change-Id: I0d5d61c1dc137333bda5e403d06a43d16f2750bf
2013-02-18 13:40:25 +01:00
Amaury Pouly
ac9304299d sbtools/elftosb1: implement key file loading
Change-Id: I2273b8d6314250620611ec50d159237edc6d76c2
2013-02-18 13:40:25 +01:00
Amaury Pouly
b05b762ed4 sbtools: add brute force option for sb1 in sbtoelf
After some reverse engineering, it appears that the keys of the
sb1 format are very weak: the 128 bytes are generated from the
laserfuse words 4,5 and 6 but in a weird manner: 4 and 5 are
simply ORed and 6 is only half used (somehow), making it "only" a
48 bit word to find.

Change-Id: I40702e19d0924ef51c01894efce3cb65bd664456
2013-02-16 20:49:07 +01:00
Amaury Pouly
4db4985f21 sbtools: increase performance by compiling with O3, add zenv key
Change-Id: I2301f695e49d306d21bb9efa9c44acf1d3296a08
2013-02-16 20:49:07 +01:00
Amaury Pouly
a085c10674 imxtools/hwemul: fix Makefile linking order
Change-Id: Ie9ad10c627a86b1e6e689052fd436529d3ba6591
2013-01-30 00:02:56 +00:00
Amaury Pouly
9d2631854c imxtools/hwemul: add readline support
Change-Id: If2e86bf8b520a8d4c38a56ac969918fdeb2c6f91
2013-01-29 23:58:45 +00:00
Amaury Pouly
6d5b1b2448 imxtools/sbtoelf: add more robust version guess
Change-Id: I41ce1005d997cf35153e085b19294bb7d418e968
2013-01-29 20:46:28 +00:00
Amaury Pouly
5b00e59614 imxtools/sbtools: fix file type detection
Change-Id: I872e98f5810df3ecc975e025385f9c5ca7b47a44
2013-01-26 18:24:50 +00:00
Amaury Pouly
75df5c2684 imxtools/hwemul: allow for toolchain prefix override
Change-Id: I4f790441edac01ab2e8cb286c766ea0b272b4780
2013-01-26 18:24:50 +00:00
Amaury Pouly
8ed0d198c5 imxtools/scsitools: add support for more commands
Change-Id: Iddff64502ba357dcd36903d31015b9ae2d00ae62
2013-01-15 19:42:20 +00:00
Amaury Pouly
b9923df170 imxtools/nwztools: fix compilation for windows
There is a windows port of the sg_utils library for scsi pass-
through. This little changes make it compile under mingw. A better
fix would be to implement direct ioctl on both windows and linux
but that's already better than nothing

Change-Id: I0d77cd1bad69806a66f0590362f165f24fa240e9
2013-01-10 00:51:35 +00:00
Amaury Pouly
423755d1bd imxtools/sbtools: improve sb1 key handling
Change-Id: Ib014a102fe44a67dd256e45e804bca9b5812eb61
2012-12-26 01:17:28 +01:00
Amaury Pouly
c3a7190d78 imxtools/sbtools: add crypto code for documentation purpose
Change-Id: I4f3c659d65c1453b192cbce4bf6c85d882761929
2012-12-26 01:17:27 +01:00
Amaury Pouly
54a414b69e elftosb1: fix usage()
Change-Id: I9ce73b907fa6276b9cd1f285156623bdafa6d548
2012-12-26 01:17:27 +01:00
Amaury Pouly
b748243d4f imxtools/sbtools: implement rom/product/component version switch
Change-Id: If3ebae2e60f324c93f85a4f1a6f30257cccb735d
2012-12-16 23:35:23 +01:00
Amaury Pouly
fa1af088e9 imxtools/sbtools: fix sb1 product/component version writing
Change-Id: I0153192f41ccc5fb98e7e9f6f110d97bd76dbc47
2012-12-16 23:35:03 +01:00
Amaury Pouly
47f6d77690 imxtools/sbtools: "fix" address handling in ELF
This is a common problem that proprietary tools don't handle ELF
files correctly. ELF sections use a virtual address and the
virtual -> physical translation is done though segments. This
allows to have a load (physical) address different from the
virtual one. Here is the trick: proprietary tools usually don't
take the pain to do the translation and just grab the virtual
address. This commit implements proper translation in elftosb1
knowing that this introduce a deviation from the behaviour of the
proprietary tool.

Change-Id: I91721a3a8dead382a0603f84ae3b35c5eb9704eb
2012-12-16 21:28:41 +01:00
Amaury Pouly
1e2e79d668 imxtools/sbtools: introduce elftosb1 for stmp36xx
The tool still lacks some feature of the proprietary one but
can create files with all the basic features.

Change-Id: Ib0c91210940ca829291ce70945f88dc510a49974
2012-12-16 21:28:41 +01:00
Amaury Pouly
212cfdf771 imxtools/sbtools: fix some instruction handling & crypto
Change-Id: I6530bdf27896d8325dec4e2ba31c7e6a0131a286
2012-12-16 21:28:41 +01:00
Amaury Pouly
f4f600fc52 imxtools/sbtools: add elf function (sort by address)
Change-Id: Ib68746e11b43eadbbe0443626d4dc65d998348fa
2012-12-16 21:28:41 +01:00
Amaury Pouly
be9787f2e6 imxtools/sbtools: update misc with MIN
Change-Id: I17daaff068fcd3a8c70c52db5fa209082461173f
2012-12-16 21:28:41 +01:00
Amaury Pouly
6f47b29915 imxtools/sbtoelf: use new method to get default xor key
Change-Id: Ie00306a3c78e7490afe9964bd55ce53019e603ed
2012-12-16 01:53:20 +01:00
Amaury Pouly
4fc3397c5b imxtools/sbtools: implement sb1 write
Change-Id: Ic36d3a8fcf09350dff5988eb860d76eb11608cc2
2012-12-16 01:52:19 +01:00
Amaury Pouly
51604e8445 imxtools/elftosb: remove duplicate include
Change-Id: I34776ba3608bb5d25ce0d0fb3c6f228a4c9effc0
2012-12-16 01:51:49 +01:00
Amaury Pouly
cdaef6f382 imxtools/hwemul: remove useless code (pwm)
The PWM code was for testing only the Zen X-Fi and should be
present in general because it could touch pins by error and
without producing any result.

Change-Id: Id20e2940cd7a057941d241254d0a867f5451e2db
2012-12-14 12:06:11 +01:00
Amaury Pouly
788bf2e3b2 imxtools/sbloader: implement stmp36xx recovery support
Change-Id: I6cfb432cd474ca00d7dff77577c0aa499b78fe2d
2012-12-13 16:02:58 +01:00
Amaury Pouly
153bc0d7ec sbtools/sbload: prepare support for the stmp36xx
Change-Id: I13147009f2573d80c2c3dca2852a6d7b45174e9d
2012-12-13 00:24:19 +01:00
Amaury Pouly
2a52b937e4 imxtools/scsitool: retrieve the minimum amount of inquiry data
Some device only report the minimum (36 bytes) amount of inquiry
data so don't ask for more

Change-Id: Ie74d659f6e27b077acba160aeb87d1e7edf82e66
2012-12-13 00:23:33 +01:00
Amaury Pouly
c644f6b7f1 sbootls/rsrc: fix warnings
Change-Id: Id756cab14c9151ea74d628d002e1a203c5fbf01a
2012-12-13 00:23:07 +01:00
Amaury Pouly
b86b0a1b44 imxtools: introduce the new scsitool
It appears that all devices based on the Sigmaltel SDK support a
common vendor specific SCSI interface when in UMS mode. This
applies to the STMP36xx and the STMP37xx. This interface supports
many operations:
- get device info
- get device paritionning
- get janus/drm info
- read/write/allocate/erase any partition
- reset (chip or to updater and/or recovery)
This includes the ability to do a firmware upgrade by rewriting
the firmware partition. The tool currently does mostly nothing
but will be enhanced depending on the reverse engineering efforts
and the use of it. It has been tested on the Fuze+ and the Zen
X-Fi2/3.

Change-Id: Ibd4b2ad364c03ada4f9001573ef4cc87cfb041d1
2012-12-11 20:20:49 +01:00
Amaury Pouly
8666e83aaa rsrctool: improve debug output
Change-Id: I3a4fc048466b9e4d7290237efc1cefb07fd0a118
2012-12-06 12:17:50 +01:00
Amaury Pouly
4dd2c5277b hwemul: fix code (out of bound access)
As noticed by bertrik some code accesses an array out of its bounds

Change-Id: I891d0305213ca7081c386b306f87fe9e1ba3b6c5
2012-12-02 11:51:50 +01:00
Amaury Pouly
9f19209c77 rsrctool: produce an actually usuable entry list of the rsrc file
Change-Id: I6c8e5f3faf04741e4a13c1e705e9e869ccf8cfec
2012-12-02 11:51:50 +01:00
Amaury Pouly
ee36a396cd imxtools: introduce rsrctool to manipulate rsrc sections
This tool is very preliminary but could be use for whatever
purpose since the format of the rsrc sections is now known.
By the way it appears that this format is the same as the
one use by the stmp36xx for its resources.

Change-Id: Idd7057f5cdce5af9726904169bb100c8bacb0981
2012-11-29 17:30:54 +01:00
Amaury Pouly
9d77ad364d sbtoelf: add switch to prevent elf simplification
While elf simplification is a powerful tool it can be useful to
prevent it from happening for debug purposes. Also add a missing
switch description in usage() and missing static.

Change-Id: I80a1904dc4340c412bd3de1c124a2e38d6ac11a2
2012-11-28 00:17:15 +01:00
Amaury Pouly
f988f5c951 sbtoelf: also simplify elf files for sb2
This is less useful is most cases because sb2 doesn't have the
size restritions but some elf are produced with one section per
file and still yield dozens or hundreds of sections. And this free
anyway so we can do it.

Change-Id: Ia5ca83a8375063ecc7052d1ea73b2b21c00be730
2012-11-28 00:12:17 +01:00
Amaury Pouly
1c14041041 sbtoelf: implement elf simplification
Change-Id: Icfac5a2aa6a7b3582054321df003c6bb217b59d0
2012-11-28 00:06:31 +01:00
Amaury Pouly
8189732e52 sbtoelf: implement sb extraction for sb1
Load, fill and call/jump instructions are extracted as elf files
like for sb2. Because of the size limitations of the sb1
instructions, the resulting elf files can easily have hundreds of
sections. The (currently) implemented elf simplification method
will hopefully reduce this to a few sections only

Change-Id: I8fd6ed935ac3128f244bbd71c782e2a0a1c6d44a
2012-11-27 22:38:48 +01:00
Amaury Pouly
7dc3e939d2 sbtoelf: implement sb1 loading and dumping
Implement actual loading of a sb1 file to a structure in full
generality. Also implement dumping for debug purpose

Change-Id: I320035ea628719480a79aaccb05dce9a83256927
2012-11-27 22:16:56 +01:00
Amaury Pouly
9716d1f1f9 sbtools: add forgotten file
Change-Id: I701a301efa369c9e1247e10d226ba69e6064d1b2
2012-11-27 00:01:35 +01:00
Amaury Pouly
4e95b72ecb sbtools: add support for the stmp36xx format
The STMP36xx series also uses .sb files but with a different
format. The main differences are the encryption and the lack of
sections, making it basically a list of commands: fill, load,
call, jump, switch mode, set sdram settings. Currently only the
sbtoelf has support for the sb1 and can only dump the list of
commands. Actual support for elf creation will come later.

Change-Id: I1f2e0230c91ac64efd0e8430e0c5212098c599fd
2012-11-26 23:58:30 +01:00
Amaury Pouly
f44d95630c imxtools: introduce hwemul
The hwemul tool is a small binary blob running on the device
that can received commands over USB. It is mainly intended to be
loaded using the recory mode and allows to read/write registers,
memory, use the OTP device, ... The tool is split into three
parts: dev/ contains the actual blob (which handles both imx233
and stmp3700), lib/ contains the communication library and can
also use the register description produced by the regtools/
to ease register by name, tools/ contains an interactive tool
to send commands to the device when running the blob.

Change-Id: Ie8cb32e987f825d8ed750d48071e43415b4dacb3
2012-11-14 12:51:51 +01:00
Amaury Pouly
ec2153f2dd regtools: add the imx233/stmp3780 and the stmp3700 reg map
These files were produced by parsing some linux and/or sigmatel
provided headers and later tweaked by hand or by programs.
Each file describes one or more soc. A soc has a list of devices.
Each device can either be unique or have several copies at
different addresses. Each device has a list of registers which
can either be unique or indexed. Each register can further have
a list of fields. Registers with a SCT variant are also handled.

Change-Id: Ib50bb3fda268b6d5713f81bd8961de7978a5815e
2012-11-14 12:37:32 +01:00
Amaury Pouly
0c6b63479d imxtools: add regtools to work with register descriptions
These tools allow one to read a register description in a XML
file and to produce something useful out of it. Three example
programs are written:
- tester which simply prints the register tree
- headergen which produces a set of headers with the #define
- hwemulgen which produces something for the hwemul tool (to come)

Change-Id: I52573688b29d5faeaf64ce7c5ffe08ee8db3d33c
2012-11-14 12:35:21 +01:00
Amaury Pouly
7c9e7ec707 sbtools: add option to force sb dump
In the case of encrypted SB files without any key match, it is
still possible to dump the section headers. The force option
allows one to do so. It also allows to dump unencrypted sections
of encrypted files if there are some.

Change-Id: I36280230679ac5903f9c451c68c276f5c6959536
2012-06-27 14:55:58 +02:00
Amaury Pouly
a87a9ef373 imxtools: move tools to a new sbtools/ subdirectory
Change-Id: I0d8d6831b35037725486f61fc363de87bc8ba92e
2012-05-31 13:57:25 +02:00
Amaury Pouly
391f3ea2ae Cosmetics
Change-Id: I6ad5b6c2e4f8f57db2068fe372ab4ecadf4d03a9
2012-05-20 01:35:24 +02:00
Amaury Pouly
9f89ffa71c mkimxboot: fix warnings
Change-Id: If88b61566d8c81eda7cfc482fa82213657ae41b2
2012-05-19 16:48:15 +02:00
Amaury Pouly
b62ec2ba80 imxtools: make sb api work with in-memory files
Change-Id: I517244802efb118be214437bbaea2ef811e87aea
2012-05-19 16:10:52 +02:00
Amaury Pouly
a0009907de imxtools: fix missing '\n'
Change-Id: I93630f5c303064deb5880421202425046aa3074f
2012-04-25 13:36:38 +02:00