This is needed on the jz4760b because if some data is loaded to DRAM, then it
is cached and a disaster lurks if dcaches/icache are not flushed. Targets that
needs this must define CONFIG_FLUSH_CACHES in target-config.h and implement
target_flush_caches(). Currently MIPS has some generic code for mips32r1 that
requires to define {D,I}CACHE_SIZE and {D,I}CACHE_LINE_SIZE in target-config.h
Change-Id: I5a3fc085de9445d8c8a2eb61ae4e2dc9bb6b4e8e
The stub is quite versatile: it can be loaded using bootrom or another other
means (like factory boot on Fiio X1). It relocates itself to TCSM0 and provides
basic functionality (it does not recover from failed read/writes at the moment).
Change-Id: Ib646a4b43fba9358d6f93f0f73a5c2e9bcd775a7
The jz code can do several useful things like dumping the IPL and SPL.
The Fiio code can play with backlight and has code do dump the IPL
and SPL with the correct parameters (extracted by reverse engineering).
Change-Id: I317b3174f5db8d38c9a56670c1d45565142ec208
This is a register description file for the JZ4760B. There are several
details worth noticing:
- it was obtained by gathering information from several sources/headers, but
since there are inconsistencies between them about the exact differences
between JZ4760 and JZ4760B, this file probably contains some errors
- the register names are not the same as the manual ones (which are not the
same as the one in the headers anyway): I dropped the "R" suffix on most
registers because it's redundant
- Ingenic likes to have read-only registers and then set/clr registers, with
very confusing names like DIR/DIRS/DIRC: in the file, the set/clr registers
are described as set/clr variants of the original register
- Parts of the description were obtained programmatically, which explains why
there are empty nodes or partially undocumented registers
Change-Id: I8da1d61e172e932e1a4a58ac0a5008f02b1751be
The code was not updated when I added support for list and other stuff, and thus
it did not properly sort by addresses.
Change-Id: Iaed0717b607beedfb2856c020c2a760e7a5667c5
The current implementation was custom and super slow. Since we use Crypto++
anyway, we might as well get use a good implementation.
Change-Id: I761ad7401653471e54000e1c2bc3d9882378112f
Instead of having our own copy of the AES code, use a good library to do that.
Crypto++ is well-maintained, supports a lot of ciphers, works on many OSes, and
is optimized for many architectures.
Change-Id: I7d7d24b47993206d7338c5f9bac8bbdd3915a667
It was a mess, a mix of crypto_* and cbc_mac calls. I made everything call crypto
functions, and also separate key setup from cryptographic operations, this will
be useful to speed up the code in the upcoming commits. Drop support for "usbotp"
key, since the crypto code for that was never mainlined and we can always get the
keys from a device as long as we have code execution (using the DCP debug registers).
Change-Id: I7aa24d12207ffb744225d1b9cc7cb1dc7281dd22
The overriding of the IV and real key should be the exception, there is no
need to manually set them to false.
Change-Id: Id66754f20a79aa5c1a991839345d1242e0aa587d
The old code had some annoying way of dealing with padding by adding explicit
instructions to the stream, which is 1) ugly 2) not in par with freescale
tools. The trick, which this new version implements, is to put the useful length
of the section in the section header, and the actual (with padding) length in
the boot tag. This way the tools can just ignore padding instruction by
reading the section header, and the bootloader can still load the image because
it uses the boot tags.
Also correctly handle the case where the first section does not start right
after the header (there is a bug in freescale tools for this case by the way).
There is an ambiguity in the way the padding instructions should be encrypted:
the bootloader should logically treat them as regular instruction of the section
stream, but it appears the freescale tools do not generate them as part of the
stream and instead encrypt them like boot tags, which is stupid because there
is no way the bootloader could decrypt them, and anyway we don't care because
the bootloader doesn't decrypt them at all.
Change-Id: Iabdc1d1f9f82d374779bf03efb75c2c3998f5b5d
The cool now takes the database as a hint and will not complain if the device
returns less data. The tool also supports user provided size and raw node numbers
that are not in the database (advanced usage).
Change-Id: I8cec536718d7eff01c7803bea648d6122b82377a
We don't know the encryption method, the KAS is completely different but it
might be useful to record it anyway for future purposes. MID extracted from
device, Japanese NW-A35.
Change-Id: I4c4bb5b063da99003b5c316061d8c490b77428a4
It is Android based and despite the fact that Sony wrote an NVP driver for it,
experiments suggest it is unused because it returns ff all the time...
Change-Id: I37750b659e341b21bed5ebaccf60f9f5fe569f64
Don't use colors since the terminal doesn't support it. Also packing is broken
on MinGW so use #pragma pack when compiling for windows, this is also supported
by MSCV.
Change-Id: I635649d52ed5f2e0af46cb9ca2ec325955b2ddb2
Split the ugly firmware read/write into a API function and a much simplified code.
Also the code can now report progress.
Change-Id: I3f998eaf0c067c6da42b1d2dd9c5a5bf43c6915d
Sanitize the whole library by hiding most of the horrible details of the
implementation. This means that all logical/drive/table attributes are exported
in structures that are internally filled by higher-level API functions. This makes
the code much more readable and prepares for a split between scsitool and the stmp
scsi library.
Change-Id: Id85d450b25cf99cd7c0896c6fc35bcd00babe9e1
Several tools need to perform raw SCSI commands, and we need to support Linux,
Windows and Mac OS, without pulling tons of dependencies to build it easily.
This very simple library has no dependency and supports Linux.
TODO:
- windows
- mac os
Change-Id: I496f5ad2490bd3e96ad962d31cce4e511a523c3a
We cannot auto-detect a device if we don't know its model ID, but we can't know
the model ID if we haven't decrypted the upgrade which requires the key. The only
way to solve this chicken-and-egg problem is to get the NVP table from kernel,
create an empty series in the database (no model ID), then get the key using
scsitool and forcing the model (using this commit), then decrypt the upgrade
and get the model ID list.
Change-Id: I8eced486a5f6a1a99028b25fdc4f87a3b11e31a8
We already use Crypto++ for DES anyway, and using OpenSSL is not great because
of its incompatible licence.
Change-Id: I78771b84c1708795a0c0c30afa5bdfe4885dea4e
Although this does bug is never triggered because we never decrypt and use the
resulting CBC-MAC, it's a major overlook.
Change-Id: I3c5d318e6428d528483bf888ea284e9ded3889f0
- hwstub load now properly stops reading the log when the device returns a 0
size buffer instead of STALLing
- add debug output option to hwstub_load
- correctly report transfered size on write error
- add some debug error message in usb code so that some errors can be diagnosed
more easily
- add a batch mode to hwstub_shell to disable the interactive shell
- increase usb control timeout to 1sec, 100ms was really tight
- cap usb buffer size to ~4000 bytes because libusb has a hardwired limit of
4096 bytes for control transfers
Change-Id: Id3200ab99ce70a7a3b09ce7faeaafa4a0fac64c7
Since ext3 supports ext2, we can support more platforms. Some platforms use ext4
with a very specific set of options, we I haven't encountered those yet so it's
not currently a problem.
Change-Id: Iff87e925a4caa866c6a66b1883ad6baab88c0b8d
The unsigned function were deprecated and hidden begind a compat flag. Since
they will get removed in the next version, I simply reimplemented them, those
are mostly casts anyway.
Change-Id: Ie5db81d7c8589b1e5e9b45a2a4ed41919aa07387
