]> git.zerfleddert.de Git - rsbs2/blob - src/firmware.c
projects / rsbs2 / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
firmware: update for 64bit platforms
[rsbs2] / src / firmware.c
1 #include <stdio.h>
2 #include <stdlib.h>
3 #include <stdint.h>
4 #include <sys/types.h>
5 #include <sys/stat.h>
6 #include <fcntl.h>
7 #include <unistd.h>
8 #include <errno.h>
9 #include <string.h>
10 #include <strings.h>
11 #include "rsb-crc.h"
12 #include "filesystem.h"
13
14 #define FINDSTR(addr, str) (!strncmp((char*)addr, str, strlen(str)))
15
16 struct properties {
17 uint32_t magic;
18 uint8_t unknown0;
19 uint8_t unknown1;
20 uint8_t right_rw;
21 uint8_t rw_mask;
22 uint8_t type1;
23 uint8_t unknown5;
24 uint8_t unknown6;
25 uint8_t unknown7;
26 uint8_t type2;
27 uint8_t val[];
28 };
29
30 #define PROP_ACTION_TRUE (1<<0)
31 #define PROP_ACTION_FALSE (1<<1)
32 #define PROP_ACTION_RO (1<<2)
33 #define PROP_ACTION_RW (1<<3)
34
35 #define PROP_STATUS_NOTFOUND (0)
36 #define PROP_STATUS_WRONGTYPE (1<<0)
37 #define PROP_STATUS_WRONGRIGHTS (1<<1)
38 #define PROP_STATUS_SAMEVAL (1<<2)
39 #define PROP_STATUS_SUCCESS (1<<3)
40
41 struct propaction {
42 char *property;
43 uint32_t action;
44 uint32_t status;
45 struct propaction *next;
46 };
47
48 void show_properties(uint8_t *fw, int32_t len)
49 {
50 struct file_entry *fent;
51
52 for (fent = get_next_file(fw, len); fent != NULL; fent = get_next_file(NULL, 0)) {
53 if (FINDSTR(fent->name, "/default/fw_prop/") ||
54 FINDSTR(fent->name, "/default/fw_setup/") ||
55 FINDSTR(fent->name, "/default/oem_prop/")) {
56 struct properties *prop;
57
58 printf("0x%08x: found setting: %s ", (uint32_t)(fent->start - fw), fent->name);
59
60 prop = (struct properties*)fent->start;
61
62 if (prop->magic != 0x83011111) {
63 printf("ignoring...\n");
64 continue;
65 }
66
67 if (prop->type1 == 0x00 && prop->type2 == 0x04) {
68 printf("STRING: '%s' ", prop->val);
69 } else if (prop->type1 == 0x01 && prop->type2 == 0x01) {
70 printf("BOOL: %s ",(*prop->val ? "TRUE" : "FALSE"));
71 } else if (prop->type1 == 0x04 && prop->type2 == 0x02) {
72 uint32_t val;
73
74 memcpy(&val, prop->val, 4);
75 printf("VAL: 0x%x ", val);
76 } else {
77 printf("0x%02x 0x%2x...ignoring\n", prop->type1, prop->type2);
78 continue;
79 }
80
81 if (prop->right_rw == 0x00 && prop->rw_mask == 0x00) {
82 printf("(R-)");
83 } else if (prop->right_rw == 0x01) {
84 printf("(RW mask: 0x%02x)", prop->rw_mask);
85 } else {
86 printf("(UNK 0x%02x 0x%02x)", prop->right_rw, prop->rw_mask);
87 }
88 printf(", length: %d\n", fent->length);
89 }
90 }
91 }
92
93 void change_properties(uint8_t *fw, int32_t len, struct propaction *paction)
94 {
95 struct file_entry *fent;
96 struct propaction *cpaction;
97
98 for (fent = get_next_file(fw, len); fent != NULL; fent = get_next_file(NULL, 0)) {
99 cpaction = paction;
100 while (cpaction != NULL) {
101 if (FINDSTR(fent->name, cpaction->property)) {
102 break;
103 }
104 cpaction = cpaction->next;
105 }
106 if (cpaction != NULL) {
107 struct properties *prop;
108
109 prop = (struct properties*)fent->start;
110
111 if (prop->magic != 0x83011111) {
112 continue;
113 }
114
115 if (cpaction->action & (PROP_ACTION_TRUE|PROP_ACTION_FALSE)) {
116 if (prop->type1 == 0x01 && prop->type2 == 0x01) {
117 if (cpaction->action & PROP_ACTION_TRUE) {
118 if (*prop->val == 0x00) {
119 *prop->val = 0x01;
120 cpaction->status |= PROP_STATUS_SUCCESS;
121 } else {
122 cpaction->status |= PROP_STATUS_SAMEVAL;
123 }
124 } else {
125 if (*prop->val == 0x01) {
126 *prop->val = 0x00;
127 cpaction->status |= PROP_STATUS_SUCCESS;
128 } else {
129 cpaction->status |= PROP_STATUS_SAMEVAL;
130 }
131 }
132 } else {
133 cpaction->status = PROP_STATUS_WRONGTYPE;
134 }
135 }
136 if (cpaction->action & PROP_ACTION_RW) {
137 if (prop->right_rw == 0x00 && prop->rw_mask == 0x00) {
138 prop->right_rw = 0x01;
139 prop->rw_mask = 0x02;
140 cpaction->status |= PROP_STATUS_SUCCESS;
141 } else {
142 cpaction->status |= PROP_STATUS_WRONGRIGHTS;
143 }
144 }
145 if (cpaction->action & PROP_ACTION_RO) {
146 if (prop->right_rw == 0x01 && prop->rw_mask == 0x02) {
147 prop->right_rw = 0x00;
148 prop->rw_mask = 0x00;
149 cpaction->status |= PROP_STATUS_SUCCESS;
150 } else {
151 cpaction->status |= PROP_STATUS_WRONGRIGHTS;
152 }
153 }
154 }
155 }
156 }
157
158 #define BD_SERIAL1 0x14,0x02
159 #define BD_ICMB 0x14,0x04
160 #define BD_LAN 0x14,0x08
161 #define BD_SERIAL2 0x14,0x10
162 #define BD_SERIAL3 0x14,0x20
163 #define BD_USB 0x14,0x40
164 #define BD_PCI 0x15,0x03
165 #define BD_LPC 0x15,0x04
166 #define BD_VGA 0x15,0x08
167 #define BD_BATTERY 0x15,0x10
168 #define BD_ACDC 0x15,0x20
169 #define BD_STANDBY 0x15,0x40
170 #define BD_POWERCONN 0x15,0x70
171 #define BD_DVI 0x15,0x80
172 #define BD_PWRATX 0x16,0x01
173 #define BD_PWRRELAY 0x16,0x02
174 #define BD_PS2A 0x19,0xff
175
176 #define MAGIC(fn, args...) fn(args)
177
178 #define _BD_IS_SET(bd, byte, bits) (bd[byte] & bits)
179 #define BD_IS_SET(bd, ident) MAGIC(_BD_IS_SET, bd, BD_##ident)
180 #define BD_TEXT(bd, ident) (BD_IS_SET(bd, ident) ? "TRUE" : "FALSE")
181
182 #define _BD_SET(bd, byte, bits) (bd[byte] |= bits)
183 #define BD_SET(bd, ident) MAGIC(_BD_SET, bd, BD_##ident)
184
185 void print_boarddescription(uint8_t *bd)
186 {
187 int32_t j;
188
189 for (j = 0; j < 32; j++) {
190 printf("%02x ", *(bd+j));
191 }
192 printf("\n");
193
194 /* com/agilent/rmc/amr/AmrMaster.class
195 * com/agilent/rmc/mgui/RmcPanel.class
196 * com/agilent/rmc/mgui/panels/AvrManualConfig.class
197 * com/agilent/rmc/mgui/panels/CardConf.jad
198 * com/agilent/rmc/mgui/panels/PowerMgmtConf.jad
199 * com/agilent/rmc/mgui/panels/RemoteDiskConf.jad
200 */
201 printf("\tserial1Present\t\t: %s\n", BD_TEXT(bd, SERIAL1));
202 printf("\ticmbPresent\t\t: %s\n", BD_TEXT(bd, ICMB));
203 printf("\tlanPresent\t\t: %s\n", BD_TEXT(bd, LAN));
204 printf("\tserial2Present\t\t: %s\n", BD_TEXT(bd, SERIAL2));
205 printf("\tserial3Present\t\t: %s\n", BD_TEXT(bd, SERIAL3));
206 printf("\tusbPresent\t\t: %s\n", BD_TEXT(bd, USB));
207 printf("\tpciPresent\t\t: %s\n", BD_TEXT(bd, PCI));
208 printf("\tlpcPresent\t\t: %s\n", BD_TEXT(bd, LPC));
209 printf("\tvgaPresent\t\t: %s\n", BD_TEXT(bd, VGA));
210 printf("\tbatteryPresent\t\t: %s\n", BD_TEXT(bd, BATTERY));
211 printf("\tacdcPresent\t\t: %s\n", BD_TEXT(bd, ACDC));
212 printf("\tstandbyPresent\t\t: %s\n", BD_TEXT(bd, STANDBY));
213 printf("\thasPowerConnectors\t: %s\n", BD_TEXT(bd, POWERCONN));
214 printf("\tdviPresent\t\t: %s\n", BD_TEXT(bd, DVI));
215 printf("\tpowerSwitchATX\t\t: %s\n", BD_TEXT(bd, PWRATX));
216 printf("\tpowerSwitchRelay\t: %s\n", BD_TEXT(bd, PWRRELAY));
217 /* 22 & 4 */
218 printf("\tps2aPresent\t\t: %s\n", BD_TEXT(bd, PS2A));
219 }
220
221 void handle_boarddescription(uint8_t *fw, int32_t len, int32_t patch)
222 {
223 struct file_entry *fent;
224 uint8_t *pos;
225
226 for (fent = get_next_file(fw, len); fent != NULL; fent = get_next_file(NULL, 0)) {
227 if (!strcmp(fent->name, "pdata"))
228 break;
229 }
230
231 if (fent == NULL) {
232 fprintf(stderr, "pdata file not found, aborting!\n");
233 exit(1);
234 }
235
236
237 pos = fent->start;
238 /* MAGIC? */
239 if (*((uint32_t*)pos) != 0x00002802) {
240 fprintf(stderr, "pdata magic does not match, aborting!\n");
241 exit(1);
242 }
243
244 pos += 26;
245
246 /* MAGIC2? */
247 if (*((uint32_t*)pos) != 0x00500101) {
248 fprintf(stderr, "pdata magic2 does not match, aborting!\n");
249 exit(1);
250 }
251
252 if (patch) {
253 /* Enable ATX and relay power switching */
254 BD_SET(pos, PWRATX);
255 BD_SET(pos, PWRRELAY);
256 }
257
258 printf("0x%08x: BOARD_DESCRIPTION: ", (uint32_t)(fent->start - fw));
259 print_boarddescription(pos);
260 }
261
262 void syntax(char *name)
263 {
264 fprintf(stderr,"Syntax: %s parameters firmware.bin\n", name);
265 fprintf(stderr,"parameters as follows:\n");
266 fprintf(stderr,"\t-d\t\t\tdisplay all properties of the image\n");
267 fprintf(stderr,"\t-u\t\t\tupdate checksum of the image\n");
268 fprintf(stderr,"\t-b\t\t\tmodify BOARD_DESCRIPTION for more power-switch options\n");
269 fprintf(stderr,"\t-e\t\t\textract files in firmware\n");
270 fprintf(stderr,"\t-l\t\t\tlist files in firmware\n");
271 fprintf(stderr,"\t-t property\t\tset 'property' to true\n");
272 fprintf(stderr,"\t-f property\t\tset 'property' to false\n");
273 fprintf(stderr,"\t-w property\t\tallow read-write access to 'property'\n");
274 fprintf(stderr,"\t-r property\t\tallow read-only access to 'property'\n");
275 fprintf(stderr,"\t-x fw_file=local_file\treplace or add fw_file with content of local_file\n");
276 exit(1);
277 }
278
279 void add_action(int32_t opt, char *optarg, struct propaction **paction) {
280 struct propaction *pos = *paction;
281 struct propaction *prev = NULL;
282
283 while (pos != NULL) {
284 if (!strcmp(pos->property, optarg))
285 break;
286 prev = pos;
287 pos = pos->next;
288 }
289
290 if (pos == NULL) {
291 pos = malloc(sizeof(struct propaction));
292 if (pos == NULL) {
293 perror("malloc");
294 exit(1);
295 }
296 bzero(pos, sizeof(struct propaction));
297 pos->property = optarg;
298
299 if (prev == NULL) {
300 *paction = pos;
301 } else {
302 prev->next = pos;
303 }
304 }
305
306 switch(opt) {
307 case 't':
308 if (pos->action & PROP_ACTION_FALSE) {
309 fprintf(stderr,"inconsistent requests for %s\n",pos->property);
310 exit(1);
311 }
312 pos->action |= PROP_ACTION_TRUE;
313 break;
314 case 'f':
315 if (pos->action & PROP_ACTION_TRUE) {
316 fprintf(stderr,"inconsistent requests for %s\n",pos->property);
317 exit(1);
318 }
319 pos->action |= PROP_ACTION_FALSE;
320 break;
321 case 'w':
322 if (pos->action & PROP_ACTION_RO) {
323 fprintf(stderr,"inconsistent requests for %s\n",pos->property);
324 exit(1);
325 }
326 pos->action |= PROP_ACTION_RW;
327 break;
328 case 'r':
329 if (pos->action & PROP_ACTION_RW) {
330 fprintf(stderr,"inconsistent requests for %s\n",pos->property);
331 exit(1);
332 }
333 pos->action |= PROP_ACTION_RO;
334 break;
335 }
336 }
337
338 int32_t check_crc(uint8_t *fw, int32_t len)
339 {
340 int32_t ret;
341 uint32_t crc, oldcrc;
342
343 ret = rsb_crc2(fw, len, 0x55335053, &crc);
344 oldcrc = (uint32_t)*((uint32_t*)(fw + len - 4));
345
346 printf("Checksum: 0x%08x (%s), should be: 0x%08x\n",
347 crc,
348 (ret ? "NOT OK" : "OK"),
349 oldcrc);
350
351 return ret;
352 }
353
354 void check_image(uint8_t *fw, int32_t len)
355 {
356 struct file_entry *fent;
357
358 /* get_next_file will abort on error */
359 fent = get_next_file(fw, len);
360 while (fent != NULL) {
361 fent = get_next_file(NULL, 0);
362 }
363 }
364
365 int32_t main(int32_t argc, char **argv)
366 {
367 struct stat statbuf;
368 char *file = NULL;
369 uint8_t *fw;
370 int32_t fd;
371 int32_t remaining;
372 int32_t ret;
373 int32_t opt;
374 uint32_t crc;
375 struct propaction *paction = NULL;
376 int32_t showall = 0;
377 int32_t update_crc = 0;
378 int32_t patch_bd = 0;
379 int32_t patch_fw = 0;
380 int32_t extract = 0;
381 int32_t list = 0;
382
383 if (argc < 2)
384 syntax(argv[0]);
385
386 while ((opt = getopt(argc, argv, "dubelt:f:w:r:x:")) != -1) {
387 switch(opt) {
388 case 'd':
389 showall = 1;
390 break;
391 case 'u':
392 update_crc = 1;
393 break;
394 case 'b':
395 patch_bd = 1;
396 break;
397 case 'e':
398 extract = 1;
399 break;
400 case 'l':
401 list = 1;
402 break;
403 case 't':
404 case 'f':
405 case 'w':
406 case 'r':
407 patch_fw = 1;
408 add_action(opt, optarg, &paction);
409 break;
410 case 'x':
411 replace_add_file(NULL, 0, NULL, NULL);
412 break;
413 default:
414 syntax(argv[0]);
415 }
416 }
417
418 if (argc > optind) {
419 file = argv[optind];
420 } else {
421 syntax(argv[0]);
422 }
423
424 if (stat(file, &statbuf) == -1) {
425 fprintf(stderr,"%s: ", file);
426 perror("stat");
427 exit(1);
428 }
429
430 if ((fd = open(file, O_RDONLY)) == -1) {
431 fprintf(stderr,"%s: ", file);
432 perror("open");
433 exit(1);
434 }
435
436 if ((fw = malloc(statbuf.st_size)) == NULL) {
437 perror("malloc");
438 exit(1);
439 }
440
441 bzero(fw, statbuf.st_size);
442
443 remaining = statbuf.st_size;
444
445 while(remaining) {
446 if ((ret = read(fd, fw + (statbuf.st_size - remaining), remaining)) == -1) {
447 perror("read");
448 exit(1);
449 }
450 remaining -= ret;
451 }
452 close(fd);
453
454 ret = check_crc(fw, statbuf.st_size);
455 if ((ret != 0) && (!update_crc)) {
456 fprintf(stderr,"Checksum incorrect, aborting...\n");
457 exit(1);
458 }
459
460 check_image(fw, statbuf.st_size - 4);
461
462 if (patch_fw) {
463 struct propaction *cpaction = paction;
464
465 change_properties(fw, statbuf.st_size - 4, paction);
466
467 printf("\nProperty change results:\n");
468 while(cpaction != NULL) {
469 printf("%s: ", cpaction->property);
470
471 if (cpaction->status == PROP_STATUS_NOTFOUND)
472 printf("NOTFOUND ");
473 if (cpaction->status & PROP_STATUS_SUCCESS)
474 printf("SUCCESS ");
475 if (cpaction->status & PROP_STATUS_SAMEVAL)
476 printf("SAMEVAL ");
477 if (cpaction->status & PROP_STATUS_WRONGTYPE)
478 printf("WRONGTYPE ");
479 if (cpaction->status & PROP_STATUS_WRONGRIGHTS)
480 printf("WRONGRIGHTS ");
481 printf("\n");
482
483 cpaction = cpaction->next;
484 }
485 printf("\n");
486 }
487
488 if (patch_bd) {
489 handle_boarddescription(fw, statbuf.st_size - 4, 1);
490 }
491
492 if (showall) {
493 show_properties(fw, statbuf.st_size - 4);
494 handle_boarddescription(fw, statbuf.st_size - 4, 0);
495 }
496
497 if (list) {
498 list_files(fw, statbuf.st_size - 4);
499 }
500
501 if (extract) {
502 extract_files(fw, statbuf.st_size - 4);
503 }
504
505 if (update_crc || patch_fw || patch_bd) {
506 ret = rsb_crc2(fw, statbuf.st_size, 0x55335053, &crc);
507 if (ret == 4) {
508 *((uint32_t*)(fw + statbuf.st_size - 4)) = crc;
509 }
510
511 check_image(fw, statbuf.st_size-4);
512
513 if (check_crc(fw, statbuf.st_size) == 0) {
514 char *newfile;
515
516 newfile = malloc(strlen(file) + strlen(".patched") + 1);
517 if (newfile == NULL) {
518 perror("malloc");
519 exit(1);
520 }
521 strcpy(newfile, file);
522 strcat(newfile, ".patched");
523
524 printf("Firmware ");
525 write_file(newfile, fw, statbuf.st_size);
526 } else {
527 fprintf(stderr,"Can't set correct checksum, aborting...\n");
528 }
529 }
530
531 exit(0);
532 }
CLI utilities for Fujitsu Siemens RSB S2 remote management boards
Impressum, Datenschutz