FreeCalypso > hg > freecalypso-reveng
annotate pirelli/flash2-chksum @ 252:2eae53bb4a4e
pirelli/fw-disasm: Switch_ON() analysis complete
author | Mychaela Falconia <falcon@freecalypso.org> |
---|---|
date | Mon, 25 Dec 2017 20:50:30 +0000 |
parents | d69f7512e3c1 |
children |
rev | line source |
---|---|
215
d69f7512e3c1
Pirelli: documented and verified the checksum scheme used for the factory block
Mychaela Falconia <falcon@freecalypso.org>
parents:
diff
changeset
|
1 Pirelli's flash usage scheme allocates 3 "magic" areas in the flash2 bank: |
d69f7512e3c1
Pirelli: documented and verified the checksum scheme used for the factory block
Mychaela Falconia <falcon@freecalypso.org>
parents:
diff
changeset
|
2 |
d69f7512e3c1
Pirelli: documented and verified the checksum scheme used for the factory block
Mychaela Falconia <falcon@freecalypso.org>
parents:
diff
changeset
|
3 offset 0x480000 thru 0x7DFFFF: staging area for high-level fw updates |
d69f7512e3c1
Pirelli: documented and verified the checksum scheme used for the factory block
Mychaela Falconia <falcon@freecalypso.org>
parents:
diff
changeset
|
4 offset 0x7E0000 thru 0x7EFFFF: fw update control/state structure |
d69f7512e3c1
Pirelli: documented and verified the checksum scheme used for the factory block
Mychaela Falconia <falcon@freecalypso.org>
parents:
diff
changeset
|
5 offset 0x7F0000 thru 0x7FFFFF: factory record with IMEI and RF calibration |
d69f7512e3c1
Pirelli: documented and verified the checksum scheme used for the factory block
Mychaela Falconia <falcon@freecalypso.org>
parents:
diff
changeset
|
6 |
d69f7512e3c1
Pirelli: documented and verified the checksum scheme used for the factory block
Mychaela Falconia <falcon@freecalypso.org>
parents:
diff
changeset
|
7 The image or record stored in each of these "magic" areas ends with the |
d69f7512e3c1
Pirelli: documented and verified the checksum scheme used for the factory block
Mychaela Falconia <falcon@freecalypso.org>
parents:
diff
changeset
|
8 following 12-byte signature and checksum structure: |
d69f7512e3c1
Pirelli: documented and verified the checksum scheme used for the factory block
Mychaela Falconia <falcon@freecalypso.org>
parents:
diff
changeset
|
9 |
d69f7512e3c1
Pirelli: documented and verified the checksum scheme used for the factory block
Mychaela Falconia <falcon@freecalypso.org>
parents:
diff
changeset
|
10 Offset[1] Type[2] Contains |
d69f7512e3c1
Pirelli: documented and verified the checksum scheme used for the factory block
Mychaela Falconia <falcon@freecalypso.org>
parents:
diff
changeset
|
11 xxFFF4 32-bit word 0x12345678 |
d69f7512e3c1
Pirelli: documented and verified the checksum scheme used for the factory block
Mychaela Falconia <falcon@freecalypso.org>
parents:
diff
changeset
|
12 xxFFF8 32-bit word Length of the fw update image or factory or |
d69f7512e3c1
Pirelli: documented and verified the checksum scheme used for the factory block
Mychaela Falconia <falcon@freecalypso.org>
parents:
diff
changeset
|
13 fw update state record |
d69f7512e3c1
Pirelli: documented and verified the checksum scheme used for the factory block
Mychaela Falconia <falcon@freecalypso.org>
parents:
diff
changeset
|
14 xxFFFC 16-bit word Checksum 1 |
d69f7512e3c1
Pirelli: documented and verified the checksum scheme used for the factory block
Mychaela Falconia <falcon@freecalypso.org>
parents:
diff
changeset
|
15 xxFFFE 16-bit word Checksum 2 |
d69f7512e3c1
Pirelli: documented and verified the checksum scheme used for the factory block
Mychaela Falconia <falcon@freecalypso.org>
parents:
diff
changeset
|
16 |
d69f7512e3c1
Pirelli: documented and verified the checksum scheme used for the factory block
Mychaela Falconia <falcon@freecalypso.org>
parents:
diff
changeset
|
17 [1] The offset is from the beginning of the flash partition in question, the |
d69f7512e3c1
Pirelli: documented and verified the checksum scheme used for the factory block
Mychaela Falconia <falcon@freecalypso.org>
parents:
diff
changeset
|
18 xx digits will be 35 in the case of the 0x360000 byte fw update staging |
d69f7512e3c1
Pirelli: documented and verified the checksum scheme used for the factory block
Mychaela Falconia <falcon@freecalypso.org>
parents:
diff
changeset
|
19 area partition or 00 in the case of the two 64 KiB sectors. |
d69f7512e3c1
Pirelli: documented and verified the checksum scheme used for the factory block
Mychaela Falconia <falcon@freecalypso.org>
parents:
diff
changeset
|
20 |
d69f7512e3c1
Pirelli: documented and verified the checksum scheme used for the factory block
Mychaela Falconia <falcon@freecalypso.org>
parents:
diff
changeset
|
21 [2] All 16-bit and 32-bit values are in little-endian byte order. |
d69f7512e3c1
Pirelli: documented and verified the checksum scheme used for the factory block
Mychaela Falconia <falcon@freecalypso.org>
parents:
diff
changeset
|
22 |
d69f7512e3c1
Pirelli: documented and verified the checksum scheme used for the factory block
Mychaela Falconia <falcon@freecalypso.org>
parents:
diff
changeset
|
23 Checksum computation |
d69f7512e3c1
Pirelli: documented and verified the checksum scheme used for the factory block
Mychaela Falconia <falcon@freecalypso.org>
parents:
diff
changeset
|
24 ==================== |
d69f7512e3c1
Pirelli: documented and verified the checksum scheme used for the factory block
Mychaela Falconia <falcon@freecalypso.org>
parents:
diff
changeset
|
25 |
d69f7512e3c1
Pirelli: documented and verified the checksum scheme used for the factory block
Mychaela Falconia <falcon@freecalypso.org>
parents:
diff
changeset
|
26 The checksum is computed in two stages. First all 16-bit words in the main |
d69f7512e3c1
Pirelli: documented and verified the checksum scheme used for the factory block
Mychaela Falconia <falcon@freecalypso.org>
parents:
diff
changeset
|
27 body of the image (using the image length from the xxFFF8 word) are added |
d69f7512e3c1
Pirelli: documented and verified the checksum scheme used for the factory block
Mychaela Falconia <falcon@freecalypso.org>
parents:
diff
changeset
|
28 together as a ripple-carry sum, and this 16-bit sum is written into the 0xFFFC |
d69f7512e3c1
Pirelli: documented and verified the checksum scheme used for the factory block
Mychaela Falconia <falcon@freecalypso.org>
parents:
diff
changeset
|
29 word. Then the 5 16-bit words from xxFFF4 through xxFFFC (inclusive) are added |
d69f7512e3c1
Pirelli: documented and verified the checksum scheme used for the factory block
Mychaela Falconia <falcon@freecalypso.org>
parents:
diff
changeset
|
30 together (again as a ripple-carry sum), and this sum is written into the xxFFFE |
d69f7512e3c1
Pirelli: documented and verified the checksum scheme used for the factory block
Mychaela Falconia <falcon@freecalypso.org>
parents:
diff
changeset
|
31 word. Remember the little-endian byte order throughout! |
d69f7512e3c1
Pirelli: documented and verified the checksum scheme used for the factory block
Mychaela Falconia <falcon@freecalypso.org>
parents:
diff
changeset
|
32 |
d69f7512e3c1
Pirelli: documented and verified the checksum scheme used for the factory block
Mychaela Falconia <falcon@freecalypso.org>
parents:
diff
changeset
|
33 The ../miscprog/pircksum2.c program verifies this checksum computation scheme. |