FreeCalypso > hg > freecalypso-reveng
annotate mpffs/Description @ 34:95f61c3b430a
mpffs-rdutils: pathname search implemented
author | Michael Spacefalcon <msokolov@ivan.Harhan.ORG> |
---|---|
date | Sun, 30 Jun 2013 16:20:28 +0000 |
parents | c9f7a4afccc9 |
children | 86a494a5f2b0 |
rev | line source |
---|---|
27
343b6b2f178b
beginning of Mokopir-FFS verbal description
Michael Spacefalcon <msokolov@ivan.Harhan.ORG>
parents:
diff
changeset
|
1 This is a description, based on reverse engineering, of the flash file system |
343b6b2f178b
beginning of Mokopir-FFS verbal description
Michael Spacefalcon <msokolov@ivan.Harhan.ORG>
parents:
diff
changeset
|
2 (FFS) implemented in Pirelli's original firmware for the DP-L10 GSM/WiFi dual |
343b6b2f178b
beginning of Mokopir-FFS verbal description
Michael Spacefalcon <msokolov@ivan.Harhan.ORG>
parents:
diff
changeset
|
3 mode mobile phone, and in the Closedmoko GTA0x modem firmware. Not knowing the |
343b6b2f178b
beginning of Mokopir-FFS verbal description
Michael Spacefalcon <msokolov@ivan.Harhan.ORG>
parents:
diff
changeset
|
4 "proper" name for this FFS, and needing _some_ identifier to refer to it, I |
343b6b2f178b
beginning of Mokopir-FFS verbal description
Michael Spacefalcon <msokolov@ivan.Harhan.ORG>
parents:
diff
changeset
|
5 have named it Mokopir-FFS, from "Moko" and "Pirelli" - sometimes abbreviated |
343b6b2f178b
beginning of Mokopir-FFS verbal description
Michael Spacefalcon <msokolov@ivan.Harhan.ORG>
parents:
diff
changeset
|
6 further to MPFFS. |
343b6b2f178b
beginning of Mokopir-FFS verbal description
Michael Spacefalcon <msokolov@ivan.Harhan.ORG>
parents:
diff
changeset
|
7 |
343b6b2f178b
beginning of Mokopir-FFS verbal description
Michael Spacefalcon <msokolov@ivan.Harhan.ORG>
parents:
diff
changeset
|
8 (I have previously called the FFS in question MysteryFFS; but now that I've |
343b6b2f178b
beginning of Mokopir-FFS verbal description
Michael Spacefalcon <msokolov@ivan.Harhan.ORG>
parents:
diff
changeset
|
9 successfully reverse-engineered it, it isn't such a mystery any more :-) |
343b6b2f178b
beginning of Mokopir-FFS verbal description
Michael Spacefalcon <msokolov@ivan.Harhan.ORG>
parents:
diff
changeset
|
10 |
343b6b2f178b
beginning of Mokopir-FFS verbal description
Michael Spacefalcon <msokolov@ivan.Harhan.ORG>
parents:
diff
changeset
|
11 At a high functional level, Mokopir-FFS presents the following features: |
343b6b2f178b
beginning of Mokopir-FFS verbal description
Michael Spacefalcon <msokolov@ivan.Harhan.ORG>
parents:
diff
changeset
|
12 |
343b6b2f178b
beginning of Mokopir-FFS verbal description
Michael Spacefalcon <msokolov@ivan.Harhan.ORG>
parents:
diff
changeset
|
13 * Has a directory tree structure like UNIX file systems; |
343b6b2f178b
beginning of Mokopir-FFS verbal description
Michael Spacefalcon <msokolov@ivan.Harhan.ORG>
parents:
diff
changeset
|
14 |
343b6b2f178b
beginning of Mokopir-FFS verbal description
Michael Spacefalcon <msokolov@ivan.Harhan.ORG>
parents:
diff
changeset
|
15 * The file system API that must be implemented inside the proprietary firmware |
343b6b2f178b
beginning of Mokopir-FFS verbal description
Michael Spacefalcon <msokolov@ivan.Harhan.ORG>
parents:
diff
changeset
|
16 appears to use UNIX-style pathnames; doing strings on firmware images reveals |
343b6b2f178b
beginning of Mokopir-FFS verbal description
Michael Spacefalcon <msokolov@ivan.Harhan.ORG>
parents:
diff
changeset
|
17 pathname strings like these: |
343b6b2f178b
beginning of Mokopir-FFS verbal description
Michael Spacefalcon <msokolov@ivan.Harhan.ORG>
parents:
diff
changeset
|
18 |
343b6b2f178b
beginning of Mokopir-FFS verbal description
Michael Spacefalcon <msokolov@ivan.Harhan.ORG>
parents:
diff
changeset
|
19 /var/dbg/dar |
343b6b2f178b
beginning of Mokopir-FFS verbal description
Michael Spacefalcon <msokolov@ivan.Harhan.ORG>
parents:
diff
changeset
|
20 /gsm/l3/rr_white_list |
343b6b2f178b
beginning of Mokopir-FFS verbal description
Michael Spacefalcon <msokolov@ivan.Harhan.ORG>
parents:
diff
changeset
|
21 /gsm/l3/rr_medium_rxlev_thr |
343b6b2f178b
beginning of Mokopir-FFS verbal description
Michael Spacefalcon <msokolov@ivan.Harhan.ORG>
parents:
diff
changeset
|
22 /gsm/l3/rr_upper_rxlev_thr |
343b6b2f178b
beginning of Mokopir-FFS verbal description
Michael Spacefalcon <msokolov@ivan.Harhan.ORG>
parents:
diff
changeset
|
23 /gsm/l3/shield |
343b6b2f178b
beginning of Mokopir-FFS verbal description
Michael Spacefalcon <msokolov@ivan.Harhan.ORG>
parents:
diff
changeset
|
24 |
343b6b2f178b
beginning of Mokopir-FFS verbal description
Michael Spacefalcon <msokolov@ivan.Harhan.ORG>
parents:
diff
changeset
|
25 Parsing the corresponding FFS image with tools included in the present |
343b6b2f178b
beginning of Mokopir-FFS verbal description
Michael Spacefalcon <msokolov@ivan.Harhan.ORG>
parents:
diff
changeset
|
26 package has confirmed that the directory structure implied by these pathnames |
343b6b2f178b
beginning of Mokopir-FFS verbal description
Michael Spacefalcon <msokolov@ivan.Harhan.ORG>
parents:
diff
changeset
|
27 does indeed exist in the FFS. |
343b6b2f178b
beginning of Mokopir-FFS verbal description
Michael Spacefalcon <msokolov@ivan.Harhan.ORG>
parents:
diff
changeset
|
28 |
343b6b2f178b
beginning of Mokopir-FFS verbal description
Michael Spacefalcon <msokolov@ivan.Harhan.ORG>
parents:
diff
changeset
|
29 * Absolutely no DOS-ish semantics seen anywhere: no 8.3 filenames and no |
343b6b2f178b
beginning of Mokopir-FFS verbal description
Michael Spacefalcon <msokolov@ivan.Harhan.ORG>
parents:
diff
changeset
|
30 colon-separated device names (seen in the TSM30 file system source, for |
343b6b2f178b
beginning of Mokopir-FFS verbal description
Michael Spacefalcon <msokolov@ivan.Harhan.ORG>
parents:
diff
changeset
|
31 example) are visible in the Closedmoko/Pirelli FFS. |
343b6b2f178b
beginning of Mokopir-FFS verbal description
Michael Spacefalcon <msokolov@ivan.Harhan.ORG>
parents:
diff
changeset
|
32 |
343b6b2f178b
beginning of Mokopir-FFS verbal description
Michael Spacefalcon <msokolov@ivan.Harhan.ORG>
parents:
diff
changeset
|
33 * File contents are stored uncompressed, but not necessarily contiguous: one |
343b6b2f178b
beginning of Mokopir-FFS verbal description
Michael Spacefalcon <msokolov@ivan.Harhan.ORG>
parents:
diff
changeset
|
34 could probably store a file in FFS which is bigger than the flash sector |
343b6b2f178b
beginning of Mokopir-FFS verbal description
Michael Spacefalcon <msokolov@ivan.Harhan.ORG>
parents:
diff
changeset
|
35 size, it which case it can never be contiguous in a writable FFS (see below), |
343b6b2f178b
beginning of Mokopir-FFS verbal description
Michael Spacefalcon <msokolov@ivan.Harhan.ORG>
parents:
diff
changeset
|
36 and the firmware implementation seems to limit chunk sizes to a fairly small |
343b6b2f178b
beginning of Mokopir-FFS verbal description
Michael Spacefalcon <msokolov@ivan.Harhan.ORG>
parents:
diff
changeset
|
37 number: on the Pirelli phones all largish files are divided into chunks of |
343b6b2f178b
beginning of Mokopir-FFS verbal description
Michael Spacefalcon <msokolov@ivan.Harhan.ORG>
parents:
diff
changeset
|
38 8 KiB each, and on my GTA02 the largest observed chunk size is only 2 KiB. |
343b6b2f178b
beginning of Mokopir-FFS verbal description
Michael Spacefalcon <msokolov@ivan.Harhan.ORG>
parents:
diff
changeset
|
39 |
343b6b2f178b
beginning of Mokopir-FFS verbal description
Michael Spacefalcon <msokolov@ivan.Harhan.ORG>
parents:
diff
changeset
|
40 The smaller files, like the IMEI and the firmware ID strings in my GTA02 FFS, |
343b6b2f178b
beginning of Mokopir-FFS verbal description
Michael Spacefalcon <msokolov@ivan.Harhan.ORG>
parents:
diff
changeset
|
41 are contiguous. |
343b6b2f178b
beginning of Mokopir-FFS verbal description
Michael Spacefalcon <msokolov@ivan.Harhan.ORG>
parents:
diff
changeset
|
42 |
343b6b2f178b
beginning of Mokopir-FFS verbal description
Michael Spacefalcon <msokolov@ivan.Harhan.ORG>
parents:
diff
changeset
|
43 * The FFS structure is such that the length of "user" payload data stored in |
343b6b2f178b
beginning of Mokopir-FFS verbal description
Michael Spacefalcon <msokolov@ivan.Harhan.ORG>
parents:
diff
changeset
|
44 each chunk (and consequently, in each file) can be known exactly in bytes, |
343b6b2f178b
beginning of Mokopir-FFS verbal description
Michael Spacefalcon <msokolov@ivan.Harhan.ORG>
parents:
diff
changeset
|
45 with the files/chunks able to contain arbitrary binary data. (This property |
343b6b2f178b
beginning of Mokopir-FFS verbal description
Michael Spacefalcon <msokolov@ivan.Harhan.ORG>
parents:
diff
changeset
|
46 may seem obvious or trivial, as all familiar UNIX and DOS file systems have |
343b6b2f178b
beginning of Mokopir-FFS verbal description
Michael Spacefalcon <msokolov@ivan.Harhan.ORG>
parents:
diff
changeset
|
47 it, but contrast with RT-11 for example.) |
343b6b2f178b
beginning of Mokopir-FFS verbal description
Michael Spacefalcon <msokolov@ivan.Harhan.ORG>
parents:
diff
changeset
|
48 |
343b6b2f178b
beginning of Mokopir-FFS verbal description
Michael Spacefalcon <msokolov@ivan.Harhan.ORG>
parents:
diff
changeset
|
49 * The flash file system is a writable one: the running firmware can create, |
343b6b2f178b
beginning of Mokopir-FFS verbal description
Michael Spacefalcon <msokolov@ivan.Harhan.ORG>
parents:
diff
changeset
|
50 delete and overwrite files (and possibly directories too) in the live FFS; |
343b6b2f178b
beginning of Mokopir-FFS verbal description
Michael Spacefalcon <msokolov@ivan.Harhan.ORG>
parents:
diff
changeset
|
51 thus the FFS design is such that allows these operations to be performed |
343b6b2f178b
beginning of Mokopir-FFS verbal description
Michael Spacefalcon <msokolov@ivan.Harhan.ORG>
parents:
diff
changeset
|
52 within the physical constraints of NOR flash write operations. |
343b6b2f178b
beginning of Mokopir-FFS verbal description
Michael Spacefalcon <msokolov@ivan.Harhan.ORG>
parents:
diff
changeset
|
53 |
343b6b2f178b
beginning of Mokopir-FFS verbal description
Michael Spacefalcon <msokolov@ivan.Harhan.ORG>
parents:
diff
changeset
|
54 I have reverse-engineered this Mokopir-FFS on a read-only level. What it means |
343b6b2f178b
beginning of Mokopir-FFS verbal description
Michael Spacefalcon <msokolov@ivan.Harhan.ORG>
parents:
diff
changeset
|
55 is that I, or anyone else who can read this document and the accompanying |
343b6b2f178b
beginning of Mokopir-FFS verbal description
Michael Spacefalcon <msokolov@ivan.Harhan.ORG>
parents:
diff
changeset
|
56 source for the listing/extraction utilities, can take a Mokopir-FFS image read |
343b6b2f178b
beginning of Mokopir-FFS verbal description
Michael Spacefalcon <msokolov@ivan.Harhan.ORG>
parents:
diff
changeset
|
57 out of a device and see/extract its full content: the complete directory tree |
343b6b2f178b
beginning of Mokopir-FFS verbal description
Michael Spacefalcon <msokolov@ivan.Harhan.ORG>
parents:
diff
changeset
|
58 and the exact binary byte content of all files contained therein. |
343b6b2f178b
beginning of Mokopir-FFS verbal description
Michael Spacefalcon <msokolov@ivan.Harhan.ORG>
parents:
diff
changeset
|
59 |
343b6b2f178b
beginning of Mokopir-FFS verbal description
Michael Spacefalcon <msokolov@ivan.Harhan.ORG>
parents:
diff
changeset
|
60 However, the knowledge possessed by the present hacker (and conveyed in this |
343b6b2f178b
beginning of Mokopir-FFS verbal description
Michael Spacefalcon <msokolov@ivan.Harhan.ORG>
parents:
diff
changeset
|
61 document and the accompanying source code) is NOT sufficient for constructing a |
343b6b2f178b
beginning of Mokopir-FFS verbal description
Michael Spacefalcon <msokolov@ivan.Harhan.ORG>
parents:
diff
changeset
|
62 valid Mokopir-FFS image "in vitro" given a tree of directories and files, or |
28
c9f7a4afccc9
Mokopir-FFS: verbal description finished
Michael Spacefalcon <msokolov@ivan.Harhan.ORG>
parents:
27
diff
changeset
|
63 for making modifications to the file or directory content of an existing image |
27
343b6b2f178b
beginning of Mokopir-FFS verbal description
Michael Spacefalcon <msokolov@ivan.Harhan.ORG>
parents:
diff
changeset
|
64 and producing a content-modified image that is also valid; valid as in suitable |
343b6b2f178b
beginning of Mokopir-FFS verbal description
Michael Spacefalcon <msokolov@ivan.Harhan.ORG>
parents:
diff
changeset
|
65 for the original proprietary firmware to make its normal read and write |
343b6b2f178b
beginning of Mokopir-FFS verbal description
Michael Spacefalcon <msokolov@ivan.Harhan.ORG>
parents:
diff
changeset
|
66 operations without noticing anything amiss. |
343b6b2f178b
beginning of Mokopir-FFS verbal description
Michael Spacefalcon <msokolov@ivan.Harhan.ORG>
parents:
diff
changeset
|
67 |
343b6b2f178b
beginning of Mokopir-FFS verbal description
Michael Spacefalcon <msokolov@ivan.Harhan.ORG>
parents:
diff
changeset
|
68 Constructing "de novo" Mokopir-FFS images or modifying existing images in such |
343b6b2f178b
beginning of Mokopir-FFS verbal description
Michael Spacefalcon <msokolov@ivan.Harhan.ORG>
parents:
diff
changeset
|
69 a way that they remain 100% valid for all read and write operations of the |
343b6b2f178b
beginning of Mokopir-FFS verbal description
Michael Spacefalcon <msokolov@ivan.Harhan.ORG>
parents:
diff
changeset
|
70 original proprietary firmware would, at the very minimum, require an |
28
c9f7a4afccc9
Mokopir-FFS: verbal description finished
Michael Spacefalcon <msokolov@ivan.Harhan.ORG>
parents:
27
diff
changeset
|
71 understanding of the meaning of *all* fields of the on-media FFS format. Some |
27
343b6b2f178b
beginning of Mokopir-FFS verbal description
Michael Spacefalcon <msokolov@ivan.Harhan.ORG>
parents:
diff
changeset
|
72 of these fields are still left as "non-understood" for now though: a read-only |
343b6b2f178b
beginning of Mokopir-FFS verbal description
Michael Spacefalcon <msokolov@ivan.Harhan.ORG>
parents:
diff
changeset
|
73 implementation can get away with simply ignoring them, but a writer/generator |
343b6b2f178b
beginning of Mokopir-FFS verbal description
Michael Spacefalcon <msokolov@ivan.Harhan.ORG>
parents:
diff
changeset
|
74 would have to put *something* in those fields. |
343b6b2f178b
beginning of Mokopir-FFS verbal description
Michael Spacefalcon <msokolov@ivan.Harhan.ORG>
parents:
diff
changeset
|
75 |
343b6b2f178b
beginning of Mokopir-FFS verbal description
Michael Spacefalcon <msokolov@ivan.Harhan.ORG>
parents:
diff
changeset
|
76 As you read the "read-only" description of the Mokopir-FFS on-media format in |
343b6b2f178b
beginning of Mokopir-FFS verbal description
Michael Spacefalcon <msokolov@ivan.Harhan.ORG>
parents:
diff
changeset
|
77 the remainder of this document, it should become fairly obvious which pieces |
343b6b2f178b
beginning of Mokopir-FFS verbal description
Michael Spacefalcon <msokolov@ivan.Harhan.ORG>
parents:
diff
changeset
|
78 are missing before our understanding of this FFS can be elevated to a |
343b6b2f178b
beginning of Mokopir-FFS verbal description
Michael Spacefalcon <msokolov@ivan.Harhan.ORG>
parents:
diff
changeset
|
79 "writable" level. |
343b6b2f178b
beginning of Mokopir-FFS verbal description
Michael Spacefalcon <msokolov@ivan.Harhan.ORG>
parents:
diff
changeset
|
80 |
343b6b2f178b
beginning of Mokopir-FFS verbal description
Michael Spacefalcon <msokolov@ivan.Harhan.ORG>
parents:
diff
changeset
|
81 However, when it comes to writing new code to run on the two Calypso phones in |
343b6b2f178b
beginning of Mokopir-FFS verbal description
Michael Spacefalcon <msokolov@ivan.Harhan.ORG>
parents:
diff
changeset
|
82 question (Closedmoko and Pirelli), it seems, at least to the present hacker, |
343b6b2f178b
beginning of Mokopir-FFS verbal description
Michael Spacefalcon <msokolov@ivan.Harhan.ORG>
parents:
diff
changeset
|
83 that a read-only understanding of Mokopir-FFS should be sufficient: |
343b6b2f178b
beginning of Mokopir-FFS verbal description
Michael Spacefalcon <msokolov@ivan.Harhan.ORG>
parents:
diff
changeset
|
84 |
343b6b2f178b
beginning of Mokopir-FFS verbal description
Michael Spacefalcon <msokolov@ivan.Harhan.ORG>
parents:
diff
changeset
|
85 * In the case of Closedmoko GTA0x modems, the FFS is seen to contain the IMEI |
343b6b2f178b
beginning of Mokopir-FFS verbal description
Michael Spacefalcon <msokolov@ivan.Harhan.ORG>
parents:
diff
changeset
|
86 and the RF calibration data. The format of the former is obvious; the latter |
343b6b2f178b
beginning of Mokopir-FFS verbal description
Michael Spacefalcon <msokolov@ivan.Harhan.ORG>
parents:
diff
changeset
|
87 not so much - but in any case, the information of interest is clearly of a |
343b6b2f178b
beginning of Mokopir-FFS verbal description
Michael Spacefalcon <msokolov@ivan.Harhan.ORG>
parents:
diff
changeset
|
88 read-only nature. It's difficult to tell (or rather, I haven't bothered to |
343b6b2f178b
beginning of Mokopir-FFS verbal description
Michael Spacefalcon <msokolov@ivan.Harhan.ORG>
parents:
diff
changeset
|
89 experiment enough) whether the Closedmoko firmware does any writes to FFS or |
343b6b2f178b
beginning of Mokopir-FFS verbal description
Michael Spacefalcon <msokolov@ivan.Harhan.ORG>
parents:
diff
changeset
|
90 if the FFS is treated as read-only outside of the production line environment, |
343b6b2f178b
beginning of Mokopir-FFS verbal description
Michael Spacefalcon <msokolov@ivan.Harhan.ORG>
parents:
diff
changeset
|
91 but in any case, it seems to me that for any 3rd party replacement firmware, |
343b6b2f178b
beginning of Mokopir-FFS verbal description
Michael Spacefalcon <msokolov@ivan.Harhan.ORG>
parents:
diff
changeset
|
92 the best strategy would be to treat the FFS as a read-only source of IMEI and |
343b6b2f178b
beginning of Mokopir-FFS verbal description
Michael Spacefalcon <msokolov@ivan.Harhan.ORG>
parents:
diff
changeset
|
93 RF calibration data, and nothing more. |
343b6b2f178b
beginning of Mokopir-FFS verbal description
Michael Spacefalcon <msokolov@ivan.Harhan.ORG>
parents:
diff
changeset
|
94 |
343b6b2f178b
beginning of Mokopir-FFS verbal description
Michael Spacefalcon <msokolov@ivan.Harhan.ORG>
parents:
diff
changeset
|
95 * In the case of Pirelli phones, the FFS is used to store user data: sent and |
343b6b2f178b
beginning of Mokopir-FFS verbal description
Michael Spacefalcon <msokolov@ivan.Harhan.ORG>
parents:
diff
changeset
|
96 received SMS (and MMS/email/whatever), call history, UI settings, pictures |
343b6b2f178b
beginning of Mokopir-FFS verbal description
Michael Spacefalcon <msokolov@ivan.Harhan.ORG>
parents:
diff
changeset
|
97 taken with the camera, and whatever else. It also stores a ton of files |
343b6b2f178b
beginning of Mokopir-FFS verbal description
Michael Spacefalcon <msokolov@ivan.Harhan.ORG>
parents:
diff
changeset
|
98 which I can only presume were meant to be immutable except at the time of |
343b6b2f178b
beginning of Mokopir-FFS verbal description
Michael Spacefalcon <msokolov@ivan.Harhan.ORG>
parents:
diff
changeset
|
99 firmware updates: graphics for the UI, ringtones, i18n UI strings, and even |
343b6b2f178b
beginning of Mokopir-FFS verbal description
Michael Spacefalcon <msokolov@ivan.Harhan.ORG>
parents:
diff
changeset
|
100 "helper" firmware images for the WiFi and VoIP processors. However, no IMEI |
343b6b2f178b
beginning of Mokopir-FFS verbal description
Michael Spacefalcon <msokolov@ivan.Harhan.ORG>
parents:
diff
changeset
|
101 or RF calibration data are anywhere to be found in the FFS - instead this |
343b6b2f178b
beginning of Mokopir-FFS verbal description
Michael Spacefalcon <msokolov@ivan.Harhan.ORG>
parents:
diff
changeset
|
102 information appears to be stored in the "factory block" at the end of the |
343b6b2f178b
beginning of Mokopir-FFS verbal description
Michael Spacefalcon <msokolov@ivan.Harhan.ORG>
parents:
diff
changeset
|
103 flash (in its own sector) outside of the FFS. |
343b6b2f178b
beginning of Mokopir-FFS verbal description
Michael Spacefalcon <msokolov@ivan.Harhan.ORG>
parents:
diff
changeset
|
104 |
343b6b2f178b
beginning of Mokopir-FFS verbal description
Michael Spacefalcon <msokolov@ivan.Harhan.ORG>
parents:
diff
changeset
|
105 Being able to parse FFS images extracted out of Pirelli phones "in vitro" |
343b6b2f178b
beginning of Mokopir-FFS verbal description
Michael Spacefalcon <msokolov@ivan.Harhan.ORG>
parents:
diff
changeset
|
106 allows us to steal some of these helper files (UI artwork, ringtones, |
343b6b2f178b
beginning of Mokopir-FFS verbal description
Michael Spacefalcon <msokolov@ivan.Harhan.ORG>
parents:
diff
changeset
|
107 WiFi/VoIP helpers), and some of these might even come useful to firmware |
343b6b2f178b
beginning of Mokopir-FFS verbal description
Michael Spacefalcon <msokolov@ivan.Harhan.ORG>
parents:
diff
changeset
|
108 replacement projects, but it seems to me that a replacement firmware would |
343b6b2f178b
beginning of Mokopir-FFS verbal description
Michael Spacefalcon <msokolov@ivan.Harhan.ORG>
parents:
diff
changeset
|
109 be better off using its own FFS design for storing user data, and as to |
343b6b2f178b
beginning of Mokopir-FFS verbal description
Michael Spacefalcon <msokolov@ivan.Harhan.ORG>
parents:
diff
changeset
|
110 retrieving the original IMEI and RF calibration data, the original FFS isn't |
343b6b2f178b
beginning of Mokopir-FFS verbal description
Michael Spacefalcon <msokolov@ivan.Harhan.ORG>
parents:
diff
changeset
|
111 of any use for that anyway. |
343b6b2f178b
beginning of Mokopir-FFS verbal description
Michael Spacefalcon <msokolov@ivan.Harhan.ORG>
parents:
diff
changeset
|
112 |
343b6b2f178b
beginning of Mokopir-FFS verbal description
Michael Spacefalcon <msokolov@ivan.Harhan.ORG>
parents:
diff
changeset
|
113 ======================= |
343b6b2f178b
beginning of Mokopir-FFS verbal description
Michael Spacefalcon <msokolov@ivan.Harhan.ORG>
parents:
diff
changeset
|
114 Moko/Pirelli FFS format |
343b6b2f178b
beginning of Mokopir-FFS verbal description
Michael Spacefalcon <msokolov@ivan.Harhan.ORG>
parents:
diff
changeset
|
115 ======================= |
343b6b2f178b
beginning of Mokopir-FFS verbal description
Michael Spacefalcon <msokolov@ivan.Harhan.ORG>
parents:
diff
changeset
|
116 |
343b6b2f178b
beginning of Mokopir-FFS verbal description
Michael Spacefalcon <msokolov@ivan.Harhan.ORG>
parents:
diff
changeset
|
117 OK, now that I'm done with the introduction, we can get to the actual |
343b6b2f178b
beginning of Mokopir-FFS verbal description
Michael Spacefalcon <msokolov@ivan.Harhan.ORG>
parents:
diff
changeset
|
118 Mokopir-FFS format. |
343b6b2f178b
beginning of Mokopir-FFS verbal description
Michael Spacefalcon <msokolov@ivan.Harhan.ORG>
parents:
diff
changeset
|
119 |
343b6b2f178b
beginning of Mokopir-FFS verbal description
Michael Spacefalcon <msokolov@ivan.Harhan.ORG>
parents:
diff
changeset
|
120 * On the GTA0x modem (or at least on my GTA02; my sample size is 1) the FFS |
343b6b2f178b
beginning of Mokopir-FFS verbal description
Michael Spacefalcon <msokolov@ivan.Harhan.ORG>
parents:
diff
changeset
|
121 occupies 7 flash sectors of 64 KiB each at offsets 0x380000 through 0x3E0000, |
343b6b2f178b
beginning of Mokopir-FFS verbal description
Michael Spacefalcon <msokolov@ivan.Harhan.ORG>
parents:
diff
changeset
|
122 inclusive. |
343b6b2f178b
beginning of Mokopir-FFS verbal description
Michael Spacefalcon <msokolov@ivan.Harhan.ORG>
parents:
diff
changeset
|
123 |
343b6b2f178b
beginning of Mokopir-FFS verbal description
Michael Spacefalcon <msokolov@ivan.Harhan.ORG>
parents:
diff
changeset
|
124 (The 4 MiB NOR flash chip used by Closedmoko has an independent R/W bank |
343b6b2f178b
beginning of Mokopir-FFS verbal description
Michael Spacefalcon <msokolov@ivan.Harhan.ORG>
parents:
diff
changeset
|
125 division between the first 3 MiB and the last 1 MiB. The first 3 MiB are used |
343b6b2f178b
beginning of Mokopir-FFS verbal description
Michael Spacefalcon <msokolov@ivan.Harhan.ORG>
parents:
diff
changeset
|
126 to hold the field-flashable closed firmware images distributed as *.m0 files; |
343b6b2f178b
beginning of Mokopir-FFS verbal description
Michael Spacefalcon <msokolov@ivan.Harhan.ORG>
parents:
diff
changeset
|
127 the independent last megabyte holds the FFS, and thus the FW could be |
343b6b2f178b
beginning of Mokopir-FFS verbal description
Michael Spacefalcon <msokolov@ivan.Harhan.ORG>
parents:
diff
changeset
|
128 implemented to do FFS writes while running from flash in the main bank. |
343b6b2f178b
beginning of Mokopir-FFS verbal description
Michael Spacefalcon <msokolov@ivan.Harhan.ORG>
parents:
diff
changeset
|
129 Less than half of that last megabyte appears to be used for the FFS though; |
343b6b2f178b
beginning of Mokopir-FFS verbal description
Michael Spacefalcon <msokolov@ivan.Harhan.ORG>
parents:
diff
changeset
|
130 the rest appears to be unused - blank flash observed.) |
343b6b2f178b
beginning of Mokopir-FFS verbal description
Michael Spacefalcon <msokolov@ivan.Harhan.ORG>
parents:
diff
changeset
|
131 |
343b6b2f178b
beginning of Mokopir-FFS verbal description
Michael Spacefalcon <msokolov@ivan.Harhan.ORG>
parents:
diff
changeset
|
132 * On the Pirelli the FFS occupies 18 sectors of 256 KiB each at offsets 0 |
343b6b2f178b
beginning of Mokopir-FFS verbal description
Michael Spacefalcon <msokolov@ivan.Harhan.ORG>
parents:
diff
changeset
|
133 through 0x440000 (inclusive) of the 2nd flash chip select, the one wired to |
343b6b2f178b
beginning of Mokopir-FFS verbal description
Michael Spacefalcon <msokolov@ivan.Harhan.ORG>
parents:
diff
changeset
|
134 nCS3 on the Calypso. |
343b6b2f178b
beginning of Mokopir-FFS verbal description
Michael Spacefalcon <msokolov@ivan.Harhan.ORG>
parents:
diff
changeset
|
135 |
343b6b2f178b
beginning of Mokopir-FFS verbal description
Michael Spacefalcon <msokolov@ivan.Harhan.ORG>
parents:
diff
changeset
|
136 Each flash sector allocated to FFS begins with the following signature: |
343b6b2f178b
beginning of Mokopir-FFS verbal description
Michael Spacefalcon <msokolov@ivan.Harhan.ORG>
parents:
diff
changeset
|
137 |
343b6b2f178b
beginning of Mokopir-FFS verbal description
Michael Spacefalcon <msokolov@ivan.Harhan.ORG>
parents:
diff
changeset
|
138 00000000: 46 66 73 23 10 02 xx yy zz FF FF FF FF FF FF FF Ffs#............ |
343b6b2f178b
beginning of Mokopir-FFS verbal description
Michael Spacefalcon <msokolov@ivan.Harhan.ORG>
parents:
diff
changeset
|
139 |
343b6b2f178b
beginning of Mokopir-FFS verbal description
Michael Spacefalcon <msokolov@ivan.Harhan.ORG>
parents:
diff
changeset
|
140 The bytes shown as xx and yy above serve a non-understood purpose; as a guess, |
343b6b2f178b
beginning of Mokopir-FFS verbal description
Michael Spacefalcon <msokolov@ivan.Harhan.ORG>
parents:
diff
changeset
|
141 they may hold some info for the flash wear leveling algorithm: in a "virgin" |
343b6b2f178b
beginning of Mokopir-FFS verbal description
Michael Spacefalcon <msokolov@ivan.Harhan.ORG>
parents:
diff
changeset
|
142 FFS image like that found in my GTA02 (which never had a SIM card in it and |
343b6b2f178b
beginning of Mokopir-FFS verbal description
Michael Spacefalcon <msokolov@ivan.Harhan.ORG>
parents:
diff
changeset
|
143 never made or received a call) or read out of a "virgin" Pirelli phone that |
343b6b2f178b
beginning of Mokopir-FFS verbal description
Michael Spacefalcon <msokolov@ivan.Harhan.ORG>
parents:
diff
changeset
|
144 hasn't seen any active use yet, both of these bytes are FFs, but when I look at |
343b6b2f178b
beginning of Mokopir-FFS verbal description
Michael Spacefalcon <msokolov@ivan.Harhan.ORG>
parents:
diff
changeset
|
145 FFS images read out of the Pirelli which I currently use as my everyday-use |
343b6b2f178b
beginning of Mokopir-FFS verbal description
Michael Spacefalcon <msokolov@ivan.Harhan.ORG>
parents:
diff
changeset
|
146 cellphone, I see other values in sectors which must have been erased and |
343b6b2f178b
beginning of Mokopir-FFS verbal description
Michael Spacefalcon <msokolov@ivan.Harhan.ORG>
parents:
diff
changeset
|
147 rewritten. A read-only implementation can ignore these bytes, as mine does. |
343b6b2f178b
beginning of Mokopir-FFS verbal description
Michael Spacefalcon <msokolov@ivan.Harhan.ORG>
parents:
diff
changeset
|
148 |
343b6b2f178b
beginning of Mokopir-FFS verbal description
Michael Spacefalcon <msokolov@ivan.Harhan.ORG>
parents:
diff
changeset
|
149 The byte shown as zz is more important though, even to a read-only |
343b6b2f178b
beginning of Mokopir-FFS verbal description
Michael Spacefalcon <msokolov@ivan.Harhan.ORG>
parents:
diff
changeset
|
150 implementation. The 3 values I've encountered in this byte so far are AB, BD |
343b6b2f178b
beginning of Mokopir-FFS verbal description
Michael Spacefalcon <msokolov@ivan.Harhan.ORG>
parents:
diff
changeset
|
151 and BF. Per my current understanding, in a "healthy" FFS exactly one sector |
343b6b2f178b
beginning of Mokopir-FFS verbal description
Michael Spacefalcon <msokolov@ivan.Harhan.ORG>
parents:
diff
changeset
|
152 will have AB in its header, exactly one will have BF, and the rest will have |
343b6b2f178b
beginning of Mokopir-FFS verbal description
Michael Spacefalcon <msokolov@ivan.Harhan.ORG>
parents:
diff
changeset
|
153 BD. The meanings are (or appear to be): |
343b6b2f178b
beginning of Mokopir-FFS verbal description
Michael Spacefalcon <msokolov@ivan.Harhan.ORG>
parents:
diff
changeset
|
154 |
343b6b2f178b
beginning of Mokopir-FFS verbal description
Michael Spacefalcon <msokolov@ivan.Harhan.ORG>
parents:
diff
changeset
|
155 AB: the sector holds a vital data structure which I have called the active |
343b6b2f178b
beginning of Mokopir-FFS verbal description
Michael Spacefalcon <msokolov@ivan.Harhan.ORG>
parents:
diff
changeset
|
156 index block; |
343b6b2f178b
beginning of Mokopir-FFS verbal description
Michael Spacefalcon <msokolov@ivan.Harhan.ORG>
parents:
diff
changeset
|
157 BD: the sector holds regular data; |
343b6b2f178b
beginning of Mokopir-FFS verbal description
Michael Spacefalcon <msokolov@ivan.Harhan.ORG>
parents:
diff
changeset
|
158 BF: the sector is blank except for the header, can be turned into a new AB or |
343b6b2f178b
beginning of Mokopir-FFS verbal description
Michael Spacefalcon <msokolov@ivan.Harhan.ORG>
parents:
diff
changeset
|
159 BD. |
343b6b2f178b
beginning of Mokopir-FFS verbal description
Michael Spacefalcon <msokolov@ivan.Harhan.ORG>
parents:
diff
changeset
|
160 |
343b6b2f178b
beginning of Mokopir-FFS verbal description
Michael Spacefalcon <msokolov@ivan.Harhan.ORG>
parents:
diff
changeset
|
161 (Note that a flash program operation, which can turn 1s into 0s but not the |
343b6b2f178b
beginning of Mokopir-FFS verbal description
Michael Spacefalcon <msokolov@ivan.Harhan.ORG>
parents:
diff
changeset
|
162 other way around, can turn BF into either AB or BD - but neither AB nor BD can |
343b6b2f178b
beginning of Mokopir-FFS verbal description
Michael Spacefalcon <msokolov@ivan.Harhan.ORG>
parents:
diff
changeset
|
163 be turned into any other valid value.) |
343b6b2f178b
beginning of Mokopir-FFS verbal description
Michael Spacefalcon <msokolov@ivan.Harhan.ORG>
parents:
diff
changeset
|
164 |
343b6b2f178b
beginning of Mokopir-FFS verbal description
Michael Spacefalcon <msokolov@ivan.Harhan.ORG>
parents:
diff
changeset
|
165 In a "virgin" FFS image (as explained above) the first FFS sector is AB, the |
343b6b2f178b
beginning of Mokopir-FFS verbal description
Michael Spacefalcon <msokolov@ivan.Harhan.ORG>
parents:
diff
changeset
|
166 last one is BF, and the ones in between are BDs. |
343b6b2f178b
beginning of Mokopir-FFS verbal description
Michael Spacefalcon <msokolov@ivan.Harhan.ORG>
parents:
diff
changeset
|
167 |
343b6b2f178b
beginning of Mokopir-FFS verbal description
Michael Spacefalcon <msokolov@ivan.Harhan.ORG>
parents:
diff
changeset
|
168 An FFS read operation (a search for a given pathname, or a listing of all |
343b6b2f178b
beginning of Mokopir-FFS verbal description
Michael Spacefalcon <msokolov@ivan.Harhan.ORG>
parents:
diff
changeset
|
169 present directories and files) needs to start with locating the active index |
343b6b2f178b
beginning of Mokopir-FFS verbal description
Michael Spacefalcon <msokolov@ivan.Harhan.ORG>
parents:
diff
changeset
|
170 block - the FFS sector with AB in the header. Following this header, which is |
343b6b2f178b
beginning of Mokopir-FFS verbal description
Michael Spacefalcon <msokolov@ivan.Harhan.ORG>
parents:
diff
changeset
|
171 treated as being 16 bytes long (almost everything in Mokopir-FFS is aligned on |
343b6b2f178b
beginning of Mokopir-FFS verbal description
Michael Spacefalcon <msokolov@ivan.Harhan.ORG>
parents:
diff
changeset
|
172 16-byte boundaries), the active index block contains a linear array of 16-byte |
343b6b2f178b
beginning of Mokopir-FFS verbal description
Michael Spacefalcon <msokolov@ivan.Harhan.ORG>
parents:
diff
changeset
|
173 records, each record describing an FFS object: directory, file or file |
343b6b2f178b
beginning of Mokopir-FFS verbal description
Michael Spacefalcon <msokolov@ivan.Harhan.ORG>
parents:
diff
changeset
|
174 continuation chunk. |
343b6b2f178b
beginning of Mokopir-FFS verbal description
Michael Spacefalcon <msokolov@ivan.Harhan.ORG>
parents:
diff
changeset
|
175 |
343b6b2f178b
beginning of Mokopir-FFS verbal description
Michael Spacefalcon <msokolov@ivan.Harhan.ORG>
parents:
diff
changeset
|
176 Here is my current understanding of the 16-byte index block record structure: |
343b6b2f178b
beginning of Mokopir-FFS verbal description
Michael Spacefalcon <msokolov@ivan.Harhan.ORG>
parents:
diff
changeset
|
177 |
343b6b2f178b
beginning of Mokopir-FFS verbal description
Michael Spacefalcon <msokolov@ivan.Harhan.ORG>
parents:
diff
changeset
|
178 2 bytes: Length of the described chunk in bytes |
343b6b2f178b
beginning of Mokopir-FFS verbal description
Michael Spacefalcon <msokolov@ivan.Harhan.ORG>
parents:
diff
changeset
|
179 1 byte: Purpose/meaning not understood, ignored by my current code |
343b6b2f178b
beginning of Mokopir-FFS verbal description
Michael Spacefalcon <msokolov@ivan.Harhan.ORG>
parents:
diff
changeset
|
180 1 byte: Object type |
343b6b2f178b
beginning of Mokopir-FFS verbal description
Michael Spacefalcon <msokolov@ivan.Harhan.ORG>
parents:
diff
changeset
|
181 2 bytes: Descendant pointer |
343b6b2f178b
beginning of Mokopir-FFS verbal description
Michael Spacefalcon <msokolov@ivan.Harhan.ORG>
parents:
diff
changeset
|
182 2 bytes: Sibling pointer |
343b6b2f178b
beginning of Mokopir-FFS verbal description
Michael Spacefalcon <msokolov@ivan.Harhan.ORG>
parents:
diff
changeset
|
183 4 bytes: Data pointer |
343b6b2f178b
beginning of Mokopir-FFS verbal description
Michael Spacefalcon <msokolov@ivan.Harhan.ORG>
parents:
diff
changeset
|
184 4 bytes: Purpose/meaning not understood, ignored by my current code |
343b6b2f178b
beginning of Mokopir-FFS verbal description
Michael Spacefalcon <msokolov@ivan.Harhan.ORG>
parents:
diff
changeset
|
185 |
343b6b2f178b
beginning of Mokopir-FFS verbal description
Michael Spacefalcon <msokolov@ivan.Harhan.ORG>
parents:
diff
changeset
|
186 (On the Calypso phones of interest, all multibyte fields are in the native |
343b6b2f178b
beginning of Mokopir-FFS verbal description
Michael Spacefalcon <msokolov@ivan.Harhan.ORG>
parents:
diff
changeset
|
187 little-endian byte order of the ARM7TDMI processor.) |
343b6b2f178b
beginning of Mokopir-FFS verbal description
Michael Spacefalcon <msokolov@ivan.Harhan.ORG>
parents:
diff
changeset
|
188 |
343b6b2f178b
beginning of Mokopir-FFS verbal description
Michael Spacefalcon <msokolov@ivan.Harhan.ORG>
parents:
diff
changeset
|
189 The active index block gets filled with these records as objects are created; |
343b6b2f178b
beginning of Mokopir-FFS verbal description
Michael Spacefalcon <msokolov@ivan.Harhan.ORG>
parents:
diff
changeset
|
190 the first record goes right after the 'Ffs#'...AB header (padded to 16 bytes); |
343b6b2f178b
beginning of Mokopir-FFS verbal description
Michael Spacefalcon <msokolov@ivan.Harhan.ORG>
parents:
diff
changeset
|
191 the last record (at any given moment) is followed by blank flash for the |
343b6b2f178b
beginning of Mokopir-FFS verbal description
Michael Spacefalcon <msokolov@ivan.Harhan.ORG>
parents:
diff
changeset
|
192 remainder of the sector. Records thus appear in the order in which they are |
343b6b2f178b
beginning of Mokopir-FFS verbal description
Michael Spacefalcon <msokolov@ivan.Harhan.ORG>
parents:
diff
changeset
|
193 created, which bears no direct relation to the directory tree structure. |
343b6b2f178b
beginning of Mokopir-FFS verbal description
Michael Spacefalcon <msokolov@ivan.Harhan.ORG>
parents:
diff
changeset
|
194 |
343b6b2f178b
beginning of Mokopir-FFS verbal description
Michael Spacefalcon <msokolov@ivan.Harhan.ORG>
parents:
diff
changeset
|
195 The objects, each described by a record in the index block, are organized into |
343b6b2f178b
beginning of Mokopir-FFS verbal description
Michael Spacefalcon <msokolov@ivan.Harhan.ORG>
parents:
diff
changeset
|
196 a tree structure by the descendant and sibling pointers, plus the object type |
343b6b2f178b
beginning of Mokopir-FFS verbal description
Michael Spacefalcon <msokolov@ivan.Harhan.ORG>
parents:
diff
changeset
|
197 indicator byte. Let's start with the latter; the following objtype byte values |
343b6b2f178b
beginning of Mokopir-FFS verbal description
Michael Spacefalcon <msokolov@ivan.Harhan.ORG>
parents:
diff
changeset
|
198 have been observed: |
343b6b2f178b
beginning of Mokopir-FFS verbal description
Michael Spacefalcon <msokolov@ivan.Harhan.ORG>
parents:
diff
changeset
|
199 |
343b6b2f178b
beginning of Mokopir-FFS verbal description
Michael Spacefalcon <msokolov@ivan.Harhan.ORG>
parents:
diff
changeset
|
200 00: deleted object - a read-only implementation should ignore everything except |
343b6b2f178b
beginning of Mokopir-FFS verbal description
Michael Spacefalcon <msokolov@ivan.Harhan.ORG>
parents:
diff
changeset
|
201 the descendant and sibling pointers. (A write-capable implementation would |
343b6b2f178b
beginning of Mokopir-FFS verbal description
Michael Spacefalcon <msokolov@ivan.Harhan.ORG>
parents:
diff
changeset
|
202 need more care - it would need a way of reclaiming dirty flash space taken |
343b6b2f178b
beginning of Mokopir-FFS verbal description
Michael Spacefalcon <msokolov@ivan.Harhan.ORG>
parents:
diff
changeset
|
203 up by deleted/overwritten files.) |
343b6b2f178b
beginning of Mokopir-FFS verbal description
Michael Spacefalcon <msokolov@ivan.Harhan.ORG>
parents:
diff
changeset
|
204 |
343b6b2f178b
beginning of Mokopir-FFS verbal description
Michael Spacefalcon <msokolov@ivan.Harhan.ORG>
parents:
diff
changeset
|
205 E1: a special file - see the description of the /.journal file further down |
343b6b2f178b
beginning of Mokopir-FFS verbal description
Michael Spacefalcon <msokolov@ivan.Harhan.ORG>
parents:
diff
changeset
|
206 F1: a regular file (head chunk thereof) |
343b6b2f178b
beginning of Mokopir-FFS verbal description
Michael Spacefalcon <msokolov@ivan.Harhan.ORG>
parents:
diff
changeset
|
207 F2: a directory |
343b6b2f178b
beginning of Mokopir-FFS verbal description
Michael Spacefalcon <msokolov@ivan.Harhan.ORG>
parents:
diff
changeset
|
208 F4: file continuation chunk (explained below) |
343b6b2f178b
beginning of Mokopir-FFS verbal description
Michael Spacefalcon <msokolov@ivan.Harhan.ORG>
parents:
diff
changeset
|
209 |
343b6b2f178b
beginning of Mokopir-FFS verbal description
Michael Spacefalcon <msokolov@ivan.Harhan.ORG>
parents:
diff
changeset
|
210 Each record in the index block has an associated chunk in one of the data |
343b6b2f178b
beginning of Mokopir-FFS verbal description
Michael Spacefalcon <msokolov@ivan.Harhan.ORG>
parents:
diff
changeset
|
211 sectors; the index record contains fields giving the address and length of this |
343b6b2f178b
beginning of Mokopir-FFS verbal description
Michael Spacefalcon <msokolov@ivan.Harhan.ORG>
parents:
diff
changeset
|
212 chunk. The length of a chunk is always a nonzero multiple of 16 bytes, and is |
343b6b2f178b
beginning of Mokopir-FFS verbal description
Michael Spacefalcon <msokolov@ivan.Harhan.ORG>
parents:
diff
changeset
|
213 stored (as a number in bytes) in the first 16-bit field of the 16-byte index |
343b6b2f178b
beginning of Mokopir-FFS verbal description
Michael Spacefalcon <msokolov@ivan.Harhan.ORG>
parents:
diff
changeset
|
214 entry. The address of each chunk is given by the data pointer field of the |
343b6b2f178b
beginning of Mokopir-FFS verbal description
Michael Spacefalcon <msokolov@ivan.Harhan.ORG>
parents:
diff
changeset
|
215 index record, and it is reckoned in 16-byte units (thereby 16-byte alignment is |
343b6b2f178b
beginning of Mokopir-FFS verbal description
Michael Spacefalcon <msokolov@ivan.Harhan.ORG>
parents:
diff
changeset
|
216 required) from the beginning of the FFS sector group in the flash address space. |
343b6b2f178b
beginning of Mokopir-FFS verbal description
Michael Spacefalcon <msokolov@ivan.Harhan.ORG>
parents:
diff
changeset
|
217 |
343b6b2f178b
beginning of Mokopir-FFS verbal description
Michael Spacefalcon <msokolov@ivan.Harhan.ORG>
parents:
diff
changeset
|
218 For objects of type F1 and F2 (regular files and directories) the just-described |
343b6b2f178b
beginning of Mokopir-FFS verbal description
Michael Spacefalcon <msokolov@ivan.Harhan.ORG>
parents:
diff
changeset
|
219 chunk begins with the name of the file or subdirectory as a NUL-terminated ASCII |
343b6b2f178b
beginning of Mokopir-FFS verbal description
Michael Spacefalcon <msokolov@ivan.Harhan.ORG>
parents:
diff
changeset
|
220 string. This name is just for the current level of the directory tree, just |
343b6b2f178b
beginning of Mokopir-FFS verbal description
Michael Spacefalcon <msokolov@ivan.Harhan.ORG>
parents:
diff
changeset
|
221 like in UNIX directories, thus one will have chunk names like gsm, l3, eplmn |
343b6b2f178b
beginning of Mokopir-FFS verbal description
Michael Spacefalcon <msokolov@ivan.Harhan.ORG>
parents:
diff
changeset
|
222 etc, rather than /gsm/l3/eplmn. One practical effect is that one can't readily |
343b6b2f178b
beginning of Mokopir-FFS verbal description
Michael Spacefalcon <msokolov@ivan.Harhan.ORG>
parents:
diff
changeset
|
223 see pathnames or any of the directory structure by looking at an FFS image as a |
343b6b2f178b
beginning of Mokopir-FFS verbal description
Michael Spacefalcon <msokolov@ivan.Harhan.ORG>
parents:
diff
changeset
|
224 raw hex dump; the structure is only revealed when one uses a parsing program |
343b6b2f178b
beginning of Mokopir-FFS verbal description
Michael Spacefalcon <msokolov@ivan.Harhan.ORG>
parents:
diff
changeset
|
225 like those which accompany this document. |
343b6b2f178b
beginning of Mokopir-FFS verbal description
Michael Spacefalcon <msokolov@ivan.Harhan.ORG>
parents:
diff
changeset
|
226 |
343b6b2f178b
beginning of Mokopir-FFS verbal description
Michael Spacefalcon <msokolov@ivan.Harhan.ORG>
parents:
diff
changeset
|
227 In the case of directories, the "chunk" part of the object contains only the |
343b6b2f178b
beginning of Mokopir-FFS verbal description
Michael Spacefalcon <msokolov@ivan.Harhan.ORG>
parents:
diff
changeset
|
228 name of the directory itself, padded with FFs to a 16-byte boundary. For |
343b6b2f178b
beginning of Mokopir-FFS verbal description
Michael Spacefalcon <msokolov@ivan.Harhan.ORG>
parents:
diff
changeset
|
229 example, an FFS directory named /gsm would be represented by an object |
343b6b2f178b
beginning of Mokopir-FFS verbal description
Michael Spacefalcon <msokolov@ivan.Harhan.ORG>
parents:
diff
changeset
|
230 consisting of two flash writes: a 16-byte entry in the active index block, with |
343b6b2f178b
beginning of Mokopir-FFS verbal description
Michael Spacefalcon <msokolov@ivan.Harhan.ORG>
parents:
diff
changeset
|
231 the object type byte set to F2, and a corresponding 16-byte chunk in one of the |
343b6b2f178b
beginning of Mokopir-FFS verbal description
Michael Spacefalcon <msokolov@ivan.Harhan.ORG>
parents:
diff
changeset
|
232 data sectors, with the 16 bytes containing "gsm", a terminating NUL byte, and |
28
c9f7a4afccc9
Mokopir-FFS: verbal description finished
Michael Spacefalcon <msokolov@ivan.Harhan.ORG>
parents:
27
diff
changeset
|
233 12 FF bytes to pad up to 16. In the case of files, this name may be followed |
27
343b6b2f178b
beginning of Mokopir-FFS verbal description
Michael Spacefalcon <msokolov@ivan.Harhan.ORG>
parents:
diff
changeset
|
234 by the first chunk of file data content, as explained further down. |
343b6b2f178b
beginning of Mokopir-FFS verbal description
Michael Spacefalcon <msokolov@ivan.Harhan.ORG>
parents:
diff
changeset
|
235 |
343b6b2f178b
beginning of Mokopir-FFS verbal description
Michael Spacefalcon <msokolov@ivan.Harhan.ORG>
parents:
diff
changeset
|
236 In order to parse the FFS directory tree (whether the objective is to dump the |
343b6b2f178b
beginning of Mokopir-FFS verbal description
Michael Spacefalcon <msokolov@ivan.Harhan.ORG>
parents:
diff
changeset
|
237 whole thing recursively or to find a specific file given a pathname), one needs |
343b6b2f178b
beginning of Mokopir-FFS verbal description
Michael Spacefalcon <msokolov@ivan.Harhan.ORG>
parents:
diff
changeset
|
238 to first (well, after finding the active AB block) find the root directory node. |
343b6b2f178b
beginning of Mokopir-FFS verbal description
Michael Spacefalcon <msokolov@ivan.Harhan.ORG>
parents:
diff
changeset
|
239 The root directory object is similar to other directory objects: it has a type |
343b6b2f178b
beginning of Mokopir-FFS verbal description
Michael Spacefalcon <msokolov@ivan.Harhan.ORG>
parents:
diff
changeset
|
240 of F2, and an associated chunk of 16 bytes in one of the data sectors. The |
343b6b2f178b
beginning of Mokopir-FFS verbal description
Michael Spacefalcon <msokolov@ivan.Harhan.ORG>
parents:
diff
changeset
|
241 latter contains the name of the root node: on the Pirelli it is "/", whereas on |
343b6b2f178b
beginning of Mokopir-FFS verbal description
Michael Spacefalcon <msokolov@ivan.Harhan.ORG>
parents:
diff
changeset
|
242 my GTA02 it is "/ffs-root". |
343b6b2f178b
beginning of Mokopir-FFS verbal description
Michael Spacefalcon <msokolov@ivan.Harhan.ORG>
parents:
diff
changeset
|
243 |
343b6b2f178b
beginning of Mokopir-FFS verbal description
Michael Spacefalcon <msokolov@ivan.Harhan.ORG>
parents:
diff
changeset
|
244 The astute reader should notice that it really makes no sense to store a name |
343b6b2f178b
beginning of Mokopir-FFS verbal description
Michael Spacefalcon <msokolov@ivan.Harhan.ORG>
parents:
diff
changeset
|
245 for the root node, and indeed, this name plays no part in the traversal of the |
343b6b2f178b
beginning of Mokopir-FFS verbal description
Michael Spacefalcon <msokolov@ivan.Harhan.ORG>
parents:
diff
changeset
|
246 directory tree given an absolute pathname. But instead this name, or rather |
343b6b2f178b
beginning of Mokopir-FFS verbal description
Michael Spacefalcon <msokolov@ivan.Harhan.ORG>
parents:
diff
changeset
|
247 its first character, appears to be used for the purpose of locating the root |
343b6b2f178b
beginning of Mokopir-FFS verbal description
Michael Spacefalcon <msokolov@ivan.Harhan.ORG>
parents:
diff
changeset
|
248 node itself. At first I had assumed that the index record for the root node is |
343b6b2f178b
beginning of Mokopir-FFS verbal description
Michael Spacefalcon <msokolov@ivan.Harhan.ORG>
parents:
diff
changeset
|
249 always the first record in the active index block right after the signature |
343b6b2f178b
beginning of Mokopir-FFS verbal description
Michael Spacefalcon <msokolov@ivan.Harhan.ORG>
parents:
diff
changeset
|
250 header - that is how it is in "virgin" FFS images, and also in some quite non- |
343b6b2f178b
beginning of Mokopir-FFS verbal description
Michael Spacefalcon <msokolov@ivan.Harhan.ORG>
parents:
diff
changeset
|
251 virgin ones I have pulled from my daily-use Pirelli. Naturally my first version |
343b6b2f178b
beginning of Mokopir-FFS verbal description
Michael Spacefalcon <msokolov@ivan.Harhan.ORG>
parents:
diff
changeset
|
252 of the Mokopir-FFS (then called MysteryFFS) extraction utility expected the root |
343b6b2f178b
beginning of Mokopir-FFS verbal description
Michael Spacefalcon <msokolov@ivan.Harhan.ORG>
parents:
diff
changeset
|
253 node to always be at index #1. But then I got some additional Pirelli phones, |
343b6b2f178b
beginning of Mokopir-FFS verbal description
Michael Spacefalcon <msokolov@ivan.Harhan.ORG>
parents:
diff
changeset
|
254 and discovered that in certain cases, index record #1 is a deleted object (the |
343b6b2f178b
beginning of Mokopir-FFS verbal description
Michael Spacefalcon <msokolov@ivan.Harhan.ORG>
parents:
diff
changeset
|
255 original root node which has been deleted), and the new active root node is |
343b6b2f178b
beginning of Mokopir-FFS verbal description
Michael Spacefalcon <msokolov@ivan.Harhan.ORG>
parents:
diff
changeset
|
256 somewhere in the middle of the index! |
343b6b2f178b
beginning of Mokopir-FFS verbal description
Michael Spacefalcon <msokolov@ivan.Harhan.ORG>
parents:
diff
changeset
|
257 |
343b6b2f178b
beginning of Mokopir-FFS verbal description
Michael Spacefalcon <msokolov@ivan.Harhan.ORG>
parents:
diff
changeset
|
258 Thus it appears that in order to find the active root node, one needs to scan |
343b6b2f178b
beginning of Mokopir-FFS verbal description
Michael Spacefalcon <msokolov@ivan.Harhan.ORG>
parents:
diff
changeset
|
259 the active index block linearly from the beginning (disregarding the tree |
343b6b2f178b
beginning of Mokopir-FFS verbal description
Michael Spacefalcon <msokolov@ivan.Harhan.ORG>
parents:
diff
changeset
|
260 structure pointers in this initial pass), looking for a non-deleted object of |
343b6b2f178b
beginning of Mokopir-FFS verbal description
Michael Spacefalcon <msokolov@ivan.Harhan.ORG>
parents:
diff
changeset
|
261 type F2 (a directory) whose corresponding name chunk sports a name beginning |
343b6b2f178b
beginning of Mokopir-FFS verbal description
Michael Spacefalcon <msokolov@ivan.Harhan.ORG>
parents:
diff
changeset
|
262 with the '/' character. (Anyone who's been raised in UNIX will immediately |
343b6b2f178b
beginning of Mokopir-FFS verbal description
Michael Spacefalcon <msokolov@ivan.Harhan.ORG>
parents:
diff
changeset
|
263 know that the path separator character '/' is the only character other than NUL |
343b6b2f178b
beginning of Mokopir-FFS verbal description
Michael Spacefalcon <msokolov@ivan.Harhan.ORG>
parents:
diff
changeset
|
264 that's absolutely forbidden in the individual filenames - so this special |
343b6b2f178b
beginning of Mokopir-FFS verbal description
Michael Spacefalcon <msokolov@ivan.Harhan.ORG>
parents:
diff
changeset
|
265 "root node name" is the only case of a '/' character appearing in what would |
343b6b2f178b
beginning of Mokopir-FFS verbal description
Michael Spacefalcon <msokolov@ivan.Harhan.ORG>
parents:
diff
changeset
|
266 otherwise be a regular filename.) |
343b6b2f178b
beginning of Mokopir-FFS verbal description
Michael Spacefalcon <msokolov@ivan.Harhan.ORG>
parents:
diff
changeset
|
267 |
343b6b2f178b
beginning of Mokopir-FFS verbal description
Michael Spacefalcon <msokolov@ivan.Harhan.ORG>
parents:
diff
changeset
|
268 [What causes the root node to be somewhere other than at index #1? I assume it |
343b6b2f178b
beginning of Mokopir-FFS verbal description
Michael Spacefalcon <msokolov@ivan.Harhan.ORG>
parents:
diff
changeset
|
269 has to do with the dirty space reclamation / data movement algorithm. In a |
343b6b2f178b
beginning of Mokopir-FFS verbal description
Michael Spacefalcon <msokolov@ivan.Harhan.ORG>
parents:
diff
changeset
|
270 "virgin" FFS image the very first sector is the active index block, and the |
343b6b2f178b
beginning of Mokopir-FFS verbal description
Michael Spacefalcon <msokolov@ivan.Harhan.ORG>
parents:
diff
changeset
|
271 following sector is the first to hold chunks, beginning with the name chunk of |
343b6b2f178b
beginning of Mokopir-FFS verbal description
Michael Spacefalcon <msokolov@ivan.Harhan.ORG>
parents:
diff
changeset
|
272 the root node. Now what happens if all data in that sector aside from the |
343b6b2f178b
beginning of Mokopir-FFS verbal description
Michael Spacefalcon <msokolov@ivan.Harhan.ORG>
parents:
diff
changeset
|
273 root node name and some other mostly-static directory names becomes dirty, |
343b6b2f178b
beginning of Mokopir-FFS verbal description
Michael Spacefalcon <msokolov@ivan.Harhan.ORG>
parents:
diff
changeset
|
274 i.e., belonging to deleted or overwritten files? How would that flash space |
343b6b2f178b
beginning of Mokopir-FFS verbal description
Michael Spacefalcon <msokolov@ivan.Harhan.ORG>
parents:
diff
changeset
|
275 get reclaimed? I assume that the FFS firmware algorithm moves all still-active |
343b6b2f178b
beginning of Mokopir-FFS verbal description
Michael Spacefalcon <msokolov@ivan.Harhan.ORG>
parents:
diff
changeset
|
276 chunks to a new flash sector, invalidating the old copies - turning the latter |
343b6b2f178b
beginning of Mokopir-FFS verbal description
Michael Spacefalcon <msokolov@ivan.Harhan.ORG>
parents:
diff
changeset
|
277 into deleted objects. The root node will be among them. Then at some point |
343b6b2f178b
beginning of Mokopir-FFS verbal description
Michael Spacefalcon <msokolov@ivan.Harhan.ORG>
parents:
diff
changeset
|
278 the active index block is going to fill up too, and will need to be rewritten |
343b6b2f178b
beginning of Mokopir-FFS verbal description
Michael Spacefalcon <msokolov@ivan.Harhan.ORG>
parents:
diff
changeset
|
279 into a new sector - at which point the previously-deleted index entries are |
343b6b2f178b
beginning of Mokopir-FFS verbal description
Michael Spacefalcon <msokolov@ivan.Harhan.ORG>
parents:
diff
changeset
|
280 omitted and the root node becomes #1 again...] |
28
c9f7a4afccc9
Mokopir-FFS: verbal description finished
Michael Spacefalcon <msokolov@ivan.Harhan.ORG>
parents:
27
diff
changeset
|
281 |
c9f7a4afccc9
Mokopir-FFS: verbal description finished
Michael Spacefalcon <msokolov@ivan.Harhan.ORG>
parents:
27
diff
changeset
|
282 Tree structure |
c9f7a4afccc9
Mokopir-FFS: verbal description finished
Michael Spacefalcon <msokolov@ivan.Harhan.ORG>
parents:
27
diff
changeset
|
283 |
c9f7a4afccc9
Mokopir-FFS: verbal description finished
Michael Spacefalcon <msokolov@ivan.Harhan.ORG>
parents:
27
diff
changeset
|
284 Once the root node has been found, the descendant and sibling pointers are used |
c9f7a4afccc9
Mokopir-FFS: verbal description finished
Michael Spacefalcon <msokolov@ivan.Harhan.ORG>
parents:
27
diff
changeset
|
285 to traverse the tree structure. For each directory object, including the root |
c9f7a4afccc9
Mokopir-FFS: verbal description finished
Michael Spacefalcon <msokolov@ivan.Harhan.ORG>
parents:
27
diff
changeset
|
286 node, the descendant pointer points to the first child object of this directory: |
c9f7a4afccc9
Mokopir-FFS: verbal description finished
Michael Spacefalcon <msokolov@ivan.Harhan.ORG>
parents:
27
diff
changeset
|
287 the first file or subdirectory contained therein. (Descendant and sibling |
c9f7a4afccc9
Mokopir-FFS: verbal description finished
Michael Spacefalcon <msokolov@ivan.Harhan.ORG>
parents:
27
diff
changeset
|
288 pointers take the form of index numbers in the active index block. A "nil" |
c9f7a4afccc9
Mokopir-FFS: verbal description finished
Michael Spacefalcon <msokolov@ivan.Harhan.ORG>
parents:
27
diff
changeset
|
289 pointer is indicated by all 1s (FFFF) - the usual all-0s NULL pointer convention |
c9f7a4afccc9
Mokopir-FFS: verbal description finished
Michael Spacefalcon <msokolov@ivan.Harhan.ORG>
parents:
27
diff
changeset
|
290 couldn't be used because it's flash, where the blank state is all 1s.) If the |
c9f7a4afccc9
Mokopir-FFS: verbal description finished
Michael Spacefalcon <msokolov@ivan.Harhan.ORG>
parents:
27
diff
changeset
|
291 descendant pointer of a directory object is nil, that means an empty directory. |
c9f7a4afccc9
Mokopir-FFS: verbal description finished
Michael Spacefalcon <msokolov@ivan.Harhan.ORG>
parents:
27
diff
changeset
|
292 The sibling pointer of each file or directory points to its next sibling, i.e., |
c9f7a4afccc9
Mokopir-FFS: verbal description finished
Michael Spacefalcon <msokolov@ivan.Harhan.ORG>
parents:
27
diff
changeset
|
293 the next member of the same parent directory. The sibling pointer of the root |
c9f7a4afccc9
Mokopir-FFS: verbal description finished
Michael Spacefalcon <msokolov@ivan.Harhan.ORG>
parents:
27
diff
changeset
|
294 node is nil. |
c9f7a4afccc9
Mokopir-FFS: verbal description finished
Michael Spacefalcon <msokolov@ivan.Harhan.ORG>
parents:
27
diff
changeset
|
295 |
c9f7a4afccc9
Mokopir-FFS: verbal description finished
Michael Spacefalcon <msokolov@ivan.Harhan.ORG>
parents:
27
diff
changeset
|
296 Data content of files |
c9f7a4afccc9
Mokopir-FFS: verbal description finished
Michael Spacefalcon <msokolov@ivan.Harhan.ORG>
parents:
27
diff
changeset
|
297 |
c9f7a4afccc9
Mokopir-FFS: verbal description finished
Michael Spacefalcon <msokolov@ivan.Harhan.ORG>
parents:
27
diff
changeset
|
298 Objects of type F1 are the head chunks of files. Each file has a head chunk, |
c9f7a4afccc9
Mokopir-FFS: verbal description finished
Michael Spacefalcon <msokolov@ivan.Harhan.ORG>
parents:
27
diff
changeset
|
299 and may or may not have continuation chunks. More precisely, the head chunk |
c9f7a4afccc9
Mokopir-FFS: verbal description finished
Michael Spacefalcon <msokolov@ivan.Harhan.ORG>
parents:
27
diff
changeset
|
300 may contain only the name (or viewed alternatively, 0 bytes of data), or it may |
c9f7a4afccc9
Mokopir-FFS: verbal description finished
Michael Spacefalcon <msokolov@ivan.Harhan.ORG>
parents:
27
diff
changeset
|
301 contain a nonzero number of payload bytes; orthogonally to this variability, |
c9f7a4afccc9
Mokopir-FFS: verbal description finished
Michael Spacefalcon <msokolov@ivan.Harhan.ORG>
parents:
27
diff
changeset
|
302 there may or may not be continuation chunk(s) present. |
c9f7a4afccc9
Mokopir-FFS: verbal description finished
Michael Spacefalcon <msokolov@ivan.Harhan.ORG>
parents:
27
diff
changeset
|
303 |
c9f7a4afccc9
Mokopir-FFS: verbal description finished
Michael Spacefalcon <msokolov@ivan.Harhan.ORG>
parents:
27
diff
changeset
|
304 Continuation chunks |
c9f7a4afccc9
Mokopir-FFS: verbal description finished
Michael Spacefalcon <msokolov@ivan.Harhan.ORG>
parents:
27
diff
changeset
|
305 |
c9f7a4afccc9
Mokopir-FFS: verbal description finished
Michael Spacefalcon <msokolov@ivan.Harhan.ORG>
parents:
27
diff
changeset
|
306 The descendant pointer of each file head object (the object of type F1, the one |
c9f7a4afccc9
Mokopir-FFS: verbal description finished
Michael Spacefalcon <msokolov@ivan.Harhan.ORG>
parents:
27
diff
changeset
|
307 reached by traversing the directory tree) indicates whether or not there are |
c9f7a4afccc9
Mokopir-FFS: verbal description finished
Michael Spacefalcon <msokolov@ivan.Harhan.ORG>
parents:
27
diff
changeset
|
308 any continuation chunks present. If this descendant pointer is nil, there are |
c9f7a4afccc9
Mokopir-FFS: verbal description finished
Michael Spacefalcon <msokolov@ivan.Harhan.ORG>
parents:
27
diff
changeset
|
309 no continuation chunks; otherwise it points to the first continuation chunk |
c9f7a4afccc9
Mokopir-FFS: verbal description finished
Michael Spacefalcon <msokolov@ivan.Harhan.ORG>
parents:
27
diff
changeset
|
310 object. File continuation objects have type F4, don't have any siblings (the |
c9f7a4afccc9
Mokopir-FFS: verbal description finished
Michael Spacefalcon <msokolov@ivan.Harhan.ORG>
parents:
27
diff
changeset
|
311 sibling pointer is nil), and the descendant pointer of each continuation object |
c9f7a4afccc9
Mokopir-FFS: verbal description finished
Michael Spacefalcon <msokolov@ivan.Harhan.ORG>
parents:
27
diff
changeset
|
312 points to the next continuation object, if there is one - nil otherwise. |
c9f7a4afccc9
Mokopir-FFS: verbal description finished
Michael Spacefalcon <msokolov@ivan.Harhan.ORG>
parents:
27
diff
changeset
|
313 |
c9f7a4afccc9
Mokopir-FFS: verbal description finished
Michael Spacefalcon <msokolov@ivan.Harhan.ORG>
parents:
27
diff
changeset
|
314 Payload data delineation |
c9f7a4afccc9
Mokopir-FFS: verbal description finished
Michael Spacefalcon <msokolov@ivan.Harhan.ORG>
parents:
27
diff
changeset
|
315 |
c9f7a4afccc9
Mokopir-FFS: verbal description finished
Michael Spacefalcon <msokolov@ivan.Harhan.ORG>
parents:
27
diff
changeset
|
316 Each chunk, whether head or continuation, always has a length that is a nonzero |
c9f7a4afccc9
Mokopir-FFS: verbal description finished
Michael Spacefalcon <msokolov@ivan.Harhan.ORG>
parents:
27
diff
changeset
|
317 multiple of 16 bytes. The length of the chunk here means the amount of flash |
c9f7a4afccc9
Mokopir-FFS: verbal description finished
Michael Spacefalcon <msokolov@ivan.Harhan.ORG>
parents:
27
diff
changeset
|
318 space it occupies in its data sector - which is NOT equal to the payload data |
c9f7a4afccc9
Mokopir-FFS: verbal description finished
Michael Spacefalcon <msokolov@ivan.Harhan.ORG>
parents:
27
diff
changeset
|
319 length. |
c9f7a4afccc9
Mokopir-FFS: verbal description finished
Michael Spacefalcon <msokolov@ivan.Harhan.ORG>
parents:
27
diff
changeset
|
320 |
c9f7a4afccc9
Mokopir-FFS: verbal description finished
Michael Spacefalcon <msokolov@ivan.Harhan.ORG>
parents:
27
diff
changeset
|
321 The head chunk of each file begins with the filename, terminated by a NUL byte. |
c9f7a4afccc9
Mokopir-FFS: verbal description finished
Michael Spacefalcon <msokolov@ivan.Harhan.ORG>
parents:
27
diff
changeset
|
322 If there are any payload data bytes present in this head chunk (I'll explain |
c9f7a4afccc9
Mokopir-FFS: verbal description finished
Michael Spacefalcon <msokolov@ivan.Harhan.ORG>
parents:
27
diff
changeset
|
323 momentarily how you would tell), the byte immediately after the NUL that |
c9f7a4afccc9
Mokopir-FFS: verbal description finished
Michael Spacefalcon <msokolov@ivan.Harhan.ORG>
parents:
27
diff
changeset
|
324 terminates the filename is the first byte of the payload. In the case of a |
c9f7a4afccc9
Mokopir-FFS: verbal description finished
Michael Spacefalcon <msokolov@ivan.Harhan.ORG>
parents:
27
diff
changeset
|
325 continuation chunk, there is no filename and the first byte of the chunk is the |
c9f7a4afccc9
Mokopir-FFS: verbal description finished
Michael Spacefalcon <msokolov@ivan.Harhan.ORG>
parents:
27
diff
changeset
|
326 first byte of that chunk's portion of the user data payload. |
c9f7a4afccc9
Mokopir-FFS: verbal description finished
Michael Spacefalcon <msokolov@ivan.Harhan.ORG>
parents:
27
diff
changeset
|
327 |
c9f7a4afccc9
Mokopir-FFS: verbal description finished
Michael Spacefalcon <msokolov@ivan.Harhan.ORG>
parents:
27
diff
changeset
|
328 Each data-containing chunk (head or continuation) has the following termination |
c9f7a4afccc9
Mokopir-FFS: verbal description finished
Michael Spacefalcon <msokolov@ivan.Harhan.ORG>
parents:
27
diff
changeset
|
329 after the last byte of that chunk's payload data: one byte of 00, followed by |
c9f7a4afccc9
Mokopir-FFS: verbal description finished
Michael Spacefalcon <msokolov@ivan.Harhan.ORG>
parents:
27
diff
changeset
|
330 however many bytes are needed ([0,15] range) of FFs to pad to a 16-byte |
c9f7a4afccc9
Mokopir-FFS: verbal description finished
Michael Spacefalcon <msokolov@ivan.Harhan.ORG>
parents:
27
diff
changeset
|
331 boundary. A file head chunk that has no payload data has the same format as a |
c9f7a4afccc9
Mokopir-FFS: verbal description finished
Michael Spacefalcon <msokolov@ivan.Harhan.ORG>
parents:
27
diff
changeset
|
332 directory name chunk: filename followed by its terminating NUL followed by |
c9f7a4afccc9
Mokopir-FFS: verbal description finished
Michael Spacefalcon <msokolov@ivan.Harhan.ORG>
parents:
27
diff
changeset
|
333 [0,15] bytes of FFs to pad to the next 16-byte boundary. |
c9f7a4afccc9
Mokopir-FFS: verbal description finished
Michael Spacefalcon <msokolov@ivan.Harhan.ORG>
parents:
27
diff
changeset
|
334 |
c9f7a4afccc9
Mokopir-FFS: verbal description finished
Michael Spacefalcon <msokolov@ivan.Harhan.ORG>
parents:
27
diff
changeset
|
335 When working with a head chunk, find the beginning of possible payload data (1 |
c9f7a4afccc9
Mokopir-FFS: verbal description finished
Michael Spacefalcon <msokolov@ivan.Harhan.ORG>
parents:
27
diff
changeset
|
336 byte after the filename terminating NUL) and find the end per the standard |
c9f7a4afccc9
Mokopir-FFS: verbal description finished
Michael Spacefalcon <msokolov@ivan.Harhan.ORG>
parents:
27
diff
changeset
|
337 termination logic: scanning from the end of the chunk, skip FFs until 00 is |
c9f7a4afccc9
Mokopir-FFS: verbal description finished
Michael Spacefalcon <msokolov@ivan.Harhan.ORG>
parents:
27
diff
changeset
|
338 found (encountering anything else is an error). If the head chunk has no data, |
c9f7a4afccc9
Mokopir-FFS: verbal description finished
Michael Spacefalcon <msokolov@ivan.Harhan.ORG>
parents:
27
diff
changeset
|
339 the effective data length (end_pointer - start_pointer) will be 0 or -1. (The |
c9f7a4afccc9
Mokopir-FFS: verbal description finished
Michael Spacefalcon <msokolov@ivan.Harhan.ORG>
parents:
27
diff
changeset
|
340 latter possibility is the most likely, as there will normally be a "shared" 00 |
c9f7a4afccc9
Mokopir-FFS: verbal description finished
Michael Spacefalcon <msokolov@ivan.Harhan.ORG>
parents:
27
diff
changeset
|
341 byte, serving as both the filename terminator and the 00 before the padding |
c9f7a4afccc9
Mokopir-FFS: verbal description finished
Michael Spacefalcon <msokolov@ivan.Harhan.ORG>
parents:
27
diff
changeset
|
342 FF bytes.) |
c9f7a4afccc9
Mokopir-FFS: verbal description finished
Michael Spacefalcon <msokolov@ivan.Harhan.ORG>
parents:
27
diff
changeset
|
343 |
c9f7a4afccc9
Mokopir-FFS: verbal description finished
Michael Spacefalcon <msokolov@ivan.Harhan.ORG>
parents:
27
diff
changeset
|
344 ------------------------------------------------------------------------------- |
c9f7a4afccc9
Mokopir-FFS: verbal description finished
Michael Spacefalcon <msokolov@ivan.Harhan.ORG>
parents:
27
diff
changeset
|
345 |
c9f7a4afccc9
Mokopir-FFS: verbal description finished
Michael Spacefalcon <msokolov@ivan.Harhan.ORG>
parents:
27
diff
changeset
|
346 That's all I can think of right now. If anything is unclear, see the |
c9f7a4afccc9
Mokopir-FFS: verbal description finished
Michael Spacefalcon <msokolov@ivan.Harhan.ORG>
parents:
27
diff
changeset
|
347 accompanying source code for the listing/extraction utilities: with the general |
c9f7a4afccc9
Mokopir-FFS: verbal description finished
Michael Spacefalcon <msokolov@ivan.Harhan.ORG>
parents:
27
diff
changeset
|
348 explanation given by this document, it should be clear what my code does and |
c9f7a4afccc9
Mokopir-FFS: verbal description finished
Michael Spacefalcon <msokolov@ivan.Harhan.ORG>
parents:
27
diff
changeset
|
349 why. And if a given piece of knowledge is found neither in this document nor |
c9f7a4afccc9
Mokopir-FFS: verbal description finished
Michael Spacefalcon <msokolov@ivan.Harhan.ORG>
parents:
27
diff
changeset
|
350 in my source code, then I don't know it myself either, and my read-only |
c9f7a4afccc9
Mokopir-FFS: verbal description finished
Michael Spacefalcon <msokolov@ivan.Harhan.ORG>
parents:
27
diff
changeset
|
351 Mokopir-FFS implementation makes do without it. |
c9f7a4afccc9
Mokopir-FFS: verbal description finished
Michael Spacefalcon <msokolov@ivan.Harhan.ORG>
parents:
27
diff
changeset
|
352 |
c9f7a4afccc9
Mokopir-FFS: verbal description finished
Michael Spacefalcon <msokolov@ivan.Harhan.ORG>
parents:
27
diff
changeset
|
353 All knowledge contained herein has been recovered by reverse engineering. |
c9f7a4afccc9
Mokopir-FFS: verbal description finished
Michael Spacefalcon <msokolov@ivan.Harhan.ORG>
parents:
27
diff
changeset
|
354 Believe it or not, I have figured it out by staring at the hex dump of FFS |
c9f7a4afccc9
Mokopir-FFS: verbal description finished
Michael Spacefalcon <msokolov@ivan.Harhan.ORG>
parents:
27
diff
changeset
|
355 sectors, reasoning about how one could possibly implement an FFS given the |
c9f7a4afccc9
Mokopir-FFS: verbal description finished
Michael Spacefalcon <msokolov@ivan.Harhan.ORG>
parents:
27
diff
changeset
|
356 requirement of dynamic writability and the physical constraints of flash memory, |
c9f7a4afccc9
Mokopir-FFS: verbal description finished
Michael Spacefalcon <msokolov@ivan.Harhan.ORG>
parents:
27
diff
changeset
|
357 and writing listing/extraction test code iteratively until I got something that |
c9f7a4afccc9
Mokopir-FFS: verbal description finished
Michael Spacefalcon <msokolov@ivan.Harhan.ORG>
parents:
27
diff
changeset
|
358 appears to correctly parse all FFS images available to me - the result is the |
c9f7a4afccc9
Mokopir-FFS: verbal description finished
Michael Spacefalcon <msokolov@ivan.Harhan.ORG>
parents:
27
diff
changeset
|
359 code in this package. |
c9f7a4afccc9
Mokopir-FFS: verbal description finished
Michael Spacefalcon <msokolov@ivan.Harhan.ORG>
parents:
27
diff
changeset
|
360 |
c9f7a4afccc9
Mokopir-FFS: verbal description finished
Michael Spacefalcon <msokolov@ivan.Harhan.ORG>
parents:
27
diff
changeset
|
361 I never got as far as attempting to locate the FFS implementation routines |
c9f7a4afccc9
Mokopir-FFS: verbal description finished
Michael Spacefalcon <msokolov@ivan.Harhan.ORG>
parents:
27
diff
changeset
|
362 within the proprietary firmware binary code images, and I most certainly don't |
c9f7a4afccc9
Mokopir-FFS: verbal description finished
Michael Spacefalcon <msokolov@ivan.Harhan.ORG>
parents:
27
diff
changeset
|
363 have anything from TI that would help in this case. (The TSM30 code doesn't |
c9f7a4afccc9
Mokopir-FFS: verbal description finished
Michael Spacefalcon <msokolov@ivan.Harhan.ORG>
parents:
27
diff
changeset
|
364 seem to be of any use as its FFS appears to be totally different, and I haven't |
c9f7a4afccc9
Mokopir-FFS: verbal description finished
Michael Spacefalcon <msokolov@ivan.Harhan.ORG>
parents:
27
diff
changeset
|
365 looked at the FFS code in the more recently found LoCosto code leak because I |
c9f7a4afccc9
Mokopir-FFS: verbal description finished
Michael Spacefalcon <msokolov@ivan.Harhan.ORG>
parents:
27
diff
changeset
|
366 assumed from the documentation in the latter that the FFS implemented there is |
c9f7a4afccc9
Mokopir-FFS: verbal description finished
Michael Spacefalcon <msokolov@ivan.Harhan.ORG>
parents:
27
diff
changeset
|
367 different as well.) |
c9f7a4afccc9
Mokopir-FFS: verbal description finished
Michael Spacefalcon <msokolov@ivan.Harhan.ORG>
parents:
27
diff
changeset
|
368 |
c9f7a4afccc9
Mokopir-FFS: verbal description finished
Michael Spacefalcon <msokolov@ivan.Harhan.ORG>
parents:
27
diff
changeset
|
369 Michael Spacefalcon |
c9f7a4afccc9
Mokopir-FFS: verbal description finished
Michael Spacefalcon <msokolov@ivan.Harhan.ORG>
parents:
27
diff
changeset
|
370 SE 52 Mes 11 |