FreeCalypso > hg > freecalypso-sw
annotate rvinterf/lowlevel/tfc139.c @ 923:10b4bed10192
gsm-fw/L1: fix for the DSP patch corruption bug
The L1 code we got from the LoCosto fw contains a feature for DSP CPU load
measurement. This feature is a LoCosto-ism, i.e., not applicable to earlier
DBB chips (Calypso) with their respective earlier DSP ROMs. Most of the
code dealing with that feature is conditionalized as #if (DSP >= 38),
but one spot was missed, and the MCU code was writing into an API word
dealing with this feature. In TCS211 this DSP API word happens to be
used by the DSP code patch, hence that write was corrupting the patched
DSP code.
| author | Mychaela Falconia <falcon@ivan.Harhan.ORG> |
|---|---|
| date | Mon, 19 Oct 2015 17:13:56 +0000 |
| parents | 15e69d31c96f |
| children | 0d7cc054ef72 |
| rev | line source |
|---|---|
|
359
144b5d222de8
tfc139 hack utility started, compiles
Michael Spacefalcon <msokolov@ivan.Harhan.ORG>
parents:
diff
changeset
|
1 /* |
|
144b5d222de8
tfc139 hack utility started, compiles
Michael Spacefalcon <msokolov@ivan.Harhan.ORG>
parents:
diff
changeset
|
2 * This program is a contender for the title of the ugliest hack |
|
144b5d222de8
tfc139 hack utility started, compiles
Michael Spacefalcon <msokolov@ivan.Harhan.ORG>
parents:
diff
changeset
|
3 * in the FreeCalypso project. It will attempt to break into a |
|
144b5d222de8
tfc139 hack utility started, compiles
Michael Spacefalcon <msokolov@ivan.Harhan.ORG>
parents:
diff
changeset
|
4 * locked-down TracFone C139 by mimicking the actions of the |
|
144b5d222de8
tfc139 hack utility started, compiles
Michael Spacefalcon <msokolov@ivan.Harhan.ORG>
parents:
diff
changeset
|
5 * mot931c.exe TF "unlocker". |
|
144b5d222de8
tfc139 hack utility started, compiles
Michael Spacefalcon <msokolov@ivan.Harhan.ORG>
parents:
diff
changeset
|
6 */ |
|
144b5d222de8
tfc139 hack utility started, compiles
Michael Spacefalcon <msokolov@ivan.Harhan.ORG>
parents:
diff
changeset
|
7 |
|
144b5d222de8
tfc139 hack utility started, compiles
Michael Spacefalcon <msokolov@ivan.Harhan.ORG>
parents:
diff
changeset
|
8 #include <sys/types.h> |
|
144b5d222de8
tfc139 hack utility started, compiles
Michael Spacefalcon <msokolov@ivan.Harhan.ORG>
parents:
diff
changeset
|
9 #include <sys/errno.h> |
|
144b5d222de8
tfc139 hack utility started, compiles
Michael Spacefalcon <msokolov@ivan.Harhan.ORG>
parents:
diff
changeset
|
10 #include <stdio.h> |
|
144b5d222de8
tfc139 hack utility started, compiles
Michael Spacefalcon <msokolov@ivan.Harhan.ORG>
parents:
diff
changeset
|
11 #include <string.h> |
|
144b5d222de8
tfc139 hack utility started, compiles
Michael Spacefalcon <msokolov@ivan.Harhan.ORG>
parents:
diff
changeset
|
12 #include <strings.h> |
|
144b5d222de8
tfc139 hack utility started, compiles
Michael Spacefalcon <msokolov@ivan.Harhan.ORG>
parents:
diff
changeset
|
13 #include <stdlib.h> |
|
144b5d222de8
tfc139 hack utility started, compiles
Michael Spacefalcon <msokolov@ivan.Harhan.ORG>
parents:
diff
changeset
|
14 #include <unistd.h> |
|
144b5d222de8
tfc139 hack utility started, compiles
Michael Spacefalcon <msokolov@ivan.Harhan.ORG>
parents:
diff
changeset
|
15 #include <time.h> |
|
144b5d222de8
tfc139 hack utility started, compiles
Michael Spacefalcon <msokolov@ivan.Harhan.ORG>
parents:
diff
changeset
|
16 #include "../include/pktmux.h" |
|
144b5d222de8
tfc139 hack utility started, compiles
Michael Spacefalcon <msokolov@ivan.Harhan.ORG>
parents:
diff
changeset
|
17 #include "../include/limits.h" |
|
144b5d222de8
tfc139 hack utility started, compiles
Michael Spacefalcon <msokolov@ivan.Harhan.ORG>
parents:
diff
changeset
|
18 |
|
144b5d222de8
tfc139 hack utility started, compiles
Michael Spacefalcon <msokolov@ivan.Harhan.ORG>
parents:
diff
changeset
|
19 extern int target_fd; |
|
144b5d222de8
tfc139 hack utility started, compiles
Michael Spacefalcon <msokolov@ivan.Harhan.ORG>
parents:
diff
changeset
|
20 extern char *baudrate_name; |
|
144b5d222de8
tfc139 hack utility started, compiles
Michael Spacefalcon <msokolov@ivan.Harhan.ORG>
parents:
diff
changeset
|
21 |
|
144b5d222de8
tfc139 hack utility started, compiles
Michael Spacefalcon <msokolov@ivan.Harhan.ORG>
parents:
diff
changeset
|
22 extern u_char rxpkt[]; |
|
144b5d222de8
tfc139 hack utility started, compiles
Michael Spacefalcon <msokolov@ivan.Harhan.ORG>
parents:
diff
changeset
|
23 extern size_t rxpkt_len; |
|
144b5d222de8
tfc139 hack utility started, compiles
Michael Spacefalcon <msokolov@ivan.Harhan.ORG>
parents:
diff
changeset
|
24 |
|
144b5d222de8
tfc139 hack utility started, compiles
Michael Spacefalcon <msokolov@ivan.Harhan.ORG>
parents:
diff
changeset
|
25 char *logfname; |
|
144b5d222de8
tfc139 hack utility started, compiles
Michael Spacefalcon <msokolov@ivan.Harhan.ORG>
parents:
diff
changeset
|
26 FILE *logF; |
|
144b5d222de8
tfc139 hack utility started, compiles
Michael Spacefalcon <msokolov@ivan.Harhan.ORG>
parents:
diff
changeset
|
27 time_t logtime; |
|
144b5d222de8
tfc139 hack utility started, compiles
Michael Spacefalcon <msokolov@ivan.Harhan.ORG>
parents:
diff
changeset
|
28 int no_output; /* for output.c */ |
|
144b5d222de8
tfc139 hack utility started, compiles
Michael Spacefalcon <msokolov@ivan.Harhan.ORG>
parents:
diff
changeset
|
29 |
|
144b5d222de8
tfc139 hack utility started, compiles
Michael Spacefalcon <msokolov@ivan.Harhan.ORG>
parents:
diff
changeset
|
30 int wakeup_after_sec = 7; |
|
144b5d222de8
tfc139 hack utility started, compiles
Michael Spacefalcon <msokolov@ivan.Harhan.ORG>
parents:
diff
changeset
|
31 |
|
144b5d222de8
tfc139 hack utility started, compiles
Michael Spacefalcon <msokolov@ivan.Harhan.ORG>
parents:
diff
changeset
|
32 /* see ../../target-utils/tf-breakin/payload.S for the source */ |
|
144b5d222de8
tfc139 hack utility started, compiles
Michael Spacefalcon <msokolov@ivan.Harhan.ORG>
parents:
diff
changeset
|
33 static u_char iram_payload[112] = { |
|
144b5d222de8
tfc139 hack utility started, compiles
Michael Spacefalcon <msokolov@ivan.Harhan.ORG>
parents:
diff
changeset
|
34 0xD3, 0xF0, 0x21, 0xE3, 0x58, 0x10, 0x9F, 0xE5, |
|
144b5d222de8
tfc139 hack utility started, compiles
Michael Spacefalcon <msokolov@ivan.Harhan.ORG>
parents:
diff
changeset
|
35 0xF5, 0x00, 0xA0, 0xE3, 0xB2, 0x00, 0xC1, 0xE1, |
|
144b5d222de8
tfc139 hack utility started, compiles
Michael Spacefalcon <msokolov@ivan.Harhan.ORG>
parents:
diff
changeset
|
36 0xA0, 0x00, 0xA0, 0xE3, 0xB2, 0x00, 0xC1, 0xE1, |
|
144b5d222de8
tfc139 hack utility started, compiles
Michael Spacefalcon <msokolov@ivan.Harhan.ORG>
parents:
diff
changeset
|
37 0x48, 0x60, 0x9F, 0xE5, 0x05, 0x00, 0xD6, 0xE5, |
|
144b5d222de8
tfc139 hack utility started, compiles
Michael Spacefalcon <msokolov@ivan.Harhan.ORG>
parents:
diff
changeset
|
38 0x20, 0x00, 0x10, 0xE3, 0xFC, 0xFF, 0xFF, 0x0A, |
|
144b5d222de8
tfc139 hack utility started, compiles
Michael Spacefalcon <msokolov@ivan.Harhan.ORG>
parents:
diff
changeset
|
39 0x2C, 0x10, 0x8F, 0xE2, 0x06, 0x20, 0xA0, 0xE3, |
|
144b5d222de8
tfc139 hack utility started, compiles
Michael Spacefalcon <msokolov@ivan.Harhan.ORG>
parents:
diff
changeset
|
40 0x01, 0x00, 0xD1, 0xE4, 0x00, 0x00, 0xC6, 0xE5, |
|
144b5d222de8
tfc139 hack utility started, compiles
Michael Spacefalcon <msokolov@ivan.Harhan.ORG>
parents:
diff
changeset
|
41 0x01, 0x20, 0x52, 0xE2, 0xFB, 0xFF, 0xFF, 0x1A, |
|
144b5d222de8
tfc139 hack utility started, compiles
Michael Spacefalcon <msokolov@ivan.Harhan.ORG>
parents:
diff
changeset
|
42 0x05, 0x00, 0xD6, 0xE5, 0x40, 0x00, 0x10, 0xE3, |
|
144b5d222de8
tfc139 hack utility started, compiles
Michael Spacefalcon <msokolov@ivan.Harhan.ORG>
parents:
diff
changeset
|
43 0xFC, 0xFF, 0xFF, 0x0A, 0x18, 0x10, 0x9F, 0xE5, |
|
144b5d222de8
tfc139 hack utility started, compiles
Michael Spacefalcon <msokolov@ivan.Harhan.ORG>
parents:
diff
changeset
|
44 0x01, 0x2C, 0xA0, 0xE3, 0xB0, 0x20, 0xC1, 0xE1, |
|
144b5d222de8
tfc139 hack utility started, compiles
Michael Spacefalcon <msokolov@ivan.Harhan.ORG>
parents:
diff
changeset
|
45 0x00, 0xF0, 0xA0, 0xE3, 0x02, 0x02, 0x02, 0x4F, |
|
144b5d222de8
tfc139 hack utility started, compiles
Michael Spacefalcon <msokolov@ivan.Harhan.ORG>
parents:
diff
changeset
|
46 0x4B, 0x02, 0x00, 0x00, 0x02, 0xF8, 0xFF, 0xFF, |
|
144b5d222de8
tfc139 hack utility started, compiles
Michael Spacefalcon <msokolov@ivan.Harhan.ORG>
parents:
diff
changeset
|
47 0x00, 0x58, 0xFF, 0xFF, 0x10, 0xFB, 0xFF, 0xFF |
|
144b5d222de8
tfc139 hack utility started, compiles
Michael Spacefalcon <msokolov@ivan.Harhan.ORG>
parents:
diff
changeset
|
48 }; |
|
144b5d222de8
tfc139 hack utility started, compiles
Michael Spacefalcon <msokolov@ivan.Harhan.ORG>
parents:
diff
changeset
|
49 |
|
144b5d222de8
tfc139 hack utility started, compiles
Michael Spacefalcon <msokolov@ivan.Harhan.ORG>
parents:
diff
changeset
|
50 static unsigned iram_load_addr = 0x800000; |
|
144b5d222de8
tfc139 hack utility started, compiles
Michael Spacefalcon <msokolov@ivan.Harhan.ORG>
parents:
diff
changeset
|
51 static unsigned stack_smash_addr = 0x837C54; |
|
144b5d222de8
tfc139 hack utility started, compiles
Michael Spacefalcon <msokolov@ivan.Harhan.ORG>
parents:
diff
changeset
|
52 |
|
360
f9d78057d766
tfc139 hack works!
Michael Spacefalcon <msokolov@ivan.Harhan.ORG>
parents:
359
diff
changeset
|
53 static u_char stack_smash_payload[4]; |
|
f9d78057d766
tfc139 hack works!
Michael Spacefalcon <msokolov@ivan.Harhan.ORG>
parents:
359
diff
changeset
|
54 |
|
418
a9bf3e92a30c
tfc139: clean exit on success
Michael Spacefalcon <msokolov@ivan.Harhan.ORG>
parents:
361
diff
changeset
|
55 static char *target_tty_port; |
|
a9bf3e92a30c
tfc139: clean exit on success
Michael Spacefalcon <msokolov@ivan.Harhan.ORG>
parents:
361
diff
changeset
|
56 |
|
359
144b5d222de8
tfc139 hack utility started, compiles
Michael Spacefalcon <msokolov@ivan.Harhan.ORG>
parents:
diff
changeset
|
57 static void |
|
144b5d222de8
tfc139 hack utility started, compiles
Michael Spacefalcon <msokolov@ivan.Harhan.ORG>
parents:
diff
changeset
|
58 send_compal_memwrite(addr, payload, payload_len) |
|
144b5d222de8
tfc139 hack utility started, compiles
Michael Spacefalcon <msokolov@ivan.Harhan.ORG>
parents:
diff
changeset
|
59 unsigned addr; |
|
144b5d222de8
tfc139 hack utility started, compiles
Michael Spacefalcon <msokolov@ivan.Harhan.ORG>
parents:
diff
changeset
|
60 u_char *payload; |
|
144b5d222de8
tfc139 hack utility started, compiles
Michael Spacefalcon <msokolov@ivan.Harhan.ORG>
parents:
diff
changeset
|
61 { |
|
144b5d222de8
tfc139 hack utility started, compiles
Michael Spacefalcon <msokolov@ivan.Harhan.ORG>
parents:
diff
changeset
|
62 u_char pkt[MAX_PKT_TO_TARGET]; |
|
144b5d222de8
tfc139 hack utility started, compiles
Michael Spacefalcon <msokolov@ivan.Harhan.ORG>
parents:
diff
changeset
|
63 int i, csum, csum_offset; |
|
144b5d222de8
tfc139 hack utility started, compiles
Michael Spacefalcon <msokolov@ivan.Harhan.ORG>
parents:
diff
changeset
|
64 |
|
144b5d222de8
tfc139 hack utility started, compiles
Michael Spacefalcon <msokolov@ivan.Harhan.ORG>
parents:
diff
changeset
|
65 pkt[0] = RVT_TM_HEADER; |
|
144b5d222de8
tfc139 hack utility started, compiles
Michael Spacefalcon <msokolov@ivan.Harhan.ORG>
parents:
diff
changeset
|
66 pkt[1] = 0x40; /* Compal's non-standard addition */ |
|
144b5d222de8
tfc139 hack utility started, compiles
Michael Spacefalcon <msokolov@ivan.Harhan.ORG>
parents:
diff
changeset
|
67 pkt[2] = addr; |
|
144b5d222de8
tfc139 hack utility started, compiles
Michael Spacefalcon <msokolov@ivan.Harhan.ORG>
parents:
diff
changeset
|
68 pkt[3] = addr >> 8; |
|
144b5d222de8
tfc139 hack utility started, compiles
Michael Spacefalcon <msokolov@ivan.Harhan.ORG>
parents:
diff
changeset
|
69 pkt[4] = addr >> 16; |
|
144b5d222de8
tfc139 hack utility started, compiles
Michael Spacefalcon <msokolov@ivan.Harhan.ORG>
parents:
diff
changeset
|
70 pkt[5] = addr >> 24; |
|
144b5d222de8
tfc139 hack utility started, compiles
Michael Spacefalcon <msokolov@ivan.Harhan.ORG>
parents:
diff
changeset
|
71 bcopy(payload, pkt + 6, payload_len); |
|
144b5d222de8
tfc139 hack utility started, compiles
Michael Spacefalcon <msokolov@ivan.Harhan.ORG>
parents:
diff
changeset
|
72 csum_offset = payload_len + 6; |
|
144b5d222de8
tfc139 hack utility started, compiles
Michael Spacefalcon <msokolov@ivan.Harhan.ORG>
parents:
diff
changeset
|
73 csum = 0; |
|
144b5d222de8
tfc139 hack utility started, compiles
Michael Spacefalcon <msokolov@ivan.Harhan.ORG>
parents:
diff
changeset
|
74 for (i = 1; i < csum_offset; i++) |
|
144b5d222de8
tfc139 hack utility started, compiles
Michael Spacefalcon <msokolov@ivan.Harhan.ORG>
parents:
diff
changeset
|
75 csum ^= pkt[i]; |
|
144b5d222de8
tfc139 hack utility started, compiles
Michael Spacefalcon <msokolov@ivan.Harhan.ORG>
parents:
diff
changeset
|
76 pkt[i] = csum; |
|
144b5d222de8
tfc139 hack utility started, compiles
Michael Spacefalcon <msokolov@ivan.Harhan.ORG>
parents:
diff
changeset
|
77 send_pkt_to_target(pkt, i + 1); |
|
144b5d222de8
tfc139 hack utility started, compiles
Michael Spacefalcon <msokolov@ivan.Harhan.ORG>
parents:
diff
changeset
|
78 } |
|
144b5d222de8
tfc139 hack utility started, compiles
Michael Spacefalcon <msokolov@ivan.Harhan.ORG>
parents:
diff
changeset
|
79 |
|
144b5d222de8
tfc139 hack utility started, compiles
Michael Spacefalcon <msokolov@ivan.Harhan.ORG>
parents:
diff
changeset
|
80 main(argc, argv) |
|
144b5d222de8
tfc139 hack utility started, compiles
Michael Spacefalcon <msokolov@ivan.Harhan.ORG>
parents:
diff
changeset
|
81 char **argv; |
|
144b5d222de8
tfc139 hack utility started, compiles
Michael Spacefalcon <msokolov@ivan.Harhan.ORG>
parents:
diff
changeset
|
82 { |
|
144b5d222de8
tfc139 hack utility started, compiles
Michael Spacefalcon <msokolov@ivan.Harhan.ORG>
parents:
diff
changeset
|
83 extern char *optarg; |
|
144b5d222de8
tfc139 hack utility started, compiles
Michael Spacefalcon <msokolov@ivan.Harhan.ORG>
parents:
diff
changeset
|
84 extern int optind; |
|
144b5d222de8
tfc139 hack utility started, compiles
Michael Spacefalcon <msokolov@ivan.Harhan.ORG>
parents:
diff
changeset
|
85 int c; |
|
144b5d222de8
tfc139 hack utility started, compiles
Michael Spacefalcon <msokolov@ivan.Harhan.ORG>
parents:
diff
changeset
|
86 fd_set fds; |
|
144b5d222de8
tfc139 hack utility started, compiles
Michael Spacefalcon <msokolov@ivan.Harhan.ORG>
parents:
diff
changeset
|
87 |
|
432
15e69d31c96f
tfc139: allow -B option just like rvtdump and rvinterf
Michael Spacefalcon <msokolov@ivan.Harhan.ORG>
parents:
419
diff
changeset
|
88 baudrate_name = "57600"; /* what C139 firmware uses */ |
|
15e69d31c96f
tfc139: allow -B option just like rvtdump and rvinterf
Michael Spacefalcon <msokolov@ivan.Harhan.ORG>
parents:
419
diff
changeset
|
89 while ((c = getopt(argc, argv, "a:B:l:s:w:")) != EOF) |
|
359
144b5d222de8
tfc139 hack utility started, compiles
Michael Spacefalcon <msokolov@ivan.Harhan.ORG>
parents:
diff
changeset
|
90 switch (c) { |
|
419
3a46728e054b
tfc139: -a and -s options to override IRAM payload and stack smash addresses
Michael Spacefalcon <msokolov@ivan.Harhan.ORG>
parents:
418
diff
changeset
|
91 case 'a': |
|
3a46728e054b
tfc139: -a and -s options to override IRAM payload and stack smash addresses
Michael Spacefalcon <msokolov@ivan.Harhan.ORG>
parents:
418
diff
changeset
|
92 iram_load_addr = strtoul(optarg, 0, 16); |
|
3a46728e054b
tfc139: -a and -s options to override IRAM payload and stack smash addresses
Michael Spacefalcon <msokolov@ivan.Harhan.ORG>
parents:
418
diff
changeset
|
93 continue; |
|
432
15e69d31c96f
tfc139: allow -B option just like rvtdump and rvinterf
Michael Spacefalcon <msokolov@ivan.Harhan.ORG>
parents:
419
diff
changeset
|
94 case 'B': |
|
15e69d31c96f
tfc139: allow -B option just like rvtdump and rvinterf
Michael Spacefalcon <msokolov@ivan.Harhan.ORG>
parents:
419
diff
changeset
|
95 baudrate_name = optarg; |
|
15e69d31c96f
tfc139: allow -B option just like rvtdump and rvinterf
Michael Spacefalcon <msokolov@ivan.Harhan.ORG>
parents:
419
diff
changeset
|
96 continue; |
|
359
144b5d222de8
tfc139 hack utility started, compiles
Michael Spacefalcon <msokolov@ivan.Harhan.ORG>
parents:
diff
changeset
|
97 case 'l': |
|
144b5d222de8
tfc139 hack utility started, compiles
Michael Spacefalcon <msokolov@ivan.Harhan.ORG>
parents:
diff
changeset
|
98 logfname = optarg; |
|
144b5d222de8
tfc139 hack utility started, compiles
Michael Spacefalcon <msokolov@ivan.Harhan.ORG>
parents:
diff
changeset
|
99 continue; |
|
419
3a46728e054b
tfc139: -a and -s options to override IRAM payload and stack smash addresses
Michael Spacefalcon <msokolov@ivan.Harhan.ORG>
parents:
418
diff
changeset
|
100 case 's': |
|
3a46728e054b
tfc139: -a and -s options to override IRAM payload and stack smash addresses
Michael Spacefalcon <msokolov@ivan.Harhan.ORG>
parents:
418
diff
changeset
|
101 stack_smash_addr = strtoul(optarg, 0, 16); |
|
3a46728e054b
tfc139: -a and -s options to override IRAM payload and stack smash addresses
Michael Spacefalcon <msokolov@ivan.Harhan.ORG>
parents:
418
diff
changeset
|
102 continue; |
|
360
f9d78057d766
tfc139 hack works!
Michael Spacefalcon <msokolov@ivan.Harhan.ORG>
parents:
359
diff
changeset
|
103 case 'w': |
|
f9d78057d766
tfc139 hack works!
Michael Spacefalcon <msokolov@ivan.Harhan.ORG>
parents:
359
diff
changeset
|
104 wakeup_after_sec = strtoul(optarg, 0, 0); |
|
f9d78057d766
tfc139 hack works!
Michael Spacefalcon <msokolov@ivan.Harhan.ORG>
parents:
359
diff
changeset
|
105 continue; |
|
359
144b5d222de8
tfc139 hack utility started, compiles
Michael Spacefalcon <msokolov@ivan.Harhan.ORG>
parents:
diff
changeset
|
106 case '?': |
|
144b5d222de8
tfc139 hack utility started, compiles
Michael Spacefalcon <msokolov@ivan.Harhan.ORG>
parents:
diff
changeset
|
107 default: |
|
144b5d222de8
tfc139 hack utility started, compiles
Michael Spacefalcon <msokolov@ivan.Harhan.ORG>
parents:
diff
changeset
|
108 usage: fprintf(stderr, |
|
144b5d222de8
tfc139 hack utility started, compiles
Michael Spacefalcon <msokolov@ivan.Harhan.ORG>
parents:
diff
changeset
|
109 "usage: %s [options] ttyport\n", argv[0]); |
|
144b5d222de8
tfc139 hack utility started, compiles
Michael Spacefalcon <msokolov@ivan.Harhan.ORG>
parents:
diff
changeset
|
110 exit(1); |
|
144b5d222de8
tfc139 hack utility started, compiles
Michael Spacefalcon <msokolov@ivan.Harhan.ORG>
parents:
diff
changeset
|
111 } |
|
144b5d222de8
tfc139 hack utility started, compiles
Michael Spacefalcon <msokolov@ivan.Harhan.ORG>
parents:
diff
changeset
|
112 if (argc - optind != 1) |
|
144b5d222de8
tfc139 hack utility started, compiles
Michael Spacefalcon <msokolov@ivan.Harhan.ORG>
parents:
diff
changeset
|
113 goto usage; |
|
144b5d222de8
tfc139 hack utility started, compiles
Michael Spacefalcon <msokolov@ivan.Harhan.ORG>
parents:
diff
changeset
|
114 open_target_serial(argv[optind]); |
|
418
a9bf3e92a30c
tfc139: clean exit on success
Michael Spacefalcon <msokolov@ivan.Harhan.ORG>
parents:
361
diff
changeset
|
115 target_tty_port = argv[optind]; |
|
359
144b5d222de8
tfc139 hack utility started, compiles
Michael Spacefalcon <msokolov@ivan.Harhan.ORG>
parents:
diff
changeset
|
116 |
|
144b5d222de8
tfc139 hack utility started, compiles
Michael Spacefalcon <msokolov@ivan.Harhan.ORG>
parents:
diff
changeset
|
117 set_serial_nonblock(0); |
|
144b5d222de8
tfc139 hack utility started, compiles
Michael Spacefalcon <msokolov@ivan.Harhan.ORG>
parents:
diff
changeset
|
118 setlinebuf(stdout); |
|
144b5d222de8
tfc139 hack utility started, compiles
Michael Spacefalcon <msokolov@ivan.Harhan.ORG>
parents:
diff
changeset
|
119 if (logfname) { |
|
144b5d222de8
tfc139 hack utility started, compiles
Michael Spacefalcon <msokolov@ivan.Harhan.ORG>
parents:
diff
changeset
|
120 logF = fopen(logfname, "w"); |
|
144b5d222de8
tfc139 hack utility started, compiles
Michael Spacefalcon <msokolov@ivan.Harhan.ORG>
parents:
diff
changeset
|
121 if (!logF) { |
|
144b5d222de8
tfc139 hack utility started, compiles
Michael Spacefalcon <msokolov@ivan.Harhan.ORG>
parents:
diff
changeset
|
122 perror(logfname); |
|
144b5d222de8
tfc139 hack utility started, compiles
Michael Spacefalcon <msokolov@ivan.Harhan.ORG>
parents:
diff
changeset
|
123 exit(1); |
|
144b5d222de8
tfc139 hack utility started, compiles
Michael Spacefalcon <msokolov@ivan.Harhan.ORG>
parents:
diff
changeset
|
124 } |
|
144b5d222de8
tfc139 hack utility started, compiles
Michael Spacefalcon <msokolov@ivan.Harhan.ORG>
parents:
diff
changeset
|
125 setlinebuf(logF); |
|
144b5d222de8
tfc139 hack utility started, compiles
Michael Spacefalcon <msokolov@ivan.Harhan.ORG>
parents:
diff
changeset
|
126 fprintf(logF, "*** Log of TFC139 break-in session ***\n"); |
|
144b5d222de8
tfc139 hack utility started, compiles
Michael Spacefalcon <msokolov@ivan.Harhan.ORG>
parents:
diff
changeset
|
127 } |
|
361
62f850da5d49
tfc139: log timestamp buglet
Michael Spacefalcon <msokolov@ivan.Harhan.ORG>
parents:
360
diff
changeset
|
128 time(&logtime); |
|
359
144b5d222de8
tfc139 hack utility started, compiles
Michael Spacefalcon <msokolov@ivan.Harhan.ORG>
parents:
diff
changeset
|
129 output_line("Sending IRAM payload"); |
|
144b5d222de8
tfc139 hack utility started, compiles
Michael Spacefalcon <msokolov@ivan.Harhan.ORG>
parents:
diff
changeset
|
130 send_compal_memwrite(iram_load_addr, iram_payload, sizeof iram_payload); |
|
360
f9d78057d766
tfc139 hack works!
Michael Spacefalcon <msokolov@ivan.Harhan.ORG>
parents:
359
diff
changeset
|
131 stack_smash_payload[0] = iram_load_addr; |
|
f9d78057d766
tfc139 hack works!
Michael Spacefalcon <msokolov@ivan.Harhan.ORG>
parents:
359
diff
changeset
|
132 stack_smash_payload[1] = iram_load_addr >> 8; |
|
f9d78057d766
tfc139 hack works!
Michael Spacefalcon <msokolov@ivan.Harhan.ORG>
parents:
359
diff
changeset
|
133 stack_smash_payload[2] = iram_load_addr >> 16; |
|
f9d78057d766
tfc139 hack works!
Michael Spacefalcon <msokolov@ivan.Harhan.ORG>
parents:
359
diff
changeset
|
134 stack_smash_payload[3] = iram_load_addr >> 24; |
|
359
144b5d222de8
tfc139 hack utility started, compiles
Michael Spacefalcon <msokolov@ivan.Harhan.ORG>
parents:
diff
changeset
|
135 for (;;) { |
|
144b5d222de8
tfc139 hack utility started, compiles
Michael Spacefalcon <msokolov@ivan.Harhan.ORG>
parents:
diff
changeset
|
136 FD_ZERO(&fds); |
|
144b5d222de8
tfc139 hack utility started, compiles
Michael Spacefalcon <msokolov@ivan.Harhan.ORG>
parents:
diff
changeset
|
137 FD_SET(target_fd, &fds); |
|
144b5d222de8
tfc139 hack utility started, compiles
Michael Spacefalcon <msokolov@ivan.Harhan.ORG>
parents:
diff
changeset
|
138 c = select(target_fd+1, &fds, 0, 0, 0); |
|
144b5d222de8
tfc139 hack utility started, compiles
Michael Spacefalcon <msokolov@ivan.Harhan.ORG>
parents:
diff
changeset
|
139 time(&logtime); |
|
144b5d222de8
tfc139 hack utility started, compiles
Michael Spacefalcon <msokolov@ivan.Harhan.ORG>
parents:
diff
changeset
|
140 if (c < 0) { |
|
144b5d222de8
tfc139 hack utility started, compiles
Michael Spacefalcon <msokolov@ivan.Harhan.ORG>
parents:
diff
changeset
|
141 if (errno == EINTR) |
|
144b5d222de8
tfc139 hack utility started, compiles
Michael Spacefalcon <msokolov@ivan.Harhan.ORG>
parents:
diff
changeset
|
142 continue; |
|
144b5d222de8
tfc139 hack utility started, compiles
Michael Spacefalcon <msokolov@ivan.Harhan.ORG>
parents:
diff
changeset
|
143 perror("select"); |
|
144b5d222de8
tfc139 hack utility started, compiles
Michael Spacefalcon <msokolov@ivan.Harhan.ORG>
parents:
diff
changeset
|
144 exit(1); |
|
144b5d222de8
tfc139 hack utility started, compiles
Michael Spacefalcon <msokolov@ivan.Harhan.ORG>
parents:
diff
changeset
|
145 } |
|
144b5d222de8
tfc139 hack utility started, compiles
Michael Spacefalcon <msokolov@ivan.Harhan.ORG>
parents:
diff
changeset
|
146 if (FD_ISSET(target_fd, &fds)) |
|
144b5d222de8
tfc139 hack utility started, compiles
Michael Spacefalcon <msokolov@ivan.Harhan.ORG>
parents:
diff
changeset
|
147 process_serial_rx(); |
|
144b5d222de8
tfc139 hack utility started, compiles
Michael Spacefalcon <msokolov@ivan.Harhan.ORG>
parents:
diff
changeset
|
148 } |
|
144b5d222de8
tfc139 hack utility started, compiles
Michael Spacefalcon <msokolov@ivan.Harhan.ORG>
parents:
diff
changeset
|
149 } |
|
144b5d222de8
tfc139 hack utility started, compiles
Michael Spacefalcon <msokolov@ivan.Harhan.ORG>
parents:
diff
changeset
|
150 |
|
360
f9d78057d766
tfc139 hack works!
Michael Spacefalcon <msokolov@ivan.Harhan.ORG>
parents:
359
diff
changeset
|
151 static void |
|
f9d78057d766
tfc139 hack works!
Michael Spacefalcon <msokolov@ivan.Harhan.ORG>
parents:
359
diff
changeset
|
152 handle_etm_response() |
|
f9d78057d766
tfc139 hack works!
Michael Spacefalcon <msokolov@ivan.Harhan.ORG>
parents:
359
diff
changeset
|
153 { |
|
f9d78057d766
tfc139 hack works!
Michael Spacefalcon <msokolov@ivan.Harhan.ORG>
parents:
359
diff
changeset
|
154 char msgbuf[80]; |
|
f9d78057d766
tfc139 hack works!
Michael Spacefalcon <msokolov@ivan.Harhan.ORG>
parents:
359
diff
changeset
|
155 |
|
f9d78057d766
tfc139 hack works!
Michael Spacefalcon <msokolov@ivan.Harhan.ORG>
parents:
359
diff
changeset
|
156 if (rxpkt_len != 4 || rxpkt[1] != 0x40 || rxpkt[2] || rxpkt[3] != 0x40){ |
|
f9d78057d766
tfc139 hack works!
Michael Spacefalcon <msokolov@ivan.Harhan.ORG>
parents:
359
diff
changeset
|
157 output_line("ETM response differs from expected"); |
|
f9d78057d766
tfc139 hack works!
Michael Spacefalcon <msokolov@ivan.Harhan.ORG>
parents:
359
diff
changeset
|
158 return; |
|
f9d78057d766
tfc139 hack works!
Michael Spacefalcon <msokolov@ivan.Harhan.ORG>
parents:
359
diff
changeset
|
159 } |
|
f9d78057d766
tfc139 hack works!
Michael Spacefalcon <msokolov@ivan.Harhan.ORG>
parents:
359
diff
changeset
|
160 sprintf(msgbuf, "Sending stack smash write at 0x%x", stack_smash_addr); |
|
f9d78057d766
tfc139 hack works!
Michael Spacefalcon <msokolov@ivan.Harhan.ORG>
parents:
359
diff
changeset
|
161 output_line(msgbuf); |
|
f9d78057d766
tfc139 hack works!
Michael Spacefalcon <msokolov@ivan.Harhan.ORG>
parents:
359
diff
changeset
|
162 send_compal_memwrite(stack_smash_addr, stack_smash_payload, 4); |
|
f9d78057d766
tfc139 hack works!
Michael Spacefalcon <msokolov@ivan.Harhan.ORG>
parents:
359
diff
changeset
|
163 stack_smash_addr += 4; |
|
f9d78057d766
tfc139 hack works!
Michael Spacefalcon <msokolov@ivan.Harhan.ORG>
parents:
359
diff
changeset
|
164 } |
|
f9d78057d766
tfc139 hack works!
Michael Spacefalcon <msokolov@ivan.Harhan.ORG>
parents:
359
diff
changeset
|
165 |
|
359
144b5d222de8
tfc139 hack utility started, compiles
Michael Spacefalcon <msokolov@ivan.Harhan.ORG>
parents:
diff
changeset
|
166 handle_rx_packet() |
|
144b5d222de8
tfc139 hack utility started, compiles
Michael Spacefalcon <msokolov@ivan.Harhan.ORG>
parents:
diff
changeset
|
167 { |
|
360
f9d78057d766
tfc139 hack works!
Michael Spacefalcon <msokolov@ivan.Harhan.ORG>
parents:
359
diff
changeset
|
168 if (rxpkt_len == 2 && rxpkt[0] == 'O' && rxpkt[1] == 'K') { |
|
418
a9bf3e92a30c
tfc139: clean exit on success
Michael Spacefalcon <msokolov@ivan.Harhan.ORG>
parents:
361
diff
changeset
|
169 output_line( |
|
a9bf3e92a30c
tfc139: clean exit on success
Michael Spacefalcon <msokolov@ivan.Harhan.ORG>
parents:
361
diff
changeset
|
170 "Success: target should now be in boot ROM download wait"); |
|
a9bf3e92a30c
tfc139: clean exit on success
Michael Spacefalcon <msokolov@ivan.Harhan.ORG>
parents:
361
diff
changeset
|
171 printf("You can now run fc-loadtool -h compal -c none %s\n", |
|
a9bf3e92a30c
tfc139: clean exit on success
Michael Spacefalcon <msokolov@ivan.Harhan.ORG>
parents:
361
diff
changeset
|
172 target_tty_port); |
|
a9bf3e92a30c
tfc139: clean exit on success
Michael Spacefalcon <msokolov@ivan.Harhan.ORG>
parents:
361
diff
changeset
|
173 exit(0); |
|
360
f9d78057d766
tfc139 hack works!
Michael Spacefalcon <msokolov@ivan.Harhan.ORG>
parents:
359
diff
changeset
|
174 } |
|
359
144b5d222de8
tfc139 hack utility started, compiles
Michael Spacefalcon <msokolov@ivan.Harhan.ORG>
parents:
diff
changeset
|
175 switch (rxpkt[0]) { |
|
144b5d222de8
tfc139 hack utility started, compiles
Michael Spacefalcon <msokolov@ivan.Harhan.ORG>
parents:
diff
changeset
|
176 case RVT_RV_HEADER: |
|
144b5d222de8
tfc139 hack utility started, compiles
Michael Spacefalcon <msokolov@ivan.Harhan.ORG>
parents:
diff
changeset
|
177 if (rxpkt_len < 6) |
|
144b5d222de8
tfc139 hack utility started, compiles
Michael Spacefalcon <msokolov@ivan.Harhan.ORG>
parents:
diff
changeset
|
178 goto unknown; |
|
144b5d222de8
tfc139 hack utility started, compiles
Michael Spacefalcon <msokolov@ivan.Harhan.ORG>
parents:
diff
changeset
|
179 print_rv_trace(); |
|
144b5d222de8
tfc139 hack utility started, compiles
Michael Spacefalcon <msokolov@ivan.Harhan.ORG>
parents:
diff
changeset
|
180 return; |
|
144b5d222de8
tfc139 hack utility started, compiles
Michael Spacefalcon <msokolov@ivan.Harhan.ORG>
parents:
diff
changeset
|
181 case RVT_L1_HEADER: |
|
144b5d222de8
tfc139 hack utility started, compiles
Michael Spacefalcon <msokolov@ivan.Harhan.ORG>
parents:
diff
changeset
|
182 print_l1_trace(); |
|
144b5d222de8
tfc139 hack utility started, compiles
Michael Spacefalcon <msokolov@ivan.Harhan.ORG>
parents:
diff
changeset
|
183 return; |
|
144b5d222de8
tfc139 hack utility started, compiles
Michael Spacefalcon <msokolov@ivan.Harhan.ORG>
parents:
diff
changeset
|
184 case RVT_L23_HEADER: |
|
144b5d222de8
tfc139 hack utility started, compiles
Michael Spacefalcon <msokolov@ivan.Harhan.ORG>
parents:
diff
changeset
|
185 print_g23_trace(); |
|
144b5d222de8
tfc139 hack utility started, compiles
Michael Spacefalcon <msokolov@ivan.Harhan.ORG>
parents:
diff
changeset
|
186 return; |
|
144b5d222de8
tfc139 hack utility started, compiles
Michael Spacefalcon <msokolov@ivan.Harhan.ORG>
parents:
diff
changeset
|
187 case RVT_TM_HEADER: |
|
144b5d222de8
tfc139 hack utility started, compiles
Michael Spacefalcon <msokolov@ivan.Harhan.ORG>
parents:
diff
changeset
|
188 print_etm_output_raw(); |
|
360
f9d78057d766
tfc139 hack works!
Michael Spacefalcon <msokolov@ivan.Harhan.ORG>
parents:
359
diff
changeset
|
189 handle_etm_response(); |
|
359
144b5d222de8
tfc139 hack utility started, compiles
Michael Spacefalcon <msokolov@ivan.Harhan.ORG>
parents:
diff
changeset
|
190 return; |
|
144b5d222de8
tfc139 hack utility started, compiles
Michael Spacefalcon <msokolov@ivan.Harhan.ORG>
parents:
diff
changeset
|
191 default: |
|
144b5d222de8
tfc139 hack utility started, compiles
Michael Spacefalcon <msokolov@ivan.Harhan.ORG>
parents:
diff
changeset
|
192 unknown: |
|
144b5d222de8
tfc139 hack utility started, compiles
Michael Spacefalcon <msokolov@ivan.Harhan.ORG>
parents:
diff
changeset
|
193 print_unknown_packet(); |
|
144b5d222de8
tfc139 hack utility started, compiles
Michael Spacefalcon <msokolov@ivan.Harhan.ORG>
parents:
diff
changeset
|
194 } |
|
144b5d222de8
tfc139 hack utility started, compiles
Michael Spacefalcon <msokolov@ivan.Harhan.ORG>
parents:
diff
changeset
|
195 } |