FreeCalypso > hg > freecalypso-sw
view rvinterf/etmsync/pirimei.c @ 923:10b4bed10192
gsm-fw/L1: fix for the DSP patch corruption bug
The L1 code we got from the LoCosto fw contains a feature for DSP CPU load
measurement. This feature is a LoCosto-ism, i.e., not applicable to earlier
DBB chips (Calypso) with their respective earlier DSP ROMs. Most of the
code dealing with that feature is conditionalized as #if (DSP >= 38),
but one spot was missed, and the MCU code was writing into an API word
dealing with this feature. In TCS211 this DSP API word happens to be
used by the DSP code patch, hence that write was corrupting the patched
DSP code.
| author | Mychaela Falconia <falcon@ivan.Harhan.ORG> |
|---|---|
| date | Mon, 19 Oct 2015 17:13:56 +0000 |
| parents | 9b4b0fcddc77 |
| children |
line wrap: on
line source
/* * Reading and decryption of Pirelli's factory IMEI record */ #include <sys/types.h> #include <openssl/des.h> #include <stdio.h> #include <stdlib.h> #include <string.h> #include <strings.h> #include "exitcodes.h" u_char pirelli_imeisv[8]; get_pirelli_imei() { DES_cblock ciphertext[2], dieid_key, decrypted[2]; DES_key_schedule keysched; int rc; static char failmsg[] = "decryption failed: no valid IMEI record or incompatible firmware\n"; printf("Requesting Calypso die ID\n"); rc = do_dieid_read(dieid_key); if (rc) return(rc); printf("Reading IMEI record in Pirelli's factory data block\n"); rc = do_memory_read(0x027F0504, ciphertext, 16); if (rc) return(rc); DES_set_key_unchecked(&dieid_key, &keysched); DES_ecb_encrypt(&ciphertext[0], &decrypted[0], &keysched, DES_DECRYPT); DES_ecb_encrypt(&ciphertext[1], &decrypted[1], &keysched, DES_DECRYPT); if (bcmp(decrypted[1], dieid_key, 8)) { printf(failmsg); return(ERROR_TARGET); } bcopy(decrypted[0], pirelli_imeisv, 8); printf("Factory IMEISV is %02X%02X%02X%02X-%02X%02X%02X-%02X\n", pirelli_imeisv[0], pirelli_imeisv[1], pirelli_imeisv[2], pirelli_imeisv[3], pirelli_imeisv[4], pirelli_imeisv[5], pirelli_imeisv[6], pirelli_imeisv[7]); return(0); }