int main(int argc, char *argv[])
{
#if 1
unsigned long src_addr = (unsigned long) vmlrd_lzma;
unsigned long src_len = vmlrd_lzmaSize;
unsigned long dst_addr = P2_UNCOMP_LOAD_ADDR;
unsigned long dst_len = P2_UNCOMP_LOAD_LEN;
unsigned long tmp_addr = P2_TEMP_BUF_ADDR;
unsigned long tmp_len = P2_TEMP_BUF_LEN;
/* HW related initializing */
serial_init();
disable_usb_intr();
/* Decompress LZMA */
printf("Lzma decompressing(addr: %x len: %d)...\n", src_addr, src_len);
if (lzma_inflate((unsigned char *) src_addr, src_len,
(unsigned char *) dst_addr, dst_len,
(unsigned char *) tmp_addr, tmp_len)) {
printf("failed to decompress kernel\n");
goto hang;
}
printf("Jump to kernel(addr: %x)...\n", vmlrd_lzma_entry);
start_kernel = (void *) vmlrd_lzma_entry;
start_kernel();
printf("return from kernel...\n");
hang:
while(1);
#else
#define UNCOMP_LOAD_LEN 0x400000
#define TEMP_BUF_ADDR 0x100000
unsigned long src_addr = (unsigned long) vmlrd;
unsigned long src_len = vmlrdSize;
char *dst_addr, *tmp_addr;
unsigned long dst_len = UNCOMP_LOAD_LEN;
unsigned long tmp_len = TEMP_BUF_ADDR;
dst_addr = malloc(dst_len);
tmp_addr = malloc(tmp_len);
if (!dst_addr || !tmp_addr) {
printf("out of memory!\n");
return 0;
}
printf("%d %d %d\n", src_len, dst_len, tmp_len);
lzma_inflate((unsigned char *) src_addr, src_len,
(unsigned char *) dst_addr, dst_len,
(unsigned char *) tmp_addr, tmp_len);
free(dst_addr);
free(tmp_addr);
#endif
return 0;
}
/************************************************************************
*
* This is the next part if the initialization sequence: we are now
* running from RAM and have a "normal" C environment, i. e. global
* data can be written, BSS has been cleared, the stack size in not
* that critical any more, etc.
*
************************************************************************
*/
void bootstrap_board_init_r(gd_t *id, ulong dest_addr)
{
int i;
ulong addr;
ulong data, len, checksum;
image_header_t header;
image_header_t *hdr = &header;
unsigned int destLen;
int (*fn)(int);
/* Initialize malloc() area */
mem_malloc_init(dest_addr);
addr = (ulong)((char *)(BOOTSTRAP_CFG_MONITOR_BASE + ((ulong)&uboot_end_data_bootstrap - dest_addr)));
memmove(&header, (char *)addr, sizeof(image_header_t));
if (ntohl(hdr->ih_magic) != IH_MAGIC)
return;
data = (ulong)&header;
len = sizeof(image_header_t);
checksum = ntohl(hdr->ih_hcrc);
hdr->ih_hcrc = 0;
if (tinf_crc32((unsigned char *)data, len) != checksum)
return;
data = addr + sizeof(image_header_t);
len = ntohl(hdr->ih_size);
/*
* If we've got less than 4 MB of malloc() space,
* use slower decompression algorithm which requires
* at most 2300 KB of memory.
*/
destLen = 0x0;
#ifdef CONFIG_LZMA
i = lzma_inflate((unsigned char *)data, len, (unsigned char*)ntohl(hdr->ih_load), (int *)&destLen);
if (i != LZMA_RESULT_OK)
return;
#endif
fn = (void *)ntohl(hdr->ih_load);
(*fn)(gd->ram_size);
hang();
}
void
QcOsmPbfReader::read_blob()
{
// size of the following blob
int32_t data_size = m_blob_header.datasize();
qDebug().nospace() << " datasize = " << data_size;
// ensure the blob is smaller then MAX_BLOB_SIZE
if (data_size > OSMPBF::max_uncompressed_blob_size)
qCritical() << "blob-size is bigger then allowed (" << data_size << " > " << OSMPBF::max_uncompressed_blob_size << ")";
// read the blob from the file
if (m_data_stream.readRawData(m_buffer, data_size) == -1)
qCritical() << "unable to read blob from file";
// parse the blob from the read-buffer
if (!m_blob.ParseFromArray(m_buffer, data_size))
qCritical() << "unable to parse blob";
// tell about the blob-header
qDebug().nospace() << "Blob (" << data_size << " bytes)";
// set when we find at least one data stream
bool found_data = false;
// if the blob has uncompressed data
if (m_blob.has_raw()) {
// we have at least one datastream
found_data = true;
// size of the blob-data
m_buffer_size = m_blob.raw().size();
// check that raw_size is set correctly
if (m_buffer_size != m_blob.raw_size())
qWarning() << " reports wrong raw_size: " << m_blob.raw_size() << " bytes";
// tell about the blob-data
qDebug().nospace() << " contains uncompressed data: " << m_buffer_size << " bytes";
// copy the uncompressed data over to the unpack_buffer
memcpy(m_unpack_buffer, m_buffer, m_buffer_size);
}
// if the blob has zlib-compressed data
if (m_blob.has_zlib_data()) {
// issue a warning if there is more than one data steam, a blob may only contain one data stream
if (found_data)
qWarning() << " contains several data streams";
// we have at least one datastream
found_data = true;
// unpacked size
zlib_inflate();
}
// if the blob has lzma-compressed data
if (m_blob.has_lzma_data()) {
// issue a warning if there is more than one data steam, a blob may only contain one data stream
if (found_data)
qWarning() << " contains several data streams";
// we have at least one datastream
found_data = true;
// unpacked size
lzma_inflate();
}
// check we have at least one data-stream
if (!found_data)
qCritical() << " does not contain any known data stream";
// switch between different blob-types
auto blob_type = m_blob_header.type();
if (blob_type == "OSMHeader")
// The Blob contains a serialized HeaderBlock message.
// Every fileblock must have one of these blocks before the first 'OSMData' block.
read_osm_header();
else if (blob_type == "OSMData")
// The Blob contains a serialized PrimitiveBlock message.
read_osm_data();
else
// unknown blob type
qWarning() << " unknown blob type: " << m_blob_header.type().c_str();
}
int do_bootm(cmd_tbl_t *cmdtp, int flag, int argc, char *argv[]){
ulong addr, data, len;
uint unc_len = CFG_BOOTM_LEN;
int i;
image_header_t *hdr = &header;
#ifdef CONFIG_TPLINK_IMAGE_HEADER
tplink_image_header_t *fileTag;
#endif
if(argc < 2){
addr = load_addr;
} else {
addr = simple_strtoul(argv[1], NULL, 16);
}
printf("Booting image at: 0x%08lX\n", addr);
#ifndef CONFIG_TPLINK_IMAGE_HEADER
memmove(&header, (char *)addr, sizeof(image_header_t));
print_image_hdr(hdr);
data = addr + sizeof(image_header_t);
#else
fileTag = (tplink_image_header_t *)addr;
print_image_hdr(fileTag);
fake_image_header(hdr, fileTag);
data = addr + TAG_LEN;
#endif /* !CONFIG_TPLINK_IMAGE_HEADER */
len = ntohl(hdr->ih_size);
/*
* We have reached the point of no return: we are going to
* overwrite all exception vector code, so we cannot easily
* recover from any failures any more...
*/
#ifdef CONFIG_NETCONSOLE
/*
* Stop the ethernet stack if NetConsole could have
* left it up
*/
eth_halt();
#endif
/* TODO: should we flush caches for kernel? */
/*
* Flush everything, restore caches for linux
*/
//mips_cache_flush();
//mips_icache_flush_ix();
/* XXX - this causes problems when booting from flash */
/* dcache_disable(); */
/* case IH_COMP_LZMA:*/
puts("Uncompressing kernel image... ");
i = lzma_inflate((unsigned char *)data, len, (unsigned char*)ntohl(hdr->ih_load), (int *)&unc_len);
if(i != LZMA_RESULT_OK){
printf("## Error: LZMA error num: %d\n", i);
return(-1);
}
puts("OK!\n");
#ifdef CONFIG_SILENT_CONSOLE
fixup_silent_linux();
#endif
do_bootm_linux(cmdtp, flag, argc, argv);
#ifdef DEBUG
puts("\n## Error: control returned to monitor - resetting...\n");
do_reset(cmdtp, flag, argc, argv);
#endif
return(1);
}
int do_bootm(cmd_tbl_t *cmdtp, int flag, int argc, char *argv[])
{
char *s;
u32 *len_ptr;
u32 addr, data, len;
int i, tpl_type, verify;
u32 unc_len = CFG_BOOTM_LEN;
image_header_t *hdr = &header;
tplink_image_header_t *tpl_hdr;
/*
* By default don't verify data CRC checksum,
* but allow to enable it, using environment
**/
s = getenv("verify_data");
verify = (s && (*s == 'y')) ? 1 : 0;
if (argc < 2) {
addr = load_addr;
} else {
addr = simple_strtoul(argv[1], NULL, 16);
}
printf("Booting image from 0x%08lX...\n", addr);
/* Check what header type we have */
memmove(&data, (char *)addr, sizeof(u32));
tpl_type = 0;
switch (ntohl(data)) {
case TPL_IH_VERSION_V1:
tpl_type = 1;
tpl_hdr = (tplink_image_header_t *)addr;
print_tpl_ih_v1(tpl_hdr);
/* Convert to general format */
tpl_to_uboot_header(hdr, tpl_hdr);
break;
case IH_MAGIC:
print_uboot_ih((image_header_t *)addr);
memmove(&header, (char *)addr, sizeof(image_header_t));
break;
case TPL_IH_VERSION_V2:
case TPL_IH_VERSION_V3:
default:
puts("## Error: unsupported image header\n");
return 1;
}
/* Always verify header CRC */
if (ih_header_crc(hdr, tpl_type) != 0) {
puts("## Error: header checksum mismatch!\n");
return 1;
}
/* And data if enabled */
if (tpl_type) {
data = addr + sizeof(tplink_image_header_t);
} else {
data = addr + sizeof(image_header_t);
}
if (ih_data_crc(data, hdr, tpl_type, verify) != 0) {
puts("## Error: data checksum mismatch!\n");
return 1;
}
puts("\n");
len = ntohl(hdr->ih_size);
len_ptr = (u32 *)data;
/* We support only MIPS */
if (hdr->ih_arch != IH_CPU_MIPS) {
puts("## Error: unsupported architecture!\n");
return 1;
}
/* Image type... */
switch (hdr->ih_type) {
case IH_TYPE_KERNEL:
break;
case IH_TYPE_MULTI:
/* OS kernel is always in first image */
len = ntohl(len_ptr[0]);
data += 8;
/* Move over list to first image */
for (i = 1; len_ptr[i]; ++i)
data += 4;
break;
default:
puts("## Error: unsupported image type!\n");
return 1;
}
/*
* We have reached the point of no return: we are going to
* overwrite all exception vector code, so we cannot easily
* recover from any failures any more...
*/
#ifdef CONFIG_NETCONSOLE
/*
* Stop the ethernet stack if NetConsole could have
* left it up
*/
puts("Stopping network... ");
eth_halt();
puts("OK!\n");
#endif
/* TODO: should we flush caches for kernel? */
/*
* Flush everything, restore caches for linux
*/
//mips_cache_flush();
//mips_icache_flush_ix();
/* XXX - this causes problems when booting from flash */
/* dcache_disable(); */
/* Compression type... */
switch (hdr->ih_comp) {
case IH_COMP_LZMA:
printf("Uncompressing %s... ", ih_img_type(hdr->ih_type));
/* Try to extract LZMA data... */
i = lzma_inflate((u8 *)data, len,
(u8 *)ntohl(hdr->ih_load), (int *)&unc_len);
/* TODO: more verbose LZMA errors */
if (i != LZMA_RESULT_OK) {
puts("ERROR\n");
printf("## Error: LZMA error '%d'!\n", i);
return 1;
}
puts("OK!\n");
break;
default:
printf("## Error: unsupported compression type '%s'!\n",
ih_comp_type(hdr->ih_comp));
return 1;
}
#ifdef CONFIG_SILENT_CONSOLE
fixup_silent_linux();
#endif
do_bootm_linux(cmdtp, flag, argc, argv);
return 1;
}
int do_bootm(cmd_tbl_t *cmdtp, int flag, int argc, char *argv[]) {
//ulong iflag;
ulong addr;
ulong data, len;
ulong *len_ptr;
uint unc_len = CFG_BOOTM_LEN;
int i, verify = 0;
image_header_t *hdr = &header;
LINUX_FILE_TAG *fileTag; // by lqm, 17Sep07
if (argc < 2) {
addr = load_addr;
} else {
addr = simple_strtoul(argv[1], NULL, 16);
}
//SHOW_BOOT_PROGRESS (1);
printf("Booting image at: 0x%08lX...\n", addr);
fileTag = (LINUX_FILE_TAG *) addr;
/*
printf("---- fileTag = %08x\n", fileTag);
printf("\t text base = %08x\n", fileTag->kernelTextAddr);
printf("\t entry point = %08x\n", fileTag->kernelEntryPoint);
*/
fake_image_header(hdr, fileTag->kernelTextAddr, fileTag->kernelEntryPoint, fileTag->kernelLen);
data = addr + TAG_LEN;
len = ntohl(hdr->ih_size);
/* TODO: */
//SHOW_BOOT_PROGRESS (2);
//SHOW_BOOT_PROGRESS (6);
/*
* We have reached the point of no return: we are going to
* overwrite all exception vector code, so we cannot easily
* recover from any failures any more...
*/
//iflag = disable_interrupts();
// TODO: disable_interrupts() only returns 0...
//disable_interrupts();
#ifdef CONFIG_AR7100
/*
* Flush everything, restore caches for linux
*/
mips_cache_flush();
/* XXX - this causes problems when booting from flash */
/* dcache_disable(); */
#endif
/* case IH_COMP_LZMA:*/
puts("Uncompressing kernel image...\n");
i = lzma_inflate((unsigned char *) data, len, (unsigned char*) ntohl(hdr->ih_load), (int *) &unc_len);
if (i != LZMA_RESULT_OK) {
//printf("## Error: LZMA error number %d\n", i);
//SHOW_BOOT_PROGRESS(-6);
//udelay(100000);
return -1;
//do_reset(cmdtp, flag, argc, argv);
}
puts("OK\n");
//SHOW_BOOT_PROGRESS(7);
/* case IH_OS_LINUX: */
#ifdef CONFIG_SILENT_CONSOLE
fixup_silent_linux();
#endif
do_bootm_linux(cmdtp, flag, argc, argv, addr, len_ptr, verify);
//SHOW_BOOT_PROGRESS(-9);
#ifdef DEBUG
puts ("\n## Error: control returned to monitor - resetting...\n");
do_reset (cmdtp, flag, argc, argv);
#endif
return 1;
}
int main(int argc, char **argv)
{
struct stat s;
u_int8_t *buf_orig;
u_int32_t *buf;
int buflen;
int fd;
int i;
int err;
int start = 0, end = 0;
printf("Arcadyan Firmware cutter v0.1\n");
printf("-----------------------------\n");
printf("This tool extracts the different parts of an arcadyan firmware update file\n");
printf("This tool is for private use only. The Firmware that gets extracted has a license that forbids redistribution\n");
printf("Please only run this if you understand the risks\n\n");
printf("I understand the risks ? (y/N)\n");
if (getchar() != 'y')
return -1;
if (stat(FW_NAME, &s) != 0) {
printf("Failed to find %s\n", FW_NAME);
printf("Ask Google or try http://hilfe.telekom.de/dlp/eki/downloads/Speedport/Speedport%20W%20921V/Firmware_Speedport_W921V_1.20.000.bin\n");
return -1;
}
buf_orig = malloc(s.st_size);
if (!buf_orig) {
printf("Failed to alloc %d bytes\n", s.st_size);
return -1;
}
fd = open(FW_NAME, O_RDONLY);
if (fd < 0) {
printf("Unable to open %s\n", FW_NAME);
return -1;
}
buflen = read(fd, buf_orig, s.st_size);
close(fd);
if (buflen != s.st_size) {
printf("Loaded %d instead of %d bytes inside %s\n", buflen, s.st_size, FW_NAME);
return -1;
}
/* <magic> */
buf_orig++;
buflen -= 1;
for (i = 0; i < MAGIC_SZ; i++) {
if ((i % 16) < 3)
buf_orig[i] = buf_orig[i + 16] ^ MAGIC;
else
buf_orig[i] = buf_orig[i] ^ MAGIC;
}
buflen -= 3;
memmove(&buf_orig[MAGIC_SZ], &buf_orig[MAGIC_SZ + 3], buflen - MAGIC_SZ);
/* </magic> */
buf = (u_int32_t*) buf_orig;
do {
if (buf[end] == MAGIC_PART) {
end += 2;
printf("Found partition at 0x%08X with size %d\n",
start * sizeof(u_int32_t),
(end - start) * sizeof(u_int32_t));
if (buf[start] == MAGIC_LZMA) {
int dest_len = 1024 * 1024;
int len = buf[end - 3];
u_int32_t id = buf[end - 6];
const char *type = part_type(id);
u_int8_t *dest;
dest = malloc(dest_len);
if (!dest) {
printf("Failed to alloc dest buffer\n");
return -1;
}
if (lzma_inflate((u_int8_t*)&buf[start], len, dest, &dest_len)) {
printf("Failed to decompress data\n");
return -1;
}
fd = creat(type, S_IRUSR | S_IWUSR);
if (fd != -1) {
if (write(fd, dest, dest_len) != dest_len)
printf("\tFailed to write %d bytes\n", dest_len);
else
printf("\tWrote %d bytes to %s\n", dest_len, type);
close(fd);
} else {
printf("\tFailed to open %s\n", type);
}
free(dest);
} else {
printf("\tThis is not lzma\n");
}
start = end;
} else {
end++;
}
} while(end < buflen / sizeof(u_int32_t));
return 0;
}
