int main(int argc, char *argv[]) { #if 1 unsigned long src_addr = (unsigned long) vmlrd_lzma; unsigned long src_len = vmlrd_lzmaSize; unsigned long dst_addr = P2_UNCOMP_LOAD_ADDR; unsigned long dst_len = P2_UNCOMP_LOAD_LEN; unsigned long tmp_addr = P2_TEMP_BUF_ADDR; unsigned long tmp_len = P2_TEMP_BUF_LEN; /* HW related initializing */ serial_init(); disable_usb_intr(); /* Decompress LZMA */ printf("Lzma decompressing(addr: %x len: %d)...\n", src_addr, src_len); if (lzma_inflate((unsigned char *) src_addr, src_len, (unsigned char *) dst_addr, dst_len, (unsigned char *) tmp_addr, tmp_len)) { printf("failed to decompress kernel\n"); goto hang; } printf("Jump to kernel(addr: %x)...\n", vmlrd_lzma_entry); start_kernel = (void *) vmlrd_lzma_entry; start_kernel(); printf("return from kernel...\n"); hang: while(1); #else #define UNCOMP_LOAD_LEN 0x400000 #define TEMP_BUF_ADDR 0x100000 unsigned long src_addr = (unsigned long) vmlrd; unsigned long src_len = vmlrdSize; char *dst_addr, *tmp_addr; unsigned long dst_len = UNCOMP_LOAD_LEN; unsigned long tmp_len = TEMP_BUF_ADDR; dst_addr = malloc(dst_len); tmp_addr = malloc(tmp_len); if (!dst_addr || !tmp_addr) { printf("out of memory!\n"); return 0; } printf("%d %d %d\n", src_len, dst_len, tmp_len); lzma_inflate((unsigned char *) src_addr, src_len, (unsigned char *) dst_addr, dst_len, (unsigned char *) tmp_addr, tmp_len); free(dst_addr); free(tmp_addr); #endif return 0; }
/************************************************************************ * * This is the next part if the initialization sequence: we are now * running from RAM and have a "normal" C environment, i. e. global * data can be written, BSS has been cleared, the stack size in not * that critical any more, etc. * ************************************************************************ */ void bootstrap_board_init_r(gd_t *id, ulong dest_addr) { int i; ulong addr; ulong data, len, checksum; image_header_t header; image_header_t *hdr = &header; unsigned int destLen; int (*fn)(int); /* Initialize malloc() area */ mem_malloc_init(dest_addr); addr = (ulong)((char *)(BOOTSTRAP_CFG_MONITOR_BASE + ((ulong)&uboot_end_data_bootstrap - dest_addr))); memmove(&header, (char *)addr, sizeof(image_header_t)); if (ntohl(hdr->ih_magic) != IH_MAGIC) return; data = (ulong)&header; len = sizeof(image_header_t); checksum = ntohl(hdr->ih_hcrc); hdr->ih_hcrc = 0; if (tinf_crc32((unsigned char *)data, len) != checksum) return; data = addr + sizeof(image_header_t); len = ntohl(hdr->ih_size); /* * If we've got less than 4 MB of malloc() space, * use slower decompression algorithm which requires * at most 2300 KB of memory. */ destLen = 0x0; #ifdef CONFIG_LZMA i = lzma_inflate((unsigned char *)data, len, (unsigned char*)ntohl(hdr->ih_load), (int *)&destLen); if (i != LZMA_RESULT_OK) return; #endif fn = (void *)ntohl(hdr->ih_load); (*fn)(gd->ram_size); hang(); }
void QcOsmPbfReader::read_blob() { // size of the following blob int32_t data_size = m_blob_header.datasize(); qDebug().nospace() << " datasize = " << data_size; // ensure the blob is smaller then MAX_BLOB_SIZE if (data_size > OSMPBF::max_uncompressed_blob_size) qCritical() << "blob-size is bigger then allowed (" << data_size << " > " << OSMPBF::max_uncompressed_blob_size << ")"; // read the blob from the file if (m_data_stream.readRawData(m_buffer, data_size) == -1) qCritical() << "unable to read blob from file"; // parse the blob from the read-buffer if (!m_blob.ParseFromArray(m_buffer, data_size)) qCritical() << "unable to parse blob"; // tell about the blob-header qDebug().nospace() << "Blob (" << data_size << " bytes)"; // set when we find at least one data stream bool found_data = false; // if the blob has uncompressed data if (m_blob.has_raw()) { // we have at least one datastream found_data = true; // size of the blob-data m_buffer_size = m_blob.raw().size(); // check that raw_size is set correctly if (m_buffer_size != m_blob.raw_size()) qWarning() << " reports wrong raw_size: " << m_blob.raw_size() << " bytes"; // tell about the blob-data qDebug().nospace() << " contains uncompressed data: " << m_buffer_size << " bytes"; // copy the uncompressed data over to the unpack_buffer memcpy(m_unpack_buffer, m_buffer, m_buffer_size); } // if the blob has zlib-compressed data if (m_blob.has_zlib_data()) { // issue a warning if there is more than one data steam, a blob may only contain one data stream if (found_data) qWarning() << " contains several data streams"; // we have at least one datastream found_data = true; // unpacked size zlib_inflate(); } // if the blob has lzma-compressed data if (m_blob.has_lzma_data()) { // issue a warning if there is more than one data steam, a blob may only contain one data stream if (found_data) qWarning() << " contains several data streams"; // we have at least one datastream found_data = true; // unpacked size lzma_inflate(); } // check we have at least one data-stream if (!found_data) qCritical() << " does not contain any known data stream"; // switch between different blob-types auto blob_type = m_blob_header.type(); if (blob_type == "OSMHeader") // The Blob contains a serialized HeaderBlock message. // Every fileblock must have one of these blocks before the first 'OSMData' block. read_osm_header(); else if (blob_type == "OSMData") // The Blob contains a serialized PrimitiveBlock message. read_osm_data(); else // unknown blob type qWarning() << " unknown blob type: " << m_blob_header.type().c_str(); }
int do_bootm(cmd_tbl_t *cmdtp, int flag, int argc, char *argv[]){ ulong addr, data, len; uint unc_len = CFG_BOOTM_LEN; int i; image_header_t *hdr = &header; #ifdef CONFIG_TPLINK_IMAGE_HEADER tplink_image_header_t *fileTag; #endif if(argc < 2){ addr = load_addr; } else { addr = simple_strtoul(argv[1], NULL, 16); } printf("Booting image at: 0x%08lX\n", addr); #ifndef CONFIG_TPLINK_IMAGE_HEADER memmove(&header, (char *)addr, sizeof(image_header_t)); print_image_hdr(hdr); data = addr + sizeof(image_header_t); #else fileTag = (tplink_image_header_t *)addr; print_image_hdr(fileTag); fake_image_header(hdr, fileTag); data = addr + TAG_LEN; #endif /* !CONFIG_TPLINK_IMAGE_HEADER */ len = ntohl(hdr->ih_size); /* * We have reached the point of no return: we are going to * overwrite all exception vector code, so we cannot easily * recover from any failures any more... */ #ifdef CONFIG_NETCONSOLE /* * Stop the ethernet stack if NetConsole could have * left it up */ eth_halt(); #endif /* TODO: should we flush caches for kernel? */ /* * Flush everything, restore caches for linux */ //mips_cache_flush(); //mips_icache_flush_ix(); /* XXX - this causes problems when booting from flash */ /* dcache_disable(); */ /* case IH_COMP_LZMA:*/ puts("Uncompressing kernel image... "); i = lzma_inflate((unsigned char *)data, len, (unsigned char*)ntohl(hdr->ih_load), (int *)&unc_len); if(i != LZMA_RESULT_OK){ printf("## Error: LZMA error num: %d\n", i); return(-1); } puts("OK!\n"); #ifdef CONFIG_SILENT_CONSOLE fixup_silent_linux(); #endif do_bootm_linux(cmdtp, flag, argc, argv); #ifdef DEBUG puts("\n## Error: control returned to monitor - resetting...\n"); do_reset(cmdtp, flag, argc, argv); #endif return(1); }
int do_bootm(cmd_tbl_t *cmdtp, int flag, int argc, char *argv[]) { char *s; u32 *len_ptr; u32 addr, data, len; int i, tpl_type, verify; u32 unc_len = CFG_BOOTM_LEN; image_header_t *hdr = &header; tplink_image_header_t *tpl_hdr; /* * By default don't verify data CRC checksum, * but allow to enable it, using environment **/ s = getenv("verify_data"); verify = (s && (*s == 'y')) ? 1 : 0; if (argc < 2) { addr = load_addr; } else { addr = simple_strtoul(argv[1], NULL, 16); } printf("Booting image from 0x%08lX...\n", addr); /* Check what header type we have */ memmove(&data, (char *)addr, sizeof(u32)); tpl_type = 0; switch (ntohl(data)) { case TPL_IH_VERSION_V1: tpl_type = 1; tpl_hdr = (tplink_image_header_t *)addr; print_tpl_ih_v1(tpl_hdr); /* Convert to general format */ tpl_to_uboot_header(hdr, tpl_hdr); break; case IH_MAGIC: print_uboot_ih((image_header_t *)addr); memmove(&header, (char *)addr, sizeof(image_header_t)); break; case TPL_IH_VERSION_V2: case TPL_IH_VERSION_V3: default: puts("## Error: unsupported image header\n"); return 1; } /* Always verify header CRC */ if (ih_header_crc(hdr, tpl_type) != 0) { puts("## Error: header checksum mismatch!\n"); return 1; } /* And data if enabled */ if (tpl_type) { data = addr + sizeof(tplink_image_header_t); } else { data = addr + sizeof(image_header_t); } if (ih_data_crc(data, hdr, tpl_type, verify) != 0) { puts("## Error: data checksum mismatch!\n"); return 1; } puts("\n"); len = ntohl(hdr->ih_size); len_ptr = (u32 *)data; /* We support only MIPS */ if (hdr->ih_arch != IH_CPU_MIPS) { puts("## Error: unsupported architecture!\n"); return 1; } /* Image type... */ switch (hdr->ih_type) { case IH_TYPE_KERNEL: break; case IH_TYPE_MULTI: /* OS kernel is always in first image */ len = ntohl(len_ptr[0]); data += 8; /* Move over list to first image */ for (i = 1; len_ptr[i]; ++i) data += 4; break; default: puts("## Error: unsupported image type!\n"); return 1; } /* * We have reached the point of no return: we are going to * overwrite all exception vector code, so we cannot easily * recover from any failures any more... */ #ifdef CONFIG_NETCONSOLE /* * Stop the ethernet stack if NetConsole could have * left it up */ puts("Stopping network... "); eth_halt(); puts("OK!\n"); #endif /* TODO: should we flush caches for kernel? */ /* * Flush everything, restore caches for linux */ //mips_cache_flush(); //mips_icache_flush_ix(); /* XXX - this causes problems when booting from flash */ /* dcache_disable(); */ /* Compression type... */ switch (hdr->ih_comp) { case IH_COMP_LZMA: printf("Uncompressing %s... ", ih_img_type(hdr->ih_type)); /* Try to extract LZMA data... */ i = lzma_inflate((u8 *)data, len, (u8 *)ntohl(hdr->ih_load), (int *)&unc_len); /* TODO: more verbose LZMA errors */ if (i != LZMA_RESULT_OK) { puts("ERROR\n"); printf("## Error: LZMA error '%d'!\n", i); return 1; } puts("OK!\n"); break; default: printf("## Error: unsupported compression type '%s'!\n", ih_comp_type(hdr->ih_comp)); return 1; } #ifdef CONFIG_SILENT_CONSOLE fixup_silent_linux(); #endif do_bootm_linux(cmdtp, flag, argc, argv); return 1; }
int do_bootm(cmd_tbl_t *cmdtp, int flag, int argc, char *argv[]) { //ulong iflag; ulong addr; ulong data, len; ulong *len_ptr; uint unc_len = CFG_BOOTM_LEN; int i, verify = 0; image_header_t *hdr = &header; LINUX_FILE_TAG *fileTag; // by lqm, 17Sep07 if (argc < 2) { addr = load_addr; } else { addr = simple_strtoul(argv[1], NULL, 16); } //SHOW_BOOT_PROGRESS (1); printf("Booting image at: 0x%08lX...\n", addr); fileTag = (LINUX_FILE_TAG *) addr; /* printf("---- fileTag = %08x\n", fileTag); printf("\t text base = %08x\n", fileTag->kernelTextAddr); printf("\t entry point = %08x\n", fileTag->kernelEntryPoint); */ fake_image_header(hdr, fileTag->kernelTextAddr, fileTag->kernelEntryPoint, fileTag->kernelLen); data = addr + TAG_LEN; len = ntohl(hdr->ih_size); /* TODO: */ //SHOW_BOOT_PROGRESS (2); //SHOW_BOOT_PROGRESS (6); /* * We have reached the point of no return: we are going to * overwrite all exception vector code, so we cannot easily * recover from any failures any more... */ //iflag = disable_interrupts(); // TODO: disable_interrupts() only returns 0... //disable_interrupts(); #ifdef CONFIG_AR7100 /* * Flush everything, restore caches for linux */ mips_cache_flush(); /* XXX - this causes problems when booting from flash */ /* dcache_disable(); */ #endif /* case IH_COMP_LZMA:*/ puts("Uncompressing kernel image...\n"); i = lzma_inflate((unsigned char *) data, len, (unsigned char*) ntohl(hdr->ih_load), (int *) &unc_len); if (i != LZMA_RESULT_OK) { //printf("## Error: LZMA error number %d\n", i); //SHOW_BOOT_PROGRESS(-6); //udelay(100000); return -1; //do_reset(cmdtp, flag, argc, argv); } puts("OK\n"); //SHOW_BOOT_PROGRESS(7); /* case IH_OS_LINUX: */ #ifdef CONFIG_SILENT_CONSOLE fixup_silent_linux(); #endif do_bootm_linux(cmdtp, flag, argc, argv, addr, len_ptr, verify); //SHOW_BOOT_PROGRESS(-9); #ifdef DEBUG puts ("\n## Error: control returned to monitor - resetting...\n"); do_reset (cmdtp, flag, argc, argv); #endif return 1; }
int main(int argc, char **argv) { struct stat s; u_int8_t *buf_orig; u_int32_t *buf; int buflen; int fd; int i; int err; int start = 0, end = 0; printf("Arcadyan Firmware cutter v0.1\n"); printf("-----------------------------\n"); printf("This tool extracts the different parts of an arcadyan firmware update file\n"); printf("This tool is for private use only. The Firmware that gets extracted has a license that forbids redistribution\n"); printf("Please only run this if you understand the risks\n\n"); printf("I understand the risks ? (y/N)\n"); if (getchar() != 'y') return -1; if (stat(FW_NAME, &s) != 0) { printf("Failed to find %s\n", FW_NAME); printf("Ask Google or try http://hilfe.telekom.de/dlp/eki/downloads/Speedport/Speedport%20W%20921V/Firmware_Speedport_W921V_1.20.000.bin\n"); return -1; } buf_orig = malloc(s.st_size); if (!buf_orig) { printf("Failed to alloc %d bytes\n", s.st_size); return -1; } fd = open(FW_NAME, O_RDONLY); if (fd < 0) { printf("Unable to open %s\n", FW_NAME); return -1; } buflen = read(fd, buf_orig, s.st_size); close(fd); if (buflen != s.st_size) { printf("Loaded %d instead of %d bytes inside %s\n", buflen, s.st_size, FW_NAME); return -1; } /* <magic> */ buf_orig++; buflen -= 1; for (i = 0; i < MAGIC_SZ; i++) { if ((i % 16) < 3) buf_orig[i] = buf_orig[i + 16] ^ MAGIC; else buf_orig[i] = buf_orig[i] ^ MAGIC; } buflen -= 3; memmove(&buf_orig[MAGIC_SZ], &buf_orig[MAGIC_SZ + 3], buflen - MAGIC_SZ); /* </magic> */ buf = (u_int32_t*) buf_orig; do { if (buf[end] == MAGIC_PART) { end += 2; printf("Found partition at 0x%08X with size %d\n", start * sizeof(u_int32_t), (end - start) * sizeof(u_int32_t)); if (buf[start] == MAGIC_LZMA) { int dest_len = 1024 * 1024; int len = buf[end - 3]; u_int32_t id = buf[end - 6]; const char *type = part_type(id); u_int8_t *dest; dest = malloc(dest_len); if (!dest) { printf("Failed to alloc dest buffer\n"); return -1; } if (lzma_inflate((u_int8_t*)&buf[start], len, dest, &dest_len)) { printf("Failed to decompress data\n"); return -1; } fd = creat(type, S_IRUSR | S_IWUSR); if (fd != -1) { if (write(fd, dest, dest_len) != dest_len) printf("\tFailed to write %d bytes\n", dest_len); else printf("\tWrote %d bytes to %s\n", dest_len, type); close(fd); } else { printf("\tFailed to open %s\n", type); } free(dest); } else { printf("\tThis is not lzma\n"); } start = end; } else { end++; } } while(end < buflen / sizeof(u_int32_t)); return 0; }