コード例 #1
0
ファイル: usb.c プロジェクト: ThorstenHi/md380tools
int usb_dnld_hook(){
  /* These are global buffers to the packet data, its length, and the
     block address that it runs to.  The stock firmware has a bug
     in that it assumes the packet size is always 2048 bytes.
  */
  static char *packet=(char*) 0x200199f0;//2.032
  static int *packetlen=(int*) 0x2001d20c;//2.032
  static int *blockadr=(int*) 0x2001d208;//2.032
  static char *dfu_state=(char*) 0x2001d405;//2.032
  static char **dfu_target_adr=(char**) 0x2000112c; //2.032
  
  //Don't know what these do.
  //char *thingy=(char*) 0x2001d276;
  char *thingy2=(char*) 0x2001d041;
  
  int state;
  
  /* DFU transfers begin at block 2, and special commands hook block
     0.  We'll use block 1, because it handily fits in the gap without
     breaking backward compatibility with the older code.
   */
  if(*blockadr==1){
    switch(packet[0]){

//Memory commands
    case TDFU_DMESG:
      //The DMESG buffer might move, so this command
      //sets the target address to the DMESG buffer.
      *dfu_target_adr=dmesg_start;
      break;

//SPI-FLASH commands
    case TDFU_SPIFLASHGETID:
      //Re-uses the dmesg transmit buffer.
      *dfu_target_adr=dmesg_tx_buf;
      get_spi_flash_type((void *) dmesg_tx_buf); // 0x00aabbcc  aa=MANUFACTURER ID, bb,cc Device Identification
      break;
    case TDFU_SPIFLASHREAD:
      //Re-uses the dmesg transmit buffer.
      *dfu_target_adr=dmesg_tx_buf;
      uint32_t adr= *((uint32_t*)(packet+1));
      printf("Dumping %d bytes from 0x%08x in SPI Flash\n",
            DMESG_SIZE, adr);
      md380_spiflash_read(dmesg_tx_buf,
		          adr,
		          DMESG_SIZE);
      break;
    case TDFU_SPIFLASHWRITE:
      //Re-uses the dmesg transmit buffer.
      *dfu_target_adr=dmesg_tx_buf;
      adr = *((uint32_t*)(packet+1));
      uint32_t size = *((uint32_t*)(packet+5));
      memset(dmesg_tx_buf,0,DMESG_SIZE);
      if (check_spi_flash_type()) {
        printf ("TDFU_SPIFLASHWRITE %x %d %x\n", adr, size, packet+9);
        md380_spiflash_write(packet+9,  adr, size);
      }
      break;
    case TDFU_SPIFLASHERASE64K:   // experimental
      //Re-uses the dmesg transmit buffer.
      *dfu_target_adr=dmesg_tx_buf;
      adr= *((uint32_t*)(packet+1));
      memset(dmesg_tx_buf,0,DMESG_SIZE);
      if (check_spi_flash_type()) {
        printf ("TDFU_SPIFLASHERASE64K %x \n", adr);
//      spiflash_wait();     
//      spiflash_block_erase64k(adr);


        md380_spiflash_enable();
        md380_spi_sendrecv(0x6);
        md380_spiflash_disable();

        md380_spiflash_enable();
        md380_spi_sendrecv(0xd8);
        md380_spi_sendrecv((adr>> 16) & 0xff);
        md380_spi_sendrecv((adr>>  8) & 0xff);
        md380_spi_sendrecv(adr & 0xff);
        md380_spiflash_disable();
      }  
//      md380_spiflash_wait();   // this is the problem :( 
                           // must be polled via dfu commenad?
      break;
    case TDFU_SPIFLASHWRITE_NEW: // not working, this is not the problem
      //Re-uses the dmesg transmit buffer.
      *dfu_target_adr=dmesg_tx_buf;
      adr = *((uint32_t*)(packet+1));
      size = *((uint32_t*)(packet+5));
      memset(dmesg_tx_buf,0,DMESG_SIZE);
      if (check_spi_flash_type()) {
        printf ("DFU_SPIFLASHWRITE_new %x %d %x\n", adr, size, packet+9);
        // enable write

        for (int i=0;i<size;i=i+256) {
          int page_adr;
          page_adr=adr+i;
          printf("%d %x\n",i,page_adr);
          md380_spiflash_wait();

          md380_spiflash_enable();
          md380_spi_sendrecv(0x6);
          md380_spiflash_disable();

          md380_spiflash_enable();
          md380_spi_sendrecv(0x2);
          printf("%x ", ((page_adr>> 16) & 0xff));
          md380_spi_sendrecv((page_adr>> 16) & 0xff);
          printf("%x ", ((page_adr>>  8) & 0xff));
          md380_spi_sendrecv((page_adr>>  8) & 0xff);
          printf("%x ", (page_adr & 0xff));
          md380_spi_sendrecv(page_adr & 0xff);
          for (int ii=0; ii < 256; ii++) {
            md380_spi_sendrecv(packet[9+ii+i]);
          }
          md380_spiflash_disable();
          md380_spiflash_wait();
          printf("\n");
        }
      }
      break;
    case TDFU_SPIFLASHSECURITYREGREAD:
      //Re-uses the dmesg transmit buffer.
      *dfu_target_adr=dmesg_tx_buf;
      printf("Dumping %d bytes from adr 0 SPI Flash security_registers\n",
	     DMESG_SIZE);
      md380_spiflash_security_registers_read(dmesg_tx_buf,
                                      0,
                                      3*256);
      break;

      
//Radio Commands
    case TDFU_C5000_READREG:
      //Re-uses the dmesg transmit buffer.
      *dfu_target_adr=dmesg_tx_buf;
      memset(dmesg_tx_buf,0,DMESG_SIZE);
      state=OS_ENTER_CRITICAL();
      c5000_spi0_readreg(packet[1],dmesg_tx_buf);
      OS_EXIT_CRITICAL(state);
      break;
    case TDFU_C5000_WRITEREG:
      //Re-uses the dmesg transmit buffer.
      *dfu_target_adr=dmesg_tx_buf;
      memset(dmesg_tx_buf,0,DMESG_SIZE);
      state=OS_ENTER_CRITICAL();
      c5000_spi0_writereg(packet[1],packet[2]);
      OS_EXIT_CRITICAL(state);
      break;

//Graphics commands.
    case TDFU_PRINT: // 0x80, u8 x, u8 y, u8 str[].
      drawtext((wchar_t *) (packet+3),
	       packet[1],packet[2]);
      break;
      
    case TDFU_BOX:
    default:
      printf("Unhandled DFU packet type 0x%02x.\n",packet[0]);
    }
    
    thingy2[0]=0;
    thingy2[1]=0;
    thingy2[2]=0;
    thingy2[3]=3;
    *dfu_state=3;
    
    *blockadr=0;
    *packetlen=0;
    return 0;
  }else{
    /* For all other blocks, we default to the internal handler.
     */
    return usb_dnld_handle();
コード例 #2
0
ファイル: usb.c プロジェクト: mach327/md380tools
int usb_dnld_hook(){
  /* These are global buffers to the packet data, its length, and the
     block address that it runs to.  The stock firmware has a bug
     in that it assumes the packet size is always 2048 bytes.
  */
  
  int state;
  
  /* DFU transfers begin at block 2, and special commands hook block
     0.  We'll use block 1, because it handily fits in the gap without
     breaking backward compatibility with the older code.
   */
  if(*md380_blockadr==1){
    switch(md380_packet[0]){

//Memory commands
    case TDFU_DMESG:
      //The DMESG buffer might move, so this command
      //sets the target address to the DMESG buffer.
      *md380_dfu_target_adr=dmesg_start;
      break;

//SPI-FLASH commands
#ifdef CONFIG_SPIFLASH
    case TDFU_SPIFLASHGETID:
      //Re-uses the dmesg transmit buffer.
      *md380_dfu_target_adr=dmesg_tx_buf;
      get_spi_flash_type((void *) dmesg_tx_buf); // 0x00aabbcc  aa=MANUFACTURER ID, bb,cc Device Identification
      break;
    case TDFU_SPIFLASHREAD:
      //Re-uses the dmesg transmit buffer.
      *md380_dfu_target_adr=dmesg_tx_buf;
      uint32_t adr= *((uint32_t*)(md380_packet+1));
      printf("Dumping %d bytes from 0x%08x in SPI Flash\n",
            DMESG_SIZE, adr);
      md380_spiflash_read(dmesg_tx_buf,
		          adr,
		          DMESG_SIZE);
      break;
    case TDFU_SPIFLASHWRITE:
      //Re-uses the dmesg transmit buffer.
      *md380_dfu_target_adr=dmesg_tx_buf;
      adr = *((uint32_t*)(md380_packet+1));
      uint32_t size = *((uint32_t*)(md380_packet+5));
      memset(dmesg_tx_buf,0,DMESG_SIZE);
      if (check_spi_flash_size()>adr) {
        printf ("TDFU_SPIFLASHWRITE %x %d %x\n", adr, size, md380_packet+9);
        md380_spiflash_write(md380_packet+9,  adr, size);
      }
      break;
    case TDFU_SPIFLASHERASE64K:   // experimental
      //Re-uses the dmesg transmit buffer.
      *md380_dfu_target_adr=dmesg_tx_buf;
      adr= *((uint32_t*)(md380_packet+1));
      memset(dmesg_tx_buf,0,DMESG_SIZE);
      if (check_spi_flash_size()>adr) {
        printf ("TDFU_SPIFLASHERASE64K %x \n", adr);
//      spiflash_wait();     
//      spiflash_block_erase64k(adr);


        md380_spiflash_enable();
        md380_spi_sendrecv(0x6);
        md380_spiflash_disable();

        md380_spiflash_enable();
        md380_spi_sendrecv(0xd8);
        md380_spi_sendrecv((adr>> 16) & 0xff);
        md380_spi_sendrecv((adr>>  8) & 0xff);
        md380_spi_sendrecv(adr & 0xff);
        md380_spiflash_disable();
      }  
//      md380_spiflash_wait();   // this is the problem :( 
                           // must be polled via dfu commenad?
      break;
    case TDFU_SPIFLASHWRITE_NEW: // not working, this is not the problem
      //Re-uses the dmesg transmit buffer.
      *md380_dfu_target_adr=dmesg_tx_buf;
      adr = *((uint32_t*)(md380_packet+1));
      size = *((uint32_t*)(md380_packet+5));
      memset(dmesg_tx_buf,0,DMESG_SIZE);
      if (check_spi_flash_size()>adr) {
        printf ("DFU_CONFIG_SPIFLASHWRITE_new %x %d %x\n", adr, size, md380_packet+9);
        // enable write

        for (int i=0;i<size;i=i+256) {
          int page_adr;
          page_adr=adr+i;
          printf("%d %x\n",i,page_adr);
          md380_spiflash_wait();

          md380_spiflash_enable();
          md380_spi_sendrecv(0x6);
          md380_spiflash_disable();

          md380_spiflash_enable();
          md380_spi_sendrecv(0x2);
          printf("%x ", ((page_adr>> 16) & 0xff));
          md380_spi_sendrecv((page_adr>> 16) & 0xff);
          printf("%x ", ((page_adr>>  8) & 0xff));
          md380_spi_sendrecv((page_adr>>  8) & 0xff);
          printf("%x ", (page_adr & 0xff));
          md380_spi_sendrecv(page_adr & 0xff);
          for (int ii=0; ii < 256; ii++) {
            md380_spi_sendrecv(md380_packet[9+ii+i]);
          }
          md380_spiflash_disable();
          md380_spiflash_wait();
          printf("\n");
        }
      }
      break;
    case TDFU_SPIFLASHSECURITYREGREAD:
      //Re-uses the dmesg transmit buffer.
      *md380_dfu_target_adr=dmesg_tx_buf;
      printf("Dumping %d bytes from adr 0 SPI Flash security_registers\n",
	     DMESG_SIZE);
      md380_spiflash_security_registers_read(dmesg_tx_buf,
                                      0,
                                      3*256);
      break;
#endif //CONFIG_SPIFLASH
      
#ifdef CONFIG_SPIC5000
//Radio Commands
    case TDFU_C5000_READREG:
      //Re-uses the dmesg transmit buffer.
      *md380_dfu_target_adr=dmesg_tx_buf;
      memset(dmesg_tx_buf,0,DMESG_SIZE);
      state=OS_ENTER_CRITICAL();
      c5000_spi0_readreg(md380_packet[1],dmesg_tx_buf);
      OS_EXIT_CRITICAL(state);
      break;
    case TDFU_C5000_WRITEREG:
      //Re-uses the dmesg transmit buffer.
      *md380_dfu_target_adr=dmesg_tx_buf;
      memset(dmesg_tx_buf,0,DMESG_SIZE);
      state=OS_ENTER_CRITICAL();
      c5000_spi0_writereg(md380_packet[1],md380_packet[2]);
      OS_EXIT_CRITICAL(state);
      break;
#endif //CONFIG_SPIC5000

#ifdef CONFIG_GRAPHICS
//Graphics commands.
    case TDFU_PRINT: // 0x80, u8 x, u8 y, u8 str[].
      drawtext((wchar_t *) (md380_packet+3),
	       md380_packet[1],md380_packet[2]);
      break;
      
    case TDFU_BOX:
      break;
#endif //CONFIG_GRAPHICS

    case TDFU_SYSLOG:
      syslog_dump_dmesg();
      break;
    
    default:
      printf("Unhandled DFU packet type 0x%02x.\n",md380_packet[0]);
    }