summaryrefslogtreecommitdiff
path: root/rbutil/mkmpioboot/mkmpioboot.c
blob: b36f009730e97978619538b8ce3b73df7a247ee6 (plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
/***************************************************************************
 *             __________               __   ___.
 *   Open      \______   \ ____   ____ |  | _\_ |__   _______  ___
 *   Source     |       _//  _ \_/ ___\|  |/ /| __ \ /  _ \  \/  /
 *   Jukebox    |    |   (  <_> )  \___|    < | \_\ (  <_> > <  <
 *   Firmware   |____|_  /\____/ \___  >__|_ \|___  /\____/__/\_ \
 *                     \/            \/     \/    \/            \/
 * $Id:$
 *
 * Copyright (C) 2010 by Marcin Bukat
 *
 * code taken mostly from mkboot.c 
 * Copyright (C) 2005 by Linus Nielsen Feltzing
 *
 * This program is free software; you can redistribute it and/or
 * modify it under the terms of the GNU General Public License
 * as published by the Free Software Foundation; either version 2
 * of the License, or (at your option) any later version.
 *
 * This software is distributed on an "AS IS" basis, WITHOUT WARRANTY OF ANY
 * KIND, either express or implied.
 *
 ****************************************************************************/
#include <stdio.h>
#include <stdlib.h>
#include <string.h>
#include "mkmpioboot.h"

#define OF_FIRMWARE_LEN 0x100000 /* size of the OF file */
#define MPIO_STRING_OFFSET 0xfffe0 /* offset of the version string in OF */
#define BOOTLOADER_MAX_SIZE 0x1f800 /* free space size */

/* Descriptive name of these models */
static const char* model_names[] = {
    [MODEL_HD200] = "MPIO HD200",
    [MODEL_HD300] = "MPIO HD300",
};

/* Model names used in the Rockbox header in ".mpio" files - these match the
   -add parameter to the "scramble" tool */
static const char* rb_model_names[] = {
    [MODEL_HD200] = "hd20",
    [MODEL_HD300] = "hd30",
};

/* Model numbers used to initialise the checksum in the Rockbox header in
   ".mpio" files - these are the same as MODEL_NUMBER in config-target.h */
static const int rb_model_num[] = {
    [MODEL_HD200] = 69,
    [MODEL_HD300] = 70,
};

/* Strings which indentify OF version */
static const char* of_model_string[] = {
    [MODEL_HD200] = "HD200  HDD Audio Ver113005",
    [MODEL_HD300] = "HD300  HDD Audio Ver113006",
};

/* MPIO HD200 and HD300 firmware is plain binary image
 * 4 bytes of initial SP (loaded on reset)
 * 4 bytes of initial PC (loaded on reset)
 * binary image with entry point 0x00000008
 *
 * We put our bootloader code at 0x000e0000
 * and patch reset vector to jump directly
 * into our code on reset
 */

static unsigned char image[OF_FIRMWARE_LEN];

static unsigned int get_uint32be(unsigned char* p)
{
    return ((p[0] << 24) | (p[1] << 16) | (p[2]<<8) | p[3]);
}

static long checksum(unsigned char* buf, int model, unsigned long length)
{
    unsigned long chksum = model;
    unsigned long i;
    
    if(buf == NULL)
        return -1;

    for (i = 0; i < length; i++)
    {
        chksum += *buf++;
    }

return chksum;
}

int mkmpioboot(const char* infile, const char* bootfile, const char* outfile, int origin)
{
    FILE *f;
    int i;
    int len;
    int model_index;
    unsigned long file_checksum;
    unsigned char header[8];

    memset(image, 0xff, sizeof(image));

    /* First, read the mpio original firmware into the image */
    f = fopen(infile, "rb");
    if(!f)
    {
        fprintf(stderr, "[ERR]  Can not open %s file for reading\n", infile);
        return -1;
    }

    i = fread(image, 1, OF_FIRMWARE_LEN, f);
    if(i < OF_FIRMWARE_LEN)
    {
        fprintf(stderr, "[ERR]  %s file read error\n", infile);        
        fclose(f);
        return -2;
    }

    fclose(f);

    /* Now check if we have OF file loaded based on presence
     * of the version string in firmware 
     */

    for(model_index = 0; model_index < NUM_MODELS; model_index++)
        if (strcmp(of_model_string[model_index],
            (char*)(image + MPIO_STRING_OFFSET)) == 0)
            break;

    if(model_index == NUM_MODELS)
    {
        fprintf(stderr, "[ERR]  Unknown MPIO original firmware version\n");
        return -3;
    }

    fprintf(stderr, "[INFO] Loading original firmware file for %s\n",
            model_names[model_index]);

    /* Now, read the boot loader into the image */
    f = fopen(bootfile, "rb");
    if(!f)
    {
        fprintf(stderr, "[ERR]  Can not open %s file for reading\n", bootfile);
        return -4;
    }

    fprintf(stderr, "[INFO] Loading Rockbox bootloader file\n");

    /* get bootloader size
     * excluding header
     */
    fseek(f, 0, SEEK_END);
    len = ftell(f) - 8;

    if (len > BOOTLOADER_MAX_SIZE)
    {
        fprintf(stderr, "[ERR]  Bootloader doesn't fit in firmware file.\n");
        fprintf(stderr, "[ERR]  This bootloader is %d bytes long\n", len);
        fprintf(stderr, "[ERR]  and maximum allowed size is %d bytes\n",
                BOOTLOADER_MAX_SIZE);
        return -5;
    }

    /* Now check if the place we want to put
     * our bootloader is free
     */
    for(i=0;i<len;i++)
    {
        if (image[origin+i] != 0)
        {
            fprintf(stderr, "[ERR]  Place for bootloader in OF file not empty\n");
            return -6;
        }
    }

    fseek(f, 0, SEEK_SET);

    /* get bootloader header*/
    fread(header,1,8,f);

    if ( memcmp(header + 4, rb_model_names[model_index], 4) != 0 )
    {
        fprintf(stderr, "[ERR]  Original firmware and rockbox bootloader mismatch!\n");
        fprintf(stderr, "[ERR]  Double check that you have bootloader for %s\n",
                model_names[model_index]);
        return -7;
    }

    /* omit header */
    fseek(f, 8, SEEK_SET);

    i = fread(image + origin, 1, len, f);
    if(i < len)
    {
        fprintf(stderr, "[ERR]  %s file read error\n", bootfile);
        fclose(f);
        return -8;
    }

    fclose(f);

    /* calculate checksum and compare with data
     * from header
     */
    file_checksum = checksum(image + origin, rb_model_num[model_index], len);

    if ( file_checksum != get_uint32be(header) )
    {
        fprintf(stderr,"[ERR]  Bootloader checksum error\n");
        return -9;
    }

    f = fopen(outfile, "wb");
    if(!f)
    {
        fprintf(stderr, "[ERR]  Can not open %s file for writing\n" ,outfile);
        return -10;
    }

    fprintf(stderr, "[INFO] Patching reset vector\n");

    /* Patch the stack pointer address */    
    image[0] = image[origin + 0];
    image[1] = image[origin + 1];
    image[2] = image[origin + 2];
    image[3] = image[origin + 3];

    /* Patch the reset vector to start the boot loader */
    image[4] = image[origin + 4];
    image[5] = image[origin + 5];
    image[6] = image[origin + 6];
    image[7] = image[origin + 7];

    i = fwrite(image, 1, OF_FIRMWARE_LEN, f);
    if(i < OF_FIRMWARE_LEN)
    {
        fprintf(stderr,"[ERR]  %s file write error\n", outfile);
        fclose(f);
        return -11;
    }

    fprintf(stderr,"[INFO] Wrote 0x%x bytes in %s\n", OF_FIRMWARE_LEN, outfile);
    fprintf(stderr,"[INFO] Patching succeeded!\n");
   
    fclose(f);
    
    return 0;
}