From 0d9d980ecd6fce5708003ed16c3238a680b1b16e Mon Sep 17 00:00:00 2001 From: Tal Keren Date: Thu, 7 Jan 2016 02:40:47 +0200 Subject: [PATCH] firmware-utils: kernel image generator for TP-Link RE450 MIME-Version: 1.0 Content-Type: text/plain; charset=utf8 Content-Transfer-Encoding: 8bit The firmware image that is used in TP-Link RE450 (and some more devices from the RE series) is tplink-safeloader. In the kernel partition, the kernel is compressed in a regular tp-link firmware that is just used for booting. Since it is only used for compressing and booting, only four fields are filled in the header: Vendor, version, kernel load address and kernel entry point. mktplinkfw-kernel is a simpler version of mktpolinkfw that generate such images. It also specifies the hardware id (as it is in the product info section), so when doing a sysupgrade - the existing code will check for hardware compatibility. Signed-off-by: Tal Keren [rd@radekdostal.com: add build target to .../image/tp-link.mk] Signed-off-by: Radek Dostál --- target/linux/ar71xx/image/tp-link.mk | 10 + tools/firmware-utils/Makefile | 1 + tools/firmware-utils/src/mktplinkfw-kernel.c | 352 +++++++++++++++++++ 3 files changed, 363 insertions(+) create mode 100644 tools/firmware-utils/src/mktplinkfw-kernel.c diff --git a/target/linux/ar71xx/image/tp-link.mk b/target/linux/ar71xx/image/tp-link.mk index 616bdb7a4b..c6508839cc 100644 --- a/target/linux/ar71xx/image/tp-link.mk +++ b/target/linux/ar71xx/image/tp-link.mk @@ -35,6 +35,16 @@ define Build/mktplinkfw-combined @mv $@.new $@ endef +# add RE450 and similar header to the kernel image +define Build/mktplinkfw-kernel + $(STAGING_DIR_HOST)/bin/mktplinkfw-kernel \ + -H $(TPLINK_HWID) -N OpenWrt -V $(REVISION) \ + -L $(KERNEL_LOADADDR) -E $(KERNEL_LOADADDR) \ + -k $@ \ + -o $@.new + @mv $@.new $@ +endef + define Device/tplink TPLINK_HWREV := 0x1 TPLINK_HEADER_VERSION := 1 diff --git a/tools/firmware-utils/Makefile b/tools/firmware-utils/Makefile index 456b7a39f5..69cba69a58 100644 --- a/tools/firmware-utils/Makefile +++ b/tools/firmware-utils/Makefile @@ -41,6 +41,7 @@ define Host/Compile $(call cc,mkplanexfw sha1) $(call cc,mktplinkfw md5, -Wall) $(call cc,mktplinkfw2 md5) + $(call cc,mktplinkfw-kernel) $(call cc,tplink-safeloader md5, -Wall) $(call cc,pc1crypt) $(call cc,osbridge-crc) diff --git a/tools/firmware-utils/src/mktplinkfw-kernel.c b/tools/firmware-utils/src/mktplinkfw-kernel.c new file mode 100644 index 0000000000..1565e73545 --- /dev/null +++ b/tools/firmware-utils/src/mktplinkfw-kernel.c @@ -0,0 +1,352 @@ +/* + * Copyright (C) 2009 Gabor Juhos + * Copyright (C) 2016 Tal Keren + * + * Stripped down version of the regular tplink firmware that is only used + * for compressing and booting the kernel. + * + * This tool was based on: + * TP-Link WR941 V2 firmware checksum fixing tool. + * Copyright (C) 2008,2009 Wang Jian + * + * This program is free software; you can redistribute it and/or modify it + * under the terms of the GNU General Public License version 2 as published + * by the Free Software Foundation. + * + */ + +#include +#include +#include +#include +#include /* for unlink() */ +#include +#include /* for getopt() */ +#include +#include +#include + +#include +#include + +#define ALIGN(x,a) ({ typeof(a) __a = (a); (((x) + __a - 1) & ~(__a - 1)); }) + +#define HEADER_VERSION_V1 0x01000000 + +#define MD5SUM_LEN 16 + +struct file_info { + char *file_name; /* name of the file */ + uint32_t file_size; /* length of the file */ +}; + +struct fw_header { + uint32_t version; /* header version */ + char vendor_name[24]; + char fw_version[36]; + uint32_t hw_id; /* hardware id */ + uint32_t hw_rev; /* hardware revision */ + uint32_t unk1; + uint8_t md5sum1[MD5SUM_LEN]; + uint32_t unk2; + uint8_t md5sum2[MD5SUM_LEN]; + uint32_t unk3; + uint32_t kernel_la; /* kernel load address */ + uint32_t kernel_ep; /* kernel entry point */ + uint32_t fw_length; /* total length of the firmware */ + uint32_t kernel_ofs; /* kernel data offset */ + uint32_t kernel_len; /* kernel data length */ + uint32_t rootfs_ofs; /* rootfs data offset */ + uint32_t rootfs_len; /* rootfs data length */ + uint32_t boot_ofs; /* bootloader data offset */ + uint32_t boot_len; /* bootloader data length */ + uint16_t ver_hi; + uint16_t ver_mid; + uint16_t ver_lo; + uint8_t pad[354]; +} __attribute__ ((packed)); + + +/* + * Globals + */ +static char *ofname; +static char *progname; +static char *vendor = "TP-LINK Technologies"; +static char *version = "ver. 1.0"; +static char *fw_ver = "0.0.0"; +static uint32_t hdr_ver = HEADER_VERSION_V1; + +static char *opt_hw_id; +static uint32_t hw_id = 0; +static struct file_info kernel_info; +static uint32_t kernel_la = 0; +static uint32_t kernel_ep = 0; +static uint32_t kernel_len = 0; + +/* + * Message macros + */ +#define ERR(fmt, ...) do { \ + fflush(0); \ + fprintf(stderr, "[%s] *** error: " fmt "\n", \ + progname, ## __VA_ARGS__ ); \ +} while (0) + +#define ERRS(fmt, ...) do { \ + int save = errno; \ + fflush(0); \ + fprintf(stderr, "[%s] *** error: " fmt ": %s\n", \ + progname, ## __VA_ARGS__, strerror(save)); \ +} while (0) + +#define DBG(fmt, ...) do { \ + fprintf(stderr, "[%s] " fmt "\n", progname, ## __VA_ARGS__ ); \ +} while (0) + +static void usage(int status) +{ + FILE *stream = (status != EXIT_SUCCESS) ? stderr : stdout; + struct board_info *board; + + fprintf(stream, "Usage: %s [OPTIONS...]\n", progname); + fprintf(stream, +"\n" +"Options:\n" +" -E kernel entry point with (hexval prefixed with 0x)\n" +" -L kernel load address with (hexval prefixed with 0x)\n" +" -H use hardware id specified with \n" +" -k read kernel image from the file \n" +" -o write output to the file \n" +" -N set image vendor to \n" +" -V set image version to \n" +" -h show this screen\n" + ); + + exit(status); +} + +static int get_file_stat(struct file_info *fdata) +{ + struct stat st; + int res; + + if (fdata->file_name == NULL) + return 0; + + res = stat(fdata->file_name, &st); + if (res){ + ERRS("stat failed on %s", fdata->file_name); + return res; + } + + fdata->file_size = st.st_size; + return 0; +} + +static int read_to_buf(struct file_info *fdata, char *buf) +{ + FILE *f; + int ret = EXIT_FAILURE; + + f = fopen(fdata->file_name, "r"); + if (f == NULL) { + ERRS("could not open \"%s\" for reading", fdata->file_name); + goto out; + } + + errno = 0; + fread(buf, fdata->file_size, 1, f); + if (errno != 0) { + ERRS("unable to read from file \"%s\"", fdata->file_name); + goto out_close; + } + + ret = EXIT_SUCCESS; + + out_close: + fclose(f); + out: + return ret; +} + +static int check_options(void) +{ + int ret; + + if (opt_hw_id) { + hw_id = strtoul(opt_hw_id, NULL, 0); + } + + if (!kernel_la || !kernel_ep) { + ERR("kernel loading address and entry point must be specified"); + return -1; + } + + if (kernel_info.file_name == NULL) { + ERR("no kernel image specified"); + return -1; + } + + ret = get_file_stat(&kernel_info); + if (ret) + return ret; + + kernel_len = kernel_info.file_size; + + if (ofname == NULL) { + ERR("no output file specified"); + return -1; + } + + return 0; +} + +static void fill_header(char *buf) +{ + struct fw_header *hdr = (struct fw_header *)buf; + + memset(hdr, 0, sizeof(struct fw_header)); + + hdr->version = htonl(hdr_ver); + strncpy(hdr->vendor_name, vendor, sizeof(hdr->vendor_name)); + strncpy(hdr->fw_version, version, sizeof(hdr->fw_version)); + + /** + * This field is ignored and not specified in stock firmware + * It is specified here to ensure sysupgrade hardware compatibility + * The hardware id of a device is in the product-info partition + */ + hdr->hw_id = htonl(hw_id); + + hdr->kernel_la = htonl(kernel_la); + hdr->kernel_ep = htonl(kernel_ep); + + hdr->kernel_ofs = htonl(sizeof(struct fw_header)); + hdr->kernel_len = htonl(kernel_len); +} + +static int write_fw(char *data, int len) +{ + FILE *f; + int ret = EXIT_FAILURE; + + f = fopen(ofname, "w"); + if (f == NULL) { + ERRS("could not open \"%s\" for writing", ofname); + goto out; + } + + errno = 0; + fwrite(data, len, 1, f); + if (errno) { + ERRS("unable to write output file"); + goto out_flush; + } + + DBG("firmware file \"%s\" completed", ofname); + + ret = EXIT_SUCCESS; + + out_flush: + fflush(f); + fclose(f); + if (ret != EXIT_SUCCESS) { + unlink(ofname); + } + out: + return ret; +} + +static int build_fw(void) +{ + int buflen; + char *buf; + char *p; + int ret = EXIT_FAILURE; + + buflen = sizeof(struct fw_header) + kernel_len; + buflen = ALIGN(buflen, 0x4); + + buf = malloc(buflen); + if (!buf) { + ERR("no memory for buffer\n"); + goto out; + } + + memset(buf, 0, buflen); + p = buf + sizeof(struct fw_header); + ret = read_to_buf(&kernel_info, p); + if (ret) + goto out_free_buf; + + fill_header(buf); + ret = write_fw(buf, buflen); + if (ret) + goto out_free_buf; + + ret = EXIT_SUCCESS; + + out_free_buf: + free(buf); + out: + return ret; +} + +int main(int argc, char *argv[]) +{ + int ret = EXIT_FAILURE; + int err; + + FILE *outfile; + + progname = basename(argv[0]); + + while ( 1 ) { + int c; + + c = getopt(argc, argv, "H:E:L:V:N:k:o:h"); + if (c == -1) + break; + + switch (c) { + case 'H': + opt_hw_id = optarg; + break; + case 'E': + sscanf(optarg, "0x%x", &kernel_ep); + break; + case 'L': + sscanf(optarg, "0x%x", &kernel_la); + break; + case 'V': + version = optarg; + break; + case 'N': + vendor = optarg; + break; + case 'k': + kernel_info.file_name = optarg; + break; + case 'o': + ofname = optarg; + break; + case 'h': + usage(EXIT_SUCCESS); + break; + default: + usage(EXIT_FAILURE); + break; + } + } + + ret = check_options(); + if (ret) + goto out; + + ret = build_fw(); + + out: + return ret; +} + -- 2.25.1