6 #define IMG_SIZE 0x3e0000
8 #define KERNEL_START 0x020000
9 #define KERNEL_SIZE 0x0b0000
11 #define ROOTFS_START 0x0d0000
12 #define ROOTFS_SIZE 0x30ffb2
19 void print_usage(void)
21 fprintf(stderr, "usage: dgfirmware [<opts>] <img>\n");
22 fprintf(stderr, " <img> firmware image filename\n");
23 fprintf(stderr, " <opts> -h print this message\n");
24 fprintf(stderr, " -f fix the checksum\n");
25 fprintf(stderr, " -x <file> extract the rootfs file to <file>\n");
26 fprintf(stderr, " -xk <file> extract the kernel to <file>\n");
27 fprintf(stderr, " -m <file> merge in rootfs fil\e from <file>\n");
28 fprintf(stderr, " -k <file> merge in kernel from <file>\n");
29 fprintf(stderr, " -w <file> write back the modified firmware\n");
33 unsigned char* read_img(const char *fname)
39 fp = fopen(fname, "rb");
45 fseek(fp, 0, SEEK_END);
48 if (size != IMG_SIZE) {
49 fprintf(stderr, "%s: image file has wrong size\n", app_name);
56 img = malloc(IMG_SIZE);
63 if (fread(img, 1, IMG_SIZE, fp) != IMG_SIZE) {
64 fprintf(stderr, "%s: can't read image file\n", app_name);
74 void write_img(unsigned char* img, const char *fname)
78 fp = fopen(fname, "wb");
84 if (fwrite(img, 1, IMG_SIZE, fp) != IMG_SIZE) {
85 fprintf(stderr, "%s: can't write image file\n", app_name);
92 void write_rootfs(unsigned char* img, const char *fname)
96 fp = fopen(fname, "wb");
102 if (fwrite(img+ROOTFS_START, 1, ROOTFS_SIZE, fp) != ROOTFS_SIZE) {
103 fprintf(stderr, "%s: can't write image file\n", app_name);
110 void write_kernel(unsigned char* img, const char *fname)
114 fp = fopen(fname, "wb");
120 if (fwrite(img+KERNEL_START, 1, KERNEL_SIZE, fp) != KERNEL_SIZE) {
121 fprintf(stderr, "%s: can't write kernel file\n", app_name);
128 unsigned char* read_rootfs(unsigned char* img, const char *fname)
134 for (i=ROOTFS_START; i<ROOTFS_START+ROOTFS_SIZE; i++)
137 fp = fopen(fname, "rb");
143 fseek(fp, 0, SEEK_END);
146 if (size > ROOTFS_SIZE) {
147 fprintf(stderr, "%s: rootfs image file is too big\n", app_name);
154 if (fread(img+ROOTFS_START, 1, size, fp) != size) {
155 fprintf(stderr, "%s: can't read rootfs image file\n", app_name);
165 unsigned char* read_kernel(unsigned char* img, const char *fname)
171 for (i=KERNEL_START; i<KERNEL_START+KERNEL_SIZE; i++)
174 fp = fopen(fname, "rb");
180 fseek(fp, 0, SEEK_END);
183 if (size > KERNEL_SIZE) {
184 fprintf(stderr, "%s: kernel binary file is too big\n", app_name);
191 if (fread(img+KERNEL_START, 1, size, fp) != size) {
192 fprintf(stderr, "%s: can't read kernel file\n", app_name);
202 int get_checksum(unsigned char* img)
206 s = img[0x3dfffc] + (img[0x3dfffd]<<8);
212 void set_checksum(unsigned char*img, unsigned short sum)
214 img[0x3dfffc] = sum & 0xff;
215 img[0x3dfffd] = (sum>>8) & 0xff;
219 int compute_checksum(unsigned char* img)
224 for (i=0; i<0x3dfffc; i++)
231 int main(int argc, char* argv[])
233 char *img_fname = NULL;
234 char *rootfs_fname = NULL;
235 char *kernel_fname = NULL;
236 char *new_img_fname = NULL;
238 int do_fix_checksum = 0;
240 int do_write_rootfs = 0;
241 int do_read_rootfs = 0;
242 int do_write_kernel = 0;
243 int do_read_kernel = 0;
247 unsigned short img_checksum;
248 unsigned short real_checksum;
252 for (i=1; i<argc; i++) {
253 if (!strcmp(argv[i], "-h")) {
257 else if (!strcmp(argv[i], "-f")) {
260 else if (!strcmp(argv[i], "-x")) {
262 fprintf(stderr, "%s: missing argument\n", app_name);
266 rootfs_fname = argv[i+1];
269 else if (!strcmp(argv[i], "-xk")) {
271 fprintf(stderr, "%s: missing argument\n", app_name);
275 kernel_fname = argv[i+1];
278 else if (!strcmp(argv[i], "-m")) {
280 fprintf(stderr, "%s: missing argument\n", app_name);
284 rootfs_fname = argv[i+1];
287 else if (!strcmp(argv[i], "-k")) {
289 fprintf(stderr, "%s: missing argument\n", app_name);
293 kernel_fname = argv[i+1];
296 else if (!strcmp(argv[i], "-w")) {
298 fprintf(stderr, "%s: missing argument\n", app_name);
302 new_img_fname = argv[i+1];
305 else if (img_fname != 0) {
306 fprintf(stderr, "%s: too many arguments\n", app_name);
314 if (img_fname == NULL) {
315 fprintf(stderr, "%s: missing argument\n", app_name);
319 if ((do_read_rootfs && do_write_rootfs) ||
320 (do_read_kernel && do_write_kernel)) {
321 fprintf(stderr, "%s: conflictuous options\n", app_name);
325 printf ("** Read firmware file\n");
326 img = read_img(img_fname);
328 printf ("Firmware product: %s\n", img+0x3dffbd);
329 printf ("Firmware version: 1.%02d.%02d\n", (img[0x3dffeb] & 0x7f), img[0x3dffec]);
331 if (do_write_rootfs) {
332 printf ("** Write rootfs file\n");
333 write_rootfs(img, rootfs_fname);
336 if (do_write_kernel) {
337 printf ("** Write kernel file\n");
338 write_kernel(img, kernel_fname);
341 if (do_read_rootfs) {
342 printf ("** Read rootfs file\n");
343 read_rootfs(img, rootfs_fname);
347 if (do_read_kernel) {
348 printf ("** Read kernel file\n");
349 read_kernel(img, kernel_fname);
353 img_checksum = get_checksum(img);
354 real_checksum = compute_checksum(img);
356 printf ("image checksum = %04x\n", img_checksum);
357 printf ("real checksum = %04x\n", real_checksum);
359 if (do_fix_checksum) {
360 if (img_checksum != real_checksum) {
361 printf ("** Bad Checksum, fix it\n");
362 set_checksum(img, real_checksum);
365 printf ("** Checksum is correct, good\n");
370 printf ("** Write image file\n");
371 write_img(img, new_img_fname);