/** Vendor information for CPE210/220/510/520 */
-static const unsigned char cpe510_vendor[] = "\x00\x00\x00\x1f""CPE510(TP-LINK|UN|N300-5):1.0\r\n";
+static const char cpe510_vendor[] = "CPE510(TP-LINK|UN|N300-5):1.0\r\n";
+/** Vendor information for C2600 */
+static const char c2600_vendor[] = "";
/**
The flash partition table for CPE210/220/510/520;
};
/**
- The support list for CPE210/220/510/520
+ The flash partition table for C2600;
+ it is the same as the one used by the stock images.
+*/
+static const struct flash_partition_entry c2600_partitions[] = {
+ {"SBL1", 0x00000, 0x20000},
+ {"MIBIB", 0x20000, 0x20000},
+ {"SBL2", 0x40000, 0x20000},
+ {"SBL3", 0x60000, 0x30000},
+ {"DDRCONFIG", 0x90000, 0x10000},
+ {"SSD", 0xa0000, 0x10000},
+ {"TZ", 0xb0000, 0x30000},
+ {"RPM", 0xe0000, 0x20000},
+ {"fs-uboot", 0x100000, 0x70000},
+ {"uboot-env", 0x170000, 0x40000},
+ {"radio", 0x1b0000, 0x40000},
+ {"os-image", 0x1f0000, 0x200000},
+ {"file-system", 0x3f0000, 0x1b00000},
+ {"default-mac", 0x1ef0000, 0x00200},
+ {"pin", 0x1ef0200, 0x00200},
+ {"product-info", 0x1ef0400, 0x0fc00},
+ {"partition-table", 0x1f00000, 0x10000},
+ {"soft-version", 0x1f10000, 0x10000},
+ {"support-list", 0x1f20000, 0x10000},
+ {"profile", 0x1f30000, 0x10000},
+ {"default-config", 0x1f40000, 0x10000},
+ {"user-config", 0x1f50000, 0x40000},
+ {"qos-db", 0x1f90000, 0x40000},
+ {"usb-config", 0x1fd0000, 0x10000},
+ {"log", 0x1fe0000, 0x20000},
+ {NULL, 0, 0}
+};
- The stock images also contain strings for two more devices: BS510 and BS210.
- At the moment, there exists no public information about these devices.
+/**
+ The support list for CPE210/220/510/520
*/
-static const unsigned char cpe510_support_list[] =
- "\x00\x00\x00\xc8\x00\x00\x00\x00"
+static const char cpe510_support_list[] =
"SupportList:\r\n"
"CPE510(TP-LINK|UN|N300-5):1.0\r\n"
+ "CPE510(TP-LINK|UN|N300-5):1.1\r\n"
"CPE520(TP-LINK|UN|N300-5):1.0\r\n"
+ "CPE520(TP-LINK|UN|N300-5):1.1\r\n"
"CPE210(TP-LINK|UN|N300-2):1.0\r\n"
+ "CPE210(TP-LINK|UN|N300-2):1.1\r\n"
"CPE220(TP-LINK|UN|N300-2):1.0\r\n"
- "\r\n\xff";
+ "CPE220(TP-LINK|UN|N300-2):1.1\r\n";
+
+/**
+ The support list for C2600
+*/
+static const char c2600_support_list[] =
+ "SupportList:\r\n"
+ "{product_name:Archer C2600,product_ver:1.0.0,special_id:00000000}\r\n";
#define error(_ret, _errno, _str, ...) \
do { \
} while (0)
+/** Stores a uint32 as big endian */
+static inline void put32(uint8_t *buf, uint32_t val) {
+ buf[0] = val >> 24;
+ buf[1] = val >> 16;
+ buf[2] = val >> 8;
+ buf[3] = val;
+}
+
/** Allocates a new image partition */
-struct image_partition_entry alloc_image_partition(const char *name, size_t len) {
+static struct image_partition_entry alloc_image_partition(const char *name, size_t len) {
struct image_partition_entry entry = {name, len, malloc(len)};
if (!entry.data)
error(1, errno, "malloc");
}
/** Frees an image partition */
-void free_image_partition(struct image_partition_entry entry) {
+static void free_image_partition(struct image_partition_entry entry) {
free(entry.data);
}
/** Generates the partition-table partition */
-struct image_partition_entry make_partition_table(const struct flash_partition_entry *p) {
+static struct image_partition_entry make_partition_table(const struct flash_partition_entry *p) {
struct image_partition_entry entry = alloc_image_partition("partition-table", 0x800);
char *s = (char *)entry.data, *end = (char *)(s+entry.size);
/** Generates the soft-version partition */
-struct image_partition_entry make_soft_version(uint32_t rev) {
+static struct image_partition_entry make_soft_version(uint32_t rev) {
struct image_partition_entry entry = alloc_image_partition("soft-version", sizeof(struct soft_version));
struct soft_version *s = (struct soft_version *)entry.data;
}
/** Generates the support-list partition */
-struct image_partition_entry make_support_list(const unsigned char *support_list, size_t len) {
- struct image_partition_entry entry = alloc_image_partition("support-list", len);
- memcpy(entry.data, support_list, len);
+static struct image_partition_entry make_support_list(const char *support_list, bool trailzero) {
+ size_t len = strlen(support_list);
+ struct image_partition_entry entry = alloc_image_partition("support-list", len + 9);
+
+ put32(entry.data, len);
+ memset(entry.data+4, 0, 4);
+ memcpy(entry.data+8, support_list, len);
+ entry.data[len+8] = trailzero ? '\x00' : '\xff';
+
return entry;
}
/** Creates a new image partition with an arbitrary name from a file */
-struct image_partition_entry read_file(const char *part_name, const char *filename, bool add_jffs2_eof) {
+static struct image_partition_entry read_file(const char *part_name, const char *filename, bool add_jffs2_eof) {
struct stat statbuf;
if (stat(filename, &statbuf) < 0)
I think partition-table must be the first partition in the firmware image.
*/
-void put_partitions(uint8_t *buffer, const struct image_partition_entry *parts) {
+static void put_partitions(uint8_t *buffer, const struct image_partition_entry *parts) {
size_t i;
char *image_pt = (char *)buffer, *end = image_pt + 0x800;
}
/** Generates and writes the image MD5 checksum */
-void put_md5(uint8_t *md5, uint8_t *buffer, unsigned int len) {
+static void put_md5(uint8_t *md5, uint8_t *buffer, unsigned int len) {
MD5_CTX ctx;
MD5_Init(&ctx);
----------- -----
0000-0003 Image size (4 bytes, big endian)
0004-0013 MD5 hash (hash of a 16 byte salt and the image data starting with byte 0x14)
- 0014-1013 Vendor information (4096 bytes, padded with 0xff; there seem to be older
+ 0014-0017 Vendor information length (without padding) (4 bytes, big endian)
+ 0018-1013 Vendor information (4092 bytes, padded with 0xff; there seem to be older
(VxWorks-based) TP-LINK devices which use a smaller vendor information block)
1014-1813 Image partition table (2048 bytes, padded with 0xff)
1814-xxxx Firmware partitions
*/
-void * generate_factory_image(const unsigned char *vendor, size_t vendor_len, const struct image_partition_entry *parts, size_t *len) {
+static void * generate_factory_image(const char *vendor, const struct image_partition_entry *parts, size_t *len) {
*len = 0x1814;
size_t i;
if (!image)
error(1, errno, "malloc");
- image[0] = *len >> 24;
- image[1] = *len >> 16;
- image[2] = *len >> 8;
- image[3] = *len;
+ put32(image, *len);
- memcpy(image+0x14, vendor, vendor_len);
- memset(image+0x14+vendor_len, 0xff, 4096-vendor_len);
+ size_t vendor_len = strlen(vendor);
+ put32(image+0x14, vendor_len);
+ memcpy(image+0x18, vendor, vendor_len);
+ memset(image+0x18+vendor_len, 0xff, 4092-vendor_len);
put_partitions(image + 0x1014, parts);
put_md5(image+0x04, image+0x14, *len-0x14);
should be generalized when TP-LINK starts building its safeloader into hardware with
different flash layouts.
*/
-void * generate_sysupgrade_image(const struct flash_partition_entry *flash_parts, const struct image_partition_entry *image_parts, size_t *len) {
+static void * generate_sysupgrade_image(const struct flash_partition_entry *flash_parts, const struct image_partition_entry *image_parts, size_t *len) {
const struct flash_partition_entry *flash_os_image = &flash_parts[5];
const struct flash_partition_entry *flash_soft_version = &flash_parts[6];
const struct flash_partition_entry *flash_support_list = &flash_parts[7];
return image;
}
+static void * generate_sysupgrade_image_c2600(const struct flash_partition_entry *flash_parts, const struct image_partition_entry *image_parts, size_t *len) {
+ const struct flash_partition_entry *flash_os_image = &flash_parts[11];
+ const struct flash_partition_entry *flash_file_system = &flash_parts[12];
+
+ const struct image_partition_entry *image_os_image = &image_parts[3];
+ const struct image_partition_entry *image_file_system = &image_parts[4];
+
+ assert(strcmp(flash_os_image->name, "os-image") == 0);
+ assert(strcmp(flash_file_system->name, "file-system") == 0);
+
+ assert(strcmp(image_os_image->name, "os-image") == 0);
+ assert(strcmp(image_file_system->name, "file-system") == 0);
+
+ if (image_os_image->size > flash_os_image->size)
+ error(1, 0, "kernel image too big (more than %u bytes)", (unsigned)flash_os_image->size);
+ if (image_file_system->size > flash_file_system->size)
+ error(1, 0, "rootfs image too big (more than %u bytes)", (unsigned)flash_file_system->size);
+
+ *len = flash_file_system->base - flash_os_image->base + image_file_system->size;
+
+ uint8_t *image = malloc(*len);
+ if (!image)
+ error(1, errno, "malloc");
+
+ memset(image, 0xff, *len);
+
+ memcpy(image, image_os_image->data, image_os_image->size);
+ memcpy(image + flash_file_system->base - flash_os_image->base, image_file_system->data, image_file_system->size);
+
+ return image;
+}
/** Generates an image for CPE210/220/510/520 and writes it to a file */
static void do_cpe510(const char *output, const char *kernel_image, const char *rootfs_image, uint32_t rev, bool add_jffs2_eof, bool sysupgrade) {
parts[0] = make_partition_table(cpe510_partitions);
parts[1] = make_soft_version(rev);
- parts[2] = make_support_list(cpe510_support_list, sizeof(cpe510_support_list)-1);
+ parts[2] = make_support_list(cpe510_support_list,false);
parts[3] = read_file("os-image", kernel_image, false);
parts[4] = read_file("file-system", rootfs_image, add_jffs2_eof);
if (sysupgrade)
image = generate_sysupgrade_image(cpe510_partitions, parts, &len);
else
- image = generate_factory_image(cpe510_vendor, sizeof(cpe510_vendor)-1, parts, &len);
+ image = generate_factory_image(cpe510_vendor, parts, &len);
+
+ FILE *file = fopen(output, "wb");
+ if (!file)
+ error(1, errno, "unable to open output file");
+
+ if (fwrite(image, len, 1, file) != 1)
+ error(1, 0, "unable to write output file");
+
+ fclose(file);
+
+ free(image);
+
+ size_t i;
+ for (i = 0; parts[i].name; i++)
+ free_image_partition(parts[i]);
+}
+
+/** Generates an image for C2600 and writes it to a file */
+static void do_c2600(const char *output, const char *kernel_image, const char *rootfs_image, uint32_t rev, bool add_jffs2_eof, bool sysupgrade) {
+ struct image_partition_entry parts[6] = {};
+
+ parts[0] = make_partition_table(c2600_partitions);
+ parts[1] = make_soft_version(rev);
+ parts[2] = make_support_list(c2600_support_list,true);
+ parts[3] = read_file("os-image", kernel_image, false);
+ parts[4] = read_file("file-system", rootfs_image, add_jffs2_eof);
+
+ size_t len;
+ void *image;
+ if (sysupgrade)
+ image = generate_sysupgrade_image_c2600(c2600_partitions, parts, &len);
+ else
+ image = generate_factory_image(c2600_vendor, parts, &len);
FILE *file = fopen(output, "wb");
if (!file)
/** Usage output */
-void usage(const char *argv0) {
+static void usage(const char *argv0) {
fprintf(stderr,
"Usage: %s [OPTIONS...]\n"
"\n"
if (strcmp(board, "CPE510") == 0)
do_cpe510(output, kernel_image, rootfs_image, rev, add_jffs2_eof, sysupgrade);
+ else if (strcmp(board, "C2600") == 0)
+ do_c2600(output, kernel_image, rootfs_image, rev, add_jffs2_eof, sysupgrade);
else
error(1, 0, "unsupported board %s", board);
projects / openwrt / openwrt.git / blobdiff