Loading ...
Sorry, an error occurred while loading the content.

Edit FIS directory from linux

Expand Messages
  • Phil Endecott
    Dear All, I have written a small Linux utility to edit the fis (aka Redboot) flash directory (aka partition table). You can get the source from
    Message 1 of 1 , Jan 24, 2007
    • 0 Attachment
      Dear All,

      I have written a small Linux utility to edit the fis (aka Redboot)
      flash directory (aka partition table). You can get the source from

      http://svn.chezphil.org/utils/trunk/fis.cc

      It relies on various stuff from

      http://svn.chezphil.org/libpbe/trunk/

      In principle you can run it directly on the /dev/mtdblock file
      containing your fis directory. However, you might prefer to
      instead make a copy of that file, edit the copy, and then copy
      it back once you are happy that it has been changed in the way
      you wanted.

      Please think through how you would recover from a mistake (either
      in how you run the program or in how I have implemented it) before
      you try to use this program. In most cases you can probably recover
      by saving a copy of the flash ("cat /dev/mtdblock* > fashbackup")
      and uploading it with upslug2. This "cat" trick will stop working,
      however, if you have gaps in your fis partition table (which this
      program allows) or if you have more than 10 partitions ('*' will
      put 10 between 1 and 2).

      Here's some typical usage:

      # fis
      Usage:
      fis [options] list
      fis [options] init
      fis [options] create -f address -l size -n name
      fis [options] delete name
      Options:
      -d device specify /dev/mtd* device containing directory
      -o offset specify offset into device of start of directory
      (in decimal; prefix with 0x for hex)
      -s size specify size of directory in bytes
      -e swap endianness

      # cat /proc/mtd
      dev: size erasesize name
      mtd0: 00040000 00020000 "RedBoot"
      mtd1: 00020000 00020000 "SysConf"
      mtd2: 00020000 00020000 "Loader"
      mtd3: 00120000 00020000 "Kernel"
      mtd4: 00640000 00020000 "Ramdisk"
      mtd5: 00020000 00020000 "FIS directory"

      // So our FIS directory is currently in /dev/mtd5.
      // We'll edit a copy:

      # cp /dev/mtd5 /tmp/fisdir

      // Let's have a look at it:

      # od -t x1 /tmp/fisdir
      0000000 52 65 64 42 6f 6f 74 00 00 00 00 00 00 00 00 00
      0000020 50 00 00 00 00 00 00 00 00 04 00 00 00 00 00 00
      0000040 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
      *
      0000400 53 79 73 43 6f 6e 66 00 00 00 00 00 00 00 00 00
      0000420 50 04 00 00 00 00 00 00 00 02 00 00 00 00 00 00
      0000440 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
      *
      0001000 4c 6f 61 64 65 72 00 00 00 00 00 00 00 00 00 00
      0001020 50 06 00 00 00 00 00 00 00 02 00 00 00 00 00 00
      0001040 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
      *
      0001340 00 00 00 00 00 00 00 00 00 00 00 00 73 6b 69 70
      0001360 00 00 00 00 00 00 00 10 00 00 00 00 00 00 00 00
      0001400 4b 65 72 6e 65 6c 00 00 00 00 00 00 00 00 00 00
      0001420 50 08 00 00 00 00 00 00 00 12 00 00 00 00 00 00
      0001440 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
      *
      0001740 73 6b 69 70 00 00 00 00 00 00 00 10 73 6b 69 70
      0001760 00 0e 00 00 00 00 00 10 00 00 00 00 00 00 00 00
      0002000 52 61 6d 64 69 73 6b 00 00 00 00 00 00 00 00 00
      0002020 50 1a 00 00 00 00 00 00 00 64 00 00 00 00 00 00
      0002040 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
      *
      0002340 00 00 00 00 00 00 00 00 00 00 00 00 73 6b 69 70
      0002360 00 00 00 00 00 00 00 10 00 00 00 00 00 00 00 00
      0002400 46 49 53 20 64 69 72 65 63 74 6f 72 79 00 00 00
      0002420 50 7e 00 00 00 00 00 00 00 02 00 00 00 00 00 00
      0002440 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
      *
      0003000 ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
      *
      0377760 00 01 00 00 23 63 90 f7 65 52 63 4f 6d 4d 00 b4
      0400000

      // There are six entries, as expected. Some contain "skip" data.
      // Most of the partition is empty (ffs). Right at the end of the
      // partition there's some magic which I think is sercomm-related.
      // Best not to touch that. So we'll tell fis that the
      // directory only occupies the first half of the file, i.e. 64k bytes
      // rather than 128k bytes.

      # fis -d /tmp/fisdir -s 65536 list
      RedBoot: addr = 0x00000050, size = 0x00000400
      SysConf: addr = 0x00000450, size = 0x00000200
      Loader: addr = 0x00000650, size = 0x00000200
      skip: 00000000 + 10000000
      Kernel: addr = 0x00000850, size = 0x00001200
      skip: 00000000 + 10000000
      skip: 00000e00 + 10000000
      Ramdisk: addr = 0x00001a50, size = 0x00006400
      skip: 00000000 + 10000000
      FIS directory: addr = 0x00007e50, size = 0x00000200

      // Does that look right? Nearly, but the endianness is wrong:

      # fis -d /tmp/fisdir -s 65536 -e list
      RedBoot: addr = 0x50000000, size = 0x00040000
      SysConf: addr = 0x50040000, size = 0x00020000
      Loader: addr = 0x50060000, size = 0x00020000
      skip: 00000000 + 00000010
      Kernel: addr = 0x50080000, size = 0x00120000
      skip: 00000000 + 00000010
      skip: 000e0000 + 00000010
      Ramdisk: addr = 0x501a0000, size = 0x00640000
      skip: 00000000 + 00000010
      FIS directory: addr = 0x507e0000, size = 0x00020000

      // That looks OK.
      // On my system I don't have a Ramdisk (aka initramfs), and I can use all of
      // that space for test kernels, like this:

      # fis -d /tmp/fisdir -s 65536 -e delete Ramdisk
      # fis -d /tmp/fisdir -s 65536 -e create -f 0x501a0000 -l 0x200000 -n testkernel1
      # fis -d /tmp/fisdir -s 65536 -e create -f 0x503a0000 -l 0x200000 -n testkernel2
      # fis -d /tmp/fisdir -s 65536 -e create -f 0x505a0000 -l 0x200000 -n testkernel3
      # fis -d /tmp/fisdir -s 65536 -e list
      RedBoot: addr = 0x50000000, size = 0x00040000
      SysConf: addr = 0x50040000, size = 0x00020000
      Loader: addr = 0x50060000, size = 0x00020000
      skip: 00000000 + 00000010
      Kernel: addr = 0x50080000, size = 0x00120000
      skip: 00000000 + 00000010
      skip: 000e0000 + 00000010
      testkernel1: addr = 0x501a0000, size = 0x00200000
      testkernel2: addr = 0x503a0000, size = 0x00200000
      testkernel3: addr = 0x505a0000, size = 0x00200000
      FIS directory: addr = 0x507e0000, size = 0x00200000

      // Note that the skip that was present in the old Ramdisk partition has been lost.
      // The utility will list skips and will preserve them in parts of the table that
      // have not changed, but it doesn't offer a way to create them. Patches are
      // welcome if people need this.
      // I believe that the only skips that are essential are the places where the
      // Linksys redboot looks, which are the places where the original kernel and
      // ramdisk started; these are now the start of the loader and the middle of
      // the kernel. The other skips, at the beginning of the kernel and the
      // beginning of the new ramdisk, exist only so that the new images will work
      // with the 16-byte sercomm header prepended. If I don't prepend a sercomm
      // header it should all just work, I think.

      // Let's have a look at the modified copy:

      # od -t x1 /tmp/fisdir
      0000000 52 65 64 42 6f 6f 74 00 00 00 00 00 00 00 00 00
      0000020 50 00 00 00 00 00 00 00 00 04 00 00 00 00 00 00
      0000040 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
      *
      0000400 53 79 73 43 6f 6e 66 00 00 00 00 00 00 00 00 00
      0000420 50 04 00 00 00 00 00 00 00 02 00 00 00 00 00 00
      0000440 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
      *
      0001000 4c 6f 61 64 65 72 00 00 00 00 00 00 00 00 00 00
      0001020 50 06 00 00 00 00 00 00 00 02 00 00 00 00 00 00
      0001040 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
      *
      0001340 00 00 00 00 00 00 00 00 00 00 00 00 73 6b 69 70
      0001360 00 00 00 00 00 00 00 10 00 00 00 00 00 00 00 00
      0001400 4b 65 72 6e 65 6c 00 00 00 00 00 00 00 00 00 00
      0001420 50 08 00 00 00 00 00 00 00 12 00 00 00 00 00 00
      0001440 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
      *
      0001740 73 6b 69 70 00 00 00 00 00 00 00 10 73 6b 69 70
      0001760 00 0e 00 00 00 00 00 10 00 00 00 00 00 00 00 00
      0002000 74 65 73 74 6b 65 72 6e 65 6c 31 00 00 00 00 00
      0002020 50 1a 00 00 00 00 00 00 00 20 00 00 00 00 00 00
      0002040 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
      *
      0002400 74 65 73 74 6b 65 72 6e 65 6c 32 00 00 00 00 00
      0002420 50 3a 00 00 00 00 00 00 00 20 00 00 00 00 00 00
      0002440 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
      *
      0003000 74 65 73 74 6b 65 72 6e 65 6c 33 00 00 00 00 00
      0003020 50 5a 00 00 00 00 00 00 00 20 00 00 00 00 00 00
      0003040 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
      *
      0003400 46 49 53 20 64 69 72 65 63 74 6f 72 79 00 00 00
      0003420 50 7e 00 00 00 00 00 00 00 02 00 00 00 00 00 00
      0003440 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
      *
      0004000 ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
      *
      0377760 00 01 00 00 23 63 90 f7 65 52 63 4f 6d 4d 00 b4
      0400000

      // That looks OK. Note that the sercomm stuff is still there at
      // the end. Are we brave enough to copy it back into the flash?

      # cat /tmp/fisdir > /dev/mtdblock5

      // Now reboot, and see if the kernel mtd driver understands the changes:

      # cat /proc/mtd
      dev: size erasesize name
      mtd0: 00040000 00020000 "RedBoot"
      mtd1: 00020000 00020000 "SysConf"
      mtd2: 00020000 00020000 "Loader"
      mtd3: 00120000 00020000 "Kernel"
      mtd4: 00200000 00020000 "testkernel1"
      mtd5: 00200000 00020000 "testkernel2"
      mtd6: 00200000 00020000 "testkernel3"
      mtd7: 00020000 00020000 "FIS directory"

      // And APEX:

      apex> ver


      APEX Boot Loader 1.4.11 -- Copyright (c) 2004,2005,2006,2007 Marc Singer

      APEX comes with ABSOLUTELY NO WARRANTY. It is free software and you
      are welcome to redistribute it under certain circumstances.
      For details, refer to the file COPYING in the program source.

      apex => mem:0x00200000+0xa5a4 (42404 bytes)
      env => nor:0x7c000+15k (in-use)

      *** No SDRAM init when APEX executed from SDRAM.
      stack: 1880 used (4096)
      memory: 0x0 0x02000000 (32 MiB)
      nor: 8MiB total 32B write buffer
      region 0: 64 blocks of 131072 (0x20000) bytes
      fis:
      nor:0x00000000+0x00040000 RedBoot
      nor:0x00040000+0x00020000 SysConf
      nor:0x00060000+0x00020000 Loader
      @0x00000000+0x00000010 (skip)
      nor:0x00080000+0x00120000 Kernel
      @0x00000000+0x00000010 (skip)
      @0x000e0000+0x00000010 (skip)
      nor:0x001a0000+0x00200000 testkernel1
      nor:0x003a0000+0x00200000 testkernel2
      nor:0x005a0000+0x00200000 testkernel3
      nor:0x007e0000+0x00020000 FIS directory
      cpu: id 0x690541f1 ctrl 0x1a7f (vIZfRsbLDPWCAM) cpsr 0x200000d3
      ttbl 0x00210000 domain 0xffffffff cache 0x0b1aa1aa



      Some notes:

      - Should the addresses be absolute (i.e. 0x5.....) or relative to the
      start of the flash?

      - I have tried to make the commands somewhat similar to the Redboot
      fis commands. Should create be using -f or -b to specify the address?

      - I do not create or check checksums, because the code I was looking at
      (the kernel mtd driver code) doesn't do anything with them. If someone
      would like to tell me exactly what is needed then I'll add it.


      Regards,

      Phil.
    Your message has been successfully submitted and would be delivered to recipients shortly.