mirror of
https://github.com/bkerler/mtkclient.git
synced 2024-11-14 19:25:05 -05:00
Fix legacy
This commit is contained in:
Bjoern Kerler
parent
d94afeca66
commit
069e01f404
11 changed files with 214 additions and 96 deletions
9
mtk
9
mtk
|
|
@ -704,6 +704,7 @@ class Main(metaclass=LogBase):
|
|||
self.close()
|
||||
if parttype == "user" or parttype is None:
|
||||
i = 0
|
||||
countDump = 0
|
||||
self.info("Requesting available partitions ....")
|
||||
gpttable = mtk.daloader.get_partition_data(self.args, parttype=parttype)
|
||||
for partition in partitions:
|
||||
|
|
@ -727,13 +728,19 @@ class Main(metaclass=LogBase):
|
|||
filename=partfilename, parttype=parttype):
|
||||
self.info(f"Dumped sector {str(rpartition.sector)} with sector count " +
|
||||
f"{str(rpartition.sectors)} as {partfilename}.")
|
||||
countDump += 1
|
||||
else:
|
||||
self.info(f"Failed to dump sector {str(rpartition.sector)} with sector count " +
|
||||
f"{str(rpartition.sectors)} as {partfilename}.")
|
||||
countDump += 1
|
||||
else:
|
||||
self.error(f"Error: Couldn't detect partition: {partition}\nAvailable partitions:")
|
||||
for rpartition in gpttable:
|
||||
self.info(rpartition.name)
|
||||
if countDump > 1 and countDump == len(filenames):
|
||||
self.info(f"All partitions were dumped")
|
||||
elif countDump > 1 and countDump != len(filenames):
|
||||
self.info(f"Failed to dump some partitions")
|
||||
else:
|
||||
i = 0
|
||||
for partfilename in filenames:
|
||||
|
|
@ -1129,7 +1136,7 @@ class Main(metaclass=LogBase):
|
|||
self.close()
|
||||
|
||||
|
||||
info = "MTK Flash/Exploit Client V1.51 (c) B.Kerler 2018-2021"
|
||||
info = "MTK Flash/Exploit Client V1.52 (c) B.Kerler 2018-2021"
|
||||
|
||||
cmds = {
|
||||
"printgpt": "Print GPT Table information",
|
||||
|
|
|
|||
|
|
@ -24,6 +24,7 @@ class crypto_setup:
|
|||
ap_dma_mem = None
|
||||
meid_addr = None
|
||||
socid_addr = None
|
||||
prov_addr = None
|
||||
|
||||
class hwcrypto(metaclass=LogBase):
|
||||
def __init__(self, setup, loglevel=logging.INFO):
|
||||
|
|
@ -39,6 +40,7 @@ class hwcrypto(metaclass=LogBase):
|
|||
self.write32 = setup.write32
|
||||
self.meid_addr = setup.meid_addr
|
||||
self.socid_addr = setup.socid_addr
|
||||
self.prov_addr = setup.prov_addr
|
||||
|
||||
def aes_hwcrypt(self, data=b"", iv=None, encrypt=True, otp=None, mode="cbc", btype="sej"):
|
||||
if otp is None:
|
||||
|
|
|
|||
|
|
@ -1116,19 +1116,37 @@ class dxcc(metaclass=LogBase):
|
|||
self.tzcc_clk(0)
|
||||
return rpmbkey
|
||||
|
||||
def salt_func(self, value):
|
||||
while True:
|
||||
val=self.read32(self.dxcc_base+(0x2AF*4))&1
|
||||
if val!=0:
|
||||
break
|
||||
self.write32(self.dxcc_base + (0x2A9*4),(4*value)|0x10000)
|
||||
while True:
|
||||
val=self.read32(self.dxcc_base+(0x2AD*4))<<31
|
||||
if val!=0:
|
||||
break
|
||||
res=self.read32(self.dxcc_base+(0x2AB*4))
|
||||
return res
|
||||
|
||||
def generate_provision_key(self):
|
||||
plat_key = b"KEY PLAT"
|
||||
prov_key = b"PROVISION KEY"
|
||||
self.tzcc_clk(1)
|
||||
dstaddr = self.da_payload_addr - 0x300
|
||||
|
||||
mtk_oem_key = hashlib.sha256(bytes.fromhex(oem_pubk)).digest()
|
||||
provkey = self.SBROM_KeyDerivation(HwCryptoKey.PROVISIONING_KEY, plat_key, mtk_oem_key, 0x10, dstaddr)
|
||||
salt = hashlib.sha256(bytes.fromhex(oem_pubk)).digest()
|
||||
"""
|
||||
salt = bytearray(b"\x00"*0x20)
|
||||
for i in range(8):
|
||||
salt[i*4]=self.salt_func(0x10+i)
|
||||
"""
|
||||
provkey = self.SBROM_KeyDerivation(HwCryptoKey.PROVISIONING_KEY, plat_key, salt, 0x10, dstaddr)
|
||||
while True:
|
||||
val = self.read32(self.dxcc_base + 0xAF4) & 1
|
||||
if val != 0:
|
||||
break
|
||||
platkey = self.SBROM_KeyDerivation(HwCryptoKey.PLATFORM_KEY, prov_key, mtk_oem_key, 0x10, dstaddr)
|
||||
platkey = self.SBROM_KeyDerivation(HwCryptoKey.PLATFORM_KEY, prov_key, salt, 0x10, dstaddr)
|
||||
self.write32(self.dxcc_base + 0xAC0, 0)
|
||||
self.write32(self.dxcc_base + 0xAC4, 0)
|
||||
self.write32(self.dxcc_base + 0xAC8, 0)
|
||||
|
|
|
|||
|
|
@ -23,7 +23,9 @@ class norinfo:
|
|||
m_nor_flash_otp_status = None
|
||||
m_nor_flash_otp_size = None
|
||||
|
||||
def __init__(self, data):
|
||||
def __init__(self, data = None):
|
||||
if data is None:
|
||||
return
|
||||
sh = structhelper(data)
|
||||
self.m_nor_ret = sh.dword(True)
|
||||
self.m_nor_chip_select = sh.bytes(2)
|
||||
|
|
@ -33,6 +35,20 @@ class norinfo:
|
|||
self.m_nor_flash_otp_status = sh.dword(True)
|
||||
self.m_nor_flash_otp_size = sh.dword(True)
|
||||
|
||||
def __repr__(self):
|
||||
res = f"m_nor_ret = {hex(self.m_nor_ret)}\n"
|
||||
res += f"m_nor_chip_select = {hexlify(self.m_nor_chip_select).decode('utf-8')}\n"
|
||||
res += f"m_nor_flash_id = {hex(self.m_nor_flash_id)}\n"
|
||||
res += f"m_nor_flash_size = {hex(self.m_nor_flash_size)}\n"
|
||||
val = pack("<HHHH", self.m_nor_flash_dev_code[0], self.m_nor_flash_dev_code[1], self.m_nor_flash_dev_code[2],
|
||||
self.m_nor_flash_dev_code[3])
|
||||
res += f"m_nor_flash_dev_code = {hexlify(val).decode('utf-8')}\n"
|
||||
res += f"m_nor_flash_otp_status = {hex(self.m_nor_flash_otp_status)}\n"
|
||||
res += f"m_nor_flash_otp_size = {hex(self.m_nor_flash_otp_size)}\n"
|
||||
|
||||
res += f"m_sdmmc_cid = {hexlify(val).decode('utf-8')}\n"
|
||||
return res
|
||||
|
||||
|
||||
class nandinfo32:
|
||||
m_nand_info = None
|
||||
|
|
@ -42,15 +58,25 @@ class nandinfo32:
|
|||
m_nand_flash_id_count = None
|
||||
info2 = None
|
||||
|
||||
def __init__(self, data):
|
||||
def __init__(self, data = None):
|
||||
if data is None:
|
||||
return
|
||||
sh = structhelper(data)
|
||||
self.m_nand_info = sh.dword(True)
|
||||
self.m_nand_chip_select = sh.bytes(1)
|
||||
self.m_nand_chip_select = sh.bytes()
|
||||
self.m_nand_flash_id = sh.short(True)
|
||||
self.m_nand_flash_size = sh.dword(True)
|
||||
self.m_nand_flash_id_count = sh.short(True)
|
||||
self.info2 = None
|
||||
|
||||
def __repr__(self):
|
||||
res = f"m_nand_info = {hex(self.m_nand_info)}\n"
|
||||
res += f"m_nand_chip_select = {hex(self.m_nand_chip_select)}\n"
|
||||
res += f"m_nand_flash_id = {hex(self.m_nand_flash_id)}\n"
|
||||
res += f"m_nand_flash_size = {hex(self.m_nand_flash_size)}\n"
|
||||
res += f"m_nand_flash_id_count = {hex(self.m_nand_flash_id_count)}\n"
|
||||
return res
|
||||
|
||||
|
||||
class nandinfo64:
|
||||
m_nand_info = None
|
||||
|
|
@ -60,15 +86,25 @@ class nandinfo64:
|
|||
m_nand_flash_id_count = None
|
||||
info2 = None
|
||||
|
||||
def __init__(self, data):
|
||||
def __init__(self, data = None):
|
||||
if data is None:
|
||||
return
|
||||
sh = structhelper(data)
|
||||
self.m_nand_info = sh.dword(True)
|
||||
self.m_nand_chip_select = sh.bytes(1)
|
||||
self.m_nand_chip_select = sh.bytes()
|
||||
self.m_nand_flash_id = sh.short(True)
|
||||
self.m_nand_flash_size = sh.qword(True)
|
||||
self.m_nand_flash_id_count = sh.short(True)
|
||||
self.info2 = None
|
||||
|
||||
def __repr__(self):
|
||||
res = f"m_nand_info = {hex(self.m_nand_info)}\n"
|
||||
res += f"m_nand_chip_select = {hex(self.m_nand_chip_select)}\n"
|
||||
res += f"m_nand_flash_id = {hex(self.m_nand_flash_id)}\n"
|
||||
res += f"m_nand_flash_size = {hex(self.m_nand_flash_size)}\n"
|
||||
res += f"m_nand_flash_id_count = {hex(self.m_nand_flash_id_count)}\n"
|
||||
return res
|
||||
|
||||
|
||||
# ('m_nand_flash_dev_code', '>7H'),
|
||||
|
||||
|
|
@ -80,14 +116,25 @@ class nandinfo2:
|
|||
m_nand_addr_cycle = None
|
||||
m_nand_bmt_exist = None
|
||||
|
||||
def __init__(self, data):
|
||||
def __init__(self, data = None):
|
||||
if data is None:
|
||||
return
|
||||
sh = structhelper(data)
|
||||
self.m_nand_pagesize = sh.short(True)
|
||||
self.m_nand_sparesize = sh.short(True)
|
||||
self.m_nand_pages_per_block = sh.short(True)
|
||||
self.m_nand_io_interface = sh.bytes(1)
|
||||
self.m_nand_addr_cycle = sh.bytes(1)
|
||||
self.m_nand_bmt_exist = sh.bytes(1)
|
||||
self.m_nand_io_interface = sh.bytes()
|
||||
self.m_nand_addr_cycle = sh.bytes()
|
||||
self.m_nand_bmt_exist = sh.bytes()
|
||||
|
||||
def __repr__(self):
|
||||
res = f"m_nand_pagesize = {hex(self.m_nand_pagesize)}\n"
|
||||
res += f"m_nand_sparesize = {hex(self.m_nand_sparesize)}\n"
|
||||
res += f"m_nand_pages_per_block = {hex(self.m_nand_pages_per_block)}\n"
|
||||
res += f"m_nand_io_interface = {hex(self.m_nand_io_interface)}\n"
|
||||
res += f"m_nand_addr_cycle = {hex(self.m_nand_addr_cycle)}\n"
|
||||
res += f"m_nand_bmt_exist = {hex(self.m_nand_bmt_exist)}\n"
|
||||
return res
|
||||
|
||||
|
||||
class emmcinfo:
|
||||
|
|
@ -100,7 +147,9 @@ class emmcinfo:
|
|||
m_emmc_cid = None
|
||||
m_emmc_fwver = None
|
||||
|
||||
def __init__(self, data):
|
||||
def __init__(self, data = None):
|
||||
if data is None:
|
||||
return
|
||||
sh = structhelper(data)
|
||||
self.m_emmc_ret = sh.dword(True)
|
||||
self.m_emmc_boot1_size = sh.qword(True)
|
||||
|
|
@ -111,18 +160,41 @@ class emmcinfo:
|
|||
self.m_emmc_cid = sh.qwords(2, True)
|
||||
self.m_emmc_fwver = sh.bytes(8)
|
||||
|
||||
def __repr__(self):
|
||||
res = f"m_emmc_ret = {hex(self.m_emmc_ret)}\n"
|
||||
res += f"m_emmc_boot1_size = {hex(self.m_emmc_boot1_size)}\n"
|
||||
res += f"m_emmc_boot2_size = {hex(self.m_emmc_boot2_size)}\n"
|
||||
res += f"m_emmc_rpmb_size = {hex(self.m_emmc_rpmb_size)}\n"
|
||||
res += f"m_emmc_gp_size[0] = {hex(self.m_emmc_gp_size[0])}\n"
|
||||
res += f"m_emmc_gp_size[1] = {hex(self.m_emmc_gp_size[1])}\n"
|
||||
res += f"m_emmc_gp_size[2] = {hex(self.m_emmc_gp_size[2])}\n"
|
||||
res += f"m_emmc_gp_size[3] = {hex(self.m_emmc_gp_size[3])}\n"
|
||||
res += f"m_emmc_ua_size = {hex(self.m_emmc_ua_size)}\n"
|
||||
val = pack("<QQ", self.m_emmc_cid[0], self.m_emmc_cid[1])
|
||||
res += f"m_emmc_cid = {hexlify(val).decode('utf-8')}\n"
|
||||
res += f"m_emmc_fwver = {hexlify(self.m_emmc_fwver).decode('utf-8')}\n"
|
||||
return res
|
||||
|
||||
|
||||
class sdcinfo:
|
||||
m_sdmmc_info = None
|
||||
m_sdmmc_ua_size = None
|
||||
m_sdmmc_cid = None
|
||||
|
||||
def __init__(self, data):
|
||||
def __init__(self, data = None):
|
||||
if data is None:
|
||||
return
|
||||
sh = structhelper(data)
|
||||
self.m_sdmmc_info = sh.dword(True)
|
||||
self.m_sdmmc_ua_size = sh.qword(True)
|
||||
self.m_sdmmc_cid = sh.qwords(2, True)
|
||||
|
||||
def __repr__(self):
|
||||
print(f"m_sdmmc_info = {hex(self.m_sdmmc_info)}")
|
||||
print(f"m_sdmmc_ua_size = {hex(self.m_sdmmc_ua_size)}")
|
||||
val = pack("<QQ", self.m_sdmmc_cid[0], self.m_sdmmc_cid[1])
|
||||
print(f"m_sdmmc_cid = {hexlify(val).decode('utf-8')}")
|
||||
|
||||
|
||||
class configinfo:
|
||||
m_int_sram_ret = None
|
||||
|
|
@ -143,6 +215,17 @@ class configinfo:
|
|||
self.m_ext_ram_size = sh.qword(True)
|
||||
self.randomid = sh.qwords(2, True)
|
||||
|
||||
def __repr__(self):
|
||||
res = "m_int_sram_ret = 0x%X\n" % self.m_int_sram_ret
|
||||
res += "m_int_sram_size = 0x%X\n" % self.m_int_sram_size
|
||||
res += "m_ext_ram_ret = 0x%X\n" % self.m_ext_ram_ret
|
||||
res += "m_ext_ram_type = 0x%X\n" % self.m_ext_ram_type
|
||||
res += "m_ext_ram_chip_select = 0x%X\n" % self.m_ext_ram_chip_select
|
||||
res += "m_int_sram_ret = 0x%X\n" % self.m_int_sram_ret
|
||||
res += f"m_ext_ram_size = {hex(self.m_ext_ram_size)}\n"
|
||||
res += "randomid = 0x%X%X\n" % (self.randomid[0], self.randomid[1])
|
||||
return res
|
||||
|
||||
|
||||
class passinfo:
|
||||
ack = None
|
||||
|
|
@ -785,7 +868,7 @@ class DALegacy(metaclass=LogBase):
|
|||
break
|
||||
if self.usbread(4) == pack(">I", 0xBC4): # Nand_Status
|
||||
nand_id_count = unpack(">H", self.usbread(2))[0]
|
||||
self.info("Reading nand info ...")
|
||||
self.info("Reading dram nand info ...")
|
||||
nand_ids = []
|
||||
for i in range(0, nand_id_count):
|
||||
nand_ids.append(unpack(">H", self.usbread(2))[0])
|
||||
|
|
@ -851,13 +934,13 @@ class DALegacy(metaclass=LogBase):
|
|||
m_nand_dev_code = unpack(">" + str(nandcount) + "H", nc)
|
||||
self.nand.m_nand_flash_dev_code = m_nand_dev_code
|
||||
self.nand.info2 = nandinfo2(self.usbread(9))
|
||||
self.emmc = read_object(self.usbread(0x5C), emmcinfo)
|
||||
self.sdc = read_object(self.usbread(0x1C), sdcinfo)
|
||||
self.flashconfig = read_object(self.usbread(0x26), configinfo)
|
||||
pi = read_object(self.usbread(0xA), passinfo)
|
||||
if pi["ack"] == 0x5A:
|
||||
self.emmc = emmcinfo(self.usbread(0x5C))
|
||||
self.sdc = sdcinfo(self.usbread(0x1C))
|
||||
self.flashconfig = configinfo(self.usbread(0x26))
|
||||
pi = passinfo(self.usbread(0xA))
|
||||
if pi.ack == 0x5A:
|
||||
return True
|
||||
elif pi['m_download_status'] == 0x5A:
|
||||
elif pi.m_download_status == 0x5A:
|
||||
tmp = self.usbread(1)
|
||||
return True
|
||||
return False
|
||||
|
|
@ -949,33 +1032,18 @@ class DALegacy(metaclass=LogBase):
|
|||
def upload_da(self):
|
||||
self.info("Uploading da...")
|
||||
if self.upload():
|
||||
if self.emmc == "nor":
|
||||
flashinfo = self.nor
|
||||
elif self.emmc == "nand":
|
||||
flashinfo = self.nand
|
||||
else:
|
||||
fo = self.emmc
|
||||
fo2 = self.sdc
|
||||
flashinfo = {}
|
||||
for v in fo:
|
||||
flashinfo[v] = fo[v]
|
||||
for v in fo2:
|
||||
flashinfo[v] = fo2[v]
|
||||
self.printinfo(flashinfo)
|
||||
self.printinfo(self.flashconfig)
|
||||
self.info(self.flashconfig)
|
||||
if self.daconfig.flashtype == "emmc":
|
||||
print(self.emmc)
|
||||
elif self.daconfig.flashtype == "nand":
|
||||
print(self.nand)
|
||||
elif self.daconfig.flashtype == "nor":
|
||||
print(self.nor)
|
||||
elif self.daconfig.flashtype == "sdc":
|
||||
print(self.sdc)
|
||||
return True
|
||||
return False
|
||||
|
||||
def printinfo(self, fi):
|
||||
for info in fi:
|
||||
value = fi[info]
|
||||
if info != "raw_data":
|
||||
subtype = type(value)
|
||||
if subtype is bytes:
|
||||
self.info(info + ": " + hexlify(value).decode('utf-8'))
|
||||
elif subtype is int:
|
||||
self.info(info + ": " + hex(value))
|
||||
|
||||
def close(self):
|
||||
self.finish(0x0) # DISCONNECT_USB_AND_RELEASE_POWERKEY
|
||||
self.mtk.port.close(reset=True)
|
||||
|
|
@ -1192,16 +1260,16 @@ class DALegacy(metaclass=LogBase):
|
|||
length = min(length, self.emmc.m_emmc_boot2_size)
|
||||
parttype = EMMC_PartitionType.MTK_DA_EMMC_PART_BOOT2
|
||||
elif parttype == "gp1":
|
||||
length = min(length, self.emmc.m_emmc_gp_size)
|
||||
length = min(length, self.emmc.m_emmc_gp_size[0])
|
||||
parttype = EMMC_PartitionType.MTK_DA_EMMC_PART_GP1
|
||||
elif parttype == "gp2":
|
||||
length = min(length, self.emmc.m_emmc_gp_size)
|
||||
length = min(length, self.emmc.m_emmc_gp_size[1])
|
||||
parttype = EMMC_PartitionType.MTK_DA_EMMC_PART_GP2
|
||||
elif parttype == "gp3":
|
||||
length = min(length, self.emmc.m_emmc_gp_size)
|
||||
length = min(length, self.emmc.m_emmc_gp_size[2])
|
||||
parttype = EMMC_PartitionType.MTK_DA_EMMC_PART_GP3
|
||||
elif parttype == "gp4":
|
||||
length = min(length, self.emmc.m_emmc_gp_size)
|
||||
length = min(length, self.emmc.m_emmc_gp_size[3])
|
||||
parttype = EMMC_PartitionType.MTK_DA_EMMC_PART_GP4
|
||||
elif parttype == "rpmb":
|
||||
parttype = EMMC_PartitionType.MTK_DA_EMMC_PART_RPMB
|
||||
|
|
|
|||
|
|
@ -7,7 +7,7 @@ import os
|
|||
from mtkclient.Library.utils import LogBase, logsetup
|
||||
from mtkclient.Library.error import ErrorHandler
|
||||
from mtkclient.Library.daconfig import DAconfig
|
||||
from mtkclient.Library.mtk_dalegacy import DALegacy
|
||||
from mtkclient.Library.mtk_dalegacy import DALegacy, norinfo, emmcinfo, sdcinfo, nandinfo64
|
||||
from mtkclient.Library.mtk_daxflash import DAXFlash
|
||||
from mtkclient.config.brom_config import damodes
|
||||
from mtkclient.Library.xflash_ext import xflashext
|
||||
|
|
@ -38,13 +38,13 @@ class DAloader(metaclass=LogBase):
|
|||
config["flashtype"] = self.daconfig.flashtype
|
||||
config["flashsize"] = self.daconfig.flashsize
|
||||
if not self.mtk.config.chipconfig.damode==damodes.XFLASH:
|
||||
config["m_emmc_ua_size"] = self.da.emmc["m_emmc_ua_size"]
|
||||
config["m_emmc_boot1_size"] = self.da.emmc["m_emmc_boot1_size"]
|
||||
config["m_emmc_boot2_size"] = self.da.emmc["m_emmc_boot2_size"]
|
||||
config["m_emmc_gp_size"] = self.da.emmc["m_emmc_gp_size"]
|
||||
config["m_nand_flash_size"] = self.da.nand["m_nand_flash_size"]
|
||||
config["m_sdmmc_ua_size"] = self.da.sdc["m_sdmmc_ua_size"]
|
||||
config["m_nor_flash_size"] = self.da.nor["m_nor_flash_size"]
|
||||
config["m_emmc_ua_size"] = self.da.emmc.m_emmc_ua_size
|
||||
config["m_emmc_boot1_size"] = self.da.emmc.m_emmc_boot1_size
|
||||
config["m_emmc_boot2_size"] = self.da.emmc.m_emmc_boot2_size
|
||||
config["m_emmc_gp_size"] = self.da.emmc.m_emmc_gp_size
|
||||
config["m_nand_flash_size"] = self.da.nand.m_nand_flash_size
|
||||
config["m_sdmmc_ua_size"] = self.da.sdc.m_sdmmc_ua_size
|
||||
config["m_nor_flash_size"] = self.da.nor.m_nor_flash_size
|
||||
|
||||
open(".state", "w").write(json.dumps(config))
|
||||
|
||||
|
|
@ -64,18 +64,18 @@ class DAloader(metaclass=LogBase):
|
|||
self.da = DALegacy(self.mtk, self.daconfig, self.loglevel)
|
||||
self.daconfig.flashtype = config["flashtype"]
|
||||
self.daconfig.flashsize = config["flashsize"]
|
||||
self.da.nor = {}
|
||||
self.da.nand = {}
|
||||
self.da.emmc = {}
|
||||
self.da.sdc = {}
|
||||
self.da.nor = norinfo()
|
||||
self.da.nand = nandinfo64()
|
||||
self.da.emmc = emmcinfo()
|
||||
self.da.sdc = sdcinfo()
|
||||
|
||||
self.da.emmc["m_emmc_ua_size"] = config["m_emmc_ua_size"]
|
||||
self.da.emmc["m_emmc_boot1_size"] = config["m_emmc_boot1_size"]
|
||||
self.da.emmc["m_emmc_boot2_size"] = config["m_emmc_boot2_size"]
|
||||
self.da.emmc["m_emmc_gp_size"] = config["m_emmc_gp_size"]
|
||||
self.da.nand["m_nand_flash_size"] = config["m_nand_flash_size"]
|
||||
self.da.sdc["m_sdmmc_ua_size"] = config["m_sdmmc_ua_size"]
|
||||
self.da.nor["m_nor_flash_size"] = config["m_nor_flash_size"]
|
||||
self.da.emmc.m_emmc_ua_size = config["m_emmc_ua_size"]
|
||||
self.da.emmc.m_emmc_boot1_size = config["m_emmc_boot1_size"]
|
||||
self.da.emmc.m_emmc_boot2_size = config["m_emmc_boot2_size"]
|
||||
self.da.emmc.m_emmc_gp_size = config["m_emmc_gp_size"]
|
||||
self.da.nand.m_nand_flash_size = config["m_nand_flash_size"]
|
||||
self.da.sdc.m_sdmmc_ua_size = config["m_sdmmc_ua_size"]
|
||||
self.da.nor.m_nor_flash_size = config["m_nor_flash_size"]
|
||||
self.xft = None
|
||||
return True
|
||||
return False
|
||||
|
|
|
|||
|
|
@ -854,13 +854,6 @@ class DAXFlash(metaclass=LogBase):
|
|||
return part_info
|
||||
|
||||
def writeflash(self, addr, length, filename, offset=0, parttype=None, wdata=None, display=True):
|
||||
partinfo = self.getstorage(parttype, length)
|
||||
if not partinfo:
|
||||
return False
|
||||
storage, parttype, length = partinfo
|
||||
# self.send_devctrl(self.Cmd.START_DL_INFO)
|
||||
plen = self.get_packet_length()
|
||||
write_packet_size = plen.write_packet_length
|
||||
fh = None
|
||||
fill=0
|
||||
if filename is not None:
|
||||
|
|
@ -875,7 +868,16 @@ class DAXFlash(metaclass=LogBase):
|
|||
else:
|
||||
self.error(f"Filename doesn't exists: {filename}, aborting flash write.")
|
||||
return False
|
||||
bytestowrite = length
|
||||
|
||||
partinfo = self.getstorage(parttype, length)
|
||||
if not partinfo:
|
||||
return False
|
||||
storage, parttype, rlength = partinfo
|
||||
# self.send_devctrl(self.Cmd.START_DL_INFO)
|
||||
plen = self.get_packet_length()
|
||||
write_packet_size = plen.write_packet_length
|
||||
|
||||
bytestowrite = rlength
|
||||
if self.cmd_write_data(addr, length, storage, parttype):
|
||||
try:
|
||||
pos = 0
|
||||
|
|
@ -885,7 +887,7 @@ class DAXFlash(metaclass=LogBase):
|
|||
dsize = min(write_packet_size, bytestowrite)
|
||||
if fh:
|
||||
data = bytearray(fh.read(dsize))
|
||||
if len(data)<write_packet_size:
|
||||
if len(data)<dsize:
|
||||
data.extend(b"\x00"*fill)
|
||||
else:
|
||||
data = wdata[pos:pos + dsize]
|
||||
|
|
|
|||
|
|
@ -194,18 +194,17 @@ class Preloader(metaclass=LogBase):
|
|||
if len(meid) >= 16:
|
||||
with open(os.path.join("logs", "meid.txt"), "wb") as wf:
|
||||
wf.write(hexlify(meid))
|
||||
if self.display:
|
||||
if meid != b"":
|
||||
self.info("ME_ID:\t\t\t" + hexlify(meid).decode('utf-8').upper())
|
||||
if readsocid or self.config.chipconfig.socid_addr:
|
||||
socid = self.get_socid()
|
||||
if len(socid) >= 16:
|
||||
with open(os.path.join("logs", "socid.txt"), "wb") as wf:
|
||||
wf.write(hexlify(socid))
|
||||
if meid != b"":
|
||||
if self.display:
|
||||
if socid != b"":
|
||||
self.info("SOC_ID:\t\t\t" + hexlify(socid).decode('utf-8').upper())
|
||||
|
||||
self.info("ME_ID:\t\t\t" + hexlify(meid).decode('utf-8').upper())
|
||||
if readsocid or self.config.chipconfig.socid_addr:
|
||||
socid = self.get_socid()
|
||||
if len(socid) >= 16:
|
||||
with open(os.path.join("logs", "socid.txt"), "wb") as wf:
|
||||
wf.write(hexlify(socid))
|
||||
if self.display:
|
||||
if socid != b"":
|
||||
self.info("SOC_ID:\t\t\t" + hexlify(socid).decode('utf-8').upper())
|
||||
return True
|
||||
|
||||
def read32(self, addr, dwords=1) -> list:
|
||||
|
|
|
|||
|
|
@ -41,6 +41,7 @@ class PLTools(metaclass=LogBase):
|
|||
setup.cqdma_base = self.mtk.config.chipconfig.cqdma_base
|
||||
setup.ap_dma_mem = self.mtk.config.chipconfig.ap_dma_mem
|
||||
setup.meid_addr = self.mtk.config.chipconfig.meid_addr
|
||||
setup.prov_addr = self.mtk.config.chipconfig.prov_addr
|
||||
self.hwcrypto=hwcrypto(setup,loglevel)
|
||||
|
||||
self.pathconfig = pathconfig()
|
||||
|
|
|
|||
|
|
@ -159,7 +159,7 @@ class structhelper:
|
|||
def qwords(self, qwords=1, big=False):
|
||||
e = ">" if big else "<"
|
||||
dat = unpack(e + str(qwords) + "Q", self.data[self.pos:self.pos + 8 * qwords])
|
||||
self.pos += 4 * qwords
|
||||
self.pos += 8 * qwords
|
||||
return dat
|
||||
|
||||
def short(self, big=False):
|
||||
|
|
|
|||
|
|
@ -515,8 +515,6 @@ class xflashext(metaclass=LogBase):
|
|||
socid = bytes.fromhex(open(os.path.join("logs", "socid.txt"), "r").read())
|
||||
self.info("SOCID : " + hexlify(socid).decode('utf-8'))
|
||||
if self.config.chipconfig.dxcc_base is not None:
|
||||
self.info("Generating dxcc platkey + provkey key...")
|
||||
platkey, provkey = hwc.aes_hwcrypt(btype="dxcc", mode="prov")
|
||||
self.info("Generating dxcc rpmbkey...")
|
||||
rpmbkey = hwc.aes_hwcrypt(btype="dxcc", mode="rpmb")
|
||||
self.info("Generating dxcc fdekey...")
|
||||
|
|
@ -525,8 +523,10 @@ class xflashext(metaclass=LogBase):
|
|||
rpmb2key = hwc.aes_hwcrypt(btype="dxcc", mode="rpmb2")
|
||||
self.info("Generating dxcc itrustee key...")
|
||||
ikey = hwc.aes_hwcrypt(btype="dxcc", mode="itrustee")
|
||||
self.info("Provkey : " + hexlify(provkey).decode('utf-8'))
|
||||
self.info("Platkey : " + hexlify(platkey).decode('utf-8'))
|
||||
#self.info("Generating dxcc platkey + provkey key...")
|
||||
#platkey, provkey = hwc.aes_hwcrypt(btype="dxcc", mode="prov")
|
||||
#self.info("Provkey : " + hexlify(provkey).decode('utf-8'))
|
||||
#self.info("Platkey : " + hexlify(platkey).decode('utf-8'))
|
||||
if rpmbkey is not None:
|
||||
self.info("RPMB : " + hexlify(rpmbkey).decode('utf-8'))
|
||||
open(os.path.join("logs", "rpmbkey.txt"), "wb").write(hexlify(rpmbkey))
|
||||
|
|
@ -539,6 +539,10 @@ class xflashext(metaclass=LogBase):
|
|||
if ikey is not None:
|
||||
self.info("iTrustee : " + hexlify(ikey).decode('utf-8'))
|
||||
open(os.path.join("logs", "itrustee_fbe.txt"), "wb").write(hexlify(ikey))
|
||||
if self.config.chipconfig.prov_addr:
|
||||
provkey = self.custom_read(self.config.chipconfig.prov_addr, 16)
|
||||
self.info("PROV : " + hexlify(provkey).decode('utf-8'))
|
||||
open(os.path.join("logs", "provkey.txt"), "wb").write(hexlify(provkey))
|
||||
"""
|
||||
hrid = self.xflash.get_hrid()
|
||||
if hrid is not None:
|
||||
|
|
|
|||
|
|
@ -14,7 +14,7 @@ class chipconfig:
|
|||
gcpu_base=None, ap_dma_mem=None, name="", description="", dacode=None,
|
||||
meid_addr=None, socid_addr=None, blacklist=(), blacklist_count=None,
|
||||
send_ptr=None, ctrl_buffer=(), cmd_handler=None, brom_register_access=None,
|
||||
damode=damodes.DEFAULT, loader=None):
|
||||
damode=damodes.DEFAULT, loader=None, prov_addr=None):
|
||||
self.var1 = var1
|
||||
self.watchdog = watchdog
|
||||
self.uart = uart
|
||||
|
|
@ -36,6 +36,7 @@ class chipconfig:
|
|||
self.brom_register_access = brom_register_access,
|
||||
self.meid_addr = meid_addr
|
||||
self.socid_addr = socid_addr
|
||||
self.prov_addr = prov_addr
|
||||
self.gcpu_base = gcpu_base
|
||||
self.dacode = dacode
|
||||
self.damode = damode
|
||||
|
|
@ -505,6 +506,7 @@ hwconfig = {
|
|||
brom_register_access=(0xe330, 0xe3e8),
|
||||
meid_addr=0x102AF8,
|
||||
socid_addr=0x102b08,
|
||||
prov_addr=0x10720C,
|
||||
damode=damodes.XFLASH,
|
||||
dacode=0x6739,
|
||||
name="MT6739/MT6731",
|
||||
|
|
@ -681,6 +683,7 @@ hwconfig = {
|
|||
brom_register_access=(0xc0a0, 0xc158),
|
||||
meid_addr=0x102AF8,
|
||||
socid_addr=0x102b08,
|
||||
prov_addr=0x1054F4,
|
||||
damode=damodes.XFLASH,
|
||||
dacode=0x6761,
|
||||
name="MT6761/MT6762/MT3369/MT8766B",
|
||||
|
|
@ -706,6 +709,7 @@ hwconfig = {
|
|||
brom_register_access=(0xda80, 0xdb38),
|
||||
meid_addr=0x102B78,
|
||||
socid_addr=0x102b88,
|
||||
prov_addr=0x106804,
|
||||
damode=damodes.XFLASH,
|
||||
dacode=0x6763,
|
||||
name="MT6763",
|
||||
|
|
@ -731,6 +735,7 @@ hwconfig = {
|
|||
brom_register_access=(0xc1d4, 0xc28c),
|
||||
meid_addr=0x102AF8,
|
||||
socid_addr=0x102b08,
|
||||
prov_addr=0x1054F4,
|
||||
damode=damodes.XFLASH,
|
||||
dacode=0x6765,
|
||||
name="MT6765",
|
||||
|
|
@ -756,6 +761,7 @@ hwconfig = {
|
|||
brom_register_access=(0xc598, 0xc650),
|
||||
meid_addr=0x102AF8,
|
||||
socid_addr=0x102b08,
|
||||
prov_addr=0x1054F4,
|
||||
damode=damodes.XFLASH,
|
||||
dacode=0x6768,
|
||||
name="MT6768",
|
||||
|
|
@ -781,6 +787,7 @@ hwconfig = {
|
|||
brom_register_access=(0xe2d0, 0xe388),
|
||||
meid_addr=0x102B38,
|
||||
socid_addr=0x102B48,
|
||||
prov_addr=0x1065C0,
|
||||
damode=damodes.XFLASH,
|
||||
dacode=0x6771,
|
||||
name="MT6771/MT8385/MT8183/MT8666",
|
||||
|
|
@ -816,6 +823,7 @@ hwconfig = {
|
|||
brom_register_access=(0xe454, 0xe50c),
|
||||
meid_addr=0x102B38,
|
||||
socid_addr=0x102B48,
|
||||
prov_addr=0x1065C0,
|
||||
damode=damodes.XFLASH,
|
||||
dacode=0x6779,
|
||||
name="MT6779",
|
||||
|
|
@ -866,6 +874,7 @@ hwconfig = {
|
|||
brom_register_access=(0xe6ac, 0xe764),
|
||||
meid_addr=0x102B38,
|
||||
socid_addr=0x102B48,
|
||||
prov_addr=0x1065C0,
|
||||
damode=damodes.XFLASH,
|
||||
dacode=0x6785,
|
||||
name="MT6785",
|
||||
|
|
@ -887,7 +896,7 @@ hwconfig = {
|
|||
blacklist_count=0x00000008,
|
||||
send_ptr=(0x1027a4, 0x978c),
|
||||
ctrl_buffer=0x0010304C,
|
||||
cmd_handler=0x0000A313,
|
||||
cmd_handler=0x0000A313, #
|
||||
brom_register_access=(0x9a60, 0x9c28),
|
||||
meid_addr=0x1030A0,
|
||||
damode=damodes.DEFAULT, #
|
||||
|
|
@ -964,6 +973,7 @@ hwconfig = {
|
|||
brom_register_access=(0xe3e8, 0xe4a0),
|
||||
meid_addr=0x102b98,
|
||||
socid_addr=0x102ba8,
|
||||
prov_addr=0x1066B4,
|
||||
damode=damodes.XFLASH,
|
||||
dacode=0x6833,
|
||||
name="MT6833",
|
||||
|
|
@ -988,6 +998,7 @@ hwconfig = {
|
|||
brom_register_access=(0xee6c, 0xef24),
|
||||
meid_addr=0x102b78,
|
||||
socid_addr=0x102b88,
|
||||
prov_addr=0x1066C0,
|
||||
damode=damodes.XFLASH,
|
||||
dacode=0x6853,
|
||||
name="MT6853",
|
||||
|
|
@ -1013,6 +1024,7 @@ hwconfig = {
|
|||
brom_register_access=(0xee80, 0xef38),
|
||||
meid_addr=0x102B78,
|
||||
socid_addr=0x102B88,
|
||||
prov_addr=0x1066C0,
|
||||
damode=damodes.XFLASH,
|
||||
dacode=0x6873,
|
||||
name="MT6873",
|
||||
|
|
@ -1038,6 +1050,7 @@ hwconfig = {
|
|||
brom_register_access=(0xecd8,0xed90),
|
||||
meid_addr=0x102b98,
|
||||
socid_addr=0x102ba8,
|
||||
prov_addr=0x1066C0,
|
||||
damode=damodes.XFLASH,
|
||||
dacode=0x6877, # todo
|
||||
name="MT6877",
|
||||
|
|
@ -1064,6 +1077,7 @@ hwconfig = {
|
|||
brom_register_access=(0xeb04, 0xebbc),
|
||||
meid_addr=0x102B78,
|
||||
socid_addr=0x102B88,
|
||||
prov_addr=0x1066C0,
|
||||
damode=damodes.XFLASH,
|
||||
dacode=0x6885,
|
||||
name="MT6885/MT6883/MT6889/MT6880/MT6890",
|
||||
|
|
@ -1089,6 +1103,7 @@ hwconfig = {
|
|||
brom_register_access=(0xeba4, 0xec5c),
|
||||
meid_addr=0x102B98,
|
||||
socid_addr=0x102BA8,
|
||||
prov_addr=0x1066C0,
|
||||
damode=damodes.XFLASH,
|
||||
dacode=0x6893,
|
||||
name="MT6893",
|
||||
|
|
@ -1490,6 +1505,8 @@ class Mtk_Config(metaclass=LogBase):
|
|||
self.chipconfig.meid_addr = None
|
||||
if self.chipconfig.socid_addr is None:
|
||||
self.chipconfig.socid_addr = None
|
||||
if self.chipconfig.prov_addr is None:
|
||||
self.chipconfig.prov_addr = None
|
||||
|
||||
def init_hwcode(self, hwcode):
|
||||
self.hwcode = hwcode
|
||||
|
|
|
|||
Loading…
Reference in a new issue