chipmunkmc/mtkclient
1
0
Fork 0
mirror of https://github.com/bkerler/mtkclient.git synced 2024-11-14 19:25:05 -05:00
Code Issues Projects Releases Packages Wiki Activity Actions 1

Add --noreconnect option

Browse source
This commit is contained in:
Bjoern Kerler 2023-06-11 15:49:45 +02:00
parent b6737a265b
commit dbe8fa9b6c
No known key found for this signature in database
GPG key ID: 52E823BB96A55380
6 changed files with 73 additions and 40 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

20
mtk
View file

@ -806,6 +806,26 @@ if __name__ == '__main__':
parser_gpt.add_argument('--serialport', help='Use serial port')
parser_r.add_argument('--serialport', help='Use serial port')
parser_script.add_argument('--noreconnect', action="store_true", help='Disable reconnect')
parser_printgpt.add_argument('--noreconnect', action="store_true", help='Disable reconnect')
parser_footer.add_argument('--noreconnect', action="store_true", help='Disable reconnect')
parser_e.add_argument('--noreconnect', action="store_true", help='Disable reconnect')
parser_es.add_argument('--noreconnect', action="store_true", help='Disable reconnect')
parser_wl.add_argument('--noreconnect', action="store_true", help='Disable reconnect')
parser_wf.add_argument('--noreconnect', action="store_true", help='Disable reconnect')
parser_w.add_argument('--noreconnect', action="store_true", help='Disable reconnect')
parser_rs.add_argument('--noreconnect', action="store_true", help='Disable reconnect')
parser_rf.add_argument('--noreconnect', action="store_true", help='Disable reconnect')
parser_rl.add_argument('--noreconnect', action="store_true", help='Disable reconnect')
parser_gpt.add_argument('--noreconnect', action="store_true", help='Disable reconnect')
parser_r.add_argument('--noreconnect', action="store_true", help='Disable reconnect')
da_keys.add_argument('--noreconnect', action="store_true", help='Disable reconnect')
da_unlock.add_argument('--noreconnect', action="store_true", help='Disable reconnect')
da_peek.add_argument('--noreconnect', action="store_true", help='Disable reconnect')
da_poke.add_argument('--noreconnect', action="store_true", help='Disable reconnect')
da_dump.add_argument('--noreconnect', action="store_true", help='Disable reconnect')
da_rpmb.add_argument('--noreconnect', action="store_true", help='Disable reconnect')
args = parser.parse_args()
cmd = args.cmd
if cmd not in cmds:

1
mtkclient/Library/daconfig.py
View file

@ -123,6 +123,7 @@ class DAconfig(metaclass=LogBase):
self.boot1size = 0
self.boot2size = 0
self.flashtype = "emmc"
self.reconnect = self.config.reconnect
self.sparesize = 0
self.readsize = 0
self.pagesize = 512

10
mtkclient/Library/mtk_dalegacy.py
View file

@ -1296,10 +1296,11 @@ class DALegacy(metaclass=LogBase):
self.daconfig.flashsize = self.sdc.m_sdmmc_ua_size
elif self.daconfig.flashtype == "nor":
self.daconfig.flashsize = self.nor.m_nor_flash_size
self.info("Connected to preloader")
self.info("Connected to stage2")
speed = self.check_usb_cmd()
if speed[0] == 0: # 1 = USB High Speed, 2= USB Ultra high speed
self.info("Reconnecting to preloader")
if speed[0] == 0 and self.daconfig.reconnect: # 1 = USB High Speed, 2= USB Ultra high speed
self.info("Reconnecting to stage2 with higher speed")
self.config.set_gui_status(self.config.tr("Reconnecting to stage2 with higher speed"))
self.set_usb_cmd()
self.mtk.port.close(reset=True)
time.sleep(1)
@ -1307,7 +1308,8 @@ class DALegacy(metaclass=LogBase):
self.info("Waiting for reconnection")
time.sleep(0.5)
if self.check_usb_cmd():
self.info("Connected to preloader")
self.info("Connected to stage2 with higher speed")
self.config.set_gui_status(self.config.tr("Connected to stage2 with higher speed"))
self.mtk.port.cdc.set_fast_mode(True)
else:
return False

15
mtkclient/Library/mtk_daxflash.py
View file

@ -374,7 +374,10 @@ class DAXFlash(metaclass=LogBase):
if self.usbwrite(pkt1):
if self.usbwrite(param):
if self.send_data(da):
self.info(f"Upload data was accepted. Jumping to stage 2...")
if at_address == 0x68000000:
self.info(f"Extensions were accepted. Jumping to extensions...")
else:
self.info(f"Upload data was accepted. Jumping to stage 2...")
if timeout:
time.sleep(timeout)
status = -1
@ -1151,17 +1154,17 @@ class DAXFlash(metaclass=LogBase):
self.daversion = self.get_da_version()
self.randomid = self.get_random_id()
speed = self.get_usb_speed()
if speed == b"full-speed":
self.info("Reconnecting to preloader")
self.config.set_gui_status(self.config.tr("Reconnecting to preloader"))
if speed == b"full-speed" and self.daconfig.reconnect:
self.info("Reconnecting to stage2 with higher speed")
self.config.set_gui_status(self.config.tr("Reconnecting to stage2 with higher speed"))
self.set_usb_speed()
self.mtk.port.close(reset=True)
time.sleep(2)
while not self.mtk.port.cdc.connect():
time.sleep(0.5)
self.info("Connected to preloader")
self.info("Connected to stage2 with higher speed")
self.mtk.port.cdc.set_fast_mode(True)
self.config.set_gui_status(self.config.tr("Connected to preloader"))
self.config.set_gui_status(self.config.tr("Connected to stage2 with higher speed"))
def upload_da(self):
if self.upload():

6
mtkclient/Library/mtk_main.py
View file

@ -38,6 +38,12 @@ class ArgHandler(metaclass=LogBase):
config.pid = getint(args.pid)
except AttributeError:
pass
config.reconnect = True
try:
if args.noreconnect is not None:
config.reconnect = not args.noreconnect
except AttributeError:
pass
try:
if args.payload is not None:
config.payloadfile = args.payload

61
mtkclient/Library/xflash_ext.py
View file

@ -11,6 +11,7 @@ from binascii import hexlify
from mtkclient.Library.utils import mtktee
import json
class XCmd:
CUSTOM_ACK = 0x0F0000
CUSTOM_READ = 0x0F0001
@ -177,8 +178,8 @@ class xflashext(metaclass=LogBase):
da_version_check = find_binary(da1, b"\x1F\xB5\x00\x23\x01\xA8\x00\x93\x00\xF0\xDE\xFE")
if da_version_check is not None:
da1patched=bytearray(da1patched)
da1patched[da_version_check:da_version_check+4] = b"\x00\x20\x70\x47"
da1patched = bytearray(da1patched)
da1patched[da_version_check:da_version_check + 4] = b"\x00\x20\x70\x47"
else:
self.warning("Error on patching da1 version check...")
else:
@ -186,7 +187,7 @@ class xflashext(metaclass=LogBase):
return da1patched
def patch_da2(self, da2):
da2=self.mtk.patch_preloader_security(da2)
da2 = self.mtk.patch_preloader_security(da2)
# Patch error 0xC0030007
self.info("Patching da2 ...")
# open("da2.bin","wb").write(da2)
@ -290,7 +291,7 @@ class xflashext(metaclass=LogBase):
def readmem(self, addr, dwords=1):
res = []
if dwords<0x20:
if dwords < 0x20:
for pos in range(dwords):
val = self.custom_readregister(addr + pos * 4)
if val == b"":
@ -301,8 +302,8 @@ class xflashext(metaclass=LogBase):
return data
res.append(data)
else:
res=self.custom_read(addr,dwords*4)
res=[unpack("<I",res[i:i+4])[0] for i in range(0,len(res),4)]
res = self.custom_read(addr, dwords * 4)
res = [unpack("<I", res[i:i + 4])[0] for i in range(0, len(res), 4)]
self.debug(f"RX: {hex(addr)} -> " + hexlify(b"".join(pack("<I", val) for val in res)).decode('utf-8'))
return res
@ -311,15 +312,15 @@ class xflashext(metaclass=LogBase):
if isinstance(dwords, int):
dwords = [dwords]
pos = 0
if len(dwords)<0x20:
if len(dwords) < 0x20:
for val in dwords:
self.debug(f"TX: {hex(addr + pos)} -> " + hex(val))
if not self.custom_writeregister(addr + pos, val):
return False
pos += 4
else:
dat=b"".join([pack("<I",val) for val in dwords])
self.custom_write(addr,dat)
dat = b"".join([pack("<I", val) for val in dwords])
self.custom_write(addr, dat)
return True
def writemem(self, addr, data):
@ -371,8 +372,8 @@ class xflashext(metaclass=LogBase):
hwc = self.cryptosetup()
if self.config.chipconfig.meid_addr:
meid = self.config.get_meid()
if meid != b"\x00"*16:
#self.config.set_meid(meid)
if meid != b"\x00" * 16:
# self.config.set_meid(meid)
self.info("Generating sej rpmbkey...")
self.setotp(hwc)
rpmbkey = hwc.aes_hwcrypt(mode="rpmb", data=meid, btype="sej")
@ -393,7 +394,7 @@ class xflashext(metaclass=LogBase):
cmd = XCmd.CUSTOM_INIT_UFS_RPMB
if self.cmd(cmd):
derivedrpmb = self.xread()
if int.from_bytes(derivedrpmb[:4],'little') != 0xff:
if int.from_bytes(derivedrpmb[:4], 'little') != 0xff:
status = self.status()
if status == 0:
self.info("Derived rpmb key:" + hexlify(derivedrpmb).decode('utf-8'))
@ -412,7 +413,7 @@ class xflashext(metaclass=LogBase):
hwc.sej.sej_set_otp(otp)
def read_rpmb(self, filename=None, display=True):
progressbar = progress(1,self.mtk.config.guiprogress)
progressbar = progress(1, self.mtk.config.guiprogress)
sectors = 0
val = self.custom_rpmb_init()
ufs = False
@ -428,7 +429,7 @@ class xflashext(metaclass=LogBase):
with open(filename, "wb") as wf:
for sector in range(sectors):
if display:
progressbar.show_progress("RPMB read", sector*0x100, sectors*0x100, display)
progressbar.show_progress("RPMB read", sector * 0x100, sectors * 0x100, display)
data = self.custom_rpmb_read(sector=sector, ufs=ufs)
if data == b"":
self.error("Couldn't read rpmb.")
@ -457,7 +458,7 @@ class xflashext(metaclass=LogBase):
with open(filename, "rb") as rf:
for sector in range(sectors):
if display:
progressbar.show_progress("RPMB written", sector*0x100, sectors*0x100, display)
progressbar.show_progress("RPMB written", sector * 0x100, sectors * 0x100, display)
if not self.custom_rpmb_write(sector=sector, data=rf.read(0x100), ufs=ufs):
self.error(f"Couldn't write rpmb at sector {sector}.")
return False
@ -477,7 +478,7 @@ class xflashext(metaclass=LogBase):
if sectors > 0:
for sector in range(sectors):
if display:
progressbar.show_progress("RPMB erased", sector*0x100, sectors*0x100, display)
progressbar.show_progress("RPMB erased", sector * 0x100, sectors * 0x100, display)
if not self.custom_rpmb_write(sector=sector, data=b"\x00" * 0x100, ufs=ufs):
self.error(f"Couldn't erase rpmb at sector {sector}.")
return False
@ -544,25 +545,25 @@ class xflashext(metaclass=LogBase):
return True, "Successfully wrote seccfg."
return False, "Error on writing seccfg config to flash."
def decrypt_tee(self, filename="tee1.bin", aeskey1:bytes=None, aeskey2:bytes=None):
def decrypt_tee(self, filename="tee1.bin", aeskey1: bytes = None, aeskey2: bytes = None):
hwc = self.cryptosetup()
with open(filename, "rb") as rf:
data=rf.read()
idx=0
while idx!=-1:
idx=data.find(b"EET KTM ",idx+1)
if idx!=-1:
data = rf.read()
idx = 0
while idx != -1:
idx = data.find(b"EET KTM ", idx + 1)
if idx != -1:
mt = mtktee()
mt.parse(data[idx:])
rdata=hwc.mtee(data=mt.data, keyseed=mt.keyseed, ivseed=mt.ivseed,
aeskey1=aeskey1, aeskey2=aeskey2)
open("tee_"+hex(idx)+".dec","wb").write(rdata)
rdata = hwc.mtee(data=mt.data, keyseed=mt.keyseed, ivseed=mt.ivseed,
aeskey1=aeskey1, aeskey2=aeskey2)
open("tee_" + hex(idx) + ".dec", "wb").write(rdata)
def read_fuse(self, idx):
if self.mtk.config.chipconfig.efuse_addr is not None:
base = self.mtk.config.chipconfig.efuse_addr
hwcode = self.mtk.config.hwcode
efuseconfig = efuse(base,hwcode)
efuseconfig = efuse(base, hwcode)
addr = efuseconfig.efuses[idx]
data = bytearray(self.mtk.daloader.peek(addr=addr, length=4))
return data
@ -659,12 +660,12 @@ class xflashext(metaclass=LogBase):
return retval
elif self.config.chipconfig.sej_base is not None:
if os.path.exists("tee.json"):
val=json.loads(open("tee.json","r").read())
self.decrypt_tee(val["filename"],bytes.fromhex(val["data"]),bytes.fromhex(val["data2"]))
val = json.loads(open("tee.json", "r").read())
self.decrypt_tee(val["filename"], bytes.fromhex(val["data"]), bytes.fromhex(val["data2"]))
if meid == b"":
meid = self.custom_read(0x1008ec, 16)
if meid != b"":
#self.config.set_meid(meid)
# self.config.set_meid(meid)
self.info("Generating sej rpmbkey...")
self.setotp(hwc)
rpmbkey = hwc.aes_hwcrypt(mode="rpmb", data=meid, btype="sej")
@ -686,7 +687,7 @@ class xflashext(metaclass=LogBase):
else:
self.info("SEJ Mode: No meid found. Are you in brom mode ?")
if self.config.chipconfig.gcpu_base is not None:
if self.config.hwcode in [0x335,0x8167,0x8163,0x8176]:
if self.config.hwcode in [0x335, 0x8167, 0x8163, 0x8176]:
self.info("Generating gcpu mtee2 key...")
mtee2 = hwc.aes_hwcrypt(btype="gcpu", mode="mtee")
if mtee2 is not None: