2 * Tool for USB serial communication with Krikzz's FlashKit-MD
3 * Copyright (c) 2017 notaz
5 * Permission is hereby granted, free of charge, to any person obtaining
6 * a copy of this software and associated documentation files (the
7 * "Software"), to deal in the Software without restriction, including
8 * without limitation the rights to use, copy, modify, merge, publish,
9 * distribute, sublicense, and/or sell copies of the Software, and to
10 * permit persons to whom the Software is furnished to do so, subject to
11 * the following conditions:
13 * The above copyright notice and this permission notice shall be
14 * included in all copies or substantial portions of the Software.
16 * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
17 * EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
18 * MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
19 * NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS
20 * BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN
21 * ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN
22 * CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
31 #include <sys/types.h>
34 #include <arpa/inet.h> // hton
39 #define min(x, y) ((x) < (y) ? (x) : (y))
40 #define max(x, y) ((x) > (y) ? (x) : (y))
51 #define PAR_MODE8 (1 << 4)
52 #define PAR_DEV_ID (1 << 5)
53 #define PAR_SINGE (1 << 6)
54 #define PAR_INC (1 << 7)
56 static int setup(int fd)
61 memset(&tty, 0, sizeof(tty));
63 ret = tcgetattr(fd, &tty);
70 tty.c_iflag &= ~(IGNBRK | BRKINT | PARMRK | ISTRIP
71 | INLCR | IGNCR | ICRNL | IXON);
72 tty.c_oflag &= ~OPOST;
73 tty.c_lflag &= ~(ECHO | ECHONL | ICANON | ISIG | IEXTEN);
74 tty.c_cflag &= ~(CSIZE | PARENB);
78 //tty.c_cc[VTIME] = 5; // 0.5 seconds read timeout
80 ret = tcsetattr(fd, TCSANOW, &tty);
89 static int write_serial(int fd, const void *data, size_t size)
93 ret = write(fd, data, size);
95 fprintf(stderr, "write %d/%zd: ", ret, size);
103 static int read_serial(int fd, void *data, size_t size)
109 ret = read(fd, (char *)data + got, size - got);
111 fprintf(stderr, "read %d %zd/%zd: ",
122 static void set_addr(int fd, uint32_t addr)
125 CMD_ADDR, addr >> 17,
129 write_serial(fd, cmd, sizeof(cmd));
132 static uint16_t read_word(int fd, uint32_t addr)
135 CMD_ADDR, addr >> 17,
142 write_serial(fd, cmd, sizeof(cmd));
143 read_serial(fd, &r, sizeof(r));
147 static void write_word(int fd, uint32_t addr, uint16_t d)
150 CMD_ADDR, addr >> 17,
157 write_serial(fd, cmd, sizeof(cmd));
160 static void read_block(int fd, void *dst, uint32_t size)
168 assert(size <= 0x10000);
169 write_serial(fd, cmd, sizeof(cmd));
170 read_serial(fd, dst, size);
173 static uint16_t flash_seq_r(int fd, uint8_t cmd, uint32_t addr)
176 write_word(fd, 0xaaa, 0xaa);
177 write_word(fd, 0x555, 0x55);
179 write_word(fd, 0xaaa, cmd);
180 return read_word(fd, addr);
183 static void flash_seq_erase(int fd, uint32_t addr)
185 // printf("erase %06x\n", addr);
186 write_word(fd, 0xaaa, 0xaa);
187 write_word(fd, 0x555, 0x55);
188 write_word(fd, 0xaaa, 0x80);
190 write_word(fd, 0xaaa, 0xaa);
191 write_word(fd, 0x555, 0x55);
192 write_word(fd, addr, 0x30);
195 static void flash_seq_write(int fd, uint32_t addr, uint8_t *d)
202 CMD_WR | PAR_SINGE | PAR_MODE8, 0xaa,
206 CMD_WR | PAR_SINGE | PAR_MODE8, 0x55,
211 CMD_WR | PAR_SINGE | PAR_MODE8, 0xa0,
213 CMD_ADDR, addr >> 17,
216 CMD_WR | PAR_SINGE, d[0], d[1],
220 write_serial(fd, cmd, sizeof(cmd));
223 // status wait + dummy read to cause a wait?
224 static uint16_t ry_read(int fd)
226 uint8_t cmd[2] = { CMD_RY, CMD_RD | PAR_SINGE };
229 write_serial(fd, cmd, sizeof(cmd));
230 read_serial(fd, &rv, sizeof(rv));
234 static void set_delay(int fd, uint8_t delay)
236 uint8_t cmd[2] = { CMD_DELAY, delay };
238 write_serial(fd, cmd, sizeof(cmd));
241 static struct flash_info {
248 uint32_t block_count;
254 static void read_info(int fd)
256 static const uint16_t qry[3] = { 'Q', 'R', 'Y' };
261 info.mid = flash_seq_r(fd, 0x90, 0); // autoselect
262 info.did = read_word(fd, 2);
264 // could enter CFI directly, but there seems to be a "stack"
265 // of modes, so 2 exits would be needed
266 write_word(fd, 0, 0xf0);
268 write_word(fd, 0xaa, 0x98); // CFI Query
269 resp[0] = read_word(fd, 0x20);
270 resp[1] = read_word(fd, 0x22);
271 resp[2] = read_word(fd, 0x24);
272 if (memcmp(resp, qry, sizeof(resp))) {
273 fprintf(stderr, "unexpected CFI response: %04x %04x %04x\n",
274 resp[0], resp[1], resp[2]);
277 info.size = 1u << read_word(fd, 0x4e);
278 info.region_cnt = read_word(fd, 0x58);
279 assert(0 < info.region_cnt && info.region_cnt <= 4);
280 for (i = 0, a = 0x5a; i < info.region_cnt; i++, a += 8) {
281 info.region[i].block_count = read_word(fd, a + 0) + 1;
282 info.region[i].block_count += read_word(fd, a + 2) << 8;
283 info.region[i].block_size = read_word(fd, a + 4) << 8;
284 info.region[i].block_size |= read_word(fd, a + 6) << 16;
285 info.region[i].start = total;
286 info.region[i].size =
287 info.region[i].block_size * info.region[i].block_count;
288 assert(info.region[i].size);
289 total += info.region[i].size;
292 write_word(fd, 0, 0xf0); // flash reset
294 printf("Flash info:\n");
295 printf("Manufacturer ID: %04x\n", info.mid);
296 printf("Device ID: %04x\n", info.did);
297 printf("size: %u\n", info.size);
298 printf("Erase Block Regions: %u\n", info.region_cnt);
299 for (i = 0; i < info.region_cnt; i++)
300 printf(" %5u x %u\n", info.region[i].block_size,
301 info.region[i].block_count);
302 if (info.size != total)
303 fprintf(stderr, "warning: total is %u, bad CFI?\n", total);
306 static uint32_t get_block_addr(uint32_t addr, uint32_t blk_offset)
310 assert(info.region_cnt);
311 for (i = 0; i < info.region_cnt; i++) {
312 if (info.region[i].start <= addr
313 && addr < info.region[i].start + info.region[i].size)
315 uint32_t blk = (addr - info.region[i].start)
316 / info.region[i].block_size
318 return info.region[i].start
319 + blk * info.region[i].block_size;
323 fprintf(stderr, "\naddress out of range: 0x%x\n", addr);
327 static void print_progress(uint32_t done, uint32_t total)
331 printf("\b\b\b\b\b\b\b\b\b\b\b\b\b\b\b");
332 printf("\b\b\b\b\b\b\b\b\b\b\b\b\b\b\b\b\b\b\b\b"); /* 20 */
333 printf("\b\b\b\b\b\b");
334 printf("%06x/%06x |", done, total);
336 step = (total + 19) / 20;
337 for (i = step; i <= total; i += step)
338 fputc(done >= i ? '=' : '-', stdout);
339 printf("| %3d%%", done * 100 / total);
345 static void usage(const char *argv0)
349 " -d <ttydevice> (default /dev/ttyUSB0)\n"
350 " -r <file> [size] dump the cart (default 4MB)\n"
351 " -w <file> [size] flash the cart (file size)\n"
352 " -e <size> erase (rounds to block size)\n"
353 " -a <start_address> cart start address (default 0)\n"
354 " -v verify written data\n"
355 " -i get info about the flash chip\n"
360 static void invarg(int argc, char *argv[], int arg)
363 fprintf(stderr, "invalid arg %d: \"%s\"\n", arg, argv[arg]);
365 fprintf(stderr, "missing required argument %d\n", arg);
369 static void *getarg(int argc, char *argv[], int arg)
372 invarg(argc, argv, arg);
376 static uint8_t g_block[0x10000];
377 static uint8_t g_block2[0x10000];
379 int main(int argc, char *argv[])
381 const char *portname = "/dev/ttyUSB0";
382 const char *fname_w = NULL;
383 const char *fname_r = NULL;
388 long len, address_in = 0;
394 uint8_t id[2] = { 0, 0 };
400 if (argc < 2 || !strcmp(argv[1], "-h") || !strcmp(argv[1], "--help"))
403 for (arg = 1; arg < argc; arg++) {
404 if (!strcmp(argv[arg], "-d")) {
405 portname = getarg(argc, argv, ++arg);
408 if (!strcmp(argv[arg], "-r")) {
409 fname_r = getarg(argc, argv, ++arg);
410 if (arg + 1 < argc && argv[arg + 1][0] != '-') {
411 size_r = strtol(argv[++arg], NULL, 0);
413 invarg(argc, argv, arg);
417 if (!strcmp(argv[arg], "-w")) {
418 fname_w = getarg(argc, argv, ++arg);
419 if (arg + 1 < argc && argv[arg + 1][0] != '-') {
420 size_w = strtol(argv[++arg], NULL, 0);
422 invarg(argc, argv, arg);
426 if (!strcmp(argv[arg], "-a")) {
427 address_in = strtol(getarg(argc, argv, ++arg), NULL, 0);
428 if (address_in < 0 || (address_in & 1))
429 invarg(argc, argv, arg);
432 if (!strcmp(argv[arg], "-e")) {
433 size_e = strtol(getarg(argc, argv, ++arg), NULL, 0);
435 invarg(argc, argv, arg);
438 if (!strcmp(argv[arg], "-v")) {
442 if (!strcmp(argv[arg], "-i")) {
446 invarg(argc, argv, arg);
449 if (fname_r && size_r == 0)
453 f_w = fopen(fname_w, "rb");
455 fprintf(stderr, "fopen %s: ", fname_w);
460 fseek(f_w, 0, SEEK_END);
462 fseek(f_w, 0, SEEK_SET);
465 fprintf(stderr, "size of %s is %ld\n",
475 fd = open(portname, O_RDWR | O_NOCTTY | O_SYNC);
477 fprintf(stderr, "open %s: ", portname);
484 cmd = CMD_RD | PAR_SINGE | PAR_DEV_ID;
485 write_serial(fd, &cmd, sizeof(cmd));
486 read_serial(fd, id, sizeof(id));
487 if (id[0] != id[1] || id[0] == 0) {
488 fprintf(stderr, "unexpected id: %02x %02x\n", id[0], id[1]);
491 printf("flashkit id: %02x\n", id[0]);
494 write_word(fd, 0, 0xf0); // flash reset
496 if (do_info || size_e)
500 // set_delay(fd, 0); // ?
501 a_blk = get_block_addr(address_in, 0);
502 end = address_in + size_e;
504 printf("erasing %ld bytes:\n", size_e);
505 print_progress(0, size_e);
506 for (a = address_in; a < end; ) {
507 flash_seq_erase(fd, a_blk);
510 fprintf(stderr, "\nerase error: %lx %04x\n",
514 a_blk = get_block_addr(a_blk, 1);
516 print_progress(a - address_in, size_e);
522 printf("writing %ld bytes:\n", size_w);
523 for (a = 0; a < size_w; a += 2) {
527 len = min(size_w - a, 2);
528 r = fread(b, 1, len, f_w);
533 flash_seq_write(fd, address_in + a, b);
536 print_progress(a, size_w);
538 print_progress(a, size_w);
540 if (rv != ((b[0] << 8) | b[1]))
541 fprintf(stderr, "warning: last bytes: %04x %02x%02x\n",
547 if (fname_r || size_v) {
548 long blks, blks_v, done, verify_diff = 0;
550 blks = (size_r + sizeof(g_block) - 1) / sizeof(g_block);
551 blks_v = (size_v + sizeof(g_block) - 1) / sizeof(g_block);
552 blks = max(blks, blks_v);
554 f_r = fopen(fname_r, "wb");
556 fprintf(stderr, "fopen %s: ", fname_r);
562 printf("reading %ld bytes:\n", max(size_r, size_v));
563 print_progress(0, blks * sizeof(g_block));
564 set_addr(fd, address_in);
565 for (done = 0; done < size_r || done < size_v; ) {
566 read_block(fd, g_block, sizeof(g_block));
567 if (f_r && done < size_r) {
568 len = min(size_r - done, sizeof(g_block));
569 if (fwrite(g_block, 1, len, f_r) != len) {
575 len = min(size_v - done, sizeof(g_block));
576 if (fread(g_block2, 1, len, f_w) != len) {
580 verify_diff |= memcmp(g_block, g_block2, len);
582 done += sizeof(g_block);
583 print_progress(done, blks * sizeof(g_block));
586 fprintf(stderr, "verify FAILED\n");