Firmware format
1.6.1 (65654632 bytes, sha1sum 2b32214ed135a5610696ff51880dee6cdb96b34a)
- 128 bytes-length header
- Zip file, encrypted
Interesting contents
- u-boot.bin
- zImage
- flow_copy
- rootfs.cramfs
- app/Jmp3_player_copy
- app/mattrib
u-boot.bin
Modified Das U-Boot 1.3.4-svn (GPL)
There are new commands like "movi", "movi init" etc.
Excerpt from strings(1):
U-Boot 1.3.4-svn (Dec 21 2009 - 19:14:30) for SMDK6410
movi - moviNAND sub-system
movi init {total sectors} {hc(0/1)} {chann
movi read {u-boot | kernel | rootfs} {addr} {chann
movi write {u-boot | kernel | rootfs} {addr} {channel}
movi read {sector#} {bytes(hex)} {addr} {channel}
movi write {sector#} {bytes(hex)} {addr} {channel}
movi copy {method} {kind}
movi get
zImage
Modified Linux 2.6.28.6 (GPLv2)
piggy.gz is at offset 14148.
Excerpt from strings(1):
<6>S3C64XX ADC driver, (c) 2008 Samsung Electronics Linux version 2.6.28.6 (root@jang) (gcc version 4.3.2 (GCC) ) #706 PREEMPT Tue Dec 15 11:59:43 KST 2009 S3C24XX RTC, (c) 2004,2006 Simtec Electronics ext3_valid_block_bitmap epson_epd_reboot s1d13521if_print_disp_timings elice_hw_board_version_init() ##### Low Battery !! so kernel power off!! elice EVM 1 elice WS 1 elice ES 1 elice TP 1 elice MP 1 elice MP 2 elice MP EDU <6>========================= <6>[ebook Board] %s <6>[kernel ver.] 2.6.28 <6>[dev ver.] %d.%d.%d.%d <6>[rel ver.] %d.%d.%d.%d [dev ver.] %d.%d.%d.%d [rel ver.] %d.%d.%d.%d end kernel power off!!
flow_copy
TBD. Looks like lot of BSD-, MIT-, and MPL- licensed stuff inside, but no signs of GPLed or LGPLed code.
- Is the entry point to all the '.feb' files all around the firmware, starts with 'start.feb'.
- Tried to run it through Qemu-user (qemu-arm -L <expanded cramfs dir> -strace flow_copy), gives flow_copy_strace.txt .
Jmp3_player_copy
TBD. Lot of non-googleable stuff inside.
mattrib
Taken from mtools 3.9.11 (GPLv3+).
Excerpt from strings(1):
Mtools version %s, dated %s Usage: %s [-p] [-a|+a] [-h|+h] [-r|+r] [-s|+s] msdosfile [msdosfiles...] 3.9.11 May 31st, 2007
rootfs
- bash 4.0.0(1) (GPLv3+)
- busybox v1.14.2 (GPLv2)
- alsa 1.0.15 (LGPLv2.1+)
- e2fsprogs 1.39 (GPL)
- glibc 2.7 (LGPLv2.1+)
- zlib (Zlib, non-copyleft)
- ncurses (MIT, non-copyleft)
usr/
bin/, sbin/ -> busybox
lib/
libncurses
alsa-lib/smixer*
share/
alsa/ -> alsa stuff
udhcpc/default.script
tmp/
e2fsck, mke2fs -> e2fstools
status_manager -> (ok, zlib compiled-in)
sdmount_sh (ok)
moviumount_sh (ok)
sbin/
-> busybox
poweroff (ok)
reboot (ok)
mars/ -> alsa
lib/
glibc
libasound -> alsa
libext2fs,libuud,libe2p,libblkid -> e2fstools
libstdc++ -> glibc
bin/
bash
busybox
Links
Attachments
-
flow_copy_strace.txt
(16.0 KB) -
added by dottedmag 17 months ago.
