wiki:Vendor/PocketBook/EB600/Investigation

Context Navigation

Last modified 2 years ago

TracNav

Vendors [[VendorsList]]
Development
Hardware

PocketBook PocketBook 301+ Investigation

Firmware: pb301plus11.zip (downloaded from site).

Provided source code:

http://www.pocketbook.com.ua/GPL/GPL_KERNEL.tgz (no longer available)
http://pocketbook-free.svn.sourceforge.net/viewvc/pocketbook-free/linux-2.6.18/

Source code analysis

Tarball contains subset of 2.4.18-rmk7-pxa1 kernel, patched. SVN (linux-2.6.18) contains the same (sic!) kernel, without several temporary files left in tarball.

Firmware analysis

Archive does not contain text of GPLv2 and contacts for obtaining the source code.

Archive contains several files, including SWUPDATE.BIN. This file apparently contains kernel code:

At offset 0x440: zImage uncompressor:

00000440  00 00 a0 e1 00 00 a0 e1  00 00 a0 e1 00 00 a0 e1  |................|
*
00000460  02 00 00 ea 18 28 6f 01  00 00 00 00 dc ef 0b 00  |.....(o.........|
00000470  01 70 a0 e1 02 80 a0 e1  00 20 0f e1 03 00 12 e3  |.p....... ......|
00000480  01 00 00 1a 17 00 a0 e3  56 34 12 ef 00 20 0f e1  |........V4... ..|
00000490  c0 20 82 e3 02 f0 21 e1  00 00 00 00 00 00 00 00  |. ....!.........|
000004a0  c8 00 8f e2 7e 30 90 e8  01 00 50 e0 0a 00 00 0a  |....~0....P.....|
000004b0  00 50 85 e0 00 60 86 e0  00 c0 8c e0 00 20 82 e0  |.P...`....... ..|
000004c0  00 30 83 e0 00 d0 8d e0  00 10 96 e5 00 10 81 e0  |.0..............|

At offset 0x3870: gzipped piggy.gz:

00003870  1f 8b 08 00 33 99 d0 49  02 03 ec fd 0d 7c 54 d5  |....3..I.....|T.|
00003880  b9 36 8c af 3d 33 49 86  30 c2 e4 63 30 40 94 1d  |.6..=3I.0..c0@..|
00003890  88 1a 6d aa 3b 10 34 6a  d4 41 a2 4d 05 db 41 a2  |..m.;.4j.A.M..A.|
000038a0  52 cb a9 41 82 c6 1a 25  22 5a da 43 eb e4 0b 22  |R..A...%"Z.C..."|
000038b0  0d 18 20 7c 88 d1 19 15  5b b4 b4 4d 2d 3d e5 58  |.. |....[..M-=.X|
000038c0  da 6e 05 2d b5 d8 43 15  5b ea a1 76 cf 0c bb 89  |.n.-..C.[..v....|
000038d0  0c d5 b4 a5 2d ad d4 f9  5f d7 5a 7b c8 24 a0 f6  |....-..._.Z{.$..|
000038e0  bc ef f3 3c bf ff f3 fe  1a 5d ec 35 7b af ef 75  |...<.....].5{..u|
000038f0  af 7b dd f7 5a f7 c7 eb  83 25 09 7f c4 ff ce 77  |.{..Z....%.....w|

Obtaining piggy.gz:

$ dd if=SWUPDATE.BIN of=piggy.gz bs=1 skip=14448
$ gunzip piggy.gz

Obtaining list of symbols:

$ strings piggy > strings.list

Excerpts from the list:

noinitrd root=/dev/mtdblock2 rw rootfstype=jffs2 init=/linuxrc console=ttySAC0
Linux version 2.6.18.2 (gcc version 3.4.1) #648 Mon Mar 30 13:04:29 EEST 2009

S3C2440 ADC, (c) 2004 Simtec Electronics
<6>S3C2410 Watchdog Timer, (c) 2004 Simtec Electronics
S3C24XX RTC, (c) 2004,2006 Simtec Electronics
s3c2440-camif
s3c2440-uart
s3c2440-i2c
s3c2440-nand
s3c2440-usbgadget
S3C2440: Initialising architecture
S3C2440: Clock Support, DVS %s
<3>S3C2440: Failed to get parent clocks
SBZ2440
Samsung S3C2440 UART
S3C2440
s3cmci_2440_probe()
s3c2440_set_dsc
s3c2440-core

Provided source code does not match kernel version and both source trees do not contain s3c2440 directory. Checking for symbols:

$ grep -ir s3c2440 kernel_16M
$ grep -ir s3c2440 linux-2.6.18
$

Download in other formats:

Plain Text