Permalink
Browse files

bcm43455: first test patch for 7_120_5_1_sta_C0

  • Loading branch information...
matthiasseemoo committed Nov 30, 2017
1 parent 5c4c8c9 commit 3e6df98a76e0a69b95f3164ed2617bb1c131af75
@@ -1,6 +1,6 @@
NEXMON_CHIP=CHIP_VER_BCM43455
NEXMON_CHIP_NUM=`$(NEXMON_ROOT)/buildtools/scripts/getdefine.sh $(NEXMON_CHIP)`
NEXMON_FW_VERSION=FW_VER_7_120_5_1_sta
NEXMON_FW_VERSION=FW_VER_7_120_5_1_sta_C0
NEXMON_FW_VERSION_NUM=`$(NEXMON_ROOT)/buildtools/scripts/getdefine.sh $(NEXMON_FW_VERSION)`
NEXMON_ARCH=armv7-r
@@ -0,0 +1,198 @@
GIT_VERSION := $(shell git describe --abbrev=4 --dirty --always --tags)
include ../version.mk
include $(FW_PATH)/definitions.mk
LOCAL_SRCS=$(wildcard src/*.c) src/ucode_compressed.c src/templateram.c
COMMON_SRCS=$(wildcard $(NEXMON_ROOT)/patches/common/*.c)
FW_SRCS=$(wildcard $(FW_PATH)/*.c)
OBJS=$(addprefix obj/,$(notdir $(LOCAL_SRCS:.c=.o)) $(notdir $(COMMON_SRCS:.c=.o)) $(notdir $(FW_SRCS:.c=.o)))
CFLAGS= \
-fplugin=$(CCPLUGIN) \
-fplugin-arg-nexmon-objfile=$@ \
-fplugin-arg-nexmon-prefile=gen/nexmon.pre \
-fplugin-arg-nexmon-chipver=$(NEXMON_CHIP_NUM) \
-fplugin-arg-nexmon-fwver=$(NEXMON_FW_VERSION_NUM) \
-fno-strict-aliasing \
-DNEXMON_CHIP=$(NEXMON_CHIP) \
-DNEXMON_FW_VERSION=$(NEXMON_FW_VERSION) \
-DPATCHSTART=$(PATCHSTART) \
-DUCODESIZE=$(UCODESIZE) \
-DGIT_VERSION=\"$(GIT_VERSION)\" \
-DBUILD_NUMBER=\"$$(cat BUILD_NUMBER)\" \
-Wall -Werror -O2 -nostdlib -nostartfiles -ffreestanding -mthumb -march=$(NEXMON_ARCH) \
-ffunction-sections -fdata-sections \
-I$(NEXMON_ROOT)/patches/include \
-Iinclude \
-I$(FW_PATH)
all: fw_bcmdhd.bin
init: FORCE
$(Q)if ! test -f BUILD_NUMBER; then echo 0 > BUILD_NUMBER; fi
$(Q)echo $$(($$(cat BUILD_NUMBER) + 1)) > BUILD_NUMBER
$(Q)touch src/version.c
$(Q)make -s -f $(NEXMON_ROOT)/patches/common/header.mk
$(Q)mkdir -p obj gen log
obj/%.o: src/%.c
@printf "\033[0;31m COMPILING\033[0m %s => %s (details: log/compiler.log)\n" $< $@
$(Q)cat gen/nexmon.pre 2>>log/error.log | gawk '{ if ($$3 != "$@") print; }' > tmp && mv tmp gen/nexmon.pre
$(Q)$(CC)gcc $(CFLAGS) -c $< -o $@ >>log/compiler.log
obj/%.o: $(NEXMON_ROOT)/patches/common/%.c
@printf "\033[0;31m COMPILING\033[0m %s => %s (details: log/compiler.log)\n" $< $@
$(Q)cat gen/nexmon.pre 2>>log/error.log | gawk '{ if ($$3 != "$@") print; }' > tmp && mv tmp gen/nexmon.pre
$(Q)$(CC)gcc $(CFLAGS) -c $< -o $@ >>log/compiler.log
obj/%.o: $(FW_PATH)/%.c
@printf "\033[0;31m COMPILING\033[0m %s => %s (details: log/compiler.log)\n" $< $@
$(Q)cat gen/nexmon.pre 2>>log/error.log | gawk '{ if ($$3 != "$@") print; }' > tmp && mv tmp gen/nexmon.pre
$(Q)$(CC)gcc $(CFLAGS) -c $< -o $@ >>log/compiler.log
gen/nexmon2.pre: $(OBJS)
@printf "\033[0;31m PREPARING\033[0m %s => %s\n" "gen/nexmon.pre" $@
$(Q)cat gen/nexmon.pre | awk '{ if ($$3 != "obj/flashpatches.o" && $$3 != "obj/wrapper.o") { print $$0; } }' > tmp
$(Q)cat gen/nexmon.pre | awk '{ if ($$3 == "obj/flashpatches.o" || $$3 == "obj/wrapper.o") { print $$0; } }' >> tmp
$(Q)cat tmp | awk '{ if ($$1 ~ /^0x/) { if ($$3 != "obj/flashpatches.o" && $$3 != "obj/wrapper.o") { if (!x[$$1]++) { print $$0; } } else { if (!x[$$1]) { print $$0; } } } else { print $$0; } }' > gen/nexmon2.pre
gen/nexmon.ld: gen/nexmon2.pre $(OBJS)
@printf "\033[0;31m GENERATING LINKER FILE\033[0m gen/nexmon.pre => %s\n" $@
$(Q)sort gen/nexmon2.pre | gawk -f $(NEXMON_ROOT)/buildtools/scripts/nexmon.ld.awk > $@
gen/nexmon.mk: gen/nexmon2.pre $(OBJS) $(FW_PATH)/definitions.mk
@printf "\033[0;31m GENERATING MAKE FILE\033[0m gen/nexmon.pre => %s\n" $@
$(Q)printf "fw_bcmdhd.bin: gen/patch.elf FORCE\n" > $@
$(Q)sort gen/nexmon2.pre | \
gawk -v src_file=gen/patch.elf -f $(NEXMON_ROOT)/buildtools/scripts/nexmon.mk.1.awk | \
gawk -v ramstart=$(RAMSTART) -f $(NEXMON_ROOT)/buildtools/scripts/nexmon.mk.2.awk >> $@
$(Q)printf "\nFORCE:\n" >> $@
$(Q)gawk '!a[$$0]++' $@ > tmp && mv tmp $@
gen/flashpatches.ld: gen/nexmon2.pre $(OBJS)
@printf "\033[0;31m GENERATING LINKER FILE\033[0m gen/nexmon.pre => %s\n" $@
$(Q)sort gen/nexmon2.pre | \
gawk -f $(NEXMON_ROOT)/buildtools/scripts/flashpatches.ld.awk > $@
gen/flashpatches.mk: gen/nexmon2.pre $(OBJS) $(FW_PATH)/definitions.mk
@printf "\033[0;31m GENERATING MAKE FILE\033[0m gen/nexmon.pre => %s\n" $@
$(Q)cat gen/nexmon2.pre | gawk \
-v fp_data_base=$(FP_DATA_BASE) \
-v fp_config_base=$(FP_CONFIG_BASE) \
-v fp_data_end_ptr=$(FP_DATA_END_PTR) \
-v fp_config_base_ptr_1=$(FP_CONFIG_BASE_PTR_1) \
-v fp_config_end_ptr_1=$(FP_CONFIG_END_PTR_1) \
-v fp_config_base_ptr_2=$(FP_CONFIG_BASE_PTR_2) \
-v fp_config_end_ptr_2=$(FP_CONFIG_END_PTR_2) \
-v ramstart=$(RAMSTART) \
-v out_file=fw_bcmdhd.bin \
-v src_file=gen/patch.elf \
-f $(NEXMON_ROOT)/buildtools/scripts/flashpatches.mk.awk > $@
gen/memory.ld: $(FW_PATH)/definitions.mk
@printf "\033[0;31m GENERATING LINKER FILE\033[0m %s\n" $@
$(Q)printf "rom : ORIGIN = 0x%08x, LENGTH = 0x%08x\n" $(ROMSTART) $(ROMSIZE) > $@
$(Q)printf "ram : ORIGIN = 0x%08x, LENGTH = 0x%08x\n" $(RAMSTART) $(RAMSIZE) >> $@
$(Q)printf "patch : ORIGIN = 0x%08x, LENGTH = 0x%08x\n" $(PATCHSTART) $(PATCHSIZE) >> $@
$(Q)printf "ucode : ORIGIN = 0x%08x, LENGTH = 0x%08x\n" $(UCODESTART) $$(($(FP_CONFIG_BASE) - $(UCODESTART))) >> $@
$(Q)printf "fpconfig : ORIGIN = 0x%08x, LENGTH = 0x%08x\n" $(FP_CONFIG_BASE) $(FP_CONFIG_SIZE) >> $@
gen/patch.elf: patch.ld gen/nexmon.ld gen/flashpatches.ld gen/memory.ld $(OBJS)
@printf "\033[0;31m LINKING OBJECTS\033[0m => %s (details: log/linker.log, log/linker.err)\n" $@
$(Q)$(CC)ld -T $< -o $@ --gc-sections --print-gc-sections -M >>log/linker.log 2>>log/linker.err
fw_bcmdhd.bin: init gen/patch.elf $(FW_PATH)/$(RAM_FILE) gen/nexmon.mk gen/flashpatches.mk
$(Q)cp $(FW_PATH)/$(RAM_FILE) $@
@printf "\033[0;31m APPLYING FLASHPATCHES\033[0m gen/flashpatches.mk => %s (details: log/flashpatches.log)\n" $@
$(Q)make -f gen/flashpatches.mk >>log/flashpatches.log 2>>log/flashpatches.log
@printf "\033[0;31m APPLYING PATCHES\033[0m gen/nexmon.mk => %s (details: log/patches.log)\n" $@
$(Q)make -f gen/nexmon.mk >>log/patches.log 2>>log/flashpatches.log
fw_bcmdhd.complete.clean.bin: $(FW_PATH)/$(RAM_FILE) $(FW_PATH)/$(ROM_FILE)
dd if=$(FW_PATH)/$(ROM_FILE) of=$@ bs=1 status=none conv=notrunc seek=$$(($(ROMSTART)))
dd if=$< of=$@ bs=1 status=none conv=notrunc seek=$$(($(RAMSTART)))
fw_bcmdhd.complete.bin: fw_bcmdhd.bin $(FW_PATH)/$(ROM_FILE)
dd if=$(FW_PATH)/$(ROM_FILE) of=$@ bs=1 status=none conv=notrunc seek=$$(($(ROMSTART)))
dd if=$< of=$@ bs=1 status=none conv=notrunc seek=$$(($(RAMSTART)))
###################################################################
# ucode compression related
###################################################################
ifneq ($(wildcard src/ucode.asm), )
gen/ucode.bin: src/ucode.asm
@printf "\033[0;31m ASSEMBLING UCODE\033[0m %s => %s\n" $< $@
ifneq ($(wildcard $(NEXMON_ROOT)/buildtools/b43/assembler/b43-asm.bin), )
$(Q)PATH=$(PATH):$(NEXMON_ROOT)/buildtools/b43/assembler $(NEXMON_ROOT)/buildtools/b43/assembler/b43-asm $< $@ --format raw-le32
else
$(error Warning: please compile b43-asm.bin first)
endif
else
gen/ucode.bin: $(FW_PATH)/ucode.bin
@printf "\033[0;31m COPYING UCODE\033[0m %s => %s\n" $< $@
$(Q)cp $< $@
endif
gen/ucode_compressed.bin: gen/ucode.bin
@printf "\033[0;31m COMPRESSING UCODE\033[0m %s => %s\n" $< $@
$(Q)cat $< | $(ZLIBFLATE) > $@
src/ucode_compressed.c: gen/ucode_compressed.bin
@printf "\033[0;31m GENERATING C FILE\033[0m %s => %s\n" $< $@
$(Q)printf "#pragma NEXMON targetregion \"ucode\"\n\n" > $@
$(Q)cd $(dir $<) && xxd -i $(notdir $<) >> $(shell pwd)/$@
src/templateram.c: $(FW_PATH)/templateram.bin
@printf "\033[0;31m GENERATING C FILE\033[0m %s => %s\n" $< $@
$(Q)printf "#pragma NEXMON targetregion \"ucode\"\n\n" > $@
$(Q)cd $(dir $<) && xxd -i $(notdir $<) >> $(shell pwd)/$@
###################################################################
check-nexmon-setup-env:
ifndef NEXMON_SETUP_ENV
$(error run 'source setup_env.sh' first in the repository\'s root directory)
endif
install-firmware: fw_bcmdhd.bin
@printf "\033[0;31m REMOUNTING /vendor\033[0m\n"
$(Q)adb shell 'su -c "mount -o rw,remount /vendor"'
@printf "\033[0;31m COPYING TO PHONE\033[0m %s => /sdcard/%s\n" $< $<
$(Q)adb push $< /sdcard/ >> log/adb.log 2>> log/adb.log
@printf "\033[0;31m COPYING\033[0m /sdcard/fw_bcmdhd.bin => /vendor/firmware/fw_bcm43455_hw.bin\n"
$(Q)adb shell 'su -c "cp /sdcard/fw_bcmdhd.bin /vendor/firmware/fw_bcm43455_hw.bin"'
@printf "\033[0;31m RELOADING FIRMWARE\033[0m\n"
$(Q)adb shell 'su -c "ifconfig wlan0 down && ifconfig wlan0 up"'
install-original: $(FW_PATH)/$(RAM_FILE)
@printf "\033[0;31m REMOUNTING /vendor\033[0m\n"
$(Q)adb shell 'su -c "mount -o rw,remount /vendor"'
@printf "\033[0;31m COPYING TO PHONE\033[0m %s => /sdcard/%s\n" $< $<
$(Q)adb push $< /sdcard/ >> log/adb.log 2>> log/adb.log
@printf "\033[0;31m COPYING\033[0m /sdcard/fw_bcmdhd.bin => /vendor/firmware/fw_bcm43455_hw.bin\n"
$(Q)adb shell 'su -c "cp /sdcard/fw_bcmdhd.bin /vendor/firmware/fw_bcm43455_hw.bin"'
@printf "\033[0;31m RELOADING FIRMWARE\033[0m\n"
$(Q)adb shell 'su -c "ifconfig wlan0 down && ifconfig wlan0 up"'
backup-firmware: FORCE
adb shell 'su -c "cp /vendor/firmware/fw_bcmdhd.bin /sdcard/fw_bcmdhd.orig.bin"'
adb pull /sdcard/fw_bcmdhd.orig.bin
install-backup: fw_bcmdhd.orig.bin
adb shell 'su -c "mount -o rw,remount /system"' && \
adb push $< /sdcard/ && \
adb shell 'su -c "cp /sdcard/fw_bcmdhd.bin /vendor/firmware/fw_bcm43455_hw.bin"'
adb shell 'su -c "ifconfig wlan0 down && ifconfig wlan0 up"'
clean-firmware: FORCE
@printf "\033[0;31m CLEANING\033[0m\n"
$(Q)rm -fr fw_bcmdhd.bin obj gen log src/ucode_compressed.c src/templateram.c
clean: clean-firmware
$(Q)rm -f BUILD_NUMBER
FORCE:
@@ -0,0 +1,67 @@
/***************************************************************************
* *
* ########### ########### ########## ########## *
* ############ ############ ############ ############ *
* ## ## ## ## ## ## ## *
* ## ## ## ## ## ## ## *
* ########### #### ###### ## ## ## ## ###### *
* ########### #### # ## ## ## ## # # *
* ## ## ###### ## ## ## ## # # *
* ## ## # ## ## ## ## # # *
* ############ ##### ###### ## ## ## ##### ###### *
* ########### ########### ## ## ## ########## *
* *
* S E C U R E M O B I L E N E T W O R K I N G *
* *
* This file is part of NexMon. *
* *
* Copyright (c) 2016 NexMon Team *
* *
* NexMon is free software: you can redistribute it and/or modify *
* it under the terms of the GNU General Public License as published by *
* the Free Software Foundation, either version 3 of the License, or *
* (at your option) any later version. *
* *
* NexMon is distributed in the hope that it will be useful, *
* but WITHOUT ANY WARRANTY; without even the implied warranty of *
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the *
* GNU General Public License for more details. *
* *
* You should have received a copy of the GNU General Public License *
* along with NexMon. If not, see <http://www.gnu.org/licenses/>. *
* *
**************************************************************************/
#ifndef VENDOR_RADIOTAP_H
#define VENDOR_RADIOTAP_H
extern const struct ieee80211_radiotap_vendor_namespaces rtap_vendor_namespaces;
/* Name Data type Units
* ---- --------- -----
*
* RADIOTAP_NEX_TXDELAY s32 milliseconds
*
* Value in milliseconds to wait before transmitting this frame
* for the first time
*
* RADIOTAP_NEX_TXREPETITIONS 2 x s32 unitless, milliseconds
*
* Amount of how often this frame should be transmitted and the
* periodicity in milliseconds of the retransmissions. Setting
* the number of retransmissions to -1 leads to infinite
* retransmissions
*
* RADIOTAP_NEX_RATESPEC u32 unitless
*
* Define the ratespec according to the definitions in rates.h
* This value overrides the rate settings in the regular
* radiotap header
*/
enum radiotap_nex_vendor_subns_0_type {
RADIOTAP_NEX_TXDELAY = 0,
RADIOTAP_NEX_TXREPETITIONS = 1,
RADIOTAP_NEX_RATESPEC = 2
};
#endif /* VENDOR_RADIOTAP_H */
@@ -0,0 +1,10 @@
MEMORY
{
INCLUDE gen/memory.ld
}
SECTIONS
{
INCLUDE gen/flashpatches.ld
INCLUDE gen/nexmon.ld
}
@@ -0,0 +1,60 @@
/***************************************************************************
* *
* ########### ########### ########## ########## *
* ############ ############ ############ ############ *
* ## ## ## ## ## ## ## *
* ## ## ## ## ## ## ## *
* ########### #### ###### ## ## ## ## ###### *
* ########### #### # ## ## ## ## # # *
* ## ## ###### ## ## ## ## # # *
* ## ## # ## ## ## ## # # *
* ############ ##### ###### ## ## ## ##### ###### *
* ########### ########### ## ## ## ########## *
* *
* S E C U R E M O B I L E N E T W O R K I N G *
* *
* This file is part of NexMon. *
* *
* Copyright (c) 2016 NexMon Team *
* *
* NexMon is free software: you can redistribute it and/or modify *
* it under the terms of the GNU General Public License as published by *
* the Free Software Foundation, either version 3 of the License, or *
* (at your option) any later version. *
* *
* NexMon is distributed in the hope that it will be useful, *
* but WITHOUT ANY WARRANTY; without even the implied warranty of *
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the *
* GNU General Public License for more details. *
* *
* You should have received a copy of the GNU General Public License *
* along with NexMon. If not, see <http://www.gnu.org/licenses/>. *
* *
**************************************************************************/
#pragma NEXMON targetregion "patch"
#include <firmware_version.h> // definition of firmware version macros
#include <debug.h> // contains macros to access the debug hardware
#include <wrapper.h> // wrapper definitions for functions that already exist in the firmware
#include <structs.h> // structures that are used by the code in the firmware
#include <helper.h> // useful helper functions
#include <patcher.h> // macros used to craete patches such as BLPatch, BPatch, ...
#include <rates.h> // rates used to build the ratespec for frame injection
#include <capabilities.h> // capabilities included in a nexmon patch
int capabilities = NEX_CAP_MONITOR_MODE | NEX_CAP_MONITOR_MODE_RADIOTAP;
// Hook the call to wlc_ucode_write in wlc_ucode_download
__attribute__((at(0x20CA68, "", CHIP_VER_BCM43455, FW_VER_7_120_5_1_sta_C0)))
BLPatch(wlc_ucode_write_compressed, wlc_ucode_write_compressed);
// reduce the amount of ucode memory freed to become part of the heap
__attribute__((at(0x19A3D8, "", CHIP_VER_BCM43455, FW_VER_7_120_5_1_sta_C0)))
GenericPatch4(hndrte_reclaim_0_end, PATCHSTART);
extern unsigned char templateram_bin[];
// Moving template ram to another place in the ucode region
__attribute__((at(0x21FF28, "", CHIP_VER_BCM43455, FW_VER_7_120_5_1_sta_C0)))
GenericPatch4(templateram_bin, templateram_bin);
@@ -83,6 +83,6 @@
// for CHIP_VER_BCM43455
#define FW_VER_7_45_77_0 90
#define FW_VER_7_120_5_1_sta 91
#define FW_VER_7_120_5_1_sta_C0 91
#endif /*FIRMWARE_VERSION_H*/

0 comments on commit 3e6df98

Please sign in to comment.