Make mkamsboot safer by introducing the use of ".sansa" files to store Sansa V2 bootloader and firmware files. These files are the same format (a simple 8-byte header consisting of a 32-bit checksum followed by 4-char model name is prepended to the binary data) as that used by lots of other Rockbox targets (.ipod, iriver etc). Support added to scramble/mkamsboot for both clip and e200v2, even though the latter is not in SVN yet. Also add a check of the whole-file original firmware checksum to mkamsboot and add a new $scramblebitmaptools toolset variable in configure. The output of this version of mkamsboot is confirmed to be md5sum-identical to the previous version.

git-svn-id: svn://svn.rockbox.org/rockbox/trunk@18789 a1c6a512-1295-4272-9138-f99709370657

3 files changed, 123 insertions, 24 deletions

diff --git a/rbutil/mkamsboot/mkamsboot.c b/rbutil/mkamsboot/mkamsboot.c
index 0dac0e2c72..17f894d77f 100644
--- a/rbutil/mkamsboot/mkamsboot.c
+++ b/rbutil/mkamsboot/mkamsboot.c
@@ -140,6 +140,30 @@ static const int bootloader_sizes[] =
     0
 };
 
+/* Model names used in the Rockbox header in ".sansa" files - these match the
+   -add parameter to the "scramble" tool */
+static const char* rb_model_names[] =
+{
+    NULL,
+    "clip",
+    NULL,
+    "e2v2",
+    NULL,
+    NULL
+};
+
+/* Model numbers used to initialise the checksum in the Rockbox header in
+   ".sansa" files - these are the same as MODEL_NUMBER in config-target.h */
+static const int rb_model_num[] =
+{
+    0,
+    50,
+    0,
+    51,
+    0,
+    0
+};
+
 
 static off_t filesize(int fd) {
     struct stat buf;
@@ -157,6 +181,11 @@ static uint32_t get_uint32le(unsigned char* p)
     return p[0] | (p[1] << 8) | (p[2] << 16) | (p[3] << 24);
 }
 
+static uint32_t get_uint32be(unsigned char* p)
+{
+    return (p[0] << 24) | (p[1] << 16) | (p[2] << 8) | p[3];
+}
+
 static void put_uint32le(unsigned char* p, uint32_t x)
 {
     p[0] = x & 0xff;
@@ -165,7 +194,7 @@ static void put_uint32le(unsigned char* p, uint32_t x)
     p[3] = (x >> 24) & 0xff;
 }
 
-static int calc_checksum(unsigned char* buf, uint32_t n)
+static uint32_t calc_checksum(unsigned char* buf, uint32_t n)
 {
     uint32_t sum = 0;
     uint32_t i;
@@ -264,6 +293,65 @@ static unsigned char* load_file(char* filename, off_t* bufsize)
 }
 
 
+static unsigned char* load_rockbox_file(char* filename, int model, off_t* bufsize)
+{
+    int fd;
+    unsigned char* buf;
+    unsigned char header[8];
+    uint32_t sum;
+    off_t n;
+    int i;
+
+    fd = open(filename, O_RDONLY|O_BINARY);
+    if (fd < 0)
+    {
+        fprintf(stderr,"[ERR]  Could not open %s for reading\n",filename);
+        return NULL;
+    }
+
+    /* Read Rockbox header */
+    n = read(fd, header, sizeof(header));
+    if (n != sizeof(header)) {
+        fprintf(stderr,"[ERR]  Could not read file %s\n",filename);
+        return NULL;
+    }
+
+    /* Check for correct model string */
+    if (memcmp(rb_model_names[model],header + 4,4)!=0) {
+        fprintf(stderr,"[ERR]  Model name \"%s\" not found in %s\n",
+                       rb_model_names[model],filename);
+    }
+
+    *bufsize = filesize(fd) - sizeof(header);
+
+    buf = malloc(*bufsize);
+    if (buf == NULL) {
+        fprintf(stderr,"[ERR]  Could not allocate memory for %s\n",filename);
+        return NULL;
+    }
+
+    n = read(fd, buf, *bufsize);
+
+    if (n != *bufsize) {
+        fprintf(stderr,"[ERR]  Could not read file %s\n",filename);
+        return NULL;
+    }
+
+    /* Check checksum */
+    sum = rb_model_num[model];
+    for (i = 0; i < *bufsize; i++) {
+         /* add 8 unsigned bits but keep a 32 bit sum */
+         sum += buf[i];
+    }
+
+    if (sum != get_uint32be(header)) {
+        fprintf(stderr,"[ERR]  Checksum mismatch in %s\n",filename);
+        return NULL;
+    }
+    return buf;
+}
+
+
 int main(int argc, char* argv[])
 {
     char *infile, *bootfile, *outfile;
@@ -299,13 +387,6 @@ int main(int argc, char* argv[])
     bootfile = argv[2];
     outfile = argv[3];
 
-    /* Load bootloader file */
-    rb_unpacked = load_file(bootfile, &bootloader_size);
-    if (rb_unpacked == NULL) {
-        fprintf(stderr,"[ERR]  Could not load %s\n",bootfile);
-        return 1;
-    }
-
     /* Load original firmware file */
     buf = load_file(infile, &len);
 
@@ -314,7 +395,12 @@ int main(int argc, char* argv[])
         return 1;
     }
 
-    /* TODO: Do some more sanity checks on the OF image - e.g. checksum */
+    /* TODO: Do some more sanity checks on the OF image */
+
+    if (get_uint32le(buf + len - 4) != calc_checksum(buf, len - 4)) {
+        fprintf(stderr,"[ERR]  Whole file checksum failed - %s\n",infile);
+        return 1;
+    }
 
     if (get_uint32le(&buf[0x204])==0x0000f000) {
         fw_version = 2;
@@ -338,6 +424,13 @@ int main(int argc, char* argv[])
         return 1;
     }
 
+    /* Load bootloader file */
+    rb_unpacked = load_rockbox_file(bootfile, model, &bootloader_size);
+    if (rb_unpacked == NULL) {
+        fprintf(stderr,"[ERR]  Could not load %s\n",bootfile);
+        return 1;
+    }
+
     printf("[INFO] Patching %s firmware\n",model_names[model]);
 
     /* Get the firmware size */
diff --git a/tools/configure b/tools/configure
index 9213aa2576..f231d092b4 100755
--- a/tools/configure
+++ b/tools/configure
@@ -722,9 +722,10 @@ fi
   ipodbitmaptools="$toolset scramble bmp2rb"
   gigabeatbitmaptools="$toolset scramble descramble bmp2rb"
   tccbitmaptools="$toolset scramble mktccboot bmp2rb"
-  ams3525bitmaptools="$toolset bmp2rb"
-  # generic is used by IFP, H10, Sansa-e200
+  # generic is used by IFP, Meizu and Onda
   genericbitmaptools="$toolset bmp2rb"
+  # scramble is used by all other targets
+  scramblebitmaptools="$genericbitmaptools scramble"
 
 
   #  ---- For each target ----
@@ -1030,7 +1031,7 @@ fi
     bootoutput="H10_20GC.mi4"
     # toolset is the tools within the tools directory that we build for
     # this particular target.
-    toolset="$genericbitmaptools scramble"
+    toolset=$scramblebitmaptools
     # architecture, manufacturer and model for the target-tree build
     t_cpu="arm"
     t_manufacturer="iriver"
@@ -1054,7 +1055,7 @@ fi
     bootoutput="H10.mi4"
     # toolset is the tools within the tools directory that we build for
     # this particular target.
-    toolset="$genericbitmaptools scramble"
+    toolset=$scramblebitmaptools
     # architecture, manufacturer and model for the target-tree build
     t_cpu="arm"
     t_manufacturer="iriver"
@@ -1449,7 +1450,7 @@ fi
     bootoutput="pp5020.mi4"
     # toolset is the tools within the tools directory that we build for
     # this particular target.
-    toolset="$genericbitmaptools scramble"
+    toolset=$scramblebitmaptools
     # architecture, manufacturer and model for the target-tree build
     t_cpu="arm"
     t_manufacturer="olympus"
@@ -1572,7 +1573,7 @@ fi
     bootoutput="PP5022.mi4"
     # toolset is the tools within the tools directory that we build for
     # this particular target.
-    toolset="$genericbitmaptools scramble"
+    toolset=$scramblebitmaptools
     # architecture, manufacturer and model for the target-tree build
     t_cpu="arm"
     t_manufacturer="sandisk"
@@ -1599,7 +1600,7 @@ fi
     bootoutput="pp5022.mi4"
     # toolset is the tools within the tools directory that we build for
     # this particular target.
-    toolset="$genericbitmaptools scramble"
+    toolset=$scramblebitmaptools
     # architecture, manufacturer and model for the target-tree build
     t_cpu="arm"
     t_manufacturer="sandisk"
@@ -1623,7 +1624,7 @@ fi
     bootoutput="firmware.mi4"
     # toolset is the tools within the tools directory that we build for
     # this particular target.
-    toolset="$genericbitmaptools scramble"
+    toolset=$scramblebitmaptools
     # architecture, manufacturer and model for the target-tree build
     t_cpu="arm"
     t_manufacturer="sandisk"
@@ -1685,11 +1686,12 @@ fi
     arm9tdmicc
     bmp2rb_mono="$rootdir/tools/bmp2rb -f 0"
     bmp2rb_native="$bmp2rb_mono"
-    boottool="cp"
-    bootoutput="rockbox.bin"
+    tool="$rootdir/tools/scramble -add=clip"
+    output="rockbox.sansa"
+    bootoutput="bootloader-clip.sansa"
     appextra="recorder:gui"
     plugins=""
-    toolset="$ams3525bitmaptools"
+    toolset=$scramblebitmaptools
     t_cpu="arm"
     t_manufacturer="as3525"
     t_model="sansa-clip"
@@ -1713,7 +1715,7 @@ fi
     bootoutput="pp5020.mi4"
     # toolset is the tools within the tools directory that we build for
     # this particular target.
-    toolset="$genericbitmaptools scramble"
+    toolset=$scramblebitmaptools
     # architecture, manufacturer and model for the target-tree build
     t_cpu="arm"
     t_manufacturer="tatung"
@@ -1737,7 +1739,7 @@ fi
     bootoutput="FWImage.ebn"
     # toolset is the tools within the tools directory that we build for
     # this particular target.
-    toolset="$genericbitmaptools scramble"
+    toolset=$scramblebitmaptools
     # architecture, manufacturer and model for the target-tree build
     t_cpu="arm"
     t_manufacturer="philips"
@@ -1761,7 +1763,7 @@ fi
     bootoutput="FWImage.ebn"
     # toolset is the tools within the tools directory that we build for
     # this particular target.
-    toolset="$genericbitmaptools scramble"
+    toolset=$scramblebitmaptools
     # architecture, manufacturer and model for the target-tree build
     t_cpu="arm"
     t_manufacturer="philips"
diff --git a/tools/scramble.c b/tools/scramble.c
index 649af6e408..429823aaa7 100644
--- a/tools/scramble.c
+++ b/tools/scramble.c
@@ -122,7 +122,7 @@ void usage(void)
            "\t        (X values: h100, h120, h140, h300, ipco, nano, ipvd, mn2g\n"
            "\t                   ip3g, ip4g, mini, iax5, iam5, iam3, h10, h10_5gb,\n"
            "\t                   tpj2, c200, e200, giga, gigs, m100, m500, d2,\n");
-    printf("\t                   9200, 1630, ldax, m200)\n");
+    printf("\t                   9200, 1630, ldax, m200, clip, e2v2)\n");
     printf("\nNo option results in Archos standard player/recorder format.\n");
 
     exit(1);
@@ -285,6 +285,10 @@ int main (int argc, char** argv)
             modelnum = 33;
         else if(!strcmp(&argv[1][5], "9200")) /* Philips SA9200 */
             modelnum = 34;
+        else if (!strcmp(&argv[1][5], "clip"))
+            modelnum = 50;
+        else if (!strcmp(&argv[1][5], "e2v2"))
+            modelnum = 51;
         else {
             fprintf(stderr, "unsupported model: %s\n", &argv[1][5]);
             return 2;