csersoft
commented
7 years ago Theoretically patch uboot can skip the inspection directly, but there is no time to do this. Tips: The associated checksum may exist in the slave_param partition.
Closed cornelus1978 closed 7 years ago
csersoft
commented
7 years ago Theoretically patch uboot can skip the inspection directly, but there is no time to do this. Tips: The associated checksum may exist in the slave_param partition.
cornelus1978
commented
7 years ago Problem is not have the source, or correct source to build uboot, i have a source code of 8247h who includes sd5116h cpu, but after compiled not resulted uboot not work with 5116 cpu.
csersoft
commented
7 years ago Yes, Huawei uboot source is not open. But that does not affect patch it. You can use IDA Pro to analyze and locate key code, and then use the keypatch plugin to modify the binary code to achieve your goal.
cornelus1978
commented
7 years ago What version of ida to use, downloaded once but i cannot see keys, like u explained in forum.
csersoft
commented
7 years ago At that time I used the IDA Pro 6.8 leaked version. You can download the latest 7.0 leaked version. Need to include ARM decompiler.
cornelus1978
commented
7 years ago Ok. I will try
csersoft
commented
7 years ago Maybe you can look up the check not to pass the text prompt, then look for the relevant reference, navigate to the key.
cornelus1978
commented
7 years ago Ah i remembered. When i used ida pro, my keys not have names, like ur have in description. Only subxxx
csersoft
commented
7 years ago Reverse out of no name, need to analyze their own logic to rename themselves.
`HuaWei StartCode 2012.02 (R16C10 May 05 2016 - 15:56:26)
NAND: Nand ID: 0x01 0xF1 0x80 0x1D 0x01 0xF1 0x80 0x1D
ECC Match pagesize:2K, oobzie:64, ecctype:4bit
Nand(Hardware): 128 MiB
startcode select the uboot to load
the high RAM is :8080103c
startcode uboot boot count:-1
Slave struct initializtion success!!
Use the UbootA to load first
Start from UbootA ERROR, Change to UbootB
Both UbootA and UbootB are wrong, load it by JTAG!
U-Boot 2010.03 (R16C10 Jul 14 2016 - 14:19:37)
DRAM: 128 MB
Boot From NAND flash
Chip Type is SD5116H
NAND: Special Nand id table Version 1.23
Nand ID: 0x01 0xF1 0x80 0x1D 0x01 0xF1 0x80 0x1D
ECC Match pagesize:2K, oobzie:64, ecctype:4bit
Nand(Hardware): Block:128KB Page:2KB Chip:128MB*1 OOB:64B ECC:4bit
128 MiB
Using default environment
In: serial
Out: serial
Err: serial
[main.c__6080]::CRC:0xffffffff, Magic1:0x5a5a5a5a, Magic2:0xa5a5a5a5, count:0, CommitedArea:0x0, Ac0 0x000000100000-0x000008000000 : "mtd=1"
UBI: attaching mtd1 to ubi0
slave_paramA in flash, CRC:0xc2c2c50, Magic1:0x5a5a5a5a, Magic2:0xa5a5a5a5, count:0, CommitedArea:02 use slave_paramA which is from flash, the RAM data is not OK!!!
Start from main system(0x1)!
CRC:0xc2c2c50, Magic1:0x5a5a5a5a, Magic2:0xa5a5a5a5, count:1, CommitedArea:0x1, Active:0x1, RunFlag2 Slave Kernel VER:V300R016C10SPC155B052 do not match FS VER:10, B area is not OK!
Main area (B) is not OK! Reboot!
resetting ... `
hello, used uboot modified to stop from boot succesfully with other devices, but this device reset due not match kernel ver with fs ver. can patch again the uboot file to skip that check, and give me a hisilicon prompt ?
thank u.