From 48ec109a1ef0eb814950c0c658799aa75136f464 Mon Sep 17 00:00:00 2001 From: ANTodorov Date: Sun, 17 Nov 2024 18:32:11 +0200 Subject: [PATCH 1/6] use all spi flash v0.1 * introduced a new communication command CMD_FLASHMEM_PAGES64K to get the number of 64k pages * "the last page" is a special, holding the dicts and some other stuff, relocated to there * raised timeout when wiping a mem page (W25Q16 looks a bit slower than W25X20BV) * loop all pages in Flash_WipeMemory() --- CHANGELOG.md | 1 + armsrc/appmain.c | 21 +++++++++-- armsrc/spiffs.c | 1 - armsrc/spiffs_config.h | 2 +- client/src/cmdflashmem.c | 73 +++++++++++++++++++++++++++++++------ client/src/cmdflashmem.h | 1 + common_arm/flashmem.c | 77 +++++++++++++++++++++++++++++----------- common_arm/flashmem.h | 31 ++++++++++++++++ include/pm3_cmd.h | 1 + include/pmflash.h | 21 +++++++++++ 10 files changed, 193 insertions(+), 36 deletions(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index f7bd57785c..f9e101fa7f 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -3,6 +3,7 @@ All notable changes to this project will be documented in this file. This project uses the changelog in accordance with [keepchangelog](http://keepachangelog.com/). Please use this to write notable changes, which is not the same as git commit log... ## [unreleased][unreleased] +- Use all available space from the SPI flash (@ANTodorov) - Fixed wrong size check in MifareSim (@iceman1001) - Fixed `hf mf sim` not to respond to authentication attempts for sectors out of bound for selected Mifare type (@piotrva) - Added option to build against non-default python3 with CMake as well (@doegox) diff --git a/armsrc/appmain.c b/armsrc/appmain.c index e019f14a5d..b0abe6bc10 100644 --- a/armsrc/appmain.c +++ b/armsrc/appmain.c @@ -2789,7 +2789,7 @@ static void PacketReceived(PacketCommandNG *packet) { LED_B_OFF(); break; } - if (page < 3) { + if (page < spi_flash_p64k-1) { isok = Flash_WipeMemoryPage(page); // let spiffs check and update its info post flash erase rdv40_spiffs_check(); @@ -2836,7 +2836,7 @@ static void PacketReceived(PacketCommandNG *packet) { LED_B_ON(); rdv40_validation_t *info = (rdv40_validation_t *)BigBuf_malloc(sizeof(rdv40_validation_t)); - bool isok = Flash_ReadData(FLASH_MEM_SIGNATURE_OFFSET, info->signature, FLASH_MEM_SIGNATURE_LEN); + bool isok = Flash_ReadData(FLASH_MEM_SIGNATURE_OFFSET_P(spi_flash_p64k), info->signature, FLASH_MEM_SIGNATURE_LEN); if (FlashInit()) { Flash_UniqueID(info->flashid); @@ -2845,6 +2845,23 @@ static void PacketReceived(PacketCommandNG *packet) { reply_mix(CMD_ACK, isok, 0, 0, info, sizeof(rdv40_validation_t)); BigBuf_free(); + LED_B_OFF(); + break; + } + case CMD_FLASHMEM_PAGES64K: { + + LED_B_ON(); + + bool isok = false; + if (FlashInit()) { + isok = true; + if (g_dbglevel >= DBG_DEBUG) { + Dbprintf(" CMD_FLASHMEM_PAGE64K 0x%02x (%d 64k pages)", spi_flash_p64k, spi_flash_p64k); + } + FlashStop(); + } + reply_mix(CMD_ACK, isok, 0, 0, &spi_flash_p64k, sizeof(uint8_t)); + LED_B_OFF(); break; } diff --git a/armsrc/spiffs.c b/armsrc/spiffs.c index 7604f6db72..9c5f96042f 100644 --- a/armsrc/spiffs.c +++ b/armsrc/spiffs.c @@ -18,7 +18,6 @@ // SPIFFS api for RDV40 Integration //----------------------------------------------------------------------------- -#define SPIFFS_CFG_PHYS_SZ (1024 * 192) #define SPIFFS_CFG_PHYS_ERASE_SZ (4 * 1024) #define SPIFFS_CFG_PHYS_ADDR (0) #define SPIFFS_CFG_LOG_PAGE_SZ (256) diff --git a/armsrc/spiffs_config.h b/armsrc/spiffs_config.h index f1d54a471d..1e00afc3ca 100644 --- a/armsrc/spiffs_config.h +++ b/armsrc/spiffs_config.h @@ -236,7 +236,7 @@ typedef uint8_t u8_t; // Instead of giving parameters in config struct, singleton build must // give parameters in defines below. #ifndef SPIFFS_CFG_PHYS_SZ -#define SPIFFS_CFG_PHYS_SZ(ignore) (1024*192) +#define SPIFFS_CFG_PHYS_SZ(ignore) (1024 * 64 * (spi_flash_p64k - 1)) #endif #ifndef SPIFFS_CFG_PHYS_ERASE_SZ #define SPIFFS_CFG_PHYS_ERASE_SZ(ignore) (4*1024) diff --git a/client/src/cmdflashmem.c b/client/src/cmdflashmem.c index a43989886a..a87f62a182 100644 --- a/client/src/cmdflashmem.c +++ b/client/src/cmdflashmem.c @@ -50,6 +50,29 @@ static int CmdHelp(const char *Cmd); //------------------------------------------------------------------------------------- +int rdv4_get_flash_pages64k(uint8_t *pages64k) { + if (pages64k == NULL) { + return PM3_EINVARG; + } + + clearCommandBuffer(); + SendCommandNG(CMD_FLASHMEM_PAGES64K, NULL, 0); + PacketResponseNG resp; + if (WaitForResponseTimeout(CMD_ACK, &resp, 2500) == false) { + PrintAndLogEx(WARNING, "rdv4_get_flash_pages64k() timeout while waiting for reply"); + return PM3_ETIMEOUT; + } + + uint8_t isok = resp.oldarg[0] & 0xFF; + if (isok == false) { + PrintAndLogEx(FAILED, "fail reading from flash (pages 64k)"); + return PM3_EFLASH; + } + + memcpy(pages64k, (uint8_t *)resp.data.asBytes, sizeof(uint8_t)); + return PM3_SUCCESS; +} + int rdv4_get_signature(rdv40_validation_t *out) { if (out == NULL) { return PM3_EINVARG; @@ -98,8 +121,16 @@ int rdv4_validate(rdv40_validation_t *mem) { } static int rdv4_sign_write(uint8_t *signature, uint8_t slen) { + + uint8_t spi_flash_pages = 0; + int res = rdv4_get_flash_pages64k(&spi_flash_pages); + if (res != PM3_SUCCESS) { + PrintAndLogEx(ERR, "failed to get flash pages (%x)", res); + return res; + } + flashmem_old_write_t payload = { - .startidx = FLASH_MEM_SIGNATURE_OFFSET, + .startidx = FLASH_MEM_SIGNATURE_OFFSET_P(spi_flash_pages), .len = FLASH_MEM_SIGNATURE_LEN, }; memcpy(payload.data, signature, slen); @@ -201,15 +232,21 @@ static int CmdFlashMemLoad(const char *Cmd) { PrintAndLogEx(INFO, "treating file as T55xx passwords"); } + uint8_t spi_flash_pages = 0; + int res = rdv4_get_flash_pages64k(&spi_flash_pages); + if (res != PM3_SUCCESS) { + PrintAndLogEx(ERR, "failed to get flash pages count (%x)", res); + return res; + } + size_t datalen = 0; uint32_t keycount = 0; - int res = 0; uint8_t keylen = 0; - uint8_t *data = calloc(FLASH_MEM_MAX_SIZE, sizeof(uint8_t)); + uint8_t *data = calloc(FLASH_MEM_MAX_SIZE_P(spi_flash_pages), sizeof(uint8_t)); switch (d) { case DICTIONARY_MIFARE: - offset = DEFAULT_MF_KEYS_OFFSET; + offset = DEFAULT_MF_KEYS_OFFSET_P(spi_flash_pages); keylen = 6; res = loadFileDICTIONARY(filename, data + 2, &datalen, keylen, &keycount); if (res || !keycount) { @@ -227,7 +264,7 @@ static int CmdFlashMemLoad(const char *Cmd) { datalen += 2; break; case DICTIONARY_T55XX: - offset = DEFAULT_T55XX_KEYS_OFFSET; + offset = DEFAULT_T55XX_KEYS_OFFSET_P(spi_flash_pages); keylen = 4; res = loadFileDICTIONARY(filename, data + 2, &datalen, keylen, &keycount); if (res || !keycount) { @@ -245,7 +282,7 @@ static int CmdFlashMemLoad(const char *Cmd) { datalen += 2; break; case DICTIONARY_ICLASS: - offset = DEFAULT_ICLASS_KEYS_OFFSET; + offset = DEFAULT_ICLASS_KEYS_OFFSET_P(spi_flash_pages); res = loadFileDICTIONARY(filename, data + 2, &datalen, keylen, &keycount); if (res || !keycount) { free(data); @@ -268,7 +305,7 @@ static int CmdFlashMemLoad(const char *Cmd) { return PM3_EFILE; } - if (datalen > FLASH_MEM_MAX_SIZE) { + if (datalen > FLASH_MEM_MAX_SIZE_P(spi_flash_pages)) { PrintAndLogEx(ERR, "error, filesize is larger than available memory"); free(data); return PM3_EOVFLOW; @@ -351,8 +388,15 @@ static int CmdFlashMemDump(const char *Cmd) { }; CLIExecWithReturn(ctx, Cmd, argtable, false); + uint8_t spi_flash_pages = 0; + int res = rdv4_get_flash_pages64k(&spi_flash_pages); + if (res != PM3_SUCCESS) { + PrintAndLogEx(ERR, "failed to get flash pages count (%x)", res); + return res; + } + int offset = arg_get_int_def(ctx, 1, 0); - int len = arg_get_int_def(ctx, 2, FLASH_MEM_MAX_SIZE); + int len = arg_get_int_def(ctx, 2, FLASH_MEM_MAX_SIZE_P(spi_flash_pages)); bool view = arg_get_lit(ctx, 3); int fnlen = 0; char filename[FILE_PATH_SIZE] = {0}; @@ -409,15 +453,22 @@ static int CmdFlashMemWipe(const char *Cmd) { // initialwipe = arg_get_lit(ctx, 2); CLIParserFree(ctx); - if (page < 0 || page > 2) { - PrintAndLogEx(WARNING, "page must be 0, 1 or 2"); + uint8_t spi_flash_pages = 0; + int res = rdv4_get_flash_pages64k(&spi_flash_pages); + if (res != PM3_SUCCESS) { + PrintAndLogEx(ERR, "failed to get flash pages count (%x)", res); + return res; + } + + if (page < 0 || page > (spi_flash_pages - 1)) { + PrintAndLogEx(WARNING, "page must be between 0 and %d", spi_flash_pages - 1); return PM3_EINVARG; } clearCommandBuffer(); SendCommandMIX(CMD_FLASHMEM_WIPE, page, initialwipe, 0, NULL, 0); PacketResponseNG resp; - if (!WaitForResponseTimeout(CMD_ACK, &resp, 8000)) { + if (!WaitForResponseTimeout(CMD_ACK, &resp, 10000)) { PrintAndLogEx(WARNING, "timeout while waiting for reply."); return PM3_ETIMEOUT; } diff --git a/client/src/cmdflashmem.h b/client/src/cmdflashmem.h index 60bdd58577..ad8727204b 100644 --- a/client/src/cmdflashmem.h +++ b/client/src/cmdflashmem.h @@ -32,4 +32,5 @@ typedef enum { int CmdFlashMem(const char *Cmd); int rdv4_get_signature(rdv40_validation_t *out); int rdv4_validate(rdv40_validation_t *mem); +int rdv4_get_flash_pages64k(uint8_t *pages64k); #endif diff --git a/common_arm/flashmem.c b/common_arm/flashmem.c index 5aaac347a0..b6ff47fce4 100644 --- a/common_arm/flashmem.c +++ b/common_arm/flashmem.c @@ -43,6 +43,8 @@ static uint32_t FLASHMEM_SPIBAUDRATE = FLASH_BAUD; #ifndef AS_BOOTROM +uint8_t spi_flash_p64k = 0; + void FlashmemSetSpiBaudrate(uint32_t baudrate) { FLASHMEM_SPIBAUDRATE = baudrate; Dbprintf("Spi Baudrate : %dMHz", FLASHMEM_SPIBAUDRATE / 1000000); @@ -144,14 +146,15 @@ uint16_t Flash_WriteData(uint32_t address, uint8_t *in, uint16_t len) { return 0; } - // out-of-range - if (((address >> 16) & 0xFF) > MAX_BLOCKS) { - Dbprintf("Flash_WriteData, block out-of-range"); + if (!FlashInit()) { + if (g_dbglevel > 3) Dbprintf("Flash_WriteData init fail"); return 0; } - if (!FlashInit()) { - if (g_dbglevel > 3) Dbprintf("Flash_WriteData init fail"); + // out-of-range + if (((address >> 16) & 0xFF) > spi_flash_p64k) { + Dbprintf("Flash_WriteData, block out-of-range %02x > %02x", (address >> 16) & 0xFF, spi_flash_p64k); + FlashStop(); return 0; } @@ -187,8 +190,8 @@ uint16_t Flash_WriteDataCont(uint32_t address, uint8_t *in, uint16_t len) { return 0; } - if (((address >> 16) & 0xFF) > MAX_BLOCKS) { - Dbprintf("Flash_WriteDataCont, block out-of-range"); + if (((address >> 16) & 0xFF) > spi_flash_p64k) { + Dbprintf("Flash_WriteDataCont, block out-of-range %02x > %02x", (address >> 16) & 0xFF, spi_flash_p64k); return 0; } @@ -266,18 +269,11 @@ bool Flash_WipeMemory(void) { // Each block is 64Kb. Four blocks // one block erase takes 1s ( 1000ms ) - Flash_WriteEnable(); - Flash_Erase64k(0); - Flash_CheckBusy(BUSY_TIMEOUT); - Flash_WriteEnable(); - Flash_Erase64k(1); - Flash_CheckBusy(BUSY_TIMEOUT); - Flash_WriteEnable(); - Flash_Erase64k(2); - Flash_CheckBusy(BUSY_TIMEOUT); - Flash_WriteEnable(); - Flash_Erase64k(3); - Flash_CheckBusy(BUSY_TIMEOUT); + for (uint8_t i=0; i < spi_flash_p64k; i++) { + Flash_WriteEnable(); + Flash_Erase64k(i); + Flash_CheckBusy(BUSY_TIMEOUT); + } FlashStop(); return true; @@ -293,7 +289,7 @@ void Flash_WriteEnable(void) { // execution time: 0.8ms / 800us bool Flash_Erase4k(uint8_t block, uint8_t sector) { - if (block > MAX_BLOCKS || sector > MAX_SECTORS) return false; + if (block > spi_flash_p64k || sector > MAX_SECTORS) return false; FlashSendByte(SECTORERASE); FlashSendByte(block); @@ -328,7 +324,7 @@ bool Flash_Erase32k(uint32_t address) { // 0x03 00 00 -- 0x 03 FF FF == block 3 bool Flash_Erase64k(uint8_t block) { - if (block > MAX_BLOCKS) return false; + if (block > spi_flash_p64k) return false; FlashSendByte(BLOCK64ERASE); FlashSendByte(block); @@ -404,6 +400,7 @@ void Flashmem_print_status(void) { ); } } + Dbprintf(" Flash pages (64k)....... " _YELLOW_("0x%02x (%u)"), spi_flash_p64k, spi_flash_p64k); uint8_t uid[8] = {0, 0, 0, 0, 0, 0, 0, 0}; Flash_UniqueID(uid); @@ -457,6 +454,38 @@ void Flashmem_print_info(void) { FlashStop(); } +//read spi flash JEDEC ID and fill the global variable spi_flash_p64k +bool FlashDetect(bool flash_init) { + flash_device_type_t flash_device = {0}; + + if (flash_init) { + if (!FlashInit()) { + if (g_dbglevel > 3) Dbprintf("FlashDetect() FlashInit fail"); + return 0; + } + } + + if (!Flash_ReadID(&flash_device, true)) { + if (g_dbglevel > 3) Dbprintf("Flash_ReadID failed"); + return false; + } + + uint32_t identifier = (flash_device.manufacturer_id <<16) + (flash_device.device_id <<8) + flash_device.device_id2; + int i = 0; + for (; i < ARRAYLEN(SpiFlashTable); i++) { + if (SpiFlashTable[i].identifier == identifier) { + break; + } + } + + spi_flash_p64k = SpiFlashTable[i].pages64; + + if (flash_init) { + FlashStop(); + } + return true; +} + #endif // #ifndef AS_BOOTROM @@ -471,6 +500,12 @@ bool FlashInit(void) { return false; } +#ifndef AS_BOOTROM + if (spi_flash_p64k == 0){ + if (!FlashDetect(false)) return 0; + } +#endif // #ifndef AS_BOOTROM + return true; } diff --git a/common_arm/flashmem.h b/common_arm/flashmem.h index 127ea43b09..5718963f3c 100644 --- a/common_arm/flashmem.h +++ b/common_arm/flashmem.h @@ -145,6 +145,37 @@ uint16_t Flash_WriteDataCont(uint32_t address, uint8_t *in, uint16_t len); void Flashmem_print_status(void); void Flashmem_print_info(void); +typedef struct spi_flash_s { + const uint32_t identifier; + const uint8_t pages64; + const char *desc; +} spi_flash_t; + +// spi_flash_t is expected to be NULL terminated +const static spi_flash_t SpiFlashTable[] = { + // Manufacturer: Puya + { 0x856015, 32, "P25Q16H" }, + // Manufacturer: Winbond + { 0xEF3012, 4, "W25X20BV" }, + { 0xEF3013, 8, "W25X40BV" }, + + { 0xEF4013, 8, "W25Q40BV" }, + { 0xEF4014, 16, "W25Q80BV" }, + { 0xEF4015, 32, "W25Q16BV" }, + { 0xEF4016, 64, "W25Q32BV" }, + + { 0xEF7022, 4, "W25Q02JV" }, + { 0x000000, 4, "Unknown!" } +}; + +#ifndef ARRAYLEN +# define ARRAYLEN(x) (sizeof(x)/sizeof((x)[0])) +#endif + +extern uint8_t spi_flash_p64k; + +bool FlashDetect(bool); + #endif // #ifndef AS_BOOTROM diff --git a/include/pm3_cmd.h b/include/pm3_cmd.h index c9cc314ce9..0cfc9bfaa0 100644 --- a/include/pm3_cmd.h +++ b/include/pm3_cmd.h @@ -433,6 +433,7 @@ typedef struct { #define CMD_FLASHMEM_DOWNLOADED 0x0124 #define CMD_FLASHMEM_INFO 0x0125 #define CMD_FLASHMEM_SET_SPIBAUDRATE 0x0126 +#define CMD_FLASHMEM_PAGES64K 0x0127 // RDV40, High level flashmem SPIFFS Manipulation // ALL function will have a lazy or Safe version diff --git a/include/pmflash.h b/include/pmflash.h index 65e373f8f2..3d009fc9f3 100644 --- a/include/pmflash.h +++ b/include/pmflash.h @@ -37,10 +37,16 @@ #ifndef FLASH_MEM_MAX_SIZE # define FLASH_MEM_MAX_SIZE 0x40000 // (262144) #endif +#ifndef FLASH_MEM_MAX_SIZE_P +# define FLASH_MEM_MAX_SIZE_P(p64k) (1024 * 64 * p64k) +#endif #ifndef FLASH_MEM_MAX_4K_SECTOR # define FLASH_MEM_MAX_4K_SECTOR 0x3F000 #endif +#ifndef FLASH_MEM_MAX_4K_SECTOR_P +# define FLASH_MEM_MAX_4K_SECTOR_P(p64k) (FLASH_MEM_MAX_SIZE_P(p64k) - 4096) +#endif #ifndef FLASH_MEM_ID_LEN # define FLASH_MEM_ID_LEN 8 @@ -54,6 +60,9 @@ // -1 for historical compatibility with already released Proxmark3 RDV4.0 devices # define FLASH_MEM_SIGNATURE_OFFSET (FLASH_MEM_MAX_SIZE - FLASH_MEM_SIGNATURE_LEN - 1) #endif +#ifndef FLASH_MEM_SIGNATURE_OFFSET_P +# define FLASH_MEM_SIGNATURE_OFFSET_P(p64k) (FLASH_MEM_MAX_SIZE_P(p64k) - FLASH_MEM_SIGNATURE_LEN - 1) +#endif #ifndef T55XX_CONFIG_LEN # define T55XX_CONFIG_LEN sizeof( t55xx_configurations_t ) @@ -62,6 +71,9 @@ #ifndef T55XX_CONFIG_OFFSET # define T55XX_CONFIG_OFFSET (FLASH_MEM_MAX_4K_SECTOR - 0x2000) #endif +#ifndef T55XX_CONFIG_OFFSET_P +# define T55XX_CONFIG_OFFSET_P(p64k) (FLASH_MEM_MAX_4K_SECTOR_P(p64k) - 0x2000) +#endif // Reserved space for T55XX PWD = 4 kb #ifndef DEFAULT_T55XX_KEYS_OFFSET @@ -69,6 +81,9 @@ # define DEFAULT_T55XX_KEYS_OFFSET (T55XX_CONFIG_OFFSET - DEFAULT_T55XX_KEYS_LEN) # define DEFAULT_T55XX_KEYS_MAX ((DEFAULT_T55XX_KEYS_LEN - 2) / 4) #endif +#ifndef DEFAULT_T55XX_KEYS_OFFSET_P +# define DEFAULT_T55XX_KEYS_OFFSET_P(p64k) (T55XX_CONFIG_OFFSET_P(p64k) - DEFAULT_T55XX_KEYS_LEN) +#endif // Reserved space for iClass keys = 4 kb #ifndef DEFAULT_ICLASS_KEYS_OFFSET @@ -76,6 +91,9 @@ # define DEFAULT_ICLASS_KEYS_OFFSET (DEFAULT_T55XX_KEYS_OFFSET - DEFAULT_ICLASS_KEYS_LEN) # define DEFAULT_ICLASS_KEYS_MAX ((DEFAULT_ICLASS_KEYS_LEN - 2) / 8) #endif +#ifndef DEFAULT_ICLASS_KEYS_OFFSET_P +# define DEFAULT_ICLASS_KEYS_OFFSET_P(p64k) (DEFAULT_T55XX_KEYS_OFFSET_P(p64k) - DEFAULT_ICLASS_KEYS_LEN) +#endif // Reserved space for MIFARE Keys = 12 kb #ifndef DEFAULT_MF_KEYS_OFFSET @@ -83,6 +101,9 @@ # define DEFAULT_MF_KEYS_OFFSET (DEFAULT_ICLASS_KEYS_OFFSET - DEFAULT_MF_KEYS_LEN) # define DEFAULT_MF_KEYS_MAX ((DEFAULT_MF_KEYS_LEN - 2) / 6) #endif +#ifndef DEFAULT_MF_KEYS_OFFSET_P +# define DEFAULT_MF_KEYS_OFFSET_P(p64k) (DEFAULT_ICLASS_KEYS_OFFSET_P(p64k) - DEFAULT_MF_KEYS_LEN) +#endif // RDV40, validation structure to help identifying that client/firmware is talking with RDV40 typedef struct { From 34e317a9dff530d79b30fe6bd6fbc6ff33390d60 Mon Sep 17 00:00:00 2001 From: ANTodorov Date: Sun, 17 Nov 2024 22:07:58 +0200 Subject: [PATCH 2/6] address review comments --- common_arm/flashmem.c | 9 ++++++--- include/pmflash.h | 2 +- 2 files changed, 7 insertions(+), 4 deletions(-) diff --git a/common_arm/flashmem.c b/common_arm/flashmem.c index b6ff47fce4..4757a46d21 100644 --- a/common_arm/flashmem.c +++ b/common_arm/flashmem.c @@ -461,7 +461,7 @@ bool FlashDetect(bool flash_init) { if (flash_init) { if (!FlashInit()) { if (g_dbglevel > 3) Dbprintf("FlashDetect() FlashInit fail"); - return 0; + return false; } } @@ -483,6 +483,7 @@ bool FlashDetect(bool flash_init) { if (flash_init) { FlashStop(); } + return true; } @@ -501,8 +502,10 @@ bool FlashInit(void) { } #ifndef AS_BOOTROM - if (spi_flash_p64k == 0){ - if (!FlashDetect(false)) return 0; + if (spi_flash_p64k == 0) { + if (!FlashDetect(false)) { + return false; + } } #endif // #ifndef AS_BOOTROM diff --git a/include/pmflash.h b/include/pmflash.h index 3d009fc9f3..d7791814f7 100644 --- a/include/pmflash.h +++ b/include/pmflash.h @@ -38,7 +38,7 @@ # define FLASH_MEM_MAX_SIZE 0x40000 // (262144) #endif #ifndef FLASH_MEM_MAX_SIZE_P -# define FLASH_MEM_MAX_SIZE_P(p64k) (1024 * 64 * p64k) +# define FLASH_MEM_MAX_SIZE_P(p64k) (1024 * 64 * (p64k)) #endif #ifndef FLASH_MEM_MAX_4K_SECTOR From 861c7efd26a3a3d505e2687169129e4ef64e93bc Mon Sep 17 00:00:00 2001 From: ANTodorov Date: Sun, 17 Nov 2024 22:10:04 +0200 Subject: [PATCH 3/6] fix missing offsets the data was written, but it should be readable too... --- armsrc/appmain.c | 8 ++++---- armsrc/lfops.c | 4 ++-- armsrc/mifarecmd.c | 4 ++-- common_arm/flashmem.c | 6 +++--- 4 files changed, 11 insertions(+), 11 deletions(-) diff --git a/armsrc/appmain.c b/armsrc/appmain.c index b0abe6bc10..152c15335d 100644 --- a/armsrc/appmain.c +++ b/armsrc/appmain.c @@ -2748,11 +2748,11 @@ static void PacketReceived(PacketCommandNG *packet) { break; } - if (payload->startidx == DEFAULT_T55XX_KEYS_OFFSET) { + if (payload->startidx == DEFAULT_T55XX_KEYS_OFFSET_P(spi_flash_p64k)) { Flash_CheckBusy(BUSY_TIMEOUT); Flash_WriteEnable(); Flash_Erase4k(3, 0xC); - } else if (payload->startidx == DEFAULT_MF_KEYS_OFFSET) { + } else if (payload->startidx == DEFAULT_MF_KEYS_OFFSET_P(spi_flash_p64k)) { Flash_CheckBusy(BUSY_TIMEOUT); Flash_WriteEnable(); Flash_Erase4k(3, 0x8); @@ -2762,11 +2762,11 @@ static void PacketReceived(PacketCommandNG *packet) { Flash_CheckBusy(BUSY_TIMEOUT); Flash_WriteEnable(); Flash_Erase4k(3, 0xA); - } else if (payload->startidx == DEFAULT_ICLASS_KEYS_OFFSET) { + } else if (payload->startidx == DEFAULT_ICLASS_KEYS_OFFSET_P(spi_flash_p64k)) { Flash_CheckBusy(BUSY_TIMEOUT); Flash_WriteEnable(); Flash_Erase4k(3, 0xB); - } else if (payload->startidx == FLASH_MEM_SIGNATURE_OFFSET) { + } else if (payload->startidx == FLASH_MEM_SIGNATURE_OFFSET_P(spi_flash_p64k)) { Flash_CheckBusy(BUSY_TIMEOUT); Flash_WriteEnable(); Flash_Erase4k(3, 0xF); diff --git a/armsrc/lfops.c b/armsrc/lfops.c index 1378095249..b5567f020d 100644 --- a/armsrc/lfops.c +++ b/armsrc/lfops.c @@ -2148,7 +2148,7 @@ void T55xx_ChkPwds(uint8_t flags, bool ledcontrol) { BigBuf_Clear_EM(); uint16_t isok = 0; uint8_t counter[2] = {0x00, 0x00}; - isok = Flash_ReadData(DEFAULT_T55XX_KEYS_OFFSET, counter, sizeof(counter)); + isok = Flash_ReadData(DEFAULT_T55XX_KEYS_OFFSET_P(spi_flash_p64k), counter, sizeof(counter)); if (isok != sizeof(counter)) goto OUT; @@ -2164,7 +2164,7 @@ void T55xx_ChkPwds(uint8_t flags, bool ledcontrol) { // adjust available pwd_count pwd_count = pwd_size_available / 4; - isok = Flash_ReadData(DEFAULT_T55XX_KEYS_OFFSET + 2, pwds, pwd_size_available); + isok = Flash_ReadData(DEFAULT_T55XX_KEYS_OFFSET_P(spi_flash_p64k) + 2, pwds, pwd_size_available); if (isok != pwd_size_available) goto OUT; diff --git a/armsrc/mifarecmd.c b/armsrc/mifarecmd.c index 715b691329..034012fcff 100644 --- a/armsrc/mifarecmd.c +++ b/armsrc/mifarecmd.c @@ -1789,7 +1789,7 @@ void MifareChkKeys_fast(uint32_t arg0, uint32_t arg1, uint32_t arg2, uint8_t *da BigBuf_free(); uint16_t isok = 0; uint8_t size[2] = {0x00, 0x00}; - isok = Flash_ReadData(DEFAULT_MF_KEYS_OFFSET, size, 2); + isok = Flash_ReadData(DEFAULT_MF_KEYS_OFFSET_P(spi_flash_p64k), size, 2); if (isok != 2) goto OUT; @@ -1808,7 +1808,7 @@ void MifareChkKeys_fast(uint32_t arg0, uint32_t arg1, uint32_t arg2, uint8_t *da if (datain == NULL) goto OUT; - isok = Flash_ReadData(DEFAULT_MF_KEYS_OFFSET + 2, datain, key_mem_available); + isok = Flash_ReadData(DEFAULT_MF_KEYS_OFFSET_P(spi_flash_p64k) + 2, datain, key_mem_available); if (isok != key_mem_available) goto OUT; diff --git a/common_arm/flashmem.c b/common_arm/flashmem.c index 4757a46d21..f819552366 100644 --- a/common_arm/flashmem.c +++ b/common_arm/flashmem.c @@ -428,7 +428,7 @@ void Flashmem_print_info(void) { uint16_t num; Flash_CheckBusy(BUSY_TIMEOUT); - uint16_t isok = Flash_ReadDataCont(DEFAULT_MF_KEYS_OFFSET, keysum, 2); + uint16_t isok = Flash_ReadDataCont(DEFAULT_MF_KEYS_OFFSET_P(spi_flash_p64k), keysum, 2); if (isok == 2) { num = ((keysum[1] << 8) | keysum[0]); if (num != 0xFFFF && num != 0x0) @@ -436,7 +436,7 @@ void Flashmem_print_info(void) { } Flash_CheckBusy(BUSY_TIMEOUT); - isok = Flash_ReadDataCont(DEFAULT_T55XX_KEYS_OFFSET, keysum, 2); + isok = Flash_ReadDataCont(DEFAULT_T55XX_KEYS_OFFSET_P(spi_flash_p64k), keysum, 2); if (isok == 2) { num = ((keysum[1] << 8) | keysum[0]); if (num != 0xFFFF && num != 0x0) @@ -444,7 +444,7 @@ void Flashmem_print_info(void) { } Flash_CheckBusy(BUSY_TIMEOUT); - isok = Flash_ReadDataCont(DEFAULT_ICLASS_KEYS_OFFSET, keysum, 2); + isok = Flash_ReadDataCont(DEFAULT_ICLASS_KEYS_OFFSET_P(spi_flash_p64k), keysum, 2); if (isok == 2) { num = ((keysum[1] << 8) | keysum[0]); if (num != 0xFFFF && num != 0x0) From d49e1f6af6f6e8743c5eff48026dc0557d681ab4 Mon Sep 17 00:00:00 2001 From: ANTodorov Date: Sun, 17 Nov 2024 22:12:28 +0200 Subject: [PATCH 4/6] remove unused definition --- include/pmflash.h | 4 ---- 1 file changed, 4 deletions(-) diff --git a/include/pmflash.h b/include/pmflash.h index d7791814f7..bbed4b12e9 100644 --- a/include/pmflash.h +++ b/include/pmflash.h @@ -112,9 +112,5 @@ typedef struct { uint8_t signature[FLASH_MEM_SIGNATURE_LEN]; } PACKED rdv40_validation_t; -// SPIFFS current allocates 192KB of the 256KB available. -#ifndef FLASH_SPIFFS_ALLOCATED_SIZE -# define FLASH_SPIFFS_ALLOCATED_SIZE (1024 * 192) -#endif #endif // __PMFLASH_H From 597bfd6d193500e84f75c25ac98fba9b60902f36 Mon Sep 17 00:00:00 2001 From: ANTodorov Date: Sun, 17 Nov 2024 22:38:59 +0200 Subject: [PATCH 5/6] fix signature offset in a log message too hopefully last one (tm) --- client/src/cmdflashmem.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/client/src/cmdflashmem.c b/client/src/cmdflashmem.c index a87f62a182..c9d126147d 100644 --- a/client/src/cmdflashmem.c +++ b/client/src/cmdflashmem.c @@ -148,7 +148,7 @@ static int rdv4_sign_write(uint8_t *signature, uint8_t slen) { return PM3_EFAILED; } } - PrintAndLogEx(SUCCESS, "Writing signature at offset %u ( "_GREEN_("ok") " )", FLASH_MEM_SIGNATURE_OFFSET); + PrintAndLogEx(SUCCESS, "Writing signature at offset %u ( "_GREEN_("ok") " )", FLASH_MEM_SIGNATURE_OFFSET_P(spi_flash_pages)); return PM3_SUCCESS; } From 51a94d6d51ed4395bd5bc7047dc8f805765ab745 Mon Sep 17 00:00:00 2001 From: ANTodorov Date: Sun, 17 Nov 2024 23:56:40 +0200 Subject: [PATCH 6/6] restore config page (the last page) protection from wiping --- client/src/cmdflashmem.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/client/src/cmdflashmem.c b/client/src/cmdflashmem.c index c9d126147d..d1e9ab672c 100644 --- a/client/src/cmdflashmem.c +++ b/client/src/cmdflashmem.c @@ -460,8 +460,8 @@ static int CmdFlashMemWipe(const char *Cmd) { return res; } - if (page < 0 || page > (spi_flash_pages - 1)) { - PrintAndLogEx(WARNING, "page must be between 0 and %d", spi_flash_pages - 1); + if (page < 0 || page > (spi_flash_pages - 2)) { + PrintAndLogEx(WARNING, "page must be between 0 and %d", spi_flash_pages - 2); return PM3_EINVARG; }