An experimental ‘asbo’ boot ROM for the 2Wire 2701HGV-C has been burned and it successfully boots.
asbokid@u50si1:~/asboboot$ cat makebootrom.sh #!/bin/bash # # make an 'asbo' boot ROM out of the original 2701HGV-C boot ROM image # # GPL3 (c) 2011 asbokid <ballymunboy@gmail.com> # copy initialisation L0 bootscript from original 2701 boot ROM image dd bs=1 if=2701hgv-c_bootrom.bin of=asbo004_2701hgv-c_bootrom.bin count=904 # MMIO(JTAG_DATA_OUT) = a5b0 0001 (asbo, number 1 in hacked boot ROM quality!) echo -n -e "\x04\x10\xe6\x1b\x01\x00\xb0\xa5" >> asbo004_2701hgv-c_bootrom.bin # DRAM load address (0x4000,0000) echo -n -e "\x01\x00\x00\x40" >> asbo004_2701hgv-c_bootrom.bin # little-endian 32-bit integer count of 32-bit words in the new L1 bootloader ./getl1size l1hack004_ares.mi >> asbo004_2701hgv-c_bootrom.bin # copy the new 'asbo' L1 bootloader into the eeprom image cat l1hack004_ares.mi >> asbo004_2701hgv-c_bootrom.bin # idle for a while so we can suck out the last JTAG_DATA_OUT message echo -n -e "\xf2\xff\x00\x00" >> asbo004_2701hgv-c_bootrom.bin # MMIO(JTAG_DATA_OUT) = a5b0 0002 echo -n -e "\x04\x10\xe6\x1b\x02\x00\xb0\xa5" >> asbo004_2701hgv-c_bootrom.bin # take TM3260 out of reset echo -n -e "\x30\x00\xf0\x1b\xe3\x00\x00\x80" >> asbo004_2701hgv-c_bootrom.bin # terminate bootscript echo -n -e "\x06\x00\x00\x00" >> asbo004_2701hgv-c_bootrom.bin # padding the rest of the ROM image with 0xff is left to the burner s/w asbokid@u50si1:~/asboboot$
The getl1size tool is very simple:
asbokid@u50si1:~/asboboot$ cat getl1size.c
#include <stdio.h>
#include <stdint.h>
int main(int argc, char **argv) {
FILE *fp;
long length;
uint8_t *ch;
fp=fopen(argv[1],"rb");
if(fp==NULL) {
printf("file %s not found!\n", argv[1]);
return -1;
}
fseek(fp,0L,SEEK_END);
length = ftell(fp);
if(length % 4) {
printf("file %s is not aligned on a word boundary", argv[1]);
fclose(fp);
return -2;
}
length /= 4;
ch = (uint8_t *) &length;
printf("%c%c%c%c", *ch, *(ch+1), *(ch+2), *(ch+3));
fclose(fp);
return 0;
}
asbokid@u50si1:~/asboboot$
Excelent :d