2 * Boot a Marvell SoC, with Xmodem over UART0.
3 * supports Kirkwood, Dove, Avanta, Armada 370, Armada XP, Armada 375,
4 * Armada 38x and Armada 39x.
6 * (c) 2012 Daniel Stodden <daniel.stodden@gmail.com>
7 * (c) 2021 Pali Rohár <pali@kernel.org>
8 * (c) 2021 Marek Behún <kabel@kernel.org>
11 * - "88F6180, 88F6190, 88F6192, and 88F6281: Integrated Controller: Functional
12 * Specifications" December 2, 2008. Chapter 24.2 "BootROM Firmware".
13 * https://web.archive.org/web/20130730091033/https://www.marvell.com/embedded-processors/kirkwood/assets/FS_88F6180_9x_6281_OpenSource.pdf
14 * - "88AP510: High-Performance SoC with Integrated CPU, 2D/3D Graphics
15 * Processor, and High-Definition Video Decoder: Functional Specifications"
16 * August 3, 2011. Chapter 5 "BootROM Firmware"
17 * https://web.archive.org/web/20120130172443/https://www.marvell.com/application-processors/armada-500/assets/Armada-510-Functional-Spec.pdf
18 * - "88F6710, 88F6707, and 88F6W11: ARMADA(R) 370 SoC: Functional Specifications"
19 * May 26, 2014. Chapter 6 "BootROM Firmware".
20 * https://web.archive.org/web/20140617183701/https://www.marvell.com/embedded-processors/armada-300/assets/ARMADA370-FunctionalSpec-datasheet.pdf
21 * - "MV78230, MV78260, and MV78460: ARMADA(R) XP Family of Highly Integrated
22 * Multi-Core ARMv7 Based SoC Processors: Functional Specifications"
23 * May 29, 2014. Chapter 6 "BootROM Firmware".
24 * https://web.archive.org/web/20180829171131/https://www.marvell.com/embedded-processors/armada-xp/assets/ARMADA-XP-Functional-SpecDatasheet.pdf
25 * - "ARMADA(R) 375 Value-Performance Dual Core CPU System on Chip: Functional
26 * Specifications" Doc. No. MV-S109377-00, Rev. A. September 18, 2013.
27 * Chapter 7 "Boot Sequence"
28 * CONFIDENTIAL, no public documentation available
29 * - "88F6810, 88F6811, 88F6821, 88F6W21, 88F6820, and 88F6828: ARMADA(R) 38x
30 * Family High-Performance Single/Dual CPU System on Chip: Functional
31 * Specifications" Doc. No. MV-S109094-00, Rev. C. August 2, 2015.
32 * Chapter 7 "Boot Flow"
33 * CONFIDENTIAL, no public documentation available
34 * - "88F6920, 88F6925 and 88F6928: ARMADA(R) 39x High-Performance Dual Core CPU
35 * System on Chip Functional Specifications" Doc. No. MV-S109896-00, Rev. B.
36 * December 22, 2015. Chapter 7 "Boot Flow"
37 * CONFIDENTIAL, no public documentation available
59 #include "termios_linux.h"
65 * These functions are in <term.h> header file, but this header file conflicts
66 * with "termios_linux.h" header file. So declare these functions manually.
68 extern int setupterm(const char *, int, int *);
69 extern char *tigetstr(const char *);
72 * Marvell BootROM UART Sensing
75 static unsigned char kwboot_msg_boot[] = {
76 0xBB, 0x11, 0x22, 0x33, 0x44, 0x55, 0x66, 0x77
79 static unsigned char kwboot_msg_debug[] = {
80 0xDD, 0x11, 0x22, 0x33, 0x44, 0x55, 0x66, 0x77
83 /* Defines known to work on Kirkwood */
84 #define KWBOOT_MSG_RSP_TIMEO 50 /* ms */
86 /* Defines known to work on Armada XP */
87 #define KWBOOT_MSG_RSP_TIMEO_AXP 10 /* ms */
93 #define SOH 1 /* sender start of block header */
94 #define EOT 4 /* sender end of block transfer */
95 #define ACK 6 /* target block ack */
96 #define NAK 21 /* target block negative ack */
98 #define KWBOOT_XM_BLKSZ 128 /* xmodem block size */
100 struct kwboot_block {
104 uint8_t data[KWBOOT_XM_BLKSZ];
108 #define KWBOOT_BLK_RSP_TIMEO 2000 /* ms */
109 #define KWBOOT_HDR_RSP_TIMEO 10000 /* ms */
111 /* ARM code to change baudrate */
112 static unsigned char kwboot_baud_code[] = {
113 /* ; #define UART_BASE 0xd0012000 */
114 /* ; #define DLL 0x00 */
115 /* ; #define DLH 0x04 */
116 /* ; #define LCR 0x0c */
117 /* ; #define DLAB 0x80 */
118 /* ; #define LSR 0x14 */
119 /* ; #define TEMT 0x40 */
120 /* ; #define DIV_ROUND(a, b) ((a + b/2) / b) */
122 /* ; u32 set_baudrate(u32 old_b, u32 new_b) { */
124 /* ; (!(readl(UART_BASE + LSR) & TEMT)); */
125 /* ; u32 lcr = readl(UART_BASE + LCR); */
126 /* ; writel(UART_BASE + LCR, lcr | DLAB); */
127 /* ; u8 old_dll = readl(UART_BASE + DLL); */
128 /* ; u8 old_dlh = readl(UART_BASE + DLH); */
129 /* ; u16 old_dl = old_dll | (old_dlh << 8); */
130 /* ; u32 clk = old_b * old_dl; */
131 /* ; u16 new_dl = DIV_ROUND(clk, new_b); */
132 /* ; u8 new_dll = new_dl & 0xff; */
133 /* ; u8 new_dlh = (new_dl >> 8) & 0xff; */
134 /* ; writel(UART_BASE + DLL, new_dll); */
135 /* ; writel(UART_BASE + DLH, new_dlh); */
136 /* ; writel(UART_BASE + LCR, lcr & ~DLAB); */
141 /* ; r0 = UART_BASE */
142 0x0d, 0x02, 0xa0, 0xe3, /* mov r0, #0xd0000000 */
143 0x12, 0x0a, 0x80, 0xe3, /* orr r0, r0, #0x12000 */
145 /* ; Wait until Transmitter FIFO is Empty */
146 /* .Lloop_txempty: */
147 /* ; r1 = UART_BASE[LSR] & TEMT */
148 0x14, 0x10, 0x90, 0xe5, /* ldr r1, [r0, #0x14] */
149 0x40, 0x00, 0x11, 0xe3, /* tst r1, #0x40 */
150 0xfc, 0xff, 0xff, 0x0a, /* beq .Lloop_txempty */
152 /* ; Set Divisor Latch Access Bit */
153 /* ; UART_BASE[LCR] |= DLAB */
154 0x0c, 0x10, 0x90, 0xe5, /* ldr r1, [r0, #0x0c] */
155 0x80, 0x10, 0x81, 0xe3, /* orr r1, r1, #0x80 */
156 0x0c, 0x10, 0x80, 0xe5, /* str r1, [r0, #0x0c] */
158 /* ; Read current Divisor Latch */
159 /* ; r1 = UART_BASE[DLH]<<8 | UART_BASE[DLL] */
160 0x00, 0x10, 0x90, 0xe5, /* ldr r1, [r0, #0x00] */
161 0xff, 0x10, 0x01, 0xe2, /* and r1, r1, #0xff */
162 0x01, 0x20, 0xa0, 0xe1, /* mov r2, r1 */
163 0x04, 0x10, 0x90, 0xe5, /* ldr r1, [r0, #0x04] */
164 0xff, 0x10, 0x01, 0xe2, /* and r1, r1, #0xff */
165 0x41, 0x14, 0xa0, 0xe1, /* asr r1, r1, #8 */
166 0x02, 0x10, 0x81, 0xe1, /* orr r1, r1, r2 */
168 /* ; Read old baudrate value */
169 /* ; r2 = old_baudrate */
170 0x74, 0x20, 0x9f, 0xe5, /* ldr r2, old_baudrate */
172 /* ; Calculate base clock */
174 0x92, 0x01, 0x01, 0xe0, /* mul r1, r2, r1 */
176 /* ; Read new baudrate value */
177 /* ; r2 = new_baudrate */
178 0x70, 0x20, 0x9f, 0xe5, /* ldr r2, new_baudrate */
180 /* ; Calculate new Divisor Latch */
181 /* ; r1 = DIV_ROUND(r1, r2) = */
182 /* ; = (r1 + r2/2) / r2 */
183 0xa2, 0x10, 0x81, 0xe0, /* add r1, r1, r2, lsr #1 */
184 0x02, 0x40, 0xa0, 0xe1, /* mov r4, r2 */
185 0xa1, 0x00, 0x54, 0xe1, /* cmp r4, r1, lsr #1 */
187 0x84, 0x40, 0xa0, 0x91, /* movls r4, r4, lsl #1 */
188 0xa1, 0x00, 0x54, 0xe1, /* cmp r4, r1, lsr #1 */
189 0xfc, 0xff, 0xff, 0x9a, /* bls .Lloop_div1 */
190 0x00, 0x30, 0xa0, 0xe3, /* mov r3, #0 */
192 0x04, 0x00, 0x51, 0xe1, /* cmp r1, r4 */
193 0x04, 0x10, 0x41, 0x20, /* subhs r1, r1, r4 */
194 0x03, 0x30, 0xa3, 0xe0, /* adc r3, r3, r3 */
195 0xa4, 0x40, 0xa0, 0xe1, /* mov r4, r4, lsr #1 */
196 0x02, 0x00, 0x54, 0xe1, /* cmp r4, r2 */
197 0xf9, 0xff, 0xff, 0x2a, /* bhs .Lloop_div2 */
198 0x03, 0x10, 0xa0, 0xe1, /* mov r1, r3 */
200 /* ; Set new Divisor Latch Low */
201 /* ; UART_BASE[DLL] = r1 & 0xff */
202 0x01, 0x20, 0xa0, 0xe1, /* mov r2, r1 */
203 0xff, 0x20, 0x02, 0xe2, /* and r2, r2, #0xff */
204 0x00, 0x20, 0x80, 0xe5, /* str r2, [r0, #0x00] */
206 /* ; Set new Divisor Latch High */
207 /* ; UART_BASE[DLH] = r1>>8 & 0xff */
208 0x41, 0x24, 0xa0, 0xe1, /* asr r2, r1, #8 */
209 0xff, 0x20, 0x02, 0xe2, /* and r2, r2, #0xff */
210 0x04, 0x20, 0x80, 0xe5, /* str r2, [r0, #0x04] */
212 /* ; Clear Divisor Latch Access Bit */
213 /* ; UART_BASE[LCR] &= ~DLAB */
214 0x0c, 0x10, 0x90, 0xe5, /* ldr r1, [r0, #0x0c] */
215 0x80, 0x10, 0xc1, 0xe3, /* bic r1, r1, #0x80 */
216 0x0c, 0x10, 0x80, 0xe5, /* str r1, [r0, #0x0c] */
218 /* ; Loop 0x2dc000 (2998272) cycles */
219 /* ; which is about 5ms on 1200 MHz CPU */
220 /* ; r1 = 0x2dc000 */
221 0xb7, 0x19, 0xa0, 0xe3, /* mov r1, #0x2dc000 */
223 0x01, 0x10, 0x41, 0xe2, /* sub r1, r1, #1 */
224 0x00, 0x00, 0x51, 0xe3, /* cmp r1, #0 */
225 0xfc, 0xff, 0xff, 0x1a, /* bne .Lloop_sleep */
227 /* ; Jump to the end of execution */
228 0x01, 0x00, 0x00, 0xea, /* b end */
230 /* ; Placeholder for old baudrate value */
232 0x00, 0x00, 0x00, 0x00, /* .word 0 */
234 /* ; Placeholder for new baudrate value */
236 0x00, 0x00, 0x00, 0x00, /* .word 0 */
241 /* ARM code from binary header executed by BootROM before changing baudrate */
242 static unsigned char kwboot_baud_code_binhdr_pre[] = {
243 /* ; #define UART_BASE 0xd0012000 */
244 /* ; #define THR 0x00 */
245 /* ; #define LSR 0x14 */
246 /* ; #define THRE 0x20 */
248 /* ; void send_preamble(void) { */
249 /* ; const u8 *str = "$baudratechange"; */
253 /* ; ((readl(UART_BASE + LSR) & THRE)); */
255 /* ; writel(UART_BASE + THR, c); */
259 /* ; Preserve registers for BootROM */
260 0xfe, 0x5f, 0x2d, 0xe9, /* push { r1 - r12, lr } */
262 /* ; r0 = UART_BASE */
263 0x0d, 0x02, 0xa0, 0xe3, /* mov r0, #0xd0000000 */
264 0x12, 0x0a, 0x80, 0xe3, /* orr r0, r0, #0x12000 */
266 /* ; r2 = address of preamble string */
267 0x00, 0x20, 0x8f, 0xe2, /* adr r2, .Lstr_preamble */
269 /* ; Skip preamble data section */
270 0x03, 0x00, 0x00, 0xea, /* b .Lloop_preamble */
272 /* ; Preamble string */
273 /* .Lstr_preamble: */
274 0x24, 0x62, 0x61, 0x75, /* .asciz "$baudratechange" */
275 0x64, 0x72, 0x61, 0x74,
276 0x65, 0x63, 0x68, 0x61,
277 0x6e, 0x67, 0x65, 0x00,
279 /* ; Send preamble string over UART */
280 /* .Lloop_preamble: */
282 /* ; Wait until Transmitter Holding is Empty */
284 /* ; r1 = UART_BASE[LSR] & THRE */
285 0x14, 0x10, 0x90, 0xe5, /* ldr r1, [r0, #0x14] */
286 0x20, 0x00, 0x11, 0xe3, /* tst r1, #0x20 */
287 0xfc, 0xff, 0xff, 0x0a, /* beq .Lloop_thre */
289 /* ; Put character into Transmitter FIFO */
291 0x01, 0x10, 0xd2, 0xe4, /* ldrb r1, [r2], #1 */
292 /* ; UART_BASE[THR] = r1 */
293 0x00, 0x10, 0x80, 0xe5, /* str r1, [r0, #0x0] */
295 /* ; Loop until end of preamble string */
296 0x00, 0x00, 0x51, 0xe3, /* cmp r1, #0 */
297 0xf8, 0xff, 0xff, 0x1a, /* bne .Lloop_preamble */
300 /* ARM code for returning from binary header back to BootROM */
301 static unsigned char kwboot_baud_code_binhdr_post[] = {
302 /* ; Return 0 - no error */
303 0x00, 0x00, 0xa0, 0xe3, /* mov r0, #0 */
304 0xfe, 0x9f, 0xbd, 0xe8, /* pop { r1 - r12, pc } */
307 /* ARM code for jumping to the original image exec_addr */
308 static unsigned char kwboot_baud_code_data_jump[] = {
309 0x04, 0xf0, 0x1f, 0xe5, /* ldr pc, exec_addr */
310 /* ; Placeholder for exec_addr */
312 0x00, 0x00, 0x00, 0x00, /* .word 0 */
315 static const char kwb_baud_magic[16] = "$baudratechange";
317 static int kwboot_verbose;
319 static int msg_rsp_timeo = KWBOOT_MSG_RSP_TIMEO;
320 static int blk_rsp_timeo = KWBOOT_BLK_RSP_TIMEO;
323 kwboot_write(int fd, const char *buf, size_t len)
328 ssize_t wr = write(fd, buf + tot, len - tot);
330 if (wr < 0 && errno == EINTR)
342 kwboot_printv(const char *fmt, ...)
346 if (kwboot_verbose) {
357 const char seq[] = { '-', '\\', '|', '/' };
359 static int state, bs;
361 if (state % div == 0) {
363 fputc(seq[state / div % sizeof(seq)], stdout);
379 __progress(int pct, char c)
381 const int width = 70;
382 static const char *nl = "";
385 if (pos % width == 0)
386 printf("%s%3d %% [", nl, pct);
391 pos = (pos + 1) % width;
394 while (pos && pos++ < width)
406 kwboot_progress(int _pct, char c)
421 kwboot_tty_recv(int fd, void *buf, size_t len, int timeo)
434 tv.tv_usec = timeo * 1000;
435 if (tv.tv_usec > 1000000) {
436 tv.tv_sec += tv.tv_usec / 1000000;
437 tv.tv_usec %= 1000000;
441 nfds = select(fd + 1, &rfds, NULL, NULL, &tv);
442 if (nfds < 0 && errno == EINTR)
451 n = read(fd, buf, len);
452 if (n < 0 && errno == EINTR)
457 buf = (char *)buf + n;
467 kwboot_tty_send(int fd, const void *buf, size_t len, int nodrain)
472 if (kwboot_write(fd, buf, len) < 0)
482 kwboot_tty_send_char(int fd, unsigned char c)
484 return kwboot_tty_send(fd, &c, 1, 0);
488 kwboot_tty_baudrate_to_speed(int baudrate)
637 _is_within_tolerance(int value, int reference, int tolerance)
639 return 100 * value >= reference * (100 - tolerance) &&
640 100 * value <= reference * (100 + tolerance);
644 kwboot_tty_change_baudrate(int fd, int baudrate)
650 rc = tcgetattr(fd, &tio);
654 speed = kwboot_tty_baudrate_to_speed(baudrate);
662 tio.c_ospeed = tio.c_ispeed = baudrate;
665 rc = cfsetospeed(&tio, speed);
669 rc = cfsetispeed(&tio, speed);
673 rc = tcsetattr(fd, TCSANOW, &tio);
677 rc = tcgetattr(fd, &tio);
681 if (cfgetospeed(&tio) != speed || cfgetispeed(&tio) != speed)
686 * Check whether set baudrate is within 3% tolerance.
687 * If BOTHER is defined, Linux always fills out c_ospeed / c_ispeed
690 if (!_is_within_tolerance(tio.c_ospeed, baudrate, 3))
693 if (!_is_within_tolerance(tio.c_ispeed, baudrate, 3))
700 fprintf(stderr, "Could not set baudrate to requested value\n");
706 kwboot_open_tty(const char *path, int baudrate)
713 fd = open(path, O_RDWR | O_NOCTTY | O_NDELAY);
717 rc = tcgetattr(fd, &tio);
722 tio.c_cflag |= CREAD | CLOCAL;
723 tio.c_cflag &= ~(CSTOPB | HUPCL | CRTSCTS);
727 rc = tcsetattr(fd, TCSANOW, &tio);
731 flags = fcntl(fd, F_GETFL);
735 rc = fcntl(fd, F_SETFL, flags & ~O_NDELAY);
739 rc = kwboot_tty_change_baudrate(fd, baudrate);
754 kwboot_msg_write_handler(void *arg)
756 int tty = *(int *)((void **)arg)[0];
757 const void *msg = ((void **)arg)[1];
758 int rsp_timeo = msg_rsp_timeo;
759 int i, dummy_oldtype;
761 /* allow to cancel this thread at any time */
762 pthread_setcanceltype(PTHREAD_CANCEL_ASYNCHRONOUS, &dummy_oldtype);
765 /* write 128 samples of message pattern into the output queue without waiting */
766 for (i = 0; i < 128; i++) {
767 if (kwboot_tty_send(tty, msg, 8, 1) < 0) {
768 perror("\nFailed to send message pattern");
772 /* wait until output queue is transmitted and then make pause */
773 if (tcdrain(tty) < 0) {
774 perror("\nFailed to send message pattern");
777 /* BootROM requires pause on UART after it detects message pattern */
778 usleep(rsp_timeo * 1000);
783 kwboot_msg_start_thread(pthread_t *thread, int *tty, void *msg)
790 rc = pthread_create(thread, NULL, kwboot_msg_write_handler, arg);
800 kwboot_msg_stop_thread(pthread_t thread)
804 rc = pthread_cancel(thread);
810 rc = pthread_join(thread, NULL);
820 kwboot_bootmsg(int tty)
822 struct kwboot_block block;
823 pthread_t write_thread;
827 /* flush input and output queue */
828 tcflush(tty, TCIOFLUSH);
830 rc = kwboot_msg_start_thread(&write_thread, &tty, kwboot_msg_boot);
832 perror("Failed to start write thread");
836 kwboot_printv("Sending boot message. Please reboot the target...");
842 rc = kwboot_tty_recv(tty, &c, 1, msg_rsp_timeo);
843 if (rc && errno == ETIMEDOUT) {
856 rc = kwboot_msg_stop_thread(write_thread);
858 perror("Failed to stop write thread");
864 perror("Failed to read response for boot message pattern");
869 * At this stage we have sent more boot message patterns and BootROM
870 * (at least on Armada XP and 385) started interpreting sent bytes as
871 * part of xmodem packets. If BootROM is expecting SOH byte as start of
872 * a xmodem packet and it receives byte 0xff, then it throws it away and
873 * sends a NAK reply to host. If BootROM does not receive any byte for
874 * 2s when expecting some continuation of the xmodem packet, it throws
875 * away the partially received xmodem data and sends NAK reply to host.
877 * Therefore for starting xmodem transfer we have two options: Either
878 * wait 2s or send 132 0xff bytes (which is the size of xmodem packet)
879 * to ensure that BootROM throws away any partially received data.
882 /* flush output queue with remaining boot message patterns */
883 rc = tcflush(tty, TCOFLUSH);
885 perror("Failed to flush output queue");
889 /* send one xmodem packet with 0xff bytes to force BootROM to re-sync */
890 memset(&block, 0xff, sizeof(block));
891 rc = kwboot_tty_send(tty, &block, sizeof(block), 0);
893 perror("Failed to send sync sequence");
898 * Sending 132 bytes via 115200B/8-N-1 takes 11.45 ms, reading 132 bytes
899 * takes 11.45 ms, so waiting for 30 ms should be enough.
903 /* flush remaining NAK replies from input queue */
904 rc = tcflush(tty, TCIFLUSH);
906 perror("Failed to flush input queue");
914 kwboot_debugmsg(int tty)
916 unsigned char buf[8192];
917 pthread_t write_thread;
921 /* flush input and output queue */
922 tcflush(tty, TCIOFLUSH);
924 rc = kwboot_msg_start_thread(&write_thread, &tty, kwboot_msg_debug);
926 perror("Failed to start write thread");
930 kwboot_printv("Sending debug message. Please reboot the target...");
936 /* Read immediately all bytes in queue without waiting */
937 rc = read(tty, buf + off, sizeof(buf) - off);
938 if ((rc < 0 && errno == EINTR) || rc == 0) {
949 * Check if we received at least 4 debug message patterns
950 * (console echo from BootROM) in cyclic buffer
953 for (pos = 0; pos < sizeof(kwboot_msg_debug); pos++)
954 if (buf[off] == kwboot_msg_debug[(pos + off) % sizeof(kwboot_msg_debug)])
957 for (i = off; i >= 0; i--)
958 if (buf[i] != kwboot_msg_debug[(pos + i) % sizeof(kwboot_msg_debug)])
963 if (off >= 4 * sizeof(kwboot_msg_debug))
966 /* If not move valid suffix from end of the buffer to the beginning of buffer */
967 memmove(buf, buf + i + 1, off);
972 rc = kwboot_msg_stop_thread(write_thread);
974 perror("Failed to stop write thread");
980 perror("Failed to read response for debug message pattern");
984 /* flush output queue with remaining debug message patterns */
985 rc = tcflush(tty, TCOFLUSH);
987 perror("Failed to flush output queue");
991 kwboot_printv("Clearing input buffer...\n");
994 * Wait until BootROM transmit all remaining echo characters.
995 * Experimentally it was measured that for Armada 385 BootROM
996 * it is required to wait at least 0.415s. So wait 0.5s.
1001 * In off variable is stored number of characters received after the
1002 * successful detection of echo reply. So these characters are console
1003 * echo for other following debug message patterns. BootROM may have in
1004 * its output queue other echo characters which were being transmitting
1005 * before above sleep call. So read remaining number of echo characters
1006 * sent by the BootROM now.
1008 while ((rc = kwboot_tty_recv(tty, &buf[0], 1, 0)) == 0)
1010 if (errno != ETIMEDOUT) {
1011 perror("Failed to read response");
1016 * Clear every echo character set by the BootROM by backspace byte.
1017 * This is required prior writing any command to the BootROM debug
1018 * because BootROM command line buffer has limited size. If length
1019 * of the command is larger than buffer size then it looks like
1020 * that Armada 385 BootROM crashes after sending ENTER. So erase it.
1021 * Experimentally it was measured that for Armada 385 BootROM it is
1022 * required to send at least 3 backspace bytes for one echo character.
1023 * This is unknown why. But lets do it.
1026 memset(buf, '\x08', sizeof(buf));
1027 while (off > sizeof(buf)) {
1028 rc = kwboot_tty_send(tty, buf, sizeof(buf), 1);
1030 perror("Failed to send clear sequence");
1035 rc = kwboot_tty_send(tty, buf, off, 0);
1037 perror("Failed to send clear sequence");
1041 usleep(msg_rsp_timeo * 1000);
1042 rc = tcflush(tty, TCIFLUSH);
1044 perror("Failed to flush input queue");
1052 kwboot_xm_makeblock(struct kwboot_block *block, const void *data,
1053 size_t size, int pnum)
1059 block->_pnum = ~block->pnum;
1061 n = size < KWBOOT_XM_BLKSZ ? size : KWBOOT_XM_BLKSZ;
1062 memcpy(&block->data[0], data, n);
1063 memset(&block->data[n], 0, KWBOOT_XM_BLKSZ - n);
1066 for (i = 0; i < n; i++)
1067 block->csum += block->data[i];
1077 if (clock_gettime(CLOCK_MONOTONIC, &ts)) {
1078 static int err_print;
1081 perror("clock_gettime() does not work");
1085 /* this will just make the timeout not work */
1089 return ts.tv_sec * 1000ULL + (ts.tv_nsec + 500000) / 1000000;
1093 _is_xm_reply(char c)
1095 return c == ACK || c == NAK;
1099 _xm_reply_to_error(int c)
1119 kwboot_baud_magic_handle(int fd, char c, int baudrate)
1121 static size_t rcv_len;
1123 if (rcv_len < sizeof(kwb_baud_magic)) {
1124 /* try to recognize whole magic word */
1125 if (c == kwb_baud_magic[rcv_len]) {
1128 printf("%.*s%c", (int)rcv_len, kwb_baud_magic, c);
1134 if (rcv_len == sizeof(kwb_baud_magic)) {
1135 /* magic word received */
1136 kwboot_printv("\nChanging baudrate to %d Bd\n", baudrate);
1138 return kwboot_tty_change_baudrate(fd, baudrate) ? : 1;
1145 kwboot_xm_recv_reply(int fd, char *c, int stop_on_non_xm,
1146 int ignore_nak_reply,
1147 int allow_non_xm, int *non_xm_print,
1148 int baudrate, int *baud_changed)
1150 int timeout = allow_non_xm ? KWBOOT_HDR_RSP_TIMEO : blk_rsp_timeo;
1151 uint64_t recv_until = _now() + timeout;
1155 rc = kwboot_tty_recv(fd, c, 1, timeout);
1157 if (errno != ETIMEDOUT)
1159 else if (allow_non_xm && *non_xm_print)
1165 /* If received xmodem reply, end. */
1166 if (_is_xm_reply(*c)) {
1167 if (*c == NAK && ignore_nak_reply) {
1168 timeout = recv_until - _now();
1176 * If receiving/printing non-xmodem text output is allowed and
1177 * such a byte was received, we want to increase receiving time
1179 * - print the byte, if it is not part of baudrate change magic
1180 * sequence while baudrate change was requested (-B option)
1182 * Otherwise decrease timeout by time elapsed.
1185 recv_until = _now() + timeout;
1187 if (baudrate && !*baud_changed) {
1188 rc = kwboot_baud_magic_handle(fd, *c, baudrate);
1195 } else if (!baudrate || !*baud_changed) {
1203 timeout = recv_until - _now();
1215 kwboot_xm_sendblock(int fd, struct kwboot_block *block, int allow_non_xm,
1216 int *done_print, int baudrate, int allow_retries)
1218 int non_xm_print, baud_changed;
1219 int rc, err, retries;
1228 rc = kwboot_tty_send(fd, block, sizeof(*block), 1);
1232 if (allow_non_xm && !*done_print) {
1233 kwboot_progress(100, '.');
1234 kwboot_printv("Done\n");
1238 rc = kwboot_xm_recv_reply(fd, &c, retries < 3,
1240 allow_non_xm, &non_xm_print,
1241 baudrate, &baud_changed);
1245 if (!allow_non_xm && c != ACK) {
1246 if (c == NAK && allow_retries && retries + 1 < 16)
1247 kwboot_progress(-1, '+');
1249 kwboot_progress(-1, 'E');
1251 } while (c == NAK && allow_retries && retries++ < 16);
1254 kwboot_printv("\n");
1256 if (allow_non_xm && baudrate && !baud_changed) {
1257 fprintf(stderr, "Baudrate was not changed\n");
1262 return _xm_reply_to_error(c);
1265 kwboot_printv("\n");
1271 kwboot_xm_finish(int fd)
1276 kwboot_printv("Finishing transfer\n");
1280 rc = kwboot_tty_send_char(fd, EOT);
1284 rc = kwboot_xm_recv_reply(fd, &c, retries < 3,
1289 } while (c == NAK && retries++ < 16);
1291 return _xm_reply_to_error(c);
1295 kwboot_xmodem_one(int tty, int *pnum, int header, const uint8_t *data,
1296 size_t size, int baudrate)
1302 kwboot_printv("Sending boot image %s (%zu bytes)...\n",
1303 header ? "header" : "data", size);
1308 while (sent < size) {
1309 struct kwboot_block block;
1313 blksz = kwboot_xm_makeblock(&block, data, left, (*pnum)++);
1316 last_block = (left <= blksz);
1319 * Handling of repeated xmodem packets is completely broken in
1320 * Armada 385 BootROM - it completely ignores xmodem packet
1321 * numbers, they are only used for checksum verification.
1322 * BootROM can handle a retry of the xmodem packet only during
1323 * the transmission of kwbimage header and only if BootROM
1324 * itself sent NAK response to previous attempt (it does it on
1325 * checksum failure). During the transmission of kwbimage data
1326 * part, BootROM always expects next xmodem packet, even if it
1327 * sent NAK to previous attempt - there is absolutely no way to
1328 * repair incorrectly transmitted xmodem packet during kwbimage
1329 * data part upload. Also, if kwboot receives non-ACK/NAK
1330 * response (meaning that original BootROM response was damaged
1331 * on UART) there is no way to detect if BootROM accepted xmodem
1332 * packet or not and no way to check if kwboot could repeat the
1335 * Stop transfer and return failure if kwboot receives unknown
1336 * reply if non-xmodem reply is not allowed (for all xmodem
1337 * packets except the last header packet) or when non-ACK reply
1338 * is received during data part transfer.
1340 rc = kwboot_xm_sendblock(tty, &block, header && last_block,
1341 &done_print, baudrate, header);
1349 kwboot_progress(sent * 100 / size, '.');
1353 kwboot_printv("Done\n");
1357 kwboot_printv("\n");
1362 kwboot_xmodem(int tty, const void *_img, size_t size, int baudrate)
1364 const uint8_t *img = _img;
1368 hdrsz = kwbheader_size(img);
1371 * If header size is not aligned to xmodem block size (which applies
1372 * for all images in kwbimage v0 format) then we have to ensure that
1373 * the last xmodem block of header contains beginning of the data
1374 * followed by the header. So align header size to xmodem block size.
1376 hdrsz += (KWBOOT_XM_BLKSZ - hdrsz % KWBOOT_XM_BLKSZ) % KWBOOT_XM_BLKSZ;
1380 rc = kwboot_xmodem_one(tty, &pnum, 1, img, hdrsz, baudrate);
1385 * If we have already sent image data as a part of the last
1386 * xmodem header block then we have nothing more to send.
1391 rc = kwboot_xmodem_one(tty, &pnum, 0, img, size, 0);
1396 rc = kwboot_xm_finish(tty);
1401 kwboot_printv("\nChanging baudrate back to 115200 Bd\n\n");
1402 rc = kwboot_tty_change_baudrate(tty, 115200);
1411 kwboot_term_pipe(int in, int out, const char *quit, int *s, const char *kbs, int *k)
1416 nin = read(in, buf, sizeof(buf));
1425 for (i = 0; i < nin; i++) {
1426 if ((quit || kbs) &&
1427 (!quit || buf[i] != quit[*s]) &&
1428 (!kbs || buf[i] != kbs[*k])) {
1433 prefix = (*s >= *k) ? quit : kbs;
1434 plen = (*s >= *k) ? *s : *k;
1443 if (plen > i && kwboot_write(out, prefix, plen - i) < 0)
1447 if (quit && buf[i] == quit[*s]) {
1450 nin = (i > *s) ? (i - *s) : 0;
1457 if (kbs && buf[i] == kbs[*k]) {
1460 if (i > *k + noff &&
1461 kwboot_write(out, buf + noff, i - *k - noff) < 0)
1464 * Replace backspace key by '\b' (0x08)
1465 * byte which is the only recognized
1466 * backspace byte by Marvell BootROM.
1468 if (write(out, "\x08", 1) < 0)
1484 nin -= (nin > i) ? i : nin;
1488 if (nin > noff && kwboot_write(out, buf + noff, nin - noff) < 0)
1495 kwboot_terminal(int tty)
1498 const char *kbs = NULL;
1499 const char *quit = "\34c";
1500 struct termios otio, tio;
1506 rc = tcgetattr(in, &otio);
1510 rc = tcsetattr(in, TCSANOW, &tio);
1513 perror("tcsetattr");
1518 * Get sequence for backspace key used by the current
1519 * terminal. Every occurrence of this sequence will be
1520 * replaced by '\b' byte which is the only recognized
1521 * backspace byte by Marvell BootROM.
1523 * Note that we cannot read this sequence from termios
1524 * c_cc[VERASE] as VERASE is valid only when ICANON is
1525 * set in termios c_lflag, which is not case for us.
1527 * Also most terminals do not set termios c_cc[VERASE]
1528 * as c_cc[VERASE] can specify only one-byte sequence
1529 * and instead let applications to read (possible
1530 * multi-byte) sequence for backspace key from "kbs"
1531 * terminfo database based on $TERM env variable.
1533 * So read "kbs" from terminfo database via tigetstr()
1534 * call after successful setupterm(). Most terminals
1535 * use byte 0x7F for backspace key, so replacement with
1538 if (setupterm(NULL, STDOUT_FILENO, &rc) == 0) {
1539 kbs = tigetstr("kbs");
1540 if (kbs == (char *)-1)
1544 kwboot_printv("[Type Ctrl-%c + %c to quit]\r\n",
1545 quit[0] | 0100, quit[1]);
1559 nfds = nfds < tty ? tty : nfds;
1563 nfds = nfds < in ? in : nfds;
1566 nfds = select(nfds + 1, &rfds, NULL, NULL, NULL);
1570 if (FD_ISSET(tty, &rfds)) {
1571 rc = kwboot_term_pipe(tty, STDOUT_FILENO, NULL, NULL, NULL, NULL);
1576 if (in >= 0 && FD_ISSET(in, &rfds)) {
1577 rc = kwboot_term_pipe(in, tty, quit, &s, kbs, &k);
1581 } while (quit[s] != 0);
1584 tcsetattr(in, TCSANOW, &otio);
1591 kwboot_read_image(const char *path, size_t *size, size_t reserve)
1601 fd = open(path, O_RDONLY);
1605 len = lseek(fd, 0, SEEK_END);
1606 if (len == (off_t)-1)
1609 if (lseek(fd, 0, SEEK_SET) == (off_t)-1)
1612 img = malloc(len + reserve);
1618 ssize_t rd = read(fd, img + tot, len - tot);
1625 if (!rd && tot < len) {
1645 kwboot_hdr_csum8(const void *hdr)
1647 const uint8_t *data = hdr;
1651 size = kwbheader_size_for_csum(hdr);
1653 for (csum = 0; size-- > 0; data++)
1660 kwboot_img_csum32_ptr(void *img)
1662 struct main_hdr_v1 *hdr = img;
1665 datasz = le32_to_cpu(hdr->blocksize) - sizeof(uint32_t);
1667 return img + le32_to_cpu(hdr->srcaddr) + datasz;
1671 kwboot_img_csum32(const void *img)
1673 const struct main_hdr_v1 *hdr = img;
1674 uint32_t datasz, csum = 0;
1675 const uint32_t *data;
1677 datasz = le32_to_cpu(hdr->blocksize) - sizeof(csum);
1678 if (datasz % sizeof(uint32_t))
1681 data = img + le32_to_cpu(hdr->srcaddr);
1682 while (datasz > 0) {
1683 csum += le32_to_cpu(*data++);
1687 return cpu_to_le32(csum);
1691 kwboot_img_is_secure(void *img)
1693 struct opt_hdr_v1 *ohdr;
1695 for_each_opt_hdr_v1 (ohdr, img)
1696 if (ohdr->headertype == OPT_HDR_V1_SECURE_TYPE)
1703 kwboot_img_grow_data_right(void *img, size_t *size, size_t grow)
1705 struct main_hdr_v1 *hdr = img;
1709 * 32-bit checksum comes after end of image code, so we will be putting
1710 * new code there. So we get this pointer and then increase data size
1711 * (since increasing data size changes kwboot_img_csum32_ptr() return
1714 result = kwboot_img_csum32_ptr(img);
1715 hdr->blocksize = cpu_to_le32(le32_to_cpu(hdr->blocksize) + grow);
1722 kwboot_img_grow_hdr(void *img, size_t *size, size_t grow)
1724 uint32_t hdrsz, datasz, srcaddr;
1725 struct main_hdr_v1 *hdr = img;
1726 struct opt_hdr_v1 *ohdr;
1729 srcaddr = le32_to_cpu(hdr->srcaddr);
1731 /* calculate real used space in kwbimage header */
1732 if (kwbimage_version(img) == 0) {
1733 hdrsz = kwbheader_size(img);
1735 hdrsz = sizeof(*hdr);
1736 for_each_opt_hdr_v1 (ohdr, hdr)
1737 hdrsz += opt_hdr_v1_size(ohdr);
1740 data = (uint8_t *)img + srcaddr;
1741 datasz = *size - srcaddr;
1743 /* only move data if there is not enough space */
1744 if (hdrsz + grow > srcaddr) {
1745 size_t need = hdrsz + grow - srcaddr;
1747 /* move data by enough bytes */
1748 memmove(data + need, data, datasz);
1750 hdr->srcaddr = cpu_to_le32(srcaddr + need);
1754 if (kwbimage_version(img) == 1) {
1756 if (hdrsz > kwbheader_size(img)) {
1757 hdr->headersz_msb = hdrsz >> 16;
1758 hdr->headersz_lsb = cpu_to_le16(hdrsz & 0xffff);
1764 kwboot_add_bin_ohdr_v1(void *img, size_t *size, uint32_t binsz)
1766 struct main_hdr_v1 *hdr = img;
1767 struct opt_hdr_v1 *ohdr;
1774 for_each_opt_hdr_v1 (ohdr, img)
1775 if (opt_hdr_v1_next(ohdr) == NULL)
1778 prev_ext = opt_hdr_v1_ext(ohdr);
1779 ohdr = _opt_hdr_v1_next(ohdr);
1781 ohdr = (void *)(hdr + 1);
1782 prev_ext = &hdr->ext;
1786 * ARM executable code inside the BIN header on some mvebu platforms
1787 * (e.g. A370, AXP) must always be aligned with the 128-bit boundary.
1788 * This requirement can be met by inserting dummy arguments into
1789 * BIN header, if needed.
1791 offset = &ohdr->data[4] - (char *)img;
1792 num_args = ((16 - offset % 16) % 16) / sizeof(uint32_t);
1794 ohdrsz = sizeof(*ohdr) + 4 + 4 * num_args + binsz + 4;
1795 kwboot_img_grow_hdr(hdr, size, ohdrsz);
1799 ohdr->headertype = OPT_HDR_V1_BINARY_TYPE;
1800 ohdr->headersz_msb = ohdrsz >> 16;
1801 ohdr->headersz_lsb = cpu_to_le16(ohdrsz & 0xffff);
1803 memset(&ohdr->data[0], 0, ohdrsz - sizeof(*ohdr));
1804 *(uint32_t *)&ohdr->data[0] = cpu_to_le32(num_args);
1806 return &ohdr->data[4 + 4 * num_args];
1810 _inject_baudrate_change_code(void *img, size_t *size, int for_data,
1811 int old_baud, int new_baud)
1813 struct main_hdr_v1 *hdr = img;
1814 uint32_t orig_datasz;
1819 orig_datasz = le32_to_cpu(hdr->blocksize) - sizeof(uint32_t);
1821 codesz = sizeof(kwboot_baud_code) +
1822 sizeof(kwboot_baud_code_data_jump);
1823 code = kwboot_img_grow_data_right(img, size, codesz);
1825 codesz = sizeof(kwboot_baud_code_binhdr_pre) +
1826 sizeof(kwboot_baud_code) +
1827 sizeof(kwboot_baud_code_binhdr_post);
1828 code = kwboot_add_bin_ohdr_v1(img, size, codesz);
1830 codesz = sizeof(kwboot_baud_code_binhdr_pre);
1831 memcpy(code, kwboot_baud_code_binhdr_pre, codesz);
1835 codesz = sizeof(kwboot_baud_code) - 2 * sizeof(uint32_t);
1836 memcpy(code, kwboot_baud_code, codesz);
1838 *(uint32_t *)code = cpu_to_le32(old_baud);
1839 code += sizeof(uint32_t);
1840 *(uint32_t *)code = cpu_to_le32(new_baud);
1841 code += sizeof(uint32_t);
1844 codesz = sizeof(kwboot_baud_code_data_jump) - sizeof(uint32_t);
1845 memcpy(code, kwboot_baud_code_data_jump, codesz);
1847 *(uint32_t *)code = hdr->execaddr;
1848 code += sizeof(uint32_t);
1849 hdr->execaddr = cpu_to_le32(le32_to_cpu(hdr->destaddr) + orig_datasz);
1851 codesz = sizeof(kwboot_baud_code_binhdr_post);
1852 memcpy(code, kwboot_baud_code_binhdr_post, codesz);
1858 kwboot_img_patch(void *img, size_t *size, int baudrate)
1860 struct main_hdr_v1 *hdr;
1869 if (*size < sizeof(struct main_hdr_v1))
1872 image_ver = kwbimage_version(img);
1873 if (image_ver != 0 && image_ver != 1) {
1874 fprintf(stderr, "Invalid image header version\n");
1878 hdrsz = kwbheader_size(hdr);
1883 csum = kwboot_hdr_csum8(hdr) - hdr->checksum;
1884 if (csum != hdr->checksum)
1887 srcaddr = le32_to_cpu(hdr->srcaddr);
1889 switch (hdr->blockid) {
1890 case IBR_HDR_SATA_ID:
1894 hdr->srcaddr = cpu_to_le32((srcaddr - 1) * 512);
1897 case IBR_HDR_SDIO_ID:
1898 hdr->srcaddr = cpu_to_le32(srcaddr * 512);
1901 case IBR_HDR_PEX_ID:
1902 if (srcaddr == 0xFFFFFFFF)
1903 hdr->srcaddr = cpu_to_le32(hdrsz);
1906 case IBR_HDR_SPI_ID:
1907 if (hdr->destaddr == cpu_to_le32(0xFFFFFFFF)) {
1908 kwboot_printv("Patching destination and execution addresses from SPI/NOR XIP area to DDR area 0x00800000\n");
1909 hdr->destaddr = cpu_to_le32(0x00800000);
1910 hdr->execaddr = cpu_to_le32(0x00800000);
1915 if (hdrsz > le32_to_cpu(hdr->srcaddr) ||
1916 *size < le32_to_cpu(hdr->srcaddr) + le32_to_cpu(hdr->blocksize))
1919 if (kwboot_img_csum32(img) != *kwboot_img_csum32_ptr(img))
1922 is_secure = kwboot_img_is_secure(img);
1924 if (hdr->blockid != IBR_HDR_UART_ID) {
1927 "Image has secure header with signature for non-UART booting\n");
1931 kwboot_printv("Patching image boot signature to UART\n");
1932 hdr->blockid = IBR_HDR_UART_ID;
1936 if (image_ver == 1) {
1938 * Tell BootROM to send BootROM messages to UART port
1939 * number 0 (used also for UART booting) with default
1940 * baudrate (which should be 115200) and do not touch
1941 * UART MPP configuration.
1944 hdr->options &= ~0x1F;
1945 hdr->options |= MAIN_HDR_V1_OPT_BAUD_DEFAULT;
1946 hdr->options |= 0 << 3;
1949 ((struct main_hdr_v0 *)img)->nandeccmode = IBR_HDR_ECC_DISABLED;
1950 hdr->nandpagesize = 0;
1954 if (image_ver == 0) {
1956 "Cannot inject code for changing baudrate into v0 image header\n");
1962 "Cannot inject code for changing baudrate into image with secure header\n");
1967 * First inject code that changes the baudrate from the default
1968 * value of 115200 Bd to requested value. This code is inserted
1969 * as a new opt hdr, so it is executed by BootROM after the
1970 * header part is received.
1972 kwboot_printv("Injecting binary header code for changing baudrate to %d Bd\n",
1974 _inject_baudrate_change_code(img, size, 0, 115200, baudrate);
1977 * Now inject code that changes the baudrate back to 115200 Bd.
1978 * This code is appended after the data part of the image, and
1979 * execaddr is changed so that it is executed before U-Boot
1982 kwboot_printv("Injecting code for changing baudrate back\n");
1983 _inject_baudrate_change_code(img, size, 1, baudrate, 115200);
1985 /* Update the 32-bit data checksum */
1986 *kwboot_img_csum32_ptr(img) = kwboot_img_csum32(img);
1988 /* recompute header size */
1989 hdrsz = kwbheader_size(hdr);
1992 if (hdrsz % KWBOOT_XM_BLKSZ) {
1993 size_t grow = KWBOOT_XM_BLKSZ - hdrsz % KWBOOT_XM_BLKSZ;
1996 fprintf(stderr, "Cannot align image with secure header\n");
2000 kwboot_printv("Aligning image header to Xmodem block size\n");
2001 kwboot_img_grow_hdr(img, size, grow);
2004 hdr->checksum = kwboot_hdr_csum8(hdr) - csum;
2006 *size = le32_to_cpu(hdr->srcaddr) + le32_to_cpu(hdr->blocksize);
2014 kwboot_usage(FILE *stream, char *progname)
2017 "Usage: %s [OPTIONS] [-b <image> | -D <image> | -b | -d ] [-B <baud> ] [-t] <TTY>\n",
2019 fprintf(stream, "\n");
2021 " -b <image>: boot <image> with preamble (Kirkwood, Avanta, Armada 370/XP/375/38x/39x)\n");
2023 " -D <image>: boot <image> without preamble (Dove)\n");
2024 fprintf(stream, " -b: enter xmodem boot mode\n");
2025 fprintf(stream, " -d: enter console debug mode\n");
2026 fprintf(stream, " -a: use timings for Armada XP\n");
2027 fprintf(stream, " -s <resp-timeo>: use specific response-timeout\n");
2029 " -o <block-timeo>: use specific xmodem block timeout\n");
2030 fprintf(stream, "\n");
2031 fprintf(stream, " -t: mini terminal\n");
2032 fprintf(stream, "\n");
2033 fprintf(stream, " -B <baud>: set baud rate\n");
2034 fprintf(stream, "\n");
2038 main(int argc, char **argv)
2040 const char *ttypath, *imgpath;
2041 int rv, rc, tty, term;
2046 size_t after_img_rsv;
2059 after_img_rsv = KWBOOT_XM_BLKSZ;
2062 printf("kwboot version %s\n", PLAIN_VERSION);
2064 kwboot_verbose = isatty(STDOUT_FILENO);
2067 prev_optind = optind;
2068 c = getopt(argc, argv, "hbptaB:dD:q:s:o:");
2074 if (imgpath || bootmsg || debugmsg)
2077 if (prev_optind == optind)
2079 /* Option -b could have optional argument which specify image path */
2080 if (optind < argc && argv[optind] && argv[optind][0] != '-')
2081 imgpath = argv[optind++];
2085 if (imgpath || bootmsg || debugmsg)
2092 if (imgpath || bootmsg || debugmsg)
2098 /* nop, for backward compatibility */
2106 msg_rsp_timeo = KWBOOT_MSG_RSP_TIMEO_AXP;
2110 /* nop, for backward compatibility */
2114 msg_rsp_timeo = atoi(optarg);
2118 blk_rsp_timeo = atoi(optarg);
2122 baudrate = atoi(optarg);
2132 if (!bootmsg && !term && !debugmsg && !imgpath)
2136 * If there is no remaining argument but optional imgpath was parsed
2137 * then it means that optional imgpath was eaten by getopt parser.
2138 * Reassing imgpath to required ttypath argument.
2140 if (optind == argc && imgpath) {
2143 } else if (optind + 1 == argc) {
2144 ttypath = argv[optind];
2149 /* boot and debug message use baudrate 115200 */
2150 if (((bootmsg && !imgpath) || debugmsg) && baudrate != 115200) {
2151 fprintf(stderr, "Baudrate other than 115200 cannot be used for this operation.\n");
2155 tty = kwboot_open_tty(ttypath, baudrate);
2162 * initial baudrate for image transfer is always 115200,
2163 * the change to different baudrate is done only after the header is sent
2165 if (imgpath && baudrate != 115200) {
2166 rc = kwboot_tty_change_baudrate(tty, 115200);
2173 if (baudrate == 115200)
2174 /* do not change baudrate during Xmodem to the same value */
2177 /* ensure we have enough space for baudrate change code */
2178 after_img_rsv += sizeof(struct opt_hdr_v1) + 8 + 16 +
2179 sizeof(kwboot_baud_code_binhdr_pre) +
2180 sizeof(kwboot_baud_code) +
2181 sizeof(kwboot_baud_code_binhdr_post) +
2183 sizeof(kwboot_baud_code) +
2184 sizeof(kwboot_baud_code_data_jump) +
2188 img = kwboot_read_image(imgpath, &size, after_img_rsv);
2194 rc = kwboot_img_patch(img, &size, baudrate);
2196 fprintf(stderr, "%s: Invalid image.\n", imgpath);
2202 rc = kwboot_debugmsg(tty);
2205 } else if (bootmsg) {
2206 rc = kwboot_bootmsg(tty);
2212 rc = kwboot_xmodem(tty, img, size, baudrate);
2220 rc = kwboot_terminal(tty);
2221 if (rc && !(errno == EINTR)) {
2238 kwboot_usage(rv ? stderr : stdout, basename(argv[0]));
projects / platform / kernel / u-boot.git / blob