Skip to main content

Messages

This section allows you to view all Messages made by this member. Note that you can only see Messages made in areas you currently have access to.

Messages - Xykon

2
Bus Pirate Support / Re: PIN Connections for BIOS Chip Pirate Bus v4 Asus A6j
I did a bit more reading and this is the important part:

Quote
When working in-system, typically on a PC or Notebook, the Pm49FL002/004 are connected to the host system through a 5-pin communication interface operated based on a 33-MHz synchronous clock. The 5-pin interface is defined as FWH[3:0] and FWH4 pins under FWH mode or as LAD[3:0] and LFRAME# pins under LPC mode for easy understanding as to those existing compatible  products. When working off-system, typically on a EPROM Programmer, the devices are operated through 11-pin multiplexed address - A[10:0] and 8-pin data I/O - I/O[7:0] interfaces. The memory addresses of devices are input through two bus cycles as row and column addresses controlled by a R/C# pin.

So you best bet to program this chip outside of a notebook is by using the traditional parallel chip programming interface (11-pin multiplexed address - A[10:0] and 8-pin data I/O - I/O[7:0]). For this the Bus Pirate doesn't have enough IOs obviously. You could use the 5-pin interface but the Bus Pirate won't be able to generate a 33Mhz clock and even if you could run this at lower clock speeds you'd have to program the whole protocol by yourself because Bus Pirate to my knowledge does not support it (at least not in the official firmware).

It might be possible to do this, and the protocol is explained quite nicely in Table 3: FWH Memory Write Cycle Definition. You could connect CLK to CLK, FWH[3:0] to AUX[3:0], FWH4 to MISO and RST# to MOSI and toggle the pins manually according to the diagram and waveform guide. You could then try writing a script that reads the firmware file and sets the outputs accordingly. However there is no grantee you'll get the timing right to actually write data onto the chip.

From what I read so far I'd say yes in theory it might be possible to program the chip with a Bus Pirate but you have a LOT of work ahead of you unless you find some else who's already done some research on this.
3
Bus Pirate Support / Re: PIN Connections for BIOS Chip Pirate Bus v4 Asus A6j
I looked briefly at the diagram on pg.3 and I don't think you can use the Bus Pirate here. Bus Pirate can flash serial memory chips but this looks like a parallel one. First off there are two versions of the chip, one with pins on all four sides (called PLCC package) and one with pins only on two opposite sides (VSOP package). You need to use the one that looks like your chip does.

This chip can be used in different ways, but all of them seem to require parallel data lines to communicate with the chip. The Bus Pirate only supports serial chips and I believe flashrom only supports SPI flash chips. I'm pretty sure you need a professional memory chip programmer for this. I'm not sure exactly how many pins are needed to program new firmware into this chip but I'd guess in FW mode at least FWH0-4, RST# and CLK are needed. BPv4 has 7 digital IOs so it may be possible to pull this off but you'd need to pretty much have to look at things on your own as I don't know of anyone who has done something like that. This is definitely not something Bus Pirate was designed to do out of the box so it'll take weeks or probably months of hard work to get this running if it even is possible.
4
Bus Pirate Support / Re: Finding out RS232 commands from massage chair
I'm not sure... many mobile phones are also programmed via a box that connects to a serial port on a PC (either real or USB serial). The serial communication is only between the PC and programming box, which translates into a different protocol. This could very well be the case with this chair as well.

The bus pirate can understand several different serial protocols used in electronics beside RS232 like I2C and SPI. It even has a limited logic analyser mode that can help you understand how the data is transmitted, so buying one is a good choice to start with. However depending on the complexity of how these chairs work, more sophisticated equipment may be necessary to decode the remote control system. I'd start with looking at how many cables run between the remote and the chair... if there are just two or three data lines it is a serial protocol but if there are a whole bunch of wires things can get complicated quickly and there are only a few inputs on the bus pirate so you can't measure an 8 or 16bit wide bus system effectively.
5
Project logs / Re: EZ-USB-FX1 based PSOC 3/5 programmer
Use the following command to convert it: Hex2bix.exe -M 0x8000 -i -f 0xc2 ftk_X_simfw.hex

The resulting file can then be programmed into the FxUSB eeprom. It's been quite a while since I did that as I since got a 050LP dev board. If you need more help with that let me know and I can check that again.
6
Bus Pirate Support / Re: failure during bootloader upgrade (v2 to v4)
This is not an advert, as I do not benefit in any way by posting this.

I've been using this PIC Programmer successfully with both BP3 and BP4 for years and it works very well. It's also quite cheap, I'm not sure there are any PicKit2 compatible programmers out there that are cheaper.

Make sure you get this version which has a 3.3/5V switch and not the iCP01 which is 5V only (BP3/4 require 3.3V!).

I actually have two of these so I removed the heat shrink tubing on one of them to flash the official Microchip PicKit2 software on it. However both seem to work fine so it doesn't really matter which software version you are using.

Once again this is only a suggestion from a satisfied customer, not spam or advertising.
7
General discussion / Re: Cost-effective European parts suppliers for small quanti
I've recently started buying stuff on amazon.co.uk (even though the actual items are sent from china). I got some really good offers in the past few weeks and have been impressed with the quality and speed that a lot of these things arrive at. I do have prime anyways and if I need something quickly I can get it next day even though the "normal" senders are usually a lot cheaper.
9
General discussion / Re: STM32 VEHICLE TRACKER OPENSOURCE
First time users aren't allowed to post links... due to spam problems.

http://akb77.com/g/stm32/car-tracker-free/


Quote
New users can't post links until they make one post and the account is 24 hours old.

This lets you post a support request right away, but gives us time to check it out before we get clobbered with a ton of spam links.

These restrictions only apply to new users. They are removed automatically after your account makes 1 post and is 24 hours old. Normal users will never be effected by these restrictions.
10
Bus Pirate Support / Re: How to dump bootloader of router using Bus Pirate?
It would depend on what kind of flash device the router is using. If you have access to the block device via root shell, you can use dd to dump it via the network. If you want to read the flash chip directly, it depends on the type. SPI chips can be read with flashrom, I2C chips can be dumped directly via BP menu. Most likely though its a parallel flash so you'll either need a special clip connected to a reader or you'll have to de-solder it. I had some success by replacing the memory chip on standard SDCards with the flash from a router, but only because they used the same type and size. I also have a special flash reader designed to re-flash a PS3 to play pirated games... but it only works on NOR flash of certain sizes.

Your best bet remains to do it from the root shell. I'd check some sites like openwrt or dd-wrt for some hints on how to "discover" hardware that's not supported by default.

This is a good read to get started: http://wiki.openwrt.org/doc/devel/add.new.platform
12
Bus Pirate Development / MLA CDC demo for BusPirate v4
We had a small discussion here on the Forum about using code from the Microchip USB Libraries on open-source projects. It seems that, since the initial firmware for the BPv4 was written, Microchip has relaxed their license agreements to actually allow both Source and Binary distribution of Software based on their libraries.

I have thus started to look into the CDC driver and basic demo application for the BPv4 hw. For starters, I have put together a small package with a CDC echo application specifically for the BPv4 HW which can be found on my GitHub repo as cdc_basic_p24FJ256GB106. The original MLA version supports all kinds of different hardware and thus contains a lot of files in many different subdirectories, so putting it all together into one small package and removing things like leds and buttons that the BPv4 doesn't have should help a lot in understanding what's really needed to get it running.

I have also started looking into adding this into the actual BusPirate code as an optional compiler switch, but haven't been very successful yet. I think what should be done first is to completely separate the software and the hardware part of the code. I also think that it might be time to drop hardware support for everything below v3 because all those #ifdefs make the code very hard to understand.

I'll keep thinking about this in the next few weeks and try to come up with a few suggestions that might ultimately make it easier to maintain the actual code, incorporate different USB stacks and port the BusPirate code to different hardware like a PIC32 or even ARM based microcontrollers.

I thus thought I'd post the CDC example here in case someone else might be interested in using it as an alternate USB stack for the BusPirate or something else that uses the BPv4 design.
13
Bus Pirate Development / Re: Bug report v6.3-beta1 r2151 Bootloader v4.4.
Thanks for giving it a try.... I'm not really an expert on BP (or PIC in general) programming but was planning to do some work on SIM cards in the near future which is why I got interested in this bug.

I guess the only way to troubleshoot this further for me is to do some debugging with real hardware. As I moved from France to the UK not too long ago, I haven't been able to unpack all my electronics yet, so it'll take me some time to find my Smart Card breakout board to do some tests. I'll certainly keep working on this but don't expect anything in the next few days as I have some busy days at work ahead of me and was also planning to re-install my Windows PC from scratch as its starting to act up really strange. I hope some of the more qualified experts will also be able to offer some hints as to where exactly things are going wrong.

And from what I understand you are actually managing to work with your cards manually without the use of macros, and the problems you mentioned above are rather cosmetical and not blocking whatever you are working on. If you do get stuck on something though please let us know and we can hopefully help give you more tips on how to achieve your goals.
15
Bus Pirate Development / Re: Bug report v6.3-beta1 r2151 Bootloader v4.4.
Alternatively use the ds30 Loader GUI to program the BP. I normally program the BP directly from MPLAB-X using a PicKit2 or PicKit3 clone so I didn't even notice there was a problem.

So I programmed the bootloader from the BusPirate.package.v6.2-beta1, closed PGC/PGD with a jumper and opened "ds30 Loader GUI.exe" and selected the .hex file after unpacking it. It was programmed without any problems.

[attachment=0]

P.S. At least according to the source code, pirate loader should be case insensitive:
Quote
+2010-06-28 - Made HEX parser case-insensative

Unfortunately I don't have the means to re-compile the pirate-loader package at the moment, so I cannot check if the latest source file really incorporates this change or if something is still buggy.

( ! ) Fatal error: Uncaught exception 'Elk_Exception' with message 'Please try again. If you come back to this error screen, report the error to an administrator.' in /var/www/dangerousprototypes/forum/sources/database/Db-mysql.class.php on line 696
( ! ) Elk_Exception: Please try again. If you come back to this error screen, report the error to an administrator. in /var/www/dangerousprototypes/forum/sources/database/Db-mysql.class.php on line 696
Call Stack
#TimeMemoryFunctionLocation
10.02262449176session_write_close ( )...(null):0
20.02322580792ElkArte\sources\subs\SessionHandler\DatabaseHandler->write( )...(null):0
30.02322581568Database_MySQL->query( ).../DatabaseHandler.php:119
40.07022720328Database_MySQL->error( ).../Db-mysql.class.php:273