[OpenWrt-Devel] lantiq: vr9-vdsl-fw: update w921v firmware version

Signed-off-by: Daniel Golle <daniel@makrotopia.org>
---
 package/kernel/lantiq/ltq-vdsl-fw/src/vdsl_fw_install.sh | 8 ++++----
 package/kernel/lantiq/ltq-vdsl-fw/src/w921v_fw_cutter.c  | 4 ++--
 2 files changed, 6 insertions(+), 6 deletions(-)

Hi Felix!

On Tue, Mar 03, 2015 at 07:04:25AM +1300, Felix Fietkau wrote:
> > Signed-off-by: Daniel Golle <daniel@makrotopia.org>
> Did you test this properly?
Not really tested, yet. w921v_fw_cutter does recognize all the magics
and the file header and tail looks very much like the firmware I'm
currently using on a VDSL2 line with PTM on a VRX200 using kernel 3.18
with the patch posted just before the w921v_fw_cutter bump.

Noticable changes since the previous version are that vectoring was
added (->changelog on T-Com download site), so it's a good question
if user-space also had to be adjusted for that or if the API remained
compatible...

I'll be able to try replacing my current vdsl.bin with the blob
extracted from the w921v download somewhen later tonight I hope
(right now the device is in "productive use", I'll have to wait
for everyone to go to sleep before making them unhappy...)


Cheers


Daniel

On 02/03/2015 19:16, Daniel Golle wrote:
> Hi Felix!
> 
> On Tue, Mar 03, 2015 at 07:04:25AM +1300, Felix Fietkau wrote:
>>> Signed-off-by: Daniel Golle <daniel@makrotopia.org>
>> Did you test this properly?
> Not really tested, yet. w921v_fw_cutter does recognize all the
> magics and the file header and tail looks very much like the
> firmware I'm currently using on a VDSL2 line with PTM on a VRX200
> using kernel 3.18 with the patch posted just before the
> w921v_fw_cutter bump.
> 
> Noticable changes since the previous version are that vectoring
> was added (->changelog on T-Com download site), so it's a good
> question if user-space also had to be adjusted for that or if the
> API remained compatible...
> 
> I'll be able to try replacing my current vdsl.bin with the blob 
> extracted from the w921v download somewhen later tonight I hope 
> (right now the device is in "productive use", I'll have to wait for
> everyone to go to sleep before making them unhappy...)
> 



i tried this before and it did not work

Hi John,

On Mon, Mar 02, 2015 at 08:29:45PM +0100, John Crispin wrote:
> i tried this before and it did not work

I must admit that I didn't see that <magic>...</magic> in the
code of the extractor... (though this seems to be fine, changing
MAGIC or MAGIC_SZ results in LZMA decompression errors which do not
occur with the current values).

Details:
It seems like the vdsl rom extracted from the new w901v firmware binary
is shifted by 24 bytes and kinda got a lot of 'T' (0x54) characters
scattered all over the header which do not occur in the working vdsl
firmware rom I got (from bt).
Thus I tried to stick the header (up to 0x90) of my existing rom onto
the body (starting from 0xA8) of the newly extracted rom, resulting in
something very much resembling the old rom. diff'ing the hexdumps shows
that whole sections are now identical and at identical offsets --
however, it doesn't work (VDSL line remains in state 0xff Idle request)

TAPI seems fine though and identical to the previous release, the MD5
matches. Given that the TAPI binary is much harder to find elsewhere,
I reckon we could use at least that (if it actually happens to be
identical for all boards/slics/codecs).

My feeling is that the extractor works fine, but the vdsl firmware
header was changed a bit and maybe some more obfuscation was added to
the existing magic. It can't be too crazy though, as large cunks of the
rom remained identical, thus I suspect only the header and/or checksums
being obfuscated and that shouldn't be diffcult to figure out...
I'll meditate a bit more over it and will let you know what I'm finding.

More eyepairs could also help finding the needle in that haystack...


Cheers


Daniel