Talk:Flash: Difference between revisions
Line 591: | Line 591: | ||
== Community projects == | == Community projects == | ||
* http://www.ps3hax.net/showthread.php?t=50677 | * http://www.ps3hax.net/showthread.php?t=50677 | ||
** https://github.com/anaria28/NOR-Dump-Tool | |||
* https://github.com/Swizzy/PS3DumpChecker | * https://github.com/Swizzy/PS3DumpChecker | ||
Revision as of 18:05, 27 March 2013
List of files on NOR Flash (OLD/historic)
Note: this is the old table that defyboy made, a more current one with absolute values and for all firmware versions is on the Flash mainpage
The following is a list of files stored in NOR Flash
Name | TOC | Start Offset | End Offset | Size | Notes | |||
---|---|---|---|---|---|---|---|---|
Offset | Index | Relative | Absolute | Relative | Absolute | |||
asecure_loader | 0x400 | 0 | 0x400 | 0x810 | 0x2E800 | 0x2F010 | 0x2E800 (190,464 bytes) | aka metldr |
eEID | 0x400 | 1 | 0x2EC00 | 0x2F010 | 0x3EC00 | 0x3F010 | 0x10000 (65,636 bytes) | (IDPS @ offset 0x0002F070 absolute / 0x00000070 inside eEID ) |
cISD | 0x400 | 2 | 0x3EC00 | 0x3F010 | 0x3F400 | 0x3F810 | 0x800 (2,048 bytes) | |
cCSD | 0x400 | 3 | 0x3F400 | 0x3F810 | 0x3FC00 | 0x40010 | 0x800 (2,048 bytes) | |
trvk_prg0 | 0x400 | 4 | 0x3FC00 | 0x40010 | 0x5FC00 | 0x60010 | 0x20000 (131,072 bytes) | |
trvk_prg1 | 0x400 | 5 | 0x5FC00 | 0x60010 | 0x7FC00 | 0x80010 | 0x20000 (131,072 bytes) | |
trvk_pkg0 | 0x400 | 6 | 0x7FC00 | 0x80010 | 0x9FC00 | 0xA0010 | 0x20000 (131,072 bytes) | |
trvk_pkg1 | 0x400 | 7 | 0x9FC00 | 0xA0010 | 0xBFC00 | 0xC0010 | 0x20000 (131,072 bytes) | |
ros0 | 0x400 | 8 | 0xBFC00 | 0xC0010 | 0x7BFC00 | 0x7C0010 | 0x700000 (7,340,032 bytes) | Contains CoreOS files |
ros1 | 0x400 | 9 | 0x7BFC00 | 0x7C0010 | 0xEBFC00 | 0xEC0010 | 0x700000 (7,340,032 bytes) | Contains CoreOS files |
cvtrm | 0x400 | 10 | 0xEBFC00 | 0xEC0010 | 0xEFFC00 | 0xF00010 | 0x40000 (262,144 bytes) | |
CELL_EXTNOR_AREA | 0xF20000 | 0xFA0040 | 0x80040 (524,352 bytes) | |||||
bootldr | 0xFC0000 | 0xFEEAF0 | 0x2EAF0 (191,216 bytes) | End @ FEF170, FEF570, FEF5F0, FEF600 in some dumps |
new metldr.2
Seen on CECH2504B (JSD-001), with 3.60 from factory - datecode 1B
Offset(h) 00 01 02 03 04 05 06 07 08 09 0A 0B 0C 0D 0E 0F 00000800 00 00 00 01 00 00 00 01 00 00 00 00 00 02 E8 00 ..............è. 00000810 00 00 00 00 00 00 00 40 00 00 00 00 00 00 F9 20 .......@......ù 00000820 6D 65 74 6C 64 72 2E 32 00 00 00 00 00 00 00 00 metldr.2........ 00000830 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ 00000840 00 00 0F 8E 6E D7 BC D8 1F 11 EA 34 42 5F 9B 9D ...Žn×¼Ø..ê4B_›. 00000850 00 00 0F 8E 8C 21 5D 5F D0 B4 50 07 6A DD 21 DF ...ŽŒ!]_дP.jÝ!ß Offset(h) 00 01 02 03 04 05 06 07 08 09 0A 0B 0C 0D 0E 0F 0002F070 00 00 00 01 00 85 00 0B 10 24 39 B7 2C BA A8 5E .....…...$9·,º¨^
vflash partition table
Done some work on decoding region 2 today: Region 2 seems to = vflash partition table? These might be the first 2 regions? partition table is 4096 bytes. Format: 16 bytes 00's 16 bytes magic: 00 00 00 00 0F AC E0 FF 00 00 00 00 DE AD FA CE 8 bytes 0x03 8 bytes 0x02 (number of paritions?) 144 bytes 00's Partition entries: 8 bytes entry point (entry point * 0x200) relative to 0x00 on flash 8 bytes entry length (entry length * 0x200) 32 bytes 10 70 00 00 01 00 00 01 00 00 00 00 00 00 00 03 10 70 00 00 02 00 00 01 00 00 00 00 00 00 00 03 96 bytes 00's
Dumping your flash
There are many ways you can dump your flash you can choose the way that best fits you, there are some persons studing the flash.. If you can help providing a dump (specially if you have a debug console) search for those persons in IRC Efnet #ps3dev
Payload
Uncomment dump_dev_flash() in graf_payloads compile and run the payload
see Graf's_PSGroove_Payload for more info
Linux
Using graf_chokolo kernel with /dev/ps3nflasha access
dd if=/dev/ps3nflasha of=NOR.BIN bs=1024
Hardware
Dump NAND/NOR from GameOS
precompiled : dump_flash.pkg // backup/mirror: dump_flash.pkg (70.48 KB)
source: dump_flash-src.rar (2.33 KB)
Make sure USB stick is FAT32 with enough free space (16MB per NOR dump, 256MB per NAND dump)
remarks:
- NAND dumps are 239MB because HV masks bootldr, see Hardware flashing #Difference between hardware dumps and software dumps
- trying to read beyond 0xEFC0000-0xFFFFFFF on NAND systems (a region filled with FF's on consoles without OtherOS) results in panic
NOR Unpacking // NOR Unpkg
/* # ../norunpkg norflash.bin norflash unpacking asecure_loader (size: 190xxx bytes)... unpacking eEID (size: 65536 bytes)... unpacking cISD (size: 2048 bytes)... unpacking cCSD (size: 2048 bytes)... unpacking trvk_prg0 (size: 131072 bytes)... unpacking trvk_prg1 (size: 131072 bytes)... unpacking trvk_pkg0 (size: 131072 bytes)... unpacking trvk_pkg1 (size: 131072 bytes)... unpacking ros0 (size: 7340032 bytes)... unpacking ros1 (size: 7340032 bytes)... unpacking cvtrm (size: 262144 bytes)... */ // Copyright 2010 Sven Peter // Licensed under the terms of the GNU GPL, version 2 // http://www.gnu.org/licenses/old-licenses/gpl-2.0.txt // nor modifications by rms. #include "tools.h" #include "types.h" #include <stdio.h> #include <string.h> #include <stdlib.h> #include <unistd.h> #include <sys/stat.h> #ifdef WIN32 #define MKDIR(x,y) mkdir(x) #else #define MKDIR(x,y) mkdir(x,y) #endif u8 *pkg = NULL; static void unpack_file(u32 i) { u8 *ptr; u8 name[33]; u64 offset; u64 size; ptr = pkg + 0x10 + 0x30 * i; offset = be64(ptr + 0x00); size = be64(ptr + 0x08); memset(name, 0, sizeof name); strncpy((char *)name, (char *)(ptr + 0x10), 0x20); printf("unpacking %s (size: %d bytes)...\n", name, size); memcpy_to_file((char *)name, pkg + offset, size); } static void unpack_pkg(void) { u32 n_files; u64 size; u32 i; n_files = be32(pkg + 4); size = be64(pkg + 8); for (i = 0; i < n_files; i++) unpack_file(i); } int main(int argc, char *argv[]) { if (argc != 3) fail("usage: norunpkg filename.nor target"); pkg = mmap_file(argv[1]); /* kludge for header, i do not do sanity checks at the moment */ pkg += 1024; MKDIR(argv[2], 0777); if (chdir(argv[2]) != 0) fail("chdir"); unpack_pkg(); return 0; }
Source: http://rms.grafchokolo.com/?p=25
Changed version for Progskeet: http://pastebin.com/HNvCbF7d
RMS - eEID splitter
#include <stdio.h> #include <stdlib.h> #include <string.h> void DumpEidData (FILE * pFile, int iInputSize, int iEidCount, char *pFilenamePrefix) { FILE *pOutput; char *szFilename; char *szBuf; int iRes, iSize; printf ("dumping EID%d from eEID at %p, size %d (%x)..\n", iEidCount, pFile, iInputSize, iInputSize); szBuf = (char *) malloc (iInputSize + 1); szFilename = (char *) malloc (strlen (pFilenamePrefix) + 2); if (szBuf == NULL) { perror ("malloc"); exit (1); }; iSize = fread (szBuf, iInputSize, 1, pFile); sprintf (szFilename, "%s%d", pFilenamePrefix, iEidCount); pOutput = fopen (szFilename, "wb"); iRes = fwrite (szBuf, iInputSize, 1, pOutput); if (iRes != iSize) { perror ("fwrite"); exit (1); }; free (szBuf); } int main (int argc, char **argv) { FILE *pFile; char *pPrefix; pFile = fopen (argv[1], "rb"); if (pFile == NULL) { usage: printf ("usage: %s <eEID> <EID name prefix>\n", argv[0]); exit (1); } if (argc == 2 && argv[2] != NULL) { pPrefix = argv[2]; goto usage; } fseek (pFile, 0x70, SEEK_SET); if (pPrefix != NULL) { DumpEidData (pFile, 2144, 0, pPrefix); DumpEidData (pFile, 672, 1, pPrefix); DumpEidData (pFile, 1840, 2, pPrefix); DumpEidData (pFile, 256, 3, pPrefix); DumpEidData (pFile, 48, 4, pPrefix); DumpEidData (pFile, 2560, 5, pPrefix); } return 0; }
Source: http://rms.grafchokolo.com/?p=59
NAND reference
NAND reference (euss)
CECHC-04/COK-002 Pal EU launchmodel with OFW 3.15 updated to MFW 3.15 (Euss)
VTRM
VTRM in NAND: Offset(h) 00 01 02 03 04 05 06 07 08 09 0A 0B 0C 0D 0E 0F 00EC0000 53 43 45 49 56 54 52 4D 00 00 00 00 00 00 00 A8 SCEIVTRM.......¨ 00EC0010 00 00 00 00 00 E8 02 00 00 00 00 00 00 00 00 28 .....è.........( 00EC0020 00 00 00 00 56 54 52 4D 00 00 00 00 00 00 00 04 ....VTRM........ <-- 'VTRM' magic header 00EC0030 FE 6D 0B C4 FA D5 CE DB 93 86 FC A1 32 3B 71 47 þm.ÄúÕÎÛ“†ü¡2;qG <-- same value as 00EC0410 00EC0040 3B A5 C6 F9 C0 00 B6 70 00 00 00 00 00 E8 27 80 ;¥ÆùÀ.¶p.....è'€ <-- first part same value as 00EC0410 00EC0050 00 00 00 00 00 00 00 60 00 00 00 00 00 00 09 20 .......`....... 00EC0060 04 00 00 00 02 00 00 05 10 70 00 05 FF 00 00 01 .........p..ÿ... 00EC0070 0C 1C 05 9C AA B5 97 A5 9C D6 46 2D EA 22 46 BE ...œªµ—¥œÖF-ê"F¾ 00EC0080 D1 84 A9 1E 34 5F E7 90 55 49 11 82 51 9D 4A 3F Ñ„©.4_ç.UI.‚Q.J? 00EC0090 EF 43 19 E8 4F 6A 5B FF DA 31 E9 F0 76 C8 B2 6B ïC.èOj[ÿÚ1éðvȲk 00EC00A0 0B A7 47 8E BE 42 28 9F 2B 88 73 0B A5 B6 F2 1D .§GŽ¾B(Ÿ+ˆs.¥¶ò. 00EC00B0 00 00 00 00 00 00 00 00 FF FF FF FF FF FF FF FF ........ÿÿÿÿÿÿÿÿ 00EC00C0 FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF ÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿ 00EC00D0 FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF ÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿ 00EC00E0 FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF ÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿ 00EC00F0 FF FF FF FF FF FF FF FF 00 00 00 00 00 EB E4 8C ÿÿÿÿÿÿÿÿ.....ëäŒ 00EC0100 00 00 00 00 00 00 00 14 39 17 52 0B 31 70 F5 05 ........9.R.1põ. 00EC0110 02 5A C6 F8 81 F8 54 96 2F EF F3 81 FF FF FF FF .ZÆø.øT–/ïó.ÿÿÿÿ 00EC0120 FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF ÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿ [...] FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF ÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿ 00EC03F0 FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF ÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿ 00EC0400 00 00 00 00 56 54 52 4D 00 00 00 00 00 00 00 04 ....VTRM........ 00EC0410 FE 6D 0B C4 FA D5 CE DB 93 86 FC A1 32 3B 71 47 þm.ÄúÕÎÛ“†ü¡2;qG <-- same value as 00EC0030 00EC0420 3B A5 C6 F9 C0 00 B6 70 00 00 00 00 00 00 04 90 ;¥ÆùÀ.¶p........ <-- first part same value as 00EC0040 00EC0430 00 00 00 00 00 00 09 20 00 00 00 00 00 00 00 03 ....... ........ <-- pattern exception 00EC0440 00 00 00 00 00 00 09 20 00 00 00 00 00 00 09 20 ....... ....... <-- repetive pattern until 00EC0440 with some exceptions [...] 00 00 00 00 00 00 09 20 00 00 00 00 00 00 09 20 ....... ....... <-- repetive pattern until 00EC0440 with some exceptions 00EC1930 00 00 00 00 00 00 00 01 00 00 00 00 00 00 09 20 ............... <-- pattern exception [...] 00 00 00 00 00 00 09 20 00 00 00 00 00 00 09 20 ....... ....... <-- repetive pattern until 00EC0440 with some exceptions 00EC21F0 00 00 00 00 00 00 00 02 00 00 00 00 00 00 09 20 ............... <-- pattern exception [...] 00 00 00 00 00 00 09 20 00 00 00 00 00 00 09 20 ....... ....... <-- repetive pattern until 00EC0440 with some exceptions 00EC24F0 00 00 00 00 00 00 09 20 00 00 00 00 00 00 00 00 ....... ........ [...] 00 00 00 00 00 00 09 20 00 00 00 00 00 00 09 20 ....... ....... <-- repetive pattern until 00EC0440 with some exceptions 00EC28B0 00 00 00 00 00 00 09 20 00 00 00 00 00 00 09 20 ....... ....... <-- repetive pattern until 00EC0440 with some exceptions 00EC28C0 00 00 00 00 00 00 09 20 10 70 00 00 02 00 00 01 ....... .p...... 00EC28D0 10 70 00 00 39 00 00 01 22 66 39 B3 0E 7A 1C E7 .p..9..."f9³.z.ç 00EC28E0 68 85 F9 94 A8 30 BE C4 0B 85 D0 92 1E C0 8F 28 h…ù”¨0¾Ä.…Ð’.À.( 00EC28F0 7F 70 ED 15 D6 22 06 24 D9 08 64 0B C0 D7 97 29 .pí.Ö".$Ù.d.À×—) 00EC2900 BE A1 FE 91 D1 F2 D4 88 25 EF 24 86 E0 A3 CB 98 ¾¡þ‘ÑòÔˆ%ï$†à£Ë˜ 00EC2910 AF 17 6F B1 64 A0 56 E5 00 00 00 00 00 00 00 01 ¯.o±d Vå........ 00EC2920 00 00 00 00 00 00 09 20 10 70 00 00 02 00 00 01 ....... .p...... 00EC2930 10 70 00 00 03 00 00 02 F9 D9 6A 84 0C F2 D8 E7 .p......ùÙj„.òØç 00EC2940 D4 44 5C 3C DF D5 DF 0F B8 DC 3E 81 9A A4 71 8F ÔD\<ßÕß.¸Ü>.š¤q. 00EC2950 0A A8 8B 90 1B 2C A1 D1 66 84 AA EE 65 D1 46 9A .¨‹..,¡Ñf„ªîeÑFš 00EC2960 D7 38 83 F2 78 47 D1 8E E5 FA EB 39 CF 26 E8 25 ×8ƒòxGÑŽåúë9Ï&è% 00EC2970 85 DE 3B C6 0B C3 45 D5 00 00 00 00 00 00 00 00 …Þ;Æ.ÃEÕ........ 00EC2980 00 00 00 00 00 00 09 20 04 00 00 00 02 00 00 05 ....... ........ 00EC2990 10 70 00 05 FF 00 00 01 0C 1C 05 9C AA B5 97 A5 .p..ÿ......œªµ—¥ 00EC29A0 9C D6 46 2D EA 22 46 BE D1 84 A9 1E 34 5F E7 90 œÖF-ê"F¾Ñ„©.4_ç. 00EC29B0 55 49 11 82 51 9D 4A 3F EF 43 19 E8 4F 6A 5B FF UI.‚Q.J?ïC.èOj[ÿ 00EC29C0 DA 31 E9 F0 76 C8 B2 6B 0B A7 47 8E BE 42 28 9F Ú1éðvȲk.§GŽ¾B(Ÿ 00EC29D0 2B 88 73 0B A5 B6 F2 1D 00 00 00 00 00 00 00 00 +ˆs.¥¶ò......... 00EC29E0 FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF ÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿ [...] FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF ÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿ
cell_ext_os_area
Offset(h) 00 01 02 03 04 05 06 07 08 09 0A 0B 0C 0D 0E 0F 0E780000 63 65 6C 6C 5F 65 78 74 5F 6F 73 5F 61 72 65 61 cell_ext_os_area 0E780010 00 00 00 01 00 00 00 02 00 00 00 04 FF FF FF FF ............ÿÿÿÿ 0E780020 00 00 00 01 00 27 F8 40 FF FF FF FF FF FF FF FF .....'ø@ÿÿÿÿÿÿÿÿ
Offset(h) 00 01 02 03 04 05 06 07 08 09 0A 0B 0C 0D 0E 0F 0E7807D0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ 0E7807E0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ 0E7807F0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ 0E780800 1F 8B 08 08 C1 19 04 48 02 03 7A 49 6D 61 67 65 .‹..Á..H..zImage 0E780810 2E 69 6E 69 74 72 64 2E 70 73 33 2E 62 69 6E 00 .initrd.ps3.bin. [...] large data area 0EA00030 FF FE FC FF ED CF FF 07 DE FD A4 A3 A8 88 54 00 ÿþüÿíÏÿ.Þý¤£¨ˆT. 0EA00040 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ [...] 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ large 00 filled block region 0EB7FFE0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ 0EB7FFF0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ 0EB80000 FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF ÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿ 0EB80010 FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF ÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿ [...] FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF ÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿ large FF filled block region 0EFFFFE0 FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF ÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿ 0EFFFFF0 FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF ÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿ
NAND reference (bluemimmo)
CECHA-06/COK-001 with 3.60 OFW
cell_ext_os_area
Offset(h) 00 01 02 03 04 05 06 07 08 09 0A 0B 0C 0D 0E 0F 0E780000 FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF ÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿ note: no cell_ext_os_area, 0CC00000-0FFFFFFF region filled with big blocks of FF 0E780010 FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF ÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿ because firmware version 3.60 has no otheros. [...] FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF ÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿ large FF filled block region 0FFFFFE0 FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF ÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿ 0FFFFFF0 FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF ÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿ
Flash Samples
Reference flash dumps
- 3.55 kmeaw, 2.80 backup: http://www.megaupload.com/?d=J5UKO3HX
- 3.66 ofw: http://www.mediafire.com/?m7m4mppro66zib5
User flashdumps
Here are some samples of NOR Flash for your dissection. These are taken from different consoles (because it is useless to dump different firmware versions as ROS/RVK will be the same crossconsole)
SKU | bootldr | metldr | ROS0 | ROS1 | Link | Note |
---|---|---|---|---|---|---|
PS3 Phat: | ||||||
CECHA | ||||||
CECHB | ||||||
CECHC | ||||||
CECHE | ||||||
CECHG | ||||||
CECHH | ||||||
CECHJ | ||||||
CECHK | ||||||
CECHL | [1] | 3.55-Rogero CECHL03 | ||||
CECHL | [2] | 3.56 CECHL03 | ||||
CECHL | [3] | 3.70 CECHL03 | ||||
CECHM | ||||||
CECHP | ||||||
CECHQ | ||||||
PS3 Slim: | ||||||
CECH-20xx | 3.65 | 3.55 | [4] | 3.65 CECH-2008 A | ||
CECH-20xx | 3.56 | 3.56 | [5] | 3.56 CECH-2008 B | ||
CECH-20xx | 3.42 | 3.70 | [6] | 3.70 CECH-2008 B | ||
CECH-20xx | 3.72 | 4.00 | [7] | 4.00 CECH-2008 B | ||
CECH-21xx | ||||||
CECH-25xx | 3.66 | 3.56 | [8] | 3.60 CECH-2508 B | ||
CECH-25xx | 3.66 | 3.72 | [9] | 3.72 CECH-2508 B | ||
CECH-30xx |
Flash checking / extraction
Community projects
Generic Recommendations
- The information in this wiki was given [freely by many volunteers] ; it would be most fair to release any program based on it, as opensource with the community accordingly (tip: public git-repo).
- Please link to ps3devwiki so that others might improve the code and also know on what information it is based as well as other informative pages.
- Feel free to ask questions on the talkpages when having trouble understanding mainpage or when not knowing what to check for.
- Make checkers/extractors bytedirection aware and byteswap when needed
- There are several flash dumptypes that can exist (besides the normal full ones):
- NAND
- Software dump without any bootldr and with or without masking (old software flashdump and Preloader)
- Software dump with only one bootldr (Memdump)
- Hardware dump with both bootldr (normal full dump)
- NOR
- Software dumps (Preloader)
- Hardware dumps (normal full dump)
- NAND
- Do not take shortcuts. Make users aware if any section is not checked (yet)
- Use dynamic sections whenever possible (will make it easier to port from NAND <> NOR, be more robust in checking, make it more future/history proof)
- Check if data-/file-sections are uninterupted (multirepetive 00 or FF)
- Check for known static values
- When values are semistatic, consider checking with wildcard /range masks
- Make the user aware of any anomalies (in red/bold)
- Output generic information (version, console info, minver etc)
- Check for downgradeability
- Check statistics in range with known FW versions (3.55 is considered base on wiki unless documented)