Hi John, On Mon, Mar 02, 2015 at 08:29:45PM +0100, John Crispin wrote: > i tried this before and it did not work
I must admit that I didn't see that <magic>...</magic> in the code of the extractor... (though this seems to be fine, changing MAGIC or MAGIC_SZ results in LZMA decompression errors which do not occur with the current values). Details: It seems like the vdsl rom extracted from the new w901v firmware binary is shifted by 24 bytes and kinda got a lot of 'T' (0x54) characters scattered all over the header which do not occur in the working vdsl firmware rom I got (from bt). Thus I tried to stick the header (up to 0x90) of my existing rom onto the body (starting from 0xA8) of the newly extracted rom, resulting in something very much resembling the old rom. diff'ing the hexdumps shows that whole sections are now identical and at identical offsets -- however, it doesn't work (VDSL line remains in state 0xff Idle request) TAPI seems fine though and identical to the previous release, the MD5 matches. Given that the TAPI binary is much harder to find elsewhere, I reckon we could use at least that (if it actually happens to be identical for all boards/slics/codecs). My feeling is that the extractor works fine, but the vdsl firmware header was changed a bit and maybe some more obfuscation was added to the existing magic. It can't be too crazy though, as large cunks of the rom remained identical, thus I suspect only the header and/or checksums being obfuscated and that shouldn't be diffcult to figure out... I'll meditate a bit more over it and will let you know what I'm finding. More eyepairs could also help finding the needle in that haystack... Cheers Daniel _______________________________________________ openwrt-devel mailing list [email protected] https://lists.openwrt.org/cgi-bin/mailman/listinfo/openwrt-devel
