3 ## This file is part of the sigrok-util project.
5 ## Copyright (C) 2020 Florian Schmidt <schmidt_florian@gmx.de>
7 ## This program is free software; you can redistribute it and/or modify
8 ## it under the terms of the GNU General Public License as published by
9 ## the Free Software Foundation; either version 3 of the License, or
10 ## (at your option) any later version.
12 ## This program is distributed in the hope that it will be useful,
13 ## but WITHOUT ANY WARRANTY; without even the implied warranty of
14 ## MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
15 ## GNU General Public License for more details.
17 ## You should have received a copy of the GNU General Public License
18 ## along with this program; if not, see <http://www.gnu.org/licenses/>.
30 # reuse parseelf.py module from saleae-logic16:
31 fwdir = os.path.dirname(os.path.dirname(os.path.abspath(__file__)))
32 parseelf_py = os.path.join(fwdir, "saleae-logic16", "parseelf.py")
33 spec = importlib.util.spec_from_file_location("parseelf", parseelf_py)
34 parseelf = importlib.util.module_from_spec(spec)
35 spec.loader.exec_module(parseelf)
37 class qt_resources(object):
38 def __init__(self, program):
39 self._elf = parseelf.elf(program)
40 self._elf_sections = {} # idx -> data
41 self._read_resources()
43 def _get_elf_section(self, idx):
44 s = self._elf_sections.get(idx)
46 shdr = self._elf.shdrs[idx]
47 s = self._elf.read_section(shdr), shdr
48 self._elf_sections[idx] = s
51 def _get_elf_sym_value(self, sname):
52 sym = self._elf.symtab[sname]
53 section, shdr = self._get_elf_section(sym["st_shndx"])
54 addr = sym["st_value"] - shdr["sh_addr"]
55 value = section[addr:addr + sym["st_size"]]
56 if len(value) != sym["st_size"]:
57 print("warning: symbol %s should be %d bytes, but in section is only %d bytes" % (
58 sname, sym["st_size"], len(value)))
62 def _get_resource_name(self, offset):
63 length, i = struct.unpack(">HI", self._res_names[offset:offset + 2 + 4])
65 name = self._res_names[offset:offset + 2 * length].decode("utf-16be")
68 def _get_resource_data(self, offset):
69 length = struct.unpack(">I", self._res_datas[offset:offset + 4])[0]
71 return self._res_datas[offset:offset + length]
73 def _read_resources(self):
74 RCCFileInfo_Directory = 0x02
78 while offset < len(self._res_struct):
79 name_offset, flags = struct.unpack(">IH", self._res_struct[offset:offset+4+2])
81 name = self._get_resource_name(name_offset)
82 if flags & RCCFileInfo_Directory:
83 child_count, first_child_offset = struct.unpack(">II", self._res_struct[offset:offset + 4 + 4])
85 table.append((name, flags, child_count, first_child_offset))
87 country, language, data_offset = struct.unpack(">HHI", self._res_struct[offset:offset + 2 + 2 + 4])
89 table.append((name, flags, country, language, data_offset))
91 def read_dir_entries(table, which, parents=[]):
92 name, flags = which[:2]
93 if not flags & RCCFileInfo_Directory:
94 raise Exception("not a directory!")
95 child_count, first_child = which[2:]
96 for i in range(child_count):
97 child = table[first_child + i]
98 if child[1] & RCCFileInfo_Directory:
99 read_dir_entries(table, child, parents + [child[0]])
101 country, language, data_offset = child[2:]
102 full_name = "/".join(parents + [child[0]])
103 self._resources[full_name] = data_offset
105 self._res_datas = self._get_elf_sym_value("_ZL16qt_resource_data")
106 self._res_names = self._get_elf_sym_value("_ZL16qt_resource_name")
107 self._res_struct = self._get_elf_sym_value("_ZL18qt_resource_struct")
109 self._resources = {} # res_fn -> res_offset
111 read_dir_entries(table, table[0])
113 def get_resource(self, res_fn):
114 offset = self._resources[res_fn]
115 data = self._get_resource_data(offset)
118 def find_resource_names(self, res_fn_re):
119 for key in self._resources.keys():
120 m = re.match(res_fn_re, key)
124 class res_writer(object):
125 def __init__(self, res):
128 def _write_file(self, fn, data, decoder=None, zero_pad_to=None):
129 if decoder is not None:
131 if zero_pad_to is not None:
132 if len(data) > zero_pad_to:
133 raise Exception("can not zero_pad_to %d bytes -- data is already %d bytes" % (zero_pad_to, len(data)))
134 data += b"\0" * (zero_pad_to - len(data))
135 with open(fn, "wb") as fp:
137 data_crc32 = zlib.crc32(data) & 0xffffffff
138 print("saved %d bytes to %s (crc32=%08x)" % (len(data), fn, data_crc32))
140 def extract(self, res_fn, out_fn, decoder=None, zero_pad_to=None):
141 self._write_file(out_fn, self.res.get_resource(res_fn), decoder=decoder, zero_pad_to=zero_pad_to)
143 def extract_re(self, res_fn_re, out_fn, decoder=None):
144 for res_fn in res.find_resource_names(res_fn_re):
145 fn = re.sub(res_fn_re, out_fn, res_fn).lower()
146 self._write_file(fn, self.res.get_resource(res_fn), decoder=decoder)
148 def decode_intel_hex(hexdata):
149 """ return list of (address, data)
153 for line in hexdata.split(b"\n"):
155 if chr(line[0]) != ":": raise Exception("invalid line: %r" % line)
157 record = codecs.decode(line[offset:], "hex")
158 byte_count, address, record_type = struct.unpack(">BHB", record[:1 + 2 + 1])
161 data = record[offset:offset + byte_count]
163 checksum = record[offset]
164 ex_checksum = (~sum(record[:offset]) + 1) & 0xff
165 if ex_checksum != checksum: raise Exception("invalid checksum %#x in %r" % (checksum, line))
167 datas.append((address, data))
168 elif record_type == 1:
172 def intel_hex_as_blob(hexdata):
173 """ return continuous bytes sequence including all data
174 (loosing start address here)
176 data = decode_intel_hex(hexdata)
179 length = last[0] + len(last[1])
180 img = bytearray(length)
181 for off, part in data:
182 img[off:off + len(part)] = part
185 def maybe_intel_hex_as_blob(data):
186 if data[0] == ord(":") and max(data) < 127:
187 return intel_hex_as_blob(data)
188 return data # keep binary data
190 if __name__ == "__main__":
191 parser = argparse.ArgumentParser(description = "KingstVIS firmware extraction")
192 parser.add_argument('executable', help = "KingstVIS executable file")
193 options = parser.parse_args()
194 exe_fn = options.executable
196 res = qt_resources(exe_fn)
198 writer = res_writer(res)
202 This extraction script has been tested with the
203 vendor software versions v3.5.0 and v3.5.1
204 These files were extracted and tested successfully:
205 saved 5430 bytes to kingst-la-01a2.fw (crc32=720551a9)
206 saved 178362 bytes to kingst-la2016a1-fpga.bitstream (crc32=7cc894fa)
207 saved 178542 bytes to kingst-la2016-fpga.bitstream (crc32=20694ff1)
208 saved 178379 bytes to kingst-la1016a1-fpga.bitstream (crc32=166866be)
209 saved 178151 bytes to kingst-la1016-fpga.bitstream (crc32=7db70001)
212 # extract all firmware and fpga bitstreams
213 # writer.extract_re(r"fwfpga/(.*)", r"kingst-\1-fpga.bitstream")
214 # writer.extract_re(r"fwusb/fw(.*)", r"kingst-la-\1.fw", decoder=maybe_intel_hex_as_blob)
216 # extract fx2 mcu firmware for both the la2016 and la1016
217 # note that 0x01a2 is the usb pid for both of these devices
218 writer.extract_re("fwusb/fw01A2", "kingst-la-01a2.fw", decoder=maybe_intel_hex_as_blob)
220 # extract fpga bitstreams for la2016
221 # there are two bitstreams, newer hardware uses the 'a1' bitstream
222 writer.extract_re("fwfpga/LA2016(.*)", r"kingst-la2016\1-fpga.bitstream")
224 # extract fpga bitstreams for la1016
225 # there are two bitstreams, newer hardware uses the 'a1' bitstream
226 writer.extract_re("fwfpga/LA1016(.*)", r"kingst-la1016\1-fpga.bitstream")