I've been on-again, off-again working on a new mt76 device. I'm really close to done, but I want normal humans to be able to install OpenWRT on this thing, if possible. However, the factory firmware rejects my sysupgrade image, complaining about the checksum. Is there a recipe somewhere for how to build factory images? I'm not entirely sure of the scope, like is it simply a matter of padding the image to achieve a specific checksum?
thanks for any pointers.
to even start to answer your question we need lots more info
is it a consumer router or development board ?
with any of these thing it's all about the boot loader
it's what receives the firmware files after all
what boot loader is it ?
who made it & what was the guys name OK really I don't need his name but way more information needed
It's a consumer router based on MT7621 and MT7615.
Bootloader is Ralink UBoot Version: 5.0.0.0
Doing a TFTP recovery from the console while feeding it my sysupgrade image ends like this:
Bytes transferred = 4719391 (48031f hex)
LoadAddr=80a00000 NetBootFileXferSize= 0048031f
**************** Parse Head **************
signature='V����^t�S startAddr=0xbf95afbb burnAddr=0x53af745e nmodTag=
**************** CheckSum **************
Checksum err: sum=00000123
see if you can find a firmware file that works in the recovery console
start to deconstruct it's format
take the output of the console while uploading it
if it shows you any information like start address or check sum's
try and evaluate where & how these values are evaluated and stored
then compare them to your firmware and or other examples to see if there is one that's close to the format you need
OK thanks,
This is where my head was. Basically I'm wondering:
You've given me some ideas for #1, I'll have to analyze a bit and see what I come up with.
yes the format & witch files generated is in the MT7621.mk
if the format is the same as another that's all you will need
look at other devices the same brand that is the brand on the box
but also who really made it for them
internet searches & wiki's will help in this
It looks like my platform probably expects a 20-byte MIPS CSYS header in order to look like a factory image; the existing mkedimaximg utility can do this.
On a related note, how do I define the image entry point? The OEM images have a different default entry address than OpenWRT, and though my OpenWRT initramfs image works fine at the default, I'm wondering if the OEM firmware will reject my OpenWRT factory image unless that entry address matches.
it's going to be hard for everyone to help much as you still haven't said what model you are working on
so none of us can even have a look or other interested people can't contribute.
did you at lest find that your device was made by Edimax ?
I do remember a device "Belkin f9k115v2" that I had.
It did have a fixed kernel start address and this limited the kernel size
due to limited size between fixed start address & end of flash
I remember reading about this but it's not a MT76 device but was made by Edimax
The memory partitions have to mostly match the OEM's firmware
I imagine you have already done this when setup in the flash partitions in your DTS file
Here are references to firmware-utils using mksercommfw
https://code.dopame.me/unofficial-mirrors/openwrt/commit/fac27643f057d681ec276828dc4d1ba7159b5680
Thanks.
I ended up using edimax-header (which calls mkedimaximg), like some other Ramips devices do. I had example OEM firmware with their own CSYS header, and just passed the flags to edimax-header so it could mimic those... worked great. Plenty of good examples in other Ramips makefiles.
This topic was automatically closed 10 days after the last reply. New replies are no longer allowed.