How does one start porting the fw to another platform?

Discussions related to the firmware code development
VK3KYY
Posts: 5122
Joined: Sat Nov 16, 2019 3:25 am
Location: Melbourne, Australia
Contact:

Re: How does one start porting the fw to another platform?

Post by VK3KYY » Wed Oct 19, 2022 9:56 am

EA5JAQ wrote:
Wed Oct 19, 2022 9:13 am
Hi all!

I was checking out an MCU ROM backup I took from my DM-1801 and I noticed that between the bootloader and the start of the firmware (aka, between 0x3800 and 0x3FF0) there is an additional section. But I just saw that the bootloader for the GD77 and GD77S ends at 0x3FF0 and immediately after, at 0x4000, the actual firmware starts (at least in the patched bootloaders I could find).

I assume this are the signature bytes that for the GD77 are at 0x7F800, right?

To run OpenGD77 in my Retevis RT50, my plan now is just to manually add the compiled firmware (i'll have to change in the code where every button is connected) after the GD77S bootloader, manually substitute both codec sections with the ones I extracted from my DM-1801 MCU ROM backup, fill with 0xFF until the end (0x7FFFF) and SWD it to the radio. I'll never be able to put my radio into DFU mode (as SK1 and SK2 are not connected to the same place) but at least I'll run OpenGD77 on it!! (or I'll try to and brick the radio in the process :lol: ) So, if I use the patched bootloader and do this, I won't have problems with the signature bytes?

Another doubt I have, I found in my computer old flash and eeprom backups for the GD77. Do those work for the GD77S or does it use a different system?

Thanks! :)

73
Good lucky with that.

I originally patched the official firmware using Ghidra, but found that patching in assembler was very time consuming an difficult.



All these radios have signature bytes, but they are in all different locations.

EA5JAQ
Posts: 36
Joined: Thu Jul 16, 2020 6:08 am

Re: How does one start porting the fw to another platform?

Post by EA5JAQ » Wed Oct 19, 2022 10:26 am

Yeah, patching the bootloader wouldn’t be worth it, so I’ll just use the patched one from this forum that doesn’t check the signature bytes (thank you for doing it, by the way). Making the firmware work is gonna be hard enough, and all I want the bootloader to do is start the firmware. It’s easier to me to always program the radio using SWD than patching the bootloader so I can use USB, as I’m doing this only for myself.

I really wish I could’ve found a solution that could potentially work for everybody, but getting the original bootloader is nearly impossible, decompiling it and getting the encryption system would take hundreds of hours, and all this for a radio that is not popular and has been discontinued. Anyway, this project has a great future ahead with the MD-UV380 and MD-9600 duo, so thank you so much for that, can’t wait to check out the code.

I’ll just try to flash the firmware and GD77S patched bootloader using SWD and hopefully it works and I can find some use for this radio.

Thank you so much. 73

VK3KYY
Posts: 5122
Joined: Sat Nov 16, 2019 3:25 am
Location: Melbourne, Australia
Contact:

Re: How does one start porting the fw to another platform?

Post by VK3KYY » Wed Oct 19, 2022 9:45 pm

I don't really understand why you are patching the binary file

What CPU is in the radio you are porting to ? MK22 or STM32

Can't you just recompile the OpenGD77


Unless you can crack the encrytion your work is not likely to be useful to many people, as normally people do not want to open their radio and connect to the SWD pins and reflash the MCU using a programmer dongle.

EA5JAQ
Posts: 36
Joined: Thu Jul 16, 2020 6:08 am

Re: How does one start porting the fw to another platform?

Post by EA5JAQ » Thu Oct 20, 2022 5:16 am

I need to patch the binary to add the original codec sections and also the bootloader, as the MCU is read-protected and I can’t use swd without deleting the original bootloader.

The MCU is an MK22 and the rest of the hardware is identical to the GD77S (rotary, etc). Only it has no VHF PA, and the UHF PA is 10W. And it’s got some kind of 7-segment custom display that shows the channel, if it’s DMR, etc.

Everything is connected to a different pin of the MCU, so yes, I need to modify and recompile the OpenGD77 source code anyway. But also I need to manually patch the binary I compile to add the codec sections (or maybe I’ll just modify the codec_bin_section_1/2.bin files so the compiled firmware.bin contains them before codec_cleaner deletes them). Also I need to add the GD77S bootloader at the start (for the firmware to boot properly), and the signature bytes at the end (maybe this is only necessary the first time.

Maybe I’m missing something or doing something I don’t need to. I’m learning all this as I go (in the past I’ve only programmed in C, I had no knowledge about bootloaders, etc).

VK3KYY
Posts: 5122
Joined: Sat Nov 16, 2019 3:25 am
Location: Melbourne, Australia
Contact:

Re: How does one start porting the fw to another platform?

Post by VK3KYY » Thu Oct 20, 2022 5:45 am

If you are replacing the bootloader with a GD77 or GD77S patched bootloader, than you can just use the OpenGD77 CPS to upload the firmware, because it will think the radio is a GD77 or GD77S depending on which bootloader you use.

No need to read the codec and patch anything.

EA5JAQ
Posts: 36
Joined: Thu Jul 16, 2020 6:08 am

Re: How does one start porting the fw to another platform?

Post by EA5JAQ » Thu Oct 20, 2022 5:57 am

The thing is SK1 and SK2 are not connected to the same pins (C7 and A13, and the GD77 has them at B1 and B9), so I won’t be able to enter DFU mode to use the CPS for loading the firmware.

That doesn’t really bother me, I can just load the firmware using SWD and then use the CPS for the codeplug, etc. as the USB connection will work when the actual firmware is loaded.

EA5JAQ
Posts: 36
Joined: Thu Jul 16, 2020 6:08 am

Re: How does one start porting the fw to another platform?

Post by EA5JAQ » Thu Oct 20, 2022 6:05 am

Another thing is bothering me is that the original USB cable for this radio has a USB to TTL converter chip inside. I think TYT/Retevis did this so you can’t use a regular cable, I hope it’s only a firmware thing and not that the USB hardware is different (as far as I know, the usb is directly connected to the MCU, isn’t it?). I’m trusting that with the OpenGD77 firmware inside, I won’t have problems with a regular USB cable to connect to the CPS, use the hotspot mode (hopefully), etc.

VK3KYY
Posts: 5122
Joined: Sat Nov 16, 2019 3:25 am
Location: Melbourne, Australia
Contact:

Re: How does one start porting the fw to another platform?

Post by VK3KYY » Thu Oct 20, 2022 7:16 am

EA5JAQ wrote:
Thu Oct 20, 2022 6:05 am
Another thing is bothering me is that the original USB cable for this radio has a USB to TTL converter chip inside. I think TYT/Retevis did this so you can’t use a regular cable, I hope it’s only a firmware thing and not that the USB hardware is different (as far as I know, the usb is directly connected to the MCU, isn’t it?). I’m trusting that with the OpenGD77 firmware inside, I won’t have problems with a regular USB cable to connect to the CPS, use the hotspot mode (hopefully), etc.
If the cable has a USB to serial, then its not connecting to the USB pins on the MCU, and the GD77 etc bootloader's will not work.

The USB pins on the MK22 only accept USB, they can not be programmed to accept serial data, so the hardware of the radio must be connecting the sockets on the side of the radio to other pins on the MCU.

Either you need to install a bootloader that uses those serial pins, or you modify the hardware so that it has a USB connector.

IMO, attaching wires to add a USB connector is easier.

I recommend you change the linker file and put the application at 0x00000000, and flash it via SWD.
In which case you will also need to make the 2 codec section bin files, to replace the dummy files, and use the direct output from the build process, and not the result of the codec cleaner exe, which clears anything in the 2 codec sections, so that none of the released files contain the AMBE codec.

EA5JAQ
Posts: 36
Joined: Thu Jul 16, 2020 6:08 am

Re: How does one start porting the fw to another platform?

Post by EA5JAQ » Thu Oct 20, 2022 7:33 am

For every solution I find, another problem comes up :cry:

I guess I'll have to start heating my soldering iron then...

About the bootloader, all I need it to do is start the firmware. I'm gonna be doing all the programming via SWD (that's easier for me than modifying the bootloader so it checks the appropiate SK1/2 pins), so I think there's no need to use the bootloader's firmware upgrade mode (correct me if I'm wrong). But still, I'll modify the hardware because even if I do the programming via SWD, I still need the USB for uploading the codeplug, calibration data, etc.

Thank you so much for your help, looks like this is gonna take hundreds of hours (first mapping the 100 MK22 pins and comparing them to the GD77/DM1801, then modifying and compiling the code, then modifying the hardware to get USB support, uploading the bootloader and firmware, and lots and lots of testing) but at least I'm learning lots of stuff on the way.

EA5JAQ
Posts: 36
Joined: Thu Jul 16, 2020 6:08 am

Re: How does one start porting the fw to another platform?

Post by EA5JAQ » Thu Oct 20, 2022 7:36 am

VK3KYY wrote:
Thu Oct 20, 2022 7:16 am
I recommend you change the linker file and put the application at 0x00000000, and flash it via SWD.
In which case you will also need to make the 2 codec section bin files, to replace the dummy files, and use the direct output from the build process, and not the result of the codec cleaner exe, which clears anything in the 2 codec sections, so that none of the released files contain the AMBE codec.
I'll check that out, thank you. So if I just put the application at 0x00000000 I don't need a bootloader?

Maybe if it's also possible to change the firmware's USB communication to whatever system my stock cable uses, I won't have to modify the hardware at all. I'll try to find out, but in the source code I see a lot of files about USB communication, so maybe this is too hard and it's not like changing from one pin to another. I'll investigate and see if it takes less effort to change the code or the hardware.

I've already made the 2 codec sections by copying them from my DM-1810 MCU ROM backup with the lastest beta.

Post Reply