|
|
Sansa Fuze+This page will summarize important things about the Sans Fuze+ firmware. See SansaFuzePlus for more information about the device and SbFileFormat for more information about the format of the firmware. All the content of this page specifically applies to the 1.30.01 firmware, although the majority of the information should apply to any firmware revision. This page uses a hierarchical structure: it is first divide in boot sections as extracted by the sbinfo tools. Then his section is divide in several subsection which correspond to the different elf files generated by the sbinfo tool. Boot processAn important side note is about the firmware.sb file. It is, indeed split into three sections. However, one can notice that each section ends with a "jump" (See SbFileFormat). This suggest that one of the boot stages uses the features of the call command to branch to the other sections. The last section might be involved in firmware updates.First boot section ("____")This section seems to be a kind of bootloader, in the sense that it does lots of initialization. In the code seems quite generic, having support for several kinds of drams, lcds, ...First elf fileThis first elf file mainly contains power initializations routines, probably to find the best power source. It also setup things like battery monitoring, brownout paths, ...Second elf fileThis second elf file mainly contains dram initializations routines. It probably detects the kind of dram attached, setup clocks, EMI, ...Third elf fileThis third elf file also does some dram initialization, as well as enable various clocks for peripheral likes CPU, SSP, GPMI, ...Fourth elf fileThe content of this file has been partially examined.Fifth elf fileThe content of this file has been partially examined. It to deal with lcd, debug uart, ssp and peripheral (clocks, dram, emi, ...). It probably has to do with the actual loading of the fuze+ OF. It might also been involved in firmware updates.Second boot section ("host")First elf fileThis part of the firmware seems to handle the connection to the host, in either USB MSC or MTP mode.Third boot section ("play")First elf fileThis file displays the video/logo that one can see at boot time (the sansa logo exploding into a flower). It's mainly a 3Mb raw video with some LCD code to display it. The video itself has 10 frames.Second elf fileThis is the actual OF.DisassemblyThe Fuze+ firmware is based on the ThreadX RTOS. As such, it implements the ThreadX API. As far as I have checked, this document perfectly matches the code found in the firmware: ThreadX User Guide. The firmware also happen to be particularly complicated, involving lots of threading, DPC (deferred procedure code), lots of indirect layers and callbacks, which suggest that the code is a complete RTOS and has not been developed for the Fuze+. -- AmauryPouly - 03 Dec 2010r9 - 02 Apr 2021 - 20:46:07 - UnknownUser
Copyright © by the contributing authors.
|