SamyGO

Just got ULINK2-USB-JTAG-Emulator-ARM9-Cortex-Keil-Ulink-II-Debug-Adapter-ULINK-2 wich came with KEIL MDK411 software. Might anyone knows which processor type should be selected for D6000?
ARM7(little endian) should be ok? (ARM7TDMI-S based high-performance 32-bit RISC Microcontroller with Thumb extensions).

cat /proc/cpuinfo: Goal: to get flash dump (especially kernel)
Goal2: flash back right kernel to its place.

Problem: wrong kernel flashed and system doesn`t boot at all.

Might goals are mission impossible, haven`t connected cable to board yet, trying to understand software/configs...

P.s. might if becomme growing, will move to separate topic.

juuso wrote:Just got ULINK2-USB-JTAG-Emulator-ARM9-Cortex-Keil-Ulink-II-Debug-Adapter-ULINK-2 wich came with KEIL MDK411 software. Might anyone knows which processor type should be selected for D6000?
ARM7(little endian) should be ok? (ARM7TDMI-S based high-performance 32-bit RISC Microcontroller with Thumb extensions).

cat /proc/cpuinfo:

Code: Select all

Processor	: ARMv7 Processor rev 1 (v7l)
BogoMIPS	: 1196.03
Features	: swp half thumb fastmult vfp edsp neon vfpv3 
CPU implementer	: 0x41
CPU architecture: 7
CPU variant	: 0x2
CPU part	: 0xc09
CPU revision	: 1

Hardware	: Samsung SDP1001 Evaluation board
Revision	: 0000
Serial		: 0000000000000000

Goal: to get flash dump (especially kernel)
Goal2: flash back right kernel to its place.

Problem: wrong kernel flashed and system doesn`t boot at all.

Might goals are mission impossible, haven`t connected cable to board yet, trying to understand software/configs...

P.s. might if becomme growing, will move to separate topic.

don't trust /proc/cpuinfo if the kernel comes from korea....
just try normal armv7 cpu then i guess samsung don't mount really the components what they announce...

What is on-chip flash type?

sbav1?

juuso wrote:Just got ULINK2-USB-JTAG-Emulator-ARM9-Cortex-Keil-Ulink-II-Debug-Adapter-ULINK-2 wich came with KEIL MDK411 software. Might anyone knows which processor type should be selected for D6000?
ARM7(little endian) should be ok? (ARM7TDMI-S based high-performance 32-bit RISC Microcontroller with Thumb extensions).

C-Series/D-Series ARM core is Cortex-A8 (or perhaps Cortex-A9 in D-Series ?) == ARMv7 architecture. ARM7TDMI core was much older & simpler (ARMv4 architecture)..
Original Keil ULINK2 JTAG adapter supported ARM core list looks somehow limited to me (ARM7/ARM9/Cortex-M cores). Will it work with SDP1001 JTAG interface? I dunno.. maybe (at least on physical level).

Re: on-chip flash type: we don't even know if there is any on-chip flash in SDP1001 (ARM CPU may be starting from OneNAND boot block / 1kB BootRAM directly).
In general, OneNAND access (dumping/flashing) is tricky. Two methods I'm aware of:
1) Via JTAG boundary scan: really hard to figure out if there are no manufacturer specs available (SDP1001 is quite complex SoC, with great many pins/pads, and many internal CPU cores/subsystems). Doesn't look very promising - unless we can obtain detailed documentation somehow. Old-fashioned industrial espionage, perhaps
2) Use JTAG to load and run some specially crafted ARM code for re-flashing, using built-in chip controllers/external access capabilities. Those controllers are chip specific, too, but potentially much easier to figure out (we have U-Boot sources for B-Series, with OneNAND access code included, that should be a good start). Often, such code is already present in flash or BootROM, left out as backdoor/service/emergency access method. I remember there was one extra flash partition (at least in B/C-Series) with some OneNAND-related code on it; I wonder what is it exactly for?

For some devices, there are hidden/undocumented built-in auxiliary hardware interfaces for booting/flashing.. Interesting fact: all ARM-based B/C/D-Series mainboards I've seen so far have two test pads directly under OneNAND chips. I find that a little suspicious .

I can't find any datasheet for KFG1GN6W2D used in D-series (?), and it doesn't follow Samsung own naming scheme; WTF is this kitty??
In B/C-Series they were using generic Samsung-made flex-OneNANDs (SLC + MLC), with detailed specs/datasheets easily available. No built-in 2-wire interface of any kind mentioned in the datasheets, though. So, what are those two pads used for?

sbav, doesn't all OneNANDs are compatible each other for programming and reading? (Except mhz and voltage levels) I thought un-soldering chip and re-programming is possible if chip re-balled after... ( Or using compatible chip )

erdem_ua wrote:sbav, doesn't all OneNANDs are compatible each other for programming and reading?

AFAIK, no. Most of them are similar (more or less), but important details tend to differ from chip to chip.

EDIT: In D6XXX training manual, there is KFG1G16U2D mentioned (SLC, 128MB) , datasheet for this one easier to find.

Do similar devices exist for Mips?

First impression: "Communication to Jtag device failed".
It saidn`t "Jtag device not found". which i get if TV is off, but seems either jtag is disabled on mainboard or here are some specific connection data needed.