There is a need to write into each LBA on the disk using SCSI CDB. Here i have constructed a while/for loop for writing into each LBA. I am using 10 byte CDB .
How do i represent 32 bit LBA so that it iterates from LBA 0 to Maximun LBA . What should be the data Tranfer lenght if i am planning to write on each LBA . Each LBA size 512 bytes.
for(i=0;i<=max_lba;i++)
{
ccb->cam_flags = DATA_OUT;
ccb->cdb[0] = 0x2A; /* 0x2A SCSI Opcode for write 10 CDB */
ccb->cdb[1] = 0;
ccb->cdb[2] = ?? ( LBA )
ccb->cdb[3] = ?? ( LBA )
ccb->cdb[4] = ?? ( LBA )
ccb->cdb[5] = ?? ( LBA )
ccb->cdb[6] = 0;
ccb->cdb[7] = ?? /* Data Transfer Length */
ccb->cdb[8] = ?? /* Data Transfer Length */
ccb->cdb[9] = 0;
ccb->ccb_address = (long)ccb;
ptr_data = (byte *)(buffer + ccb->data_buf_ptr);
data_pattern = i + (i << 4);
buffer[ccb->data_buf_ptr ] = data_pattern;
}
Assign the lba similar to this (but note that it will be really slow if you are going to write all of a large drive ... so it would be better if you write a large number of blocks, perhaps 1MB then adjust the next LBA accordingly).
cdb[2] = (i & 0xFF000000) >> 24;
cdb[3] = (i & 0xFF0000) >> 16;
cdb[4] = (i & 0xFF00) >> 8;
cdb[5] = (i & 0xFF);
For the above, set the number of blocks to 1:
cdb[7] = 0;
cdb[8] = 1;
Again, you will be waiting all day for a large drive so make the changes to write a large number of blocks in each iteration of the loop.
Related
My reference are:
Writing a WebSocket server in Java
Base Framing Protocol
Why the first byte 129 represent FIN, RSV1, RSV2, RSV3, and Opcode?
My expected result are:
The first byte is the FIN / 1 bit, RSV1 / 1 bit, RSV2 / 1 bit, RSV3 / 1 bit, Opcode / 1 bit, Mask / 1 bit. Total 9 bits.
The second byte is the Payload length. Total 7 bits.
My actual result are:
The first byte represent FIN, RSV1, RSV2, RSV3, and Opcode.
The second byte represent the Payload length.
Just to illustrate a bit.
First Byte:
Leftmost bit is the fin-bit rightmost 4 bits represents the opcode,
in this case 1=text
10000001
Second Byte:
Leftmost bit indicates if data is masked remaining seven indicate the length
10000000 here the lenght is zero
11111101 here the lenght is exactly 125
11111110 here the lenght indicator is 126 therefor the next two bytes will give you the length followed by four bytes for the mask-key
11111111 here the lenght indicator is 127 therefor the next eight bytes will give you the length followed by four bytes for the mask-key
After all this follows the masked payload.
ADDED 2021-07-19
To extract information like opcode and length, you have to apply some bit operations on the given bytes.
Below is an extraction from
https://github.com/napengam/phpWebSocketServer/blob/master/server/RFC6455.php to show how the server decodes a frame.
public function Decode($frame) {
// detect ping or pong frame, or fragments
$this->fin = ord($frame[0]) & 128;
$this->opcode = ord($frame[0]) & 15;
$length = ord($frame[1]) & 127;
if ($length <= 125) {
$moff = 2;
$poff = 6;
} else if ($length == 126) {
$l0 = ord($frame[2]) << 8;
$l1 = ord($frame[3]);
$length = ($l0 | $l1);
$moff = 4;
$poff = 8;
} else if ($length == 127) {
$l0 = ord($frame[2]) << 56;
$l1 = ord($frame[3]) << 48;
$l2 = ord($frame[4]) << 40;
$l3 = ord($frame[5]) << 32;
$l4 = ord($frame[6]) << 24;
$l5 = ord($frame[7]) << 16;
$l6 = ord($frame[8]) << 8;
$l7 = ord($frame[9]);
$length = ( $l0 | $l1 | $l2 | $l3 | $l4 | $l5 | $l6 | $l7);
$moff = 10;
$poff = 14;
}
$masks = substr($frame, $moff, 4);
$data = substr($frame, $poff, $length); // hgs 30.09.2016
$text = '';
$m0 = $masks[0];
$m1 = $masks[1];
$m2 = $masks[2];
$m3 = $masks[3];
for ($i = 0; $i < $length;) {
$text .= $data[$i++] ^ $m0;
if ($i < $length) {
$text .= $data[$i++] ^ $m1;
if ($i < $length) {
$text .= $data[$i++] ^ $m2;
if ($i < $length) {
$text .= $data[$i++] ^ $m3;
}
}
}
}
return $text;
}
In https://github.com/napengam/phpWebSocketServer/blob/master/phpClient/websocketCore.php you will find encode and decode for the client.
I am making a USB Bootloader for PIC24FJ. I am now in the process of writing to flash memory the application code hex file through a software and without using ICD3. After downloading the application code hex file, I checked the program memory of the PIC using the PIC Memory Views of MPLAB Window Toolbar, and this is what it looks like. PIC24_BOOT_APP_VECTOR_AREA As you can see in the picture, the opcode is not continuously written in every address. It alternates with 000000.
Also I compared the opcodes of the downloaded app code using the bootloader, to the application code without using the bootloader. I have found out that there are data in the opcodes that are not present in the application alone. Attached are the photos. Application_Code_Alone_User_Area, PIC24_Boot_App_User_Area This may create a problem in jumping to the application.
Below is my code for storing data in the buffer and writing to flash memory. (I use single word programming for flash)
#define WRITE_FLASH_BLOCK_SIZE 0x04
#define USER_MEM_START_ADDRESS 0x004002
unsigned long rxBuff[60];
int rxIndexer;
int xfer;
lineStart = rxBuff[ 0 ];
positionAddress = (rxBuff[ 2 ] << 8) + (rxBuff[ 3 ]); // THIS IS THE ADDRESS WHERE THE DATA SHOULD BE ADDRESSED
numberOfData = rxBuff[ 1 ]; // THIS IS THE TOTAL NUMBER OF DATA RECEIVED IN THE STREAM
recordType = rxBuff[ 4 ];
rxIndexer = 5; //Start of data index in a INTEL Hex file format
for(xfer = 0; xfer < numberOfData; xfer += WRITE_FLASH_BLOCK_SIZE) // THIS SECTION CONTAINS THE PROCESS OF COMBINING THE INFORMATION
{ // FROM THE DATA STREAM TO THIS FORMAT - 0x00AA, 0xBBCC
rxBuff[rxIndexer] = ((rxBuff[START_OF_DATA_INDEX + xfer]) &0x00FF);
rxBuff[rxIndexer] |= ((rxBuff[START_OF_DATA_INDEX + xfer + 1] << 8) &0xFF00); //end of lower word
rxIndexer++;
rxBuff[rxIndexer] = ((rxBuff[START_OF_DATA_INDEX + xfer + 2]) &0x00FF); //start of upper byte
rxBuff[rxIndexer] |= ((0x00 << 8) & 0xFF00); // phantom byte (0x00)
rxIndexer++;
}
if(lineStart == ':')
{
if(recordType == 0x00 && data_checksum == 0)
{
for(xfer = 0; xfer < numberOfData; xfer += 2)
{
FlashWrite_Word(programAddress + positionAddress, rxBuff[5 + xfer], rxBuff[5 + xfer + 1]);
positionAddress += 2;
}
}
else if(recordType == 0x04 && data_checksum == 0)
{
programAddress = USER_MEM_START_ADDRESS;
}
else if( recordType == END_OF_FILE_RECORD)
{
jumpTo_App();
}
I am working with a micro controller which calculates the CRC32 checksum of data I upload to it's flash memory on the fly. This can in turn be used to verify that the upload was correct, by verifying the resulting checksum after all data is uploaded.
The only problem is that the Micro Controller reverses the bit order of the input bytes when it's run through the otherwise standard crc32 calculation. This in turn means I need to reverse every byte in the data on the programming host in order to calculate the CRC32 sum to verify. As the programming host is somewhat constrained, this is quite slow.
I figure that if it's possible to modify the CRC32 lookuptable so I can do the lookup without having to reverse the bit order, the verification algorithm would run many times faster. But I seem unable to figure out a way to do this.
To clarify the byte reversal, I need to change the input bytes following way:
01 02 03 04 -> 80 40 C0 20
It's a lot easier to see the reversal in binary representation of course:
00000001 00000010 00000011 00000100 ->
10000000 01000000 11000000 00100000
Edit
Here is the PoC Python code I use to verify the correctness of the CRC32 calculation, however this reverses each byte (a.e the slow way).
EDIT2
I've also included my failed attempt to generate a permutated lookup table, and using a standard LUT CRC32 algorithm.
The code spits out the correct reference CRC value first, and then the wrong LUT calculated CRC afterwards.
import binascii
CRC32_POLY = 0xEDB88320
def reverse_byte_bits(x):
'''
Reverses the bit order of the giveb byte 'x' and returns the result
'''
x = ((x<<4) & 0xF0)|((x>>4) & 0x0F)
x = ((x<<2) & 0xCC)|((x>>2) & 0x33)
x = ((x<<1) & 0xAA)|((x>>1) & 0x55)
return x
def reverse_bits(ba, blen):
'''
Reverses all bytes in the given array of bytes
'''
bar = bytearray()
for i in range(0, blen):
bar.append(reverse_byte_bits(ba[i]))
return bar
def crc32_reverse(ba):
# Reverse all bits in the
bar = reverse_bits(ba, len(ba))
# Calculate the CRC value
return binascii.crc32(bar)
def gen_crc_table_msb():
crctable = [0] * 256
for i in range(0, 256):
remainder = i
for bit in range(0, 8):
if remainder & 0x1:
remainder = (remainder >> 1) ^ CRC32_POLY
else:
remainder = (remainder >> 1)
# The correct index for the calculated value is the reverse of the index
ix = reverse_byte_bits(i)
crctable[ix] = remainder
return crctable
def crc32_revlut(ba, lut):
crc = 0xFFFFFFFF
for x in ba:
crc = lut[x ^ (crc & 0xFF)] ^ (crc >> 8)
return ~crc
# Reference test which gives the correct CRC
test = bytearray([1, 2, 3, 4, 5, 6, 7, 8])
crcrev = crc32_reverse(test)
print("0x%08X" % (crcrev & 0xFFFFFFFF))
# Test using permutated lookup table, but standard CRC32 LUT algorithm
lut = gen_crc_table_msb()
crctst = crc32_revlut(test, lut)
print("0x%08X" % (crctst & 0xFFFFFFFF))
Does anyone have any hints to how this could be done?
By reversing the logic of which way the crc "streams", the reverse in the main calculation can be avoided. So instead of crc >> 8 there would be crc << 8 and instead of XORing with the bottom byte of the crc for the LUT index we take the top. Like this:
def reverse_dword_bits(x):
'''
Reverses the bit order of the given dword 'x' and returns the result
'''
x = ((x<<16) & 0xFFFF0000)|((x>>16) & 0x0000FFFF)
x = ((x<<8) & 0xFF00FF00)|((x>>8) & 0x00FF00FF)
x = ((x<<4) & 0xF0F0F0F0)|((x>>4) & 0x0F0F0F0F)
x = ((x<<2) & 0xCCCCCCCC)|((x>>2) & 0x33333333)
x = ((x<<1) & 0xAAAAAAAA)|((x>>1) & 0x55555555)
return x
def gen_crc_table_msb():
crctable = [0] * 256
for i in range(0, 256):
remainder = i
for bit in range(0, 8):
if remainder & 0x1:
remainder = (remainder >> 1) ^ CRC32_POLY
else:
remainder = (remainder >> 1)
# The correct index for the calculated value is the reverse of the index
ix = reverse_byte_bits(i)
crctable[ix] = reverse_dword_bits(remainder)
return crctable
def crc32_revlut(ba, lut):
crc = 0xFFFFFFFF
for x in ba:
crc = lut[x ^ (crc >> 24)] ^ ((crc << 8) & 0xFFFFFFFF)
return reverse_dword_bits(~crc)
I'm trying to read byte per byte from the RX FIFO, that's 8 bytes deep.
The problem is that when the first byte is received, I have to wait for 8 other bytes to finally get the first byte on U1RXREG.
I'd like to know how to perform some dummy reads on the FIFO to access a particuar byte and "flush" it. Simply putting U1RXREG in an array doesn't do the trick.
Here's my initialization :
void UART_Initialize(void)
{
// SIDL: Stop in Idle Mode bit : 1 = Discontinue module operation when the device enters Idle mode
U1MODEbits.SIDL = 0;
// IREN: IrDA Encoder and Decoder Enable bit : 0 = IrDA is disabled
U1MODEbits.IREN = 0;
// RTSMD: Mode Selection for UxRTS Pin bit : 0 = UxRTS pin is in Flow Control mode
U1MODEbits.RTSMD = 0;
// UEN<1:0>: UARTx Enable bits : 10 = UxTX, UxRX, UxCTS and UxRTS pins are enabled and used
U1MODEbits.UEN1 = 1;
U1MODEbits.UEN0 = 0;
// WAKE: Enable Wake-up on Start bit Detect During Sleep Mode bit : 0 = Wake-up disabled
U1MODEbits.WAKE = 0;
// LPBACK: UARTx Loopback Mode Select bit : 0 = Loopback mode is disabled
U1MODEbits.LPBACK = 0;
// ABAUD: Auto-Baud Enable bit : 0 = Baud rate measurement disabled or completed
U1MODEbits.ABAUD = 0;
// RXINV: Receive Polarity Inversion bit : 0 = UxRX Idle state is ‘1’
U1MODEbits.RXINV = 0;
// BRGH: High Baud Rate Enable bit : 0 = Standard Speed mode – 16x baud clock enabled
U1MODEbits.BRGH = 0;
// PDSEL<1:0>: Parity and Data Selection bits : 01 = 8-bit data, even parity
U1MODEbits.PDSEL1 = 0;
U1MODEbits.PDSEL0 = 1;
// STSEL: Stop Selection bit : 0 = 1 Stop bit
U1MODEbits.STSEL = 0;
// ADM_EN: Automatic Address Detect Mode Enable bit : 0 = Automatic Address Detect mode is disabled
U1STAbits.ADM_EN = 0;
// UTXISEL<1:0>: TX Interrupt Mode Selection bits : 00 = Interrupt is generated and asserted while the transmit buffer contains at least one empty space
U1STAbits.UTXISEL1 = 0;
U1STAbits.UTXISEL0 = 0;
// UTXINV: Transmit Polarity Inversion bit : 0 = UxTX Idle state is ‘1’ (with IrDA disbled)
U1STAbits.UTXINV = 0;
// URXEN: Receiver Enable bit : 1 = UARTx receiver is enabled. UxRX pin is controlled by UARTx (if ON = 1)
U1STAbits.URXEN = 1;
// UTXBRK: Transmit Break bit : 0 = Break transmission is disabled or completed
U1STAbits.UTXBRK = 0;
// URXISEL<1:0>: Receive Interrupt Mode Selection bit : 00 = Interrupt flag bit is asserted while receive buffer is not empty (i.e., has at least 1 data character)
U1STAbits.URXISEL1 = 0;
U1STAbits.URXISEL0 = 0;
// ADDEN: Address Character Detect bit (bit 8 of received data = 1) : 0 = Address Detect mode is disabled
U1STAbits.ADDEN = 0;
// Baud Rate Calculation :
// FPB = 10MHz ; Desired Baud Rate = 9600 bauds
// => U1BRG = FPB/(16*BaudRate)-1 = 64 (error = 0,16%)
U1BRG = 64;
// Enable UART RX interrupts
//IEC1bits.U1RXIE = 1;
// Enable UART
// ON: UARTx Enable bit : 1 = UARTx is enabled. UARTx pins are controlled by UARTx as defined by the UEN<1:0> and UTXEN control bits.
U1MODEbits.ON = 1;
// UTXEN: Transmit Enable bit : 1 = UARTx transmitter is enabled. UxTX pin is controlled by UARTx (if ON = 1).
U1STAbits.UTXEN = 1;
}
For the moment I tried reading like this, in the while(1) loop, without success :
while (1)
{
uint8_t rxbyte[8];
bool b;
//if (U1STAbits.URXDA == 1)
while(!U1STAbits.URXDA);
rxbyte[0] = U1RXREG;
rxbyte[1] = U1RXREG;
rxbyte[2] = U1RXREG;
rxbyte[3] = U1RXREG;
rxbyte[4] = U1RXREG;
rxbyte[5] = U1RXREG;
rxbyte[6] = U1RXREG;
rxbyte[7] = U1RXREG;
sprintf(s, "I received : %u %u %u %u %u %u %u %u\n\r", rxbyte[0], rxbyte[1], rxbyte[2], rxbyte[3], rxbyte[4], rxbyte[5], rxbyte[6], rxbyte[7]);
myPrint(s);
IFS1bits.U1RXIF = 0;
}
The 8 bytes in rxbytes[] are always the same. I tried to clear the RX interrupt flag between the reads, reading URXDA also between the reads, add a delay, still no success, I still have to wait for 8 incoming bytes to access the first one.
Thanx in advance for your help !
Best regards.
Eric
I finally found the solution : I had a double configuration, one by MCC and one by myself, and it seems that having the interruptions activated caused this. Now I switched the interrupts off and I simply poll URXDA, and everything works fine.
Sorry for bothering you guys !
You can use your original method too. The problem with your While(1) loop is that you check if there is "at least 1 byte in the hardware Rx buffer" ( U1STAbits.URXDA tells you as soon as 1 byte is availlable ). When 1 byte is availlable, then you read 8 bytes inside the loop... so of course you will get 8 identical bytes when there is only 1 byte in the buffer.
I recently saw a declaration of enum that looks like this:
<Serializable()>
<Flags()>
Public Enum SiteRoles
ADMIN = 10 << 0
REGULAR = 5 << 1
GUEST = 1 << 2
End Enum
I was wondering if someone can explain what does "<<" syntax do or what it is used for? Thank you...
The ENUM has a Flags attribute which means that the values are used as bit flags.
Bit Flags are useful when representing more than one attribute in a variable
These are the flags for a 16 bit (attribute) variable (hope you see the pattern which can continue on to X number of bits., limited by the platform/variable type of course)
BIT1 = 0x1 (1 << 0)
BIT2 = 0x2 (1 << 1)
BIT3 = 0x4 (1 << 2)
BIT4 = 0x8 (1 << 3)
BIT5 = 0x10 (1 << 4)
BIT6 = 0x20 (1 << 5)
BIT7 = 0x40 (1 << 6)
BIT8 = 0x80 (1 << 7)
BIT9 = 0x100 (1 << 8)
BIT10 = 0x200 (1 << 9)
BIT11 = 0x400 (1 << 10)
BIT12 = 0x800 (1 << 11)
BIT13 = 0x1000 (1 << 12)
BIT14 = 0x2000 (1 << 13)
BIT15 = 0x4000 (1 << 14)
BIT16 = 0x8000 (1 << 15)
To set a bit (attribute) you simply use the bitwise or operator:
UInt16 flags;
flags |= BIT1; // set bit (Attribute) 1
flags |= BIT13; // set bit (Attribute) 13
To determine of a bit (attribute) is set you simply use the bitwise and operator:
bool bit1 = (flags & BIT1) > 0; // true;
bool bit13 = (flags & BIT13) > 0; // true;
bool bit16 = (flags & BIT16) > 0; // false;
In your example above, ADMIN and REGULAR are bit number 5 ((10 << 0) and (5 << 1) are the same), and GUEST is bit number 3.
Therefore you could determine the SiteRole by using the bitwise AND operator, as shown above:
UInt32 SiteRole = ...;
IsAdmin = (SiteRole & ADMIN) > 0;
IsRegular = (SiteRole & REGULAR) > 0;
IsGuest = (SiteRole & GUEST) > 0;
Of course, you can also set the SiteRole by using the bitwise OR operator, as shown above:
UInt32 SiteRole = 0x00000000;
SiteRole |= ADMIN;
The real question is why do ADMIN and REGULAR have the same values? Maybe it's a bug.
These are bitwise shift operations. Bitwise shifts are used to transform the integer value of the enum mebers here to a different number. Each enum member will actually have the bit-shifted value. This is probably an obfuscation technique and is the same as setting a fixed integer value for each enum member.
Each integer has a binary reprsentation (like 0111011); bit shifting allows bits to move to the left (<<) or right (>>) depending on which operator is used.
For example:
10 << 0 means:
1010 (10 in binary form) moved with 0 bits left is 1010
5 << 1 means:
101 (5 in binary form) moved one bit to the left = 1010 (added a zero to the right)
so 5 << 1 is 10 (because 1010 represents the number 10)
and etc.
In general the x << y operation can be seen as a fast way to calculate x * Pow(2, y);
You can read this article for more detailed info on bit shifting in .NET http://www.blackwasp.co.uk/CSharpShiftOperators.aspx