Problem in changing PDR

[Jouni Malinen]

On Fri, Feb 13, 2004 at 06:28:32PM -0500, Pavel Roskin wrote:

> The permanent solution would be to get the PDA, convert it to an S-Record
> by objcopy (make sure to set the starting address!), edit it and flash it.
> Then flash the secondary firmware.  Something like this (untested, no
> guarantee):
> 
> objcopy --input-format=binary --output-format=srec --srec-forceS3 \
>  --change-addresses=0x7f0000 /proc/net/hostap/wlan0/pda pda.hex

objcopy did not seem to read pda file in one read and this does not
currently work with the Host AP driver since I haven't bothered making
the procfs read handler for PDA support partial reads. Copying that file
first with something like dd should make that part work. However, I did
not test whether the end result can be used to upgrade the PDA
correctly.

> Less radical solutions don't require reflashing the PDA.  You can patch
> prism_srec to get PDA from a file and edit that file.  Or you can edit the
> secondary firmware, remove the PDR from it and apply the change to the
> firmware manually at the address that was pointed by the PDR.
> 
> I'm sorry if it sounds complicated.  This can be done by somebody with
> some scripting skills, understanding of S-Record format and Prism chipset.
> I hope prism2_srec will be modified to make it easier in the future.

CVS snapshot of prism2_srec has new options for dumping PDA in text
format and for overriding PDA for downloads (using either the same text
format or a binary file). Please note that changing PDA can cause
undesired results and this should not be done without understanding the
consequencies of the modifications.

-- 
Jouni Malinen                                            PGP id EFC895FA