STM32 + Gotek floppy emulator

teevee
Posts: 3
Joined: Wed Mar 01, 2017 6:15 am

STM32 + Gotek floppy emulator

Post by teevee » Wed Mar 01, 2017 12:04 pm

Hi folks,

I´m new here and I am not sure if ST-link can solve my problem as I don’t 100 % understand the function. I will try explaining what I want to do. I recently bought two x Gotek floppy emulator from China from two different sellers. The hardware is 100 % identical, but the firmware is different.

I would like to use be able to copy or duplicate the firmware content from one of the devices and overwrite the other, so they have identical firmware.
Image

Gotek floppy emulator uses Cortex-m3 stm32f105RBT6 and I think both are with read-out protection enabled as I’m forced to “erase” before I can read.

Can this ST-link device solve my devices or do I need to look in another direction?

vargham
Posts: 18
Joined: Thu Jan 26, 2017 3:49 pm

Re: STM32 + Gotek floppy emulator

Post by vargham » Wed Mar 01, 2017 12:28 pm

You can not read out the firmware.

User avatar
BennehBoy
Posts: 420
Joined: Thu Jan 05, 2017 8:21 pm
Location: Yorkshire
Contact:

Re: STM32 + Gotek floppy emulator

Post by BennehBoy » Wed Mar 01, 2017 12:36 pm

Does the supplier provide a firmware updater?
-------------------------------------
https://github.com/BennehBoy

teevee
Posts: 3
Joined: Wed Mar 01, 2017 6:15 am

Re: STM32 + Gotek floppy emulator

Post by teevee » Wed Mar 01, 2017 1:13 pm

vargham wrote:You can not read out the firmware.
I have no interest in seeing the source code. I just want the content copied from device A to device B, so both are identical.
BennehBoy wrote:Does the supplier provide a firmware updater?
The supplier/seller did not provide any firmware updater.

vargham
Posts: 18
Joined: Thu Jan 26, 2017 3:49 pm

Re: STM32 + Gotek floppy emulator

Post by vargham » Wed Mar 01, 2017 2:39 pm

teevee wrote:I think both are with read-out protection enabled
If it's true, you can not read out firmware. This is the meaning of the read-out protection. ;-)
http://www.st.com/content/ccc/resource/ ... 186528.pdf

You can try to crack this protection. Make a Google search!
One hit from the first page:
http://www.cl.cam.ac.uk/~sps32/mcu_lock.html

User avatar
BennehBoy
Posts: 420
Joined: Thu Jan 05, 2017 8:21 pm
Location: Yorkshire
Contact:

Re: STM32 + Gotek floppy emulator

Post by BennehBoy » Wed Mar 01, 2017 4:46 pm

It may be worth looking at this (muted, the music is annoying)

https://www.youtube.com/watch?v=xyDohCioKPg
-------------------------------------
https://github.com/BennehBoy

User avatar
RogerClark
Posts: 7172
Joined: Mon Apr 27, 2015 10:36 am
Location: Melbourne, Australia
Contact:

Re: STM32 + Gotek floppy emulator

Post by RogerClark » Wed Mar 01, 2017 8:36 pm

The STM32 has strong firmware readback protection to stop counterfeiter reading the firmware binary file and putting it into their cloned products.

Extracting the firmware from inside the chip is not an option for hobbyists, and is basically uneconomic for virtually anyone else.

If the board is obsolete, your best bet is to approach the manufacturer and see if they will see you the binary firmware file.

victor_pv
Posts: 1681
Joined: Mon Apr 27, 2015 12:12 pm

Re: STM32 + Gotek floppy emulator

Post by victor_pv » Thu Mar 02, 2017 2:52 pm

RogerClark wrote:The STM32 has strong firmware readback protection to stop counterfeiter reading the firmware binary file and putting it into their cloned products.

Extracting the firmware from inside the chip is not an option for hobbyists, and is basically uneconomic for virtually anyone else.

If the board is obsolete, your best bet is to approach the manufacturer and see if they will see you the binary firmware file.
There are 2 possible options though. The flash can be read by the code running in the MCU itself, so you can try finding a portion of flash that's not used (difficult since you can't read it, but if you someway know how big is the software running in the MCU, then you know what's free) , then compile a flash dumper sketch to that address, write it there (you can write with readout protection, you just can't read or verify), then execute it by forcing the PC to the start address.
Another option, which I tried to test but didn't get it right, was to compile such sketch to run from RAM, upload it to RAM (st-link or j-link can do that), then reboot the MCU with the boot pins set for boot from RAM.

User avatar
RogerClark
Posts: 7172
Joined: Mon Apr 27, 2015 10:36 am
Location: Melbourne, Australia
Contact:

Re: STM32 + Gotek floppy emulator

Post by RogerClark » Thu Mar 02, 2017 8:48 pm

Victor, I like the idea of dumping the code simply by uploading and running from ram, but I suspect that STM would have thought of that possibility.
You may find you cant upload to RAM at all with read protection enabled.

I am not sure if you can even upload to empty pages of flash with read protection enabled.It may be possible via swd but not by the bootloaoder.

Also, I dont think you can alter the registers e.g. the PC when read protection is enabled, in fact most SWD functions are disabled.
The trick where you change the PC address, works on some chips, including the Nordic nRF51822, but I tried it on the STM32 a few months ago, and it does not work.

Actually, what I tried was setting the PC and then single stepping in the debugger, and I know that does not work. But I cant recall if you can set the PC and then perhaps run from that location.


I guess if you manage to install some code that dumps the flash via serial, and put it in the top page of flash, ( if its possible to write to that area of flash), you may be able to get the code to crash and execute the dumping code, but it seems unlikely.

User avatar
ahull
Posts: 1630
Joined: Mon Apr 27, 2015 11:04 pm
Location: Sunny Scotland
Contact:

Re: STM32 + Gotek floppy emulator

Post by ahull » Thu Mar 02, 2017 10:17 pm

There may be another option of course... namely writing or adapting existing code, for example -> https://github.com/keirf/FlashFloppy and -> https://hackaday.com/2013/11/26/raspber ... ppy-drive/

... and here .... -> https://cortexamigafloppydrive.wordpress.com/
- Andy Hull -

Post Reply