xref: /freebsd/contrib/file/magic/Magdir/tplink (revision 48c779cdecb5f803e5fe5d761987e976ca9609db) 
1
2#------------------------------------------------------------------------------
3# $File: tplink,v 1.4 2019/04/19 00:42:27 christos Exp $
4# tplink: File magic for openwrt firmware files
5
6# URL: https://wiki.openwrt.org/doc/techref/header
7# Reference: https://git.openwrt.org/?p=openwrt.git;a=blob;f=tools/firmware-utils/src/mktplinkfw.c
8# From: Joerg Jenderek
9# check for valid header version 1 or 2
100		ulelong		<3
11>0		ulelong		!0
12# test for header padding with nulls
13>>0x100		long		0
14# skip Norton Commander Cleanup Utility NCCLEAN.INI by looking for valid vendor
15>>>4		ubelong		>0x1F000000
16>>>>0		use		firmware-tplink
17
180		name		firmware-tplink
19>0		ubyte		x		firmware
20!:mime application/x-tplink-bin
21!:ext	bin
22# hardware id like 10430001 07410001 09410004 09410006
23>0x40		ubeshort	x		%x
24>0x42		ubeshort	x		v%x
25# hardware revision like 1
26>0x44		ubelong		!1		(revision %u)
27# vendor_name[24] like OpenWrt or TP-LINK Technologies
28>4		string		x		%.24s
29# fw_version[36] like r49389 or ver. 1.0
30>0x1c		string		x		%.36s
31# header version 1 or 2
32>0		ubyte		!1		V%X
33# ver_hi.ver_mid.ver_lo
34>0x98		long		!0		\b, version
35>>0x98		ubeshort	x		%u
36>>0x9A		ubeshort	x		\b.%u
37>>0x9C		ubeshort	x		\b.%u
38# region code 0~universal 1~US
39>0x48		ubelong		x
40#>>0x48		ubelong		0		(universal)
41>>0x48		ubelong		1		(US)
42>>0x48		ubelong		>1		(region %u)
43# total length of the firmware. not always true
44>0x7C		ubelong		x		\b, %u bytes or less
45# unknown 1
46>0x48		ubelong		!0		\b, UNKNOWN1 0x%x
47# md5sum1[16]
48#>0x4c		ubequad		x		\b, MD5 %llx
49#>>0x54		ubequad		x		\b%llx
50# unknown 2
51>0x5c		ubelong		!0		\b, UNKNOWN2 0x%x
52# md5sum2[16]
53#>0x60		ubequad		!0		\b, 2nd MD5 %llx
54#>>0x68		ubequad		x		\b%llx
55# unknown 3
56>0x70		ubelong		!0		\b, UNKNOWN3 0x%x
57# kernel load address
58#>0x74		ubelong		x		\b, 0x%x load
59# kernel entry point
60#>0x78		ubelong		x		\b, 0x%x entry
61# kernel data offset. 200h means direct after header
62>0x80		ubelong		x		\b, at 0x%x
63# kernel data length and 1 space
64>0x84		ubelong		x		%u bytes
65# look for kernel type (gzip compressed vmlinux.bin by ./compress)
66>(0x80.L)	indirect	x
67# root file system data offset
68# WRONG in 5.35 with above indirect expression
69>0x88		ubelong		x		\b, at 0x%x
70# rootfs data length and 1 space
71>0x8C		ubelong		x		%u bytes
72# in 5.32 only true for offset ~< FILE_BYTES_MAX=9 MB defined in ../../src/file.h
73>(0x88.L)	indirect	x
74# 'qshs' for wr940nv1_en_3_13_7_up(111228).bin
75#>(0x88.L)	string		x		\b, file system '%.4s'
76#>(0x88.L)	ubequad		x		\b, file system 0x%llx
77# bootloader data offset
78>0x90		ubelong		!0		\b, at 0x%x
79# bootloader data length only resonable if bootloader offset not null
80>>0x94		ubelong		!0		%u bytes
81# pad[354] should be 354 null bytes.
82#>0x9E		ubequad		!0		\b, padding 0x%llx
83# But at 0x120 18 non null bytes in examples like
84# wr940nv4_eu_3_16_9_up_boot(160620).bin
85# wr940nv6_us_3_18_1_up_boot(171030).bin
86#>0x120		ubequad		!0		\b, other padding 0x%llx
87