LeapFrog Pollux Platform: File Format CBF

From eLinux.org
Revision as of 15:27, 3 February 2012 by Jrspruitt (talk | contribs)
Jump to: navigation, search

Description

The LeapFrog Leapster Explorer and LeapPad Explorer both use the CBF file format for the kernel firmware and Surgeon. This is a rather basic format, that contains some summary information about the kernel, size, load address, etc. This information is all rather easy to obtain out of the file, with a hex editor. You can also extract the zImage or Image of the kernel if desired or use the python script in the LeapFrog Sources.


Programs

A list of programs/scripts that deal with CBF

<Sources>/scripts/make_cbf.py.

OpenLFConnect


Files

LeapPad

Surgeon.cbf

  • zImage (Compressed kernel)
  • initramfs
  • kernel_load 0x8000
  • kernel_jup 0x8000

Kernel.cbf

  • Image (Uncompressed kernel)
  • kernel_load 0x10000
  • kernel_jup 0x0000

Explorer

Surgeon.cbf

  • zImage (Compressed kernel)
  • initramfs
  • kernel_load 0x8000
  • kernel_jup 0x8000

Kernel.cbf

  • Image (Compressed kernel)
  • kernel_load 0x8000
  • kernel_jup 0x8000


File Structure

There are three basic components of the CBF file, the summary, the kernel image, and padding. The Summary occupies the first 20 bytes of the file, which is followed by the summary CRC checksum. Directly after this starts the kernel image, which can vary in size depending on the options compiled in. It is then followed by the kernel image CRC checksum. This concludes the data portion, the file is then filled with 0xFF bytes until it is aligned to 16384 byte blocks of data.

Summary Summary CRC Kernel Kernel CRC Padding
[0:3] [4:7] [8:11] [12:15] [16:19] [20:23] [24:K end] [K end+1:+4] [..EOF]
Magic Number CBF Version Kernel Load Kernel Jump Kernel Size CRC32 Checksum Kernel Image CRC32 Checksum 0xFF


make_cbf.py

Version 1

This version uses a compressed kernel (zImage) and it's kernel_boot and kernel_load addresses are 0x8000. This script, referenced in the latest make_surgeon.cbf as make_compressed_cbf.py (assuming, as its not in the sources) is used on the Explorer Surgeon and Kernel as well as the LeapPad Surgeon.

Version 2

This version uses an uncompressed kernel (Image) and it's kernel_boot and kernel_load addresses are 0x10000. The only CBF file this seems to be used on is the LeapPad kernel.

Usage The script graps the zImage or Image file, depending on version from <kernel>/arch/arm/boot/[Image|zImage] and wraps in with the CBF information, they use their own CRC routine in calculating the checksum. There is three options, of which only two look valid. -c deletes a previous kernel.cbf file, and -o specifies the output files name (default, kernel.cbf).