Closer to reliable AVR glitching.

[goodfet] / client / GoodFETAVR.py

diff --git a/client/GoodFETAVR.py b/client/GoodFETAVR.py
index 97724ca..d950b53 100644 (file)
--- a/client/GoodFETAVR.py
+++ b/client/GoodFETAVR.py
@@ -23,7 +23,9 @@ class GoodFETAVR(GoodFET):
         0x9005: "tiny12",
         0x9006: "tiny15",
         0x9007: "tiny13",
+        0x9108: "tiny25",
         0x930B: "tiny85",
+        0x9206: "tiny45",
         
         0x9001: "S1200",
         
@@ -33,16 +35,22 @@ class GoodFETAVR(GoodFET):
         0x9103: "S2343",
         
         0x9201: "S4414",
-                0x9203: "S4433",
+        0x9203: "S4433",
         0x9202: "S4434",
         
         0x9301: "S8515",
         0x9303: "S8535",
         
         0x9305: "mega83",
+        0x930a: "mega88",
         0x9701: "mega103",
         0x9401: "mega161",
         0x9402: "mega163",
+        0x9406: "mega168",
+        
+        0x950f: "mega328",
+        0x950d: "mega325",
+        0x9508: "mega32"
         };
     
     def setup(self):
@@ -59,10 +67,62 @@ class GoodFETAVR(GoodFET):
     def start(self):
         """Start the connection."""
         self.writecmd(self.AVRAPP,0x20,0,None);
-
+    def glitchstart(self):
+        """Glitch into the AVR application."""
+        self.glitchVerb(self.AVRAPP,0x20,None);
+    def glitchstarttime(self):
+        """Measure the timer of the START verb."""
+        return self.glitchTime(self.AVRAPP,0x20,None);
+    def forcestart(self):
+        """Forcibly start a connection."""
+        
+        for i in range(0x880,0xfff):
+            #self.glitchVoltages(0x880, i);
+            self.start();
+            bits=self.lockbits();
+            print "At %04x, Lockbits: %02x" % (i,bits);
+            if(bits==0xFF): return;
+    def erase(self):
+        """Erase the target chip."""
+        self.writecmd(self.AVRAPP,0xF0,0,None);
+    def lockbits(self):
+        """Read the target's lockbits."""
+        self.writecmd(self.AVRAPP,0x82,0,None);
+        return ord(self.data[0]);
+    def setlockbits(self,bits=0x00):
+        """Read the target's lockbits."""
+        self.writecmd(self.AVRAPP,0x92,1,[bits]);
+        return self.lockbits();
+    
+    def eeprompeek(self, adr):
+        """Read a byte of the target's EEPROM."""
+        self.writecmd(self.AVRAPP,0x81 ,2,
+                      [ (adr&0xFF), (adr>>8)]
+                      );#little-endian address
+        return ord(self.data[0]);
+    def flashpeek(self, adr):
+        """Read a byte of the target's EEPROM."""
+        self.writecmd(self.AVRAPP,0x02 ,2,
+                      [ (adr&0xFF), (adr>>8)]
+                      );#little-endian address
+        return ord(self.data[0]);
+    def flashpeekblock(self, adr):
+        """Read a byte of the target's EEPROM."""
+        self.writecmd(self.AVRAPP,0x02 ,4,
+                      [ (adr&0xFF), (adr>>8) &0xFF, 0x80, 0x00]
+                      );
+        return self.data;
+    
+    def eeprompoke(self, adr, val):
+        """Write a byte of the target's EEPROM."""
+        self.writecmd(self.AVRAPP,0x91 ,3,
+                      [ (adr&0xFF), (adr>>8), val]
+                      );#little-endian address
+        return ord(self.data[0]);
+    
     def identstr(self):
         """Return an identifying string."""
-        self.writecmd(self.AVRAPP,0x83,0,None);
+        self.writecmd(self.AVRAPP,0x83,0, None);
         vendor=self.AVRVendors.get(ord(self.data[0]));
         deviceid=(ord(self.data[1])<<8)+ord(self.data[2]);
         device=self.AVRDevices.get(deviceid);
@@ -72,4 +132,4 @@ class GoodFETAVR(GoodFET):
         if device==None:
             device=("0x%04x" % deviceid);
         
-        return device;
+        return "%s %s" % (vendor,device);