[Brmlab] Laser firmware
juca at members.fsf.org
Sun Dec 19 22:36:37 CET 2010
official documentation on the EZUSB (8051+USB) microcontroller in english:
Source code of a linux driver for a device that uses the same microcontroller:
(look at the function called keyspan_fake_startup - it is loading the
firmware just like we see in our usb sniffer log)
This Keyspan device also has the behaviour of changing deviceId after
I am absolutely sure that our initialization is valid 8051 code. Next
step is to study the ezusb documentation and implement some
experimental free firmware, yay!
Felipe "Juca" Sanches
On Sat, Dec 18, 2010 at 8:30 AM, Felipe Sanches <juca at members.fsf.org> wrote:
> Looking at the windows drivers provided by the manufacturer I can find the usbinit byte sequences inside the files Drivers/Lhloader.sys and DriversXP/Drivers/Lqloader.sys
> The match seems to be exact for the XP driver sys file. There are some minor differences in the other file (is that a driver for what version of Windows?)
> I guess that we may have some insight by looking at these differences... What do you think?
> Another thing that I've noticed is the presence of a file called EZUSB.SYS. By googling that I have found this interesting page:
> It mentions 8051 microcontrollers natively capable of USB communications. Sounds very similar to what we have in hands! And there seems to be some routines used to upload firmware to EZUSB in the linux sourcecode. So we may take a look at the kernel to see if the protocol implemented there matches the patterns in our usb sniffer log.
> Happy Hacking,
> Felipe Sanches
More information about the Brmlab