Genesis mode success

Pavel Roskin proski at
Sun Apr 27 22:57:55 EDT 2003


This is a followup to the old discussion about restoring cards damaged by
unsuccessful firmware download.  I have restored one of such cards.  This
information is not directly related to hostap, but I hope that the future
versions of the driver will provide similar functionality.

Hardware used - PC and a bridge with TI PCI1410PGE chip.  The TI chip is
connected by pin 134 to the SPKR pin on the PCMCIA bus.  See this document
(you need pin assignments for the 16-bit mode):

The cards with HFA3841 MAC chip that has no HCR register use the SPKR PIN
to enable genesis mode.  This pin should be connected to +5V during COR
reset to enable genesis mode.

I could trace the line from the pin 134 to the back of the card, which is
much easier and safer to touch by wires.  I took +5V from the pin 5 on
PCI, counting from the backplane (it's +5V on both sides).  I just removed
the isolation by the screwdriver and connected the points by a wire.

It was a long process with many gotchas.  Making the long story short, let
me just list the facts.

Use doskey with autocompletion.  It's a great time-saver under DOS:

DOS flash utility 0.5e is broken.  Don't use it.  It fails randomly.  Use
version 0.3b instead.  It's included into we110.exe:

However, you'll need flash 0.5e to dump PDA from a known good card.

Run legacy.exe first.  When it asks if you want to restart, answer "n".

Keep SPKR connected to +5V during the whole process.  It may be
unnecessary for some operations, but it won't prevent any operations in
DOS, so just stick it with duct tape or chewing gum or solder it.

Dump PDA from a good card of the same type using flash 0.5e:

flash5 -5v -pd good.pda

Using flash 0.3b, run following:

flash -5v -i i10003c0.hex
flash -5v -g -mp -p good.pda
flash -5v -g -d bromax5v.hex
flash -5v -g -d p10003c0.hex
flash -5v -g -d s1010409.hex

Remove the card and enjoy.  If you are going to boot Linux on the same
system, make sure to remove the connector from the SPKR pin.

The bad thing is that the card now identifies itself as BroMax.  Although
flash 0.5e can dump the CIS using the "-cd" switch, it cannot write is
back.  Frankly the dump doesn't even look like a valid CIS.  It should be
possible to convert the output of dump_cis from pcmcia-cs to an S3 file.

Pavel Roskin

More information about the HostAP mailing list