Skip to content

Latest commit

 

History

History
215 lines (137 loc) · 6.84 KB

proto_spi.md

File metadata and controls

215 lines (137 loc) · 6.84 KB
Raw

SPI 101 FAQ

Contents

What is SPI?

SPI stands for Serial Peripheral Interface.
SPI is an interface bus commonly used to send data between microcontrollers and small peripherals such as shift registers, sensors, and SD cards.

See short technical tutorial from SparkFun for some details.

What is the practical purpose and usage of SPI?

SPI is used in embedded devices for flash chips usually to store low-level boot stuff such as:

How to find SPI flash ship on PCB?

  • make visual inspection of a PCB(Printed Circuit Board)
  • locate a chip with dimensions around 5 mm x 5 mm and 8 pins
  • ???
  • PROFIT!

Winbond 25Q32BVSIG 1125

How to determine pinouts?

  • determine an exact model of a chip
  • find & read related datasheet
  • ???
  • PROFIT!

For example, from the picture above it's Winbond 25Q32BVSIG.
Approximate transcription of the name is:

  • Winbond - the name of a manufacturer
  • 25Q - the name of a line of a chip
  • 32 - the size of a flash chip (in MBytes)
  • VSIG - additional information (like encoded by a manufacturer package type and so on)

Hint: Use "o" mark on a chip as a starting point.

Winbond 25Q32BV datasheet pinout

How to determine suitable voltage?

It's 3.3 V usually. At least that voltage source should be used on the other end when some hardware debugging tool is connected to SPI.
However, it's always better just to make sure by looking through a datasheet again.

Winbond 25Q32BV datasheet voltage

So, for 25Q32BV it's from 2.7/3.0 to 3.6 V.

What is the physical meaning and purpose of each SPI pin?

Pins table

pin name other names
1 /CS !CE / CS / SS
2 DO SO / SDO / MISO
3 /WP !WP
4 GND
5 DI SI / SDI / MOSI
6 CLK SCK / SCLK
7 /HOLD !RST
8 VCC +V / VLK

Pins notes

  • 1 - /CS
    • chip select input: enables and disables device operation
    • slave select output: controls other SPI devices connected to the same bus
  • 2 - DO
    • data output: where data comes out (Master In/Slave Out)
  • 3 - /WP
    • write protect input: used to prevent the Status Register from being written
  • 4 - GND
  • 5 - DI
    • data input: where data comes in (Master Out/Slave In)
  • 6 - CLK
    • serial clock input: provides the timing for serial input and output operations
  • 7 - /HOLD
    • hold input: "pauses" device operation
  • 8 - VCC

Winbond 25Q32BV datasheet pinout table
Winbond 25Q32BV datasheet pinout info

How to dump SPI flash storage?

Software

Install flashrom.

Hardware

Get one of USB-to-SPI hardware tools:

Wiring

Connect related pins from a board to SPI chip in the following way:

                    +----------+
  CS pin | /CS  -~~-| o      8 |----  VCC | 3.3 voltage pin
MOSI pin |  DO  ->>-| 2      7 |---- /HOLD
           /WP  ----| 3      6 |-_-_  CLK |  CLK pin
 GND pin | GND  3>--| 4      5 |->>-  DI  |  MISO pin
                    +----------+

WARNINGS:

  • DO NOT CONNECT TO PINS OF SPI CHIP FROM MOTHERBOARD WHEN MOTHERBOARD IS POWERED ON
  • DO NOT CONNECT TO VOLTAGE PIN OF SPI CHIP FROM LAPTOP MOTHERBOARD WHEN BATTERY IS CONNECTED

Putting it all together

  • turn off a target device
  • disconnect any power source:
    • unplug AC adapter (if any)
    • disconnect battery (if applicable)
  • connect pins from debug board to SPI chip on target device according to the scheme above
  • plug in debug board to PC
  • run flashrom in dummy mode to verify wiring:
$ sudo flashrom -p HW_PROGRAMMER_NAME[:PARAMETERS]
  • run flashrom to dump memory (depending on hardware type it may required some time):
$ sudo flashrom -p HW_PROGRAMMER_NAME[:PARAMETERS] -r OUTPUT_FILE

What is the purpose of dumping SPI flash?

  • backup firmware
  • firmware research and development:
    • flashing
    • testing
    • debugging
    • analyzing
    • reverse engineering

How SPI flash image can be analyzed?