Upgrading

The FPGA on the Screamer runs a binary program, called gateware (or bitstream). This gateware is stored on the onboard SPI Flash memory chip, and loaded at power-on.

To change the gateware (for example to update PCILeech to a newer version, or replace it by your own custom gateware), the SPI Flash memory should be reprogrammed with the procedure below:

1. Power the Screamer

Power the Screamer from the PCIe/M.2 connector !

_images/screamer_m2_r04_power.jpg

Note

The JTAG Serial cable alone does not power the Screamer !

The Screamer requires power from the PCIe/M.2 connector for all operations (programming or running PCILeech).

2. Connect the JTAG Cable

Connect the JTAG Cable to the Screamer, and to your computer.

Squirrel

-> For the Squirrel version, the external JTAG cable is not required, instead directly connect through the Update Port.

R03/R04

_images/screamer_m2_r04_jtag.jpg _images/pinout_short.png

Note

Make sure to respect the pinout and not to short circuit the pins with the PCIe adaptor boards or your PC motherboard underneath !!

3. Get OpenOCD and flashing scripts

You need OpenOCD and a proxy bitstream. The proxy bitstream will be programmed temporarily on the FPGA and used by OpenOCD to program the SPI Flash with your final gateware.

Precompiled OpenOCD archive

  • Windows: openocd-win.zip

    Unzip the content, it will create a “openocd” directory, with the executable file in “bin\openocd.exe”

  • Linux/Windows: For compiling your own OpenOCD, refer to the OpenOCD section.

Get Proxy and flashing scripts

Unzip the content, it will create a “flash_screamer” directory with this content:

$ ls flash_screamer/

bscan_spi_xc7a35t.bit
flash_screamer_squirrel.cfg
flash_screamer_r03_r04.cfg

4. Get the new gateware

Download a pre-built gateware from the official PCILeech GitHub:

Screamer version

PCILeech bitstream

Squirrel

PCILeech Squirrel

R03/R04 M.2/PCIe

PCILeech ScreamerM2

Put the gateware file inside the “flash_screamer” directory. Your “flash_screamer” directory will now look like this:

$ ls flash_screamer/

bscan_spi_xc7a35t.bit
flash_screamer_squirrel.cfg
flash_screamer_r03_r04.cfg
pcileech_screamer_m2_top.bin   [...or...]   pcileech_squirrel_top.bin

5. Run the flashing script

Note

For Windows, use Zadig as explained in “WinUSB driver for Windows” to associate the JTAG cable with the WinUSB driver.

  • Windows:

    For Windows, specify the path to the precompiled openocd.exe, for example:

>cd flash_screamer

>..\openocd\bin\openocd.exe -f flash_screamer_squirrel.cfg
   [...or...]
>..\openocd\bin\openocd.exe -f flash_screamer_r03_r04.cfg

  • Linux:

$ cd flash_screamer/

$ openocd -f flash_screamer_squirrel.cfg
   [...or...]
$ openocd -f flash_screamer_r03_r04.cfg

You will get the following output:

Open On-Chip Debugger 0.10.0+dev-01293-g7c88e76a-dirty (2020-07-02-19:28)
Licensed under GNU GPL v2
For bug reports, read
    http://openocd.org/doc/doxygen/bugs.html
Info : auto-selecting first available session transport "jtag". To override use 'transport select <transport>'.
Info : ftdi: if you experience problems at higher adapter clocks, try the command "ftdi_tdo_sample_edge falling"
Info : clock speed 10000 kHz
Info : JTAG tap: xc7.tap tap/device found: 0x0362d093 (mfg: 0x049 (Xilinx), part: 0x362d, ver: 0x0)
Info : JTAG tap: xc7.tap tap/device found: 0x0362d093 (mfg: 0x049 (Xilinx), part: 0x362d, ver: 0x0)
Info : Found flash device 'issi is25lp256d' (ID 0x0019609d)
Warn : device needs paging or 4-byte addresses - not implemented
Info : Found flash device 'issi is25lp256d' (ID 0x0019609d)
Warn : device needs paging or 4-byte addresses - not implemented
Info : Found flash device 'issi is25lp256d' (ID 0x0019609d)
Warn : device needs paging or 4-byte addresses - not implemented
Info : Found flash device 'issi is25lp256d' (ID 0x0019609d)
Warn : device needs paging or 4-byte addresses - not implemented
Info : sector 0 took 113 ms
Info : sector 1 took 108 ms
Info : sector 2 took 113 ms
Info : sector 3 took 116 ms
Info : sector 4 took 125 ms
Info : sector 5 took 114 ms
Info : sector 6 took 110 ms
Info : sector 7 took 98 ms
Info : sector 8 took 122 ms
Info : sector 9 took 118 ms
Info : sector 10 took 117 ms
Info : sector 11 took 114 ms
Info : sector 12 took 108 ms
Info : sector 13 took 102 ms
Info : sector 14 took 110 ms
Info : sector 15 took 92 ms
Info : sector 16 took 139 ms
Info : sector 17 took 105 ms
Info : sector 18 took 102 ms
Info : sector 19 took 104 ms
Info : sector 20 took 102 ms
Info : sector 21 took 104 ms
Info : sector 22 took 110 ms
Info : sector 23 took 112 ms
Info : sector 24 took 116 ms
Info : Found flash device 'issi is25lp256d' (ID 0x0019609d)
Warn : device needs paging or 4-byte addresses - not implemented
shutdown command invoked

Your board is flashed ! Remove the JTAG cable and reboot the target computer.

Note

“Warn : device needs paging or 4-byte addresses - not implemented” is NOT a problem.

“Warn : 4-byte addresses needed, might need extra command to enable” is NOT a problem.