# JTAG



## balanga (Mar 13, 2018)

I recently came across this post which suggested that Thinkpads  BIOS chips could be fully reprogrammed via JTAG, "Golden Finger" interfaces. 

Does anyone know what that means? My ThinkPad X61 never recovered from a BIOS update, and I don't really want to scrap it....

Maybe giving it the 'Golden Finger' treatment might revive it... Can anyone explain what it is?


----------



## sko (Mar 13, 2018)

JTAG in this context usually refers to a serial interface (SPI) used to (re-)flash EPROMs, PICs/PLCs, microcontrollers etc, usually via an external serial programmer.

Regarding your thinkpad, it seems any universal serial programmer is sufficient - this might be a bus pirate or Raspberry PI (or anything else with GPIO pins fast enough to emulate a serial interface). "SPI" might be the keyword you were missing for your search. E.g. this was one of the very first results for "thinkpad X60 SPI bios flash":
https://github.com/bibanon/Coreboot-ThinkPads/wiki/X60-T60-Hardware-Flashing


----------



## balanga (Mar 13, 2018)

Many thanks for the link.  I need to find a step by step guide on how to get started with JTAG - let's see what Youtube has to say on the subject.


----------



## tingo (Mar 13, 2018)

You could also revisit this thread: https://forums.freebsd.org/threads/openocd-and-jtag-adapters.46272/


----------



## balanga (Mar 14, 2018)

Thanks for the link.  If I decide to pursue this JTAG project can I use the same Bus Pirate for looking into my ThinkPad and my GoFlex Home?

BTW,  have you made any progress with your Dock Star?


----------



## sko (Mar 14, 2018)

balanga said:


> can I use the same Bus Pirate for looking into my ThinkPad and my GoFlex Home?


You can use it for far more than that 
The Bus Pirate is kind of an swiss army knife for microcontrollers and eveything that communicates over a bus. It supports various protocols out-of-the-box and used with various tools/libraries that add other protocols, functionalities or flash mechanisms (e.g. for AVR). The boot loader even allows modification of the firmware to extend or completely change its capabilities; e.g. to use it as a CAN transceiver. It can also act simply as a logic analyzer or bus sniffer to analyze unknown controllers and protocols, so it is a really valuable tool for hardware hacking.

The most thorough description and collection of links is probably the documentation page from DP: http://dangerousprototypes.com/docs/Bus_Pirate


----------



## tingo (Mar 14, 2018)

You always have to look out for the correct voltage; nowadays devices exists as 3.3 volts, 1.8 volts (not that common yet) in addition to the common 5 volts devices. Get the pin connections right, and you are mostly set, as long as your device under test doesn't speak a very rare dialect of protocol over that JTAG interface.


----------



## balanga (Mar 15, 2018)

sko said:


> You can use it for far more than that
> The Bus Pirate is kind of an swiss army knife for microcontrollers and eveything that communicates over a bus. It supports various protocols out-of-the-box and used with various tools/libraries that add other protocols, functionalities or flash mechanisms (e.g. for AVR). The boot loader even allows modification of the firmware to extend or completely change its capabilities; e.g. to use it as a CAN transceiver. It can also act simply as a logic analyzer or bus sniffer to analyze unknown controllers and protocols, so it is a really valuable tool for hardware hacking.
> 
> The most thorough description and collection of links is probably the documentation page from DP: http://dangerousprototypes.com/docs/Bus_Pirate



It sounds like I definitely need to discover Bus Pirate especially with my ThinkPad graveyard growing...

So, to start with I need to buy one. Is this the sort of thing I should get?  And do I need some cables like this ?


----------



## tingo (Mar 15, 2018)

Looks like the correct one. Be aware that you might need IC test clips like this for any soldered chips, if you plan on using the BP as a signal analyzer for in circuit monitoring.
Also, if you search for "jtag cable" you will find normal JTAG cables with connectors at both ends, if you need that.


----------

