There is one big problem made by hik, for purpose, hisilicon hi3516D soc's BOOTROM boot pin is disabled by hik omitting 1k-4k7 pullup resistor.
There is a place for resistor but omitting it makes impossible to recover if nand and bld partition is broken.
Maybe this is a new way to care about customers.
Maybe it is easier to put money to a marketing than think about poor customer.
So to recover bricked G0 cam, this small resistor must be there. I include pics. where it might be found.
Resistor is near hi3516D pin number H19, BOOTROM_SEL.
Status of pin is read only during power-on and if no special char is received from uart0, boot continues.
If special char is received, internal bootrom code is started.
So this resistor can be there in any case but leaving it out makes impossible to unbrick nand.
To start recovery and send this special chars you have to find hisilicon's FastBoot3.1(BVT) sw.
(It comes with hi3516 sdk kit, search with baidu. There is also new java based tool.)
Using this tool's "burn fastboot" and serial port it is possible to transfer a new u-boot to nand.
Copy of G0 mtd0-bld is not ok ! It contains hik's own special way to burn.
So you need u-boot bin with std fastboot feature. u-boot must contains G0 soc's register-setup data's too.
Using FastBoot3.1, std u-boot.bin is copied first to ddr and there it is burn to nand.
Sw has an option "ddr" only but you need to use THIS u-boot to erase and burn real G0 mtd0 copy to nand.
You can download backup of mtd0 using std u-boot's "loady" cmd for serial ymodem transfer or "tftp" cmd via net.
After working mtd0-bld you must have copy of mtd2-enc data's too. Without it "update" cmd fails.
So take a backup of mtd0 and mtd2 beforehand. mtd3 can be made by hand but take a backup of it too. It contains sw revision info only but is needed also.
Hik cam's nands will fail eventually. Every boot,config changes and log writes wear out nand.
mtd0-bld, mtd2-enc, mtd3-sysflag partition are "show stoppers", one error and your are done!
btw, please remember to yumount after yaffs2 mount!
Br, JAFO
There is a place for resistor but omitting it makes impossible to recover if nand and bld partition is broken.
Maybe this is a new way to care about customers.
Maybe it is easier to put money to a marketing than think about poor customer.
So to recover bricked G0 cam, this small resistor must be there. I include pics. where it might be found.
Resistor is near hi3516D pin number H19, BOOTROM_SEL.
Status of pin is read only during power-on and if no special char is received from uart0, boot continues.
If special char is received, internal bootrom code is started.
So this resistor can be there in any case but leaving it out makes impossible to unbrick nand.
To start recovery and send this special chars you have to find hisilicon's FastBoot3.1(BVT) sw.
(It comes with hi3516 sdk kit, search with baidu. There is also new java based tool.)
Using this tool's "burn fastboot" and serial port it is possible to transfer a new u-boot to nand.
Copy of G0 mtd0-bld is not ok ! It contains hik's own special way to burn.
So you need u-boot bin with std fastboot feature. u-boot must contains G0 soc's register-setup data's too.
Using FastBoot3.1, std u-boot.bin is copied first to ddr and there it is burn to nand.
Sw has an option "ddr" only but you need to use THIS u-boot to erase and burn real G0 mtd0 copy to nand.
You can download backup of mtd0 using std u-boot's "loady" cmd for serial ymodem transfer or "tftp" cmd via net.
After working mtd0-bld you must have copy of mtd2-enc data's too. Without it "update" cmd fails.
So take a backup of mtd0 and mtd2 beforehand. mtd3 can be made by hand but take a backup of it too. It contains sw revision info only but is needed also.
Hik cam's nands will fail eventually. Every boot,config changes and log writes wear out nand.
mtd0-bld, mtd2-enc, mtd3-sysflag partition are "show stoppers", one error and your are done!
btw, please remember to yumount after yaffs2 mount!
Br, JAFO
