[ECOS] Netgear managed switch GS108T -- open source friendly?

Chris Zimman czimman@bloomberg.com
Tue Feb 3 10:43:00 GMT 2009

> I recently purchased a Netgear GS108T.  This device is a managed
> switch running eCos with (apparently) proprietary extensions.  They
> offer a GPL tarball together with a PDF that documents build
> instructions and a long changelog.  I have a couple questions for you
> folks:

This is OK as eCos is GPL + exception.  Any code that they developed that
wasn't part of the GPL'd source can be kept proprietary.
> 1) The PDF documents two separate modifications to eCos 2.0: Broadcom
> modifications covered by the GPL, and Broadcom "added modules" (which
> I assume means proprietary).  Is building proprietary modules into the
> eCos system against the license, and if not, is it possible to extract
> these modules in binary form?

The short answer to your question is "Maybe, if you know what you're doing".
> 2) Is it possible to tear apart the firmware image using the eCos
> build tools to extract the system?  I'd like to find a way to examine
> the "Web SuperSmart" stuff they put in their firmware.

There's no "magic" tools involved in putting together a regular eCos image.
It's just GCC + binutils.
Of course, there's no telling what anyone might do on their own hardware.
> 3) I have no serial console, and no time or inclination to open the
> housing and solder on a JTAG interface.  I assume that they are using
> Redboot, but I have no way of telling.  Should there be telltale signs
> in the boot code?  If there is a way to determine one way or another
> it would be good to call them out on it and get my hands on the
> Redboot source.

The laziest way I could think of is 'strings'.  You can also disassemble (eg.
objdump -D for free, or IDA Pro for $)
It's a MIPS32 target, so either find/build a MIPS version of binutils.

FWIW, I had a quick look at it and it's an ELF image.  It doesn't contain any
strings that would directly indicate Redboot.
Also, the fact that it's an ELF image suggests that it's probably loaded by
an earlier stage boot loader.

It also appears to use a Broadcom API, covering a variety of their family of

It appears to have a shell in it though:

.text:80004408                 la      $v0, sub_801CE1EC
.text:80004410                 jalr    $v0
.text:80004414                 la      $a2, aWelcomeToEcosS  # "Welcome to
ECOS shell"
.text:80004418                 la      $v0, sub_801CD28C

There's also a filesystem in there, but that's left as an exercise to the

> 4) Their build instructions do not work.  Has eCos 2.0 changed in the
> last several years (since late 2007)?  If not, are these "sources"
> intentionally broken so that people will not attempt to build them?

eCos 2.0 is ancient.  I doubt anyone would go to the trouble of intentionally
breaking the sources.
At the same time, as per the GPL, they just have to provide the source (or
technically speaking, I think just a location where they can be obtained
from) of the GPL'd bits.

Happy hacking


Before posting, please read the FAQ: http://ecos.sourceware.org/fom/ecos
and search the list archive: http://ecos.sourceware.org/ml/ecos-discuss

More information about the Ecos-discuss mailing list