irclog2html for #htc-linux on 20061112

00:00.20lamikrcr2: Good :-) The only change needed is to write small xip.nbf which contains just the new h6300 bootloader instead of containing wince stuff. That way you get bootloader that still requires the loading of kernel, etc. from the sd/mmc.
00:00.32lamikrbut boots without going via wince.
00:01.35lamikrTo get kernel & rootfs also loaded from flash requires a little bit more work.
00:01.56cr2lamikr: there are multiple ways to do similar thing on the universal, but i need to finish the code hardware support like lcd shutdown and battery charging.
00:02.47cr2yes, i've written a bit of flash description today.
00:03.04lamikrcr2: Yes. Do you know which wince driver/dll contains the backlight control in universal? That could help to to find out the answer to same problem in h6300.
00:03.36cr2lkcl: have you found the gpios for joystick ?
00:03.47cr2lamikr: backlight.dll
00:03.50lkclgimme 1sec...
00:04.14cr2but it wildly differes between wince versions, because it's the "OEM" stuff.
00:04.19*** join/#htc-linux baud123 (n=baud@ver78-1-82-240-29-152.fbx.proxad.net)
00:05.20lamikrcr2: Hmm, we have does not backlight.dll but backlight.cpr...
00:05.25lkcloh bollocks!  i managed to use the joystick to select and run linux :)
00:05.28lkclDOH!
00:05.42lkcl94 to 98 :)
00:05.47lkclgpio 94 to gpio 98
00:06.33lkcloh they're already marked on SableGPIO page
00:09.34cr2lkcl: is it just a part of the keyboard ??
00:09.51cr2you don't have buttons like camera and record ?
00:10.00cr2OMAP Video for Linux camera driver
00:10.11cr2nothing omap-specific there.
00:10.15lkclcamera and volume up and down
00:11.13lkclooo that's a bit weird....
00:11.49lkcli'm _guessing_ it's gpio100 for volume up and gpio101 for volume down.
00:12.05cr2guessing ?
00:12.09lkclbut gpio 22 also goes mad
00:12.54cr2but it's also pxa27x keyboard pins.
00:13.02lkclas did 40, 101, 103, 104, 105, 106, 107 _and_ 108 :)
00:13.15cr2yes, so there are no "buttons" for you.
00:13.20lkclhurrah!
00:13.26lkclok let's try camera, too
00:13.38lkclgpio 91
00:14.23lkclyep - all 'keyboard'
00:15.56cr2hehe. it's omap because it's written by TI. not only one #include "*omap*" there.
00:20.20lkcluhh... cr2 - i make that gpio not asic3gpio for the gps... am i completely wrong?
00:20.49lkclwhat am i doing looking at sub_1634b74?
00:21.23cr2lkcl: there are both.
00:21.29lkcloh god.
00:22.18lkclyep.  sub_1633fa0
00:22.26lkcl... _why_? :)
00:22.35lkclnever mind.  there is no 'why'...
00:22.49cr2i don't have such sub_ ?
00:23.12cr2are you looking at the latest idb ?
00:24.49cr2all the gpios are in wiki. there are 2 pxa gpios (57 and 116) and some asic3 gpios.
00:27.04cr2lkcl: do you have a headset ?
00:27.17lkclnot in the uk.  in holland.
00:28.37cr2ok.
00:28.49cr2what else can we test ?
00:32.59lkclhmmm.... phone!
00:33.24lkclphone, wireless, camera...
00:33.43lkclactually i can't test the camera until i've disassembled the thing and put it back in properly!
00:34.26lkclit's still sticking out at an angle because the camera is mounted on the case and it wasn't seated properly: it's pushed the camera-protective-cover-sticker off :)
00:35.02lkcli'm just walking through this gps initialisation at the moment
00:35.03cr2wireless...
00:35.12cr2why can't we find it.
00:35.15Kevin2cr2: Yes.  It's cute - it uses LoadLibraryEx to pull the file into memory so that it can write it out to disk.
00:35.37cr2for the phone we need a normal dump of rilgsm
00:35.58cr2Kevin2: yes, but it always segfaults at the last page.
00:36.33cr2maybe it is not mapped or remapped ? i have no idea.
00:36.51cr2the code actually works, if you ignore the last page.
00:38.02cr2i thought about VirtualCopy and then just fwrite() without copying each page at once.
00:38.22lkcldang there's about _eight_ gpios involved, here, with this stuff.
00:40.12cr2lkcl: where ?
00:40.20lkclin the gps stuff.
00:40.29cr2phone/audio/wifi.
00:40.41lkcl0x1634cdc
00:40.54cr2gps,lcd,bl is done
00:41.11cr2gps ? yes. + BB_INT
00:41.55lkcli'm just going through this disasm, turning it into pseudo-code.  do you think this is a sensible use of my time?
00:45.29cr2you should document the X in spi_rw_X and the reponses.
00:45.51cr2i'm looking at the spi_init
00:46.18cr2the spi stuff is generic, the spi_rw_X is actually written in C in blueangel_kp.c
00:47.25lkclyou mean the trace i took?  do a better wi and then decode it?
00:49.10cr2yes. so we know what is written into gps, and what comes out.
00:49.23cr2the powerup/powerdown is more or less clear.
00:49.47cr2i may be only the control data.
00:58.16cr2hmm. i've learned something new :)
01:00.22lamikrcr2: Do you have linux ida?
01:02.19cr2lamikr: no. i had an old version, but it's not good.
01:02.45lamikrso which version you use now?
01:03.01cr25.0 remote.
01:03.18lamikrIs it much better than 4.8 ?
01:03.45lamikrand what is this "remote" in the name?
01:04.33cr2off the machine of lkcl
01:04.53cr2it's not mine.
01:05.16lamikrok :-) So 5.0 is much better than 4.8 ?
01:05.23lamikror 4.6 in Linux?
01:06.10cr25.0 is better than linux 4.7
01:06.22cr2afaik there is no linux 5.0 version, only 4.9
01:06.49cr24.9 has some improvements for the annoying problems in the earlier versions.
01:07.10lamikrok, just checked that 5.0 has support for the graphs. Is there something else that makes 5.0 much better than 4.x?
01:07.12cr2like [R12] indirection.
01:07.37lamikrok
01:08.08lamikrhmm, what this indection mean?
01:08.16cr2you need to do it manually.
01:08.22cr2hmm.
01:08.39cr2i don't have an example at hand.
01:08.52cr2function foo is in bar.dll
01:09.00cr2coredll for example.
01:09.09cr2then it decodes like
01:09.42cr2sub_xxx : ldr r12,foo
01:10.09cr2and so on. instead of replacing sub_xxx with 'foo'.
01:10.20cr25.0 does it right.
01:14.02lamikrok, thanks
01:14.35cr2ida is better than objdump, but it is still a rather primitive tool.
01:15.05lamikrbalrog-kun in hackndev is writing something that he claims will be much better than idapro.
01:15.15cr2you can't just press 'run' and get a good result.
01:15.23cr2for arm ?
01:17.42lamikrcr2: Yes for arm
01:18.06cr2hmm. decoded the SPI_CS alt, now found one more undocumented asic3 clock bit ;)
01:18.32cr2lamikr: the holy grail is to port wine to wince.
01:18.38cr2them wince is toast.
01:19.57lamikrcr2: Yes, husam has took another approach. He has written omap emulator for wince... It can already show the original HP's logo when to bootloader starts, but the jump to wince kernel fails.
01:20.19cr2and it should be relatively easy given the stupid 25bit architecture.
01:20.21cr2qemu ?
01:20.43lamikrcr2: I loaded now the backlight.cpl now with ida. Unfortunately I could not find any easy method like setBacklight
01:20.44cr2m$ knows that and pushes wince6, where it is not the case anymore.
01:21.16cr2lamikr: you should really port haret to omap.
01:21.25cr2will save you a lot of disassembling.
01:21.27lamikrcr2: Yes, they actually claimed to release quite a few sources from wince6.
01:22.07cr2but they must be backward compatible, so it's not that easy for them.
01:22.24lamikrcr2: Are you able to watch registers from peripherals like tsc2101 with haret?
01:22.57cr2yes, you can watch any virtual memory access, thanks to the code written by Kevin2
01:23.13cr2using the ARM debug registers.
01:23.42cr2this is a real hardware debugger
01:23.54cr2built in the cpu.
01:29.25lamikrnice, is that pxa specific?
01:30.11cr2ask Kevin2, i'm not sure.
01:30.30lamikrcr2: About the phone. Does phone.dll contain anything usefull considering the phone init, etc. or do you have the code for enabling/disabling the phone in rilgsm.dll or ril.dll ?
01:32.37cr2phone.dll is useless. ril.dll is also a "portable" part
01:32.53cr2rilgsm.dll is device-specific.
01:33.43lamikrok, I opened the rilgsm.dll. Ida want to open also theossvcs.dll which I also have.
01:34.09Kevin2The memory watching is pxa specific.  Who knows - omap might have similar functionality.
01:34.16lamikrDo you remember function names rilgsm.dll which are used for you to turn on the phone hardware.
01:34.36cr2lamikr: it's not that easy.
01:34.43cr2Kevin2: thanks.
01:35.26cr2Kevin2: but cp14 and cp15 are ARM registers, not really pxa ?
01:36.51cr2Kevin2: asic3 is better documented than your CPLD, but it has also some undocumented features that i've discovered. some of them are still unclear.
01:42.52lamikrcr2: So functions like RIL_PowerUp were not the key... Do you have a function with that name?
01:43.56cr2yes, they are usually an empty stub.
01:44.24cr2sharp has really obfuscated their asic3 header ;)
01:44.40cr2but it's the only code i know where they deal with asic3 pwm.
01:46.16Kevin2cr2: The coprocessors are implementation dependent.  I doubt TI would implement them the same way.  (But who knows - maybe they did.)
01:46.33lamikrcr2: RIL_PowerUp, RIL_PowerDown, RIL_IOControl and WMT_IOControl seems to have real code in them. WMT_PowerUp and WMT_PowerDown are simpy ret functions.
01:49.19cr2lamikr: look at RIL_Initialize in ril.dll
01:49.46cr2but don't be surprised if it calls RIL_DevSpecific
01:59.30lamikrcr2: Do you really mean from the ril.dll and not form rilgsm.dll? I opened RIL_Init() from rilgsm.dll and  seems to be pretty long function in , could not detect call to RIL_DevSpecific. Can I somehow save/copy/paste the idapro assemply view to text-file?
02:01.35cr2lamikr: select with the left button and use "copy" in menu. then paste it in some other program (i used kwrite)
02:02.28cr2good night :)
02:22.40Kevin2psokolovsky_: I've checked in my changes to haret.
03:09.32lkclhttp://hands.com/~lkcl/hp6915/decoded.gps.from_spi.4thrun.txt
03:09.37lkclthere's a couple others
03:11.15lkclanyway.  am off to sleep.  until tomorrow.  it's a 19-byte payload, apparently.  at least, there's a regular occurrence of the letter 2 (0x32) every 19 bytes when things go well.  lots of data was lost: buffer overflow in the wi data.  oh well
06:43.54*** join/#htc-linux goxboxlive (n=goxboxli@9.80-202-160.nextgentel.com)
08:36.02*** join/#htc-linux rob_w (n=bob@p85.212.129.249.tisdip.tiscali.de)
10:08.57*** join/#htc-linux asylumed (n=insanity@196.211.116.2)
10:23.03goxboxlivecr2: I have managed to boot a initramfs, but it has very restricted functions
10:41.14*** join/#htc-linux LunohoD (n=alex@e180065179.adsl.alicedsl.de)
10:58.42*** join/#htc-linux rob_w (n=bob@p85.212.129.249.tisdip.tiscali.de)
11:40.02*** join/#htc-linux WizMaui (n=WizMaui@62.112.90.179)
11:57.58*** join/#htc-linux deltastar (n=bosty@BSN-61-36-104.dial-up.dsl.siol.net)
11:58.18deltastarhi room,
11:58.59deltastaris there any new kernel for ba board id 06 that works suspend/resume?
12:00.04rob_wgoxboxlive managed a hack to regain suspend ..
12:00.20rob_woh no i meant asylumed did the patch
12:05.33deltastarso, yes no or still soon ;)
12:06.16deltastarmean, can i download it somewhere?
12:22.57*** join/#htc-linux WizMaui_ (n=WizMaui@62.112.90.179)
12:24.05rob_wdeltastar, its been committed to the lasted source
12:31.51*** join/#htc-linux WizMaui (n=WizMaui@62.112.90.179)
12:47.06*** join/#htc-linux BabelOued (n=Fabrice@lun34-2-82-238-28-28.fbx.proxad.net)
12:51.30*** join/#htc-linux rob_w (n=bob@p85.212.129.249.tisdip.tiscali.de)
13:06.48*** join/#htc-linux florian_ (n=fuchs@87.193.40.87)
13:41.32BabelOuedhi
14:13.29lkcllet's see what happens
14:39.11*** join/#htc-linux goxboxlive (n=goxboxli@9.80-202-160.nextgentel.com)
14:56.45psokolovsky_Hi!
14:56.50psokolovsky_Kevin2, kudos!
14:57.11psokolovsky_anyway, hope everyone's having good rest after yesterday's great work ;-)
15:22.28lkclwork?  what's that?
16:54.18*** join/#htc-linux FossiFoo (n=Fossi@e176118147.adsl.alicedsl.de)
17:35.48*** join/#htc-linux centrino (n=centrino@linux.fjfi.cvut.cz)
17:58.16*** join/#htc-linux pierrox (n=pierrot@ns1.1000wallpapers.com)
17:58.18pierroxhi
18:01.01pierroxcr2, lkcl told me that you could help me about the memory map, have you some time ?
18:36.57*** join/#htc-linux dullard (n=jim@adsl-static-1-30.uklinux.net)
18:56.51*** join/#htc-linux FossiFoo_ (n=Fossi@e176122206.adsl.alicedsl.de)
19:15.01*** join/#htc-linux BabelOued_ (n=Fabrice@lun34-2-82-238-28-28.fbx.proxad.net)
19:23.28*** join/#htc-linux florian_ (n=fuchs@87.193.43.154)
19:26.26*** join/#htc-linux BabelOued_ (n=Fabrice@lun34-2-82-238-28-28.fbx.proxad.net)
19:38.43*** join/#htc-linux goxboxlive (n=goxboxli@9.80-202-160.nextgentel.com)
19:44.59lkclpierrox, allo - cr2 is usually around in the evenings / night.
19:45.17lkclbut i just remembered: haret has a dump command to get the mmu memory map
19:45.55pierroxok
19:46.07pierroxin fact the mmu dump fails on my device
19:46.16pierroxso i must find another way to dump it
19:49.16Kevin2pierrox: You need a later version of haret.  Try gnu-haret.
19:50.16pierroxi wasn't aware of gnu-haret
19:54.00pierroxKevin2, have you a link to this version of haret ?
19:55.57Kevin2pierrox: See http://www.handhelds.org/moin/moin.cgi/HaRET
19:56.10Kevin2The binaries are at: http://jornada820.sf.net/files/haret
19:59.33pierroxok, there is some mess in the version number
20:08.10*** join/#htc-linux WizMaui_ (n=WizMaui@62.112.90.179)
20:29.03pierroxbye
20:39.20goxboxlivealoha
20:46.04*** join/#htc-linux JTRipper86 (n=jtripper@p54B1E510.dip.t-dialin.net)
20:48.37*** join/#htc-linux asylumed (n=insanity@196.211.28.91)
20:56.15lkclanyone know how to enable access to the onboard storage partition - the hidden one?
21:09.52*** join/#htc-linux lamikr|lap (n=chatzill@aragorn.kortex.jyu.fi)
21:11.37goxboxlivelkcl: Do you mean from wince?
21:13.58goxboxlivelkcl: If it is from wince, u can use this app: http://buzzdev.net/index.php?option=com_content&task=view&id=63&Itemid=1 But this is for the Universal. I dont know if it will work with other devices
21:36.27lkclwell i can only try - yes wince
22:22.35*** join/#htc-linux skodde (n=skodde@unaffiliated/skodde)
22:33.47*** join/#htc-linux skodde (n=skodde@unaffiliated/skodde) [NETSPLIT VICTIM]
22:33.47*** join/#htc-linux lamikr|lap (n=chatzill@aragorn.kortex.jyu.fi)
22:33.48*** join/#htc-linux JTRipper (n=jtripper@p54B1E510.dip.t-dialin.net)
22:33.48*** join/#htc-linux florian (n=fuchs@87.193.43.154)
22:33.48*** join/#htc-linux dullard (n=jim@adsl-static-1-30.uklinux.net) [NETSPLIT VICTIM]
22:33.48*** join/#htc-linux LunohoD (n=alex@e180065179.adsl.alicedsl.de) [NETSPLIT VICTIM]
22:33.48*** join/#htc-linux baud123 (n=baud@ver78-1-82-240-29-152.fbx.proxad.net) [NETSPLIT VICTIM]
22:33.48*** join/#htc-linux ba2bb (n=bbaniste@w160186.wireless.fsr.net) [NETSPLIT VICTIM]
22:33.48*** join/#htc-linux psokolovsky_ (n=psokolov@239.usernat.ip.net.ua)
22:33.48*** join/#htc-linux cr2 (n=konversa@crpl22.physik.uni-wuppertal.de) [NETSPLIT VICTIM]
22:33.48*** join/#htc-linux iggy (n=iggy@gentoo/developer/iggy) [NETSPLIT VICTIM]
22:33.48*** join/#htc-linux hlbot (n=adm@iclem.net) [NETSPLIT VICTIM]
22:33.48*** join/#htc-linux pof (n=pof@62.57.1.173) [NETSPLIT VICTIM]
22:33.48*** join/#htc-linux anYc (i=mario@hadince17.hadiko.uni-karlsruhe.de) [NETSPLIT VICTIM]
22:33.48*** join/#htc-linux toi (n=pleemans@d5152D3B4.access.telenet.be)
22:33.48*** join/#htc-linux Funklord (n=cow@c-cbd572d5.014-46-73746f28.cust.bredbandsbolaget.se) [NETSPLIT VICTIM]
22:33.48*** join/#htc-linux eldu (n=damajor@nysa.e-geek.org) [NETSPLIT VICTIM]
22:33.48*** join/#htc-linux parmaster (i=par@dipole.idlepattern.com) [NETSPLIT VICTIM]
22:33.48*** join/#htc-linux DerekS (n=DerekS@unaffiliated/dereks) [NETSPLIT VICTIM]
22:33.48*** join/#htc-linux Kevin2 (n=Kevin@207-237-52-30.c3-0.avec-ubr12.nyr-avec.ny.cable.rcn.com) [NETSPLIT VICTIM]
22:33.48*** join/#htc-linux Kmarc (i=kari@markos.biz) [NETSPLIT VICTIM]
22:33.49*** join/#htc-linux TeringTuby (n=maarten@189-66-dsl.ipact.nl) [NETSPLIT VICTIM]
22:33.49*** join/#htc-linux gw280 (i=authdeni@81.91.110.54) [NETSPLIT VICTIM]
22:33.49*** join/#htc-linux lamikr (n=chatzill@aragorn.kortex.jyu.fi) [NETSPLIT VICTIM]
22:33.49*** join/#htc-linux ljp (n=lpotter@203.94.178.46) [NETSPLIT VICTIM]
22:33.49*** join/#htc-linux awelux (n=awelux@lvps87-230-8-217.dedicated.hosteurope.de) [NETSPLIT VICTIM]
22:34.41lkclargh!  trying to compile romunlock.  oh well.  enough for now.
22:57.48*** join/#htc-linux JTRipper86 (n=jtripper@p54B1E510.dip.t-dialin.net)
23:08.04*** join/#htc-linux lamikr_ (n=chatzill@aragorn.kortex.jyu.fi)
23:28.21*** join/#htc-linux skodde (n=skodde@unaffiliated/skodde)
23:49.17*** join/#htc-linux skodde (n=skodde@unaffiliated/skodde)

Generated by irclog2html.pl by Jeff Waugh - find it at freshmeat.net! Modified by Tim Riker to work with blootbot logs, split per channel, etc.