Porting chdk to the G9

bongo_bingo

167

Re: Porting chdk to the G9

« Reply #10 on: 20 / April / 2008, 02:35:28 »

Advertisements

Quote from: GrAnd on 19 / April / 2008, 14:32:25

Quote from: bongo_bingo on 19 / April / 2008, 12:14:49
Loaded CanonFW_DryOS_A-Series.sig, running CHDK.idc -> 17:18:26
It takes a lot of time! (turion 64 tl 50, 2.5 Gb ram)

4m 45s with all my actions from choosing the file to the readiness.
See flash movie - Loading G9 dump into IDA

Hello GrAnd,
thank for the movie, very clear I think it will be usefull for a lot of future developers.

I've made it wrong, the analisys went to 0x00000000 to eof, it tool more than 2 hours, I left the pc working alone.
No error, this is the log:

Executing function 'main'...
Plan FLIRT signature: "DryOS Canon Firmware; A720-based"
Compiling file 'C:\Programmi\IDA\idc\CHDK.idc'...
Executing function 'main'...
*** START OF ANALYSIS ***
Searching for code...
Code found 86300 times
Please wait...
Using FLIRT signature: "DryOS Canon Firmware; A720-based"
Searching for tasks...
Tasks found 127 times
Please wait...
Searching for events...
Events found 286 times
Please wait...
Searching for strings...
Strings found 5131 times
Please wait...
Searching for references...
Refs found 71716 times
Please wait...
*** END OF ANALYSIS ***
Retrieving information from the database... ok

I'm restarting the analisys following yours direction, thanks again.

Are the sig and idc files you used the same present in http://grandag.nm.ru/hdk/CanonFW_A-Series_Signatures_for_IDA.rar ?
Can I use notepad to strip off the zeros?

Wrong_Ida_Dump.zip (208.05 kB - downloaded 126 times.)

« Last Edit: 20 / April / 2008, 02:54:52 by bongo_bingo »

Logged

bongo_bingo

167

Re: Porting chdk to the G9

« Reply #11 on: 20 / April / 2008, 05:38:50 »

hELLO,
just finished the analisys the way GrAnd showed, but less things where found.
At this point I have a lack competence, I'm posting the Ida log hoping you can help me to understand what's wrong.

GrAndWAY.zip (2.52 kB - downloaded 175 times.)

Logged

GrAnd

916
[A610, S3IS]

Re: Porting chdk to the G9

« Reply #12 on: 20 / April / 2008, 06:05:02 »

Quote from: bongo_bingo on 20 / April / 2008, 02:35:28

Are the sig and idc files you used the same present in http://grandag.nm.ru/hdk/CanonFW_A-Series_Signatures_for_IDA.rar ?

Yes.

Quote from: bongo_bingo on 20 / April / 2008, 02:35:28

Can I use notepad to strip off the zeros?

No. It will replace some symbols, as notepad is textual editor, not binary.

edit: You can yse the following command line to strip your dump (empty.dum):
tail -c +638465 empty.dum | head -c 3345368 > PRIMARY.BIN
Both 'tail' and 'head' programs are in CHDK working environment for Windows.

« Last Edit: 20 / April / 2008, 06:14:54 by GrAnd »

Logged

CHDK Developer.

bongo_bingo

167

Re: Porting chdk to the G9

« Reply #13 on: 20 / April / 2008, 06:25:22 »

Quote from: GrAnd on 20 / April / 2008, 06:05:02

Quote from: bongo_bingo on 20 / April / 2008, 02:35:28
Are the sig and idc files you used the same present in http://grandag.nm.ru/hdk/CanonFW_A-Series_Signatures_for_IDA.rar ?

Yes.

Quote from: bongo_bingo on 20 / April / 2008, 02:35:28
Can I use notepad to strip off the zeros?

No. It will replace some symbols, as notepad is textual editor, not binary.

edit: You can yse the following command line to strip your dump (empty.dum):
tail -c +638465 empty.dum | head -c 3345368 > PRIMARY.BIN
Both 'tail' and 'head' programs are in CHDK working environment for Windows.

ok,
I've used notepad++ to cut off the zeroes, will test tail-head in the afternoon.

bye

Have a nice sunday!

Logged

GrAnd

916
[A610, S3IS]

Re: Porting chdk to the G9

« Reply #14 on: 20 / April / 2008, 07:08:28 »

Quote from: bongo_bingo on 20 / April / 2008, 06:25:22

will test tail-head in the afternoon.

Or, you can load your dump "as-is" directly to IDA with specifying the offset of data:
Loading G9 dump into IDA, episode 2

« Last Edit: 20 / April / 2008, 07:11:51 by GrAnd »

Logged

CHDK Developer.

bongo_bingo

167

Re: Porting chdk to the G9

« Reply #15 on: 20 / April / 2008, 11:56:29 »

Quote from: GrAnd on 20 / April / 2008, 07:08:28

Quote from: bongo_bingo on 20 / April / 2008, 06:25:22
will test tail-head in the afternoon.

Or, you can load your dump "as-is" directly to IDA with specifying the offset of data:
Loading G9 dump into IDA, episode 2

This is easier!

From GrAnd productions another unforgettable Movie!

But now, what to do next?

Logged

Barney Fife

1157

Re: Porting chdk to the G9

« Reply #16 on: 20 / April / 2008, 12:18:49 »

Deleted

« Last Edit: 22 / April / 2008, 18:30:16 by Barney Fife »

Logged

[acseven/admin commented out: please refrain from more direct offensive language to any user. FW complaints to me] I felt it imperative to withdraw my TOTAL participation. Nobody has my permission, nor the right, to reinstate MY posts. Make-do with my quoted text in others' replies only. Bye

bongo_bingo

167

now the harder part

« Reply #17 on: 20 / April / 2008, 13:25:24 »

Quote from: Barney Fife on 20 / April / 2008, 12:18:49

I ain't watchin' them until they get to commerical TV, and all reviews are in. This isn't going to be like the Jason movies is it? Episode IX, X, XI, XII ...

It isn't a bad idea

Disassembler Tv!
Learn to disassemble your world!

That would be great, indeed.

Anyway, with the offset method everything seems to go fine.
But at this point I have to read a lot, just to understand how to proceed.
I'm attaching: log, names and functions
Edit 1: I've even runned code_fix.idc
Edit 2: Runned GrAnd's idc

Now I'm really out of ideas!

Cheer

Log_Names_Functions.zip (227.56 kB - downloaded 67 times.)

Code_Fix_Names_Functions.zip (128.62 kB - downloaded 70 times.)

After_GrAnd_Idc.zip (220.37 kB - downloaded 73 times.)

« Last Edit: 20 / April / 2008, 14:17:42 by bongo_bingo »

Logged

bongo_bingo

167

Re: Porting chdk to the G9

« Reply #18 on: 21 / April / 2008, 08:10:28 »

Hello all,

at the moment I'm running the idcs from trunk/tools, a lot of things founded.

Questions:

1) do you think that what I'm doing have some kind of sense?
2) is it possible with this information to start the porting? If other infos are needed how to find?
3) will the ida database be usefull for you? should I upload it?
4) I suppose that after that Names and relative adresses were found is it possible to start tomanipolate chdk source. Am I Right? which source should I look for?
5) are there other g9 owners interested in this work?

Names_Functions_New.zip (274.12 kB - downloaded 72 times.)

« Last Edit: 21 / April / 2008, 09:05:27 by bongo_bingo »

Logged

Titan_G9

37

Re: Porting chdk to the G9

« Reply #19 on: 21 / April / 2008, 09:58:08 »

hello Bongo_bingo,

Quote from: bongo_bingo on 21 / April / 2008, 08:10:28

5) are there other g9 owners interested in this work?

I hope so, linuxGuy, digit, fudgey, cderory, papaxiclas, jgradie, johngalt42, dew and me are interested in this!
I suggest to start a vote (polling) how many members are interested.
In February I asked jeff666 to help me the porting, but he had a lot of work at that time.

He said the following:

"I could do some of the work. Many things are (nearly) identical on each camera and I could do them without having the actual device.
The only thing that worries me is the keyboard. KBD-handling differs from A-series to S-series and I suppose G is different, again. You will have to do some investigation yourself.
What i can do is get your device booting."

Probably we can ask him also to help us. Let's lobby for the developers to help us.

DryOS - some success in Reply #10 there is a way you can go through

What I really would like to know how can figure it out the addresses in "entry.s" or other imoprtant files which is used for booting the G9 into CHDK. It's seems to me very interesting.
If we can make it booting then the keyboard handling need development by "us".
I already done the firmware loading to IDA and appling the signatures and CHDK.idc script run on Version 1.00D.
And started to make a linux environment for compiling but I failed.

So Bingo_bongo I'm also with you.

Cheers

P.S. I'm also not a hardcore C and ASM programmer, only a little bit.

Logged