the sx10 porting thread - page 29 - General Discussion and Assistance - CHDK Forum

the sx10 porting thread

  • 613 Replies
  • 339250 Views
*

Offline ewavr

  • ****
  • 1057
  • A710IS
Re: the sx10 porting thread
« Reply #280 on: 05 / June / 2009, 03:28:53 »
Advertisements
<duplicate post>
« Last Edit: 05 / June / 2009, 03:30:59 by ewavr »

Re: the sx10 porting thread
« Reply #281 on: 06 / June / 2009, 19:00:11 »
Pleeeeeasee!! make chdk ver. 1.02b pleeeeeeeeeeease!!!!!!
????? ???? ????? ?????????? ?? RAW ? ????? ?????(((

Re: the sx10 porting thread
« Reply #282 on: 07 / June / 2009, 09:51:19 »
   
I am very disappointed that no one takes the job. For once I can test your product. Yet I am not the only person to expect a version 1.02b :(

Please MTV.... Pip my Camera !! :P lol

Re: the sx10 porting thread
« Reply #283 on: 07 / June / 2009, 14:18:55 »
Please make CHDK for FW: 1.02b

BIG THX  ::)


*

Offline reyalp

  • ******
  • 14089
Re: the sx10 porting thread
« Reply #284 on: 07 / June / 2009, 16:54:29 »
Please make CHDK for FW: 1.02b

BIG THX  ::)
   
I am very disappointed that no one takes the job. For once I can test your product. Yet I am not the only person to expect a version 1.02b :(

Please MTV.... Pip my Camera !! :P lol
Pleeeeeasee!! make chdk ver. 1.02b pleeeeeeeeeeease!!!!!!
????? ???? ????? ?????????? ?? RAW ? ????? ?????(((
Please read the thread, and think about what you are asking for a second.

What would you do if someone on the street walks up to you and asks you to do a couple days of complex but not very interesting technical work for free ? If they say OMG PLEASE PLEASE PLEASE does that make you more likely to do it ?
Don't forget what the H stands for.

Re: the sx10 porting thread
« Reply #285 on: 08 / June / 2009, 22:37:45 »
Some *.S files for 1.01B firmware for future developers  - http://ewavr.nm.ru/chdk/trash/sx10-101b.zip
Sorry, I can't continue this work.
Thanks for all your work on this! I just bought a new SX10 which seems to have come with 1.02B, but rather than post another "WhEn is 1.02b gonna be done!!!1!!!1!" reply, I'm actually looking into what it will take to port this to 1.02B.

Luckily I have some asm and IDA experience, so I might actually be able to accomplish something. Can't say that I've written anything for the ARM, but I read an overview of the architecture once (maybe 3 years ago, lol.) Seems to be a pretty popular core for SOC ASICs, and sounds like lots of people/companies have developed their own cores using the same instruction set, etc. Even if I didn't know anything about ARM, the instruction set looks RISC-like and similar to m68k which I'm probably most familiar with. Luckily this is nothing like Intel x86 (yuck).

I haven't used IDA in 2-3 years either. When I did use it I used it for malware reverse engineering (though I can't say I did a massive amount of that since it wasn't my primary job). Given the obfuscation techniques used in malware code, hopefully this fw will be easy in comparison. (I'm assuming that there's no real execution-based obfuscation, just the whole-image XOR "encryption" or whatever.)

Ok, so questions:

Quote
*  First you need either the original firmware or a firmware dump of your camera.
Ok, that's been done, but somewhere I saw some suggestion that 1.01B was the same as 1.02B or something? But then when I searched around I couldn't seem to figure out where I saw someone claim this. Am I smoking crack or is someone else smoking crack?

Reason it matters is because I'm wondering how useful your .S files would be for 1.02B. I suppose I'll end up finding out though.


Quote
* Create a platform subdirectory for a new camera model/fw version (you can just copy an existing one).
Question here: Since you've already ported a 1.01A for this camera, I'm guessing that maybe some of the work necessary for 1.02B etc has already been done? If nothing else I guess I can look at the .S files you have, compare them, then get some idea. Is it mostly just a matter of finding a bunch of function/subroutine offsets?


Quote
    * Modify a couple of addresses and constants.
    * Check the keyboard "driver" (button constants and behaviour).
So I'm guessing that the constants will be the same....


Quote
    * Find the adresses of the RAW-, video- and frame-buffers.
    * Check the addresses of autofound functions. Manually correct/find the right addresses for some of them with a disassembler like IDA Pro.
Sounds like this is the main work? How likely is it that the boot procedure has changed and will need to be copied/modified?

I installed CHDK shell. Nice automation. (Nice idea to automate all that given the need to port this for every firmware version. It increases the chance that ports get done.)

Stuff I'm reading:
http://chdk.wikia.com/wiki/For_Developers
http://chdk.wikia.com/wiki/SX10
http://chdk.wikia.com/wiki/DryOS_Porting
http://chdk.wikia.com/wiki/Loading_dump_to_IDA
http://chdk.wikia.com/wiki/Adding_support_of_a_new_camera

Looked at this: CHDK\trunk\trunk772\platform\sx10\sub\101a
Put your 101b files in 101b dir
looked at everything in sub briefly, as well as loader and platform

Ok, so it looks like I shouldn't need to do anything with sx10 loader or platform and everything I'd need to change is in a new platform/sx10/sub/102b dir? (Can any be copied from 101a?)

Sorry for being a bit verbose and thinking out loud, but I just want to see if I'm on the right track here and what I know so far so you can see what sort of tips you might have for me that I could actually understand. Doesn't look entirely trivial to port (especially since I haven't done stuff like this in a while) but so far everything I've looked at generally makes sense even if I don't yet understand exactly how it all fits together.

*

Offline reyalp

  • ******
  • 14089
Re: the sx10 porting thread
« Reply #286 on: 08 / June / 2009, 23:03:44 »
Nimrod, looks like you've found pretty much everything you need. Porting a new sub version of an existing firmware is a lot easier than a new port. You will need to dump your specific firmware version.

For the most part, all that will change is function and variable addresses. All the hardware addresses are (AFAIK) always the same between different versions of the same camera. Same goes for things like the constants in kbd.c. As you guessed, you shouldn't need to change the loader, or anything outside of the 'sub' directory (except for the top level makefile etc)
The majority of function addresses are automatically found, as described in http://chdk.wikia.com/wiki/Signature_finder (that page is aimed at people adding new function signatures, which you don't need to do, but should help you understand the process) So what you are left with is fixing up the asm in boot.c, capt_seq.c, movie_rec.c, and filling in the addresses in stubs_entry_2.s (including any that aren't found correctly in the automatic stubs_entry.s) and stubs_min.s

You can start by copying an existing platform, but for some of the inline asm it's probably easier to start from ida disassembly instead, since you would have to go through line by line to fix all the offsets anyway. For the .s files, you should start from scratch.

The 1.01b files will probably not help you with 1.02b, unless they happen to be compatible. Since there aren't ports for either one yet, we don't know if they are.

The online arm docs are pretty good, you can find links to the most important ones in http://chdk.wikia.com/wiki/Developer_Technical_Documents

If you need real time advice, there's frequently a few of us idling in #chdk on freenode.
Don't forget what the H stands for.

Re: the sx10 porting thread
« Reply #287 on: 09 / June / 2009, 00:36:59 »
Nimrod, looks like you've found pretty much everything you need. Porting a new sub version of an existing firmware is a lot easier than a new port. You will need to dump your specific firmware version.
Awesome. I just downloaded the 1.02b dump on the wiki page for the sx10. Hopefully that one is correct.

Quote
The majority of function addresses are automatically found, as described in http://chdk.wikia.com/wiki/Signature_finder (that page is aimed at people adding new function signatures, which you don't need to do, but should help you understand the process) So what you are left with is fixing up the asm in boot.c, capt_seq.c, movie_rec.c, and filling in the addresses in stubs_entry_2.s (including any that aren't found correctly in the automatic stubs_entry.s) and stubs_min.s
Ok, got it. That was the page that I looked at way too briefly earlier, but I get the basic idea. Right now I'm just using it as part of the normal build process having put the PRIMARY.BIN into my new sub directory.

Quote
You can start by copying an existing platform, but for some of the inline asm it's probably easier to start from ida disassembly instead, since you would have to go through line by line to fix all the offsets anyway. For the .s files, you should start from scratch.
Ok, that's what I did, for now, just to make 'make' happy so it would generate the stubs_entry.S, and that seems to be working.

Quote
The 1.01b files will probably not help you with 1.02b, unless they happen to be compatible. Since there aren't ports for either one yet, we don't know if they are.
Well, comparing what evwar uploaded in his zip file for 1.01b .S files, it looks like his stubs_entry.S looks suspiciously like what the build process just generated from the 1.02b image:

1.01b from evwar:
Code: [Select]
// !!! THIS FILE IS GENERATED. DO NOT EDIT. !!!
#include "stubs_asm.h"

NSTUB(AllocateMemory, 0xffa67c20)
// Best match: 56%
NSTUB(AllocateUncacheableMemory, 0xff827fd8)
NSTUB(Close, 0xff823a64)
NSTUB(CreateTask, 0xff81aef4)
NSTUB(DeleteFile_Fut, 0xff823310)
// ERROR: EnterToCompensationEVF is not found!
... etc

1.02b generated by me running build with 1.02b image from wiki sx10 page:
Code: [Select]
// !!! THIS FILE IS GENERATED. DO NOT EDIT. !!!
#include "stubs_asm.h"

NSTUB(AllocateMemory, 0xffa67c20)
// Best match: 56%
NSTUB(AllocateUncacheableMemory, 0xff827fd8)
NSTUB(Close, 0xff823a64)
NSTUB(CreateTask, 0xff81aef4)
NSTUB(DeleteFile_Fut, 0xff823310)
// ERROR: EnterToCompensationEVF is not found!
... etc

Doing an actual diff between these (evwar's 101b and the 102b I just generated) gives me:
Code: [Select]
C:\CHDK\trunk\trunk772\platform\sx10\sub>diff 101b\stubs_entry.S 102b\stubs_entry.S
99,102c99,102
< NSTUB(_log, 0xffb01a10)
< NSTUB(_log10, 0xffb0069c)
< NSTUB(_pow, 0xffb0080c)
< NSTUB(_sqrt, 0xffb0366c)
---
> NSTUB(_log, 0xffb01a40)
> NSTUB(_log10, 0xffb006cc)
> NSTUB(_pow, 0xffb0083c)
> NSTUB(_sqrt, 0xffb0369c)
How often does this turn out to be the case? Funny that it's all the same except for these 4 math functions. Of course I have to keep in mind that some of the ones that weren't found automatically may also be similarly different, but it sounds like evwar's work might apply and thus save time.

Quote
If you need real time advice, there's frequently a few of us idling in #chdk on freenode.
Cool, thanks.

(I'm surprised that I've gotten this far so fast, but I suppose that most of it is thanks to whim's CHDK shell and all the people who contributed to the wiki docs! That's saved a lot of time. Thanks guys!)


*

Offline reyalp

  • ******
  • 14089
Re: the sx10 porting thread
« Reply #288 on: 09 / June / 2009, 01:03:15 »
How often does this turn out to be the case? Funny that it's all the same except for these 4 math functions.
It's not uncommon to have a bunch the the same, and the ones that are different only be off by some small fixed offset.  Basically canon adds some code or data somewhere, and everything else moves down a bit (48 bytes in the above case).

The math functions are near the end of ROM code, which explains why they are the only ones affected. This also means that functions in stubs_entry_2.s that are at lower address than whatever the last identical one you in stubs_entry.S will almost certainly be the same too. If you wanted, you could do a binary compare to figure out what offset the changes started.

Variable addresses (stubs_min.S, lib.c and and a few others scattered around) will follow a similar pattern, either being the same, or offset by some small amount.
Don't forget what the H stands for.

*

Offline GAJoe

  • *
  • 15
Re: the sx10 porting thread
« Reply #289 on: 09 / June / 2009, 05:08:07 »
1.02B owners have reason to celebrate!! :D :lol :)
Nimrod you're our hero!
Let us know if we can help!
Some where I read that one of the monotonous tasks is comparing lines and lines of code looking for small differences. If so let me know where to go to help.
A thread specific to the 1.02B has been started here: http://chdk.setepontos.com/index.php/topic,3540.0.html so it may be the place to get help / delegate tasks.
Again, thanks for stepping up to the plate Nimrod!
GAJoe

 

Related Topics


SimplePortal 2.3.6 © 2008-2014, SimplePortal