π
<-
Chat plein-écran
[^]

Patching 4.4.0.532 CAS to run on Non-CAS

C, C++, ASM...
Online

Re: Patching 4.4.0.532 CAS to run on Non-CAS

Unread postby critor » 15 Feb 2017, 23:44

parrotgeek1 wrote:out of curiosity, does it work on CX DVT? thanks for doing all of the tests

I'd like to. I'd like to be able to boot as many OSes as possible in ControlX, because it's great and because it lowers the possibilities of bricking. :)
And also because I'd like to tinker again with the official theme editor which was coming with one of the 3.0.0 OSes. ;)

Unfortunately, nBoot apparently doesn't work with the CX Boot1 3.0.0.0 present on CX/Color EVT/DVT prototypes :
archives_voir.php?id=10192
I don't get the "Unlocked" string in the Firebird boot log, and the screen won't turn on. :(
Code: Select all
Boot Loader Stage 1 (3.00.DEVBUILD)
Build: 2010/9/14, 16:30:29
Copyright (c) 2006-2010 Texas Instruments Incorporated
Using developer keys

Last boot progress: 65
Warning at PC=00007718: Bad write_byte: 0001c634 00

Available system memory: 33196
Checking for NAND: NAND Flash ID: Generic 1 GBit (0xA1)
SDRAM size: 32 MB
Wakeup Event: ON.
SDRAM memory test:   Pass
Clearing SDRAM...Done.
Clocks:  CPU = 132MHz   AHB = 66MHz   APB = 33MHz
Turning device off
Turning device off
Turning device off
Clearing SDRAM...Done.


Now for production calculators.
I think OS signed with the development keys
(we've got some of them in versions 3.0, 3.2 and 3.6)
can be installed by flashing and launching the CX Boot2 3.0.0.0 including the development keys :
archives_voir.php?id=10101
But you won't be able to boot them properly. Like every OS version older than 4.0.1, they need to be patched to prevent them from crashing in the nBoot context.
And the only Boot2 which is currently able to patch OSes before launching them is Boot2 4.0.3, which is including the production keys, and thus is going to erase such OSes. :(
Image
User avatar
critorAdmin.
Niveau 19: CU (Créateur Universel)
Niveau 19: CU (Créateur Universel)
Level up: 3.2%
 
Posts: 34910
Images: 9278
Joined: 25 Oct 2008, 00:00
Location: Montpellier
Gender: Male
Calculator(s):
Class: Lycée
YouTube: critor3000
Twitter: critor2000
Facebook: critor.ti

Re: Patching 4.4.0.532 CAS to run on Non-CAS

Unread postby parrotgeek1 » 15 Feb 2017, 23:50

critor wrote:
parrotgeek1 wrote:out of curiosity, does it work on CX DVT? thanks for doing all of the tests

I'd like to. I'd like to be able to boot as many OSes as possible in ControlX, because it's great and because it lowers the possibilities of bricking. :)
And also because I'd like to tinker again with the official theme editor which was coming with one of the 3.0.0 OSes. ;)

Unfortunately, nBoot apparently doesn't work with the CX Boot1 3.0.0.0 present on CX/Color EVT/DVT prototypes :
archives_voir.php?id=10192

Now for production calculators.
I think OS signed with the development keys
(we've got some of them in versions 3.0, 3.2 and 3.6)
can be installed by flashing and launching the CX Boot2 3.0.0.0 including the development keys :
archives_voir.php?id=10101
But you won't be able to boot them properly. Like every OS version older than 4.0.1, they need to be patched to prevent them from crashing in the nBoot context.
And the only Boot2 which is currently able to patch OSes before launching them is Boot2 4.0.3, which is including the production keys, and thus is going to erase such OSes. :(

wait, you have a 3.6 development OS? it's not on the "Versions Nspire" page. Can you either PM it to me or put it on archives? I want to see if it has the CAS check.
My Projects:
nLoaderCAS Patcher for ControlXnLaunchy CXM fork (3.9 CAS on B&W) - News ArticleTI-82 Advanced App Installer
Prototypes:
Upgrade EVT Nspire CAS+Fix keyboard on prototype TI-Nspire CAS Touchpad
- Highlights: Nspire CX Non-CAS OS 3.3, CX & CX CAS OS 4.4 & 4.5 special reformatting installers (both found by me on TI's site)
Discoveries:
Boot1.5 vulnerability (used in nLoader) • Nspire dev boardsPink CX
Je peux comprendre le français mais je ne peux pas le parler bien.
User avatar
parrotgeek1Prog.
Niveau 11: LV (Légende Vivante)
Niveau 11: LV (Légende Vivante)
Level up: 70.6%
 
Posts: 741
Joined: 29 Mar 2016, 01:22
Location: USA
Gender: Male
Calculator(s):
Twitter: parrotgeek1
GitHub: parrotgeek1

Online

Re: Patching 4.4.0.532 CAS to run on Non-CAS

Unread postby critor » 15 Feb 2017, 23:59

I cannot for those ones, sorry.
They were shared by TI, under NDA, so they would immediately know it's coming from them.

But if it's to test the problem, it's exactly the same as with OSes 3.0.0 you can find here.
Image
User avatar
critorAdmin.
Niveau 19: CU (Créateur Universel)
Niveau 19: CU (Créateur Universel)
Level up: 3.2%
 
Posts: 34910
Images: 9278
Joined: 25 Oct 2008, 00:00
Location: Montpellier
Gender: Male
Calculator(s):
Class: Lycée
YouTube: critor3000
Twitter: critor2000
Facebook: critor.ti

Re: Patching 4.4.0.532 CAS to run on Non-CAS

Unread postby parrotgeek1 » 16 Feb 2017, 00:10

critor wrote:I cannot for those ones, sorry.
They were shared by TI, under NDA, so they would immediately know it's coming from them.

But if it's to test the problem, it's exactly the same as with OSes 3.0.0 you can find here.

Why did they send you a development OS?!
My Projects:
nLoaderCAS Patcher for ControlXnLaunchy CXM fork (3.9 CAS on B&W) - News ArticleTI-82 Advanced App Installer
Prototypes:
Upgrade EVT Nspire CAS+Fix keyboard on prototype TI-Nspire CAS Touchpad
- Highlights: Nspire CX Non-CAS OS 3.3, CX & CX CAS OS 4.4 & 4.5 special reformatting installers (both found by me on TI's site)
Discoveries:
Boot1.5 vulnerability (used in nLoader) • Nspire dev boardsPink CX
Je peux comprendre le français mais je ne peux pas le parler bien.
User avatar
parrotgeek1Prog.
Niveau 11: LV (Légende Vivante)
Niveau 11: LV (Légende Vivante)
Level up: 70.6%
 
Posts: 741
Joined: 29 Mar 2016, 01:22
Location: USA
Gender: Male
Calculator(s):
Twitter: parrotgeek1
GitHub: parrotgeek1

Re: Patching 4.4.0.532 CAS to run on Non-CAS

Unread postby parrotgeek1 » 16 Feb 2017, 00:26

GUESS WHAT
I FAKED THE PRODUCT ID
boot2 4.0.3 write 118b916c E3A0000F
the 0f is the product id like from manuf
im so happy
My Projects:
nLoaderCAS Patcher for ControlXnLaunchy CXM fork (3.9 CAS on B&W) - News ArticleTI-82 Advanced App Installer
Prototypes:
Upgrade EVT Nspire CAS+Fix keyboard on prototype TI-Nspire CAS Touchpad
- Highlights: Nspire CX Non-CAS OS 3.3, CX & CX CAS OS 4.4 & 4.5 special reformatting installers (both found by me on TI's site)
Discoveries:
Boot1.5 vulnerability (used in nLoader) • Nspire dev boardsPink CX
Je peux comprendre le français mais je ne peux pas le parler bien.
User avatar
parrotgeek1Prog.
Niveau 11: LV (Légende Vivante)
Niveau 11: LV (Légende Vivante)
Level up: 70.6%
 
Posts: 741
Joined: 29 Mar 2016, 01:22
Location: USA
Gender: Male
Calculator(s):
Twitter: parrotgeek1
GitHub: parrotgeek1

Re: Patching 4.4.0.532 CAS to run on Non-CAS

Unread postby Lionel Debroux » 16 Feb 2017, 08:22

AFAICT, faking the product ID reduces the applicability of the tool, and is not even necessarily easier.
nLaunch / nLaunch CX / nLaunchy are known to kill the model / OS type checks, rather than force a model type. It shows in their source code anyway: NOPs zero out branches to error paths, 0xEA changes the condition of an instruction to "true" / "always".

critor does a large amount of testing on ControlX, which takes a lot of time; there are clear drawbacks to forking it and making the derivative a (much) less generic tool ;)
Membre de la TI-Chess Team.
Co-mainteneur de GCC4TI (documentation en ligne de GCC4TI), TIEmu et TILP.
User avatar
Lionel DebrouxModo.G
Niveau 14: CI (Calculateur de l'Infini)
Niveau 14: CI (Calculateur de l'Infini)
Level up: 5.8%
 
Posts: 6441
Joined: 23 Dec 2009, 00:00
Location: France
Gender: Male
Calculator(s):
Class: -
GitHub: debrouxl

Re: Patching 4.4.0.532 CAS to run on Non-CAS

Unread postby parrotgeek1 » 16 Feb 2017, 09:18

Lionel Debroux wrote:AFAICT, faking the product ID reduces the applicability of the tool, and is not even necessarily easier.
nLaunch / nLaunch CX / nLaunchy are known to kill the model / OS type checks, rather than force a model type. It shows in their source code anyway: NOPs zero out branches to error paths, 0xEA changes the condition of an instruction to "true" / "always".

critor does a large amount of testing on ControlX, which takes a lot of time; there are clear drawbacks to forking it and making the derivative a (much) less generic tool ;)

It was easier for me to find this, and the asic user flags patch, than find the error branch. Of course I am really bad at assembly. I didn't even know ANY assembly before starting this project. I don't even really know C. I am a 1st year university student. If you could help me fix the patch (ESPECIALLY the asic use flags one from 2 pages ago, that would be very helpful! I am honestly amazed I could make these patches at all.

Another question: What are the patches for 11abxxxx in nlaunchy? how do they work? because when i decompress boot2 3.1 it ends at about 11900000. so the code that patches isn't in the disassembly. where does it come from?!
My Projects:
nLoaderCAS Patcher for ControlXnLaunchy CXM fork (3.9 CAS on B&W) - News ArticleTI-82 Advanced App Installer
Prototypes:
Upgrade EVT Nspire CAS+Fix keyboard on prototype TI-Nspire CAS Touchpad
- Highlights: Nspire CX Non-CAS OS 3.3, CX & CX CAS OS 4.4 & 4.5 special reformatting installers (both found by me on TI's site)
Discoveries:
Boot1.5 vulnerability (used in nLoader) • Nspire dev boardsPink CX
Je peux comprendre le français mais je ne peux pas le parler bien.
User avatar
parrotgeek1Prog.
Niveau 11: LV (Légende Vivante)
Niveau 11: LV (Légende Vivante)
Level up: 70.6%
 
Posts: 741
Joined: 29 Mar 2016, 01:22
Location: USA
Gender: Male
Calculator(s):
Twitter: parrotgeek1
GitHub: parrotgeek1

Re: Patching 4.4.0.532 CAS to run on Non-CAS

Unread postby Bisam » 16 Feb 2017, 11:19

I finally had time Tuesday to test many changes parrotgeek1 wanted me to test on my Nspire... and everything failed.

- I tried the first version he sent me and nlaunch didn't start at all : the OS was started normally (but maybe I mixed up the versions for not having numbered them :p )
- I tried the new version that can only launch 3.6 and 4.4, reading *very* carefully each line of the tutorial of nalunchy (especially the TNOC thing that I forgot for my first tests).
Result is : nlaunch starts, tries to install OS, OS starts (with the clock) and OS is rejected and the calc restarts... again and again.

One surprising thing is that when this happens, after I deleted the (fake) OS from "maintenance menu", every try of reinstalling a 3.6 TNOC-ed non CAS version on y non-CAS fails ! It reboots when pressing "OK" just after choosing the language. I had every time to reinstall full OS 3.6, then Ndless, then open "nsNandMgr" and reflash my Nand. I think I did it at least 10 times last Tuesday !!
User avatar
BisamAdmin.
Niveau 15: CC (Chevalier des Calculatrices)
Niveau 15: CC (Chevalier des Calculatrices)
Level up: 47.8%
 
Posts: 5445
Joined: 11 Mar 2008, 00:00
Location: Lyon
Gender: Male
Calculator(s):

Re: Patching 4.4.0.532 CAS to run on Non-CAS

Unread postby parrotgeek1 » 16 Feb 2017, 16:20

Bisam wrote:I finally had time Tuesday to test many changes parrotgeek1 wanted me to test on my Nspire... and everything failed.

- I tried the first version he sent me and nlaunch didn't start at all : the OS was started normally (but maybe I mixed up the versions for not having numbered them :p )
- I tried the new version that can only launch 3.6 and 4.4, reading *very* carefully each line of the tutorial of nalunchy (especially the TNOC thing that I forgot for my first tests).
Result is : nlaunch starts, tries to install OS, OS starts (with the clock) and OS is rejected and the calc restarts... again and again.

One surprising thing is that when this happens, after I deleted the (fake) OS from "maintenance menu", every try of reinstalling a 3.6 TNOC-ed non CAS version on y non-CAS fails ! It reboots when pressing "OK" just after choosing the language. I had every time to reinstall full OS 3.6, then Ndless, then open "nsNandMgr" and reflash my Nand. I think I did it at least 10 times last Tuesday !!

This is really strange. It works perfectly in firebird and nspire_emu.

You do not need to use TNOC at all. It doesn't even work with OS 3.6 or newer! Nlaunchy does the same thing anyway.

I really wish Critor had the time to help me with this. I have no idea what's going on. Do you have a way to read the serial output of your calculator when OS 3.6 CAS reboots?
My Projects:
nLoaderCAS Patcher for ControlXnLaunchy CXM fork (3.9 CAS on B&W) - News ArticleTI-82 Advanced App Installer
Prototypes:
Upgrade EVT Nspire CAS+Fix keyboard on prototype TI-Nspire CAS Touchpad
- Highlights: Nspire CX Non-CAS OS 3.3, CX & CX CAS OS 4.4 & 4.5 special reformatting installers (both found by me on TI's site)
Discoveries:
Boot1.5 vulnerability (used in nLoader) • Nspire dev boardsPink CX
Je peux comprendre le français mais je ne peux pas le parler bien.
User avatar
parrotgeek1Prog.
Niveau 11: LV (Légende Vivante)
Niveau 11: LV (Légende Vivante)
Level up: 70.6%
 
Posts: 741
Joined: 29 Mar 2016, 01:22
Location: USA
Gender: Male
Calculator(s):
Twitter: parrotgeek1
GitHub: parrotgeek1

Re: Patching 4.4.0.532 CAS to run on Non-CAS

Unread postby parrotgeek1 » 16 Feb 2017, 16:30

critor wrote:I cannot for those ones, sorry.
They were shared by TI, under NDA, so they would immediately know it's coming from them.

But if it's to test the problem, it's exactly the same as with OSes 3.0.0 you can find here.

Critor can you help with the problem bisam is having? It might help to look at serial output.
My Projects:
nLoaderCAS Patcher for ControlXnLaunchy CXM fork (3.9 CAS on B&W) - News ArticleTI-82 Advanced App Installer
Prototypes:
Upgrade EVT Nspire CAS+Fix keyboard on prototype TI-Nspire CAS Touchpad
- Highlights: Nspire CX Non-CAS OS 3.3, CX & CX CAS OS 4.4 & 4.5 special reformatting installers (both found by me on TI's site)
Discoveries:
Boot1.5 vulnerability (used in nLoader) • Nspire dev boardsPink CX
Je peux comprendre le français mais je ne peux pas le parler bien.
User avatar
parrotgeek1Prog.
Niveau 11: LV (Légende Vivante)
Niveau 11: LV (Légende Vivante)
Level up: 70.6%
 
Posts: 741
Joined: 29 Mar 2016, 01:22
Location: USA
Gender: Male
Calculator(s):
Twitter: parrotgeek1
GitHub: parrotgeek1

PreviousNext

Return to Native: Ndless, Linux, ...

Who is online

Users browsing this forum: No registered users and 4 guests

-
Search
-
Featured topics
Omega, le fork étendant les capacités de ta NumWorks, même en mode examen !
Comparaisons des meilleurs prix pour acheter sa calculatrice !
12
-
Donations / Premium
For more contests, prizes, reviews, helping us pay the server and domains...

Discover the the advantages of a donor account !
JoinRejoignez the donors and/or premium!les donateurs et/ou premium !


Partner and ad
Notre partenaire Jarrety 
-
Stats.
432 utilisateurs:
>417 invités
>9 membres
>6 robots
Record simultané (sur 6 mois):
6892 utilisateurs (le 07/06/2017)
-
Other interesting websites
Texas Instruments Education
Global | France
 (English / Français)
Banque de programmes TI
ticalc.org
 (English)
La communauté TI-82
tout82.free.fr
 (Français)
cron