Page 1 of 15

[removed]

Unread postPosted: 01 Feb 2017, 08:15
by parrotgeek1
[removed]

Re: [ARM GURU NEEDED] Patching 4.4.0.532 CAS to run on Non-C

Unread postPosted: 01 Feb 2017, 12:20
by critor
Thank you very much for your comprehensive explanations, and especially for the decrypted OS image dumping method.

I'm not sure I can help, but here are the 5-bits ASIC user flags values ( https://hackspire.org/index.php/Memory- ... cellaneous )
  • 0b11111 TI-XXXXXXXXXXX DVT1.2, TI-XXXXXXXXXXX CAS DVT1.2, TI-Nspire DVT 2.0, TI-Nspire CAS DVT 2.0
  • 0b00000 TI-Nspire, TI-Nspire TouchPad, TI-Nspire CX, TI-Nspire Lab Cradle
  • 0b00001 TI-Nspire CAS, TI-Nspire CAS TouchPad, TI-Nspire CX CAS
  • 0b00010 TI-Nspire CM
  • 0b00011 TI-Nspire CM CAS

Re: [ARM GURU NEEDED] Patching 4.4.0.532 CAS to run on Non-C

Unread postPosted: 02 Feb 2017, 05:26
by parrotgeek1
.

Re: [ARM GURU NEEDED] Patching 4.4.0.532 CAS to run on Non-C

Unread postPosted: 02 Feb 2017, 06:28
by parrotgeek1
.

Re: [ARM GURU NEEDED] Patching 4.4.0.532 CAS to run on Non-C

Unread postPosted: 02 Feb 2017, 13:07
by critor
The ASIC user flags are in the ASIC, not in the Manuf.

The Manuf includes the model ID, which is not exactly the same thing.

Re: [ARM GURU NEEDED] Patching 4.4.0.532 CAS to run on Non-C

Unread postPosted: 02 Feb 2017, 14:34
by Lionel Debroux
parrotgeek1 wrote:Mac version [...]
Sorry I don't have a PC.

As you know, modern x86-based Macs are technically PCs, equipped with several Apple-specific components, in an enclosure whose design negatively impacts reliability, and a high price tag :)
I have worked with such a machine in a past day job, and seen others' experiences with their Macs.

critor wrote:Thank you very much for your comprehensive explanations, and especially for the decrypted OS image dumping method.

That one's trivial and has been known, publicly documented since 2009, in a matter of hours or days after the boot2 was first decompressed :)
Unlike another offline method developed later, it requires a emulator in working state, and on the CX/CM, a copy of the boot1. But that method is less user-friendly nevertheless.

Amusingly, four suitably aligned zero bytes make one quasi-NOP on an ARM processor running in ARM mode, one quasi-NOP on a 68k processor, and four NOPs on a Z80/eZ80. Both the ARM and the 68000 have explicit, nonzero NOPs.

Re: [ARM GURU NEEDED] Patching 4.4.0.532 CAS to run on Non-C

Unread postPosted: 02 Feb 2017, 16:36
by parrotgeek1
.

Re: [ARM GURU NEEDED] Patching 4.4.0.532 CAS to run on Non-C

Unread postPosted: 02 Feb 2017, 20:58
by parrotgeek1
.

Re: [ARM GURU NEEDED] Patching 4.4.0.532 CAS to run on Non-C

Unread postPosted: 02 Feb 2017, 21:49
by critor
Ah, interesting.

Could you check if your patches can be adapted for OSes 3.6-4.3 ?

Re: [ARM GURU NEEDED] Patching 4.4.0.532 CAS to run on Non-C

Unread postPosted: 02 Feb 2017, 21:52
by Lionel Debroux
Patching the memory read instructions is one of the ways to achieve the aim, indeed :)