Danct12 has quit [Remote host closed the connection]
JohnnyonFlame has joined #linux-amlogic
Danct12 has joined #linux-amlogic
ungeskriptet has joined #linux-amlogic
Danct12 has quit [Remote host closed the connection]
Danct12 has joined #linux-amlogic
Daanct12 has joined #linux-amlogic
vagrantc has quit [Quit: leaving]
Daanct12 has quit [Ping timeout: 248 seconds]
hexdump0815 has quit [Ping timeout: 250 seconds]
hexdump0815 has joined #linux-amlogic
Daanct12 has joined #linux-amlogic
buzzmarshall has quit [Quit: Konversation terminated!]
Terry13732293409 has quit [Quit: Bye Bye]
Terry13732293409 has joined #linux-amlogic
jacobk has joined #linux-amlogic
Daanct12 has quit [Ping timeout: 250 seconds]
naoki has joined #linux-amlogic
naoki has quit [Client Quit]
Daanct12 has joined #linux-amlogic
camus has quit [Read error: Connection reset by peer]
camus1 has joined #linux-amlogic
camus1 is now known as camus
JohnnyonFlame has quit [Read error: Connection reset by peer]
f_ has joined #linux-amlogic
<f_>
Ok for now I tweaked amlbootsig so that it generates things with a +512 offset..let's see how it goes.
<f_>
I can still work on the kinda hybrid signing tool later.
<f_>
I'm preparing the KII Pro set-top box
<f_>
I'm not giving up, just want to see if my hacked up U-Boot SPL binary works.
<f_>
And that also implies finding that 12V router power supply :P
<f_>
(I think the original power supply died)
<f_>
(a long time ago)
cornelius has quit [Quit: WeeChat 3.5]
<f_>
Found where it checks the header I think.
<f_>
Kwiboo: I don't have that src+=512 in my bl2.bin..I think it has been patched out accidentally by me
<f_>
But yeah that src+=512 was supposed to be here.
<Kwiboo>
f_: because of the limited size of 48KB from BL1, having both U-Boot TPL and SPL could be something to think about, where TPL only does DRAM init and then loads SPL into DRAM and then jumps to it, this is how it works on rockchip and I think also on sunxi
<f_>
Weirdly enough most of my SPL binary is 0xff'd
<Kwiboo>
rockchip cheat a little bit so it only needs to do DRAM init, then bootrom will load SPL into DRAM
<f_>
From offset 0x890 up to 0xc000 (BL1 read limit) it's all 0xff
<Kwiboo>
noticed your size prop in binman node, so binman will pad it up to size prop
<f_>
Yup.
<f_>
I set the size to 0xb000, since the bootROM loads the first 48K, and the header is 0x1000 long usually
<f_>
So the 44K remaining is BL2/SPL.
<f_>
Kwiboo: But my SPL only does DRAM init for now. I won't implement all of Amlogic's BL2 for now
<f_>
I just want to get it to the point where it can boot U-Boot and perhaps also linux
<f_>
And I imported much of the header files in Ghidra, for it to recognise some structs etc..
<Kwiboo>
U-Boot must be 4k aligned, do you know if bl1 just reads 48kb from beginning of device, header or how it will load data beyond start of header?
<f_>
It loads whatever including the header, to 0xD9000000
<f_>
I'd say it loads from the header
<f_>
I'll have to check.
<f_>
One sec
<f_>
Naming some stuff while at it, and I'll push.
<f_>
Seems like on eMMC it reads from the start and on SD it just reads from offset 512.
<f_>
It reads everything in one go, to 0xd9000000
<Kwiboo>
Cool, so guess data offset should be 4096-16 so that U-Boot ends up 4k aligned?
<f_>
No idea
<f_>
Kwiboo: Want to hear something funny?
<f_>
From when Amlogic removed BL2 code, they only made little changes
<f_>
so ~80% of the proprietary BL2 binaries was left unchanged
<f_>
(on gxbb)
<f_>
Regarding DRAM init as far as I can tell they only added LPDDR support.
<Kwiboo>
Hehe, yeah, probably not much they would need to change unless one of their customer report an issue, or if they share platform code with other soc family and make generic platform changes
<f_>
"oh hi i'd like to report an issue.....please....ur product is proprietary pls fix this now you have 2 days"
<f_>
Kwiboo: I doubt they'll create a new TF-A platform at all
<f_>
perhaps they just.......`mv gxb gxl` and make minor mods? :)
<Kwiboo>
yeah, probably something like that :)
<f_>
I'm sure they did that for at least gxl
<f_>
.....except they also changed the BL2 arch from AArch64 to AArch32 in ~2018 for some reason
<f_>
I documented that in <https://moin.vitali64.duckdns.org/AmlogicBL2> and also for some reason a ZTE/MTS russian set-top box's BL2 had a stub serial_puts so....no logs over UART!
<f_>
and BL1 kept outputing '.' instead of anything meaningful.
<f_>
I didn't document how HardKernel thought their blobs were secret sauce though.
<f_>
(their BL2 refuses to run on my set-top box, saying 'this hardware wasn't authorised by HardKernel'..lol)
Daanct12 has quit [Quit: WeeChat 4.0.4]
paddymahoney has quit [Ping timeout: 256 seconds]
camus has quit [Remote host closed the connection]
<Kwiboo>
looks like gxl need version 1.1, and looking at header of bl2 for g12a (odroid-c4), they also use version 1.1 but have 0xf000 payload instead of 0xb000
<Kwiboo>
changed some header names to be more logical and added some comments, but signing code can be ported to python for direct use in binman or added as a format to u-boot mkimage and run as a tool from binman
<Kwiboo>
with stack and bss setup it could start to do stuff
<Kwiboo>
for serieal/uart the meson serial driver can provide uart debug functions, but to get it working / compiled in lots of useless stuff have to be enabled
<Kwiboo>
also the serial driver will fail to probe due to clk driver not enabled
<Kwiboo>
but bl1 already init uart enough so full serial driver should not be needed, and just require lots of code size