Qoob Chip

ViperGC/Qoob/etc
User avatar
Streetwalker
Posts: 1654
Joined: Mon Dec 30, 2013 7:50 am
Location: Israel

Re: Qoob Chip

Post by Streetwalker » Tue Jun 05, 2018 11:22 am

I can guarantee you that it won't work. The SX IPL doesn't use the same format.
toxic9
Posts: 54
Joined: Fri Mar 02, 2018 8:40 am

Re: Qoob Chip

Post by toxic9 » Tue Jun 05, 2018 1:47 pm

So, you mean the ipl boot "lz version" provided on githup is not finished and is not on SX bios format?
User avatar
Streetwalker
Posts: 1654
Joined: Mon Dec 30, 2013 7:50 am
Location: Israel

Re: Qoob Chip

Post by Streetwalker » Tue Jun 05, 2018 4:15 pm

It was intended for the SX until I found out that it was different. I'm going to clarify the README.
toxic9
Posts: 54
Joined: Fri Mar 02, 2018 8:40 am

Re: Qoob Chip

Post by toxic9 » Wed Jun 06, 2018 7:07 am

Actually the patched ELF doesn't even launch, but I think that's because of differente file size.
The sx bios inside the elf is only 62.800 bytes, so the ipl boot should be no longer than that.
User avatar
Streetwalker
Posts: 1654
Joined: Mon Dec 30, 2013 7:50 am
Location: Israel

Re: Qoob Chip

Post by Streetwalker » Wed Jun 06, 2018 8:23 am

I doubt that matters at all. There should be enough padding at the end. How did you figure that size out?
Here's what I know so far:
- The SX patches BS1 to overread past the end of the ROM (0x200000 to be exact), where the first stage 64KB "recovery" IPL lives. This can't be modified, at least not with any official tools. emu_kidid and I haven't been able to dump this first IPL, but the BS1 patch allowed me to descramble the second stage with the newly found offset.
- The second, main image is in the next 64KB. This is what we have in the updater. The first 256 bytes are a regular Qoob IPL (or DOL/ELF?) header, followed by a scrambled ELF, which looks a lot like a compressed executable.
I've tried formatting an ELF properly and injecting it into the updater, but we haven't been able to flash it. We've also contacted tmbinc for information but he never replied.
toxic9
Posts: 54
Joined: Fri Mar 02, 2018 8:40 am

Re: Qoob Chip

Post by toxic9 » Thu Jun 07, 2018 8:46 am

On Qoob Pro Bios there is some padding at the end, but on SX bios file there isn't. It is not the standard 64Kb with padding until the end.
I extracted the bios files from the official ELF updaters (for PRO and SX) within update ISO. The bios for Pro is exactly like the one provided on gcb format, so I am sure the SX bios is correctly extracted as well. PRO = 128Kb / SX = 62.800 bytes (no zeroing until it reaches 64Kb!)
On my last test, my patched ELF with ipl boot doesn't even launch.
I will make some more tests until I find out how to patch the ELF correctly.
I just want to try to write "something" to the chip, and I will be happy if my patched ELF launches, but I know it probably crashes while writing to the chip because of a non compatible or corrupted data on bios =)
I will remove some last few bytes to make IPL boot exactly 62.800 bytes, but will be corrupted/incomplete of course.
Could you make a IPL boot version (maybe removing some extra features), to fit this size? And what about revere engineering SX bios, so you can write IPLboot on SX format? Is it possible?
toxic9
Posts: 54
Joined: Fri Mar 02, 2018 8:40 am

Re: Qoob Chip

Post by toxic9 » Thu Jun 07, 2018 9:04 am

PS: The slot for the flashable bios on SX maybe have all the 64kb available, the problem is the bios size on the update ELF does not.
In my opinion It would be more easy to write the iplboot to fit the 62.800 bytes size and patch this ELF to update SX chip, than manage to write a new ELF.
User avatar
Streetwalker
Posts: 1654
Joined: Mon Dec 30, 2013 7:50 am
Location: Israel

Re: Qoob Chip

Post by Streetwalker » Thu Jun 07, 2018 10:15 am

A DOL isn't going to work. There are several things I need to change in the iplboot build process to make it compatible with the SX, but we should at least figure out how to flash it first.
toxic9
Posts: 54
Joined: Fri Mar 02, 2018 8:40 am

Re: Qoob Chip

Post by toxic9 » Thu Jun 07, 2018 10:31 am

I have some ideas on my mind to make my patched ELF work!
I will do some more tests this evening! (Of course I will try to flash it with corrupted data, since we don't have any other bios to use)
I will let you know!
toxic9
Posts: 54
Joined: Fri Mar 02, 2018 8:40 am

Re: Qoob Chip

Post by toxic9 » Thu Jun 07, 2018 6:42 pm

SUCCESS!!!
It flashed! My patched ELF flashed the Qoob SX!
after flashing with corrupt data, it detects no bios from the main slot, so it boots from the backup slot.
I would like to test it now with ipl boot! but it needs to be no longer than 62.800 bytes!!
Could you work on that my friend?
User avatar
Streetwalker
Posts: 1654
Joined: Mon Dec 30, 2013 7:50 am
Location: Israel

Re: Qoob Chip

Post by Streetwalker » Fri Jun 08, 2018 10:02 am

I'm curious, how did you figure out that the blob is 62800 bytes? I just came to the same conclusion after calculating the real size of the ELF by hand and cross-referencing the disassembly.

Here's an ELF that you can try. I had to disable exFAT support to make it fit. Inject it into the updater at offset 0x1DEC. If this works, I'll try to optimize the size further to make exFAT fit.
Attachments
iplboot.zip
(58.54 KiB) Downloaded 40 times
toxic9
Posts: 54
Joined: Fri Mar 02, 2018 8:40 am

Re: Qoob Chip

Post by toxic9 » Fri Jun 08, 2018 11:05 am

I analyzed carefully the elf updater from Pro and from SX side to side, and extracted both bios. The size of the pro bios is 128Kb as expected, but the SX bios is not 64Kb that I expected. At first I tried to patch the elf with a 64Kb data but it doesn't even launch. So I conclude it needs to fit that smaller size (62800), unless someone can "crack" the updater elf to flash 64Kb data.
After work I will test it. You don't have any SX around right?
But, should I inject the ELF you provided, as is? Don't you need to convert to "gcb" format with a SX bios header and structure?
User avatar
Streetwalker
Posts: 1654
Joined: Mon Dec 30, 2013 7:50 am
Location: Israel

Re: Qoob Chip

Post by Streetwalker » Fri Jun 08, 2018 1:13 pm

toxic9 wrote:
Fri Jun 08, 2018 11:05 am
unless someone can "crack" the updater elf to flash 64Kb data.
The best would be to reverse engineer the flashing process for both the SX and the Pro (and even the Viper too, though that should be a little bit easier).
I don't have an SX indeed, otherwise I might have been able to figure it all out sooner.
You're absolutely right, I guess I'll have to add support in dol2ipl for this. I'll come back to you with a pre-injected flasher ELF later.
toxic9
Posts: 54
Joined: Fri Mar 02, 2018 8:40 am

Re: Qoob Chip

Post by toxic9 » Fri Jun 08, 2018 2:16 pm

Ok, I'm waiting for it!
Don't forget, while injecting on the ELF, you should fill the ipl with 0x00 until it reaches the expected size 62800.
I can also do it for you if you want.
User avatar
Streetwalker
Posts: 1654
Joined: Mon Dec 30, 2013 7:50 am
Location: Israel

Re: Qoob Chip

Post by Streetwalker » Fri Jun 08, 2018 9:20 pm

Padding the image with zeros shouldn't really matter.
Thanks for the offer but I already have all the tooling that I need for it, it will need to be updated for official SX builds anyway. Unless you want to do it for testing on your own, in which case, please report back on what you actually did.
toxic9
Posts: 54
Joined: Fri Mar 02, 2018 8:40 am

Re: Qoob Chip

Post by toxic9 » Sat Jun 09, 2018 11:12 am

No problem, let me know when you have your project finished for testing.
User avatar
Streetwalker
Posts: 1654
Joined: Mon Dec 30, 2013 7:50 am
Location: Israel

Re: Qoob Chip

Post by Streetwalker » Sun Jun 10, 2018 1:07 pm

You can try this. It's an already patched updater. Build scripts were updated to generate this and are on the repo if you're interested. I've also asked emu_kidid to try it, we'll see how it turns out. Keep in mind this build has exFAT support disabled to fit within the limit.
toxic9
Posts: 54
Joined: Fri Mar 02, 2018 8:40 am

Re: Qoob Chip

Post by toxic9 » Sun Jun 10, 2018 3:43 pm

It WORKED!!!
It flashed OK. IPL boot runs while powering on the console but if fails to load a dol on the SD card.
The dols I tested just freezes on: unmounting sda/sdb and doesn't pass this screen.
Swiss dol freezes on a vertical green/pink bars all over the screen!
What could be the issue?
User avatar
Streetwalker
Posts: 1654
Joined: Mon Dec 30, 2013 7:50 am
Location: Israel

Re: Qoob Chip

Post by Streetwalker » Sun Jun 10, 2018 4:45 pm

That's great progress. I'm pretty sure I know where the problem comes from, it's an issue when using dollz to compress the binary that I can reproduce on my setup. I'll see if I can get it to work properly, probably with a different packer. Thanks for trying this out and helping me to finally get it working. :)
toxic9
Posts: 54
Joined: Fri Mar 02, 2018 8:40 am

Re: Qoob Chip

Post by toxic9 » Sun Jun 10, 2018 5:10 pm

No problem! I love GC scene! I just came to the foruns a bit lately.
I know that making iplboot SX compatible was the step that was missing in your development!
I'm very pleased to be able to help.
I also have experienced some issues with dollz. dolxz saved my life sometimes!
Let me know when you have another version packed!
User avatar
Streetwalker
Posts: 1654
Joined: Mon Dec 30, 2013 7:50 am
Location: Israel

Re: Qoob Chip

Post by Streetwalker » Sun Jun 10, 2018 5:18 pm

Yeah I'll probably try dolxz. The better compression ratio should even allow exFAT to fit without any other modifications.
toxic9
Posts: 54
Joined: Fri Mar 02, 2018 8:40 am

Re: Qoob Chip

Post by toxic9 » Wed Jun 13, 2018 7:24 am

Hi friend!

How is your progress? Have you tried the other compressor?
User avatar
Streetwalker
Posts: 1654
Joined: Mon Dec 30, 2013 7:50 am
Location: Israel

Re: Qoob Chip

Post by Streetwalker » Wed Jun 13, 2018 3:04 pm

Not yet. I've decided to make my own packer, which might take a while. I'll try dolxz in the meantime.
toxic9
Posts: 54
Joined: Fri Mar 02, 2018 8:40 am

Re: Qoob Chip

Post by toxic9 » Wed Jun 13, 2018 4:56 pm

That's perfect. I'll be glad to test it for you =)
User avatar
Streetwalker
Posts: 1654
Joined: Mon Dec 30, 2013 7:50 am
Location: Israel

Re: Qoob Chip

Post by Streetwalker » Wed Jun 13, 2018 5:43 pm

Post Reply