Page 8 of 13

Re: Qoob Chip

Posted: Tue Jun 05, 2018 1:47 pm
by toxic9
So, you mean the ipl boot "lz version" provided on githup is not finished and is not on SX bios format?

Re: Qoob Chip

Posted: Tue Jun 05, 2018 4:15 pm
by novenary
It was intended for the SX until I found out that it was different. I'm going to clarify the README.

Re: Qoob Chip

Posted: Wed Jun 06, 2018 7:07 am
by toxic9
Actually the patched ELF doesn't even launch, but I think that's because of differente file size.
The sx bios inside the elf is only 62.800 bytes, so the ipl boot should be no longer than that.

Re: Qoob Chip

Posted: Wed Jun 06, 2018 8:23 am
by novenary
I doubt that matters at all. There should be enough padding at the end. How did you figure that size out?
Here's what I know so far:
- The SX patches BS1 to overread past the end of the ROM (0x200000 to be exact), where the first stage 64KB "recovery" IPL lives. This can't be modified, at least not with any official tools. emu_kidid and I haven't been able to dump this first IPL, but the BS1 patch allowed me to descramble the second stage with the newly found offset.
- The second, main image is in the next 64KB. This is what we have in the updater. The first 256 bytes are a regular Qoob IPL (or DOL/ELF?) header, followed by a scrambled ELF, which looks a lot like a compressed executable.
I've tried formatting an ELF properly and injecting it into the updater, but we haven't been able to flash it. We've also contacted tmbinc for information but he never replied.

Re: Qoob Chip

Posted: Thu Jun 07, 2018 8:46 am
by toxic9
On Qoob Pro Bios there is some padding at the end, but on SX bios file there isn't. It is not the standard 64Kb with padding until the end.
I extracted the bios files from the official ELF updaters (for PRO and SX) within update ISO. The bios for Pro is exactly like the one provided on gcb format, so I am sure the SX bios is correctly extracted as well. PRO = 128Kb / SX = 62.800 bytes (no zeroing until it reaches 64Kb!)
On my last test, my patched ELF with ipl boot doesn't even launch.
I will make some more tests until I find out how to patch the ELF correctly.
I just want to try to write "something" to the chip, and I will be happy if my patched ELF launches, but I know it probably crashes while writing to the chip because of a non compatible or corrupted data on bios =)
I will remove some last few bytes to make IPL boot exactly 62.800 bytes, but will be corrupted/incomplete of course.
Could you make a IPL boot version (maybe removing some extra features), to fit this size? And what about revere engineering SX bios, so you can write IPLboot on SX format? Is it possible?

Re: Qoob Chip

Posted: Thu Jun 07, 2018 9:04 am
by toxic9
PS: The slot for the flashable bios on SX maybe have all the 64kb available, the problem is the bios size on the update ELF does not.
In my opinion It would be more easy to write the iplboot to fit the 62.800 bytes size and patch this ELF to update SX chip, than manage to write a new ELF.

Re: Qoob Chip

Posted: Thu Jun 07, 2018 10:15 am
by novenary
A DOL isn't going to work. There are several things I need to change in the iplboot build process to make it compatible with the SX, but we should at least figure out how to flash it first.

Re: Qoob Chip

Posted: Thu Jun 07, 2018 10:31 am
by toxic9
I have some ideas on my mind to make my patched ELF work!
I will do some more tests this evening! (Of course I will try to flash it with corrupted data, since we don't have any other bios to use)
I will let you know!

Re: Qoob Chip

Posted: Thu Jun 07, 2018 6:42 pm
by toxic9
SUCCESS!!!
It flashed! My patched ELF flashed the Qoob SX!
after flashing with corrupt data, it detects no bios from the main slot, so it boots from the backup slot.
I would like to test it now with ipl boot! but it needs to be no longer than 62.800 bytes!!
Could you work on that my friend?

Re: Qoob Chip

Posted: Fri Jun 08, 2018 10:02 am
by novenary
I'm curious, how did you figure out that the blob is 62800 bytes? I just came to the same conclusion after calculating the real size of the ELF by hand and cross-referencing the disassembly.

Here's an ELF that you can try. I had to disable exFAT support to make it fit. Inject it into the updater at offset 0x1DEC. If this works, I'll try to optimize the size further to make exFAT fit.

Re: Qoob Chip

Posted: Fri Jun 08, 2018 11:05 am
by toxic9
I analyzed carefully the elf updater from Pro and from SX side to side, and extracted both bios. The size of the pro bios is 128Kb as expected, but the SX bios is not 64Kb that I expected. At first I tried to patch the elf with a 64Kb data but it doesn't even launch. So I conclude it needs to fit that smaller size (62800), unless someone can "crack" the updater elf to flash 64Kb data.
After work I will test it. You don't have any SX around right?
But, should I inject the ELF you provided, as is? Don't you need to convert to "gcb" format with a SX bios header and structure?

Re: Qoob Chip

Posted: Fri Jun 08, 2018 1:13 pm
by novenary
toxic9 wrote:
Fri Jun 08, 2018 11:05 am
unless someone can "crack" the updater elf to flash 64Kb data.
The best would be to reverse engineer the flashing process for both the SX and the Pro (and even the Viper too, though that should be a little bit easier).
I don't have an SX indeed, otherwise I might have been able to figure it all out sooner.
You're absolutely right, I guess I'll have to add support in dol2ipl for this. I'll come back to you with a pre-injected flasher ELF later.

Re: Qoob Chip

Posted: Fri Jun 08, 2018 2:16 pm
by toxic9
Ok, I'm waiting for it!
Don't forget, while injecting on the ELF, you should fill the ipl with 0x00 until it reaches the expected size 62800.
I can also do it for you if you want.

Re: Qoob Chip

Posted: Fri Jun 08, 2018 9:20 pm
by novenary
Padding the image with zeros shouldn't really matter.
Thanks for the offer but I already have all the tooling that I need for it, it will need to be updated for official SX builds anyway. Unless you want to do it for testing on your own, in which case, please report back on what you actually did.

Re: Qoob Chip

Posted: Sat Jun 09, 2018 11:12 am
by toxic9
No problem, let me know when you have your project finished for testing.

Re: Qoob Chip

Posted: Sun Jun 10, 2018 1:07 pm
by novenary
You can try this. It's an already patched updater. Build scripts were updated to generate this and are on the repo if you're interested. I've also asked emu_kidid to try it, we'll see how it turns out. Keep in mind this build has exFAT support disabled to fit within the limit.

Re: Qoob Chip

Posted: Sun Jun 10, 2018 3:43 pm
by toxic9
It WORKED!!!
It flashed OK. IPL boot runs while powering on the console but if fails to load a dol on the SD card.
The dols I tested just freezes on: unmounting sda/sdb and doesn't pass this screen.
Swiss dol freezes on a vertical green/pink bars all over the screen!
What could be the issue?

Re: Qoob Chip

Posted: Sun Jun 10, 2018 4:45 pm
by novenary
That's great progress. I'm pretty sure I know where the problem comes from, it's an issue when using dollz to compress the binary that I can reproduce on my setup. I'll see if I can get it to work properly, probably with a different packer. Thanks for trying this out and helping me to finally get it working. :)

Re: Qoob Chip

Posted: Sun Jun 10, 2018 5:10 pm
by toxic9
No problem! I love GC scene! I just came to the foruns a bit lately.
I know that making iplboot SX compatible was the step that was missing in your development!
I'm very pleased to be able to help.
I also have experienced some issues with dollz. dolxz saved my life sometimes!
Let me know when you have another version packed!

Re: Qoob Chip

Posted: Sun Jun 10, 2018 5:18 pm
by novenary
Yeah I'll probably try dolxz. The better compression ratio should even allow exFAT to fit without any other modifications.

Re: Qoob Chip

Posted: Wed Jun 13, 2018 7:24 am
by toxic9
Hi friend!

How is your progress? Have you tried the other compressor?

Re: Qoob Chip

Posted: Wed Jun 13, 2018 3:04 pm
by novenary
Not yet. I've decided to make my own packer, which might take a while. I'll try dolxz in the meantime.

Re: Qoob Chip

Posted: Wed Jun 13, 2018 4:56 pm
by toxic9
That's perfect. I'll be glad to test it for you =)

Re: Qoob Chip

Posted: Wed Jun 13, 2018 5:43 pm
by novenary

Re: Qoob Chip

Posted: Wed Jun 13, 2018 7:46 pm
by toxic9
Great! I will try it in a few hours and post here my feedback! ;)

Did you managed to compress everything without removing exFat support and other stuff?! :o

Thanks for your development Streetwalker, after all these years, keeping GC alive... this is really cool!