Posted by on under how to make a pinhole camera, interesting gifts, scenery, many things, tin, cameras | 
One of the many things you can do with an Altoids tin is make a pinhole camera, or a "Pintoid" camera, that can capture scenery. Not only can this turn into an interesting hobby, but these nifty little cameras also make interesting gifts!
Tagi: how to make a pinhole camera, interesting gifts, scenery, many things, tin, cameras
Posted by George Hotz on under iphe, bootrom, dev team, great news, wtf, 3g, many things |
Congrats to the
dev team for finding the ultimate exploit in the S5L. We may not agree on many things, but I certainly respect your skills.
Pwnage uses an incredible exploit actually at the DFU level, which means it's locked into the hardware. I have managed to reproduce the exploit, but in no way understand it. I can't wait for your explanation. This is akin to finding a soft-exploitable exploit in the bootrom of the baseband.
Apple attempted to cover it up by having the new WTF downloaded as soon as iTunes sees the phone(0x1227) vs DFU(0x1222). I thought they might be covering an exploit but then just figured they didn't want the iBoots unencrypted. Good thing dev looked closer.
Also it's unbelievable they left the LLB unsigchecked in the 3G. They have all the code in the DFU to sig check, they just don't call it.
This is also great news for iphonelinux. We'll be able to boot code without the need for any of Apple's copyrighted software(and maybe without their cert).
Today is a good day for iPhone
Tagi: iphe, bootrom, dev team, great news, wtf, 3g, many things
Posted by planetbeing on under wine fest, spring beer, iphe, pain in the butt, th step, funny name, pmu, hande, framerate, sime, management unit, chip sets, lcd panel, framebuffer, power management, init, two steps, award winner, general purpose, many things |
Looks like the LCD initialization stuff wasn't as simple as I thought. Depending on the way you look at it, there are three or four major initialization steps for the display. The first step initializes the display controller chip, sets the clock and everything. The could of messages you see about the framerate and clock are from this step. The second step ought to initialize the framebuffer for the display controller. I've reverse engineered and implemented those two steps so far.
The third step is to communicate with the LCD panel itself, and likely configure it and configure the display controller for it as well. This is the infamous "merlot_init" function. I have no idea what merlot is (other than a wine variety). Could be the codename for the driver, or the display controller. Can't be for the LCD itself, since its design to hande many different panel types. It's a pretty funny name, though, so I've started working on syrah_init. Syrah, because the 2005
Dalla Vina vintage was an award-winner at the Spring Beer & Wine Fest that I went to last year.
The problem with merlot_init is that it uses GPIO, SPI, IĀ?C as well as memory mapped registers to communicate with the panel and/or the display controller. That's almost every single bus on the iPhone, so basically I had to write drivers for those controllers as well before I could start on merlot_init. Those are now written; no idea if they work, but they're written. It's going to be a big pain in the butt to debug such a complicated driver. There's just too many things that can go wrong.
It's possible I might start implementing some of the PCF50633 (iPhone's power management unit) functionality. I can at least access powernvram (the general purpose memory registers on the PMU, really) pretty simply using IĀ?C and I ought to be able to test that piece out anyway.
On another note, for the longest time I couldn't figure out what those gpmem registers did on the PMU. I reversed some code that manipulated them, but I couldn't figure out where the data was being used, etc. However, I didn't spend much time on it because I didn't think they were going to be very important for what I was doing (since their values don't affect the initialization of any of the other drivers). Well, last night I told MuscleNerd about this for some reason, and he pointed out that there's a command called "powernvram" in iBoot that, no less, attaches descriptions to every single one of those registers! They just keep track of boot failures and stupid stuff like that. It just goes to show that you can't spend TOO much time just doing static RCE. Sometimes you've got to fire up the actual application, or at least give the old ztringz a go. ;)
Tagi: wine fest, spring beer, iphe, pain in the butt, th step, funny name, pmu, hande, framerate, sime, management unit, chip sets, lcd panel, framebuffer, power management, init, two steps, award winner, general purpose, many things
Posted by planetbeing on under clock timer, iphe, day clock, versis, linux kernel, cpu x86, boot menu, linux drivers, mmu, android, opti, whirl, wi fi, graft, spi, knowledge gained from, many things, timers, vic, clocks |
I've been getting a lot of questions from people that seem to reflect a basic misunderstanding of what it takes to port an operating system onto a new platform. People seem to think that just by writing, say, a boot menu, means that we can stick Android or Windows or whatever onto a device because we can have a menu option for it.
Here's what it takes for an
operating system to run on a device:
- The code must be designed for the right CPU. (x86, ARM, PPC)
- The code must be able to interact with the hardware in the way it expects.
Now, there are versions of Linux compiled in ARM (which the iPhone uses), there are even versions of Windows Mobile that are compiled in ARM. Why can't I, then, just stick Windows Mobile or Android (or another flavor of Linux) onto the iPhone and give it a whirl?
Because the code cannot interact with the hardware! That is, there are no Linux drivers or Windows Mobile drivers for the hardware that's on the iPhone. We're not even talking about things like the wi-fi won't work or anything silly like that. We're talking about big things, like not being able to start because it doesn't uncompress itself into RAM properly. We're talking about freezing the first time it has to wait for something to happen because it doesn't know how to run the hardware clocks and timers (which is CRITICAL for computers) and doesn't know when to start again.
Thus , if I tried to take some distribution of Linux or Windows or whatever, stick it in memory and start it, absolutely nothing will happen. That's right: nothing. There will be no output because it doesn't know how to run the display, or the USB, or serial. It probably won't even get to the first line of code that tells it to output something because so many things are broken.
So how can we get Linux to boot on the iPhone?By teaching it how to run the hardware. We take the knowledge gained from getting that boot menu to display and graft it into the Linux kernel. It took an unbelievable amount of devices just to get the boot menu display: clock, timer, vic, mmu, spi, i2c, gpio, system controller, pmu, nor, uart, usb, lcd, buttons. Some of those may seem obvious to you, some work in the background to support the other devices. But all of those had to be reverse engineered and all of them will have to transplanted into the Linux kernel to even get something half-assed booting.
If all of those devices were required to get something as simple as boot menu up, can you imagine what would happen if you tried to boot an operating system that did not know how to run ANY of those devices?
We cannot modify the Windows Mobile kernel because it's closed source, and so there's no way to get it to run on the iPhone.
The critical misunderstanding, I think, is that people think somehow that the OS "sits on top" of the boot menu, and talks to the hardware through the boot menu. Therefore, you can have an "emulation layer" that lets Windows or Linux or whatever talk to the hardware, without having to alter Windows or Linux itself. This is completely false. An operating system, by definition, has direct access to the hardware. Nothing sits between it and the hardware. Once iBoot has loaded the iPhone OS, you can go ahead and wipe it clean from the NOR and the OS will keep running as usual. It's not "running", it's not used or loaded in any way except during the boot process.
The iPhone will never run Windows Mobile directly (virtualization would be possible albeit it would crawl on the iPhone). It will run Linux once we write the drivers for it based on our knowledge of the hardware. Android uses the Linux kernel, though they do modify it to a certain extent. Since the only really hardware dependent parts of an OS is in the kernel, presumably once we install the necessary drivers, Android will run just as well as Linux runs. However, not having even looked at Android's source yet, I really don't have a truly educated opinion at the moment, but let's just say that it's one of this project's primary goals.
Sorry this is so long, but intelligent explanations tend to be long.
P.S. Another question people ask a lot is how long will it take. I can't truly give a good answer to that, because it's sort of dependent on the schedules of the people who work on it, and it also depends on how fast it'll take to write the Linux drivers, and how many unexpected problems crop up. It could go really unexpectedly fast, or we could hit a roadblock. I think outside observers, just reading the commit logs and reading the blog has as much information as I do on how fast things are progressing, so you're free to come up with your own conclusions on how long it will take.
Tagi: clock timer, iphe, day clock, versis, linux kernel, cpu x86, boot menu, linux drivers, mmu, android, opti, whirl, wi fi, graft, spi, knowledge gained from, many things, timers, vic, clocks
Posted by Jason Kottke on under charlie parker, gunslinger, dope, dwarf, nixon, many things, nix, photo |
From the comments about this photo on If Charlie Parker Was a Gunslinger:
Fred: As amusing as that picture is, Tricky was many things, but not a Dope.
Greg: Fred, you're right of course but unfortunately there wasn't an eighth dwarf named "Shifty."
Tags: Richard Nixon
Tagi: charlie parker, gunslinger, dope, dwarf, nixon, many things, nix, photo
