[06:31:38] *** Quits: TheSeven (~quassel@rockbox/developer/TheSeven) (Disconnected by services)
[06:31:47] *** Joins: [7] (~quassel@rockbox/developer/TheSeven)
[07:38:44] *** Quits: krnlyng (~liar@83.175.90.24) (Remote host closed the connection)
[14:39:54] *** Joins: krnlyng (~liar@83.175.90.24)
[21:41:10] *** Joins: ParkerR (~ParkerR@unaffiliated/parkerr)
[21:42:15] <ParkerR> user890104, What's the last build available for the Nano4G? I see the logs on the build page but everu one just says "make: Nothing to be done for `all'."
[21:42:25] <ParkerR> *every
[21:59:49] <user890104> ParkerR: what do you mean by "build"? emCORE build?
[22:00:24] <ParkerR> user890104, I was reading up and it seemed it was at least possible to boot an image into RAM
[22:00:35] <ParkerR> I didn't know if there was still a way to do this
[22:00:37] <user890104> yes, that's right
[22:01:18] <ParkerR> Its mainly just curiosity. I understand it wont do much if anything but just wanted to play around with it
[22:01:25] <[Saint]> Beep out Super Mario theme...
[22:01:40] <user890104> ok, i can help you run it
[22:01:50] <user890104> do you have python and pyusb installed?
[22:01:55] <ParkerR> And I am running Linux if that helps :)
[22:02:00] <ParkerR> I can heh
[22:02:10] <ParkerR> 2 or 3?
[22:03:03] <user890104> 3 should be fine
[22:03:48] <ParkerR> I only see 2 available https://aur.archlinux.org/packages/python2-pyusb/
[22:04:23] <[Saint]> U used to get it from sourceforge
[22:04:27] <[Saint]> *I
[22:05:12] <ParkerR> http://sourceforge.net/projects/pyusb/ ?
[22:05:20] <ParkerR> This uses that https://aur.archlinux.org/packages/python-pyusb-git/
[22:05:46] <ParkerR> Ok its installed
[22:06:32] <user890104> ok, do you know how to enter DFU mode?
[22:06:34] <[7]> ParkerR: you asked for a notes exploit example: http://www.datafilehost.com/get.php?file=39def280
[22:06:45] <[7]> put that in the notes dir on your ipod, then eject
[22:06:55] <[7]> that's what we're using to fire up emcore builds for testing
[22:07:45] <ParkerR> user890104, Disk mode or is there an actual DFU mode?
[22:07:52] <ParkerR> Ive only done it on the iPod Touches
[22:08:30] <[Saint]> Press and hold menu+select for ~12s
[22:08:31] <user890104> ParkerR: there's an actual low-level disk mode, but [7]'s approach is easier
[22:08:45] <[7]> there's an actual DFU mode, but IIRC we can't initialize RAM and LCD from there yet
[22:08:47] <[Saint]> And, yes, yes it is.
[22:09:07] <user890104> just get the file, put it in the Notes dir, eject - you're done
[22:09:30] <[Saint]> Why the fuck did they not patch that out?
[22:09:46] <user890104> to go back to regular boot, reset the ipod with menu+select, then immediately hold down select+down until it enters disk mode
[22:09:48] <[Saint]> It's not like we kept it a secret.
[22:09:52] <[Saint]> They surely knew 
[22:09:54] <user890104> then delete the file in Notes
[22:09:54] <[7]> they just don't care anymore - there hasn't been an update for that device since the notes exploit discovery IIRC
[22:10:10] <[Saint]> Hm, granted.
[22:10:37] <user890104> [7]: are you sure about the LCD, it works on mine
[22:10:43] <ParkerR> Hmm I did  udisksctl unmount --block-device /dev/sdb1
[22:10:51] <[7]> huh? do we know how to configure the PMU for that?
[22:10:51] <ParkerR> Ill try eject from the file manager
[22:11:21] <[7]> (it's been years since I played with that, so I might not be up to date ;)
[22:11:24] <[Saint]> I think Farthen did some work on it since not knowing how to set up PMU no
[22:11:26] <user890104> IIRC the init code for different lcds is in our source code, with the untested ones commented out
[22:11:28] <[Saint]> +?
[22:11:48] <[Saint]> Or was it you user890104?
[22:11:48] <user890104> so i just tested it on mine, it was working, so i uncommented it and pushed it to the svn :)
[22:11:59] <[Saint]> Ah, you.
[22:12:09] <ParkerR> Ok its ejcted and plugged in
[22:12:11] <user890104> Farthen did the work, i just enabled the code for my LCD type
[22:12:12] <ParkerR> At the main menu
[22:12:34] <ParkerR> Is it supposed to auto reboot?
[22:12:44] <[7]> user890104: I'm wondering if we can even turn on the LCD's power supply from DFU yet
[22:13:06] <[7]> hm, stuck in a boot loop? probably a broken notes file then...
[22:13:13] <ParkerR> No not stuck
[22:13:20] <ParkerR> It just enjected and went to the main menu
[22:13:25] <ParkerR> *ejected
[22:13:29] <[Saint]> that's intended.
[22:13:29] <ParkerR> Hasnt done anything
[22:13:37] <ParkerR> Load the file now?
[22:13:42] <user890104> which firmware version do you have?
[22:13:46] <[7]> try to view it, yes
[22:14:02] <user890104> it should reboot immediately after ejecting
[22:14:03] <[7]> but it should really run into it right after ejecting
[22:14:03] <ParkerR> 1.0.4
[22:14:05] <user890104> and show emcore
[22:14:09] <[7]> maybe they *did* fix it after all? ;)
[22:14:13] <user890104> ok, i guess you either need to downgrade
[22:14:21] <user890104> or use the DFU approach
[22:14:28] <user890104> [7]: they fixed it a long time ago
[22:14:36] <[Saint]> Well...fuck me. 1.0.4? Really?
[22:14:40] <user890104> there's even info on our wiki how to downgrade :)
[22:14:42] <[Saint]> Huh. So they did.
[22:14:49] <[7]> heh, I'm outdatey ;)
[22:14:52] <[7]> outdated*
[22:14:55] <[Saint]> Same.
[22:15:00] <[7]> guess that firmware never made it onto my device ;)
[22:15:15] <[Saint]> Nor I apparently.
[22:15:23] <user890104> http://www.freemyipod.org/wiki/Firmware_downgrading
[22:15:27] <ParkerR> "The 1.0.4 firmware release for the nano 4g has patched the notes vulnerability. Do not upgrade to it (there are no new features). I would suggest not upgrading any other iPods either as of August 21. If you already upgraded to 1.0.4, use this file for the instructions above. "
[22:15:29] <ParkerR> Heh
[22:15:45] <ParkerR> Will do thanks
[22:16:18] <[Saint]> Just force DFU. Might as well see if we can answer the question of whether or not it's set up to knit the LCD properly.
[22:16:28] <[Saint]> *init
[22:16:40] <ParkerR> So long hold menu and select and then what key combo?
[22:16:47] <ParkerR> I know select and left is diag menu
[22:16:57] <[7]> just menu+select for 12 seconds
[22:17:00] <[Saint]> Just menu+select
[22:17:04] <ParkerR> Ahh
[22:17:13] <[Saint]> It'll look like it powers off 
[22:17:14] <ParkerR> From powered off or on?
[22:17:19] <[7]> (let go between the 2nd and 3rd reboot cycle, one of which happens every 5sec)
[22:17:21] <[Saint]> Either.
[22:17:42] <[7]> first reboot is normal, second is DFU (display off), third is normal again
[22:17:47] <[Saint]> If its off it'll just power up first.
[22:18:00] <ParkerR> [324104.025895] usb 1-4: new high-speed USB device number 16 using ehci-pci
[22:18:02] <ParkerR> Were good
[22:18:06] <[7]> lsusb?
[22:18:10] <ParkerR> Bus 001 Device 016: ID 05ac:1225 Apple, Inc. iPod Nano 4.Gen (DFU mode)
[22:18:13] <[7]> yep
[22:18:18] <[Saint]> Huzzah 
[22:18:45] <ParkerR> Ok now what? :)
[22:19:03] <[7]> ipoddfu.py with some .dfu file
[22:19:12] <user890104> i guess we need a .dfu file
[22:19:14] <ParkerR> Links?
[22:19:49] <user890104> i found one which looks like it was built by me for the homepage photo of nano4g running the bootmenu
[22:19:58] <user890104> but i'm going to test it on my device first
[22:20:11] <[7]> I ran across this while checking our server: http://files.freemyipod.org/tmp/ipodnano4g/bootstrap-ipodnano4g.dfu
[22:20:21] <[7]> the file name looks like it's an umsboot build for nano4g
[22:20:26] <user890104> yes, exactly
[22:20:32] <ParkerR> Ok will wait
[22:20:50] <[7]> but the .ubi file right next to it seems to be a dead symlink or something
[22:21:42] <[7]> IIUC that .dfu would also include powerup and SDRAM/LCD init code?
[22:22:10] <[7]> guess this might be a working emcore build: http://files.freemyipod.org/tmp/emcore/emcore-ipodnano4g.bin (rename to .ubi)
[22:22:47] <user890104> http://pastie.org/pastes/10370889/text?key=lueafzpxldcjfy6ww3m8rq
[22:24:04] <user890104> looks like i made some kind of a semi-automated build system at some point
[22:24:11] <user890104> but half of the links are dead
[22:26:00] <ParkerR> http://pastie.org/pastes/10370893/text
[22:26:36] <[Saint]> user890104: I recall that. It involved you leaving your N4G plugged and accessible did it not?
[22:29:21] * user890104 wonders why zadig doesn't find his ipod
[22:29:37] <ParkerR> Haha Ive had this one terminal session running for so long I forgot I installed gnu-pricing. http://pastie.org/pastes/10370899/text
[22:29:37] <user890104> [Saint]: yes, for the AES crypto part
[22:30:00] <ParkerR> I only exported it manually
[22:31:10] <[Saint]> user890104: zadig is a giant hunk of shit.
[22:32:18] <ParkerR> :O same guy that made rufus
[22:32:27] <user890104> [Saint]: but it just works
[22:39:01] <user890104> ParkerR [7]: ok, the dfu file works
[22:39:04] <user890104> http://i.imgur.com/NvyVnyq.jpg
[22:39:35] <ParkerR> Ok so what do I need to use to push the dfu file
[22:40:52] <user890104> svn checkout svn://svn.freemyipod.org/
[22:41:49] <user890104> then go to tools/ipoddfu/ and run: python ipoddfu.py <path-to-dfu>/bootstrap-ipodnano4g.dfu
[22:43:07] <user890104> then download the file that [7] linked to, rename it to emcore.ubi, and copy it to the UMSboot drive
[22:43:32] <ParkerR> :D It booted it
[22:43:34] <ParkerR> Copying file
[22:44:41] <ParkerR> No usable boot options
[22:44:47] <ParkerR> Waiting for USB commands :D
[22:46:17] <[Saint]> user890104: except when it doesn't huh?
[22:46:20] <[Saint]> ;)
[22:46:24] <user890104> ParkerR: ok, here you go
[22:46:55] <user890104> you can go to emcore/tools/ and run python emcore.py
[22:47:00] <user890104> to see all the commands
[22:47:33] <[Saint]> You can break precisely nothing. Which is nice.
[22:47:51] <[Saint]> It's entirely unfuckable.
[22:47:53] <user890104> unless you write to the PMU registers
[22:48:08] <[7]> ...or other stuff that we don't know about
[22:48:12] <[Saint]> Well even that's unfuckable technically speaking.
[22:48:14] <user890104> basicly, don't use i2cwrite :)
[22:48:20] <[7]> but yeah, hard to break something by accident
[22:48:29] <ParkerR> I have an emcore/ with the sources and tools/ but no emcore in tools
[22:48:39] <user890104> uhm .. emcore/trunk/tools
[22:48:40] <[7]> emcore/tools/
[22:48:44] <ParkerR> Ahh
[22:50:22] <ParkerR> http://pastie.org/pastes/10370936/text
[22:50:25] <[Saint]> piezo works here no?
[22:50:38] <[Saint]> Show him the beeper code. He'll wet himself.
[22:50:49] <user890104> [Saint]: i don't think so
[22:50:55] <[Saint]> Awwww.
[22:50:56] <user890104> only on n2g and classics
[22:51:17] <user890104> i tried to make it work, but it's complicated
[22:51:28] <ParkerR> Neat getprocinfo worked
[22:52:28] <ParkerR> http://pastie.org/pastes/10370943/text
[22:53:05] <ParkerR> Doesnt seem to support any filesystem commands
[22:53:07] <ParkerR> ls find etc
[22:53:20] <user890104> yes
[22:53:27] <user890104> we have no access to the storage
[22:53:52] <ParkerR> Thanks for the help :D Now I have something to play with
[22:53:52] <user890104> you can find a sample emcore app in apps/helloworld
[22:54:09] <user890104> it uses our api, which isn't really documented
[22:54:12] <ParkerR> Does that get copied over somehow?
[22:54:38] <user890104> emcore.py run yourapp.emcoreapp
[22:54:52] <ParkerR> Ahh
[22:55:36] <user890104> in theory you can run the bootmenu
[22:55:50] <user890104> you need to either patch emcore's clickwheel driver, or libui
[22:56:21] <user890104> but since we don't have a driver for the clickwheel, you won't be able to control it at all
[22:56:48] <user890104> you can kill processes (threads actually) with emcore.py killthread
[22:57:42] <ParkerR> Ahh I need the arm gcc to compile helloworld
[22:58:57] <[Saint]> Nos you're one of like....4 or 5 people ever to run third party code on a N4G.
[22:59:02] <[Saint]> *now
[22:59:12] <ParkerR> Would arm-none-eabi-binutils-2.25.1-1  arm-none-eabi-gcc-5.2.0-1 works or do I need the elf?
[22:59:23] <ParkerR> *work
[23:00:10] <ParkerR> Ahh it does not compile with arm-none
[23:00:11] <user890104> it's easier to use the TNT2 toolchain
[23:00:34] <user890104> https://github.com/EliasOenal/TNT
[23:01:33] <user890104> on our build server, it's installed in toolchains/TNT, and i have the following shell alias:
[23:01:36] <user890104> alias fmi='PATH=$PATH:/home/build/toolchains/TNT/bin:/home/build/freemyipod/tools CROSS=arm-none-eabi-'
[23:01:55] <user890104> then when i run some build script or make, i prefix it with "fmi"
[23:02:00] <ParkerR> So I just run the sh to compile it?
[23:02:05] <user890104> yes
[23:02:27] <user890104> i was explaining how to use after you install it
[23:02:55] <ParkerR> Yeah I got that
[23:03:08] <ParkerR> Im pretty familiar with Linux
[23:04:36] <user890104> ok, great
[23:05:50] <ParkerR> Been using it off an on (mostly on) since about 2009
[23:06:15] <user890104> the tricky part is that in order to compile an emcore app, you need elf2emcoreapp from /tools
[23:06:58] <user890104> in order to build it, you need a version of binutils which is compatible
[23:07:28] <ParkerR> [parker@x3720 tools]$ pacman -Q binutils 
[23:07:28] <ParkerR> binutils 2.25.1-3
[23:08:32] <user890104> well, you need binutils for ARM i guess
[23:08:39] <ParkerR> Ahh heh
[23:09:35] <ParkerR> user890104, Packages (1) arm-none-eabi-binutils-2.25.1-1
[23:09:53] <ParkerR> Does the toolchain not include binutils?
[23:09:54] <user890104> that's why one of the ways to obtain a usable headers+binaries is to run rockbox's toolchain installer, and either comment out the part that deletes build-binutils, or pause/kill the script before it deletes it, and use the produced files
[23:10:13] <user890104> i'm not sure about that, we used to build emcore with rockbox's toolchain
[23:10:22] <user890104> then [7] switched to TNT
[23:11:01] <user890104> honestly, i'm using an elf2emcore binary built by him, because i wasn't able to build it myself
[23:11:25] <user890104> it was either missing symbols, or crashed when run
[23:11:25] <ParkerR> Heh
[23:11:31] <ParkerR> 64bit?
[23:11:36] <ParkerR> Might as well shoot it my way
[23:11:50] <user890104> no, 32bit
[23:12:00] <ParkerR> Worth a shot if it really is that difficult to get compiled
[23:12:03] <ParkerR> Ahh
[23:12:03] <user890104> you can try to compile it for 64bit if you like
[23:12:38] <ParkerR> 32bit server what year is this :D
[23:13:18] <user890104> it's 64bit but [7]'s build of elf2emcoreapp is 32
[23:13:23] <user890104> build@freemyipod:~/freemyipod-extra$ file arm-none-eabi-elf2emcoreapp
[23:13:23] <user890104> arm-none-eabi-elf2emcoreapp: ELF 32-bit LSB executable, Intel 80386, version 1 (SYSV), dynamically linked (uses shared libs), for GNU/Linux 2.6.15, BuildID[sha1]=0x1ac32416cc0d4c33f4fcd91dc9d31c2f4b217a76, not stripped
[23:13:28] <ParkerR> Oh so it should work
[23:13:32] <user890104> yes
[23:14:08] <ParkerR> I guess upload it comewhere and Ill try
[23:14:12] <ParkerR> *somewhere
[23:14:22] <ParkerR> Tollshan still compiling
[23:14:24] <ParkerR> *Tool
[23:15:32] <user890104> http://files.freemyipod.org/misc/arm-elf-eabi-elf2emcoreapp
[23:16:05] <ParkerR> Usage: ./arm-elf-eabi-elf2emcoreapp [vrzd] [-p <abs-pic-file>] [-s stack-size] [-o <output-file>] <elf-file>
[23:16:06] <ParkerR> Works
[23:16:22] <ParkerR> So just throw that somewhere in $PATH?
[23:20:43] <ParkerR> Crap... just realized I forgot to modify the toolchain.sh to use more than one core... I might be here for  abit
[23:40:33] <user890104> ParkerR: in the meantime, you can download http://files.freemyipod.org/~user890104/freemyipod/apps/emcore-libpng-bootmenu-ipodnano4g.ubi
[23:40:53] <user890104> it's the development version of a bootmenu for ipod nano 4g
[23:41:07] <user890104> which, at the moment, does nothing but showing the background
[23:41:10] <ParkerR> Ok so copy that to the dfu mode thing as emcore.ubi?
[23:41:22] <user890104> yes, or just leave the name as-is
[23:41:36] <user890104> it only requires the file extension to be .ubi
[23:42:19] <ParkerR> Ahh
[23:42:35] <user890104> since we have accelerometer driver but no clickwheel driver for nano4g, my idea was to navigate the menu by tilting the device :)
[23:43:00] <user890104> but i never finished it
[23:43:42] <user890104> did you upload the file to your device?
[23:45:29] <ParkerR> Naah not yet
[23:45:39] <ParkerR> Helping somebody else with wifi in Linux heh
[23:46:02] <user890104> it actually runs emcore, so you can use emcore.py to communicate with the device after you see the menu background
[23:46:06] <[Saint]> Step 1: set wireless hardware on fire
[23:46:15] <[Saint]> Fin.
[23:46:37] <[Saint]> That's my experience with wireless in Arch.
[23:46:42] <ParkerR> [Saint], Its is Broadcom..
[23:46:47] <ParkerR> So yeah fire is the best option
[23:46:48] <ParkerR> Runs better
[23:48:09] <user890104> [7]: any idea why this fails? http://pastie.org/pastes/10371064/text
[23:48:24] <ParkerR> user890104, We have image!
[23:48:24] <[Saint]> The myriad of cheap shitty Chinese silicon that reports as realtek but isn't. That's real fun.
[23:48:34] <[Saint]> Don't buy $2 WiFi dongles folks.
[23:48:40] <[Saint]> Anyway....
[23:49:13] <[7]> I've seen that before
[23:49:17] <[7]> gcc bug
[23:49:27] <[7]> CFLAGS=-ffat-lto-objects or something like that helped
[23:50:18] <user890104> CFLAGS_release  := $(FLTO) -Os -fno-pie -fno-stack-protector -fomit-frame-pointer $(CFLAGS_RELEASE)
[23:50:29] <user890104> that's at the moment
[23:53:25] <user890104> ok, this fixed it
[23:53:46] <user890104> let's see if my SVN key still works...