[E3-hacking] W00t; it runs.
Matt Evans
e3-hacking@earth.li
Sat, 23 Apr 2005 13:24:49 +0100
Dear Jonathan,
Well done for your code download via the modem! Sounds interesting.
Have you documented your procedure anywhere? Protocol/format of the
data is probably* pretty similar to that over EXP, maybe? :) I don't
have the means here to talk modem-modem to the device.
I was interested to read in your GPL-vio email that the PBL/kernel
images were obtained by de-soldering the flash chips on an E3. I'm
keen to have a look at the E3's version of PBL (and thanks for sharing
the symbols you'd deduced so far), but I'd prefer a non-invasive way of
getting it out. (So, JTAG or some EXP hacks - chicken and egg scenario
w.r.t. reverse-engineering PBL's (v4) protocol though ;) What is the
state of the E3 whose flash chips were removed? Were they read and
then soldered back in place, or was it a sacrificial broken
(before/after) E3? IFF it was the latter I wonder if it might be
possible to remove the OMAP5910 and beep out the JTAG pins to see if
they go anywhere and if so, where?
Best regards,
Matt