Omnimaga

Calculator Community => TI Calculators => Calculator C => Topic started by: fb39ca4 on August 17, 2011, 02:25:53 pm

Title: How do I write directly to the flash memory on an Nspire?
Post by: fb39ca4 on August 17, 2011, 02:25:53 pm

I want to put random garbage at flash page 0x0020, (for the purpose of corrupting boot2  >:D) how do I accomplish this? Also, is overwriting the boot2 supported in the emulator? (for the purpose of testing to make sure I overwrite the right thing)

Title: Re: How do I write directly to the flash memory on an Nspire?
Post by: ExtendeD on August 17, 2011, 03:51:13 pm

There aren't any syscalls for flash writing, but there are OS functions for this.
I have written a diags software writer a while ago but it was quite unstable, I'm not sure why. That's why the functions aren't exported.
You may also have a look at nspire_emu's source code to understand low-level interactions with the flash chip.

I think you need to emulate on an OS with a boot1 for nspire_emu to take into account a boot2 update.

Title: Re: How do I write directly to the flash memory on an Nspire?
Post by: Goplat on August 17, 2011, 04:31:17 pm

Quote from: ExtendeD on August 17, 2011, 03:51:13 pm

You may also have a look at nspire_emu's source code to understand low-level interactions with the flash chip.

That code is not based on any documentation or testing at all; it's just the bare minimum of accuracy to make TI's OS work. If you're not doing things exactly as the OS does, then emulation and reality will very likely differ.

Title: Re: How do I write directly to the flash memory on an Nspire?
Post by: Awesomeness on September 15, 2011, 06:53:14 am

What is boot2? I apologize in advance for my ignorance. :P

Title: Re: How do I write directly to the flash memory on an Nspire?
Post by: ExtendeD on September 15, 2011, 07:06:26 am

boot2 is a software module which loads the operating system. It is itself loaded by boot1.

Title: Re: How do I write directly to the flash memory on an Nspire?
Post by: bsl on September 15, 2011, 10:20:25 am

I have two programs that work on the emulator but not on hardware Boot2Writer
and DiagsWriter. You can also directly edit the emulator flash file to install these, with a
small C or python program. I used the same method to install Ndless 1.1 on the emulator.

I would not release a working version of Boot2Writer because it can brick the calculator.
 You would need an RS232-USB module to recover from this, and most users don't have this.

Title: Re: How do I write directly to the flash memory on an Nspire?
Post by: ExtendeD on September 15, 2011, 10:22:03 am

Quote from: bsl on September 15, 2011, 10:20:25 am

I have two programs that work on the emulator but not on hardware Boot2Writer
and DiagsWriter.

This was the behavior I had with my own experiments, I never could figure out why.

Title: Re: How do I write directly to the flash memory on an Nspire?
Post by: bsl on September 15, 2011, 10:28:19 am

I am trying to figure that out now.
I think you have to call flash_erase_range() first before writing to the range.
Also I am calling write_nand() the same way boot1 does when it flashes a diags or boot2 through RS232.