annotate Firmware-deblobbing @ 73:eb68975e1b81

FC-handset-spec: KWH020ST23-F01 finalized
author Mychaela Falconia <falcon@freecalypso.org>
date Thu, 16 Sep 2021 00:08:00 +0000
parents 14b8e532c966
children
Ignore whitespace changes - Everywhere: Within whitespace: At end of lines:
rev   line source
19
f68ca40fa5c1 Firmware-deblobbing document written
Mychaela Falconia <falcon@freecalypso.org>
parents:
diff changeset
1 The state of blobs vs. blob-free firmware in FreeCalypso
f68ca40fa5c1 Firmware-deblobbing document written
Mychaela Falconia <falcon@freecalypso.org>
parents:
diff changeset
2 ========================================================
f68ca40fa5c1 Firmware-deblobbing document written
Mychaela Falconia <falcon@freecalypso.org>
parents:
diff changeset
3
35
14b8e532c966 Firmware-deblobbing: update for the current situation
Mychaela Falconia <falcon@freecalypso.org>
parents: 19
diff changeset
4 Since 2018, we have 3 different firmware versions for Standard Modem
19
f68ca40fa5c1 Firmware-deblobbing document written
Mychaela Falconia <falcon@freecalypso.org>
parents:
diff changeset
5 functionality:
f68ca40fa5c1 Firmware-deblobbing document written
Mychaela Falconia <falcon@freecalypso.org>
parents:
diff changeset
6
f68ca40fa5c1 Firmware-deblobbing document written
Mychaela Falconia <falcon@freecalypso.org>
parents:
diff changeset
7 * Magnetite hybrid is the current production firmware version. The only blobs
f68ca40fa5c1 Firmware-deblobbing document written
Mychaela Falconia <falcon@freecalypso.org>
parents:
diff changeset
8 are Nucleus, OSL and OSX glue components of GPF, and TI's proprietary TMS470
f68ca40fa5c1 Firmware-deblobbing document written
Mychaela Falconia <falcon@freecalypso.org>
parents:
diff changeset
9 compiler. Everything other than Nucleus and OSL/OSX is compiled from source,
f68ca40fa5c1 Firmware-deblobbing document written
Mychaela Falconia <falcon@freecalypso.org>
parents:
diff changeset
10 but the compiler is TI's proprietary TMS470. The same Magnetite source tree
f68ca40fa5c1 Firmware-deblobbing document written
Mychaela Falconia <falcon@freecalypso.org>
parents:
diff changeset
11 also supports other configurations (maintained only for regression testing)
35
14b8e532c966 Firmware-deblobbing: update for the current situation
Mychaela Falconia <falcon@freecalypso.org>
parents: 19
diff changeset
12 which have more blobs, as well as handset configurations which are a separate
14b8e532c966 Firmware-deblobbing: update for the current situation
Mychaela Falconia <falcon@freecalypso.org>
parents: 19
diff changeset
13 subject. The total amount of blob code in this version is 43052 bytes out of
14b8e532c966 Firmware-deblobbing: update for the current situation
Mychaela Falconia <falcon@freecalypso.org>
parents: 19
diff changeset
14 over 2 MiB firmware images.
19
f68ca40fa5c1 Firmware-deblobbing document written
Mychaela Falconia <falcon@freecalypso.org>
parents:
diff changeset
15
f68ca40fa5c1 Firmware-deblobbing document written
Mychaela Falconia <falcon@freecalypso.org>
parents:
diff changeset
16 * Selenite-470 is FC Selenite built with TI's TMS470 compiler: all code is
f68ca40fa5c1 Firmware-deblobbing document written
Mychaela Falconia <falcon@freecalypso.org>
parents:
diff changeset
17 compiled from source, no blobs other than the compiler and its RTS library
f68ca40fa5c1 Firmware-deblobbing document written
Mychaela Falconia <falcon@freecalypso.org>
parents:
diff changeset
18 (libc/libgcc equivalent). The blob version of Nucleus is replaced with a
f68ca40fa5c1 Firmware-deblobbing document written
Mychaela Falconia <falcon@freecalypso.org>
parents:
diff changeset
19 different (slightly newer) version in full source form, while the blob
f68ca40fa5c1 Firmware-deblobbing document written
Mychaela Falconia <falcon@freecalypso.org>
parents:
diff changeset
20 versions of OSL and OSX glue components have been replaced with reconstructed
f68ca40fa5c1 Firmware-deblobbing document written
Mychaela Falconia <falcon@freecalypso.org>
parents:
diff changeset
21 sources, i.e., a reconstruction based on disassembly. This fw version is
f68ca40fa5c1 Firmware-deblobbing document written
Mychaela Falconia <falcon@freecalypso.org>
parents:
diff changeset
22 currently considered experimental, not cleared for production, and the reason
f68ca40fa5c1 Firmware-deblobbing document written
Mychaela Falconia <falcon@freecalypso.org>
parents:
diff changeset
23 is OSL/OSX: the reconstruction is of uncertain correctness and known to be
f68ca40fa5c1 Firmware-deblobbing document written
Mychaela Falconia <falcon@freecalypso.org>
parents:
diff changeset
24 incomplete.
f68ca40fa5c1 Firmware-deblobbing document written
Mychaela Falconia <falcon@freecalypso.org>
parents:
diff changeset
25
f68ca40fa5c1 Firmware-deblobbing document written
Mychaela Falconia <falcon@freecalypso.org>
parents:
diff changeset
26 * Selenite-gcc is FC Selenite built with gcc. This version has no blobs
f68ca40fa5c1 Firmware-deblobbing document written
Mychaela Falconia <falcon@freecalypso.org>
parents:
diff changeset
27 whatsoever (there is no support in the gcc+binutils toolchain for TI's TMS470
f68ca40fa5c1 Firmware-deblobbing document written
Mychaela Falconia <falcon@freecalypso.org>
parents:
diff changeset
28 ABI, thus it is physically impossible to include any of TI's COFF blobs in
f68ca40fa5c1 Firmware-deblobbing document written
Mychaela Falconia <falcon@freecalypso.org>
parents:
diff changeset
29 the link), and it is built with a FLOSS compiler. However, it is even more
f68ca40fa5c1 Firmware-deblobbing document written
Mychaela Falconia <falcon@freecalypso.org>
parents:
diff changeset
30 experimental and not-for-production than Selenite-470: not only is the OSL/OSX
f68ca40fa5c1 Firmware-deblobbing document written
Mychaela Falconia <falcon@freecalypso.org>
parents:
diff changeset
31 issue still there, but there is also widespread breakage from the use of a
f68ca40fa5c1 Firmware-deblobbing document written
Mychaela Falconia <falcon@freecalypso.org>
parents:
diff changeset
32 different compiler which was never anticipated by the original developers.
f68ca40fa5c1 Firmware-deblobbing document written
Mychaela Falconia <falcon@freecalypso.org>
parents:
diff changeset
33 The old FC Citrine firmware (unmaintained since 2016) also suffers from all
f68ca40fa5c1 Firmware-deblobbing document written
Mychaela Falconia <falcon@freecalypso.org>
parents:
diff changeset
34 of the same problems, plus additional ones, and therefore should not be
f68ca40fa5c1 Firmware-deblobbing document written
Mychaela Falconia <falcon@freecalypso.org>
parents:
diff changeset
35 considered at all.
f68ca40fa5c1 Firmware-deblobbing document written
Mychaela Falconia <falcon@freecalypso.org>
parents:
diff changeset
36
f68ca40fa5c1 Firmware-deblobbing document written
Mychaela Falconia <falcon@freecalypso.org>
parents:
diff changeset
37 When it comes to the firmware, right now those OSL and OSX glue components of
f68ca40fa5c1 Firmware-deblobbing document written
Mychaela Falconia <falcon@freecalypso.org>
parents:
diff changeset
38 GPF form the biggest bone in our collective throat. Just 10 C source files are
f68ca40fa5c1 Firmware-deblobbing document written
Mychaela Falconia <falcon@freecalypso.org>
parents:
diff changeset
39 missing:
f68ca40fa5c1 Firmware-deblobbing document written
Mychaela Falconia <falcon@freecalypso.org>
parents:
diff changeset
40
f68ca40fa5c1 Firmware-deblobbing document written
Mychaela Falconia <falcon@freecalypso.org>
parents:
diff changeset
41 os_com.c
f68ca40fa5c1 Firmware-deblobbing document written
Mychaela Falconia <falcon@freecalypso.org>
parents:
diff changeset
42 os_drv.c
f68ca40fa5c1 Firmware-deblobbing document written
Mychaela Falconia <falcon@freecalypso.org>
parents:
diff changeset
43 os_evt.c
f68ca40fa5c1 Firmware-deblobbing document written
Mychaela Falconia <falcon@freecalypso.org>
parents:
diff changeset
44 os_isr.c
f68ca40fa5c1 Firmware-deblobbing document written
Mychaela Falconia <falcon@freecalypso.org>
parents:
diff changeset
45 os_mem.c
f68ca40fa5c1 Firmware-deblobbing document written
Mychaela Falconia <falcon@freecalypso.org>
parents:
diff changeset
46 os_mis.c
f68ca40fa5c1 Firmware-deblobbing document written
Mychaela Falconia <falcon@freecalypso.org>
parents:
diff changeset
47 os_pro.c
f68ca40fa5c1 Firmware-deblobbing document written
Mychaela Falconia <falcon@freecalypso.org>
parents:
diff changeset
48 os_sem.c
f68ca40fa5c1 Firmware-deblobbing document written
Mychaela Falconia <falcon@freecalypso.org>
parents:
diff changeset
49 os_tim.c
f68ca40fa5c1 Firmware-deblobbing document written
Mychaela Falconia <falcon@freecalypso.org>
parents:
diff changeset
50 osx.c
f68ca40fa5c1 Firmware-deblobbing document written
Mychaela Falconia <falcon@freecalypso.org>
parents:
diff changeset
51
f68ca40fa5c1 Firmware-deblobbing document written
Mychaela Falconia <falcon@freecalypso.org>
parents:
diff changeset
52 If we can ever find these 10 missing files (does not even need to be exactly
f68ca40fa5c1 Firmware-deblobbing document written
Mychaela Falconia <falcon@freecalypso.org>
parents:
diff changeset
53 the same version as in TCS211 GPF), then Selenite-470 would immediately become
f68ca40fa5c1 Firmware-deblobbing document written
Mychaela Falconia <falcon@freecalypso.org>
parents:
diff changeset
54 the new production firmware replacing Magnetite (the Nucleus change isn't the
f68ca40fa5c1 Firmware-deblobbing document written
Mychaela Falconia <falcon@freecalypso.org>
parents:
diff changeset
55 problem, it's OSL and OSX), and the way would be cleared to begin work on
f68ca40fa5c1 Firmware-deblobbing document written
Mychaela Falconia <falcon@freecalypso.org>
parents:
diff changeset
56 bringing Selenite-gcc up to par. But in the absence of these 10 files, the
35
14b8e532c966 Firmware-deblobbing: update for the current situation
Mychaela Falconia <falcon@freecalypso.org>
parents: 19
diff changeset
57 following situation holds currently:
19
f68ca40fa5c1 Firmware-deblobbing document written
Mychaela Falconia <falcon@freecalypso.org>
parents:
diff changeset
58
35
14b8e532c966 Firmware-deblobbing: update for the current situation
Mychaela Falconia <falcon@freecalypso.org>
parents: 19
diff changeset
59 * For my own personal use and enjoyment, I (Mother Mychaela) am quite happy
14b8e532c966 Firmware-deblobbing: update for the current situation
Mychaela Falconia <falcon@freecalypso.org>
parents: 19
diff changeset
60 with the current state of Magnetite hybrid, i.e., the few remaining blobs and
14b8e532c966 Firmware-deblobbing: update for the current situation
Mychaela Falconia <falcon@freecalypso.org>
parents: 19
diff changeset
61 the proprietary TMS470 compiler don't bother me. Thus I currently have no
14b8e532c966 Firmware-deblobbing: update for the current situation
Mychaela Falconia <falcon@freecalypso.org>
parents: 19
diff changeset
62 incentive to work on further deblobbing unless one of two things happen: in
14b8e532c966 Firmware-deblobbing: update for the current situation
Mychaela Falconia <falcon@freecalypso.org>
parents: 19
diff changeset
63 order to be incentivized, I would need either a copy of the 10 missing files
14b8e532c966 Firmware-deblobbing: update for the current situation
Mychaela Falconia <falcon@freecalypso.org>
parents: 19
diff changeset
64 OR a highly paid commercial arrangement as described below.
19
f68ca40fa5c1 Firmware-deblobbing document written
Mychaela Falconia <falcon@freecalypso.org>
parents:
diff changeset
65
35
14b8e532c966 Firmware-deblobbing: update for the current situation
Mychaela Falconia <falcon@freecalypso.org>
parents: 19
diff changeset
66 * If someone really desires it and puts substantial money behind it, it IS
14b8e532c966 Firmware-deblobbing: update for the current situation
Mychaela Falconia <falcon@freecalypso.org>
parents: 19
diff changeset
67 possible to get to a blob-free, built with gcc state without the 10 missing
14b8e532c966 Firmware-deblobbing: update for the current situation
Mychaela Falconia <falcon@freecalypso.org>
parents: 19
diff changeset
68 files - but doing so would require investing major effort into our own
14b8e532c966 Firmware-deblobbing: update for the current situation
Mychaela Falconia <falcon@freecalypso.org>
parents: 19
diff changeset
69 disassembly-based reconstruction of OSL and OSX components. The total code
14b8e532c966 Firmware-deblobbing: update for the current situation
Mychaela Falconia <falcon@freecalypso.org>
parents: 19
diff changeset
70 size in these bone-in-our-throat blob components is only 14992 bytes, but
14b8e532c966 Firmware-deblobbing: update for the current situation
Mychaela Falconia <falcon@freecalypso.org>
parents: 19
diff changeset
71 because I am a serious perfectionist, deblobbing/reconstructing these
14b8e532c966 Firmware-deblobbing: update for the current situation
Mychaela Falconia <falcon@freecalypso.org>
parents: 19
diff changeset
72 components to my high standard of satisfaction would require a very major
14b8e532c966 Firmware-deblobbing: update for the current situation
Mychaela Falconia <falcon@freecalypso.org>
parents: 19
diff changeset
73 effort. Because of my high standards and because of the amount of effort
14b8e532c966 Firmware-deblobbing: update for the current situation
Mychaela Falconia <falcon@freecalypso.org>
parents: 19
diff changeset
74 that would be required to meet these high standards without getting a hold of
14b8e532c966 Firmware-deblobbing: update for the current situation
Mychaela Falconia <falcon@freecalypso.org>
parents: 19
diff changeset
75 the 10 missing files, I currently have no plans to do any more work in this
14b8e532c966 Firmware-deblobbing: update for the current situation
Mychaela Falconia <falcon@freecalypso.org>
parents: 19
diff changeset
76 direction in the absence of a commercial paid arrangement.
19
f68ca40fa5c1 Firmware-deblobbing document written
Mychaela Falconia <falcon@freecalypso.org>
parents:
diff changeset
77
f68ca40fa5c1 Firmware-deblobbing document written
Mychaela Falconia <falcon@freecalypso.org>
parents:
diff changeset
78 cdginc header files
f68ca40fa5c1 Firmware-deblobbing document written
Mychaela Falconia <falcon@freecalypso.org>
parents:
diff changeset
79 ===================
f68ca40fa5c1 Firmware-deblobbing document written
Mychaela Falconia <falcon@freecalypso.org>
parents:
diff changeset
80
f68ca40fa5c1 Firmware-deblobbing document written
Mychaela Falconia <falcon@freecalypso.org>
parents:
diff changeset
81 Another area of deblobbing that hasn't been done yet, but can be done when and
f68ca40fa5c1 Firmware-deblobbing document written
Mychaela Falconia <falcon@freecalypso.org>
parents:
diff changeset
82 if a serious need arises, is the cdginc header file set. The cdginc files which
f68ca40fa5c1 Firmware-deblobbing document written
Mychaela Falconia <falcon@freecalypso.org>
parents:
diff changeset
83 are currently used for our hybrid config aren't blobs in the strict sense: they
f68ca40fa5c1 Firmware-deblobbing document written
Mychaela Falconia <falcon@freecalypso.org>
parents:
diff changeset
84 are C header files included by the sources being recompiled, but they have been
f68ca40fa5c1 Firmware-deblobbing document written
Mychaela Falconia <falcon@freecalypso.org>
parents:
diff changeset
85 auto-generated (from true human-editable sources which we do have) by a tool
f68ca40fa5c1 Firmware-deblobbing document written
Mychaela Falconia <falcon@freecalypso.org>
parents:
diff changeset
86 (ccdgen) which currently exists only as a Windows binary sans source.
f68ca40fa5c1 Firmware-deblobbing document written
Mychaela Falconia <falcon@freecalypso.org>
parents:
diff changeset
87
f68ca40fa5c1 Firmware-deblobbing document written
Mychaela Falconia <falcon@freecalypso.org>
parents:
diff changeset
88 If anyone needs to make changes to cdginc, the proper course of action should
f68ca40fa5c1 Firmware-deblobbing document written
Mychaela Falconia <falcon@freecalypso.org>
parents:
diff changeset
89 be to hire a Windows reverser to reverse ccdgen.exe and to produce a perfect
f68ca40fa5c1 Firmware-deblobbing document written
Mychaela Falconia <falcon@freecalypso.org>
parents:
diff changeset
90 form, fit and function replacement.