Inexplicable paranormal mystery in OM's history
Mychaela Falconia
mychaela.falconia at gmail.com
Thu Mar 12 19:04:51 UTC 2020
Hi DS!
> Since 0 and o and pretty close on the keyboard, maybe it was just a
> typo that happened if the command line was retyped by hand instead
> of a copy/paste? Just a thought.
Oh no, there is a lot more going on than just a typo! First of all,
the FLUID option to select the old boot entry protocol which is not
supposed to ever work on Calypso 26 MHz platforms is -oO (lowercase
'o' followed by uppercase 'O'), whereas the option to use the boot ROM
protocol that works like it should is -oo (two lowercase 'o's) - there
is no '0' (digit zero) anywhere.
The earliest (in chronological terms) piece of evidence I could find
of Openmoko engaging in paranormal occult matters is this post by
Werner Almesberger:
http://lists.openmoko.org/pipermail/openmoko-devel/2008-April/002605.html
In that post the NDA-worshipping coward was taunting the community
with instructions on how to use OM's modified version of FLUID at the
time when neither this FLUID nor firmware m0 files were made available
to any mere mortals, but here are the two incriminating pieces:
1) The -oO option is there on the fluid.exe invokation line;
2) The other really big incriminating piece is this one:
> FLUID should now say something like this:
>
> (fluid, version 3) ok
> Checksumming (269 * 8kB = 2152kB): ok
> Flash Detect: (0xEC, 0x22A0) Samsung K5A3240CT ok
> Program: (34 sectors, 267*8k=2136k) (*******************) ok
The smoking gun is the "(fluid, version 3) ok" line, while the
remaining messages are exactly as expected for FLUID operating on OM's
modem with their flash and their devices.txt file. I invite you to
look at the FLUID source on our FTP site (look at pc/machine.c inside
the ZIP) and confirm for yourself that FLUID emits that status line on
stdout ONLY if it has made bootloader entry via the old -oO protocol;
when it makes bootloader entry via the Calypso boot ROM (-oo), it
prints "(ROM, version ?) ok" instead.
So there we have it, Werner Almesberger made a public post demonstrating
that he did something that ought to be completely impossible according
to our known understanding of physics. If he did it in England before
1951, he could have been legally prosecuted for witchcraft.
It appears that OM changed their mind and made their fluid.exe binary
and firmware m0 files public about 6 months after WA's 2008-04-25
taunt: the first revision of the modem flashing wiki page was made on
2008-10-28:
http://wiki.openmoko.org/index.php?title=Flashing_the_GSM_Firmware&oldid=58504
The witchcraft instructions are still there: -oO option on the
fluid.exe invokation line and the highly incriminating
"(fluid, version 3) ok" line in the shown expected output.
Whatever warp or tear in the spacetime continuum that happened that
allowed fluid.exe talking at 115200 baud to communicate with TI's
broken FRBL talking at 230400 baud and still miraculously work despite
the baud rate mismatch was not limited in its effect to the inside of
OM's castle walls: community members outside of OM started following
those instructions (including the -oO) once the bits were made public,
and it worked for them.
Of course even if this baud rate mismatch issue wasn't there, using
that old fluid -oO mode would still be a supremely bad idea: that mode
only works for as long as the bootloader in flash is good, and if you
brick that bootloader, then you can't use fluid -oO any more. Back
when TI used this mechanism in pre-Calypso days, they always had JTAG
as the fallback to reload blank or bricked flash - but there is no
Calypso JTAG access on Openmoko devices. But Calypso JTAG is not
needed when you have the boot ROM enabled instead (like it is on OM
devices), you just need to use the boot ROM protocol instead of the
old FLUID boot protocol, meaning -oo rather than -oO if you are using
FLUID rather than fc-loadtool. Apparently OM's people realized this
basic fact by around 2008-11-27, as they started instructing users to
use fluid -oo for recovery:
http://wiki.openmoko.org/index.php?title=Flashing_the_GSM_Firmware&oldid=60704
But note that even this revision of the wiki page still lists -oO as
the first choice, and then presents -oo as an alternative for recovery
if you bricked your FRBL. So the paranormal mystery remains: how did
this fluid -oO mode work for all those OM people all those years ago
when it should have never worked at all because of the baud rate
mismatch?
When I first discovered this bizarre historical oddity, I could
rationally think of only two possibilities: either OM modified their
version of FLUID to talk at 230400 baud in -oO mode, or they somehow
patched the FRBL in their mokoN firmwares to talk at 115200 baud,
fixing TI's bug in this regard. But neither seems to be the case:
* Running OM's fluid.exe under strace shows it setting B115200 in
termios in -oO mode, no sight of B230400 anywhere.
* I diffed the FRBL portion of the fw across different mokoN versions,
and I never found any mokoN version in which FRBL had been modified
relative to what we know and understand as TI's original. It would
also have been quite difficult for OM to make such a change, as this
code is a binary-only lib at least in the semi-src we've recovered.
Adding the necessary fix to set the right bit in the FFFF:FD02 register
would require a code insertion, which would obviously be much more
difficult - patching a byte or two in the blob with a hex editor
(which both I and OM's Dieter Spaar have done on other occasions)
won't do it here.
And to complete the paranormal mystery, the occult magic of fluid -oO
done by OM all those years ago appears to be no longer reproducible,
or at least I couldn't reproduce it on my GTA02. Who knows, maybe it
really was some kind of aberration in spacetime that has repaired
itself since then, and the laws of physics have now gone back to what
we are used to, such that processor A talking at 115200 baud cannot
successfully communicate with processor B talking at 230400 baud.
Stuck in the Twilight Zone,
Mother Mychaela
P.S. Is there any chance that Werner Almesberger might actually be
Warlock Almesberger?
More information about the Community
mailing list