5d classic development - enabled the bootflag!!!
217 views
Skip to first unread message
Andrew Coutts
Apr 24, 2012, 9:13:29 PM4/24/12
to Magic Lantern firmware development
After toying with this for 2 months now I have FINALLY managed to set
the bootflag and run an autoexec.bin file. That means development for
the 5dc has officially gotten underway :)
5dc is a digic ii camera running vxworks 5.5. It is in the same family
as the 350d and 400d. This camera has given me a lot of trouble though
compared to my (brief) time with the 1000d porting. I basically could
not call any rom functions before, it would just never return to the
caller. I began to start thinking out of the box.
As I read up on the 350d, I noticed that they had the same issues as
me, but somebody was handy enough to dump the bootloader using the led
and a photo diode, so they quickly figured out what needed to be done
(they used the bootflag functions in the bootloader). The problem was
I couldn't find a copy of the 350d bootloader anywhere, so I had to
start thinking of new ways to solve this issue.
Last night I spent hours studying the 400d bootloader until I found
and understood how to use the bootflag functions. There was still a
bigger problem though, I don't have the 5d bootloader. To find the
functions in the 5d bootloader, I scanned 0xFFFF0000-0xFFFFFFFF for
occurrences of assembled instructions from the 2 bootdisk functions. I
picked unique instructions that would not be repeated, and it worked!
I then blinked the address through the blue and red leds in binary to
see where the functions were.
After locating the instructions, I modified the 350d bootflag fir code
to work for the 5d. By calling the bootdisk functions in the
bootloader, I was able to set the bootdisk flag for autoexec.bin
files. So, this marks the official start of my Magic Lantern hybrid
5dplus.
I have been posting updates in a thread on the chdk forums if you are
interested in reading:
http://chdk.setepontos.com/index.php?topic=7759.msg84697#msg84697
And the source is available on my bitbucket:
https://bitbucket.org/coutts/5dplus
I have attached in that thread a FIR and Autoexec.bin file. The FIR
file will toggle the bootflag each time you run it, and the sample
autoexec.bin file only blinks the leds. Now onto the next step:
booting the firmware. Hope to have some testers soon! (and something
worth testing)
the bootflag and run an autoexec.bin file. That means development for
the 5dc has officially gotten underway :)
5dc is a digic ii camera running vxworks 5.5. It is in the same family
as the 350d and 400d. This camera has given me a lot of trouble though
compared to my (brief) time with the 1000d porting. I basically could
not call any rom functions before, it would just never return to the
caller. I began to start thinking out of the box.
As I read up on the 350d, I noticed that they had the same issues as
me, but somebody was handy enough to dump the bootloader using the led
and a photo diode, so they quickly figured out what needed to be done
(they used the bootflag functions in the bootloader). The problem was
I couldn't find a copy of the 350d bootloader anywhere, so I had to
start thinking of new ways to solve this issue.
Last night I spent hours studying the 400d bootloader until I found
and understood how to use the bootflag functions. There was still a
bigger problem though, I don't have the 5d bootloader. To find the
functions in the 5d bootloader, I scanned 0xFFFF0000-0xFFFFFFFF for
occurrences of assembled instructions from the 2 bootdisk functions. I
picked unique instructions that would not be repeated, and it worked!
I then blinked the address through the blue and red leds in binary to
see where the functions were.
After locating the instructions, I modified the 350d bootflag fir code
to work for the 5d. By calling the bootdisk functions in the
bootloader, I was able to set the bootdisk flag for autoexec.bin
files. So, this marks the official start of my Magic Lantern hybrid
5dplus.
I have been posting updates in a thread on the chdk forums if you are
interested in reading:
http://chdk.setepontos.com/index.php?topic=7759.msg84697#msg84697
And the source is available on my bitbucket:
https://bitbucket.org/coutts/5dplus
I have attached in that thread a FIR and Autoexec.bin file. The FIR
file will toggle the bootflag each time you run it, and the sample
autoexec.bin file only blinks the leds. Now onto the next step:
booting the firmware. Hope to have some testers soon! (and something
worth testing)
3pointedit
Apr 24, 2012, 10:46:07 PM4/24/12
to Magic Lantern firmware development
Wow, how do you translate the binary LED flashes? Is it by eyeball or
do you use picture analysis? Very cool hacking, great job.
do you use picture analysis? Very cool hacking, great job.
Andrew Coutts
Apr 25, 2012, 12:57:55 AM4/25/12
to Magic Lantern firmware development
thanks! I have red represent 0 and blue represent 1. it's a little
tedious because I have to go back and fix for endianness every time
too. it works great though!
tedious because I have to go back and fix for endianness every time
too. it works great though!
Danne
Apr 25, 2012, 2:04:45 AM4/25/12
to Magic Lantern firmware development
nicely done!
Reply all
Reply to author
Forward
0 new messages