Hello!
Being an owner of GX20 I want to improve some things, especially related to manual lenses handling (like more accurate metering, same handling of M and A lenses, precise adjusting via config files of exposure and SR parameters for each lens).
I have some expirience with reversing and hacking camera firmware, but quite long time ago.
So, I decided to set up special site were I collected all available information that I found and my own information about decryption of GX20/K20D firmware.
Currently I am seeking help from software developers.
Input from ordinary users will be also useful, as being software GUI designer more then hacker I know how important it is.
Note, that I also collected all available firmware images, new and old for K10D/GX10/G20/K20D and they are available for easy and fast download.
Progress report
1) Decryption of encrypted images - done!
2) Disassembed image base - found DSP-0x10000000, CPU- 0xC0000 !
3) Disassembling firmware starting from :
3.1) Interrupt vector table - done!
3.2) Script interpreter - in progress. First results obtained.
3.3) ModSet routines - in progress. Good progress.
3.4) CPU Interrup vector table functions - done!
3.5) Suspected extra commands - not found yet.
3.6) Status screen - in progress.
3.7) Checksum calculation - in progress.
3.8) SHooting parameters references - some found. in progress.
4) Processor module modifications, in progress. First public version released.
Current progress report page http://www.pentax-hack.info/documents/blog.php
It have all current information about progress.
Site address www.pentax-hack.info Recommended Tools Hex Viewers:
1)
http://www.hhdsoftware.com/Products/home/hex-editor-free.html
2) BVIEW -
http://biew.sourceforge.net Disassembler
Ida Pro 4.9 Free -
http://www.hex-rays.com/idapro/idadownfreeware.htm
FR processor module specially made for Pentax project is available on my blog page.
Our working database is in IDA 4.9 format.
I am still looking for synchronization tool.
Development help
If you know C/C++ well, you could add FR disassembler to BVIEW .
BVIEW -
http://biew.sourceforge.net
Source of FR disassembler -
http://www.pentax-hack.info/firmware/fujitsu/dfr-103.zip Necessary improvements of IDA
1) Handing of jump tables. This is very frequently used feature.
2) Script to handle offset tables (many of them are present), so pressing two keys automatically changes all to offsets
(until it is proper address and stops as soon as it is not) add xref and start analizing procedures.
3) Many parameters are passed by registers. If we could track them somehow and allow to quickly define this in function definition, so comments can be seen right after commands before call (ala pc.w32).
4) References for interrupt commands (mainly for int 0x40, of course)
5) Automatic creation of segments upon firmware loading (same as interrupts table that is working now).
If you have even small time try to work with IDA writing IDC scripts and/or plugins and modules, welcome aboard!
IDA Synchronization tool
Allow multiple people work with IDA database.
C++ or Delphi application that tracks all necessary mouse moves and keypresses (with some screen recognition :-) ) and converts them to special IDC script after each session (if you run this script it makes all changes made from last public version).
Uploads this IDC script on FTP site.
Executes all collected scripts at predefined periods.
Upload new database release.
BTW, tool could be converted to commercial application later :-).
Donations
1) Donations are donations, no promises of specific features. I'll have wishlist and priority list, but no guarantee.
2) We need to find someone trusted with full paypal account to place button on site.
3) Money will go to software licenses mostly, so onyone will know how they are spent.
3.1) If you want to help in little - buy either http://www.hhdsoftware.com/Products/home/hex-editor-ultimate.html license ($30) (we'll need it also) Hiew - bought, thanks falconeye for $64 donation. Contact me for another possible software products we need (all sub $100 donation).
3.2) If you want to help big - provide malfunctioning body or find information about M4 and M5 Fujitsu LSI chips.
P.S. You could find my email for this project on this site or PM me.
Last edited by tr13; 08-20-2009 at 03:24 PM.