You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Hi,
I am trying to port Fusee Gelee to Tegra114 (T40).
So far i had no success.
How did you port the other devices? Any tips? Will a bootrom dump from Dalmore dev tablet help?
I think i understand the basic concept of the exploit but i think i miss something
As far as i understand i need to know the following things:
RCM_PAYLOAD_ADDR: should be 0x4000E000
RCM_HEADER_SIZE: should be RCM_V35_HEADER_SIZE = 628
COPY_BUFFER_ADDRESSES: Here is only the upper DMA address important/interesting. (My guess: 0x40008000)
The stack spray range: could effectively use the whole payload between intermezzo and user_payload?
stack spay: should be RCM_PAYLOAD_ADDR, right?
I hope you can remember how you ported FG to T20/30/...
Thanks in advance :)
p.s. i have a payload which should put some chars to uart. It was adapted from a T30 payload and was proven to work as UEFI payload.
I think the payload isn't the problem
The text was updated successfully, but these errors were encountered:
Hi,
I am trying to port Fusee Gelee to Tegra114 (T40).
So far i had no success.
How did you port the other devices? Any tips? Will a bootrom dump from Dalmore dev tablet help?
I think i understand the basic concept of the exploit but i think i miss something
As far as i understand i need to know the following things:
RCM_PAYLOAD_ADDR: should be0x4000E000RCM_HEADER_SIZE: should beRCM_V35_HEADER_SIZE=628COPY_BUFFER_ADDRESSES: Here is only the upper DMA address important/interesting. (My guess:0x40008000)I hope you can remember how you ported FG to T20/30/...
Thanks in advance :)
p.s. i have a payload which should put some chars to uart. It was adapted from a T30 payload and was proven to work as UEFI payload.
I think the payload isn't the problem
The text was updated successfully, but these errors were encountered: