exeDSP and samdrv.ko inner workings

Here are software that related with Samsung B series TVs. Like hex editors, new version of BusyBox or internal software, app programs that will run in your TV hardware.:!:This forum is NOT FOR USER QUESTIONS or Problems.
Post Reply

aquadran
Posts: 264
Joined: Fri Oct 16, 2009 9:35 pm
Location: Poland

Re: exeDSP and samdrv.ko inner workings

Post by aquadran » Sun Jan 03, 2010 9:02 am

nilo85 wrote:Hi,

I'm trying to figure out how /dev/sam/gfx0 and /dev/sam/gfx3d0 is working..
I thought we could create a thread here where we share our "interersing addresses" in the files. (Regarding everything)

What i'm currently looking at is 009426C4 (T-CHU7DEUC 3000.G, exeDSP), here it seems to open the gfx0 device, maybe we can find a way to communicate to the device from this.
.text:009426BC LDR R0, =aDevSamGfx0 ; "/dev/sam/gfx0"
.text:009426C0 LDR R1, =0x1002 ; oflag
.text:009426C4 BL open

[Edit]
Found something else really interesting. Here it creates alot of Chelsea controller objects for everything cool, everything form teletext to video processors
.text:006C9FFC ; TDBuilder::Build(void)
.text:006C9FFC EXPORT _ZN9TDBuilder5BuildEv
.text:006C9FFC _ZN9TDBuilder5BuildEv ; CODE XREF: CFastBoot::Initialize(void)+24p

interesting thing is that US A650,A750 like models and few others (that from 2008) has samsung.ko full implemented. that kernel could do all lower things including 2d, 3d, scaling, jpeg, x264 decoding, however samsung it seems dropped that way in later in 2009 tv and moved almost everthing into exeDSP. so no way implement custom app on kernel driver using /dev/sam/*.
In current samsung.ko there is some left over audio codecs stuff including dts support.
RE how hardware tv works will be very difficult due complexity.
Top
User avatar
erdem_ua
SamyGO Admin
Posts: 3098
Joined: Thu Oct 01, 2009 6:02 am
Location: Istanbul, Turkey
Contact:
Contact erdem_ua

Re: exeDSP and samdrv.ko inner workings

Post by erdem_ua » Sun Jan 03, 2010 3:55 pm

Hi nilo85, welcome to our community. Your wiki editor access granted.
You can create a reverse engineering page for your recovered engineering secrets from programs.
When the time has come, I think we can handle to re-write exeDSP from scratch with using those informations.
It also good for "game" menu application developments. Thanks for the works :)
Top
aquadran
Posts: 264
Joined: Fri Oct 16, 2009 9:35 pm
Location: Poland

Re: exeDSP and samdrv.ko inner workings

Post by aquadran » Sun Jan 03, 2010 5:28 pm

nilo85 wrote:I have managed to execute exeDSP internal functions. with this we should be able to do whatever the tv can do from usb game.
Here is a proof of concept: NOTE: The addresses used are for T-CHU7DEUC 3000.G, exeDSP, if you execute this on another firmware, there is no knowing what address you are calling, use at own risk

Code: Select all

#include <stdio.h>

extern int Game_Main(const char *path, const char *udn);

typedef void (*spIGfx_GetRes)(FILE*, void*);

spIGfx_GetRes _spIGfx_GetRes = 0x009372E8;
FILE* g_hGFX = 0x0236D9E8;

typedef struct _GFX_RES
{
    int width;
    int height;
    int pixelDepth;} GFX_RES;

int Game_Main(const char *path, const char *udn) {
        chdir(path);
        FILE *file;
        file = fopen("./log.txt", "a+");

        GFX_RES res;

        _spIGfx_GetRes(g_hGFX,&res);

        fprintf(file,"width: %i, ",res.width);
        fprintf(file,"height: %i, ",res.height);
        fprintf(file,"pixelDepth: %i\n",res.pixelDepth);


        fclose(file);
        return 0;
}
One full night of reverse engineering awarded =)
if function is exported, you don't need hardcode address.
My idea is use video decoding code to reuse it in custom apps. It must be done somehow clean way as widget tv has able do that.
Top

Post Reply

Return to “[B] Software”