MobileRead Forums - View Single Post - PRS-600 Communication with "subcpu" (button and touchscreen controller)

customelectronic · 09-05-2010, 11:13 PM

Xaphoisis,
Excellent work! I have a sony Daily Edition (PRS900?? i think) which has the same touch screen interface. On the Sony site, under Audio, I found the kernel drivers for the on-the-go file-system, and a USB serial port driver, and kernel, etc. I am a longtime linux user and kernel hacker (robotics), so there isn't anything really new here for me in taking apart a RTOS - just another version of it....

I only have a few days before I leave, and I would like to hack my 900 and help you out with the touch screen decoding; from the kernel sources, I think the 600 and 900 are very similar.

The byte pattern you posted looks similar to some things I saw in a touchpad system driver I improved. (Hyperpen,Aiptek). I am thinking about cross compiling some handwriting recognition software to allow myself to use my SONY as a stand alone terminal / true Linux box. (I bought it second hand, and Sony doesn't seem to be able to deactivate the earlier owner's account -- so it's fair game to hack.)

but, I need to get up to speed quickly in order to do this; I see that the system boots linux from nand flash ram; and I see references in the threads to a upgraded flash; Do I have to upgrade the flash in order to hack the 900, or is that something specific to earlier Sony's? If I do, what exactly is being changed in the new flashed image -- eg: Is is a re-compiled Linux kernel, or what; so if I need to recompile my version of the kernel for the 900 with some changes, is the source code available?

Once I get on the system with a terminal running ash... the rest is easy for me to do. You mentioned an alternate serial port inside the Sony used by the "russians"

-- but that it required a password. Is that password known? For I do have serial port hardware RS232/422/ or 5V logic and knowhow if that is a simple pathway in.
I can go any distance, even to desoldering surface mount chips w/ a NASA certified station... BSEE is my background.

Worst case, I can desolder the flash from my sony's motherboard and use some search algorithms to find the root password, and replace the cipher with a password I know -- but if there is a faster way -- I'd like to know.

Thanks in advance.

09-05-2010, 11:13 PM	#23
customelectronic Member Posts: 18 Karma: 10 Join Date: Sep 2010 Device: PRS900	Xaphoisis, Excellent work! I have a sony Daily Edition (PRS900?? i think) which has the same touch screen interface. On the Sony site, under Audio, I found the kernel drivers for the on-the-go file-system, and a USB serial port driver, and kernel, etc. I am a longtime linux user and kernel hacker (robotics), so there isn't anything really new here for me in taking apart a RTOS - just another version of it.... I only have a few days before I leave, and I would like to hack my 900 and help you out with the touch screen decoding; from the kernel sources, I think the 600 and 900 are very similar. The byte pattern you posted looks similar to some things I saw in a touchpad system driver I improved. (Hyperpen,Aiptek). I am thinking about cross compiling some handwriting recognition software to allow myself to use my SONY as a stand alone terminal / true Linux box. (I bought it second hand, and Sony doesn't seem to be able to deactivate the earlier owner's account -- so it's fair game to hack.) but, I need to get up to speed quickly in order to do this; I see that the system boots linux from nand flash ram; and I see references in the threads to a upgraded flash; Do I have to upgrade the flash in order to hack the 900, or is that something specific to earlier Sony's? If I do, what exactly is being changed in the new flashed image -- eg: Is is a re-compiled Linux kernel, or what; so if I need to recompile my version of the kernel for the 900 with some changes, is the source code available? Once I get on the system with a terminal running ash... the rest is easy for me to do. You mentioned an alternate serial port inside the Sony used by the "russians" -- but that it required a password. Is that password known? For I do have serial port hardware RS232/422/ or 5V logic and knowhow if that is a simple pathway in. I can go any distance, even to desoldering surface mount chips w/ a NASA certified station... BSEE is my background. Worst case, I can desolder the flash from my sony's motherboard and use some search algorithms to find the root password, and replace the cipher with a password I know -- but if there is a faster way -- I'd like to know. Thanks in advance.