Clarification on Tuner Lock and Grounding Pin to Unlock PCM

modzer321 · Post by **modzer321** » Sat Dec 07, 2024 8:32 pm

Hello,
Could someone please provide a detailed explanation of how the tuner lock on a PCM works? Specifically, I am interested in understanding what occurs when you ground the designated pin to unlock the flash memory. What is the process that takes place in the PCM when this happens, and how does it affect the bootloader or any other relevant components when reading the flash?
Any insight into the technical workings of this process would be greatly appreciated.

Thank you!

Post by **kur4o** » Sat Dec 07, 2024 8:58 pm

When you ground the pin, you interrupt the link between cpu and flash memory, so cpu can`t read data from specific addresses, reading only FFs, since link is cut. This triggers some protection in pcm and it enters bootblock recovery loop. Now pcm is unlocked and you can go straight to flashing new file.

modzer321 · Post by **modzer321** » Sat Dec 07, 2024 9:01 pm

ok so why not upload a custom bootloader to do this so we don't have to ground the pin

Post by **antus** » Sun Dec 08, 2024 12:34 am

That is how we upload the flash kernel, then you can do whatever you want, read or write. Tunerlock is a proprietary thing, once you're in you can clone a factory bin to restore the pcm to original state and clear it, or if you want to keep the operating system and calibration and you have another bin with the same operating system that isn't locked you can upload the parameter block from it to clear most types of tunerlock. Note that uploading paramater block or clone will change your vin (which you can just change back) and your pcm serial number.

modzer321 · Post by **modzer321** » Mon Dec 16, 2024 5:15 pm

this would mean no grounding the pin right

Post by **antus** » Mon Dec 16, 2024 5:22 pm

yeah, once you've written normal security data over the top, no more grounding the pin.

modzer321 · Post by **modzer321** » Mon Dec 16, 2024 5:33 pm

but why do we need to ground the pin to start with cant we still upload the custom kernel or is there something I'm missing

pman92 · Post by **pman92** » Mon Dec 16, 2024 7:09 pm

You need to "unlock" the PCM to be able to upload to it.
Generally the PCM sends some form of "seed" and a "key" is calculated from it by the software, and sent back to unlock it. The algorithm to generate the key has been figured out.
A tuner locked PCM does not accept the same key, it accepts something else (either from a different algorithm, or simply hardcoded in the memory of the PCM). So without knowing what it is, or how to calculate it, you can't unlock it.
When you ground the pin the PCM cannot read certain memory, which causes it to essentially crash and enter a "safe state" where it isn't locked and can be recovered. So you no longer have to calculate any key to be able to upload to it.

Clarification on Tuner Lock and Grounding Pin to Unlock PCM

Clarification on Tuner Lock and Grounding Pin to Unlock PCM

Re: Clarification on Tuner Lock and Grounding Pin to Unlock PCM

Re: Clarification on Tuner Lock and Grounding Pin to Unlock PCM

Re: Clarification on Tuner Lock and Grounding Pin to Unlock PCM

Re: Clarification on Tuner Lock and Grounding Pin to Unlock PCM

Re: Clarification on Tuner Lock and Grounding Pin to Unlock PCM

Re: Clarification on Tuner Lock and Grounding Pin to Unlock PCM

Re: Clarification on Tuner Lock and Grounding Pin to Unlock PCM