E92 PCM Reverse Engineering
Re: E92 PCM Reverse Engineering
Yeah, I don't have strong C# skills haha. I do feel like I could make it work, but I'm going to have to jump onto some C# coding classes as I only know what I've read in the PcmHacks repo and creating a simple web app to upload my kernel via J2534.
Now that you say all that I'd be willing to try to help (even though I might not be much help for a while) abstract the comms. I feel like if that was done there is a lot of ground work laid already that wouldn't have to be recreated.
Now that you say all that I'd be willing to try to help (even though I might not be much help for a while) abstract the comms. I feel like if that was done there is a lot of ground work laid already that wouldn't have to be recreated.
LS1 Boost OS V3 Here. For feature suggestions post in here Development Thread. Support future development ->Patreon.
- antus
- Site Admin
- Posts: 8257
- Joined: Sat Feb 28, 2009 8:34 pm
- cars: TX Gemini 2L Twincam
TX Gemini SR20 18psi
Datsun 1200 Ute
Subaru Blitzen '06 EZ30 4th gen, 3.0R Spec B - Contact:
Re: E92 PCM Reverse Engineering
I am keen to get these assembly kernels finished for pcmhammer first, get the OSID lists for P04 and P08 and any others in to a good state, then we'll probably be able to do a release and start thinking about what comes next. If you want to start looking at can bus before then feel free to start a new thread and ask here, or send me PMs and we can get started on another branch. I have this E92 and an E38 on the bench I can develop and test against.
Have you read the FAQ? For lots of information and links to significant threads see here: http://pcmhacking.net/forums/viewtopic.php?f=7&t=1396
Re: E92 PCM Reverse Engineering
my coding skills are limited but I can usually figure things out eventually. I've been able to successfully create simple programs to talk back and forth with CAN modules. I feel like I do have a pretty good handle on CAN programming and Im willing to help out where I can. I have a pile of CAN ECMS under my bench as well.
Re: E92 PCM Reverse Engineering
Ok, that’s reasonable. I’ll start a new thread for this effort in the GM section.antus wrote:I am keen to get these assembly kernels finished for pcmhammer first, get the OSID lists for P04 and P08 and any others in to a good state, then we'll probably be able to do a release and start thinking about what comes next. If you want to start looking at can bus before then feel free to start a new thread and ask here, or send me PMs and we can get started on another branch. I have this E92 and an E38 on the bench I can develop and test against.
LS1 Boost OS V3 Here. For feature suggestions post in here Development Thread. Support future development ->Patreon.
Re: E92 PCM Reverse Engineering
Ok, so I've created a branch of PCM Hammer that can communicate with CAN ECU's (Discussion on that Here) and I was able to upload my kernel and read the ECU for the first time.
The kernel seems to be working quite good, but I've only tried it a few times so there could still be problems. I had a couple issues with it crashing the ECU part way through the reading, but I was able to figure it out.
I have some cleanup that I need to do with the kernel. I would like to try and move onto the flash programming, but I know that the CRC, checksum, or whatever is in this ECU will stop me in my tracks. This is the only ECU I have at the moment so I would like to keep it alive, so I'll start researching what needs to be done so that I don't brick it.
Ideally I would be able to find a way to recover it from a software brick of some sort, but I imagine I would have to solder to that board for that.
The kernel seems to be working quite good, but I've only tried it a few times so there could still be problems. I had a couple issues with it crashing the ECU part way through the reading, but I was able to figure it out.
I have some cleanup that I need to do with the kernel. I would like to try and move onto the flash programming, but I know that the CRC, checksum, or whatever is in this ECU will stop me in my tracks. This is the only ECU I have at the moment so I would like to keep it alive, so I'll start researching what needs to be done so that I don't brick it.
Ideally I would be able to find a way to recover it from a software brick of some sort, but I imagine I would have to solder to that board for that.
LS1 Boost OS V3 Here. For feature suggestions post in here Development Thread. Support future development ->Patreon.
-
- Posts: 590
- Joined: Thu Feb 13, 2020 11:32 pm
- cars: Mainly GM trucks, a Cruze and an Equinox for dailys..
Re: E92 PCM Reverse Engineering
I can and I'm sure others can give it a try on a bench E92.. For writing I am using the factory sps format and the aftermarket's appear to be doing the same.. In any case if your writing your own I would stick to doing something in the calibration section as if it does get bricked it can get fixed with gm sps or other software..
Re: E92 PCM Reverse Engineering
Hiya,
bubba and others here are bad tha fack ass. I used to write some pretty cool stuff in asm, but back in the day it was 8 bit(two way comm so I had to build cloak code) I believe it will still transfer. Yes, somewhere in the GM strategy it checks CVN's and other such things. The newer stuff is quite interesting. I haven't had any time to do much research and I suck. If I get into something like this, I tend to not sleep and not work on anything else until I completely understand Not conducive for life fun .
The newer stuff seems to have entry's upon boot that has a different security sector and has its own stack and separate "secure" ram.
bubba and others here are bad tha fack ass. I used to write some pretty cool stuff in asm, but back in the day it was 8 bit(two way comm so I had to build cloak code) I believe it will still transfer. Yes, somewhere in the GM strategy it checks CVN's and other such things. The newer stuff is quite interesting. I haven't had any time to do much research and I suck. If I get into something like this, I tend to not sleep and not work on anything else until I completely understand Not conducive for life fun .
The newer stuff seems to have entry's upon boot that has a different security sector and has its own stack and separate "secure" ram.
Re: E92 PCM Reverse Engineering
Interesting. Do you have any more information about any of that?In-Tech wrote: The newer stuff seems to have entry's upon boot that has a different security sector and has its own stack and separate "secure" ram.
LS1 Boost OS V3 Here. For feature suggestions post in here Development Thread. Support future development ->Patreon.
Re: E92 PCM Reverse Engineering
Hiya bubba,
At this point I monitored vpp against known stuff I monitored on the E92's I have read. I noticed there is quite a bit of activity on vpp and nothing on the "speaker" CAN with the newer stuff.
vpp can "show" you read and writes. It's a tough road.
20+ years ago in my iso7816 days, there were plenty of things I thought GM/Hughes were going to implement, and vi hola. (<<<<<mis-spelled on purpose for funny) in 2019+ they are doing it.
At this point I monitored vpp against known stuff I monitored on the E92's I have read. I noticed there is quite a bit of activity on vpp and nothing on the "speaker" CAN with the newer stuff.
vpp can "show" you read and writes. It's a tough road.
20+ years ago in my iso7816 days, there were plenty of things I thought GM/Hughes were going to implement, and vi hola. (<<<<<mis-spelled on purpose for funny) in 2019+ they are doing it.
Re: E92 PCM Reverse Engineering
What is vpp?
I believe there was something on the the P01/P59 that related to flashing but I don't know if it's the same thing. Also I think it was only accessible from the PCB.
I believe there was something on the the P01/P59 that related to flashing but I don't know if it's the same thing. Also I think it was only accessible from the PCB.
LS1 Boost OS V3 Here. For feature suggestions post in here Development Thread. Support future development ->Patreon.