Re: Newbie question:installing debian-arm on an HHP Dolphin 9900
On Fri, Sep 17, 2010 at 9:11 AM, jerome moliere
> Hi all,
> I'm a totally newbie into this world of mobile devices so excuse me if
> this question is stupid.
> Does someone succeed in installing Debian on a Dolphin 9900 from Honeywell?
_whoaa_ those things are £1000 and, judging from the photo at
http://www.honeywellaidc.com/9900/ they run wince. the chances
therefore of any debian person being even _remotely_ being interested
in them is extremely small.
> If the answer is yes, with what kind of procedure/technical process ?
> For which kind of results ?
ok. well, fortunately, i've done reverse-engineering of wince
devices before so i can let you know what to expect.
first thing: you will need to get HARET.EXE (hand-held
reverse-engineering tool). if the thought of compiling that under
windows using the ARM version of microsoft's c compiler (MSVC.EXE)
makes you scream and run away, then when you come back, you can
consider running it under Wine. MSVC.EXE for ARM does actually work,
runs like a dog, but works. if even this makes you shudder, then you
_can_ get gnuharet.exe up-and-running, which, surprise-surprise,
compiles using the mingw32 gcc cross-compiler with the wince
if you're happy to pay for my time to get you more explicit
instructions than the above, i'll happily track down the tools for
you, otherwise if you want spongeing "freebie" advice whilst i'm
wondering where to get money to pay off the back-rent and to pay for
food tomorrow, you're on your own to track down the tools: you can
spend your own time and money, not money of mine which i don't have.
your next job is to then disassemble the device, and take
hi-resolution photographs of it. you will need clear photos of every
single IC being used. remove - CAREFULLY - any metal shielding - and
get photos of those as well. if you can identify something as a GSM
radio or GPS radio DO NOT remove its metal shielding, they typically
use serial or usb so it's utterly unnecessary to do disassembling
from the photos, obtain the IC part numbers. use google to look them
up, and begin looking up the datasheets (if any). begin contacting
manufacturers and ask for technical datasheets and application notes
(which they will most likely tell you to piss off / ask for an NDA /
not bother to reply).
if you actually _got_ any app notes and tech sheets, it will save you
vast amounts of time, sadly, given that you're likely expecting to
get "free" information, "for free" (i don't know, but if you're on
this list it's quite likely), they will judge the call as "not gonna
make us any money" and not answer, so you're on your own.
next, you reassemble the device and, having identified the major
component, the CPU, you can compile and install gnuharet.exe or
HARET.EXE with the right compile-time options. initially, large
sections of gnuharet.exe and HARET.EXE you should be commenting out -
you will work out what they are yourself, or contract me to work them
out for you.
once you have HARET.EXE or gnuharet.exe installed, you can begin to
use it to piss about with the GPIOs, take memory dumps etc. etc. be
prepared to crash the device hundreds of times. one GPIO will be the
power-up for the GPS, so you want to run the GPS then dick with the
GPIOs one at a time until the GPS stops working. when it stops
working, congratulations! you _might_ have found one of the GPIOs for
the GPS! i say one, because there are usually a few.
are you beginning to get the picture, yet? that the amount of time
involved in "getting debian to run on a Dolphin 9900" is just...
insane. we haven't even got to the point about compiling a linux
kernel for it, let alone "getting debian to run".
so let's assume that you're happy to spend between three to six
months of your life poking around at GPIOs and taking memory dumps,
and carry on, ok?
the point of doing the memory dumps is to identify register banks for
any additional ICs. you also want to find the screen area
(memory-mapped if you're lucky).
eventually you will have enough information to consider creating a
*basic* linux kernel. pick one. it doesn't matter which. you also
want to create an initrd that is big enough to contain at least some
basic tools (i made one that was 16mb at one point and contained
Xf86-fb v3, and dropbear! :)
you will then use gnuharet.exe or HARET.EXE to "fire up" this kernel
and initrd: the process operates in the same way as LOADLIN.EXE (look
it up) for x86 systems.
you will fail, and fail, and fail, and fail, and will fail again and
again and again to get anywhere for weeks and possibly months, until
finally, one day, you manage to get something _very_ basic
up-and-running, at which point you can at least consider poking around
the device using tools that you write yourself.
your absolute first priority is to get something up-and-running over
a serial line, because you can at least put out linux console messages
over it. the second priority will be to get the LCD initialised
(power-up sequence). the third will be getting its parameters right
(size, scan frequency etc.) so that you can see something on it!
at some point you will decide "this is ridiculous" and will go out
and buy IDAPro 5 or find and hire someone (such as myself) to do
actual reverse-engineering of the WINCE DLLs, to save yourself vast
amounts of time.
_finally_, some point approximately six months to three years later in
your life, you will _eventually_ have all the devices decoded and
figured out, and will have a working linux kernel.
at that point, you can put whatever OS you like on it - but possibly
not _directly_ onto the device, because if it has Flash (NAND etc.)
and you screw up the writing to it (or, worse, it turns out to be a
proprietary Millenium g3 device or somesuch) then you will have
bricked that £1000 device.
at that point, you will have to disassemble the device again, look on
the PCB for its JTAG port, guess which wires are which (possibly
risking destruction of the device if you get it wrong), and begin
reprogramming it from there. i've never done JTAG programming of ARM
CPUs, but i understand enough about the process to say that you can
load a linux kernel (or better, a boot loader) over the JTAG port into
memory etc. etc.
so in short, whilst i don't want to laugh at the innocence of the
question you asked, i hope that by now you have a clear picture that
it was perhaps... a bit more than what you were expecting?
and that, if you _do_ have the time and money, you're actually better
off paying some other company in china (or better yet one in the UK
such as simtec) to re-create the device, from specifications and
requirements that you give them, with one of the requirements being
"for fuck's sake give me linux on the device already".
lastly, i leave you with this: for the sake of everyone's sanity, my
own included, i've left out a lot of the details in what's involved in
reverse-engineering linux onto wince devices, but if you really really
want to know, look up wiki.xda-developers.com and start from there.