Take a look at pi pico projects which use an SD card. The emmc and sd card protocols are the same.To sniff the bus, we'd need PIO code that reacts to the Switch's CLK signal, I haven't done that yet. This code currently produces its own CLK signal so it's more useful for reading/writing to eMMC independently from the Switch.
I'll take a look at it tomorrow, maybe I'll figure something out.
I guess one idea would be that this code is specifically for writing the payload to the eMMC (hold RESET pin so that the Switch doesn't interfere -> start CLK and write payload to the eMMC) and after writing the payload we'd have to (re-)start the Switch anyway and that's where the "sniffing PIO code" comes in.
Honestly, even though only sniffing the eMMC data shouldn't do any damage to the Switch, I'm kind of scared of trying to hook it up to an actual Switch
The eMMC communication is basically the first important half of the Picofly and honestly I'm surprised that I couldn't find ANYTHING regarding somebody implementing the eMMC protocol on Picos as this is a public and popular type of flash storage..
Other than that, I don't know if I really should dive deeper into this topic after I've successfully implemented the eMMC protocol, big N's ninjas have eyes everywhere.
Sadly all the projects with SD cards that I found were using SPI to communicate with the card, we need „native mode“ though..
- Joined
- Dec 26, 2022
- Messages
- 95
- Trophies
- 0
- Location
- your router's unprotected root shell
- XP
- 170
- Country
finally bit the bullet and decided to learn c 
. if this project is gonna be in my mind 24/7 i might as well do something productive while I'm at it
. if this project is gonna be in my mind 24/7 i might as well do something productive while I'm at it Apparently you can google better than me. I've skipped through the code and honestly I think I know the RPi too little to understand how the data actually gets transferred.
To read/write data, this file uses mmio_read / mmio_write from mmio.h/-.c, but all that these functions do it write or read a 32bit unsigned int from the specified address. The "base eMMC address" is
"#define EMMC_BASE 0x20300000"
I honestly don't know where that comes from and how the RPi actually writes/reads the data from the eMMC.
Post automatically merged:
C is pretty cool and honestly not that hard, using pointer is basically the only "hard" part about it, other than that it's more that understanding the API that you want to use (RPi Pico SDK in this case) and the hardware is the difficult part about it.finally bit the bullet and decided to learn c
Post automatically merged:
After searching for a while I've found a repo that implements the SDIO protocol (basically the same serial protocol that we need for the eMMC) in 4bit mode using RPi Pico and PIOs:
https://github.com/ZuluSCSI/ZuluSCSI-firmware/blob/main/lib/ZuluSCSI_platform_RP2040/rp2040_sdio.pio
https://github.com/ZuluSCSI/ZuluSCSI-firmware/blob/main/lib/ZuluSCSI_platform_RP2040/rp2040_sdio.cpp
Last edited by Piorjade,
- Joined
- Dec 26, 2022
- Messages
- 95
- Trophies
- 0
- Location
- your router's unprotected root shell
- XP
- 170
- Country
Writing a new firmware from scratch is the way to go. We don't want to be stuck with a firmware that is closed and can't be updated in the future.
- Joined
- Dec 26, 2022
- Messages
- 95
- Trophies
- 0
- Location
- your router's unprotected root shell
- XP
- 170
- Country
and did they learn that sharing is caring when they were kids?
You dont really need to update the firmware if it works. SX boot still works after all. But sure I do like opensource as well
- Joined
- Dec 26, 2022
- Messages
- 95
- Trophies
- 0
- Location
- your router's unprotected root shell
- XP
- 170
- Country
Horizon Operating System (Switch OS)now i feel dumb, what's HOS
- Joined
- Dec 26, 2022
- Messages
- 95
- Trophies
- 0
- Location
- your router's unprotected root shell
- XP
- 170
- Country
Similar threads
- No one is chatting at the moment.
