Jtag & RGH together?

[lyzanxia]

At the moment I have a jtag working machine. I was wondering if it was possible to also rgh the machine (for upcoming fusion), so that I could switch between jtag & rgh (just switching nands).
Would it be possible to leave the jtag wiring as is, and wire rgh at the same time, and rewrite nand for rgh or jtag as I want?

Or would there be possible danger in leaving jtag wiring together with trying to rgh?

Anyone an idea?

[Blackaddr]

You can leave the JTAG wiring in place, it won't hurt anything.  Just make sure you have your efuses protected so you don't loose JTAG functionality.

[MagnusHydra]

I have my jasper 512 jtag also wired up with a RGH chip.Do as Blackaddr says. Its funny how my jasper jtag/rgh will boot the rgh side faster then any slim i've done.

[lyzanxia]

Thanks Blackaddr & MagnusHydra for the info.

I allready had r6t3 removed

[lyzanxia]

Ok, so I got everything wired up today as rgh1.

But it just keeps on glitching, without getting to xell or dash.

Left my jtag wiring intact and my r6t3 is removed.
My cb is 6723 and my created rgh1 nand had cb6750.

If I flash back my jtag nand, everything works again (if I turn of the Coolrunner).

Do I have to remove my jtag wiring, or do I have to suspect my soldering?

Any idea or pointers?

[phonsey]

Ok, so I got everything wired up today as rgh1.

But it just keeps on glitching, without getting to xell or dash.

Left my jtag wiring intact and my r6t3 is removed.
My cb is 6723 and my created rgh1 nand had cb6750.

If I flash back my jtag nand, everything works again (if I turn of the Coolrunner).

Do I have to remove my jtag wiring, or do I have to suspect my soldering?

Any idea or pointers?

why would you want rgh and jtag when rgh is unpatchable lol. if i was you i would jst remove the jtag wires and update the dashboard to stock and then rgh the console!

[ddxcb]

Ok, so I got everything wired up today as rgh1.

-snip-

why would you want rgh and jtag when rgh is unpatchable lol. if i was you i would jst remove the jtag wires and update the dashboard to stock and then rgh the console!

That would be not smart at all. If he want to have both, he can.

@OP, im not sure if the newer cb is working as there are fuse checks, try to rgh 2.0 it as the dual cb when glitch do not check for the fuses as they are nop in the cb_b

Or this OP, use the CB_6723 and glitch the CD_8453 to use fusion.

[lyzanxia]

Can you elaborate on doing this?

ps:tried rgh2 , no go...green power led on xbox stays solid green and coolrunner keeps glitching without effect.

[ddxcb]

Can you elaborate on doing this?

ps:tried rgh2 , no go...green power led on xbox stays solid green and coolrunner keeps glitching without effect.

or try RGH 1.0 using the Jtag CB

[lyzanxia]

How can I inject the jtag CB into the rgh1 nand file?
Thanks for helping

[lyzanxia]

Ok, now that fusion is released, I see what you mean 

[cory1492]

The CBs don't revoke on older fuse settings, only when they see a newer fuse setting that wasn't supported when the CB was compiled.

I currently have my falcon doing dual boot with JTAG and RGH, I used the default images built with xebuild and both work fine. Just remember to set the CF LDV properly for the RGH image and you should be good to go (setting it improperly will still let you boot to xell and the .ecc images built with python should not have this issue, though you will have to provide the correct bls to it.)

[Haygar]

Ok, so...........hang on...what do we have to do? lyzanxia's setup, which cb is right for rgh1...6723,  6750 or extract cb from jtag image and inject that in the fusion app? A few of us have been wanting to try this and get a better understanding but between jtag, rgh, rgh2 and now fusion the lines getting a bit blurred 

[cory1492]

You don't need to extract anything from the jtag image, you will however need the bls listed in the glitch ini in xebuild as well as a clean or pre-patched glitch smc. Again, I just used xebuild to build my images for both jtag and glitch and made sure it had whatever it asked for, they needed different smcs so I set up two separate folders for the same machines per machine folder. Also, I set it up so that when jtag is selected, the CPLD doesn't try to glitch it. RGLoader should work on the glitch side fine provided it supports your console type so it's possible fusion would too with the same caveat.

for jtag:

Code:

[jasperbl]
cb_6723.bin,e9292b90
cd_6723.bin,0fcff305
ce_1888.bin,ff9b60df
cf_4532.bin,d28ef722
cg_4532.bin,2530f8ce
cb_6750.bin,f7afa8cc
cd_8453.bin,25e0acd0
cf_14719.bin,31764aae
cg_14719.bin,2b990f2a

for glitch:

Code:

[jasperbl]
cb_6750.bin,f7afa8cc
none,00000000
cd_8453.bin,25e0acd0
ce_1888.bin,ff9b60df
cf_14719.bin,31764aae
cg_14719.bin,2b990f2a

As you can see they do both use the same bls (6750/8453), the difference is that JTAG boots the exploitable kernel first before using the newer ones, and atm I'm not aware of any program that will extract the second set from a JTAG image.

[lyzanxia]

Thanks for clearing that up Cory1492.

So now I'm reassured, that it is possible to have a machine on jtag CB also doing rgh1 (since your doing it ).

Checked and my nands look like yours, the jtag with the 6723 CB and the rgh1 with the 6750 CB.
LDV values also match up.

I guess I just have a stubborn jasper which won't glitch at the moment with standard glitchchip.
I have ordered some resistors and capacitors to tweak it, hopefully it will glitch then.

[Haygar]

Right, so for glitch the jtag-exploitable machine has no problem running the 2bl 6750. Therefore an exploitable falcon 5761/5770 is ok with 5771.

Thanks for that info

[lyzanxia]

Ok, so got my caps and resistors in the mail. Guess what...it glitches!!! all it needed was a cap 68nf between ground and pll_bypass.
Great stuff glitches almost instantly, before the cap never 

Thanks guys!

[cory1492]

Congrats lyzanxia, glad you got it sorted 

[lyzanxia]

Thanks Cory1492

Another question though: have you succeeded in running fusion on your setup?

I can glitch boot dash 14719 now almost instantly, but a fusion created nand won't boot.
Just stays glitching, nothing happens. Hdd connected, cd in the drive.

Would you take cb_a_decrypted & smc_config from your orig nand (7371 or 14699) or from the jtag image to create the fusion nand?

Damn, I'm sooo close 

[cory1492]

Neither, I would use the CB used to build the glitch NAND.

Code:

[jasperbl]
cb_6750.bin,f7afa8cc
none,00000000
cd_8453.bin,25e0acd0
ce_1888.bin,ff9b60df
cf_14719.bin,31764aae
cg_14719.bin,2b990f2a

in that case, cb_6750.bin. Keep in mind "RGH2" requires dual CB (CB_A/CB_B), a different wiring method and less reliable glitch times - not RGH1 which is what you should be using on a JTAG. Either way, the code for the CPLD is timed against specific BLs which in turn are meant for specific hardware revisions.