Topic: 2858 to 1888 Kernel 'Downgrade' Confirmed, not working with 4552+ (Read 322 times)

Xbox-Scene · « **on:** January 22, 2007, 10:52:00 PM »

2858 to 1888 Kernel 'Downgrade' Confirmed, not working with 4552+
Posted by XanTium | January 23 00:52 EST

(IMG:http://www.burstnet.com/cgi-bin/ads/ad9520b.cgi/ns/v=2.1S/sz=300x250A/

Robinsod posted an update about his hack to downgrade a 2858 (or lower) kernel back to the 1888 'Base Kernel'. By being able to boot the 'Kiosk disc' from recordable media he proofs his 360 is no longer running the 2858 kernel (which blacklisted these XEXs) and boots without applying the kernel patches that have nulled headers:

Quote

Confirmed, downgrading allows the Kiosk disk to run again!

So I have now proved that kernel 2.0.2858 (won't boot the kiosk disk) can be downgraded to 2.0.1888 and that WILL boot the kiosk disk (or bits of it) from CD-R. This was proved with a mobo for which the DVD key is NOT known.

However, with newer kernels (4552 and after) it seems to be (currently) impossible to downgrade back to 1888. From Robinsod and Speedy22:

Quote

Until the 4552 update that is exactly what I was doing, erasing/corrupting part of the patch and rebooting. The 360 fell back to the previous patch or, if no patch has been applied, the Base Kernel.
After the 4552 the 360 WILL NOT BOOT unless the 4552 patch is present in flash.

More than likely MS has blown an efuse or two with the 4552 update. The efuses are located in the CPU. Anyone interested in learning more should download my 360 CPU datasheet V1.5 from the beginning of March 2005.

The Hypervisor only needs to test a flag in the processor (blown eFuse) against a flag in the patch to make a boot/no boot decision, there could be any number of these flags but at a rate of 1 eFuse / year then 32 would be more than ample. There's no need to actually modify the hypervisor code at all.

The efuses act like standard memory and probably contain the HID register data as well. I would guess there are 1K-2K worth of efuses.

Note: Right now there's no use (or easy way) for end-users to downgrade their kernel ... but it's very interesting research and might be useful in the future or for further research.

More Details: xboxhacker.net (hacking/tech discussions ONLY! - thx)

Ravo5002 · « **Reply #1 on:** January 22, 2007, 10:36:00 PM »

that sucks

GeToChKn · « **Reply #2 on:** January 22, 2007, 11:02:00 PM »

Well if they used an efuse for this specific patch, maybe they know the previous ones may have an exploit or something and want to make sure this one is permanent.

bongmaster420 · « **Reply #3 on:** January 23, 2007, 12:45:00 AM »

man i dont know whether to jump for joy coz " there may be an exploit" or to cry coz some "Efuse" is now blown in the processor or sum crap lol man i been keepin up with most of the stuff thats been goin on lol but an Efuse sounds like a fuse for ur internet lol hahaha neways hopes this leads some where in the homebrew scene and all this piracy stops and we can get on with HOMEBREW NIKKAHHHS!lol great work X-S

dom0012 · « **Reply #4 on:** January 23, 2007, 01:07:00 AM »

why is this posted? this isnt really breaking news in my opinion...

schizzlefuzz · « **Reply #5 on:** January 23, 2007, 02:12:00 AM »

QUOTE(dom0012 @ Jan 23 2007, 02:14 AM)

why is this posted? this isnt really breaking news in my opinion... (IMG:style_emoticons/default/huh.gif)

Better news than those Xenon360 cases, thanks for posting it Xantium.

tom_mandory · « **Reply #6 on:** January 23, 2007, 04:14:00 AM »

QUOTE(Xbox-Scene @ Jan 23 2007, 04:59 PM)

Note: Right now there's no use (or easy way) for end-users to downgrade their kernel ... but it's very interesting research and might be useful in the future or for further research.

gamesaving?

msr · « **Reply #7 on:** January 23, 2007, 03:48:00 AM »

when did the 4552 update come out. any progress is always, good, and they have learnt something new from it.

thx for keeping us posted.

rgtaa · « **Reply #8 on:** January 23, 2007, 04:55:00 AM »

I would like to know I could go back to ealier dashboard version if something comes along I don't like with NEW dashboard, and it seems we can't go back. So it makes updating Dashboard VERY dangerous (after every update people have shared how it screwed up their 360) and I thought the codes that were out last year would allow us to revert back to factory dashboard , but I guess it's not possible or use to be possible but not possible NOW.

twistedsymphony · « **Reply #9 on:** January 23, 2007, 05:50:00 AM »

QUOTE(tom_mandory @ Jan 23 2007, 05:45 AM)

gamesaving?

That would probably be the biggest use for downgrading since gamesaving was pretty much annihilated with the fall update.

xboxbman · « **Reply #10 on:** January 23, 2007, 07:15:00 AM »

Hack it! Hack it good! If you have a 360, you must hack it! If you want to play homebrew, you must hack it! Hack it up! Into shape! Go for it! Move ahead!

brywalker · « **Reply #11 on:** January 23, 2007, 07:21:00 AM »

Wow. That DEFINITELY gives us more insight to the update = 3 red rings situation that they are addressing now.

Looks like what is happening is either:

A) During the update the EFuse doesn't blow and the dash updates fine which when checked by Hypervisor returns a no boot condition

During the update the EFuse blows correctly and the update DOES NOT flash correctly which when checked by the Hypervisor returns a no boot condition.

Very facinating.

xboxbman · « **Reply #12 on:** January 23, 2007, 09:27:00 AM »

QUOTE(brywalker @ Jan 23 2007, 09:28 AM)

Wow. That DEFINITELY gives us more insight to the update = 3 red rings situation that they are addressing now.

Looks like what is happening is either:

A) During the update the EFuse doesn't blow and the dash updates fine which when checked by Hypervisor returns a no boot condition

(IMG:style_emoticons/default/cool.gif) During the update the EFuse blows correctly and the update DOES NOT flash correctly which when checked by the Hypervisor returns a no boot condition.

Very facinating.

So theoretically, this could be a solution to the 3 red ring error. Now we just need a user friendly method for doin it, cause I'm guessing most people don't have a programmer to edit their kernel.

Bizquick · « **Reply #13 on:** January 23, 2007, 10:13:00 AM »

Does this mean that in some way we could tweak the dash kernal to tell the hypervisor to boot unassigned code? I mean if I understand this with the efuse I would think that it apears that 90% of hacking could be done at the kernal/dash level. And if I understand one more thing about efuse. is that it also seams that it is closing the path on possible dash hacks. so like in xbox 1 you could do a softmod on certian dash levels. This way I see it now on 360 the kernal update has to be blowing the efuse at a dash update. and the 3 rings of light. I bet are cause the efuse didnt blow. Or ofcorse the only way to test that would be to try to down grade that dash. and if that doest work then it would have the be a croup flash and the efuse did blow. this would certianly explain what MS is doing on updates and how they are failing. But in ether case it also looks like if someone knew what they were doing they could also do some of these 3 ring system repairs.

NFN_NLN · « **Reply #14 on:** January 23, 2007, 11:05:00 AM »

No problem,
I'll just call MS tech support and tell them my eFuse is blown and I need a replacement XBox360.
I'm sure they'd be more than willing to help

.

Author Topic: 2858 to 1888 Kernel 'Downgrade' Confirmed, not working with 4552+ (Read 322 times)