Comment by librick
3 years ago
The apparent jankiness of the rear camera was one of the first reasons I started hacking on the car tbh. It was weird to me that the yellow guidelines/overlay don't appear on the camera feed until a little while after the camera feed first shows up. I've confirmed that it's a two stage process controlled in part by the /sbin/earlyrvc binary and later accessed via an Android service. But I'm not sure why the Honda devs didn't include rear camera dash cam functionality. Especially because you can use the side camera while driving, but not the rear camera. My working theory is that there's some sort of limitation with frame buffers or processing power but . I definitely encourage other devs to look into this too
Ahh, didn't realise some Civics have side cameras. My 2020 Civic only has a rear camera. FWIW I haven't noticed much jerkiness from it so far.
I wonder if I could write a little binary that would continuously record the rear camera, at least the last minute or so, and then hook it up to some button in the UI to store the last recording.
How tough is it to root the head unit and work with it?
*Jankiness, not jerkiness. I could have clarified that better; what I mean is that it was strange to me that the backup camera had two stages. The camera video feed comes up first, then the yellow overlay lines are rendered on top later. Which makes sense, that way the user doesn't have to wait for Android to boot up completely before they can view the backup camera.
I want to look more into rear camera viewing/recording too. The binary /sbin/earlyrvc in the repo (in the boot recovery image directory) is what displays the camera on boot. After that there's a few Honda-specific APKs that handle backup camera access for the rest of Android. I had some luck using Ghidra for static analysis of /sbin/earlyrvc. But the biggest hurdle I ran into is a lack of documentation on NVIDIA kernel drivers and the graphics pipeline.
As for rooting, I used a paid ($25) service. You sign up on this sketchy site, pay the $25 to get a unique code (a UUID), and then visit a specific website from the headunit's web browser. AFAIK, whoever runs that service is basically just using a WebKit exploit chained to some other Android exploit(s) to achieve root. It worked for me. I've added some more info on this to the README. But one of my goals is to make rooting easier/free/open source to lower the barrier-to-entry for headunit hacking. It'd be great to see a PR for that