Hello,
Im not sure if anyone was aware, but the source code for the kernel is available from the Acer website. Im not sure if this would help with the dev of roms or cracking the bootloader. Thought I would throw it out there.
Its available on the Acer support page under the A100, and is around 100mb
mvan4310 said:
Hello,
Im not sure if anyone was aware, but the source code for the kernel is available from the Acer website. Im not sure if this would help with the dev of roms or cracking the bootloader. Thought I would throw it out there.
Its available on the Acer support page under the A100, and is around 100mb
Click to expand...
Click to collapse
Yeah, I saw that. Doesn't make a difference though, we need a unlocked bootloader before a custom kernel we can make with that is useful.
Back in my Xperia x10 days they were able to find a way to crash the stock kernel and were able to load custom kernels with a locked bootloader. Its probably not feasible considering it was a much older kernel version and from a different manufacturer...but one can only hope right? lol
Don't know if it helps, but the thunderbolt also came with a locked bootloader and devs figured out how to flash a custom kernel. The custom was also locked but supported what they needed it to. It was flashed with the same process as our flashing updates manually. Maybe some of the tbolt devs could help?
Sent from my A100 using Tapatalk
We could do a custom rom that through 2nd-init, but so far its been an uphill battle trying to figure it out. I'm not a kernel developer, but I've done some work modifying and working with cm7 kernels but nothing to this scale.
I do know that we wouldnt be able to change the kernel on this device or a modified recovery because there's some checking going on with the checksum of the disk images.
@crossix
Have you seen this thread in the Nook Tablet forums?
They found a way around the the bootloader problem.
I was thinking the above. Maybe we can make a work around through the kernal code. I havnt done programming on this low of a level but can scan through to see if and what checks there are and if there are any loopholes... I like to think they have a backdoor somewhere in there...
Excuse me, I was wrong. The tbolt with its locked bootloader was solved a little differently. I think what they did was flash an entirely different bootloader to it. One that was still encrypted but unlocked. Don't know if that's possible in this case but thought it was something to mention.
Sent from my LG-VM670 using Tapatalk
Maybe we should talk to nemith and fattire and they may have some suggestions. I am no where shilled at this level of development to talk intelligently to them. My development skills lie in the .Net field and at the application level. So I am not much help.
@painter... i have been looking through the nook forums that you referred to and i certyainly think that this is possible route to go with the a100. this is also way above my skillset, however i will be more than happy to do what i can if there are any developers interested. i have been doing alot of research into the locked bootloader and this is the most promising news that i have heard so far. I wish we could get more devs interested in this little tablet because it has great potential if we could get past the bootloader.
What Ill do later is download the code again, had before, but accidentally deleted it, and look through some of the more important code to see what can be found. Why would Acer put up the source code if there isnt a way to alter the kernel? Seems counter-intuitive to put it up without a purpose...
here is some info on 2nd init, if anyone smarter than me is interested in having a look.....good luck!..... http://cvpcs.org/blog/2011-06-14/2nd-init._what_it_is_and_how_it_works
mvan4310 said:
What Ill do later is download the code again, had before, but accidentally deleted it, and look through some of the more important code to see what can be found. Why would Acer put up the source code if there isnt a way to alter the kernel? Seems counter-intuitive to put it up without a purpose...
Click to expand...
Click to collapse
Because they have to, its required by gpl to make the source public. Just because they make it public, doesnt mean that it'll compile properly though. But, in this case it does compile cleanly and with it we could probably take bits and pieces of cwm for the a500 and get it to work (their gpl version not thor's recovery). How to do that tough with our current encrypted recovery I dunno.
I looked at the thread and it definitely looks like something doable but what offset would we use and how would we tell the boot partition to go look for a custom recovery when we cant even open it to alter its contents since it and the recovery partitions are both encrypted.
If you make a image of either partition using dd and try to mount it and read its contents you see gibberish rather then editable files in the images. might be able to poke at it with a hex editor, but that's beyond my skill level.
Sent from my MB860 using XDA App
Im still in the extraction process, and it is a rather large image. Its around 500mb compressed. I can take a look into it, but cant make any promises that Ill find anything at all. I understand the gpl and whatnot, and the partitions being encrypted, and am just hoping that somewhere in the kernel is a clue as to what is being done that can help us along the way to cracking this thing.
I didnt think of this until now, but is the newer A500 encrypted? If s, maybe we can find the difference between the older and the newer version somehow and see what they are using. Just a thought, could be completely wrong.
from what I understood (I could be completely wrong though) one of the newest updates that brought the a500 up to 3.2.1 changed their encryption method so itsmagic (their security hole) no longer worked. The work around for that was to downgrade to 3.2 and install cwm / itsmagic and them flash a recovery 3.2.1 image.
Sent from my MB860 using XDA App
Hmm, Not sure. Ill look around. Im still trying to root my tab, have been unsuccessful thus far, and about 3 hours into trying..
is there any benefit in opening the device and sniffing around? I know the bootloader's encrypted but some of it might not be? That's how GeoHot found the first iPhone unlock exploit; by shorting two pins or something?
I also know it's possible to read NAND chips with an Arduino to some extent. I dunno, just talking out loud...
Never thought of finding a way through the hardware itself. I have never opened my Acer, probably wont. I have a Chromebook and they only way to install another OS on it was to flip a switch and pop the cover off, since it has a button thats enabled with the case on that prevents writing to specific portions and whatnot... Good thought. Maybe someone will look into this further.
A100 teardown
http://www.techrepublic.com/blog/it...eardown-lots-of-tech-crammed-into-7-case/3028
Sent from my PG86100 using Tapatalk
I think its very nifty that it has an expansion slot for a cellular chip. All the specs I can find on the 3g a101 show it as having half the RAM. Wonder what it would take to pop a 3g chip in there and get it working. :-\ You would probably have to flash the firmware from the 101 to get it to see the chip...
Related
I don't have the experience to know if this is possible, which is why I ask because I'm curious. I post here because I want devs to see it, and think "that could work" or "idiot"
As we know the defy bootloader will probably never be unlocked, now I was thinking would it not be possible to somehow isolate the bootloader from a rom, and run some kind of virtual one in a seperate partition to run a fully custom kernel? It's probably crazy but I'm dying to know what people think, don't be too hard on me I have no coding experience :/ however all opinions are welcome I think anything is possible
Sent from the real world by hacking into the matrix
I don't want that this will become another dead Bootloader-Hacking-Thread but I want to give you an answer with the facts:
1) There currently is no known way to execute code before booting the kernel because everything is well protected though signing code.
2) The only way to boot a kernel after kernel-boot are tools like kexec or 2ndboot. But a phone's RIL is a heavy stone on that way because it's not that easy to reinitialize this part of hardware and without RIL a phone is useless. The main-developers canceled this project due to this reason.
Other "non-phone"-devices with locked bootloader (like Sony's google-tv) are using this method without problems.
3) You can use kexec/2ndboot to load a full bootloader instead of an kernel only, too. But because we don't have the source we would have to reverse engineer it to disable the signature check of the kernel otherwise you would load another useless protected bootloader This was also an project but I don't think it's still alive...
Additional note: You can't directly flash a modified bootloader because our chipset has built-in OMAP3-security features. This means the CPU will only boot signed Code from NAND.
You can find many helpful information about this topic on this page:
http://and-developers.com/partitions:cdt#cdt_table_of_droid_x
Thanks that clarifies things quite a bit, however I mean loading not just a second kernel but a WHOLE bootloader that would handle the phones entire functions independently, or is it completely hardwired so its impossible for something to override it? (Sorry if you have already answered in the above). Another thing, has noone tried to compile custom fixed sbf? Maybe the bootloader could be replaced that way? In software almost anything done can be undone in some way, although perhaps this is the rare case where it isn't
Sent from the real world by hacking into the matrix
I edited my post to have everything at one place.
I hope this answers your questions.
The bootloader is like the bios in a pc (actually is part of the bios), it's what initializes the device and loads the rest of the code. to load it again or another one you had to reinitialize the device. the issue with the RIL is that when reset or restarted it "panics" and resets the whole device (I think, read it somewhere).
also the second unlocked bootloader that you want to load does not exist anyway.
it's better to just help the developers with bug reports and testing than daydream.
sorry mate!
m11kkaa said:
I edited my post to have everything at one place.
I hope this answers your questions.
Click to expand...
Click to collapse
So its all been tried before, damn! XD at least the devs here have done a fine job of making good roms even with this limitation, guess I will do my research before I buy my next phone as I love playing with roms, the more custom, the better
Sent from the real world by hacking into the matrix
I would like to know how many forum members would be willing to donate funds to any developer willing to seriously work at creating a recovery program and maybe one rom for the Xyboard 10.1 4G/LTE device.
I realize the bootloader is still locked, but devs have managed to bypass the bootloader on other devices using some very creative thinking. The bootloader on my Droid Razr is still locked, but we have Safestrap, CWM
There is also a member i saw that would be willing to donate a xyboard for testing.
I would be willing to donate $100 towards this project.
We need to show the manufacturers that our platform is truely OPEN SOURCE?
so, here we meet again, chumboy
well i'm in, offering 50$ for unlock/bypass
nchantmnt said:
so, here we meet again, chumboy
well i'm in, offering 50$ for unlock/bypass
Click to expand...
Click to collapse
welcome! hey again.
fair amount of views, not many investors.
surprised, it's verizon's main tablet that has 4g (besides the galaxy tab 10.1 which i heard is discontinued).
patience.
I would get in on this. I have actually been trying to figure out Hash's safestrap to see how it is replicated for different devices.
Sent from my Droid3 using xda app-developers app
I know it can be done...it's just a matter of interest. Is some dev interested in spending time to figure it out.
we have recovery for many, many devices whose bootloaders are locked.
SafeStrap would be great....or TWRP.
So far, we have $150 available for anyone who creates a recovery. Come 'n git it, devs!
why not create a simmilar thread at xoomforums.com... guess the most of interested useres aren't reading much @ XDA since atm there is no development going on for this device.
if you do so, just be sure to link to each other thread, list the users & amount and sync those two threads in their first post like:
"chumboy (xda/xoomforums) - 100$
nchantmnt (xda/xoomforums ) - 50
.....
hopefully many many more
_____
total funds until 28th of Sept - 150$
ill try and see if i can get some users @ androild-hilfe.de to join in
maybe u know of some other forums as well
cheers
25 from me if the recovery will working for international xoom2 too.
Hello guys,
i want to help you to get a custom recovery for your XOOM2,
because i´ve long waited for a cwm that could be used on my phone - Motoluxe XT615.
And i got sick of all those devs out there who don´t want to help us to make it even easier.
So my mates and me tired a lot together. Finally a chinese developer team got it.
So i hope i can charge my knowledge with you.
My first few questions are:
- Any tries of implementing 2nd init?
- Which type of internal storage (MTD, EMMC)?
- Locked bootloader (realy think so )?
- Can you upload the init.* script in the root of your phone?
I hope you have rootaccess
luxxx123 said:
Hello guys,
i want to help you to get a custom recovery for your XOOM2,
because i´ve long waited for a cwm that could be used on my phone - Motoluxe XT615.
And i got sick of all those devs out there who don´t want to help us to make it even easier.
So my mates and me tired a lot together. Finally a chinese developer team got it.
So i hope i can charge my knowledge with you.
My first few questions are:
- Any tries of implementing 2nd init?
- Which type of internal storage (MTD, EMMC)?
- Locked bootloader (realy think so )?
- Can you upload the init.* script in the root of your phone?
-and yes we have root
I hope you have rootaccess
Click to expand...
Click to collapse
for 2nd init i really lack the knowledge of how to do this, but atm trying to get to know more about it. is this even working on ics?
internal storage should be mtd if i'm not totally wrong...
the bootloader is locked, we are sure about that and about the init... will upload it for you later... first got to recharge^^
what kind of approach is it that you have in mind? i may lack the knowledge about bootstrapping etc, but i'm eger to learn
nchantmnt said:
for 2nd init i really lack the knowledge of how to do this, but atm trying to get to know more about it. is this even working on ics?
internal storage should be mtd if i'm not totally wrong...
the bootloader is locked, we are sure about that and about the init... will upload it for you later... first got to recharge^^
what kind of approach is it that you have in mind? i may lack the knowledge about bootstrapping etc, but i'm eger to learn
Click to expand...
Click to collapse
The 2nd init should not be a problem. Internal storage is /mnt/sdcard/ external drive can be loaded on /mnt/usbdisk_1.0/
The bootloader is locked, Motorola has not released this yet. However, I did decode a file that had the agreement for unlocking the bootloader so this leads me to believe it will happen in the future.
My knowledge of bootstrapping is limited as well but I do know that if Motorola's system catches anything of another system trying to run, it will reject it and either bootloop or reboot. The secret is in the boot stage not interacting with factory boot at all.
wow...you guys are talking way over my head. i understand somewhat, but at this time, i can't contribute anything but funding.
and emotional support !!!
let me know what a non-coder like myself can do to help you.
so far, we have $175 available to dev who creates recovery.
Devs,
Just want to make sure you dev's are working on the Xyboard 10.1" with LTE connectivity and not just the wifi only device.
It's the Xyboard MZ617 7444.
Realy guys i don´t want your money
On my phone we got a CWM recovery via hijacking battery_charger.
That means when your phone is of and connect it to any kind of power supply it normaly starts this huge battery loading animation.
We simlinked this battery_charger script to a folder that excutes the CWM.
So everytime i shutdown the phone and connect it to powersupply i´ll enter CWM.
I´m quite sure this will work on your tablet, too.
I just can help you with this kind. When your aim is to get a real 2nd Init i can´t help you,
because there my knowledge ends too.
But for beginning i think it would be nice to have any kind of custom recovery, or?
To beginn i realy need the init scripts guys. Open your filebrowser and go to internal storage root, there they should be.
Sorry was abroad for some days
Yes, any kind of custom recovery would be nice. Here you go with the init.
Any information on how you are going to do this would be nice so we can alter this to our needs (thinking about some bootloader to choose weather to load cwm or automatic just charge after some seconds would be nice)
What are the limits of this way? Guess we will not be able to flash kernels, right?
First off, sorry for double-posting
having read myself enough into 2nd init i guess there will be no way to get this running on our xoom2/xyboard models, as the devices need to be running some froyo-kernel to get this working. Maybe even a tweaked gingerbread-kernel can be used for 2nd init, but it should not be possible with honeycomb or even ics. So i guess our best bet is to concentrate on the option luxxx123 is going to give us.
Wow...interest seems to be picking up! That's great.
the Xyboard is really a pretty good tablet.
What you guys are discussing is slightly over my head so i'll just lurk and help when i can.
The kernel version is 3.0.8 Does froyo go into the 3's? I thought it stopped at 2.6.
Sent from my Droid3 using xda app-developers app
Youre right... Froyo stopped at 2.6 but if i recall it correctly the hijack of 2nd init doesnt work with newer kernel versions. But i would be glad if i was wrong here
Gesendet von meinem XOOM 2 mit Tapatalk 2
I tried pulling the 2nd init and hijack from my Droid 3 which has Hash's Safestrap. I customized a few things for my Xyboard and put the files in place but it put it into a bootloop. You just may be right.
Sent from my Droid3 using xda app-developers app
I'll save you guy some trouble, boostrap and safestrap won't work, bootstrap hijack method will not work, bootstrap is open source and you can find all the stuff on github by koush, safe strap by hashofcode will not work, it utilizes the same hijack binaries of bootstrap, this is also open source on his github,
Both can be built from the source, with the recovery files build from cm9 or cm7 .
I have built the recovery and the bootstrap they simply do not work.
That said i have gotten rid of my two (I even at one point offered to send one of mine to a known developer, not one took me up on the offer that's why I learned how to do it myself.
Now someone here brought up a way that peaked my interest, syslinking the charge while battery off script to a custom script to boot into a custom recovery' (cwm or twrp) this seems like the most likely at this could be done.
Someone with some time could find the script in question and post it I'm sure myself or someone else could get something going.
Sent from my Nexus 7 using Tapatalk 2
Is there anyone developing for the Kindle Fire 2?
As far as I can see, the answer is no but I'm not sure if you're all just been busy and work and don't have much to post yet.
If there is no dev team(s), or devs at all working towards getting this thing with a working Recovery and ROM, I will most likely put together a team this weekend.
Also, assuming there are devs, may you share any findings you have? Why or why not the recovery is being a difficult process and whatnot.
I will probably put together a team just in case, I just can't make promises until I meet this weekend and see if they want to work on this.
If/when i get a team I will make a thread for it and post any news updates as they happen. I really hope we can all get this thing cracked open soon!
Thank you in advance!
UPDATE!:
I hit reply instead of save, so I lost my post sadly, so bullet points!
-I could not contact the main dev.
-I do not plan on making a full dev team anytime soon.
-Powerpoint45 and Hashcode are making progress, moreso Powerpoint, although eventually it seems Hashcode plans to have a workaround, just no ETA or promises from him, but there is more hope than before!
-I will still help and try and offer advice to any newer people, I am not a dev, but I have a decent amount of experience that would be enough to help new people.
Good luck to all!
I too would like to know this. I don't have much but I would donate what I can to the first dev or team to get us past this locked bootloader.
Sent from my SAMSUNG-SGH-T989 using xda app-developers app
LegendaryCatalyst said:
I too would like to know this. I don't have much but I would donate what I can to the first dev or team to get us past this locked bootloader.
Sent from my SAMSUNG-SGH-T989 using xda app-developers app
Click to expand...
Click to collapse
Thanks I'll let you all know what gets decided this weekend. One coder agreed so far but their experience with Android is limited. The main person I have yet to talk to but he is the one that constantly messes with his android devices since android first came out. The issue is that he does not have a kindle fire, so I may have to buy them ones or lend mine to them to get the coding started.
I have been flashing ROMs and whatnot for a couple years, done my vibrant, galaxy s2, and a few others, but have no coding or developing skills whatsoever. I imagine everyone starts somewhere but I don't have the slightest idea where to begin. I would love to learn though. A locked bootloader seems like a steep challenge compared to obtaining root or developing a ROM. I might be wrong in that regard too.
Sent from my SAMSUNG-SGH-T989 using xda app-developers app
Depends on how the bootloader is signed. The Motorola Droid and Droid X were relatively easy to crack but other devices may never be cracked without help from the manufacturer.
LegendaryCatalyst said:
I have been flashing ROMs and whatnot for a couple years, done my vibrant, galaxy s2, and a few others, but have no coding or developing skills whatsoever. I imagine everyone starts somewhere but I don't have the slightest idea where to begin. I would love to learn though. A locked bootloader seems like a steep challenge compared to obtaining root or developing a ROM. I might be wrong in that regard too.
Sent from my SAMSUNG-SGH-T989 using xda app-developers app
Click to expand...
Click to collapse
Since this device already has Root, I don't know that the bootloader will be an issue. The Gen 1 Kindle Fire has JellyBean running on it already so it may be a (somewhat) simple task to port that to the Gen 2. I'll have to pull it and see what may be device specific to get things running on the Gen 2, but it can be done. We'll need to first get a custom recovery going to allow the ROM to install.
This looks promising from the Gen 1 forum. Perhaps someone can reach out to the dev and see 1) if he's ok with us using it and 2) if he can help get it going on the Gen 2.
http://forum.xda-developers.com/showthread.php?t=1399889
A locked bootloader generally means no custom kernels. Kexec is the only workaround (that I know of) other than unlocking, to start a new kernel . Root simply gives su access, it can't, in and of itself provide kernel customization.
Didn't the recovery for the KFHD's get put on hold? The stock recoveries won't usually let you flash anything that's not signed.
I'm not a dev but it seems like porting the KF1 ROM over to the KF2 should be pretty easy. Other than the bootloader, the hardware changes were minor, just bumping the CPU/GPU up one model and doubling the RAM. Again, it all hinges on unlocking the bootloader or reverse engineering the key it's signed with. Anybody have access to Amazon's EC2 system?
Antoine.WG said:
Didn't the recovery for the KFHD's get put on hold? The stock recoveries won't usually let you flash anything that's not signed.
I'm not a dev but it seems like porting the KF1 ROM over to the KF2 should be pretty easy. Other than the bootloader, the hardware changes were minor, just bumping the CPU/GPU up one model and doubling the RAM. Again, it all hinges on unlocking the bootloader or reverse engineering the key it's signed with. Anybody have access to Amazon's EC2 system?
Click to expand...
Click to collapse
I just toured google today and made a new friend. He doesn't work on the android side, and that building is the most secure on the campus (That and the google+ are the only buildings regular employees can't enter fully without special permissions)
I am hoping he can introduce me to people on the android side of things and see if they would be willing to offer any insight that wouldn't involve an NDA heh.
LaserChicken said:
A locked bootloader generally means no custom kernels. Kexec is the only workaround (that I know of) other than unlocking, to start a new kernel . Root simply gives su access, it can't, in and of itself provide kernel customization.
Click to expand...
Click to collapse
This is true, however the question was around custom ROMS, not kernels. You do not need a custom kernel to run a custom ROM, it's just nice to have the flexability.
Has anyone tried a Kindle fire HD rom? I think the specs are identical except for the screen. I'll do a little research and see what I can do. I would like to see otg working on my son's 2nd generation fire. Sent from my Nexus 7 using Tapatalk HD
I might make a kf2 root app
tjmack3rd said:
Has anyone tried a Kindle fire HD rom? I think the specs are identical except for the screen. I'll do a little research and see what I can do. I would like to see otg working on my son's 2nd generation fire. Sent from my Nexus 7 using Tapatalk HD
Click to expand...
Click to collapse
That's not quite how it works. I would also recommend to NOT TRY ANYTHING ON THE OTHER KINDLE FORUMS. If you check here, people have posted what works. I believe there is one guide for the basic rooting, and another for the steps on using root to make your Kindle do some decent stuff (new launchers, lockscreens, marketplace, all the good stuff!)
However, the issue with the KF2 is not really getting ROMs on, it's the step before it which is getting a working recovery so we can safely flash ROMs onto the device. Once that's done it shouldn't be hard to get a ROM, and it may be even possible to just use a KFHD ROM without any issues, BUT we need the recovery on here first, and getting around the locked bootloader.
To my all caps warning, just check the Q & A forums to see all the people who tried the recovery, rom, and rooting methods for their KF2. Most end up bricked.
If you are experienced in the sort of thing, go ahead and try at your own risk, just be careful. As you may notice, yes, most if not all (can't remember off the top of my head) of the methods we use to root ARE from the KFHD, so yes, some things do work, but way too many times I read about people that tried to put software that wasn't for the KF2 on it and it ends up bricked. Thankfully people seem to be fixing the bricked Kindles, but it's a very unfortunate experience people shouldn't have to go through.
powerpoint45 said:
I might make a kf2 root app
Click to expand...
Click to collapse
Forgot to multi quote :\
This would be great I think! We have the tools so far, it's just that none have been made specifically for the KF2.
Good luck on the app as I'm sure many new KF2 users will appreciate it!
iytrix said:
That's not quite how it works. I would also recommend to NOT TRY ANYTHING ON THE OTHER KINDLE FORUMS. If you check here, people have posted what works. I believe there is one guide for the basic rooting, and another for the steps on using root to make your Kindle do some decent stuff (new launchers, lockscreens, marketplace, all the good stuff!)
However, the issue with the KF2 is not really getting ROMs on, it's the step before it which is getting a working recovery so we can safely flash ROMs onto the device. Once that's done it shouldn't be hard to get a ROM, and it may be even possible to just use a KFHD ROM without any issues, BUT we need the recovery on here first, and getting around the locked bootloader.
To my all caps warning, just check the Q & A forums to see all the people who tried the recovery, rom, and rooting methods for their KF2. Most end up bricked.
If you are experienced in the sort of thing, go ahead and try at your own risk, just be careful. As you may notice, yes, most if not all (can't remember off the top of my head) of the methods we use to root ARE from the KFHD, so yes, some things do work, but way too many times I read about people that tried to put software that wasn't for the KF2 on it and it ends up bricked. Thankfully people seem to be fixing the bricked Kindles, but it's a very unfortunate experience people shouldn't have to go through.
Click to expand...
Click to collapse
I burnt out my usb port trying to make a fastboot cable. I tied the wrong pin in... I'm waiting on my replacement. I'm going to try to use the revrom to get the cwm on my kf2 if that works, I'm sure we could get someone to make a touch cwm or twrp for the kfhd. If the kfhd cwm works, we could use the touch cwm/twrp. Perhaps it will need to be modified... perhaps not. I suspect that the cwm won't work perfectly and we need to modify it to use the correct partition table.
I should mention that using my current factory cable, I can get to fastboot. I just burnt out the data pin. I tried to use dd to flash the revboot stuff, but I forgot to do the part where you get past the locked bootloader... instabrick
fmkilo said:
I burnt out my usb port trying to make a fastboot cable. I tied the wrong pin in... I'm waiting on my replacement. I'm going to try to use the revrom to get the cwm on my kf2 if that works, I'm sure we could get someone to make a touch cwm or twrp for the kfhd. If the kfhd cwm works, we could use the touch cwm/twrp. Perhaps it will need to be modified... perhaps not. I suspect that the cwm won't work perfectly and we need to modify it to use the correct partition table.
I should mention that using my current factory cable, I can get to fastboot. I just burnt out the data pin. I tried to use dd to flash the revboot stuff, but I forgot to do the part where you get past the locked bootloader... instabrick
Click to expand...
Click to collapse
I was trying to make a fb cable earlier today but the connectors were too hard to solder so I need a new cable to work with. I had same idea as u. Trying to boot into a recovery like cwm
Sent from my DROIDX using xda app-developers app
Nvm
you should be able to delete a post...
powerpoint45 said:
I was trying to make a fb cable earlier today but the connectors were too hard to solder so I need a new cable to work with. I had same idea as u. Trying to boot into a recovery like cwm
Sent from my DROIDX using xda app-developers app
Click to expand...
Click to collapse
I bought one on eBay for £3 including free next day delivery. I'll try to find the link as he was selling lots and it was delivered fast (in UK).
EDIT :
http://item.mobileweb.ebay.co.uk/viewitem?itemId=140893291002
Sent using my Jelly fingers.
Not devving yet, but as soon as we have our own recovery...
Sent from my SAMSUNG-SGH-I727 using Tapatalk 2
Hi guys!
I think the need of repacking and repacked images for every kernel-rom combination is a huge nuisance.
What would be if ROMs would contain their ramdisk on the system partition, and the kernels would just contain a minimal ramdisk that loads the ROMs ramdisk?
One idea:
My first idea would break compatibility with system recovery zips, so a little modified:
There would be a new "ramdisk" directory on system partition, that would containt all the ramdisk files a ROM should have, except the system folder.
So it would contain:
bin
etc
data
...
init.rc
...
and so on.
The init in the actual ramdisk would mount system first, and then make the links:
/bin -> /system/ramdisk/bin
/etc -> /system/ramdisk/etc
/data -> /system/ramdisk/data
...
and then we would include init.rc from /system/ramdisk.
Of course all the ROMs would need to change, but after that, there would be no need for repack. Also for the old ROMs, factory ROM, some could still repack.
That's a nice idea! I thought a little bit about it and here are my thoughts (a novice, please don't laugh at me :silly:
if I understand your idea correctly, your intention is to store the specific ROM's ramdisk in the rootfs, and make a global, generic ramdisk which will be stored in all the kernels.
Upon loading the kernel's ramdisk, it will know to take the ROM's ramdisk from the rootfs (upon mounting it?) and run whatever is in it, thus eliminating the need for repacking.
Do correct me if I'm talking absolute rubbish, but wouldn't this be a security risk?
Currently with S-ON, you actually can't change the kernel's ramdisk, but if the ramdisk will be stored in a writeable filesystem...?
Freezeil said:
That's a nice idea! I thought a little bit about it and here are my thoughts (a novice, please don't laugh at me :silly:
if I understand your idea correctly, your intention is to store the specific ROM's ramdisk in the rootfs, and make a global, generic ramdisk which will be stored in all the kernels.
Upon loading the kernel's ramdisk, it will know to take the ROM's ramdisk from the rootfs (upon mounting it?) and run whatever is in it, thus eliminating the need for repacking.
Do correct me if I'm talking absolute rubbish, but wouldn't this be a security risk?
Currently with S-ON, you actually can't change the kernel's ramdisk, but if the ramdisk will be stored in a writeable filesystem...?
Click to expand...
Click to collapse
On s-off phones ramdisk can be changed on the fly with repacking, and reflashing the kernel if rooted. There is no more security risk in this, than that. And system is ro mostly, so file corruption isn't something to be afraid of either.
Sent from my HTC One X using xda premium
Xmister said:
On s-off phones ramdisk can be changed on the fly with repacking, and reflashing the kernel if rooted. There is no more security risk in this, than that. And system is ro mostly, so file corruption isn't something to be afraid of either.
Sent from my HTC One X using xda premium
Click to expand...
Click to collapse
I agree, other than the fact that repacking+reflashing the kernel on S-ON devices can only be done manually, by a person (which is the device owner, most of the time), and most of the One X's out there are S-ON and not S-OFF...
Sure, a malicious coder can write evil code in the kernel, but that's relatively less threatening since most kernels have their sources published.
If the ramdisk will be placed on a rw fs (or a ro, but it matters not because of the user elevation rooted users can achieve easily), we are adding the risk of malicious code accessing and changing that ramdisk, without the user's knowledge.
Still, this seems like a nice programming challenge, so I'm up for the task. Will start reading the init's code and see how to do it
Guys i would like this thread kept with minimal off topic please, i have already deleted three posts here...
thanks
-Lloir, Section mod
Is anyone really seriously responding to this?
What would be the advantages of modifying Android layout for 1 device only, its so annoying to see this stuff here when even a s-off thread is locked.. currently when all the sources are going to a way whereas all the basic files are device independent makin this even more.. timewasting effort and still we have the same issues. You just lock every rom dev to a ramdisk instead of a kernel dev to a ramdisk.
This is only usefull with a locked bootloader. I never implement this, another reason is that i spend more time getting my stuff aligned with the mainline that is giving me more succes then randomly adding stuff the a system partition.
Oh and btw when youre system partition gets messed up or altered or whatever you wish you had a decent ramdisk. Not to forget the huge amount of users ending up like that and flooding the forums with questions.
TripNRaVeR said:
Is anyone really seriously responding to this?
What would be the advantages of modifying Android layout for 1 device only, its so annoying to this stuff here.. when all the sources are going to a way whereas all the basic files are device independent.
Click to expand...
Click to collapse
Adding 1 directory is not an "android layout modification". They are moving there, yet it isn't independent between the ROMS even on the same phone.
This is only usefull with a locked bootloader.
Click to expand...
Click to collapse
That's what 99% of us have.
Oh and btw when youre system partition gets messed up or altered or whatever you wish you had a decent ramdisk. Not to forget the huge amount of users ending up like that and flooding the forums with questions.
Click to expand...
Click to collapse
If your system messes up you are probably can't boot android either. What the r=1 user do this time? Goes to recovery, wipe, if that doesn't help, reflash.
Since we have different kernel and ramdisk for recovery, this is not a problem.
Xmister said:
That's what 99% of us have.
Click to expand...
Click to collapse
Lol 99% of us DOESNT have this, if we did we cant flash custom roms.
Adding 1 directory is changing Android layout, Google doesnt have it, you want it on /system you alter the layout. Plain simple.
Also if anyone, like me, doesnt like to include youre mod users still need to repack between roms who contain that dir and roms who dont have that dir. That repacking also requires the same kernel edits so basicly you just move the repacking arround.
TripNRaVeR said:
Lol 99% of us DOESNT have this, if we did we cant flash custom roms.
Click to expand...
Click to collapse
Sorry, I was reading S-ON in my mind, I don't know why.
But then it's not only useful for locked devices. It helps just in what it says in the title.
Also if anyone, like me, doesnt like to include youre mod users still need to repack between roms who contain that dir and roms who dont have that dir. That repacking also requires the same kernel edits so basicly you just move the repacking arround.
Click to expand...
Click to collapse
Yes, it can only work if there are enough ROMs taking the change.
And right, call it a layout modification. Why is adding 1 directory bad for anything? It won't break compatibility over anything.
Xmister said:
Sorry, I was reading S-ON in my mind, I don't know why.
But then it's not only useful for locked devices. It helps just in what it says in the title.
Yes, it can only work if there are enough ROMs taking the change.
And right, call it a layout modification. Why is adding 1 directory bad for anything? It won't break compatibility over anything.
Click to expand...
Click to collapse
I dont want to call it bad, i just dont think this developer discussion, as we all know, and probably you also, this kinda stuff is only stuff to think about. As long as the whole community isnt adopting this it will never happen.
As you also state, it only works when enough roms are using it.. THAT is my problem here, currently we need to repack because of compat. issues sometimes.
Cool that sucks i know, you come up with this idea, without proper thinking people say cool lets do that.
When building roms, some devs like this and some devs dont like this, that will happen you can count on that. If you have 3 devs that dont use it you could end up doing MORE repacking then we need to do now.. that is what i'm trying to explain..
Therefore i said cant believe this is seriously looked into at a high mod level dev section. Hope i made my point clearer now
TripNRaVeR said:
I dont want to call it bad, i just dont think this developer discussion, as we all know, and probably you also, this kinda stuff is only stuff to think about. As long as the whole community isnt adopting this it will never happen.
As you also state, it only works when enough roms are using it.. THAT is my problem here, currently we need to repack because of compat. issues sometimes.
Cool that sucks i know, you come up with this idea, without proper thinking people say cool lets do that.
When building roms, some devs like this and some devs dont like this, that will happen you can count on that. If you have 3 devs that dont use it you could end up doing MORE repacking then we need to do now.. that is what i'm trying to explain..
Therefore i said cant believe this is seriously looked into at a high mod level dev section. Hope i made my point clearer now
Click to expand...
Click to collapse
So your point is: "They won't use it anyway"
And why would need more repack? If half of the ROMs would use it, there would be half as much repack needed.
And in the section rules it says even overriding a notification widget should go in this forum. It's not S-OFF forum, it's Dev related forum, such as my idea.
Sent from my HTC One X using xda premium
Lets all be honest and say: people (users) are lazy...
So if they CAN, they WILL go for the non-repack option
Now, as I am a normal User I am not sure what the exact mechanics are behind this.
But as far as I understand it would be less work for the kernel devs.
They only have to take the "minimal" ramdisk, and put it in their kernel.
The rom makers will have to do "more" work.
But it is work they already are doing, most roms are released with a specific boot.img/kernel.
Some romdevs already are making their own kernels to get some functions (within the ramdisk) to work!
They will gladly adapt to a new way of using ramdisks...
Now I suggest to X Mister, Go for it!
Make a tutorial for rom devs, make a tutorial for kernel devs, and make a tutorial for users.
Make it easy for everyone to use this method!
Now I get what Trip is saying, when we have S-Off we won't need this..
This is very true, but S-Off is most likely not going to happen any time soon.
So in the mean time, why not try it for this device?
- I know this is not really a dev related post, but nor were the last 8 or so
Hi All,
I was reading the news and came accross a recent article stating that there is way of having root access to old android devices that are preety much out of luck for futre security updates. I thought a developer can take a look and see if note 4 at&t can have root.
Article: http://arstechnica.com/security/201...tflips-to-root-android-phones-is-now-a-thing/
How I wish we could get one..possibly a glimmer of hope for us..
Tried the app, says closest thing to my phone is an S5 Plus..
I got the same thing. What does your actual output say? We should cut and paste our logs.
I assume it says S5 Plus due to the fact that both phones have a SD 805. Hopefully this actually leads to root. Another bug called Dirty Cow was also found. Maybe that will lead to root too. Hopefully.
I'm not a Dev, and this might even be an irrelevant post as it's coming from a different device, but it looks like they've managed to install TWRP on their device - previously not possible, using the Dirty Cow exploit..
http://forum.xda-developers.com/showpost.php?p=69312919&postcount=148
Maybe we can have something like that?
I dunno... I'm still of the mind that N4 will NEVER be root-possible because of the device's utilization with government contracts. I have given up on rooting this thing, and with N7 having been recalled, I'm awaiting N8, and hoping it doesn't start blowing up!
Sent from my SAMSUNG-SM-N910A using XDA Premium HD app
can anyone help me with something?
I've been keeping up on the progress they have been making with dirty cow. As of right now they can get the exploit to run and create a root shell, but after doing so they are losing read/write access and are being left with a read-only access. It's looking they they are probing into finding the right process the disrupt to keep the rw access so they can change selinux.
If they can manage to pull it off, which given how much progress they have made since it was announced, we will get root, but we will not be able to flash custom roms due to the locked bootloader. We will be probably be able to clean the bloat out and other system tweaks. The only downside so far is if you upgrade to 6.0+ this will most likely not work due to the enforced boot security check.
Hope they do find a way to get root using Dirty Cow..but then, I don't think I'd be willing to trade off MM to root at this point, since we cant flash custom ROMs anyways..
But if they can get it to work on MM, I'd be willing to try it out..