I am using ubuntu 12.04.
I am trying following step.
1. compile yaffs2 kernel module and insmod yaffs2multi.ko
2. Simulate NAND
sudo modprobe mtd
sudo modprobe mtdblock
# Simulate a 1024MB 2048-byte erase-block sized MTD device backed by a file on disk,
sudo modprobe nandsim first_id_byte=0xec second_id_byte=0xd3 third_id_byte=0x51 fourth_id_byte=0x95
cat /proc/mtd
dev: size erasesize name
mtd0: 00400000 00020000 "mtdram test device"
mtd1: 40000000 00020000 "NAND simulator partition 0"
3. dd if=./system.img of=/dev/mtdblock1
4. mount sytem.img
mount -t yaffs2 /dev/mtdblock1 /tmp/system
ls /tmp/system/
lost+found
But there are no files in /tmp/system/.
What's wrong?
Is there an easy way to unpack system.img and modify it?
Related
I will try to include certain advanced commands and details about the HTC Desire in a bid to maintain a useful information repertoire for debugging..
Adb premier:
ADB Quick Reference
Advanced adb commands for displaying information about the Desire:
A lot of useful information can be obtained as a list with the following command:
Code:
cat /proc/cmdline
MID of the device
This identifies the device with a particular code which is unique for the phone:
Code:
cat /proc/cmdline|grep -o mid=[A-Za-z0-9]*|sed 's/mid=//'
It is PB9920000 for the Desire
2. Size and Erase size of MTDs
Code:
[B]cat /proc/mtd[/B]
This will display info like:
dev: size erasesize name
mtd0: 000a0000 00020000 "misc"
mtd1: 00480000 00020000 "recovery"
mtd2: 00300000 00020000 "boot"
mtd3: 0fa00000 00020000 "system"
mtd4: 02800000 00020000 "cache"
mtd5: 093a0000 00020000 "userdata"
Click to expand...
Click to collapse
This command can be seen in conjunction with the above:
Code:
cat /proc/partitions
Displays a list of all partitions on your device, along with the ? block address
major minor #blocks name
31 0 640 mtdblock0
31 1 4608 mtdblock1
31 2 3072 mtdblock2
31 3 256000 mtdblock3
31 4 40960 mtdblock4
31 5 151168 mtdblock5
179 0 15558144 mmcblk0
179 1 13161472 mmcblk0p1
179 2 2395136 mmcblk0p2
Click to expand...
Click to collapse
3. Bootloader version
Code:
cat /proc/cmdline|grep -o bootloader=[0-9.]*|sed 's/bootloader=//'
4. Now, the important CID of your device:
Code:
cat /proc/cmdline|grep -o cid=[A-Za-z0-9_]*|sed 's/cid=//'
This displays a code like HTC__038. HTC__038 is the code for India
Kernel version information:
Code:
cat /proc/version
Eg:
cat /proc/version
Code:
Linux version 2.6.35.10-g3f43272 ([v06]-snq-is-still) (gcc version 4.4.0 (GCC) )
#1 PREEMPT Tue Jun 14 21:11:23 CST 2011
[More being added]
Make Nandroid Backups (Recovery backups) without rebooting to recovery (on a booted up phone):
See my thread here
Credits:
Alpharev Team for their advanced S-off scripts (Many of these commands can be found in their script)
Nice infos as usual..
U could link also this thread (still in my bookmarks )
I like to know this kinds of things
andQlimax said:
Nice infos as usual..
U could link also this thread (still in my bookmarks )
I like to know this kinds of things
Click to expand...
Click to collapse
Thanks. I've added the link to OP.
There's a lot more stuff that I'd like to add.. Time's an issue..
Adb Commands Quick Reference
ADB (android debug bridge) Commands Quick Review Guide:
Source: Here
With the adb command you can communicate with connected android devices and emulators.
Note: Windows and Linux users may require USB drivers for certain devices.
To list all connected devices:
adb devices
List of devices attached
HT093H5031X5 device
if you have trouble seeing all the devices (especially avds) use the following command to kill the local adb server:
adb kill-server
and then run adb devices again to restart the local adb server:
adb devices
List of devices attached
HT093H5031X5 device
emulator-5554 device
emulator-5556 device
You can install apks to a currently connected device with the adb command:
(useful for devices that do not allow installing from an sd card)
adb install myapp.apk
If you have more than one device connected specify if it's a device or an emulator using -d or -e for example:
adb -d install myapp.apk
If you have more than one emulator or more than one device, specify the serial number:
adb -s HT093H503195 install myapp.apk
To uninstall an application you do not specify the apk file but the package name:
adb uninstall my.package.name
To view package name, permissions, and features that an apk uses:
aapt dump badging myapp.apk
To run an application using adb you must specify the activity you wish to start:
adb shell am start -a android.intent.action.MAIN -n my.package.name/my.package.name.MyActivity
To view the running log from the device:
adb logcat
you can subsequently save the logs to a local file:
adb logcat > out.txt
To copy files to and from a device use adb push and adb pull for example:
adb push myfile.zip /mnt/sdcard/update.zip
You can also boot into the bootloader (for installing new roms) using adb:
adb reboot-bootloader
As already noted here http://forum.xda-developers.com/showthread.php?p=35801278#post35801278
my KF's SD card seems to be "corrupt". When booting into recovery all I see is the TWRP boot/background screen (no menus etc). I can launch adb shell.
"df" does not complete:
#df
Filesystem 1K-blocks Used Available Use% Mounted on
tmpfs 228596 32 228564 0% /dev
but nothing more...
"mount" completes and shows (all?) mount points:
#mount
rootfs on / type rootfs (rw)
tmpfs on /dev type tmpfs (rw,relatime,mode=755)
devpts on /dev/pts type devpts (rw,relatime,mode=600)
proc on /proc type proc (rw,relatime)
sysfs on /sys type sysfs (rw,relatime)
/dev/block/mmcblk0p12 on /sdcard type vfat (rw,nodev,noatime,nodiratime,fmask=0000,dmask=0000 ,allow_utime=0022,codepage=cp437,iocharset=iso8859-1,shortname=mixed,errors=remount-ro)
Then I tried formatting the the SD card:
#busybox1 mkfs.vfat /dev/block/mmcblk0p12
but this does not complete neither.
What else can/should I try?
I also played around with with SoupKit. To no avail.
Thx
Clemens
If this is a first gen. kindle http://forum.xda-developers.com/showthread.php?t=1949372 and http://forum.xda-developers.com/showthread.php?t=1850038 may be useful.
# umount /sdcard
umount: can't umount /sdcard: Device or resource busy
who could be using the mount point?
Side note (as mentioned in the other thread):
Switching into fastboot moe
# idme bootmode 4002
fails too... the command does not complete
Check to see if you have bad blocks on your sdcard:
Code:
adb shell
dd if =/dev/block/mmcblk0p12 of=/dev/null
It should return your ins, outs and partition size. If it freezes or doesn't do anything for more than 10 minutes, you probably have bad blocks.
And you should probably check the data and cache partitions as well.
If you run into bad blocks (the dreaded EMMC bug), you'll have to use the partition workaround found somewhere in this thread.
"That's a special kind of stupid. The kind that makes me laugh."
First of all thanks for all your help and of course: Merry Christmas!
soupmagnet said:
If it freezes or doesn't do anything for more than 10 minutes, you probably have bad blocks.
Click to expand...
Click to collapse
thats what it does ...rather...
soupmagnet said:
And you should probably check the data and cache partitions as well.
Click to expand...
Click to collapse
How? I recreated them using SoupKit several time...
soupmagnet said:
partition workaround
Click to expand...
Click to collapse
are you talking about this here? http://forum.xda-developers.com/showthread.php?t=1388996
Usually, if the sdcard is affected by the EMMC bug, so too will the data and cache partitions be affected (possibly even system). As a matter of fact, based on your description, it probably wouldn't hurt to check the recovery partition as well
Check them the same as with the sdcard:
Code:
dd if=/dev/block/mmcblk0p5 of=/dev/null <recovery>
dd if=/dev/block/mmcblk0p9 of=/dev/null <system>
dd if=/dev/block/mmcblk0p10 of=/dev/null <data>
dd if=/dev/block/mmcblk0p11 of=/dev/null <cache>
"That's a special kind of stupid. The kind that makes me laugh."
soupmagnet said:
Code:
dd if=/dev/block/mmcblk0p5 of=/dev/null <recovery>
dd if=/dev/block/mmcblk0p9 of=/dev/null <system>
dd if=/dev/block/mmcblk0p10 of=/dev/null <data>
dd if=/dev/block/mmcblk0p11 of=/dev/null <cache>
Click to expand...
Click to collapse
as expected, none of the dd's comes to an end ...
If only I could unmount the sdcard ...
I guess it's recovery "sitting" on it?
#ps
...
1291 root 19544 R /sbin/recovery
1292 root 3416 S /sbin/adbd recovery
...
How can I proceed? Having no fastboot, not being able to use parted...
I'm trying to pull a system dump to make a Back it in kitchen for the Tab3 10.1
I did a ton of reading on this device, since there is not much developing with it
I pulled a Firmware/ system dump from My Samsung Galaxy Tab 3 10.1
GT-P5210 JDQ39.P5210UEUAMK1
It's rooted with recovery only
After pulling the dump I was able to load it up into kitchen
I loaded up the following three files:
boot.img, cache.img, and system.img
fired up the kitchen Set up working folder as usual
extracted it (no errors)
Added root permissions
Added Busybox
Added /etc/init.d script support
De-odex
zipalign all the APK's
updated the mounting point in the updater-script
Code:
unmount("/system");
format("ext4", "EMMC", "/dev/block/mmcblk0p8", "0");
mount("ext4", "EMMC", "/dev/block/mmcblk0p8", "/system");
-------------------------------------------------------------------------------------
I flashed it in recovery (seemed to have flashed) But when it reboots it just sits @ the boot screen.
Now I'm trying to figure out where i went wrong.
does below look correct?
are the commands i used correct?
Mounting points seem correct ?
I'm 99% sure the mounting points are correct..
I'm 50% sure I used the correct commands to create the sys dump etc
I'm not sure why the recovery img and boot img are the same exact size
(is it normal for the boot.img and the recovery.img to be the same exact size?)
I baked it in kitchen. with out any errors
here are the mounting points I used
1 '/efs' 'ext4' '/dev/block/mmcblk0p2'
2 '/config' 'ext4' '/dev/block/mmcblk0p3'
3 '/cache' 'ext4' '/dev/block/mmcblk0p6'
4 '/system' 'ext4' '/dev/block/mmcblk0p8'
5 '/data' 'ext4' '/dev/block/mmcblk0p9'
6 '/recovery' 'emmc' '/dev/block/mmcblk0p11'
7 '/modem' 'emmc' '/dev/block/mmcblk0p12'
8 '/preload' 'ext4' '/dev/block/mmcblk0p13'
9 '/boot' 'emmc' '/dev/block/mmcblk0p10'
10 '/sdcard' 'vfat' '/dev/block/mmcblk1p1'
I used these commands in terminal
Code:
dd if=/dev/block/mmcblk0p8 of=/mnt/extSdCard/backup/mmcblk0p8_system.img bs=4096
Code:
dd if=/dev/block/mmcblk0p10 of=/mnt/extSdCard/backup/mmcblk0p10_boot.img bs=4096
Code:
dd if=/dev/block/mmcblk0p6 of=/mnt/extSdCard/backup/mmcblk0p6_cache.img bs=4096
Code:
dd if=/dev/block/mmcblk0p12 of=/mnt/extSdCard/backup/mmcblk0p12_modem.img bs=4096
Code:
dd if=/dev/block/mmcblk0p11 of=/mnt/extSdCard/backup/mmcblk0p11_recovery.img bs=4096
So nowI ended up with
[*] mmcblk0p6_cache.img 350M
[*] mcblk0p8_system.img 2.3G
[*] mmcblk0p10_boot.img 20M
[*] mmcblk0p11_recovery.img 20M
[*] mmcblk0p12_modem.img 4.0M
etc
Any Help would be greatly appreciated
Hi
this is from the BoardConfig.mk
Code:
# fix this up by examining /proc/mtd on a running device
BOARD_BOOTIMAGE_PARTITION_SIZE := 0x105c0000
BOARD_RECOVERYIMAGE_PARTITION_SIZE := 0x105c0000
BOARD_SYSTEMIMAGE_PARTITION_SIZE := 0x105c0000
BOARD_USERDATAIMAGE_PARTITION_SIZE := 0x105c0000
BOARD_FLASH_BLOCK_SIZE := 131072
I want to find the actual size partition adb shell cat /proc/mtd" or "adb shell cat /proc/emmc" or "adb shell cat /proc/dumchar_info" doesn't work !
Steps:
*root your device;
*install TWRP or CWM for your device ;
*install busybox tools ( Busybox Free Goolge Play);
After this, enter to recovery mode. Mount /system into TWRP or CWM.
Plug USB cabe, and in your computer input these commands:
adb devices --> verify if device is connected
Now, install parted into /system/bin:
adb push <path-to-file>/parted /system/bin
Now, insert this command:
parted /dev/block/mmcblk0 unit B print
The output is similar :
Code:
~ # parted /dev/block/mmcblk0 unit B print
Model: MMC 008GE0 (sd/mmc)
Disk /dev/block/mmcblk0: 7818182656B
Sector size (logical/physical): 512B/512B
Partition Table: gpt
Number Start End Size File system Name Flags
1 4194304B 6291455B 2097152B MRD
2 6291456B 8388607B 2097152B MRD_BK
3 8388608B 10485759B 2097152B MEP2
4 10485760B 31457279B 20971520B ext4 EFS
5 31457280B 46137343B 14680064B Reserved
6 46661632B 48234495B 1572864B LOKE_2ND
7 48758784B 50331647B 1572864B LOKE_1ST
8 50331648B 67108863B 16777216B PARAM
9 67108864B 83886079B 16777216B RECOVERY
10 83886080B 100663295B 16777216B KERNEL
11 100663296B 125829119B 25165824B MODEM
12 125829120B 142606335B 16777216B ext4 NVM
13 142606336B 352321535B 209715200B ext4 HIDDEN
14 352321536B 713031679B 360710144B ext4 CACHE
15 713031680B 2307915775B 1594884096B ext4 SYSTEM
16 2307915776B 7817134079B 5509218304B ext4 USER
Use the column size to fill in the BoardConfig values.
The first column it refers to the mount point.
Ex.: the kernel partition has 16.777.216 bytes mounted in /dev/block/mmcblk0p10
Links references:
http://forum.xda-developers.com/showthread.php?t=2450045
http://stackoverflow.com/questions/...ormation-for-android-device/15639867#15639867
http://forum.xda-developers.com/attachment.php?attachmentid=2397268&d=1384688569
naufragoweb said:
Now, install parted into /system/bin:
adb push <path-to-file>/parted /system/bin
Click to expand...
Click to collapse
Path to.. what file?
Nicofisi said:
Path to.. what file?
Click to expand...
Click to collapse
Path to the "parted" file in your PC
How can I extract the recovery image from my phone over adb?
I was thinking something like
Code:
adb pull /dev/block/mmcblkXXX recovery.img
However, I can't work out which is the recovery.
Code:
[email protected]:/ # cat /proc/mtd
dev: size erasesize name
mtd0: 00100000 00001000 "w25q80"
[email protected]:/ #
Note: I'm only interested in adb and not via custom recovery or other apps on the phone.
It seems like I wasn't searching hard enough!
The "by-name" file was a level down further than expected and I didn't spot it initially when browsing.
Code:
1|[email protected]:/ # find /dev/block/ -name by-name
/dev/block/platform/omap/omap_hsmmc.0/by-name
Code:
[email protected]:/ # ls -l /dev/block/platform/omap/omap_hsmmc.0/by-name|grep recovery
lrwxrwxrwx root root 2017-01-20 04:46 recovery -> /dev/block/mmcblk0p8
[email protected]:/ # exit
~ $ adb pull /dev/block/mmcblk0p8 recovery.img