Google Nexus 5 Bootloader - Nexus 5 General

Note: This is not asking how to unlock. Please do not tell me how to unlock it.
This thread is for discussing the Nexus 5's bootloader.
Current available bootloader versions:
hhz11d
hhz11k
Looking to work out the exact differences in these.
On a side-note, Is anyone aware of a way to accurately/successfully decompile the Nexus 5's bootloader in order to look into these?

DanseMacabreD2 said:
Is anyone aware of a way to accurately/successfully decompile the Nexus 5's bootloader?
Note: This is not asking how to unlock. Please do not tell me how to unlock it.
Click to expand...
Click to collapse
i wont tell you to unlock your bootloader, or explain how to. but i will tell you that questions go into the q&a section, not general. people dont look to answer question here, but they do look into q&a.

simms22 said:
i wont tell you to unlock your bootloader, or explain how to. but i will tell you that questions go into the q&a section, not general. people dont look to answer question here, but they do look into q&a.
Click to expand...
Click to collapse
This isn't really a Question thread. It's a discussion thread on the Nexus 5's Bootloader, which does unfortunately start with a question :/

"Is anyone aware of a way to accurately/successfully decompile the Nexus 5's bootloader?"
is 100% a question, and the only real subject in your post. "EDIT: This is also for discussing the Nexus 5's bootloader." isnt really a way to start a discussion about bootloaders.

I haven't seen it done but I'm pretty sure it might be possible? Just a guess.
Sent from my Nexus 5 using xda app-developers app

simms22 said:
"Is anyone aware of a way to accurately/successfully decompile the Nexus 5's bootloader?"
is 100% a question, and the only real subject in your post. "EDIT: This is also for discussing the Nexus 5's bootloader." isnt really a way to start a discussion about bootloaders.
Click to expand...
Click to collapse
Yeah, Took your feedback and applied it; note the better OP. How else would you start a discussion on bootloaders without mucking about in them, eh?
This thread is to discuss the bootloader on the Nexus 5; It's constraints, it's features and it's modifiability.

the possibility to decompile the bootloader is there, but one of extreme difficulty. i have never seen it done on any android device since the very beginning of android. the bootloader is there to provide the phone security, and because of that it isnt made to be easy to do. it is nearly impossible, nearly because it was developed by humans, and humans make mistakes. will someone from xda be able to do it? most likely not.

simms22 said:
the possibility to decompile the bootloader is there, but one of extreme difficulty. i have never seen it done on any android device since the very beginning of android. the bootloader is there to provide the phone security, and because of that it isnt made to be easy to do. it is nearly impossible, nearly because it was developed by humans, and humans make mistakes. will someone from xda be able to do it? most likely not.
Click to expand...
Click to collapse
On the one hand, I'd actually say that the bootloader is not there to provide the phone security. Quite the contrary, in fact. Most bootloaders allow overflashing of the current stored data with the stock/factory data. This is a security flaw, in my eyes.
On the other hand regarding your 'developed by humans' comment: "Anything made by human can be torn down by human" - Source unknown.
The bootloader is a simple program of 2.44 mb of ARMv7 bytecode, hardly 'nearly impossible'.
In the long run, I'd like to see a boot-loader/Recovery pairing that does provide the security.

simms22 said:
the possibility to decompile the bootloader is there, but one of extreme difficulty. i have never seen it done on any android device since the very beginning of android. the bootloader is there to provide the phone security, and because of that it isnt made to be easy to do. it is nearly impossible, nearly because it was developed by humans, and humans make mistakes. will someone from xda be able to do it? most likely not.
Click to expand...
Click to collapse
The Optimus 3D
Sent from my Nexus 5 using xda app-developers app

JunDavis said:
The Optimus 3D
Sent from my Nexus 5 using xda app-developers app
Click to expand...
Click to collapse
Do you have some more details on this? A cursory google is contaminated with 'plshow2unlock'

DanseMacabreD2 said:
Do you have some more details on this? A cursory google is contaminated with 'plshow2unlock'
Click to expand...
Click to collapse
I think the RSA keys were leaked for that device which allowed for for custom u-boot images.
Edit: http://forum.xda-developers.com/showthread.php?t=1971014
Yep
Sent from my Nexus 5 using xda app-developers app

JunDavis said:
I think the RSA keys were leaked for that device which allowed for for custom u-boot images.
Edit: http://forum.xda-developers.com/showthread.php?t=1971014
Yep
Sent from my Nexus 5 using xda app-developers app
Click to expand...
Click to collapse
Thanks for this, looks interesting!
Found some more resources regarding the boot.img file, so going to go digging.

DanseMacabreD2 said:
Thanks for this, looks interesting!
Found some more resources regarding the boot.img file, so going to go digging.
Click to expand...
Click to collapse
Boot.img is the kernel/ramdisk not the bootloader.
As for the bootloader It CAN be decompiled, but is pretty pointless as we have fast boot and access fully.
The reason to decompile was for things like LG which it has been disabled/blocked from access and the only way to access it is to decompile the bootloader and find a exploitable flaw to unlock it like how the nexus is.
If for any reason you still wanna try you need to know c language and know hex and hashes.
IDA Pro + hex + C language is your friend.

loonycgb2 said:
Boot.img is the kernel/ramdisk not the bootloader.
As for the bootloader It CAN be decompiled, but is pretty pointless as we have fast boot and access fully.
The reason to decompile was for things like LG which it has been disabled/blocked from access and the only way to access it is to decompile the bootloader and find a exploitable flaw to unlock it like how the nexus is.
If for any reason you still wanna try you need to know c language and know hex and hashes.
IDA Pro + hex + C language is your friend.
Click to expand...
Click to collapse
I know all this.
I would like to lock the bootloader and Recovery in a root-friendly way, and it seems like the bootloader is the place to start.
What I meant by 'resources' was links to the required tools. Nosying inside them now.

DanseMacabreD2 said:
I know all this.
I would like to lock the bootloader and Recovery in a root-friendly way, and it seems like the bootloader is the place to start.
What I meant by 'resources' was links to the required tools. Nosying inside them now.
Click to expand...
Click to collapse
What do you mean by "Lock bootloader and recovery in Root Friendly way" ??

vin4yak said:
What do you mean by "Lock bootloader and recovery in Root Friendly way" ??
Click to expand...
Click to collapse
Such that the bootloader will always boot to the (secured, with tracking applications) Android instance underlying it if someone attempts to enter fastboot/recovery mode without authorisation from the owner of the device.
Additional idea could be to lock out control to the power switch if a 'stolen' flag is set.

DanseMacabreD2 said:
Such that the bootloader will always boot to the (secured, with tracking applications) Android instance underlying it if someone attempts to enter fastboot/recovery mode without authorisation from the owner of the device.
Additional idea could be to lock out control to the power switch if a 'stolen' flag is set.
Click to expand...
Click to collapse
So to say you want to make a replica of the samsung knox but even more secure to the point of making the device useless if needed.
For this you would decompile the bootloader edit the source Code then create a working img since you do not have the keys... Then you have what you want

loonycgb2 said:
So to say you want to make a replica of the samsung knox but even more secure to the point of making the device useless if needed.
For this you would decompile the bootloader edit the source Code then create a working img since you do not have the keys... Then you have what you want
Click to expand...
Click to collapse
On the contrary, the device will still be unlockable by an authorised user/owner, therefore the device is useless to a thief for example, but when recovered it can be re-activated.

DanseMacabreD2 said:
On the contrary, the device will still be unlockable by an authorised user/owner.
Click to expand...
Click to collapse
Download mode has full read & write access to the bootloader which would make your idea useless again.
Samsung created a key system which download mode was custom made to check the key in the bootloader to see if the bootloader could be written or not.
Without this type of system any user could replace the bootloader back with the original..
Even then further down the line you still would have a useless system since the hardware is completely open which samsung has changed in a way to make changing the bootloader impossible.
Jtaging the device would defeat your idea.
Im not trying to kill your idea but i am showing you the reason why its just not worth it.
Basically to get the perfect system the jtag,bootloader,download mode would all have to be modified then a 2nd operation like multirom would need to be made to secure it the exact way you want it as android os is in user mode and not boot mode like recovery is.

loonycgb2 said:
Download mode has full read & write access to the bootloader which would make your idea useless again.
Samsung created a key system which download mode was custom made to check the key in the bootloader to see if the bootloader could be written or not.
Without this type of system any user could replace the bootloader back with the original..
Even then further down the line you still would have a useless system since the hardware is completely open which samsung has changed in a way to make changing the bootloader impossible.
Jtaging the device would defeat your idea.
Im not trying to kill your idea but i am showing you the reason why its just not worth it.
Basically to get the perfect system the jtag,bootloader,download mode would all have to be modified then a 2nd operation like multirom would need to be made to secure it the exact way you want it as android os is in user mode and not boot mode like recovery is.
Click to expand...
Click to collapse
The aim isn't to 100% secure the device, but to buy the time required to locate and recover the device. The idea would be to trick a device thief that the device will be an easy one that they can simply use fastboot/recovery to de-protect.
What would be a nice possible solution would be for the bootloader to boot android as normal allowing location/recovery processes to work, but preventing a false fastboot screen.
It's not about 100% security, but about a better chance of recovery.

Related

[Q] Force USB Debugging

Hello all,
First of all I appreciate there are loads of threads of possible not genuine reasons i.e. stolen phones and so forth. However I do have a good reason and would be happy to discuss the reasons via PM only.
I need to bypass a "pattern too many times" issue - I was looking to talk to the handset via ADB but USB Debugging is not active. Can this be forced?
I am yet to try the bug with "username email" with password "null".
Equally if you know the answer but want to keep it off the boards - again PM me.
triran said:
Hello all,
First of all I appreciate there are loads of threads of possible not genuine reasons i.e. stolen phones and so forth. However I do have a good reason and would be happy to discuss the reasons via PM only.
I need to bypass a "pattern too many times" issue - I was looking to talk to the handset via ADB but USB Debugging is not active. Can this be forced?
I am yet to try the bug with "username email" with password "null".
Click to expand...
Click to collapse
I do not fully understand your explanation, anyhow what I get is that you want to have USB Debugging enabled by default after a reboot.
If my assumption is correct, you just need to edit your build.prop in the /system directory by changing the the specific parameter "persist.service.usb.setting=1" instead of "0".
Anyhow such thing need to be rather posted into the Questions and answer part of the forum.
The handset is locked out due to a pattern being used too many times incorrectly.
I need to remove the pattern and google access without losing data. I understand the best way is to talk to the handset over ADB but USB Debugging is not active so I wanted to know if there was a way of forcing the handset.
The reason I said to PM is that I know some people wont help as they thing that the poster does not have the correct intensions. I however have.
Re-reading your post - to edit the build.prop I assume can only be done if the handset is rooted?
triran said:
Re-reading your post - to edit the build.prop I assume can only be done if the handset is rooted?
Click to expand...
Click to collapse
yes, you're right. This only possible at rooted devices since the /system is r/o by default and it needs to be mount r/w for this change. Anyhow you need the access to /system either by terminal or by root explorer.
solar666 said:
yes, you're right. This only possible at rooted devices since the /system is r/o by default and it needs to be mount r/w for this change. Anyhow you need the access to /system either by terminal or by root explorer.
Click to expand...
Click to collapse
Wouldn't flashing a custom kernel in odin get round that?
Ibanez33 said:
Wouldn't flashing a custom kernel in odin get round that?
Click to expand...
Click to collapse
With a custom Kernel you can enter in CWM (clockwork mod). CWM has ADB access. Simple.
Ibanez33 said:
Wouldn't flashing a custom kernel in odin get round that?
Click to expand...
Click to collapse
As I said, I have not catched completely the aim of his question.
Anyhow, there is no more feedback and either it is enough or otherwise will start again questioning ...
I have a SGS which has been blocked with "Pattern been entered too many times" and therefore its asking for GMail details which are not known. So I was going down the route of trying to activate ADB so I can extract the data stored on the device first - I can not wipe the user data. I am trying to do this in a forensic manner guys. Sorry I kept that detail to myself - I must stress this phone is not stolen.
I am a forensic analyst and this is a wee bit beyond our usual remit.
If you are what you claim to be then, what you seek to do should be child's play to you, you should also have a high enough IQ to realise this sort of thing goes in Q&A not Dev.
The needed solution has already been given to you.
To be quite honest anyone can claim its for legit reasons, dont mean a thing really does it.
If it is for legit reasons then get hold of the OWNER and get them to unlock it!
Vorbeth said:
If you are what you claim to be then, what you seek to do should be child's play to you, you should also have a high enough IQ to realise this sort of thing goes in Q&A not Dev.
The needed solution has already been given to you.
To be quite honest anyone can claim its for legit reasons, dont mean a thing really does it.
If it is for legit reasons then get hold of the OWNER and get them to unlock it!
Click to expand...
Click to collapse
That my friend was the reason I didnt want to say what I am trying to do. There is no need for your rudeness on the matter. This was a question for developers as ADB is usually used in developing is it not?
Having an high IQ means nothing - I was asking the developing community for help not to do my job for me.
The OWNER is the one in question therefore is not going to give me the bloody answer.
So thank you for your objection.
triran said:
That my friend was the reason I didnt want to say what I am trying to do. There is no need for your rudeness on the matter. This was a question for developers as ADB is usually used in developing is it not?
Having an high IQ means nothing - I was asking the developing community for help not to do my job for me.
The OWNER is the one in question therefore is not going to give me the bloody answer.
So thank you for your objection.
Click to expand...
Click to collapse
As you see, this has moved to Q&A as it has nothing to do with development and is a question needing an answer.
To show no offence was meant.
Flash a custom kernel, one with clockwork mod included, you can then get full access to all files on the device, either via adb or doing a nandroid backup and then pulling the files to a PC for you to do as you wish with.

development to get around all the security in 4x

Lets see if we can get
- Locked bootloader
- Custom rom security issues
and maybe other security related problems in one development thread and how we make apps to get around this
I take the lead for now, since i started testing custom roms (JellyBean) right now.
and the DRM check at bootup is important to get around, otherwise we end up, having to restore a v10 image again and again, too often.
i suspect that it can be done using a bind folder. but lets see where this takes us.
just update with other issues seen.
Dexter_nlb said:
Lets see if we can get
- Locked bootloader
- Custom rom security issues
and maybe other security related problems in one development thread and how we make apps to get around this
I take the lead for now, since i started testing custom roms (JellyBean) right now.
and the DRM check at bootup is important to get around, otherwise we end up, having to restore a v10 image again and again, too often.
i suspect that it can be done using a bind folder. but lets see where this takes us.
just update with other issues seen.
Click to expand...
Click to collapse
Sounds little bit like Chinese for me but hope you can get a break through and goodluck for all who trying to make it for us an even great phone
ok, i have had my jellybean semi running and oneX rom running, both not very functional, as most hardware did not work well.
the lgdrmserver kept crashing on me as well, but probably less important.
the solution i made was the early boot used the original libraries from /lib from and vendor/lib , so i simply mapped the 2 files in /lib with a symlink to the /system/drm folder and ran the wallpaper binary and it worked fine.
secondly changed a vold binary to be a little script, that
1: bind'd new libraries for drm in drm2 folder (mount -obind drm2 drm) so the new booting os would get related files.
2: start vold
and the workaround seemed to do just fine for the drm security check.
IF it fails during regular boot if you unintentionally copied over the files, do not worry. booting into safe mode (keep VOL UP pressed and press power) you can connect with a shell and bypass the check, and fix your failure and reboot.
Hi
Is DRM checking forced from kernel?
Can we live without it?
no, its called from init.d
Dexter_nlb said:
Lets see if we can get
- Locked bootloader
- Custom rom security issues
and maybe other security related problems in one development thread and how we make apps to get around this
I take the lead for now, since i started testing custom roms (JellyBean) right now.
and the DRM check at bootup is important to get around, otherwise we end up, having to restore a v10 image again and again, too often.
i suspect that it can be done using a bind folder. but lets see where this takes us.
just update with other issues seen.
Click to expand...
Click to collapse
It is allways exciting to see people like you fellow.
Curious, courageous, openminded, wise and most of all doing all without expecting anything.
Success on your way..:good:
Dexter_nlb, You're a hero :good:
When will be released some beta?
since we have root, shouldnt init.d be accessable and easily modifyable?
The Troll said:
since we have root, shouldnt init.d be accessable and easily modifyable?
Click to expand...
Click to collapse
its part of the boot.img (ramdisk), so not really, but the 2nd-init makes it possible to make a new ramdisk and start it. but its only ramdisk, not the kernel, which remains static.
downgrade mode?
sorry, im a htc user thinking of buying this phone.. *since s3 isn't tegra, not thd games and one x kinda sucks with the lack of sd card and stuff..*
but htc has a dorwngrade mode.. 2 exposed connectors close to the camera.. short circuit them to access downgrade mode.. and then flashable though linux..
if im right, that should give u open access to bootloader..
evo 3d cdma used this method to get s-off.. as in bootloader unlocked and accessable with all write restrictions removed on all partitions..
oh forgot to meantion, this can brick ur device.. actually downgrade mode itself is a bricking method.. so i'd be careful *assuming this method is true for gs as well*
The Troll said:
downgrade mode?
sorry, im a htc user thinking of buying this phone.. *since s3 isn't tegra, not thd games and one x kinda sucks with the lack of sd card and stuff..*
but htc has a dorwngrade mode.. 2 exposed connectors close to the camera.. short circuit them to access downgrade mode.. and then flashable though linux..
if im right, that should give u open access to bootloader..
evo 3d cdma used this method to get s-off.. as in bootloader unlocked and accessable with all write restrictions removed on all partitions..
oh forgot to meantion, this can brick ur device.. actually downgrade mode itself is a bricking method.. so i'd be careful *assuming this method is true for gs as well*
Click to expand...
Click to collapse
nah, we haven't nothing to lose... someone should try it
The Troll said:
but htc has a dorwngrade mode.. 2 exposed connectors close to the camera.. short circuit them to access downgrade mode.. and then flashable though linux..
if im right, that should give u open access to bootloader..
evo 3d cdma used this method to get s-off.. as in bootloader unlocked and accessable with all write restrictions removed on all partitions..
Click to expand...
Click to collapse
i believe you reference a different hardware platform not Nvidia based. o4x is nvidia tegra3 and different from omap and other platforms security wise.
can you link to the tegra fuse , you reference here? (fuse is a connector which will break the firmware open and full access granted, but can also cause firmware to not load, since fuse is broken)
reas0n said:
nah, we haven't nothing to lose... someone should try it
Click to expand...
Click to collapse
flash image GUI..
someone rooted should try that first..
also, unlimited.io <--- website.. for details of the downgrade mode trick..
http://forum.xda-developers.com/showthread.php?t=1547695
http://forum.xda-developers.com/showthread.php?t=1491107
http://forum.xda-developers.com/showthread.php?t=1563342
http://forum.xda-developers.com/showthread.php?t=1627917
the basic idea of this is 2 connectors close to the camera.. short circuit them to switch the phone to downgrade mode *QHSUSB_DLOAD*.. bricking the device and mounting all partitions as read and writable.. then using linux to find the right partition to flash/dump the hboot *the bootloader*
at the end, if it uses fastboot/adb, i dun think this will be too different from the evo 3d..
try it.. but dont say i didnt warn you..
im not sure its a fuse, its more of a reset?
also, i dont exactly have the phone *yet* so i cant tell..
but for the 3d, its exposed.. 2 holes in the back under the cover, next to the camera..
http://unlimited.io/juopunutbear-public-beta-0-1/instructions/evo-3d-cdma-shooter/
or you can find a schematic of the phone itself..
if you dont mind me asking, whats the reason for the lack of devs?
this is an excellent phone..
is it the extreme security?
iphone got a jailbreak too :/
ok, this is a QUALCOMM solution, not for our tegra3 based platform
Dexter_nlb said:
ok, this is a QUALCOMM solution, not for our tegra3 based platform
Click to expand...
Click to collapse
how did one x get the kernels running?
**edit.. nvm.. htcdev.. forgot..
Hope you guys can pass by all that anoyeingsecurity. Would like to buy that phone but without real controll over the hardware aand custom rom community i would seariously reconsider buying it...
Dexter, the One X solution is for Tegra3 devices. The QUALCOMM-Device is called HTC One XL. So if the chipset is nearly the same, there must be a solution? If I could code anything, I would. But I cannot
Hilmy said:
Hope you guys can pass by all that anoyeingsecurity. Would like to buy that phone but without real controll over the hardware aand custom rom community i would seariously reconsider buying it...
Click to expand...
Click to collapse
Instead of trying to bypass, people should be asking LG for an unlock mechanism. I've been talking to them about this for over half a year, and today they still feel there is no demand for it (unlock tools)
Show of hands: How many people here have actually e-mailed LG asking for an unlock procedure, for this or any other of the current locked generation?
aremcee said:
Instead of trying to bypass, people should be asking LG for an unlock mechanism. I've been talking to them about this for over half a year, and today they still feel there is no demand for it (unlock tools)
Show of hands: How many people here have actually e-mailed LG asking for an unlock procedure, for this or any other of the current locked generation?
Click to expand...
Click to collapse
do you have the mail address we can use? then we can engage a mailrobot to send them 10000s of mails regarding the unlocker, and maybe they will follow asus and motorola/google on this one.
Dexter_nlb said:
do you have the mail address we can use? then we can engage a mailrobot to send them 10000s of mails regarding the unlocker, and maybe they will follow asus and motorola/google on this one.
Click to expand...
Click to collapse
I'd rather not forewarn them by asking for a contact for this
My personal opinion: a mailrobot would be a bad idea, they'd just filter it out. Actual users, with actual devices (serial numbers in the message and all that) would carry much more weight than just generic "gimme". From experience... petitions don't work, either, unless they hit visible news outlets;
My suggestion would be to hit a support contact, consistently (instead of dispersing the message to random contacts); most companies will escalate any issue given enough occurrences of it. On the other hand, I can't find contacts besides the country-specific ones at http://www.lg.com/global/supports/service-sites.jsp ...

[Q] Few questions

Okay so, since I'm sort of new, I wanted to ask a few questions:
1. Is it possible to root xperia x8 with manufacturing date 11w48? At least at 95% chance. I'm a bit scared of the bricking part...
2. If it is possible, what kind of "ROM" (if I understood correctly) should I get?
3. If I get hard bricked/soft bricked what's the chance my phone will be still usable.
That's about it. Please don't rage at me for "OMG USE SEARCH BUTTON" type of thing.
I have tried doing it but no results found. Just threads and posts of people updating their.. ROMs I gues? Correct me if I typed anything wrong there.
But yeah, help would be appreciated. Thanks!
Jetboard said:
Okay so, since I'm sort of new, I wanted to ask a few questions:
1. Is it possible to root xperia x8 with manufacturing date 11w48? At least at 95% chance. I'm a bit scared of the bricking part...
2. If it is possible, what kind of "ROM" (if I understood correctly) should I get?
3. If I get hard bricked/soft bricked what's the chance my phone will be still usable.
That's about it. Please don't rage at me for "OMG USE SEARCH BUTTON" type of thing.
I have tried doing it but no results found. Just threads and posts of people updating their.. ROMs I gues? Correct me if I typed anything wrong there.
But yeah, help would be appreciated. Thanks!
Click to expand...
Click to collapse
1. You can safely root your x8 regardless of when it is manufactured, you will not brick it
2. You have 11w48 so it is very risky to unlock your bootloader, i suggest you flash ROMS that is for stock
3. If you get soft bricked you can flash the stock firmware back using flashtool or SEUS, if it is a hard brick, you need to go to the nearest Service center or use a JTAG
Swyped via Tapatalk 2
Thanks a whole bunch. I thought I cannot root because of my manufacturer date. But what is a flash ROM tho?
Jetboard said:
Thanks a whole bunch. I thought I cannot root because of my manufacturer date. But what is a flash ROM tho?
Click to expand...
Click to collapse
you can root your phone. but you can't unlock bl.
when you root your phone, you cam install cwm recovery. simply dl a rom for stock kernel and go to recovery and install(flash) the rom. remember to check the instructions first.
Just because i don't doesn't mean i can't.
All what I found until today was that if I cannot unlock BL I cannot install CWM recovery.
Maybe it is related to model - mine is Sony Xperia J. Y2012.
There is no fastboot available.
Am I wrong, can I have CWM, nandroid backup etc on stock ROM as only such one I may flash ?
F308 said:
All what I found until today was that if I cannot unlock BL I cannot install CWM recovery.
Maybe it is related to model - mine is Sony Xperia J. Y2012.
There is no fastboot available.
Am I wrong, can I have CWM, nandroid backup etc on stock ROM as only such one I may flash ?
Click to expand...
Click to collapse
this is for x8. not sure how it works on J. but yeah we don't havt fastboot either. but we can install cwm even with a locked bl. again that's for se x8.
edit: my advice is go to your phone's subforum. you'll get your answers there.
Just because i don't doesn't mean i can't.
Thank you. I understand that lot of things is device dependent but thought there are non-breakable rules, like gravity,
and what is possible to do under certain circumstances was one of them.
Need walk through XDA forum once more, maybe there is a hope.
F308 said:
Thank you. I understand that lot of things is device dependent but thought there are non-breakable rules, like gravity,
and what is possible to do under certain circumstances was one of them.
Need walk through XDA forum once more, maybe there is a hope.
Click to expand...
Click to collapse
there probably are a few unbreakable rules, but not being familiar with your device i can't guarantee that it's safe or it would work.
Just because i don't doesn't mean i can't.
Despite lot of reading I still am missing knowledge.
Question is:
What is fastboot ?
I found more than one definition of it and compiled into my own.
1.
Of course fastboot.exe is Windows binary (part of flashtool pack) which does certain type of work.
This is not what we are interested in.
2.
I concluded that:
- fastboot is one of modes into what android device can wake up. Just like linux can boot in different ways or Windows into single mode.
- this feature is encoded into boot.img, it is not separate android application.
- boot.img will work only with related kernel.img. They are like love and marriage (which is like horse and carriage - Bundy's).
- Sony sometimes disables stock boot.img to boot into this mode then without replacing boot .img it is impossible.
More comments ?
Fastboot is protocol used to update the flash filesystem in Android devices from a host over USB. It allows flashing of unsigned partition images.
Just because i don't doesn't mean i can't.
Okay, I got one more last question. Is this guide http://forum.xda-developers.com/showthread.php?t=906195&nocache=1 okay to use for rooting? I'm still trying to find the LATEST safe ones =/ I wonder if this one is okay.
Um, I tried that one it didn't work. It said some stuff are missing, then it exited randomly etc.. Can someone give me a link or a short/long guide which I can use that's latest? I do have some X8 drivers in a .zip file but no idea how to install them. Thanks in advance.
Jetboard said:
Okay, I got one more last question. Is this guide http://forum.xda-developers.com/showthread.php?t=906195&nocache=1 okay to use for rooting? I'm still trying to find the LATEST safe ones =/ I wonder if this one is good.
Click to expand...
Click to collapse
I rooted mine with this
Means its safe
Sent from my X8
Having few issues with the SuperOneClick thing... It sometimes randomly exits, tells me that some stuff are missing etc. Any help? =/

[WIP] Building CM 10.1

Granted, it has been a while since I've built CM, and never ported it to a new device, but figure this might give some smarter people a head start or at least provide a place for others to collaborate.
I've not gotten very far past the initial vendor setup per http://wiki.cyanogenmod.org/w/Doc:_porting_intro.
A lot of the work is based off the similar ASUS TF700T, https://github.com/CyanogenMod/android_device_asus_tf700t.
I've not messed with the kernel at all at this point, https://github.com/ouya/ouya_1_1-kernel.
I've uploaded everything so far to github, https://github.com/vinny75/android_device_ouya_ouya_1_1
Packages included with official build:
OUYA Framework, Launcher, and Store
Code:
app\OUYAKeyboard.apk
app\OUYALauncher.apk
app\OUYAOOBE.apk
app\OUYAWallpaper.apk
app\ouya-framework.apk
note: some media files I haven't list
CWiid for Android: http://cvpcs.org/projects/android/cwiid4android and https://github.com/cvpcs/android_external_cwiid[.
Code:
bin\wminput
lib\libcwiid.so
etc\acc_led
etc\acc_ptr
etc\buttons
etc\gamepad
etc\ir_ptr
etc\neverball
etc\nunchuk_acc_ptr
etc\nunchuk_stick2btn
Sixpair for PS3 controllers http://www.blog.kaiserapps.com/2012/10/setting-up-sixaxis-controller-android.html.
Code:
/bin/ps3service
/bin/sixpair
I noticed that the recovery.fstab committed is from the Ouya stock recovery partition. When getting cwm to work properly with the internal sdcard, we ended up having to change the sdcard line.
I made the change and submitted a pull request.
Edit: I saw you merged the change.
Sent from my Nexus 7 using xda premium
mybook4 said:
I noticed that the recovery.fstab committed is from the Ouya stock recovery partition. When getting cwm to work properly with the internal sdcard, we ended up having to change the sdcard line.
I made the change and submitted a pull request.
Edit: I saw you merged the change.
Click to expand...
Click to collapse
Thanks, appreciate the help, hopefully, we'll have a working build soonish
If you need any help with kernel debugging/boot issues, I'll be happy to offer up the assistance of my bus pirate.
I was looking at building CM also, but there was always that step in every tut I looked at for "how to port CM to a new device" that basically said "select your device from the build tree"... well if it was in the device tree it wouldn't really be a "new" device then would it!
Also you may want to look at building 10 instead of 10.1, might have less kernel issues as its 4.1.2 jb... at least so we can get some alternative rom working then go for 10.1 after that.
Good luck!
Vinny75,
What method did you use to create the files?
"Method 1: Use mkvendor.sh to generate skeleton files"
"Method 2: Fork a similar device's git repository"
or "Method 3: create the directories and files manually"
mybook4 said:
Vinny75,
What method did you use to create the files?
"Method 1: Use mkvendor.sh to generate skeleton files"
"Method 2: Fork a similar device's git repository"
or "Method 3: create the directories and files manually"
Click to expand...
Click to collapse
I started out with Method 1 then moved over files and settings from the ASUS TF700T.
professorpoptart said:
If you need any help with kernel debugging/boot issues, I'll be happy to offer up the assistance of my bus pirate.
I was looking at building CM also, but there was always that step in every tut I looked at for "how to port CM to a new device" that basically said "select your device from the build tree"... well if it was in the device tree it wouldn't really be a "new" device then would it!
Also you may want to look at building 10 instead of 10.1, might have less kernel issues as its 4.1.2 jb... at least so we can get some alternative rom working then go for 10.1 after that.
Good luck!
Click to expand...
Click to collapse
Yes, building the new device tree has been... uhm... educational... and I am still learning. If I don't make any headway on 10.1, I might drop back to 10 - at least most of the legwork will be done.
Ok, so I'm in the middle of a build
Have a vendor tree on my git and I forked Vinny75's device tree, modified it some
Also a kernel tree up there, which is required for my device tree (prefer to build the kernel myself =) I've booted a custom-built kernel on it already, so that shouldn't be an issue)
I'm nervous to flash this though. I did a bit of searching but couldn't come up with a way to get back into recovery should this thing not boot. You guys know of anything?
Other than using adb to reboot to recovery, http://forums.ouya.tv/discussion/1380/recovery-mode is all I've seen so far to force into recovery mode.
Sent from my Nexus 7 using xda premium
mybook4 said:
Other than using adb to reboot to recovery, http://forums.ouya.tv/discussion/1380/recovery-mode is all I've seen so far to force into recovery mode.
Sent from my Nexus 7 using xda premium
Click to expand...
Click to collapse
Yea, that's what I'm seeing.
So here's my 'solution'
Since we have fastboot, we can boot a boot.img without having to worry about flashing it.
I've successfully booted my cm boot.img, with ro.secure=0 and ro.adb.secure=0, I can adb reboot it when it fails miserably to boot
Quick and dirty script to unsecure a boot.img:
http://pastie.org/8033076
It assume that unpackbootimg and mkbootimg are in your path, you can get them here: http://invisiblek.org/mkbootfs_tools.zip
Getting closer...
THere's a keyboard solution in the Ouya Questions forum in the thread, [Q] Is My Ouya Dead?
dibblebill said:
THere's a keyboard solution in the Ouya Questions forum in the thread, [Q] Is My Ouya Dead?
Click to expand...
Click to collapse
Yeah, I think that is the same solution posted earlier:
mybook4 said:
Other than using adb to reboot to recovery, http://forums.ouya.tv/discussion/1380/recovery-mode is all I've seen so far to force into recovery mode.
Click to expand...
Click to collapse
THis might be another option too:
tylerwhall said:
I started looking into bootloader-level recovery tonight before messing with the file system too much and potentially getting into a bad state. I couldn't find this information anywhere else.
Bootloader strap
On the back of the board in the center, there is an unpopulated button (U33). When jumped while the power button is pressed, this appears to put the bootloader into USB recovery mode. It enumerates with an nvidia vendor id. Presumably nvflash or tegrarcm could be used to unbrick the device.
I haven't done anything with the bootloader recovery since I haven't yet made a backup. I'm not sure how much of the functionality is allowed given the state of the production fuse, but I would think we could use this to at least get back to a stock state.
Click to expand...
Click to collapse
Some NVidia devices lock access out at the nvflash level unless you've got the manufacturer's key. I believe you get locked out with a 0x4 (nvflash's way of saying "go away").
Using fastboot is probably the quickest, easiest, and safest way to test new kernels.
Sent from my SCH-I535 using xda premium
mybook4 said:
Some NVidia devices lock access out at the nvflash level unless you've got the manufacturer's key. I believe you get locked out with a 0x4 (nvflash's way of saying "go away").
Using fastboot is probably the quickest, easiest, and safest way to test new kernels.
Sent from my SCH-I535 using xda premium
Click to expand...
Click to collapse
ah he makes it sound like it puts you in USB recovery mode fo you could ADB in to push an update.
Just wanted to say I'm totally stoked on this guys! Can't wait to see what you do with this. Wish I could help, but I'm really not a developer.
i agree with rebel! but when you guys have it readyish ill test flash it and tell you what happens!!
So, OUYA isn't really as interested in being an open console as they suggest.
I'm keeping a track of how many requests we get relating custom firmware, and from what I'm seeing the user base is not as interested in custom firmware as you might think, which is echoed by this thread (we've shipped 60,000+ units, and less than 10 people have commented in the last month in this thread about getting access to recovery mode).
That doesn't mean that we're shooting the idea down, you need to keep in mind that in terms of priorities this is way down the list as you'd expect from any feature where it's being requested by less than one tenth of one percent of the user-base.
I'm sure @Wajeemba is familiar with CM requests that a very small minority of the user-base are very passionate about, so hopefully you can understand why we're not rushing to work on this.
Click to expand...
Click to collapse
Go to this thread and let them know we want support:
http://forums.ouya.tv/discussion/1380/recovery-mode
That's not even slightly surprising. If every user demanded CM10 they still wouldn't comply, because then they'd lose their one means of profit (ouya store), the fact that "nobody is asking for it" is their excuse, and they'll think of another one if that ever changes.
This is why we just need to proceed without them. I'm on week two of who knows how many weeks away from home on work, so my efforts at porting CM have been put on hold. Have you been able to make any progress? I'd totally loan my Ouya to Fattire or Dalingrin, or another whiz porter if they'd be willing to work on it...
sonofskywalker3 said:
That's not even slightly surprising. If every user demanded CM10 they still wouldn't comply, because then they'd lose their one means of profit (ouya store), the fact that "nobody is asking for it" is their excuse, and they'll think of another one if that ever changes.
This is why we just need to proceed without them. I'm on week two of who knows how many weeks away from home on work, so my efforts at porting CM have been put on hold. Have you been able to make any progress? I'd totally loan my Ouya to Fattire or Dalingrin, or another whiz porter if they'd be willing to work on it...
Click to expand...
Click to collapse
I'd check with invisiblek about how to avoid bricking the OUYA. Apparently his is bricked. It's stuck in nvflash mode. I think it was a kernel written with a bad init.rc that did it. not sure though.
Sent from my Nexus 7 using xda premium

Moto purchase, status "LOCKED"

I am on VZW. My phone status was "UNLOCKED" upon arrival from Moto. Since then, I found that the status has changed to "LOCKED". The status has not changed back to "UNLOCKED" after a factory reset. I have neither unlocked the bootloader or rooted.
Does the status refer to the bootloader, or did my phone lock to the carrier. Either way, is there a way to return the status to "UNLOCKED"?
gmermel said:
I am on VZW. My phone status was "UNLOCKED" upon arrival from Moto. Since then, I found that the status has changed to "LOCKED". The status has not changed back to "UNLOCKED" after a factory reset. I have neither unlocked the bootloader or rooted.
Does the status refer to the bootloader, or did my phone lock to the carrier. Either way, is there a way to return the status to "UNLOCKED"?
Click to expand...
Click to collapse
Are you talking about the status in the bootloader?
If you want to unlock your bootloader there are a few guides on here to show you how.
skaforey said:
Are you talking about the status in the bootloader?
Click to expand...
Click to collapse
I am on the recovery screen itself. Before moving to the bootloader screen.
gmermel said:
I am on the recovery screen itself. Before moving to the bootloader screen.
Click to expand...
Click to collapse
Bootloader comes before recovery. The screen where you pick to boot to recovery, is the bootloader. Is this where you mean?
rootSU said:
Bootloader comes before recovery. The screen where you pick to boot to recovery, is the bootloader. Is this where you mean?
Click to expand...
Click to collapse
Then yes, the bootloader screen.........
Does that mean my phone is still not locked to VZW?
I guess now you know WHY I haven't rooted.
gmermel said:
Then yes, the bootloader screen.........
Does that mean my phone is still not locked to VZW?
I guess now you know WHY I haven't rooted.
Click to expand...
Click to collapse
well, when verizon finally releases, it might be sim locked. but you bought from motorola directly, and wont be sim locked to verizon, ever.
gmermel said:
Then yes, the bootloader screen.........
Does that mean my phone is still not locked to VZW?
I guess now you know WHY I haven't rooted.
Click to expand...
Click to collapse
The phone shouldn't have come unlocked from the factory. I suggest you backup your data and oem unlock the phone.
How do do an oem unlock?
gmermel said:
How do do an oem unlock?
Click to expand...
Click to collapse
Using fastboot commands you type fastboot OEM unlock to unlock your bootloader. This will wipe all of your data so you should back up anything you don't want to lose.
This is the easiest way to get everything done from unlocking and putting a custom recovery. This will also help you if you need to go back to stock for any reason.
http://www.wugfresh.com/nrt/
encephalon9986 said:
This is the easiest way to get everything done from unlocking and putting a custom recovery. This will also help you if you need to go back to stock for any reason.
http://www.wugfresh.com/nrt/
Click to expand...
Click to collapse
not really. the right way is the easiest way, and you learn along the way. using a toolkit, you will learn nothing, not even the basics. the right way to do it takes about 3-5 minutes..
1. fasdtboot oem unlock(this unlocks the bootloader)
2. fastboot flash a custom recovery
3. flash supersu in your new recovery
4. reboot with root.
simms22 said:
not really. the right way is the easiest way, and you learn along the way. using a toolkit, you will learn nothing, not even the basics. the right way to do it takes about 3-5 minutes..
1. fasdtboot oem unlock(this unlocks the bootloader)
2. fastboot flash a custom recovery
3. flash supersu in your new recovery
4. reboot with root.
Click to expand...
Click to collapse
Just because I am using the toolkit doesn't mean I don't know the basics. I've been modding phones since the droid x days and before android I had windows mobile. I just prefer the simplicity of toolkits. Wugfresh does an excellent job making this program. I agree knowing the basics is a good thing because you should know what needs to be done for this all to happen but then again toolkit is very simple.
encephalon9986 said:
Just because I am using the toolkit doesn't mean I don't know the basics. I've been modding phones since the droid x days and before android I had windows mobile. I just prefer the simplicity of toolkits. Wugfresh does an excellent job making this program. I agree knowing the basics is a good thing because you should know what needs to be done for this all to happen but then again toolkit is very simple.
Click to expand...
Click to collapse
who said anything about YOU? if you know what you are doing already, use a toolkit, i dont care. but if you are new to this, toolkits are not for beginners. simply because they dont teach anything, nor do you learn any of the basics.
simms22 said:
who said anything about YOU? if you know what you are doing already, use a toolkit, i dont care. but if you are new to this, toolkits are not for beginners. simply because they dont teach anything, nor do you learn any of the basics.
Click to expand...
Click to collapse
Very true I agree. Learning the actual way is the best to learn. Sometimes I like using the cmd because its more fun doing it yourself. Either way works but remember mod at your own risk (for the op).
encephalon9986 said:
This is the easiest way to get everything done from unlocking and putting a custom recovery. This will also help you if you need to go back to stock for any reason.
http://www.wugfresh.com/nrt/
Click to expand...
Click to collapse
Are there Mac tools as powerful and straightforward as Wugfresh?
I rooted my N7 using this tool. Simple for even me. However, that was when I had bootcamp on my Mac and could use Windows.
I use Apex launcher and am happy working in stock. The feature I miss is being able to use Titanium/TWRP for recovery. I have learned how to rebuild my system easily via file transfer, and using Terminal to root the phone isn't worth the down-side risks to me.
gmermel said:
Are there Mac tools as powerful and straightforward as Wugfresh?
I rooted my N7 using this tool. Simple for even me. However, that was when I had bootcamp on my Mac and could use Windows.
I use Apex launcher and am happy working in stock. The feature I miss is being able to use Titanium/TWRP for recovery. I have learned how to rebuild my system easily via file transfer, and using Terminal to root the phone isn't worth the down-side risks to me.
Click to expand...
Click to collapse
You can use fastboot on a Mac. Its even easier than windows. If you don't know how to use fastboot, if you've been reading the thread, we're saying do not use a toolkit.
Do you even need an unlocked bootloader? I don't think it came unlocked from the factory.
rootSU;58263052
Do you even need an unlocked bootloader? I don't think it came unlocked from the factory.[/QUOTE said:
Probably not. I was more interested in whether the "lock" referred to the phone/SIM. As long as that's not an issue I'm good.
However, in the spirit of the flow, I would like to learn to root on my Mac for its own sake. That being said, I'm not confident that I understand the various how-to's I've read to give it a go. As I mentioned, I don't want to play in Terminal, and I've never heard of "fastboot" as it relates to the Mac. If, however, the fastboot you are speaking of is the one on the phone itself (not the Mac), my lack of knowledge should be self evident. At least I know enough to not go where I don't know enough........
Click to expand...
Click to collapse
gmermel said:
However, in the spirit of the flow, I would like to learn to root on my Mac for its own sake. That being said, I'm not confident that I understand the various how-to's I've read to give it a go. As I mentioned, I don't want to play in Terminal, and I've never heard of "fastboot" as it relates to the Mac. If, however, the fastboot you are speaking of is the one on the phone itself (not the Mac), my lack of knowledge should be self evident. At least I know enough to not go where I don't know enough........
Click to expand...
Click to collapse
what is fastboot? http://www.androidcentral.com/android-z-what-fastboot
download fastboot for Mac http://www.androidcentral.com/sites/androidcentral.com/files/uploads/tools/fastboot-mac.zip
gmermel said:
Probably not. I was more interested in whether the "lock" referred to the phone/SIM. As long as that's not an issue I'm good.
However, in the spirit of the flow, I would like to learn to root on my Mac for its own sake. That being said, I'm not confident that I understand the various how-to's I've read to give it a go. As I mentioned, I don't want to play in Terminal, and I've never heard of "fastboot" as it relates to the Mac. If, however, the fastboot you are speaking of is the one on the phone itself (not the Mac), my lack of knowledge should be self evident. At least I know enough to not go where I don't know enough........
Click to expand...
Click to collapse
You would have to use a terminal but its very simple.
A terminal just means you type stuff and press enter instead of clicking buttons.
Fastboot is on both the phone and the computer. From the computer there is a fastboot for windows, Linux and Mac. You simply install them and type the commands from terminal.
This is my nexus 5 thread. Everything is relevant except the windows USB driver section
http://forum.xda-developers.com/showthread.php?t=2807273

Categories

Resources