I am trying to replace the kernel in a boot.img, and then repackage it to a zip that can be flashed. I am trying to follow a guide. Since I am not allowed to post a link, I'll post an excerpt:
E. The Boot.img
We already know that this is the kernel and ramdisk needed to boot up the device. You can pull this apart and swap out the kernel if you would like. For this, you're going to have to run Linux. If you're not able to run Linux natively, download Sun's Virtual Box and an easy to use Linux distro like Ubuntu or Fedora. We will leave custom kernel compilation for another day. To extract and rebuild the Boot.img we need some tools. These are in the attached Boot-tools.zip file found in the first post. Extract the entire zip file into a tools directory in the top level of your working directory. Open your terminal and navigate to your working directory, then enter the following commands:
Code:
/tools/extract-kernel.pl boot.img
/tools/extract-ramdisk.pl boot.img
This will place a copy of the kernel and ramdisk in your working directory. Overwrite the kernel image with the kernel you would like to use. Then re-package everything as so:
Code:
mkbootfs boot.img-ramdisk | gzip > ramdisk-boot
mkbootimg --kernel boot.img-kernel --ramdisk ramdisk-boot --cmdline "no_console_suspend=1 console=null" -o newBoot.img --base 0x19200000
Click to expand...
Click to collapse
I have no problem with the first 3 commands:
extract-kernel.pl boot.img
extract-ramdisk.pl boot.img
mkbootfs boot.img-ramdisk | gzip > ramdisk-boot
But this last command just returns the mkbootimg syntax help blurb:
mkbootimg --kernel boot.img-kernel --ramdisk ramdisk-boot --cmdline "no_console_suspend=1 console=null" -o newBoot.img --base 0x19200000
it returns this:
usage: mkbootimg
--kernel <filename>
--ramdisk <filename>
[ --second <2ndbootloader-filename> ]
[ --cmdline <kernel-commandline> ]
[ --board <boardname> ]
-o|--output <filename>
I noticed that the --base option isn't included in the help, so I left out the "--base 0x19200000". This worked fine and created the newBoot.img file. Will this be safe to use?
Thanks in advance.
Does anyone tried rebuilding boot.img for Streak?
Standard tools for unpacking and repacking the boot.img do not work, because Streak boot.img has a non-standard layout.
I managed to extract zImage and initrd manually from a working boot.img from r2-4399-streak-superboot.zip
gzip signatures 1F 8B 08 00 are at offsets:
0x49E0 - kernel
0x242000 - initrd
I extracted them manually using:
Code:
dd if=boot.img of=kernel.gz ibs=1 skip=18912 count=2348576
dd if=boot.img of=initrd.cpio.gz ibs=1 skip=2367488
But after reconstructing it into a boot.img again and flashing, Streak does not boot.
Code:
mkbootimg --base 0x20000000 --cmdline 'console=ttyMSM2,115200n8 androidboot.hardware=qcom' --kernel kernel.gz --ramdisk initrd.cpio.gz -o boot.img
fastboot -i 0x413c flash boot boot.img
Even after modyfing mkbootimg sources accordingly to carlosloz post, the generated boot.img still does not boot.
Does anyone know what magic sauce Dell adds to its boot.img ?
The changes that were proposed by carlosloz were identical the the changes I'd made to my mkboot the day before, and that was able to create a boot.img that did boot an extracted 4399 kernel and ramdisk.
I'll remember to post either the source or elf of it when I get home tonight for you to try.
see this page over at android-dsl.com Edit and Re-Pack Boot Images
fone_fanatic said:
see this page over at android-dsl.com Edit and Re-Pack Boot Images
Click to expand...
Click to collapse
The very second line of my post stated that this instructions do not work for Streak.
kwaaq said:
I'll remember to post either the source or elf of it when I get home tonight for you to try.
Click to expand...
Click to collapse
Thanks. I hope this would work.
So far I'm just running in circles scratching my head :/
Yes!
I got enlightenment yesterday and found a way of building boot.img
Attached you will find a boot.img that contains only kernel, adbd and busybox.
You may use it to see how deep the Streak Hole goes.
I was able to chroot to an Ubuntu Linux installation using this image.
Code:
[email protected]:~/Android/boot$ fastboot -i 0x413c flash boot boot.img
sending 'boot' (3136 KB)... OKAY
writing 'boot'... OKAY
[email protected]:~/Android/boot$ fastboot -i 0x413c reboot
rebooting...
[email protected]:~/Android/boot$ adb shell
~ $ su
su: access granted, courtesy of www.magicandroidapps.com
/ # ls
bin init.qcom.post_boot.sh root
default.prop init.qcom.rc sbin
dev init.qcom.sh sys
etc init.rc system
init proc tmp
/ # ls /sbin
adbd
/ # mount -t yaffs2 /dev/block/mtdblock6 /system
/ # ls /system
PreLoadNetworkSettings customization lost+found
Wallpapers etc media
app fonts ts.conf
bin framework usr
bootpriority.xml lib xbin
build.prop logfilter.ini
busybox lost+found
/ # umount /system
/ # mkdir /ubuntu
/ # mount -t ext2 /dev/block/mmcblk1p2 /ubuntu
/ # ls /ubuntu
bin home mnt sbin system
boot lib opt selinux tmp
dev lost+found proc srv usr
etc media root sys var
/ # PATH=/usr/bin:/usr/sbin:/bin:/sbin
/ # chroot /ubuntu /bin/bash
[email protected]:/# ls
bin dev home lost+found mnt proc sbin srv system usr
boot etc lib media opt root selinux sys tmp var
[email protected]:/# exit
/ #
~ $
OK, so I download your boot.img file and fastboot flashed it. After the reboot it comes to a black screen but I get no ADB driver prompt on my computer. I assume it's just freezing on boot.
What version of the Streak are you running the rom on?
JoeJonnyBoy75 said:
OK, so I download your boot.img file and fastboot flashed it. After the reboot it comes to a black screen but I get no ADB driver prompt on my computer. I assume it's just freezing on boot.
What version of the Streak are you running the rom on?
Click to expand...
Click to collapse
It's based on 4399 build, so it possibly runs on 21-EU models only.
Black screen is not good. You should see a short blank and see the Dell logo again with lower intensity of softbuttons light.
How did you manage to get the kernel and ramdisk back together?
I'm currently working on replacing the internal sdcard with a 16GB one but I need to modify the init.rc files to make it work.
<rant>I could behave like Paul @ MoDaCo and just ignore the question. But... </rant>
Like I mentioned the kernel and initrd start with gzip signature.
So you need to extract:
- header: 0 - 0x49DF
- kernel.gz: 0x49E0 - 0x241FFF
- initrd.cpio.gz: 0x242000 - EOF
Disassembling several working boot.img revealed that the offsets are always the same, and the usually empty header contains something that looks like a bootloader code. So I figured mkbootimg file with zero-filled header won't work.
So, I created new initrd (mkbootfs or straight cpio - both work), padded it with /dev/zero to 4k page size, concatenated header+kernel+newinitrd.
Almost there. You need to update header offsets and sizes. initrd offset stays the same, but size is different. initrd size is 4 bytes from 0x10 byte in header. Just enter the size of initrd (before padding with zeros) there, and you're done.
First I did it manually. Now I have a simple bash script to automate the work.
Above method works 100%. Every boot.img I generate works fine.
The key is to start with a working boot.img for your device - you need a kernel suited to your hardware.
Any chance you'd like to share your script?
One other quick question. I understood most of your instructions, although this isn't really my field of expertise, except how/where to enter the size of the init. If I'm understanding you correctly it goes at address 0x00000010.
Which would mean that in your red pill the entry you have at that address is DA DD 0C 00?
Also if you have time could you explain the padding part?
I think I'm close to getting this working, and look forward to custom init files.
The following information got outdated.
See http://codex.xiaoka.com/wiki/streak:kernel_porting#flashing
(Attachment Removed)
JoeJonnyBoy75 said:
Any chance you'd like to share your script?
Click to expand...
Click to collapse
Sure. No prob.
But mind it's SuperUgly(TM) but it gets the job done.
Click to expand...
Click to collapse
JoeJonnyBoy75 said:
One other quick question. I understood most of your instructions, although this isn't really my field of expertise, except how/where to enter the size of the init. If I'm understanding you correctly it goes at address 0x00000010.
Which would mean that in your red pill the entry you have at that address is DA DD 0C 00?
Also if you have time could you explain the padding part?
I think I'm close to getting this working, and look forward to custom init files.
Click to expand...
Click to collapse
0x000CDDDA = 843226 bytes, which is the size of my initrd.
The page size of boot.img is 4k so you need to pad the initrd to fill the whole last page with something - preferably zeros.
smokku said:
Does anyone tried rebuilding boot.img for Streak?
Standard tools for unpacking and repacking the boot.img do not work, because Streak boot.img has a non-standard layout.
Click to expand...
Click to collapse
I was able to extract boot.img using the command "unpack-bootimg.pl" found in split_bootimg.zip from that link.
Code:
$ unpack-bootimg.pl boot.img
kernel written to boot.img-kernel.gz
ramdisk written to boot.img-ramdisk.cpio.gz
gzip: ../boot.img-ramdisk.cpio.gz: decompression OK, trailing garbage ignored
591 blocks
extracted ramdisk contents to directory boot.img-ramdisk/
Or is this not the proper way to do it?
fone_fanatic said:
I was able to extract boot.img using the command "unpack-bootimg.pl" found in split_bootimg.zip from that link.
[...]
Or is this not the proper way to do it?
Click to expand...
Click to collapse
IIRC unpack-bootimg.pl extracts initrd correctly, but kernel is broken,
and split_bootimg.pl the other way around - kernel is OK, but initrd is incomplete.
But splitting the image is easy. The reconstruction using standard tools (mkbootimg) does not work though.
smokku said:
IIRC unpack-bootimg.pl extracts initrd correctly, but kernel is broken,
and split_bootimg.pl the other way around - kernel is OK, but initrd is incomplete.
But splitting the image is easy. The reconstruction using standard tools (mkbootimg) does not work though.
Click to expand...
Click to collapse
Ahh ok, haven't tried to repack yet, just been snooping around in it.
Sent from my Dell Streak using XDA App
Apologies, first time I've actually gotten home at a sane hr for the past two weeks.
Thank you very much smokku. I've finally, successfully, recompiled my boot.img and am able to make changes.
Here are the step I used to get it to work. Note that the kernel for the 2.1 roms starts at a lower address then the 1.6 ones.
1. Unpack-bootimg.pl got me the initrd folder and contents.
2. I ended up extracting the header and kernel via a hex editor. I used the gzip headers to find the start of the initrd and then purged it.
3. This left me with a header/kernel file and the initrd folder. I then made the changes to initrd I wanted. (Still lots of testing to do)
4. I modified the script provided by smokku (awesome) to work with the header/kernel file being one file instead of two.
5. Ran the script and recorded the output size.
6. Opened the new compiled boot file with a hex editor and entered the size at address 0x10 (as per smokku).
7. Installed the new boot.img with fastboot and rebooted.
Now it all works and I'm able to modify to my hearts content. Guess I now have to do it with the 8105 build.
Thanks smokku, couldn't have done it without you.
Now the only missing link is the kernel source.
I want to unpack and repack .img files. I tried with winrar, no success. I tried to mount as a disk image, but no success. I've tried to see other posts about it, but no one tell me how to do with windows. Can you help me?
My recommendation would be to run a virtual unbuntu linux machine and start learning linux. If you're playing around with kernels you're going to want to compile your own pretty soon.
That being said:
the unpack-bootimg.pl is a perl script, you can probably install perl on your windows machine to unpack the bootimg.
I use mkbootimg to repack the kernel image, whic is a binary executable. I'm not sure if there a precompiled windows version you can download or if it comes with the windows NDK but that would be the way to go to repack the boot img.
Here's a copy and paste about repacking the kernel on linux that i just made in the xoom forum
(1) make a backup with CWM, and copy the boot.img to my computer.
(2) extract boot.img with unpack-bootimg.pl
(3) this gives me the boot-img-ramdisk.cpio.gz file and boot.img-kernel.gz
If you want to recpio because you changed the ramdisk/added ko's run:
cd boot.img-ramdisk/
find . | cpio -o -H newc | gzip > ../bootimg-ramdisk.cpio.gz
cd ..
(4) use command:
mkbootimg --cmdline 'androidboot.carrier=wifi-only product_type=w' --kernel zImage --ramdisk boot.img-ramdisk.cpio.gz -o boot-new.img --base 0x30000000 --pagesize 4096
adb reboot bootloader
fastboot flash boot boot-new.img
use a hex editor from a working boot.img to determine what the cmdline option should be set to for your device. The easiest way is to take one from a cwm backup.
I have update.img from venor of my tablet. I would like to make a custom rom and later CyanogenMod. At this moment I need to extract boot.img form update.img
mkimage -l update.img displays:
mkimage: Bad Magic Number: "update.img" is no valid image
Image Type : Davinci UBL Boot Image
UBL magic : 57464b52
Entry Point: 00010066
nr of pages: 00000401
start block: 07dd0105
start page : 290e1201
Any idea?
You can download update.img from:
https://mega.co.nz/#!XFExEDBL!OkPfQwWDp0JDzRHIg4TZQk6lt3EwEJiDfR2IyOE6p_4
mafamafa said:
I have update.img from venor of my tablet. I would like to make a custom rom and later CyanogenMod. At this moment I need to extract boot.img form update.img
mkimage -l update.img displays:
mkimage: Bad Magic Number: "update.img" is no valid image
Image Type : Davinci UBL Boot Image
UBL magic : 57464b52
Entry Point: 00010066
nr of pages: 00000401
start block: 07dd0105
start page : 290e1201
Any idea?
You can download update.img from:
https://mega.co.nz/#!XFExEDBL!OkPfQwWDp0JDzRHIg4TZQk6lt3EwEJiDfR2IyOE6p_4
Click to expand...
Click to collapse
try using ext2explore...
ext2explore didn’t show anything
mr.harsh said:
try using ext2explore...
Click to expand...
Click to collapse
Unfortunately ext2explore didn’t show anything. Any idea? Maybe somebody download the file I posted I mega.co.nz and check it?
unmkbootimg doing the job for you
mafamafa said:
Unfortunately ext2explore didn’t show anything. Any idea? Maybe somebody download the file I posted I mega.co.nz and check it?
Click to expand...
Click to collapse
There is programm called unmkbootimg. type:
unmkbootimg boot.img
will create zImage and initramfs.cpio.gz files in current directory. scripts/extract-ikconfig will give you config from kernel.
kaptorali said:
There is programm called unmkbootimg. type:
unmkbootimg boot.img
will create zImage and initramfs.cpio.gz files in current directory. scripts/extract-ikconfig will give you config from kernel.
Click to expand...
Click to collapse
Shoud I run it on my Tablet? Shoud I install something on my tablet?
mafamafa said:
Shoud I run it on my Tablet? Shoud I install something on my tablet?
Click to expand...
Click to collapse
If you have unpacked ROM and got yourromfolder/RFSFAT16_BOOT_00000000000 then all you need
>unmkbootimg yourromfolder/RFSFAT16_BOOT_00000000000
To get boot.img from tablet: install Term(terminal) (to tablet), run terminal, type:
>su
>busybox dd if=/dev/block/nandc of=/mnt/sdcard/boot.img
Copy boot.img from /mnt/sdcard/ (or other directory) to "extsd", insert to PC and run unmkbootimg
From adb shell (linux style):
>./adb start-server
In tablet turn on "usb adb debugging". Plug tablet to PC with usb. Run:
>./adb shell busybox dd if=/dev/block/nandc of=/mnt/sdcard/boot.img
>./adb pull /mnt/sdcard/boot.img boot.img
Run unmkbootimg.
mkimage -l update.img gives you header (first 64bites) of your boot.img - all right.
Also unmkbootimg type output for building (packing) new_boot.img!
mafamafa said:
Any idea?
Click to expand...
Click to collapse
$ dd if=update.img skip=1 bs=13155412 of=boot.img
I've updated unmkbootimg so it handles embedded boot images now. Download it and run it directly on your update.img
$ unmkbootimg update.img
unmkbootimg version 1.2 - Mikael Q Kuisma <[email protected]>
File update.img not a plain boot image, seeking for embedded image ... found!
Kernel size 8073252
Kernel address 0x60408000
Ramdisk size 6380372
Ramdisk address 0x62000000
Secondary size 0
Secondary address 0x60f00000
Kernel tags address 0x60088000
Flash page size 16384
Board name is ""
Command line ""
*** WARNING ****
This image is built using NON-standard mkbootimg!
OFF_KERNEL_ADDR is 0x00380100
OFF_RAMDISK_ADDR is 0x01F78100
OFF_SECOND_ADDR is 0x00E78100
Please modify mkbootimg.c using the above values to build your image.
****************
Extracting kernel to file zImage ...
Extracting root filesystem to file initramfs.cpio.gz ...
All done.
---------------
To recompile this image, use:
mkbootimg --kernel zImage --ramdisk initramfs.cpio.gz --base 0x60087f00 --pagesize 16384 -o new_boot.img
---------------
$ ls
initramfs.cpio.gz update.img zImage
$
Click to expand...
Click to collapse
I am trying to install Linux on my Samsung Galaxy Tab S using the directions described in How to run Debian or Ubuntu GNU/Linux on your Android (I am not yet allowed to specify the URL but you might google it). However I cannot find the zImage (which is the original kernel in the tablet) to be used in the command
Code:
# mkbootimg --base 0x00200000 --kernel zImage --ramdisk initramfs.cpio.gz -o my-boot.img
What dælen can I do to find and extract it?
Thanks in advance.
CMJager said:
I am trying to install Linux on my Samsung Galaxy Tab S using the directions described in How to run Debian or Ubuntu GNU/Linux on your Android (I am not yet allowed to specify the URL but you might google it). However I cannot find the zImage (which is the original kernel in the tablet) to be used in the command
Code:
# mkbootimg --base 0x00200000 --kernel zImage --ramdisk initramfs.cpio.gz -o my-boot.img
What dælen can I do to find and extract it?
Thanks in advance.
Click to expand...
Click to collapse
You need to unpack the boot image to separate the kernel(zImage) and ramdisk. There are various tools about to do this.
ashyx said:
You need to unpack the boot image to separate the kernel(zImage) and ramdisk. There are various tools about to do this.
Click to expand...
Click to collapse
So where (or how) do i find the boot image?
CMJager said:
So where (or how) do i find the boot image?
Click to expand...
Click to collapse
The boot.img can either be found in the stock firmware or pulled frm the device or use a custom kernel posted in development.
Found it:
Code:
# ls -l /dev/block/platform/dw_mmc.0/by-name/BOOT
lrwxrwxrwx root root 2015-12-27 19:43 BOOT -> /dev/block/mmcblk0p9
Put the contents in a file:
Code:
# cat /dev/block/mmcblk0p9 /sdcard/boot.img
And at my linux box extracted the contents:
Code:
$ adb pull /storage/sdcard0/boot.img
$ unpackbootimg -i boot.img
BOARD_KERNEL_CMDLINE
BOARD_KERNEL_BASE 10000000
BOARD_PAGE_SIZE 2048
$
Then I also found a more robust mkbootimg-command:
Code:
$ mkbootimg --kernel boot.img-zImage --ramdisk boot.img-ramdisk.gz -o my-boot.img --base $(cat boot.img-base)