I recently got my hands on a WeTek Hub. All round quite a nice little box, but the default lowmemorykiller settings are a little annoying, and sometimes result in the boot failing because the kernel decided to kill one of the startup processes. I'm trying to modify the settings in the init.rc, but I'm having a spot of trouble with a boot loop after repacking the boot image.
I copied the image off the device by using dd to extract the partition to a file, and then used the built-in FTP server to copy it off the device, and extracted it using unmkbootimg. after unzipping, extracting, modifying, and re-packing, I used mkbootimg to recreate the image, and dd'd it back onto the box (commands below).
Code:
dd if=/dev/block/boot of=/sdcard/boot.img
Code:
./unmkbootimg boot.img
mv initrd.img{,.gz}
gunzip initrd.img.gz
mkdir initrd
cp initrd.img initrd
cd initrd
cpio -i < initrd.img
rm initrd.img
# change stuff here
find . | cpio -o -H newc > ../initrd.cpio
cd ..
gzip initrd.cpio
./mkbootimg --kernel kernel.gz --ramdisk initrd.img.gz -o new_boot.img
Code:
dd if=/sdcard/new_boot.img of=/dev/block/boot
Unfortunately, that left me with a flashing WeTek logo as the it continuously rebooted. examining the logs from u-boot didn't give anything useful, but luckily I was able to get it into recovery and flash Ricardo's Android TV ROM back on there. Unfortunately, I'm still stuck with the original boot failure issue. Any clues as to what I've missed?
I do so
Code:
cd boot
../mkboot boot.img unpaсk
cd unpack/ramdisk
find . | cpio -o -H newc | gzip > ../ramdisk.packed
[I][B]# (edit size ramdisk in /boot/unpack/img_info file)[/B][/I]
cd ../..
../mkboot unpack boot.img
all is working
Related
Anyone know how to do that and bundle it back up into a zImage we can flash on the Vibrant/Galaxy S? HTC's boot.img was reasonably simple to mod, but I haven't found any good data on re-assembling the zImage Samsung uses. I have been able to extract the initrd, but nothing on putting it back together.
I'd prefer not to completely build the kernel, as I'd like to keep using JACs and he hasn't posted the source. And I'd have to build the cross-compiler as well, time consuming.
Irritating, the Samsung kernel source build works but doesn't do this bit either. No initrd... grrrr...
No doubt there is a way to reverse-engineer the way the kernel and ramdisk is put together, but it's way beyond my capability at the moment. With that said, if we can take it apart, we can probably put it back together.
i too am looking for instructions how to repack and/or split this
Jr33 said:
i too am looking for instructions how to repack and/or split this
Click to expand...
Click to collapse
Here's how you pull the initrd out from a Vibrant image, well, JAC OCv4 anyway.. Based on a thread and script in the international Galaxy S forum. I still don't know how to re-assemble it, but Wes put some stuff in git that might help, I'm still building after a repo sync. After you run the script with the zImage as the only parameter, you should get an initrd directory with the extracted contents of the ramdisk.
Code:
#!/bin/sh
zImage=$1
#=======================================================
# find start of gziped kernel object in the zImage file:
#=======================================================
pos=`grep -a -b --only-matching $'\x1F\x8B\x08' $zImage | cut -f 1 -d :`
echo "-I- Extracting kernel image from $zImage (start = $pos)"
# dd if=$zImage bs=1 skip=$pos | gunzip > kernel.img
#===========================================================================
# find start and end of the "cpio" initramfs image inside the kernel object:
# ASCII cpio header starts with '070701'
# The end of the cpio archive is marked with an empty file named TRAILER!!!
#===========================================================================
search=`perl -e'print "\x1F\x8B\x08"'`
start=`grep -a -b --only-matching $search kernel.img | head -1 | cut -f 1 -d :`
echo "-I- Extracting initramfs image from kernel.img (start = $start, end = $end)"
dd if=kernel.img bs=1 skip=$start | gzip -d -c > initramfs.img
mkdir initrd
cd initrd
cpio -i --no-absolute-filenames < ../initramfs.img
Maybe a noob question, but how do you guys split and repack SGS3 boot.img ?
The usual perl scripts don't seem to work with any S3 boot.img I came across (neither for the Galaxy Tab 7.7 boot.img's btw).
I keep getting this error :
Android Magic not found in boot.img. Giving Up.
Click to expand...
Click to collapse
Thanks for answering.
To unpack, you can do this:
Code:
abootimg -x boot.img && mkdir newramdisk && cd newramdisk && zcat ../initrd.img | cpio -i --no-absolute-filenames
Of course, that assumes you have abootimg installed. The above will split the zImage and the ramdisk from the boot.img and then proceed to extract the files from the ramdisk. Some ramdisks are not Gzip compressed so in that case use cat instead of zcat. Also: run that as root to make sure you don't mangle the files' permissions. I haven't tried repacking, though. ("find . -print | cpio -o -H newc | gzip > ../initrd.img" followed by "cd .. ; abootimg -u boot.img -r initrd.img" worked for my U8800pro, but I've had no need to try it with GS3 images.) I'd start by looking at the tools that come with the official Samsung source distribution and guides that tell you how to build a Samsung kernel.
Thanks a lot for this thorough answer
Trying this right now.
Couldn't find a specific Samsung kernel-related tutorial, though good idea to go take a look at Samsung's official kernel documentation.
qwerty12 said:
To unpack, you can do this:
Code:
abootimg -x boot.img && mkdir newramdisk && cd newramdisk && zcat ../initrd.img | cpio -i --no-absolute-filenames
Of course, that assumes you have abootimg installed. The above will split the zImage and the ramdisk from the boot.img and then proceed to extract the files from the ramdisk. Some ramdisks are not Gzip compressed so in that case use cat instead of zcat. Also: run that as root to make sure you don't mangle the files' permissions. I haven't tried repacking, though. ("find . -print | cpio -o -H newc | gzip > ../initrd.img" followed by "cd .. ; abootimg -u boot.img -r initrd.img" worked for my U8800pro, but I've had no need to try it with GS3 images.) I'd start by looking at the tools that come with the official Samsung source distribution and guides that tell you how to build a Samsung kernel.
Click to expand...
Click to collapse
Great!! Thanks for your information.
Here is what I use. Inside there are three binaries and two perl scripts,, copy the binaries into /usr/bin/ or you can add them in their own place and add that to the path. Then use this to help you use the files
Thanks for that too, ima try those scripts
Getting this error :
~$ perl unpack-bootimg.pl boot.img
could not find any embeded ramdisk images. Are you sure this is a full boot image?
Click to expand...
Click to collapse
Apparently, from what I have been reading, Samsung uses a different type of kernels than other manufacturers.
Although there's a huge number of custom samsung kernels out there. There might be a way^^
Here is the kernel i'm trying to edit if anyone wanna give a try at unpacking it for me.
That is true up until the S3 boot.img/kernel They have always used a zImage. Now Google has forced them to move over to EXT4 system and change the kernel format.
That file is only 2.88 mb's that is way too small to be a full kernel. Even for stock with no tweaks. That's why you are having an error.
This is the original boot.img from the CM9 for Galaxy Tab 7.7 update.zip
However i get the same error when trying to unpack S3 stock boot.img or even CM10 boot.img, although when i try the same scripts on my Xperia Play's kernels they unpack properly.
Good thing if Google made Samsung do kernels like others
Hi,
Did you manage to unpack/repack the SGS3 boot image? I'm trying to modify init.rc in an international SGS3 (i9300).
I've managed to unpack the boot image (from /dev/block/mmcblk0p5) as per qwerty12's command but how do I repack it?
Thanks!
I've read several tutorials both here and elsewhere. I've got a few different methods down using mkbootimg, unpackbootimg, abootimg, the perl scripts, and I have gzip/gunzip/cpio commands down. Splitting and repacking go without errors.
However, I cannot, to save my life, whether I modify something or not, get a boot image that I split and repacked to boot on my device.
I have a G4 H811 the T-Mobile variant. I have been playing with boot images and kernels included with ROMs and a custom kernel, even dd'd the working boot partition from my device. I simply cannot repack something that boots.
Here's an example approach, here I'm using binaries from a custom kernel zip mkbootimg, unpackbootimg, and the busybox included in the zip. I'm doing exactly what the kernel maintainer does to split the image, replace zImage and repack, only manually in a terminal and modifying the ramdisk leaving everything else alone.
mkdir boot
cd boot/
cat /dev/block/bootdevice/by-name/boot >boot.img
chmod 755 busybox
chmod 755 mkbootimg
chmod 755 unpackbootimg
./unpackbootimg -i boot.img
mkdir initrd
cd initrd
cat ../boot.img-ramdisk.gz | ../busybox gunzip | ../busybox cpio -vid
vi init.rc(made changes)
../busybox find . | ../busybox cpio -o -H newc | ../busybox gzip >../myinitrd.img
cd ..
./mkbootimg --kernel boot.img-zImage --ramdisk myinitrd.img --cmdline "$(cat boot.img-cmdline)" --base 0x$(cat boot.img-base) --pagesize 4096 --ramdisk_offset $(cat boot.img-ramdiskoffset) --tags_offset $(cat boot.img-tagsoffset) --output myboot.img
./busybox dd if=myboot.img of=/dev/block/bootdevice/by-name/boot
I end up with with a 26.8MB myboot.img and a bootloop
Here's a really good example, I changed absolutely nothing. After unpacking and repacking I end up with two different size boot images. What am I missing here?
I am trying below method to get adb sheel root , but seems it does not work, can anybody tell me whether this method is working on Samsung device with Android 5.1.1 or not?
- Unlock bootloader , using 'Rom Service', after done, I can see, on the Download mode, the 'CROM service' is 'UnLock'
- Turn on the USB debugging in the Developer options
- Download the stock device image from internet
- unzipped the stock image, obtain the boot.img file
- extract the boot.img content by below command
$mkdir boot
$cd boot
$abootimg -x /tmp/boot.img
- extract the initrd.img to get the ramdisk files
$mkdir initrd
$cd initrd
$cat ../initrd.img | gunzip | cpio -vid
- then edit the default.prop file, to change the ro.secure=1 to ro.secure=0
- recreate the ramdisk image by
$cd initrd
$find . | cpio --create --format='newc' | gzip > ../myinitrd
- repack the boot.img by
$abootimg --create myboot.img -f bootimg.cfg -k zImage -r myinitrd.img
- convert the boot img file to tar with md5
$tar -H ustar -c myboot.img > myboot.tar
$md5sum -t myboot.tar >> myboot.tar
- boot device to Downloading mode (Home + power + Volume down), try to use the Odin to flash the modified boot image to my Samsung J3Pro, but FAILED!
the error message in Odin is: Complete(Write) operation failed
on the device, error is 'Unsupport dev_type'
I suspect Samsung has done sth in the bootloader to block this flash....
Can anybody tell me anthing wrong?
Hey all,
I am learning how Android works and am trying to figure out how I can update the Android filesystem by extracting a ramdisk from normal boot.img, adding some files, then flashing it back. So far, I have been unsuccessful in doing this and am hoping to figure out why. Here's the steps below I have taken:
Using a Google Pixel 4a, Android 11, kernel v 4.14 (i.e. not GKI)
High level:
Extract ramdisk.cpio from boot.img using magiskboot via adb on device, modify extract contents, sent back up to magiskboot, repackaged, then flashed via fastboot.
Detailed steps:
Grab ramdisk.cpio
Code:
$ # obtain the ramdisk.cpio from magiskboot
$ adb -d shell "cd ${BOOT_IMG_PATH}; ./magiskboot unpack boot.img"
$ adb -d pull /${BOOT_IMG_PATH}/ramdisk.cpio /tmp/
$ # attempt to modify the filesystem
$ mkdir /tmp/rd && cd rd
$ cpio -i < /tmp/ramdisk.cpio
$ touch yolo
$ echo "why doest this work" > system/wtf.txt
$ echo "why doest this work" > sys/wtf.txt
$ echo "why doest this work" > vendor/wtf.txt
#patch this directory back up and send to magiskboot
$ find . | cpio -oH new > /tmp/new.ramdisk.cpio
$ adb -d push /tmp/new.ramdisk.cpio ${BOOT_IMG_PATH}/ramdisk.cpio
$ adb -d shell "cd ${BOOT_IMG_PATH}; ./magiskboot repack boot.img
$ adb -d pull /${BOOT_IMG_PATH}/new-boot.img /tmp/
# apply this modifyied boot.img
$ adb reboot bootloader
fastboot flash boot /tmp/new-boot.img
fastboot reboot
After doing this, I'll adb back in to verify:
Code:
adb -d shell "find / -name "wtf.txt" 2>/dev/null
# silence.... always silence... no file change
* I am aware that Wu modifies the extracted dtb file from boot.img with a "magiskboot dtb dtb patch" command but that doesn't seem to apply to my particular boot.img as the fstab doesn't seem to be around
* I am aware that vbmeta and codesigning, I have disabled vbmeta via fastboot
* I am aware that there's A/B slots for flashing. I have tried flashing both slots to make sure the updated ramdisk is seen
* I am aware of magiskboot's kernel patch from skip_initramfs -> want_initramfs. I could use some clarification on this if it pertains to my problem
* My Android device uses "mount method C" from Wu's great writeup https://github.com/topjohnwu/Magisk/blob/master/docs/boot.md. That is, it's init's job to mount everything on my device. I guess I feel confused as to why init wouldn't mount the additional files that I've added to the ramdisk
Extremely grateful for help or guidance on what I've overlooked. Thanks y'all
You should probably examine your modified boot file to see if the new stuff is in there.
I don't use your tools or even deal with cpio as a file type.
Code:
C:\>echo Hello > sbin\bogus
C:\>imgutil /i boot.img sbin/bogus
C:\>imgutil /l boot.img
...
sbin/bogus
...