Flash kernel image
From OpenEZX
ALL THE INFORMATION AND CODE IN THIS PACKAGE ARE PROVIDED AS-IS, WITHOUT WARRANTY OF ANY KIND. DONT BLAME ME IF YOU BRICK YOUR PHONE.
ALL THE CODE AND BINARY FILES IN THIS PACKAGE ARE FREE TO USE AND REDISTRIBUTE, WITH A GPL LICENSE OR SIMILAR.
HERE WE WILL FLASH RAW IMAGES/DATAS, FLASH ONLY A FILE IF YOU ARE SURE IT WILL WORK ON THE PHONE, AT THE PLACE YOU FLASH IT!
DO NOT FLASH MOTOROLA'S "STOCKS" OR "MODDED" FIRMWARES IN .SBF OR .SHX PROPRIETARY FILEFORMATS WITH GEN-BLOB OR FLASHKIT
Contents |
Using boot_usb and gen-blob
Genblob is a second stage bootloader recently developed by Daniel Ribeiro, it adds a lot of features in a minimalistic file. Some of these features are the needed "hardware initialisation" for the 2.6 kernel to properly boot, to allow a BP communication even if the kenrel is sent over the USB, and one other commands useful for the develppers: flashing on the phone's NOR flash memory.
To send these commands we use the boot_usb, we will also use it to send and receive the datas from and to the phone.
How-to flash a file using gen-blob:
On linux as root:
#initialize the phone: ./boot_usb setflag usb ./boot_usb gen-blob 0 # proceed to a preliminar backup is alway safer: ./boot_usb read <address> <size> <$backup_file_name> # Then flash: ./boot_usb flash <address> <$file_to_flash>
- Addresses unit is the byte, it can be in hexadecimal (don't forget the "0x" prefix!) or in decimal base.
- "boot-usb flash" will use the file's size and add a "padding" of zeros (it portion the writing ONLY in 131072 bytes (0x20000) sections).
- "boot_usb read" will backup parts (or the full content) of the flash memory when the size of this portion is a multiple of 4.
Gen1 kernel example (A780, E680)
WARNING IN THIS CASE WE SUPPOSE YOU DON'T HAVE GEN_BLOB FLASHED
With gen-blob flashed, you'll need to follow the Dual_boot pages (basicly, you will need to offset the kernel, the actual rule is 128KiB for gen-blob space, and also add an asm hack ("flag") to tell gen-blob where to look for the kernel, so gen-blob space, and the 4Bytes flag will have to be subtracted to the maximum space for the kernel in flash memory).
On A780 and E680, the kernel is located at 0x20000, so to (re)flash it:
Get a kernel, (cross-compile it if necessary), then:
Check if its size is not higher than 917504bytes (896Kb) :
wc -c zImage
Prepare the "zImage" file to be flashed:
dd if=/dev/zero of=/tmp/kernel_mtd bs=917504 count=1 dd if=zImage of=/tmp/kernel_mtd conv=notrunc
On linux, as root, flash a gen1 kernel with:
#initialise the phone (phone needs to be in bootloader "flash mode"). ./boot_usb setflag usb ./boot_usb genblob 0 # proceed to a safety backup ./boot_usb read 0x20000 0xE0000 kernel-backup #flash a kernel image ./boot_usb flash 0x20000 /tmp/kernel-mtd rm /tmp/kernel-mtd
Note: Without gen-blob, you could use a 128KiB flash area, that is just after the kernel, and that is unused on the gen1 phones, with gen-blob, you will already need to use it, so the 896Kib maximum size will be really mandatory.
Gen2 kernel example (A1200, E6, E2, A910)
WARNING IN THIS CASE WE SUPPOSE YOU DON'T HAVE GEN_BLOB FLASHED
With gen-blob flashed, you'll need to follow the Dual_boot pages (basicly, you will need to offset the kernel, the actual rule is 128KiB, for gen-blob space, and add an asm hack ("flag") to tell gen-blob where to look for the kernel, so gen-blob space, and the 4Bytes flag will have to be subtracted to the maximum space for the kernel in flash memory).
On GEN2 devices, the kernel is located at 0xA0000, so to (re)flash it:
Get a kernel, (cross-compile it, then:
Check if its size is not higher than 1048576bytes (1024Kb):
wc -c zImage
Prepare the "zImage" file to be flashed:
dd if=/dev/zero of=/tmp/kernel_mtd bs=1048576 count=1 dd if=zImage of=/tmp/kernel_mtd bs=2048 seek=1 conv=notrunc
On linux, as root, flash a gen2 kernel with:
#initialise the phone (phone needs to be in bootloader "flash mode"). ./boot_usb setflag usb ./boot_usb genblob 0 # proceed to a safety backup ./boot_usb read 0xA0000 0x100000 kernel-backup #flash a kernel image ./boot_usb flash 0xA0000 /tmp/kernel-mtd rm /tmp/kernel-mtd
Flashing using cyph's flashkit and /dev/mtd
You need to get cyph's flashkit and the source for his rwflash kernel module.
The flashkit has a precompiled rwflash module onboard, but unfortunately this one has a bug don't allowing to flash a kernel image. This bug is fixed in the source of rwflash.
In order to get the kernel module compiled you need the motorola 2.4 kernel source and a working crosscompile toolchain. Please read Crosscompile.
Just replace the old module with the new one and follow the flashkit README.
Display the list of all the mtd "partitions":
cat /proc/mtd
You can flash your own zImage into /dev/mtd4 (at least it's this mtd on unlocked A780). But be aware that the size of you zImage could not be higher then 896kbyte.
Categories: Development | E680 | A780 | A1200 | A910 | Rokr E2 | Rokr E6
