ALL THE INFORMATION AND CODE IN THIS PACKAGE ARE PROVIDED AS-IS, WITHOUT WARRANTY OF ANY KIND. DONT BLAME ME IF YOU BRICK YOUR PHONE.

ALL THE CODE AND BINARY FILES IN THIS PACKAGE ARE FREE TO USE AND REDISTRIBUTE, WITH A GPL LICENSE OR SIMILAR.

HERE WE WILL FLASH RAW IMAGES/DATAS, FLASH ONLY A FILE IF YOU ARE SURE IT WILL WORK ON THE PHONE, AT THE PLACE YOU FLASH IT!

DO NOT FLASH MOTOROLA'S "STOCKS" OR "MODDED" FIRMWARES IN .SBF OR .SHX PROPRIETARY FILEFORMATS WITH GEN-BLOB OR FLASHKIT

Contents 1 Using moto-boot-usb and gen-blob 1.1 How-to flash a file using gen-blob: 1.2 Gen1 kernel example (ONLY FOR UNMODIFIEDS A780, E680 PHONES MODELS) 1.3 Gen2 kernel example (ONLY FOR UNMODIFIEDS A1200, E6, E2, A910 PHONES MODELS) 2 Flashing using cyph's flashkit and /dev/mtd

Using moto-boot-usb and gen-blob

Genblob is a bootloader developed by OpenEZX and most entirely by Daniel Ribeiro, it was needed by the developers to bypass the "BP pass through" mode and allowing BP communication, we still need it for the "hardware initialization" of the phone to stand with 2.6 kernel standards, it is a modified version of blob, that is used as a second stage bootloader.

Genblob adds a lot of features like read and write access to the NOR flash memory. (flash and Backups)

To send these commands we use the moto-boot-usb, we will also use it to send and receive the datas from and to the phone.

How-to flash a file using gen-blob:

On linux as root:

#initialize the phone:
./moto-boot-usb setflag usb
./moto-boot-usb gen-blob 0
# proceed to a preliminary backup is alway safer:
./moto-boot-usb read <address> <size> <$backup_file_name>
# Then flash:
./moto-boot-usb flash <address> <$file_to_flash>

• Addresses unit is the byte, it can be in hexadecimal (don't forget the "0x" prefix!) or in decimal base.
• "moto-boot-usb flash" will use the file's size and add a "padding" of zeros (it portion the writing ONLY in 131072 bytes (0x20000) sections).
• "moto-boot-usb read" will backup parts (or the full content) of the flash memory when the size of this portion is a multiple of 4.

---

Gen1 kernel example (ONLY FOR UNMODIFIEDS A780, E680 PHONES MODELS)

WARNING IN THIS CASE WE SUPPOSE YOU DON'T HAVE GEN_BLOB FLASHED

With gen-blob flashed, you'll need to follow the Dual_boot pages (basically, you will need to offset the kernel, the actual rule is 128KiB for gen-blob space, and also add an asm hack ("flag") to tell gen-blob where to look for the kernel, so gen-blob space, and the 4Bytes flag will have to be subtracted to the maximum space for the kernel in flash memory).

On A780 and E680, the kernel is located at 0x20000, so to (re)flash it:

Get a kernel, (cross-compile it if necessary), then:

Check if its size is not higher than 917504bytes (896Kb) :

wc -c zImage

Prepare the "zImage" file to be flashed:

dd if=/dev/zero of=/tmp/kernel_mtd bs=917504 count=1 
dd if=zImage of=/tmp/kernel_mtd conv=notrunc

On linux, as root, flash a gen1 kernel with:

#initialise the phone (phone needs to be in bootloader "flash mode").
./moto-boot-usb setflag usb
./moto-boot-usb genblob 0
# proceed to a safety backup
./moto-boot-usb read 0x20000 0xE0000 kernel-backup
#flash a kernel image
./moto-boot-usb flash 0x20000 /tmp/kernel-mtd
rm /tmp/kernel-mtd

Note: Without gen-blob, you could use a 128KiB flash area, that is just after the kernel, and that is unused on the gen1 phones, with gen-blob, you will already need to use it, so the 896Kib maximum size will be really mandatory. END OF Gen1 kernel example.

---

Gen2 kernel example (ONLY FOR UNMODIFIEDS A1200, E6, E2, A910 PHONES MODELS)

WARNING IN THIS CASE WE SUPPOSE YOU DON'T HAVE GEN_BLOB FLASHED

With gen-blob flashed, you'll need to follow the Dual_boot pages (basically, you will need to offset the kernel, the actual rule is 128KiB, for gen-blob space, and add an asm hack ("flag") to tell gen-blob where to look for the kernel, so gen-blob space, and the 4Bytes flag will have to be subtracted to the maximum space for the kernel in flash memory).

On GEN2 devices, the kernel is located at 0xA0000, so to (re)flash it:

Get a kernel, (cross-compile it, then:

Check if its size is not higher than 1048576bytes (1024Kb):

wc -c zImage

Prepare the "zImage" file to be flashed:

dd if=/dev/zero of=/tmp/kernel_mtd bs=1048576 count=1 
dd if=zImage of=/tmp/kernel_mtd bs=2048 seek=1 conv=notrunc

On linux, as root, flash a gen2 kernel with:

#initialise the phone (phone needs to be in bootloader "flash mode").
./moto-boot-usb setflag usb
./moto-boot-usb genblob 0
# proceed to a safety backup
./moto-boot-usb read 0xA0000 0x100000 kernel-backup
#flash a kernel image
./moto-boot-usb flash 0xA0000 /tmp/kernel-mtd
rm /tmp/kernel-mtd

END OF Gen2 kernel example.

---

Flashing using cyph's flashkit and /dev/mtd

You need to get cyph's flashkit and the source for his rwflash kernel module.

The flashkit has a precompiled rwflash module onboard, but unfortunately this one has a bug don't allowing to flash a kernel image. This bug is fixed in the source of rwflash.

In order to get the kernel module compiled you need the motorola 2.4 kernel source and a working crosscompile toolchain. Please read Crosscompile.

Just replace the old module with the new one and follow the flashkit README.

Display the list of all the mtd "partitions":

cat /proc/mtd

You can flash your own zImage into /dev/mtd4 (at least it's this mtd on unlocked A780). But be aware that the size of you zImage could not be higher then 896kbyte.