Database Info

Binary partition 1 corrupt

Hi,
I ran doctest on my prophet which ended up corrupting the doc. I managed to get the doc fixed except for binary partition 1. Now I have a prophet which boots into the OS, but has a corrupt CID, IMEI, SIMLOCK, GSMDATA, etc- which means my prophet is now a PDA without a phone...
In short, 0x0-0x44000 area on binary partition 1 is corrupt and I don't have a backup of it.
Can a dump of this block from another prophet be used directly on my device? What all would have to be reconstructed in this block to make it run successfully on my device?
Pls help!

slickdick said:
Hi,
I ran doctest on my prophet which ended up corrupting the doc. I managed to get the doc fixed except for binary partition 1. Now I have a prophet which boots into the OS, but has a corrupt CID, IMEI, SIMLOCK, GSMDATA, etc- which means my prophet is now a PDA without a phone...
In short, 0x0-0x44000 area on binary partition 1 is corrupt and I don't have a backup of it.
Can a dump of this block from another prophet be used directly on my device? What all would have to be reconstructed in this block to make it run successfully on my device?
Pls help!
Click to expand...
Click to collapse
for people reading this, DO NOT RUN DOCTEST ! EVER !
for sidekick, what do you have ? G3/G4?
if you have a G3 it should be possible to fix with itsme tools if you know what you are doing.

I have a G3 IPL 1.0 SPL 2.15.0000 (+gold card)
I have managed to get 0x00000-0x10000 from a wizard (cid locked/sim unlocked). Updated it with superCID using typhooncidedit.pl and flashed it on my doc using pdocwrite.
However, I am still getting a "GetDeviceCID: Error - InitDecoder" on running 'info 2', IMEI is still the default 44xxxx... and am getting Simlock.exe error-"Data error: contact service....." on inserting a SIM
I can think of the following three reasons why this hasn't worked for me:
1. wizard and prophet have different CID blocks and one from prophet might work
2. CID block contains a unique device specific identifier (docuniqueid maybe) apart from what is not mentioned in typhooncidedit.pl
# 0x0000-0x0004 - version
# 0x0010-0x0018 - checksum cryptkey
# 0x0140-0x0148 - imei
# 0x0160-0x0180 - cid
# 0x01a0-0x01a8 - keyindex at byte +3
# 0x1200-0x1a00 - cid cryptkey
# 0x1c80-0x1c88 - lockflag
# 0x1d00-0x1f00 - lockcodes
# 0x4000-0x4400 - mccmnc ??
# 0xfff8-0xffff - checksum of 0-0xfff8
3. the device looks at information in 0x10000-0x40000 at least for IMEI & simlock
Am I on the right track or are there any easier alternatives? Either ways, I think it is important for me to get 0x00000-0x44000 of a G3 prophet in order to investigate further.
It would of GREEEAAAT help if someone can provide me a dump of this area
pdocread -n 1 0 0x40000 cidblock.bin
pdocread -n 1 0x40000 0x4000 -b 0x4000 gsmdata.bin
(pls also mention your docuniqueid from 'pdocread -l')

slickdick said:
I have a G3 IPL 1.0 SPL 2.15.0000 (+gold card)
I have managed to get 0x00000-0x10000 from a wizard (cid locked/sim unlocked). Updated it with superCID using typhooncidedit.pl and flashed it on my doc using pdocwrite.
However, I am still getting a "GetDeviceCID: Error - InitDecoder" on running 'info 2', IMEI is still the default 44xxxx... and am getting Simlock.exe error-"Data error: contact service....." on inserting a SIM
I can think of the following three reasons why this hasn't worked for me:
1. wizard and prophet have different CID blocks and one from prophet might work
2. CID block contains a unique device specific identifier (docuniqueid maybe) apart from what is not mentioned in typhooncidedit.pl
# 0x0000-0x0004 - version
# 0x0010-0x0018 - checksum cryptkey
# 0x0140-0x0148 - imei
# 0x0160-0x0180 - cid
# 0x01a0-0x01a8 - keyindex at byte +3
# 0x1200-0x1a00 - cid cryptkey
# 0x1c80-0x1c88 - lockflag
# 0x1d00-0x1f00 - lockcodes
# 0x4000-0x4400 - mccmnc ??
# 0xfff8-0xffff - checksum of 0-0xfff8
3. the device looks at information in 0x10000-0x40000 at least for IMEI & simlock
Am I on the right track or are there any easier alternatives? Either ways, I think it is important for me to get 0x00000-0x44000 of a G3 prophet in order to investigate further.
It would of GREEEAAAT help if someone can provide me a dump of this area
pdocread -n 1 0 0x40000 cidblock.bin
pdocread -n 1 0x40000 0x4000 -b 0x4000 gsmdata.bin
(pls also mention your docuniqueid from 'pdocread -l')
Click to expand...
Click to collapse
you are on the right track, as you have a G3 it should be possible to fix as pdocwrite can write a G3 DOC
as you can see from my signature, my G3 is bricked so I can't help at the moment
however, I see you have a gold card !? care to explain how you made it ?
Thanks

Prophet Goldcard
I just followed the instructions in typhoonnbfdecode.pl with slight modifications to some checks in IPL & OS
you have a bricked G3.... stuck in bootloader I presume? There are two ways you can fix it with the help of a gold card.
1. Cardid is known and docuniqueid is not known
use tornado keys and xxx magic and '00' as first two chars in cardid to generate a securitylevel=0 non-flashable sd image.
>perl typhoonnbfdecode.pl -d prophet_gold.img -p magic=xxx -p cardid=00610032DF69A01947323044534D5402 -p keys=tornado -p seclevel=0
using this card I get a the normal bootloader screen but with a security level of 0
Cmd>set 32 0
+ SD Controller init
- SD Controller init
+StorageInit
***** user area size = 0x7AC00000 Bytes
Unlimited time!
GetDeviceCID: Error - InitDecoder <<<<< due to corrupt bin partition 1
g_cKeyCardSecurityLevel = 0 <<<<< Voila!
now use the l or lr command in bootloader!!!
2. both Cardid and and docuniqueid are known
use tornado keys and '00' as first two chars in cardid to generate a flashable sd image.
however, for this to work, comment out all the checks in validate_os and the BIPO check in validate_ipl in typhoonnbfdecode.pl
>perl typhoonnbfdecode.pl -d sd80.img -p cardid=00610032DF69A01947323044534D5402 -p keys=tornado -p seclevel=0 -p docuniqueid=00000000a440020420380318130b0571 -r os=OS.nb
no more "Not Allow Update" 's

I'm so busy now in the college exams, this is my graduation year, and I only look at the posts like checking my mail without replying.
But at least I find a guy understand what he is doing, and has no ego, and polite, not like others in this very impolite, and the problem they are stupid, and think themselves understand, all what they do, reading and repeating without understanding or try to improve.
After this long story you don't have to read it, trying to help you if I can.
About the IMEI block => try to use IMEI wizard for changing the IMEI for prophet it will overwrite the old block. It uses pdocwrite.exe =pdocread.exe
About the other blocks I have a G3 prophet IPL 2.10 SPL 2.20 and I have back up with r2sd all and unlocked CID.
I'll pdocread any block you want but I'm going to send it by e-mail in parts, because I can't guarantee the net in big files, so just read your private messages.

slickdick said:
I just followed the instructions in typhoonnbfdecode.pl with slight modifications to some checks in IPL & OS
you have a bricked G3.... stuck in bootloader I presume? There are two ways you can fix it with the help of a gold card.
1. Cardid is known and docuniqueid is not known
use tornado keys and xxx magic and '00' as first two chars in cardid to generate a securitylevel=0 non-flashable sd image.
>perl typhoonnbfdecode.pl -d prophet_gold.img -p magic=xxx -p cardid=00610032DF69A01947323044534D5402 -p keys=tornado -p seclevel=0
using this card I get a the normal bootloader screen but with a security level of 0
Cmd>set 32 0
+ SD Controller init
- SD Controller init
+StorageInit
***** user area size = 0x7AC00000 Bytes
Unlimited time!
GetDeviceCID: Error - InitDecoder <<<<< due to corrupt bin partition 1
g_cKeyCardSecurityLevel = 0 <<<<< Voila!
now use the l or lr command in bootloader!!!
2. both Cardid and and docuniqueid are known
use tornado keys and '00' as first two chars in cardid to generate a flashable sd image.
however, for this to work, comment out all the checks in validate_os and the BIPO check in validate_ipl in typhoonnbfdecode.pl
>perl typhoonnbfdecode.pl -d sd80.img -p cardid=00610032DF69A01947323044534D5402 -p keys=tornado -p seclevel=0 -p docuniqueid=00000000a440020420380318130b0571 -r os=OS.nb
no more "Not Allow Update" 's
Click to expand...
Click to collapse
Create, Let me try some things here, In my gold card thread I've started outlining this.
I used the same steps as you did, however I got stuck in getting the cardid, for some reason the memdump didnt contain the cardid.
which route did you use to get the cardid ?
(I used my second prophet to get that, but failed)
Thanks for the explaining so far.

paradis_pal said:
I'm so busy now in the college exams, this is my graduation year, and I only look at the posts like checking my mail without replying.
But at least I find a guy understand what he is doing, and has no ego, and polite, not like others in this very impolite, and the problem they are stupid, and think themselves understand, all what they do, reading and repeating without understanding or try to improve.
After this long story you don't have to read it, trying to help you if I can.
About the IMEI block => try to use IMEI wizard for changing the IMEI for prophet it will overwrite the old block. It uses pdocwrite.exe =pdocread.exe
About the other blocks I have a G3 prophet IPL 2.10 SPL 2.20 and I have back up with r2sd all and unlocked CID.
I'll pdocread any block you want but I'm going to send it by e-mail in parts, because I can't guarantee the net in big files, so just read your private messages.
Click to expand...
Click to collapse
Nice to see you back on the board, I've read some of your early posts and they were a great help !
If you could help out that would be great, I know what it is like during exams

Id would be great if you guys could help me find the cardid, I'm trying to get this, but im guessing i'm looking at the wrong section:
Using memmap on my G4 i've dumped the memory section of device.exe
pmemmap -s 0x06000000 -w deviceexe.mem -p 0x10000000-0x12000000
However when searching through it, I can't find the SBDS/ Memory Card section, only a RSDS section at 0x1101C.
Am I dumping the wrong section ?

try to search for memory card using unicode character set ((winhex)), because it's writtin in unicode
I'm not sure, if you are using any other ROM but try to use original qteck s200 rom 2.20 without insalling anyother programs, and try again without installing the ext rom,
try any debuger manger to find out the memory section of device.exe cause it is not always 0x06000000

paradis_pal said:
try to search for memory card using unicode character set ((winhex)), because it's writtin in unicode
I'm not sure, if you are using any other ROM but try to use original qteck s200 rom 2.20 without insalling anyother programs, and try again without installing the ext rom,
try any debuger manger to find out the memory section of device.exe cause it is not always 0x06000000
Click to expand...
Click to collapse
Thanks for the advice, I did use winhex in unicode, I will try with the qtek rom,I will post an update soon, getting my card reader at work now
hope your exams are going ok !

How to find Cardid on Prophet
For CardID, on my G3, I did not find the SBDS signature in the memory dump of device.exe. However, there were two occurances of Unicode "Memory Card". 73 (0x49) bytes after one of them was what I could recognize as the cardid.
From what I can make of the codes (ASCII) mentioned in typoonnbfdecode.pl
'UE...c.U821DSDS.' for minisd
'[email protected]' for kingston
'?<.e.Gd.821DSMT.' for daneelec
All three have 821, which is reverse of 128!!! size 128MB!!! Ring-a-bell?!? Can we interpret similar structure for all other cards < 1GB?
'DSMT' seems to be standard for Dane Elec cards. same can be interpreted for other types like DSDS looks to be standard(maybe somone can confirm this)
If you analyze the ASCII of card id of my 2GB Dane Elec- '%a.2ßi..G20DSMT.'
you will see 'G20' representing size (representation for size seems to be different for cards > 1G. Again, someone needs to confirm this observation) and 'DSMT' standard signature for Dane Elec.
All in all, if you are not able to find the 'Memory Card' pattern, depending upon card make and size, search for any of the CardID ASCII patterns in the memory dump.
(btw, To find the starting offset of CardId- third character of CardId seems to be 0x00. If you are familiar with using grep, finding cardid in the memory dump could be easier)
Let me know if this helps.

Reverse of cardids is shown below:
minisd in typoonnbfdecode.pl
03 53 44 53 44 31 32 38 55 00 63 CF AC 00 45 55 SDSD128U cϬ EU
kingston in typoonnbfdecode.pl
18 49 4E 31 32 38 4D 42 03 40 1F 53 09 00 51 3F IN128MB @ S Q?
Dane Elec in typoonnbfdecode.pl
02 54 4D 53 44 31 32 38 07 64 47 BA 65 00 3C 3F TMSD128 dGºe <?
and finally my 2GB Dane elec
02 54 4D 53 44 30 32 47 19 A0 69 DF 32 00 61 25 TMSD02G *iß2 a%
Makes sense? I think you can directly search for the cardid pattern in the memory dump.

slickdick said:
Reverse of cardids is shown below:
minisd in typoonnbfdecode.pl
03 53 44 53 44 31 32 38 55 00 63 CF AC 00 45 55 SDSD128U cϬ EU
kingston in typoonnbfdecode.pl
18 49 4E 31 32 38 4D 42 03 40 1F 53 09 00 51 3F IN128MB @ S Q?
Dane Elec in typoonnbfdecode.pl
02 54 4D 53 44 31 32 38 07 64 47 BA 65 00 3C 3F TMSD128 dGºe <?
and finally my 2GB Dane elec
02 54 4D 53 44 30 32 47 19 A0 69 DF 32 00 61 25 TMSD02G *iß2 a%
Makes sense? I think you can directly search for the cardid pattern in the memory dump.
Click to expand...
Click to collapse
Great ! thanks, I'm dumping right now, after looking for the memory adress of device.exe using pps
will update in a moment

uhmm, I think we have a winner ??
at 00729EC0
23 61 00 3D 92 68 10 80 32 31 35 52 53 44 53 03
#a.=’h.€215RSDS.
for a 512 MB sandisk sd card
created the image, I now have sec level 0.
I've downloaded mtty and want to upload a new SPL using the L or LR command, however I don't know what parameters L or LR takes ?
is it just L <filename>
or do I have to specify the memory adress or the SPL ?

Jesterz said:
is it just L <filename>
or do I have to specify the memory adress or the SPL ?
Click to expand...
Click to collapse
Code:
l <path_name> <startAddr offset>
You have to specify the address of the SPL, if you don't specify it most probably will default to OS address.

pof said:
Code:
l <path_name> <startAddr offset>
You have to specify the address of the SPL, if you don't specify it most probably will default to OS address.
Click to expand...
Click to collapse
ok thanks ! i'm going to give this a go
l spl.nb 0x91000000
fingers crossed, lol

Cmd>l spl.nb 91000000
clean up the image temp buffer at 0x8C100000 Length 0x03900000
BOOTLOAD_PAGE_TABLE_BASE_C_VIRTUAL= 0x8C080000
Clear image temp buffer done .
MTTYDownloadImage "spl.nb"
:F=spl.nb
start download

SAddress A0000000h Length 000C0000h, pszImageTempBuffer = 8C100H000h
OEMGetFlashIndex()- dwVaddr = 0xA0000000
OEMGetFlashIndex()- iIndex = 0xFFFFFFFF
Start flashing new image!!!
<CE-31><CE-1167><CE-995>
weird, the screen then goes all white, and I hear the usb disconnect, for the rest nothing happens.
which format does the spl file need to be ? i've used the "standard" nb file
i'm trying more stuff, but right now, i'm clueless

Jesterz said:
BOOTLOAD_PAGE_TABLE_BASE_C_VIRTUAL= 0x8C080000
Click to expand...
Click to collapse
This seems good, as it is the virtual address from where the bootloader expects to be executed.
Jesterz said:
weird, the screen then goes all white, and I hear the usb disconnect, for the rest nothing happens.
Click to expand...
Click to collapse
Weird... I believe command "l" auto-launches code once downloaded, probably this is the reason.
Jesterz said:
which format does the spl file need to be ? i've used the "standard" nb file
Click to expand...
Click to collapse
I think it should be a BIN file with "l" command... maybe try "lnb" command? (I don't know if prophet has it, I don't have a prophet). Hope the previous "l" command hasn't screewed things more than they where.
Just out of curiosity, tell me how the story ends

pof said:
I think it should be a BIN file with "l" command... maybe try "lnb" command? (I don't know if prophet has it, I don't have a prophet). Hope the previous "l" command hasn't screewed things more than they where.
Just out of curiosity, tell me how the story ends
Click to expand...
Click to collapse
as far as i know, "l" is for .bin only (at least on wizard)... I hope Jesterz did not just nuke his bootloader.

[GUIDE] UK "3" USB Modem ZTE MF110/112 Working on ZT-180!

hey guys n gals, iv been reg'd a few days now n thought id make my first post a worth while one
Alot of the credit though must go to Christian Buchner for his initial guide of getting a ZTE usb modem working with vodafone over in Germany.
NOTE: BASED ON ZT-180 SLATE 0929 FIRMWARE (rooted)
To get your ZTE modem working you must be able to use adb confidently!
ok first things first, as Christian pointed out in his guide, if the Flash drive side of the modem is enabled, your slate wont recognise it, so our first job is to disable it.
*Nix Users - Im assuming you have a good knowledge of AT commands already and how to use them so just run
Code:
AT+ZCDRUN=8
Windows Users See Here hxxp://3g-modem.wetpaint.com/page/executing+AT-commands+under+Windows
and execute the above AT command
Right, so now our slate recognises our Modem, now lets get this rocking and get connected.
You will need to Pull the following files from your slate
note: some files may not exist so you will have to create them
/system/etc/ppp/peers/cdma
/system/etc/ppp/peers/cdma_h
/system/etc/ppp/peers/cdma~
/system/etc/ppp/options-3g
/system/etc/ppp/chat-3g-connect
/system/etc/ppp/chat-3g-disconnect
/system/etc/ppp/pap-secrets
/system/etc/ppp/chap-secrets
Now heres what goes in them...
/system/etc/ppp/peers/cdma
Code:
file /system/etc/ppp/options-3g
connect '/system/xbin/chat -v -f /system/etc/ppp/chat-3g-connect'
disconnect '/system/xbin/chat -v -f /system/etc/ppp/chat-3g-disconnect'
user three
/system/etc/ppp/peers/cdma_h
Code:
file /system/etc/ppp/options-3g
connect '/system/xbin/chat -v -f /system/etc/ppp/chat-3g-connect'
disconnect '/system/xbin/chat -v -f /system/etc/ppp/chat-3g-disconnect'
user three
/system/etc/ppp/peers/cdma~
Code:
file /system/etc/ppp/options-3g
connect '/system/xbin/chat -v -f /system/etc/ppp/chat-3g-connect'
disconnect '/system/xbin/chat -v -f /system/etc/ppp/chat-3g-disconnect'
user three
/system/etc/ppp/options-3g
Code:
/dev/ttyUSB3
921600
nolock
crtscts
modem
passive
novj
defaultroute
noipdefault
usepeerdns
noauth
hide-password
debug
nodetach
ipcp-accept-local
ipcp-accept-remote
/system/etc/ppp/chat-3g-connect
Code:
ABORT "BUSY"
ABORT "NO CARRIER"
ABORT "VOICE"
ABORT "NO DIALTONE"
ABORT "NO DIAL TONE"
ABORT "NO ANSWER"
ABORT "DELAYED"
ABORT "ERROR"
REPORT CONNECT
TIMEOUT 10
"" AT
OK AT+CGDCONT=1,"IP","3internet"
OK ATDT*99#
TIMEOUT 20
CONNECT ""
/system/etc/ppp/chat-3g-disconnect
Code:
ABORT "BUSY"
ABORT "ERROR"
ABORT "NO DIALTONE"
SAY "\nSending break to the modem\n"
"" "\K"
"" "\K"
"" "\K"
"" "\d\d+++\d\dATH"
SAY "\nPDP context detached\n"
/system/etc/ppp/pap-secrets
Code:
# client server secret IP addresses
three * three
/system/etc/ppp/chap-secrets
Code:
# client server secret IP addresses
three * three
Now Push all the files back into your slate and reboot.
Once you plug your modem in you will notice it show signal strength, however sometimes it requires you to set an APN up manually, but try a hard reset first if that fails, this is how to do it...
Settings > Wireless & Networks > Mobile Networks > Access Point Names
Name : Anything
APN : 3internet
Username : three
Password : three
Authentication Type : PAP or CHAP
and thats really all there is to it!

nitr0genics said:
hey guys n gals, iv been reg'd a few days now n thought id make my first post a worth while one
Hello !!! I received 180 ZT 1030 and have upgraded the firmware. Now I want to use ZTE 3G modem mf100 follow your instructions but still not on the internet. I live in Russia and the Beeline network using WCDMA. Looking forward to your help. Excuse my English . Thanks !!!
Click to expand...
Click to collapse

Hi nitr0genics,
I tried this with Frojo and it works perfect . Thank you for this also to all other experts.

(google translate, hope you understand )
Hi people
I read the surfstick from german provider 1und1 (ZTE MF110) to run in the ZT-180. Do any of you can experience the driver has to extract? i will use the stick in my gome flytouch2
thx

working on android
hello, does anyone know if this means that we can use the MF110 on any android device with froyo??
thanks

”You will need to Pull the following files from your slate
note: some files may not exist so you will have to create them
/system/etc/ppp/peers/cdma
/system/etc/ppp/peers/cdma_h
/system/etc/ppp/peers/cdma~
/system/etc/ppp/options-3g
/system/etc/ppp/chat-3g-connect
/system/etc/ppp/chat-3g-disconnect
/system/etc/ppp/pap-secrets
/system/etc/ppp/chap-secrets”
How can i make these files, because if iuse notepad those are no more executabiles ?

Perl scripts to encrypt/decrypt adb backup files

I wrote the following attached PERL routines for reading/decrypting/decompressing and writing/encrypting/compressing adb backup format backup files.
The routines are:
backupdecrypt.pl: Decrypt (and decompress) android backup file
backupencrypt.pl: Encrypt (and decompress) android backup file
tarfix.pl: Fix broken tar files produced by android backup when using -shared flag
The first two routines allow for reading and writing to the standard ".ab" adb backup format.
Backupdecrypt.pl takes an '.ab' file as input and outputs a standard format tar file (which may be optionally gzip'd).
Backupencrypt.pl takes an arbitrary file (though typically it should be tar file) as input and outputs a standard ".ab" format backup file. Options include the ability to encrypt (or not) and deflate (or not) the backup. Also, one can automatically decompress most standard input formats before encrypting.
For encryption, passwords can be queried for or passed on the command line or read from a file.
NOTE: unfortunately the standard 'adb backup' routine seem to have a SEVERE *BUG* in it when using the '--shared' option in combination with certain other options.
First, the backup is not compressed even though the header claims it is. To get around this, backupdecrypt.pl has a --nocompress option to override the header.
Second, the encapsulated tar file is corrupted by the insertion of 4 extra bytes before every file header and before every group of 64 512-byte blocks of data.
The third routine tarfix.pl fixes this corruption and outputs a normal readable tar file. So, if you are not able to recover a valid tar backup file using backupdecrypt.pl, try doing the following:
backupdecrypt.pl --nocompress <backup.ab> <backupdata>
tarfix.pl backupdata | tar xv
Enjoy!
NOTE: I am incredibly grateful to Nikolay Elenkov for providing sample java routines and for help in understanding the encryption formats

Thanks for this. I was looking for away to peek into the backup file.

Problem decrypting
just what i was looking for, unfortunately, the tarfix.pl doesn't seem to like my backup.
Code:
[email protected]:~/Sandbox/transformerprime$ ~/bin/adbbackup/backupdecrypt.pl --nocompress backup.ab decrypted
the following is where things get funky. not recognized as a tar archive
Code:
[email protected]:~/Sandbox/transformerprime$ ~/bin/adbbackup/tarfix.pl decrypted | tar xv
Illegal binary digit ']' ignored at /home/user/bin/adbbackup/tarfix.pl line 107.
Wide character in oct at /home/user/bin/adbbackup/tarfix.pl line 107.
Illegal binary digit '�������������' ignored at /home/user/bin/adbbackup/tarfix.pl line 107.
tar: This does not look like a tar archive
tar: Skipping to next header
Illegal octal digit '8' ignored at /home/user/bin/adbbackup/tarfix.pl line 107.
Wide character in oct at /home/user/bin/adbbackup/tarfix.pl line 107.
Illegal binary digit '�������������' ignored at /home/user/bin/adbbackup/tarfix.pl line 107.
Illegal hexadecimal digit 'X' ignored at /home/user/bin/adbbackup/tarfix.pl line 107.
Illegal hexadecimal digit '' ignored at /home/user/bin/adbbackup/tarfix.pl line 107.
Illegal octal digit '9' ignored at /home/user/bin/adbbackup/tarfix.pl line 107.
Wide character in oct at /home/user/bin/adbbackup/tarfix.pl line 107.
Illegal binary digit '�������������' ignored at /home/user/bin/adbbackup/tarfix.pl line 107.
Wide character in oct at /home/user/bin/adbbackup/tarfix.pl line 107.

Fix for tarfix.pl issue
I had ran into issues with ADB backups performed under Android 4.0.4 before the JB upgrade (on a Samsung Galaxy Nexus). I did include the shared storage (accidentally or intentionally I don't remember) and I ran into this bug (Android issue 28303; sorry, I am new here and not allowed to post outside links). Some investigation revealed that while the backup was supposedly AES encrypted and "Deflate" compressed, this was only true for the first "part" of it. At around 150 MB into the file, a simple tar archive of the SD card content was appended. ADB was unable to restore any SD card content per the bug linked to above.
What I did to resolve:
Use a hex editor (HxD) to get to the start of the appended tar archive
Copy this part to a new ".tar" file
Experiment with tarfix.pl and run into the same issues as the previous poster
Look at the code and TAR file content and find out that 00 00 02 00 needs to be prepended to the tar file for tarfix.pl to do its job
Key learning was that the ADB backup tool will create plaintext, corrupted tar format backups that it cannot restore. It is problematic that while the user will believe they have an encrypted backup they can restore, they actually have a plaintext backup that they cannot restore...

Hi,
where did you get PBKDF2.pm from?
I couldnt find it in Fedora repos and the only one I got from the internat has an issue:
Undefined subroutine &Crypt:penSSL:BKDF2::derive called at ./backupdecrypt.pl line 266, <STDIN> line 1.
Thanks,
Klement

CPAN
All modules were pulled from CPAN directly (I had to use Cygwin as I was on the road), e.g. "perl -M CPAN -e shell" and then issuing "install Crypt:penSSL:BKDF2".

binaryhero said:
I had ran into issues with ADB backups performed under Android 4.0.4 before the JB upgrade (on a Samsung Galaxy Nexus). I did include the shared storage (accidentally or intentionally I don't remember) and I ran into this bug (Android issue 28303; sorry, I am new here and not allowed to post outside links). Some investigation revealed that while the backup was supposedly AES encrypted and "Deflate" compressed, this was only true for the first "part" of it. At around 150 MB into the file, a simple tar archive of the SD card content was appended. ADB was unable to restore any SD card content per the bug linked to above.
What I did to resolve:
Use a hex editor (HxD) to get to the start of the appended tar archive
Copy this part to a new ".tar" file
Experiment with tarfix.pl and run into the same issues as the previous poster
Look at the code and TAR file content and find out that 00 00 02 00 needs to be prepended to the tar file for tarfix.pl to do its job
Key learning was that the ADB backup tool will create plaintext, corrupted tar format backups that it cannot restore. It is problematic that while the user will believe they have an encrypted backup they can restore, they actually have a plaintext backup that they cannot restore...
Click to expand...
Click to collapse
I ran afoul of this (foolishly didn't finish the 30 page forum post on it before diving in ). I'm trying your perl solution now, but I'm afraid I'm unfamiliar with tar headers in a hex viewer. Could I trouble you for some pointers on how best to determine where the TAR starts? I understand there is some sort of header, but I can't figure out what to look for.
Thanks, though, the perl runs well and I'm learning alot (far more than I ever wanted, tbh) about tars,encrypted backups, adb, etc.
:good:

Thanks for your great tools! Here is some better way for unpacking?
dd if=mybackup.ab bs=1 skip=24 | openssl zlib -d > mybackup.tar
For packing (just need to add 24 butes to header (41 4E 44 52 4F 49 44 20 42 41 43 4B 55 50 0A 31 0A 31 0A 6E 6F 6E 65 0A)?
openssl zlib -in mybackup.tar -out gg.ab
Hope it helps! :good:

munjeni said:
Thanks for your great tools! Here is some better way for unpacking?
dd if=mybackup.ab bs=1 skip=24 | openssl zlib -d > mybackup.tar
For packing (just need to add 24 butes to header (41 4E 44 52 4F 49 44 20 42 41 43 4B 55 50 0A 31 0A 31 0A 6E 6F 6E 65 0A)?
openssl zlib -in mybackup.tar -out gg.ab
Hope it helps! :good:
Click to expand...
Click to collapse
Of course. You have to concatenate the created ab backup to the first 24 bytes.
Get the first 24 bytes of an unencrypted backup
Code:
dd if=mybackup.ab bs=24 count=1 of=first24
Concatenate
Code:
cp first24 backup.ab
openssl zlib -in mybackup.tar >> backup.ab
---------- Post added at 10:25 AM ---------- Previous post was at 10:21 AM ----------
binaryhero said:
All modules were pulled from CPAN directly (I had to use Cygwin as I was on the road), e.g. "perl -M CPAN -e shell" and then issuing "install Crypt:openSSL:BKDF2".
Click to expand...
Click to collapse
Says "Missing argument to -M."

You concatenation is wrong! Your command "cp" will overwrite backup.ab! You can concetate 2 files using "cat" for example "cat first24 backup.ab > new.backup.ab"
Do you have idea how I can generate timestamp of these file in "13 number" format?
<?xml version="1.0" encoding="UTF-8"?>
<recordset version="1" timestamp="1344764788434" size="61667">
<record name="back.ab" type="1" size="12662" order="1" catagory="1" id="back.ab"><packagelist><package>com.android.settings</package></packagelist></record>
</recordset>
Click to expand...
Click to collapse
Edit:
found a way for generating timestamt with 13 numbers
stat -c '%Y000' backup.ab

munjeni said:
You concatenation is wrong! Your command "cp" will overwrite backup.ab!
Click to expand...
Click to collapse
Of course, you have to use different names.

binaryhero said:
I had ran into issues with ADB backups performed under Android 4.0.4 before the JB upgrade (on a Samsung Galaxy Nexus). I did include the shared storage (accidentally or intentionally I don't remember) and I ran into this bug (Android issue 28303; sorry, I am new here and not allowed to post outside links). Some investigation revealed that while the backup was supposedly AES encrypted and "Deflate" compressed, this was only true for the first "part" of it. At around 150 MB into the file, a simple tar archive of the SD card content was appended. ADB was unable to restore any SD card content per the bug linked to above.
What I did to resolve:
Use a hex editor (HxD) to get to the start of the appended tar archive
Copy this part to a new ".tar" file
Experiment with tarfix.pl and run into the same issues as the previous poster
Look at the code and TAR file content and find out that 00 00 02 00 needs to be prepended to the tar file for tarfix.pl to do its job
Key learning was that the ADB backup tool will create plaintext, corrupted tar format backups that it cannot restore. It is problematic that while the user will believe they have an encrypted backup they can restore, they actually have a plaintext backup that they cannot restore...
Click to expand...
Click to collapse
Hi al!
I also ran into the problem, that my .ab backup created with -shared option can't be restored.
Running backupdecrypt.pl seems to work fine, but tar archive is corrpted. But not the whole file: e.g. Ark sees some files and folders both from apps and storage. When using tarfix.pl i get same errors like trogdan in 3rd post.
To me it seems, that not every file in the tar archive is corrupted. I tried with cpio to rescue at least something and it runs quite a while. It also can read files from storage folder, but fails then somewhere in the middle (to be specific: i have a TitaniumBackup folder in storage. cpio can copy some of the files from this folder, but then fails at others. i don't know, why the corrupted segment should start somewhere and not at the beginning of storage...)
binaryhero and others: could you be please more specific how you managed to repair the .ab file or at least rescued the containing files? I would like to know, how to get tarfix.pl working. Is it possible, that only segments of the .ab file are corrupted? how can i identify them?
Any help and hints are highly appreciated! Thanks in advance! LLAP _\V/, bye Marc.

marchard said:
Hi al!
I also ran into the problem, that my .ab backup created with -shared option can't be restored.
Click to expand...
Click to collapse
Create an adb backup with the apps/ folder only, and the shared/ is just the sdcard you can restore it with another adb backup or manually, for example via ftp.

scandiun said:
Create an adb backup with the apps/ folder only, and the shared/ is just the sdcard you can restore it with another adb backup or manually, for example via ftp.
Click to expand...
Click to collapse
Unfortunately dataloss occurred. that means, it is essential for me, to read somehow the content of .ab file.

marchard said:
Unfortunately dataloss occurred. that means, it is essential for me, to read somehow the content of .ab file.
Click to expand...
Click to collapse
zlib has to be able to process the ab file (considering that has no password). If zlib doesn't work, I don't know how could you workaround that, but seems impossible to me.
munjeni said:
You can concetate 2 files using "cat" for example "cat first24 backup.ab > new.backup.ab"
Click to expand...
Click to collapse
To overwrite is this operator: >
To binary append this one: >>
So in this case is being done right.

Hi all! I'm having a few problems, and not really sure where I'm going wrong so hoping you can help. I am coming from froyo (rooted) to jelly bean (not rooted), so cannot use adb backup on the froyo phone, and cannot use adb push on jelly bean (don't want to root my htc one x+). So at the moment I haven't got many options to transfer my app data from my froyo phone to jelly bean.
At the moment, my plan is to use adb pull on the froyo phone to grab my "app data" (specifically angry birds), and then use adb backup on the jelly bean phone to create a .ab file. I then use the OPs perl files to convert the .ab file to a .tar, and then extract that file (on Ubuntu 12.04), replace the app data in the extracted folder with my froyo app data, compress that back to a .tar, then use the perl file to convert back to .ab. I then use adb restore to restore the backup. However, when I then go into angry birds, its just reset and there is no save data. Can anybody see if there is anything wrong with what i'm doing?

cn198 said:
Hi all! I'm having a few problems, and not really sure where I'm going wrong so hoping you can help. I am coming from froyo (rooted) to jelly bean (not rooted), so cannot use adb backup on the froyo phone, and cannot use adb push on jelly bean (don't want to root my htc one x+). So at the moment I haven't got many options to transfer my app data from my froyo phone to jelly bean.
At the moment, my plan is to use adb pull on the froyo phone to grab my "app data" (specifically angry birds), and then use adb backup on the jelly bean phone to create a .ab file. I then use the OPs perl files to convert the .ab file to a .tar, and then extract that file (on Ubuntu 12.04), replace the app data in the extracted folder with my froyo app data, compress that back to a .tar, then use the perl file to convert back to .ab. I then use adb restore to restore the backup. However, when I then go into angry birds, its just reset and there is no save data. Can anybody see if there is anything wrong with what i'm doing?
Click to expand...
Click to collapse
I am almost 100% sure that you are generating an invalid tar file.

scandiun said:
I am almost 100% sure that you are generating an invalid tar file.
Click to expand...
Click to collapse
Is there a unique attribute applied to the original tar file then? Any idea how to generate a valid tar file?

cn198 said:
Is there a unique attribute applied to the original tar file then? Any idea how to generate a valid tar file?
Click to expand...
Click to collapse
It's not that simple. I am writing a guide based on a third party software for the purpose of Android backups. I'll post here as soon as is published. I hope to have it completed in a day our do.

scandiun said:
It's not that simple. I am writing a guide based on a third party software for the purpose of Android backups. I'll post here as soon as is published. I hope to have it completed in a day our do.
Click to expand...
Click to collapse
That sounds great, looking forward to seeing your efforts! :good:

[GUIDE][CWM] WLAN Calibration and MAC address fix [CM]

This is for CyanogenMod and its derivates. Stock ROMs should be fine.
If you are inrested in editing your MAC address, there's a guide linked below. I don't know if stock ROMs will automcatically correct the MAC. In this case I think you have to edit /efs/imei/.nvmac.info (read more something about /efs before playing with it!)
Click to expand...
Click to collapse
The easiest way to do the calibration is:
Turn wifi ON and run
Code:
tiwlan_plts -n
This is the script called from a oneshot init service in my init.latona.rc if someone is interested. It will calibrate and correct the MAC automatically, even after a data wipe:
Code:
#!/system/bin/sh
if [ ! -f /data/misc/wifi/nvs_map.bin ]; then
insmod /system/lib/modules/tiwlan_drv.ko
/system/bin/tiwlan_loader -i /system/etc/wifi/tiwlan.ini -f /system/etc/wifi/firmware.bin
/system/bin/tiwlan_plts -n
rmmod tiwlan_drv
fi
____________________________________
Older method
Click to expand...
Click to collapse
UPDATE: I found an easy way to get the real MAC.
Download the apk attached or run the following commands:
Code:
su
mount -o remount,rw /system
ln -s /system/lib/modules/tiwlan_drv.ko /system/etc/wifi/tiwlan_drv.ko
#Make sure wifi is off
./mfgloader -l #Take the binary from a stock ROM
./mfgloader -u
rm /system/etc/wifi/tiwlan_drv.ko
mount -o remount,ro /system
After that your MAC address shoud begin with D0:C1:B1 and not 08:00:28.
To see your current MAC: System Settings > About phone > Status (turn wifi on)
Click to expand...
Click to collapse
____________________________________
This is the first post with some more informations about the calibration
Click to expand...
Click to collapse
While I was reading some logs, I noticed these lines
Code:
TIWLAN: 1089.979242: Starting to process NVS...
TIWLAN: 1089.983698: No Nvs, Setting default MAC address
TIWLAN: 1089.989007: pHwInit->uEEPROMCurLen: 1c
TIWLAN: 1089.993462: ERROR: If you are not calibating the device, you will soon get errors !!!
...
TIWLAN: 1094.726827: Station ID : 08-00-28-12-03-58
...
You can see that the device is not calibrated and that the default MAC address is assigned.
Each device should have a unique MAC address, two devices with the same MAC address in the same network will give problems.
________
UPDATE
I made two flashable files:
wlan_calibration.zip will only do the calibration
wlan_calibration_rand.zip will do the calibration and will randomize the last three octets of the address
Click to expand...
Click to collapse
If you still want to do it on your own, here the guide:
_______________
WLAN Calibration
Here the steps you need to follow (taken from: WLAN Calibration):
1) Turn wifi off
2) From ADB/terminal emulator run the following commands [1]:
Code:
$ su
# cd /data/misc/wifi
# insmod /system/lib/modules/tiwlan_drv.ko
# start wlan_loader
# ifconfig tiwlan0 up
# tiwlan_cu -b
/ w p 1 l 2 f 2
/ t b v 21
/ t b t 1 0 0 0 0 0 0 0
/ q
# rmmod tiwlan_drv
This will create this file: /data/misc/wifi/nvs_map.bin. If it's not there, you did something wrong.
After that you should not get the error while turning wifi ON.
________
MAC address fix
Even after the calibration, you'll still have the default MAC address (Station ID : 08-00-28-12-03-58). But no problem, you can 'easly' change it: Editing the MAC Address.
You need to get the newly created /data/misc/wifi/nvs_map.bin and edit it with an hex editor as described in the guide linked above.
I still don't know if the calibration will improve anything, but it surely won't hurt:
For optimal Wi-Fi performance it is mandatory to calibrate the Wi-Fi hardware
Click to expand...
Click to collapse
NOTE: nvs_map.bin is in /data, so if you do a factory reset you have to do this again.
___
[1]
ADB: System settings > Developers options (ON) > Root access > Apps and ADB

Wow...good solution buddy. I think u shouldpost this in development thread. People dont look much in general thread.

this should be added to the cm9/10 instalation .zip file

I did flash the zip file, ran the other commands thru terminal and see the file /data/misc/wifi/nvs_map.bin.
I don't understand the next step to be done.
I cannot open the bin file using hexeditor, I gave it root access.
And, in case i open it what mac address should i use? Is some address hard coded to each phone?

Hetalk said:
I did flash the zip file, ran the other commands thru terminal and see the file /data/misc/wifi/nvs_map.bin.
I don't understand the next step to be done.
I cannot open the bin file using hexeditor, I gave it root access.
And, in case i open it what mac address should i use? Is some address hard coded to each phone?
Click to expand...
Click to collapse
I don't know how MAC are assigned, I simply randomized the last part of the address (I kept the first part: 80:00:28).
Anyway I just uploaded a new zip file to make things even simpler. It will automatically randomize the last four three groups. If you want to use it, you need to delete /data/misc/wifi/nvs_map.bin first. EDIT: I changed the script, now you can do the calibration without removing the file.
Anyway I don't know what's wrong with your editor, I did it from my computer.

I tried using hex editor from play store.
I'll try the new zip tomorrow..

As I wrote in the OP, today I found the way to get the original MAC.
I don't know what is needed to make the commands work while in recovery (services needed etc...), so I made a dummy app (I simply adapted the code of an app I made few days ago to do a similar thing).
No fancy icon (it's the default one), no checks, ugly etc... It simply does the job (my Java knowledge is almost zero)
EDIT:
I almost forgot to say that the real MAC is in /efs/imei/.nvmac.info. It was the first place where I looked, but it's an hidden file an I didn't see at first.

bam....

Dear @loSconosciuto
I following this guide to solve the problem that actually I have in my phone with CM 11. In the Status menu, "non available" appears in my device WIFI mac. I following the guide step by step and I couldn't change it.
Could you help me?

carniman78 said:
Dear @loSconosciuto
I following this guide to solve the problem that actually I have in my phone with CM 11. In the Status menu, "non available" appears in my device WIFI mac. I following the guide step by step and I couldn't change it.
Could you help me?
Click to expand...
Click to collapse
This guide is for the kernel 2.6.35 which uses a completely different driver, it's quite an old thread. The calibration is done in a different way and I don't think that's the problem.
I'm not using CM11, so it's quite hard for me to know exactly what's wrong.

loSconosciuto said:
This guide is for the kernel 2.6.35 which uses a completely different driver, it's quite an old thread. The calibration is done in a different way and I don't think that's the problem.
I'm not using CM11, so it's quite hard for me to know exactly what's wrong.
Click to expand...
Click to collapse
Ok, sir. Thank you for your help.

Hi there
trying to fix Samsung s4 active i9295 wifi problem. at least got the MAC address showing (was 02:lots of zeroes) still unable to start wifi. is there anything else I should search for? tiwlan_drv.ko was not there so I downloaded it sepparately. do I need some more modules to be added? using stock 4 file engineering FW Android 5.0.1

[Q&A] Running Ubuntu natively on the Shield Tablet

Q&A for Running Ubuntu natively on the Shield Tablet
Some developers prefer that questions remain separate from their main development thread to help keep things organized. Placing your question within this thread will increase its chances of being answered by a member of the community or by the developer.
Before posting, please use the forum search and read through the discussion thread for Running Ubuntu natively on the Shield Tablet. If you can't find an answer, post it here, being sure to give as much information as possible (firmware version, steps to reproduce, logcat if available) so that you can get help.
Thanks for understanding and for helping to keep XDA neat and tidy!

It's amazing
Wow, it is really great that we will be able to run Ubuntu on the Shield!!
As of now, how would you describe the performance of it? Is it laggy or running smoothly? Also, do I understand correctly from your fist post that wifi is not working? Is there other functions not working?

dual boot
Also, as someone managed to get an android /ubuntu dual boot?

Teve1982 said:
Wow, it is really great that we will be able to run Ubuntu on the Shield!!
As of now, how would you describe the performance of it? Is it laggy or running smoothly? Also, do I understand correctly from your fist post that wifi is not working? Is there other functions not working?
Click to expand...
Click to collapse
it works well enough, I don't have anything to compare it to but it's not slow or anything
WiFi and Bluetooth work now. Touchscreen doesn't work, and I don't know yet if it ever will on Linux. Touchscreen works too!
Teve1982 said:
Also, as someone managed to get an android /ubuntu dual boot?
Click to expand...
Click to collapse
it's already dual boot, Linux stays in its own directory on the userdata partition

miscellaneous info
Hi guys, I'm totally noob with linux and ubuntu so my question may be stupid:
How Can I dualboot lollipop and ubuntu on the shield tablet?
If I use the img linked here what is the command that I must use to flash on tablet? I need only that file or I need something else?
I saw that the image kernel file is updated frequently to implement new feature, how can I upgrade to a new version?
Thanks a lot and be patient with me
Polve72

Interest is peaked.
Sent from Bad Azz VZW LG G3 Cyan Tapatalk

Unable to complete boot
Hey guys,
so i followed the instructions to the letter, or at least i think so.
1. downloaded the latest boot image. new_boot(94)
2. downloaded , unpacked and repacked the files from nvidia as explained
3. transferred repacked bz2 file to device, unpacked in /data/linux/
4. booted using fastboot command with command extra command line arguement.
given that i add the extra command line argument, then ubuntu seems to boot fine, but it stops after a while with the last report being :
"enable autosuspend for nvidia bruce"
nothing seems to be happening after that...
i have tried the two previous boot images also, but the same thing happens... any ideas?

Ubuntu issues
Hey,
I tried following the directions on the post. I got the device rooted and unlocked the bootloader, cwm is installed, busybox is installed, and root checker says I am rooted. I also followed the directions and have the root file system moved across into /data. When I use fastboot to load the image, I get a kernel panic. Things are scrolling pretty quickly but it looks like the busybox operations that are trying to mount certain areas keep failing saying no such file or directory. It almost seems like from the bootloader, it can't see /data, however I am able to mount it via cwm and see the files are there via adb. One of the error messages I got on the boot was that "mount /dev/mmcblk0p24 on /data failed invalid argument". Would you have any idea what I might be missing here. One thing I did notice while following the directions was that sudo ./apply_binaries.sh did not seem to do anything, it just displays the usage info like it was expecting different arguments.
Any suggestions you have for me would be much appreciated.
Thanks.

polve72 said:
Hi guys, I'm totally noob with linux and ubuntu so my question may be stupid:
How Can I dualboot lollipop and ubuntu on the shield tablet?
If I use the img linked here what is the command that I must use to flash on tablet? I need only that file or I need something else?
I saw that the image kernel file is updated frequently to implement new feature, how can I upgrade to a new version?
Thanks a lot and be patient with me
Polve72
Click to expand...
Click to collapse
At the moment, I honestly can't recommend trying this if you have no Linux experience, it's still WIP (for example, the touchscreen and Bluetooth won't work without additional configuration), and this is still ARM so most closed-source software (such as most games) still won't work (at least not at acceptable performance levels). But, if you still want to try, you need to follow the instructions from the post that contains the boot.img downloads (mainly the rootfs part). At the moment there's no real solution for dual-booting, but it's possible to flash the boot.img to the recovery partition (after which, booting the recovery will go to Linux instead). Good luck!
dud3rin0 said:
Hey guys,
so i followed the instructions to the letter, or at least i think so.
1. downloaded the latest boot image. new_boot(94)
2. downloaded , unpacked and repacked the files from nvidia as explained
3. transferred repacked bz2 file to device, unpacked in /data/linux/
4. booted using fastboot command with command extra command line arguement.
given that i add the extra command line argument, then ubuntu seems to boot fine, but it stops after a while with the last report being :
"enable autosuspend for nvidia bruce"
nothing seems to be happening after that...
i have tried the two previous boot images also, but the same thing happens... any ideas?
Click to expand...
Click to collapse
Can you please post a picture of the screen when it gets stuck? (the bruce message usually appears after the rootfs is mounted, so since it doesn't continue, that probably failed). apply-binaries.sh should work fine, if it didn't run I think it would still boot, but there will be no GPU acceleration for sure (and maybe no X11 at all).
jfsir said:
Hey,
I tried following the directions on the post. I got the device rooted and unlocked the bootloader, cwm is installed, busybox is installed, and root checker says I am rooted. I also followed the directions and have the root file system moved across into /data. When I use fastboot to load the image, I get a kernel panic. Things are scrolling pretty quickly but it looks like the busybox operations that are trying to mount certain areas keep failing saying no such file or directory. It almost seems like from the bootloader, it can't see /data, however I am able to mount it via cwm and see the files are there via adb. One of the error messages I got on the boot was that "mount /dev/mmcblk0p24 on /data failed invalid argument". Would you have any idea what I might be missing here. One thing I did notice while following the directions was that sudo ./apply_binaries.sh did not seem to do anything, it just displays the usage info like it was expecting different arguments.
Any suggestions you have for me would be much appreciated.
Thanks.
Click to expand...
Click to collapse
It's possible that your internal memory isn't recognized by the kernel. I'll send you a PM later today with a custom kernel so that we can start debugging this, I've had this issue before but I'm pretty sure I fixed it early on.

@Bogdacutu
I think you'll right. I'll wait a better and more user friendly approach.
Polve72

Thanks. Any help is much appreciated.

Thank you
@Bogdacutu Thank you very much for this!!!! buntu runs fairly smooth on my Tablet. But how will you get x86 software run on ARM? I thought there is no way.
Best Regards

aarr_ee said:
@Bogdacutu Thank you very much for this!!!! buntu runs fairly smooth on my Tablet. But how will you get x86 software run on ARM? I thought there is no way.
Best Regards
Click to expand...
Click to collapse
qemu can run in userspace (so it can run x86 software relatively seamlessly without a full VM), but x86 apps can't load ARM libraries, so x86 apps don't have direct rendering (which slows them down even more than they are already)

Portable
Is there any way to make this possible for the Shield Portable?

Great project,
Are you able to play any linux games with decent fps? I ask because ive found following video:
https://www.youtube.com/watch?v=hRBPeNzE558

thewolf16 said:
Great project,
Are you able to play any linux games with decent fps? I ask because ive found following video:
https://www.youtube.com/watch?v=hRBPeNzE558
Click to expand...
Click to collapse
Pretty much any game compiled for ARM will work, so Steam games won't work without QEMU (and so far I haven't been able to get Steam to actually start properly), which would mean some performance loss.

Thank you for your answer
Will this work with your build?:
https://www.youtube.com/watch?v=uVknjU7eGbI
https://www.youtube.com/watch?v=4GUP27TJ5w4
This would be much faster than qemu.
EDIT: And can you run the 2D adventure game "Edna & Harvey: The breakout". Its an windows game but because its made in java you can run it natively on linux with the java-installer:
java -jar ednaunpack.jar
Click to expand...
Click to collapse

thewolf16 said:
Thank you for your answer
Will this work with your build?:
https://www.youtube.com/watch?v=uVknjU7eGbI
https://www.youtube.com/watch?v=4GUP27TJ5w4
This would be much faster than qemu.
Click to expand...
Click to collapse
Probably. I'm not planning to pay for that anytime soon as I really dislike their licensing scheme, so I can't know for sure if it works or not.
EDIT: decided to buy it, apparently they don't give you the license automatically, so I might have to wait a day or so until I get it

Not Enabled Bluetooth...
Hi,
I have the SHIELD TABLET 16GB Wi-Fi model and succeeded to run Ubuntu with new_boot(123).img!
Recently, I try to the bluetooth configuration to use bluetooth keyboard. However I cannot enable bluetooth.
To enable bluetooth, I do the following commands on terminal.
Code:
sudo aptitude install bluetooth bluez-hcidump bluewho bluez-tools blueman
git clone https://code.google.com/p/broadcom-bluetooth/
cd broadcom-bluetooth
make brcm_patchram_plus
sudo cp brcm_patchram_plus /usr/local/bin
sudo brcm_patchram_plus -d --patchram /system/etc/firmware/bcm43241.hcd --baudrate 3000000 --enable_lpm --enable_hci --use_baudrate_for_download --no2bytes --tosleep 1000 /dev/ttyTHS2
After brcm_patchram_plus, these message is shown.
Code:
option patchram with arg /system/etc/firmware/bcm43241.hcd
option baudrate with arg 3000000
option enable_lpm
option enable_hci
option use_baudrate_for_download
option no2bytes
option tosleep with arg 1000
/dev/ttyTHS2
writing
01 03 0c 00
writing
01 03 0c 00
(...looping)
The last 2 lines are looping until do Ctrl-C on terminal.
So I try to change the bluetooth setting from "OFF" to "ON" on the Unity's System Setting Panel.
After that, I retry the brcm_patchram_plus command and its output message is changed as bellow.
Code:
...
writing
01 18 fc 06 00 00 c0 c6 2d 00
received 7
04 0e 04 01 18 fc 00
Done setting baudrate
writing
01 27 fc 0c 01 01 01 01 01 01 01 00 00 00 00 00
received 7
04 0e 04 01 27 fc 00
Done setting line discpline
the brcm_patchram_plus doesn't finish until Ctrl-C. In this state, I can open the "Bluetooth New Device Setup" Panel.
However, I cannot find any bluetooth devices...(attatched picture) So I open the other terminal and type some commands.
Code:
$ hciconfig -a
hci0: Type: BR/EDR Bus: UART
BD Address: 43:24:1B:00:00:00 ACL MTU: 1021:8 SCO MTU: 64:1
DOWN
RX bytes:642 acl:0 sco:0 events:36 errors:0
TX bytes:983 acl:0 sco:0 commands:38 errors:0
Features: 0xbf 0xfe 0xcf 0xfe 0xdb 0xff 0x7b 0x87
Packet type: Dm1 DM3 Dm5 DH1 DH3 DH5 HV1 HV2 HV3
Link policy: RSWITCH SNIFF
Link mode: SLAVE ACCEPT
$ hcitool dev
Devices:
$ rfkill list
0: bluedroid_pm: Bluetooth
Soft blocked: yes
Hard blocked: no
1: phy0 Wreless LAN
Soft blocked: no
Hard blocked: no
2: brcmfmac-wifi: Wireless LAN
Soft blocked: no
Hard blocked: no
4: hci0: Bluetooth
Soft blocked: yes
Hard blocked: no
$ rfkill unblock all
$ rfkill list
0: bluedroid_pm: Bluetooth
Soft blocked: no
Hard blocked: no
1: phy0 Wreless LAN
Soft blocked: no
Hard blocked: no
2: brcmfmac-wifi: Wireless LAN
Soft blocked: no
Hard blocked: no
4: hci0: Bluetooth
Soft blocked: no
Hard blocked: no
$ hcitool scan
Device si no available: No such device
Please give me any advices!
Thanks,

How to make a keyboard and mouse work on it?
Thanks