11/6/11 Update: Added statically-linked kexec to kexec_patches.tar.gz and example update.zips. Now works in stock recovery and CM7 CWM (with a kexec-patched kernel).
10/19/11 Update: Added patches for the recently released GB sources to kexec_patches.tar.gz.
Attached is a set of patches (kexec_patches.tar.gz) against EC05, and the recently released GB sources, to implement kexec syscall support in the Epic's kernel. kexec enables the booting of kernels "directly" from the SD card or over USB without having to flash them to the device first. This allows us to easily use, test, and switch between many kernels, not just the one (two with recovery) there's room for on flash.
When used in conjuction with modified init.rc scripts, this allows entire ROMs (with their own kernels) to run from SD card. In short, this allows us to run custom-kernel ROMs (e.g,. CyanogenMod) alongside each other or a stock kernel without having to flash back and forth.
Also attached is a modified version of the kexec userspace tool (also in kexec_patches.tar.gz, along with source and patches) that facilitates the proces of loading and kexecing a kernel image. Finally, attached is a demo EC05 kernel with kexec enabled (demo_kernel.tar.gz; mostly stock: RFS support only, testkeys recovery w/adbd, but does inlcude the keyboard patches), example update.zips that kexec an SD-card kernel from recovery--either as a normal boot (boot_zImage.zip) or recovery boot (boot_zImage_recovery.zip), and a script (patch_decomp_cachebufram.sh) to binary patch unmodified kernels to kexec boot faster.
Note, this thread is primarilly intended for kernel developers. Kexec probably won't be of great utility to end users until commonly-used kernels are patched. Also, although stock kernels can be kexec'd, they need some init.rc modifications boot an entire ROM from SD card. Hopefully the fine folks here will come up with a user-friendly implementation of this work that's easy for everyone to use.
Instructions:
Flash a kexec-enabled kernel (e.g., the attached demo kernel) to either /dev/block/bml7 or /dev/block/bml8. For testing purposes, this kernel needs either "ro.secure=0" or "ro.debuggable=1" set in default.prop, and also needs recovery.rc/fota.rc modified to spawn the adbd service, so that an adb root shell is available while in recovery. Also copy the attached kexec tool to a convenient location on the device (e.g., /data/local/tmp/kexec).
Reboot into recovery. If the kexec kernel is installed to bml7, run "adb reboot recovery" while the phone is running. If installed to bml8, power down and boot into recovery by holding the volume-down, camera, and power buttons.
Make sure adb is running as root. If it's not, try running "adb root".
Find the kernel (zImage) you wish to boot. These can be extracted from a kernel update.zip or Odin .tar file, or use the demo kernel again.
Push the zImage into RAM (tmpfs) with:
Code:
adb push zImage /tmp
Now, open an adb root shell with "adb shell" and run the commands:
Code:
mount -ro remount /dev/block/stl6 /mnt/.lfs
mount -ro remount /dev/block/stl9 /system
mount -ro remount /dev/block/stl10 /data
mount -ro remount /dev/block/stl11 /cache
/data/local/tmp/kexec --load-hardboot --mem-min=0x50000000 --append="console=ttySAC2,115200 loglevel=4" /tmp/zImage
sync
/data/local/tmp/kexec -e
after which the phone will reboot, show the SAMSUNG logo, and eventually boot the kexec'd kernel. Do note that when booting unmodified kernels (see below), the SAMSUNG logo will persist for ~30 seconds longer than usual.
Also note that kexec performs an "abrupt" reboot, i.e., it doesn't shutdown the system normally. Hence it's important to kexec from recovery where few services are running. It's also prudent to remount file systems read-only and sync them to avoid any potential (although unlikely) of corruption.
In the future, kexec could be better integrated into the Android framework to allow for a clean shutdown. Otherwise, probably the best way to deploy kexec is through an update.zip file that boots a kernel from the SD card. See the attached example update.zips.
Technical details:
kexec is feature of Linux that allows it to directly execute (boot) a new kernel in place of itself, allowing Linux to effectively serve as its own bootloader.
The kexec procedure is two step. The first "kexec" command loads a zImage from disk, constructs parameters (e.g., the kernel command line), and stages it in memory, after which Linux continues to run as normal. The second "kexec" command tells Linux to execute (boot) the staged kernel.
In the standard implementation, Linux "soft boots" kexec'd kernels. That is, on "kexec -e" the running instance of Linux shuts-down all devices, drivers, and goes through the process of unloading itself as it does during a normal reboot. However, instead of invoking a hardware reboot, Linux, at the final stage of unloading itself, jumps to start executing the new kernel.
This soft boot process requires that Linux hardware drivers are fully capable of unloading, reloading, and reinitializing the associated hardware without hardware-reboot or bootloader assistance. Since, for many built-in drivers, this capability is only used by kexec, hardware is often left in an unexpected or unknown state on unload, and thus the kexec'd kernel hangs on boot. Unfortunately this is the case with the Epic kernel, and soft booting doesn't work.
To work around this, the attached patches implement a "hard boot" method for kexecing kernels. Here, we use kexec to stage a kernel in memory as usual. On "kexec -e", Linux shuts-down as before, and at the very end of the unloading process it does two things: (i) scribble some information on how to boot the kexec'd kernel to a "special place" in memory, and (ii) performs a hardware reboot, invoking the Epic bootloader as a normal reboot does.
On reboot, the bootloader loads the (previously-running) bml7 or bml8 kernel and starts executing it. Here, the hardboot patch modifies the Linux the zImage decompressor code to check the "special place" in memory to see if we're actually kexecing a different kernel. If so, it switches over to the other kernel, already staged elsewhere in memory.
Known Issues:
Kernel Command Line:
Kexec (via hardboot) can boot stock or non-kexec-modified custom kernels. However, unless the copy_atags patch is applied, they can only use the kernel command line provided by the bootloader, as opposed to the custom command line provided by kexec. Although this isn't a problem when kexecing from a bml7 boot kernel, kexecing from a bml8 kernel runs recovery (fota.rc) instead of a normal boot (init.rc).
With the copy_atags patch, the command line for the kexec'd kernel must be provided by with kexec's --append option. These are the command lines provided by the bootloader in normal boot and recovery scenarios, any of which may be used:
Code:
Normal boot (init.rc):
console=ttySAC2,115200 loglevel=4
"adb reboot recovery" (recovery.rc):
bootmode=2 console=ttySAC2,115200 loglevel=4
Three-finger recovery boot (fota.rc):
bootmode=3 console=ttySAC2,115200 loglevel=4
Slow Booting:
Kexec booting of a stock or non-kexec-modified custom kernel is known take significantly longer than a regular boot, sitting at the SAMSUNG logo for 35 seconds instead of 8. The decomp_cachebufram patch resolves this issue for modified kernels. In addition, the attached patch_decomp_cachebufram.sh script will binary patch the decompressor code for any (to my knowledge) Epic kernel.
Many more details on the patches themselves are in the accompanying READMEs.
Mirror links:
Kernel & kexec-tools patches: kexec_patches.tar.gz
Kexec EC05 demonstration kernel: demo_kernel.tar.gz
Recovery script to boot /sdcard/zImage (normal boot): boot_zImage.zip
Recovery script to boot /sdcard/zImage (recovery boot): boot_zImage_recovery.zip
Script to binary patch decompressor code: patch_decomp_cachebufram.sh
Is this different in function than rodderik's dual boot support?
I know his didn't include usb booting support, but sdcard booting appears to be the same...although this seems a little cleaner, possibly
Sent from my SPH-D700 using xda premium
squshy 7 said:
Is this different in function than rodderik's dual boot support?
I know his didn't include usb booting support, but sdcard booting appears to be the same...although this seems a little cleaner, possibly
Sent from my SPH-D700 using xda premium
Click to expand...
Click to collapse
His uses a modified init, which then choses to load which init.rc, the one names init.rc.sdcard or normal init.rc. This (kexec method) reminds me A LOT like how they ran linux/android on winmo devices...it shuts down android and then runs the kernel they want (if I read correctly).
squshy 7 said:
Is this different in function than rodderik's dual boot support?
I know his didn't include usb booting support, but sdcard booting appears to be the same...although this seems a little cleaner, possibly
Sent from my SPH-D700 using xda premium
Click to expand...
Click to collapse
Yes. The genocide implementation allows a ROM to boot from the sd card as long as the kernel on the main ROM supports the sd ROM. this means you cannot dual boot a gingerbread and a froyo ROM because the need different kernels .
With this patch that limitation is removed as the sd based ROM can use its own separate kernel. This you may run stock ec05 and keep cyanogen or a gingerbread on the sd card to test and play with.
Great work mkasick
Sent from my SPH-D700 using Tapatalk
I was never interested in the dual boot feature since that was ROM's only and itwas limited by kernel support.
But now this really interest me, can't wait till we see some developers take advantage of this.
Sent from my SPH-D700 using xda premium
All I have to say is hope you stick with the epic your amazing
Sent from my SPH-D700 using Tapatalk
Yes, this is complementary to Rodderik's dual boot. Kexec allows one to load a different kernel, but it still defaults to booting the ROM stored in flash. Which is great for kernel testing, but not of much use otherwise.
It's easy enough to modify a kernel to load a ROM only from SD, but then we'll start seeing a divide between "bml kernels" and "SD kernels", when really it'd be nice to have init scripts that support both. That's where Rodderik's work comes in.
Probably the best is to have a kernel command line parameter that specifies where the ROM is located, so it can be passed in. Something like "console=ttySAC2,115200 loglevel=4 systemfs=mmcblk0p2 datafs=mmcblk0p3 cachefs=mmcblk0p4". These would default to stl9, stl10, stl11 respectively if unspecified. The kernel command line is available to init through "/proc/cmdline", and it's easy enough to parse in a shell script.
But yes, keeping a working ROM on flash while testing/debugging CyanogenMod was my primary motivation, since I need a working phone "during the day" and can't touch CyanogenMod otherwise.
formula84 said:
All I have to say is hope you stick with the epic your amazing
Click to expand...
Click to collapse
Thanks!
I'm much of a year out on a full upgrade, and I'm not considering a new device sooner as long as my Epic still works.
Edit: An obvoius limitation is modem compatibility. I've avoided the GB leaks thus far, so I'm not sure what's the status with that. But if GB supports the EC05 modem, then you can dual boot EC05 and GB-whatever. Same if EC05 supports newer modems.
Speaking of which, anyone know what GB modem compatibilty is like?
mkasick said:
Yes, this is complementary to Rodderik's dual boot. Kexec allows one to load a different kernel, but it still defaults to booting the ROM stored in flash. Which is great for kernel testing, but not of much use otherwise.
It's easy enough to modify a kernel to load a ROM only from SD, but then we'll start seeing a divide between "bml kernels" and "SD kernels", when really it'd be nice to have init scripts that support both. That's where Rodderik's work comes in.
Probably the best is to have a kernel command line parameter that specifies where the ROM is located, so it can be passed in. Something like "console=ttySAC2,115200 loglevel=4 systemfs=mmcblk0p2 datafs=mmcblk0p3 cachefs=mmcblk0p4". These would default to stl9, stl10, stl11 respectively if unspecified. The kernel command line is available to init through "/proc/cmdline", and it's easy enough to parse in a shell script.
But yes, keeping a working ROM on flash while testing/debugging CyanogenMod was my primary motivation, since I need a working phone "during the day" and can't touch CyanogenMod otherwise.
Thanks!
I'm much of a year out on a full upgrade, and I'm not considering a new device sooner as long as my Epic still works.
Edit: An obvoius limitation is modem compatibility. I've avoided the GB leaks thus far, so I'm not sure what's the status with that. But if GB supports the EC05 modem, then you can dual boot EC05 and GB-whatever. Same if EC05 supports newer modems.
Speaking of which, anyone know what GB modem compatibilty is like?
Click to expand...
Click to collapse
As far as I know, and from experience, modems are a free for all except for bonsai. Ec05 modem works on gb, leaked modems work on ec05.
this is definitely very cool, thanks mkasick!
Sent from my SPH-D700 using XDA Premium App
mkasick you never cease to amaze me...i'll definately play with this, this week if i have the time!
Rodderik said:
mkasick you never cease to amaze me...i'll definately play with this, this week if i have the time!
Click to expand...
Click to collapse
Great!
If you run into something not particularly straight forward, or think there's something I can clarify, please ask. I've been playing around with this long enough that I fear I might've overlooked documenting a detail or two that would be helpful for others.
So to patch any kernel u just point the script to the zImage?
sent from my epic 4g. with the key skips.
ugothakd said:
So to patch any kernel u just point the script to the zImage?
Click to expand...
Click to collapse
The script only implements one patch, it allows any kernel to boot ~30 seconds faster when kexec'd.
But yes, "./patch_decomp_cachebufram.sh zImage" modifies that zImage to boot faster. It requires the xxd hexdump tool that's packaged with vim.
Kexec support itself, along with the slew of other source patches, has to be applied to a kernel source tree, from which a new kernel must be built to take advantage of them.
mkasick said:
The script only implements one patch, it allows any kernel to boot ~30 seconds faster when kexec'd.
But yes, "./patch_decomp_cachebufram.sh zImage" modifies that zImage to boot faster. It requires the xxd hexdump tool that's packaged with vim.
Kexec support itself, along with the slew of other source patches, has to be applied to a kernel source tree, from which a new kernel must be built to take advantage of them.
Click to expand...
Click to collapse
I see...so its a no-go for gb. Or at least quick gingerbread.
sent from my epic 4g. with the key skips.
ugothakd said:
I see...so its a no-go for gb. Or at least quick gingerbread.
Click to expand...
Click to collapse
You should be able to kexec a GB kernel, but you'd need an EC05-ish /system on flash to boot recovery. Unless GB recovery is compatible with Froyo kernels.
If you're going to boot a GB kernel, you'd probably want to repackage the initramfs with an init.rc that loads the rest of the GB ROM off SD. It's actually not a bad way to keep EC05 around for a stable, working phone, and to test GB leaks as they happen. Which, hopefully, shouldn't be much longer.
wow mkasick, you never cease to amaze me bro...
I wish I wasn't working so many damned hours now, with your patches, I really want the dual boot now. Like you, the need for a working phone at all times is what keeps me from flashing more ROMs, including EpicCM and the gb leaks...
I hope Rodderik figures this out pretty quickly, as most of my dev time is spent on the IRC channels, and he's usually around to help and answer questions.
Once I can get my Clean Kernel working with this, I'll be stoked... I have had a tough time dealing with patches thus far, I usually git cherry-pick and/or manually edit, so I need to figure out how to use the patches correctly.
Anyways, gotta go to work now (I'm working 50+ hour weeks now, hence the time constraints), but hopefully I can get the time to get it into my kernel.
Thanks, mkasick!
Sent from my Samsung Epic4G
DRockstar said:
I have had a tough time dealing with patches thus far, I usually git cherry-pick and/or manually edit, so I need to figure out how to use the patches correctly.
Click to expand...
Click to collapse
What environment (OS, etc.) are you using? Is the "patch" utility working for you?
The patches are split up based on functionality. In each patch directory there's a "series" file that lists the order they should be applied. There's a program, quilt that can help manage them but it's not necessary. If you're running a bourne shell (e.g., bash) in the "Kernel" directory of the kernel sources, you should be able to apply the patches with:
Code:
while read i; do patch -p 1 < "/path/to/kexec_patches/kernel-EC05/$i"; done < "/path/to/kexec_patches/kernel-EC05/series"
Whether they'll apply cleanly or not is a different story, but that's the general idea.
And yeah, time ....
Thank you mkasick, that's a great explanation, I think I can handle that, much appreciated!
For the record, I compile by ssh into dev boxes donated for dev use. They all run linux in different distros. I find this most convenient since I can do most everything from the command line using your brilliant connectbot for epic
Sent from my Samsung Epic4G
With those recovery scripts, doesn't Clockwork Mod have to have kexec set up?
ugothakd said:
With those recovery scripts, doesn't Clockwork Mod have to have kexec set up?
Click to expand...
Click to collapse
You mean for boot_zImage_recovery.zip to work?
The CWM kernel doesn't need full kexec support in order to be booted via kexec. But it does need the copy_atags patch in order to respect the "bootmode=3" kernel argument.
Actually, you can take any existing Epic kernel and somewhat-easily fix it to be bootable via kexec. Steps are:
1. Extract EC05 kernel sources. Or use the GB sources, it doesn't matter, it doesn't even have to match the version of the kernel you're fixing.
2. Apply "decomp_cachebufram" and "decomp_copy_atags" patches.
3. Build a kernel. Config options don't matter much since this kernel is going to be thrown away.
4. Find the zImage for the kernel you want to fix. Run:
Code:
skip=`grep -Fabom 1 $'\x1f\x8b\x08' zImage | head -n 1 | cut -d : -f 1`
dd if=zImage bs=1 skip="$skip" | gunzip > Image
cp Image arch/arm/boot/Image
which extracts the decompressed kernel payload from the zImage, and replaces the "Image" that was previously built with the one you've extracted.
5. Run "make" in the kernel source directory again. You might have to append a "CROSS_COMPILE=" path to match the one used in a build script. The output should be:
Code:
CHK include/linux/version.h
make[1]: `include/asm-arm/mach-types.h' is up to date.
CHK include/linux/utsrelease.h
SYMLINK include/asm -> include/asm-arm
CALL scripts/checksyscalls.sh
CHK include/linux/compile.h
Kernel: arch/arm/boot/Image is ready
GZIP arch/arm/boot/compressed/piggy.gz
AS arch/arm/boot/compressed/piggy.o
LD arch/arm/boot/compressed/vmlinux
OBJCOPY arch/arm/boot/zImage
Kernel: arch/arm/boot/zImage is ready
Building modules, stage 2.
MODPOST 13 modules
which shows that the build process took the existing, extracted Image, compressed it, and attached a new kexec-compatible decompressor to it.
The resulting "arch/arm/boot/zImage" can be kexec'd, and command line arguments should be respected, e.g., if you want to boot into CWM recovery.
Related
Alright guys. I'm trying to get a custom CM7 kernel running on my Incredible. As background, I am well versed in kernel compilation in general and on embedded devices. I followed the directions on the cyanogen wiki (Building_Kernel_from_source), but skipped the section about compiling CM7 itself, since I'm only interested in the kernel. I pulled the kernel from CM's git repo, and it was checked out to the latest version (2.6.37), which is also what my phone was running. I grabbed the 'prebuilt' ARM cross compiling toolchain. I used the kernel config from my phone (/proc/config.gz). Looking through the options with menuconfig, it seemed that the options were correct. I pulled the boot.img from the latest CM7 install zip, (7.0.3), split out the ramdisk.img with split_bootimg.pl, merged my compiled zImage with the ramdisk.img using mkbootimg, copied the resulting img file to my sdcard, ran adb shell from recovery, zero'd out mtd2 (boot), and flashed my custom boot.img using flash_image.
Whew!
I have tried countless times, and every time I try to boot my device with the new kernel, my phone doesn't get past the "htc Incredible" boot screen. It just hangs there. I am completely at a loss as to where to go from here. Any suggestions would be EXTREMELY appreciated.
Thanks for reading.
I just remembered, I ended up using a different tool to split the ramdisk, since the wiki link to split_bootimg.pl was broken. I just now found split_bootimg.pl using google, extracted the custom boot.img I've been trying to throw at my phone, and the kernel section of it was recognized by 'file' utility as data. I'm going to try doing the ramdisk split using split_bootimg.pl tomorrow and see what the resulting boot.img looks like then. I'll report back my results.
Turns out that when you split the boot.img that comes with cyanogen, the kernel in there is also recognized as data. I am no closer to solving this mystery
Hei there.
The idea of this thread is to develop a better kernel for the I9001 in the community. I have compiled my own one for using it in the cwm recovery mod. I've only changed the following so far:
Patched pm2.c file in the samsung kernel sources, see here for the patch:
https://github.com/PabloPL/android_...mmit/46e96915a7e0459dc6b3aec04aa47329371fff44
through menuconfig I've changed the default cpu governor from performance to ondemand.
What we should implement first is init.d support.
I've uploaded my boot.img file for further use here:
http://www.mediafire.com/?6p91s5knka0e0py
It also contains the CWM Recovery
This is great idea bro. Its great to have you here.
Thanks again!!!
Sent from my GT-I9001 using Tapatalk
I would love to see a overclock able kernel! Great idea!
Joost
Sent from my GT-I9001 using XDA App
overclocking module
Hi guys,
coolbho3000 posted source of an overclocking module for HTC Vision. As far I know, it can be used with the SetCPU App together.
http://forum.xda-developers.com/showthread.php?t=813681
Since S+ has a similar Qualcomm chip, it should work as well.
I compiled the overclocking module with the S+ Kernel and packed it into the zImage. The device doesn't boot. Maybe it would be better to follow what coolbho3000 says and adapt the settings
ädu
PS: it needs definitively some adaptions.
Shouldn't we create our own github/bitbucket repositories for kernel and CWM? I'm trying to get my feet wet in generic Android kernel development now, it would be cool to have repository to sync with.
YardE said:
Shouldn't we create our own github/bitbucket repositories for kernel and CWM? I'm trying to get my feet wet in generic Android kernel development now, it would be cool to have repository to sync with.
Click to expand...
Click to collapse
yep of course. I've already opened an account on github. But right now I ain't got time to read the instructions on how to upload repos because I'm busy with applying some changes to FeaMod Recovery and testing them.
I would be happy if a lot of kernel developers would join us!
Edit: The sources for FeaMod recovery 1.1 are on github:
https://github.com/manveru0/FeaMod-Recovery--based-on-CWM-Recovery-
Samsung kernel sources with patched pm2.c:
https://github.com/manveru0/kernel_I9001_samsung
Later I'll try to add "run-parts /system/etc/init.d/" to init.rc, but I'm highly confused from examining ramdisk, because I couldn't find any bash-scripts interpreter (possibly embedded into init executable?) and don't have enough time to continue examining init.rc now. I think, we can add busybox to system image and call it from there. Also, please, modify these lines in default.prop in your future builds:
Code:
ro.secure=0
ro.debuggable=1
As far as I understood, these allow us to use "adb root".
Also, thanks for your awesome work!
YardE said:
Later I'll try to add "run-parts /system/etc/init.d/" to init.rc, but I'm highly confused from examining ramdisk, because I couldn't find any bash-scripts interpreter (possibly embedded into init executable?) and don't have enough time to continue examining init.rc now. I think, we can add busybox to system image and call it from there. Also, please, modify these lines in default.prop in your future builds:
Code:
ro.secure=0
ro.debuggable=1
As far as I understood, these allow us to use "adb root".
Also, thanks for your awesome work!
Click to expand...
Click to collapse
sounds good. I haven't seen a script interpreter either and I'm not quite sure if there is one included in the init. I think it's better we include busybox. Take a look at this thread by the way:
http://forum.xda-developers.com/showthread.php?t=1152740
I'll try to do that testwise.
Here's the adress for my uploaded boot.img-ramdisk without the samsung pictures (we can easily add them again when building a new boot.img):
https://github.com/manveru0/bootimage_ramdisk_I9001
I've already included the changes in default.prop
EDIT: some useful links
http://www.kandroid.org/online-pdk/guide/bring_up.html
http://www.androidenea.com/2009/08/init-process-and-initrc.html
After some init.rd learning I've inserted a service here which should get the job's done, but I have no idea how to test it. Anyway, here is the diff from the normal one:
Code:
[[email protected] boot]$ diff -u3 init.rc ../boot_mod/init.rc
--- init.rc 2011-11-05 22:35:33.194680288 +0400
+++ ../boot_mod/init.rc 2011-11-05 22:24:40.000000000 +0400
@@ -566,7 +566,7 @@
# ihryu 2010.07.19
setprop ro.rfkilldisabled 0
- class_start default
+ #class_start default
# +++++++++++++++++++++++++++++++++++++++++++
# for silent reset
@@ -714,6 +714,10 @@
onrestart restart netd
onrestart restart sensor-daemon
+service initd /system/bin/logwrapper /system/xbin/busybox run-parts /system/etc/init.d
+ oneshot
+
service media /system/bin/mediaserver
user media
group system audio camera graphics inet net_bt net_bt_admin net_raw radio qcom_oncrpc
[[email protected] boot]$
Have also commented "class_start default" which runs twice for some reason. To have this working in theory, you should have busybox installed in /system/xbin with run-parts support. For me, it boots at least ^_^
P.S. It also works if I call command line from adb. Also, adb root works after changing default.prop, good.
P.P.S. You can also remove "charging.rle" from repo, as it is image, too, but why not just keep all the files in repo? git is loyal to binary files as long as you don't try to create a patch. ~_^ Also, you can use .gitignore to exclude some files from git's view at all.
Found excellent reference on init.rd:
http://www.kandroid.org/online-pdk/guide/bring_up.html
Fixed previous post (removed "disabled"), so it should really work now. Going to test it, but not really sure if my test are correct (I'll try to write something to sdcard, but is it mounted r/w at the moment of script running?)
Test failed, thinking of some other, more accurate tests now.
Tried to create file in /cache, and it worked! Here is boot.img with working init.rd and adb root. Flash it via dd (dd if=boot.img of=/dev/block/mmcblk0p8). You should have busybox installed into /system/xbin for this to work.
YardE said:
Found excellent reference on init.rd:
http://www.kandroid.org/online-pdk/guide/bring_up.html
Fixed previous post (removed "disabled"), so it should really work now. Going to test it, but not really sure if my test are correct (I'll try to write something to sdcard, but is it mounted r/w at the moment of script running?)
Test failed, thinking of some other, more accurate tests now.
Click to expand...
Click to collapse
thx for your commit, I'm testing it as well with the adrenaline shot. If init.d support works you should see the changed values.
I do have a working busybox in /system/xbin with run-parts support, so that shouldn't be the issue as my tests didn't work so far.
Okay, gonna delete disable as well.
concerning the images i wasn't so sure about law problems since they include original samsung stuff.
update:
success You did it! Init support works. Though I have to retest it since I've also added user root to the init.rc. Honestly I'm not quite sure if that entry is needed
"user root" is not needed since user is root by default, already tested without it (edited my posts above).
YardE said:
"user root" is not needed since user is root by default, already tested without it (edited my posts above).
Click to expand...
Click to collapse
okay then, i will change the init.rc file and commit it to github. I will name you in the comment to the change. Which name should I use? Is that okay for you?
Oh, you can use either "abbradar" or "YardE", I don't mind. ^_^ Thank you for credits and again for your work. Gonna experiment a bit with CWM now since init.d is working.
YardE said:
Oh, you can use either "abbradar" or "YardE", I don't mind. ^_^ Thank you for credits and again for your work. Gonna experiment a bit with CWM now since init.d is working.
Click to expand...
Click to collapse
I have to thank you for your work as well, mate It's cool working as a team since we are better, faster and should see more bugs than working alone
Edit:
Hmm, we should include busybox in the boot ramdisk, since not every user has busybox installed.
P.S: funny thing is, I've installed adrenaline shotv13 but only part of it works. For example the sdcard tweak works, the sysctl tweaks don't.
P.P.S: i've installed bash on my device, it's much more easier with it to navigate in the adb shell
manveru0 said:
Hmm, we should include busybox in the boot ramdisk, since not every user has busybox installed.
Click to expand...
Click to collapse
What is the max size limit in our device for ramdisk? Also, should we really do so? It will be hard to update in comparison and maybe will be stripped due to size limit, and users basically'll have two versions of busybox - our embedded into boot.img and their own - in /system. (I'm looking on CM and other init.d implementations as an example) But on the other hand, it is really nearly critical level app (although sh is not in boot.img, for example)
P.S: funny thing is, I've installed adrenaline shotv13 but only part of it works. For example the sdcard tweak works, the sysctl tweaks don
Click to expand...
Click to collapse
They also trying to write some values into non-existent /sys nodes, looks like they are meant for other kernel scheduler, like BFQ (should we also try it?)
---------- Post added at 01:25 AM ---------- Previous post was at 01:25 AM ----------
P.P.S: i've installed bash on my device, it's much more easier with it to navigate in the adb shell
Click to expand...
Click to collapse
Good advice, thank you ^_^.
YardE said:
What is the max size limit in our device for ramdisk? Also, should we really do so? It will be hard to update in comparison and maybe will be stripped due to size limit, and users basically'll have two versions of busybox - our embedded into boot.img and their own - in /system. (I'm looking on CM and other init.d implementations as an example) But on the other hand, it is really nearly critical level app (although sh is not in boot.img, for example)
They also trying to write some values into non-existent /sys nodes, looks like they are meant for other kernel scheduler, like BFQ (should we also try it?)
---------- Post added at 01:25 AM ---------- Previous post was at 01:25 AM ----------
Good advice, thank you ^_^.
Click to expand...
Click to collapse
the maximum size of both recovery and boot.img is 7864320 Bytes. Riversource once found that out. It's also in the BoardConfig.mk So we would have enough space for including busybox. But you're right, it would only lead to 2 busyboxes on the device which is not the best idea.
CM uses the BFQ scheduler as far as I know so yeah, we should give it a try
AFAIK, BFS patch nearly fully removes original kernel schedulers, so some work of comparing with original Linux kernel will be needed to do. Although, it may not be true for Android kernel sources or my experience may be wrong, so we should just try it as is before continuing.
Sent from my GT-I9001 using XDA App
YardE said:
AFAIK, BFS patch nearly fully removes original kernel schedulers, so some work of comparing with original Linux kernel will be needed to do. Although, it may not be true for Android kernel sources or my experience may be wrong, so we should just try it as is before continuing.
Sent from my GT-I9001 using XDA App
Click to expand...
Click to collapse
yep, I've looked at the changes the patches make and they remove alot of the CFQ related functions. Fortunately the makefile is patched as well so no work here.
I've have downloaded the patches for kernel 2.6.35 here:
http://algo.ing.unimo.it/people/paolo/disk_sched/sources.php
I applied them to my sources, compiled em and flashed my FeaMod pack with the new kernel and your changes to the boot ramdisk.
So far everything is working on my device I'm gonna upload the patches to github.
Edit: Had to change the .config as well since bfq is not the default I/O scheduler. It is now, I've also activated the hierarchical scheduler support.
Concerning ramdisk git repo: maybe we should move all the code into some folder, for example, "ramdisk", and move README out from there to avoid it being placed into final image? Also, we should point which files are missing from ramdisk in README.
I've got this side project going where I've decided to try to modify the stock kernel for my GT-I9000M.
I'm a Gentoo linux user and have cross-compiled kernels for embedded systems with or without initramfs and modules successfully many times. Rather than just grab and flash the latest mod from the net I want to understand exactly how to create my own.
I already have access via a chroot to a working Gentoo install, however that runs in a sandbox inside android userland, which can be irritating to say the least. I'm already able to create binaries for armv7a on the phone itself, which is a time and power-consuming novelty.
I setup a development environment on my main computer and made sure I could create working binaries for the armv7a.
I backed up all the bml partitions on my phone.
Next, I made sure I could access Download Mode and experimented with Heimdall until I was satisfied I was able to recover from any bad kernel flashes.
I altered the first boot logo in param.lfs with dd, but that's a whole other story.
Next, I downloaded Samsung's source for Froyo and followed the instructions to create a zImage.
aries_eur_defconfig selects the FM radio module and the Samsung TV out driver which are broken. No problem, I figured I could check that out later so I disabled those options for now. it compiles! great! But it didn't boot. I turned to the internet for ways to solve the problem.
There was a lot of conflicting information. I ended up trying a lot of different approaches, modules, firmware, version info, kernel command lines, fbcon... well I messed around.
Some time later, I find myself happily booting with my own kernel. The bootloader displayed my custom logo in param.lfs, but fbcon didn't work and I got a stock samsung gt-i9000 logo before android booted up! The phone worked, wifi worked, bluetooth worked, it was awesome (for 2.6.32.9 that is )!
So, great! Except I got overconfident and cocky. I made a slew of changes trying to get fbcon to work and to top off the evening I overwrote my working zImage with a broken kernel (without a backup of my working custom zImage or .config). I still have backups otherwise of course and haven't lost the functionality of my phone in any way, but now I'm just irritated.
Anybody else working on compiling from source on the GT-I9000M?
I pressed ahead and tried to recreate the conditions that got me a working kernel and as of yet I've been unsuccessful Luckily I've got a kmsg from the kernel when it booted. I can see the kernel command line on the custom kernel that booted was simply "console=ttySAC2,115200" although I do recall trying different values for init= ... The default init in the sources is /linuxrc which doesn't exist in initramfs.
There are also settings for the kernel command line and version information in arch/arm/mach-s5pv210/include/mach/param.h
Is there a known good method to compile from Samsung's sources?
I unpacked a known good zImage, played with it's initramfs, repacked it and it boots just fine.
I've tried again with a fresh copy of the gt-i9000 froyo-samsung branch:
- unpack initramfs from a known good 2.6.32.9 kernel
- make clean
- make aries_eur_defconfig
- make menuconfig, add initramfs, remove Samsung TV driver and FM radio module
- make
the resulting vmlinux is: ELF 32-bit LSB executable, ARM, version 1 (SYSV), statically linked, not stripped (I know, it's zImage not vmlinux but I'm just doing sanity checks)
I have a custom logo in param.lfs which always displays on boot. A second logo is compiled into the kernel, and I do see a change in the logo when my kernel boots (it shows GT-I9000 instead of GT-I9000M after the first logo). This leads me to believe that the kernel is booting... but the phone powers off after booting.
I've tried the recommended changes to default.prop to use adb to obtain the kmsg of the new kernel. This has not worked however, which could mean that the kernel doesn't get as far as initramfs.
the kernel command line from the kmsg I have from the one time that a custom kernel of mine booted is simply: "console=ttySAC2,115200 loglevel=4" . There's no mention of init, which I think should be init=/init although aries_eur_defconfig seems to think that init=/linuxrc is appropriate (linuxrc doesn't exist?) Regardless, it doesn't seem to matter what I specify for init.
Which leaves proprietary Samsung kernel modules. If they can't load, this could explain everything I'm experiencing. It isn't clear what specific version the proprietary modules are expecting.
Maybe this will help somebody else. I've got it working now.
Attached is my working config.
In this post, I would like to explain what kexec-hardboot patch is and also bring it to light a bit more since until now, it was only burried in MultiROM thread.
@kernel developers: I would like to ask you to merge this patch to your kernels, because it is essential part of MultiROM - it allows me to boot any kernel without changing the boot partition. I realize that it is no small request, but the patch is not big, touches relatively stable parts of kernel and should not cause any problems. Thank you.
What is kexec?
It is syscall of Linux kernel, which allows you to boot another Linux kernel without restarting the device - "Linux boots itself". The functionality is equivalent to fastboot -c *cmdline* boot zImage initrd.img, but without PC and fastboot. It is fairly known thing, so more info at wikipedia and man kexec.
Standard kexec call unfortunatelly does not work on Nexus 7. It freezes somewhere, and it is very difficult to find out where - probably some of the drivers are not shut down/re-initialized properly, it is a commong thing among Android devices, which is why kexec-hardboot was made.
What is the difference between normal and hardboot exec?
Kexec-hardboot patch adds a real device restart to that process, so that all the drivers can be properly reinitialized. It stores new kernel to RAM, reboots the device as usual, and kernel from boot partition immediately jumps to the one which was stored to RAM before reboot.
Another difference is that both kernels must be patched. The "host" kernel requires a full patch, the one which is being kexecd' requires only two small compatibility patches.
To sumarize the process:
kexec --load-hardboot.... is called and kernel it loaded into RAM.
kexec -e is called. Special info is written to memory (to area which is not overwritten on reboot) and the device is rebooted.
After reboot, very early in the boot process, kernel checks if that special info is present in RAM and if so, it loads new kernel from RAM and jumps to it.
Kexecd' kernel starts and boots.
For more info, read the original thread.
Patches:
Full kernel patch: https://gist.github.com/4558647, 4.1 kernel repo, cm 10.1 kernel repo
This is the full kernel patch. Kernels with this patch can be both "host" and "guest" kernels.
Related CONFIG options:
CONFIG_KEXEC=y
CONFIG_KEXEC_HARDBOOT=y
CONFIG_ATAGS_PROC=y
CONFIG_GROUPER_HARDBOOT_RECOVERY=n
First three options must be enabled. Last one, GROUPER_HARDBOOT_RECOVERY, specifies if the kexec call should reboot to normal mode or to recovery. This can be useful if you don't have the kernel in boot partition but only as kernel in recovery partition. You usualy want to disable this option.
Compatibility patch: https://gist.github.com/4458581
This patch only makes the kernel bootable via kexec, ie. it can't be the host kernel. This was made for Ubuntu kernel (and it was accepted), because I did not want to drag the whole patch in there. If your kernel is for Android ROMs, you should use the full patch.
Userspace kexec binary: View attachment kexec-tools.zip
That ZIP file contains kexec source, patches and README. It is from the original patch from Mike Kasick. It also contains precompiled, statically linked kexec binary, so you probably just want to use that.
Usage:
Once you have the kernel patches and kexec userspace binary in place, just run following command to boot into new kernel:
Code:
kexec --load-hardboot zImage --initrd=initrd.img --mem-min=0x85000000 --command-line="$(cat /proc/cmdline)"
kexec -e
Note the command line parameter - cmdline from bootloader is not added automatically, you have to put it there by yourself.
Currently used by:
MultiROM - I use it to boot different kernels (eg. Ubuntu).
MOSLO - Part of Plasma Active for Nexus 7, also usefull tool for every N7 developer - read more: http://ruedigergad.com/2012/12/09/nexus-7-easily-flashaccess-entire-userdata-partition/
Authors:
This patch was made by Mike Kasick for Samsung Epic 4G. Since that, it was ported to several devices, one of them is Asus Transformer TF201 - I used patch from TF201 and modified it a bit (basically just changed few SoC specific constants). People at #ubuntu-arm helped me out with that, thanks.
Hi Tasssadar,
im trying to get this to work on the HOX in order to have a shot at multiboot,
the patched applied with no problem... however on compiling i gett this error
"Adress for kexec hardboot page not defined"
ask this error naturely defined to kick in with every device beside N7 i that comment completely....
and that ended up giving me an error about KEXEC_HB_PAGE_ADDR not defined,
so i readded it, but i removed the "#if defined(CONFIG_MACH_GROUPER)"
now trying to compile it, its gets pretty close to the end... but failed with unexpected string error at line OUTPUT_ARCH(arm) in file linux/arch/arm/boot/compressed/vmlinux.lds
Code:
/*
* linux/arch/arm/boot/compressed/vmlinux.lds.in
*
* Copyright (C) 2000 Russell King
*
* This program is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License version 2 as
* published by the Free Software Foundation.
*/
OUTPUT_ARCH(arm)
ENTRY(_start)
SECTIONS
{
/DISCARD/ : {
*(.ARM.exidx*)
*(.ARM.extab*)
/*
* Discard any r/w data - this produces a link error if we have any,
* which is required for PIC decompression. Local data generates
* GOTOFF relocations, which prevents it being relocated independently
* of the text/got segments.
*/
*(.data)
}
. = 0;
_text = .;
.text : {
_start = .;
*(.start)
*(.text)
*(.text.*)
*(.fixup)
*(.gnu.warning)
*(.glue_7t)
*(.glue_7)
}
.rodata : {
*(.rodata)
*(.rodata.*)
}
.piggydata : {
*(.piggydata)
}
. = ALIGN(4);
_etext = .;
.got.plt : { *(.got.plt) }
_got_start = .;
.got : { *(.got) }
_got_end = .;
_edata = .;
. = ALIGN(8);
__bss_start = .;
.bss : { *(.bss) }
_end = .;
. = ALIGN(8); /* the stack must be 64-bit aligned */
.stack : { *(.stack) }
.stab 0 : { *(.stab) }
.stabstr 0 : { *(.stabstr) }
.stab.excl 0 : { *(.stab.excl) }
.stab.exclstr 0 : { *(.stab.exclstr) }
.stab.index 0 : { *(.stab.index) }
.stab.indexstr 0 : { *(.stab.indexstr) }
.comment 0 : { *(.comment) }
}
also, im booted into windows now... so i can't provide the exact error.
I'm afraid "comment everything which doesn't work" won't work here. The KEXEC_HB_PAGE_ADDR and END_MEM is device-specific, it will most likely be different for HTC One X. You can find out what address is it supposed to be by examining /proc/iomem on your device. For example, here's memory map from grouper:
Code:
...
80000000-be9fffff : System RAM
80008000-808faba7 : Kernel text
80940000-80b8228f : Kernel data
beb00000-bebfffff : ram_console
...
So, for grouper, END_MEM is 0xbe9fffff + 1 = 0xbea00000.
KEXEC_HB_PAGE_ADDR is located 1MB before console RAM, which is in this case also immediatelly after System RAM, so for grouper, it is also 0xbea00000.
but failed with unexpected string error at line OUTPUT_ARCH(arm) in file linux/arch/arm/boot/compressed/vmlinux.lds
Click to expand...
Click to collapse
That doesn't seem to be related to this patch. Are you using correct cross-compiler?
Tasssadar said:
I'm afraid "comment everything which doesn't work" won't work here. The KEXEC_HB_PAGE_ADDR and END_MEM is device-specific, it will most likely be different for HTC One X.
Click to expand...
Click to collapse
i figured
but im walking you through what i did.
You can find out what address is it supposed to be by examining /proc/iomem on your device. For example, here's memory map from grouper:
Code:
...
80000000-be9fffff : System RAM
80008000-808faba7 : Kernel text
80940000-80b8228f : Kernel data
beb00000-bebfffff : ram_console
...
So, for grouper, END_MEM is 0xbe9fffff + 1 = 0xbea00000.
KEXEC_HB_PAGE_ADDR is located 1MB before console RAM, which is in this case also immediatelly after System RAM, so for grouper, it is also 0xbea00000.
Click to expand...
Click to collapse
Code:
7d000000-7d003fff : tegra-udc.0
7d000000-7d003fff : tegra-otg
7d000000-7d003fff : tegra-udc
7d004000-7d007fff : tegra-ehci.1
80000000-beafffff : System RAM
80008000-8094000f : Kernel text
809a8000-810b940f : Kernel data
beb00000-bebfffff : ram_console
bec00000-beffffff : fbmem
bf000000-bf7fffff : fbmem
0xbeafffff + 1 = 0xbeb00000
grrr that would put me inside the ram_console...
aaaa would it wok if i used the address before??
7d00800
Edit:
or did your ram RAM end earlier because you set you END_MEM 0xbea00000
in that case, it works out just the same with the HOX
That doesn't seem to be related to this patch. Are you using correct cross-compiler?
Click to expand...
Click to collapse
i would have guessed so, but the kernel compiled and is working before the patch.
im using the one provided by google (Android NDK r9) while it contains booth gcc 4.6/4.8 im using 4.6 (arm-linux-androideabi-)
The patch will move ram_console 1MB further, see https://gist.github.com/Tasssadar/4558647#file-n7_hardboot-diff-L387 . You'll have to modify this part of the patch, it will be in different file for your device.
Tasssadar said:
The patch will move ram_console 1MB further, see https://gist.github.com/Tasssadar/4558647#file-n7_hardboot-diff-L387 . You'll have to modify this part of the patch, it will be in different file for your device.
Click to expand...
Click to collapse
HOX is also a Tegra 3 device... so im guessing i wont need to touch a thing?
also note... that iomem provided is from an unpatched kernel (as i cant compile a patched one)
also,
im currently on freenode #htc-one-x
if you dont mind joining.
I've been looking through the kexec-hardboot patch these last few days, trying to actually understand it instead of just blindly porting it and after several hours of messing with assembler with no means to debug it, I've managed to remove the need for guest kernel to be patched. This is not really useful for grouper, since thanks to multirom and accepting kernel devs, nearly every third-party kernel has the proper patches. But, if I'll port multirom to some other device (hello, flo), it will be very useful
To know more see the changes in this commit, but you'll probably need to understand how the patch does things: https://github.com/Tasssadar/androi...mmit/2ce4130061f72430a8ddfde25346c4e528c5c30b
@mkasick: Could you please look over this? I'm afraid there's some good reason why you didn't do this in the first place, like rewriting some part of memory which shouldn't be rewritten or something like that. Thank you.
Tasssadar said:
I've been looking through the kexec-hardboot patch these last few days, trying to actually understand it instead of just blindly porting it and after several hours of messing with assembler with no means to debug it, I've managed to remove the need for guest kernel to be patched. This is not really useful for grouper, since thanks to multirom and accepting kernel devs, nearly every third-party kernel has the proper patches. But, if I'll port multirom to some other device (hello, flo), it will be very useful
To know more see the changes in this commit, but you'll probably need to understand how the patch does things: https://github.com/Tasssadar/androi...mmit/2ce4130061f72430a8ddfde25346c4e528c5c30b
@mkasick: Could you please look over this? I'm afraid there's some good reason why you didn't do this in the first place, like rewriting some part of memory which shouldn't be rewritten or something like that. Thank you.
Click to expand...
Click to collapse
Perfect timing, just finished my last exam
Edit:
Also, this applies on top of the original patch right??
Edit2:
i can't seem to get it to kexec boot, but i didn't do much testing, maybe 2morrow night!
Edit3:
fixed, it was a problem with min-addr,
changed it to 0x82000000 and it worked
One more question...
TEGRA_PMC_BASE is also device specific, ain't it???
So, for a Qualcomm device, what should I be using? I am guessing it is MSM_RPM_BASE, which I got from here: http://forum.xda-developers.com/showpost.php?p=31127486&postcount=7
Yes, it is SoC-specific. This is using some special register to reset the chip, I'm not sure if that is available on msm chips - probably yes, but in some different form. Your best chance is to examine restart sequence in arch/arm/mach-msm/restart.c and port it to assembler.
Tasssadar said:
Usage:
Once you have the kernel patches and kexec userspace binary in place, just run following command to boot into new kernel:
Code:
kexec --load-hardboot zImage --initrd=initrd.img --mem-min=0xA0000000 --command-line="$(cat /proc/cmdline)"
kexec -e
Click to expand...
Click to collapse
The address of 0xA0000000 is not necessarily the best choice going forward. It originally made perfect sense, as it is well above everything else. But now that we can boot unpatched guest kernels, we can hit the interesting situation where the guest decompression may take a full minute. At least it's when I've seen on the Ouya game console that's running the next chip after Grouper.
When I realized what's going on, I changed to 0x8E000000, as it gets me just below the 256 MB limit of cache-enabled memory that's present on a typical guest at that early decompression stage. It's enough to hold a typical 8 MB boot image kernel/ramdisk. Now the guest kernel startup is fast in all cases.
Thank you Tasssadar for continuing your work in this area, especially with finding that way to allow unpatched guests.
Indeed, that's actually what I'm using in MultiROM for flo and mako (and grouper, but it is useless 'cause not all 3rd-party kernels have been updated), I just kinda "forgot" to update these threads.
Would it work on devices with locked bootloaders (Xperias). I mean :does the idea of this patch would also work on bootloader unlock allowed :no devices?
Sent from my LT22i using xda app-developers app
I am trying to build a kexec patched kernel integrated into a ROM. I make sure that the following code is there in the defconfig:
CONFIG_KEXEC=y
CONFIG_KEXEC_HARDBOOT=y
CONFIG_ATAGS_PROC=y
The ROM works well, except that it does not boot my secondary ROMs - kexec hardboot patch missing. I have multi ROM and TWRP recovery installed
What am I missing?
Logs or it didn't happen.
Show me dmesg from normal boot into android, with MultiROM and your kernel installed.
Code:
adb shell
su
dmesg > /data/local/tmp/dmesg.txt
exit
exit
adb pull /data/local/tmp/dmesg.txt
Porting?
Tassadar which things do I need to boot kexec kernel on my device (Motorola Electrify 2) .
@Tasssadar, Sorry for picking up this kinda "old topic" but I'm sadly experiencing some problems while trying to port kexec-hardboot to the Sony Xperia Z2 (aka sirius). I applyed all needed commits (cherry-picked from a apparently working Z1 repo for stock kernel) to my CM based custom kernel (https://github.com/Myself5/android_kernel_sony_msm8974/tree/kexec-cm-12.0) and it does not boot at all. It's stuck on the Sony Logo, and it seems like I can't get any log either. I also tryed the stock cm kernel with the patch (https://github.com/Myself5/android_kernel_sony_msm8974-kexec) cause I tought it might be some incompatibility, but sadly it wasn't. Hope you have any ideas to solve my problems, cause I'm out of ideas ATM. I also checked the kexec commits for other devices (namely the One Plus One) and it seems like I got everything needed.
Thanks in Advance
Tasssadar said:
In this post, I would like to explain what kexec-hardboot patch is and also bring it to light a bit more since until now, it was only burried in MultiROM thread.
@kernel developers: I would like to ask you to merge this patch to your kernels, because it is essential part of MultiROM - it allows me to boot any kernel without changing the boot partition. I realize that it is no small request, but the patch is not big, touches relatively stable parts of kernel and should not cause any problems. Thank you.
What is kexec?
It is syscall of Linux kernel, which allows you to boot another Linux kernel without restarting the device - "Linux boots itself". The functionality is equivalent to fastboot -c *cmdline* boot zImage initrd.img, but without PC and fastboot. It is fairly known thing, so more info at wikipedia and man kexec.
Standard kexec call unfortunatelly does not work on Nexus 7. It freezes somewhere, and it is very difficult to find out where - probably some of the drivers are not shut down/re-initialized properly, it is a commong thing among Android devices, which is why kexec-hardboot was made.
What is the difference between normal and hardboot exec?
Kexec-hardboot patch adds a real device restart to that process, so that all the drivers can be properly reinitialized. It stores new kernel to RAM, reboots the device as usual, and kernel from boot partition immediately jumps to the one which was stored to RAM before reboot.
Another difference is that both kernels must be patched. The "host" kernel requires a full patch, the one which is being kexecd' requires only two small compatibility patches.
To sumarize the process:
kexec --load-hardboot.... is called and kernel it loaded into RAM.
kexec -e is called. Special info is written to memory (to area which is not overwritten on reboot) and the device is rebooted.
After reboot, very early in the boot process, kernel checks if that special info is present in RAM and if so, it loads new kernel from RAM and jumps to it.
Kexecd' kernel starts and boots.
For more info, read the original thread.
Patches:
Full kernel patch: https://gist.github.com/4558647, 4.1 kernel repo, cm 10.1 kernel repo
This is the full kernel patch. Kernels with this patch can be both "host" and "guest" kernels.
Related CONFIG options:
CONFIG_KEXEC=y
CONFIG_KEXEC_HARDBOOT=y
CONFIG_ATAGS_PROC=y
CONFIG_GROUPER_HARDBOOT_RECOVERY=n
First three options must be enabled. Last one, GROUPER_HARDBOOT_RECOVERY, specifies if the kexec call should reboot to normal mode or to recovery. This can be useful if you don't have the kernel in boot partition but only as kernel in recovery partition. You usualy want to disable this option.
Compatibility patch: https://gist.github.com/4458581
This patch only makes the kernel bootable via kexec, ie. it can't be the host kernel. This was made for Ubuntu kernel (and it was accepted), because I did not want to drag the whole patch in there. If your kernel is for Android ROMs, you should use the full patch.
Userspace kexec binary: View attachment 1653562
That ZIP file contains kexec source, patches and README. It is from the original patch from Mike Kasick. It also contains precompiled, statically linked kexec binary, so you probably just want to use that.
Usage:
Once you have the kernel patches and kexec userspace binary in place, just run following command to boot into new kernel:
Code:
kexec --load-hardboot zImage --initrd=initrd.img --mem-min=0x85000000 --command-line="$(cat /proc/cmdline)"
kexec -e
Note the command line parameter - cmdline from bootloader is not added automatically, you have to put it there by yourself.
Currently used by:
MultiROM - I use it to boot different kernels (eg. Ubuntu).
MOSLO - Part of Plasma Active for Nexus 7, also usefull tool for every N7 developer - read more: http://ruedigergad.com/2012/12/09/nexus-7-easily-flashaccess-entire-userdata-partition/
Authors:
This patch was made by Mike Kasick for Samsung Epic 4G. Since that, it was ported to several devices, one of them is Asus Transformer TF201 - I used patch from TF201 and modified it a bit (basically just changed few SoC specific constants). People at #ubuntu-arm helped me out with that, thanks.
Click to expand...
Click to collapse
I'm sorry for picking up this older topic as well, but I always played with the thought of merging kexec support into a kernel and I'm doing one right now.. But my secondary device is a LG G2 and since the era of Lollipop began, somehow MultiBoot just stopped working and nobody can figure out why. I think they even started to build some new concept now.. So before I spark a heated debated by Note 4 users I'd love to know if you have any idea if this patch is still applicable? Altough the only way to find out is to probably just try it lol.
Tasssadar said:
In this post, ....
Click to expand...
Click to collapse
Bro can you please mention on your wiki that kexec isnt supported for x64 devices? It will be great help and save developers hours! I was porting for oneplus 2 when a dev told me that kexec isnt there for x64. I was shocked
Is any alternative available for that? Please reply! Thanks.
All other devs, who cant make multirom to work (lollipop is the x64 era) stop working. Kexec isnt supported for x64. Find an alternative for it.
Can Anyone help me to port this? Here is my patched kernel (ignore arch/arm64) and this is /proc/iomem.
Code:
80000000-854fffff : System RAM
80008000-80fa43ef : Kernel code
81112000-817bf797 : Kernel data
8cb00000-9fefffff : System RAM
9ff00000-9ff3ffff : persistent_ram
9ff40000-9ff7ffff : persistent_ram
9ff80000-9fffffff : persistent_ram
a0000000-ffffefff : System RAM
For kexec_hb_page_addr the value i inseted is 85500000 coz as tasssadar said 884fffff + 1 = 85500000, but I don't know what value add for
Code:
#elif defined(CONFIG_ARCH_MSM8916)
/* Restart using the PMIC chip, see mach-msm/restart.c */
ldr r0, =MSM8916_HARDBOOT
mov r1, #0
str r1, [r0, #0]
loop: b loop
MSM8916_HARDBOOT, and if I compile the kernel it stucks on samsung logo.
hi all,
i'm going to support multiple android roms loading in my kernel_chooser + root_chooser project.
in few words it will be a powerful bootloader for android.
this is what it will be able to do ( many points are yet working ):
kernel loading thought kexec
boot from external devices
boot from subfolders
custom background
change android /sytem partition
change android /data partition
wipe android /cache partition
what i'm asking to you it's to make your android rom's kernel kexec-ready, applying them a kexec guest patch.
thus to make them ready to load for me.
if not i have to patch your kernel every time you modify it.
kernel_chooser and root_chooser are hosted here: https://github.com/tux-mind/tf201-dev
they are made for the asus transformer prime ( TF201 ), but they can run on any android device with your help.
i will add you to the github collaborators if you want to help.
now we are working on multiple android roms support.
thanks in advance for your time.
-- tux_mind
@tux_mind sounds like an interesting idea. So this works for all device's kernels? Once I apply the patch to my kernel source, what happens after that? I'll make sure to follow your progress, good work
HTCDreamOn said:
@tux_mind sounds like an interesting idea. So this works for all device's kernels? Once I apply the patch to my kernel source, what happens after that? I'll make sure to follow your progress, good work
Click to expand...
Click to collapse
thanks
yes, this should work for all devices, except for a little tuning of the partition with the configuration data ( /data ).
i have to make it to self-detect the /data partition.
let's say for example that you want to use it on your HTC Vision.
i have to build an host kernel by the stock one applying the host kexec patch.
than i have to build an android boot image which contains kernel_chooser as initrd and the above kernel.
this android boot image will be written to your current one though fastboot.
after that kernel_chooser will be able to load any kernel patched with the guest patch.
obviously the loaded kernel must be made for that device
it can also load a custom initrd and use a custom kernel CMDLINE.
so, after i made a HTC Vision kernel_chooser, your rom it's ready to load if you applied the guest patch to you kernel.
i can't explain well how to make you rom "bootable" because we are developing this
but if your kernel is kexec-loadable it will be supported by kernel_chooser.
i will update you in the next days
bye!
Really great idea! As it support other devices I can throw in my kernel which is a kexec one for the Motorola RAZR, because of our locked bootloader. The question is: how different are the methods to use kexec?
M.o.t.o.r.o.l.a.R.a.z.r - JBX-Kernel 0.5a - Tapatalk4
@tux_mind this'll sound really stupid but how do actually patch our kernels for this? Do I have to build kexec from here or something?
dtrail1 said:
how different are the methods to use kexec?
Click to expand...
Click to collapse
kexec it's a syscall, so it's the same on every arm device.
HTCDreamOn said:
@tux_mind this'll sound really stupid but how do actually patch our kernels for this? Do I have to build kexec from here or something?
Click to expand...
Click to collapse
there is a good explaination here:
http://forum.xda-developers.com/showthread.php?t=2104706
look at the "Compatibility patch".
for my tf201 the guest patch is this: http://git.lilstevie.geek.nz/?p=ubu...ch;h=54c2e480682afb0629f3854dfea4154f528421e5
which is almost the same...
i hope that almost all kernels have the same host/guest patch, in order to save us a lot of work.
the patch isn't need for kexec, but for hardboot kexec, thus to physically shutdown and restart the device with your kernel, from 0.
the standard kexec it's a assembly jump to 0 ( jmp 0x0 ) with the new kernel loaded in the .text section.
but the standard method don't reinitialize the devices and many other things that could rest in a undefined state.
btw, i have almost done my work.....i'm fighting the android udev which is overwriting my symlinks..
see you!
i got it!
my initial target was to remove devices created by ueventd and replace them with symlink to loop devices.
but android respawn ueventd and replaces my symlinks...
i tried to start the android ueventd, leave it running, and replace the /sbin/ueventd with a infinite sleep static program
but android dont' start at all..i can't even access via adb.
so, the "final" solution is to edit the /fstab.$hardware, which should be in any andoird boot image ( right ? ).
please feel free to suggest any other way to hack the mount process.
you can find the sources here: https://github.com/tux-mind/tf201-dev/tree/master/android_chooser
the program read the paths from kernel cmdline.
the syntax is that:
Code:
newandroid=blkdev:initrd_path:fstab_path
where
blkdev is the linux name of the blockdevice containing the next args ( e.g. /dev/mmcblk0p8 )
initrd_path is the path on the previous blockdevice of the android initrd ( gzipped or not )
fstab_path is the path on the previous blockdevice of the fstab file
the fstab file have this syntax:
Code:
/android/mountpoint /path/to/image/file
where
/android/mountpoint is the android mountpoint to overwrite ( e.g. /system )
/path/to/image/file is the path to the filesystem image file ( on blkdev ) ( e.g. /boot/unrooted.img )
i don't make any documentation until i will be sure that there is no better way to do this.
thanks in advance for your testing
ah, some other useful info.
because we are in testing the program write a log file with some debug info in the root of your blkdev.
so you will find /android_chooser.log on your blkdev with these info in case of errors.
tux_mind
Please
dtrail1 said:
Really great idea! As it support other devices I can throw in my kernel which is a kexec one for the Motorola RAZR, because of our locked bootloader. The question is: how different are the methods to use kexec?
M.o.t.o.r.o.l.a.R.a.z.r - JBX-Kernel 0.5a - Tapatalk4
Click to expand...
Click to collapse
Dtrail could you explain me kexec and its components required for loading new kernel because my device(electrify 2) is similar to droid razr. Using bmm kexec is boot able because I had checked by flashing droid razr's kernel which gave a boot loop.
I would be pleased and thankful to you if you help me.