[GUIDE] A Comprehensive Guide to Create Prerooted Odin Flashable Packages - Android General

GUIDE TO CREATE ODIN FLASHABLE
PREROOTED (and/or) PRETHEMED FIRMWARES
Guide by hnkotnis​
Featured On Portal! Thanks EAGLEEYETOM Sir.
http://www.xda-developers.com/android/make-your-own-pre-rooted-odin-flashable-firmware-with-ease/
Click to expand...
Click to collapse
Hello Everyone!
All of us, who own a Samsung device, need Odin Flash to go back to stock firmware.
This is done for various reasons like you want to flash a new ROM, so going to use stock ROM to serve as a base
or simply love stock ROM because of its stability.
However there is a catch. As soon as you flash the firmware, you lose root access.
Then starts the process (oftenly boring as you do it many times) and not to mention wear and tear of hardware buttons in recovery.
But this is easily solved by converting the firmwares into prerooted ones. You can put Superuser/SuperSU (and/or) busybox.
I assume you use 3 file flashing. PDA, PHONE (that is MODEM) and CSC.
hnkotnis said:
For my Samsung Galaxy y, I split firmware using SplitFUS2, because Galaxy y does not support single file flashing. It requires PDA, PHONE,CSC
But if your phone supports 1 file flashing, then rename xxxx_xxxx_HOME.tar.md5 to xxxx_xxxx_HOME.tar (I assume you know how to CHANGE FILE EXTENSION BY RENAMING)
Then extract it by WinRAR/7zip anything. You will get boot.img, system.img etc. Then at last step you make tar of these extracted files.
Click to expand...
Click to collapse
Now coming to the point, there are 3 cases.
1) Firmwares which are in rfs and converted with simg2img
2) Latest firmwares which are based on ext4 (These files when extracted they are named as system.img.ext4 etc.)
3) Firmwares which show "bad magic" with simg2img (like galaxy y firmwares)
INDEX:-
1) rfs firmwares compatible with simg2img (First Post)
2) New ext4 firmwares (These files when extracted they are named as system.img.ext4 etc.) (Second Post)
3) rfs firmwares not compatible with simg2img (Third Post)​
Click to expand...
Click to collapse
Prerequisites:-
1) Linux Environment (virtualbox can work) (I use Ubuntu 12.04 VBOX) (for case 3 cygwin will work)
2) Ability to transfer files from Virtualbox to Host (Refer here)
3) ext4_utils from here (They are required only for first 2 cases) (Put them in working folder)
4) Usable brain (must be dual core) Download Link:- Error 404: File encrypted to keep trolls away
Click to expand...
Click to collapse
CASE 1:- rfs format with simg2img support​Credits to dr.ketan
1) Download 3 file firmware from XDA Forum of your device. (skip steps 2 & 3 if you have done this)
2) Download firmware from Sammobile It will be named as xxxx_xxxx_HOME.tar.md5
3) Split it if required into PDA, PHONE & CSC. (We need only PDA file, take it to Linux PC/VBOX)
But if your phone firmware doesn't have PDA, CSC etc flashing, then rename xxxx_xxxx_HOME.tar.md5 to xxxx_xxxx_HOME.tar (I assume you know how to CHANGE FILE EXTENSION BY RENAMING)
Then extract it by WinRAR/7zip anything. You will get boot.img, system.img etc. Then at last step you make tar of these extracted files.
4) Extract it
Code:
tar xvf {your PDA file name here}.tar.md5
5) Convert it to ext4 to make it mountable.
Code:
./simg2img system.img newsys.img
Then delete old system.img
6) Create temp folder and mount it.
Code:
mkdir temp
mount -o loop newsys.img temp
7) Add root app (I am adding Superuser.apk), su binary and busybox.
Code:
cp su temp/xbin/su
chmod 06755 temp/xbin/su
cp Superuser.apk temp/app/Superuser.apk
chmod 0644 temp/app/Superuser.apk
cp busybox temp/xbin/busybox
chmod 04755 temp/xbin/busybox
8) Convert newsys.img to samsung system.img format.
Code:
./mkuserimg.sh -s temp system.img ext4 tempdir 2048M
[COLOR=green]# 2048M is the size of system.img[/COLOR]
9) Unmount and delete temp folder.
Code:
umount temp
rmdir temp
10) Create tar file and add md5 checksum
Code:
tar cvf prerooted.tar boot.img cache.img hidden.img modem.bin recovery.img sboot.bin system.img tz.img
#[COLOR="Green"][I]Please add files which you get in step 4[/I][/COLOR]
md5sum -t prerooted.tar >> prerooted.tar
mv prerooted.tar prerooted.tar.md5
11) Now flash this output file from Odin.
Click to expand...
Click to collapse
Press Thanks if helped.

New ext4 Firmwares
CASE 2:- New ext4 Firmwares​
1) Download 3 file firmware from XDA Forum of your device. (skip steps 2 & 3 if you have done this)
2) Download firmware from Sammobile It will be named as xxxx_xxxx_HOME.tar.md5
3) Split it if required into PDA, PHONE & CSC. (We need only PDA file, take it to Linux PC/VBOX) (I renamed PDA file to stock.tar.md5)
But if your phone firmware doesn't have PDA, CSC etc flashing, then rename xxxx_xxxx_HOME.tar.md5 to xxxx_xxxx_HOME.tar (I assume you know how to CHANGE FILE EXTENSION BY RENAMING)
Then extract it by WinRAR/7zip anything. You will get boot.img, system.img etc. Then at last step you make tar of these extracted files.
YOU NEED ROOT ACCESS IN LINUX TERMINAL.
4) Extract it to working folder.
Code:
tar xvf {your PDA file name here}.tar.md5
5) Create temp folder and mount it.
Code:
mkdir temp
sudo mount -o loop system.img.ext4 temp
6) Add root app (I am adding Superuser.apk), su binary and busybox.
Code:
cp su temp/xbin/su
chmod 06755 temp/xbin/su
cp Superuser.apk temp/app/Superuser.apk
chmod 0644 temp/app/Superuser.apk
cp busybox temp/xbin/busybox
chmod 04755 temp/xbin/busybox
8) Convert newsys.img to samsung system.img format.
Code:
./mkuserimg.sh -s temp system.img ext4 tempdir 2048M
9) Unmount and delete temp folder.
Code:
umount temp
rmdir temp
10) Create tar file and add md5 checksum
Code:
tar -H ustar -c aboot.mbn boot.img cache.img.ext4 hidden.img.ext4 modem.bin NON-HLOS.bin recovery.img rpm.mbn sbl2.mbn sbl3.mbn system.img.ext4 tz.mbn > prerooted.tar
#[COLOR="Green"][I]Please add files which you get in step 4[/I][/COLOR]
md5sum -t prerooted.tar >> prerooted.tar
mv prerooted.tar prerooted.tar.md5
11) Now flash this output file from Odin.
Click to expand...
Click to collapse
Press Thanks if helped.

rfs Firmwares incompatible with simg2img
CASE 3:- rfs Firmwares incompatible with simg2img
(Works with above type phones also)​
1) Download 3 file firmware from XDA Forum of your device. (skip steps 2 & 3 if you have done this).
2) Download firmware from Sammobile It will be named as xxxx_xxxx_HOME.tar.md5
3) Split it if required into PDA, PHONE & CSC. (We need only PDA file, take it to Linux PC/VBOX) (I renamed PDA file to stock.tar.md5)
But if your phone firmware doesn't have PDA, CSC etc flashing, then rename xxxx_xxxx_HOME.tar.md5 to xxxx_xxxx_HOME.tar (I assume you know how to CHANGE FILE EXTENSION BY RENAMING)
Then extract it by WinRAR/7zip anything. You will get boot.img, system.img etc. Then at last step you make tar of these extracted files.
YOU NEED ROOT ACCESS IN LINUX TERMINAL.
4) Extract it
Code:
tar xvf {your PDA file name here}.tar.md5
5) Flash your phone with stock firmware, root it, install busybox (You can also deodex and/or theme it).
Know mount point of /system partition of your phone.
In my Galaxy y it is stl9. So replace red coloured letters with your moint point.
6) Go to terminal emulator on phone and type
Code:
su
dd if=/dev/block/[COLOR="red"]stl9[/COLOR] of=/sdcard/system.img bs=4096
7) Pull this file to your computer (Use any method, adb or mount card)
8) Put this file in your working folder.
9) In Linux/Cygwin Terminal, type
Code:
tar cvf prerooted.tar [COLOR="Green"]LIST OF EXTRACTED FILES AND SYSTEM.IMG[/COLOR] system.img
#[COLOR="Green"][I]Please add files which you get in step 4[/I][/COLOR]
md5sum -t prerooted.tar >> prerooted.tar
mv prerooted.tar prerooted.tar.md5
11) Now flash this output file from Odin.
Click to expand...
Click to collapse
Press Thanks if helped.

I got my thinking cap on, and am ready to learn,

It sounds feasible for me.
I will install vbox and ubuntu in it... how exciting... I might be able to make my own prerooted stock-app.
Great work!

Would this work on the galaxy s4 with lock boot loader?

How can i split the xxxx_xxxx_HOME.tar.md5 to pda and modem and csc?

hi.. how about the firmware that doesnt contain PDA, PHONE & CSC parts..? some firmware that contains *.img files inside it.. hope you can make guide for this one..
thanks for your work.. great to see this on XDA Portal..

Johrans said:
How can i split the xxxx_xxxx_HOME.tar.md5 to pda and modem and csc?
Click to expand...
Click to collapse
It depends on your phone.
For my Samsung Galaxy y, I split firmware using SplitFUS2, because Galaxy y does not support single file flashing. It requires PDA, PHONE,CSC
But if your phone supports 1 file flashing, then rename xxxx_xxxx_HOME.tar.md5 to xxxx_xxxx_HOME.tar (I assume you know how to CHANGE FILE EXTENSION BY RENAMING)
Then extract it by WinRAR/7zip anything. You will get boot.img, system.img etc. Then at last step you make tar of these extracted files.

hotdroid said:
hi.. how about the firmware that doesnt contain PDA, PHONE & CSC parts..? some firmware that contains *.img files inside it.. hope you can make guide for this one..
thanks for your work.. great to see this on XDA Portal..
Click to expand...
Click to collapse
Please read my comment above this post. It is for the case you are saying.
Also I updated OP with this information. (I know searching OP is hard, OP is very long )

On Case 2, I am trying to mount the system.img. typing "sudo mount -o loop system.img.ext4 temp" only results in "you must specify the filesystem type".
Yeah, nevermind. The mkuserimg.sh has issues, needs work. Line 58 needs to be edited from "MAKE_EXT4FS" to "make_ext4fs" otherwise, it will return command not found. It also never actually builds the resulting image. No system.img.ext4 is ever found anywhere after running the script. Just still left with the original that you started with, with no changes. In addition, some image files with the ext4 extension ARE NOT IN EXT4 FORMAT. You still must rename to remove the ext4 extension, and sim2img in order to mount. Still, all pointless since the mkuserimg.sh is partially fragged. If you attempt to run "Case 2" one some system.img.ext4 images, you will fail. "Sudo mount -o loop system.img.ext4 temp" will result in no more than "you must specify the filesystem type"
Sent from my Nexus 7 using XDA Premium 4 mobile app

hello frnds..
i have a galaxy star pro device
and i am trying to pre root my stock firmware using 1st case
all steps goes well but at the step of repack the system.img file i get following error
[email protected]:/home/akshay/Documents/ext4_utils# ./mkuserimg.sh -s temp system.img ext4 temp 1027M
+ echo 'in mkuserimg.sh PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/usr/games'
in mkuserimg.sh PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/usr/games
+ ENABLE_SPARSE_IMAGE=
+ '[' -s = -s ']'
+ ENABLE_SPARSE_IMAGE=-s
+ shift
+ '[' 5 -ne 5 -a 5 -ne 6 ']'
+ SRC_DIR=temp
+ '[' '!' -d temp ']'
+ OUTPUT_FILE=system.img
+ EXT_VARIANT=ext4
+ MOUNT_POINT=temp
+ SIZE=1027M
+ FC=
+ case $EXT_VARIANT in
+ '[' -z temp ']'
+ '[' -z 1027M ']'
+ '[' -n '' ']'
+ MAKE_EXT4FS_CMD='make_ext4fs -s -l 1027M -a temp system.img temp'
+ echo make_ext4fs -s -l 1027M -a temp system.img temp
make_ext4fs -s -l 1027M -a temp system.img temp
+ make_ext4fs -s -l 1027M -a temp system.img temp
./mkuserimg.sh: line 58: make_ext4fs: command not found
+ '[' 127 -ne 0 ']'
+ exit 4
[email protected]:/home/akshay/Documents/ext4_utils#
and if i change the mkuserimg.sh file as per the rebel1699 from MAKE_EXT4FS TO make_ext4fs
then i get the following output-
[email protected]:/home/akshay/Documents/ext4_utils# ./mkuserimg.sh -s temp system.img ext4 temp 1027M
+ echo 'in mkuserimg.sh PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/usr/games'
in mkuserimg.sh PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/usr/games
+ ENABLE_SPARSE_IMAGE=
+ '[' -s = -s ']'
+ ENABLE_SPARSE_IMAGE=-s
+ shift
+ '[' 5 -ne 5 -a 5 -ne 6 ']'
+ SRC_DIR=temp
+ '[' '!' -d temp ']'
+ OUTPUT_FILE=system.img
+ EXT_VARIANT=ext4
+ MOUNT_POINT=temp
+ SIZE=1027M
+ FC=
+ case $EXT_VARIANT in
+ '[' -z temp ']'
+ '[' -z 1027M ']'
+ '[' -n '' ']'
+ MAKE_EXT4FS_CMD='make_ext4fs -s -l 1027M -a temp system.img temp'
+ echo make_ext4fs -s -l 1027M -a temp system.img temp
make_ext4fs -s -l 1027M -a temp system.img temp
+ '[' 0 -ne 0 ']'
[email protected]:/home/akshay/Documents/ext4_utils#
no system.img file is created
so how to resolve this problem???

akkishayk said:
hello frnds..
i have a galaxy star pro device
and i am trying to pre root my stock firmware using 1st case
all steps goes well but at the step of repack the system.img file i get following error
[email protected]:/home/akshay/Documents/ext4_utils# ./mkuserimg.sh -s temp system.img ext4 temp 1027M
+ echo 'in mkuserimg.sh PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/usr/games'
in mkuserimg.sh PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/usr/games
+ ENABLE_SPARSE_IMAGE=
+ '[' -s = -s ']'
+ ENABLE_SPARSE_IMAGE=-s
+ shift
+ '[' 5 -ne 5 -a 5 -ne 6 ']'
+ SRC_DIR=temp
+ '[' '!' -d temp ']'
+ OUTPUT_FILE=system.img
+ EXT_VARIANT=ext4
+ MOUNT_POINT=temp
+ SIZE=1027M
+ FC=
+ case $EXT_VARIANT in
+ '[' -z temp ']'
+ '[' -z 1027M ']'
+ '[' -n '' ']'
+ MAKE_EXT4FS_CMD='make_ext4fs -s -l 1027M -a temp system.img temp'
+ echo make_ext4fs -s -l 1027M -a temp system.img temp
make_ext4fs -s -l 1027M -a temp system.img temp
+ make_ext4fs -s -l 1027M -a temp system.img temp
./mkuserimg.sh: line 58: make_ext4fs: command not found
+ '[' 127 -ne 0 ']'
+ exit 4
[email protected]:/home/akshay/Documents/ext4_utils#
and if i change the mkuserimg.sh file as per the rebel1699 from MAKE_EXT4FS TO make_ext4fs
then i get the following output-
[email protected]:/home/akshay/Documents/ext4_utils# ./mkuserimg.sh -s temp system.img ext4 temp 1027M
+ echo 'in mkuserimg.sh PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/usr/games'
in mkuserimg.sh PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/usr/games
+ ENABLE_SPARSE_IMAGE=
+ '[' -s = -s ']'
+ ENABLE_SPARSE_IMAGE=-s
+ shift
+ '[' 5 -ne 5 -a 5 -ne 6 ']'
+ SRC_DIR=temp
+ '[' '!' -d temp ']'
+ OUTPUT_FILE=system.img
+ EXT_VARIANT=ext4
+ MOUNT_POINT=temp
+ SIZE=1027M
+ FC=
+ case $EXT_VARIANT in
+ '[' -z temp ']'
+ '[' -z 1027M ']'
+ '[' -n '' ']'
+ MAKE_EXT4FS_CMD='make_ext4fs -s -l 1027M -a temp system.img temp'
+ echo make_ext4fs -s -l 1027M -a temp system.img temp
make_ext4fs -s -l 1027M -a temp system.img temp
+ '[' 0 -ne 0 ']'
[email protected]:/home/akshay/Documents/ext4_utils#
no system.img file is created
so how to resolve this problem???
Click to expand...
Click to collapse
Use method 3. It is compatible with all Samsung phones.

Helped much

@hnkotnis the numbering is wrong in the part where prerequesits are there Usable brain

androvista said:
@hnkotnis the numbering is wrong in the part where prerequesits are there Usable brain
Click to expand...
Click to collapse
:silly: Corrected it.

hnkotnis said:
​
Press Thanks if helped.
Click to expand...
Click to collapse
i suggesting you to make a video guide as possible as you can do !!!
watching videos clears idea more than text files !!
would you like to make receipe by wwatching youtube or buy book and do it as shown in book ??????????
---------- Post added at 12:37 PM ---------- Previous post was at 12:36 PM ----------
hnkotnis said:
GUIDE TO CREATE ODIN FLASHABLE
PREROOTED (and/or) PRETHEMED FIRMWARES
Guide by hnkotnis​
Hello Everyone!
All of us, who own a Samsung device, need Odin Flash to go back to stock firmware.
This is done for various reasons like you want to flash a new ROM, so going to use stock ROM to serve as a base
or simply love stock ROM because of its stability.
However there is a catch. As soon as you flash the firmware, you lose root access.
Then starts the process (oftenly boring as you do it many times) and not to mention wear and tear of hardware buttons in recovery.
But this is easily solved by converting the firmwares into prerooted ones. You can put Superuser/SuperSU (and/or) busybox.
I assume you use 3 file flashing. PDA, PHONE (that is MODEM) and CSC.
Now coming to the point, there are 3 cases.
1) Firmwares which are in rfs and converted with simg2img
2) Latest firmwares which are based on ext4 (These files when extracted they are named as system.img.ext4 etc.)
3) Firmwares which show "bad magic" with simg2img (like galaxy y firmwares)
​
Press Thanks if helped.
Click to expand...
Click to collapse
i suggesting you to make a video guide as possible as you can do !!!
watching videos clears idea more than text files !!
would you like to make receipe by wwatching youtube or buy book and do it as shown in book ??????????

manojkumar8552 said:
i suggesting you to make a video guide as possible as you can do !!!
watching videos clears idea more than text files !!
would you like to make receipe by wwatching youtube or buy book and do it as shown in book ??????????
---------- Post added at 12:37 PM ---------- Previous post was at 12:36 PM ----------
i suggesting you to make a video guide as possible as you can do !!!
watching videos clears idea more than text files !!
would you like to make receipe by wwatching youtube or buy book and do it as shown in book ??????????
Click to expand...
Click to collapse
Why you are posting same thing double?
And no, I cannot make and upload video. It will take lot of time to upload. I have really bad internet.
Sent from my GT-I9001 Gadget of Mass Destruction with CM11 using XDA Developers App.

tar cvf prerooted.tar boot.img cache.img hidden.img modem.bin recovery.img sboot.bin system.img tz.img
Click to expand...
Click to collapse
Hi OP,
Can you please provide the block partitions of the imgs? Would like to dump them from my phone :good:

Note 2 KitKat
I assume that this will not work an Note 2 Android 4.4.2, right?
Only changes in system.img won't pre-root any more afaik....

Related

[ARM][x86_64]ElfTool - Pack and unpack boot image for sony mobile devices

ElfTool​
This tool will help you to pack and unpack boot image for sony mobile devices.
Usage :
For unpacking
Code:
elftool unpack -i input-path -o output-path
For packing
If you have header file containing address of kernel, ramdisk etc..
Code:
elftool pack -o output-path header=path/to/header kernel-path ramdisk-path,ramdisk ipl-path,ipl rpm-path,rpm [email protected]
Else
Code:
elftool pack -o output-path [email protected] [email protected],ramdisk [email protected],ipl [email protected],rpm [email protected]
The tool was created for injecting twrp recovery ramdisk to fxp cm10 boot images to prevent overwriting of cwm ramdisk over twrp ramdisk. I hope this tool will be useful for other developers also.
Here is how I used it for injecting twrp to fxp cm10 boot images.
During start of twrp run backup.sh. This will extract twrp ramdisk from the boot partition and store it in /cache/backup
Code:
mount /cache
cd /cache
mkdir backup
cd backup
dump_image /dev/block/mmcblk0p3 /cache/backup/oldboot.img
mkdir oldboot
elftool unpack -i /cache/backup/oldboot.img -o /cache/backup/oldboot
cd oldboot
mkdir uramdisk
cd uramdisk
gzip -dc ../ramdisk | cpio -i
mv sbin/ramdisk-recovery.cpio /cache/backup/ramdisk-recovery.cpio
cd /cache/backup
rm -irf oldboot
rm oldboot.img
When a new zip file is installed inject.sh is run. This will extract the newly installed boot image and inject the twrp ramdisk into it and then flash the newly created bootimage.
Code:
#!/sbin/sh
mount /cache
dump_image /dev/block/mmcblk0p3 /cache/newboot.img
mkdir /cache/newboot
elftool unpack -i /cache/newboot.img -o /cache/newboot
rm cache/newboot.img
cd /cache/newboot
mkdir uramdisk
cd uramdisk
gzip -dc ../ramdisk | cpio -i
rm ../ramdisk
if [ -e "/cache/backup/ramdisk-recovery.cpio" ];then
cp /cache/backup/ramdisk-recovery.cpio sbin/ramdisk-recovery.cpio
cd ..
mkbootfs uramdisk > ramdisk.cpio
cat ramdisk.cpio | gzip > ramdisk
rm -irf uramdisk
rm ramdisk.cpio
elftool pack -o /cache/injectboot.img [email protected] [email protected],ramdisk [email protected]
cd /cache
rm -irf newboot
if [ -e "/cache/injectboot.img" ];then
erase_image /dev/block/mmcblk0p3
flash_image /dev/block/mmcblk0p3 /cache/injectboot.img
rm /cache/injectboot.img
fi
fi
Both arm and x86_64 versions are available.
Thanks to sony for providing boot image format in packelf.py
Source code can be found here
yeah
thanks bro
srl3gx said:
ElfTool​
This tool will help you to pack and unpack boot image for sony mobile devices.
Click to expand...
Click to collapse
Thanks for this tool. It helped me edit a kernel.
Btw, I've used the source to compile x86 version. I've attached it here.
I'm trying to use it on my ubuntu but it doesn't work. I get error: elftool: command not found
I want to unpack CM10 boot.img
Great. Will try it as soon as possible Thanks

[Q] Need help modifying boot blob

Could someone point me to some instructions on how to unpack, modify, and repack a boot.blob out of a kernel?
I'm trying to update bryce's kernel to use Data2SD mod, and I'm following the instructions from here:
http://forum.xda-developers.com/showpost.php?p=29532041&postcount=15
However, I tried unpacking and repacking without even modifying anything and I just get bootlooped.
Read this: http://forum.xda-developers.com/showpost.php?p=36925180&postcount=4
Do you want to use the Data2SD mod with CM or with CROMI? For CROMI I posted a kernel with auto-detection of Data2SD in bryce's thread - only for CM you'd have to do it yourself.
Thanks for the help. I actually just figured out a different way right before seeing your reply. I use blobpack and blobunpack from BlobTools git, and abootimg installed from Ubuntu repository. This script has the extracted bryce kernel zip in a directory called result, so I overwrite his boot.blob with my new one.
Code:
#!/bin/bash
#Clean:
rm out boot.img new_boot.img boot2.blob linux_processed.zip -r
mkdir -p out
echo;echo "**** Unpacking boot.blob to boot.img";echo
cp result/boot.blob .
../linux/blobunpack boot.blob
mv boot.blob.LNX boot.img
cd out
# now in out
echo;echo "**** Unpacking boot.img";echo
abootimg -x ../boot.img
#zcat initramfs|cpio -tiv
echo;echo "**** Extracting initrd.img";echo
mkdir -p initramfs
cp initrd.img initramfs/initramfs.gz
mv initrd.img old_initrd.img
cd initramfs
# now in old/initramfs
gzip -d initramfs.gz
cpio -i < initramfs
echo;echo "**** Modifying boot information";echo
perl -pi -e 's/mmcblk0p2/mmcblk1p3/g' *
perl -pi -e 's/mmcblk0p8/mmcblk1p2/g' *
echo;echo "**** Recompressing initrd.img";echo
find | cpio -H newc -o | lzma -9 > ../initrd.img
cd ..
# now in out
echo;echo "**** Creating new_boot.img";echo
abootimg --create ../new_boot.img -f bootimg.cfg -k zImage -r initrd.img
cd ..
#now out of out
echo;echo "**** Pack boot2.blob";echo
../linux/blobpack boot2.blob LNX new_boot.img
cp boot2.blob result/boot.blob
cd result
echo;echo "**** Zip it all up";echo
zip ../linux_processed.zip * -r
cd ..
I am trying to get bryce's CM10.1 kernel working with Data2SD. I thought all I needed to do was change the mount commands in fstab.cardhu so that data (and I'm trying to do cache too) moved to external partitions.
Those perl pie commands in the middle were supposed to change internal data partition and internal cache partition into the external SD card partition 2 and 3, respectively. As far as I can tell, the changes were made correctly and the blob and zip were re-created, but it didn't work when I booted with the new blob.
Any ideas why it doesn't seem to have worked? Are there other changes I'm missing?
Edit:
Looks like my boot.blob is not being applied. I've tried both flashing the zip and dd'ing it to mmcblk0p4, but in both cases, I do not get the bootloader update screen on reboot, it just boots straight into my old settings. What am I missing?
Edit again:
Oops, I had stopped adding the signature on the blobs for some reason, looks like I'm off a few steps, because now I get bootloops again.
AW: [Q] Need help modifying boot blob
oblib__ said:
Thanks for the help. I actually just figured out a different way right before seeing your reply. I use blobpack and blobunpack from BlobTools git, and abootimg installed from Ubuntu repository. This script has the extracted bryce kernel zip in a directory called result, so I overwrite his boot.blob with my new one.
Code:
#!/bin/bash
#Clean:
rm out boot.img new_boot.img boot2.blob linux_processed.zip -r
mkdir -p out
echo;echo "**** Unpacking boot.blob to boot.img";echo
cp result/boot.blob .
../linux/blobunpack boot.blob
mv boot.blob.LNX boot.img
cd out
# now in out
echo;echo "**** Unpacking boot.img";echo
abootimg -x ../boot.img
#zcat initramfs|cpio -tiv
echo;echo "**** Extracting initrd.img";echo
mkdir -p initramfs
cp initrd.img initramfs/initramfs.gz
mv initrd.img old_initrd.img
cd initramfs
# now in old/initramfs
gzip -d initramfs.gz
cpio -i < initramfs
echo;echo "**** Modifying boot information";echo
perl -pi -e 's/mmcblk0p2/mmcblk1p3/g' *
perl -pi -e 's/mmcblk0p8/mmcblk1p2/g' *
echo;echo "**** Recompressing initrd.img";echo
find | cpio -H newc -o | lzma -9 > ../initrd.img
cd ..
# now in out
echo;echo "**** Creating new_boot.img";echo
abootimg --create ../new_boot.img -f bootimg.cfg -k zImage -r initrd.img
cd ..
#now out of out
echo;echo "**** Pack boot2.blob";echo
../linux/blobpack boot2.blob LNX new_boot.img
cp boot2.blob result/boot.blob
cd result
echo;echo "**** Zip it all up";echo
zip ../linux_processed.zip * -r
cd ..
I am trying to get bryce's CM10.1 kernel working with Data2SD. I thought all I needed to do was change the mount commands in fstab.cardhu so that data (and I'm trying to do cache too) moved to external partitions.
Those perl pie commands in the middle were supposed to change internal data partition and internal cache partition into the external SD card partition 2 and 3, respectively. As far as I can tell, the changes were made correctly and the blob and zip were re-created, but it didn't work when I booted with the new blob.
Any ideas why it doesn't seem to have worked? Are there other changes I'm missing?
Edit:
Looks like my boot.blob is not being applied. I've tried both flashing the zip and dd'ing it to mmcblk0p4, but in both cases, I do not get the bootloader update screen on reboot, it just boots straight into my old settings. What am I missing?
Edit again:
Oops, I had stopped adding the signature on the blobs for some reason, looks like I'm off a few steps, because now I get bootloops again.
Click to expand...
Click to collapse
I had a hard time getting this done too. I couldn't find working blob tools at first. So I ended up using blob tools for windows. They also sign them directly. But I am also running Ubuntu in a vm
Sent from my Nexus 4 using xda premium

[SCRIPT] Make ODIN Flashable tars

Easy peasy. Download the script attached and run as follows to create an Odin flashable tar
Code:
$ odintar image_1 image_2 image_3 ... image_X package.tar
You can also run the script with no arguments to get the usage information.
The output will be a package.tar.md5 which will contain all the image_XXX files you specified, and will also be Odin flashable.
Flash at your own risk, but I have tested this and it works. Just helps to automate tar flashable making
Instructions for use:
Download and remove .txt extension
Move/Copy to somewhere in your path (~/bin, /usr/local/bin, [for cygwin move it to C:/path/to/cygwinDirectory/bin] anywhere in your PATH)
Run to make tars
Profit.
Contents of script file:
Code:
#!/bin/bash
if [ "[email protected]"="" ]
then
echo "Usage: $0 image_1 image_2 ... image_X package.tar"
exit 0
fi
O=${#@}
((NUM = ${#@} - 1))
tar -H ustar -c ${@:1:$NUM} > ${@:$O}
md5sum -t ${@:$O} >> ${@:$O}
mv ${@:$O} ${@:$O}.md5

SM-G361F - Pre-rooted rom development

Hello,
I'm not able to build (repackage) correctly system.img for SM-G361F, output is always rejected by both Odin (10.3.7) and Heimdall
I'm trying to repackage (pre-root) system.img taken from "G361FXXU1APA2_G361FOXX1APA1_G361FXXU1APA2_HOME.tar.md5" (taken from ETL factory image named ETL-G361FXXU1APA2-20160202095551.zip )
Step-by-step:
1) tar xvf G361FXXU1APA2_G361FOXX1APA1_G361FXXU1APA2_HOME.tar.md5 system.img
2) simg2img system.img system.img.raw
3) mount system.img.raw /mnt
4) made changes
5a) make_ext4fs -s -g 32768 -b 4096 -T -1 -S file_contexts -f -l 1843M system.repack.img /mnt/
5b) mkuserimg.sh -s /mnt system.repack.img ext4 system 1843M file_contexts
6) tar --owner 0 --group 0 --numeric-owner -H ustar -c system.img > G361F_SYSTEM.tar
7a) Load either system.img through Heimdall (PIT file downloaded through Heimdall is here: http://forum.xda-developers.com/showpost.php?p=65779994&postcount=146 )
7b) Load G361F_SYSTEM.tar in Odin v3.10.7 in AP tab and flash it
On ODIN/Download screen I can see that
1) FRP LOCK: OFF
2) KNOX: 0x0
3) System status: official
4) RP SWREV: S1, L1, M1
Notes
1) I have checked the box "OEM Unlock" in Developers settings to enabled
2) "file_contexts" is taken from booted up device through ADB (adb pull /file_contexts)
3) I've tried repackage the image without making any changes
4) When I compare original and repackaged images ("ls -lsaR" outputs), it seems like owner:group permissions are not persisted
5) I've tried both simg2img/make_ext4fs/mkuserimg.sh from CM12.1 repository (up to date today) and from https://github.com/ASdev/android_img_repack_tools (branch android-5.1.1)
6) I'm not sure about size 1843M, however flashing fails in the same manner when I go with 1536M and 2048M and anything between those two
7) Heimdall fails at about 6% of flashing single (sparse system.img) file with error "Failed to unpack received packet"
OSS Kernel for SM-G361F is here: https://github.com/smarek/G361F-Kernel
OSS Platform for SM-G361F is here: https://github.com/smarek/G361F-Platform
Questions are:
1) Is there anything special to be aware of when building for Samsung devices?
2) Did I miss or misunderstood any step in system.img repackaging process?

mitm on android emulator: a howto

Hello all,
I'd like to braindump how I managed to make android emulator v30 work with mitm, hope that helps someone.
Since it was not possible to neither write nor make writable the /system partition, I decided to roll my own system.img and that actually worked. I'm not going to upload a script because I might not remember 100%, but I'll going to descibe the steps in full, even though they exist elsewhere. The commands might not be exact, too, so if there's a typo you'll need to figure it out yourself.
Also, it will be a bit confusing because I shall refer to 2 files named system.img, one is the 2G file that comes with android, the other is 700M or something file that you will be creating in the process. I'll refer them as #1 and #2.
1. What is needed: android studio and emulator, linux, xattr, https://github.com/LonelyFool/lpunpack_and_lpmake , https://github.com/tytso/e2fsprogs, mitmproxy, parted. Build these github projects, you'll need their binaries in the process.
also, 'mkdir build' somewhere.
2. Find system.img (#1) in your android studio installation, then extract the system partition:
$ losetup -f system.img
$ losetup -a | grep system.img
/dev/loop5
$ partprobe /dev/loop5
$ ls /dev/loop5p*
/dev/loop5p1 /dev/loop5p2
$ lpunpack_and_lpmake/bin/lpunpack /dev/loop5p2 build
$ ls build
system.img system-ext.img product.img vendor.img
$ losetup -d /dev/loop5
3. Make system.img (#2) writable and usable. This is ext4 crunched with feature shared_blocks, which makes it not really writable even in theory, as it deduplicates identical blocks in the filesystem. You'll need to convert that to a normal ext4, but, there's not enough space to do that operation. So you'll need to expand the partition to accomodate for this. How much? Empirically, I added 30M to a 700M partition:
$ ls -l system.img
700000000 # for example
$ e2fsprogs/resize/resize2fs system.img 730M
$ ls -l system.img
730000000 # for example
$ e2fsprogs/e2fsck/e2fsck -f system.img
$ e2fsprogs/e2fsck/e2fsck -E unshared_blocks system.img
$ e2fsprogs/e2fsck/e2fsck -f system.img
4. Modify the now writable partiton to your heart's content (we're still with system.img #2 here). I needed to add just one file, mitmproxy-ca-cert.cer . According to the mitmproxy docs, the name must be the hash of the certificate:
$ losetup -f system.img
$ losetup -a | grep system.img
/dev/loop6
$ mount /dev/loop6 /mnt
$ hashed_name=`openssl x509 -inform PEM -subject_hash_old -in mitmproxy-ca-cert.cer | head -1
$ echo $hashed_name
c8750f0d
$ cp mitmproxy-ca-cert.cer /mnt/system/ext/security/cacerts/$hashed_name.0
$ cd /mnt/system/ext/security/cacerts/
$ chmod 644 $hashed_name.0
Now check if your android has extra attributes in these certificate files. Mine does:
$ xattr 00abcde.0 # some random certificate
security.selinux
$ xattr -p security.selinux 00abcde.0
ubject_r:system_security_cacerts_file:s0
if yes, you'll need it on this file too:
$ xattr -w security.selinux ubject_r:system_security_cacerts_file:s0 $hashed_name.0
and be done with the partition
$ umount /mnt
$ losetup -d /dev/loop6
5. Create new super-partition, the one we used as /dev/loop5p2. You'll need the file sizes of your .img partitions, and your command to create a super.img file will look like this:
$ cat repack
#!/bin/sh
P=/android/super/1
~/src/lpunpack_and_lpmake/bin/lpmake --metadata-size 65536 --super-name super --metadata-slots 2 --device super:2496462848 --group main:2647101440 \
--partition system:readonly:786432000:main --image system=$P/system.img \
--partition system_ext:readonly:131952640:main --image system_ext=$P/system_ext.img \
--partition product:readonly:1468575744:main --image product=$P/product.img \
--partition vendor:readonly:102739968:main --image vendor=$P/vendor.img \
--output $P/super2.img
the interesting numbers are the corresponding partition sizes (in --partition), and, if f ex you increased the system.img #2 to 30M in the step 3, the number in --device:super should be the size of /dev/loop5p2 in bytes plus at least these 30M (but also okay if a bit more).
6. Finally, create a new system.img #1 . Create a backup copy of it, and then append some 30M there, and fix the partition
$ dd if=/dev/zero of=system-new.img flags=append bs=1M size=30
$ losetup -f system-new.img
$ losetup -a | grep system-new.img
/dev/loop7
$ parted /dev/loop7
GNU Parted 3.3
Using /dev/loop7
Welcome to GNU Parted! Type 'help' to view a list of commands.
(parted) p
Model: Loopback device (loopback)
Disk /dev/loop7: 2444MB
Sector size (logical/physical): 512B/512B
Partition Table: gpt
Disk Flags:
Number Start End Size File system Name Flags
1 1049kB 2097kB 1049kB vbmeta
2 2097kB 2443MB 2441MB super
you will need to expand the partion 2 to the max (plus minus same 30M). If is fails fix the number and retry:
(parted) resizepart 2 24460MB
Error: The location 24460MB is outside of the device /dev/loop7.
and finally copy data back:
$ partprobe /dev/loop7
$ dd if=super.img of=/dev/loop7p2 bs=1M
$ losetup -d /dev/loop7
and that's it. After that, rename system-new.img to system.img, and hopefully the emulator could run this new image.
Also, to check that the certificate is there and recognized, go to the setting/certificates/trusted certificates, the mitmproxy one should be in the list.
Hopefully this will be helpful.
Cheers!
/dk

Categories

Resources