Remove All Ads from XDA
Find Your Device:
Or Continue to Thread: Bootloader cracked and next st…
12th January 2012, 01:29 AM |#10  
Junior Member
Thanks Meter: 151
Hi nemith,

That is a nice plan which aligned with my plan for modding u-boot to boot off the internal partitions .

I pushed some changes into my git repository on github which looks like #1 on your list. git://

So for example, to build a 2nd u-boot that will install to the internal flash partition "recovery" and try to load the next stage at offset 256K of the internal "recovery" partition one would do:

(cd to u-boot directory and switch to second-uboot branch first, then)
make nt2ndboot_irecovery
./tools/ -f -o irecovery.img u-boot.bin
dd if=/dev/zero of=irecovery.img bs=1 seek=262143 count=1 # pads to 256K size

Then, you can cat your irecovery.img and your real recovery.img together and blast them onto the recovery partition.

There is also a nt2ndboot_iboot config that will do the same, but is used on the "boot" partition.

I have only done minimal testing with the recovery partition 2nd uboot. I'm about to write a full image onto my recovery partition and see what happens


I flashed my recovery partition with irecovery.img + a random twrp2 image I had and it boots solely from internal flash! No more SD card needed, no more USB connection needed, just holding down power+N

Originally Posted by nemith

So now that we have found the leaking crack in the bootloader and proved it's usefulness fat-tire and others are going to start work on a couple of key projects that I could use a little help on.

This will also keep conspiracy theorists at bay who call me "extremely low IQ male rooster with social development issues" (Also I have no pies)

Here is how i see the next steps:

  1. Strip down uboot (or other bootloader) and teach it boot from it's own partition.

    For example install 2nduboot in /boot, hijacking the signature check and then setting a 1MB offset to look for the real, unsigned boot.img. Repeat for recovery.

    This is the real hold up and why there is nothing to "flash" as of yet. (still no pies)

  2. Finish CWM. 100% done.
    Completed. See recovery.img here:

  3. Work on CM9 for both SDcard and internal booting

    Started on this one as well. I can boot but haven't got adb working and no graphics (expected at this point)

So instead of insulting me. I am looking for some people to help work on these things. We are going to be doing this is private respostories and a private irc channel due to the stupid reward that is out there.

If you are wanting to work with me. The reward (if we get done by the 22nd) goes to Doctors Without Borders. This is where we should all be donating. No negotiating.

So PM me or come to #nook-tablet @ freenode

Last edited by bauwks; 12th January 2012 at 02:04 AM. Reason: results
The Following 33 Users Say Thank You to bauwks For This Useful Post: [ View ] Gift bauwks Ad-Free