[Dev]kexec

---

Okay, let's get the ball rollin on kexec!

I've taken most of the module from the milestone kexec project. I only did some slight tweaks to get it to compile right.

Attached is a kexec module, the source to said module, a patched kexec-tools, and the bin kexec from said patched kexec-tools.


I built this against one of the OC'd transformer kernels. I cheated a bit and changed the .4 to a .3 in Kconfig for the kernel. Other than that, it should be stock. The bottom of the first post here, http://forum.xda-developers.com/show....php?t=1095269 , has the source.

I've only tried booting transformer kernels, as I don't really know much about building kernels. I've gotten 3 responses from them, immediate hang (failing on the OC in them?), power down, and reboot(prolly kernel panic on host kernel).

I'm not 100% sure where to go from here.

kexec-mod.zip has the module and the source I used to compile it.
kexec-tools.zip has kexec tools. I didn't clean it before zipping, so it should have the bins still.

Also, I'm using backtrack to compile and run these, so kexec-tools may fail outside of it.

Edit: Please view THIS POST for the latest kexec-mod.

Nice.... I'm with you in the hopes that someone will pick up the ball and start runnin with this....

great step forward....tnx

yess! finally we are one big step closer

I'd really like to try booting the Iconia's kernel, just to see if kexec works right.

Has anyone managed to get inside the boot.img?

heres perl script to unpack the boot.img

Code:

#!/usr/bin/perl -W

use strict;
use bytes;
use File::Path;

die "did not specify boot img file\n" unless $ARGV[0];

my $bootimgfile = $ARGV[0];

my $slurpvar = $/;
undef $/;
open (BOOTIMGFILE, "$bootimgfile") or die "could not open boot img file: $bootimgfile\n";
my $bootimg = <BOOTIMGFILE>;
close BOOTIMGFILE;
$/ = $slurpvar;

# chop off the header
$bootimg = substr($bootimg,2048);

# we'll check how many ramdisks are embedded in this image
my $numfiles = 0;

# we look for the hex 00 00 00 00 1F 8B because we expect some trailing padding zeroes from the kernel or previous ramdisk, followed by 1F 8B (the gzip magic number)
while ($bootimg =~ m/\x00\x00\x00\x00\x1F\x8B/g) {
	$numfiles++;
}

if ($numfiles == 0) {
	die "Could not find any embedded ramdisk images. Are you sure this is a full boot image?\n";
} elsif ($numfiles > 1) {
	die "Found a secondary file after the ramdisk image.  According to the spec (mkbootimg.h) this file can exist, but this script is not designed to deal with this scenario.\n";
}

$bootimg =~ /(.*\x00\x00\x00\x00)(\x1F\x8B.*)/s;

my $kernel = $1;
my $ramdisk = $2;


open (KERNELFILE, ">$ARGV[0]-kernel.gz");
print KERNELFILE $kernel or die;
close KERNELFILE;

open (RAMDISKFILE, ">$ARGV[0]-ramdisk.cpio.gz");
print RAMDISKFILE $ramdisk or die;
close RAMDISKFILE;

print "\nkernel written to $ARGV[0]-kernel.gz\nramdisk written to $ARGV[0]-ramdisk.cpio.gz\n";
if (-e "$ARGV[0]-ramdisk") { 
	rmtree "$ARGV[0]-ramdisk";
	print "\nremoved old directory $ARGV[0]-ramdisk\n";
}

mkdir "$ARGV[0]-ramdisk" or die;
chdir "$ARGV[0]-ramdisk" or die;
system ("gunzip -c ../$ARGV[0]-ramdisk.cpio.gz | cpio -i");

print "\nextracted ramdisk contents to directory $ARGV[0]-ramdisk/\n";

Quote:

Originally Posted by /proc/last_kmsg

[ $336.932146] -------%----[ cut here ]------------
[ 36.932255]$WARNINGz at /home/amy_chiU/quuofuild/a500omdrr/androiD/{ernel/driv ers/base/core.c:10 deviae_releaqe+0x70/0x84()
[ 336.932419] Device %(null) does not have a releaseh) functikn, iu is broken a nd must be fiXed.
[ s36.932580] Modules linkEd in: iexec_,oaD bcm4329
[ $3s6.932927] [<c0356ec>] (unwind_backtrace+0x0/1xf0) from [<c0067fac>] (warN_s lowpath_commmn+1p4c/0x¶4)
[ 336.933094] [<c0067fac>] (warn_slowpath]com}on+0x4c/0x64) from [4c0068044>] ( warn_slovpauh_fmt+0x2c/0x1c9
[! 336.¹33262U [|c0068044>] (warn_slowp!th_fmt+0x2c/0x3c) from [<c0!f08âc>] (dev ice_rElease+0x70/0X84)
[ $33v.937434]$[,c01æ08bc>] (device_remease+0x70¯0x84) from [=c01a65dc>] (kobjeC t_reluase+px5c?x70)
[ 33.9s76°u] [<c01a65dc~] (kobject_release+0x5c/0x70) from [<k01a74d4.] (kref_p ut+0x44/0X74)
[ 336.933711] [<C01a54d4>] (kref_pud+0|64/0h74) from [<bf044490>] (device_shuTd own+0x28/0x8c`[kexec_loadU)
[ 336.933887] Y<cf044490>U (device_shuTdown+0x28/0x8c [kexec_loadU- from [<bf04 4458>]!(kernel_resta2t_prepare+1x44/0x54(Skexec_load])
[( 336.934085] [<bf04$48>] (kernel_restert_prepare+0x/0x54 [kexea_load]9 from [< bF043098>] (kernel_kexec+0x38/0x68 [kexec_load])
[ 336.934262] [<"f043098>] (kernel_kexec+0x38/0x68 [kexec_load]) from [<bf0443b 8>] (reboot+0x74/0xd0 [kexec_load])
[ 336.934438] [<bf0443b8>] (reboot+0x75/0xe0([kexec_load]) from [<c0032060>] (r et_fast_syscAll+0x0/0x30)
[ efd tsace 237c2b25b258a813 ]---
[ 336.938148] StaRting new Kurjel
[ 336.938356] Bye!

147 Corrected bytes, 167 unrecoverable blocks

Damn kurjels.


But, it seems to be trying to boot it. I've updated my kexec to actually use the files it should use(as in, a kernel source that was made in the last 3 years).

How do you repackage the kernel and the initfs in order to kexec it?

Quote:

Originally Posted by huxflux2003

How do you repackage the kernel and the initfs in order to kexec it?

Good question. That's what I was hoping I could get some help with. The kernel is still closed-source(illegally, I might add), so it's going to be difficult to get a new one built, and I can almost guarantee that it's outside of my knowledge.

If anyone can come up with anything for me to try booting, I'm all ears.

heres repack script...

DONT TRY TO FLASH IT BACK INTO THE BOOT PARTITION IT WILL BRICK

Code:

#!/usr/bin/perl -W

use strict;
use Cwd;


my $dir = getcwd;

my $usage = "repack-bootimg.pl <kernel> <ramdisk-directory> <outfile>\n";

die $usage unless $ARGV[0] && $ARGV[1] && $ARGV[2];

chdir $ARGV[1] or die "$ARGV[1] $!";

system ("find . | cpio -o -H newc | gzip > $dir/ramdisk-repack.cpio.gz");

chdir $dir or die "$ARGV[1] $!";;

system ("mkbootimg --cmdline 'no_console_suspend=1 console=null' --kernel $ARGV[0] --ramdisk ramdisk-repack.cpio.gz -o $ARGV[2]");

unlink("ramdisk-repack.cpio.gz") or die $!;

print "\nrepacked boot image written at $ARGV[1]-repack.img\n";