Quote:

Originally Posted by r2beta0

Second attempt failed. It may have nothing to do with format or system file. I'm really clueless :P Jut the M logo again. Maybe the /system protection checks for some date/time on some random file? Will reflash with RSD and 'touch' everything in /system to see if the damned thing still boots.

The odd thing is the logwrapper hack DOES get iniated and you are able to boot the defy's bootmenu, and if you enable the ADB Deamon, you ARE able to get a logcat output, I tried this yesterday.

This proves roms will boot for a little bit. I'm not sure about the formatting though. Known facts are this:

Working:
Stock rom > nandroid backup > nandroid restore
ApeX (uses some odd ways of flashing, like FS timeout, delete_recursive FOLLOWED by format)

Not working:
Stock rom > nandroid backup > pack as update.zip (using known methods) > flash update.zip
Flashing nandroid backups from update.zip's from other device's roms.

This means that our way of flashing is incorrect and Apex's is.

There is NO signature check going on, replacing (minor) files from Apex' update.zip will still flash okay. Replacing ApeX with a stock rom won't work though.

Which gives us the question again, what does ApeX have that we don't have?

To recap:
Nandroids will only flash from (lightly) modified system images
Update.zip's will only flash using apex's package with light modifications

Solutions:
Investigate the ApeX rom for clues
Boot custom roms from a partition other than /system.

I have had basic succes with this approach:
unmount /system
mkdir /data/rom/system
mkdir /data/rom/data
mkdir /system
unmount /data
mkdir /data
mount (data partition) /dataold
symlink /dataold/rom/system /system
symlink /dataold/rom/data /data
2nd-init booting with init scripts found in /data/rom/system/etc/rootfs, which is now /system/etc/rootfs

These commands are from the top of my head, I'm not at home and don't have the milestone with me. These commands should work, but I don't know where to put them. I have had an issue with unmounting /system, but I'm sure a fix would be possible. If there is no fix, we can mount the new /system (/data/rom/system) onto /system2 and change init.rc's scripts to run the rom from /system2, just like with the AOSP rom.

I hope anyone can follow this and can try. This method works on other devices, so should as well on ours. But then again, there were many other exploits that "should work" and left us with the need to re-sbf..

Also date and time doesn't seem to be an issue. The system boots perfectly even after I changed every single date and time on /system files with the following command:

find /system -exec touch '{}' \;

I'm going to download Apex ROM when I get home for clues. If someone can at least post the updater-script here it will help. The file is under the update.zip on this path: META-INF\com\google\android\updater-script

Quote:

Originally Posted by r2beta0

Also date and time doesn't seem to be an issue. The system boots perfectly even after I changed every single date and time on /system files with the following command:

find /system -exec touch '{}' \;

I'm going to download Apex ROM when I get home for clues. If someone can at least post the updater-script here it will help. The file is under the update.zip on this path: META-INF\com\google\android\updater-script

Hey, there's no link for Apex ROM 1.3.1/1.4.1 available, but I got them. I will upload both scripts for you, just let me turn my PC on.

Sent from my Milestone 2 XDA App

EDIT: Fabolous_ApeX_V1_4_1-D2 update-script and Fabolous_ApeX_V1_3_1-D2 update-script

If someone want the update.zip just ask

EDIT 2: Just Apex 1.3.1 is 404 =P

Can we use/test some scripts from here? http://www.droidforums.net/forum/get...s-use-d2g.html

Quote:

Originally Posted by will5

Can we use/test some scripts from here? http://www.droidforums.net/forum/get...s-use-d2g.html

Well, test it yourself, if it doesn't work try to change the files a little bit. Test it on Apex 1.3.1 first. --> exclusive link

Sent from my Milestone 2 XDA App

Thanks for the link

I´ll download some d2 roms, and check what files are changed by the "converter"

Check this out, a chinese M2 Rom applied by update.zip:

http://translate.googleusercontent.c...o36Re5Q1r8_kfg

Sent from my Milestone 2 XDA App

Interesting

I wonder if that milestone2bootstrap is any different from droid2bootstrap.

Quote:

Originally Posted by will5

Interesting

I wonder if that milestone2bootstrap is any different from droid2bootstrap.

The author use the latest bootstrap source code on google-code to compile , which version is 4.0.0.9 ( D2B is 2.5.0.8 ).

M2B works a little bit difference from D2B. Its recovery is "temporary“, which means EVERY TIME you want to boot into recovery , you should open M2B and select the 1st option ( install temporary recovery ) and then select 2nd option( boot into temporary recovery). So your phone should reboot into a temporary recovery after this.

I use M2B to restore backup just before. But it seems incompatible with the backup image created by D2B, which throws me the error " flash boot.img failed... ". Of course, it maybe just my own fault. You guys could test it yourself.

By the way, M2B provide the power off option, which it`s the most convenience I think XD.

Thanks.

So, chinese m2 custom roms should only work with m2b, and give error with d2b?

I´ll finish charging and start testing.