Attend XDA's Second Annual Developer Conference, XDA:DevCon 2014!
5,739,156 Members 46,801 Now Online
XDA Developers Android and Mobile Development Forum

Create your own I9000/S8500 (& all S5PC110 based devices) bootloader&ultimate unbrick

Tip us?
 
Rebellos
Old
(Last edited by Rebellos; 10th December 2012 at 12:49 AM.) Reason: Added entrypoints for bootloader stages
#1  
Senior Recognized Developer - OP
Thanks Meter 3421
Posts: 1,339
Join Date: May 2009
Location: Gdańsk

 
DONATE TO ME
Post Create your own I9000/S8500 (& all S5PC110 based devices) bootloader&ultimate unbrick

Preamble
I present you the results of hours of many people research.
Special thanks to:
AdamOutler
mijoma
TheBeano
midas5

Leave me a message if I forgot to mention someone.

I, nor anybody except you take no responsibility for the things you do to your PC, phone, family, neighbours, dog, cat or fish in the result of reading this and/or using any materials linked and included from here.


What is it?
Info how to bypass secure booting mechanism built in S5PC110 CPU's iROM on lowest level and create code loadable even with totally damaged bootloader, without use of JTAG.

Okay, how useful is it?
I've got no clue, it all depends on you.

Our main target, which is almost done, is ability to revive any hard-bricked hardware built on S5PC110 without use of JTAG (for eg. when JTAG pads had been damaged)

Some additional info and history
S5PC110 - the powerful CPU, heart and brain of many great handsets (like Samsung I9000, S8500, S8530, SGH-897, Google Nexus S, Odroid T, while last one is hard to be called HANDset, nvm) has got few booting levels before loading operating system:

-BL0/iROM, non-writable (not-brickable), written during CPU production process, execution starts here on every machine start, executed straight in iROM, using iRAM(iRAM is 96KB big, there is a spelling error in CPU manual), it does select booting source depending on xOM CPU pins (different types of flash memory/UART/USB), loads BL1 from it and validate its integrity using electronic sign attached to BL1 (iROM doesn't check BL1 integrity if CPU's SECKEY registers are null, there was some misunderstanding of these, but as far it appear that most or all S5PC110 units has got SECKEY not-null, and its always equal in Samsung's phones)
Execution begins from 0xD0000000

-BL1/IBL, writable (brickable), executed in iRAM, it does memory controllers setup, loads BL2 and, depending from info in BL1 electronic sign, it does or does not check BL2 integrity, BL1 is usually splitted to 2 stages, separated in iRAM by few KB of 0x00
Entrypoint of stage 1 = 0xD0020010 (while it should be loaded under 0xD0020000, as it does have 16 bytes of header)
Entrypoint of stage 2 during normal oneNAND boot = 0xD0020800 (this is already platform-dependant but doesn't seems to vary between mainboards)
Entrypoint of stage 2 during external usb/uart boot = 0xD0022010 (here we insert our custom code, sticked to the end of stage1, it must have dummy header)

-BL2/PBL, writable (brickable), executed in RAM (external DRAM or SRAM), it isn't in fact unneeded, God one knows why Samsung's developers decided to add one additional stage
Entrypoint = platform&version-dependant, it's usually 0x40204000 on I9000

-BL3/SBL, writable (brickable), executed in RAM, it does platform init, support LCD output, download mode and usually few additional functions, it does load OS image into RAM, prepare hardware to execute it and jumps into OS entrypoint
Entrypoint = platform&version-dependant, it's usually 0x40244000 on I9000

for more info about booting sequence and OM pins please reffer to section 02, chapter 6 of S5PC110_EVT1_UM.pdf in [6]

//editnote: This is my own interpretation of bootloaders levels splitting, it haven't been clearly stated in CPU user manual, but it can be also said that IBL is in one part, and PBL is splitted into 2 stages, one executed in iRAM and second executed in DRAM, that's the matter of thinking. Odroid developers seems to use terminology of the second possiblity.

//editnote2: Confirmed from SGS/Captivate boot.bin reversing - Samsung is dividing and calling bootloaders as I wrote in previous points (2nd stage of IBL, which could be aswell 1st stage of 2-stage PBL does contain "IBL" string) Uboot devs got different calling convention. Well... who cares.

After many (even more than many) research [1] we found out that there is no ther way to change iROM primarey booting source than changing OM pins setup, which are hardware soldered through pullup and pulldown resistors to give 5b'001001 (0x9) which means that primary booting source is OnenandMux(Audi) using X-TAL(USB) oscillator (to be honest I still don't hell get what does it means )
AdamOutler sacrificed Captivate mainboard to locate the pullup and pulldown resistors [2], and in result he modified board to have xOM5=1 instead of 0 which enables UART/USB as primary booting source. This booting method is normally tried only when IBL on oneNAND has been damaged, usually bricked is PBL or SBL, and iROM successfully completes its task, but phone hangs somewhere in the middle.

This enabled Adam to load various data through iROM download mode straight into iRAM. And here comes disappointment - all data we tried to load were validated by iROM code against SECKEY and rejected with "Secure Fail Error", BL1 code loaded by iROM must contain 512 bytes of e-sign, consist of 2 public rsa keys and few sha-1 hashes.

Here comes again days and night of deep code analyze, we found BL1_stage1 in Odroid T U-Boot [4] sourcecode signed by Samsung with stage2 security turned off.
That means any BL1_stage2 can be created and joined to BL1_stage1 in proper way, it will pass all integrity tests and be executed - bingo!

Base code
I've created kind of S5PC110 IBL dev kit. It's attached to the post. All you need to build it is FASMARM (downloadable from [5], its really everything except package in attachement) and you can compile any code basing on s5pc110_example.

There you will find Hello World but it does NOT produce this output to screen nor widely used UART hidden in Micro-Usb slot. It does produce output to UART2 channel, which is hidden in JTAG pads in SGS/Captivate mainboard and it has got special pads under battery in S8500/S8530. BUT if you really are determined to run it, by doing OM pulldown->pullup MOD, and feel like you must immediately see it working, it's about 20lines of ASM code which will blink SGS keypad LED and about 10, by calling iROM functions to get other UART port working.

If you want some reference, follow [3] and [7] (also in previous revisions), there you can find alot of FASMARM code written for S5PC110 (S8500/S8530 to be precise).

How to run it?
Here goes the problem, it is unable to run if you have no IBL brick or no OM5 modification (again, reffer to [2]), there you will also find more instructions. It is also able to run by JTAG. Theoretically produced code should be possible to flash and then run as normal IBL, but that's not really good thing to try without JTAG/OM5 mod to resurrect it.

Postamble
If you want to write something bigger, I'd recommend switching from FASMARM to Codesourcery ARM Crosscompiling environment - everything for S5PC110 is already in Odroid's U-Boot and many Android kernel sources (I9000 for example), ready to compile under Codesourcery. I used FASMARM because it's tiny and simple to create small ASM codes, but doesn't support many functions which are speeding up creating larger code.

We will soon release ultimate unbricking method for SGS/Captivate/Wave without use of JTAG, altough this will require high soldering skills or maybe steady hand, while that second is untested and may burn out something onboard, I'm about to test it in few days on my bricked S8530.

Further reading
[1] Where it all has began - Lets save some bricks
[2] First practical results - The Captivate Development Platform
[3] First S8500/S8530 BL3 hacking - FOTA development thread
[4] What has been used here, and what can be easily ported to any S5PC110 device - Odroid's U-Boot
[5] FASMARM homepage
[6] Samsung Galaxy S (and many similiar devices) Hack Pack by Adam Outler
[7] Badadroid FOTA source tree
[8] Walking in Memphis


Note: I wasn't sure which board should I choose to post it. If any mod/admin find better place for this thread (please note it doesn't reffer to SGS or Captivate only, that's the problem) please move it.

Note2: Post above may change if I decide to better explain something.

Note3: Please post any questions and mistakes you found. I'll be happy to answer it if it helps anybody.
Attached Files
File Type: zip s5pc110_ibl_stuff.zip - [Click for QR Code] (7.5 KB, 2255 views)
The Following 20 Users Say Thank You to Rebellos For This Useful Post: [ Click to Expand ]
 
Master Melab
Old
(Last edited by Master Melab; 24th August 2011 at 08:10 PM.)
#2  
Senior Member
Thanks Meter 10
Posts: 284
Join Date: Jan 2011
Good job. A flow chart made with OpenOffice.org or something to understand the booting process would make things even clearer.

Does your comment about O-Droid's U-Boot mean even non-Samsung devices that utilize this chip verify the digital signature of BL1/the first stage bootloader?
I'm a crypto-maniac.
I may use words differently than you.
My terminology
signed: When any data, file, or message has a digital signature. Does not mean that something is checked for a digital signature.
boot ROM: Code physically etched on to a chip that loads modifiable code.
bootloader: Software that starts/loads the kernel. It is erasable.
locked bootloader: A bootloader that will only boot a kernel that has a valid digital signature.
 
Rebellos
Old
#3  
Senior Recognized Developer - OP
Thanks Meter 3421
Posts: 1,339
Join Date: May 2009
Location: Gdańsk

 
DONATE TO ME
Quote:
Originally Posted by Master Melab View Post
Good job. A flow chart made with OpenOffice.org or something to understand the booting process would make things even clearer.

Does your comment about O-Droid's U-Boot mean even non-Samsung devices that utilize this chip verify the digital signature of BL1/the first stage bootloader?
Will think about chart later. Thanks for suggestion.

Also, sorry for leading you into mistake before. Even Odroids does verify BL1 signature, and they verify it against the same SECKEY as SGS, Wave and so on does (BL1 from one fits to all above), also all S5PC110 looks to be EVT1_SEC versions, but Secure Boot Context is usually dropped at IBL level and it does continue non-secure boot.
 
Master Melab
Old
#4  
Senior Member
Thanks Meter 10
Posts: 284
Join Date: Jan 2011
I am not exactly sure what you mean when you say "Secure Boot Context is usually dropped at IBL level and it does continue non-secure boot.". Does that mean after attempting to boot from oneNAND, UART/USB, and the SD card, it try to boot from oneNAND again without checking the digital signature?
I'm a crypto-maniac.
I may use words differently than you.
My terminology
signed: When any data, file, or message has a digital signature. Does not mean that something is checked for a digital signature.
boot ROM: Code physically etched on to a chip that loads modifiable code.
bootloader: Software that starts/loads the kernel. It is erasable.
locked bootloader: A bootloader that will only boot a kernel that has a valid digital signature.
 
Rebellos
Old
#5  
Senior Recognized Developer - OP
Thanks Meter 3421
Posts: 1,339
Join Date: May 2009
Location: Gdańsk

 
DONATE TO ME
No, I mean that iROM (BL0) requires IBL (BL1) to be signed (most likely always), that allows secure boot without unauthorized boot change possibility. But to make boot fully secure, BL1 should require signed BL2, BL2 should require signed BL3 and BL3 should require signed OS image. In case of most (or even all) SGS handsets, BL1 or BL2 doesn't follow secure booting process and doesn't require signed next level of bootloader.
 
AdamOutler
Old
#6  
AdamOutler's Avatar
Recognized Developer
Thanks Meter 9555
Posts: 5,176
Join Date: Feb 2011
Location: Louisiana

 
DONATE TO ME
Great work! Maybe you can add links to compilers and some instructions on how to compile?
Flash with Odin on Windows, Linux and Mac. Use JOdin3, Available in a web browser or offline
Check out my developer pages. Add me to your circles on Google Plus.
Wanna see the longest Linux BASH script ever made? click here.
 
Rebellos
Old
#7  
Senior Recognized Developer - OP
Thanks Meter 3421
Posts: 1,339
Join Date: May 2009
Location: Gdańsk

 
DONATE TO ME
Quote:
Originally Posted by AdamOutler View Post
Great work! Maybe you can add links to compilers and some instructions on how to compile?
Quote:
Originally Posted by Rebellos View Post
I've created kind of S5PC110 IBL dev kit. It's attached to the post. All you need is FASMARM (downloaded from [5]) and you can compile any code basing on s5pc110_example.
There is nothing more simple - open .ASM file using FASMWARM editor and hit F9 or choose Compile from menu. :P
 
Master Melab
Old
#8  
Senior Member
Thanks Meter 10
Posts: 284
Join Date: Jan 2011
Quote:
Originally Posted by Rebellos View Post
No, I mean that iROM (BL0) requires IBL (BL1) to be signed (most likely always), that allows secure boot without unauthorized boot change possibility. But to make boot fully secure, BL1 should require signed BL2, BL2 should require signed BL3 and BL3 should require signed OS image. In case of most (or even all) SGS handsets, BL1 or BL2 doesn't follow secure booting process and doesn't require signed next level of bootloader.
Ahh. I was thinking of an older thread in which someone stated something about it trying to boot from oneNAND a second time without signature checks, if it and booting from USB and the SD card failed. I hate signature checks.
I'm a crypto-maniac.
I may use words differently than you.
My terminology
signed: When any data, file, or message has a digital signature. Does not mean that something is checked for a digital signature.
boot ROM: Code physically etched on to a chip that loads modifiable code.
bootloader: Software that starts/loads the kernel. It is erasable.
locked bootloader: A bootloader that will only boot a kernel that has a valid digital signature.
 
Rebellos
Old
#9  
Senior Recognized Developer - OP
Thanks Meter 3421
Posts: 1,339
Join Date: May 2009
Location: Gdańsk

 
DONATE TO ME
Quote:
Originally Posted by Master Melab View Post
Ahh. I was thinking of an older thread in which someone stated something about it trying to boot from oneNAND a second time without signature checks, if it and booting from USB and the SD card failed. I hate signature checks.
It was me. :P Thats the separate thing. However it was only assumption that second boot is without security check, now I'm nearly sure every booting try is signature checked if SECKEY is not null.
Sorry for misleading again.
 
Master Melab
Old
#10  
Senior Member
Thanks Meter 10
Posts: 284
Join Date: Jan 2011
Its okay. Maybe we can order S5PC110's from Samsung. If anyone has the soldering skills.
I'm a crypto-maniac.
I may use words differently than you.
My terminology
signed: When any data, file, or message has a digital signature. Does not mean that something is checked for a digital signature.
boot ROM: Code physically etched on to a chip that loads modifiable code.
bootloader: Software that starts/loads the kernel. It is erasable.
locked bootloader: A bootloader that will only boot a kernel that has a valid digital signature.

Tags
bootloader, s5pc110, unbrick
Thread Tools Search this Thread
Search this Thread:

Advanced Search
Display Modes