Quote:

Originally Posted by intersectRaven

Thanks for this! I now have S-OFF on my N1. I wonder if the MTD partitions could be resized now like in the Desire? Hmmm...

Hey IR, pls try that out and if you're successful, pls post the guide. :P

Great work @dla5244!!! Congratulations from spain

I tried it and works perfect. The process takes about 10 seconds, and after that we have bootloader S-OFF!

Now I have a doubt. As I can flash the original mtd0.img partition if the file that I have not signed?

Quote:

Originally Posted by jrsoft

Great work @dla5244!!! Congratulations from spain

I tried it and works perfect. The process takes about 10 seconds, and after that we have bootloader S-OFF!

Now I have a doubt. As I can flash the original mtd0.img partition if the file that I have not signed?

MISC(mtd0) is not signed.
you can flash MISC via flash_image(tested).

fastboot MISC flasing is not tested.
maybe it worked well...

Quote:

Originally Posted by dla5244

Modify HBOOT
It needs assembly skill.

you can refer this(IDA Database)
http://forum.xda-developers.com/show...61&postcount=1

you must modify and flash unsigned hboot(0x0 ~ 0x100 is not signature)
I attached original unsigned hboot file(0.35.0017)
you can start at this file

hboot-ori.zip hash(MD5) f319b05b5e511f8ca1c7667eb5ec6012

Change boot logo

1.Prepare 480*800 bmp file to change
2.nbimg.exe -F <BMP FILE> -n
3.rename *.nb file to splash1.img
4.fastboot flash splash1 <SPLASH1.IMG PATH>

Repartition
Not tested, so i post how to modify(maybe).

if you do not know assembly or it's difficult to understand, Don't try.

first modify point is 0x0002FB4C (0x8E02FB4C)

block size 20000

24E ~ FF0

r1 start block address
r2 block size

ROM:8E02FB4C 98 0E 0C E3 06 0E+ MOV R0, aSystem ; "system"
ROM:8E02FB54 4E 12 00 E3 MOV R1, #0x24E
ROM:8E02FB58 88 24 00 E3 MOV R2, #0x488
ROM:8E02FB5C 82 54 FF EB BL sub_8E004D6C
ROM:8E02FB60 F0 05 0C E3 06 0E+ MOV R0, aCache ; "cache"
ROM:8E02FB68 D6 16 00 E3 MOV R1, #0x6D6
ROM:8E02FB6C BE 2F A0 E3 MOV R2, #0x2F8
ROM:8E02FB70 7D 54 FF EB BL sub_8E004D6C
ROM:8E02FB74 F8 05 0C E3 06 0E+ MOV R0, aUserdata ; "userdata"
ROM:8E02FB7C CE 19 00 E3 MOV R1, #0x9CE
ROM:8E02FB80 22 26 00 E3 MOV R2, #0x622
ROM:8E02FB84 78 54 FF EB BL sub_8E004D6C

next modify point is 0x0007c3d0 (0x8e07c3d0)

24e ~ 1000

ex)24e = 4e02(hex editor)

24e @ system base address (don't modify this)
488 @ system block size

6d6 @ cache base address
2f8 @ cache block size

9ce @ data + spcustom base address
632 @ data + spcustom size (must base address + size = 0x1000)

Dump hboot
first, prepare worked kernel and rename boot.img

fastboot -c "mtdparts=msm_nand:896k@0x03EE0000(misc),4096k@0x0 4240000(recovery),3584k@0x04640000(boot),148480k@0 x49C0000(system),97280k@0xDAC0000(cache),202368k@0 x139C0000(userdata),768k@0x03E20000(hboot)" boot boot.img

dump_image hboot /sdcard/hboot.img

if your hboot version is 0.35.2017, please dump and post your hboot image

i have hboot 0.35.2012, its an eng s-off spl, but it wont let me boot with it. it flashes onto the splash screen and takes me back to bootloader

... and you got the padlock back

Firerats mtd partition tool may work but it most likely needs modification. As is I couldn't get it to work. Seems to have removed the data partition. Ill look into it more later.

Quote:

Originally Posted by maxib123

i have hboot 0.35.2012, its an eng s-off spl, but it wont let me boot with it. it flashes onto the splash screen and takes me back to bootloader

... and you got the padlock back

Wow! is your bootloader 0.35.2017????

As far as i know fastboot boot command will work before you unlock bootloader even your bootloader is 0.35.2017

Please dump for everyone.

Fastboot oem saveprt2sd hboot hboot.bin -a

And check your sd card.

If you can't dump spl, please report to me. I know another method.

Thanks.

Ps. About can bootloader relock, i guess you are radio s-off

Check your secuflag

Su
Stop ril-daemon
Cat /dev/smd0 &
Echo -e 'AT@SIMLOCK?AA\r' > /dev/smd0

Maybe your secuflag is 0(radio s-off)

Sent from my Nexus One using XDA App

Quote:

Originally Posted by dburg84

Firerats mtd partition tool may work but it most likely needs modification. As is I couldn't get it to work. Seems to have removed the data partition. Ill look into it more later.

The kernel commandline method works. Just resized the cache partition to 50MB and gave it to userdata. You need both recovery and kernel to be modified though in order to get it to work properly. (you can just modify the kernel but how do you flash a ROM correctly to the resized partitions if the recovery sees the SPL partitions version)

*I didn't try the SPL method since I won't risk my phone.

Quote:

Originally Posted by intersectRaven

The kernel commandline method works. Just resized the cache partition to 50MB and gave it to userdata. You need both recovery and kernel to be modified though in order to get it to work properly. (you can just modify the kernel but how do you flash a ROM correctly to the resized partitions if the recovery sees the SPL partitions version)

*I didn't try the SPL method since I won't risk my phone.

Answer is mkbootimg
Split recovery.img(kernel+ramdisk)
And repack recovery.img with new kernel cpmmand line using mkbootimg

but we can't use some SPL COMMAND (flash, erase userdata or system or cache and update via PASSIMG.zip)

Lecahel.

Sent from my Nexus One using XDA App

Quote:

Originally Posted by intersectRaven

The kernel commandline method works. Just resized the cache partition to 50MB and gave it to userdata. You need both recovery and kernel to be modified though in order to get it to work properly. (you can just modify the kernel but how do you flash a ROM correctly to the resized partitions if the recovery sees the SPL partitions version)

*I didn't try the SPL method since I won't risk my phone.

Does this mean, theoretically we can get more room for app data? This could be really awesome! No more need for data2sd.

Sent from my Nexus One using Tapatalk

That's exactly what it means

Sent from my Nexus One using Tapatalk