Android 5.0.2 and New Factory Images For Nexus 7 (Wi-Fi) Available

Android 5.0 is has been publicly available since early November, and the … more

Github Tutorial App Shows You How to Use… Github

Github can get pretty complicated and using it can become quite daunting, especially … more

Google Glass-like Clip-On For Regular Glasses Developed by Sony

For the price of $2,000, a pair of glasses that can run apps, take pictures, … more

Micromax Takes OnePlus to Court! Android Wear Receives Lollipop – XDA TV

Android 5.0 Lollipop is available officially for the Moto 360! … more

Welcome to XDA

Search to go directly to your device's forum

Register an account

Unlock full posting privileges

Ask a question

No registration required
Thread Closed

[DISCUSSION][SOLVED] ROOTING G2 Vision T-mobile

OP tubaking182

6th October 2010, 03:58 PM   |  #381  
Senior Member
Thanks Meter: 32
 
419 posts
Join Date:Joined: Oct 2008
We could really use Haykuro on this one. He could always solve problems like this. He's like superman.
6th October 2010, 04:01 PM   |  #382  
PlankLongBeard's Avatar
Senior Member
Flag On The Moon!
Thanks Meter: 64
 
1,090 posts
Join Date:Joined: May 2010
More
Quote:
Originally Posted by hah2110

So this is what is going on? http://gizmodo.com/5656921/t+mobiles...er-a-jailbreak

This is nuts. We need Cyanogen and Modaco to get on this.

+1 On this... I just got the thing for the wife last night... then wake up to this ish, I'm like we gave up Verzion the Droidx cause of this non-sense. Well, I hope Modoco and Cyanogen get on this soon too... First the selling point of interchangeable roms from HTC, now we raped like the big red machine. Its cool tho, this is an HTC and development has that rule set straight. Its ours, not yours after we paid for it.
6th October 2010, 04:05 PM   |  #383  
Member
Thanks Meter: 0
 
33 posts
Join Date:Joined: Feb 2009
Quote:
Originally Posted by flarbear

Some people (particularly over in the T-Mobile forums) are quoting this post and pointing to the 4407296 number as being proof of a 4G chip and that this means it is somehow accessible to the kernel. I just wanted to clarify that that number is probably simply reporting the size of the mmcblk0 partition in 512-byte blocks since that number happens to be exactly double the number that /proc/partitions reports. Is that a fair assessment of these numbers?

In other words, the only confirmation we have of the 4GB part is the partial teardown that found it and these numbers are simply further ways to confirm that the system only sees 2.1-ish GB of it. Correct?

That seems to be the case. This is from the data sheet for the iNAND:

Quote:

The size of a write block in the iNAND device is 512B

and

Quote:

The iNAND offers the possibility for the host to configure additional split local memory partitions with independent addressable space starting from logical address 0x00000000 for different usage models.

http://omapworld.com/iNAND_e_MMC_4_4...1_0%5B1%5D.pdf
6th October 2010, 04:06 PM   |  #384  
Member
Thanks Meter: 0
 
33 posts
Join Date:Joined: Feb 2009
Quote:
Originally Posted by lbcoder

Is it certain that this protection is at the SPL/radio/MMC level and not at the BOOT level? Has anybody actually examined the contents of the boot partition for a nasty-script?

From the same SanDisk data sheet I mentioned above:

Quote:

2.9. Enhanced Write Protection
To allow the host to protect data against erase or write, the iNAND supports two levels of write protect command:

• The entire iNAND (including the Boot Area Partitions, General Purpose Area Partition, and User/Enhanced User Data Area Partition) may be write-protected by setting the permanent or temporary write protect bits in the CSD.

• Specific segments of the iNAND may be permanently, power-on or temporarily write protected. Segment size can be programmed via the EXT_CSD register.

For additional information please refer JESD84-A441 standard.

6th October 2010, 04:08 PM   |  #385  
Account currently disabled
Thanks Meter: 96
 
2,645 posts
Join Date:Joined: Jan 2009
Quote:
Originally Posted by digikid

If I temp root my g2, where is the boot script located? I know how to read it, just don't know where it is.

The boot *PARTITION* is what is needed, and recovery would be good as well. mmcblk0p22 is boot, p21 is recovery. Dumping both of those would be useful.

dd if=/dev/block/mmcblk0p21 of=/sdcard/recovery.img
dd if=/dev/block/mmcblk0p22 of=/sdcard/boot.img

There is also an interesting partition labelled as "devlog" at p28. Any luck and it might actually have a log of what's doing with the "restore" problem.

dd if=/dev/block/mmcblk0p28 of=/sdcard/devlog.img
(note: devlog *could* have sensitive information, but probably doesn't. Up to you whether you want to share it or not)
6th October 2010, 04:09 PM   |  #386  
Account currently disabled
Thanks Meter: 96
 
2,645 posts
Join Date:Joined: Jan 2009
Quote:
Originally Posted by spyz88

We could really use Haykuro on this one. He could always solve problems like this. He's like superman.

Keep that lecherous punk kid away from here! He never solved anything and led a LOT of people into a brick.
6th October 2010, 04:13 PM   |  #387  
paulobrien's Avatar
Senior Member
Flag Norwich
Thanks Meter: 5,684
 
4,437 posts
Join Date:Joined: Nov 2003
I've had a mooch through the boot image, nothing obvious there...

P
6th October 2010, 04:20 PM   |  #388  
funkadesi's Avatar
Senior Member
Thanks Meter: 15
 
337 posts
Join Date:Joined: Jun 2006
More
+1 for HTC and T-Mo for giving us a REAL challenge....
6th October 2010, 04:24 PM   |  #389  
Junior Member
Flag Huntsville, AL
Thanks Meter: 0
 
11 posts
Join Date:Joined: Jan 2010
More
What if its something simple like making the exact same write x times in a row. The first time triggers the write protect. The second time lets the system know it should get ready to make the change and the third time it changes.
6th October 2010, 04:29 PM   |  #390  
Account currently disabled
Thanks Meter: 96
 
2,645 posts
Join Date:Joined: Jan 2009
Quote:
Originally Posted by paulobrien

I've had a mooch through the boot image, nothing obvious there...

P

How about recovery? Since recovery theoretically must be able to make permanent writes? Is recovery also protected? How about boot, is boot protected? Misc *can't* be protected, nor can cache (write protect would defeat their purposes), and between misc and cache, it should be possible to write an SPL....

Did somebody say they had an engineering SPL from somewhere? It might have been from that leaked dump or something.... An engineering SPL should be able to boot an unsigned recovery or boot image.

Thread Closed Subscribe to Thread
Previous Thread Next Thread
Thread Tools Search this Thread
Search this Thread:

Advanced Search
Display Modes