[dev][kernel][kexec]

Search This thread
By:
Advanced…
delewer

delewer

Senior Member
Aug 20, 2011
186
233
Paris
I m working on patch for stock kernel with "dtb append" (custom kernel)
It's for locked bootloader.
After this, i test aosp patch.
for now i have black screen with guest kernel.
 
  • Like
Reactions: vkass and Knucklessg1
munjeni

munjeni

Senior Member
Jun 2, 2011
9,720
22,375
delewer said:
I m working on patch for stock kernel with "dtb append" (custom kernel)
It's for locked bootloader.
After this, i test aosp patch.
for now i have black screen with guest kernel.
Click to expand...
Click to collapse

Probably you have used an old kexec tool which use dtb appended to the kernel? I had the same black screen since dtb can not be used in "whole form", you must cut last part of the dt.img and append them to the zImage and it will be working! Appending whole dtb is not working! But in my latest bootmenu I have compiled new kexec tool which use dt.img instead of needs for appending part of the dtb anymore. You can try this one from attachments:

- Here is kexec which no need "append", just use dt.img by defining --dt parameter + path to the dt.img
- Kernel patch

I have used them with my botmenu project with success! Hope you find something usefull from these...
 

Attachments

  • kexec.rar
    103.7 KB · Views: 38
  • kexec.patch
    17.7 KB · Views: 33
  • Like
Reactions: jfxperias, delewer, baga255 and 3 others
delewer

delewer

Senior Member
Aug 20, 2011
186
233
Paris
Cut dtb ?
^^
My 6 month sources cut dtb directly when loaded into kexec. I have include into dtb loading by kexec, research of magic, lengh and cut. I keep only the first occurs. So my sources theoricaly work... but i have black screen :(
so, i test appended and not appended dtb guest kernel to see differences

I have test last night, and don't see your posts... silly me !!

i test your sources when i can (i m in my job)

I see another method to call relocate (from tassadar sources), because on v7, cpu freeze sometime when memory is flush.

i post when i have something new

Thx a lot !
 
  • Like
Reactions: camlin, munjeni and mirhl
joecool666

joecool666

Senior Member
Jan 23, 2012
828
190
Dublin
hi, how do i use this tool and patch any tut, i have a C6903 L.B, might be willing to try, any help would be graetful, regards joe.
 
S

smgdev

Senior Member
Jan 13, 2013
321
48
Ankara
Compiling

Hello @delewer, Its an awesome work. However, I could not get it to compile. The arch/arm/include/asm/mmu_writable.h is missing on my kernel sources. Its a 2.6.39 kernel. Is there anything I can do about it? Is there any device or kernel specific code in v10 zip? Cause I could compile the older zip source which called kexec-tools-delewer-V1.zip.

Edit:
When I try to load a v1 or v1.1 source compiled module, it shows some memory map or something like that and says kexec_load: function not implemented. I run it with --atags argument cause I don't know how to create a dtb. But when I lsmod, I can see both kexec_load module and procfs_rw module. Also I can interact with the driver.

zyxR5F9.png

The command I am using is kexec --load zImage --atags. It doesnt make a difference if I am using the hardboot argument or defining a mem-min value.

Thank you for this great work.
I am trying to port it to Sony Tablet S btw.
Sorry if I am disturbing you.
 
Last edited:
  • Like
Reactions: baga255 and mirhl
delewer

delewer

Senior Member
Aug 20, 2011
186
233
Paris
smgdev said:
Hello @delewer, Its an awesome work. However, I could not get it to compile. The arch/arm/include/asm/mmu_writable.h is missing on my kernel sources. Its a 2.6.39 kernel. Is there anything I can do about it? Is there any device or kernel specific code in v10 zip? Cause I could compile the older zip source which called kexec-tools-delewer-V1.zip.

Edit:
When I try to load a v1 or v1.1 source compiled module, it shows some memory map or something like that and says kexec_load: function not implemented. I run it with --atags argument cause I don't know how to create a dtb. But when I lsmod, I can see both kexec_load module and procfs_rw module. Also I can interact with the driver.


The command I am using is kexec --load zImage --atags. It doesnt make a difference if I am using the hardboot argument or defining a mem-min value.

Thank you for this great work.
I am trying to port it to Sony Tablet S btw.
Sorry if I am disturbing you.
Click to expand...
Click to collapse

Hi,
Thx, but it's not a awesome work yet because my new kernel won't boot on the older ;)
I can't help if your kernel sources does not have "mmu_writable.h" file
When i have this kind of missing source, i temporary suppress ".h" #include, and see what function is missing.
After what, i grep -ri on source to find in /arch/arm the good file.
also, for the module, i add missing function by direct call with "kallsyms_lookup_name" declaration.

My older sources with (V1) need to have driver to work.
With the last sources, you don't need to have drivers, and can't have "function not implemented"

See in the first post, i have post my last V11 kexec with a lot of fixes.
If you have something missing (function not found at kexec_load loading), please share, i try to help for that.

Good luck to you.
 
  • Like
Reactions: smgdev
S

smgdev

Senior Member
Jan 13, 2013
321
48
Ankara
delewer said:
Hi,
Thx, but it's not a awesome work yet because my new kernel won't boot on the older ;)
I can't help if your kernel sources does not have "mmu_writable.h" file
When i have this kind of missing source, i temporary suppress ".h" #include, and see what function is missing.
After what, i grep -ri on source to find in /arch/arm the good file.
also, for the module, i add missing function by direct call with "kallsyms_lookup_name" declaration.

My older sources with (V1) need to have driver to work.
With the last sources, you don't need to have drivers, and can't have "function not implemented"

See in the first post, i have post my last V11 kexec with a lot of fixes.
If you have something missing (function not found at kexec_load loading), please share, i try to help for that.

Good luck to you.
Click to expand...
Click to collapse

Hello @delewer , thanks for the (quick) answer.
I suppressed the mmu_writable.h as you said and tried to find that function but no luck,no function like that(neither on V11).
Anyway, I found the problem with kexec_load not implemented error, I were using thw v10 binary against the v1.1 sourced module, tried with home-built binaries and it worked, it loads kernel without problem (with 0 exit code.). But when I try to execute it with kexec -e -x command,It says
"kexec failed: No such file or directory".
I got deep into the source to find the cause. I found the following function:
Code: 
static int my_shutdown(void){
	char *args[] = {
		"shutdown",
		"-r",
		"now",
		NULL
	};

	execv("/sbin/shutdown", args);
	execv("/etc/shutdown", args);
	execv("/bin/shutdown", args);

	perror("shutdown");
	return -1;
}

I guessed that was the problem cause my device have the reboot binary instead of shutdown and the folder structure was wrong. So I changed that to:
Code: 
static int my_shutdown(void)
{
	char *args[] = {
		NULL
	};

	execv("/system/bin/reboot",args);
	execv("/system/xbin/reboot",args);

	perror("reboot");
	return -1;
}
I thought that were going to fix everything but I was wrong. The problem were the following function.(Again, I guess. :eek: )
Code: 
static int my_exec(void)
{
	int result;

//////////////////////////////////////////////
// Remplacement de "syscall" - Par Delewer  //
//    Novembre 2013                         //
//////////////////////////////////////////////
//
//	result = kexec_reboot();

	const char fn[]= "/dev/kexec_driver";
	FILE *fp;
	fp = fopen(fn, "w");
	if (!fp)
		{
		fprintf(stderr, "Kexec_driver non implemented\n");
		fprintf(stderr, "Please, prepare by typing the following commands :\n");
		fprintf(stderr, "  => mknod /dev/kexec_driver c <major number> 0\n");
		fprintf(stderr, "  => cat /dev/kexec_driver\n");
		return -1;
		}
	fwrite("boot", 1, 4, fp);
	fclose(fp);
//////////////////////////////////////////////

	/* I have failed if I make it here */
	fprintf(stderr, "kexec failed: %s\n", 
		strerror(errno));
	return -1;
}
I think the fwrite line doesn't make its job, but anyway I tried echo boot > /dev/kexec_driver but the device did not reboot. So I checked the dmesg. The only thing I could find about this process or module or driver was that line:
"<6>[83652.446275] procfs_rw: procfile_read (/proc/atags) called"
I think the comment line at the end tells truth. /* I have failed if I make it here */
Any thoughts about this situation? And can you explain the last block after the comment line? I mean how this program can make it to there?

I am so sorry about this long post and the questions. :angel: Have a good day. Thanks.
And I am also sorry about my English grammar knowledge.
Tevfik
 
Last edited:
  • Like
Reactions: mirhl
delewer

delewer

Senior Member
Aug 20, 2011
186
233
Paris
Well..
In 1rst, please don't try with V1.1 ;)
For a lot of reason, you failed to success to boot with.
For eg : - not aligned memory, no "reloc_kernel" addresses attribute are definitively good reasons
Other pb is with driver.. It's work, but you need to mount a lot of files system at early boot, and cause random pb

If you have atags with a stock phone with locked kernel, you need to use "procfs_rw" to create you own "atags" file, and only if atags is missing... but, if you use "Device Tree Blob" (called "DTB") like our Z1 have, you don't need any "atags"... It's atags or Dtb, but not both.
Our kexec is coded for dtb file, and feed the same register at boot to replace atags address by dtb address.
If you don't know, if you need a Dtb file on your phone, you have a problem ;) Dtb is like atags... It's directly used by kernel to link hardware to kernel software, and is generated at guest kernel compil (vs host kernel we don't have sources).

Please try with V11 sources and see if you have a freeze in the "machine_kexec" addresses alloc for "relocate_kernel"... it's the key to have a kexec module working for a locked bootloader.
We have a static ro memory for loaded module on Z1 (by smp mmu protection on stock kernel), and i have create a dynamic relocate_kernel function in user space to bypass this protection.
It's not the best solution, but it work...
I m block at "soft_restart" function because of "cpu_proc_fin" freeze ("mcr p15" mmu roolback can't be exec)
So, i search...
 
  • Like
Reactions: smgdev and mirhl
S

smgdev

Senior Member
Jan 13, 2013
321
48
Ankara
delewer said:
Well..
In 1rst, please don't try with V1.1 ;)
For a lot of reason, you failed to success to boot with.
For eg : - not aligned memory, no "reloc_kernel" addresses attribute are definitively good reasons
Other pb is with driver.. It's work, but you need to mount a lot of files system at early boot, and cause random pb

If you have atags with a stock phone with locked kernel, you need to use "procfs_rw" to create you own "atags" file, and only if atags is missing... but, if you use "Device Tree Blob" (called "DTB") like our Z1 have, you don't need any "atags"... It's atags or Dtb, but not both.
Our kexec is coded for dtb file, and feed the same register at boot to replace atags address by dtb address.
If you don't know, if you need a Dtb file on your phone, you have a problem ;) Dtb is like atags... It's directly used by kernel to link hardware to kernel software, and is generated at guest kernel compil (vs host kernel we don't have sources).

Please try with V11 sources and see if you have a freeze in the "machine_kexec" addresses alloc for "relocate_kernel"... it's the key to have a kexec module working for a locked bootloader.
We have a static ro memory for loaded module on Z1 (by smp mmu protection on stock kernel), and i have create a dynamic relocate_kernel function in user space to bypass this protection.
It's not the best solution, but it work...
I m block at "soft_restart" function because of "cpu_proc_fin" freeze ("mcr p15" mmu roolback can't be exec)
So, i search...
Click to expand...
Click to collapse

Before I can start to patch the memory adresses and atags stuff, I have to get it compiled. I can't compile the v10 and v11. My kernel is missing the mmu_writable.h header file unfortunately. I suppressed it and tried to find some similiar functions but it didn't work. Do you have any ideas for that? kernel version is 2.6.39.
 
S

smgdev

Senior Member
Jan 13, 2013
321
48
Ankara
smgdev said:
Before I can start to patch the memory adresses and atags stuff, I have to get it compiled. I can't compile the v10 and v11. My kernel is missing the mmu_writable.h header file unfortunately. I suppressed it and tried to find some similiar functions but it didn't work. Do you have any ideas for that? kernel version is 2.6.39.
Click to expand...
Click to collapse

Nevermind, I found some code to hook system call table without using mmu_writable header file. I am making my own module built on top of yours.
Thanks, @delewer .
 
  • Like
Reactions: vkass and delewer
JustPlayingHard

JustPlayingHard

Senior Member
Jul 1, 2013
1,801
673
Excuse me. Is this project still active i am so waiting patiencely to try CM11 or Dirty Unicorns on my Z1 With Locked Bootloader curiosity of EE UK
 
You must log in or register to reply here.

Similar threads

DooMLoRD
[KERNEL][Z1] DooMKernel (v22-new)[20141019]
Replies
2K
Views
506K
M
Matrix329
Androguide.fr
  • Locked
[KERNEL][CM-based] Pimped Kernel (F2FS|SoundControl|DT2Wake|CPU & GPU OC|Color Control|Voltage|FastCharge|Intelliplug...)
Replies
1K
Views
170K
PG101
PG101
DooMLoRD
  • Locked
[DEV ONLY] Dual Recovery for Xperia Z1 (LOCKED BOOTLOADERS)
Replies
398
Views
140K
DooMLoRD
DooMLoRD
A
[Stock-Kernel] X-Honami v6 [Linaro-4.9.3] 18-February
Replies
376
Views
78K
S
SpyrosMLG
jerpelea
{Z1}[DEVELOPMENT] - CM11 - Android 4.4 - FreeXperia Project
Replies
1K
Views
316K
ImArlet
ImArlet

Top Liked Posts

24 Hours All time
  • There are no posts matching your filters.
  • 21
    delewer
    delewer
    Last Update : August, 19, 2014
    Hi,

    I'm still try to bypass the MMU protection.
    I have fixe a lot of bug, like memory misalignment, bad adresses allocation, dtb correction, etc...
    Last sources and binaries here :
    kexec-tools V11.zip : http://xdaforums.com/attachment.php?attachmentid=2902912&stc=1&d=1408401794
    kexec-tools binaries V11.zip : http://xdaforums.com/attachment.php?attachmentid=2902913&stc=1&d=1408401794

    Sorry, i have always 13 sec reboot after new kernel boot.
    "cpu_proc_fin" use a "mcr p15" to init cache and proc that cause freeze.
    I try to find solution for that.


    Last Update : June, 22, 2014
    Hi,

    My sources are horrible... but i give something new.

    This kexec is for stock kernel only (tested on .757). I thinks theses sources work on other kernel too.

    In "kexec-tools V10.zip", you have all my sources. It's highly recommended to mod them to have something OK.

    In "kexec binaries.zip", you have binaries to install
    => "kexec_load.ko" and "procfs_rw.ko" must be placed in "/system/lib/modules" folder with "chmod 777"
    => "kexec" must be placed in /system/bin" folder with "chmod 777"
    => cd /system/lib/modules
    => insmod kexec_load.ko

    For sources :
    Mod and adapt all you want, it's free.
    You have 2 scripts in Zip : "./compil-kexec" in "kexec-tools" folder to rebuild and send in device directly (install Adbtcp on device and send by tcp with : adb connect xxx.xxx.xxx.xxx) = work perfectly with me.
    "scriptZ1" is for compil stock kernel or another kernel (doomlord kernel for eg)
    You must rename "custom_final_files" folder after compil to "final_file" manually ; You can have guest kernel in "custom_final_files" and stock kernel in "final_files" for "kexec-tools" path ... Don't mix a guest and host kernel please ^^

    I am tired... i let you test and say if it's ok for you...

    Thank a lot to munjeni for his help.

    kexec-tools V10.zip : http://xdaforums.com/attachment.php?attachmentid=2811994&stc=1&d=1403456181
    kexec binaries.zip : http://xdaforums.com/attachment.php?attachmentid=2811995&stc=1&d=1403456181


    Last Update : November, 23, 2013
    Hi,
    For few days now, i haven't no more kernel panic with my kexec.
    I have fixed few stuffs into sources, and add a lot.

    These adds are, to include a "dt.img" image file into kexec load process.

    This image file is a "device_tree" image to match hardware to software.

    So, i assume to don't include atags into boot process, but pass bootloader informations by this DT.
    I have programmed a little scan memory to found dynamicly all magic tags, because i found 3 device_tree into memory (magic is "0xd00dfeed").
    These 2 device_tree are echo from first and nice structure.

    The boot process need to have informations from this DT, and need all informations to initialize hardware (no HDW initialisation by the kernel)
    I must first fix issues ; Regroup zImage and dt.img into memory to load a solid bloc to kexec_load module to boot into, and second, fix an offset i can't explain, 0x800 in memory causing misalignment memory

    Keep tuned..



    Last Update : November, 17, 2013

    Hi everybody,

    My kexec-tools work for Sony Xperia Z1 stock kernel "3.4.0-perf"
    This tools can work on all locked bootloader for all locked device, not only Sony or Z1 models.
    This kexec-tools add a kexec_load kernel module (LKM) and use a driver to grant a communication between "kexec" user program and kexec_load.ko module

    what is for ?
    "kexec" user program load in memory a custom kernel in zImage format, but can load ".tar" image too
    This user tool load ramdisk in memory if necessary
    This tool is for this purpose only, and don't keep in memory the custom kernel at device reboot.
    It is a "user" program, not a "kernel" extension... So, to really do the magic, we need the host kernel (stock sony locked kernel) have a kexec_load capability to reboot in a new gest kernel (custom kernel).

    Infortuntly, stock kernel don't have kexec_load capability.
    Sony have compiled his stock kernel without this option, and "standard" kexec-tools "need" this option to work. :eek:

    To see all system call capability of kernel, you can run theses command :
    Code: 
    echo 0 > /proc/sys/kernel/dmesg_restrict 
echo 0 > /proc/sys/kernel/kptr_restrict
cat /proc/kallsyms
    Do all grep you want here.
    The "echo 0" "restrict" is here to unmask logical adresses to "system calls"
    Like you can see, "__NR_kexec_load" capability isn't here.

    To add kexec_load capability in stock locked kernel, we need to add manualy a kernel module wich add this function into the kernel.
    Why ? Because the way to keep in memory a custom kernel need to know a lot of parameters, and keep a specific memory range alive at reboot.
    Only kernel can do this.
    All user program will be terminated at reboot.

    "Standard" kexec_load.ko module use a method to implement the "__NR_kexec_load" function in system call table.
    Since 2.6.0 kernel, linux for security reason, have locked in memory the "system_call_table" ; No more add or modification is authorized.
    If kexec tool try to add a value, "kexec_load" for us, we causes a kernel panic, and reboot device.

    For this reason, i have modify kexec user program and kexec_load module to implement a driver to talk to each other.

    this driver replace syscall method, and we no more need to use a system call table.
    For this reason, this tool is now compatible with modern kernel like our "3.4.0"
    For this reason, this tool must work for other device (Xperia X, P, S, etc...) and another brand
    For this reason, if kernel is locked, we can bootstrap to run a new kernel.


    Installation
    First, you can compil your own kexec tool
    Here, sources : http://xdaforums.com/attachment.php?attachmentid=2397299&stc=1&d=1384689174

    And here, the binaries : http://xdaforums.com/attachment.php?attachmentid=2397305&stc=1&d=1384689406
    (it's not a cwm zip, i have no time to create an installer for now ; use "./compil-kexec" if you want an automatic install)
    Install *.ko in /system/lib/modules
    Install kexec and kdump in /system/bin
    Grant with "chmod 777"


    Unzip in kexec-tools folder
    Install a toolchain (sudo apt-get install gcc-arm-linux-gnueabi)
    launch => ./compil-kexec

    what's all
    This script can do everythinks for you
    - Compilation of tools
    - Compilation of modules
    - installation in device
    This script can compil for every brand you have.
    Except you must remove or adapt the patch (see below why)


    Patch ??
    This patch is because a module must be compiled in the same time the kernel himself.
    For this reason a "vermagic", an identifier, is used by system to block every module not compil with kernel
    Some custom kernel bypass this to authorize every modules.
    But for stock kernel, it is not allowed.
    You can easely strapp this by busybox.
    "busybox modprobe" for help
    "-f" to force load without vermagic

    To see this vermagic :
    Code: 
    # uname -r
    This "uname -r" must be the same that
    Code: 
    # strings kexec_load.ko | grep vermagic
vermagic=3.4.0-perf-g66807d4-02450-g9a218f1 SMP preempt mod_unload modversions ARMv7
    If you want use automaticaly this vermagic, you can modify into the custom kernel this file :
    Code: 
    "include/config/kernel.release" and add :
"3.4.0-perf-g66807d4-02450-g9a218f1"
    This file will be use at module compil to match the vermagic.


    Infortunatly, it is not enought. :silly:

    The infamous "no symbol version for module_layout"
    When a module compil is created, it use symbols link to system call function, translate by adresses
    Theses symbols are not at same physical adresses in stock kernel and modules (compiled from DooMLoRD kernel).
    So, theses adresses must be convert into modules itself to match with stock symbols adress.
    A patch is needed.
    If you use my script, modules are automatically patched.

    Here patches :
    Code: 
    sed -i 's/\x32\x76\x86\x29/\x72\xFF\x5E\x20/' procfs_rw.ko
sed -i 's/\x32\x76\x86\x29/\x72\xFF\x5E\x20/' kexec_load.ko
sed -i 's/\xBB\xD0\xF8\x4D/\x0E\x1C\x63\x77/' kexec_load.ko
sed -i 's/\xA6\x26\x81\x1A/\xD4\x56\x02\x7E/' kexec_load.ko
sed -i 's/\xA3\xD1\xEC\x96/\xEC\x43\x28\x1A/' kexec_load.ko
sed -i 's/\x8C\xE6\x6A\x5F/\x3D\xDF\x02\xF2/' kexec_load.ko
sed -i 's/\x3E\xF3\xEF\xE9/\x18\x7F\xA6\x8A/' kexec_load.ko
sed -i 's/\x8B\xD2\x92\x10/\xC8\x19\x08\x9C/' kexec_load.ko
sed -i 's/\x1C\xE8\x18\xE1/\x7C\x71\x9E\xEF/' kexec_load.ko
sed -i 's/\xAB\x2C\x2F\x8B/\x8E\xD7\x63\xC0/' kexec_load.ko
sed -i 's/\xF5\x62\xAA\x4B/\x34\x80\x1B\x74/' kexec_load.ko
sed -i 's/\x00\x52\xD6\xD7/\x6F\x80\x91\x20/' kexec_load.ko
sed -i 's/\x4F\x77\x57\x6A/\x0C\x57\xC7\x63/' kexec_load.ko
sed -i 's/\xCA\x2F\x65\x71/\x92\xB8\x7F\x53/' kexec_load.ko
sed -i 's/\x0F\xD0\xA0\x91/\xFA\x80\x15\xB4/' kexec_load.ko
sed -i 's/\x29\xA0\x6D\x48/\x6C\x6B\x96\x54/' kexec_load.ko
sed -i 's/\x6D\x1F\x1F\x37/\xCC\x5E\x79\x8B/' kexec_load.ko
sed -i 's/\xFD\x23\xD0\xFB/\xE3\xE3\x68\x52/' kexec_load.ko
    You can use hexedit or hexdump to see these adresses :
    Code: 
    hexdump kexec_load.ko | grep ff72         
0003d50 b0b0 80ac ff72 205e 6f6d 7564 656c 6c5f
    how does it work ?
    # kexec --help
    For kexec help... nothing more to say.

    # lsmod
    List loaded modules... You must see
    kexec_load 31369 0 - Live 0x00000000 (O)

    # rmmod kexec_load.ko
    Remove kexec_load module from memory.

    # grep kexec /proc/device
    To see installed driver.
    You must see :
    100 kexec_driver

    First number is "major" number to identify your driver in system.

    # mknod /dev/kexec_driver c 100 0
    Install driver.
    Major number (here 100), is important for module.
    This Major must be the same between module and driver.
    By default, 100 is used.

    # insmod kexec_load.ko
    To install "LKM", kexec_load kernel module.
    If another Major is needed, you can use "insmod kexec_load.ko 101" for Major 101
    You can use "modprob" if you want, but you must configure the module folder.


    How kexec and module exchange informations ?
    By the driver.
    Normal output for a kernel module is to write in "dmsg" file.
    To see kernel output, launch this command :
    Code: 
    # dmesg
    To see last kernel log, see in :
    Code: 
    # cat /proc/last_kmsg
    For kexec module, this normal way still exist, and give a lot of informations, but to speak with, you must use the driver.
    /dev/kexec_driver

    You can yourself test communication:
    Code: 
    # cat /dev/kexec_driver
You can send kernel by this communication channel.
Type following commands for help
  => echo help >/dev/kexec_driver
  => dmesg | grep Kexec
    Code: 
    # echo help >/dev/kexec_driver
# cat /dev/kexec_driver
Last command : 'help'
 Please type following command :
      => dmesg|grep Kexec
    Every command send into driver is receive by kexec_load.ko module and running into the kernel.
    The answer can by read thru the driver

    Here, you can see that normal way to see messages is allway dmesg.

    Code: 
    # dmesg|grep Kexec
<4>[15050.521628] Kexec: Starting kexec_module...
<6>[15050.521656] Kexec: kexec_driver_contener allocation
<6>[15050.521673] Kexec: kexec_memory_buffer allocation
<4>[15050.521691] Kexec:----------------------------------------------------
<4>[15050.521710] Kexec: kexec_driver created with major : '100'
<4>[15050.521728] Kexec: Please, prepare by typing the following commands :
<4>[15050.521746] Kexec:  => mknod /dev/kexec_driver c 100 0
<4>[15050.521761] Kexec:  => cat /dev/kexec_driver
<4>[15050.521775] Kexec:-----------------------------------------------------
<4>[15050.521791] Kexec:  For help
<4>[15050.521803] Kexec:  => echo help >/dev/kexec_driver
(...)
    I have add a lot of informations to help to configure kexec.



    rdtags, atags ??
    Not sure for this part of kernel.
    "atags" is the most used method to bootloader to parse commands and informations to kernel at boot.
    "atags" is a form of structure in memory to organise informations.
    At boot, a address chain is created and can be compulse in /proc/atags file.
    This file is read only system.
    "rdtags" is another way to bootloader to parse information to kernel.
    "rdtags" is not stocked in "/proc"
    But, as i see, stock kernel can use "atags" from bootloader.
    kexec can substitute bootloader function to create fromscratch a atags chain, and parse to new kernel.
    I have change this part to stock atags in "/data/atags", and reuse or change if need.

    If this don't work, i must create a rdtags chain to replace atags ; It's not a hard work.


    Status

    For the moment, kexec tools works.
    => Phase one OK.

    I can start Phase Two : new kernel patch.
    If you want to help me...

    Actually, load a custom kernel and boot into with kexec tools work.
    But at boot into, a kernel panic occurs.

    It seems, a part of kexec patch is missing in custom kernel.
    View
    12
    delewer
    delewer
    king960 said:
    Attempts on Xperia P (sorry IF i noob-ed with this post)

    http://xdaforums.com/showthread.php?t=2053466

    Sent from my LT22i using xda app-developers app
    Click to expand...
    Click to collapse

    It's a dead thread.
    Because, it's a epic failed (for now).

    ********

    Status of my attempts :

    Modules loads : OK for two modules (kexec_load and procfs_rw)
    - procfs_rw.ko => create "/proc/atags" => ok, but bad buf... it must be fix (easy part)
    - kexec_load.ko => Loaded => ok but, the way to use is "syscall" add for kexec_load function => failed
    why ? Because after 2.6 kernel (Z1 have 3.4.0 kernel), syscall_table is read only and had fixed size. So if i attempt to add value (kexec_load in our case), we have kernel panic.

    But i have a solution to add function in LKM, is to add a "real" module call.

    I have add a "kexec_driver" in "/dev" structure by :
    Code: 
    insmod kexec_load.ko
mknod /dev/kexec_driver c 254 0
(...)
crw-rw-rw- root     root     254,   0 2013-11-11 15:26 kexec_driver

    Driver is in alpha stage and highty experimental

    To be continue...
    View
    10
    munjeni
    munjeni
    delewer said:
    just for information...
    compressed kernel with lzma his bigger than no lzma lol
    4,1 Vs 4,15

    so, i thave try :
    kexec --load zImage.lzma --mem-min=0x0f00000000 --command-line="$(cat /proc/cmdline)"
    debug: Focus 1 - argc '5' ; argv 'bea96754' ; kernel_buf 'b6bdf008' ; kernel_size '3f5414' ; info 'bea96528' ; i '1' ; file_type.name 'zImage'
    debug: malloc - xmalloc mem_range '4511824'
    Could not find a free area of memory of 3fd414 bytes...

    lol ... if you could find a way to reduced size ?? :p
    Click to expand...
    Click to collapse


    Did you reserved and freed memory for kexec? Something like:
    +#if defined(CONFIG_KEXEC_HARDBOOT)
    +static void kexec_hardboot_reserve(void)
    +{
    + if (memblock_reserve(KEXEC_HARDBOOT_START, KEXEC_HARDBOOT_SIZE)) {
    + printk(KERN_ERR "Failed to reserve memory for KEXEC_HARDBOOT: "
    + "%dM@0x%.8X\n",
    + KEXEC_HARDBOOT_SIZE / SZ_1M, KEXEC_HARDBOOT_START);
    + return;
    + }
    + memblock_free(KEXEC_HARDBOOT_START, KEXEC_HARDBOOT_SIZE);
    + memblock_remove(KEXEC_HARDBOOT_START, KEXEC_HARDBOOT_SIZE);
    +
    + kexec_hardboot_device.num_resources = ARRAY_SIZE(kexec_hardboot_resources);
    + kexec_hardboot_device.resource = kexec_hardboot_resources;
    +}
    +#endif
    Click to expand...
    Click to collapse

    Standard kexec not working and allso kexec can boot only kexec patched kernels, so I get them only working using hard kexec, hard worked on them and finaly I had a fully working kexec for Sony Xperia Go, Sola, P and U, maybe this help -> https://github.com/munjeni/android_kernel_xperiago/commits/jb-dev?page=2

    I will start working on your work after I get Xperia Z1 Mini! You made a realy interesting thread, I am realy interested in this! Hope we get some progress. :good:

    And one more thing, I will backport my Boot Menu to Z1 and Z1S soon as we get kexec working! More info here -> http://xdaforums.com/showthread.php?t=2418241
    View
    10
    delewer
    delewer
    ikenley said:
    Excellent work Delewer!

    So is it currently functional but with bugs or does it still need work before others can start testing it?

    Are your tests at the moment with Sony stock kernel (i,e, DooMKernel) or with AOSP kernel (i.e. CM kernel running CM10 or equivalent)?
    Click to expand...
    Click to collapse

    It's not a fonctionnal kexec ; all i see in my sources say it work, but it is not yet, it's frustating to me to be so close.

    I test only with DoomKernel, to be sure when ok, to see it is.
    When ok, aosp will be kexeced immediatly after... for sure !!!

    Most important for now it's to have log from new kernel to debug the first crash ; if i have a log, we win the battle.
    View
    7
    S
    Shaky156
    Hi new thread created for kernel kexec development.

    Status: not working: wrong values for mem defines under the kernel is giving segmentation fault as its attempting to write to memory areas that are currently being used byyyyy the system


    Instructions:
    Make kernel compatible?:
    1. Download kernel diff patch from below
    2. Terminal - diff patch > diff.txt

    How to use:
    1. Download kexec-tools (kexec binary) from below
    2. Copy into system/bin directory and give it executable permission
    3. Download compatible kernel
    4. Terminal - kexec --load-hardboot zImage --initrd=initrd.img --mem-min=0x20000000 --command-line="$(cat /proc/cmdline)"
    kexec -e

    Download links:
    Kexec tool- https://db.tt/8DZXQ9eV
    Ramdisk firmware 1.548 : https://db.tt/8DZXQ9eV
    zImage (kernel):


    Source code:
    Kernel diff patch: https://db.tt/Xi2htT7Q (currently contains wrong values for mem defines)
    Kexec-tools: https://db.tt/I22ofr3b


    Special thanks: @delewer @krabappel2548
    View

New posts