[Q] Radio ROM backup

Search This thread
By:
Advanced…
G

gelim

Member
Aug 24, 2010
39
5
Hi,

I'm creating a new thread because I did not find anything here related to that specific topic.

I would like to backup my radio ROM before flashing a WWE one. My intent is to test the WWE and if anything goes wrong with e.g the simlock I'll restore the original one.

Some directions : all /dev/block/mtdblock* are not used (appart from system, cache & data) should it be there ? maybe not using yaffs2 ?

Any enlightening suggestions appreciated !
Cheers
 
Last edited:
francians

francians

Senior Member
May 28, 2010
475
49
gelim said:
Hi,

I'm creating a new thread because I did not find anything here related to that specific topic.

I would like to backup my radio ROM before flashing a WWE one. My intent is to test the WWE and if anything goes wrong with e.g the simlock I'll restore the original one.

Any enlightening suggestions appreciated !
Cheers
Click to expand...
Click to collapse

you can find your own radio image inside of the wwe.. nowadays there are 2 radio for tattoo: orange and stock.
 
G

gelim

Member
Aug 24, 2010
39
5
let's say I'm not trusting the WWE content downloaded via an untrusted source ?
Is there really no technical way to achieve that when being root on the phone ?

Thanks
 
Last edited:
francians

francians

Senior Member
May 28, 2010
475
49
gelim said:
let's say I'm not trusting the WWE content downloaded via an untrusted source ?
Is there really no technical way to achieve that when being root on the phone ?

Thanks
Click to expand...
Click to collapse

don't know, but to achieve your own radio.img from the phone you shoud dump it from the internal memory. Maybe a full backup from recovery saves that image.
 
G

gelim

Member
Aug 24, 2010
39
5
> you shoud dump it from the internal memory

yes but it's unclear how to do it. There are several kind of memory in the phone... My bet goes on the NAND one but ATM I don't know how to access the first mtdblocks)

# mount -t yaffs2 -o ro /dev/block/mtdblock0 /sdcard/radio
mount: mounting /dev/block/mtdblock0 on /sdcard/radio failed: Invalid argument
Click to expand...
Click to collapse
(same for 1 & 2)

some kernel log to illustrate that :
[ 5261.980407] yaffs: Attempting MTD mount on 31.0, "mtdblock0"
[ 5261.980926] yaffs: NAND geometry problems: chunk size 2048, type is yaffs2, inbandTags 0
[ 5266.192199] yaffs: dev is 32505856 name is "mtdblock0"
[ 5266.192474] yaffs: passed flags ""
Click to expand...
Click to collapse

> Maybe a full backup from recovery saves that image.

No full backup from recovery (using amora's one) doesn't dump radio.img. That's why I'm asking here.
 
Last edited:
JoOoSs

JoOoSs

Senior Member
Oct 17, 2008
572
4
When you open an official RUU from HTC, all .img are extracted on temp folder. So you can take it from here.
 
G

gelim

Member
Aug 24, 2010
39
5
Actually my problems changed a little bit after doing the mount yaffs2 whitout success I issued a reboot from adb.
From now on, my Tattoo won't pass the (vibrate)Tattoo boot logo. I can't go into recovery either (should be just after the Tattoo logo displaying). The only functionnal thing is the fastboot menu and doing a fastboot flash boot boot.img (got that from the RUU) I'm left with the classis FAILED (remote: not allow) thing.

I think I'm doomed and I bricked that little piece of hardware :-(
 
G

gelim

Member
Aug 24, 2010
39
5
Yes, should.
potattoo: there is a CID check on this device, it needs to be bypassed using the Goldcard technique AFAIK.

Another protection is hboot has S-ON (signature verification) so I'm out of luck with the manual fastboot flash or update (required some *.sig apparently)

I did an RUU flash from Windows XP (inside a Virtualbox) it managed to reboot the phone (I wasn't able to do that with fastboot reboot !) and timeout on the "waiting for bootloader...". During that time the phone is frozen with the HTC logo.

UPDATE: on a physical windows it's better, the RUU WWE cleans userdata, and then tries to flash the zipped ROM... until it fails. I can now reproduce this behavior manually with fastboot.exe. Here are the log messages :

c:\fastboot>fastboot flash zip rom.zip
sending 'zip' (88968 KB)
...
OKAY [ 14.052s]
writing 'zip'...
INFOadopting the signature contained in this image...
INFOsignature checking...
INFOzip header checking...
INFOzip info parsing...
INFOchecking model ID...
INFOchecking custom ID...
FAILED (remote: 42 custom id check fail)
finished. total time: 41.400s
Click to expand...
Click to collapse

Let's try an oem boot to see what it could say :
c:\fastboot>fastboot oem boot
...
INFO[ERR] partition_read::Failed to read page
INFO22912 or it is empy
INFOsetup_tag addr=0xA0000100 cmdline add=0x8D05E538
INFOTAG:Ramdisk OK
INFOTAG:smi ok, size = 0
INFOTAG:hwid 0x1
INFOTAG:skuid 0x1FC04
INFOTAG:hero panel = 0x0
INFOTAG:engineerid = 0x0
INFOMCP dual-die
INFOMCP dual-die
INFOTAG:mono-die = 0x0
INFODevice CID is not super CID
INFOCID is HTC__247
INFOsetting.cid::HTC__247
INFOserial number: HT9BRLG00XXX
INFOcommandline from head: no_console_suspend=1 console=null
INFOcommand line length =413
INFOactive commandline: board_bahamas.disable_uart3=0 board_baha
INFOmas.usb_h2w_sw=0 board_bahamas.disable_sdcard=0 diag.enabled
INFO=0 board_bahamas.debug_uart=0 smisize=0 androidboot.baseban
INFOd=3.35.07.20 androidboot.cid=HTC__247 androidboot.carrier=HT
INFOC-FRA-Bouygues androidboot.mid=CLIC10000 androidboot.keycaps
INFO=qwerty androidboot.mode=normal androidboot.serialno=HT9BRLG
INFO00145 androidboot.bootloader=0.52.0001 no_console_suspend=1
INFOconsole=null
INFOaARM_Partion[0].name=misc
INFOaARM_Partion[1].name=recovery
INFOaARM_Partion[2].name=boot
INFOaARM_Partion[3].name=system
INFOaARM_Partion[4].name=cache
INFOaARM_Partion[5].name=userdata
INFOpartition number=6
INFOValid partition num=6
INFO0
INFO0
INFOXXXXXXX
INFOXXXXXXX
INFOXXXXXXX
INFOXXXX
INFO0
INFO0
INFO0
INFO0
INFO0
INFO0
INFO0
INFO0
INFO0
INFO0
INFO0
INFO0
INFO0
INFO0
INFO0
INFO0
INFO0
INFO0
INFO0
INFO0
INFO0
INFO0
INFO0
INFO0
INFO0
INFO0
FAILED (status read failed (Too many links))
finished. total time: 0.657s

C:\fastboot>
Click to expand...
Click to collapse

(I intentionnaly blanked by 'XX'ing some numbers thinking they are not relevant to the analysis)

The "FAILED (remote: 42 custom id check fail)" message when flashing shows clearly that the Goldcard I did following "[HOWTO] Create a GoldCard - Bypassing the RUU/SPL CID check to Root/Downgrade" topic is not recognized by HBOOT. Why ?
I tried as well not reversing the CID (as seen on another site) and doing the online generation again. Same problem : CID check FAILS miserably.

Questions that arise are :
1- what is the difference between the CID "HTC__247" seen in the boot log and the big alpha-numeric chain I got doing an "adb shell cat $path-to-mmc-cid" ?
2- does the CID change by mounting the sdcard on another android device ?

I'm pretty conscious we're derivating from the initial topic of this thread... but thanks for the help anyway.
 
Last edited:
G

gelim

Member
Aug 24, 2010
39
5
Okay, I got it solved. Feeling much much better.
The CID reversing was clumsy so my goldcard was not correct. I wiped the card : did a mkfs.vfat -F 32 -S 4096 /dev/sdb1.
Tried that site for CID manipulation http://hexrev.soaa.me/, generated the goldcard.img again via http://psas.revskills.de/?q=goldcard.
dd if=golcard.img of=/dev/sdb.
Guess what, now CID check passes successfuly.

Just for the record here is a successful fastboot flashing log :)
(yes now I switch to a windows 7 for the fastboot step, it's of course not mandatory, I could have done everything from a linux...)
c:\fastboot>fastboot flash zip rom.zip
sending 'zip' (88968 KB)... OKAY [ 14.695s]
writing 'zip'... INFOadopting the signature contained in this i
mage...
INFOsignature checking...
INFOzip header checking...
INFOzip info parsing...
INFOchecking model ID...
INFOchecking custom ID...
INFOchecking main version...
INFOstart image[hboot] unzipping for pre-update check...
INFOstart image[boot] unzipping & flushing...
INFO[RUU]UZ,boot,0
INFO[RUU]UZ,boot,51
INFO[RUU]UZ,boot,100
INFO[RUU]WP,boot,0
INFO[RUU]WP,boot,50
INFO[RUU]WP,boot,100
INFOstart image[hboot] unzipping & flushing...
INFO[RUU]UZ,hboot,0
INFO[RUU]UZ,hboot,100
INFO[RUU]WP,hboot,0
INFO[RUU]WP,hboot,100
INFOstart image[radio] unzipping & flushing...
INFO[RUU]UZ,radio,0
INFO[RUU]UZ,radio,6
INFO[RUU]UZ,radio,14
INFO[RUU]UZ,radio,19
INFO[RUU]UZ,radio,24
INFO[RUU]UZ,radio,33
INFO[RUU]UZ,radio,38
INFO[RUU]UZ,radio,43
INFO[RUU]UZ,radio,48
INFO[RUU]UZ,radio,53
INFO[RUU]UZ,radio,62
INFO[RUU]UZ,radio,67
INFO[RUU]UZ,radio,76
INFO[RUU]UZ,radio,81
INFO[RUU]UZ,radio,86
INFO[RUU]UZ,radio,91
INFO[RUU]UZ,radio,96
INFO[RUU]UZ,radio,100
INFO[RUU]WP,radio,0
INFO[RUU]WP,radio,7
INFO[RUU]WP,radio,12
INFO[RUU]WP,radio,17
INFO[RUU]WP,radio,26
INFO[RUU]WP,radio,31
INFO[RUU]WP,radio,36
INFO[RUU]WP,radio,41
INFO[RUU]WP,radio,46
INFO[RUU]WP,radio,51
INFO[RUU]WP,radio,58
INFO[RUU]WP,radio,63
INFO[RUU]WP,radio,68
INFO[RUU]WP,radio,100
INFOstart image[recovery] unzipping & flushing...
INFO[RUU]UZ,recovery,0
INFO[RUU]UZ,recovery,45
INFO[RUU]UZ,recovery,87
INFO[RUU]UZ,recovery,100
INFO[RUU]WP,recovery,0
INFO[RUU]WP,recovery,44
INFO[RUU]WP,recovery,89
INFO[RUU]WP,recovery,100
INFOstart image[sp1] unzipping & flushing...
INFO[RUU]UZ,sp1,0
INFO[RUU]UZ,sp1,100
INFO[RUU]WP,sp1,0
INFO[RUU]WP,sp1,100
INFOstart image[system] unzipping & flushing...
INFO[RUU]UZ,system,0
INFO[RUU]UZ,system,2
INFO[RUU]UZ,system,5
INFO[RUU]UZ,system,8
INFO[RUU]UZ,system,11
INFO[RUU]UZ,system,14
INFO[RUU]UZ,system,16
INFO[RUU]UZ,system,19
INFO[RUU]UZ,system,22
INFO[RUU]UZ,system,25
INFO[RUU]UZ,system,28
INFO[RUU]UZ,system,31
INFO[RUU]UZ,system,34
INFO[RUU]UZ,system,36
INFO[RUU]UZ,system,39
INFO[RUU]UZ,system,42
INFO[RUU]UZ,system,45
INFO[RUU]UZ,system,48
INFO[RUU]UZ,system,51
INFO[RUU]WP,system,0
INFO[RUU]WP,system,2
INFO[RUU]WP,system,5
INFO[RUU]WP,system,8
INFO[RUU]WP,system,11
INFO[RUU]WP,system,14
INFO[RUU]WP,system,16
INFO[RUU]WP,system,19
INFO[RUU]WP,system,22
INFO[RUU]WP,system,25
INFO[RUU]WP,system,28
INFO[RUU]WP,system,31
INFO[RUU]WP,system,34
INFO[RUU]WP,system,36
INFO[RUU]WP,system,39
INFO[RUU]WP,system,42
INFO[RUU]WP,system,45
INFO[RUU]WP,system,48
INFO[RUU]WP,system,51
INFO[RUU]UZ,system,51
INFO[RUU]UZ,system,53
INFO[RUU]UZ,system,56
INFO[RUU]UZ,system,59
INFO[RUU]UZ,system,62
INFO[RUU]UZ,system,65
INFO[RUU]UZ,system,68
INFO[RUU]UZ,system,71
INFO[RUU]UZ,system,74
INFO[RUU]UZ,system,76
INFO[RUU]UZ,system,79
INFO[RUU]UZ,system,82
INFO[RUU]UZ,system,85
INFO[RUU]UZ,system,88
INFO[RUU]UZ,system,91
INFO[RUU]UZ,system,94
INFO[RUU]UZ,system,97
INFO[RUU]UZ,system,100
INFO[RUU]WP,system,51
INFO[RUU]WP,system,53
INFO[RUU]WP,system,56
INFO[RUU]WP,system,59
INFO[RUU]WP,system,62
INFO[RUU]WP,system,65
INFO[RUU]WP,system,68
INFO[RUU]WP,system,71
INFO[RUU]WP,system,74
INFO[RUU]WP,system,76
INFO[RUU]WP,system,79
INFO[RUU]WP,system,82
INFO[RUU]WP,system,85
INFO[RUU]WP,system,88
INFO[RUU]WP,system,91
INFO[RUU]WP,system,94
INFO[RUU]WP,system,97
INFO[RUU]WP,system,100
INFOstart image[userdata] unzipping & flushing...
INFO[RUU]UZ,userdata,0
INFO[RUU]UZ,userdata,100
INFO[RUU]WP,userdata,0
INFO[RUU]WP,userdata,100
OKAY [132.319s]
finished. total time: 147.015s

c:\fastboot>fastboot reboot
rebooting...
finished. total time: 0.031s
Click to expand...
Click to collapse

Here we go for the NAND restore (I of course did a NAND backup before all the fudging)

Celebration time :)
Thanks for the support.
 
Last edited:
You must log in or register to reply here.

Similar threads

KalimochoAz
  • Locked
[ROM] CyanogenMod ( TO BE CLOSED )
Replies
3K
Views
636K
sunitknandi
sunitknandi
cn.fyodor
[ROM] fyodor FroYo AOSP Tattoo v0.7.2c (Optimized ADWLauncher for QVGA)
Replies
2K
Views
449K
sunitknandi
sunitknandi
arco68
[ROM][GWK74/2.3.7/CM7.2RC1] nFinityGB v1.14 (14 Mar 2012)
Replies
1K
Views
532K
andynroid
andynroid
I
[ROM]Pancake 1.0.6 + custom kernel v2.6.29 from HTC source[ikxdf]
Replies
3K
Views
515K
D
dada87
R
[rom] -tattoo eclair 2.1 [wip]
Replies
669
Views
235K
lukic
lukic

New posts