FORUMS
Remove All Ads from XDA

Poking at latest OTA update for fun and profit

71 posts
Thanks Meter: 42
 
By Etn40ff, Member on 21st December 2011, 11:40 PM
Post Reply Email Thread
I am poking around the latest official OTA update (get it here).
I am trying to see if there is anything useful for aftermarket roms. I will post
here my findings, if any, and all the questions that pop to my mind. Hopefully
someone in the community will have answers.

The updating script does the following:
1) several checks on bootloader/recovery/cid/device version
2) copy fotaBoot to /data/system/fotaBoot to trigger some changes at reboot
3) checks on files to be patched
4) delete several files from /data (notably adio_checksum, DxDr,
SuplRootCert_injected)
5) delete lots of files form /system
6) apply patches
7) copy files into /system
8) set permissions
9) flash firmware.zip via
Code:
write_firmware_image("PACKAGE:firmware.zip", "zip");
Among the files being modified there are a couple of firmwares (yamato_pfp.fw
yamato_pm4.fw). I do not have them on my system (I run CM7) and I have no idea
which piece of hardware they refer to. There is also an app whose purpose I
ignore (HTC-DPM-GB-2.3-48637-11.1.apk) and a mysterious recovery.img in /system
(more on this later).

Does anyone know the exact procedure by which firmware.zip is flashed? Will any
check be performed on it? Its content is the following:

* android-info.txt: ASCII file with some version numbers.
* boot.img: should be the new kernel+ramdisk; I tried booting it with few
expectations and indeed it wont boot with a non-sense /system
* hboot_8x60_DOT_1.45.0013_20111121_signedbyaa.nb0: the new bootloader; I see no
reason to flash this unless it provides some new features.
* radio.img: fat image with radio files (should be safe to flash)
* rcdata.img: ???
* recovery.img: this won't boot; may it require the above mentioned recovery.img?
Anyway this is completely useless
* rpm.img: ???
* sbl1.img: ???
* sbl2.img: ???
* sbl3.img: ???
* tz.img: ???

Anyone has ideas on what the other files are? I assume that if we avoid flashing
hboot we will always have fastboot available to us and S-OFF to flash anything
we would like to, correct? Revolutionary team can you please explain how you
make the phone S-OFF once your exploit gives you the right privileges? Will any
of those files affect it? Has anyone here any idea of which partitions should
they be flashed to?

As I said I tried to boot both recovery.img and boot.img to get a config.gz and
kernel version with scarce success. I'd like to see whether they made some modifications to the
kernel which improved battery life. I think I will repack the new kernel with
CWM recovery and get the info from there.


Ideas of things to poke at? Comments? Helpful insights?
The Following User Says Thank You to Etn40ff For This Useful Post: [ View ] Gift Etn40ff Ad-Free
 
 
22nd December 2011, 12:10 AM |#2  
OP Member
Thanks Meter: 42
 
More
Related info: here .
sbl*.img might be the boot loader. (secured/secondary boot loader???) but why in 3 separate chunks?
22nd December 2011, 12:14 AM |#3  
OP Member
Thanks Meter: 42
 
More
More info: here

rcdata.img is text; it should be the configuration of the radio but if I check the content of the corresponding partition (mmcblk0p18) on my phone there is a lot of binary junk together with the small amount of text. The options are the same except for one (AGPSNVSetting) that is missing in the updated rcdata.img

Code:
# cat /dev/block/mmcblk0p18 | strings | tail -n 9
QCT_UMTS_RADIO_VER=1
DisH=2
AGPSNVSetting=1
EnDTM=0
MSCMode=10
HSDPACat=10
HSUPACat=6
GEA3=0
QCT_UMTS_RADIO_END=1
The Following User Says Thank You to Etn40ff For This Useful Post: [ View ] Gift Etn40ff Ad-Free
22nd December 2011, 02:35 AM |#4  
Account currently disabled
Flag Los Angeles, CA
Thanks Meter: 321
 
More
I know probably the biggest request from the community is to figure out how to root the update; it seems that the Rev. team has been notified that the exploit they used before seems to have been patched in this update.

Also very profitable would probably be zips for the new kernel and radio, if possible. Early reports have indeed been of better battery life, and also higher quadrant scores.

Anyway, many thanks for this thread, and for looking at the update
22nd December 2011, 03:18 AM |#5  
jonnycat26's Avatar
Senior Member
Thanks Meter: 84
 
More
Quote:
Originally Posted by Etn40ff

Among the files being modified there are a couple of firmwares (yamato_pfp.fw
yamato_pm4.fw).

Just a shot in the dark, but Yamato is refered to here:

http://code.google.com/p/synergy-kin...pec=svn41&r=41

It seems to have something to do with the adreno chipset...
22nd December 2011, 04:41 AM |#6  
Litesorrows's Avatar
Senior Member
Flag Elgin
Thanks Meter: 26
 
More
There's a Pre Rooted Version of the OTA Update on Rootzwiki. I would imagine those on XDA would be rooted all ready. I understand trying to find a way to Root the OTA Update for those who had it before they could root. But wouldn't a simple Temp Root, then Downgrade work? That's what I had to do with my G2 and G1.

Sent from my MyTouch_4G_Slide using xda premium
22nd December 2011, 05:54 AM |#7  
Account currently disabled
Flag Los Angeles, CA
Thanks Meter: 321
 
More
Quote:
Originally Posted by Litesorrows

There's a Pre Rooted Version of the OTA Update on Rootzwiki. I would imagine those on XDA would be rooted all ready. I understand trying to find a way to Root the OTA Update for those who had it before they could root. But wouldn't a simple Temp Root, then Downgrade work? That's what I had to do with my G2 and G1.

Sent from my MyTouch_4G_Slide using xda premium

the version on Rootzwiki isn't the newest update, the one that just came out 3 days ago. and the newest update has proven impervious even to temp-root so far. the only way to downgrade is if you were S-OFF before updating. there is a thread on this in the general section.....
22nd December 2011, 04:14 PM |#8  
overhauling's Avatar
Senior Member
Thanks Meter: 735
 
Donate to Me
More
If you updated, please view this thread.

http://forum.xda-developers.com/show....php?t=1405859
22nd December 2011, 05:20 PM |#9  
Blue6IX's Avatar
Senior Member
Thanks Meter: 1,144
 
Donate to Me
More
I had pulled the new google talk app and made it flashable on request, here's the link:

Gtalk update

There are a couple others if anyone wants them - deskclock, wifi calling, t-mo mall and carbon backup, netflix, and two logging utilities.

The rest is all small updates to a lot - what I wanted to look into first were the GPS updates to make sure my patch stays as current as possible.

You can either pull apart the package directly, or flash the update and do an adb pull to grab new stuff - backup guide in my sig tells you all about using the adb pull command.

Now that we know you can rewind the changes and get root back after the update, either should be fine. I've been going through the download zip, but haven't had much time at my workstation.

I have a couple emergency shifts to work, kept me offline yesterday & today, I'll check back on a break later and see if I have anything else to add.

Sent from my Bulletproof_Doubleshot using xda premium
The Following 3 Users Say Thank You to Blue6IX For This Useful Post: [ View ] Gift Blue6IX Ad-Free
22nd December 2011, 09:33 PM |#10  
Junior Member
Flag Bethlehem, PA
Thanks Meter: 1
 
More
Quote:
Originally Posted by Blue6IX

I had pulled the new google talk app and made it flashable on request, here's the link:

Gtalk update

There are a couple others if anyone wants them - deskclock, wifi calling, t-mo mall and carbon backup, netflix, and two logging utilities.

The rest is all small updates to a lot - what I wanted to look into first were the GPS updates to make sure my patch stays as current as possible.

You can either pull apart the package directly, or flash the update and do an adb pull to grab new stuff - backup guide in my sig tells you all about using the adb pull command.

Now that we know you can rewind the changes and get root back after the update, either should be fine. I've been going through the download zip, but haven't had much time at my workstation.

I have a couple emergency shifts to work, kept me offline yesterday & today, I'll check back on a break later and see if I have anything else to add.

Sent from my Bulletproof_Doubleshot using xda premium

could i get deskclock, wifi calling, and netflix
23rd December 2011, 03:30 AM |#11  
sykopompos's Avatar
Recognized Developer
Flag flithydelphia
Thanks Meter: 29,258
 
Donate to Me
More
Yamato is gpu proprietary files. U would use them in a compile against source code for the improvements. I would say kernel fixes would be the main thing if reports are better quadrant and battery life

Sent from my MB525 using XDA App
The Following User Says Thank You to sykopompos For This Useful Post: [ View ]
Post Reply Subscribe to Thread

Guest Quick Reply (no urls or BBcode)
Message:
Previous Thread Next Thread
Thread Tools Search this Thread
Search this Thread:

Advanced Search
Display Modes