FORUMS

[TOOL] Android Image Kitchen - Unpack/Repack Kernel Ramdisk [Win/Android/Linux/Mac]

14,047 posts
Thanks Meter: 31,363
 
By osm0sis, Recognized Developer / Recognized Contributor on 30th December 2012, 03:55 PM
Post Reply Email Thread
5th May 2020, 03:03 PM |#2391  
osm0sis's Avatar
OP Recognized Developer / Recognized Contributor
Flag Halifax
Thanks Meter: 31,363
 
Donate to Me
More
Quote:
Originally Posted by Knightrider_kit

Ok so I don't have Magisk and cannot install it as far as I know. I cannot access my device with adb, cannot do anything in stock recovery except reboot, fastboot only produces a black screen which you cannot press vol-down and then power to get to recovery. So this is why I am trying to port a recovery on the device and then flash it. The only download for mobile I saw was at the beginning of this thread and is in update form for Magisk. So I went through the installer and have attempted to install manually on my device. I am including a text file that shows where I installed files. Not sure what else I might need to do. Anyway, trying to follow this guide https://forum.xda-developers.com/and...ource-t3843473. Move my recovery.img to same directory as unpackimg.sh and attempt to unpack it. The first time I got an error on unpacking ramdisk. Deleted split_image but could not delete /ramdisk - system busy. Rebooted, deleted empty dir /ramdisk, attempted unpack again in an attempt to get a record of the exact error and to my surprise everything went off without a hitch. So I immediatly repacked with --original flag and flashed but still same problem, recovery won't boot, all I get is a black screen. All help greatly appreciated.
https://i.postimg.cc/PJs0XNbG/list.png

list

Hope this image comes up. I've been trying to figure out how to do an attachment but I guess maybe I have to have ten posts.

If you don't have modern root you probably shouldn't be using AIK-mobile, and would be better off trying to use AIK-Linux on Linux/macOS or Android Image Kitchen for Windows.

If using --original doesn't work then there's something off with the structure of the .img, perhaps some signing your device bootloader requires. You'll have to compare the repacked .img with the original in a hex editor.
The Following User Says Thank You to osm0sis For This Useful Post: [ View ]
13th May 2020, 02:12 PM |#2392  
Junior Member
Thanks Meter: 6
 
More
Quote:
Originally Posted by osm0sis

If you don't have modern root you probably shouldn't be using AIK-mobile, and would be better off trying to use AIK-Linux on Linux/macOS or Android Image Kitchen for Windows.

If using --original doesn't work then there's something off with the structure of the .img, perhaps some signing your device bootloader requires. You'll have to compare the repacked .img with the original in a hex editor.

Unfortunately, I don't have access to a computer right now but I did look at the files and see something having to do with a signature but from what I've read signatures are supposed to be at the end but this is at the beginning. This is what it looks like. Please let me know if there is a way to sign the image myself. Thanks again.
[email protected]:/ # od -c /mnt/sdcard/recoveryProject/stock/recovery.img | more created with cat
0000000 A N D R O I D ! $ 360 204 \0 \0 200 @ `
0000020 o 254 275 \0 \0 \0 \0 b \0 \0 \0 \0 \0 \0 360 `
0000040 \0 200 \b ` \0 @ \0 \0 \0 \0 \0 \0 \0 \0 \0 \0
0000060 \0 \0 \0 \0 \0 \0 \0 \0 \0 \0 \0 \0 \0 \0 \0 \0
*
0001100 * C 244 374 \v 226 337 H ; = ( 271 241 376 204 6
0001120 022 224 B B \0 \0 \0 \0 \0 \0 \0 \0 \0 \0 \0 \0
0001140 \0 \0 \0 \0 \0 \0 \0 \0 \0 \0 \0 \0 \0 \0 \0 \0
*
0002000 S I G N 200 \0 \0 \0 \b 346 z 371 323 255 ; 261
0002020 M 264 325 . 225 5 224 220 Q l 233 a c 277 372 361
0002040 F S ; 005 \v 232 J 267 , + 253 003 277 \n 314 275
0002060 243 301 037 260 004 y [ V 255 306 Y - 265 330 004
0002100 ; 5 F 002 r 376 L 360 / E 313 334 262 a \f 216
0002120 320 346 > 374 354 246 334 033 274 313 242 ( 300 316 . '
0002140 5 H 030 250 X 016 017 366 375 256 355 R 231 b { 371
0002160 242 ( 226 257 332 305 ( 361 272 \n 215 270 356 273 275 #
0002200 N 324 ) ' = E u K \0 \0 \0 \0 \0 \0 \0 \0
0002220 \0 \0 \0 \0 \0 \0 \0 \0 \0 \0 \0 \0 \0 \0 \0 \0
*
0040000 323 360 ! 343 020 237 020 356 262 032 030 353 005 240 260 341
0040020 301 032 030 \n ( 0 217 342 020 001 223 350 004 @ C 340
0040040 004 200 210 340 9 \0 \0 353 \a \0 \0 353 \f 320 237 345
0040060 004 340 217 342 004 200 240 341 020 360 212 342 224 032 030 352
--More--
[email protected]:/ # od -c /mnt/sdcard/recoveryProject/Folder/recovery.img | more -> created with AIK --original
0000000 A N D R O I D ! $ 360 204 \0 \0 200 @ `
0000020 d 7 275 \0 \0 \0 \0 b \0 \0 \0 \0 \0 \0 360 `
0000040 \0 200 \b ` \0 @ \0 \0 \0 \0 \0 \0 \0 \0 \0 \0
0000060 \0 \0 \0 \0 \0 \0 \0 \0 \0 \0 \0 \0 \0 \0 \0 \0
*
0001100 274 8 237 \r 316 235 \ 246 A X 353 > 221 263 260 333
0001120 323 $ 304 \0 \0 \0 \0 \0 \0 \0 \0 \0 \0 \0 \0 \0
0001140 \0 \0 \0 \0 \0 \0 \0 \0 \0 \0 \0 \0 \0 \0 \0 \0
*
0040000 323 360 ! 343 020 237 020 356 262 032 030 353 005 240 260 341
0040020 301 032 030 \n ( 0 217 342 020 001 223 350 004 @ C 340
0040040 004 200 210 340 9 \0 \0 353 \a \0 \0 353 \f 320 237 345
0040060 004 340 217 342 004 200 240 341 020 360 212 342 224 032 030 352
0040100 H 201 @ 300 D 200 @ 300 \0 \0 \0 300 001 E 210 342
0040120 001 I 204 342 004 \0 240 341 \0 0 240 343 001 i 200 342
0040140 004 0 200 344 004 0 200 344 004 0 200 344 004 0 200 344
0040160 006 \0 0 341 371 377 377 032 \b p 232 345 200 \0 217 342
0040200 h \0 220 350 003 \0 @ 340 \0 P 205 340 \0 ` 206 340
--More--
13th May 2020, 03:42 PM |#2393  
osm0sis's Avatar
OP Recognized Developer / Recognized Contributor
Flag Halifax
Thanks Meter: 31,363
 
Donate to Me
More
Quote:
Originally Posted by Knightrider_kit

Unfortunately, I don't have access to a computer right now but I did look at the files and see something having to do with a signature but from what I've read signatures are supposed to be at the end but this is at the beginning. This is what it looks like. Please let me know if there is a way to sign the image myself. Thanks again.

created with cat:

Code:
[email protected]:/ # od -c /mnt/sdcard/recoveryProject/stock/recovery.img | more
0000000   A   N   D   R   O   I   D   !   $ 360 204  \0  \0 200   @   `
0000020   o 254 275  \0  \0  \0  \0   b  \0  \0  \0  \0  \0  \0 360   `
0000040  \0 200  \b   `  \0   @  \0  \0  \0  \0  \0  \0  \0  \0  \0  \0
0000060  \0  \0  \0  \0  \0  \0  \0  \0  \0  \0  \0  \0  \0  \0  \0  \0
*
0001100   *   C 244 374  \v 226 337   H   ;   =   ( 271 241 376 204   6
0001120 022 224   B   B  \0  \0  \0  \0  \0  \0  \0  \0  \0  \0  \0  \0
0001140  \0  \0  \0  \0  \0  \0  \0  \0  \0  \0  \0  \0  \0  \0  \0  \0
*
0002000   S   I   G   N 200  \0  \0  \0  \b 346   z 371 323 255   ; 261
0002020   M 264 325   . 225   5 224 220   Q   l 233   a   c 277 372 361
0002040   F   S   ; 005  \v 232   J 267   ,   + 253 003 277  \n 314 275
0002060 243     301 037 260 004   y   [   V 255 306   Y   - 265 330 004
0002100   ;   5   F 002   r 376   L 360   /   E 313 334 262   a  \f 216
0002120 320 346   > 374 354 246 334 033 274 313 242   ( 300 316   .   '
0002140   5   H 030 250   X 016 017 366 375 256 355   R 231   b   { 371
0002160 242   ( 226 257 332 305   ( 361 272  \n 215 270 356 273 275   #
0002200   N 324   )   '   =   E   u   K  \0  \0  \0  \0  \0  \0  \0  \0
0002220  \0  \0  \0  \0  \0  \0  \0  \0  \0  \0  \0  \0  \0  \0  \0  \0
*
0040000 323 360   ! 343 020 237 020 356 262 032 030 353 005 240 260 341
0040020 301 032 030  \n   (   0 217 342 020 001 223 350 004   @   C 340
0040040 004 200 210 340   9  \0  \0 353  \a  \0  \0 353  \f 320 237 345
0040060 004 340 217 342 004 200 240 341 020 360 212 342 224 032 030 352
--More--
created with AIK --original:
Code:
[email protected]:/ # od -c /mnt/sdcard/recoveryProject/Folder/recovery.img | more
0000000   A   N   D   R   O   I   D   !   $ 360 204  \0  \0 200   @   `
0000020   d   7 275  \0  \0  \0  \0   b  \0  \0  \0  \0  \0  \0 360   `
0000040  \0 200  \b   `  \0   @  \0  \0  \0  \0  \0  \0  \0  \0  \0  \0
0000060  \0  \0  \0  \0  \0  \0  \0  \0  \0  \0  \0  \0  \0  \0  \0  \0
*
0001100 274   8 237  \r 316 235   \ 246   A   X 353   > 221 263 260 333
0001120 323   $ 304  \0  \0  \0  \0  \0  \0  \0  \0  \0  \0  \0  \0  \0
0001140  \0  \0  \0  \0  \0  \0  \0  \0  \0  \0  \0  \0  \0  \0  \0  \0
*
0040000 323 360   ! 343 020 237 020 356 262 032 030 353 005 240 260 341
0040020 301 032 030  \n   (   0 217 342 020 001 223 350 004   @   C 340
0040040 004 200 210 340   9  \0  \0 353  \a  \0  \0 353  \f 320 237 345
0040060 004 340 217 342 004 200 240 341 020 360 212 342 224 032 030 352
0040100   H 201   @ 300   D 200   @ 300  \0  \0  \0 300 001   E 210 342
0040120 001   I 204 342 004  \0 240 341  \0   0 240 343 001   i 200 342
0040140 004   0 200 344 004   0 200 344 004   0 200 344 004   0 200 344
0040160 006  \0   0 341 371 377 377 032  \b   p 232 345 200  \0 217 342
0040200   h  \0 220 350 003  \0   @ 340  \0   P 205 340  \0   ` 206 340
--More--

Well there you go then, and signatures can be at the beginning, the end, or even in the middle like yours appears to be. Likely there isn't much you can do, but you could try using a hex editor to cut the signature out of the stock image and paste it into the same position of the repacked one.
20th May 2020, 08:19 AM |#2394  
osm0sis's Avatar
OP Recognized Developer / Recognized Contributor
Flag Halifax
Thanks Meter: 31,363
 
Donate to Me
More
Quote:
Originally Posted by fawazahmed0

@wzsx150 @osm0sis , just wanted add, we can always get the latest bootsignature.jar from https://ci.android.com
Steps to get it:
1. Go to https://ci.android.com
2. Type the branch name as aosp-master (currently you don't have to do this, as it is the default branch)
3. click on download button on any of the aosp_** build.
4. Download the otatools.zip
5. Extract otatools.zip , in framework folder, it will have boot_signer.jar (This is same as bootsignature.jar)

And we can convert this into dexed (mobile) version, by using dx tool.

Steps to get it:
1. Go to https://ci.android.com
2. Type the branch name as aosp-build-tools
3. click on download button on any of the latest build.
4. Download build-common-prebuilts.zip
5. Extract it , in framework folder, it will have dx.jar

Usage: java -jar dx.jar --dex --output=boot_signer_mobile.jar boot_signer.jar

Running the boot_signer_mobile.jar in mobile:
Example: dalvikvm -cp boot_signer_mobile.jar com.android.verity.BootSignature /boot boot.img verifiedboot.pk8 verifiedboot.x509.der boot_signed.img

@fawazahmed0 Turns out it's simple enough of an executable that it can be compiled from the command line!

The only trick was getting the bouncycastle dependencies in there, which an IDE would usually handle (extracting and including only the necessary ones), but I worked around that by just taking them directly out of the latest prebuilt boot_signer.jar from Android CI.

Code:
git clone --depth 1 https://android.googlesource.com/platform/system/extras aosp-system-extras
cd aosp-system-extras

# download boot_signer-support-images-with-dt.patch from https://issuetracker.google.com/issues/143810860 to current directory

patch --forward -p1 < boot_signer-support-images-with-dt.patch
cd verity
rm -rf build boot_signer*.jar
mkdir build prebuilt

# download latest AOSP boot_signer.jar and dx.jar from Android CI per https://forum.xda-developers.com/sho...postcount=2272 to prebuilt directory

unzip prebuilt/boot_signer.jar 'org/*' -d build
javac -cp build -d build *.java
jar -cvfm boot_signer.jar BootSignature.mf -C build .
java -jar prebuilt/dx.jar --dex --output=boot_signer-dexed.jar boot_signer.jar
Edit: Reposted with fresh, tested jar builds over in the old Chainfire thread: https://forum.xda-developers.com/and...6/post82618961
The Following 2 Users Say Thank You to osm0sis For This Useful Post: [ View ]
23rd May 2020, 12:39 AM |#2395  
osm0sis's Avatar
OP Recognized Developer / Recognized Contributor
Flag Halifax
Thanks Meter: 31,363
 
Donate to Me
More
Hey y'all! Hope everyone's staying safe out there! Lots of fixes and updates in this one, plus I now build my own boot_signer.jar (formerly BootSignature.jar) to address a signing issue AOSP won't fix (see https://issuetracker.google.com/issues/143810860 for my included patch). Thanks @fawazahmed0 for the nudges to get it figured out.

Just to reiterate for any who missed it before, there's a known bug with cpio 2.13 mangling symlink paths when using --no-absolute-paths (which we need), so I recommend anyone using AIK-Linux to ensure they're on cpio 2.12 instead. Further to that, I've added a warning to AIK-Linux if cpio 2.13 is detected. Thanks to @eng.stk for his help investigating the issue.

Thanks also to @Zackptg5 for the loop mount fixes, and thanks @k4y0z for the help adding amonet support!

The latest AIK Build Farm scripts are available, as always, for any wanting to play along at home. I also wrote a handy little AIK regression tester for myself, linked there as well.

FlashIt was updated over in my Odds and Ends thread, highly recommended as it's the perfect companion package to AIK-mobile.

I work on these projects in my limited time off, so if you like the progress I'm making, or enjoy anything else I've done on xda, please consider sponsoring my ongoing work using my GitHub Sponsors profile. For a one-time donation you can hit the donate link from my profile. Thanks for your support!


Android Image Kitchen v3.7:
- add Amazon Fire amonet patch image loader magic detection and support
- add differentiation of lz4 and lz4-legacy (lz4-l) ramdisks as both exist now and aren't interchangeable
- add repack --origsize option to pad back to original input image size
- update for corrected unpackbootimg/unpackelf suffixes
- update kernel_dump -> sony_dump binary (03.11.2019)
- update mkbootimg, unpackbootimg, pxa-mkbootimg, pxa-unpackbootimg and unpackelf binaries from my repos
- update BootSignature*.jar -> boot_signer*.jar with my patch for boot_img_hdr_v0 + dt section
- update slimmed magic file (from file 5.38) with my own fixes
- update mkimage and dumpimage binaries (2020.04)
- update to the latest Cygwin binaries and libraries

AIK-mobile v3.7 + AIK-Linux v3.7:
- fix mknod loop mount on newer devices (AIK-mobile)
- fix dalvikvm invocation for Android 10 since -Xnodex2oat is removed upstream (AIK-mobile)
- rewrite installer using new unified backend/core with config (AIK-mobile)
- add Amazon Fire amonet patch image loader magic detection and support
- add differentiation of lz4 and lz4-legacy (lz4-l) ramdisks as both exist now and aren't interchangeable
- add repack --origsize option to pad back to original input image size
- add warning about cpio 2.13 --no-absolute-filenames symlink bug (AIK-Linux)
- update for corrected unpackbootimg/unpackelf suffixes
- update kernel_dump -> sony_dump binary (03.11.2019)
- update busybox binary (1.31.1) with the latest patches and fixes from my repo (AIK-mobile)
- update mkbootimg, unpackbootimg, pxa-mkbootimg, pxa-unpackbootimg and unpackelf binaries from my repos
- update BootSignature*.jar -> boot_signer*.jar with my patch for boot_img_hdr_v0 + dt section
- update xz binary (5.2.5) (AIK-mobile)
- update file binary (5.38) (AIK-mobile)
- update slimmed magic file (from file 5.38) with my own fixes
- update mkimage and dumpimage binaries (2020.04)
- update to the latest MacPorts binaries and libraries (AIK-Linux)


More on my own build changes in the commits here: https://github.com/osm0sis/mkbootimg; https://github.com/osm0sis/pxa-mkbootimg; https://github.com/osm0sis/unpackelf; https://github.com/osm0sis/android-busybox-ndk.

Installation information and details on each edition can be found in the OP for Win32 or the AIK-mobile and AIK-Linux initial release notes.


If you are reporting a problem with your device, please clearly state your device name and model/variant as well as provide a link to the image file.
The Following 12 Users Say Thank You to osm0sis For This Useful Post: [ View ]
Today, 06:01 AM |#2396  
Junior Member
Thanks Meter: 1
 
More
Quote:
Originally Posted by osm0sis

Android Image Kitchen -- Unpack/Repack Kernel+Recovery Images, and Edit the ramdisk.

"--origsize", which will cause it to repack then pad it to the size of the original image, this is useful for repacking dumps to then be fastboot flashed; "--

Sorry, using google translator.
If the image is with a signature (boot-sign.img), then when building with finishing up to the original size, the image becomes larger by the size of the signature, that is, you need to finish up to the size without the signature.
The Following User Says Thank You to kory-vadim For This Useful Post: [ View ] Gift kory-vadim Ad-Free
Today, 07:40 AM |#2397  
osm0sis's Avatar
OP Recognized Developer / Recognized Contributor
Flag Halifax
Thanks Meter: 31,363
 
Donate to Me
More
Quote:
Originally Posted by kory-vadim

Sorry, using google translator.
If the image is with a signature (boot-sign.img), then when building with finishing up to the original size, the image becomes larger by the size of the signature, that is, you need to finish up to the size without the signature.

No. The padding is after signing, to the size of the dumped input image (i.e. the size of the partition you dumped it from).
Today, 10:03 AM |#2398  
Junior Member
Thanks Meter: 1
 
More
I did not merge it from the device, this is a stock image from the official firmware.
I mean this signature.
Code:
00000000  53 53 53 53 00 00 00 00  00 00 00 00 00 00 00 00  |SSSS............|
00000010  00 00 00 00 00 00 00 00  00 00 00 00 00 00 00 00  |................|
00000020  00 00 00 00 01 00 00 00  94 00 00 00 40 00 00 00  |[email protected]|
00000030  79 7b 79 7b 00 00 00 00  00 00 00 00 00 00 00 01  |y{y{............|
00000040  41 4e 44 52 4f 49 44 21  13 b1 69 00 00 80 00 80  |ANDROID!..i.....|
00000050
Size boot-sign.img with signature from official firmware = 16777516 bytes
The size of the repackaged image-new.img = 16777516 bytes
Partition size boot = 0x1000000 = 16777216 bytes
To get it right, you need to take the size after cutting the signature at the beginning and end of the image, or else somehow determine the original size, or simply manually edit the size in the boot-sign.img-origsize file.
Post Reply Subscribe to Thread

Tags
kernel, ramdisk, recovery, repack, unpack

Guest Quick Reply (no urls or BBcode)
Message:
Previous Thread Next Thread
Thread Tools Search this Thread
Search this Thread:

Advanced Search
Display Modes