Project

General

Profile

Actions

AddingADBRootToAnImage » History » Revision 7

« Previous | Revision 7/17 (diff) | Next »
Denis 'GNUtoo' Carikli, 02/17/2020 11:59 PM


AddingADB

In this tutorial we'll add adb root support to an existing Replicant release.

This is valid for the following configuration:
  • Image: replicant-6.0-0004-rc1-maguro.zip
  • Device: Galaxy Nexus (GT-I9250)

You'll need to adapt it slightly for other devices.

First extract the boot.img from the zip

$ mkdir temp
$ cd temp 
$ unzip ../replicant-6.0-0004-rc1-maguro.zip
$ file boot.img
boot.img: Android bootimg, kernel, ramdisk, page size: 2048, cmdline (androidboot.hardware=tuna)

Then extract the kernel, and initramfs from the boot.img. Also save the infos such as the load address, etc in boot.txt:

$ unbootimg --kernel kernel.img --ramdisk ramdisk.cpio.gz -i boot.img | tee boot.txt
total image size:   5619712
kernel size:        4604340
kernel load addr:   0x80008000
ramdisk size:       1009915
ramdisk load addr:  0x81000000
2nd boot size:      0
2nd boot load addr: 0x80f00000
kernel tags addr:   0x80000100
page size:          2048
board:              `'
cmdline:            `androidboot.hardware=tuna'
id:                 9b90141066f527ecd3909d2ab8e383ebd995fd40000

Then uncompress the initramfs

$ gunzip ramdisk.cpio.gz
$ file ramdisk.cpio 
ramdisk.cpio: ASCII cpio archive (SVR4 with no CRC)

Then edit the default.props, we use sed on the raw cpio image for simplicity (we don't have permissions and username to take care of this way):

$ sed 's#ro.adb.secure=1#               #' -i ramdisk.cpio
$ sed 's#ro.secure=1#ro.secure=0#' -i ramdisk.cpio
$ sed 's#persist.sys.usb.config=none#persist.sys.usb.config=adb #' -i ramdisk.cpio

Then recompress the initramfs

$ gzip ramdisk.cpio

We then recreate the image with the infos we saved in boot.txt. Note that the base is 0x80000000. The kernel has an offset and will be in 0x80008000:

$ mkbootimg --cmdline="androidboot.hardware=tuna" --kernel kernel.img --ramdisk ramdisk.cpio.gz  --base 0x80000000 -o boot_new.img

Verify that we got all the arguments right:

$ unbootimg -i boot_new.img | tee boot_new.txt
$ diff -u boot.txt boot_new.txt
$ --- boot.txt    2020-02-18 00:39:59.890285634 +0100
+++ boot_new.txt    2020-02-18 00:44:16.208897037 +0100
@@ -1,7 +1,7 @@
 total image size:   5619712
 kernel size:        4604340
 kernel load addr:   0x80008000
-ramdisk size:       1009915
+ramdisk size:       1010280
 ramdisk load addr:  0x81000000
 2nd boot size:      0
 2nd boot load addr: 0x80f00000
@@ -9,4 +9,4 @@
 page size:          2048
 board:              `'
 cmdline:            `androidboot.hardware=tuna'
-id:                 9b90141066f527ecd3909d2ab8e383ebd995fd40000
+id:                 dd37b2ae1e50be62fe5c94b81b85aa56ffea17be000

You can then reflash the boot.img image.

Don't forget to adjust the heimdall arguments for your device.

If in doubt, it's better to consult the Replicant installation instructions that have the good heimdall arguments, as wrong arguments can completely break your device, making it too complicated to repair (you'd have to un-solder and re-solder resistors that are hardly visible).

heimdall flash --boot boot.img --recovery boot.img

Then you can use adb:

$ adb logcat -b main

Updated by Denis 'GNUtoo' Carikli about 4 years ago · 7 revisions

Also available in: PDF HTML TXT