Project

General

Profile

GTI9100GBootloaderFreedom » History » Version 19

Denis 'GNUtoo' Carikli, 03/17/2020 06:47 PM

1 1 Denis 'GNUtoo' Carikli
h1. I9100GBootloader
2
3 9 Denis 'GNUtoo' Carikli
{{toc}}
4 3 Denis 'GNUtoo' Carikli
5 11 Denis 'GNUtoo' Carikli
h2. How to check if you have a signed bootloader
6 3 Denis 'GNUtoo' Carikli
7 11 Denis 'GNUtoo' Carikli
h3. How to check from the bootloader interface to install the recovery.
8 7 Denis 'GNUtoo' Carikli
9 8 Denis 'GNUtoo' Carikli
To do that you need to get into the ODIN MODE that is typically used to install the Replicant recovery:
10 1 Denis 'GNUtoo' Carikli
11 7 Denis 'GNUtoo' Carikli
# Start the device by holding the following key combination: *Volume down, Select, Power*,
12
# Hold the key combination until the device shows a *Warning* message.
13
# Confirm that you want to download a custom OS using volume up
14
# Make sure the device is in *Downloading* mode
15
16
When this is done, it should show some text:
17
<pre>
18
ODIN MODE
19
PRODUCT NAME: GT-I9100G_CHN_CHN
20
</pre>
21
22 10 Denis 'GNUtoo' Carikli
Here CHN_CHN probably refers to the Chinese version. And it looks like that version has a signed bootloader: According to "a thread on the XDA developers forum":https://forum.xda-developers.com/galaxy-s2/development/guide-repair-totally-sleep-dead-boot-t1701471 "Means that you own a chinese bootloader locked I9100G. You can't flash any other bootloader than the chinese one."
23 1 Denis 'GNUtoo' Carikli
24 12 Denis 'GNUtoo' Carikli
h3. How to check with command line utilities
25 5 Denis 'GNUtoo' Carikli
26 1 Denis 'GNUtoo' Carikli
To get the bootrom to try to boot on USB, you need to do the following:
27
* Connect the USB cable to the device but make sure it's not connected on the computer.
28
* Power off the device
29
* Connect the USB cable
30
31
If we do that, we get the following in the kernel log of your laptop:
32
<pre>
33
usb 1-1: new high-speed USB device number 24 using ehci-pci
34
usb 1-1: unable to get BOS descriptor or descriptor too short
35
usb 1-1: New USB device found, idVendor=0451, idProduct=d00f, bcdDevice= 0.00
36
usb 1-1: New USB device strings: Mfr=33, Product=37, SerialNumber=0
37
usb 1-1: Product: OMAP4430
38
usb 1-1: Manufacturer: Texas Instruments
39
</pre>
40
41
We can also try to get a bit more infos with omap-usb-boot:
42
<pre>
43
$ sudo omap-usb-boot -v -w boot invalidbootmedia
44
Finding and opening USB device
45
Found and opened omap4 USB device: OMAP4430
46
ASIC device id: 4430, HS device
47
Booting from device invalidbootmedia...
48
Booting device invalidbootmedia not found
49
Booting from device failed
50
</pre>
51
52
Here we know the device is signed because it's a "HS device".
53
If it was not signed it would print "GP device" instead.
54 9 Denis 'GNUtoo' Carikli
55 11 Denis 'GNUtoo' Carikli
h3. Using the Android version or other devices properties?
56 9 Denis 'GNUtoo' Carikli
57 15 Denis 'GNUtoo' Carikli
"hpagseddy/i9100g_xloader":https://github.com/hpagseddy/i9100g_xloader is based on "ths-backup/i9100g_xloader":https://github.com/ths-backup/i9100g_xloader which has an ics (Icecream Sandwitch, an Android version) branch only. According to hpagseddy, that branch is also used for Android Jelly brean.
58 9 Denis 'GNUtoo' Carikli
59
It's still unclear if there is some correlation between Android version and signed bootloaders.
60
61
The device that was given to [[People#Denis-GNUtoo-Carikli|GNUtoo]] that has a signed bootloader also has the following characteristics:
62
63
*Software state*: Running the stock OS, unmodified
64
*Android version*: Android 2.3.6
65
*Baseband version*: IG9100GZCLC2
66
*Build number*: GINGERBREAD.ZCLC2
67
*Kernel version*: 2.6.35.7 se.infra@SEI-30#2
68
69 18 Denis 'GNUtoo' Carikli
According to "a thread on XDA":https://forum.xda-developers.com/galaxy-s2/development/bootloader-t1754158 there is a corelation between the @Baseband version@ and the geographic zone that is targeted. And as we can see above, the @Build number@ seem to be related to the @Baseband version@ as well. While the list of baseband versions is incomplete, we can still use it to avoid the Chinese version (CHN_CHN) which has a signed bootloader. 
70 17 Denis 'GNUtoo' Carikli
71
At this point it's also still unclear if any of the other characteristics above correlate to signed or unsigned bootloaders.
72 2 Denis 'GNUtoo' Carikli
73 19 Denis 'GNUtoo' Carikli
As the binaries are under the GPLv2 or later, It would also be a good idea to collect all of them, match them with the device characteristics like the @Build@ number and @Baseband version@, and verify if they are signed or not with some tool.
74
75 2 Denis 'GNUtoo' Carikli
h2. Source code
76
77
* https://github.com/hpagseddy/i9100g_xloader This got rebuilt and flashed, and it worked on the device it was tested on.
78
* https://blog.the-leviathan.ch/?p=408
79
80 1 Denis 'GNUtoo' Carikli
h2. TODO
81
82 16 Denis 'GNUtoo' Carikli
* Document the various firmware version mentioned here: https://www.sammobile.com/samsung/galaxy-s2/firmware/#GT-I9100G
83 1 Denis 'GNUtoo' Carikli
* Understand how to get unsigned versions (Android version, serial number, etc)
84 13 Denis 'GNUtoo' Carikli
* Get a device with an unsigned bootloader and u-boot and ask samsung for source code
85 14 Denis 'GNUtoo' Carikli
* Check the boot order on unsigned devices (is it possible to boot from USB easily?)
86 6 Denis 'GNUtoo' Carikli
* Try to boot the xloader nevertheless, as the device could be in some "verify but not enforce mode" for signatures