Project

General

Profile

GTI9100GBootloaderFreedom » History » Version 6

Denis 'GNUtoo' Carikli, 03/06/2020 11:31 PM

1 1 Denis 'GNUtoo' Carikli
h1. I9100GBootloader
2
3 2 Denis 'GNUtoo' Carikli
h2. Unsigned versions
4
5 3 Denis 'GNUtoo' Carikli
We need to correlate some devices property (like the Android version it's shipped with, serial numbers, etc) to be able to easily differentiate between signed and unsigned versions, to makes it much more simple to get devices with unsigned bootloaders.
6 1 Denis 'GNUtoo' Carikli
7 3 Denis 'GNUtoo' Carikli
"hpagseddy/i9100g_xloader":https://github.com/hpagseddy/i9100g_xloader is based on "ths-backup/i9100g_xloader":https://github.com/ths-backup/i9100g_xloader which has an ics (Icecream Sandwitch, an Android version) branch only.
8
9
Devices with Android 4.0.4 or 4.1.2 might have the unsigned bootloader while at least one device with Android 2.3.6 have a signed bootloader.
10
11 1 Denis 'GNUtoo' Carikli
h2. Signed versions
12 3 Denis 'GNUtoo' Carikli
13 4 Denis 'GNUtoo' Carikli
[[People#Denis-GNUtoo-Carikli|GNUtoo]] was given a device with the following characteristics:
14 3 Denis 'GNUtoo' Carikli
15
*Software state*: Running the stock OS, unmodified
16
*Android version*: Android 2.3.6
17
*Baseband version*: IG9100GZCLC2
18
*Build number*: GINGERBREAD.ZCLC2
19
*Kernel version*: 2.6.35.7 se.infra@SEI-30#2
20
21
For the IMSI, Serial numbers, etc you'd have to ask him.
22 1 Denis 'GNUtoo' Carikli
23 5 Denis 'GNUtoo' Carikli
h2. How to check for signed bootloader
24
25 1 Denis 'GNUtoo' Carikli
To get the bootrom to try to boot on USB, you need to do the following:
26
* Connect the USB cable to the device but make sure it's not connected on the computer.
27
* Power off the device
28
* Connect the USB cable
29
30
If we do that, we get the following in the kernel log of your laptop:
31
<pre>
32
usb 1-1: new high-speed USB device number 24 using ehci-pci
33
usb 1-1: unable to get BOS descriptor or descriptor too short
34
usb 1-1: New USB device found, idVendor=0451, idProduct=d00f, bcdDevice= 0.00
35
usb 1-1: New USB device strings: Mfr=33, Product=37, SerialNumber=0
36
usb 1-1: Product: OMAP4430
37
usb 1-1: Manufacturer: Texas Instruments
38
</pre>
39
40
We can also try to get a bit more infos with omap-usb-boot:
41
<pre>
42
$ sudo omap-usb-boot -v -w boot invalidbootmedia
43
Finding and opening USB device
44
Found and opened omap4 USB device: OMAP4430
45
ASIC device id: 4430, HS device
46
Booting from device invalidbootmedia...
47
Booting device invalidbootmedia not found
48
Booting from device failed
49
</pre>
50
51
Here we know the device is signed because it's a "HS device".
52 2 Denis 'GNUtoo' Carikli
If it was not signed it would print "GP device" instead.
53
54
h2. Source code
55
56
* https://github.com/hpagseddy/i9100g_xloader This got rebuilt and flashed, and it worked on the device it was tested on.
57
* https://blog.the-leviathan.ch/?p=408
58
59 1 Denis 'GNUtoo' Carikli
h2. TODO
60
61
* Understand how to get unsigned versions (Android version, serial number, etc)
62
* Get a device with u-boot and ask samsung for source code
63 6 Denis 'GNUtoo' Carikli
* Try to boot the xloader nevertheless, as the device could be in some "verify but not enforce mode" for signatures