View Single Post
Old 03-01-2012, 09:17 AM   #192
geekmaster
Всё гениальное просто.
geekmaster ought to be getting tired of karma fortunes by now.geekmaster ought to be getting tired of karma fortunes by now.geekmaster ought to be getting tired of karma fortunes by now.geekmaster ought to be getting tired of karma fortunes by now.geekmaster ought to be getting tired of karma fortunes by now.geekmaster ought to be getting tired of karma fortunes by now.geekmaster ought to be getting tired of karma fortunes by now.geekmaster ought to be getting tired of karma fortunes by now.geekmaster ought to be getting tired of karma fortunes by now.geekmaster ought to be getting tired of karma fortunes by now.geekmaster ought to be getting tired of karma fortunes by now.
 
geekmaster's Avatar
 
Posts: 5,067
Karma: 6789001
Join Date: Nov 2011
Location: Щедрость не имеет пределов.
Device: *.*
Quote:
Originally Posted by ixtab View Post
You can use the same uninstaller. *ALL* jailbreaks install the exact same thing (a single file), they just use different methods to do so. Once the jailbreak is installed, you can use any JB uninstaller to remove it.
Actually, different payload destination files are used by some jailbreaks, and an uninstaller for one will NOT work with another. The first common data.tar.gz payload destination was /var/local/system/locale, but that payload sets your locale settings to EN_US, and only works on the touch, and only when booted from the main system partition. Other (less used) locations are /var/local/system/tzVar and /var/local/wan/info. Some of these run automatically on startup, and others require triggering by performing some menu selection. All of these have limitations, and only run in either main or in diags mode, and only work on some kindle models.

The currently popular payload destination file is /var/local/system/mntus.params. This one is particularly powerful and dangerous. It runs on ALL kindles that I have tested it on (touch, k4, k3, dxg, and dx). This payload executes multiple times during startup, and during execution of some other scripts. The downside (and a rather LARGE downside using the payload content of most jailbreaks using it), is that it has bricked a number of kindles when the user installed a version intended for a different kindle model. This is because /var/local/system/mntus.params must either not exist (in which case it will be automatically created), or if it does exists, it MUST contain the correct values for the USB drive parameters needed for that kindle model. Installing the wrong version of this jailbreak bricks the kindle.

The correct solution to this "universal payload destination with model-specific contents" problem is to put only "smart" scripting code into this file, that will detect the environment (kindle model) it finds itself in, and behaves correctly for that instance. It cannot just exit -- this will brick the kindle. As mentioned, if this file exists, it MUST return the correct values for that specific device. There are a couple of ways to do implement a "smart" script to be environmentally aware so that it can do the right thing on all kindles, even if installed on the wrong model.

The one provided in yifanlu's jailbreak package calls system scripts to replace both /var/local/system/mntus.params and /var/local/wan/info with system defaults, but his code contains significant error handling, which indicates that this might fail. If installed on a bricked kindle with damaged or missing scripts, it has a much larger chance of failing, and adding to the problem.

Another way is to have the "smart" code in the payload destination script file avoid calling other scripts, and just use linux commands. The first post in the "Select Boot for K4NT and Touch" thread contains a data.tar.gz including a /var/local/system/mntus.params payload file that does exactly that. It extracts the kindle serial number from /proc/cpuinfo and uses the first four characters to determine the kindle model. Then it assigns return values needed for that kindle model. It also mounts /mnt/us (read-write) so that it CAN find a RUNME.sh script on the USB drive, then it sets /mnt/us/RUNME.done, then it calls RUNME.done. It is necessary to mount the USB drive in this script because the first time it is called during starting (especially if bricked) it can be detected as a 0-byte "fake storage" device, used for battery charging in low-power mode (when the battery is low). Bricked kindles can drain the battery rapidly.

The fact that the other jailbreaks fail to run RUNME.sh on bricked kindles until you manage to charge the battery is not a problem for my data.tar.gz, because it mounts the drive itself and then calls the RUNME.sh file if it exists and there is no RUNME.done.

The RUNME.sh script must be careful to NOT remove the RUNME.done file (unless very careful how it is used), to prevent an infinite boot loop.

Although a "smart" /var/local/system/mntus.params will run during startup on all tested kindle models (dx, dxg, k3, k4, touch), it can only be installed with data.tar.gz on the k4 and touch. Earlier kindles need this installed using other known jailbreak techniques, which defeats the need to use this as a jailbreak. However, because the execution is so early in the startup sequence, I plan to use it for a "boot menu", that lets you decide with partition to boot from, and may even let you boot a loop-mounted operating system on the USB drive. We have successfully loaded and executed kernel image files from the USB drive, so we now know how to boot from custom linux kernels without flashing them with fastboot.

Last edited by geekmaster; 03-01-2012 at 09:27 AM.
geekmaster is offline   Reply With Quote