Quote:
Originally Posted by geekmaster
You should be able use "dd" to write to the kernel that is not being used, AFAIK. Write diags kernel from main, or main kernel from diags. I have not tried it though, so YMMV.
|
I think it's entirely possible to overwrite the main
kernel while running in main. In fact, it's exactly what the 5.1.0 update script does (twice!), and all of that while running in main. Just unpack the update.bin and look inside. It's all neatly documented.
It also makes sense: Since the
kernel is loaded in main memory, there is no reason why its "disk location" couldn't be overwritten while it's loaded. Of course, this is not the case for the main
partition.
So yes, cscat's idea is absolutely feasible. You simply need some kind of automatism to boot inside diags (touch ENABLE_DIAGS), then to automatically execute some kind of custom script inside diags (which would run dd and then reboot to main). The latter might even be feasible with a carefully crafted data.tar.gz for diags, but I guess it's easier to modify the diags partition to automatically launch some script.
No rocket science at all. cscat, go ahead and write it!
Edit: it might even be possible to do it entirely from main, in an update script along the lines of
Code:
zcat kernel.img.gz | dd of=/dev/mmcblk0 seek=xxx bs=4K
zcat main.img.gz | dd of=/dev/mmcblk0p1 bs=4K
The rationale why the second line *might* work is that / is mounted ro anyway, so in principle nothing should attempt to write to the partition. And zcat and dd would already be loaded in memory at the time of execution. I may be terribly wrong though, so don't even attempt this unless you are sure that you can debrick the device
