12-11-2019, 01:06 AM | #16 | |
Nil adsuetudine maius
Posts: 278
Karma: 500000
Join Date: Nov 2019
Location: US
Device: PW4
|
Quote:
This is news to me and I owe you an apology. Every OTP, SOC or fused eMMC that I've ever worked with has secure = 1 (logically denoted as "1", I know that a blown fuse for an old school masked chip is an electrical open). So news to me that secure = 0 for Kindle. Thanks for explaining & I'll drink more coffee before posting next time. takes a seat in the corner and looks around for a pointy hat. or a data sheet even Last edited by Junket; 12-11-2019 at 01:47 AM. |
|
12-11-2019, 03:50 AM | #17 |
Enhtusiast
Posts: 51
Karma: 2332557
Join Date: Dec 2018
Device: K3 DxG PW1 KV PW4
|
I'm not 100% sure regarding this particular secureCpu mechanism, nor how trip-able is et here, however I can see following piece of code in the Amazon's published source:
uboot/board/lab126/mx6sll_rex/secure_boot_cfg.c: Code:
static int is_secure_cpu(void) { u32 val; int n = 0; if (!is_hab_enabled()) { printf("is_secure_cpu: SEC_CONFIG is not set\n"); return 0; } for (n=0; n<SRK_HASH_BANK_SIZE; n++) { if (fuse_read(SRK_HASH_BANK, n, &val)) { printf("is_secure_cpu: fuse reading bank %d word %d failed\n", SRK_HASH_BANK, n); return 0; } if ( val != srk_hash[n] ) { printf("is_secure_cpu: bank %d word %d reading not matching (0x%x)\n", SRK_HASH_BANK, n, val); return 0; } } return 1; } This function is then used to prepare kernel boot command parameters: Code:
secure_cpu = is_secure_cpu(); (...) sprintf(secure_args, "secure_cpu=%d androidboot.secure_cpu=%d androidboot.prod=%d androidboot.unlocked_kernel=%s", secure_cpu, secure_cpu, production, unlocked ? "true" : "false"); They can probably be reset to 0 but that'll likely also purge the kernel verification keys/certificates (for some Snapdragon SoCs it was purging also the DRM partition, I'm not sure how it works here, I'm still searching for some docs) After the system is already started the value of secureCpu, prodVersion and unlockedKernel is not taken from the fusebank anymore but from /proc/cmdline that is set during uboot and does not change in runtime. Example content of /proc/cmdline from a locked and secured device: Code:
"console=ttymxc0,115200 consoleblank=0 uart_at_4m root=/dev/mmcblk1p8 rootwait quiet secure_cpu=1 androidboot.secure_cpu=1 androidboot.prod=1 androidboot.unlocked_kernel=false" Code:
if [ "$prodVersion" == "0" -o "$unlockedKernel" == "true" -o "$secureCpu" = "0" ]; then
|
Advert | |
|
12-11-2019, 08:38 AM | #18 |
BLAM!
Posts: 13,478
Karma: 26012494
Join Date: Jun 2010
Location: Paris, France
Device: Kindle 2i, 3g, 4, 5w, PW, PW2, PW5; Kobo H2O, Forma, Elipsa, Sage, C2E
|
IIRC, there's a depgraph tool in the upstart distribution *itself* (except it's of course not shipped on Kindle).
I can't for the life of me remember its name, though (hell, I couldn't even remember the name "upstart" yesterday -_-"). |
12-11-2019, 08:48 AM | #19 |
Enhtusiast
Posts: 51
Karma: 2332557
Join Date: Dec 2018
Device: K3 DxG PW1 KV PW4
|
There was initctl2dot tool added to upstart ~2012. Unfortunately Kindle uses upstart build from 2010...
I tried to port it directly from the upstart package as it actually a python3 script, but kindle upstart implementation does not provide necessary interfaces for the script to work... (initctl show-config) |
12-11-2019, 09:13 AM | #20 |
Nil adsuetudine maius
Posts: 278
Karma: 500000
Join Date: Nov 2019
Location: US
Device: PW4
|
FWIW, sounds like initctl2dot hails from March 2011.
|
Advert | |
|
12-12-2019, 06:02 AM | #21 | |
Enhtusiast
Posts: 51
Karma: 2332557
Join Date: Dec 2018
Device: K3 DxG PW1 KV PW4
|
Soooo... I've written a script that mimics initctl show-convig -e functionality on a given folder.
I've transferred whole /etc/upstart to PC: Code:
> ./initctl_show_config.sh upstart/ > upstart.txt # this took many seconds :) > python initctl2dot.py -f upstart.txt -o upstart.dot > dot -Tjpg -o kindle_upstart.jpg upstart.dot Quote:
Last edited by MrTick; 12-12-2019 at 06:17 AM. Reason: Renamed jpg to inclulde HW and version |
|
12-22-2019, 06:32 PM | #22 |
Member
Posts: 18
Karma: 638
Join Date: Feb 2016
Device: kobo aura hd
|
I did not remember I have installed the hotfix, but it works perfectly fine for my voyage and pw4. Thank you.
|
12-25-2019, 12:37 PM | #23 | |
Member
Posts: 13
Karma: 10
Join Date: Aug 2014
Location: Germany
Device: Kindle Voyage
|
Quote:
|
|
12-25-2019, 11:11 PM | #24 |
Junior Member
Posts: 8
Karma: 10
Join Date: Jun 2018
Device: KOA2
|
Thanks a lot! It restored access to the jb. I thought I lost my JB when updated with 1.15 hotfix.
|
12-27-2019, 06:09 PM | #25 |
Enthusiast
Posts: 41
Karma: 10
Join Date: Jun 2019
Device: Kindle PW4
|
I love you so so so so much!!!
It restored my JB as well, after updating to the 5.12.2. It's been a couple months since I wasn't turning the airplane mode off, awaiting for a solution. Today I found it! Thanks!!!!! |
12-31-2019, 12:51 PM | #26 |
Member
Posts: 13
Karma: 10
Join Date: Nov 2004
Device: Kindle 3 WiFi
|
Thank you Mr Tick, your instructions worked great!
Thank you Mr Tick for sharing!
The steps you listed in your first post worked perfectly for me, I now can play chess again on my Kindle PW 3 running 5.12.3. FWIW, the new KUAL hotfix via UYK did not work for me, I got an error 7. But following the steps in the first post of this thread restored everything. Happy new year everyone. |
01-24-2020, 04:25 PM | #27 |
Addict
Posts: 227
Karma: 944808
Join Date: Apr 2009
Device: Kobo Libra 2, Forma and Aura One; Kindle Voyage; Galaxy Note 10
|
Another vote of "Thanks" to MrTick for this jailbreak restore technique. I had given up hope when my Kindle Voyage updated to 5.12.3 and lost the screensavers and font hacks. Following the steps in the first post completely restored them. As noted in the post immediately above, the Kual hotfix (from the coplate) archive does not install via Update Your Kindle. Since you've got ;log mrpi working again, you should just use the regular install bin (not the hotfix) from the coplate archive and drop it into mrpackages.
|
01-25-2020, 05:09 PM | #28 |
BLAM!
Posts: 13,478
Karma: 26012494
Join Date: Jun 2010
Location: Paris, France
Device: Kindle 2i, 3g, 4, 5w, PW, PW2, PW5; Kobo H2O, Forma, Elipsa, Sage, C2E
|
Nope, don't use coplate's packages, the code is *horribly* outdated, and will *NOT* protect your JB on current FW versions.
When you've restored ;log like this, use the *bridge* install package from the JB instead. |
03-08-2020, 02:59 PM | #29 |
Junior Member
Posts: 4
Karma: 10
Join Date: Mar 2020
Location: Canada
Device: PW3,PW4
|
Hi, I'm trying to follow along here but I think I have hit a wall. I have a PW3 and lost my JB after an OTA. I'm not sure when exactly it happened, but I only noticed the other day.
The device has a G090 serial number, and has firmware version 5.12.3 I used the script from this thread to restore the ;log command but I am unable to install packages with mrpi (error 126), and if I use UYK I get Error 007. I will include a pastebin to my MRPI log if anyone is interested and has the time to take a look and has any advice for me - https://pastebin.com/tHuJyUUC Thanks. |
03-08-2020, 03:16 PM | #30 |
BLAM!
Posts: 13,478
Karma: 26012494
Join Date: Jun 2010
Location: Paris, France
Device: Kindle 2i, 3g, 4, 5w, PW, PW2, PW5; Kobo H2O, Forma, Elipsa, Sage, C2E
|
Same issue as https://www.mobileread.com/forums/sh...d.php?t=327855 (your bridge was too old, it suffers from the 5.10 bug, among potentially a host of other bugs).
I *think* at the time we fixed that via a JB hotfix, but if you've accumulated enough issues that make a hotfix unusable, you're now mostly screwed. Last edited by NiLuJe; 03-08-2020 at 03:19 PM. |
Tags |
;log |
|
Similar Threads | ||||
Thread | Thread Starter | Forum | Replies | Last Post |
Kindle DXG B009 Restore firmware??? | blackwolf511 | Kindle Developer's Corner | 24 | 09-14-2016 04:31 PM |
Does anyone have a Kindle dxg firmware 2.5.8 restore file to downgrade from 3.2.1? | gczobel | Kindle Developer's Corner | 2 | 09-08-2015 10:22 AM |
does anyone have a kindle dxg firmware 2.5.8 restore file to downgrade from 3.2.1? | baruleluna | Kindle Developer's Corner | 3 | 09-30-2013 05:43 PM |
PRS-950 HELP PLZ! How to restore PRS-950's firmware back to ver.1 ? | hitman | Sony Reader Dev Corner | 0 | 02-26-2013 12:10 PM |
any one has kindle dx restore firmware?? | chinaet | Kindle Developer's Corner | 0 | 07-25-2009 05:14 AM |