|
[Kindle Touch] Firmware 5.1.0 and jailbreak
The data.tar.gz exploit has been fixed with FW 5.1.0.
The only relatively easy remaining jailbreak method is Method 3 from http://yifan.lu/p/kindle-touch-jailbreak/ . However, at least if the mmcblk0p2_ssh.img diags partition is installed, this method fails at the last step. I.e.: the actual payload gets installed on the main partition, but exiting diags mode is impossible. It yields an error about some xml file missing every time (I don't remember the exact file name, but it's something like diags_info.xml or so). The only way to get out of diags mode is to ssh into it (assuming that it actually *is* an SSH-enabled diags partition!), and to issue "idme -d --bootmode main; reboot". Can anybody confirm this? If so, is anybody willing to take a look at this, possibly coming up with a revised (probably even final) version of the jailbreak? |
Quote:
That diags_ssh came from dasmoover, and I added the ssh files to it. Perhaps we should build a new one from a "factory original" diags partition? Does somebody have one they can PM me a link to? Perhaps it is a version mismatch between the diags kernel and partition. I will put ssh in the good one... EDIT: Perhaps I should include my touchscreen onscreen keyboard and console in the new jailbreak? And GUI buttons and stuff. (No custom code -- only sh script that uses a few built-ins)... :D |
Wouldn't it be easier to modify 5.1 update. We could include older busybox, userstore files from /etc, remove sanity checks and sign it with jailbreak key...
Btw, lab126 has implemented ARM NEON in kernel, which speeds up e-ink display a little. |
Quote:
|
I am cleaning up my onscreen keyboard and console shell, to use with my jailbreak that *should* probably work with the new firmware. But... I *need* a new diags partition image to test it. It exploits a bug in the diags menu. I need to see if it still works before I release it to a flood of complaints if it was fixed.
Could somebody please supply me with a link to a compressed (.zip or .gz is fine) mmbclk0p2.img for 5.1.0? Put it on mediafire or wherever... Thanks. I will release my new jailbreak AFTER I test it on a 5.1.0 diags partition... Do I *really* need to start a NEW thread for this request to get noticed by somebody who will take the time and effort to do this for me? :rolleyes: |
I'm pretty sure that the update does not change the diags partition. At least, after reverting to 5.0.0, then updating to 5.1.0 using this method, SSH was still available on the diags partition.
There might have been some file updates though. If noone else does it till then, I'll send you a dump when I get back home (still some 6-8h to go). |
Quote:
PS: I have successfully jailbroken my 5.1 Kindle. Thanks! |
Quote:
Just created one and uploading to dropbox. However my internet is really slow. |
Quote:
Perhaps we need to do that to the diags partition with ssh, and then repost it. That will eliminate a lot of confusion for many people, I think... Thanks for the reminder... A little karma bump for that. :D |
Quote:
|
After updating to the new firmware I had a problem. At every reboot the kindle would go into the Kindle needs repair screen. The only way to prevent this was to connect my kindle to a computer so that it would go directly into the USB drive mode. After disconnecting, it would return to the main menu.
The cause of this was the fact that I had installed some custom fonts but I removed the custom libfreetype. The fonts displayed correctly in the UI but caused some boot hiccups. After installing the custom libfreetype, the problem went away. I posted this so that if anyone has the same problem, they will be able to get their Kindle to work again. Now the only problem left is that I cannot edit fonts anymore as the fonthack is incompatible with the new firmware. All Dev Apps refuse to open, throwing the same error (App incompatible, please update Kindle). (Krosswords does this too for me.) This does not bother me too much at the moment because I am happy with my custom fonts. One question tough: If I run the fonthack uninstaller, would the fonts return to default? |
5.1.0 doesn't change diags partition.
/var/local/system/locale and /var/local/system/tzVar aren't sourced anymore in upstart scripts, but rather parsed. data.tar.gz extraction step is removed from appropriate upstart script. But there is something new. /var/local/system/fixup and /var/local/system/onetimefixup are checked for existence and (on success) executed. And if /var/local/system/onetimefixup had been executed, it will be deleted afterwards. |
Quote:
|
Quote:
|
UPDATE: The following information is for the diags partition that comes factory installed on the new kindles shipped with 5.1.0. The 5.1.0 update package does not install these changes on a kindle with older firmware. I flashed this new diags partition to my kindle touch, and there is an image file available with SSH pre-installed (see the "simple debricking" thread for download links).
I just compared that 5.1.0 diags image to my virgin 5.0.0 diags image. There are 153 files that are different, but a lot of those are symlinks. 5.0.0 diags: /etc/version.txt: Software System Version: 137022-diags_signed-137022 Thu Nov 3 11:23:42 PDT 2011 5.1.0 diags: /etc/version.txt: Software System Version: 137333-diags_signed-137333 Wed Nov 9 15:20:31 PST 2011 The shadow files are different too (as expected). The root passwords have different hashes. The diags root password is fiona180, which is probably derived from the serial number of the kindle that contained this image. For the diags_ssh, I changed the root password to use the mario hash, so it was not locked to a serial number. /etc/guid is different too (also as expected). /etc/fstab is different. It now contains the nfs mount , and the usb drive now had "nonempty" removed from it. Many binary files are different in /bin, /sbin, /usr/bin, and /usr/sbin. libcrypto.so is different. mx50_yoshi_mma8453.ko is different. And... /opt/factory/system_diags is different! This means that my jailbreak "secret" method might not work. I will need to flash this and test it. :( So... in general... EVERYTHING that matters is DIFFERENT in the new diags partition that comes installed on new kindles. :eek: EDIT: Thanks thomass! :thumbsup: UPDATE: /opt/factory/diagrootfs_md5_list is different. Specifically. these lines have changed: Code:
----- old -----(As mentioned above, these changes are not installed when you update old firmware to 5.1.0 using the firmware update install package.) :rolleyes: |
| All times are GMT -4. The time now is 05:00 PM. |
Powered by: vBulletin
Copyright ©2000 - 3.8.5, Jelsoft Enterprises Ltd.
MobileRead.com is a privately owned, operated and funded community.