Thread: [DEVs] Firmware Summary
View Single Post
Old 02-20-2013, 01:41 PM   #18
knc1
Going Viral
knc1 ought to be getting tired of karma fortunes by now.knc1 ought to be getting tired of karma fortunes by now.knc1 ought to be getting tired of karma fortunes by now.knc1 ought to be getting tired of karma fortunes by now.knc1 ought to be getting tired of karma fortunes by now.knc1 ought to be getting tired of karma fortunes by now.knc1 ought to be getting tired of karma fortunes by now.knc1 ought to be getting tired of karma fortunes by now.knc1 ought to be getting tired of karma fortunes by now.knc1 ought to be getting tired of karma fortunes by now.knc1 ought to be getting tired of karma fortunes by now.
 
knc1's Avatar
 
Posts: 17,212
Karma: 18210809
Join Date: Feb 2012
Location: Central Texas
Device: No K1, PW2, KV, KOA
K4 Diag Specifics (from the binary)
Having learned a bit from the 'main' kernel - - -

Assume that the diags kernel came out of the same build process as the main kernel, see if we can get lucky finding the dot-config file.

The kernel uses gzip compression for the dot-config file, so search for those magic numbers:
Spoiler:

Code:
core2quad diags $ od -A d -t x1 kernel_diags_4.0.img | grep '1f 8b 08 00'
0289536 05 00 00 00 1f 8b 08 00 00 00 00 00 02 03 ed 92
0545488 1a 48 02 00 1a 48 02 00 1f 8b 08 00 00 00 00 00
0550144 cc d4 01 00 2c 12 00 00 1f 8b 08 00 00 00 00 00
0553840 00 00 00 00 6a 0e 00 00 1f 8b 08 00 00 00 00 00
0554064 1f 8b 08 00 00 00 00 00 02 03 63 61 60 60 50 01
0554112 1f 8b 08 00 00 00 00 00 02 03 5d 8e 31 0e 40 40
0554240 00 00 00 00 81 00 00 00 1f 8b 08 00 00 00 00 00
0554384 86 00 00 00 00 00 00 00 1f 8b 08 00 00 00 00 00
0554560 a6 00 00 00 00 00 00 00 1f 8b 08 00 00 00 00 00
0554608 26 00 00 00 00 00 00 00 1f 8b 08 00 00 00 00 00
0554736 1f 8b 08 00 00 00 00 00 02 03 5d 8d bb 0d 80 30
0554848 c8 00 00 00 00 00 00 00 1f 8b 08 00 00 00 00 00
0558384 1f 8b 08 00 00 00 00 00 00 03 ed 9d 4f 6c 23 57
0562688 1f 8b 08 00 00 00 00 00 00 03 ed 9d 31 93 dc 46
0566816 1f 8b 08 00 00 00 00 00 00 03 ed 9d 3f 93 dc 46
0572608 1f 8b 08 00 00 00 00 00 00 03 ed 9d bd 8f dc c6
0575600 cc d4 01 00 00 00 00 00 1f 8b 08 00 00 00 00 00
0583168 1f 8b 08 00 00 00 00 00 00 03 ed 9d c1 8f dc 46
0588208 1f 8b 08 00 00 00 00 00 00 03 ed 9d 7f 6c 1b 67
3853328 47 5f 53 54 1f 8b 08 00 43 8a 61 4e 02 03 94 5c


Try the last one found:
Spoiler:

Code:
core2quad diags $ od -A d -t x1 kernel_diags_4.0.img | grep '1f 8b 08 00'
- - - -
3853328 47 5f 53 54 1f 8b 08 00 43 8a 61 4e 02 03 94 5c

core2quad diags $ dd if=kernel_diags_4.0.img bs=1 skip=3853332 of=kd-4.0-99.gz
1269740+0 records in
1269740+0 records out
1269740 bytes (1.3 MB) copied, 4.8644 s, 261 kB/s

core2quad diags $ file kd-4.0-99.gz
kd-4.0-99.gz: gzip compressed data, from Unix, last modified: Fri Sep  2 21:00:35 2011, max compression

core2quad diags $ zcat kd-4.0-99.gz >kd-4.0-99
gzip: kd-4.0-99.gz: decompression OK, trailing garbage ignored

core2quad diags $ file kd-4.0-99
kd-4.0-99: ASCII English text

core2quad diags $ less kd-4.0-99

Yup - that is the kernel dot-config file. Attach a copy of it here.
Code:
core2quad diags $ mv kd-4.0-99 dot-config-diags-4.0
core2quad diags $ gzip dot-config-diags-4.0
Now take a quick check of the configuration options for the initramFS file:
Code:
CONFIG_BLK_DEV_INITRD=y
CONFIG_INITRAMFS_SOURCE="initramfs.list"
CONFIG_INITRAMFS_ROOT_UID=0
CONFIG_INITRAMFS_ROOT_GID=0
CONFIG_RD_GZIP=y
# CONFIG_RD_BZIP2 is not set
# CONFIG_RD_LZMA is not set
CONFIG_INITRAMFS_COMPRESSION_NONE=y
# CONFIG_INITRAMFS_COMPRESSION_GZIP is not set
# CONFIG_INITRAMFS_COMPRESSION_BZIP2 is not set
# CONFIG_INITRAMFS_COMPRESSION_LZMA is not set
Yup, not compressed.

Trim the known, compressed, dot-config off of the kernel image:
Code:
core2quad diags $ dd if=kernel_diags_4.0.img bs=1 count=3853332 of=kd-trim.bin
3853332+0 records in
3853332+0 records out
3853332 bytes (3.9 MB) copied, 14.889 s, 259 kB/s
Search for the -H newc cpio magic number:
Spoiler:

Code:
core2quad diags $ od -A d -t x1 kd-trim.bin | grep '30 37 30 37 30 31' 
0102560 30 37 30 37 30 31 30 30 30 30 30 32 44 31 30 30
0102672 65 76 00 00 30 37 30 37 30 31 30 30 30 30 30 32
0102912 6f 6e 73 6f 6c 65 00 00 30 37 30 37 30 31 30 30
0103040 30 37 30 37 30 31 30 30 30 30 30 32 44 35 30 30
0103152 65 76 2f 7a 65 72 6f 00 30 37 30 37 30 31 30 30
0103280 6d 00 00 00 30 37 30 37 30 31 30 30 30 30 30 32
0103520 6d 69 63 00 30 37 30 37 30 31 30 30 30 30 30 32
0103760 61 74 63 68 64 6f 67 00 30 37 30 37 30 31 30 30
0103888 63 30 00 00 30 37 30 37 30 31 30 30 30 30 30 32
0104016 30 37 30 37 30 31 30 30 30 30 30 32 44 44 30 30
0104256 74 79 6d 78 63 33 00 00 30 37 30 37 30 31 30 30
0104384 63 34 00 00 30 37 30 37 30 31 30 30 30 30 30 32
0104624 62 2f 30 00 30 37 30 37 30 31 30 30 30 30 30 32
0104752 2f 66 62 2f 30 00 00 00 30 37 30 37 30 31 30 30
0104880 6b 30 00 00 30 37 30 37 30 31 30 30 30 30 30 32
0105008 00 00 00 00 30 37 30 37 30 31 30 30 30 30 30 32
0105136 00 00 00 00 30 37 30 37 30 31 30 30 30 30 30 32
0105264 00 00 00 00 30 37 30 37 30 31 30 30 30 30 30 32
0105392 00 00 00 00 30 37 30 37 30 31 30 30 30 30 30 32
0105520 30 37 30 37 30 31 30 30 30 30 30 32 45 39 30 30
0105648 30 37 30 37 30 31 30 30 30 30 30 32 45 41 30 30
0105776 30 37 30 37 30 31 30 30 30 30 30 32 45 42 30 30
0105904 30 37 30 37 30 31 30 30 30 30 30 32 45 43 30 30
0106032 30 37 30 37 30 31 30 30 30 30 30 32 45 44 30 30
0106144 65 76 2f 6d 74 64 00 00 30 37 30 37 30 31 30 30
0106272 00 00 00 00 30 37 30 37 30 31 30 30 30 30 30 32
0106400 30 37 30 37 30 31 30 30 30 30 30 32 46 30 30 30
0106640 74 64 2f 33 00 00 00 00 30 37 30 37 30 31 30 30
0106768 00 00 00 00 30 37 30 37 30 31 30 30 30 30 30 32
0106896 30 37 30 37 30 31 30 30 30 30 30 32 46 34 30 30
0107904 6f 6f 70 30 00 00 00 00 30 37 30 37 30 31 30 30
0108032 00 00 00 00 30 37 30 37 30 31 30 30 30 30 30 32
0108160 30 37 30 37 30 31 30 30 30 30 30 32 46 45 30 30
0108400 32 63 00 00 30 37 30 37 30 31 30 30 30 30 30 33
0108528 30 37 30 37 30 31 30 30 30 30 30 33 30 31 30 30
0108768 32 63 2f 32 00 00 00 00 30 37 30 37 30 31 30 30
0108896 00 00 00 00 30 37 30 37 30 31 30 30 30 30 30 33
0109024 6e 74 30 00 30 37 30 37 30 31 30 30 30 30 30 33
0109152 6e 74 31 00 30 37 30 37 30 31 30 30 30 30 30 33
0109264 30 30 2f 70 72 6f 63 00 30 37 30 37 30 31 30 30
0109504 30 37 30 37 30 31 30 30 30 30 30 33 30 39 30 30
0109616 69 62 00 00 30 37 30 37 30 31 30 30 30 30 30 33
0188240 00 00 00 00 30 37 30 37 30 31 30 30 30 30 30 33
0188368 30 37 30 37 30 31 30 30 30 30 30 33 30 43 30 30
0188480 6e 74 00 00 30 37 30 37 30 31 30 30 30 30 30 33
0239072 02 95 01 00 30 37 30 37 30 31 30 30 30 30 30 33
0274192 30 37 30 37 30 31 30 30 30 30 30 33 31 30 30 30
0309840 30 37 30 37 30 31 30 30 30 30 30 33 31 31 30 30
0353312 02 0a 01 00 30 37 30 37 30 31 30 30 30 30 30 33
0371456 02 80 00 00 30 37 30 37 30 31 30 30 30 30 30 33
0382896 30 37 30 37 30 31 30 30 30 30 30 33 31 34 30 30
0390512 02 3f 00 00 30 37 30 37 30 31 30 30 30 30 30 33
0390624 30 30 2f 62 69 6e 00 00 30 37 30 37 30 31 30 30
0411760 00 00 00 00 30 37 30 37 30 31 30 30 30 30 30 33
0414000 00 00 00 00 30 37 30 37 30 31 30 30 30 30 30 33
0911712 30 37 30 37 30 31 30 30 30 30 30 33 31 42 30 30
0988224 00 00 00 00 30 37 30 37 30 31 30 30 30 30 30 33
1085328 00 00 00 00 30 37 30 37 30 31 30 30 30 30 30 33


Maybe we can get lucky, and it is the first one:
Code:
core2quad diags $ od -A d -t x1 kd-trim.bin | grep '30 37 30 37 30 31' 
0102560 30 37 30 37 30 31 30 30 30 30 30 32 44 31 30 30

core2quad diags $ dd if=kd-trim.bin bs=1 skip=102560 of=kd-trim-00.cpio
3750772+0 records in
3750772+0 records out
3750772 bytes (3.8 MB) copied, 14.8647 s, 252 kB/s

core2quad diags $ file kd-trim-00.cpio
kd-trim-00.cpio: ASCII cpio archive (SVR4 with no CRC)

core2quad diags $ mkdir cpio
core2quad diags $ cd cpio
core2quad cpio $ sudo su

core2quad cpio # cpio -i -d -m  --no-absolute-filenames -I ../kd-trim-00.cpio
cpio: Removing leading `/' from member names
1920 blocks

core2quad cpio # ls -l
total 28
drwxr-xr-x 2 root root 4096 2013-02-20 12:24 bin
drwxr-xr-x 7 root root 4096 2013-02-20 12:24 dev
lrwxrwxrwx 1 root root   18 2013-02-20 12:24 init -> /bin/recovery-util
drwxr-xr-x 3 root root 4096 2013-02-20 12:24 lib
drwxr-xr-x 3 root root 4096 2013-02-20 12:24 mnt
drwxr-xr-x 2 root root 4096 2011-09-02 21:00 proc
drwx------ 2 root root 4096 2011-09-02 21:00 root
drwxr-xr-x 2 root root 4096 2011-09-02 21:00 sys
Got lucky, make an archive of that for reference purposes.
Attached Files
File Type: gz dot-config-diags-4.0.gz (11.5 KB, 241 views)
File Type: gz diags-4.0-irfs.tar.gz (450.7 KB, 250 views)
Last edited by knc1; 02-21-2013 at 09:03 PM.
knc1 is offline   Reply With Quote