Register Guidelines E-Books Search Today's Posts Mark Forums Read

Go Back   MobileRead Forums > E-Book Readers > Amazon Kindle > Kindle Developer's Corner

Notices

Reply
 
Thread Tools Search this Thread
Old 02-25-2012, 04:02 AM   #1
geekmaster
Carpe diem, c'est la vie.
geekmaster ought to be getting tired of karma fortunes by now.geekmaster ought to be getting tired of karma fortunes by now.geekmaster ought to be getting tired of karma fortunes by now.geekmaster ought to be getting tired of karma fortunes by now.geekmaster ought to be getting tired of karma fortunes by now.geekmaster ought to be getting tired of karma fortunes by now.geekmaster ought to be getting tired of karma fortunes by now.geekmaster ought to be getting tired of karma fortunes by now.geekmaster ought to be getting tired of karma fortunes by now.geekmaster ought to be getting tired of karma fortunes by now.geekmaster ought to be getting tired of karma fortunes by now.
 
geekmaster's Avatar
 
Posts: 6,433
Karma: 10773670
Join Date: Nov 2011
Location: Multiverse 6627A
Device: K1 to PW3
Arrow Fastboot Manifesto

Summary

The kindles have a "Magic Bullet" that will ALWAYS allow custom code to be installed on them, including anything from just adding a jailbreak key, custom screensaver or custom fonts, all the way up to installing a completely different operating system on them, like Android OS. These tools already exist and we know how to use them. Simple step-by-step instructions will be provided, along with custom partition images that already contain the custom changes that we want.

Why Not Fastboot Mode?

Up until now, I was thinking that because fastboot is TOO powerful (and therefore too dangerous for beginners) that we should avoid it and use the tools that amazon provided us as much as possible, as close to their default configuration as possible. That means using as simple a method as possible to install custom code onto the kindle.

Jailbreak

Because all kindle models are able to install signed update packages, the normal jailbreak procedure adds a custom key so that developer-signed update packages can be installed using the "Update your kindle" menu item, just as though they were amazon-signed update packages. These developer-signed updates contain installation scripts that run during the installation, and can make any changes to your kindle including adding new screensavers, new fonts, or even USB networking so you can use SSH to get a root shell.

Rooting

The real problem when a kindle model comes out, or a new firmware update for existing kindles, is how to get that custom key installed onto the main system root partition in the first place. That requires a lot of research to locate a method of gaining root access (usually calling "rooting" the device) so that custom code can be run. For kindles, the first thing that rooting it does is to install the custom key, so that user-selected custom apps can be installed using developer-signed updates.

On the new k4 (kindle mini), it turned out that root access was provided directly in the USBnet menu item in diags. Just add ENABLE_DIAGS to the USB drive and reboot, then enable USBnet from the diags menu and use SSH to get a root shell. With a root shell, you can make any changes you want and install any programs you want. One of the first things you want is to copy the dropbear files from diags to main so you can use SSH to get a root shell when booted from main. Another thing you want is to install the custom key so that developer-signed updates can be installed from the "Update your kindle" menu, just like all the other kindles.

For the Touch, things are a little different than the K4, because diags is missing files needed to allow SSH when you enable USBnet from the diags menu. In that case it was necessary to find a bug to exploit. The first one found was the "MP3 bug" that allowed a specially designed MP3 file to execute code that it contained. This was used to create the MP3 Jailbreak, that installed the custom key so that developer-signed updates can be installed from the "Update your kindle" menu.

Firmware Updates

Then firmware version 5.0.3 came out, which fixed the MP3 bug, so a new method was needed to jailbreak new kindles that come with 5.0.3 firmware. The replacement jailbreak uses the current "tar root path bug", which uses data.tar.gz to install custom code to writable locations but does NOT execute this custom code. It was necessary to study the startup scripts to locate locations where custom code could be written by data.tar.gz AND to find a method to trigger execution of that code. Multiple places were found in /var/local that can contain custom script code that gets executed during startup. The first location used was /var/local/system/locale, but this only worked on the touch, and only when booting from main.

The search continued for other locations and trigger methods, in case new firmware disables the existing method. Multiple locations and trigger methods were discovered, some of which only work in main, and some only in diags, and some only on the Touch, and others on the K4. The one we will use in this thread is the "/var/local/system/mntus.params" payload script. This one is particularly powerful because it runs on the Touch in both main and in diags, and it runs on the K4 in both main and in diags, and it runs on the K3, and DX and DXG. Besides this particular payload destination being powerful, it is also dangerous. If you use a mntus.params designed for a different kindle model, it can make the startup scripts erase your USB Drive. If you make even a small mistake when using it to run custom code, it can brick your kindle severely so that you cannot boot to main or diags, and you cannot access the USB drive. In this case, only "USB Downloader" mode can access it. It can be deployed on the K4 and Touch in a data.tar.gz file.

USB Downloader Mode and the Magic Key

We can get to USB Downloader mode by plugging in the USB cable so the power LED is on, then holding the power button until the LED turns off, then before releasing the power button we need to hold the "Magic Key" while releasing the power button. Each kindle model has a different "Magic Key" (what it is actually called in the source code). The Touch uses the Home button (its only button) as the Magic Key. The K4 uses the Five-way Down button as the Magic Key. The K3 uses the Volume Down button (Vol-) as the Magic Key, but it also uses a different VID/PID and needs a different tool to communicate with it.

As we learned more about USB Downloader mode, what we called it kept changing. In these forums it can be called "USB HID" mode (because that is how it appears in Windows Device Manager), and it can be called "USB Recovery" mode (because that is what we want to use it for), but in the manufacturer documentation they call it "USB Downloader" mode (which is the official name for it). When in USB Downloader mode, the K4 and Touch appear to be a USB HID device with VID/PID 0x15a2/0x0052. Special software that can be downloaded from the manufacturer website (freescale.com) can communicate with a kindle using that VID/PID. The software that we use in this thread is called "MfgTool". It allows many things, including writing new firmware to the mmc storage device. But we use it to load and execute custom code in the kindle RAM memory. In this thread, we use custom u-boot bootloader code to select which bootmode we want and to boot to that mode. The bootmodes provided here are main, diags, and fastboot. For a kindle bricked so badly that it can only boot to fastboot mode, we need to repair it either using MfgTool (which works in USB Downloader mode) or we can repair it in fastboot mode using the kindle fastboot tool.

Fastboot Mode -- Why Use It?

It is a lot faster and easier to use the fastboot tool which does everything with command line parameters, than to use MfgTool, which can do many of the same things as fastboot, but requires custom XML files to configure each and every thing you want to do. Fastboot is easier, so we will use that. We only use MfgTool to boot to main, diags, or fastboot mode.

Fastboot is very powerful, and can easily erase or reprogram anything or everything in your kindle mmc storage device (including the USB drive, and the main firmware, and the diags firmware). Where the danger lies is that it can even destroy the part of the firmware that the fastboot tool talks to, making even fastboot no longer work. In that case you can fall back to MfgTool, which will ALWAYS work, because it ONLY relies on features built into the CPU chip (iMX50 SoC). That makes fastboot somewhat less dangerous, because even if you disable fastboot support by using fastboot incorrectly, you can ALWAYS recover your kindle with MfgTool. With MfgTool as a backup method, we can feel less fear using fastboot.

So, the reason for using fastboot in the first place is when a kindle is bricked so it cannot boot to main or diags, but can still boot to fastboot, we can use fastboot to repair our kindles. And even if we damage it so fastboot no longer works, then we can EVENTUALLY develop custom XML files so that we can use MfgTool to repair fastboot mode, so that we can again use fastboot mode to repair our kindles.

The Power of Fastboot

Fastboot can write an image file to the main partition, and to the diags partition, and to the data partition. It can also write new bootloader code, which if done incorrectly can disable fastboot as mentioned above. But, (and this is the breakthrough realization that just occurred to me this evening) the data partition contains the USB drive that is the normal way of getting content onto the kindle.

The real breakthrough idea here is that when you need to get a special data.tar.gz and RUNME.sh onto your kindle when you cannot access the USB drive, you CAN put those files on the USB drive using fastboot! How? Create an image file in vfat format that contains those files, then flash it to the data partition using fastboot. It is that easy!

And we can even use fastboot to flash custom main or diags partition images, which are backup images of official partitions to which extra files have been added, such as the custom jailbreak key, and missing SSH files, and anything else you want like custom screensavers and custom fonts. There is no need to install anything, and it does not matter if the preinstalled factory firmware has ALL bugs fixed so that it cannot have custom code added by any other method. This way will always work as long as fastboot is not disabled by amazon, and even then, MfgTool can still be used to install custom code onto the kindle, just like the fastboot tool but a little more complicated to configure. Of course, after MfgTool XML config files are created, they can be used many times.

A Permanent Solution

The only way that amazon can prevent us from installing custom firmware is if they disable "unlocked" USB Downloader mode on new kindles, so that only firmware signed with their official (secret) key can be flashed to the mmc storage device. According to the manufacturer documentation, it appears that the CPU SoC comes from the factory in the "encrypted firmware" mode, and an internal fuse must be permanently burned when it is first configured, to allow unencrypted (open) firmware to be flashed like the kindles now support.

That means that any kindle that can now run custom code will ALWAYS be able to run custom code. Only NEW kindles can be locked to prevent this by NOT burning the fuse that allows custom code. The K5 u-boot source code includes support for multiple kindle models, including a future model that uses signed firmware packages, so some future kindle model may prevent flashing firmware images. In that case, we will have to return to our current method of exploiting bugs to gain root access.

What's in it for Me?

My kindle is now in "fastboot only" mode (it cannot boot main or diags, and has no USB drive access). It is this way because mmcblk0p3 contains a damaged mntus.params file, and I do not know how to fix this using fastboot. I know that the bricking happens because mntus.params does not exit back to the script that sourced it AFTER the RUNME.sh script is called. I can use a DIFFERENT RUNME.sh script to repair the damaged mntus.params file (by replacing or deleting it, or by destroying mmcblk0p3). But I cannot add those files to my USB drive by ordinary methods. If the problem had been to the main partition, it could have been repaired by booting to diags. But it is on mmcblk0p3, and I do not know how (or if) I can use fastboot to reflash that partition.

So I will use what I do know how to do. I will create a USB drive image file that contains the RUNME.sh file I need to repair it, and the data.tar.gz file I need to launch that RUNME.sh file. I will use fastboot to write that image file to the data partition. Then I will reboot to diags mode. At this point, I believe that this will do the job.

What's in it for You?

Even if mmcblk0p3 AND main and diags were ALL damaged, we can use fastboot to write repaired (original) images to main (system) and diags partitions, and a custom USB drive image to the data partition, that contains a RUNME.sh and data.tar.gz to repair mmcblk0p3. This worked for me to repair my K4 when it was bricked, but there are reports of problems flashing firmware images to a Touch using fastboot. This can be overcome by using a bist (built-in self-test) build of u-boot for the MfgTool Profiles, that includes "fixed" fastboot code (if it has any bugs to fix).

The Grand Conclusion

So, good news all around. Not just for me, but for everybody. Yes? Let's hear some feedback! At a bare minimum, the kindles recharge their batteries a lot faster in fastboot mode, so it is at least useful for that.


EDIT: Since this was written, we discovered a size limitation that prevents fastboot from writing large image files such as the main system partition (mmcblk0p1). I debricked my kindle touch, and many others have successfully debricked their kindles as well, by using fastboot to write the smaller diagnostics partition (mmcblk0p2) from an image containing SSH preinstalled, then boot to diagnostics mode and write the larger main system partition from a backup image using the linux "dd" command. This method of restoring a bricked kindle back to health has been greatly simplified from previous methods, and is documented in the "simple kindle touch (and k4nt) debricking method" thread:
https://www.mobileread.com/forums/sho...d.php?t=170929


UPDATE: There is now a fastboot for windows:
https://www.mobileread.com/forums/sho....php?p=2001690


Last edited by geekmaster; 03-12-2012 at 05:05 PM. Reason: add fastboot for windows link
geekmaster is offline   Reply With Quote
Old 02-25-2012, 04:31 AM   #2
giorgio130
Time Waster
giorgio130 ought to be getting tired of karma fortunes by now.giorgio130 ought to be getting tired of karma fortunes by now.giorgio130 ought to be getting tired of karma fortunes by now.giorgio130 ought to be getting tired of karma fortunes by now.giorgio130 ought to be getting tired of karma fortunes by now.giorgio130 ought to be getting tired of karma fortunes by now.giorgio130 ought to be getting tired of karma fortunes by now.giorgio130 ought to be getting tired of karma fortunes by now.giorgio130 ought to be getting tired of karma fortunes by now.giorgio130 ought to be getting tired of karma fortunes by now.giorgio130 ought to be getting tired of karma fortunes by now.
 
Posts: 422
Karma: 289160
Join Date: May 2011
Device: Kobo Glo and Aura HD
That's what I thought all along, fastboot is like the swiss knife for running custom code
In android it can also boot custom images like "fastboot boot boot.img", can the one on kindle do this? If it's the case, easiest way to make a recovery tool would be to create a custom recovery image with tools to export partitions over usb, and even performs automatical checks. This could also allow installing additional code using flashable .zip, like on android.
giorgio130 is offline   Reply With Quote
Old 02-25-2012, 04:46 AM   #3
geekmaster
Carpe diem, c'est la vie.
geekmaster ought to be getting tired of karma fortunes by now.geekmaster ought to be getting tired of karma fortunes by now.geekmaster ought to be getting tired of karma fortunes by now.geekmaster ought to be getting tired of karma fortunes by now.geekmaster ought to be getting tired of karma fortunes by now.geekmaster ought to be getting tired of karma fortunes by now.geekmaster ought to be getting tired of karma fortunes by now.geekmaster ought to be getting tired of karma fortunes by now.geekmaster ought to be getting tired of karma fortunes by now.geekmaster ought to be getting tired of karma fortunes by now.geekmaster ought to be getting tired of karma fortunes by now.
 
geekmaster's Avatar
 
Posts: 6,433
Karma: 10773670
Join Date: Nov 2011
Location: Multiverse 6627A
Device: K1 to PW3
Quote:
Originally Posted by giorgio130 View Post
That's what I thought all along, fastboot is like the swiss knife for running custom code
In android it can also boot custom images like "fastboot boot boot.img", can the one on kindle do this? If it's the case, easiest way to make a recovery tool would be to create a custom recovery image with tools to export partitions over usb, and even performs automatical checks. This could also allow installing additional code using flashable .zip, like on android.
Yes, it can load and run custom images, but the USB Downloader mode built into these CPU SoC chips can also do most of what fastboot does. The benefit of fastboot is that it is "cross-platform".

I have not developed for android before. I do not have an android device (yet). So this idea of recovery (or jailbreaking) by installing an image file is new to me. It was a long and convoluted path for me, as I slowly came to this conlusion, beginning with my "kindle touch serial port recovery" thread, through the "kindle select boot" thread, and ending with this new "fastboot manifesto" thread.

I am currently in agreement with you about fastboot.
geekmaster is offline   Reply With Quote
Old 02-25-2012, 05:47 AM   #4
giorgio130
Time Waster
giorgio130 ought to be getting tired of karma fortunes by now.giorgio130 ought to be getting tired of karma fortunes by now.giorgio130 ought to be getting tired of karma fortunes by now.giorgio130 ought to be getting tired of karma fortunes by now.giorgio130 ought to be getting tired of karma fortunes by now.giorgio130 ought to be getting tired of karma fortunes by now.giorgio130 ought to be getting tired of karma fortunes by now.giorgio130 ought to be getting tired of karma fortunes by now.giorgio130 ought to be getting tired of karma fortunes by now.giorgio130 ought to be getting tired of karma fortunes by now.giorgio130 ought to be getting tired of karma fortunes by now.
 
Posts: 422
Karma: 289160
Join Date: May 2011
Device: Kobo Glo and Aura HD
Fastboot is not there on kindle 3, is there? Maybe we just.missed it for whole this time...
giorgio130 is offline   Reply With Quote
Old 02-25-2012, 08:19 AM   #5
knc1
Going Viral
knc1 ought to be getting tired of karma fortunes by now.knc1 ought to be getting tired of karma fortunes by now.knc1 ought to be getting tired of karma fortunes by now.knc1 ought to be getting tired of karma fortunes by now.knc1 ought to be getting tired of karma fortunes by now.knc1 ought to be getting tired of karma fortunes by now.knc1 ought to be getting tired of karma fortunes by now.knc1 ought to be getting tired of karma fortunes by now.knc1 ought to be getting tired of karma fortunes by now.knc1 ought to be getting tired of karma fortunes by now.knc1 ought to be getting tired of karma fortunes by now.
 
knc1's Avatar
 
Posts: 17,212
Karma: 18210809
Join Date: Feb 2012
Location: Central Texas
Device: No K1, PW2, KV, KOA
Word power

Quote:
Originally Posted by geekmaster View Post
(and this is the breakthrough realization that just occurred to me this evening)
epiphany (3)
A sudden, intuitive perception of or insight into, the reality or essential meaning of something, usually initiated by some simple, homely, or commonplace occurrence or experience.

A.K.A: Brain Fart

Seriously, nice write-up.

All presuming a minimum of technical background on the part of the end user.

For those with a bit more technical background:

If the kernel will run, the console operator's serial port.
If the SoC will run u-boot, the u-boot serial port (same as above).

And as long as the SoC hasn't internally melted down to silicon slag - JTAG.
Which might even enable blowing any internal fuses to change the SoC behavior.
knc1 is offline   Reply With Quote
Old 02-25-2012, 08:29 AM   #6
knc1
Going Viral
knc1 ought to be getting tired of karma fortunes by now.knc1 ought to be getting tired of karma fortunes by now.knc1 ought to be getting tired of karma fortunes by now.knc1 ought to be getting tired of karma fortunes by now.knc1 ought to be getting tired of karma fortunes by now.knc1 ought to be getting tired of karma fortunes by now.knc1 ought to be getting tired of karma fortunes by now.knc1 ought to be getting tired of karma fortunes by now.knc1 ought to be getting tired of karma fortunes by now.knc1 ought to be getting tired of karma fortunes by now.knc1 ought to be getting tired of karma fortunes by now.
 
knc1's Avatar
 
Posts: 17,212
Karma: 18210809
Join Date: Feb 2012
Location: Central Texas
Device: No K1, PW2, KV, KOA
Which reminds me of something missing from this site.
No top menu bar entry for a "HowTo" list of links into the information of the site.

Worked example (requires javascript enabled in browser):
http://MiniModding.com

A very popular feature - even with the site closed for over a year to new information those "HowTo" links are still bringing in over a million hits a month. Not bad for a closed site.
knc1 is offline   Reply With Quote
Old 02-25-2012, 08:47 AM   #7
Poetcop
Connoisseur
Poetcop began at the beginning.
 
Posts: 55
Karma: 46
Join Date: Feb 2012
Device: Kindle
This is wonderful work geekmaster, which sounds like an answer to two of the most pressing questions for me as a Kindle owner: 1) will amazon be able to permanently lock my kindle away from me? and 2) will I ever be able to unbrick my badly bricked Kindle? You work on the fundamentals, and you share your knowledge (also thinking of the other thread where you gave me some great hints), which makes you a sterling member of the community.
Poetcop is offline   Reply With Quote
Old 02-25-2012, 11:06 AM   #8
geekmaster
Carpe diem, c'est la vie.
geekmaster ought to be getting tired of karma fortunes by now.geekmaster ought to be getting tired of karma fortunes by now.geekmaster ought to be getting tired of karma fortunes by now.geekmaster ought to be getting tired of karma fortunes by now.geekmaster ought to be getting tired of karma fortunes by now.geekmaster ought to be getting tired of karma fortunes by now.geekmaster ought to be getting tired of karma fortunes by now.geekmaster ought to be getting tired of karma fortunes by now.geekmaster ought to be getting tired of karma fortunes by now.geekmaster ought to be getting tired of karma fortunes by now.geekmaster ought to be getting tired of karma fortunes by now.
 
geekmaster's Avatar
 
Posts: 6,433
Karma: 10773670
Join Date: Nov 2011
Location: Multiverse 6627A
Device: K1 to PW3
Quote:
Originally Posted by Poetcop View Post
This is wonderful work geekmaster, which sounds like an answer to two of the most pressing questions for me as a Kindle owner: 1) will amazon be able to permanently lock my kindle away from me? and 2) will I ever be able to unbrick my badly bricked Kindle? You work on the fundamentals, and you share your knowledge (also thinking of the other thread where you gave me some great hints), which makes you a sterling member of the community.
For those who may have difficulty reading the full manifesto (to whom English is a secondary language), here are direct answers to those two questions:

1) amazon cannot lock the kindle to prevent us replacing the firmware with custom firmware images. According to my understanding of information in the Freescale iMX50 Reference Manual, once an iMX50 processor is unlocked to allow custom firmware, it cannot be locked again.

2) you can always unbrick a kindle by writing a replacement firmware image to it. See #1 above.

Of course, writing custom firmware requires detailed knowledge of how to control the peripheral devices in the kindle, but because amazon use GPL code in the kindles, we have source code that shows how to control all important devices in our kindles. This could be a very easy project. Yifanlu wants somebody to do it, as documented in the Kindle Touch wiki.

We can take an existing alternate operating system such as android OS and port it to the kindle using information provided by the amazon GPL source code.

We can replace the u-boot bootloader with a modified version (as used in KindleSelectBoot), or with a completely different bootloader. Just for fun, we could include the QEMU x86 emulator into the bootloader and boot a foreign OS, such as MS-DOS or even a stripped-down Windows OS (that can run in 256MB of RAM). On modern processors, this emulated OS would still run faster than the old computers that I grew up with, and old computers could do useful things even back in the old days.

Even though it may be difficult, I recommend reading the entire manifesto in the original post for this thread. It will be worth the effort to expand you knowledge in this area.

We are limited only by our imagination and the amount of personal time and energy that we wish to invest in this "kindle hacking" hobby.

Last edited by geekmaster; 02-25-2012 at 11:13 AM.
geekmaster is offline   Reply With Quote
Old 02-25-2012, 11:19 AM   #9
geekmaster
Carpe diem, c'est la vie.
geekmaster ought to be getting tired of karma fortunes by now.geekmaster ought to be getting tired of karma fortunes by now.geekmaster ought to be getting tired of karma fortunes by now.geekmaster ought to be getting tired of karma fortunes by now.geekmaster ought to be getting tired of karma fortunes by now.geekmaster ought to be getting tired of karma fortunes by now.geekmaster ought to be getting tired of karma fortunes by now.geekmaster ought to be getting tired of karma fortunes by now.geekmaster ought to be getting tired of karma fortunes by now.geekmaster ought to be getting tired of karma fortunes by now.geekmaster ought to be getting tired of karma fortunes by now.
 
geekmaster's Avatar
 
Posts: 6,433
Karma: 10773670
Join Date: Nov 2011
Location: Multiverse 6627A
Device: K1 to PW3
Quote:
Originally Posted by giorgio130 View Post
Fastboot is not there on kindle 3, is there? Maybe we just.missed it for whole this time...
The kindle 3 GPL source code contains a uboot-1.3.0-rc3 folder. "grep -r fastboot *" does not find fastboot. So the answer to your "loaded" (negative) question is either "yes, fastboot is not there", or "no, fastboot is not there". Another type of loaded question is "did you stop beating your wife?". English can be difficult in cases like this.

Fastboot is in the bist (built-in self-test) build of the u-boot bootloader in newer kindles, which loads from mmc and runs when you boot with idme bootmode fastboot.

USB Downloader mode has much of the same functionality as fastboot, and it cannot be locked to prevent flashing unsigned custom code once it has been unlocked (by burning a configuration fuse in the SoC). It is unlocked in all the kindles shipped so far.

There are comments in the kindle 5 (touch) u-boot source code showing configuring settings for a future kindle device that uses signed firmware images, so this future kindles might be locked to prevent custom firmware, and then we can only exploit firmware bugs to run custom code, like we have been doing in the past.

The kindle 3 uses the freescale iMX35 CPU SoC, which also has USB Downloader mode. It uses a different USB VID/PID than the iMX50 CPU SoC, and requires a different downloader tool (AdvancedToolKit, instead of MfgTool). I have AdvancedToolKit install on my host PC, and I verified that it reports that it successfully downloaded and ran code in my kindle 3.

If you really want fastboot on the Kindle 3, you could backport it from kindle 4 GPL source code.

Last edited by geekmaster; 02-25-2012 at 11:49 AM.
geekmaster is offline   Reply With Quote
Old 02-25-2012, 11:27 AM   #10
Poetcop
Connoisseur
Poetcop began at the beginning.
 
Posts: 55
Karma: 46
Join Date: Feb 2012
Device: Kindle
Hope this doesn't stray too far from the point of this thread, but has anyone succeeded in compiling the fastboot tool for Windows? MfgTool works only for Windows, and I only have fastboot for OS X, so I have to keep rebooting to go between them, since I use Bootcamp on a mac, very time consuming. I *think* I have got my Kindle of Black Death into Fastboot mode with MfgTool, since it pops up "Found New Hardware - Kindle", which it doesn't do in the other modes, but when I reboot the computer and run the fastboot tool in OS X it isn't able to connect to the Kindle. Hoping that my fastboot mode isn't hooped too - maybe running it while I'm still in windows would work. Otherwise my only way to progress is going through custom u-boot images, which definitely stretches my ability.

Something weird about this black screen mode: when the battery runs down (which it seems to do fairly fast in this mode), it displays the "plug me in" symbol, but more importantly mounts an (inaccessible) USB drive, just as it did before the blackness descended. Just some clues I'm pondering.
Poetcop is offline   Reply With Quote
Old 02-25-2012, 12:13 PM   #11
geekmaster
Carpe diem, c'est la vie.
geekmaster ought to be getting tired of karma fortunes by now.geekmaster ought to be getting tired of karma fortunes by now.geekmaster ought to be getting tired of karma fortunes by now.geekmaster ought to be getting tired of karma fortunes by now.geekmaster ought to be getting tired of karma fortunes by now.geekmaster ought to be getting tired of karma fortunes by now.geekmaster ought to be getting tired of karma fortunes by now.geekmaster ought to be getting tired of karma fortunes by now.geekmaster ought to be getting tired of karma fortunes by now.geekmaster ought to be getting tired of karma fortunes by now.geekmaster ought to be getting tired of karma fortunes by now.
 
geekmaster's Avatar
 
Posts: 6,433
Karma: 10773670
Join Date: Nov 2011
Location: Multiverse 6627A
Device: K1 to PW3
Quote:
Originally Posted by Poetcop View Post
Hope this doesn't stray too far from the point of this thread, but has anyone succeeded in compiling the fastboot tool for Windows? MfgTool works only for Windows, and I only have fastboot for OS X, so I have to keep rebooting to go between them...

Something weird about this black screen mode: when the battery runs down (which it seems to do fairly fast in this mode), it displays the "plug me in" symbol, but more importantly mounts an (inaccessible) USB drive, just as it did before the blackness descended. Just some clues I'm pondering.
Yifanlu's kindle fastboot can be compiled to run in a cygwin shell in Windows.

When the battery is low, u-boot runs in low-power mode, with SDRAM and mmc turned off. It runs just enough to recharge the battery. In this mode, it exports a 0-byte USB "Fake Storage" device, to prevent the host PC "green" mode from turning off the power to that USB port. In u-boot this is called "fstor" mode.

When the battery has charged enough, it will change modes.

You can read the GPL source code to learn more about how this works.

By monitoring the serial port messages while recovering my K4NT, it appears to charge quickly when in fastboot mode.

I recommend booting a bricked kindle to fastboot mode to recharge the battery.

Last edited by geekmaster; 02-25-2012 at 12:15 PM.
geekmaster is offline   Reply With Quote
Old 02-25-2012, 12:40 PM   #12
knc1
Going Viral
knc1 ought to be getting tired of karma fortunes by now.knc1 ought to be getting tired of karma fortunes by now.knc1 ought to be getting tired of karma fortunes by now.knc1 ought to be getting tired of karma fortunes by now.knc1 ought to be getting tired of karma fortunes by now.knc1 ought to be getting tired of karma fortunes by now.knc1 ought to be getting tired of karma fortunes by now.knc1 ought to be getting tired of karma fortunes by now.knc1 ought to be getting tired of karma fortunes by now.knc1 ought to be getting tired of karma fortunes by now.knc1 ought to be getting tired of karma fortunes by now.
 
knc1's Avatar
 
Posts: 17,212
Karma: 18210809
Join Date: Feb 2012
Location: Central Texas
Device: No K1, PW2, KV, KOA
Quote:
Originally Posted by geekmaster View Post
If you really want fastboot on the Kindle 3, you could backport it from kindle 4 GPL source code.
Keeping in mind that the uboot-1.3.0-rc3 was pulled from the u-boot project:
git://git.denx.de/u-boot.git
http://git.denx.de/u-boot.git

and the uboot_2009.08 was pulled from the freescale repository:
http://opensource.freescale.com/pub/.../uboot-imx.git
Which is __supposed__ to be referencing the up-stream project, but watch out for surprises.

Last edited by knc1; 02-25-2012 at 01:02 PM.
knc1 is offline   Reply With Quote
Old 02-25-2012, 03:41 PM   #13
geekmaster
Carpe diem, c'est la vie.
geekmaster ought to be getting tired of karma fortunes by now.geekmaster ought to be getting tired of karma fortunes by now.geekmaster ought to be getting tired of karma fortunes by now.geekmaster ought to be getting tired of karma fortunes by now.geekmaster ought to be getting tired of karma fortunes by now.geekmaster ought to be getting tired of karma fortunes by now.geekmaster ought to be getting tired of karma fortunes by now.geekmaster ought to be getting tired of karma fortunes by now.geekmaster ought to be getting tired of karma fortunes by now.geekmaster ought to be getting tired of karma fortunes by now.geekmaster ought to be getting tired of karma fortunes by now.
 
geekmaster's Avatar
 
Posts: 6,433
Karma: 10773670
Join Date: Nov 2011
Location: Multiverse 6627A
Device: K1 to PW3
The GPL for k4 and k5 u-boot is standalone, so no denx or freescale dependencies. I built it, but it is stripped down to fit smaller mmc. The k5 (touch) u-boot is bigger and supports more devices including the k4. I used that in my KindleSelectBoot. Depending on available size, perhaps you can just replace the k3 u-boot image in the mmc with a k4 or k5 u-boot image. You could test with AdvanceToolKit (K3 version of MfgTool) to download and run a k5 uboot image. K3 Magic Key = Vol-.
geekmaster is offline   Reply With Quote
Old 02-25-2012, 06:09 PM   #14
knc1
Going Viral
knc1 ought to be getting tired of karma fortunes by now.knc1 ought to be getting tired of karma fortunes by now.knc1 ought to be getting tired of karma fortunes by now.knc1 ought to be getting tired of karma fortunes by now.knc1 ought to be getting tired of karma fortunes by now.knc1 ought to be getting tired of karma fortunes by now.knc1 ought to be getting tired of karma fortunes by now.knc1 ought to be getting tired of karma fortunes by now.knc1 ought to be getting tired of karma fortunes by now.knc1 ought to be getting tired of karma fortunes by now.knc1 ought to be getting tired of karma fortunes by now.
 
knc1's Avatar
 
Posts: 17,212
Karma: 18210809
Join Date: Feb 2012
Location: Central Texas
Device: No K1, PW2, KV, KOA
Quote:
Originally Posted by geekmaster View Post
The GPL for k4 and k5 u-boot is standalone, so no denx or freescale dependencies. I built it, but it is stripped down to fit smaller mmc. The k5 (touch) u-boot is bigger and supports more devices including the k4. I used that in my KindleSelectBoot. Depending on available size, perhaps you can just replace the k3 u-boot image in the mmc with a k4 or k5 u-boot image. You could test with AdvanceToolKit (K3 version of MfgTool) to download and run a k5 uboot image. K3 Magic Key = Vol-.
Not sofware dependences, authored change differences. Sorry if I wasn't clear.

And on an earlier note. The hw udev rules for the MX31 - that where not included in the Amazon source code releases - there is a GPL'd copy of them in the OpenEmbedded tree.
knc1 is offline   Reply With Quote
Old 02-26-2012, 07:43 AM   #15
murz_07
Connoisseur
murz_07 began at the beginning.
 
Posts: 67
Karma: 10
Join Date: Feb 2012
Device: Kindle Touch SO
How exactly can I compile Yifanlu fastboot using Cygwin?
He provided the code for OSX, but not for windows.
murz_07 is offline   Reply With Quote
Reply

Tags
kindle fastboot manifesto

Thread Tools Search this Thread
Search this Thread:

Advanced Search

Forum Jump

Similar Threads
Thread Thread Starter Forum Replies Last Post
Simple linux fastboot installing command aditya3098 Kindle Developer's Corner 20 04-23-2019 04:13 PM
Fastboot GUI hostar Kindle Developer's Corner 53 07-31-2017 09:52 AM
Fastboot not working aditya3098 Kindle Developer's Corner 10 05-12-2012 01:44 PM
fastboot for win32 geekmaster Kindle Developer's Corner 30 03-13-2012 02:39 PM
help me get out of fastboot kindle nontouch please 123123 Kindle Developer's Corner 30 02-10-2012 05:14 AM


All times are GMT -4. The time now is 01:04 AM.


MobileRead.com is a privately owned, operated and funded community.