How to create packages for Kindle 2 international

[Lo_Pan]

Quote:

Originally Posted by jyavenard

How is that any relevant to the question or even the problem at hand?

Assuming the stuff doesn't install in recovery mode because of the way it's packaged ; why do you think repackaging something with -k2iex would suddenly work?

And even simply trying a system update for a Kindle 2 on a Kindle 2 ; what a sure way of bricking your device... And Kindle 2 package aren't signed ; so they would never work on a K2i to start with

G'day mate,

I was simply pointing out that the igor/you packer packages aren't installed either at recovery or at boot, except if runlevel three is called. They are deleted, however, if they are named update-ota-system*.bin, which is the expected behavior at the end of the updater in runlevel three. this initially led me to believe that runlevel three was (and maybe it is) being called. The only problem I have with the assumption that runlevel 3 is being called is that if i manually push a package through the updater script, it appears to work, which is contrary to all observations of booting/recovering.

US_FLASH_FILE=/mnt/us/update-ota-system*.bin
...snip...
rm -f ${US_FLASH_FILE} ${MMC_FLASH_FILE} 2>/dev/null

I don't have a kindle 2, just a 2i, but I DID see what happens if i put a k2 update bin in the k2i and attempt a recovery install, as well as just booting just to see what happened, if anything. The k2i simply ignored the package, and didnt delete it, which is what i expected, and is consistent with runlevel 3.

I suspect that the recovery and/or boot updater is similar to runlevel 3 as some of the behaviors are the same. So because I have no idea what this unseen updater is expecting in terms of the assembly of the package, i have been attempting to exploit what i suspect the script does, going off noticed similarities to the S50updater from runlevel 3.

One major hurdle is that i have very little information to go on, and the most likely exploit vector i can see is crippled by fat32 on the userstore. blowing the userstore away and replacing with ext2/3 simply results in the kindle overwriting the entire area with a fresh fat32 fs, even if multiple partitions and filesystems are created. In testing i was able to create a malformed filename that executed arbitrary shell commands on the kindle, however the filename isn't valid in fat32 land. I haven't had a chance to manually fiddle the fat32 file descriptors directly yet, but it is something i intend to do when i have some spare time. I imagine the ext idea would have failed due to the fuserland filesystem proxy that may be abstracting the media, but it was worth a shot.

I haven't gotten around to digging deeper as I have been busy with work, but I hope to get to it sometime over the weekend (provided i make it home after the bucks night), or during the next week.

So in answer to your question, i didn't think that going from k2i to k2iex would magically solve the problem, i was just saying the packages dont install when booting or recovery installing. i'll aim to be a bit more verbose next time.

[jyavenard]

Quote:

Originally Posted by Lo_Pan

G'day mate,

I was simply pointing out that the igor/you packer packages aren't installed either at recovery or at boot, except if runlevel three is called.

When you select "upgrade" in the setting menu ; you run the device in runlevel three.

when you are in recovery mode ; or you simply reboot ... the linux kernel isn't even started at that point, there's no script run

Quote:

They are deleted, however, if they are named update-ota-system*.bin, which is the expected behavior at the end of the updater in

any .bin files are deleted by the updated at the end. Not just those 2
[snip]

I suspect that the recovery and/or boot updater is similar to runlevel 3 as some of the behaviors are the same. as such i have been attempting to exploit what i suspect the script does, going off noticed similarities to the S50updater from runlevel 3.

I think you're confused about what runlevel 3 is, and what it does...

the ota updater, is started in level 3, that's what S50updater does and it's just a link to /etc/init.d/updater.

there's only one way the updater is started, and that's with S50updater ; when rebooting or in recovery mode ; this isn't called at all.

Quote:

So in answer to your question, i didn't think that going from k2i to k2iex would magically solve the problem, i was just saying the packages dont install when booting or recovery installing. i'll aim to be a bit more verbose next time.

none of the packages created with the kindle_update_tool.py ever did.
Worse, if you reboot without selecting upgrade, on a Kindle 2 you enter an infinite loop and you have to press and hold HOME exactly at the right time to get out of it.

The Kindle 2 International is a bit different, at least it gives you a nice error screen with an error code (0003 is when the MD5 checksum doesn't match in the standard updater)

[Lo_Pan]

actually in my experience that "hold home at the right time" thing is a bit spurious, just hold down home and then flick the power to reset, you dont need to worry about the timing. just hold it until it reboots. you may need to flick power more than once.

i wasnt suggesting that the packager ever did work for anything other than selecting upgrade from settings, or that s50updater has no relationship with the normal upgrade process. i have been approaching this whole discussion from a "why dont these packages work in recovery or reboot" angle, so i have been making observations about what does and does not happen as a basis for further discussion, and because such observations are pertinent to further progress.

additionally, i've only had a kindle for less than a week. it's the first one i've had, so the behavior of the device is all rather new to me.

[jyavenard]

Quote:

Originally Posted by Lo_Pan

actually in my experience that "hold home at the right time" thing is a bit spurious, just hold down home and then flick the power to reset, you dont need to worry about the timing. just hold it until it reboots. you may need to flick power more than once.

You don't have a Kindle 2 ...

[Lo_Pan]

indeed so. however on the k2i, at least, this is certainly the case.

[jyavenard]

And once again, my reference to having to press HOME was about the Kindle 2 and how the behaviour is different ...

[Lo_Pan]

i'm sorry i misunderstood what you meant. i clearly cant comment on the kindle 2, only the kindle 2i. i'm not here to argue with you, and i don't want to. i came here to ask questions, and relate what i have found. why don't we just stick to what's at hand?

[jyavenard]

Quote:

Originally Posted by Lo_Pan

and relate what i have found. why don't we just stick to what's at hand?

But that's exactly what I want to do.

I asked if the official Kindle 2 package (not the International) install during a reboot or in recovery mode.

If you don't know, thank you for not answering that question..

if those packages do install, it gives me a starting point on where to look at.

The .dat in those packages isn't formated like what the packager create. I have calculated the size differently (used to always be marked at 0), change the way they are named. Still doesn't install..

[Lo_Pan]

I wondered the same thing, which is why I tried what I tried.

yeah i noticed in otaup that even though _BLOCK_SIZE or whatever it is declared it is never used.

i modified the packager a fair bit structuring the packages in various permutations of configurations as revealed by the various scripts, and to do a number of other things, but ultimately we really need to see an official package, identify the recovery/boot update procedure, or sit on a serial console. any of these things would be very illuminating.

[jyavenard]

I extracted the content of Update_Kindle_2.0.3.bin

Edited the 291330095-327610024.ffs script to simply do a "return 0) at the end of the code.
Edited the update-WebDownload.dat , change the md5 for the script, remove the reference to bundles.tar.gz

Then I tar/gzip all of this.
Converted the tar.gz with kindle_update_tool.py

Copied it in the Kindle USB disk ...
And restart

It took 10 minutes for my Kindle to restart into the Recovery mode (and the same error 003).

So I don't know if it's a coincidence, but the amount of time required to reboot got me worried !

going to play with the header of the package itself with the version required

[Lo_Pan]

interesting!

which model kindle? k2i i imagine?

see if you can dump some environment shit into the userstore. even though it fails, it sounds like its running.

[Lo_Pan]

i just get an instant 0003 if i build a package for the k2i doing the same sort of thing.

[edge777]

This is great thanks! I was able to use the script to create a custom Georgia hack font for the K2i. Thanks!!!!

[edge777]

Hmm, okay, seeing as I had update files which worked fine, I decided to uninstall, and then install (just doing some testing). Only problem, on one of the installs, now my Kindle gets into infinite boot, and then comes up with the message “Your Kindle needs repair.” I can enter into Recovery mode, but there are no BIN files to delete. I tried to reinstall updates, and it says all updates fail. Given that it’s the new Kindle International, I cannot locate a regular full software update file. I’m at a loss at what I can do. Any suggestions?

[jyavenard]

Quote:

Originally Posted by edge777

Hmm, okay, seeing as I had update files which worked fine, I decided to uninstall, and then install (just doing some testing). Only problem, on one of the installs, now my Kindle gets into infinite boot, and then comes up with the message “Your Kindle needs repair.” I can enter into Recovery mode, but there are no BIN files to delete. I tried to reinstall updates, and it says all updates fail. Given that it’s the new Kindle International, I cannot locate a regular full software update file. I’m at a loss at what I can do. Any suggestions?

This is precisely the reason why I put a big disclaimer in the readme file

Code:

 It is imperative that your install scripts works 100%. As should they fail, it could leave your kindle
      in a corrupted state preventing to install future official Amazon updates.
      Installing update_freekindle-k2i.bin would fix this should it occured.

When you enter recovery mode, what happen when you press R.
Try formatting the Kindle USB drive ; it will be automatically re-formatted next time the Kindle reboot.

You can't install packages create by the python script while in recovery mode. Not yet anyway.

You could try to craft a package that will start USB tethering mode so you can telnet to it and manually fix whatever you broke.

Otherwise, you'll have to send it back to Amazon... It would be within the return period so they probably give you more leeway than a warranty repair