Pre/post boot.img creation hooks needed to make amazon-tate boot
I'm porting pmOS on the Amazon Kindle Fire HD 7" (codename amazon-tate
) based on OMAP 4460, which has a somewhat unlocked bootloader (fastboot-compliant).
Even though it's possible to use fastboot images to write onto this device there are some caveats regarding boot
and system
partition, since the bootloader performs some (weak) signature check that we have to overcome in order to boot pmOS.
boot
partition
To create a boot.img
file that will run on tate
, one should grab all the files contained here and then:
- execute
mkbootimg
as usual - join
boot_cert
and the newly generated boot image together - write
u-boot.bin
at a specific offset inboot.img
:dd if=u-boot.bin of=boot.img bs=8117072 seek=1 conv=notrunc
- generate a "stack file" and write it to another offset:
for i in $(seq 1024) ; do echo -ne '\\x00\\x50\\x7c\\x80' >> /tmp/stack.tmp; done
dd if=/tmp/stack.tmp of=boot.img bs=6519488 seek=1 conv=notrunc
Presumably the cert+stack+u-boot combo circumvents some original bootloader security measure, letting us boot whatever u-boot we want.
system
partition
The exact same stack file must be written at the same offset on the /system
partition, otherwise the original bootloader would just loop forever trying to verify the signature.
Since we don't want to write random stuff on the root partition, the strategy I tried was to create a fake system.img
full of zeroes, except for the stack file written at that exact offset, while having the real pmOS root on userdata
.
The issue
Right now it's impossible for us to create a custom boot.img
file for tate
without either forking mkinitfs
or modifying said package.
In my opinion having per-device forks of mkinitfs
could be painful, and maybe in the future other devices might need a way to manipulate boot.img
in some way, thus I thought about adding something like pre-mkbootimg
and post-mkbootimg
hooks in this file.
But I might be wrong and this could be a bad approach, this is why I'm asking to whoever has more experience than me with pmOS architecture an opinion: can this work, or I should just fork mkinitfs
?
For the system
issue, I don't really know how we should tackle it...
It's an hack, but at least it makes everything work!