11-08-2017, 12:44 PM | #16 | |
Guru
Posts: 645
Karma: 1888888
Join Date: Jun 2009
Device: prs-505, Kindle Keyboard 3g, PW3
|
Quote:
You can look at the code of the hotfix here, ( updated for new kindle oasis2 ) https://github.com/coplate/KindleJai...ree/master/src bridge.conf runs on every startup, and it runs the script called 'bridge' there is nothing in them that should affect the usb port. But if he also had 'rescue pack', or 'cowards rescue pack', i think those do change the usb behavior, but I have never looked into them, so I am unsure. |
|
11-08-2017, 12:54 PM | #17 |
Wizard
Posts: 1,075
Karma: 3581333
Join Date: Sep 2014
Location: Ukraine
Device: Kindle PW2, PW3, PW4, Voyage
|
Just for your information, the latest bundle of vlasovsoft Coolreader (there is his thread in this forum) contains new program Wi-Fi Server - you can connect to the device at ssh and sftp over wi-fi.
|
Advert | |
|
11-09-2017, 09:23 AM | #18 | |
Going Viral
Posts: 17,212
Karma: 18210809
Join Date: Feb 2012
Location: Central Texas
Device: No K1, PW2, KV, KOA
|
Quote:
We only put our key into the 'main' system. System image packages must be installed while the Kernel is still running its ram resident system. And we do not put our key into its initramFS. For a very good reason we have never put our key into the initramFS. Specifically to prevent the Kernel from installing anything (from our KindleTool) while running ram resident. The only way something from our KindleTool can be installed is while running in 'main' and the user intentionally puts the package onto the system. It is a security thing. Last edited by knc1; 11-09-2017 at 09:27 AM. |
|
11-10-2017, 02:58 PM | #19 | |
Guru
Posts: 645
Karma: 1888888
Join Date: Jun 2009
Device: prs-505, Kindle Keyboard 3g, PW3
|
Quote:
If you have someone willing to experiment, you an have them backup bundle_type.txt, and then remove it, or change the contents to FB02? /PRE_GM_DEBUGGING_FEATURES_ENABLED__REMOVE_AT_GMC /etc/bundle_type.txt |
|
11-10-2017, 03:15 PM | #20 |
Wizard
Posts: 1,075
Karma: 3581333
Join Date: Sep 2014
Location: Ukraine
Device: Kindle PW2, PW3, PW4, Voyage
|
Thanks, I'll advise him.
|
Advert | |
|
11-14-2017, 06:51 AM | #21 |
Wizard
Posts: 1,075
Karma: 3581333
Join Date: Sep 2014
Location: Ukraine
Device: Kindle PW2, PW3, PW4, Voyage
|
...continued
The user just deleted /etc/bundle_type.txt (didn't look into it, no backup), so he cannot try changing the contents. Deleting the file had no result: factory 5.7.4 bin was destroyed immediately after disconnecting the device from the computer. |
11-14-2017, 11:58 AM | #22 | |
Guru
Posts: 645
Karma: 1888888
Join Date: Jun 2009
Device: prs-505, Kindle Keyboard 3g, PW3
|
Quote:
Have him try this: Code:
mntroot rw echo "Bundle: FB02" > /etc/bundle_type.txt touch /PRE_GM_DEBUGGING_FEATURES_ENABLED__REMOVE_AT_GMC mntroot ro I don;t know if it will work, but it is the last thing I can think of. Last edited by coplate; 11-14-2017 at 12:03 PM. |
|
11-23-2017, 12:20 PM | #23 | |
Guru
Posts: 645
Karma: 1888888
Join Date: Jun 2009
Device: prs-505, Kindle Keyboard 3g, PW3
|
Quote:
I just took the time to try this, and it did not work for me, but I will need to try one more time, because you have to reboot for PRE_GM_DEBUGGING_FEATURES_ENABLED__REMOVE_AT_GMC to take effect. It still did not work, so it looks like they have closed this loophole completely. I forked kindletool again in order to add the SP01 header to the new Kindle Oasis 2017, but it didnt work either. The 'full image' recovery system must not be allowed to use our jailbreak security key, even though regular patches can. Or something more confusing. Last edited by coplate; 11-23-2017 at 12:50 PM. |
|
11-23-2017, 01:34 PM | #24 |
Going Viral
Posts: 17,212
Karma: 18210809
Join Date: Feb 2012
Location: Central Texas
Device: No K1, PW2, KV, KOA
|
The 'full image' recovery system is in the kernel's initramfs (memory resident file system).
We do not put our key into initramfs (on purpose). |
11-23-2017, 02:19 PM | #25 | |
Guru
Posts: 645
Karma: 1888888
Join Date: Jun 2009
Device: prs-505, Kindle Keyboard 3g, PW3
|
Quote:
yeah, looking at the updater log though, it mounts the regular file system, I am not sure if it uses the signatures from there, but it does mount them Mounted /mnt-rootfs (/dev/mmcblk2p5) Code:
171123:174712 <12>[ 4.689153] INFO:bundle/unbundle_cognac.c:1503:do_unbundle():do_unbundle: filename=/mnt-us/update-18446744073709551615-f6dbd96f-e1f4-4043-a2bf-82fafcfe1275.bin, new_file=0x000137a0 171123:174712 <12>[ 4.697373] INFO:bundle/unbundle_common.c:320:validate_device_code():Device code matched (34A). 171123:174712 <6>[ 4.710934] kjournald starting. Commit interval 5 seconds 171123:174712 <6>[ 4.712187] EXT3-fs (mmcblk2p5): using internal journal 171123:174712 <6>[ 4.712203] EXT3-fs (mmcblk2p5): mounted filesystem with ordered data mode 171123:174712 system: I milestone:8.29:3: 171123:174712 <12>[ 4.712261] DEBUG:mount.c:260:mount_rootfs():Mounted /mnt-rootfs (/dev/mmcblk2p5) 171123:174712 <12>[ 4.755619] INFO:bundle/unbundle_cognac.c:1645:do_unbundle():Signed with developer 1K cert. 171123:174712 <12>[ 4.755649] INFO:bundle/unbundle_cognac.c:1672:do_unbundle():Verifying signature (len: 128) 171123:174712 <12>[ 42.437712] ERROR: signature is not the correct length (256 bytes versus 128 bytes) 171123:174712 <12>[ 42.437756] ERROR:bundle/unbundle_cognac.c:1694:do_unbundle():do_unbundle: signature check failed. After playing with that a bit more, it looks like they may have made it so that you had to sign it with the production signing key, which is already 2K, and I'm not prepared to try to change that just to do a downgrade. I cannot find the old thread that explained how to do the flashing manually, I think I remember a script that had a tool called 'flasher' that may give me somewhere to start. Last edited by coplate; 11-23-2017 at 02:23 PM. |
|
11-23-2017, 05:55 PM | #26 |
Going Viral
Posts: 17,212
Karma: 18210809
Join Date: Feb 2012
Location: Central Texas
Device: No K1, PW2, KV, KOA
|
You should be able to pass the pem file among the KindleTool arguments.
(I might be thinking of the Python version of KindleTool) |
11-23-2017, 06:54 PM | #27 |
Guru
Posts: 645
Karma: 1888888
Join Date: Jun 2009
Device: prs-505, Kindle Keyboard 3g, PW3
|
Yeah, i realized even if It does use the key in the user space, I can't do this, by just signing the fb02 package.
All of the packages inside of the fb02 bundle are also signed, and I would have to repackage those too, which would be more work than I can do before my vacation. When if the updated does mount user space to check the key, I cannot mix the keys, by having the package signed with my custom prod key, but the stuff in it with the real prod key |
11-23-2017, 09:15 PM | #28 |
Guru
Posts: 645
Karma: 1888888
Join Date: Jun 2009
Device: prs-505, Kindle Keyboard 3g, PW3
|
So, I re-flashed just the 'android ' bootloader from my kindle oasis, from when it was shipped. This is letting me do the downgrade with the 'reboot without unplugging' method.
Code:
$ file mmcblk2p1.img mmcblk2p1.img: Android bootimg, kernel, ramdisk, second stage, page size: 2048 In the 5.9.2 package, there is a boot.img that has the same file type listed, I would suppose that is the one that replaces it. It did the progress bar, showing it installing. but then on the tree screen, it showed the bridge code running, which I don't remember from previos goes of downgrading my PW3. It also installed a lot faster than I remember the factory image installing. the Version # does show this factory version number for paperwhite 3 and earlier, there have been similar instrucations, though I cannot find them. I know there is a specific partition that has the kernel image in it, and I believe that kerenl has the update-installer in it, so you have to have backed that up properly, and re-flash it. Last edited by coplate; 11-23-2017 at 09:23 PM. |
11-24-2017, 05:27 AM | #29 |
Going Viral
Posts: 17,212
Karma: 18210809
Join Date: Feb 2012
Location: Central Texas
Device: No K1, PW2, KV, KOA
|
Is that change something to be preserved by the bridge code?
Or would that be a runme.sh that is used at the user's option? If it is a runme.sh, please add it to the runme.sh examples thread. (Note: I am not attaching files, they are only examples for coding suggestions to be used WITH THOUGHT by the user in their own problem solvers.) Last edited by knc1; 11-24-2017 at 05:30 AM. |
11-07-2018, 05:47 PM | #30 | |
Junior Member
Posts: 8
Karma: 10
Join Date: Oct 2018
Device: Kindle PW3
|
Hi everyone. I have PW3 with JB. All worked good, but I installed an update.
Now Kindle Launcher won't start, same as Vlasovsoft. But I can start my app (KOReader, Coolreader etc.) from KUAL menu. I'm not sure what was the FW before an update (may be 5.8.4 or so), but I remember I used a factory image 5.7.4 to downgrade and to install JB. My Kindles SN starts: G090 G105 ........ Current FW: 5.9.7 May I use this instruction to downgrade my PW3 safely? Is there any way to make a backup so I could roll back if downgrade fails? Quote:
|
|
Tags |
downgrade firmware, firmware downgrade |
|
Similar Threads | ||||
Thread | Thread Starter | Forum | Replies | Last Post |
Kindle 5.8.2.1 downgrade for jailbroken user | Galunid | Kindle Developer's Corner | 3 | 04-14-2017 06:25 PM |
How to Downgrade from 5.6.5, jailbroken Kindle | susmoka | Kindle Developer's Corner | 11 | 02-13-2016 09:59 AM |
Touch Initial Charge? | Mercador | Kobo Reader | 6 | 07-20-2011 10:32 AM |
DX - Initial Observations | poohbear_nc | Amazon Kindle | 39 | 06-13-2009 08:53 PM |
Got It! Initial Impressions! Some Help? | firekat | iRex | 3 | 07-28-2006 11:07 AM |