Sony Xperia Z (yuga) Support

[lnjX]

I've followed the guide on https://github.com/efidroid/projectmanagement/wiki/%5BEFIDroid%5D-Porting-a-new-device I had no problems compiling it, I also have found the right chipset (msm8960 / APQ8064). But when I try to use fastboot boot out/device/sony/yuga/lk.img it doesn't do anything, the led is still blue (as in the fastboot mode), but the device is not recognized by fastboot devices. What should I do?

[M1cha]

@feherneoh

[opendata26]

Can you try extracting the boot.img from this and running create_device on it, if it has the same problem as the z2 it should work. https://onedrive.live.com/download?cid=EDEA282ABC0B9040&resid=EDEA282ABC0B9040%216194&authkey=AJ6vMrbYIjzHVjA

[lnjX]

I've recreated the device with the boot.img from the above lineageos build, but nothing has changed... After fastboot boot the device isn't in fastboot mode anymore (but the led is still blue). Then I had to restart to get in fastboot mode again.

After a flash of the lk.img my device doesn't boot and I'm not able to get in fastboot / recovery again. But because I've already got those problems and have opened my back cover, I was able to remove the battery to directly get in fastboot mode (best trick here). Then I flash twrp on my boot partition, restart directly into twrp and restore my backup of the boot partition from the external sdcard.

(I'm currently using CM 12.1, because newer versions (as CM 13) were very buggy; sometimes my yuga has just reboot and touchscreen didn't work very well there)

-- EDIT And when I fastboot boot into twrp my yuga just reboots into fastboot. (But it's in fastboot mode then)

[ghost]

I'm getting the same effect with an Xperia XZ (kagura). Possibly a bigger issue with Sony devices? When the device boots into LK, it disappears from lsusb completely until rebooted. Interesting, seeing as though the Xperia Z is 32-bit, whereas the XZ is 64-bit.

[lnjX]

Good that I'm not the only one having this bug. But nobody has currently a solution for this, right?

[M1cha]

@Cesionaut yes, sony devices are generally a problem - that's why none of that is supported yet. @feherneoh invested the most work into it.

He got pretty much everything working on one of his devices except for the lcd driver.

The problem from this thread seems more basic though.

[ghost]

@M1cha: I'd agree that this is a different issue to #45, seeing as though basically nothing works on a flashed device. Not sure if I'm doing something differently to @feherneoh though. In a couple of days, I could try my build process on an Xperia Z2 if it helps, and see if the problem is recreated.

[lnjX]

I wouldn't have a real problem, if it would boot without lcd. That would be at least something.

[feherneoh]

Disable 2NDstage driver and try booting again As far as I remember that one makes the phone freeze

[lnjX]

Thanks, but how can I do this? [Sorry, if the question is already answered anywhere in the wiki]

[ghost]

The instructions are under the Display Driver section of the Porting a New Device page on the wiki.

Tried disabling 2NDSTAGE with my XZ, and it gave errors about not finding dt.img. This is likely because the device uses FDT, but I'm unsure of how to set it to work with this.

I tried using a Z2, but it's rebooting into system whenever I try to enter LK though flashing to recovery. That's likely a different bug though; I seem to recall someone else having a similar effect.

[feherneoh]

2NDstage shouldn't use DT, and as Xperia Z is APQ8064, it shouldn't have DT nor FDT There is no point yet in flashing to recovery (actually FOTAKernel) on Z2, as LCD is not fixed yet for neither recovery or fastboot boot, so currently the only way to get LCD working is to flash to boot partition. As neither recovery or fastboot booting have LCD yet, it's easier to just use fastboot boot for testing that, so you don't have to flash it n+1 times

[rmnhg]

I'm facing the same problem while porting sony/flamingo (Xperia E3): I'm not able to fastboot boot out/device/sony/flamingo/lk.img. When I run it, system reboots but boots system as usually. Did you fix the error @LNJ2 ? I disabled 2NDSTAGE but then kernel started to give errors when compiling :(

[lnjX]

@rmnhg No, I didn't fix the error. But I can tell you that fastboot boot isn't working generally on most sony devices. You really have to flash it to the boot partition, but if you do so, be sure you can still get into fastboot anyhow.

In my case I once flashed a kernel: I don't know if it really worked ... there was no output on the screen. But the problem was that I couldn't get anyhow into fastboot or the recovery again! This is because Sony devices have the bootloader for select what to start (recovery, fastboot, system) into the boot partition with the loader for the real system. If you overwrite it, you can't boot into your recovery again, nor in your bootloader/fastboot, nor into your normal system.

The solution for me was to use a hairdryer to make the back cover of the Z hot and then use some tools to remove it. Then I could access the battery! I removed it and attached my device via. USB and the device immediately booted into fastboot. So now I have no problems with not working boot.img anymore! :smile:

I also tried to port Halium for the Z: https://github.com/Halium/projectmanagement/issues/19 But it currently fails at the GPU, but WiFi, LED, sensors and the vibrator are working now with a Ubuntu system image! :)

[feherneoh]

I'm not sure about E3, but Z has a normal, sane bootloader. For older phones, like Xperia SP you should NEVER flash the boot partition, but use the one called "kernel" instead. Xperia Z has SBL1, S1SBL, SBL2, SBL3, TZ, aboot as bootloader partitions, boot and FOTAKernel as bootimages, but SP has Boot as merged bootloader (all of the bootloaders in the same image), kernel and FOTAKernel as bootimages. Fastboot should be accessible as long as you don't mess aboot up, but as you have said, removing the battery can force the phone into fastboot (service mode: fastboot)

[rmnhg]

@LNJ2 hmm Halium sounds good. In E3 fastboot works with boot partition wiped, so that is not a problem. @feherneoh in E3 I have these partitions: DDR boot FOTAKernel cache LTALabel dbi TA fsg aboot modemst1 alt_aboot modemst2 alt_dbi rpm alt_rpm s1sbl alt_s1sbl sbl1 alt_sbl1 system alt_tz tz apps_log userdata

So for me, aboot is fastboot and boot is bootable (I don't know about Flash Mode). FOTAKernel is only bootable as recovery in Open Device Bootloader, released by Sony Xperia Developer World. Is there a change of getting EFIDroid working? I didn't tried to flash lk.img to boot, only fastboot boot (which is not working)

[feherneoh]

@rmnhg fastboot boot breaks display with most of the kernels too, so better not use it. If you have the latest bootloader with FOTAKernel boot support, then use that partition. Display will be a pain, but if your LCD is a command-mode panel, you should be able to bring it up with the DTB driver (booting from boot partition in this case)

[rmnhg]

@feherneoh so flashing to boot partition could work? And another question, is there another way to extract bootloader addresses with a backup of aboot image?

[feherneoh]

the address of aboot is stored in its header, so you can read it with a hexeditor

[rmnhg]

@feherneoh how to do it? I have ran binwalk aboot.img as @M1cha said here It reported this:

DECIMAL       HEXADECIMAL     DESCRIPTION

211852        0x33B8C         Android bootimg, kernel size: 0 bytes, kernel addr: 0x4F525245, ramdisk size: 1142962770 bytes, ramdisk addr: 0x63697665, product name: ""
229001        0x37E89         Unix path: /core/certificates/src/certparser.c
229361        0x37FF1         Unix path: /core/certificates/src/certverifier.c
231916        0x389EC         SHA256 hash constants, little endian
232272        0x38B50         Certificate in DER format (x509 v3), header length: 4, sequence length: 679
232956        0x38DFC         Certificate in DER format (x509 v3), header length: 4, sequence length: 689
445112        0x6CAB8         Certificate in DER format (x509 v3), header length: 4, sequence length: 1183
446299        0x6CF5B         Certificate in DER format (x509 v3), header length: 4, sequence length: 1014
447317        0x6D355         Certificate in DER format (x509 v3), header length: 4, sequence length: 968

EDIT: don't worry, I have now the address. The problem was that fastboot boot was not working. As soon as I flashed lk.img to boot.img it started working :)

[feherneoh]

binwalk seemingly does not support Qcom MBN images

[M1cha]

@feherneoh I didn't do that yet because qcmbns don't have a magic. I'm not sure if it's possible to detect that image_size==code_size+signature_size+cert_chain_size using their definition language: https://github.com/devttys0/binwalk/blob/master/src/binwalk/magic/firmware

[feherneoh]

well, they do have a "magic" MBN version and MBN type, so you can detect like "MBN appsbl V3"

[drakonknayt]

Has anyone been able to solve the problem with the display and fastboot ? Got someone to install efidroid ? If it works , then if it works well ?