oranav / i9300_emmc_toolbox

Samsung Galaxy S3 GT-I9300 eMMC toolbox
GNU General Public License v3.0
98 stars 17 forks source link

Porting to S3 AT&T SAMSUNG-SGH-I747 #14

Open r2d23cpo opened 5 years ago

r2d23cpo commented 5 years ago

I did sent you a couple emails. In general I like to port to S3

Phone SPECS Chipset Qualcomm MSM8960 Snapdragon S4 Plus CPU Dual-core 1.5 GHz Krait ro.product.model=SAMSUNG-SGH-I747 ro.product.device=d2att ro.product.board=MSM8960

MMC model type is MAG4FB nor VZL00M 1|root@d2att:/ # cat /sys/devices/platform/msm_sdcc.1/mmc_host/mmc0/mmc0:0001/fwrev dcc.1/mmc_host/mmc0/mmc0:0001/fwrev < 0x0 root@d2att:/ # cat /sys/devices/platform/msm_sdcc.1/mmc_host/mmc0/mmc0:0001/hwrev cc.1/mmc_host/mmc0/mmc0:0001/hwrev < 0x0 root@d2att:/ # cat /sys/devices/platform/msm_sdcc.1/mmc_host/mmc0/mmc0:0001/name cc.1/mmc_host/mmc0/mmc0:0001/name <MAG4FB root@d2att:/ # cat /sys/devices/platform/msm_sdcc.1/mmc_host/mmc0/mmc0:0001/oemid cc.1/mmc_host/mmc0/mmc0:0001/oemid

I understand that your procedure was designed for Exynos devices. But it does not hurt to learn from you.

What I had done: I do own both broken and working donor device. I had patched and build kernel with your mmc.patch. I place inside TWRP recovery, it boots but "cat /proc/devices | grep mmcram” produce no output. I had browse /dev, /dev/blocks, /proc & /sys looking for mmcram. I can supply any data you ask. I Even added extra lines to patch hopping mmcram show up:

Here the specs for MAG4FB for your comparison.

KLMAG4FEJA-A001.zip https://forum.xda-developers.com/attachment.php?attachmentid=3220445&d=1426867305 Can you give me Ideas? Thanks ahead.

r2d23cpo commented 5 years ago

UHH I just found at XDA that we should use the following to get fw version cat /sys/class/block/mmcblk0/device/cid | cut -b 19,20

witch produce "f1" just by lock

The whole string is cd /sys/class/block/mmcblk0/device/ cat cid => 1501004d4147344642f17c1eb1165f76 cat name => MAG4FB cat date => 05/2012

r2d23cpo commented 5 years ago

I am pretty sure you are a busy man. But I like to do some test on my side and at this starting point I feel afraid. As I do not want to hurt my working donor phone. I just need some advice.

Facts. I know your hack is not for “Chipset Qualcomm MSM8960 Snapdragon S4 Plus" nor ment to work for "MAG4FB " emmc. So there should be very litle hope. That is fine.

But I like to get atleast my firmware out of the working donor phone.

I already mention that "First option: use a patched kernel option" can not be used as "mmcram" do not show up after patching my kernel. So I can not download firmware using mmcram.

So I like to explore "Second option: dump using download mode. " and "exploit/sboot_exploit.py --shellcode shellcode/dump_fw.bin -o 0xf1.bin"

But you clearly talk about "You're adviced to use sboot XXELLA since the shellcode is only guaranteed to work against it, but your mileage may vary "

Here is where I need your advice.

1-Please take a minute of your spare time to advice me, what I need to take in consideration when modifying “ shellcode”. 2- Sources for XXELLA are gone. That make my shellcode modification almost impossible. Will it be possible for you to share your kernel source. And if you had any extra time share the 1rst 200meg ( or what ever you think is needed) of your Debrick prepared recovery SD card with XXELLA.

Those two think could allow me to continue exploring your method. If you prefer you could reply me to my email, just look at your mail. I you like I could provide pgp public key. Your choice.