Jump to content

[REF] Cooking info, kitchen, tools, etc ....


Guest rodrigofd
 Share

Recommended Posts

In fact, it's not too bad that we can now modify the "dump" to make a lighter ROM. Although we can't add new modules in yet but at least we can add new files/registries in. The worst thing is we can't make the newer ROM (other than COM2 tree) but there is no such ROM officially anyway. I hope Samsung adopts new COM3 or COM5 trees to their devices soon and we can then cook the new ROM.

It would be nice if someone can give me clues to correct TF3D bugs and I will add into the future ROM.

You're right, but we do have some limitations. For example, initflashfiles.dat is stored in language pack (for each language), so even if we include our own in dump, it will be replaced by the one in langpack.

This prevents us to do things like, move files from \windows base dir, to other locations (eg. something as simple as start menu shortcuts).

Not to mention, language files for apps that we remove from dump will remain on ROM (eg. you remove cube, but cube.0490.mui remains) ...

Link to comment
Share on other sites

rodrigofd : So it means we should focus more on LangPacks? I will try to look through it. Where is it stored? PDA or CSC ?

Khuanchai : Mind if i redump your ROM and add new files to it ? (:

Link to comment
Share on other sites

You're right, but we do have some limitations. For example, initflashfiles.dat is stored in language pack (for each language), so even if we include our own in dump, it will be replaced by the one in langpack.

This prevents us to do things like, move files from \windows base dir, to other locations (eg. something as simple as start menu shortcuts).

Not to mention, language files for apps that we remove from dump will remain on ROM (eg. you remove cube, but cube.0490.mui remains) ...

I totally agree with you on those limitations. It will finally come I believe. I remember we were almost at zero 2 or 3 weeks ago but now we at least can manipulate some.

Link to comment
Share on other sites

rodrigofd : So it means we should focus more on LangPacks? I will try to look through it. Where is it stored? PDA or CSC ?

Khuanchai : Mind if i redump your ROM and add new files to it ? (:

Langpack is a second section of the NB0 PDA file format.

NB0 has a first mandatory OS-IMAGE section, with a 0x100 header.

That is the case of chinese roms (II1 etc)

Some ROMs (secany etc., the ones we're working with) have an additional second section, the langpack, also with a 0x100 header, similar to the other (byte size, sector count, checksum).

Such section has a similar format to OS-IMAGE, and its main subsection is a TFAT disk image, which can be actually mounted by virtual drives, like Daemon Tools.

This image have a standard directory structure, and includes several files... some BMPs (with unknown format, not standard bmps), some langpack definition files, and, for each included language, a set of .cab.pkg files. Those are the key of all this.

.CAB.PKG is a format defined by MS, not Samsung. They are OEM package updates.

Aside pkg extension, .CAB.PKG is a standar Microsoft cabinet file (.CAB).

It includes all files that conform an OEM package, particularly a DSM manifest file, and optional RGU registry definitions, aside from files that conform the package itself.

But there's another catch: for the files that are defined as 'modules' (the ones mapped to VM, represented by folders with imageinfo.bin, S000, S001, ...), they are stored in a special format: MNGE. i already unlocked this format, and one of my utilities already converts this file to an OEM module (which can then be turned to file by some tool, like RECMOD).

Not all dlls, muis and exes are stored as MNGE... some are direct files.. you can tell that depending of file signature: if it begins with MNGE, its a MNGE module.. if not, its a standard direct file.

Link to comment
Share on other sites

rodrigofd : So it means we should focus more on LangPacks? I will try to look through it. Where is it stored? PDA or CSC ?

Khuanchai : Mind if i redump your ROM and add new files to it ? (:

No problem! We need everyone's effort to make the final goal.

Although now we have to stick with Samsung LANGPACK, I believe our goal is to make a single language ROM and just ignore the LANGPACK.

Link to comment
Share on other sites

Khuanchai... Thanks for your custom ROM... I was waiting for that... Online Widget really takes a lot of RAM and space.. and there's better shell out there to use. I like Spb Shell.

I also like some of samsung's features when it customizes the OS.. specially messaging and some other stuff...

Glad you didn't removed that.

So my questions is: Is it possible to remove or disable Touch Flo 3D (I prefer to remove it from the ROM if possible), that is included in your custom ROM? So I can use Spb Shell?

Thank you very much.

Link to comment
Share on other sites

More technical data.....what i know up to now.. for reference

I8000 NB0 format is as follows:

[0x100 byte header1] [variable size section1] { [0x100 byte header2] [variable size section2] ... }

Both headers share this format: (0x100 bytes)

Offset 0x0: 55 55 55 55 (signature)

Offset 0x4: 32 bit uint -> section size in bytes (following the 0x100 header)

Offset 0x8: 32 bit uint -> section size in blocks (with each block being 0x1F800 bytees = section size / 0x1F800)

Offset 0xC: 32 bit uint -> 32-bit checksum, (longitude parity check), applied to the section data (not including header).

Rest of the header data are strings, of no apparent relevance to the flasher program. If NB0 includes language packs, their lang codes are listed among other strings, like rom version name.

Section 1 is always present, Section 2 is only included in roms that include multiple language packs (like Secany ones).

For ROMs that don't include langpacks, then all the files for the preset language are merged with the rest in main section 1.

Both section 1 and 2, its main data is some kind of 'os-image'..., similar to other devices ROMs, but not equal.

That is why standard tools don't work well with this. There are similarities: begins with signature EF FD FF, has a MBR table at offset 0x1BE of a 0x50 size (four entries: 0 is boot/uldr, 1 is system partition (XIP), 2 is IMGFS, 3 is empty slot) .

Finally , at offset 0x800 there is a flash partitions section (MSFLSH50), but the issue here is that it is not in the standard format, ... its completely different from other roms, and no tool understands it.

Link to comment
Share on other sites

Moreover, there are more differences between chinese single-lang roms, and english multilang-roms.

Because of the fact that multilang roms include a langpack section, its flashing boot code is somehow different. Because of this, if we build a ROM based on a multilang NB0, and we EXCLUDE the langpack section, but adding all language files to dump, this ROM fails to flash (blue screen). Most likely, its boot program looks for langpack section and fails...

So, i tried several experiments. I injected boot partition from chinese ROMs (the one that doesn't look for langpack), into a customized english-based rom.

It doesnt bring a blue screen, but hangs afterwards, like in splash screen.

I'm sure this is related to the os-image, like the MBR table, the MSFLSH50 section, or something like that. OSNBTOOL from Weisun doesnt properly fix all this values..

Link to comment
Share on other sites

Langpack is a second section of the NB0 PDA file format.

NB0 has a first mandatory OS-IMAGE section, with a 0x100 header.

That is the case of chinese roms (II1 etc)

Some ROMs (secany etc., the ones we're working with) have an additional second section, the langpack, also with a 0x100 header, similar to the other (byte size, sector count, checksum).

Such section has a similar format to OS-IMAGE, and its main subsection is a TFAT disk image, which can be actually mounted by virtual drives, like Daemon Tools.

This image have a standard directory structure, and includes several files... some BMPs (with unknown format, not standard bmps), some langpack definition files, and, for each included language, a set of .cab.pkg files. Those are the key of all this.

.CAB.PKG is a format defined by MS, not Samsung. They are OEM package updates.

Aside pkg extension, .CAB.PKG is a standar Microsoft cabinet file (.CAB).

It includes all files that conform an OEM package, particularly a DSM manifest file, and optional RGU registry definitions, aside from files that conform the package itself.

But there's another catch: for the files that are defined as 'modules' (the ones mapped to VM, represented by folders with imageinfo.bin, S000, S001, ...), they are stored in a special format: MNGE. i already unlocked this format, and one of my utilities already converts this file to an OEM module (which can then be turned to file by some tool, like RECMOD).

Not all dlls, muis and exes are stored as MNGE... some are direct files.. you can tell that depending of file signature: if it begins with MNGE, its a MNGE module.. if not, its a standard direct file.

Mind passing me some of your tools?

Link to comment
Share on other sites

Moreover, there are more differences between chinese single-lang roms, and english multilang-roms.

Because of the fact that multilang roms include a langpack section, its flashing boot code is somehow different. Because of this, if we build a ROM based on a multilang NB0, and we EXCLUDE the langpack section, but adding all language files to dump, this ROM fails to flash (blue screen). Most likely, its boot program looks for langpack section and fails...

So, i tried several experiments. I injected boot partition from chinese ROMs (the one that doesn't look for langpack), into a customized english-based rom.

It doesnt bring a blue screen, but hangs afterwards, like in splash screen.

I'm sure this is related to the os-image, like the MBR table, the MSFLSH50 section, or something like that. OSNBTOOL from Weisun doesnt properly fix all this values..

Oic. Since osnbtool doesnt fix all this values we have to manually edit them ? But this cannot be a permenant solution.

Link to comment
Share on other sites

Oic. Since osnbtool doesnt fix all this values we have to manually edit them ? But this cannot be a permenant solution.

Well,.. some little good news: Secany had just provided me with some neccesary files i can use to further study ROM structure.... i'll start to get into it, to improve and tweak my tools.

jermx, once i manage to cook a final, complete english ROM with my tools, be sure i'll release them as a kitchen for everyone to use.. i don't intend to keeping them for myself, but i'll only share them when i assure they work fine..:D

PD We should be very thankful of people like Secany whose contribution allows us to improve our phones... many thanks to him

Edited by rodrigofd
Link to comment
Share on other sites

Well,.. some little good news: Secany had just provided me with some neccesary files i can use to further study ROM structure.... i'll start to get into it, to improve and tweak my tools.

jermx, once i manage to cook a final, complete english ROM with my tools, be sure i'll release them as a kitchen for everyone to use.. i don't intend to keeping them for myself, but i'll only share them when i assure they work fine.. :D

PD We should be very thankful of people like Secany whose contribution allows us to improve our phones... many thanks to him

Agreed! Thanks Secany!

P.S. Secany, any idea where the ROM is stored on the I8000L so I can dump it with WinHex and send it to rorigofd? I can't seem to find CUBIC37.MLI on the My Storage area...

Link to comment
Share on other sites

Agreed! Thanks Secany!

P.S. Secany, any idea where the ROM is stored on the I8000L so I can dump it with WinHex and send it to rorigofd? I can't seem to find CUBIC37.MLI on the My Storage area...

Sorry, no idea mate.

Link to comment
Share on other sites

Agreed! Thanks Secany!

P.S. Secany, any idea where the ROM is stored on the I8000L so I can dump it with WinHex and send it to rorigofd? I can't seem to find CUBIC37.MLI on the My Storage area...

It seems we can't do that technique with your phone... it is possible that CUBIC37.MLI is written, once you flash a MST PDA file for the first time....

Link to comment
Share on other sites

It seems we can't do that technique with your phone... it is possible that CUBIC37.MLI is written, once you flash a MST PDA file for the first time....

Work out with you i8000 first, i8000L I have original, file struct similar to i8000.

Link to comment
Share on other sites

Agreed! Thanks Secany!

P.S. Secany, any idea where the ROM is stored on the I8000L so I can dump it with WinHex and send it to rorigofd? I can't seem to find CUBIC37.MLI on the My Storage area...

just dump it with procdump. Dump whole ROM as one dump (not part00, part01, part02)

Dump will have all required files to re-assemble it into flashable ROM.

I didn't see i8000L ROMs yet, but i think, that PDA part is interchangable between i8000 and i8000L. All difference should be in phone firmware.

PDA part of i8000L can have other set of languages (or even english-only) and some region customizations (beside CSC file).

Would be interesting to see dump of i8000L ROM. I can try to flash to my i8000 device and then we will have answer about compatibilities.

Edited by sorg
Link to comment
Share on other sites

just dump it with procdump. Dump whole ROM as one dump (not part00, part01, part02)

Dump should have all required files to re-assemble it into flashable ROM.

I didn't see i8000L ROMs yet, but i think, that PDA part is interchangable between i8000 and i8000L. All difference should be in phone firmware.

PDA part of i8000L can have other set of languages (or even english-only) and some region customizations (beside CSC file).

Would be interesting to see dump of i8000L ROM. I can try to flash to my i8000 device and then we will have answer about compatibilities.

put beforehand I am a newbie don't answer if my question is nonsense, I have procdump and now how can I dump the ROM is there an easy tutorial please redirect me or (better :D ) explain me how to go...

Link to comment
Share on other sites

Hello !

I just got an Omnia i8000L (live in Canada) and am happly willing to share the stock rom for further testing if one can guide me on the procedure!

The phone is great but i definitely want touch flo on it instead of these widgits. there nice but way too slow for practical use.

My Device Versions are

PDA : I8000LUGIJ6

CSC: I8000LBMCIJ6

PHONE: I8000LUGIJ6

Win Mo 6.5

CE OS 5.2.21856 (build 21856.5.0.65)

Link to comment
Share on other sites

I've wrote tiny utility to dump ROM (in attachment)

Insert microSD card, copy dskdump to device and run it.

It will dump whole ROM (need several minutes) to \storage card\rom_dump.bin file.

It will show message box as it finished.

dskdump.exe

Edited by sorg
Link to comment
Share on other sites

I've wrote tiny utility to dump ROM (in attachment)

Insert microSD card, copy dskdump to device and run it.

It will dump whole ROM (need several minutes) to \storage card\rom_dump.bin file.

It will show message box as it finished.

Sorg, do you happen to know where do other parts of firmware are stored ? Eboot, Phone, CSC... . particularly Phone binary part... is there another memory chip for that? should it be possible to dump it too ?

Link to comment
Share on other sites

I've wrote tiny utility to dump ROM (in attachment)

Insert microSD card, copy dskdump to device and run it.

It will dump whole ROM (need several minutes) to \storage card\rom_dump.bin file.

It will show message box as it finished.

thank you very much for the tool sorg you're my rescuer, I tried it but because of my sdhc card' name is not storage card but the translation in italian "scheda memoria" the software fail to dump the rom. I tried to rename the sdhc card without success could you help me adding a software option to specify the sdhc card's name or something similar?It would be great... :D

Edited by kibiwi
Link to comment
Share on other sites

Please sign in to comment

You will be able to leave a comment after signing in



Sign In Now
 Share

×
×
  • Create New...

Important Information

By using this site, you agree to our Terms of Use.