Noisedroid/FAQ

From Noisebridge
(Redirected from AndroidHacking)
Jump to navigation Jump to search

Building[edit | edit source]

<project path="kernel" name="kernel/msm" revision="refs/heads/android-msm-2.6.27"/>
    • this results in a build using a prebuilt kernel and wlan.ko from vendor/htc/dream/.
  • after make completes you'll have a built tree in out/target/product/dream, and you can run
# fastboot flash boot boot.img
# fastboot flash system system.img

Here's what I did to build my own kernel and wlan.ko:

cd mydroid
d=$PWD

First, build the kernel. The android-msm-2.6.27 branch seems to work just fine. We're building for the msm platform using the mydroid/prebuilt/ 4.2.1 toolchain; the 4.3.1 toolchain doesn't seem to work.

cd kernel
make ARCH=arm CROSS_COMPILE=$d/prebuilt/linux-x86/toolchain/arm-eabi-4.2.1/bin/arm-eabi- msm_defconfig
make ARCH=arm CROSS_COMPILE=$d/prebuilt/linux-x86/toolchain/arm-eabi-4.2.1/bin/arm-eabi-

Once the kernel build completes without errors, we can build the horrifyingly complex TIWLAN driver. We don't need to set CROSS_COMPILE or ARCH, the system/wlan/ti/Makefile does that for us, but we do need to add the prebuilt toolchain to $PATH.

cd $d/system/wlan/ti/sta_dk_4_0_4_32
PATH=$d/prebuilt/linux-x86/toolchain/arm-eabi-4.2.1/bin:$PATH make KERNEL_DIR=$d/kernel

Finally, we can install the results into out/target/product/dream/ and rebuild boot.img (for the new kernel) and system.img (for the new wlan.ko). The makefiles don't have correct dependencies for the .img files, so we just delete them and let them get rebuilt.

cd $d
cp kernel/arch/arm/boot/zImage out/target/product/dream/kernel
cp system/wlan/ti/sta_dk_4_0_4_32/wlan.ko out/target/product/dream/system/lib/modules/wlan.ko
rm out/target/product/dream/*.img
make

Working with the G1[edit | edit source]

There are two significant host apps for (ab)using the G1: fastboot and adb. Fastboot is used to write over USB to the G1's flash, for example to flash a complete system.img or replace the T-Mobile splash screen. adb gives you access to a debug root shell on the G1 with adb shell, and also "syslog" with adb logcat.



USB to Serial interface with the G1[edit | edit source]

G1 USB to Serial interface cable

It's possible to create a USB to serial interface cable (details here) to interact with the running phone and the boot loader(s).

According to this android-platform post the serial port is 115,200 8N1 at 2.8V TTL with the following pinout:

_____________
| A B C D E |
\1 2 3 4 5 6|

A: GND
B: NC
C: +DATA
D: -DATA
E: +5v

1: +Mic
2: +Right
3: Switch / Rx (2.8V, CMOS-TTL Level) / CABLE_IN2 
4: GND / Tx (2.8V, CMOS-TTL Level) / CABLE_IN1
5: GND (Serial GND, 0 Ohms resistance between this and pin A)
6: +Left

!!! Fixed 10.10.09 : Rx & Tx reversed, because they were confused !!!

How to make a Android G1 Serial to USB Cable