vbmeta_system.img #63
Comments
|
uploaded zip fyi |
|
to unpack "vbmeta_system.img", you need to clear the directory, and leave "vbmeta_system.img" the only .img file there. As you can see, it contains hashTree descriptor of /system and /product. |
|
thx for the update. thumbs up! I am more interested on phh's gsi for example; so i wanted to update those hash/salted value accordingly. thus had hex dump it a bit. the arch is like below, plz correct me there. ->vbmeta.img hashed (boot, dtbo, vendor, system_ext, vbmeta_system), really strange system_ext is tightly couple with system but it exist on this file. if i wanted to use my own gsi/boot/dtbo, I guess I need to update(repack) hashes of product/system in vbmeta_system (for system/product), sign vbmeta_system; then make sure boot.img is signed correctly with your great tool , also dtbo signed in same case, hashed, then update(repack) hash in vbmeta relevant field. The things seemed missing are: (1) dtbo hashing and signed (thx again for pointing about dtbo unpack. I don't have concern atm with dtbo.img itself since i compiled kernel, and dtbo.img is built as well. just for fun, i guess dtbo is signed and this is the reason i fastboot Image.gz+dtb ok but same param i made an boot.img.clear and boot fail), then update vbmeta file for the dtbo's new hash. or alternatively make vbmeta ignore the verity by filling a field by 02, kind of thing. (2) update vbmeta_system about the product/system with private key(instead of google) and do a proper hash with salted. it is also nice to know how to replace key with boot.img.signed2, for example, to use my own key. so is any chance? I am not keen on crypto thing so could you share a little idea about how to get the desired salted/hash field value in boot.avb.json also vbmeta.avb.json so i can edit it accordingly? |
|
good news is after remove the dtbo entry from vbmeta.avb.json, repack and flash back, the fastboot boot boot.img.signed2 is working. and seemed also recompile/repack newer kernel for boot.img.signed2 does work too. no need to flash a new vbmeta.img related #64 |
|
"really strange system_ext is tightly couple with system" "no need to flash a new vbmeta.img." "dtbo hashing and signed" "update(repack) hashes of product/system in vbmeta_system" If you need to replace/update more images, you should already have a full copy of AOSP code, then you have everything you need to make any images. More details can be found in AOSP makefiles. BTW: patches are welcome :) |
|
If there is scenario that you have 3rd party images (dtbo, system, system_ext, vendor ...), but not the full source code, and you want to update vbmeta accordingly, please let me know. |
|
Yes exactly same case I am going to do. I see there is no more all-in-one android tooling (android kitchen, kind of). I found that your project is the only one that getting the job done and filling the technical gap well. I am not capable/knowledge enough to do full AOSP from ground up. So I planed to make it myself a usable rom from primarily LineageOS. As I succeed and it's working previous Meizu E3 (from Yandex Amber). It should work as 3rd-party LineageOS is more GSI capable and hardware agnostic today. The remaining todo is like copy file a from vendor b based one vender c to form img named d. Funny enough is XiaoMi sdm660 series phone with LOS support happened with getting Nokia's vendor file. LineageOS/android_device_xiaomi_whyred@24249bc BTW, I tested with it and the result from LOS davinci rom to this redmi note 9 pro is promising. I will go with that route too as I am more LOS rom fans at all. So plz keep the great work through the economic hard time. |
|
If the goal is to boot up Android, and AVB verification disabled is accepted: Just disable it by setting flag=3; or remove the relevant entry from vbmeta json, then pack vbmeta image again. |
copy from redmi note 9 pro global (dotOS rom), 3 files boot.img, vbmeta.img and vbmeta_system.img to
~/Android_boot_image_editor#
result below:
01:54:10:373 INFO BootV2 -
Unpack Summary of boot.img
┌───────────────────────────────────────┬──────────────────────────────────────┐
│What │Where │
└───────────────────────────────────────┴──────────────────────────────────────┘
┌───────────────────────────────────────┬──────────────────────────────────────┐
│image info │build/unzip_boot/boot.json │
├───────────────────────────────────────┼──────────────────────────────────────┤
│AVB info [verified] │build/unzip_boot/boot.avb.json │
├───────────────────────────────────────┼──────────────────────────────────────┤
│kernel │build/unzip_boot/kernel │
│-- version [4.14.234] │build/unzip_boot/kernel_version.txt │
│-- config │build/unzip_boot/kernel_configs.txt │
├───────────────────────────────────────┼──────────────────────────────────────┤
│ramdisk │build/unzip_boot/ramdisk.img.gz │
│-- extracted ramdisk rootfs │build/unzip_boot/root │
├───────────────────────────────────────┼──────────────────────────────────────┤
│dtb │build/unzip_boot/dtb │
└───────────────────────────────────────┴──────────────────────────────────────┘
┌───────────────────────────────────────┬──────────────────────────────────────┐
│vbmeta.img │build/unzip_boot/vbmeta.avb.json │
└───────────────────────────────────────┴──────────────────────────────────────┘
01:54:10:401 WARN PackableLauncher - 'unpack' sequence completed
looks like vbmeta_system.img is no-op at all. Do this vbmeta_system.img also need repack?
The text was updated successfully, but these errors were encountered: