Snprintf(cmdline_buf, CMDLINE_LEN, " %s ", cmdline) Snprintf(cmdline_buf, CMDLINE_LEN, " %s initrd=0x %08x,0x %08x ", cmdline, initrd_addr, initrd_size) Unsigned int initrd_addr, unsigned int initrd_size, Int write_atags(libusb_device_handle *dev, const char *cmdline, # define H4S_LINUX_AUTOREFLASH_CMDLINE root=/dev/ram0 init=/bin/sh console=tty0 mtdparts=ambarella_nand:507008k(firmware_raw),-(calibration_data)ro autoreflash " # define H4S_LINUX_CMDLINE root=/dev/ram0 init=/bin/sh console=tty0 " # define H3PB_LINUX_AUTOREFLASH_CMDLINE console=tty0 root=/dev/ram0 init=/init mtdparts=ambnand:522624k(firmware_raw),1408k(calibration_data)ro,-(extra_stuff) autoreflash " # define H3B_LINUX_CMDLINE console=tty0 root=/dev/ram0 init=/bin/sh "
* You should have received a copy of the GNU General Public License * GNU General Public License for more details. * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. * but WITHOUT ANY WARRANTY without even the implied warranty of * This program is distributed in the hope that it will be useful,
* the Free Software Foundation, either version 2 of the License, or * it under the terms of the GNU General Public License as published by Then just rewrite an working bootloader from any related firmware.* This program is free software: you can redistribute it and/or modify When u-boot/ddr is corrupted, we can try to switch memory controller into access mode
If you only need to restore your device, I recommend Access mode for your emmc,
Try this: aml_encrypt_gxb -bootsig -input bootloader.img -output u-boot_new.binītw, this should also prepare/extract separated bl2/tpl u-boot_new.bin - updated full image Rehashing the header can also help for your case. Try to ask on XDA for your s905d platform to be sure. More probably, you need to decrypt this before. So you can't separate it manually as in my readme. I'm not sure (I don't see sign) and you're talking about s905d that I did not inspect as I already said (s905, s905x, s905d, are not the same).Īnyway, there are something different with your case before my 010064AA: 0018A690 07 0B 08 0D 12 12 2A 08 01 00 00 00 00 00 24 24. Second part, starting with `010064AA` is UBOOT.USB ~ īut looks like your attached bootloader is encrypted. Yes, of course, before sequence ~ 2 (BL2) Romcode/ initialize DDR/download data/reading image failed With USB_Burning_Tool, the process stops at 1% with error : Write usbbl2runpara_file 0xd900c000 // for booting tpl from 0x200c000Ġxd9000000 then with BL2 will try to execute directly from RAM and it will abort anything if they have any problem, or it will finally commit changes to ROM. Write uboot_tpl_file 0x200c000 // tpl to ddr Is there any way to retrieve the above parameters/packages from the original bootloader ( dumped with dd command ) ?Īs a big side note for future, I recommend to use RAM directly without affecting ROM if you don't want to recover your corrupted bootloader from device for each trying of course. Usbbl2runpara_ddrinit.bin - download from ( UBOOT) - built with the builroot toolchain 2 ( DDR ) - built with the builroot toolchain
I wonder if one of the following files does not match my TV box : UsbWriteFile len=4096,ret=-5 error_msg=libusb0-dll:err submitting request failed, win error: target does not work. Then I tried the step-by-step way described at ,īut the process stops at the following command : Romcode/initialize DDR/download data/reading image failed etc.īut when I tried to burn the aml_upgrade_package.img with USB_Burning_Tool, the process stops at 1% with error : I tried to build my own bootloader with the official tooltrain buildroot from amlogic and the tool did generate a bunch of images : u-boot.bin.