PDA

View Full Version : Is this how to hack a series 2.5 SA kernel?



zigner2
06-16-2009, 01:41 PM
I have successfully replaced the Prom in my unit with a modified one and I am ready for the hacked kernel step.

I want to be sure I am proceeding correctly so I don't mess up my unit.

I plan to run the tool to modify the kernel because I see that if I choose a custom kernel for my unit, there are other modifications needed for ethernet and drivers etc, and I wish to minimize the chance for error.

I wish to do this in Windows so:

I will be running replace_initrd_windows from
http://dealdatabase.com/forum/showthread.php?t=53272

I thought it was odd, but unless I am reading this wrong, the null code that gets inserted is not built in this tool? So I need to copy over and specify to the tool to use the "initrd" file from the following zip?
http://www.dealdatabase.com/forum/showthread.php?t=21976

I have backed up the kernel onto my PC.

I already have a serial null modem adapter hooked up to a tivo cable to be able to get a serial connection.

Am I on the right track?

jt1134
06-16-2009, 05:48 PM
null-linuxrc is not built into replace_initrd. a while ago, I think someone posted a version that did have it compiled in, but that version did other stuff (de-scrambling?) to the kernel so you certainly don't want to use it if you do find it.

use the windoze compiled replace_initrd with the null-linuxrc you linked to and you'll be on your way.

zigner2
06-18-2009, 03:03 PM
thanks for the confirmation JT

It seemed to go so easily, but something isn't right.

I ran the replace_initrd in windows on the the kernel which I backed up to the PC via Winmfs, and used the unziped 4k initrd null replacement from that link in the command as the second parameter.

Running it gave me:

initrd.gz found at 1391600
8+0 records in
4096+0 records out

I noted that the file size of the kernel has not changed after running the tool, which I assume is a good sign in that this tool only replaces some of the executable in the kernel.

I restored the updated kernel file back to the tivo using Winmfs, and when I start the Tivo I get what looks like a soft reboot every minute or so, only seeing the initial screen on my TV.

Any ideas? With these tools it seems like such a straight forward process, what could I have done wrong?

I noticed that after unzipping the null initrd file and viewing it, I can see text reading "Compressed ROMFS" near the beginning of the file. I don't know if that's normal. Just thought I would mention that since it caught my eye.

jt1134
06-18-2009, 05:25 PM
use the file from this post (http://www.dealdatabase.com/forum/showpost.php?p=85149&postcount=3).

just remove the .zip extension, don't actually unpack it.

zigner2
06-19-2009, 10:55 AM
GREAT! That worked. Thanks so much!!

I'm curious, the other file I tried seemed to be in a valid zip format, yet it obviously unziped into a much different file. Why?

Now I get to have some real fun with this!