Skip to content

Instantly share code, notes, and snippets.

What would you like to do?
How to Extract Android Kernel And Modify The Boot Ramdisk (Android 4.4) on Allwinner based Processor

Extracting Existing Kernel + Ramfs

Enter the machine using adb shell

Run cat /proc/partitions

  #  Path                     Purpose        Size
  0 /dev/block/mmcblk0                       7761920
  1 /dev/block/mmcblk0p1      data           6085631
  2 /dev/block/mmcblk0p2      bootloader     16384
  3 /dev/block/mmcblk0p3                     1
  5 /dev/block/mmcblk0p5      uboot          16384
  6 /dev/block/mmcblk0p6      kernel         16384
  7 /dev/block/mmcblk0p7      system         786432
  8 /dev/block/mmcblk0p8      misc           16384
  9 /dev/block/mmcblk0p9      recovery       32768
 10 /dev/block/mmcblk0p10     sysrecovery    16384
 11 /dev/block/mmcblk0p11     private        16384
 12 /dev/block/mmcblk0p12     Reserve0       16384
 13 /dev/block/mmcblk0p13     klog           32768
 14 /dev/block/mmcblk0p14     Reserve1       16384
 15 /dev/block/mmcblk0p15     Reserve2       655360

Dump the partition to a file using dd

dd if=/dev/block/mmcblk0p6 of=/data/kernel_ramfs.img

Extract it to your linux system adb pull /data/kernel_ramfs.img

Install abootimg

Run sudo apt-get install abootimg

Check the Kernel Dump

Run abootimg -i kernel_ramfs.img. It need to show

Android Boot Image Info:

* file name = kernel_ramfs.img

* image size = 16777216 bytes (16.00 MB)
  page size  = 2048 bytes

* Boot Name = ""

* kernel size       = 9797076 bytes (9.34 MB)
  ramdisk size      = 2017625 bytes (1.92 MB)

* load addresses:
  kernel:       0x40008000
  ramdisk:      0x41000000
  tags:         0x40000100

* empty cmdline
* id = 0x7c37c0d4 0xcefde745 0xe81b85ba 0xf05275ba 0xbe7de0ad 0x00000000 0x00000000 0x00000000

That means you dump the correct kernel+ramfs

Extract Kernel Dump

abootimg -x kernel_ramfs.img

It will extract zImage and also initrd.img

Extract Ramdisk, Modify And Repack

mkdir initrd
cd initrd
cat ../initrd.img | gunzip | cpio -vid

Modify the ramdisk accordingly (e.g. you modify init.rc or add another additonal files) Then repack accordingly

cd initrd
find . | cpio --create --format='newc' | gzip > ../myinitrd.img

Repacking Boot.Img

abootimg --create myboot.img -f bootimg.cfg -k zImage -r myinitrd.img

Adb Put and Redumping

adb push myboot.img /data/myboot.img
adb shell dd if=mybootimg of=/dev/block/mmcblk0p6

Reboot - And pray for the best

Copy link

dxcvvxd commented Sep 8, 2022

this is what it looks like for me

pretty empty, is that normal?

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment