Hello,
I want to cook my own ROM. After I read many many sites at this forum, I found a 'polaris kitchen 1.3' that seems to be good for me.
I want to use the original WM6.1 O2-ROM as base for my 'new' ROM.
My target is the original ROM without some progs (O2 specific) an also without tomtom, 'Erste Schritte' (First Steps) and opera.
I want to add MyMobiler, and some other cabs. Also, I want to make some registry corrections.
These steps I made:
1. Extract the Updatefile with 7Zip and got the neccassary file 'RUU_signed.nbh' as I understand correctly.
2. Extract the 'RUU_signed.nbh' with this command
Code:
NBHextract.exe RUU_signed.nbh
Now, I have these files
- '00_Unknown.nb', <== Radiofile (Thanx to ianl8888)
- '01_SPL.nb', <== ???
- '02_MainSplash.bmp', <== O2 BootSplashScreen Bitmap
- '02_MainSplash.nb' <== ???
- '03_OS.nb' <== OS file which we need to split
Question1: Do I need only the '03_OS.nb'? What do i need the other files for?
3. I used this command to split the nb-File '03_OS.nb'
Code:
NBSplit.exe -kaiser 03_OS.nb
I got this:
- '03_OS.nb.payload'
- '03_OS.nb.extra'
Question2: Is it OK to use the parameter -kaiser? Remember, I will create a orbit2/polaris ROM
Question3: What are this files for?
4. now I used this command
Code:
imgfsfromnb 03_OS.nb.payload imgfs.bin
to build the 'imgfs.bin' file
5. with the following command I've created a 'dump' folder
Code:
imgfstodump imgfs.bin
This dump folder include many subfolders and files
6. I start the package tool 'PKGTool.exe' an selected the dump-Folder
The output:
Code:
[Selected Path]
C:\Extracted ROM\dump
[Core OS]
Windows Mobile-based Pocket PCs
[Versions]
SYS: 5.2.19965.1203
OEM: 3.13.0.0
OEM: 0.0.1.0
SYS: 5.2.19958.1200
NET: 2.0.7045.0
OEM: 29.6.31301.207
OEM: 29.3.31301.207
[Language]
0407 - German (Germany)
[DPI]
96
[Certificates]
CN=Microsoft Windows Mobile PCA, O=Microsoft Corporation, L=Redmond, S=Washington, C=US
CN=OEM_UpdateCert
CN=O2___102
[Missing Manifests]
d92a4f0a-378a-4482-8fd3-bd127a05e4de.dsm
723fb954-d931-4348-b672-82a188e587b5.dsm
3346da5d-3675-4a67-925e-75f623184bda.dsm
98af2d70-895d-99af-0ffc-ede71fc1186d.dsm
75bcb9fa-30b9-8705-5d86-11acd2e2c1b1.dsm
Question4: Everything OK till now?
7. Now I've selected 'tool' - 'build packages'
Inside the dump folder, I've only two subfolder 'SYS' and 'OEM'
Maybe this is the next step ... (Thanx to ianl8888)
8. Now we must dump the 'xip.bin' with this command:
Code:
RomMaster.exe 03_OS.nb.payload -w 5 -b 0x00310000 -x -o xip.bin
[The syntax recorded in the how-to page had left out the suffix "payload" ]
So I have a XIP.BIN about 3.3Mb which XIPPort.exe has dumped into \Out\Files & \Out\Modules
Question5: What to do next?
Hi,
that is exactly the same I wanna do. After you have the SYS and OEM folder the next would be to re-create the ROM folder for your kitchen. We need a new XIP. That is the point where I don't know how to continue. I have already tested to replace the original SYS and OEM with those versions I build via dumping the new O2 Germany ROM. But after trying to rebuild and flashing the ROM with the kitchen the ROM won't boot.
Therefore I asked the chefs at http://forum.xda-developers.com/showthread.php?p=2657634 to help me.
Hopefully we can take a step further.
Tom
I have already managed to build a new german rom based on the
O2 GER 3.13 released some days ago and I used the XIP 20743 from
Shayders thread to build. Had no errors in cooking but I did not
flash yet because of maybe wrong location of XIP files in the ROM.
But I have another problem with HTC ROM Tool when trying to cook
the radio 1.59.42.15 (or any other) in the ROM. The tool always states:
"The size of this file is greater than default. Do you want to assign this file?"
I said yes and it builds the rom but now I don't know if it would work
because of the warning. I tried different radio.nb files and all of them
are 17MB and all of them give the error in HTC ROM Tool when assigning
them... Is this normal?
Olioaglio
Orbitter2 said:
Hello,
6. I start the package tool 'PKGTool.exe' an selected the dump-Folder
The output:
Code:
[Selected Path]
C:\Extracted ROM\dump
[Core OS]
Windows Mobile-based Pocket PCs
[Versions]
SYS: 5.2.19965.1203
OEM: 3.13.0.0
OEM: 0.0.1.0
SYS: 5.2.19958.1200
NET: 2.0.7045.0
OEM: 29.6.31301.207
OEM: 29.3.31301.207
[Language]
0407 - German (Germany)
[DPI]
96
[Certificates]
CN=Microsoft Windows Mobile PCA, O=Microsoft Corporation, L=Redmond, S=Washington, C=US
CN=OEM_UpdateCert
CN=O2___102
[Missing Manifests]
d92a4f0a-378a-4482-8fd3-bd127a05e4de.dsm
723fb954-d931-4348-b672-82a188e587b5.dsm
3346da5d-3675-4a67-925e-75f623184bda.dsm
98af2d70-895d-99af-0ffc-ede71fc1186d.dsm
75bcb9fa-30b9-8705-5d86-11acd2e2c1b1.dsm
Question4: Everything OK till now?
7. Now I've selected 'tool' - 'build packages'
Inside the dump folder, I've only two subfolder 'SYS' and 'OEM'
Question5: What to do next?
Question6: Should I copy these folder to the kitchen?
Click to expand...
Click to collapse
I don't know how to proceed yet with the "re-building stage", but I think you are still 3 steps short of this, anyway:
we need the XIP.BIN file to use the XIPPORT.exe tool on for XIP Files\Modules. The XIP build no. I have extracted is 19965, but we are already at 20753 for the device-independent MS files
I do NOT yet know how to extract the XIP.BIN file for this. I have successfully extracted it from an Eten temp.dat file (nbh equivalent) but not for HTC ROM files.
So I think we need to do steps 7,8,9 (xip.bin, xipport, \out) yet. How to extract xip.bin ??
Then re-build with edits (whole new ball game)
Some ROM chefs (eg. Ervius, swtos, cs) are generous enough to help, I hope, as they have in the past.
ianl8888 said:
I do NOT yet know how to extract the XIP.BIN file for this. I have successfully extracted it from an Eten temp.dat file (nbh equivalent) but not for HTC ROM files.
So I think we need to do steps 7,8,9 (xip.bin, xipport, \out) yet. How to extract xip.bin ??
Then re-build with edits (whole new ball game)
Some ROM chefs (eg. Ervius, swtos, cs) are generous enough to help, I hope, as they have in the past.
Click to expand...
Click to collapse
OK, later edit:
I've figured out how to dump xip.bin
RomMaster.exe OS.nb.payload -w 5 -b 0x00310000 -x -o xip.bin
[The syntax recorded in the how-to page had left out the suffix "payload" ]
So I have a XIP.BIN about 3.3Mb which XIPPort.exe has dumped into \Out\Files & \Out\Modules
But now, when attempting "make pkgs", XIPPort.exe falls over with "could not load file or assembly" errors these tools are so prone to. A path problem (I think) that continually drives me up the wall. We need the "packages" from XIP.BIN to know which files are the OEM drivers etc specific to the Polaris.
So I'm at steps 7, 8 and 8.5 ... it's like pulling teeth
BTW, 00_unknown.nb is the radio file.
ianl8888 said:
I have successfully extracted it from an Eten temp.dat file
Click to expand...
Click to collapse
I already thought I knew your nickname from somewhere .
ianl8888 said:
OK, later edit:
I've figured out how to dump xip.bin
RomMaster.exe OS.nb.payload -w 5 -b 0x00310000 -x -o xip.bin
[The syntax recorded in the how-to page had left out the suffix "payload" ]
So I have a XIP.BIN about 3.3Mb which XIPPort.exe has dumped into \Out\Files & \Out\Modules
Click to expand...
Click to collapse
Seems to be step 8, thank you! If we are sure that this is the right way, I will insert this step8 into the first post.
But where can I find 'RomMaster.exe'? I've only the beta without the command '-b'.
BTW, 00_unknown.nb is the radio file.
Click to expand...
Click to collapse
I already inserted this into #1
I did it the following way and created a new rom without glitches.
Though don't know if it works because I don't dare to flash it
Thanks, I see that you provided a new XIP in packages
20753 in your new thread. So I decided to use this one with your kitchen and I would breakdown the
steps now with which I built my ROM. Could you
please confirm if I have done right?
1. Download and unrar Shayder kitchen with included (3,8MB) os.nb.payload and imgfs.bin (4,0KB)
http://forum.xda-developers.com/showthread.php?t=421444
(Post #8 in the thread)
2. Download and XIP 20753 from the new thread.
http://forum.xda-developers.com/showthread.php?t=427730
3. Put the extracted SYS and OEM folder from
dumped and packaged ROM of you choice into the Build folder
of the Shayder Kitchen.
4. Put the extracted MSXIPKernel and MSXIPKernelLTK
folder from Shayders XIP 20753 into the SYS folder which
was before copied into the Build Folder.
5. Start ROM.bat in the kitchen
6. Select "1 - Build"
7. Select "1+2+3+4+5" in the next screen
8. Select "0" to let it run
9. Click the green button in the Build tool
10. Close Build tool when run ready
11. Wait to finish the nbh and enjoy!
I did so and got the ruu_signed.nbh file
ready to flash... think no need to XIPport etc.
but in fact I don't know exactly as I didn't flash my rom
Olioaglio
Olioaglio said:
I did it the following way and created a new rom without glitches.
Though don't know if it works because I don't dare to flash it
Thanks, I see that you provided a new XIP in packages
20753 in your new thread. So I decided to use this one with your kitchen and I would breakdown the
steps now with which I built my ROM. Could you
please confirm if I have done right?
1. Download and unrar Shayder kitchen with included (3,8MB) os.nb.payload and imgfs.bin (4,0KB)
http://forum.xda-developers.com/showthread.php?t=421444
(Post #8 in the thread)
2. Download and XIP 20753 from the new thread.
http://forum.xda-developers.com/showthread.php?t=427730
3. Put the extracted SYS and OEM folder from
dumped and packaged ROM of you choice into the Build folder
of the Shayder Kitchen.
4. Put the extracted MSXIPKernel and MSXIPKernelLTK
folder from Shayders XIP 20753 into the SYS folder which
was before copied into the Build Folder.
5. Start ROM.bat in the kitchen
6. Select "1 - Build"
7. Select "1+2+3+4+5" in the next screen
8. Select "0" to let it run
9. Click the green button in the Build tool
10. Close Build tool when run ready
11. Wait to finish the nbh and enjoy!
I did so and got the ruu_signed.nbh file
ready to flash... think no need to XIPport etc.
but in fact I don't know exactly as I didn't flash my rom
Olioaglio
Click to expand...
Click to collapse
I also did it this way. You're right, there is a ruu_signed.nbh after all that staff has finished. But the after flashing this ROM image to the orbit it won't boot. The splash screen is shown but nothing else happens.
I think this is caused by the XIP part.
Tom
tomduke99 said:
. But the after flashing this ROM image to the orbit it won't boot. The splash screen is shown but nothing else happens.
I think this is caused by the XIP part.
Tom
Click to expand...
Click to collapse
OK, what about the 20743 version as os.nb.payload version
as downloadable in Shayders XIP 20743 thread:
http://forum.xda-developers.com/showthread.php?t=424655
(the rapidshare link). This one does not have to be copied
into the SYS folder, but copied directly into the ROM folder.
I created a rom with this one with Polaris Kitchen 1.3.
Don't know if this would boot (didn't flash it either).
Orbitter2 said:
Seems to be step 8, thank you! If we are sure that this is the right way, I will insert this step8 into the first post.
But where can I find 'RomMaster.exe'? I've only the beta without the command '-b'.
Click to expand...
Click to collapse
1) Of course I'm not yet sure that this is the right direction. But I do know that if we want to upgrade the XIP build we have to sort the \OEM and \SYS "packages" from xip.bin. These directories contain OEM drivers specific to the device (here, Polaris)
Still cannot get XIPPort.exe to "make pkgs" although it works with an Eten X500 ROM
2) rommaster.exe is found (from my memory only) in any one of the Polaris or Kaiser kitchen files. It is a very old file, though - Nov 25, 2005. You can also find it in Shayder's kitchen on the front page of this sub-forum
Perhaps there's a later version of a "rommaster.exe" somewhere ?
Olioaglio said:
OK, what about the 20743 version as os.nb.payload version
as downloadable in Shayders XIP 20743 thread:
http://forum.xda-developers.com/showthread.php?t=424655
(the rapidshare link). This one does not have to be copied
into the SYS folder, but copied directly into the ROM folder.
I created a rom with this one with Polaris Kitchen 1.3.
Don't know if this would boot (didn't flash it either).
Click to expand...
Click to collapse
If you are too unsure to test with flashing (I thought that was what HardSPL was for !!) then try to extract your own RUU_signed.nbh in full and see what you get.
ianl8888 said:
1) Of course I'm not yet sure that this is the right direction. But I do know that if we want to upgrade the XIP build we have to sort the \OEM and \SYS "packages" from xip.bin. These directories contain OEM drivers specific to the device (here, Polaris)
Still cannot get XIPPort.exe to "make pkgs" although it works with an Eten X500 ROM
Click to expand...
Click to collapse
later edit: I have XIPPort.exe "making pkgs" now. XIPPort needs to be in its own folder ( ?? )with the support dll's etc.
So now I'm at Step 9 (the unknown) with \OEM and \SYS "packages" for editing.
The base ROM I'm trying to edit is the recent release of the official HTC WM6.1 Polaris ROM. This ROM is not protected by "all-commands-to-one" etc and so is fully extractable and editable if I can figure out how.
I think the next step (likely 10 or 12 sub-steps in there) is to understand the DSM's, RGU's, HV boot files etc. There is a tool XIPAddrTools available on this sub-forum that I have some hope for in helping here
I am trying to do two things with this ROM:
1) replace the XIP device-independent files with an upgraded set (build 1995 to build 2073)
2) remove all the crap that HTC and other ROM cooks put into it - like Cube, Home, Office etc etc
In other words, I'm trying for a WM6.1, recent XIP build, very clean ROM
Maybe ...
ianl8888 said:
I think the next step (likely 10 or 12 sub-steps in there) is to understand the DSM's, RGU's, HV boot files etc. There is a tool XIPAddrTools available on this sub-forum that I have some hope for in helping here
Click to expand...
Click to collapse
There is a very useful "sticky" thread on some of this, started by udK.
Olioaglio said:
OK, what about the 20743 version as os.nb.payload version
as downloadable in Shayders XIP 20743 thread:
http://forum.xda-developers.com/showthread.php?t=424655
(the rapidshare link). This one does not have to be copied
into the SYS folder, but copied directly into the ROM folder.
I created a rom with this one with Polaris Kitchen 1.3.
Don't know if this would boot (didn't flash it either).
Click to expand...
Click to collapse
I just tested without any modifications of XIP. I used the original XIP (os.nb.payload, imgfs.bin) delivered within the Kitchen. Only copied the SYS and OEM from the O2 ROM to the kitchen and tried to build a ROM. Result is a non booting ruu_signed.nbh.
Tom
tomduke99 said:
I just tested without any modifications of XIP. I used the original XIP (os.nb.payload, imgfs.bin) delivered within the Kitchen. Only copied the SYS and OEM from the O2 ROM to the kitchen and tried to build a ROM. Result is a non booting ruu_signed.nbh.
Tom
Click to expand...
Click to collapse
My version attached. If someone wants to try...
It's a german light version of O2 3.13.207.0 ROM
without Cube, TTN, Opera, useless stuff.
With XIP 20743 cooked in as os.nb.payload with
Polaris Kitchen V1.3
No radio included. You will most likely have to flash
1.59.42.15 manually after installation of the rom.
Olio v1 GER (Rapidshare link)
Olioaglio
If been testing around with this thread and this one and made a successful rom, some how the xip files needs to be extracted, 3,4 MB is little low, cause the one i got was 3.8 MB.
I used buildos+package_tools-2.7.exe to build my package and htcrt.exe to build the rom. (i change model from KAIS***** to POLA***** to get working and flash able rom)
I will experiment more cause i need to convert raw dump to original rom for warranty
tomduke99 said:
I just tested without any modifications of XIP. I used the original XIP (os.nb.payload, imgfs.bin) delivered within the Kitchen. Only copied the SYS and OEM from the O2 ROM to the kitchen and tried to build a ROM. Result is a non booting ruu_signed.nbh.
Tom
Click to expand...
Click to collapse
Yes, the various Registry addresses change as the XIP build changes so we need to understand RGU's, DSM's etc. The uDk sticky is helpful
Because the kitchens require a "template" to re-build a ROM, I still believe that the most thorough method is to use the just-released WWE WM6.1 HTC ROM as this template. Extract it all, replace the XIP device-independent filesystem with a newer build, remove all the stuff you don't want from \OEM "packages" and re-compile.
This is struggle street maybe, but this jigsaw is a challenge.
I've downloaded a newer version from Shayder's kitchen (found here: http://forum.xda-developers.com/showthread.php?t=427962). There is another os.nb.payload template. With this version of the kitchen I was able to produce a working ruu_signed.nbh with the SYS and OEM folder from the new German O2 ROM. Encouraged by this result I then tried to change the Kernel parts from XIP 20753 and replace NETCF2 with NETCF3.5 - Result: working ROM with NetCF3.5. Many thanks to all guys helping me especially those who have developed Kitchen's, Tools etc.
At this point I have OS version CE OS 5.2.20753 but the Build is still 19965.1.2.3. Therefore the next step should be replacing the SYS parts with its equivalents from a newer Build.
Questions about this:
1. Can I use a SYS folder from another (newer) ROM without modifications?
2. How to build a ROM with German localization? Shall I only copy the language specific folders from the original ROM to the SYS-part of the new ROM?
3. Are there some other stuff? What about Registry settings for different languages?
....
I read so many threads but I'm still not sure what to do next.
Thanks.
Tom
tomduke99 said:
I've downloaded a newer version from Shayder's kitchen (found here: http://forum.xda-developers.com/showthread.php?t=427962). There is another os.nb.payload template. With this version of the kitchen I was able to produce a working ruu_signed.nbh with the SYS and OEM folder from the new German O2 ROM. Encouraged by this result I then tried to change the Kernel parts from XIP 20753 and replace NETCF2 with NETCF3.5 - Result: working ROM with NetCF3.5. Many thanks to all guys helping me especially those who have developed Kitchen's, Tools etc.
Tom
Click to expand...
Click to collapse
Yes, that's real progress.
BUT - list step-by-step exactly how you did it, please
This is the problem - many posts about being successful, very few listing the detail.
Version: 15/06/2009
Intro
Welcome; I wanted to offer a little "something" back to the XDA community in the hopes that will benefit others and to show my appreciation to the folks that make XDA the great community that it is. Hopefully, this guide will help you work your way up the ranks to Chef … let’s begin!
So here you are; in the heat of the kitchen, adding your favourite ROM ingredients ... pinch of this, sprinkle of that. Like all good chefs, you decide to take a taste of your preparation before serving to others – so you try it ... wait! you say, something is not right; you're positive you added the ingredients but it's not right. You carefully review all of the portions; seem right; so you decide to look at the ingredients and you realize … you need to change suppliers.
This guide is intended to help you learn how to port the Execute-In-Place (XIP) region from a new (donor) device for use in your kitchen; it will walk you through the process of extracting the contents of an Official ROM, obtaining the new (donor) device XIP, and porting the new (donor) device XIP into your kitchen.
Obtaining Execute-In-Place (XIP) Files
The Execute-In-Place (XIP) region is an area where an application can execute code directly from ROM rather than loading it from RAM. It is possible to use the xip.bin contents from a newer version of a ROM from a different device or a newer operating system. This is typically done by chefs who are looking for the most recent versions of system files from a specific device or version of an operating system.
The process requires that you obtain the newer xip.bin and the corresponding .\SYS folder from the desired device .NBH package. Although it is possible to obtain a pre-extracted xip.bin and corresponding .\SYS folder, it is always preferable to perform the extraction activities yourself when possible – this ensures that you have a complete .\SYS folder and the extracted xip.bin to work with.
Outro
The sections are intended to be followed in sequence as the last section should provide you with a final product that can be used in your kitchen – so you may want to read this guide once over before going through the motions … who am I kidding? You’re going to follow along aren’t you?
The guide does not cover the steps required to inject the changes from a new .\SYS folder to your existing kitchen .\SYS folder or the comparison (verification) of the boot.rgu and supporting .RGU files typically found in the new (donor) device.
Now for the disclaimer bit; I take no responsibility and will not be held liable for any problems you encounter with your device before and after following this guide … flashing a ROM is done at your own risk. If you spot mistakes or inaccuracies in the guide however, please let me know so that I may correct them. Now, read on if you still feel it necessary to change suppliers
Oh, one last thing ... special thanks to the following folks for sharing their knowledge with the rest of us ... thank you!
Ervius
Ameet
Aruppenthal
Bepe
Cmonex
Da_G
Olipro
If I missed someone, it's purely accidental – send me a note and I will add your name to the list.
[TUT] Sous-Chef's Guide to XIP Porting in Ervius Visual Kitchen 9.7 ... continued
Preparing Your Facility
Before you can begin to port an Execute-In-Place (XIP) region, you need to equip your facility with some Kitchen utensils. Your Kitchen is going to require a good Unicode & UTF-8 text editor; I personally use ConTEXT & Notepad. Another handy utensil to have is a hexadecimal file/binary editor; I use XVI32. You will also need an archive extraction utensil; I use IZArc, WinRAR, and WinZIP. You’ll also need a good Hexadecimal calculator; I use Windows Calculator (Scientific Mode).
It's also a good idea to ensure that your Kitchen remains "pest" free; common pest control services include AVG, McAfee, and Symantec anti-Virus. You may need to temporarily disable your Anti-Virus Rootkit scanner while performing binary editing and porting activities.
The procedures were tested against a GSM Raphael device. I can’t confirm that these procedures will work on CDMA device ROM’s. Additionally, some device XIP’s may not be compatible with the Raphael device.
For the purpose of this guide, I will assume that you have added the C:\XDA\ folder, sub-folder, and files to your anti-virus exclusion list. You will additionally require the Generic Visual Kitchen from the Sous-Chef's Guide to Da_G's Ervius Visual Kitchen 9.7 tutorial (http://forum.xda-developers.com/showthread.php?t=521632) – extracted to the following folder.
C:\XDA\DONOR_NBH_VISUALKITCHEN
The guide is divided into the following sections:
Extracting the RUU_SIGNED.NBH Contents .............. 3
Reducing the .PAYLOAD File .......................... 4
Obtaining the Donor XIP.BIN Contents ................ 5
Extracting the Donor MSXIPKernel .................... 6
Confirming the Completion of the Porting Activity ... 7
Unlocking and Sizing the Paging Pool ................ 8
Disabling Certificate Checking ...................... 9
Reducing the Update Loader (ULDR) Partition ......... 10
I will attempt to provide an overview, the list of tools required, and the process to follow in each section. As you become more comfortable (and familiar) with the activities, you will find that you can consolidate (or skip) certain outlined steps. Incidentally, you'll probably want to keep these web links open in case you need to lookup some of the terms or concepts in the guide.
Acronyms
http://wiki.xda-developers.com/index.php?pagename=Acronyms
Glossary
http://wiki.xda-developers.com/index.php?pagename=Glossary
Development Resources for Windows Mobile
http://forum.xda-developers.com/showthread.php?t=445396
Extracting the RUU_SIGNED.NBH Contents
An .NBH is a signed group of modules or packages; they are typically comprised of .NB files. An .NBH can contain any combination of .NB files. An .NB file is a block of code that can be a Radio ROM, Operating System packages (XIP and IMGFS), Startup Splash Screen (or SPL).
The file we will be working with is the OS.NB file; it contains the ULDR, XIP, and IMGFS (OEM, SYS). To extract the contents of an .NBH file, we initiate the Ervius NBH/NB/PAYLOAD Dumper tool from within the Generic Visual Kitchen.
Upon completion, the following files will have been extracted: OS.nb, OS.nb.payload. Additionally, the Ervius NBH/NB/PAYLOAD Dumper tool creates a DUMP folder that contains all the files required.
Tools Required:
The following Ervius Visual Kitchen tool will be used for the RUU_SIGNED.NBH extraction activities.
Dump NBH/NB/PAYLOAD
Procedure
The following procedure initiates the ROM extraction activity via the Ervius NBH/NB/PAYLOAD Dumper tool built into the Generic Visual Kitchen. The extraction process can take a significant amount of time to complete.
Copy the RUU_SIGNED.NBH file to the C:\XDA\DONOR_NBH_VisualKitchen\BaseROM\ folder.
Navigate to the C:\XDA\DONOR_NBH_VisualKitchen\ folder.
Launch ErviusKitchen.exe.
At the multiple warning messages, click OK.
Warnings that may appear include:
Folder Not Found
Could Not Find A Part Of The Path
You Need To Specify … First
Click the Dump NBH/NB/PAYLOAD button.
Navigate to the C:\XDA\DONOR_NBH_VisualKitchen\BaseROM\ folder.
Select the RUU_signed.nbh file and then click Open.
At the All Done... Nbh/nb/payload Dumped and ''Kitchen'' created Successfull!!! message, close the Ervius Visual Kitchen application.
Navigate to the C:\XDA\DONOR_NBH_VisualKitchen\DUMP\ folder.
Move the sub-folders (and content) to the C:\XDA\DONOR_NBH_VisualKitchen\ folder.
At the Confirm Folder Replace message, click Yes To All.
At the Confirm File Move message, click Yes To All.
Tip
The C:\XDA\DONOR_NBH_VisualKitchen\BaseROM\Dump\ folder should be empty at this point – and can be removed.
References
Sous-Chef's Guide to Da_G's Ervius Visual Kitchen 9.7
http://forum.xda-developers.com/showthread.php?t=521632
Reducing the .PAYLOAD File
At this point, the Ervius NBH/NB/PAYLOAD Dumper tool has removed the contents of the IMGFS (OEM, SYS) from the .PAYLOAD file in preparation for changes to the ULDR and XIP. Removing the IMGFS (OEM, SYS) contents from the .PAYLOAD file reduces the size of the .PAYLOAD file making it easier to work with.
The Ervius NBH/NB/PAYLOAD Dumper tool has placed a copy of the reduced .PAYLOAD file in the C:\XDA\DONOR_NBH_VisualKitchen\ROM\<donordevice>\ folder.
References
Sous-Chef's Guide to Da_G's Ervius Visual Kitchen 9.7
http://forum.xda-developers.com/showthread.php?t=521632
Obtaining the Donor XIP.BIN File
Once again, the Ervius NBH/NB/PAYLOAD Dumper tool has extracted the xip.bin file from the new (donor) device os.nb.payload file. All that is left for us to do is copy the extracted xip.bin file to the current (base) kitchen in preparation for extracting the MSXIPKernel files.
Procedure
The following procedure will copy the xip.bin from the C:\XDA\DONOR_NBH_VisualKitchen\ kitchen to our current (base) kitchen.
Remove the contents in the following folders in your current (base) kitchen (ex: C:\XDA\My_Visual_Kitchen) – do not remove the folder:
.\TOOLS\xip.bin_new\*.*
.\TOOLS\xip.bin_old\*.*
.\TOOLS\XIP_new_ported\*.*
Copy the xip.bin file from the C:\XDA\DONOR_NBH_VisualKitchen\ROM\<donordevice>\ folder to the .\TOOLS\xip.bin_new\ folder of the current (base) kitchen.
References
http://msdn.microsoft.com/en-us/library/aa909237.aspx
Extracting the Donor MSXIPKernel
The Execute-In-Place (XIP) region is comprised of two significant regions – the MSXIPKernel and the OEMXIPKernel. The OEMXIPKernel typically contains system drivers that are specific to your device. On very rare occasions, these drivers can be changed for newer ones.
The MSXIPKernel however, usually contains drivers that are specific to the version of Windows Mobile that you are using – in our case, Windows Mobile 6.1. There are many different methods for porting the MSXIPKernel drivers; each method may yield different build numbers. For example, some chefs use the 723*.DSM for the build number, others use the COREDLL.DLL module to obtain the latest build numbers.
For the purpose of this guide however, we will leave the OEMXIPKernel drivers as-is and use a simpler method for porting the MSXIPKernel drivers from a new (donor) device XIP for use in your kitchen – and not concern ourselves with the build number.
Once the MSXIPKernel is extracted from the new (donor) device xip.bin, the OEMXIPKernel will be extracted from the current (base) kitchen. Both contents will be merged into a new xip.bin file.
Tools Required
The following tools are required for the new (donor) device MSXIPKernel extraction activities.
XIPPorterEx & ROM Tools
Procedure
The following procedure will extract the contents of the MSXIPKernel from the xip.bin of the new (donor) device, the OEMXIPKernel from the current (base) kitchen, and merge them into a new xip_out.bin file.
Navigate to your current (base) kitchen (ex: C:\XDA\My_Visual_Kitchen) folder.
Launch ERVIUSKITCHEN.EXE.
From the Device list, select your device – such as Raphael.
Click the XIPPorterEx & ROM Tools button.
Clear the following check boxes:
Execute Cert Patcher
Execute PP Patcher
Change PP To MB
Click the PORT IT! button.
At the Cert Patcher: Successfully Nocert Patched! message, click OK.
At the ALL DONE! \XIP Ported And Patched Folder And ROMHDR.BIN Copyed Into \ROM\Raphael\ Folder message, click OK.
Close the XIPPorterEx & ROM Tools Tool.
References
Kernel Overview
http://msdn.microsoft.com/en-us/library/aa909237.aspx
Confirming the Completion of the Porting Activity
The OEMXIPKernel folder contents will be identical to the current (base) kitchen device – for example, Raphael. The MSXIPKernel folder contents will be those of the new (donor) device. To confirm that the new (donor) device XIP was successfully ported, verify the .\ROM\ folder location in your current (base) kitchen – you should see a new set of folders that correspond to the new (donor) device.
For example;
.\ROM\Raphael\<donordevicebuildnum>\OEMXIPKernel
.\ROM\Shared\<donordevicebuildnum>\MSXIPKernel
References
Sous-Chef's Guide to Da_G's Ervius Visual Kitchen 9.7
http://forum.xda-developers.com/showthread.php?t=521632
Unlocking and Sizing the Paging Pool
The Paging Pool serves as a limit on the amount of memory that can be consumed by pageable data. It includes an algorithm for choosing the order in which to remove pageable data from memory. Pool behaviour is typically determined by the OEM – Microsoft sets a default value for the paging pool, but the OEM can change that value. Applications do not have the ability to set the behaviour for their own executables or memory-mapped files.
To change the Paging Pool size, add the –PP ## command line option to the implantxip command found in the kitchen_build_rom.bat.
Tip
Spaces are usually required between command line options; the command line option should only appear once.
Newer versions of Ervius Visual Kitchen provide an Option button to set the Paging Pool size.
Disabling Certificate Checking
During the startup process of your device, the operating system verifies that each system file against an internal certificate store to ensure that each file is signed with a trusted certificate; if the system file is not signed, the file is ignored.
To allow execution of non-signed system files, we need to disable the internal certificate store verification. Once disabled, the operating system will trust all code installed regardless of its signature. This provides more control over the code that gets installed on the device – you no longer need to load and manually sign additional certificates such as those from the sdkcerts.cab into the device root certificate store.
To disable the certificate store verification, add the -NoCERT command line option to the implantxip command found in the kitchen_build_rom.bat.
Tip
Spaces are usually required between command line options; the command line option should only appear once.
Newer versions of Ervius Visual Kitchen provide an Option button to disable the Certificate Store verification.
Reducing the Update Loader (ULDR) Partition
The boot loader can accommodate multiple execute-in-place (XIP) regions where individual modules can be updated after the initial operating system image file has been written to the device – the ULDR is an example of this use. The Update Loader (ULDR) provides Flash-Over-The-Air (FOTA) capabilities permitting your carrier to issue changes such as Hotfixes over the cellular network – generally, most carriers avoid this practice.
As this is generally undesirable in a cooked ROM, since we are making modifications that a carrier Hotfix might roll back, we will reduce the partition. This will cause the device to report insufficient ULDR space to the carrier FOTA request … and the freed up space becomes available for our uses.
To reduce the Update Loader (ULDR) Partition, add the –ULDR command line option to the implantxip command found in the kitchen_build_rom.bat.
Tip
Spaces are usually required between command line options; the command line option should only appear once.
Newer versions of Ervius Visual Kitchen provide an Option button to enable or disable ULDR reduction.
13/02/2010: Tutorial Statistics
Views: 6,284
Guide Downloads: 261
Kitchen Downloads: N/A
Very clear and succinct.
Any plans to create a guide for adding and removing new/updated packages from other ROMs or cabs using the Visual Kitchen?
rling said:
Any plans to create a guide for adding and removing new/updated packages from other ROMs ...
Click to expand...
Click to collapse
Porting packages from another ROM requires a fair amount of work; specially if the package has graphic/resources that must be resized. I'm willing to write it up if a senior (experienced) chef is willing to share their know-how.
rling said:
... or cabs using the Visual Kitchen?
Click to expand...
Click to collapse
I don't personally use any application in .CAB form, only debugging tools. Here are a few threads that cover .CAB processing and how it can be implemented by chefs in their kitchens.
ROM Chefs: SDAutoRun gives customziation to everybody!
http://forum.xda-developers.com/showthread.php?t=366333
[UC] XDA_UC, Looking for Experienced Cooks to test New XDA UC.
http://forum.xda-developers.com/showthread.php?t=525810
How do you convert packages from an existing kitchen over to the new format?
I see in the package sample that there is an app.dat, app.reg and the files folder - is there a utility to do the conversion?
Thanks
DT
d_train said:
How do you convert packages from an existing kitchen over to the new format?
I see in the package sample that there is an app.dat, app.reg and the files folder - is there a utility to do the conversion?
Thanks
DT
Click to expand...
Click to collapse
Use these tools, Readme in the file
http://xda.b4pjs.co.uk/Kitchen Convertor.zip
thanks for that
19/08/2009: Tutorial Update
Had a few requests for this now.
Added .ZIP which contains each thread post of the tutorial for folks who want to create a similar tutorial format in other device forums. All I ask is that folks not blindly copy the contents of each post file - please proof-read your final product to ensure that it applies to the device in question.
Cheers,
How about a tutorial for extracting the OEMXIPKernel from your current device, that way we know we have a working one for our particular model?
Few questions:
Do you mean dumping the OEMXIPKernel directly from the device?
Did you discover an issue with the OEMXIPKernel that is extracted from an official HTC device ROM upgrade (.NBH) file via the Ervius Visual Kitchen?
If you are referring to something entirely different, give me a few example/scenarios as I'm not certain I get what you are asking.
Cheers,