Disable gnome-shell hotspot
I hate the new hot spot on gnome-shell. and as always with gnome, no option to disable it. here is a quick & ugly patch to accomplish that:
--- /usr/share/gnome-shell/js/ui/panel.org.js 2011-05-04 15:03:01.982247999 +0300
+++ /usr/share/gnome-shell/js/ui/panel.js 2011-05-04 15:03:13.175520693 +0300
@@ -761,7 +761,7 @@
},
_onCornerEntered : function() {
- if (!this._entered) {
+ if (this._entered) {
this._entered = true;
if (!Main.overview.animationInProgress) {
this._activationTime = Date.now() / 1000;
Reminisce: The early days.
The followings took place more than 10 years ago, so I guess no sensitive information is at risk.
Lesson one:
Your security is as strong as your weakest link.
It was my first week working for a big international bank. But instead of working, I got tons of bloated-out-of-proportion dossiers, which if I had stacked them one on top of the other, the height of them would be more than 1 meter tall. I didn’t believe they actually expected me to read page by page all these how-to-deal-with-our-systems boring stuff, but a quick check with my new co-workers revealed they all actually read it all (and I guess some of them could even cite large parts…). Well, it wasn’t for me. However, I was not granted permission to the system until I have finished reading and mastering all the regulations described on those manuals. So I figured, two weeks should be a good time to do nothing. great.
Alas. I was bored.
Image via Wikipedia
I stared at my Windows unlock dialog. CTRL-ALT-DEL. No username yet. So my best bet was – either grab someone else’s user/pass, or stick to what I know – Administrator always exists. I had a good hand, the dealer was on my side. I by-passed the lame Windows’ security and logged on (it doesn’t matter how, there are SO many ways of doing so). The day after, I decided to come clean with my new boss (a stupid british executive) which proved itself as a bad idea (at first) – he yelled at me, didn’t even bother to notice the lack of security nor the easiness of the break, but only got upset about “how dare I do something like that which page 63 on dossier 121 clearly states is forbidden!” (or something similar). He concluded that I should never ever try anything like that in the future, that I should finish reading my manuals, and we’ll see how we continue from there. He also stated that this is a serious business, and he will keep this accident to himself for the time being since I’m new.
Needless to say, when I got back home that day, I felt lousy. I felt like I just lost this job. But on the other hand, I was thankful to my new boss to not advertise my ‘bad’ doings, so I still had little hope. My bad.
Come the day after. I got to work at about 9:00, flipping pages in the manuals, trying to win back my boss’s trust. It was about 12:00 when I was asked to get to the management building. My boss gave me a ‘bye bye’ look as I was walking out the department. I knew my days at that place are over.
An hour later, I was a new man. The manager who was informed of my ‘break-in’ (yea, my boss’s word turned out to be worthless) was one of the vice-presidents of the company, and showed great interest at my findings, asked me to elaborate to the IT-administrators how this should be prevented, and asked me to continue doing so, as long as I inform him personally (couple of months later he got his password mailed to him, after I found the Administrator password encrypted in some vbs file on the LAN, which allowed me to run lophtcrack for a weekend. He was pleased 
), and so I did. He also asked me if there is anything I would like to have while working. I had only two requests: To work at my own (crazy) hours, and a new boss. I got both.
Some notes about Android Security
Android Security (Image from http://www.mushive.com)
I had the time to take a long look on Android security. I found some Android Anti-Virus programs which aren’t much different from their Windows counterparts – they work by scanning APKs for known files using a signature database. This can easily get by-passed using encryption, polymorphic code, and similar methods. Needless to say, none of them will detect a new Android exploit/virus trying to take over the system.
Regarding Android exploits, I found out Google had fixed version 2.2.1 so running in-app exploits doesn’t work anymore (I thought its the use of /dev/ptmx which enables applications to connect to shell, but apparently it’s not since no fix relating to this has been issued, yet using /dev/ptmx doen’t work on 2.2.1 as on 2.2). Running exploits thru ADB shell, one can still obtain root (even with the new ADB binary found on 2.3) although many known exploits doesn’t work any more (rage, exploiting hotplug). I also found one troubling Linux exploit from exploit-db.com which poweroff my Android device. Although atm this attack is only a denial-of-service, one might ‘upgrade’ it for privilege escalation. To summarize ADB Android exploit status:
2.2 – adb shell exploitable, in-app exploitable
2.2.1 – adb shell exploitable, in-app not exploitable
2.3 – adb shell semi-exploitable, in-app not exploitable
So we can see the progress Google had made, but it’s not perfect yet.
Also, Google is pushing a silent update to prevent in-app exploits in current version (someone told me it’s not even for 2.2.1 which points to 2.2 as the candidate). I guess we’ll know shortly.
Some important links to watch:
http://c-skills.blogspot.com/
http://imthezuk.blogspot.com/
http://www.accessroot.com/
http://strazzere.com/blog/
http://dtors.org/
http://jon.oberheide.org/blog/
http://thomascannon.net/projects/android-reversing/
http://blog.stalkr.net/
Android Security – http://androidsec.net
Finally I put most of the info in the public domain – the Immunizer is done, and I feel I’ve took the right approach (not releasing the sources asap but waiting instead).
I also published the quick fix info for ROM modders on XDA forums so all customized ROMs should be immuned without the need for Immunizer.
Although Immunizer is a free app, installing it from the market costs $1. I still debate among myself whether to use paypal instead – the problem with ‘paypal’ is that it’s not as simple for the end-user. Any suggestions are welcome.
Having some fun with your own Access Point
Setting up your own Access point on your computer to achieve:
Automate creating a “Fake Access Point” and “pwn” whoever connects to it.
http://g0tmi1k.blogspot.com/2010/09/scriptvideo-fakeappwn-v03.html
Upside-Down-Ternet
http://www.ex-parrot.com/peter/upside-down-ternet.html
I think thats the best usage for your own Access Point. If I find more, I’ll update this post.
Driftnet – A picture is worth a thousand words
This post (and probably the following ones) is a result of my latest work – teaching Information Security at “Shenkar”.
The driftnet utility is known for its very malicious behaviour, and as such, its a great tool to demonstrate to my students what type of information can be easily grabbed off the network. And you know – A picture is worth a thousand words… So using driftnet is great, especially when it’s coupled with a backgrounded tcpdump using a simple filter. But lets talk about driftnet first:
The default driftnet package is compiled without html output support, although the sources contain all that is needed (except for a switch to enable it…). So, to enable html output, either change the line in driftnet.c
from
enum mediatype extract_type = m_image;
to
enum mediatype extract_type = m_image | m_text;
or use the better option and add ‘-t’ option to be able to toggle it. Also, to reduce useless html output you might want to add this ugly hack to http.c (under dispatch_http_req):
if (memstr(p, len - (p - data), "\r\nAccept: */*", 13)) return;
I know this is a bad hack but it cuts down most of the useless info embedded in html pages.
One last fix to driftnet is removing the last ‘xfree(tmpdir);’ which I didnt investigate why is it there in the first place (probably due to one of the patches I applied from here)
(another patch I always add is to maximize the gtk window… but its optional ofcourse – it’s just a matter of adding ‘gtk_window_maximize(window);’ to display.c)
Ok, so once you have a patched driftnet which also sniff http requests, lets fire it up
driftnet -t -i wlan0
You should know by now ‘-i’ is to set which network card to use. Usually this is redundant.
That was simple enough. But this gives way too much info on a busy LAN. Lets filter out all the info from our own computer (assuming our ip is 10.0.0.1)
driftnet -v -t "not src or dst host 10.0.0.1"
The quoted string is a pcap filter which driftnet applies when sniffing the network, telling driftnet to exclude packets from/to 10.0.0.1.
If we want to sniff only a specific target (assuming our target is 10.0.0.1) we use:
driftnet -v -t "host 10.0.0.1 and port 80"
I hope you get the idea. You can customize the filter to your likings.
Now lets run tcpdump with a simple password filter:
tcpdump -Avnes -0 | grep -i pass
Which can also be achieved by using
ettercap -T -e "pass|username"
And thats it. This is usually enough for unsecured networks. Most of the time my students won’t like what they see.
Introducing z4control – Android app to control your system (and lagfix)
This is my first Android app, so please be nice.
Source can be found here: https://github.com/z4ziggy/z4control
And here are some screenshots:
z4root – gain easy root on your Android.
Ok, so its already in the market thanks to RyanZA who did a great app to ease the exploit usage for the masses. But for those of you who want to know how this works – read on.
The exploit used is rageagainstthecage – it will spawn a adb process to gain root. once it gains root you can connect to it using adb, or, like z4root, using a terminal to create a new shell process, which will automatically gain root privileges. Here is the step by step :
1. Install Terminal Emulator from the market (or use adb if you wish)
2. Download rageagainstthecage, extract, and copy rageagainstthecage-bin to your Android device
3. move rageagainstthecage-bin to /data/local/tmp or /tmp or whatever other directory you can execute from
4. do ‘chmod +x /data/local/tmp/rageagainstthecage-bin’ and execute rageagainstthecage-bin
5. open Terminal Emulator or connect to the device using ADB – the session will open with root privileges. Install su, busybox, whatever, and reboot.
z4mod – a quick update
Well, z4mod seems to be catching on thanks to RyanZA excellent web interface which allows everyone (ie, not linuxers) to patch their kernel easily with z4mod. This enhancement boosted z4mod usage and I am proud to say this is my most popular project yet. The only problem I’m facing is time – my TODO list is getting bigger and bigger, work gets stacked as I neglect everything and try to squeeze some more work on z4mod…
The new z4mod version (which was secretly scheduled for earlier this week… good thing i kept it a secret ) is taking shape slowly and fixes many of the problems our beta-testers reported – initramfs is getting too big with patched kernels. I also reduced memory consumption by compiling a static uclibc busybox to do only the init wrapper tasks – thats 1.5MB less memory used by our z4mod patched initramfs.
Also, we modularized the entire process so people can select which options they would like to apply into the patched z4mod initramfs, and same goes for the update.zip files – we will allow users to create on the fly update.zip files which will convert whatever partitions they choose, install optional binaries (root, busybox, etc) and more.
And lastly – a request to the readers of this blog – if any of you can make a nice z4mod logo I’d appreciate it, since the current one stinks (yea, I made it…).
z4mod – updated
So I had to change quite a bit, and instead of one script I am now handling 3:
Im presenting the scripts as-is, so you can add your own remarks as we continue.
I am aware of the fact that ext4 is better suited, but for the testings ext3 should suffice, since it simplifies my work.
The change to the initramfs init scripts is minor. consider the following mount command:
mount rfs /dev/block/stl11 /cache nosuid nodev check=no
it will be replaced with:
mount ext3 /dev/block/stl11 /cache noatime nodiratime || mount rfs /dev/block/stl11 /cache nosuid nodev check=no
Thats it. no bogus hacks, scripts, patches, etc.
Ideally, z4mod could be applied to many roms, as long as it supports the targeted filesystem.
The rest of the partitions will be added to the code soon – this is only a proof-of-concept.
[UPDATE:]
I’ve updated the scripts in this post, and I will continue doing so until I decide how to proceed with the project (github, etc).
The z4build now supports all RFS partitions, soon the updater-script will too.
[UPDATE 2:]
I’ve updated the scripts. It doesn’t mean you can test them, it means we are one step closer.
The /cache (which i use for testings) mounts perfectly fine automatically with ext2.
The /data is being formatted, converted to ext2, the device reboots, and it shows as RFS again. Thats the last bug. Once we squash it, I guess we can call this Alpha
[UPDATE 3:]
This is the last update before official Alpha release. The code has been redesigned and recoded, keeping KISS in mind. This project is without a doubt a community project – I simply put to commands what great XDA developers posted and explained in words on the forums. So kudos to us all
THIS HAS NOT BEEN TESTED YET! 100% IT WILL CRASH!
I am posting this only for reference, so you can see where z4mod is headed.
WARNING: DO NOT USE THIS YET.
z4build:
#!/bin/bash
###############################################################################
#
# z4build by Elia Yehuda, aka z4ziggy, (c) 2010
# part of the z4mod project - a ROM mod without RFS.
#
# extracts initramfs from a given zImage, patch it to allow ext2/3/4 mounts,
# and repack it.
#
# Released under the GPLv2
#
# many thanks goto various coders & Android hackers out there who made this
# possible: supercurio, Unhelpful, dkcldark, RyanZA, XDA & modaco forums.
#
# WARNING:
# FOR YOUR OWN SAFETY, IF YOU CAN'T FOLLOW THE SCRIPT, AVOID USING IT.
# USE AT YOUR OWN RISK! NO WARRANTIES WHAT SO EVER!
#
# zImage extraction script copied from here:
# http://forum.xda-developers.com/wiki/index.php?title=Extract_initramfs_from_zImage
#
# kernel_repacker taken from here:
# http://forum.xda-developers.com/showthread.php?t=789712
#
# TODO:
# - As RyanZA suggested, maybe patch and change each 'mount' to 'z4mount'
# and use a dedicated shell script. It would give us better control over the
# whole init/mount process. This will also fix the two-mounts issue, but it
# also adds dependency on busybox binary to be added to the initramfs.
# - Add a simpler kernel_repacker
# - Fix the kernel unpacker. It's useless for custom kernels.
# - Release final version (1.0) only after all TODOs are completed
#
# Changelog:
# - 0.1 initial release
#
# - 0.2 recoded to fit update.zip method
#
# - 0.3 added support for all RFS parititons
#
# - 0.4 minor cosmetic changes and cleanup
# fixed the grep path
# fixed check if zImage exists
#
# - 0.5 fixed the sed command (replaced '||' with '\n')
#
# - 0.6 fixed the sed again
# changed the mount parameters
#
# - 0.7 added patcher to the binary 'init' (thanks to Unhelpful)
#
# - 0.8 'auto' option doesn't work for mount, reverted to $FORMAT, so either
# use a mount wrapper (z4mount) to get 'auto' or forget it.
# fixed another sed bug ([^#])
#
#
###############################################################################
###############################################################################
#
# SETTINGS: You must provide valid path to kernel_repacker below
#
###############################################################################
# set -x
# where to find kernel_repack/editor.sh
KERNEL_REPACKER=/home/ziggy/code/android/kernel_repacker/editor.sh
# which format would you like to change your filesystem to:
# make sure it is supported by the kernel!
FORMAT=ext2
# No need to change anything below this
###############################################################################
#
# general functions
#
###############################################################################
C_H1="\033[1;37m" # highlight text 1
C_ERR="\033[1;31m"
C_CLEAR="\033[1;0m"
# helper functions:
printhl() {
printf "${C_H1}${1}${C_CLEAR} \n"
}
printerr() {
printf "${C_ERR}${1}${C_CLEAR} \n"
}
exit_error() {
printerr "$1"
rm -rf /tmp/z4mod
exit 1
}
###############################################################################
#
# checking parameters and initalize stuff
#
###############################################################################
# Making sure we have everything
if [ -z "$1" ] || [ ! -f $1 ]; then
exit_error "[E] Can't find kernel: $1"
fi
if [ ! -f "${KERNEL_REPACKER}" ]; then
exit_error "[E] Can't find kernel_repacker"
fi
printhl "\n[I] z4build begins, going to try and patch $1"
# We can start working
rm -rf /tmp/z4mod
mkdir -p /tmp/z4mod/initramfs
###############################################################################
#
# extract the initramfs.img from zImage
#
###############################################################################
zImage=$1
#=======================================================
# find start of gziped kernel object in the zImage file:
#=======================================================
pos=`grep -P -a -b --only-matching $'\x1F\x8B\x08' $zImage | cut -f 1 -d :`
printhl "[I] Extracting kernel image from $zImage (start = $pos)"
dd if=$zImage bs=1 skip=$pos | gunzip > /tmp/kernel.img
#===========================================================================
# find start and end of the "cpio" initramfs image inside the kernel object:
# ASCII cpio header starts with '070701'
# The end of the cpio archive is marked with an empty file named TRAILER!!!
#===========================================================================
start=`grep -a -b --only-matching '070701' /tmp/kernel.img | head -1 | cut -f 1 -d :`
end=`grep -a -b --only-matching 'TRAILER!!!' /tmp/kernel.img | head -1 | cut -f 1 -d :`
end=$((end + 10))
count=$((end - start))
if (($count < 0)); then
exit_error "[E] Couldn't match start/end of the initramfs image."
fi
printhl "[I] Extracting initramfs image from /tmp/kernel.img (start = $start, end = $end)"
dd if=/tmp/kernel.img bs=1 skip=$start count=$count > /tmp/z4mod/initramfs.img
###############################################################################
#
# extract initramfs.img, patch the binary init, patch the scripts and add
# additional mount, repack initramfs, and repack a new zImage
#
###############################################################################
printhl "[I] Extracting initramfs compressed image"
(cd /tmp/z4mod/initramfs/; cpio -i --no-absolute-filenames < /tmp/z4mod/initramfs.img)
# patch the init binary
PATCHED="false"
for INIT_FILE in "init" "sbin/init" "bin/init"; do
ELF_SIGNATURE=`file -b /tmp/z4mod/initramfs/${INIT_FILE}`
if [ "${ELF_SIGNATURE:0:3}" == "ELF" ]; then
printhl "[I] Patching ${INIT_FILE} binary"
sed -i 's/mmcblk0\x00/\x00mcblk0\x00/g' /tmp/z4mod/initramfs/${INIT_FILE}
sed -i 's/mmcblk0p2\x00/\x00mcblk0p2\x00/g' /tmp/z4mod/initramfs/${INIT_FILE}
PATCHED="true"
break
fi
done
if [ "${PATCHED}" == "false" ]; then
exit_error "[E] Couldn't find a valid init executable"
fi
# loop on all known rfs partitions and add our $FORMAT mount prior to the RFS mount
#for PART in "stl9 /system" "mmcblk0p2 /data" "stl10 /dbdata" "stl11 /cache" "stl3 /efs"; do
for PART in "stl11 /cache" "mmcblk0p2 /data"; do
# Making sure we are not re-patching the initramfs scripts
if [ "`grep "mount ${FORMAT} /dev/block/${PART}" /tmp/z4mod/initramfs/*.rc`" ]; then
printhl "[I] Skipping ${FORMAT} support for ${PART} - ${FORMAT} is already supported"
else
printhl "[I] Adding ${FORMAT} support for ${PART}"
sed -i "s|[^#]mount rfs /dev/block/${PART}*|# Added by z4mod\nmount ${FORMAT} /dev/block/${PART} nosuid nodev noatime nodiratime errors=continue\nmount rfs /dev/block/${PART}|g" /tmp/z4mod/initramfs/*.rc
fi
done
#echo paused
#read key
printhl "[I] Saving patched initramfs.img"
(cd /tmp/z4mod/initramfs/; find . | cpio -H newc -o > /tmp/z4mod/initramfs.img)
printhl "[I] Repacking zImage"
OLD_PATH=`pwd`
pushd `dirname ${KERNEL_REPACKER}`
rm -f new_zImage
${KERNEL_REPACKER} ${OLD_PATH}/zImage /tmp/z4mod/initramfs.img
popd
if [ ! -f `dirname ${KERNEL_REPACKER}`/new_zImage ]; then
exit_error "[E] Failed building new zImage"
fi
printhl "[I] Moving new kernel to current dir"
mv `dirname ${KERNEL_REPACKER}`/new_zImage zImage
rm -rf /tmp/z4mod
printhl "[I] Done."
updater-script:
# z4mod updater-script
# TODO: assert fsck.ext2 exists!
ui_print("");
ui_print("--[ z4mod Convert, by Elia Yehuda");
ui_print("--[ (c) 2010, GPLv2");
ui_print("");
ui_print("--[ Starting convert process");
ui_print("--[ This WILL take a while...");
ui_print("");
show_progress(0.1, 0);
# we must have /sdcard mounted to host compressed files
mount("vfat", "/dev/block/mmcblk0p1", "/sdcard");
assert( is_mounted("/sdcard"));
#delete("/sdcard/z4mod.log");
ui_print("--[ Extracting /system");
package_extract_dir("system", "/system/");
# make sure busybox/sh can run
#set_perm_recursive(0, 2000, 0755, 0755, "/system/xbin");
#run_program("/system/xbin/busybox", "--install", "-s", "/system/xbin/");
set_perm(0, 0, 04755, "/system/xbin/busybox");
symlink("/system/xbin/busybox", "/system/xbin/sh");
show_progress(0.1, 0);
#
# Start converting partitions
#
package_extract_file("z4mod", "z4mod");
set_perm(0, 0, 04755, "z4mod");
# Converting /cache for testings only - should be removed
ui_print("--[ Converting /cache");
show_progress(0.3, 5);
# TODO: consider removing assert - don't want to exit on error...
assert( run_program("z4mod", "cache", "stl11"));
#
ui_print("--[ Converting /data");
show_progress(0.3, 120);
# TODO: consider removing assert - don't want to exit on error...
assert( run_program("z4mod", "data", "mmcblk0p2"));
#
# Finished converting partitions, now we reboot
#
# Flashing the kernel for my testings only, needs to be removed.
ui_print("--[ Flashing kernel, will reboot when done...");
package_extract_file("redbend_ua", "redbend_ua");
package_extract_file("zImage", "zImage");
set_perm(0, 0, 0755, "redbend_ua");
show_progress(0.1, 5);
run_program("redbend_ua", "restore", "zImage", "/dev/block/bml7");
#
ui_print("--[ Done. rebooting now...");
show_progress(0.2, 0);
run_program("reboot", "now");
z4mod:
#!/system/xbin/sh
#
# z4mod, by Elia Yehuda, (c) 2010, GPLv2
# backup a partition, format, and restore
#
# TODO: Better backup - dump rfs partition as image,
# mount as loop to restore data, dump using redbend_ua/dd for recovery.
# It adds a bit of complexity to the code (loop), but _much_ more safe.
#
# TODO: *cough* Check for free space *cough*
set -x
(
export PATH=/:/system/xbin/:$PATH
halt()
{
umount /${partition}
if [ "${partition}" == "data" ]; then
umount /dbdata
busybox rm -f /sdcard/mmcblk0.mbr
fi
exit 1
}
busybox cat <<EOF
###############################################################################
#
# starting z4mod, logging into z4mod.log
# `busybox date`
#
###############################################################################
EOF
[ `busybox which parted` ] || exit 1
[ `busybox which mkfs.ext2` ] && format=mkfs.ext2
[ `busybox which mkfs.ext3` ] && format=mkfs.ext3
[ `busybox which mkfs.ext4` ] && format=mkfs.ext4
[ "${format}" == "" ] && exit 1
[ `busybox which fsck.${format/*mkfs./}` ] || exit 1
# TODO: Test mkfs first, check if our running kernel supports this fs!
# The user must pre-install a kernel supporting this fs!
#dd if=/dev/zero of=/sdcard/tmp.img bs=1024 count=1K
#${format} -F /sdcard/tmp.img
#mkdir /sdcard/z4mnt
#ext_type=${format/*mkfs./}
#mount -t $ext_type -o loop /sdcard/tmp.img /sdcard/z4mnt
#fs_is_supported=$?
#umount /sdcard/z4mnt && rm -r /sdcard/z4mnt
#rm -f /sdcard/tmp.img
partition="$1"
devblock="$2"
# /system takes special handling before we can unmount it
# TODO: NOT TESTED YET!
if [ "${partition}" == "system" ]; then
busybox killall adbd
busybox killall recovery
fi
# we unmount and remount target - exit on failure
busybox umount /${partition}
busybox mount /dev/block/${devblock} /${partition} || exit 1
# remove old backup if any
busybox rm -f /sdcard/${partition}.tar.bz2
# we need to add /dbdata contents to the backup
if [ "${partition}" == "data" ]; then
busybox mkdir /dbdata
mount -t rfs -o nosuid,nodev,check=no /dev/block/stl10 /dbdata || halt
#busybox mount -t rfs -o nosuid,nodev,check=no /dev/block/stl10 /dbdata || halt
# backup target - exit on failure
busybox tar zcvf /sdcard/${partition}.tar.gz /${partition} /dbdata || halt
else
# backup target - exit on failure
busybox tar zcvf /sdcard/${partition}.tar.gz /${partition} || halt
fi
# umount - exit on failure, no harm is done
busybox umount /${partition} || halt
# we have to recreate the partition as ext2/3/4 in the partition table
if [ "${partition}" == "data" ]; then
# backup the current partition table
busybox dd if=/dev/block/mmcblk0 of=/sdcard/mmcblk0.mbr bs=512 count=1
# grab the current (RFS) start/end partition layout
start_end=`parted -s /dev/block/mmcblk0 unit B print quit | busybox grep '^ 2' | busybox awk '{print $2,$3}'`
# extract the ext type from the mkfs.???? name so we know what ext type are we dealing with
ext_type=${format/*mkfs./}
# remove the 2nd partition, and recreate a primary partition of type ext2/3/4
parted -s /dev/block/mmcblk0 rm 2 unit B mkpartfs primary ${ext_type} ${start_end} quit
# need to bail out on error, but parted always returns error...
# if [ $? != 0 ]; then
# # restore the partition table
# busybox dd if=/sdcard/mmcblk0.mbr of=/dev/block/mmcblk0 bs=512 count=1
# exit 1
# fi
fi
# Format partition with optimized settings (TODO: restore on error)
# TODO: check why '-E lazy_itable_init=1 -O sparse_super,uninit_bg' doesnt work (with ext2 testings)
${format} -L ${partition} -b 4096 -m 0 -F /dev/block/${devblock}
# tune the filesystem - check every 100 mounts or 30 days
tune2fs -c 100 -i 30d -m 0 /dev/block/${devblock}
# mount the new filesystem - exit on failure (TODO: restore on error)
busybox mount /dev/block/${devblock} /${partition} || halt
busybox tar zxvf /sdcard/${partition}.tar.gz -C /
ret=$?
[ $ret == 0 ] && rm /sdcard/${partition}.tar.gz
# umount
busybox umount /dev/block/${devblock}
if [ "${partition}" == "data" ]; then
umount /dbdata
busybox rm -f /sdcard/mmcblk0.mbr
fi
exit $ret
# everything is logged into /sdcard/z4mod.log
) >> /sdcard/z4mod.log 2>&1
