Nu11u5

I've added the link to the update file to the bottom of the OP. It's zipped down to the 12MB on account of the extra 28MB being zeroed. I left it this way just to be safe.

Some brave soul who hasn't updated yet can try placing this file in the proper directory and letting us know what happens, for example, if they reboot or go to Settings | Software Update. I have tried it on mine but I was already updated at the time - no prompts for an update.

Oh Snap! I keep messing up the path! Its fixed now!

Recommended code below, extract from zip and copy the fota_delta_dp file to the sdcard. Requires rooted phone.
As for the ROM dump, I used dd to read out the /dev/block/bml# block devices. These correspond to the phone's flash partitions on a physical level, with /dev/block/bml0!c being the entire flash device.

Friendly Advise: DO NOT TRY TO WRITE TO BLOCK DEVICES!

Anyway, the images dumped from the bml devices correspond to the partitions and files referenced in ODIN. I've compared the dumps per byte and they are the same. Partitions that contain file systems rather than raw data are headed with metadata (possibly a bitmap of file usage). The actual file system begins on offset 0xA80000 on these partitions.

The exception to this are bml1 and bml2. For both of these, the data from the 'arm9boot' file is split between them. These are different partitions on the device and have different functions during bootstrapping.

An arm9boot file consists of bml1 joined with bml2 at offset 0x200000 (the end of bml1).

Partitions 3, 10, and 11 are blank on my device.

Partition 7 seems to have some kind of file system on it, but has no corresponding ODIN image. Contents are unknown.

Partition 13 is 99% blank aside from a few stray bits at the very beginning.

Summery of block devices and partitions follows. Partition names originate from the 'partition' ODIN file (in the BOOTLOADER archive).

Partitions with file systems should be accessed via STL devices with no offset - edited table.
What this means is we can make custom ODIN images! If not by editing the partitions manually (or building them using tools) then by modifying them on the device and dumping it.

Update: Simply hexediting the flash file system header out so that the remaining image matches the contents of the original ODIN images does not seem to work.

The problem is that dumping the BML devices with files systems on them (vs RAW) produces an image that is too large. In the originals, all the files were allocated near the beginning of the ROM, and the rest was zeroed (in NAND flash this means 0xFF). After the update I noticed that files were allocated at the end as well. This means one cannot simply remove the extra zeroed space to make it fit for ODIN.

The STL devices work at a higher level, translating addresses in flash so they can work with normal file systems. Using an STL image instead of the edited BML image may work.

The downside of using STL devices for file system dumps is that they are only enabled on specific partitions. The good thing is these other partitions do not really concern us unless we want to edit the radio code (lets leave this alone).

Unfortunately the error in trying to flash the BML image forced me to ODIN back to the UVIJ6 firmware. Once I receive the update again I will test the new ROM dump and release a no-root-needed ROM update via ODIN if it works.

Last edited by Nu11u5; March 11th, 2010 at 12:49 PM. Reason: table fix, spelling