Insecure Upgrade
Jump to navigation
Jump to search
This page is on how to re-flash an insecure laptop.
Save your developer Key if you have one
- Determine whether you have a developer key or a non-write protected machine.
- Start up the laptop, and press esc to get to the ok prompt when you get the chance.
- If the screen you are at has a little XO person on it and an unlocked lock symbol, you're laptop has a developer key.
- You should save your developer key before re-flashing, as it will be overwritten.
- Boot fully into sugar.
- Insert a clean usb key.
- Go to the terminal, and type:
- mkdir /media/{name_of_usbkey}/security
- cp /security/develop.sig /media/{name_of_usbkey}/security/
- Save this key for after you're done re-flashing, as you'll need to insert it to boot the laptop insecurely, and then you will want to copy it back to /security.
- Otherwise, you're laptop is not write protected.
- You can double check this by typing ok .mfg-data
- The first thing listed should be 'ww'
- You can either follow the section below on doing an 'Insecure Re-flash,' or you can do a secure re-flash by following the instructions on Activated Upgrade under 'Upgrade the Activated Laptop' and replacing the key with lease.sig on it with your key that has /security/develop.sig on it.
- Also note, that if you have a non-write protected machine, the firmware will not re-flash itself when you do a secure re-flash. The way to force this is to hold the 'x' button on bootup (with the key that has fs.zip and os{num}.img inserted). This will turn security on for just this boot, and the firmware will be re-flashed.
Insecure Re-flash
- First ensure you have a power adapter AND battery plugged into the laptop.
- For B3 or B4 units that have a really old build (406.14), you need to first flash the firmware
- Press the power button and hold all four gamekeys; then hit ESC when you get the message that you have 3 seconds to hit escape.
- Insert a USB key with the latest Firmware on it
- At the OK prompt type: 'flash u:{path_to_rom}'
- When it powers down hold the power button until it stays off (it will want to reboot).
- To put the latest signed image on the laptop, follow these steps
- Create a USB key with the os{number}.img and fs.zip file at the root.
- You can get these files from official releases
- Insert the usb key into the shut down laptop.
- If you are not up to the latest firmware, Power up the laptop while holding the X button (forces secure boot)
- When it says 'release the game keys', release the button.
- The laptop will rewrite the flash and reboot the laptop.
- Hit esc to get to the ok prompt, and powerdown the laptop (hold the power button)
- With the usb key inserted, power up while holding all four game buttons.
- When it says 'release the game keys', release all buttons.
- This will re-write the nand image.
- Once done with the nand re-flash, the laptop will reboot, and get to a prompt for a name.
- Press the Alt+Ctrl+Mesh keys together to get to the terminal, and check that the laptop is at the version you wanted.
- Type root, enter, and poweroff to shut down the laptop.
- Create a USB key with the os{number}.img and fs.zip file at the root.
- To put a development build on the laptop, follow these steps
- Create a USB key based on the page Autoreinstallation image
- Specifically, the section Autoreinstallation image#Preparing the autoupdate image
- Insert the USB key into the laptop
- If you aren't at the latest firmware, follow the steps above for flashing the firmware on B3, B4, etc...
- Power up the laptop while holding the square button.
- This will re-flash the nand image.
- When the laptop is done re-flashing, it will reboot the laptop up to the prompt for a name.
- Press the Alt+Ctrl+Mesh keys together to get to the terminal, and check that the laptop is at the version you wanted.
- Either shutdown the laptop by typing, root, enter, poweroff, or press Alt+Ctrl+Home to go back to the name prompt, and continue with the booting process.
- Create a USB key based on the page Autoreinstallation image