Porting to S3 AT&T SAMSUNG-SGH-I747

[r2d23cpo]

I did sent you a couple emails. In general I like to port to S3

Phone SPECS
Chipset Qualcomm MSM8960 Snapdragon S4 Plus
CPU Dual-core 1.5 GHz Krait
ro.product.model=SAMSUNG-SGH-I747
ro.product.device=d2att
ro.product.board=MSM8960

MMC model type is MAG4FB nor VZL00M
1|root@d2att:/ # cat /sys/devices/platform/msm_sdcc.1/mmc_host/mmc0/mmc0:0001/fwrev
dcc.1/mmc_host/mmc0/mmc0:0001/fwrev < 0x0
root@d2att:/ # cat /sys/devices/platform/msm_sdcc.1/mmc_host/mmc0/mmc0:0001/hwrev
cc.1/mmc_host/mmc0/mmc0:0001/hwrev < 0x0
root@d2att:/ # cat /sys/devices/platform/msm_sdcc.1/mmc_host/mmc0/mmc0:0001/name
cc.1/mmc_host/mmc0/mmc0:0001/name <MAG4FB
root@d2att:/ # cat /sys/devices/platform/msm_sdcc.1/mmc_host/mmc0/mmc0:0001/oemid
cc.1/mmc_host/mmc0/mmc0:0001/oemid

I understand that your procedure was designed for Exynos devices. But it does not hurt to learn from you.

What I had done:
*I do own both broken and working donor device.
*I had patched and build kernel with your mmc.patch. I place inside TWRP recovery, it boots but "cat /proc/devices | grep mmcram” produce no output.
*I had browse /dev, /dev/blocks, /proc & /sys looking for mmcram. I can supply any data you ask.
*I Even added extra lines to patch hopping mmcram show up:

• MMC_FIXUP("MAG4FB", CID_MANFID_SAMSUNG, CID_OEMID_ANY, add_quirk_mmc,
• MMC_QUIRK_MOVINAND_SECURE),

Here the specs for MAG4FB for your comparison.

KLMAG4FEJA-A001.zip
https://forum.xda-developers.com/attachment.php?attachmentid=3220445&d=1426867305
Can you give me Ideas? Thanks ahead.

[r2d23cpo]

UHH I just found at XDA that we should use the following to get fw version
cat /sys/class/block/mmcblk0/device/cid | cut -b 19,20

witch produce "f1" just by lock

The whole string is
cd /sys/class/block/mmcblk0/device/
cat cid => 1501004d4147344642f17c1eb1165f76
cat name => MAG4FB
cat date => 05/2012

[r2d23cpo]

I am pretty sure you are a busy man. But I like to do some test on my side and at this starting point I feel afraid. As I do not want to hurt my working donor phone. I just need some advice.

Facts. I know your hack is not for “Chipset Qualcomm MSM8960 Snapdragon S4 Plus" nor ment to work for "MAG4FB " emmc. So there should be very litle hope. That is fine.

But I like to get atleast my firmware out of the working donor phone.

I already mention that "First option: use a patched kernel option" can not be used as "mmcram" do not show up after patching my kernel. So I can not download firmware using mmcram.

So I like to explore "Second option: dump using download mode. " and "exploit/sboot_exploit.py --shellcode shellcode/dump_fw.bin -o 0xf1.bin"

But you clearly talk about "You're adviced to use sboot XXELLA since the shellcode is only guaranteed to work against it, but your mileage may vary "

Here is where I need your advice.

1-Please take a minute of your spare time to advice me, what I need to take in consideration when modifying “ shellcode”.
2- Sources for XXELLA are gone. That make my shellcode modification almost impossible. Will it be possible for you to share your kernel source. And if you had any extra time share the 1rst 200meg ( or what ever you think is needed) of your Debrick prepared recovery SD card with XXELLA.

Those two think could allow me to continue exploring your method. If you prefer you could reply me to my email, just look at your mail. I you like I could provide pgp public key. Your choice.