[copy of __THIS_IS_MEANT_FOR_N9]
============= !!! ATTENTION !!! =============
[2012-03-04 14:49:22] [itsnotabigtruck] there's a bitfield for "security info"
in the calibration data region
that bitfield contains a "trusted bit"
now, ever since the beginning, flashing something that the phone-side flash
logic doesn't like will set it to off
and completely flashing everything will set it to on
(if everything = nokia legit)
however until PR1.2 that bit wasn't used for anything
now starting with PR1.2, a) NOLO checks if the trusted bit is off, and if so,
it acts as if the kernel was unsigned
b) NOLO turns the trusted bit off whenever booting into open mode ever
(including doing so just one time e.g. with the rescue kernel)
oh, also, it turns out that starting with PR1.2 you can't update
nolo/swcert/kernel from userland if you're in open mode
the net effect of that being that if you try to SSU from open mode,
it'll skip all the flashing parts at the end
[/itsnotabigtruck]
bottom line: since PR1.2, whenever you used an openmode kernel, no matter
if flashed or just loaded to RAM for one time usage, you'll be stuck at
openmode until you do a complete reflash of whole device.
Just flashing a stock kernel doesn't suffice to revert to normalmode.
And of course SSU doesn't work while you're in openmode
============= !!! ATTENTION !!! =============
The kernel in this directory (http://maemo.cloud-7.de/HARM/N9/openmode_kernel_PR1.1/zImage-2.6.32.39-dfl61-20113701 md5sum:0a8201a464f1167ad357d1c224548819)
is a patched kernel to neuter aegis and allow running harmattan in
open mode though it behaves (regarding aegis) like it's still in normal mode.
I.E. you won't see MALF or EPERM on any action you do, as long as aegis
would have triggered that on a stock harmattan system.
You however *WILL* see _immediate_ MALF on next boot to normal mode (i.e. when
flashing normal stock kernel then boot) if you dare to touch any of the aegis-
protected files as found in refhashlist.
This kernel is based on sources like found in
http://maemo.cloud-7.de/HARM/N9/openmode_kernel_PR1.1/SDK_Sources_PR1.1.ISO
and thus is meant for N9 with PR1.1. It however got tested and works as well
on N950 beta3, according to some reports.
All this got offered to you with no warranty implied or explicit, except
for the warranty you must be prepared to do a reflash eventually.
There's another similar openmode kernel in
http://maemo.cloud-7.de/HARM/N9/openmode_kernel_PR1.1/unpatched_openmode_kernel/
which isn't patched at all and will simply make harmattan switch to openmode,
due to the missing Nokia signature.
***This doesn't work as supposed! You can't install stuff for normalmode in openmode. MALF!***
The opensh
(http://maemo.cloud-7.de/HARM/N9/openmode_kernel_PR1.1/opensh/)
is an alternative way to do whatever you want, while running a
stock harmattan with a stock kernel, in normal aka secure mode.
You need to use any openmode kernel to install opensh, the mini_howto
explains how to load the kernel to RAM and then install the package,
there's no flashing of kernel involved.
((a hint for those who come from N900 and maemo: the patched kernel is the seed of a thing
like powerkernel, while opensh basically brings you true root like rootsh pkg on N900 does))
This is
NOT a hack or exploit,
======================
it's "official" open mode, implemented in a way that got actively supported by Nokia,
e.g. by the new NOLO that makes loading open mode kernel possible
Nokia is not supposed to frown at it and will (ought) not take any action to stop
or block this method.
Q: But isn't it a big security risk?
---------------------------------
A: Not at all, as user needs to boot into open mode kernel, something that no malware
could do. Of course once you switched "to the dark side" and got opensh installed
on your system, it is basically as safe or vulnerable to malware attacks as any other
linux system, maybe marginally better still thanks aegis.