Title: What is Radio.img; why downgrades fail Post by: ZduneX25 on July 29, 2010, 02:09:29 pm Since I see many questions about the radio.img; I'll try to explain it:
radio.img is a image of partition table + several partitions, which are defined in the header. You can open the file in hex editor and see it (starting at 0x18 offset): MAGIC-NOTHING2DO: does nothing OTA-QCSBL-UPDATE: updates qcsblhd_cfgdata.mbn and qcsblsec.mbn OTA-OMSBL-UPDATE: updates oemsblhd.mbn and oemsblsec.mbn OTA-RADIO-UPDATE: updates amsshd.mbn and amsssec.mbn (the actual baseband firmware) OTA-APSBL-UPDATE: updates appsboothd.mbn and appsbootsec.mbn OTA-CEFS--UPDATE: updates cefs.mbn (on some radio.img files this is done implicitly) !BE AWARE THAT THE BOOTLOADERS ARE SIGNED! Not all have to be present in the radio.img, but so far I always found oemsblhd.mbn and oemsblsec.mbn in it. The oemsblhd.mbn and oemsblsec.mbn is the blue bootloader and it will prevent downgrading to a lower version. This will prevent you from flashing old radio.img. In the firmware superthread, I called these firmwares "STICKY". Bootloaders with version 05.15+ will prevent you from using the old RAMDLD with exploit and won't let you to downgrade back to 04.CC bootloader (or we have not achieved that yet (without root permissions)). The new Mbn (De)packer (https://motohell.com/index.php?topic=5832.new#new) (version 1.1g) is also able tho extract the radio.img into the partitions. They are named as if you were extracting them from the shx / sbf. All credits to: Skrilax_CZ |