Build the Linux kernel

How to build a Linux kernel and flash it to the phone

Since the launch of the unlock boot loader site, we have received a lot of really great feedback. The Sony Ericsson Developer Program wants to continue to build on this open dialogue with external developers.

Developers and advanced users can now unlock the boot loader, which is the first step to be able to flash your own image. Now we have seen quite a few comments in different forums like the XDA forum, where developers run into problems when building their own image, and and trying to flash the image using Fastboot. With the help of our Master Software Architect, James Jacobsson, we put together a short article on how to do this.

Before moving on, we’d like to remind you again that there is no turning back when unlocking the boot loader. You may void the warranty of the phone, and you will not be able to revert the phone to a locked or original state if you unlock it.

What is the Linux kernel?
The Xperia™ line of smartphones run on the Android™, the mobile operating system based on the Linux kernel. Though it is only a small part of the operating system, the kernel ensures that all other processes in the system are synchronized to work together properly.

Why rebuild the kernel?
Rebuilding the kernel enables end users to make modifications to their devices that are normally not intended by the device manufacturer, such as theming the device by changing system icons and removing/modifying system components. Please note that Sony Ericsson is not recommending this.

Considerations before building your own kernel and reflashing your device
As mentioned in the beginning of this article, the first step is to unlock the boot loader. When the boot loader is unlocked, the sensitive data is removed, such as DRM certificates, and the user partition of the file system is wiped out. But all other functionality, such as the camera and other drivers, is left intact. Please note that content, like music files, that require the DRM certificate will not be accessible any more. But most importantly, you may void the warranty of your phone if you decide to unlock it. Aside from the considerations mentioned above, the functionality is there, just waiting for you to take advantage of it. So, if you’re ready, here’s how to get started.

Building the kernel
It takes a few main steps to build the kernel. Below we’ll show you how to build a Linux kernel and flash it onto the device.

Step A – Download the necessary software
Download the following software to get started:

  • The kernel source code can be downloaded from the copyleft archives on Sony Ericsson Developer World. You can use the file called 3.0.A.2.181_182.tar.bz2 for our Android™ Gingerbread devices. This is the source code for the Linux kernel as used in the Xperia™ PLAY.
  • The Fastboot client which is part of the Android SDK. This is the standard Android flashing utility. This allows you to flash the image you are about to create onto the device.
  • The Init RAM disk. The initial RAM disk (also known as the initrd) is the initial filesystem that the kernel will mount and start running processes off. You can configure the Init RAM disk to grant root access. How you create or download your own Init RAM disk is beyond the scope of this article.
  • The ARM cross-compiler. A cross-compiler is used to build ARM binaries on a different architecture, such as x86. This allows you to compile software (such as the kernel) into a format that the device can run. We recommend getting the CodeSourcery Lite compiler, especially the GNU/Linux variant, as you’ll need that if you want to build binaries for a full-blown Linux system on the device later. However, any EABI ARM compiler capable of compiling the Linux kernel should be enough for this step.

Step B – Building the kernel
To build the kernel, you first need to unpack the kernel. Once you’ve unpacked the kernel, you need to configure it, and then build it. The example below is based on you using the file called 3.0.A.2.181_182.tar.bz2.

1. Go into the kernel directory:

cd kernel

2. Configure the kernel:
ARCH=arm CROSS_COMPILE=/opt/arm-2010q1/bin/arm-none-eabi- make semc_zeus_defconfig

Note: Replace:
/opt/arm-2010q1

with where you installed your cross-compiler. Also, this example is for Xperia™ PLAY. Replace:
defconfig

with the following values depending on what device you want to configure it for:

Xperia™ PLAY semc_zeus_defconfig
Xperia™ arc semc_anzu_defconfig
Xperia™ neo semc_hallon_defconfig

3. Build the kernel:

ARCH=arm CROSS_COMPILE=/opt/arm-2010q1/bin/arm-none-eabi- make

Replace:
/opt/arm-2010q1

with where you installed your cross-compiler. Once done, you should have a compressed kernel-image in arch/arm/boot/zImage.

Step C – Getting a RAM disk
The RAM disk is the initial filesystem the kernel will mount before transferring control to userspace. How you create your own root filesystem is beyond the scope of this article, but you can use the following instructions to pack/unpack the file.

Unpacking (you have ramdisk.img, and want to create a directory of files out of it):

gzip -d - < ramdisk.img > cpio -idm

Packing (You have directory of files, and want to create ramdisk.img from it):
find . | cpio --quiet -H newc -o | gzip > ramdisk.img

Step D – Assembling the boot.img
Now that we have all the parts we need to create a flashable file. The next stop is to package the parts. To do this, you’ll need the program mkbootimg, which is part of the standard Android tree. If you don’t feel like compiling all of Android to get this tool, it is available to download from various trusted sites on the Internet.

Once you have the tool, this is the command to combine your kernel and RAM disk into a flashable file:

mkbootimg --base 0x00200000 --kernel kernel/arch/arm/boot/zImage --ramdisk ramdisk.img -o boot.img

Step E – Flashing the file
You should flash the file using Fastboot. If you’ve unlocked the boot loader on your device, you already have Fastboot.

1. To flash the boot.img file, use the following the command:

fastboot –i 0x0fce flash boot boot.img

2. Now, it will prompt you to connect your device. To do so, follow these simple steps:

  1. Make sure your device is powered down.
  2. Hold down the Search button (Xperia™ PLAY only) or the Back button (all other Xperia™ devices). The device’s notification light should shine blue to confirm it’s in Fastboot mode.
  3. Connect the USB cable.
  4. Flashing should now start and complete.

3. As a last step in the process, you need to reboot the device. You can either remove the USB cable and battery to power the device down. If you prefer, you can instead issue the following command (either method will work):

fastboot –i 0x0fce reboot

Important information!
Sony Ericsson does not guarantee any support on this, but we will monitor the Building the Linux kernel for Xperia phones thread on the XDA Developers forum. However, we cannot guarantee an answer for every question asked in this forum.

Additional information for experienced Linux kernel experts
The kernel is pretty standard, all the regular things you’re used to is there, and available to use. Things that are different are the memory config and the kernel commandline. The memory config is hardcoded (i.e., ATAGs aren’t used for this). It’s set in the board-file for your target, such as kernel/arch/arm/mach-msm/board-semc_zeus.c in the function msm7x30_fixup. The kernel commandline is also not fetched from the boot.img file, but compiled into the kernel (CONFIG_CMDLINE). Some arguments are also added from the boot loader.

Additional information if porting non-Linux format files to the device
The boot loader will accept any reasonably formatted boot.img file. For example, at the Android Kernel Git, you will see the format of the boot.img file. This allows you to create a boot.img file containing two loadable files (kernel+ramdisk), which will get loaded into RAM. Once the boot loader is loaded, it passes the control to the first instruction of the loaded kernel image. After control is passed, the kernel can rely on the data contained in the RAM disk already being loaded.

More information: 

Comments 90

Sort by: Newest | Oldest | Most popular

  1. By J Franks

    #1

    Thank you, but no thank you. Touching Sony stuff is too risky.

    I am a professional software developer doing embedded systems. I won’t risk my career and my existence by playing with my Xperia’s kernel or any other Sony software. All it takes is a Sony manager having a bad day and I am suddenly labeled as a criminal.

    You need creative developers? Hire some, instead of exploiting innocent kids and luring them into a legal nightmare.

  2. By shadowsora

    #2

    ironic cause the devs of x10 mini are doing their best to unlock the bootlader and for the 2011 phones are already unlocked….well its somehow unfair for the 2010 xperias but it’s a great move from SE THANK you se keep up like this

  3. By mongoose mcqueen

    #3

    i would have to say that sony has brought great shame on the Japanese people and judging by the comments above no trust and harsh reviews of their actions

    useless

  4. By eduardo

    #4

    best phone available, best multimedia brand, best os. this is awersome!!

  5. By Marsh Ray

    #5

    No thank you, I’m not going to fall for that trick again.

    Just how dumb do you think I am?

  6. By Gareth Nelson

    #6

    If it’s already on android it’s already running linux, but of course not a custom kernel.
    Knowing sony’s behaviour, they will lock the bootloader at some point once someone releases a custom kernel that still plays DRMed content and start suing anyone who dares to use this device as sony advertised.

  7. By DrSam

    #7

    Read somewhere:

    Will Sony remove this feature in a few months after the phones are selling well and then call the people who still want custom software criminals and hackers? I wouldn’t get my hopes up. History often repeats.

  8. By oiaohm

    #8

    Its not a trap as such. Note that unlocking the boot loader removes the DRM so removes options to use all DRM content.

    PS3 doing the same thing. Would have been you install OtherOS you now cannot play any play-station DRM protected games.

    Really I think sony has learnt a lesson. You cannot stop people from altering the hardware/software. If you stop them they break the DRM. Allowing altering the hardware/software. You have the option to delete and disable the drm.

    Really from my point of view. When hardware goes end of life the keys to unlock the device should be provided. So the device can be recycled into other uses.

    The device should be unlock-able before hand but just like this warranty is voided unless proven to be an model/batch defect. Unlocked does not have to have the means to run what it did before.

    This should be law in my eyes. To reduce ewaste.

  9. By cpunk

    #9

    It’s a trap!

    ps: do not forget OtherOS

  10. By Vitor

    #10

    This seems almost ironic considering Sony killed Linux on the PS3. [2]

  11. By James

    #11

    Still not enough to make me trust Sony again – they “supported” Linux on the PS3 then changed their minds and ripped it out. I hate to think what they’ll do to these phones when they change their minds in a few months time.

  12. By Anon

    #12

    Gee, this will be fun to tinker with for the next year or so till they disable it

    • By Pavneet Malik

      #13

      Please tell us how to get the bootloader unlocked for the carrier locked devices like the rogers branded arc ????, it does not boot to the fasboot mode to unlock the bootloader , what can we do
      Please reply me at pavneet1017@live.com, it is really important for me to know please someone let me know
      Thank you

  13. By Chris

    #14

    This seems almost ironic considering Sony killed Linux on the PS3.

  14. By Iceman

    #15

    Hi – Thanks for doing this – it’s really good to see SE helping out the devs.. What we really need at the moment, to go along with this is a method for recovery like Xrecorvery for X10, or CWM which has been used fairly widely elsewhere… If this something that SE developer world could/ would support?
    .
    Thanks.

  15. By me myself and i

    #16

    that’s not the bootloader, that’s the partition that the bootloader resides. you would have to decrypt the bootloader from that partition and find out how the separate modules interact with it, then try to decipher what keys are being used to access.

Show more comments

1-16 of 90 comments. Show all comments