Tuesday, January 3, 2012

Google Wallet Hack - Applying Card Emulation Patch to Android 2.3.4_r1 Source Code and Flashing it on Samsung Nexus S


Its 1:14 am and I though of jotting down all those steps which  I have encountered in flashing the Custom images on the Samsung Nexus S in bringing it on the Card Emulation Mode.It is the mode in which the Phoen can emulate as a Card(Credit card ).Thanks tom0rtadelo on xda developer site and his post -> http://forum.xda-developers.com/showthread.php?t=1281946 ( i think his real name is Fernando Miguélez Palomo , I would be glad if I would be corrected here.)
Ok So here are the steps I have followed and able to get the Nexus S in the Card emulation Mode(I dont know if it really is, looking for examples and tests to test this these days)


mkdir ~/bin
PATH=~/bin:$PATH
curl https://dl-ssl.google.com/dl/googlesource/git-repo/repo > ~/bin/repo
chmod a+x ~/bin/repo
mkdir nfc-card-emu
cd nfc-card-emu
repo init -u https://android.googlesource.com/platform/manifest
repo init -u https://android.googlesource.com/platform/manifest -b android-2.3.4_r1
repo sync

Above step will take some 3-4 hours to get the Whole Android tree for 2.3.4_r1.
I am downloading this tree as the NFC Card Emulation patches are available for this only.

you will have this directory -> /Android-2.3.4_r1 under nfc-card-emu after the above step > Android-2.3.4_r1


Downloading the source code : 
Now download the patches from here - > http://forum.xda-developers.com/showthread.php?t=1281946    its name is --> 
File Type: zipgb-2_3_4_r1-patches_nfc-ce_bt-fd-20110929.zip 

Copy this patch in the /Android-2.3.4_r1 folder insid nfc-card-emu  and unzip it using unzip gb-2_3_4_r1-patches_nfc-ce_bt-fd-20110929.zip 


You will get these files  : gb-2_3_4_r1-nfc_ce-bt_fd.patch, gingerbread.bare,gingerbread.bare.orig

You will run these commands from the /Android-2.3.4_r1


All the commands are in blue color
All the output you will get are in brown color
All the rest is in Black

Apply patch using this command : 

sudo patch -p1 < gb-2_3_4_r1-nfc_ce-bt_fd.patch 



patching file external/libnfc-nxp/inc/phDbgTrace.h
patching file external/libnfc-nxp/inc/phNfcConfig.h
patching file external/libnfc-nxp/src/phHal4Nfc_Emulation.c
patching file external/libnfc-nxp/src/phLibNfc_initiator.c
patching file external/libnfc-nxp/src/phLibNfc_SE.c
patching file frameworks/base/core/java/android/bluetooth/BluetoothAdapter.java
patching file frameworks/base/core/java/android/server/BluetoothService.java
patching file packages/apps/Nfc/jni/com_android_nfc.h
patching file packages/apps/Nfc/jni/com_android_nfc_NativeNfcManager.cpp
patching file packages/apps/Nfc/src/com/android/nfc/NfcService.java
patching file packages/apps/Settings/AndroidManifest.xml
patching file packages/apps/Settings/res/values/strings.xml
patching file packages/apps/Settings/res/values-es/strings.xml
patching file packages/apps/Settings/res/xml/nfc_settings.xml
patching file packages/apps/Settings/res/xml/wireless_settings.xml
patching file packages/apps/Settings/src/com/android/settings/bluetooth/BluetoothDiscoverableEnabler.java
patching file packages/apps/Settings/src/com/android/settings/nfc/NfcSettings.java



After that build the Android source tree using these commands :
Do every thing as a root user .

sudo su
password : <your password as root>

source build/envsetup.sh
including device/htc/passion/vendorsetup.sh
including device/samsung/crespo/vendorsetup.sh

. build/envsetup.sh

including device/htc/passion/vendorsetup.sh
including device/samsung/crespo/vendorsetup.sh

lunch
  
You're building on Linux

Lunch menu... pick a combo:
     1. generic-eng
     2. simulator
     3. full_passion-userdebug
     4. full_crespo-userdebug


select 4 as it is for Nexus S


Which would you like? [generic-eng] 4

============================================
PLATFORM_VERSION_CODENAME=REL
PLATFORM_VERSION=2.3.4
TARGET_PRODUCT=full_crespo
TARGET_BUILD_VARIANT=userdebug
TARGET_SIMULATOR=false
TARGET_BUILD_TYPE=release
TARGET_BUILD_APPS=
TARGET_ARCH=arm
HOST_ARCH=x86
HOST_OS=linux
HOST_BUILD_TYPE=release
BUILD_ID=GRJ22
============================================


make -j4

at the end you should get this : 

make_ext4fs -l 536870912 -a system out/target/product/crespo/obj/PACKAGING/systemimage_intermediates/system.img out/target/product/crespo/system
Creating filesystem with parameters:
    Size: 536870912
    Block size: 4096
    Blocks per group: 32768
    Inodes per group: 8192
    Inode size: 256
    Journal blocks: 2048
    Label:
    Blocks: 131072
    Block groups: 4
    Reserved block group size: 31
Created filesystem with 540/32768 inodes and 26546/131072 blocks
Install system fs image: out/target/product/crespo/system.img
out/target/product/crespo/system.img+out/target/product/crespo/obj/PACKAGING/recovery_patch_intermediates/recovery_from_boot.p total size is 102413589
Installed file list: out/target/product/crespo/installed-files.txt
you will get the files to be flashed in the folder > /out/target/product/crespo

-rw-r--r-- 1 root root   2973696 2011-12-21 11:49 boot.img
-rw-r--r-- 1 root root    142676 2011-12-21 11:49 ramdisk.img
-rw-r--r-- 1 root root    385840 2011-12-21 11:50 ramdisk-recovery.img
-rw-r--r-- 1 root root   3219456 2011-12-21 11:50 recovery.img
-rw-r--r-- 1 root root 102193012 2011-12-21 12:22 system.img
-rw-r--r-- 1 root root  19247552 2011-12-21 11:39 userdata.img

Also along with these binariees you will get the compiled fastboot in the folder > /out/host/linux-x86/bin/
Put the phone in the fastboot mode and issue these commands.(fast boot mode can be achieved by pressing the power key + volume key UP together)

To flash the above files issue these commands(as root) : 

$ ./out/host/linux-x86/bin/fastboot erase userdata

 erasing 'userdata'...
OKAY [  0.280s]
finished. total time: 0.280s


$ ./out/host/linux-x86/bin/fastboot erase cache

 erasing 'cache'...
OKAY [  2.018s]
finished. total time: 2.019s



$ ./out/host/linux-x86/bin/fastboot flash system out/target/product/crespo/system.img

 sending 'system' (99797 KB)...
OKAY [ 25.889s]
writing 'system'...
OKAY [ 12.442s]
finished. total time: 38.331s

$ ./out/host/linux-x86/bin/fastboot flash userdata out/target/product/crespo/userdata.img

sending 'userdata' (18796 KB)...
OKAY [  4.861s]
writing 'userdata'...
OKAY [  2.008s]
finished. total time: 6.869s


$ ./out/host/linux-x86/bin/fastboot flash boot out/target/product/crespo/boot.img

 sending 'boot' (2904 KB)...
OKAY [  0.754s]
writing 'boot'...
OKAY [  0.385s]
finished. total time: 1.139s


/out/host/linux-x86/bin/fastboot reboot

 rebooting...
finished. total time: 0.001s





Donwload the libpn544_fw.so from here.


There is an error after booting as libpn544_fw.so is not found in the /system/lib and it is unable to load this .so which is necessary for NFC operation.
so to avoid this do this on command prompt :
$  su
#  mount -o rw,remount -t yaffs2 /dev/block/mtdblock3 /system
#  cd system
# chmod 777 lib
#  exit
$ adb push <pat to libpn544_fw.so>  /system/lib

$adb shell
$su
#  cd system
# chmod 755 lib


Once reboot is done you will get the options changed in the NFC Settings as told by Fernando Miguélez Palomo 


These are the videos : 

Before Flashing the patched Android : 



After Flashing the patched Android : 



Plz let me know how  it goes !!!


In case you dont want to download the 2.3.4-r1 source Code , you cab take the images from here --> http://www.sendspace.com/filegroup/QrM1XZxbueqZMsC1bvJ7R%2BYO8SgCItUB


Note : Though the title says a hack but it is not.It was initially i thought that by doing this some one can actually hack the Google wallet.Any way I am not changing the subject line as the steps involved will definitely a step towards the subject of the post in near future.

Thanks Sandeep for Reviewing my blog and pointing out the typos :) !

Rgds,.
Softy