I format main disk /dev/mm{some thing} with zero. And now i cant boot it with tftp recovery. What i need to do?
If you wiped the whole (or wrong parts of) flash, you'll need a dump of an identical device, and a flash writer.
2 Likes
i dumb (. Where can i get it?
Nothing usable i cant get with serial. Its okey?
I don't have access to that at the moment, but you should be able to tftpboot the OpenWrt initramfs image over serial.
Once booted into the initramfs image, you should be able to re-create the partition table on the eMMC, see https://github.com/pkgadd/nbg6817/ for details and exact partition locations and offsets.
romd and bu1 can be left empty (0x00).
header/ header_1 do contain data of the installed firmware, but OpenWrt shouldn't care about those, so 0x00 'might' work.
rootfs_data would contain the OEM overlay, OpenWrt doesn't need it - just format it with ext4 (on-disk file format needs to be compatible with kernel v3.4).
bu2 would contain the streamboost cache on an ext4 filesystem, that might be recreated when using the OEM firmware - just format it with ext4 (on-disk file format needs to be compatible with kernel v3.4).
For kernel/ rootfs and kernel_1/ rootfs_1, you can download the OpenWrt sysupgrade.bin image, untar it and write kernel/ rootfs correspondingly.
Make very sure not to clobber the spi-nor flash (mtd%d), if you do, it's game over for the wireless calibration data and the bootloader et al would have to be recovered externally in an spi-nor flasher.
Get the initramfs image tftpbooted, once you're at that stage, you have all options at your fingertips via serial - take your time, don't make it worse - take backups of everything (spi-nor and eMMC) before making any changes.
IIRC, zloader/ zld also had 'some' ways to rewrite/ recover the eMMC from the bootloader - but that's completely undocumented.
2 Likes
Well, after the partition table has been recreated, push-button tftp recovery might already work again.
i found only this initramfs, but i think it doesnt work because serial port didnt send any info IPQ806x NSS Drivers - #402 by quarky
probably you have actually link for initramfs?
I found openwrt initramfs but serial port doesnt send anything
Oh wow its work
I found this instruction and unlock my bootloader https://forum.archive.openwrt.org/viewtopic.php?id=47957&p=1
How boot initramfs? With zloader?
Which command boot by tftp?
Isn't it like the next post, in the thread you had already found at Armor z2 formatting main disk - #5 by user090909
No tftpboot command available on this zloader
Only this commands are available
help
ATBT x block0 write enable (1=enable, 0=disable)
ATWM x set MAC address in working buffer
ATEN x[,y] set BootExtension Debug Flag (y=password)
ATSE x show the seed of password generator
ATWZ x[,y,z] write ZyXEL MAC addr, Country code, HTP flag
ATCB copy from FLASH to working buffer
ATSB save working buffer to FLASH
ATSH dump manufacturer related data in ROM
ATCO x set country code in working buffer
ATFL x set HTP flag in working buffer
ATSN x set serial number in FLASH ROM
ATGU go back to master loader
ATCL erase U-Boot environment, should be reboot
ATCR erase rootfs_data partition
ATRT [x,y,z,u] RAM read/write test (x=level, y=start addr, z=end addr, u=iterations)
ATGO boot up whole system
ATUR x upgrade RAS image (filename)
ATUB x upgrade ZLD image (filename)
ATUG upgrade GPT partition table on EMMC (gpt_main1.bin, gpt_backup1.bin)
ATUD x upgrade ROMD image (filename)
ATCD erase RomD partition
ATLD x,[y] load file X to memory address Y via TFTP
ATMB [x,y] upgrade firmware image by multiboot
ATDU x[,y] dump memory or registers
ATWW x,y,z set memory or registers(x=address, y=value, z=len)
ATER x,y erase flash from block X to block Y
ATRF x,y[,z] read/dump flash to ram/console(x=flash offset, y=len, z=ram address)
ATWF x,y,z write data from RAM to flash(x=RAM address, y=flash offset, z=len)
ATDS x,y dump data of spare area in page Y of block X
ATSWF x switch flash type for command ATER,ATRF,ATWF(x=0(NOR), 1(NAND))
ATCMP x,y,z compare two memory space x and y with length is z
ATLED [x,y] set LED (x=led no, y=blink mode)
ATPIO x[,y[,z]] set GPIO (x={d|s|w|r}, y=pio num, z=write data)