Add VideoStrong KM5 (videostrong-km5)

[nikp123]

Device specifications: https://whatismyphone.net/vendors/videostrong/km5-android-tv-box-km5

The manufacturer's website is here: https://www.videostrong.com/ (Unfortunately the original device page has been taken down)

This is a board that I've ripped the NAND module (usually has one) off of it so I can't rely on the original bootloader tricks to get a newer version on U-Boot running on it. Thankfully I was able to get it going by dumping and extracting the necessary bootloader parts from the original firmware dump I found somewhere and I've tested that it works.

The acs.bin dump is based on the ddrs_ tables found in bl2.bin, through crude hex editing I was able to transfer that over to the Le Potato's acs.bin, I've tested that and it seems to work. The rest of the files are original from the device's ROM dump.

[chewitt]

@nikp123 As this wasn't sourced the normal way (blobs extracted from vendor build tools) can you please provide a more detailed description of how acs.bin was created (hacked) in the commit message. In case someone wants to retrace your steps and tweak something in the future.

[nikp123]

@nikp123 As this wasn't sourced the normal way (blobs extracted from vendor build tools) can you please provide a more detailed description of how acs.bin was created (hacked) in the commit message. In case someone wants to retrace your steps and tweak something in the future.

No problem:

1. From the firmware dump of the KM5 (which comes in a amlogic's update propriatery format), you need to obtain the raw image of the boot partition or the custom boot image used when installing said firmware (this is done by their update tool). This is done using this tool
   1.1 Download and extract this tool (or just git clone it)
   1.2 Inside of the project root create an in directory and place your firmware image (.img extension) inside of that folder
   1.3 Launch ./unpack.sh. Run the level 1 extraction process to obtain the raw partition files.
   1.4 Inside of the generated level 1 folder you can obtain the aml_sdc_burn.UBOOT file (I tried bootloader.PARTITION but gxlimg couldn't extract it)

2. We need to extract the blxx segments from said image.
   2.1. Download, compile and install gxlimg.
   2.2 mkdir fip-parts
   2.3 gxlimg -e aml_sdc_burn.UBOOT fip-parts
   2.4 Inside we will have the encrypted bl2, bl31, bl32 and bl33 (which we wont use).
   2.5 Using the same gxlimg command they can be decrypted. Once we obtain the unencrypted variants, we will still be missing the acs.bin file.

3. Obtaining acs.bin and patching it.
   3.1 Because we're missing said file we will initially borrow it from a board with a compatible CPU (in our case: Le Potato).
   3.2 Following the tips displayed on this page we will extract the necessary segment.
   3.3 Fire up your favourite hex editor (ImHex, in my case) and look for that ddrs_ segment magic. Select all relevant parts up until the rest of the bl2 file. This is done intuitively, I don't really have a hard rule for this. See image for an example:

3.4 Open our target acs.bin that we borrowed from the Le Potato board, and find the same segment using the same segment magic string and replace every byte. Once we did this, we can finally put it inside of this repository and compile it.

[nikp123]

It's a bit of an process but hopefully comprehensible, but I didn't feel writing a whole article to explain the reasoning behind every step.