Bookeen doesn't provides any way to hack their e-ink e-readers. Nevertheless, after they introduce a secured update file format for the first Cybook serie, they come back to a "tar-like" format for their e-readers based on Allwiner platform (new Odyssey, Muse, Nolimbook...). With this format, they try to be closest to Android platform.
Be careful : handling all bookeen's readers is difficult because there is a lot of derived/customized readers available ! For this, Bookeen has its own server that checks for serial number to determine which update to serve. A special attention must be done with manipulating boot and bootloader images, it can bricks your e-reader !
This tutorial will only works with UNIX/Linux tools, I do not plan to do it for Windows.
So, let's start. An archive is commonly named CybUpdate.bin. In facts it's a .tar.bz2 file.
First, decompresse it :
mkdir decompressed cd decompressed tar -jxvf ../CybUpdate.bin
The following content should be created :
contents bootloader.fex boot.fex rootfs.fex
I think that boot.fex and bootloader.fex are optional, but not sure. Two types of files are present :
- contents that contains meta information
- fex files
Contents has the following format :
idents are :
- LOAD for bootloader
- BOOT for boot partition
- ROOT for rootfs
Fex extension is a generic one that actually is flash images in different format (vfat, ext...).
In bootloader.fex and rootfs.fex we have a file "/version" specifying the current version (allowing to do checks). Mounting bootloader and rootfs is quite easy :
mkdir root sudo mount -t ext2 rootfs.fex root -o loop mkdir bootloader sudo mount -t vfat bootloader.fex bootloader -o loop
After doing modifications, just unmount the directory and the image is automatically generated ! (Don't forget to update contents metadata).
boot.fex is more complex, it has Android bootloader format. You have to use split_bootimg.pl to decompress it.
mkdir boot cd boot ../split_bootimg.pl ../boot.fex > Page size: 2048 (0x00000800) > Kernel size: 10863524 (0x00a5c3a4) > Ramdisk size: 2253456 (0x00226290) > Second size: 0 (0x00000000) > Board name: sun5i > Command line: > Writing boot.fex-kernel ... complete. > Writing boot.fex-ramdisk.gz ... complete.
Then we decompress ramdisk :
mkdir ramdisk_decompressed cd ramdisk_decompressed gzip -dc ../boot.fex-ramdisk.gz | cpio -i
You can re compress it with :
find | cpio -o | gzip -c > ../boot.fex-ramdisk.gz
Rebuilding boot is done with mkbootimg. Be careful to use the same parameters split_bootimg.pl displayed !
./mkbootimg.py --kernel boot.fex-kernel --ramdisk boot.fex-ramdisk.gz --pagesize 2048 --board sun5i -o ../boot.fex
As you see, there is nothing complicated here, but mistakes with boot/bootloader or init scripts can bricks your e-reader.
Have fun !