Got this kindle on hand at friday noon with rooting request. Follow some tutorial on xda-developer forum through the letter and write down here for my notes. All credits goes to original poster, and thank you very much for the wonderful hack, you rock !
Before proceeding there is some preparation steps you should read.
Requirement :
- Make sure you were running linux, if you were using winblows, close this page! I never use winblows, and I don’t know how to do this on winblows.
- Make sure you already had an Android Debugging Bridge (adb) on your system, if not, download the android SDK Tools from here and follow the instruction there for installation on your system.
- Read this thoroughly :
Your warranty is now void.
I am not responsible for bricked devices, dead SD cards, you experience flat tires, thermonuclear war, global warming, or you getting fired because the alarm app failed.
Please do some research if you have any concerns about risk of getting rooted before continuing! YOU are choosing to make these modifications, and if you point the finger at me for messing up your device, I will laugh at you!!
If you have any other objection, don’t bother to comment, just close this page!
Preparation :
Kindle using usb vendor id 0x1949, thus we need to tell adb to use this usbid, so it can communicate with the kindle. If you follow the andorid SDK installation correctly then the android adb tools will be on your home folder under .android folder. Create some text file using your favorite editor, name it as adb_usb.ini and put it on ~/.android folder with this text :
{code}0x1949{/code}
Test them with command :
{code}adb shell{/code}
you should be logon to kindle properly.
There is also some files we should prepare :
Required files:
fbmode.zip – http://forum.xda-developers.com/show….php?t=1414832 or here
twrp2 – http://teamw.in/project/twrp2/79 or here
su – http://dl.dropbox.com/u/8699733/kindlefire/su or here
Rooting Process :
Create some working folder such as ~/project/kindle and copy all of files above into it, Extract / unzip fbmode, and lets begin,
{code}adb push fbmode /data/local/fbmode
adb shell chmod 755 /data/local/fbmode
adb shell /data/local/fbmode
adb reboot{/code}
Your kindle will “get stuck” on the kindle fire screen, but really it’s just in fastboot mode.
{code}fastboot -i 0x1949 boot twrp-blaze-2.0.0RC0.img{/code}
Your device will now boot into twrp recovery, and flash the firefirefire bootloader. When done it will prompt you to reboot.
Precisely at this point, after pressing the reboot button, the kindle device goes into bootloop, it doesn’t continue to recovery mode but continue looping the boot process and stuck on kindle fire logo boot screen. Only powering off is possible and it gives me a big headache since I never experience this problem on my previous attempt on rooting my gadgets. After many many many searching and grunting and fffuuuuu ing … maybe swearing also 😀 finally i can break the bootloop. So this below steps are a little different with the original post on xda forum, and if you’re not suffering bootloop, just ignore this step.
{code}adb shell “idme bootmode 4002″{/code}
reboot, then run
{code}adb shell “idme bootmode 4000″{/code}
reboot again, and I quit from bootloop.
Upon reboot you will get stuck on the “yellow triangle” screen of firefire fire.
{code}fastboot oem idme bootmode 5002
fastboot reboot{/code}
once again i’m going into trouble after this command and cannot continue to anything since the kindle device was stuck at yellow triangle screen, and to make it worse, now all the fastboot command throws a message :
<waiting for the device>
ffffuuuuuu …. not again. Searching till fallen a sleep not found anything subjective, then by accident i run lsusb command and find the culprits. Here is the lsusb gives :
{code}[root-u@jfklixs-ubuntu kindle]# lsusb
Bus 001 Device 001: ID 1d6b:0002 Linux Foundation 2.0 root hub
Bus 002 Device 001: ID 1d6b:0002 Linux Foundation 2.0 root hub
Bus 001 Device 002: ID 8087:0024 Intel Corp. Integrated Rate Matching Hub
Bus 002 Device 002: ID 8087:0024 Intel Corp. Integrated Rate Matching Hub
Bus 002 Device 003: ID 046d:c052 Logitech, Inc.
Bus 002 Device 009: ID 18d1:0100 Google Inc.
[root-u@jfklixs-ubuntu kindle]#{/code}
hmmm … apparently the kindle device usbid and usbvendor somehow were change to Google Inc. id 1801:xxxx … this is not good, not good at all. 🙁
Then I remember I can change the udev rules for the android devices, here is now my /etc/udev/rules.d/51android-device rule :
{code}SUBSYSTEM==”usb”, ENV{DEVTYPE}==”usb_device”,
ENV{PRODUCT}==”1949/*”, MODE=”0666″
SUBSYSTEM==”usb”, SYSFS{idVendor}==”1949″, MODE=”0666″{/code}
I run this below steps again using root (it won’t work using ordinary user) :
{code}[root-u@jfklixs-ubuntu kindle]# fastboot oem idme bootmode 5002
… OKAY
[root-u@jfklixs-ubuntu kindle]# fastboot reboot
rebooting…
[root-u@jfklixs-ubuntu kindle]#{/code}
and this time it’s working !!! I’m entering the recovery mode and indicated by orange led color on power button. wooohoooo … 😀
back again on the right track like the original poster :
Once in recovery
{code}[root-u@jfklixs-ubuntu kindle]# adb shell mount system
[root-u@jfklixs-ubuntu kindle]# adb push su /system/sbin/su
757 KB/s (22364 bytes in 0.028s)
[root-u@jfklixs-ubuntu kindle]# adb shell chown 0.0 /system/sbin/su
[root-u@jfklixs-ubuntu kindle]# adb shell chmod 06755 /system/sbin/su
[root-u@jfklixs-ubuntu kindle]#{/code}
Now, lets disable the root check before rebooting
{code}[root-u@jfklixs-ubuntu kindle]# adb shell mv /system/bin/check_rooted /system/bin/check_rooted.bak
[root-u@jfklixs-ubuntu kindle]#{/code}
and reboot :
{code}[root-u@jfklixs-ubuntu kindle]# adb shell idme bootmode 4000
<idme> write 4000 to offset 0x1000
[root-u@jfklixs-ubuntu kindle]# adb reboot
[root-u@jfklixs-ubuntu kindle]#{/code}
The kindle device boot normally …
{code}[root-u@jfklixs-ubuntu kindle]# adb shell
$ su
# wohooooo …{/code}
and once got into kindle home screen, I install superuser
adb install Superuser.apk
done !
