Title says it all, I'm looking for an insecure boot image for Android 4.3
Wrong section. Most custom kernels are "insecure" (rather it resides in a ramdisk setting)
Related
I think the title it explains pretty much.
I build aosp marshmallow from sources, and when I get stuck on the google logo when I flash system, using:
Code:
fastboot flash system system.img
The phone was at 6.0.1 stock, apart from the boot.img which was compiled to be permissive with verity disabled.
Also I've tried to also flash the remaining images produced by the aosp compilation (userdata.img, cache.img, etc) but still no luck.
Any hints on how to make it boot?
I have a SU question for those in the know.
Device: SCH-I545 VZW SGS4
Bootloader: VRUAMDK Original Loki exploitable, never took an OTA
ROM: Custom AOSP 7.1/CM14 based Nougat
Here goes, hopefully I make sense.
In the past custom ROMs used "system mode" for SU, 2.52 or 2.65. With the introduction of "systemless" the way of the future is becoming apparent. Some updated apps don't work well or at all with system mode.
The SCH-I545's bootloader is locked but can be gotten around with the "Loki" exploit by @drbliss for installing custom ROMs/kernels. The problem with SuperSU in systemless mode is patching the ramdisk with a locked bootloader. During the install of a systemless package when it gets to the step where the boot.img is patched it fails. Screen output will say "decompressing ramdisk" then "failure, aborting" and continue until complete but SU does not work.
Some SGS4 variants like the I9505 have an unlocked bootloader. So, for an experiment, I got a copy of the boot.img from someone using the same ROM as I (we have a unified device tree) after SU install and boot. This file has been patched by the SU flash process.
I took the ROM zip, deleted the boot.img, replaced it with the patched img, and flashed the ROM. Lo and behold it booted AND has SU access. The ROM flashes SuperSU 2.78-SR1 by chainfire.
During SU install from recovery it showed the usual failure when it attempted to patch the boot.img but since I had a "Pre-Patched" file systemless mode installed and works just fine. A quick look in the file system shows a systemless install. End result? Systemless install is possible on a locked BL device.
My question is how to get there. I am no developer. Beyond hacking/modding zips and editing the build.prop, updater-script, update-binary, etc. I get lost and java/C++ is a mystery. Is it possible to get it to succeed with something similar to the Loki process or by modifying Loki??
Just thinking out loud here but thought, input, etc. is most certainly welcome.
Hi,
I am getting into kernel development with a Google Pixel phone. I noticed that I need root permission in order to access syslog. My phone is on stock ROM with Magisk installed.
However, since Magisk only patched the original boot image, and since I am testing my kernel by temporarily booting it using "fastboot boot", I don't have access to root when using my own kernel. (I know this is sarcastic...)
I wonder how other kernel devs handle this situation. Do I need to compile the entire AOSP into a ROM with root builtin? Or is there another way around this using Magisk?
Thank you!
You don't fastboot boot a kernel, do you?
Anyway, if you use Anykernel you can flash your kernel over the Magisk patched boot image and Magisk should stay intact.
DISCLAIMER: I know absolutely nothing, zip, and null about kernel development.
Eventually I found out that, there was no way for my kernel to coexist with Magisk, because Magisk also modifies the kernel and I wouldn't want to merge its changes.
I think I'll just have to compile an engineering variant of AOSP from scratch... Are there any precompiled "official" images?
Didgeridoohan said:
You don't fastboot boot a kernel, do you?
Anyway, if you use Anykernel you can flash your kernel over the Magisk patched boot image and Magisk should stay intact.
DISCLAIMER: I know absolutely nothing, zip, and null about kernel development.
Click to expand...
Click to collapse
Thanks for the suggestion. But I couldn't get it to work. I think I'll just build an entirely new system.img from AOSP.
I'd also recommend building the entire AOSP for any other people facing this question. It takes more time but is officially supported by Google.
I just found that there is no recovery.img in stock rom and xiaomi.eu rom.
Is recovery image replaced with other image in xiaomi devices?
Thanks in advance.
Android 11 hidden reco partition
Just like LG G8, rec is integrated into boot, which means refreshing boot will lose TWRP. Unless the boot already contains
Hello, I either completely forgot or just never ran into this before. I am used to flashing kernels in FKM. I and on Proton ROM and want to use Zest kernel and be rooted in Magisk. How can I do this?
Currently, I run thebZest kernel .IMG through Magisk and then flashboot boot *zest rooted kernel image*. It does not work. It installs the kernel (I think), but I lost my root from the original proton kernel.
Please help.
Zest kernel img only contains the executables to patch the kernel which is why you have to "fastboot boot", not "fastboot flash".
Containing only executables means it doesn't have the actual "bootable" code on it to boot the phone.
This means, you have to:
First, flash a stock magisk_patched.img by doing "fastboot flash boot magisk_patched_stock.img"
And then "fastboot boot zestkernel.img".
This will install the zest kernel while keeping root.