Related
Script pulled; should have it back up by Wednesday.
Hey guys. I've written a shell script to automate some of the more menial tasks involved with unlocking the Nexus S bootloader and rooting it. It also guides you through the various tasks involved in the process, and IMO is a more noob-friendly alternative to my guide on manually rooting.
Disclaimer again: I take no responsibility if something goes wrong (if it does, it should be fixable though), Unlocking your bootloader voids your warranty (but you can lock it back), Unlocking the bootloader will wipe your entire phone, including USB Storage; so make a copy of all those family photos and other files you may have put onto the USB storage if you want to keep them.
The script should run fine on most configurations; if you have issues post them below. The script isn't very elegant, but it gets the job done. Pay attention to the terminal as you go through it and you should be fine.
Some Notes:
- OTA updates will not flash because the modified boot.img flashed in this script causes an MD5 mismatch. You should flash the latest OTA update before running this script, if you aren't already running the latest update.
- The latest OTA update, GRH78 (2.3.1) can be found with instructions on flashing here: http://forum.xda-developers.com/showthread.php?t=884097
- You do not need root to flash OTA updates.
How to run
1. Download the attached file and rename it to 'nsrootscript.sh'
2. Mark it as executable either by navigating to it, right-clicking it, Properties > Permissions tab, and checking 'Allow executing file as program', or running this command:
Code:
chmod +x /path-to-file-here/nsrootscript.sh
3. Double-click it and choose 'Run In Terminal' or use the command:
Code:
./path-to-file-here/nsrootscript.sh
4. Follow the instructions given in the script, and you should be rooted in no time.
Special Thanks
Koush; Developer of ClockworkMod Recovery and ROM Manager. Buy him a beer here: https://www.paypal.com/us/cgi-bin/w...63663d3faee8d9384d85353843a619606282818e091d0
Paul; Developer of Superboot. Help him raise money for Cancer Research and possibly win yourself a nice gadget here: http://android.modaco.com/content/charitable-projects/317387/10k-for-p10k-for-childhood-leukemia/
If you have any issues, concerns, or comments, feel free to leave them below.
I just looked through your script. Noticed it is using superboot boot.img's to root. You might want to put a note that this will probably prevent future OTA updates from flashing, since those boot.img's are modified and will get MD5 mismatches.
Luxferro said:
I just looked through your script. Noticed it is using superboot boot.img's to root. You might want to put a note that this will probably prevent future OTA updates from flashing, since those boot.img's are modified and will get MD5 mismatches.
Click to expand...
Click to collapse
Thanks for the heads up, I'll put that in the OP.
Thanks man, looking forward to getting and trying this out
works like a charm thank you very much!
I'm sorry but I just don't see the point it rooting a DEVELOPER phone? You open up lots of features that are not available to non root so therefore make developing useless as you will lose more than half your market! I understand if you are specifically making a root application but I'm sure most of you aren't!
[/Rant]
stothy862 said:
I'm sorry but I just don't see the point it rooting a DEVELOPER phone? You open up lots of features that are not available to non root so therefore make developing useless as you will lose more than half your market! I understand if you are specifically making a root application but I'm sure most of you aren't!
[/Rant]
Click to expand...
Click to collapse
Root isn't just of interest to developers. Root allows the end user to do many interesting things, a small set:
- Applying custom themes
- Blocking annoying ads
- Take screenshots
- Set CPU clock speeds / overclock for better performance, underclock for better battery life
- Replacing system apps / files (There are various reasons for this, one example is the modified MMS.apk floating around that fixes the blurry MMS issue)
- Flash custom ROMs which can offer performance increases, battery life increases and add useful features not found in stock (CyanogenMod is a good example)
-And there's a lot more, but it's 2 AM where I live, lol.
As for people that develop applications that require root, that's because what they do (blocking ads, theming, taking screenshots, etc.), well requires root. There's no way around that. And since root is obtainable on most Android devices without too much hassle, what's the harm in coding something to make people's Android experience a little better?
Note: This thread is here mostly for historical purposes. While Xposed is supported in various forms [EdXposed and LSPosed], developent on the Xposed primary app has completed. Xposed framework compatible modules are still in active development and supported by their respective developers.
Click to expand...
Click to collapse
This is the announcement thread for Xposed for Lollipop, Marshmallow, Nougat and Oreo. I'll post all relevant news here, so subscribe to it if you'd like to stay informed.
You can find a list with Q&A about Lollipop support on the XDA Portal. Please read it, you will find many answers there. Also see this article with much background information on new stuff for Nougat.
Please install it only if you're willing to take the risk of boot loops. Just because it's working fine and stable for me doesn't mean it will work for everyone the same way.
Downloads:
XposedInstaller_*.apk from this thread: Must be installed to manage installed modules, the framework won't work without it.
xposed*.zip from https://dl-xda.xposed.info/framework/: Must be flashed with a custom recovery (e.g. TWRP) to install the framework.
SDK21 is Android 5.0 (Lollipop), SDK22 is Android 5.1 (also Lollipop) and SDK23 is Android 6.0 (Marshmallow).
For Nougat, SDK24 is Android 7.0 and SDK25 is Android 7.1.
For Oreo, SDK26 is Android 8.0 and SDK27 is Android 8.1.
I only support the latest Xposed version per Android release!
xposed-uninstaller*.zip from https://dl-xda.xposed.info/framework/: Can be flashed with a custom recovery (e.g. TWRP) to uninstall the framework.
The small .asc files are GPG signatures of the .zip files. You can verify them against this key (fingerprint: 0DC8 2B3E B1C4 6D48 33B4 C434 E82F 0871 7235 F333). That's actually the master key, the files are signed with subkey 852109AA.
Known issues:
- Before Nougat: Bootloops on Samsung stock ROMs. That's due to Samsung's changes to ART. There are unofficial builds that work around this by deodexing and adjusting the ROM.
- Sony seems to have shipped some ROMs with corrupted services.odex (the embedded .dex is invalid). Those ROMs will bootloop with a "Fatal signal 6" or "No pending exception expected: java.lang.ArrayIndexOutOfBoundsException" error, which I unfortunately cannot fix (see https://github.com/rovo89/Xposed/issues/64)
- Dell ships (at least) their Venue 8 7840 with a non-standard version of ART that is somewhere between 5.1 and 6.0 which obviously isn't supported by Xposed (see https://github.com/rovo89/Xposed/issues/77)
For discussions, please use the discussion threads (Lollipop / Marshmallow / Nougat / Oreo) or another matching one in this subforum.
As you have probably noticed, more than 2,000 posts have been made in the original thread about Xposed on Lollipop. I'm really overhelmed by all your feedback! Also many thanks to those people who have donated already, it's great to see how much Xposed means to you.
Although so much discussion and helping each other is great, it's hard for anyone (including me) to follow. Hence, I have decided to create this thread were only I (and possibly the XDA moderators) will give some updates. This will make it easier for me to inform you about the current status, bugs I know about and so on. Feel free to subscribe to it or simply check from time to time. I'm not sure yet about the best way for me to get a consolidated overview of existing issues that have been confirmed by several people and ideally already have a sufficient information (like logcats, clear description of the error, ...) attached, but I hope we can work something out.
Current status (Feb 19):
The most important issue seems to be the incompatibility with Samsung stock ROMs, especially because it's leading to boot loops. I have been working hard on fixing this in the days since the release, however it's not just a single spot that needs fixing. Thanks to GermainZ for testing and providing good log files! So far, I have detected the following issues:
- Enhanced .oat file format: Samsung has added a "TypeLookupTable", probably for performance reasons. The table itself will be ignored by Xposed, but it also means that the file format is slightly different. I have finally understood what they have done and added some logic to skip the referenes to this table.
- Different size of the String class: They have added a clear() method, which is unusual as strings are usually immutable. As this class is one of few that have special support in native code, I had to add one entry to the virtual table of the class.
- Additional fields in DexCache class: Offsets to some fields are different due to this and need to be handled in native code (as this another central class with native parts directly implemented in ART).
- Verifier rejects ViewDebug class: Doesn't seem to be overly critical to me, yet to be tested whether it's working fine with original libraries.
- Implementation missing for some native methods: Some methods in the reflection classes have been implemented in native code instead of Java. This means I will have to implement them as well.
The changes done by Samsung are bigger than I expected, especially given that ART is very complex and mostly undocumented. Anyway, I still think that once these issues have been overcome, it's better to replace the libaries than trying to manipulate data structures and behavior from "outside" (app_process). Think about it: If they have done such big changes, it's very likely that offsets in these data structures are different from AOSP and would need special handling as well.
It would of course be helpful to have an uninstaller ZIP in case you run into a bootloop. I didn't have time for that yet, but maybe someone can build an initial version that basically reverses the steps of the installer ZIP. For the ART libraries, that should be rather easy. You might want to stay away from moving app_process32 back in case you have SuperSU installed. It will need a special procedure to ensure you don't break either part or even your ROM.
There are other issues for sure, for example it seems that some methods cannot be hooked. That's something that needs more investigation, but I would like to fix the more critical issue like the ones for Samsung first.
That said, I won't be able to work on Xposed for the next days, definitely not before Monday. Keep in mind that this isn't my fulltime job and that an alpha phase might take some time. It would be illusionary to assume that we reach a stable state after a few days, with all the changes that have been done.
I have just uploaded alpha2. It fixes several issues:
java.io.IOException: Invalid argument while reading /data/data/de.robv.android.xposed.installer/conf/modules.list (sometimes it worked fine after a soft reboot), see https://github.com/rovo89/Xposed/issues/25
ClassNotFoundException for system services (e.g. ActivityManagerService) shown in the log, see https://github.com/rovo89/XposedBridge/commit/6b49688c929a7768f3113b4c65b429c7a7032afa
Resources-related incompatiblity on newer CM12-based ROMs
Hooks for very simple methods not working, see https://github.com/rovo89/android_art/issues/4
app_process version not displayed in XposedInstaller
When you flash the new files, the next boot might take a bit longer, as it effectively clears the Dalvik cache (which is necessary because of a change in the ART compiler).
Note that this version is still not compatible with Samsung ROMs (custom ROMs might work if they're not based on stock ROMs). Don't install it, otherwise you'll get into a bootloop and need to restore your backup!
I have already done a lot of investigations and adjustments, as also mentioned in the previous post. However, there are still differences that need to be addressed and it will take more time to resolve them. I can't give any ETA on that.
Ok, quick status update.
Sure, I have heard that Android 5.1 is out. However, it currently makes more sense for me to stablize Xposed for Android 5.0, as I have two productive devices plus the Genymotion emulator running on it. Hopefully, it can then be ported to Android 5.1, but that's hard to tell without having had a look at it.
It's generally hard to estimate any timelines for Xposed-related stuff, for mainly two reasons:
a) Working on Xposed is mainly analysis of AOSP code, traces, closed-source files, followed by some development and testing (often trial and error). I never now which other obstacles are still undiscovered, so the effort is unclear beforehand.
b) Even if I know the effort (= net time), I can't say when I will have the time to actually work on it. For example, this week I probably won't spend a single hour on development. Sorry, but I'm not going to sacrifice my private life for Xposed and I can't spend several hours per evening for this project (anymore).
One of the next steps will be the creation of some scripts that help me to compile and package Xposed. Apart from simplification for me, I hope that this might help other experienced developers to try and contribute themselves (e.g by analysing the issues they noticed themselves).
So much for now, keep enjoying the stuff that is already working and please refrain from asking me when Xposed for 5.1 will be stable... I simply don't know that myself.
rovo89 said:
One of the next steps will be the creation of some scripts that help me to compile and package Xposed. Apart from simplification for me, I hope that this might help other experienced developers to try and contribute themselves (e.g by analysing the issues they noticed themselves).
Click to expand...
Click to collapse
It took longer than expected, but I also think it's better than what I had planned originally:
https://github.com/rovo89/XposedTools
I hope this makes it easier for others to compile the native parts of Xposed and the modified ART runtime themselves and get involved, just like @romracer did. It also makes it easier for me to build and package the Xposed framework, as it was quite a hassle to make sure that all files are compiled correctly, pushed to my PC etc.
I have just uploaded a new flashable ZIP for Xposed 3.0 alpha3 (xposed-sdk21-arm-20150426.zip).
You only need to flash the ZIP again, the Xposed Installer app remains the same (and therefore still shows version alpha2). If XposedBridge.jar has version 64 after a reboot, the new version is active.
Changes:
- Fixed issues with replacing drawables
- Fixed NoSuchMethodError in handleInitPackageResources
- Possibly fixed some errors on ROMs that start in permissive SELinux mode and switch to enforcing mode later
As the question probably comes up:
- No, this version doesn't support Android 5.1 yet.
- No, this ZIP doesn't support arm64/x86 processors yet.
I will eventually support them as well, but as there are unofficial versions for these, I try to work on a few known issues for Android 5.0 before (when I find time for it).
Regarding Samsung ROMs: No progress. No ETA. No promise that it will be supported, although I don't exclude it either. It's simply unclear what further differences between their and AOSP's ART variant come up.
alpha4 (20150430) is now available. It fixes bootloops and crashes on some ROMs, especially on Sony devices. In the logs, there used to be "Too many open files" errors.
References for this bug:
https://github.com/rovo89/Xposed/issues/31
http://forum.xda-developers.com/crossdevice-dev/sony/workaround-bootloops-xposed-lollipop-t3089203
http://forum.xda-developers.com/z3/general/xposed-bootloops-lollipop-t3085627
I have just upload files for a big update. It includes many general improvements/changes and some smaller fixes.
One of the changes is that I decided to avoid confusion about all the different (yet similar) version numbers for installer, framework zip, app_process and XposedBridge by reducing it to two version numbers:
The framework (i.e. all the files in the flashable) zip is versioned with integers (65 for this release). This is at the same time the Xposed API version. Unofficial builds should use suffixes to label their releases.
The Xposed Installer app will continue to use the well-known, human-readable version numbers, e.g. 3.0 alpha3 for this release.
The next bigger change is the installation script in the flashable ZIP. I use a modified fork of BusyBox now to keep the scripts clean and work with a well-known environment. This should make it pretty reliable, even in case some weird recoveries forget to include the "unzip" command. Those who are interested in the technical details should check out the GitHub project.
While I was working at it, I finally built flashable uninstallation ZIPs as well. They revert all actions done by the installation script, provided you didn't delete the backups (<filename.orig>). These ZIPs are only tested with Android 5.0.
The other changes are:
- Installer: Display the installed framework version in green, instead of a static hint about flashing the framework via recovery.
- Fix for incomplete logs on some devices, see https://github.com/rovo89/Xposed/issues/34
- Fix for updated modules crashing until the next reboot, see https://github.com/rovo89/Xposed/issues/22
- Ignore unknown parameters to avoid bootloops on some devices, see https://github.com/rovo89/android_art/issues/7
- Some other internal improvements
- Some cherry-picked ART commits from AOSP
- Devs: Allow hooking native methods, see https://github.com/rovo89/Xposed/issues/28
- Devs: Several debugger fixes, see https://github.com/rovo89/android_art/issues/1
I'm also uploading builds for arm64 and x86 devices. I have tested them on my Nexus 9 and on the Genymotion emulator and didn't notice any issues. The unofficial builds don't seem to be modified from my source code either and I didn't get pull requests on GitHub for these platforms, so I assume that they work fine.
By the way, in case you're a dev (or just interested) and want to try out your modules on Genymotion, you can use this collection of scripts to faciliate the Xposed framework installation on Genymotion. Just follow the instructions, then you can simply drop the x86 framework installation ZIP on the emulator window to install the framework. Don't forget to reboot afterwards.
So much for now. Be assured that official Android 5.1 support will come sooner or later, but the changes above required quite some debugging, development and strategic thinking. It's nice to see that some unofficial ports fill the gap for those who don't want to wait.
About M: The AOSP tag for the preview seems to be just a placeholder, just like it was for the L preview. I haven't tried, but I doubt that compiling ART from this tag will fit to the M preview image. Hence, I won't be investing any of the time (that I don't have anyway) to try and get Xposed running on the preview image.
Those who had issues with installer version 3.0 alpha3 displaying the framework as not installed, please try 3.0 alpha4. ProGuard optimized a bit too much in one very specific case... unfortunately, this never appeared during development, just in the release build.
If modules aren't loaded after a reboot because modules.list wasn't found, try to disable/enable any module. This will write the file again.
One addition to the changes in framework v65: The ZIP files are now signed. This wasn't possible before integrating the custom BusyBox version as some recoveries failed to unzip the signed ZIP.
I have just uploaded ZIPs for Xposed framework version 66 and also replaced the uninstaller ZIPs. There are no changes in the framework itself, so if you installed version 65 successfully, there's no need to update. If you got messages containing "Invalid argument" or "Wrong SDK version: 19, expected 21" while flashing the ZIP files, this should fix them. Thanks to @romracer for the fix!
EDIT: Had to reupload. If you downloaded the ZIPs within the first 15 minutes after this post was published, please download them again.
New files for framework version 67 are now available. They fix an issue with recoveries that have SELinux disabled (even though they might claim that "Full SELinux support is present" in the log, like TWRP does). This seems to have happened mainly on LG devices and caused boot loops, but could affect others as well. Details about the fix are in this commit: https://github.com/rovo89/XposedTools/commit/c55ac907e16947d66012950d119d8db1aea69124
The uninstaller has also been updated, although it's unlikely that it would have caused real issues.
framework version 68 fixes two reported crashes:
"Fatal signal 11" reported for dex2oat or "Compiler driver" in the Xposed log. I have seen a few posts about such issues, but the one I tested the fix with was about Quickoffice. If you notice further issues like this, please report them on GitHub with the full logcat (as only that contains the command line that crashes).
"com.android.phone has stopped" on LG G3. Don't confuse this with support for encrypted apps (LGWeather, LGCover), this can't be fixed unless someone comes up with a decrypter, ideally one that can be executed on the device.
rovo89 said:
Don't confuse this with support for encrypted apps (LGWeather, LGCover), this can't be fixed unless someone comes up with a decrypter, ideally one that can be executed on the device.
Click to expand...
Click to collapse
I had another look at their encryption, or rather the library they use for it. Fortunately, all the decryption logic is in that library (liblgalmond.so), not in ART itself. So I did a lot of digging into their libraries and finally figured out how to call the relevant functions to detect and decrypt their encrypted apps on the fly. That's the requirement to recompile and run these apps.
So here it is, framework version 69 with support for LG's encrypted apps (LGCover, LGWeather, maybe more). Please make sure to clean your Dalvik cache after flashing the ZIP if you have an LG device and had issues with these apps.
It turned out that some LG devices (at least G2 mini and G Pad 8.3) are using encrypted precompiled (odex) apps. These need to be handled differently than apps which contain just the encrypted dex file. With framework version 70, Xposed supports both encrypted dex and odex files. Again, clearing the Dalvik cache might be necessary. If you don't have an LG device or don't get FCs, you can skip this update.
In framework version 71, I have fixed a boot loop on various devices/ROMs related to the "SettingsProvider". If you were getting boot loops with earlier versions, you might want to give this a try.
Apart from that, it should now work properly with Sygic (after reinstalling the app or wiping the Dalvik cache). Note that some modules might not work properly with this app, as they "hack" Android's resource processing (e.g. for images/texts) on a low level. As this conflicts with Xposed (which does a similar thing), I had to disable parts of the API for this app.
I finally created an official version for Android 5.1 (aka SDK22). You can download it as v72 from the first post.
This version is not directly based on @romracer's port, however there aren't many differences. He had merged AOSP 5.1 into the Xposed codebase, I did it the other way around and used this opportunity to reorder and combine the commits. So it's a little bit cleaned up now, which will hopefully make it easier to port these changes to future Android versions. I have also cherry-picked two of his changes that weren't in the offical version yet: A fix for a special case in resource handling on 64-bit and compression of the backup Xposed creates during its installation. Many thanks to @romracer for providing the unofficial version - this gave me the chance to fix and improve many things (which were in turn merged by him and others).
That said, there are also a few new changes:
- In error messages, the Android version is now display as well, e.g. "Wrong Android version: 5.1 / SDK22 ... This file is for: 5.0 / SDK21"
- The files for Android 5.1 can now handle gzip-compressed odex files (*.odex.gz). Those files only exist on certain ROMs (e.g. CM) that merged a few commits proposed by Intel. These commits weren't accepted into AOSP because the way they're handling the compressed files has some flaws. With Xposed installed, these files will be unpacked on-the-fly and recompiled.
The gzip support might also be interesting for ROMs where the /system partition is almost full. It should be possible to gzip some of the .odex files before installing Xposed in order to free up some space. This should work on any odexed 5.1 ROM, even if the Intel commits aren't included. However, this would be very experimental. Volunteers are welcome, but don't forget to create a backup.
Finally, I have updated the uninstaller zips. They include a timestamp now, as new installer zips might require new uninstaller versions. You should always be able to uninstall older versions with the latest uninstaller though. v72 requires at least the uninstaller from today (20150831).
With framework version 73, a bug on 64-bit ROMs is fixed which prevented modules from reading their preferences. I believe that the root cause is a bug in AOSP, but whatever - it should be fixed now. Thanks to @romracer and @cryptyk for the fix.
I have additionally merged a few changes from CyanogenMod. Most of them control when the Dalvik cache is cleared automatically after a bootloop (new feature in 5.1 AOSP, now improved) and one is supposed to increase the compile performance on some ROMs. Don't expect too much though.
In framework version 74, I have fixed some more incompatibilities which could lead to bootloops or crashes. I assume that most of these crash logs contained the string "Incompatible set properties", which is actually a consequence of previous method verification errors. It's hard to say which ROMs and devices were affected - but flashing the new version shouldn't hurt even if everything looks fine with older versions. If you do notice any issues and are sure that it's not caused by yourself, you have higher chances of getting them fixed if you open a detailed GitHub issue (usually I will need at least a full logcat).
I won't be able to work on Xposed for the next 2-3 weeks - no time for development, support or questions at all. If the rumors I have read are right, I should be ready just in time to start porting Xposed to M.
Dear forum,
Long time no talk! I have been able to get "root" for our phones on G925VVRU4BOG7, which anyone can downgrade to. The catch is that even with /system mounted as rw, I am unable to write to it directly through most conventional means. (I can write to /data, though, which means i can patch dalvik-cache, which means my mods are coming ) However, I am able to still write to it using another, more complicated way (I can go into more detail for those interested), as a whole. Here's where you come in-- is anyone still full-rooted? If so, please message me as soon as possible! I may be able to have users who are on newer builds downgrade to older builds and get su properly installed, then manually upgrade back up to the later builds again!
If you are rooted still, all i'm going to have you do is perform this command:
Code:
su
dd if=/dev/block/platform/15570000.ufs/by-name/SYSTEM bs=4096 of=/sdcard/system.img
Then send me that system.img file on your sdcard! It'll be pretty big, so you can zip it or .7z (7-zip), whatever you'd like to do.
I will also need what build you are on. You can just send me your Build number within "Settings->About phone".
First one who does it gets credits on the official release thread i'll make, when I get a procedure down that people can follow!
Thanks!
-Trailblazer101
i have an s6 edge on 5.0.2 rooted. Would that be of help?
Did you get the system.img file? I really wish I could help you. I have this phone on 6.0.1 and stuck without root, but the thing is I really need the root because I bought it used, worked fine the first few days, then didn't get any signal (turns out that it was reported as stolen and of course the IMEI got blacklisted; I tried to contact the seller but he was gone, and his ebay account deleted, so basicly I'm stucked with a ' 5.1" tablet' . I got scammed :/ )
I would be very grateful if you could explain how did you get root on G925VVRU4BOG7 . I know that you want the file mentioned for creating some kind of universal root for the phone, but right now I'm kind of desperate and need root as soon as possible to fix my IMEI issue and I would follow your steps if you made a tutorial.
Thank you very much!
trailblazer101 said:
Dear forum,
Long time no talk! I have been able to get "root" for our phones on G925VVRU4BOG7, which anyone can downgrade to. The catch is that even with /system mounted as rw, I am unable to write to it directly through most conventional means. (I can write to /data, though, which means i can patch dalvik-cache, which means my mods are coming ) However, I am able to still write to it using another, more complicated way (I can go into more detail for those interested), as a whole. Here's where you come in-- is anyone still full-rooted? If so, please message me as soon as possible! I may be able to have users who are on newer builds downgrade to older builds and get su properly installed, then manually upgrade back up to the later builds again!
If you are rooted still, all i'm going to have you do is perform this command:
Code:
su
dd if=/dev/block/platform/15570000.ufs/by-name/SYSTEM bs=4096 of=/sdcard/system.img
Then send me that system.img file on your sdcard! It'll be pretty big, so you can zip it or .7z (7-zip), whatever you'd like to do.
I will also need what build you are on. You can just send me your Build number within "Settings->About phone".
First one who does it gets credits on the official release thread i'll make, when I get a procedure down that people can follow!
Thanks!
-Trailblazer101
Click to expand...
Click to collapse
I am currently running on A0E2 using your rooted rom for this phone. It runs great....except I tried flashing xposed framework using Flashfire and it of course failed...due to the fact that xposed only works on 5.1.1 or above...sucks we are in such a catch 22 with our devices...although I'm happy because I am still rooted.. Anyway...I set up ADB and entered that command you posted and it worked...I just don't know where the storage location of the system.img file is for me to transfer to my PC, 7zip, and send to you. Any help would be excellent....as I desperately want to run xposed framework on my device....but am stuck on 5.0.2
r0ckinb0i said:
I am currently running on A0E2 using your rooted rom for this phone. It runs great....except I tried flashing xposed framework using Flashfire and it of course failed...due to the fact that xposed only works on 5.1.1 or above...sucks we are in such a catch 22 with our devices...although I'm happy because I am still rooted.. Anyway...I set up ADB and entered that command you posted and it worked...I just don't know where the storage location of the system.img file is for me to transfer to my PC, 7zip, and send to you. Any help would be excellent....as I desperately want to run xposed framework on my device....but am stuck on 5.0.2
Click to expand...
Click to collapse
Looking at the last part of the command and if it ran successfully, it should be in /sdcard. Did you ever find it?
gabes100 said:
Looking at the last part of the command and if it ran successfully, it should be in /sdcard. Did you ever find it?
Click to expand...
Click to collapse
Thank you I found it...I'm new to command prompt although I am learning quickly. I found it. I just need to load it onto my computer and compress it so I can send it to Trailblazer. I will do that tomorrow night when I get back home.
I have the img on my computer. It is 4.3G. How do I get it to Trailblazer? Google Drive? EDIT: it is 4.58GB. I am uploading now to google drive, it will an hour
Hi Trailblazer,
Here is a link to system.img:
https :// drive google com / open?id=0B-j3XfGrnj9PbUdwaml5eERvbFU
I am too new to post links the correct way.
Are there any updates on this topic? When I first saw this thread last week, It got me thinking about what a Tethered Root (Temporary/Semi - Root) would still be capable of doing for those of us still on Official Firmware in this day and age.
And really it occurred to me at that moment, that if we could just attain a Root Shell even if it was only for 60 seconds to five minutes, that would be sufficient to get enough root information off of the phone and into a PC editable format.
I ask, because I am in the process of forming a method for the G925V 6.0.1 [PI2] Build. The problem I'm pretty sure I'm going to run into sooner or later in my experiments/research, is the fact that I am one of the few who have the 64GB Verizon S6 Edge. Technically speaking, my device refers to itself in Download/ODIN mode as a SM-G925VZKE model. This also means that my Stock .PIT file is going to be very different than most people's, also meaning my FSTAB configuration probably will be different.
Because there shouldn't be a reason I can't at least get a temporary Root Shell very soon.
So whats up with this? My wife has 6.0.1 on Verizon and I have international much better choice. Will we have root on this phone?
If you are currently on 6.0.1 on your Verizon device. It would serve you well for the time being to disable Automatic Security Updates.
Settings > Lock Screen and Security > Other Security Settings > Security Policy Updates
Turn OFF Automatic Updates, and Turn OFF Wi-Fi Only.
If you leave these on, any potential root option will be patched by Samsung/Google before you know it exists. Disable it for now so you can find an exploit for the build the device is on.
UPDATE:
So apparantly, I've had a rooted 6.0.1 PI2 device persistent through factory resets for over a week, but didn't realize just how much was achieved on my device! According to diagnostics.
I'm already started on writing up the combination of methods that the OP was walking into. Turns out it works up to the September patch too.
But lucky me and not you this time. I got my device essentially decommissioned because I ran my code too soon. But in the sweetest possible way after being so pissed when my tech coach said my warranty was void.
By the end of tomorrow night I should have a thread.
Anyone still working on this?
d0lph said:
Anyone still working on this?
Click to expand...
Click to collapse
Yes. Using the dirtycow vulnerability we've managed to get an arm64 version running that will indeed allow a root console on MM builds.
The last thing standing in the way, for at least a tethered root, is for someone to help me convert the script from the flashable zip version of the SuperSu installer into basically a batch script. Because the how-to guide ChainFire wrote in comments inside his installer script is kind of hard to read because it covers all the different versions of android in a tiny block of text and not every device sets up the same SELinux environment.
Not to mention, if I could get SuperSU to try and install itself as a System Application, it would probably work with what I have already. But for some reason I CANNOT find a single guide anywhere on how to perform a "System" Install of SuperSU, everyone wants to use the "Systemless" version, which is NOT going to work I believe.
We can manage booting the device in the event of DM-Verity Failure, when that happens with the 5.1.1 OG ENG Kernel, we can indeed mount "/system" as read/write, and we can indeed change the contents of the System partition that persist through a reboot.
I just need help setting Perms & Contexts. Because at one point in time, I DID actually manage to get SuperSU to give me a root shell instead of a user shell, but only on the ADB Command Line. In that test I could not get an application to start from the launcher and have Root Permissions.
Delgoth said:
Yes. Using the dirtycow vulnerability we've managed to get an arm64 version running that will indeed allow a root console on MM builds.
The last thing standing in the way, for at least a tethered root, is for someone to help me convert the script from the flashable zip version of the SuperSu installer into basically a batch script. Because the how-to guide ChainFire wrote in comments inside his installer script is kind of hard to read because it covers all the different versions of android in a tiny block of text and not every device sets up the same SELinux environment.
Not to mention, if I could get SuperSU to try and install itself as a System Application, it would probably work with what I have already. But for some reason I CANNOT find a single guide anywhere on how to perform a "System" Install of SuperSU, everyone wants to use the "Systemless" version, which is NOT going to work I believe.
We can manage booting the device in the event of DM-Verity Failure, when that happens with the 5.1.1 OG ENG Kernel, we can indeed mount "/system" as read/write, and we can indeed change the contents of the System partition that persist through a reboot.
I just need help setting Perms & Contexts. Because at one point in time, I DID actually manage to get SuperSU to give me a root shell instead of a user shell, but only on the ADB Command Line. In that test I could not get an application to start from the launcher and have Root Permissions.
Click to expand...
Click to collapse
Thank you for taking the time to still work on this. Subscribed. Following this to the T.
Rand0lph said:
Thank you for taking the time to still work on this. Subscribed. Following this to the T.
Click to expand...
Click to collapse
If you want to follow the complete story of what I just mentioned please follow and contribute to this thread: Injecting Root & Setting SELinux - End Stages?
This is the thread that contains the Greyhat Root console, first designed for the AT&T Galaxy Note 5. But that device uses the same Exynos7420 Mainboard as the Galaxy S6 Edge, so the project is still compatible.
I haven't kept the OP maintained as I should yes. But it is actually worth it to read that whole thread as @droidvoider went out of his way explaining some of his methods. I have a bit of R&D that isn't posted in that thread as well, if you can read up on the project. I'd be more than happy to share what I know with anyone wanting to help as long as they can catch up with what we have accomplished so far.
Look at some of the other threads I've started as well for the initial methods.
Delgoth said:
If you want to follow the complete story of what I just mentioned please follow and contribute to this thread: Injecting Root & Setting SELinux - End Stages?
This is the thread that contains the Greyhat Root console, first designed for the AT&T Galaxy Note 5. But that device uses the same Exynos7420 Mainboard as the Galaxy S6 Edge, so the project is still compatible.
I haven't kept the OP maintained as I should yes. But it is actually worth it to read that whole thread as @droidvoider went out of his way explaining some of his methods. I have a bit of R&D that isn't posted in that thread as well, if you can read up on the project. I'd be more than happy to share what I know with anyone wanting to help as long as they can catch up with what we have accomplished so far.
Look at some of the other threads I've started as well for the initial methods.
Click to expand...
Click to collapse
Sorry, I didn't even acknowledge this is for the EDGE S6. I have a regular Verizon S6.
Rand0lph said:
Sorry, I didn't even acknowledge this is for the EDGE S6. I have a regular Verizon S6.
Click to expand...
Click to collapse
I don't really think that matters as much for the thread I referred to.
I tested the Greyhat Root Console on my S7 Edge, and it worked as well using the September build.
The S6 Line plus the Note 5, all use the same System on a Chip.
If anything, there may be just a couple tweaks to make when compiling it using the NDK.
NOTE: This is only for Nougat (7.1) custom ROMs (such as Lineage 14.1 based)!
Make sure you do a proper nandroid backup before flashing!
I made a flashable zip for updating the libhoudini stuffs for Nougat (7.1) ROMs to 7.1.0a_y.49344. Not sure if this has been posted elsewhere before, though.
Before flashing, check your current libhoudini version by typing "houdini --version" either from adb shell or from terminal emulator. (UPDATE: Use the built-in Terminal as it doesn't work in Termux)
You should only try to flash this if your houdini version is below 7.1.0a_y.49344. Current custom ROMs usually have a houdini version of 7.1.0_y.48901 (DotOS 1.2 for example).
Flashable zip (It's about 34MB in size) (Dropbox link here)
The original source is from here, apparently taken from Nexus Player (fugu).
After flashing, "houdini --version" should report something like this:
Code:
[14902]
[14902] Houdini version: 7.1.0a_y.49344
[14902]
TESTING NEEDED: I'm not sure what this version of houdini might fix or break, so try this at your own risk. If you're currently not having problems with apps then there's no need to flash this. Compared with existing device files (7.1.0_y.48901, in /system/lib/arm/), several library files are changed, plus an additional "libgate.so" which I could identify it as being an ARM library file (so it'll also be placed in /system/lib/arm, although I'm not sure where it might be used).
EXPERIMENTAL (UNTESTED!): Here's another version in case someone might be interested. This build is 8.0.0_y.49374, and the version number literally means it's to be used for Oreo, so I'm not sure if it'll work on a 7.x ROM. The original source of this version is from Android-x86.
Flashable zip (Dropbox link here)
If the zip works, it should report the following version:
Code:
[19729]
[19729] Houdini version: 8.0.0_y.49374
[19729]
What is the use for this ?
PedroCaseiro said:
What is the use for this ?
Click to expand...
Click to collapse
It's just to put updated libhoudini libraries into the device, in hope that those updated stuffs might help with fixing some native libhoudini crashes on certain problematic ARM-only apps.
I had some ARM-only apps that always FC with native crashes (SIGSEGV) from libhoudini on Zenfone 2. Although the updated binaries unfortunately could not fix the problems entirely, at least the they work as intended as I haven't discovered anything broken by the updated stuffs yet.
However, this won't help if your app crash is due to the developer shipping an incomplete set of x86 native binaries (this can happen). You need to sideload it through adb and force it to use ARM abi, like this:
Code:
adb install --abi armeabi xxx.apk
Note that the abi name varies among apps, armeabi is just an example, it might be arm, or armeabi-v7a, depending on the app itself.
EDIT: Say, is there a way to report device incompatibilities to Play Store so I can explain the device's situation and let Play Store always ship the last known good version for our device? There seem to be some apps that previously worked, but not now due to updated native libraries that would cause native crashes on libhoudini (Play Store will still treat our device as compatible due to the device exposing the ARM abis thanks to libhoudini), and I often need to disable the app in question's auto-update to prevent Play Store updating it to the native-crashing version.
Running "houdini --version" in a terminal emulator results in:
"houdini: command not found"
for latest version of Groovy Android
deckinghalls said:
Running "houdini --version" in a terminal emulator results in:
"houdini: command not found"
for latest version of Groovy Android
Click to expand...
Click to collapse
Are you using Termux? It seems I'm getting the same result there as well, but houdini outputs just fine in the built-in Terminal as well as in the T-UI launcher.
And as for file lists:
In /system/bin there's the "houdini" binary.
Then there's "libhoudini.so" in /system/lib/ (this is the main library which is of i386 architecture).
And the rest of the files (ARM libraries) in /system/lib/arm/. These consist of the exact same set of files as the ones provided by the custom ROMs, plus an additional one (libgate.so).
LSS4181 said:
Are you using Termux? It seems I'm getting the same result there as well, but houdini outputs just fine in the built-in Terminal as well as in the T-UI launcher.
And as for file lists:
In /system/bin there's the "houdini" binary.
Then there's "libhoudini.so" in /system/lib/ (this is the main library which is of i386 architecture).
And the rest of the files (ARM libraries) in /system/lib/arm/. These consist of the exact same set of files as the ones provided by the custom ROMs, plus an additional one (libgate.so).
Click to expand...
Click to collapse
I am not sure what is meant by "the built-in Terminal" (I don't recall any ROM coming with one?) but I did use Termux as well as the terminal in TWRP. I figured out if you type "su" to get root access first, then the command works fine in Termux.
Flashed the .zip file. So far, I haven't noticed any changes, good or bad. I don't remember which apps would FC (maybe the Amazon Echo app and Disney Infinity 3.0?) but I'll keep you posted.
deckinghalls said:
I am not sure what is meant by "the built-in Terminal" (I don't recall any ROM coming with one?) but I did use Termux as well as the terminal in TWRP. I figured out if you type "su" to get root access first, then the command works fine in Termux.
Flashed the .zip file. So far, I haven't noticed any changes, good or bad. I don't remember which apps would FC (maybe the Amazon Echo app and Disney Infinity 3.0?) but I'll keep you posted.
Click to expand...
Click to collapse
Some ROMs do have built-in terminal app. However, you need to enable it, which can be done in Settings -> Developer Options (assuming you know how to enable Developer Options as well). There would be an option to enable "Local terminal" which is the built-in terminal app.
Which means it will help the x86 device run ARM ???
I do not understand. Please analyze me
Mkey_34 said:
Which means it will help the x86 device run ARM ???
I do not understand. Please analyze me
Click to expand...
Click to collapse
libhoudini is Intel's ARM binary translator that helps x86 devices run ARM apps, albeit with some limitations and performance reduction due to overhead. Without it, most apps won't be able to work at all, as they don't have x86 native libraries.
Zenfone 2 already has houdini included, that's why it could run as many apps as any other devices. The flashable zip here contains updated files (for 7.1 ROMs) in hope it could help with some problematic ARM-only apps that refuse to work with libhoudini, though in most cases the differences are barely noticeable.
LSS4181 said:
libhoudini is Intel's ARM binary translator that helps x86 devices run ARM apps, albeit with some limitations and performance reduction due to overhead. Without it, most apps won't be able to work at all, as they don't have x86 native libraries.
Zenfone 2 already has houdini included, that's why it could run as many apps as any other devices. The flashable zip here contains updated files (for 7.1 ROMs) in hope it could help with some problematic ARM-only apps that refuse to work with libhoudini, though in most cases the differences are barely noticeable.
Click to expand...
Click to collapse
Thank you
---------- Post added at 02:58 AM ---------- Previous post was at 02:53 AM ----------
something's wrong I can not download it. I need another link. thank you
My device is running Groovy Android 7.1.1, 18 May Build.
so i have successfully upgraded houdini version using your flashable file. Thank You for your work.
what if i want to revert to the houdini version that comes preinstalled with the rom, will dirty flash rom zip work?
sushuguru said:
what if i want to revert to the houdini version that comes preinstalled with the rom, will dirty flash rom zip work?
Click to expand...
Click to collapse
The zip is meant to be flashed every time you reflash the ROM, so yes, dirty flashing should be able to revert it.
But again... you're supposed to do a nandroid backup before flashing, and there's no need to flash this if you aren't encountering any native code crashes from arm-only apps at the moment.
Unfortunately, as Intel had already left the mobile market and no more Intel-powered smartphones produced anymore, some developers started to "move on" and use libraries or compiler options incompatible with houdini in order to make their apps run more efficient on modern ARM smartphones, without having to be "constrained" for compatibility reasons...
The houdini binaries I found only seems to be a minor update, and I'm not sure if Intel is still working on this or if there are possibilities to obtain an even newer houdini version with "y" suffix, which our phone uses.
Added an experimental (UNTESTED!) version found from Android-x86 (8.0.0_y.49374). This version was originally meant for Oreo, so I'm not sure if this would work on a Nougat ROM.
Currently on Android-x86 only the "y" version (which our devices use) is available. The other versions ("x" and "z") are not present, and the link would simply give you a "not found" error.
Although I don't mainly use the phone anymore, I could still conduct some tests with the device if I have time.
Bit the bullet and tested the 8.0.0_y.49374 build. Does not work. Evie force crashes right off the bat. Haven't tested further than this, but if I cannot even use my launcher of choice, that isn't a good sign.
Hey everyone,
after some trial and error, I was able to pass Safety Net.
I just want to mention what I did in the process to get there. May have been a combination of things or just one...
1. I followed this guide, but make sure you notice that It's for the Pixel 5 not 5a. But the process is similar. This process didn't fix the issue. However, it's also a good how-to on how to root. I did also modify the props to the 3a.
How to Root the Pixel 5 & Still Pass SafetyNet — Full Guide for Beginners & Intermediate Users
The Pixel 5 is a great value proposition in this era of $1,500 phones. With its reasonable price tag, fully open-sourced software, and unlockable bootloader, it's also an ideal phone for rooting.
android.gadgethacks.com
2. When that didn't work, I followed this video, and hid all my banking apps besides the Google Play Services:
3. When that didn't work, I installed these both using Magisk from this post:
Magisk General Support / Discussion
This is the place for general support and discussion regarding "Public Releases", which includes both stable and beta releases. All information, including troubleshoot guides and notes, are in the Announcement Thread
forum.xda-developers.com
4. Cleared my data and cache with Google Play and GPay + any other banking apps.
That worked for me!
EDIT: IF GOOGLE MAPS reports the wrong location, its likely XPrivacy-LUA, Google Services. Uncheck some of them.
Oh man....the only thing holding me back is the safety net thing, and it looks like we have a work around tell someone has an actual method made for this phone. Not sure if I'm ready to actually mess with this yet...but thanks for the post, bro!
anubis2k3 said:
Oh man....the only thing holding me back is the safety net thing, and it looks like we have a work around tell someone has an actual method made for this phone. Not sure if I'm ready to actually mess with this yet...but thanks for the post, bro!
Click to expand...
Click to collapse
Didnt think it was that big of a deal to me. But it was fun with a new phone with nothing on it.
This was the Magisk module that worked to pass safety net for me. I didn't need any others.
Releases · kdrag0n/safetynet-fix
Google SafetyNet attestation workarounds for Magisk - kdrag0n/safetynet-fix
github.com
Google Pay "appears" to be working too. Haven't gone out and tried it yet though.
joemommasfat said:
Google Pay "appears" to be working too. Haven't gone out and tried it yet though.
Click to expand...
Click to collapse
That's the part that I use the most, and the reason I haven't rooted yet. Please let us know if it works. Much appreciated!
I can confirm that using google pay (newer GPay app) on my rooted 5a works at merchants. I've already used it several times over the last week or so with no problems.
Deadmau-five said:
3. When that didn't work, I installed these both using Magisk from this post:
Click to expand...
Click to collapse
Why? Isn't the shim version just for Samsungs? Either way, it's the same mod, just different versions.
Someone who actually knows what they're doing needs to write up a tutorial. Following instructions posted by people who have no idea what they're doing but "it works" for them is dangerous.
borxnx said:
Why? Isn't the shim version just for Samsungs? Either way, it's the same mod, just different versions.
Someone who actually knows what they're doing needs to write up a tutorial. Following instructions posted by people who have no idea what they're doing but "it works" for them is dangerous.
Click to expand...
Click to collapse
You're absolutely correct about the dangers in following instructions posted by who knows who. I'll go further and say when it comes to root and associated items stay away from anything posted on a site other than XDA. In many cases even if the instructions were correct at some point in time they may well be outdated now.
I haven't rooted yet for a few reasons yet but will, hopefully sometime very soon. In the meantime I can state the following:
They're is no need to modify props. Modifying props to identify as a different phone would only be required for custom ROMs that don't handle it themselves (or some non-certified Chinese phones, which doesn't apply here). If you're running stock just leave that portion alone. And, if I'm not mistaken (although not 100% certain) I think safetynet-fix takes care of that for you in any case.
You will definitely need kdragOn/safetynet-fix.
Hopefully that's all you need.
I'm not sure which version of Magisk you'll need. Unless you know what you're doing and how to get out of trouble I recommend staying away from the current alphas, they're extremely cutting edge and you can expect problems.
Best best is to check the following threads and see what's going on:
Actually see this post and the 2 posts immediately following
Magisk General Support / Discussion
This is the place for general support and discussion regarding "Public Releases", which includes both stable and beta releases. All information, including troubleshoot guides and notes, are in the Announcement Thread
forum.xda-developers.com
That should pretty much cover things for the moment. If nobody else (@hfam ?) has done it by the time I get around to rooting I'll write something up specific for the 5a.
I only mentioned what works for me since there was no step-by-step guide.
Dangerous how? Doing any mods to your phone is "dangerous". I fail to see how this is more so than others. Modifying your phone is risky.
If it didn't work I wouldn't have posted this guide. I only mentioned the steps that I took. It's not really a guide, just how I passed safety net.
But, my 5a has still been working great since then. GPay included.
jcmm11 said:
You're absolutely correct about the dangers in following instructions posted by who knows who. I'll go further and say when it comes to root and associated items stay away from anything posted on a site other than XDA. In many cases even if the instructions were correct at some point in time they may well be outdated now.
I haven't rooted yet for a few reasons yet but will, hopefully sometime very soon. In the meantime I can state the following:
They're is no need to modify props. Modifying props to identify as a different phone would only be required for custom ROMs that don't handle it themselves (or some non-certified Chinese phones, which doesn't apply here). If you're running stock just leave that portion alone. And, if I'm not mistaken (although not 100% certain) I think safetynet-fix takes care of that for you in any case.
You will definitely need kdragOn/safetynet-fix.
Hopefully that's all you need.
I'm not sure which version of Magisk you'll need. Unless you know what you're doing and how to get out of trouble I recommend staying away from the current alphas, they're extremely cutting edge and you can expect problems.
Best best is to check the following threads and see what's going on:
Actually see this post and the 2 posts immediately following
Magisk General Support / Discussion
This is the place for general support and discussion regarding "Public Releases", which includes both stable and beta releases. All information, including troubleshoot guides and notes, are in the Announcement Thread
forum.xda-developers.com
That should pretty much cover things for the moment. If nobody else (@hfam ?) has done it by the time I get around to rooting I'll write something up specific for the 5a.
Click to expand...
Click to collapse
Just a quick note to say I just finished with everything (new Pixel 5a 5G, rooted + Safety net, restored all my apps, etc) and it's a flawless victory, ALL banking apps work great, SafetyNet passes, no hiccups.
I'd be happy to craft up a step by step and post it if there's some interest. It's not often I get to give back to this outstanding community, so it's the least I can do jumping on the opportunity. UFC 266 Main card is just starting, so I'll get started right after the fight and post it here in this thread.
Great to see ya again @jcmm11! Coming back to root a new phone feels like a family reunion, so great to see many of you active folks still here helping out!!
hfam
Alright, as promised, here is my writeup for a step-by-step tutorial for rooting your new Pixel 5a and getting SafetyNet up and going. I know it looks like a book, but I wanted to put it into plain language and attempt to explain the process for everyone, even absolute first timers. I know when I first started I really appreciated when the person helping didn't presume I had any knowledge, so for those that may have some experience, sorry for the wordiness. I'll also include how I apply updates when a new Android security update is pushed out. I understand that there are now elegant ways to accept OTA updates, but that is out of the scope of this tutorial as I have always had issues with OTA, and have to catch up on how that works myself. I can attest to years of using this method though (using a full factory image) to perform the "monthly" security updates, and I have never had anything but full success, so I'll share that here below the rooting tutorial.
*Disclaimer and heads-up* this is for an UNLOCKED PIxel 5a purchased directly from Google Store. At the time of this writing that is the only place I'm aware of which currently offers the PIxel 5a. Once carriers like Verizon, etc, offer this device, there may be some changes to the process, so just know up front this is for the unlocked Pixel 5a*
*WARNING*! When you unlock the bootloader on your phone it WILL WIPE YOUR PHONE and reset it to factory. If you've already used your phone and set it up, you're going to lose that setup. If you can't bear it, then the rest of this isn't for you, as root cannot be achieved without unlocking the bootloader.
First, you'll need a few things
- https://developers.google.com/android/images
and download the latest FACTORY IMAGE for "barbet", which is the Pixel 5a. You want to download the SAME VERSION that is currently installed on your device. At the time of this writing, it's the September release.
From that same page, you will need the ADB+Fastboot platform tools which will allow you to perform the required tasks, download from this link:
- https://developer.android.com/studio/releases/platform-tools.html
I use Windows 10, and extract this tools download to a folder in the root of C: called "platform-tools". You will then need to add "c:\platform-tools" to your environment path.
On the Pixel 5a, you need to enable developer options. Go into Settings/About Phone/and tap "Build Number" 7 times. This enables developer options and it will let you know when you've unlocked this as you tap 7 times. Once developer options is unlocked, go back to Settings/System/Advanced, and you'll see Developer Options is now available.
Select Developer Options, and enable "USB Debugging" and also enable "OEM Unlocking".
(**NOTE** For now at least, until you decide how you want to proceed with handling updates in future (more on that later), I strongly recommend turning OFF "Automatic System Updates" as well, just a few items below "OEM Unlocking". This prevents any updates happening automatically on a phone reboot. You don't want to wake up and find an OTA update pushed out and removed root, or worse. You can always turn it back on later.)
Plug your phone into a USB port on your PC. Allow the PC to do it's thing. You can open up Computer Management on the PC (right click the windows menu button icon lower left of your toolbar and select "Computer Management". Select "Device Manager" on the left panel. You should see "Android ADB Device" appear at the top of the right pane list of devices. if not, then visit:
Install OEM USB drivers | Android Studio | Android Developers
Discover links to the web sites for several original equipment manufacturers (OEMs), where you can download the appropriate USB driver for your device.
developer.android.com
and download the appropriate USB driver for your system and retry the above directions.
First thing we have to do is unlock the bootloader.
On the PC, open a command prompt and change directory to "C:\platform-tools" as discussed above.
Now, type in "adb reboot bootloader". The phone will reboot into bootloader. (you may receive a dialog on the phone which says something to the effect of not recognizing the PC. Go ahead and allow it, check the box to allow it in the future, and proceed.
Phone is now at the bootloader, and shows you some info letting you know it's so, including that the bootloader is locked. Also, look at the Device Manager we opened earlier and confirm that you see Android ADB Device (or similar) which confirms your PC recognizes the phone and setup for ADB commands .
To unlock the bootloader, in the command prompt type:
fastboot flashing unlock
This will unlock the bootloader, you will likely see a warning that it's going to wipe the phone. Proceed and allow the unlock. The phone will then reboot and take you to your wiped phone just as you received it out of the box, except the bootloader is now unlocked and Developer Options are still available. Let the phone continue through it's first-time setup, and leave the phone plugged into the PC. If you unplugged no biggie, but we're going right back to the PC shortly and it will need to be plugged back in before the next step to accept the file we're going to push to it.
Now, you want to open a browser on the phone and go to (at the time of this writing, v23.0 is the current stable Magisk):
Release Magisk v23.0 · topjohnwu/Magisk
This release is focused on fixing regressions and bugs. Note: Magisk v22 is the last major version to support Jellybean and Kitkat. Magisk v23 only supports Android 5.0 and higher. Bug Fixes [App]...
github.com
Scroll down and under "Assets" select that Magisk 23.apk file, download and install it. Open Magisk if it doesn't open on install, and just let it sit, we're coming back to it shortly.
PATCHING THE BOOT.IMG FILE
On the PC, go back to the Factory Image you downloaded, and extract it to a temporary directory. You will see 6 files; a few "flash-all" files, a radio image, a bootloader image, and a ZIP file called "image-barbet-XXXXXXXXXXX.zip (the xxx's are whatever the version number is you've downloaded). Double click that ZIP file and you will see a dozen files. The one we need to root the device is "boot.img".
Copy (don't move!!) this file to c:\platform-tools. Now, go back to your command prompt (still pointing to c:\platform-tools) and type in:
adb push boot.img /sdcard/Download
Now back on the phone, within the Magisk app we left open, at the top where it says Magisk, choose to install. A dialog box will open, select Patch Boot File Image. Point the process to your /sdcard/Download, and select the boot.img file we just pushed there. Now allow it to patch the boot.img and Magisk will show you it's patching it, and in a moment tell you it was successful. Close the Magisk app, open "Files" and direct it to sdcard/Download. Note the name of the patched boot file, which is called "magisk_patched-XXXXX_xxxxx.img (the X's are the Magisk version, and the x's are 5 random chars). Feel free to leave it there as you go back to the PC...
Back on the PC, in the command prompt, now type:
adb pull /sdcard/Download/magisk_patched-XXXXX_xxxxx.img
make certain you get the name exact or it won't go, no worries, just get it correct. The file now resides in the "c:\platform-tools" directory along with the unpatched "boot.img" and your ADB+Fastboot tools.
Just about done rooting, here we go!
Now, in the command prompt type:
adb reboot bootloader
The phone reboots into bootloader. Now type:
fastboot flash boot magisk_patched-XXXXX_xxxxx.img (again, use the numbers and letters in YOUR patched file!)
Lastly, type:
fastboot reboot
Your phone reboots, and you should be rooted!! Unplug your phone from the PC, open up Magisk App and confirm, the Magisk entry at the top of the main Magisk App screen should now show you the version you installed, etc!
Time to get your banking apps (and any others that may detect unlocked bootloaders/root/etc) working!
In the Magisk App, on the bottom of the screen is a 4 item menu bar. Select the right-most icon, which is "Modules". At the top of the screen select "sorting order" and sort alphabetically. Scroll down to "riru" and select the module that is JUST "RIRU", (not any of the other "riru _______" modules). Choose to download it, then choose to install it. You'll be prompted to reboot the phone, so reboot the phone.
Next, we're going to install drag0n's Universal SafetyNet fix (at the time of this writing it's currently v 2.1.1) You will need to download this via a browser on your phone, so open a web browser and go to:
GitHub - kdrag0n/safetynet-fix: Google SafetyNet attestation workarounds for Magisk
Google SafetyNet attestation workarounds for Magisk - GitHub - kdrag0n/safetynet-fix: Google SafetyNet attestation workarounds for Magisk
github.com
On the right-hand side, you'll find "Releases", and v2.1.1 is the latest. Select that, then scroll down to "Assets" and download "safetynet-fix-v2.1.1.zip" By default this will download to sdcard/Download.
Go back into the Magisk App, select the "Modules" menu as above, and at the very top select the "Install from Storage" bar. Point to the file we just downloaded and install it (don't extract it, etc, it requires the zip exactly as downloaded and will do it's thing). Again, it will install the module and prompt you to reboot. Reboot.
Almost there!
At this point, if you havent installed your banking apps, do so. DON'T RUN THEM, just install them. I also have a Nintendo Switch Online app which failed because of root, so if you also have or want this app, install it now, again, do NOT run it yet, just install. Same with any other apps you are aware which have root/bootloader unlocked issues, get them installed, but don't run 'em.
Now, we're going to use MagiskHide to hide these apps and complete the process for passing SafetyNet and running apps which may not run due to root.
in the Magisk App, at that 4 item menu bar at the bottom, select the 2nd from left, or "MagiskHide". Select the MagiskHide item and it will open to a scan of all the apps on your system. By default I believe Magisk sets up to hide Google Play Services. You will see it selected, and all the other apps on your system unselected. Select each of the banking apps, the Nintendo Switch Online (if you have it), and any other apps that YOU ARE SURE will complain about unlocked bootloaders and/or root. Any onilne gaming that's popular are good choices, but again, it's easiest to NOT RUN them PRIOR to hiding them via MagiskHide. Pokemon GO comes to mind as one I've seen that needs hiding, etc, so make it easy on yourself and do a little research on any suspect apps prior to running them, then hide them if needed.
Anyhow, select your banking apps to hide them.
Now, we're going to check SafetyNet to make sure youll now pass.
On the Home menu in the Magisk App, select "Check SafetyNet". You will be prompted to download some proprietary SafetyNet shhhhhhhtuff....so let it download. Once done, SafetyNet check will open, and you should show a blue screen which says SUCCESS, and "basicintegrity" and "ctsProfile" will be checkmarked, evalType will show BASIC.
You're good to go, rooted, SafetyNet works perfect, and you can now open your banking apps and should open right up!!
If you find any specific issues about specific apps not working, or detecting root, etc, the best place to get help is in the Magisk General Discussion forum:
Magisk General Support / Discussion
This is the place for general support and discussion regarding "Public Releases", which includes both stable and beta releases. All information, including troubleshoot guides and notes, are in the Announcement Thread
forum.xda-developers.com
I owe those folks eternally for showing me what I know, and always having the answers for any issues I've ever had. Some of the nicest, smartest people Ive had the pleasure of knowing, they're always helpful, and even maintain fantastic sites for FAQ and chock full of great info about every aspect of Magisk.
BONUS ITEM: As I indicated above, I'd share the method I know, trust, and have used many many times, trouble free, to apply a system update to the phone without overwriting anything, and not hitting any issues many encounter using the OTA method (though I understand that's been vastly improved, I haven't educated myself as to that process and will likely continue to use this method).
Security Update (monthlies) Process using Full System Image
As above, download the newest Full Factory Image from the site. Extract this full image to a directory inside C:\platform-tools
In this directory, if you're on Windows, open the "flash-all.bat" file (don't run it, open it with Notepad or something similar, I really like Notepad++ as it's free, has a LOT of great functionality and, like the native Notepad, doesn't do any goofy formatting/fonting/etc when modifying and saving a file.)
In flash-all.bat, look for the "-w" entry in the fastboot command near the end of the file and REMOVE ONLY THE "-w", leaving the line correctly formatted (don't leave an extra space or something goofy), then save the file over the top of the original with the same name. This will remove the overwriting of your data when pushing the image, the "-w" tells the process to overwrite, so we remove it.
Open up a Windows Explorer and go to your c:\platform-tools directory. Delete (or move to another location) any "boot.img" files along with any "magisk_patched-XXXXX_xxxxx.img" files from previous operations. Also note and confirm that you have correctly extracted the latest Full System Image to it's own directory, residing in c:\platform-tools.
Now, connect your phone to the PC. Open your command prompt and point to "C:\platform-tools" again. Type: cd <name of Full system Image directory>
In command prompt, type:
adb reboot bootloader
The phone is now in bootloader. In command prompt, confirm you're pointing to "C:\platform-tools\<Full System Image extract dir>" Type:
flash-all
This will do a full factory image push to your phone, you'll see a couple quick writes and phone reboots, then begins writing the rest of the image to your phone, but since we removed the "-w" from "flash-all.bat", it's NOT overwriting your data, just the necessary system files to update it to the latest version!
Reboot your phone, let it do any optimizing and updating it needs to do, and don't run anything yet, we're not quite done, just let the phone settle in and finish booting and doing it's thing.
Now, go back and perform the steps above listed under "PATCHING THE BOOT.IMG FILE" to patch the newest boot.img from the Full System Image we just updated the phone with (push the boot.img to sdcard/Download, patch with Magisk App, pull magisk_patched-XXXXX_xxxxx.img to your PC, blast it back using fastboot), and you've now rerooted the phone.
Lemme just say again that I know this was a friggin' book, and I tried to make it as clear and plain language as I could to help even a first timer, so my apologies if it seems like an onerous process. It's really not, and once you've done this once or twice, it's a cakewalk and takes about 10 minutes of your time from start to finish to do the whole system update and reroot. Again, the newer methods to take OTA without losing root may be something you'd like to look into, i definitely will, but I'm very confident in sharing this method as I know it works like a champ and is foolproof if you take your time the first few times and make sure you do what's required (remove the "-w" from the flash-all.bat, etc)
Lastly, I've been using this method since the Pixel 2, and just performed it on my new 5a, it worked exactly as it has for years for me on the P2, so you can be confident moving forward that, if you follow instructions and take your time until it's all familiar, you'll be successful in rooting, passing SafetyNet, and applying system updates without screwing up the A/B slots or overwriting your data in the process.
I hope this helps even one person, and since I rarely find myself able to give back to the community in any real meaningful way (many of these folks are WAAAY beyond my modest skills and know so much!!), I hope that this provides some folks with a useful and meaningful tutorial, providing confidence that anyone can root their P5a (or about any Pixel it seems) without being a Magisk/Android prodigy.
@Didgeridoohan, @pndwal, @zgfg, @jcmm11, and so many others over the years have been so helpful, I couldn't have done any of this without their selfless help, so give those folks a big thanks also if this is any help to you.
Best of luck,
hfam
Thanks for the write-up @hfam, it's good to know that some of the steps that i tried aren't really necessary, like using props config or hiding the actual magisk app.
Appreciate you!
nsoult said:
Thanks for the write-up @hfam, it's good to know that some of the steps that i tried aren't really necessary, like using props config or hiding the actual magisk app.
Appreciate you!
Click to expand...
Click to collapse
Awww, thanks! Glad to do it and really hope it helps some folks tackle rooting their phones and passing SN!
Rooted with magisk v.23 - flashed zip as a module
So has anyone installed the October update yet?
GrandAdmiral said:
So has anyone installed the October update yet?
Click to expand...
Click to collapse
Yep, good to go. I used the same method I shared above.
Is this working with Android 12? Which Magisk version to use?
This method did not work for Android 12. I updated my rooted phone to android 12 OTA. It returned to stock. I followed the method above to patch the factory boot.img file with magisk. After flashing my phone in bootloader with the patched boot.img, my phone will not reboot. says:
failed to load/verify boot images
Any advice? My Magisk is v23. Do I need to use a beta version?
Poking around in this thread, it seems that android 12 root is a much more involved process, requiring factory wipe and additional steps.
[Guide] Flash Magisk on Android 12
Trying to root the Pixel 5 running Android 12 by flashing a magisk-patched boot image results in the phone only booting to fastboot mode ("failed to load/verify boot images") Some users have reported that booting (instead of flashing) the patched...
forum.xda-developers.com
tintn00+xda said:
This method did not work for Android 12. I updated my rooted phone to android 12 OTA. It returned to stock. I followed the method above to patch the factory boot.img file with magisk. After flashing my phone in bootloader with the patched boot.img, my phone will not reboot. says:
failed to load/verify boot images
Any advice? My Magisk is v23. Do I need to use a beta version?
Click to expand...
Click to collapse
As you stated, you are correct. You need to perform a full wipe or flash the factory image with a wipe and then root works fine and phone boots. Tried myself and works fine.