Related
can someone please upload the stock "install-recovery.sh"?
It's located in /system/etc.
I forgot to backup it, while rooting the device.
I need it for the OTA updates.
thanks
@vel_tins
Do not flash the ota if you are rooted, you might get bootloop. Full unroot your device before attempting to update. Anyhow, the ota will most likely fail since you already modified your system partition. Your best option is to unroot your device and capture the ota link, modify the ota updater-script and remove the lines that are showing "unexpected contents" errors. The original "install-recovery.sh" is still there, supersu renamed it to something like "/system/etc/install-recovery_original.sh". Keep in mind, you might loose your custom recovery if you renamed it back to "install-recovery.sh".
Well, OTA was a pain in the a**.
Because I had no stock "install-recovery.sh", I've edited the updater-script and removed all the matching entries.
Executed a full un-root.
Tried to flash the modified update.zip via TWRP, but failed because TWRP couldn't mount partitions with this name scheme:
Code:
"/dev/block/platform/[B]7824900.sdhci/by-name/system[/B]", "/system",
(will investigate later, any ideas?)
Because too lazy to modify the updater-script again,
I've booted into fastboot and loaded my "modded" stock recovery, which accepts also self-signed .zips.
Flashing worked well, but on reboot, I got a nice bootloop because of the formerly installed Xposed framework.
Had to restore from a Nandroid Backup and after reboot, I removed Xposed completely.
Eventually, I was able to flash the OTA and got back a working device...
Gosh...
^^
??
vel_tins said:
Well, OTA was a pain in the a**.
Because I had no stock "install-recovery.sh", I've edited the updater-script and removed all the matching entries.
Executed a full un-root.
Tried to flash the modified update.zip via TWRP, but failed because TWRP couldn't mount partitions with this name scheme:
Code:
"/dev/block/platform/[B]7824900.sdhci/by-name/system[/B]", "/system",
(will investigate later, any ideas?)
Because too lazy to modify the updater-script again,
I've booted into fastboot and loaded my "modded" stock recovery, which accepts also self-signed .zips.
Flashing worked well, but on reboot, I got a nice bootloop because of the formerly installed Xposed framework.
Had to restore from a Nandroid Backup and after reboot, I removed Xposed completely.
Eventually, I was able to flash the OTA and got back a working device...
Gosh...
Click to expand...
Click to collapse
If you still have the original OTA zip, can you please post it for future reference?
As for TWRP mounting /dev/block/platform/7824900.sdhci/by-name/system, what error message did you get? Try running "ls -l /dev/block/platform/7824900.sdhci/by-name/" in both normal Android and TWRP, then compare the results.
pawitp said:
If you still have the original OTA zip, can you please post it for future reference?
Click to expand...
Click to collapse
No problem
pawitp said:
As for TWRP mounting /dev/block/platform/7824900.sdhci/by-name/system, what error message did you get? Try running "ls -l /dev/block/platform/7824900.sdhci/by-name/" in both normal Android and TWRP, then compare the results.
Click to expand...
Click to collapse
Stock and Cyanogen recovery are working with this partition naming scheme.
But in TWRP, I get the following error message:
Code:
ls: /dev/block/platform/7824900.sdhci/by-name: No such file or directory
For TWRP I have to use the following syntax in recovery.fstab:
Code:
/cache ext4 /dev/block/mmcblk0p29
/system ext4 /dev/block/mmcblk0p25
/data ext4 /dev/block/mmcblk0p31 length=-16384
.........etc.
vel_tins said:
No problem
Stock and Cyanogen recovery are working with this partition naming scheme.
But in TWRP, I get the following error message:
Code:
ls: /dev/block/platform/7824900.sdhci/by-name: No such file or directory
For TWRP I have to use the following syntax in recovery.fstab:
Code:
/cache ext4 /dev/block/mmcblk0p29
/system ext4 /dev/block/mmcblk0p25
/data ext4 /dev/block/mmcblk0p31 length=-16384
.........etc.
Click to expand...
Click to collapse
On TWRP, try running "find /dev/block/platform" and see if anything is created there.
The directory should have been populated by init. See https://android.googlesource.com/pl...0ab94b7d5a888f0b6920b156e5c6a075fa0741a^!/#F0.
That code should also be in TWRP, but something might have prevented it from working properly on this device. You might find some clues in dmesg or TWRP's logs.
Well, eventually I've got it.
In TWRP, the naming is a little bit different from stock or Cyanogen recovery.
I had to change:
Code:
/dev/block/platform/[COLOR="Red"]7824900.sdhci[/COLOR]/by-name/cache <--- STOCK
to
/dev/block/platform/[COLOR="Blue"]soc.0[/COLOR]/by-name/cache <--- TWRP
However, the "/dev/block/mmcblk0p" naming worked also in TWRP, so this was only a minor issue.
vel_tins said:
Well, eventually I've got it.
In TWRP, the naming is a little bit different from stock or Cyanogen recovery.
I had to change:
Code:
/dev/block/platform/[COLOR="Red"]7824900.sdhci[/COLOR]/by-name/cache <--- STOCK
to
/dev/block/platform/[COLOR="Blue"]soc.0[/COLOR]/by-name/cache <--- TWRP
However, the "/dev/block/mmcblk0p" naming worked also in TWRP, so this was only a minor issue.
Click to expand...
Click to collapse
IMO, you should fix TWRP so that it has the same naming convention. Otherwise OTA packages using the "stock" naming convention can't be flashed on TWRP.
Personally, I prefer the "by-name" mapping rather than the "/dev/block/mmcblk0p" because it is harder to make mistakes if you use a name. With numbers, if a wrong number is typed, then you might end up flashing the wrong partition and bricking the device.
EDIT: It might have something to do with the "system/core" repository you've used to build your recovery. Which Android tree did you use to build Cyanogen Recovery and which one did you use to build TWRP?
vel_tins said:
Well, OTA was a pain in the a**.
Because I had no stock "install-recovery.sh", I've edited the updater-script and removed all the matching entries.
Executed a full un-root.
Tried to flash the modified update.zip via TWRP, but failed because TWRP couldn't mount partitions with this name scheme:
Code:
"/dev/block/platform/[B]7824900.sdhci/by-name/system[/B]", "/system",
(will investigate later, any ideas?)
Because too lazy to modify the updater-script again,
I've booted into fastboot and loaded my "modded" stock recovery, which accepts also self-signed .zips.
Flashing worked well, but on reboot, I got a nice bootloop because of the formerly installed Xposed framework.
Had to restore from a Nandroid Backup and after reboot, I removed Xposed completely.
Eventually, I was able to flash the OTA and got back a working device...
Gosh...
Click to expand...
Click to collapse
Hi sir ,
Please share to us , how you do this , because I have status 7. Install-recovery.sh problem
I have stock recovery , and I'm only make a root for my device by kingroot .
Please share update.zip file and tel me how to make ota update
pawitp said:
IMO, you should fix TWRP so that it has the same naming convention. Otherwise OTA packages using the "stock" naming convention can't be flashed on TWRP.
Click to expand...
Click to collapse
Exactly this is the point...
pawitp said:
EDIT: It might have something to do with the "system/core" repository you've used to build your recovery. Which Android tree did you use to build Cyanogen Recovery and which one did you use to build TWRP?
Click to expand...
Click to collapse
I have to correct myself, Cyanogen has exactly the same problem.
I've used the latest CM 12.1 and Omnirom source trees to build TWRP, but with the same result.
TWRP/Cyanogen only detects "soc.0" instead of "7824900.sdhci" and that will break compatibility with OTA packages (Until you patch "updater-script").
So how you made this ota update after all ?
theeteempire said:
So how you made this ota update after all ?
Click to expand...
Click to collapse
OTA doesn't work with rooted devices.
Do a full un-root and try again.
vel_tins said:
OTA doesn't work with rooted devices.
Do a full un-root and try again.
Click to expand...
Click to collapse
I did it , full unroot , I couldn't update even that with full-unroot , I used kingroot for root ,
Also error status 7 , install-recovery. Sh shown on the update after full-unroot my device !!!
can you help me please !!!!!
theeteempire said:
....I used kingroot for root ,
Also error status 7 , install-recovery. Sh shown on the update after full-unroot my device...
Click to expand...
Click to collapse
I would strongly suggest, to open an new thread, because I guess a lot more people will or had run into these issues.
I don't know what Kingsoft (never used it) has modified/replaced, so in your case I would search for a stock "install-recovery.sh" and replace the modified.
Everything else would be too complicated. (You have read my post on the first page).
vel_tins said:
I would strongly suggest, to open an new thread, because I guess a lot more people will or had run into these issues.
I don't know what Kingsoft (never used it) has modified/replaced, so in your case I would search for a stock "install-recovery.sh" and replace the modified.
Everything else would be too complicated. (You have read my post on the first page).
Click to expand...
Click to collapse
So I need the stock install-recovery. Sh ,.
Are you have it ?
vel_tins said:
Exactly this is the point...
I have to correct myself, Cyanogen has exactly the same problem.
I've used the latest CM 12.1 and Omnirom source trees to build TWRP, but with the same result.
TWRP/Cyanogen only detects "soc.0" instead of "7824900.sdhci" and that will break compatibility with OTA packages (Until you patch "updater-script").
Click to expand...
Click to collapse
This is just a guess. Try adding "TARGET_PLATFORM_DEVICE_BASE := /devices/soc.0/" to BoardConfig.mk.
If you know C, you might want to try mucking around in system/core/init/devices.c and see why it's behaving that way.
pawitp said:
This is just a guess. Try adding "TARGET_PLATFORM_DEVICE_BASE := /devices/soc.0/" to BoardConfig.mk.
.....
Click to expand...
Click to collapse
Seems to work, thanks!
PS: A google search for "TARGET_PLATFORM_DEVICE_BASE" threw only six results, so it doesn't seem to be a very popular flag.
vel_tins said:
Seems to work, thanks!
PS: A google search for "TARGET_PLATFORM_DEVICE_BASE" threw only six results, so it doesn't seem to be a very popular flag.
Click to expand...
Click to collapse
From my experience, you can't rely too much on Google for ROM development. I've found the flag by reading the source file I've previously mentioned.
Sent from my Nexus 4 using XDA Free mobile app
This patcher is now outdated. Use the new SuperSU instead. http://forum.xda-developers.com/showpost.php?p=64161125&postcount=3
This zip is a systemless version. That means that you'll get root and be able to use it normally, but your system partition will not be modified, like in normal root methods. Only for Marshmallow.
Keep reading for disadvantages and advantages
Chainfire had released a newer version of his SuperSU that doesn't need to modify the system partition to provide root access. This method doesn't have much of a practical application right now, but it allows you to flash OTA updates without having to unroot or flash the stock system partition.
HOW TO USE:
If you have rooted before, flash the system partition (or reinstall the ROM) before flashing this zip.
Download the attached zip, and flash it from a recovery (I tested it with TWRP).
Download SuperSU 2.56 from here: http://forum.xda-developers.com/showpost.php?p=63197935&postcount=2 (Just download the apk)
Reboot to TWRP. If it asks you whether you want system to be mounted as r/w, and if you want to take OTAs later, choose to keep system read-only (this will replace TWRP with stock recovery on reboot).
Flash SuperSU-v2.56-20151030013730.zip
Reboot
TWRP will say that you are not rooted, just ignore that. Do not tell it to root it.
This will work with all Marshmallow kernels, even the stock kernel.
Drawback : A factory data reset will remove superuser privileges. If that happens, simply flash SuperSU-v2.56-20151030013730.zip again.
TO RECEIVE OTA UPDATES :
Just make sure not to do anything that modifies /system. For example, no build.prop changes, and no system app removal. Or even if you do these, make sure to undo these changes before flashing an OTA. You can flash OTAs without unrooting now.
Flash the stock boot.img for your current Android version before flashing OTAs.
BUGS :
I didn't find any, yet, but Chainfire wrote the following on his thread:
Apps with hardcoded paths to su (seriously?) will bork
Factory reset unroots
Factory reset wipes pin
...
Bugs... Bugs everywhere!
ADDITIONAL INFO :
This zip will replace sepolicy as mentioned on Chainfire's thread (thanks to @metaspook for the patched sepolicy, which I extracted from his zip), so you'll be able to get root access even on SELinux enforcing kernels (only the stock MM kernels right now). Also, you can flash any other kernel (as long as it comes in a zip format, not as an img) before or after flashing this, and you'll still have root access.
out386 said:
Chainfire had released a newer version of his SuperSU that doesn't need to modify the system partition to provide root access. This method doesn't have much of a practical application right now, but it allows you to flash OTA updates without having to unroot or flash the stock system partition.
HOW TO USE:
Download the attached zip, and flash it from a recovery (I tested it with TWRP).
Download SuperSU 2.56 (or newer, if it supports systemless mode) from here: http://forum.xda-developers.com/showpost.php?p=63197935&postcount=2 (Just download the apk)
Flash SuperSU-v2.56-20151030013730.zip
Reboot
This will work with all Marshmallow kernels, even the stock kernel.
Drawback : A factory data reset will remove superuser privileges. If that happens, simply flash SuperSU-v2.56-20151030013730.zip again.
TO RECEIVE OTA UPDATES :
Just make sure not to do anything that modifies /system. For example, no build.prop changes, and no system app removal. Or even if you do these, make sure to undo these changes before flashing an OTA. You can flash OTAs without unrooting now.
Flash the stock boot.img for your current Android version before flashing OTAs.
BUGS :
I didn't find any, yet, but Chainfire wrote the following on his thread:
Apps with hardcoded paths to su (seriously?) will bork
Factory reset unroots
Factory reset wipes pin
...
Bugs... Bugs everywhere!
ADDITIONAL INFO :
This zip will replace sepolicy as mentioned on Chainfire's thread (thanks to @metaspook for the patched sepolicy, which I extracted from his zip), so you'll be able to get root access even on SELinux enforcing kernels (only the stock MM kernels right now). Also, you can flash any other kernel (as long as it comes in a zip format, not as an img) before or after flashing this, and you'll still have root access.
Click to expand...
Click to collapse
Well done bro!
I'm just waiting for this
Help regarding installation
I am using MicroMax Android One with Marshmallow
Currently, I've not tired the phone.
When I open recovery, I see some options like Apply update from SD card, mount, cache wipe, factory reset, etc.
So which option should I use to flash the zip file.
out386 said:
Chainfire had released a newer version of his SuperSU that doesn't need to modify the system partition to provide root access. This method doesn't have much of a practical application right now, but it allows you to flash OTA updates without having to unroot or flash the stock system partition.
HOW TO USE:
Download the attached zip, and flash it from a recovery (I tested it with TWRP).
Download SuperSU 2.56 (or newer, if it supports systemless mode) from here: http://forum.xda-developers.com/showpost.php?p=63197935&postcount=2 (Just download the apk)
Flash SuperSU-v2.56-20151030013730.zip
Reboot
This will work with all Marshmallow kernels, even the stock kernel.
Drawback : A factory data reset will remove superuser privileges. If that happens, simply flash SuperSU-v2.56-20151030013730.zip again.
TO RECEIVE OTA UPDATES :
Just make sure not to do anything that modifies /system. For example, no build.prop changes, and no system app removal. Or even if you do these, make sure to undo these changes before flashing an OTA. You can flash OTAs without unrooting now.
Flash the stock boot.img for your current Android version before flashing OTAs.
BUGS :
I didn't find any, yet, but Chainfire wrote the following on his thread:
Apps with hardcoded paths to su (seriously?) will bork
Factory reset unroots
Factory reset wipes pin
...
Bugs... Bugs everywhere!
ADDITIONAL INFO :
This zip will replace sepolicy as mentioned on Chainfire's thread (thanks to @metaspook for the patched sepolicy, which I extracted from his zip), so you'll be able to get root access even on SELinux enforcing kernels (only the stock MM kernels right now). Also, you can flash any other kernel (as long as it comes in a zip format, not as an img) before or after flashing this, and you'll still have root access.
Click to expand...
Click to collapse
Good work n thanks for mention bt can't understand why u created a patcher again where I'v already created one!
Its ok, good job.
Good.... Thanks for posting
metaspook said:
Good work n thanks for mention bt can't understand why u created a patcher again where I'v already created one!
Its ok, good job.
Click to expand...
Click to collapse
Yes, well, I would never have reposted the same thing, so, I'm sorry if it seemed like that.
This one uses Chainfire's new systemless root method. Unlike other root methods that need modifications to /system, this method uses modifications to the boot image to set up and run the su daemon from a loop device on the /data partition and achieve root. Right now, that doesn't have much of an advantage except to make flashing OTAs easier. Chainfire made it because future devices might need it. I made the patch because someone on FB asked about it.
<accidental double post, sorry. Can't delete>
kalpitandroid said:
I am using MicroMax Android One with Marshmallow
Currently, I've not tired the phone.
When I open recovery, I see some options like Apply update from SD card, mount, cache wipe, factory reset, etc.
So which option should I use to flash the zip file.
Click to expand...
Click to collapse
You need to install a custom recovery first. Go to the Android One (First generation) General forums on this site. You'll find a how-to at the very top of the list of threads. Once you have a custom recovery, flash this using the "install zip" option.
out386 said:
Yes, well, I would never have reposted the same thing, so, I'm sorry if it seemed like that.
This one uses Chainfire's new systemless root method. Unlike other root methods that need modifications to /system, this method uses modifications to the boot image to set up and run the su daemon from a loop device on the /data partition and achieve root. Right now, that doesn't have much of an advantage except to make flashing OTAs easier. Chainfire made it because future devices might need it. I made the patch because someone on FB asked about it.
Click to expand...
Click to collapse
Hmm... gotcha now.. Good work!
If u ever need any help just pm.
Thank you...
out386 said:
<accidental double post, sorry. Can't delete>
Click to expand...
Click to collapse
Changelog:
V5.23 Fix for Android 6 (Freeze on boot logo)
Installation of kcal kernel module for supported kernels. Get the app from https://forum.xda-developers.com/android/software-hacking/dev-kcal-advanced-color-control-t3032080
V5.22 Bug in the vendor overlay creation. Existing directories (like /vendor/bin) have not been replicated correctly
V5.21 Fix issue when running on Linux (some CR/LF)
Patch libsepol in bootimg for backwards compatibility with Android 6
V5.20 Support for superuser as an alternative to SuperSU (https://github.com/phhusson/Superuser)
Fix for the missing internal storage link in TWRP
V5.11 Support for Android 7.0
Fix in the overlay layout which could prevent some libraries from loading and cause battery drain
V5.1 Support for Android 7.0
Updated bootimg to deal with Android 7.0 policies
New tool inside bootimg for adding new contexts to binary file contexts
New system overlay layout due to a more restrictive linker in Android 7
V5.0 New system overlay method using the /vendor directory. As this directory is also in the library search path even libraries can be easily replaced without modifying the system partition
System-less SuperSU integration improved (Version 2.76 or higher recommended)
System-less xposed integration (using the standard distribution)
Support for 32.A.0.253
V4.51 Fix for awk script for Linux kernel version detection when running on Linux
V4.5 Fixed adb and mtp file access in TWRP for 32.2.A.0.224
V4.42 Added support for Z2 (Sirius) and TWRP fstab fix for leo and aries (thanks to waleedsq81)
V4.41 Fixed issue with Y/N choice on non-english Windows. Added support for Z3 (leo)
V4.4 Support for Z3+/Z4, Tablet Z2, Tablet Z3 and Tablet Z4 added (Z4 still has an issue with TWRP, but DRM fix works)
SuperSU integration reworked in order to need less SELinux exceptions and to be more secure
All tasks can now be individually selected. Therefore there is no separate DRM only script required
V4.31 Renabled Z5P (satsuki) and Z5C (suzuran) for TWRP and drmfix
V4.3 Support for older Lollipop added
Script execution for Linux fixed
V4.24 Fix for for a bug in SuperSU integration in V4.23
V4.23 Fix for repacking 3rd party kernel (Some permissions were on custom directories were lost)
V4.22 Bugfix for readta (flash_dk reported unit not)
V4.21 Fix for the Linux binary of bootimg
V4.2 Updated TWRP to 3.0.2
V4.1
Fix for WideWine (if you have your device key) Thanks a lot to goofnorf101 for testing
unpackinitfs and makeinitfs in my bootimg tool now maintain date/time of files correctly
Automatic SuperSU installation
V4.0
Fix for older kernels (Lollipop)
Binary for Linux (The older version had the ARM version packaged)
Device is not stored in the kernel image anymore
TWRP updated to version 3.0.1
FAQ - Please read
Is is possible to have root with locked bootloader?
Short answer: no
Long answer: The locked bootloader only boots unmodified kernel packages signed by Sony. The stock kernel only mounts unmodified /system partitions (dm-veritiy) -> No modification without unlocking
So any change to the kernel (like this script) or system partition requires unlocked bootloader
What is dm-verity?
A hash checksum on all blocks of a filesystem in order to verify the integrity
What is Sony RIC?
A protection to avoid mounting the root filesystem or system read/write
What happens if I unlock my bootloader
The device key (TA unit 0x1046b) will be wiped, which deactives everything DRM related. In addition a full wipe of your phone will be perfomed.
So extract your TA partition before with this great tool http://forum.xda-developers.com/crossdevice-dev/sony/iovyroot-temp-root-tool-t3349597 from zxz0O0
If you already unlocked the bootloader before, then at least the credentials will be restored, which will reactivate stuff like x-reality and camera de-noise
Why do I need to flash my device key?
Without your device only some functions can be reactivated, like x-reality. Other functions like widevine do not work with out your device key.
How do I enter TWRP recovery?
Restart your phone and press the volume key up as soon as the LED switches to yellow
I want to use a custom kernel with the DRM fix
Just say "N" to all other options. Nevertheless be prepared for problems if the custom kernel does not match your Android version.
What should I do if there is an update to this script?
First check if you really need to run this update by checking the changelog. E.g. if it says binary for Linux fixed and you are using Windows then probably you don't care. If you did not change your Android version then all you have to do is to update the kernel package with fastboot flash boot. If you do not use the automatic SuperSU integration then you have to reinstall SuperSU in TWRP.
This tool repacks an existing kernel package (usually the stock kernel) in order to make it rootable and adds TWRP recovery as well. Version 4 has been succesfully tested with LP and MM.
In particular it adresses the following issues:
DM-Verity: Android is now using dm-verity to verfy the integrity of the system partition. Until you switch it off your phone won't boot after modifying /system
SONY RIC: RIC is blocking the write access to the system partition
DRM Keys: After unlocking the bootloader your device key is wiped, which deactivates some functionaliy. E.g. x-reality, denoise in camera aso.
Recompiling the kernel is not required as only the init ramdisk needs to be modified. You can run these scripts either in Windows or Linux.
Thanks to the excellent work of zxz0O0 you can now backup the TA partition before unlocking the bootloader with this tool http://forum.xda-developers.com/crossdevice-dev/sony/iovyroot-temp-root-tool-t3349597
If you managed to backup your TA partition before you unlocked the bootloader then this version will fully reactivate your keys as well. (many thanks to addicted1900 for helping me with the testing)
As there has been some confusion I would like to point out one more time that you cannot run any kernel package which is not signed by Sony without unlocking the bootloader. So this works only with unlocked bootloader.
As it seems that it is not clear to everyone I also want to mention that <...> is a placeholder. E.g. <extracted kernel> means that you should replace it with then name of your extracted kernel, which could be kernel.elf
There was a report that having SuperSU in the system partition installed may lead to a bootloop. Therfore you shoud first install the bootimage created by this script and then install SuperSU afterwards, as it will then use the system-less strategy.
In order to use these scripts you need the kernel boot image of your current version. There two different ways to obtain it:
Method1:
If you have a .ftf image then open it with zip application (7Zip, WinZip, Windows Compressed Folder) and extract kernel.sin. Afterwards use Flashtool -> Tools -> SIN Editor to extract the kernel. You should end up with the boot image with extension .elf.
Method2:
Run your favourite recovery and connect via
Code:
adb -d shell
Now run
Code:
find /dev -name boot
dd if=<output of the find command before> of=/sdcard/kernel.img
Once you have the kernel image you are ready to use the script.
The newest version support superuser as an alternative to SuperSU. This is available open source and can be verified. In order to integrated you need the current superuser.zip from http://superuser.phh.me/superuser.zip and to be install the app afterwards from Google Play (look for superuser phh) or build it yourself from github.
To integrate the kernel part just place superuser.zip in the rootkernel directory.
You can also still use SuperSU, although it is causing a huge battery draining on my Z5 with Android 7.0 If you place SuperSU in the same directory (SuperSU*.zip, case sensitive) then it will be also installed automatically . It did all the tests with 2.76, but newer versions should work as well. Please be aware that you can not update SuperSU within the application. For a newer SuperSU version you need to rerun the script.
If you want to integrate xposed as well just place the distribution for you device and Android version in the same directory. (e.g. xposed-v86-sdk23-arm64.zip). Only support with Android 6.0 (sdk 23) and higher.
xPosed for Android 7.0+ is still not available.
Code:
rootkernel <extracted kernel> boot.img
You are prompted for several choices:
Sony RIC is enabled. Disable?
I prefer not to disable it in order to keep my phone more secure. Unfortunately there are a lot of bad guys in this world and SELinux and RIC still can save us if someone discovers a new kernel exploit.
Sony RIC basically prevents mounting the /system partition for write. You can still modify it in recovery of of course, but if you require write access to /system without entering recovery then you need to disable it.
Install TWRP recovery? Here you should say yes unless you are trying to patch a non-stock kernel, which comes already with a recovery
Install busybox? For security reasons I prefer not to install. In recovery you have it anyway. This choice is only available if you chose install TWRP
Found SuperSU-v....zip. Install? Integrates SuperSU. For this option to show up you have to place the SuperSU package into the same directory with the name SuperSU*.zip (case sensitive)
Found superuser.zip. Install? Integrates superuser. For this option to show up you have to place superuser.zip into the same directory (case sensitive)
# Make su permissive (Permits any action as su)? This only appears if you install superuser. Permissive means you can anything as root, without it is restricted mainly to file operations (sufficient for e.g. Titanium Backup)
Found xposed-v....zip. Install? Integrates xposed system-less. For this option to show up you have to place the xposed for your device and Android version into the same directory. (e.g. xposed-v86-sdk23-arm64.zip)
Install DRM fix? Installs the DRM fix. First it tries to use the device key which you flashed with flash_dk. If it does not exist it uses an alternative method which cannot fix everything (e.g. Widevine will not work, but X-reality, Camera denoise etc. will work)
Now put your phone into fastboot mode (Volume Up + connect USB) and then run:
To test it without actually flashing it:
Code:
fastboot boot boot.img
For flashing it:
Code:
fastboot flash boot boot.img
If you managed to backup for TA partition before then you can reactivate your original device key as follows:
Code:
flash_dk <ta backup image> DK.ftf
Flashing this file with flashtool will write your device key to an alternative unit, from where the drmfix library will pick it up.
This is a one-time task. It will survive a complete reset of the phone or Android system upgrade. The device key has a length of just 16 bytes, so it is correct that the resulting DK.ftf has a size of only aprox. 500 bytes.
If you like my work you can buy me a coffee
Some background information:
There are two main tools involved (for both Android and Windows)
- busybox
Probably everyone knows it
- bootimg
A multicall binary with several tools for unpacking and packing the boot image as well as adapting the SELinux policy. Part of the code is written by me from scratch, some other parts are cherry picked from other projects. I will also provide the source for it. As Windows doesn't have softlinks I modified the tools for unpacking and packing the init ramdisk to write text files with __lnk__ at the end instead.
Would be great if someone shared E6653 stock .200 kernel boot.img or flashable zip so we can try this out
Funkmasterchilla said:
Would be great if someone shared E6653 stock .200 kernel boot.img or flashable zip so we can try this out
Click to expand...
Click to collapse
Do you want the kernel.sin of stock . 200?
lordriguez said:
Do you want the kernel.sin of stock . 200?
Click to expand...
Click to collapse
I am downloading the whole firmware again from xperifirm. Thank you mate !
Edit: Working great! I'll stick to stock kernel now since Androplus' consumes more battery while asleep !
Edit2: I successfully flashed recoveries in command window from my PC but can't access TWRP at boot though, no LED flashing.
Edit3: Ok that's cuz there's no recovery boot script obviously, my bad. That's above my pay grade, if somebody is kind enough to create a stock. 200 with recoveries it'd be much appreciated PM me if so
Edit!: I flashed monx new stock based kernel
Thank you Tobias !
tobias.waldvogel said:
Hi everyone,
as most of you know, even after unlocking the bootloader there are a few more requirements before you can modify the system partition, i.e. install SuperSU, xposed etc.
- Android is now using dm-verity to verfy the integrity of the system partition. Until you switch it off your phone won't boot after modifying /system
- SONY RIC is blocking the write access to the system partition
The good news is, that it is not required to recompile the kernel. It is sufficent to modify the init scripts inside the init ram disk. So you can just stick to the stock kernel.
I created a package which precisely does this job for you. Just run it from TRWP after installing a new Android version
With this you don't have to wait anymore until someone creates the right kernel package for your phone
PS: It leaves a copy of the new boot image in the internal sdcard if you want to save it somewhere. (boot.img) It can be flashed with fastboot if required.
Click to expand...
Click to collapse
Hmm... I don't understand what this zip file do with phone.... Can you explain more primitive for me?!
Is that for recover stock kernel with stock drm keys?! I understand correct?!
zavpasha said:
Hmm... I don't understand what this zip file do with phone.... Can you explain more primitive for me?!
Is that for recover stock kernel with stock drm keys?! I understand correct?!
Click to expand...
Click to collapse
Before you can start to install thing like SuperSU and xposed you have to change the kernel, otherwise your phone won't boot anymore. In the past you had to wait for someone to come up with a compatible kernel for your phone, now this package just converts your existing kernel.
Regarding the DRM please install the package from the DRM restore thread.
Funkmasterchilla said:
I am downloading the whole firmware again from xperifirm. Thank you mate !
Edit: Working great! I'll stick to stock kernel now since Androplus' consumes more battery while asleep !
Edit2: I successfully flashed recoveries in command window from my PC but can't access TWRP at boot though, no LED flashing.
Edit3: Ok that's cuz there's no recovery boot script obviously, my bad. That's above my pay grade, if somebody is kind enough to create a stock. 200 with recoveries it'd be much appreciated PM me if so
Edit!: I flashed monx new stock based kernel
Thank you Tobias !
Click to expand...
Click to collapse
Thanks for the feedback. Future versions of this package will add TRWP as well. I am currently working on it.
tobias.waldvogel said:
Thanks for the feedback. Future versions of this package will add TRWP as well. I am currently working on it.
Click to expand...
Click to collapse
As promised the new package with TWRP is out
tobias.waldvogel said:
As promised the new package with TWRP is out
Click to expand...
Click to collapse
Great work thanks ,
How would I go about disabling the vibration for recovery?
Sent from my E6653 using Tapatalk
Well, the script which checks if recovery should be started is bin/init inside the zip. If you don't like the vibrate then just remove the line and run the package again
Gesendet von meinem E6683 mit Tapatalk
huh, so it is possible to have 2 recoveries at the same time? (and why would anyone want 2 recoveries? )
Three Recoveries are als possible
CWM, Phils Touch & TWRP
Sent from my E6653 @ XDA Portal
Sorry for being noob.
I miss my Oneplus one where things were so easy.
After unlocking BL what do i do with this zip.
Is it going to Root my phone and Install TWRP?
Thanks for help.
I flash the v2 and i got bootloop. 4 time red LED and the phone reboot and all over again. What's the problem?
Hi Tobias,
can you please build a v2 for the z5 compact too?
thx
stiffmeister
FakeSmile said:
I flash the v2 and i got bootloop. 4 time red LED and the phone reboot and all over again. What's the problem?
Click to expand...
Click to collapse
On which model did you use it and with which firmware version?
If you used flashtool before then you can just flash the kernel one more time (i.e. deselect everything else).
stiffmeister75 said:
Hi Tobias,
can you please build a v2 for the z5 compact too?
thx
stiffmeister
Click to expand...
Click to collapse
This should work on Z5 compact with stock kernel as well, without any change.
In case of any issues you can flash the kernel again via flashtool
If it did not work you can pass me the generated boot.img from your interal sdcard for further analysis
hi tobias,
i didn't try the v2, because i thought, that the twrp recovery wouldn't be compatible.
but when you say it's ok, than i'll try it
br
stiffmeister
stiffmeister75 said:
hi tobias,
i didn't try the v2, because i thought, that the twrp recovery wouldn't be compatible.
but when you say it's ok, than i'll try it
br
stiffmeister
Click to expand...
Click to collapse
I flashed zombie kernel without making backup of stock kernel, can you share it with me so I can try this method (I doubt it will work on zombie)
ps : I have .200 fw
tobias.waldvogel said:
On which model did you use it and with which firmware version?
If you used flashtool before then you can just flash the kernel one more time (i.e. deselect everything else).
Click to expand...
Click to collapse
E6653 on .200 firmware
I have had my fair share of problems modifying android before but I have never had a phone flat out lie to me and say an operation was successful and actually nothing happened at all.
Have had my nexus 6 for a year or so now. Have had minor issues rooting / modifying marshmallow in the past but I figured out it was all caused by the system partition having basically 0 free space. Made a huge mistake and installed to the latest 7.0 OTA. Wanted to simply enable tethering and edit the thermal config to not shut cores down. Should be as simple as pulling the files, editing them, pushing them back to the phone in twrp with the system partition mounted and thats the end of it right? Wrong.
First of all twrp 3.0.2 refuses to let me touch the system partition without some giant prompt about how its going to make itself stick and offer to root the phone. Simple enough I have seen it in previous versions I say yes as usual except twrp proceedes to immediately spew a bunch of superuser files that do nothing throughout the system partition without asking me if I want root. Dumb but whatever. I mount /system as read write and I go edit and replace my two files like usual (build.prop and thermal config). No matter if I ADB push or use twrps built in file manager it claims the file replacement is successful. Reboot into android and not only have both files not been touched (Verified by adb pull) but the recovery gets overwritten with the factory recovery anyways. (NEVER had issues with twrp sticking on marshmallow. Now after every reboot it gets wiped out)
Second of all if I select yes to twrp mounting system as writable and it does its spewing as I mentioned before then installing SuperSU instantly causes the phone to not boot. Rewrite the boot.img to factory and it boots fine OR Rewrite the clean factory system image and the SuperSU boot works fine. But modifying /system with twrp and then running supersu at the same time is a no go. TWRP is obviously doing something stupid to system that pisses off supersu so undoing twrps mess or uninstalling supersu makes it bootable again.
I dont even want root! Everyone is claiming you need to run "settings put global tether_dun_required 0" as root along with adding the usual "net.tethering.noprovisioning=true" in the build.prop to get native tethering working again! On 6.X only the build.prop edit was needed to get it working.
So long story short. I just want native tethering to work and to tweak my /system/etc/thermal-engine-shamu.conf . Is there anyone here who has done this successfully on nougat? I feel like its all twrps fault but im far too tired and frustrated to try another version tonight.
You must be running an old version of TWRP. Update to the latest, as the latest no longer offers to root your device for you. The version of superuser included was ancient and caused the device to bootloop.
As to TWRP being overwritten Android 7.0 I believe does that on a stock system. If I recall, there is a script that needs to be modified to prevent it.
Strephon Alkhalikoi said:
You must be running an old version of TWRP. Update to the latest, as the latest no longer offers to root your device for you. The version of superuser included was ancient and caused the device to bootloop.
As to TWRP being overwritten Android 7.0 I believe does that on a stock system. If I recall, there is a script that needs to be modified to prevent it.
Click to expand...
Click to collapse
It's stated in the op he's using twrp 3.0.2.
Didgeridoohan said:
It's stated in the op he's using twrp 3.0.2.
Click to expand...
Click to collapse
I misread his post then. I wonder if perhaps he is running TWRP via fastboot instead of installing it.
Flashing recovery using "fastboot flash recovery XXX.img"
The guy who made SuperSU, @ChainfireXDA , retired from SuperSU. 2.82 SR5 was his last beta release. Some Chinese owned company named CCMT bought SuperSU a while back, but @ChainfireXDA retired from the aforementioned on 03OCT2017 (10th anniversary). https://plus.google.com/+Chainfire/posts/6Sp6t9LxtQZ
https://desktop.firmware.mobi
https://www.chainfire.eu
SuperSU at XDA
https://forum.xda-developers.com/apps/supersu
So, since nothing has yet been posted by CCMT for SuperSU (as of 14NOV2017), it seems that @topjohnwu Magisk will become more prominent.
Magisk at XDA
https://forum.xda-developers.com/apps/magisk
The purpose of this thread was what exactly?
choosing rooting app for OEM unlocked Moto Z2 Force
TheKnux said:
The purpose of this thread was what exactly?
Click to expand...
Click to collapse
Since Moto Z2 Force Sprint and T-Mobile variants are OEM unlockable, the long term choice of a systemless root for an OEM unlocked Moto Z2 Force seems to be a relevant topic for discussion and/or news for Moto Z2 Force. I wanted SuperSU to be developed further by @ChainfireXDA , but his retirement from SuperSU likely means that to get the most up-to-date systemless rooting app for my OEM unlocked Moto Z2 Force, I will have to soon switch to @topjohnwu Magisk.
The point of this thread was that we had to work extra hard for magisk support and we now have it via mine and @Uzephi kernel we have figured out why there are bootloops and will be adressing here shortly
On OEM unlocked T-Mobile Moto Z2 Force with latest TWRP (as of 15NOV2017), I just switched to Magisk 14.3 beta from SuperSU 2.82 SR5 beta w/SU Hide 1.09. In this long process, I lost all my data because Magisk 14.3 beta did not properly disable force encryption! I really didn't think it was going to be as hard as it was. It absolutely refused to boot properly with default upstream kernel (i.e., that comes along with latest TWRP; kernel probably soon to be tweaked per previous post) and latest Magisk 14.3 beta no matter how many times I formatted data, etc. I ended up having to use SuperR's Kitchen free for Linux.
SuperR's Kitchen free for Linux
https://forum.xda-developers.com/apps/superr-kitchen/kitchen-superr-s-kitchen-v1-1-50-v2-1-6-t3597434
SuperR's Kitchen donate version for Windows/Linux
https://forum.xda-developers.com/apps/superr-kitchen/windows-linux-superr-s-kitchen-v3-0-0-0-t3601702
jhofseth said:
On OEM unlocked T-Mobile Moto Z2 Force with latest TWRP (as of 15NOV2017), I just switched to Magisk 14.3 beta from SuperSU 2.82 SR5 beta w/SU Hide 1.09. In this long process, I lost all my data because Magisk 14.3 beta did not properly disable force encryption! I really didn't think it was going to be as hard as it was. It absolutely refused to boot properly with default upstream kernel (i.e., that comes along with latest TWRP; kernel probably soon to be tweaked per previous post) and latest Magisk 14.3 beta no matter how many times I formatted data, etc. I ended up having to use T-Mobile 05AUG2017 kernel, no-verity-opt-encrypt-5.2 (attached), and Android Terminal TWRP Installer. But the important thing is Magisk 14.3 beta is finally working with latest Moto Z2 Force TWRP!
Click to expand...
Click to collapse
Interesting experiment... two questions:
1. have you tried using flashable zip to unforce encryption for "any kernel" by @erfanoabdi on our device?
2. since latest TWRPs by @joemossjr come with a (little) modified/recompiled kernel, why don't disable forced encryption by default on them?
enetec said:
Interesting experiment... two questions:
1. have you tried using flashable zip to unforce encryption for "any kernel" by @erfanoabdi on our device?
2. since latest TWRPs by @joemossjr come with a (little) modified/recompiled kernel, why don't disable forced encryption by default on them?
Click to expand...
Click to collapse
i didn't read thread and other posts but please don't install my zip here
that will harm the device in worst way
1) Z2 have a/b boot partition
2) different fstab and partition table
@enetec remove my flashable zip from your old post
erfanoabdi said:
...
@enetec remove my flashable zip from your old post
Click to expand...
Click to collapse
:good:
P. S. : Welcome back pal!
P. P. S. : we *want* you on Z2!!!
re-encrypting not due to upstream kernel with TWRP
enetec said:
Interesting experiment... two questions:. ....
2. since latest TWRPs by @joemossjr come with a (little) modified/recompiled kernel, why don't disable forced encryption by default on them?
Click to expand...
Click to collapse
The re-encrypting was not the fault of the upstream kernel with TWRP, it was that the 14.3 beta Magisk didn't properly disable force encryption in a stock boot image. It errored & told me to use a stock boot image during Magisk direct install (i.e., inside Magisk manager), so I dd flashed a stock boot image and FlashFire flashed Magisk right afterward. Yeah.....force encryption fun! Eventually, I ended up having to use SuperR's Kitchen free for Linux. All's well that ends well.
SuperR's Kitchen free for Linux
https://forum.xda-developers.com/apps/superr-kitchen/kitchen-superr-s-kitchen-v1-1-50-v2-1-6-t3597434
SuperR's Kitchen donate version for Windows/Linux
https://forum.xda-developers.com/apps/superr-kitchen/windows-linux-superr-s-kitchen-v3-0-0-0-t3601702
jhofseth said:
The re-encrypting was not the fault of the upstream kernel with TWRP
Click to expand...
Click to collapse
Never intended that... I was only asking why don't include directly in modified kernel the possibility to remain unencrypted...
enetec said:
Never intended that... I was only asking why don't include directly in modified kernel the possibility to remain unencrypted...
Click to expand...
Click to collapse
I think @joemossjr and @Uzephi try, but this encryption can be frustrating. Many techniques that are supposed to stop it don't work properly. Somehow SuperSU 2.82 beta SR5 does a good job of stopping it when installed systemlessly. No version of Magisk that I've tested stops encryption on our phone--even though it is supposed to stop force encryption by default.
jhofseth said:
I think @joemossjr and @Uzephi try, but this encryption can be frustrating. Many techniques that are supposed to stop it don't work properly. Somehow SuperSU 2.82 beta SR5 does a good job of stopping it when installed systemlessly. No version of Magisk that I've tested stops encryption on our phone--even though it is supposed to stop force encryption by default.
Click to expand...
Click to collapse
user data is formatted f2fs and system/boot/etc ext4. SU decrypts both while magisk sees f2fs and decrypts only f2fs partitions.
Flashable unencrypter must format data will not work on stock kernel. But will with twrp.
https://drive.google.com/file/d/1Cr-7SiSiHpUDM9HYpyeXVsPHEB9Z9wym/view?usp=drivesdk
enetec said:
Never intended that... I was only asking why don't include directly in modified kernel the possibility to remain unencrypted...
Click to expand...
Click to collapse
the "encrypt" part is in /system, not kernel. I can add a module when I build with anykernel to do the same thing as joemoss's zip. But it isn't the kernel. The kernel will work both encrypted and decrypted.
Uzephi said:
the "encrypt" part is in /system, not kernel. I can add a module when I build with anykernel to do the same thing as joemoss's zip. But it isn't the kernel. The kernel will work both encrypted and decrypted.
Click to expand...
Click to collapse
I could be wrong, but I have maturated the idea that disabling force encryption is one of (many...) things which can be done both working on /boot or /system....
I had posted @erfanoabdi script for Moto Z (Griffin) even to have it studied for an eventual porting... (I'm quite sure it works on /boot... )
More... I think even SuperSU method could work on /boot: if it worked modifying /system, a kernel reflashing shoudn't disable it's tweak... am I wrong?
enetec said:
I could be wrong, but I have maturated the idea that disabling force encryption is one of (many...) things which can be done both working on /boot or /system....
I had posted @erfanoabdi script for Moto Z (Griffin) even to have it studied for an eventual porting... (I'm quite sure it works on /boot... )
More... I think even SuperSU method could work on /boot: if it worked modifying /system, a kernel reflashing shoudn't disable it's tweak... am I wrong?
Click to expand...
Click to collapse
AnyKernel pulls apart the boot image and injects the kernel. it doesn't put the image back correctly. to try this, dd pull your boot image and play with AIK (linux solution to manually add a kernel). Don't edit anything and it will lose root as well when you reflash the repacked boot image. it is something in the ramdisk that doesn't get saved.
Uzephi said:
AnyKernel pulls apart the boot image and injects the kernel. it doesn't put the image back correctly. to try this, dd pull your boot image and play with AIK (linux solution to manually add a kernel). Don't edit anything and it will lose root as well when you reflash the repacked boot image. it is something in the ramdisk that doesn't get saved.
Click to expand...
Click to collapse
Understood. But @ChainfireXDA should have found a solution to this... or not?
enetec said:
Understood. But @ChainfireXDA should have found a solution to this... or not?
Click to expand...
Click to collapse
How can he? he doesn't have the device to test this out. He just patches the boot image the normal way like other devices. (albeit it took some community testing to get the boot image and ramdisk to work for our device, but hey, you get what you can when the dev doesn't have your device)
enetec said:
Understood. But @ChainfireXDA should have found a solution to this... or not?
Click to expand...
Click to collapse
@Uzephi wrote, "data is formatted f2fs and system/boot/etc ext4. SU decrypts both while magisk sees f2fs and decrypts only f2fs partitions."
So, I think that's why when we formatted data ext4 in TWRP, SuperSU 2.82 beta SR5 was OK but not so for Magisk.
Ok what uzephi is trying to say is encryption in handled in our fstab.qcom. which if you have a stock kernel it's gonna be in there and one's gonna be in system and another in system_root. So in the fstab there is this line for userdata which isn't used as you can see the # means it's not used. When magisk sees this because it's right above our userdata it modifies the "forceencrypt" part to "encryptable" which allows decryption on the f2fs partition but we don't use that. Follow me? Now below that one is ours. And where you see the term "fileencryption" that's just another term for force encrypt. So when magisk is flashed it only sees the one above it and changes it and goes on. Now the difference between magisk and supersu is supersu looks for terms like "verify" for dm verity and "forceencrypt" for encryption and also "fileencryption" and removed the verify term to remove verity and changes all the above terms if noticed to "encryptable" instead of going line by line supersu does it better. Now if you have twrp it has a fstab in it that patched already but what I forgot to check is where twrp puts it and where it puts it is n in the root of our device where it doesn't belong. So that's why I made a flashable zip that sends that modified fstab to system where when the system boots it will see the new modified fstab and realize that it can boots.
#/dev/block/bootdevice/by-name/userdata /data f2fs rw,discard,nosuid,nodev,noatime,nodiratime,nobarrier,inline_xattr,inline_data wait,check,formattable,forceencrypt=/dev/block/bootdevice/by-name/metadata
/dev/block/bootdevice/by-name/userdata /data ext4 nobarrier,noatime,nosuid,nodev,discard,data=ordered,noauto_da_alloc wait,check,formattable,fileencryption=ice