I have a rare phone running Android 6.0 on a MT6750 with an unlocked bootloader (might be MT6750T since it is 1920x1080, but the only things I have found say MT6750)
I have been unable to get TWRP working on this phone after trying several porting guides and TWRP images. Almost all port attempts result in the boot image (logo.bin - android logo), followed by a black screen for a few seconds, then it reboots into Android.
Is it possible to manually patch the boot.img to gain root? If so, can someone point me to a guide for it? I found https://forum.xda-developers.com/android/software-hacking/systemless-root-mediatek-t3309909 but PATH doesnt seem to be set anywhere in my boot image (grep -nrw 'boot.img-ramdisk' -e "PATH"). I tried adding "export PATH $PATH:/data/bin" or "export PATH /sbin:/vendor/bin:/system/sbin:/system/bin:/system/xbin::/data/bin" to init.environ.rc with other exports, but I get a boot loop
try recompile the decompiled boot.img without doing any changes and flash the compiled boot.img to see that there is no problem with respect to compilation of boot.img
shankar_vl said:
try recompile the decompiled boot.img without doing any changes and flash the compiled boot.img to see that there is no problem with respect to compilation of boot.img
Click to expand...
Click to collapse
i decompiled and recompiled without any changes using kitchen tools and flashed back ... but its showing error.
same with recovery.img also
btw im using oppo f3 mt6750t
rajeshca911 said:
i decompiled and recompiled without any changes using kitchen tools and flashed back ... but its showing error.
same with recovery.img also
btw im using oppo f3 mt6750t
Click to expand...
Click to collapse
Then its a compilation error. Its not being compiled correctly.
Btw, systemless root by supersu and magisk do a lot things like starting sudaemon, injecting supolicy changes, mounting su.img, etc. Its better to port a custom recovery and let supersu or magisk zip do all the required things to root your device.
Or if you want to be ambitious, dirty your hands with hackings, unzip these zip files and try to implement manually what is programmed there.
My suggestion is go for porting recovery from devices matching your device specs ( need not be 100%). There are several threads on this forum helping you out on this. I think chances of porting a workable custom recovery are brighter than manually compiling su compatible boot.img.
There's the problem..
I did port custom recovery.
But when I flash it back to device it's showin error.
I understand that I need to dirt my hands more to get root my device
So I decided to compile revovery.. But oppO f3 source files r not available. I tried with omni Tom source. But it failed
rajeshca911 said:
i decompiled and recompiled without any changes using kitchen tools and flashed back ... but its showing error.
same with recovery.img also
btw im using oppo f3 mt6750t
Click to expand...
Click to collapse
rajeshca911 said:
There's the problem..
I did port custom recovery.
But when I flash it back to device it's showin error.
I understand that I need to dirt my hands more to get root my device
So I decided to compile revovery.. But oppO f3 source files r not available. I tried with omni Tom source. But it failed
Click to expand...
Click to collapse
You said that even the imgs just compiled without any changes made to decompiled files are not able to boot. Then there must be something wrong with compiling. Your tools for compiling may not be correctly working.
There are carlive image kitchen tools. get them here https://forum.xda-developers.com/android/development/tool-cika-carliv-image-kitchen-android-t3013658. They are known for flawless working.
What is more important now is that you have right tools for compiling imgs. Then you can think of further.
shankar_vl said:
You said that even the imgs just compiled without any changes made to decompiled files are not able to boot. Then there must be something wrong with compiling. Your tools for compiling may not be correctly working.
There are carlive image kitchen tools. get them here https://forum.xda-developers.com/android/development/tool-cika-carliv-image-kitchen-android-t3013658. They are known for flawless working.
What is more important now is that you have right tools for compiling imgs. Then you can think of further.
Click to expand...
Click to collapse
Thanks bro. But im using carliv kitchen tools only.
I didn't tried with other kitchen tools yet.. So i give a try other tools
rajeshca911 said:
Thanks bro. But im using carliv kitchen tools only.
I didn't tried with other kitchen tools yet.. So i give a try other tools
Click to expand...
Click to collapse
no need. carliv tools are perfect. stick with them.
are you able to successfully flash imgs with sp flash tools? no matter whether you are able to boot with them.
as for porting, use twrp or any other custom recovery of SoC as yours, mt6750t and of OS version similar to yours as well.
shankar_vl said:
no need. carliv tools are perfect. stick with them.
are you able to successfully flash imgs with sp flash tools? no matter whether you are able to boot with them.
as for porting, use twrp or any other custom recovery of SoC as yours, mt6750t.
Click to expand...
Click to collapse
Ok.. I stick with carliv as u suggested. And... Yes... Im able to flash img files to phone but not with sp flash tools. Im using professional tools ( uni tools from volcano) and also flashing using a cracked download tool meant for oppo devices. ( the download tool was created on base of sp flash tools only)
Then...
I just tried twrp porting only ( same soc mt6750t quitel k6000 plus i think.. Which chipset is mt6750t)
Also tried with oppo f1s twrp which chipset is mt6750.. ( not 6750t.. ) both went wrong..
seniors and xda developrs ( zackie& a guy from Indonesia unfortunately i forgot his name) also tried to. Port twrp for me. I also tried flashing their img files ..everything went not well.. There i have understood that either compiling or flashing causing error in my device
Thats y im trying to find other wayz.. There i found ur thread .& fetching useful checklist:good:
rajeshca911 said:
Ok.. I stick with carliv as u suggested. And... Yes... Im able to flash img files to phone but not with sp flash tools. Im using professional tools ( uni tools from volcano) and also flashing using a cracked download tool meant for oppo devices. ( the download tool was created on base of sp flash tools only)
Then...
I just tried twrp porting only ( same soc mt6750t quitel k6000 plus i think.. Which chipset is mt6750t)
Also tried with oppo f1s twrp which chipset is mt6750.. ( not 6750t.. ) both went wrong..
seniors and xda developrs ( zackie& a guy from Indonesia unfortunately i forgot his name) also tried to. Port twrp for me. I also tried flashing their img files ..everything went not well.. There i have understood that either compiling or flashing causing error in my device
Thats y im trying to find other wayz.. There i found ur thread .& fetching useful checklist:good:
Click to expand...
Click to collapse
As you tried various flashing methods, you might have already known all the related intricasies of flashing. still I just want to mention that I presume you might have then known vcom drivers, creating scatter file with mtkdroid tools, loading scatter file and, most importantly switching off phone and plugging phone to PC just after clicking on flash button in sp flash tool.
And about the other tools of flashing you mentioned, sorry I will not be helpful.
A thing to mention regarding porting is taking care of mount points in fstab file and a similar file if any at /etc folder in ramdisk of decompiled port recovery. mount points should be same as fstab of your boot.img.
Besides, ensure kernel (Imaze) of port recovery is replaced with that of boot.img.
shankar_vl said:
As you tried various flashing methods, you might have already known all the related intricasies of flashing. still I just want to mention that I presume you might have then known vcom drivers, creating scatter file with mtkdroid tools, loading scatter file and, most importantly switching off phone and plugging phone to PC just after clicking on flash button in sp flash tool.
And about the other tools of flashing you mentioned, sorry I will not be helpful.
A thing to mention regarding porting is taking care of mount points in fstab file and a similar file if any at /etc folder in ramdisk of decompiled port recovery. mount points should be same as fstab of your boot.img.
Besides, ensure kernel (Imaze) of port recovery is replaced with that of boot.img.
Click to expand...
Click to collapse
Your not helpfull??.. I don't agree with that. May be im Not in the position to catch your mind.
However.. Im not going to miss single chance to upgrade myself ( yes ofcourse from devs n seniors like u)
As you said
1) i have installed vcom drivers & fetched scatter file. ( again not from mtk droid tools) . I heard mtkdroid tools nOt fully supporting mt67xx Series. Even i tried modified mtkdroid tools developed by dev havoc.. And droid tool showed some info like cpu info.. Etc. But right hand side there was an error which saying that its usable to fetch info. . I presume the error may b causing by oppo. Own OS ( Color OS based on android 6.0).. And my last try was 2 months ago. So i dont know if there is any improvements in droid tools or not. Please privide me links if they updated/ supported 67xx series
2)yes i agree with mount points you mentioned. I was just replacing fstab file from stock to. Port. I didnt edit any. . I will check again and update u.
3) Actually im in dilemma to blame on cimpiling or flashing.. The device is not booting even i didn't modify any item after repack. I need solution for that. If that resolved... Automatically everything will b set up by themselves.. Pls share any views regarding this..
I know its difficult to u to guide until u have hands on it or personally seen d procedures & results
I may upload videos / pictures/ share Team viewer etc.. if u want to see it personally.. So.. U can better understand my problem , my flaws where i need to b improved ( onlynif u wish) however i need a mentor to guide n judge methods im following
rajeshca911 said:
Your not helpfull??.. I don't agree with that. May be im Not in the position to catch your mind.
However.. Im not going to miss single chance to upgrade myself ( yes ofcourse from devs n seniors like u)
As you said
1) i have installed vcom drivers & fetched scatter file. ( again not from mtk droid tools) . I heard mtkdroid tools nOt fully supporting mt67xx Series. Even i tried modified mtkdroid tools developed by dev havoc.. And droid tool showed some info like cpu info.. Etc. But right hand side there was an error which saying that its usable to fetch info. . I presume the error may b causing by oppo. Own OS ( Color OS based on android 6.0).. And my last try was 2 months ago. So i dont know if there is any improvements in droid tools or not. Please privide me links if they updated/ supported 67xx series
2)yes i agree with mount points you mentioned. I was just replacing fstab file from stock to. Port. I didnt edit any. . I will check again and update u.
3) Actually im in dilemma to blame on cimpiling or flashing.. The device is not booting even i didn't modify any item after repack. I need solution for that. If that resolved... Automatically everything will b set up by themselves.. Pls share any views regarding this..
I know its difficult to u to guide until u have hands on it or personally seen d procedures & results
I may upload videos / pictures/ share Team viewer etc.. if u want to see it personally.. So.. U can better understand my problem , my flaws where i need to b improved ( onlynif u wish) however i need a mentor to guide n judge methods im following
Click to expand...
Click to collapse
I empathize with your frustration.
Truth is that with the devices which have not caught the fancy of developers, not having proven root methods, custom recovery, etc only, we take initiatives ourselves and learn the things the hard way which is essentially a true way learning. With popular devices having already so many developments, there is no scope for adventurism and fun as well.
Just see back what are all you gained in doing the things you did with your device for gaining root. Could it have been possible with the so called popular devices?
Now let's come to the issue. In all times of failed booting on compiled imgs, how did you restore them? flashing again stock boot and recovery imgs? and with tools you mentioned?
If you could flash stock boot and recovery with the tools you mentioned, then there is no problem with those flashing tools. Then it comes to the decompiling and recompiling of imgs.
If it could be possible, can you share here stock boot.img, and custom recovery you have selected for porting (also mention the device name, recovery pertained). Let me try.
Yup.. Bro.
What have you said all true.. during this journey i have learned so manythings like porting custom recovery , read back firmware etc and i cant forget what i have learned.. so many trail and errors
below link is the stock and custom recovery i tried to port
https://drive.google.com/file/d/0B6wWbhnrRZ_-V2RZQXByYjc4QVU/view?usp=drive_web
and a developer also tried to to port recovery for me .. below is the link which he modified for me
https://www.androidfilehost.com/?fid=745425885120760137
Im also enclosing stock boot.img
https://mega.nz/#!MF1ySQ4D!ku6RWfOP8QTkm75sNq_1_n-_Af0y843J0I0tiCHRa8k
My Device Details are
Manufacture : Oppo
Device name : Oppo f3
Model No : CPH1609
chipset : MT6750T , 4gb Ram , 64 Gb storage
[ I Really praying Inside ....:angel: god may give result for our endless efforts }
@rajeshca911 can you give details for the custom recovery you have given links, like name of the device, its os ( lollipop, marshmallow, like), and chipset if possible, it pertained to.
shankar_vl said:
@rajeshca911 can you give details for the custom recovery you have given links, like name of the device, its os ( lollipop, marshmallow, like), and chipset if possible, it pertained to.
Click to expand...
Click to collapse
Aquired custom recovery from
Device : qukitel K6000 plus, chipset MT6750T
android version 6.0 (from below)
https://www.google.co.in/amp/s/foru...al/oukitel-k6000-plus-twrp-root-t3620241/amp/
rajeshca911 said:
Aquired custom recovery from
Device : qukitel K6000 plus, chipset MT6750T
android version 6.0 (from below)
https://www.google.co.in/amp/s/foru...al/oukitel-k6000-plus-twrp-root-t3620241/amp/
Click to expand...
Click to collapse
I think the signature of the boot.img gets changed. Try to sign it after decompiling and recompiling by AVB patcher from here: https://forum.xda-developers.com/an...signing-boot-images-android-verified-t3600606
anandverma458 said:
I think the signature of the boot.img gets changed. Try to sign it after decompiling and recompiling by AVB patcher from here: https://forum.xda-developers.com/an...signing-boot-images-android-verified-t3600606
Click to expand...
Click to collapse
Shall i sign both boot.img and recovery.img as well?? or is it enough to sign compiled recovery.img ?
---------- Post added at 07:57 AM ---------- Previous post was at 07:44 AM ----------
i generated public and private keys also signed and generated
boot_signed.img
recovery_signed.img
first i flashed both the images... result was soft brick and i had to flash original boot.img
second i flashed only signed recovery.img and same was repeated.
rajeshca911 said:
Shall i sign both boot.img and recovery.img as well?? or is it enough to sign compiled recovery.img ?
---------- Post added at 07:57 AM ---------- Previous post was at 07:44 AM ----------
i generated public and private keys also signed and generated
boot_signed.img
recovery_signed.img
first i flashed both the images... result was soft brick and i had to flash original boot.img
second i flashed only signed recovery.img and same was repeated.
Click to expand...
Click to collapse
Actually, I had the same problem (I have vivo 1603). When I flashed boot.img after decompiling and recompiling,it bootlooped. I had twrp installed, so I first restored the backup of stock boot.img, and then installed the recompiled boot.img without rebooting. That worked for me
As you don't have custom recovery, I suggest that you first flash stock boot.img, and after the process completes, flash the recompiled boot.img without rebooting your device.
Hey bro, I decompiled the stock boot.img to see that if 'verify' flag was preventing booting the system with other than stock recovery. Dm-verity is a recent security control for preventing booting with changed/modified kernel/system. But I could not find any such flags, but found verity_key, so I just deleted it and decompiled the boot.img. I am not sure whether it can solve your booting problem. Let's see will this now allow to boot with custom kernel. Here is the modified stock boot.img. http://www.mediafire.com/file/tc1k1ghmy76nfqd/modified_oppo_boot.img
Flash first this boot.img and then flash the custom recovery.imgs (you can try your recoveries also)
I have also ported two recovery.imgs. Both are ported from the twrps for the same device, K6000 plus. However, what I found for this k6000 plus was different in size. So I ported two twrp recovery imgs. Here are two twrp ported recoveries, one is from you have given links to and another is from what I found on this forum.
http://www.mediafire.com/file/4als7qmpwdz1iv4/oppo_port_twrpv1.img
http://www.mediafire.com/file/5xz7387at6rr0dy/oppo_port_twrpv2.img
Once again, I reiterate that first flash the modified boot.img and then try flashing the recoveries.
Best of luck
anandverma458 said:
Actually, I had the same problem (I have vivo 1603). When I flashed boot.img after decompiling and recompiling,it bootlooped. I had twrp installed, so I first restored the backup of stock boot.img, and then installed the recompiled boot.img without rebooting. That worked for me
As you don't have custom recovery, I suggest that you first flash stock boot.img, and after the process completes, flash the recompiled boot.img without rebooting your device.
Click to expand...
Click to collapse
Bro thanks for your advice.. and i did same what you have said.. i flashed stock boot.img with out rebooting flashed recompiled boot.img the device didnt boot up.. i think culprit is something else .. that prevets booting custom images
Related
Our phone needs a bootable only TWRP, this is a fact.
This is because of the a/b partitioning but, more, since of the "new" recovery-in-boot.IMG design which links kernel & recovery presence in an unwanted way...
And a bootable TWRP is the "official solution" developed by TWRP Team for Pixel 2/2 XL - the more similar device up to date - to overcome this issue in better way. I fully agree with their solution and I had thought of it even before of their official release...
A LOT of development has been done on this phone during only last month, better installable TWRP, better kernels, better installation methods developed for them, both for first install and for upgrade too, BUT the lack of a boot-only TWRP, something easily (& ever...) accessible with a simple fastboot boot twrpboot.img command is every day more evident...
For some reasons this has been achieved (even if still with limitations...) on Pixels (with available sources obviously...) but, to date, not for our device...
I would like this thread will become the reference thread to all which would want to contribute on this development, a place to report achieved results and faced issues so that others could try to help & overcome them...
We still have a restricted team of developers, but most of them are *great* on their work... I'm sure that only with a bit more teamed up work, this is a result we could achieve in weeks... probably before Christmas!
So, just to start, everyone which has tried to develop (or study...) this, could report what type of issues has faced to date...
I will still have twrp on my boot image. When I was testing kernels without twrp and I got a horrid kernel panic, stock recovery just wiped the device rebooted, wiped, repeat. When I had a bad kernel panic alpha testing on twrp, it would just boot to twrp in tact then I could flash the old kernel. If everything was too messed up, just reflash twrp. All kernels I have made besides the ones that gave those issues work perfect in twrp. Even the ones where bogoMIPS freq was used instead of our frequencies. (38.0 MHz). I like the idea of not having to hook my device up to a computer to boot into recovery.
Uzephi said:
I will still have twrp on my boot image. When I was testing kernels without twrp and I got a horrid kernel panic, stock recovery just wiped the device rebooted, wiped, repeat. When I had a bad kernel panic alpha testing on twrp, it would just boot to twrp in tact then I could flash the old kernel. If everything was too messed up, just reflash twrp. All kernels I have made besides the ones that gave those issues work perfect in twrp. Even the ones where bogoMIPS freq was used instead of our frequencies. (38.0 MHz). I like the idea of not having to hook my device up to a computer to boot into recovery.
Click to expand...
Click to collapse
Yes, I understand this, BUT there are a lot of other scenarios where having a bootable TWRP could save the day and/or at least make things simpler....
On the other hand, you are the first developer I know who is quite ever going without root!
(So you can't be taken as the "average user"... )
enetec said:
Yes, I understand this, BUT there are a lot of other scenarios where having a bootable TWRP could save the day and/or at least make things simpler....
On the other hand, you are the first developer I know who is quite ever going without root!
(So you can't be taken as the "average user"... )
Click to expand...
Click to collapse
I am confused...(I am I am long time enthusiast, pls forgive my naivety!)
I can reboot into twrp without issue using current method in this forum. Is "bootable twrp" referencing where / how twrp is implemented on this device? What are we missing as users and fans of all the great room devs out there by using our current method?
Ty for any insights in advance.
3's&7's said:
I am confused...(I am I am long time enthusiast, pls forgive my naivety!)
I can reboot into twrp without issue using current method in this forum. Is "bootable twrp" referencing where / how twrp is implemented on this device? What are we missing as users and fans of all the great room devs out there by using our current method?
Ty for any insights in advance.
Click to expand...
Click to collapse
The bootable refers to the command fastboot boot boot_a your-filename.img or fastboot boot boot_b your-filename.img . For the Moto Z2 Force, it has to be compiled differently than a boot image intended to be flashed as with the command fastboot flash boot_a your-filename.img , or fastboot flash boot_b your-filename.img . The reason it now has to be compiled differently is that our boot image is combined with recovery. If you try to fastboot boot a fastboot flash type, it would boot normally into Android OS--if all went OK. If you fastboot flash flashed a fastboot boot type, the device would boot into recovery instead of normal Android OS. Both fastboot boot and normal boot result in the kernel and ramdisk being written to RAM--to volatile memory; the difference is whether the data originally came from the device's non-volatile storage or external PC via USB-C cable.
Alternatively, there are two main forms of zip installers for a combined boot image, which are intended to be flashed inside TWRP or an apk like FlashFire (FlashFire does not play nice with already Magisk rooted Z2 Force, in my experience): a zip flash that flashes the entire boot.img (ramdisk + kernel), or a zip flash that only replaces half of the boot image (the ramdisk). For combined boot images, the ramdisk-only type that does not replace kernel is the more common of the two flash zip types on the site TWRP.me . In fact, I have never seen an official installer that also replaced boot image kernel on the official site.
As mentioned above, the fastboot boot type is not meant to be fastboot flash flashed; rather, it is primarily meant to be a platform utilized to flash the TWRP zip installer. You will see some devices on TWRP.me that have both fastboot boot type and zip flash type, and the aforementioned technique is why both are provided. Take a look at Pixel 2 XL (codenamed Taimen) on TWRP.me, and you'll see this method supported.
@jhofseth .... I could never explain it in a better way! :silly::good:
To come back IT... @jhofseth I know you have studied a lot this thing in these weeks, so I have a question for you...
If you take a boot.img containing a TWRP recovery like one we already have, and try a fastboot boot TWRP.IMG it should boot to its included kernel and then to system (if possible...), right?
This way we can test a new kernel without flashing it but it isn't our goal...
Well, when already flashed on phone we can choose between reboot to kernel/system or TWRP by adb commands or by extensions like Gravity Box...
Is it so hard/possible/thinkable to modify one of our boot.img so that it is in some way "forced" to boot to its TWRP in any case?
(and so even when loaded with a fastboot boot command...)
enetec said:
To come back IT... @jhofseth I know you have studied a lot this thing in these weeks, so I have a question for you...
If you take a boot.img containing a TWRP recovery like one we already have, and try a fastboot boot TWRP.IMG it should boot to its included kernel and then to system (if possible...), right?
This way we can test a new kernel without flashing it but it isn't our goal...
Well, when already flashed on phone we can choose between reboot to kernel/system or TWRP by adb commands or by extensions like Gravity Box...
Is it so hard/possible/thinkable to modify one of our boot.img so that it is in some way "forced" to boot to its TWRP in any case?
(and so even when loaded with a fastboot boot command...)
Click to expand...
Click to collapse
I would work on this if someone explains in detail why our current setup is an issue. I have ran into plenty of kernel issues when building bad kernels and twrp as recovery was better than stock recovery (as stated above). Please, I want this if there is a real reason for it. Our stock recovery just factory resets the device, so a recovery with other options is kinda nice.
Temp booting a kernel: use AIK and inject kernel into a boot image.
New TWRP update, just flash the boot image (which might have new boot image as well) and just reflash kernel. It is better than needing to hook the phone up to a PC every time you want to boot TWRP...
enetec said:
To come back IT... @jhofseth I know you have studied a lot this thing in these weeks, so I have a question for you...
If you take a boot.img containing a TWRP recovery like one we already have, and try a fastboot boot TWRP.IMG it should boot to its included kernel and then to system (if possible...), right?
This way we can test a new kernel without flashing it but it isn't our goal...
Well, when already flashed on phone we can choose between reboot to kernel/system or TWRP by adb commands or by extensions like Gravity Box...
Is it so hard/possible/thinkable to modify one of our boot.img so that it is in some way "forced" to boot to its TWRP in any case?
(and so even when loaded with a fastboot boot command...)
Click to expand...
Click to collapse
Yeah, that is one way to test, but sometimes that will fail even when the kernel works. For example, sometimes if you fastboot flash, sometimes you also have to flash latest Magisk again right away in TWRP, or it won't boot into Android OS. That would be impossible with fastboot boot (i.e., unless you patched boot image first with Magisk manager apk, or some other tool), because you would be unable to flash latest Magisk (or SuperSU 2.82 beta SR5). So, sometimes fastboot boot would fail to normally boot into Android OS--even though the kernel may be completely OK.
Uzephi said:
I would work on this if someone explains in detail why our current setup is an issue. I have ran into plenty of kernel issues when building bad kernels and twrp as recovery was better than stock recovery (as stated above). Please, I want this if there is a real reason for it. Our stock recovery just factory resets the device, so a recovery with other options is kinda nice.
Click to expand...
Click to collapse
There are plenty of scenarios where a bootable TWRP could be hassle saving / needed BUT you ask for a single one and I'll give you one... Or two! :laugh:
I want to be free to install the kernel I want with TWRP version I want.
Now this is not possible (if not with weird/tricking installations! ).
E.g.: let's imagine to want to install latest *stock* kernel with latest TWRP.
I have kernel, I have TWRP flashable zips ( @jhofseth made some which are fantastic...) BUT no (simple) way to merge them.
More: as you like to have tweaked kernel BUT without root, there is plenty of people who like to not have TWRP flashed on their systems BUT still being able to make backups and/or flash zips... (e.g. we have already seen some incompatibility between CF-Root and TWRP in past...) and/or remain free to take OTAs... & so on...
I could continue for hours, but these are already valid reasons IMHO...
Pixel 2 developers are not stupid... they have choosed this solution for valid reasons...
enetec said:
There are plenty of scenarios where a bootable TWRP could be hassle saving / needed BUT you ask for a single one and I'll give you one... Or two! :laugh:
I want to be free to install the kernel I want with TWRP version I want.
Now this is not possible (if not with weird/tricking installations! ).
E.g.: let's imagine to want to install latest *stock* kernel with latest TWRP.
I have kernel, I have TWRP flashable zips (@jhofseth made some which are fantastic...) BUT no (simple) way to merge them.
More: as you like to have tweaked kernel BUT without root, there is plenty of people who like to not have TWRP flashed on their systems BUT still being able to make backups and/or flash zips... (e.g. we have already seen some incompatibility between CF-Root and TWRP in past...) and/or remain free to take OTAs... & so on...
I could continue for hours, but these are already valid reasons IMHO...
Pixel 2 developers are not stupid... they have choosed this solution for valid reasons...
Click to expand...
Click to collapse
Answer (I have done this before I flashed TWRP and it worked wonders): root a boot image, go into system, adb shell, su, dd if=/dev/block/sde17(sdf17 for slot B) of=/sdcard/boot.img You now have a rooted bootable image, return to stock image. now you can use Flash Fire to make backups and flash stuff....
You can flash any kernel to TWRP. you want the stock kernel to flash? I can make a flashable zip with the stock kernel by Motorola if needed. It isn't hard tbh...
jhofseth said:
Yeah, that is one way to test, but sometimes that will fail even when the kernel works. For example, sometimes if you fastboot flash, sometimes you also have to flash latest Magisk again right away in TWRP, or it won't boot into Android OS. That would be impossible with fastboot boot, because you would be unable to flash latest Magisk (or SuperSU 2.82 beta SR5).
Click to expand...
Click to collapse
Why do you think a "booted" TWRP wouldn't be able to correctly flash zips?
I don't see reasons for this...
jhofseth said:
...
So, sometimes fastboot boot would fail to normally boot into Android OS--even though the kernel may be completely OK.
Click to expand...
Click to collapse
In fact I wrote "if possible"... BUT anyway this is of no interest. We *only* need to boot to TWRP, we are not interested in boot to an "unflashed kernel" if you understand what I mean...
We have only to force it to boot *ever* in TWRP. Kernel parts not used by TWRP (if some are needed on our phone, like some Mediatek devices need...) could be omitted at all (as done on bootable TWRP for Pixels2 if I don't go wrong...).
Uzephi said:
Answer (I have done this before I flashed TWRP and it worked wonders): root a boot image, go into system, adb shell, su, dd if=/dev/block/sde17(sdf17 for slot B) of=/sdcard/boot.img You now have a rooted bootable image, return to stock image. now you can use Flash Fire to make backups and flash stuff....
You can flash any kernel to TWRP. you want the stock kernel to flash? I can make a flashable zip with the stock kernel by Motorola if needed. It isn't hard tbh...
Click to expand...
Click to collapse
This are exactly the *weird/tricking* solutions I was talkin'about...
(Edit: let me add I don't like this a bit... Root how? Command could be mistyped & flashfire for backups is an orrible & unsafe solution... Just imagine do all this with valuable data in danger... )
All is possible. BUT these are NOT solutions for average user. And every single one requires a different solution/set of commands.
This is not for average user. I repeat it.
You & @johfseth are *NOT* average users... you are fu**ing good developers* and can't evaluate all scenarios with your (advanced) skills & capabilities...
enetec said:
All is possible. BUT these are NOT solutions for average user. And every single one requires a different solution/set of commands.
Click to expand...
Click to collapse
I have offered to give a bootable rooted image to other people in my kernel thread. The thing is, if ANYTHING is edited, OTA won't work, so bootable TWRP won't be feasible, unless you just backup your system and not edit anything.
If the average user can't follow a dd if/of command, would you want them to have to "fastboot boot (image)?" they might flash it, then their boot image needs to be flashed back or it won't boot. There are downsides for bootable TWRP as well. Because we don't know the decryption keys, you still have to wipe data. If you don't decrypt with the zip or SU, you can't update, etc. Decrypting modifies system which in turn makes you not able to get OTAs. It's a vicious cycle. The keys as per DeesTroy change with each boot image, so we would have to make a TWRP that has all keys, then comes to what devices do we support. Currently, the two who are actively developing and have worked on TWRP or assisted with it's boot kernel have only two devices, Sprint and T-Mobile. We wouldn't be able to debug any other model for it's decryption key.
To reiterate: to have working bootable TWRP with all the idiosyncracies you are asking for, we'd have to go through the java code like DeesTroy did and get it working. I am not fluent in java. I can make a bootable TWRP, but you'll have to be decrypted, because I know C and Python which is what kernels and most ROMs use. I don't know much about Java to find the decryption keys for each device.
Edit: for easy analogy: let's say computer languages are like human languages. I know two languages that are anglo-saxan in heritage, but you are asking me to read something latin based. I might know some things in it, but it's all greek to me still... XD
Edit 2: Looking at the TWRP for Pixel 2, the only reason they have a bootable image is to flash TWRP to both boots per their OP. It wasn't suggested to temp boot it for flashing purposes or backup purposes. It was implemented to have it in both boot partitions per the TWRP OP linked here
enetec said:
Why do you think a "booted" TWRP wouldn't be able to correctly flash zips?
I don't see reasons for this...
In fact I wrote "if possible"... BUT anyway this is of no interest. We *only* need to boot to TWRP, we are not interested in boot to an "unflashed kernel" if you understand what I mean...
We have only to force it to boot *ever* in TWRP. Kernel parts not used by TWRP (if some are needed on our phone, like some Mediatek devices need...) could be omitted at all (as done on bootable TWRP for Pixels2 if I don't go wrong...).
Click to expand...
Click to collapse
I understand, I was mainly referring to fastboot stuff, not within TWRP. Any within TWRP stuff was related to Magisk, not the inability of TWRP to flash once TWRP was loaded, but the importance of re-flashing Magisk and the consequences of not re-flashing Magisk. It was really just centered on the importance of re-flashing Magisk. Anything related to kernels stemmed from someone's question about testing kernels. Just minor stuff, but someone asked.
Uzephi said:
...
Edit 2: Looking at the TWRP for Pixel 2, the only reason they have a bootable image is to flash TWRP to both boots per their OP. It wasn't suggested to temp boot it for flashing purposes or backup purposes. It was implemented to have it in both boot partitions per the TWRP OP linked here
Click to expand...
Click to collapse
And this is *ALL* we need IMHO!!!
Is this doable in your (or others...) opinion?
EDIT: and anyway it probably will work fine to flash something and/or to fully backup a system *including* stock boot.img highfive & only excluding encrypted /data (the same encrypted /data our flashed TWRP is unable to manage too... so, what's the point on it? )
Anyway, we are really going OT here... this is not "Could a bootable TWRP be useful?" thread (it's *obvious* it is... ) this is a "What are the issues we have to face & fix to get a working bootable TWRP?" …
So my questions are basically two:
- is there a method to modify (read: force...) a boot.img with TWRP inside like ones we already have so that it boots to TWRP and not to system?
- can Pixels2/2XL bootable-only official TWRP (sources should be available...) be modified to make it work on our (similar...) device?
I would like to keep OTA (at least until there is a lineage os) and must encrypt my z2. Will the bootable TWRP decrypt the system password and allow backup? If I go with a modified boot.img with TWRP, then can I get OTA updates? or must I wait until someone modifies the OTA boot and publishes it? Can I keep one partition with the OTA and the other with a custom rom image?
kendallgreen said:
I would like to keep OTA (at least until there is a lineage os) and must encrypt my z2. Will the bootable TWRP decrypt the system password and allow backup? If I go with a modified boot.img with TWRP, then can I get OTA updates? or must I wait until someone modifies the OTA boot and publishes it? Can I keep one partition with the OTA and the other with a custom rom image?
Click to expand...
Click to collapse
To get OTA, both slots have to have an unmodified boot image, oem image and system. If anything got modified, OTA will fail
Just to link some very useful info(s) posted elsewhere...
https://forum.xda-developers.com/showpost.php?p=74665682&postcount=347
https://forum.xda-developers.com/showpost.php?p=74667790&postcount=350
TWRP from TWRP Builder builded for Nokia 7 Plus....
I still don't know if working (as i write in another thread), so that it does not fit, i write separate thread about it...
Small story:
I unpacked B2N-132E-0-00WW-B07.nb0 using nbd tools, although is not complete unpacked, "B2N-0-132G-00WW-boot.img" is here...
Unpack using unmkbootimg and get kernel(zImage) and ramdisk(ramdisk.cpio.gz)...
In unpacked ramdisk is binary "recovery", "init.recovery.qcom.rc" and "recovery.fstab" which is used/imported by default "init.rc"...
Then i think this is recovery, using TWRP Builder APK installed on N7+ i upload this image...
After some days i receive message that TWRP for Nokia 7 Plus is builded OK
Of course flashing this need Unlocked bootloader, then all who need it, PLEASE do participate in petition about Unlocking bootloader:
https://forum.xda-developers.com/nokia-7-plus/how-to/petition-possibility-to-unlock-t3788953
(after write comment, please also click too on "Do you have this question as well?")
Download: TWRP_onyx_00ww-08051830.img
Won't boot (tried to boot into it via fastboot (I don't want to flash it yet), and it just hanged on the android one text. Maybe going to properly flash it in few days.
Ranpe said:
Won't boot (tried to boot into it via fastboot (I don't want to flash it yet), and it just hanged on the android one text. Maybe going to properly flash it in few days.
Click to expand...
Click to collapse
thanks for testing, flashing is sure not need and not safe, boot via fastboot i think must work(if twrp working)...
anyway if you can boot then you have unlocked bootloader right?
can you try boot via fastboot original in nb0 boot/recovery from twrp is builded? file B2N-0-132G-00WW-boot.img
maybe problem is that this is "hybrid" boot+recovery in one, and is need some hotkey or magic durring boot?
k3dar7 said:
thanks for testing, flashing is sure not need and not safe, boot via fastboot i think must work(if twrp working)...
anyway if you can boot then you have unlocked bootloader right?
can you try boot via fastboot original in nb0 boot/recovery from twrp is builded? file B2N-0-132G-00WW-boot.img
maybe problem is that this is "hybrid" boot+recovery in one, and is need some hotkey or magic durring boot?
Click to expand...
Click to collapse
Yeah, I have unlocked bootloader on my 7+. Looks like the boot.img (which's used in that build of TWRP) is from older rom than the one I'm on at the moment. (B2N-213B-0-00WW-boot.img) May it be the reason for it to not boot? Anyway, I'll try to build a newer version soon.
Ranpe said:
Yeah, I have unlocked bootloader on my 7+. Looks like the boot.img (which's used in that build of TWRP) is from older rom than the one I'm on at the moment. (B2N-213B-0-00WW-boot.img) May it be the reason for it to not boot? Anyway, I'll try to build a newer version soon.
Click to expand...
Click to collapse
How did you get it open? Bootloader
DroiDMester said:
How did you get it open? Bootloader
Click to expand...
Click to collapse
https://forum.xda-developers.com/nokia-6/how-to/guide-how-to-unlock-bootloader-qualcomm-t3769930/
Ranpe said:
Yeah, I have unlocked bootloader on my 7+. Looks like the boot.img (which's used in that build of TWRP) is from older rom than the one I'm on at the moment. (B2N-213B-0-00WW-boot.img) May it be the reason for it to not boot? Anyway, I'll try to build a newer version soon.
Click to expand...
Click to collapse
yes, TWRP in #0 is builded from *boot.img from 8.0, i not find newer version, you have B2N-213B-0-00WW-boot.img ? if yes, then please try upload it via TWRP Builder, i not this do because not have newer file and too not posible to upload more that 1x from one device...
unlocking bootloader you do via NTool?
k3dar7 said:
yes, TWRP in #0 is builded from *boot.img from 8.0, i not find newer version, you have B2N-213B-0-00WW-boot.img ? if yes, then please try upload it via TWRP Builder, i not this do because not have newer file and too not posible to upload more that 1x from one device...
unlocking bootloader you do via NTool?
Click to expand...
Click to collapse
I've submitted the newer boot.img to them already, we'll see if they update it. Yeah, unlocked via ntool (by a guy I know).
Ranpe said:
I've submitted the newer boot.img to them already, we'll see if they update it. Yeah, unlocked via ntool (by a guy I know).
Click to expand...
Click to collapse
strange, i not see it in complete, queue, running or rejected don't show after upload you some error like "for this device is already builded"? i don't know if is posible rebuild for same device model from another device with another/newer boot.img...
I thought too about NTool, but i not find any seller od setool2 credit with small amount of credit (<=10), only 30 and for me message no answer... also authot of NTool write me only "not help you"... then try wait what Nokia do with many question about posibility of unlocking bootloader officialy...
try to get stock recovery img, porting should be easier.
SkaboXD said:
try to get stock recovery img, porting should be easier.
Click to expand...
Click to collapse
as i say in #0 TWRP is builded from srock recovery from 8.0 NB0 for N7p, i think problem is that N7p not use separate recovery but is inside normal boot, then need some magic to switch to recovery part of this "hybrid" boot, and because N7p need to recovery via powering cable and hold VolUp+Power then i think is same need with booting TWRP from #0, but who know if this is possible with not flashed booting via fastboot...
edit: anyway if my thoughts are true, then with hybrid boot+recovery flashed to device, is really need twrp based on exact boot image for current rootfs on device... (as Rampe too say if is possible evoce recovery from image booted via fastboot without flashing, then is not need exact version...
SkaboXD said:
try to get stock recovery img, porting should be easier.
Click to expand...
Click to collapse
The recovery is in the boot.img, and we have the images already.
Ranpe said:
The recovery is in the boot.img, and we have the images already.
Click to expand...
Click to collapse
oh i get it, so you need to make twrp for every Android version because of changed boot.img?
SkaboXD said:
oh i get it, so you need to make twrp for every Android version because of changed boot.img?
Click to expand...
Click to collapse
Not 100% sure of it, but unfortunately it may be so.
SkaboXD said:
oh i get it, so you need to make twrp for every Android version because of changed boot.img?
Click to expand...
Click to collapse
if changed kernel version/config (or binary, script, key in boot.img) then yes... if update use same files in boot.img as previous then no...
if i look at version in Settings/About for 8.1 v2.13 and 8.1 v2.22 then kernel version i same 4.4.78, but builded date is other (17.3. and 20.4.), not know if changes config, source etc, or is only same kernel rebuilded with full build proces again... i not have whole boot.img for 2.13 or 2.22 only for 8.0 v1.23
edit: FW for camera/touch/baseband/nothing not in boot.img (if not compile inside kernel(which i do not expect))
@Ranpe you have boot.img for 2.13 and/or 2.22 ? can you please upload it somewhere?
k3dar7 said:
@Ranpe you have boot.img for 2.13 and/or 2.22 ? can you please upload it somewhere?
Click to expand...
Click to collapse
Yeah, I have the boot.img for 2.13, but not (yet) for 2.22 (Need to get python working properly so I could dump inside of the payload.bin in the new OTA-update). You can download the 2.13 boot.img (and some other stuff) from here.
dotsaredots said:
Yeah, I have the boot.img for 2.13, but not (yet) for 2.22 (Need to get python working properly so I could dump inside of the payload.bin in the new OTA-update). You can download the 2.13 boot.img (and some other stuff) from here.
Click to expand...
Click to collapse
thanks for uploading, i now too have extracted 2.13 using payload_dumper.py (link from here), but for unpack payload.bin from 2.22 i think do not help any python "propertly working" because 2.22 is incremental update and this is not supported by payload_dumper.py...
btw: now i'm sure that N7p have really hybrid recovery_in_boot, what is used for any Phone that use new A/B method of updating on running system and simply switch to new update after reboot...
https://source.android.com/devices/tech/ota/ab/ab_implement
first of all you need to edit recovery.fstab in vendor partion it won`t boot because of encrypted data
The Moto X4 (payton) too has a hybrid recovery and they managed to make twrp. Might contact @mightysween or the official maintainers at twrp for hints?
Broadcasted from Zeta Reticuli
Gravemind2015 said:
The Moto X4 (payton) too has a hybrid recovery and they managed to make twrp. Might contact @mightysween or the official maintainers at twrp for hints?
Broadcasted from Zeta Reticuli
Click to expand...
Click to collapse
X4, Pixel2 and other A/B devices use a bootable recovery image (fastboot boot twrp.img) and then install a .ZIP package that patches the boot.img with TWRP recovery.
There have been other issues on the various devices with encryption, with bootcontrol partition switching, and with handling of empty "B" partitions. So proceed with caution, especially with flashing roms from TWRP before you have a way to populate the B partition.
Hi everyone,
Just got the nokia 1 - TA-1060
Would anyone be interested in me creating a stock system flasher for twrp? (may be able to flash the files via fastboot as well)
I already captured the system.img, so boot.img and vendor.img should be easy to capture.
let me know if you guys want this and Ill build a recovery zip
sooti said:
Hi everyone,
Just got the nokia 1 - TA-1060
Would anyone be interested in me creating a stock system flasher for twrp? (may be able to flash the files via fastboot as well)
I already captured the system.img, so boot.img and vendor.img should be easy to capture.
let me know if you guys want this and Ill build a recovery zip
Click to expand...
Click to collapse
Yes its very much required... The Q&,A forum is filled with people with no booting ROM... You'd be doing them a huge favor...
sooti said:
Hi everyone,
Just got the nokia 1 - TA-1060
Would anyone be interested in me creating a stock system flasher for twrp? (may be able to flash the files via fastboot as well)
I already captured the system.img, so boot.img and vendor.img should be easy to capture.
let me know if you guys want this and Ill build a recovery zip
Click to expand...
Click to collapse
Is the processor of TA-1060 and TA-1066 the same i.e MT6737M?
No stock flashable rom with pc use?
Really?
This device has very poorly built OS. It cant even handle even 1 background app. seriously?!! I have used 1 GB ram phones before but wasn't expecting this blunder from Nokia.
I tried to backup TA 1066 rom with Mtkdroid tools and but somehow the backup option was grayed and it says that "- Unknown ROM structure, backup NOT possible! ". Don't know whats wrong with this. Maybe go edition has different rom structure.
Let me know if there is any other way to take backup.
As stated above, I am trying to unbrick my Axon M with the firehose provided by Unjustified Dev. and firmware from deadman96385. When I tried using QFIL, even placing everything in its own directory on the root of the PC with no spaces in file names, it would get stuck when flashing. And whenever I tried to use MiFlash, I would get the error:"couldn't find flash script" when I selected the firmware folder. Any help is much appreciated.
Just to make sure, When I mentioned to use his firehose, I meant download the other firehose files but then use his firehose as the programmer, did you do that?
edit: I used the edl 37 firmware and the firehose from unjustified, edited the program to remove entire userdata section, renamed unjustified's twrp to recovery.img, edited the boot.img to remove secure boot and used those instead of stock and finally used qfil to flash, I had no errors. but i also used a good cable. Besides the boot and recovery edit, you should be ok as long as the rest was done.
ff7cloudsnobody said:
Just to make sure, When I mentioned to use his firehose, I meant download the other firehose files but then use his firehose as the programmer, did you do that?
edit: I used the edl 37 firmware and the firehose from unjustified, edited the program to remove entire userdata section, renamed unjustified's twrp to recovery.img, edited the boot.img to remove secure boot and used those instead of stock and finally used qfil to flash, I had no errors. but i also used a good cable. Besides the boot and recovery edit, you should be ok as long as the rest was done.
Click to expand...
Click to collapse
I'm confused, I am using Deadmans b37 firmware, and Unjustified's firehose. I removed the entire userdata line from rawprogram0, and used that with the accompanying patch xml file with QFIL. I don't know how to alter boot.img, and where would I place the edited "recovery.img" file? I am using a good USB cable as well.
ehsan96696 said:
I'm confused, I am using Deadmans b37 firmware, and Unjustified's firehose. I removed the entire userdata line from rawprogram0, and used that with the accompanying patch xml file with QFIL. I don't know how to alter boot.img, and where would I place the edited "recovery.img" file? I am using a good USB cable as well.
Click to expand...
Click to collapse
Ignore the img edits, that's what I did but its not necessary. Are you running qfil as admin? Is the directory simple, no spaces or symbols? What is the latest error you are getting?
boot
ff7cloudsnobody said:
Just to make sure, When I mentioned to use his firehose, I meant download the other firehose files but then use his firehose as the programmer, did you do that?
edit: I used the edl 37 firmware and the firehose from unjustified, edited the program to remove entire userdata section, renamed unjustified's twrp to recovery.img, edited the boot.img to remove secure boot and used those instead of stock and finally used qfil to flash, I had no errors. but i also used a good cable. Besides the boot and recovery edit, you should be ok as long as the rest was done.
Click to expand...
Click to collapse
Hello.
Can you share your patched boot image, please? Perhaps, after the removal of secure boot, it will be possible to patch the boot image with Magisk (in working Android), and then flash it with TWRP or QFIL, thus obtaining root?
WBR, Draco.
ff7cloudsnobody said:
Ignore the img edits, that's what I did but its not necessary. Are you running qfil as admin? Is the directory simple, no spaces or symbols? What is the latest error you are getting?
Click to expand...
Click to collapse
I did run qfil as admin. These pictures will show the directory: https://imgur.com/M2TdriT https://imgur.com/BmwyeMa
I did not encounter error, it just gets stuck as shown above.
Drakosha said:
Hello.
Can you share your patched boot image, please? Perhaps, after the removal of secure boot, it will be possible to patch the boot image with Magisk (in working Android), and then flash it with TWRP or QFIL, thus obtaining root?
WBR, Draco.
Click to expand...
Click to collapse
Bam. Let me know how it goes, wasn't gonna mess with root until I finished getting a fully working 8.1 AOSP done. After that, I'm gonna try getting this bad boy all the way to android 10.
ehsan96696 said:
I did run qfil as admin. These pictures will show the directory: https://imgur.com/M2TdriT https://imgur.com/BmwyeMa
I did not encounter error, it just gets stuck as shown above.
Click to expand...
Click to collapse
rename that folder, that name is way too long. Name it z999update37 or something short and sweat like I did and see if that helps, you can also see if it was a bad download by trying a new one. it just seems to be getting stuck on the emmc portion. Like someone else said in the other thread, make sure the config of qfil is for emmc and that not really anything is selected.
edit: I attached my emmc file, try using it in your folder to see if thats the issue
ff7cloudsnobody said:
Bam. Let me know how it goes, wasn't gonna mess with root until I finished getting a fully working 8.1 AOSP done. After that, I'm gonna try getting this bad boy all the way to android 10.
rename that folder, that name is way too long. Name it z999update37 or something short and sweat like I did and see if that helps, you can also see if it was a bad download by trying a new one. it just seems to be getting stuck on the emmc portion. Like someone else said in the other thread, make sure the config of qfil is for emmc and that not really anything is selected.
edit: I attached my emmc file, try using it in your folder to see if thats the issue
Click to expand...
Click to collapse
So, few things. After following all of Undead's installation steps (minus using QFIL), and the steps that I listed at the start of this post, I used the miflash from the axon 7 tutorial page here:https://forum.xda-developers.com/axon-7/development/edl-emergency-dl-mode-twrp-unlock-t3553514
For some reason any other Miflash would give the previously stated error. I then installed the ZTE Android drivers provided. And using deadman's B37, Miflash worked like a charm!
ff7cloudsnobody said:
Bam. Let me know how it goes, wasn't gonna mess with root until I finished getting a fully working 8.1 AOSP done. After that, I'm gonna try getting this bad boy all the way to android 10.
Click to expand...
Click to collapse
Hello.
I flashed B37 with your boot image & TWRP successfully (using MiFlash; QFIL stopped at the same emmc_appsboot file). Except for "TV Mode setup" that was blocking the normal startup, everything went smooth. However, when I attempted to flash Magisk-patched boot image using TWRP, the phone refused to boot, so I had to re-flash an original boot.img. I guess, root access will be a bit more complicated since the bootloader appears to be locked indeed...
Can you sign the rooted boot image with the same keys as the rest of the b37 firmware? Perhaps, then it will work?
Best regards,
Draco.
ehsan96696 said:
So, few things. After following all of Undead's installation steps (minus using QFIL), and the steps that I listed at the start of this post, I used the miflash from the axon 7 tutorial page here:https://forum.xda-developers.com/axon-7/development/edl-emergency-dl-mode-twrp-unlock-t3553514
For some reason any other Miflash would give the previously stated error. I then installed the ZTE Android drivers provided. And using deadman's B37, Miflash worked like a charm!
Click to expand...
Click to collapse
Weird but awesome that it worked
Drakosha said:
Hello.
I flashed B37 with your boot image & TWRP successfully (using MiFlash; QFIL stopped at the same emmc_appsboot file). Except for "TV Mode setup" that was blocking the normal startup, everything went smooth. However, when I attempted to flash Magisk-patched boot image using TWRP, the phone refused to boot, so I had to re-flash an original boot.img. I guess, root access will be a bit more complicated since the bootloader appears to be locked indeed...
Can you sign the rooted boot image with the same keys as the rest of the b37 firmware? Perhaps, then it will work?
Best regards,
Draco.
Click to expand...
Click to collapse
Right now I'm focused on building the aosp instead of editing the current setup more than have. You can use the android image kitchen to unpack the imgs and edit them. I just used notepad to do my edits.
Root
ff7cloudsnobody said:
Right now I'm focused on building the aosp instead of editing the current setup more than have. You can use the android image kitchen to unpack the imgs and edit them. I just used notepad to do my edits.
Click to expand...
Click to collapse
Can you, please, look into this problem and help us obtain root? It is absolutely necessary for this phone outside of US, right now it's just a small tablet Building AOSP is great, but until it's ready, until it supports dualscreen & e.t.c. - there could be weeks or even months... You edited boot image, and this edited boot worked with locked bootloader - witch means, that it is still signed with OEM keys. Please, do this once more with Magisk-patched rooted image.
Thanks in advance,
WBR - Draco
Drakosha said:
Can you, please, look into this problem and help us obtain root? It is absolutely necessary for this phone outside of US, right now it's just a small tablet Building AOSP is great, but until it's ready, until it supports dualscreen & e.t.c. - there could be weeks or even months... You edited boot image, and this edited boot worked with locked bootloader - witch means, that it is still signed with OEM keys. Please, do this once more with Magisk-patched rooted image.
Thanks in advance,
WBR - Draco
Click to expand...
Click to collapse
Ok, so the boot img I had previously sent did not have all secure options disabled, try this one (already magisk patched)
ff7cloudsnobody said:
Ok, so the boot img I had previously sent did not have all secure options disabled, try this one (already magisk patched)
Click to expand...
Click to collapse
Thanks! Unfortunately, this boot does't work, the phone repeatedly boots into recovery (just like a regular boot image after being patched with Magisk). But thank you for your time anyway, with respect - Draco.
Drakosha said:
Thanks! Unfortunately, this boot does't work, the phone repeatedly boots into recovery (just like a regular boot image after being patched with Magisk). But thank you for your time anyway, with respect - Draco.
Click to expand...
Click to collapse
Doing the unpatched boot with security removed works, so this must be something that is in a subsection of boot.img other than build.prop. I'll have to look at what magisk changes, see what other locks ZTE has inside the image, and go from there.
edit: at this point, this conversation is not related to the post. If I make a breakthrough then I will make a new thread.
Hello, thanks for all people, who have written this thread! I bought an Axon M which was bricked. I tried QFIL with the B30 ATT firmware, but it didn't worked. Than, as already mentioned, i have to remove the userdata line from rawprogram , use the firehose from Unjustified Dev from and with MiFlash it worked without any problems. I had problems with getting into the qdloader mode, but i tried several combinations with Power and Volume Buttons, until i got into the qdloader mode.
Hi all
I need Loader please for this AT&T Z999 model
the one I found in this publication did not work for me : https : // forum.xda-developers.com/axon-m/how-to/rom-zte-axon-m-stock-firmware-firehose-t3909847
I just wish this method would work to update the AT&T Axon M from B30 to B37.
tj65 said:
Hello, thanks for all people, who have written this thread! I bought an Axon M which was bricked. I tried QFIL with the B30 ATT firmware, but it didn't worked. Than, as already mentioned, i have to remove the userdata line from rawprogram , use the firehose from Unjustified Dev from and with MiFlash it worked without any problems. I had problems with getting into the qdloader mode, but i tried several combinations with Power and Volume Buttons, until i got into the qdloader mode.
Click to expand...
Click to collapse
Are you able to provide the firehose that you used?
I tried the B37 and the firehost from this link https://forum.xda-developers.com/t/rom-zte-axon-m-stock-firmware-firehose.3909847/
along with the miflash from this link https://forum.xda-developers.com/t/edl-a2017-a2017u-emergency-dl-mode-twrp-unlock-upgrade.3553514/
But it always fails.
It will simply give an error of "Cannot receive hello packet"
then it will eventually go to the error of
"Object reference not set to an instance of an object."
I am using an AT&T Z999 that is on B30, and I am trying to get it updated to B37 (currently not looking to root or anything else, just want to update without having to have active AT&T service.
Edit: I think I found the right one. https://forum.xda-developers.com/t/...-unofficial-twrp-recovery-for-axon-m.3959314/
So far, copying that firehose file into the B37 folder seems to be allowing it to flash.
There maybe a number of reasons to go back to the stock ROM. We do not discuss them here
But what to do if you flashed something, wanting to go back to stock, and did not brick your Realme X2 yet? Here is super quick howto guide. There are other possible ways and sequences to perform the task, but the one listed below is tested.
The same procedure applys for a case when you want to downgrade you phone (when its bootloader unlocked). Say, current custom ROMs are based on ColorOS 6.1/Android 9 vendor contents but you have realmeUI/Android 10 already. In order to try one of those custom ROMs you should downgrade to the latest Android 9 stock firmware first.
The essential part of the customized phone is custom recovery. Currently Realme OZIP file does not contain stock recovery inside. It is being generated as explained below, in the post #2, see EDIT3. It means you need to find somewere PROPER stock recovery corresponding to your ROM to put it back. See Realme X2 stock recovery links below, post #2, EDIT4.
Which stock recovery to use? The one for your model and which version is not newer than the ROM version you are flashing. For example, you need A.17 stock ROM for CN model (RMX1991). Then any recovery of A.12, A.14, A.16, A.17 for RMX1991 will work for you.
Download and unzip the stock recovery partition image from the next post, this will be a file like rmx1991-sde20-stock_recovery.img.
Download stock ROM ozip file (for example, from here). Put it to a SD card with a filesystem which supports files more than 2GB (ext4 works fine. Stock recovery, but not ColorOS, supports it). Put the SD card into the phone.
Start (reboot) phone into fastboot mode
From a computer perform fastboot flash recovery rmx1991-sde20-stock_recovery.img
From the fastboot mode by means of volume buttons select 'Recovery mode' and push Power button
From the stock recovery select language needed (there are three only), then 'Install from storage device', then 'From SD card', tap the OZIP file with your ROM
When the update process is done, phone reboots. Most likely, it will not be able to boot normally because you need to wipe out data. Either help the phone with keeping Vol Down button pressed during reboot, or it will boot recovery by itself. Now wipe data (confirm by entering random 4-digit code), select 'Format data'. Phone will reboot
Here it is. Enjoy (or sell your Realme X2 with its shiny stock experience...
If you want to lock bootloader after all above mentioned steps (you have to make them all unless you wanna get a brick ), boot fastboot mode, perform fastboot flashing lock. This will wipe your data again. Then optionally lock 'OEM Unlock' option in 'Developer Options'. Even further, you can install In-DepthTest.apk and sign out from In-Depth Test program.
2022-12-25 EDIT: For downgrade from Android 11 to 10 read this post
I have found out that in fact stock recovery does not exist as a prebuilt file It is being created by the script /system/bin/install-recovery.sh on a basis of stock boot partition and a patch file /system/recovery-from-boot.p
It means in theory you can recreate stock recovery having only Realme ozip file.
EDIT1 The command to do it in Linux shell is
Code:
bspatch boot.img selfmade_stock_recovery.img recovery-from-boot.p
Cool! Tested.
EDIT2. For the current moment when unlocked bootloader breaks fingerprint sensor: as soon as the bootloader is locked again, fingerprint starts functioning as it should.
EDIT3 Becomes clear that each ROM release has its own stock recovery which is generated automatically on the basis of boot.img and recovery-from-boot.p . Not only boot.img is being changed each release, but recovery-from-boot.p is changing as well. If the wrong stock recovery is installed, you might not be able to decrypt data and connect to WiFi from within recovery. Seemingly it may bring you serious problems if locking back bootloader (thus bricking the device). Good thing (as I understood, but not checked yet) is that after flashing stock ROM with a help of a stock recovery next reboot should replace your stock recovery with an up-to-date version of it. So to be on a safe side make sure that you rebooted to system and that your recovery reflashed by the system before you lock bootloader.
EDIT4 In order to combine everything in one place:
Stock recoveries for RMX1991 (China version): here
Stock recoveries for RMX1992 (India version): here
Stock recoveries for RMX1993 (Euro version): here
EDIT5 In later ROM releases patch and script files are relocated into vendor partition, they are /bin/oppo-install-recovery.sh and /recovery-from-boot.p there.
EDIT6 Please note that the method above is working with officially downloaded ROMs from realme support site (read here why).
So this method works if you brick your phone trying to install a global rom to china variant..
Hi,
does only works with SDcard insert.
Because the internal storage is decrypted.
And it does not work on X2.
But why?
Installation failed?
This method will bring back my FP working again right?
Can you please confirm this method https://boycracked.com/2019/10/26/official-realme-x2-rmx1991-stock-rom/
SkyeJace said:
This method will bring back my FP working again right?
Click to expand...
Click to collapse
You have to lock bootloader for this. See the very last part of the howto, post #1
AldRezaine said:
Can you please confirm this method https://boycracked.com/2019/10/26/official-realme-x2-rmx1991-stock-rom/
Click to expand...
Click to collapse
The site provides generalized instructions for everything
As for Realme X2, there are two methods claimed, one is for ozip file, another for ofp file; last one is not yet publicly available somewhere (the link is replaced by the Coming soon promise).
If you find there something certain regarding ozip procedure for Realme X2, give me the link, please. I couldn't
why I back to stock rom, apps i uninstalled it is don't auto reinstall?
hello guys, how can i get the 1993ex stock recovery? i screwd up big time !
hammerheading said:
hello guys, how can i get the 1993ex stock recovery? i screwd up big time !
Click to expand...
Click to collapse
Read the post #2 in this thread, it contains ample info needed for this. If you are requesting ready-to-flash stock recovery file, you should tell the version of the ROM you are going to flash and powerful word please to it
BaDuc said:
why I back to stock rom, apps i uninstalled it is don't auto reinstall?
Click to expand...
Click to collapse
I am not 100% sure I understand you right. If you are about some stock apps missing after wiping the userdata partition, this is true: some of the apps were preinstalled onto data space (some of them are Weather app, One-Tap Lockscreen). I could find only some of them in a form of apk files.
yakovpol said:
Read the post #2 in this thread, it contains ample info needed for this. If you are requesting ready-to-flash stock recovery file, you should tell the version of the ROM you are going to flash and powerful word please to it
Click to expand...
Click to collapse
Thanks a lot for the attention. I tryed to recreate the recovery but with no success because i dont know the proper method, it's a bit over my android skills as i can only root unlock bl and do some minor stuff and GSI is a new thing for me. AS for the version it is the a17 of the 1993ex(eu).
yakovpol said:
I am not 100% sure I understand you right. If you are about some stock apps missing after wiping the userdata partition, this is true: some of the apps were preinstalled onto data space (some of them are Weather app, One-Tap Lockscreen). I could find only some of them in a form of apk files.
Click to expand...
Click to collapse
yes, right my mind, including my Breeno is faulty, and now I can't click to setting Breeno in the settings, do you have apk of app, can you send me?
hammerheading said:
Thanks a lot for the attention. I tryed to recreate the recovery but with no success because i dont know the proper method, it's a bit over my android skills as i can only root unlock bl and do some minor stuff and GSI is a new thing for me. AS for the version it is the a17 of the 1993ex(eu).
Click to expand...
Click to collapse
For the moment I have one for the EU A.16 version only, look here. Eventually A.17 will be added there too.
BaDuc said:
yes, right my mind, including my Breeno is faulty, and now I can't click to setting Breeno in the settings, do you have apk of app, can you send me?
Click to expand...
Click to collapse
Those I have are uploaded to here.
yakovpol said:
Those I have are uploaded to here.
Click to expand...
Click to collapse
thanks you very much
yakovpol said:
For the moment I have one for the EU A.16 version only, look here. Eventually A.17 will be added there too.
Click to expand...
Click to collapse
Thank you so much, that did the trick!! i was able to flash the a17 and the phone is working fine now . But i'm not trully satisfied, i can't find a away to flash a GSI rom successfully, but that's another topic ... Thank you again and keep up the good work !
can u plsss provide stock recovery for realme x2 rmx1992, i bricked my phone trying to install stock os since 2 days, cant find a way..if some has the recovery pls provide it. im able to boot to twrp, bootloader is unloced and with the other recoveries im not able to intsall the stock rom.pls help.
Can send me 1992 stcok recovery file ozip please.