Since the sources are out, is there a kernel with dm-verity disabled?
I want to be able to root and keep TWRP, make some changes (hosts, restore some titaniumbackup files), unroot and still pass the checks, which normally fails due to safetynet detecting the unlocked bootloader. If I understood correctly, disabling dm-verity will allow safetynet to pass even with unlocked BL?
Or is that outdated info?
I pass safetynet with an unlocked bootloader,TWRP and root (Magisk). Just install the MagiskHide Props Config module via Magisk Manager->Modules and in a terminal type:
su
props
and apply the fix and select mate 10 as device
I'm trying to avoid using magisk to avoid losing safetynet access when an update comes. I really only need root once.
I believe you can fully uninstall magisk and pass safetynet as it was stock again
No, unfortunately not, since safetynet detects the unlocked bootloader.
Arak0n said:
No, unfortunately not, since safetynet detects the unlocked bootloader.
Click to expand...
Click to collapse
Oh sorry didn't knew that, thought maybe just using unsu.zip would do the trick
When I get onto huawei with a legal threat of GPL violation, hopefully the kernel sources will build a working bootable image, rather than the broken, unbootable one I have installed right now. Side note: I need the working stock kernel & ramdisk if anyone has it.
Sent from my kminiltexx using XDA Labs
hackintosh5 said:
When I get onto huawei with a legal threat of GPL violation, hopefully the kernel sources will build a working bootable image, rather than the broken, unbootable one I have installed right now. Side note: I need the working stock kernel & ramdisk if anyone has it.
Sent from my kminiltexx using XDA Labs
Click to expand...
Click to collapse
Can't you use Huawei Firmware Finder and Huawei Update Extractor to get stock kernel & ramdisk? I could send you these extracted from an full OTA update.zip. What I can't do is send you these files extracted from my phone because it took a long time going back to stock and get safetynet running, so I don't want to risk that by unlocking the bootloader and flashing twrp again. Just tell me if the extracted files would be enough for you.
kaiomatico said:
Can't you use Huawei Firmware Finder and Huawei Update Extractor to get stock kernel & ramdisk? I could send you these extracted from an full OTA update.zip. What I can't do is send you these files extracted from my phone because it took a long time going back to stock and get safetynet running, so I don't want to risk that by unlocking the bootloader and flashing twrp again. Just tell me if the extracted files would be enough for you.
Click to expand...
Click to collapse
The files are great, but, sorry to tell you, someone else already sent them to me.
However, there's good news, I got Honor Support to escalate my request to a supervisor so maybe someone will actually give me sources now! Yay.
Related
UPDATE – 07.03.2017
This patch is no longer required to have Google Device Certification.
After install ROM B594 no further actions are required.
Thanks to "who" did this correction … and I hope somehow this thread helped to speed up solving this mismatching.
Note:
I created a new flashable zip to set original B594 local.prop in case of someone want revert the patch without install the complete ROM
_____________________________
_____________________________
WARNING: I'M NOT RESPONSIBLE FOR SCREWING UP YOUR PHONE
If you are not used to solve soft-brick don't play with this.
After installation of new stock ROM ALE-L21C432B594
- Device become uncertified
- SaftyNet status fail, due to CTS profile mismatch
How to get back device certification and CTS profile match?
- You have to change Fingerprint from B594 to B588 (at least worked to me)
- File to change => local.prop
- Location => /cust/hw/eu/prop
- See image enclosed how to change it
- After you aplied this, unroot your device, run the Safety Net test, check Play Store Settings and check if it works
- I created flashable zip in case your device is not rooted but you have TWRP installed
Thanks, it worked for me
Btw. You can root with magisk to pass SafetyNet with root.
Ok, if we don't have open bootloader, we should wait until certificated automatically? It's just the number, so it's maybe just not documented by Google, right? Hope so
If you're not rooted and do not have a custom recovery, how do you apply this?
I've extracted CUST.img from the UPDATE.APP, edited the file and rebuilt the image. Can I just use fastboot to flash it?
@proze.za
Try first without this patch. I have changed this line back and I can still pass SafetyNet. What's more my device is certified...
You need unlocked bootloader to flash cust.img and if you have unlocked bl you can just flash TWRP.
dominj97 said:
@proze.za
Try first without this patch. I have changed this line back and I can still pass SafetyNet. What's more my device is certified...
You need unlocked bootloader to flash cust.img and if you have unlocked bl you can just flash TWRP.
Click to expand...
Click to collapse
You're right. I just checked and my device is certified with B594.
proze.za said:
You're right. I just checked and my device is certified with B594.
Click to expand...
Click to collapse
So B594 it's certified? Or you did something?
Azzureux said:
So B594 it's certified? Or you did something?
Click to expand...
Click to collapse
I just installed the full B594 update (placed UPDATE.APP in dload on an sdcard, etc). And it says it is certified.
Now CTS is passed without change anything. SafetyNet-Check completly passed, but in Play Store uncertificated. No problems at all
First post updated
After full rom reflash I get no "uncertified" message
Audriuskins said:
After full rom reflash I get no "uncertified" message
Click to expand...
Click to collapse
You want tell us that we just have to update from B594 to B594 to get certificated back?
Edit: I have tried, but that isn't working. So I have to live with that.
dominj97 said:
Thanks, it worked for me
Btw. You can root with magisk to pass SafetyNet with root.
Click to expand...
Click to collapse
Thanks for the hint :good:
I tried and it works
Works, too. Closed Bootloader, no root. Uncertificated is shown on Play Store, but everything is passed since monday.
allrightlite said:
Works, too. Closed Bootloader, no root. Uncertificated is shown on Play Store, but everything is passed since monday.
Click to expand...
Click to collapse
Monday! I thought it was on Tuesday, but anyway, what was tested this time was only if SafetyNet passed on the device with root.
Like dominj97 mention on his post it works if I make root with Magisk.
I tested with SuperSU, Suhide, Superuser, but in my case only worked with Magisk.
Thread closed as per OP request.
Forum moderator,
Matt
So I've already used magisk on my A520F. But the thing is I had to use TWRP to flash it- So that meant that the binaries changed from Samsung Official to custom and things like Knox tripped as it detected I had tampered with the OS (because of TWRP, not Magisk)
So recently I started to search for a way to flash magisk on the ROM I have without the need of using a tool like TWRP, and I just read the official thread but, as I'm almost a noob on these things, I have some questions to ask:
1- I know how to extract boot.img- but then what? What is to patch it? I didn't understand that quite well
2- Lets say I have a firmware(official) which I flashed into my phone. If I extract the AP file and get the boot.img from there, as it's the same file It's supposedly flashed onto my phone, can I use that boot.img to install magisk?
A third thing, not related to magisk but I would be intrested to know
I've installed a UK firmware which turned out to be a Carrier firmware- I had to delete hidden.img to make it flash. I entered into downlaod mode to check everything was in 'official mode' and then I just realised that a new line had appeared in the Download mode list
RMM STATE: Prenormal
Can someone explain what is it?
Thanks anyone who helps me.
Okay, I've already figured out what to do with the boot.img
Tho I still need answer for the second question
carlosmedia said:
So I've already used magisk on my A520F. But the thing is I had to use TWRP to flash it- So that meant that the binaries changed from Samsung Official to custom and things like Knox tripped as it detected I had tampered with the OS (because of TWRP, not Magisk)
So recently I started to search for a way to flash magisk on the ROM I have without the need of using a tool like TWRP, and I just read the official thread but, as I'm almost a noob on these things, I have some questions to ask:
1- I know how to extract boot.img- but then what? What is to patch it? I didn't understand that quite well
2- Lets say I have a firmware(official) which I flashed into my phone. If I extract the AP file and get the boot.img from there, as it's the same file It's supposedly flashed onto my phone, can I use that boot.img to install magisk?
A third thing, not related to magisk but I would be intrested to know
I've installed a UK firmware which turned out to be a Carrier firmware- I had to delete hidden.img to make it flash. I entered into downlaod mode to check everything was in 'official mode' and then I just realised that a new line had appeared in the Download mode list
RMM STATE: Prenormal
Can someone explain what is it?
Thanks anyone who helps me.
Click to expand...
Click to collapse
RMM state: This probably stands for Remote Monitoring & Management. RMM seemingly manages to prevent users from installing a custom binary on their devices while its active.
How RMM works?
There’s more to it than just that though. Say, your device was stolen, or you dropped it and someone found it but decides to use it himself. He’ll wipe your device probably, and when he does, RMM will make it a requirement that the device is connected to the Internet after the first boot. Otherwise, the person, or the thief, won’t be able to get past the setup screen. If he does connect to the Internet, the device will ask for your Google account instead of letting any account be used. Your account information is saved on an FRP partition the device. Since he can’t flash any custom binaries at all, there’s no way for him to get rid of it.
Same Situation
carlosmedia said:
Okay, I've already figured out what to do with the boot.img
Tho I still need answer for the second question
Click to expand...
Click to collapse
Can you help me on how you manage to flash the boot.img of magisk along with the stock ?
can i flash magisk using twrp and get root?
It worked for me using twrp from https://forum.xda-developers.com/p10/development/recovery-twrp-3-2-1-0-emui-8-0-4-04-2018-t3773449 and magisk 16.0 on oreo firmware.
Quick answer...yes.
On Oreo (VTR-L09C432B360), I installed the 15.4 version from here... https://forum.xda-developers.com/p10-plus/development/magisk-p10-p10plus-t3752482 (it's for the P10 Plus but works on P10's as well)
You can then update to the latest version (v16) via the Magisk Manager app.
Nougat here... https://forum.xda-developers.com/p10/how-to/guide-huawei-p10-root-magisk-magisk-t3625151
colthekid said:
Quick answer...yes.
On Oreo (VTR-L09C432B360), I installed the 15.4 version from here... https://forum.xda-developers.com/p10-plus/development/magisk-p10-p10plus-t3752482 (it's for the P10 Plus but works on P10's as well)
You can then update to the latest version (v16) via the Magisk Manager app.
Nougat here... https://forum.xda-developers.com/p10/how-to/guide-huawei-p10-root-magisk-magisk-t3625151
Click to expand...
Click to collapse
It's doable on any p10's right like I have the dual sim version.
One more question....to get the treble ROM I have to root right?
Those have flashed successfully, did your SafetyNet pass completely? ctsProfile is the only issue I'm having right now
naeemomr said:
It's doable on any p10's right like I have the dual sim version.
One more question....to get the treble ROM I have to root right?
Click to expand...
Click to collapse
Works on all P10's as far as I'm aware. Don't know about Treble, I'm on stock.
MrDanMak said:
Those have flashed successfully, did your SafetyNet pass completely? ctsProfile is the only issue I'm having right now
Click to expand...
Click to collapse
Yes SafetyNet passes fine
colthekid said:
Works on all P10's as far as I'm aware. Don't know about Treble, I'm on stock.
Yes SafetyNet passes fine
Click to expand...
Click to collapse
Damn, didn't work for me. Just the ctsProfile: False issue I'm having. On the B360 firmware using the latest TWRP that works for the P10 as well. Know of anything else I can do to fix this perhaps?
Try Magisk in core only mode and turn on Magisk Hide, other than that I don't know I'm afraid.
-i instaled magisk manager (16)
-patched the original boot parition (you have to untrigger both options in magisk manager..."keep force encryption" "keep AVB 2.0/dm-verity)
-flashed modified boot parition with TWRP
-all OK, safetynet OK
DallasCZ said:
-i instaled magisk manager (16)
-patched the original boot parition (you have to untrigger both options in magisk manager..."keep force encryption" "keep AVB 2.0/dm-verity)
-flashed modified boot parition with TWRP
-all OK, safetynet OK
Click to expand...
Click to collapse
Hi DallasCZ,
May I ask you to be more specific?
I just ordered a P10 and I would like root it with Magisk (I alrady have a Lenovo Tab3 8Plus (TB-8703F) and successfully routed with Magisk (Safety Net check is green))
So, what are the steps? Can I use the original Magisk, or should I use a P10 specific? And how the OTA updates work with the Magisk? Eg.: Do you have to disable it before update? I hope not, since Magisk is systemless and the Oreo ROM is Treble "compatible". Oh, and could you give me a link to a working TWRP, which is compatible with the latest Oreo?
Thanks everything in advance!
So, is it not possible to flash ramdisk without unlocking bootloader?
cesedy said:
So, is it not possible to flash ramdisk without unlocking bootloader?
Click to expand...
Click to collapse
Yes you jave to unlock bootloader first.
Finally I got my phone. Now I'm testing, and getting familiar with it. But after that, I really need some help / advice ...
So my questions are the follows:
If I open the bootloader (no root, no other modifications), will I get OTA updates, and will they work?
Which TWRP is recommended? twrp 3.2.1-0 OREO or TWRP 3.2.1-0 for EMUI 8.0 or another one? What is the difference between the first two?
Can I use the official Magisc? I'm on VTR-L29 8.0.0.360(C432)
And the "really big" question: Is it possible to have OTA updates and Magisk at the same time? If yes, how?
Dexterova said:
Finally I got my phone. Now I'm testing, and getting familiar with it. But after that, I really need some help / advice ...
So my questions are the follows:
If I open the bootloader (no root, no other modifications), will I get OTA updates, and will they work?
Which TWRP is recommended? twrp 3.2.1-0 OREO or TWRP 3.2.1-0 for EMUI 8.0 or another one? What is the difference between the first two?
Can I use the official Magisc? I'm on VTR-L29 8.0.0.360(C432)
And the "really big" question: Is it possible to have OTA updates and Magisk at the same time? If yes, how?
Click to expand...
Click to collapse
Guys, don't bother with answering my question. It seems that Huawei removed the possibility to get unlock code. So, right now it seems I'll never be able to root my device
Dexterova said:
Guys, don't bother with answering my question. It seems that Huawei removed the possibility to get unlock code. So, right now it seems I'll never be able to root my device
Click to expand...
Click to collapse
Apparently you can contact customer service and receive the unlock code after a couple of days.
M1chiel said:
Apparently you can contact customer service and receive the unlock code after a couple of days.
Click to expand...
Click to collapse
Are you sure? How? Just write an e-mail to [email protected]? But why they shut down the request page / site? This does not make any sense.
Dexterova said:
Are you sure? How? Just write an e-mail to [email protected]? But why they shut down the request page / site? This does not make any sense.
Click to expand...
Click to collapse
Huawei Reddit
M1chiel said:
Huawei Reddit
Click to expand...
Click to collapse
OK, I'll give it a try...
... (other) question(s):
If I open (no root) the bootloader, will I get OTA updates?
In other words: you guys, with Magisk, how do you update your devices?
Because we do not make a list of which modules work 100% in magisk in P10, since for example xposed produces a hard brick.
Sorry my bad english
Is this still available [email protected]?
I got this error message:
The response from the remote server was:
550 5.1.1 Error: invalid recipients is found from 209.85.216.178
I have finally figured out a way to use Secure Folder with a rooted / knox tripped phone!
So far this is WIP, but I have tested it to work on an SM-G960F running April 2019 rom.
You will need a GNU/Linux machine to patch your system, but a flashable zip is coming soon.
Instructions (note these are github links, I can't post actual links):
Get the tool at nm111/knoxpatch2
Install dexpatcher. You can use DexPatcher/dexpatcher-gradle-tools
Install vdexExtractor and compact_dex_converter (both can be found at anestisb/vdexExtractor)
Run ./pull_files.sh
Run ./patch.sh
Copy out/services.jar back onto the device.
Edit build.prop and remove ro.config.iccc_version.
Now secure folder will work.
Proof coming soon.
You would be our hero if you can complete this project
I have done some research, and I think it is unlikely that a flashable zip would work, unless someone could get compact_dex_converter running in TWRP (it just segfaults). I added some more scripts to download and deodex services.jar. Also I have uploaded my own patched build PPR1.180610.011.G960FXXS3CSD1 services.jar at drive[.]google[.]com/file/d/1AW7urpwMzjj3gorumsmfMeu6qh3cxD6J/view?usp=sharing. BTW, this works perfectly as far as I can see. Could someone try it out and post what happens?
It's just for pie?
denkazzzget said:
It's just for pie?
Click to expand...
Click to collapse
In theory, it should work on oreo, but I haven't tried it. You need to patch yourself though.
Good news bro and good work, i wait the flashable Zip
Nice work hope we can get the flushable soon
Eagerly waiting. The only thing stopping me from rooting is Knox tripper!!! Don't want to lose my last 6 months of warranty.
By the way, Wil this be universal and not processor specific? Curious me!
Are other features like samsung pass / pay accessible with this patch ? Normally you also lose these with root
effry said:
Are other features like samsung pass / pay accessible with this patch ? Normally you also lose these with root
Click to expand...
Click to collapse
Samsung pass would probably never work as it checks the warranty status internally in the trustlet and just never allows storage of data if WB is blown. Samsung pay may work if I can bypass the signature check (I am working on it now).
zeyaan said:
Eagerly waiting. The only thing stopping me from rooting is Knox tripper!!! Don't want to lose my last 6 months of warranty.
By the way, Wil this be universal and not processor specific? Curious me!
Click to expand...
Click to collapse
You will still lose warranty if you root, this is just so you can use Knox apps.
It might work on other phones (i think that's what you mean), but I don't have any other phones so can't check.
Will test this on my N9 and I will report back
nm111 said:
I have finally figured out a way to use Secure Folder with a rooted / knox tripped phone!
So far this is WIP, but I have tested it to work on an SM-G960F running April 2019 rom.
You will need a GNU/Linux machine to patch your system, but a flashable zip is coming soon.
Instructions (note these are github links, I can't post actual links):
Get the tool at nm111/knoxpatch2
Install dexpatcher. You can use DexPatcher/dexpatcher-gradle-tools
Install vdexExtractor and compact_dex_converter (both can be found at anestisb/vdexExtractor)
Run ./pull_files.sh
Run ./patch.sh
Copy out/services.jar back onto the device.
Edit build.prop and remove ro.config.iccc_version.
Now secure folder will work.
Proof coming soon.
Click to expand...
Click to collapse
Can you share the zip please
Update:
I have created a better version which bypasses all integrity checks but SPAY and SPASS still do not work due to them using their own trustlets. Also it is highly insecure as it forces all signature checks to return true. If I get DexPatcher to work on this then I will fix the signatures (or make an xposed module?) but if not I will release this later.
A zip will 100% not work. I have tried for ages and no luck. This is because the Samsung libraries are not loaded when in recovery so the patcher and deodexer do not work. The likely result will be a Magisk module or app which does the patching.
I am still working on this so please wait!
nm111 said:
Update:
I have created a better version which bypasses all integrity checks but SPAY and SPASS still do not work due to them using their own trustlets. Also it is highly insecure as it forces all signature checks to return true. If I get DexPatcher to work on this then I will fix the signatures (or make an xposed module?) but if not I will release this later.
A zip will 100% not work. I have tried for ages and no luck. This is because the Samsung libraries are not loaded when in recovery so the patcher and deodexer do not work. The likely result will be a Magisk module or app which does the patching.
I am still working on this so please wait!
Click to expand...
Click to collapse
Thank you <3 , We are waiting :good:
nm111 said:
Update:
I have created a better version which bypasses all integrity checks but SPAY and SPASS still do not work due to them using their own trustlets. Also it is highly insecure as it forces all signature checks to return true. If I get DexPatcher to work on this then I will fix the signatures (or make an xposed module?) but if not I will release this later.
A zip will 100% not work. I have tried for ages and no luck. This is because the Samsung libraries are not loaded when in recovery so the patcher and deodexer do not work. The likely result will be a Magisk module or app which does the patching.
I am still working on this so please wait!
Click to expand...
Click to collapse
Would appreciate if you will be able to record to process how to do it as well. Thank you and we are all waiting for this method.
So, how is the progress going so far? All good?
Sorry for that basic question, I'm eagerly waiting, I only want the Secure folder, that's it.
Thank you and keep going!
I think this is a cagada de toro, he have proof nothing
Secure folder is working on dr ketan roms with root
halo87 said:
Secure folder is working on dr ketan roms with root
Click to expand...
Click to collapse
Great,, is there Rom for S9?
Hi,
I hope somebody can give me a hint.
I just got a used p20 pro with open bootloader but stock rom.
Unfortunately the Google security check has some "problems" with this situation and doesn't allow me to use several apps like Netflix, Google pay, etc.
So I'm looking for a way to easily fix this problem, the phone will be used by my parents.
Either lock the bootloader or "hide" it probably.
But how - I don't have the bootloader code - and I'm not too much into android rooting...
Usefull hints are appreciated.
Merry xmas
Mounty
You're on thin ice my pedigree chum..
Avoid flashing anything that would allow a block of any kind which is an absolute reality.
Having used absolutely every ROM and OS from 8.1 to 10
My advice. Flash AOSIP and then ask in thread to get safety net working.
Literally nothing else it worth your time.
Unless you're strange and like EMUI.
In such case, stuck with stock.
Just be aware you're in a position that a lot of people would kill for.
Google have done some **** stuff to make people who have unlocked bootloader a nightmare. I don't think there is a way to hide it unless you use Magisk
mounty77 said:
the phone will be used by my parents.
Click to expand...
Click to collapse
If they are not some kind of advanced users, unlocked bootloader has exactly 0 added value for them. Search the forum for flushing methods, the ones that will warn you that this method re-locks the bootloader, flush the latest stock ROM for your region and live a happy and calm life.
As a suggestion.. Use Magisk with Safety patch and you're done. You can keep the bootloader unlocked and still bypass google restrictions. (Install apps like netflix, etc.)
My phone is on 9.0.1.328 and works fine.
Horayken said:
As a suggestion.. Use Magisk with Safety patch and you're done. You can keep the bootloader unlocked and still bypass google restrictions. (Install apps like netflix, etc.)
My phone is on 9.0.1.328 and works fine.
Click to expand...
Click to collapse
Hi,
Thx so far, I think I'll try the magisk thing.
Are there any downsides on this? Will Ota updates still work?
I already downloaded and installed magisk manager, but I was not able to install magisk via magisk manager.
I downloaded the zip file and tried to install it.
But I only got the attached error.
I think I have to patch something?!
Any advise?
Thx
Mounty
mounty77 said:
Hi,
Thx so far, I think I'll try the magisk thing.
Are there any downsides on this? Will Ota updates still work?
I already downloaded and installed magisk manager, but I was not able to install magisk via magisk manager.
I downloaded the zip file and tried to install it.
But I only got the attached error.
I think I have to patch something?!
Any advise?
Thx
Mounty
Click to expand...
Click to collapse
You need to patch the ramdisk recovery file with magisk, flash it and you are good to go. It's a 5 min procedure. Let me know if you need more help with that.
This way you will hide your unlocked bootloader and you will pass safetynet.
Only downside is that if there is an ota update you will need to flash the original ramdisk recovery, do the ota and then do ramdisk recovery file patch again.
If you lock the bootloader then you won't be able to unlock it again as you won't have the code (unless you got the code from the previous owner too).
abyssq said:
You need to patch the ramdisk recovery file with magisk, flash it and you are good to go. It's a 5 min procedure. Let me know if you need more help with that.
This way you will hide your unlocked bootloader and you will pass safetynet.
Only downside is that if there is an ota update you will need to flash the original ramdisk recovery, do the ota and then do ramdisk recovery file patch again.
If you lock the bootloader then you won't be able to unlock it again as you won't have the code (unless you got the code from the previous owner too).
Click to expand...
Click to collapse
Hi,
thx for your offer/advise. I’ll try this way - it sounds most promising to me.
Can I do this on the mobile only, or do I need a pc?
Where / How do I find the ramdisk recovery?
BL Lock
I can lock (yes, lock) your bootloader for free.
Contact me at Telegram (@AntiEngineer), you don't need to open up your device.
abyssq said:
You need to patch the ramdisk recovery file with magisk, flash it and you are good to go. It's a 5 min procedure. Let me know if you need more help with that.
This way you will hide your unlocked bootloader and you will pass safetynet.
Only downside is that if there is an ota update you will need to flash the original ramdisk recovery, do the ota and then do ramdisk recovery file patch again.
If you lock the bootloader then you won't be able to unlock it again as you won't have the code (unless you got the code from the previous owner too).
Click to expand...
Click to collapse
Hi,
unfortionatly I wasn´t sucessfull till now.
At https://openkirin.net/ is a very usefull description availaible but I´m still searching for the RAMDISK Extract. I found that database where you can donwload several versions, but mine wasn´t provided there
https://pro-teammt.ru/en/online-firmware-database/
My Version is:
CLT-L29
10.0.0.138 (C432E3R1P3log)
Anybody knows where I can download that`?
Best regards
mounty
@mounty77
You are on Android 10 Beta?
Root on Android 10 Beta not working for me.
You are on Android 10 Beta?
Root on Android 10 Beta not working for me.
Click to expand...
Click to collapse
No Root, just unlocked bootloader... I want to hide the unlock of the bootloader
mounty77 said:
No Root, just unlocked bootloader... I want to hide the unlock of the bootloader
Click to expand...
Click to collapse
Installing a "RECOVERY_RAMDIS.img" patched with Magisk is rooting the phone.
I´m fine if i have to root it to hide the open bootloader