Database Develop

[Q] Rooted 4.4.2 with locked bootloader factory reset safe?

Hi, I have a republic wireless moto x I just successfully rooted and updated to 4.4.2 from 4.2.2 with a locked bootloader with no write protection (wp)
Since I updated it to 4.4.2 I have this error that pops up that I can not resolve
"Unfortunately, the process com.motorola.process.system has stopped"
I googled several pages of several website results and several pages of google but can not find the solution.
Solutions found was to:
Safe Mode (I tried this first with no apps installed on non safemode and non system apps updated, didn't work and popped up even on safe mode)
Change date & time method (didn't work)
Wipe Cache (didn't work)
Wipe Cache & dalvik cache (didn't work)
I am debating about factory reset but unsure if it will make me lose my root because I have a locked bootloader (if that matters in anyway I am still new to this, and that my moto x is from republic wireless not like other carriers with unlocked bootloaders).
Please help me and discuss with me how I can get rid of that error.

androiddoglover6969 said:
Hi, I have a republic wireless moto x I just successfully rooted and updated to 4.4.2 from 4.2.2 with a locked bootloader with no write protection (wp)
Since I updated it to 4.4.2 I have this error that pops up that I can not resolve
"Unfortunately, the process com.motorola.process.system has stopped"
I googled several pages of several website results and several pages of google but can not find the solution.
Solutions found was to:
Safe Mode (I tried this first with no apps installed on non safemode and non system apps updated, didn't work and popped up even on safe mode)
Change date & time method (didn't work)
Wipe Cache (didn't work)
Wipe Cache & dalvik cache (didn't work)
I am debating about factory reset but unsure if it will make me lose my root because I have a locked bootloader (if that matters in anyway I am still new to this, and that my moto x is from republic wireless not like other carriers with unlocked bootloaders).
Please help me and discuss with me how I can get rid of that error.
Click to expand...
Click to collapse
You shouldn't have done it. You obviously didn't read or follow any of the guides here or you would have known better.
There was ONE (very tricky and convoluted) way of retaining root and it involves SafeStrap.
Sorry to say - there will likely be no root in your future.
A factory reset will most likely not help. You will have to download the 4.4.2 SBF and re-flash the entire stock rom.
There's a guide here: http://forum.xda-developers.com/moto-x/general/guide-moto-x-return-to-100-stock-using-t2446515
^ This is the only way to get your phone back to being usable again. MAKE SURE you do NOT try to flash anything but 4.4.2. Flashing a prior version will likely permanently brick your phone.
After this process, the ONLY way you're going to obtain ROOT is to unlock your BL.
I hate to hear this happened to you, but its posted -all over- this forum that you cannot take the 4.4.2 OTA if you are rooted on a previous version. If you had followed the guide, and used Safestrap, you would be OK.....but now its too late. Once you've flashed the 4.4.2 OTA, it updates the bootloader, patching all of the exploits we used previously. Game Over.
Good Luck

samwathegreat said:
You shouldn't have done it. You obviously didn't read or follow any of the guides here or you would have known better.
There was ONE (very tricky and convoluted) way of retaining root and it involves SafeStrap.
Sorry to say - there will likely be no root in your future.
A factory reset will most likely not help. You will have to download the 4.4.2 SBF and re-flash the entire stock rom.
There's a guide here: http://forum.xda-developers.com/moto-x/general/guide-moto-x-return-to-100-stock-using-t2446515
^ This is the only way to get your phone back to being usable again. MAKE SURE you do NOT try to flash anything but 4.4.2. Flashing a prior version will likely permanently brick your phone.
After this process, the ONLY way you're going to obtain ROOT is to unlock your BL.
I hate to hear this happened to you, but its posted -all over- this forum that you cannot take the 4.4.2 OTA if you are rooted on a previous version. If you had followed the guide, and used Safestrap, you would be OK.....but now its too late. Once you've flashed the 4.4.2 OTA, it updates the bootloader, patching all of the exploits we used previously. Game Over.
Good Luck
Click to expand...
Click to collapse
I did not have a root before 4.4.2. And I did not take the 4.4.2 OTA. I did follow the guide and have used Safestrap and still have it. What do you mean flash the 4.4.2 OTA? You mean installing it through the update notification? Well I didn't do that if that is what you meant. I flashed through the using the guide to get me no WP, root, and 4.4.2. So am I still doing it wrong?

androiddoglover6969 said:
I did not have a root before 4.4.2. And I did not take the 4.4.2 OTA. I did follow the guide and have used Safestrap and still have it. What do you mean flash the 4.4.2 OTA? You mean installing it through the update notification? Well I didn't do that if that is what you meant. I flashed through the using the guide to get me no WP, root, and 4.4.2. So am I still doing it wrong?
Click to expand...
Click to collapse
Sorry for the confusion...
Hmm...you didn't mention safestrap in OP - just that you "successfully rooted and updated to 4.4.2 from 4.2.2"
OK so if you followed the guide exactly your bootloader should still be on the JellyBean bootloader.
Assuming you followed the guide, you can start over. If you're ABSOLUTELY SURE you didn't update to the 4.4.2 bootloader, then I suggest starting from scratch.
Use RSD Lite to restore the 4.2.2 (JellyBean) rom (Again, you've been warned. If theres any possibility you flashed the 4.4.2 bootloader last time, this WILL brick your phone) Also, be careful to NOT flash the 4.4.2 ROM, or you will NOT be able to root as this patches the exploit.
Just follow the guide step-by-step: http://forum.xda-developers.com/moto-x/general/guide-republic-wireless-moto-x-kitkat-4-t2738233
The first step is to restore back the 4.2.2 stock rom, so this is where you should start. Don't forget to re-install safestrap and MotoWpNoMo as described.
Please let us know how it works out.
samwathegreat

samwathegreat said:
Sorry for the confusion...
Hmm...you didn't mention safestrap in OP - just that you "successfully rooted and updated to 4.4.2 from 4.2.2"
OK so if you followed the guide exactly your bootloader should still be on the JellyBean bootloader.
Assuming you followed the guide, you can start over. If you're ABSOLUTELY SURE you didn't update to the 4.4.2 bootloader, then I suggest starting from scratch.
Use RSD Lite to restore the 4.2.2 (JellyBean) rom (Again, you've been warned. If theres any possibility you flashed the 4.4.2 bootloader last time, this WILL brick your phone) Also, be careful to NOT flash the 4.4.2 ROM, or you will NOT be able to root as this patches the exploit.
Just follow the guide step-by-step: http://forum.xda-developers.com/moto-x/general/guide-republic-wireless-moto-x-kitkat-4-t2738233
The first step is to restore back the 4.2.2 stock rom, so this is where you should start. Don't forget to re-install safestrap and MotoWpNoMo as described.
Please let us know how it works out.
samwathegreat
Click to expand...
Click to collapse
Aslo, before I start to do the RSD Lite to restore the 4.2.2. Is there any other way how I can identify what is causing that error "com.motorola.process.system"? And isolate and get rid of that problem somehow or finding that stock app and preventing it from doing that?

androiddoglover6969 said:
Aslo, before I start to do the RSD Lite to restore the 4.2.2. Is there any other way how I can identify what is causing that error "com.motorola.process.system"? And isolate and get rid of that problem somehow or finding that stock app and preventing it from doing that?
Click to expand...
Click to collapse
Its extremely difficult to know why you are getting the error, but if you RSD Lite and start over, it will fix this issue.
Far too many people are running safestrap and not receiving the error. Likely there is a file on your device corrupted somewhere. RSD Lite will fix it as it completely restores the all of the partitions.
Just go -slow- step-by-step, and post here if you get confused or have questions. We will get your phone back to normal...
On another note....if you have $45 laying around, I highly suggest you email the gentleman from China. Once unlocked, you won't have to go through this long drawn-out process. You simply SBF back to stock, fastboot flash TWRP, and you're done. TWRP will install su-installer for you.
Your choice. The BL unlock method is best because you have permanent access and can never lose root.
Safestrap method will work as well, but you have to be very careful to not accept any new OTAs until the devs find a solution and post it here.
Good Luck.

samwathegreat said:
Its extremely difficult to know why you are getting the error, but if you RSD Lite and start over, it will fix this issue.
Far too many people are running safestrap and not receiving the error. Likely there is a file on your device corrupted somewhere. RSD Lite will fix it as it completely restores the all of the partitions.
Just go -slow- step-by-step, and post here if you get confused or have questions. We will get your phone back to normal...
On another note....if you have $45 laying around, I highly suggest you email the gentleman from China. Once unlocked, you won't have to go through this long drawn-out process. You simply SBF back to stock, fastboot flash TWRP, and you're done. TWRP will install su-installer for you.
Your choice. The BL unlock method is best because you have permanent access and can never lose root.
Safestrap method will work as well, but you have to be very careful to not accept any new OTAs until the devs find a solution and post it here.
Good Luck.
Click to expand...
Click to collapse
Woops I responded to another post but I am going to expect my bootloader code.
What is the first step from all of this that I should do?
1. SBF = what exactly? Hitting the factory reset button?
2. Fastboot Flash TWRP ? So after SBF. Fastboot Flash TWRP is done in AP Fastboot screen? Stock Recovery Screen? Or what screen exactly?
3. Did the guide I do didn't safestrap (twrp?) installed the su-installer for me as well right? Just wondering.

androiddoglover6969 said:
Woops I responded to another post but I am going to expect my bootloader code.
What is the first step from all of this that I should do?
1. SBF = what exactly? Hitting the factory reset button?
2. Fastboot Flash TWRP ? So after SBF. Fastboot Flash TWRP is done in AP Fastboot screen? Stock Recovery Screen? Or what screen exactly?
3. Did the guide I do didn't safestrap (twrp?) installed the su-installer for me as well right? Just wondering.
Click to expand...
Click to collapse
1.)
You can find the sbf files (stock rom) here: http://sbf.droid-developers.org/phone.php?device=0
Download the correct file for your carrier and try to flash with RSD lite.
You can find a great guide here: http://forum.xda-developers.com/moto...using-t2446515
PAY CLOSE ATTENTION TO STEP 4 - editing the xml file
If for some reason that doesn't work, let us know what carrier you are on and we can help you with manual flashing commands for your specific carrier.
Basically, an SBF is a complete STOCK image of the original filesystem (all partitions). By SBFing, you will be 100% back to factory stock. This method (SBFing) will actually fix a corrupted filesystem.
A "factory reset" does NOT do this. I highly suggest you do the SBF back to stock, and not try just reseting. If there is corruption, reset won't fix it.
Don't bother setting up any apps yet or setting up the phone. Wait until you complete the entire process.
2.
Yes! You'll flash TWRP from the "AP Fastboot" screen (bootloader).
UNLOCK YOUR BOOTLOADER FIRST. Otherwise you won't be able to flash TWRP custom recovery.
Now unplug the USB cord, and power off your device. Hold down the VOL DOWN button, and power back on. You will now be in bootloader (fastboot) mode. Plug the USB back into the phone now.
You must have "mfastboot" downloaded. You'll type:
mfastboot flash recovery twrp_file_you_downloaded.img (obviously replace with the actual filename)
You can find complete instructions here: http://forum.xda-developers.com/moto-x/development/recovery-unlocked-twrp-2-6-3-1-android-t2534850
P.S. If the download link for TWRP in the original post does not work, look near the end of the thread. Someone else re-uploaded it.
3.
Its entirely possible that something went afoul during your flashing process. I doubt the guide is to blame, because nearly everyone reported success. Sometimes things just go wrong...?
Good Luck.

samwathegreat said:
1.)
You can find the sbf files (stock rom) here: http://sbf.droid-developers.org/phone.php?device=0
Download the correct file for your carrier and try to flash with RSD lite.
You can find a great guide here: http://forum.xda-developers.com/moto...using-t2446515
PAY CLOSE ATTENTION TO STEP 4 - editing the xml file
If for some reason that doesn't work, let us know what carrier you are on and we can help you with manual flashing commands for your specific carrier.
Basically, an SBF is a complete STOCK image of the original filesystem (all partitions). By SBFing, you will be 100% back to factory stock. This method (SBFing) will actually fix a corrupted filesystem.
A "factory reset" does NOT do this. I highly suggest you do the SBF back to stock, and not try just reseting. If there is corruption, reset won't fix it.
2.
Yes! You'll flash TWRP from the "AP Fastboot" screen (bootloader). You must have "mfastboot" downloaded. You'll type:
mfastboot flash recovery twrp_file_you_downloaded.img (obviously replace with the actual filename)
You can find complete instructions here: http://forum.xda-developers.com/moto-x/development/recovery-unlocked-twrp-2-6-3-1-android-t2534850
P.S. If the download link for TWRP in the original post does not work, look near the end of the thread. Someone else re-uploaded it.
3.
Its entirely possible that something went afoul during your flashing process. I doubt the guide is to blame, because nearly everyone reported success. Sometimes things just go wrong...?
Good Luck.
Click to expand...
Click to collapse
On step 1. It is republic wireless 4.4.2 that I should download right. Correct me if I'm wrong.
Also is there RSDlite for mac or similar software? I tried to google it and xda'd it but I don't think there is. Or any other way to flash it into it.

androiddoglover6969 said:
On step 1. It is republic wireless 4.4.2 that I should download right. Correct me if I'm wrong.
Also is there RSDlite for mac or similar software? I tried to google it and xda'd it but I don't think there is. Or any other way to flash it into it.
Click to expand...
Click to collapse
If you have already received your code, yes, you should flash republic 4.4.2
If you haven't...just wait until you have it for sure. Once you flash 4.4.2 theres no going back. As long as you get unlock code, this is no problem....you'll be able to root regardless.
But, if for any reason he doesn't have your code (unlikely), you'll never be able to root once on 4.4.2....
As of right now (If I understand you completely), since you followed the safestrap guide, you SHOULD be on the jellybean bootloader, so the steps would be different if you didn't have an unlock code (and wanted to retain root).
Don't worry about any of this until we know for sure if you can get unlocked. In the unlikely event you don't get a code, post back here and I will step you through it.
Otherwise (if you get code), yes, start by using RSD Lite to flash the Republic Wireless 4.4.2 SFB per my previous instructions.
EDIT:
Just read the part about being on a MAC. AFAIK, there is no RSD Lite for Mac. We will have to go another route, unless you want to install windows inside a virtual machine....The dev that created the Mac Tooklit sold his X, and its no longer supported.
We will just do manual flashing...make sure you downloaded the "mfastboot" and followed all instructions on the RSD Lite thread I linked, EXCEPT follow the "Manual Flashing" instructions instead.
Extract the Republic Wireless SBF zip file Put the contents in to the same folder where fastboot and mfastboot are located. Here are the commands you will type after booting your X Into bootloader (Fastboot mode):
***Notice that mfastboot is used to flash the system.img. DONT try to use regular fastboot. Just type these commands one at a time.
fastboot oem fb_mode_set
fastboot flash partition gpt.bin
fastboot flash motoboot motoboot.img
fastboot flash logo logo.bin
fastboot flash boot boot.img
fastboot flash recovery recovery.img
mfastboot flash system system.img
fastboot flash modem NON-HLOS.bin
fastboot erase modemst1
fastboot erase modemst2
fastboot flash fsg fsg.mbn
fastboot erase cache
fastboot erase userdata
fastboot erase customize
fastboot erase clogo
fastboot oem config carrier sprint ***be sure to type sprint. RW is a sprint MVNO, and I checked the xml file and this is the correct command for the Republic Wireless rom.
fastboot oem fb_mode_clear
Now reboot. Expect it to take a little longer than normal for the first boot-up. Congrats! You're now on 4.4.2 and your corruption issue will be a thing of the past.
Now Complete steps 2 & 3

samwathegreat said:
If you have already received your code, yes, you should flash republic 4.4.2
If you haven't...just wait until you have it for sure. Once you flash 4.4.2 theres no going back. As long as you get unlock code, this is no problem....you'll be able to root regardless.
But, if for any reason he doesn't have your code (unlikely), you'll never be able to root once on 4.4.2....
As of right now (If I understand you completely), since you followed the safestrap guide, you SHOULD be on the jellybean bootloader, so the steps would be different if you didn't have an unlock code (and wanted to retain root).
Don't worry about any of this until we know for sure if you can get unlocked. In the unlikely event you don't get a code, post back here and I will step you through it.
Otherwise (if you get code), yes, start by using RSD Lite to flash the Republic Wireless 4.4.2 SFB per my previous instructions.
EDIT:
Just read the part about being on a MAC. AFAIK, there is no RSD Lite for Mac. We will have to go another route, unless you want to install windows inside a virtual machine....The dev that created the Mac Tooklit sold his X, and its no longer supported.
We will just do manual flashing...make sure you downloaded the "mfastboot" and followed all instructions on the RSD Lite thread I linked, EXCEPT follow the "Manual Flashing" instructions instead.
Extract the Republic Wireless SBF zip file Put the contents in to the same folder where fastboot and mfastboot are located. Here are the commands you will type after booting your X Into bootloader (Fastboot mode):
***Notice that mfastboot is used to flash the system.img. DONT try to use regular fastboot. Just type these commands one at a time.
fastboot oem fb_mode_set
fastboot flash partition gpt.bin
fastboot flash motoboot motoboot.img
fastboot flash logo logo.bin
fastboot flash boot boot.img
fastboot flash recovery recovery.img
mfastboot flash system system.img
fastboot flash modem NON-HLOS.bin
fastboot erase modemst1
fastboot erase modemst2
fastboot flash fsg fsg.mbn
fastboot erase cache
fastboot erase userdata
fastboot erase customize
fastboot erase clogo
fastboot oem config carrier sprint ***be sure to type sprint. RW is a sprint MVNO, and I checked the xml file and this is the correct command for the Republic Wireless rom.
fastboot oem fb_mode_clear
Now reboot. Expect it to take a little longer than normal for the first boot-up. Congrats! You're now on 4.4.2 and your corruption issue will be a thing of the past.
Now Complete steps 2 & 3
Click to expand...
Click to collapse
So what you showed me on manual way was if I was to install virtual windows right? Also that link showed it was 4.4 not 4.4.2... so am I still good or I shouldn't do that method? Thanks again for your effort.

androiddoglover6969 said:
So what you showed me on manual way was if I was to install virtual windows right? Also that link showed it was 4.4 not 4.4.2... so am I still good or I shouldn't do that method? Thanks again for your effort.
Click to expand...
Click to collapse
No. What I showed you was the manual fastboot method. This will run on Mac natively. You'll have to download the android SDK for mac, and install, then download the mfastboot binary (either 32 or 64 bit) here: https://gist.github.com/crazed/7670423 *** after you download the file (moto-fastboot-osx64), RENAME it to mfastboot.
Although the link on how to SBF back to stock shows android 4.4, it doesn't matter. The SBF process is the same no matter which version you are on. You just need to download the right carrier/version from here http://sbf.droid-developers.org/phone.php?device=0
Not to confuse you but if you were to install virtual windows, you could probably use the rsd lite method.
Do one but not both. The native (manual) version should be simpler for you. I had assumed you already had the necessary android SDK since you said you went through the whole safestrap process and everything. Were you on a different computer when you did that?
Have you received your code yet? Hold off on SBFing until you have it in hand.

samwathegreat said:
No. What I showed you was the manual fastboot method. This will run on Mac natively. You'll have to download the android SDK for mac, and install, then download the mfastboot binary (either 32 or 64 bit) here: https://gist.github.com/crazed/7670423 *** after you download the file (moto-fastboot-osx64), RENAME it to mfastboot.
Although the link on how to SBF back to stock shows android 4.4, it doesn't matter. The SBF process is the same no matter which version you are on. You just need to download the right carrier/version from here http://sbf.droid-developers.org/phone.php?device=0
Not to confuse you but if you were to install virtual windows, you could probably use the rsd lite method.
Do one but not both. The native (manual) version should be simpler for you. I had assumed you already had the necessary android SDK since you said you went through the whole safestrap process and everything. Were you on a different computer when you did that?
Have you received your code yet? Hold off on SBFing until you have it in hand.
Click to expand...
Click to collapse
Havn't got the code yet. And I did the motowpnomo on windows 8. Everything else did on mac.
Just got my code at 23hrs.
I just wanted to do add onto the process and make minor adjustments to make it clear.
Did Step 1.
and then at the end
He will say reboot, but don't go waiting to install your apps or update it or setting it up. Just start it up normal power up. Then when it says select language (not sure if needs debugging or not but I did) go to developer options by clicking on settings. go all the way down to "about phone" tap on "build number" a couple times you will see developer options pop up. Go back and go down to developer options and go find usb debugging. Then hit accept on phone pop up when usb debugging is enabled so your phone trust your computer. then do ./adb reboot bootloader
It should get you into ap fastboot mode then do my step 2.
Step 2 - Unlock bootloader before doing mfastboot-ing the twrp so you don't get the
invalid image size on your phone
or
writing 'recovery'... INFOPreflash validation failed
FAILED (remote failure) on your terminal
So by doing this to unlock bootloader
fastboot getvar all
then
fastboot oem unlock CODEHERE
Should give you a "unlock" blue text with black screen.
Then the step 2 mentioned by samwathegreat for TWRP which will download the file without the invalidity error message on both computer or moto x on ap fastboot screen.
Then step 3. I used the Down arrow to select "recovery" which gave me the TWRP screen.
Step 4. I went into the TWRP screen and hit reboot and a pop up for SuperSU popped up notifying me to install SuperSU. Swipe next and it'll install and then voila!
Step 5. Click on SuperSu app and it should reboot and try to install.
Step 6. Hit the thanks button to samwathegreat

androiddoglover6969 said:
Havn't got the code yet. And I did the motowpnomo on windows 8. Everything else did on mac.
Just got my code at 23hrs.
I just wanted to do add onto the process and make minor adjustments to make it clear.
Did Step 1.
and then at the end
He will say reboot, but don't go waiting to install your apps or update it or setting it up. Just start it up normal power up. Then when it says select language (not sure if needs debugging or not but I did) go to developer options by clicking on settings. go all the way down to "about phone" tap on "build number" a couple times you will see developer options pop up. Go back and go down to developer options and go find usb debugging. Then hit accept on phone pop up when usb debugging is enabled so your phone trust your computer. then do ./adb reboot bootloader
It should get you into ap fastboot mode then do my step 2.
Step 2 - Unlock bootloader before doing mfastboot-ing the twrp so you don't get the
invalid image size on your phone
or
writing 'recovery'... INFOPreflash validation failed
FAILED (remote failure) on your terminal
So by doing this to unlock bootloader
fastboot getvar all
then
fastboot oem unlock CODEHERE
Should give you a "unlock" blue text with black screen.
Then the step 2 mentioned by samwathegreat for TWRP which will download the file without the invalidity error message on both computer or moto x on ap fastboot screen.
Then step 3. I used the Down arrow to select "recovery" which gave me the TWRP screen.
Step 4. I went into the TWRP screen and hit reboot and a pop up for SuperSU popped up notifying me to install SuperSU. Swipe next and it'll install and then voila!
Step 5. Click on SuperSu app and it should reboot and try to install.
Step 6. Hit the thanks button to samwathegreat
Click to expand...
Click to collapse
Excellent! Thanks for pointing that the instructions didn't specify that you must unlock your BL before flashing TWRP. Edited Post # 8 to include the step. You can also unlock BL before you start any of the steps, but must do it before flashing custom recovery as you have pointed out.
I did suggest a slightly different method, however, that doesn't require enabling developer options or usb debugging. If you unplug the phone and power it off, you can get straight into fastboot mode without 'adb reboot bootloader'. You just hold down VOL DOWN, and power it on. Then you plug the USB cord back in. It only works if you unplug the phone first....for some reason if you leave it plugged in, you can't power off the phone...it just immediately reboots.
So, to wrap this all up, just a couple more questions:
Did you complete the entire process on your Mac? And can you confirm that the error you were originally receiving (in Original Post) is no longer popping up?
And finally, check out xposed framework installer and "gravity box" mod. You can do some really cool mods with gravity box. I suggest you boot into TWRP and make a nandroid backup -just in case- before you go playing around with xposed.
Have fun.

samwathegreat said:
Excellent! Thanks for pointing that the instructions didn't specify that you must unlock your BL before flashing TWRP. Edited Post # 8 to include the step. You can also unlock BL before you start any of the steps, but must do it before flashing custom recovery as you have pointed out.
I did suggest a slightly different method, however, that doesn't require enabling developer options or usb debugging. If you unplug the phone and power it off, you can get straight into fastboot mode without 'adb reboot bootloader'. You just hold down VOL DOWN, and power it on. Then you plug the USB cord back in. It only works if you unplug the phone first....for some reason if you leave it plugged in, you can't power off the phone...it just immediately reboots.
So, to wrap this all up, just a couple more questions:
Did you complete the entire process on your Mac? And can you confirm that the error you were originally receiving (in Original Post) is no longer popping up?
And finally, check out xposed framework installer and "gravity box" mod. You can do some really cool mods with gravity box. I suggest you boot into TWRP and make a nandroid backup -just in case- before you go playing around with xposed.
Have fun.
Click to expand...
Click to collapse
Yes I complete the whole process on the Mac. Yes the original error is no longer popping up. What is a nandroid back up? I did a back up after I installed all my apps and updated it and dragged that copy to my desktop and uploaded it to my cloud.
I hear about xposed framework and gravity box but I have no clue what it looks like and also forgot what nandroid is but I'll look it up.
And yes android reboots can't stay on shut down when cord is connected. Which is funny.

androiddoglover6969 said:
Yes I complete the whole process on the Mac. Yes the original error is no longer popping up. What is a nandroid back up? I did a back up after I installed all my apps and updated it and dragged that copy to my desktop and uploaded it to my cloud.
I hear about xposed framework and gravity box but I have no clue what it looks like and also forgot what nandroid is but I'll look it up.
And yes android reboots can't stay on shut down when cord is connected. Which is funny.
Click to expand...
Click to collapse
If you backed up from within custom recovery (TWRP), thats the same thing. Some recoveries call them ''backup', some 'nandroid'....same thing.
Thanks for the final follow-up. Take care...

samwathegreat said:
If you backed up from within custom recovery (TWRP), thats the same thing. Some recoveries call them ''backup', some 'nandroid'....same thing.
Thanks for the final follow-up. Take care...
Click to expand...
Click to collapse
Also I installed everything I needed to from gravitybox and well framework xposed too. Which is very similar to jailbreak tweaks on the iPhone.
Thanks again.

[A2017U][TWRP System Image] Stock System Image of B20 for full stock restore and OTAs

THIS APPLIES ONLY TO THE A2017U VARIANT, DO NOT USE THIS FILE ON OTHER VERSIONS
Disclaimer - don't blame me if something goes wrong
As title says, this is a full stock unmodified B20 TWRP system image. It kan be used in addition to stock boot and recovery images to restore the US A7 to conditions which will be like stock and allow to flash upcoming OTA. This was tested by @jkuczera here http://forum.xda-developers.com/showthread.php?t=3459107
Link to system image
https://cloud.swehes.com/index.php/s/31V7GgihohBCdfy
If you are BL unlocked, you will need to lock it before flashing old recovery and boot (this may not be necessary to get MR2 to flash, depending on what it checks, but the phone might not boot, unknown). This will make your phone verify boot, recovery and /system again, so flash TWRP from tenfar's thread to be able boot after relocking since his is signed
To restore, unzip the file above to TWRP folder on the SD Card, then in TWRP under mount points unmount /system and put check mark on mount system as read-only. The read-only part is important so that TWRP does not modify the /system apon exit. You can then restore boot, recovery and system image.
Another partition, fastboot, was altered if you applied B20_boot, but so far no OTA has check it so it should be fine as is. Chance is it will be just overwritten by next OTA, but in case that changes, info will be added. This step is more risky since it involves using dd command and has to be applied carefully.
EDIT: looks like @Unjustified Dev posted new build that will flash fastboot image http://forum.xda-developers.com/showpost.php?p=68677272&postcount=133
You should then boot to stock recovery and factory wipe
In case you did not dump your boot and recovery, they can be found in @rczrider's post here
http://forum.xda-developers.com/axon-7/development/untouched-b20-boot-recovery-files-t3443818
Thanks to @swehes for providing the space on his cloud for this file, @rczrider for rest of the files and @jkuczera for trying this all out

So you need TWRP for this, but will this overwrite the TWRP recovery and make it truly stock?

imp3r10 said:
So you need TWRP for this, but will this overwrite the TWRP recovery and make it truly stock?
Click to expand...
Click to collapse
Indeed and before rebooting , you MUST Wipe Data + Internal Storage, cuz you are flashing new boot and system and will get in conflicts if there no wipe.

Just for clarity sake these are the steps I need to take to get back to B20 from B20_Boot?
1. fastboot oem lock
2. put system image from OP's post AND stock_boot_backup.img AND stock_recovery_backup.img from rczrider's post into TWRP folder.
3. in TWRP unmount /system and check mark on mount system as read only.
4. Flash boot, recovery, and system image.
5. Wipe Data and Internal Storage.
6. Profit?

runderekrun said:
Just for clarity sake these are the steps I need to take to get back to B20 from B20_Boot?
1. fastboot oem lock
2. put system image from OP's post AND stock_boot_backup.img AND stock_recovery_backup.img from rczrider's post into TWRP folder.
3. in TWRP unmount /system and check mark on mount system as read only.
4. Flash boot, recovery, and system image.
5. Wipe Data and Internal Storage.
6. Profit?
Click to expand...
Click to collapse
Pretty much. I would reboot to stock recovery after and factory wipe from there. you might wan't to flash fastboot from B20 OTA for extra profit but seems like it's a moot point so far if you have seen the Unjustified Devs trick for BL unlock via TWRP

peramikic said:
Pretty much. I would reboot to stock recovery after and factory wipe from there. you might wan't to flash fastboot from B20 OTA for extra profit but seems like it's a moot point so far if you have seen the Unjustified Devs trick for BL unlock via TWRP
Click to expand...
Click to collapse
Thanks.
I'm having to do a warranty replacement on my device so i'll probably want to do the fastboot flash. Any idea where to get a fastboot image?

runderekrun said:
I'm having to do a warranty replacement on my device so i'll probably want to do the fastboot flash. Any idea where to get a fastboot image?
Click to expand...
Click to collapse
Step 6 to pull your own: http://forum.xda-developers.com/axon-7/how-to/guide-how-to-unlock-bootloader-stay-t3461165
Or you can download the one I pulled from my device (it can be found in the Mega folder linked in the OP): http://forum.xda-developers.com/axon-7/development/untouched-b20-boot-recovery-files-t3443818

And as option 3 it's inside the B18toB20 OTA file floating somewhere around here

Alright I tried this and something went wrong.
First thing I did was copy all the files where they needed to be. Then I booted into fastboot and did a "fastboot oem lock".
Then my device would do nothing. I would boot up to the ZTE logo then go black a second later. I tried to force into recovery by selecting recovery in fastboot but same thing, ZTE logo then blackness.
I got it back by getting into fastboot and performing a "fastboot oem unlock" again. All it did was wipe data.
What did I do wrong? I thought I am supposed to lock bootloader first before I restore system and flash recover and boot????

runderekrun said:
Alright I tried this and something went wrong.
First thing I did was copy all the files where they needed to be. Then I booted into fastboot and did a "fastboot oem lock".
Then my device would do nothing. I would boot up to the ZTE logo then go black a second later. I tried to force into recovery by selecting recovery in fastboot but same thing, ZTE logo then blackness.
I got it back by getting into fastboot and performing a "fastboot oem unlock" again. All it did was wipe data.
What did I do wrong? I thought I am supposed to lock bootloader first before I restore system and flash recover and boot????
Click to expand...
Click to collapse
Ok so if you modified boot, system or recovery in anyway then after BL lock it will not boot since it will fail secure boot, so you need to load the signed TWRP from tenfar's thread via EDL after locking. That will let you run TWRP with locked BL. Although ig you just want stock for upcoming OTA, then you might be good staying unlocked. If for return, then you should lock it

peramikic said:
Ok so if you modified boot, system or recovery in anyway then after BL lock it will not boot since it will fail secure boot, so you need to load the signed TWRP from tenfar's thread via EDL after locking. That will let you run TWRP with locked BL. Although ig you just want stock for upcoming OTA, then you might be good staying unlocked. If for return, then you should lock it
Click to expand...
Click to collapse
I apologize if I am fundamentaly not understanding this but wouldn't it be easier to flash system, boot, recovery, and fastboot back to stock via my current twrp THEN relock bootloader?

runderekrun said:
I apologize if I am fundamentaly not understanding this but wouldn't it be easier to flash system, boot, recovery, and fastboot back to stock via my current twrp THEN relock bootloader?
Click to expand...
Click to collapse
Yeah, now that we know fastboot will work even on stock boot that will work as well. The only thing you won't be able to do is flash back the B20 fastboot image that way, but enough to pass OTA most likely. The long way you can revert the fastboot image as well. I only wanted to post the image to begin with, but then wrote out instruction as they rolled around in my head. This will change soon anyways so a proper write-up will happen, just not by me, Documentation was never my forte

My BL is unlocked from ZTE right now, If I want to get CM for future but also want upcoming update from ZTE? What are the exact steps that I need to follow to get future OTA but also keep the BL unlocked for future CM? Please help as I'm confused with all these instructions.

peramikic said:
THIS APPLIES ONLY TO THE A2017U VARIANT, DO NOT USE THIS FILE ON OTHER VERSIONS
Disclaimer - don't blame me if something goes wrong
As title says, this is a full stock unmodified B20 TWRP system image. It kan be used in addition to stock boot and recovery images to restore the US A7 to conditions which will be like stock and allow to flash upcoming OTA. This was tested by @jkuczera here http://forum.xda-developers.com/showthread.php?t=3459107
Link to system image
https://cloud.swehes.com/index.php/s/31V7GgihohBCdfy
If you are BL unlocked, you will need to lock it before flashing old recovery and boot (this may not be necessary to get MR2 to flash, depending on what it checks, but the phone might not boot, unknown). This will make your phone verify boot, recovery and /system again, so flash TWRP from tenfar's thread to be able boot after relocking since his is signed
To restore, unzip the file above to TWRP folder on the SD Card, then in TWRP under mount points unmount /system and put check mark on mount system as read-only. The read-only part is important so that TWRP does not modify the /system apon exit. You can then restore boot, recovery and system image.
Another partition, fastboot, was altered if you applied B20_boot, but so far no OTA has check it so it should be fine as is. Chance is it will be just overwritten by next OTA, but in case that changes, info will be added. This step is more risky since it involves using dd command and has to be applied carefully.
EDIT: looks like @Unjustified Dev posted new build that will flash fastboot image http://forum.xda-developers.com/showpost.php?p=68677272&postcount=133
You should then boot to stock recovery and factory wipe
In case you did not dump your boot and recovery, they can be found in @rczrider's post here
http://forum.xda-developers.com/axon-7/development/untouched-b20-boot-recovery-files-t3443818
Thanks to @swehes for providing the space on his cloud for this file, @rczrider for rest of the files and @jkuczera for trying this all out
Click to expand...
Click to collapse
Can someone please explain exactly how to do this. I have an unofficial twrp on my phone and the bootloader is unlocked but after i tried to flash super su it got stuck on bootloop so I wiped every thing and I also accidentally wiped my os too. So now I don't have an os and I want to go back to stock. Can someone please explain step by step on how to fix this? I just got the phone.

seby1234 said:
Can someone please explain exactly how to do this. I have an unofficial twrp on my phone and the bootloader is unlocked but after i tried to flash super su it got stuck on bootloop so I wiped every thing and I also accidentally wiped my os too. So now I don't have an os and I want to go back to stock. Can someone please explain step by step on how to fix this? I just got the phone.
Click to expand...
Click to collapse
All right I'm no expert either but I'll try to make this as straightforward as possible.
1) Format your SD card as exFAT. This is important as otherwise you will not be able to transfer the system image to your SD card since it is 6GB. To do this you can just plug it in to your PC, right click, Format and then select exFAT from the dropdown.
2) Download tenfar's tool for B20, rczrider's boot and recovery backup, and the system image backup from the link in the OP.
3) Create a new folder in /external_sd/TWRP/BACKUPS/serial_number/.Move the stock_boot_backup and stock_recovery backup into the folder.
4) Using a program such as 7zip, extract the 6GB system image file and move it to the same folder.
6) Go to into fastboot mode. Before you do anything you have to relock the bootloader otherwise the system will be modified and you want to be 100? stock. Execute 'fastboot oem lock'. You should then boot to a black screen.
7) Unzip tenfar's tool. Go to the unzipped folder, then hold down shift+right click and select 'Open command window here'. Execute 'axon7root.exe -p [COMPORT #] -r. To figure out your com port #, go to Device Manager, then go to down to where it says "Qualcomm Loader..." and your com port number is the number at the end. So for example if your com port number is 5, you should execute axon7root.exe -p 5 -r. Allow the program to do its thing.
5) Boot into TWRP. Do not swipe to allow modifications. Once in TWRP, go to "Install", "Install Image" at the bottom right hand corner, and then navigate to the stock_recovery_backup in the folder that you moved it to to. Select it and then choose the Recovery partition to flash it to. Do the same thing for stock_boot_backup.
6) Once you have flashed boot and recovery, go to the main menu, then "Restore" and then Restore the system image backup.
7) Go to wipe and then slide to factory reset. Finally, reboot system.
Hope that helps! If you have any questions, feel free to ask me.
rczrider's stock boot and recovery thread
http://forum.xda-developers.com/axon-7/development/untouched-b20-boot-recovery-files-t3443818/page7
tenfar's tool thread: http://forum.xda-developers.com/axo...xon-7-root-bootloader-unlokced-t3441204/page1

Has anyone who requested the bootloader unlock from ZTE (and mistakenly installed it) returned to stock and been able to get OTA's? I followed this guide and seemed to have returned to stock fine but the only OTA I can get now is the bootloader unlock OTA. I've downloaded and discarded it several times but that is the only one I can get. Anyone know of a way to bypass this OTA and get the new MR2 that was just released? I want to get OTA's until the custom roms start flowing.
Thanks!

shifuharris said:
Has anyone who requested the bootloader unlock from ZTE (and mistakenly installed it) returned to stock and been able to get OTA's? I followed this guide and seemed to have returned to stock fine but the only OTA I can get now is the bootloader unlock OTA. I've downloaded and discarded it several times but that is the only one I can get. Anyone know of a way to bypass this OTA and get the new MR2 that was just released? I want to get OTA's until the custom roms start flowing.
Thanks!
Click to expand...
Click to collapse
From what I can tell, once you apply for official bootloader unlock, your IMEI is placed on a list that will not get any future OTA updates set to it.
However, the OTA for B20 to B27 has been uploaded here: https://mega.nz/#F!kYtRAJjJ!5tD1zPpo0nw2tJwhANA9pQ
Try flashing that via stock recovery.

Quick question for anyone who might know.
The Link to system image which is : https://cloud.swehes.com/index.php/s/31V7GgihohBCdfy has the following;
1. system_image.emmc.win
2. system_image.emmc.win.md5
Am I suppose to rename system_image.emmc.win to system_image.emmc.img and load?
it's not as clear that's why I ask but I ended up downloading rczrider system.img and reflashed via TWRP since I was a bit confused.
Thanks!
***************
I simply just went into TWRP backed up by boot so it would create a directory that contains the info I needed copied the system_image.emmc.win and system_image.emmc.win.md5 and restored.

xtermmin said:
From what I can tell, once you apply for official bootloader unlock, your IMEI is placed on a list that will not get any future OTA updates set to it.
However, the OTA for B20 to B27 has been uploaded here: https://mega.nz/#F!kYtRAJjJ!5tD1zPpo0nw2tJwhANA9pQ
Try flashing that via stock recovery.
Click to expand...
Click to collapse
I suspected as much. I downloaded the update and tried to flash it via the stock recovery using the update for ADB option but it fails saying that the package is not a ks package. Booooo. I really wanted this MR becasue they addressed the weak cell signal which I think contributes significantly to my battery drain. Not sure if there are any alternatives to get the update installed. Not very a happy about the ceased OTA's due to the bootloader unlock. Thinking the new Nexus (or whatever they are going to call them) is looking pretty good at the moment.

shifuharris said:
I suspected as much. I downloaded the update and tried to flash it via the stock recovery using the update for ADB option but it fails saying that the package is not a ks package. Booooo. I really wanted this MR becasue they addressed the weak cell signal which I think contributes significantly to my battery drain. Not sure if there are any alternatives to get the update installed. Not very a happy about the ceased OTA's due to the bootloader unlock. Thinking the new Nexus (or whatever they are going to call them) is looking pretty good at the moment.
Click to expand...
Click to collapse
Try the microSD card method instead.
First, make sure OEM Unlocking is checked in developer settings, rename the OTA to "update.zip", put on microSD, boot into stock recovery, and choose update from microSD.

Guide: Relock bootloader with custom rom on oneplus 5/5t

Oneplus 5/5T bootloader included with 5.1.5 firmware allows booting self-signed recoveries and kernels. In short, you generate signing keys; sign recovery and kernel from your current custom rom (kernel could be signed on the phone); transfer recovery on your phone; apply boot signer for kernel; and relock bootloader. This guide borrows from Chainfire's guide and customizes it for our device.
PROS:
1. Virtually total protection of your data, especially if encrypted
2. Inability to flash another recovery, even stock recovery (if OEM unlock allowed is unchecked)
3. Inability to flash another kernel, including stock kernel, (again if OEM unlock is unchecked)
4. Inability to unlock bootloader in fastboot, see above
5. Total inability to flash anything in fastboot. The only access to the phone is through TWRP
6. You can still change/update roms, backup/restore data to your liking
7. You get a different boot warning screen: 'your phone has loaded a different operating system' with a fingerprint (four rows of numbers). Write them down and compare once in a while: if the numbers are different, someone (and I am talking a sophisticated adversary) tempered with your phone
CONS:
1. You would have to set up things once
2. When changing or updating roms, one extra step is required - flashing Chainfire's modified Verified boot signer zip to resign kernel (right after Magisk and before reboot).
The key generation and signing is based on Android source directions and Chainfire's thread about relocking bootloaders with custom roms. So, credit for that goes to him
THESE ARE INSTRUCTIONS FOR LINUX. I am sure there is a way to do the same on Windows
Preliminary steps:
Remember, if you are not on 5.1.5, you may have problems. For example, my own rom, Jaguar Oreo, requires 5.1.4 firmware. I did all the steps and everything worked, except that TWRP couldn't de-crypt. However, I went ahead and flashed 5.1.5 firmware and the rom is working fine. So, I re-did all the steps and now de-cryption works too. This may or may not be the case with your favorite rom, if it is not on 5.1.5.
1. Create a directory on your PC named, let's say, Bootkeys.
2. Get Chainfire's Bootsignature.jar from here: https://forum.xda-developers.com/attachment.php?attachmentid=4136392&d=1493804209 and VerifiedBootsigner.zip from here: https://forum.xda-developers.com/attachment.php?attachmentid=4164411&d=1496000476 and put both files in that newly created directory
3. Get your favorite TWRP (I use Blue_Spark) and put it also in that directory
4. Key Generation:
Run the following code one line at a time from PC terminal opened in your newly created directory. Skip the lines with "#" sign, these are for comments only.
Code:
# private key
openssl genrsa -f4 -out custom.pem 2048
openssl pkcs8 -in custom.pem -topk8 -outform DER -out custom.pk8 -nocrypt
# public key
openssl req -new -x509 -sha256 -key custom.pem -out custom.x509.pem
openssl x509 -outform DER -in custom.x509.pem -out custom.x509.der
You don't need to use pem files and can delete them after key generation.
5. Signing:
Rename your TWRP into recovery.img and run the following code one line at a time from the same terminal
Code:
java -jar BootSignature.jar /recovery recovery.img custom.pk8 custom.x509.der recovery_signed.img
java -jar BootSignature.jar -verify recovery_signed.img
Your recovery is signed (first command) and verified (second command - the output should be 'signature valid').
6. Open Verifiedbootsigner-v8.zip you downloaded from Chainfire's thread with your PC's archive manager (don't have to unzip it). Grab your newly generated keys custom.pk8 and custom.x509.der and put them into the opened zip. Make sure the files are there and close archive manager
7. Now back to the phone. Flash your newly signed 'recovery_signed.img' (not original 'recovery.img') to the phone via fastboot or in your existing TWRP. Reboot in your new recovery.
8. Now, format the phone - you have to type 'yes'; next, format separately system/cache/dalvik/data/SD. Reboot the phone into TWRP again.
9. Transfer your favorite Rom, No verity (only if your rom is force-encrypt) and Verifiedbootsigner to your SD card. Remember. You must be decrypted to relock. Locking bootloader on encrypted device will destroy encryption key. Once bootloader is locked and everything is working, you can encrypt.
10. Flash the rom, No verity (only if your rom is force-encrypt) and Verifiedbootsigner. Reboot and make sure you are NOT encrypted (in Settings/Security). (If encrypted, stop and return to step 8: you either haven't formatted to factory reset or your no verity didn't work).
Now, back to TWRP: most likely your data is gone, so, re-transfer the rom and and Verifiedbootsigner to internal SD
Now, you are ready for the FUN PART: re-locking:
11. Boot in fastboot and execute fastboot oem lock
12. Reboot. You will get a yellow warning: 'Your phone loaded a different operating system". The first boot may throw you into TWRP. Just reboot normally again
13. Now, you can do whatever you want, including Gapps and Magisk. Everything should operate normally. Just remember, every time after flashing Magisk/update/change rom, you MUST reflash Verifiedbootsigner, as the last step and before reboot, even if during flashing, the script tells you kernel is signed. Follow the script and press volume down to sign again

Screenshots

And you have already done it, right?
Sounds fun tbh, will try for sure.

Now, that I have locked bootloader on my Oneplus 5, and made sure that everything is working including encryption, I have disabled OEM unlock within developer settings. When I put the phone in fastboot and try 'fastboot oem unlock', I get a response 'FAILED (remote: Flashing Unlock is not allowed'. Since the bootloader is locked, no one can put another self-signed recovery or kernel via fastboot or otherwise, as it can only be done with unlocked bootloader. They can start the phone and get to my recovery, but data cannot be mounted and adb sideload wouldn't work either. They can try to press cancel at password prompt, but TWRP can't format unmounted data. The only way to proceed is to flash stock recovery via adb or full stock. In any event, my data is wiped.

Will this work if the phone is decrypted (using no verity)?

optimumpro said:
Now, that I have locked bootloader on my Oneplus 5, and made sure that everything is working including encryption, I have disabled OEM unlock within developer settings. When I put the phone in fastboot and try 'fastboot oem unlock', I get a response 'FAILED (remote: Flashing Unlock is not allowed'. Since the bootloader is locked, no one can put another self-signed recovery or kernel via fastboot or otherwise, as it can only be done with unlocked bootloader. They can start the phone and get to my recovery, but data cannot be mounted and adb sideload wouldn't work either. They can try to press cancel at password prompt, but TWRP can't format unmounted data. The only way to proceed is to flash stock recovery via adb or full stock. In any event, my data is wiped.
Click to expand...
Click to collapse
But in any case, the OEM unlock from dev option can be turned on, and then surely one can get through, right?
Also, did you go bootloader locked post encrypting, I mean is this the last step?
For my guidance, can you tell me, the sequence (number wise please), how to go encrypted?
Btw, any snapshot of bootloader failure?

obol2 said:
Will this work if the phone is decrypted (using no verity)?
Click to expand...
Click to collapse
I dont think, cause it is encrypted.

vdbhb59 said:
But in any case, the OEM unlock from dev option can be turned on, and then surely one can get through, right?
Also, did you go bootloader locked post encrypting, I mean is this the last step?
For my guidance, can you tell me, the sequence (number wise please), how to go encrypted?
Btw, any snapshot of bootloader failure?
Click to expand...
Click to collapse
obol2 said:
Will this work if the phone is decrypted (using no verity)?
Click to expand...
Click to collapse
Guys. Read 9-10 in the OP. Everything about encryption is there.

optimumpro said:
Guys. Read 9-10 in the OP. Everything about encryption is there.
Also, OEM option isn't available on custom roms. But you can modify build.prop for it to show up. Once everything is working, you can set oem unlock not allowed and remove the entry from build.prop.
Click to expand...
Click to collapse
Oops, my bad. I get your point.
Will try over the weekend. BTW, are you going for a release in the next 2-3 days? Then, I will clean flash once that is out.

vdbhb59 said:
Oops, my bad. I get your point.
Will try over the weekend. BTW, are you going for a release in the next 2-3 days? Then, I will clean flash once that is out.
Click to expand...
Click to collapse
I will update the rom once October security patches become available.

optimumpro said:
Screenshots
Click to expand...
Click to collapse
Thanks for the guide, I will try this when a new open beta comes out.
This might be really useful for those who have upgraded their devices from Widevine L3 to L1 by OnePlus, only to be disappointed that after unlocking the bootloader, L1 breaks.
One question tho, although right now I'm encrypted, I do not have that dialogue "To start Android, enter your password" with a black background when booting. Normally when I reboot, I get to my lockscreen with my wallpaper etc. and when I try to unlock the device, there's a small scrolling text saying "Unlock your device to access your apps..." or something around those lines. This seems like a bit different encryption than the one I have. Any clue on why's that? (fyi, I am 100% encrypted, TWRP asks me for my password to decrypt data)

david19au said:
Thanks for the guide, I will try this when a new open beta comes out.
This might be really useful for those who have upgraded their devices from Widevine L3 to L1 by OnePlus, only to be disappointed that after unlocking the bootloader, L1 breaks.
One question tho, although right now I'm encrypted, I do not have that dialogue "To start Android, enter your password" with a black background when booting. Normally when I reboot, I get to my lockscreen with my wallpaper etc. and when I try to unlock the device, there's a small scrolling text saying "Unlock your device to access your apps..." or something around those lines. This seems like a bit different encryption than the one I have. Any clue on why's that? (fyi, I am 100% encrypted, TWRP asks me for my password to decrypt data)
Click to expand...
Click to collapse
That's because you are encrypted with FBE. My rom has FDE, and it is not forced. So, if you are force-encrypted, you need to flash 'no verity', as stated in the guide. You must be de-crypted to relock. Then, if you want to be encrypted, reflash your rom without 'no verity'.

optimumpro said:
That's because you are encrypted with FBE. My rom has FDE, and it is not forced. So, if you are force-encrypted, you need to flash 'no verity', as stated in the guide. You must be de-crypted to relock. Then, if you want to be encrypted, reflash your rom without 'no verity'.
Click to expand...
Click to collapse
Ohh, I see. Thanks for the swift answer!
I have two more questions: if I want to update my recovery, I need to keep the generated keys and with those keys I need to sign the recovery.img again, right? And do you have any guides on generating the keys while on Windows? Or do I have to be on Linux to generate the keys using those commands?

david19au said:
Ohh, I see. Thanks for the swift answer!
I have two more questions: if I want to update my recovery, I need to keep the generated keys and with those keys I need to sign the recovery.img again, right? And do you have any guides on generating the keys while on Windows? Or do I have to be on Linux to generate the keys using those commands?
Click to expand...
Click to collapse
Every time another recovery or kernel are installed, you need to sign. Only kernel could be signed on the phone. Your keys are supposed to be on your PC.
Haven't been using Windows for 10 years. So, can't help you.

optimumpro said:
Every time another recovery or kernel are installed, you need to sign. Only kernel could be signed on the phone. Your keys are supposed to be on your PC.
Haven't been using Windows for 10 years. So, can't help you.
Click to expand...
Click to collapse
I have a Linux VM just in case this happens but maybe you should mention it in your thread as most users here use Windows.

Additional experience having a custom rom on locked bootloader:
It appears that nothing, not even stock kernel or recovery, could be flashed via fastboot, if 'oem unlock allowed' is unchecked in Developer's settings. I tried to flash stock recovery via fastboot and got a response: 'remote flashing is not allowed', and fastboot is remote flashing. So, the only access to the phone is TWRP and unless data is mounted (via entering password/pin), not much could be done there either.

optimumpro said:
Additional experience having a custom rom on locked bootloader:
It appears that nothing, not even stock kernel or recovery, could be flashed via fastboot, if 'oem unlock allowed' is unchecked in Developer's settings. I tried to flash stock recovery via fastboot and got a response: 'remote flashing is not allowed', and fastboot is remote flashing. So, the only access to the phone is TWRP and unless data is mounted (via entering password/pin), not much could be done there either.
Click to expand...
Click to collapse
So, the only way around is by OEM unlock checked? This is good. Fully encrypted and hope it does work, especially for me. I will do a clean flash tomorrow. Can you share in the other thread just for me the exact steps for going Encrypted?
Once more please..

vdbhb59 said:
So, the only way around is by OEM unlock checked? This is good. Fully encrypted and hope it does work, especially for me. I will do a clean flash tomorrow. Can you share in the other thread just for me the exact steps for going Encrypted?
Once more please..
Click to expand...
Click to collapse
So, were you able to encrypt on Jaguar?
Regarding locking bootloader: just remember, you have to be de-crypted when re-locking. Otherwise, encryption key will be automatically erased, and you will have to do everything from start.

optimumpro said:
So, were you able to encrypt on Jaguar?
Regarding locking bootloader: just remember, you have to be de-crypted when re-locking. Otherwise, encryption key will be automatically erased, and you will have to do everything from start.
Click to expand...
Click to collapse
Ohh, so in that case a bit confused. If I Encrypt Jaguar, then locking bootloader will be done how? Sorry if it is a stupid question.

vdbhb59 said:
Ohh, so in that case a bit confused. If I Encrypt Jaguar, then locking bootloader will be done how? Sorry if it is a stupid question.
Click to expand...
Click to collapse
Whatever rom you have, if you are encrypted (whether FDE or FBE), you must wipe encryption by doing factory reset in TWRP before re-locking. Otherwise, when you re-lock, your encryption key will be wiped, but encryption will stay, so, the phone will be useless. You can do encryption later, when you are successfully re-locked.

Stuck on G logo after root.

I just received my direct from Google Pixel 4 XL running the June 2020 update and proceeded to root it using the instructions found here https://www.xda-developers.com/google-pixel-4-root-magisk/ after flashing the patched boot.img and rebooting the phone doesn't boot past the G logo; the status bar just loops indefinitely. Is there something I'm missing? Any help would be much appreciated.
I have no modules loaded, no custom kernel or ROM.

Go to recovery and reset the phone,
And reboot the phone in each steps

The guide looks mostly like what I do every month, though I haven't done June yet.
I don't think this will solve your issue, but usually I flash the patched boot image to both slots as Magisk in-place updates seem to fail if I don't...
Code:
fastboot flash boot magisk_patched.img --slot=all
I assume you didn't have any obvious issues with the guide steps aside from not booting after Step 5?
Make sure your platform tools are the newest you can get. Also make sure that you didn't get the Telstra variant of the June update.
If all else fails, try to revert by dirty flashing the (correct) June 2020 stock ROM. You'll only lose root if you do it correctly. (you don't have working root anyways)
Take the giant ZIP file you downloaded to get the boot image, merge it with platform tools and edit the flash-all.bat file... near the bottom, remove the "-w " from the command so it reads
Code:
fastboot update image-coral-qq3a.200605.001.zip
Save the changes and run the .bat file after booting the phone to fastboot and making sure its visible to platform tools.

jljtgr said:
The guide looks mostly like what I do every month, though I haven't done June yet.
I don't think this will solve your issue, but usually I flash the patched boot image to both slots as Magisk in-place updates seem to fail if I don't...
Code:
fastboot flash boot magisk_patched.img --slot=all
I assume you didn't have any obvious issues with the guide steps aside from not booting after Step 5?
Make sure your platform tools are the newest you can get. Also make sure that you didn't get the Telstra variant of the June update.
If all else fails, try to revert by dirty flashing the (correct) June 2020 stock ROM. You'll only lose root if you do it correctly. (you don't have working root anyways)
Take the giant ZIP file you downloaded to get the boot image, merge it with platform tools and edit the flash-all.bat file... near the bottom, remove the "-w " from the command so it reads
Code:
fastboot update image-coral-qq3a.200605.001.zip
Save the changes and run the .bat file after booting the phone to fastboot and making sure its visible to platform tools.
Click to expand...
Click to collapse
Your first suggestion results in the phone booting, but ending up on a black screen with only the power menu
dirty flashing results in a successful unrooted boot, but rooting seems to not be possible for some users including myself. No clue why

Try flashing the patched boot to both boots but don't use the all slots command, do them one at a time, A, then B. See if that gets it.

So I am a fool.
I didn't run these commands using the latest "platform-tools"
but I will remember this instructions if I have issues in the future!

I am on latest platform tools and have tried all options presented and still get black screen with adb access and power menu. Other thoughts?

I just downloaded the full image and was getting ready to patch the boot image and flash it on my 2 day old Pixel 4xl. Maybe I will wait unless others have had success with this. I am on the June update. I made sure I didn't download the Telstra version.
Is there any reason to not just use the "Download Zip" option in Magisk? That always worked fine for me on my last phone.
Thanks, Chris
---------- Post added at 06:27 PM ---------- Previous post was at 06:12 PM ----------
I took the plunge and it booted just fine. I am on a G020J if that help. Hardware MP1.0.
I did not realize that TWRP was not available for the Pixel 4xl yet. What is everyone using for a custom recovery?

reedc83 said:
I just downloaded the full image and was getting ready to patch the boot image and flash it on my 2 day old Pixel 4xl. Maybe I will wait unless others have had success with this. I am on the June update. I made sure I didn't download the Telstra version.
Is there any reason to not just use the "Download Zip" option in Magisk? That always worked fine for me on my last phone.
Thanks, Chris
---------- Post added at 06:27 PM ---------- Previous post was at 06:12 PM ----------
I took the plunge and it booted just fine. I am on a G020J if that help. Hardware MP1.0.
I did not realize that TWRP was not available for the Pixel 4xl yet. What is everyone using for a custom recovery?
Click to expand...
Click to collapse
I feel like the options inside Magisk are for phones that are already rooted to update Magisk. I guess what your edit is saying is that you used to use TWRP with the ZIP?
Anyways, there are no custom recoveries for the same reason there is not TWRP. The partition scheme for Pixel phones that come with Android 10 pre-installed is too different for TWRP to live on it. I don't know enough about this subject, but I thought I read there was no separate recovery partition that could be made custom.

Everyone has been doing it all along, when people have issues it's usually the wrong boot image, wrong complete image, flashed boot image to wrong slot, used the factory cable (yes, it's a thing, don't use it or flashing), don't have the correct and/or latest tools. There was an issue with windows 8.1 and flashing, I don't remember what that was but those of you flashing and still on 8.1 you'll want to do a search for that.
@Brakiss, you may want to try the whole smash if all else has failed... THIS WILL DELETE YOUR DATA!
Start by going over to Goog ---> https://developers.google.com/android/images and getting the full factory image and the latest tools; even if you already did it do it again being careful to verify you have the correct image. While you're grabbing goods get the Magisk APK so you can install it after the image is flashed. For the flashing portion please follow the directions on that page to the letter. Do not use the factory cable; use an A to C. Before you flash run these commands one at a time
fastboot erase system_a
fastboot erase system_b
fastboot erase boot_a
fastboot erase boot_b
fastboot reboot-bootloader
After flashing get the boot image directly from the factory image you downloaded and not any other source and move it over to your phone along with the Magsik APK. Install magisk manager and then use it patch the boot image. You'll take that over to your PC and flash it as usual but do it to both slots and do them separately, do not use the all slots.

jljtgr said:
I feel like the options inside Magisk are for phones that are already rooted to update Magisk. I guess what your edit is saying is that you used to use TWRP with the ZIP?
Anyways, there are no custom recoveries for the same reason there is not TWRP. The partition scheme for Pixel phones that come with Android 10 pre-installed is too different for TWRP to live on it. I don't know enough about this subject, but I thought I read there was no separate recovery partition that could be made custom.
Click to expand...
Click to collapse
Correct, there is no recovery partition anymore. That has been a thing for a while now and not specific to the Pixel. My Moto x4 that I used prior to the Pixel 4xl had the recovery in the boot image but there was still TWRP for it. Whenever rooting that phone you have to boot a custom recovery image then from in there flash the separate custom recovery image/zip installer. It would modify the recovery that is embedded into the boot image.
I really hope that devs smarter than myself will figure it out and make a way to get TWRP on there.

On Android 11 Beta 2.5, I patch the original boot image, I then send it via fastboot, I tried flashing all partitions, manually _a and _b and stuck on Google logo ... When I put back the original boot.img, everything works properly. Miss my root but haven't seen any help on this :| Worked until I switched to 11 Beta ...

I have the problem too
Just as Chronos300 reported, I got stuck on the G logo. Some of my problem may be self-inflicted since I was not careful enough in following the directions: evidently it's important to finish the process for unlocking the bootloader before going to fastboot again to flash the Magisk boot image. I got stuck on the G logo but thought that I would have my way out by flashing the July factory image.
Most of that process worked out: things were good until the end when I saw a lot of messages about files that aren't present in image-coral-qq3a.200805.001.zip like boot.sig or recovery.img. I guess these are optional: the *.sig files may be intended to contain a checksum or hash and the recovery.img may just have gone away with the recovery partitions. Finally was an error that was fatal:
fastboot: error: Failed to boot into userspace fastboot; one or more components might be unbootable.
Click to expand...
Click to collapse
That's awful cheery. I see that the difference between flash-all.sh and flash-base.sh is that the former has the "fastboot -w update" that Shayded talks about. I tried running the update command as Shaded recommends, without the -w switch. This time it got farther, but this time the final message was "failed to extract 'product.img': I/O error"
Sure enough, image-coral-qq3a.200805.001.zip contains no product.img file. Is this my problem, or is the solution somewhere else? Would an older factory image have the missing file?

Sigh of relief
My phone's back in the land of the living. I had noticed the links on the factory-image page for the flash tool. Thinking that maybe these were better maintained, I thought to try out the August update for coral.
The flash tool downloaded whatever big image it grabs and then started into the installation. After a few minutes the fastbootd screen came up and the progress bar went to about 80%--and then everything hung. Hoping on hope, I decided I could leave it like this all night if I had to.
It might have taken half an hour, but it did finally come up with the screen saying everything had updated. Sure enough, it made it through the boot and came up to the setup screens.
Enabled developer mode, saw that the bootloader was indeed unlocked, and went about setting some settings. Haven't tried root yet, but it's sure great to be back in business!

epic_task said:
{...}
Sure enough, image-coral-qq3a.200805.001.zip contains no product.img file. Is this my problem, or is the solution somewhere else? Would an older factory image have the missing file?
Click to expand...
Click to collapse
Personally, I don't understand how you ended up without product.img... it's literally half of the internal ZIP file. (you're not supposed to extract this ZIP, anyways)

jljtgr said:
Personally, I don't understand how you ended up without product.img... it's literally half of the internal ZIP file. (you're not supposed to extract this ZIP, anyways)
Click to expand...
Click to collapse
No, I never altered that zip file and was not trying to extract individual files from it when making that final run of fastboot update.
What I can tell you is that I was sleepy by the time I was doing that. There were two things I missed noting at the time but see this morning: product.img is indeed in the internal zip file and a message a couple of lines above the final error message (I had left the terminal window open):
extracting product.img (2102 MB) to disk...ziparchive W 08-18 00:00:43 31524 31524 Zip: unable to allocate 2204832024 bytes at offset 0: No space left on device
Click to expand...
Click to collapse
I would think that my failing to wait for a complete boot with an unlocked bootloader before attempting to flash magisk_patched.img did something unfortunate to the partitioning scheme. Evidently the web-based flash tool cleared it up.

Maybe I'm suggesting the obvious... but do you have 2-4GB available on every drive? It's complaining there's no available space. Typically product.img is split into 500MB parts and sent separately... so you'd need at least 2x the space available for the parts.

The flash-all is generic and looks for some files which are not used by these phones. This failure described is usually the wrong cord, you must use a USB A to USB C rather than a C to C. If not that it's going to be a tools/driver issue. There are a number of guides which can show how to find and delete old drivers and reinstall new drivers. Removing the W gets rid of the wipe but doesn't otherwise affect the flashing and will have nothing to do with it's success or failure; you are in effect dirty flashing when you remove it from the flash-all.

Need help with TWRP patching - V409N

Hello everyone.
My phone is currently on V409N30f_00_LGU_KR_OP_0126.kdz, i was successful in unlocking it via 9008 method, and just a moment ago i was also successful in patching it with magisk (thanks to great guide here: https://forum.xda-developers.com/t/root-eu-lmv405ebw-magisk.3912959/ ). I had some problems, mainly i didn't know that you actually need proper abl_a/abl_b to boot the OS (i thought it's not a part of boot process, unless you push some buttons, but that doesn't seem to be the case). My final problem is that i can't seem to be able to get a proper permanent fastboot installed, and by proxy i can't get TWRP as well. Therefore i have couple of questions here:
1. How to get proper fastboot on an encrypted phone with android Q? Do i have to get rid of the encryption? How?
2. From what I understand, the boot partition needs to be patched to include TWRP, similar to how magisk was prepared - is there guide how to do that?
3. Why the phone fails to boot if i try to sideload/fastboot to TWRP image provided on this forum?
Thanks in advance for all your support

Scorcerer said:
Hello everyone.
My phone is currently on V409N30f_00_LGU_KR_OP_0126.kdz, i was successful in unlocking it via 9008 method, and just a moment ago i was also successful in patching it with magisk (thanks to great guide here: https://forum.xda-developers.com/t/root-eu-lmv405ebw-magisk.3912959/ ). I had some problems, mainly i didn't know that you actually need proper abl_a/abl_b to boot the OS (i thought it's not a part of boot process, unless you push some buttons, but that doesn't seem to be the case). My final problem is that i can't seem to be able to get a proper permanent fastboot installed, and by proxy i can't get TWRP as well. Therefore i have couple of questions here:
1. How to get proper fastboot on an encrypted phone with android Q? Do i have to get rid of the encryption? How?
2. From what I understand, the boot partition needs to be patched to include TWRP, similar to how magisk was prepared - is there guide how to do that?
3. Why the phone fails to boot if i try to sideload/fastboot to TWRP image provided on this forum?
Thanks in advance for all your support
Click to expand...
Click to collapse
Follow this link for the 30f boot_a with twrp injected.
Let me try to clarify a bit; The engineering v35 abl is Oreo. So if you have it installed, the phone won't boot, unless your OS is Oreo (which it isn't).
So the purpose of having that abl isn't to boot the phone, it's only to be used for things like 'fastboot oem unlock' or 'fastboot flash abl_a abl_original_a.img'
it's not to boot the phone. And yes, absolutely it's a part of the boot process abl stands for 'android boot loader'.
So to make use of that v35 eng abl (after you've unlocked the boot loader), would be to flash it to the inactive slot on the phone (most people that would be abl_b). That way, you can use twrp to switch slots, use fastboot, then switch back to the active slot.
To use that proved boot_twrp_a.img, you need to 1st, save your original boot partition, just in case. Then flash it (using qfil) to boot_a (assuming that's your active slot). Then, don't boot the device, go directly to recovery. Once in twrp, format data. Then reboot recovery. Then flash magisk and dm_verity.
then u should be all set.
cheers

AsItLies said:
Follow this link for the 30f boot_a with twrp injected.
Let me try to clarify a bit; The engineering v35 abl is Oreo. So if you have it installed, the phone won't boot, unless your OS is Oreo (which it isn't).
So the purpose of having that abl isn't to boot the phone, it's only to be used for things like 'fastboot oem unlock' or 'fastboot flash abl_a abl_original_a.img'
it's not to boot the phone. And yes, absolutely it's a part of the boot process abl stands for 'android boot loader'.
So to make use of that v35 eng abl (after you've unlocked the boot loader), would be to flash it to the inactive slot on the phone (most people that would be abl_b). That way, you can use twrp to switch slots, use fastboot, then switch back to the active slot.
To use that proved boot_twrp_a.img, you need to 1st, save your original boot partition, just in case. Then flash it (using qfil) to boot_a (assuming that's your active slot). Then, don't boot the device, go directly to recovery. Once in twrp, format data. Then reboot recovery. Then flash magisk and dm_verity.
then u should be all set.
cheers
Click to expand...
Click to collapse
Thanks for the TWRP image, i'm gonna flash it after weekend, when i'll have acces to the phone and will report back
One more question here though, are fastboot flashable files also flashable via qfil ?

Scorcerer said:
Thanks for the TWRP image, i'm gonna flash it after weekend, when i'll have acces to the phone and will report back
One more question here though, are fastboot flashable files also flashable via qfil ?
Click to expand...
Click to collapse
Yes, absolutely. With qfil you can pretty much flash anything to any partition. That's why it's wise to be very very cautious, you could flash the wrong image to a partition, it won't stop you, and it could be too big of an image for that partition but qfil will keep writing it and write over the neighboring partition(s)!

Alright,
I went in and flashed v35 eng abl via qfill into abl_a. That gave me fasboot, which i used to do:
fastboot flash boot_b boot-twrp-30f_a.img (the twrp image i've got from you)
and
fastboot --disable-verity --disable-verification flash vbmeta_b blank_vbmeta.img
Then, i switched over to b slot, and rebooted straight to recovery.
In TWRP, i wiped data with formatting it, rebooted to recovery again (didn't got asked for password, i think that's a good thing), then installed magisk.zip via sideload (didn't have it on sd card) and Disable_Dm-Verity_ForceEncrypt_03.04.2020.zip afterwards.
I still have 2 problems though:
1. I can't mount vendor - in the log i'm getting "Failed to mount /vendor" (unknown error 150)
2. If i try to boot to system it loops over, i have to wait till it switches over to a slot, which gives me fastboot back, which i'm using to boot to recovery on slot B.
Should i just YOLO it and try to install Lineage directly from here (as i have TWRP)? That's my end goal...
EDIT:
I just noticed by DDing off the vendor_a it's reeeeeally different form vendor_b, and i'm considering copying stuff over, especially since i already did KDZ couple of times, so i'm not afraid of starting over.
EDIT: this let me mount /vendor finally, but boot to OS still loops.

Scorcerer said:
Alright,
I went in and flashed v35 eng abl via qfill into abl_a. That gave me fasboot, which i used to do:
fastboot flash boot_b boot-twrp-30f_a.img (the twrp image i've got from you)
and
fastboot --disable-verity --disable-verification flash vbmeta_b blank_vbmeta.img
Then, i switched over to b slot, and rebooted straight to recovery.
In TWRP, i wiped data with formatting it, rebooted to recovery again (didn't got asked for password, i think that's a good thing), then installed magisk.zip via sideload (didn't have it on sd card) and Disable_Dm-Verity_ForceEncrypt_03.04.2020.zip afterwards.
I still have 2 problems though:
1. I can't mount vendor - in the log i'm getting "Failed to mount /vendor" (unknown error 150)
2. If i try to boot to system it loops over, i have to wait till it switches over to a slot, which gives me fastboot back, which i'm using to boot to recovery on slot B.
Should i just YOLO it and try to install Lineage directly from here (as i have TWRP)? That's my end goal...
EDIT:
I just noticed by DDing off the vendor_a it's reeeeeally different form vendor_b, and i'm considering copying stuff over, especially since i already did KDZ couple of times, so i'm not afraid of starting over.
EDIT: this let me mount /vendor finally, but boot to OS still loops.
Click to expand...
Click to collapse
First thing I see is that you flashed, assuming what you typed above is exactly what you did, vbmeta wrong.
it should be fastboot --disa... --disa... flash vbmeta_b vbmeta_blank.img
The 1st parameter, after 'flash' should be the partition you want to flash to. Then, after that, the image you want to flash to it.
2nd, just ignore the 'can't mount vendor' in the output of when you zip install magisk or dm_verity, it's irrelevant.
So why is it bootlooping when trying to get to system? Possibly the incorrect vbmeta command? Or maybe you didn't format data? (for format, you have to type in 'yes'). Possibly it's not the right image for the os? It is, beyond doubt, 30f that you flashed?
cheers

AsItLies said:
First thing I see is that you flashed, assuming what you typed above is exactly what you did, vbmeta wrong.
it should be fastboot --disa... --disa... flash vbmeta_b vbmeta_blank.img
The 1st parameter, after 'flash' should be the partition you want to flash to. Then, after that, the image you want to flash to it.
Click to expand...
Click to collapse
But that's what i did - i didn't change the command in my command and i copy-pasted it straight from command line and it says vbmeta_b everywhere...
AsItLies said:
2nd, just ignore the 'can't mount vendor' in the output of when you zip install magisk or dm_verity, it's irrelevant.
So why is it bootlooping when trying to get to system? Possibly the incorrect vbmeta command? Or maybe you didn't format data? (for format, you have to type in 'yes'). Possibly it's not the right image for the os? It is, beyond doubt, 30f that you flashed?
cheers
Click to expand...
Click to collapse
Yup, i didn't change name of the boot image you provided so i won't make any mistake here. Also, i noticed that after i restored from KDZ it forced me to grant access to internet and downloaded some kind of patches - can it be that those affected the booting sequence somehow and i should just take clean dump of abl_b for example so that it can be patched properly?
Oh, just now it occured to me, i can basically take two dumps, one after kdz restore and the other after booting it, then compare them with md5 and i'll know if it actually does something to them...
EDIT: one more question, is KDZ restoring both slots properly? or only the currently active one?

Scorcerer said:
But that's what i did - i didn't change the command in my command and i copy-pasted it straight from command line and it says vbmeta_b everywhere...
Yup, i didn't change name of the boot image you provided so i won't make any mistake here. Also, i noticed that after i restored from KDZ it forced me to grant access to internet and downloaded some kind of patches - can it be that those affected the booting sequence somehow and i should just take clean dump of abl_b for example so that it can be patched properly?
Oh, just now it occured to me, i can basically take two dumps, one after kdz restore and the other after booting it, then compare them with md5 and i'll know if it actually does something to them...
EDIT: one more question, is KDZ restoring both slots properly? or only the currently active one?
Click to expand...
Click to collapse
hmmmm, confusing. So u speak of clean dump abl_b so it can be patched... but we never patch abl (a or b).
and no, the 'downloaded some kind of patches' are just updates to their specific apps, it's not making any change to 'system'.
when using lgup, you should first use Part D/L and choose all partitions (you can clearly see it's doing both a & b by the list). Also, if doing a 'refurbish', it should be updating both slots. Only 'upgrade' would do one side and then switch to that side.
cheers

Okay, so, step-by step, i'll try it once again and will also be taking notes meanwhile
First, i restored from KDZ by refurbishing V409N30f_00_LGU_KR_OP_0126.kdz to be exact.
Just now i flashed eng35 into abl_a which got me into fastboot no problem - the fastboot screens says SECURE BOOT is "yes" and DEVICE STATE "unlocked" which seems okay i guess...
Flashing the TWRP image you provided with
fastboot flash boot_b boot-twrp-30f_a.img
I intend to leave abl_a with fastboot for the future and so i plan to boot from b side
Now the vbmeta:
fastboot --disable-verity --disable-verification flash vbmeta_b blank_vbmeta.img
went in just fine.
Reboothing to recovery - set the b slot to be active:
fastboot set_active b
rebooting form the phone buttons directly into recovery...Got TWRP 3.3.1-0 - asks for password, i have to cancel it obviously. Swiping to allow modifications and going directly to Wipe->Format Data->yes - works and done, but complains about /vendor and /data/media/TWRP/.twrps.
Going back a bit and rebooting TWRP to recovery again - This time it doesn't ask me for password so i think i got rid of the encryption.
Flashing Magisk-v22-0.zip from their webpage, i'm clicking on add more zips and adding Disable_Dm-Verity_ForceEncrypt_03.04.2020.zip as well, clicking on reboot system aaaaand bootloop

Okay good, making progress for sure.when I get back to my computer I'll post a link to the magisk and DM verity I use that I know will work. Not positive that those are the problem, but everything else seems to be exactly what you should be doing.

Scorcerer said:
Okay, so, step-by step, i'll try it once again and will also be taking notes meanwhile
First, i restored from KDZ by refurbishing V409N30f_00_LGU_KR_OP_0126.kdz to be exact.
Just now i flashed eng35 into abl_a which got me into fastboot no problem - the fastboot screens says SECURE BOOT is "yes" and DEVICE STATE "unlocked" which seems okay i guess...
Flashing the TWRP image you provided with
fastboot flash boot_b boot-twrp-30f_a.img
I intend to leave abl_a with fastboot for the future and so i plan to boot from b side
Now the vbmeta:
fastboot --disable-verity --disable-verification flash vbmeta_b blank_vbmeta.img
went in just fine.
Reboothing to recovery - set the b slot to be active:
fastboot set_active b
rebooting form the phone buttons directly into recovery...Got TWRP 3.3.1-0 - asks for password, i have to cancel it obviously. Swiping to allow modifications and going directly to Wipe->Format Data->yes - works and done, but complains about /vendor and /data/media/TWRP/.twrps.
Going back a bit and rebooting TWRP to recovery again - This time it doesn't ask me for password so i think i got rid of the encryption.
Flashing Magisk-v22-0.zip from their webpage, i'm clicking on add more zips and adding Disable_Dm-Verity_ForceEncrypt_03.04.2020.zip as well, clicking on reboot system aaaaand bootloop
Click to expand...
Click to collapse
check this folder for the version of Magiisk I know works. Don't remember why, but have read the latest version of Magisk is a problem somehow. Pretty sure if you follow the steps as u did above, with this magisk, it will work.
cheers

Hiho, thanks for sticking with me.
I did everything the same except for using the Magisk you provided, and when i finally got to it, it bootlooped all the same
I tried to flash stuff in different order and stuff, but accomplished nothing.
And then I remembered i read somewhere that the OTA only does update one slot at a time, so i thought maybe Refurbish behaves the same and flashes the other slot (in my case it'd be A since i'm trying TWRP and stuff on B)
I started comparing partitions, and almost all of them were the same, except:
515cddf67500d0be189f6fc386bad7c7 /dev/block/by-name/OP_a
7fe5ca2a051d6dbb9ef191fbee0af98c /dev/block/by-name/OP_b
a4b4bbed1d0a0aa668d76558a9d10fb4 /dev/block/by-name/abl_a
4c47ecd7254de2dd84f88dbc3e31ccc2 /dev/block/by-name/abl_b
65c4413067309174d839b98b3c7eff0e /dev/block/by-name/laf_a
e7e47f8e1e05f21cf06c638bf537be67 /dev/block/by-name/laf_b
c62e2c813eeaba8682bb7dd5e26ffa8b /dev/block/by-name/oem_a
65b0e730e47fd0017c11852917ef1d2b /dev/block/by-name/oem_b
dd90de59c1b08c949326d1625a8e4d55 /dev/block/by-name/system_a
d192b99fd2cc8a48dd3f106d9f0f8233 /dev/block/by-name/system_b
Obviously abl_a is different since i installed v35 eng to it, but the rest should be the same, right?
Since they're not, can i just dd from a to be and be done with it? A slot always booted fine, but since I'm installing eng into it I never tried to do twrp and stuff there...

Aaaand it works
So the trick was just to make sure that the proper OS is actually here, and then, well, everything works like a charm i guess I used newer magisk, and so far everything looks okay
Now i'm gonna put in Lineage, but this should be easy
This also means that Refubish doesn't flash everything as we thought it's supposed to be

Scorcerer said:
Aaaand it works
So the trick was just to make sure that the proper OS is actually here, and then, well, everything works like a charm i guess I used newer magisk, and so far everything looks okay
Now i'm gonna put in Lineage, but this should be easy
This also means that Refubish doesn't flash everything as we thought it's supposed to be
Click to expand...
Click to collapse
yeah the only one I trust to flash everything would be part D/L. When doing it, you select ea individual partition, and they are all listed, both a and b slots.
The purpose of the 'dual' slots (and no recovery partition any longer) is to update 1 slot at a time, while the other slot is the older OS version. That's the way OTA's are suppose to happen. But if you use LGUP and do a Part D/L, then both sides have the same OS.
it's confusing. Good u got it working!
cheers

Hi AsltLies,
I could see that you sent a 30f boot_a image with TWRP injected on it for Scorcerer. I'm on identical situation. Only difference that i want to stay on Pie. Probably i cant use that file as i'm on Pie.
Could you point me please how do i get to inject TWRP on a boot_a pie firmware. My devide and situation is identical as for Mr. Scorcerer. V409N, korea version.
I would like to try this guide here as it seems very confiable
Thanks in advance.

sptw said:
Hi AsltLies,
I could see that you sent a 30f boot_a image with TWRP injected on it for Scorcerer. I'm on identical situation. Only difference that i want to stay on Pie. Probably i cant use that file as i'm on Pie.
Could you point me please how do i get to inject TWRP on a boot_a pie firmware. My devide and situation is identical as for Mr. Scorcerer. V409N, korea version.
I would like to try this guide here as it seems very confiable
Thanks in advance.
Click to expand...
Click to collapse
If you want to stay on Pie, your situation is easier, you can just follow the guide to unlock and then use fastboot to boot twrp, use 'ramdisk inject' to inject the twrp image. Reboot to recovery, format data, reboot recovery again, flash magisk and dm_verity.
cheers

sptw said:
Hi AsltLies,
I could see that you sent a 30f boot_a image with TWRP injected on it for Scorcerer. I'm on identical situation. Only difference that i want to stay on Pie. Probably i cant use that file as i'm on Pie.
Could you point me please how do i get to inject TWRP on a boot_a pie firmware. My devide and situation is identical as for Mr. Scorcerer. V409N, korea version.
I would like to try this guide here as it seems very confiable
Thanks in advance.
Click to expand...
Click to collapse
Didn't realize it was available, but follow for the 20n boot+magisk boot image. This Link
I'd suggest using qfil to (first backup your original boot partition) to flash this to your active boot partition. Then exit edl mode and use the key combo to go directly to recovery (now twrp). Format data, then reboot recovery, then flash magisk and dm_verity. All set!
cheers

Hi AsltLies,
Thanks for both of informations. Let me try to explain a bit more. I am able to root the device with magisk. I made a boot_a patched using magisk apk and inject diretly into boot_a using qfill. It works like a charm. No problem at all.
The problem is that there are something wrong with viper4android using magisk. I want the older 2.3.4 driver and it has a kind of problem using convolver and system inject. User app method does not work.
I own a LG V20 with viper4android on it, and i can confirm that there are something wrong with viper on LG V40. My LG V20 is not a Bang & Olufsen and not even Merodian tune. Maybe the problem lies on this meridian audio tuned on LG V40. Chances are great about that. Devices sound differents and i have to accept this. But...
I would like to try the method that i used to root the LGV20 : Supersu and not magisk. I dont care about safety net. I dont use it. And a second problem with magisk : two apk refuse to open with magisk root method. I know they work with rooted devices but using rootcloack on xposed and xposed is very hard to get to work on magisk ( very limited )
So, i would like to use SuperSu method and not magisk to inject the old 2.3.4 viper4android directly on TWRP. I know how i can do it to works using the original drive and apk from the original devs. ( I dont like the new version 2.7 )
So, sorry for the long explanation, but do you know how i can install TWRP without to use magisk? ( That [TWRP] LG V40 / Judypn does not work. I only get bootloop ).
Thanks again.
In time: Maybe i'm doing something wrong to install TWRP. Do i need to instal it in both slots ( a and b? Do i need to access TWRP using the slot that is not active and make the zips install from there and not from the active slot? It's a kind of confusion for me. I already read a lot about it, but i'm still in doubt how it really works. I'm not interested to use another ROM, just stock.

sptw said:
Hi AsltLies,
Thanks for both of informations. Let me try to explain a bit more. I am able to root the device with magisk. I made a boot_a patched using magisk apk and inject diretly into boot_a using qfill. It works like a charm. No problem at all.
The problem is that there are something wrong with viper4android using magisk. I want the older 2.3.4 driver and it has a kind of problem using convolver and system inject. User app method does not work.
I own a LG V20 with viper4android on it, and i can confirm that there are something wrong with viper on LG V40. My LG V20 is not a Bang & Olufsen and not even Merodian tune. Maybe the problem lies on this meridian audio tuned on LG V40. Chances are great about that. Devices sound differents and i have to accept this. But...
I would like to try the method that i used to root the LGV20 : Supersu and not magisk. I dont care about safety net. I dont use it. And a second problem with magisk : two apk refuse to open with magisk root method. I know they work with rooted devices but using rootcloack on xposed and xposed is very hard to get to work on magisk ( very limited )
So, i would like to use SuperSu method and not magisk to inject the old 2.3.4 viper4android directly on TWRP. I know how i can do it to works using the original drive and apk from the original devs. ( I dont like the new version 2.7 )
So, sorry for the long explanation, but do you know how i can install TWRP without to use magisk? ( That [TWRP] LG V40 / Judypn does not work. I only get bootloop ).
Thanks again.
In time: Maybe i'm doing something wrong to install TWRP. Do i need to instal it in both slots ( a and b? Do i need to access TWRP using the slot that is not active and make the zips install from there and not from the active slot? It's a kind of confusion for me. I already read a lot about it, but i'm still in doubt how it really works. I'm not interested to use another ROM, just stock.
Click to expand...
Click to collapse
Well... i got to install TWRP in slot a. No more encrypt data. Install Selinux ( SuperSu ) too. Reboot to recovery and no more ask for password, so it works. Data continue to be there. TWRP see the Selinux root, but it always return to TWRP. It does not matter reboot to system, recovery and power off, it always return to TWRP. So, i go to the EDL mode, install v35eng on abl_a, install ablpiestock again to abl_a and...TWRP again...I cant boot.

sptw said:
Well... i got to install TWRP in slot a. No more encrypt data. Install Selinux ( SuperSu ) too. Reboot to recovery and no more ask for password, so it works. Data continue to be there. TWRP see the Selinux root, but it always return to TWRP. It does not matter reboot to system, recovery and power off, it always return to TWRP. So, i go to the EDL mode, install v35eng on abl_a, install ablpiestock again to abl_a and...TWRP again...I cant boot.
Click to expand...
Click to collapse
Hmmm, not sure yet what's going on but I updated the link above in prev post, it now points to a gdrive folder called 20n.
There's a new boot image in it that has just twrp injected, no magisk. Try that and see if it doesn't help. Be sure though of which is your active slot. The way a treble enabled device does ota updates is it will update the inactive slot, with the new version, switch slots, and then boots the new version. What that means is the OLD version is now the inactive slot.
So if u are on 20n, be sure to flash the new image to that slot, not the old one. If need be, use twrp or fastboot (getvar all) will tell you which slot is active.
cheers