Database Users

Updating To MM from LP (Moto X Pure)

So I wanted to create a thread dedicated to performing this function. I know as someone who does this quite often, I like to have all my ducks in a row to ensure everything works perfectly. I'm not big on fragging my phone and then frantically trying to find a way to undo all the chaos. I do a lot of research and ask a lot of questions before doing anything.
On that note I would like to first thank all the amazing people on here, whether they be developers or just experienced Tech Guru's, everyone is always a big help. I take absolutely no credit for any of the awesomeness that can be found on XDA, I'm just creating a thread that I hope will help folks find everything in one place for this function. So here we go, I'm going to explain the way I did it, which is the way I have been doing stuff like this for years. I have a preferred method as it has always resulted in perfect flashes and no bricks, not even soft bricks. So I feel it works pretty well.
Just so it is understood, this is for the Moto X Pure, which has been bootloader unlocked and has TWRP and root installed. Also it should be noted that you need to have Developer Options enabled and USB Debugging enabled. You should also be familiar with the ADB process, to some extent, maybe you have at least heard of it.
Steps to follow:
1. Use Titanium Backup and backup all your User Apps, NOT SYSTEM APP's, system apps will not restore across updates and will most often corrupt your new install.
2. Make a Nandroid backup using TWRP, I backed up system, boot, data, and EFS, but I don't think EFS is necessary.
3. Make sure you have the Motorola Drivers installed, get them from here http://www.motorola.com/getmdmwin
4. Get Shawn5162's Restore to Stock Tool, I know others have said it's not necessary to perform a complete restore, but this is part of my process that I have always done, and it's always worked. Get it here by using one of the mirror's created by patt2k in post 6, and don't forget to thank him for the mirrors http://forum.xda-developers.com/moto-x-style/development/windows-tool-moto-x-style-pure-edition-t3199905
5. Unzip Shawn5162's zip to a folder on your desktop, and before you move onto the next step, make sure you have backed up everything valuable on your phone, such as pictures, messages, etc..., because everything is going to be erased in the next step, except for the stuff on your MicroSD. I'm so anal, I even remove the MicroSD before flashing. Connect your phone to your computer using a USB and make sure you have USB debugging enabled under Developer Options.
6. Inside the folder you created run the FLASH-ALL.bat, which will reboot your device to the bootloader and begin the restore to stock flash. This will remove root and TWRP, but will not remove the fact you have an unlocked bootloader. Your phone will reboot when complete and should boot back into your system within a short period of time.
7. Once you are rebooted, you may need to do a little setup before you get the message that a System Update is available. DO NOT waste your time installing any apps, wait until you have full root on MM before doing any of that. Once the Update message appears, accept it and download the MM update file, then install it once it is finished downloading and asks if you want to install.
8. The update takes about 20 - 25 minutes so be patient. Once complete your phone will once again boot back to system, now you have MM in it's complete unrooted greatness.
9. Now go into settings, about phone, and tap on build number a bunch of times to enable Developer Options. Then go into developer options and enable USB Debugging.
10. Next download a bunch of stuff from the following links, if you desire to install TWRP and regain root.
TWRP 2.8.7.1 here https://dl.twrp.me/clark/twrp-2.8.7.1-clark.img
Modified Boot Image from here, required to perform systemless root , not sure about the Cowboy hat dude, but click on him, it will download the file.
SuperSU 2.52 from here https://download.chainfire.eu/743/SuperSU/BETA-SuperSU-v2.52.zip?retrieve_file=1
11. Next copy the modified boot file and SuperSU file directly to your internal or external SD on your phone, either works fine, although I prefer my External SD.
12. Next copy the TWRP file you downloaded into the same folder you made for Shawn5162's files. This folder has all the adb and fastboot files you need to perform the TWRP flash. Now hold shift and right click and choose open a command window here. Then ensure your device is detected by running the command adb devices, it should show your phones S/N and the word device. If it doesn't, you may need to look at your phone and respond to the prompt about allowing your computer to have access to adb. Try the command again after that. Then run the command adb reboot bootloader, which should reboot your phone to bootloader fastboot mode.
13. Once it fastboot mode run fastboot devices just to make sure your device is still detected, then run the command fastboot flash recovery twrp-2.8.7.1-clark.img. That will flash TWRP to your recovery partition. Then type the command fastboot reboot twrp-2.8.7.1-clark.img or use the volume rocker to toggle to recovery then select the power key to boot to it. Make sure you choose the slider at the bottom to allow modification. Once on the main screen you can choose reboot and then select recovery. This makes sure that you have booted to TWRP at least once, and ensures by rebooting to it, you can get back to it.
14. Now perform a Nandroid Backup, using the TWRP Backup option, of your completely stock MM system, data, boot, and EFS partitions. Enable compression if you like and store it to your External SD if you have one. This allows you to have an unrooted backup on your SD, which is good for future updates. After the Nandroid is complete now flash the modified boot image zip using the TWRP Install feature, and when it's complete, then flash the SuperSU zip file. After I always perform the option to erase Dalvik and Cache, I just think it is a good thing to do, it's probably placebo, but I do it anyhow.
15. Go back to TWRP Home and choose reboot and select system. Your device will reboot and you now have a fully updated and rooted Moto X Pure on MM.
Thanks go out to all the folks who have contributed to the many threads that contain this information. Special thanks to Shawn5162, DaMadOne, Chainfire, and Hashbang173 for their awesomeness. Hope this helps folks that are concerned about performing these procedures. I can say that it worked perfectly for me with no issues at all, but of course I take no responsibility if it doesn't work for you and causes your device to fail. Again these are similar steps I have taken in the past with other devices and I have never had a single brick, so hopefully it works for others as well.
Enjoy!!

I have a Moto X Pure as described with the bootloader unlocked and rooted. The popup message to upgrade to MM comes up constantly now - what happens if you just let it try to update?

I think I am in way over my head. I am receiving my phone Friday and was looking to unlock to root but from the looks of it, I will not be able to do that.
I've never unlocked & rooted a phone before. So all that looks like the bible to an uneducated man "me".

superkev72 said:
I have a Moto X Pure as described with the bootloader unlocked and rooted. The popup message to upgrade to MM comes up constantly now - what happens if you just let it try to update?
Click to expand...
Click to collapse
If I'm not mistaken it will download to your phone but not be able to be installed because of an error

Is there no way to upgrade from LP to MM without a wipe?

superkev72 said:
Is there no way to upgrade from LP to MM without a wipe?
Click to expand...
Click to collapse
Yeah, if you rooted already, you must reflash the original boot.img. Then update, and then restore your root. Read here:
http://forum.xda-developers.com/mot...t-moto-x-style-xt1572-br-marshmallow-t3259380
At the bottom of the post, you get the original file you need and it is mentioned here:
And enjoy!
Now you have a rooted MotoX Style Marshmallow. To apply any OTAs, you only need reflash stock boot.
K?

Why would you want to update without a wipe? You must like sluggish performance

i have no wifi after this

No WIFI either
I ended up with no WIFI after following these steps also.

is it true, we cannot downgrade from 601 to 6.0 or 5.1.1?

skimaniaz said:
I ended up with no WIFI after following these steps also.
Click to expand...
Click to collapse
Same here. Anybody got a fix?

So the last three posts complain of no wifi yet people keep using this method?

The modified boot zip breaks the wifi. You can root by flashing superSU 2.62, I think, or any SuperSU zip that is specifically systemless.

ilovemeow said:
is it true, we cannot downgrade from 601 to 6.0 or 5.1.1?
Click to expand...
Click to collapse
Not true.

lafester said:
Not true.
Click to expand...
Click to collapse
coz i tried before, it fail in first 2 flash steps

Are you unlocked?

ilovemeow said:
coz i tried before, it fail in first 2 flash steps
Click to expand...
Click to collapse
The partition always fails. Just ignore it. You should be able to downgrade the bootloader. I have been able to so I don't know why you would be having issues with that unless your bootloader is locked/re-locked.
Sent from my XT1575 using XDA Labs

So is this safe or not?

lafester said:
Are you unlocked?
Click to expand...
Click to collapse
yup, it's unlocked, but currently fine for using android M at this moment

[VK810.4G] [altev] most reliable way to root and install a custom recovery

Rooting VK810 official stock release 11A (11A is chosen for two reasons: 1. because it's easiest to root with the Stump app and 2. because on anything newer than 11A, you'd have to manually downgrade the bootloader before being able to install TWRP the first time):
1. On the tablet, download the Stump app from http://forum.xda-developers.com/lg-g3/orig-development/root-stump-root-lg-g3-sprint-verizon-t2850906
Credit and thanks @jcase, IOMonster , @autoprime and @PlayfulGod. Credit and thanks azureflux for the music although personally I turn the volume down all the way.
2. Install the Stump app you downloaded. Android should prompt you that it's an app from an unknown source since you didn't download it from the Play Store. It should direct you to the Security Settings option "Unknown sources" which you should checkmark and then attempt again to install the Stump app.
3. Launch the Stump app.
4. Turn the volume all the way down if you want because the music can be annoying for the duration necessary to root the VK810.
5. Choose "Grind".
6. Choose "Brute Force".
7. On the VK810, it can take up to 20 minutes at which time the Stump app should say to reboot the device to implement the root.
8. Once the device is rebooted, go to the Play Store and install SuperSU from https://play.google.com/store/apps/details?id=eu.chainfire.supersu&hl=en
Alternatively you can download the latest non-beta SuperSU zip from http://download.chainfire.eu/supersu (XDA thread with this link at http://forum.xda-developers.com/showthread.php?t=1538053), extract the zip and install the SuperSU app, or the latest Beta version from a link in @Chainfire 's thread at http://forum.xda-developers.com/apps/supersu/2014-09-02-supersu-v2-05-t2868133.
You'll also need this SuperSU.zip for step 8 of the fourth post "Flash to the latest stock ROM so that you can have it with root".
Credit and much thanks to @Chainfire !!!
9. Launch SuperSU, confirm the prompt to update binaries.
Installing the initial (necessary) TWRP v2.7.0.1 and updating it to the latest TWRP v2.8.7.0:
http://forum.xda-developers.com/showpost.php?p=64577888&postcount=3

Installing the initial (necessary) TWRP v2.7.0.1 and updating it to the latest TWRP v2.8.7.0:
1. On the tablet, download the "VK810_twrp_2.7.0.1.zip" from http://forum.xda-developers.com/showthread.php?t=2726707
Credit and thanks teamwin , @Drgravy , @djrbliss , @Dees_Troy , @id10terror and @traccdma !
The link is in the "DOWNLOAD" section below the "DISCLAIMER" towards the bottom of the first post.
Credit @Drgravy for the original instructions but I prefer to run the commands directly on the device instead of from a PC via USB Cable and ADB.
2. Download TWRP v2.8.7.0 from http://forum.xda-developers.com/lg-g-pad-83/orig-development/recovery-twrp-2-8-7-0-t3150812
Credit and thanks @AndroidUser00110001 !
3. Install "X-plore File Manager" from the Play Store at https://play.google.com/store/apps/details?id=com.lonelycatgames.Xplore&hl=en
Credit and thanks Lonely Cat Games!
4. While you're in the Play Store, install "Terminal Emulator for Android" https://play.google.com/store/apps/details?id=jackpal.androidterm&hl=en
5. Launch X-plore.
6. Enable root mode in X-plore:
6A. Click the three-dot menu button in X-plore's upper right corner.
6B. Choose "Configuration".
6C. In the "Root access" section, click the gray area below it and choose "Superuser + mount writable".
6D. Give X-plore SuperUser permissions by choosing "Grant" in the SuperSU prompt that pops up. It might not open this prompt until a later step when you actually access root.​
7. Find the "VK810_twrp_2.7.0.1.zip" file you downloaded in step 1 above. It should be on your internal storage in the Download folder.
8. Click once on the zip file - this will show you the files contained in it.
9. Navigate to the other file manager pane by choosing "SWITCH PANE" in the upper right corner.
10. Choose "Internal storage".
11. Navigate to the original pane by choosing "SWITCH PANE" again.
12. Select all the files inside the zip.
13. Choose the "Copy" icon in the toolbar on the right or left side of the screen. Choose "OK" at the confirmation prompt.
14. Now navigate to root. Give X-plore SuperUser permissions by choosing "Grant" in the SuperSU prompt that pops up.
15. From root, navigate to data/local/tmp.
16. "SWITCH PANE" to where you extracted the files from the zip.
17. Select "loki_flash" and "twrp.lok".
18. Choose the "Copy" icon in the toolbar on the right or left side of the screen. Choose "OK" at the confirmation prompt.
19. Launch "Terminal Emulator" installed in step 4 above.
20. In Terminal Emulator type (make sure no typos, or can copy/paste to be sure):
Code:
su
cd /data/local/tmp
chmod 777 loki_flash
./loki_flash recovery /data/local/tmp/twrp.lok
reboot recovery
Instead of "reboot recovery" you can use an app such as "Quick Reboot" from the Play Store at https://play.google.com/store/apps/details?id=phongit.quickreboot to reboot to recovery.
21. For getting to custom recovery with the tablet off, press and hold the Down Volume button. While continuing to hold the Down Volume button, press and hold the Power Button. The screen should come on in the stock-looking recovery and you can let go of both buttons). "Factory Reset" will no longer perform a Factory Reset. That's what you choose to get into custom recovery.
22. Update to to the latest TWRP v2.8.7.0 that you downloaded in step 2 above by (in TWRP v2.7.0.1) choosing "Install", navigating to where you downloaded the TWRP v2.8.7.0 zip (probably in internal storage in the Download folder), and choosing to flash the zip.
You can put a different custom recovery on the same way.
23. You can reboot into the newer TWRP by choosing the reboot recovery option.
Flash to the latest stock ROM so that you can have it with root:
http://forum.xda-developers.com/showpost.php?p=64601845&postcount=4

Flash to the latest stock ROM so that you can have it with root:
1. Download my ROM from my signature at the bottom of this post. I use ADM "Advanced Download Manager" from the Play Store at https://play.google.com/store/apps/details?id=com.dv.adm&hl=en, especially for downloading larger files like ROMs.
2. Check the MD5 Hash of the ROM zip:
2A. Copy (to the clipboard) the MD5 hash that I have in the filename of the ROM zip you downloaded in step 1 above.
2B. Install @scary alien 's "AFV File Verifier for Android" from the Play Store at https://play.google.com/store/apps/details?id=sa.afvx&hl=en.
2C. Run the AFV app.
2D. Choose "Input checksum for comparison".
2E. Paste the MD5 hash previously copied to the clipboard in step 2A above.
2F. Choose "Select File".
2G. Navigate to where you have the ROM zip.
2H. Long-press on the ROM zip and choose "Calc MD5 Checksum".
2I. When it's done calculating the MD5 hash of the ROM zip, it'll automatically compare it to the MD5 hash you pasted in step 2E above.
If the hashes match, the downloaded ROM zip is non-corrupt. If the hashes don't match, you have to re-download the ROM zip.​
3. Optionally download one or more of my debloat zip files in the third post of my ROM thread in my signature below. If you don't flash my "no OTA" debloat zip, then don't take any OTAs you get offered if there are ever any more, or you might get soft bricked, which I won't go into recovering from here.
4. If you didn't already do so in step 8 of the second post "Rooting VK810 official stock release 11A", download the latest non-beta SuperSU zip from http://download.chainfire.eu/supersu (XDA thread with this link at http://forum.xda-developers.com/showthread.php?t=1538053) or the latest Beta version from a link in @Chainfire 's thread at http://forum.xda-developers.com/apps/supersu/2014-09-02-supersu-v2-05-t2868133.
5. Copy/move anything you want to keep from internal storage like the files you downloaded in the previous sections.
6. I strongly suggest wiping everything from TWRP (Data, Cache, System, Dalvik and Internal Storage). Wiping all of these things, especially if you use my debloat zip(s) will clear up garbage/folders that were left behind by previous bloat.
7. Flash my ROM.
8. Flash SuperSU.zip (downloaded in step 4 above). This step is VERY IMPORTANT if you want to get back into custom recovery without having to re-flash a stock ROM and go through the whole process again.
9. Optionally flash one or more of my debloat zip files. If you don't flash my "no OTA" debloat zip, then don't take any OTAs you get offered if there are ever any more, or you might get soft bricked, which I won't go into recovering from here.
Flashing the debloat zip(s) before the first boot of the ROM will give the advantage of never having the data/cache entries or internal storage folders for the debloated apps created, the latter is why I recommend a wipe of internal storage.
In order to get back into TWRP/custom recovery from rooted Lollipop or above ROMs:
http://forum.xda-developers.com/showpost.php?p=64601845&postcount=5

Thanks to @JBurch/cry for the monetary motivation to finally put this all together in one place!
There are THREE variants of the G Pad 8.3: The Verizon VK810.4G which has LTE, and the V500 and V510 WIFI-only models. These instructions are ONLY for the VK810.4G.
Please don't quote the whole OP.
FAQ: If you use files meant for anything else other than the VK810, you'll brick your tablet. This will be exhibited by the tablet showing up in Windows' Device Manager under "Other devices" as "QHSUSB-BULK". You will have to Google for "QHSUSB-BULK" to find out how to fix that. I've read about some having success doing so and others not. I haven't ever had to fix that so I have no personal experience with it and can only lead you to Google about it.
This requires a Windows PC, preferably Windows 7 or newer, to first downgrade your VK810 variant of the G Pad 8.3 to LG build 11A / Jellybean 4.4.2, to make it easiest to root and to put a custom recovery on.
Disclaimer: I am not responsible for whatever you do to your device. This is my preferred method and what I recommend.
Note: These instructions are still working in order to downgrade from official stock release 36B on the VK810 (codename "altev"), Verizon LG G Pad 8.3 LTE, to official stock release 11A in order to make it easiest to both root and install TWRP. You can then install any ROM you like including my newest stock ROM in my signature at the bottom of this post.
Downgrading/resetting to 100% official stock unrooted release 11A (11A is chosen for two reasons: 1. because it's easiest to root with the Stump app and 2. because on anything newer than 11A, you'd have to manually downgrade the bootloader before being able to install TWRP the first time):
1. On a Windows PC, preferably with Windows 7 or higher, download the latest Verizon-LG driver at http://www.lg.com/us/support-mobile/lg-LGVK810 (current version 4.0.3, direct download link if still working http://18d5a.wpc.azureedge.net/8018D5A/tool/dn/downloader.dev?fileKey=UW00520120427).
2. Install the driver.
3. Reboot the PC.
4. While you're continuing to follow the rest of the directions, might as well get the installed driver "loaded":
4A. Put the VK810 in Download mode:
4A1. Preferably using the original USB cable, or alternatively possibly a high-quality cable, connect the one end preferably to a USB 2.0 port on your Windows PC. Note: not all, but most USB 3.0 ports (to avoid for this process under normal circumstances) are blue in color whereas USB 2.0 ports are usually black.
4A2. Turn the VK810 off (within Android, long press the power button and choose "Power off").
4A3. The following is different from other G Pad 8.3 variants:
4A3a. Press and hold the Up Volume button.
4A3b. While continuing to hold it, insert the tablet end of the USB cable.
4A3c. You should feel the tablet vibrate and you can see a very dim, very faint graphic in the very center of the screen that says "Download Mode":
{
"lightbox_close": "Close",
"lightbox_next": "Next",
"lightbox_previous": "Previous",
"lightbox_error": "The requested content cannot be loaded. Please try again later.",
"lightbox_start_slideshow": "Start slideshow",
"lightbox_stop_slideshow": "Stop slideshow",
"lightbox_full_screen": "Full screen",
"lightbox_thumbnails": "Thumbnails",
"lightbox_download": "Download",
"lightbox_share": "Share",
"lightbox_zoom": "Zoom",
"lightbox_new_window": "New window",
"lightbox_toggle_sidebar": "Toggle sidebar"
}
Credit and thanks @sevoan for posting the screenshot at http://forum.xda-developers.com/showthread.php?t=2782066
4A3d. Let go of the Up Volume button.​
4B. Windows may take up to 10 minutes to finish loading the driver you previously installed. Every time you connect any USB device to a new/different USB port on a PC, Windows will have to take a longer loading the driver process.​
5. Download the official stock release 11A KDZ for the VK810: https://www.androidfilehost.com/?fid=23991606952610809 (file name "5. VK81011A_01 - Jellybean 4.2.2.KDZ - MD5 hash inside - recommended for both ease of rooting and one less step to install the initial TWRP v2.7.0.1.7z")
If the previous link doesn't work, you can find it in my signature at the bottom of this post.
6. Download and install the free 7-Zip Windows program from ttp://www.7-zip.org"]http://www.7-zip.org[/URL]. Any version should work although you can only install the 64-bit version on 64-bit versions of Windows.
7. Use 7-Zip to extract the KDZ from the 7-Zip (7z) file downloaded in step 5 above. If you want to extract the 7-Zip on an Android device instead for some reason, use ZArchiver from the Play Store at https://play.google.com/store/apps/details?id=ru.zdevs.zarchiver&hl=en
8. LG Flash Tool 2014:
8A. On the Windows PC, download "LG Flash Tool 2014" from http://forum.xda-developers.com/showthread.php?t=2797190
Credit and thanks @quangnhut123
The MediaFire link is in step "3. Tutorial"
8B. Run "LGFlashTool2014.exe" as Admin: Right-click on "LGFlashTool2014.exe" and choose "Run as administrator". Provide Administrator credentials if necessary. If you get a UAC (User Account Control) prompt, click "Yes".
8C. If the program doesn't run, install the Visual C++ Runtime Library, also available in step "3. Tutorial" at the link in step 8 above, then repeat step 9.
8D. Screenshots also available at the link in step 8.
8E. "Select Type" should already be at the correct default "CDMA". Same for "PhoneMode" is "DIAG" and "Reset time" is "33000".
8F. Click the yellow folder icon to the right of the "Select KDZ file" field and choose the 11A KDZ file extracted from the 7-Zip archive you downloaded in step 5 above.
For reference: "CSE Flash" is what you should normally always use. "CSE Flash" will wipe your user data including your internal storage so be sure to move/copy anything you want to keep that's currently on your internal storage. "Normal Flash" is like a dirty flash. Your device will be restored completely to stock but will keep all of your user data including your internal storage. If you're downgrading stock ROM versions, you can expect "Normal" to result in a device that'll crash. If you do so, you can attempt a "Factory Reset" from the stock recovery (with the device off - long press the power button for 10 or so seconds until the device shuts off - press and hold the Down Volume button. While continuing to hold the Down Volume button, press and hold the Power Button. The screen should come on in the stock recovery and you can let go of both buttons). "Factory Reset" will of course wipe all user data including Internal Storage.
8G. Click "CSE Flash".
8H. On the "Read Phone Information" dialog which appears, do NOT press the "Read Phone Information" button. This has always crashed for me.
8I. Click "Start".
8J. On the next dialog, you can change the Country and Language if you like - either way doesn't make a difference. Click "OK".
VERY IMPORTANT: Once you click "OK", ignore any error dialogs that pop up. I mean every single one. Don't click any buttons in them, just drag them out of your way if necessary. 99.9% of the time, given enough time the device will be flashed successfully anyway. On the VK810, usually within 20 minutes. For comparison, on the VS985 Verizon LG G3, usually within 10 minutes.​
Rooting VK810 official stock release 11A (11A is chosen for two reasons: 1. because it's easiest to root with the Stump app and 2. because on anything newer than 11A, you'd have to manually downgrade the bootloader before being able to install TWRP the first time):
http://forum.xda-developers.com/showpost.php?p=64577888&postcount=2
Installing the initial (necessary) TWRP v2.7.0.1 and updating it to the latest TWRP v2.8.7.0:
http://forum.xda-developers.com/showpost.php?p=64577888&postcount=3
Flash to the latest stock ROM so that you can have it with root:
http://forum.xda-developers.com/showpost.php?p=64601845&postcount=4
In order to get back into TWRP/custom recovery from rooted Lollipop or above ROMs:
http://forum.xda-developers.com/showpost.php?p=64601845&postcount=5
General thanks to, for my previous experience:
@AndroidFileHost for the Android File Host website and especially their changes allowing for the reorganization of already uploaded files.
@KyPbP for letting us know it's availability and giving the link to download the VK810 35A_08 KDZ. http://forum.xda-developers.com/showpost.php?p=60851710&postcount=108
@Revoe for letting us know the availability of the VK810 36B_00 OTA. http://forum.xda-developers.com/lg-g-pad-83/general/verizon-lg-g-pad-8-3-vk810-altev-ota-t3182449
@hsbadr for giving me permission to kang his Verizon G3 VS985 JasmineROM 7.0 update script for this use. http://forum.xda-developers.com/showpost.php?p=56005236&postcount=1
@rant for giving a link to the official Verizon PDF detailing 35B. http://forum.xda-developers.com/showpost.php?p=60857092&postcount=1 http://www.verizonwireless.com/dam/support/pdf/system_update/benefits-lg-g-pad-83-5-20-15.pdf
@DeanGibson for giving a link to the official Verizon PDF detailing this release. http://forum.xda-developers.com/showpost.php?p=62413430&postcount=2 http://www.verizonwireless.com/dam/support/pdf/system_update/benefits-lg-gpad-83-8-17-15.pdf
@Chainfire for SuperSU! http://forum.xda-developers.com/showthread.php?t=1538053
@Hnk1 for continued support, advise and ideas, and for experimenting to find out how to root 35A_08 without downgrading.
@xdabbeb for further knowledge about the partitions!

In order to get back into TWRP/custom recovery from rooted Lollipop or above ROMs:
1. Download the corresponding "aboot only" (aboot is the bootloader) found in the same place to download as my ROM zip. Corresponding means if you installed the latest 36B VK810 stock ROM, then download the 36B VK810 aboot zip file.
2. Download the 4.2.2 aboot package from http://forum.xda-developers.com/showpost.php?p=54533937&postcount=2
Credit and thanks @paperWastage !
The download link is about three quarters down in that second post.
3. Move this aboot.4.2.2.img file into the top of the internal storage (meaning, not in a folder).
4. In Terminal Emulator type (make sure no typos, or can copy/paste to be sure):
Code:
su
dd if=/sdcard/aboot.4.2.2.img of=/dev/block/platform/msm_sdcc.1/by-name/aboot
5. You can now reboot into recovery via your preferred method.
6. Once you're finished in TWRP, you need to re-flash the newer aboot zip downloaded in step 1 above. If you forget, the ROM won't boot. You should be able to long-press the power button to force the device off, then use the manual method to get back into TWRP mentioned in step 22 in the previous section above. Re-flash the newer aboot zip, then reboot from TWRP and the ROM will boot.
You can alternatively dirty flash my ROM zip instead of just the aboot. You'd have to re-flash SuperSU.zip and any debloat zips too.

Reserved

Update
Ok, so I installed TWRP and flashed the new version. I then cleaned out my internal memory and loaded several files to the external SD card for the final process. I flashed "ViKtory810ROM_v36B_00+5.0.2+with+36B+aboot+[no+custom+recovery+after]+-+MD5+50fe66dfd0b57a50694accef47263a94" first. Then I flashed "UPDATE-SuperSU-v2.46". Next I flashed "VK810.4G+36B_00+5.0.2+-+no+OTA+-+MD5+b031ab290cde9f6fa0e30db8ef61223a". Then flashed "VK810.4G+36B_00+5.0.2+debloat+-+all+EXCEPT+still+has+OTA+-+MD5+e215ad72cb4fc9d5841217faa5048444". Then I flashed "VK810.4G+36B_00+5.0.2+debloat+-+LG+apps+&+UI+sounds+-+MD5+9a15512ed7754ef7fccf8b017c631199". I flashed them in that order from TWRP v2.8.7.0. After reboot the new ROM loads up and it seems to be working ok except for one issue. I keep getting an error popping up that says "Unfortunately, the process com.android.phone has stopped. Then it shows activation complete and shows my phone number listed under that. After that the pop up appears and say Unfortunetly, the process com.android.phone has stopped. I clear the pop up and it says activating tablet again, then shows the activation complete with my phone number all over again. Then the pop up appears again. This is an endless cycle of happening. I haven't done anything on the tablet as of yet. I want to know what your thinking. Is there something I need to do with one of the settings? I'm also noticing its not connecting to the cell towers. Ok, hope you can help. Thanks again!

JBurch/cry said:
Ok, so I installed TWRP and flashed the new version. I then cleaned out my internal memory and loaded several files to the external SD card for the final process. I flashed "ViKtory810ROM_v36B_00+5.0.2+with+36B+aboot+[no+custom+recovery+after]+-+MD5+50fe66dfd0b57a50694accef47263a94" first. Then I flashed "UPDATE-SuperSU-v2.46". Next I flashed "VK810.4G+36B_00+5.0.2+-+no+OTA+-+MD5+b031ab290cde9f6fa0e30db8ef61223a". Then flashed "VK810.4G+36B_00+5.0.2+debloat+-+all+EXCEPT+still+has+OTA+-+MD5+e215ad72cb4fc9d5841217faa5048444". Then I flashed "VK810.4G+36B_00+5.0.2+debloat+-+LG+apps+&+UI+sounds+-+MD5+9a15512ed7754ef7fccf8b017c631199". I flashed them in that order from TWRP v2.8.7.0. After reboot the new ROM loads up and it seems to be working ok except for one issue. I keep getting an error popping up that says "Unfortunately, the process com.android.phone has stopped. Then it shows activation complete and shows my phone number listed under that. After that the pop up appears and say Unfortunetly, the process com.android.phone has stopped. I clear the pop up and it says activating tablet again, then shows the activation complete with my phone number all over again. Then the pop up appears again. This is an endless cycle of happening. I haven't done anything on the tablet as of yet. I want to know what your thinking. Is there something I need to do with one of the settings? I'm also noticing its not connecting to the cell towers. Ok, hope you can help. Thanks again!
Click to expand...
Click to collapse
You're welcome! Everything debloated in the LG/etc debloat zip is also debloated in the debloat All, FYI.
Sorry you're having trouble. I haven't had that experience at all. Did you wipe Data, Cache and Dalvik too? Sadly, without being able to fully use Android you won't be able to get back into TWRP since you have to temporarily redowngrade the bootloader (aboot.img) to get into it (the last section "In order to get back into TWRP/custom recovery from rooted Lollipop or above ROMs").
I know there's a way in Android to boot in a "safe mode" but I've only done it by accident and can't recall how. I don't know if that would make any difference anyway.
If you can use the hardware keys to get into the stock-looking recovery you could try re-wiping Cache but I wouldn't have much hope of that doing the trick, either.
I hate to say but if none of these things work the only way to get back into TWRP without the use of Android is to use LG Flash Tool 2014 to re-flash the 11A KDZ and start over.
I guess I'm going to have to write the detailed instructions for how to check MD5 hashes and add that into the OP, as that would be something I would ask if was done when anyone has problems after a flash.

@JBurch/cry I wrote up directions for checking MD5 hashes on Android - they're in the section for flashing my ROM. I realized that this won't help you in your current situation unless you take the MicroSD card out and put it in another Android device and check the hash on there.
I'm debating whether I should write up directions for checking MD5 hashes on Windows too.

So uh ya
roirraW "edor" ehT said:
You're welcome! Everything debloated in the LG/etc debloat zip is also debloated in the debloat All, FYI.
Sorry you're having trouble. I haven't had that experience at all. Did you wipe Data, Cache and Dalvik too? Sadly, without being able to fully use Android you won't be able to get back into TWRP since you have to temporarily redowngrade the bootloader (aboot.img) to get into it (the last section "In order to get back into TWRP/custom recovery from rooted Lollipop or above ROMs").
I know there's a way in Android to boot in a "safe mode" but I've only done it by accident and can't recall how. I don't know if that would make any difference anyway.
If you can use the hardware keys to get into the stock-looking recovery you could try re-wiping Cache but I wouldn't have much hope of that doing the trick, either.
I hate to say but if none of these things work the only way to get back into TWRP without the use of Android is to use LG Flash Tool 2014 to re-flash the 11A KDZ and start over.
I guess I'm going to have to write the detailed instructions for how to check MD5 hashes and add that into the OP, as that would be something I would ask if was done when anyone has problems after a flash.
Click to expand...
Click to collapse
So um ya, I failed to do what you stated on task 3 of your Rom installation. You told me to do this before installation:
3. I strongly suggest wiping everything from TWRP (Data, Cache, System, Dalvik and Internal Storage). Obviously, first copy/move anything you want to keep from internal storage like the files you downloaded in the previous sections. Wiping all of these things, especially if you use my debloat zip(s) will clear up garbage/folders that were left behind by previous bloat.
So.... I pulled a stupid.....When reading this I thought you meant to go into my folders "on the tablet" and manually delete the things I put in there. I didn't realise you meant to do it through TWRP before installation lol. So after coming to grips with the idea that I now need to start completely over,,,, I rebuilt the entire thing correctly in 20 minutes. Sad this took me 3 days to learn everything by reading over countless forums. Your help was absolutely necessary to bring it all together. My tablet is fully upgraded and that was the best money I've spent in along time. The next time i get a device, you'll get first crack at helping me. If everything goes well, I'll make sure to double the donation next time. Your experience is valuable and should come at a cost. Thank you and I look forward to talking with you in the future. Take care! Now to get busy using this thing.

JBurch/cry said:
So um ya, I failed to do what you stated on task 3 of your Rom installation. You told me to do this before installation:
3. I strongly suggest wiping everything from TWRP (Data, Cache, System, Dalvik and Internal Storage). Obviously, first copy/move anything you want to keep from internal storage like the files you downloaded in the previous sections. Wiping all of these things, especially if you use my debloat zip(s) will clear up garbage/folders that were left behind by previous bloat.
So.... I pulled a stupid.....When reading this I thought you meant to go into my folders "on the tablet" and manually delete the things I put in there. I didn't realise you meant to do it through TWRP before installation lol. So after coming to grips with the idea that I now need to start completely over,,,, I rebuilt the entire thing correctly in 20 minutes. Sad this took me 3 days to learn everything by reading over countless forums. Your help was absolutely necessary to bring it all together. My tablet is fully upgraded and that was the best money I've spent in along time. The next time i get a device, you'll get first crack at helping me. If everything goes well, I'll make sure to double the donation next time. Your experience is valuable and should come at a cost. Thank you and I look forward to talking with you in the future. Take care! Now to get busy using this thing.
Click to expand...
Click to collapse
Cool! Glad at least it was something simple, even if a little bit painful to fix. You must at least be a fast learner.
Maybe I'll separate that into two steps to distinguish them.
Enjoy! I hope we get 5.1.1 someday because 5.1.1 on the G3 is so much better than 5.0.x was. You're welcome and thank you! I never even took donations until a few months back when one or two people wanted me to.
Most of the time I enjoy just seeing someone successfully do whatever they're trying to do.

Thank you, I felt so much better using this than some sketch chinese program.

FL4NKENSTEIN said:
Thank you, I felt so much better using this than some sketch chinese program.
Click to expand...
Click to collapse
You're welcome! I know what you mean.

Hey. Not sure if I am posting in the correct thread so apologises if warranted.
I recently rooted my vk810 with king root. Seemed to be the only thing to work. Only after I rooted did I realize that king root probably was not the wisest way to go.
So I'm about to attempt to unroot and hopefully get this thing rooted and a decent rom working. I like the tablet but all the verizon crap and associated bloatware are driving me nuts.
A little background, I've used linux distros for a while now, but not comfortable with command line stuff. I'm that copy and paste guy...
Any ideas on where to begin? I see Mr warrior seems to be the guy. Just about all related searches end with a post by him. Kudos for helping everyone he has so far. People like him are the reason why the linux/android world is such a great place!
Thanks in advance!

Soundsofsublime said:
Any ideas on where to begin? I see Mr warrior seems to be the guy. Just about all related searches end with a post by him. Kudos for helping everyone he has so far. People like him are the reason why the linux/android world is such a great place!
Thanks in advance!
Click to expand...
Click to collapse
Just follow all of the directions in the first through fifth posts and they'll get you there. You'll need a Windows PC.
Some people have told about an app called "SuperSU Me" (not by @Chainfire) to replace Kingroot with SuperSU. I have no experience with that or links to it, however.
Thanks and you're welcome!

Lost on step 3.20
i think i messed up somewhere in the "VK810_twrp_2.7.0.1.zip" copy/paste section using X-PLORE. when i type in the "cd /data/local/temp" command in the emulator it
returns "sh: cd: /data/local/temp: no such file or directory". any help would be greatly appreciated.
for the record, this is my first time trying any type of root process.
thanks
***********************
update: i figured it out.

Slingb1ade said:
i think i messed up somewhere in the "VK810_twrp_2.7.0.1.zip" copy/paste section using X-PLORE. when i type in the "cd /data/local/temp" command in the emulator it
returns "sh: cd: /data/local/temp: no such file or directory". any help would be greatly appreciated.
for the record, this is my first time trying any type of root process.
thanks
***********************
update: i figured it out.
Click to expand...
Click to collapse
Thanks for the update. What did you figure out was the trouble? Didn't do the "SU" command first?

How to unlock boot loader anyone suggest me

zaccheo said:
How to unlock boot loader anyone suggest me
Click to expand...
Click to collapse
No one has done it. Someone more knowledgeable than I would have to tackle it.

roirraW "edor" ehT said:
Thanks for the update. What did you figure out was the trouble? Didn't do the "SU" command first?
Click to expand...
Click to collapse
i didn't pay attention to the provided instructions "20. In Terminal Emulator type (make sure no typos, or can copy/paste to be sure)"
i was typing temp, needed to type tmp.

[ROOT] [STOCK] [TWRP] Root Stock Firmware of Any Modern Sony Device

At first I created a guide about rooting stock Marshmellow of Sony Xperia Z5 Premium. After some time I realized that it may be useful to users of virtually any recent Sony phone or tablet, so here is my Sony Cross-Device general rooting thread. I will mostly copy-paste bits from my previous guide, but using renewed screenshots and firmwares'/tools' versions.
Please write back in this thread which model of Sony phone you was able to root with the help of this guide.
This guide does not work for MediaTek devices.
INTRODUCTION
Sony historically provides own versions of Android OS, modified for Sony phones. These firmwares with added Sony apps are known as a stock firmware, contrary to vanilla Android developed by Google.
This guide will lead you through the process of rooting the stock firmware for your particular Sony phone. At the same time, your phone will be supercharged with TWRP recovery image, a useful tool for things such as an installation of system behavior altering apps to a whole device backup including all system partitions.
WHY ROOT?
Sony, just as any other smartphone vendor, ships its devices without the ability to alter inner system workings of Android OS. Technically speaking, default OS only allows use of non-administrator accounts, which have access only to their own user space.
Rooting is a process of allowing access to the administrator account, also known as root. This enables a possibility to alter/remove system parts of the OS: apps, settings, behaviors. For example, with root access you can block ads system-wide, from apps to browsers.
WHAT ARE CAVEATS
During the rooting procedure, the unique DRM keys will be removed from the phone. These keys are used to make some proprietary Sony features work, such as X-Reality for Mobile, camera denoise filter etc.
During the course of this guide a so called DRM fix will be apllied, which effectively emulates DRM keys, so many Sony features remain in working condition, even without actual keys. Some features, such as Widevine, will not work but majority of typical users won't even notice this. I think most of you even don't know what Widevine is.
However, in this guide I will present a way to backup your DRM keys, if you still think you need them. I will not deep dive though, since I never bothered with DRM keys export/import procedure myself and have no experience in doing this.
Some apps will refuse to work on rooted device, Pokemon Go and Android Pay are couple of notorious examples. Research your apps for rooted device compatibility. If you find such app and cannot live without it, don't root your phone.
ACCOLADES
The rooting of Sony stock firmware will not be possible without the work of these brilliant community developers:
@Androxyde — Flashtool
@IgorEisberg — XperiFirm (integrated into Flashtool)
@Dees_Troy et al. — TWRP
@Chainfire — SuperSU
@topjohnwu — Magisk
@tobias.waldvogel — Kernel repack script and DRM fix
@zxz0O0 — iovyroot
@rayman — TA Backup v2
STEPS
The whole process of rooting your stock firmware is divided into the following steps:
Getting your phone recognized by your computer (driver installation).
(optional) Backup your DRM keys.
Unlocking a bootloader.
Flashing stock firmware with Flashtool.
Repacking and flashing a kernel.
Installing SuperSU or Magisk.
(optional) Restore your DRM keys.
Optional tasks.
After the completion of this guide, your phone contents will be completely erased, so you may want to backup all what is important to you to some external locations. External microSD card will not be erased, so you may copy your stuff to it. If you are already use some rooted Android, you may want to use some specialized tools like Titanium Backup or like. TWRP also have a nice backup features, if you have one already installed.
Also, use Sony's own Backup & reset tool from the settings. You may backup your local contacts, messages and much of such stuff directly to your microSD card. After the rooting, same tool may be used to restore some (or all) of these things back.
I usually make a whole backup with TWRP, Titanium Backup for user apps and the Sony's Backup & reset for conversations and call logs.
The guide was developed using Windows 10 Pro 64-bit and Sony Xperia Z5 Premium Dual-SIM E6883 official model for the Russian market.
Let's go.
1. GETTING YOUR PHONE RECOGNIZED BY YOUR COMPUTER (DRIVER INSTALLATION)
During the course of this guide, your phone will comminicate with your computer in Fastboot and Flashmode connection modes. When connected in these modes, for the phone to be properly recognized by a computer, you have to provide special drivers. Thanks to Flashtool creators, it comes bundled with generic drivers compatible with all recent Windows operating systems, so at first you should install Flashtool. You can get installer from the official website.
Next, you should install Fastboot and Flashmode drivers for your phone.
One caveat here however, these drivers are not from a "recognized Windows developer", that is they are not Windows-certified, so to get them installed on Windows 8/10, you should reboot with the disabled driver signature enforcement. Use Google to know how to perform this.
Once booted in the aforementioned mode (or in a regular mode if you are still on Windows 7), proceed to the actual driver installation. The drivers are packed into the Flashtool\drivers\Flashtool-drivers.exe executable, but it didn't work on my system, perhaps because it is 64-bit (but feel free to try it yourself), so I simply unarchived it with 7-Zip (right-clicked it and chose 7-Zip > Extract to "Flashtool-drivers"). I got a Flashtool-drivers folder, which contained all the drivers from the executable.
Once drivers are unpacked, connect your phone in a Fastboot mode. Recent Sony devices can boot in Fastboot just like this: shutdown the phone, press and hold Volume Up rocker button and connect USB cable to the phone while the other end is connected to a running PC. The phone's LED will turn blue shortly. That's it, you are in a Fastboot mode. Open Device Manager (Win + X, Device Manager) and check if there is some unknown device (with the name S1Fastboot or something like this).
Double-click this unknown device in the Device Manager, click Update Driver..., then Browse my computer for driver software, and choose the Flashtool-drivers folder created earlier with 7-Zip (leave Include subfolders checked). Shortly you will get a red warning dialog window, which inform you that this driver doesn't have a proper signature:
{
"lightbox_close": "Close",
"lightbox_next": "Next",
"lightbox_previous": "Previous",
"lightbox_error": "The requested content cannot be loaded. Please try again later.",
"lightbox_start_slideshow": "Start slideshow",
"lightbox_stop_slideshow": "Stop slideshow",
"lightbox_full_screen": "Full screen",
"lightbox_thumbnails": "Thumbnails",
"lightbox_download": "Download",
"lightbox_share": "Share",
"lightbox_zoom": "Zoom",
"lightbox_new_window": "New window",
"lightbox_toggle_sidebar": "Toggle sidebar"
}
Very scary. Just proceed with the install despite all the red flags, it's safe.
Once Fastboot driver is installed, plug out the USB cable off the phone and connect it in a FlashMode mode. This is done just like for Fastboot, but in this case you should press and hold Volume Down rocker button during the cable plugging in. The LED in this case will be green and not blue. The procedure to install the driver is exactly the same.
After the successful installation, try to reconnect the phone in these modes again couple more times to make sure all devices get properly recognized by Windows. If all seems good, proceed to the next step.
2. (OPTIONAL) BACKUP YOUR DRM KEYS
I encourage you to skip this step, but if you feel like you should do this anyway, here is some info.
There is a tool called iovyroot, with which you can backup your DRM keys from an unrooted phone, but at the time of the writing it doesn't support latest firmwares. It does support a lot of older firmwares so it may be useful to not upgrade your phone before checking up this tool.
If you're into this backup DRM thing, go to the original thread, download the latest version and check if it is working for you. For now I just skip this step. Basically, you want to download the zip, connect your phone in USB Debugging mode, run the tabackup.bat script and see the output.
Some people suggest to use the newer Universal (Dirtycow-based) TA Backup v2 tool instead of ageing iovyroot to backup you keys. Please check the official thread to get instructions (linked in the previous sentence).
I will not cover DRM keys extraction/restore in details, since I never did it, so I don't want to write about something I haven't myself performed. Please check corresponding threads.
Note that most proprietary Sony features will work even without DRM keys, such as X-Reality for Mobile, camera denoise filter and some others. DRM fix will be covered later in this guide. Some features will not work with DRM fix, Widevine for example. Most users will not even notice these.
3. UNLOCKING A BOOTLOADER
Sony does provide its own guide. It is a plain and simple and — good news! — if you have followed the previous steps, you just got all the prerequisites covered!
4. FLASHING STOCK FIRMWARE WITH FLASHTOOL
Now we will flash the latest available Sony firmware to the phone. In this step it will be untouched vanilla firmware, without root yet.
The Flashtool was installed on the completion of the first step, so let's start it. If you are on 64-bit Windows, start Flashtool64 (there is a shortcut in the Start menu). It does require administrator privileges.
Once you are in Flashtool, at first you need to obtain the most recent official stock firmware from Sony. Press the "XF" icon (the right-most one in the toolbar) to start XperiFirm. This is where it is:
The window will open, choose your phone from the left part of the window, then choose your particular model and after that choose your market and operator from the right part of the window. The entry will become highlighted and shortly there will be some info in the last column (Latest Firmware). This definition will be also in the right-most part of the window just under the phone thumbnail, click on it. Not a brilliant design decision, but that's it. Here is a screenshot for your reference:
If there are multiple firmwares available, pick the more recent (typically the top-most). The new window will pop up, press Download. The stock firmware will be downloaded to your computer and unpacked.
Once the download is completed, close all XperiFirm windows to return to the main Flashtool window. Flashtool will begin a creation of the .ftf file from the downloaded resources which will be used for a (subsequent) flashing. FTF-files are similar to ZIP-files, and may be opened with 7-Zip. For example, I've got E6883_32.3.A.0.376_1299-4828_R3D.ftf after the completion of this procedure. Flashtool places firmwares in the C:\Users\<Your Windows Username>\.flashTool\firmwares.
Now, once the stock firmware is downloaded, packed into .ftf and ready to be installed, let's do this.
Disconnect and switch off the phone for now, physically extract microSD card (if any) and press the left-most button on the Flashtool's toolbar (the "Lightning" one) and choose Flashmode. The Firmware Selector window will appear with a selected default folder and list of all firmware available for a flashing. I've got a single entry, the firmware I just downloaded. Before actual flashing, you can check some checkboxes from the Wipe section, I usually check all to start clean (all the data on the phone is erased). Once again, just to be safe, extract the microSD card from the phone at this moment. It is not needed for a flashing anyway. Here is how the window looked to me:
After all is set up, press Flash. The flashing process is not yet begun, since at first Flashtool just prepares firmware for a flashing.
After a while, a window will appear which will ask you to connect your phone in the Flashmode mode. With your phone off, hold the Volume Down button, connect the USB cable. Once Flashtool detects the phone in the Flashmode mode, it will start the actual flashing automatically. You may release the Volume Down button and go get some snack. The flashing will take some time.
After the completion of the flashing procedure, you'll get a stock Sony firmware installed, and now it is perfect time to proceed to the next step. You may leave your phone off at this moment, but if you are curious, start it up and check if the new Android is actually there. Note however that first start after the firmware installation takes a long time.
5. REPACKING AND FLASHING A KERNEL
Now it is a most interesting part: repacking and flashing a stock kernel. This procedure will allow the actual rooting.
To get the stock firmware rooted, you need a way to install SuperSU or Magisk. These are tools which enable root access to the Android system. To install them, you need TWRP. To run TWRP, you need a kernel, which supports both TWRP and your Android version.
Thankfully you can extract the kernel from the .ftf file, prepared by Flashtool earlier. Then you repack it, integrate TWRP (and DRM fix) into it, and finally flash it to your phone back modified. Sound like a complex task but it's definitely achievable. I did it multiple times mostly without any issues.
At first you should extract the actual kernel from the .ftf file. Reminder: it's in the C:\Users\<Your Windows Username>\.flashTool\firmwares folder and may be titled E6883_32.3.A.0.376_1299-4828_R3D.ftf or something like this. Open it as an archive (right-click on a file, 7-Zip > Open archive) and extract kernel.sin. It's your phone's packed kernel.
If it is packed, obviously you need to unpack it. Thankfully the almighty Flashtool can do this. Open Flashtool, navigate to the Tools > Sin Editor, select a kernel.sin you've just extracted and press Extract data. As a result, you'll get a kernel.elf file in the same directory where your packed kernel is residing. As you may have guessed, kernel.elf is an unpacked kernel. It can be modified, repacked and flashed back to the phone. Let's do this.
You will need a Stock kernel repack script from @tobias.waldvogel. Here is the original thread. Author of the script mentioned, that now it is hosted on GitHub, so let's just grab the latest version from there. Here is the link to the repository. In the upper-right corner there is a Clone or download button you may push it and choose Download ZIP from the menu. The script will be downloaded.
Once the contents of the zip-file with script are extracted to some directory, copy the kernel.elf there and summon command prompt in this directory (right-click in the empty space of this folder in File Explorer with the Shift button pressed and choose Open command window here).
In the command line type the following:
Code:
rootkernel.cmd kernel.elf boot.img
You'll get some questions about adding some features/tools to your kernel, feel free to answer "Yes" (type Y) to all of them. Screenshot for your reference:
If all went smoothly, you'll get a repacked kernel, boot.img in the script folder, supercharged with TWRP and DRM fix, and most importantly, which also supports rooting. Now it is time to flash it to your phone.
ATTENTION! Since the script is mostly unsupported, when new firmware get released, its kernel modules are not getting automagically added to the script package. You will get "Skipping TWRP recovery. No kernel modules for 3.10.84-perf-XXXXXXX available" error due to this. But don't worry, you can extract the required modules yourself from the firmware.
1. Open the FTF-file (firmware you downloaded) with 7-Zip, and extract system.sin file.
2. Open Flashtool, navigate to Tools > Sin Editor, choose this system.sin file, push Extract data. You'll get system.ext4 in the same directory.
3. Use the cool free Ext2Read tool to get into the ext4 filesystem in the system.ext4 (File > Open Image). Linux users can mount this filesystem as usual. Once you get into the filesystem, go to the lib/modules directory and grab the following files from there (Tools > Save):
core_ctl.ko
ecryptfs.ko
kscl.ko
mhl_sii8620_8061_drv.ko
texfat.ko
4. Once you get these files, create the 3.10.84-perf-XXXXXXX folder in the script's Android\twrp_common_kmodules directory. In my case I created 3.10.84-perf-g5e25a09 folder, just as was mentioned in the script's output in the console (when it complained about Skipping TWRP recovery). Copy these 5 files into this newly created folder.
5. Voilà! Re-run the script and see that now TWRP gets properly integrated! Thanks to @sceryavuz for his initial instructions. I just elaborated them a bit.
When all is clear, turn off your phone if it's on and connect it in a Fastboot mode: hold the Volume Up rocker button and connect USB cable. The LED on the phone will turn blue. Release the button.
Flashing images in this mode is typically done with a fastboot.exe from the Android SDK. Android SDK weighs many gigabytes but thankfully you don't need it. Fortunately Flashtool contains fastboot.exe from the SDK. It's in the Flashtool\x10flasher_lib folder. For the brevity of the following steps, I assume you have all necessary files there. To make it true, copy the newly generated boot.img to this folder.
Now Shift-right-click in the empty space of this folder window and choose Open command window here entry from the context menu. Windows console will appear.
At first try this command:
Code:
fastboot.exe devices
If all is good, there will be one device in the output of this command, just like this:
If not, perhaps there is some driver issue, so head back to the step #1 and make sure the drivers are installed correctly.
If your device is shown correctly, let's flash some files to the phone. Execute the following command to flash the modified kernel:
Code:
fastboot.exe flash boot boot.img
The proper output of this command will be like this:
If you get any errors, the first and more likely reason is that you still have a locked bootloader. Head to the step #3 to verify its state and unlock it if necessary.
If there were no errors — congratulations! — you now just flashed a stock kernel supercharged with TWRP recovery and DRM fix. You're almost done! You may plug out the cable from your phone. If you are attentive to the details, you'll notice that now, once your phone is started, its LED turns amber for 2-3 seconds. This is a special signal for those looking to boot into a recovery (TWRP). But you don't have to start your phone yet.
Although @tobias.waldvogel claims his script is able to also integrate SuperSU during the kernel repacking, I didn't managed to get this working, so the SuperSU (or Magisk) installation is a separate step in my guide. The next step.
6. INSTALLING SUPERSU OR MAGISK
Now when you have TWRP in place and latest Android installed, let's install SuperSU to it. SuperSU distributed in a TWRP-friendly .zip archives, so you should copy one to your microSD card. I used version 2.79 from here. Download TWRP / FlashFire installable ZIP, not the APK. At the time of your reading, there probably will be some newer versions available, feel free to install them them instead. Copy the downloaded ZIP-archive to your microSD. Don't bother to unpack the ZIP.
Once SuperSU zip-file is copied to your microSD card, place it into your phone and reboot to recovery (TWRP). To do this restart or power up your phone and look at the LED. Once it lights amber, press Volume Up rocker button and you'll get into recovery — TWRP. In my case it was TWRP v3.0.2-0.
To install SuperSU, press Install, go to the /external_sd and select the .zip (in my case SuperSU-v2.79-201612051815.zip). Swipe right to confirm installation. Once it is installed, press Reboot System button. Phone will reboot twice. Do not interfere with the process during these multiple reboots, the things are getting done, so just wait once Android is started. When it's started, the phone is rooted and functional!
If you would like to install Magisk instead, the instructions are exactly the same. Grab the latest ZIP from the original thread and flash it with TWRP. That's it!
7. (OPTIONAL) RESTORE YOUR DRM KEYS
If you had successfully backed up your DRM keys in step #2, it is now time to restore it back to the device. There is a flash_dk.cmd script shipped with the Root kernel repack script you used in the previous step. flash_dk.cmd can be used to flash the DRM partition back to your phone.
At first prepare the flashable .ftf:
Code:
flash_dk.cmd <ta backup image> dk.ftf
And then flash dk.ftf via Flashtool, just like you flashed the whole firmware in the step #4, but don't wipe anything this time.
8. OPTIONAL STEPS
8.1. Xposed installation
If you use Lollipop and later, you should install Xposed APK from here. At the time of writing there is XposedInstaller_3.0_alpha4.apk installer there.
Once APK is installed, grab the latest .zip from the repository, I've got xposed-v86-sdk23-arm64.zip. Install it in a regular TWRP way covered in step #6.
Once all these steps are done, you should have Xposed Installer app in your phone, and if you open it and check Framework section, if everything is alright, there will be text in green, something like "Xposed framework version 86 is active".
8.2. Resolving Voice Search and random volume up/down issues while using regular headphones
See this thread.
8.3. Disable startup notification if there is a newer firmware available
Some people get annoyed by a persistent notification, which is displayed once the new firmware become available (new Android version from Sony). Rooted users cannot just tap it and update over-the-air, because they need to perform a complex rooting procedure in beforehand (covered in this guide). It is possible to disable this notification. You may get these notifications by email anyway.
The easiest and safest way is to use some autorun manager. I used Autorun Manager Pro and disabled all receivers of system apps com.sonymobile.fota.service, fota update service and Software update. Notification vanished after a restart.
You may even freeze or remove these apps via some app manager like Titanium Backup Pro.
8.4. Disable that damned green LED light while phone is charged and attached to the cable or docked
This is a historic Xperia behavior, not easily fixable without the root. The notorious green LED is on all night no matter which settings you set up. In fact, there is no setting to switch it off.
However, if you are rooted, you can solve this issue easily. One method is to install a free Light Flow - LED Control app. Once it is installed, you need to enable the following settings in the Settings > Device Settings and Root section: Direct mode, Root mode and Run every command as root. Then you can mess around with individual notifications in the Notification settings, but I just cleared all in there and hey! — the annoying green LED is gone!
THAT'S IT
At this point you have a stock Sony Android enhanced with root privileges. SuperSU / Magisk app is also installed, so you are ready to use root right away. SuperSU now can be updated in a regular way via Play Store. Magisk has it's own updating capabilities.
P.S. WHEN NEW FIRMWARE IS AVAILABLE
Once the new firmware is released, you may perform the same procedure for it beginning from the step #4, but if it is a minor upgrade, you may want not to wipe anything during Flashtool flashing this time. If it is a major upgrade, e.g. Marshmallow > Nougat, you probably may want to start with a clean system and wipe all.

Fragmentation said:
Getting your phone recognized by your computer (driver installation).
(optional) Backup your DRM keys.
Unlocking a bootloader.
Flashing stock firmware with Flashtool.
Repacking and flashing a kernel.
Installing SuperSU.
(optional) Restore your DRM keys.
Optional tasks.
Click to expand...
Click to collapse
I'm pretty sure that once you have unlocked the bootloader, the easiest thing at that point is to use fastboot to flash a custom kernel/recovery, then boot to recovery, flash su, then reflash your original kernel. Then you're rooted.
Plus, rooting is easy now even with locked bl, since we have Kingroot, and new Sony bootloader with real recovery.
(However, I can't say for sure on every device... I appreciate you taking the time to post...)

levone1 said:
I'm pretty sure that once you have unlocked the bootloader, the easiest thing at that point is to use fastboot to flash a custom kernel/recovery, then boot to recovery, flash su, then reflash your original kernel. Then you're rooted.
Click to expand...
Click to collapse
Hey. If you'd say this to my mom, I'm sure she'll not understand any of these. And with this guide she at least have some chance of success.

levone1, why at the end would you flash your original kernel again instead of just running your custom kernel that you made like in the guide?

F2a said:
levone1, why at the end would you flash your original kernel again instead of just running your custom kernel that you made like in the guide?
Click to expand...
Click to collapse
If you flash stock-based kernel via boot.IMG in fastboot that will work with your stock ROM, great, keep it. I was just imagining easiest thing to be to flash, for example, CM boot IMG, just to be able to get into recovery to flash su. Usually stock-based kernels are zips, with other things besides just boot IMG. What I've usually done with unlocked BL and stock ROM is use fastboot to flash CM boot and recovery IMG, then go to recovery and flash supersu, then use flashtool to flash kernel only of stock ROM. Once you reboot, rooted, you can do whatever from there.

Which ROM have you flashed to 6883. The Nougat?

levone1 said:
If you flash stock-based kernel via boot.IMG in fastboot that will work with your stock ROM, great, keep it. I was just imagining easiest thing to be to flash, for example, CM boot IMG, just to be able to get into recovery to flash su. Usually stock-based kernels are zips, with other things besides just boot IMG. What I've usually done with unlocked BL and stock ROM is use fastboot to flash CM boot and recovery IMG, then go to recovery and flash supersu, then use flashtool to flash kernel only of stock ROM. Once you reboot, rooted, you can do whatever from there.
Click to expand...
Click to collapse
I am not quite sure what you mean tbh so forgive me if I missunderstand.
stock kernels are not zips they come in .elf hence the use of rootkernel to unpack/repack it to something more manageable. nowadays supersu makes changes to this partition once flashed, so if you flash stock kernel.sin containing kernel.elf again from flashtool changes will be reverted and you loose root.
the easiest way to get into twrp recovery without flashing anything is to just fastboot it.

nigeta_gr said:
Which ROM have you flashed to 6883. The Nougat?
Click to expand...
Click to collapse
Yes, the latest official firmware available for Z5P (E6883) is Nougat (7.0). I flashed it during the assembly of this guide.

I suppose it will work with my E6833 as well.
Fragmentation said:
Yes, the latest official firmware available for Z5P (E6883) is Nougat (7.0). I flashed it during the assembly of this guide.
Click to expand...
Click to collapse

nigeta_gr said:
I suppose it will work with my E6833 as well.
Click to expand...
Click to collapse
I'm sure it will.

Fragmentation said:
At first I created a guide about rooting stock Marshmellow of Sony Xperia Z5 Premium. After some time I realized that it may be useful to users of virtually any recent Sony phone, so here is my Sony Cross-Device general rooting thread. I will mostly copy-paste bits from my previous guide, but using renewed screenshots and firmwares'/tools' versions.
Click to expand...
Click to collapse
Ogromnoye spasibo bratan!
This helped me tremendously, just wanted to say thanks!
FYI, I'm using latest Nougat 333 UK firmware on Xperia X F5121 US version --- so that my fingerprint scanner works. Got stuck in a boot loop after installing TWRP but after reading your thread, I fully understood and fixed the reason why. The root tool from GitHub worked kinda --- meaning I had busybox and others but no su binary I still had to install SuperSU.zip via TWRP to actually have root. You documented a similar experience.

JZ SmartMort said:
Ogromnoye spasibo bratan!
This helped me tremendously, just wanted to say thanks!
FYI, I'm using latest Nougat 333 UK firmware on Xperia X F5121 US version --- so that my fingerprint scanner works. Got stuck in a boot loop after installing TWRP but after reading your thread, I fully understood and fixed the reason why. The root tool from GitHub worked kinda --- meaning I had busybox and others but no su binary I still had to install SuperSU.zip via TWRP to actually have root. You documented a similar experience.
Click to expand...
Click to collapse
You're welcome, zemlyak! Sure, for root you definitely need SuperSU, it just won't work without it this way. It's a shame US versions of Xperias don't have fingerprint scanner activated, but it's cool to hear, that flashing another region firmware helps.

Hi, I followed everything until the part where I need to flash the modified kernel in step 5. There is no error messages. the output is exactly like the screen captures. When I start the phone, I don't see the amber light. I cannot proceed. Where did I go wrong? Appreciate any help available.
Edit: Used a rooted stock kernel from another thread. Seems to work. Still not sure what I missed out though.

viperc said:
Hi, I followed everything until the part where I need to flash the modified kernel in step 5. There is no error messages. the output is exactly like the screen captures. When I start the phone, I don't see the amber light. I cannot proceed. Where did I go wrong? Appreciate any help available.
Edit: Used a rooted stock kernel from another thread. Seems to work. Still not sure what I missed out though.
Click to expand...
Click to collapse
Hey. If the phone don't turn on amber light for a while during the boot up, then TWRP is not there.
If you used the kernel repack script I mentioned in the guide with a very recent Sony's firmware, probably you didn't notice, that TWRP has not been integrated into the kernel due to some error. It is because this script should be frequently updated to work with any newly released firmware, and Tobias, its author, apparently have not time to do this.
However, you can update the script yourself, following this procedure.

viperc said:
Hi, I followed everything until the part where I need to flash the modified kernel in step 5. There is no error messages. the output is exactly like the screen captures. When I start the phone, I don't see the amber light. I cannot proceed. Where did I go wrong? Appreciate any help available.
Edit: Used a rooted stock kernel from another thread. Seems to work. Still not sure what I missed out though.
Click to expand...
Click to collapse
I don't have the amber LED light on boot up on my X Compact but everything works fine. I can't seem to find it but I recall reading somewhere an actual reason why I didn't see it but as far as I know it's not a problem.
Edit: Simple check, reboot and hold volume down. Do you enter TWRP? I do even though I never see the amber led.

F2a said:
I don't have the amber LED light on boot up on my X Compact but everything works fine. I can't seem to find it but I recall reading somewhere an actual reason why I didn't see it but as far as I know it's not a problem.
Edit: Simple check, reboot and hold volume down. Do you enter TWRP? I do even though I never see the amber led.
Click to expand...
Click to collapse
Maybe it wasn't a proper kernel for your rom or device, I also experienced some errors including yours but at last (after 12 try) I found a working kernel for me. I really don't know what the problem is, sometimes it just doesn't work...

Fragmentation said:
Hey. If the phone don't turn on amber light for a while during the boot up, then TWRP is not there.
If you used the kernel repack script I mentioned in the guide with a very recent Sony's firmware, probably you didn't notice, that TWRP has not been integrated into the kernel due to some error. It is because this script should be frequently updated to work with any newly released firmware, and Tobias, its author, apparently have not time to do this.
However, you can update the script yourself, following this procedure.
Click to expand...
Click to collapse
Thanks. I will look into that again when my region's Sony release the latest firmware.
F2a said:
I don't have the amber LED light on boot up on my X Compact but everything works fine. I can't seem to find it but I recall reading somewhere an actual reason why I didn't see it but as far as I know it's not a problem.
Edit: Simple check, reboot and hold volume down. Do you enter TWRP? I do even though I never see the amber led.
Click to expand...
Click to collapse
Interesting, didn't try that lol. I used another pre-rooted sick kernel to flash after my attempt failed. I can see the amber led now with the other kernel.

Tried again after re-downloading the script. It's working now. Thanks.

if not do drm-fix, and flash dk.ftf with old flashtool, the result is" FIDO KEYS NOT PROVISONED PROVISION FAILED"
any way to fix this?

This thread is a complete guide and must be sticked, Thanks :fingers-crossed:
You should add backupTA-V2 for Lollipop devices..
Thread : https://forum.xda-developers.com/crossdevice-dev/sony/universal-dirtycow-based-ta-backup-t3514236
iovyroot method is very old..

Fire TV 3 (needle/stark): TWRP

Disclaimer: If you go through with this and encounter issues, I (or the others here) will try to help you, but the risk is all yours.
I see a few posts mentioning TWRP for the AFTV3, so here it is for the pendant (needle): link. Extract twrp.img from the archive, copy it to /sdcard, and flash as follows:
Code:
adb shell
su
dd if=/sdcard/twrp.img of=/dev/block/recovery
Note: You will need a Y (OTG) cable to connect a mouse and/or a keyboard.
I have tested this on the pendant (needle), but it should also work for the cube (stark).
You can also boot or flash this from fastboot (reboot bootloader or run from aml_reboot in the root thread) if you so desire.
To enter recovery from a terminal running on the AFTV3:
Code:
reboot recovery
To enter recovery from ADB:
Code:
adb reboot recovery
For those interested, here's what I did:
-- Rather than build from scratch, I used an existing TWRP for Amlogic's S905X as the base. Quite a few of them are here.
-- You can't just use a random TWRP and expect it to work on the AFTV3 (due to hardware and partition mismatch). I first replaced (and repacked) the ramdisk with that from needle's boot image (using magiskboot).
-- While TWRP booted up, USB OTG was absent. Without OTG, TWRP is not of much use (w/o OTG, I used openrecoveryscript as a workaround). Turns out the random TWRP images lack the correct USB modules. I extracted the correct modules from the AFTV3, copied them to the TWRP image, and everything works.
If something doesn't work, please post here.

Great job, i flashed it from fastboot.
adb reboot bootloader (or install a app that will reboot into bootloader)
fastboot flash recovery C:\(this TWRP version)
Seems to be functional.
the old Firestick 1's you could control the mouse from a adb shell. I dont know how to make that functional for those without a OTG.

Confirmed, it works on the cube (stark) as well...

That's really a great job. As stated here: https://forum.xda-developers.com/showpost.php?p=78958467&postcount=165 I (hopefully soft) bricked my pendant trying to install Google services. Now it just reboot at the white amazon logo. Ordered a OTG cable to test TWRP but was trying random versions. Now this confirmed woirking version is a life saver to me. Now I just have to find a way to remove the offending google service apk.
Thanks again.

Sorry to bother again.
I still have my pendant in bootloop (bad google service installation).
Tried OTG cable but using it doesnt let me go in fastboot mode and I dont know how to navigate in recovery without it.
Since now the pendant is rooted and can recover OTA files maybe my next attempt could be to try to find a .bin rom file and flash it using fastboot?
If so does anyone know if there is such a file yet (pre rooted version should be great)?
Thanks.

Does anyone know where to get the updated firetv3 roms? with TWRP now i would like to attempt updates.

Michajin said:
Does anyone know where to get the updated firetv3 roms? with TWRP now i would like to attempt updates.
Click to expand...
Click to collapse
None available yet, but there are a couple of methods by which we may obtain them.
The first one has some risk involved. you would have to re-enable OTA updates and allow the device the check for and download the current version
and then again disable the OTA update apps. Then pull a copy of the update from the device before clearing the cache.
I have noticed that as long as the device is busy, say running a sideloaded app, it will not initiate a downloaded update.
The second is dependent upon if the individual will help us. There is a member on this forum who has modified the DeviceSoftwareOTA.apk for OS 5
that allowed update check and download to stay enabled because the installation procedure was removed from the APK. So you could simply pull the
update from the cache at any time. I will pull a copy from OS 6 and post it today and see if he would be willing to assist.
I'm with you, I'd like to update mine as well after seeing some of the changes that have been posted.

2WhlWzrd said:
None available yet, but there are a couple of methods by which we may obtain them.
The first one has some risk involved. you would have to re-enable OTA updates and allow the device the check for and download the current version
and then again disable the OTA update apps. Then pull a copy of the update from the device before clearing the cache.
I have noticed that as long as the device is busy, say running a sideloaded app, it will not initiate a downloaded update.
The second is dependent upon if the individual will help us. There is a member on this forum who has modified the DeviceSoftwareOTA.apk for OS 5
that allowed update check and download to stay enabled because the installation procedure was removed from the APK. So you could simply pull the
update from the cache at any time. I will pull a copy from OS 6 and post it today and see if he would be willing to assist.
I'm with you, I'd like to update mine as well after seeing some of the changes that have been posted.
Click to expand...
Click to collapse
Would the update fail anyway if I replaced Amazon recovery with TWRP?

Michajin said:
Would the update fail anyway if I replaced Amazon recovery with TWRP?
Click to expand...
Click to collapse
No, TWRP would be over written by an OTA update.

2WhlWzrd said:
No, TWRP would be over written by an OTA update.
Click to expand...
Click to collapse
you sure about that? i just screwed up and was rooting my "tanks" and forgot to update one. Then i took the update, it ran the amazon update though open recovery TWRP and updated. Booted without issues, i know its a firestick2, but almost thinking i should test on a pendant...

Michajin said:
you sure about that? i just screwed up and was rooting my "tanks" and forgot to update one. Then i took the update, it ran the amazon update though open recovery TWRP and updated. Booted without issues, i know its a firestick2, but almost thinking i should test on a pendant...
Click to expand...
Click to collapse
There is a difference between writing outside of TWRP and with TWRP, it's hard to overwrite something that's doing the writing.
If you read in the first post of the tank rooting thread, the author explicitly states: "Only ever flash boot/recovery images using TWRP",
anything outside of that will not be root aware. Better to be safe, than sorry.

How may I get the "su". It said, I don't have permision.

eSephiroth said:
How may I get the "su". It said, I don't have permision.
Click to expand...
Click to collapse
Open Magisk Manager, Select the Menu in the top left corner.
In the sidebar navigate to "Superuser", you should see "com.android.shell".
Toggle the switch to right to enable it.

2WhlWzrd said:
Open Magisk Manager, Select the Menu in the top left corner.
In the sidebar navigate to "Superuser", you should see "com.android.shell".
Toggle the switch to right to enable it.
Click to expand...
Click to collapse
If you didn't root the device, how can you have superuser?

eSephiroth said:
If you didn't root the device, how can you have superuser?
Click to expand...
Click to collapse
I assumed you were already rooted. Since you are not, start here:
[ROOT] Rooting the FireTV Cube and Pendant with FireFU
Anything from firmware 6.2.5.8 and up, the exploit has been patched.

This is the most complicated root method I have ever seen. Mine is 6.2.8. too bad.

eSephiroth said:
This is the most complicated root method I have ever seen. Mine is 6.2.8. too bad.
Click to expand...
Click to collapse
This isn't the root thread. But yeah, it's the only thing we've got for these devices, so we make it work

Hi,
I was able to recover my Pendant using a finally working OTG cable and using mouse with your TWRP and finally delete the offending google.gsm app so thanks a lot for that.
The only thing I noticed is that adb doesn't work for me once booted into TWRP (I wanted to use adb backup to backup bigger partitions directly to my PC). Is that just my issue or it's happening for everyone?
Thanks.
Pino.

moving it to the right place.

anyone have interest in the update files? If i turn on my update, download the update, but before rebooting copy the .bin file to a different folder, delete from the cache folder then disable updates again. I can share the file if anyone wants it to see if we can modify to keep root and update? I am thinking i might download it, move it and change it to a .zip, then reboot into TWRP. Flash the update and flash magisk before a reboot. Anyone have thoughts about risk of a BRICK?

[Guide]How to Root Your Pixel 3a and Install Magisk - Android 9 - 12

Edit - just an FYI for complete transparency. I have moved from the Pixel 3a XL to the Pixel 6. I no longer own my Pixel 3a XL. While I've been told (thanks @AndDiSa) that the root process for Android 12 is the same as it historically has been, I no longer can test things myself. (The root process for the Pixel 6 is different and more complicated than this phone). If you run into any problems or issues, please post in this thread and someone will hopefully be able to answer them.
I'm assuming you understand how to use ADB on your computer. If you need assistance with installing or using ADB, please refer to this XDA article for more information. However, here are some common issues that people have with ADB if it doesn't work initially for you. 1) Check the Android System Notification that appears in your phone's notifications after you plug in your USB cord. Your phone probably defaults to "No data transfer" and you need to change it to "file transfer" to allow the phone to connect. 2) Make sure you have USB debugging turned on in the Settings/System (advanced)/Developer options. 3) If this is your first time using this phone/computer combination, you will have to accept the connection when it pops up on your phone.
You also need an unlocked bootloader to complete these steps. If you need assistance with unlocking your bootloader, here is decent set of instructions. Those instructions are based on the Pixel 3 phone, but the steps are the same for the 3a devices.
Here are the official Magisk installation instructions. I will walk through them to help everyone understand them. Please note that while TWRP does work with Android 9 (Pie), it does not work currently with Android 10 or 11. If you are still on Pie for some reason you can choose either installation option, but if you have moved to a later Android version, you must use the "Boot Image Patching" installation method.
Custom Recovery Installation Method - (available for Android Version 9/Pie only because TWRP does not work currently with the Android 10/11)
This is the easier installation method IMHO, but it does require using TWRP. If you don't know how to get TWRP for the Pixel 3a, please refer to the official TWRP for Pixel 3a thread
Step 1 - Download and install the Magisk manager app on your phone. (link to the latest stable version can be found here).
Step 2 - Using the Magisk manager app, select "Install Magisk" and select the "Download Zip Only" option. This simply downloads the installation zip to your phone's download folder. It doesn't attempt to install anything.
Step 3 - Boot into TWRP - (because TWRP is not permanent on the stock Pie OS, we must follow these instructions each time we want to boot into TWRP).
Step 3a - Download the latest TWRP image for the 3a to your computer (not your phone) from the official TWRP for 3a thread.​Step 3b - Connect to your phone via ADB on your computer. You should see the device listed if you type the command "adb devices".​Step 3c - Boot your phone into the bootloader (type the command "adb reboot bootloader").​Step 3d - Boot into TWRP using this command, "fastboot boot twrp-3.x.x-x.img" (where "twrp-3.x.x-x.img" = whatever the name of the TWRP download is). Please note you are not using the "flash" command as we are not permanently installing TWRP.​Step 4 - Once the device boots into TWRP, select "Install" and then find the Magisk.zip download from step 2. Swipe to confirm the installation
Step 5 - After the installation is complete, simply reboot system.
Step 6 - Enjoy your rooted phone and install any Magisk modules that appeal to you
Step 7 - Be sure to turn off the "Automatic System Updates" setting found in Developer settings (Settings /System (advanced) /Developer Options). This will prevent the phone from automatically installing an OTA update and instead allow you to follow the steps listed under the "Taking an OTA Update" section below
The Boot Image Patching Installation method - (the only method currently available under Android 10, 11 or 12, but it also works with Pie).
Use this method if you are on Android 10 or 11 or you are on Android 9/Pie but you don't want to or can't use TWRP.
Step 1 - Obtain a stock boot.img file for the OS version/update that you are currently on. The easiest method is probably to download the applicable full stock image directly from Google. Unzip the files and unzip the second folder and you should find the boot.img file inside.
Step 2 - Copy the stock boot.img file to your phone's storage - probably to /sdcard or to /sdcard/downloads
Step 3 - Download and install the Magisk manager app on your phone. (link to the latest version can be found here). If you are early in the Android 12 cycle, you probably need to use a Canary build of Magisk.
Step 4 - Using the Magisk manager app, press "Install --> Install --> Select and Patch a File" - select the stock boot.img file that you put on your phone in step 2.
Step 5 - Magisk will modify the stock boot.img file and create a patched boot image file. It will save this modified file at "sdcard/Download/magisk_patched.img"
Step 6 - Connect to your phone via ADB on your computer. You should see the device listed if you type the command "adb devices".
Step 7 - Copy the patched boot image from your device to your PC and the adb folder. If you can’t find the file on your phone via MTP or Windows Explorer, you can pull the file by typing the command "adb pull /sdcard/Download/magisk_patched.img" - Please note, I would suggest double checking the "file modified date" prior to moving the file. Be sure to only move the file if it was last modified on the date you are doing this. I've had a strange situation before where the newly modified file didn't immediately show up and the file showed a modified date of the previous month. If you flash an old version, your phone will bootloop.
Step 8 - Boot your phone into the bootloader (type the command "adb reboot bootloader").
Step 9 - Flash the patched boot image to your device using this command, "fastboot flash boot magisk_patched.img"
Step 10 - Reboot (using command "fastboot reboot").
Step 11 - Enjoy your rooted phone and install any Magisk modules that appeal to you
Step 12 - Be sure to turn off the "Automatic System Updates" setting found in Developer settings (Settings /System (advanced) /Developer Options). This will prevent the phone from automatically installing an OTA update and instead allow you to follow the steps listed next.......
Taking an OTA update in the future (if you used this method to install Magisk).
Taking OTA updates is very easy with the Pixel devices because of their A/B partition system. It allows us to uninstall Magisk, take the OTA update, and reinstall Magisk - all from the phone and all without rebooting during the process. Here are the offical Magisk OTA instructions. I will go through the steps to help explain them.
Step 1 - In the Magisk manager app: Click “Uninstall” then “restore images”. DO NOT REBOOT or press the reboot button.
Step 2 - Download and install OTA (in your phone's Settings/System/System Update). DO NOT REBOOT or press the reboot button.
Step 3 - Open the Magisk manager app and click “Install” next to Magisk (usually it says "Magisk is up to date") then “Install to second/inactive slot (After OTA)”
Step 4 - Press the Reboot button in Magisk.
That should be all it takes to install an OTA and keep root.
Please note, we are getting reports that users are getting notifications that an OTA update has been installed even when they have "Automatic Updates" turned off. If this happens to you, don't reboot the phone which is suppose to be the final step in the update process. Instead, follow the above instructions on taking an OTA update, but start in step 3. In other words, you shouldn't have to uninstall Magisk because the update has already been installed. All you need to do is install Magisk to the "second/inactive slot (After OTA)”. After completing that step, you can reboot your phone to complete the update process. Be sure to post your experiences in this thread to let us know if this process works or not.
Just remember that many custom parts (like kernels and Magisk modules) may need to be updated to any new OTA version. Please be sure to check out the forums for each custom kernel or module that you may want to install to ensure it has been updated to the lastest OS version. Don't assume anything or you may find yourself in a bootloop.
If you find yourself in a bootloop after upgrading an already rooted phone
If you find yourself in a bootloop after updating to a new OS version and flashing the magisk_modified boot.img again, it is likely due to an installed Magisk module not being compatible with the new update. To uninstall all Magisk modules to fix the bootloop, follow these steps:
Step 1 - Connect your phone to the computer you use ADB on.
Step 2 - In ADB type the command "adb wait-for-device shell magisk --remove-modules"
Step 3 - Start your phone again or wait for it to go through another bootloop cycle.
Step 4 - as soon as ADB is available (which occurs even during a bootloop) the command will activate, the modules will be removed, and the phone will reboot.
If the normal OTA method isn't working - sideload the OTA update
Taking an OTA update should be as easy as the above instructions. However there is another option available to install an OTA update called sideloading. Sometimes the update doesn't appear on the phone in a timely manner and you may want to manually install the update. Other times the OTA update seems to fail for some reason. In the end, you may decide to sideload the OTA instead of trying get it via the update feature on the phone. Surprisingly, it's actually faster to install the update via sideloading than it will be to take the OTA normally. I'll walk through the sideloading steps.....
Optional Step 1 - Uninstall Magisk (so that it restores the stock boot.img). If you find yourself unable to boot into recovery, you will have to restore the stock boot.img. I've run into this issue on a couple Android 10 images, but most do not require this step.
Step 2 - Download to your computer the correct OTA image from here
Step 3 - Connect to your phone via ADB on your computer. You should see the device listed if you type the command "adb devices".
Step 4 - Boot your phone into recovery (type the command "adb reboot recovery").
Step 5 - The phone will have a green android robot with a red sign over it's open access panel. Press the power button and then the volume up button while still holding down the power button.
Step 6 - Select "Apply update from ADB" using the volume buttons to highlight the choice and the power button to select it to enter the sideload mode.
Step 7 - Using your computer, type "adb sideload ota_file.zip" where ota_file.zip is the name of the OTA file you downloaded in step 2.
Step 8 - Once the update finishes, reboot the phone to complete the update process. (See note below about initial boot times).
Step 9 - To obtain root again, please use one of the two root methods listed above
Please note, while the initial boot is usually pretty quick, it can take longer. I've occasionally seen the process take upwards of 20 minutes and longer. I think part of the reason it can take so long is that sometimes it optimizes the apps during this boot process. The more apps you have, the longer the process may take. When you take an regular OTA update, the phone will change to a screen where is specifically tells you it is optimizing the apps and counts up as the apps are optimized to give you status updates. When you use the side-load method, it all happens with just the regular boot animation running and without any status updates. Because of this, it is easy to assume something has gone wrong with the boot process while in fact the phone is working through the process normally. If it isn't boot looping (showing the initial power screen before moving back to the boot animation), everything is fine and you just need be patient and let the phone complete the process.
My rant about using these "Pre-patched Boot image" files
I started this thread during a period of time where there was a another thread on this forum started by pbanj that showed users how to root their phone by using some pre-patched boot image files. This method is not the generally accepted method and while it works, there are major shortcomings with it (see explanation below). Because it was the only root thread available at the time and he only showed the "pre-patched boot image" method, many people blindly followed his directions only to be confused when it came time to update the software on their phones. I wrote this thread in an effort to show people the official Magisk installation method. Pbanj has since updated his thread and it now includes the preferred method as well. With his edits, the two threads are sharing the same information now, although Pbanj thread still offers people the "pre-patched boot image" method (which I don't recommend people using).
EDIT - Yet another thread pushing a pre-patched root method has been started. It suffers the same issues as listed below.
Shortcomings with using the "pre-patched boot image" method.
As I already mentioned, there is a huge shortcoming with using the "pre-patched boot image" method described in the other root thread. Because he provides a pre-patched boot.img file, you skip some normal installation steps. In the end you have the exact same patched file (which is why his method works), but you cripple the system when it comes to taking any future OTA. That's because the first step in taking an OTA update is having Magisk reflash the stock boot.img effectively uninstalling itself. This step fails if you used his pre-patched boot image method because you skip the step where Magisk creates the backup of the stock boot.img that it needs to uninstall itself.
I already used the "pre-patched boot image" method to gain root. What can I do?
First, let me clarify and say that there is nothing wrong with your phone or root privileges. Your phone will work exactly as expected and root and Magisk will work exactly as expected. That being said, in the near future you will want to update your phone to the latest Android update and this is where the "pre-patched boot image" method is much more cumbersome. The best option is to simply undo his root method and re-root using the method described above. To do this, flash the correct stock boot.img file to your boot partition and then follow the steps above to reinstall Magisk. Jbanj has confirmed this method will work. The other option is just wait until you need to take an update and then sideload the OTA update following the instructions above. This will remove root and you can then follow one of the two methods to obtain root as outlined in this thread.
Notes
- Please be sure you are on the latest adb and drivers which can be found here.
- You do not need to keep the stock boot.img file (from step 2 of the Boot Image Patching method) on your phone after completing these steps. Magisk saves the stock boot.img backup at /root/data in a file with the name "stock_boot_XXXXXXXXXXXX.img.gz"
Thanks to.......
@ZVNexus for getting TWRP working on the 3a and 3a XL phones
@topjohnwu for making Magisk what it is today

Made it to step 7/8, went to reboot, and entered bootloop. Not sure exactly what happened, gonna fix this and give it another go.
EDIT: Should I be flashing in fastboot or recovery mode?
EDIT 2: Working! Thanks!

You know there are more ways to skin a cat, right? This is another method to acquire root. I don't think you need to bash the work that pbanj has done. He provides modified boot.img and also offers help on getting it working. I think acting like your method is the only acceptable way to gain root is extremely pompous and arrogant.
Sent from my Pixel 3a using Tapatalk

jmtjr278 said:
You know there are more ways to skin a cat, right? This is another method to acquire root. I don't think you need to bash the work that pbanj has done. He provides modified boot.img and also offers help on getting it working. I think acting like your method is the only acceptable way to gain root is extremely pompous and arrogant.
Sent from my Pixel 3a using Tapatalk
Click to expand...
Click to collapse
I don't think that this method is the only way to get root, nor is this "my method". It is however the method spelled out by the Magisk developers and it is the only method that uses Magisk strengths when trying to take an OTA update.. I'll simply leave it at that......

sic0048 said:
I don't think that this method is the only way to get root, nor is this "my method". It is however the method spelled out by the Magisk developers and it is the only method that uses Magisk strengths when trying to take an OTA update.. I'll simply leave it at that......
Click to expand...
Click to collapse
Sure. It's the way I do it also. But show some class and don't call out other, helpful members in this fashion and crap all over what they do. I have seen your posts and know your a helpful members also, let's respect each other and be classy.
Sent from my Pixel 3a using Tapatalk

@sic0048
Thank you. I got to admit it was pretty tense for a while. Thanks to you I made it. Had to do a sideload, had to do some stupid things but I made it. Now, I got through all the steps and I have two items; Having done this transition can I now do the magisk-uninstall-restore images for all future OTAs and is step 9 performing the magisk install process a second time?

Bankuu said:
Made it to step 7/8, went to reboot, and entered bootloop. Not sure exactly what happened, gonna fix this and give it another go.
EDIT: Should I be flashing in fastboot or recovery mode?
EDIT 2: Working! Thanks!
Click to expand...
Click to collapse
I've edited the steps and added a few more going into greater detail to try and make it even clearer for users. Let me know if you have any suggestions.

alliance1975 said:
@sic0048
Thank you. I got to admit it was pretty tense for a while. Thanks to you I made it. Had to do a sideload, had to do some stupid things but I made it. Now, I got through all the steps and I have two items; Having done this transition can I now do the magisk-uninstall-restore images for all future OTAs and is step 9 performing the magisk install process a second time?
Click to expand...
Click to collapse
You should be able to use the normal Magisk OTA update instructions for future updates.
I've updated the thread and I think the "step 9" you listed isn't the same anymore, but I think I understand your question. Actually I think my original instructions were inaccurate as far as that step. I've always gone back into Magisk after flashing the modified boot.img and I thought I hit install to install the Magisk framework (if that is the correct term). But after reading some other guides, I think my memory is incorrect and you don't really have to install anything after the flashing portion of the steps.
Once you reboot after flashing, that should be all you have to do. I'll uninstall Magisk here in a while and walk through the steps myself to ensure this is correct howeve.

The OP should be made a sticky.

Cool guide. Can the method be applied to Q beta 4 ?

MPAI said:
Cool guide. Can the method be applied to Q beta 4 ?
Click to expand...
Click to collapse
No root for Android q on our devices yet afaik.
Sent from my Pixel 3a using Tapatalk

@sic0048
Should we keep the stock boot image copied to the phone storage in step 2? Is this where Magisk will look for it to do an image restore?

alliance1975 said:
@sic0048
Should we keep the stock boot image copied to the phone storage in step 2? Is this where Magisk will look for it to do an image restore?
Click to expand...
Click to collapse
You do not need to keep the stock boot image that was copied over in step 2. Magisk saves the backup of the boot.img at /root/data. It will have the name "stock_boot_XXXXXXXXXXXXXXXXXXX.img.gz"

sic0048 said:
You do not need to keep the stock boot image that was copied over in step 2. Magisk saves the backup of the boot.img at /root/data. It will have the name "stock_boot_XXXXXXXXXXXXXXXXXXX.img.gz"
Click to expand...
Click to collapse
Thanks sic0048. You put up with my dumb questions and helped make my pixel 3a a great phone.
Respect.

Edited - now that jbanj has confirmed we can simply flash the stock boot.img file to the boot partition and start over, the post I originally had here is pointless.
Alliance's question got me to thinking.....
Since Magisk saves the stock boot.img backup at /root/data in a file named "stock_boot_XXXXXXXXXXXX.img.gz" I wonder if we can't simply share a backup file with someone that used jbanj "modified boot image" method and have them copy it to that location. I suspect Magisk will then allow the normal OTA update prceedures to work.
I can share the backup file that I have, but it is for the 3a XL model, Android version 9 (Pie) and the June 5, 2019 security update. That means it will be next month before there will be another OTA update pushed out.
If someone is still on the OEM March update and rooted using the normal directions and is willing to share their backup file, we might be able to try it sooner.
Unfortunately I don't know if Magisk modifies the backup to be some sort of unique file. I doubt it, but I don't know for sure. Of course worse case scenario is that it doesn't work and the person has to flash the OTA manually - which is no different than what they would have to do anyway. So there really isn't much risk in trying this.

MPAI said:
Cool guide. Can the method be applied to Q beta 4 ?
Click to expand...
Click to collapse
Wondering the same thing. I know the OTA is rolling out again today IIRC. But I also read something about root not being available on Q yet, so not sure how that would work out.

Bankuu said:
Wondering the same thing. I know the OTA is rolling out again today IIRC. But I also read something about root not being available on Q yet, so not sure how that would work out.
Click to expand...
Click to collapse
Google has changed the file structure in the Q beta 4 release and root is not possible at this time. This is true across all devices (not just the Pixel 3a). I know John Wu (the Magisk developer) is working on a solution and I would expect to see results before Android 10 is released, but only time will tell.
However, at this time there is no root on the Q beta 4. If you need root, you will have to stick to Pie for now.

@sic0048 I've updated my thread

I'm getting weird behavior here that I've been able to replicate.
Bottom line, if you use the Magisk patch method, upon flashing that boot image, your phone will auto-play music every single time it boots up. That's incredibly annoying.
Uninstall and go back to stock boot.img, and it goes away. Flash again, it's right back.

Guess I'll just wait for TWRP instead of going through those steps again, lol.