This thread contains a tutorial on how to patch boot.img on Samsung Lollipop devices and achieve root with a stock firmware. The tutorial is intended for those who wish to make their own boot.img for their specific firmware. For the rest, a patched boot.img for each device variant is attached. Simplified instructions for flashing with these patched images is first, followed by the tutorial.
NOTES!
1: YOU MUST EXTRACT THE .IMG FILE FROM THE TAR AND FLASH WITH TWRP. For some reason flashing with ODIN does NOT work with the images attached to this thread.
2: To make ODIN tars, look at @drExel's post here.
3: In most variants, TWRP 2.8.7.0 appears to work, though there are some issues. On some devices, it takes a REALLY long time to boot into TWRP, making you believe the device has frozen, but just give it time and it will load eventually. On other devices, TWRP loads, but touch does not work. In these cases, the S-Pen works without any problems (but is very sensitive). Some users have posted alternate TWRPs that work properly; search the thread for this. I am not including it here because I have not personally tried these versions myself.
4: Since this issue came up multiple times, though it is mentioned in the instructions below, I am stressing this once again. DO NOT ALLOW TWRP TO AUTOMATICALLY INSTALL SUPERSU WHEN YOU HIT REBOOT. THIS WILL CAUSE A BOOTLOOP, GUARANTEED! YOU MUST FLASH THE BETA 2.52 SUPERSU MANUALLY AFTER FLASHING THE PATCHED BOOT.IMG AND CONFIRMING THE DEVICE WORKS PROPERLY!
5: If you take the time to read the entire thread, you will find redirects to other kernels, firmwares and more. I am sure they are excellent, but having not used any of them, I cannot vouch for the outcomes if you flash them. All information related to the other firmwares and any questions you have about them are best served by going to their dedicated threads. This thread is ONLY for a pure stock firmware with only the boot.img patched to permit root, and nothing else touched.
6: XPosed Framework does not work yet for TW LL, but @wanam has an unofficial version here that various members have reported works quite well.
7: Knox WILL be tripped. If you care about Knox, leave now and do not come back!
Simplified Instructions
The thread originally began as a pure tutorial, with only the P607T image. But given the requests others had, and my need to confirm that this works on all variants, I made more patched images. No 'simple instructions' were available earlier because this was not intended for end-users who might flash and find that it does not work. Now that all the images are confirmed working, and we have tested on all variants, here is a simplified set of instructions for those who just wish to flash and do not care what they are flashing.
1: Update to fully stock 5.1.1 for your device. Whether it is OTA or ODIN flash using a firmware from sammobile or elsewhere does not matter. You start with a fully stock device running 5.1.1.
2: Download the appropriate patched_boot.img for your device. They are attached as tar files due to XDA size restrictions, so you must untar and then save the .img file to your device. Also download SuperSU Beta 2.52.zip and save it as is to the same folder on your device where you put the .img file.
3: Download TWRP 2.8.7.0 for your device and flash it with ODIN. To get TWRP to stick, when the device reboots, you must go directly into recovery. If the device reboots normally, TWRP will be replaced by the stock recovery. There are guides on how to flash TWRP and you should go look at them if you are unsure how to do this.
4: Once you are in TWRP, go the Install area. The default is for installing .zip files. At the bottom right of the screen, you will see a button to change to Images. Hit this. Then select the patched_boot.img file that you saved on your device in the previous step. When you hit install, TWRP will ask you whether this is a boot image or a recovery image. Select Boot. Let TWRP do its thing. When done, go back and hit reboot. TWRP will volunteer to install SuperSU for you now. SAY NO TO THIS. If you accept this install, your device will bootloop and you have start all over again!
5: Make sure the device rebooted without any problems. You will see a red "Kernel SEAndroid Not Enforcing" message when you reboot. Ignore it, it just means that the patched boot.img is working. Once you have confirmed that the device is able to boot properly with the patched boot.img, reboot into recovery again. Go back to Install, this time, stick with Zip mode and install the Beta SuperSU 2.52.zip that you saved to your device. Reboot.
6: If you followed instructions properly, you will reboot without any problems. Run SuperSU, allow it to update if it wants to, and to disable knox if you want to. You have a rooted device now with a virgin firmware.
7: This process has worked for enough people now that any errors are user errors. If you are bootlooping after following these instructions to the letter, you should do a full factory reset and try from scratch. A previous incorrect flash of SuperSU that caused a bootloop seems to persist even if you reflash the stock firmware and messes things up. Always perform a clean install!
Tutorial to patch your own boot.img
This section is NOT meant for the non-technical end-user who "... just wants root ... "
So far, it seems the only way to get root on the 5.1.1 Firmware was to flash a permissive kernel that disabled SEAndroid completely. This is a bit like killing the patient to cure the disease. @Chainfire describes a 'trick' to get root with a fully stock kernel on this thread. Special Thanks to @garyd9 and @SHM for helping me get everything working properly.
Part 1:
1) Extract boot.img from your device's stock firmware.
2) Unpack the boot.img to get access to the ramdisk.
3) Copy the sepolicy file from the ramdisk. You will be patching this file to make the usual SuperSU method work again.
The stock image can be extracted from the firmware using any archive tool. To unpack the boot.img, you can take a look at the following threads for tools and instructions.
Carliv's Kitchen : Windows, very beginner friendly.
SHM's Toolset : I used this on Linux.
copy sepolicy from the ramdisk folder to your adb folder (If you are on Windows and using Minimal ADB and Fastboot; I am assuming linux users don't need to be told what to do here )
Part 2:
1) Connect an already rooted device running 4.4+ firmware & SuperSU Beta 2.50+ to your system. Make sure you have adb access.
2) Push the sepolicy file to the device.
3) Run supolicy on the sepolicy file to patch it.
4) Pull the sepolicy file back to your computer.
I used my rooted Note 2 to get the job done. ANY rooted device that permits adb should do the trick, but it needs to be on 4.4+ firmware and running SuperSU Beta 2.50+.
Once you have an adb connection established, do the following (this is from Chainfire's thread referenced at the beginning):
Code:
adb push sepolicy /data/local/tmp/sepolicy
adb shell su -c "supolicy --file /data/local/tmp/sepolicy /data/local/tmp/sepolicy_out"
adb shell su -c "chmod 0644 /data/local/tmp/sepolicy_out"
adb pull /data/local/tmp/sepolicy_out sepolicy_out
Part 3:
1) Replace the sepolicy file in the stock ramdisk with the newly patched sepolicy file.
2) Repack the ramdisk.
3) Make a new boot.img with the stock kernel and repacked ramdisk.
4) Flash new boot.img on your Note 10.1. Reboot, make sure everything is working.
Replace the sepolicy in the ramdisk with the sepolicy_out file that you pulled from your reference device. This means RENAME sepolicy_out and overwrite the original sepolicy file.
Repack the ramdisk using the instructions that came with your tool.
Make a new patchedboot.img file using the instructions that came with your tool.
Copy this patchedboot.img file to your Note 10.1, reboot into TWRP, go to the install zip section, toggle image mode, flash the patchedboot.img file and reboot the device. DECLINE TWRP's friendly offer to install SuperSU for you. This will cause a bootloop!If the device reboots successfully, pat yourself on the back. At this point, all you have done is patched the sepolicy to allow rooting, but you have not yet rooted the device.
Part 4:
1) Use TWRP to install SuperSU Beta 2.50+ (I used 2.52)
2) Reboot
Copy SuperSU Beta 2.50+ (I used 2.52) to the device, reboot into TWRP and install SuperSU. Reboot for rooted Note 10.1 running a Stock Kernel and no compromised SEAndroid. Of course, it goes without saying, this will trip knox. Also, please note that XPosed is not out for 5.1.1 yet, at least not officially. @wanam has an unofficial version here that various members have reported works well.
Hey, So at what step in this do I start if I dl'ed the Patched boot img? Thanks in advance.
icemanscion said:
Hey, So at what step in this do I start if I dl'ed the Patched boot img? Thanks in advance.
Click to expand...
Click to collapse
Part 3, Step 4:
Flash new boot.img on your Note 10.1. Reboot, make sure everything is working.
Copy this patchedboot.img file to your Note 10.1, reboot into TWRP, go to the install zip section, toggle image mode, flash the patchedboot.img file and reboot the device. If the device reboots successfully, pat yourself on the back. At this point, all you have done is patched the sepolicy to allow rooting, but you have not yet rooted the device.
Click to expand...
Click to collapse
In TWRP, when you hit Install, on the bottom right, you will see an option for Images. Select that and when you goto the folder with your img, you should see the new img you copied on to your device. Continue with Part 4 for full root.
IF the device does not boot, you want to flash the stock boot.img again, so make sure you have a copy of that on your device as well, so you can recover easily!
karthikrr said:
Part 3, Step 4:
In TWRP, when you hit Install, on the bottom right, you will see an option for Images. Select that and when you goto the folder with your img, you should see the new img you copied on to your device. Continue with Part 4 for full root.
IF the device does not boot, you want to flash the stock boot.img again, so make sure you have a copy of that on your device as well, so you can recover easily!
Click to expand...
Click to collapse
I have issues with TWRP since it wont work properly for me, so I'm going to try it with Philz CWM. Thank you again.
icemanscion said:
I have issues with TWRP since it wont work properly for me, so I'm going to try it with Philz CWM. Thank you again.
Click to expand...
Click to collapse
Good luck Just make sure you have the stock boot.img around, in case there are any problems. You are the first one trying it on the P600, or at least the first who cared to write in this thread, so this is uncharted territory!
So to get the patches boot.img, we unpack the tar file posted in the OP?
Sent from my SM-P600 using Tapatalk
iridaki said:
So to get the patches boot.img, we unpack the tar file posted in the OP?
Sent from my SM-P600 using Tapatalk
Click to expand...
Click to collapse
Yes. xda does not allow me to post an image file greater than 8mb, but the P607T image is 10.5mb, so had to tar it. Decided to be consistent with all the images.
Technically, you can try to flash that .tar with ODIN, but in my case, it would not work. Only flashing the .img through TWRP did.
karthikrr said:
Yes. xda does not allow me to post an image file greater than 8mb, but the P607T image is 10.5mb, so had to tar it. Decided to be consistent with all the images.
Technically, you can try to flash that .tar with ODIN, but in my case, it would not work. Only flashing the .img through TWRP did.
Click to expand...
Click to collapse
Thank you! And thank you for providing us with a patched kernel!
I'll try rooting and installing Xposed tonight and report back!
iridaki said:
Thank you! And thank you for providing us with a patched kernel!
I'll try rooting and installing Xposed tonight and report back!
Click to expand...
Click to collapse
Technically its just a patched boot image with a STOCK kernel, but yea, glad to help The real work was done by Chainfire and garyd9 and SHM helped me put this thing together, so they deserve the thanks!
If you get Xposed on it, let me know which version. The official one does not work on TW LL yet, but I believe Wanam has another version out that does. I haven't had the time to install it and test it, so your review will be helpful.
karthikrr said:
Technically its just a patched boot image with a STOCK kernel, but yea, glad to help The real work was done by Chainfire and garyd9 and SHM helped me put this thing together, so they deserve the thanks!
If you get Xposed on it, let me know which version. The official one does not work on TW LL yet, but I believe Wanam has another version out that does. I haven't had the time to install it and test it, so your review will be helpful.
Click to expand...
Click to collapse
Any contribution is a worthy contribution!
Wanam Xposed works perfectly on my Note 4 and I think it will work on the 10.1 as well. I'll report back soon!
SM-P600-TWRP 2.8.7.0 touch input doesn't work, but stylus input does
Hi!
Thanks for your posts, I'm sifting through is now. I was reflashing TWRP 2.8.7.0 (for SM-P600) and discovered that it wasnt responding to touch input. But I quickly discovered that it's UI does respond to the s-pen
I'll share my rooting experience as soon as possible.
V
Hey !! Can you give me the ROM of Darkdroid for Micromax A177. Thanks
Vasishtha said:
Hi!
Thanks for your posts, I'm sifting through is now. I was reflashing TWRP 2.8.7.0 (for SM-P600) and discovered that it wasnt responding to touch input. But I quickly discovered that it's UI does respond to the s-pen
I'll share my rooting experience as soon as possible.
V
Click to expand...
Click to collapse
How do you make it? I cannot flash the twrp successfully, there is always an error saying ''Recovery is not SEAndroid Enforcing''.
iopxiang said:
How do you make it? I cannot flash the twrp successfully, there is always an error saying ''Recovery is not SEAndroid Enforcing''.
Click to expand...
Click to collapse
You should wait a few moments. TWRP will open.
Flashing the SU.zip ends up in Bootloop for me._.
Fabi7775 said:
You should wait a few moments. TWRP will open.
Flashing the SU.zip ends up in Bootloop for me._.
Click to expand...
Click to collapse
Did you flash the boot.img before flash SU?
iopxiang said:
Did you flash the boot.img before flash SU?
Click to expand...
Click to collapse
Actually not, sorry.
I just thougt it is worth a try.
The SM-P600 rooting(with your patched boot) was a success! I encountered no problems at all. Only the lack of touch responsiveness of twrp 2.8.x had me worried, but thankfully the s-pen had my back and I was able to browse the twrp UI with it.
I'm now restoring all my apps with titanium backup, I'll try out xposed later this afternoon.
Regarding the LL update: wow this tablet completely feels like a new device, the fluidity is just stunning. 60 fps animations
Vasishtha said:
The SM-P600 rooting(with your patched boot) was a success! I encountered no problems at all. Only the lack of touch responsiveness of twrp 2.8.x had me worried, but thankfully the s-pen had my back and I was able to browse the twrp UI with it.
I'm now restoring all my apps with titanium backup, I'll try out xposed later this afternoon.
Regarding the LL update: wow this tablet completely feels like a new device, the fluidity is just stunning. 60 fps animations
Click to expand...
Click to collapse
Finally, a confirmation Thanks for letting us know!
As for TWRP, I believe the 2.6.3.3 (or something else in the 2.6 series) works without any problems on the P600.
XPosed is officially not out for Samsung LL, BUT Wanam has a version in development that works well, according to @iridaki on this thread. If you switch TWRP or try Wanam Xposed, post an update here as well!
And yes, the LL update actually made the device feel so damn good, its practically a Note 10.1 (2015 Edition)!
karthikrr said:
Finally, a confirmation Thanks for letting us know!
As for TWRP, I believe the 2.6.3.3 (or something else in the 2.6 series) works without any problems on the P600.
XPosed is officially not out for Samsung LL, BUT Wanam has a version in development that works well, according to @iridaki on this thread. If you switch TWRP or try Wanam Xposed, post an update here as well!
And yes, the LL update actually made the device feel so damn good, its practically a Note 10.1 (2015 Edition)!
Click to expand...
Click to collapse
Twrp 2.6.x does work, however there is no option to flash .img files on those versions.
So you either have to use heimdall or something else in order to flash that boot.
The unofficial xposed 5.1.x on my nexus 5 worked without any problems, so I expect the same for the LL variant. But I'll keep you posted.
The multiwindow transitions now have fade in/out effects <3 and we now can snap floating windows to either the left or right sides D:
karthikrr said:
Update 3: The patched P600 image has been confirmed to work by @Vasishtha, who also says TWRP 2.8.7.0 works with the S-Pen, but no touch input.
Click to expand...
Click to collapse
Can we use Temasek's 2.8.7.0 TWRP that has touch working?
Related
Hi all,
How are you?
I've been looking at these forums for most of the day, though am still quite confused. If someone could assist to clarify it would be much appreciated (as I would like to avoid to brick my phone).
I'm currently running Stock Android, Marshmallow version 6.0.1 with the 1 November 2016 Security Patch.
The model of my phone SM-G900I (Australian edition).
So I've come across the following links with the instructions on how to root and install recovery, though quite confusing.
http://forum.xda-developers.com/show....php?t=2699648
Recovery Query?
I understand that you need to download the Samsung Drivers and Odin.
I've downloaded the TWRP files for my phone - twrp-3.0.2-2-klte.img.tar and twrp-3.0.2-2-klte.img.tar.asc
Do I need to use the twrp-3.0.2-2-klte.img.tar.asc file at all?
Root Query
Is the towelroot method of rooting the S5 still relevant. The reason I ask, is that when I had posted an initial question on the XDA assist, I was advised that this may not work.
If the towelroot method is no longer relevant, would the CF-Autoroot method below work?
http://forum.xda-developers.com/show....php?t=2696537
If neither of the above methods work I have seen mentions of "flashing root" via TWRP.
Are there any known instructions on how to do that on XDA or any other website?
Or is it just a matter of obtaining the superSU zip file from https://download.chainfire.eu/696/supersu/ and flashing it?
The other information seems straight forward re using the Samsung Tool to backing up the device and the EFS .
Any help would be much appreciated.
Thank you.
just flash the .img file in download mode, and dont use the asc file at all. also dont use twrp 3.0.2-2, just use 3.0.2 (not 3.0.2-1 or 3.0.2-2 as they can be pretty buggy). Towelroot has long since become irrelevant back in the 5.0 days unfortunately so all you need to do is find the appropriate supersu.zip file and put it on your phones sd card (either internal or external), boot into recovery an install that zip via TWRP then reboot. Should be good to go. The classic "root via recovery" method
Paul_Lunardi said:
Hi all,
How are you?
I've been looking at these forums for most of the day, though am still quite confused. If someone could assist to clarify it would be much appreciated (as I would like to avoid to brick my phone).
Recovery Query?
I understand that you need to download the Samsung Drivers and Odin.
I've downloaded the TWRP files for my phone - twrp-3.0.2-2-klte.img.tar and twrp-3.0.2-2-klte.img.tar.asc
Do I need to use the twrp-3.0.2-2-klte.img.tar.asc file at all?
Root Query
Is the towelroot method of rooting the S5 still relevant. The reason I ask, is that when I had posted an initial question on the XDA assist, I was advised that this may not work.
If the towelroot method is no longer relevant, would the CF-Autoroot method below work?
http://forum.xda-developers.com/show....php?t=2696537
.
.
Click to expand...
Click to collapse
1. Plug in your phone and let the drivers load.
If phone unrecognized then head to Playstore you can find loads of apps for drivers
2.unplug your phone and turn it off
3.Load odin.
Some versions of Odin are outdated. So watch for that.
4.Holding your turned off phone. Hold the volume down power and home buttons. Done correctly it should bring you to a page saying custom Roms can damage your blah blah. Volume up to continue down to reboot. Plug your phone in then Push volume up if you feel ready to Join us Oh Padawan.
Now I am sorry for the lengthy information, most likely you have already gotten to this point, but I just want to make the same page for you and future readers. No point in asking a bunch of potentially irrelevant questions when one explanation is sufficient.
5. Odin should find your phone which will be represented by a lit up colored square on the left side indicating a Com:value# which number is of little consequence just tells you which port it found it at. Do not dwell on this.
6. Using an extraction program such as .7z take your CF auto root .Tar file, not the .Asc, and extract. You should be able to find an file with ap in the extension.
7.Take the path from the URL bar of this window including the name of the ap file and copy it over to Odin. In Odin you will see the place to put it is represented by AP.
8. CLICK START AND WAIT WITH JEOPARDY MUSIC.
9. IT MAY REBOOT A FEW TIMES BUT UNTIL IT SAYS success OR FAIL IN ODIN DO NOT TOUCH.
10. Repeat steps 7-9 for twrp.img
10. Now taking this was a success turn your phone off. Unplug and holding volume UP power and home Gets you into twrp recovery. If all is well you can reboot into system. Ignore the kernel warning.
^^^^^ theres the long explanation LoL ^^^^^^^^ i disagree with step 9, but meh
Hi all,
Thanks for the detailed instructions.
So it appears that you can perform the task in 2 ways, ie
* By initially flashing TWRP first using Odin (whilst phone is in download mode), then running the TWRP and then copying over the supersu file to the sd card, then flashing this.
Or alternatively, following the above steps which first
* roots the phone by using Odin within download mode and the "cf auto root" file. Then once again using odin and flashing the TWRP file via odin.
This is my understanding.
Please let me know if I've misunderstood, otherwise thanks all. I'll be giving it a try soon.
My eventual goal is to install the Resurrection Remix Rom, so fingers crossed.
Paul_Lunardi said:
Hi all,
Thanks for the detailed instructions.
So it appears that you can perform the task in 2 ways, ie
* By initially flashing TWRP first using Odin (whilst phone is in download mode), then running the TWRP and then copying over the supersu file to the sd card, then flashing this.
Or alternatively, following the above steps which first
* roots the phone by using Odin within download mode and the "cf auto root" file. Then once again using odin and flashing the TWRP file via odin.
This is my understanding.
Please let me know if I've misunderstood, otherwise thanks all. I'll be giving it a try soon.
My eventual goal is to install the Resurrection Remix Rom, so fingers crossed.
Click to expand...
Click to collapse
the cf auto root file usually isnt necessary, nor is flashing supersu really as the newer twrps have the root function built right in. Itll ask you if you want to enable superuser rights the first time you boot into it. Just swipe right and its rooted. Alternatively, flashing supersu from within twrp or the cf auto root also work. CF is the acronym for the dev ChainFire, he is the man (or she, and conversely "the woman" or whatever LOL)!! But the crux of what you need is twrp installed, from there youre usually set. Get rooted, make a nand of your stock setup and flash away. Also, id make sure to download the stock tar.md5 file of your phones firmware in case all goes awry (or to hell in a handbasket or enter clever euphemism for stuff going bad here) so you can flash the stock tarball in Odin if you get stuck in an endless bootloop and your stock restore file doesnt work. Also, when resoring from AOSP to TouchWiz or vice versa, does require a few boxes to be checked for it to work, but it happens all the time. Happy flashing and feel free to ask away if you run into anything man!
Thanks all for clarifying.
I did have some difficulties along the way though I did successfully install twrp.
So I downloaded one of the latest versions of odin on mums computer. Laiche the twrp tar file in the ap section. Loaded it then restarted the device. Ran recovery though it was still the default android recovery ie it appeared as though nothing had changed. I looked at another forum which suggested to turn ooff the auto reboot option in odin and perform a battery pull and then launch directly into twrp. This actually worked after much agony.
I then loaded a superuser zip and flashed it onto the phone.
Rebooted confirmed that the phone was rooted.
I then relaunched the twrp recovery and ran a nand? backup of my device. Then I attempted to install a custom rom ie resurrection remix. Unfortunately it did load though the screen appeared to freeze after boot and was therefore unusable. Thank goodness the restoring of the backup worked.
I'll reattempt the installation of a custom rom very soon. Fingers crossed.
Thanks.
Hi all, I posted this in the 6P bootloop thread, but didn't get a response. As that is a pretty LONG thread, i'm thinking my question may have gotten lost in the jumble.
Quick run down.
A few months back my 6P started the BLOD. I found the fix listed on these pages, applied it, and have been happily using my phone ever since. Phone is bone stock 7.1.2 other than the TWRP recovery and the modified EX kernel for 4 cores.
Since the fix, my phone FINALLY got the OTA update to go to Android 8.0 and i obviously want to get it done. My concern is HOW to do this without causing more headache.
Can anyone point me in the right direction? Should i use the OTA update or download the factory image from Google?
I've got some knowledge as i used to be into the "rooting" scene back in the day, but haven't for a while, so i feel a little lost.
Thanks for any help.
johnnyphive said:
Hi all, I posted this in the 6P bootloop thread, but didn't get a response. As that is a pretty LONG thread, i'm thinking my question may have gotten lost in the jumble.
Quick run down.
A few months back my 6P started the BLOD. I found the fix listed on these pages, applied it, and have been happily using my phone ever since. Phone is bone stock 7.1.2 other than the TWRP recovery and the modified EX kernel for 4 cores.
Since the fix, my phone FINALLY got the OTA update to go to Android 8.0 and i obviously want to get it done. My concern is HOW to do this without causing more headache.
Can anyone point me in the right direction? Should i use the OTA update or download the factory image from Google?
I've got some knowledge as i used to be into the "rooting" scene back in the day, but haven't for a while, so i feel a little lost.
Thanks for any help.
Click to expand...
Click to collapse
Well, for starters do NOT take the OTA. It will either fail or boot loop your phone. Due to the fact you have a modified boot.img you will need to update manually using fastboot with the full image. Re-apply the modified kernel after you finish updating the partitions, but BEFORE booting the first time. You can follow most guides on how to manually update a full image using fastboot, just add the step of flashing the modified kernel before booting.
Thanks for the reply and the help. If i could ask for a little more help, as this is my only phone.
Can you explain the difference between the modified boot.img and the modified kernel?
If i download the factory image from here (https://developers.google.com/android/images) is it ok to the get the latested one (Nov 2017) or do i need to get the original one (Sep 2017 as i'm on Fi)
Once i flash the factory image, is it going to replace the modified boot image as well as the modified kernel?
Follow the OP on this thread (https://forum.xda-developers.com/nexus-6p/general/guide-fix-nexus-6p-bootloop-death-blod-t3640279) in the downloads section there appear to be 2 files i would need, the "Boot.img from stock 6.17, 8.0 firmware" and "EX kernel version 5.03". Am i understanding that correctly?
Like i said, this is my only phone, and i'm probably just being overly paranoid about bricking it, but any clarification would be greatly appreciated.
johnnyphive said:
Thanks for the reply and the help. If i could ask for a little more help, as this is my only phone.
Can you explain the difference between the modified boot.img and the modified kernel?
If i download the factory image from here (https://developers.google.com/android/images) is it ok to the get the latested one (Nov 2017) or do i need to get the original one (Sep 2017 as i'm on Fi)
Once i flash the factory image, is it going to replace the modified boot image as well as the modified kernel?
Follow the OP on this thread (https://forum.xda-developers.com/nexus-6p/general/guide-fix-nexus-6p-bootloop-death-blod-t3640279) in the downloads section there appear to be 2 files i would need, the "Boot.img from stock 6.17, 8.0 firmware" and "EX kernel version 5.03". Am i understanding that correctly?
Like i said, this is my only phone, and i'm probably just being overly paranoid about bricking it, but any clarification would be greatly appreciated.
Click to expand...
Click to collapse
Use the latest November image. The boot.img contains the kernel and ramdisk, critical files necessary to load the device before the filesystem can be mounted. When you flash the new boot.img contained in the Google image, it will overwrite the patched kernel. You then need to re-patch it by installing EX kernel before booting. EX writes to (modifies) the stock boot.img. There are also pre-modifed boot.img files floating around. You will probably get more detailed help in the dedicated thread. Learning to flash manually (or remember how) is not really a big deal and a necessary skill for modding (and for getting yourself out of trouble). Good luck. :good:
v12xke said:
Use the latest November image. The boot.img contains the kernel and ramdisk, critical files necessary to load the device before the filesystem can be mounted. When you flash the new boot.img contained in the Google image, it will overwrite the patched kernel. You then need to re-patch it by installing EX kernel before booting. EX writes to (modifies) the stock boot.img. There are also pre-modifed boot.img files floating around. You will probably get more detailed help in the dedicated thread. Learning to flash manually (or remember how) is not really a big deal and a necessary skill for modding (and for getting yourself out of trouble). Good luck. :good:
Click to expand...
Click to collapse
Ok, so 1 last time (sorry)
1 - Downloaded the latest 8.0.0 factory image from google (this contains the bootloader, radio, and partitions (.zip).
2 - Get phone to fastboot and apply the above 3 new images
3- before rebooting, flash oreo4core (new, modified boot.img), TWRP recovery.img
4- reboot to recovery (TWRP) and apply the modified EX kernel
5 - reboot and (hopefully) profit
Am i missing anything, or doing anything that isn't needed?
johnnyphive said:
Ok, so 1 last time (sorry)
1 - Downloaded the latest 8.0.0 factory image from google (this contains the bootloader, radio, and partitions (.zip).
2 - Get phone to fastboot and apply the above 3 new images
3- before rebooting, flash oreo4core (new, modified boot.img), TWRP recovery.img
4- reboot to recovery (TWRP) and apply the modified EX kernel
5 - reboot and (hopefully) profit
Am i missing anything, or doing anything that isn't needed?
Click to expand...
Click to collapse
<<Disclaimer: I don't use the 4 core kernel, so I don't know if it comes with installer script or someone has just modified the latest boot.img>> Unzip the "partitions" zip you refer to and extract those image files to the same folder as bootloader and modem. For example, you can keep TWRP recovery if you don't flash the recovery.img. That is how you preserve your custom recovery. So in other words you'll now have a folder (your ADB folder?) with 5 image files.... bootloader, radio, boot, system, and vendor all in one folder. <<Note: it is my understanding you just substitute the latest oreo4core file (should be boot.img?) If this is true, copy that file into your ADB folder and let it overwrite the stock boot.img. Stop. Copy over flash-all.bat, change the *.bat extension to *.txt and open in notepad. You will see (and can copy/paste) the fastboot commands to get you started with bootloader and radio. Then flash the last 3 (boot, system, vendor). At this point you can reboot into the OS. Since you substituted the oreo4core boot.img file for the stock boot.img there is no need to use TWRP to flash anything. That and since you skipped flashing the recovery.img, TWRP is still there.
v12xke said:
<<Disclaimer: I don't use the 4 core kernel, so I don't know if it comes with installer script or someone has just modified the latest boot.img>> Unzip the "partitions" zip you refer to and extract those image files to the same folder as bootloader and modem. For example, you can keep TWRP recovery if you don't flash the recovery.img. That is how you preserve your custom recovery. So in other words you'll now have a folder (your ADB folder?) with 5 image files.... bootloader, radio, boot, system, and vendor all in one folder. <<Note: it is my understanding you just substitute the latest oreo4core file (should be boot.img?) If this is true, copy that file into your ADB folder and let it overwrite the stock boot.img. Stop. Copy over flash-all.bat, change the *.bat extension to *.txt and open in notepad. You will see (and can copy/paste) the fastboot commands to get you started with bootloader and radio. Then flash the last 3 (boot, system, vendor). At this point you can reboot into the OS. Since you substituted the oreo4core boot.img file for the stock boot.img there is no need to use TWRP to flash anything. That and since you skipped flashing the recovery.img, TWRP is still there.
Click to expand...
Click to collapse
Thank for the help! Everything seems to be up and running. I know you said you don't use the "4 cores" (can only assume your either on a different phone or yours isn't affected by the BLOD), but do you know if i still need to apply the EX kernel update, or know of a way to tell if it's already been applied?
Thanks again for all the help. I was pretty much in the right direction, but being as how i'd been away from it for a while, i wanted some backup
johnnyphive said:
Thank for the help! Everything seems to be up and running. I know you said you don't use the "4 cores" (can only assume your either on a different phone or yours isn't affected by the BLOD), but do you know if i still need to apply the EX kernel update, or know of a way to tell if it's already been applied? Thanks again for all the help. I was pretty much in the right direction, but being as how i'd been away from it for a while, i wanted some backup
Click to expand...
Click to collapse
I don't think you can flash EX kernel from now on. I think you have to use a modded boot.img that will contain his kernel/ramdisk. This is my guess. You really should be getting your information in the dedicated thread where everyone is actually installing and using it. Google "oreo 4 core" and you will find the XDA thread is the first hit. Good luck. :good:
So, since once a month I find myself having to click a bunch of links and read how to do a bunch of commands, I wanted to create a thread that (rather generically) explains how to manually flash the OTA monthly updates if you're rooted with Magisk. So, minimally, here's a thread for me to review every month... if it helps you all out, all the better!
Pre-requisites:
Download Latest OTA zip file from Google.
Obtain the STOCK boot.img (required) and dtbo.img (optional) of the System ROM you are currently running. This can be done if you already have the full System Image file downloaded, downloading it currently, or just obtaining the stock boot and dtbo image files elsewhere. (NOTE: This can be skipped if you successfully uninstall Magisk BEFORE you start the process and choose to restore the Stock images in the uninstall process.)
Download Latest Magisk Zip file
Download latest TWRP recovery image
If applicable, have latest USB drivers, adb/fastboot/ files etc.
Preparation:
1) Extract or open the Full Image file and locate the boot.img and dtbo.img files. You will want these on your PC in the platform-tools folder (I usually put the Month name at the beginning, ex. - Jan_boot.img). Again, you can skip if you successfully uninstall Magisk prior to all of this.
2) Copy your OTA zip file to the platform-tools folder, again naming it after the month helps (ex. - Feb_Pixel2XL_OTA.zip)
3) Put your TWRP recovery in platform-tools folder.
4) Place the latest Magisk zip on your Pixel's internal storage (what used to be the SDCard on phones so equipped).
Commands:
1) From PC, open command prompt and change directory to your platform-tools folder.
2) If your phone is on, "adb reboot bootloader" If powered off, press power and Vol Down button to get to Bootloader. Plug your phone into your PC.
3) [If Magisk is not uninstalled first] Command: fastboot flash boot {Name_of_boot.img File}
4) [If Magisk is not uninstalled first] Command: fastboot flash dtbo {Name_of_dtbo.img File}
5) On your phone, hit Vol Down until you see Recovery, then press power button.
6) Once in recovery mode, press power and Vol Up to bring up menu
7) Scroll to item: "Apply update from ADB" and press power
8) Command: adb sideload {Name_of_OTA.zip file}
9) After the OTA finishes flashing, exit recovery back into the Bootloader
10) Command: fastboot boot {twrp_filename.img}
11) Install Magisk Zip file (and any other Zip files you want installed... Kernels, etc.) within TWRP
Then after flashing your zip files, reboot to system and you should be all set.
I believe everything above is correct, but if I've made a glaring mistake, please let me know. I also realize there may be other methods to this madness, but this is what works for me.
With this method do you have to worry about removing your password from your phone before you try to go into twrp?
uofirob said:
With this method do you have to worry about removing your password from your phone before you try to go into twrp?
Click to expand...
Click to collapse
Yes. Mine is set to pin, which I had to put in and it let me finish.
Sweet. I'll give this method a try tonight!
WorldOfJohnboy said:
Yes. Mine is set to pin, which I had to put in and it let me finish.
Click to expand...
Click to collapse
Thank you for this. Just to be clear in step 2 under prerequisites you say more on this later. Then in step 1 for preparation you prefix your boot and dtbo with Jan xx.img. I get what your saying, but for the newer noobs they may get confused. Maybe reword to say, extract or open the factory image your currently using or the previous months image. Obviously you do this first so that you can sideload the ota. I don't mean any disrespect.
I believe you also need remove the -w from the end of the .bat file after you extract the OTA; otherwise, all of your data will be wiped.
But great job of getting all this info in one place!
So I did this, and now I'm bootlooping. I guess I'll re-flash the Jan factory image and wait a little longer... **UPDATE** I fixed the bootloop by re-trying the process again (after re-verifying the MD5 hash on the update.zip. I rebooted after installing the update,
but before the TWRP flash to install MAGISK. Maybe this allowed the "update"
to finish processing. I also had to remove the pin from my lock screen in order to allow me to get into twrp. After rebooting into the system and removing the pin, I adb reboot bootloader and then flashed twrp. Thanks for the guide!
---------- Post added at 07:58 AM ---------- Previous post was at 07:50 AM ----------
PuffDaddy_d said:
I believe you also need remove the -w from the end of the .bat file after you extract the OTA; otherwise, all of your data will be wiped.
But great job of getting all this info in one place!
Click to expand...
Click to collapse
You don't need to remove the -w from the .bat file since you aren't using it at all to do the update. That is only if you're flashing your factory image.
Fe Mike said:
Thank you for this. Just to be clear in step 2 under prerequisites you say more on this later. Then in step 1 for preparation you prefix your boot and dtbo with Jan xx.img. I get what your saying, but for the newer noobs they may get confused. Maybe reword to say, extract or open the factory image your currently using or the previous months image. Obviously you do this first so that you can sideload the ota. I don't mean any disrespect.
Click to expand...
Click to collapse
I changed some wording under prerequisite...
I agree with everything on this guide...
just teasing...
I'm actually glad you created this thread...I wanted to create one also and try and help out as much as I could, but I don't have the cahones and didn' t think I had experience enough to start a "guide" thread :silly:
I mean no disrespect, but this seems awful complicated compared to just flashing the full image with the removed (-w). Especially since your downloading it anyway. I do that then boot the TWRP image and flash the TWRP zip. Reboot into recovery and flash kernel and magisk and reboot system. Again I'm asking for clarity, not dumping on you. Great write up btw!
CyberpodS2 said:
I mean no disrespect, but this seems awful complicated compared to just flashing the full image with the removed (-w). Especially since your downloading it anyway. I do that then boot the TWRP image and flash the TWRP zip. Reboot into recovery and flash kernel and magisk and reboot system. Again I'm asking for clarity, not dumping on you. Great write up btw!
Click to expand...
Click to collapse
Well...I can't speak for the OP, but I wrote my extremely similar identical one because, for whatever reason, many users would choose OTAs over flashing full factory images. I/me & you understand the benefits of the factory images over the OTAs; especially understanding the process you must go through to install the OTAs as-of-current is almost the same as flashing the factory images anyways...
But if I were to give a possible explanation to their reasoning is that, like many of them, I come from a non-Google phone (S5 for me), and OTA's were simpler, takes less bandwidth (which still remains true today), they were significantly simpler to install vs. factory images, and with a lot of popular phones you only flash factory images to recover your phone; i.e. muniz_ri's OTA's for the S5 and FlashFire were loads simpler than flashing a whole factory image. But, again, understanding the difference for Pixel 2 and Oreo's OTA & factory images (or the small difference thereof), it's probably better to do a few extra steps and/or downloads to do the whole image than sideloading an OTA.
In the end, this is for people who insist for OTA updates most likely because that's how they are familiar (and therefore more comfortable) with; whether it being explained to them or not...
Cheers!:good:
Fair enough, thanks for the input!
CyberpodS2 said:
I mean no disrespect, but this seems awful complicated compared to just flashing the full image with the removed (-w). Especially since your downloading it anyway. I do that then boot the TWRP image and flash the TWRP zip. Reboot into recovery and flash kernel and magisk and reboot system. Again I'm asking for clarity, not dumping on you. Great write up btw!
Click to expand...
Click to collapse
It may seem awful complicated, but to be honest, to me is less complicated than having to edit a script file (which if you forget to do, will lose all of your data). Also, though the steps I wrote out seem like a lot more if you were to write out a process using the full image, it actually works out to be almost the same number of steps.
Lastly, as someone else hinted at, the OTA file size is smaller. The only full image you need is what you are currently running (which in most cases I have on my phone in case the sh__ hits the fan with my phone), not the new full image. (To be even more precise, you only need the boot.img and dtbo.img from the full image file--there may be places to get just those two files out there.)
As I put in the last sentence, I realize there are other methods to this madness, this is basically what works for me. I wanted to get it in writing so I wouldn't forget this down the road, and if it helps anyone here, just icing on the cake. Clearly I'm no Dev and not forcing anyone to perform the updates this way!
WorldOfJohnboy said:
It may seem awful complicated, but to be honest, to me is less complicated than having to edit a script file (which if you forget to do, will lose all of your data). Also, though the steps I wrote out seem like a lot more if you were to write out a process using the full image, it actually works out to be almost the same number of steps.
Lastly, as someone else hinted at, the OTA file size is smaller. The only full image you need is what you are currently running (which in most cases I have on my phone in case the sh__ hits the fan with my phone), not the new full image. (To be even more precise, you only need the boot.img and dtbo.img from the full image file--there may be places to get just those two files out there.)
As I put in the last sentence, I realize there are other methods to this madness, this is basically what works for me. I wanted to get it in writing so I wouldn't forget this down the road, and if it helps anyone here, just icing on the cake. Clearly I'm no Dev and not forcing anyone to perform the updates this way!
Click to expand...
Click to collapse
Hey bud, wonder I I could pick your brain just a little. When doing monthly Google updates, are most of their proprietary files located in the boot, dtbo, and vendor images?? Your posts have intrigued me a little, and are very well written BTW. My reasoning is this. On my old 6p, about all we needed to do was flash the new vendor, and of course the bootloader and radio if there were any worthwhile improvements. Would the same possibly apply to the P2XL?? I'm just wondering because, now that we're starting to see custom roms, if this would be a viable option, and simplify the updating process. Thank again for your great write up ??
Badger50 said:
Hey bud, wonder I I could pick your brain just a little. When doing monthly Google updates, are most of their proprietary files located in the boot, dtbo, and vendor images?? Your posts have intrigued me a little, and are very well written BTW. My reasoning is this. On my old 6p, about all we needed to do was flash the new vendor, and of course the bootloader and radio if there were any worthwhile improvements. Would the same possibly apply to the P2XL?? I'm just wondering because, now that we're starting to see custom roms, if this would be a viable option, and simplify the updating process. Thank again for your great write up
Click to expand...
Click to collapse
I'll be perfectly honest with you, I haven't taken a dive to see what is in the OTA files and would imagine that it varies depending on the monthly updates.... that said, the only reason why I have stated to re-flash the stock boot.img is because if you are rooted with Magisk, it takes the stock boot.img and modifies it. In order to take an OTA sideload, you need to be on stock boot.img and stock recovery. dtbo is only in my process because there was one time when I tried to sideload and my dtbo wasn't stock (or corrupt). You may not need to flash the stock dtbo.img, but it doesn't hurt to do so.
WorldOfJohnboy said:
I'll be perfectly honest with you, I haven't taken a dive to see what is in the OTA files and would imagine that it varies depending on the monthly updates.... that said, the only reason why I have stated to re-flash the stock boot.img is because if you are rooted with Magisk, it takes the stock boot.img and modifies it. In order to take an OTA sideload, you need to be on stock boot.img and stock recovery. dtbo is only in my process because there was one time when I tried to sideload and my dtbo wasn't stock (or corrupt). You may not need to flash the stock dtbo.img, but it doesn't hurt to do so.
Click to expand...
Click to collapse
I'm really happy to see our device has graduated to this level of discussion, instead of the random guessing and 14 different "possible" routes to a solution. Lol
Custom roms abound, once TWRP gets squared away and someone master's the art of turning monthly updates into zip installs we'll pretty much be there!
Btw OP, great write up... Clear and precise!
I do not understand the purpose for downloading the full system image and then flashing only the OTA zip - what am I missing? There is a widely distributed method for performing monthly OTA updates by uninstalling Magisk, updating OTA normally, then flashing Magisk again - seems much simpler, any reason why it would not work?
Brenneke said:
I do not understand the purpose for downloading the full system image and then flashing only the OTA zip - what am I missing? There is a widely distributed method for performing monthly OTA updates by uninstalling Magisk, updating OTA normally, then flashing Magisk again - seems much simpler, any reason why it would not work?
Click to expand...
Click to collapse
Downloading the full system image is not required. You only need the Stock versions of boot.img (required) and dtbo.img (optional) of the ROM version your phone is currently running. I actually keep a full system image on my phone in case something goes awry.
I'm going to update the OP to more clearly state that you only need the stock boot.img file--how you obtain it is up to you. Uninstalling Magisk will do the same exact thing, however I tried to do that a couple of months ago and it created more issues for me than if I had just flashed the stock boot.img in the first place.
WorldOfJohnboy said:
Downloading the full system image is not required. You only need the Stock versions of boot.img (required) and dtbo.img (optional) of the ROM version your phone is currently running. I actually keep a full system image on my phone in case something goes awry.
I'm going to update the OP to more clearly state that you only need the stock boot.img file--how you obtain it is up to you. Uninstalling Magisk will do the same exact thing, however I tried to do that a couple of months ago and it created more issues for me than if I had just flashed the stock boot.img in the first place.
Click to expand...
Click to collapse
I have not tried the uninstall Magisk method but plan to do so at next update. What kind of issues did it create for you?
Thanks.
Brenneke said:
I have not tried the uninstall Magisk method but plan to do so at next update. What kind of issues did it create for you?
Thanks.
Click to expand...
Click to collapse
For some reason, I don't think it restored the correct (or not corrupted) boot.img version. Then, there were remnants of the Magisk APK and other files so I ended up having to do a full TiBu of my apps and flashed (with wipe) a full System image. It may have been something I did or just my bad luck, but I prefer not to chance it and instead manually flash the Stock image as my "guide" here states.
So i got today the "Samsung Galaxy Tab A 10.5 (gta2xlwifi /SM-T590) with Android 8.1, the first Question i had "Can i root the Tablet?".
Well this is now my Question, i used google for a Hour and the Search function in XDA but apperently i cant find smth about this Device + root/custom recovery, i just found a news article with rumors about the Bixby Button.
so i wanted to ask if someone know already smth about rooting this device or give me some advises where i should begin with workarounds or smth like that.
Hi,
As far as I know there is no custom recovery for the SM-T590 yet. You're best bet to root the device is most likely to use Magisk and create a patched boot.img with Magisk Manager. The following steps should do the trick, but no guarantees as I have not tested it with this device:
Download the firmware matching your device firmware version
Unlock your bootloader (this will also trigger the KNOX fuse, so apps like Samsung Pay will no longer work)
Install Magisk Manager
In the settings of Magisk Manager, set the boot image format to img.tar
Unpack the lz4 compressed image
Install Magisk and select the Patch boot image method
Flash the patched boot image with ODIN/Heimdall
Cheers, Tom
tomparr said:
Hi,
As far as I know there is no custom recovery for the SM-T590 yet. You're best bet to root the device is most likely to use Magisk and create a patched boot.img with Magisk Manager. The following steps should do the trick, but no guarantees as I have not tested it with this device:
Download the firmware matching your device firmware version
Unlock your bootloader (this will also trigger the KNOX fuse, so apps like Samsung Pay will no longer work)
Install Magisk Manager
In the settings of Magisk Manager, set the boot image format to img.tar
Install Magisk and select the Patch boot image method
If sucessful, flash the patched boot image with ODIN/Heimdall
Cheers, Tom
Click to expand...
Click to collapse
(That English sounds kinda bad not gonna lie xd im really sorry for this crappy text tried my best)
first of all thanks for your time
so..... i did not found any infos about unlocking bootloader for this tablet... probably i dont search the right terms...
Well i tried it without unlocking it (idk if its maybe already unlocked)
now i created the boot image, install it via odin now yeah...
ive got magisk now and "root" but root do not actually work (apps like titaniumbackup cant find the "su") (probably because the bootloader isnt unlocked?)
so maybe its because of the bootloader not unlocked, just not working because of this "workaround", so i basically just can wait till someone take her/his time with this device or i did something wrong and didnt do it right
tomparr said:
Hi,
As far as I know there is no custom recovery for the SM-T590 yet. You're best bet to root the device is most likely to use Magisk and create a patched boot.img with Magisk Manager. The following steps should do the trick, but no guarantees as I have not tested it with this device:
Download the firmware matching your device firmware version
Unlock your bootloader (this will also trigger the KNOX fuse, so apps like Samsung Pay will no longer work)
Install Magisk Manager
In the settings of Magisk Manager, set the boot image format to img.tar
Install Magisk and select the Patch boot image method
If sucessful, flash the patched boot image with ODIN/Heimdall
Cheers, Tom
Click to expand...
Click to collapse
Edit: I tried this and the boot.img won't patch, comes back saying it can't patch the stock kernel.
airmaxx23 said:
Edit: I tried this and the boot.img won't patch, comes back saying it can't patch the stock kernel.
Click to expand...
Click to collapse
Hi,
Could you upload the boot.img(.lz4) somewhere? My device should arrive any day now, so I am really interested to get it working.
-- Tom
tomparr said:
Hi,
Could you upload the boot.img(.lz4) somewhere? My device should arrive any day now, so I am really interested to get it working.
-- Tom
Click to expand...
Click to collapse
Here you go, please keep me updated on your progress and let me know if I can help. This is from the December update.
https://drive.google.com/file/d/1hlntpS7hj6zsfuBW6JbPvJoCOEVSDG3i/view?usp=drivesdk
airmaxx23 said:
Here you go, please keep me updated on your progress and let me know if I can help. This is from the December update.
https://drive.google.com/file/d/1hlntpS7hj6zsfuBW6JbPvJoCOEVSDG3i/view?usp=drivesdk
Click to expand...
Click to collapse
Thank you. I ran the above steps (after decompressing the image with lz4) and the patching process went through without any issues. You can find the recompressed image here. No warranty it will work though since I don't have access to the device (yet) but please let me know if it works.
tomparr said:
Thank you. I ran the above steps (after decompressing the image with lz4) and the patching process went through without any issues. You can find the recompressed image here. No warranty it will work though since I don't have access to the device (yet) but please let me know if it works.
Click to expand...
Click to collapse
It's my first time messing with Samsung firmware in a long time so I've pretty much forgotten everything, I've also never messed with the lz4 extension before. How did you go about extracting the boot.img?
I'll probably wait until you try it since you're obviously more experienced with Samsung firmware. Please keep me posted.
airmaxx23 said:
It's my first time messing with Samsung firmware in a long time so I've pretty much forgotten everything, I've also never messed with the lz4 extension before. How did you go about extracting the boot.img?
I'll probably wait until you try it since you're obviously more experienced with Samsung firmware. Please keep me posted.
Click to expand...
Click to collapse
My last Samsung device was a Galaxy S2, so it has been a long time for me too. For now I just did a bit of reading about the new formats. The lz4 compression also seems to be relatively new and replace the old img.tar format. You can simply extract the boot.img from the boot.img.lz4 by using the official lz4 binary with the command
Code:
lz4.exe boot.img.lz4
After Magisk patched the image you can repack it by using
Code:
lz4.exe -B6 --content-size patched_boot.img patched_boot.img.lz4
The new image should be flashable with Odin/Heimdall.
tomparr said:
My last Samsung device was a Galaxy S2, so it has been a long time for me too. For now I just did a bit of reading about the new formats. The lz4 compression also seems to be relatively new and replace the old img.tar format. You can simply extract the boot.img from the boot.img.lz4 by using the official lz4 binary with the command
Code:
lz4.exe boot.img.lz4
After Magisk patched the image you can repack it by using
Code:
lz4.exe -B6 --content-size patched_boot.img patched_boot.img.lz4
The new image should be flashable with Odin/Heimdall.
Click to expand...
Click to collapse
Would I use the AP slot in Odin? If I have issues I'd just flash the stock boot.img.lz4?
airmaxx23 said:
Would I use the AP slot in Odin? If I have issues I'd just flash the stock boot.img.lz4?
Click to expand...
Click to collapse
Yes and yes
tomparr said:
Yes and yes
Click to expand...
Click to collapse
There's only one problem, the file you patched needs to have a .tar or .md5 extension for Odin, it won't accept an .lz4 extension. When you patched it with Magisk did you select .tar format?
From what I've read, you need at least Odin 3.13.1 to flash a lz4 image.
tomparr said:
From what I've read, you need at least Odin 3.13.1 to flash a lz4 image.
Click to expand...
Click to collapse
I have Odin 3.13.1 and there's no option or way to flash an LZ4 image.
airmaxx23 said:
I have Odin 3.13.1 and there's no option or way to flash an LZ4 image.
Click to expand...
Click to collapse
My bad, I've been away too long from Samsung firmwares. Please try this patched boot image. I've recreated it as an img.tar file.
tomparr said:
My bad, I've been away too long from Samsung firmwares. Please try this patched boot image. I've recreated it as an img.tar file.
Click to expand...
Click to collapse
That worked, we have root. A couple things are acting strange but it may be a Samsung thing. Adaway won't stay enabled after a reboot, when trying to edit the build.prop with Root Explorer the tablet reboots when I hit "save". Root Explorer won't delete anything in system/app or system/priv-app.
I have Magisk installed, V4A, Substratum and OnePlus Gestures.
Could you do me one favor and repackage the stock boot.img.lz4 with a .tar extension so I have it. Or explain to me the steps to do it.
airmaxx23 said:
That worked, we have root. A couple things are acting strange but it may be a Samsung thing. Adaway won't stay enabled after a reboot, when trying to edit the build.prop with Root Explorer the tablet reboots when I hit "save". Root Explorer won't delete anything in system/app or system/priv-app.
I have Magisk installed, V4A, Substratum and OnePlus Gestures.
Could you do me one favor and repackage the stock boot.img.lz4 with a .tar extension so I have it. Or explain to me the steps to do it.
Click to expand...
Click to collapse
Glad to hear it worked, at least to some extend.
I've created a flashable tar from your initial boot image, which you can find here. If you want to try it yourself, here's what I did:
Decompress lz4 image: 'lz4 -d boot.img.lz4'
Create tar archive: ' tar --create --format=gnu -b20 --quoting-style=escape --owner=0 --group=0 --totals --mode=644 -f boot.img.tar boot.img'
tomparr said:
Hi,
As far as I know there is no custom recovery for the SM-T590 yet. You're best bet to root the device is most likely to use Magisk and create a patched boot.img with Magisk Manager. The following steps should do the trick, but no guarantees as I have not tested it with this device:
Download the firmware matching your device firmware version
Unlock your bootloader (this will also trigger the KNOX fuse, so apps like Samsung Pay will no longer work)
Install Magisk Manager
In the settings of Magisk Manager, set the boot image format to img.tar
Unpack the lz4 compressed image
Install Magisk and select the Patch boot image method
Flash the patched boot image with ODIN/Heimdall
Cheers, Tom
Click to expand...
Click to collapse
Thanks for that, worked for me after some glitches. Now rooted with xposed working.
gscollier said:
Thanks for that, worked for me after some glitches. Now rooted with xposed working.
Click to expand...
Click to collapse
Which SDK version did you install?
Also, can you please do me a favor? Go into system/app or system/priv-app and try to rename an apk and see what happens.
So you guys are making some progress. Its been a while for me too. I used to develop ROMs here ages ago but I am so out of the loop. Can't find any repos either. The last time I used Odin (and hated it) was back in the skyrocket days. Is it absolutely mandatory? Would adb work in Linux?
I always tried to avoid magisk or just didn't need it. Is it possible to avoid a recovery with it?
Hey,
I've installed https://forum.xda-developers.com/t/...g-galaxy-tab-a-7-0-sm-t280-gtexswifi.4158061/ on a SM-T280 that has TWRP 3.2.1-1 recovery installed, using TWRP zip install.
It had been rooted before with SuperSU, so I wanted to root it again with SuperSU (I have reasons for not trying Magisk).
I've tried SuperSU v2.82 and v2.78 from https://forum.xda-developers.com/t/...amsung-galaxy-tab-a6-sm-t280-sm-t285.3475381/ also by installing the zip in TWRP.
When the zip installs, it chooses systemless root. The logs seem fine, no errors, it patches the boot partition.
However, the tablet won't boot. It stays in the "Galaxy Tab A6" screen forever.
When I restore a backup of the previous boot partition, it boots fine again. So I guess it produces a bad boot image when trying to patch it.
Am I missing something obvious here or should it work that way?
RFZ said:
Hey,
I've installed https://forum.xda-developers.com/t/...g-galaxy-tab-a-7-0-sm-t280-gtexswifi.4158061/ on a SM-T280 that has TWRP 3.2.1-1 recovery installed, using TWRP zip install.
It had been rooted before with SuperSU, so I wanted to root it again with SuperSU (I have reasons for not trying Magisk).
I've tried SuperSU v2.82 and v2.78 from https://forum.xda-developers.com/t/...amsung-galaxy-tab-a6-sm-t280-sm-t285.3475381/ also by installing the zip in TWRP.
When the zip installs, it chooses systemless root. The logs seem fine, no errors, it patches the boot partition.
However, the tablet won't boot. It stays in the "Galaxy Tab A6" screen forever.
When I restore a backup of the previous boot partition, it boots fine again. So I guess it produces a bad boot image when trying to patch it.
Am I missing something obvious here or should it work that way?
Click to expand...
Click to collapse
Try this link.
lewmur said:
Try this link.
Click to expand...
Click to collapse
Thx, I'll try it, but I don't understand it.
It requires me to download and flash a kernel (boot.img) at the end. This will overwrite any changes the SuperSU installer made to the boot partition during its install. And if I understand system-less root correctly, it will essentially undo everything the installer did. Also, one kernel can't just run any Android version - usually it's tied to a specific Android version?
I'll report if it works. If it does, someone needs to explain to me how.
lewmur said:
Try this link.
Click to expand...
Click to collapse
Didn't work. To be fair, even https://forum.xda-developers.com/t/...amsung-galaxy-tab-a6-sm-t280-sm-t285.3475381/ mentions this step (I kinda missed it).
Instead of freezing at "Galaxy Tab A6" it boot-loops. It even enumerates on USB after 20s of booting and provides adb, but shell commands available are limited. It doesn't even know `ls`. 10s later it reboots.
As said before, I do not understand this procedure. My impression was that systemless root only modifies the kernel / boot.img. So flashing another boot.img after that seems strange.
RFZ said:
Didn't work. To be fair, even https://forum.xda-developers.com/t/...amsung-galaxy-tab-a6-sm-t280-sm-t285.3475381/ mentions this step (I kinda missed it).
Instead of freezing at "Galaxy Tab A6" it boot-loops. It even enumerates on USB after 20s of booting and provides adb, but shell commands available are limited. It doesn't even know `ls`. 10s later it reboots.
As said before, I do not understand this procedure. My impression was that systemless root only modifies the kernel / boot.img. So flashing another boot.img after that seems strange.
Click to expand...
Click to collapse
At what point did it fail? Did you boot to TWRP recovery after flashing it. IOW, before doing anything with SU?
lewmur said:
At what point did it fail? Did you boot to TWRP recovery after flashing it. IOW, before doing anything with SU?
Click to expand...
Click to collapse
What I did:
I booted TWRP and restored a boot.img I backuped yesterday (working LineageOS).
I rebooted to confirm it works. It did.
I booted into TWRP, copied "SR1-SuperSU-v2.78-SR1-20160915123031.zip" and "boot.img" (extracted from "supersu_2.78_SR1_systemless_boot_t280.tar") to the device.
Then installed "SR1-SuperSU-v2.78-SR1-20160915123031.zip" (install zip) and installed "boot.img" as "boot".
Then I rebooted.
Now it shows "Galaxy Tab A6" for 30s and the reboots. Over and over again.
I watched it many times, then booted TWRP again, restored the backup boot.img and it is back.
RFZ said:
What I did:
I booted TWRP and restored a boot.img I backuped yesterday (working LineageOS).
I rebooted to confirm it works. It did.
I booted into TWRP, copied "SR1-SuperSU-v2.78-SR1-20160915123031.zip" and "boot.img" (extracted from "supersu_2.78_SR1_systemless_boot_t280.tar") to the device.
Then installed "SR1-SuperSU-v2.78-SR1-20160915123031.zip" (install zip) and installed "boot.img" as "boot".
Then I rebooted.
Now it shows "Galaxy Tab A6" for 30s and the reboots. Over and over again.
I watched it many times, then booted TWRP again, restored the backup boot.img and it is back.
Click to expand...
Click to collapse
The only thing I see that doesn't match the instructions is restoring the backup boot.img prior to installing SR1.
lewmur said:
The only thing I see that doesn't match the instructions is restoring the backup boot.img prior to installing SR1.
Click to expand...
Click to collapse
Sure. But the instructions ask me to replace my entire boot partition with a static file I downloaded from the internet. Everything I did to the boot partition before is meaningless.
Clearly the kernel in the patched boot.img is not designed for the Android Version LineageOS 14.1 uses. You can't just boot any android with any random kernel, right?
RFZ said:
Sure. But the instructions ask me to replace my entire boot partition with a static file I downloaded from the internet. Everything I did to the boot partition before is meaningless.
Clearly the kernel in the patched boot.img is not designed for the Android Version LineageOS 14.1 uses. You can't just boot any android with any random kernel, right?
Click to expand...
Click to collapse
By your own reasoning, you can't use just any boot.img with what superSU file you're installing. You have to use the one TWRP installed. All I know is that every time someone reports a boot loop it is because they failed to follow the EXACT steps in the instructions.
lewmur said:
By your own reasoning, you can't use just any boot.img with what superSU file you're installing. You have to use the one TWRP installed. All I know is that every time someone reports a boot loop it is because they failed to follow the EXACT steps in the instructions.
Click to expand...
Click to collapse
My guess is that whoever wrote these instructions knew that the SuperSU install script isn't compatible with the device and will corrupt its boot partition. He probably fixed it or rooted it manually on his own and provided a rooted version of his boot.img instead. He still asks you to perform the regular setup as it not only will corrupt the boot partition but also install SuperSU.apk to the data partition.
However, this means it will only work with the Android version he used when he created the boot.img. So probably the most recent available stock ROM when the instructions were written. But not Android 7.1.
RFZ said:
My guess is that whoever wrote these instructions knew that the SuperSU install script isn't compatible with the device and will corrupt its boot partition. He probably fixed it or rooted it manually on his own and provided a rooted version of his boot.img instead. He still asks you to perform the regular setup as it not only will corrupt the boot partition but also install SuperSU.apk to the data partition.
However, this means it will only work with the Android version he used when he created the boot.img. So probably the most recent available stock ROM when the instructions were written. But not Android 7.1.
Click to expand...
Click to collapse
That may be true but you won't get an answer here. Post the question in that thread. But the dev may well have move on to a later device. The 280 dates back to 2016.
lewmur said:
That may be true but you won't get an answer here. Post the question in that thread. But the dev may well have move on to a later device. The 280 dates back to 2016.
Click to expand...
Click to collapse
Yep, confirmed my theory. I compared the original LineageOS 14.1 boot partition (from my backup) with the one the SuperSU installer creates that won't boot at all using a Hex-Editor. The one SuperSU installer created is missing an additional 0x200 bytes header that the original one had. I simply copied the first 0x200 bytes from the original into the one SuperSU installer created, removed the last 0x200 bytes of the image so the size fits, and flashed it.
And it works.
So I guess the SuperSU installer works with every Android Version on the SM-T280, but you have to add the additional 0x200 bytes from the original partition. (Probably also something one could simply patch in the SuperSU installer)
I've attached the image that works with LineageOS 14.1 on the SM-T280 and SuperSU installer 2.78.
Procedure is the same as:
1) Install SuperSU 2.78.zip in TWRP
2) Flash attached image (extracted from zip) to "boot" using TWRP
EDIT:
removed the attached image. See https://forum.xda-developers.com/t/...sm-t280-sm-t285.3475381/page-13#post-87442015
RFZ said:
Yep, confirmed my theory. I compared the original LineageOS 14.1 boot partition (from my backup) with the one the SuperSU installer creates that won't boot at all using a Hex-Editor. The one SuperSU installer created is missing an additional 0x200 bytes header that the original one had. I simply copied the first 0x200 bytes from the original into the one SuperSU installer created, removed the last 0x200 bytes of the image so the size fits, and flashed it.
And it works.
So I guess the SuperSU installer works with every Android Version on the SM-T280, but you have to add the additional 0x200 bytes from the original partition. (Probably also something one could simply patch in the SuperSU installer)
I've attached the image that works with LineageOS 14.1 on the SM-T280 and SuperSU installer 2.78.
Procedure is the same as:
1) Install SuperSU 2.78.zip in TWRP
2) Flash attached image (extracted from zip) to "boot" using TWRP
Click to expand...
Click to collapse
Glad you got it working. Did you post this info in the other thread? That is probably where someone else would look for the info.
lewmur said:
Glad you got it working. Did you post this info in the other thread? That is probably where someone else would look for the info.
Click to expand...
Click to collapse
Not yet. I will try to fix the SuperSU installer and also try it with SuperSU 2.82. Supplying a boot.img is really not the best idea and a fixed installer would be a far better solution.
It's just an additional offset of 0x200 when writing the modified image. Can't be hard to fix. I'll look into it tomorrow.
Edit: Posted a patched SuperSU installer here:
[RECOVERY][ROOT][TWRP 3.2.1-1][Magisk v14] Samsung Galaxy Tab A6 SM-T280/SM-T285
TWRP custom recovery for the Tab A SM-T280/T285. Latest build is 3.2.1-1 Disclaimer: you flash these at your own risk. Knox counter will be tripped. Having the stock firmware to hand is also advised. NOTE: BEFORE MAKING MODIFICATIONS, ON SOME...
forum.xda-developers.com
Didn't work for 2.82 though, just for 2.78
Edit: Got it working for 2.82 too, see link above.