I cracked the img format for Garminfones... started out by looking at the format of the file and it turns out the only difference is the loader addresses.
Took the stock recovery and disabled security, which worked. Then modified the boot.img to disable security and had the filesystems mount rw by default and flashed it to the recovery partition. Booted into recovery mode and viola... security disabled. Now it is time to flash it to the boot partition and cross fingers.
Now I just need to figure out how to compile a working recovery mode... preferrably one that can be activated by keypress. Not sure how to do that part. I can only get to recovery and bootloader mode after booting into the os.
I should have a working mkbooting soon so I don't have to hex edit the generated img files.
Well done!
I look forward to any progress reports that you make.
Are you using the official or leaked version of the 2.1 Eclair?
The official and leaked versions are equal.
And I did find out that we do have fastboot It's the blue screen that you get when you hold UP+POWER, or do adb reboot bootloader... two different messages on the screen. I can get fastboot to accept a reboot-bootloader command, but I'm having some issues actually getting any information out of it or flashing something like a boot image.
To get it to respond, you do:
fastboot -i 0x091E <command>
the -i makes it specify the Vendor ID, since fastboot only accepts a few vendors by default.
I also found out that I don't have to rebuild the mkbootimg program... if you add --base 0x1AC00000, then the load addresses match up in the resulting img file.
If someone is willing to host it, I can share the modified boot.img that sets ro.secure=0 and mounts the filesystems RW by default.
Hey, just joined to reply to this thread. Is it possible for you to upload to a file-sharing site such as megaupload, fileserve, etc.
I'm just getting into this whole rooting/modifying stuff. I used z4root to root my A50 and have installed superuser. I have deleted some of the carrier .apks but am thinking I should have made a back-up before doing so. I also bought setcpu from the market before finding out the Qualcomm chip does not allow overclocking.
Can I ask what the point of modifying the boot image is? Is this the first step in being able to install custom roms to the phone?
Anyway, appreciate the effort you guys have put in to modifying the phone.
You get a higher level of access, along with things like being able to customize parts of the phone, in my case enabling read/write by default. I also am planning on playing a bit, like remapping partitions... the instructions are in the init.rc file.
Always take a dump_image (or remount all mtd partitions as read only and just use cat to dump the mtd partitions). Also tar up each of the root folders (and files) in case you need quick access to any files you may have deleted. If you need a system app back and you don't have a backup, you have to reflash 2.1 again. Very important... if you care about the Garmin map software, make sure to get the /storage folder, including the one in it named .System... you can recover the maps, vehicles, etc by using two different Garmin web update windows programs-- one for the system stuff and one for the maps. Better safe than sorry.
any news on this
What would we need to be able to overclock?
I spent a good portion of the day yesterday rooting and installing CyanogenMod on my fiance's MyTouch Slide, and I have to say, it was amazing. It's a lot more than just a throwing around some custom default apps, cleaning up bloatware, even adding some kernel modules... I can do all of that on my rooted Garminfone just fine. It also had the Android 2.3 base, and it has polish and refinements that just can't be done without a custom built ROM.
I bought my Garminfone on purpose, even knowing that it shipped with Android 1.6, even knowing that the interface was awful, even knowing that the device wasn't going to sell as well as I wished it would. I bought it for it's offline maps, and for it's fantastic GPS. Things have improved since I bought my device... Android 2.1 was released, an improved user interface arrived, I gained root access and was able to clean up some stuff, etc. etc. But none of that prevented me from being jealous yesterday after seeing CyanogenMod. Further, Cyanogen has experience with preserving apps through the process of installing his mod for the first time; He did it when Google first sent him the Cease and Desist letter barring him from packaging CyanogenMod with Google Apps. I'm not sure HOW he did it, and I don't care, but I do think that it's very possible for him to do just that again with our Garmin Maps and the associated apps.
For these reasons, I suggest that we could have our cake, and we could eat it too: Have a modern OS (Based on Android 2.3), have a clean, unified interface, with no bloatware AND our maps... Cyanogen is not known for making his mod for phones he doesnt own. Further, as we all know, ours was possibly the worst selling and least popular android device ever released to market. While I consider myself versed in the ways of Linux, I am not a developer. I run Gentoo, and have the associated skills, and I will contribute in any way I know how, but hacking is not my forte. I can't expect brilliant minds to work for any project for nothing. Therefore, I am putting my money where my mouth is... I'm going to take all the money from my weekly paycheck that I can afford, and I'm going to donate it to that project. It won't be much... I am a starving college kid, after all... but it will be generous within my means. I am also going to post a reference to this thread everywhere I know how... My contribution might be small, but the community might be able to get something together that is mighty.
Visit topic 5864-garminfone on their forums to add your support.
(Edit: They moved my post, I have corrected this with the correct forum topic)
Related
When I first got my G-tab I was baffled by all the instructions and the literally thousands of posts in the forum. Even now, I haven't been able to find exactly how (or why) I should update my kernel. That said, I have TNT Lite running and I love my g-tab. Exploring the possible uses and utilities on it provides hours of fun. Now - here is my question. I stumbled on some instructions for installing the ROM and I have used those same instructions to install several patches to the Rom. I see all this commentary on Clockwork, side loading, etc. and I wonder if I am missing something. Today I just installed the .25 patch for TNT-Lite. I downloaded the rar file, unzipped it on my PC to get the Recovery folder and the update.zip file. I plugged the g-tab into the pc and switched it to usb mode. Then I moved the old recover folder and update.zip to a folder (cautious me) and put the new ones in the root. I disconnected the usb and started the g-tab in recovery mode (holding the power and volume+ key. It rebooted, applied the patch and I was done. That seems simple enough. It would seem that this would work for switching roms, applying patches and probably even upgrading the kernel (If I knew where it was and why I should do it). Am I missing something? Everything seems to work.
Sounds like you got the basics ok.
The real main reason to update the kernal as i see it is to add things like driver support for devices like gps and g3, so on, also minor fixs. If your not using your gtab for anything like this you maybe happy to stay stock. But if you like myself like to use your gtab to surf with g3 or as a sweet gps, then thats what the kernal updates allow. Im sure others can correct me if ive got anything wrong or add to what ive said.
You got the basic steps right, but installing ClockWorkMod Recovery has a lot of benefits.
First, built in backup and recovery will save your skin if the gTab get "cranky".
Second, installing ROMs and/or updates saves you a few steps. From "tar" files (TnT-lite), extract the update.zip file to a folder (I created a folder named "xda", just an example) and name it after the version of ROM/update.
CWM will flash "*.zip" file. This way you can keep multiple ROMs/updates on the card and switch between them.
CWM lets you clear cache, wipe Data partition, clear Dalvik-cache (use caution there), fix permissions and so much more! It is a great tool.
Sent from my gTablet-TnT-Lite-4.2.5 using TapatalkPro
So now we peel back another layer
OK so now the question of multiple roms comes up. I am not clear about the role of the rom - can I switch roms and keep all of my apps and data intact? I'm thinking like changing style sheets on a web page - presentation is different but the underlying data is still the same? Is it that easy?
And... if I am doing that perhaps I need to "clear cache" or "wipe data partition" but although I like to investigate new things I'm not willing to just walk up and push the big red button without knowing what it is for. So why would I "clear" or "wipe" things?
I get the impression that I could switch between ROMs just like switching between browsers on a pc - today Chrome, tomorrow, Firefox and never Internet Exploder... Is that correct? It took me quite a while to get the market working and it still doesn't work optimally but I'd hate to undo all the work I've done getting the g-tab humming along by switching roms. Can I?
So - anyone care to expound on the structure and how it all hooks together? What parts can be swapped out and what parts form the foundation? I'd hate to brick the little guy in my ignorance.
One final note if you know and you answer - where did YOU learn about this. Is there a book somewhere to read?
Thanks again for sharing your knowledge.
The Need for A Wiki
I'm in the same boat as enigma. I'm not even sure what ROM is an acronym for, though I think it means operating system. A wiki would be a big help for many people. I bet people would be glad to contribute.
Well, I don't know about Android book, especially about "hacking android book" , but this (and others) forum has plenty of reading material and guides. Not to mention people (a lot more knowledgeable and experienced than me) who will offer advice and lend a hand. And Google search comes in handy too.
Switching ROMs is almost like switching the OS, or a flavor of. Very much like switching between Linux distributions; the base OS is the same, but the overlay changes the user experience. Some things do change deep down inside, that's why is advisable to clear data.
Android, like Linux which it is based on, uses separate partitions for different parts of the OS, like boot, recovery, data, cache and user data. Plenty of write ups and discussions on the web on that.
So when flashing a ROM, you'll rewrite boot and system. Your user apps and data/preferences pertaining to those apps are stored in data partition, and since you are changing the 'OS', the apps need to be recompiled for it. Backup apps, like Titanium Backup, come extremely handy here: backup and restore apps AND appdata with a few clicks.
Backups are stored on sdcard, which is a lot like Linux /home directory, and do not get wiped during flash. Also the CWM (sometimes called Nandroid) backups are also stored there. A backup-of-the-backup is always a good habit (copy of /sdcard to your PC for safekeep).
This is just a quick rundown, hopefully that answered some of the questions.
There is a world of information available out there in "ether-world", Google is your friend.
[EDIT]:
Some links:
http://android-dls.com/wiki/index.php?title=Main_Page
http://lifehacker.com/#!5596108/how-to-choose-the-right-android-rom-for-you
and of course:
http://forum.xda-developers.com/forumdisplay.php?f=841
(use the search on top of the screen)
Sent from my gTablet-TnT-Lite-4.2.5 using TapatalkPro
Doesn't my sticky on how to flash the roms help at all? I can try to make it clearer if you have suggestions.
http://forum.xda-developers.com/showthread.php?t=892090
TeamSpeed said:
Doesn't my sticky on how to flash the roms help at all? I can try to make it clearer if you have suggestions.
http://forum.xda-developers.com/showthread.php?t=892090
Click to expand...
Click to collapse
Yes, your Sticky is as clear as Florida sky.
I just installed Thumb Keyboard on my gTab last night and I guess I got carried away getting used to it!
Yes, I have found some very good step by steps (reflashed to vegan after reading that one). Step by steps are great but I 'd like to understand why I'm doing it. The market fix...I can follow the steps and it works but why? I wish I had time to research all these things but there are so many forums,so many posts to read! The explanation that did surface in this thread was great though. Thanks. I'll keep asking questions. There are a lot of smart people out there!
i was just trying to get a grasp on how to flash bootloaders on android devices. I have got a grasp with how to do it on old WinMo HTC devices, but there seems to be a lot more information regarding the various Android handsets. So here is the rundown of what I have found so far:
General Android: it appears that almost all android phones have the ability to flash from an SD card (by putting an update.zip on it). Can this reflash the bootloader? i don't see a reason why not (the bootloader should be in memory when the updater is running, so the flash should be writable) but having said that, i know on the old HTC devices that I have used, it wasn't possible (you had to load a softSPL or a diagnostic SPL to then run the flashing). Also, would anyone by any chance have a good understanding of what is in the update.zip? i see it referenced a lot, but as far as i can tell, it looks like it is just packages and directories and stuff to copy. Most of the posts I have seen regarding flashing also try replacing the recovery image, and then booting into recovery and telling it to recover. Does this work for bootloaders or just ROMs?
HTC: this appears to be the same as the old WinMo 6 devices I have used. You can use the RUU utility, supply it with an nbh file, and there are no problems. Outside of the Incredible S it would also appear that they don't have any kind of signing or anything to worry about. As such, you can see the SPL in cleartext and is in cleartext on the phone (I am guessing anyways). One question I do have is I have the ancient NBHGen used for the Kaiser (also worked for Hermes, Trinity, etc.), will that work with say the HTC Hero (or insert modern phone here)?
Samsung: Samsungs SBL as far as I can tell is equivalent to the HTC SPL (much the same as the HTC IPL = Samsung PBL). I have actually seen an apk that supposedly updated the SBL for Samsung. Like HTC, it also appears that they leave everything in clear text. If i am not mistaken, Odin is the tool of choice for reflashing on Samsung devices (any good tutorials out there for it and its file formats? i haven't actually looked too hard at that yet)
Motorola: I dont wish to stir up any anger (especially since most of what I read is on the Droid X), but Motorola is the one that is the hardest to find real info on. Motorola, on their more popular phones, appears to have made a habit of adding aggressive anti-tampering to their premier phones (at least after the original droid). I don't believe that their SPL equivalents have been cracked, but I also can't find a straight answer about whether their bootloaders are signed or encrypted (or both). They are two different things, but have been largely used interchangeably on most forums. They also have eFuse protection. I have looked at a few of the SBF files in a hex editor, and they don't appear to be ARM assembly. That said, I wouldn't believe that it is encrypted as there is cleartext within it. This leaves a couple of options. either the data moved is encrypted and it copies over encrypted data that gets decrypted at boot time (that seems like a massive waste of CPU cycles, but i wouldn't put it past them to do something like that). Or it could mean it gets decrypted by whatever loads it onto the phone. And lastly, it could just be x86 assembly (which i wouldn't recognize by looking at it). The last one seems to be the best fitting, but it doesn't answer whether or not it is encrypted on the phone. Since I haven't found an SBF file that contains just a bootloader, i haven't really had the chance to examine it. I also have not sen a way to flash a new SPL to a device (even a more open one like the original droid, which i believe is still locked, just not signed/encrypted).
file formats: this is also kind of confusing. I mentioned the update.zip above, but i have also seen people referencing ,bin and .img and all kinds of other files. If i am not mistaken, a bin and img file are the same with a different extension. Straight up binary, though i believe that the img files are supposed to be partition images. Is that accurate? and are SBF files executable? i swear i saw somewhere that people were running them, though it could just be my imagination...
I know there is a lot there a lot of information there, but I just wanted to check and make sure it is accurate, so I don't sound like a noob to my boss when I present it.
Many thanks!
There are a few of these guides around, but I thought to write my own. Hope it will be helpful! I'll keep the most up-to-date version on my site.
Rooting Android: What Is it?
If you've heard about "rooting" your Android phone, and are confused by what exactly it does, or don't understand the instructions you found on an obscure forum or blog post somewhere, this guide might help you make sense of things.
What Is "Root"?
"Root" is the name of the default administrative user in Unix. The user named "root" can do absolutely anything: edit or delete any file, start or stop any system service, and also add, remove or change the privileges of other users, so that they, too, could perform the same operation.
So, user "root" can actually bestow administrative privileges on any Android user, including the default one you use normally on the phone.
When you buy an Android phone, it normally does not let you login as user "root".
What Can User "Root" Do?
Your phone is really a general-purpose hand-held computer. People have written apps for it that can do the things like this:
Turn it into a wireless internet router, connecting to your 3G/4G network on one end, and broadcasting a wifi hotspot on another. You can thus connect your laptop to the internet from anywhere. "Tethering," but without cables!
Lets you overwrite any of the Android system files, customizing it to your heart's content. This lets you customize the built-in fonts, colors, keyboards, etc.
Lets you install newer versions of Android, beyond what your phone's vendor has provided.
Why stop at standard Android? Because Android is an open source operating system, people have been able to modify it to add features far and beyond what Google has put in it, as well as offering better performance in some situations. With administrative privileges, you can just flash an entire new Android ROM to your phone. A very popular one is CynaogenMod, which is based on Android 2.3.
Install various networking servers and clients, such as QuickSSHd to allow logging in to your phone over the internet, or CifsManager, which lets you access Windows shared drives from your phone.
Who knows? People might think of new users for these hand-held computers, uses that would require full access to all features of the phone.
Why Won't My Phone Normally Let Me Login As "Root"?
First, for reliability -- as far as you're concerned.
Imagine if your phone automatically gave you administrative access. This means that any app you install can do anything it wants to it. Obviously, unacceptable.
An alternate solution is available in newer versions of Windows and other desktop operating systems, which require you to enter a special administrative password whenever a program is trying to access secure parts of your computer. This is annoying enough on a desktop computer: on a phone, it would again be unacceptable.
So, it makes sense -- for your sake -- to disallow any administrative privileges.
Second, for reliability -- as far the phone vendor is concerned.
A smartphone, unlike a PC, is an expensive consumer device with an explicit support contract. People normally and frequently return phones to the shop if they stop working properly, or call customer support to get assistance. There's a huge cost for the vendor to maintain this support network.
Think for a minute what would happen if any phone user could login as "root" and delete any system file: you would have broken phones everywhere, frustrated consumers, and clogged support networks. Indeed, "rooting" a phone pretty much voids your warranty as far the vendor is concerned.
I Understand the Risks and Am Willing to Void the Warranty, So Why Can't I Login As "Root"? It's My Phone!
Even if logging in as "root" were an advanced feature, hidden away somewhere in the menus with thousands of warnings about possible dangers, you can bet that many non-advanced users would find it. When their phone breaks, you bet they will be angry, and will not care that the warnings were there. As far as they would be concerned, this "root" thing is a feature of their phone, and if it can break the phone then it shouldn't even be there.
And there's a third party who has a business interest in denying you "root": the telecommunication carriers. Their business model is designed around typical consumer uses of the phone, and they do not want it to be too powerful. For example, a "rooted" phone can let you tether it to a laptop, so that your laptop gets its internet access. But, carriers typically sell special "laptop sticks" for that purpose specifically, and these usually are more expensive than phone plans, because they take into account the much heavier bandwidth that laptop users tend to use. If everybody could "root" their phone and tether it, this product -- and source of revenue -- would be irrelevant.
So, Phones Don't Come with a "Root" User?
Android is based on the Linux operating system, which requires the "root" user to function. It's there. However, the vendor has tried to hide all the normal ways to access it. The "root" user is there, it's just "locked."
What Is "Rooting"?
In the context of Android phone, rooting means more than just letting you log in as the "root" user: it means installing a set of tools so that any of your programs can access "root" when then need to and you allow them.
The result is that "rooted" phone works just like Windows, in that it will ask you for permission (but not a password) whenever an app is trying to get administrative privileges.
Fortunately, once you gain access to the "root" user, it's very easily to install a set of standard apps that let you implement this feature, specifically the Superuser app.
How Do I Root My Phone?
Nothing in software can be truly locked down, and hackers have found ways to get "root" access on any Android phone on the market. There are quite a few holes.
But, these methods vary a lot and are different per phone. It's easier on some phones than others. It's often risky, too, because a misstep could potentially "brick" your phone -- making it so that you cannot boot into Android. "Unbricking" is possible in some cases, but not in others. Take care!
Search the internet, and you will likely find various blog and forums posts with instructions for rooting your particular phone model.
This is not a guide for rooting your particular phone model. Instead, it is a general description of what rooting is and how it works. It can help you understand the rooting instructions you find.
Any Downsides?
Well, first of all, there is the risk of bricking your phone. You might want to make sure that someone you know with the same model phone as you have has used the method before. Or, read about it in the internet forums, and make sure that lots of other people have used this method successfully.
Also, you may void your warranty: of course, this would only happen if customer support looks closely at your phone and notices that it has been rooted. It's a good idea to look at these rooting guides to see if there is an easy way to un-root the phone, or at least return it to factory settings.
Finally, there's the issue of "firmware updates" coming from your carrier. Sometimes they will work fine with rooted phones (as long as custom Android ROM has not been installed on them), but depending on the rooting method it may mean that won't work fine anymore. "Not working fine" can mean that the upgrades simply won't run, but it can also mean that the upgrades would fail terribly and brick your phone. Generally, if you have rooted your phone and are getting an "Update Available, Do you want to download?" message from your carrier, don't just say "yes," instead check the forums to see the experience of other people with rooted phones with this update. Generally this problem seems rare, a result of a very poor upgrade package from the vendor -- the usual case is that the upgrade simply won't work.
Don't worry too much: with a rooted phone (and a good Recovery program, see below) you will likely be able to install the upgrade yourself, and possibly better upgrades to more advanced versions of Android than your vendor provides.
How Rooting Works
First, let's understand how the locking down happens.
Your phone actually has more than just Android installed on it. There are, at minimum, three and usually four "partitions" in which entirely different programs are installed. Android is just one of them.
The Boot Loader
The first partition has the boot loader, the very first program see when you turn on the phone normally. The boot loader's main job is simply to boot other partitions, and by default it just boots the Android partition, commonly called the ROM (described below). So, you don't really see the boot loader for very long.
However, all phones allow for a special way of turning them on -- for example, holding the volume up button while pressing the power on button -- that shows the boot loader menu.
When you're there, you can actually choose if you want to boot into the Android partition, or you can boot into the Recovery partition (described in detail below).
The interesting thing about the boot loader is that it is very, very simple. It has no mechanism for users and privileges. One way to look at it is that it always is "root," and in fact can't be anything else.
Sounds like a good place from which to unlock your phone! Unfortunately, most boot loaders are too simple.
One exception is the boot loader found in Google's Nexus phones, and in a few other developer-friendly phones. These boot loaders can actually communicate with a PC over USB, and support writing data to partitions ("flashing" them), as well as booting from them. With this feature, you can flash an unlocked Android ROM to the Android partition, and you're done! Well, the challenge is just to find such a ROM that works well with your phone...
Most phones don't have such a flexible boot loader. However, getting into the boot loader menu is important, because it lets you boot into the Recovery partition, detailed next.
The Recovery Partition
As its name can tell you, this partition is mostly for customer support: the Recovery program can be used to return the Android partition to its factory settings, which can solve a lot of problems with faulty phones, or phones that were infected by bad apps. It can also format the SD card partition.
Some Recovery programs can also install special phone upgrades from the SD card, that write directly to ("flash") the Android ROM partition. Obviously, free access for anyone would allow rooting, so vendors make sure that Recovery would only accept official upgrades. But, one way to root a phone would be for hackers to find a way to create such an "upgrade" that the Recovery program would accept.
There's quite a lot of variation in Recovery programs out there: every vendor has their own idea of which recovery features would be useful for their customer support team. Boot into yours and take a look! It's harmless, unless you actually choose one of the recovery options...
Like the boot loader, the Recovery program is always in "root". A hacked Recovery program could let you flash an unlocked Android ROM, or run any "upgrade" you like. So, in addition to just "recovering" an unusable phone, it can help you "recover" the "root" user that has been locked from you!
A good Recovery program is very useful for customizing your phone, beyond just rooting it. By far the most popular Recovery program is Clockwork Recovery, also called ClockworkMod.
Some rooting methods begin by finding a way to flash ClockworkMod to your Recovery partition, from which you can then run an "upgrade" that roots your phone. Other rooting method find another way in, but still recommend you flash ClockwordMod as soon as possible, because it's just so useful for customizers.
You will not find a homepage or an "official" way to download ClockwordMod: carriers obviously do not want you get have easy access to it. But, search around, and you will find one appropriate for your phone. The ROM Manager app can also flash it for you, assuming you are already rooted.
The SD Card
This is another partition, entirely for you. It is not protected in any way, and you have full access to reading and writing files on it.
For many phones, this partition does not exist unless you physically install an SD card. Some phones have a built-in SD card.
The Android ROM
Finally, the most important partition on your phone! When the boot loader starts the Linux operating system (the "kernel") that sits underneath Android, one of the first subsystems to come up is the security system. From then on, the "root" user will be used to start various user-level subsystems required for the phone to function.
Eventually, the default user will be started, and that will be used to run your apps: the status and notification bar that appears on the top of the screen, the settings manager, the virtual keyboards, etc. Finally you get the home launcher, from which you can launch all the other apps on your phone. None of these programs run as "root", so you are effectively locked from administrative privileges.
The Linux operating system can set security permissions per file. So, indeed large parts of this partition are restricted to be read-only by any user except "root". So, if you boot into Android, none of the apps you run will be able to change these system files. The rest of the partition is readable-and-writeable, and generally functions just like the SD card partition, though it's usually much smaller.
Of course, if you boot into Recovery instead, you will be able to write to these files, because you are "root" there. That's why ClockworkMod is so useful for rooting your phone!
Most Android apps run on yet another layer, a virtual machine called Dalvik, which is a heavily modified version of the Java virtual machine found on previous generations of cell phones, as well as on desktop computers, servers, and many other devices. Definitely, everything you install from an app store will run on Dalvik. Dalvik is a tightly controlled environment in which privileges are carefully controlled per program, beyond what the Linux operating system provides. Not only do apps not have administrative access to the phone, but they can be limited in access to wifi, cellular access, and your data.
Except... that Android does provide a way for apps to request administrative privileges. In locked phones, this is automatically and silently denied. However, the Superuser app can hook into these requests and let any app switch to the "root" user, from which they have full administrative access. A friendly dialog box will pop up, asking you if you want to give the app full permissions. Say yes, and there you go!
A phone in which the Superuser app is running properly is rooted.
Summary: Rooting Methods
The rooting instructions you find will likely be one of these, or a combination of these steps:
Phones with boot loaders that can be unlocked (such as Google's Nexus) will let you flash other partitions. You can flash a whole Android ROM that is already rooted, such as CynaogenMod, and you're done! Or, if you don't want to replace your entire Android ROM, you can flash ClockworkMod into the Recovery partition, and move from there to the next method.
Some rooting methods start with a hacked way to flash ClockworkMod into the Recovery partition. With ClockworkMod, you can run your own special "upgrade" from the SD card. This "upgrade" will vary a lot per phone model, but at the minimum it will involve installing the Superuser app. For some phones, it will modify a few Linux configuration settings to make sure that Superuser app can login as "root." Other, more heavily locked-down phone models might require replacing certain locked parts of Linux and the Android system, sometimes much of the Linux "kernel" itself.
Other rooting methods use the phone's existing Recovery program, but the hackers found a way to create an "upgrade" that can fool the Recovery program into believing it's official. From there on, it's identical to the previous step.
Some rooting methods start straight from Android. Hackers found a way to login as root while Android is running. Of course, logging in as root is not the same rooting, but once you are logged in as root you can run a similar "upgrade" as is used in the previous steps.
Need More Help?
Don't ask me, please! Seriously, I spent a lot of time writing this long article specifically so I would not have to keep answering questions about the process. There are many internet forums and bloggers that welcome questions from noobs. I've generally found the Android hacker community to be extremely generous and welcoming.
Happy rooting!
Nice - but clarification requested
I like the article as it answers some questions.
One thing I'm curious about - you seem to use the terms Recovery Partition and Recovery Program interchangeably. Is that your intent? I'm not trying to split hairs - I just want to understand. I would have expected booting into the recovery partition loads the recovery program.
Also, you talk about how vendors choose features of their recovery program. CWM is then a replacement for the vendor supplied recovery program, correct? If you root then install CWM, are you in effect replacing the recovery program after rooting (as opposed to forcing CWM to overwrite the existing recovery program via flash)?
Thx
Thanks!
A very useful guide for android beginners like me!
Sorry for the bump . This post deserves a thanks and a bump
Thanks! A very useful guide for beginner. I've forwarded this to my colleague who just switched from Windows to Android phone.
Much appreciation!
Thank you so much. I have just purchased a rooted phone & have a ton of questions. Have spent hours here tonight searching for basic info. Finally found this & it really helped this total "noob".
Thank you again.
thanks (very2 usefull) from iphone4 user
Good work..
Sent from my Galaxy Mini using xda-premium
Thanks. It helped very much
how to root sony xperia u
How to root sony xperia U..?
please give me detailed and simple procedure to follow...
i would also happy to know should i have pc drivers to run this rooting process..?
thanks
Thx for taking the time to write the article helped me understand a lot of things
I am a NOOB, but I like myself just fine. The video for NOOBs is funny, but IMHO, should be a bit more serious.
I'm one of those people experiencing issues with GPS and TTFF being excessively long on the MT. Cry.
If I run MyPhoneExplorer, I can see the system file structure, and I believe I can move files to the phone. I believe I can do the same with SwiFTP.
Can one drop replacement GPS libraries for example into the SYSTEM and SYSTEM/HW sub-directories using a program like MPE, or an FTP program like SwiFTP without rooting, and would they be honored on the next reboot?
Would I be mangling some check-sum or other that determines the integrity of the system loaded?
I'm one of those users that doesn't really want to root if not necessary, but I wonder if doing some mod like the above - would doing so lay subsequent update pushes from VMUSA to waste?
Also, I'd really like if possible to flag some programs not to load, unless I explicitly ask them to load via the U.I. with intent. I suppose I'd have to root to do something like that. Perhaps with Ginger-Break? Would doing this make subsequent updates problematic?
Any information regarding my constraints and options to effect both of the above would be very appreciated. Thanks.
There are ways to mount the various partitions from a host machine (e.g. Linux) while it is in the "emergency" flash mode, which would permit what you want to do. Doing this is quite dangerous - at least as much as rooting the device and perhaps more-so.
I appreciate the response.
OK, if I were to root via Gingerbreak and install the files that way, then un-root, would my system then appear to be (to an update provided by Motorola or VMUSA) as something which couldn't be updated?
In other-words would rooting put me on a path to having to use specially modified updates?
Thanks.
Depends on what you change.
In GENERAL no, the update will come through. The major risk is that it crashes on install as some part of what you changed is a dependency but is not reloaded. This is rare, but can happen.
So.... root, install Clockwork, and make an immediate Nandroid backup BEFORE you screw with anything. That SHOULD allow you to un-hose yourself if you get in trouble.
Greetings,
I am currently working on a 100% Android Marshmallow v6.0.1 variant for the Samsung On5 SM-G550T/1 (T-Mobile).
THIS IS NOT A THREAD ON HOW TO ROOT YOUR PHONE
This thread assumes you have already rooted and installed TWRP on your phone and have basic understanding on to backup and recover your phone.
If you need that sort of help, please see my other thread:
https://goo.gl/jWNVNX
Reasons for Project:
I started this project for two reasons:
- Frustration for the lack of support for an otherwise great phone.
- Stumbling across the Samsung Factory Test Rom doing research for other projects.
This ROM has a a 100% Native Driver Set for Android v6.0.1 on the SM-G550T/1. The driver set is identical for the TMO or MetroPCS variants, but the EFS folder will remain different for each.
I'm going to outright confess that I am not a programmer and this is truthfully the first ROM I am trying to develop on my own. I'm a Project Manager and Software Designer by trade, but I rarely get this deep into ROM developments. I figured it was a good project to take on to learn the nitty griddy of what a truly pure Android Experience looks like. That being said, I'd greatly appreciate any help anyone can contribute and will make all my work freely available to anyone wanting to help provided that everyone participating goes into it with good faith that they have no intent on making substantial gains from this project.
Usage of these ROMs/Files/Programs are subject to the following licenses:
- Google's Android Open Source Project Licnese (AOSP):
https://source.android.com/setup/start/licenses
- Google's Individual Contributor License Agreement:
https://cla.developers.google.com/about/google-individual
- Apache Software License, Version 2.0
http://www.apache.org/licenses/LICENSE-2.0
- Samsung Open Source Release Center (OSRC) License:
http://opensource.samsung.com/reception/
That being said, I believe this remains a good enough device, IMHO, to transition people into Android or to provide to people not requiring a fully featured phone.
KNOX Status:
The Factory Test ROM is mostly clean having all the drivers intact and lacks most Samsung Bloatware "tampering". It *DOES* have some preliminary containers for KNOX installed, but none of it is active and takes up less then 1 MB of total space after cleaning passes to remove as many traces as could be removed without breaking things. It is currently being "managed" by an init.d script that generates the folders. I haven't been able to track down yet.
Known Issues:
- 100% Pure Android Menus.
- Rooted/Super User.
- Sound, Camera, GPS, TMO Modem, Wifi, Bluetooth 100% working.
- 100% Native Tethering.
- Adblocker pre-installed (for both Apps and Websites).
- The smallest amount of KNOX installations outside of Lineage. >1mb of KNOX is present with the only items being present are installer containers.
- I'm trying to track down Init.d files that loads with Android and automatically disables/flushes WIFI.
- By default, the power button is set a 100ms push time to turn off (not show power menu). I'm trying to figure out a work around for this.
- I'm trying to find a compatible Contacts Storage file.
- There is no shutdown menu.
Please note that any released versions of this ROM will have makeshift ways to get around these issues.
Downloads:
Please see the second post in this thread.
How to Install:
#01.) Backup your device.
#02.) Download the zip file for the TWRP backup.
#03.) Unzip the TWRP backup.
#04.) Load the downloaded restore into your TWRP Backup Directory.
#05.) Boot into TWRP Recovery.
#06.) Restore the ROM copied into your TWRP Backup Directory.
#07.) Reboot.
Note: No personal data has been configured.
References:
Update Log:
https://goo.gl/CEGCx9|
Required System Apps for Samsung Phones:
https://goo.gl/emTvgX
Things I Could Use Help On:
- A very good way to figure out what Init.d files are doing what without reading through them.
- A good way to change the PIT so we can move 2 gig from the System Rom into the User Rom space.
- Easy methods for changing key button presses.
- A shutdown menu setup.
- A way to make this into an installer.
Note that all those things I'm working on ALREADY, but suggestions would be helpful.
Thanks in advance for any help anyone offers.
Donations Welcomed:
Dev elopement of this ROM is timely, I appreciate any contributions you wish to provide.
https://goo.gl/esVVqA
DOWNLOAD LINKS:
[2019-03-11] Android (v6.0.1) Build #13 [RC] - Google
https://www.androidfilehost.com/?fid=1395089523397913770
- Note, due to Google Now being installed on this one, I can't configure the home long press as the restart menu.
[2019-03-11] Android (v6.0.1) Build #13 [RC] - Diagnostics
https://www.androidfilehost.com/?fid=1395089523397913771
[2019-03-02] Android [v6.0.0] Build #10F [RC]
https://www.androidfilehost.com/?fid=1395089523397908668
i would love to test this rom
Its been taking a little longer then I expected to get it working correctly --- I've been having trouble tracking down some bugs, but with a little luck, I'll post the Google variant tomorrow.
Here is a "working" version to look at:
https://www.androidfilehost.com/?fid=1395089523397901430
It's a restore for TWRP (not an install).
It has all the aforementioned bugs, but is pretty clean only with a few basic utilities installed on it.
I'm trying to track down a number of things:
How to change the Power Button function:
In my most current build, I have made the power button simply put the device to sleep with a long hold of the home button bringing up the power menu. I can't for the life of me figure out where the power button menu lives at or how to define it.
Normally, you'd go edit /system/usr/keylayout/Generic.kl, however, editing it button 116 (the power button) for "Power" only makes it turn off. I can remap it easily as sleep. I compared several other ROMs who use the exact same parameter.
My current version, I just use an app to remap several of those functions; but I don't feel like that's a "release worthy" fix.
Factory Mode:
I can't figure out how to get this version of the ROM to get out of factory mode. The only real problem this causes is, on bootup, it will display a message saying as such and then disable WIFI and turn off the sound. Both, of which, can be immediately be turned back on. It also disables power saver modes.
At first, I thought this was an Init.d file, but after doing some digging I determined this has to the /efs/factoryapp/factorymode file. I may need to swap elements from another EFS to get this fixed.
Contacts Storage:
This is another one I can't seem to track down, but I have a working idea how to fix it. At current, anything that uses Contact Storage won't work. I wonder if the contact storage I have on the system is simply incompatible for some reason. I'm going to try to pull over those system apps from another working rom.
Storage
I've mapped out all the partitions but am having trouble figuring out how to actually change the partitions. There is a whole 2 GB being wasted on the system partition. I'm actually very surprised that no one has ever released a rom with this fixed.
I've tried using parted, but my ADB Install is messed up something major and I cant track down that problem. Reinstalled ADB hasn't fixed it. Its largely a PC problem on my end; a problem I'm dragging my feat going and trying to fix. This is an issue I REALLY wish I could use PC tools for :-\. I've done these changes a thousand times on Windows based machines, but never on a Linux based OS.
Now that I think about it, maybe I should try doing this from the terminal prompt in TWRP. I just wish the keyboard in TWRP didn't suck :-\.
Other Thoughts:
Beyond those very vexing bugs, I have to honestly say that I feel like this experience on this rom is vastly superior to that of the stock Samsung Experience. Sure, these issues are vexing, but I'm also seeing much less system overhead (CPU usage, RAM usage) with this Rom then anything else outside of Lineage.
Update
Here's an update for everyone who might be interested:
The last couple of week's I spent an ENORMOUS amount of time trying to track down as much as I can to get this ROM to work as intended.
For those interested, I've developed a completely new spreadsheet describing everything that's bloatware versus needed items:
https://goo.gl/emTvgX
This spreadsheet will probably be handy for EVERYONE working on Samsung related devices. When its a little more clean, I'll throw it some place better; but since this is specific towards this device, I'll keep it here for now.
It describes everything in /system/app/ and /system/priv-app/ in Samsung's default install and which of those items are actually needed for a 100% clean Android Experience.
I've also rolled through the architecture and have cleaned a lot of "junk" out of the system. Overall, I've pulled it the system from around 1.3 gb installed all the way down to about 800 mb and still feel confident I can trim more out of it.
I've also made it a point to install as much updated system apps as possible. Its been a game of juggling Google, Samsung and other ROM apps to find what works. In general, there are only one major programs left that are Samsung based in any way and that's the Samsung Phone Service app; which seems like its required to interface with the specific hardware on the phone. I've tracked down a number of native Google teleservice.apk-s and none have worked to date.
I am, sadly, still having the aforementioned problems:
- Contacts won't sync despite being able to connect to the contact services and seeing what backups are available. Manual restores work and updating contacts TO the server works now.
- The Power Button turns off the device immediately. The problem resides in a configuration somewhere that's telling the "Power" function to not bring up the power menu. The power menu is in the system, but appears to be renamed or something. I'm having trouble tracking this down. For documentation sake, in theory you should be able to just go to /system/usr/keylayout/General.kl and edit button 116, but that doesn't work.
- The phone is still locked into "Factory Mode". Various documentation says that if you go to /efs/FactoryData/factorymode and edit the contents to "ON", it should resolve this issue, but it doesn't. I feel that the problem resides in the CSC folder and EFS folder, but I haven't gotten around to testing yet. I suspect if you swap the CSC and EFS folders out and set all the correct permissions it might fix that. As it stands now, however, its only a minor inconvenience.
Overall, there's a lot more junk to sift through on the last two problems. The first problem I am kind of stumped on.
If you want to download the ROM and look at it or run it, you can follow the below link. It's currently setup with my "trouble shooting environment" making key places to tinker with easily accessible.
DOWNLOAD HERE:
https://goo.gl/MuPqE3
@LighthammerX
Im very grateful for this site where we can come and learn from one another. I just wanted to say thanks for taking time to work on this device and then sharing your findings. I've been using my on5 for 2 months now after other device died. I'm in the process of moving now but once I'm done with that I'm going to scope out this bad boy and see if I can figure out a few things. Appreciate you sharing your information with us all. Cheers.
Sent from my on5ltemtr using XDA Labs
Thanks. I'm glad to see there's some interest here. IMHO, with the right setup, this little phone is actually a very nice device today.
I actually took a lot of what I learned from hack this ROM apart and applied it to Super Starz to get it running a lot cleaning as my daily runner until/if I get these few bugs figured out.
Personally, I think the most valuable thing I've been learning is just how bloated Samsung Devices truly are out of the box.
I'm going to go ahead and dump my progress log here too so you guys can see what I've been toiling with in hopes someone has some specific feedback on issues and if I am in the right place or not:
https://goo.gl/CEGCx9
As of the writing of this post, I'm virtually confident any problems I am experiencing has nothing to do with /efs/ or /system/csc/.
I've found some inconsistencies in /etc/ and in a few other directories in /system/.
I still wonder if there isn't a init.d file I haven't tracked down yet, but personally I find folder compares faster and easier to try to normalize then I do init.d files.
When it comes to folder compares, I can do a fast reboot and see if things break. When it comes to lines of code, I have to do a bulk of edits, reboot and hope for the best.
Just as an FYI, I plan on completely rewriting the OP when things are at a place where things work.
For anyone following the thread, the Downloads Section has been updated.
This seems really interesting ? I've been trying to find a good ROM for a while with little success, so hopefully this might be the one. I just have one question: what are the differences between the Google and Diagnostics versions of this ROM?