EFS backup/restore for G355HN - Samsung Galaxy Core

This topic has allready been answered here, but since lot of users need this this is a brief :
Here it is:
It's a modified version of win bash shell.
It uses adb for doing things.
Must have rooted device
adb shell must be granted su access !
Backup_EFS.bat creates a backup and post some usefull infos about current EFS.
Code:
----------------------------------------------------------------
Backup EFS by StratOS - press any key to start
----------------------------------------------------------------
Press any key to continue . . .
----------------------------------------------------------------
Starting Galaxy Core 2 EFS backup
Needed rooted device !
Grant adb shell root access
Plugin phone with USB Cable
USB debuging must be enabled !
Backup made in internal SDCard too - Main Storage
----------------------------------------------------------------
* daemon not running. starting it now on port 5037 *
* daemon started successfully *
Found :
samsung
SM-G355HN
StratOS rom v1.1
Checking superuser access (#root ; 0:0 context=u:r:init:s0)
Current ID :
uid=0(root) gid=0(root) context=u:r:init:s0
----------------------------------------------------------------
EFS INFOS :
----------------------------------------------------------------
drwxrwxr-x system system u:object_r:unlabeled:s0 FactoryApp
-rw-r--r-- system system u:object_r:efs_file:s0 applied_sdcard_poli
cies
drwxrwxr-x radio system u:object_r:unlabeled:s0 bluetooth
drwxrwxr-- drm system u:object_r:efs_file:s0 drm
drwxrwxr-x radio system u:object_r:unlabeled:s0 imei
drwx------ root root u:object_r:efs_file:s0 lost+found
drwxrwxr-x radio system u:object_r:unlabeled:s0 wifi
----------------------------------------------------------------
IMEI :
notvisiblenowhe!
----------------------------------------------------------------
Bluetooth MAC:
20:6E:9C:95:FE:03!
----------------------------------------------------------------
WIFI MAC:
20:6E:9C:95:FE:04!
----------------------------------------------------------------
HARDWARE VERSION:
MP 0.401 !
----------------------------------------------------------------
MPS CODE:
SIO!
----------------------------------------------------------------
... Backup efs image to /sdcard ...
5120+0 records in
5120+0 records out
20971520 bytes transferred in 0.697 secs (30088263 bytes/sec)
... Pulling efs image from /sdcard ...
2676 KB/s (20971520 bytes in 7.651s)
----------------------------------------------------------------
EFS Backup created :C:\1\EFS\mmcblk0p14
----------------------------------------------------------------
* Please write down those infos, they are vital for restore *
----------------------------------------------------------------
Press any key to continue . . .
Restore_EFS.bat restores the backup ( file mmcblk0p14 !)
Code:
----------------------------------------------------------------
x : Exit
r : Restore
================================================================
Choice :r
----------------------------------------------------------------
EFS backup file exists
... Pushing it to /sdcard
2969 KB/s (20971520 bytes in 6.896s)
... Writting EFS block
5120+0 records in
5120+0 records out
20971520 bytes transferred in 1.395 secs (15033347 bytes/sec)
... Rebooting ...
... Backup Restored !
Press any key to continue . . .
While making backup it creates also backup on Main Storage ( mmcblk0p14 ).
While making restore it also makes a backup in Main Storage ( mmcblk0p14.efs).
If u use a EFS backup/restore to be made in recovery I could also make that too if u want.
Download :
http://forum.xda-developers.com/attachment.php?attachmentid=3252462&d=1428523634
How to: Extract zip to Windows machine, run mentioned batched files.

imei 0000000000/01
After flash a custom rom imei is 00000000000/1 of both sims please help me ????? :crying:

I formatted my phone
And the backedup data in form of md5 was also deleted.
And when i flashed a custom rom it shows boot loop.
My phone Doesn't satarts and only stuck in bootloop.
Can you send me a Backedup md5 file.
So i can restore it and let my phone to work.
Please
Email me at [email protected]

Related

[Q] [P3100] wrong device flash /efs /modem /recovery corrupted

Hi every one!
I made a huge mistake yesterday evening: i flashed Zip's through CWM that don't belong to my p3100 but to i705.
According to MrHyde03, the files i destroyed were those partitions:
(p3100) /modem emmc /dev/block/mmcblk0p8 (TZ on i705)
(p3100) /efs ext4 /dev/block/mmcblk0p1 (MODEM on i705)
(p3100) /recovery emmc /dev/block/mmcblk0p6 (RPM on i705)
I Flashed those 3 files (!! DON'T DO IT !!):
MrHyde03 said:
a. TZ - Trust Zone VRBLL2_tz.zip
b. NON-HLOS - Modem VRBLL2_modem.zip
c. RPM - Resource Power Management -OPTIONAL-Some say it helps battery. I can't tell a difference. VRBLL2_rpm.zip
Click to expand...
Click to collapse
in the b-c-a order.
Now my phone boot lock: i can access download mode, recovery, can flash and run CWM.
I tried to flash stock odin rom, with pit and repartition for 16gb p3100.
Same results whatever the rom: it runs up to the animated logo, then show the logo forever. (no boot loop).
I guess /recovery is fine because i can enter and flash recoverys.
I guess /modem is fine because i flashed a p3100 JB modem and CWM said "DONE".
I guess is still have a partition problem with /efs
Fortunately: i made a adb copy of my whole /efs folder when i had my p3100...
My problem may be what CWM 6.3.0.0 (philz touch version) says:
W: failed to mount /dev/block/mmcblk0p1 /efs ext4 (invalid argument)
Error mounting /efs!
This is why i can't push anything into /efs: it is volatile and cleaned after each reboot.
Should i start odin and hit the infamous and dangerous "clear phone efs" button ?
Thanks a lot for your help.
You can try, but you should have a EFS backup, without a backup of your EFS don't doing this I have googled you Failure, think you must go to the repair center.
Dexxmor said:
You can try, but you should have a EFS backup, without a backup of your EFS you should not doing this I have googled you Failure, think you must go to the repair center.
Click to expand...
Click to collapse
I have a full /efs copy from month ago. Thank to my dropbox account they are safe.
I figured out that busybox and mke2fs are available through adb shell...
I used adb shell:
mke2fs -t ext4 /dev/block/mmcblk0p1
My phone BOOTS UP ! Yeah !
Next step: restore my /efs folder files content:
Tried to adb push my whole directory into /efs => files copied OK but /efs still empty after reboot.
/efs mount correctly, and mmcblk0p1 pass e2fsck OK.
Now trying to restore my files through efs professional
According to this thread i need to flash an empty EFS partition image in order for my files to STAY in /efs after each reboot.
EFS pro did the job of providing a well formatted /efs folder (every files,owner,group and rights were set) through its "clean efs" feature. (DON'T USE IT IF YOU HAVEN'T your OWN EFS BACKUP)
Now, i have to hand pick every files of my backup, and put them back in place in /efs...
FYI, the correct structure of /efs directory:
PHP:
drwxrwxr-x root root 2013-03-29 12:35 .files
-rwx------ radio radio 1048576 2013-03-29 12:35 .nv_core.bak
-rwx------ radio radio 32 2013-03-29 12:35 .nv_core.bak.md5
-rwx------ radio radio 2097152 2013-03-29 12:35 .nv_data.bak
-rwx------ radio radio 32 2013-03-29 12:35 .nv_data.bak.md5
drwxr-xr-x system system 2013-03-29 12:35 FactoryApp
drwxrwxr-x radio system 2013-03-29 12:35 bluetooth
drwxrwxr-x radio system 2013-03-29 12:35 imei
-rw------- radio radio 276 2013-03-29 12:35 nv.log
-rwx------ radio radio 2097152 2013-03-29 14:52 nv_data.bin
-rwx------ radio radio 32 2013-03-29 14:52 nv_data.bin.md5
drwxrwxr-x radio system 2013-03-29 12:35 wifi
I have restored all .nv_core and .nv_data files. They resist a phone reboot.
However, files nv_data.* are reseted to new content every phone reboot.
I wonder if i should plug my simcard back or if i should wait to know more: i already had issue with my phone operator's "network security team" and do not want to explain again what i messed up in my phone...
... 5 minutes later ...
nv_data.bin and nv_data.bin.md5 do not seems to be central to geting my imei back. Like this is writen everywhere: .nv_data.bak was !
So: i deleted nv_data*. Rebooted. i checked my rom imei (through phone command *#06#) against my real imei (micro-writen on back of device)... THEY MATCH !
i plugged my simcard back in, rebooted... and my rom doesn't ask for sim-card pin. What's the problem now ?
I think i need to check my modem...
Was just reading a post yesterday about someone flashing the wrong thing to their device. It's a different device but may steer you in the right direction.
http://forum.xda-developers.com/showthread.php?t=1448765
Hope this helps, good luck
I've already done what's he said. repartition, reflash, formatted my corrupted /efs folder.
Only then i was able to boot a stock rom.
Then i fixed my efs folder and my imei.
Now i'm wondering why my phone doesn't ask for my simcard pin.
So i tried cm10.1 installation procedure:
Flashed philz touch recovery
wiped data and system through recovery
installed JB SBL
installed CM10.1
installed gapps
... YEAH !!!!
CM10.1 28/03 booted, asked me my sim pin code.
Hspda+ icon appear, my phone is safely back to normal operation.
Thank you MrHyde03 for your support,
Thank you all for your time reading my adventure and trying to help.
Maybe the story will different if you have a backup of /efs in raw format. Try in recovery:
Code:
mke2fs -t ext4 -b 4096 -L EFS /dev/block/mmcblk0p1
mount -t ext4 /dev/block/mmcblk0p1 /tmp
Open a new terminal window to push your /efs backup to /tmp.
Please confirm your command output:
Code:
ls -l /dev/block/platform/omap/omap_hsmmc.1/by-name/
lrwxrwxrwx root root 2013-03-29 21:37 CACHE -> /dev/block/mmcblk0p7
lrwxrwxrwx root root 2013-03-29 21:37 DATAFS -> /dev/block/mmcblk0p10
lrwxrwxrwx root root 2013-03-29 21:37 EFS -> /dev/block/mmcblk0p1
lrwxrwxrwx root root 2013-03-29 21:37 FACTORYFS -> /dev/block/mmcblk0p9
lrwxrwxrwx root root 2013-03-29 21:37 HIDDEN -> /dev/block/mmcblk0p11
lrwxrwxrwx root root 2013-03-29 21:37 KERNEL -> /dev/block/mmcblk0p5
lrwxrwxrwx root root 2013-03-29 21:37 MODEM -> /dev/block/mmcblk0p8
lrwxrwxrwx root root 2013-03-29 21:37 PARAM -> /dev/block/mmcblk0p4
lrwxrwxrwx root root 2013-03-29 21:37 RECOVERY -> /dev/block/mmcblk0p6
lrwxrwxrwx root root 2013-03-29 21:37 SBL1 -> /dev/block/mmcblk0p2
lrwxrwxrwx root root 2013-03-29 21:37 SBL2 -> /dev/block/mmcblk0p3
Don't panic!
just download Odin and flash stock rom (google it)
Everything will be normal. You should get your device like how your get in factory reset/hard reset. :good:
how can I get efs.img
I have the same problem where my efs folder got error, but I don't backup the efs, where I can got the efs.
Thank you
doloop said:
I have a full /efs copy from month ago. Thank to my dropbox account they are safe.
I figured out that busybox and mke2fs are available through adb shell...
I used adb shell:
mke2fs -t ext4 /dev/block/mmcblk0p1
My phone BOOTS UP ! Yeah !
Next step: restore my /efs folder files content:
Tried to adb push my whole directory into /efs => files copied OK but /efs still empty after reboot.
/efs mount correctly, and mmcblk0p1 pass e2fsck OK.
Now trying to restore my files through efs professional
Click to expand...
Click to collapse
Do i need to change something for my p3110 ?
doloop said:
I have a full /efs copy from month ago. Thank to my dropbox account they are safe.
I figured out that busybox and mke2fs are available through adb shell...
I used adb shell:
mke2fs -t ext4 /dev/block/mmcblk0p1
My phone BOOTS UP ! Yeah !
Next step: restore my /efs folder files content:
Tried to adb push my whole directory into /efs => files copied OK but /efs still empty after reboot.
/efs mount correctly, and mmcblk0p1 pass e2fsck OK.
Now trying to restore my files through efs professional
Click to expand...
Click to collapse
plz can you upload ur full /efs copy , i need it dude.
coz i get IMEI null and i didn`t make backup of EFS partition
Safy4u said:
plz can you upload ur full /efs copy , i need it dude.
coz i get IMEI null and i didn`t make backup of EFS partition
Click to expand...
Click to collapse
Sorry you can't.
/efs is my personnal imei, so i'm afraid your phone is dead, and your samsung device is now wifi only.

[HOWTO] Solution to fix SystemUI crash loop

Solution to fix SystemUI crash loop
Hi,
i was able to fix the SystemUI crashing loop on my moto g xt1032
via LogCat i found these two errors:
Code:
E/QSEECOMAPI: ( 6008): Error::Cannot open the file /vendor/firmware/keymaster/keymaster.mdt
E/QSEECOMAPI: ( 6008): Error::Cannot open the file /firmware/image/keymaste.mdt
There are just symlinks in /vendor/firmware/keymaster/
Code:
lrw-r--r-- root root 2015-03-04 14:26 keymaster.b00 -> /firmware/image/keymaster.b00
lrw-r--r-- root root 2015-03-04 14:26 keymaster.b01 -> /firmware/image/keymaster.b01
lrw-r--r-- root root 2015-03-04 14:26 keymaster.b02 -> /firmware/image/keymaster.b02
lrw-r--r-- root root 2015-03-04 14:26 keymaster.b03 -> /firmware/image/keymaster.b03
lrw-r--r-- root root 2015-03-04 14:26 keymaster.mdt -> /firmware/image/keymaster.mdt
so we need to look into /firmware/image/.. and we don´t find any of these files in there. That´s a problem.
Lucky me i found those files in my backups.. since i don´t know, what these files contain, i´m not able to upload them for you. maybe secret data.. maybe device specific data.. i don´t know..
so you have to find yourself the correct files in your backup?
as there seems to be a typo anywhere (take a deep look at the second error message!) we also need a file called keymaste.mdt..
i just copied keymaster.mdt and renamed it to keymaste.mdt
files i copied to /firmware/image/ are:
Code:
keymaster.b00
keymaster.b01
keymaster.b02
keymaster.b03
keymaster.mdt
keymaste.mdt
to do so, you have to remount the folder as writeable
adb shell "mount -o rw,remount /firmware"
Click to expand...
Click to collapse
then copy those files.. and reboot
Code:
adb push keymaster.b00 /firmware/image
adb push keymaster.b01 /firmware/image
adb push keymaster.b02 /firmware/image
adb push keymaster.b03 /firmware/image
adb push keymaster.mdt /firmware/image
adb push keymaste.mdt /firmware/image
if your device is absolutly clean installed.. you can´t connect via adb.. because you can´t accept the adb connection on your device..
to connect via adb just boot into twrp recovery.. in twrp press "mount" and disable mtp file transfer.. and now your are able to use adb in twrp
twrp does not mount /firmware.. so we have to do this manually by:
mount -t ext4 -o,rw /dev/block/platform/msm_sdcc.1/by-name/modem /firmware
Click to expand...
Click to collapse
now we are able to use adb push to copy those files like discribed above..
anyone know what these files are for?
whats inside those files?
where to get them?
why is this a problem for systemui?
why isn´t this fixed in cyanogenmod since more than a half year?
maybe anyone is able to verify this:
i downloaded another stock rom (asia xt1033 dualsim).. to extract those keymaster files of it.. and surprise.. those files have same md5 hash, as my files.. that means, those stock files are exactly the same as my files.. so its not a problem for me to upload them.. here you will get a double-click solution to repair SystemUI Crash =)
you need:
adb and adb driver on your windows system
adb access on your moto-g..
if your device is absolutly clean installed.. you can´t connect via adb.. because you can´t accept the adb connection on your device while the systemui crash hides the confirm window.. it is indeed possible.. but very painfull way to get there (usb debugging, etc. must be enabled too).. there is a better solution:
to connect via adb just boot into twrp recovery.. in twrp press "mount" and disable mtp file transfer.. and now you are able to use adb in twrp​
attach your moto-g to your computer
extract the archive (attached to this posting) to whatever folder you want on your windows machine (it is nothing to install via recovery/sideload!!!)
doubleclick one of these coresponding files:
1systemui.fix.bat <- this is your choice if you are able to do adb connection in cyanogenmod
2systemui.fix.bat <- this is your choice if you are in twrp recovery
what this tool will do:
remount /firmware as writeable..
pushing all keymaster files to /firmware/image on your device..
that´s it.. nothing special.. nothing creepy..
systemUI-Crash should be fixed now..
to properly remount /firmware, just reboot device..
sometimes adb can´t recognize your device.. when this happens.. the "tool" is waiting.. and waiting.. and waiting.. stocks at this point:
Code:
* daemon not running. starting it now on port 5037 *
* daemon started successfully *
to fix this just plug the usb-cable of your device out.. and back in.. maybe several times.. untill you see something like this:
Code:
adbd is already running as root
29 KB/s (180 bytes in 0.006s)
1282 KB/s (6568 bytes in 0.005s)
1987 KB/s (16280 bytes in 0.008s)
57 KB/s (176 bytes in 0.002s)
941 KB/s (6748 bytes in 0.007s)
1647 KB/s (6748 bytes in 0.004s)
###########################################
# #
# press any key to reboot your device #
# #
###########################################
bitcoin donations are welcome =)
1EkpEyRuZqHF1Bcuv6dsUKQT9v8a43zbjc

[GUIDE|HOW-TO|ROOT] Cube iWork 10 i15-TCL - Root / Recovery / Boot.img [WIN|LINUX]

Code:
*** Disclamer
* Your warranty is now void.
*
* We are not responsible for bricked devices, dead SD cards,
* thermonuclear war, or you getting fired because the alarm app failed. Please
* do some research if you have any concerns about features included in this ROM
* before flashing it! YOU are choosing to make these modifications, and if
* you point the finger at us for messing up your device, we will laugh at you.
Hi guys and girls, as you may know it's pretty easy to find here on xda but on other forums (techablets for example) info and files for rooting this tablet, but who has the TCL variant /which is Dual Boot Type C one) will only find outdates files and complex guides; that's the reason why - after spending a lot of time on bootloops and fails trying to figure how the hell modify the boot.img) I finally decided to share what I found here.
First thing first: this guide collects, improves and updates how-to from Laura of techtablets; I also want to thanks @jetfin and @master.pumpgun (aka Tom on techtablets) - they know why!
I will basically divide this guide per two: first section is READY TO FLASH, where you'll find my own boot.img (from and ONLY for the latest available stock build); before flashing this image file PLEASE be sure to check if your version is the same I had when preparing the image; also you should absolutely check the MD5 of all the files you will download from here:
check MD5 on any Linux distro by simply typing
Code:
md5sum /path/to/file/file
on Windows you could maybe use this tool: WinMD5
The second section is DO IT YOURSELF, and it's for users with a different kernel/build version from mine. I'll try to eventually update the boot.img if we will receive any new OTA, which I think will never happen. I'll write the second section as soon as possible, but I can speed work up if requested and if Cube updates
- - - - - - - - - - -​
---> READY TO FLASH
Code:
PLEASE NOTE
While the general procedure here reported remains
always correct, the files provided in this part of the
guide - specially the modified boot.img may not work
into your device is the kernel and build version are different
from the one I had, so please go to Settings, About tablet
and check if your specs meet mine:
[B]Model[/B] i15-TCL
[B]Kernel[/B] 3.14.37-x86_64-L1-R517 [email protected] #1
Sat May 7 17:02:18 CST 2016
[B]Build[/B] i15-TCL_V1.0_20160507
If you want to root your i15-TCL there's an high chance you would not need nothing more than backup your data, install drivers and adb/fastboot tools and flash file you will download here! BUT you need to have the same kernel and build as I had when prepared the boot.img file, which is the latest at the moment I'm writing. If you know about a newer version lease notify me and I'll try to process it again.
Last but not least, please note that is a pretty long and detailed Guide, I tried to explain and illustrate every single step, also covering some very common issues you may have, so please don't blame on me if it's a long story to read, I'm sure that a few newbies will appreciate
First thing to do is to backup data you want to restore because we need to unlock the bootloader (unfortunately there's no way to achieve the root without that, I tried everything I could but it's not possible). Also a general backup of all your partitions (both Windows both Android) could help and make you feel more comfortable. To backup partition please refer this thread on techtablets: The big threads of how-tos. Windows users could also have to install the proper Intel driver attached to end of the post.
Once you did that install adb/fastboot:
if you use Windows you can use this tool;
if you use a Linux distro please check if the package android-tools (more info here is available for your distro, otherwise you may have to install the official Android SDK (info about that here; no need Android Studio).
Into your tablet go to Settings / About tablet and press 7 times the Build number fields to enable Developer options; now go Back and tap the new voice Developer option: be sure that the main switch is ON and so the OEM unlocking and the USB debugging ones.
Connect your tablet to your PC, open the command prompt or a Linux shell and type
Code:
adb devices
you should receive an output like
Code:
adb devices
List of devices attached
* daemon not running. starting it now on port 5037 *
* daemon started successfully *
0123456789ABCDEF device
If not, please please stop and check previous steps, but also:
If you use Linux and you see a udev error about permissions you have two solutions: one is running the adb/fastboot by root/sudo, another one is to let udev correctly recognize your idVendor and so your device (always prefer this last way, if possible!), which you can do by following this great mini tutorial on StackOverflow
If you use Windows 64bit try to install the driver attached below; don't know if they are also available for 32bit.
Now you have the basic stuff prepared and you are ready to go to fastboot/bootloader, so this is the last time you could check if your build is the same I had, so please do it if you missed that step before. Once more, the info you read from Settings / About tablet have to be
Code:
[B]Model[/B] i15-TCL
[B]Kernel[/B] 3.14.37-x86_64-L1-R517 [email protected] #1
Sat May 7 17:02:18 CST 2016
[B]Build[/B] i15-TCL_V1.0_20160507
Into your command prompt or shell type
Code:
adb reboot-bootloader
Your device will now go to fastboot mode. You can use your Volume Down / Volume Up to move choose menu commands and Power button to pick one. At the moment you don't need to pick any, so check if you have these two lines in red:
Code:
[COLOR="Red"]SECURE BOOT - disabled
LOCK STATE - unlocked[/COLOR]
If you have these exact lines you can jump to step10. My bootloader (and also Tom one) was already unlocked; others people reported it was locked, I guess it depends from where we bought the device. So, if your bootloader has those two red lines (which means the bootloader is already unlocked) go to step 10. If you have similar lines but in white and with different text, go to next step
CAUTION: this will permanently erase your userdata partition, which is where you store the applications and their data; you may also have there downloads, music, videos and photos so BE SURE you updated your relevant stuff!! If want to go further type into your command prompt/shell
Code:
fastboot devices
and check if you have the right output, that is
Code:
0123456789ABCDEF fastboot
If so, go on by typing:
Code:
fastboot oem unlock
This will erase your data and finally unlock the bootloader. you'll see something like that
Code:
...
OKAY
[ 0.162s] finished. total time: 0.162s
Now reboot the bootloader: move between the menu with the Volume rockers and press Power when you selected the Restart bootloader command. Wait for reboot, choose Android and you are on bootloader / fastboot mode again. Now you should absolutely have those two lines in red from step 6.
Download modified boot.img rootboot_mod.img and once finished PLEASE CHECK THE MD5 of the file: it should ABSOLUTELY match this one: 53cc4b08b123489e7c73cb013742f35d
Type on command prompt/shell
Code:
fastboot flash boot /path/to/your/file/rootmod_boot.img
Let the magic happen!
Now download the custom TWRP recovery (courtesy of @vampirefo), check if MD5 is correct (3c05a8704f5a77e20a45364c7a822a2b) and flash it with
Code:
fastboot flash recovery /path/to/your/file/i15_recovery.img
Use the Volume rockers to pick the Recovery mode command and press Power to go to recovery. Swipe to allow modification, go to Mount and tap the System checkbox
Download the latest SuperSu recovery flashable version available here, check the MD5 reported in that page and then from your tablet in recovery tap Advanced and then Adb Sideload. Swipe to let sideload mode start and type into your command prompt / shell (and change the path /opt/android-sdk/platform-tools/ with the path where YOU installed adb/fasboot)
Code:
adb sideload /path/to/your/file/supersu_file_you_downloaded.zip
If you are on Linux and you have udev permissions issues again when sideloading proceed like that
Code:
cd /opt/android-sdk/platform-tools
su
Password:
[email protected]*********:/opt/android-sdk/platform-tools# ./adb kill-server
[email protected]*********:/opt/android-sdk/platform-tools# ./adb start-server
* daemon not running. starting it now on port 5037 *
* daemon started successfully *
[email protected]*********:/opt/android-sdk/platform-tools# ./adb devices
List of devices attached
0123456789ABCDEF sideload
[email protected]*********:/opt/android-sdk/platform-tools# ./adb sideload /path/to/your/file/supersu_file_you_downloaded.zip
If you have issues on Windows or still having issues on Linux you can always copy the SuperSu zip to a USB Pen and attach the pen to the tablet using the OTG cable or paste the file to a micro SD.
Reboot your device and it's done!
Doing that instead of using the well know root.bat is much better - IMHO - because we don't have to reboot the device two times and we don't have to uninstall SuperSu and flash a new version to update binaries (SuperSu it is not able to update the binaries by itself, nor by recovery nor by app. Also remember that when a new version os SuperSU will be available: Open SuperSu app, go to Settings and tap on Reinstall. Wait for it to finish and shut down the device. Go to bootloader (or use adb when the device is still on), download latest updated flashable SuperSu zip and flash via recovery).
DOWNLOADS SECTION
rootmod_boot.img
i15_recovery.img
- - - - - - - - - - -​
---> DO IT YOURSELF
WARNING: to do that you need a Linux machine / Virtual machine!
First, be sure to have adb and fastboot working; if issues read the first section for common solutions; you should also have already unlocked your bootloader.
If you did not create a dd backup of your partition I recommend once again to do that; you should at least backup android_boot, android_recovery, android_system (but also consider android_bootloader and android_bootloader2). Please note that to check partition in a human readable mode you can use
Code:
adb shell
ls -las /dev/boot/by-name/*
Now we should create our working folders environment; you can do that by yourself or follow my suggstions.
Open a terminal as normal user; you should be in your home folder; launch the following commands one by one
Code:
mkdir -p Android/iWork10/_working/ ; cd Android/iWork10
mkdir _stockimg ; cd _stockimg
adb shell
su
dd if=/dev/block/by-name/android_boot of=/sdcard/boot.img
cd /sdcard/
md5sum boot.img > bootmd5
exit
please note that you could have to execute the exit command 2 times; just be sure to go back to your terminal into your
Code:
/home/USER/Android/iWOrk10/_stockimg
if su is still not available try to dd the same; for me the bootloader was already unlocked and I had no issue to create the dd image
Then
Code:
adb pull /sdcard/boot.img
adb pull /sdcard/bootmd5
and check if MD5 is OK with
Code:
md5sum -c bootmd5
if error recreate the boot image file, if OK go on.
Now we need to download and extract the Android Bootimg Tools; click this link and save it into the
Code:
/home/USER/Android/
folder; once downloaded (the file it's less than 8 kB) we'll extract the two file in the _working dir so to have all the stuff organized; please note that it's important to keep files organized because we'll decompress and re-compress the boot partition and the kernel it contains; if we don't move files appropriately unneeded stuff could go into the kernel! So please try to understand the process or to follow my steps
Code:
cd ../_working/
tar -zxvf ../../android_bootimg_tools.tar.gz
mkdir bootimg
./unpackbootimg -i ../_stockimg/boot.img -o bootimg/
As you can see we unpacked the stock boot.img to the folder bootimg we just created..
Now let's extract the ramdisk, that is where we were pointing from the start..
Code:
cd bootimg ; mkdir ramdisk ; cd ramdisk
gunzip -c ../boot.img-ramdisk.gz | cpio -i
Now if you are familiar with nano or pico terminal continue on terminal to apply the following mods, otherwise open your file manager to the ramdisk folder, then open the default.prop file and change
Code:
ro.secure=1
to
Code:
ro.secure=0
Save and close the editor.
Open the init.rc file and change
Code:
service media /system/bin/mediaserver
class main
user [COLOR="Red"]media[/COLOR]
to
Code:
service media /system/bin/mediaserver
class main
user [COLOR="Red"]root[/COLOR]
Please note here that if your bootloader was unlocked without your intervention you could have already user root (I had). In that case just leave as it is and close, otherwise save and close.
Go back to your terminal, you should still be into the ramdisk folder, if not navigate with cd to go to that folder and then
Code:
find . | cpio -o -H newc | gzip > ../newramdisk.cpio.gz
Now we have our new ramdisk; at this point we need to open the boot.img-cmdline file that is located into the bootimg folder and copy its content, then go back to the terminal; the terminal should be still in ramdisk folder, so
Code:
cd ..\..\
and we are into the _working folder.
Now the last command, that you CANNOT simply copy and paste. The command is something like that (hold on, don't execute it)
Code:
./mkbootimg --kernel bootimg/boot.img-zImage --ramdisk bootimg/newramdisk.cpio.gz --cmdline 'CONTENT OF YOUR boot.img-cmdline CONTENT HERE; PUT IT BETWEEN SINGLE ' BOTH AT THE START BOTH AT THE END' -o root_boot.img
Please note the double -- for kernel, ramdisk and cmdline options (while single - for -o that stays for output) and also note the single ' peaks that contain the boot.img-cmdline content.. So in my case it will be:
Code:
./mkbootimg --kernel bootimg/boot.img-zImage --ramdisk bootimg/newramdisk.cpio.gz --cmdline 'loglevel=5 androidboot.hardware=cht_cr_mrd_w firmware_class.path=/system/etc/firmware i915.fastboot=1 memmap=4M$0x5c400000 vga=current i915.modeset=1 drm.vblankoffdelay=1 enforcing=0 androidboot.selinux=permissive console=ttyS0,115200n8 bootboost=1 pm_suspend_debug=1 pstore.backend=ramoops' -o ../root_boot.img
BUT PLEASE DON'T COPY AND PASTE THIS ONE; JUST USE YOUR boot.img-cmdline FILE (I'm pretty sure they are identical but cannot be sure, SO USE YOURS)
If the command doesn't give errors or the standard output that describe the usage of a linux command (so like usage: mkbootimg --kernel <filename> --ramdisk <filename> - this means you missed something) we are done, we just need to flash it and root. So we now have our modified boot image which will let the tablet boot a rooted OS without bootloop.
If you haven't do it already go to download latest Recovery Flashable zip of SuperSU from SuperSu webpage and the custom TWRP recovery for this device that you find in the first section (also check MD5) and copy both to your internal of external sdcard (if you are not familiar with sideload)
Reboot your device to bootloader with
Code:
adb reboot-bootloader
Once it's there,
Code:
fastboot flash boot /home/USER/Android/iWork10/root_boot.img
fastboot flash recovery /path/where/you/downloaded/recovery.img
Now use the volume rockers to pick RECOVERY MODE option and press the Power button. The device will boot the TWRP recovery; allow system modifications when asked and finally flash the SuperSu zip file you downloaded and copied to the tablet (or use adb sideload /path/to/supersu/into/your/pc/supersufile.zip)
You may need to adjust settings in TWRP (timezone and language), then reboot the system and you should have rooted your i15-TCL!
It's easy, isn't it?
PLEASE NOTE: If you have errors like adb, fastboot not recognizing your device, don't ask but read the other section where I explain the most common solution for Windows and Linux; same if you don't find links for recovery, SuperSU or other read the first section, thanks!
- - - - - - - - - - -​
THANKS
@jetfin for providing a lot of goodies that saved my ****** last month (wish you all the best for the next future mate!)
@master.pumpgun (aka Tom on techtablets - amazing guy! :good
@vampirefo for custom TWRP for this device
Laura - for all the info she's made available for this device
Great job mate!
It seems very analytical and very useful for people who need a step by step guide.
Unfortunately it requires a full wipe of user data, so for now I am not willing to try this guide.
Sent from my i15-TCL using Tapatalk
RASTAVIPER said:
Great job mate!
It seems very analytical and very useful for people who need a step by step guide.
Unfortunately it requires a full wipe of user data, so for now I am not willing to try this guide.
Sent from my i15-TCL using Tapatalk
Click to expand...
Click to collapse
Well, I feel you, unlocking is always annoying but there are apps which let you backup everything.
I couldn't live without root + Link2SD into the cube!
Thanks for the nice words ?
Inviato dal mio Nexus 7 utilizzando Tapatalk
Hi brainvison,
it`s a nice, correct and clear tutorial, many thanks.
Only one question
Fortunately I have an unlocked bootloader, then I`ll do it from step 10, but I have a same kernel and build version (3.14.37/x86_64-L1-R517 and V1.0) but the date of this version is different (20160913).
What do you suggest, try it? Or could you help me to create a new version of the boot.img, please?
Nice regards
Peter
brainvision said:
Code:
PLEASE NOTE
While the general procedure here reported remains
always correct, the files provided in this part of the
guide - specially the modified boot.img may not work
into your device is the kernel and build version are different
from the one I had, so please go to Settings, About tablet
and check if your specs meet mine:
[B]Model[/B] i15-TCL
[B]Kernel[/B] 3.14.37-x86_64-L1-R517 [email protected] #1
Sat May 7 17:02:18 CST 2016
[B]Build[/B] i15-TCL_V1.0_20160507
Click to expand...
Click to collapse
​
rpeter said:
Hi brainvison,
it`s a nice, correct and clear tutorial, many thanks.
Only one question
Fortunately I have an unlocked bootloader, then I`ll do it from step 10, but I have a same kernel and build version (3.14.37/x86_64-L1-R517 and V1.0) but the date of this version is different (20160913).
What do you suggest, try it? Or could you help me to create a new version of the boot.img, please?
Nice regards
Peter
Click to expand...
Click to collapse
both kernel and build dates are different, aren't them?
I'll try to write the missing section as soon as possible, don't worry..
In the meantime could you please check a few things that could help to understand a few things?
If your bootloader is unlocked you should have no issue doing that; assuming you already have adb working, open a terminal and execute this commands (just "read" commands, no mods here)
Code:
adb shell
uname -a
cat default.prop
If errors try to execute adb root (this does NOT root, it just use adb as root user, it should work with the unlocked bootloader) before adb shell and if possible please report me the output from unameand cat
EDIT: also my advice is to backup your system partitions so to able to go back to stock if needed; at least partitions
Code:
android_boot
android_bootloader
android_bootloader2
android_recovery
android_system
To do that you could check Laura's thread from techtablets or use
Code:
dd if=/dev/by-name/your_partition of=/sdcard/your-partition.img
the if= option is where you choose the partition to backup while the of= one is the resulting file that will be created (an image .img file)
If you agree you could also upload those somewhere on the cloud so we could use them, too, it would be interesting to see what changes.. Naturally the partition I suggested do not contain any personal file, no worry about that (your data is on the android_userdata - or _data, don't remember the name here).
EDIT2: you'll need a Linux machine to mod your boot.img partition, do you have one?
brainvision said:
both kernel and build dates are different, aren't them? yes, both of the are the same date:20160913
the build.prop is:
Code:
[email protected]:/system # cat build.prop
# begin build properties
# autogenerated by buildinfo.sh
ro.build.id=LMY47I
ro.build.display.id=i15-TCL_V1.0_20160913
ro.build.version.incremental=eng.softteam.20160913.102513
ro.build.version.sdk=22
ro.build.version.codename=REL
ro.build.version.all_codenames=REL
ro.build.version.release=5.1
ro.build.version.security_patch=2016-03-01
ro.build.version.base_os=
ro.build.date=Tue Sep 13 10:26:20 CST 2016
ro.build.date.utc=1473733580
ro.build.type=userdebug
ro.build.user=softteam
ro.build.host=pdd-build
ro.build.tags=release-keys
ro.build.flavor=cht_cr_mrd_w-userdebug
ro.product.model=i15-TCL
ro.product.brand=i15-TCL
ro.product.name=cht_cr_mrd_w
ro.product.device=i15-TCL
ro.product.board=i15-TCL
# ro.product.cpu.abi and ro.product.cpu.abi2 are obsolete,
# use ro.product.cpu.abilist instead.
ro.product.cpu.abi=x86
ro.product.cpu.abilist=x86,armeabi-v7a,armeabi
ro.product.cpu.abilist32=x86,armeabi-v7a,armeabi
ro.product.cpu.abilist64=
ro.product.manufacturer=i15-TCL
ro.product.locale.language=en
ro.product.locale.region=US
ro.wifi.channels=
ro.board.platform=gmin
# ro.build.product is obsolete; use ro.product.device
ro.build.product=cht_cr_mrd_w
# Do not try to parse description, fingerprint, or thumbprint
ro.build.description=cht_cr_mrd_w-userdebug 5.1 LMY47I eng.softteam.20160913.102513 release-keys
ro.build.fingerprint=intel/cht_cr_mrd_w/cht_cr_mrd_w:5.1/LMY47I/softteam09131026:userdebug/release-keys
ro.build.characteristics=tablet
# end build properties
#
# ADDITIONAL_BUILD_PROPERTIES
#
ro.dalvik.vm.isa.arm=x86
ro.enable.native.bridge.exec=1
sys.powerctl.no.shutdown=1
dalvik.vm.heapstartsize=8m
dalvik.vm.heapgrowthlimit=100m
dalvik.vm.heapsize=174m
dalvik.vm.heaptargetutilization=0.75
dalvik.vm.heapminfree=512k
dalvik.vm.heapmaxfree=8m
ro.opengles.version=196609
ro.setupwizard.mode=OPTIONAL
ro.com.google.gmsversion=5.1_r1
ro.gnss.sv.status=true
ro.hwui.texture_cache_size=24.0f
ro.hwui.text_large_cache_width=2048
ro.hwui.text_large_cache_height=512
drm.service.enabled=true
keyguard.no_require_sim=true
ro.com.android.dataroaming=true
ro.com.android.dateformat=MM-dd-yyyy
ro.config.ringtone=Ring_Synth_04.ogg
ro.config.notification_sound=pixiedust.ogg
ro.carrier=unknown
ro.config.alarm_alert=Alarm_Classic.ogg
persist.sys.language=zh
persist.sys.country=CN
persist.sys.timezone=Asia/Shanghai
persist.sys.dalvik.vm.lib.2=libart.so
dalvik.vm.isa.x86.features=sse4_2,aes_in,popcnt,movbe
dalvik.vm.lockprof.threshold=500
net.bt.name=Android
dalvik.vm.stack-trace-file=/data/anr/traces.txt
# begin fota properties
ro.fota.platform=IntelZ3735F_5.1
ro.fota.id=mac
ro.fota.type=pad_phone
ro.fota.oem=hampoo-cherrytrail_5.1
ro.fota.device=i15-TCL
ro.fota.version=i15-TCL_V1.0_20160913
# end fota properties
[email protected]:/system #
I'll try to write the missing section as soon as possible, don't worry..
Many thanks
Code:
adb shell
uname -a
cat default.prop
the adb root and the cat is ok, but the uname is not found
the output of the cat is:
Code:
127|[email protected]:/ # cat default.prop
#
# ADDITIONAL_DEFAULT_PROPERTIES
#
ro.sf.lcd_density=240
ro.frp.pst=/dev/block/by-name/android_persistent
persist.intel.ogl.username=Developer
persist.intel.ogl.debug=/data/ufo.prop
persist.intel.ogl.dumpdebugvars=1
ro.ufo.use_msync=1
ro.ufo.use_coreu=1
wifi.interface=wlan0
persist.service.apklogfs.enable=1
persist.core.enabled=0
ro.secure=1
ro.allow.mock.location=0
ro.debuggable=1
ro.modules.location=/lib/modules
ro.dalvik.vm.native.bridge=libhoudini.so
persist.sys.usb.config=mtp,adb
persist.nomodem_ui=true
ro.zygote=zygote32
dalvik.vm.dex2oat-Xms=64m
dalvik.vm.dex2oat-Xmx=256m
dalvik.vm.image-dex2oat-Xms=64m
dalvik.vm.image-dex2oat-Xmx=64m
[email protected]:/ #
EDIT: also my advice is to backup your system partitions so to able to go back to stock if needed; at least partitions
Code:
android_boot
android_bootloader
android_bootloader2
android_recovery
android_system
All of my partitions expect the largest one(maybe windows) were backed up to sd with dd
If you agree you could also upload those somewhere on the cloud so we could use them, too, it would be interesting to see what changes.. Naturally the partition I suggested do not contain any personal file, no worry about that (your data is on the android_userdata - or _data, don't remember the name here).
I will upload it to somewhere, but which partitions are you need (i don't no clearly, how can I determinate, which partition is the boot, bootloader, ...)
the outputs of the /proc/partitions are the following:
Code:
[email protected]:/ # cat /proc/partitions
major minor #blocks name
254 0 102400 zram0
179 0 61071360 mmcblk0
179 1 102400 mmcblk0p1
179 2 102400 mmcblk0p2
179 3 30720 mmcblk0p3
179 4 30720 mmcblk0p4
179 5 1024 mmcblk0p5
179 6 16384 mmcblk0p6
179 7 2621440 mmcblk0p7
179 8 262144 mmcblk0p8
179 9 8388608 mmcblk0p9
179 10 1024 mmcblk0p10
179 11 8192 mmcblk0p11
179 12 102400 mmcblk0p12
179 13 16384 mmcblk0p13
179 14 48361472 mmcblk0p14
179 15 1024000 mmcblk0p15
179 48 4096 mmcblk0rpmb
179 32 4096 mmcblk0boot1
179 16 4096 mmcblk0boot0
179 64 15671296 mmcblk1
179 65 15667200 mmcblk1p1
253 0 2600764 dm-0
maybe the *p3 is the bootloader, the *p14 is the windows, maybe the *p9 included the data and *p7 is the system, but don't know, which one is the boot, bootloader2, recovery
EDIT2: you'll need a Linux machine to mod your boot.img partition, do you have one?
Click to expand...
Click to collapse
yes, I have, a debian.
One question, if we have any problem with the upload the modified bootloader, how can i restore the old one (how can I upload (which method, adb, fastboot, or the phone flash?) an original bootloader, if we have a problem with the modded bootloader)
Have you link(s) with the full original windows and andoid image of the i15-tcl? I found to i15-t, i15-td, but not for this version...
Nice regards
Peter
i have the same software version as rpeter. When i first boot in fastboot my bootloader was unlocked and secure boot was disabled. Itried flash twrp and it was succesful. Next i downloaded superSu zip from official website and i flashed it. After reboot i stuck at bootlogo. Can you share me a system image to restore?
The mmcblk0p9 partition is the system? I will share it as soon as possible.
07 is system. 09 is data partition.
https://drive.google.com/file/d/0B_QRR9kog1iZQ2ZaNzdZenQ4MkE/view?usp=sharing
@rpeter I'll read your long reply asap, now just want to tell you that to check partition in a human readable way you should use
Code:
ls -las /dev/block/by-name/*
the partition I would like you to share are
Code:
android_boot
android_bootloader
android_bootloader2
android_system
android_recovery
when using dd of course as I told you can directly point to that name convention (which are nothing but symbolic link) so
Code:
dd if=/dev/block/by-name/android_boot of=/sdcard/android_boot.img
this is for the boot partition, the other the same..
also please before uploading to cloud check the MD5 so we could verify it before installing
are you sure you wrote uname -a the right way? It's weird you don't have it...
About restoration, you could use fastboot in future, I tried it by myself.. the most important are
Code:
fastboot flash boot boot.img
fastboot flash recovery recovery.img
fastboot flash system system.img
I don't think we'll ever need the two bootloader restoration, it's just to go extremely safe but I still don't find a reason to flash them.. But backup anyway!
EDIT: please note the .img extension for the of= part of the dd command!
@boberq sorry for your issue but I have to say that it was obvious: it's not plenty of guides and how-to about this tablet but the few available are also easy to find, and they all clearly state that you need to modify the boot image before rooting, otherwise as you know now, bootloop!
so, if you guys need to immediately root you can send me the boot.img file and I do it for you, otherwise you can wait and do it by yourself - I'm going to write the how-to right now, it should be ready for tomorrow, I guess..
EDIT and yes, we don't have any full restoation image like for other variants, I asked them on Twitter https://twitter.com/CubeHeping (it seems this is their official account that I found via www.51cube.com) - please do the same, maybe they will listen to us
I flashed i15 td rom and it works without auto rotation. If rpeter share images i want flashthe stock.
---------- Post added at 12:52 PM ---------- Previous post was at 12:44 PM ----------
I flashed a i15td rom and everything is fine without auto rotate. Rpeter please share boot and system images, they help me to restore the stock rom.
Ps After first boot if i want enter to recovery , it show red triangle with green android. There was any recovery.
boberq said:
I flashed i15 td rom and it works without auto rotation. If rpeter share images i want flashthe stock.
---------- Post added at 12:52 PM ---------- Previous post was at 12:44 PM ----------
I flashed a i15td rom and everything is fine without auto rotate. Rpeter please share boot and system images, they help me to restore the stock rom.
Ps After first boot if i want enter to recovery , it show red triangle with green android. There was any recovery.
Click to expand...
Click to collapse
stock recovery is not a real recovery there.. Red triangle is the right thing.. BUT if you flashed the custom TWRP with
Code:
fastboot flash recovery recovery.img
you should have noticed that the process failed.. I don't remember the exact output but you should have seen FAILED instead of SUCCESS. If flash succeed you also need stock recovery, I guess, otherwise it should still bootloop after system restore..
@brainvision
Has anything changed about rooting?
I remember that the process was involving resetting in order to unlock bootloader, etc
Sent from my m1 note using Tapatalk
RASTAVIPER said:
@brainvision
Has anything changed about rooting?
I remember that the process was involving resetting in order to unlock bootloader, etc
Sent from my m1 note using Tapatalk
Click to expand...
Click to collapse
nope, and it never will in that direction..
you should definitively make a backup, the more you'll wait the worst it'll be!
I flashed twrp and from it i want flash supersu and i get bootloop. After this i flashed i15td rom andeverything works fine. So can i flash boot,recovery and system image and get stock without root? Or should i flash it using intel flash tool?
boberq said:
I flashed twrp and from it i want flash supersu and i get bootloop. After this i flashed i15td rom andeverything works fine. So can i flash boot,recovery and system image and get stock without root? Or should i flash it using intel flash tool?
Click to expand...
Click to collapse
you can flash them with fastboot indeed and then root again, I finished writing my how-to, I'm formatting it and update the first post in an hour max..
Never looked at Intel Flash Tool, I don't know if it permits the flash of a single partition or if you need a full image provided by OEM, can't help with that..
So i'm waiting for original images from rpeter and i'm goind to flash it. I have a twrp backup with original 20160913 firmware but after bootloop. I can sare it but i think it isnt usefull.
PS
Brainvision , can you share me your original partition images for i15TCL from May? I think it will repair my autorotation.
boberq said:
So i'm waiting for original images from rpeter and i'm goind to flash it. I have a twrp backup with original 20160913 firmware but after bootloop. I can sare it but i think it isnt usefull.
PS
Brainvision , can you share me your original partition images for i15TCL from May? I think it will repair my autorotation.
Click to expand...
Click to collapse
I do NOT recommend you to flash that because you will completely mess things up, having boot, recovery and kernel with a build date and system with a different one! You went to fast on rooting your device without reading stuff, now I suggest you to wait for @rpeter images - but anyway here it is system.img https://mega.nz/#!YBdw1bIT!GibOWLBNyXAhwEiEdXIV3JKKdMM9gXzLIYvppKn0Bgs
EDIT: guys I updated OP with the missing sectioon, please click thanks if you find it useful..
@rpeter before rooting remember to backup partition with dd, then upload when you can but backup before rooting!
if you have suggestion for the guide or you think something is not so clear please tell me that I'll try to improve..
brainvision, boberq, I'm so sorry, yesterday is one of my longest working day...
My gdrive is currently full, bu I created a dedicated place for yours in my server.
The link is: http://rpeter.dyndns.info/xda
user: xda_users
pwd: i15-tcl
It's included all partitions compressed and uncompressed version expect p9 and p14 (data and windows) and the md5 checksum file.
The output of the "identification" is here:
Code:
127|[email protected]:/ # ls -las /dev/block/by-name/*
lrwxrwxrwx root root 2016-11-12 12:21 Basic_data_partition -> /dev/block/mmcblk0p14
lrwxrwxrwx root root 2016-11-12 12:21 EFI_system_partition -> /dev/block/mmcblk0p12
lrwxrwxrwx root root 2016-11-12 12:21 Microsoft_reserved_partition -> /dev/block/mmcblk0p13
lrwxrwxrwx root root 2016-11-12 12:21 android_boot -> /dev/block/mmcblk0p3
lrwxrwxrwx root root 2016-11-12 12:21 android_bootloader -> /dev/block/mmcblk0p2
lrwxrwxrwx root root 2016-11-12 12:21 android_bootloader2 -> /dev/block/mmcblk0p1
lrwxrwxrwx root root 2016-11-12 12:21 android_cache -> /dev/block/mmcblk0p8
lrwxrwxrwx root root 2016-11-12 12:21 android_config -> /dev/block/mmcblk0p11
lrwxrwxrwx root root 2016-11-12 12:21 android_data -> /dev/block/mmcblk0p9
lrwxrwxrwx root root 2016-11-12 12:21 android_metadata -> /dev/block/mmcblk0p6
lrwxrwxrwx root root 2016-11-12 12:21 android_misc -> /dev/block/mmcblk0p5
lrwxrwxrwx root root 2016-11-12 12:21 android_persistent -> /dev/block/mmcblk0p10
lrwxrwxrwx root root 2016-11-12 12:21 android_recovery -> /dev/block/mmcblk0p4
lrwxrwxrwx root root 2016-11-12 12:21 android_system -> /dev/block/mmcblk0p7
[email protected]:/ #
I will put it somewhere fastest place, when I have enough time to do it
Nice regards
Peter
rpeter said:
brainvision, boberq, I'm so sorry, yesterday is one of my longest working day...
My gdrive is currently full, bu I created a dedicated place for yours in my server.
The link is: http://rpeter.dyndns.info/xda
user: xda_users
pwd: i15-tcl
It's included all partitions compressed and uncompressed version expect p9 and p14 (data and windows) and the md5 checksum file.
The output of the "identification" is here:
Code:
127|[email protected]:/ # ls -las /dev/block/by-name/*
lrwxrwxrwx root root 2016-11-12 12:21 Basic_data_partition -> /dev/block/mmcblk0p14
lrwxrwxrwx root root 2016-11-12 12:21 EFI_system_partition -> /dev/block/mmcblk0p12
lrwxrwxrwx root root 2016-11-12 12:21 Microsoft_reserved_partition -> /dev/block/mmcblk0p13
lrwxrwxrwx root root 2016-11-12 12:21 android_boot -> /dev/block/mmcblk0p3
lrwxrwxrwx root root 2016-11-12 12:21 android_bootloader -> /dev/block/mmcblk0p2
lrwxrwxrwx root root 2016-11-12 12:21 android_bootloader2 -> /dev/block/mmcblk0p1
lrwxrwxrwx root root 2016-11-12 12:21 android_cache -> /dev/block/mmcblk0p8
lrwxrwxrwx root root 2016-11-12 12:21 android_config -> /dev/block/mmcblk0p11
lrwxrwxrwx root root 2016-11-12 12:21 android_data -> /dev/block/mmcblk0p9
lrwxrwxrwx root root 2016-11-12 12:21 android_metadata -> /dev/block/mmcblk0p6
lrwxrwxrwx root root 2016-11-12 12:21 android_misc -> /dev/block/mmcblk0p5
lrwxrwxrwx root root 2016-11-12 12:21 android_persistent -> /dev/block/mmcblk0p10
lrwxrwxrwx root root 2016-11-12 12:21 android_recovery -> /dev/block/mmcblk0p4
lrwxrwxrwx root root 2016-11-12 12:21 android_system -> /dev/block/mmcblk0p7
[email protected]:/ #
I will put it somewhere fastest place, when I have enough time to do it
Nice regards
Peter
Click to expand...
Click to collapse
great work mate!
Thanks a lot. As you may have read I updated the OP with the new section, hope you'll find useful and clear enough, if not don't hesitate to ask, it will be a pleasure to help and to improve the how-to

[Guide] [XT16XX] [Solve] Moto G4/Plus IMEI=0 issue

Important:
Now since Official Oreo is out, you can simply update to Official Oreo via fastboot and your IMEI will be restored.
This method will not work if you have restored other device's persist from some Youtube video or some Internet guide.
Read post #3 if you have restored some other persist and do not have a backup of your original persist.
For those who can't read this much, here is a better guide for you:
Hello everyone, this is a guide for solving the problem for IMEI = 0 on Moto G4/Plus which is caused after flashing stock ROM.
I got this problem last week and was constantly researching for the solution to this problem for the past 5 days and finally, I was able to get my IMEI back on my Moto G4 Plus (XT1643).
Note: I will be using stock firmware and stock ROM interchangeably in this thread as a lot of people consider it the same so don't get confused since I am by no means referring to the /firmware partition.
There are two common and major problems which occur while flashing custom/stock ROMs:
1. IMEI = Unknown and Baseband = Unknown
2. IMEI = 0
1st Problem:
Reason: You flashed the firmware/stock ROM which wasn't meant for your device.
Solution: Flash the firmware which is made for your device like XT1621 or XT1643, etc.
2nd Problem:
This is a major problem and there are two reasons for this:
1. Mess up your persist partition.
2. fastboot erase all command.
If your problem is caused by the first reason, it might be possible to fix it.
However, if the problem is caused by the second reason, I'm sorry I don't know if a solution to this problem exists.
Firstly you need to check if your device still has IMEI intact or not. For that use the following command through fastboot in the bootloader mode:
Code:
fastboot getvar imei
If the command returns an IMEI, it means that the IMEI is not completely lost and it can be recovered.
However, if the command returns IMEI as 0, then there are two reasons:
1. Either you flashed the bootloader that wasn't meant for your device. This can be solved by flashing the correct bootloader which is made for your device again by the command:
Code:
fastboot flash bootloader bootloader.img
2. If you have flashed the correct bootloader that is meant for your device and facing this issue, I'm sorry I don't think there is a solution to this problem. This problem is either caused by fastboot erase all command (which erases everything like IMEI from the device's motherboard or the place where IMEI is permanently stored) or some hardware issue.
Here is a little explanation:
Device specific or device unique IDs are stored in a separate place in the device like the motherboard or some other place which I am unaware of.
When EFS partition is created, it picks up the IMEI from that unique place in the device like the motherboard (or some other place which I am unaware of) where the IMEI is stored.
On every reboot, EFS partition is checked and if it does not exists, the Android system by default creates it.
When we flash stock ROM, we use the following commands:
Code:
fastboot erase modemst1
fastboot erase modemst2
These commands wipe the EFS partition and on rebooting, EFS partition is recreated.
But, in some cases, the EFS partition is not able to regenerate IMEI or the Android system is unable to recreate it and so we are left with IMEI = 0.
Here is a detailed explanation regarding this issue:
NZedPred said:
4) Explanation
4a) What happened to persist.
To understand what happened, you need to know a few things about filesystem permissions in Linux. Files and folders have user and group ownership, and permissions. Examples of owners are the system, root, user, etc. Examples of permissions are read access, write access, execute access. The permissions are applied at three levels 1) the user, 2) the group, 3) everyone else.
@rachitrawat's investigation into the failures showed that the issue was relating to the persist partition, specifically some files dhob.bin etc that are under the rfs sub folder in this partition. Under stock, these files/folders are owned by a user called rfs, and have group ownership under a group also called rfs. Additionally, the permissions on these files/folders are limited - only the rfs user can read/write/execute these files. Other users, groups, or everyone else, cannot access the files.
There was a change in the Oreo roms. If you flash and boot into an Oreo rom, and you look at the permissions/ownership, you will see that a user and group oem_2951 owns the rfs folder, and a group oem_2952 owns the hlos_rfs folder. Now this is a different name, but on its own, a different name does not mean different ownership.
In Linux, all users and groups are assigned an ID, i.e. a number. So something happened in lineage that changed the user IDs that are applied to the rfs folder.
If you look at the ownership of persist files/folders within TWRP, you will see that a STOCK PERSIST has the owner of the rfs folder as rfs_old. Similarly in TWRP, a LINEAGE PERSIST has the owner of the rfs folder as rfs. So TWRP is seeing owners differently again to stock and Lineage. Trying to run the above commands in TWRP will not fix the issue, as it will use ID 2951 for the user rfs, but we need it to be 3012 in stock (which TWRP sees as rfs_old).
In addition to the rfs folder, there is also another folder that is impacted - hlos_rfs. Its user owner is rfs, but its group owner if rfs_shared. A stock rfs_shared is shown as rfs_shared_o in TWRP. It appears that this folder is not as important in getting the IMEI back, but I have included the commands to restore ownership, to ensure there are no future errors.
4b) What happened to IMEI.
Despite the issue above, many people who flashed Oreo roms would have had no problems (other than I guess, bugs in the roms themselves). The change of ownership of the rfs folder didn't change the actual file content, so essentially all is intact. In fact, I verified that my dhob.bin and other files had the same md5sum in stock and lineage persist.
The issue of the IMEI changing to zero has only happened when people have flashed Stock roms. All of the guides that I have seen, have included the following commands (and equivalent commands have been included in the TWRP flashable stock builds as well):
Code:
fastboot erase modemst1
fastboot erase modemst2
The partitions modemst1 and modemst2 are your EFS. Normally, if your persist is pure stock, if either is erased, the modem re-creates them. But, referring to the above about permissions, if the rfs user (which is presumably used by the modem) cannot access the files (because the owner of the files is someone else, and the permissions on the files mean that only the owner can access them), then the modem cannot recreate the EFS, and the IMEI is left as zero.
Click to expand...
Click to collapse
------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------​
Solution:
I have made a youtube video for this which just shows how to fix the issue and does not goes into explanation of the problem as well as the solution. Here is the link: Moto G4/G4 Plus IMEI=0 fix
Pre-requisites:
You must be on Stock Nougat 7.0
You must be rooted (install Elemental-X kernel first and then flash Magisk otherwise you will have boot issues)
You must be on your own persist
Terminal app or adb drivers in PC/Laptop
------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------​
Step 1: Check if there is a problem with persist
Note: The below commands are to be typed in a terminal app or adb shell.
Q) How to type in adb shell?
A) Open command prompt in the folder where you have adb and fastboot installed and type:
Code:
adb shell
So lets start now!
Code:
su
This command it to get root access for the terminal/shell. Grant the root access and you will see that the $ symbol is replaced with # symbol which means that root access has been granted.
Code:
ls -l /persist
If your presist has some problem, then you can see the following as the output.
Code:
athene_f:/ # ls -l /persist
total 176
drwxrwx--- 2 system system 4096 2018-10-21 07:40 alarm
drwxr-xr-x 2 mot_pwric mot_pwric 4096 1969-12-31 19:02 batt_health
drwxrwx--- 2 bluetooth bluetooth 4096 2017-01-12 03:35 bluetooth
drwxr-xr-x 2 mot_tcmd bluetooth 4096 1969-12-31 19:02 bt
drwxr-xr-x 4 mot_tcmd mot_tcmd 4096 1969-12-31 19:02 camera
drwxr-xr-x 2 root root 4096 2016-07-31 00:43 coresight
drwx------ 5 system system 4096 2017-01-12 05:21 data
drwxrwx--- 2 system graphics 4096 1969-12-31 19:02 display
drwxrwx--- 2 system system 4096 1969-12-31 19:02 drm
drwxr-xr-x 4 mot_tcmd mot_tcmd 4096 1970-01-01 06:48 factory
[COLOR="red"]drwxrwx--- 3 2951 2952 4096 1969-12-31 19:02 hlos_rfs[/COLOR]
drwx------ 2 root root 4096 1969-12-31 19:00 lost+found
drwxrwx--- 2 radio radio 4096 2016-08-04 20:26 mdm
drwxrwx--- 3 system system 4096 2017-11-09 16:30 misc
drwxrwx--- 2 system system 4096 1970-02-11 17:39 properties
drwxr-xr-x 8 mot_tcmd mot_tcmd 4096 1969-12-31 19:02 public
[COLOR="red"]drwx------ 6 2951 2951 4096 1969-12-31 19:02 rfs[/COLOR]
drwxrws--- 2 mot_tpapi mot_tpapi 4096 2016-11-17 16:38 security
drwxrwxr-x 2 system system 4096 2016-07-31 00:43 sensors
drwxrwx--- 2 system system 4096 2018-09-10 18:13 time
drwxr-xr-x 2 mot_tcmd mot_tcmd 4096 1969-12-31 19:02 wifi
drwxrwxr-x 2 mot_drm mot_drm 4096 1969-12-31 19:02 wmdrm
athene_f:/ #
You can see system instead of these red number if you flash Soak Test before flashing Stock ROM, so no worries, as the process will remain the same.
As it can be seen in the red part, the owner of rfs folder is a number (2951) which means that the system is unable to identify its real owner.
Also the owner of hlos_rfs folder is a number too (2952) which also means that the system is unable to identity its real owner.
------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------​
Step 2: Check for the key persist files
Code:
find /persist -type f
If you run the above command, you will see something similar to this:
Code:
athene_f:/ # find /persist -type f
/persist/coresight/qdss.agent.sh
/persist/coresight/qdss.config.sh
/persist/coresight/qdss.functions.sh
/persist/sensors/sensors_settings
/persist/data/sfs/6lgxCka66cxdsueYeHhCqx+j1DI_
/persist/data/sfs/VsxbuQew8Rbt0TRZjDAX8S9tV+M_
/persist/data/sfs/KfLHQpS5zKuygZcMelQOTtWzBvw_
/persist/data/sfs/R9+zCYj56-AHybZuQCWLm2H46E4_
/persist/data/sfs/NjJIuGH0j7kE08PFwp1yw+BminY_
/persist/data/sfs/7pU6SoXdsBUbDsxRiZOHNIjPVtw_
/persist/data/sfs/yLawqeQeY8AQGJmo46PVJbfYVxY_
/persist/data/tz/tz_counter
/persist/data/tz/tz_counter.bak
/persist/data/app_g/wv_usage
/persist/camera/focus/offset_cal
/persist/camera/ledcal/rear
/persist/factory/audio/temp
/persist/factory/audio/cnt
/persist/factory/audio/acc
/persist/factory/audio/f0
/persist/factory/audio/ref_diff
/persist/factory/fti
/persist/public/hiddenmenu/data/mobile_data_rx
/persist/public/hiddenmenu/data/mobile_data_tx
/persist/public/hiddenmenu/data/wifi_data_rx
/persist/public/hiddenmenu/data/wifi_data_tx
/persist/public/hiddenmenu/data/factoryreset_time
/persist/public/hiddenmenu/data/activation_date
/persist/public/hiddenmenu/life_calls
/persist/public/hiddenmenu/life_timer
/persist/security/18.bin
/persist/mdm/oma_dm_update
/persist/.bt_nv.bin
/persist/rfs/shared/server_info.txt
/persist/rfs/msm/mpss/datablock/id_00
/persist/rfs/msm/mpss/datablock/id_01
/persist/rfs/msm/mpss/server_check.txt
[COLOR="Red"]/persist/rfs/msm/mpss/dhob.bin
/persist/rfs/msm/mpss/shob.bin[/COLOR]
[COLOR="Green"]/persist/rfs/msm/mpss/dhob.bin.bak[/COLOR]
/persist/rfs/msm/adsp/server_check.txt
/persist/bluetooth/.bt_nv.bin
/persist/time/ats_1
/persist/time/ats_2
/persist/time/ats_12
/persist/time/ats_13
/persist/time/ats_15
/persist/time/ats_16
/persist/.twrps
athene_f:/ #
Note: The key files here are dhob.bin, shob.bin, id_00 and id_01.
Your IMEI is stored in id_00 (first IMEI) and id_01 (second IMEI)
dhob.bin and shob.bin are responsible to create the EFS partition.
Note: If you do not have dhob.bin.bak, you will still be able to get your IMEI back (tested and confirmed working on Moto G4 Plus(athene)), however if you have some other device like Moto G5 Plus(potter) or Moto G5s Plus(sanders), you cannot get your IMEI back with this method however trying won't hurt.
------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------​
Step 3: Fix the your persist
For this step, there is also a TWRP flashable zip file which will fix the persist. So for those who do not want to type the commands manually, you can simply flash the zip file (Tested and working).
Downloads:
Link: https://www.androidfilehost.com/?fid=11410963190603873125
md5: 5aac75092fc84f46dd5c6bd443df0748
These commands will restore the owners of rfs and hlos_rfs folder back to their respective original owners (rfs and rfs_shared):
Code:
chown -R rfs:rfs /persist/rfs
chown -R rfs:rfs_shared /persist/hlos_rfs
Alternatively, you can also type:
Code:
chown -R 3012:3012 /persist/rfs
chown -R 3012:3013 /persist/hlos_rfs
You will see no output on typing the first command, however, you may or may not see any output after typing the second command (there was an output shown on my device but not on the other tested devices). I'm sorry I don't have that output stored, if someone who can see it, please repond so the thread can be updated.
3012 is infact the id for rfs folder and 3013 is the id for hlos_rfs folder so instead of typing their names, you can also type their ids.
Now, to check if the owners of rfs and hlos_rfs have been set back to their original ones, type this command:
Code:
ls -l /persist
If everything went fine, you should be able to see the following output:
The below output will be seen on a perfectly fine persist as well
Code:
athene_f:/ # ls -l /persist
total 176
drwxrwx--- 2 system system 4096 2018-10-21 07:40 alarm
drwxr-xr-x 2 mot_pwric mot_pwric 4096 1969-12-31 19:02 batt_health
drwxrwx--- 2 bluetooth bluetooth 4096 2017-01-12 03:35 bluetooth
drwxr-xr-x 2 mot_tcmd bluetooth 4096 1969-12-31 19:02 bt
drwxr-xr-x 4 mot_tcmd mot_tcmd 4096 1969-12-31 19:02 camera
drwxr-xr-x 2 root root 4096 2016-07-31 00:43 coresight
drwx------ 5 system system 4096 2017-01-12 05:21 data
drwxrwx--- 2 system graphics 4096 1969-12-31 19:02 display
drwxrwx--- 2 system system 4096 1969-12-31 19:02 drm
drwxr-xr-x 4 mot_tcmd mot_tcmd 4096 1970-01-01 06:48 factory
[COLOR="red"]drwxrwx--- 3 rfs rfs_shared 4096 1969-12-31 19:02 hlos_rfs[/COLOR]
drwx------ 2 root root 4096 1969-12-31 19:00 lost+found
drwxrwx--- 2 radio radio 4096 2016-08-04 20:26 mdm
drwxrwx--- 3 system system 4096 2017-11-09 16:30 misc
drwxrwx--- 2 system system 4096 1970-02-11 17:39 properties
drwxr-xr-x 8 mot_tcmd mot_tcmd 4096 1969-12-31 19:02 public
[COLOR="red"]drwx------ 6 rfs rfs 4096 1969-12-31 19:02 rfs[/COLOR]
drwxrws--- 2 mot_tpapi mot_tpapi 4096 2016-11-17 16:38 security
drwxrwxr-x 2 system system 4096 2016-07-31 00:43 sensors
drwxrwx--- 2 system system 4096 2018-09-10 18:13 time
drwxr-xr-x 2 mot_tcmd mot_tcmd 4096 1969-12-31 19:02 wifi
drwxrwxr-x 2 mot_drm mot_drm 4096 1969-12-31 19:02 wmdrm
athene_f:/ #
As you can see here that the owner of rfs folder is rfs folder and the owner of hlos_rfs folder is rfs_shared folder, the problem has been resovled.
Reboot your device and the problem should be fixed and you will be able (hopefully) to get your IMEI back by either typing *#06# in phone dialer or in Settings>About Phone>Status>IMEI Information.
On rebooting, the system will check for the EFS folder and since it didn't exist earlier, it will be recreated by the system and therefore you will get your IMEI back.
------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------​
A huge thanx to NZedPred, rachitrawat, for doing in depth research in this problem and coming up with a solultion.
Also, I would like to thank Tyrantre who did a lot of research for this problem and has posted the workaround which was tried here in this thread here: Diag Mode with G4 for QPSD? which finally lead me to NZedPred's below thread as I could understand what was the problem due to which IMEI was set to 0 and why Diag mode wouldn't work.
Note: This thread was made with the help of the following guide which is confirmed to be working on Moto G5 Plus (potter) Fix Persist, resolve IMEI=0, Volte, 4G, Explanation, Requirements.
Note: This guide is made for G4/Plus and I have hardly done anything to fix this problem apart from making this thread, so all credits go to the respective owners who did research in this problem. This guide should work on other Motorola devices too as we aren't focusing on device-specific fixes that will only work on Moto G4 Plus.
Refer post #2 for fixing other issues faced after recovering IMEI.
Some Common Issues:
Here are the issues observed after recovering IMEI:
Sim card detected but no network
Baseband version changed
Volte not working
If you have any one of the above-mentioned problems, there is a specific thread made for those problems. Refer to this thread: [Guide] [XT16XX] [Solve] G4+ Baseband/Network/Volte issue, Lost 1 IMEI & fingerprint
Please discuss any issues related to the above-mentioned problems in the above-provided thread (link).
If you have any other issues apart from the issues mentioned above, discuss them here.
--------------------------------------------------------------------------​
Complete Backup Zip/Script (All partitions):
Now since you have faced this issue, make sure to take a complete backup of all the partitions so that if you ever face an issue like this in future, you will always have your partitions with you to restore your device.
Here is the link to the thread to take complete backup of all partitions: [Guide] [XT16XX] Moto G4/Plus Complete Partition Backup/Restore Zip/Script
The above thread can backup/restore using TWRP flashable zip files for convenience.
There are a few youtube videos and internet guides which tells you to restore somebody else's persist file. That persist file is same in the Youtube video as well as those Internet guide (I have checked them).
Persist is unique to each and every device and using somebody else's persist on your device will never work.
IMEI is stored in /persist/rfs/msm/mpss/datablock directory where there are two files named as id_00 and id_01.
id_00 contains your 1st IMEI and id_01 contains your second IMEI.
The persist (from those guide and youtube videos) lacks id_00 and id_01 and since you restored that persist, you have those files missing as well. Those files are unique to every device anyways so if you try to restore a persist which has those files, it won't work too as your device's IMEI is different altogether.
The only possible fix that comes to my mind is by manually editing the persist file.
On comparing both the files in a hex editor, it is found that both of them are completely same except from memory address/location 00000028 to 000000C7.
This makes me think that IMEI is stored between those memory locations.
Furthermore, the first 14 digits of IMEI are stored from 00000028 to 0000002F in a different manner.
This is how it is stored,
Lets take a sample random IMEI: 3 12 34 56 78 90 12 34
This will be stored as following: 3A 21 43 65 87 09 21 03
Code:
3A [COLOR="Black"]21[/COLOR] [COLOR="DarkRed"]43[/COLOR] [COLOR="Red"]65[/COLOR] [COLOR="Magenta"]87[/COLOR] [COLOR="Sienna"]09[/COLOR] [COLOR="DarkOrange"]21[/COLOR] [COLOR="DarkOliveGreen"]03[/COLOR]
3 [COLOR="black"]12[/COLOR] [COLOR="darkred"]34[/COLOR] [COLOR="red"]56[/COLOR] [COLOR="magenta"]78[/COLOR] [COLOR="sienna"]90[/COLOR] [COLOR="darkorange"]12[/COLOR] [COLOR="darkolivegreen"]34[/COLOR]
The first set of hex numbers is what is stored in id_00 and id_01
The second set of hex numbers is what the actual IMEI is.
As you can clearly notice the difference via colors that the digits are getting flipped. The persist is storing the last digit 4 in some different way.
Why is there a letter A in the start just after 3, I found that it means that the last digit of IMEI stored in persist is 0. And that makes sense to as when you flip the last two digits i.e 03, you indeed get 30 which indicates the last digit is 0.
I don't think I need to mention this, but if you have a dual sim device, the first thirteen digits of IMEI are same and only the last two digits are different.
Now, this makes me conclude that the last digit of actual IMEI is stored in some way in the rest of the id_00 and id_01. And since most of the content in both the files are same, we just have to compare the part which is different as that part has that last digit of the two IMEIs stored.
I can't upload the contents of my IMEI for obvious reasons. If we are able to find the pattern in which the last digit is stored inside those files, then I think we can edit them and it should solve the problem for those people. Of course, editing and putting on somebody else's IMEI in those files wouldn't work either as we have already tried replacing the entire id_00 and id_01 (infact entire working persist) but the IMEI still remains 0.
Perhaps there is someplace (not talking about fastboot imei) where IMEI is stored as well, and while generation of EFS, that place and the persist are checked together and if the IMEIs in both the places match, you get your IMEI and if not, then it knows that IMEI has tampered and hence it doesn't work.
This might be too dangerous as people could edit their IMEI and put on somebody else's IMEI and can create problems, but as I mentioned above, it doesn't work as you will need to have your own IMEI in persist.
Update: Thanx to @NZedPred for correcting me. Even on deleting id_00 and id_01, and then eraseing EFS, we still get our IMEI.
I also tried changing the first digit of dhob.bin file while keeping id_00 and if_01 intact and then erased EFS, but didn't get my IMEI.
So, dhob.bin is the one which is responsible for IMEI creation and I am not able to understand anything inside dhob.bin.
I am sorry, but I was already trying beyond my capabilities earlier by using many internet sources as reference and it was just by chance that I stumbled upon id_00 and id_01. I am going to stop here for now, as this stuff goes beyond my current capabilities. If I ever get to know anything, I will update it here so that if anybody else would like to continue, they could do it.
I am sorry I tag you here, @echo92, @strongst, @NZedPred, @rachitrawat. This is what I was able to find out. I request you to read this post, and please help if you can. Thank You.
If you run the ls -l /persist command on android P ROM (which is causing this IMEI issue), this is the output you get:
Code:
athene:/ # ls -l /persist
total 88
drwxrwx--- 2 system system 4096 1970-01-10 08:37 alarm
drwxr-xr-x 2 vendor_mot_pwric vendor_mot_pwric 4096 1970-01-01 01:01 batt_health
drwxrwx--- 2 bluetooth bluetooth 4096 2018-03-29 00:04 bluetooth
drwxr-xr-x 2 vendor_mot_tcmd bluetooth 4096 1970-01-01 01:01 bt
drwxr-xr-x 4 vendor_mot_tcmd vendor_mot_tcmd 4096 2018-03-29 00:04 camera
drwxr-xr-x 2 root root 4096 2018-03-29 00:04 coresight
drwx------ 5 system system 4096 2018-03-29 00:04 data
drwxrwx--- 2 system graphics 4096 1970-01-01 01:01 display
drwxrwx--- 2 system system 4096 1970-01-01 01:01 drm
drwxr-xr-x 4 vendor_mot_tcmd vendor_mot_tcmd 4096 2018-03-29 00:04 factory
[COLOR="red"]drwxrwx--- 3 vendor_rfs vendor_rfs_shared 4096 2018-03-29 00:04 hlos_rfs[/COLOR]
drwxrwx--- 2 root root 4096 2018-03-29 00:04 lost+found
drwxrwx--- 2 radio radio 4096 2018-03-29 00:04 mdm
drwxrwx--- 3 system system 4096 2018-03-29 00:04 misc
drwxrwx--- 2 system system 4096 1970-05-31 18:25 properties
drwxr-xr-x 8 vendor_mot_tcmd vendor_mot_tcmd 4096 2018-03-29 00:04 public
[COLOR="Red"]drwx------ 6 vendor_rfs vendor_rfs 4096 2018-03-29 00:04 rfs[/COLOR]
drwxrws--- 2 vendor_mot_tpapi vendor_mot_tpapi 4096 2018-03-29 00:04 security
drwxrwxr-x 2 system system 4096 2018-03-29 00:04 sensors
drwxrwx--- 2 system system 4096 2018-03-29 00:04 time
drwxr-xr-x 2 vendor_mot_tcmd vendor_mot_tcmd 4096 1970-01-01 01:01 wifi
drwxrwxr-x 2 vendor_mot_drm vendor_mot_drm 4096 1970-01-01 01:01 wmdrm
Notice how, android Pie is using vendor suffix prefix.
One fix that was thought was to fix the owners in android Pie ROM itself before flashing Stock ROM, but on rebooting, the owners were changed back to vendor_rfs and vendor_rfs_shared.
Also, if you flash an Oreo ROM after flashing Pie ROM (which broke IMEI), this is the output you get:
Code:
athene_f:/ # ls -l /persist
total 176
drwxrwx--- 2 system system 4096 2018-10-21 07:40 alarm
drwxr-xr-x 2 mot_pwric mot_pwric 4096 1969-12-31 19:02 batt_health
drwxrwx--- 2 bluetooth bluetooth 4096 2017-01-12 03:35 bluetooth
drwxr-xr-x 2 mot_tcmd bluetooth 4096 1969-12-31 19:02 bt
drwxr-xr-x 4 mot_tcmd mot_tcmd 4096 1969-12-31 19:02 camera
drwxr-xr-x 2 root root 4096 2016-07-31 00:43 coresight
drwx------ 5 system system 4096 2017-01-12 05:21 data
drwxrwx--- 2 system graphics 4096 1969-12-31 19:02 display
drwxrwx--- 2 system system 4096 1969-12-31 19:02 drm
drwxr-xr-x 4 mot_tcmd mot_tcmd 4096 1970-01-01 06:48 factory
[COLOR="red"]drwxrwx--- 3 root root 4096 2018-03-29 00:04 hlos_rfs[/COLOR]
drwx------ 2 root root 4096 1969-12-31 19:00 lost+found
drwxrwx--- 2 radio radio 4096 2016-08-04 20:26 mdm
drwxrwx--- 3 system system 4096 2017-11-09 16:30 misc
drwxrwx--- 2 system system 4096 1970-02-11 17:39 properties
drwxr-xr-x 8 mot_tcmd mot_tcmd 4096 1969-12-31 19:02 public
[COLOR="red"]drwx------ 6 root root 4096 2018-03-29 00:04 rfs[/COLOR]
drwxrws--- 2 mot_tpapi mot_tpapi 4096 2016-11-17 16:38 security
drwxrwxr-x 2 system system 4096 2016-07-31 00:43 sensors
drwxrwx--- 2 system system 4096 2018-09-10 18:13 time
drwxr-xr-x 2 mot_tcmd mot_tcmd 4096 1969-12-31 19:02 wifi
drwxrwxr-x 2 mot_drm mot_drm 4096 1969-12-31 19:02 wmdrm
athene_f:/ #
Here are some of the points that can throw some light on the topic:
rachitrawat said:
Hey all,
After spending hours on the IMEI 0 problem, here are my findings:
1. IMEI is stored in nv 550 variable in QCN. However, this variable is write protected. This means all IMEI write programs such as QCOM Write IMEI tool will fail.
2. Interestingly, only IMEI 1 is stored in the nv. IMEI 2 is derived by performing some fixed hex arithmetic on IMEI 1.
3. IMEI also seems encrypted since the nv 550 in QCN never has a correct hex notation of IMEI. For example, Only half of the IMEI is correct.
4. Any attempt to restore the QCN backup of someone else will successfully write all nv variables except nv 550. Means you cannot rewrite your factory IMEI.
5. The above is true even if you hexedit the QCN with your own IMEI. NV 550 is write protected.
6. modemst1 and modemst2 are sort of some baseband cache which are created by radio/bootloader using fsg. fsg seems to be some sort of backup partition for modemst.
7. After downgrading and erasing modemst1-2, these modemst are not recreated successfully by the modem. The nv 550 variable goes missing.
8. My guess is that modem has some checksum mechanism wherein if any discrepancy is found, the modemst cache recreation fails. Not sure.
9. Our IMEI is most likely intact somewhere (not talking about fastboot IMEI). Just not interpreted properly.
10. People who restored their efs after IMEI 0 are essentially restoring working cached modemst1-2. However, if fastboot erase modemst is done, it'll likely result in IMEI 0 again because modem cannot recreate modemst correctly.
Click to expand...
Click to collapse
Thanks alot!!!
My friend was having the same problem, it worked for him??
Edit: Volte is still not working in the device...
@Heeth21,
I am facing this issue after moving to stock. Getting IMEI on "fastboot getvar imei", however unable to restore it. I followed all the instructions you had shared. Any help or further instruction in this regard would be helpful.
Thanks in advance.
checksamir said:
@Heeth21,
I am facing this issue after moving to stock. Getting IMEI on "fastboot getvar imei", however unable to restore it. I followed all the instructions you had shared. Any help or further instruction in this regard would be helpful.
Thanks in advance.
Click to expand...
Click to collapse
Can you post the output of this command in terminal?
Code:
su
ls -l /persist
Also of this command too:
Code:
su
find /persist -type f
If would be beneficial if you format it in code or you might just attach the output in a txt file.
Also can you tell me your baseband version. I think as far as I have observed, those who are getting this IMEI=0 issue, their basebands are ending with "u"
Heeth21 said:
Can you post the output of this command in terminal?
Code:
su
ls -l /persist
Also of this command too:
Code:
su
find /persist -type f
If would be beneficial if you format it in code or you might just attach the output in a txt file.
Also can you tell me your baseband version. I think as far as I have observed, those who are getting this IMEI=0 issue, their basebands are ending with "u"
Click to expand...
Click to collapse
@Heeth21,
THanks for the quick response. Please find the attached output files in text and screenshot for baseband..
checksamir said:
@Heeth21,
THanks for the quick response. Please find the attached output files in text and screenshot for baseband..
Click to expand...
Click to collapse
The files seems proper.
Type these commands again and attach the output. A screenshot would help a lot.
Code:
su
chown -R rfs:rfs /persist/rfs
chown -R rfs:rfs_shared /persist/hlos_rfs
ls -l /persist
Heeth21 said:
The files seems proper.
Type these commands again and attach the output. A screenshot would help a lot.
Code:
su
chown -R rfs:rfs /persist/rfs
chown -R rfs:rfs_shared /persist/hlos_rfs
ls -l /persist
Click to expand...
Click to collapse
I had to try it twice: after executing code /persists/rfs, some file or path or folder was missing and it started something which eventually closed before I could take a screenshot. Next time I tried, there was nothing as such. Second screenshot attached for reference.
Really appreciated your quick responses..
Heeth21 said:
The files seems proper.
Type these commands again and attach the output. A screenshot would help a lot.
Click to expand...
Click to collapse
Man! Thanks a ton! It worked like a charm... I'm back to stock with full functional VoLTE.. you're a genius.. I owe you a beer..!:good:
Nao deu certo comigo, me ajuda por favor.
Hello, I'm sorry for bad English, I'm Brazilian. I'm translating through google translator.
I am with the same problem of this post, after flashing the stock rom the imei got 0, I did the procedures of this post but it did not work with me, my imei appears correctly with the command (fastboot gevtar imei)
but in command: (ls -l / persist) does not appear the number 2951 or 2952, but the name rfs, as if everything was okay (but the imei continues 0)
and in the command: (find / persist -type f) the line does not appear (/persist/rfs/msm/mpss/dhob.bin.bak)
I finally executed the commands (chown -R rfs: rfs / persist / rfs and
chown -R rfs: rfs_shared / persist / hlos_rfs) and restarted the cell phone but the imei continued 0
the version of the base band is m8952_70030.25.03.62.02a
Is there any procedure I can try? I'll be very grateful.
---------- Post added at 01:53 AM ---------- Previous post was at 01:47 AM ----------
Hello, I'm sorry for bad English, I'm Brazilian. I'm translating through google translator.
I am with the same problem of this post, after flashing the stock rom the imei got 0, I did the procedures of this post but it did not work with me, my imei appears correctly with the command (fastboot gevtar imei)
but in command: (ls -l / persist) does not appear the number 2951 or 2952, but the name rfs, as if everything was okay (but the imei continues 0)
and in the command: (find / persist -type f) the line does not appear (/persist/rfs/msm/mpss/dhob.bin.bak)
I finally executed the commands (chown -R rfs: rfs / persist / rfs and
chown -R rfs: rfs_shared / persist / hlos_rfs) and restarted the cell phone but the imei continued 0
the version of the base band is m8952_70030.25.03.62.02a
I'll try to send prints.
Is there any procedure I can try? I'll be very grateful.
Oliver1995 said:
but in command: (ls -l / persist) does not appear the number 2951 or 2952, but the name rfs, as if everything was okay (but the imei continues 0)
and in the command: (find / persist -type f) the line does not appear (/persist/rfs/msm/mpss/dhob.bin.bak)
I finally executed the commands (chown -R rfs: rfs / persist / rfs and
chown -R rfs: rfs_shared / persist / hlos_rfs) and restarted the cell phone but the imei continued 0
Click to expand...
Click to collapse
The chown command won't do anything as the owners of the partitions are already rfs and rfs_shared.
Reflash stock rom again, and check if you get to see 2951 or 2952 on executing the command "ls -l /persist", and respond.
If you still don't get to see 2951 and 2952, then it seems you have tried doing some changes to your efs/persist partition by either restoring someone else's efs/persist or tried to edit yours.
what should I understand:It means that some custom roms erase imei while going back to stock,it can be recovered but volte cant
Is it right?
BogartX said:
what should I understand:It means that some custom roms erase imei while going back to stock,it can be recovered but volte cant
Is it right?
Click to expand...
Click to collapse
Partially right. Some custom ROMs do some changes with the EFS folder which is responsible for the recreation of IMEI. However, while flashing the Stock ROM, if you do not erase EFS partition, then you will retain your IMEI.
The commands which erase EFS partitions are:
Code:
fastboot erase modemst1
fastboot erase modemst2
The modemst1 and modemst2 are indeed the EFS partition itself. So just skip the above lines while flashing Stock ROM if the custom ROM is doing some changes with the EFS partition, and you will not lose your IMEI.
Volte can be recovered but there is a condition which should be satisfied. The baseband should remain as Indian. If it does, then you will be having Volte working and if it doesn't, you won't be having Volte running.
The only ROMs which are causing this issue on our device currently are Android Pie ROMs. I hope when Official Oreo is released for our device, the new blobs and modem will solve this issue. The developers have already checked if there is something in the ROMs which is causing this issue, and they found no problems at all. Same was the case with Oreo ROMs on Moto G5/Plus and Moto G5s/Plus
Heeth21 said:
The chown command won't do anything as the owners of the partitions are already rfs and rfs_shared.
Reflash stock rom again, and check if you get to see 2951 or 2952 on executing the command "ls -l /persist", and respond.
If you still don't get to see 2951 and 2952, then it seems you have tried doing some changes to your efs/persist partition by either restoring someone else's efs/persist or tried to edit yours.
Click to expand...
Click to collapse
yes actually I tried to restore the persistence of another person by a tutorial on youtube (I do not know if I can post the link here) and also did this tutorial to restore these files modem.img, fsg.img, hw.img: https://forum.xda-developers.com/moto-g4-plus/how-to/solve-moto-g4-plus-one-imei-fp-sensor-t3800410
already tried to reinstall the stock rom but does not appear the numbers 2951 or 2952
Do not have any solution for this?
This helped me alot,Thanks?
In my case both sim are working,with no volte
But jio 4g voice or dialer app with data on is not working
Yes I tried to restore the persist
the problem occurred after installing this rom 9.0 when I came back to the stock the imei was 0: https://forum.xda-developers.com/moto-g4-plus/development/rom-arrowos-9-x-t3859849
Oliver1995 said:
yes actually I tried to restore the persistence of another person by a tutorial on youtube (I do not know if I can post the link here) and also did this tutorial to restore these files modem.img, fsg.img, hw.img: https://forum.xda-developers.com/moto-g4-plus/how-to/solve-moto-g4-plus-one-imei-fp-sensor-t3800410
already tried to reinstall the stock rom but does not appear the numbers 2951 or 2952
Do not have any solution for this?
Click to expand...
Click to collapse
Restore your original persist back. I have seen that tutorial. This issue can only be solved if you are on your own persist as every device has its unique persist.
It doesn't matter if you tried restoring modem, hw, fsg files. Just make sure you are on your own persist.
If you haven't taken a backup of your original unmodified persist, then I'm sorry that is a completely different issue which I don't think there is a soluton to.
Pranavchorge said:
This helped me alot,Thanks
In my case both sim are working,with no volte
But jio 4g voice or dialer app with data on is not working
Click to expand...
Click to collapse
I was hoping if you could atatch your build.prop so that we can compare and check for Volte solution.
You need to grant permissions to Jio4GVoice, enable mobile data (wifi should be off), and dial via Jio4GVoice. Check if this works (it should), and then you will have an ongoing activity notification for Jio4GVoice app

[GUIDE] Dual-Boot for any Android Device

Code:
disclaimer
/*
* Your warranty is... still valid?
*
* I am not responsible for bricked devices, dead SD cards,
*/
Hello
This Guide to make Dual-Boot for any android device that can be useful. It allows two Android os installed at the same time and switch between them almost as easily as a simple reboot.
Spoiler: General information
This done by creating a new system partition using Parted (shrink userdata partition and creat the new system partition)
To Boot from the new system partition: change the name of the new system partition to "system" and the name of old system partition to any name e.g. "system-b"
To Boot from the old system partition: change the name of the old system partition to "system" and the name of new system partition to any name e.g. "system-b"
Dual boot for P20 lite - demonstration video (I am using SHRP RECOVERY (like TWRP) with tweaks to change boot partition easily, instead of writing terminal commands. This a video shows the dual boot process)
Requirements​
TWRP
Parted (attached arm and arm64, unzip the file)
Latest fastboot and ADB commands installed
Backup all your data because you will make a factory reset and format data partition
Steps:​
Boot to TWRP
Run the following commands
Code:
adb push /path/to/parted /sbin/parted
adb shell
chmod 777 /sbin/parted
parted /dev/block/mmcblk0
p free
note: parted /dev/block/xxxxx according do your device
3- it will show the list of partition "save this you may use it later". remember the number of old system partition which is in my case "52"
{
"lightbox_close": "Close",
"lightbox_next": "Next",
"lightbox_previous": "Previous",
"lightbox_error": "The requested content cannot be loaded. Please try again later.",
"lightbox_start_slideshow": "Start slideshow",
"lightbox_stop_slideshow": "Stop slideshow",
"lightbox_full_screen": "Full screen",
"lightbox_thumbnails": "Thumbnails",
"lightbox_download": "Download",
"lightbox_share": "Share",
"lightbox_zoom": "Zoom",
"lightbox_new_window": "New window",
"lightbox_toggle_sidebar": "Toggle sidebar"
}
4- remove "userdata" partition which in my case number 59 using the following command
Code:
rm 59
5- create the new system partition (partition number 59 in my case ) using the following command
Code:
mkpart name fs_type start end
name: name of new partition e.g "system-b"
fs_type: file system type e.g "ex4"
start: the end value in MB of the previous partition, in my case "7153MB"
end: equal to start + size where size will be the size of the target partition. in my case in need 4GB partition so end=7153MB + 4GB =11153MB
In my case I'll type:
Code:
mkpart system-b ext4 7153MB 11153MB
set 59 msftdata on
6- create the "userdata" partition (partition number 60 in my case, start= 11153MB )
In my case I'll type:
Code:
mkpart userdata ext4 11153MB 31.3GB
set 60 msftdata on
7- get the new partition list
Code:
p free
8- exit
Code:
quit
9- format userdata and the new system partition using "mkfs.type /dev/block/mmcblk0pxx" (in my case partition number 59 and 60). you may need to reboot before doing that or make factory reset using your recovery
Code:
adb push /path/to/mkfs.ext4 /sbin/mkfs.ext4
adb shell
chmod 777 /sbin/mkfs.ext4
mkfs.ext4 /dev/block/mmcblk0p59
mkfs.f2fs /dev/block/mmcblk0p60
10- To Boot from your new system partition > boot to twrp and run the following command
Code:
adb push /path/to/parted /sbin/parted
adb shell
chmod 777 /sbin/parted
parted /dev/block/mmcblk0
name 52 system-b
name 59 system
or from TWRP terminal write the following
Code:
parted -s /dev/block/mmcblk0 name 52 system-b
parted -s /dev/block/mmcblk0 name 59 system
change the number 52 and 59 according to your partition list (in my case 59: new system partion, 52 old system partition ). Then reboot TWRP and flash your new android os
11- To Boot from your old system partition > boot to twrp and run the following command
Code:
adb push /path/to/parted /sbin/parted
adb shell
chmod 777 /sbin/parted
parted /dev/block/mmcblk0
name 59 system-b
name 52 system
or from TWRP terminal write the following
Code:
parted -s /dev/block/mmcblk0 name 59 system-b
parted -s /dev/block/mmcblk0 name 52 system
change the number 52 and 59 according to your partition list (in my case 59: new system partion, 52 old system partition ). Then reboot
-------------------------------------------------------
You may create flashable zip or modify TWRP file to switch between the two android os easily[/CODE]
You can also create two userdata profiles such as here
https://forum.xda-developers.com/t/a-simple-way-to-kind-of-dual-boot-an-android.4176415/
Did you get what you described on your phone and would you like to show it in a video?
ze7zez said:
Did you get what you described on your phone and would you like to show it in a video?
Click to expand...
Click to collapse
Yes. It is worked on my phone Huawei P20 lite ... I am using SHRP RECOVERY (like TWRP) with tweaks to change boot partition easily, instead of writing terminal commands. This a video shows the dual boot process
Flashable zip Files to switch easily between the two android os (you must have "System" and "System-b" partitions, other names not accepted)
Flash "Active-New-System-partition-arm64-v2" to active the new system partition
Flash "Active-Default-System-partition-arm64-v2" to active the default system partition
Anyone else tried this? I'm courious how safe this is... Someone warned me it's very easy to brick device
Abdelhay.ali said:
Code:
disclaimer
/*
* Your warranty is... still valid?
*
* I am not responsible for bricked devices, dead SD cards,
*/
Hello
This Guide to make Dual-Boot for any android device that can be useful. It allows two Android os installed at the same time and switch between them almost as easily as a simple reboot.
Spoiler: General information
This done by creating a new system partition using Parted (shrink userdata partition and creat the new system partition)
To Boot from the new system partition: change the name of the new system partition to "system" and the name of old system partition to any name e.g. "system-b"
To Boot from the old system partition: change the name of the old system partition to "system" and the name of new system partition to any name e.g. "system-b"
Dual boot for P20 lite - demonstration video (I am using SHRP RECOVERY (like TWRP) with tweaks to change boot partition easily, instead of writing terminal commands. This a video shows the dual boot process)
Requirements​
TWRP
Parted (attached arm and arm64, unzip the file)
Latest fastboot and ADB commands installed
Backup all your data because you will make a factory reset and format data partition
Steps:​
Boot to TWRP
Run the following commands
Code:
adb push /path/to/parted /sbin/parted
adb shell
chmod 777 /sbin/parted
parted /dev/block/mmcblk0
p free
note: parted /dev/block/xxxxx according do your device
3- it will show the list of partition "save this you may use it later". remember the number of old system partition which is in my case "52"
View attachment 5772225
4- remove "userdata" partition which in my case number 59 using the following command
Code:
rm 59
5- create the new system partition (partition number 59 in my case ) using the following command
Code:
mkpart name fs_type start end
name: name of new partition e.g "system-b"
fs_type: file system type e.g "ex4"
start: the end value in MB of the previous partition, in my case "7153MB"
end: equal to start + size where size will be the size of the target partition. in my case in need 4GB partition so end=7153MB + 4GB =11153MB
In my case I'll type:
Code:
mkpart system-b ext4 7153MB 11153MB
set 59 msftdata on
6- create the "userdata" partition (partition number 60 in my case, start= 11153MB )
In my case I'll type:
Code:
mkpart userdata ext4 11153MB 31.3GB
set 60 msftdata on
7- get the new partition list
Code:
p free
View attachment 5775221
8- exit
Code:
quit
9- format userdata and the new system partition using "mkfs.type /dev/block/mmcblk0pxx" (in my case partition number 59 and 60). you may need to reboot before doing that or make factory reset using your recovery
Code:
adb push /path/to/mkfs.ext4 /sbin/mkfs.ext4
adb shell
chmod 777 /sbin/mkfs.ext4
mkfs.ext4 /dev/block/mmcblk0p59
mkfs.f2fs /dev/block/mmcblk0p60
10- To Boot from your new system partition > boot to twrp and run the following command
Code:
adb push /path/to/parted /sbin/parted
adb shell
chmod 777 /sbin/parted
parted /dev/block/mmcblk0
name 52 system-b
name 59 system
or from TWRP terminal write the following
Code:
parted -s /dev/block/mmcblk0 name 52 system-b
parted -s /dev/block/mmcblk0 name 59 system
change the number 52 and 59 according to your partition list (in my case 59: new system partion, 52 old system partition ). Then reboot TWRP and flash your new android os
11- To Boot from your old system partition > boot to twrp and run the following command
Code:
adb push /path/to/parted /sbin/parted
adb shell
chmod 777 /sbin/parted
parted /dev/block/mmcblk0
name 59 system-b
name 52 system
or from TWRP terminal write the following
Code:
parted -s /dev/block/mmcblk0 name 59 system-b
parted -s /dev/block/mmcblk0 name 52 system
change the number 52 and 59 according to your partition list (in my case 59: new system partion, 52 old system partition ). Then reboot
-------------------------------------------------------
You may create flashable zip or modify TWRP file to switch between the two android os easily[/CODE]
Click to expand...
Click to collapse
Is only GSI flashing possible with this method or any custom ROM?
It should work with any GSI/ROM..... It just change the name of the system partition.
Lord Sithek said:
Is only GSI flashing possible with this method or any custom ROM?
Click to expand...
Click to collapse
Abdelhay.ali said:
It should work with any GSI/ROM..... It just change the name of the system partition.
Click to expand...
Click to collapse
Well, I've tried that procedure on my secondary device but something got screwed and I ended up with the need of EDL flash. Maybe I made a mistake, idk, but it's definitely dangerous
Lord Sithek said:
Anyone else tried this? I'm courious how safe this is... Someone warned me it's very easy to brick device
Click to expand...
Click to collapse
Lord Sithek said:
Well, I've tried that procedure on my secondary device but something got screwed and I ended up with the need of EDL flash. Maybe I made a mistake, idk, but it's definitely dangerous
Click to expand...
Click to collapse
This can happen
Abdelhay.ali said:
Code:
disclaimer
/*
* Your warranty is... still valid?
*
* I am not responsible for bricked devices, dead SD cards,
*/
Hello
This Guide to make Dual-Boot for any android device that can be useful. It allows two Android os installed at the same time and switch between them almost as easily as a simple reboot.
Spoiler: General information
This done by creating a new system partition using Parted (shrink userdata partition and creat the new system partition)
To Boot from the new system partition: change the name of the new system partition to "system" and the name of old system partition to any name e.g. "system-b"
To Boot from the old system partition: change the name of the old system partition to "system" and the name of new system partition to any name e.g. "system-b"
Dual boot for P20 lite - demonstration video (I am using SHRP RECOVERY (like TWRP) with tweaks to change boot partition easily, instead of writing terminal commands. This a video shows the dual boot process)
Requirements​
TWRP
Parted (attached arm and arm64, unzip the file)
Latest fastboot and ADB commands installed
Backup all your data because you will make a factory reset and format data partition
Steps:​
Boot to TWRP
Run the following commands
Code:
adb push /path/to/parted /sbin/parted
adb shell
chmod 777 /sbin/parted
parted /dev/block/mmcblk0
p free
note: parted /dev/block/xxxxx according do your device
3- it will show the list of partition "save this you may use it later". remember the number of old system partition which is in my case "52"
View attachment 5772225
4- remove "userdata" partition which in my case number 59 using the following command
Code:
rm 59
5- create the new system partition (partition number 59 in my case ) using the following command
Code:
mkpart name fs_type start end
name: name of new partition e.g "system-b"
fs_type: file system type e.g "ex4"
start: the end value in MB of the previous partition, in my case "7153MB"
end: equal to start + size where size will be the size of the target partition. in my case in need 4GB partition so end=7153MB + 4GB =11153MB
In my case I'll type:
Code:
mkpart system-b ext4 7153MB 11153MB
set 59 msftdata on
6- create the "userdata" partition (partition number 60 in my case, start= 11153MB )
In my case I'll type:
Code:
mkpart userdata ext4 11153MB 31.3GB
set 60 msftdata on
7- get the new partition list
Code:
p free
View attachment 5775221
8- exit
Code:
quit
9- format userdata and the new system partition using "mkfs.type /dev/block/mmcblk0pxx" (in my case partition number 59 and 60). you may need to reboot before doing that or make factory reset using your recovery
Code:
adb push /path/to/mkfs.ext4 /sbin/mkfs.ext4
adb shell
chmod 777 /sbin/mkfs.ext4
mkfs.ext4 /dev/block/mmcblk0p59
mkfs.f2fs /dev/block/mmcblk0p60
10- To Boot from your new system partition > boot to twrp and run the following command
Code:
adb push /path/to/parted /sbin/parted
adb shell
chmod 777 /sbin/parted
parted /dev/block/mmcblk0
name 52 system-b
name 59 system
or from TWRP terminal write the following
Code:
parted -s /dev/block/mmcblk0 name 52 system-b
parted -s /dev/block/mmcblk0 name 59 system
change the number 52 and 59 according to your partition list (in my case 59: new system partion, 52 old system partition ). Then reboot TWRP and flash your new android os
11- To Boot from your old system partition > boot to twrp and run the following command
Code:
adb push /path/to/parted /sbin/parted
adb shell
chmod 777 /sbin/parted
parted /dev/block/mmcblk0
name 59 system-b
name 52 system
or from TWRP terminal write the following
Code:
parted -s /dev/block/mmcblk0 name 59 system-b
parted -s /dev/block/mmcblk0 name 52 system
change the number 52 and 59 according to your partition list (in my case 59: new system partion, 52 old system partition ). Then reboot
-------------------------------------------------------
You may create flashable zip or modify TWRP file to switch between the two android os easily[/CODE]
Click to expand...
Click to collapse
look what i got
edit: appearently any name u put when u use the command mkpart doesn't register or smtg idk what's wrong tbh
edit2: i found a solution just do "name 38(in my case) userdata" and it'll name the partition
i accidentally hardbricked my xiaomi pad 5 by deleting the dbg partition (could not find any information about it online), can anybody help?
Does not the new system-b alias requires its own data partition? The new system image may not be compatible with data partition.
New Android OS requires its own data. Above approach will share the /data among different system images which is something not useful.
dual boot is nonsense because one can't share same userdata partition between ROMs
alecxs said:
dual boot is nonsense because one can't share same userdata partition between ROMs
Click to expand...
Click to collapse
Yes you can but it does not work with all apps.
I got an app in the Dualboot I made for Oneplus 6/7 series and had an app where you can choose which apps should be shared on both roms.

Categories

Resources