AROMA/TWRP version of SPFlash Tools.
This tool is for MTK devices with a GPT layout - (MT6732, MT6752 and their variants).
With some testing it may be possible to add some some support for the older devices using an MBR.
Requirements:Copy SPFlash contents to /sdcard/SPFlash
Rename *scatter.txt to scatter.txt
Run .zip from TWRPMTK-64bit_SoCs-v*.zip:During testing there will only be info displayed on screen, nothing should be modified. (Unless otherwise stated)SPFlash-v*.zip:This will install all .img/.bin in SPFlash folder if partition is large enoughDownloads:GDrive FolderChangelogs:SPFlash
v10 - Readded internal sd - fixed aroma exit/about screen - (a few cosmetic issues introduced).
v8 - Aroma menus updated
v7 - Create 'flashable' zip from backed up partitions.
v6 - Zipped backups added
v4 - Backup + Install fixed -- Aroma "Quit Installation" stalls
v3 - Backup function added - untested -- backup works / install from v2 broken
v2 - Menu Select Added
v1 - Initial Release
MTK-64bit_SoCs
v8 - attempts to fix unrelated menu/alert
v7 - calculations done quicker
v6 - script rewrite/reorder
v1 - v5: Initial test builds
Only follow menu Partition Related -> Scatter Information
Other menus/option are broken/dead ends...
Other things in the MTK folder:simg2img/img2simg are arm source compiled binaries to handle sparse files
file/magic were taken from @osm0sis's AIK (I can't seem to get file to compile)
MTKsplit is used to split boot/recovery images into it's individual parts. Normal images will split into 3; 1 = img ANDROID! header, 3 = kernel (zImage) and 5 = ramdisk (ramdisk). MTK images split into 5; 1,3,5 as before with 2 and 4 being additional headers.
XDA:DevDB Information
TWRP/AROMA SPFlasher, Tool/Utility for all devices (see above for details)
Contributors
HypoTurtle
Source Code: https://drive.google.com/open?id=0B8WPOq9wZyKxfktHVWgxbW9nYmtJd1ZWc2RIM1NXUU5pSXpramg0bVBYYUdyRDhid3hwM3c
Version Information
Status: Testing
Current Stable Version: V8
Stable Release Date: 2015-09-03
Created 2015-09-03
Last Updated 2015-09-03
Current StatusMTK-64bit_SoCs-v8 .zip will output the partitions that it deems are incorrectly sized in the scatter.txt and will also check the .img/.bins in the SPFlash folder and determine what should go where and will determine if the partition is large enough for the respective .img/.bin
SPFlash-v1.zip will flash the entire contents of /sdcard/SPFlash folder
SPFlash-v3.zip allows selection of files /sdcard/SPFlash folder to install and has a backup option
Improvements NeededFor SPFlash-v2 will add a basic menu select option for what you want to flash...
In future versions will add backup option and partition resize
Will start to look at resize...
Derivative Work - using scatt and part from #1
ScatterfixGenerating a fixed scatter from a 'broken one'
Code:
[size=1]#!/sbin/sh
ldr=`pwd`
scatterfix(){
scatt \${b} \${c} \${d}
part \${p} \${q} \${r}
scttrbfr=`cat "${scatterloc:-$ldr}/scatter.txt"`
while IFS=" " read -r a b c && read -r d e f <&3; do
if [ $a = $d ]; then
if [[ ! ${b} = "DONT_USE" && ${b} != ${e} ]]; then
scttrafter="${scttrbfr//${b}/${e}}"
scttrbfr=`echo "${scttrafter}"`
fi
if [[ ! ${c} = "DONT_USE" && ${c} != ${f} ]]; then
scttrafter="${scttrbfr//${c}/${f}}"
scttrbfr=`echo "${scttrafter}"`
fi
fi
echo "${scttrbfr}" > ${scatterloc:-$ldr}/scatter-new.txt
done </tmp/scatter 3</tmp/parted-new
}
scatterfix
diff ${scatterloc:-$ldr}/scatter.txt ${scatterloc:-$ldr}/scatter-new.txt[/size]
Problems to fixThe code will change any hex value deemed wrong to a new calculated value - there is a chance that 4 values are the same but only one/two are wrong - to fix will need to add a loop through scatterfix until the scatter-new.txt generated is actually correct.Resize Userdata/IntsdMore of a precursor - bugs fixed and maintained by @odigitech
Thread located here
Some Dev. QuestionsBefore adding the resizing partitions (Firmware Upgrade) option:
1. Is the preloader header custom or generic; and does it change when flashing the proloader?
2. Is there an actual function to the BPLGU/APDB files other than some sort of device/system check?
For v7 trying to add a backup + make installable zip option:
Have done it with basic dd backups; would prefer to use sparse/simg2img but simgimg can't seem to use zipped .img's; have looked into using dat/sdat2img but that would require getting python to run in recovery (unless I'm mistaken).
Have added the simplistic option as v7...
odigitech said:
@HypoTurtle I have made a modified version of MTKsplit with more human-friendly names, its in my Drive folder, if it's any use.
Click to expand...
Click to collapse
Thanks, I have updated mine to support non-MTK header-ed boot/recovery.imgs -- can't hurt to make it human readable I suppose.
MTKsplit will be used in the next uploaded version (v8) in the form of a simplistic porting tool...
Should be uploaded on Monday/Tuesday
odigitech said:
You made it work for non-MTK also? Nice one, is it on your Drive?
Sent from my thl 2015 using XDA Free mobile app
Click to expand...
Click to collapse
Should be... but I'll update it with the human-readable version now.
It's not vigorously tested; and not as robust as the (un)mkbootimg binaries out there but it seems to do the job.
@HypoTurtle: on my Jiayu s3, the Germans have been working on android 5.1.1 for it and so far it is great. I installed beta 3 and the next day they released beta 4. Rather then getting out the laptop, I thought I'd use your script, so I got the files needed, I got your script and set it up as the instructions. But when I ran the script, it didn't find the system.img file, and didn't give it to me as an option. I verified that the file was there on disk, but I was never given a check box to select it for flashing. Any logs I can send you to try and figure out why?
Sent from my KFTHWI using XDA Premium 4 mobile app
AlexZap said:
@HypoTurtle: on my Jiayu s3, the Germans have been working on android 5.1.1 for it and so far it is great. I installed beta 3 and the next day they released beta 4. Rather then getting out the laptop, I thought I'd use your script, so I got the files needed, I got your script and set it up as the instructions. But when I ran the script, it didn't find the system.img file, and didn't give it to me as an option. I verified that the file was there on disk, but I was never given a check box to select it for flashing. Any logs I can send you to try and figure out why?
Sent from my KFTHWI using XDA Premium 4 mobile app
Click to expand...
Click to collapse
Is it just the system.img that doesn't appear? And are you using internal or external SD?
HypoTurtle said:
Is it just the system.img that doesn't appear? And are you using internal or external SD?
Click to expand...
Click to collapse
Just system.img, and external_sd
Sent from my KFTHWI using XDA Premium 4 mobile app
AlexZap said:
Just system.img, and external_sd
Sent from my KFTHWI using XDA Premium 4 mobile app
Click to expand...
Click to collapse
Can you post the scatter; the menu items are just an existence check.
[ if *.img/*.bin from scatter exists in SPFlash folder then you are given the option to flash it ]
(Just noticed that it will stall if you try and install and there are no valid img/bin files present)
HypoTurtle said:
Can you post the scatter; the menu items are just an existence check.
[ if *.img/*.bin from scatter exists in SPFlash folder then you are given the option to flash it ]
(Just noticed that it will stall if you try and install and there are no valid img/bin files present)
Click to expand...
Click to collapse
Screenshot of the folder, and the scatter. I checked it and it looked fine.
AlexZap said:
Screenshot of the folder, and the scatter. I checked it and it looked fine.
Click to expand...
Click to collapse
Ah yes - this problem is caused by the amount of items shown - I have it set to show 3, 5 or 12. It will only show 12 (more than 5) if there are 12 things to flash. From your screenshot you have 7 items to be flashed (trustzone gets flashed twice), so you will miss two items - the second flash of trustzone.bin and system.img.
Hope that makes sense; I can alter it to work with 6+; but you should be able to adjust it to work as described above. the reason I did it this way was that otherwise it would look a bit messy - I suppose I could add a 7 option.
HypoTurtle said:
Ah yes - this problem is caused by the amount of items shown - I have it set to show 3, 5 or 12. It will only show 12 (more than 5) if there are 12 things to flash. From your screenshot you have 7 items to be flashed (trustzone gets flashed twice), so you will miss two items - the second flash of trustzone.bin and system.img.
Hope that makes sense; I can alter it to work with 6+; but you should be able to adjust it to work as described above. the reason I did it this way was that otherwise it would look a bit messy - I suppose I could add a 7 option.
Click to expand...
Click to collapse
Ahhh... Not a. Problem then. I don't really need to flash anything besides system and boot. I just included the rest for completness. I'll take one out and let you know how it goes.
On a side note, any reason for these (3, 5, and 12)? An not just everything that is there?
Sent from my JY-S3 using XDA Premium 4 mobile app
HypoTurtle said:
Some Dev. QuestionsBefore adding the resizing partitions (Firmware Upgrade) option:
Q1. Is the preloader header custom or generic; and does it change when flashing the proloader?
Q2. Is there an actual function to the BPLGU/APDB files other than some sort of device/system check?
Click to expand...
Click to collapse
A1 - Generic, MTK preloader has been the same since armv7 to armv8. Yes, dd backup copy needs to be clean up of the header & footer, more info then checkout with AlexZap... :good:
A2 - Not all MTK firmware include it, it contains the IMEI refer to here for more info or a single link that explained everything... :good:
AlexZap said:
Ahhh... Not a. Problem then. I don't really need to flash anything besides system and boot. I just included the rest for completness. I'll take one out and let you know how it goes.
On a side note, any reason for these (3, 5, and 12)? An not just everything that is there?
Sent from my JY-S3 using XDA Premium 4 mobile app
Click to expand...
Click to collapse
Not sure if you missed the edit. It was more for cosmetic reasons - I could have had say 12 files being displayed but if there's only one file to flash you would have a screen with a lot of blank entries. 3, 5 and 12 seemed the most appropriate without going down the route of creating a menu for all possible entries.
3 being typical install (system/boot and perhaps blank cache/userdata to wipe); 5 as 3 but with custom etc.
I figured that anyone with more than 5 flashable items in there would have dumped the entire SPFlash ROM which I calculated as ~12 items.
yuweng said:
A1 - Generic, MTK preloader has been the same since armv7 to armv8. Yes, dd backup copy needs to be clean up of the header & footer, more info then checkout with AlexZap... :good:
A2 - Not all MTK firmware include it, it contains the IMEI refer to here for more info or a single link that explained everything... :good:
Click to expand...
Click to collapse
A2. I don't thing it contains the IMEI - but it is the database that the IMEI is coded against; I'm not aware of any devices (other than the P6000) suggesting that you recode the IMEI on an upgrade from KK to LP so there is probably not an issue here.
i never use it myself, typically MDRT is able to recover it on mine, feedbacks from fellow XDA member is that, that is the only way that they manage to recover IMEI on their MTK...
On 2nd thought, BTW, i'm using intel nowadays :laugh: IMEI & calibration info is at a hidden partition, same as Samsung & Qualcomm devices that reside at /efs partition, how did MTK IMEI survive Factory Reset since it is at /data/nvram, i wonder, never really thought about it...
yuweng said:
i never use it myself, typically MDRT is able to recover it on mine, feedbacks from fellow XDA member is that, that is the only way that they manage to recover IMEI on their MTK...
On 2nd thought, BTW, i'm using intel nowadays :laugh: IMEI & calibration info is at a hidden partition, same as Samsung & Qualcomm devices that reside at /efs partition, how did MTK IMEI survive Factory Reset since it is at /data/nvram, i wonder, never really thought about it...
Click to expand...
Click to collapse
On the 64bits at least it is also on a hidden partition (nvram) - and it just gets copied to /data/nvram or something (ie. its not mounted but it's files are there). The DB files etc are present in /system as well as in the full SPFlash ROM so I guess things like MTKEng and apps like chamelephon use that when setting/'fixing' the IMEI.
What are the file formats used by intel stock ROMS? This tool isn't really MTK dependant - it's GPT partition dependant (with a scatter for validity check- I'll post a bear minimum of what a 'scatter.txt' needs to have).
Anyway v8 added - so that files to flash aren't hidden (max. 12 files).
Hmm, further digging seems MTK IMEI is at /dev/nvram, same thing happening on intel, users just never spell out everything, they use the format/ erase flash/ emmc that wipes out the IMEI partition but never tell...
i think on the X3, its not possible as its NOT an Android image file but proprietary fls file which they got it when they acquire infineon i think...
Manual fastboot/ dd backup/ restore & you'll end up with a brick device, ATM, no custom recoveries that boot on the x3, i haven't figure out how to repack its recovery that has three separate different region that requires three proprietary download file that packs it together into a fls file & only their FlashTool_E2 is able to download it correctly...
Can't really understand infineon/ intel for developing such cheap device but with such high end software tools...
Related
Hello guys, I want to present you the
TEAM WIN RECOVERY PROJECT
(TWRP)
v2.X for our Transformers
This is the touch version of Team Win's recovery project.
It is already avaiable for many devices, but not for ours, so I ported it.
In addition, I am the responsable developer and maintainer for this recovery, so if any errors occur, please post them in this thread and I will see what I can do.
WHY did I port this ?
We do now have a fully functional file manager in the recovery system
The GooManager app lets you now install .zips directly through the open-recovery scripting system
You can queue .zips for flashing in recovery, makes installing new roms MUCH easier !
WHICH features do we have after-all ?
Key Features:
Ability to save custom recovery settings
Default partitions to back up
Default zip folder location
Default color theme (lots to choose from) (Thanks to ffolkes!)
Default Time Zone (for more accurate time stamps)
Zip Signature Verification
Zip md5 Verification (looks for file with zipname.zip.md5)
Ability to flash multiple zips in one go
Ability to select which individual partitions to backup, and restore.
Ability to choose compression or no compression backups.
Compression takes longer of course, but you save roughly half the space. EVO3D's stock system uncompressed is ~800mb, 380mb compressed. You choose.
Ability to auto restore GAPPS on zip flash (for CM based ROMS)
Ability to auto reboot after successful flashes (for the lazy)
Some devices utilize their capacitive buttons in recovery.
Home - Main Menu
Menu - Advanced Menu
Back - Up a Menu Level
Search - Select Current Selection
Battery Level and Timestamp (Better safe than sorry)
Fully working terminal emulator (with exclusive fixes by me)
WHAT does work ?
The file manager
Using internal and external storage mounts
Backup & restore
Zip file installing
Mounting devices
Everything else ?
WHAT doesn't ?
OpenRecovery scripting
You tell me !
A FEW NOTES
OpenRecovery scripting for GooManager and others does currently *NOT* work, this is because the init.rc is missing a recovery boot flag, because of this the GooManager app fails to pass the correct recovery command to our device. This will be fixed very soon !
THEMERS, please take a look here : http://forum.xda-developers.com/showpost.php?p=28605855&postcount=67
??? --- Profit.
DOWNLOADS
FLASH THE TWRP-X.zip file in your current recovery!
NEWEST DOWNLOADS ALWAYS AT android.lensmangallery.com
Code:
[FONT=Georgia]
[B]v2.2
[/B] [/FONT]
[LIST]
[*][FONT=Georgia][B]Fixed EVERYTHING.[/B]Really. No bugs left ![/FONT]
[*][FONT=Georgia]When installing a zip, you can now choose from internal or external storage right from the 'install zip' page, just like in Rogue Touch Recovery ![/FONT]
[*][FONT=Georgia][B]Added a super-awesome terminal emulator in 'advanced' page ! Try this out, it's amazing, really ! [/B][COLOR=Red]In addition, it has a special goodie by me, the command you type in, and hit enter, would normally stay there until you delete it manually each time. I fixed the source, so it goes away after hitting enter, just like a real command prompt ![/COLOR][/FONT]
[/LIST]
[B]v2.1.8 FINAL[/B]
[LIST]
[*][FONT=Georgia]Fixed the 'free disk space' shown on backup tab. Now it displays always the correct size which is left for backups, either internal or external storage. Both do fully work now.[/FONT]
[*][FONT=Georgia]Fixed the *EXTERNAL* storage automount, when you change your storage paths (mount->change radio buttons), while clicking the 'using external sdcard', the external MicroSD gets automounted. It gets auto-unmounted again when hitting 'using internal storage'[/FONT]
[*][FONT=Georgia]Fixed the boot partition backup system. Since we cannot backup /boot , I excluded this partition from the whole nandroid system. The button in the backup tab is gone now, so no choice to fail at backing up anymore ![/FONT]
[/LIST]
[FONT=Georgia] [B]
v2.1.8
[/B] [/FONT]
[LIST]
[*][FONT=Georgia]Initial release[/FONT]
[*][FONT=Georgia]Based on newest TeamWin Sources[/FONT]
[*][FONT=Georgia]Touch recovery[/FONT]
[*][FONT=Georgia]Tablet UI (1280*800) resolution
[/FONT]
[*][FONT=Georgia]Modified recovery.fstab & BoardConfig to make this compile.[/FONT]
[*][FONT=Georgia][COLOR=Red][B]SOURCE[/B][/COLOR] is at [/FONT][URL]https://github.com/skirata/device_asus_tf101[/URL] and [URL]https://github.com/skirata/Team-Win-Recovery-Project-v2.X[/URL]
[/LIST]
Credits
Team Win
Team Douche
Cyanogenmod
Shane Francis
Roach2010
That sound really nice, good work! But, where's the download link ?
hanthesolo said:
That sound really nice, good work! But, where's the download link ?
Click to expand...
Click to collapse
Oh, stop it, you ! You were a bit faster than me ...
Download link is up in 2nd post.
Can someone post any screenshots?
rayman33 said:
Oh, stop it, you ! You were a bit faster than me ...
Download link is up in 2nd post.
Click to expand...
Click to collapse
I love it when that happens.... I see them now. I will flash it and see how it stacks up to the other touch recoveries.
EDIT: I just flashed it and played around with the UI for a few minutes. I found it vaguely reminiscent of UEFI, and it seemed very useful. I have had a need for a file browser more than once while in recovery, it is a shame though that editing files cannot be done (due to the difficulty level if creating a keyboard, and size limitations, i am sure). It is on my bucket list though, to be able to use some kind of terminal emulator in recovery without using adb. Overall, excellent work, and this will be my recovery if choice from now on! Just out if curiosity, how long did it take you to port this?
I'll be the numb nut that will ask.......what are the fstab zip and the other zip for?
Do i need to flash all 3 zips or just the main recovery zip if i havent got a clue what the other 2 do? :laugh:
No doubt someone would screw it up....... id rather look like a plank!
TheFirlen said:
Can someone post any screenshots?
Click to expand...
Click to collapse
Screenie.
You better be happy now, it has got 3297562 Megapixles !
scottyf79 said:
I'll be the numb nut that will ask.......what are the fstab zip and the other zip for?
Do i need to flash all 3 zips or just the main recovery zip if i havent got a clue what the other 2 do? :laugh:
No doubt someone would screw it up....... id rather look like a plank!
Click to expand...
Click to collapse
My faultie, didn't put the explanation in the notes ..
You will only have to flash the TWRP-X.zip file.
The other two zips are the sources needed for compiling.
Of course, those alone aren't sufficent at all. If someone would like to have instructions on how to compile, just ask here.
@Hanthesolo Well, I think it was like one week or so until I figured out how to compile the recovery and another week until I managed to get internal and external storage working correctly.
installed fine
EDIT: its ok i read the op again..........looks good, another job well done Rayman33
You, man, are awesome. Me and hillbillyhacker tried that, but couldn't get touch working. Waiting for your stuff to see the diff
I had it installed but do not see any internal storage.
Sent from my Transformer TF101 using xda premium
bkmo said:
I had it installed but do not see any internal storage.
Sent from my Transformer TF101 using xda premium
Click to expand...
Click to collapse
Go into the "Mount" tab and make sure "Using internal storage" is checked.
My internal storage files are found under "data/media"
baseballfanz said:
Go into the "Mount" tab and make sure "Using internal storage" is checked.
My internal storage files are found under "data/media"
Click to expand...
Click to collapse
It was checked by default, but my brain didn't compute that I need to look at data/media. Makes perfect sense.....thanks.
Sent from my Transformer TF101 using xda premium
NICE guys.
thanks gonna try it
hope they start porting AROMA to tablets too.
that would be cool
bkmo said:
It was checked by default, but my brain didn't compute that I need to look at data/media. Makes perfect sense.....thanks.
Sent from my Transformer TF101 using xda premium
Click to expand...
Click to collapse
Edit: time is being reported as one hour ahead, also had an abort during a backup. Here is from the log:
I:=> Size of is 0 KB.
[ (0 MB)]
...Backing up partition.
I:=> Filename: ..win
I:Backup command: 'dd bs=4096 if= of=/data/media/TWRP/BACKUPS/0384018241611197/2012-07-08--12-41-34/..win'
dd: can't open '': No such file or directory
* Done.
* Verifying backup size.
E: File size is zero bytes. Aborting...
Sent from my Transformer TF101 using xda premium
bkmo said:
Edit: time is being reported as one hour ahead, also had an abort during a backup. Here is from the log:
I:=> Size of is 0 KB.
[ (0 MB)]
...Backing up partition.
I:=> Filename: ..win
I:Backup command: 'dd bs=4096 if= of=/data/media/TWRP/BACKUPS/0384018241611197/2012-07-08--12-41-34/..win'
dd: can't open '': No such file or directory
* Done.
* Verifying backup size.
E: File size is zero bytes. Aborting...
Sent from my Transformer TF101 using xda premium
Click to expand...
Click to collapse
Please check if you had ticked "boot" in the backup menu...
Don't backup the boot partition, it won't work, and only give errors.
Just backup the partitions that have an actual size, like /system /data and /cache.
Then it should work; I have tested this.
Also, you can edit the Time Zone settings in the corresponding settings menu in TWRP's home... just look for it.
I'm Trying to mount the ext sd card but its not working.
News :
Backup system does now work out of the box, no need to refresh the menu first.
I nearly found a way to exclude the boot partition from backing up, to make it all more user-friendly.
Fixed version coming the next 2 days.
Stay tuned !
hello there,
this tool is windows based. You need the .net 4.5 framework. There is no installer. Simply extract the executable onto your computer.
@xQrzy shared some insight about the flashfile.xml. So i made this tool for reading an image archive and creating proper flash statements. Its very rudimentary but its working.
So, whats to do? Use an image file (zip) or unzip it first. Then execute the program and select the image or the folder. And thats it. There is one tab with some information and on the second tab there is a list of flash operations this image provides. Under options you'll find one checkbox. Uncheck it will generate the full file paths for your image files. The third tab is for the output executing a real flash would return on the command line.
Choose your operations wisely, because eg. erase user data will make a factory reset.
version info
Code:
current version: 0.9.3
- (untested) added experimental flashing. There will be a warning before the actual flashing.
- little rework of the gui.
features:
Code:
- checking MD5 hashes of all files
- (untested) selectable flash commands and running them (thats why i called it installer)
for interested devs:
- its a sharpdevelop project (built with sharpdevelop 5.1 rc1). This project was hacked whithin 5 hours so its not that filled with comments and stuff. Its not on git because of this. You can of course download my sourcecode and compile your own binary if you don't trust me. Which would be clever and cautious.
I'm really happy to be the spark of this idea. ^^
And hope you will make the tool better and better.
aVe2000 said:
hello there,
this tool is windows based. You need the .net 4.5 framework. There is no installer. Simply extract the executable onto your computer.
@xQrzy shared some insight about the flashfile.xml. So i made this tool for reading an image archive and creating proper flash statements. Its very rudimentary but its working. I made this tool capable of executing the generated flash statements but i deactivated this because of the potential problems beeing caused by using this feature. Maybe i will continue on this in future.
So, whats to do? Use an image file (zip) or unzip first. Then execute the program and select the image or the folder. And thats it. There is one tab with some information and on the second tab there is a list of flash operations this image provides. Under options you'll find one checkbox. Uncheck it will generate the full file paths for your image files. The third tab is for the output a real flash would provide in the command line.
Choose wisely your operations, because eg. erase user data will make a factory reset.
Additional features:
- checking MD5 hashes of all files
current version: 0.9.2
Click to expand...
Click to collapse
so it will generate a txt file with the statements to type, it doesn't flash anything by itself, right?
bilbo75 said:
so it will generate a txt file with the statements to type, it doesn't flash anything by itself, right?
Click to expand...
Click to collapse
with version 0.9.3 it tries to flash.
Version 0.9.3 added.
version: 4.9.4
Last update of the program in the header: 04/06/2020
Developer: kory-vadim
For the program to function, root privileges are required.
Install: flash as Magisk module
Short description:
Unpacking, assembling and converting system (vendor) {. Img} {. New.dat} {. New.dat.br}, mounting raw.images, gluing the system.img broken into parts into a single image (from the firmware for Qfil), unpacking payload.bin, repackaging boot (recovery) .img, extracting file_contexts from boot.img (android <= 8.1), and converting file_contexts.bin on the phone.
Description:
To unpack images, you can use a phone with android 5+.
The system make_ext4fs is used from the phone’s firmware, so on a phone with android 6+ (or better 7), you can collect system.img images from android 5+.
We need root rights, busybox (needed before UKA version: 4.4 inclusive) and enough space for the images themselves and unpacking them in ./data.
Before flashing versions 4.6, 4.7, delete the old version and flash the corresponding archive via twrp.
In the kitchen there is a utility AIK - Android Image Kitchen for repacking boot (recovery) .img.
If, for some reason, you do not want to flash AIK-mobile (or, for example: already installed), then delete the file "AIK.Mobile.Installer.v3.4.zip" from the archive and flash "unpack-android_new_4.6. zip "without this file.
After flashing, install the terminal emulator (if it is not already installed), and check the box for UTF-8 in its settings.
To start the kitchen, in the terminal enter:
su
menu
Go to the item: "Extract file_contexts", and select the subitem: "Install configuration", if this is not done, then the conversion file_contexts.bin -> file_contexts will not work.
You need to run the configuration installation only once.
*In version 4.5 and above it should work without applying this item.
And then enter the numbers corresponding to the desired action.
To extract file_contexts, put boot.img in the folder: /data/local/UnpackerContexts.
To unpack .img images, you need to put system.img or vendor.img in the folder: /data/local/UnpackerSystem, and select the .img file (no more than 5) for unpacking.
When unpacking, the folders will be deleted: "system", or "vendor"; files: * _fs_config and * _pack.sh from the previous unpacking.
To build the image, copy the received file_contexts to the folder: /data/local/UnpackerSystem, if for some reason it will not be in the folder, then the assembly will be performed with file_contexts obtained when unpacking the image.
If files or folders were added to the disassembled image, then before assembling it, you must enter everything added into fs_config, and only then collect it.
If there are spaces in the names of folders or files in the unpacked image, then make_ex4fs will not collect such an image until you rename the files and correct the entries in fs_config.
Therefore, adding folders and files with spaces to the unpacked image is also not possible.
In version 4.6, the write assistant in fs_config is added.
If you just deleted something, then you do not need to edit fs_config.
Also in the collected folder must be present symlinks.
Well, in terms of context, Selinux will also need to be watched, depending on what was added.
To unpack or convert .dat, .br and in other cases, you will be prompted to enter the path to the folder where the image is located (in the same folder should be system (vendor) .transfer.list).
When converting and assembling in .dat, look behind the phone screen, because in some cases you need to enter a number corresponding to the version of the android, the image being collected.
There is a choice of compression ratio for converting * .new.dat to br.
To reduce the conversion time, compression can be selected 3-5 (maximum 7).
To unpack boot (recovery) .img, put the file in the folder: /data/local/AIK-mobile, and select the file in the menu: "unzip boot"
For packaging, use the item: "pack boot".
The collected file will be located in the folder: /data/local/AIK-mobile with the name boot-output.img.
To clean the working folder, also use the corresponding item. Source and output files will not be deleted.
AIK-mobile can be completely removed from the phone directly from the menu.
To mount, use the corresponding menu item, and the raw image must be located in the folder: /data/local/UnpackerSystem.
Do not forget to unmount the image.
To remove the kitchen from the phone, go to the corresponding menu item and confirm the removal,
after confirmation, the phone will be overloaded in twrp, and after working out the script, it will be loaded into the system.
Screenshots(Gdrive): https://drive.google.com/folderview?id=1-5dSaOQKpDH4gy737gcDp-Anp0vAj_VU
Download(Gdrive): https://drive.google.com/file/d/1-nOvictMuUNXbowwn3h1lbdrkJur2jJh/view?usp=drivesdk
MOD EDIT: Link removed
..
chelghouf said:
Hello ??
First thank you for the great work ?
After downloading version 4.9.2 I found it perfect for Android ROMs modification without the need for a computer .. But it needed translation, so work began on that then I decided to add a feature to save and rebuild the ROM currently installed on the device .. This feature is tested on one device " MediaTek treble enabled " .. and on two Android systems 9 And 10 and works perfectly this feature helped me a lot to repack and share the ROM after debugging it or adding new features .. Sorry I don't have other devices to confirm the effectiveness of this feature, but the script is designed to support most versions of Android and many devices when possible .. I'm glad if you accept to add and develop this feature in the next updates .. Thank you.
This is my modded version
https://www.mediafire.com/download/x9doxd3nnd0h2ja
This is the video showing how it works
https://www.mediafire.com/download/qchspnzniikg1gw
https://ibb.co/0QjG7S8
https://ibb.co/XxJ8FPp[/QUOTE
I am having issues in using your modded version.
Please kindly guide me on how to set it up.
Click to expand...
Click to collapse
..
chelghouf said:
What type of issues !
If you followed the video then, try to type menu in place of arkm, else be more specific please.
---------- Post added at 01:10 AM ---------- Previous post was at 12:49 AM ----------
This is a small update a feature removes kitchen binary files from the new build while extracting backup for sar and non sar devices.
I can't post links yet so replace @ with media fire home link
@/download/pq5obfcqhb18hpi
tested and confirmed working on 2 treble mtk devices running android 9 and 10 gsi ROMs and device stock ROM android 8.1
Previous link removed !
This is a small update
4.9.2.3
Added support for some kirin devices
@/download/o1ga3o1v4v13a0c
Click to expand...
Click to collapse
Thank you so much. It works flawlessly. Kudos Bro
chelghouf said:
What type of issues !
If you followed the video then, try to type menu in place of arkm, else be more specific please.
---------- Post added at 01:10 AM ---------- Previous post was at 12:49 AM ----------
This is a small update a feature removes kitchen binary files from the new build while extracting backup for sar and non sar devices.
I can't post links yet so replace @ with media fire home link
@/download/pq5obfcqhb18hpi
tested and confirmed working on 2 treble mtk devices running android 9 and 10 gsi ROMs and device stock ROM android 8.1
Previous link removed !
This is a small update
4.9.2.3
Added support for some kirin devices
@/download/o1ga3o1v4v13a0c
Click to expand...
Click to collapse
Link not working
..
chelghouf said:
@/download/9o1t3hlgh4duied
Replace @ with media fire home link
Click to expand...
Click to collapse
Dev all runs well except option 13 , kitchen not able backup vender . In my device (zuk z2 ) vender is as /factory.
Thanks
..
chelghouf said:
Thanks for feedback , It's fixed i'll give you a link when upload finish
---------- Post added at 09:38 AM ---------- Previous post was at 09:03 AM ----------
@/download/pmzfg8kvdk7to1n
This is a small fix for zuk z2 pro and plus and there is no problem to flash the final rom build.
But if you want your vendor file output name like this "factory.new.dat.br" then you have to wait.
Click to expand...
Click to collapse
All custom roms(z2+) shows "vendor.new.dat.br" in zip, only they unpack in /factory partition .
..
chelghouf said:
Good, i had no idea, i hope it has been fixed.
Click to expand...
Click to collapse
Thanks Dev it starts backing up & converting to zip.
..
chelghouf said:
Hello ??
First thank you for the great work ?
After downloading version 4.9.2 I found it perfect for Android ROMs modification without the need for a computer .. But it needed translation, so work began on that then I decided to add a feature to save and rebuild the ROM currently installed on the device .. This feature is tested on one device " MediaTek treble enabled " .. and on two Android systems 9 And 10 and works perfectly this feature helped me a lot to repack and share the ROM after debugging it or adding new features .. Sorry I don't have other devices to confirm the effectiveness of this feature, but the script is designed to support most versions of Android and many devices when possible .. I'm glad if you accept to add and develop this feature in the next updates .. Thank you.
This is my modded version
https://www.mediafire.com/download/x9doxd3nnd0h2ja
This is the video showing how it works
https://www.mediafire.com/download/qchspnzniikg1gw
https://ibb.co/0QjG7S8
https://ibb.co/XxJ8FPp
Click to expand...
Click to collapse
@chelghouf I keep installing it in magisk but it doesn't show up! Any hint?
..
chelghouf said:
Install from twrp
https://www.mediafire.com/download/q3lq7wz6rsdbfww
Click to expand...
Click to collapse
I installed from TWRP now and it's still the same.
..
chelghouf said:
Type menu and use it from the link I gave you to get all the new features.
Click to expand...
Click to collapse
It's still the original Russian one, should I uninstall the original one? [Thank you for your attention]
Yes, uninstalling the original one fixed it, let's try it out.
..
repacksuper
===========
Copyleft uluruman 2021-2022
(for LINUX/WSL only)
This is the minimalistic set of tools + a script for Linux for the automated
ground-up repacking and flashing of the Samsung Galaxy super.img, replacing
the stock Android system with something much less intrusive and obtrusive
(e.g. LineageOS). Or just some other GSI (Generic System Image).
Additional included scripts (since v1.1) simplify flashing of stock firmware or
separate image files under Linux using Heimdall.
Theoretically should work for any Samsung A-series phones, and may be even for
some others. Tested on SM-A127F/DSN made in India and Vietnam and SM-A325F/DS
made in India, on Debian Linux 11 x64. There are reports of successful flashing
of SM-A127M, SM-A032M and SM-A226B.
Why this method?
----------------
Repacking of super.img is the only method which allows changing of the phone's
operating system without screwing up the Verified Boot (VB) protection
mechanism. Keeping the VB allows you to be sure that everything besides the
platform was indeed compiled by Samsung and wasn't tampered with, no matter from
where you downloaded your stock firmware.
The other reason is that although there are alternative methods of changing the
OS, for phones with dynamic partitioning and no working version of TWRP
available they may be even more complicated than repacking of super.img
externally by this script.
Requirements
------------
Install the following tools from the official repositories of your Linux distro:
simg2img xz-utils lz4 unzip gzip jq file
Basic instructions
------------------
repacksuper.sh: main script for changing your phone's operating system
heimdall_flash_stock.sh: script for flashing stock firmware under Linux
heimdall_flash.sh: script for flashing any custom image file under Linux
Just run a script without any arguments to see help.
Extra tools used (x64 binaries and sources included)
----------------------------------------------------
GitHub - LonelyFool/lpunpack_and_lpmake: android super.img tools
android super.img tools. Contribute to LonelyFool/lpunpack_and_lpmake development by creating an account on GitHub.
github.com
GitHub - amo13/Heimdall: Heimdall is a cross-platform open-source tool suite used to flash firmware (aka ROMs) onto Samsung Galaxy devices. This is a fork of the original repository with a few crucial pull requests merged.
Heimdall is a cross-platform open-source tool suite used to flash firmware (aka ROMs) onto Samsung Galaxy devices. This is a fork of the original repository with a few crucial pull requests merged....
github.com
Additional notes
----------------
The included binaries for the lpunpack, lpmake and Heimdall were compiled for
the x86_64 architecture. If your PC architecture is different (e.g. x86 32-bit
or ARM) you have to compile these tools yourself. The full source code is
included (or otherwise available on GitHub).
Spoiler: Changelog
0.9: Initial release
0.91: Non-sparse new system is now correctly moved into the super dir
0.91a: Bug in the new system file format checking fixed
0.91b: Better support for spaces in paths
0.92: Added checking for system requirements and an optional parameter for
setting of the final tar archive name.
0.92a: Fixed file ownership issues inside the tar distribution archive
0.93: Added support for SM-A325F. Several minor improvements.
0.94: Added support for gzip-packed GSI images. Packing into .tar is now done
without question if the command line parameter is given. Tar parameter
now can include the full path. Without the full path the default tar
location is now the same as the GSI. Several other minor changes.
1.0: Finally added working native Linux flashing using Heimdall (HUGE thanks
to amo13 and Benjamin Dobell). Two new options: using empty product.img
and silent (non-interactive) mode. Colored text. Bugfixes and minor
changes.
1.01: Option to specify the SUPER partition name manually (needed for flashing
SM-A127F with Heimdall). Now it is possible to place output .img and .tar
files in any directory and give them any name. Text terminology a bit
clarified, help text expanded. Done many internal optimizations,
additional sanity checks and minor changes.
1.02: Support for SM-A032F/M and similar firmwares with non-packed super.img.
Support for firmwares with/without additional partitions. Support for
arbitrary partition group names. Very experimental option to use empty
system_ext.img for additional privacy (applicable to some phone models/
regions). Lots of minor fixes.
1.03: Multiple .img files are now supported in GSI archive files (one of them
should be system.img in that case), e.g. Android AOSP zip files are now
supported directly. The logic of flashing with Heimdall now includes more
complex cases, such as flashing in two steps with a reboot. Unnecessary
code in GZ unpacking removed. Some other small fixes and optimizations.
1.1: New scripts heimdall_flash_stock.sh and heimdall_flash.sh added.
Lots of refactoring in repacksuper.sh (because of that there may be some
bugs left), improved and clarified UI logic, changes in where the files are
now placed (see help for details), direct work with stock Zip firmware
files, lots of minor changes.
1.11: Colored text now should be correctly displayed in almost any shell that
supports it except if it's explicitly disabled with NO_COLOR.
1.11.1: heimdall_flash.sh now can flash Super partitions unconditionally in one
step when using both the -s parameter and manually specifying parition
name (e.g. SUPER for SM-A127F).
1.12: The heimdall_flash_stock.sh script was significantly upgraded with lots of
new features. Now it theoretically allows upgrading of stock firmware
without erasing user data, keeping the GSI and custom recovery, etc.
(although it's not that straightforward, read the help for details).
A couple of fixes in the other scripts.
1.12.1: changed unlz4 to lz4 -d, as some distros don't have the needed symlink
1.13: In repacksuper.sh support added for the Vendor DLKM and ODM DLKM
partitions, as well as the experimental -v option to add or replace Vendor
DLKM with a custom image. A couple of minor fixes.
1.14: Greatly improved logic of heimdall_flash.sh, now it's possible to specify
both or either custom partition name and custom file name, and acquiring
PIT from device is done only when it's needed. Versioning scheme of the
scripts was unified: the script that was updated receives the updated
version number of the whole pack, the rest retain the old numbers.
1.15: up_param_tool.sh script was added: it allows altering of the boot
sequence images (logo, "not official" warning, etc.), as well as the
Recovery and Download internal graphics. Happy hacking, but please pay
attention to the warning displayed after extracting the JPEG files.
A couple of minor fixes in the other scripts.
1.15.1: Bug with failing LZ4 uncompression fixed in repacksuper.sh and
heimdall_flash_stock.sh.
1.15.2: Added the Ctrl+C trap in heimdall_flash_stock.sh, so now the temporarily
renamed files are correctly renamed back in case of flashing being
aborted with Ctrl+C. Upgraded Heimdall with the git pull requests, but
it seems those still do not cure the relatively rare issue when flashing
specific files gets completely stuck at some point.
1.15.3: The "file" tool used to identify PIT files was replaced with direct
reading of the file header as the first method proved to be unreliable.
1.15.4: Fixed a bug in heimdall_flash.sh (missing g flag in sed)
1.15.5: Fixed the compatibility issue with the older LZ4 compressors
1.15.6: Fixed compatibility issues with systems where /bin/sh is Bash, such as
ArchLinux
1.15.7: repacksuper.sh: fixed using the existing "repacksuper" dir as source,
also in this mode you can now specify "-" as new system image to reuse
everything inside the "super" subdir. New experimental -w parameter.
All scripts: the Ctrl+C trap now switched on and off the correct way.
Several other fixes.
1.15.8: Fixed using the heimdall_flash_stock dirs as source for repacksuper.sh.
A couple of other fixes.
1.15.9: heimdall_flash_stock.sh: fixed skipping of duplicate partitions (e.g.
vbmeta) for some shells; fixed upgrade-flashing of Galaxy A32 (default
behavior).
Spoiler: Known issues
During the script run you can see several "Invalid sparse file format at header
magic" warnings, just ignore them.
For some firmware files Heimdall may not work at all (freeze indefinitely or
exit with an error), in that case you have to resort to Odin. In many cases
Heimdall freezes when uploading files for some time, but that does not mean it
is completely frozen, just be patient.
In LineageOS, Dot OS and some other GSIs I tried on SM-127F the touch screen
remains not responsive for about 6 seconds after waking up. The problem is not
present at least with SM-127F/DSN phones made in India, but present at least in
those made in Vietnam. Another problem in the most, if not all, GSIs is that the
MTP USB file transfer does not work (at least on Linux) because of the "wrong"
(Samsung's instead of Google's) default MPT driver used by the kernel.
Both of the aforementioned problems can be solved by installing the fixed and
recompiled kernel.
For the last problem alternative solutions include using apps such as
Warpinator, Syncthing or ftpd.
Spoiler: Food for thought
When choosing a GSI to install I really don't recommend using ones which include
GApps and therefore use any of the Google services. Don't let corporations
gather your data. You bought the phone and from now on it should be all yours,
with all of its data, like a PC in the good old days. You own your device, and
nobody has the right to stick their nose into how you use your phone, gather any
statistics and push you any ads. You always have a choice to turn down
privacy-unfriendly stuff, the price of that "inconvenience" is actually
ridiculous. From my point of view, there is simply no point in using non-stock
systems if they are still littered with the privacy-unfriendly bloatware.
For the step-by-step guide (slightly outdated) read this and this post. Also be sure to read this post concerning the importance of optics.img. Concerning the up_param_tool.sh be sure to read this post.
The included binaries for the lpunpack, lpmake and Heimdall were compiled for the x86_64 architecture. If your PC architecture is different (e.g. x86 32-bit or ARM) you have to compile these tools yourself. The full source code is included (or otherwise available on GitHub).
Latest stable combinations of stock firmware and LineageOS (updated February 5, 2023):
SM-A127F: A127FXXU7BVI4 + LineageOS 20.0-td 20230115 arm64 bvS
SM-A325F: A325FXXU2CVK3+ LineageOS 20.0-td 20230115 arm64 bvS
Some recommendations (updated February 5, 2023):
If you are a newbie and don't know how to do unlock the bootloader and other such stuff, here is a good guide by LAST_krypton (follow the "Unlocking the booloader" section) or a shorter guide by cldkrs.
First flash the phone with the whole set of stock firmware using the heimdall_flash_stock.sh (Linux only) script with the -d parameter: the latter forces flashing the unsafe partitions, which are needed for complete re-flashing.
If you're on Windows use Odin instead. Although there is a "leaked" Linux version of Odin, it's still closed-source (of course), so I don't recommend using it on your main Linux PC. For using the Windows version of Odin on Linux you have to either use Windows in QEMU (tested and works) or probably Wine (untested). When using QEMU remember to add the SUBSYSTEM=="usb", ATTRS{idVendor}=="04e8", ATTRS{idProduct}=="685d", MODE:="0666" line to the udev rules (e.g. /etc/udev/rules.d/30-qemu.rules) to enable the write access to the phone.
Sometimes Heimdall cannot flash the stock firmware and gets stuck at some particular file. Although you can successfully flash such a firmware using Odin, I recommend to better to find another firmware, may be one release older, because that may indicate some sort of incompatibility with your particular version of the phone.
The stock firmware comes in different revision numbers (also known as the baseband version), which are upgraded about once a year. Generally it should be beneficial to use the latest revision, but note that once you have upgraded it to a later revision there is no way back (at least known to me). In case you want to experiment with flashing of special kernels and other flavors provided by the XDA developers, if possible, you should probably stick to the very first revision.
If you already have the bootloader unlocked (OEM unlock) then after flashing the stock firmware there is no need to set up the Android, just go straight into the download mode again and flash the repacked super.img.
When downloading LineageOS or any other GSI select the normal arm64 bvS version, not vndklite version.
After flashing the OS go into the Recovery mode (hold volume up and power when rebooting) straight away and do the Factory reset. If you cannot get into the Recovery mode be sure to connect the USB cable before trying to.
If flashing with Heimdall completely freezes at some point make sure you've downloaded and repacked the correct arm64 b or a/b GSI and not arm and not a or a-only variant. If "sw rev check fail" message appears on the screen at some point just ignore it.
You can forcefully reboot your phone at any time, even if it seems bricked, by holding the volume down and power buttons for several seconds.
To upgrade your system to the recent version of the same OS just repackage it again using the same script and flash it normally. If the phone does not boot, get into the Recovery mode and try wiping the Cache partition (all your apps and settings should remain intact).
Most probably you don't need TWRP or any other 3rd party recovery tool at all, as the stock recovery tool works fine for just the factory reset after flashing the super file.
Try to avoid using Magisk if you just want to install another OS and nothing else. It is also not needed for LineageOS bvS version as it already has the su utility integrated, you just need to install the additional Superuser app by Pierre-Hugues HUSSON from the F-Droid store (although it's very old it works just fine).
It's possible that SM-127F/DSN internally is not A12 but actually M12, at least most of the tools and kernels made for M12 work on SM-127F/DSN while those made specifically for SM-125 and even other SM-127 versions do not. Therefore you can find more relevant info and tools in the corresponding XDA thread (my script is still remains relevant though).
I should test this for a127f
Bugs fixed: v0.91 & v0.91a
Bug fixed: v0.91b
Added the "file" utility to the list of requirements, updated readme.txt.
Thanks A LOT, this works! I am finally able to run LineageOS on my phone!
For Windows 10+ users: WSL runs this script just fine with a few additional steps.
1. Install WSL 2 and any Linux distribution from Microsoft Store
2. Run the distribution to finish setup
3. Install the required packages from the post (sudo apt install for Ubuntu/Debian)
4. Shift + Right Click in the folder where you have the script, the AP and the GSI packages
5. Open Linux shell there
6. Unpack & run script as stated in its help
Voila!
Wow ! Great job! I want to try it, but i'm getting many "Invalid sparse file format at header magic" while running the script, is it OK to flah the super.tar anyway?
jadfa said:
Wow ! Great job! I want to try it, but i'm getting many "Invalid sparse file format at header magic" while running the script, is it OK to flah the super.tar anyway?
Click to expand...
Click to collapse
It is totally OK
jadfa said:
Wow ! Great job! I want to try it, but i'm getting many "Invalid sparse file format at header magic" while running the script, is it OK to flah the super.tar anyway?
Click to expand...
Click to collapse
Yes, it is fine. These are just warnings produced by lpmake, they can not be suppressed. I could only suppress all the stdout/stderr from lpmake but it's no good in case of more serious warnings.
Updated to v0.92 with a couple of minor improvements.
{
"lightbox_close": "Close",
"lightbox_next": "Next",
"lightbox_previous": "Previous",
"lightbox_error": "The requested content cannot be loaded. Please try again later.",
"lightbox_start_slideshow": "Start slideshow",
"lightbox_stop_slideshow": "Stop slideshow",
"lightbox_full_screen": "Full screen",
"lightbox_thumbnails": "Thumbnails",
"lightbox_download": "Download",
"lightbox_share": "Share",
"lightbox_zoom": "Zoom",
"lightbox_new_window": "New window",
"lightbox_toggle_sidebar": "Toggle sidebar"
}
What should I do next with the raw file?
"Unknown super file format" is this how it should be?
ANDARXapi said:
View attachment 5490897What should I do next with the raw file?
"Unknown super file format" is this how it should be?
Click to expand...
Click to collapse
Of course not. The format of each file is checked using the "file" utility, it should return the string "Android super image". Try to run file /home/toor/APfilles/super.stock.raw . What is the response? And try doing it all without sudo. There is no need in root privileges.
uluruman said:
Of course not. The format of each file is checked using the "file" utility, it should return the string "Android super image". Try to run file /home/toor/APfilles/super.stock.raw . What is the response? And try doing it all without sudo. There is no need in root privileges.
Click to expand...
Click to collapse
The raw file opens as a picture
uluruman said:
Of course not. The format of each file is checked using the "file" utility, it should return the string "Android super image". Try to run file /home/toor/APfilles/super.stock.raw . What is the response? And try doing it all without sudo. There is no need in root privileges.
Click to expand...
Click to collapse
run without sudo: 168: ./lpunpack_and_lpmake/lpunpack: Permission denied Cannot correctly unpack the super file. Exiting ...
I managed to fix the script, you just need to give chmod +x rights to the files in the folder "lpunpack_and_lpmake": lpunpack, lpmake, lpflash, lpdump, lpadd
ANDARXapi said:
I managed to fix the script, you just need to give chmod +x rights to the files in the folder "lpunpack_and_lpmake": lpunpack, lpmake, lpflash, lpdump, lpadd
Click to expand...
Click to collapse
Hmmm. I have updated it, may be it'll help. Could you please test the latest version (v0.92a)? I want to work it out of the box for everyone, without sudo or any tweaks.
uluruman said:
Hmmm. I have updated it, may be it'll help. Could you please test the latest version (v0.92a)? I want to work it out of the box for everyone, without sudo or any tweaks.
Click to expand...
Click to collapse
Okay, I'll test it tomorrow, today I want to relax at the computer all day
uluruman said:
Hmmm. I have updated it, may be it'll help. Could you please test the latest version (v0.92a)? I want to work it out of the box for everyone, without sudo or any tweaks.
Click to expand...
Click to collapse
Checked, it works right away
Is there a way to install magisk and root?
This is the Android 10 recovery image by HCT (version 10.3.1) patched to skip signature checking on .zip files
Tested on MTCE_LM (Eunavi). Use at your own risk
It can be flashed from a root shell (either adb or via terminal emulator) by performing the following steps
1. upload recovery via adb
Code:
adb push hct_recovery_patched.img /sdcard/
2. flash recovery
Code:
# backup current recovery
dd if=/dev/block/by-name/recovery of=/sdcard/recovery_backup.img
# write new recovery
dd if=/sdcard/hct_recovery_patched.img of=/dev/block/by-name/recovery
NOTE: If you do not disable the "flash_recovery" service in /init.rc, AND you have a stock kernel, recovery will be restored to the original version after rebooting.
There are 3 ways to avoid this:
- Flash magisk (or a modified kernel) while in recovery. The patch will then fail to apply and recovery won't be overwritten
- Disable "flash_recovery" by doing "adb remount" and editing /init.rc (comment out the following)
Code:
service flash_recovery /system/bin/install-recovery.sh
class main
oneshot
- Neuter the service by either:
- removing /system/bin/install-recovery.sh- replacing /system/bin/install-recovery.sh with a dummy script- removing /system/recovery-from-boot.p
Woo-hoo, after hundreds of rubbish posts in the MTCD forums, we have a real development post!
Great work and thanks for sharing this, these forums need more like you.
Thanks for the kind comment!
I have to admit that it was frustrating to see the lack of information sharing on this forum, and the pervasive pay-per-use model.
I spent a lot of time just getting Android 10 installed (starting from Android 9), and i had to bring the head unit to my desk as working in the car was rather hard and all i achieved was a brick.
I unfortunately had to bring it back in the car now (can't sit on my desk forever) but, now that i figured out how to make bootable recoveries, i was wondering how hard it could be to have TWRP or at least a hassle-free recovery to install Android 10 from Android 9.
As a first step, this recovery makes it possible to install Magisk or other zip files without doing it manually within adb.
Cheers!
Your work is really good!
Thanks a lot for it.
Now you can also modify ROM's without signatur errors when installing.
Wouldn't it be good if we had an app like the ModInstaller ?
So a one click installation of the recovery without shell or adb.
I have now built an app.
And now need help.
Namely, in the app is the recovery and the script.
Unfortunately, the flash process is not started.
It always comes only the first message from the script.
The app is open source and the script and the recovery are in res/raw.
In the attach you will find the finished app and pictures.
If someone has a solution, he can write me or make a pull request on Github.
Source code:
GitHub - jamal2362/RK33XX-Custom-Recovery-Installer: Application for flashing custom recovery on Rockchip Android Head-Units.
Application for flashing custom recovery on Rockchip Android Head-Units. - GitHub - jamal2362/RK33XX-Custom-Recovery-Installer: Application for flashing custom recovery on Rockchip Android Head-Units.
github.com
The script:
RK33XX-Custom-Recovery-Installer/script at master · jamal2362/RK33XX-Custom-Recovery-Installer
Application for flashing custom recovery on Rockchip Android Head-Units. - RK33XX-Custom-Recovery-Installer/script at master · jamal2362/RK33XX-Custom-Recovery-Installer
github.com
First of all, congrats for the work!
DISCLAIMER:
I don't own ModInstaller, i have never bought a copy of it and i don't intend to do so.
Analysis is purely done from Youtube videos, open source code analysis and existing and openly available binary images.
I was working to figure out how to make a FLOSS alternative to ModInstaller.
The issues i found in all my attempts are the following:
- A6 recovery is the only one that can boot from SD Card (which can then be used to flash A9 -> A10 with the 2SD trick)
- (it took me a long time to pull these information together and unbrick my unit)- The A6 recovery is unable to directly flash A10 RKAF/RKFW images (sdupdate.img) due to the code being too old
- a failure will be observed while writing super.img. This happens because the device needs to be repartitioned, and the A6 recovery is not doing it correctly- A9 recovery is buggy. Booting it with no system installed will result in a black screen.
- it will only boot succesfully after being written by the A6 flash tool, which writes the "misc" partition with the recovery commands to run (the "hint" i get from this is that the misc partition is important)- A10 recovery can't be loaded by the A6 recovery. I always got a black screen after flash. Is it a flash issue? is it an issue with the recovery itself? hard to know
Theory: maybe the recovery could be written over the kernel partition? ("boot")
This way, the recovery will always run after being flashed instead of requiring an explicit "enter recovery" trigger (buttons, misc partition, etc.)
Besides these experiments, in parallel, i did some bug fixing to this repository: https://github.com/liftoff-sr/rockchip-tool/commits/master (i'm "smx-smx")
That allows me to unpack nad repack "sdupdate.img" , "reduced recovery images" and "full IMG files".
With those tools. i tried to swap "recovery.img" in the A6 image, but i always got the black screen upon booting from SD.
Either A9/A10 breaks sdboot or the bootloader crashes before it gets there.
Since this also happens when being flashed, this could either be a bug in the flashing program or a bug in the boot stack (which fails to run recovery perhaps due to a dirty state of the internal flash). It's hard to know for sure without having a UART connection with the board.
BUT, we have an alternative, in the form of the recovery built-in ISP flash tool.
This is the code that reads "sdupdate.img" from the SD Card and flashes it
After reading the recovery source code, i realised that this code can only be triggered correctly when booting from the SD card.
It detects this state by reading /proc/cmdline and probing for specific values (https://github.com/rockchip-android...6f72b7d3123dab27135ac41d55029/sdboot.cpp#L206)
This means the bootloader can (and will) pass those arguments under specific conditions (https://github.com/rockchip-linux/u...c873f178c/arch/arm/mach-rockchip/board.c#L358)
If you check here https://github.com/rockchip-linux/u...3f178c/arch/arm/mach-rockchip/boot_mode.c#L47 you can see the magic word that needs to be written to the "misc" partition in order to trigger that code.
Note that, besides the well known "sdboot", "usbboot" is also possible.
I'm not sure if the ROM can physically boot from USB, but the bootloader and recovery do support (according to code) passing the flag to enable flashing from USB.
So, recapping, there are these ways we can try:
a - try to overwrite "boot" with "recovery" (but it might not work due to the partitioning layout, e.g. jumping from A6 -> A10)
- note: uboot might also need to be written when doing this.
b - making a modified "sdupdate.img" that flashes recovery on top of boot, and all the other core partitions like "misc", "uboot", "trust", "vbmeta"
c - writing "misc" from android in order to triggers the "rkfwupdate" mode
d - taking a dump of the first portion of the flash in various states (A6, A8, A9, A10), and having a "dd" that writes it back to the beginning of the flash (i suspect this is how ModInstaller does it)
Considering cases "b" and "c" depend on a recovery that can write them correctly (and the A6 one is buggy), this leaves us with "a" and "d"
Considering that ModInstaller does it in one shot, and doesn't seem to matter about the partitioning layout, i believe "d" might be the most viable option...
Using the "rockchip-tool" repository i linked from github, the partition table can be dumped from any .img file
You can observe "Image/parameter.txt" from the extracted firmware
This is the partition table from A6's recovery:
[email protected](uboot)
[email protected](trust)
[email protected](misc)
[email protected](resource)
[email protected](kernel)
[email protected](dtb)
[email protected](dtbo)
[email protected](vbmeta)
[email protected](boot)
[email protected](recovery)
[email protected](backup)
[email protected](security)
[email protected](cache)
[email protected](system)
[email protected](metadata)
[email protected](vendor)
[email protected](oem)
[email protected](frp)
[email protected](userdata)
And this is the partition table from A9's recovery
[email protected](uboot)
[email protected](trust)
[email protected](misc)
[email protected](resource)
[email protected](kernel)
[email protected](dtb)
[email protected](dtbo)
[email protected](vbmeta)
[email protected](boot)
[email protected](recovery)
[email protected](backup)
[email protected](security)
[email protected](cache)
[email protected](system)
[email protected](metadata)
[email protected](vendor)
[email protected](oem)
[email protected](frp)
[email protected](userdata)
Notice how uboot, trust, misc, resource, kernel, dtb, and others live in the same space. (2000, 4000, 6000, 8000, 10000, ...)
What we could do is create a raw blob that spans that address range, and "dd" it directly to /dev/mmcblk0 at the right offset.
So i would focus on converting recovery images to raw blobs, with recovery-as-kernel so it boots straight away on the first try.
Bump a real thread.
Is it possible to convert it to a file installed by SDDiskTool?
marchnz said:
Bump a real thread.
Click to expand...
Click to collapse
I created a flashing tool to flash recovery within Android, using Rockchip's own code: https://forum.xda-developers.com/t/...chip-firmware-flash-tool-for-android.4458299/
blala said:
I created a flashing tool to flash recovery within Android, using Rockchip's own code: https://forum.xda-developers.com/t/...chip-firmware-flash-tool-for-android.4458299/
Click to expand...
Click to collapse
This file hct_recovery.patched.img does not appear to be installed via rkupdate
sadaghiani said:
Is it possible to convert it to a file installed by SDDiskTool?
Click to expand...
Click to collapse
It needs to be converted, yes
I'll take a look this afternoon
blala said:
It needs to be converted, yes
I'll take a look this afternoon
Click to expand...
Click to collapse
Is it possible to create a boot image that includes moded recovery & magisk and moded kernel ?
If by image you mean firmware image then yes, it can be done with https://github.com/liftoff-sr/rockchip-tool
But what i would recommend is the modded recovery only, with the magisk .zip to use in Recovery
Otherwise you risk flashing a kernel that doesn't match with kernel modules or is otherwise not fully compatible with the installed system
blala said:
If by image you mean firmware image then yes, it can be done with https://github.com/liftoff-sr/rockchip-tool
But what i would recommend is the modded recovery only, with the magisk .zip to use in Recovery
Otherwise you risk flashing a kernel that doesn't match with kernel modules or is otherwise not fully compatible with the installed system
Click to expand...
Click to collapse
boot.img file included recovery+magisk+kernel
Flashing a boot.img (Kernel, for example) in an Android mobile phone via adb shell
Flashing a boot.img (Kernel, for example) in an Android mobile phone via adb shell - script.sh
gist.github.com
MTCD has separate boot and recovery partitions.
Perhaps you can adapt both recovery/kernel to be in the same image but the bootloader won't know about that (and will always boot from "recovery" partition)