Database Info

[INFO] ANDROID DEVICE PARTITIONS and FILESYSTEMS

NOTE:
I'm not a developer or something even near to that. I'm a newbie and will be, seems so. All information provided here is copied and compiled from different internet sources like this and many others.
This information is according to best of my knowledge and comprehension and is just for curious souls like me who want to understand things in quite simple words. It might be wrong and I will open-heartedly welcome any correction or addition from anyone.
I'm not responsible for any harm to you or your device resulting from this.
1. PARTITION TABLE
The Phone's Internal Memory (eMMC or UFS; not the SD card) is solid-state (flash) memory, aka NAND. Raw NAND, as it's called, is basically a pure flash memory dependent on CPU to control it. But in order to use flash memory just like a traditional hard drive (block device), NAND is equipped with an (embedded multimedia) micro-controller. It's called eMMC.
eMMC can be partitioned much like a hard drive on PC. PC's have traditionally been partitioned with BIOS compatible Master Boot Record (MBR) scheme in which first sector of disk contains the details of partitions called Partition Table. Limited size of boot sector (512 bytes) puts a limitation of at maximum 4 (primary) partitions listed in MBR. Extended partition has been used for 4+ partitions.
GUID Partition Table (GPT) was introduced with UEFI booting system which isn't dependent on first boot sector and hence may contain up to 128 partitions. GPT also does CRC check, has backup GPT, identifies partitions by GUID and partitions have a label.
Android devices use GPT. We can view and manipulate GPT using Linux tools such as parted and gdisk while fdisk is the traditional tool for MBR partitions.
To view partition table on internal memory:
Code:
~# parted /dev/block/mmcblk0
(parted) p free
~# gdisk -l /dev/block/mmcblk0
(The external SD Card can also be partitioned to include a section dedicated to storing user apps (like Link2SD does) or to create partitions for secondary or tertiary OS on Android device using some multiboot kernel and recovery system). Even we can put whole OS/ROM on an SD card.
2. BRIEF INTRO
Contents of Android partitions can be partially or completely modified by flashing an image (filesystem .img or executable binary or a flashable zip) to them. But we never need to modify most of them and whatever manufacturer wrote on them, resides there unmodified (read-only) for the whole of device life. A user uses only one partition /data to save personal data like photos, music etc. All the other are for device to run. There are typically in the range of 50 partitions on an Android device but only a few partitions are modified for the purpose of adding new features or upgrading the device. A custom ROM or minor upgrade is also limited to modify /boot, /system and /data partitions usually. Most of the partitions are almost intact, containing bootloaders, firmwares, settings etc. Here is a "summarized" detail to these partitions which matter to a common but interested user.
On most devices /system and /data are larger partitions (on some devices /custom or a similar partition too) covering almost 90% of eMMC. All others are smaller ones of a few KB's or MB's.
3. SoC / CHIPSET / PROCESSORS RELATED PARTITIONS
SoC is the first component when we start a PC or Mobile phone which initialzes hardware and processors and loads bootloaders in memory to bootstrap OS. It's an integrated chip containing multiple things e.g. CPU, GPU, modem, wifi etc. It varies for device manufacturers and SoC vendors (chipset plus processor).
Some partitions are specific to SoC, most of them are closed-source executable binary blobs (like aboot, sbl, rpm, tz, cmnlib, devcfg, keymaster, lksecapp and others on a Qualcomm device), loaded step-by-step by bootloaders.
MODEM or RADIO - the phone's radio
Also called baseband, it is responsible for signals and on older devices may control wifi, bluetooth, and GPS (on most newer devices, these are handled by the kernel and ROM). Upgrades are country dependent and may improve or diminish battery performance, network signal strength, and roaming capability. It is also sometimes required to have a minimum Baseband version to use a ROM so that the RIL will play nice with the Baseband.
Modem firmware is a mini-OS for the cellular radio chip which has its own processor. Firmware is a general term, firmware exists for a lot of things on phone. The wireless chip for WiFi, GPS, and Bluetooth often has a firmware as can the GPU core among other things. These firmware files are usually located inside the SYSTEM or VENDOR partition. The modem firmware is special because it has its own separate Baseband Processor (BP) so the firmware is left out of the system image in its own partition.
Modem is not an Android-specific partition. It is tied to the hardware of the phone, but the kernel has a code allowing Android to interact with the hardware. But the baseband processor (BP) - which runs modem and is responsible for all communication through mobile networks e.g. call, SMS and internet - is totally isolated from Application Processor (the one we call CPU) and is not governed by Android kernel; it runs an independent RTOS.
RIL/Radio Interface Layer
This is not a separate partition, but a part of the ROM and is like a driver for the Radio. RIL daemons provides telephony and cellular data i.e. adds phone to smartphone. There is a matching RIL for each Baseband version and you can flash it to match your Baseband after flashing a ROM. Having mismatched RIL and Baseband can range from having no effect at all, slight battery drain, loss of roaming, or even no connection to the cell network. Many ROMs keep their RIL updated to the latest. Job of the RIL is to translate all the telephony requests from the Android telephony framework and map them to the corresponding AT commands to the modem, and back again. AT set of commands is used to communicate with modem i.e. baseband processor (BP) which is a must have processor on Android devices in addition to normal CPU i.e. Application Processor (AP).
TZ (TrustZone) - used by ARM processors as an additional lock to security features. It combines user's encryption key with a hardware specific key generated by encryption processor (like TPM on Windows) to make security breaching more difficult. It can also be used to implement Trusted Execution Environment (TEE).
RPM (Resource/Power Management) which starts executing Primary/Primitive BootLoader (PBL) in BootROM - controls power to radio, modem etc.
DSP (Digital Signal Processor) - by Qualcomm to assist in things like smooth video playback (realtime media and sensors processor) as well as runs RTOS for modem
HYP (Hypervisor) - Virtual Machine Monitor, to enable Virtual Machine platform
4. BOOTLOADERS
Bootloaders - in many steps - hand over charge to kernel after loading in RAM. These are mostly standalone ELF executable files becuase at this stage no filesystem is loaded and only executable code may work. These are all closed source components on Android device, provided by SoC vendors - either built-in or as binary blobs.
SBL - Secondary bootloader loaded by SoC, loads ABOOT in memory, also provides (Emergency) Download Mode (EDL) on many devices, a Firmware Update Protocol.
ABOOT (bootloader.img or aboot.mbn file in Factory Firmware) - Applications Bootloader is the main bootloader responsible for loading kernel or recovey and fastboot - a Firmware Update Protocol - as well.
Kernelflinger is a similar bootloader on Intel devices.
Read ANDROID BOOT PROCESS to know more about bootloaders.
5. CORE AOSP PARTITIONS
BOOT - Kernel and initramfs (modern form of of ramdisk and ramfs/tmpfs)
A kernel is a layer of code that allows the OS and applications to interface with your phone's hardware. The degree to which you can access your phone's hardware features depends on the quality of code in the kernel. Several kernel code improvements give us additional features from our hardware that the stock kernel does not. When you flash a custom ROM, you automatically get a kernel. But you can also flash a standalone kernel on top of the existing one, effectively overwriting it. These days, the difference in custom kernels is less about new features and more about alternate configurations. Choosing a custom kernel is basically choosing one that works best with your ROM.
Device Tree Blob (DTB), along with hardware drivers, are baked with kernel source in boot.img. DTB is loaded by bootloader at boot time and passed to kernel so that it can discover hardware and create node points accordingly.
On a Linux system init along with scripts, binaries kernel drivers and modules (in initrd.img), kernel (vmlinuz executable) and bootloader configuration along with modules, they all reside on root or a separate partition (mounted) at /boot. While on Android, init along with a few binaries and configuration files and kernel reside in a separate partition named "boot" with a special filesystem. Boot.img is created using tools like mkbootimg after building kernel.
This is how kenrel and DTB are built:
vmlinux > Image > zImage / Image.gz > Image.gz-dtb
vmlinux: Large sized non-bootable Linux kernel (executable) with debug symbols, just an intermediate step to producing vmlinuz
vmlinux.bin: Same as vmlinux binary but with removed symbols, produced by 'objcopy'
vmlinuz: Compressed and bootable Linux kernel file; one of zImage or bzImage formats; compressed using zlib, LZMA, gzip or bzip2 etc.
zImage: Smaller format, for old kernels
bzImage: Big zImage
Image: vmlinux.bin of embedded devices
Image.gz: zImage or bzImage of embedded devices
.dts (multiple) < > .dtb (1 or more)
Converted using dtc (device tree compiler)
.dtb is appended to zImage / Image.gz i.e. zImage-dtb / Image.gz-dtb (simply concatenate)
zImage-dtb > dtb Can be extracted using split-appended-dtb
Packed as a part of kernel, "--dt" option is not needed when creating boot.img
mkbootimg --kernel *.Image.gz-dtb --ramdisk *.cpio.gz --base . . . --offset . . . --tag-address . . . --cmdline . . .
.dtb is extracted as a part of kernel by unpackbootimg
.dtb < > dtb.img
Converted using mkdtimg
dtb.img is for dtb partition or second stage of boot.img
boot.img is created by using --dt option:
mkbootimg --dt dt.img --kernel *.Image.gz --ramdisk *.cpio.gz --base . . . --offset . . . --tag-address . . . --cmdline . . .
dtb.img is extracted separately by unpackbootimg
Further Reading: Device Tree Overlays and Android Boot and Recovery Images
SYSTEM - ROM / OS
Contains system applications and libraries that have AOSP source code. During normal operation, this partition is mounted read-only; its contents change only during an OTA update or when flashing a new OS. Most ROM's don't allow root level (Admin rights in Windows) access by default. So, "rooting" is required to modify the contents of this partition. This is the actual User Interface we use on our phone i.e. system apps are installed on this partition on /system/app directory. Another important directory is /system/bin which contains executable binaries to perform each and every action by OS in background (as daemons) or by user in shell (bash) scripts or CLI (command line interface). These are native binaries (developed in C / C++ mostly) as opposed to Android apps which are developed in Java. A minimal form of Linux commands is also included in AOSP as toolbox or toybox (or user can add busybox or individual static binaries). /system/lib directory contains native libraries (shared by applications commonly) with .so extensions just like .dll on Windows.
VENDOR
This partition is replaced with a shortcut (symbolic link in fact) to /system/vendor directory. It contains system applications and libraries that do not have source code available on AOSP but added by vendors (OEM's). During normal operation, this partition is mounted read-only; its contents change only during an OTA update. It also contains SoC firmware images i.e. hardware specific libraries and binaries (OpenGL, ISP...).
Proprietary blobs (HALs) usually live in (/system)/vendor as shared libraries (.so files) which are loaded by Android binders when processes call a hardware component. HAL (hardware abstraction layer) is userspace alternative to traditional Linux's system calls for drivers and is a kind of Google's standardization for OEMs/hardware vendors, though being abandoned by mainstream Linux.
PROJECT TREBLE
In an ideal world, there should be a generic AOSP OS and a single kernel for all Android devices, not tied to hardware and vendors. But unfortunately it isn't so because unlike PC world, there is no standardization in mobile world. AOSP is heavily modified on silicon vendor (SoC) as well as phone vendor level. One of the worst outcome of this situation is almost no Long Term Support (LTS). There are delayed or none updates once the consumers have phone, making it vulnerable to security issues and missing new features. Project Treble (starting from Android-8) addresses this issue somewhat by creating a separation between hardware specific code and generic AOSP code.
Previously, phone vendors used to get AOSP code from Google, mixing it with their own cutomizations (UI, apps etc.) and the hardware specific code from SoC vendor. If a minor fix needed to be applied to AOSP code, the whole process had to be repeated because code was intermingled and fixing one thing broke the other. Google resolved this issue by specifying /vendor partition for hardware specific code, /system containing only generic code. Interaction with AOSP code will be through HIDL interfaces, thus making it possible to upgrade the both codes independently. /oem and /odm partitions were added previously for the same purpose.
USERDATA
User applications are installed in different folders under /data. Apps data (user and system) is stored in /data/data. User personal data and some apps data is stored in /data/media. /data/media is also emulated as internal SDCard at /storage/emulated and symlinked at /sdcard. Personalized and apps settings are also stored in this partition. A folder /data/dalvik contains, in simple words, extracted apps to boost loading process. Java bytecode of Android apps is converted to executable code (.odex) by Dalvik Virtual Machine, separate instance of which is launched by zygote (an Android init daemon) for every app.
This partition is not normally touched by the OTA update process. A Factory Reset wipes this partition, normally excluding /data/media i.e. personal data.
When you do a factory reset (AKA: wipe, hard reset, factory wipe, etc.), you are erasing the /data and /cache partitions. Note that a factory reset does NOT put your phone back to its factory state from an OS standpoint. OS upgrades will stay because the OS lives in /system, and that is not touched during a factory reset. So it's not a factory reset. It's a factory DATA reset actually.
RECOVERY
Holds alternate boot partition and the recovery program that lets the device boot into a recovery console for performing advanced recovery and maintenance operations. It contains a second complete Linux system i.e. independent OS, including a user-interface application, kernel and the special recovery binary that reads a package and uses its contents to update i.e. flash or wipe itself or any other partition particularly during OTA updates.
Recovery is also the most commonly used method to flash custom ROM's.
ADB sideload mode through PC is a replacement of flashing files (usually .zip) through Recovery. ADB works when phone is switched on in Recovery (or ROM). ADB/fastboot setup is to be made on PC to use this mode.
CACHE - cached (frequently accessed) data from OS usage and contains the firmware update package downloaded from server during OTA updates. Temporary holding area used by a few applications with the expectation that files can disappear at any time. Major use is by recovery and OTA updates. Recovery last_log is also written to this partition.
6. OTHER PARTITIONS
CUST - also CUSTOM or PRELOAD on some devices, it's used by stock ROM's, holding some preloaded system apps and regional settings which are installed on first use.
MISC - also FOTA on older devices
It's a tiny partition used by recovery to communicate with bootloader store away some information about what it's doing in case the device is restarted while the OTA package is being applied.
It is a boot mode selector used to pass data among various stages of the boot chain (boot into recovery mode, fastboot etc.). e.g. if it is empty (all zero), system boots normally. If it contains recovery mode selector, system boots into recovery mode.
It may also carry some necessarily required information in the form of switches to control hardware or settings related tasks such as CID (Carrier or Region ID) information and USB configurations etc.
PERSIST - contains data which shouldn't be changed after the device is shipped, e.g. DRM related files, sensor reg file (sns.reg) and calibration data of chips; wifi, bluetooth, camera etc.
Some package installers such as OpenGapps also make use of this partition to read configuration file.
EFS, MODEMST1, MODEMST2, FSG, BACKUP
These all are related to IMEI; a unique number used by GSM networks to identify and trace a mobile phone.
EFS may contain hardware info like configuration files, WiFi/BlueTooth MAC’s, IMEI (or ESN for a CDMA based device) etc.
EFS and MODEMST1 may be a single partition on some phones.
FSG (FileSystem Golden copy) and BACKUP are backups of MODEMST1 and MODEMST2 respectively. If MODEMST1 or MODEMST2 are erased (by wrong factory flashing say) and phone notices an invalid partition, FSG and BACKUP will be restored.
MODEMST1 and MODEMST2 also contains modem firmware files.
PARAM - stores a number of parameters, variables and settings of the hardware. It contains info whether MODEMST partitions are backed up or not. Also debug settings, custom ROMs flash count, current stage boot process etc.
OEM - like VENDOR, it incorporates OEM (Original Equipment Manufacturer i.e. hardware manufacturer or Mobile Phone brand) small customization (modifications) to original Android (AOSP) during OTA updates such as customized system properties values etc.
PAD - related to OEM
OTA, FOTA - OTA updates
DDR - Double Data Rate RAM
FSC - Modem FileSystem Cookies
SSD - Secure Software Download, a memory based file system for secure storage, stores some encrypted RSA keys
DEVINFO - device information including: is_unlocked (aboot), is_tampered, is_verified, charger_screen_enabled, display_panel, bootloader_version, radio_version etc. Contents of this partition are displayed by "fastboot oem device-info" command in human readable format. Before loading boot.img or recovery.img, bootloader verifies the locked state from this partition.
CONFIG/FRP/PDB - saves state of Factory Reset Protection (FRP), "Allow bootloader (OEM) unlocking" . (Developer Options), asks already associated account info. This partition is erased/reset if Factory Reset done from Settings.
DEVCFG - used by TZ for upgrades
LKSECAPP - "LK (Little Kernel) Security App", related to RPM, TZ online verification / update
LIMITS - Qualcomm Limits Management Hardware (LMh) driver in SBL writes the data in this partition to use for later reboots
SYSCFG - Qualcomm CPR (Core Power Reduction) Regulator for better performance and power saving of application processor by voltage control
DIP, MDTP - boot verification, use Qualcomm SafeSwitch technology to lock and track theft phones
CMNLIB, KEYMASTER - verified boot
SEC - contains fuse settings, mainly for secure boot (signing bootloaders for chain of trust) and oem setting
KEYSTORE - related to /data Full Disc Encryption (FDE)
MCFG - (Modem Configuration Framework) - on dual SIM devices, loads MBN (modem binary) files depending on SIM/carrier
SPLASH - splash image or boot logo which appears when device boots (at ABOOT stage).
CHGLOGO - charging screen that appears when charger is connected to powered off device.
MSADP, APDP, DPO - related to debug policies
GROW - empty for future expansion
7. FILESYSTEMS
Supported filesystems by your kernel can be viwewd by:
Code:
~# cat /proc/filesystems
Partitions with Mountable Filesystems
Following partitions are mounted during boot process:
system, vendor, odm, userdata (mounted at /data), cache, cust, persist (mounted at /persist or /mnt/vendor/persist), modem (mounted at /firmware or /vendor/firmware_mnt), dsp (mounted at /dsp or /vendor/dsp)
Modem is formatted as vfat while all others are usually ext4 or f2fs on newer devices.
All of these are listed in /fstab.* file which is processes by init. Starting with Android 8.0 (Treble release), fstab.* is moved to /vendor/etc/ and system, vendor and odm entries are included in dtb.
Other partitions don't contain a mountable filesystem. However, we may try to get an idea of the contents by reading smaller partitions e.g.:
Code:
~# cat /dev/block/bootdevice/by-name/config | strings
~# cat /dev/block/bootdevice/by-name/misc | strings
Pseudo / Virtual / in-Memory Filesystems (Kernel space)
These filesystems don't rely on a physical persistent storage but just live in RAM, to provide kernel services interfaces in user space.
rootfs (/) - mounted by kernel before calling init. More details here
sysfs (/sys) - information related to devices, populated by kernel
devpts (/dev/pts) - character device files representing slave side of pseudo terminal pairs
proc (/proc) - information related to all processes, updated as processes are started / killed
tmpfs (/dev) - all device nodes updated from sysfs, accessible from user space
configfs (/config) - intergrated with userspace sdcardfs, controls apps permissions to directories on internal/external sdcard by VOLume Daeomon, a replacement of fusefs
pstore (/sys/fs/pstore) - persistent storage, a replacement of /proc/last_kmsg, saves last kernel console messages on panic / crashes / sudden reboots, solution to volatile nature of pseudo filesystems
cgroup - cgroups manage hardware resources allocation to processes as per load
selinuxfs (/sys/fs/selinux) - implementation of Security-Enahanced Linux, a mandatory access controls (MAC) to manage file permissions, better than traditional Discretionary Access Control (DAC) mechanism (Read-Write-eXecute) of Linux
debugfs (/sys/kernel/debug) - to monitor and debug kernel space implementations from user space
tracefs (/sys/kernel/debug/tracing) - debugfs with better security
functionfs (/dev/usb-ffs/adb) - integrated with configfs, manages USB gadgets, ADB is implemented through functionfs on Android
FILESYSTEM TREE MOUNTED BY INIT: ANDROID vs. LINUX
8. Factory Firmware and Flashable ROMs:
When you flash a custom ROM, that ROM typically includes a kernel and an OS. That means the /boot and /system partitions will be modified at a minimum. Some ROMs require a clean install, so a format of the /data and /cache partitions is sometimes built into the .zip that you flash. This is essentially doing a Factory Reset.
Read here to know more about flashing partitions.
Factory Firmware contains original iamge files of almsot all important partitions. It's provided by OEM's, usually as a package which also incude a flasher software for PC. Or a general flasher software may be uses such as QFIL.
ROM Development
A ROM developer downloads AOSP source code from Google while device tree, driver binaries and kernel source code is provided by (ODM's through) OEM's, if they are generous enough. OEM's manufacture and sell devices themselves while ODM's sell to white-labelers who brand them under their own names. Original Android kernel tree is provided by Google which in turn is taken from Linux and then modified by Google for Android-specific needs.
RELATED:
An Introduction to Android Firmware

First off, don't need be like your never be a dev, lol you never know. Secondly it's a good share. Appreciated

Drivers Partition
What are partitions responsible on drivers like sound and camera,
I restored ROM using TWRP but now, Sound and Camera don't work,
any help?

saprey said:
What are partitions responsible on drivers like sound and camera,
I restored ROM using TWRP but now, Sound and Camera don't work,
any help?
Click to expand...
Click to collapse
Camera and sound are related to your rom i.e. system partition. Do factory data reset or clean install rom

Thanks, but why is my phone talking about a primary partition and a secondary partition?
Tia,
A real newbie

TommyWhite said:
Thanks, but why is my phone talking about a primary partition and a secondary partition?
Tia,
A real newbie
Click to expand...
Click to collapse
At what point talking about primary / secondary partitions? Are you creating new partitions or using some tool / app to view partitions?

Oh, I misunderstood.
It was about public storages (so whats accessible without root, right??).
It said
Public storage (primaire): /storage/emulated/0
Public storage (secondaire): /storage/94F1-34D8 (I didnt realise that was my sd card ...)
RootFs: /
System: /system
Like a said 'a real newbie'

TommyWhite said:
Oh, I misunderstood.
It was about public storages (so whats accessible without root, right??).
It said
Public storage (primaire): /storage/emulated/0
Public storage (secondaire): /storage/94F1-34D8 (I didnt realise that was my sd card ...)
RootFs: /
System: /system
Like a said 'a real newbie'
Click to expand...
Click to collapse
Something like this attachment?

mirfatif said:
Something like this attachment?
Click to expand...
Click to collapse
yes, sorry for the very late response.

While on some devices there is no bootloader partition at all and bootloader(s) resides on SoC.
Click to expand...
Click to collapse
Great post btw! With the bootloader section mentioning like the above, I have a question: I'm having a device with Snapdragon 810 SoC and wasn't able to find the bootloader partition (or at least I didn't know it has because I couldn't get it to boot into that mode). So does that mean the bootloader is on the SoC? How do I figure it out if it exists on the chip?

Hi @mirfatif , what a post! Hats off to you. By the way, where does the blobs/ HALs go when we flash a new ROM zip?

argon9898 said:
Great post btw! With the bootloader section mentioning like the above, I have a question: I'm having a device with Snapdragon 810 SoC and wasn't able to find the bootloader partition (or at least I didn't know it has because I couldn't get it to boot into that mode). So does that mean the bootloader is on the SoC? How do I figure it out if it exists on the chip?
Click to expand...
Click to collapse
Booting in bootloader (or it's equivalent; like fastboot) mode is dependent on the phone manufacturer. Though most of the hardware manufacturers allow users to access bootloader for repair/maintenance or modified boot chain, some may restrict this for Digital Rights Management or to gain forced customer loyalty , irrespective of where bootloader resides. On most phones it's a partition. You may check your partition table to know about all partitions.

azoksky said:
Hi @mirfatif , what a post! Hats off to you. By the way, where does the blobs/ HALs go when we flash a new ROM zip?
Click to expand...
Click to collapse
Thanks for mentioning. I have added this to my post. By "blolbs" you mean DTB or hardware drivers? Well AFAIK, the blobs are included in every ROM where "ROM" is boot.img and system.img at least.
A ROM developer downloads AOSP source code from Google while device tree (map of hardware components), driver binaries and kernel source code is provided by (ODM's through) OEM's, if they are generous enough. OEM's manufacture and sell devices themselves while ODM's sell to white-labelers who brand them under their own names. Original Android kernel tree is provided by Google which in turn is taken from Linux and then modified by Google for Android-specific needs. DTB and drivers are baked with kernel source in boot.img though DTB may live on a separate dtb partition as specified by AOSP (and was the proposed solution for ARM based embedded Linux devices before Android's birth) but I don't think that is widely practiced. DTB is loaded by bootloader at boot time and passed to kernel so that it can discover hardware and create node points accordingly. Proprietary blobs (HALs) usually live in (/system)/vendor as shared libraries (.so files) which are loaded by Android binders when processes call a hardware component. HAL is userspace alternative to traditional Linux's system calls for drivers and is a kind of Google's standardization for OEMs/hardware vendors.
Click to expand...
Click to collapse

Hello everyone. I tell you that one day flashing my oneplus 5 lost the wifi. The MAC address shows me the typical 02: 00: 00: 00: 00: 00 address. The way to fix it is updating the Oreo but I could never do it, it is always in bootloop, I read all the forums and there is no case, do what I always do the same. It happens in many oneplus 5. So I forgot to fix it in that way. The other thing I saw is hundreds of forums with that problem but I could not fix it either, I've been doing it for three months now. What I am trying now is to erase all the partitions except recovery or bootloader but the phone does not start anymore. What I want is to delete all the partitions associated with wifi, delete modem1, modem2, persist, fsg but nothing, I just managed to lose the imei that does not matter to me because I have back up of the efs folder and even the qcn file of the phone. I know it's a lot of work but if someone tells me that they control each partition, I could erase it, load everything from scratch and that's it. Would someone give me a hand so I can fix that damn wifi on the phone ?. Thank you.
--------------------------------------------------------------------------------------------------------------------------------------
drwxr-xr-x 2 root root 1440 1970-05-03 14:23 .
drwxr-xr-x 4 root root 1600 1970-05-03 14:23 ..
lrwxrwxrwx 1 root root 16 1970-05-03 14:23 LOGO -> /dev/block/sde18
lrwxrwxrwx 1 root root 16 1970-05-03 14:23 abl -> /dev/block/sde16
lrwxrwxrwx 1 root root 16 1970-05-03 14:23 ablbak -> /dev/block/sde17
lrwxrwxrwx 1 root root 16 1970-05-03 14:23 apdp -> /dev/block/sde31
lrwxrwxrwx 1 root root 16 1970-05-03 14:23 bluetooth -> /dev/block/sde24
lrwxrwxrwx 1 root root 16 1970-05-03 14:23 boot -> /dev/block/sde19
lrwxrwxrwx 1 root root 16 1970-05-03 14:23 boot_aging -> /dev/block/sde20
lrwxrwxrwx 1 root root 15 1970-05-03 14:23 cache -> /dev/block/sda3
lrwxrwxrwx 1 root root 15 1970-05-03 14:23 cdt -> /dev/block/sdd2
lrwxrwxrwx 1 root root 16 1970-05-03 14:23 cmnlib -> /dev/block/sde27
lrwxrwxrwx 1 root root 16 1970-05-03 14:23 cmnlib64 -> /dev/block/sde29
lrwxrwxrwx 1 root root 16 1970-05-03 14:23 cmnlib64bak -> /dev/block/sde30
lrwxrwxrwx 1 root root 16 1970-05-03 14:23 cmnlibbak -> /dev/block/sde28
lrwxrwxrwx 1 root root 16 1970-05-03 14:23 config -> /dev/block/sda12
lrwxrwxrwx 1 root root 15 1970-05-03 14:23 ddr -> /dev/block/sdd3
lrwxrwxrwx 1 root root 16 1970-05-03 14:23 devcfg -> /dev/block/sde39
lrwxrwxrwx 1 root root 16 1970-05-03 14:23 devinfo -> /dev/block/sde23
lrwxrwxrwx 1 root root 16 1970-05-03 14:23 dip -> /dev/block/sde14
lrwxrwxrwx 1 root root 16 1970-05-03 14:23 dpo -> /dev/block/sde33
lrwxrwxrwx 1 root root 16 1970-05-03 14:23 dsp -> /dev/block/sde11
lrwxrwxrwx 1 root root 15 1970-05-03 14:23 frp -> /dev/block/sda6
lrwxrwxrwx 1 root root 15 1970-05-03 14:23 fsc -> /dev/block/sdf4
lrwxrwxrwx 1 root root 15 1970-05-03 14:23 fsg -> /dev/block/sdf3
lrwxrwxrwx 1 root root 16 1970-05-03 14:23 fw_4g9n4 -> /dev/block/sde45
lrwxrwxrwx 1 root root 16 1970-05-03 14:23 fw_4j1ed -> /dev/block/sde43
lrwxrwxrwx 1 root root 16 1970-05-03 14:23 fw_4t0n8 -> /dev/block/sde46
lrwxrwxrwx 1 root root 16 1970-05-03 14:23 fw_8v1ee -> /dev/block/sde44
lrwxrwxrwx 1 root root 15 1970-05-03 14:23 hyp -> /dev/block/sde5
lrwxrwxrwx 1 root root 15 1970-05-03 14:23 hypbak -> /dev/block/sde6
lrwxrwxrwx 1 root root 16 1970-05-03 14:23 keymaster -> /dev/block/sde25
lrwxrwxrwx 1 root root 16 1970-05-03 14:23 keymasterbak -> /dev/block/sde26
lrwxrwxrwx 1 root root 15 1970-05-03 14:23 keystore -> /dev/block/sda5
lrwxrwxrwx 1 root root 16 1970-05-03 14:23 limits -> /dev/block/sde35
lrwxrwxrwx 1 root root 16 1970-05-03 14:23 logdump -> /dev/block/sde40
lrwxrwxrwx 1 root root 16 1970-05-03 14:23 logfs -> /dev/block/sde37
lrwxrwxrwx 1 root root 15 1970-05-03 14:23 md5 -> /dev/block/sdf5
lrwxrwxrwx 1 root root 16 1970-05-03 14:23 mdtp -> /dev/block/sde15
lrwxrwxrwx 1 root root 16 1970-05-03 14:23 mdtpsecapp -> /dev/block/sde12
lrwxrwxrwx 1 root root 16 1970-05-03 14:23 mdtpsecappbak -> /dev/block/sde13
lrwxrwxrwx 1 root root 16 1970-05-03 14:23 minidump -> /dev/block/sde47
lrwxrwxrwx 1 root root 15 1970-05-03 14:23 misc -> /dev/block/sda4
lrwxrwxrwx 1 root root 16 1970-05-03 14:23 modem -> /dev/block/sde10
lrwxrwxrwx 1 root root 15 1970-05-03 14:23 modemst1 -> /dev/block/sdf1
lrwxrwxrwx 1 root root 15 1970-05-03 14:23 modemst2 -> /dev/block/sdf2
lrwxrwxrwx 1 root root 16 1970-05-03 14:23 msadp -> /dev/block/sde32
lrwxrwxrwx 1 root root 15 1970-05-03 14:23 oem_dycnvbk -> /dev/block/sda7
lrwxrwxrwx 1 root root 15 1970-05-03 14:23 oem_stanvbk -> /dev/block/sda8
lrwxrwxrwx 1 root root 15 1970-05-03 14:23 param -> /dev/block/sda9
lrwxrwxrwx 1 root root 15 1970-05-03 14:23 persist -> /dev/block/sda2
lrwxrwxrwx 1 root root 15 1970-05-03 14:23 pmic -> /dev/block/sde8
lrwxrwxrwx 1 root root 15 1970-05-03 14:23 pmicbak -> /dev/block/sde9
lrwxrwxrwx 1 root root 16 1970-05-03 14:23 recovery -> /dev/block/sde22
lrwxrwxrwx 1 root root 15 1970-05-03 14:23 reserve -> /dev/block/sdd1
lrwxrwxrwx 1 root root 16 1970-05-03 14:23 reserve1 -> /dev/block/sda10
lrwxrwxrwx 1 root root 16 1970-05-03 14:23 reserve2 -> /dev/block/sda11
lrwxrwxrwx 1 root root 15 1970-05-03 14:23 rpm -> /dev/block/sde1
lrwxrwxrwx 1 root root 15 1970-05-03 14:23 rpmbak -> /dev/block/sde2
lrwxrwxrwx 1 root root 15 1970-05-03 14:23 sec -> /dev/block/sde7
lrwxrwxrwx 1 root root 16 1970-05-03 14:23 splash -> /dev/block/sde34
lrwxrwxrwx 1 root root 15 1970-05-03 14:23 ssd -> /dev/block/sda1
lrwxrwxrwx 1 root root 16 1970-05-03 14:23 sti -> /dev/block/sde38
lrwxrwxrwx 1 root root 16 1970-05-03 14:23 storsec -> /dev/block/sde41
lrwxrwxrwx 1 root root 16 1970-05-03 14:23 storsecbak -> /dev/block/sde42
lrwxrwxrwx 1 root root 16 1970-05-03 14:23 system -> /dev/block/sde21
lrwxrwxrwx 1 root root 16 1970-05-03 14:23 toolsfv -> /dev/block/sde36
lrwxrwxrwx 1 root root 15 1970-05-03 14:23 tz -> /dev/block/sde3
lrwxrwxrwx 1 root root 15 1970-05-03 14:23 tzbak -> /dev/block/sde4
lrwxrwxrwx 1 root root 16 1970-05-03 14:23 userdata -> /dev/block/sda13
lrwxrwxrwx 1 root root 15 1970-05-03 14:23 xbl -> /dev/block/sdb1
lrwxrwxrwx 1 root root 15 1970-05-03 14:23 xblbak -> /dev/block/sdc1

thank you
This is one of the best posts that I've ever read. I'm a hobbyist and reverse engineer learn. My primary phones are Samsung S 6 7 and 8 and I've soft bricked phones them more times than I can count (but recovered) justifying it as a learning experience. Sort of like putting your hand in the fire several times and calling it a learning experience. your post opens up more questions which are great. I root all my phones and I have a fear of new security patches disguised as updates disabling what methods work last week so to speak
So if I understand finally there is a section in bootloaders which is the first bootloader that is static yet upgradable but not downgradable as you referred to like the BIOS on PCs which acts as a verification process so you can't flash downgradable security patches. Much like I've encountered with partcyborg great work on rooting the S8 snapdragon however once you upgraded to the bootloader 2 you couldn't go back to the bootloader one. This is in reference to the build, not the partition.
If someone does reply, I'd like to know can you mod a certain file and Odin in the bootloader section when flashing an update to ensure that you stay at a certain bootloader level while the other files such as AP CP and CSC remain intact from the sam mobile stock firmware.(which I assume the term combo firmware file originates)
My most recent encounters are the device and binary are not the same which I attribute to this problem.
In theory from what I understand the phone has a section that is not Factory resettable which is the NAND that contains read-only but system upgrade information? However, it can be modified by a power Superuser rooted? This obviously risking hard bricking a phone
When upgrading firmware specifically the bootloader file in Odin what file(s) {bin} are essential to the new modification patches and can those files be substituted?
Any comment is considered very helpful. Odin itself is coming out with different versions for structures (prince cosmey) for example.
I explore the system file structure often wondering what I could change or alter as simple as a 0 or 1 or a true or a false to enable or disable my ability to access what I feel I need to access.
I could buy the z3x Samprotools but it defeats my intentions to learn the details.
If you do have a suggestion on a GUI Windows-based tool it would be great. Don't know Linux just as a footnote
Once again what a great post and definition of the different sections of terminology it's just enough to educate me and confuse me at the same time keep doing what you're doing. Any tricks or tips will be very appreciated.

partitions
What are partitions responsible on drivers like sound and camera,

Curious Q.!
what about these two ?
Code:
rpm -> /dev/block/mmcblk0p2
rpmbak -> /dev/block/mmcblk0p11
my phone is MOTO-G5-PLUS (potter)
whole partition table is here:
Code:
←7←[r←[999;999H←[6n←8potter:/ # ls -l /dev/block/bootdevice/by-name
total 0
lrwxrwxrwx 1 root root 21 1970-08-28 23:29 DDR -> /dev/block/mmcblk0p23
lrwxrwxrwx 1 root root 20 1970-08-28 23:29 aboot -> /dev/block/mmcblk0p5
lrwxrwxrwx 1 root root 21 1970-08-28 23:29 abootbak -> /dev/block/mmcblk0p14
lrwxrwxrwx 1 root root 21 1970-08-28 23:29 apdp -> /dev/block/mmcblk0p45
lrwxrwxrwx 1 root root 21 1970-08-28 23:29 boot -> /dev/block/mmcblk0p37
lrwxrwxrwx 1 root root 21 1970-08-28 23:29 cache -> /dev/block/mmcblk0p52
lrwxrwxrwx 1 root root 21 1970-08-28 23:29 carrier -> /dev/block/mmcblk0p34
lrwxrwxrwx 1 root root 21 1970-08-28 23:29 cid -> /dev/block/mmcblk0p32
lrwxrwxrwx 1 root root 20 1970-08-28 23:29 cmnlib -> /dev/block/mmcblk0p6
lrwxrwxrwx 1 root root 20 1970-08-28 23:29 cmnlib64 -> /dev/block/mmcblk0p7
lrwxrwxrwx 1 root root 21 1970-08-28 23:29 cmnlib64bak -> /dev/block/mmcblk0p16
lrwxrwxrwx 1 root root 21 1970-08-28 23:29 cmnlibbak -> /dev/block/mmcblk0p15
lrwxrwxrwx 1 root root 20 1970-08-28 23:29 devcfg -> /dev/block/mmcblk0p4
lrwxrwxrwx 1 root root 21 1970-08-28 23:29 devcfgbak -> /dev/block/mmcblk0p13
lrwxrwxrwx 1 root root 21 1970-08-28 23:29 dip -> /dev/block/mmcblk0p42
lrwxrwxrwx 1 root root 21 1970-08-28 23:29 dpo -> /dev/block/mmcblk0p47
lrwxrwxrwx 1 root root 21 1970-08-28 23:29 dsp -> /dev/block/mmcblk0p22
lrwxrwxrwx 1 root root 21 1970-08-28 23:29 frp -> /dev/block/mmcblk0p31
lrwxrwxrwx 1 root root 21 1970-08-28 23:29 fsc -> /dev/block/mmcblk0p20
lrwxrwxrwx 1 root root 21 1970-08-28 23:29 fsg -> /dev/block/mmcblk0p29
lrwxrwxrwx 1 root root 21 1970-08-28 23:29 hw -> /dev/block/mmcblk0p50
lrwxrwxrwx 1 root root 20 1970-08-28 23:29 keymaster -> /dev/block/mmcblk0p8
lrwxrwxrwx 1 root root 21 1970-08-28 23:29 keymasterbak -> /dev/block/mmcblk0p17
lrwxrwxrwx 1 root root 21 1970-08-28 23:29 kpan -> /dev/block/mmcblk0p36
lrwxrwxrwx 1 root root 21 1970-08-28 23:29 limits -> /dev/block/mmcblk0p40
lrwxrwxrwx 1 root root 21 1970-08-28 23:29 logo -> /dev/block/mmcblk0p33
lrwxrwxrwx 1 root root 21 1970-08-28 23:29 logs -> /dev/block/mmcblk0p44
lrwxrwxrwx 1 root root 21 1970-08-28 23:29 metadata -> /dev/block/mmcblk0p35
lrwxrwxrwx 1 root root 21 1970-08-28 23:29 misc -> /dev/block/mmcblk0p39
lrwxrwxrwx 1 root root 21 1970-08-28 23:29 modem -> /dev/block/mmcblk0p19
lrwxrwxrwx 1 root root 21 1970-08-28 23:29 modemst1 -> /dev/block/mmcblk0p27
lrwxrwxrwx 1 root root 21 1970-08-28 23:29 modemst2 -> /dev/block/mmcblk0p28
lrwxrwxrwx 1 root root 21 1970-08-28 23:29 mota -> /dev/block/mmcblk0p41
lrwxrwxrwx 1 root root 21 1970-08-28 23:29 msadp -> /dev/block/mmcblk0p46
lrwxrwxrwx 1 root root 21 1970-08-28 23:29 oem -> /dev/block/mmcblk0p51
lrwxrwxrwx 1 root root 21 1970-08-28 23:29 padA -> /dev/block/mmcblk0p48
lrwxrwxrwx 1 root root 21 1970-08-28 23:29 persist -> /dev/block/mmcblk0p30
lrwxrwxrwx 1 root root 20 1970-08-28 23:29 prov -> /dev/block/mmcblk0p9
lrwxrwxrwx 1 root root 21 1970-08-28 23:29 provbak -> /dev/block/mmcblk0p18
lrwxrwxrwx 1 root root 21 1970-08-28 23:29 recovery -> /dev/block/mmcblk0p38
lrwxrwxrwx 1 root root 20 1970-08-28 23:29 rpm -> /dev/block/mmcblk0p2
lrwxrwxrwx 1 root root 21 1970-08-28 23:29 rpmbak -> /dev/block/mmcblk0p11
lrwxrwxrwx 1 root root 20 1970-08-28 23:29 sbl1 -> /dev/block/mmcblk0p1
lrwxrwxrwx 1 root root 21 1970-08-28 23:29 sbl1bak -> /dev/block/mmcblk0p10
lrwxrwxrwx 1 root root 21 1970-08-28 23:29 sec -> /dev/block/mmcblk0p24
lrwxrwxrwx 1 root root 21 1970-08-28 23:29 sp -> /dev/block/mmcblk0p49
lrwxrwxrwx 1 root root 21 1970-08-28 23:29 ssd -> /dev/block/mmcblk0p21
lrwxrwxrwx 1 root root 21 1970-08-28 23:29 syscfg -> /dev/block/mmcblk0p43
lrwxrwxrwx 1 root root 21 1970-08-28 23:29 system -> /dev/block/mmcblk0p53
lrwxrwxrwx 1 root root 20 1970-08-28 23:29 tz -> /dev/block/mmcblk0p3
lrwxrwxrwx 1 root root 21 1970-08-28 23:29 tzbak -> /dev/block/mmcblk0p12
lrwxrwxrwx 1 root root 21 1970-08-28 23:29 userdata -> /dev/block/mmcblk0p54
lrwxrwxrwx 1 root root 21 1970-08-28 23:29 utags -> /dev/block/mmcblk0p25
lrwxrwxrwx 1 root root 21 1970-08-28 23:29 utagsBackup -> /dev/block/mmcblk0p26
potter:/ #

GEEKOFIA said:
what about these two ?
Code:
rpm -> /dev/block/mmcblk0p2
rpmbak -> /dev/block/mmcblk0p11
my phone is MOTO-G5-PLUS (potter)
Click to expand...
Click to collapse
RPM (Resource/Power Management) or Primary BootLoader (PBL); controls power to radio, modem etc.

koler386 said:
What are partitions responsible on drivers like sound and camera,
Click to expand...
Click to collapse
Kernel and system

mirfatif said:
what about these two ?
RPM (Resource/Power Management) or Primary BootLoader (PBL); controls power to radio, modem etc.
Click to expand...
Click to collapse
I got a script from a xda thread in which OP mentioned that this script is for wiping dalvik/ART cache.
Before flashing it i decided to analyse it,what i found that it was erasing my RPM partition on mmcblk0p2.
Is it really for dalvik cache ?

[OTA][XT1900-2][RETAPAC] Official OTA zips

Variant: XT1900-2 (commonly known as the Indian variant)
Channel: retapac
Storage/RAM: 64GB/4GB
Use the Download links, not the Source. The Source URLs can only be accessed when the Motorola Update Service is downloading the same version (different version might be OK, I didn't test). When the Motorola Update Service is downloading, the OTA server temporarily authorizes your (Internet) IP, so you can download it from your desktop or other devices (that shares the same IP). Otherwise, you would get HTTP ERROR 403. The links were accessible previously when my phone is updating, which was how I download the OTA zips (using my desktop browser).
Instruction: See https://forum.xda-developers.com/moto-x4/how-to/rom-upgrade-directly-to-pie-8-0-locked-t3876127
ADB sideload or unlocked bootloader probably won't work. Other variants/channels/storage/RAM might work (not tested). As always, flash at your own risk.
All OTAs: https://mega.nz/#F!XAFClSKC!IVPI6iLH74CQ89wBAA5PFg
Filename: Blur_Version.27.266.19.payton.retail.en.US.zip
Download: https://mega.nz/#!Dc1QiaII!DMHto5E1eXrZWz0R_CBzZwXpAAETlf-FnBVDSY5QZNQ
Blur: 27.266.19 -> 27.271.23
Build: OPWS27.2.2 -> OPWS27.2.3
Motorola: OPWS27.57-40-14 -> OPWS27.57-40-17
Security: 1 April 2018 -> 1 June 2018
Baseband: M660_7036.16.01.69R PAYTON_APACDSDS_CUST (Same)
OS: 8.0 (Same)
SHA256SUM: cea37f81fb026f32ee53c7ffa8db59624670137c199f24bbf029da148e69a357
Source:
Code:
https://dlmgr.gtm.svcmot.com/dl/dlws/1/download/VXo2J%2Fo8AOtIdtJlYDQ88nb98SYvcz3La8G7Q%2FzZfF%2Fx2%2B050WFYMNrGLsDB14%2BSIjX2%2BffVYrcksDn8LfDD7fuDEjZZbOLQ2IYRZH0OBs%2FO82Axl7OzAbj34PDYELnHqtLL7ZxTEAdvqmKGTkyR07ovJ%2BXFW5cghnAqwiaS9o%2FkXMdBya5LuOZkJ3paCk2GcJ%2B%2BRi50EkdLaabMq%2BX%2FxyWTcYwPw4nfhg%2BAP4ZU%2BoxpGnZmBWY%2FSZ8QqMDAFmJ8s9Ig9QkrFEM7JtPEfQBBD4sQey9pKnT9RUKzonuTJW2TbVC2xtGrALG4QSo2WUqCd4z9i2BF6GcYedCwbyJhrUZE9TenLqdTHrk6VKmBK0aUjOdB2fMTKZ8etBkvaBhfJD9oBQdzY7tfy1Og%2Fte%2BU2NroZ%2B1Y6Q27gyo66AAyxfbFKqjEQIaKP8SWhO2LhzW%2BrH7UFSyXkuXlWLjvBu92SPTlWaEOZx37E1ubWEi5DbHaxOX%2F5hKg9WIHIzXGNORODJOhKVkn8%2FVL7S0ik%2Biet6xPd%2BIXlimez7mbl6qBVCjwu86Kh2FJiD%2FMx6Mn1IFFgC2uk1IPhb2K5eRNiqP%2F8vP1J%2FyyctNv9KMqZ8Vxu31vcQgzyrueiHWMZbJ7lRGDbJd3C982LCxaKPwxNonCg%3D%3D
Filename: Blur_Version.27.271.23.payton.retail.en.US.zip
Download: https://mega.nz/#!ydlVESLS!lvEiCF12MlMTW_lWNzC0XHgVq0aGyAho1hYIW7QvjRM
Blur: 27.271.23 -> 27.281.28
Build: OPWS27.2.3 -> OPWS27.2.4
Motorola: OPWS27.57-40-17 -> OPWS27.57-40-22
Security: 1 June 2018 -> 1 August 2018
Baseband: M660_7036.16.01.69R PAYTON_APACDSDS_CUST -> M660_7036.16.01.69.01R PAYTON_APACDSDS_CUST
OS: 8.0 (Same)
SHA256SUM: 5ba197aee41333db2ac81a103234007a0a9221855788c811ab8a72e0e27c4b97
Source:
Code:
https://dlmgr.gtm.svcmot.com/dl/dlws/1/download/7LT4ZbgXuhG3B9SID6igK3b98SYvcz3La8G7Q%2FzZfF%2Fx2%2B050WFYMNrGLsDB14%2BSIjX2%2BffVYrcksDn8LfDD7fuDEjZZbOLQ2IYRZH0OBs%2FO82Axl7OzAbj34PDYELnHJVX7VHw6Oc4dPictfH5P9mDLVMxBseQP8R%2BK%2FezK7%2FXkXMdBya5LuOZkJ3paCk2GfedQ5Db2Uv2Qk8xSG76CQNHpc3SP%2FnPcmZB%2FvklroOH3e7djz6jwWwxbmK8S1SWbs9Ig9QkrFEM7JtPEfQBBD4sQey9pKnT9RUKzonuTJW2TbVC2xtGrALG4QSo2WUqCd4z9i2BF6GcYedCwbyJhrUZE9TenLqdTHrk6VKmBK0aUjOdB2fMTKZ8etBkvaBhfbN2dppRey8p%2BodbAzQPdoEYF0j5BmZe2wBEr%2BR2FfjQPEVbu3Krxpga9F9tQwuOkyH16GQRihqvTP2xfKDWv%2FY0s2duq2QPhbMapypVnP%2B2ten%2BtHD6aOXaV%2FjY62Tcm%2BQw%2FxusQVxPtrxCtpEIzyGgYOHyckBQ4UYZP41rVkXmBfeVBr9MMyYzNlkWu1kqV3bYRNuQyCx7MtjcAT31meNc8ilhvxNQjMeEVff3BhVLS9AlR6I17z2uzVNTD57fkm5uwooO5%2FT4LCWoyjdwy5g%3D%3D
Filename: Blur_Version.27.281.28.payton.retail.en.US.zip
Download: https://mega.nz/#!WRtj2IbJ!QlkQlDwdZDVo2LfIxfXnEc_tnXcVO7R_9noBlR686-c
Blur: 27.281.28 -> 27.301.32
Build: OPWS27.2.4 -> OPWS27.2.5
Motorola: OPWS27.57-40-22 -> OPWS27.57-40-25
Security: 1 August 2018 -> 1 October 2018
Baseband: M660_7036.16.01.69.01R PAYTON_APACDSDS_CUST -> M660_7036.16.01.69.02R PAYTON_APACDSDS_CUST
OS: 8.0 (Same)
SHA256SUM: b87600e72887e0fa9a21ed4452f4a033c21ba7e449a4d40ddda83fa763b2ad2e
Source:
Code:
https://dlmgr.gtm.svcmot.com/dl/dlws/1/download/WO7QB36R4539RFCOw5dx0Ynkj9%2FmlRBFuisKgbOUteZFGF0LVIr3fZGsyTBNleklN%2BvGu2j4xooz5Ky%2Fve7SfUaEpYDTcFpv70Mtjlaua8WPEiMhigZVS7CEtx5RP%2FTzUsNSMV0YC5m8TngRy2Y9M5sBFDp3OA5JJqDMAMDtLAFTyfoZt2HWXrgjVHTJUS8CcAuW5QjPv5%2FJMwAdm36sfQ%3D%3D
Filename: Blur_Version.27.301.32.payton.retail.en.US.zip
Download: https://mega.nz/#!7FMFRK5B!nIWRvw2nvBEnHdnAguuRAqGNQ3uSwFu0BI6CRn1txHY
Blur: 27.301.32 -> 29.11.36
Build: OPWS27.2.5 -> PPW29.69-26
Motorola: OPWS27.57-40-25 -> ? (not shown in Pie?)
Security: 1 October 2018 -> 1 November 2018
Baseband: M660_7036.16.01.69.02R PAYTON_APACDSDS_CUST -> M660_7042.27.01.89R PAYTON_APACDSDS_CUST
SHA256SUM: f90b1fc256d8d5e3790f3dcc0f641edf5853d40beecd80407f921fa9efa2792a
OS: 8.0 -> 9.0
Note: This is similar update as the other thread, but the hash is different due to different variant.
Source:
Code:
https://dlmgr.gtm.svcmot.com/dl/dlws/1/download/qu6kSfSkWKOOAXN3FEAgjonkj9%2FmlRBFuisKgbOUteZFGF0LVIr3fZGsyTBNleklN%2BvGu2j4xooz5Ky%2Fve7SfcpnX60qZKLQzKlcebP%2FdhcNsNn9Cb9QEEvcjBuGsnOe8iEJiyLtWqnD4JNRgzgQ7%2FYmue0L0b6uZLl8KB7Q6iD9c2h8CXFi9ClB5tv0ihvsOcTQjLUHJm1jGxmqUAatFw%3D%3D
Filename: Blur_Version.29.11.36.payton.retail.en.US.zip
Download: https://mega.nz/#!bQdhGCDZ!cIw3Z6qLp7-dOW5X74VX604lgFxK7451hbDMNRhR8-g
Blur: 29.11.36 -> 29.211.11
Build: PPW29.69-26 -> PPWS29.69-26-4
Motorola: ? -> ? (not shown in Pie?)
Security: 1 November 2018 -> 1 January 2019
Baseband: M660_7042.27.01.89R PAYTON_APACDSDS_CUST-> ? (unknown because I don't install it. I've switched to custom ROM by then)
OS: 9.0 (Same)
SHA256SUM: d9119765a028262e4e9ddec871702300133aaf177ae8a98c0827df244a8255d1
Source:
Code:
https://dlmgr.gtm.svcmot.com/dl/dlws/1/download/iAw8NkhECSbfjmHMvZw9Qonkj9%2FmlRBFuisKgbOUteZFGF0LVIr3fZGsyTBNleklN%2BvGu2j4xooz5Ky%2Fve7SfZM05zAizxusyjY9I1yc2nZ%2FnVByLo%2BzXaVBNT9O2CZR%2F%2FKUaFUpFD9Wl7rEizYklz9eem3182RDZAvW6aO86%2Fzewdke2HpS%2FmesDDU%2FHvFpOcTQjLUHJm1jGxmqUAatFw%3D%3D
When in doubt, check the metadata.json inside the zip. Earlier ZIPs are not available, I forgot to capture them.

Will it work on relocked bootloader?

[V2][ENGINEERING][ROM] OFFICIAL Engineering Firmware for MERLIN (Redmi 10X 4G / Redmi Note 9)

Version 2​Works with:
- Xiaomi Redmi Note 9
- Xiaomi Redmi 10X 4G
Build Date:
2020/05/13
Android Version:
QP1A.190711.020
Display ID:
AL2522-Merlin-V039-Q-0513
Build Fingerprint:
Redmi/merlin/merlin:10/QP1A.190711.020/258:userdebug/test-keys
Security Patch:
2019/12/05
Radio/Modem/Baseband Version:
MOLY.LR12A.R3.MP.V94.3
Kernel Version:
4.14.141-gf3c3c7a
Wed May 13 12:49:46 CST 2020
Download:
https://www.mediafire.com/file/02xo...V039-Q-0513_QP1A.190711.020_by-VD171.zip/file
Password:
Pass is in the attached file: PASSWORD_by_VD171.txt
How to flash it?
Use any scatter file specific for MERLIN.
Radio/Modem/Baseband properties:
Code:
md1_dbginfodsp=DbgInfo_DSP_MT6768_MOLY_LR12A_R3_MP_V94_3_2019_12_31_16_23.xz
md1_dbginfo=DbgInfo_LR12A.R3.MP_HUAQIN_Q0MP1_MT6769_SP_MOLY_LR12A_R3_MP_V94_3_2020_03_26_19_19.xz
md1_mddbmeta=MDDB.META_MT6768_S00_MOLY_LR12A_R3_MP_V94_3.EDB
md1_mddbmetaodb=MDDB.META.ODB_MT6768_S00_MOLY_LR12A_R3_MP_V94_3.XML.GZ
md1_mddb=MDDB_InfoCustomAppSrcP_MT6768_S00_MOLY_LR12A_R3_MP_V94_3.EDB
Prop.default:
Code:
ro.build.version.incremental=258
ro.odm.build.version.incremental=258
ro.vendor.build.version.incremental=258
ro.build.version.security_patch=2019-12-05
ro.vendor.build.security_patch=2019-12-05
ro.build.display.id=AL2522-Merlin-V039-Q-0513
ro.vendor.mediatek.version.release=alps-mp-q0.mp1.tc8sp2-V1.4_huaqin.q0mp1.k69v1.64_P1
ro.build.product=merlin
ro.product.board=merlin
ro.product.odm.device=merlin
ro.product.odm.model=merlin
ro.product.odm.name=merlin
ro.product.product.device=merlin
ro.product.product.model=merlin
ro.product.product.name=merlin
ro.product.system.device=merlin
ro.product.system.model=merlin
ro.product.system.name=merlin
ro.product.vendor.device=merlin
ro.product.vendor.model=merlin
ro.product.vendor.name=merlin
ro.build.flavor=merlin-userdebug
ro.build.description=merlin-userdebug 10 QP1A.190711.020 258 test-keys
ro.board.platform=mt6768
ro.build.id=QP1A.190711.020
ro.odm.build.id=QP1A.190711.020
ro.product.build.id=QP1A.190711.020
ro.system.build.id=QP1A.190711.020
ro.vendor.build.id=QP1A.190711.020
ro.bootimage.build.fingerprint=Redmi/merlin/merlin:10/QP1A.190711.020/258:userdebug/test-keys
ro.odm.build.fingerprint=Redmi/merlin/merlin:10/QP1A.190711.020/258:userdebug/test-keys
ro.product.build.fingerprint=Redmi/merlin/merlin:10/QP1A.190711.020/258:userdebug/test-keys
ro.system.build.fingerprint=Redmi/merlin/merlin:10/QP1A.190711.020/258:userdebug/test-keys
ro.vendor.build.fingerprint=Redmi/merlin/merlin:10/QP1A.190711.020/258:userdebug/test-keys
ro.build.tags=test-keys
ro.odm.build.tags=test-keys
ro.system.build.tags=test-keys
ro.vendor.build.tags=test-keys
ro.build.type=userdebug
ro.odm.build.type=userdebug
ro.system.build.type=userdebug
ro.vendor.build.type=userdebug
ro.bootimage.build.date=Wed May 13 12:41:51 CST 2020
ro.build.date=Wed May 13 12:41:51 CST 2020
ro.odm.build.date=Wed May 13 12:41:51 CST 2020
ro.product.build.date=Wed May 13 12:41:51 CST 2020
ro.system.build.date=Wed May 13 12:41:51 CST 2020
ro.vendor.build.date=Wed May 13 12:41:51 CST 2020
MD5 hashes:
Code:
APDB_MT6768_S01__W1953 -> 3adfe0c4e41828cd51ed783da774bd08
boot-debug.img -> e9dfb7dde67795157a871bc14b490054
boot.img -> d6e19a30d85a27379d91072665ad43c9
cache.img -> c40c137a18a26980d406d4ef0ccd7e61
cust.img -> e8c4e9f4ee0fe5052cf0dc356aedd8de
DbgInfo_LR12A.R3.MP_HUAQIN_Q0MP1_MT6769_SP_MOLY_LR12A_R3_MP_V94_3_2020_03_26_19_19_1_ulwctg_n -> b5bf654ddaacfd61e78c131f721974af
dtb.img -> ec4b37b164f1bd9ce6f2b1b911ac0872
dtbo-verified.img -> 9b0fa19089a0310325b88eebc8e41ae7
dtbo.img -> 9b0fa19089a0310325b88eebc8e41ae7
efuse.img -> 421f2cead0fbea555680b96136555941
exaid.img -> e8c4e9f4ee0fe5052cf0dc356aedd8de
lk-verified.img -> 0ba475d8c216b2613815b59e3db8da2b
lk.img -> 0ba475d8c216b2613815b59e3db8da2b
logo.bin -> 257508aa9cdeb690e4a4ed038c91ff76
md1arm7.img -> a0453e723dc84255940d7791740d06db
md1img-verified.img -> 27cd78644df092ade4ca03799dc3c2a3
md1img.img -> 27cd78644df092ade4ca03799dc3c2a3
md3img.img -> 9a9c185e3f6234103e5949716b9962d2
MDDB.META.ODB_MT6768_S00_MOLY_LR12A_R3_MP_V94_3_1_ulwctg_n.XML.GZ -> 4e040508c1878706a428c54ef0844e0f
MDDB.META_MT6768_S00_MOLY_LR12A_R3_MP_V94_3_1_ulwctg_n.EDB -> 7c1ecfd4e3d626957b6655f107824649
MDDB_InfoCustomAppSrcP_MT6768_S00_MOLY_LR12A_R3_MP_V94_3_1_ulwctg_n.EDB -> b24757bd125ad435bd2d26575b5c1d75
MT6768_Android_scatter.txt -> 0a8f16b2276ee9c37337a3937f71a7c8
preloader.img -> dbc21da31860042674fab69d07444e95
preloader_emmc.img -> dbc21da31860042674fab69d07444e95
preloader_merlin.bin -> bc7ebc0c2ca06b0d99856d595949e215
preloader_ufs.img -> 29ef0e631a45bf14555fd6b7adb7a7bf
product.img -> 7ec4f1ffd2b49d7c5b4f1bb5d3ba0dc6
ramdisk-debug.img -> b6048055b240d3c9f6933544b86416b5
ramdisk-recovery.img -> 77de275ef543e46bbedfd53b7e36f945
ramdisk.img -> 545ec84cf25662d1e4f4cf7e496fa56e
recovery.img -> 6362f1beb617572680f3fc91640d3767
scp-verified.img -> 2cac6177dc7eec82421cb3f4a2776aff
scp.img -> 2cac6177dc7eec82421cb3f4a2776aff
secro.img -> 096587b863e1252d67b1b8307291db09
spmfw-verified.img -> 40345cc1edec88bcd510fa62eac01739
spmfw.img -> 40345cc1edec88bcd510fa62eac01739
sspm-verified.img -> 0ceaf392e89bf70c9a52a5c91cc75865
sspm.img -> 0ceaf392e89bf70c9a52a5c91cc75865
super.img -> d3a61d5292e4584bb3932abb7d6984bf
super_empty.img -> a6d56d7a12d989bf31511d866449291d
system.img -> 1a191b461d47c0a7bf8ce08d3c09001e
tee-verified.img -> 4f2fdf78d5be3a5de0154c46af69d476
tee.img -> 4f2fdf78d5be3a5de0154c46af69d476
userdata.img -> 802561cd4739f2f0aae7a51890a5866f
vbmeta.img -> 31da88d4a00b99b36081f859f17f808a
vbmeta_system.img -> a6b560b53a42c98fba204f2b69e70fd7
vbmeta_vendor.img -> 86fae46d211bdedcb49bd08e901d4d3f
vendor.img -> e609cb6a9d7ae103a64d9fe856d4edae
Do you need help with your MERLIN device ?
Read this FAQ: https://forum.xda-developers.com/t/...for-merlin-redmi-10x-4g-redmi-note-9.4225177/

unpack / repack - Android-Kitchen-0.224 (boot.img)

Hello,
i trying to edit inside boot.img with Android-Kitchen-0.224
Commands:
Code:
1. Set up working folder from ROM
2. Ensure there is at least one ROM under the 'original_update' folder! (Enter)
3. (1) system.img and boot.img (Enter)
4. Creating a folder named (WORKING_040621_174933)
5. Delete everying inside (WORKING_040621_174933)
6. ./menu -> ADVANCED OPTIONS (0) -> 12 -> a -> Place boot.img/recovery.img into the folder mentioned above (bootimg_040621_175411) -> copy boot.img and recovery.img into (bootimg_040621_175411)
7. ./menu -> ADVANCED OPTIONS (0) -> 12 -> w
8. copy all "bootimg_040621_175411" into "BOOT-EXTRACTED"
9. ./menu -> ADVANCED OPTIONS (0) -> 12 -> b
Why does reduce MB Size from 32MB -> 17MB
Code:
Old: -rwxrwxrwx 1 fredy fredy 32M Apr 6 17:49 boot.img
New: -rw-r--r-- 1 fredy fredy 17M Apr 6 17:57 boot.img
But then i unpack the files and repack it i can't boot up any more.
can you help me out?

@007fred62
If you compare the file permissions of old & new boot.img then you will know why device no longer boots up.

jwoegerbauer said:
@007fred62
If you compare the file permissions of old & new boot.img then you will know why device no longer boots up.
Click to expand...
Click to collapse
Hello,
commands "ls -ll"
-rwxrwxrwx 1 fredy fredy 17436672 Apr 6 17:22 boot_fixBootLoop.img
chmod 777 the file.
i use SP_Flash_Tool-5.1916_Linux to flash the new boot file
And it will not start up.

I use the other script to recreate the boot.img (CarlivImageKitchen64)

[V2][ENGINEERING][ROM][OFFICIAL] OFFICIAL Engineering Firmware for DANDELION (Redmi 9A / Redmi 9AT)

Works with:
- Xiaomi Redmi 9A
- Xiaomi Redmi 9AT
Does NOT work with:
- Xiaomi Redmi 10A
Build Date:
2020/09/20
Android Version:
QP1A.190711.020
Display ID:
AL2615-lancelot-V016-Q-0918
Build Fingerprint:
Redmi/lancelot/lancelot:10/QP1A.190711.020/20:userdebug/test-keys
Security Patch:
2019-12-05
Radio/Modem/Baseband Version:
MOLY.LR12A.R3.MP.V107.5.P4
Download:
https://www.mediafire.com/file/l28w...neering-440-QP1A.190711.020-by_VD171.zip/file
Password:
Pass is in the attached file: PASSWORD_by_VD171.txt
How to flash it?
Use the attached scatter file.
Radio/Modem/Baseband properties:
Code:
md1_dbginfodsp=DbgInfo_DSP_MT6765_MOLY_LR12A_R3_MP_V107_5_P4_2020_05_08_15_56.xz
md1_dbginfo=DbgInfo_LR12A.R3.MP_LCSH_Q0MP1_MT6762_SP_MOLY_LR12A_R3_MP_V107_5_P4_2020_10_30_17_04.xz
md1_mddbmeta=MDDB.META_MT6765_S00_MOLY_LR12A_R3_MP_V107_5_P4.EDB
md1_mddbmetaodb=MDDB.META.ODB_MT6765_S00_MOLY_LR12A_R3_MP_V107_5_P4.XML.GZ
md1_mddb=MDDB_InfoCustomAppSrcP_MT6765_S00_MOLY_LR12A_R3_MP_V107_5_P4.EDB
Prop.default:
Code:
ro.build.version.incremental=440
ro.vendor.build.version.incremental=440
ro.odm.build.version.incremental=440
ro.build.version.security_patch=2020-03-05
ro.vendor.build.security_patch=2020-03-05
ro.build.display.id=dandelion-userdebug 10 QP1A.190711.020 440 test-keys
ro.vendor.mediatek.version.release=alps-mp-q0.mp1.tc8sp3-V1.4_lcsh.q0mp1.k62v1.64.bsp_P4
ro.product.system.device=dandelion
ro.product.system.model=dandelion
ro.product.system.name=dandelion
ro.build.product=dandelion
ro.product.board=dandelion
ro.product.vendor.device=dandelion
ro.product.vendor.model=dandelion
ro.product.vendor.name=dandelion
ro.product.odm.device=dandelion
ro.product.odm.model=dandelion
ro.product.odm.name=dandelion
ro.product.product.device=dandelion
ro.product.product.model=dandelion
ro.product.product.name=dandelion
ro.build.flavor=dandelion-userdebug
ro.build.description=dandelion-userdebug 10 QP1A.190711.020 440 test-keys
ro.board.platform=mt6765
ro.system.build.id=QP1A.190711.020
ro.build.id=QP1A.190711.020
ro.vendor.build.id=QP1A.190711.020
ro.odm.build.id=QP1A.190711.020
ro.product.build.id=QP1A.190711.020
ro.system.build.fingerprint=Redmi/dandelion/dandelion:10/QP1A.190711.020/440:userdebug/test-keys
ro.vendor.build.fingerprint=Redmi/dandelion/dandelion:10/QP1A.190711.020/440:userdebug/test-keys
ro.bootimage.build.fingerprint=Redmi/dandelion/dandelion:10/QP1A.190711.020/440:userdebug/test-keys
ro.odm.build.fingerprint=Redmi/dandelion/dandelion:10/QP1A.190711.020/440:userdebug/test-keys
ro.product.build.fingerprint=Redmi/dandelion/dandelion:10/QP1A.190711.020/440:userdebug/test-keys
ro.system.build.tags=test-keys
ro.build.tags=test-keys
ro.vendor.build.tags=test-keys
ro.odm.build.tags=test-keys
ro.system.build.type=userdebug
ro.build.type=userdebug
ro.vendor.build.type=userdebug
ro.odm.build.type=userdebug
ro.system.build.date=Fri Nov 13 07:08:25 CST 2020
ro.build.date=Fri Nov 13 07:08:25 CST 2020
ro.vendor.build.date=Fri Nov 13 07:08:25 CST 2020
ro.bootimage.build.date=Fri Nov 13 07:08:25 CST 2020
ro.odm.build.date=Fri Nov 13 07:08:25 CST 2020
ro.product.build.date=Fri Nov 13 07:08:25 CST 2020
MD5 hashes:
Code:
ADPT_20201113-083150_0.log -> 480ee59a3ed686ca2458cd7243ea4b2d
android-info.txt -> 32dbb7967eee2053e0317f87a93fb6b9
APDB_MT6765_S01__W2015 -> 5358ccefe1fda7f456f3a568ec4b04d5
APDB_MT6765_S01__W2015_ENUM -> fbe5f23b8bc20d1bce7be6200a0731a1
apex -> d41d8cd98f00b204e9800998ecf8427e
arm11_path.txt -> 08876b2f90811c34cab13c7ff5e0e9dd
boot-debug.img -> a138170982bbbc79dc5969f7654f3485
boot.img -> 8538775edb84c5e6c8eeb5f534049c44
build.prop -> 7ff8a14f1f284545e75d1d8767ed38f8
build_fingerprint.txt -> e9e053d16e8c9b057bdf02c8ec13ed65
build_thumbprint.txt -> 0e32dcd8f7ea37aea27c1b04541c80dc
cache.img -> 012fcfb3a30f86d210bb9038138636e3
Checksum.ini -> f5a9b0de9d91b32b39f527918aa4962c
clean_steps.mk -> 30f988afe6140fd1afb0a19ed9b53da4
content_cert_sig.bin_hash.tmp -> 2d274d38535bf4fae2a80a8a6c28e6e3
CT865_factory_1_0.zip -> 1a8d2920eee999ef3b014c46adb61137
cust.img -> 09e9b617296df53b0716255c86d01c53
dexpreopt.config -> 3bd2bfa98738f4798fcc97be5ba41e74
dtb.img -> 8cae5478f4627f3dd5f27f7d970db7e5
dtbo-verified.img -> dddbf145fba03a12ba060a8a79dc6d9b
dtbo.img -> 49d56a5ce0f6c14c025a030e90cfd1ef
dummy.bin -> 6811c482ead27c0b1165ecfbe996c2b4
efuse.img -> 22e70283687ccca929e3f6d117c5fc34
flash_all.bat -> 3a15f1b192e819d29502100f6f93427a
fs_image.tar.gz.mbn.img -> c696a342b6de28e36a776ba85972c1a0
init -> 0c3c9ae3511888e757583690d46e8068
installed-files-product.json -> 449a46ce04df11754714762c202e92cf
installed-files-product.txt -> a9198d055f20793c95bbb5eb12a163ca
installed-files-ramdisk-debug.json -> 541357cd9df88b12a964b2ee1d14d3fa
installed-files-ramdisk-debug.txt -> ab32416ccaf4cc2972733fe5f3dfee19
installed-files-ramdisk.json -> bc58c28abb95fd7f61845248370e9a00
installed-files-ramdisk.txt -> f8baf00b2f269e8f9ead5fc31b365878
installed-files-recovery.json -> 40066ea794509825c4928f89bc847abe
installed-files-recovery.txt -> 6e472833a5b1a32b3b459338e2c5fda8
installed-files-root.json -> 180b39f8042272c46ef6cf3339a5eaa9
installed-files-root.txt -> cae4505da086ba6466b178cdcf670398
installed-files-vendor.json -> abf9fff24dea8f2f2a97afcd3f82fb3a
installed-files-vendor.txt -> a73b112d46d8fa325a83544939059cac
installed-files.json -> 1989a226988e7fb041b55cd838bb3a59
installed-files.txt -> 9b9aab253cd9051b2840bb983551abc5
kernel -> 177bca792e0dba738898cc5b0a44fc79
LCSH_Q0MP1_MT6762_SP_PCB01_MT6765_S00_1_lwg_n.elf -> 39b3477d0b7a8105bd8b4e8df39575f6
lk-verified.img -> 2638aba2ba72c427d84f6a372a6d42e6
lk.img -> ee642501342981b7cc18b65b7d493cf6
logo-verified.bin -> 66c4fcf02bd2d89bc996fa76bf651874
logo.bin -> 535bfd42ca7ef019d44c6ae64104633e
md1arm7-verified.img -> 5fa8d04a23b005d178a44537ff35a452
md1arm7.img -> a0453e723dc84255940d7791740d06db
md1img-verified.img -> de4a4a371c03995e2cd265179afd278f
md1img.img -> 924564348694dd8a714be10081bbce20
md3img.img -> 9a9c185e3f6234103e5949716b9962d2
MDDB_InfoCustomAppSrcP_MT6765_S00_MOLY_LR12A_R3_MP_V107_5_P4_1_ulwctg_n.EDB -> 2a22d79b2945f0f2b0d033aa21292e8e
module-info.json -> 4dc70d2f4c56de99935177ffb98c4379
MT6765_Android_scatter.txt -> bf253edfc605418fd862337cdcb488ff
PGPT -> 20bedc49348b16cdc20be09c4f32245c
preloader.bin -> 11e7416e4eb82096e11fbc5b8c794bb8
preloader.img -> 123f2104ed0579104b5b92a6592de662
preloader_dandelion.bin -> 11e7416e4eb82096e11fbc5b8c794bb8
preloader_dandelion_signed.bin -> e9a83554256f4bf7b637e949203e281c
preloader_emmc.img -> 123f2104ed0579104b5b92a6592de662
preloader_k62v1_64_bsp.bin -> e9a83554256f4bf7b637e949203e281c
preloader_ufs.img -> fa69a06727d8bec3c4ac3dfd9e764837
previous_build_config.mk -> 673bf9a01f6afa6b55a5554ed1a09176
product -> d41d8cd98f00b204e9800998ecf8427e
product.img -> d2631a5ec9fe2ef3da67acd5d4aafda3
ramdisk-debug.img -> 89dd1860aaa0623ecc3f536564721c8d
ramdisk-recovery.img -> 29709a0b5284853012428e007f5891e4
ramdisk.img -> 8af851440a4c40b1079760014ea38179
recovery -> d41d8cd98f00b204e9800998ecf8427e
recovery.id -> 865203b580b2fa74c599e8194dc3c528
recovery.img -> b18a5b61f5848adc5d52597f33b4889b
scp-verified.img -> 3338f81cc7888434d48c08ef57439b04
scp.img -> 89450a3d7cd74fa3b568a9b2cbb15035
secro.img -> 096587b863e1252d67b1b8307291db09
sig_size.txt -> 7a600b6f266737e2830a101876dd3561
spmfw-verified.img -> d8c73c204d67af9903720a5448d839bb
spmfw.img -> 66cf26550d6650dd65f5f3865948bdf2
sspm-verified.img -> 7da617202fc03a073625fa935430d921
sspm.img -> b281a508c22190047eed1af202bd5520
super.img -> 82a5b448855743dfe64de8c657cc6df2
super_empty.img -> f911a1089119bd6f6a56919deb7bb9e8
system -> d41d8cd98f00b204e9800998ecf8427e
system.img -> 3457feb31092ccc0a4d3820e82d3d5e5
TARGET.txt -> 748150f0c3bbf2fa4dcc3346e73099f5
tee-verified.img -> 6914c261e7e157c3b3408d0e1b703ed3
tee.img -> 3618d84b155dfc4ada6a7a89efefbe83
userdata.img -> 65e91188ad66358162a55b9c35627a22
vbmeta.img -> 54e5bb41ccbe9ff1d4413d1a38507c47
vbmeta_system.img -> 649fe3da8988b8192dbdbdab882509d0
vbmeta_vendor.img -> d768b480ae5ce08e2b421fc1d3bede86
vendor -> d41d8cd98f00b204e9800998ecf8427e
vendor.img -> 873d29a091ead9812e3679be24cd0744

Hi, thank you for these files. I'm experiencing something very weird and wish to know if you could help me here, I'm willing to pay for your time if needed.
I've seen dozens of tutorials and articles on how to fix NVRAM, and the first thing to do is to flash the Engineering ROM, which I have successfully done with the firmware provided, either by yourself or by other mediums.
The thing here is, using the v246 ROM I get a bootloop state, but with reversed colors (the background is white and the letters are black), and the graphics seem to be reversed as well (instead of saying Redmi, it says imdeR). I tried to ignore this and go ahead to try and get into META mode from Modem Meta program, but just as it enters META mode, it starts to reboot.
Then I tried the other version provided in this post, now the graphics are normal, but I'm still getting a bootloop and can't get the meta mode properly (it just reboots over and over).
My procedure:
1. Flash Dandelion Fasboot ROM global v12.0.18
2. Unlock bootloader
3. Bypass Auth using Mediatek Bypass Tool
4. Flash Engineering ROM in Download Only Mode though SP Flash Tool
5. Power on the device, and fall into bootloop.
I've tried every single combination that I could think of, like downgrading way back to 12.0.2 (TR), and also using the latest firmware available (12.5.x), but I'm always experiencing this issue. I don't know what else to try, thank you in advance and thank you again for your contribution here, cheers.

system32uwu said:
Hi, thank you for these files. I'm experiencing something very weird and wish to know if you could help me here, I'm willing to pay for your time if needed.
I've seen dozens of tutorials and articles on how to fix NVRAM, and the first thing to do is to flash the Engineering ROM, which I have successfully done with the firmware provided, either by yourself or by other mediums.
The thing here is, using the v246 ROM I get a bootloop state, but with reversed colors (the background is white and the letters are black), and the graphics seem to be reversed as well (instead of saying Redmi, it says imdeR). I tried to ignore this and go ahead to try and get into META mode from Modem Meta program, but just as it enters META mode, it starts to reboot.
Then I tried the other version provided in this post, now the graphics are normal, but I'm still getting a bootloop and can't get the meta mode properly (it just reboots over and over).
My procedure:
1. Flash Dandelion Fasboot ROM global v12.0.18
2. Unlock bootloader
3. Bypass Auth using Mediatek Bypass Tool
4. Flash Engineering ROM in Download Only Mode though SP Flash Tool
5. Power on the device, and fall into bootloop.
I've tried every single combination that I could think of, like downgrading way back to 12.0.2 (TR), and also using the latest firmware available (12.5.x), but I'm always experiencing this issue. I don't know what else to try, thank you in advance and thank you again for your contribution here, cheers.
Click to expand...
Click to collapse
Did you formatting data?

total n00b here, whats an engineering ROM?

Ivan.Adriazola said:
total n00b here, whats an engineering ROM?
Click to expand...
Click to collapse
A rom with less security, very useful for developers.