Related
Hi there,
I just came up to Android with an Orange branded HTC Desire. Until now, I was using a HTC Diamond 2 with WM and tried some cooked ROM. But it was really easy with WM. Now, I need to understand more or less how my Android phone works to be able to play with it the same way I played with my Diamond 2.
As I'm a bit lost with some Android terms and concepts and I would like to purpose a kind of glossary for newbies like me. The goal is to explain common concepts with a functional and a technical point of view. I try to give example based on Nexus One and Desire based on personal experiments.
I'll start with what I've understood last few days and believe to be right. I'll ask you to correct my mistakes and to complete this FAQ. I'll keep this post updated.
For the moment following lines may contain big mistakes. I will try to flag validated information.
ROM
A ROM contains the OS on your phone. It can be installed like Windows or Linux on your desktop PC. A ROM contains the kernel and a pack of applications already installed for you. You can find a lot of cooked ROM (ROMs made by great people who would like to share with you optimizations they've done on their phone) on Internet. Normally, Android phones only accept ROM which are signed by the reseller. So you can only put Orange ROM on Orange branded phone.
Moreover, installing a new ROM is a way to update your phone. However, Android phone include an internal updating system (it's just a program like Windows update) so you can receive updates without installing a new ROM. It's called OTA (On The Air) update. OTA update is the way for basic customers to receive update for their phone.
Functionally :
Install a ROM is as easy as execute an exe on you Windows PC. It very easy and fast. You can also install a ROM by using the Recovery Menu.
GoldCard
A GoldCard is a modified SDCard which allows you to put the original unbranded ROM on a career branded phone (installing the original HTC Desire ROM on an Orange HTC Desire). Normally, if you try to execute a HTC ROM updater with a Orange phone, you'll be stuck after 4 or 5 clicks on next. With a Goldcard in your phone, you can archive the process.
You can't install a ROM built for an other device just using a GoldCard (installing a Nexus One ROM on a Desire is not possible).
GoldCard is only needed if you have a carrier-branded Desire, even for rooting process. Unbranded phones never need it.
Be sure to keep your GoldCard because it will be needed for each ROM modifications. You can use a GoldCard as a normal SDCard without problem. However, if you create new partitions for app2sd, your GoldCard will ruined.
Functionally :
Create a GoldCard is easy. It will take you 30 minutes. Not all SDCards work to create a GoldCard. Mine (SanDisk 4Go) included in my Orange package worked perfectly.
Instructions can be found here or here.
Technically :
If I'm right, while you are installing a ROM from the executable on your desktop PC, the phone checks if the ROM you're trying to install match a hard coded key on the phone. With a GoldCard, you make the phone believe signature is good.
CID
The serial number of your SDCard. You'll need to retrieve it with ADB Shell to create your GoldCard.
Functionally :
In ADB Shell (see ADB section), following command line give you your CID :
Code:
cat /sys/class/mmc_host/mmc1/mmc1:*/cid
Fastboot
It's like the BIOS on your desktop PC. You can access the fastboot with a keyboard combo while starting your phone. It give you access to some function like Recovery Mode or SIM Unlock. With fastboot, you can also install a new ROM using a zip placed on your SDCard.
Use can easily unlock Fastboot on the Nexus One using a ADB shell command.
Fastboot give you access to the recovery mode. In this mode, you can gain write permission in the /system partition which is not possible in Disk Drive mode, event with USB Debugging enabled. With this access, you can easily remove applications which are included in the ROM (like FriendStream in HTC ROMs).
Functionally :
To reach Fastboot on Desire : Hold down back button while pressing power.
Technically :
When you connect the phone to your PC in Fastboot, you will establish a special connection with the device. It uses "Android Bootloaded Interface" driver.
Fastboot unlock
An operation to unlock Fastboot. It's the first step to root your phone. It's easily done for the Nexus One via ADB (see here). It much more difficult with the Desire (possible thanks to Paul).
HBoot
An other boot menu.
Functionally :
To reach HBoot on Desire : Hold down volume down button while pressing power.
ADB
ADB means Android Debug Bridge. You can read this. When you connect your phone to your PC, you can choose different modes :
Charge only : No interaction with your PC
Internet tethering (only if you have a HTC standard ROM, Orange & Co disable this option) : Your PC will see your phone like a modem.
HTC Sync (if you have a HTC standard ROM) : Use to synchronize you data with HTC Sync software
Disk drive : Your PC will see your phone as a USB key allowing you to access to your SDCard
If you're in Disk Drive mode (or even if you're in Charge only mode), you can activate USB debugging (setting > applications > development on your phone). In this mode, your PC will use a ADB driver to establish a special connection. With ADB drivers, you have access to ADB Shell.
With ADB Shell, you can list every file on device and deploy your own application.
Functionally :
Activate USB debugging on your phone to play with ADB Shell.
ADB Shell is accessible from Windows or Linux.
For people who don't use to play with command line, on windows, you must either open a cmd.exe and move in the "tools" folder (with cd command) of your unzipped ADB package or add this repository to your path (instructions here[URL].
Then you can check that everything is alright with following command :
Code:
adb devices
You should see :
Code:
List of devices attached
HTxxxxxxxx device
Then you can type "adb shell" to enter the shell. All Unix basics commands are available and you can do whatever your want... almost nothing since you're not root.
Rooting
Rooting a device is a process to become root on its OS. It allows you to install very nice apps like app2sd (to install application on SDCard), SetCPU app (to overclock or downclock your device) or OpenVPN. This kind of apps can not run if your device is not rooted.
With a rooted device, you can install apps which are not yet validated for your phone on the market by modifying the ID of your device (like the user-agent of your browser). It's easier than downloading the apk file from somebody who extracted the application on a device accepted by the market for this application.
Finally, with a rooted device, you can install ROM from an other device (installing a Nexus One ROM on a Desire).
Functionally :
On Desire, become root is now possible thanks to Paul from Modaco. On Nexus One, it much more easy.
Process is easy if you follow guides step by step. Warning, it will remove all data and configuration on your phone. However, your SD card won't be modified.
If you follow the guide to root the Desire, one of the first steps is to put a big zip file on your SDCard (often rootedupdate.zip). In fact, this zip file contains the ROM you'll have on your phone at the end of the process. Guides generally provide an almost generic ROM. The only modification made to this ROM is the addition of the Superuser Permissions app (the Ninja icon) which will help you to grant root access to applications asking for permission. Installing this ROM is the easier solution. However, you can use every ROM you want (you will find some very interesting ROM on this forum). Just put the file on your SDCard at the beginning of the process and point to the good zip file in the last step. Warning, if you want to install a ROM with app2sd in it, you must know that this application requires a special partition on your SDCard, so you must format your SDCard before the first boot of your new ROM. To do this, just after installing the ROM zip file (the last step of the rooting process), you have to stay in the Recovery Menu and use the good option to create partitions on your SDCard. Of course, your SDCard will be formated.
Technically :
I have no idea what are tricks to become root. You have to find a hole in the phone software. It's not easy.
The process itself requires several steps :
The first step is to unlock the bootloader. This step is easy on Nexus One. On Desire, this step is archived by installing a kind of ROM from Fastboot on your phone.
Unlocking bootloader will give you access to the Recovery Menu and will make your phone accept non-HTC-signed updates (for Desire).
Then, you have to connect your device in HBoot mode to your PC in order to write some files on the phone. These files are used to launch the Recovery Menu. From this menu, you can wipe all data and some caches (I don't know differences between all caches)
Finally you can install a new ROM on your device using a zip file on your SDCard.
Recovery Mode
The Recovery Mode is a special mode accessible from HBoot. You'll need to access this mode to push files needed for the Recovery Menu. It's an important step in the rooting process.
Functionally :
When your phone is in Recovery Mode, you'll see a little red triangle on your screen.
Technically :
Recovery Mode is a special provided by Android to do special operations. In fact, I don't know what's the real usage of this mode.
Recovery Menu
The Recovery Menu is a small tool accessible from Recovery Mode. It purposes some options such as wipe your data, format your SDCard and the most important option : deploy ROM or files from a zip file previously dropped at the root of your SDCard.
Functionally :
The Recovery Menu is a green menu you have to use in the root process.
Technically :
On the Desire, Recovery Menu is the only way to write files on /system. Put a zip file on the root of your SDCard and the Recovery Menu will unzip the package and deploy files on your phone for you. You will have to use this menu to install OpenVPN because this application requires to put some file in /system partition. In the last step of the rooting process, Recovery Menu will deploy your ROM (which is nothing more than just a bunch of files) on your phone.
SIM Unlock
SIM Unlock in a process different from all others. If I'm right, you'll have to use Fastboot, put some files on your SDCard and press SIMUnlock. Required files can be provided by your operator. This process works with all ROMs and don't required a root access.
Nandroid Backup
The Nandroid backup process creates binary images (.img) of the boot, data and system partitions (and ext also, if you choose nand+ext). Needless to say you need root in order to be able to perform this kind of backup.
Later, you can use those image files to restore those partitions, in a very similar way you restore a hard-disk partition from a ghost created image. Practically the restore process erases all their content and replaces it with the data saved in the img files, thus reverting the phone's software to the state it was when you performed backup.
Nandroid backup doesn't include the radio image; you can only change (or revert) the radio by flashing it again.
If you want to go back to stock software, you need to use a RUU, which overwrites all the modifications you made into the phone's software (and of course removes the root access as well).
APK
This is the file format for applications. Each application is packaged in an APK file. When you install an application from the market, you're just downlading an APK file which is then automatically installed on your phone.
You can also find APK files on Internet, put them on your SDCard (or directly download them from your phone) and install them.
Deodexed
Technically :
By default, applications are odexed. This allows Android to preload some parts of an application to optimize its launch time. Unfortunately it makes application resources be dispatched outside the APK. Deodexing is a process of gathering all resources inside the application.
Functionally :
Some applications apply a theme on other applications. You need a deodexed version of the targeted application to use this. However, deodexing applications is not a process you should take care of. You'll find some custom ROMs in which all applications have been deodexed for you.
That's all for now. I really want to complete technical information on above lines. It will be great if somebody could explain why you can not install a Nexus One ROM on a HTC Desire using only a GoldCard. Moreover I would like to know how works Fastboot with SDCard. It seems that SDCard plays a really important role (used to update ROM, SIM unlock and GoldCard).
PS : English is not my native language, please be indulgent.
Many thanks to The Professor and silvake for some precisions.
Matco.
Great topic idea, thank you!
Great idea!
Just found out that you need to be in recovery mode in order to have write permissions to the /system partitition (Disk Drive with USB debugging enabled won't work).
More details in the link below, if you want to include them:
http://forum.xda-developers.com/showpost.php?p=6347071&postcount=2
(credits go to emdzej)
Thank your for your support. I just updated the post with your details.
I would like to add some links but I don't have enough rights to add the url tag in my posts.
CID register - serial number of your sd card
Perhaps time to move the info to the wiki ?
Greetings from a vastloper
This should deffinatley get a sticky + be added to the wiki. Great info, so many new terms to learn now that i'm experimenting with android on my blackstone and seriously considering a Desire
Thank you for your replies. I just made some improvements.
It will be ready for the Wiki as soon as someone will confirm informations and help me to complete blanks.
I would really like to have more technical informations. Feel free to share what you know !
For moderators, is it possible to allow me to add URL ?
Matco said:
Thank you for your replies. I just made some improvements.
It will be ready for the Wiki as soon as someone will confirm informations and help me to complete blanks.
I would really like to have more technical informations. Feel free to share what you know !
For moderators, is it possible to allow me to add URL ?
Click to expand...
Click to collapse
matco my desire was not branded by any network.. does this mean to root I should just go ahead with the root process ignoring the goldcard step?? thanks
Yes, you're right (check [Guide] Rooting in this forum, page 4 post 39). GoldCard is only needed for branded phone.
Anyway, the website which generated the .img has been disabled. So you can't create easily a GoldCard right now...
Negative, it's back online:
http://psas.revskills.de/?q=goldcard
guys stuck on the red exclamation mark.. using vista, i ran recovery bat but the recovery mode is not going green. what other files hould be in the same folder as recovery bat?
Everything that was in the original pushfiles.zip along with adb-nilezon. Not sure if they're still there, but if they are, here's where you should be able to find them.
I just updated the FAQ as I successfully rooted my Desire. Rooting process helps me to understand what are Fastboot and HBoot for.
It would be nice if someone can tell me if you can put any zip you want on your SD Card for the last step of the rooting process or if you have to use special ROM included in the file package (rootedupdate.zip).
Thanks by advance.
You can put any full ROM on as the last step, it doesn't have to be rootedupdate.zip. That one will be exactly stock + root, though - so for people who like the phone as is but want root, that's the ROM they want.
You can download anybody else's ROM and throw it on for the final step if that's your cup of tea, though. May want to mention that if they're picking a ROM with A2SD in it, that they need to perform the SD setup before booting, or they may run into trouble with that.
Thank your for your reply.
I will add a warning for people who want to install a ROM with app2SD in it (if I'm right they can use the little "green" menu just before installing the zip file to create partitions on SD Card).
As you seem to have a good understanding of the rooting process, could you explain me what is the goal of the first step (installing a fresh ROM from RUU Installer with phone in Fastboot Mode)? And what are pushed files for ? Is it for green menu?
You need to partition the SD card (using the partition options in the recovery (green) menu) after your ROM and A2SD are installed - if you partition beforehand, you'll lose the zip files you need to flash.
The first step unlocks the bootloader so it'll allow low-level access and recovery mode and so the phone will accept non-HTC-signed updates, I believe. The pushfiles in the second step are forcing the recovery menu (the green menu you mention) onto the device - but since we can't have write access to /system while the device is outside of recovery mode, we have to push the files every time.
very helpful for winmo converts thanks
it took me some time to figure that out
I've done some updates thanks to The Professor.
Great thread, thank you
Background:
So, I recently bought the, “Ulefone Armor 6” Android phone. I didn't do much research into rooting the phone before I bought it, however tonight I did and couldn't find any solution. So I made my own.
Disclaimer:
I am not responsible if you damage, brick, or willingly alter your phone in any way shape or form blah blah blah, you get the point.
Prerequisites:
Make sure you have drivers installed, here.
Rooting process:
1. Obtain a local copy of the, “boot.img” file from the stock rom archive, which can be found on the, “Ulefone” website.
2. Download the compressed file of your choice, "EU" or "Non-EU." (Ex. I downloaded the one for, "Non-EU" which is, "Armor_6_RF1_V01_user_20190329.tar.gz")
3. Extract the downloaded file in the location of your choice, using your favorite archive extractor (7-zip, winzip, winrar, etc...)
4. To begin the root process, Download the android app or .apk file "Magiskmanager.apk" from the Magisk Manager website, and install it in your, Armor 6 device. (Note: the Play Store does not have the, Magisk Manager app.)
5. Now pass the, "boot.img" file downloaded earlier from your computer to your Armor 6 device. Place the "boot.img" file preferably in the "downloads" folder of your Armor 6 device.
6. Open up the Magisk Manager app, and click, "install 19.3" (or what ever is the current version is) then click, "Select and Patch a File".
7. Locate your, "boot.img" file you placed in your downloads folder, and patch it with Magisk Manager. (Note: This step will create another file named, "Magisk_patched.img" in your device.)
8. After Magisk Manager has patched your file, pass the patched file from your downloads folder, back onto your computer. (Note: Not necessary but customary, to rename the patched file to, "boot.img")
9. Now, in your Armor 6 phone, go to your settings, scroll down to system click it, click on about phone, and then tap the crap out of build number, until you have become a developer.
10. Go back from about phone, click on developer options, and tick on "OEM unlocking." also scroll down and tick, "USB debugging."
11. Download ADB tools with fastboot from Android/Google.
12. With the phone connected to the computer, open up the folder where ADB is located in command prompt and type, "adb reboot bootloader"
13. Now that you are in fastboot mode, type the following prompts into the command. (NOTE: the following commands will WIPE your phone clean to stock, so backup any important files/documents before you wipe.)
fastboot oem unlock
OR (if the first one fails, try the second one)
fastboot flashing unlock
14. Once you have unlocked your bootloader, reboot the phone, "fastboot reboot", wait till the phone boots up, go through the setting up process, enable USB debugging again (Step 13), install magisk manager again, and "adb reboot bootloader" in adb command prompt.
15. Once in fastboot mode again, flash the patched, "boot.img" file. (Note: This command will not wipe your device.)
fastboot flash boot boot.img
16. Reboot the phone once more, open up magisk manager, and enjoy root.
A lot of steps yes, but simple easy to do.
Note: that the basis of my instructions on telling you what to do is my assumption of you the end user having basic if not full knowledge of what I am talking about. Because I wont be providing help for basic knowledge, if that makes sense. I do not plan on making a video as this tutorial is mainly meant for users who already know what of the majority they are doing with the tools they are using. If anyone wants to make a video feel free to share it here, I will added to the thread. thanks!
UPDATE 1.0:
I organized a thread on this link, with everything needed to root, twrp, and stock image.
UPDATE 1.2:
Re-organized this thread. Removed a few steps. Added more detail to this thread specifying a few things.
Extosis said:
Story:
I recently bought the, Ulefone Armor 6 Android phone. Didn't do much research into rooting before I bought it, however tonight I did and couldn't find any solution. So I made my own.
Disclaimer:
I am not responsible if you damage, brick, or willingly alter your phone in any way shape or form blah blah blah, you get the point.
Rooting procedure:
1. Get a local copy of the boot.img file from the Ulefone website (To make things simpler for you, Ulefone.com/index.html > Scroll down and click on "download" > Select your device model "Armor series" "Armor 6" > Scroll all the way down and click the download button for "The latest rom".)
2. Now you are at the google drive folder from Ulefone, with the files you need. Select EU if you have the EU version, or Non-EU for any other country.
3. Download the compressed file of your choice EU or Non-EU. (Ex. I downloaded the one for Non-EU which is, "Armor_6_RF1_V01_user_20190329.tar.gz")
4. Open the file in your favorite archiver software, 7-zip, winrar, etc.... open the first folder in the archive, and extract "boot.img"
5. Download, "Magiskmanager.apk" from their Magisk Manager, and install it in your, Armor 6 phone.
7. Pass the, "boot.img" file from your computer to your cellphone. Preferably the "downloads" folder.
8. Open up Magisk manager, and click install 19.3 (or what ever is the current version) then click "Select and Patch a File".
9. Find your "boot.img" file and patch it with magisk manager.
10. After magisk manager has patched your file, pass the patched file, back onto your computer.
11. Now, in your Armor 6 phone, go to settings, scroll down to system and click it, click on about phone, and then tap the crap out of build number, until you become a developer.
12. Go back from about phone, click on developer options, and tick on "OEM unlocking".
13. Scroll down and tick on USB debugging.
14. Download your ADB tools with fastboot from android/google.
15. With the phone connected to the computer, open up the folder where ADB is located in command prompt and type, "adb reboot bootloader"
16. Now that you are in fastboot mode, type the following prompts into the command. (NOTE: the following commands will WIPE your phone clean to stock, so backup any important files/documents.)
fastboot oem unlock
OR (if the first one fails, try the second one)
fastboot flashing unlock
17. Once you have unlocked your bootloader, reboot the phone "fastboot reboot", wait till the phone boots up, go through the set up process, enable USB debugging again (Step 13), install magisk manager again, adb reboot bootloader in adb command prompt.
18. Once in fastboot mode again, flash the patched boot.img file.
fastboot flash boot boot.img
19. Reboot the phone once more, open up magisk manager, and enjoy root.
A lot of steps yes, but simple easy to do.
Note: that the basis of my instructions on telling you what to do is my assumption of you the end user having basic if not full knowledge of what I am talking about. Because I wont be providing help for basic knowledge, if that makes sense.
Click to expand...
Click to collapse
Nice work around for a phone that doesn't have Twrp
([emoji813]9/[emoji725]/9[emoji813])
PoochyX said:
Nice work around for a phone that doesn't have Twrp
([emoji813]9/[emoji725]/9[emoji813])
Click to expand...
Click to collapse
Upon doing a bit more research, the phone actually has TWRP & a TWRP fork.
How do we know we can trust you? I'm a nubee as I've said.
SteeleB89 said:
How do we know we can trust you? I'm a nubee as I've said.
Click to expand...
Click to collapse
Then this isnt for you and stick with stock... Stock honestly works just certain people want greater freedom with thier phones only issue is with that you yourself at greater risk of breaking something and wouldn't know how to fix it and in situations like that factory restores wouldn't even save you because the system partition doesn't go back to the way it was with a factory restore
Sent from my SM-J327P using Tapatalk
I understand and accept the risk. I'm asking if this is a legit fix or some attempt to put malware on my phone.
SteeleB89 said:
I understand and accept the risk. I'm asking if this is a legit fix or some attempt to put malware on my phone.
Click to expand...
Click to collapse
Well to start with, I didn't attach anything in this thread, only photos.
1. You bought the phone, a phone that is made from a Chinese company, odds are that it already has malware, backdoors, or things you don't want on the OS.
2. Like I said, I didn't attach anything for you to download, so I am not infecting you with anything. Fastboot even comes with Google SDK.
3. Magisk is a wide known group who release root for the public to download/install. Just like TWRP, clockworkmod, cynaogenmod, etc...
4. If you don't feel comfortable doing this process, then like stated above, you should probably feel safer staying with stock & no root.
As I am sure, everyone who mod their devices are fully aware of the consequences of exploiting their devices. Brinking, killing, or messing something up.
Cheers.
For the life of me I cannot get the drivers to install. I've tried on Windows 10 and 7, but can't get fastboot to recognize the device. ADB works just fine, but Windows won't recognize the device when in recovery. I tried the official Ulefone drivers for Windows 10 and 7, as well as the MTK/VCOM usb drivers through manual installation.. How did you get it working? What other drivers are you using?
A.Fitz said:
For the life of me I cannot get the drivers to install. I've tried on Windows 10 and 7, but can't get fastboot to recognize the device. ADB works just fine, but Windows won't recognize the device when in recovery. I tried the official Ulefone drivers for Windows 10 and 7, as well as the MTK/VCOM usb drivers through manual installation.. How did you get it working? What other drivers are you using?
Click to expand...
Click to collapse
I have literally used the "driver installer" from the Ulefone website. Install the MTK/VCOM Drivers.
Adb gets detected in TWRP & Fastboot is found on my computer just fine.
My suggestion would be to check if your anti-virus (if you have one) if it's blocking the drivers from being installed.
Ps: I have the latest Windows 10 1903 x64 Edu and the drivers work perfectly.
Will try at end of month and tell you guys the result later.
Hi!!!
Thanks for the tutorial. I managed to root my Ulefone Armor 6.
Just one thing, maybe it will be nice to add in the tutorial (suggestion): Magisk generates another boot.img file, called magisk_patched. That is the one to be used on step 17 (rename it before).
One question. If I do a factory reset, will the phone remain rooted? Can't remember for the life of me from past roots I've done.
Stabys said:
Hi!!!
Thanks for the tutorial. I managed to root my Ulefone Armor 6.
Just one thing, maybe it will be nice to add in the tutorial (suggestion): Magisk generates another boot.img file, called magisk_patched. That is the one to be used on step 17 (rename it before).
One question. If I do a factory reset, will the phone remain rooted? Can't remember for the life of me from past roots I've done.
Click to expand...
Click to collapse
Oh most definitely. I am actually going to add more detail to this tutorial once I have the free time to do so. This tutorial was mainly supposed to be like a rough idea on how to do it. However yes, I did a factory reset not to long ago and root was maintained.
Update:
Added more information and cleaned the thread up.
Well, IDK if that's a common understanding or even if it's going to happen to everybody but.. Ulefone released an software update that undid the root and reinstalled every single native app that I had uninstalled. I tried rooting again, buuut they did not put the new rom in their website yet, so my phone got stuck in boot XD. So I reinstalled the ROM available using SP Flash Tool (thank god that worked, lost some information but that's fine).
I'm not sure if I'm going to root it again when they release the ROM in the website.. I wanted root so I could make Cerberus an native app, but even though I can do it, if the phone is reset Cerberus loses my account information, so it is no use to me.
English is not my native language, but I guess that's pretty understandable
@edit: They did not release the new rom in the official website.. I did not look into the Mega or Drive link actually.
Stabys said:
Well, IDK if that's a common understanding or even if it's going to happen to everybody but.. Ulefone released an software update that undid the root and reinstalled every single native app that I had uninstalled. I tried rooting again, buuut they did not put the new rom in their website yet, so my phone got stuck in boot XD. So I reinstalled the ROM available using SP Flash Tool (thank god that worked, lost some information but that's fine).
I'm not sure if I'm going to root it again when they release the ROM in the website.. I wanted root so I could make Cerberus an native app, but even though I can do it, if the phone is reset Cerberus loses my account information, so it is no use to me.
English is not my native language, but I guess that's pretty understandable
@edit: They did not release the new rom in the official website.. I did not look into the Mega or Drive link actually.
Click to expand...
Click to collapse
Yeah, I think their new rom has a few security updates as well as other updates.
I haven't updated as of yet, because I fear I will lose root. However if I ever do, I'll update everyone if successful.
I understand you very well too.
Hello again..
I've decided to stay on 2019.03.29 update.. Just to be able to uninstall those da** native apps..
I'd appreciate if you post here if or when you have any news about root in the latest wireless update.
Then again, can't say thanks enough.
Cheers.
Stabys said:
Hello again..
I've decided to stay on 2019.03.29 update.. Just to be able to uninstall those da** native apps..
I'd appreciate if you post here if or when you have any news about root in the latest wireless update.
Then again, can't say thanks enough.
Cheers.
Click to expand...
Click to collapse
Hello it's been a while.
I have updated to the latest version by Ulefone for our Armor 6's.
Version: 2019.06.05.
I was able to root it again, using the same method in this thread.
As for the native apps, I haven't tried to remove them, however I am sure it is possible to.
HELP!
Guys, I need some help here. For some reason I'm not able to find the file in the downloads folder. When i go to Magisk, the file is there, however I cannot find it with any file explorer or through the PC. Any help here??
Extosis said:
Background:
So, I recently bought the, “Ulefone Armor 6” Android phone. I didn't do much research into rooting the phone before I bought it, however tonight I did and couldn't find any solution. So I made my own.
Disclaimer:
I am not responsible if you damage, brick, or willingly alter your phone in any way shape or form blah blah blah, you get the point.
Prerequisites:
Make sure you have drivers installed, here.
Rooting process:
1. Obtain a local copy of the, “boot.img” file from the stock rom archive, which can be found on the, “Ulefone” website.
2. Download the compressed file of your choice, "EU" or "Non-EU." (Ex. I downloaded the one for, "Non-EU" which is, "Armor_6_RF1_V01_user_20190329.tar.gz")
3. Extract the downloaded file in the location of your choice, using your favorite archive extractor (7-zip, winzip, winrar, etc...)
4. To begin the root process, Download the android app or .apk file "Magiskmanager.apk" from the Magisk Manager website, and install it in your, Armor 6 device. (Note: the Play Store does not have the, Magisk Manager app.)
5. Now pass the, "boot.img" file downloaded earlier from your computer to your Armor 6 device. Place the "boot.img" file preferably in the "downloads" folder of your Armor 6 device.
6. Open up the Magisk Manager app, and click, "install 19.3" (or what ever is the current version is) then click, "Select and Patch a File".
7. Locate your, "boot.img" file you placed in your downloads folder, and patch it with Magisk Manager. (Note: This step will create another file named, "Magisk_patched.img" in your device.)
8. After Magisk Manager has patched your file, pass the patched file from your downloads folder, back onto your computer. (Note: Not necessary but customary, to rename the patched file to, "boot.img")
9. Now, in your Armor 6 phone, go to your settings, scroll down to system click it, click on about phone, and then tap the crap out of build number, until you have become a developer.
10. Go back from about phone, click on developer options, and tick on "OEM unlocking." also scroll down and tick, "USB debugging."
11. Download ADB tools with fastboot from Android/Google.
12. With the phone connected to the computer, open up the folder where ADB is located in command prompt and type, "adb reboot bootloader"
13. Now that you are in fastboot mode, type the following prompts into the command. (NOTE: the following commands will WIPE your phone clean to stock, so backup any important files/documents before you wipe.)
fastboot oem unlock
OR (if the first one fails, try the second one)
fastboot flashing unlock
14. Once you have unlocked your bootloader, reboot the phone, "fastboot reboot", wait till the phone boots up, go through the setting up process, enable USB debugging again (Step 13), install magisk manager again, and "adb reboot bootloader" in adb command prompt.
15. Once in fastboot mode again, flash the patched, "boot.img" file. (Note: This command will not wipe your device.)
fastboot flash boot boot.img
16. Reboot the phone once more, open up magisk manager, and enjoy root.
A lot of steps yes, but simple easy to do.
Note: that the basis of my instructions on telling you what to do is my assumption of you the end user having basic if not full knowledge of what I am talking about. Because I wont be providing help for basic knowledge, if that makes sense. I do not plan on making a video as this tutorial is mainly meant for users who already know what of the majority they are doing with the tools they are using. If anyone wants to make a video feel free to share it here, I will added to the thread. thanks!
UPDATE 1.0:
I organized a thread on this link, with everything needed to root, twrp, and stock image.
UPDATE 1.2:
Re-organized this thread. Removed a few steps. Added more detail to this thread specifying a few things.
Click to expand...
Click to collapse
babyboy_legolas said:
Guys, I need some help here. For some reason I'm not able to find the file in the downloads folder. When i go to Magisk, the file is there, however I cannot find it with any file explorer or through the PC. Any help here??
Click to expand...
Click to collapse
After I did the last flash with the boot.img, the phone keeps rebooting and rebooting. its like something on that image is wrong. the thins is, giving the fact the phone is continuing booting. How can i put it again to flash the original boot.img?
babyboy_legolas said:
After I did the last flash with the boot.img, the phone keeps rebooting and rebooting. its like something on that image is wrong. the thins is, giving the fact the phone is continuing booting. How can i put it again to flash the original boot.img?
Click to expand...
Click to collapse
To put the phone in manual fastboot mode, you have to power off your device first. By pressing both, "power button + volume down button" until you feel the phone vibrate.
Once the phone vibrates, quickly press, "Power button + volume up button" to view the fastboot/recovery/normal boot menu options. To select fastboot use the volume buttons.
Volume up = select
Volume down = move down through options.
Hi!
Oh I tried it once more now and managed to do it.
I did it with the ROM from Mega (20190605).
Thanks again!
Disclaimer: This guide and the tools included are provided as-is. Testing has been limited and nothing is guaranteed to work. I take no responsibility for lost data, bricked devices, etc. Continue at your own risk, and please read carefully. THIS GUIDE WAS WRITTEN FOR PHONES ON ANDROID 8.1 - MAY NOT WORK ON DEVICES WITH THE PIE UPDATE.
Note that Magisk and TWRP can interfere with downloading and installing OTA updates. At this time the only updates are security patches, so it would be best to make sure all OTAs are installed before starting.
Mounting and decrypting the data partition is still hit-or-miss. If you haven't set up a passcode or password, TWRP should be able to mount it, and you still might be able to even if you have. Magisk will corrupt encrypted partitions and force a factory reset, and TWRP will not be able to help you back things up if Magisk has been installed before disabling encryption. You've been warned.
Guide: Installing TWRP and Magisk on the Visible R2
Tools:
prog_emmc_firehose_8917.mbn - firehose for flashing system partitions
Latest available TWRP zip - contains TWRP recovery image and the necessary files for flashing
fstab.qcom - for removing forced encryption
Patched boot image - for installing versions of Magisk newer than v16.7
Stock firmware - optional, but handy to have in case something goes wrong.
Windows users: QPST/QFIL and the QDLoad drivers (possibly the first set of ZTE drivers as well, but likely not necessary). Installing drivers in compatibility mode for XP or Windows 7 might help resolve issues.
Install adb if you don't already have it set up.
Linux users: qdl source code; the guide will cover compiling and installing it. You'll also want to install adb from your distro's repositories. There is a snap package for qdl, but it doesn't work for the purposes of this guide, so please don't use it.
Part 1: Installing TWRP
TWRP is an easy-to-use, touch-based custom recovery for Android devices, designed to make backups and installs simple and painless. Unfortunately, the installation of TWRP on the R2 is going to be a little less simple and painless; the device's bootloader isn't locked down, but it doesn't support fastboot commands, meaning we'll need to get our hands dirty to flash partitions.
Before starting, it's also worth noting that the current TWRP build cannot always decrypt encrypted data partitions, and the device is encrypted by default. This means that TWRP may not be able to mount or back up your data partition unless it's formatted and forced encryption is removed (see part 2).
To flash TWRP, we need to put the device into EDL mode and forcibly overwrite the existing partitions using an EDL tool and the firehose linked above, which unfortunately requires a PC of some sort. Enable USB debugging on your phone, then follow the steps for your operating system below.
For Windows:
1. Install the Qualcomm driver package. Before continuing, you will need to make sure Driver Signature Enforcement is disabled on your PC; QFIL may have issues communicating with the device if Windows blocks the driver.
2. Install the QPST package, then open QFIL from the Start menu.
3. Select 'Flat Build' under Select Build Type.
4. Extract the TWRP zip to an accessible directory (something like C:\TWRP works fine). Place the firehose.mbn in the same directory.
5. Press 'Browse' under Select Programmer, then navigate to the TWRP directory and select the firehose file.
6. Press 'Load XML'. Select rawprogram_recovery.xml, then patch0.xml
7. Connect the phone to your PC and make sure USB debugging is enabled. Make sure your PC is trusted by the phone for ADB commands, then send 'adb reboot edl'.
8. If everything went well, the phone should have rebooted with a blank screen, and QFIL should be asking you to select a port. Press Select Port, and then choose (hopefully) the only item available).
9. The 'Select a port' message should now read something like Qualcomm HS-USB QDLoader 9008 (COM#). IF it does, simply press download.
10. There should be some output in the status window, ending a few seconds later with a blue Download Succeeded message. If so, you're done, and can restart your phone. If there's a red error message, or the status window seems to be stuck on sending, double-check that your device is registered properly in Device Manager.
11. Once you're done flashing, you can reboot into TWRP by holding down the Vol Up button as the phone reboots.
For Linux:
1. Unzip the qdl zip into its own directory, then enter the directory.
2. Compiling qdl requires libraries that may not be installed. For Ubuntu users, you simply need to run ' sudo apt install libudev-dev libxml2-dev' to install them; people with other distros should know how to use their package manager and may have to find the packages under a similar name. If any other packages are required (errors compiling, etc.), let me know so I can update this.
3. Actually compiling should be as simple as opening a terminal in the working directory and running 'make && sudo make install'. If you get no errors, qdl should be installed and able to run from any location, and the compile process shouldn't take much time at all.
4. Before running qdl, ModemManager needs to be disabled, as it can interfere with accessing the phone in EDL mode. In Ubuntu (and most systemd-based distros) you can ensure that it's stopped by running ' sudo systemctl stop ModemMangager'. If you need the ModemManager service, make sure to restart it when you're done.
5. Extract the TWRP zip to an easily-accessed folder, like ~/twrp, and place the firehose mbn in the same folder.
6. Navigate to the TWRP folder and open a terminal there. Now would be a good time to plug in your phone and enter EDL with 'adb reboot edl'.
6a. If your phone was already connected in EDL mode before stopping ModemManager, you might need to reboot it and enter EDL again.
7. If you're in the same directory as the TWRP files, you should be able to start flashing by running 'sudo qdl prog_emmc_firehose_8917.mbn rawprogram_recovery.xml patch0.xml'.
8. If everything's good, you should see some output on your screen, and the phone should reboot momentarily. If the command finishes without output, ModemManager or something similar may have interfered. Make sure ModemManager is stopped, reboot your phone into EDL mode again, and try again. If it hangs at Waiting for EDL device, you're not running the program with admin privileges or your phone isn't in EDL mode.
9. Once the process has finished and your phone has rebooted, you should have TWRP installed. Boot into it by holding Vol Up while rebooting.
That's it! Verify that TWRP is working as expected by doing some test backups and restores, etc. Note that TWRP builds for this device are still sort of experimental; decrypting the data partition may not work for some users, and keeping data encrypted while trying to flash Magisk will not work - you will need to wipe and decrypt the device. If you're satisfied just with TWRP, there's not much else you need to do. If you want to run Magisk or decrypt your device for other reasons, keep reading.
Part 2: Removing Forced Encryption
By default, the device encrypts the data partition without input from the user. This is not ideal, and even if TWRP can decrypt and mount your data partition, from my experience Magisk's init process apparently gets things wrong and tries to write to data before its decrypted - whether that's actually the case or not, the fact of the matter is that Magisk has corrupted my data partition every time I've tried to install it while data was encrypted.
DO NOT flash any zip that removes dm-verity and force encryption - these modify the boot and recovery partitions, and the stock kernel doesn't like the way they do it. If you've flashed the patched boot.img first then you'll at least be able to boot to your system partition afterwards, but it'll still nuke recovery even with a custom kernel installed on it. If you're still using the stock boot.img, you'll get boot loops and won't be able to access recovery; your only choice is to enter diagnostic mode, and reflashing anything from that point is a gigantic pain in the ass, so please, just don't. If you feel the need to do it regardless, please please please reflash your boot and recovery images before rebooting.
Counter-intuitively, the quickest and most painless way to stop the device from force-encrypting itself is to modify the fstab on the vendor partition - the boot partition has no fstab files, and the ones in the TWRP recovery image are already set to make encryption optional. Place the fstab.qcom on the phone's microSD card (internal storage will work if you don't have one, as long as TWRP can access your internal storage; if not, use adb push/pull rather than the below commands), boot into TWRP, and adb shell into your device by USB; if done while in TWRP, you should have root permissions. If your PC doesn't see your phone as an ADB-ready device, go to Mount settings in TWRP and tap on the option to disable MTP; after confirming that ADB works, feel free to re-enable MTP. Once ADB is working, run the following commands:
Code:
mount /vendor
cp /vendor/etc/fstab.qcom /external_sd/fstab.qcom.bak
cp /external_sd/fstab.qcom /vendor/etc/fstab.qcom
chmod 644 /vendor/etc/fstab.qcom
umount vendor
.
That's the simple part - you've replaced the fstab on the vendor partition with one that tells the device that encryption is optional, and backed up the original to your microSD as fstab.qcom.bak, just in case. Now you need to actually remove the existing encryption, which will wipe all the user data from the device. If that hasn't scared you out of continuing, read on.
While we're still in TWRP, we need to go to the Wipe menu. From there, we need to Format Data. It'll give you warnings in a scarier color than I did, but you'll have to type yes and continue regardless. Once that's done, hit the back button a couple times before rebooting. Do a standard factory reset, then reboot.
From there, it may take a couple tries for the device to boot normally as it reformats and repopulates the data partition. If you find yourself stuck on a black screen, reboot again, and if it keeps happening, boot into TWRP and then reboot to System from the reboot menu. Eventually, you should be able to get back to the device setup screen, and depending on your security settings beforehand, you may be prompted to enter your PIN, password, or Google account information.
From here, you should be able to mount, backup, and restore your data partition in TWRP without any issues. If you want to go further and root your device, keep reading for the Magisk guide.
Part 3: Any Magisk You'd Like
Note: Magisk and encrypted data partitions do not play nicely together. Follow through Part 2 first, or you'll have headaches.
ZTE's kernel has a custom SELinux plugin called policyproc, which in short doesn't play nice with a lot of things that modify what happens during the kernel's startup sequence. Unfortunately, modifying the startup sequence is what Magisk does best, and versions of Magisk past v16.7 don't play well with the stock kernel.
If you're fine with v16.7, you can download the zip from its Github release page and flash it through TWRP. However, it doesn't support current versions of Magisk Manager or the uninstaller zip, and naturally it doesn't have all the features of newer versions.
This is where the patched boot image comes in. Basically, it's the stock kernel, rebuilt with policyproc disabled, stuffed into the stock boot.img and replacing the original kernel. It's not entirely perfect as ZTE deliberately left out bits of the source, but even working around that, the kernel seems to run fine after nearly a week of testing on my own device. Still, if you run into any issues that don't show up with the stock kernel, please let me know.
So. you can take that patched boot image and install newer versions of Magisk whichever way you'd like. The default method would be to use TWRP to flash the patched boot image, then flash the latest Magisk zip (v20.1 at the time of writing). Alternatively, you could put the patched boot.img on your microSD or internal storage, install the Magisk Manager app, use it to patch Magisk into the patched boot image, then use TWRP to flash the patched-patched-image to the boot partition. Either way should work fine, and honestly I'm hoping if you've made it this far you don't need further instruction on how to get Magisk installed.
Note that on the first reboot after installing Magisk, the phone may reboot again before loading the system normally. I assume this is standard practice for initializing Magisk, but honestly I have no idea.
With that, you've done just about everything you came here to do. If you still feel like tweaking and possibly bricking your phone, however, scroll on down to Part 4.
Part 3.5: Updating Your Magisk Install
When a Magisk update is available, the Magisk Manager app will generally push a notification to you. Letting the manager handle the upgrade is a good way to get bootloops, unfortunately; upgrading requires re-patching and re-flashing the boot image, and most apps running in system mode seem to handle the task poorly on the R2. If you want to update to a newer version of Magisk, it'd be best to reboot into TWRP, flash the 'clean' Magisk-ready boot image, then install the zip for the version of Magisk you want to update to. You don't need to uninstall previous versions of Magisk to do this, and it should be doable even if a previous Magisk upgrade left you stuck in a boot loop. Note that if you previously told the Manager to 'hide' itself, you may end up with two Manager apps after the update; it should be safe to remove either of them, although the one with the Magisk Manager name will need to be re-hidden if you choose to keep it.
Part 4: Going Even Further Beyond - Project Treble and You
Google requires that all Android phones releasing with Android Oreo or newer must support the Treble framework: generally speaking, anything that's 'stock' Android lives on the system partition, and anything manufacturer or carrier specific exists on the vendor partition. This has allowed for developers to create generic system images, or GSI, consisting of particular Android system partitions that should run on a variety of Treble-enabled devices. And wouldn't you know it, the R2 launched with Oreo, and you've got a couple handy methods of writing system images to your device, through TWRP and EDL flashers.
So, does that mean the R2 supports these GSIs? Not really! Honestly, it's more that it's up to curious people to find out. I've been able to get phhussons's Oreo image working, but that's a bit boring on a device that supports Oreo out of the box. A couple more highly modified Pie builds failed to boot properly, either hanging on their splash screen or crashing the display manager before getting through setup.
There's also the fact that they're generally only distributed as sparse system.img files, something I had trouble flashing with QFIL, and up until about 18 hours before this guide went live, the only TWRP build I had for the R2 could only write images to the boot and recovery partitions, not system, so writing them meant I had to decompress them to a standard EXT4 image and then flash them with QFIL, which wasn't a lot of fun to mess with. In short, testing's been pretty limited, but this build of TWRP should make it much easier for anyone to flash whatever image they'd like. If you feel like being a guinea pig, we'd all love to hear the results! If you want to test, you should look for A-only, ARM64 images.
Questions and Issues
My phone is bootlooping after leaving recovery!
If you haven't messed with system partitions in a way that might cause a bootloop, reboot to recovery and try to boot to system from there. If it continues, reflash your boot image (and Magisk afterwards, if necessary, removing the extra Manager app that might pop up in your app tray if you've got Manager disguised in its settings).
I can't access ADB or MTP from recovery.
It happens sometimes, especially in Windows; just toggle MTP on/off from inside TWRP, or unplug and replug your USB cable.
My phone says I need a factory reset, but TWRP just reboots.
This generally happens if something messed with the encrypted data partition. Do not tap the factory reset button on your phone; instead, power off entirely and manually reboot into TWRP by hilding Vol Up while booting. Perform a factory reset (and format data if necessary) from there, then reboot.
(to be populated)
Credits
@deadman96385 - for uploading the tools that made this possible and the stock ROMs that saved my ass more than a few times
@famewolf - for feedback on what did/didn't work in the last guide
@asderdd - for his Axon 7 kernel work which I shamelessly copied to get Magisk working
Anyone who's contributed to Magisk or TWRP over the years, and the maintainers of the moto e5+ device tree for TWRP since I used most of their branch.
Sources
Kernel source, specifically the tree used for the Magisk patch
TWRP device tree
@FEGuy
Attempted to flash the new twrp via zip....acted like it worked but when I when to install section only boot and recovery were options....so I installed the twrp image itself to recovery....rebooted back into recovery and got a black screen. Additional attempts to go into recovery did same thing. I'll attempt to use the flashify app under factory rom to restore previous copy of twrp. It should work as I had magisk going...I think.
That is... not really reassuring. I've suspected the zip flash might not actually work, but I double-checked that TWRP build on my device first.
What's weird is that that's also the only TWRP image I've gotten to boot without dragging it through an AVB signing process. Let me sign that image and reupload it, see if it works any better.
FEGuy said:
That is... not really reassuring. I've suspected the zip flash might not actually work, but I double-checked that TWRP build on my device first.
What's weird is that that's also the only TWRP image I've gotten to boot without dragging it through an AVB signing process. Let me sign that image and reupload it, see if it works any better.
Click to expand...
Click to collapse
Always possible I hosed something....I grabbed the img of the previously good twrp and flashed it via flashify app...said it worked but when booted to recovery got same black screen. I'm about to experiment with the usb drivers you mentioned vs the ZTE USB ones in the op...they conflict with each other so uninstalling old ones.
If the ZTE and QDLoad drivers conflict, I'd probably say keep the QDLoad. I honestly don't remember if I ever installed any ZTE drivers other than the ones that can be served from the phone by USB.
Pretty sure flashify is just broken; I tried it the other day with the same results after flashing a test build that didn't work at all.
I just redownloaded the TWRP from the original link and it worked fine, and there shouldn't be any files or signature tied to my own device, so I don't really know why it wouldn't work on other phones. I've got another one coming in the mail for actual use on Visible, but it won't be here to test on until tomorrow.
In the meantime, try this TWRP. No different other than letting AIK give it an AVB signature, but some of my test images wouldn't boot otherwise. If it works I'll update the zip in the first post.
FEGuy said:
If the ZTE and QDLoad drivers conflict, I'd probably say keep the QDLoad. I honestly don't remember if I ever installed any ZTE drivers other than the ones that can be served from the phone by USB.
Pretty sure flashify is just broken; I tried it the other day with the same results after flashing a test build that didn't work at all.
I just redownloaded the TWRP from the original link and it worked fine, and there shouldn't be any files or signature tied to my own device, so I don't really know why it wouldn't work on other phones. I've got another one coming in the mail for actual use on Visible, but it won't be here to test on until tomorrow.
In the meantime, try this TWRP. No different other than letting AIK give it an AVB signature, but some of my test images wouldn't boot otherwise. If it works I'll update the zip in the first post.
Click to expand...
Click to collapse
If I su from adb and do a dd if=twrp-signed.img of=xxxxxxxxxxx can I overwrite it manually from shell and if so do you know the path I should use to get it to our recovery?
If flashify is broken, twrp is broken and I'm unable to use qdl nor qfil I'm kinda screwed (for the moment). The qdload drivers did not show the device on a com port when in edl mode...the zte ones do but then again I can't write anything. Any ideas what the heck is up with the linux qdl? Even with --debug it says nothing.
---------- Post added at 02:01 AM ---------- Previous post was at 01:48 AM ----------
famewolf said:
If I su from adb and do a dd if=twrp-signed.img of=xxxxxxxxxxx can I overwrite it manually from shell and if so do you know the path I should use to get it to our recovery?
If flashify is broken, twrp is broken and I'm unable to use qdl nor qfil I'm kinda screwed (for the moment). The qdload drivers did not show the device on a com port when in edl mode...the zte ones do but then again I can't write anything. Any ideas what the heck is up with the linux qdl? Even with --debug it says nothing.
Click to expand...
Click to collapse
I tried dd if=twrp-3.3.1-1-z5151v.img of=/dev/block/bootdevice/by-name/recovery and did same with new signed one. I still get black screen when recovery "loads". At this point I'm going to have to get something figured out with qdl or qfil.
Yeah, I wasn't sure if dd was going to work or not.
Try the QDLoad drivers again in Windows, make sure that the device is using them. If it's not showing up as a COM port in device manager, force it to use the proper Qualcomm driver, which on my system installed to C:\Windows\system32\qcusbcer.sys - I don't know if that installed with the QDLoad drivers or with QPST/QFIL itself.
As for qdl, I don't know; it's been hassle-free for me, for the most part. If you're sure you're in EDL mode and not diagnostics or something, an output from lsusb might help diagnose the issue. If the debug flag isn't providing useful info, might as well try it without. I don't know if there's services other than modemmanager that might interfere with qdl, it could depend on distro.
EDIT: I'll also preemptively warn against trying the TWRP app to flash; it'll do about as much good as flashify.
Will tackle it "later" in the morning. Thanks for the quick followup. I might see more clearly in morning when not so frustrated with it. I swear I haven't had this many issues with getting twrp installed in a long time.
*update* Ok so I lied....I completely recompiled qdl from https://github.com/andersson/qdl and it's working as expected..I used it to flash the original twrp. I then used that twrp to flash the twrp-signed.img and rebooted back into it with no issues.
I also flashed your patched boot and it got as far as the blue visible screen after the zte one then hung. I reverted to my nandroid copy of boot.
The Treble pie loaded ok...I did do a factory reset so data would not conflict..it did do one reboot before loading normally. See screenshots.
The First 4 are from when it was initially installed. The later photo's I had added gapps, a few apps, snapped a picture to use as wallpaper and various other minor things. I found it to be faster under treble pie than it was with factory oreo. I haven't found anything that didn't work yet on it.
Launcher: Evie Launcher
famewolf said:
I also flashed your patched boot and it got as far as the blue visible screen after the zte one then hung. I reverted to my nandroid copy of boot.
Click to expand...
Click to collapse
Did you still have Magisk installed at the time? I'd have recommended uninstalling Magisk using the uninstaller zip from the 16.7 release before replacing the boot image; if there's still Magisk data in /data then booting with a non-Magisk boot image is probably going to cause issues.
In the meantime, I guess I'll update the TWRP zip with the signed recovery image, just in case.
FEGuy said:
Did you still have Magisk installed at the time? I'd have recommended uninstalling Magisk using the uninstaller zip from the 16.7 release before replacing the boot image; if there's still Magisk data in /data then booting with a non-Magisk boot image is probably going to cause issues.
In the meantime, I guess I'll update the TWRP zip with the signed recovery image, just in case.
Click to expand...
Click to collapse
I tried the current installer which failed. I didn't locate the 16.7 uninstaller.
*update* I did finally locate the 16.7 Magisk Uninstaller.
FEGuy said:
Did you still have Magisk installed at the time? I'd have recommended uninstalling Magisk using the uninstaller zip from the 16.7 release before replacing the boot image; if there's still Magisk data in /data then booting with a non-Magisk boot image is probably going to cause issues.
In the meantime, I guess I'll update the TWRP zip with the signed recovery image, just in case.
Click to expand...
Click to collapse
I also installed open gapps pico pie amd64 version on top of the pie rom without issue. I have magisk 16.7 working with treble without issue so maybe it was just the newer versions that had issues?
My 2nd R2 (You are a bad influence) arrived today. Anything you need tested on a stock model? Here's hoping qdl/qfil cooperates 1 last time.
When you were patching the kernel did you see anything that was keeping the phone in LTE only mode for calls? When I get a minute I'm going to put my t-mobile sim into the R2 and see what it will do under the pie rom but since it's still using same kernel I wondered if that would be an issue. We know on the stock rom all calls have to use VOLTE.
I haven't figured that much out yet, unfortunately. I don't know if it's due to the way the kernel is built, or custom libraries distributed on the vendor partition, or what. From what I can tell, the bands are properly unlocked in the NVRAM, and I don't really know enough about modem firmware to make heads or tails of those files.
I will note that for people using the phone on Visible, using a non-stock ROM works for getting around the one-connected-device-per-hotspot limit.
FEGuy said:
I haven't figured that much out yet, unfortunately. I don't know if it's due to the way the kernel is built, or custom libraries distributed on the vendor partition, or what. From what I can tell, the bands are properly unlocked in the NVRAM, and I don't really know enough about modem firmware to make heads or tails of those files.
I will note that for people using the phone on Visible, using a non-stock ROM works for getting around the one-connected-device-per-hotspot limit.
Click to expand...
Click to collapse
Had a couple of thoughts...a quick and dirty method to provide "flash and go" rom's might be to do a nandroid of just system or maybe system and boot for whatever rom and make that available for download. I also know there are methods to convert a nandroid into a flashable zip although I haven't done it before. This was more a thought for folks wanting to go to b12 that already had twrp...simple enough for an existing b12 user to back up system. I have verified swapping between nandroid pie vs stock oreo works ok (assuming you are restoring the right data for each). Also the fingerprint "images" continued to work fine after a restore.....on a previous device when we did a nandroid restore we would have to delete the file storing pin/fingerprints as they wouldn't let you into the phone until re-recorded. It also worked if you remember to turn those OFF before doing the backup....wasn't an issue with the R2. The phone is noticeably more responsive on pie than it was with stock oreo. I'm curious whether you found that to be the case with treble oreo?
Oh minor annoyance....I changed the device id to z5151 which is what it showed under stock but when doing an adb shell the command line is "phhgsi_arm64_a:/" Do you know how to change that? This will change it temporarily till next login: https://stackoverflow.com/questions/33069161/how-to-change-adb-shell-prompt-name-before-the-mark
You could try using setprop as root to set ro.build.product or ro.product.device back to Z5151, or manually edit the build.prop; beyond that, I don't know of a simpler way.
I'm having trouble getting the mobile data working on pie,
I can search for networks and it finds visible but it wont connect.
thanks!!!!!!!!
rangolizardy said:
I'm having trouble getting the mobile data working on pie,
I can search for networks and it finds visible but it wont connect.
Click to expand...
Click to collapse
The visible apn was missing from my pie,
If you're an idiot like me and flashed to pie before backing up "apns-config.xml" then here is the stock one with the visible apn settings: mega(.)nz/#!t5o2mKDL!qVHZijM-MhfLyZwmkrkQ7OddepV7xQVBsRbQr1AhCLY
Remove the () Someone else can maybe post the intact link as i seem to be unable to.
After this 4G works like a charm.
rangolizardy said:
The visible apn was missing from my pie,
If you're an idiot like me and flashed to pie before backing up "apns-config.xml" then here is the stock one with the visible apn settings: mega(.)nz/#!t5o2mKDL!qVHZijM-MhfLyZwmkrkQ7OddepV7xQVBsRbQr1AhCLY
Remove the () Someone else can maybe post the intact link as i seem to be unable to.
After this 4G works like a charm.
Click to expand...
Click to collapse
Posted for rangolizardy: http://mega.nz/#!t5o2mKDL!qVHZijM-MhfLyZwmkrkQ7OddepV7xQVBsRbQr1AhCLY
Any other important tweaks anyone has made to the treble pie image?
Factory Wallpapers are here: https://forum.xda-developers.com/showpost.php?p=79011562&postcount=2
IMPORTANT!! THESE FILES / THIS THREAD IS FOR PIXEL 4 XL "CORAL" ONLY, NOT PIXEL 4 "FLAME"!!
**IT IS HIGHLY RECOMMENDED TO PATCH THE STOCK BOOT IMAGE YOURSELF, FROM YOUR OWN DEVICE, USING MAGISK MANAGER. WHILE THERE'S A GOOD CHANCE THE FILE I PROVIDED BELOW WILL BE IDENTICAL (USE A FILE HASH CHECKSUM TOOL IF YOU'RE CURIOUS), THERE IS ALSO A CHANCE THEY MAY HAVE SMALL, BUT SIGNIFICANT, VARIANCES**
Thanks for the info and link, @wrongway213
Link to @topjohnwu's post: twitter dot com /topjohnwu/status/1272136975022084097?s=19 (until I figure out how to stop new XDA from forcing the URL to embed a giant twitter posting in the middle of the post...)
ALL FILES BELOW ARE FOR "RQ1A.210205.004, Feb 2021"!
Magisk v21.4 Patched Boot Image: https://www.androidfilehost.com/?fid=17248734326145727319
Factory Untouched Boot Image: https://www.androidfilehost.com/?fid=17248734326145727317
Factory Untouched DTBO Image: https://www.androidfilehost.com/?fid=17248734326145727318
----------------------------------------------
-------------UPDATE PROCESS BELOW-------------
----------------------------------------------
EASY UPDATE / SEAMLESS KEEP-ROOT UPDATE PROCESS (using a PC - a very intuitive, effective, and relatively safe method).
** You can only follow this guide verbatim if coming EXACTLY from build "11.0.0 (RQ1A.210105.003, Jan 2021)". But the general idea is the same for other builds, you just need the correct files for your device.
coral-rq1a.210105.003-factory-dtbo.img: https://www.androidfilehost.com/?fid=17248734326145709335
coral-rq1a.210105.003-factory-boot.img: https://www.androidfilehost.com/?fid=17248734326145709334
February 2021 sideload OTA zip: https://dl.google.com/dl/android/aosp/coral-ota-rq1a.210205.004-8fe8685c.zip
DO NOT BOOT BACK INTO O/S UNTIL ALL STEPS ARE COMPLETED - THIS ENSURES EVERYTHING BOOTS BACK UP WITH MAGISK / EDXPOSED ALL RUNNING PROPERLY RIGHT AWAY
1. boot into bootloader
----------------
** I was on custom kernel, so I needed to flash BOTH the stock boot and dtbo images
2. fastboot flash boot coral-rq1a.210105.003-factory-boot.img
3. fastboot flash dtbo coral-rq1a.210105.003-factory-dtbo.img
......* these steps to restore stock recovery; dtbo.img also necessary for some kernel installations.
......* won't hurt to flash both anyway, so if you're unsure, go ahead and do both.
-----------------
4. use volume keys to change selection to boot to Recovery Mode
......- when you reach the android symbol with No Command, hold power button, tap volume up, in case you've forgotten
5. choose option "Apply update from ADB"
6. adb sideload coral-ota-rq1a.210205.004-8fe8685c.zip
7. Once the OTA sideload is done, Reboot to bootloader (you'll also notice it's now on the other slot after OTA flashed)
8. fastboot flash boot coral-rq1a.210205.004-magisk_patched-21.4.img
9. done, start the phone
(Optional - Flash custom kernel. If you had a custom kernel, you need to re-flash it)
This is a 100% seamless update that requires no additional / re-setup of any of my Magisk or EdXposed setups. All of the factory files can be found here https://developers.google.com/android/images. boot.img and dtbo.img are in their corresponding full Factory Image zips, and the ota zip is under Full OTA Images.
-------------------------------------------------
-------------------TROUBLESHOOTING-------------------
-------------------------------------------------
Issues after updating?
If you end up unable to boot or bootlooping afterwards, you most likely have an old Magisk module that isn't playing nice with the new build. There are 2 main things you can do:
1. Flash the new factory untouched boot image. You will of course lose root, and all modules will be disabled. However, it should at least get you able to boot back up quickly and have a working phone if you're in a bind.
2. I would recommend checking Tulsadiver's thread: https://forum.xda-developers.com/pixel-4-xl/how-to/magisk-modules-disabler-booting-magisk-t3990557
Instead of reverting to stock boot image, fastboot boot (NOT FLASH) Tulsadiver's boot image. This will boot your phone in Magisk Core-Only Mode, with all modules disabled but root retained. From here you can open Magisk Manager and disable suspect modules. Before rebooting, go to Magisk Manager's settings and disable Magisk Core-Only Mode. Once you disable the incompatible module, the phone should boot back up.
- See this post (or thread) for more tips / context / an example: https://forum.xda-developers.com/showpost.php?p=82509691&postcount=16
** As of newer Magisk builds, you can just try booting up in safe mode, which should disable Magisk and allow you to disable whatever needs to be disabled. Haven't needed to try it yet, so I can't go into more detail, but I would recommend trying that instead.
thank you for prompt updates! I use your guide and files every time
Used your files and it worked without a problem. Thank you very much
this method no longer works after i use a new windows installation. All seems normal except phone gets stuck in "Phone is starting" and i have to format userdata for it to work again.
It was working previously and i use the same magisk modules. Ill try from ubuntu next month
Maybe someone could know whats causing the issue because i did not missflash anything and all files were downloaded properly. Im pretty sure its windows but who knows lol
fuarkgl3 said:
this method no longer works after i use a new windows installation. All seems normal except phone gets stuck in "Phone is starting" and i have to format userdata for it to work again.
It was working previously and i use the same magisk modules. Ill try from ubuntu next month
Maybe someone could know whats causing the issue because i did not missflash anything and all files were downloaded properly. Im pretty sure its windows but who knows lol
Click to expand...
Click to collapse
I would check that you're using latest adb / fastboot (Google's Android SDK platform tools) and Google USB drivers, and that when your phone is in bootloader mode and plugged in, Windows' Device Manager shows it as the correct type of device (Portable Devices -> Pixel 4 XL). You may need to update drivers and manually install the Google USB driver package over that device.
Also, maybe bad download, try another cable, etc the usual stuff. And sorry for the late response. =)
edit: oh, and also you can get conflicts if you have other adb / fastboot sets installed. For example, the "minimal adb fastboot" package, or HTC Sync Manager, they may install their own adb / fastboot binaries and set their paths into your environment variables. I know you said new Windows installation, but I figured it was worth mentioning anyway.
So I can do all this just fine, my issue is I can't pass safetynet and I feel like I'm missing something simple. Anyone care to writeup or point me in the direction explaining to a 5 year old (well, one born 40 years ago) how to do the magiskhide deal today? My bank apps and everything work - except for hulu (so even just a modded apk would do.
No need for MagiskHidePropsConfig anymore. Just flash this: https://github.com/kdrag0n/safetynet-fix/releases/tag/v1.1.1
If you have Xposed installed, you'll have to make sure to enable pass safetynet mode (basically just blacklists certain Google apps from Xposed hooking).
Thanks again @i5lee8bit for this guide!
I updated to the latest February patch alllll the way from Android 10, August 2020 security patch!
It took a couple of hours but everything went smoothly.
to moderators: this is my first thread ever, and thought a complete guide like this really has to be done. if it's not right or not in the right place, do what is right
Click to expand...
Click to collapse
Since there are only 3 useful guides about modifying this specific phone, and some really don't answer a few barriers placed in our way by HMD Global and its ridiculous OEM unlocking restrictions (-_-), and also Google probably dropped making OTA updates for it (which was very important to me, because Android 9 and 10 had bugs), I decided to mix them all up (I will give credits, obv) and add some more info I found and create a thread which will work on Android 11, which worked on my phone, not tested on another Nokia 2.2.
Hope it helps y'all!!
Part 0: Preparations
WARNING: Your storage will be wiped completely!! so make sure to back everything you need up before doing anything. Unless you have bricked/soft locked your phone, then in that case you can use MTK Client app to backup userdata.bin (more info on Part 1-2, marked with a )
Requirements:
A good computer
Obviously a network connection on your computer for downloading files, and on your phone if you wanna update thru OTA
USB cable, capable of transferring data, and without any annoying repeated disconnections or "has to be put in the right angle and position". Just use a fresh one
VCOM and adb drivers, which can be a little annoying getting them to work. Best option is to install 15 seconds minimal ADB and make sure you say Yes when it asks if you want to install device drivers.
Android SDK Platform tools, which can be downloaded from here (NOTE: You have to use Platform tools. minimal adb will NOT work with fastboot on this device. So go to C:\adb and delete everything in there, then extract platform tools in that folder instead)
and the most important of them all: MTK Client by Bkerler which can be downloaded from here. Follow the installation instructions in the link, install Git and Python and also usbdk installer featured in the Github instructions for MTK Client
All done? Great! moving to the next part
Part 1: Unlocking the bootloader
The most annoying part. Thanks to hikari_calyx for their awesome guide on how to unlock the bootloader for this phone. We will follow it step by step until we reach step 6, where we are about to flash all those backed up img's back using mtk-su. Here's the problem, you can use mtk-su only on Android 9. it doesn't work on Android 11 sadly. so we just make sure we have unlocked sec1.img and seccfg.img in a safe place, then install a fresh stock Android 9 rom om our phone with any method we are most comfortable with, like SP Flash tool like in the guide, or booting into recovery and sideloading thru adb or from sdcard. just search the net and I'm sure you will find a loooot of sites explaining how you can flash a stock android on your phone. Just make sure you won't mess IMEI and Serial Number up!!!
**There is a "unlock bootloader" option in the flash tools tab of MTK Client. haven't tried it out myself but you can give it a try**
Extra: Booting into stock recovery
There is another detailed guide on how to enter recovery mode, by foobar1123321 which you can see in here. You might need it to apply updates to your phone
After flashing and updating your OS to latest version of Android 11, it's time for Unlocking the bootloader again. but sadly, Unlocked OEM doesn't let OTA updates to be received, and trying to flash sec1.img and seccfg.img on Android 11 is not possible without root, and root is not possible without OEM unlocking :\
So here comes the neat part, MTK Client
Part 1-2: Unlocking the bootloader again
Go to the folder where you installed MTK Client (hopefully you know how git works and got it cloned and working, if no, then read Installation instructions carefully in their Github page), and open a CMD window there by typing in cmd in the address bar. then write python mtk_gui and hit enter. Do not use mtk_gui.bat since it will close the cmd and not work. Do NOT close this cmd tab. After a while, the app will start and asks you to connect your phone.
Shut down the phone, and after 5 seconds, press and hold both volume up and down keys (without the power button) and connect the phone to your computer via cable while still holding the volume buttons. If you have installed the drivers successfully, then you'll see some texts generate in the cmd window, and will (probably) wait for the Preloader VCOM.
you can let go of the volume keys.... but not for so long. Disconnect the USB cable, hold volume keys, and connect the phone again and you'll see that MTK Client successfully gets access to your phon. YAAAY!!
now you can let go of the volume keys
Go to "Read partitions" tab, and select Boot_a, Boot_b, sec1, and seccfg (make sure you wouldn't mistake them with unlocked sec1 and seccfg)
And then click on Read partitions button in the right side, and choose a location to save these partitions
You can also check userdata, if you have bricked/soft locked your phone and wanna backup your Internal storage data. You can flash it again with this app after you have fixed your phone. and if the problem wasn't caused by your data, you can use them again like you never wiped your phone
After everything is backed up, go to "Write partitions" tab, and find sec1 and seccfg, click on "set", browse and select the respective unlocked partitions we got in Part 1 (you may need to change their extension from .img to .bin for them to show up)
Click on "Write partitions", and done! You have unlocked your OEM on Android 11!! and if everything is done correctly, you'll see
Orange state Your device is unlocked and cannot be trusted Your device will boot in 5 seconds...
Click to expand...
Click to collapse
or something like this when powering it on, congrats!!
Part 2: Installing TWRP
from the official TRWP page for Nokia 2.2, download the latest TWRP image file and move it to c:\adb on your computer and rename it to twrp.img
you will also need to download a stock vbmeta image, which can be found here or simply by reading it from your phone via MTK Client (there will be two A/B partitions, any of them works) and rename the downloaded/grabbed file into vbmeta.img and move it to c:\adb
power off your phone, then boot into fastboot by holding Volume down + Power for a few seconds, until it says FASTBOOT MODE => then connect the phone to a PC, and write:
fastboot –disable-verity –disable-verification flash vbmeta vbmeta.img
Click to expand...
Click to collapse
and then
fastboot flash boot twrp.img
Click to expand...
Click to collapse
Now we have the latest TWRP on our Nokia 2.2 , but seems like accessing TWRP is only possible by either rebooting to recovery when the phone is powered on, via Magisk, Termux, or any other app with power options (after rooting the phone), or writing this when the phone is in fastboot mode:
fastboot reboot recovery
Click to expand...
Click to collapse
You can use TWRP and all of its awesome features now, except for MTP, backup, reading userdata partition, etc. to fix that, you gotta wipe internal storage, so make a backup of your files before processing.
**IMPORTANT: Do not flash TWRP after rooting the phone or it will unroot it**
Part 3: Rooting via Magisk
I'm gonna use Magisk because... it's better than other SU apps. Get it from here and install it on your phone. Now that you have your OEM unlocked and boot partitions too, you just have to copy the partitions we got via MTK Client on your device, launch Magisk app, select Install Magisk, then choose a file, which is gonna be Boot_a.
Wait until patching is finished, and after it's done, go into downloads folder and rename it to Boot_a or you will get confused later
After that you can choose Boot_b to be patched, and after it's done, rename it to Boot_b too
Copy them both to C:\adb from your phone to your pc, and power off your phone
after you get sure device is not connected to the computer via cable, and is powered off, hold down the volume down key with power button, until your phone boots into fastboot mode
Now open a cmd in C:\adb, and write
fastboot flash boot_a boot_a.img
fastboot flash boot_b boot_b.img
Click to expand...
Click to collapse
when done, disconnect your device, and restart. You can check the Magisk app, and realize you now have superuser permissions!!!
**UPDATE** Part 3-2: Hiding Magisk
Hiding Magisk and bypassing SafetyNet is another challenging problem on this phone. Cause when you try to Hide the Magisk app, you'll come to a simple "Failed!" error which is most probably caused by SELinux status. To fix this we gotta install some modules
First of all, install Busybox from Google Play or any other source. It's not necessary, but it's good to have. simply just install it, no need to restart
Then we need to install a module called SELinux permissive (wow, how unique ;w; ) by evdenis, which can be found here. download the zip in your phone, open the Magisk app, and in the modules tab browse for our newly downloaded zip and wait until the operation is done. Reboot your phone, and you are now able to hide Magisk app without any problem.
So do so, open Magisk -> settings -> hide the Magisk app. Choose a name (settings by default) and wait until app launches itself, asking you to add a shortcut to your home screen (optional). This way, your Magisk app now has a random package name and signature and can't be detected by other apps. Now moving to the next part
Bypassing the SafetyNet:
First, in Magisk settings, enable Systemless hosts. it will add its module to the modules tab. check if it's enabled
Then toggle Zygisk in Magisk settings, and restart your phone again (2 restarts? alright no problem)
Once your phone booted up, on the main screen of Magisk, check if it says Yes in front of Zygisk. if yes, than congrats! we are not down yet tho
Go to Magisk settings and toggle Enforce DenyList, don't reboot for now (yes, there is a 3rd one coming ), but go to Configure DenyList and choose the following apps
Google Play Service
Google Play Store
Google Service Framework
Google Play Protect Service (which is probably not present, but wrote it just in case it is on your phone)
Click to expand...
Click to collapse
and also you can choose your banking apps, or any app that prevents you from using them like Netflix or some games. Now you gotta restart (third time is the charm )
Now we gotta install another module which is Universal SafetyNet fix by kdrag0n which can be found here. Download it to your phone, choose it in Magisk module browser, wait for it to finish, and restart (I'm losing my control!!! Hmph!)
Now that we did all this, we have to clear data of apps in our DenyList so they would never remember if we ever had root or no
Go to settings (the actual settings, not our now hidden Magisk app) -> Apps -> all apps -> tap the 3 dots on top -> show system apps, then find all the apps you added to your DenyList and clear their data (not cache, data itself)
Now that this is down, restart your phone ((╯°□°)╯︵ ┻━┻) it's the last time, so you can stop raging now (┬─┬ノ( º _ ºノ))
Now we can install an app like YASNAC and run SafetyNet attestation, if the results showed two pass checks, Congratulations, you bypassed SafetyNet!!!
Totally worth the restarts. (Thanks to Droidwin for their article)
And that's it!! Hope you enjoy your now rooted Nokia 2.2 phone with Android 11
Great guide, and yes mtkclients unlock will work but it may put Ur device into verity eio mode
¿Can I use the Part 3-2 to hide Magisk in Android 9 instead of 11?, I find stock Android 11 very laggy and unstable on my phone (using the camera on any app can take from 1 to 3 or 4 tries to get it working, for example), and Android 9 has served me waaaaay better. However, my banking app refuses to work with root.