Related
I started looking at Android Development and got the whole Dev kit and the Eclipse enrionment setup and working fine.
The question I have is that I would try different apps I develop on the different ROMs available.
How do I get any of the new ROMs, like the HERO ROM ZIP files I can download to run in the emulator or is it even possible?
Im assuming that the system.img file in the SDK id the file I need to replace or re-create, but how is this done?
I am a noob to the develop stuff so step by step instructions would be much appreciated.
I also think this would be great for other developers and ROM makers to be able to test in this way.
Thanks
Simon
Hopefully THIS one dont get closed, it IS asking a development question...anyway,
I would like to know this as well. I would like to test things myself (getting better at manipulating them), and would like to know what he is asking as well.
Thanks.
I don't think this would work, as the ROMs are hardware depending, me thinks. Or at the least the kernel and drivers are.
maybe this will help, maybe not, just an emulator primer, so maybe people can jump on board with this
under <sdk path>/tools
to list out your AVD(android virtual device)
android list targets
will return:
Available Android targets:
id:1
Name: Android 1.1
Type: platform
API level: 2
Skins: HVGA (default), HVGA-L, HVGA-P, QVGA-L, QVGA-P
id:2
Name: Android 1.5
Type: platform
API level: 3
Skins: HVGA (default), HVGA-L, HVGA-P, QVGA-L, QVGA-P
id:3
Name: Google APIs
Type: add-on
Vendor: Google Inc.
Description: Android + Google APIs
Based on Android 1.5 (API level 3)
Libraries:
* com.google.android.maps (maps.jar)
API for Google Maps
Skins: HVGA (default), HVGA-L, QVGA-P, HVGA-P, QVGA-L
from here we choose our integer target, lets say 2
creating an AVD:
android create avd -n your_chosen_name_here -t 2
When you create an AVD, the android tool creates a dedicated directory for it on your development computer. The directory contains the AVD configuration file, the user data image and SD card image (if available), and any other files associated with the device. Note that the directory does not contain a system image — instead, the AVD configuration file contains a mapping to the system image, which it loads when the AVD is launched.
By default, the android tool creates the AVD directory inside ~/.android/avd/ (on Linux/Mac), C:\Documents and Settings\<user>\.android\ on Windows XP, and C:\Users\<user>\.android\ on Windows Vista
Click to expand...
Click to collapse
to run your newly created AVD:
emulator -avd your_chosen_name_here
maybe this will help, but I'm guessing everyone here already knows all of this.
references:
http://developer.android.com/guide/developing/tools/emulator.html#starting
Yeah, I understand that you can specify the AVD.
The only thing now is to edit the AVD to point to a different image. This is easy!
The system image file is a *.img file.
So how do we get our ROM images compiled into the IMG file format?
There must be a tool, but I cant find anything.
And what hardware does the emulator, emulate? Maybe it ignores the hardware specific calls throu an API so the ROM image target hardware shouldn't matter.
I just started messing around with rom's and after I build one I put system.img userdata.img and ramdisk.img from my /mydroid/out folder into the sdk's image folder and start the and it uses the new rom when I start the emulator
thats the easy part
do a nandroid backup
copy the sdk/platforms/android-1.5
to something like sdk/platforms/MINE
go to your AVD directory AVD/whateveryoucalledit
open up the config.ini
edit:
skin.name=HVGA
skin.path=platforms\MINE\skins\HVGA
image.sysdir.1=platforms\MINE\images\
go to your nandroid backup on your sdcard
copy system.img
go to sdk/platforms/MINE/images/
and paste the nandroid system.img
now run your AVD and it will boot that system.img
im running CyanogenMod rom right now in the emulator
hint* number pad 7 with numlock off in the emulator is how to open up the hardware keyboard
Awesome. I'll be giving this a try later.
One question: The apps are in the system.img file on the SDK images as far as I can tell. What do you do with all the apps in the new ROMs?
whatever you want to do with them, they're all there, even android market works perfectly
And where are you guys getting the system.img file from?
The ROM zip files dont have them.
Sorry....Im noob to this. LOL
ggolemg said:
whatever you want to do with them, they're all there, even android market works perfectly
Click to expand...
Click to collapse
OK, Im confused. Can you just unzip the ROM files and place in the folder that you point using the same folder structure?
OR
Do you have to have a system.img ?
Another thought:
I dont want to have to install all the ROMs just to create a Nandroid backup to get the images. There must be a way to create the images from the raw files in the ZIP files.
Any ideas?
UPDATE: The same technology used by Nandroid itself!
The google android emulator included in the google android sdk is limited. Although you can use 'adb push' to upload more tools, but one has to do it again next time. Follow the steps to create a enhanced system.img:
1. system.img is yaffs2 flash file system, so firstly you need the mkfs.yaffs2 tool, download it in the following link: Release Android Yaffs2 Tool (Both X86 And ARM). One has to be a registered user to download the tools.
2. use the 'adb push' to upload tools to android emulator, executables in /system/bin/, libraries in /system/lib, one can also create folder. One need change the file mode necessary.
3. upload the ARM mkfs.yaffs2 tool, use the following command to create system.img: # mkfs.yaffs2 /system /system.img
4. download the system.img to local with command 'adb pull', replace the system.img in your emulator folder/tools/lib/images/
Click to expand...
Click to collapse
so it seems like it would be just as much fun doing a nandroid backup
*edit*
so now the real question is, how do we go about ripping out the nandroid functionality to be able to do this locally?
*edit 2*
it is the mkfs.yaffs2 tool
Usage:
mkfs.yaffs2 yourdir yourimage
Ohsaka said:
NANDROID - CYGWIN DIRECTIONS (not not not, I repeat, not fully tested and verified yet)
Changes so far if you are using cygwin:
1) Make sure you have the 'netcat' and 'gcc' packages, else just run cygwin.exe again and get them.
You can test if you have them by running 'which nc' and 'which gcc', both commands should return /usr/bin/<command>
2) Compile the mkyaffs2image executable.
Inside the extracted nandroid archive directory, goto the tartools\yaffs2\utils\ directory (inside a cygwin prompt) and type 'make'.
This should generate a file named "mkyaffs2image.exe" which you need to place somewhere on your path.
(Hint: If you haven't downloaded the Android SDK, abort now. Wait for more explicit directions... Else, place the .exe where adb is, since it should be on your path already)
3) Edit the nandroid.sh script. (else you get a permission denied error when the script tries to run the dump_image-arm file)
Find the line:
adb push ./$tool /cache/$tool
Add the following line after it:
adb shell chmod 777 /cache/$tool
4) Make a managed mount named /tmp (else windows will puke on the long unix filenames with colons, etc)
mkdir /tmp
mount -o managed c:/cygwin/tmp /tmp (Note: change c:/cygwin to be the directory cygwin was installed to, you can find it by typing 'cd /' and then 'explorer .')
5) Follow the standard "tar + mkyaffs2image" directions to generate the last three .img files. They refer to the /tmp directory which you created in the previous step.
Viola! Looks like I have a complete backup image now...
$ ls -l
total 117504
-rw-r--r-- 1 Osaka None 2621440 Jun 12 21:31 boot.img
-rw------- 1 Osaka None 737088 Jun 12 22:07 cache.img
-rw------- 1 Osaka None 53570880 Jun 12 22:06 data.img
-rw-r--r-- 1 Osaka None 262144 Jun 12 21:31 misc.img
-rw-r--r-- 1 Osaka None 5242880 Jun 12 21:31 recovery.img
-rw------- 1 Osaka None 57885696 Jun 12 22:06 system.img
Now I just need to drink up the courage to test it on my phone!
Click to expand...
Click to collapse
ggolemg said:
so it seems like it would be just as much fun doing a nandroid backup
*edit*
so now the real question is, how do we go about ripping out the nandroid functionality to be able to do this locally?
*edit 2*
it is the mkfs.yaffs2 tool
Usage:
mkfs.yaffs2 yourdir yourimage
Click to expand...
Click to collapse
Is this for Linux (which I don't have) and if so, is there a Windows version?
short answer: yes its only for linux
long answer is a plea for help i posted in the nandroid thread about it:
I was wondering if there was a method to use the yaffs3 command to make a system.img from an unzipped rom placed on the sdcard through ADB, from what I've seen nandroid is almost exactly what I'm after.
The issue of why I can not just do this through linux, i can. I just want to be able to do it through windows some way without loading the entire rom on the phone and nandroiding the system.img out.
Either the aforementioned method, or the ability to mount a portion of my computers hard drive as a recognizable mountable partition within android running on the usb connected phone, loading the rom on that partition, unzipping it there, running ADB and making the system.img. But this way seems to bring up more problems than it's worth.
Or.. running the make yaffs3 command through ADB running the emulator with the rom unzipped on the virtual sdcard. This would actually be the best option as it would not require an actual phone.
I hope someone can help. Thank you very much.
Click to expand...
Click to collapse
hopefully someone knows the answer, I'm still trying though.
so on windows we would adb push the update.zip to the sdcard on the emulator
unzip it on the sdcard, there are apps for that
adb shell mkfs.yaffs2 sdcard/<extractedzipfilename>/system/ sdcard/system.img
adb pull the newly created system.img and proceed to load it in the emulator
i know im missing a ton here, please someone correct me
I'd love to be able to run these images in the emulator on windows!
ggolemg said:
thats the easy part
do a nandroid backup
copy the sdk/platforms/android-1.5
to something like sdk/platforms/MINE
go to your AVD directory AVD/whateveryoucalledit
open up the config.ini
edit:
skin.name=HVGA
skin.path=platforms\MINE\skins\HVGA
image.sysdir.1=platforms\MINE\images\
go to your nandroid backup on your sdcard
copy system.img
go to sdk/platforms/MINE/images/
and paste the nandroid system.img
now run your AVD and it will boot that system.img
im running CyanogenMod rom right now in the emulator
hint* number pad 7 with numlock off in the emulator is how to open up the hardware keyboard
Click to expand...
Click to collapse
Hm, the emulator just hangs on the ANDROID.. message, similar to when the standard system.img was in.
anyone figure out how to do this on a mac?
thanks if anyone can.
johnnylicious said:
anyone figure out how to do this on a mac?
thanks if anyone can.
Click to expand...
Click to collapse
I found this somewhere else and take no credit for it. I did shorten the steps.
Of course this is once you have the sdk installed on your mac
1. Run Terminal, and change to the 'tools' directory of the SDK (or add the tools directory to the path settings in ~/.profile).
2. Type './android list target'
3. Note the 'id' number of the '1.5' target (in my case it's '2')
4. Type './android create avd -n enhanced -t 2' (substitute 2 with the target number determined above if required)
5. You will be prompted to create a hardware profile. {You can leave as default no}
6. Use nandroid to create a backup then copy system.img
7. Copy file to ~/.android/avd/enhanced.avd/system.img
8. You're ready! Type './emulator -avd enhanced' to run! Note: inital boot may take a few minutes!
Can anyone post up the
Android Yaffs2 Tool (Both X86 And ARM)
for download? The above link doesn't work. I did a google search and all the D/L links are referring to the same location.
thanks!
[GUIDE] Make your android device True Root! - by Napalm
I did this on my Nexus 7 but it should all still apply to most devices. You might need to follow different driver advice for other devices.
Pre-requirements:
Installation of the SDK platform-tools.
Have platform-tools directory of the SDK in your PATH environment variable (Google this if your unsure).
This was all done a Windows installation, but access to Linux will be required later on. Mac users might be able to get away with doing the Linux portions directly on there computer. Please let me know if your a Mac user and have had success with this and I will update the guide with details.
Step 1: Driver Installation (READ THIS, do not skip)
First I needed to update to the usb_driver from SDK and then modify the installation inf with the IDs for Nexus 7.
Browse to your SDK directory and futher into <SDK>\extras\google\usb_driver
Open android_winusb.inf in your favorite text editor.
Find the appropriate section Google.NTx86 if your on 32bit or Google.NTamd64 if your on 64bit (doesnt matter that your using intel chip). Now find the ";Google Nexus 7" line inside that section and you'll see a series of settings below. Add the following lines at the end of that block.
Code:
%CompositeAdbInterface% = USB_Install, USB\VID_18D1&PID_4E44&MI_01
%CompositeAdbInterface% = USB_Install, USB\VID_18D1&PID_D001
These are the identifiers for the Nexus 7 recovery and bootloader usb connections.
Step 2: Standard Root
Next you'll need access to the bootloader and recovery mode so follow this guide to unlock and "root" your device. http://forum.xda-developers.com/showthread.php?t=1741395
Here I've laid out the steps I did instead of the above. Remember this wipes your device and its internal memory completely, so backup your data.
All local work is done from the desktop, so when you first open a command prompt or if you close it and reopen it enter the following.
Code:
cd Desktop
Download CWM recovery image to Desktop. http://goo.im/devs/birdman/CWM-grouper-recovery.img
Download SuperSU CWM update zip to Desktop. http://forum.xda-developers.com/showthread.php?t=1538053
Go to Start or Start>Run and type in: cmd
Code:
cd Desktop
fastboot oem unlock
fastboot flash recovery CWM-grouper-recovery.img
adb reboot recovery
Now the device will reboot into recovery mode. If windows asks for drivers for the "new" usb connection direct the wizard to your <SDK>\extras\google\usb_driver. And the earlier modifications made in Step 1 should mean it installs the device and adb link.
Once drivers are installed and every is good go back to the command prompt, and type
Code:
adb devices
It should list your device with the word "recovery" next to it. If it doesn't then your device is not in recovery mode. Now enter in the following commands into the command prompt and it will make your devices CWM installation permanent.
Code:
adb shell
mount /system
cd /system
mv recovery-from-boot.p recovery-from-boot.bak
umount /system
exit
Now to install SuperSU. Tap "reboot system now" on the screen (if you dont see CWM, press the power button to show/hide it). Wait for the reboot. And then enter the following into the command prompt.
Code:
adb push CWM-SuperSU-v0.94.zip /sdcard
adb reboot recovery
Wait for reboot. You should see an image in the center of the screen. You might have to press the power button to toggle the visibility of the CWM menu. If you miss-tap on the screen, the power button acts like a back button and will return you to the previous menu screen.
Tap "install zip from sdcard" and then "choose zip from sdcard". Then select the CWM-SuperSU-v0.94.zip file (You may have to use the vol-up/down keys to highlight this if the file is listed off the bottom of the screen)
Let that install and then go back on the menus and choose "reboot system now".
Now if all is well after the reboot, if you run the following commands in command prompt.
Code:
adb shell
su
SuperSU might now prompt you on your devices screen to accept the root access, and then hopefully your command prompt should end in a # (this means you are root user 0). Now type exit twice to get back to the windows command prompt.
Now if you were to type "adb root" you will notice it tells you adbd is not able to go "full root". This will be solved in the next step. This is going to get complicated. You have been warned.
Step 3: True Rooting!
Now your device is "rooted". This is true, you now have a "su" binary installed and a visible app in the OS to manage super user privileges, but as a developer I want to be able to use things like "hierarchy viewer" on my live device. And have the room to do what I need to debug complex situations. So this is where True Root comes in. This essentially turns the device into a debug device that you would get direct from the manufacturer.
You may be able to get away with doing the following in a different way and you may not need to compile anything since fastboot has a boot flash option, but since I've never used this I've done it this way. If you prefer you can explore things in that direction, but be warned I've not tried it and so I have no idea if it would work.
Now for this step you will need access to a Linux installation. If you've never used Linux before don't be too afraid. But I am going to have to gloss over a few things. If you need further help on this step you will need to post in the topic and allow the community to advise on best pratices.
If you dont have access to a Linux installation or your newb to Linux then go here and follow the steps. It will add Linux to your PCs boot options and then you can go in and out of Linux when you need it. http://www.ubuntu.com/download/help/install-ubuntu-with-windows
Remember if your working on this step from a fresh Linux install like the above then you will probably want to install the android sdk for linux, at least enough to use adb from linux. This topic might help with this: http://forum.xda-developers.com/showthread.php?t=537508
Ok now from Linux follow along. You'll need git installed for this "apt-get install git".
We now need to compile the apps needed to modify our boot image. Details can be found here https://gist.github.com/1087757 but you might just want to follow my specific instructions.
Open a console window and type.
Code:
git clone https://android.googlesource.com/platform/system/core
cd core/libmincrypt
gcc -c *.c -I../include
ar rcs libmincrypt.a *.o
cd ../mkbootimg
gcc mkbootimg.c -o mkbootimg -I../include ../libmincrypt/libmincrypt.a
cd ../cpio
gcc mkbootfs.c -o mkbootfs -I../include
cd ../..
git clone https://github.com/beide/Bootimg-scripts.git
cd Bootimg-scripts
cp ../core/mkbootimg/mkbootimg ./
cp ../core/cpio/mkbootfs ./
Ok that has prapared the a Bootimg-scripts directory with the perl scripts we need and compiled binaries they use. Now make sure you have perl installed "apt-get install perl".
This is where things are going to split and it becomes your best guess as to how to proceed. I will show you the method I used from Windows. But if you have a installation of the SDK in Linux then you should be able to just open a new console and continue from here and ignore the bits I used to transfer files between Linux and Windows.
Back to the command console on Windows. We use adb to identify our boot partition and extract it.
Code:
adb shell cat /proc/partitions
You will now be presented with a list of paritions on your Nexus 7. Each block here for my device is 1K. So I'm looking down the list and I see one thats 8192 blocks, called "mmcblk0p2". Thats 8MB and I'm taking a educated guess that this is the boot partition, and for my Nexus 7 it is. (Note: if anyone has a better way of determining the boot parition please let me know).
Now we need to take a image of the partition. From here on out replace my partition device name in the commands below with yours if it differs.
Code:
adb shell
cat /dev/block/mmcblk0p2 > /sdcard/boot.img
exit
adb pull /sdcard/boot.img
Now if you want to confirm that this is the boot partition you will need to open the image file in your favorite hex editor and confirm the first bytes of the file are "ANDROID!" in ascii.
Now I FTP'd this image file over to my Linux box and into the Bootimg-scripts directory we created previously. If your following these steps from Linux then you should be able to open up the file manager and move the file into the folder.
Now back to Linux. We'll need to modify repack-bootimg.pl with a text editor of your choice. I leave this up to the reader. We need to modify line 19 the system call so that it starts with "./mkbootimg" rather than "mkbootimg". This is so perl fines mkbootimg in the local directory rather than anywhere else.
Now type in the linux console we had open in the Bootimg-scripts directory the following command.
Code:
perl ./unpack-bootimg.pl boot.img
ls -l
You should see boot.img-kernel.gz and boot.img-ramdisk.cpio.gz and a directory boot.img-ramdisk.
Open boot.img-ramdisk/default.prop in your favorite text editor and make the following adjustments.
ro.secure=1 should be edited to ro.secure=0 and ro.debuggable=0 should be ro.debuggable=1 and if you want ro.allow.mock.location can also be changed to 1 if you like.
Now we've made the required changes to our initrd (initial ramdisk) files we need to repack them to put back on the device.
Code:
perl ./repack-bootimg.pl boot.img-kernel.gz boot.img-ramdisk boot-debug.img
You will now have a new file called boot-debug.img. This contains our modified initial ramdisk. It will probably be smaller than the original. This is no concern as the original we copied was an image of the entire disk including the unused areas, where as the new image is only the data we need.
I now FTP'd this file back to my Windows machine, but as before if your doing this from Linux then you can just carry on.
We now need to flash this image file back onto the Nexus 7 replacing our current boot image. To do this we need to put the device into bootloader mode.
Back to your console/command window, and enter in.
Code:
adb reboot bootloader
Windows might want to install drivers and as before direct the wizard to <SDK>\extras\google\usb_driver.
Once your device is in bootloader mode. Go back to the console/command and enter in.
Code:
fastboot flash boot boot-debug.img
fastboot reboot
Now cross your fingers and hopefully you will get the boot loading animation and your device will get back to the Android launcher.
Now finally from your console/command window type in:
Code:
adb root
Hopefully if all is well it should reply with "adbd is already running as root". Now if you type in:
Code:
adb shell getprop ro.debuggable
It should tell you that its set to 1, meaning it is switched on.
Congratulations!! You have now True Rooted your device!.
You can now debug even system level apps, see log messages from all processes and logcat will now resolve all app names. Use Hierarchy Viewer on a live device instead of the horrible emulator. Do absolutely everything with your device that you want.
Happy hacking,
Napalm :good:
better late than never.....a thorough quide
Thanks for this guide.
Sent from my Nexus 7
Thanks.
Napalm2 said:
[GUIDE] Make your android device True Root! - by Napalm
I did this on my Nexus 7 but it should all still apply to most devices. You might need to follow different driver advice for other devices.
Pre-requirements:
Installation of the SDK platform-tools.
Have platform-tools directory of the SDK in your PATH environment variable (Google this if your unsure).
This was all done a Windows installation, but access to Linux will be required later on. Mac users might be able to get away with doing the Linux portions directly on there computer. Please let me know if your a Mac user and have had success with this and I will update the guide with details.
Step 1: Driver Installation (READ THIS, do not skip)
First I needed to update to the usb_driver from SDK and then modify the installation inf with the IDs for Nexus 7.
Browse to your SDK directory and futher into <SDK>\extras\google\usb_driver
Open android_winusb.inf in your favorite text editor.
Find the appropriate section Google.NTx86 if your on 32bit or Google.NTamd64 if your on 64bit (doesnt matter that your using intel chip). Now find the ";Google Nexus 7" line inside that section and you'll see a series of settings below. Add the following lines at the end of that block.
Code:
%CompositeAdbInterface% = USB_Install, USB\VID_18D1&PID_4E44&MI_01
%CompositeAdbInterface% = USB_Install, USB\VID_18D1&PID_D001
These are the identifiers for the Nexus 7 recovery and bootloader usb connections.
Step 2: Standard Root
Next you'll need access to the bootloader and recovery mode so follow this guide to unlock and "root" your device. http://forum.xda-developers.com/showthread.php?t=1741395
Here I've laid out the steps I did instead of the above. Remember this wipes your device and its internal memory completely, so backup your data.
All local work is done from the desktop, so when you first open a command prompt or if you close it and reopen it enter the following.
Code:
cd Desktop
Download CWM recovery image to Desktop. http://goo.im/devs/birdman/CWM-grouper-recovery.img
Download SuperSU CWM update zip to Desktop. http://forum.xda-developers.com/showthread.php?t=1538053
Go to Start or Start>Run and type in: cmd
Code:
cd Desktop
fastboot oem unlock
fastboot flash recovery CWM-grouper-recovery.img
adb reboot recovery
Now the device will reboot into recovery mode. If windows asks for drivers for the "new" usb connection direct the wizard to your <SDK>\extras\google\usb_driver. And the earlier modifications made in Step 1 should mean it installs the device and adb link.
Once drivers are installed and every is good go back to the command prompt, and type
Code:
adb devices
It should list your device with the word "recovery" next to it. If it doesn't then your device is not in recovery mode. Now enter in the following commands into the command prompt and it will make your devices CWM installation permanent.
Code:
adb shell
mount /system
cd /system
mv recovery-from-boot.p recovery-from-boot.bak
umount /system
exit
Now to install SuperSU. Tap "reboot system now" on the screen (if you dont see CWM, press the power button to show/hide it). Wait for the reboot. And then enter the following into the command prompt.
Code:
adb push CWM-SuperSU-v0.94.zip /sdcard
adb reboot recovery
Wait for reboot. You should see an image in the center of the screen. You might have to press the power button to toggle the visibility of the CWM menu. If you miss-tap on the screen, the power button acts like a back button and will return you to the previous menu screen.
Tap "install zip from sdcard" and then "choose zip from sdcard". Then select the CWM-SuperSU-v0.94.zip file (You may have to use the vol-up/down keys to highlight this if the file is listed off the bottom of the screen)
Let that install and then go back on the menus and choose "reboot system now".
Now if all is well after the reboot, if you run the following commands in command prompt.
Code:
adb shell
su
SuperSU might now prompt you on your devices screen to accept the root access, and then hopefully your command prompt should end in a # (this means you are root user 0). Now type exit twice to get back to the windows command prompt.
Now if you were to type "adb root" you will notice it tells you adbd is not able to go "full root". This will be solved in the next step. This is going to get complicated. You have been warned.
Step 3: True Rooting!
Now your device is "rooted". This is true, you now have a "su" binary installed and a visible app in the OS to manage super user privileges, but as a developer I want to be able to use things like "hierarchy viewer" on my live device. And have the room to do what I need to debug complex situations. So this is where True Root comes in. This essentially turns the device into a debug device that you would get direct from the manufacturer.
You may be able to get away with doing the following in a different way and you may not need to compile anything since fastboot has a boot flash option, but since I've never used this I've done it this way. If you prefer you can explore things in that direction, but be warned I've not tried it and so I have no idea if it would work.
Now for this step you will need access to a Linux installation. If you've never used Linux before don't be too afraid. But I am going to have to gloss over a few things. If you need further help on this step you will need to post in the topic and allow the community to advise on best pratices.
If you dont have access to a Linux installation or your newb to Linux then go here and follow the steps. It will add Linux to your PCs boot options and then you can go in and out of Linux when you need it. http://www.ubuntu.com/download/help/install-ubuntu-with-windows
Remember if your working on this step from a fresh Linux install like the above then you will probably want to install the android sdk for linux, at least enough to use adb from linux. This topic might help with this: http://forum.xda-developers.com/showthread.php?t=537508
Ok now from Linux follow along. You'll need git installed for this "apt-get install git".
We now need to compile the apps needed to modify our boot image. Details can be found here https://gist.github.com/1087757 but you might just want to follow my specific instructions.
Open a console window and type.
Code:
git clone https://android.googlesource.com/platform/system/core
cd core/libmincrypt
gcc -c *.c -I../include
ar rcs libmincrypt.a *.o
cd ../mkbootimg
gcc mkbootimg.c -o mkbootimg -I../include ../libmincrypt/libmincrypt.a
cd ../cpio
gcc mkbootfs.c -o mkbootfs -I../include
cd ../..
git clone https://github.com/beide/Bootimg-scripts.git
cd Bootimg-scripts
cp ../core/mkbootimg/mkbootimg ./
cp ../core/cpio/mkbootfs ./
Ok that has prapared the a Bootimg-scripts directory with the perl scripts we need and compiled binaries they use. Now make sure you have perl installed "apt-get install perl".
This is where things are going to split and it becomes your best guess as to how to proceed. I will show you the method I used from Windows. But if you have a installation of the SDK in Linux then you should be able to just open a new console and continue from here and ignore the bits I used to transfer files between Linux and Windows.
Back to the command console on Windows. We use adb to identify our boot partition and extract it.
Code:
adb shell cat /proc/partitions
You will now be presented with a list of paritions on your Nexus 7. Each block here for my device is 1K. So I'm looking down the list and I see one thats 8192 blocks, called "mmcblk0p2". Thats 8MB and I'm taking a educated guess that this is the boot partition, and for my Nexus 7 it is. (Note: if anyone has a better way of determining the boot parition please let me know).
Now we need to take a image of the partition. From here on out replace my partition device name in the commands below with yours if it differs.
Code:
adb shell
cat /dev/block/mmcblk0p2 > /sdcard/boot.img
exit
adb pull /sdcard/boot.img
Now if you want to confirm that this is the boot partition you will need to open the image file in your favorite hex editor and confirm the first bytes of the file are "ANDROID!" in ascii.
Now I FTP'd this image file over to my Linux box and into the Bootimg-scripts directory we created previously. If your following these steps from Linux then you should be able to open up the file manager and move the file into the folder.
Now back to Linux. We'll need to modify repack-bootimg.pl with a text editor of your choice. I leave this up to the reader. We need to modify line 19 the system call so that it starts with "./mkbootimg" rather than "mkbootimg". This is so perl fines mkbootimg in the local directory rather than anywhere else.
Now type in the linux console we had open in the Bootimg-scripts directory the following command.
Code:
perl ./unpack-bootimg.pl boot.img
ls -l
You should see boot.img-kernel.gz and boot.img-ramdisk.cpio.gz and a directory boot.img-ramdisk.
Open boot.img-ramdisk/default.prop in your favorite text editor and make the following adjustments.
ro.secure=1 should be edited to ro.secure=0 and ro.debuggable=0 should be ro.debuggable=1 and if you want ro.allow.mock.location can also be changed to 1 if you like.
Now we've made the required changes to our initrd (initial ramdisk) files we need to repack them to put back on the device.
Code:
perl ./repack-bootimg.pl boot.img-kernel.gz boot.img-ramdisk boot-debug.img
You will now have a new file called boot-debug.img. This contains our modified initial ramdisk. It will probably be smaller than the original. This is no concern as the original we copied was an image of the entire disk including the unused areas, where as the new image is only the data we need.
I now FTP'd this file back to my Windows machine, but as before if your doing this from Linux then you can just carry on.
We now need to flash this image file back onto the Nexus 7 replacing our current boot image. To do this we need to put the device into bootloader mode.
Back to your console/command window, and enter in.
Code:
adb reboot bootloader
Windows might want to install drivers and as before direct the wizard to <SDK>\extras\google\usb_driver.
Once your device is in bootloader mode. Go back to the console/command and enter in.
Code:
fastboot flash boot boot-debug.img
fastboot reboot
Now cross your fingers and hopefully you will get the boot loading animation and your device will get back to the Android launcher.
Now finally from your console/command window type in:
Code:
adb root
Hopefully if all is well it should reply with "adbd is already running as root". Now if you type in:
Code:
adb shell getprop ro.debuggable
It should tell you that its set to 1, meaning it is switched on.
Congratulations!! You have now True Rooted your device!.
You can now debug even system level apps, see log messages from all processes and logcat will now resolve all app names. Use Hierarchy Viewer on a live device instead of the horrible emulator. Do absolutely everything with your device that you want.
Happy hacking,
Napalm :good:
Click to expand...
Click to collapse
can't find recovery-from-boot.p. Y?
5implelove said:
can't find recovery-from-boot.p. Y?
Click to expand...
Click to collapse
Try not to quote a post that big mate, makes navigation a pain
5implelove said:
can't find recovery-from-boot.p. Y?
Click to expand...
Click to collapse
That part is only for the Nexus 7, and if you are using a Nexus 7 with custom ROM then this file may not exist. If you are using stock on a Nexus 7 then the only other question is whether you have renamed/moved/deleted it before. Once you
Code:
cd /system
type
Code:
ls -l recovery*
and see if anything is listed.
Napalm
Where did you find the info for step one?
Sent from my Nexus 7 using Tapatalk 2
I worked it out. You can find your VID and PID from your unknown device in Device Manager. You have to right click the device > Properties > Details > Choose Hardware Ids from the list. Since the driver from Google supports the same interfaces for other devices we can assume it works with the Nexus 7. I made the modifications and it works. Below is a full list of IDs if anyone wants them.
Napalm
Code:
Nexus 7
USB\VID_18D1&PID_4E40 : fastboot
USB\VID_18D1&PID_D001 : adb-recovery
USB\VID_18D1&PID_4E42 : composite-adb-interface (with mtp)
USB\VID_18D1&PID_4E42&MI_00: mtp-composite
USB\VID_18D1&PID_4E42&MI_01: adb-composite
USB\VID_18D1&PID_4E44 : composite-adb-interface (with ptp)
USB\VID_18D1&PID_4E44&MI_00: mtp-composite
USB\VID_18D1&PID_4E44&MI_01: adb-composite
USB\VID_18D1&PID_4E41 : mtp-only
USB\VID_18D1&PID_4E43 : ptp-only
Galaxy Nexus
USB\VID_18D1&PID_4E30 : fastboot
USB\VID_18D1&PID_D001 : adb-recovery
USB\VID_04E8&PID_6860 : composite-adb-interface (with mtp)
USB\VID_04E8&PID_6860&MI_00: mtp-composite
USB\VID_04E8&PID_6860&MI_01: adb-composite
USB\VID_04E8&PID_6866 : composite-adb-interface (with ptp)
USB\VID_04E8&PID_6866&MI_00: ptp-composite
USB\VID_04E8&PID_6866&MI_01: adb-composite
USB\VID_04E8&PID_685C : mtp-only
USB\VID_04E8&PID_6865 : ptp-only
Great guide, but why not just post up the new initrd for people that don't want to do this? It looks as if its the same for all devices.
As requested. Attached are the compiled tools and modified scripts used and the original and modified boot partition image files for the Nexus 7 running Android 4.1.2.
Napalm
Update for Android 4.2
Attached is the original and modified boot partition image files for the Nexus 7 running Android 4.2.
You can update yours with the following:
Code:
adb reboot-bootloader
fastboot flash boot nakasi-jop40c-android42-boot-new.img
Napalm
Attached is the original and modified boot partition image files for the Nexus 7 GSM/HSPA+ running Android 4.2.1
You can update yours with the following:
Code:
adb reboot-bootloader
fastboot flash boot nakasig-jop40d-android421-boot-new.img
Napalm
Amazing !
Is it possible to post the same file for N7 4.2.1 Wifi version?
Thanks
JulienDev said:
Amazing !
Is it possible to post the same file for N7 4.2.1 Wifi version?
Thanks
Click to expand...
Click to collapse
If I'm not mistaken, they are the same for wifi and 3g versions?
Same as before.. just an update for Android 4.2.2... as per the previous posts.. no idea if the non-GSM variant has the same boot partition. If anyone can test please post.
Attached is the original and modified boot partition image files for the Nexus 7 GSM/HSPA+ running Android 4.2.2
You can update yours with the following:
Code:
adb reboot-bootloader
fastboot flash boot nakasig-jdq39-android422-boot-mod.img
Getting a No_Command error
Hi, I am trying to true root Android M on my Nexus 7 2012 Wifi edition. I followed the steps here and was able to create the boot.img with the ro.debuggable=1 and ro.secure=0. however if i flash this boot.img the device boots and gets stuck in a android bot with a Red ! (bang) triangle. and says No command.
Any idea how to get ro.debuggable on for Android M?
So here you come. To read and perform this tutorial, you obviously need a first hand experience on flashing a ROM and/or kernels. Otherwise this tutorial and my efforts to get you a device with two OSes running might end up giving you a bricked device. So, if you're hearing the terms "flashing" or 'kernels' for the first time and thinking it's kinda good food, then bro, just go and taste those first.
Something's to remind before we gonna dig deep into this tutorial->
1> Noone but you will be responsible for what you end up with.
2> The warranty of your device will be voided after this if it isn't already after rooting. For MI users, the good news is that you can reclaim it by just flashing the fastboot ROM for your device.
Enough lectures. Bro let's get to work.
This you'll be needing =>
1> One working Windows PC(because I doesn't know any replacement of bootimg.exe on any other OS. If you know, then let me).
2> A class 10 memory card ( I recommend 32GB for the spaces)
3> A custom ROM and kernel for your phone(the second os)
4> Any custom CWM based recovery installed.(since TWRP is most popular, I will demonstrate using it. You can use any other you want overall process will be the same)
5> ADB, fastboot and the device drivers (easily found in XDA)
PART 1: MODIFYING THE BOOT
At first, how does your device boots up? What are the partitions called /data and /system? The answer is quite simple. It's your kernel that points out the location from where the OS should be picked up. So for booting into the second OS we need some modifications to it at first.
Search and download bootimg.exe on XDA, I'll post a link later. Create two folders. Name them "Internal OS" and "External OS" respectively. Put the zip file of the OS you're currently using to the first one and the OS you're gonna use on the external storage to the second one. Rename the second OS to originalExternalOS.zip. Extract originalExternalOS.zip. Pick the boot.img file from the root of the extracted folder and move it to a new folder named "boot2". Extract the IMG using bootimg.exe. Navigate to the initrd folder and you will get a file named 'fstab".
Basically it's the file that tells the kernel which partition does the OS resides in.
Open the file in your favourite text editor.
Replace every instance of the first line with the second one:
/dev/block/bootdevice/by-name/system => /dev/block/mmcblk1p2
/dev/block/bootdevice/by-name/userdata => /dev/block/mmcblk1p3
/dev/block/bootdevice/by-name/cache => /dev/block/mmcblk1p4
Save the file without giving any extension to it. Repack it using the same tool. You'll have boot-new.img and boot-old.img. Rename boot-new.img to boot.img and replace the one in the root folder with this. Basically what we're doing here is replacing the old boot.img with the modified one.
For your knowledge, blocks are the partitions of any storage you have on your device. For example, your internal storage is partitioned to near about 30 different blocks each starting with prefix "mmcblk0p". We here just told the kernel to load the OS from the blocks mentioned. We'll be creating these blocks in the external SD card next.
PART 2: PARTITIONING THE SD CARD
Connect your device with the memory card inserted to your PC. If you haven't installed fastboot, ADB, and the drivers, do it now.
READ THE FOLLOWING CAREFULLY
Reboot the device to recovery mode. Type the commands in cmd:
Code:
adb shell
parted
unit MB
print
quit
umount external_sd
Read and store the minimum and maximum capacity of your card. Since different cards will have different capacities I will point it as variable MIN_SIZE and MAX_SIZE. You'll need to calculate and put the values in the commands. Now type the following commands on cmd:
Code:
parted /dev/block/mmcblk1
rm 1
//START_BLOCK = MAX_SIZE - 5000
mkpartfs primary fat32 MIN_SIZE START_BLOCK
//SYS_START = START_BLOCK+1
//SYS_END = SYS_START + 1200
mkpartfs primary ext2 SYS_START SYS_END
//DATA_START = SYS_END+1
//DATA_END = DATA_START + 3500
mkpartfs primary ext2 DATA_START DATA_END
//CACHE_START = DATA_END + 1
mkpartfs primary ext2 CACHE_START MAX_SIZE
//We have partitioned the memory card. Let's format them. Ignore all "Do you wish to continue" question in the next commands as we're already mentioning yes.
mkfs yes 1 fat32
mkfs yes 2 ext2
mkfs yes 3 ext2
mkfs yes 4 ext2
quit
//Now they are almost ready. Just make the newly created blocks readable by the OS.
make_ext4fs /dev/block/mmcblk1p2
make_ext4fs /dev/block/mmcblk1p3
make_ext4fs /dev/block/mmcblk1p4
//Now you get where does the blocks come in the kernel right?
exit
//You've covered up the hardest part. Let's get some coffee and cheeerssss.
PART 3: MODIFYING THE NEW OS
You've left the OS extracted in the "External OS" folder right? It's time to do some magic in it. We're gonna tell the OS to be installed in the blocks we created just like the kernel. But wait, where does the OS know before installing where it should get installed? Well, the answer hides in the updater-script in the folder META-INF > com > google > android. Navigate yourself in it. Open the updater-script file in your favourite editor ( I use notepad++ ) and modify it in the same way as the kernel.
Replace every instance of the first line with the second one:
/dev/block/bootdevice/by-name/system => /dev/block/mmcblk1p2
/dev/block/bootdevice/by-name/userdata => /dev/block/mmcblk1p3
Leave the /dev/block/bootdevice/by-name/boot as it's the fundamental block and we can't replicate it. Don't think for the /cache partition as we've already done that in the boot.img file. Now navigate to the root of the folder where you extracted the External OS. Select all files, add them to a zip file using WinRAR. Name the file to newOS.zip. Open newOs.zip and originalExternalOS.zip with WinRAR and compare them if you find any change in the folder tree. They must and they should be exactly the same. You're 80% done.
PART 4: MODIFYING THE RECOVERY
We often flash many zips including very popular Xposed and other mods to our OS right? They also look for the /system partition. So what are we gonna do? Modifying each of them? Nah. Let's modify where they get which one the /system is. The recovery. Extract the img of the recovery you're using with the same bootimg.exe. Modify exactly the same things. I.e.
Replace every instance of the first line with the second one:
/dev/block/bootdevice/by-name/system => /dev/block/mmcblk1p2
/dev/block/bootdevice/by-name/userdata => /dev/block/mmcblk1p3
/dev/block/bootdevice/by-name/cache => /dev/block/mmcblk1p4
in the following files : initrd/fstab.qcom
initrd/etc/recovery.fstab
initrd/etc/twrp.fstab(For TWRP only)
Save them. Repack. And you got your recovery-new.img and recovery-old.img. Put recovery-new.img and newOS.zip in the same folder. Now wake up, it's time for some action.
PART 5 : INSTALLING THE OS
Open cmd in the folder where newOS.zip resides. Reboot the devixe in fastboot mode. Type the following commands:
Code:
adb push newOS.zip external_sd
fastboot flash recovery recovery-new.img
fastboot boot recovery
Now your device should boot up in recovery mode. To check if everything has gone fine mount system using TWRP. Use twrp's built in file manager and navigate to system folder. It's empty? Yup. You've done a great job. Now flash the newOS.zip using TWRP and your device should boot up in the new OS. To cross check again remove the SD card and try to boot. If you're headed towards recovery or bootloop after that then it's a win. Put the SD card back again and watch the new OS to boot.
PART 6: SWITCHING BETWEEN THE TWO
Extract the boot.img from the "Internal OS" zip file and put it together with recovery-old.img. To check if your old system is untouched type the following commands in fastboot mode:
Code:
fastboot flash recovery recovery-old.img
fastboot flash boot boot.img
fastboot boot system
Your device should take you back to the old one. Surprised? Now let's make a switch between the two. There are two methods.
METHOD 1: USING FLASHIFY
Create two folders in your SD card. Put boot.img and recovery-old.img to one and boot-new.img and recovery-new.img to the other. To switch to the external OS, just flash boot-new.img as boot and recovery-new.img using flashify. Ignore reboot now dialog and reboot directly to the system. To go back, first install flashify in the new OS and flash boot.img and recovery-old.img. Easy right?
METHOD 2: USING ZIPS
I'm gonna tell you that tomorrow as I can write no more today.
More to come....
CREDITS:
justzzshadz from MIUI forum for this revolutionary concept. @iamsubhranil for adding TWRP, Flashify support and completely rewriting the tutorial.
Hello,
I am trying to recover from a softbrick issue. I have a BLU Studio C 5+5 LTE and therefore can't use TWRP or CWM (At least that is my assumption, maybe someone knows different). Before getting into the softbrick state I took 3 different types of backups in the hopes that one of them could be used in case it was needed. (like this)
Type 1 - I did an ADB shell backup from a completely stock device (unrooted) I used this command-
adb backup -apk -all -f fullbackup.adb
For this method I followed this guide here-
https://linuxiswonderful.wordpress.com/2015/04/04/full-backup-of-nonrooted-android/
Type 2 - I used Titanium backup and performed a complete system and application backup
Type 3 - I rooted the phone and backed up all partitions using dd after reviewing the partition layout of the device. For example, to backup the system partition I did the following at an ADB shell-
dd if=/dev/block/mmcblk0p21 of=/storage/sdcard1/firmware-img/system.img
I believe the last operation I tried before softbricking was installing the Xposed framework module for my device (running Lollipop 5.1.1).
I am able to still communicate to my device using ADB and I can get an ADB shell. or enter fastboot mode My device presently shows the manufacturer's logo when booting and gets no further.
To recover from this issue I think I have two basic options
#1 restore from backup
#2 locate the problem that is causing the system to hang at startup in the first place
At the end of the day I am trying to find the simplest, quickest method to get back up and running. Both methods are acceptable to me. I am not worried about losing any data.
My challenge/sticking point is how to turn my backups into a usable format to get me back on track or understand the boot process enough to get out of the boot loop.
The first thing I tried was mounting my raw image files created from the dd process. I followed this guide-
https://samindaw.wordpress.com/2012/03/21/mounting-a-file-as-a-file-system-in-linux/
I ran these commands-
#losetup /dev/loop0 /path/to/my/system.img
# mkfs -t ext3 -m 1 -v /dev/loop0
# mount -t ext3 /dev/loop0 /mnt
# cd /mnt
# ls
The various image files I created all seemed to mount "ok" OK meaning that the loopback mount process worked but it appears there is nothing but a lost+found folder in the mounted image. (I'm not sure why that is.)
I am still researching methods to turn my other backups into something usable for recovery purposes.
For using the adb backup file I created, this is what my understanding is-
Adb backup uses a type of compression (don’t remember what kind). I would need to uncompress the file first. After uncompressing and being able to view the file contents I would think I should be able to put together a flashable zip file of some sort.
I think the process for Titanium backup would generally be the same- uncompress/convert file format, create/assemble a flashable zip file
The last thought I had was trying to get the system to boot. To do so, I need to better understand the boot process. I am familiar with how Linux boots as I am a Sys Admin. I know Android is similar but just different enough to make me research this further. I can pull dmesg log for anyone if that will help. I was also seeing where you could use the logcat command. (That is new to me as it seems more Android specific and not used in Linux that I know of)
If there is any other info you need to see, please let me know. I made a lot of notes about the system architecture, partition layout, etc.
Many thanks in advance for your help!
XDA Visitor said:
Hello,
I am trying to recover from a softbrick issue. I have a BLU Studio C 5+5 LTE and therefore can't use TWRP or CWM (At least that is my assumption, maybe someone knows different). Before getting into the softbrick state I took 3 different types of backups in the hopes that one of them could be used in case it was needed. (like this)
Type 1 - I did an ADB shell backup from a completely stock device (unrooted) I used this command-
adb backup -apk -all -f fullbackup.adb
For this method I followed this guide here-
https://linuxiswonderful.wordpress.com/2015/04/04/full-backup-of-nonrooted-android/
Type 2 - I used Titanium backup and performed a complete system and application backup
Type 3 - I rooted the phone and backed up all partitions using dd after reviewing the partition layout of the device. For example, to backup the system partition I did the following at an ADB shell-
dd if=/dev/block/mmcblk0p21 of=/storage/sdcard1/firmware-img/system.img
I believe the last operation I tried before softbricking was installing the Xposed framework module for my device (running Lollipop 5.1.1).
I am able to still communicate to my device using ADB and I can get an ADB shell. or enter fastboot mode My device presently shows the manufacturer's logo when booting and gets no further.
To recover from this issue I think I have two basic options
#1 restore from backup
#2 locate the problem that is causing the system to hang at startup in the first place
At the end of the day I am trying to find the simplest, quickest method to get back up and running. Both methods are acceptable to me. I am not worried about losing any data.
My challenge/sticking point is how to turn my backups into a usable format to get me back on track or understand the boot process enough to get out of the boot loop.
The first thing I tried was mounting my raw image files created from the dd process. I followed this guide-
https://samindaw.wordpress.com/2012/03/21/mounting-a-file-as-a-file-system-in-linux/
I ran these commands-
#losetup /dev/loop0 /path/to/my/system.img
# mkfs -t ext3 -m 1 -v /dev/loop0
# mount -t ext3 /dev/loop0 /mnt
# cd /mnt
# ls
The various image files I created all seemed to mount "ok" OK meaning that the loopback mount process worked but it appears there is nothing but a lost+found folder in the mounted image. (I'm not sure why that is.)
I am still researching methods to turn my other backups into something usable for recovery purposes.
For using the adb backup file I created, this is what my understanding is-
Adb backup uses a type of compression (don’t remember what kind). I would need to uncompress the file first. After uncompressing and being able to view the file contents I would think I should be able to put together a flashable zip file of some sort.
I think the process for Titanium backup would generally be the same- uncompress/convert file format, create/assemble a flashable zip file
The last thought I had was trying to get the system to boot. To do so, I need to better understand the boot process. I am familiar with how Linux boots as I am a Sys Admin. I know Android is similar but just different enough to make me research this further. I can pull dmesg log for anyone if that will help. I was also seeing where you could use the logcat command. (That is new to me as it seems more Android specific and not used in Linux that I know of)
If there is any other info you need to see, please let me know. I made a lot of notes about the system architecture, partition layout, etc.
Many thanks in advance for your help!
Click to expand...
Click to collapse
Greetings,
Thank you for using XDA Assist.
There are no specific forums for your device model on XDA. However, if you create an XDA account, you can ask your questions here:
Android Q&A, Help & Troubleshooting
You will receive expert advice there.
Good luck and welcome to XDA!
So I've became the lucky owner of two of these devices, and after hosing one and having to rebuild from scratch I want to provide some helpful information on rooting, backing up the device and general info that may or may-not be needed! So let's start this party off right!
These commands posted are for the Linux terminal, add python if using windows or play with the command line of mtkclient to figure things out, I can't assume what everyone OS's are.......
1. get yourself mtkclient from here : https://github.com/bkerler/mtkclient
follow all the steps regarding setup regardless if on Linux or Windoze!
2. BACK-UP the Full device using mtkclient, doing so will save yourself a lot of aggravation that I endured during my endeavors! This will do a Full back-up of the device by partition and place in a single file for making restore painless.
Power OFF the phone
Issue the mtkclient command via Terminal
Code:
mtk rf flash.bin
HOLD VOL+ & VOL- and plug-in the USB-C, if done correctly the phone will go into brom.
Once done backing up ( Total Time is around 60 minutes or less ) we're going to issue the last command, this resets mtkclient safely)
Code:
mtk reset
2a. Restoring you're Device
Now we're going to issue THREE mtk commands, the first is, assuming you're working in the same directory you back-up the file to.
Code:
mtk wf flash.bin
Without un-plugging, issue the next to wipe all data for a full reset.
Code:
mtk e metadata,userdata,md_udc
followed by reset
Code:
mtk reset
In the extreme case I suffered, you need to let the phone die completely if unable to enter brom the normal way, once dead follow the process as if you just turned it off.
This situation came about while I began to figure out how to get twrp working on the device.
Total size of this back-up will be around 32GB, so store in a safe place.. Also, DO NOT SHARE THIS IMAGE WITH ANYONE!!!! It contains all of the phone's sensitive info (IMEI)
Now let's talk rooting with or without bootloader-unlocked.
The good new's about this device is we can use mtkclient to bypass unlocking the bootloader for flashing a rooted boot.img patched by Magisk, the bad new's is that the phone will default to boot_b and not the boot the root boot.img so unlocking the bootloader is a must.
adb install app-release.apk that is attached, this Magisk that is designed for mtk devices and frankly has worked the best for me, once installed we're going to back-up the stock boot with the following commands using mtkclient.
Code:
mtk r boot_a boot.img
mtk reset
this will be placed in you mtkclient directory and will need transferred to the storage for patching by the Magisk app. once done we will transfer the file back to our mtkclient directory.
boot once again back into brom and issue the command
Code:
mtk w boot_a magisk_patched.img
mtk reset
keep in mind that each patched boot.img will be named different so this is not a copy and paste thing currently.
however, if you want to install an already patched version of the boot.img you can download the attached boot.img, place into your mtkclient directory and issue this command
Code:
mtk w boot_a magisk_patched-23001_nx6U2.img
mtk reset
For bootloader-unlocking, just follow the read-me file for more in-depth instructions, however this will get you going regarding the unlock.
boot back into brom and issue the following commands, if done correctly the bootloader is now unlocked. However this is needed for simple root, just flash the attached boot.img
Code:
mtk da seccfg unlock
mtk e metadata,userdata,md_udc
mtk w vbmeta vbmeta.img.empty
mtk reset
This particular guide is addressing Super.img read-writable, focusing on making all partitions write-able for the reason updating the phone with GSI Images or just needing access to add / remove files on the phone.
I found this post most helpful regarding super.img, as i had issue at first understanding boot-loops at first. https://forum.xda-developers.com/t/...s-rw-in-super-partition.4120963/post-87112415
This is assuming you are now comfy with brom, familiar with using mtk and also on Linux.
I've already done all the work need for converting hex to dec, and is a start copy of my note's and the steps I took to get things working. I'll attach the file as well for off-line use if needed as well.
First we need to back-up the super.img from the brom using the following command with-in the mtkclient directory. make a copy of this before we begin and keep in a safe place!!!
Code:
mtk r super super.img
once done we will use this tool to break down the image's into readable partition's using linux.
[TOOL][WIN,LIN,AND,DARW] Super image tools | extract or make partitions RW in super partition
Disclaimer: Super image tools was made for testing and educational purposes, ME is not responsible for what you do on/with your device using our tools, you must agree that you using our tools on your own risk, I am not responsible for anything...
forum.xda-developers.com
once you have your super.img placed into the new extracted directory, we're going to issue a command using terminal from said directory.
Code:
./superunpack.x64 super.img
next we're going to create THREE folders call system, vendor, product. ( Vendor & Product is optional if editing system only )
So lets start with system as most will only likely be editing that for rw access, so let's get down to it.
Code:
e2fsck -f system_a.ext4
resize2fs system_a.ext4 2G
e2fsck -y -E unshare_blocks system_a.ext4
e2fsck -fy system_a.ext4
sudo mount -t ext4 -o,rw system_a.ext4 system
now you're ready for system edits, once done we need to unmount the system using this command
Code:
sudo umount system
next we need to fix the system and resize it so we can add it back into the super.img following these commands.
Code:
e2fsck -fy system_a.ext4
resize2fs system_a.ext4 353376
once done we can use DD the system back into super,img, keep in mind this takes a very long time as it need to read the block and search for the offset that we're using.
Code:
dd if='system_a.ext4' of='super.img' bs=1 seek=2315255808 count=1447428096 conv=notrunc
once done we need to move the new super.img to our mtkclient folder, and flash using
Code:
mtk w super super.img
mtk reset
if done correctly it will boot with read / write access to the system partition.
again I've attached my notes that also include Vendor & Product to keep this thread to a minimum! however i will include partition sized and dd instruction here for vendor, product & system for short hand viewing on-line.
SYSTEM
e2fsck -fy system_a.ext4
resize2fs system_a.ext4 353376
dd if='system_a.ext4' of='super.img' bs=1 seek=2315255808 count=1447428096 conv=notrunc
PRODUCT
e2fsck -fy product_a.ext4
resize2fs product_a.ext4 461253
dd if='product_a.ext4' of='super.img' bs=1 seek=1048576 count=1889292288 conv=notrunc
VENDOR
e2fsck -fy vendor_a.ext4
resize2fs vendor_a.ext4 103509
dd if='vendor_a.ext4' of='super.img' bs=1 seek=1890582528 count=423972864 conv=notrunc
Last but not least, if anything this the most important part regarding Development.
Attached is the Project config make file, I've not currently tried to build this as I'm still digging into this device. However it is a nice Find as it has the build condition as well as the driver info.
some might recall this as a /proc/config.gz file but again we have no kernel source but clearly it's not impossible to build having all the info, but it's a long road.