I have a SM-A530W running Android 9 but is unrooted with a locked bootloader. I want to make as complete backup of the phone as possible, preferably using DD so I get a byte for byte image. Using OEM Unlock will wipe the device, so is there any way to flash a custom recovery or root the phone without wiping it? Or is there a way to get a full image of the device without root? I have full access to the phone with the PIN code and google account password.
Related
As the Title states, I'd like to know if I can do a data backup via the stock Android Recovery, since I heard that Unlocking Bootloader would lead to a data erase. So I was wondering if whether I could restore the backup after unlocking bootloader and have my data intact (It ain't my phone)
I'm not sure but you can make a backup and place it on a computer and then unlock the boot loader and restore it when you are done with all the things.
Use carbon/helium.
So I see
I really hate that boot screen that makes you think your phone is going to blow up because the bootloader is unlocked... I realize that having it unlocked is perfectly fine, and with Magisk, all the Google security stuff still works just fine.. I also know that an unlocked booloader makes it much easier to flash updates (flash-all but remove the -w) ... So please don't try to explain why I should leave my bootloader unlocked.
WIth my HTC phones, unlocking the bootloader would erase the phone (obviously, and just like the Pixel 2). Locking the bootloader wouldn't erase the phone on the HTC, but with the Pixel 2, the instructions say that it WILL ERASE THE PHONE.
With the HTC, the wipe happened in recovery, so if I had TWRP installed, the phone wouldn't erase... I could easily switch between locked and unlocked, and as long as I had TWRP installed, the phone would "think" it was going to erase, but I stopped it.
So my question is... Does the Pixel 2 wipe the phone on lock/unlock through recovery? If so, can I lock the phone with TWRP installed in recovery and prevent that lock? I know I can make a backup and try it and see, but since the Feb update, getting into a decrypted recovery has become a pain (remove pin/password, reboot, reboot to recovery, do what you want, reboot to system, add the pin/password, add fingerprint, open EVERY SINGLE APP THAT USES FINGERPRINT AND SET LOGIN AND REGISTER THE FINGERPRINT - it frustrates me, in case you can't tell).
You cannot flash TWRP unless you are unlocked so at this time there is no way to unlock the bootloader without a full wipe.
I think you misunderstood the question. I have unlocked the bootloader (let it wipe) and installed TWRP. I want to know if the re-lock will wipe through recovery (and therefore be stopped by TWRP) or if it does the wipe using some other method (and therefore wiping regardless).
1. You won't be able to maintain your userdata while switching between locked and unlocked states.
2. You will likely not be able to boot your device either after locking your phone.
For 1)
The Pixel 2 enables FBE (filesystem-based encryption) by default for your userdata partition. The encryption keys are derived from a hardware secret (accessible only from TrustZone), the RSA public key that was used to sign the boot image and a flag (whether it is locked or unlocked). The latter parameters are provided by the bootloader (lk) to the Keymaster trustlet (running in TrustZone).
If any of these parameters change, then the encryption keys will change as well. As a result, your files will remain inaccessible even if you were hypothetically able to flip the lock state.
For 2)
Unlocking the bootloader (fastboot flashing unlock) will disable verification of the boot image. TWRP is installed by modifying the boot image (in both the "a" and "b" slots) which invalidates the Verified Boot signature that covers this boot image (stored in the vbmeta partition). When the device is locked again, the bootloader will fail to pass the signature check and stay in the "red" boot state. At that point I guess you have a brick (I have not tried this myself for obvious reasons).
Source: reading the lk source code and various Android documentation such as https://source.android.com/security/encryption/file-based
Lekensteyn said:
When the device is locked again, the bootloader will fail to pass the signature check and stay in the "red" boot state. At that point I guess you have a brick (I have not tried this myself for obvious reasons).
Click to expand...
Click to collapse
The signature of the Custom ROM (Official LineageOS) can be integrated into the bootloader before re-locking the bootloader.
But this is the problem: "Lineage Recovery is also built in userdebug mode, that's a problem. When Lineage recovery is built this way, it allows any package, signed or unsigned, to be installed on your phone. This effectively negates the benefits of locking the bootloader. [...] In fact most custom ROMs simply use TWRP or another third party recovery which has the same issues as they are designed to never even look at the signatures of the packages they are flashing to your device."
"A discussion about bootloader locking/unlocking... AKA I want to relock my bootloader, should I?: LineageOS"
https://www.reddit.com/r/LineageOS/comments/n7yo7u
Is there an official backup I can make of my current installation without installing custom recovery ?
I want to try out Android P but I don't want to root or do anything with my phone. Not even unlock boot loader before I do backup. Any way to backup phone in my current state and then enable OEM unlock, unlock boot-loader and install custom recovery. Cause I am positive I'll use if for about 20 mins and then go back to my stable 8.1
Catch 22
You'll need to unlock your bootloader which will wipe your data partition so sadly I don't think it's easily possible.
To be able to take backups and restore you will need a custom recovery, be already root and have an unlock bootloader
Sent from my OP6 using Tapatalk
I was wondering if there is a way to disable the warning screen or relock the bootloader while keeping the root and recovery.
Everytime i try it it say it can no longer find a valid operating system.
plain and simple, not there is no way for our phones. if your bootloader is unlocked, the warning screen will always show and your bootloader must be unlocked in order for magisk to run and root to be allowed.
Currently no. The reason is that to have root, you have to have a patched boot image, and to have a patched boot image, you need to be able to have an unlocked bootloader to allow flashing of /boot from recovery. "Locked" rooting would involve an exploit that would undoubtedly get fixed quickly. Also, keep in mind that the Pixel 2/XL do not have dedicated recovery partitions, but that recovery itself also resides in /boot.
Hello again! I have a problem, i have the original firmware and the tool to flash it in case anything goes wrong (MTK Client), so i unlocked the bootloader, the problem is that when you unlock the bootloader, the baseband says (020null) and imei is unknown. I tried to restore my own nvcfg, nvram and nvdata to no luck, when I lock the bootloader, they appear again without flashing anything. So there must be something in the system that checks if you have the bootloader locked or not... I want to know how to disable it because I want to have root (I have rooted it with no issues, but i want my imei you know), i thought init.rc may have something to do with it, here is it (https://gist.github.com/ThePinkLyna/a43e65572896a57af2624610f74d00f2).
By the way my phone is an Alcatel 5007G, MTK 6762. Any ideas in where could be the block? The bootloader? An script in the system? There must be a way, right?
Re-lock the bootloader.
Android can get rooted without having the bootloader got unlocked before.
It's the Android kernel that checks if bootloader is locked or not.
xXx yYy said:
Re-lock the bootloader.
Android can get rooted without having the bootloader got unlocked before.
It's the Android kernel that checks if bootloader is locked or not.
Click to expand...
Click to collapse
How to get root without unlocking the bootloader? Because if i patch boot.img to use with magisk, then it goes into red state because secure boot. I know, the last thing you said, but i was talking about the system, there must be something which checks if the bootloader is unlocked or not and if its unlocked then it blocks the imei, i doubt android does that by default.
well, not answer to your original question, however try bootless-root method. but read warnings about limitations on locked bootloader (do not modify boot, system, ...)
TheAndrew579 said:
How to get root without unlocking the bootloader? Because if i patch boot.img to use with magisk, then it goes into red state because secure boot. I know, the last thing you said, but i was talking about the system, there must be something which checks if the bootloader is unlocked or not and if its unlocked then it blocks the imei, i doubt android does that by default.
Click to expand...
Click to collapse
You can doubt all, it's on you. Also take note that
1. every Android device comes shipped with a recovery partition by default,
2. you can't use a Custom Recovery like TWRP to restore lost IMEI.
are you sure it's bootloader lock state and not Magisk? I have same issue with Redmi 6, when booted in Magisk from fastboot baseband is unknown. normal boot baseband reappear (nothing flashed)
my suspect is magisk mount overlay (have to dig more into)
https://github.com/topjohnwu/Magisk/issues/426
What Magisk version you tried?
xXx yYy > /dev/null
aIecxs said:
are you sure it's bootloader lock state and not Magisk? I have same issue with Redmi 6, when booted in Magisk from fastboot baseband is unknown. normal boot baseband reappear (nothing flashed)
my suspect is magisk mount overlay (have to dig more into)
https://github.com/topjohnwu/Magisk/issues/426
What Magisk version you tried?
xXx yYy > /dev/null
Click to expand...
Click to collapse
Its not Magisk, because the problem starts happening when i unlock the bootloader, when i unlock it (Without installing magisk or flashing anything), and androids appears again, i go to info and it says baseband = 020null and imei unknown, if i flash magisk, then i get root but still no imei.
Im talking about the original firmware, unlocked bootloader = no imei, when i lock it again after uninstalling magisk (By flashing the original boot.img) then the imei appears again.
aIecxs said:
well, not answer to your original question, however try bootless-root method. but read warnings about limitations on locked bootloader (do not modify boot, system, ...)
Click to expand...
Click to collapse
And my android security version is newer, so that method wont work, still, i want root so i can uninstall system apps, so an unlocked bootloader is a must, but how exactly if when i unlock it i lose the imei? Thats the problem
you don't need root to get rid of system apps. this will do it. be careful what you're doing, in case of bootloop the only way left is factory reset. do a backup before.
Code:
adb shell cmd package disable --user 0 <pkgname>
How to disable any pre-installed system app bloatware on Android without root
If you hate the bloatware or pre-installed apps on your Android smartphone, here's how to disable them even if Android doesn't normally let you.
www.xda-developers.com