Related
WARNING: IN THE EVENT THAT ANYTHING GOES WRONG, I WILL NOT BE HELD ACCOUNTABLE. I CANNOT STRESS THIS ENOUGH!!!
EDIT: I FORGOT, BEFORE CHANGING RECOVERY OR DOING ANYTHING, ALWAYS DO A NANDROID BACKUP!!!
If you have flashed a custom recovery (clockwork, j_r0dd, etc.) but you want to
1) accept OTA updates but cant do so with the custom recovery
2) send your phone for repair and not void your warranty
3) or UNROOT YOUR PHONE,
it should be easy to revert back to your stock recovery that came with your phone.
NOTE: THIS PROCEDURE WILL ONLY WORK IF THERE IS AN AVAILABLE OTA UPDATE FOR YOUR PHONE!!!
YOU WILL HAVE TO RE-ROOT YOUR PHONE IF YOU WANT ROOT ACCESS AFTER UPDATING! DO NOT RE-ROOT IF YOUR PHONE IS TO BE SENT FOR REPAIR!
Step 1) Download the OTA update. (I have a uploaded a sample update zip at
www . sidsoftinc . com / Blur_Version.0.3.9.MB300.Retail.en.03.zip
*remove the spaces)
Step 2) On completion, the phone should reboot and enter recovery mode, using the custom recovery to update. However, this should fail as most custom recoveries prevent original updates. Note the location of the downloaded update (likely at /cache)
Step 3) Power down the phone and enter into recovery mode manually
Step 4) Using ADB, pull the folder containing the update zip to your computer
Code:
adb pull /**storedlocation**/**nameoftheupdate**.zip update.zip
Step 5) Open the update.zip in your adb folder and look for a file called recovery.img (most likely in system folder)
Step 6) Open up the adb shell and flash the new recovery (recommended)
Code:
adb shell
su
flash_image recovery recovery.img
or you can place it in /system and it will be auto-flashed (not recommended)
Code:
adb push recovery.img /system/recovery.img
Step 7 (if possible) Make it permanent by deleting the custom recovery in /system
Code:
adb shell
cd system
su
mount -o rw,remount /dev/block/mtdblock1 /system
rm recovery.img
mount -o ro,remount /dev/block/mtdblock1 /system
exit
exit
Step 8) Reboot the phone and if you see a triangle warning sign, reboot your phone again. You should see your homescreen before it reboots to install the update again. This time, the original recovery will be used.
Once finished, your phone will be upgraded, unrooted and your applications and data will still be retained.
If you wish to install your previously used custom rom again, you must flash the custom recovery and install the rom, again
If I made a mistake, please do inform me. Thank you
I'm trying to do this for the Tmo G2 and I have reverted using another technique but the clockworkmod is still there. I thought it would get removed!
I have no idea how to get rid of it. Can you give me alittle help?
Did your clockworkmod recovery flash itself into your nv ram. If so then no one can help you there. If you have an ota update and pulled it to your pc, send me a coy and I'll see if I can help you. If you can, send me your ota update zip to [email protected].
Sent from my Motorola Backflip using the XDA App
I'm honestly unsure if it flashed to the nv-ram. Possibly, basically if I do a system boot (power +vol down) and select recovery, it will load the HTC green text with white background then go into clockword recovery. I'm not exactly sure why it still does this.
I used the method on this FORUM THREAD to un-root and get back to stock (using the available files there and method 1-a). I'm just unsure why the clockwork recovery is still there. I'm hoping I can still get back to stock recovery. Possibly I just need to flash the stock recovery.img??
Also, I had some troubles initially with ADB, which is why I used the VISIONary method of rooting. I'd love to try out the gfree method since I believe my ADB is working correctly now and test out some other roms to see what I like the most.
I know you are probably in a different time zone that is way ahead of mine........but can't I just reflash the stock or update ota recovery.img in fastboot mode.......OR is this a bad Idea???
Many users have accidently accepted ota updates on custom rims and recoveries. for fastboot, I did mention that flashing stock recovery and update is possible via adb shell.
Sent from my Motorola Backflip using the XDA App
siidheesh said:
Many users have accidently accepted ota updates on custom rims and recoveries. for fastboot, I did mention that flashing stock recovery and update is possible via adb shell.
Sent from my Motorola Backflip using the XDA App
Click to expand...
Click to collapse
I tried flashing the stock recovery but I'm not sure why it didn't work, I had hboot and flash_image. I used the adb shell way as well. It gave me error in partitions or whatever. I don't know what to do.
do you have Blur_Version.0.3.10.MB300.Retail.en.03.sbf file?
I dont happen to have that file, but i do have Blur_Version.0.3.9.MB300.Retail.en.03.zip
if you need it.
Cockwork Mod
I'm pretty green so this may sound really dumb, but can you flash sbf files to your phone via Clockwork Mod, or does it have to be done via RSD Lite. I cannot get RSD to recognize my device in 4.7 or 4.8. Please help.
do you have a stock image for the huawei ascend for cricket or does anyone here have it?
Unrooting......
I download the RECOVERY file you supplied (thank you)
"Blur_Version.0.3.9.MB300.Retail.en.03.zip"
If I reboot into Recovery and just flashed that zip file, would it work that way to unroot?
Provided you are flashing on a MOTOROLA BACKFLIP, yes. However, you might want to flash the AT&T 2.1 update for the backflip instead, if you reside in the US. Flashing back any official firmware unroots your phone
I'm looking to root and unlock my AT&F Motorola Backflip (MB300).. Any suggestions?
Sent from my NexusHD2 using Tapatalk
OTA for Samsung Galaxy Ace is a CFG file, not ZIP
Hello,
Just for interest, I received an OTA for my Samsung Galaxy Ace but it didn't come as a ZIP file - it came as a CFG file (which is not a ZIP, but actually a proprietary package - which I can't remember the name right now).
However, I did find the stock recovery elsewhere in this forum, and I installed it. But that wasn't enough for the OTA to be installed - it still fails.
Corrupted?
siidheesh said:
Step 5) Open the update.zip in your adb folder and look for a file called recovery.img (most likely in system folder)
Click to expand...
Click to collapse
I can't find it. I have an Alcatel Pop C1 4015X. Help?
Trying to unroot Xperia Z2
I am trying to unroot using update files from the Sony Xperia Companion. I found the update files (I think). I used Flashtool to decrypt the FILESET, but there is no recovery.img in the decrypted folder. The folder I decrypted is in Xperia Companion/Sony Mobile Update Engine/localstorage/db/13740270 and that is the only folder that has decryptable files. They are named FILE_8977018 and similar before decryption and various .sin .ta files (examples auto-boot.ta, cust-reset.ta, simlock.ta). Am I using the right decryption to get the recovery.img?
Here is the theory I want.
Given a mobile phone that has a lock on it wether pin code, pattern or password, If the mobile's bootloader was unlocked I can install a custom recovery and then boot to that recovery in which I can run the adb and have access to the data in the phone. If my hypothesis is correct then how I can build a recovery.img ??
I have been reading for the recover.img for 2 weeks and almost understood how it works and most of the files in it. However, I couldn't find a tutorial of how can I build my own recovery.img
What I decided to do it to modify on the CWM recovery.img.
So I downloaded the CWM and then I unpack it to see the kernel and the initrd. After decompressing the initrd, I found many files. I made a simple test which is to run a script from the init.rc. Inside the init.rc I added two lines. The first one to mount the /data partition and then I just echoed "test" to a file called text.txt then I rebooted my device to normal boot connected to adb and checked the /data partition, but unfortunately I didn't find anything.
I would like to know what I am missing and if my theory is correct or not and how can I build my OWN recovery and have something like adb running from the start.
Thank you
Hi mates, the purpose is to use my old S5 as a surveillance camera with Athome app, for example. All is working good but there is only one problem, if the power goes down longer than the battery can survive, the phone turns off and it should be manually turned on when the power comes back.
I've found a way but it seems it's needed a rooted phone. The trick consist to edit file lpm (or something similar to it) into /system/bin, delete all lines and type instead:
#!/system/bin/sh
su
/system/bin/reboot
as far I know the cid11 can't be rooted, there is a way with safestrap recovery to access root the phone and edit this? Thank you!
I've done it! And I'm so happy that I decided to share the result, writing a guide.
There may were some ways to do it, but the big limit is the non root phone with MM 6.0.1.. anyway I tried for example to use adb under safestrap, or its console but there is too limited commands choice and I'm not that expert on linux so I decided to the longest (in terms of time) solution, but the only one I could manage easy:
I've edited the files manually, packed back into the ROM zipped and flashed them with Safestrap.
I would explain step by step:
Supposing you already did the process to install safestrap and a Custom/stock ROM, if not you need to proceed with that before, there are threads here explaing you how.
I used as reference this therad: https://forum.xda-developers.com/ve...ow-to-flash-custom-6-0-1-roms-locked-t3393943 because I have QA1, if you have another one just take this guide as reference only about the process
1) I downloaded necessary files
2) prepared the file lpm with a unix editor (I used Notepad++ and the function to format in Unix, the lines should end with 0x0A instead of Windows 0x0A+0x0D) with the following lines:
Code:
#!/system/bin/sh
/system/bin/lpm.orig &
while [ true ]; do
bat_proc=\\\`cat /sys/class/power_supply/battery/capacity\\\`
if [ \\\$bat_proc -gt 10 ]; then
sleep 3 && /system/bin/reboot
fi
sleep 5
done\
3) unzipped VZW_QA1_STOCK_SAFESTRAP_ONLY.zip
4) I renamed the file lpm in the folder system/bin into lpm.orig and copied the just created file lpm
5) Packed everything back to zip
6) copied all the necessary files to the download folder in the internal memory (safestrap on my phone can't recognize sd), see thread or below to now which files
7) Booted the phone in download mode and flashed with Odin NI2_stock_kernel.tar.md5 (put the file in AP). You need the Samsung drivers if you can't see COM in Odin, it will reboot when finished to flash, if the phone bricks after reboot then redo the process, the second time it works 100%.
8) Chose recovery on menu, in Safestrap wipe Dalvik, system, data, cache.. all except SD card
9) (all these files you should have in internal storage) Install VZW_QA1_STOCK_SAFESTRAP_ONLY.zip, QA1_MM_Firmware_With_QA1_Bootloader_CAUTION.zip, then wipe again data and cache only, ADD_SAFESTRAP_TO_ROM.zip, the latest google apps that you downloaded before and copied too, and as last install the MM_KERNEL_SS-FF_Flashable.zip.
10) Choose reboot (to system) and wait the rom installs, you may after test switching off and connecting the charger.
I was in the process of rooting when the update was trying to run. Now I keep getting an install failure and can't seem to get any way to fix it.
Where is this update stored so I can delete it or can I get some advice on how to clear it so I can get it to try again?
I can't find the update for download anywhere :/
Not thing about file/cache. Incremental OTA need unroot frist.
Looking for the full installer package file for
11.0.8.12.KB05AA.
rezapatel said:
Looking for the full installer package file for
11.0.8.12.KB05AA.
Click to expand...
Click to collapse
Same let me know if you find it lol
OK good news I got myself sorted!
1. What I did was use "Oxygen OS updater" (can be found on playstore) with advanced mode enabled and downloaded the latest OS (11.0.8.11.)
2. Use local upgrade under settings to install 11.0.8.11 and restart. This will remove root but not user data or settings.
3. Check for and install update 11.0.8.12 under settings and it should install fine no issues.
4. Re root using your chosen method.
5. Done!
Interesting. How did you get the boot file for x.12? Isn't that required for rooting..
rezapatel said:
Interesting. How did you get the boot file for x.12? Isn't that required for rooting..
Click to expand...
Click to collapse
Boot modified recovery with ADB function, dump boot_a or boot_b, Magisk patch.
ULTRAJC said:
Boot modified recovery with ADB function, dump boot_a or boot_b, Magisk patch.
Click to expand...
Click to collapse
What they said
ULTRAJC said:
Boot modified recovery with ADB function, dump boot_a or boot_b, Magisk patch.
Click to expand...
Click to collapse
Any guide for this?
DroidFreak32 said:
Since we don't have TWRP yet for our 8T, having ADB enabled on the stock recovery can be really helpful if you are unlocked and rooted.
For example, removing problematic magisk modules.
I tried to install the EdExposed module and ended with a boot loop. To get back I had to flash the stock boot.img again and reconfigure all my modules again.
Having ADB enabled in OOS recovery will let us delete the problematic module at /data/adb/modules without having to delete the working modules.
Credit goes to @s3axel for the Post in Oneplus 8 forums
Quoting the procedure to create the modified recovery.img :
Installation Procedure:
Pre-patched files for the lazy (upto 11.0.4.5):
To find your model and build:
Code:
adb shell getprop ro.product.model
KB2001
adb shell getprop ro.build.version.ota
OnePlus8TOxygen_15.I.16_GLO_0160_2010150110
KB2000 / KB05?? - Chinese Variant
11.0.1.2 Hydrogen_15.H.16_OTA_0160_all_2010150101_4101
STOCK recovery.img
adb patched recovery
KB2001 / KB05DA - Indian Variant
11.0.1.2 - OnePlus8TOxygen_15.I.16_GLO_0160_2010150110
STOCK recovery.img
adb patched recovery
11.0.2.3 - OnePlus8TOxygen_15.I.17_OTA_0170_all_2010240047
STOCK recovery.img
adb patched recovery
11.0.3.4 - OnePlus8TOxygen_15.I.18_OTA_0180_all_2011010208
STOCK recovery.img
adb patched recovery
11.0.4.5 - OnePlus8TOxygen_15.I.19_OTA_0190_all_2011101438_3032f.zip
STOCK recovery.img
adb patched recovery
KB2003 / KB05BA - EU Variant
11.0.1.2 - OnePlus8TOxygen_15.E.17_GLO_0170_2010150108
STOCK recovery.img
adb patched recovery
11.0.2.3 - OnePlus8TOxygen_15.E.18_OTA_0180_all_2010240038
STOCK recovery.img
adb patched recovery
11.0.3.4 - OnePlus8TOxygen_15.E.19_OTA_0190_all_2011010157
STOCK recovery.img
adb patched recovery
11.0.4.5 - OnePlus8TOxygen_15.E.20_OTA_0200_all_2011101442_ed5dc.zip
STOCK recovery.img
adb patched recovery
KB2005 / KB05AA - International Variant thanks to @card13
https://drive.google.com/drive/folders/1-i4P8sWPfyqwgYvBsKWAAftQW7m66Z70?usp=sharing
KB2007 / KB05CB - T-Mobile Variant
¯\_(ツ)_/¯
Code:
❯ adb devices
List of devices attached
75317573 recovery
❯ adb shell
# df
Filesystem 1K-blocks Used Available Use% Mounted on
rootfs 3648448 40396 3608052 2% /
tmpfs 3837328 1160 3836168 1% /dev
tmpfs 3837328 0 3837328 0% /mnt
tmpfs 3837328 0 3837328 0% /apex
tmpfs 3837328 4 3837324 1% /linkerconfig
tmpfs 3837328 24 3837304 1% /tmp
/dev/block/sda11 491464 140484 350980 29% /mnt/vendor/op2
/dev/block/sda20 11760 164 11596 2% /metadata
/dev/block/dm-3 1516540 1511956 4584 100% /vendor
/dev/block/sda2 27632 10452 17180 38% /mnt/vendor/persist
/dev/block/dm-7 110397292 6627020 103770272 7% /data
Click to expand...
Click to collapse
Mpolo87 said:
CAVEAT
I've only tested this on my device (KB2005 / KB05AA), but it should be universally helpful as it's using your own boot.img so there's no need to find a matching package for your variant and os version.
CREDIT
The steps were buried across a few threads, I'm posting this so it'll be easier for others to find the information. All credit goes to xb360, FullOfHell, and TheUnkn0wn.
INFOThe basic rundown is:
Use the semi-broken TWRP package to give yourself temporary su access through adb.
Extract the boot.img your phone is currently using to your pc.
Reboot to OxygenOS, copy over the boot.img you just extracted and then use Magisk to patch it.
Copy the boot.img back to your pc and use adb to temporarily boot your phone with it, giving you root access until reboot.
Use your temporary root access to allow Magisk to patch your internal as-yet unmodified boot.img to give you permanent root.
There seems to be some confusion in the thread, I'll try to clear up what's happening and why:
The primary issue at hand is that you can't root your device without already having root privileges, for security reasons. Without a custom recovery like TWRP, there are a few more steps than usual (but mostly simple stuff).
Because we don't flash anything with this guide, it shouldn't cause any permanent bootloops if you use the wrong boot.img, if you get stuck in one just power cycle your phone.
Updating with OTAs should be the same process as the other guides here.
Because of changes in Android, devices that launched with Android 10 and above will not allow you to modify the system partition, even with root. This is not a fault of this rooting method.
Prerequisites:
ADB and Fastboot installed.
An unlocked bootloader and USB debugging enabled.
________________________________________________________
STEPS:
1. Connect your phone to your pc and boot it into fastboot mode. You can leave it connected throughout this guide.
2. On your computer open a terminal/cmd prompt. Set the directory (on your pc) you want to work from, I'm using the desktop:
for Windows, type cd C:\Users\Yourname\Desktopfor Mac, type cd desktop or cd /Users/yourname/Desktop
Spoiler: How to set up adb and fastboot properly
To usb adb and fastboot commands outside of the folder those programs are located in, you'll need to add their location to the PATH list so your terminal can still find them when it's pointing to a different folder. If you want to skip this step, set the directory to the folder that contains adb instead of the desktop.
3. Next, use the terminal to check which A/B partition is active on your phone:
Code:
fastboot getvar all
a. You'll find it on this line: (bootloader) current-slot:a/bb. For simplicity I'll be referring to boot_a.img throughout the guide, make sure to use boot_b.img if that's the one marked as active on your device.
4. Download the semi-broken TWRP package to your desktop. We'll be using it to extract a copy of your active boot_a.img. It will give you temporary su access via adb, but there won't be a gui. Only boot from it, DO NOT FLASH IT:
Code:
fastboot boot recovery.img
adb shell
dd if=/dev/block/by-name/boot_a of=/sdcard/boot_a.img
exit
adb pull /sdcard/boot_a.img boot_a.img
adb reboot
5. Copy the extracted boot_a.img file to a user accessible area of your phone, like your downloads folder.
6. Install the latest Magisk Canary apk on your phone. Open it and:
a. Select the Install option.b. Use Select and Patch a File on boot_a.img
7. Copy the patched magisk_patched_a.img file back to your computer. In terminal, type adb reboot bootloader to get back to fastboot mode.
8. Temporarily boot with the patched image that corresponds to the active partition, DO NOT FLASH IT:
Code:
fastboot boot magisk_patched_a.img
Spoiler: Why we're booting and not flashing.
You could flash this boot.img, but it's safer to temporarily boot from it without overwriting your existing image in case anything went wrong along the way. The effect is that you still get root access without modifying your device, and then you can use the much safer Magisk direct install option, which has some safeguards in place.
9. By booting with the patched image, you now have temporary root access. To make it permanent open Magisk:
a. Select the Install option.b. Use Direct Install (Recommended) to root your internal boot.img
10. Reboot and verify it worked.
Click to expand...
Click to collapse
Are you guys aware of the zip file @osm0sis created that lets you add ADB to the stock recovery? You'll need to be rooted to use it.
[TWRP][3.4.0-14][instantnoodle]Unofficial TWRP for OnePlus 8/8 Pro Unified(Stable)
Team Win Recovery Project 3.x, or twrp3 for short, is a custom recovery built with ease of use and customization in mind. Its a fully touch driven user interface no more volume rocker or power buttons to mash. The GUI is also fully XML driven and...
forum.xda-developers.com
It works really well - I've used it on 11.0.8.11 and .12
Thank you sir. I took the plunge and have been rewarded. Appreciate it!
shadowtuy said:
OK good news I got myself sorted!
1. What I did was use "Oxygen OS updater" (can be found on playstore) with advanced mode enabled and downloaded the latest OS (11.0.8.11.)
2. Use local upgrade under settings to install 11.0.8.11 and restart. This will remove root but not user data or settings.
3. Check for and install update 11.0.8.12 under settings and it should install fine no issues.
4. Re root using your chosen method.
5. Done!
Click to expand...
Click to collapse
This looks like a great app but it won't work if you need to downgrade. The current release (11.0.8.12.KB05AA) is so bad (look at OnePlus forums) that OnePlus has even taken it down and is no longer available for download. The current one is the previous one (11.0.8.11.KB05AA). Because I have already installed the "12" release, the OxygenOS System Update will not let me downgrade to the "11" release. It gives a "to avoid booting up failure, downgrading is not allowed" message.
Can I sideload/flash this "11" zip file via ADB and accomplish my goal of downgrading? Or could I change the active slot to the inactive one, reboot and get back to "11" that way?
zzjea said:
This looks like a great app but it won't work if you need to downgrade. The current release (11.0.8.12.KB05AA) is so bad (look at OnePlus forums) that OnePlus has even taken it down and is no longer available for download. The current one is the previous one (11.0.8.11.KB05AA). Because I have already installed the "12" release, the OxygenOS System Update will not let me downgrade to the "11" release. It gives a "to avoid booting up failure, downgrading is not allowed" message.
Can I sideload/flash this "11" zip file via ADB and accomplish my goal of downgrading? Or could I change the active slot to the inactive one, reboot and get back to "11" that way?
Click to expand...
Click to collapse
Well I tried switching slots but the inactive slot was corrupted from earlier. So I do not have an "11" in the other slot.
zzjea said:
Well I tried switching slots but the inactive slot was corrupted from earlier. So I do not have an "11" in the other slot.
Click to expand...
Click to collapse
Since OP 8T OxygenOS does not have a recovery, ADB sideload will not work.
Now that 11.0.8.13 is out and I'm on 11.0.8.12 right now, and so far I haven't come across a full zip for 13 yet. Not sure, if this will work .. but I'm thinking, I will uninstall magisk via the app. Restart to ensure, I'm unrooted and then do an OTA to 13. After the OS has been upgraded, follow the steps to root the boot dump file. Anyone tried this method and if would work? The 2 things I'm worried about are - 1) if I uninstall Magisk via the app, does it fully unroot and allows OTA, 2) will the broken twrp shared above work on the latest OOS x.13?
Thanks!
rezapatel said:
Now that 11.0.8.13 is out and I'm on 11.0.8.12 right now, and so far I haven't come across a full zip for 13 yet. Not sure, if this will work .. but I'm thinking, I will uninstall magisk via the app. Restart to ensure, I'm unrooted and then do an OTA to 13. After the OS has been upgraded, follow the steps to root the boot dump file. Anyone tried this method and if would work? The 2 things I'm worried about are - 1) if I uninstall Magisk via the app, does it fully unroot and allows OTA, 2) will the broken twrp shared above work on the latest OOS x.13?
Thanks!
Click to expand...
Click to collapse
For anyone who's interested. This worked!
Hey little bit of an add in! Keep a backup of your non Rooted boot.img!! It is actually easier to flash the non rooted and update just to reroot again.
FIRST OFF - THIS IS HIGHLY TECHINICAL AND NOT FOR NON-TECH INCLINED PEOPLE. YOU CAN REALLY MESS UP YOUR PHONE IF YOU DO IT WRONG. SO PAY ATTENTION OR FIND SOMEONE SMARTER THAN YOU WITH THIS ANDROID / LINUX STUFF. YOU DO THIS ON YOUR OWN - NO WARRANTIES EXPRESSED OR IMPLIED. IT'S FOR PEOPLE THAT DON'T WANT TO WAIT FOR THEIR VENDOR TO POST A FULL ROM AND UPDATE RIGHT WHEN AN OTA COMES.
So I wanted to update my rooted Op8T OOS version, and you CAN'T (haha) do it if you're rooted. That's kind of a misconception. I knew there had to be a way... so I found a dead repo out there that used to work on Incremental OTAs. And I read the issues - did not actually work. Why? Because you need to extract the prior firmware (full ROM) first with a Payload extraction tool (most are in Python, and most are Linux-only). Well, they got stuck because the original ROM has one signature (encryption), and the OTA update has another signature, so the program would break when they didn't match. So what did I do??? Well I have to give credit to the dev I forked this from, because he mentioned - of course the signatures don't match, they are different releases! So I did something kind of... well... let's put it this way, you aren't verifying any signatures anymore. So if you screw up and put the wrong ROM base (prior full ROM) and Payload extract the payload.bin, then apply the Incremental OTA, well, you're in for trouble. BE POSITIVE YOU ARE USING THE VERSION OF THE ROM THE OTA IS INTENTED TO INCREMENTALLY UPDATE!!!!
In this case, it was quite clear. I was trying to update an A11 Op8T from OnePlus. It was on 11.0.8.3 ROM and an OTA was posted that was for 11.0.9.9. SO I used a Windows tool to extract the first set of files (the full ROM is huge BTW). The incremental update came as a 150mb file zipped up, but it modified the BIG files. Once it finished, I found that system and system_ext are not flashable (grew in size, can't resize super on active slot, not updated), the rest are. And you MUST flash from fastbootd - this is kind of a mysterious new place with modern AB devices. It can be a pain to actually get there. The standard steps if you're on stock recovery are to enable developer options, USB debugging, install the Latest ADB and Fastboot https://github.com/fawazahmed0/Latest-adb-fastboot-installer-for-windows/releases/tag/v1.7 (this script will update it for you). Ignore the God references it's a batch file you can just modify it, and I don't judge. It will pull the latest versions (Minimal ADB and Fastboot are super outdated). Next steps...
Now, getting an incremental update off a rooted phone is not easy. 1) you have to flash a stock boot.img and recovery.img. 2) you have to basically uninstall Magisk, or at least the images 3) then you MAY be able to download with Oxygen Updater or the system app. It won't install though because root is fully exposed. Once it's downloaded, it appears in some very strange location with a random character string.zip I believe. So now you have to reinstall Magisk (to get adb shell SU access). So after I confirmed it downloaded (but wouldn't flash), I had to hook my phone up to the USB cable, go to the PC and Latest ADB and Fastboot folder, adb shell, su, then cd /; find . -name *.zip > /dev/null 2>&1; to cut out some of the garbage output and scroll until I found a logical zip stored somewhere (a folder than sounded like a OnePlus update folder). Then I did a: cp [random characters.zip] /sdcard/Download/OTA_Update.zip, which I could then transfer from my phone to PC with a USB cable. Developer options / default mode USB File Transfer FYI.
Okay that was one of the hard parts. Now next to more hard parts. You need a Linux environment (I used WSL2 Debian Buster). The easiest setup (after spending hours attempting to get the correct packages loaded) was to install the personal version of Anaconda Python x64 for AMD64 processors for Linux. Then I could use conda install [package name] for missing dependencies as the program would throw errors. Yes you have to read the errors or you won't be able to figure out what is actually not installed. Anyhow, the modded forked repo of python files is here: git clone the repo: git clone https://github.com/mrslezak/update_payload_extractor.git - now if git isn't setup on your Linux box, well, you're in for some trouble.
So once it's installed, you need to actually use python3 commands for each step - so anywhere you see "python" put "python3" instead as most machines have both 2.7 and 3.X installed. I used Python 3.8 something, so ignore the 3.6 it's not required. So here I took a payload.bin extracted with a Windows.exe file (available somewhere on XDA, there are severel, one is Go based) and copied them once extracted from the original ROM to the WSL instance on my Win10 PC. Now there come issues here. They need to go into an "old" directory you must create (in update_payload_extractor directory), and copying from Windows will make them root access only, so a: sudo chown user:user old/ is required to get it writable. I believe the program will make the rest of the files on its own. They will end up in "output." You just need to extract the payload.bin and payload.properties files from the incremental update you extracted and place them in the update_payload_extractor directory.
Now there is some strange stuff going on, this was always beta, and never working. So I took the note of the issues and blocked a Google certificate validation routine (just commented it out) so it doesn't verify anything. I say it again BE EXTREMELY CAREFUL THAT YOUR PRIOR FULL ROM AND OTA UPDATE ARE MEANT TO BE USED TOGETHER. Anyhow, run what it says if your system is setup:
Incremental OTA
Copy original images (from full OTA or dumped from devices) to old folder (with part name without file extension, ex: boot, system) - I put an .sh script here if your files are .img called remove_img_extension_old.sh - note that GitHub sometimes loses the execute permission so you may have to type: sudo chmod +x remove_img_extension_old.sh. It is meant to be run from the root of the project. ./remove_img_extension_old.sh
LD_LIBRARY_PATH=./lib64/ ./extract.py --output_dir output/ --old_dir old/ payload.bin
The above line will start the extract and combine process the OTA usually does on your phone, and output the files to the output directory. Once those are generated, then you can run another helper script I wrote to add back .img to each file called add_img_extension_output.sh again meant to be run from the root folder. Now you need to copy these output files (no guarantee all are updated, it will have all of them - on Op8T system and system_ext couldn't be flashed because they grew in size, and I don't know how to expand the super partition space to enable them to flash, so they aren't in the linked file - it still updates). The files on Op8T ending in lp5 are RAM files for the newest devices that are running LPDDR5 memory, the flash.bat script will need to be modified if you have one of these (2 flashes). The way I made the file will work in 98% of devices.
Okay I run the rest from Windows, so now it gets a little tricky. You need to get into Fastbootd, which means flash boot.img (you just extracted it), flash recovery image (same), using fastboot flash boot boot.img, fastboot flash recovery recovery.img. Now getting to fastbootd can be quite perplexing. You may just have your phone on, type adb reboot bootloader, then type fastboot reboot fastboot, and be in fastbootd (it will look like stock recovery but say fastbootd on top). The other way is to boot to recovery (developer options extended boot menu makes this much easier), then select Fastboot. Sometimes you get Fastboot and sometimes Fastbootd. It seems quite random. DON'T START THE FLASH_ALL.BAT UNTIL YOU KNOW YOU ARE IN FASTBOOTD!!!!
The fastboot command to tell you if you are in fastbootd (it will report yes if so: fastboot getvar is-userspace
Otherwise, those files will NOT be allowed to flash to your device, and you will end up with some random combination of prior and updated files. That could end badly. Once you DO get to Fastbootd, run the flash_all.bat, and DON'T SWITCH SLOTS. Yes, this is an OTA, but you already patched the files. Upon successful flashing, you can reboot to fastboot and flash a patched kernel with Magisk already enabled such as my forked Radioactive here: https://github.com/mrslezak/Radioactive_kernel_oneplus8/releases/tag/v2.2.5-MOD - the .img file is a Magisk patched custom kernel, you can also flash the twrp alpha (that seems to work in my experience, it's just slow, on OOS works fine despite warnings it doesn't). https://forum.xda-developers.com/t/recovery-11-alpha-teamwin-recovery-project-8t-kebab.4302449/ fastboot commands for the kernel: fastboot flash boot image_name.img; recovery fastboot flash recovery twrp_name.img.
I successfully updated while rooted from the prior ROM version. I'm sure it will work on many phones. Best of luck to you!!! I did find out how to install "the full ROM" unreleased on a rooted phone, there is some undocument fastboot stuff I had to figure out (temp system-cow and system_ext-cow files that use up all the space in the super partition) so I added them to my batch file. Now install for whatever device you have, and watch out for those weird temp files that aren't documented anywhere that I could find. Took literally hours to get it working, but it does now!!!
BTW if anyone knows how to resize the super partition, that would complete this project. I.e. you could flash the patched system and system_ext on an Op8T.
Your phone may have no issue or no super partition, then you don't care, it's not needed. I can't recall when dynamic (resizable) partitions came out but I think in Android 10 some devices started to use them. They are developer hell in my opinion.
Some TWRP versions allow you to just resize the partition on the fly, while on my phone, it's not an added feature yet. I'm also not sure if the resize does an auto-wipe either then you could also find yourself in trouble if you couldn't immediately get to Fastbootd. Some ROMs will boot to "Device is corrupt" if things like this change, just a warning, which I tried by switching A/B slots, but I had luckily installed TWRP on the other partition and was able to switch slots there and go back to booting.
UPDATE: I was able to eventually locate why the Super partition was getting full - there are temp files created as dynamic partitions when trying to install an OTA - I had to delete any logical partitions with the extension "-cow" which existed for system and system_ext (on the Op8T I was using), I was on slot A, so they were called system_a-cow and system_ext-cow, I deleted them like this:
fastboot delete-logical-partition system_a-cow
fastboot delete-logical-partition system_ext_a-cow
To see if you have any temp files present, you type:
fastboot getvar-all
And scroll through them and see if any of these mystery -cow files are present.
(bootloader) is-logical:system_a-cow:yes
(bootloader) is-logical:system_ext_a-cow:yes
Whew! That was a pain. But no more waiting for incremental updates to become full ROMs anymore on a rooted phone!
Oh, and I put the update for OOS here: https://forum.xda-developers.com/t/...install-from-fastbootd.4316147/#post-85441161