Related
So I was trying to install magisk using fastboot and it installed successfully however when I tried rebooting it it just kept booting into fastboot. I tried installing TWRP but I got an error = (FAILED (remote: Error verifying the received boot.img: Invalid Parameter) My bootloader is unlocked and any help will be great.
well twrp won't work if you are on 10, if 9 then it should. i'd flash the stock kernel first. make sure it is the boot.img from the firmware image you have installed. if that does not help then try to flash the most recent complete firmware image. you could edit out "-w" in the flash-all.bat or flash-all.sh look for the line fastboot -w update image-xxxxxx.zip and take out the -w to keep the update from wiping your data.
Google Pixel 3a Stuck In Fastboot
dkryder said:
well twrp won't work if you are on 10, if 9 then it should. i'd flash the stock kernel first. make sure it is the boot.img from the firmware image you have installed. if that does not help then try to flash the most recent complete firmware image. you could edit out "-w" in the flash-all.bat or flash-all.sh look for the line fastboot -w update image-xxxxxx.zip and take out the -w to keep the update from wiping your data.
Click to expand...
Click to collapse
So I attempted to flash the boot.img file and got this error: FAILED (remote: Failed to write to partition Not Found)
And I tried the system.img file too and got a different error: FAILED (remote: Partition boot not found)
So finally I clicked the 'flash all' file and got this error: FAILED (remote: Failed to write to partition Not Found)
I installed the firmware from the google website.
have you tried a factory restore/reset from the bootloader menu?
fastbootでslot a,b手動でflashを試しましたか?
fastboot flash boot_a boot.img
I rooted my Chinese phone without a custom recovery (haven't bothered for last few phones).
However, I am considering putting TWRP on and when I had a quick look on the Internet to see if one was around for my phone (being a Chinese phone) I naturally came across rooting guides and I noticed they seem to talk about flashing a no-verity-opt-encrypt zip file.
I do not understand why this file is needed?
To cut a long story short...
I extracted what I needed from the stock rom, patched with Magisk as normal and flashed using fastboot.
Then to bypass a bootloop from a signature mismatch because of Android verified boot, I flashed vbmeta using the following options:
--disable-verity --disable-verification
Android boots fine and my device is rooted (verified by Magisk and root checker app).
So why is there the need to flash the additional file no-verity-opt-encrypt zip?
People seem to be using it on many devices so there must be a reason I am missing.
Point is: your Chinese phone is not the only phone China produced. In my Chinese phone you cannot flash neither modified boot.img nor modified recovery.img. If you try, phone swithes to red state
And my Chinese phohe has empty vbmeta partition (ROM is based on android 8.1), so, evidently, it is not vbmeta but some other mechanism that prevents me from rooting my phone or from flashing TWRP/boot. And for those who are proud owners of such ****ty Chinese phones like mine, using verity disabler script might be the last resourt.
I'll tell you even more: with your Chinese phone you still could flash vbmeta using fastboot. Ho-ho-ho-ho.... Not true Chinese phone. Look at mine! It does NOT allow you to use fastboot for flashing. That is real Chinese phone!!
/However, I have no idea how am I supposed to flash verity disabler script if I don't have TWRP... If someone could help me with that.../
I am not sure you understand what I mean (sorry I probably was not clear).
Red State is absolutely correct for what you have done AND more importantly for you, if you copy the way I have done it you should remove the verification.
Your phone should return to Orange State and your device will be rooted without the need to flash/use TWRP or the no-verity-opt-encrypt zip file.
However, I do not understand what you mean when you say you can't flash using fastboot?
If I remember correctly, when my phone was in Red State it was difficult to enter Fastboot because it was in a Bootloop, but once you do you can flash as normal?
I can only give you advice flashing by Fastboot. So assuming you can (as above) then forget what the guides tell you and simply do this...
fastboot --disable-verity --disable-verification flash vbmeta vbmeta.img
fastboot reboot
Your phone should reboot, show Orange state and boot into Android. If you patched with Magisk correctly it should be rooted. You can verify this in the Magisk app and any root checker app.
Note: I am using Android 10 not 8
Bondyuk said:
However, I do not understand what you mean when you say you can't flash using fastboot?
Click to expand...
Click to collapse
Better to see it once than to hear many times. This is how true Chinese phone (mine) behaves:
Code:
Z:\android\adb>adb reboot bootloader
Z:\android\adb>fastboot flash vbmeta vbmeta.img
Sending 'vbmeta' (4 KB) OKAY [ 0.006s]
Writing 'vbmeta' FAILED (remote: 'unknown command')
fastboot: error: Command failed
Z:\android\adb>fastboot --disable-verity --disable-verification flash vbmeta vbmeta.img
Rewriting vbmeta struct at offset: 0
Sending 'vbmeta' (4 KB) OKAY [ 0.009s]
Writing 'vbmeta' FAILED (remote: 'unknown command')
fastboot: error: Command failed
Z:\android\adb>
Apart from this ugly fastboot implementation I should stress once again that vbmeta partition on my device is blank meaning the partition has all zeroes. Also, this partition is NOT supposed to be flashed when I flash stock ROM. Here's what is there in rawprogram0.xml:
Code:
<program SECTOR_SIZE_IN_BYTES="512" file_sector_offset="0" filename="" label="vbmeta" ...
<program SECTOR_SIZE_IN_BYTES="512" file_sector_offset="0" filename="" label="vbmetabak" ...
To sum up: I do not believe any vbmeta juggling would help me.
Bondyuk said:
Red State is absolutely correct for what you have done
Click to expand...
Click to collapse
Are you saying any boot.img properly patched by Magisk and flashed to the phone should cause red state?
vp1117 said:
Better to see it once than to hear many times. This is how true Chinese phone (mine) behaves:
Code:
Z:\android\adb>adb reboot bootloader
Z:\android\adb>fastboot flash vbmeta vbmeta.img
Sending 'vbmeta' (4 KB) OKAY [ 0.006s]
Writing 'vbmeta' FAILED (remote: 'unknown command')
fastboot: error: Command failed
Z:\android\adb>fastboot --disable-verity --disable-verification flash vbmeta vbmeta.img
Rewriting vbmeta struct at offset: 0
Sending 'vbmeta' (4 KB) OKAY [ 0.009s]
Writing 'vbmeta' FAILED (remote: 'unknown command')
fastboot: error: Command failed
Z:\android\adb>
Apart from this ugly fastboot implementation I should stress once again that vbmeta partition on my device is blank meaning the partition has all zeroes. Also, this partition is NOT supposed to be flashed when I flash stock ROM. Here's what is there in rawprogram0.xml:
Code:
<program SECTOR_SIZE_IN_BYTES="512" file_sector_offset="0" filename="" label="vbmeta" ...
<program SECTOR_SIZE_IN_BYTES="512" file_sector_offset="0" filename="" label="vbmetabak" ...
To sum up: I do not believe any vbmeta juggling would help me.
Click to expand...
Click to collapse
What happens when you try this:
adb reboot bootloader
fastboot unlock flash
fastboot --disable-verity --disable-verification flash vbmeta vbmeta.img
There should actually be two implementations of Fastboot. The main one you reboot into and another called Fastboot.d within the recovery.
vp1117 said:
Are you saying any boot.img properly patched by Magisk and flashed to the phone should cause red state?
Click to expand...
Click to collapse
I am not sure, it does on mine.
The device verifies the boot.img checksum to make sure it is original/stock. Because Magisk modifies the boot.img it will no longer pass verification and puts the device into Red state.
As far as I am aware this is part of AVB so it only affects devices using it. I am not sure when it was implemented (Android 8, 9 or 10)
Bondyuk said:
What happens when you try this:
fastboot unlock flash
Click to expand...
Click to collapse
This command does not exist. Probably what you meant me to try is this:
Z:\android\adb>fastboot flashing unlock
FAILED (remote: ' Device already : unlocked!')
fastboot: error: Command failed
Z:\android\adb>
Bondyuk said:
There should actually be two implementations of Fastboot. The main one you reboot into and another called Fastboot.d within the recovery.
Click to expand...
Click to collapse
Fastboot.d is something which was introduced in A10. I'm on A8.
Bondyuk said:
Because Magisk modifies the boot.img it will no longer pass verification and puts the device into Red state.
Click to expand...
Click to collapse
Then every phone owner would shout "It does not work!" and magisk project would be closed soon. However, it does not happen. It means that only selected models are built in such a nasty way that they expect modified partition to be signed by vendor's key.
I do not have knowledge enough to continue this discussion. I just wanted to respond to your initial question as to why people might need verity-disabler script. There are different phones with different android versions, with different security implementation and not always you can achieve your goal following standard fastboot flashing commands.
@vp1117
To keep you updated:
The vbmeta image is cryptographically signed and contains verification data (e.g. cryptographic digests) for verifying boot.img, system.img, and other partitions/images.
Contents of vbmeta image is parsed by bootloader as 1st thing of all things unless parsing got disabled.
The vbmeta's signing basically must not be of interest to you, the vbmeta's signature key must never get changed by anyone.
To prepare modding phone's Android OS one run ADB / Fastboot commands as follows
Code:
adb devices
adb reboot fastboot
fastboot reboot fastboot 2>nul
fastboot flashing unlock
fastboot reboot
adb reboot fastboot
fastboot reboot fastboot 2>nul
fastboot --disable-verification --disable-verity flash vbmeta vbmeta.img
fastboot reboot
where the vbmeta.img what gets passed to Fastboot should get pulled out from phone before thus it's size is matching.
jwoegerbauer said:
@vp1117
To keep you updated:
The vbmeta image is cryptographically signed and contains verification data (e.g. cryptographic digests) for verifying boot.img, system.img, and other partitions/images.
Contents of vbmeta image is parsed by bootloader as 1st thing of all things unless parsing got disabled.
The vbmeta's signing basically must not be of interest to you, the vbmeta's signature key must never get changed by anyone.
where the vbmeta.img what gets passed to Fastboot should get pulled out from phone before thus it's size is matching.
Click to expand...
Click to collapse
Thank you Jwoegerbauer.
This is a clear and well written explanation.
Do you know if the no-verity-opt-encrypt zip file actually needs to be flashed in TWRP, rather than simply flashing vbmeta with the --disable-verification --disable-verity options?
vp1117 said:
Z:\android\adb>fastboot flashing unlock
FAILED (remote: ' Device already : unlocked!')
fastboot: error: Command failed
Z:\android\adb>
Click to expand...
Click to collapse
I find it really hard to believe they modified fastboot so drastically.
What I don't understand is that the flash command obviously does work, because you say that when you flash boot or recovery your phone enters Red state?!
Do you have another Thread about your problem?
If so post a link here, I would be interested to see what you have tried and see if I can help
Bondyuk said:
Thank you Jwoegerbauer.
This is a clear and well written explanation.
Do you know if the no-verity-opt-encrypt zip file actually needs to be flashed in TWRP, rather than simply flashing vbmeta with the --disable-verification --disable-verity options?
Click to expand...
Click to collapse
The no-verity-opt-encrypt.zip must only be applied on Android OS versions that don't come with vbmeta.img, means where dm-verity is incorporated in Android's boot.img.
Bondyuk said:
What I don't understand is that the flash command obviously does work, because you say that when you flash boot or recovery your phone enters Red state?!
Click to expand...
Click to collapse
Comon! Luckily, fastboot is not the only flashing tool on earth. I use QFIL for that.
I created 2 threads recently.
One was regarding custom recovery: https://forum.xda-developers.com/t/360-n6-lite-qiku-in-desperate-need-of-twrp-recovery.4273965/
Another - how to root the phone: https://forum.xda-developers.com/t/360-n6-lite-qiku-help-is-needed-to-root-the-device.4277407/
I'm planning to add questions on AVB to the 2nd thread.
jwoegerbauer said:
The no-verity-opt-encrypt.zip must only be applied on Android OS versions that don't come with vbmeta.img, means where dm-verity is incorporated in Android's boot.img.
Click to expand...
Click to collapse
That makes sense.
Could you manually do it by opening the boot.img in a hex editor, finding the verification or dm-verify string and zeroing it out?
Surely Magisk would do this as part of its patching process?
I must be wrong because otherwise the zip file would not be needed again
Bondyuk said:
Could you manually do it by opening the boot.img in a hex editor, finding the verification or dm-verify string and zeroing it out?
Click to expand...
Click to collapse
Look inside file boot-patcher.sh that comes with the no-verity-opt-encrypt.zip to see how patching boot.img is done.
jwoegerbauer said:
Look inside file boot-patcher.sh that comes with the no-verity-opt-encrypt.zip to see how patching boot.img is done.
Click to expand...
Click to collapse
I downloaded and had a looked at the zip file.
From what I can tell the actual patching is done by altering the fstab to pass dm-verify options to the kernel during boot?
vp1117 said:
Point is: your Chinese phone is not the only phone China produced. In my Chinese phone you cannot flash neither modified boot.img nor modified recovery.img. If you try, phone swithes to red state
And my Chinese phohe has empty vbmeta partition (ROM is based on android 8.1), so, evidently, it is not vbmeta but some other mechanism that prevents me from rooting my phone or from flashing TWRP/boot. And for those who are proud owners of such ****ty Chinese phones like mine, using verity disabler script might be the last resourt.
I'll tell you even more: with your Chinese phone you still could flash vbmeta using fastboot. Ho-ho-ho-ho.... Not true Chinese phone. Look at mine! It does NOT allow you to use fastboot for flashing. That is real Chinese phone!!
/However, I have no idea how am I supposed to flash verity disabler script if I don't have TWRP... If someone could help me with that.../
Click to expand...
Click to collapse
you are right i am also facing this problem on my vivo y20 phone if you find any solution tell me
Update 12-16: I am closing this thread as it is no longer relevant. Please refer to this guide.
@V0latyle Can you help me out I installed a magisk module that caused a bootloop and I tried the adb wait-for-device shell magisk --remove-modules and it doesn't work for me I'm on the P5 a12 beta 5 I have since flashed the stock boot.img. What can I do to remove this module?
elong7681 said:
@V0latyle Can you help me out I installed a magisk module that caused a bootloop and I tried the adb wait-for-device shell magisk --remove-modules and it doesn't work for me I'm on the P5 a12 beta 5 I have since flashed the stock boot.img. What can I do to remove this module?
Click to expand...
Click to collapse
I'm honestly not that familiar with Magisk, sorry. I suggest you ask in the Magisk thread, they'll be of more help to you over there. Magisk modules live in /data, not /boot, so a data wipe would get rid of the module...and all your user data too.
V0latyle said:
I'm honestly not that familiar with Magisk, sorry. I suggest you ask in the Magisk thread, they'll be of more help to you over there. Magisk modules live in /data, not /boot, so a data wipe would get rid of the module...and all your user data too.
Click to expand...
Click to collapse
Ok thanks for your help I appreciate it
elong7681 said:
@V0latyle Can you help me out I installed a magisk module that caused a bootloop and I tried the adb wait-for-device shell magisk --remove-modules and it doesn't work for me I'm on the P5 a12 beta 5 I have since flashed the stock boot.img. What can I do to remove this module?
Click to expand...
Click to collapse
Wiki:
Module Issues:Magisk and MagiskHide Installation and Troubleshooting guide
www.didgeridoohan.com
Scroll down to read how to disable modules through Safe Mode
There is also a section how to manage modules from custom Recovery (if TWRP applies to your phone)
You seem to understand the issue with vmeta (and the associated data wipe). So I went from android 11 to android 12 beta without a wipe and although on andorid 11 i could flash my kernels, on android 12 i cannot without vmeta/wipe. I thought I read that it was because 12 was in beta. I plan to flash the factory image of 12 today, withotu doing a wipe of course. Will i be able to flash my custom kernles again?
How do we get in the download mode to install the OTA?
I do use adb reboot recovery
but every time, I got this.
E:\platform-tools>adb sideload E:\platform-tools\blueline-ota-sp1a.210812.015-cee465f5.zip
adb: sideload connection failed: device unauthorized.
This adb server's $ADB_VENDOR_KEYS is not set
Try 'adb kill-server' if that seems wrong.
Otherwise check for a confirmation dialog on your device.
adb: trying pre-KitKat sideload method...
adb: pre-KitKat sideload connection failed: device unauthorized.
This adb server's $ADB_VENDOR_KEYS is not set
Try 'adb kill-server' if that seems wrong.
Otherwise check for a confirmation dialog on your device.
E:\platform-tools>adb sideload E:\platform-tools\blueline-ota-sp1a.210812.015-cee465f5.zip
adb: sideload connection failed: no devices/emulators found
adb: trying pre-KitKat sideload method...
adb: pre-KitKat sideload connection failed: no devices/emulators found
ShadowJP88 said:
How do we get in the download mode to install the OTA?
I do use adb reboot recovery
but every time, I got this.
.....
Click to expand...
Click to collapse
Once you're in recovery, are you going into ADB sideload (hold the power button, then press the volume up key, then choose "Apply update from ADB")?
kfhughes said:
Once you're in recovery, are you going into ADB sideload (hold the power button, then press the volume up key, then choose "Apply update from ADB")?
Click to expand...
Click to collapse
I can't find out how... I only have the droid page with "no command" text
sorry i cant understand this:
* If, after flashing a patched boot image, you get the "unable to load/verify boot image", you probably didn't get the flags quite right. Just reflash vbmeta with the disable flags and that should fix the problem.
pixel 5 here, unlocked bootloader, did a clean flash, booted magisk , after direct install and restart i was stuck at booloader menu with that message, i don't understand what i have to do reading your post
where can i do this and how? Just reflash vbmeta with the disable flags
i had to clean flash again to use the phone
For re-flashing the vbmeta.img, my command has always been a little different than yours.
I use: fastboot flash --disable-verity --disable-verification vbmeta vbmeta.img
It's only a little different and your way might work, but if anyone has issues you could try this different command instead.
ShadowJP88 said:
I can't find out how... I only have the droid page with "no command" text
Click to expand...
Click to collapse
Hold down the power button and tap volume up to bring up the recovery menu.
V0latyle said:
With the Android 12 stable release just around the corner, I would like to make sure we have clear instructions on how to update with root.
These instructions work with the beta as well. This may seem redundant compared to other threads, but I wanted to consolidate the relevant information to one place.
WARNING: MANUALLY INSTALLING FACTORY UPDATES OR IMAGES REQUIRES AN UNLOCKED BOOTLOADER. If your bootloader is locked, DO NOT ATTEMPT THIS. You can, however, update using the OTA via ADB Sideload on a locked bootloader. DO NOT INSTALL THE BETA OTA WITH A LOCKED BOOTLOADER. BETA SOFTWARE IS EXPERIMENTAL AND MAY BE UNSTABLE, AND YOU MAY BE UNABLE TO RECOVER YOUR DEVICE IF SOMETHING GOES WRONG.
WARNING: MODIFY YOUR DEVICE AT YOUR OWN RISK. YOU ALONE WILL BE RESPONSIBLE FOR MALFUNCTION, DAMAGE, OR LOSS OF ANY KIND IF SOMETHING GOES WRONG.
Root will be done via Magisk. If you aren't already using it, download and install to your phone.
Warning: For the sake of simplicity, I frequently will use generalizations when referring to files ("[patched boot image]" instead of "magisk_patched-23001_xxxxx.img" for example). It is YOUR RESPONSIBILITY to ensure you are flashing the correct file. The easiest way to do this is type the command in the command line without the file itself, then drag and drop the file you want to flash into the command line window.
For those of you with a locked bootloader:
Simply install the update as usual via OTA, whether automatically through Android Update, or manually via adb sideload.
First, a bit of information on why you need to follow this guide (See this post)
Two new Verified Boot features implemented in Android 12 will interfere with attempts to root. A more detailed explanation is below if you would like.
Spoiler
Dm-verity (device-mapper-verity) is a method by which an image on block devices (the underlying storage layer of the file system) can be checked to determine if it matches an expected configuration, using a cryptographic hash tree. If the hash doesn't match, dm-verity prevents the stored code from loading.
Vbmeta verification is the other half of this - it provides a cryptographically signed reference hash which is used to verify the integrity of /boot, /system, and /vendor partitions. The vbmeta image is only used to verify /boot, while vbmeta-system is used to verify /system.
This was implemented to prevent persistent rootkits by means of a hardware level security check, to prevent "potentially harmful applications" such as Magisk from evading detection, as such applications residing within the kernel will have higher privileges than the detection applications.
What this means is that with these two enabled, a modified boot image will cause a verification error when flashed to the device, preventing boot. Interestingly, this check is not performed against "live" boot images loaded via ADB, so with dm-verity and vbmeta verification enabled, a modified image can be booted as long as the image in /boot is intact.
To update to Android 12 with data intact and reroot:
WARNING: Per Google, an Android 12 OTA should only be installed on a device running 12 DP or 12 Beta. However, other users were able to manually install the OTA via ADB without losing data, so DO THIS AT YOUR OWN RISK! It is currently unknown what Google's official instructions will be for installing the update, so the "best" current method is wait for automatic OTA.
Spoiler
If you update via automatic OTA:
1. Download the factory image (Yes, this is required) to your computer. Connect your device via USB.
2. Extract the contents of the factory image, then extract both boot.img and vbmeta.img from the image-[device].zip (where [device] is the codename for your device, such as Redfin for Pixel 5
3. Continue to Reflash vbmeta below
To manually install the OTA:
1. Download the OTA for your device, as well as the factory image (Yes, you need both) to your computer.
2. Install the OTA
3. Extract the contents of the factory image, then extract both boot.img and vbmeta.img from the image-[device].zip (where [device] is the codename for your device, such as Redfin for Pixel 5
4. Let the update complete, including reboot. Wait until you are in /system with the update process finished (no update notification)
5. Continue to Reflash vbmeta below
Reflash VBmeta
1. With device connected via USB, Developer Options enabled and USB Debugging enabled, reboot to bootloader using ADB:
Code:
adb reboot bootloader
2. Reflash vbmeta with dm-verity and boot verification disabled:
Code:
fastboot --disable-verity --disable-verification flash vbmeta vbmeta.img
3. Reboot to bootloader:
Code:
fastboot reboot bootloader
Continue to Patch Boot Image below.
To update to Android 12 using Android Flash Tool:
Spoiler
1. Open this link in Google Chrome (DO NOT USE MICROSOFT EDGE OR MOZILLA FIREFOX) Here is the link for beta
2. Connect your device via USB (make sure USB Debugging is enabled)
3. Enable ADB access in the browser
4. Select your device
5. Select the Android 12 build
6. IMPORTANT: Click the pencil icon next to the selected build
7. Ensure Wipe Device, Disable Verification, and Disable Verity are checked. DATA WIPE IS REQUIRED when updating from an older version of Android. Don't lock your bootloader if you want root. Force flash all partitions should not be necessary (but use this if you've run into problems and are starting over). Skip Secondary and Force Debuggable should be unchecked, unless you want to use ADB for root access on the stock kernel for some reason.
8. Click Install Build.
9. Wait until the update finishes.
10. Continue to Patch Boot Image below.
To update to Android 12 via ADB using the factory image:
Spoiler
1. Download the factory image to your computer and connect your device via USB, with USB debugging enabled.
2. Extract the contents of the factory ZIP
3. Reboot to bootloader:
Code:
adb reboot bootloader
4. If necessary, update the bootloader: WARNING: IF DONE INCORRECTLY THIS WILL BRICK YOUR DEVICE!
Code:
fastboot flash bootloader [bootloader image]
Reboot back to bootloader.
5. If necessary, update the radio:
Code:
fastboot flash radio [radio image]
Reboot to bootloader.
6. Install the update:
Code:
fastboot --disable-verity --disable-verification -w update [factory image zip]
DATA WIPE IS REQUIRED when updating from an older version of Android.
7. Let the update complete
8. Continue to Patch Boot Image below
Patch Boot Image:
Spoiler
1. Extract boot.img from the factory image ZIP if you haven't done so already
2. Install Magisk on your phone
3. Move the boot image to your phone via USB, and patch it using "Select and Patch a File" in Magisk
4. Move the patched boot image back to your PC
5. Reboot to bootloader
6. Flash the patched boot image:
Code:
fastboot flash boot [patched boot image]
7. Reboot to system.
For subsequent updates to Android 12:
Either install the update via OTA Sideload, then reflash vbmeta with disable flags set, or dirty flash the factory image with disable flags set.
Live boot your patched boot image from bootloader (as long as you're still on Android 12, the old kernel should work fine):
Code:
fastboot boot [patched boot image]
In system, launch Magisk then select "Direct Install" to patch the stock image in /boot.
Key reminders:
* The OTA does not have a way to set the disable flags for vbmeta, so if you update via OTA, you will have to reflash vbmeta with the disable flags every time you update.
* If you forget to do this and have a patched boot image, bootloader will return an error: "failed to load/verify boot image"
* The fastest and easiest way to update is via OTA, but remember you will lose root until you're able to reflash vbmeta and repatch the boot image.
* Manually patching the new boot image in Magisk via "Select and Patch a File" should be unnecessary every time you update. You can, instead, just keep the image you originally patched, boot it every time you update, and flash the stock image in /boot using Magisk.
* If, after flashing a patched boot image, you get the "unable to load/verify boot image", you probably didn't get the flags quite right. Just reflash vbmeta with the disable flags and that should fix the problem.
Click to expand...
Click to collapse
@V0latyle I think I know why some people are having issues with obtaining root or maintaining root on Android 12 official release... When you use the following command,
Code:
fastboot --disable-verity --disable-verification flash vbmeta vbmeta.img
I think after this command and then flashing the patched magisk boot image their might be a check on both slots. Would I be wrong suggesting for the disable vbmeta command be this instead?
Code:
fastboot --disable-verity --disable-verification flash --slot=all vbmeta vbmeta.img
I was having the same issue where it was saying that the system was corrupt and having to do a factory wipe after doing the command without --slot=all for the vbmeta disable flag command.
rester555 said:
@V0latyle I think I know why some people are having issues with obtaining root or maintaining root on Android 12 official release... When you use the following command,
Code:
fastboot --disable-verity --disable-verification flash vbmeta vbmeta.img
I think after this command and then flashing the patched magisk boot image their might be a check on both slots. Would I be wrong suggesting for the disable vbmeta command be this instead?
Code:
fastboot --disable-verity --disable-verification flash --slot=all vbmeta vbmeta.img
I was having the same issue where it was saying that the system was corrupt and having to do a factory wipe after doing the command without --slot=all for the vbmeta disable flag command.
Click to expand...
Click to collapse
I haven't read his full instructions hidden behind the spoiler tags, but in my experience after flashing the vbmeta.img the first time, I needed to follow it with "fastboot -w" and wipe my phone, then flash the patched boot.img.
On subsequent updates as long as I booted to bootloader immediately after flashing the OTA.zip to flash vbmeta, I didn't have to wipe. If I boot to system by mistake, I'll need to fastboot -w again
rester555 said:
@V0latyle I think I know why some people are having issues with obtaining root or maintaining root on Android 12 official release... When you use the following command,
Code:
fastboot --disable-verity --disable-verification flash vbmeta vbmeta.img
I think after this command and then flashing the patched magisk boot image their might be a check on both slots. Would I be wrong suggesting for the disable vbmeta command be this instead?
Code:
fastboot --disable-verity --disable-verification flash --slot=all vbmeta vbmeta.img
Click to expand...
Click to collapse
xunholyx said:
I haven't read his full instructions hidden behind the spoiler tags, but in my experience after flashing the vbmeta.img the first time, I needed to follow it with "fastboot -w" and wipe my phone, then flash the patched boot.img.
On subsequent updates as long as I booted to bootloader immediately after flashing the OTA.zip to flash vbmeta, I didn't have to wipe. If I boot to system by mistake, I'll need to fastboot -w again
Click to expand...
Click to collapse
@xunholyx I did what you suggested, flashing the vbmeta.img and then patching the magisk boot image and I got the corrupt system message in recovery. So I ended up reflashing stock image with wipe through adb.. did minimal initial setup, then reflashed the vbmeta.img to all slots and then immediately flashed the patched magisk image. That seemed to work for me to gain root on A12.
Did as you showed , and it works well .Thank!
4a 5G here (sorry, I know that this is the section for Pixel 5, but I assume most or all things are the same). I rushed and installed the OTA the normal way, thinking I'll be able to patch and flash boot.img afterwards (like normally). Update went fine (upgrading from 11, haven't used any of the DPs/betas), but after I flash the patched boot.img, I get "failed to load/verify boot images" in fastboot. Am I out of luck?
rester555 said:
@V0latyle I think I know why some people are having issues with obtaining root or maintaining root on Android 12 official release... When you use the following command,
Code:
fastboot --disable-verity --disable-verification flash vbmeta vbmeta.img
I think after this command and then flashing the patched magisk boot image their might be a check on both slots. Would I be wrong suggesting for the disable vbmeta command be this instead?
Code:
fastboot --disable-verity --disable-verification flash --slot=all vbmeta vbmeta.img
I was having the same issue where it was saying that the system was corrupt and having to do a factory wipe after doing the command without --slot=all for the vbmeta disable flag command.
Click to expand...
Click to collapse
So are you saying that using the slot all flag fixed your problem?
killchain said:
4a 5G here (sorry, I know that this is the section for Pixel 5, but I assume most or all things are the same). I rushed and installed the OTA the normal way, thinking I'll be able to patch and flash boot.img afterwards (like normally). Update went fine (upgrading from 11, haven't used any of the DPs/betas), but after I flash the patched boot.img, I get "failed to load/verify boot images" in fastboot. Am I out of luck?
Click to expand...
Click to collapse
Did you follow the instructions on flashing vbmeta with the disable flags set?
Another 4a 5G owner here. I installed the OTA via recovery yesterday and tried to flash a patched boot.img, but got "failed to load/verify boot images". Reanimated the phone using a factory image, then tried to flash vbmeta.img with verification disabled (but no wipe) and patched boot.img. The phone couldn't boot into the system and offered to perform factory reset. I didn't want to wipe anything so I didn't go with it, but it seems like there is no way to root 4a 5G and keep your data (at least for now).
But I will be happy to be proven wrong!
Hello I managed to obtain root on
UMIDIGI A11 Pro Max on Android 11
Prerequisites: bootloader must be unlocked.... Before you proceed....
Now it's very simple manually input commands in cmd or like I did it through Linux mint in a terminal type
Fastboot --disable-verity --disable-verification flash boot magisk_patched-23000_xBY53.img
Fastboot --disable-verity --disable-verification flash vbmeta vbmeta.img
Once you do those commands
Restart your phone and done!!! You will now be rooted with magisk...
Remember before you type any of the above commands make sure to unlock your bootloader
Fastboot OEM unlock....
Do you have the global version?
I'm thinking about this phone.
Daflow77 said:
Remember before you type any of the above commands make sure to unlock your bootloader
Fastboot OEM unlock....
Click to expand...
Click to collapse
I am just about to buy this phone, I must have root to add hosts to the hostfile, anyway my question is around unlocking the bootloader, many phones nowadays don't allow that it seems, no codes, no hacking to get it unlocked ? just unlock it at the fastboot command line ?
How to Boot Umidigi A11 Pro Max Recovery Mode and Fastboot Mode - Droid Recovery
Want to Boot Umidigi A11 Pro Max into Recovery Mode or Fastboot Mode or Bootloader Mode? Then follow the instructions listed on this page to successfully Boot Umidigi A11 Pro Max to Fastboot Mode or Recovery Mode.Umidigi A11 Pro Max Recovery Mode allows the users to perform advanced operations...
droidrecovery.com
Here is a link for that info.
Daflow77 said:
Hello I managed to obtain root on
UMIDIGI A11 Pro Max on Android 11
Prerequisites: bootloader must be unlocked.... Before you proceed....
Now it's very simple manually input commands in cmd or like I did it through Linux mint in a terminal type
Fastboot --disable-verity --disable-verification flash boot magisk_patched-23000_xBY53.img
Fastboot --disable-verity --disable-verification flash vbmeta vbmeta.img
Once you do those commands
Restart your phone and done!!! You will now be rooted with magisk...
Remember before you type any of the above commands make sure to unlock your bootloader
Fastboot OEM unlock....
Click to expand...
Click to collapse
to unlock the bootloader do you need to buy the code?
Arthur 84 said:
to unlock the bootloader do you need to buy the code?
Click to expand...
Click to collapse
No....
Daflow77 said:
No....
Click to expand...
Click to collapse
could you tell me how? I already enter bootloader mode and it only stays in waiting for device, and in fastboot mode it puts me, failed (remote: command not supported in default implementation)
fastboot flashing unlock
Daflow77 said:
fastboot flashing unlock
Click to expand...
Click to collapse
in fastboot or bootloader mode? sorry for so many questions
Fastboot mode
Want do you think of the phone?
Daflow77 said:
Hello I managed to obtain root on
UMIDIGI A11 Pro Max on Android 11
Prerequisites: bootloader must be unlocked.... Before you proceed....
Click to expand...
Click to collapse
Just wanted to say thank you! Bought my phone and rooted it this weekend.
That's awesome
Daflow77 said:
Hello I managed to obtain root on
UMIDIGI A11 Pro Max on Android 11
Prerequisites: bootloader must be unlocked.... Before you proceed....
Now it's very simple manually input commands in cmd or like I did it through Linux mint in a terminal type
Fastboot --disable-verity --disable-verification flash boot magisk_patched-23000_xBY53.img
Fastboot --disable-verity --disable-verification flash vbmeta vbmeta.img
Once you do those commands
Restart your phone and done!!! You will now be rooted with magisk...
Remember before you type any of the above commands make sure to unlock your bootloader
Fastboot OEM unlock....
Click to expand...
Click to collapse
I confirm. This actually works. Just rooted mine.
I used my own patch boot and used your vbmeta.img and it works on the A11
fastboot --disable-verity --disable-verification flash vbmeta vbmeta.img
In a boot loop after successfully flashing through fastboot. Can get back into fastboot mode but not recovery. Fixes? TIA.
Accidentally (more like stupidly) updated Magisk to version 24 and lost Magisk-hide.
I'm trying to reflash version 23 patched-boot-image but i get:
Code:
terminate called after throwing an instance of 'std::out_of_range'
what(): basic_string::compare: __pos (which is 33554368) > this->size() (which is 0)
Abandon (core dumped)
When trying to flash vbmeta.img i get:
Code:
Rewriting vbmeta struct at offset: 0
Sending 'vbmeta' (4 KB) OKAY [ 0.001s]
Writing 'vbmeta' FAILED (remote: 'No such file or directory')
fastboot: error: Command failed
I know it has something to do with the img size. Any ideas how to start over again?
Thanks
Tulainas said:
Accidentally (more like stupidly) updated Magisk to version 24 and lost Magisk-hide.
I'm trying to reflash version 23 patched-boot-image but i get:
Code:
terminate called after throwing an instance of 'std::out_of_range'
what(): basic_string::compare: __pos (which is 33554368) > this->size() (which is 0)
Abandon (core dumped)
When trying to flash vbmeta.img i get:
Code:
Rewriting vbmeta struct at offset: 0
Sending 'vbmeta' (4 KB) OKAY [ 0.001s]
Writing 'vbmeta' FAILED (remote: 'No such file or directory')
fastboot: error: Command failed
I know it has something to do with the img size. Any ideas how to start over again?
Thanks
Click to expand...
Click to collapse
UPDATE!
I was in 'fastbootd' mode, triggered by adb-reboot-fastboot. That's why it wasn't working.
I had to boot into 'fastboot' mode from the recovery menu, and it worked like a charm. Once again!
These commands can be used in fastboot on windows?
Arthur 84 said:
in fastboot or bootloader mode? sorry for so many questions
Click to expand...
Click to collapse
Did you get your issue resolved?
Hello there.
I have a Redmi pad running on mediatek helio g99(Treble A/B partition)
I have recently compiled orangefox recovery for my device and trying to boot from the image so that i can make my recovery permanent. But i get the following error:
Code:
fastboot boot OrangeFox-Unofficial-yunluo.img
Sending 'boot.img' (65536 KB) OKAY [ 1.826s]
Booting FAILED (remote: 'unknown command')
fastboot: error: Command failed
Any solutions?
Obviously the Fastboot command "boot" isn't supported on your
XIAOMI REDMI PAD ( Android 12, MIUI 13.1 ).
ghostranger047 said:
Hello there.
I have a Redmi pad running on mediatek helio g99(Treble A/B partition)
I have recently compiled orangefox recovery for my device and trying to boot from the image so that i can make my recovery permanent. But i get the following error:
Code:
fastboot boot OrangeFox-Unofficial-yunluo.img
Sending 'boot.img' (65536 KB) OKAY [ 1.826s]
Booting FAILED (remote: 'unknown command')
fastboot: error: Command failed
Any solutions?
Click to expand...
Click to collapse
Try
fastboot boot recovery OrangeFox-Unofficial-yunluo.img
ghostranger047 said:
Hello there.
I have a Redmi pad running on mediatek helio g99(Treble A/B partition)
I have recently compiled orangefox recovery for my device and trying to boot from the image so that i can make my recovery permanent. But i get the following error:
Code:
fastboot boot OrangeFox-Unofficial-yunluo.img
Sending 'boot.img' (65536 KB) OKAY [ 1.826s]
Booting FAILED (remote: 'unknown command')
fastboot: error: Command failed
Any solutions?
Click to expand...
Click to collapse
Also on devices that have a neutered version of fastboot (or none at all) you can use mtkclient which can also unlock bootloader, etc on the pesky ones.
You can find mtkclient on github.com :
GitHub - bkerler/mtkclient: MTK reverse engineering and flash tool
MTK reverse engineering and flash tool. Contribute to bkerler/mtkclient development by creating an account on GitHub.
github.com
If you're not really familiar with Linux, there's a gui for windows they were nice enough to include so it's not all terminal command line.
Droidriven said:
Try
fastboot boot recovery OrangeFox-Unofficial-yunluo.img
Click to expand...
Click to collapse
Didn't work.
Code:
fastboot: error: cannot load 'recovery': No such file or directory
ghostranger047 said:
Didn't work.
Code:
fastboot: error: cannot load 'recovery': No such file or directory
Click to expand...
Click to collapse
Do you have the recovery .img in the folder where fastboot.exe is located on your PC? If not, you will have to include a <path to flie> in your command line.
Droidriven said:
Do you have the recovery .img in the folder where fastboot.exe is located on your PC? If not, you will have to include a <path to flie> in your command line.
Click to expand...
Click to collapse
I dont have a recovery image for my device, its A/B partition with only boot image. And yes OrangeFox-Unofficial-yunluo.img is inside the same folder as fastboot.exe.
ghostranger047 said:
I dont have a recovery image for my device, its A/B partition with only boot image. And yes OrangeFox-Unofficial-yunluo.img is inside the same folder as fastboot.exe.
Click to expand...
Click to collapse
If you are trying to fastboot boot a TWRP or Orangefox recovery, you need a TWRP or Orangefox recovery.img to do it. There is a difference between a boot.img and a recovery.img.
Your posts are confusing and contradicting each other. To clarify, what exactly are you trying to boot? A boot.img or a recovery.img? The Orangefox .img you have is a boot.img or a recovery.img? Are you trying to boot a temporary TWRP session in order to install Orangefox recovery, or what? If you are using a boot.img, you should be trying to flash that boot.img instead of fastboot booting a TWRP or Orangefox recovery session. Typically, "fastboot boot" command is used to boot a temporary recovery session(usually on devices that have locked bootloader) and then use that temporary recovery session to flash a custom file or modify something on the device. Is your bootloader locked or unlocked? If it is unlocked, you should be able to flash your modified boot.img instead of having to fastboot boot TWRP or Orangefox.
Either you don't understand what you are doing or you are not wording yourself correctly and I'm misunderstanding your intent. Help me make sense of what you are trying to do and what you want your end result to be.
@Droidriven you are the noob here..
aIecxs said:
@Droidriven you are the noob here..
Click to expand...
Click to collapse
No. 10+ years is far from noob. I'm just trying to make sense of what they are after. In their first post, they said they had just compiled Orangefox recovery and the title says ("fastboot boot TWRP.img failed", this command is used to boot a recovery.img, not a boot.img) of which, both are recoveries but then they say they don't have a recovery.img and their original failed command says "boot.img". In my experience, to "fastboot boot TWRP.img" means to boot a temporary TWRP recovery session and then flashing/modifying from within that temporary recovery session, fastboot booting a boot.img is something completely different. I'm just trying to establish which of these is their actual goal. Now, do you see the convolutedness of what the title says and what their posts say and how the wording conflicts?
I've personally used fastboot boot TWRP.img command to boot a temporary TWRP recovery session, not a "boot.img". What they are describing is something different from that process but they are trying to use the same command that boots a temporary TWRP recovery session.
If they are trying to boot a "boot.img" then they should be using a "fastboot boot boot.img" command, not a "fastboot boot TWRP.img" command, correct? Again, conflicting information. Do you understand why I'm trying to clarify now?
see post #1 ghostranger047 for right usage.
the phone answered with FAILED (remote: 'unknown command')
the correct answer is in post #2. on SAR devices, init is in / rootdir of system partition. in case boot.img/recovery.img itself contains no kernel/ramdisk, booting straight from fastboot no longer works (might be the reason why Xiaomi disabled that cmd, or he's simply in fastbootd).
fastboot boot accepts 1 argument (file). you are giving advise to pass 2 arguments. 1st argument 'recovery': No such file or directory, 2nd argument is ignored.
you with 10+ years experience for sure know that fastboot boot cmd always state Sending 'boot.img' (65536 KB) regardless of the file name provided, be it recovery.img or boot.img
OP is very clear in what he said. He wants to boot in his own compiled (orangefox, based on twrp) recovery.img, nothing else.
you are confusing yourself.
edit: btw fastboot boot is forbidden on locked bootloader, otherwise anyone could just boot into magisk patched boot.img
found another possible reason why fastboot boot won't work when it should.
Exelios said:
Even worse than that "fastboot boot" works only if current slot is not marked as not bootable, so any try to launch TWRP fails once your in this mode.
Click to expand...
Click to collapse
Worth a try checking which slot is flagged bootable and set as active (the one with yes)
Code:
fastboot getvar current-slot
fastboot getvar slot-bootable
fastboot getvar slot-successful
fastboot --set-active=other
aIecxs said:
see post #1 ghostranger047 for right usage.
the phone answered with FAILED (remote: 'unknown command')
the correct answer is in post #2. on SAR devices, init is in / rootdir of system partition. in case boot.img/recovery.img itself contains no kernel/ramdisk, booting straight from fastboot no longer works (might be the reason why Xiaomi disabled that cmd, or he's simply in fastbootd).
fastboot boot accepts 1 argument (file). you are giving advise to pass 2 arguments. 1st argument 'recovery': No such file or directory, 2nd argument is ignored.
you with 10+ years experience for sure know that fastboot boot cmd always state Sending 'boot.img' (65536 KB) regardless of the file name provided, be it recovery.img or boot.img
OP is very clear in what he said. He wants to boot in his own compiled (orangefox, based on twrp) recovery.img, nothing else.
you are confusing yourself.
edit: btw fastboot boot is forbidden on locked bootloader, otherwise anyone could just boot into magisk patched boot.img
Click to expand...
Click to collapse
I used a tool that used a script with the fastboot boot command to boot a temporary TWRP img while in fastboot mode on a locked bootloader Intel Atom device. With A/B devices, partitions and where everything is at changed but the basic function of the commands changed very little.
As for the part you said about I should know that the command returns "sending boot.img", that has nothing to do with I said or why I said it, it has to do with the fact that the OP themselves stated that they didn't have a recovery .img, that they had a A/B device, that they were using a boot.img(not a recovery .img). See the confusion? You are confused by what I'm saying about being confused about what they are saying.
I think you got it
ghostranger047 said:
Hello there.
I have a Redmi pad running on mediatek helio g99(Treble A/B partition)
I have recently compiled orangefox recovery for my device and trying to boot from the image so that i can make my recovery permanent. But i get the following error:
Code:
fastboot boot OrangeFox-Unofficial-yunluo.img
Sending 'boot.img' (65536 KB) OKAY [ 1.826s]
Booting FAILED (remote: 'unknown command')
fastboot: error: Command failed
Any solutions?
Click to expand...
Click to collapse
did you manage to run this on your device?