Related
This is not a question about how to root the Atrix. I've already done that.
My question is about what actually is changed in the phone by following the root procedure. (I searched the forum but didn't find elsewhere the answers I look for).
Why do I ask?
1) Because I'd like to have a better understanding of the android OS.
2) Because I'd like to understand and know what do I need to do in case I want to unroot and return to plain stock.
My case:
(I've just rooted my Atrix. I didn't unlock it)
I've followed the "manual" procedure proposed by BriefMobile.
I can essentially understand (more or less) the commands listed (mount, remount, cp, install, chmod 6755, flash...)
What I'd like to understand better is what changes does the command
Code:
fastboot flash preinstall root.img
Does it just copy new files? Or does it copy (and replace) files on the phone?
(In the second case I'm afraid I made a mistake in not backing them up before running that command...)
Thanks in advance for your help.
Putting it in Windows terms (because Android is Linux), root is like having administrator privileges on your computer. It allows you to modify any system files that would normally be kept locked down. It also allows you to run applications, such as SetCPU, which can directly control hardware (in this case CPU frequency/speed and voltage) and low-level system files. Root in Android is comprised of two main files: the "su" binary (which is the command that applications use to invoke a request to do something with root privileges) and the SuperUser.apk (SuperUser app that's in the app drawer). The SuperUser app exists to prompt you whenever an application asks for root permission. So if you go into the terminal and type a low-level command, you'll see something like, "You do not have permission to do this". But if you type "su" before the command, it will run if you hit "Allow" on the SuperUser request.
Get it?
Product F(RED) said:
....
Get it?
Click to expand...
Click to collapse
Thanks Product F(RED) .
Yes I got it.
I already knew what rooting means in general terms.
What I really asked (sorry if I wasn't clear enough) is what does the root "physically" change on the phone.
According to your answer I assume it just adds the "su" binary and the "SuperUser" app (apart from changing some permission on some system folders) and that it doesn't replace any "stock" system file.
I also assume that these new files are extracted from the "root.img" (or "preinstall.img") files flashed by the fastboot command.
Is it so?
I was a little confused because I saw in some other forum a reference to some "stock" files wiped out in the /preinstall/app/ folder by the root process, mining the reversibility of the procedure (in case of no previous full system backup).
sphere314 said:
Thanks Product F(RED) .
Yes I got it.
I already knew what rooting means in general terms.
What I really asked (sorry if I wasn't clear enough) is what does the root "physically" change on the phone.
According to your answer I assume it just adds the "su" binary and the "SuperUser" app (apart from changing some permission on some system folders) and that it doesn't replace any "stock" system file.
I also assume that these new files are extracted from the "root.img" (or "preinstall.img") files flashed by the fastboot command.
Is it so?
I was a little confused because I saw in some other forum a reference to some "stock" files wiped out in the /preinstall/app/ folder by the root process.
Click to expand...
Click to collapse
Pretty much, yes, you're adding those two files (as well as another called BusyBox that allows other files to run, but this you can install after you root). The scenario I'm describing is that you're on a stock ROM and you just rooted your phone for the first time.
Though fastboot is present on every phone, using it to flash those two files seems to be unique to your phone because rooting methods vary from phone to phone. But basically the two most common methods are:
1. You flash a custom recovery from your computer if your phone's bootloader is not locked, and then you can flash the root files (su/SuperUser.apk) to the ROM from there or just flash a custom ROM that includes them.
or
2. You use fastboot/adb/some third-party method to root the stock ROM on your phone from your computer, then you install a custom recovery, and then you can flash custom ROMs/kernels/etc.
That /preinstall/app folder seems to be unique to your phone, but if I had to guess, it has something to do with deleting preloaded bloatware that comes with the phone. Because out of the box you can't, but once you have root permissions, you can go to that folder with a file manager to delete the APKs or use something like Titanium Backup to do it.
Product F(RED) said:
Pretty much, yes, you're adding those two files (as well as another called BusyBox that allows other files to run, but this you can install after you root). The scenario I'm describing is that you're on a stock ROM and you just rooted your phone for the first time.
Though fastboot is present on every phone, using it to flash those two files seems to be unique to your phone because rooting methods vary from phone to phone. But basically the two most common methods are:
1. You flash a custom recovery from your computer if your phone's bootloader is not locked, and then you can flash the root files (su/SuperUser.apk) to the ROM from there or just flash a custom ROM that includes them.
or
2. You use fastboot/adb/some third-party method to root the stock ROM on your phone from your computer, then you install a custom recovery, and then you can flash custom ROMs/kernels/etc.
That /preinstall/app folder seems to be unique to your phone, but if I had to guess, it has something to do with deleting preloaded bloatware that comes with the phone. Because out of the box you can't, but once you have root permissions, you can go to that folder with a file manager to delete the APKs or use something like Titanium Backup to do it.
Click to expand...
Click to collapse
Thanks again Product F(RED).
Things are clearer now.
I wasn't aware of the installation of "BusyBox" (I found it in my phone in the folder /osh/bin/)
I think the root method I used (BriefMobile) is the type 2. I didn't install a custom recovery as I'm not interested yet in flashing custom ROMs/kernels/etc.
So, to summarize...
The basic root methods (no unlock) consists in
1) install the "su" binary
2) install the "busybox" binary
3) install the "superuser.apk" app
4) change some r-w permissions
In my case (probably) the root method also wiped out some preloaded bloatware file in the /preinstall/app folder but that's not essential (unless Moto makes a check for the presence of those files before an OTA update).
They usually do check (and will fail) because OTA's are like patches; not really replacements for the whole /system/ partition. Never take an OTA when you're rooted, especially because they can do things like update and lock your bootloader, among other things. It's safer to wait until rooted versions pop up in the development section for your phone.
Hello,
I want to root my device with odin and chainfire. I know this basically leaves my recovery
untouched and modifies some system files so as to allow root apps to install themselves
in a way that they can run with root permssion.
1. I would like to know more about exactly what changes this kind of rooting does to the
device's file system.
2. I want to back up my ROM before this (not my data, just the program that factory
resets my device). That way, if I don't like something or something doesn't work I know
I can go back.
3. If once I root my device I install ClockworkMod as my recovery, does that mean my
old recovery is gone forever and I cannot get it back (not that I would probably need it
but just in case).
Can someone please help?
Thanks,
John Goche
johngoche99 said:
Hello,
I want to root my device with odin and chainfire. I know this basically leaves my recovery
untouched and modifies some system files so as to allow root apps to install themselves
in a way that they can run with root permssion.
1. I would like to know more about exactly what changes this kind of rooting does to the
device's file system.
2. I want to back up my ROM before this (not my data, just the program that factory
resets my device). That way, if I don't like something or something doesn't work I know
I can go back.
3. If once I root my device I install ClockworkMod as my recovery, does that mean my
old recovery is gone forever and I cannot get it back (not that I would probably need it
but just in case).
Can someone please help?
Thanks,
John Goche
Click to expand...
Click to collapse
1. It doesn't make any changes to the file system. Are you sure you're using the right term?
It tells you what it does here:
http://autoroot.chainfire.eu
2. You cannot back up your rom before rooting. You require a custom recovery to do this... unless the s3 toolbox does this??have a look. There is a nandroid over adb option
http://forum.xda-developers.com/showthread.php?t=1746680
Factory reset only manages /data I.e your stuff. It doesn't restore roms
3. The toolbox in 2. Can flash stock recovery
Sent from my GT-I9300 using Tapatalk 2
1. OK, so there's the ROM, and there's the filesystem. So it's not like in Unix where everything is a file.
I thought the ROM includes all the files which are part of the filesystem including /system/xbin and the
kernel. I thought the filesystem is part of the flashed ROM, not a separate thing.
2. I have adb installed. How do I do a nandroid over adb?
3. OK, so the default recovery just restores the /data partition.
johngoche99 said:
1. OK, so there's the ROM, and there's the filesystem. So it's not like in Unix where everything is a file.
I thought the ROM includes all the files which are part of the filesystem including /system/xbin and the
kernel. I thought the filesystem is part of the flashed ROM, not a separate thing.
2. I have adb installed. How do I do a nandroid over adb?
3. OK, so the default recovery just restores the /data partition.
Click to expand...
Click to collapse
1. File system = ext4, fat32, ntfs etc.
The ROM is a collection of files, within the /system partition and a kernel (boot.img). Of course there is a file system beneath this but its completely irrelevant to our discussions.
But cf auto root puts an app in /system/app and a binary in /system/bin. I suppose you're using "filesystem" in the way linux uses that to navigate to the /root of the OS.
2. Download the windows application I linked you to and follow the prompts to set up correctly. Then its a menu option
3. The stock recovery only WIPES the /data partition. It restores nothing
Sent from my GT-I9300 using Tapatalk 2
1. OK, the ROM is a collection of files. Now I'm in sync. So only two files are modified during the rooting process,
and app in /system/app (which does what?) and a binary in /system/bin (presumably a shell?).
2. Download the windows application I linked you to and follow the prompts to set up correctly. Then its a menu option
Where is the windows application you linked me. With all the clutter on the XDA pages I can hardly see it.
3. The stock recovery only WIPES the /data partition. It restores nothing
Thanks. Not sure why the data partition is not browsable with adb shell by default.
Thanks.
The su binary is the actual root. But you need a superuser app too. The app acts as a gatekeeper. When you run an app that requires root, superuser app opens and asks you if you want to allow or deny access to this app. Think of it as a level of protection
The link in my first post in my number 2. Answer is a specific thread for the windows application called unified toolbox. Just read all of post one. It tells you everything you need to know.
/data is protected because things that could otherwise be deleted can prevent android from booting up.
Not sure if you're familiar with Linux, but /data isn't quite the same as your home directory. That would be /sdcard. I suppose the Linux equivalent of /data would be /usr (although not really as despite their similarity, linux and android are not the same. Only really the kernel)
Sent from my GT-I9300 using Tapatalk 2
I'm running the stock ROM, rooted, and just with a few mods (back button menu, 1% battery, remove ATT bloatware).
Whenever I make a change to the host file at /system/etc/hosts, after I reboot to apply, it's been reset to the 60-byte default host file, wiping my changes out. Yes, I am mounting /system R/W before making my changes. It doesn't matter if I remount /system back to R/O before rebooting, the file still reverts. Even if I set the permissions on the file to read-only after making my change, it still reverts.
Is there anything I can set to make my modified host file stick? Or is /system always reloaded?
I do see that the Cognition ROM has writable /system as one of its features, suggesting that the stock ROM does something like this with /system.
There's a kernel mod you can flash over on the international side that disables the stock kernel protection, or you can flash one of the custom kernels that have no such protection.
gunnyman said:
There's a kernel mod you can flash over on the international side that disables the stock kernel protection, or you can flash one of the custom kernels that have no such protection.
Click to expand...
Click to collapse
Thanks.
Flashed Cognition ROM and my host file stayed modified after a reboot. May have been more heavy-handed a change than required, but it worked.
:laugh:use root explorer to make the host's file will be read only and try again
Hello, im having a couple of problems regarding my filesystem as well as the app supersu and its binary file.
To start, i rooted with kingroot and switched to supersu using terminal emulator commands. There are still kingroot files in my xbin which i will attatch a picture showing the contents of my xbin folder in attatchments (i also have .tmpsu in xbin) please ask if you need more pictures or information of files located in my directories.
The problems i need help with is:
1. I cannot mount /system or any foler in that directory as r/w, i feel that there is a file located somewhere that is preventing me from mounting /system as r/w.
2. I cannot update the su binary, i have tried normal and twrp modes neither work. Ive also tried flashing the UPDATE-supersu-2.78.zip in twrp and that doesnt work either. It says that it installed but nothing changes once i boot back into system, i feel that me not being able to mount /system as r/w is preventing me from updating the su binary.
I need help on how to regain conrtol of my /system and how to update the su binary. Any help? Thank you
Some specs of phone:
Android 5.1
Cpu model - AArch64 processor rev 4
Kernel version - 3.10.65+
Model - blu vivo xl
icy201 said:
Hello, im having a couple of problems regarding my filesystem as well as the app supersu and its binary file.
To start, i rooted with kingroot and switched to supersu using terminal emulator commands. There are still kingroot files in my xbin which i will attatch a picture showing the contents of my xbin folder in attatchments (i also have .tmpsu in xbin) please ask if you need more pictures or information of files located in my directories.
The problems i need help with is:
1. I cannot mount /system or any foler in that directory as r/w, i feel that there is a file located somewhere that is preventing me from mounting /system as r/w.
2. I cannot update the su binary, i have tried normal and twrp modes neither work. Ive also tried flashing the UPDATE-supersu-2.78.zip in twrp and that doesnt work either. It says that it installed but nothing changes once i boot back into system, i feel that me not being able to mount /system as r/w is preventing me from updating the su binary.
I need help on how to regain conrtol of my /system and how to update the su binary. Any help? Thank you
Some specs of phone:
Android 5.1
Cpu model - AArch64 processor rev 4
Kernel version - 3.10.65+
Model - blu vivo xl
Click to expand...
Click to collapse
download root checker from the play store and make sure that u have root access on your device
messi2050 said:
download root checker from the play store and make sure that u have root access on your device
Click to expand...
Click to collapse
It says i have properly installed root access. Something fishy is going on with my root and my system.
icy201 said:
It says i have properly installed root access. Something fishy is going on with my root and my system.
Click to expand...
Click to collapse
then u can try to completely uninstall root from inside super su/king root apps and then reinstall it
messi2050 said:
then u can try to completely uninstall root from inside super su/king root apps and then reinstall it
Click to expand...
Click to collapse
I did try that too, it took around 15-20 minutes to uninstall then when i rebooted the app was gone but my device still had root. I did get it to uninstall root 1 time then i went and flashed the zip file and the same problem occured again. Maybe kingroot just f-ed up my device so root will never work properly again? Maybe a virus? Idk whats going on with it.
icy201 said:
I did try that too, it took around 15-20 minutes to uninstall then when i rebooted the app was gone but my device still had root. I did get it to uninstall root 1 time then i went and flashed the zip file and the same problem occured again. Maybe kingroot just f-ed up my device so root will never work properly again? Maybe a virus? Idk whats going on with it.
Click to expand...
Click to collapse
Your device does not have twrp/cwm port ?
It does, i have twrp(touch) 3.0 for blu vivo xl. Thats the only way i got my device unrooted one time. What i had to do i had to boot into recovery, mount /system, reboot into system then root explorer would allow me to mount /system as r/w but i believe theres a script or something somewhere that is locking the /system into read only mode cause after a short period of time (around 5 minutes or so) i can no longer modify or delete anything in that folder even though it still says its in r/w and if i close root explorer and reopen it it shows that its back in read only mode even though i didnt change it back to that.
Edit: if i mount /system in twrp and boot into system when i boot back into twrp system is not mounted anymore, idk if its supposed to do that or not.
These are the only possible solutions ive been able to find that do kinda make sense.
"It's because you need a boot.img with r.o secure=0 in the build prop" i went and looked and my file says r.o secure=1 that would explain why my system will not mount as r/w.
Another post i found said -
"I've found the source of the problem asking in the MIUI forums, the boot image will not accept a modified /system.
You have to use the adb interface: adb devices then adb disable-verity.
Disclaimer: I'm not responsible for any damage caused by these operations."
The second solution seems more reasonable and alot easier to do. My question now is: will one or both of these solutions possibly fix both my problems? And the second solution disabling verify should that be okay to do without messing up my device? I do have that recovery i could flash but dont wanna do anything that might make the phone not boot into recovery.
icy201 said:
It does, i have twrp(touch) 3.0 for blu vivo xl. Thats the only way i got my device unrooted one time. What i had to do i had to boot into recovery, mount /system, reboot into system then root explorer would allow me to mount /system as r/w but i believe theres a script or something somewhere that is locking the /system into read only mode cause after a short period of time (around 5 minutes or so) i can no longer modify or delete anything in that folder even though it still says its in r/w and if i close root explorer and reopen it it shows that its back in read only mode even though i didnt change it back to that.
Edit: if i mount /system in twrp and boot into system when i boot back into twrp system is not mounted anymore, idk if its supposed to do that or not.
Click to expand...
Click to collapse
Yes that's normal , your problem is because of a buggy root
messi2050 said:
Yes that's normal , your problem is because of a buggy root
Click to expand...
Click to collapse
I just remembered something. I think i know what bugged it. I was trying to do an ota update for my device and it wouldnt let me. I found another app by chainfire called flashfire. I tried to flash the ota update and i had the option "inject supersu" enabled even though i already had supersu installed and everything else i needed for root. I guess doing that messed up all my su files ect.. But how do i fix it? I cant uninstall root cause my /system folder is locked into r/o. If i press full unroot in supersu it will remove the app (although it takes a while!) but all the files needed for root stay.
Guess there just no fixing this phone. Someone really hacked it good i guess, problem is still there and nothing can fix it...
Update - thread can be closed
Problem fixed, to fix the problems i was having i had to download the stock system files for my device and flash them, after that just installed the latest supersu 2.78 zip and remount problem is fixed.
This guide is to help anyone who wants to use Android Pay but his XC phone is unlocked and rooted. It begins with an unlocked phone with a valid backup of the TA partition as well as an unrooted /system partition.
Prerequisites:
1. A backup of TA partition (https://forum.xda-developers.com/crossdevice-dev/sony/universal-dirtycow-based-ta-backup-t3514236)
2. Unlocked bootloader
3. Working fastboot driver and command
4. Clean /system partition without any trace of su. Systemless root is fine because it will be overwritten by the new kernel. If needed, flash the stock system partition again.
5. TWRP image for XC (https://drive.google.com/open?id=0B0j3VJ1Xp5N8M1ZGbzBBMTdyRnM)
6. Stock kernel image (Extract kernel.sin from official FTF)
7. Trim Area Proof Of Concept (https://forum.xda-developers.com/crossdevice-dev/sony/poc-real-trim-instead-drm-fix-t3552893)
8. Tobias kernel repack tool (https://forum.xda-developers.com/xp...oot-automatic-repack-stock-kernel-dm-t3301605)
9. Magisk v12.0 flashable zip, not Manager app (https://forum.xda-developers.com/apps/magisk/official-magisk-v7-universal-systemless-t3473445)
Procedures:
1. Run TA PoC (DOUBLECLICKME.bat). You'll be asked to select your kernel image (kernel.sin) and TA backup (your TA backup file). Choose also to disable DM-Verity, Sony RIC but keep Force-encrypt (my data partition is encrypted, your choice). At the end a new file new_boot.img will be created.
2. Copy the new_boot.img in step 1 to Tobias tool folder. In the same folder, execute the following command. Again, disable Sony RIC, don't install TWRP, don't install DRM fix and don't install Busybox. At the end, another file boot.img will be created.
Code:
rootkernel.cmd new_boot.img boot.img
3. Power off your phone. Power on again while holding volume up rocker to enter fast boot mode. Execute the following command to flash the new boot image. Replace boot.img with your new image in step 2 with full path.
Code:
fastboot.exe flash boot [I]boot.img[/I]
4. Reboot your phone. No root or SuperSU app should be found.
5. Copy Magisk zip file into phone internal storage.
6. Dial *#*#7378423#*#*, followed by Service Test > Security to check if DRM is detected properly. At this point of time, your phone should be su free and DRM working properly.
7. Power off your phone. Power on again while holding volume up rocker to enter fast boot mode. Execute the following command to boot TWRP. Replace twrp.img with your TWRP image with full path.
Code:
fastboot.exe boot [I]TWRP.img[/I]
8. In TWRP, flash Magisk zip
9. Reboot your phone. Install Magisk Manager app (no long available in Play Store) (http://tiny.cc/latestmanager)
10. Run Magisk Manager and turn on Magisk Hide. You should see Magisk installed successfully and properly rooted with MagiskSU. Tap SafetyNet button to check if it can be passed.
11. (optional) Install Xposed using Magisk app, not official method. Xposed will break Safety Net again. But you can always disable it in Magisk Manager easily.
Remarks:
1. Trim Area Proof Of Concept is required to restore full DRM functionality so that Safety Net thinks the phone is still locked.
2. /system partition must be clean and free of any trace of previous su installation.
3. Magisk Manager app cannot be used to install Magisk because it requires root in the first place. Even with systemless root, after Magisk is installed this way, trace of su can be found in /vendor partition.
4. Tobias tool has to be used to repack the boot image because I found that if PoC image is used directly, phone will reboot unexpectedly after Magisk is installed.
This is the clearest guide I found so far for rooting x compact :good: (Your old guide also help me understand some of the concept)
I get most of the steps but want to confirm whether I understand it correctly
itandy said:
1. Run TA PoC (DOUBLECLICKME.bat). You'll be asked to select your kernel image (kernel.sin) and TA backup (your TA backup file). Choose also to disable DM-Verity, Sony RIC but keep Force-encrypt (my data partition is encrypted, your choice). At the end a new file new_boot.img will be created.
Click to expand...
Click to collapse
TA PoC modify the boot image and the modified boot image will mount the TA backup image during boot and "trick" the system/kernel into thinking that is the original TA Partition, and it is untouched.
itandy said:
2. Copy the new_boot.img in step 1 to Tobias tool folder. In the same folder, execute the following command. Again, disable Sony RIC, don't install TWRP, don't install DRM fix and don't install Busybox. At the end, another file boot.img will be created.
Click to expand...
Click to collapse
- Drm fix is not needed because of the trick in step 1. This step is only needed because of incompatibility of boot image generated from step 1 with magisk (mentioned in the remarks section.).
- TWRP is not needed because in this guide TWRP will be booted by fastboot through PC without actually installing it on the phone (Step 7)
- Busybox is now included in magisk I think?
itandy said:
6. Dial *#*#7378423#*#*, followed by Service Test > Security to check if DRM is detected properly. At this point of time, your phone should be su free and DRM working properly.
Click to expand...
Click to collapse
- This is to prove the TA PoC mount trick above is working. No kernel fix is done.
The advantage of this method instead of kernel drm fix is that you can have completely stock kernel/system and only have modified boot image (and some extra data in data partition). Can you theoretically update the system and exclude the boot and data partition and still have the root intact? Or is that not recommended as new update might have some change in the boot partition as well?
I still need to do more reading about magisk and why the manager need to be installed manually (and what does it do)
trewelu said:
This is the clearest guide I found so far for rooting x compact :good: (Your old guide also help me understand some of the concept)
I get most of the steps but want to confirm whether I understand it correctly
TA PoC modify the boot image and the modified boot image will mount the TA backup image during boot and "trick" the system/kernel into thinking that is the original TA Partition, and it is untouched.
- Drm fix is not needed because of the trick in step 1. This step is only needed because of incompatibility of boot image generated from step 1 with magisk (mentioned in the remarks section.).
- TWRP is not needed because in this guide TWRP will be booted by fastboot through PC without actually installing it on the phone (Step 7)
- Busybox is now included in magisk I think?
- This is to prove the TA PoC mount trick above is working. No kernel fix is done.
The advantage of this method instead of kernel drm fix is that you can have completely stock kernel/system and only have modified boot image (and some extra data in data partition). Can you theoretically update the system and exclude the boot and data partition and still have the root intact? Or is that not recommended as new update might have some change in the boot partition as well?
I still need to do more reading about magisk and why the manager need to be installed manually (and what does it do)
Click to expand...
Click to collapse
Your understanding is correct. As for busybox, I didn't install it because I don't use it. You can try and see if it affects Safety Net detection.
Yes, system partition can be updated without losing root.
trewelu said:
This is the clearest guide I found so far for rooting x compact :good: (Your old guide also help me understand some of the concept)
I get most of the steps but want to confirm whether I understand it correctly
TA PoC modify the boot image and the modified boot image will mount the TA backup image during boot and "trick" the system/kernel into thinking that is the original TA Partition, and it is untouched.
- Drm fix is not needed because of the trick in step 1. This step is only needed because of incompatibility of boot image generated from step 1 with magisk (mentioned in the remarks section.).
- TWRP is not needed because in this guide TWRP will be booted by fastboot through PC without actually installing it on the phone (Step 7)
- Busybox is now included in magisk I think?
- This is to prove the TA PoC mount trick above is working. No kernel fix is done.
The advantage of this method instead of kernel drm fix is that you can have completely stock kernel/system and only have modified boot image (and some extra data in data partition). Can you theoretically update the system and exclude the boot and data partition and still have the root intact? Or is that not recommended as new update might have some change in the boot partition as well?
I still need to do more reading about magisk and why the manager need to be installed manually (and what does it do)
Click to expand...
Click to collapse
Just found that you can actually enable busybox in Magisk Manager so you don't have to pack it into the boot image.
Sent from my F5321 using Tapatalk
Done the step above and gained root and pass safety check in magisk.
Is there a way to disable the bootloader unlocked message during boot? I don't mind the message but it delay booting process I
trewelu said:
Done the step above and gained root and pass safety check in magisk.
Is there a way to disable the bootloader unlocked message during boot? I don't mind the message but it delay booting process I
Click to expand...
Click to collapse
I'm not aware anyone is able to do that so far.
itandy said:
I'm not aware anyone is able to do that so far.
Click to expand...
Click to collapse
You would need to alter bootloader....
Remark for Android 7.0 Users
If you will use this guide on Nougat, you will need to DISABLE force-encrypt, because data partition is encrypted by default on Nougat. On top of that, you will need to first boot to TWRP, wipe DATA partition without decrypting / mounting it and then reboot system to re-create unencrypted data partition. Only then you can flash Magisk..
ondrejvaroscak said:
If you will use this guide on Nougat, you will need to DISABLE force-encrypt, because data partition is encrypted by default on Nougat. On top of that, you will need to first boot to TWRP, wipe DATA partition without decrypting / mounting it and then reboot system to re-create unencrypted data partition. Only then you can flash Magisk..
Click to expand...
Click to collapse
Just curious, I'm on MM and my data partition is encrypted. But I didn't have to decrypt it first before installing Magisk. Is there anything on Nougat that makes it different?
itandy said:
Just curious, I'm on MM and my data partition is encrypted. But I didn't have to decrypt it first before installing Magisk. Is there anything on Nougat that makes it different?
Click to expand...
Click to collapse
Yes, quite substantially .... the TWRP does NOT support /data decryption on Nougat. On MM it works, on Nougat there is no way, until someone compiles TWRP with support for Nougat encrypted /data. The workaround is to DISABLE force-encrypt, wipe /data to force re-create unencrypted /data, install anything you need and then encrypt in Settings/Security. Once you do it, there is no way to get into /data in recovery...
ondrejvaroscak said:
Yes, quite substantially .... the TWRP does NOT support /data decryption on Nougat. On MM it works, on Nougat there is no way, until someone compiles TWRP with support for Nougat encrypted /data. The workaround is to DISABLE force-encrypt, wipe /data to force re-create unencrypted /data, install anything you need and then encrypt in Settings/Security. Once you do it, there is no way to get into /data in recovery...
Click to expand...
Click to collapse
And why is data partition decryption support needed in TWRP in this case? Flashing Magisk requires modification on data partition?
itandy said:
And why is data partition decryption support needed in TWRP in this case? Flashing Magisk requires modification on data partition?
Click to expand...
Click to collapse
I don't think so. I just re-did the step (accidentally locked back my bootloader when trying to remove the unlocked message). On twrp, it ask for password which I don't even know as after BL unlock wipe, I haven't set my screen lock yet. I skip that part, mount the sd card and flash magisk. Magisk modify the boot image and I can have root and safety net working.
Ps: You might need to update the step, the magisk manager stub will force you to download the app from play store, but it is already pulled. I need to download the app directly from magisk thread and side load it.
Edit: I was wrong. Magisk do use /data for magisk.img, but it have workaround instalation in case it is inaccessible during flashing install script. See #15
trewelu said:
Ps: You might need to update the step, the magisk manager stub will force you to download the app from play store, but it is already pulled. I need to download the app directly from magisk thread and side load it.
Click to expand...
Click to collapse
Updated. Thanks!
itandy said:
And why is data partition decryption support needed in TWRP in this case? Flashing Magisk requires modification on data partition?
Click to expand...
Click to collapse
Magisk installs file magisk.img into /data. This file is than mounted as /magisk. I am not sure, how Magisk handles installation if /data is not accesible/mountable during flashing, did not try it.
ondrejvaroscak said:
Magisk installs file magisk.img into /data. This file is than mounted as /magisk. I am not sure, how Magisk handles installation if /data is not accesible/mountable during flashing, did not try it.
Click to expand...
Click to collapse
I'm not good with script, but here is my understanding,
In case of inaccessible data during flash, magisk will flash magisk.img temporarily in cache partition. During booting (after data is unencrypted), magisk check if the workaround image in cache exist and move it to data
scripts/flash_script.sh
Code:
if (is_mounted /data); then
IMG=/data/magisk.img
else
IMG=/cache/magisk.img
ui_print "- Data unavailable, use cache workaround"
fi
jni/daemon/bootstages.c
Code:
// Merge images
if (merge_img("/cache/magisk.img", MAINIMG))
goto unblock;
if (merge_img("/data/magisk_merge.img", MAINIMG))
goto unblock;
jni/magisk.h
Code:
#define MAINIMG "/data/magisk.img"
trewelu said:
I'm not good with script, but here is my understanding,
In case of inaccessible data during flash, magisk will flash magisk.img temporarily in cache partition. During booting (after data is unencrypted), magisk check if the workaround image in cache exist and move it to data
Click to expand...
Click to collapse
Cool, very clever. I did not make the effort to study in in depth, but expected some sort of solution to exist when users succesfully installed Magisk even when they can not mount /data in TWRP. This temporary /cache mount is just nice example of clever programming
Hey, I think I pseudo-bricked my device while following these steps. I used fastboot to boot into TWRP, without disabling encryption, on Nougat 7.1. I didn't notice the requirement to disable encryption in Post #8 until afterwards.
Now the device appears to be on (my computer detects an unknown device when I plug it in), but it doesn't show any LEDs or react to any buttons. Is my only recourse to wait till the battery dies in a few days and try again, or is there another way?
HAHA, I found if I hold EVERY button (power, vol up, vol dn, and camera), the phone restarts and I have access again. w00t!
Just wondering if somebody tried this with Nougat 7.1? I can't get TA_POC to work, security test displays error and sim card is not detected.
baz1 said:
Just wondering if somebody tried this with Nougat 7.1? I can't get TA_POC to work, security test displays error and sim card is not detected.
Click to expand...
Click to collapse
Yes this works with 7.1 the same as with 7.0. How did you perform the update to 7.1?
I followed the guide to perfection, and everything works perfectly...but...If I want to turn a user app into system apps, link2sd gives me this error: mount: '/dev/block/bootdevice/by-name/system'->'/system': Device or resource busy" and system app mover gives me this error : "could not remount /system".
is system read only? why? I've already tried to enable "rw" "ro" through the command line without success...
Can anyone help me?
p.s. I have granted root permissions to the applications mentioned above at their opening