issue with bootloader unlock after root - Xperia Z5 Compact Q&A, Help & Troubleshooting

issue with bootloader unlock after root - Xperia Z5 Compact Q&A, Help & Troubleshooting

Hi,
I had and have a strange behaviour of the locking status:
What I did first after buying my used Z5C (5823) 3 weeks ago:
1) Downgrade to LP E5823_StoreFront_1299-6910_32.0.A.6.200_R2B
2) Created TA.img with iovyroot (as found out later, it didn't contain DRM keys and was unlocked....so the TA.img is useless)
3) Upgraded to E5823_32.2.A.0.224_Custom
4) patched and flashed the .224 Kernel with SuperSU, TWRP and no BusyBox, DRM
5) flashed back the - useless - TA.ftf
After this, whenever I open the service info/configuration ist shows 'bootloader unlockable: yes' or 'bootloader unlocked: yes' or 'bootloader unlockable: no'. I didn't find out, which situation leeds to which result.
So today I
1) flashed the E5823_32.2.A.0.253_R2C_Customized DE_1298-1220 with full wipe
2) flashed the TA.ftf, to check out if has really an unlocked bootloader (-> yes)
3) patched and flashed the .253 Kernel with SuperSU, TWRP and no BusyBox, RIC off and DRM -> SuperSU OK, DRM keys OK
Right after configuring the phone for the first start, bootloader was unlocked.
After 30 min bootloader was unlockable again.
????????
[Edit] Right now, after 60 min ist lockable again......
Is it quite normal, I guess no.
Any solutions??
Thanks from germany!!!

Seems to work fine after new flashing.
[Closed]

Related

[Q]LP 2015fw How to Unlock Bootloader

Hi guys, I have an Xperia Z2 running Stock 5.1.1 debloated and rooted.
I'm planning to unlock my bootloader to use the AndroPlus Kernel v63
I am confused on how to Unlock Bootloader via flashtool and then restore DRM keys back because 2014 threads here and comments are all that I can see.
from my current device state, How to unlock the Bootloader using Flashtool and afterwards restore the DRM keys.
I already made a backup of TA partition using this TOOL. And restoring the TA partition again using this tool will relock my bootloader. Which I only wish to be Unlocked and the DRM keys to be restored.
next is what resources do I need in restoring DRM keys. This LINK says that I need the .69 firmware and .690 firmware. these old firmwares are not available to the xperiafirm. and again can't seem to find the FTF files for this two firmwares.
If there is anyone that can help me, please This weekend is the only time that I can do this on my phone.
Thank you!

first of all lookup TABackup and backup your DRM keys.
This is how I did it with my TABackup, starting from unlocked bootloader :
- make sure DRM fix is on your sd card, not internal memory, which will be wiped.
- flash 5.1.1 rom in flashtools, wipe everything
- boot into android, do initial setup, enable usb debugging and unknown sources
- use TABackup to restore your DRM keys
- DO NOT ALLOW PHONE TO REBOOT INTO ANDROID, once the TABackup reboots your phone, turn it off by holding power+vol-up for 5 secs.
- flash Androplus kernel using flashtools or fastboot
- reboot phone and spam vol-up until you get into recovery
- flash DRM fix zip
- reboot into android and check your camera quality/sound quality
kinda in a hurry, so not fully details. if you still need anything I'll check thread later tonight

Root xperia z5c

Hi someone can give MI guide to root my xperia z5c android 5.1.1 E5823 firmware 32.0.a.6.200 please? Tank to the helpers

N22121991 said:
Hi someone can give MI guide to root my xperia z5c android 5.1.1 E5823 firmware 32.0.a.6.200 please? Tank to the helpers
Click to expand...
Click to collapse
Enable developer options first in your phone, followed to enable OEM unlock and enable USB debugging.
Search on google there is a Sony official site to let you input your IMEI and get the unlock key. You'll need to use fastboot(search on google if you don't know what is it) to unlock via command prompt in Windows, a factory reset will perform after unlocked.
Kernel: http://forum.xda-developers.com/z5-compact/orig-development/kernel-zombie-t3224735
Recovery: http://forum.xda-developers.com/z5-compact/orig-development/twrp-z5-compact-t3235161 (you only need the recovery.img from it)
And then, you just need to "fastboot flash boot boot.img" and "fastboot flash recovery recovery.img" in command prompt to flash custom kernel and custom recovery.
https://download.chainfire.eu/696/SuperSU/UPDATE-SuperSU-v2.46.zip
At last, "fastboot boot recovery.img" to flash the flashablesu.zip in recovery and install any of busybox utility via Playstore. Upgrade to camera 2.0 via "What's new" if you will install xposed bcoz stock cam 1.0 will FC.
Pretty much that's all of it.

hello
Thanks
Does it work with encrypted device ?

Bear in mind that if you unlock bootloader, your camera will worsen, you will lose image enhancements like x reality and your warranty will be void. Etc. Etc. So you might want to hold off on root. Just letting you know, that is

Sadman Khan said:
Bear in mind that if you unlock bootloader, your camera will worsen, you will lose image enhancements like x reality and your warranty will be void. Etc. Etc. So you might want to hold off on root. Just letting you know, that is
Click to expand...
Click to collapse
i don't totally agree because what i did,well,unlock device's bootloader & everything blah blah blah..but camera seems to be just fine.but of course,you'd definitely can see the difference..now since drm restore for our devices is already available however,it indeed restored the functions and the bravia engine & all(except the drm key itself),i noticed that my rooting status has changed from "unlock bootloader allowed: yes" to unlock bootloader allowed: no"!also,even if says so,my phone still has twrp installed,rooted & a custom kernel..all seems to be working as i so far observed..just that rooting status thing changed..kinda wierd,though!

Arturiuz! said:
i don't totally agree because what i did,well,unlock device's bootloader & everything blah blah blah..but camera seems to be just fine.but of course,you'd definitely can see the difference..now since drm restore for our devices is already available however,it indeed restored the functions and the bravia engine & all(except the drm key itself),i noticed that my rooting status has changed from "unlock bootloader allowed: yes" to unlock bootloader allowed: no"!also,even if says so,my phone still has twrp installed,rooted & a custom kernel..all seems to be working as i so far observed..just that rooting status thing changed..kinda wierd,though!
Click to expand...
Click to collapse
Mine says the same "unlock bootloader allowed: no" but root and everything works fine, and the camera definitely improved although its still crap in my opinion. Have a couple of before and after shots if someone is interested.

Radeon1337 said:
Mine says the same "unlock bootloader allowed: no" but root and everything works fine, and the camera definitely improved although its still crap in my opinion. Have a couple of before and after shots if someone is interested.
Click to expand...
Click to collapse
wait!let me correct myself a little(this is really weird!)..my drm keys are restored,to wc as far as i am knowledgable of,that shouldnt be the case after unlocking the BL..
*apologies here!im still trying to figure out how to insert a screenshot as a proof!i'm just using my phone atm..peace!

Arturiuz! said:
wait!let me correct myself a little(this is really weird!)..my drm keys are restored,to wc as far as i am knowledgable of,that shouldnt be the case after unlocking the BL..
*apologies here!im still trying to figure out how to insert a screenshot as a proof!i'm just using my phone atm..peace!
Click to expand...
Click to collapse
got it!here's for the screenshot before i unlocked my device..then drm keys lost..then when flashed the drmrestore.zip,consecutively..

MystereT said:
hello
Thanks
Does it work with encrypted device ?
Click to expand...
Click to collapse
Did you ever take the plunge with encryption? TWRP supposedly supports encryption, but want to make sure I have a way to a working phone if encryption doesn't work.
Don't remember if I can undo encryption via twrp, or at that point is it just prudent to flashtool it back to a clean image if not? My understanding is really just need to get a kernel on there that will boot, and provide the rest of the system with or without encryption.
Ready to pull the trigger on this to root and try with my encryption, but think I'll pull down a clean version of .200 firmware for the z5c first...

Yesterday there is a way to get Z5/Z5C/Z5P Rec & Root
and revive DRM & BE2 & Camera noise reduction by one-click (need unlocked BL),
I'm afraid to try...

Works like a charm
I can confirm drm-restore patch works like a charm and everything (camera noise reduction etc.)
iMaeGoo said:
Yesterday there is a way to get Z5/Z5C/Z5P Rec & Root
and revive DRM & BE2 & Camera noise reduction by one-click (need unlocked BL),
I'm afraid to try...
Click to expand...
Click to collapse

TheEndHK said:
Enable developer options first in your phone, followed to enable OEM unlock and enable USB debugging.
Search on google there is a Sony official site to let you input your IMEI and get the unlock key. You'll need to use fastboot(search on google if you don't know what is it) to unlock via command prompt in Windows, a factory reset will perform after unlocked.
Kernel: http://forum.xda-developers.com/z5-compact/orig-development/kernel-zombie-t3224735
Recovery: http://forum.xda-developers.com/z5-compact/orig-development/twrp-z5-compact-t3235161 (you only need the recovery.img from it)
And then, you just need to "fastboot flash boot boot.img" and "fastboot flash recovery recovery.img" in command prompt to flash custom kernel and custom recovery.
https://download.chainfire.eu/696/SuperSU/UPDATE-SuperSU-v2.46.zip
At last, "fastboot boot recovery.img" to flash the flashablesu.zip in recovery and install any of busybox utility via Playstore. Upgrade to camera 2.0 via "What's new" if you will install xposed bcoz stock cam 1.0 will FC.
Pretty much that's all of it.
Click to expand...
Click to collapse
hi Bro! is there any trouble if i flash (obviously via fastboot) only the recovery over the stock kernel firmware .200?? or is mandatory flash kernel and recovery?
thanks!

acabreram said:
hi Bro! is there any trouble if i flash (obviously via fastboot) only the recovery over the stock kernel firmware .200?? or is mandatory flash kernel and recovery?
thanks!
Click to expand...
Click to collapse
Stock kernel will get a bootloop if you rooted. The current build of Z5c kernel got dm-verity, when it detect your /system has changed like flashed flashablesu.zip to attempt to root probably it will not boot. You need a custom insecure kernel to root.

TheEndHK said:
Stock kernel will get a bootloop if you rooted. The current build of Z5c kernel got dm-verity, when it detect your /system has changed like flashed flashablesu.zip to attempt to root probably it will not boot. You need a custom insecure kernel to root.
Click to expand...
Click to collapse
ok Bro thanks!! there is not custom kernel of firmware .200 yet right?

acabreram said:
ok Bro thanks!! there is not custom kernel of firmware .200 yet right?
Click to expand...
Click to collapse
http://forum.xda-developers.com/showpost.php?p=64849573&postcount=2
plz read it clearly

can someone share stock E5823 fw .200 kernel, I need it to test this method

Help
TheEndHK said:
Enable developer options first in your phone, followed to enable OEM unlock and enable USB debugging.
Search on google there is a Sony official site to let you input your IMEI and get the unlock key. You'll need to use fastboot(search on google if you don't know what is it) to unlock via command prompt in Windows, a factory reset will perform after unlocked.
Kernel: http://forum.xda-developers.com/z5-compact/orig-development/kernel-zombie-t3224735
Recovery: http://forum.xda-developers.com/z5-compact/orig-development/twrp-z5-compact-t3235161 (you only need the recovery.img from it)
And then, you just need to "fastboot flash boot boot.img" and "fastboot flash recovery recovery.img" in command prompt to flash custom kernel and custom recovery.
https://download.chainfire.eu/696/SuperSU/UPDATE-SuperSU-v2.46.zip
At last, "fastboot boot recovery.img" to flash the flashablesu.zip in recovery and install any of busybox utility via Playstore. Upgrade to camera 2.0 via "What's new" if you will install xposed bcoz stock cam 1.0 will FC.
Pretty much that's all of it.
Click to expand...
Click to collapse
Hello, tks by the step by step u did... Sorry by my poor english, i am braziliam and need little help here.
1 - My z5c already is unlocked;
2 - I download the zombie kernel like u said (ok, get the boot.img file);
3 - I try to download the recovery, but when open the 7zip on windows cannot unzip the recovery.img file;
4 - Try to download this one (TWRP for Z5C) and ok, i get the recovery.img file from this (this is the same recovery file ???).
So the questoin is:
I can flash this files above (boot and recovery) on my z5c - E5823 - 32.0.A.6.200 ????
And why not flash the boot.img from the recovery zip file ??? Whats the diference ???
Regards and tks again !!!

puiatmp said:
Hello, tks by the step by step u did... Sorry by my poor english, i am braziliam and need little help here.
1 - My z5c already is unlocked;
2 - I download the zombie kernel like u said (ok, get the boot.img file);
3 - I try to download the recovery, but when open the 7zip on windows cannot unzip the recovery.img file;
4 - Try to download this one (TWRP for Z5C) and ok, i get the recovery.img file from this (this is the same recovery file ???).
So the questoin is:
I can flash this files above (boot and recovery) on my z5c - E5823 - 32.0.A.6.200 ????
And why not flash the boot.img from the recovery zip file ??? Whats the diference ???
Regards and tks again !!!
Click to expand...
Click to collapse
because it's only meant to be flashed in/by fastboot mode through command prompt or cmd.flashing it using recovery won't install those img's..not unless those were re/packed that could also be flashed through recovery..i've tried it but gave me error. & it's better that way installing it through command prompt/fastboot mode.

Arturiuz! said:
because it's only meant to be flashed in/by fastboot mode through command prompt or cmd.flashing it using recovery won't install those img's..not unless those were re/packed that could also be flashed through recovery..i've tried it but gave me error. & it's better that way installing it through command prompt/fastboot mode.
Click to expand...
Click to collapse
hey friend, tks for response.
I know we need to use fastboot to flash this files and i know how to do this.
I only wanna know if the files are compatible with my model and version device.

puiatmp said:
hey friend, tks for response.
I know we need to use fastboot to flash this files and i know how to do this.
I only wanna know if the files are compatible with my model and version device.
Click to expand...
Click to collapse
yes! it's(actually)for E5823 devices to be specific & as per OP(even as i have checked the links)..it even worked on mine wc is E5803! might want try it out first & see for yourself!

Can't root redmi note 3 Snapdragon

I have the Redmi note 3 pro 2gb snapdragon version I have unlocked my bootloader officially. I cannot seem to be able to root/flash recovery onto my phone.
I tried the Miui India toolkit - I get an error message: error unhandled exception has occurred in your application blah blah blah Could not find file c:\1.txt
I tried following this guide, and it worked once but it also broke Wifi - wifi refused to turn on
http://xiaomitips.com/guide/root-redmi-note-3-snapdragon/
I'm on Global Stable 7.1.8.0. I've tried the China rom and Global 7.2.3.0 but both roms are much worse on my phone - I no longer get notifications from my messaging apps, Blackplayer keeps stopping and restarting from the very first song it started playing, and other random bugs
Any help would be greatly appreciated, thank you

pyro224 said:
I have the Redmi note 3 pro 2gb snapdragon version I have unlocked my bootloader officially. I cannot seem to be able to root/flash recovery onto my phone.
I tried the Miui India toolkit - I get an error message: error unhandled exception has occurred in your application blah blah blah Could not find file c:\1.txt
I tried following this guide, and it worked once but it also broke Wifi - wifi refused to turn on
http://xiaomitips.com/guide/root-redmi-note-3-snapdragon/
I'm on Global Stable 7.1.8.0. I've tried the China rom and Global 7.2.3.0 but both roms are much worse on my phone - I no longer get notifications from my messaging apps, Blackplayer keeps stopping and restarting from the very first song it started playing, and other random bugs
Any help would be greatly appreciated, thank you
Click to expand...
Click to collapse
You unlocked your bootloader on stable ROM? Are you sure? According to this post it doesn't work on stable and it didn't work for me (same model).
Check it in fastboot (power off device and boot by holding Power + Vol Down):
1. Connect your RN3 SD to PC
2. Open cmd.exe and change to your ADB/fastboot folder with "cd <X:\myADBandFASTBOOTfolder\>" (replace with whereever fastboot.exe is located)
3. Check the connection with "fastboot devices". It should show something, meaning that your PC recognizes your device being connected through fastboot.
4. Enter "fastboot oem device-info". The line where it says "Device unlocked:" should be "true". If not, your bootloader is still locked.
Anyway, I suggest going to an official Developer Version (if you are on Global Stable, install Global Dev; China Stable -> China Dev). IMPORTANT: Search through forums, if an OTA update is safe to do, when your bootloader is unlocked. It might (!) lock it again, meaning you have to wait again, since Xiaomi only allows one unlock a month per device.
When you are on Dev ROM with bootloader unlocked, follow this guide to flash TWRP and patch the boot.img (important, so it doesn't replace TWRP with stock recovery again after the next boot). Go into recovery (Power + Vol Up) immediately after flashing TWRP, without rebooting to system. If TWRP is in Chinese, check out my comment here on how to fix it.
After successful installation of TWRP make sure that it's permanent (reboot the device at least twice and enter TWRP again). If that is the case you can search for the latest SuperSU.zip and flash it through TWRP which should give you root.
Hope this helps.

Immortal68 said:
You unlocked your bootloader on stable ROM? Are you sure? According to this post it doesn't work on stable and it didn't work for me (same model).
Check it in fastboot (power off device and boot by holding Power + Vol Down):
1. Connect your RN3 SD to PC
2. Open cmd.exe and change to your ADB/fastboot folder with "cd <X:\myADBandFASTBOOTfolder\>" (replace with whereever fastboot.exe is located)
3. Check the connection with "fastboot devices". It should show something, meaning that your PC recognizes your device being connected through fastboot.
4. Enter "fastboot oem device-info". The line where it says "Device unlocked:" should be "true". If not, your bootloader is still locked.
Anyway, I suggest going to an official Developer Version (if you are on Global Stable, install Global Dev; China Stable -> China Dev). IMPORTANT: Search through forums, if an OTA update is safe to do, when your bootloader is unlocked. It might (!) lock it again, meaning you have to wait again, since Xiaomi only allows one unlock a month per device.
When you are on Dev ROM with bootloader unlocked, follow this guide to flash TWRP and patch the boot.img (important, so it doesn't replace TWRP with stock recovery again after the next boot). Go into recovery (Power + Vol Up) immediately after flashing TWRP, without rebooting to system. If TWRP is in Chinese, check out my comment here on how to fix it.
After successful installation of TWRP make sure that it's permanent (reboot the device at least twice and enter TWRP again). If that is the case you can search for the latest SuperSU.zip and flash it through TWRP which should give you root.
Hope this helps.
Click to expand...
Click to collapse
Hello
Sorry to rephrase: I flashed to China Dev rom via MiFlash and unlocked the bootloader offically, however this rom had odd errors and bugs so I went back to the older Global Stable. My understanding is that the bootloader is now unlocked regardless of what ROM i am running?
In the guide you linked, the OP mentione "no patched boot.img required" yet you recommend I patch the boot.img? Can you advise how I should do this?

pyro224 said:
Hello
Sorry to rephrase: I flashed to China Dev rom via MiFlash and unlocked the bootloader offically, however this rom had odd errors and bugs so I went back to the older Global Stable. My understanding is that the bootloader is now unlocked regardless of what ROM i am running?
In the guide you linked, the OP mentione "no patched boot.img required" yet you recommend I patch the boot.img? Can you advise how I should do this?
Click to expand...
Click to collapse
I think going from China Dev to Global Stable is giving you troubles. Since you already flashed another Official ROM after unlocking the bootloader I don't think it would make matters worse if you did it again now. Try flashing the official Global Dev Qualcom http://en.miui.com/download-301.html and check again if your bootloader is unlocked through the method I posted. After that - if it's still unlocked - you should be able to follow through with the guide.
Right, the boot.img is patched automatically through TWRP when you enter and exit it. Just flash the recovery and confirm overwriting files, so it doesn't go back to stock, when you exit TWRP. You should get a notification when you try to rebbot to system through TWRP.

Just as an update - I was able to flash Cofface's recovery on Global Stable 7.1.8.0 (since my phone refused to update me to any other rom) using the provided guide http://forum.xda-developers.com/redmi-note-3/development/recovery-kenzotwrp-cafface-3-0-0-t3369341

Confirming everything about rooting... (and a bit more)

I have found many sites with conflicting answers, so please don't tell me "google is your best friend" for my silly/already asked questions...
So first what I have: a 5 month old, non modified M4 aqua (E2306), bought from a Canadian carrier. The firmware version is 26.1.A.3.111 (bootloader locked). My goal is to root my phone when I update to MM (using the method PiSpecialist has posted, I cannot post links), but I haven't done so for the fear of losing TA partition when unlocking BL. There is currently no way to root MM with locked bootloader.
Now, my questions:
1. When I unlock my BL, I will lose the TA partition (DRM keys) of the device. Yet to back these up, I need root access. Should I root my device while it is still on Lollipop? There are ways to root BL Lollipop correct? If so, please link a preferable way to do this.
2. Will I receive OTA updates after rooting my phone? If not, I should download and flash firmware from Xperifirm?
3. Will I lose root when flashing new firmware (e.g. flashing MM to a rooted Lollipop device)?
4. Is it dangerous to flash official firmware to a rooted phone? What is a safe way?
I found that dealing with TA is dangerous and can hard brick a phone. Anybody found a reliable script/tool to do this?
So this is pretty much what I am planning to do so far, if the above is correct:
Root my phone while it is still on Lollipop with a locked bootloader.
Backup my TA partition.
Get MM (from either flashing, or OTA, depending if I still get OTA updates)
Unlock bootloader (as there is no way to root for locked bootloaders in MM)
Root phone while it is on MM (if I don't keep the root after updating from lollipop)
Restore TA partition
DONE!
Not as many questions as I thought.... Any other advice/things to look out for would be appreciated

Theres no way yet to have root in mm /system, it needs to be in kernel and you cant use custom kernel and restore ta. All the questions you did are already answered in forums.
But in case your interested ill tell you what i did step by step to have original TA part with drm and "tunned" but unrooted /system.
Keep in mind that your warranty is void, you will loose all your data and you may brick your device. Messing up with TA partition is serious and dangerous stuff. The following steps are just to tell you what i did.
If you want to do so, do it at your own risk.
1. Clean install LP 3.120 via flashtool wipping user data.
2. Root with rootkit 3.xxx and installed twrp for BL
3. Backup TA
4. Unlock bootloader and install MM fw via flashtool
5. Now with BU installed boot.img and recovery.img
6. Now with root, deleted unwanted apps, installed adblocker, installed xposed, tunned some settings/apps etc.
7. When /system was how i wanted, i made a backup via twrp (data, system, cache).
8. Clean install LP 3.120 again via flashtool, wipping user data.
9. Root via rootkit and installed twrp for BL.
10. Restored TA partition
11. Restored the backup via twrp and SHUTTED DOWN the phone because itll not match with the rest of the fw.
12. Installed MM fw again via flashtool but this time, excluded /system part and DID NOT WIPE user data nor Apps log. (as ive restored MM /data backup before)
13. Started the phone.
Now i have MM with drm, locked bootloader, unrooted, xposed working with few modules, adblocker applied and some other mods. Also i receive updates via sony apps such as whats new. And the low speaker volume seems to be fixed.

thewailer said:
Theres no way yet to have root in mm /system, it needs to be in kernel and you cant use custom kernel and restore ta. All the questions you did are already answered in forums.
But in case your interested ill tell you what i did step by step to have original TA part with drm and "tunned" but unrooted /system.
Keep in mind that your warranty is void, you will loose all your data and you may brick your device. Messing up with TA partition is serious and dangerous stuff. The following steps are just to tell you what i did.
If you want to do so, do it at your own risk.
1. Clean install LP 3.120 via flashtool wipping user data.
2. Root with rootkit 3.xxx and installed twrp for BL
3. Backup TA
4. Unlock bootloader and install MM fw via flashtool
5. Now with BU installed boot.img and recovery.img
6. Now with root, deleted unwanted apps, installed adblocker, installed xposed, tunned some settings/apps etc.
7. When /system was how i wanted, i made a backup via twrp (data, system, cache).
8. Clean install LP 3.120 again via flashtool, wipping user data.
9. Root via rootkit and installed twrp for BL.
10. Restored TA partition
11. Restored the backup via twrp and SHUTTED DOWN the phone because itll not match with the rest of the fw.
12. Installed MM fw again via flashtool but this time, excluded /system part and DID NOT WIPE user data nor Apps log. (as ive restored MM /data backup before)
13. Started the phone.
Now i have MM with drm, locked bootloader, unrooted, xposed working with few modules, adblocker applied and some other mods. Also i receive updates via sony apps such as whats new. And the low speaker volume seems to be fixed.
Click to expand...
Click to collapse
Thank you.
What adblocker can be install?

Btw, false alarm regarding speaker volume, it still saturate with bass at higher volume resulting in a lower and kinda cracked volume output, it may need to be tweaked, or even try to port LP audio parametres to MM rom, if thats even a thing and possible, until sony fix it (if they do lol). Ive tested a variety of songs

thewailer said:
Now i have MM with drm, locked bootloader, unrooted, xposed working with few modules, adblocker applied and some other mods. Also i receive updates via sony apps such as whats new. And the low speaker volume seems to be fixed.
Click to expand...
Click to collapse
Is there possibility for system to stay rooted? Btw how do u enter into recovery on MM ?
Tnx

harisdelic said:
Is there possibility for system to stay rooted? Btw how do u enter into recovery on MM ?
Tnx
Click to expand...
Click to collapse
Theres no method at this moment to put su binaries in /system, but if you dont mind you can keep the root as long as you dont restore your TA / lock bootloader as it needs a stock kernel signed by sony.
I enter twrp recovery in MM by holding power+vol down
---------- Post added at 09:42 PM ---------- Previous post was at 09:41 PM ----------
sucsong said:
Thank you.
What adblocker can be install?
Click to expand...
Click to collapse
Ive installed adaway that blocks via host file.

thewailer said:
Theres no method at this moment to put su binaries in /system, but if you dont mind you can keep the root as long as you dont restore your TA / lock bootloader as it needs a stock kernel signed by sony.
I enter twrp recovery in MM by holding power+vol down
Click to expand...
Click to collapse
Thanks man. I will try metod you write above right now

harisdelic said:
Thanks man. I will try metod you write above right now
Click to expand...
Click to collapse
No problem . Here in m4 aqua forums you have everything you need to backup TA, unlock bootloader, flash, drowngrade etc. Just follow all the tutorials carefully good luck

thewailer said:
Theres no method at this moment to put su binaries in /system, but if you dont mind you can keep the root as long as you dont restore your TA / lock bootloader as it needs a stock kernel signed by sony.
I enter twrp recovery in MM by holding power+vol down
---------- Post added at 09:42 PM ---------- Previous post was at 09:41 PM ----------
Ive installed adaway that blocks via host file.
Click to expand...
Click to collapse
I don't understand about "excluded /system part"? Flash only system file or everything

sucsong said:
I don't understand about "excluded /system part"? Flash only system file or everything
Click to expand...
Click to collapse
No, you exclude system as you restored it early via twrp, flash the rest of the firmware like modem, kernel etc. Remember to dont wipe data and apps log also
Edit: if you flash system youll loose the changes you did thats why you need to exclude from bundle when choosin in flashtool

DarkerJava said:
Thanks! This was what I was looking for!
Also, will you be able to root after this? (If someone comes up with a method)
Click to expand...
Click to collapse
Your welcome. Yeah if someones finds a way to do the classic root like in LP this will be rootable for sure.
At least in the meanwhile we can have ads blocked and xposed with some modules and still keep bootloader locked with drm keys to keep functions and receive updates.

thewailer said:
Your welcome. Yeah if someones finds a way to do the classic root like in LP this will be rootable for sure.
At least in the meanwhile we can have ads blocked and xposed with some modules and still keep bootloader locked with drm keys to keep functions and receive updates.
Click to expand...
Click to collapse
This is what im going to do...
Root bootloader locked in LL
Back up TA
Unlock bootloader
MM through flashtool
Root MM (boot.img , recovery.img) (This IS what you did by flashing these, right?)
http***://forum.xda-developers.com/m4-aqua/general/root-t3421932 (going to use this boot and recovery .img)
Chang/add to Marshmallow firmware
At this point, the device should be rooted on MM, with UB TWRP and SuperSU.
Now, is it okay if I just restore TA partition NOW, instead of going back to LL? I'm not really interested in saving OTA updates... speaking of which, how did you manage to still get them? I thought as soon as you modify your device, you are excluded from OTA updates...

DarkerJava said:
This is what im going to do...
Root bootloader locked in LL
Back up TA
Unlock bootloader
MM through flashtool
Root MM (boot.img , recovery.img) (This IS what you did by flashing these, right?)
http***://forum.xda-developers.com/m4-aqua/general/root-t3421932 (going to use this boot and recovery .img)
Chang/add to Marshmallow firmware
At this point, the device should be rooted on MM, with UB TWRP and SuperSU.
Now, is it okay if I just restore TA partition NOW, instead of going back to LL? I'm not really interested in saving OTA updates... speaking of which, how did you manage to still get them? I thought as soon as you modify your device, you are excluded from OTA updates...
Click to expand...
Click to collapse
Yeah you root mm by flashimg boot.img.
First, some people reported that is recommended to restore TA partition in the same firmware as you backed them up. Second, if you restore your TA and you have custom boot.img (like that one to get the root) your device will not boot

sergioslk said:
i have locked bootloader and its not unlockable (buyed to a company) and after some test i can tell you that don't need to unlock bootloader to do this
you can do it from rooted LP with twrp, first wipe data , system and cache, install MM fromzip (you can create the zip with PRF creator using the dummy_flashable.zip instead supersu zip) after MM its installed you can now install xposed, and other kind of flashable mods, lastly, power off phone and flash tft skipping system.sin
you will have android modded and untouched bootloader without root
Click to expand...
Click to collapse
id rather prefer to do the system changes with root in the mm firm, but sounds like a good method for those ones that cant unlock the BL.

sergioslk said:
i have locked bootloader and its not unlockable (buyed to a company) and after some test i can tell you that don't need to unlock bootloader to do this
you can do it from rooted LP with twrp, first wipe data , system and cache, install MM fromzip (you can create the zip with PRF creator using the dummy_flashable.zip instead supersu zip) after MM its installed you can now install xposed, and other kind of flashable mods, lastly, power off phone and flash tft skipping system.sin
you will have android modded and untouched bootloader without root
Click to expand...
Click to collapse
Can't everyone unlock from the Sony website?

DarkerJava said:
I have found many sites with conflicting answers, so please don't tell me "google is your best friend" for my silly/already asked questions...
So first what I have: a 5 month old, non modified M4 aqua (E2306), bought from a Canadian carrier. The firmware version is 26.1.A.3.111 (bootloader locked). My goal is to root my phone when I update to MM (using the method PiSpecialist has posted, I cannot post links), but I haven't done so for the fear of losing TA partition when unlocking BL. There is currently no way to root MM with locked bootloader.
Now, my questions:
1. When I unlock my BL, I will lose the TA partition (DRM keys) of the device. Yet to back these up, I need root access. Should I root my device while it is still on Lollipop? There are ways to root BL Lollipop correct? If so, please link a preferable way to do this.
2. Will I receive OTA updates after rooting my phone? If not, I should download and flash firmware from Xperifirm?
3. Will I lose root when flashing new firmware (e.g. flashing MM to a rooted Lollipop device)?
4. Is it dangerous to flash official firmware to a rooted phone? What is a safe way?
I found that dealing with TA is dangerous and can hard brick a phone. Anybody found a reliable script/tool to do this?
So this is pretty much what I am planning to do so far, if the above is correct:
Root my phone while it is still on Lollipop with a locked bootloader.
Backup my TA partition.
Get MM (from either flashing, or OTA, depending if I still get OTA updates)
Unlock bootloader (as there is no way to root for locked bootloaders in MM)
Root phone while it is on MM (if I don't keep the root after updating from lollipop)
Restore TA partition
DONE!
Not as many questions as I thought.... Any other advice/things to look out for would be appreciated
Click to expand...
Click to collapse
If on rooted 5.0 all you need to do is flash a pre-rooted mm zip via recovery on lollipop, no need to unlock the Bootloader for root unless you have a device that has drm-verity security activated.
Sent from my Xperia XA using XDA Labs

aidy.lucas said:
If on rooted 5.0 all you need to do is flash a pre-rooted mm zip via recovery on lollipop, no need to unlock the Bootloader for root unless you have a device that has drm-verity security activated.
Sent from my Xperia XA using XDA Labs
Click to expand...
Click to collapse
Oh yeah I completely forgot about that... someone released a prerooted rom about a week ago on the forums. This will less complicate the process for bl locked rooted MM, thanks!

[GUIDE] How to unlock the bootloader for Nokia 8.3 5G

TO CONTENT FARMS ESPECIALLY GETDROIDTIPS: DO NOT REPOST THIS TOPIC ON YOUR WEBSITE!
点击这里查看中文版(Click here for Chinese Version Guide)
Click to expand...
Click to collapse
If you're looking for how to unbrick the phone that received May 2023 Security Update, you've come to the right place.
You have two options to unbrick your Nokia 8.3
If you prefer not to unlock the bootloader, visit here:
[GUIDE] How to Unbrick Nokia 8.3 affected by May 2023 Security Patch
As I mentioned before, unlocking the bootloader will fix this issue. But if you don't want to unlock the bootloader, then this guide is for you. DO NOT USE THIS METHOD IF JUNE 2023 OR NEWER UPDATE RELEASES IN FUTURE! YOU SHOULD NOT IGNORE...
forum.xda-developers.com
Or if you don't mind unlocking the bootloader, do these steps before you proceed to bootloader unlock:
1. Use volume key to select "Recovery mode", power key to enter.
2. When you see android robot lying on the ground, hold power key and press volume up key once. Then you'll get recovery screen.
3. Download this package: https://android.googleapis.com/packages/ota-api/package/627142c637bf373410e6b8911aeb9b2e65bd5969.zip
4. Select Apply Update from ADB, then sideload it with adb command.
5. Once the sideload procedure finishes, select "reboot to bootloader", then follow this guide to unlock the bootloader.
Existing Android 10 builds has a critical problem, that allowed us to flash or erase any bootloader partition even if the bootloader is not unlocked. However, Android 11 builds blocked this method, but there's a known workaround for this.
Therefore, I think it's time to disclose the unlock method now. It's known working on both TA-1243 and TA-1251.
The critical part for unlocking the bootloader is - the prototype bootloader of this phone. By opportunity, I got the early bootloader from a prototype unit that allows us to unlock the bootloader, thanks to the help of a Canadian people who claimed to have a Nokia 8.3 prototype himself.
Click this for Android 11 or Android 12 users
Your warranty will be void as bootloader unlock is not reverseable - you cannot relock it. Prototype ABL for normal Nokia 8.3 and 8V 5G UW are not interchangeable, flashing wrong ABL image will cause your phone hard brick.
To use this method, you need to ensure your phone has Android 10 installed - the latest build that we can use this method is 00WW_1_150-B01, you can confirm this by dialing *#*#7837#*#*.
If your phone has Android 11 installed (00WW_2_180-B01 or newer), then this bootloader unlock method has been blocked, but there's known workaround for this. Check 2nd reply for details.
UPDATE: Russian version Nokia 8.3 5G cannot be downgraded yet. If you're using Russian version Nokia 8.3 5G (Software version has RU tag), use EDL method for bootloader unlock.
Please download the prototype bootloader from here:
Click here for Nokia 8.3 5G (BGT TA-1243/1251)
Click here for Nokia 8V 5G UW (RAV TA-1257)
If you see Error code 00000101 during download - please use industrial standard web browser to download it, like Google Chrome.
SHA256
Code:
Nokia 8.3 5G: e253b67fa028b1ea9ca714bee6d95902e2b340ae201e0c88adc12781279b8fd5
Nokia 8V 5G UW: 70391abce694c95d7bb9d2c3fa1bcbfd66f26f42a766bc8d8c4d222caf8a62d4
Root Key Hashes
Code:
Nokia 8.3 5G: E3B22179CCBFB91730E233C4162E2D9DD33D02C97289EC1E9F787AC52CBDE3E0
Nokia 8V 5G UW: C3CEDC3A4612C85DD70EEDFA8ABA75621D579CEA62BB9A8D805DD4E9C542A6F0
(For Nokia 8.3 5G only), flash it under fastboot mode, and unlock the bootloader - pretty simple:
Code:
fastboot flash abl BGT-abl.elf
fastboot reboot-bootloader
fastboot oem unlock-go
Confirm unlock on your phone and it's all done. You can safely update the phone to Android 11 right after unlocked. Since we cannot perform critical unlock properly, we can only do regular unlock, but this should be enough.
Video demonstration:
For Nokia 8V 5G UW only:
1. Ask someone who has access of HDK to grant service permission for you.
2. Execute these commands (please download frp_oemunlock.img from https://forum.xda-developers.com/t/...rom-nokia-xr20-for-bootloader-unlock.4455845/ ):
Code:
fastboot flash abl RAV-abl.elf
fastboot reboot-bootloader
fastboot flash frp frp_oemunlock.img
fastboot reboot-bootloader
fastboot flashing unlock_critical
(confirm unlock)
fastboot flashing unlock
(confirm unlock)
Have fun for modding this device!

If you don't mind take apart your phone, you can use EDL method - but you know doing so will definitely void the warranty, and the stubborn triple-color company could remove these pads in later batches.
Firehose programmer for this phone is attached here.
Since we didn't grab downgrade OTA package for Russian variant, they cannot pass full OTA package verification and has to use EDL method for downgrading ABL. Thanks to Russian users for providing info.
In case Android 12 update from future cannot be downgraded, you'll have to use EDL method as well.
Example of using edl.py from bkerler (https://github.com/bkerler/edl):
Code:
edl.py w abl_a abl_proto_e253b67f.elf --memory=ufs --loader=prog_firehose_ddr.elf
edl.py w abl_b abl_proto_e253b67f.elf --memory=ufs --loader=prog_firehose_ddr.elf
edl.py reset
Keep in mind doing so will 100% void your warranty, and you cannot relock the bootloader.

For archiving purposes:
00WW_1_150-B01 full OTA zip: https://android.googleapis.com/packages/ota-api/package/627142c637bf373410e6b8911aeb9b2e65bd5969.zip
00WW_2_180-B01 full OTA zip: https://android.googleapis.com/packages/ota-api/package/12a35835cf4034f539ae7d03ffecd0682bef1b66.zip
You can use them for OS rooting.
Also after @jnappert 's testing, the workaround works great.
1. Sideload 00WW_1_150-B01 OTA package under recovery. You may see downgrade not allowed prompt but it will install anyway.
2. Reboot to bootloader under recovery mode. Although Anti-Rollback protection is triggered, the abl is not protected and is now downgraded to vulnerable build.
3. You can now follow the guide to unlock the bootloader.
I hope this will help everybody to bring up custom rom development for this phone.

hikari_calyx said:
Existing Android 10 builds has a critical problem, that allowed us to flash or erase any bootloader partition even if the bootloader is not unlocked.
Click to expand...
Click to collapse
Does that mean that they forgot to blow eFUSE of secure boot in this model? On a different device, once I flashed tampered ABL image after unlocking (and unlock_critical) the blootloader, XBL refuses to load ABL because of tampering. It hard bricked the device, but EDL mode was working.
It could be that ABL_proto image that you extracted might be signed by the OEM.

Volski_ said:
Does that mean that they forgot to blow eFUSE of secure boot in this model? On a different device, once I flashed tampered ABL image after unlocking (and unlock_critical) the blootloader but XBL refuses to load ABL because of tampering. It hard bricked the device, but EDL mode was working.
It could be that ABL_proto image that you extracted might be signed by the OEM.
Click to expand...
Click to collapse
It's signed by OEM - you can compare it yourself.
In demonstration video, the secure boot is already enabled as you can see.

Can anybody tell does it pass CTS with Magisk hide?

mingkee said:
Can anybody tell does it pass CTS with Magisk hide?
Click to expand...
Click to collapse
It will pass - at least that's the situation on 00WW_1_150-B01.

Now I have mine turn off to avoid further update.
I was unaware and it went up to 11, so I have to use different bootloader to root.

mingkee said:
Now I have mine turn off to avoid further update.
I was unaware and it went up to 11, so I have to use different bootloader to root.
Click to expand...
Click to collapse
If bootloader unlocked, it will be safe to update to Android 11.

Hello everybody. I was minding: because i've upgraded my nokia 8.3, is it possibile to roll back to android 10, unlock bootloader and install superSU?

I tried downgrading to Android 10 yesterday und sucessfully unlocked bootloader (which deletes user-data). Then the OTA Update to 00WW_2_200 installed without problem.

jnappert said:
I tried downgrading to Android 10 yesterday und sucessfully unlocked bootloader (which deletes user-data). Then the OTA Update to 00WW_2_200 installed without problem.
Click to expand...
Click to collapse
can you please type here the steps you've made to downgrade your phone?

For Nokia 8 V 5G UW users:
I suspect devices with 00VPO_1_260-B01 or older should be vulnerable, but I think many users should have the phone updated to 00VPO_1_280-B01 already.
Need further investigation whenever I got firmware.

I tried to downgrade mine from Android 11 to 10. Anyways, when i sideload the "update", the recovery text "downgrade not allowed". When it finishes the install, my phone just boot in fastboot mode and the only way to get it back is to install the Android 11 update. Still waiting any tips to downgrade

TheDuke94 said:
can you please type here the steps you've made to downgrade your phone?
Click to expand...
Click to collapse
I downgraded from 00WW_2_180 to 00WW_1_150-B01:
- installed adb and drivers
- enabled USB Debug
- bootet to stock recovery: "adb reboot recovery"
- in recovery "apply update from adb"
- adb sideload 00WW_1_150-B01 from post #3
- rebootet to fastboot and continued with steps from post #1 to unlock bootloader
- after reboot device updated directly to 00WW-2_200
Now i am looking for working custom recovery...

jnappert said:
I downgraded from 00WW_2_180 to 00WW_1_150-B01:
- installed adb and drivers
- enabled USB Debug
- bootet to stock recovery: "adb reboot recovery"
- in recovery "apply update from adb"
- adb sideload 00WW_1_150-B01 from post #3
- rebootet to fastboot and continued with steps from post #1 to unlock bootloader
- after reboot device updated directly to 00WW-2_200
Now i am looking for working custom recovery...
Click to expand...
Click to collapse
Thanks for sharing the tip. But apparently the triple-color company will block this

hikari_calyx said:
Thanks for sharing the tip. But apparently the triple-color company will block this
Click to expand...
Click to collapse
Looks like it already happened, 'cause mine says "downgrade not allowed" gonna try again friday. I'll update you

I was lucky enough to get this phone from bh photos as shelf stock and it shipped with android 10. They are currently on sale there for $320. I installed and unlocked bootloader. I may get a pixel as a backup so id be willing to test recovery,roms etc...when someone comes up with something. Ive been out of the Android scene for a while and im curious if root is possible at this time or if that would require 3rd party recovery and/or a kernel

A little update
Bootloader unlocked
This time is a bit tricky
I tried to enter recovery and got "no command". Press volume up + power together every 2 seconds and I got actual recovery
Tried update from SD...no go
Tried update from adb... downgrade is not allowed
Somehow I went to fastbootd and nothing worked
I chose bootloader and this time elf file from post 1 worked (it didn't work when I enter bootloader normal way)
Now I have to find out where I can get boot to patch

mingkee said:
A little update
Bootloader unlocked
This time is a bit tricky
I tried to enter recovery and got "no command". Press volume up + power together every 2 seconds and I got actual recovery
Tried update from SD...no go
Tried update from adb... downgrade is not allowed
Somehow I went to fastbootd and nothing worked
I chose bootloader and this time elf file from post 1 worked (it didn't work when I enter bootloader normal way)
Now I have to find out where I can get boot to patch
Click to expand...
Click to collapse
You can extract boot image from OTA package via payload dumper.

Better Mobile App

welcome