NK1, OB6, OF1 testers wanted for NC4 back-booting trials - Verizon Galaxy Note 3 General

So, I cobbled together a (custom-recovery) flashable NC4 stock ROM.
I'm interested to find out whether it is possible to boot it successfully from later bootloader firmware - e.g. NK1, OB6, or OF1
(I'm still on NC4 bl and not planning on upgrading near term. It boots on NC4 bl but that's pretty obvious lol)
[size=+2]Q: Why would this be useful?
A: to provide a means for upgrading bootloader firmware without starting from scratch.[/size]
For instance, there are folks on OB6 firmware that would like to use a custom ROM that will only work on OF1 firmware. They can certainly start from scratch (backup and unload the entire device); an alternative would be to:
- Make a backup of an existing rooted ROM (that more than likely has a custom or modified boot image so is not bootable when the bootloader gets re-locked) using the currently-installed custom recovery (which will also be non-bootable under re-lock).
- Restore a (debloated) pure stock ROM w/ Samsung kernel. Root it with Towelroot (does not touch boot image)
- Flash replacement bootloader only in Odin. Locked bootloader = no custom recovery... but with a rooted stock ROM already in place with an unmodified stock kernel it can be immediately unlocked.
NC4 is easily rooted with Towelroot-v3 "on device". No need for PC drivers, online rooting tools with a separate PC, etc (e.g. as with Yemen rooting methods on OB6, OF1)
This approach in principle saves the need to backup everything up in the /sdcard - but you have to know in advance that the NC4 stock kernel and ROM can successfully be booted with later bootloaders.
So anyway, that's what I'm asking for help testing with - folks that are: (a) unlocked and (b) on NK1, OB6 or OF1 bootloader willing to try flashing a debloated NC4 Stock ROM using their existing custom recovery, and see if it boots, roots, and if root survives a single boot cycle.
Contact me via this thread or PM; I'll provide the flashable NC4 and the Towelroot .apk
.

my n900v came with 5.0 Of1 but i rooted, unlocked BL. installed twrp and flashfired NC4 tar minus recovery
runs smooth.I hate lollipop.lol
only bug is wifi password resets everytime i reboot
im curious as to why i have trouble running certain nc2/nc4 roms..some want to bootloop/freeze
baja,biggins,and objective rom
kernel issue maybe? or BL version
btw. i am rooted via towelroot v3

hotrod85z said:
my n900v came with 5.0 Of1 but i rooted, unlocked BL. installed twrp and flashfired NC4 tar minus recovery
runs smooth.I hate lollipop.lol
Click to expand...
Click to collapse
Thank you for posting that, very useful/helpful information to know.
Does Flashfire understand the Samsung "sparse" image format of the system.img.ext4 file inside the Stock (Odin) .md5 tarfile blob? Or maybe somebody else packaged up a "flashable .zip" of NC4?
hotrod85z said:
only bug is wifi password resets everytime i reboot
Click to expand...
Click to collapse
in /system/build.prop, set ro.securestorage.support=false and reboot. You might also want to set ro.config.tima=0 as well.
I suspect that mixing and matching Samsung kernels with bootloader versions breaks something in the TrustZone, and so secure containers and other sort-of-obscure security functions no longer work as the TZ smells something fishy. I am using a rooted PL1 rom on NC4 bl and it would spontaneously reboot (infrequently) until I made the above changes - it's been rock stable for about 4 days now. Why this works I can't really say - it's a "generation skipping" bootloader and stock rom combination - N* bootloader and P* ROM *
hotrod85z said:
im curious as to why i have trouble running certain nc2/nc4 roms..some want to bootloop/freeze
baja,biggins,and objective rom
kernel issue maybe? or BL version
btw. i am rooted via towelroot v3
Click to expand...
Click to collapse
all of the above or none of the above LOL
There are definitely some mysteries here, and I don't claim to fully understand the interdependence of the TZ (== bootloader firmware), the TIMA and RTKP stuff in the kernel, and the cross-communication between kernel and TZ via the qseecom service daemon (which is in the ROM in /system/bin) much less how the APIs of all these interfaces might have changed between major releases.
You could check those two build.prop settings in those ROMs for starters though. I suspect that if the TZ smells something fishy (e.g. a kernel TIMA to TZ info mismatch), a variety of secure credential services in the TZ stop working. It is possible that "ro.securestorage.support" is a toggle that attempts to use TZ services when it is set to "true", and so anything in the ROM which builds on it breaks because the TZ is refusing to play on an otherwise "stock" ROM variant.
FWIW I got the AryaMod (S7Edge MM port) + phantom kernel running on NC4 bl + OF1 modem for a full 24 hours after I disabled the qseecom service daemon. It ran long enough that I had customized the whole thing as a daily driver with all my apps, verified that all sensors & radios worked, made test calls, etc. Rebooted it and the kernel started getting reset by a "Modem Reset". Even weirder was that despite the use of the OF1 "modem" firmware, the kernel was reporting a bunch of RIL "unknown ioctl's". Strikes me as odd that the whole thing could run that long with so many different things happening, and then the "modem" is unhappy - even though other folks are using the ROM with OF1 bl + OF1 radio/modem firmware. (As if the "modem" isn't really the source of the problem, even though that's what initiates the device reset).
.

i initially tried flashing NC4 full tar via ODIN. but even bl unlocked. i got FAIL. flashfire worked!
very curious as to whether a custom n900v kernel would boot my 4.4.2 custom roms..its either that or the BL isnt compatible with non-touchwiz roms....
most of the kernel/modem/firmware links on here are 404 error dead links.. would be nice to see an up to date sticky. ill flash anything as long as i dont end up in JTAG mode with a brick.lol
ive played with verizon s5 atnt s2,galaxy capitivate,atrix 4g and many other phones
the s2 is still by far the fastest Smoothest phone on cm7..the newer the phones..the newer the OS..the bigger the resourse hogs"ram" im a minimalist...
even after flashing NC4 official full tar..im still showing OF1 baseband under settings

@hotrod85z
FWIW I posted a bunch of recovery-flashable stock ROMs here.
There is also a link in that thread to a complete set of (Odin flashable) modems for NC4, NJ6, NK1, OB6, OF1, and PL1 if that is of interest to you.
Maybe I wasn't paying attention, but I could swear that on at least one occasion or two when I performed an Odin modem flash, it didn't "stick", despite no complaints on the handset screen or in Odin - the next boot showed the (prior) baseband version, not what I flashed. Its a bit of a mystery to me; but for now I've resolved to make sure that after the Odin session is complete, I wait 30 seconds or so, then remove the USB cable, and then pull the battery rather than try to restart the device by holding buttons down. It is possible that those events occurred when I soft-restarted the phone, but I'm not sure. For now I'm just trying to always flash and restart with exactly the same method to avoid different behaviors from creeping in.
PS I have no idea if those ROM flashables are compatible with Flashfire. They might be, but I've never tested it, and as they are not pre-rooted I'm not going to suggest it for fear that somebody with a rooted but locked (bootloader) phone will try using flashfire and then end up with a phone that needs a full Odin re-install. Appearances are that each version of the bootloader restricts the Samsung signing verification to only the matching kernel version - you can't even boot a Signed samsung kernel on a locked phone if it is a different version than the bootloader's version.

Hello all I have a emmc exploit note 3 I'm using here and I wanted to flash different radios for the us carrier note 3's and I first tried to use flash fire to try to update the modem, but even that didn't stick, cause I don't readily have a pc available, I wasn't ballsy enough to flash a different carrier modem, since I checked the odin screen and saw that instead of a bootloader unlock, its in developer mode and I didn't want a brick, so overall my question is, do I need a unlocked bootloader to flash different modems and do I need odin tovdo it or will some sort of mobile odin or something do it? Thanks mates and happy flashing.

Dlind said:
Hello all I have a emmc exploit note 3 I'm using here and I wanted to flash different radios for the us carrier note 3's and I first tried to use flash fire to try to update the modem, but even that didn't stick, cause I don't readily have a pc available, I wasn't ballsy enough to flash a different carrier modem, since I checked the odin screen and saw that instead of a bootloader unlock, its in developer mode and I didn't want a brick, so overall my question is, do I need a unlocked bootloader to flash different modems and do I need odin tovdo it or will some sort of mobile odin or something do it? Thanks mates and happy flashing.
Click to expand...
Click to collapse
Well, your question is way off topic for this thread.
But since nobody is in here anyways, I guess I'll answer the parts that I am able to.
The modems that I posted over in that other thread were meant to be flashed in Odin using a PC. You can use either the AP slot or CP slot. Note that the very first post says - in big bold blue letters "Odin-flashable Modems".
Not flashfire. It never said anything about flashfire.
Is there such a thing as MobileOdin? If there is, I know nothing about it and certainly have never tested anything with it. So I don't know and am not going to speculate.
You said something confusing here:
Dlind said:
I checked the odin screen and saw that instead of a bootloader unlock, its in developer mode
Click to expand...
Click to collapse
If it says "MODE: Developer" you have an unlocked bootloader. Which is exactly the same thing as a Developer Edition phone.
If you were to use a PC with Odin and you flashed a FULL Stock firmware flash, yes it would overwrite the unlocked bootloader and indeed re-lock the phone. If you were able to re-root that (stock) ROM, you could perform the unlocking procedure again to unlock it.
On the other hand, those Odin-flashable modem packages do not contain the bootloader firmware, so if you were to use Odin on a PC to flash just those modem images, your bootloader would not get re-locked - the unlocked bootloader is still there, untouched.
When the carriers issue an OTA update, many times (perhaps most of the time) they contain a modem update (NON-HLOS.bin and modem.bin). So it is obvious that they are able to be flashed **somehow** right on the phone, without using Odin from the PC or an "Odin app" at all.
BUT that happens using a combination of the STOCK recovery and the bootloader itself during the reboot following the actions taken by the STOCK recovery. (My guess is that the recovery simply "stages" it into place, and sets some flags so that the bootloader knows that it is supposed to evaluate the crypto signatures of the file blobs that the recovery put into place and it is actually the bootloader that does the flashing. That's really not a whole lot different than what happens when you transfer files from Odin to the phone - the "Odin/Download" mode is just one of the personalities of the bootloader. (Odin is actually a rather dumb program - it's the bootloader on the phone that gets to decide whether a flash happens. It does that by carefully examining the file blob that gets transferred, e.g. crypto signature checks)
My guess is that you would be able to flash STOCK modem packages from Odin (using a PC) independent of whether the bootloader is locked or unlocked. But as I said: "guess".
I don't have a second phone to test with, so I would have to flash completely back to stock and lock my bootloader to be able to test that hypothesis. That's a big jobs because of all the crap I have to backup and restore to my phone.
Frankly, if you don't have access to a PC, and you really need your device to keep working, I would advise you to stop screwing around with it, simply because you don't have good tools available to fix it if a disaster occurs.
PS. I've never once noticed anything different between various radio firmwares on ANY device I've ever owned.

bftb0 said:
Well, your question is way off topic for this thread.
But since nobody is in here anyways, I guess I'll answer the parts that I am able to.
The modems that I posted over in that other thread were meant to be flashed in Odin using a PC. You can use either the AP slot or CP slot. Note that the very first post says - in big bold blue letters "Odin-flashable Modems".
Not flashfire. It never said anything about flashfire.
Is there such a thing as MobileOdin? If there is, I know nothing about it and certainly have never tested anything with it. So I don't know and am not going to speculate.
You said something confusing here:
If it says "MODE: Developer" you have an unlocked bootloader. Which is exactly the same thing as a Developer Edition phone.
If you were to use a PC with Odin and you flashed a FULL Stock firmware flash, yes it would overwrite the unlocked bootloader and indeed re-lock the phone. If you were able to re-root that (stock) ROM, you could perform the unlocking procedure again to unlock it.
On the other hand, those Odin-flashable modem packages do not contain the bootloader firmware, so if you were to use Odin on a PC to flash just those modem images, your bootloader would not get re-locked - the unlocked bootloader is still there, untouched.
When the carriers issue an OTA update, many times (perhaps most of the time) they contain a modem update (NON-HLOS.bin and modem.bin). So it is obvious that they are able to be flashed **somehow** right on the phone, without using Odin from the PC or an "Odin app" at all.
BUT that happens using a combination of the STOCK recovery and the bootloader itself during the reboot following the actions taken by the STOCK recovery. (My guess is that the recovery simply "stages" it into place, and sets some flags so that the bootloader knows that it is supposed to evaluate the crypto signatures of the file blobs that the recovery put into place and it is actually the bootloader that does the flashing. That's really not a whole lot different than what happens when you transfer files from Odin to the phone - the "Odin/Download" mode is just one of the personalities of the bootloader. (Odin is actually a rather dumb program - it's the bootloader on the phone that gets to decide whether a flash happens. It does that by carefully examining the file blob that gets transferred, e.g. crypto signature checks)
My guess is that you would be able to flash STOCK modem packages from Odin (using a PC) independent of whether the bootloader is locked or unlocked. But as I said: "guess".
I don't have a second phone to test with, so I would have to flash completely back to stock and lock my bootloader to be able to test that hypothesis. That's a big jobs because of all the crap I have to backup and restore to my phone.
Frankly, if you don't have access to a PC, and you really need your device to keep working, I would advise you to stop screwing around with it, simply because you don't have good tools available to fix it if a disaster occurs.
PS. I've never once noticed anything different between various radio firmwares on ANY device I've ever owned.
Click to expand...
Click to collapse
Thanks SOOOOOO MUCH for your input I kinda had a feeling that the idea was risky at first and I don't know a whole lot about odin and I wish Samsung could have created something much easier to use, but thanks for answering the wayyyyy off topic question, I'm gonna smash that thanks button, I'm also going to take the advise on not cross flashing different modems, its just to risky. You answered all my questions so thanks, Also I want to say thank you for your continued work on this phone is by normal terms "old" now but in reality its still an amazing phone with the right custom software, and happy flashing!

Related

[Q] newbie: how to flash and which version of clean rom

I have a note 2 arriving this afternoon and I would like to unlock the bootloader and flash stock samsung experience. My understanding is that I download and run CASUAL (link in general forum) from linux using oracle java 7 and the system will be prepared for flashing (have bootloader unlocked, radio firmware updated and twrp installed).
-
I then download cleanrom (either cleanrom ace 4.2.5 or cleanrom vzw-se) put the binary on a microsd card; double check md5 hash. I then reboot the note 2 and hold volume up; home and power at same time while it boots and there will be an option to select a rom to boot?
-
Four questions:
1) Am I correct in the instructions (and will the radio be automagically updated by casual or is that a different process) ?
2) Which is 'better' or what is the difference between cleanrom ace 4.2.5 and cleanrom vzw-se ? Which is more likely to see updates as samsung make changes ?
3) When future radio updates occur how are they applied; do I rerun CASUAL?
4) Can the device be permanently bricked or can I always get into bootloader to load somethjing off sd card (I though the original hack - pre CASUAL - suggested that if you did not flash the radio first you could permantly brick the device which I did not understand is why you could not start over and then flash the radio?)
--
This will be my first time flashing an andriod device. My current (and first smart) phone is a verizon razr which is locked.
jake21 said:
I have a note 2 arriving this afternoon and I would like to unlock the bootloader and flash stock samsung experience. My understanding is that I download and run CASUAL (link in general forum) from linux using oracle java 7 and the system will be prepared for flashing (have bootloader unlocked, radio firmware updated and twrp installed).
-
I then download cleanrom (either cleanrom ace 4.2.5 or cleanrom vzw-se) put the binary on a microsd card; double check md5 hash. I then reboot the note 2 and hold volume up; home and power at same time while it boots and there will be an option to select a rom to boot?
-
Four questions:
1) Am I correct in the instructions (and will the radio be automagically updated by casual or is that a different process) ?
2) Which is 'better' or what is the difference between cleanrom ace 4.2.5 and cleanrom vzw-se ? Which is more likely to see updates as samsung make changes ?
3) When future radio updates occur how are they applied; do I rerun CASUAL?
4) Can the device be permanently bricked or can I always get into bootloader to load somethjing off sd card (I though the original hack - pre CASUAL - suggested that if you did not flash the radio first you could permantly brick the device which I did not understand is why you could not start over and then flash the radio?)
--
This will be my first time flashing an andriod device. My current (and first smart) phone is a verizon razr which is locked.
Click to expand...
Click to collapse
You can download any rom, and it doesn't matter if it is on the SD card or not. I just always make sure I have a nandroid on my sd and on my computer at all times.
I'm unsure how to answer 1.), because i'm unsure what you are asking exactly.
2.) neither is better than the other. if you use VZW apps, use the VZW cleanrom. If you don't and want the purest version possible, use cleanrom ace. I personally use cleanrom ace.
3.) do you mean OTA? they are international roms so you don't get asked for the VZW updates
4.) i think you can brick the device, but it is really hard and almost impossible to do as long as you are reading the instructions for hte mod/rom/etc... you are using. Most of the time you can use a nandroid to get back to a saved state.
With (1) I was asking if i listed the right sequence or if I missed some critical detail. If I use cleanrom ace (I'm leaning towards either cleanrom ace or jellybean) is there a way for me to install myverizion (which is the only verizon ap I used; polaris is also nice but both version include polaris).
kimdoocheol said:
You can download any rom, and it doesn't matter if it is on the SD card or not. I just always make sure I have a nandroid on my sd and on my computer at all times.
I'm unsure how to answer 1.), because i'm unsure what you are asking exactly.
2.) neither is better than the other. if you use VZW apps, use the VZW cleanrom. If you don't and want the purest version possible, use cleanrom ace. I personally use cleanrom ace.
3.) do you mean OTA? they are international roms so you don't get asked for the VZW updates
4.) i think you can brick the device, but it is really hard and almost impossible to do as long as you are reading the instructions for hte mod/rom/etc... you are using. Most of the time you can use a nandroid to get back to a saved state.
Click to expand...
Click to collapse
jake21 said:
With (1) I was asking if i listed the right sequence or if I missed some critical detail. If I use cleanrom ace (I'm leaning towards either cleanrom ace or jellybean) is there a way for me to install myverizion (which is the only verizon ap I used; polaris is also nice but both version include polaris).
Click to expand...
Click to collapse
I think you're missing a lot of steps. Also to get to recovery power off. Then do the button combo to power it on. Here is a great guide on how to flash a ROM. You are going to want section 2. Also if you want my Verizon you're gong to want the Verizon version of clean or beans or Eclipse. Then just download my Verizon from the play store
http://forum.xda-developers.com/showthread.php?p=34891181
Sent from the dark on a Note 2
Ok thanks. There is some side confusion on my part (perhaps with system layering) that I think contributes:
I understand what a bootloader is but I'm unsure what twrp is (is it a boot loader or does it act as a kernel that the bootloader runs and in itself allows for execing another kernel (the actual user layer). I also don't quite understand where the radio fits in this picture. I.e, how do you tell the system to flash the radio eprom indepdently of the kernel. My basic understanding of the system layer is:
rom -> exec bootloader from nvram -> bootloader has a configured option to exec the kernel -> kernel runs everything else
radio is in a different nvram that the chip knows how to read when radio is triggered by the kernel
(I used nvram above but I really don't know what sort of r/w chip they use these day; i.e, eeprom or something else)
-
My understanding is that if the flashing of hte bootloader fails then the phone is truely bricked and will require the nvram/eeprom be pulled and falshed exeternally as the rom bootloader has no method to recover.
-
Is this correct ?
kintwofan said:
I think you're missing a lot of steps. Also to get to recovery power off. Then do the button combo to power it on. Here is a great guide on how to flash a ROM. You are going to want section 2. Also if you want my Verizon you're gong to want the Verizon version of clean or beans or Eclipse. Then just download my Verizon from the play store
http://forum.xda-developers.com/showthread.php?p=34891181
Sent from the dark on a Note 2
Click to expand...
Click to collapse
jake21 said:
Ok thanks. There is some side confusion on my part (perhaps with system layering) that I think contributes:
I understand what a bootloader is but I'm unsure what twrp is (is it a boot loader or does it act as a kernel that the bootloader runs and in itself allows for execing another kernel (the actual user layer). I also don't quite understand where the radio fits in this picture. I.e, how do you tell the system to flash the radio eprom indepdently of the kernel. My basic understanding of the system layer is:
rom -> exec bootloader from nvram -> bootloader has a configured option to exec the kernel -> kernel runs everything else
radio is in a different nvram that the chip knows how to read when radio is triggered by the kernel
(I used nvram above but I really don't know what sort of r/w chip they use these day; i.e, eeprom or something else)
-
My understanding is that if the flashing of hte bootloader fails then the phone is truely bricked and will require the nvram/eeprom be pulled and falshed exeternally as the rom bootloader has no method to recover.
-
Is this correct ?
Click to expand...
Click to collapse
I think you are way over thinking this. So, TWRP is just your recovery. It replaces the stock Android recovery. To change your radio you would boot into TWRP and flash it like anything else.
As for the system layer break down. It's not really important for flashing except that kernels are included with whatever ROM you flash so unless you want to run a different one there's no need to worry about it. Also, radios are never included in a ROM flash so no need to worry about it.
To the if you can brick your phone. If course you can, but as stated is hard to do. Check the md5 before using Odin and don't unplug in the middle of a Odin flash. You can still recover most the time anyways, but why risk it.
Sent from the dark on a Note 2

[Q] Are bootloaders backwards compatible

I've always had trouble finding a definitive answer for this question.
In general, are bootloaders backwards compatible? For example, if I flash a JB 4.2 bootloader, will flashing a JB 4.1 or ICS ROM work as expected, or does the bootloader need to be downgraded too? I know that some newer phones (like the S4) have an efuse that prevents going backwards (at least for stock), but does that concept hold true for all phones?
I have an S2 that I just replaced with an S4, so I'm going to play around with it some now (currently on stock 2.3.4 KH7 with rooted kernel). It's been a while since I've flashed an entire ROM (usually I just work on getting root), but since this won't me my primary phone anymore, I can play around with it a bit.
I can't give you a definitive answer. We have established that even though the file size for the boot loaders remains consistent from Gingerbread through jelly bean, there are differences between the files when examined as hex code. So the engineers do perform modifications with each version. I have never seen any discussion of the boot loaders not being backward compatible. So, since we have lots of stock and custom firmware on the forum that does not contain boot loaders, I would assume that you could flash a Gingerbread or ICS over JB or KitKat boot loaders without problems. And even if there were issues, it would be no problem to flash a full stock distribution to get the correct boot loaders. But again, this is only my surmise, and not based on direct knowledge.
There have been some statements by at least one developer that you must upgrade the boot loaders for the latest versions of Jelly Bean or KitKat. I would think it advisable to have matching boot loaders on your daily driver.
(apologies ahead of time that my initial post was probably in the wrong forum).
Well, at least I'm not the only one who hasn't been able to find a definitive answer.
Speaking specifically about the S2 (since that seems to be one of your specialties), if I need to update the bootloader to ICS or JB (since I'm on gingerbread) and something goes wrong, will it hard brick the phone or can I still get into the ODIN download mode to recover/reflash? Is the download mode on this phone considered part of the bootloader? I get a little confused sometimes in regards to what is included in the "module".
For example, it seems like (at least for this phone), the recovery image is built into the kernel as opposed to a separate image like my ASUS Transformer TF300T. Is that correct? On my TF300T, I can flash the recovery image separately through fastboot without touching the kernel, bootloader, or anything else, but it seems like the recovery image for the S2 always comes with a kernel.
Basically, I want to do anything I can ahead of time to reduce the risk of a brick (and know what I should avoid to reduce bricking the phone). Based upon what you said, it sounds like the best way to upgrade my bootloader is to flash a stock ROM that includes the bootloader. If that is the case, since JB 4.1 was the last version release by AT&T, should I just go to that bootloader and hope it works if I install a JB 4.2/4.3 or KitKat based ROM? I assume if I reflashed the stock KH7 ROM, it would just replace everything (including bootloader) and get me back to where I am now?
I have a lot of experience in the Linux world, so I'm trying to map over the Android concepts to the Linux concepts, but I still get tripped up sometimes (recovery, bootloader, kernel, ROM, etc). Sometimes people don't seem to use the terms the same way.
From a technical standpoint, it doesn't surprise me too much that the bootloaders are the same size. It's probably similar to the MBR code for hard drives that just does a minimalistic job of getting the hardware in an accessible state so it can later boot the kernel (like GRUB).
jpasher said:
(apologies ahead of time that my initial post was probably in the wrong forum).
Click to expand...
Click to collapse
Yes, questions are usually supposed to go in the Q&A forum, but there is not so much activity in this phone's forum any more, so it really doesn't matter much. And this information is more of a general nature anyway.
Well, at least I'm not the only one who hasn't been able to find a definitive answer.
Speaking specifically about the S2 (since that seems to be one of your specialties), if I need to update the bootloader to ICS or JB (since I'm on gingerbread) and something goes wrong, will it hard brick the phone or can I still get into the ODIN download mode to recover/reflash? Is the download mode on this phone considered part of the bootloader?
Click to expand...
Click to collapse
1. Hard brick on an android phone generally means that one of the boot loaders is corrupt, or it might mean that the memory module section that contains the boot loaders or other low level code is damaged. In general, the main thing you have to be careful about is when flashing a boot loader to make sure that the flash is not interrupted. For instance, say the power goes out, or the dog pulls out the usb cord, right in the middle of the flash, and after the boot loader partition is wiped, only part of the code is copied back to the partition. The good news is that the individual bootloaders are fairly small, so the time of vulnerability is a matter of seconds.
If you need to update to ICS or JB boot loaders, you would have to flash the full stock distribution that has the boot loaders included. No one has made Odin flashable tars of either of those. The UCKH7 Gingerbread secondary boot loader is available in tar, and that is the only separate tar I know of.
2. I don't know software engineering, only a little programming. I don't know where the code that puts the phone into download mode is located. It seems likely that it is in the secondary boot loader, but that is only speculation. I do know that you can enter download mode, and then flash both boot.bin and/or sbl.bin.
I get a little confused sometimes in regards to what is included in the "module". For example, it seems like (at least for this phone), the recovery image is built into the kernel as opposed to a separate image like my ASUS Transformer TF300T. Is that correct? On my TF300T, I can flash the recovery image separately through fastboot without touching the kernel, bootloader, or anything else, but it seems like the recovery image for the S2 always comes with a kernel.
Click to expand...
Click to collapse
1. The memory is partitioned. Each chunck of code is loaded into its specific partition. I don't have a partition table handy for the S2, but essentially you have: primitive boot loader (boot.bin), secondary boot loader (sbl.bin), parameters (param.lfs), kernel (zImage or boot.img), cache (cache.img), system (factoryfs.img), hidden (hidden.img), modem (modem.img) and several others like PIT, EFS, CSC and I don't remember what. But the ones I named are what is included in a full firmware distribution, and the AT&T model does not allow for the changing of the CSC like on the international S2 so that is not used. I'm not a Linux person, but if my understanding is correct, the img files install like a block device, but the boot loaders and param at a lower level.
2. There may be a recovery partition, but I'm not sure of that. If there is, it isn't used. Anyway, you are correct that the recovery is compiled into the kernel and is installed as a unit on the S2. You can not install a separate recovery on the S2. Many Android phones, maybe most as far as I know, do have a separate partition for the recovery. The S3 and S4 do also.
3. If you are interested, I have attached a partition table for the S4, which you might want to look at just for interest and learning. If memory serves me, it is quite a bit different from the S2.
Basically, I want to do anything I can ahead of time to reduce the risk of a brick (and know what I should avoid to reduce bricking the phone). Based upon what you said, it sounds like the best way to upgrade my bootloader is to flash a stock ROM that includes the bootloader. If that is the case, since JB 4.1 was the last version release by AT&T, should I just go to that bootloader and hope it works if I install a JB 4.2/4.3 or KitKat based ROM? I assume if I reflashed the stock KH7 ROM, it would just replace everything (including bootloader) and get me back to where I am now?
Click to expand...
Click to collapse
I would assume that the above is correct. The boot loaders in the 4.1.2 UCMD8 firmware would be the latest official ones for this phone. As far as flashing back to earlier stock, you would only get the boot loaders if you use a full distribution. Many of the stock distributions and almost all of the custom firmware posted on this site for the AT&T S2 do not contain boot loaders or param.lfs.
I have a lot of experience in the Linux world, so I'm trying to map over the Android concepts to the Linux concepts, but I still get tripped up sometimes (recovery, bootloader, kernel, ROM, etc). Sometimes people don't seem to use the terms the same way.
From a technical standpoint, it doesn't surprise me too much that the bootloaders are the same size. It's probably similar to the MBR code for hard drives that just does a minimalistic job of getting the hardware in an accessible state so it can later boot the kernel (like GRUB).
Click to expand...
Click to collapse
A lot of people around here (myself included) speak from anecdotal information gathered from the forums.
Wow. A LOT of useful information in that response. Thanks! A few of the things finally made some light bulbs go on in my head and clear some things up.
creepyncrawly said:
If you need to update to ICS or JB boot loaders, you would have to flash the full stock distribution that has the boot loaders included. No one has made Odin flashable tars of either of those. The UCKH7 Gingerbread secondary boot loader is available in tar, and that is the only separate tar I know of.
Click to expand...
Click to collapse
So to get to an ICS or JB bootloader, does it mean I have to perform an update through Kies? I'm looking at the different custom ROMs running KitKat and at least some of them say to be on a JB bootloader. I've read that at least some some devices (such as my TF300T), the different bootloader versions can actually have different partition layouts
If I tried flashing your OCD package for UCLL6 4.0.4 on my current system (with gingerbread BL), would it boot (or worst case, just not boot but still allow me to enter ODIN download mode to flash back to stock UCKH7)? If I'm understanding things correctly, it seems like as long as I'm not touching the bootloader, the worst thing that could happen is that I get an unbootable phone that I can still recover using ODIN download mode.
creepyncrawly said:
2. I don't know software engineering, only a little programming. I don't know where the code that puts the phone into download mode is located. It seems likely that it is in the secondary boot loader, but that is only speculation. I do know that you can enter download mode, and then flash both boot.bin and/or sbl.bin.
Click to expand...
Click to collapse
I guess I'll have to start poking around the different partitions to see if I can find any signs that point to what is what (unless I can't do a simple dd of the partition to a file using adb shell).
creepyncrawly said:
1. The memory is partitioned. Each chunck of code is loaded into its specific partition. I don't have a partition table handy for the S2, but essentially you have: primitive boot loader (boot.bin), secondary boot loader (sbl.bin), parameters (param.lfs), kernel (zImage or boot.img), cache (cache.img), system (factoryfs.img), hidden (hidden.img), modem (modem.img) and several others like PIT, EFS, CSC and I don't remember what. But the ones I named are what is included in a full firmware distribution, and the AT&T model does not allow for the changing of the CSC like on the international S2 so that is not used. I'm not a Linux person, but if my understanding is correct, the img files install like a block device, but the boot loaders and param at a lower level.
Click to expand...
Click to collapse
Very useful stuff. I'll have to read around a bit more to understand the different functions associated with each image. And yes, it would make sense that the img files are simply a direct bit-for-bit copy of that partition (which I would assume could be obtained with a simple dd copy). That would also explain why the bootloaders are the same size (if you dd a block device/partition, the resulting raw file is the size of the block device/partition). My guess is that the flashing process essentially just takes each img and does the same thing as a dd of the file to the partition.
This makes me wonder... If the bootloader partition for a phone has a JB BL, I can't see why someone couldn't do a dd of that partition into an image file and then restore that to the bootloader partition of another phone (maybe there's built in security that prevents stuff like that).
creepyncrawly said:
3. If you are interested, I have attached a partition table for the S4, which you might want to look at just for interest and learning. If memory serves me, it is quite a bit different from the S2.
Click to expand...
Click to collapse
Very nice. Thanks. I just got my S4 last month, so I don't plan on doing anything to it besides already acquiring root. I'm also on the MF3 release which doesn't have any known way of installing custom ROMs anyway.
I wouldn't use Kies. Flash the full distribution of the stock firmware that you want the boot loader. For JB boot loaders, flash UCMD8 full. You can find that in the Download Repository at the bottom of the page.
The OCD for UCKK6 does not have boot loaders. To get the Gingerbread boot loaders, flash UCKH7 full. To get the ICS boot loaders, flash UCLE5 or UCLL6 full. Again, you can get those in the Download Repository.
You can use dd to pull or restore the contents of a partition. You can use adb shell, or you can use terminal emulator right on the phone. In fact, it's a good idea to back up your efs partition using the dd command. I've posted how to do that several times in the forums. Advanced search for "back up efs" and "creepyncrawly" should find that for you.
I personally would never try to flash a bootloader using the dd command, although it is definitely possible. There is too much margin for error. Remember, the dd command is lovingly called the destroy disk command.
wait. I've never flashed any bootloader. My phone came with GB but the last official firmware that my phone had was the ICS OTA. From there, I flashed up to JB and now I'm happily running KK.
I have flashed the latest modem, however.
Unless I am missing something, my phone works just fine with old bootloaders and new kernel/recovery/roms.
Sent from my SGH-I777 using XDA Premium 4 mobile app
Once again, thanks for the useful info.
I would definitely only use dd to replace the contents of a partition as a last resort. Since I don't know enough about how android would handle a partition being changed underneath its feet, it would be risky.
I grabbed the file for UCMD8 (4.1.2) and I'll play around with that. I tried to grab UCLL6 (4.0.4) too, but the links point to the defunct hotfile site. Do you have updated links for that file (or is it exactly the same as what I can download at sammobile.com)? The full stock binaries (.tar.md5) go in the ODIN PDA slot, right?
Also, for those that may be interested, I made a copy of the bootloader from my stock UCKH7 (partition /dev/block/mmcblk0p2) and looked for strings related to the ODIN download mode, and I was able to find all of the strings that appear when in download (e.g. "ODIN MODE", "PRODUCT NAME", "ERASING DOWNLOAD INFORMATION", etc), so it's safe to say that ODIN download mode is part of the bootloader. All the more reason to just leave the bootloader alone if possible.
I also noticed that the two bootloader partitions (mmcblk0p2 and mmcblk0p3) are almost identical except for the text string SNBL in the mmcblk0p2 partition. I wonder why the two partitions...
bleggy said:
wait. I've never flashed any bootloader. My phone came with GB but the last official firmware that my phone had was the ICS OTA. From there, I flashed up to JB and now I'm happily running KK.
Click to expand...
Click to collapse
Which JB version are you running? One possible reason I can think of where a newer bootloader would be needed is if the partition layout changes. I've heard of some devices where that occurred with JB 4.2. Maybe that's why TWRP recovery has two different versions for 4.1 and 4.2 on my TF300T.
At any rate, it's good to hear that someone hasn't broken their phone by running an older bootloader with a newer ROM.
I'm on KitKat 4.2.2 now.
Previously, 4.3 & 4.2-something Jellybean. And a ICS rom before that.
I dont think flashing new bootloaders is necessary. I mean, I dont think its common.
Sent from my SGH-I777 using XDA Premium 4 mobile app
jpasher said:
I grabbed the file for UCMD8 (4.1.2) and I'll play around with that. I tried to grab UCLL6 (4.0.4) too, but the links point to the defunct hotfile site. Do you have updated links for that file (or is it exactly the same as what I can download at sammobile.com)? The full stock binaries (.tar.md5) go in the ODIN PDA slot, right?
Click to expand...
Click to collapse
I haven't finished uploading files to dev-host yet. But I'll be sure to upload that one today. I don't think you can get the file from sammobile either. They also used hotfile, and have not re-uploaded their complete library yet.
Yes, put the tar.md5 in the pda slot.
Also, for those that may be interested, I made a copy of the bootloader from my stock UCKH7 (partition /dev/block/mmcblk0p2) and looked for strings related to the ODIN download mode, and I was able to find all of the strings that appear when in download (e.g. "ODIN MODE", "PRODUCT NAME", "ERASING DOWNLOAD INFORMATION", etc), so it's safe to say that ODIN download mode is part of the bootloader. All the more reason to just leave the bootloader alone if possible.
Click to expand...
Click to collapse
So you dd'd the contents of 0p2 and looked at that? What tool did you use to look for strings? And do you know if that is boot.bin or sbl.bin? I think it must be boot.bin.
I also noticed that the two bootloader partitions (mmcblk0p2 and mmcblk0p3) are almost identical except for the text string SNBL in the mmcblk0p2 partition. I wonder why the two partitions...
Click to expand...
Click to collapse
Is it possible that there is built in redundancy? If one partition is bad, the second one can be used?
I have uploaded UCLL6 Odin Flashable tar.md5 to dev-host and posted it in the Download Repository.
By the way, I forgot so didn't mention it earlier in the discussion, but both UCLE5 and UCLL6 contain boot bin, but do not contain either sbl.bin or param.lfs. Evidently, the secondary boot loader and param files were not updated in the upgrade from Gingerbread to ICS.
Thanks for the files. One more question about them. If I simply remove the boot.bin and sbl.bin from the tar file and flash, that's the same as the "no bootloader" flash images, right? Maybe param.lfs too? I'm just thinking of ways to make things safer while I'm doing my initial testing (and bleggy seems to be running newer ROMs off the original GB bootloader).
creepyncrawly said:
So you dd'd the contents of 0p2 and looked at that? What tool did you use to look for strings? And do you know if that is boot.bin or sbl.bin? I think it must be boot.bin.
Click to expand...
Click to collapse
It was definitely the SBL, because it's a 1.25MB image instead of the 128K first stage bootloader. I found this thread about the Captivate (another extra phone I have) that says it works the same way (and does a good job explaining the boot process). I haven't figured out where the first stage bootloader (boot.bin) is stored, since it's not in a partition. I'll have to do some research on that.
In Linux, there's actually a command called strings that you can run on a file and it will extract all of the text strings it can find. A grep of that can find specific text. You could of course do the same thing by opening the file in a hex editor.
Is it possible that there is built in redundancy? If one partition is bad, the second one can be used?
Click to expand...
Click to collapse
That was my thought, but I'm not brave enough to experiment to see if that's true.
whats the point, anyway? having consistent bootloader and rom doesnt seem to matter and plenty of i777 owners are running kitkat which there is no available bootloader to download and flash.
Is this an OCD thing? I get flashing the various modems for signal improvement, but I've never had a problem booting any rom with my old GB or ICS bootloader.
Sent from my SGH-I777 using XDA Premium 4 mobile app
jpasher said:
One more question... If I simply remove the boot.bin and sbl.bin from the tar file and flash, that's the same as the "no bootloader" flash images, right? Maybe param.lfs too?
Click to expand...
Click to collapse
Yes, that would be true. As long as you are using Linux to tar the remaining files, they should flash fine. I guess you can add the md5 if you want also.
The UCLE5 and UCLL6 one-click downloaders that I posted have the boot.bin removed. The UCLE5 and UCLL6 stock plus root also have the boot.bin removed. No one has ever said anything about any problems resulting.
My assumption is that it's ok to keep gingerbread boot loaders, or to flash the ICS boot loader, or to flash the JB boot loaders, and you would never be able to tell the difference. On the other hand, there must be a reason that Samsung puts them into the kies download. I just have no knowledge and no speculation on how they differ, or whether it is important to have matching boot loaders.
Edit: Oh, and boot.bin probably goes into 0p0 partition, just a guess. But it gets flashed in the pda slot just like sbl and param, so it must go into a partition.
Edit: A forum friend found this thread for us.
Edit: I just found Adam Outler's online pit file analyzer and ran the pit file from the Download Repository through it. Partition information for the AT&T SGS2 attached.
bleggy said:
whats the point, anyway? having consistent bootloader and rom doesnt seem to matter and plenty of i777 owners are running kitkat which there is no available bootloader to download and flash.
Click to expand...
Click to collapse
I have no reason to make the bootloader match the ROM. I'm just making sure I understand how everything works together to avoid doing something that may potentially brick my phone. I flashed the no bootloader version of stock UCMD8 today and everything seems to be working fine. As long as things work, I don't really care which bootloader I have.
creepyncrawly said:
Edit: Oh, and boot.bin probably goes into 0p0 partition, just a guess. But it gets flashed in the pda slot just like sbl and param, so it must go into a partition.
Click to expand...
Click to collapse
There's not a "zero" partition. My only guess is that it's embedded somewhere else. Not sure at this point.
I found that post the other day with the S2 partition layout (that's what I was using for my tests). The PIT file analysis gives a little more info, although it says boot.bin partition is 0 bytes. That's what confuses me a bit. But in the end, not really a big deal. More of a curiosity than anything else.
When this forum was active "Don't mess with bootloaders" was common knowledge. Unless you absolutely have to. You can hard brick this thing if there's a problem while flashing it.
Don't mess with any of the files you mentioned. As far as I know it's unnecessary. I'm running Renders CM11 build with no problems with the original GB bootloader. Never had a problem with ICS or JB roms either.
Yea, my main purpose for starting the thread was to make sure I wouldn't break anything beyond repair by having mismatched bootloaders. It makes perfect sense why corrupting the bootloader would hose things (just like if you corrupted the MBR of your hard drive and had to boot off of alternative media to repair it, except for the fact that the phone does not have the ability to boot alternative media). My ASUS Transformer TF300T is nice in that aspect as the Nvidia chipset allows booting into APX mode which is an extremely low level boot mode that allows repair of almost anything. It should would be nice if the additional bootloader slot on the S2 could be used as a fallback with a way to choose which bootloader to run.
I'm the kind of person that likes to know more about the innards of how something works instead of looking at it as a black box. When I'm "flashing the kernel", I like to know exactly what it is I'm changing so I can understand the repercussions, especially if something goes wrong.
So the net result after this conversation is that I'm a lot more confident about flashing android devices (as long as I stay clear of messing with the bootloader whenever possible). I have CM11 running now too (stock CM kernel) while still on the GB bootloader.

Confused on MODEM and BOOTLOADERS vs ROMS

On some ROMS I noticed that they require certain bootloaders and modems and they need to be flashed by ODIN while others do not. I am confused as to why that is, i thought flashing a ROM via a custom recovery like TWRP would handle that for you.
At the moment, I am on Vision X's 5.0 lollipop ROM, and I want to get onto stock 5.1.1. So far I'm reading this post: http://forum.xda-developers.com/tmo.../compilation-s5-g900t-stock-firmware-t3042400
It looks like i need to flash 3 things, bootloader, modem and the rom via ODIN.
I am unclear as to where modems, bootloaders and roms go on ODIN. aka, what is BL, AP, CP, and CSC
I also plan on maybe trying out a CM ROM like this: http://forum.xda-developers.com/galaxy-s5/unified-development/rom-ressurrection-remix-mm-t3275340
From what I'm reading there the t-mobile samsung galaxy s5 is KLTE? So thats the version I would download, and then flash through a custom recovery?
Sorry for the barrage of questions, I am somewhat new to this device, and all the ROM posts I see seem to expect a level of understanding I don't have yet. Please go easy on me
uLose said:
On some ROMS I noticed that they require certain bootloaders and modems and they need to be flashed by ODIN while others do not. I am confused as to why that is, i thought flashing a ROM via a custom recovery like TWRP would handle that for you.
At the moment, I am on Vision X's 5.0 lollipop ROM, and I want to get onto stock 5.1.1. So far I'm reading this post: http://forum.xda-developers.com/tmo.../compilation-s5-g900t-stock-firmware-t3042400
It looks like i need to flash 3 things, bootloader, modem and the rom via ODIN.
I am unclear as to where modems, bootloaders and roms go on ODIN. aka, what is BL, AP, CP, and CSC
I also plan on maybe trying out a CM ROM like this: http://forum.xda-developers.com/galaxy-s5/unified-development/rom-ressurrection-remix-mm-t3275340
From what I'm reading there the t-mobile samsung galaxy s5 is KLTE? So thats the version I would download, and then flash through a custom recovery?
Sorry for the barrage of questions, I am somewhat new to this device, and all the ROM posts I see seem to expect a level of understanding I don't have yet. Please go easy on me
Click to expand...
Click to collapse
Hello,
Some custom roms are made to load after the base rom has been loaded. I assume this is because the developers use the base architecture to build the rom on. Also some custom roms dont include bootloaders and modems.
Furthermore twrp as of lately may have issues flashing modems and bootloaders that are included in roms, and this is why odin could be used to flash bootloaders and modems. Also when flashing a bootloader you might need to completely power down the device then power up into download mode. failure to do so could result in the flash not taking. Bootloader files would go into the BL slot while the rom would go into the ap slot. You should always check you current version after flashing to confirm that the flash actually took. you could do so with the samsung info app in the play store. I would also check that your Odin is up to date if your going to 5.1.1. Hope this helps a little.
destructionj said:
Hello,
Some custom roms are made to load after the base rom has been loaded. I assume this is because the developers use the base architecture to build the rom on. Also some custom roms dont include bootloaders and modems.
Furthermore twrp as of lately may have issues flashing modems and bootloaders that are included in roms, and this is why odin could be used to flash bootloaders and modems. Also when flashing a bootloader you might need to completely power down the device then power up into download mode. failure to do so could result in the flash not taking. Bootloader files would go into the BL slot while the rom would go into the ap slot. You should always check you current version after flashing to confirm that the flash actually took. you could do so with the samsung info app in the play store. I would also check that your Odin is up to date if your going to 5.1.1. Hope this helps a little.
Click to expand...
Click to collapse
I see. So bootloaders -> BL, roms -> AP, but what slot to modems go? Also, should I flash all three at once, or is it better to do each one at a time?
Thanks for your help!
uLose said:
I see. So bootloaders -> BL, roms -> AP, but what slot to modems go? Also, should I flash all three at once, or is it better to do each one at a time?
Thanks for your help!
Click to expand...
Click to collapse
you can grab the stuff you need here if your looking for the OJ4 stock rooted rom.
http://forum.xda-developers.com/tmo...o-update-to-g900tof6-5-1-1-pc-t3141404/page36
That modem file worked when loaded into the ap slot.
An alternitive would be to grab the full rom thats for odin. If you odin the full rom(1 file) then it should update the boot loader and modem. you would then be on a stock unrooted rom and would have to root the device yourself if you wanted root.
http://forum.xda-developers.com/tmo.../compilation-s5-g900t-stock-firmware-t3042400
I used the app (*Phone INFO ★Samsung★) to chek all 3 and make sure there correct. it will tell you under the FIRMWARE info tab.
http://forum.xda-developers.com/showpost.php?p=64154819&postcount=361
OR if your already rooted, you can simply follow the FlashFire method in the 1st link on page one as this claims to have better results for roms that include modems. If not then you odin them in afterwords with the files in the above 1st link. again thats if you want to go with OJ4 (newest as of this post).

[REF][ROM]Recovery Flashable Stock SM-N900V ROMs

[size=+2]As a convenience to the users here, I have created recovery-flashable versions of the SM-N900V (Verizon Samsung Galaxy Note 3) Stock ROMs from the following releases:[/size]
[size=+3]NC4 NJ6 NK1 OB6 OF1 PL1[/size]
These flashables are ONLY INTENDED FOR SM-N900V OWNERS WITH UNLOCKED BOOTLOADERS AND STANDALONE CUSTOM RECOVERIES.
These ROMS are NOT pre-rooted. You are responsible for doing that (flash a superSU .zip in the recovery following the ROM flash if you desire root). Or, use the custom recovery's offer to root for you.
These ROMs are NOT debloated. Almost all of the original bloat and crapware is enabled.
[size=+1]NOTE: Odin-flashable Modems are provided as separate downloads for those that want to mix-n-match.[/size]
[size=+2]::::: MODIFICATIONS FROM 100% STOCK:[/size]
A small number of preinstalled apps have been suppressed/frozen; specifically those involved in automatic recovery-partition regeneration, OTA, Knox, or carrier spyware. See notes at [*1]
Also, the following two "build.prop" properties were disabled:
Code:
ro.config.tima=0
ro.securestorage.support=false
This seems to produce more stable ROMs when bootloaders are mix-n-matched with different ROM versions.
A script is provided which allows reversal of all of the above modifications to produce a 100% stock ROM (should you want that). See the notes at [*3]
[size=+2]::::: DOWNLOADS:[/size]
ROMs - Courtesy of Androidfilehost.com
Flashable Modems - Courtesy of Androidfilehost.com
[size=+2]::::: INSTALLATION[/size]
- Wipe system, dalvik, cache, and data (do not wipe /data/media)
- Flash ROM
- (OPTIONAL: full stock behavior restore. See [*3] ) (if you don't understand what this is, don't do it.)
- (OPTIONAL: inject root using chainfire's flashable superSU .zip, or allow the custom recovery to inject root) See [*4]
These flashable .zip ROMs ONLY modify the "system" and "boot" partitions. No bootloader firmware, modem firmware, or recovery partitions are affected; nor are wipes performed on any other partitions.
A script is provided in /system/etc for the ROM suppressions to be completely reversed, resulting in an almost-identical-to-Odin-stock ROMs, including resumption of OTAs etc. [*2]
[size=+2]::::: FEEDBACK REQUESTED [/size]
Because of the bootloader firmware anti-rollback protections, it is impossible for me to test all combinations of bootloader vs. kernel+ROM versions. I am presently still on NC4 bootloader firmware and have run all of these on top of the NC4 bootloader (sometimes flashing the modem which matches the ROM version, sometimes not) If you use any of these with a unique combination of bootloader and kernel/ROM, please drop a success/failure report here. Make sure to report both the bootloader and modem firmware versions.
[size=+2]::::: APPLICATIONS (or, Why Would I Find These Useful)?[/size]
- You want to run a Rooted PL1 stock before a root method becomes available without flashing the PL1 bootloader firmware. Benefit of more security against malware, but all the flexibility of root.
- You want to work on attempting root exploits of the PL1 ROM/kernel without taking the plunge of potentially locking your device forever with an Odin full-PL1 stock flash. E.g., flash the PL1 stock ROM over prior bootloaders (NC4/NJ6/NK1/OB6/OF1). The device can be used as a daily driver while you test your code... assuming that it operates correctly (TESTERS WANTED!)
- You want to flash back to Stock "for a minute" to check something, but without having to completely backup, wipe the device, re-root, re-unlock the bootloader, re-install your custom recovery, and restore your "SD card" data.
- You want a ROM where GPS/NFC/BT "just works"
- You occasionally want to use those Samsung S-Pen or TouchWiz apps.
- You'd like to create your own version of debloated stock.
- You think you might have damaged your hardware doing something and want to "see if it still works on stock"
- You want to run a rooted-stock KitKat ROM despite the fact that your ROM will have giant gaping security holes in it (that can be elevated to root privilege from an app with absolutely zero Android privileges)
[size=+2]::::: FAQs[/size]
Q - I am going to sell/give away my device. Should I use this?
A - Probably not. Use Odin with a factory image instead. These flashes by themselves do not enforce consistent bootloader, modem, or recovery firmware.
Q - Why didn't you debloat XXX and YYY from these?
A - Laziness. And besides, everyone has a different idea of what "debloated" means. Moreover, I wanted something that could easily be toggled into a "100% stock" configuration.
Q - I flashed one of these ROMs and yet I still see the "Knox Warranty" message when I boot up. Are the boot images non-stock?
A0 - The boot images in these ROMs are pure stock, right from the Odin factory tar/.md5 blobs.
A1 - Does your bootloader version match the kernel/ROM version? At least with the NC4 bootloader, you get that message when booting any kernel which is not the NC4 Samsung kernel - even when they are validly signed Samsung kernels. So, the only time you do not get that warning message is when the boot image is unmodified AND it exactly matches the version of the bootloader. I suppose that is the same behavior for other bootloader versions. Sigh.
A2 - "Systemless" root injection modifies the boot partition. That certainly will break the signing as you have modified the original boot image.
There is a way to check to see if your boot image has been modified; here it is:
1) compute the md5sum of the "boot.img" file from the release
2) find out the size/byte length of the factory "boot.img" file ("ls -l boot.img")
3) dump the same number of bytes out of the boot partition and pipe those bytes into the "md5sum" utility:
Code:
dd if=/dev/block/platform/msm_sdcc.1/by-name/boot bs=FILELENGTH count=1 | md5sum
Q - I did the stock reversion process and I still have the "Custom" logo showing up on my phone during boot-up. Why?
A - Because you are using a custom recovery, or a kernel which is mismatched to the version of the bootloader firmware. These ROMs are intended for use with unlocked phones with a custom recovery in any event.
Q - I can't get Knox containers to work. Why?
A - Knox containers will not work on phones with a blown Knox Warranty flag. That's an irreversible change you made to your phone when you unlocked it and booted an unsigned kernel. Sorry.
[size=+2]::::: Revision History[/size]
0.95 remove umount /system at end of reversion script; undo Mobicore service suppression.
0.94 add ELM*{.apk|.odex|etc} to suppressions
0.93 correct chmod mode in restore script for bin/install-recovery.sh (PL1)
0.92 baseline
[size=+2]::::: FOOTNOTES[/size]
[*1] For example: bin/install-recovery.sh, LocalFOTA, SDM, Knox*, VMS, SysScope, et cetera. All the other commercial bloatware and Samsung apps remain. NOTE: because of the possiblity of running these kernels/ROMs on mis-matched bootloader(s) where TZ/Attribution failures could disable certain TrustZone capabilities, I have disabled the following properties in /system/build.prop:
ro.config.tima=0
ro.securestorage.support=false
These may be easily reversed and the device rebooted.
[*2] If you were returning to stock in order to sell or dispose the device, probably it is best to just use Odin with the factory images.
[*3] Using the custom recovery's Advanced->Terminal function, find the script name in /system/etc, i.e.
Code:
ls -l /system/etc/bftb0*
and then
Code:
. /system/etc/bftb0_README*
It is sort of unlikely that anyone would need to use this. It may even be the case that Verizon has stopped providing OTA updates on older releases anyway. But it's there if you want it.
If nothing else, this script is very easy to read and so it documents all the changes that make it slightly different from pure stock; if you want to reverse one particular suppression, just read through the script and perform those individual changes manually, and reboot.
[*4] Since about superSU 2.65, the SuperSU .zip installation method MODIFIES THE BOOT PARTITION! The same is true of "systemless" root installations performed by custom recoveries (e.g. TWRP). You need to be aware of this in one very particular application: Installing a new bootloader over the top of a pre-rooted ROM which has the stock kernel version matching the version of the to-be-installed bootloader/modem firmware.
Running twrp/developer mode (via the unlocked bootloader thread), s7 edge AryaMod rom, with NC4 modem.
Do I flash this via twrp or Odin to get on the PL1 modem?
I want to stay on aryamod. I just want to update my modem
@bftb0 Thank you for this thread Sir. You are always a missive help :good:
godrick15 said:
Running twrp/developer mode (via the unlocked bootloader thread), s7 edge AryaMod rom, with NC4 modem.
Do I flash this via twrp or Odin to get on the PL1 modem?
I want to stay on aryamod. I just want to update my modem
Click to expand...
Click to collapse
Then just flash the N900VVRSEPL1_Modem.tar.md5 modem using Odin. (In the AP slot)
The modems are in a separate folder titled "OdinFlashableModems"; they are meant to be flashed separately according to the whims of the user.**
**having said that - and to stay on topic (which is these Stock ROM flashables) - if any connectivity troubles are encountered, the first thing to be tried is matching the kernel version of the ROM with the same modem version. As in NC4 modem with NC4 kernel, OB6 modem with OB6 kernel, et cetera. Flash the ROM in TWRP, and the modem in Odin (I actually am right now going through a matrix of flashing tests; already it is clear that the NC4 modem can't be used with NJ6 or NK1 kernels, for instance.)
For these ROMs (discussed in the OP) it's probably a good practice to simply download both the ROM of a specific release and the matching modem and perform the first boot of the ROM with the releases paired together. After that folks should feel free to screw around with modems to their heart's content.
cheers
.
bftb0 said:
Then just flash the N900VVRSEPL1_Modem.tar.md5 modem using Odin. (In the AP slot)
The modems are in a separate folder titled "OdinFlashableModems"; they are meant to be flashed separately according to the whims of the user.**
**having said that - and to stay on topic (which is these Stock ROM flashables) - if any connectivity troubles are encountered, the first thing to be tried is matching the kernel version of the ROM with the same modem version. As in NC4 modem with NC4 kernel, OB6 modem with OB6 kernel, et cetera. Flash the ROM in TWRP, and the modem in Odin (I actually am right now going through a matrix of flashing tests; already it is clear that the NC4 modem can't be used with NJ6 or NK1 kernels, for instance.)
For these ROMs (discussed in the OP) it's probably a good practice to simply download both the ROM of a specific release and the matching modem and perform the first boot of the ROM with the releases paired together. After that folks should feel free to screw around with modems to their heart's content.
cheers
.
Click to expand...
Click to collapse
Flash modem from CP slot,
Power off phone, start Odin, turn on phone in download mode.. (vol. down + home + power) and then plug into computer. Hit Vol Up to switch into download mode. Wait for com: notification in Odin and hit Start in Odin.
The above is only for XXXmodem.tar.md5 files. For complete ROMs that also include modem, follow the same except flash from AP slot.
I don't know why, but booting from power off into download mode seems to insure modem only tars 'take'.
Sent from my SM-N900V using Tapatalk
@donc113
I'll admit that I've never come across an Odin guide of any technical depth. I've used both the AP and BL slots (not together) for bootloader firmware, and largely haven't had any major issues flashing modems in the AP slot.
I'm wondering if there is no other purpose for the "slots" other than to be able to sequentially flash firmware using multiple file sources "in a single go". (i.e., the slots are not functionally different from each other, and are mostly there because Samsung service centers have firmware files partitioned by BL/AP/CP/CSC functionality, and the "slots" simply remind their techs to "fill up all the slots" when a complete flash is necessary)
One thing that is certain is that having begun an Odin flash, you can hit the "reset" button in the application (after the phone issues a RESET), but you need to restart the phone again in Odin/Download mode to perform a second flashing operation. Thus (maybe?) the need for multiple slots if firmware is in multiple files?. I guess I could break up a factory image into multiple sets and experiment but that seems low on the priority totem pole right now.
roll your own Odin .md5 tarballs:
Code:
tar -H ustar -c -f Odin-flashable-XYZ.tar flle1 file2 [...fileN]
md5sum Odin-flashable-XYZ.tar >> Odin-flashable-XYZ.tar
mv Odin-flashable-XYZ.tar Odin-flashable-XYZ.tar.md5
bftb0 said:
@donc113
I'll admit that I've never come across an Odin guide of any technical depth. I've used both the AP and BL slots (not together) for bootloader firmware, and largely haven't had any major issues flashing modems in the AP slot.
I'm wondering if there is no other purpose for the "slots" other than to be able to sequentially flash firmware using multiple file sources "in a single go". (i.e., the slots are not functionally different from each other, and are mostly there because Samsung service centers have firmware files partitioned by BL/AP/CP/CSC functionality, and the "slots" simply remind their techs to "fill up all the slots" when a complete flash is necessary)
One thing that is certain is that having begun an Odin flash, you can hit the "reset" button in the application (after the phone issues a RESET), but you need to restart the phone again in Odin/Download mode to perform a second flashing operation. Thus (maybe?) the need for multiple slots if firmware is in multiple files?. I guess I could break up a factory image into multiple sets and experiment but that seems low on the priority totem pole right now.
roll your own Odin .md5 tarballs:
Code:
tar -H ustar -c -f Odin-flashable-XYZ.tar flle1 file2 [...fileN]
md5sum Odin-flashable-XYZ.tar >> Odin-flashable-XYZ.tar
mv Odin-flashable-XYZ.tar Odin-flashable-XYZ.tar.md5
Click to expand...
Click to collapse
The CP slot is also able to flash .bin files.
Sent from my SM-N900V using Tapatalk
Carrier unlocked
flashed rom .rebooted with t-mobile SIM, wih no option in setting to change APN
bftb0 said:
Then just flash the N900VVRSEPL1_Modem.tar.md5 modem using Odin. (In the AP slot)
The modems are in a separate folder titled "OdinFlashableModems"; they are meant to be flashed separately according to the whims of the user.**
**having said that - and to stay on topic (which is these Stock ROM flashables) - if any connectivity troubles are encountered, the first thing to be tried is matching the kernel version of the ROM with the same modem version. As in NC4 modem with NC4 kernel, OB6 modem with OB6 kernel, et cetera. Flash the ROM in TWRP, and the modem in Odin (I actually am right now going through a matrix of flashing tests; already it is clear that the NC4 modem can't be used with NJ6 or NK1 kernels, for instance.)
For these ROMs (discussed in the OP) it's probably a good practice to simply download both the ROM of a specific release and the matching modem and perform the first boot of the ROM with the releases paired together. After that folks should feel free to screw around with modems to their heart's content.
cheers
.
Click to expand...
Click to collapse
teeve said:
flashed rom .rebooted with t-mobile SIM, wih no option in setting to change APN
Click to expand...
Click to collapse
https://forum.xda-developers.com/showthread.php?t=2582747
Sent from my SM-N900V using Tapatalk
teeve said:
flashed rom .rebooted with t-mobile SIM, wih no option in setting to change APN
Click to expand...
Click to collapse
These are in fact Verizon Stock ROMs. If they were intended to be for multiple carriers (out of the box) they would not be in this specific forum, and I would have mentioned it.
That said, any hacks/mods that might have worked in the past on SM-N900V stock ROMs could be possible, with "some assembly required".
I don't have a T-mo SIM to test out the method described in the link @donc113 provided above. (I can tell you though that with a VZW SIM, on the PL1 ROM you only will see "LTE/CDMA" and "CDMA" under Settings->Mobile networks->Network mode. I suppose that could depend on what SIM was in when the phone booted, but I don't really know)
If you get it working, please file a success report. Don't forget to mention the version that you flashed - you omitted that in your Q.
cheers
unlocked Verizon Note 3 w/flashable "stock roms ?
bftb0 said:
These are in fact Verizon Stock ROMs. If they were intended to be for multiple carriers (out of the box) they would not be in this specific forum, and I would have mentioned it.
That said, any hacks/mods that might have worked in the past on SM-N900V stock ROMs could be possible, with "some assembly required".
I don't have a T-mo SIM to test out the method described in the link @donc113 provided above. (I can tell you though that with a VZW SIM, on the PL1 ROM you only will see "LTE/CDMA" and "CDMA" under Settings->Mobile networks->Network mode. I suppose that could depend on what SIM was in when the phone booted, but I don't really know)
If you get it working, please file a success report. Don't forget to mention the version that you flashed - you omitted that in your Q.
cheers
Click to expand...
Click to collapse
OF1. Will try the unlocked hack. Only have LTE/CDMA option as it stands.
Carrier unlocked
bftb0 said:
These are in fact Verizon Stock ROMs. If they were intended to be for multiple carriers (out of the box) they would not be in this specific forum, and I would have mentioned it.
That said, any hacks/mods that might have worked in the past on SM-N900V stock ROMs could be possible, with "some assembly required".
I don't have a T-mo SIM to test out the method described in the link @donc113 provided above. (I can tell you though that with a VZW SIM, on the PL1 ROM you only will see "LTE/CDMA" and "CDMA" under Settings->Mobile networks->Network mode. I suppose that could depend on what SIM was in when the phone booted, but I don't really know)
If you get it working, please file a success report. Don't forget to mention the version that you flashed - you omitted that in your Q.
cheers
Click to expand...
Click to collapse
I dont have a verizon SIM to try the method described in the link. But I flashed the OF1 modem, and when I first start the phone with the T-mobile SIM, it says T-mobile and there is signal bars - and then immediately the data connection goes away and the "not a verizon SIM" comes up:silly:
teeve said:
I dont have a verizon SIM to try the method described in the link. But I flashed the OF1 modem, and when I first start the phone with the T-mobile SIM, it says T-mobile and there is signal bars - and then immediately the data connection goes away and the "not a verizon SIM" comes up:silly:
Click to expand...
Click to collapse
I noticed after my initial reply that those instructions @donc113 referenced presumed there is a "global" mode toggle in the Settings menus, and that doesn't seem to be the case for OF1 (as you say) or PL1 (as I observed).
This isn't an area of expertise for me - I've always been on Verizon, so I never had much of a need to hack a phone to a new carrier. (I'd recommend that you have a complete backup of your EFS partition before you start messing around.) << read that part two or three times.
On PL1, there is this (needs to be executed as root if you don't start it from within an app such as "App Browser"):
Code:
am start -W -n com.test.LTEfunctionality/com.test.LTEfunctionality.LTEFunctionalityTest
And then scroll down to "LTE APN Setting". Hitting the "+" sign (upper right corner) allows you to add a new set of APN parameters. Thing is, I don't know if this is something that allows you to make only a temporary change or if they "stick" after you exit that activity.
There is a file in /efs (namely /efs/apn-changes.xml) which seems to hold APN configuration data, but I have no clue if that is consulted for configuration information, or merely a copy of data that really lives elsewhere.
If the phone isn't your daily driver, you could probably flash back to the NC4 ROM as an experiment to see if "Global" is still available in the settings menu. Not so much because you would want to use an old, insecure ROM, but just to see if you can successfully get it programmed to work with T-mobile for voice+data+sms+mms. At least if you figured out what the correct settings were supposed to be, you'd only be faced with where they are supposed to go in OF1/PL1 (Were you using this phone before on T-mobile? If so, what ROM?)
There's a ton of stuff under the hood with those hidden settings. Hundred if not thousands of tweakable parameters. (If you want your head to spin look under IMS Settings) I would be careful about randomly poking at things. Apparently there's a fair amount of stuff stored in NVRAM which has nothing to do with anything that gets flashed by Odin with factory images, so it is entirely possible to permanently mess up a phone if you aren't super careful about recording prior settings and watching every keystroke. Some of those "maintenance" menus seem to be really poorly programmed - not defensively - and you could make unintended changes simply by walking through a set of menu picks.
.
bftb0 said:
I noticed after my initial reply that those instructions @donc113 referenced presumed there is a "global" mode toggle in the Settings menus, and that doesn't seem to be the case for OF1 (as you say) or PL1 (as I observed).
This isn't an area of expertise for me - I've always been on Verizon, so I never had much of a need to hack a phone to a new carrier. (I'd recommend that you have a complete backup of your EFS partition before you start messing around.) << read that part two or three times.
On PL1, there is this (needs to be executed as root if you don't start it from within an app such as "App Browser"):
Code:
am start -W -n com.test.LTEfunctionality/com.test.LTEfunctionality.LTEFunctionalityTest
And then scroll down to "LTE APN Setting". Hitting the "+" sign (upper right corner) allows you to add a new set of APN parameters. Thing is, I don't know if this is something that allows you to make only a temporary change or if they "stick" after you exit that activity.
There is a file in /efs (namely /efs/apn-changes.xml) which seems to hold APN configuration data, but I have no clue if that is consulted for configuration information, or merely a copy of data that really lives elsewhere.
If the phone isn't your daily driver, you could probably flash back to the NC4 ROM as an experiment to see if "Global" is still available in the settings menu. Not so much because you would want to use an old, insecure ROM, but just to see if you can successfully get it programmed to work with T-mobile for voice+data+sms+mms. At least if you figured out what the correct settings were supposed to be, you'd only be faced with where they are supposed to go in OF1/PL1 (Were you using this phone before on T-mobile? If so, what ROM?)
There's a ton of stuff under the hood with those hidden settings. Hundred if not thousands of tweakable parameters. (If you want your head to spin look under IMS Settings) I would be careful about randomly poking at things. Apparently there's a fair amount of stuff stored in NVRAM which has nothing to do with anything that gets flashed by Odin with factory images, so it is entirely possible to permanently mess up a phone if you aren't super careful about recording prior settings and watching every keystroke. Some of those "maintenance" menus seem to be really poorly programmed - not defensively - and you could make unintended changes simply by walking through a set of menu picks.
.
Click to expand...
Click to collapse
I'm on Jasmine which is OF1 and I have a global mode selection.
{
"lightbox_close": "Close",
"lightbox_next": "Next",
"lightbox_previous": "Previous",
"lightbox_error": "The requested content cannot be loaded. Please try again later.",
"lightbox_start_slideshow": "Start slideshow",
"lightbox_stop_slideshow": "Stop slideshow",
"lightbox_full_screen": "Full screen",
"lightbox_thumbnails": "Thumbnails",
"lightbox_download": "Download",
"lightbox_share": "Share",
"lightbox_zoom": "Zoom",
"lightbox_new_window": "New window",
"lightbox_toggle_sidebar": "Toggle sidebar"
}
Sent from my SM-N900V using Tapatalk
Took a look over in my AFH area at the file counts to see what the activity level was. (The Note 3 is an "old" device, 3 years is approximately infinitely old LOL)
Over 60 downloads of the ROMs (OF1 and PL1 mostly) and about the same count for modems.**
And yet not a single report here of something actually getting installed. I suppose (as XDA doesn't require a login) that lurkers vastly outnumber XDA contributors ???
Ahh, well; I put them up there so folks could use them. Hopefully that's the case.
** oddly, a fair number of downloads of the NC4 modem. No clue what that would mean.
.
I'm running into an error when flashing the ROM in TWRP:
Code:
This package is for device: SM-N900V,hltevzw; this device is hlte.
Updater process ended with ERROR: 7
Error installing zip file '/external_sd/ROM_STUFF/Roms/N900VVRSEPL1_flashable_OTAsuppressed_vo.95.zip'
Updating partition details...
...done
My phone is a N900V.
---------- Post added at 02:12 PM ---------- Previous post was at 01:29 PM ----------
*Update*
Nevermind, I managed to get it working by editing the \META-INF\com\google\android\updater-script, replacing all 'hltevzw' with 'hlte', and updating the zip.
pnuker said:
I'm running into an error when flashing the ROM in TWRP:
Code:
This package is for device: SM-N900V,hltevzw; this device is hlte.
Updater process ended with ERROR: 7
Error installing zip file '/external_sd/ROM_STUFF/Roms/N900VVRSEPL1_flashable_OTAsuppressed_vo.95.zip'
Updating partition details...
...done
My phone is a N900V.
---------- Post added at 02:12 PM ---------- Previous post was at 01:29 PM ----------
Nevermind, I managed to get it working by editing the \META-INF\com\google\android\updater-script, replacing all 'hltevzw' with 'hlte', and updating the zip.
Click to expand...
Click to collapse
Cool :good:
Just for info to anyone else that get that error:
Basically its an error you get if you are using the wrong twrp. In your case you are using an hlte recovery not N900V twrp recovery. But what you did will work :good:
Sczar said:
Just for info to anyone else that get that error:
Basically its an error you get if you are using the wrong twrp. In your case you are using an hlte recovery not N900V twrp recovery. But what you did will work :good:
Click to expand...
Click to collapse
^this.
The custom recoveries don't do any fancy hardware detection during the assert in
META-INF/com/google/android/update-script
; they merely check the value in the script against the property
ro.product.device
that is established by init from reading the /default.prop file when the recovery boots up. Wrong recovery? Wrong ro.product.device value.
The situation is somewhat muddled by virtue of the fact that there are ROMs that will install & run more or less correctly on multiple device types, so the devs either check for each compatible device in the assert statement in the update-script... or they simply omit the assert() in the script altogether.
Either of the latter can lead people to conclude that they installed the correct twrp version - "hey, I used it to install a new ROM and it worked."
I chose to use strict checking when I packaged these up.
In any event, here are the TWRP downloads for hltevzw
bftb0 said:
^this.
The custom recoveries don't do any fancy hardware detection during the assert in
META-INF/com/google/android/update-script
; they merely check the value in the script against the property
ro.product.device
that is established by init from reading the /default.prop file when the recovery boots up. Wrong recovery? Wrong ro.product.device value.
The situation is somewhat muddled by virtue of the fact that there are ROMs that will install & run more or less correctly on multiple device types, so the devs either check for each compatible device in the assert statement in the update-script... or they simply omit the assert() in the script altogether.
Either of the latter can lead people to conclude that they installed the correct twrp version - "hey, I used it to install a new ROM and it worked."
I chose to use strict checking when I packaged these up.
In any event, here are the TWRP downloads for hltevzw
Click to expand...
Click to collapse
this ^^
True. Its not a hardware detection. Its a command in the default.prop i was trying to simplify it as much as possible.
But as you explained in details ?
Thank you
bftb0 said:
In any event, here are the TWRP downloads for hltevzw
Click to expand...
Click to collapse
That is the TWRP I was using though (twrp-3.0.2-0-hltevzw-4.4)

Stock OF1 Bootloader tar.md5 ODIN update file

One of my very first XDA posts, so go easy on me, please.
Preface:
I somehow managed, through all my tinkering, to end up with the stock OB6 bootloader, and stock OF1 everything else (PDA, CSC, Baseband) on my SM-N900V, after installing JasmineROM 6.1, which is Android 5.0. I'm certain it's something I did, or didn't do properly, and not as a result of a proper installation of JasmineROM.
I discovered the bootloader mismatch using the app "Phone INFO *SAMSUNG*", which is great to view extended information about your device.
You can find the app here:
https://play.google.com/store/apps/details?id=org.vndnguyen.phoneinfo&hl=en
I decided to update the bootloader from OB6 to OF1 to be in parity. I couldn't find a standalone Odin-friendly OF1 bootloader tar.md5 for download, so I compiled this one.
Of Note:
- I cannot and will not be held responsible if something goes wrong.
- I can only recommend this update to go from the OB6 bootloader to the OF1 bootloader, as it's the only scenario I tested. It may work with other versions. It may not.
- This is not an update which required me to wipe my data and/or caches before or afterwards, nor did it affect my custom recovery. As intended, it only affects and alters the bootloader itself.
- There may be absolutely no performance/functionality benefit to updating your bootloader. Maybe others can chime in on this. However, this may be handy to use to restore a corrupted OF1 bootloader, if you're a tinkerer, and you screwed it up.
- This will "undo" an unlocked bootloader, as it's a stock OF1 bootloader going into place. To unlock the OF1 bootloader after the update, complete the simple tutorial here:
https://forum.xda-developers.com/verizon-galaxy-note-3/general/official-note-3-verizon-bootloader-t3359370
How-To Do The Bootloader Update:
- Back your phone up anyway, as you should before any other firmware update operation. I didn't and it went 100% fine. YMMV.
- Download the N900VVRUEOF1_Bootloader.tar.md5 file from Mega here:
https://mega.nz/#!lqIRwATT!-sOc1meun6PlHjUN_zReGFBx4TY5iSyhKXuxmxL-3Fg
- Power off your phone.
- Boot into download mode by holding in the power, home, and volume down buttons simultaneously until the download mode screen comes up, then release. Once it does, tap volume up.
- Connect your phone to your PC.
- Launch ODIN (I used v3.12) on your PC.
- Browse to the N900VVRUEOF1_Bootloader.tar.md5 file via the BL slot in ODIN.
- Under options in ODIN, I ticked "Phone Bootloader Update". I've seen conflicting information about if this requires to be done or not. However, I did, and it updated as hoped.
- Click Start.
- Once the update completes in ODIN, and your phone reboots, it's safe to unplug your phone and close ODIN, and you're done.
I don't expect a bunch of people (anyone?) to be looking for this, but in case you searched for literal hours looking for a stock OF1 bootloader like I did...
Footnote: I've had my Note 3 now for 3 years and 6 months, and for me to get rid of it, it'd need to be pried out of my cold dead hands. It's still fast and stable. More than the day I got it.
MD5 ERROR

Categories

Resources