Related
Are there any custom ROMs that support device encryption? My phone needs to be encrypted to allow me to access my work email. I had recently been running SlimKat when my work email changed to require encryption. I tried to encrypt phone but it did nothing. Then I read somewhere that maybe none of the Androd 4.4.x ROMs support device encryption, so I thought I would try Android 5 since I read that Android 5 enables encryption by default. I flashed CM12, but found that encryption isn't working in it either.
I've read that you need to unroot phone in order to get encryption to work. I did try that with SlimKat with no success. I haven't tried it yet on CM12, but I'm a little nervous that it might work just well enough to leave me with an unusable phone. Especially since the change log for the unofficial CM12 ROM specifically says that encryption doesn't work. Searching for "encryption" turns up lots of posts about unsuccessful encryption resulting in bricked devices.
I have gotten used to and really like the features of KitKat and Lollipop, and I don't want to have to downgrade all the way to stock ROM with Jellybean. But I do need to get to my work email from my phone. Does anyone know of any ROMs for the Razr out there with working device encryption?
Thanks in advance.
Another question along the same lines. If I boot the stock rom from the safestrap safe slot I should be able to encrypt my phone. I read that I may have to temporarily unroot it by killing the su process via adb to get it to start encrypting, but that should be no problem. Then once it's encrypted I'd want to go back to my custom ROM. It sounds easy enough, but since device encryption is not reversible I really want to know if it's going to work before I try it. It would suck to be trapped in stock ROM. If device encryption only affects the data partition and /sdcard then recovery should be ok (maybe), but I don't know if the safestrap ROM slots will still be functional/bootable after encryption.
Anyone have any experience with device encryption? Thanks in advance for any advice or thoughts on this.
Bricked your M5? Post here. I am one of three posters who have posted threads requesting assistance - we might as well create one thread where we can try and help each other.
My model? SHT-AL09 (C636). My story? I apparently made a bad change to my build.prop file, and had USB debugging disabled. I then probably dug myself a deeper hole trying to recover. I don't even get boot animation anymore. I'd happily pay someone to unbrick me.
The only potential progress I have made, is that I was able to install and successfully boot TWRP - although TWRP detects that I have no operating system installed and I am unable to mount any partitions except for my external SD card. Using TWRP's file manager, I can see that the system partition, for example, has not been entirely wiped, but many files seem to be missing. At the very least, TWRP allows me to turn the screen off without seeking to contantly reboot thereafter.
To install TWRP, I followed these instructions intended for Mate 9 owners:
duraaraa said:
This is TWRP to Mate 9/Android O, brought to you by FunkyHuawei.
It's just a preliminary build so I can't promise anything/everything will work! Keep that in mind. I'm not responsible if you brick your device.
EDIT: Does not work with Mate 10 series.
DOWNLOAD LINK:
https://drive.google.com/open?id=0B45NCsO2AL_1NEh2aDFLM3JlYkU
It works on the Android O build here:
https://www.reddit.com/r/FunkyHuawei/comments/75uwkd/october_12_first_official_android_o_beta_for/
and the official European beta.
To install:
First, have Android O running. Unlock the bootloader. Download the twrp image.
Then, run in fastboot mode:
fastboot flash recovery_ramdisk twrp_android_o_mate9_a1.img
Then, reboot holding volume up, and you've got TWRP!
Note: With the Android O update, it is no longer possible to flash the recovery2 partition. Furthermore, the names of the partitions have changed. Please keep that in mind, and don't mess around too much with TWRP, to be sure you don't brick your system!
Click to expand...
Click to collapse
Hmm ... I wanted to ask you whether you have the full OTA package for your device? So you should be able to extract all the partition images from there and to fastboot flash them. But I checked on HFF and I do not see a full OTA package matching your device yet.
AndDiSa said:
Hmm ... I wanted to ask you whether you have the full OTA package for your device? So you should be able to extract all the partition images from there and to fastboot flash them. But I checked on HFF and I do not see a full OTA package matching your device yet.
Click to expand...
Click to collapse
I've tried flashing system.img/ramdisk.img from the c00 package. Maybe I have to wait for c636 firmware, or maybe I have to flash additional .imgs. I am pretty sure that the specs and hardware I have are the same as the c00.
I've tried flashing the entire update.zip file in TWRP...but as noted TWRP is unable to mount internal storage. I'm not sure if I need to wipe and reformat first. I also have no clue whether the TWRP build I installed is properly compatible with the device. I had nothing to lose by giving it a shot.
thref23 said:
I've tried flashing system.img/ramdisk.img from the c00 package. Maybe I have to wait for c636 firmware, or maybe I have to flash additional .imgs. I am pretty sure that the specs and hardware I have are the same as the c00.
Click to expand...
Click to collapse
This will not work as the boot chain will be broken due to mismatching checksums. You need to have the correct images. To flash a OTA image you also need to have the standard recovery image installed ...
So...will someone correct please correct me if this is wrong?
If I were to flash a c00 oeminfo file, I could then install a c00 update.zip via dload folder?
Would c432 work as well (with a flashed oeminfo), even though the Euro hardware has different bands than my hardware?
There is now a full OTA on FF for C635.....still nothing for c636...
Finally, a full OTA is available for c636.
But the 'dload' method (update.app on an sd card) failed at 5%. And flashing ramdisk/recovery/erecovery/system images also failed.
Is this possibly because the OTA is B153, whereas my M5 was shipped B121?
(I hate to be that guy bumping his own thread, sorry)
I'm unbricked!
For those in a similar spot, looking to rebrand, or otherwise interested...
I finally e-mailed Funky Huawei for assistance. Their unbrick tool did not work. However, their e-recovery method worked perfectly (basically, you point your router's DNS to Funky Huawei, enter stock recovery and connect to wi-fi, and Funky Huawei's servers mimic Huawei's servers. If they do not have your firmware on their server, they will add it by request (provided it exists on the internet).
I paid $65 for a 30 day pass - a little steep, but I was impatient. I'm not sure if I could have gotten away with paying less. If you want to try and use my FH account over the next 30 days PM me (although I don't want to get carried away with that).
For those looking to rebrand, if you can flash an OEMinfo file successfully (FH has a rebrand tool and I have no clue how well it works), you should be able to use FH's erecovery method to flash firmware (don't blame me if something goes wrong).
One reason for the trouble I was having, if because I bootlooped after making a change to the vendor/build.prop file. This file was on the vendor partition, not the system partition, and for whatever reason the vendor partition cannot be flashed via fastboot (in theory it can be flashed, in reality it returns an error that doesn't have to do with the size of the partition).
Before reverting to FH, I finally got TWRP installled and functioning, and after all the attempts I made to recover my device, the same build.prop file which initially caused a bootloop was still in the /vendor folder. And TWRP wouldn't mount the system and vendor partitions as read/writeable - that was frustrating.
Now off to experiment with AOSP GSIs while I feel like I have little to lose...
Please help me
hello everyone,
i tried to rebrand my m5pro with help of ministryofsolutions. Something went wrong and my tablet (CMR-AL19) is stucked in the recovery mode. how can i fix it? Someone who ca help me? I will pay
Greeztings
Luigi
thref23 said:
Bricked your M5? Post here. I am one of three posters who have posted threads requesting assistance - we might as well create one thread where we can try and help each other.
My model? SHT-AL09 (C636). My story? I apparently made a bad change to my build.prop file, and had USB debugging disabled. I then probably dug myself a deeper hole trying to recover. I don't even get boot animation anymore. I'd happily pay someone to unbrick me.
The only potential progress I have made, is that I was able to install and successfully boot TWRP - although TWRP detects that I have no operating system installed and I am unable to mount any partitions except for my external SD card. Using TWRP's file manager, I can see that the system partition, for example, has not been entirely wiped, but many files seem to be missing. At the very least, TWRP allows me to turn the screen off without seeking to contantly reboot thereafter.
To install TWRP, I followed these instructions intended for Mate 9 owners:
Click to expand...
Click to collapse
Important notice! : iLLNiSS made me aware of a serious risk!
If you play with the firmwares manually and not with the flash all bat then DO NOT flash the blobs!
These are the actual bootloader files and stuffing up here will cause a hard brick!
I have to stress this out as it is serious thanks to not having working APX drivers a flshing programs for the Shield!
For starters, I uploaded a copy of the 7.2 developer firmware here:
7.2 developer ZIP on Dropbox
It is the full 1.1Gb update and not the 422mb block based one.
I have done some extensive tests since the first block based update wrecked my rooted Shield.
Some of it will end up in this post as info for everyone.
But lets start with what seems to be the problem for a lot of users right now who run a rooted Shield : Fixing the problem
A downgrade is officially not supported by Nvidia but my tests showed it works just fine if you only go back to the 7.1.
So far my tests showed differen sources for a Shield no longer working after the OTA.
1. The device had an unlocked bootloader and you got the 422mb block update.
This would have stuffed your bootloader and the Shield won't go past 1/4 on the progress bar for the update.
You are in luck as just flashing the 7.1 bootloader will fix it.
After that just dismiss the update and change the settings to manual updates.https://forum.xda-developers.com/editpost.php?do=editpost&p=78466377
2. Your device was already fully rooted and you got the full update that resulted in your Shield doing all sorts of thing but nothing properly anymore.
As long as your apps are still there and the Shield is still somhow usable you are lucky again.
A downgrade to 7.1 will fix it, I will explain the steps required further down.
3. You made bid mods, used Magisk or other rooting tools and now your Shield complains that your system is corrupt.
Bad luck if your bootloader is locked as you loose it all.
Lucky if the bootloader is unlocked as you might be able to keep most if not all during the downgrade.
General words of warning:
Even if your bootloader was unlocked from day one I can not garantee that the downgrade will keep all settings, apps, databases and so on.
For me it works fine as I kept all vital databases on external storage.
The procedures are all based on the developer firmware, on the stock firmware some things can still be done but then again you should not have more than software problems.
On the stock firmware the bootloader is locked by default and you can use some things required to owngrade due to the restrictions of a stock system.
General downgrade procedure for the developer firmware to get back to 7.1 :
If the update did get stuck on the progess bar early on and a reboot won't fix it so you can dismiss the update you just follow the steps.
If you can reboot into the 7.1 then just dismiss the update.
Trust issues or curruption warnings at boot but an otherwise working shield on 7.1 require to flash the 7.1 bootloader again.
In some cases it is possible to skip the corruption warning with a connected controller.
A reboot once you got to the homescreen will determine how bad it is.
Reboot goes fine: You are good.
Reboot keeps nagging with warnings other than the unlocked bootloader: Downgrade.
The downgrade is only required if you have problems or the Shield already runs on the 7.2!
In almost all other cases just flashing the 7.1 bootloader is sufficient.
Fixing a stuffed Shield by sideloading the 7.1 firmware while keping all apps and things:
Enable USB debugging and allow the connections for the computer if you still have access to the settings.
Otherwise you need to flash the 7.1 fresh and might loose vital things that need to install again.
Reboot into the stock recovery, if you use TWRP flashed on the Shield already then please flash the recovery from the 7.1 firmware first.
Hook up the controller and pressing A or B should get you into the normal recover screen past the dead droid.
ADB sideload XXX - where the xxx stands for the filename you have for the developer ZIP.
After the rebbot you should be back on your 7.1 homescreen and can dismiss the 7.2 update.
Also change the update settings while at it
Fixing a fully stuffed Shield and then downgrading to the 7.1 firmware:
If all went down south then you tried a few things and realised there is no way to get your data back and even less to prevent the 7.2 update.
Installing the 7.1 from scratch forces the setup wizard and before you can get anywhere you need to update to 7.2
So much easier to use the linked 7.2 update from above until Nvidia provides it on their download servers.
A vital thing to do is to keep the bootloader locked!!
Same for NOT having TWRP installed on the Shield!
If in doubt flash the 7.1 boot and recovery partitions first then go back into the stock recovery and wipe the cache.
Coming from a stock developer firmware with just an unlocked bootloader you are good to go.
Sideload the 7.2 update.
Unplug when the reboot starts and go into fastboot to lock the bootloader: Fastboot oem lock.
This is a vital step as the new kernel otherwise could ruin the completion of the install.
Ignore the double hassles and go through the wizard so you can enter the settings again to enable the developer mode and USB debugging.
Unlock the bootloader so you can do it all again Last time I promise!
Once you have both the bootloader unlocked AND the Shield in a usable condition past the setup wizard:
Reboot into the recovery to sideload the 7.1 firmware.
After the next reboot you are back on the 7.1 homescreen drirectly and can dismiss the update.
Possible tricks that can help you to prevent the installation of the 7.2 update if you come from a fresh 7.1 install instead:
Don't allow the reboot and instead use ADB to reboot into the recovery.
Wipe the cache - this will remove the scripts required to start the update after the reboot.
The next reboot should bring you back to the homescreen where you can stop the new download of the update and change the update settings.
TWRP, full root and new security measures in 7.2:
The 4.9 kernel used also makes use of a Fstab configuration that no longer includes the system partition.
This and other restrictions currently make the normal use of Magisk impossible.
With no system partition available to Magisk the changes in the boot process come to a stop and the Shield gets stuck during boot.
The added restrictions also make it very, very hard to manually add SU and busybox.
At least without getting the currupt system popup on every boot and finding out that a lot of things still don't work properly.
A final 7.2 firmware is said to be available on the download servers today.
If this final is no different from the current OTA then it will not be of any use for users requiring a fully rooted devices.
With the stock recovery still using the old kernel all attempts to use recovery functions to alter the system for rooting fail as well.
Can't blame the company as all this is part of Google revamp og security and closing backdoors and loopholes for possible attackers.
Personally I think it is Googles way of keeping control over devices they don't actually own.
Anyways I did make some little progress:
Plans for the near future:
Security is good but I like to know what my Android devices are doing and especially what Google likes to collect if I can not find ways to stop it.
So I will not try to use any backdoors or secrurity vulnerablilites in the new kernel to allow a full root on my Shield.
I will go the route I know best: Manual labour
The bootloader is already fixed to allow what we are used to from previous developer firmwares.
As SU and busybox can not be manually entered at this stage I will try to include them directly in the stock 7.1 firmware while renaming the OTA updater to have it a bit easier.
Assuming that works as expected I will do the same on the 7.2 firmware and compare the corresponding scripts and so on.
If the standard SU still works on an "unlocked" 7.2 I should be able to adjust the Magisk ZIP accordingly to implement it into the bootloader.
Only need to figure out if Magisk then has enough rights to work and the system is still happy to accept the changes.
I noly have the 16Gb 2017 model to work with but since the bootloader seems to be same for all Shield models I think if it works then it should do so for all models.
In the meantime I hope the infos here will help some pople to get their shield back without the need to sent it in.
Update 25/12/18: I got TWRP working on 7.2
This is only true for the 2017 model though as I have only this for testing.
Currently creating a backup to the internal storage.
If the restore works then I will upload the new TWRP - for the said model only!
Give me a day or two to fix it for the other models too.
There is progress on the rooting front as well.
Created new scripts for my kitchen to be able to handle the new file_context thing.
A fully pre-rooted and totally unsecure (in terms of ABD, DM-verity and such) is already cooked, just did not dare yet to try it out as I have a real life job too.
As for the pre-rooted firmware:
Things have changed quite a bit with the new kernel in terms of "just adding SU or Magisk".
Magisk might see an update for this problem soon, SU however seems to tally fail on two levels.
So far I was unable to do a full install of the modded firmware.
Flashed all at once and the boot just hangs.
Bootloader, reboot, then the rest seems to work.
At least for the basic install of the system.
If I add SU and busybox the system still ends up with a corrup notice during boot and then it fails.
Tune in over the next few days for progress updates at the end of the thread.
Major developments will be added right here.
Just a matter of finding the last restrictions.
Once that is done Magisk should be possible as well.
Ok, TWRP boot fine, does a backup but fails to restore the system to a bootable state.
Will now check if at least installing a zip works.
Well, it did not, so TWRP has to wait a few more days
I edited post 3 with instructions on how to "unbrick" and go back to 7.1.
Update 27/12/18: A friend of mine found some intersting stuff.
A 7.2 firmware offering a pure Android without any TV stuff but also a full root possible.
I hope he will share his finding here soon or allow me post it all in his name.
For now lets just say: It really works if done the rght way!
Full write rights, installing Magisk modules and all.
All thanks to an undocumented flaw in the device security structures, so even without any hidden backdoors or such LOL
Update: Whiteak was so kind to provide a working root solution in post 36, please check it.
I can confirm it is working as promised.
So the credits for this one go to Whiteak and the credits for the idea and use of the DTB file to Zulu99 - great idea!
To prevent any problems I advise to perform a factory wipe after the install and before the first boot.
Switch to the stock recovery to do this then boot as normal an enjoy.
A complete firmware with the required mods is sitting on my PC just waiting for idiot behing the keyboard to figure out how to pack it properly for flashing.
Once that problem is sorted and also TWRP working again things will get a lot easier.
Annoying update:
I was not able to confirm my web findings on the 7.2 firmwares bootloader but it seems other devices running the same type of kernel and bootloader and a bit lost now.
AVB is fully implemented on the latest level.
(Again I am working on confirming or denying these findings!)
This means any alteration to vital parts of the system will fail with a corruption warning or worse.
Custom recovery access is limited if not fully restricted.
But even if it works you still need a firmware to flash that either is able to disable all this crap, hoping the bootloader alone will allow it, or
to hope Nvidia will provide a future bootloader update with these restrictions removed.
We can not downgrade the bootloader and even if there is some old one out there that would actually be flashable the risk is high to end with a brick anyway.
The DTB, at least in my tests gives us the required system wide write access but I have no information about the AVM verfified boot other than that Zulu99's firmware works.
But if it was compiled with the NVidia developer suite then it will be signed accordingly so the bootloader accepts it.
Could not find any info on how his firmware was actually created.
It gives me the hope though that once I have a fully working TWRP again that my modded 7.2 will work as expected and with no restrictions anymore.
Thanks for the info.
Edit: Will use this post to list options to recover the Shield is all seems lost.
As a result of far too much rom cooking and mods I needed a 100% working way to recover the Shield in case things turn very ugly.
So lets sum up what I define as very ugly when playing with firmwares:
1. Firmware installed but the Shield just hangs on the logo.
2. Firmware installed and now the system is corrupt and even it is boots it takes forever to get around the nag screens.
3. Firmware downgrade attempted but now the Shield won't even boot anymore.
4. Anything that would qualify for a soft brick.
My worst case when I only got a flashing white screen after trying to restore a TWRP backup under 7.2.
There any many way that work for a variety of boot problems but it takes too long to list all cases I encountered with a list of fixes that work or a comment that only the below way works.
So just to be clear here: This is not for any recovery purpose other than fixing what can't be fixed through a factory reset or fresh flashing of the firmware!
1. Get the Shield into Fastboot mode: Connect wired controller and male to male USB cable.
2. Power the Shield up while holding A and B on the controller.
Keep holding until you see the fastboot menu on the screen.
3. Install the 7.1 recovery firmware for your Shield type after unpacking it.
With Fastboot connection working type: flash-all.bat and hit enter.
4. Keep an eye on the progess!
5. Once the Shield is finnished and reboots, hold the A and B buttons on the controller again to enter fastboot mode!
Do not let the Shield boot up other than into the fastboot mode!
6. Lock the bootloader! Fastboot oem lock
Confirm with the controller, then go down and select the recovery kernel.
7. Once the dead droid is on the screen press B on the controller to enter the real recovery.
If B does not work try A
8. Select the factory reset option to wipe all!
9. Once the wipe is done you can boot into 7.1 as normal again.
10. With a bit of chance you might even get directly to the homescreen if the previous setup was completed.
If you need the full seup wizard again and are forced to update to 7.2 then at least the update will work fine this time around.
In case you desire to go back to the 7.1:
If you just finnished the above only to end with the 7.2 then set it up and flash the 7.1 - you won't get the setup wizard again and can skip the update.
If you are on a working 7.2 that was update the OTA way but want to go back:
1. Install the 7.1 firmware.
2. Lock the bootloader.
3. Boot and then skip the update to 7.2.
Any idea what to do if the Shield sticks at the NVidia logo when you select Recovery from Fastboot? I reflashed boot and got the same result.
psycho_asylum said:
Any idea what to do if the Shield sticks at the NVidia logo when you select Recovery from Fastboot? I reflashed boot and got the same result.
Click to expand...
Click to collapse
It won't work from fastboot.
Fastboot operates on a different level and calling the recovery from there lets it end up in nowhere with no access to the system.
You need to boot into recovery through ADB as (for the new model) without a power button and usable hardware buttons we can't get into it otherwise.
Having said that, the fastboot way should still work with an unmodified bootloader.
When the dead droid is on the screen the recovery should be available after pressing the A button on the wired up controller.
But during my tests on 7.2 it did not always work, so you might have to try a few times and also try the B button.
Downunder35m said:
It won't work from fastboot.
Fastboot operates on a different level and calling the recovery from there lets it end up in nowhere with no access to the system.
You need to boot into recovery through ADB as (for the new model) without a power button and usable hardware buttons we can't get into it otherwise.
Having said that, the fastboot way should still work with an unmodified bootloader.
When the dead droid is on the screen the recovery should be available after pressing the A button on the wired up controller.
But during my tests on 7.2 it did not always work, so you might have to try a few times and also try the B button.
Click to expand...
Click to collapse
I have not been able to get to the dead droid screen.
Downunder35m said:
For starters, I uploaded a copy of the 7.2 developer firmware here:
7.2 developer ZIP on Dropbox
It is the full 1.1Gb update and not the 422mb block based one.
(snip)
Click to expand...
Click to collapse
Thanks for posting this, but please note that this firmware is only for the 2017 16GB model and cannot be used with a 2015 or Pro model.
I just got a 7.2.1 update that forced me to update. Wouldn't give me an option to skip it... As soon as I turned on my Shield, it said something about the 7.2.1 update and then rebooted and installed.
I was holding off on updating too so I didn't lose root. Now I'm unrooted and am unable to get Magisk working again until I can get my hands on a 7.2.1 bootloader... Bleh.
Weird, I am not getting the 7.2.1 at all here.
And since yesterday the OTA only tries the block based but not the full image.
AthieN said:
I just got a 7.2.1 update that forced me to update. Wouldn't give me an option to skip it... As soon as I turned on my Shield, it said something about the 7.2.1 update and then rebooted and installed.
I was holding off on updating too so I didn't lose root. Now I'm unrooted and am unable to get Magisk working again until I can get my hands on a 7.2.1 bootloader... Bleh.
Click to expand...
Click to collapse
I was able to downgrade using the 7.2 image after setting up the device on 7.2.1 OTA just make sure you disable automatic updates
Thanks downunder this kind of in-depth info is always appriciated man........i like to learn these kind of things, having bits here and bits there gives a better picture of the whole, while also giving us upto date current info.
Thanks for taking the time to write this :good:
---------- Post added at 07:35 AM ---------- Previous post was at 07:27 AM ----------
Edit
Hi downunder, could you confirm i have this correctly
With no access to fastboot thus no twrp or root, are you implying, assuming your able to inject root into stock firmware, that, i'd be able to flash this stock+root rom in STOCK recovery, which i do have access to?
Edit: im under the impression that stock firmware zips are checked by stock recoveries, so modifying a stock firmware zip tends to fail this check and thus wont install/flash.......which makes me think im misunderstanding here......or just hoping im not
If so, im interested
Edit
i just read your second post which near enought answers my curiousity, so that'll teach me to read beyond the first post before asking answered questions ........even if the post excites me............ahhh, who am i kidding, ill probabably do it again........the equivelancy of a mental post boner........not controllable
Sorry for the disgusting analogy
SyberHexen said:
I was able to downgrade using the 7.2 image after setting up the device on 7.2.1 OTA just make sure you disable automatic updates
Click to expand...
Click to collapse
Did I understand it correctly? You successfully downgraded from 7.2.1 to 7.2?
ErAzOr2k said:
Did I understand it correctly? You successfully downgraded from 7.2.1 to 7.2?
Click to expand...
Click to collapse
Yes,
Just ran flash all from the bootloader. For the newly released 7.2 developer_rooted factory image.
As long as we don't jump to Android 9 we should always be able to downgrade through a full factory firmware.
Once Android 9 comes this might not work anymore due to the massive changes involved for the boot and system checks.
@banderos101: Unless you really did something bad you should always be able to enter the fastboot mode to flash a full firmware.
If I have some time after xmas I will have another look on the options of signing the zip properly or simply to fake it.
Biggest problem will be to generate the corret SHA checksums ince all is installed so I can use the same checksums in the check files.
The bootloader needs them to identify the system and vendor as genuine.
The system needs them to confirm all is actually unmodified as otherwise all fails to boot at some stage.
Modding a proper userdebug firmware is not really that hard, but converting a release version that also is a true and secure user release...
Lets just say that it won't be an easy task.
As it looks like the kernel is a keeper I might have to figure something out unless TopJohnWu won't enjoy a break after his exams and works on a way to get Magisk working with out kernel.
At least I figured out why the recovery trick isn't working for me.
The system partition is not mounted for the sideload mode.
To apply an update the stuff is written directly onto the partition, so no file level access left to play with and break things
In comparison you could say the shield is now like a modern car with keyless operation only.
You know you can start it with ease, if you only could the remote that you left in the drivers seat when you locked the door
SyberHexen said:
Yes,
Just ran flash all from the bootloader. For the newly released 7.2 developer_rooted factory image.
Click to expand...
Click to collapse
Just wondering what is achieved by going back to 7.2?
What do you mean "going back"?
Right now the 7.2 is the official and latest firmware.
I was unable to get my hands in the 7.2.1 but guess it might have been a testversion for certain models only.
I wasted a few hours trying to fix the system image.
First stage was only to get the basic "features" back, like full ADB support, enabling the support to use SU and busybox....
Just what is required to actually allow these nice apps we like to gain root to work.
This backfired badly as right after the start the bootloader complained about the system being corrup and no override to get past this worked.
So of course I then removed the known restrictions from the bootloader...
As you guessed it the damn thing then did not even boot at all, just jumped right into the (locked) recovery mode.
A half decent comparision with my last manual root on a tv box that was a success showed I still did the right things...
If anyone wondered why we needed a new bootloader for the support of smart helpers an some codes stuff:
We didn't as all this could have been done with the 7.1 bootloader as well.
Since my root attempts so far all ended either in disaster or in a root access that failed shortly after/corrupted the system, I took a look of the general kernel changes that were published for other devices.
Before I could find anything meaningful I realised the 4.9 kernel is actually a requirement for Android Pie!
With that info sorted I started digging inti the new "security" features Pie can offer.
I will try to keep it simple and to the stuff that actually concerns us for rooting purposes:
The new boot process with Pie is aimed at being secure from the hardware level up and all the way into the system partion once the boot is completed.
So the hardware checks if the bootloader is actually usable - we had that for a long time, nothing new.
Once the bootloader starts and reaches the point of actually getting somewhere, all partitions required will be checks by either a hash check or a trusted certificate gererated at boot time that is compared to the previous certificate.
Only if that is fine the bootloader will call upon the system and vendor partitions.
The handover of control from bootloader to the system is made far more secure as well.
SELinux is called early on to ensure that only trusted apps and tasks can work but also to all a new control level.
System related apps no longer run as root or with special permissions.
Instead every single app and service runs as its own user!
And under SELinux conditions this means nothing can access anything that it is not entitled to unless included as a user for the other app.
And with that sorted the vendor stuff is called to ensure all hardware and vendor related stuff is still genuine - this include the required certs but also the recovery and bootloader hash codes and certs.
So if something is fishy either SELinux will stop us or the vendor stuff will just overwrite it all.
Once we finally reach the system stage the recovery is checked if called from within the system, if fully implemented it could mean that using an official update on a modded firmware will delete all data as the encryption from the old system is declared invalid.
Sadly it does not stop there because even with full rigths (faked or otherwise) to access the system partition with write access we still can not just change things.
If something belongs to a user (a secure app) than a change will corrupt the system.
To overcome all this without using vulnerabilities that so far no one has found, a compatible userdebug release has to be created from the official user firmware.
DM-Verity needs to be disabled as well as all partition encryption stuff.
The bootloader needs to be adjusted to reflect these changes and the required turst certificates generated and included in both system and boot images.
The only problem here is that the kernel won't allow these changes unless it itself is a userdebug kernel.
After that it is only the little efford to go through about 60 different scripts to remove or redirect the calls for all boot and system security related things.
If then by some chance all this actually boots up and goes all the way into a usable homescreen the entire stuff needs to be secured again.
This time so that the final system has a correct cert and checksum that matches those we need to include in the bootloader.
Anyone knows how to gain full access to the trusted keystore on the 4.9 kernel? LOL
For the moment I don't really care about all the stuff above.
I would be happy to figue out what to make out of these new fstab configurations without the vital partitions listed.
The real aprtitions used have not changed but it is impossible include them in the fastab, doing so causes the bootloader to fail.
Presumably because the kernel realised we try to get around the verification process.
This and some other minor things are also the reason TWRP fails so badly, same for the stock recovery by the way.
Since TWRP is toy a lot us like:
TWRP and 7.2....
Without a system partion in the bootloader fastab TWRP can not mount it.
Same for all other things TWRP needs to mount as it simply does not have the right to access these areas.
To make things worse, we need system access to even start TWRP through fastboot.
So, now matter if we flash or start it through fastboot: The bootloader and system will realise our recovery does not match the checksum.
What does al this now mean in terms a lot more people are able to understand?
Let me try...
Imagine the 7.2 in a running version would be just some encrypted file with a lot of folders in it.
And like PGP or other encryptions software we know there is a private and a public key.
With the public key you can see a lot and use most the encrypted file - but only to a level that is required, nothing above your low level clearance.
For every attempt to write into this file or to make changes we need the private key.
If you follow so far then lets just say the recovery (stock) and Fastboot can be, to some extent, used for this access.
But since every folder in the encrypted file also uses private and public keys it is like tracing a tree.
Although it is getting too long, let me give you the example of just adding SU to the sytem partition:
Adding SU into the system image is no big deal.
Singing this image to get a usable key and including this key into the keystore is.
Assume we would just be able to do it....
SU needs to be called quite early in the boot process.
It then elevates the access level for certain things and also intercepts all root related requests from apps and services.
Except of course those that already had these rights by default.
Problem here is that adding the scripts we need plus changing some others means violating the tree of trust on the device and we get locked out.
Finding a spot to add the required rights for SU might be still possible.
On the other hand it will be impossible to give SU any rights or access to "trusted user" owned parts, files, folders, partitions....
The entire concept of SU just fails.
I will have to check how much of the new features are active in the 7.2 kernel that hinder us.
If I find enough it might be possible it enough to call for a Magisk update.
But I guess it is of little use for just one set of devices, so maybe once more devices on the 4.9 kernel fail to work with Magisk it will be easier to spot a usable pattern.
In case someone else if already working ona mdified system: Please let me know how you made it boot after the changes
Shield Tv 16 2017 - OTA update 7.2.1 Ready for updating
Im on 7.1. I have been waiting for 7.2 developer image, which is now out and just noticed 7.2.1 is available OTA. I'm really confused what to do. I want to keep root without bricking my Shield. Should I Stay with what I have as it is running well.
I am not even sure if it is safe trying to update to dev 7.2 image (or if I would want to) by hooking to computer and using ADB Fastboot tools.
Is there any good reason to update to 7.2 or 7.21? and if so how would I go about doing it? Which program is good for flashing developer images or OTA updates. I used to use flash-fire, which seems to be obsolete now and have heard TWRP is incompatible rooting with SU with OREO updates????
Should I play it safe and stay with what I have rather than experiment and end up with a brick? (wouldn't be the first time)
Anyone know if 7.21 is some-kind of bug fix?
Alot of questions but hope someone has some answers.
Thanks for any info.
"You know you can start it with ease, if you only could the remote that you left in the drivers seat when you locked the door "
My fastboot issue
Yeah, i think i busted the microusb somehow with a faulty usb hub, whenever i plug the usb to my raspberrypi/windows box(for adb/fastboot) now, it turns off all usb ports on the pi aswell as the windows box, even when the shield is unplugged, some sort of earth problem maybe
......all i have is adb over network, adb reboot bootloader simply reboots back to system, adb reboot recovery works though.
ive read that fastboot over tcp(ethernet) had been introduced a couple of android versions ago, but i dont think its been implemented in our shields
infact heres a link
https://www.androidpolice.com/2016/...-capabilities-wireless-flashing-isnt-far-off/
Looks like it needs to be specifically added onto a build
As far as you making a stock root build, if you can, that would awesome, more then awesome, but if it becomes more work then you thought dont worry about it, its not like their making it easy
Also, sounds like 4.9/future android is gonna be a nightmare for root......... having the ability to root so that the option is there to see whats going on in the background of these devices, these devices posessing cameras/microphones/old+latest sensors/personal files/personal info, which reside on our personal beings or in our homes........is just one reason why i dont want to see root go away
So what is the purpose of the developer image of 7.2?
Rather, I know the stated purpose of the developer image, but if it is locked in the way described it sounds like the benefit is negated for typical developers.
(e.g. sometimes I debug an application without permissions in order to benchmark or debug a problem).
For casual users of the shield, using ad blockers and whatnot, is there any benefit to derive from installing the developer rom over stock? Does "adb root" still work?
What is left as the difference. It doesn't sound like they produced a userdebug build of the OS.
Thanks
The 2 new updates are horrible. I have gone back to 7.1. They have crippled my shield. I'll wait for a new update.
Hello everybody.
I have a simple Question about root on this model, is it possible to do?
And if it is possible, tell me how Please.
Best regards
Wojtek
I am looking for the same too
Me too... Looks like it is still impossible
Only paid method and who knows it will be work on my p30 lite......hmm
Hello ppl,
I know this might be a little old.. any way just for the knowledge lets bring this thread back.
I had the same concern for a while, and kind of eager to get mine rooted.. until now.
I managed to unlock mine, and root it succesfully. Latest version of magisk, safty net passed, root essentials running like a charm, I can ADB in to it and su yey!
How? main issue here is my p30 lite MAR-LX3A was already in emui10, and somehow this little sucker wont allow the unlock of the bootloader regardless. I used a unlock tool that is advised to work for this model using testpoint short. how ever it was not working for me, until I read the EMUI had to be downgraded to 9.1.
Once runnig EMUI9.1 I didnt had to re-run the tool it was already unlocked. weird.
Any how the unlocker tool I used was not the ABD/fastboot tools, it was a paid app in case you are still interested in getting it done I can tell you how. Just keep in mind you will need to Open the back cover of the device.
Think is there is no custom recovery image available that works, neither a custom ROM, so all you have is pretty much root access.
I beleive this to be a pretty decent phone so I dont want just to ditch it, I am working to get a TWRP image, if I a managed to so I will get a ROM done as well. Think the whole device has been off the track for dedicated modders and devs, so it has just not been worked on.
which me luck. I'll keep you posted
I used an unlock bootloader service for 15$. First i had to downgrade my emui from 10 to 9.
I can run magisk without problem. My only problem is that i wan't super su. I was able to flash TWRP Recovery 3.2.1.0 (HiSilicon Kirin 710). But i couldn't use it because the folder are encrypted. So if anyone has any idea how to decrypt this let me know
aka_max said:
I used an unlock bootloader service for 15$. First i had to downgrade my emui from 10 to 9.
I can run magisk without problem. My only problem is that i wan't super su. I was able to flash TWRP Recovery 3.2.1.0 (HiSilicon Kirin 710). But i couldn't use it because the folder are encrypted. So if anyone has any idea how to decrypt this let me know
Click to expand...
Click to collapse
I'm gonna look for that TWRP img, I didnt find a working one acutally. is there a specific reason why you rather use super su ?
about encryption you usually need to make sure there is no password configured, I read somewhere about a guy that had his Face recognition still configured, and that was the reason he was unable to unencrypt. there are some zips you can flash somwhere around, but never tried them
blzbh said:
I'm gonna look for that TWRP img, I didnt find a working one acutally. is there a specific reason why you rather use super su ?
about encryption you usually need to make sure there is no password configured, I read somewhere about a guy that had his Face recognition still configured, and that was the reason he was unable to unencrypt. there are some zips you can flash somwhere around, but never tried them
Click to expand...
Click to collapse
I deactivated all passwords etc. But it didn't work for me. The only reason i need supersu is because i wan't recover some deleted contacts and mails after factory reset. And those Windows applications with real deep scan not works with magisk.
aka_max said:
I deactivated all passwords etc. But it didn't work for me. The only reason i need supersu is because i wan't recover some deleted contacts and mails after factory reset. And those Windows applications with real deep scan not works with magisk.
Click to expand...
Click to collapse
why dont you try getting an image of the partition with DD, convert it and mount it in the PC directly, I beleive using the scan software directly against the phone is more complicated than just scanning a directly attached block device.
Hello
Is there any way to decrypt the Huawei P30 Lite?I haven't found anything anywhere.
i have twrp on it but the system is encrypted :-(
i have read some posts about wipe data.. use stock rom etc... But i am to lazy to test it. Let me know if it will works. Be sure to make a backup before playing around
nominator64 said:
Hello
Is there any way to decrypt the Huawei P30 Lite?I haven't found anything anywhere.
i have twrp on it but the system is encrypted :-(
Click to expand...
Click to collapse
there are a few things to try... you can go to wipe menu in TWRP then use the fix/repair option against the system encrypted partition..
-try reparing it
-try changing the partition from ext4 (check first the type usually ext4) to ext2, then change it back to what it was, ext4
last resource:
-wipe all data/factory reset ***** You WILL loose all your personal data if you do this **** just make a backup MANUALLY before doing this.. if you use TWP backup pbby your back will be encrypted too...
I manage to get mine unencrypted with this last step, took a few attempts, but had to reflash Stock so its back to encryption
Maybe we should create our own TWRP version for the p30 lite. There are many tutorials ^^
aka_max said:
Maybe we should create our own TWRP version for the p30 lite. There are many tutorials ^^
Click to expand...
Click to collapse
agreed I have been working on one that truely works, but there are a few blanks about how TWRP really works.. and its boot process. I have learned a little this past week, but still think gonna have to reverse engineer a working img to get some answers.... I was actually thinking on building a orange fox image better not sure what would be easier..
I have lots of work so I do this in my free time, but let me know if you want a help perhaps we can get something and port a nice ROM that's worth the device
.
blzbh said:
there are a few things to try... you can go to wipe menu in TWRP then use the fix/repair option against the system encrypted partition..
-try reparing it
-try changing the partition from ext4 (check first the type usually ext4) to ext2, then change it back to what it was, ext4
last resource:
-wipe all data/factory reset ***** You WILL loose all your personal data if you do this **** just make a backup MANUALLY before doing this.. if you use TWP backup pbby your back will be encrypted too...
I manage to get mine unencrypted with this last step, took a few attempts, but had to reflash Stock so its back to encryption
Click to expand...
Click to collapse
thank you for the suggestions. unfortunately does not work :-(
Please keep us posted, really excited to see a custom rom for this phone, also could you elaborate on the process of unlocking the bootloader? My back cover is already broken so I have to open it up anyways
k.r.o.o.k said:
Please keep us posted, really excited to see a custom rom for this phone, also could you elaborate on the process of unlocking the bootloader? My back cover is already broken so I have to open it up anyways
Click to expand...
Click to collapse
Sure, ive been busy but will try my best.. about the unlock process I end up paying 19 euros... But try using fastboot unlock first.. may save you the money not sure...
1. Downgrade to emui 9.1 .. just plug the p30 lite to PC, install hsuite... Go for the firmware/software update... A pop up screen will show up with some small letters buttom rigth.. older releases or revert to older firmware something like that.. you will get too choose 9.1 only ... Choose that and apply.. Keep an eye out.. this will delete everything in your phone... Next boot you will be in 9.1.. avoid the automatic upgrade.
2. Turn the phone off, take the back cover and locate the testpoints.. short by using metal wire... The small aluminium wire wraps that come with bread and other bags for easy close are usefull just remove some plastic in each side... connect the usb cable to PC.. leave the phone side unplugged.. Touch test point with the wire while the other side touches a metal cover in the phone.. while doing it plug the phone to the USB cable.. the charging animation should not appear . . . Screen must stay black.. otherwise do it again.. if done right the device manager will detect COM port for your device
Identify the point with this video
3. use either app you want to detect testpoint mode and unlock... I managed to do it with a 3 day unlimited license for HCU client.. that did the trick their website have some tutorials easy to follow.
Hi all,
I have the same problem like a few other people. I unlocked the phone with HCU, and after I tried to root with magisk (by trwp) But the main issue, the phone is encrypted and the installation proccess of the magisk by the trwp got failed. How can I root this phone? Anybode has success with this?
Thank you!
huawei p30 lite device root support please
Alright, I've received the email as the title implies but here are the questions I have before I proceed into the whole process
Is there a way to backup the stock image without TWRP? if so how do you get the stock image backed up if it's impossible how to back up the stock bootlover/recovery before installing TWRP if I were to get rid of TWRP one day?
also is it possible to just root the system without flashing anything to avoid data loss? this would be the preferred option actually, thanks! (Using the be2028 t-mobile version, if there's a premade backup that'll be cool too.)
animenote said:
Alright, I've received the email as the title implies but here are the questions I have before I proceed into the whole process
Is there a way to backup the stock image without TWRP? if so how do you get the stock image backed up if it's impossible how to back up the stock bootlover/recovery before installing TWRP if I were to get rid of TWRP one day?
also is it possible to just root the system without flashing anything to avoid data loss? this would be the preferred option actually, thanks! (Using the be2028 t-mobile version, if there's a premade backup that'll be cool too.)
Click to expand...
Click to collapse
I am just getting back to messing around with phones after about 5 years. So many things have changed and I am trying to get answers here as well.
I used TWRP and Magisk to root my phone. Installing TWRP will not wipe your data as it is flashed to a different partition but to install TWRP you have to unlock the bootloader and that will wipe your userdata. And no, I don't believe there is any possibility of rooting without unlocking the bootloader. If you decide you want to go back to stock, there are stock roms available and you can re-lock the bootloader on the N10 so you should be able to set it back to just like it was when you first bought it. I say should because I have never done it, just read that it can be done when I unlocked and flashed mine.
I wish I could be of more help but so many things have changed in the years since I've been away from doing this stuff I feel like a total noob again.
animenote said:
Alright, I've received the email as the title implies but here are the questions I have before I proceed into the whole process
Is there a way to backup the stock image without TWRP? if so how do you get the stock image backed up if it's impossible how to back up the stock bootlover/recovery before installing TWRP if I were to get rid of TWRP one day?
also is it possible to just root the system without flashing anything to avoid data loss? this would be the preferred option actually, thanks! (Using the be2028 t-mobile version, if there's a premade backup that'll be cool too.)
Click to expand...
Click to collapse
No I do not believe there's a way to gain root without flashing anything. There's no need to backup anything you can always use the MSM download tool to restore your device. https://forum.xda-developers.com/t/...l-to-restore-your-device-to-oxygenos.4204445/ You should be able to find most of the stock imgs on here already if you'd really need to flash back. I'm no expert either, just my experience with this phone in particular has been pretty straightforward. I never backed up anything lol.
Twrp is iffy i made a backup I'll never use, check out the post about flashing international rom to tmo and metro devices, that's my backup. Also you can run 11.0.3/2 firmware and boot 11 gsi's the post about lir rom has the info. Flash the product_gsi.img referenced there, I have never deleted my product partition and I only leave oos ten installed long enough to take ota's. There are more roms in the source forge page referenced with lir rom post. Flash magisk via recovery, either side load or twrp, pay attention that it flashes partition sda14(super image) or wifi breaks.