Related
Hello,
My i9100 died some months ago, it was impossible to boot (Tested different batteries, SIM-cards and chargers). I think it was overheating when I used it for the last time.
I bought a used mainboard from China and build it into my phone. It had Stock Gingerbread installed and was used in Iran.
An IMEI-analysis says that the board is a european version
Information on IMEI xxxxxx
Type Allocation Holder Samsung
Mobile Equipment Type Samsung GT-i9100 Galaxy S II
GSM Implementation Phase 2/2+
IMEI Validity Assessment Very likely
Information on range assignment
Est. Date of Range Issuance Around Q2 2011
Reporting Body British Approvals Board of Telecommunications (BABT)
Primary Market Europe
Legal Basis for Allocation EU R&TTE Directive
Information on number format
Full IMEI Presentation 35xxxxxx
Reporting Body Identifier 35
Type Allocation Code xxxxxx
Serial Number xxxxx
Check Digit 0
Click to expand...
Click to collapse
I use cm12.1 (12.1-20150430-UNOFFICIAL-i9100) but I also don't have cellular network with other ROMs. GPS, Wifi, BT etc. are working
Search for mobile networks is not successful and I can't execute USSD-Codes. The efs-partition is not corrupted. Most files are from 2010, last changes 2013.
Do you have any idea how to solve this?
Best regards
Have you checked which baseband software version is showing under "about phone"? This is stored in /dev/block/mmcblk0p8, and would not be updated by installing CM. I think I9100XXMS4 was the last European one. Rather than messing around with installing this, you can simply install Sale's NeatROM (modified Samsung 4.1), before installing CM etc.
---------- Post added at 03:53 PM ---------- Previous post was at 03:52 PM ----------
Another thing to consider, but I not sure how you'd check or fix:
http://forum.xda-developers.com/galaxy-s2/general/external-antenna-socket-warning-t1273292
This would mean the radio modem is booted & working OK, but no antenna = no signal = no networks.
My baseband was XXKI4. I installed XXMS4 but that didn't change anything.
The antenna socket is not damaged or anything but i don't know how to check the functionality without destroying the coonnection to the internal antenna (provided it works at all).
Hmmm @tgb456
Install stock 2.3.3 and root it.
Connect your phone to PC into ADB. Start logcating and make log:
--restarting phone
-Searching to network (manual)
-USSD codes excutions
Wysłane ze Slim-fonika 9.0 powered by DorimanX v008 kernel
Still with CM12.1:
After reboot:
Code:
W/ServiceWatcher( 2225): com.google.android.gms not found
W/ServiceWatcher( 2225): com.google.android.gms not found
W/LocationManagerService( 2225): no network location provider found
W/ServiceWatcher( 2225): com.google.android.gms not found
W/ServiceWatcher( 2225): com.google.android.gms not found
D/NuPlayerDriver( 1862): reset(0x41c34040)
D/NuPlayerDriver( 1862): notifyResetComplete(0x41c34040)
E/LocationManagerService( 2225): no geocoder provider found
E/FlpHardwareProvider( 2225): Error hw_get_module 'flp': -2
E/LocationManagerService( 2225): FLP HAL not supported
W/ServiceWatcher( 2225): com.google.android.gms not found
E/LocationManagerService( 2225): Unable to bind FLP Geofence proxy.
E/ActivityRecognitionHardware( 2225): Error hw_get_module: -2
E/LocationManagerService( 2225): Hardware Activity-Recognition not supported.
I/FFmpegExtractor( 1862): android-source:0x415b14c0
...
I/Telecom ( 2225): TelecomGlobals: CallsManager initialized
W/ContextImpl( 2225): Calling a method in the system process without a qualified user: android.app.ContextImpl.startService:1732 android.content.ContextWrapper.startService:522 com.android.server.telecom.BluetoothPhoneService.start:468 com.android.server.telecom.TelecomGlobals.initialize:101 com.android.server.telecom.TelecomService.onCreate:164
....
D/Telephony( 2743): TtyManager: setTTYMode exception: com.android.internal.telephony.CommandException: RADIO_NOT_AVAILABLE
W/BassBoost( 2667): WARNING: attaching a BassBoost to global output mix is deprecated!
V/OtaStartupReceiver( 2743): onOtaspChanged: mOtaspMode=1
W/Virtualizer( 2667): WARNING: attaching a Virtualizer to global output mix is deprecated!
D/GpsLocationProvider( 2225): received SIM realted action:
D/GpsLocationProvider( 2225): SIM MCC/MNC is still not available
D/Telephony( 2743): TtyManager: queryTTYMode exception: com.android.internal.telephony.CommandException: RADIO_NOT_AVAILABLE
I/MmsService( 2743): MmsConfigManager.loadInBackground(): mcc/mnc: 0/0
E/MmsService( 2743): MmsConfigManager.load -- empty getActiveSubInfoList
D/Telephony( 2743): TelecomAccountRegistry: Found 1 phones. Attempting to register.
D/Telephony( 2743): TelecomAccountRegistry: Phone with subscription id 5000
E/PhoneInterfaceManager( 2743): [PhoneIntfMgr] getIccId: No UICC
D/Telephony( 2743): AccountEntry: Registered phoneAccount: [PhoneAccount: ComponentInfo{com.android.phone/com.android.services.telephony.TelephonyConnectionService}, [f8237xxxxxxxxxxx], UserHandle{0} Capabilities: 54 Schemes: tel voicemail ] with handle: ComponentInfo{com.android.phone/com.android.services.telephony.TelephonyConnectionService}, [f8237xxxxxxxxxxxxxxxxxx], UserHandle{0}
I/Telephony( 2743): PstnIncomingCallNotifier: Registering: Handler (com.android.internal.telephony.gsm.GSMPhone) {8e4d5bd}
D/Telephony( 2743): PstnPhoneCapabilitiesNotifier: Registering: Handler (com.android.internal.telephony.gsm.GSMPhone) {8e4d5bd}
D/CallNotifier( 2743): onReceive...
D/Telephony( 2743): PstnPhoneCapabilitiesNotifier: handleVideoCapabilitesChanged. Video capability - false
D/PhoneStatusBarPolicy( 2382): updateSimState for subId :5000
D/GpsLocationProvider( 2225): received SIM realted action:
D/PhoneStatusBarPolicy( 2382): updateSimState for phoneId :0
D/PhoneStatusBarPolicy( 2382): updateSimState for Slot :0
D/GpsLocationProvider( 2225): SIM MCC/MNC is still not available
....
D/MmsSmsDatabaseHelper( 2743): [MmsSmsDb] tableName: threads hasAutoIncrement: CREATE TABLE threads (_id INTEGER PRIMARY KEY AUTOINCREMENT,date INTEGER DEFAULT 0,message_count INTEGER DEFAULT 0,recipient_ids TEXT,snippet TEXT,snippet_cs INTEGER DEFAULT 0,read INTEGER DEFAULT 1,archived INTEGER DEFAULT 0,type INTEGER DEFAULT 0,error INTEGER DEFAULT 0,has_attachment INTEGER DEFAULT 0) result: true
D/MmsSmsDatabaseHelper( 2743): [MmsSmsDb] tableName: canonical_addresses hasAutoIncrement: CREATE TABLE canonical_addresses (_id INTEGER PRIMARY KEY AUTOINCREMENT,address TEXT) result: true
D/MmsSmsDatabaseHelper( 2743): [MmsSmsDb] tableName: part hasAutoIncrement: CREATE TABLE part (_id INTEGER PRIMARY KEY AUTOINCREMENT,mid INTEGER,seq INTEGER DEFAULT 0,ct TEXT,name TEXT,chset INTEGER,cd TEXT,fn TEXT,cid TEXT,cl TEXT,ctt_s INTEGER,ctt_t TEXT,_data TEXT,text TEXT) result: true
D/MmsSmsDatabaseHelper( 2743): [MmsSmsDb] tableName: pdu hasAutoIncrement: CREATE TABLE pdu (_id INTEGER PRIMARY KEY AUTOINCREMENT,thread_id INTEGER,date INTEGER,date_sent INTEGER DEFAULT 0,msg_box INTEGER,read INTEGER DEFAULT 0,m_id TEXT,sub TEXT,sub_cs INTEGER,ct_t TEXT,ct_l TEXT,exp INTEGER,m_cls TEXT,m_type INTEGER,v INTEGER,m_size INTEGER,pri INTEGER,rr INTEGER,rpt_a INTEGER,resp_st INTEGER,st INTEGER,tr_id TEXT,retr_st INTEGER,retr_txt TEXT,retr_txt_cs INTEGER,read_status INTEGER,ct_cls INTEGER,resp_txt TEXT,d_tm INTEGER,d_rpt INTEGER,locked INTEGER DEFAULT 0,sub_id INTEGER DEFAULT -1, phone_id INTEGER DEFAULT -1, seen INTEGER DEFAULT 0,creator TEXT,text_only INTEGER DEFAULT 0) result: true
D/MmsSmsDatabaseHelper( 2743): [getWritableDatabase] hasAutoIncrementThreads: true hasAutoIncrementAddresses: true hasAutoIncrementPart: true hasAutoIncrementPdu: true
---
I/ActivityManager( 2225): Start proc 3598:com.android.cellbroadcastreceiver/u0a5 for broadcast com.android.cellbroadcastreceiver/.CellBroadcastReceiver
D/CellBroadcastReceiver( 3598): onReceive Intent { act=android.intent.action.SERVICE_STATE flg=0x10 cmp=com.android.cellbroadcastreceiver/.CellBroadcastReceiver (has extras) }
D/CellBroadcastReceiver( 3598): Intent ACTION_SERVICE_STATE_CHANGED
D/CellBroadcastReceiver( 3598): Service state changed! 3 Full: 3 3 voice home data home null null null null null null Unknown Unknown CSS not supported -1 -1 RoamInd=-1 DefRoamInd=-1 EmergOnly=false Current state=-1
I/ActivityManager( 2225): Killing 2826:android.process.acore/u0a6 (adj 15): empty #17
D/CellBroadcastReceiver( 3598): onReceive Intent { act=android.intent.action.ACTION_SUBINFO_RECORD_UPDATED flg=0x10 cmp=com.android.cellbroadcastreceiver/.CellBroadcastReceiver }
D/SIP ( 2743): [SipSharedPreferences] isReceivingCallsEnabled, option not set; use default value, exception: android.provider.Settings$SettingNotFoundException: sip_receive_calls
E/PhoneInterfaceManager( 2743): [PhoneIntfMgr] getIccId: No UICC
...
D/Yamaha-MC1N2-Audio( 1862): yamaha_mc1n2_audio_route_start()
E/WhisperPush( 3531): GcmRecurringRegistration
E/WhisperPush( 3531): java.io.IOException: SERVICE_NOT_AVAILABLE
E/WhisperPush( 3531): at com.google.android.gms.gcm.GoogleCloudMessaging.register(Unknown Source)
E/WhisperPush( 3531): at org.whispersystems.whisperpush.gcm.GcmHelper.getRegistrationId(GcmHelper.java:65)
E/WhisperPush( 3531): at org.whispersystems.whisperpush.WhisperPush$1.doInBackground(WhisperPush.java:52)
E/WhisperPush( 3531): at org.whispersystems.whisperpush.WhisperPush$1.doInBackground(WhisperPush.java:48)
E/WhisperPush( 3531): at android.os.AsyncTask$2.call(AsyncTask.java:292)
E/WhisperPush( 3531): at java.util.concurrent.FutureTask.run(FutureTask.java:237)
E/WhisperPush( 3531): at android.os.AsyncTask$SerialExecutor$1.run(AsyncTask.java:231)
E/WhisperPush( 3531): at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1112)
E/WhisperPush( 3531): at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:587)
E/WhisperPush( 3531): at java.lang.Thread.run(Thread.java:818)
W/ActivityManager( 2225): Unable to start service Intent { act=com.google.android.gms.analytics.service.START cmp=com.google.android.gms/.analytics.service.AnalyticsService (has extras) } U=0: not found
W/GAV3 ( 3553): Thread[GAThread,5,main]: Service unavailable (code=1), will retry.
I/GAV3 ( 3553): Thread[GAThread,5,main]: No campaign data found.
I/GlobalDismissManager( 3437): no sender configured
...
W/ActivityManager( 2225): Unable to start service Intent { act=com.google.android.gms.analytics.service.START cmp=com.google.android.gms/.analytics.service.AnalyticsService (has extras) } U=0: not found
W/GAV3 ( 3553): Thread[Service Reconnect,5,main]: Service unavailable (code=1), using local store.
USSD-Codes:
Code:
D/Yamaha-MC1N2-Audio( 1862): yamaha_mc1n2_audio_output_start()
D/Yamaha-MC1N2-Audio( 1862): yamaha_mc1n2_audio_route_start()
D/Yamaha-MC1N2-Audio( 1862): (yamaha_mc1n2_audio_params_route_find): device = 2, direction = 0
W/AudioTrack( 2225): AUDIO_OUTPUT_FLAG_FAST denied by client
E/AudioTrack( 2225): AudioTrack::set : Exit
I/ActivityManager( 2225): START u0 {act=android.intent.action.CALL_PRIVILEGED dat=tel:xxxxx cmp=com.android.server.telecom/.PrivilegedCallActivity (has extras)} from uid 10008 on display 0
V/WindowManager( 2225): addAppToken: AppWindowToken{3e3087eb token=Token{534ff3a ActivityRecord{d949665 u0 com.android.server.telecom/.PrivilegedCallActivity t77}}} to stack=1 task=77 at 1
E/SpannableStringBuilder( 3876): SPAN_EXCLUSIVE_EXCLUSIVE spans cannot have a zero length
I/Telecom ( 2225): CallReceiver: onReceive - isUnknownCall: false
I/Telecom ( 2225): Call: setTargetPhoneAccount ComponentInfo{com.android.phone/com.android.services.telephony.TelephonyConnectionService}, [f8237xxxxxxxxxxxxxxx], UserHandle{0}
V/GpsNetInitiatedHandler( 2225): ACTION_NEW_OUTGOING_CALL - false
I/Telecom ( 2225): Call: CallerInfo received for *****: [email protected] { name null, phoneNumber non-null }
W/InputMethodManagerService( 2225): Window already focused, ignoring focus gain of: [email protected] [email protected], token = [email protected]
D/DialpadFragment( 3876): Displaying normal Dialer UI.
D/DialpadFragment( 3876): Displaying normal Dialer UI.
I/Telecom ( 2225): CallsManager: Creating a new outgoing call with handle: *****
I/Telecom ( 2225): CallsManager: updateLchStatus subInConversation: 5000
I/Telecom ( 2225): CreateConnectionProcessor: Trying attempt CallAttemptRecord(ComponentInfo{com.android.phone/com.android.services.telephony.TelephonyConnectionService}, [f8237xxxxxxxxxxxxxxxxxxxx], UserHandle{0},ComponentInfo{com.android.phone/com.android.services.telephony.TelephonyConnectionService}, [f8237xxxxxxxxxxxxxxxxxx], UserHandle{0})
I/Telecom ( 2225): CreateConnectionProcessor: Attempting to call from ComponentInfo{com.android.phone/com.android.services.telephony.TelephonyConnectionService}
I/Telecom ( 2225): ServiceBinderConnection: Service bound ComponentInfo{com.android.phone/com.android.services.telephony.TelephonyConnectionService}
I/Telephony( 2743): TelephonyConnectionService: onCreateOutgoingConnection, request: ConnectionRequest xxxxxxxxxxx Bundle[mParcelledData.dataSize=96]
I/Telecom ( 2225): ConnectionServiceWrapper: Service unbound ComponentInfo{com.android.phone/com.android.services.telephony.TelephonyConnectionService}, from unbind.
I/Telecom ( 2225): CallsManager: setCallState CONNECTING -> DISCONNECTED, call: [881702855, CONNECTING, null, *****, 0, childs(0), has_parent(false), [[Capabilities:]], false, ComponentInfo{com.android.phone/com.android.services.telephony.TelephonyConnectionService}, [f8237xxxxxxxxxxxxxxxxxxxxxxx], UserHandle{0} 0]
I/Telecom ( 2225): CallsManager: entered manageMSimInCallTones
I/Telecom ( 2225): CallsManager: updateLchStatus subInConversation: null
I/Telecom ( 2225): CallsManager: setActiveSubscription = null
I/Telecom ( 2225): CallsManager: entered manageMSimInCallTones
I/Timeline( 3876): Timeline: Activity_idle id: [email protected] time:1476741
Searching for networks:
Code:
D/Yamaha-MC1N2-Audio( 1862): yamaha_mc1n2_audio_output_start()
D/Yamaha-MC1N2-Audio( 1862): yamaha_mc1n2_audio_route_start()
D/Yamaha-MC1N2-Audio( 1862): (yamaha_mc1n2_audio_params_route_find): device = 2, direction = 0
V/WindowManager( 2225): not Base app: Adding window Window{a3df74b u0 com.android.phone/com.android.phone.NetworkSetting} at 6 of 9
I/NotificationService( 2225): cancelToast pkg=com.android.phone [email protected]
W/NotificationService( 2225): Toast already cancelled. pkg=com.android.phone [email protected]
W/InputMethodManagerService( 2225): Window already focused, ignoring focus gain of: [email protected] attribute=null, token = [email protected]
Maybe this is a problem with the /efs - partition. hxxp://redmine.replicant.us/boards/9/topics/8841?r=9483 . The owner of most files in /efs is root or system, not radio
Code:
[email protected]:/ # ls -la /efs/
ls -la /efs/
-rw-r--r-- root root 1 2011-01-01 01:00 .nv_state
drwxrwxr-x radio system 2000-01-01 01:09 bluetooth
-rw-r--r-- system system 9 2010-12-31 22:02 cryptprop_applied_result
-rw-r--r-- root root 1 2010-12-31 22:00 cryptprop_rebootMode
drwx------ system system 2010-12-31 22:01 dmp
-rw-rw-rw- system system 256 2014-06-06 10:33 edk_p
-rw-r--r-- root root 2354 2011-01-01 01:00 nv.log
-rw-r--r-- root root 32 2010-12-31 22:13 nv_data.bin.md5
-rw-r--r-- root root 880 2010-12-31 16:02 redata.bin
-rw-r--r-- root root 1 2013-02-12 07:00 upgaddr
drwxrwxr-x radio system 2000-01-01 01:13 wifi
Activation of mobile network in settings:
Code:
D/Yamaha-MC1N2-Audio( 1861): yamaha_mc1n2_audio_route_start()
D/MccTable( 2753): updateMccMncConfiguration mccmnc='null' fromServiceState=true
D/MccTable( 2753): WIFI_COUNTRY_CODE set to
I/WifiService( 2226): WifiService trying to set country code to with persist set to true
E/WifiStateMachine( 2226): Ignoring resetting of country code
D/KeyguardUpdateMonitor( 2369): ACTION_SERVICE_STATE_CHANGED on sub: 5000 mServiceState: 1 1 voice home data home null null null null null null Unknown Unknown CSS not supported -1 -1 RoamInd=-1 DefRoamInd=-1 EmergOnly=false
D/GpsLocationProvider( 2226): received SIM realted action:
D/GpsLocationProvider( 2226): SIM MCC/MNC is still not available
W/sh ( 4104): type=1400 audit(0.0:237): avc: denied { write } for name="log" dev=mmcblk0p10 ino=73730 scontext=u:r:rild:s0 tcontext=u:object_r:system_data_file:s0 tclass=dir
I/MmsService( 2753): MmsConfigManager.loadInBackground(): mcc/mnc: 262/3
I/Telephony( 2753): PstnIncomingCallNotifier: Unregistering: Handler (com.android.internal.telephony.gsm.GSMPhone) {2f88d477}
D/Telephony( 2753): PstnPhoneCapabilitiesNotifier: Unregistering: Handler (com.android.internal.telephony.gsm.GSMPhone) {2f88d477}
E/MmsService( 2753): MmsConfigManager.load -- empty getActiveSubInfoList
D/Telephony( 2753): TelecomAccountRegistry: Found 1 phones. Attempting to register.
D/Telephony( 2753): TelecomAccountRegistry: Phone with subscription id 5000
E/PhoneInterfaceManager( 2753): [PhoneIntfMgr] getIccId: ICC ID is null or empty.
D/Telephony( 2753): AccountEntry: Registered phoneAccount: [PhoneAccount: ComponentInfo{com.android.phone/com.android.services.telephony.TelephonyConnectionService}, [f8237xxxxxxxxxxxxxxxxxxxx], UserHandle{0} Capabilities: 54 Schemes: tel voicemail ] with handle: ComponentInfo{com.android.phone/com.android.services.telephony.TelephonyConnectionService}, [f8237xxxxxxxxxxxxxxxxxxxxxxxx], UserHandle{0}
I/Telephony( 2753): PstnIncomingCallNotifier: Registering: Handler (com.android.internal.telephony.gsm.GSMPhone) {2f88d477}
D/Telephony( 2753): PstnPhoneCapabilitiesNotifier: Registering: Handler (com.android.internal.telephony.gsm.GSMPhone) {2f88d477}
D/CallNotifier( 2753): onReceive...
D/PhoneStatusBarPolicy( 2369): updateSimState for subId :5000
D/PhoneStatusBarPolicy( 2369): updateSimState for phoneId :0
D/PhoneStatusBarPolicy( 2369): updateSimState for Slot :0
D/Telephony( 2753): PstnPhoneCapabilitiesNotifier: handleVideoCapabilitesChanged. Video capability - false
D/CellBroadcastReceiver( 3604): onReceive Intent { act=android.intent.action.SERVICE_STATE flg=0x10 cmp=com.android.cellbroadcastreceiver/.CellBroadcastReceiver (has extras) }
D/CellBroadcastReceiver( 3604): Intent ACTION_SERVICE_STATE_CHANGED
D/CellBroadcastReceiver( 3604): Service state changed! 1 Full: 1 1 voice home data home null null null null null null Unknown Unknown CSS not supported -1 -1 RoamInd=-1 DefRoamInd=-1 EmergOnly=false Current state=-1
D/CellBroadcastReceiver( 3604): onReceive Intent { act=android.intent.action.ACTION_SUBINFO_RECORD_UPDATED flg=0x10 cmp=com.android.cellbroadcastreceiver/.CellBroadcastReceiver }
E/PhoneInterfaceManager( 2753): [PhoneIntfMgr] getIccId: ICC ID is null or empty.
I/art ( 2226): Background partial concurrent mark sweep GC freed 21767(1433KB) AllocSpace objects, 6(196KB) LOS objects, 20% free, 15MB/19MB, paused 2.154ms total 179.409ms
D/GpsLocationProvider( 2226): received SIM realted action:
D/GpsLocationProvider( 2226): SIM MCC/MNC is still not available
I/MediaFocusControl( 2226): AudioFocus abandonAudioFocus() from [email protected][email protected]
I/HeadsetService( 2686): Audio session removed: 18
I/MediaFocusControl( 2226): AudioFocus abandonAudioFocus() from [email protected][email protected]
Hi there!
Im trying to build Touchwiz Lollipop stock kernel with 4.9+ toolchain for my Samsung Galaxy J5 (2015), but it seems that it doesnt work. The phone gets stuck at phone`s logo, it is not even reaching the bootanimation.
It happened same when i tried to build CM kernel with 4.9+ toolchain.
The toolchain version im using is Linaro 4.9 by Cristopher. I also tried UBER 4.9 and some others, but still no luck.
On Marshmallow it is working fine, unlike Lollipop.
Here is a logcat: MEDIAFIRE / PASTEBIN.
Here is the stock kernel source: GITHUB.
And i think this is the problem, which is seems to loop:
Code:
E/QSEECOMAPI: ( 1252): Error::ioctl call query if app is loaded failed with ret = -1, errno = 22
D/QSEECOMAPI: ( 1252): QSEECom_get_handle sb_length = 0x2000
W/Atfwd_Sendcmd( 301): AtCmdFwd service not published, waiting... retryCnt : 5
I/ServiceManager( 930): Waiting for service SurfaceFlinger...
E/QSEECOMAPI: ( 1252): Error::ioctl call query if app is loaded failed with ret = -1, errno = 22
E/QCOMKeyMaster( 1252): Loading keymaster app /firmware/image keymaste failied with ret -6
E/keystore( 1252): could not open keymaster device in keystore (Operation not permitted)
E/keystore( 1252): keystore keymaster could not be initialized; exiting
There is also this:
Code:
E/QSEECOMAPI: ( 444): Error::Load image request failed ret = -1, errno = 512
E/QSEECOMAPI: ( 444): Error::Loading image failed with ret = -1
D/QSEECOMAPI: ( 444): QSEECom_load_external_elf
E/QSEECOMAPI: ( 444): Error::Cannot open the file /system/etc/firmware/tbase.mdt
E/QSEECOMAPI: ( 444): Error::Loading image failed with ret = -1
D/QSEECOMAPI: ( 444): QSEECom_load_external_elf
E/QSEECOMAPI: ( 444): Error::Cannot open the file /firmware/image/mc_v2.mdt
E/QSEECOMAPI: ( 444): Error::Loading image failed with ret = -1
D/QSEECOMAPI: ( 444): QSEECom_load_external_elf
E/QSEECOMAPI: ( 444): Error::Cannot open the file /system/etc/firmware/mc_v2.mdt
E/QSEECOMAPI: ( 444): Error::Loading image failed with ret = -1
D/QSEECOMAPI: ( 444): QSEECom_load_external_elf
E/QSEECOMAPI: ( 444): Error::Cannot open the file /firmware/image/mobicore12.mdt
E/QSEECOMAPI: ( 444): Error::Loading image failed with ret = -1
D/QSEECOMAPI: ( 444): QSEECom_load_external_elf
E/QSEECOMAPI: ( 444): Error::Cannot open the file /system/etc/firmware/mobicore12.mdt
E/QSEECOMAPI: ( 444): Error::Loading image failed with ret = -1
D/QSEECOMAPI: ( 444): QSEECom_load_external_elf
E/QSEECOMAPI: ( 444): Error::Cannot open the file /firmware/image/mobicore.mdt
E/QSEECOMAPI: ( 444): Error::Loading image failed with ret = -1
Also:
Code:
E/Adreno-GSL( 252): <ioctl_kgsl_driver_entry:485>: open(/dev/kgsl-3d0) failed: errno 12. Out of memory
E/Adreno-EGL( 252): <egliInitState:676>: gsl library open failure
W/Adreno-EGL( 252): <qeglDrvAPI_eglInitialize:375>: EGL_NOT_INITIALIZED
After a google search, i have understood that QSEECOM is related to encryption, but im not even using that.
Do you have any idea or tips?
Thank you!
Robert.
Hey. Have same issue on my Galaxy A3 (qseecom issue). How to fix?
vl_w said:
Hey. Have same issue on my Galaxy A3 (qseecom issue). How to fix?
Click to expand...
Click to collapse
No idea... I couldnt find anything and gave up on it.
I would like to know the solution if you manage to solve the problem...
PS: By the way, when you post in some thread, quote the post or mention the user so he gets notification.
#Henkate said:
No idea... I couldnt find anything and gave up on it.
I would like to know the solution if you manage to solve the problem...
PS: By the way, when you post in some thread, quote the post or mention the user so he gets notification.
Click to expand...
Click to collapse
4.8 - working
4.9 - phone stay on boot-animation... Logs same that in 1st post.
Google search not find solution...
I think easier will move drivers to CAF latest kernel and use it w/o any bugs
I am having issues with custom rom that i built using lineage-15.1. My device is sanders. The camera is not working. The camera 2 app disappears soon after booting after installation. I installed open camera and it says camera is in use.
I got the logcats and i see this error -
02-12 10:46:44.252 760 760 F DEBUG : Abort message: 'CANNOT LINK EXECUTABLE "/system/vendor/bin/mm-qcamera-daemon": cannot locate symbol "_Z35eglQueryStringImplementationANDROIDPvi" referenced by "/system/vendor/lib/libguy.so"...'
I ran the nm command on the libguy.so and I find an undefined symbol there. I searched and found a shim that has this very symbol - libshim_camera_hal.so, I also found source files for this and found the function in device/motorola/sanders/libshims/camera_hal.cpp
I checked the shim file on the device, the shim file is present in /system/lib64 and /system/lib folders. libguy.so is in /system/vendor/lib and is 32bit.
Is this an LD_LIBRARY_PATH issue?
What can i do to fix this issue.
doors666 said:
I am having issues with custom rom that i built using lineage-15.1. My device is sanders. The camera is not working. The camera 2 app disappears soon after booting after installation. I installed open camera and it says camera is in use...
Click to expand...
Click to collapse
I don't have this device but, the following threads, that's device specific, may be helpful for what you are looking for and don't be afraid to ask for some member guidance within one of them.
https://forum.xda-developers.com/showthread.php?t=3722844
https://forum.xda-developers.com/showthread.php?t=3708082
https://forum.xda-developers.com/showthread.php?t=3708997
If all else fails, try posting your question within the following thread that's specific to your device.
https://forum.xda-developers.com/showthread.php?t=3593531
Good Luck!
~~~~~~~~~~~~~~~
I DO NOT provide support via PM unless asked/requested by myself. PLEASE keep it in the threads where everyone can share.
are you building that lib shims?
in libshims/Android.mk
and in device.mk
Refer to this tree: https://github.com/Keertesh19/device_motorola_sanders
yes I am building that. the files do have slight differences though as I took the device,vendor,kernel from validus links. I also downloaded the validus tree using the manifest and built it and i get the same issue there also. but its not there in the latest published rom.
I still have this issue, tried a lot of things, but still no fix.
I downloaded the latest validus published ROM build and that works fine, no issues with the camera.
I synced the validus repo using the manifest file and made a build, camera does not work.
Steps -
repo sync with validus manifest.
lunch validus_sanders-userdebug
brunch sanders
clean install.
Am I missing some step here? One thing that bothered me is that brunch works fine, but make fails. The error (I think it was about java doc, it asks me to run make update-api, that also fails.
I extracted both the ROMs and did a compare on both ramdisk and /system, no significant difference that could cause this.
I extracted the shims from good rom and copied it onto the phone which had my built rom and it still did not work.
I tried fedora (26 and 27) and ubuntu (17.10 and 16.04 LTS) to make build, no difference.
I modified the initrc and modified the LD_SHIM_LIBS to include the full path for the shims, still does not work.
This is the error that I get in the logs -
03-02 09:32:31.853 2558 2558 I init : type=1400 audit(0.0:520): avc: denied { execute_no_trans } for uid=1006 path="/system/vendor/bin/mm-qcamera-daemon" dev="mmcblk0p53" ino=2817 scontext=u:r:init:s0 tcontext=ubject_r:vendor_file:s0 tclass=file permissive=1
03-02 09:32:31.924 2558 2558 F libc : CANNOT LINK EXECUTABLE "/system/vendor/bin/mm-qcamera-daemon": cannot locate symbol "_Z35eglQueryStringImplementationANDROIDPvi" referenced by "/system/vendor/lib/libguy.so"...
03-02 09:32:31.924 2558 2558 F libc : Fatal signal 6 (SIGABRT), code -6 in tid 2558 (mm-qcamera-daem), pid 2558 (mm-qcamera-daem)
03-02 09:32:31.939 2561 2561 E cutils-trace: Error opening trace file: No such file or directory (2)
03-02 09:32:31.936 2562 2562 I crash_dump32: type=1400 audit(0.0:521): avc: denied { ptrace } for uid=1006 scontext=u:r:crash_dump:s0 tcontext=u:r:init:s0 tclass=process permissive=1
03-02 09:32:31.945 2562 2562 I crash_dump32: obtaining output fd from tombstoned, type: kDebuggerdTombstone
03-02 09:32:31.946 691 691 I /system/bin/tombstoned: received crash request for pid 2558
03-02 09:32:31.947 2562 2562 I crash_dump32: performing dump of process 2558 (target tid = 2558)
03-02 09:32:31.947 2562 2562 F DEBUG : *** *** *** *** *** *** *** *** *** *** *** *** *** *** *** ***
03-02 09:32:31.947 2562 2562 F DEBUG : Build fingerprint: 'google/walleye/walleye:8.1.0/OPM1.171019.011/4448085:user/release-keys'
03-02 09:32:31.947 2562 2562 F DEBUG : Revision: '0'
03-02 09:32:31.947 2562 2562 F DEBUG : ABI: 'arm'
03-02 09:32:31.947 2562 2562 F DEBUG : pid: 2558, tid: 2558, name: mm-qcamera-daem >>> /system/vendor/bin/mm-qcamera-daemon <<<
03-02 09:32:31.947 2562 2562 F DEBUG : signal 6 (SIGABRT), code -6 (SI_TKILL), fault addr --------
03-02 09:32:31.948 2562 2562 F DEBUG : Abort message: 'CANNOT LINK EXECUTABLE "/system/vendor/bin/mm-qcamera-daemon": cannot locate symbol "_Z35eglQueryStringImplementationANDROIDPvi" referenced by "/system/vendor/lib/libguy.so"...'
03-02 09:32:31.948 2562 2562 F DEBUG : r0 00000000 r1 000009fe r2 00000006 r3 00000008
03-02 09:32:31.948 2562 2562 F DEBUG : r4 000009fe r5 000009fe r6 ff8a460c r7 0000010c
03-02 09:32:31.949 2562 2562 F DEBUG : r8 00000000 r9 ed86e010 sl 00000000 fp ff8a58a4
03-02 09:32:31.949 2562 2562 F DEBUG : ip ff8a4630 sp ff8a45f8 lr ed907309 pc ed905808 cpsr 200f0030
03-02 09:32:31.950 2562 2562 F DEBUG :
03-02 09:32:31.950 2562 2562 F DEBUG : backtrace:
03-02 09:32:31.950 2562 2562 F DEBUG : #00 pc 0005f808 /system/bin/linker (__dl_abort+63)
03-02 09:32:31.950 2562 2562 F DEBUG : #01 pc 00010931 /system/bin/linker (__dl___linker_init+2820)
03-02 09:32:31.950 2562 2562 F DEBUG : #02 pc 000156a4 /system/bin/linker (_start+4)
the latest changes to the device tree seems to have fixed this issue. thanx guys. though would love to know what was causing this issue.
Hi,
So I'm terrorized by audio stream cutout after 5 minutes while screen is off.
This happens while streaming thru browser also with MX Player Pro streams cuts off,
and does not return until screen is powered on..
I tried ServeStream and while it works, it to suffers from 10-15sec of audio cutout every 5min blaming buffer is empty..
So I tried setting:
Wifi network : Not metered
Unrestricted data usage: Browser (NBP), Media (MTP Host), ServeStream
Battery Not optimized : Browser (NBP), Media Storage, MTP Host, MX Player Pro, ServeStream
(just for oldschool times; adb shell settings put global wifi_sleep_policy 2)
But nothing gives, what else is there to do?
I'm trying practise playing along with a buddy of mine and this utter madness is ruining it.
Captured from logcat what occurse every time streaming thru browser.
HTML:
.
.
W chromium: [WARNING:audio_sync_reader.cc(193)] AudioSyncReader::Read timed out, audio glitch count=30
.
.
D : PlayerBase::stop() from IPlayer
D AudioTrack: stop() called with 19371008 frames delivered
E AudioAttributes: Illegal value unmarshalling AudioAttributes, can't initialize bundle
E AudioService.PlaybackActivityMonitor: Error updating audio attributes
D : PlayerBase::stop() from IPlayer
W AudioFlinger: moveEffectChain_l() effect chain for session 0 not on source thread 0xadc039c0
W BroadcastQueue: Background execution not allowed: receiving Intent { act=lineageos.intent.action.ACTION_AUDIO_SESSIONS_CHANGED flg=0x10000010 (has extras) } to org.lineageos.audiofx/.receiver.ServiceDispatcher
D audio_hw_primary: out_standby: enter: stream (0xaeebd800) usecase(0: deep-buffer-playback)
D hardware_info: hw_info_append_hw_type : device_name = speaker
D : TrackPlayerBase::~TrackPlayerBase()
: PlayerBase::~PlayerBase()
.
.
I WifiService: requestActivityInfo uid=1000
I WifiService: reportActivityInfo uid=1000
I WifiService: getSupportedFeatures uid=1000
D WifiHAL : In DebugCommand::handleResponse
D WifiHAL : len = 4, expected len = 4
D lights.msm8974: led [solid] = ff0d0200
D WifiHAL : In DebugCommand::handleResponse
D WifiHAL : len = 4, expected len = 4
E BatteryExternalStatsWorker: no controller energy info supplied for wifi
E BatteryExternalStatsWorker: no controller energy info supplied for bluetooth
D lights.msm8974: led [solid] = ff0d0200
E BatteryExternalStatsWorker: modem info is invalid: ModemActivityInfo{ mTimestamp=0 mSleepTimeMs=0 mIdleTimeMs=0 mTxTimeMs[]=[0, 0, 0, 0, 0] mRxTimeMs=0 mEnergyUsed=0}
.
.
Current rom AICP 13.1
Hello,
I just have a question, my Xperia 1 was unlocked and rooted (magisk) on Android 10.
Yesterday, I decided to lock the bootloader, everything was erased from the phone after that. The new Android installation was buggy so I tried to restore the phone using Xperia Companion.
After the restore using Xperia Companion, Now everything is working fine and I was really surprised, my DRM keys are back, I have "L1" using the DRM info app and I can watch Netflix HD content and Amazon Prime Video HD content.
How is that possible ? I thought that by unlocking the bootloader, the DRM keys are lost forever ?
Hmmm do you have any proof?
Hello,
Yes, please see my old messages, I succesfully unlocked ans rooted the device. Now see the screenshot below.
https://ibb.co/7RH2ZdG
Check with *#*#7378423#*#*
Then service info>security
Then see if any ........XXXXX error and share the screenshot.
Thanks
Hello, thanks for your Reply.
It seems that there is No error, but I have confirmation that thé device has already be unlocked
https://imgshare.io/image/screenshot-20200412-1650532.4yP8t
By thé way, i also recieved an OTAsoftware uppgrade. So this is now working too.
titigunner01 said:
By thé way, i also recieved an OTAsoftware uppgrade. So this is now working too.
Click to expand...
Click to collapse
You can receive OTA if you have just locked the bootloader.
But the things in Screenshot looks great. It was a previous way of checking the DRM keys and I don't know if only these things verify the DRM keys in latest versions too.
Is it a matter that the phone restores the DRM under locked bootloader again in Sony or did they remove the DRMs?
But what it matters is you are using apps and things like you have the DRM so may be thats good.:good:
So, after you restored stock ROM, also the boot message "can't be checked for corruption" is gone?
Yes, no message when booting.
Very strange, i wanted to know if everyone else noticed thé same thing.
titigunner01 said:
Yes, no message when booting.
Very strange, i wanted to know if everyone else noticed thé same thing.
Click to expand...
Click to collapse
Eventually I will try on my Xperia 10 II. Hope I have the same luck, thanks!
titigunner01 said:
Hello,
I just have a question, my Xperia 1 was unlocked and rooted (magisk) on Android 10.
Yesterday, I decided to lock the bootloader, everything was erased from the phone after that. The new Android installation was buggy so I tried to restore the phone using Xperia Companion.
After the restore using Xperia Companion, Now everything is working fine and I was really surprised, my DRM keys are back, I have "L1" using the DRM info app and I can watch Netflix HD content and Amazon Prime Video HD content.
How is that possible ? I thought that by unlocking the bootloader, the DRM keys are lost forever ?
Click to expand...
Click to collapse
did you lock the bootloader with flashtool?
I just want to do it too, but can`t I find a guide for xperia 1
No i locked the bootloader using command lines.
Maybe this will work also using Flashtool, Im not sure.
titigunner01 said:
No i locked the bootloader using command lines.
Maybe this will work also using Flashtool, Im not sure.
Click to expand...
Click to collapse
you using this commands?
fastboot oem lock
fastboot flashing lock
fastboot oem relock
fastboot reboot
if not, can you describe step by step how you did it?
I will
thankful to you!
Hello,
Yes, if I remember well, on fastboot mode, i used fastboot oem lock.
After the reboot of the phone, everything was reased. The new installation was really buggy so after that I recovered using Xperia Companion.
interesting - I am wondering if sony still uses the device key in TA 66667 unit and if it gets erased with the first unlock or not.
Deleted
Relock the bootloader, repair with xperia companion and drm keys are back.
Only on xperia 1, 5 and up !
Beware: even though it may look all keys are back, it is still questionable if some function/feature is not permanently missing.
I did some research and it seems xperia 1 bootloader ABL does erase device key, i.e. TA 66667 (0x1046b) unit, on unlock.
So in my opinion even though you can relock and everything looks normal, the device key gets never back.
The question is what (drm) functions are connected to it.
Here more details:
Just extracted abl from J9110_10_55.1.A.0.748_PLUSPL, posted it here:
xperia-1-J9110-55.1.A.0.748-LA2_0_Q_114-ABL-LinuxLoader.zip
Just observing the strings in it, I am not trusting SONY at all with the re-lock of xperia-1:
Code:
$ strings -a LA2_0_Q_114-ABL-LinuxLoader.pe | grep -i 'device key\|[ _]dk'
Size of device key is too large (%d > %d)
Device key is not set, setting to zero
get_dk returned err=%d
Unable to delete dk
get_hwconf_dk returned err=%d
Device Key MiscTA unit size is zero
Failed to allocate memory for Device Key
Device keys not of equal length!
hwconf_x_parser_get_hwc_dk returned err=%d
Device Key length in HWConfig is zero
Failed to get size of TA_DK_NUMBER_UNIT
Failed to delete DK
This looks very similar to stuff implemented in xz1c ABL related to unlock and TA unit 66667 (0x1046b) containing the device key erased with bootloader unlock!
You may also observe if the message "Device key is not set, setting to zero" is present in bootloader log that is stored in 0x802 TA unit (and few other following units containing older boots).
It would be interesting to test TA backup, unlock, relock, TA restore, so that device key would be back.
This tells everything:
From i d a can't see 1046b but see the same function at the bottom (ghidra output)
Code:
void sub_4DDE4()
{
int v0; // w0
__int64 v1; // x3
__int64 v2; // x4
__int64 v3; // x5
__int64 v4; // x6
__int64 v5; // x7
__int64 v6; // x0
__int64 v7; // x1
const char *v8; // x0
__int64 v9; // x2
__int64 v10; // x0
char v11; // zf
int v12; // w0
__int64 v13; // x0
__int64 v14; // x0
unsigned int v15; // w1
__int64 v16; // x2
__int64 v17; // x3
_DWORD *v18; // x4
__int64 v19; // x5
__int64 v20; // x6
__int64 v21; // x7
signed int v22; // [xsp+4h] [xbp-2Ch]
sub_440B4();
if ( v0 )
{
sub_4DF70();
v7 = v6;
v8 = "[ERROR @ %s:%d]:\nFailed to get size of TA_DK_NUMBER_UNIT\n";
v9 = 303i64;
}
else
{
if ( v22 < 1 )
goto LABEL_4;
sub_44318();
if ( !v12 )
goto LABEL_4;
sub_4DF70();
v7 = v13;
v8 = "[ERROR @ %s:%d]:\nFailed to delete DK\n";
v9 = 310i64;
}
sub_589A0(v8, v7, v9, v1, v2, v3, v4, v5);
LABEL_4:
sub_4DF5C();
if ( !v11 )
{
sub_14468(v10);
sub_4DE94(v14, v15, v16, v17, v18, v19, v20, v21);
}
}
Code:
sub_4110C();
[B][COLOR="Red"]sub_4DDE4();[/COLOR][/B]
if ( v0 )
{
sub_41100();
sub_589A0("[ERROR @ %s:%d]:\nUnable to delete dk\n", v1, 1438i64, v2, v3, v4, v5, v6);
goto LABEL_10;
}
sub_3ED48();
if ( !v7 )
{
sub_41100();
sub_589A0("[ERROR @ %s:%d]:\nFailed to delete user sensitive partitions\n", v18, 1443i64, v19, v20, v21, v22, v23);
goto LABEL_10;
}
sub_3EE20();
if ( v8 )
{
sub_41100();
v15 = v14;
v16 = "[ERROR @ %s:%d]:\nFailed to reset rollback counters, error:%d\n";
v17 = 1451i64;
}
else
{
sub_3EDF0();
if ( !v24 )
goto LABEL_10;
sub_41100();
v15 = v25;
v16 = "[ERROR @ %s:%d]:\n[B][COLOR="Red"]Failed to lock the bootloader: [/COLOR][/B]%d\n";
v17 = 1457i64;
}
ghidra
Code:
ulonglong FUN_0005dde4(void)
{
bool in_ZR;
undefined uVar1;
ulonglong uVar2;
undefined8 extraout_x0;
undefined8 local_28;
undefined8 extraout_x0_00;
undefined8 uVar3;
undefined *puVar4;
undefined uVar5;
undefined8 in_x3;
undefined7 uVar6;
undefined uVar7;
undefined8 in_x4;
undefined7 uVar8;
undefined uVar9;
undefined8 in_x5;
undefined7 uVar10;
undefined uVar11;
undefined8 in_x6;
undefined7 uVar12;
undefined uVar13;
undefined8 in_x7;
undefined7 uVar14;
ulonglong uVar15;
undefined in_stack_ffffffffffffffd0;
undefined uVar16;
int local_2c;
uVar14 = (undefined7)((ulonglong)in_x7 >> 8);
uVar13 = (undefined)in_x7;
uVar12 = (undefined7)((ulonglong)in_x6 >> 8);
uVar11 = (undefined)in_x6;
uVar10 = (undefined7)((ulonglong)in_x5 >> 8);
uVar9 = (undefined)in_x5;
uVar8 = (undefined7)((ulonglong)in_x4 >> 8);
uVar7 = (undefined)in_x4;
uVar6 = (undefined7)((ulonglong)in_x3 >> 8);
uVar5 = (undefined)in_x3;
puVar4 = &stack0xffffffffffffffd4;
uVar3 = 0x1046b;
local_28 = DAT_000a90c0;
uVar2 = FUN_000540b4(2);
uVar16 = (undefined)local_2c;
uVar1 = (undefined)uVar2;
if ((int)uVar2 == 0) {
in_ZR = local_2c == 1;
if (local_2c < 1) {
uVar15 = 0;
goto LAB_0005de34;
}
[COLOR="Blue"][B] uVar3 = 0x1046b; // drm key unit[/B][/COLOR]
[COLOR="Red"] uVar2 = FUN_00054318(2); // partition 2
uVar1 = (undefined)uVar2;
uVar15 = uVar2 & 0xffffffff;
if ((int)uVar2 == 0) goto LAB_0005de34;
FUN_0005df70(uVar2,uVar3,puVar4,CONCAT71(uVar6,uVar5),CONCAT71(uVar8,uVar7),
CONCAT71(uVar10,uVar9),CONCAT71(uVar12,uVar11),CONCAT71(uVar14,uVar13));
_uVar1 = "[ERROR @ %s:%d]:\nFailed to delete DK\n";[/COLOR]
puVar4 = (undefined *)0x136;
uVar3 = extraout_x0_00;
}
else {
uVar15 = uVar2 & 0xffffffff;
FUN_0005df70(uVar2,uVar3,puVar4,CONCAT71(uVar6,uVar5),CONCAT71(uVar8,uVar7),
CONCAT71(uVar10,uVar9),CONCAT71(uVar12,uVar11),CONCAT71(uVar14,uVar13));
_uVar1 = "[ERROR @ %s:%d]:\nFailed to get size of TA_DK_NUMBER_UNIT\n";
puVar4 = (undefined *)0x12f;
uVar3 = extraout_x0;
}
uVar1 = FUN_000689a0(_uVar1,uVar3,puVar4,CONCAT71(uVar6,uVar5),CONCAT71(uVar8,uVar7),
CONCAT71(uVar10,uVar9),CONCAT71(uVar12,uVar11),CONCAT71(uVar14,uVar13));
LAB_0005de34:
local_28 = FUN_0005df5c(uVar1,(char)uVar3,(char)puVar4,uVar5,uVar7,uVar9,uVar11,uVar13,
in_stack_ffffffffffffffd0,uVar16,local_28);
if (in_ZR) {
return uVar15;
}
// WARNING: Subroutine does not return
FUN_00024468(local_28,uVar3,puVar4,CONCAT71(uVar6,uVar5),CONCAT71(uVar8,uVar7),
CONCAT71(uVar10,uVar9),CONCAT71(uVar12,uVar11),CONCAT71(uVar14,uVar13));
}
Its very evidently that function sub_4DDE4 is called at the start of lock function, I can tell that drm key is bye bye after you unlock phone, curently I'm unable to figure out what is done with oem lock command & why widevine keys is back but definitelly drm key is lost forever, indication for that is message inside service menu "is even unlocked = yes" !
So how lock is done, in short:
1. drm key bye bye
2. user sensitive partitions deleted (thats why device no more boot & must use sony pc companion in order to repair)
3. rollback counter reset
4. bootloader locked
Some good news for bootloader unlocked xperia 10 owners! I'm managed to get all back after patching secd
Code:
07-25 17:10:29.745 8470 8471 I [email protected]: start init_thread
07-25 17:10:29.745 8470 8471 I [email protected]: listeners registered
07-25 17:10:29.745 8470 8471 D QSEECOMAPI: QSEECom_get_handle sb_length = 0x200
07-25 17:10:29.746 8470 8471 D QSEECOMAPI: App is already loaded QSEE and app id = 131074
07-25 17:10:29.746 579 579 I SELinux : avc: received setenforce notice (enforcing=0)
07-25 17:10:29.747 579 579 W hwservicemanager: Detected instance of [email protected]::IDeviceSecurity (pid: 8470) registering over instance of or with base of [email protected]::IDeviceSecurity (pid: 879).
07-25 17:10:29.751 8470 8471 D QSEECOMAPI: QSEECom_dealloc_memory
07-25 17:10:29.751 8470 8471 D QSEECOMAPI: QSEECom_shutdown_app, app_id = 131074
07-25 17:10:29.752 8470 8471 I libdevice_security_static: get_rooting_status.cpp:80 rooting_status 0
07-25 17:10:29.752 8470 8471 I [email protected]: the bootloader is OK, try to init suntory
07-25 17:10:29.752 8470 8471 I libsuntory_static: utils_blob.cpp:462 process miscTA unit 2022
07-25 17:10:29.754 8470 8471 I libsuntory_static: utils_blob.cpp:497 found blob CKB
07-25 17:10:29.754 8470 8471 I libsuntory_static: utils_blob.cpp:521 match found at index 0
07-25 17:10:29.755 8470 8471 D QSEECOMAPI: QSEECom_get_handle sb_length = 0x4100
07-25 17:10:29.755 8470 8471 D QSEECOMAPI: App is not loaded in QSEE
07-25 17:10:29.755 8470 8471 D QSEECOMAPI: app_arch = 2, total_files = 9
07-25 17:10:29.788 8470 8471 D QSEECOMAPI: Loaded image: APP id = 1179652
07-25 17:10:29.789 8470 8471 D QSEECOMAPI: QSEECom_get_handle sb_length = 0xc00
07-25 17:10:29.789 8470 8471 D QSEECOMAPI: App is already loaded QSEE and app id = 131074
07-25 17:10:29.793 8470 8471 D QSEECOMAPI: QSEECom_dealloc_memory
07-25 17:10:29.793 8470 8471 D QSEECOMAPI: QSEECom_shutdown_app, app_id = 131074
07-25 17:10:29.798 8470 8471 D QSEECOMAPI: QSEECom_dealloc_memory
07-25 17:10:29.798 8470 8471 D QSEECOMAPI: QSEECom_shutdown_app, app_id = 1179652
07-25 17:10:29.798 8470 8471 I libsuntory_static: utils_blob.cpp:121 blob verisfication status: Blob OK
07-25 17:10:29.798 8470 8471 I libsuntory_static: utils_blob.cpp:462 process miscTA unit 2023
07-25 17:10:29.801 8470 8471 I libsuntory_static: utils_blob.cpp:497 found blob WIDEVINE
07-25 17:10:29.801 8470 8471 I libsuntory_static: utils_blob.cpp:521 match found at index 1
07-25 17:10:29.801 8470 8471 D QSEECOMAPI: QSEECom_get_handle sb_length = 0x4100
07-25 17:10:29.801 8470 8471 D QSEECOMAPI: App is not loaded in QSEE
07-25 17:10:29.801 8470 8471 D QSEECOMAPI: app_arch = 2, total_files = 9
07-25 17:10:29.835 8470 8471 D QSEECOMAPI: Loaded image: APP id = 1245188
07-25 17:10:29.835 8470 8471 D QSEECOMAPI: QSEECom_get_handle sb_length = 0xc00
07-25 17:10:29.835 8470 8471 D QSEECOMAPI: App is already loaded QSEE and app id = 131074
07-25 17:10:29.838 8470 8471 D QSEECOMAPI: QSEECom_dealloc_memory
07-25 17:10:29.838 8470 8471 D QSEECOMAPI: QSEECom_shutdown_app, app_id = 131074
07-25 17:10:29.843 8470 8471 D QSEECOMAPI: QSEECom_dealloc_memory
07-25 17:10:29.843 8470 8471 D QSEECOMAPI: QSEECom_shutdown_app, app_id = 1245188
07-25 17:10:29.844 8470 8471 I libsuntory_static: utils_blob.cpp:121 blob verisfication status: Blob OK
07-25 17:10:29.844 8470 8471 I libsuntory_static: utils_blob.cpp:462 process miscTA unit 2024
07-25 17:10:29.846 8470 8471 E libsuntory_static: utils_blob.cpp:477 invalid blob size 1
07-25 17:10:29.846 8470 8471 I libsuntory_static: utils_blob.cpp:462 process miscTA unit 2025
07-25 17:10:29.848 8470 8471 E libsuntory_static: utils_blob.cpp:477 invalid blob size 0
07-25 17:10:29.848 8470 8471 I libsuntory_static: utils_blob.cpp:462 process miscTA unit 2026
07-25 17:10:29.849 8470 8471 E libsuntory_static: utils_blob.cpp:477 invalid blob size 0
07-25 17:10:29.849 8470 8471 I libsuntory_static: utils_blob.cpp:462 process miscTA unit 2027
07-25 17:10:29.850 8470 8471 E libsuntory_static: utils_blob.cpp:477 invalid blob size 0
07-25 17:10:29.850 8470 8471 I libsuntory_static: utils_blob.cpp:462 process miscTA unit 2028
07-25 17:10:29.851 8470 8471 E libsuntory_static: utils_blob.cpp:477 invalid blob size 0
07-25 17:10:29.851 8470 8471 I libsuntory_static: utils_blob.cpp:462 process miscTA unit 2029
07-25 17:10:29.852 8470 8471 E libsuntory_static: utils_blob.cpp:477 invalid blob size 0
07-25 17:10:29.852 8470 8471 I libsuntory_static: utils_blob.cpp:462 process miscTA unit 2030
07-25 17:10:29.853 8470 8471 E libsuntory_static: utils_blob.cpp:477 invalid blob size 0
07-25 17:10:29.853 8470 8471 I libsuntory_static: utils_blob.cpp:462 process miscTA unit 2031
07-25 17:10:29.855 8470 8471 E libsuntory_static: utils_blob.cpp:477 invalid blob size 0
07-25 17:10:29.855 8470 8471 I libsuntory_static: utils_blob.cpp:462 process miscTA unit 2032
07-25 17:10:29.856 8470 8471 E libsuntory_static: utils_blob.cpp:477 invalid blob size 0
07-25 17:10:29.856 8470 8471 I libsuntory_static: utils_blob.cpp:462 process miscTA unit 2033
07-25 17:10:29.857 8470 8471 E libsuntory_static: utils_blob.cpp:477 invalid blob size 0
07-25 17:10:29.857 8470 8471 I libsuntory_static: utils_blob.cpp:462 process miscTA unit 2034
07-25 17:10:29.858 8470 8471 E libsuntory_static: utils_blob.cpp:477 invalid blob size 0
07-25 17:10:29.858 8470 8471 D QSEECOMAPI: QSEECom_get_handle sb_length = 0xa000
07-25 17:10:29.858 8470 8471 D QSEECOMAPI: App is already loaded QSEE and app id = 65537
07-25 17:10:29.862 8470 8471 E KeymasterUtils: TA API Major Version: 4
07-25 17:10:29.862 8470 8471 E KeymasterUtils: TA API Minor Version: 0
07-25 17:10:29.862 8470 8471 E KeymasterUtils: TA Major Version: 4
07-25 17:10:29.862 8470 8471 E KeymasterUtils: TA Minor Version: 162
07-25 17:10:29.866 622 628 D DrmLibTime: got the req here! ret=0
07-25 17:10:29.866 622 628 D DrmLibTime: command id, time_cmd_id = 770
07-25 17:10:29.866 622 628 D DrmLibTime: time_getutcsec starts!
07-25 17:10:29.866 622 628 D DrmLibTime: QSEE Time Listener: time_getutcsec
07-25 17:10:29.866 622 628 D DrmLibTime: QSEE Time Listener: get_utc_seconds
07-25 17:10:29.866 622 628 D DrmLibTime: QSEE Time Listener: time_get_modem_time
07-25 17:10:29.866 622 628 D DrmLibTime: QSEE Time Listener: Checking if ATS_MODEM is set or not.
07-25 17:10:29.866 622 628 D QC-time-services: Lib:time_genoff_operation: pargs->base = 13
07-25 17:10:29.866 622 628 D QC-time-services: Lib:time_genoff_operation: pargs->operation = 2
07-25 17:10:29.866 622 628 D QC-time-services: Lib:time_genoff_operation: pargs->ts_val = 0
07-25 17:10:29.866 622 628 D QC-time-services: Lib:time_genoff_operation: Send to server passed!!
07-25 17:10:29.866 792 800 D QC-time-services: Daemon: Connection accepted:time_genoff
07-25 17:10:29.867 792 8472 D QC-time-services: Daemon:Received base = 13, unit = 1, operation = 2,value = 0
07-25 17:10:29.867 792 8472 D QC-time-services: Daemon:genoff_opr: Base = 13, val = 0, operation = 2
07-25 17:10:29.867 792 8472 D QC-time-services: offset is: 1 for base: 13
07-25 17:10:29.867 622 628 E QC-time-services: Receive Passed == base = 13, unit = 1, operation = 2, result = 0
07-25 17:10:29.867 622 628 D DrmLibTime: QSEE Time Listener: ATS_MODEM is set. Try to retrieve it.
07-25 17:10:29.867 792 800 E QC-time-services: Daemon: Time-services: Waiting to acceptconnection
07-25 17:10:29.867 792 800 D QC-time-services: Daemon: Connection accepted:time_genoff
07-25 17:10:29.867 792 8473 D QC-time-services: Daemon:Received base = 13, unit = 1, operation = 1,value = 0
07-25 17:10:29.868 792 8473 D QC-time-services: Daemon:genoff_opr: Base = 13, val = 0, operation = 1
07-25 17:10:29.868 792 8473 D QC-time-services: Daemon: genoff get for 13
07-25 17:10:29.868 792 8473 D QC-time-services: Daemon:Value read from QTimer mseconds = 1307648
07-25 17:10:29.868 792 8473 D QC-time-services: Daemon:Value read from RTC mseconds on boot = 48462179000
07-25 17:10:29.868 792 8473 D QC-time-services: Daemon:Value read from QTimer mseconds = 1307648
07-25 17:10:29.868 792 8473 D QC-time-services: Daemon:Value read from generic offset = 1547226365549
07-25 17:10:29.868 792 8473 D QC-time-services: Daemon:Delta read on boot mseconds = 48462155118
07-25 17:10:29.868 792 8473 D QC-time-services: Daemon:Final Time = 1595689828315
07-25 17:10:29.868 622 628 D DrmLibTime: QSEE Time Listener: Time GenOff - seconds: 1595689828
07-25 17:10:29.868 622 628 D DrmLibTime: time_getutcsec returns 0, sec = 1595689828; nsec = 0
07-25 17:10:29.868 622 628 D DrmLibTime: time_getutcsec finished!
07-25 17:10:29.868 622 628 D DrmLibTime: iotcl_continue_command finished! and return 0
07-25 17:10:29.868 622 628 D DrmLibTime: before calling ioctl to read the next time_cmd
07-25 17:10:29.868 792 800 E QC-time-services: Daemon: Time-services: Waiting to acceptconnection
07-25 17:10:29.887 8470 8471 D QSEECOMAPI: QSEECom_get_handle sb_length = 0x200
07-25 17:10:29.888 8470 8471 D QSEECOMAPI: App is already loaded QSEE and app id = 131074
07-25 17:10:29.889 8470 8471 D QSEECOMAPI: QSEECom_dealloc_memory
07-25 17:10:29.889 8470 8471 D QSEECOMAPI: QSEECom_shutdown_app, app_id = 131074
07-25 17:10:29.889 8470 8471 I libdevice_security_static: get_imei.cpp:180 imei STR munjeni edited, size 15
07-25 17:10:29.899 8470 8471 E KeyMasterHalDevice: Attest key send cmd failed
07-25 17:10:29.899 8470 8471 E KeyMasterHalDevice: ret: 0
07-25 17:10:29.899 8470 8471 E KeyMasterHalDevice: resp->status: -10003
07-25 17:10:29.906 8470 8471 D QSEECOMAPI: QSEECom_dealloc_memory
07-25 17:10:29.906 8470 8471 D QSEECOMAPI: QSEECom_shutdown_app, app_id = 65537
07-25 17:10:29.906 8470 8471 I [email protected]: key id ANDROID_ATTEST status PROVISIONED
07-25 17:10:29.907 587 587 I tad : MiscTA Unit 2021:
07-25 17:10:29.907 587 587 I tad : WRITTEN (Size 20)
07-25 17:10:29.930 587 587 I tad : Actual erase/write to flash done (count 4, time 1595689829).
07-25 17:10:29.930 587 587 I tad : MiscTA: Write of unit 2021 completed - OK
07-25 17:10:29.930 8470 8471 I [email protected]: suntory initialized
07-25 17:10:29.930 8470 8471 I [email protected]: wait for post_fs proprty
07-25 17:10:29.930 8470 8471 I [email protected]: post_fs property triggered
07-25 17:10:29.930 8470 8471 D QSEECOMAPI: QSEECom_get_handle sb_length = 0x200
07-25 17:10:29.930 8470 8471 D QSEECOMAPI: App is already loaded QSEE and app id = 131074
07-25 17:10:29.932 8470 8471 D QSEECOMAPI: QSEECom_dealloc_memory
07-25 17:10:29.932 8470 8471 D QSEECOMAPI: QSEECom_shutdown_app, app_id = 131074
07-25 17:10:29.932 8470 8471 I libdevice_security_static: get_rooting_status.cpp:80 rooting_status 2
07-25 17:10:29.935 8470 8471 D QSEECOMAPI: QSEECom_get_handle sb_length = 0x200
07-25 17:10:29.935 8470 8471 D QSEECOMAPI: App is already loaded QSEE and app id = 131074
07-25 17:10:29.936 8470 8471 D QSEECOMAPI: QSEECom_dealloc_memory
07-25 17:10:29.936 8470 8471 D QSEECOMAPI: QSEECom_shutdown_app, app_id = 131074
07-25 17:10:29.936 8470 8471 I libdevice_security_static: get_security_config.cpp:68 security configuration 1
07-25 17:10:29.936 8470 8471 D QSEECOMAPI: QSEECom_get_handle sb_length = 0x83c0
07-25 17:10:29.936 8470 8471 D QSEECOMAPI: App is not loaded in QSEE
07-25 17:10:29.936 8470 8471 D QSEECOMAPI: app_arch = 2, total_files = 9
07-25 17:10:29.973 8470 8471 D QSEECOMAPI: Loaded image: APP id = 1310724
07-25 17:10:29.974 8470 8471 D QSEECOMAPI: QSEECom_get_handle sb_length = 0xc00
07-25 17:10:29.974 8470 8471 D QSEECOMAPI: App is already loaded QSEE and app id = 131074
07-25 17:10:29.977 8470 8471 D QSEECOMAPI: QSEECom_dealloc_memory
07-25 17:10:29.977 8470 8471 D QSEECOMAPI: QSEECom_shutdown_app, app_id = 131074
07-25 17:10:29.980 8470 8471 D QSEECOMAPI: QSEECom_dealloc_memory
07-25 17:10:29.980 8470 8471 D QSEECOMAPI: QSEECom_shutdown_app, app_id = 1310724
07-25 17:10:29.982 8470 8471 D QSEECOMAPI: QSEECom_get_handle sb_length = 0x83c0
07-25 17:10:29.982 8470 8471 D QSEECOMAPI: App is not loaded in QSEE
07-25 17:10:29.982 8470 8471 D QSEECOMAPI: app_arch = 2, total_files = 9
07-25 17:10:30.016 8470 8471 D QSEECOMAPI: Loaded image: APP id = 1376260
07-25 17:10:30.016 8470 8471 D QSEECOMAPI: QSEECom_get_handle sb_length = 0xc00
07-25 17:10:30.016 8470 8471 D QSEECOMAPI: App is already loaded QSEE and app id = 131074
07-25 17:10:30.020 8470 8471 D QSEECOMAPI: QSEECom_dealloc_memory
07-25 17:10:30.020 8470 8471 D QSEECOMAPI: QSEECom_shutdown_app, app_id = 131074
07-25 17:10:30.023 8470 8471 D QSEECOMAPI: QSEECom_dealloc_memory
07-25 17:10:30.023 8470 8471 D QSEECOMAPI: QSEECom_shutdown_app, app_id = 1376260
07-25 17:10:30.024 8470 8471 I [email protected]: credmgr initialized
07-25 17:10:30.025 8470 8471 I [email protected]: "vendor.keyprovd.suntory.prov" property set
07-25 17:10:33.798 853 853 I [email protected]: type=1400 audit(0.0:2107): avc: denied { search } for name="kgsl" dev="sysfs" ino=28936 scontext=u:r:hal_memtrack_default:s0 tcontext=u:object_r:sysfs_kgsl:s0 tclass=dir permissive=1 ppid=1 pcomm="init" pgid=1 pgcomm="init"
07-25 17:10:36.689 8372 8372 W adbd : timeout expired while flushing socket, closing
Edit:
Now all ready https://forum.xda-developers.com/xp...m-fix-drm-fix-unlocked-bootloader-53-t4138269