Related
Prepare Your Phone to Return to the Store or for Warranty Replacement by following these steps:
1. Read the flash counter to make sure your flash count is at "NO". If it reads "YES (x counts)" then you must buy or build a Jig to reset it to "NO"...
...or use chainfire's "Triangle Away" program (which only work on ICS, Android 4.x)
2. Flash the UCKH7-CL503881 stock kernel and system package using Odin or Heimdall.
3. Deal with any special problems.
4. Do a wipe data/factory reset, and remove any personal or sensitive information that remains on the phone.
Note:
Both new and refurbished SGH-I777 phones are now shipping with Android version 2.3.6, UCKK6. As of this writing, March 24, 2012, there is no release of the UCKK6 firmware on sammobile.com, and no one has pulled the stock UCKK6 firmware and packaged it into an Odin flashable tar. For warranty return of phones that shipped with UCKK6, I recommend flashing the stock UCKH7 package contained in this guide. An alternative would be to flash Entropy512's Return/Unbrick to stock Kernel + cache + rooted UCKK6 system package from here, and then to manually remove the traces of root.
Discussion
The Samsung Galaxy S II contains an internal flash counter which is incremented each time a non-stock binary (kernel/rom) is flashed using Odin or Heimdall. The purpose of the flash counter is believed to be to allow Samsung and or AT&T technicians to detect if the phone has a voided warranty through flashing non-stock firmware. In order to safely return the phone to the store or to a warranty center, it is necessary that the flash counter indicates "NO" custom binary download and "Samsung Official" current binary. If the flash counter has been incremented, it is necessary to reset the flash counter before returning the phone. The only known way to do this on Gingerbread is by using a Micro Usb Jig to place the phone into download mode which resets the flash counter. Since the advent of ICS for the I777, it is also possible to reset the flash counter using chairfire's TriangleAway application, but only while running an ICS rom.
The Jig is a micro usb plug with 301,000 ohms of resistance connected across pins 4 and 5. The use of the Jig became well known in late 2010 when a batch of Samsung Galaxy S Captivate phones were shipped with bootloaders that did not allow a button combination to enter download mode. That was before the Galaxy S II was released, and the only purpose for the Jig was to put the phone into download mode. Shortly after the International version of the Galaxy S II was released in May 2011, it was discovered that using a Jig to place the phone into download mode also resets the flash counter. Some who had a Jig for their Captivate found that the Jig would not work on the Galaxy S II. It seems that the Galaxy S II's tolerance for the 301k ohms is closer than the Captivate was, so if the resistance of the Jig was a little bit out of tolerance, it wouldn't work on the newer phone.
If you are handy, you can build your own jig. There are several threads in the Captivate forums that detail how, either with or without soldering. For a place to start, check out this thread and this one. There are also multiple places that sell pre-made Jigs. Check out dayv's thread in the Accessories forum. I bought a cheap JIG that works for under $2.00 and free shipping. A google search for "where to buy micro usb jig" will bring up a good number of them. Some of these may not be close enough tolerance for the Galaxy S II. Users on this forum have reported good results with Jigs from Moble Tech Videos.
Once your flash counter reads "NO", use Odin or Heimdall to flash the stock kernel, system image and modem. A wipe data/factory reset performed from the phone or from stock 3e recovery, and removing any personal or sensitive information on the internal sdcard, completes the process.
Information from dayv:
Step 1) settings> privacy> factory data reset.
Step 2) Flash with heimdall or Odin
In case you need to repartition, you will need a stock .pit file as well - though as of now as far as I know this is not needed for any reason - none of the roms or kernels in the dev section here in the at&t xda forums would cause any need for a repartition. Take care with .pit and repartitioning as you could end up with a soft brick, a situation that can be recovered from but still not desirable.
And if you have flashed anything containing the boot loaders you will need stock boot loaders too, but be very careful with boot loaders as a mistake with boot loaders can result in a hard brick
Click to expand...
Click to collapse
Information from pinoymutt:
If you flashed the newer i777 leak that DG posted in the General section (I777UCKJ2) or went a little crazy and accidentally flashed one of the newer firmwares in the SGSII international section -- you'll find that they contain newer bootloaders -- the main difference being that they render the "jig trick" useless for resetting the custom firmware flasher.
This (i777 UCKH7 Secondary Bootloader) will allow you to revert back to the older (stock) bootloader that will let the jig reset the counter.
Most likely as new ROMs are built for our phones, many devs will remove the bootloaders, since it's not really advisable to flash these unless absolutely necessary (which for instance it was on the Captivate when flash from a Eclair/Froyo ROM to a Gingerbread one).
Be forewarned -- DO NOT mess with or flash bootloaders unless you absolutely know what you are doing or are sure you need them. Many things can be recovered from if things go wrong, but a bad bootloader flash can create a nasty "brick" that almost always needs some sort of professional help to undo.
Click to expand...
Click to collapse
Entropy512 adds:
This (flashing UCKH7 Secondary Bootloader) reverts to current if you flashed the 2.3.5 leak package accidentally.
I would advise:
DO NOT flash this bootloader unless you have flashed a 2.3.5 leak or I9100 ROM that included bootloaders, AND you have confirmed by trying it that using the jig does not reset your flash counter.
If you don't have a jig, this does nothing for you except risk hardbricking.
If you have a jig and it works to reset the custom binary flash counter, this does nothing for you except risk hardbricking.
Click to expand...
Click to collapse
If you are reading this Guide before you have flashed anything that would increment the flash counter, your best bet woruld be to never increment the flash counter in the first place. It is possible to root and to flash a custom ROM/Kernel without incrementing the flash counter. Please see the Guide: How to Flash Custom Binaries Without Ever Incrementing the Flash Counter!!
1.) How to read the flash counter on an AT&T Samsung Galaxy S II
Boot into download mode by this method:
With the phone powered off, plug in the usb cable while holding the vol up + vol down buttons (but not the power button).
When the warning screen appears, press Volume up to continue into download mode.
At the top of the screen you will see:
ODIN MODE
PRODUCT NAME: SGH-I777
CUSTOM BINARY DOWNLOAD: NO --or-- YES (x counts)
CURRENT BINARY: SAMSUNG OFFICIAL --or-- CUSTOM
Once you have verified the information, remove the usb cable, and hold down the power button until the phone begins to reboot. (Do not do this if you are actually flashing the phone. Interrupting a flash can cause bad things to happen.)
You will not see the above information if you enter download mode by another method, ie. by using adb or the power menu, etc.
If your Custom Binary Download is NO, proceed to step 2. If your Custom Binary download is YES, your only option to reset this to NO is to use a Jig. The Jig is a micro usb plug with 301k ohms of resistance connected across pins 4 and 5. On the i777 running original bootloaders, it will reset the flash counter to NO as it puts the phone into download mode. You can make your own jig, or purchase one from many sources on the web. See the Discussion above for more information.
2a.) Flash the UCKH7-CL503881 stock kernel and system package using Odin3 One-Click Downloader (Windows)
Download the "I777UCKH7-CL503881-No-BL.7z" package from Hotfile | Dev-Host 270.17 MB.
Extract the contents of the zip file to a directory on your hard disk drive. This Odin3 One-click downloader contains firmware from the stock binary download available from samfirmware on sammobile.com. The bootloaders boot.bin, sbl.bin and param.lfs have been removed for safety. (Contains cache.img, factoryfs.img, hidden.img, modem.bin and zImage.)
Start the Odin3 One-Click Downloader program by double clicking on "I777UCKH7-CL503881-No-BL.exe".
Now Enter Download Mode:
With the phone powered off, plug in the usb cable while holding the vol up + vol down buttons (but not the power button).
When the warning screen appears, press Volume up to continue into download mode.
In Odin, the small edit box in the upper left corner will turn yellow, and say something like [0:COM8]. The number could be different.
Click Start. Watch the progress bar advance in green while the message box in the lower area describes the steps. When the flash is finished, the top left larger edit box will turn green and say PASS! and your phone will automatically reboot.
Unplug the usb cable from you phone after it boots up. Success. You're Bone Stock.
If your phone enters a bootloop, enter 3e recovery and perform a wipe data/factory reset. See step 4.
2b.) Flash the UCKH7-CL503881 stock kernel and system package from the command line using Heimdall (Linux and Mac OS)
Tested on Linux, should work on Mac OS
Download and install the latest version of Heimdall Command Line for your operating system from here. (Latest version 1.3.1 at this writing.)
Download the UCKH7-CL503881 stock kernel and system package from Hotfile | Dev-Host 269.86 MB.
Extract the contents of this 7zip package to a directory on your hard disk drive, and move or copy all files to the directory where you have the Heimdall command line executable. These were extracted from the stock binary download available from samfirmware on sammobile.com. (Contains cache.img, factoryfs.img, hidden.img, modem.bin and zImage.)
Enter the following at the command prompt:
Code:
heimdall flash --kernel zImage --factoryfs factoryfs.img --cache cache.img --hidden hidden.img --modem modem.bin
Reboot the phone. Success. You're Bone Stock.
If your phone enters a bootloop, enter 3e recovery and perform a wipe data/factory reset. See step 4.
3.) Dealing with special problems.
If you are unable to reset the flash counter with a jig, you may have a modified version of the secondary bootloader, perhaps from flashing one of the leaked versions of I777 firmware onto your phone, and will need to flash back to the I777 Stock sbl.bin in order to clear the flash counter.
If your flash counter says that your phone is an I9100, you have an I9100 secondary bootloader, probably from flashing an I9100 rom onto your phone, and you will need to flash back to the I777 Stock sbl.bin to correct the flash counter. You will also probably need to flash the stock param.lfs back onto your phone.
If you get the error "'logo_att.jpg' draw failed", you will need to replace the param.lfs with the I777 Stock param.lfs.
If you get the "Deleting Cryption Meta Data" error while your phone is in a bootloop, see this post.
Necessary files and flashing instructions for these are in the Download Repository.
4.) Do a wipe data/factory reset, and remove any personal or sensitive information that remains on the phone.
To perform a wipe data/factory reset from the phone:
From the home screen, go to Menu > Settings > Privacy > Factory Data Reset (Gingerbread) or Menu > Settings > Back up and reset > Factory data reset (ICS).
If you want to Format USB Storage (erase the internal sdcard), tick the check box.
Click the "Reset Phone" button.
Done.
To perform wipe data/factory reset from 3e recovery:
Reboot into stock 3e recovery: With the phone powered off, hold down the vol up + vol down + power buttons continuously until the initial boot screen appears a second time. Then let the phone boot on into the recovery screen.
Use the vol up and vol down keys to select the "wipe data/factory reset" option.
Press the home button to start the wipe data/factory reset.
Done.
To format USB storage separately (internal sdcard) from the phone:
From the home screen, go to Menu > Settings > Storage > Format USB Storage.
Click the "Format USB Storage" button.
Done.
IMO the mods should sticky this - at the very least jivy26 should add it to the FAQ if it isn't there already.
Very good information here +1 for stickie.
dayv has confirmed that flashing a stock kernel on the i777 will remove the warning triangle, but will NOT reset the flash counter. Please see his post here. This means that using this method will leave a trace that can be seen by AT&T or Samsung. Resetting the flash counter by activating download mode using a Jig is the only know way to reset the flash counter. Will post further information on this as it becomes available.
Click to expand...
Click to collapse
I just ordered my GSII (coming from Infuse) and have been doing a lot of reading in preparation so I may be confused.
Didn't I read somewhere here (FAQ?) that the "JIG FIX" has been disabled by Samsung in the hardware?
MisterEdF said:
I just ordered my GSII (coming from Infuse) and have been doing a lot of reading in preparation so I may be confused.
Didn't I read somewhere here (FAQ?) that the "JIG FIX" has been disabled by Samsung in the hardware?
Click to expand...
Click to collapse
Not yet for the i777. The newer unofficial firmware leaks on the i777, and newer firmware releases on the i9100, are said to have bootloaders that disable the Jig fix. Your best and safest bet is to never increment the flash counter. If you have already incremented the flash counter, then get a jig to reset it, and then never increment it again. For more information see the Guide linked in my signature.
Looks like the SBL (secondary bootloader) has been posted so that for those 5% we mentioned above that accidentally flashed that newer leak that disabled the "jig trick", this may be the thing that helps them.
http://forum.xda-developers.com/showthread.php?p=18698937#post18698937
But be forewarned -- DO NOT mess with or flash bootloaders unless you absolutely know what you are doing or are sure you need them. May things can be recovered from if things go wrong, but a bad bootloader flash can create a nasty "brick" that almost always needs some sort of professional help to undo.
Also +1 that this thread should be stickied!
Thanks for the walkthrough. Nice to know I got every detail done. Factory wipe just wasn't cutting it (even with stock rom). Had a dead pixel that was bugging me like crazy. Oddly most noticeable when starting the xda app, can we say irony?
And with my new galaxy s II the screen digitizer isn't off near the top and bottom! So much better.
Sent from my SAMSUNG-SGH-I777 using XDA App
Using the ODIN 1 CLICK (factory NON-ROOTED) How long should this process take? Been 10 minutes and it is sitting at "Firmware Update Start" then "factoryfs.img." Yes, I have the yellow [COM28]. I've done this before on an Infuse and it was relatively fast. I'm afraid to cancel the process. Previously was on UNNAMED ROM.
EDIT: Also trying ODIN (without 1 step) using the PDA.TAR file and same thing is happening. Just hanging seemingly trying to load FACTTORYFS.IMG.
Edit Edit: Do I need to have a SIM card installed to do this?
Edit Edit Edit: Well, I got it to work. It would not work plugged into any of the 12 USB 2.0 motherboard ports on my PC (never had problem with the Infuse on those same ports). When I connected it to a USB PORT on a USB HUB it worked fine. Very strange.
thanks really assisted; have not got the jig yet but did get bad or incorrect off my ATT Galaxy.
Thank you! I bought a jig off Amazon for a little under $2 plus shipping. That plus this guide got my SGS2 back to stock.
I really like the SGS2 phone, and holy crap is it fast. Only problem is I'm so used to my Dell Streak's 5" SIZE, my thumbs felt cramped. Almost 2 weeks in with a "tiny" 4.3 incher and I'm sad to go.
I think I can wait on a subsidized Galaxy Note... That should only take, what? Six months? Oh god....
Anyway, obviously your post here is the only reason I can legitimately return within my 30 day period. So, THANK YOU again!
Thanks for this Guide as well!
Once again works like a charm if you read and follow along!
Excellent help. Thanks!
Hey my custom binary it says yes. In not sending it back to warrety, I just want to revert back to stock. So am I allowed to continue without the jig?
moeaz05 said:
Hey my custom binary it says yes. In not sending it back to warrety, I just want to revert back to stock. So am I allowed to continue without the jig?
Click to expand...
Click to collapse
The counter does not have any control over the actual function of the phone. It only provedes information. So go ahead and flash back to stock if you want to. That will also restore your AT&T boot screen and remove the yellow triangle.
And if you want to clear the counter later, buy a jig.
o okay thks. so there is only one offical frimware out for this att phone and it is 2.3.4?
Correct. It's only been less than two months since release.
I'm considering returning my phone to Target so I can get in on the Walmart deal. The jig will be delivered on Wednesday or Thursday, and it takes 3 business days after I return the phone to reset my upgrade eligibility, which might put me after the last date (Dec. 3rd) that the Walmart deal is available. Do you guys think the counter is usually checked when a return is processed?
@Yovee
Most people seem to think if you remove the i9100 boot screen with the yellow triangle, you are safe, and that the chance someone will actually look at the flash counter is very unlikely. I don't know, but I can say I have never seen a post where anyone said that their return was rejected for this.
You can remove the boot screen and yellow triangle without a jig. See the post in my signature for more info.
Yovee said:
I'm considering returning my phone to Target so I can get in on the Walmart deal. The jig will be delivered on Wednesday or Thursday, and it takes 3 business days after I return the phone to reset my upgrade eligibility, which might put me after the last date (Dec. 3rd) that the Walmart deal is available. Do you guys think the counter is usually checked when a return is processed?
Click to expand...
Click to collapse
I've returned/exchanged a fair amount of Samsung phones over the past few months and never had an associate look at it. I'd say that half of them never even turned the phone on. At least they did verify the IMEI and accessories.
Sent from my Samsung GSII (SGH-I777) using xda premium
Thanks a lot for your responses guys. In that case I think I'll just restore the original firmware, get rid of the yellow triangle, and return the phone.
No need for a long explanation, just a link or two, and/or some terms I can google for.
And, yes, I have been reading/searching the forum, and only find old posts mentioning Odin as a technique. Is there anything like SuperOneClick out?
Thanks!
Hi, Rooting through odin currently seems to be the most reliable and safest option.
There is other methods however can cause problems with the phone.
Head over to http://forum.xda-developers.com/showthread.php?t=1103399
Based on the current firmware download the cf root that matches it, extract it and flash using odin.
Hope this helps.
I literally just received my SGS2 about 2 hours ago and read a bit of the thread, not all considering how large it is.
I know this roots but does this unlock the BL at the same time since its installing CWM?
Sent from my SAMSUNG-SGH-I777 using xda premium
Up until recently, SGS2 bootloaders have been 'unlocked'. The easiest way to test this would be to try and use a jig to reset the flash counter on the phone after you've rooted it.
If you can't reset the counter, then the firmware that came with your phone has the locked bootloader (I'm sure someone will be along any second now & tell us exactly which version the bootloader started to be locked in . The details are somewhere on the forum).
Easy fix to this is to flash firmware that has the bootloader unlocked. Alternatively, you simply flash the old bootloader over whatever firmware you're running. This is also available on the forum *somewhere* (I don't have a link handy).
Edit to add - About halfway down the page in this thread , there's a section in bold red type which has a link to a tar of the old bootloader you can flash in Odin should you need to.
Auxilium said:
I literally just received my SGS2 about 2 hours ago and read a bit of the thread, not all considering how large it is.
I know this roots but does this unlock the BL at the same time since its installing CWM?
Sent from my SAMSUNG-SGH-I777 using xda premium
Click to expand...
Click to collapse
MistahBungle said:
Up until recently, SGS2 bootloaders have been 'unlocked'. The easiest way to test this would be to try and use a jig to reset the flash counter on the phone after you've rooted it.
If you can't reset the counter, then the firmware that came with your phone has the locked bootloader (I'm sure someone will be along any second now & tell us exactly which version the bootloader started to be locked in . The details are somewhere on the forum).
Easy fix to this is to flash firmware that has the bootloader unlocked. Alternatively, you simply flash the old bootloader over whatever firmware you're running. This is also available on the forum *somewhere* (I don't have a link handy).
Edit to add - About halfway down the page in this thread , there's a section in bold red type which has a link to a tar of the old bootloader you can flash in Odin should you need to.
Click to expand...
Click to collapse
Hi,
I've rooted my sgs2 using CF-Root, i found it better than OneClickRoot, reason for that is when i used oneclickroot the phone rooted then went back after i rebooted, which is weird. So i flashed CF-Root using ODIN and its perfect.
What I want to ask if you could help me please, is how can i see my flash counter? (if there is any)
and what is a jig, does it mean usb connection or is it a device i need to buy?
Thanks
Go into download mode (switch phone off - then do 3 finger reboot - hold home, volume down & power button at the same time), if you've flashed a non-stock rom/kernel in Odin it will show Custom binary download: x, where x is the number of times you've flashed a rom or kernel in Odin.
The jig is a usb plug with a certain amount of resistance over some of the pins of the plug (301k Ω or thereabouts I believe). To use it, you switch the phone off, plug the jig into the usb port on the phone, it reboots the phone into download mode and you'll get a message saying "Erasing download information successful". It will now show Custom Binary Download as no & Custom Binary as Samsung Official.
This will also get rid of the yellow warning triangle that appears at boot as long as you're using an "old" bootloader. Samsung recently started including "locked" bootloaders with their newer firmware in the last few months that don't allow a jig to reset the flash counter.
These cost a few dollars on eBay, do a search for "Samsung Galaxy S2 jig" or similar.
ab.riyami said:
Hi,
I've rooted my sgs2 using CF-Root, i found it better than OneClickRoot, reason for that is when i used oneclickroot the phone rooted then went back after i rebooted, which is weird. So i flashed CF-Root using ODIN and its perfect.
What I want to ask if you could help me please, is how can i see my flash counter? (if there is any)
and what is a jig, does it mean usb connection or is it a device i need to buy?
Thanks
Click to expand...
Click to collapse
Search for the zergRush method. Its the easiest one so far. I personally used odin to flash a rooted cf-kernel but used zergRush to root a friens sgs2 and its really easy. You must have the adb drivers installed for sgs3.
Sent from my GT-I9100 using Tapatalk
bobkoure said:
And, yes, I have been reading/searching the forum, and only find old posts mentioning Odin as a technique. Is there anything like SuperOneClick out?
Thanks!
Click to expand...
Click to collapse
Wanna bet 100$ that you didn't? Paypal only.
There's a ****ing sticky with one non-Odin method, which you just missed, because you were too busy furiously searching for other methods, which were also described many times in the same forums.
Hi kinda off topic, i already rooted my SGS2 by flashing insecure kernel from Odia for DXKL3 and rooting it then flashing back the original kernel. now i want to install CWM, I see a lot of guides and searched, all looks like that need to install a CWM enabled rom or use a kernel that is compatible with CWM, thats where the part i get confused since most of the guide points you to a diffrent kernel from the insecure kernel, cant you use the insecure kernel tha odia posted specific for my DXKL3? and i dont want to install a custom ROM just for CWM it would defeat the purpose since i want to back up my stock firmware.
MistahBungle said:
Go into download mode (switch phone off - then do 3 finger reboot - hold home, volume down & power button at the same time), if you've flashed a non-stock rom/kernel in Odin it will show Custom binary download: x, where x is the number of times you've flashed a rom or kernel in Odin.
The jig is a usb plug with a certain amount of resistance over some of the pins of the plug (301k Ω or thereabouts I believe). To use it, you switch the phone off, plug the jig into the usb port on the phone, it reboots the phone into download mode and you'll get a message saying "Erasing download information successful". It will now show Custom Binary Download as no & Custom Binary as Samsung Official.
This will also get rid of the yellow warning triangle that appears at boot as long as you're using an "old" bootloader. Samsung recently started including "locked" bootloaders with their newer firmware in the last few months that don't allow a jig to reset the flash counter.
These cost a few dollars on eBay, do a search for "Samsung Galaxy S2 jig" or similar.
Click to expand...
Click to collapse
Thanks for the explanation mate, so then the jig is a device to buy not just the normal usb wire.
I'm thinking of getting it but now that its useless if firmware wont allow counter resets using jig......
quick Q, is there another method of resetting the counter and removing the yellow triangle? (it doesnt matter to me but incase i need to take it back for warrantee id need to do that i reckon)
There's no other way to reset the counter that I'm aware of. There's another method you can use to get rid of the triangle tho. 2nd post of the CFRoot thread details how to do this.
I suggest you get a jig. For less than $5 the peace of mind having one gives you is priceless.
ab.riyami said:
Thanks for the explanation mate, so then the jig is a device to buy not just the normal usb wire.
I'm thinking of getting it but now that its useless if firmware wont allow counter resets using jig......
quick Q, is there another method of resetting the counter and removing the yellow triangle? (it doesnt matter to me but incase i need to take it back for warrantee id need to do that i reckon)
Click to expand...
Click to collapse
i used the zergrush exploit, worked fine
http://forum.xda-developers.com/showthread.php?t=1319653
I've always had trouble finding a definitive answer for this question.
In general, are bootloaders backwards compatible? For example, if I flash a JB 4.2 bootloader, will flashing a JB 4.1 or ICS ROM work as expected, or does the bootloader need to be downgraded too? I know that some newer phones (like the S4) have an efuse that prevents going backwards (at least for stock), but does that concept hold true for all phones?
I have an S2 that I just replaced with an S4, so I'm going to play around with it some now (currently on stock 2.3.4 KH7 with rooted kernel). It's been a while since I've flashed an entire ROM (usually I just work on getting root), but since this won't me my primary phone anymore, I can play around with it a bit.
I can't give you a definitive answer. We have established that even though the file size for the boot loaders remains consistent from Gingerbread through jelly bean, there are differences between the files when examined as hex code. So the engineers do perform modifications with each version. I have never seen any discussion of the boot loaders not being backward compatible. So, since we have lots of stock and custom firmware on the forum that does not contain boot loaders, I would assume that you could flash a Gingerbread or ICS over JB or KitKat boot loaders without problems. And even if there were issues, it would be no problem to flash a full stock distribution to get the correct boot loaders. But again, this is only my surmise, and not based on direct knowledge.
There have been some statements by at least one developer that you must upgrade the boot loaders for the latest versions of Jelly Bean or KitKat. I would think it advisable to have matching boot loaders on your daily driver.
(apologies ahead of time that my initial post was probably in the wrong forum).
Well, at least I'm not the only one who hasn't been able to find a definitive answer.
Speaking specifically about the S2 (since that seems to be one of your specialties), if I need to update the bootloader to ICS or JB (since I'm on gingerbread) and something goes wrong, will it hard brick the phone or can I still get into the ODIN download mode to recover/reflash? Is the download mode on this phone considered part of the bootloader? I get a little confused sometimes in regards to what is included in the "module".
For example, it seems like (at least for this phone), the recovery image is built into the kernel as opposed to a separate image like my ASUS Transformer TF300T. Is that correct? On my TF300T, I can flash the recovery image separately through fastboot without touching the kernel, bootloader, or anything else, but it seems like the recovery image for the S2 always comes with a kernel.
Basically, I want to do anything I can ahead of time to reduce the risk of a brick (and know what I should avoid to reduce bricking the phone). Based upon what you said, it sounds like the best way to upgrade my bootloader is to flash a stock ROM that includes the bootloader. If that is the case, since JB 4.1 was the last version release by AT&T, should I just go to that bootloader and hope it works if I install a JB 4.2/4.3 or KitKat based ROM? I assume if I reflashed the stock KH7 ROM, it would just replace everything (including bootloader) and get me back to where I am now?
I have a lot of experience in the Linux world, so I'm trying to map over the Android concepts to the Linux concepts, but I still get tripped up sometimes (recovery, bootloader, kernel, ROM, etc). Sometimes people don't seem to use the terms the same way.
From a technical standpoint, it doesn't surprise me too much that the bootloaders are the same size. It's probably similar to the MBR code for hard drives that just does a minimalistic job of getting the hardware in an accessible state so it can later boot the kernel (like GRUB).
jpasher said:
(apologies ahead of time that my initial post was probably in the wrong forum).
Click to expand...
Click to collapse
Yes, questions are usually supposed to go in the Q&A forum, but there is not so much activity in this phone's forum any more, so it really doesn't matter much. And this information is more of a general nature anyway.
Well, at least I'm not the only one who hasn't been able to find a definitive answer.
Speaking specifically about the S2 (since that seems to be one of your specialties), if I need to update the bootloader to ICS or JB (since I'm on gingerbread) and something goes wrong, will it hard brick the phone or can I still get into the ODIN download mode to recover/reflash? Is the download mode on this phone considered part of the bootloader?
Click to expand...
Click to collapse
1. Hard brick on an android phone generally means that one of the boot loaders is corrupt, or it might mean that the memory module section that contains the boot loaders or other low level code is damaged. In general, the main thing you have to be careful about is when flashing a boot loader to make sure that the flash is not interrupted. For instance, say the power goes out, or the dog pulls out the usb cord, right in the middle of the flash, and after the boot loader partition is wiped, only part of the code is copied back to the partition. The good news is that the individual bootloaders are fairly small, so the time of vulnerability is a matter of seconds.
If you need to update to ICS or JB boot loaders, you would have to flash the full stock distribution that has the boot loaders included. No one has made Odin flashable tars of either of those. The UCKH7 Gingerbread secondary boot loader is available in tar, and that is the only separate tar I know of.
2. I don't know software engineering, only a little programming. I don't know where the code that puts the phone into download mode is located. It seems likely that it is in the secondary boot loader, but that is only speculation. I do know that you can enter download mode, and then flash both boot.bin and/or sbl.bin.
I get a little confused sometimes in regards to what is included in the "module". For example, it seems like (at least for this phone), the recovery image is built into the kernel as opposed to a separate image like my ASUS Transformer TF300T. Is that correct? On my TF300T, I can flash the recovery image separately through fastboot without touching the kernel, bootloader, or anything else, but it seems like the recovery image for the S2 always comes with a kernel.
Click to expand...
Click to collapse
1. The memory is partitioned. Each chunck of code is loaded into its specific partition. I don't have a partition table handy for the S2, but essentially you have: primitive boot loader (boot.bin), secondary boot loader (sbl.bin), parameters (param.lfs), kernel (zImage or boot.img), cache (cache.img), system (factoryfs.img), hidden (hidden.img), modem (modem.img) and several others like PIT, EFS, CSC and I don't remember what. But the ones I named are what is included in a full firmware distribution, and the AT&T model does not allow for the changing of the CSC like on the international S2 so that is not used. I'm not a Linux person, but if my understanding is correct, the img files install like a block device, but the boot loaders and param at a lower level.
2. There may be a recovery partition, but I'm not sure of that. If there is, it isn't used. Anyway, you are correct that the recovery is compiled into the kernel and is installed as a unit on the S2. You can not install a separate recovery on the S2. Many Android phones, maybe most as far as I know, do have a separate partition for the recovery. The S3 and S4 do also.
3. If you are interested, I have attached a partition table for the S4, which you might want to look at just for interest and learning. If memory serves me, it is quite a bit different from the S2.
Basically, I want to do anything I can ahead of time to reduce the risk of a brick (and know what I should avoid to reduce bricking the phone). Based upon what you said, it sounds like the best way to upgrade my bootloader is to flash a stock ROM that includes the bootloader. If that is the case, since JB 4.1 was the last version release by AT&T, should I just go to that bootloader and hope it works if I install a JB 4.2/4.3 or KitKat based ROM? I assume if I reflashed the stock KH7 ROM, it would just replace everything (including bootloader) and get me back to where I am now?
Click to expand...
Click to collapse
I would assume that the above is correct. The boot loaders in the 4.1.2 UCMD8 firmware would be the latest official ones for this phone. As far as flashing back to earlier stock, you would only get the boot loaders if you use a full distribution. Many of the stock distributions and almost all of the custom firmware posted on this site for the AT&T S2 do not contain boot loaders or param.lfs.
I have a lot of experience in the Linux world, so I'm trying to map over the Android concepts to the Linux concepts, but I still get tripped up sometimes (recovery, bootloader, kernel, ROM, etc). Sometimes people don't seem to use the terms the same way.
From a technical standpoint, it doesn't surprise me too much that the bootloaders are the same size. It's probably similar to the MBR code for hard drives that just does a minimalistic job of getting the hardware in an accessible state so it can later boot the kernel (like GRUB).
Click to expand...
Click to collapse
A lot of people around here (myself included) speak from anecdotal information gathered from the forums.
Wow. A LOT of useful information in that response. Thanks! A few of the things finally made some light bulbs go on in my head and clear some things up.
creepyncrawly said:
If you need to update to ICS or JB boot loaders, you would have to flash the full stock distribution that has the boot loaders included. No one has made Odin flashable tars of either of those. The UCKH7 Gingerbread secondary boot loader is available in tar, and that is the only separate tar I know of.
Click to expand...
Click to collapse
So to get to an ICS or JB bootloader, does it mean I have to perform an update through Kies? I'm looking at the different custom ROMs running KitKat and at least some of them say to be on a JB bootloader. I've read that at least some some devices (such as my TF300T), the different bootloader versions can actually have different partition layouts
If I tried flashing your OCD package for UCLL6 4.0.4 on my current system (with gingerbread BL), would it boot (or worst case, just not boot but still allow me to enter ODIN download mode to flash back to stock UCKH7)? If I'm understanding things correctly, it seems like as long as I'm not touching the bootloader, the worst thing that could happen is that I get an unbootable phone that I can still recover using ODIN download mode.
creepyncrawly said:
2. I don't know software engineering, only a little programming. I don't know where the code that puts the phone into download mode is located. It seems likely that it is in the secondary boot loader, but that is only speculation. I do know that you can enter download mode, and then flash both boot.bin and/or sbl.bin.
Click to expand...
Click to collapse
I guess I'll have to start poking around the different partitions to see if I can find any signs that point to what is what (unless I can't do a simple dd of the partition to a file using adb shell).
creepyncrawly said:
1. The memory is partitioned. Each chunck of code is loaded into its specific partition. I don't have a partition table handy for the S2, but essentially you have: primitive boot loader (boot.bin), secondary boot loader (sbl.bin), parameters (param.lfs), kernel (zImage or boot.img), cache (cache.img), system (factoryfs.img), hidden (hidden.img), modem (modem.img) and several others like PIT, EFS, CSC and I don't remember what. But the ones I named are what is included in a full firmware distribution, and the AT&T model does not allow for the changing of the CSC like on the international S2 so that is not used. I'm not a Linux person, but if my understanding is correct, the img files install like a block device, but the boot loaders and param at a lower level.
Click to expand...
Click to collapse
Very useful stuff. I'll have to read around a bit more to understand the different functions associated with each image. And yes, it would make sense that the img files are simply a direct bit-for-bit copy of that partition (which I would assume could be obtained with a simple dd copy). That would also explain why the bootloaders are the same size (if you dd a block device/partition, the resulting raw file is the size of the block device/partition). My guess is that the flashing process essentially just takes each img and does the same thing as a dd of the file to the partition.
This makes me wonder... If the bootloader partition for a phone has a JB BL, I can't see why someone couldn't do a dd of that partition into an image file and then restore that to the bootloader partition of another phone (maybe there's built in security that prevents stuff like that).
creepyncrawly said:
3. If you are interested, I have attached a partition table for the S4, which you might want to look at just for interest and learning. If memory serves me, it is quite a bit different from the S2.
Click to expand...
Click to collapse
Very nice. Thanks. I just got my S4 last month, so I don't plan on doing anything to it besides already acquiring root. I'm also on the MF3 release which doesn't have any known way of installing custom ROMs anyway.
I wouldn't use Kies. Flash the full distribution of the stock firmware that you want the boot loader. For JB boot loaders, flash UCMD8 full. You can find that in the Download Repository at the bottom of the page.
The OCD for UCKK6 does not have boot loaders. To get the Gingerbread boot loaders, flash UCKH7 full. To get the ICS boot loaders, flash UCLE5 or UCLL6 full. Again, you can get those in the Download Repository.
You can use dd to pull or restore the contents of a partition. You can use adb shell, or you can use terminal emulator right on the phone. In fact, it's a good idea to back up your efs partition using the dd command. I've posted how to do that several times in the forums. Advanced search for "back up efs" and "creepyncrawly" should find that for you.
I personally would never try to flash a bootloader using the dd command, although it is definitely possible. There is too much margin for error. Remember, the dd command is lovingly called the destroy disk command.
wait. I've never flashed any bootloader. My phone came with GB but the last official firmware that my phone had was the ICS OTA. From there, I flashed up to JB and now I'm happily running KK.
I have flashed the latest modem, however.
Unless I am missing something, my phone works just fine with old bootloaders and new kernel/recovery/roms.
Sent from my SGH-I777 using XDA Premium 4 mobile app
Once again, thanks for the useful info.
I would definitely only use dd to replace the contents of a partition as a last resort. Since I don't know enough about how android would handle a partition being changed underneath its feet, it would be risky.
I grabbed the file for UCMD8 (4.1.2) and I'll play around with that. I tried to grab UCLL6 (4.0.4) too, but the links point to the defunct hotfile site. Do you have updated links for that file (or is it exactly the same as what I can download at sammobile.com)? The full stock binaries (.tar.md5) go in the ODIN PDA slot, right?
Also, for those that may be interested, I made a copy of the bootloader from my stock UCKH7 (partition /dev/block/mmcblk0p2) and looked for strings related to the ODIN download mode, and I was able to find all of the strings that appear when in download (e.g. "ODIN MODE", "PRODUCT NAME", "ERASING DOWNLOAD INFORMATION", etc), so it's safe to say that ODIN download mode is part of the bootloader. All the more reason to just leave the bootloader alone if possible.
I also noticed that the two bootloader partitions (mmcblk0p2 and mmcblk0p3) are almost identical except for the text string SNBL in the mmcblk0p2 partition. I wonder why the two partitions...
bleggy said:
wait. I've never flashed any bootloader. My phone came with GB but the last official firmware that my phone had was the ICS OTA. From there, I flashed up to JB and now I'm happily running KK.
Click to expand...
Click to collapse
Which JB version are you running? One possible reason I can think of where a newer bootloader would be needed is if the partition layout changes. I've heard of some devices where that occurred with JB 4.2. Maybe that's why TWRP recovery has two different versions for 4.1 and 4.2 on my TF300T.
At any rate, it's good to hear that someone hasn't broken their phone by running an older bootloader with a newer ROM.
I'm on KitKat 4.2.2 now.
Previously, 4.3 & 4.2-something Jellybean. And a ICS rom before that.
I dont think flashing new bootloaders is necessary. I mean, I dont think its common.
Sent from my SGH-I777 using XDA Premium 4 mobile app
jpasher said:
I grabbed the file for UCMD8 (4.1.2) and I'll play around with that. I tried to grab UCLL6 (4.0.4) too, but the links point to the defunct hotfile site. Do you have updated links for that file (or is it exactly the same as what I can download at sammobile.com)? The full stock binaries (.tar.md5) go in the ODIN PDA slot, right?
Click to expand...
Click to collapse
I haven't finished uploading files to dev-host yet. But I'll be sure to upload that one today. I don't think you can get the file from sammobile either. They also used hotfile, and have not re-uploaded their complete library yet.
Yes, put the tar.md5 in the pda slot.
Also, for those that may be interested, I made a copy of the bootloader from my stock UCKH7 (partition /dev/block/mmcblk0p2) and looked for strings related to the ODIN download mode, and I was able to find all of the strings that appear when in download (e.g. "ODIN MODE", "PRODUCT NAME", "ERASING DOWNLOAD INFORMATION", etc), so it's safe to say that ODIN download mode is part of the bootloader. All the more reason to just leave the bootloader alone if possible.
Click to expand...
Click to collapse
So you dd'd the contents of 0p2 and looked at that? What tool did you use to look for strings? And do you know if that is boot.bin or sbl.bin? I think it must be boot.bin.
I also noticed that the two bootloader partitions (mmcblk0p2 and mmcblk0p3) are almost identical except for the text string SNBL in the mmcblk0p2 partition. I wonder why the two partitions...
Click to expand...
Click to collapse
Is it possible that there is built in redundancy? If one partition is bad, the second one can be used?
I have uploaded UCLL6 Odin Flashable tar.md5 to dev-host and posted it in the Download Repository.
By the way, I forgot so didn't mention it earlier in the discussion, but both UCLE5 and UCLL6 contain boot bin, but do not contain either sbl.bin or param.lfs. Evidently, the secondary boot loader and param files were not updated in the upgrade from Gingerbread to ICS.
Thanks for the files. One more question about them. If I simply remove the boot.bin and sbl.bin from the tar file and flash, that's the same as the "no bootloader" flash images, right? Maybe param.lfs too? I'm just thinking of ways to make things safer while I'm doing my initial testing (and bleggy seems to be running newer ROMs off the original GB bootloader).
creepyncrawly said:
So you dd'd the contents of 0p2 and looked at that? What tool did you use to look for strings? And do you know if that is boot.bin or sbl.bin? I think it must be boot.bin.
Click to expand...
Click to collapse
It was definitely the SBL, because it's a 1.25MB image instead of the 128K first stage bootloader. I found this thread about the Captivate (another extra phone I have) that says it works the same way (and does a good job explaining the boot process). I haven't figured out where the first stage bootloader (boot.bin) is stored, since it's not in a partition. I'll have to do some research on that.
In Linux, there's actually a command called strings that you can run on a file and it will extract all of the text strings it can find. A grep of that can find specific text. You could of course do the same thing by opening the file in a hex editor.
Is it possible that there is built in redundancy? If one partition is bad, the second one can be used?
Click to expand...
Click to collapse
That was my thought, but I'm not brave enough to experiment to see if that's true.
whats the point, anyway? having consistent bootloader and rom doesnt seem to matter and plenty of i777 owners are running kitkat which there is no available bootloader to download and flash.
Is this an OCD thing? I get flashing the various modems for signal improvement, but I've never had a problem booting any rom with my old GB or ICS bootloader.
Sent from my SGH-I777 using XDA Premium 4 mobile app
jpasher said:
One more question... If I simply remove the boot.bin and sbl.bin from the tar file and flash, that's the same as the "no bootloader" flash images, right? Maybe param.lfs too?
Click to expand...
Click to collapse
Yes, that would be true. As long as you are using Linux to tar the remaining files, they should flash fine. I guess you can add the md5 if you want also.
The UCLE5 and UCLL6 one-click downloaders that I posted have the boot.bin removed. The UCLE5 and UCLL6 stock plus root also have the boot.bin removed. No one has ever said anything about any problems resulting.
My assumption is that it's ok to keep gingerbread boot loaders, or to flash the ICS boot loader, or to flash the JB boot loaders, and you would never be able to tell the difference. On the other hand, there must be a reason that Samsung puts them into the kies download. I just have no knowledge and no speculation on how they differ, or whether it is important to have matching boot loaders.
Edit: Oh, and boot.bin probably goes into 0p0 partition, just a guess. But it gets flashed in the pda slot just like sbl and param, so it must go into a partition.
Edit: A forum friend found this thread for us.
Edit: I just found Adam Outler's online pit file analyzer and ran the pit file from the Download Repository through it. Partition information for the AT&T SGS2 attached.
bleggy said:
whats the point, anyway? having consistent bootloader and rom doesnt seem to matter and plenty of i777 owners are running kitkat which there is no available bootloader to download and flash.
Click to expand...
Click to collapse
I have no reason to make the bootloader match the ROM. I'm just making sure I understand how everything works together to avoid doing something that may potentially brick my phone. I flashed the no bootloader version of stock UCMD8 today and everything seems to be working fine. As long as things work, I don't really care which bootloader I have.
creepyncrawly said:
Edit: Oh, and boot.bin probably goes into 0p0 partition, just a guess. But it gets flashed in the pda slot just like sbl and param, so it must go into a partition.
Click to expand...
Click to collapse
There's not a "zero" partition. My only guess is that it's embedded somewhere else. Not sure at this point.
I found that post the other day with the S2 partition layout (that's what I was using for my tests). The PIT file analysis gives a little more info, although it says boot.bin partition is 0 bytes. That's what confuses me a bit. But in the end, not really a big deal. More of a curiosity than anything else.
When this forum was active "Don't mess with bootloaders" was common knowledge. Unless you absolutely have to. You can hard brick this thing if there's a problem while flashing it.
Don't mess with any of the files you mentioned. As far as I know it's unnecessary. I'm running Renders CM11 build with no problems with the original GB bootloader. Never had a problem with ICS or JB roms either.
Yea, my main purpose for starting the thread was to make sure I wouldn't break anything beyond repair by having mismatched bootloaders. It makes perfect sense why corrupting the bootloader would hose things (just like if you corrupted the MBR of your hard drive and had to boot off of alternative media to repair it, except for the fact that the phone does not have the ability to boot alternative media). My ASUS Transformer TF300T is nice in that aspect as the Nvidia chipset allows booting into APX mode which is an extremely low level boot mode that allows repair of almost anything. It should would be nice if the additional bootloader slot on the S2 could be used as a fallback with a way to choose which bootloader to run.
I'm the kind of person that likes to know more about the innards of how something works instead of looking at it as a black box. When I'm "flashing the kernel", I like to know exactly what it is I'm changing so I can understand the repercussions, especially if something goes wrong.
So the net result after this conversation is that I'm a lot more confident about flashing android devices (as long as I stay clear of messing with the bootloader whenever possible). I have CM11 running now too (stock CM kernel) while still on the GB bootloader.
I'm currently running the OEM bootloader of XXALE8. I know there's probably a new boot loader available for my phone. Would I get any benefit out of upgrading the boot loader, or should I jsut leave it as it is? I highly doubt I will ever downgrade back to ICS, (or even JB at this point). Also, how would I go about upgrading my bootloader without flashing an OEM Samsung ROM?
Bootloader is closed source, we don't know what's inside but definitely updating bootloader from your current state is recommended, as XXELLA+ has Sudden Death fix and other improvements, even if bootloader is not running long, newer is usually better.
Bootloader is sboot.bin file, however there also exist other partitions, such as hidden, param or tz. I suggest updating your bootloader by flashing official firmware from sammobile through Odin, this way you're sure that all low-level partitions are fine.
Be aware that newer bootloaders have warranty indicator, so will show modified status at each boot if you have custom recovery or kernel.
If you regularly use download mode to flash then update to prevent SDS and wear of your nand memory, otherwise I'd leave it alone.
Sent from my GT-I9300 using Tapatalk
boomboomer said:
Be aware that newer bootloaders have warranty indicator, so will show modified status at each boot if you have custom recovery or kernel.
If you regularly use download mode to flash then update to prevent SDS and wear of your nand memory, otherwise I'd leave it alone.
Sent from my GT-I9300 using Tapatalk
Click to expand...
Click to collapse
That's not true, newer bootloaders will set flash counter to 1 if running custom kernel, however I have official system status with ArchiDroid, therefore I don't have red exclamation mark .
That's what I said. You must have stock kernel installed with your rom? Even repacking the stock kernel will increase flash counter on new bootloaders.
Sent from my GT-I9300 using Tapatalk
boomboomer said:
That's what I said. You must have stock kernel installed with your rom? Even repacking the stock kernel will increase flash counter on new bootloaders.
Sent from my GT-I9300 using Tapatalk
Click to expand...
Click to collapse
It will, but red exclamation mark is not based on flash counter, it's based on system status. Therefore you can have 1+ flash counter and no red exclamation mark even on custom roms (like I do).
JustArchi said:
Bootloader is closed source, we don't know what's inside but definitely updating bootloader from your current state is recommended, as XXELLA+ has Sudden Death fix and other improvements, even if bootloader is not running long, newer is usually better.
Bootloader is sboot.bin file, however there also exist other partitions, such as hidden, param or tz. I suggest updating your bootloader by flashing official firmware from sammobile through Odin, this way you're sure that all low-level partitions are fine.
Click to expand...
Click to collapse
Is there a way to do it without flashing the OEM Samsung firmware, or is that the only way?
k-semler said:
Is there a way to do it without flashing the OEM Samsung firmware, or is that the only way?
Click to expand...
Click to collapse
There is a way but I suggest to flash full Samsung rom through Odin.
Why is that besides initial partition table setting? As far as I know, mine aren't messed up at all. This is after flashing several modems, recoveries, ROM's and kernels. Or is there something about the bootloader that is special? What is the alternate method to do so?
Read archi's first post for why to flash full rom, alternative is though cwm (if you make zip file) but this carries most risk of bricking your phone.
I got it successfully updated to bootloader XXEMG5 that I got it from this post.
http://forum.xda-developers.com/showthread.php?t=2189063
Is this the latest bootloader available?
Oops. Double post.
So, I cobbled together a (custom-recovery) flashable NC4 stock ROM.
I'm interested to find out whether it is possible to boot it successfully from later bootloader firmware - e.g. NK1, OB6, or OF1
(I'm still on NC4 bl and not planning on upgrading near term. It boots on NC4 bl but that's pretty obvious lol)
[size=+2]Q: Why would this be useful?
A: to provide a means for upgrading bootloader firmware without starting from scratch.[/size]
For instance, there are folks on OB6 firmware that would like to use a custom ROM that will only work on OF1 firmware. They can certainly start from scratch (backup and unload the entire device); an alternative would be to:
- Make a backup of an existing rooted ROM (that more than likely has a custom or modified boot image so is not bootable when the bootloader gets re-locked) using the currently-installed custom recovery (which will also be non-bootable under re-lock).
- Restore a (debloated) pure stock ROM w/ Samsung kernel. Root it with Towelroot (does not touch boot image)
- Flash replacement bootloader only in Odin. Locked bootloader = no custom recovery... but with a rooted stock ROM already in place with an unmodified stock kernel it can be immediately unlocked.
NC4 is easily rooted with Towelroot-v3 "on device". No need for PC drivers, online rooting tools with a separate PC, etc (e.g. as with Yemen rooting methods on OB6, OF1)
This approach in principle saves the need to backup everything up in the /sdcard - but you have to know in advance that the NC4 stock kernel and ROM can successfully be booted with later bootloaders.
So anyway, that's what I'm asking for help testing with - folks that are: (a) unlocked and (b) on NK1, OB6 or OF1 bootloader willing to try flashing a debloated NC4 Stock ROM using their existing custom recovery, and see if it boots, roots, and if root survives a single boot cycle.
Contact me via this thread or PM; I'll provide the flashable NC4 and the Towelroot .apk
.
my n900v came with 5.0 Of1 but i rooted, unlocked BL. installed twrp and flashfired NC4 tar minus recovery
runs smooth.I hate lollipop.lol
only bug is wifi password resets everytime i reboot
im curious as to why i have trouble running certain nc2/nc4 roms..some want to bootloop/freeze
baja,biggins,and objective rom
kernel issue maybe? or BL version
btw. i am rooted via towelroot v3
hotrod85z said:
my n900v came with 5.0 Of1 but i rooted, unlocked BL. installed twrp and flashfired NC4 tar minus recovery
runs smooth.I hate lollipop.lol
Click to expand...
Click to collapse
Thank you for posting that, very useful/helpful information to know.
Does Flashfire understand the Samsung "sparse" image format of the system.img.ext4 file inside the Stock (Odin) .md5 tarfile blob? Or maybe somebody else packaged up a "flashable .zip" of NC4?
hotrod85z said:
only bug is wifi password resets everytime i reboot
Click to expand...
Click to collapse
in /system/build.prop, set ro.securestorage.support=false and reboot. You might also want to set ro.config.tima=0 as well.
I suspect that mixing and matching Samsung kernels with bootloader versions breaks something in the TrustZone, and so secure containers and other sort-of-obscure security functions no longer work as the TZ smells something fishy. I am using a rooted PL1 rom on NC4 bl and it would spontaneously reboot (infrequently) until I made the above changes - it's been rock stable for about 4 days now. Why this works I can't really say - it's a "generation skipping" bootloader and stock rom combination - N* bootloader and P* ROM *
hotrod85z said:
im curious as to why i have trouble running certain nc2/nc4 roms..some want to bootloop/freeze
baja,biggins,and objective rom
kernel issue maybe? or BL version
btw. i am rooted via towelroot v3
Click to expand...
Click to collapse
all of the above or none of the above LOL
There are definitely some mysteries here, and I don't claim to fully understand the interdependence of the TZ (== bootloader firmware), the TIMA and RTKP stuff in the kernel, and the cross-communication between kernel and TZ via the qseecom service daemon (which is in the ROM in /system/bin) much less how the APIs of all these interfaces might have changed between major releases.
You could check those two build.prop settings in those ROMs for starters though. I suspect that if the TZ smells something fishy (e.g. a kernel TIMA to TZ info mismatch), a variety of secure credential services in the TZ stop working. It is possible that "ro.securestorage.support" is a toggle that attempts to use TZ services when it is set to "true", and so anything in the ROM which builds on it breaks because the TZ is refusing to play on an otherwise "stock" ROM variant.
FWIW I got the AryaMod (S7Edge MM port) + phantom kernel running on NC4 bl + OF1 modem for a full 24 hours after I disabled the qseecom service daemon. It ran long enough that I had customized the whole thing as a daily driver with all my apps, verified that all sensors & radios worked, made test calls, etc. Rebooted it and the kernel started getting reset by a "Modem Reset". Even weirder was that despite the use of the OF1 "modem" firmware, the kernel was reporting a bunch of RIL "unknown ioctl's". Strikes me as odd that the whole thing could run that long with so many different things happening, and then the "modem" is unhappy - even though other folks are using the ROM with OF1 bl + OF1 radio/modem firmware. (As if the "modem" isn't really the source of the problem, even though that's what initiates the device reset).
.
i initially tried flashing NC4 full tar via ODIN. but even bl unlocked. i got FAIL. flashfire worked!
very curious as to whether a custom n900v kernel would boot my 4.4.2 custom roms..its either that or the BL isnt compatible with non-touchwiz roms....
most of the kernel/modem/firmware links on here are 404 error dead links.. would be nice to see an up to date sticky. ill flash anything as long as i dont end up in JTAG mode with a brick.lol
ive played with verizon s5 atnt s2,galaxy capitivate,atrix 4g and many other phones
the s2 is still by far the fastest Smoothest phone on cm7..the newer the phones..the newer the OS..the bigger the resourse hogs"ram" im a minimalist...
even after flashing NC4 official full tar..im still showing OF1 baseband under settings
@hotrod85z
FWIW I posted a bunch of recovery-flashable stock ROMs here.
There is also a link in that thread to a complete set of (Odin flashable) modems for NC4, NJ6, NK1, OB6, OF1, and PL1 if that is of interest to you.
Maybe I wasn't paying attention, but I could swear that on at least one occasion or two when I performed an Odin modem flash, it didn't "stick", despite no complaints on the handset screen or in Odin - the next boot showed the (prior) baseband version, not what I flashed. Its a bit of a mystery to me; but for now I've resolved to make sure that after the Odin session is complete, I wait 30 seconds or so, then remove the USB cable, and then pull the battery rather than try to restart the device by holding buttons down. It is possible that those events occurred when I soft-restarted the phone, but I'm not sure. For now I'm just trying to always flash and restart with exactly the same method to avoid different behaviors from creeping in.
PS I have no idea if those ROM flashables are compatible with Flashfire. They might be, but I've never tested it, and as they are not pre-rooted I'm not going to suggest it for fear that somebody with a rooted but locked (bootloader) phone will try using flashfire and then end up with a phone that needs a full Odin re-install. Appearances are that each version of the bootloader restricts the Samsung signing verification to only the matching kernel version - you can't even boot a Signed samsung kernel on a locked phone if it is a different version than the bootloader's version.
Hello all I have a emmc exploit note 3 I'm using here and I wanted to flash different radios for the us carrier note 3's and I first tried to use flash fire to try to update the modem, but even that didn't stick, cause I don't readily have a pc available, I wasn't ballsy enough to flash a different carrier modem, since I checked the odin screen and saw that instead of a bootloader unlock, its in developer mode and I didn't want a brick, so overall my question is, do I need a unlocked bootloader to flash different modems and do I need odin tovdo it or will some sort of mobile odin or something do it? Thanks mates and happy flashing.
Dlind said:
Hello all I have a emmc exploit note 3 I'm using here and I wanted to flash different radios for the us carrier note 3's and I first tried to use flash fire to try to update the modem, but even that didn't stick, cause I don't readily have a pc available, I wasn't ballsy enough to flash a different carrier modem, since I checked the odin screen and saw that instead of a bootloader unlock, its in developer mode and I didn't want a brick, so overall my question is, do I need a unlocked bootloader to flash different modems and do I need odin tovdo it or will some sort of mobile odin or something do it? Thanks mates and happy flashing.
Click to expand...
Click to collapse
Well, your question is way off topic for this thread.
But since nobody is in here anyways, I guess I'll answer the parts that I am able to.
The modems that I posted over in that other thread were meant to be flashed in Odin using a PC. You can use either the AP slot or CP slot. Note that the very first post says - in big bold blue letters "Odin-flashable Modems".
Not flashfire. It never said anything about flashfire.
Is there such a thing as MobileOdin? If there is, I know nothing about it and certainly have never tested anything with it. So I don't know and am not going to speculate.
You said something confusing here:
Dlind said:
I checked the odin screen and saw that instead of a bootloader unlock, its in developer mode
Click to expand...
Click to collapse
If it says "MODE: Developer" you have an unlocked bootloader. Which is exactly the same thing as a Developer Edition phone.
If you were to use a PC with Odin and you flashed a FULL Stock firmware flash, yes it would overwrite the unlocked bootloader and indeed re-lock the phone. If you were able to re-root that (stock) ROM, you could perform the unlocking procedure again to unlock it.
On the other hand, those Odin-flashable modem packages do not contain the bootloader firmware, so if you were to use Odin on a PC to flash just those modem images, your bootloader would not get re-locked - the unlocked bootloader is still there, untouched.
When the carriers issue an OTA update, many times (perhaps most of the time) they contain a modem update (NON-HLOS.bin and modem.bin). So it is obvious that they are able to be flashed **somehow** right on the phone, without using Odin from the PC or an "Odin app" at all.
BUT that happens using a combination of the STOCK recovery and the bootloader itself during the reboot following the actions taken by the STOCK recovery. (My guess is that the recovery simply "stages" it into place, and sets some flags so that the bootloader knows that it is supposed to evaluate the crypto signatures of the file blobs that the recovery put into place and it is actually the bootloader that does the flashing. That's really not a whole lot different than what happens when you transfer files from Odin to the phone - the "Odin/Download" mode is just one of the personalities of the bootloader. (Odin is actually a rather dumb program - it's the bootloader on the phone that gets to decide whether a flash happens. It does that by carefully examining the file blob that gets transferred, e.g. crypto signature checks)
My guess is that you would be able to flash STOCK modem packages from Odin (using a PC) independent of whether the bootloader is locked or unlocked. But as I said: "guess".
I don't have a second phone to test with, so I would have to flash completely back to stock and lock my bootloader to be able to test that hypothesis. That's a big jobs because of all the crap I have to backup and restore to my phone.
Frankly, if you don't have access to a PC, and you really need your device to keep working, I would advise you to stop screwing around with it, simply because you don't have good tools available to fix it if a disaster occurs.
PS. I've never once noticed anything different between various radio firmwares on ANY device I've ever owned.
bftb0 said:
Well, your question is way off topic for this thread.
But since nobody is in here anyways, I guess I'll answer the parts that I am able to.
The modems that I posted over in that other thread were meant to be flashed in Odin using a PC. You can use either the AP slot or CP slot. Note that the very first post says - in big bold blue letters "Odin-flashable Modems".
Not flashfire. It never said anything about flashfire.
Is there such a thing as MobileOdin? If there is, I know nothing about it and certainly have never tested anything with it. So I don't know and am not going to speculate.
You said something confusing here:
If it says "MODE: Developer" you have an unlocked bootloader. Which is exactly the same thing as a Developer Edition phone.
If you were to use a PC with Odin and you flashed a FULL Stock firmware flash, yes it would overwrite the unlocked bootloader and indeed re-lock the phone. If you were able to re-root that (stock) ROM, you could perform the unlocking procedure again to unlock it.
On the other hand, those Odin-flashable modem packages do not contain the bootloader firmware, so if you were to use Odin on a PC to flash just those modem images, your bootloader would not get re-locked - the unlocked bootloader is still there, untouched.
When the carriers issue an OTA update, many times (perhaps most of the time) they contain a modem update (NON-HLOS.bin and modem.bin). So it is obvious that they are able to be flashed **somehow** right on the phone, without using Odin from the PC or an "Odin app" at all.
BUT that happens using a combination of the STOCK recovery and the bootloader itself during the reboot following the actions taken by the STOCK recovery. (My guess is that the recovery simply "stages" it into place, and sets some flags so that the bootloader knows that it is supposed to evaluate the crypto signatures of the file blobs that the recovery put into place and it is actually the bootloader that does the flashing. That's really not a whole lot different than what happens when you transfer files from Odin to the phone - the "Odin/Download" mode is just one of the personalities of the bootloader. (Odin is actually a rather dumb program - it's the bootloader on the phone that gets to decide whether a flash happens. It does that by carefully examining the file blob that gets transferred, e.g. crypto signature checks)
My guess is that you would be able to flash STOCK modem packages from Odin (using a PC) independent of whether the bootloader is locked or unlocked. But as I said: "guess".
I don't have a second phone to test with, so I would have to flash completely back to stock and lock my bootloader to be able to test that hypothesis. That's a big jobs because of all the crap I have to backup and restore to my phone.
Frankly, if you don't have access to a PC, and you really need your device to keep working, I would advise you to stop screwing around with it, simply because you don't have good tools available to fix it if a disaster occurs.
PS. I've never once noticed anything different between various radio firmwares on ANY device I've ever owned.
Click to expand...
Click to collapse
Thanks SOOOOOO MUCH for your input I kinda had a feeling that the idea was risky at first and I don't know a whole lot about odin and I wish Samsung could have created something much easier to use, but thanks for answering the wayyyyy off topic question, I'm gonna smash that thanks button, I'm also going to take the advise on not cross flashing different modems, its just to risky. You answered all my questions so thanks, Also I want to say thank you for your continued work on this phone is by normal terms "old" now but in reality its still an amazing phone with the right custom software, and happy flashing!