Better Mobile App

[Q] Are bootloaders backwards compatible

I've always had trouble finding a definitive answer for this question.
In general, are bootloaders backwards compatible? For example, if I flash a JB 4.2 bootloader, will flashing a JB 4.1 or ICS ROM work as expected, or does the bootloader need to be downgraded too? I know that some newer phones (like the S4) have an efuse that prevents going backwards (at least for stock), but does that concept hold true for all phones?
I have an S2 that I just replaced with an S4, so I'm going to play around with it some now (currently on stock 2.3.4 KH7 with rooted kernel). It's been a while since I've flashed an entire ROM (usually I just work on getting root), but since this won't me my primary phone anymore, I can play around with it a bit.

I can't give you a definitive answer. We have established that even though the file size for the boot loaders remains consistent from Gingerbread through jelly bean, there are differences between the files when examined as hex code. So the engineers do perform modifications with each version. I have never seen any discussion of the boot loaders not being backward compatible. So, since we have lots of stock and custom firmware on the forum that does not contain boot loaders, I would assume that you could flash a Gingerbread or ICS over JB or KitKat boot loaders without problems. And even if there were issues, it would be no problem to flash a full stock distribution to get the correct boot loaders. But again, this is only my surmise, and not based on direct knowledge.
There have been some statements by at least one developer that you must upgrade the boot loaders for the latest versions of Jelly Bean or KitKat. I would think it advisable to have matching boot loaders on your daily driver.

(apologies ahead of time that my initial post was probably in the wrong forum).
Well, at least I'm not the only one who hasn't been able to find a definitive answer.
Speaking specifically about the S2 (since that seems to be one of your specialties), if I need to update the bootloader to ICS or JB (since I'm on gingerbread) and something goes wrong, will it hard brick the phone or can I still get into the ODIN download mode to recover/reflash? Is the download mode on this phone considered part of the bootloader? I get a little confused sometimes in regards to what is included in the "module".
For example, it seems like (at least for this phone), the recovery image is built into the kernel as opposed to a separate image like my ASUS Transformer TF300T. Is that correct? On my TF300T, I can flash the recovery image separately through fastboot without touching the kernel, bootloader, or anything else, but it seems like the recovery image for the S2 always comes with a kernel.
Basically, I want to do anything I can ahead of time to reduce the risk of a brick (and know what I should avoid to reduce bricking the phone). Based upon what you said, it sounds like the best way to upgrade my bootloader is to flash a stock ROM that includes the bootloader. If that is the case, since JB 4.1 was the last version release by AT&T, should I just go to that bootloader and hope it works if I install a JB 4.2/4.3 or KitKat based ROM? I assume if I reflashed the stock KH7 ROM, it would just replace everything (including bootloader) and get me back to where I am now?
I have a lot of experience in the Linux world, so I'm trying to map over the Android concepts to the Linux concepts, but I still get tripped up sometimes (recovery, bootloader, kernel, ROM, etc). Sometimes people don't seem to use the terms the same way.
From a technical standpoint, it doesn't surprise me too much that the bootloaders are the same size. It's probably similar to the MBR code for hard drives that just does a minimalistic job of getting the hardware in an accessible state so it can later boot the kernel (like GRUB).

jpasher said:
(apologies ahead of time that my initial post was probably in the wrong forum).
Click to expand...
Click to collapse
Yes, questions are usually supposed to go in the Q&A forum, but there is not so much activity in this phone's forum any more, so it really doesn't matter much. And this information is more of a general nature anyway.
Well, at least I'm not the only one who hasn't been able to find a definitive answer.
Speaking specifically about the S2 (since that seems to be one of your specialties), if I need to update the bootloader to ICS or JB (since I'm on gingerbread) and something goes wrong, will it hard brick the phone or can I still get into the ODIN download mode to recover/reflash? Is the download mode on this phone considered part of the bootloader?
Click to expand...
Click to collapse
1. Hard brick on an android phone generally means that one of the boot loaders is corrupt, or it might mean that the memory module section that contains the boot loaders or other low level code is damaged. In general, the main thing you have to be careful about is when flashing a boot loader to make sure that the flash is not interrupted. For instance, say the power goes out, or the dog pulls out the usb cord, right in the middle of the flash, and after the boot loader partition is wiped, only part of the code is copied back to the partition. The good news is that the individual bootloaders are fairly small, so the time of vulnerability is a matter of seconds.
If you need to update to ICS or JB boot loaders, you would have to flash the full stock distribution that has the boot loaders included. No one has made Odin flashable tars of either of those. The UCKH7 Gingerbread secondary boot loader is available in tar, and that is the only separate tar I know of.
2. I don't know software engineering, only a little programming. I don't know where the code that puts the phone into download mode is located. It seems likely that it is in the secondary boot loader, but that is only speculation. I do know that you can enter download mode, and then flash both boot.bin and/or sbl.bin.
I get a little confused sometimes in regards to what is included in the "module". For example, it seems like (at least for this phone), the recovery image is built into the kernel as opposed to a separate image like my ASUS Transformer TF300T. Is that correct? On my TF300T, I can flash the recovery image separately through fastboot without touching the kernel, bootloader, or anything else, but it seems like the recovery image for the S2 always comes with a kernel.
Click to expand...
Click to collapse
1. The memory is partitioned. Each chunck of code is loaded into its specific partition. I don't have a partition table handy for the S2, but essentially you have: primitive boot loader (boot.bin), secondary boot loader (sbl.bin), parameters (param.lfs), kernel (zImage or boot.img), cache (cache.img), system (factoryfs.img), hidden (hidden.img), modem (modem.img) and several others like PIT, EFS, CSC and I don't remember what. But the ones I named are what is included in a full firmware distribution, and the AT&T model does not allow for the changing of the CSC like on the international S2 so that is not used. I'm not a Linux person, but if my understanding is correct, the img files install like a block device, but the boot loaders and param at a lower level.
2. There may be a recovery partition, but I'm not sure of that. If there is, it isn't used. Anyway, you are correct that the recovery is compiled into the kernel and is installed as a unit on the S2. You can not install a separate recovery on the S2. Many Android phones, maybe most as far as I know, do have a separate partition for the recovery. The S3 and S4 do also.
3. If you are interested, I have attached a partition table for the S4, which you might want to look at just for interest and learning. If memory serves me, it is quite a bit different from the S2.
Basically, I want to do anything I can ahead of time to reduce the risk of a brick (and know what I should avoid to reduce bricking the phone). Based upon what you said, it sounds like the best way to upgrade my bootloader is to flash a stock ROM that includes the bootloader. If that is the case, since JB 4.1 was the last version release by AT&T, should I just go to that bootloader and hope it works if I install a JB 4.2/4.3 or KitKat based ROM? I assume if I reflashed the stock KH7 ROM, it would just replace everything (including bootloader) and get me back to where I am now?
Click to expand...
Click to collapse
I would assume that the above is correct. The boot loaders in the 4.1.2 UCMD8 firmware would be the latest official ones for this phone. As far as flashing back to earlier stock, you would only get the boot loaders if you use a full distribution. Many of the stock distributions and almost all of the custom firmware posted on this site for the AT&T S2 do not contain boot loaders or param.lfs.
I have a lot of experience in the Linux world, so I'm trying to map over the Android concepts to the Linux concepts, but I still get tripped up sometimes (recovery, bootloader, kernel, ROM, etc). Sometimes people don't seem to use the terms the same way.
From a technical standpoint, it doesn't surprise me too much that the bootloaders are the same size. It's probably similar to the MBR code for hard drives that just does a minimalistic job of getting the hardware in an accessible state so it can later boot the kernel (like GRUB).
Click to expand...
Click to collapse
A lot of people around here (myself included) speak from anecdotal information gathered from the forums.

Wow. A LOT of useful information in that response. Thanks! A few of the things finally made some light bulbs go on in my head and clear some things up.
creepyncrawly said:
If you need to update to ICS or JB boot loaders, you would have to flash the full stock distribution that has the boot loaders included. No one has made Odin flashable tars of either of those. The UCKH7 Gingerbread secondary boot loader is available in tar, and that is the only separate tar I know of.
Click to expand...
Click to collapse
So to get to an ICS or JB bootloader, does it mean I have to perform an update through Kies? I'm looking at the different custom ROMs running KitKat and at least some of them say to be on a JB bootloader. I've read that at least some some devices (such as my TF300T), the different bootloader versions can actually have different partition layouts
If I tried flashing your OCD package for UCLL6 4.0.4 on my current system (with gingerbread BL), would it boot (or worst case, just not boot but still allow me to enter ODIN download mode to flash back to stock UCKH7)? If I'm understanding things correctly, it seems like as long as I'm not touching the bootloader, the worst thing that could happen is that I get an unbootable phone that I can still recover using ODIN download mode.
creepyncrawly said:
2. I don't know software engineering, only a little programming. I don't know where the code that puts the phone into download mode is located. It seems likely that it is in the secondary boot loader, but that is only speculation. I do know that you can enter download mode, and then flash both boot.bin and/or sbl.bin.
Click to expand...
Click to collapse
I guess I'll have to start poking around the different partitions to see if I can find any signs that point to what is what (unless I can't do a simple dd of the partition to a file using adb shell).
creepyncrawly said:
1. The memory is partitioned. Each chunck of code is loaded into its specific partition. I don't have a partition table handy for the S2, but essentially you have: primitive boot loader (boot.bin), secondary boot loader (sbl.bin), parameters (param.lfs), kernel (zImage or boot.img), cache (cache.img), system (factoryfs.img), hidden (hidden.img), modem (modem.img) and several others like PIT, EFS, CSC and I don't remember what. But the ones I named are what is included in a full firmware distribution, and the AT&T model does not allow for the changing of the CSC like on the international S2 so that is not used. I'm not a Linux person, but if my understanding is correct, the img files install like a block device, but the boot loaders and param at a lower level.
Click to expand...
Click to collapse
Very useful stuff. I'll have to read around a bit more to understand the different functions associated with each image. And yes, it would make sense that the img files are simply a direct bit-for-bit copy of that partition (which I would assume could be obtained with a simple dd copy). That would also explain why the bootloaders are the same size (if you dd a block device/partition, the resulting raw file is the size of the block device/partition). My guess is that the flashing process essentially just takes each img and does the same thing as a dd of the file to the partition.
This makes me wonder... If the bootloader partition for a phone has a JB BL, I can't see why someone couldn't do a dd of that partition into an image file and then restore that to the bootloader partition of another phone (maybe there's built in security that prevents stuff like that).
creepyncrawly said:
3. If you are interested, I have attached a partition table for the S4, which you might want to look at just for interest and learning. If memory serves me, it is quite a bit different from the S2.
Click to expand...
Click to collapse
Very nice. Thanks. I just got my S4 last month, so I don't plan on doing anything to it besides already acquiring root. I'm also on the MF3 release which doesn't have any known way of installing custom ROMs anyway.

I wouldn't use Kies. Flash the full distribution of the stock firmware that you want the boot loader. For JB boot loaders, flash UCMD8 full. You can find that in the Download Repository at the bottom of the page.
The OCD for UCKK6 does not have boot loaders. To get the Gingerbread boot loaders, flash UCKH7 full. To get the ICS boot loaders, flash UCLE5 or UCLL6 full. Again, you can get those in the Download Repository.
You can use dd to pull or restore the contents of a partition. You can use adb shell, or you can use terminal emulator right on the phone. In fact, it's a good idea to back up your efs partition using the dd command. I've posted how to do that several times in the forums. Advanced search for "back up efs" and "creepyncrawly" should find that for you.
I personally would never try to flash a bootloader using the dd command, although it is definitely possible. There is too much margin for error. Remember, the dd command is lovingly called the destroy disk command.

wait. I've never flashed any bootloader. My phone came with GB but the last official firmware that my phone had was the ICS OTA. From there, I flashed up to JB and now I'm happily running KK.
I have flashed the latest modem, however.
Unless I am missing something, my phone works just fine with old bootloaders and new kernel/recovery/roms.
Sent from my SGH-I777 using XDA Premium 4 mobile app

Once again, thanks for the useful info.
I would definitely only use dd to replace the contents of a partition as a last resort. Since I don't know enough about how android would handle a partition being changed underneath its feet, it would be risky.
I grabbed the file for UCMD8 (4.1.2) and I'll play around with that. I tried to grab UCLL6 (4.0.4) too, but the links point to the defunct hotfile site. Do you have updated links for that file (or is it exactly the same as what I can download at sammobile.com)? The full stock binaries (.tar.md5) go in the ODIN PDA slot, right?
Also, for those that may be interested, I made a copy of the bootloader from my stock UCKH7 (partition /dev/block/mmcblk0p2) and looked for strings related to the ODIN download mode, and I was able to find all of the strings that appear when in download (e.g. "ODIN MODE", "PRODUCT NAME", "ERASING DOWNLOAD INFORMATION", etc), so it's safe to say that ODIN download mode is part of the bootloader. All the more reason to just leave the bootloader alone if possible.
I also noticed that the two bootloader partitions (mmcblk0p2 and mmcblk0p3) are almost identical except for the text string SNBL in the mmcblk0p2 partition. I wonder why the two partitions...

bleggy said:
wait. I've never flashed any bootloader. My phone came with GB but the last official firmware that my phone had was the ICS OTA. From there, I flashed up to JB and now I'm happily running KK.
Click to expand...
Click to collapse
Which JB version are you running? One possible reason I can think of where a newer bootloader would be needed is if the partition layout changes. I've heard of some devices where that occurred with JB 4.2. Maybe that's why TWRP recovery has two different versions for 4.1 and 4.2 on my TF300T.
At any rate, it's good to hear that someone hasn't broken their phone by running an older bootloader with a newer ROM.

I'm on KitKat 4.2.2 now.
Previously, 4.3 & 4.2-something Jellybean. And a ICS rom before that.
I dont think flashing new bootloaders is necessary. I mean, I dont think its common.
Sent from my SGH-I777 using XDA Premium 4 mobile app

jpasher said:
I grabbed the file for UCMD8 (4.1.2) and I'll play around with that. I tried to grab UCLL6 (4.0.4) too, but the links point to the defunct hotfile site. Do you have updated links for that file (or is it exactly the same as what I can download at sammobile.com)? The full stock binaries (.tar.md5) go in the ODIN PDA slot, right?
Click to expand...
Click to collapse
I haven't finished uploading files to dev-host yet. But I'll be sure to upload that one today. I don't think you can get the file from sammobile either. They also used hotfile, and have not re-uploaded their complete library yet.
Yes, put the tar.md5 in the pda slot.
Also, for those that may be interested, I made a copy of the bootloader from my stock UCKH7 (partition /dev/block/mmcblk0p2) and looked for strings related to the ODIN download mode, and I was able to find all of the strings that appear when in download (e.g. "ODIN MODE", "PRODUCT NAME", "ERASING DOWNLOAD INFORMATION", etc), so it's safe to say that ODIN download mode is part of the bootloader. All the more reason to just leave the bootloader alone if possible.
Click to expand...
Click to collapse
So you dd'd the contents of 0p2 and looked at that? What tool did you use to look for strings? And do you know if that is boot.bin or sbl.bin? I think it must be boot.bin.
I also noticed that the two bootloader partitions (mmcblk0p2 and mmcblk0p3) are almost identical except for the text string SNBL in the mmcblk0p2 partition. I wonder why the two partitions...
Click to expand...
Click to collapse
Is it possible that there is built in redundancy? If one partition is bad, the second one can be used?

I have uploaded UCLL6 Odin Flashable tar.md5 to dev-host and posted it in the Download Repository.
By the way, I forgot so didn't mention it earlier in the discussion, but both UCLE5 and UCLL6 contain boot bin, but do not contain either sbl.bin or param.lfs. Evidently, the secondary boot loader and param files were not updated in the upgrade from Gingerbread to ICS.

Thanks for the files. One more question about them. If I simply remove the boot.bin and sbl.bin from the tar file and flash, that's the same as the "no bootloader" flash images, right? Maybe param.lfs too? I'm just thinking of ways to make things safer while I'm doing my initial testing (and bleggy seems to be running newer ROMs off the original GB bootloader).
creepyncrawly said:
So you dd'd the contents of 0p2 and looked at that? What tool did you use to look for strings? And do you know if that is boot.bin or sbl.bin? I think it must be boot.bin.
Click to expand...
Click to collapse
It was definitely the SBL, because it's a 1.25MB image instead of the 128K first stage bootloader. I found this thread about the Captivate (another extra phone I have) that says it works the same way (and does a good job explaining the boot process). I haven't figured out where the first stage bootloader (boot.bin) is stored, since it's not in a partition. I'll have to do some research on that.
In Linux, there's actually a command called strings that you can run on a file and it will extract all of the text strings it can find. A grep of that can find specific text. You could of course do the same thing by opening the file in a hex editor.
Is it possible that there is built in redundancy? If one partition is bad, the second one can be used?
Click to expand...
Click to collapse
That was my thought, but I'm not brave enough to experiment to see if that's true.

whats the point, anyway? having consistent bootloader and rom doesnt seem to matter and plenty of i777 owners are running kitkat which there is no available bootloader to download and flash.
Is this an OCD thing? I get flashing the various modems for signal improvement, but I've never had a problem booting any rom with my old GB or ICS bootloader.
Sent from my SGH-I777 using XDA Premium 4 mobile app

jpasher said:
One more question... If I simply remove the boot.bin and sbl.bin from the tar file and flash, that's the same as the "no bootloader" flash images, right? Maybe param.lfs too?
Click to expand...
Click to collapse
Yes, that would be true. As long as you are using Linux to tar the remaining files, they should flash fine. I guess you can add the md5 if you want also.
The UCLE5 and UCLL6 one-click downloaders that I posted have the boot.bin removed. The UCLE5 and UCLL6 stock plus root also have the boot.bin removed. No one has ever said anything about any problems resulting.
My assumption is that it's ok to keep gingerbread boot loaders, or to flash the ICS boot loader, or to flash the JB boot loaders, and you would never be able to tell the difference. On the other hand, there must be a reason that Samsung puts them into the kies download. I just have no knowledge and no speculation on how they differ, or whether it is important to have matching boot loaders.
Edit: Oh, and boot.bin probably goes into 0p0 partition, just a guess. But it gets flashed in the pda slot just like sbl and param, so it must go into a partition.
Edit: A forum friend found this thread for us.
Edit: I just found Adam Outler's online pit file analyzer and ran the pit file from the Download Repository through it. Partition information for the AT&T SGS2 attached.

bleggy said:
whats the point, anyway? having consistent bootloader and rom doesnt seem to matter and plenty of i777 owners are running kitkat which there is no available bootloader to download and flash.
Click to expand...
Click to collapse
I have no reason to make the bootloader match the ROM. I'm just making sure I understand how everything works together to avoid doing something that may potentially brick my phone. I flashed the no bootloader version of stock UCMD8 today and everything seems to be working fine. As long as things work, I don't really care which bootloader I have.
creepyncrawly said:
Edit: Oh, and boot.bin probably goes into 0p0 partition, just a guess. But it gets flashed in the pda slot just like sbl and param, so it must go into a partition.
Click to expand...
Click to collapse
There's not a "zero" partition. My only guess is that it's embedded somewhere else. Not sure at this point.
I found that post the other day with the S2 partition layout (that's what I was using for my tests). The PIT file analysis gives a little more info, although it says boot.bin partition is 0 bytes. That's what confuses me a bit. But in the end, not really a big deal. More of a curiosity than anything else.

When this forum was active "Don't mess with bootloaders" was common knowledge. Unless you absolutely have to. You can hard brick this thing if there's a problem while flashing it.
Don't mess with any of the files you mentioned. As far as I know it's unnecessary. I'm running Renders CM11 build with no problems with the original GB bootloader. Never had a problem with ICS or JB roms either.

Yea, my main purpose for starting the thread was to make sure I wouldn't break anything beyond repair by having mismatched bootloaders. It makes perfect sense why corrupting the bootloader would hose things (just like if you corrupted the MBR of your hard drive and had to boot off of alternative media to repair it, except for the fact that the phone does not have the ability to boot alternative media). My ASUS Transformer TF300T is nice in that aspect as the Nvidia chipset allows booting into APX mode which is an extremely low level boot mode that allows repair of almost anything. It should would be nice if the additional bootloader slot on the S2 could be used as a fallback with a way to choose which bootloader to run.
I'm the kind of person that likes to know more about the innards of how something works instead of looking at it as a black box. When I'm "flashing the kernel", I like to know exactly what it is I'm changing so I can understand the repercussions, especially if something goes wrong.
So the net result after this conversation is that I'm a lot more confident about flashing android devices (as long as I stay clear of messing with the bootloader whenever possible). I have CM11 running now too (stock CM kernel) while still on the GB bootloader.

AT&T SM-105A Stock Firmware Needed!

I know others have looked as well but can anyone *please* dump the rom of their AT&T 4.2.2 stock image for the good of all us AT&T S4 Zoom owners who are stuck in a logo reboot loop or have other problems that require a restore? There are currently no images available on any of the usual places (Samsung firmware, updates etc.)
Thanks very very much in advance!

If you not found any stock rom for C105A At&t... & Your Phone is In Boot loop Stuck on Samsung Logo... Then Just Flash C105A Mexico C105AUBUAND1, 4.2.2 System And Cache Separately in Odin...

This will not work because the AT&T variant of the phone is bootloader locked. You are not able to flash firmware variants unless they are for the AT&T version of the phone. Hence why so many people need a firmware image for AT&T. If anyone has or can make a DD.Image it would help a lot of people.

moomoo said:
This will not work because the AT&T variant of the phone is bootloader locked. You are not able to flash firmware variants unless they are for the AT&T version of the phone. Hence why so many people need a firmware image for AT&T. If anyone has or can make a DD.Image it would help a lot of people.
Click to expand...
Click to collapse
i am try this Method personally.. Every Thing working Fine
Download SM-C105A Mexico (Telcel) Android 4.2.2 firmware, from SamMobile,
Extract Whole Firmware Select only System Image & Cache file & Make it odin flashable Tar. using (tar-Tool_Odin3-v3.07_by_mkh.mourad)
Flash System & Then Cache In Odin Ap.. Thats It..
Try Only If Your Phone Is Soft Brick or In Boot loop State... Thanks
http://forum.xda-developers.com/picture.php?albumid=13143&pictureid=53644
http://forum.xda-developers.com/picture.php?albumid=13143&pictureid=53643

I'd like to help. I've extracted system.img and cache.img from an AT&T sm-c105a (4.2.2). Unfortunately I didn't read the above instructions very well and placed them both in an odin flashable tar.md5 file. I guess if you want to follow the above proceedure you will need to flash them separately. On the other hand, if you have a brick already anyway, you could just try it out. Any problems with the file post here. Mediafire was being dodgy and I wouldn't be surprised if it was damaged. Anyway here is the link, or as close a facsimile as my noobness will allow: http www mediafire com /download /xbdxb8gun1niwg9 /sm_c105a.zip

So, I assume from the deafening silence that this did not work? I'm not surprised since a dd of a mounted partion (system) can't be a good idea. I have been experimenting with Adebar which is also supposed to make a system backup. Doesn't seem to fully support the phone, or, doesn't create the full backup. I'm open to other ideas....

More files
Boot and recovery images, plus pit file all from stock sm-c105a AT&T JB 4.2.2. www . mediafire . com/ download/ 3df255lt8unnh24/ Boot_Recovery.tar.gz

Faisalkhan.007 said:
i am try this Method personally.. Every Thing working Fine But 3G Is Not Working..
Download SM-C105A Mexico (Telcel) Android 4.2.2 firmware, from SamMobile,
Extract Whole Firmware Select only System Image & Cache file & Make it odin flashable Tar. using (tar-Tool_Odin3-v3.07_by_mkh.mourad)
Flash System & Then Cache In Odin Ap.. Thats It..
Try Only If Your Phone Is Soft Brick or In Boot loop State... Thanks
{
"lightbox_close": "Close",
"lightbox_next": "Next",
"lightbox_previous": "Previous",
"lightbox_error": "The requested content cannot be loaded. Please try again later.",
"lightbox_start_slideshow": "Start slideshow",
"lightbox_stop_slideshow": "Stop slideshow",
"lightbox_full_screen": "Full screen",
"lightbox_thumbnails": "Thumbnails",
"lightbox_download": "Download",
"lightbox_share": "Share",
"lightbox_zoom": "Zoom",
"lightbox_new_window": "New window",
"lightbox_toggle_sidebar": "Toggle sidebar"
}
Click to expand...
Click to collapse
Don t work to me.

Here are a cache and system image from the AT&T variant of the phone. @awwar can you be more specific. You are in a boot loop? No recovery?? Device recognized by Odin/Heimdall??? I am VERY interested in providing a way to unbrick our phones but am unwilling to brick my only device. If you want to try something post here and I will provide what support I can.

My CM-C105A is in Kies recovery mod mode. I can flash only system and cash tar files. Kies show error when i am traing to recover my phone.

Have you tried the pit file? Sometimes that might help?? Also, I have a boot.img download further up the page. If your bootloader is bad you could get similar symptoms? Kies doesn't like my boot/recovery images? Can you post the specific error? Thanks for replying. c_p

capt_planit said:
Here are a cache and system image from the AT&T variant of the phone. @awwar can you be more specific. You are in a boot loop? No recovery?? Device recognized by Odin/Heimdall??? I am VERY interested in providing a way to unbrick our phones but am unwilling to brick my only device. If you want to try something post here and I will provide what support I can.
Click to expand...
Click to collapse
have you pit -file to AT&T firmware?

awwar said:
have you pit -file to AT&T firmware?
Click to expand...
Click to collapse
@awwar Here are recovery and boot images and pit file from AT&T version of phone Build # JDQ39.C105AUCUAMJ2. Kies may not be able to restore if you have a damaged bootloader source. But, on a plus note, "I haven't run into anyone yet who couldn't undo soft brick from Odin" source

capt_planit said:
@awwar Here are recovery and boot images and pit file from AT&T version of phone Build # JDQ39.C105AUCUAMJ2. Kies may not be able to restore if you have a damaged bootloader source. But, on a plus note, "I haven't run into anyone yet who couldn't undo soft brick from Odin" source
Click to expand...
Click to collapse
Nothing changed, I flashed whith this firmwares but error. This firmware is too large.

@awwar Ok man, thanks for testing. I hope your skills extend further than the average windows user. You have to extract the files and then repackage them for odin as tar.md5. I think you can do it in windows but I can only talk you through it if you are using linux. I am not sure which image to flash first but Faisalkhan.007 in the first page suggests doing it one file/partition at a time. I would flash my recovery and on reboot try using volume up and home to get to the newly flashed recovery. I think you are getting file too large because you've got more than one file in your flash package. Restore the pit file as a last attempt after trying to flash each partition. I'd love to figure out how to pass you the bootloader only but I've got another project ahead of this. Did you look at some of those links? Try this (search for download mode on the page) if you are having trouble getting to download mode. And this is for osX but might help too. The errors you are getting don't sound like the one I get. I upload an entire file then fail at 100% for an unknown reason. The Heimdall guys say that is due to the locked bootloader. TLDR: Split files, flash singly, reboot and try stuff in between. c_p

Well I Really Don't Know , But Its Working For Me,
http://forum.xda-developers.com/picture.php?albumid=13143&pictureid=53644
http://forum.xda-developers.com/picture.php?albumid=13143&pictureid=53643

awwar said:
Nothing changed, I flashed whith this firmwares but error. This firmware is too large.
Click to expand...
Click to collapse
Okay Wait I Am Gonna Upload Flash able Tar System & Cache files On Cloud When its Done, i will send You Link, :good:

awwar said:
Don t work to me.
Click to expand...
Click to collapse
https://mega.nz/#F!SFhCnIIb!D7QIX-Xmkd8aZBfU_-2PIg
Try It

I have *three (3)* SM-C105A S4 Zoom Camera phones by Samsun and enjoy them. I have upgraded firmware on 2 so that I can use Remote ... uh, is it Viewfinder? And it works. Not to the point. What I *lost* was compatibility with *ooooooold* Photo Elements. Which, at age 57 I like to use and don't want to relearn. I run it on a virtual XP. What makes this post relevant is that *third* S4. It *hasn't* upgraded. Cracked screen, disused, but I crammed.. well, a bit of fibrous matter...OK , a ciggy-butt, in the battery door, with a rubber-band, to hold a fresh battery in place, ... and it's booting now. So, please give me a month to extract the firmware, yes it is AT&T and also upload Photo Elements, firmware from old and upgraded, to continue the discussions, or not, and to try cloning the two to restore my ability to post process nudies shot with my camera phones. And other pics. I wrote an AI MathCAD program to postprocess nudies (it's fine art fer heaven's sake) that actually simualted the artist's brush strokes. More on all this in I hope a month.
DGoncz
---------- Post added at 01:39 PM ---------- Previous post was at 01:22 PM ----------
No, back when, I must have applied, not the most recent upgrade, but the intermediate of the three versions.....and all hope is lost. Photos from the oldest S4 I have do *not* open in Photo Elements. None of my cameras produce photos that open in Photo Elements any longer...but they did. I opened an older photo just now.
Dang these upgrades. The message says the JPG file is missing a segment. Phooey.
I have a business account with Samsung and will open a support ticket.
I will not pursue the hack angle for now.
Samsung may help me.
Cheers,
DGoncz
DGoncz said:
I have *three (3)* SM-C105A S4 Zoom Camera phones by Samsun and enjoy them. I have upgraded firmware on 2 so that I can use Remote ... uh, is it Viewfinder? And it works. Not to the point. What I *lost* was compatibility with *ooooooold* Photo Elements. Which, at age 57 I like to use and don't want to relearn. I run it on a virtual XP. What makes this post relevant is that *third* S4. It *hasn't* upgraded. Cracked screen, disused, but I crammed.. well, a bit of fibrous matter...OK , a ciggy-butt, in the battery door, with a rubber-band, to hold a fresh battery in place, ... and it's booting now. So, please give me a month to extract the firmware, yes it is AT&T and also upload Photo Elements, firmware from old and upgraded, to continue the discussions, or not, and to try cloning the two to restore my ability to post process nudies shot with my camera phones. And other pics. I wrote an AI MathCAD program to postprocess nudies (it's fine art fer heaven's sake) that actually simualted the artist's brush strokes. More on all this in I hope a month.
DGoncz
Click to expand...
Click to collapse

@DGoncz You could do that, or, you could just do a complete wipe/reset. Should be 4.2.2 after that. You may also be able to use a hex editor to set the start of the jpeg file to whatever your proggie wants to see. Good luck c_p

[REF][ROM]Recovery Flashable Stock SM-N900V ROMs

[size=+2]As a convenience to the users here, I have created recovery-flashable versions of the SM-N900V (Verizon Samsung Galaxy Note 3) Stock ROMs from the following releases:[/size]
[size=+3]NC4 NJ6 NK1 OB6 OF1 PL1[/size]
These flashables are ONLY INTENDED FOR SM-N900V OWNERS WITH UNLOCKED BOOTLOADERS AND STANDALONE CUSTOM RECOVERIES.
These ROMS are NOT pre-rooted. You are responsible for doing that (flash a superSU .zip in the recovery following the ROM flash if you desire root). Or, use the custom recovery's offer to root for you.
These ROMs are NOT debloated. Almost all of the original bloat and crapware is enabled.
[size=+1]NOTE: Odin-flashable Modems are provided as separate downloads for those that want to mix-n-match.[/size]
[size=+2]::::: MODIFICATIONS FROM 100% STOCK:[/size]
A small number of preinstalled apps have been suppressed/frozen; specifically those involved in automatic recovery-partition regeneration, OTA, Knox, or carrier spyware. See notes at [*1]
Also, the following two "build.prop" properties were disabled:
Code:
ro.config.tima=0
ro.securestorage.support=false
This seems to produce more stable ROMs when bootloaders are mix-n-matched with different ROM versions.
A script is provided which allows reversal of all of the above modifications to produce a 100% stock ROM (should you want that). See the notes at [*3]
[size=+2]::::: DOWNLOADS:[/size]
ROMs - Courtesy of Androidfilehost.com
Flashable Modems - Courtesy of Androidfilehost.com
[size=+2]::::: INSTALLATION[/size]
- Wipe system, dalvik, cache, and data (do not wipe /data/media)
- Flash ROM
- (OPTIONAL: full stock behavior restore. See [*3] ) (if you don't understand what this is, don't do it.)
- (OPTIONAL: inject root using chainfire's flashable superSU .zip, or allow the custom recovery to inject root) See [*4]
These flashable .zip ROMs ONLY modify the "system" and "boot" partitions. No bootloader firmware, modem firmware, or recovery partitions are affected; nor are wipes performed on any other partitions.
A script is provided in /system/etc for the ROM suppressions to be completely reversed, resulting in an almost-identical-to-Odin-stock ROMs, including resumption of OTAs etc. [*2]
[size=+2]::::: FEEDBACK REQUESTED [/size]
Because of the bootloader firmware anti-rollback protections, it is impossible for me to test all combinations of bootloader vs. kernel+ROM versions. I am presently still on NC4 bootloader firmware and have run all of these on top of the NC4 bootloader (sometimes flashing the modem which matches the ROM version, sometimes not) If you use any of these with a unique combination of bootloader and kernel/ROM, please drop a success/failure report here. Make sure to report both the bootloader and modem firmware versions.
[size=+2]::::: APPLICATIONS (or, Why Would I Find These Useful)?[/size]
- You want to run a Rooted PL1 stock before a root method becomes available without flashing the PL1 bootloader firmware. Benefit of more security against malware, but all the flexibility of root.
- You want to work on attempting root exploits of the PL1 ROM/kernel without taking the plunge of potentially locking your device forever with an Odin full-PL1 stock flash. E.g., flash the PL1 stock ROM over prior bootloaders (NC4/NJ6/NK1/OB6/OF1). The device can be used as a daily driver while you test your code... assuming that it operates correctly (TESTERS WANTED!)
- You want to flash back to Stock "for a minute" to check something, but without having to completely backup, wipe the device, re-root, re-unlock the bootloader, re-install your custom recovery, and restore your "SD card" data.
- You want a ROM where GPS/NFC/BT "just works"
- You occasionally want to use those Samsung S-Pen or TouchWiz apps.
- You'd like to create your own version of debloated stock.
- You think you might have damaged your hardware doing something and want to "see if it still works on stock"
- You want to run a rooted-stock KitKat ROM despite the fact that your ROM will have giant gaping security holes in it (that can be elevated to root privilege from an app with absolutely zero Android privileges)
[size=+2]::::: FAQs[/size]
Q - I am going to sell/give away my device. Should I use this?
A - Probably not. Use Odin with a factory image instead. These flashes by themselves do not enforce consistent bootloader, modem, or recovery firmware.
Q - Why didn't you debloat XXX and YYY from these?
A - Laziness. And besides, everyone has a different idea of what "debloated" means. Moreover, I wanted something that could easily be toggled into a "100% stock" configuration.
Q - I flashed one of these ROMs and yet I still see the "Knox Warranty" message when I boot up. Are the boot images non-stock?
A0 - The boot images in these ROMs are pure stock, right from the Odin factory tar/.md5 blobs.
A1 - Does your bootloader version match the kernel/ROM version? At least with the NC4 bootloader, you get that message when booting any kernel which is not the NC4 Samsung kernel - even when they are validly signed Samsung kernels. So, the only time you do not get that warning message is when the boot image is unmodified AND it exactly matches the version of the bootloader. I suppose that is the same behavior for other bootloader versions. Sigh.
A2 - "Systemless" root injection modifies the boot partition. That certainly will break the signing as you have modified the original boot image.
There is a way to check to see if your boot image has been modified; here it is:
1) compute the md5sum of the "boot.img" file from the release
2) find out the size/byte length of the factory "boot.img" file ("ls -l boot.img")
3) dump the same number of bytes out of the boot partition and pipe those bytes into the "md5sum" utility:
Code:
dd if=/dev/block/platform/msm_sdcc.1/by-name/boot bs=FILELENGTH count=1 | md5sum
Q - I did the stock reversion process and I still have the "Custom" logo showing up on my phone during boot-up. Why?
A - Because you are using a custom recovery, or a kernel which is mismatched to the version of the bootloader firmware. These ROMs are intended for use with unlocked phones with a custom recovery in any event.
Q - I can't get Knox containers to work. Why?
A - Knox containers will not work on phones with a blown Knox Warranty flag. That's an irreversible change you made to your phone when you unlocked it and booted an unsigned kernel. Sorry.
[size=+2]::::: Revision History[/size]
0.95 remove umount /system at end of reversion script; undo Mobicore service suppression.
0.94 add ELM*{.apk|.odex|etc} to suppressions
0.93 correct chmod mode in restore script for bin/install-recovery.sh (PL1)
0.92 baseline
[size=+2]::::: FOOTNOTES[/size]
[*1] For example: bin/install-recovery.sh, LocalFOTA, SDM, Knox*, VMS, SysScope, et cetera. All the other commercial bloatware and Samsung apps remain. NOTE: because of the possiblity of running these kernels/ROMs on mis-matched bootloader(s) where TZ/Attribution failures could disable certain TrustZone capabilities, I have disabled the following properties in /system/build.prop:
ro.config.tima=0
ro.securestorage.support=false
These may be easily reversed and the device rebooted.
[*2] If you were returning to stock in order to sell or dispose the device, probably it is best to just use Odin with the factory images.
[*3] Using the custom recovery's Advanced->Terminal function, find the script name in /system/etc, i.e.
Code:
ls -l /system/etc/bftb0*
and then
Code:
. /system/etc/bftb0_README*
It is sort of unlikely that anyone would need to use this. It may even be the case that Verizon has stopped providing OTA updates on older releases anyway. But it's there if you want it.
If nothing else, this script is very easy to read and so it documents all the changes that make it slightly different from pure stock; if you want to reverse one particular suppression, just read through the script and perform those individual changes manually, and reboot.
[*4] Since about superSU 2.65, the SuperSU .zip installation method MODIFIES THE BOOT PARTITION! The same is true of "systemless" root installations performed by custom recoveries (e.g. TWRP). You need to be aware of this in one very particular application: Installing a new bootloader over the top of a pre-rooted ROM which has the stock kernel version matching the version of the to-be-installed bootloader/modem firmware.

Running twrp/developer mode (via the unlocked bootloader thread), s7 edge AryaMod rom, with NC4 modem.
Do I flash this via twrp or Odin to get on the PL1 modem?
I want to stay on aryamod. I just want to update my modem

@bftb0 Thank you for this thread Sir. You are always a missive help :good:

godrick15 said:
Running twrp/developer mode (via the unlocked bootloader thread), s7 edge AryaMod rom, with NC4 modem.
Do I flash this via twrp or Odin to get on the PL1 modem?
I want to stay on aryamod. I just want to update my modem
Click to expand...
Click to collapse
Then just flash the N900VVRSEPL1_Modem.tar.md5 modem using Odin. (In the AP slot)
The modems are in a separate folder titled "OdinFlashableModems"; they are meant to be flashed separately according to the whims of the user.**
**having said that - and to stay on topic (which is these Stock ROM flashables) - if any connectivity troubles are encountered, the first thing to be tried is matching the kernel version of the ROM with the same modem version. As in NC4 modem with NC4 kernel, OB6 modem with OB6 kernel, et cetera. Flash the ROM in TWRP, and the modem in Odin (I actually am right now going through a matrix of flashing tests; already it is clear that the NC4 modem can't be used with NJ6 or NK1 kernels, for instance.)
For these ROMs (discussed in the OP) it's probably a good practice to simply download both the ROM of a specific release and the matching modem and perform the first boot of the ROM with the releases paired together. After that folks should feel free to screw around with modems to their heart's content.
cheers
.

bftb0 said:
Then just flash the N900VVRSEPL1_Modem.tar.md5 modem using Odin. (In the AP slot)
The modems are in a separate folder titled "OdinFlashableModems"; they are meant to be flashed separately according to the whims of the user.**
**having said that - and to stay on topic (which is these Stock ROM flashables) - if any connectivity troubles are encountered, the first thing to be tried is matching the kernel version of the ROM with the same modem version. As in NC4 modem with NC4 kernel, OB6 modem with OB6 kernel, et cetera. Flash the ROM in TWRP, and the modem in Odin (I actually am right now going through a matrix of flashing tests; already it is clear that the NC4 modem can't be used with NJ6 or NK1 kernels, for instance.)
For these ROMs (discussed in the OP) it's probably a good practice to simply download both the ROM of a specific release and the matching modem and perform the first boot of the ROM with the releases paired together. After that folks should feel free to screw around with modems to their heart's content.
cheers
.
Click to expand...
Click to collapse
Flash modem from CP slot,
Power off phone, start Odin, turn on phone in download mode.. (vol. down + home + power) and then plug into computer. Hit Vol Up to switch into download mode. Wait for com: notification in Odin and hit Start in Odin.
The above is only for XXXmodem.tar.md5 files. For complete ROMs that also include modem, follow the same except flash from AP slot.
I don't know why, but booting from power off into download mode seems to insure modem only tars 'take'.
Sent from my SM-N900V using Tapatalk

@donc113
I'll admit that I've never come across an Odin guide of any technical depth. I've used both the AP and BL slots (not together) for bootloader firmware, and largely haven't had any major issues flashing modems in the AP slot.
I'm wondering if there is no other purpose for the "slots" other than to be able to sequentially flash firmware using multiple file sources "in a single go". (i.e., the slots are not functionally different from each other, and are mostly there because Samsung service centers have firmware files partitioned by BL/AP/CP/CSC functionality, and the "slots" simply remind their techs to "fill up all the slots" when a complete flash is necessary)
One thing that is certain is that having begun an Odin flash, you can hit the "reset" button in the application (after the phone issues a RESET), but you need to restart the phone again in Odin/Download mode to perform a second flashing operation. Thus (maybe?) the need for multiple slots if firmware is in multiple files?. I guess I could break up a factory image into multiple sets and experiment but that seems low on the priority totem pole right now.
roll your own Odin .md5 tarballs:
Code:
tar -H ustar -c -f Odin-flashable-XYZ.tar flle1 file2 [...fileN]
md5sum Odin-flashable-XYZ.tar >> Odin-flashable-XYZ.tar
mv Odin-flashable-XYZ.tar Odin-flashable-XYZ.tar.md5

bftb0 said:
@donc113
I'll admit that I've never come across an Odin guide of any technical depth. I've used both the AP and BL slots (not together) for bootloader firmware, and largely haven't had any major issues flashing modems in the AP slot.
I'm wondering if there is no other purpose for the "slots" other than to be able to sequentially flash firmware using multiple file sources "in a single go". (i.e., the slots are not functionally different from each other, and are mostly there because Samsung service centers have firmware files partitioned by BL/AP/CP/CSC functionality, and the "slots" simply remind their techs to "fill up all the slots" when a complete flash is necessary)
One thing that is certain is that having begun an Odin flash, you can hit the "reset" button in the application (after the phone issues a RESET), but you need to restart the phone again in Odin/Download mode to perform a second flashing operation. Thus (maybe?) the need for multiple slots if firmware is in multiple files?. I guess I could break up a factory image into multiple sets and experiment but that seems low on the priority totem pole right now.
roll your own Odin .md5 tarballs:
Code:
tar -H ustar -c -f Odin-flashable-XYZ.tar flle1 file2 [...fileN]
md5sum Odin-flashable-XYZ.tar >> Odin-flashable-XYZ.tar
mv Odin-flashable-XYZ.tar Odin-flashable-XYZ.tar.md5
Click to expand...
Click to collapse
The CP slot is also able to flash .bin files.
Sent from my SM-N900V using Tapatalk

Carrier unlocked
flashed rom .rebooted with t-mobile SIM, wih no option in setting to change APN
bftb0 said:
Then just flash the N900VVRSEPL1_Modem.tar.md5 modem using Odin. (In the AP slot)
The modems are in a separate folder titled "OdinFlashableModems"; they are meant to be flashed separately according to the whims of the user.**
**having said that - and to stay on topic (which is these Stock ROM flashables) - if any connectivity troubles are encountered, the first thing to be tried is matching the kernel version of the ROM with the same modem version. As in NC4 modem with NC4 kernel, OB6 modem with OB6 kernel, et cetera. Flash the ROM in TWRP, and the modem in Odin (I actually am right now going through a matrix of flashing tests; already it is clear that the NC4 modem can't be used with NJ6 or NK1 kernels, for instance.)
For these ROMs (discussed in the OP) it's probably a good practice to simply download both the ROM of a specific release and the matching modem and perform the first boot of the ROM with the releases paired together. After that folks should feel free to screw around with modems to their heart's content.
cheers
.
Click to expand...
Click to collapse

teeve said:
flashed rom .rebooted with t-mobile SIM, wih no option in setting to change APN
Click to expand...
Click to collapse
https://forum.xda-developers.com/showthread.php?t=2582747
Sent from my SM-N900V using Tapatalk

teeve said:
flashed rom .rebooted with t-mobile SIM, wih no option in setting to change APN
Click to expand...
Click to collapse
These are in fact Verizon Stock ROMs. If they were intended to be for multiple carriers (out of the box) they would not be in this specific forum, and I would have mentioned it.
That said, any hacks/mods that might have worked in the past on SM-N900V stock ROMs could be possible, with "some assembly required".
I don't have a T-mo SIM to test out the method described in the link @donc113 provided above. (I can tell you though that with a VZW SIM, on the PL1 ROM you only will see "LTE/CDMA" and "CDMA" under Settings->Mobile networks->Network mode. I suppose that could depend on what SIM was in when the phone booted, but I don't really know)
If you get it working, please file a success report. Don't forget to mention the version that you flashed - you omitted that in your Q.
cheers

unlocked Verizon Note 3 w/flashable "stock roms ?
bftb0 said:
These are in fact Verizon Stock ROMs. If they were intended to be for multiple carriers (out of the box) they would not be in this specific forum, and I would have mentioned it.
That said, any hacks/mods that might have worked in the past on SM-N900V stock ROMs could be possible, with "some assembly required".
I don't have a T-mo SIM to test out the method described in the link @donc113 provided above. (I can tell you though that with a VZW SIM, on the PL1 ROM you only will see "LTE/CDMA" and "CDMA" under Settings->Mobile networks->Network mode. I suppose that could depend on what SIM was in when the phone booted, but I don't really know)
If you get it working, please file a success report. Don't forget to mention the version that you flashed - you omitted that in your Q.
cheers
Click to expand...
Click to collapse
OF1. Will try the unlocked hack. Only have LTE/CDMA option as it stands.

Carrier unlocked
bftb0 said:
These are in fact Verizon Stock ROMs. If they were intended to be for multiple carriers (out of the box) they would not be in this specific forum, and I would have mentioned it.
That said, any hacks/mods that might have worked in the past on SM-N900V stock ROMs could be possible, with "some assembly required".
I don't have a T-mo SIM to test out the method described in the link @donc113 provided above. (I can tell you though that with a VZW SIM, on the PL1 ROM you only will see "LTE/CDMA" and "CDMA" under Settings->Mobile networks->Network mode. I suppose that could depend on what SIM was in when the phone booted, but I don't really know)
If you get it working, please file a success report. Don't forget to mention the version that you flashed - you omitted that in your Q.
cheers
Click to expand...
Click to collapse
I dont have a verizon SIM to try the method described in the link. But I flashed the OF1 modem, and when I first start the phone with the T-mobile SIM, it says T-mobile and there is signal bars - and then immediately the data connection goes away and the "not a verizon SIM" comes up:silly:

teeve said:
I dont have a verizon SIM to try the method described in the link. But I flashed the OF1 modem, and when I first start the phone with the T-mobile SIM, it says T-mobile and there is signal bars - and then immediately the data connection goes away and the "not a verizon SIM" comes up:silly:
Click to expand...
Click to collapse
I noticed after my initial reply that those instructions @donc113 referenced presumed there is a "global" mode toggle in the Settings menus, and that doesn't seem to be the case for OF1 (as you say) or PL1 (as I observed).
This isn't an area of expertise for me - I've always been on Verizon, so I never had much of a need to hack a phone to a new carrier. (I'd recommend that you have a complete backup of your EFS partition before you start messing around.) << read that part two or three times.
On PL1, there is this (needs to be executed as root if you don't start it from within an app such as "App Browser"):
Code:
am start -W -n com.test.LTEfunctionality/com.test.LTEfunctionality.LTEFunctionalityTest
And then scroll down to "LTE APN Setting". Hitting the "+" sign (upper right corner) allows you to add a new set of APN parameters. Thing is, I don't know if this is something that allows you to make only a temporary change or if they "stick" after you exit that activity.
There is a file in /efs (namely /efs/apn-changes.xml) which seems to hold APN configuration data, but I have no clue if that is consulted for configuration information, or merely a copy of data that really lives elsewhere.
If the phone isn't your daily driver, you could probably flash back to the NC4 ROM as an experiment to see if "Global" is still available in the settings menu. Not so much because you would want to use an old, insecure ROM, but just to see if you can successfully get it programmed to work with T-mobile for voice+data+sms+mms. At least if you figured out what the correct settings were supposed to be, you'd only be faced with where they are supposed to go in OF1/PL1 (Were you using this phone before on T-mobile? If so, what ROM?)
There's a ton of stuff under the hood with those hidden settings. Hundred if not thousands of tweakable parameters. (If you want your head to spin look under IMS Settings) I would be careful about randomly poking at things. Apparently there's a fair amount of stuff stored in NVRAM which has nothing to do with anything that gets flashed by Odin with factory images, so it is entirely possible to permanently mess up a phone if you aren't super careful about recording prior settings and watching every keystroke. Some of those "maintenance" menus seem to be really poorly programmed - not defensively - and you could make unintended changes simply by walking through a set of menu picks.
.

bftb0 said:
I noticed after my initial reply that those instructions @donc113 referenced presumed there is a "global" mode toggle in the Settings menus, and that doesn't seem to be the case for OF1 (as you say) or PL1 (as I observed).
This isn't an area of expertise for me - I've always been on Verizon, so I never had much of a need to hack a phone to a new carrier. (I'd recommend that you have a complete backup of your EFS partition before you start messing around.) << read that part two or three times.
On PL1, there is this (needs to be executed as root if you don't start it from within an app such as "App Browser"):
Code:
am start -W -n com.test.LTEfunctionality/com.test.LTEfunctionality.LTEFunctionalityTest
And then scroll down to "LTE APN Setting". Hitting the "+" sign (upper right corner) allows you to add a new set of APN parameters. Thing is, I don't know if this is something that allows you to make only a temporary change or if they "stick" after you exit that activity.
There is a file in /efs (namely /efs/apn-changes.xml) which seems to hold APN configuration data, but I have no clue if that is consulted for configuration information, or merely a copy of data that really lives elsewhere.
If the phone isn't your daily driver, you could probably flash back to the NC4 ROM as an experiment to see if "Global" is still available in the settings menu. Not so much because you would want to use an old, insecure ROM, but just to see if you can successfully get it programmed to work with T-mobile for voice+data+sms+mms. At least if you figured out what the correct settings were supposed to be, you'd only be faced with where they are supposed to go in OF1/PL1 (Were you using this phone before on T-mobile? If so, what ROM?)
There's a ton of stuff under the hood with those hidden settings. Hundred if not thousands of tweakable parameters. (If you want your head to spin look under IMS Settings) I would be careful about randomly poking at things. Apparently there's a fair amount of stuff stored in NVRAM which has nothing to do with anything that gets flashed by Odin with factory images, so it is entirely possible to permanently mess up a phone if you aren't super careful about recording prior settings and watching every keystroke. Some of those "maintenance" menus seem to be really poorly programmed - not defensively - and you could make unintended changes simply by walking through a set of menu picks.
.
Click to expand...
Click to collapse
I'm on Jasmine which is OF1 and I have a global mode selection.
{
"lightbox_close": "Close",
"lightbox_next": "Next",
"lightbox_previous": "Previous",
"lightbox_error": "The requested content cannot be loaded. Please try again later.",
"lightbox_start_slideshow": "Start slideshow",
"lightbox_stop_slideshow": "Stop slideshow",
"lightbox_full_screen": "Full screen",
"lightbox_thumbnails": "Thumbnails",
"lightbox_download": "Download",
"lightbox_share": "Share",
"lightbox_zoom": "Zoom",
"lightbox_new_window": "New window",
"lightbox_toggle_sidebar": "Toggle sidebar"
}
Sent from my SM-N900V using Tapatalk

Took a look over in my AFH area at the file counts to see what the activity level was. (The Note 3 is an "old" device, 3 years is approximately infinitely old LOL)
Over 60 downloads of the ROMs (OF1 and PL1 mostly) and about the same count for modems.**
And yet not a single report here of something actually getting installed. I suppose (as XDA doesn't require a login) that lurkers vastly outnumber XDA contributors ???
Ahh, well; I put them up there so folks could use them. Hopefully that's the case.
** oddly, a fair number of downloads of the NC4 modem. No clue what that would mean.
.

I'm running into an error when flashing the ROM in TWRP:
Code:
This package is for device: SM-N900V,hltevzw; this device is hlte.
Updater process ended with ERROR: 7
Error installing zip file '/external_sd/ROM_STUFF/Roms/N900VVRSEPL1_flashable_OTAsuppressed_vo.95.zip'
Updating partition details...
...done
My phone is a N900V.
---------- Post added at 02:12 PM ---------- Previous post was at 01:29 PM ----------
*Update*
Nevermind, I managed to get it working by editing the \META-INF\com\google\android\updater-script, replacing all 'hltevzw' with 'hlte', and updating the zip.

pnuker said:
I'm running into an error when flashing the ROM in TWRP:
Code:
This package is for device: SM-N900V,hltevzw; this device is hlte.
Updater process ended with ERROR: 7
Error installing zip file '/external_sd/ROM_STUFF/Roms/N900VVRSEPL1_flashable_OTAsuppressed_vo.95.zip'
Updating partition details...
...done
My phone is a N900V.
---------- Post added at 02:12 PM ---------- Previous post was at 01:29 PM ----------
Nevermind, I managed to get it working by editing the \META-INF\com\google\android\updater-script, replacing all 'hltevzw' with 'hlte', and updating the zip.
Click to expand...
Click to collapse
Cool :good:
Just for info to anyone else that get that error:
Basically its an error you get if you are using the wrong twrp. In your case you are using an hlte recovery not N900V twrp recovery. But what you did will work :good:

Sczar said:
Just for info to anyone else that get that error:
Basically its an error you get if you are using the wrong twrp. In your case you are using an hlte recovery not N900V twrp recovery. But what you did will work :good:
Click to expand...
Click to collapse
^this.
The custom recoveries don't do any fancy hardware detection during the assert in
META-INF/com/google/android/update-script
; they merely check the value in the script against the property
ro.product.device
that is established by init from reading the /default.prop file when the recovery boots up. Wrong recovery? Wrong ro.product.device value.
The situation is somewhat muddled by virtue of the fact that there are ROMs that will install & run more or less correctly on multiple device types, so the devs either check for each compatible device in the assert statement in the update-script... or they simply omit the assert() in the script altogether.
Either of the latter can lead people to conclude that they installed the correct twrp version - "hey, I used it to install a new ROM and it worked."
I chose to use strict checking when I packaged these up.
In any event, here are the TWRP downloads for hltevzw

bftb0 said:
^this.
The custom recoveries don't do any fancy hardware detection during the assert in
META-INF/com/google/android/update-script
; they merely check the value in the script against the property
ro.product.device
that is established by init from reading the /default.prop file when the recovery boots up. Wrong recovery? Wrong ro.product.device value.
The situation is somewhat muddled by virtue of the fact that there are ROMs that will install & run more or less correctly on multiple device types, so the devs either check for each compatible device in the assert statement in the update-script... or they simply omit the assert() in the script altogether.
Either of the latter can lead people to conclude that they installed the correct twrp version - "hey, I used it to install a new ROM and it worked."
I chose to use strict checking when I packaged these up.
In any event, here are the TWRP downloads for hltevzw
Click to expand...
Click to collapse
this ^^
True. Its not a hardware detection. Its a command in the default.prop i was trying to simplify it as much as possible.
But as you explained in details ?
Thank you

bftb0 said:
In any event, here are the TWRP downloads for hltevzw
Click to expand...
Click to collapse
That is the TWRP I was using though (twrp-3.0.2-0-hltevzw-4.4)

[CLOSED][ROOT][SNAPDRAGON] Introducing SamFAIL: Root Your SM-G950* From Odin!

Introducing:
SamFAIL!
[Size=DEPRECATED]DEPRECATED![/size]
This ENTIRE THREAD is old, busted, and has been deprecated for some time. Please stop reading it, and go to the link below this line of text:
https://forum.xda-developers.com/galaxy-s8/development/root-partcyborgrom-aqi6-deodexed-t3702988
It has some very clear advantages over this version:
- Supports All existing bootloader revisions
- Latest version(s) of Nougat
- Huge community of support
- Telegram channel
- Preinstalled audio mods, visual mods, looks really good
- Actually still works
- very debloated without compromising many touchwiz features. It's over 50% faster on my device
- Deodexed, xposed FULLY supported.
- Rooting method improved, essentially foolproof
I don't want to have this thread closed, but I will
A New Alternative Root Method For The US Samsung Galaxy S8! (G950U Snapdragons)
Rooting your s8 just got easier.
DISCLAIMER 1: Although this method does not trip the "Knox Flag" you are still taking a risk by rooting your device. We are not responsible for your blazing fast smartphone with root! Let's hope this one doesn't catch on fire!
DISCLAIMER 1.5: THIS IS NOT FOR EXYNOS!
First and foremost, SHOUTOUTS!
- @partcyborg for finding the root method!
- @me2151 for testing on Note 8 and facilitating root on the Note 8!
- @elliwigy for... Shenanigans! And thread template
- @Chainfire For opening the door to make this root useful. He will be missed! (no he is not dead, just retired.)
- @samsung for the amazing phone and leaving rediculous loopholes open for us to root!
Disclaimer 2: The method to root should be pretty straight forward as the hard work has already been done for you. With that being said, you will need to know how to download files from the internet, extract a zip file and to use ODIN. That is basically it! Oh yea, PLEASE BE SURE TO READ ALL THE INSTRUCTIONS THOROUGHLY BEFORE ASKING FOR HELP!
Once again...
READ THE ENTIRE SET OF INSTRUCTIOMNS BEFORE BEGINNING!
There are important things to note about this process that WILL likely trip you up if you expecting them. Some things are not intuitive and may sound unimportant to follow but trust me they are. Every single step added her is absolutely necessary.
Prerequisites:
- A working computer with a working USB drive that is capable of successfully flashing firmware to your device.
- Comsey ODIN and Normal ODIN (Found in Post #2 As well)(In case you give up and want to go back to stock)
- SamFAIL S8 Custom Hybrid Combo/Stock firmware package (also in Post #2)
- A functioning Snapdragon Galaxy S8 G950U/U1 or ANY other US Snapdragon based Galaxy S8 that can run the standard 950U firmware. Must be able to boot to download mode, and NO EXYNOS OR
- The CSC file for your phone(also in Post #2)(NOTE: You MUST use the CSC matching your device or your network will not function correctly. If your CSC is not in the downloads section you must download your devices firmware and extract the CSC from it and use that one. I will continue to add CSCs as I have time to download them but please be patient as they can take a while to download. Bonus points if you can send me individual .tar.md5 CSC archives so I don't have to download 4GB of ROM.
Part 1 Instructions:
0) BACKUP YOUR CRAP This procedure wipes your entire phone, so anything that you don't want gone for good back up somewhere NOT ON THE PHONE for the duration of this process. TECHNICALLY it should be safe to leave on a SD card, but checking one accidental checkbox in Odin will make you lose it. Take the SDCard out or copy the stuff to your computer.
1) Unzip the SamFAIL S8 ZIP archive. Inside there will be two tarballs (.tar files). If you have flashed a rom before these should hopefully look familiar. NOTE: There is no CP archive because the hybrid BL_ archive contains all drivers needed to operate your device.
2) Boot up Comsy Odin. Reboot your phone into download mode. Connect your phone to your pc and make sure that you get the Blue box that signifies proper connectivity and that the Odin log has said "Added!"
3) In the AP slot, place the AP tarball. There will not be a long pause like stock ROMs as there is no md5 signature to check.
4) In the BL slot, place the hybrid combo/stock firmware package. Again, you can place these in any slot and Odin will handle it just fine.
5) Click on the OPTIONS tab, and select the following checkboxes: Auto Reboot, Re Partition, F. Reset Time, NAND ERASE ALL.
After finishing the above steps, your Odin should look exactly like this:
{
"lightbox_close": "Close",
"lightbox_next": "Next",
"lightbox_previous": "Previous",
"lightbox_error": "The requested content cannot be loaded. Please try again later.",
"lightbox_start_slideshow": "Start slideshow",
"lightbox_stop_slideshow": "Stop slideshow",
"lightbox_full_screen": "Full screen",
"lightbox_thumbnails": "Thumbnails",
"lightbox_download": "Download",
"lightbox_share": "Share",
"lightbox_zoom": "Zoom",
"lightbox_new_window": "New window",
"lightbox_toggle_sidebar": "Toggle sidebar"
}
6) Read step #5 again and confirm that you have everything selected EXACTLY as shown in the picture and written in the words. Check it again and when you are sure everything is correct press START.
7) Wait for ODIN to complete the flashing of the system partition. Naturally, ODIN and your phone will see this image is not signed and return FAIL. Your device will say "Secure Check Fail: system" or something close to it. THIS IS EXPECTED, DO NOT PANIC OR GIVE UP. Your flash may have failed, but it did not fail hard enough
At this point you may be wondering "What is going on and how does failing to flash get me root?"
The answer is because of a very simople to fix (pre-launch) issue with secure boot verification. I will explain in more detail when we are done and you have root but the short story is, yes they fail the flash when it does not match a known image, but they do so at the end, AFTER all of the data has been written to the disk!
it indicates that everything is ruined and you should bring them your phone right away. Fortunately we are smarer than that. Despite not saying so, while this screen is showing the device is in fact in download mode ready to receive new firmware.
This screen will likely say something like "System Failure" and there will be instructions displayed to take your device to the nearest repair store. Laugh at Samsung's silly attempt at subterfuge.
Now, lets put that data to good use with part II:
8) Reboot the phone into download mode again (hold down power, vol down, bixby) until the device resets back to a blue-green ("Download Mode Color") screen. If you have not seen or experienced a bad flash before, this screen may be new to you. You should see something that says "OPERATING SYSTEM UPDATE FAILED" and find that your phone will boot only to this state and nothing else. DO NOT PANIC! THIS IS EXPECTED and exactly what we want. Odin/Secure Boot are refusing to boot because you flashed unrecognized code, and wants you to flash code it recognizes. Lets give them what they want.
9) If you closed Odin or hit Reset after the first clash, open it again. Plug your phone back in if necessary and ensure that Odin sees you device just like last time.
10) IMPORTANT! IMPORTANT! It is IMPORTANT that you be sure to remember to do the following: Click the RESET button onthe bottom middle of the page. Alternatively, you can Uncheck "NAND Erase All" "Re-Partition", but its extra work to remember which ones.
WARNING: IF you fail to do this, Odin will happily erase your device and have to start from scratch. Worse though is the failure mode. If you don't notice is not obvious that it is caused by this, which will likely cause you and others unecessary grief.
11) Click on the BL row again and Load the same Hybrid Firmware Combination as last time. Be sure the checkbox next to it is selcted.
12) IMPORTANT: If you did not click "Reset", be sure that the AP_ROOTEED_YSTEM tar is NOT loaded. You can uncheck the check box next to it and it will not be sent as part of the coming flash. If you do not do this, you will fail again and it will be for real this time.
13) Click on the CSC row and load the CSC file you downloaded that matches your device and service plan. Be sure that the checkbox next to it is checked.
14) Double check that your screen and options now look like this or has the same options.
- NAND ERASE is UNCHECKED
- F RESET is CHECKED
- REBOOT is CHECKED
This part is basic ODIN flashing here guys... Not rocket science!
15) Press START and watch the LOG tab to see what is happening. If it says the words "Erasing..." you have failed to follow directions and ust start completely over with step again.
16) This is where the Matic happens... Odin will flash all of the fimrware files in the tarball, and will fihnd that all of them are 100% valid signed images by Samsung. Since Odin has a very poor memory, he completely forgets that you had just flashed a bad system image, and marks your secure boot flag as "Safe" and lets you proceed to boot!
17) Have a good laugh (at least i found if funny)
18) The phone will reboot to recovery and dump you there for one of two reasons:
a) You will see the progress bar advance over a feconds to 32% or so and then stop, printing an error about faling to find resize data. This is normal and happens with every flash of CSC OYN that I have ever seen. You are safe to advance to the nxt step.
b) The recovery will immediately exit with an error that says "Failed to mount /system (Invalid Argument)". This is unfortunately bad news as it means that the failed flash attempt was not successful in writing enough data to see the file system. Do not dispair yet though! This happens sometimes with this method. Start off by starting over from scratch. If that does not work, reach out to me and I will walk you through a few procedures that will eventually fix it.
19) If you made it past step 18, all you need to do now is execute a data wipe/factory reset. This is necessary and your device will not boot withiout it, as there is no userdata image file flashed through odin.
Now, wait for the device to boot up (it will take 3-5min like most new isntalls) and then you can try out your new root!
20) Once phone boots up, Setup your device as normal and proceed to the SuperSU app. It will ask you to update the SU Binary. Select Normal method and let it do its thing. A popup should show up to disable KNOX. Follow its instructions then SU should say it was Successful in updating and it needs to reboot(You may have to do it multiple times. I belive its 2 or 3 times then its good) ENJOY SamFAIL ROOT!
NECESARY CLEANUP
The reason that this works at all is that modern filesystems like ext4 (what android uses) are very robust in the face of errors on the disks. Particularly in the days of old when everything was on spinning platters, that may moving parts was a lot more prone to failure, so filesystems were designed to keep your data safe in the face of losing parts of the disk. Fortunately for us this allos us to successfully mount and load android off of an incompleted filesystem. To make sure that the device is table, and that future SamFAIL attmpts do not degrade into "Invalid Argument" errors, we need to do a filesystem repair.
Download fsck.ext4 and push it to your device to fix any errors that cropped up from the SamFail dirty flash.
Connect via adb (or shell on your device) and run the following
FROM YOUR COMPUTER WITH PHONE PLUGGED IN AND AD ENABLED:
Code:
adb push <localpath to fsck.ext4 /tmp/
Then on the Device:
Code:
su
chmod 755 /tmp/fsck.ext4
mount -o ro,remount /system
/tmp/fsck.ext4i -f $(find /dev -name system)
It is possible that oyu will see a LOT of errors reported. Do not worry though all of the stock os will have made it through ok. Press "a" to say auto-yes to all the questions and your filesystem will be healthy from here on out.
EPILOGUE
It is HIGHLY recommended that you follow this step with the flashing of either a custom rom or a full stock /system ROM using FlashFire. The image I provided that is pre-rooted essentially has no more work done to it than that, and I have no plans to do that work anytime soon. Unforutnately my experiments with using SamFAIL to flash more custom /system partitiuons made them a lot more unstable and frequently would not boot at all. Consider this a stepping stone that requires a little less work than SamPWND used to be before more automation work was done.
The AQH3 Image in post #2 has the "warning this device has been modded" message and i took a brief stab at it but wasnt able to get it locked down. If someone wants to do so i will havppily upgrade the rom to a better vesrion. Otherwise there are some really cool bnew roms out for the s8/s8+ now that I recommend checking out.
The more exciting prospect is that this can be used by ANY Samsung device with a permissive Selinux version without dm-verity. That covers a wide range of devices which we will be investifating.
DISCLAIMER 3:
* SamFAIL DOES NOT TRIP KNOX
* SamFAIL DOES NOT FIX THE 80% BATTERY CHARGE ISSUE
* Boot.img is SECURE which means you MUST use SYSTEM ROOT. (Similar to SamPWND)
* This means that MAGISK DOES NOT WORK
* Which also means SAFETY NET FAILS. So any apps you enjoy that require passing Safety Net will most likely not work while you are rooted with SamFAIL
* Again, similar to SamPWND, this root method uses a factory binary boot.img which is necessary to boot the modified system. THIS MEANS BATTERY ONLY CHARGES TO 80% (Thanks Samsung.)
* SamFAIL DOES NOT UNLOCK YOUR BOOTLOADER AND DOES NOT SIM UNLOCK YOUR PHONE.
* This *should* in theory, work for other Snapdragon Models of the Note 8. If you have another model and are successful please post so we can add "support" for other models.
Back to Stock?
- Download the full STOCK firmware of your choice.
- Flash it in ODIN/Comsey ODIN as you would any other time!
- It will take a few reboots for the "custom" splash screen to go away.
Donations:
As always, the devs have been hard at work recently to bring you root. Donations are definitely NOT REQUIRED but if you feel generous and want to spot the devs a few bucks for their hard work you can donate to this Paypal Address:
Donations
NOTE: this message is geared more towards the Note 8 users, for whom this root method is their first and only.
DOWNLOADS will be in POST #2
UPDATES will be in POST #3(RESERVED FOR FUTURE UPDATES)
As always, ENJOY ROOT and thank SamFAIL for making it all possible!
P.S. See why we called it SamFAIL now? Massive fail on Samsungs part.

SamFAIL Downloads​
Rooted AQH3 Android 7.0 System for Galaxy S8 Snapdragon (Flashing in Odin)
AP_SamFAIL_G950U1_AQH3_ROOTED_SYSTEM.tar:
Hybrid Stock/Combination Full Firmware (minus userdata and system) For Rooted Devices.
AQI6 Stock, AQI1 Combo (for Flashing in Odin):
BL_SamFAIL_G950U1_HYBRID_AQI6_STOCK_AQI1_COMBOtar.tar
VZW CSC OYN for US VZW Customers on AQH3 (for Flashing in Odin):
CSC_OYM_SamFAIL_G950U1_AQH3_VZW.tar.md5
Staticly Compiled fsck.ext4 binary for fixing filesystem issues:
fsck.ext4

*YANK*
(reserved for future use)

Yay!

Nice!

Are there any custom ROMs for the Snapdragon variants (specifically the Canadian variant W8)?

Ad.Shk2 said:
Are there any custom ROMs for the Snapdragon variants (specifically the Canadian variant W8)?
Click to expand...
Click to collapse
i have 1 or 2 but not gonna upload em until theres more stuff done.. its basically got minor visual mods and deodex n theusual stuff

That sounds promising... I've been patiently waiting for custom ROMs for the Canadian variant... Good luck to you bro!
Sent from my SM-G950W using Tapatalk

Ad.Shk2 said:
That sounds promising... I've been patiently waiting for custom ROMs for the Canadian variant... Good luck to you bro!
Click to expand...
Click to collapse
but yea,just not enough done yet in order to release.. i hope note 8 root will kick offmore mods n such for us

I'll be going for Aosp based ROMs too, since it's for the Snapdragon
Sent from my SM-G950W using Tapatalk

Ad.Shk2 said:
Are there any custom ROMs for the Snapdragon variants (specifically the Canadian variant W8)?
Click to expand...
Click to collapse
There is one that supports at least everything thats part of CSC OYN:
https://forum.xda-developers.com/tm.../samsung-tmo-galaxy-s8-sampwnd-turbo-t3662719
Its listed under the tmoblle section because the developer has tmobile, but as our devices are multi-csc so is his rom

partcyborg said:
There is one that supports at least everything thats part of CSC OYN:
https://forum.xda-developers.com/tm.../samsung-tmo-galaxy-s8-sampwnd-turbo-t3662719
Its listed under the tmoblle section because the developer has tmobile, but as our devices are multi-csc so is his rom
Click to expand...
Click to collapse
The OP states: "this custom rom is only for tmo. i removed all other carriers config files..."
Also, what's CSC OYN?
Sorry about my illiteracy in this regard, I'm a Nexus/pixel guy which are a breeze to root and customize.
Sent from my SM-G950W using Tapatalk

Ad.Shk2 said:
The OP states: "this custom rom is only for tmo. i removed all other carriers config files..."
Also, what's CSC OYN?
Sorry about my illiteracy in this regard, I'm a Nexus/pixel guy which are a breeze to root and customize.
Click to expand...
Click to collapse
Aww that's a bummer, last I talked to him he was fine with other carrier use.

partcyborg said:
Aww that's a bummer, last I talked to him he was fine with other carrier use.
Click to expand...
Click to collapse
all he has to do is flash a csc after the rom lol if all he did was remove the other carrier stuff

Will this work for the S8 Plus?

NexusS4gFreak said:
Will this work for the S8 Plus?
Click to expand...
Click to collapse
yes if and when a modified system.img is created lol i dont plan on making it as i am already maintaining SamPWND root

NexusS4gFreak said:
Will this work for the S8 Plus?
Click to expand...
Click to collapse
elliwigy said:
yes if and when a modified system.img is created lol i dont plan on making it as i am already maintaining SamPWND root
Click to expand...
Click to collapse
I'm going to do my best to make one shortly but given I do not have an s8+ to test on I'm not so sure how effective I will be

Does this work? Anyone tried. I really want to root my Canadian model sm-g950w

Ad.Shk2 said:
I'll be going for Aosp based ROMs too, since it's for the Snapdragon
Click to expand...
Click to collapse
I think the usual comment about camera quality degrading still stands when using AOSP ROMs? Have yet to root the Samsung S8 but I'd like to do it soon, along with flashing a debloated ROM for my sister.

partcyborg said:
Aww that's a bummer, last I talked to him he was fine with other carrier use.
Click to expand...
Click to collapse
His rom has all the carrier info in it. He just doesn't update the op except the link to new rom.

SUCCESSFUL ROOT: SM-A102U (Boost Mobile)

I have the variant of this phone by boost Mobile. There is so far as I can tell no way to do a normal bootloader unlock procedure on this device. So I have been trying to experiment trying to break or disable verity. Before I get any more excited, let me make sure I understand correctly. None of the partitions for example system, or boot or recovery cannot be flashed while verity is enabled, most certainly if you don't have root access on the device.
Well somehow, and I have yet to be able to repeat this, I was able to flash a system image in Odin, but the device would not boot because I successfully flashed it but because the other binaries did not match the signature of the "custom system". While doing this I was also able to downgrade from binary 8 to binary 7 (android 10 to 9). So I guess my question is, if I am able to repeat this process then how good is it that I am able to flash a system image and How likely would I be able to continue flashing the other partitions? Before I get into detail on how I managed or how I think I managed to do this I want to make sure that this can actually go anywhere before I waste my time.

Okay I I'm not sure if this is what happened that caused the custom system. Inside the AP tar file of the firmware for this device, is a zip file called 'fota'.for a minute it was useless because in order to extract any of the files from it or modify it you need a password, and chain fire just so happen to figure it out a while back and it still works. So with the password I can essentially delete any number of the files I want inside that zip, and it will still flash to the device successfully. Inside that file are various other files like ADBD, sbin and other various interesting files and bin files. I guess I have to experiment more but wouldn't I just be able to modify the fstab, also inside that zip file, to remove verification from the various partitions (verity)? I guess the question is would it still flash. And there's no way to find out without trying because magisk does not touch that folder.

i rooted it
{
"lightbox_close": "Close",
"lightbox_next": "Next",
"lightbox_previous": "Previous",
"lightbox_error": "The requested content cannot be loaded. Please try again later.",
"lightbox_start_slideshow": "Start slideshow",
"lightbox_stop_slideshow": "Stop slideshow",
"lightbox_full_screen": "Full screen",
"lightbox_thumbnails": "Thumbnails",
"lightbox_download": "Download",
"lightbox_share": "Share",
"lightbox_zoom": "Zoom",
"lightbox_new_window": "New window",
"lightbox_toggle_sidebar": "Toggle sidebar"
}

Well it is a successful root, but it doesn't hold. Something stops it from taking fully. It will last for a minute or so before disappearing. So I looked at a logcat briefly and saw a few lines every so often mentioning something about the kernel and relocking it. I'm not at my PC right now so I can't post the logs.

DragonFire1024 said:
Well it is a successful root, but it doesn't hold. Something stops it from taking fully. It will last for a minute or so before disappearing. So I looked at a logcat briefly and saw a few lines every so often mentioning something about the kernel and relocking it. I'm not at my PC right now so I can't post the logs.
Click to expand...
Click to collapse
What files did you flash through odin?

sikkinixx said:
What files did you flash through odin?
Click to expand...
Click to collapse
only the ones I am able. Still haven't figured out how i downgraded from 10 to 9. I flashed the stock firmware (AIO firmware. apparently all carrier stock firmware can be flashed, regardless if its Boost Mobile [BST]). I however did flash the modem (CP) with modem.bin and modem_debug.bin from a combination firmware that's supposed to be factory binaries (which I can't flash any others from that combination because it tells me to get permission to flash them lol).

Im glad someone is trying this I just frp unlocked a galaxy s7 and im feeling confident about rooting this sm-a102u but its what i am using for my every internet access but Im cheering for you DragonFire1 You Got this !

majored said:
Im glad someone is trying this I just frp unlocked a galaxy s7 and im feeling confident about rooting this sm-a102u but its what i am using for my every internet access but Im cheering for you DragonFire1 You Got this !
Click to expand...
Click to collapse
I'm quite sure I don't. I've been able to mimic what I've been able to flash to the device. But regardless it doesn't matter because no matter what way I do or what I flash it fails all kinds of check sums. A lot of things do flash, but a bunch of red text comes across the screen that tells me about binary checks sum errors.but the images do flash to the device but until you restore the firmware that was previously on there it will never work again. I really do hate boost Mobile.

DragonFire1024 said:
I'm quite sure I don't. I've been able to mimic what I've been able to flash to the device. But regardless it doesn't matter because no matter what way I do or what I flash it fails all kinds of check sums. A lot of things do flash, but a bunch of red text comes across the screen that tells me about binary checks sum errors.but the images do flash to the device but until you restore the firmware that was previously on there it will never work again. I really do hate boost Mobile.
Click to expand...
Click to collapse
interesting well now that you mention that if you flash similar firmware cant you essentially add whats misssing i mean ive flashed over an install and still had wifi password saved and some apps im confusing myself now but im pretty sure thats how it went

majored said:
interesting well now that you mention that if you flash similar firmware cant you essentially add whats misssing i mean ive flashed over an install and still had wifi password saved and some apps im confusing myself now but im pretty sure thats how it went
Click to expand...
Click to collapse
It depends. So far I have only been able to use a different modem image and nothing else. Even if I flash the images that do match the flashed files that fail checksum, it still fails secure check. What i am confused about is how I am able to flash anything and even get a check sum failure. I was under the impression that images that fail anything, check sum or secure check, won't flash. So my question is how is it I am able to do so? If something is flashing there has to be a way to flash the files it needs.

So I have successfully made kingroot device owner. Not that it does any good because it doesn't seem to give me root. But using one of my favorite apps to seek the activity
Code:
com.kingroot.kinguser/.receiver.DeviceOwnerReceiver
I used dpm to set-device-owner. I did this from the most recent available firmware for this device on a fresh factory reset with no accounts attached.
Before that I also was able to make icebox apps freezer device owner and disable knox apps.
If anybody knows any other tricks I can use for device owner or something that can escalate privileges from here...

I love icebox apps freezer. You can set it as device owner and have the ability to freeze all applications Including system apps. I have been doing so one by one and as I do, some of Samsung's UI disappears and stock Android fills in. This is probably as close to root as I'll get for a while.

DragonFire, which files did you change in order to obtain root? I want to try this out for myself. Please respond

Nothing in the thread mentioning what files he flashed?

for anyone who needs to test code on this type device i have a sm-a102u1 unlocked running android 9 i wont send it off but i will test anybodys wierd root code maybe this exploit could work https://github.com/grant-h/qu1ckr00t let's make history guys i will be the dude who doesn't know what hes doing somebody compile this and tinker with it all you want and send it off to me to test i think CVE-2019-2215 will be our best bet of pwning this sucker i got a laptop running windows 10 for all your needs so if you like just wanna help but dont have the device or dont wanna brick yours be my guest
and even if you have almost 0 coding knowlage feel free to send your abomnation of a rooting software to just get it tested no matter how bad it is
even if you don't have the device

DragonFire1024 said:
Okay I I'm not sure if this is what happened that caused the custom system. Inside the AP tar file of the firmware for this device, is a zip file called 'fota'.for a minute it was useless because in order to extract any of the files from it or modify it you need a password, and chain fire just so happen to figure it out a while back and it still works. So with the password I can essentially delete any number of the files I want inside that zip, and it will still flash to the device successfully. Inside that file are various other files like ADBD, sbin and other various interesting files and bin files. I guess I have to experiment more but wouldn't I just be able to modify the fstab, also inside that zip file, to remove verification from the various partitions (verity)? I guess the question is would it still flash. And there's no way to find out without trying because magisk does not touch that folder.
Click to expand...
Click to collapse
DragonFire1024 said:
Well it is a successful root, but it doesn't hold. Something stops it from taking fully. It will last for a minute or so before disappearing. So I looked at a logcat briefly and saw a few lines every so often mentioning something about the kernel and relocking it. I'm not at my PC right now so I can't post the logs.
Click to expand...
Click to collapse
Sounds like debugging level needs set to Mid or High from the stock setting of low. This can be done and allow the root to stick until a user reboot.
Applying that whole method After, setting debug level, might actually work. It did for the Note5.
At that point, once root is achieved, it really comes down to making sure all partitions are mounted with the same options.
You can't just remount system as read/write only, if that partition normally has "noatime, etc" mounting options. That automatically triggers a verity panic reboot
You got to do the profit work, as well as, get every letter down to the T as far as copying stock fw. File names in Odin, CB, QL, Date fingerprints, file size to the byte (almost).
It's possible to spoof ALL Day, but most don't think (aka Over Think) all the possible checks and balances that would deviate from a standard stock download/flash.

DragonFire1024 said:
Well somehow, and I have yet to be able to repeat this, I was able to flash a system image in Odin, but the device would not boot because I successfully flashed it but because the other binaries did not match the signature of the "custom system". While doing this I was also able to downgrade from binary 8 to binary 7 (android 10 to 9).
Click to expand...
Click to collapse
Plenty of stock firmware packages in revision 8 ship as Android 9. So really it might not have downgraded as much as you think then.
And going from revision 8 to 7....which part of the firmware downgraded? Just the system image? Do you know this for sure if it couldn't boot?
The old samFAIL method would work something similar to that but you would've had to modify the system image you flashed first.
DragonFire1024 said:
Okay I I'm not sure if this is what happened that caused the custom system. Inside the AP tar file of the firmware for this device, is a zip file called 'fota'.for a minute it was useless because in order to extract any of the files from it or modify it you need a password, and chain fire just so happen to figure it out a while back and it still works. So with the password I can essentially delete any number of the files I want inside that zip, and it will still flash to the device successfully. Inside that file are various other files like ADBD, sbin and other various interesting files and bin files. I guess I have to experiment more but wouldn't I just be able to modify the fstab, also inside that zip file, to remove verification from the various partitions (verity)? I guess the question is would it still flash. And there's no way to find out without trying because magisk does not touch that folder.
Click to expand...
Click to collapse
But will flash successfully like you state or are you asking that question without modifying the otacerts first? Because normally the fota.zip contains a lot of data for most of those things you're saying is failing the checks.
So I'm just not sure about the entire story now....

Delgoth said:
Plenty of stock firmware packages in revision 8 ship as Android 9. So really it might not have downgraded as much as you think then.
And going from revision 8 to 7....which part of the firmware downgraded? Just the system image? Do you know this for sure if it couldn't boot?
The old samFAIL method would work something similar to that but you would've had to modify the system image you flashed first.
But will flash successfully like you state or are you asking that question without modifying the otacerts first? Because normally the fota.zip contains a lot of data for most of those things you're saying is failing the checks.
So I'm just not sure about the entire story now....
Click to expand...
Click to collapse
strange how he didnt post anything on how he did it

timba123 said:
If we pay $50 to $75 for a flash token, maybe factory combo could be flashed then root figured out from there but its not worth it to me to spend that for this pos. So stuck with adb debloat I guess. Oh well
Click to expand...
Click to collapse
I mean, after upgrading, yeah the A10e is a bit dated. BUT WAIT...
The A10e is still a device using an Exynos octa-core SoC. Not a snapdragon or mtk chipset. With full command line access and root privileges the hardware itself is actually still quite capable with its 2gb of RAM.