Better Mobile App

[Firmware][unofficial]1545OYUAMDK ODIN TAR

I've compiled the stock firmware for the Developer edition of the Galaxy S4. Specifically the 1545OYUAMDK variant that shares similarities to our beloved MDK. I got the partitions from users who had made backups prior to gaining root and/or other means to have the least modified version of the stock firmware. As far as the bootloader goes, I have the entire firmware and I edited the partitions to account for the padded zeroes and offsets. Below is a table of partitions, the green are those that I or dev edition owners were able to successfully flash with Heimdall/Odin and are signed, the red are ones that I am unable to flash probably because I incorrectly edited them to be consistent with the sha1 checksums of partitions verifying it immediately before or after or haven’t been tested by someone with a dev device. ​
I should note that I only tested this on a stock root ME7 build, therefore some partitions that I couldn't flash, the Dev edition of the Gs4 might be able to. I did confirm that users on OYUAMDK were able to flash certain parts of the firmware but no one has tried to completely go back to stock. As expected, I could flash all but recovery, boot, and aboot, djrbliss mentions that the difference between consumer and dev builds comes down to how aboot checks boot and recovery in his blog...so my findings are consistent with his research. I confirmed that the partitions that I did flash were actually flashed because I compared the hexdump of the files before and after (since the file sizes are mostly the same after cutting out the padded zeroes and other indicators). If you have a developer device and you absolutely need to flash stock firmware, this is probably as close as you will get, but more work needs to be done to refine this. Note, take precautionary measures and especially be careful when flashing aboot. Feel free to criticize these, and let me know if any changes need to be made. Use at your own risk and remember this is somewhat a work in progress. ​
Edit: One user on a dev build brick claims to have flashed aboot.mbn successfully. Status changed to yellow! (Need one more confirmation before I feel confident to give it the green light, pun intended)
Instructions:
Note that this is more meant for a emergency rather than convenience, also the purpose of this post was both to help the owners of development edition gs4 and to make the process better in the future, this can brick your device
If you do decide to dance with the devil, post your findings. The file is in tar.md5.gz format so odin will extract it to a tar.md5 for you or you can just flash it in heimdall. I have left the firmware.xml and pit file in the tar, you can remove them and edit them as needed.
Using Odin: Odin doesn’t play well with this. I’ve had varied results. Use Heimdall. But if you insist..have the latest Samsung drivers, try Odin versions 3.07+, make sure to run as administrator and select/click PDA then select the tar.md5.gz file. Also make sure that only "Auto Reboot" and "F. Reset Time" are checked before finally clicking start.
Using Heimdall: Load the package using frontend running as root. If you use Heimdall in the command line, then you probably already know what you're doing.
​ RECOMBINATION_I545OYUAMDK_562219_STOCK_RESTORE.tar.md5
MD5:b238ac352255f3b26593dffa6d7aa72f
Download
Download Mirror
Size: File/Partition:
2597816 RECOMBINATION_I545OYUAMDK_562219_STOCK_RESTORE.tar.md5
8 SGR.pit
2518320 system.img.ext4
9000 NON-HLOS.bin
9488 recovery.img
208 tz.mbn
1200 aboot.mbn
50856 modem.bin
268 sbl3.mbn
152 rpm.mbn
96 sbl1.mbn
4 firmware.xml
8072 boot.img
152 sbl2.mbn​
​ Before I get asked "What happens when people on MDK or ME7 try to flash this"?
I'll tell you my results, from numerous flashes in odin/heimdall. My baseband and build type are both now OYUAMDK as shown below and my phone doesn't show a custom screen nor does my phone think its modified. However this doesn't change the fact that we cannot downgrade to a older kernel. This will not unlock your device if you're on MDK or ME7 and flashing this carries a high risk of bricking your device. When flashing the stock MDK restore, ME7 users usually get a "SW REV. CHECK FAIL: FUSED: 3, Binary: 1" message, however with flashing this on ME7 users will receive a "SECURE CHECK FAIL: aboot" message instead either way its a fail.
{
"lightbox_close": "Close",
"lightbox_next": "Next",
"lightbox_previous": "Previous",
"lightbox_error": "The requested content cannot be loaded. Please try again later.",
"lightbox_start_slideshow": "Start slideshow",
"lightbox_stop_slideshow": "Stop slideshow",
"lightbox_full_screen": "Full screen",
"lightbox_thumbnails": "Thumbnails",
"lightbox_download": "Download",
"lightbox_share": "Share",
"lightbox_zoom": "Zoom",
"lightbox_new_window": "New window",
"lightbox_toggle_sidebar": "Toggle sidebar"
}

**
Changelog
10/14/2013 - Initial release
10/19/2013 - Confirmed boot.img and recovery.img flash succesfully - status changed to green
11/09/2013 - User claims to have flashed aboot.mbn succesfully on dev build - status changed to yellow!

Awesome Surge! Now somebody with a Dev ed device on me7 like sound-mind should try it and see if they could restore their device to developer...
Sent from my SCH-I545 Dev Edition using XDA Premium 4 mobile app

I am new to Heimdall. I am running it on a Windows 8 64 bit machine. Heimdall does not see the tar.md5.gz file....it seems to be looking for a tar.gz file. What am I doing wrong or what do I need to do. Thanks. This is a great resource to have,

Skeetch79 said:
I am new to Heimdall. I am running it on a Windows 8 64 bit machine. Heimdall does not see the tar.md5.gz file....it seems to be looking for a tar.gz file. What am I doing wrong or what do I need to do. Thanks. This is a great resource to have,
Click to expand...
Click to collapse
Download 7-zip or winrar. Then extract the tar.md5.gz so it leave you with just a tar.md5. Then either:
1. Rename it to a tar, extract the files, and customize the package you want to flash using heimdall then heimdall will make a tar.gz for you
or
2. Rename the tar.md5 to tar, then using 7-zip in the right click menu or from the 7zip file manager menu select "add to archive" and under archive format select gzip.
Alternatively you can use the tar.md5 with odin, but I highly suggest using heimdall instead. I've had odin flash the file for me, but more often then not it fails for this particular odin tar.

Great! Thanks!
Sent from my SCH-I545 using Tapatalk

Extraordinary progress and dedication and effort. Thank you so much!

So the file includes everything a stock Dev ed official Odin image would right? The red partitions are there even though you could not manage to flash them..
Sent from my SCH-I545 Dev Edition using XDA Premium 4 mobile app

Roland_D said:
So the file includes everything a stock Dev ed official Odin image would right? The red partitions are there even though you could not manage to flash them..
Sent from my SCH-I545 Dev Edition using XDA Premium 4 mobile app
Click to expand...
Click to collapse
Yes the red partitions are still there. But as to whether it includes everything? Technically no, the cache.img.ext4, persdata.img.ext4, and hidden.img.ext4 arent there yet. Im going to have to look more into hidden.img.ext4 because Id include it but. As far as cache.img.ext4 and persdata.img.ext4 I haven't come across a clean copy of either yet. I thought about just usings MDK's but ill look into it more before I include any more partitions.

Upon opening Heimdall I notice that I have the options to Load Package, Flash and Utilities but "Create Package" is greyed out. How does that become enabled?

Skeetch79 said:
Upon opening Heimdall I notice that I have the options to Load Package, Flash and Utilities but "Create Package" is greyed out. How does that become enabled?
Click to expand...
Click to collapse
I haven't used Heimdall in Windows but in linux you have to go to utilities, click detect device, then select save as and save the .pit file. Im not sure if the Windows version of Heimdall has a command line either but if it does you could also type the equivalent of this:
sudo heimdall download-pit --output dev-SCH1545.pit
Click to expand...
Click to collapse
Then go to the Flash tab and under pit click browse and open the pit file you just downloaded. Then click add-->select a partition name-->click browse and navigate the the selected partition file-->Then click add. Now you should be able to use the Create Package option.

Surge1223 said:
Yes the red partitions are still there. But as to whether it includes everything? Technically no, the cache.img.ext4, persdata.img.ext4, and hidden.img.ext4 arent there yet. Im going to have to look more into hidden.img.ext4 because Id include it but. As far as cache.img.ext4 and persdata.img.ext4 I haven't come across a clean copy of either yet. I thought about just usings MDK's but ill look into it more before I include any more partitions.
Click to expand...
Click to collapse
My Dev edition has no modifications, not sure if that helps or not. I'm willing to post what you need as long as it doesn't contain any personal info.

I'm unable to download due to dropbox temp disabled

equake said:
I'm unable to download due to dropbox temp disabled
Click to expand...
Click to collapse
Yeah im in the process of changing file hosts, ill put up a temp mirrror though
Sent from my SCH-I545 using xda app-developers app

This is a great resource and compilation for Dev S4 owners. Have you made anymore progress with this or found anything more? Thanks again for all your hard work and dedication

Well I haven't heard from anyone regarding where heimdall is failing. I also haven't confirmed if people on Dev s4s that took the ME7 update were able to downgrade back to OYUAMDK or not. So far the radio and kernel along with sbl1-3, rpm and tz have been proven to work. I know recovery should work, as I'm able to take it apart successfully, and the build.prop says OYUAMDK. I'm hoping aboot works, aboot is the partition I'm waiting for results on.
Sent from my TouchPad using xda app-developers app

I thought
I was pretty much stock with root (stock recovery and boot images from Bait-Fish and yourself in the other thread) but I constantly had the custom and open lock icon screen when booting the phone. I was reluctant to load ROMS at this point without any sort of safety net (I did make a nandroid early on in case) - even though it is a developer phone and that is what you are supposed to do
I wanted to try the package you put together so I played it safe and just created a Heimdall package to flash the Boot and Recovery only. Flashing went great and now when I boot the phone I get the Samsung S4 boot screen along with the word "official" under about phone->status in the system settings. (if flashing boot and recovery did not work then i would have went as far as flashing the system.img.ext4 - so now I don't have to)
As I said, I flashed both the boot and recovery images posted by Bait-Fish and yourself in the other thread and stayed on a custom status but somehow these boot and recovery images did the trick.
Thanks again.
If you need me to test anything out please let me know.
It would be nice though if the S4 Developer Phone could received OTA's and/or have KIES recognize the phone. Being on MDK we are two builds behind the consumer version with no official way to upgrade and catch up. could I flash the consumer ME7 or MI1 build without worrying about locking the bootloader and my dev phone? If so, then could I always ODIN or Heimdall back down to MDK if I wanted to?
Edit: the recovery and boot images I downloaded from bait-fish were identical in size... does that make sense or should they be different?

Skeetch79 said:
I thought
I was pretty much stock with root (stock recovery and boot images from Bait-Fish and yourself in the other thread) but I constantly had the custom and open lock icon screen when booting the phone. I was reluctant to load ROMS at this point without any sort of safety net (I did make a nandroid early on in case) - even though it is a developer phone and that is what you are supposed to do
I wanted to try the package you put together so I played it safe and just created a Heimdall package to flash the Boot and Recovery only. Flashing went great and now when I boot the phone I get the Samsung S4 boot screen along with the word "official" under about phone->status in the system settings. (if flashing boot and recovery did not work then i would have went as far as flashing the system.img.ext4 - so now I don't have to)
As I said, I flashed both the boot and recovery images posted by Bait-Fish and yourself in the other thread and stayed on a custom status but somehow these boot and recovery images did the trick.
Thanks again.
If you need me to test anything out please let me know.
It would be nice though if the S4 Developer Phone could received OTA's and/or have KIES recognize the phone. Being on MDK we are two builds behind the consumer version with no official way to upgrade and catch up. could I flash the consumer ME7 or MI1 build without worrying about locking the bootloader and my dev phone? If so, then could I always ODIN or Heimdall back down to MDK if I wanted to?
Edit: the recovery and boot images I downloaded from bait-fish were identical in size... does that make sense or should they be different?
Click to expand...
Click to collapse
I can think of no circumstances where I would want my Dev Edition S4 to receive OTA Downloads. I want to avoid those. That is why I bought a developer device to start with. When the Devs have had a chance to see the updates features and incorporate them into new ROM releases that is soon enough for me. If indeed the OTA could be had without locking down the bootloader, I still would not want to accept it. So much goodness in custom roms. I don't consider myself behind at all if I wait for the latest updates to be incorporated into the Roms.
But TEHO, I guess.
Sent from my Hyperdriven Dev Edition Vzw SCH-I545 with KT kernel using Tapatalk 4

wtherrell said:
I can think of no circumstances where I would want my Dev Edition S4 to receive OTA Downloads. I want to avoid those. That is why I bought a developer device to start with. When the Devs have had a chance to see the updates features and incorporate them into new ROM releases that is soon enough for me. If indeed the OTA could be had without locking down the bootloader, I still would not want to accept it. So much goodness in custom roms. I don't consider myself behind at all if I wait for the latest updates to be incorporated into the Roms.
But TEHO, I guess.
Sent from my Hyperdriven Dev Edition Vzw SCH-I545 with KT kernel using Tapatalk 4
Click to expand...
Click to collapse
I hear you! What ROMS are you running and usually how do you go about installing them? (i.e. install custom recovery then flash the ROM as a zip?) I am pretty new to having a developer device and navigating around it. Does Hashcode's SafeStrap work for our dev device? if so, which version? Sorry I am asking so many questions, I am still a n00b, still green, getting my feet wet, I want to make the right decisions and do the right things without royally screwing anything up.

Skeetch79 said:
I hear you! What ROMS are you running and usually how do you go about installing them? (i.e. install custom recovery then flash the ROM as a zip?) I am pretty new to having a developer device and navigating around it. Does Hashcode's SafeStrap work for our dev device? if so, which version? Sorry I am asking so many questions, I am still a n00b, still green, getting my feet wet, I want to make the right decisions and do the right things without royally screwing anything up.
Click to expand...
Click to collapse
In regards to your question about installing ME7 or MI1 I would highly advise against it. We're currently trying to see if someone who already took the ME7 update on their dev phone is willing to test and see if this package will take them back to OYUAMDK, specifically if it will allow them to flash an older aboot. It does not work on consumer ME7 devices, but until we have confirmation from someone who is already on an ME7 build on their dev device, id hold off. As far as custom recovery...I believe you guys have the ability of using loki and/or just regular non loki'd twrp and cwm right? Id use those before I would use Safestrap at this point; more compatibility. Also if you wanted to be on the latest build why not install a ME7 rom? VRUAME7 stock root deodex is already up. I was working on the MI1 stock root deodex rom, but got side tracked lol. Its pretty much done, just cant get wifi to work all time yet. Oh and about the recovery and boot imgs and different sizes, they should be identical the only difference is I trimmed the padded areas, basically the same as you would get from an official Odin image.

Unusual thing with official firmware package? Seems corrupts but flashes fine?

Hi guys n girls,
I am sort of new to the Ace section here. I am doing a re-vamp of my mum's phone and said I would spruce it up a little. Shame there is no decent CM 9 versions that I can get working because of lack of RAM....the only one listed (no disrespect to the dev - thanks for making it available on such a low spec device!) but it doesn't work with my Optus GT S5830V (5830I) for some reason?
Anyway to my point, I have downloaded several versions of the stock firmware from Sammobile. The odd thing is that I cannot extract that firmware at all. Every archive program I have sees it as either being not an archive; corrupt or fails to extract it? So I am unable to make my own 4 part Odin recovery package. Making my own will save time; at the moment I have to flash the 4 part Odin (return to stock) package, then reboot into download mode again and then flash the stock firmware?
3 things I noted.
1). The device is not detected by the so called Odin specific for Ace and variants that uses an Ops type PIT file? The device is plugged in and all drivers upto date....it' just plain doesn't see it? It is however detected and flashable (albeit without an .ops file) using the 4 part package on Odin 3.07 made for my Galaxy S3?
2). I am unable to get any detection with EFS pro and it returns no PIT file?
3). All attempts to extract the stock Optus firmware package fail. I have removed the .MD5 file extension (only needed for preserving file naming conventions anyway - i.e. If you rename any .tar.md5 firmware package, in order to be able to flash it you need only to remove the .md5 from the end and leaving it as .tar and the firmware will flash without error. I digress.....What does someone suggest for me to being able to make my own firmware package based on stock?

First off, wrong section.
Jarmezrocks said:
Shame there is no decent CM 9 versions that I can get working because of lack of RAM....the only one listed (no disrespect to the dev - thanks for making it available on such a low spec device!) but it doesn't work with my Optus GT S5830V (5830I) for some reason?
Click to expand...
Click to collapse
1) We don't have a stable CM9 because our devs don't have the source code for all the drivers, not lack of RAM.
2) Have you formatted your system's partitions to the EXT4 filesystem? CM requires an EXT4 filesystem to operate.
Jarmezrocks said:
Anyway to my point, I have downloaded several versions of the stock firmware from Sammobile. The odd thing is that I cannot extract that firmware at all. Every archive program I have sees it as either being not an archive; corrupt or fails to extract it? So I am unable to make my own 4 part Odin recovery package. Making my own will save time; at the moment I have to flash the 4 part Odin (return to stock) package, then reboot into download mode again and then flash the stock firmware?
Click to expand...
Click to collapse
Jarmezrocks said:
3). All attempts to extract the stock Optus firmware package fail. I have removed the .MD5 file extension (only needed for preserving file naming conventions anyway - i.e. If you rename any .tar.md5 firmware package, in order to be able to flash it you need only to remove the .md5 from the end and leaving it as .tar and the firmware will flash without error. I digress.....What does someone suggest for me to being able to make my own firmware package based on stock?
Click to expand...
Click to collapse
The tar.md5 file has to split into the PDA, CSC, Modem and PIT files using Odinatrix. Search for it.
Jarmezrocks said:
3 things I noted.
1). The device is not detected by the so called Odin specific for Ace and variants that uses an Ops type PIT file? The device is plugged in and all drivers upto date....it' just plain doesn't see it? It is however detected and flashable (albeit without an .ops file) using the 4 part package on Odin 3.07 made for my Galaxy S3?
Click to expand...
Click to collapse
The Odin specific for Ace you stated above might be for GT-S5830. For the variants running the Broadcom BCM21553 the Odin version to use is v1.84. Odin v3.07 is more like a universal Odin that works on most devices.
Jarmezrocks said:
2). I am unable to get any detection with EFS pro and it returns no PIT file?
Click to expand...
Click to collapse
I don't know about this.

NightRaven49 said:
First off, wrong section.
Click to expand...
Click to collapse
Why? I was not actually asking for support as such, just sharing what I learnt/noticed.
NightRaven49 said:
1) We don't have a stable CM9 because our devs don't have the source code for all the drivers, not lack of RAM.
2) Have you formatted your system's partitions to the EXT4 filesystem? CM requires an EXT4 filesystem to operate.
Click to expand...
Click to collapse
Yes I am aware of that. I actually did attempt to flash the CM9 developer package several times all without result.
I tried many methods, firstly the conventional method and then several other unconventional methods. I first flashed CWM recovery 6.0.0.x (something around there) and that was ok but it could not detect the partitions....naturally I was on the standard firmware!
So I then flashed Thunder kernel which allowed recovery to see and mount all the partitions as well as prepare for a CM firmware flash. As I knew that CM required EXT4 I was prepared and flashed Rio's Ext4-RFS conversion script via Aroma in recovery. This worked very well. Only issue was that in doing so it corrupts the system partition and then I am unable to mount it anymore to flash CM.
Returning to stock or even attempting a nandroid restore from this point forward was fruitless as you can imagine. I tried several other combinations before retiring the idea. These included full system wipe after flashing CWM recovery (I figured maybe having data on the partitions its self could be interferring with the EXT conversion scripts? Everything seemed fine and ran correctly as expected only no system mounting.
I tried another method of flashing a ROM that included a kernel with it based on CM7 in the hopes that migrating to CM9 would be easier; this was not the case.
I picked a CM7 ROM that had a conversion script built in for BML to MTD. After returning to stock base via Odin I proceeded to flash recovery 6.0.0.x again, then I immediately flashed CM7 in the hope that I would kill two birds with 1 stone and have CM do its conversion on the fly as well as install (alleviating the need for mounting system after migrating to Ext4). This ROM installed without fault. All was well until I rebooted expecting to boot into CM7....this wasn't the case, I received bootloops like crazy. Naturally I booted into recovery (the ROM had downgraded me to version 5.x CWM recovery - that is fine anyway); I proceeded by clearing the caches and performing a factory reset (note This usually a good thing to do anyway regardless if you came from a clean reset factory firmware or not).
After doing this and rebooting the device reboots continuously as it did prior. I again decided to re-install the same zip as I am aware with changing to CM on many other devices it can sometimes require flashing 2-3 (and sometimes even 4) times for a firmware update to stick. Again still no response and forever bootloops. I decided at this point that if I was to waste the time and effort in Odin'ing back to stock AND THEN flashing my standard firmware that I should try another CM ROM.
I had CM9 available and even though half hour prior I was unable to mount the the system partition, I thought maybe that CM7 had been flashed first so if CM9 can see and mount partitions (like it should have originally) then I could flash CM9 in a hope that it might wipe out what ever was causing all the issues with bootloops.
CM9 installed correctly, however again I could not boot the device at all! I had read a post from a forum member's guide saying that if I got some of these issues that I should flash back to base and try it again. I did this another 3-4,5 times at least, various combinations of wiping base firmware, not wiping base firmware, wiping CM7; not wiping CM7......Always the end result = bootloops.
As you can imagine it was rather annoying if I was returning to base firmware (if I wanted to be stock carrier branded again I needed to flash twice, once to return to stock and again to flash Optus firmware.
Overall I was unable to get any firmware booting besides that which was provided as an Odin package AKA stock firmware. If I flashed a custom recovery over stock firmware I was unable to boot again. Oddly enough I found a standalone version of CWM recovery version 5 that was not CM specific and I performed a backup as it was able to see the stock partitions without throwing errors.
I then opted to do a conversion to EXT4 again and hoped that I could just restore my nandroid backup of the stock partitions like recommended in may of the guides for Galaxy Ace.
Unfortunately again I was unable to boot and the partitions become unmountable leading to yet again flashing back to base unbranded, then flashing stock carrier branded firmware (this has the correct modem for the carrier and region).
At this point I retired the idea of custom firmware. I will later root the device and just leave it on 2.3.7 and do internal/external SDcard swap and flash a theme and maybe a few compatible APKs from newer stock firmwares (at least ICS) to achieve the functionality I was hoping to have by flashing and using ICS. I found the best and most simplest way of achieving this was through Moto-Chopper Root method and adb, most of the documented ways of achieving root on the Ace don't work for the S5830V for some reason. So I will stick with what works.
NightRaven49 said:
The tar.md5 file has to split into the PDA, CSC, Modem and PIT files using Odinatrix. Search for it.
Click to expand...
Click to collapse
Thanks for the tip. :good: I have downloaded this ready now, so I will investigate how this goes? It looks very similar to a application I already use TAR.MD5_PACKAGER however I see it has an option for extracting from .tar.md5 files that have malformed header information. So that sounds like it should do the trick!:fingers-crossed: Do you think that this is maybe intensional as a means of stopping people like us from building custom firmware packages?
I mean the .tar.md5 package flashes perfectly as it should do which is very surprising seeming .md5 signature is very easily broken when you rename the file and you have not even opened it. That was what lead me to flashing it in the first place, I mean I figured that if the .tar.md5 was so corrupt as I believed it was, then the worst that can happen will be Odin will spit an error message and not proceed i.e. it won't even attempt to flash the said firmware!
Myself if I download any firmware that doesn't flash and fails due to md5 error, I immediately open it up and inspect it and unless it was extremely difficult to obtain (I have waited close to 30 hours once for an old firmware package to download from the only source I could find - but regardless if it was damaged or not I only wanted the old bootloader so I could integrate it into a new firmware package so the passing md5 was relatively unimportant), I would just re-download it again.
The fact that ALL of these packages for S5830I are like this (regardless of what browser or means I downloaded the package) and the fact that they DO in fact flash like normal packages, and the phone returns to 100% factory condition; tells me that this does look like a means of discouraging custom firmware developers? hmmm
NightRaven49 said:
The Odin specific for Ace you stated above might be for GT-S5830. For the variants running the Broadcom BCM21553 the Odin version to use is v1.84. Odin v3.07 is more like a universal Odin that works on most devices.
Click to expand...
Click to collapse
The device is actually a S5830V...the V devices are relatively undocumented, but they are essentially just the same as the more common i/M variants. I did my homework first with this, and I can most certainly attest that it is NOT the S5830. I wouldn't attempt flashing S5830 firmware, also S5830i firmware boots and functions as normal and has signal albeit not so strong when the modem is not for our carrier and/or region, but function none the less.
NightRaven49 said:
I don't know about this.
Click to expand...
Click to collapse
Well give the fact that I had performed so many download of firmware that I initially believed to be corrupt I was unable to extract the PIT (or in the case of the generic Ace OPS file) from the firmwares.
Being the fact that there was little known about the S5830V I was unsure if to proceed of not? There are few reports on the device and most of them were of owners bricking their device, only 1 report I know of where a V owner claimed he flashed S5830i firmware without a hitch, again he was not from Australia where I am from, so I was flying blind and scared I was going to brick the device.
At the very least if I had a PIT file I could analyse it and could manually make image backup of the EFS/IMEI partition straight after rooting the phone. I have looked already at scripts that scan the whole emmc and I hit a snag when the kernel I am using is not insecure i.e. adb cannot run as root. I have root and confirmed with root checker app but terminal emulator and/or command line are unable to obtain root
Anyway to shed some light for you EFS Pro is a means of doing this that works on most Samsung devices....just not the Ace as far as I can tell.
Yes I am already aware that there is Galaxy Toolbox and I had actually gone ahead and done all that already,but an incident more recently where I had a device I was repairing with a wiped IMEI and it actually refused to boot. This becomes a hassle when restoring the IMEI cause in order to have Galaxy Toolbox you need to be booted and rooted. I wasted a whole day repairing the IMEI. So pretty much the message here is what good is Galaxy Toolbox to me restoring the IMEI if it can't boot? NONE!
I contacted the developer weeks ago and explained my situation and he is still yet to respond. I explained that I had a V variant of the Ace and wanted to ensure I had all bases covered. I requested information on how I could open the IMEI manually outside of the Galaxy Toolbox in the case that it would not boot (as this was how I restored the other device last week and it worked), unfortunately I am still yet to hear a response form him? Slack.
When I obtain this information I will share it here on XDA in the hopes that people in Australia with this variant will search and find some info on it. This is also why I am making this post here so detailed for folks like me who have been searching fruitlessly for answers.
My thoughts are that maybe there is something still not 100% the same between the i and the V because all custom firmwares I tried made for the S5830i never worked?
There is maybe an issue with how they are scripting their installs that is causing issues, but it is worrying enough that flashing so far has lead to partitions becoming corrupted very easily. I have had this before with my own phone more recently because a dev made a simple mistake in an updater script that called an explicit partition by mounting point ID and not by a more generic mounting point like "/system", "system" which lead to lost IMEI and bricked phone.
I am not blaming the dev though because it is easy to assume that a even though the mounting was non-specific for my device and the partition being called was not actually the EFS, it should not have corrupted my EFS....but that is not true, so a discovery was made and a lesson learned from all this. I managed to revive my device and it lived to fight another day, but simple mistakes made in ignorance or lack of information can still be costly mistakes. Need I say more.
I will report back when I have got a proper partition map for the S5830V and all will be happy days

I don't feel like quoting anymore, but I do spot some anomalies.
1) ...we don't have CWM 6.0.0.x. Are you sure you used the 5830i CWM, not the 5830?
2) I was referring to some other version of Odin when you said the Odin version specific to Ace. Which version were you using then?
3) I don't see how rio's multi-formatter can render the system partitions unmountable. In that case try lopicl.00's EXT4 formatter. Go search for it. After formatting flash Biel's Specific Basic kernel.
also you were asking a question, so naturally this should be in Q&A.

[Solved] No Network Service after flashing NG3

Under status, Network shows as 'Unknown', Mobile network type shows as 'Unknown', Service state is 'Out of service', and Mobile network state is 'Disconnected'.
IMEI shows as nonnull (valid), and IMEISV shows as nonnull (valid). I'm not sure where the issue is, i'm assuming it is somewhere in the modem, but I flashed the NG3 Modem multiple times.
Not really sure what is wrong, can anyone suggest anything to restore my phone before I try something else again?

..

fffft said:
You didn't give us very much detail about anything from what firmware build you tried to flash to what model of S5 you have, screen shots of your phone information in the settings menu or anything else. Which makes it impossible to delineate what happened.
At a guess and that is all that is possible without a detailed description of your configuration.. it sounds like you may have flashed the wrong firmware - intended for another carrier or S5 variant. Which sometimes screws up wifi /bluetooth or occasionally bricks a phone. Check that your firmware build md5 checksum is valid, that the firmware is intended for your native carrier and variant. And if you were flashing a modem separately, confirm that it is for your carrier and matches your baseband (bootloader). Failing that, restore your backup to recover.
If you don't have a backup for some reason, that should be very high on your list of things to start doing. In that situation, download a full stock firmware that is for your specific phone model and carrier, wipe the cache partition and you should be good. In some cases you may also need to do a factory data reset (do that as a last resort, since it will delete your photos, user files, etc).
.
Click to expand...
Click to collapse
I downloaded the stock tar (the full one) here, and selected AP with it. To be sure that my bootloader is updated, I later used the modem/booloader here and I used the right one (900T) and followed the guide at the top of that page for setting "BP" for bootloader and "CP" for modem. When I run the bootloader check command (getprop ro.boot.bootloader), it returns NG3, so I think that's fine too.
I have the 900T (well, this IS the t-mobile galaxy s5 thread).
I probably should have backed up, but I tend not to because I have rarely ran into issues on my previous Note 2 and the times I did, the backup wouldn't have fixed it (usually because the recovery was too big or the modem got corrupted).
And I did use factory reset multiple times, I don't have much on the phone right now and also have an external sd card where I store most of my things anyways.
Specifically, what part of the settings would you want to see?

..

NG3 Full Stock Tar: http://www.androidfilehost.com/?fid=23578570567722728
^ That was what I used under AP.
When I try to repartition, is says "Erasing USERDATA Partition...\nSECURE CHECK FAIL : PIT".

..

fffft said:
Suggesting that you have partition corruption. The purpose of my earlier suggestion to flash the PIT file was to resolve potential partition corruption. So you could do far worse than follow the suggestions in my last post.
.
Click to expand...
Click to collapse
No longer boots after nand erase all. Since the partition failed, I unchecked it and just left NAND erase checked.
Any other suggestions?

rmanne said:
No longer boots after nand erase all. Since the partition failed, I unchecked it and just left NAND erase checked.
Any other suggestions?
Click to expand...
Click to collapse
I don't know why or what @fffft is trying to get you to do but touching the things you are could end up bricking your device if not too careful.
All you need to do is select the full tar file under "AP" and uncheck the reboot and F reset time options.
EDIT: You need to extract the tar file to get the MD5 file that is what you flash in Odin.
If you have no data, just check that the APN settings are properly configured.
I had to flash the tar file a couple times before the modem upgraded. But don't touch PIT or NAND erase.

..

fffft said:
You can't do a normal boot after erasing the NAND, since that has wiped our your system files. That isn't unexpected. But your phone will still boot to download mode, sometimes called "Odin" mode. Volume down + home + power.
Once your write a replacement firmware image it will boot normally again. Writing a full image is recommended. Odin can be fussy and seemingly a bit more so with larger writes than when flashing smaller writes. And possibly easier with earlier S5 firmware builds (not proven, just an impression).
If you persist Odin will write the image, it just takes several attempts sometimes. If a given write fails, do not reset Odin on your PC, just pull the phone battery, replace it.. boot to download mode again and flash again from the open Odin window. Inevitably the flash will succeed the second time even though Odin balked the first time. If you have persistent problems, try a different USB cable and USB port.
The poster above doesn't understand what the NAND or partition features accomplish, but anyone doing their due diligence would find informed threads supporting my recommendations when partition corruption is suspected or needs to be repaired.
..
Click to expand...
Click to collapse
I didn't just erase the NAND though, I also added the .tar.md5 file that I pointed to earlier, which should have added back the system files. Well in any case, I flashed TWRP, and according to it, the Data partition was not properly partitioned (and thus not mounted) and I wiped that with TWRP, and installed another custom ROM (ViSiX), and it has the same issue right now ("Searching").
I did try the earlier S5 images (NF6, which is what the phone initially came with), and I flashed the proper modem/bootloader there also, but it still has no service.
I know that the sim card is working because I still have my other phone (note 2), and it works fine in that. I still don't understand what about the S5 that is not working. It doesn't even say no service anymore. It's just searching...
by replacement firmware image, do you mean the whole stock rom image? Or do you mean just the firmware, as is given in that stock collection thread.

elesbb said:
I don't know why or what @fffft is trying to get you to do but touching the things you are could end up bricking your device if not too careful.
All you need to do is select the full tar file under "AP" and uncheck the reboot and F reset time options.
EDIT: You need to extract the tar file to get the MD5 file that is what you flash in Odin.
If you have no data, just check that the APN settings are properly configured.
I had to flash the tar file a couple times before the modem upgraded. But don't touch PIT or NAND erase.
Click to expand...
Click to collapse
Also, 'had to flash a couple times'? Why on earth would there be non-determinism involved in a phone? I'm genuinely confused.
APN settings appear to be the exact same as my previous phone, and it shouldn't be the issue anyways because the APN is only useful to look at for network use right? I can't even call/text, since it says that I'm not registered on the network.

rmanne said:
Also, 'had to flash a couple times'? Why on earth would there be non-determinism involved in a phone? I'm genuinely confused.
APN settings appear to be the exact same as my previous phone, and it shouldn't be the issue anyways because the APN is only useful to look at for network use right? I can't even call/text, since it says that I'm not registered on the network.
Click to expand...
Click to collapse
I don't know why but the baseband doesn't always flash. So flashing it twice in a row usually does the trick,
Sent from my SM-G900T using Tapatalk

I did just try the install modem twice in a row with no luck.

What's the best recovery to use with this phone? I'm using the twrp that you can download on their official website right now, but from what I remember, on the Note 2, if you install using the 'wrong' version of TWRP, your service won't work.
Also, another thing that I've noticed is that during the initial one time initialization, instead of saying "Samsung Galaxy S5 (T-Mobile)" (or something like that), it is now saying "Samsung galaxy S5" without the T-Mobile addition to it. I think that it has to do with the recovery that I flashed, since it's what determines the phone model more than anything.
EDIT: used to say "Galaxy S5 ..." and now says "Galaxy S5"

rmanne said:
I did just try the install modem twice in a row with no luck.
Click to expand...
Click to collapse
I'm talking about the entire md5 file.
I use twrp.
Sent from my SM-G900T using Tapatalk

elesbb said:
I don't know why but the baseband doesn't always flash. So flashing it twice in a row usually does the trick,
Sent from my SM-G900T using Tapatalk
Click to expand...
Click to collapse
Does the download mode have something to do with it?
On mine, it says:
ODIN MODE
PRODUCT NAME: SM-G900T
CURRENT BINARY: Custom
SYSTEM STATUS: Custom
KNOX WARRANTY VOID: 0x1 (2)
QUALCOMM SECUREBOOT: ENABLE (CSB)
RP SWREV: S1, T1, R1, A1, P1
UDC START

elesbb said:
I'm talking about the entire md5 file.
I use twrp.
Sent from my SM-G900T using Tapatalk
Click to expand...
Click to collapse
Yep, I was trying to install the entire md5 ("G900T-UVU1BNG3-MODEM.tar.md5"), unless you meant the full stock rom.

..

fffft said:
We're assuming that your stipulation that the IMEI is valid is correct. I'd look at the service mode menu and check the certificate status to confirm that if you haven't already.
You could also do a search to see if anyone is having problems with the most recent G900TUVU1BNG3 firmware. Or even better temporarily revert to the a known stable, earlier firmware version. If you flash a full firmware image from May, your certificate status is valid and your APN info is correct then you'd have a reasonable basis for suspecting a hardware failure.
Hardware is unlikely though unless you can associate it with trauma or pre-existing symptoms, none of which you mentioned. Network connectivity issues inevitably arise from flashing a modem or firmware image intended for a different platform, a corrupt cache or corrupt system files.
.
Click to expand...
Click to collapse
http://forum.xda-developers.com/showthread.php?t=2754957
^ I ran through that first post, and did as it said without any improvement.
How do I check the certificate status?
From what I can tell, no one else is having the issue (or at least no one has yet posted about it). And as I've already said, NF6 didn't work either (it was working when I got my phone, but now doesn't work after trying to revert everything to stock).
APN info is certainly correct.
I didn't unbox this phone, so I'm not actually sure that it's the right model, but its first boot showed the 'T-Mobile' display screen, so I see no reason to doubt that it's a 900T. I will recheck this just in case.
EDIT: I found the certificate status i think
The page says "IMEI Certi: PASS, 1\nUnknown"
also includes "REJECT:6, LU_ATT#: 0", "SERVICE : LIMITED", "STATE: DEREGISTR SUB:1", "PA STATE:0(ET),HDET:0", "and a bunch of numeric values above it. Band 4, BW 10MHz, MCC-MNC, TAC, Earfcn_dl, PCI: 0, RSRP -94, RSRQ -10, SNR 17.4-22.1
What does it mean? What is "LU_ATT"?

Solved!
For whatever reason, it seems that the person who sold the phone reported it as stolen (according to T-Mobile customer service, a phone marked as lost will not be able to access network services) at around the same time that I flashed the update. I did think something was fishy since I didn't immediately lose network. I feel like I was on NG3 for at least a few hours before it stopped working, but I thought I might have just been imagining things, since the timing was just too close to properly make a note of.
Well, thanks anyways, I appreciate the time you two took to attempt to help.

NK1, OB6, OF1 testers wanted for NC4 back-booting trials

So, I cobbled together a (custom-recovery) flashable NC4 stock ROM.
I'm interested to find out whether it is possible to boot it successfully from later bootloader firmware - e.g. NK1, OB6, or OF1
(I'm still on NC4 bl and not planning on upgrading near term. It boots on NC4 bl but that's pretty obvious lol)
[size=+2]Q: Why would this be useful?
A: to provide a means for upgrading bootloader firmware without starting from scratch.[/size]
For instance, there are folks on OB6 firmware that would like to use a custom ROM that will only work on OF1 firmware. They can certainly start from scratch (backup and unload the entire device); an alternative would be to:
- Make a backup of an existing rooted ROM (that more than likely has a custom or modified boot image so is not bootable when the bootloader gets re-locked) using the currently-installed custom recovery (which will also be non-bootable under re-lock).
- Restore a (debloated) pure stock ROM w/ Samsung kernel. Root it with Towelroot (does not touch boot image)
- Flash replacement bootloader only in Odin. Locked bootloader = no custom recovery... but with a rooted stock ROM already in place with an unmodified stock kernel it can be immediately unlocked.
NC4 is easily rooted with Towelroot-v3 "on device". No need for PC drivers, online rooting tools with a separate PC, etc (e.g. as with Yemen rooting methods on OB6, OF1)
This approach in principle saves the need to backup everything up in the /sdcard - but you have to know in advance that the NC4 stock kernel and ROM can successfully be booted with later bootloaders.
So anyway, that's what I'm asking for help testing with - folks that are: (a) unlocked and (b) on NK1, OB6 or OF1 bootloader willing to try flashing a debloated NC4 Stock ROM using their existing custom recovery, and see if it boots, roots, and if root survives a single boot cycle.
Contact me via this thread or PM; I'll provide the flashable NC4 and the Towelroot .apk
.

my n900v came with 5.0 Of1 but i rooted, unlocked BL. installed twrp and flashfired NC4 tar minus recovery
runs smooth.I hate lollipop.lol
only bug is wifi password resets everytime i reboot
im curious as to why i have trouble running certain nc2/nc4 roms..some want to bootloop/freeze
baja,biggins,and objective rom
kernel issue maybe? or BL version
btw. i am rooted via towelroot v3

hotrod85z said:
my n900v came with 5.0 Of1 but i rooted, unlocked BL. installed twrp and flashfired NC4 tar minus recovery
runs smooth.I hate lollipop.lol
Click to expand...
Click to collapse
Thank you for posting that, very useful/helpful information to know.
Does Flashfire understand the Samsung "sparse" image format of the system.img.ext4 file inside the Stock (Odin) .md5 tarfile blob? Or maybe somebody else packaged up a "flashable .zip" of NC4?
hotrod85z said:
only bug is wifi password resets everytime i reboot
Click to expand...
Click to collapse
in /system/build.prop, set ro.securestorage.support=false and reboot. You might also want to set ro.config.tima=0 as well.
I suspect that mixing and matching Samsung kernels with bootloader versions breaks something in the TrustZone, and so secure containers and other sort-of-obscure security functions no longer work as the TZ smells something fishy. I am using a rooted PL1 rom on NC4 bl and it would spontaneously reboot (infrequently) until I made the above changes - it's been rock stable for about 4 days now. Why this works I can't really say - it's a "generation skipping" bootloader and stock rom combination - N* bootloader and P* ROM *
hotrod85z said:
im curious as to why i have trouble running certain nc2/nc4 roms..some want to bootloop/freeze
baja,biggins,and objective rom
kernel issue maybe? or BL version
btw. i am rooted via towelroot v3
Click to expand...
Click to collapse
all of the above or none of the above LOL
There are definitely some mysteries here, and I don't claim to fully understand the interdependence of the TZ (== bootloader firmware), the TIMA and RTKP stuff in the kernel, and the cross-communication between kernel and TZ via the qseecom service daemon (which is in the ROM in /system/bin) much less how the APIs of all these interfaces might have changed between major releases.
You could check those two build.prop settings in those ROMs for starters though. I suspect that if the TZ smells something fishy (e.g. a kernel TIMA to TZ info mismatch), a variety of secure credential services in the TZ stop working. It is possible that "ro.securestorage.support" is a toggle that attempts to use TZ services when it is set to "true", and so anything in the ROM which builds on it breaks because the TZ is refusing to play on an otherwise "stock" ROM variant.
FWIW I got the AryaMod (S7Edge MM port) + phantom kernel running on NC4 bl + OF1 modem for a full 24 hours after I disabled the qseecom service daemon. It ran long enough that I had customized the whole thing as a daily driver with all my apps, verified that all sensors & radios worked, made test calls, etc. Rebooted it and the kernel started getting reset by a "Modem Reset". Even weirder was that despite the use of the OF1 "modem" firmware, the kernel was reporting a bunch of RIL "unknown ioctl's". Strikes me as odd that the whole thing could run that long with so many different things happening, and then the "modem" is unhappy - even though other folks are using the ROM with OF1 bl + OF1 radio/modem firmware. (As if the "modem" isn't really the source of the problem, even though that's what initiates the device reset).
.

i initially tried flashing NC4 full tar via ODIN. but even bl unlocked. i got FAIL. flashfire worked!
very curious as to whether a custom n900v kernel would boot my 4.4.2 custom roms..its either that or the BL isnt compatible with non-touchwiz roms....
most of the kernel/modem/firmware links on here are 404 error dead links.. would be nice to see an up to date sticky. ill flash anything as long as i dont end up in JTAG mode with a brick.lol
ive played with verizon s5 atnt s2,galaxy capitivate,atrix 4g and many other phones
the s2 is still by far the fastest Smoothest phone on cm7..the newer the phones..the newer the OS..the bigger the resourse hogs"ram" im a minimalist...
even after flashing NC4 official full tar..im still showing OF1 baseband under settings

@hotrod85z
FWIW I posted a bunch of recovery-flashable stock ROMs here.
There is also a link in that thread to a complete set of (Odin flashable) modems for NC4, NJ6, NK1, OB6, OF1, and PL1 if that is of interest to you.
Maybe I wasn't paying attention, but I could swear that on at least one occasion or two when I performed an Odin modem flash, it didn't "stick", despite no complaints on the handset screen or in Odin - the next boot showed the (prior) baseband version, not what I flashed. Its a bit of a mystery to me; but for now I've resolved to make sure that after the Odin session is complete, I wait 30 seconds or so, then remove the USB cable, and then pull the battery rather than try to restart the device by holding buttons down. It is possible that those events occurred when I soft-restarted the phone, but I'm not sure. For now I'm just trying to always flash and restart with exactly the same method to avoid different behaviors from creeping in.
PS I have no idea if those ROM flashables are compatible with Flashfire. They might be, but I've never tested it, and as they are not pre-rooted I'm not going to suggest it for fear that somebody with a rooted but locked (bootloader) phone will try using flashfire and then end up with a phone that needs a full Odin re-install. Appearances are that each version of the bootloader restricts the Samsung signing verification to only the matching kernel version - you can't even boot a Signed samsung kernel on a locked phone if it is a different version than the bootloader's version.

Hello all I have a emmc exploit note 3 I'm using here and I wanted to flash different radios for the us carrier note 3's and I first tried to use flash fire to try to update the modem, but even that didn't stick, cause I don't readily have a pc available, I wasn't ballsy enough to flash a different carrier modem, since I checked the odin screen and saw that instead of a bootloader unlock, its in developer mode and I didn't want a brick, so overall my question is, do I need a unlocked bootloader to flash different modems and do I need odin tovdo it or will some sort of mobile odin or something do it? Thanks mates and happy flashing.

Dlind said:
Hello all I have a emmc exploit note 3 I'm using here and I wanted to flash different radios for the us carrier note 3's and I first tried to use flash fire to try to update the modem, but even that didn't stick, cause I don't readily have a pc available, I wasn't ballsy enough to flash a different carrier modem, since I checked the odin screen and saw that instead of a bootloader unlock, its in developer mode and I didn't want a brick, so overall my question is, do I need a unlocked bootloader to flash different modems and do I need odin tovdo it or will some sort of mobile odin or something do it? Thanks mates and happy flashing.
Click to expand...
Click to collapse
Well, your question is way off topic for this thread.
But since nobody is in here anyways, I guess I'll answer the parts that I am able to.
The modems that I posted over in that other thread were meant to be flashed in Odin using a PC. You can use either the AP slot or CP slot. Note that the very first post says - in big bold blue letters "Odin-flashable Modems".
Not flashfire. It never said anything about flashfire.
Is there such a thing as MobileOdin? If there is, I know nothing about it and certainly have never tested anything with it. So I don't know and am not going to speculate.
You said something confusing here:
Dlind said:
I checked the odin screen and saw that instead of a bootloader unlock, its in developer mode
Click to expand...
Click to collapse
If it says "MODE: Developer" you have an unlocked bootloader. Which is exactly the same thing as a Developer Edition phone.
If you were to use a PC with Odin and you flashed a FULL Stock firmware flash, yes it would overwrite the unlocked bootloader and indeed re-lock the phone. If you were able to re-root that (stock) ROM, you could perform the unlocking procedure again to unlock it.
On the other hand, those Odin-flashable modem packages do not contain the bootloader firmware, so if you were to use Odin on a PC to flash just those modem images, your bootloader would not get re-locked - the unlocked bootloader is still there, untouched.
When the carriers issue an OTA update, many times (perhaps most of the time) they contain a modem update (NON-HLOS.bin and modem.bin). So it is obvious that they are able to be flashed **somehow** right on the phone, without using Odin from the PC or an "Odin app" at all.
BUT that happens using a combination of the STOCK recovery and the bootloader itself during the reboot following the actions taken by the STOCK recovery. (My guess is that the recovery simply "stages" it into place, and sets some flags so that the bootloader knows that it is supposed to evaluate the crypto signatures of the file blobs that the recovery put into place and it is actually the bootloader that does the flashing. That's really not a whole lot different than what happens when you transfer files from Odin to the phone - the "Odin/Download" mode is just one of the personalities of the bootloader. (Odin is actually a rather dumb program - it's the bootloader on the phone that gets to decide whether a flash happens. It does that by carefully examining the file blob that gets transferred, e.g. crypto signature checks)
My guess is that you would be able to flash STOCK modem packages from Odin (using a PC) independent of whether the bootloader is locked or unlocked. But as I said: "guess".
I don't have a second phone to test with, so I would have to flash completely back to stock and lock my bootloader to be able to test that hypothesis. That's a big jobs because of all the crap I have to backup and restore to my phone.
Frankly, if you don't have access to a PC, and you really need your device to keep working, I would advise you to stop screwing around with it, simply because you don't have good tools available to fix it if a disaster occurs.
PS. I've never once noticed anything different between various radio firmwares on ANY device I've ever owned.

bftb0 said:
Well, your question is way off topic for this thread.
But since nobody is in here anyways, I guess I'll answer the parts that I am able to.
The modems that I posted over in that other thread were meant to be flashed in Odin using a PC. You can use either the AP slot or CP slot. Note that the very first post says - in big bold blue letters "Odin-flashable Modems".
Not flashfire. It never said anything about flashfire.
Is there such a thing as MobileOdin? If there is, I know nothing about it and certainly have never tested anything with it. So I don't know and am not going to speculate.
You said something confusing here:
If it says "MODE: Developer" you have an unlocked bootloader. Which is exactly the same thing as a Developer Edition phone.
If you were to use a PC with Odin and you flashed a FULL Stock firmware flash, yes it would overwrite the unlocked bootloader and indeed re-lock the phone. If you were able to re-root that (stock) ROM, you could perform the unlocking procedure again to unlock it.
On the other hand, those Odin-flashable modem packages do not contain the bootloader firmware, so if you were to use Odin on a PC to flash just those modem images, your bootloader would not get re-locked - the unlocked bootloader is still there, untouched.
When the carriers issue an OTA update, many times (perhaps most of the time) they contain a modem update (NON-HLOS.bin and modem.bin). So it is obvious that they are able to be flashed **somehow** right on the phone, without using Odin from the PC or an "Odin app" at all.
BUT that happens using a combination of the STOCK recovery and the bootloader itself during the reboot following the actions taken by the STOCK recovery. (My guess is that the recovery simply "stages" it into place, and sets some flags so that the bootloader knows that it is supposed to evaluate the crypto signatures of the file blobs that the recovery put into place and it is actually the bootloader that does the flashing. That's really not a whole lot different than what happens when you transfer files from Odin to the phone - the "Odin/Download" mode is just one of the personalities of the bootloader. (Odin is actually a rather dumb program - it's the bootloader on the phone that gets to decide whether a flash happens. It does that by carefully examining the file blob that gets transferred, e.g. crypto signature checks)
My guess is that you would be able to flash STOCK modem packages from Odin (using a PC) independent of whether the bootloader is locked or unlocked. But as I said: "guess".
I don't have a second phone to test with, so I would have to flash completely back to stock and lock my bootloader to be able to test that hypothesis. That's a big jobs because of all the crap I have to backup and restore to my phone.
Frankly, if you don't have access to a PC, and you really need your device to keep working, I would advise you to stop screwing around with it, simply because you don't have good tools available to fix it if a disaster occurs.
PS. I've never once noticed anything different between various radio firmwares on ANY device I've ever owned.
Click to expand...
Click to collapse
Thanks SOOOOOO MUCH for your input I kinda had a feeling that the idea was risky at first and I don't know a whole lot about odin and I wish Samsung could have created something much easier to use, but thanks for answering the wayyyyy off topic question, I'm gonna smash that thanks button, I'm also going to take the advise on not cross flashing different modems, its just to risky. You answered all my questions so thanks, Also I want to say thank you for your continued work on this phone is by normal terms "old" now but in reality its still an amazing phone with the right custom software, and happy flashing!

[CLOSED][ROOT][SNAPDRAGON] Introducing SamFAIL: Root Your SM-G950* From Odin!

Introducing:
SamFAIL!
[Size=DEPRECATED]DEPRECATED![/size]
This ENTIRE THREAD is old, busted, and has been deprecated for some time. Please stop reading it, and go to the link below this line of text:
https://forum.xda-developers.com/galaxy-s8/development/root-partcyborgrom-aqi6-deodexed-t3702988
It has some very clear advantages over this version:
- Supports All existing bootloader revisions
- Latest version(s) of Nougat
- Huge community of support
- Telegram channel
- Preinstalled audio mods, visual mods, looks really good
- Actually still works
- very debloated without compromising many touchwiz features. It's over 50% faster on my device
- Deodexed, xposed FULLY supported.
- Rooting method improved, essentially foolproof
I don't want to have this thread closed, but I will
A New Alternative Root Method For The US Samsung Galaxy S8! (G950U Snapdragons)
Rooting your s8 just got easier.
DISCLAIMER 1: Although this method does not trip the "Knox Flag" you are still taking a risk by rooting your device. We are not responsible for your blazing fast smartphone with root! Let's hope this one doesn't catch on fire!
DISCLAIMER 1.5: THIS IS NOT FOR EXYNOS!
First and foremost, SHOUTOUTS!
- @partcyborg for finding the root method!
- @me2151 for testing on Note 8 and facilitating root on the Note 8!
- @elliwigy for... Shenanigans! And thread template
- @Chainfire For opening the door to make this root useful. He will be missed! (no he is not dead, just retired.)
- @samsung for the amazing phone and leaving rediculous loopholes open for us to root!
Disclaimer 2: The method to root should be pretty straight forward as the hard work has already been done for you. With that being said, you will need to know how to download files from the internet, extract a zip file and to use ODIN. That is basically it! Oh yea, PLEASE BE SURE TO READ ALL THE INSTRUCTIONS THOROUGHLY BEFORE ASKING FOR HELP!
Once again...
READ THE ENTIRE SET OF INSTRUCTIOMNS BEFORE BEGINNING!
There are important things to note about this process that WILL likely trip you up if you expecting them. Some things are not intuitive and may sound unimportant to follow but trust me they are. Every single step added her is absolutely necessary.
Prerequisites:
- A working computer with a working USB drive that is capable of successfully flashing firmware to your device.
- Comsey ODIN and Normal ODIN (Found in Post #2 As well)(In case you give up and want to go back to stock)
- SamFAIL S8 Custom Hybrid Combo/Stock firmware package (also in Post #2)
- A functioning Snapdragon Galaxy S8 G950U/U1 or ANY other US Snapdragon based Galaxy S8 that can run the standard 950U firmware. Must be able to boot to download mode, and NO EXYNOS OR
- The CSC file for your phone(also in Post #2)(NOTE: You MUST use the CSC matching your device or your network will not function correctly. If your CSC is not in the downloads section you must download your devices firmware and extract the CSC from it and use that one. I will continue to add CSCs as I have time to download them but please be patient as they can take a while to download. Bonus points if you can send me individual .tar.md5 CSC archives so I don't have to download 4GB of ROM.
Part 1 Instructions:
0) BACKUP YOUR CRAP This procedure wipes your entire phone, so anything that you don't want gone for good back up somewhere NOT ON THE PHONE for the duration of this process. TECHNICALLY it should be safe to leave on a SD card, but checking one accidental checkbox in Odin will make you lose it. Take the SDCard out or copy the stuff to your computer.
1) Unzip the SamFAIL S8 ZIP archive. Inside there will be two tarballs (.tar files). If you have flashed a rom before these should hopefully look familiar. NOTE: There is no CP archive because the hybrid BL_ archive contains all drivers needed to operate your device.
2) Boot up Comsy Odin. Reboot your phone into download mode. Connect your phone to your pc and make sure that you get the Blue box that signifies proper connectivity and that the Odin log has said "Added!"
3) In the AP slot, place the AP tarball. There will not be a long pause like stock ROMs as there is no md5 signature to check.
4) In the BL slot, place the hybrid combo/stock firmware package. Again, you can place these in any slot and Odin will handle it just fine.
5) Click on the OPTIONS tab, and select the following checkboxes: Auto Reboot, Re Partition, F. Reset Time, NAND ERASE ALL.
After finishing the above steps, your Odin should look exactly like this:
{
"lightbox_close": "Close",
"lightbox_next": "Next",
"lightbox_previous": "Previous",
"lightbox_error": "The requested content cannot be loaded. Please try again later.",
"lightbox_start_slideshow": "Start slideshow",
"lightbox_stop_slideshow": "Stop slideshow",
"lightbox_full_screen": "Full screen",
"lightbox_thumbnails": "Thumbnails",
"lightbox_download": "Download",
"lightbox_share": "Share",
"lightbox_zoom": "Zoom",
"lightbox_new_window": "New window",
"lightbox_toggle_sidebar": "Toggle sidebar"
}
6) Read step #5 again and confirm that you have everything selected EXACTLY as shown in the picture and written in the words. Check it again and when you are sure everything is correct press START.
7) Wait for ODIN to complete the flashing of the system partition. Naturally, ODIN and your phone will see this image is not signed and return FAIL. Your device will say "Secure Check Fail: system" or something close to it. THIS IS EXPECTED, DO NOT PANIC OR GIVE UP. Your flash may have failed, but it did not fail hard enough
At this point you may be wondering "What is going on and how does failing to flash get me root?"
The answer is because of a very simople to fix (pre-launch) issue with secure boot verification. I will explain in more detail when we are done and you have root but the short story is, yes they fail the flash when it does not match a known image, but they do so at the end, AFTER all of the data has been written to the disk!
it indicates that everything is ruined and you should bring them your phone right away. Fortunately we are smarer than that. Despite not saying so, while this screen is showing the device is in fact in download mode ready to receive new firmware.
This screen will likely say something like "System Failure" and there will be instructions displayed to take your device to the nearest repair store. Laugh at Samsung's silly attempt at subterfuge.
Now, lets put that data to good use with part II:
8) Reboot the phone into download mode again (hold down power, vol down, bixby) until the device resets back to a blue-green ("Download Mode Color") screen. If you have not seen or experienced a bad flash before, this screen may be new to you. You should see something that says "OPERATING SYSTEM UPDATE FAILED" and find that your phone will boot only to this state and nothing else. DO NOT PANIC! THIS IS EXPECTED and exactly what we want. Odin/Secure Boot are refusing to boot because you flashed unrecognized code, and wants you to flash code it recognizes. Lets give them what they want.
9) If you closed Odin or hit Reset after the first clash, open it again. Plug your phone back in if necessary and ensure that Odin sees you device just like last time.
10) IMPORTANT! IMPORTANT! It is IMPORTANT that you be sure to remember to do the following: Click the RESET button onthe bottom middle of the page. Alternatively, you can Uncheck "NAND Erase All" "Re-Partition", but its extra work to remember which ones.
WARNING: IF you fail to do this, Odin will happily erase your device and have to start from scratch. Worse though is the failure mode. If you don't notice is not obvious that it is caused by this, which will likely cause you and others unecessary grief.
11) Click on the BL row again and Load the same Hybrid Firmware Combination as last time. Be sure the checkbox next to it is selcted.
12) IMPORTANT: If you did not click "Reset", be sure that the AP_ROOTEED_YSTEM tar is NOT loaded. You can uncheck the check box next to it and it will not be sent as part of the coming flash. If you do not do this, you will fail again and it will be for real this time.
13) Click on the CSC row and load the CSC file you downloaded that matches your device and service plan. Be sure that the checkbox next to it is checked.
14) Double check that your screen and options now look like this or has the same options.
- NAND ERASE is UNCHECKED
- F RESET is CHECKED
- REBOOT is CHECKED
This part is basic ODIN flashing here guys... Not rocket science!
15) Press START and watch the LOG tab to see what is happening. If it says the words "Erasing..." you have failed to follow directions and ust start completely over with step again.
16) This is where the Matic happens... Odin will flash all of the fimrware files in the tarball, and will fihnd that all of them are 100% valid signed images by Samsung. Since Odin has a very poor memory, he completely forgets that you had just flashed a bad system image, and marks your secure boot flag as "Safe" and lets you proceed to boot!
17) Have a good laugh (at least i found if funny)
18) The phone will reboot to recovery and dump you there for one of two reasons:
a) You will see the progress bar advance over a feconds to 32% or so and then stop, printing an error about faling to find resize data. This is normal and happens with every flash of CSC OYN that I have ever seen. You are safe to advance to the nxt step.
b) The recovery will immediately exit with an error that says "Failed to mount /system (Invalid Argument)". This is unfortunately bad news as it means that the failed flash attempt was not successful in writing enough data to see the file system. Do not dispair yet though! This happens sometimes with this method. Start off by starting over from scratch. If that does not work, reach out to me and I will walk you through a few procedures that will eventually fix it.
19) If you made it past step 18, all you need to do now is execute a data wipe/factory reset. This is necessary and your device will not boot withiout it, as there is no userdata image file flashed through odin.
Now, wait for the device to boot up (it will take 3-5min like most new isntalls) and then you can try out your new root!
20) Once phone boots up, Setup your device as normal and proceed to the SuperSU app. It will ask you to update the SU Binary. Select Normal method and let it do its thing. A popup should show up to disable KNOX. Follow its instructions then SU should say it was Successful in updating and it needs to reboot(You may have to do it multiple times. I belive its 2 or 3 times then its good) ENJOY SamFAIL ROOT!
NECESARY CLEANUP
The reason that this works at all is that modern filesystems like ext4 (what android uses) are very robust in the face of errors on the disks. Particularly in the days of old when everything was on spinning platters, that may moving parts was a lot more prone to failure, so filesystems were designed to keep your data safe in the face of losing parts of the disk. Fortunately for us this allos us to successfully mount and load android off of an incompleted filesystem. To make sure that the device is table, and that future SamFAIL attmpts do not degrade into "Invalid Argument" errors, we need to do a filesystem repair.
Download fsck.ext4 and push it to your device to fix any errors that cropped up from the SamFail dirty flash.
Connect via adb (or shell on your device) and run the following
FROM YOUR COMPUTER WITH PHONE PLUGGED IN AND AD ENABLED:
Code:
adb push <localpath to fsck.ext4 /tmp/
Then on the Device:
Code:
su
chmod 755 /tmp/fsck.ext4
mount -o ro,remount /system
/tmp/fsck.ext4i -f $(find /dev -name system)
It is possible that oyu will see a LOT of errors reported. Do not worry though all of the stock os will have made it through ok. Press "a" to say auto-yes to all the questions and your filesystem will be healthy from here on out.
EPILOGUE
It is HIGHLY recommended that you follow this step with the flashing of either a custom rom or a full stock /system ROM using FlashFire. The image I provided that is pre-rooted essentially has no more work done to it than that, and I have no plans to do that work anytime soon. Unforutnately my experiments with using SamFAIL to flash more custom /system partitiuons made them a lot more unstable and frequently would not boot at all. Consider this a stepping stone that requires a little less work than SamPWND used to be before more automation work was done.
The AQH3 Image in post #2 has the "warning this device has been modded" message and i took a brief stab at it but wasnt able to get it locked down. If someone wants to do so i will havppily upgrade the rom to a better vesrion. Otherwise there are some really cool bnew roms out for the s8/s8+ now that I recommend checking out.
The more exciting prospect is that this can be used by ANY Samsung device with a permissive Selinux version without dm-verity. That covers a wide range of devices which we will be investifating.
DISCLAIMER 3:
* SamFAIL DOES NOT TRIP KNOX
* SamFAIL DOES NOT FIX THE 80% BATTERY CHARGE ISSUE
* Boot.img is SECURE which means you MUST use SYSTEM ROOT. (Similar to SamPWND)
* This means that MAGISK DOES NOT WORK
* Which also means SAFETY NET FAILS. So any apps you enjoy that require passing Safety Net will most likely not work while you are rooted with SamFAIL
* Again, similar to SamPWND, this root method uses a factory binary boot.img which is necessary to boot the modified system. THIS MEANS BATTERY ONLY CHARGES TO 80% (Thanks Samsung.)
* SamFAIL DOES NOT UNLOCK YOUR BOOTLOADER AND DOES NOT SIM UNLOCK YOUR PHONE.
* This *should* in theory, work for other Snapdragon Models of the Note 8. If you have another model and are successful please post so we can add "support" for other models.
Back to Stock?
- Download the full STOCK firmware of your choice.
- Flash it in ODIN/Comsey ODIN as you would any other time!
- It will take a few reboots for the "custom" splash screen to go away.
Donations:
As always, the devs have been hard at work recently to bring you root. Donations are definitely NOT REQUIRED but if you feel generous and want to spot the devs a few bucks for their hard work you can donate to this Paypal Address:
Donations
NOTE: this message is geared more towards the Note 8 users, for whom this root method is their first and only.
DOWNLOADS will be in POST #2
UPDATES will be in POST #3(RESERVED FOR FUTURE UPDATES)
As always, ENJOY ROOT and thank SamFAIL for making it all possible!
P.S. See why we called it SamFAIL now? Massive fail on Samsungs part.

SamFAIL Downloads​
Rooted AQH3 Android 7.0 System for Galaxy S8 Snapdragon (Flashing in Odin)
AP_SamFAIL_G950U1_AQH3_ROOTED_SYSTEM.tar:
Hybrid Stock/Combination Full Firmware (minus userdata and system) For Rooted Devices.
AQI6 Stock, AQI1 Combo (for Flashing in Odin):
BL_SamFAIL_G950U1_HYBRID_AQI6_STOCK_AQI1_COMBOtar.tar
VZW CSC OYN for US VZW Customers on AQH3 (for Flashing in Odin):
CSC_OYM_SamFAIL_G950U1_AQH3_VZW.tar.md5
Staticly Compiled fsck.ext4 binary for fixing filesystem issues:
fsck.ext4

*YANK*
(reserved for future use)

Yay!

Nice!

Are there any custom ROMs for the Snapdragon variants (specifically the Canadian variant W8)?

Ad.Shk2 said:
Are there any custom ROMs for the Snapdragon variants (specifically the Canadian variant W8)?
Click to expand...
Click to collapse
i have 1 or 2 but not gonna upload em until theres more stuff done.. its basically got minor visual mods and deodex n theusual stuff

That sounds promising... I've been patiently waiting for custom ROMs for the Canadian variant... Good luck to you bro!
Sent from my SM-G950W using Tapatalk

Ad.Shk2 said:
That sounds promising... I've been patiently waiting for custom ROMs for the Canadian variant... Good luck to you bro!
Click to expand...
Click to collapse
but yea,just not enough done yet in order to release.. i hope note 8 root will kick offmore mods n such for us

I'll be going for Aosp based ROMs too, since it's for the Snapdragon
Sent from my SM-G950W using Tapatalk

Ad.Shk2 said:
Are there any custom ROMs for the Snapdragon variants (specifically the Canadian variant W8)?
Click to expand...
Click to collapse
There is one that supports at least everything thats part of CSC OYN:
https://forum.xda-developers.com/tm.../samsung-tmo-galaxy-s8-sampwnd-turbo-t3662719
Its listed under the tmoblle section because the developer has tmobile, but as our devices are multi-csc so is his rom

partcyborg said:
There is one that supports at least everything thats part of CSC OYN:
https://forum.xda-developers.com/tm.../samsung-tmo-galaxy-s8-sampwnd-turbo-t3662719
Its listed under the tmoblle section because the developer has tmobile, but as our devices are multi-csc so is his rom
Click to expand...
Click to collapse
The OP states: "this custom rom is only for tmo. i removed all other carriers config files..."
Also, what's CSC OYN?
Sorry about my illiteracy in this regard, I'm a Nexus/pixel guy which are a breeze to root and customize.
Sent from my SM-G950W using Tapatalk

Ad.Shk2 said:
The OP states: "this custom rom is only for tmo. i removed all other carriers config files..."
Also, what's CSC OYN?
Sorry about my illiteracy in this regard, I'm a Nexus/pixel guy which are a breeze to root and customize.
Click to expand...
Click to collapse
Aww that's a bummer, last I talked to him he was fine with other carrier use.

partcyborg said:
Aww that's a bummer, last I talked to him he was fine with other carrier use.
Click to expand...
Click to collapse
all he has to do is flash a csc after the rom lol if all he did was remove the other carrier stuff

Will this work for the S8 Plus?

NexusS4gFreak said:
Will this work for the S8 Plus?
Click to expand...
Click to collapse
yes if and when a modified system.img is created lol i dont plan on making it as i am already maintaining SamPWND root

NexusS4gFreak said:
Will this work for the S8 Plus?
Click to expand...
Click to collapse
elliwigy said:
yes if and when a modified system.img is created lol i dont plan on making it as i am already maintaining SamPWND root
Click to expand...
Click to collapse
I'm going to do my best to make one shortly but given I do not have an s8+ to test on I'm not so sure how effective I will be

Does this work? Anyone tried. I really want to root my Canadian model sm-g950w

Ad.Shk2 said:
I'll be going for Aosp based ROMs too, since it's for the Snapdragon
Click to expand...
Click to collapse
I think the usual comment about camera quality degrading still stands when using AOSP ROMs? Have yet to root the Samsung S8 but I'd like to do it soon, along with flashing a debloated ROM for my sister.

partcyborg said:
Aww that's a bummer, last I talked to him he was fine with other carrier use.
Click to expand...
Click to collapse
His rom has all the carrier info in it. He just doesn't update the op except the link to new rom.