I have a stock rom evo 4g LTE, rooted, with Android 4.0.3 on it.
I forget the root app I used, some one click thingy, I guess my bootloader is unlocked
because I get a boot menu every time I reboot, on that screen that says **TAMPERED**.
Anyway, I ignored the notification icon in my taskbar for OTA updates, for a very long time.
Since the day I bought it over a year ago.
Finally I decided "eh, screw it, why not." ...I'm sure I'll regret that.
I told it to do the OTA update, and it downloaded (I think??) and rebooted.
The icon went away. Seemed to be a done deal.
But once per day since then, my phone rings, and I see a prompt saying
there's an OTA update, and would I like to install it now?
I think it's the same OTA update being prompted repeatdly,
because the filesize is always the same (~42 megs).
What should I do? I can choose install, reboot, and be fine for the rest of the day,
or choose cancel, reboot, and be fine for the rest of the day.
Doesn't seem to matter. But would be nice to fix it for good.
Well, considering that you are about 4-5 OTAs behind the rest of the community, I would say that the notification is probably correct. HOWEVER, of you are not using the stock recovery, then the OTA did not flash. Yes, the phone rebooted, but that's because it is installed entirely through recovery, and the phone has to reboot to get into recovery mode in the first place.
Now, for the more important question at hand....why exactly are you still using ICS? Furthermore, if you are still using ICS, then why are you rooted? As far as I'm concerned, the OTAs are actually necessary updates for the phone. I'm sure that you will love Jelly Bean if you have never used it before.
And please, for the sake of us all who are cringing at the sight of the first sentence....PLEASE UPDATE your phone! If you have a good reason not to, please share.
Hi, thanks for the reply... Maybe they were all different updates after all.
I haven't been prompted to update again since my post.
Maybe I grabbed the 3 or 4 OTA updates that I needed to catch up on.
I do think I'd like Jelly Bean too, seeing some of the features is what prompted me to finally catch up.
Can you explain this part to me? I'm not familiar with this stuff.
HOWEVER, of you are not using the stock recovery, then the OTA did not flash.
Yes, the phone rebooted, but that's because it is installed entirely through recovery,
and the phone has to reboot to get into recovery mode in the first place.
Click to expand...
Click to collapse
So, there's more than one recovery mode, the stock one, and ...whatever else you can install?
When I see the white screen that says **TAMPERED** (looks basically like this screen)...
should I have chosen Recovery instead of the usual reboot option?
If I no longer see the notification, does that mean the updates worked? My Android version still shows 4.0.3.
why exactly are you still using ICS? Furthermore, if you are still using ICS, then why are you rooted?
Click to expand...
Click to collapse
Well, I had no compelling reason to upgrade. I still don't really, the phone does what I want,
I just saw some of the features in the next version and thought "huh, that sounds pretty cool".
I'm rooted for all the usual reasons... I want to be able to browse, copy, move, rename files (including system files)
without incident... use nandroid for backups... wifi tether (still can't get that to work actually)... install unapproved apps...
tweak the OS, and so on.
Ok, my friend...let me educate you. Instead of giving you the simplest, fastest solution, I will actually try to answer all of your questions, since you did ask.
I do think I'd like Jelly Bean too, seeing some of the features is what prompted me to finally catch up.
Can you explain this part to me? I'm not familiar with this stuff.
Click to expand...
Click to collapse
To give a very superficial explanation of Jelly Bean, it is everything that ICS does, and more. It just does it smoother. It also brings Google Now, which was – and still is – the selling point of Jelly Bean. The Sense launcher got a few changes, too, but you will have to explore those changes on your own (mainly because I don’t remember them off hand, and this post is beginning to become lengthy).
Maybe I grabbed the 3 or 4 OTA updates that I needed to catch up on.
If I no longer see the notification, does that mean the updates worked? My Android version still shows 4.0.3.
Click to expand...
Click to collapse
If the first update didn’t update properly, then the phone is simply downloading and trying to install the same update over and over. When you boot back into Android after a successful update, you will be greeted by a welcome message congratulating you for installing the new version.
If you are rooted, odds are, you are using a custom recovery, such as TWRP or CWM. OTAs are only installed through the stock recovery & a locked bootloader. The stock recovery doesn’t make nandroids, or do anything of the sort. To install the stock recovery, go here:
http://downloadandroidrom.com/file/HTCEvo4GLTE/rooting/Evo4GLTERoot2.zip
Click to expand...
Click to collapse
The stock recovery is located somewhere within the zip file.
So, there's more than one recovery mode, the stock one, and ...whatever else you can install?
When I see the white screen that says **TAMPERED** (looks basically like this screen)...
should I have chosen Recovery instead of the usual reboot option?
Click to expand...
Click to collapse
You can flash install the stock recovery by using fastboot commands from the bootloader (which is the screen that shows the TAMPERED status on the top), or you can use Flash Image GUI. It is a paid app on the Play Store, or you can get it from XDA (the dev let XDA users download it for free…Google it).
Lastly, there are a few things that I suggest that you do. First, obtain S-Off (Google, Google, Google...very simple), so you can install the new firmwares directly, instead of using OTAs. Otherwise, if you accept the OTA, you will lose root, and you will have to root your phone again and again. Installing the firmware, then the new rom is the same as accepting the OTA, then rooting.
Another alternative is to get S-Off, then accept the OTA (after installing the stock recovery). Your bootloader does not need to be locked, and there are recovery zips floating around here that can be installed through the bootloader (therefore, you will not be stuck rooting the phone the hard way, just boot into recovery and flash SuperSU). I highly suggest achieving S-Off.
If you want to jump straight to the latest version (Android 4.3, Sense 5.0) by installing the RUU located somewhere in this forum. I actually suggest that you try Sense 4 with Jelly Bean first, but that is completely up to you. Keep in mind that using the RUU will wipe your internal memory, so back up what needs to be backed up. This doesn’t require you to be rooted, and the state of the bootloader does not matter. It will lock the bootloader, load the stock recovery, and you will lose root. You won’t be able to downgrade without S-Off.
Other Notes:
When using the 4.3 RUU, make sure that Android USB Debugging is enabled.
Bookmarking for later but I wanted to say thanks for the thorough reply!
I can confirm the update never worked, because I never got the confirmation message
and I got prompted again a few hours after I posted.
Are you willing to answer just a few more things?
Based on what I've read, it sounds like this is what I ought to do:
- Back up anything I need to. Just to confirm, updating firmware and flashing a new rom wipes out everything in the phone's internal memory, but not external SDcard? Or both?
Are apps considered "on the cloud" and I can reinstall by just redownloading, without paying again?
Except sideloaded apps? Or will I need to find all those APK files and save them somewhere else?
Is it safe to say they're all in \data\app and \system\app? Or would system\app be unwanted since it's what came with the old phone OS?
- Get my phone into S-OFF status.
- Update firmware (this is a separate process from updating the rom? Where do I get this firmware? Google google google?)
- Install a new ROM (stock or otherwise) which will have these updates built in, so I won't need to regain root.
- Not sure what my bootloader is, maybe TWRP, does it matter? Do the above steps affect it? Should I change it to stock anyway?
- You suggested trying Sense 4 rather than Sense 5 first... any special reason?
Are you willing to answer just a few more things?
Click to expand...
Click to collapse
As always, I'm open for questions. Not to sound egotistic, but I enjoy sharing my opinion.
Based on what I've read, it sounds like this is what I ought to do:
- Back up anything I need to. Just to confirm, updating firmware and flashing a new rom wipes out everything in the phone's internal memory, but not external SDcard? Or both?
Updating to the 4.3 firmware wipes your internal memory, not your sd card (although, that may be a very unfortunate circumstance, so it should be backed up as well). The other firmware updates do not affect your memory.
Are apps considered "on the cloud" and I can reinstall by just redownloading, without paying again?
Technically, yes they are "on the cloud." The fact that you paid is saved somewhere within your main Google account that you downloaded the app with. It is possible to pay for apps with your secondary gmail account, which can be switched within the Play Store app.
Except sideloaded apps? Or will I need to find all those APK files and save them somewhere else?
Use Titanium Backup if you can't find the apks. I do save my apks that I download, and I also upload them to Google Drive, since I have multiple Android devices, and I also have a faulty micro sd card that I am yet to replace. I can lose my data at any given moment, but everything is backed up, so I'm not worried.
Is it safe to say they're all in \data\app and \system\app? Or would system\app be unwanted since it's what came with the old phone OS?
Everything within the /system folder is wiped when you flash new roms. That data is NOT backed up while flashing between roms. Also, since it is from an older Android version, it's best to leave them alone. You may back up the data if you like, but I would refrain from restoring the apks along with the data.
The /data directory may be wiped, depending on the dev who built the rom zip. If they added the superwipe script, then /data will be wiped as well. Most devs do not include this, since many people "dirty flash," which is flashing new roms or updates of the current rom without wiping /data first.
- Get my phone into S-OFF status.
You will save yourself a LOT of headaches in the future. It was my S-Off status that allowed me to reflash my firmware when I lost the function of my data/voice antennas while carelessly flashing a port of a phone on a different carrier. Also, if you feel curious to try AOSP roms, then you do not need to do any extra steps to flash them.
- Update firmware (this is a separate process from updating the rom? Where do I get this firmware? Google google google?)
Yes, the firmware handles manages how the hardware of the phone operates. Updating the rom changes how the software looks and behaves. The kernel is sort of a bridge between the firmware and the software, since it manages the firmware (like battery life, processor speed, antennas, etc.), but the kernel is dependent on the software version. The firmware is not dependent on the software version, just as the software version is not dependent on the firmware version.
The only exception of the firmware/software independence is the 4.3 update, which requires a complete update of the firmware, and the older software cannot run on the new firmware without being modded by a dev.
- Install a new ROM (stock or otherwise) which will have these updates built in, so I won't need to regain root.
- Not sure what my bootloader is, maybe TWRP, does it matter? Do the above steps affect it? Should I change it to stock anyway?
Your bootloader is the white screen that shows the TAMPERED status on the top, and little Androids on skateboards on the bottom. With the exception of the firmware information in the top left corner, this screen does not change...ever.
TWRP is your recovery image, which is accessible through the RECOVERY option in your bootloader, or you can boot directly into it through different apps in Android - Titanium Backup is one of them (yes, that's one of the options, even for the free version).
The only reason to return your recovery to stock is to accept OTAs, and also to bring your phone back to the complete factory settings, just as the day when it was first purchased (for the sake of selling the phone, or returning back to Sprint for service}. Otherwise, don't bother with it. You may want to update your version of TWRP, though. If you update to 4.3, you will have to update it. I'm not going to take the time to get into that right now. I've given you enough homework.
- You suggested trying Sense 4 rather than Sense 5 first... any special reason?
I am a very patient person. To me, exploring Android takes time. I enjoy reading before I test, and testing before I settle (which I'm yet to "settle"). All of that being said, I suggested Sense 4 before Sense 5 because I wanted you to experience the both of them. They are truly two different versions of Sense, which one might not realize, as their version numbers are differentiated by one integer (in other words, 4 to 5). Sense 3 was a small step above Sense 2, and Sense 4 was a bigger step from Sense 3. Sense 5 is a complete overhaul of the Sense UI, save the flip clock.
I just feel that skipping from 4.0 to 4.3 is missing out on a great experience, but that is mainly if you actually want to try out different roms. Until the Sense 5 RUU, I still visiting ICS on occassion, but I usually didn't last more than 3 hours before I jumped back to JB.
Click to expand...
Click to collapse
Whew...you're making me work. But I like it. Anymore questions? Feel free to ask.
OK I've been working on this all afternoon and I'm at an impasse.
You've been a huge help so far and I hope you can guide me through this part.
I want to S-OFF and am following a tutorial: http://www.thefortressofnerditude.com/s-off-your-sprint-htc-evo-4g-lte/
Step 3 says root and install recovery. So I decide I need TWRP.
Already have nandroid and titanium backups both completed.
And I copied the whole SDcard to my computer after.
Annoyingly, TWRP's install page suggests that I need to be in S-OFF.
TWRP says I need S-OFF. S-OFF guide seems to suggest I need TWRP working.
I installed "TWRP Manager". Realize that might not be the same thing as TWRP.
Googled and found it on the TeamWin page.
The page asks first to input my device. I choose Evo 4G LTE (Jewel).
That brings me to this page: http://teamw.in/project/twrp2/98
They suggest I do the android app install method. I follow the first link (Market Link)
and install GooManager, and follow their steps.
Install the app and open it. Tap menu then hit Install OpenRecoveryScript. Tap Yes. Verify that the filename displays your device's code name and hit Yes. The file will download and your device will reboot and install the recovery automatically.
This all goes smoothly, but here's my issue.
It doesn't reboot automatically, or install anything automatically.
I see in the comments a recommendation to reboot into recovery mode.
I choose that in GooManager's menu, and after rebooting I get my bootloader screen with 4 menu options:
Bootloader
Reboot
Reboot Bootloader
Power Down
The only one that sounds sensible to me is bootloader so I pick that.
Now I get some new options:
Fastboot
Recovery
Factory Reset
Clear Storage
Simlock
Image CRC
Show Barcode
So, the only one that makes sense is Recovery. I choose it. The phone reboots.
Now I'm back at the first menu. So I'm in a loop.
Nothing I do in this loop seems to install anything.
So I just rebooted the phone normally and I'm back to my OS.
Where to go from here?
CreeDo said:
OK I've been working on this all afternoon and I'm at an impasse.
You've been a huge help so far and I hope you can guide me through this part.
I want to S-OFF and am following a tutorial: http://www.thefortressofnerditude.com/s-off-your-sprint-htc-evo-4g-lte/
Step 3 says root and install recovery. So I decide I need TWRP.
Already have nandroid and titanium backups both completed.
And I copied the whole SDcard to my computer after.
Annoyingly, TWRP's install page suggests that I need to be in S-OFF.
TWRP says I need S-OFF. S-OFF guide seems to suggest I need TWRP working.
I installed "TWRP Manager". Realize that might not be the same thing as TWRP.
Googled and found it on the TeamWin page.
The page asks first to input my device. I choose Evo 4G LTE (Jewel).
That brings me to this page: http://teamw.in/project/twrp2/98
They suggest I do the android app install method. I follow the first link (Market Link)
and install GooManager, and follow their steps.
Install the app and open it. Tap menu then hit Install OpenRecoveryScript. Tap Yes. Verify that the filename displays your device's code name and hit Yes. The file will download and your device will reboot and install the recovery automatically.
This all goes smoothly, but here's my issue.
It doesn't reboot automatically, or install anything automatically.
I see in the comments a recommendation to reboot into recovery mode.
I choose that in GooManager's menu, and after rebooting I get my bootloader screen with 4 menu options:
Bootloader
Reboot
Reboot Bootloader
Power Down
The only one that sounds sensible to me is bootloader so I pick that.
Now I get some new options:
Fastboot
Recovery
Factory Reset
Clear Storage
Simlock
Image CRC
Show Barcode
So, the only one that makes sense is Recovery. I choose it. The phone reboots.
Now I'm back at the first menu. So I'm in a loop.
Nothing I do in this loop seems to install anything.
So I just rebooted the phone normally and I'm back to my OS.
Where to go from here?
Click to expand...
Click to collapse
Did you unlock your boot loader first? You don't need to be S-off to install a custom recovery. Unlock your bootloader at htcdev.com then install twrp.
Read here for more info:
http://forum.xda-developers.com/showthread.php?t=2420916
Also, I suggest learning how to use fastboot commands. Install twrp using fastboot.
Sent from my EVO using XDA Premium 4 mobile app
OK, so I'm semi-bricked but not panicking yet.
Here's where I'm at.
• Unlocked boot loader successfully
• Installed TWRP using fastboot.
• Followed instructions as closely as I could on moonshine.io to get S-OFF working.
Several times during the process I got "installing device driver software" in my win7 system tray.
Not sure if that's normal. But the drivers seemed to install fine. At first.
But then, during this part of the process:
Moonshining .................(1)
Windows prompted me that it was installing some drivers again, But it failed to install the MTP driver.
After ten tries with the "Moonshining" step, I got "ERROR: don't drink and moonshine!" or something like that.
So, it seems like I need to get this MTP driver going. First I tried solutions on the computer:
• Uninstalled all HTC software, unplugged phone, rebooted,
installed HTC Sync Manager (setup name setup_3.0.52.0_htc.exe), then uninstalled it...
because a tutorial said this would keep the drivers but remove the software. Still no luck on the MTP driver though.
• Found "Mass Storage Device" (my phone) under device manager, removed it, unplugged, rebooted, replugged.
• Plugged cord into back of PC, so I'm using USB 2.0 rather than USB 3.0.
• One suggestion said a certain registry section might have an upperfilter key that shouldn't be there.
But I don't have that upperfilter key so that's not the issue.
Some fixes require getting into my phone (one guy suggests turning off USB debugging)...
but I no longer have a working OS. I can get into my bootloader, I tried Factory Reset.
But after choosing this I go into TWRP and I have no TWRP backups that I can restore.
So my next guess is, I need to get a recovery ZIP (is that basically a ROM?) that TWRP can install.
If that's correct, what ZIP should I get? I was on Android 4.0.3 Sense 4.0, can I download jellybean with Sense 5.0,
and install it via TWRP?
That was my goal all along, but I'm determined to get S-OFF working, so if doing that means my phone gets wiped again,
I guess I just want whatever ROM/recovery/whatever that allows me to change this USB debugging setting,
and try other phone-related fixes to the MTP driver issue.
First of all, flash an ICS rom. I'm assuming that you are still using the same ICS firmware, and you will want to have your phone operational (to enable USB debugging). The link for MeanRom ICS still works. http://old.androidfilehost.com/main/EVO_3D_Developers/mikeyxda/LTEvo/MeanROM-ICS-v65-jewel-ltevo.zip
Ok....since you are on the old HBoot, I think that you need to use the older S-Off methods (LazyPanda or DirtyRacun), if I'm not mistaken. You can not download and flash Sense 5.0 through TWRP as of yet, because you need to be using the new firmware to do so. You may want to pay http://unlimited.io/jewel.htm a visit. Also, to use LazyPanda or DirtyRacun, you need to be using Ubuntu. Another option that you have is to use the regular RUU and update directly to Sense 5.0. You will be stock, unrooted, but you can easily use the latest S-Off method.
Lastly, for your rooting/S-Off needs, you can also use a handy-dandy toolkit from @WindyCityRockr that can handle everything that you need to do. I usually encourage manual labor, but there are some exceptions. http://forum.xda-developers.com/showthread.php?t=2436217
Thanks again for jumping in.
I'm getting somewhere, but still so many difficulties.
Fix one thing, break two more.
I finally have a new working rom, but almost against my will it ended up
being CyanogenMod.
The short version:
- unlocked bootloader, got TWRP going, finally got ADB working (don't think it's the right driver,
but whatever, ADB commands work fine), wiped everything... factory reset, Dalvik, external storage.
- Didn't wipe Internal storage, I wiped only /data/ per some post's recommendation.
- I used ADB PUSH to get a few possible roms onto /sdcard/
PJ75IMG_1.13.651.1.zip (failed with "unable to open zip")
(ROM)_Stock_Rooted_OTA_(3.16.651.3)V2.zip (failed with "unable to execute updater binary in zip")
cm-10.2.0-jewel.zip (cyanogenmod) - success!
So, the phone works. It appears to be at least based on android 4.3... and I'm guessing CM, which updates
frequently, has all those OTA updates bundled into it. Any downsides to CyanogenMod?
I could just proceed from here to reinstall my old apps etc.
I'm still not "S-OFF" which annoys me, but I read a post suggesting it's not really that necessary.
The way they put it is, s-off allows you to access partitions so they can be modded,
but nobody is developing anything interesting for those partitions. Like nobody's doing custom radios and such.
Should I still pursue S-OFF anyway?
If so, is there a way to do it with CyanogenMod?
That awesome app (Windroid Universal Toolkit) doesn't recognize the phone.
Last question, how should I go about restoring everything?
I had titanium and nandroid backups copied to my computer.
Can it restore to such a wildly different version of the OS?
Can I get back not just apps, but stuff like my keyboard preferences, texting history, etc.?
Should I still pursue S-OFF anyway?
Click to expand...
Click to collapse
Yes! Being S-On is a complete pain in the BUTT when switching AOSP roms. Have you tried to flash the rom that I posted, MeanRom ICS? I'm really trying to get you to stay on Sense, because S-Off and other different tools work so much better while using Sense. AOSP is better after S-Off. But that's up to you.
If so, is there a way to do it with CyanogenMod?
Click to expand...
Click to collapse
I am not sure. You can try if you have the time. I suggest making a nandroid of your CM rom, and try to flash a Sense ICS rom, not JB...yet.
That awesome app (Windroid Universal Toolkit) doesn't recognize the phone.
Click to expand...
Click to collapse
CM might be the issue here, as well as it might not.
Last question, how should I go about restoring everything?
I had titanium and nandroid backups copied to my computer.
Can it restore to such a wildly different version of the OS?
Click to expand...
Click to collapse
Yes, TB will still work. There are some apps that might cause the restoration process to freeze, so I suggest killing TB and skipping over the app that froze the process when you return.
Can I get back not just apps, but stuff like my keyboard preferences, texting history, etc.?
Click to expand...
Click to collapse
If your keyboard preferences was not backed up, then no. If you were using the stock Sense keyboard, then that is a no as well. As long as your texting history was backed up, it can be restored. Texts are not like apps...their data is typically stored in XML files which are readable through any version of Android (2.3+).
I'm still soliciting my help if you need it.
I'm for sure going to need it, so thanks very much for the ongoing support!
I got discouraged after all the failures but I'll download Meanrom now.
The thing is... now that Cyanogen mod works, I hesitate to wipe it and try a new one.
Especially since several other roms I tried mysteriously failed to install.
I like that it's jellybean and don't wanna move backwards to ICS.
And I like their goal of cutting out the fluff.
I still want S-OFF, will I end up having to wipe everything again to get it?
Also, I really don't feel confident I have the right drivers for my windows machine.
I can transfer files in USB mode, go into USB debugging, and do the usual ADB commands.
But the phone shows up as a nexus in device manager, but it's definitely evo 4G lte.
I tried installing an executable RUU and it failed after a bit saying it can't detect the device.
And there's that issue where Windroid doesn't detect it.
So I have the feeling that without the right USB drivers, tools like Moonshine will still fail.
I specifically got errors every time when anything tried to install MTP usb drivers. Do I really need them?
You think LazyPanda or DirtyRacun's tools will work even if I never get the MTP thing installed?
CreeDo said:
I'm for sure going to need it, so thanks very much for the ongoing support!
I got discouraged after all the failures but I'll download Meanrom now.
The thing is... now that Cyanogen mod works, I hesitate to wipe it and try a new one.
Especially since several other roms I tried mysteriously failed to install.
I like that it's jellybean and don't wanna move backwards to ICS.
And I like their goal of cutting out the fluff.
I still want S-OFF, will I end up having to wipe everything again to get it?
Also, I really don't feel confident I have the right drivers for my windows machine.
I can transfer files in USB mode, go into USB debugging, and do the usual ADB commands.
But the phone shows up as a nexus in device manager, but it's definitely evo 4G lte.
I tried installing an executable RUU and it failed after a bit saying it can't detect the device.
And there's that issue where Windroid doesn't detect it.
So I have the feeling that without the right USB drivers, tools like Moonshine will still fail.
I specifically got errors every time when anything tried to install MTP usb drivers. Do I really need them?
You think LazyPanda or DirtyRacun's tools will work even if I never get the MTP thing installed?
Click to expand...
Click to collapse
Feel free to try the facepalm S-off method as well. Works on devices with older software and is super easy. Look here:
http://forum.xda-developers.com/showthread.php?t=2163013
Sent from my Nexus 5 using XDA Premium 4 mobile app
Evolution_Freak said:
Feel free to try the facepalm S-off method as well. Works on devices with older software and is super easy. Look here:
http://forum.xda-developers.com/showthread.php?t=2163013
Sent from my Nexus 5 using XDA Premium 4 mobile app
Click to expand...
Click to collapse
Cheers, it does look pretty straightforward.
Of course that's what I thought hours ago when I tried moonshine haha.
I'll give it a go.
To be clear, does this method wipe anything?
They don't actually say.
CreeDo said:
Cheers, it does look pretty straightforward.
Of course that's what I thought hours ago when I tried moonshine haha.
I'll give it a go.
To be clear, does this method wipe anything?
They don't actually say.
Click to expand...
Click to collapse
Can't remember if it wipes or not. Best thing to do is make a backup with TWRP and keep the backup on your external SD card. If it wipes you can always restore your backup.
Sent from my HTC device
Thanks for the help so far guys. I am currently really enjoying Cyanogenmod. I suspect it's eating battery more,
but then against I am on the phone for hours redoing everything that got changed/removed.
Does anyone know if there's a simple way (or even a difficult way) to restore my texts?
Because the app is totally different, and the old text app was the one that came
with the stock rom, I cannot restore it in titanium. But if I could extract even the raw text that'd be helpful.
Get back to Sense, or get someone with Sense to restore it for you, and save it using a different app. Or maybe try using SMS Backup & Restore from the Play Store. I'm not sure if it can read the backups saved through Sense, but it's worth a try. You just have to navigate to the location of the old backup.
It looks like I can import an XML in this messaging app so maybe if sense offers an export to XML option, I'll be set.
Sense is sort of an OS on top of the OS, right?
Can sense be loaded without flashing a new rom? or is it too integrated with the OS?
Before I begin, I wish to apologize for my naivete, as I am just starting to scratch the surface.
Well, I'm stuck with my wife's old stupid verizon bootloader OF1 stuck junk. I have managed (with help from other posts on this forum) to root my phone using kingroot, switch root to supersu, and load all the necessary files for flashing step for step from http://forum.xda-developers.com/gal...ort-albe95-s6-port-4-5-updt-23-09-15-t3234009. I also tried using rom from http://galaxys4root.com/t-mobile-galaxy-s4-roms/android-6-0-root-for-galaxy-s4-jdc-team/2/, to no avail. For whatever reason, the device wipes properly, installs the software, gives no error messages, and then just reboots into startup just like factory reset with the stock firmware (still rooted thank goodness). I made sure that I verified the root before proceeding, that it was supersu binary, and that all the files were stored and backed up on my external sd card. Flashfire was loaded in the order specified on the tutorial and I followed them to the letter. I'm just very lost at this, since I have rooted many devices, but never tried to flash a rom and it just factory reset.... very odd. On the plus side it didn't brick it so there's that glimmer of hope. Anyways, I really hope that someone could help me out on this one, or just tell me I'm crazy and there's no way it can be done on this firmware.
wstefan20 said:
Before I begin, I wish to apologize for my naivete, as I am just starting to scratch the surface.
Well, I'm stuck with my wife's old stupid verizon bootloader OF1 stuck junk. I have managed (with help from other posts on this forum) to root my phone using kingroot, switch root to supersu, and load all the necessary files for flashing step for step from http://forum.xda-developers.com/gal...ort-albe95-s6-port-4-5-updt-23-09-15-t3234009. I also tried using rom from http://galaxys4root.com/t-mobile-galaxy-s4-roms/android-6-0-root-for-galaxy-s4-jdc-team/2/, to no avail. For whatever reason, the device wipes properly, installs the software, gives no error messages, and then just reboots into startup just like factory reset with the stock firmware (still rooted thank goodness). I made sure that I verified the root before proceeding, that it was supersu binary, and that all the files were stored and backed up on my external sd card. Flashfire was loaded in the order specified on the tutorial and I followed them to the letter. I'm just very lost at this, since I have rooted many devices, but never tried to flash a rom and it just factory reset.... very odd. On the plus side it didn't brick it so there's that glimmer of hope. Anyways, I really hope that someone could help me out on this one, or just tell me I'm crazy and there's no way it can be done on this firmware.
Click to expand...
Click to collapse
*UPDATE* for anyone experiencing the aforementioned issue, I found a solution. Not quite sure which one of these actually fixed it, but my bet is on disabling Samsung's locked and found. Anyways, here's what I did:
1. Disabled Samsung locked and found.
2. Factory reset and cleared dalvik and all cache and the sdcard (internal and external).
3. Re-set up phone making sure not to enable Samsung locked and found.
4. Rooted with Kingroot
5. Switched root from kingroot to supersu
6. Enabled default in supersu to allow vs prompt
7. Downloaded required files to ext sdcard
8. Used flashfire to load rom in EXACT order as first post specifies with wipe first
9. Let it do it's thing (for whatever reason, my load took hours not minutes to complete so be patient)
10. Laugh at everyone on every other forum who says this can't be done
Again, this is on Samsung Galaxy S4 Verizon running 5.0.1 OF1 Firmware originally unrooted. IT IS POSSIBLE!!!
All files must be on device storage if u planning to use flash fire. for example in a download folder. Do not use SD card. I used Albe95 rom 4.7 port. Works very good and smooth. All u need is of1 wifi fix.zip
Thanks Sashaua04, but I have to disagree, as I tried it multiple times and that is the only way I got it to work. Again, not sure which of those steps worked for me, but I most certainly DID use my external sd card to store and flash the zip and that is the only way I got it to work. I tried using downloads folder on internal storage and it did not work. It did however work on ext. I say do whatever works for you. I'd love to hear from a pro why this is the case and why this happened like it did. I was thinking my binary was unofficial, but I checked in download mode each time and it was official, but it said something about Samsung lock active, and after disabling and making aforementioned changes, it worked. Maybe that had something to do with it. Strange... maybe I had a bad download or
something...
I have owned my xperia x compact since June 2017, the first thing I did with it when I bought it was flash the UK firmware and root it. The phone has operated with out any real issues since then, but today I woke up to my phone on the charger showing a back lit black screen. It was unresponsive to any inputs so I rebooted it (power button, up volume), and it would just load to the xperia splash screen freeze then reboot ad nauseam. I am tempted to use the xperia companion to attempt a software repair but I am afriad if I do I'll get updated to oreo and not have a working camera. I did back up my keys when I rooted my phone but I did not change to the bootloader from factory.
Any input as to how I should proceed would be greatly apprechiated
Thank you
Do you have twrp? Do you have a twrp backup? If so, just boot to twrp, try factory reset, and if it boots after that, just restore your backup. If you don't have a backup, and you don't want to lose data, it's hard to know what to do, especially since you don't seem to have a clue what caused it. You can try to flash an ftf with Flashtool, excluding everything except 'system', (and making sure to check nothing in 'wipe' box'. Other possibilities, if you have recovery, is to try uninstalling things like Xposed, Magisk, Substratum, etc...
Thanks for the input, as stated I never changed the boot loader so unfortunately I do not have twrp and thus no images to restore.
I would like to preserve my data if possible but biggest concern is losing the camera. From what I gather using the Xperia companion will update my phone to Oreo likely loosing my ability to root but also locking out the camera. I have a back up of my DRM keys but if I am not on the factory marshmallow rom I don't think I'll be able to restore them. So is there a way to restore the phone to original factory marshmallow firmware?
Marshmallow ftf / Flashtool. I'm sure you can find one out there. Also, you can upgrade to O and your camera will be fine. Drm keys just make it a little better. And you can root with Rootkernel, and use your ta backup to mount onto Rootkernel, so camera will be just like stock. See here - https://forum.xda-developers.com/x-compact/how-to/stock-8-0-root-recovery-t3747479
Thanks for your help I really appreciate it. If I can have camera and root functionality on Oreo then I might as well upgrade.
Its been awhile since I've messed with this, and I am on a different computer. Hopefully I can get this phone up and running and out of this boot loop.
Also looking at your guide the modded boot images offered are older than the firmware currently offered on xperiafirm, do I need to find the specific firmware offered in your guide instead of the one offered on xperiafirm?
It's pretty easy to do once you're set up, but I'll see if I can post an updated one tonight.
Thanks, I do not recall having much issue getting the device unlocked and rooted with the guides here on XDA. Then again the phone was fully bootable at that time so once plugged in, windows and the xperia companion took care of the drivers. I am in the process of familiarizing myself with all the ancillary bits which may not be explicitly detailed. I suspect I will need to put adb and fastboot on this new PC, was going to use snoop05 15 second installer but all his links are dead.
Important notice! : iLLNiSS made me aware of a serious risk!
If you play with the firmwares manually and not with the flash all bat then DO NOT flash the blobs!
These are the actual bootloader files and stuffing up here will cause a hard brick!
I have to stress this out as it is serious thanks to not having working APX drivers a flshing programs for the Shield!
For starters, I uploaded a copy of the 7.2 developer firmware here:
7.2 developer ZIP on Dropbox
It is the full 1.1Gb update and not the 422mb block based one.
I have done some extensive tests since the first block based update wrecked my rooted Shield.
Some of it will end up in this post as info for everyone.
But lets start with what seems to be the problem for a lot of users right now who run a rooted Shield : Fixing the problem
A downgrade is officially not supported by Nvidia but my tests showed it works just fine if you only go back to the 7.1.
So far my tests showed differen sources for a Shield no longer working after the OTA.
1. The device had an unlocked bootloader and you got the 422mb block update.
This would have stuffed your bootloader and the Shield won't go past 1/4 on the progress bar for the update.
You are in luck as just flashing the 7.1 bootloader will fix it.
After that just dismiss the update and change the settings to manual updates.https://forum.xda-developers.com/editpost.php?do=editpost&p=78466377
2. Your device was already fully rooted and you got the full update that resulted in your Shield doing all sorts of thing but nothing properly anymore.
As long as your apps are still there and the Shield is still somhow usable you are lucky again.
A downgrade to 7.1 will fix it, I will explain the steps required further down.
3. You made bid mods, used Magisk or other rooting tools and now your Shield complains that your system is corrupt.
Bad luck if your bootloader is locked as you loose it all.
Lucky if the bootloader is unlocked as you might be able to keep most if not all during the downgrade.
General words of warning:
Even if your bootloader was unlocked from day one I can not garantee that the downgrade will keep all settings, apps, databases and so on.
For me it works fine as I kept all vital databases on external storage.
The procedures are all based on the developer firmware, on the stock firmware some things can still be done but then again you should not have more than software problems.
On the stock firmware the bootloader is locked by default and you can use some things required to owngrade due to the restrictions of a stock system.
General downgrade procedure for the developer firmware to get back to 7.1 :
If the update did get stuck on the progess bar early on and a reboot won't fix it so you can dismiss the update you just follow the steps.
If you can reboot into the 7.1 then just dismiss the update.
Trust issues or curruption warnings at boot but an otherwise working shield on 7.1 require to flash the 7.1 bootloader again.
In some cases it is possible to skip the corruption warning with a connected controller.
A reboot once you got to the homescreen will determine how bad it is.
Reboot goes fine: You are good.
Reboot keeps nagging with warnings other than the unlocked bootloader: Downgrade.
The downgrade is only required if you have problems or the Shield already runs on the 7.2!
In almost all other cases just flashing the 7.1 bootloader is sufficient.
Fixing a stuffed Shield by sideloading the 7.1 firmware while keping all apps and things:
Enable USB debugging and allow the connections for the computer if you still have access to the settings.
Otherwise you need to flash the 7.1 fresh and might loose vital things that need to install again.
Reboot into the stock recovery, if you use TWRP flashed on the Shield already then please flash the recovery from the 7.1 firmware first.
Hook up the controller and pressing A or B should get you into the normal recover screen past the dead droid.
ADB sideload XXX - where the xxx stands for the filename you have for the developer ZIP.
After the rebbot you should be back on your 7.1 homescreen and can dismiss the 7.2 update.
Also change the update settings while at it
Fixing a fully stuffed Shield and then downgrading to the 7.1 firmware:
If all went down south then you tried a few things and realised there is no way to get your data back and even less to prevent the 7.2 update.
Installing the 7.1 from scratch forces the setup wizard and before you can get anywhere you need to update to 7.2
So much easier to use the linked 7.2 update from above until Nvidia provides it on their download servers.
A vital thing to do is to keep the bootloader locked!!
Same for NOT having TWRP installed on the Shield!
If in doubt flash the 7.1 boot and recovery partitions first then go back into the stock recovery and wipe the cache.
Coming from a stock developer firmware with just an unlocked bootloader you are good to go.
Sideload the 7.2 update.
Unplug when the reboot starts and go into fastboot to lock the bootloader: Fastboot oem lock.
This is a vital step as the new kernel otherwise could ruin the completion of the install.
Ignore the double hassles and go through the wizard so you can enter the settings again to enable the developer mode and USB debugging.
Unlock the bootloader so you can do it all again Last time I promise!
Once you have both the bootloader unlocked AND the Shield in a usable condition past the setup wizard:
Reboot into the recovery to sideload the 7.1 firmware.
After the next reboot you are back on the 7.1 homescreen drirectly and can dismiss the update.
Possible tricks that can help you to prevent the installation of the 7.2 update if you come from a fresh 7.1 install instead:
Don't allow the reboot and instead use ADB to reboot into the recovery.
Wipe the cache - this will remove the scripts required to start the update after the reboot.
The next reboot should bring you back to the homescreen where you can stop the new download of the update and change the update settings.
TWRP, full root and new security measures in 7.2:
The 4.9 kernel used also makes use of a Fstab configuration that no longer includes the system partition.
This and other restrictions currently make the normal use of Magisk impossible.
With no system partition available to Magisk the changes in the boot process come to a stop and the Shield gets stuck during boot.
The added restrictions also make it very, very hard to manually add SU and busybox.
At least without getting the currupt system popup on every boot and finding out that a lot of things still don't work properly.
A final 7.2 firmware is said to be available on the download servers today.
If this final is no different from the current OTA then it will not be of any use for users requiring a fully rooted devices.
With the stock recovery still using the old kernel all attempts to use recovery functions to alter the system for rooting fail as well.
Can't blame the company as all this is part of Google revamp og security and closing backdoors and loopholes for possible attackers.
Personally I think it is Googles way of keeping control over devices they don't actually own.
Anyways I did make some little progress:
Plans for the near future:
Security is good but I like to know what my Android devices are doing and especially what Google likes to collect if I can not find ways to stop it.
So I will not try to use any backdoors or secrurity vulnerablilites in the new kernel to allow a full root on my Shield.
I will go the route I know best: Manual labour
The bootloader is already fixed to allow what we are used to from previous developer firmwares.
As SU and busybox can not be manually entered at this stage I will try to include them directly in the stock 7.1 firmware while renaming the OTA updater to have it a bit easier.
Assuming that works as expected I will do the same on the 7.2 firmware and compare the corresponding scripts and so on.
If the standard SU still works on an "unlocked" 7.2 I should be able to adjust the Magisk ZIP accordingly to implement it into the bootloader.
Only need to figure out if Magisk then has enough rights to work and the system is still happy to accept the changes.
I noly have the 16Gb 2017 model to work with but since the bootloader seems to be same for all Shield models I think if it works then it should do so for all models.
In the meantime I hope the infos here will help some pople to get their shield back without the need to sent it in.
Update 25/12/18: I got TWRP working on 7.2
This is only true for the 2017 model though as I have only this for testing.
Currently creating a backup to the internal storage.
If the restore works then I will upload the new TWRP - for the said model only!
Give me a day or two to fix it for the other models too.
There is progress on the rooting front as well.
Created new scripts for my kitchen to be able to handle the new file_context thing.
A fully pre-rooted and totally unsecure (in terms of ABD, DM-verity and such) is already cooked, just did not dare yet to try it out as I have a real life job too.
As for the pre-rooted firmware:
Things have changed quite a bit with the new kernel in terms of "just adding SU or Magisk".
Magisk might see an update for this problem soon, SU however seems to tally fail on two levels.
So far I was unable to do a full install of the modded firmware.
Flashed all at once and the boot just hangs.
Bootloader, reboot, then the rest seems to work.
At least for the basic install of the system.
If I add SU and busybox the system still ends up with a corrup notice during boot and then it fails.
Tune in over the next few days for progress updates at the end of the thread.
Major developments will be added right here.
Just a matter of finding the last restrictions.
Once that is done Magisk should be possible as well.
Ok, TWRP boot fine, does a backup but fails to restore the system to a bootable state.
Will now check if at least installing a zip works.
Well, it did not, so TWRP has to wait a few more days
I edited post 3 with instructions on how to "unbrick" and go back to 7.1.
Update 27/12/18: A friend of mine found some intersting stuff.
A 7.2 firmware offering a pure Android without any TV stuff but also a full root possible.
I hope he will share his finding here soon or allow me post it all in his name.
For now lets just say: It really works if done the rght way!
Full write rights, installing Magisk modules and all.
All thanks to an undocumented flaw in the device security structures, so even without any hidden backdoors or such LOL
Update: Whiteak was so kind to provide a working root solution in post 36, please check it.
I can confirm it is working as promised.
So the credits for this one go to Whiteak and the credits for the idea and use of the DTB file to Zulu99 - great idea!
To prevent any problems I advise to perform a factory wipe after the install and before the first boot.
Switch to the stock recovery to do this then boot as normal an enjoy.
A complete firmware with the required mods is sitting on my PC just waiting for idiot behing the keyboard to figure out how to pack it properly for flashing.
Once that problem is sorted and also TWRP working again things will get a lot easier.
Annoying update:
I was not able to confirm my web findings on the 7.2 firmwares bootloader but it seems other devices running the same type of kernel and bootloader and a bit lost now.
AVB is fully implemented on the latest level.
(Again I am working on confirming or denying these findings!)
This means any alteration to vital parts of the system will fail with a corruption warning or worse.
Custom recovery access is limited if not fully restricted.
But even if it works you still need a firmware to flash that either is able to disable all this crap, hoping the bootloader alone will allow it, or
to hope Nvidia will provide a future bootloader update with these restrictions removed.
We can not downgrade the bootloader and even if there is some old one out there that would actually be flashable the risk is high to end with a brick anyway.
The DTB, at least in my tests gives us the required system wide write access but I have no information about the AVM verfified boot other than that Zulu99's firmware works.
But if it was compiled with the NVidia developer suite then it will be signed accordingly so the bootloader accepts it.
Could not find any info on how his firmware was actually created.
It gives me the hope though that once I have a fully working TWRP again that my modded 7.2 will work as expected and with no restrictions anymore.
Thanks for the info.
Edit: Will use this post to list options to recover the Shield is all seems lost.
As a result of far too much rom cooking and mods I needed a 100% working way to recover the Shield in case things turn very ugly.
So lets sum up what I define as very ugly when playing with firmwares:
1. Firmware installed but the Shield just hangs on the logo.
2. Firmware installed and now the system is corrupt and even it is boots it takes forever to get around the nag screens.
3. Firmware downgrade attempted but now the Shield won't even boot anymore.
4. Anything that would qualify for a soft brick.
My worst case when I only got a flashing white screen after trying to restore a TWRP backup under 7.2.
There any many way that work for a variety of boot problems but it takes too long to list all cases I encountered with a list of fixes that work or a comment that only the below way works.
So just to be clear here: This is not for any recovery purpose other than fixing what can't be fixed through a factory reset or fresh flashing of the firmware!
1. Get the Shield into Fastboot mode: Connect wired controller and male to male USB cable.
2. Power the Shield up while holding A and B on the controller.
Keep holding until you see the fastboot menu on the screen.
3. Install the 7.1 recovery firmware for your Shield type after unpacking it.
With Fastboot connection working type: flash-all.bat and hit enter.
4. Keep an eye on the progess!
5. Once the Shield is finnished and reboots, hold the A and B buttons on the controller again to enter fastboot mode!
Do not let the Shield boot up other than into the fastboot mode!
6. Lock the bootloader! Fastboot oem lock
Confirm with the controller, then go down and select the recovery kernel.
7. Once the dead droid is on the screen press B on the controller to enter the real recovery.
If B does not work try A
8. Select the factory reset option to wipe all!
9. Once the wipe is done you can boot into 7.1 as normal again.
10. With a bit of chance you might even get directly to the homescreen if the previous setup was completed.
If you need the full seup wizard again and are forced to update to 7.2 then at least the update will work fine this time around.
In case you desire to go back to the 7.1:
If you just finnished the above only to end with the 7.2 then set it up and flash the 7.1 - you won't get the setup wizard again and can skip the update.
If you are on a working 7.2 that was update the OTA way but want to go back:
1. Install the 7.1 firmware.
2. Lock the bootloader.
3. Boot and then skip the update to 7.2.
Any idea what to do if the Shield sticks at the NVidia logo when you select Recovery from Fastboot? I reflashed boot and got the same result.
psycho_asylum said:
Any idea what to do if the Shield sticks at the NVidia logo when you select Recovery from Fastboot? I reflashed boot and got the same result.
Click to expand...
Click to collapse
It won't work from fastboot.
Fastboot operates on a different level and calling the recovery from there lets it end up in nowhere with no access to the system.
You need to boot into recovery through ADB as (for the new model) without a power button and usable hardware buttons we can't get into it otherwise.
Having said that, the fastboot way should still work with an unmodified bootloader.
When the dead droid is on the screen the recovery should be available after pressing the A button on the wired up controller.
But during my tests on 7.2 it did not always work, so you might have to try a few times and also try the B button.
Downunder35m said:
It won't work from fastboot.
Fastboot operates on a different level and calling the recovery from there lets it end up in nowhere with no access to the system.
You need to boot into recovery through ADB as (for the new model) without a power button and usable hardware buttons we can't get into it otherwise.
Having said that, the fastboot way should still work with an unmodified bootloader.
When the dead droid is on the screen the recovery should be available after pressing the A button on the wired up controller.
But during my tests on 7.2 it did not always work, so you might have to try a few times and also try the B button.
Click to expand...
Click to collapse
I have not been able to get to the dead droid screen.
Downunder35m said:
For starters, I uploaded a copy of the 7.2 developer firmware here:
7.2 developer ZIP on Dropbox
It is the full 1.1Gb update and not the 422mb block based one.
(snip)
Click to expand...
Click to collapse
Thanks for posting this, but please note that this firmware is only for the 2017 16GB model and cannot be used with a 2015 or Pro model.
I just got a 7.2.1 update that forced me to update. Wouldn't give me an option to skip it... As soon as I turned on my Shield, it said something about the 7.2.1 update and then rebooted and installed.
I was holding off on updating too so I didn't lose root. Now I'm unrooted and am unable to get Magisk working again until I can get my hands on a 7.2.1 bootloader... Bleh.
Weird, I am not getting the 7.2.1 at all here.
And since yesterday the OTA only tries the block based but not the full image.
AthieN said:
I just got a 7.2.1 update that forced me to update. Wouldn't give me an option to skip it... As soon as I turned on my Shield, it said something about the 7.2.1 update and then rebooted and installed.
I was holding off on updating too so I didn't lose root. Now I'm unrooted and am unable to get Magisk working again until I can get my hands on a 7.2.1 bootloader... Bleh.
Click to expand...
Click to collapse
I was able to downgrade using the 7.2 image after setting up the device on 7.2.1 OTA just make sure you disable automatic updates
Thanks downunder this kind of in-depth info is always appriciated man........i like to learn these kind of things, having bits here and bits there gives a better picture of the whole, while also giving us upto date current info.
Thanks for taking the time to write this :good:
---------- Post added at 07:35 AM ---------- Previous post was at 07:27 AM ----------
Edit
Hi downunder, could you confirm i have this correctly
With no access to fastboot thus no twrp or root, are you implying, assuming your able to inject root into stock firmware, that, i'd be able to flash this stock+root rom in STOCK recovery, which i do have access to?
Edit: im under the impression that stock firmware zips are checked by stock recoveries, so modifying a stock firmware zip tends to fail this check and thus wont install/flash.......which makes me think im misunderstanding here......or just hoping im not
If so, im interested
Edit
i just read your second post which near enought answers my curiousity, so that'll teach me to read beyond the first post before asking answered questions ........even if the post excites me............ahhh, who am i kidding, ill probabably do it again........the equivelancy of a mental post boner........not controllable
Sorry for the disgusting analogy
SyberHexen said:
I was able to downgrade using the 7.2 image after setting up the device on 7.2.1 OTA just make sure you disable automatic updates
Click to expand...
Click to collapse
Did I understand it correctly? You successfully downgraded from 7.2.1 to 7.2?
ErAzOr2k said:
Did I understand it correctly? You successfully downgraded from 7.2.1 to 7.2?
Click to expand...
Click to collapse
Yes,
Just ran flash all from the bootloader. For the newly released 7.2 developer_rooted factory image.
As long as we don't jump to Android 9 we should always be able to downgrade through a full factory firmware.
Once Android 9 comes this might not work anymore due to the massive changes involved for the boot and system checks.
@banderos101: Unless you really did something bad you should always be able to enter the fastboot mode to flash a full firmware.
If I have some time after xmas I will have another look on the options of signing the zip properly or simply to fake it.
Biggest problem will be to generate the corret SHA checksums ince all is installed so I can use the same checksums in the check files.
The bootloader needs them to identify the system and vendor as genuine.
The system needs them to confirm all is actually unmodified as otherwise all fails to boot at some stage.
Modding a proper userdebug firmware is not really that hard, but converting a release version that also is a true and secure user release...
Lets just say that it won't be an easy task.
As it looks like the kernel is a keeper I might have to figure something out unless TopJohnWu won't enjoy a break after his exams and works on a way to get Magisk working with out kernel.
At least I figured out why the recovery trick isn't working for me.
The system partition is not mounted for the sideload mode.
To apply an update the stuff is written directly onto the partition, so no file level access left to play with and break things
In comparison you could say the shield is now like a modern car with keyless operation only.
You know you can start it with ease, if you only could the remote that you left in the drivers seat when you locked the door
SyberHexen said:
Yes,
Just ran flash all from the bootloader. For the newly released 7.2 developer_rooted factory image.
Click to expand...
Click to collapse
Just wondering what is achieved by going back to 7.2?
What do you mean "going back"?
Right now the 7.2 is the official and latest firmware.
I was unable to get my hands in the 7.2.1 but guess it might have been a testversion for certain models only.
I wasted a few hours trying to fix the system image.
First stage was only to get the basic "features" back, like full ADB support, enabling the support to use SU and busybox....
Just what is required to actually allow these nice apps we like to gain root to work.
This backfired badly as right after the start the bootloader complained about the system being corrup and no override to get past this worked.
So of course I then removed the known restrictions from the bootloader...
As you guessed it the damn thing then did not even boot at all, just jumped right into the (locked) recovery mode.
A half decent comparision with my last manual root on a tv box that was a success showed I still did the right things...
If anyone wondered why we needed a new bootloader for the support of smart helpers an some codes stuff:
We didn't as all this could have been done with the 7.1 bootloader as well.
Since my root attempts so far all ended either in disaster or in a root access that failed shortly after/corrupted the system, I took a look of the general kernel changes that were published for other devices.
Before I could find anything meaningful I realised the 4.9 kernel is actually a requirement for Android Pie!
With that info sorted I started digging inti the new "security" features Pie can offer.
I will try to keep it simple and to the stuff that actually concerns us for rooting purposes:
The new boot process with Pie is aimed at being secure from the hardware level up and all the way into the system partion once the boot is completed.
So the hardware checks if the bootloader is actually usable - we had that for a long time, nothing new.
Once the bootloader starts and reaches the point of actually getting somewhere, all partitions required will be checks by either a hash check or a trusted certificate gererated at boot time that is compared to the previous certificate.
Only if that is fine the bootloader will call upon the system and vendor partitions.
The handover of control from bootloader to the system is made far more secure as well.
SELinux is called early on to ensure that only trusted apps and tasks can work but also to all a new control level.
System related apps no longer run as root or with special permissions.
Instead every single app and service runs as its own user!
And under SELinux conditions this means nothing can access anything that it is not entitled to unless included as a user for the other app.
And with that sorted the vendor stuff is called to ensure all hardware and vendor related stuff is still genuine - this include the required certs but also the recovery and bootloader hash codes and certs.
So if something is fishy either SELinux will stop us or the vendor stuff will just overwrite it all.
Once we finally reach the system stage the recovery is checked if called from within the system, if fully implemented it could mean that using an official update on a modded firmware will delete all data as the encryption from the old system is declared invalid.
Sadly it does not stop there because even with full rigths (faked or otherwise) to access the system partition with write access we still can not just change things.
If something belongs to a user (a secure app) than a change will corrupt the system.
To overcome all this without using vulnerabilities that so far no one has found, a compatible userdebug release has to be created from the official user firmware.
DM-Verity needs to be disabled as well as all partition encryption stuff.
The bootloader needs to be adjusted to reflect these changes and the required turst certificates generated and included in both system and boot images.
The only problem here is that the kernel won't allow these changes unless it itself is a userdebug kernel.
After that it is only the little efford to go through about 60 different scripts to remove or redirect the calls for all boot and system security related things.
If then by some chance all this actually boots up and goes all the way into a usable homescreen the entire stuff needs to be secured again.
This time so that the final system has a correct cert and checksum that matches those we need to include in the bootloader.
Anyone knows how to gain full access to the trusted keystore on the 4.9 kernel? LOL
For the moment I don't really care about all the stuff above.
I would be happy to figue out what to make out of these new fstab configurations without the vital partitions listed.
The real aprtitions used have not changed but it is impossible include them in the fastab, doing so causes the bootloader to fail.
Presumably because the kernel realised we try to get around the verification process.
This and some other minor things are also the reason TWRP fails so badly, same for the stock recovery by the way.
Since TWRP is toy a lot us like:
TWRP and 7.2....
Without a system partion in the bootloader fastab TWRP can not mount it.
Same for all other things TWRP needs to mount as it simply does not have the right to access these areas.
To make things worse, we need system access to even start TWRP through fastboot.
So, now matter if we flash or start it through fastboot: The bootloader and system will realise our recovery does not match the checksum.
What does al this now mean in terms a lot more people are able to understand?
Let me try...
Imagine the 7.2 in a running version would be just some encrypted file with a lot of folders in it.
And like PGP or other encryptions software we know there is a private and a public key.
With the public key you can see a lot and use most the encrypted file - but only to a level that is required, nothing above your low level clearance.
For every attempt to write into this file or to make changes we need the private key.
If you follow so far then lets just say the recovery (stock) and Fastboot can be, to some extent, used for this access.
But since every folder in the encrypted file also uses private and public keys it is like tracing a tree.
Although it is getting too long, let me give you the example of just adding SU to the sytem partition:
Adding SU into the system image is no big deal.
Singing this image to get a usable key and including this key into the keystore is.
Assume we would just be able to do it....
SU needs to be called quite early in the boot process.
It then elevates the access level for certain things and also intercepts all root related requests from apps and services.
Except of course those that already had these rights by default.
Problem here is that adding the scripts we need plus changing some others means violating the tree of trust on the device and we get locked out.
Finding a spot to add the required rights for SU might be still possible.
On the other hand it will be impossible to give SU any rights or access to "trusted user" owned parts, files, folders, partitions....
The entire concept of SU just fails.
I will have to check how much of the new features are active in the 7.2 kernel that hinder us.
If I find enough it might be possible it enough to call for a Magisk update.
But I guess it is of little use for just one set of devices, so maybe once more devices on the 4.9 kernel fail to work with Magisk it will be easier to spot a usable pattern.
In case someone else if already working ona mdified system: Please let me know how you made it boot after the changes
Shield Tv 16 2017 - OTA update 7.2.1 Ready for updating
Im on 7.1. I have been waiting for 7.2 developer image, which is now out and just noticed 7.2.1 is available OTA. I'm really confused what to do. I want to keep root without bricking my Shield. Should I Stay with what I have as it is running well.
I am not even sure if it is safe trying to update to dev 7.2 image (or if I would want to) by hooking to computer and using ADB Fastboot tools.
Is there any good reason to update to 7.2 or 7.21? and if so how would I go about doing it? Which program is good for flashing developer images or OTA updates. I used to use flash-fire, which seems to be obsolete now and have heard TWRP is incompatible rooting with SU with OREO updates????
Should I play it safe and stay with what I have rather than experiment and end up with a brick? (wouldn't be the first time)
Anyone know if 7.21 is some-kind of bug fix?
Alot of questions but hope someone has some answers.
Thanks for any info.
"You know you can start it with ease, if you only could the remote that you left in the drivers seat when you locked the door "
My fastboot issue
Yeah, i think i busted the microusb somehow with a faulty usb hub, whenever i plug the usb to my raspberrypi/windows box(for adb/fastboot) now, it turns off all usb ports on the pi aswell as the windows box, even when the shield is unplugged, some sort of earth problem maybe
......all i have is adb over network, adb reboot bootloader simply reboots back to system, adb reboot recovery works though.
ive read that fastboot over tcp(ethernet) had been introduced a couple of android versions ago, but i dont think its been implemented in our shields
infact heres a link
https://www.androidpolice.com/2016/...-capabilities-wireless-flashing-isnt-far-off/
Looks like it needs to be specifically added onto a build
As far as you making a stock root build, if you can, that would awesome, more then awesome, but if it becomes more work then you thought dont worry about it, its not like their making it easy
Also, sounds like 4.9/future android is gonna be a nightmare for root......... having the ability to root so that the option is there to see whats going on in the background of these devices, these devices posessing cameras/microphones/old+latest sensors/personal files/personal info, which reside on our personal beings or in our homes........is just one reason why i dont want to see root go away
So what is the purpose of the developer image of 7.2?
Rather, I know the stated purpose of the developer image, but if it is locked in the way described it sounds like the benefit is negated for typical developers.
(e.g. sometimes I debug an application without permissions in order to benchmark or debug a problem).
For casual users of the shield, using ad blockers and whatnot, is there any benefit to derive from installing the developer rom over stock? Does "adb root" still work?
What is left as the difference. It doesn't sound like they produced a userdebug build of the OS.
Thanks
The 2 new updates are horrible. I have gone back to 7.1. They have crippled my shield. I'll wait for a new update.