Just in case XZ1 users did not notice, I've managed to implement a temp root exploit that allows to backup TA partition (drm keys) on XZ1 Compact / XZ1 / XZ Premium phones and restore the keys after unlocking bootloader. That allows sony stock camera fully working on any up to now released sony stock firmware without any change.
You may check the thread in XZ1 Compact section: [XZ1c/XZ1/XZp] temp root exploit to backup drm keys implemented - Tools to backup TA partition (drm keys) of Xperia XZ1 Compact.
I am sorry if anybody thinks this is cross posting, but it seems the bounty thread here is not cared about anymore or is it?
Thanks again @j4nn !! I saw the thread over at xz1c area.
Related
I felt it might be handy to look at some of the Q&As that have been going on since the forum got moving over the past few weeks and write up some simple, easy to read information giving answers without all the jargon. It's from a real newbie to Sony perspective, which I am. It is not by any means exhaustive, and it will be updated as time goes by.
Mods, feel free to add content or merge as appropriate. I just want to help the community of Android and Xperia S users!
Thanks.
Static-Noise
------------------------
Glossary and Explanations in simple English
Android
The name of the lovely operating system powering the phone that you have in your hand!
It is a Linux-based operating system, developed by the Open Handset Alliance, but primarily led by Google.
Baseband
The baseband is the software that deals with the wireless mobile signals, eg. the mobile network.
When the baseband is modified, it is usually to improve reception and make your connection to the network better.
At present, no alternative basebands are available for the Xperia S.
Bootloader
The Bootloader is a little piece of code that runs when you power on your device. In simple terms, it tells the phone to turn on the operating system and carry out any necessary tasks to make the phone work.
Every manufacturer installs their own custom bootloader onto their devices so that they work correctly with the hardware. However, many of these companies lock their bootloaders so that it is difficult for the user to modify the phone. This way, the phone will operate and run in the way that the company designed.
The newer Sony devices enable you to unlock your bootloader and harness your phone to the way that you decide. However, they say it may invalidate your warranty.
An official source on the Sony Xperia S forum declared that "[if you unlock] the bootloader, the warranty is void as soon as you do this". Developers on the XDA Developers forum have found ways to "relock" the bootloader and made it look like it is brand new and factory made.
DRM - "Digital Rights Management"
Digital Rights Management (DRM) is a way to make it impossible to copy music, movies, and computer programs. (Wikipedia)
In terms of our phones, it may restrict access to Sony content and service, for example, but not for definite, TrackID or other software.
You will lost your access to various Sony apps that are protected by DRM when you unlock your bootloader. Despite being able to "relock" it, you will permanently lose your DRM "keys" (which grant you access to restricted content) forever, so think wisely before you made any decisions on what to do.
Firmware/.FTF
The firmware is a package containing all the official software for a particular build. It will contain system, kernel & baseband files. Generally the firmware is supplied (on forums) in form of FTF package (a container file ending with .ftf) which can be flashed via FlashTool. (-Thanks DooMLord)
Flashing
This is when you install/load an operating system (eg. a version of Android) that is either customized (like Cyanogenmod) or "stock" (directly from the manufacturer) onto your handset.
It also can be the term used to install a system modification, such as a better camera, a keyboard or other customizations.
Flashtool
This is a piece of software created by the developers Bin4ry and Androxyde that enables you to flash, root and modify your device.
It's a free download and is an invaluable tool for all your needs!
Kernel
This is the software that the phone users to power it and how to use the battery.
As time goes on, the kernel will be spoken of more in this forum.
At present, no modifications have been made to the kernel for the Xperia S.
Recovery
The "Recovery" is a small part of the phone's operating system reserved to be used for basic phone management purposes, for example, resetting the phone to the factory preset. All devices, including the Xperia S, come with a recovery. There are many other recoveries, such as the famous ClockworkMod, for example.
At present, there are no custom recoveries available for the Xperia S.
ROM
Standing for (Read Only Memory), a ROM is another name for the operating system that is powering your Xperia S. As Android is Open Source, meaning that anyone can see the code that makes it up, talented developers can make custom ROMs that they share with the public on forums, like XDA Developers.
At present, there are no custom ROMs available for the Xperia S.
Rooting
This is the method of enabling users to access complete control of their phone. Android, which powers our handset, can obtain "root access" similar to Linux/UNIX computers- which Android is based upon.
Rooting can be obtained by exploiting a security flaw (enabling the user to get full, or "Superuser", access), by "flashing" a ROM/.ftf that has been "pre-rooted" or by merely typing in commands on handsets that permit rooting out-of-the-box.
At this time (April 2012), no security exploits have been found for the Xperia S. The only way at this time to root it is to unlock the bootloader and flash a pre-rooted ROM.
This should become easier to do as more developers work on the phone and find a security flaw.
Stock
This is the general term given to anything that is exactly as the manufacturer, Sony, intended and created. For example, a "stock" ROM, a "stock" firmware or a "stock" recovery.
When you hear the title "stock", think of it exactly as the manufacturer released it as.
------------------------
Handy weblinks and software downloads
Android SDK (Software Development Kit)
http://developer.android.com/sdk/index.html
Flashtool
Windows Edition, Version 0.6.8.0.
Linux Edition, Version 0.6.8.0.
Sony Bootloader Unlocking website
http://unlockbootloader.sonymobile.com/
Sony Official Xperia S forum
http://talk.sonymobile.com/community/support/xperia_2012_family/xperia_s
This distinction is written from the perspective of the TF201 - some of it is generic, some is specific to ASUS, or to just this device.
Bootloader unlock:
Custom Kernel possible
Official updates impossible
Waranty impacted
CWM backups possible
Need to use community ROMs in future
improved but not great chance of recovering from bad ROM flash (really needs NVFLASH)
Possible to overclock/overvolt through custom kernel
Rooted:
Now possible with tool with firmwares up to .28 (background)
Permits write access to /system partition
Makes it easier to brick and block OTA updates
Should be reversible
Allows most tweaks to be applied except for replacing kernel (which is a prerequisite for some kernels)
Can be maintained through incremental (OTA) updates using rootkeeper app.
Included in most custom ROMs by default
Limited overclock possible with stock kernel
The stock locked bootloader is cryptographically signed, and also checks that the kernal it loads is signed. These two parts are the first things to execute when you boot. The bootloader also checks for recovery/update files and installs them if they are signed. The unlocked bootloader is (probably) still signed, but it no longer cares about the kernel being signed, or updates being signed - this is how it gives you access to full custom ROMs.
Root/Unlock give you the following options:
+ Tweak system parameters to your preference
+ More functionality for launcher apps, etc
+ Backup/restore apps and settings
+ Lock/remove bloatware
+ Themes etc.
- Easy chance to brick with bad configs (maybe unrecoverable)
- High chance of problems with OTA updates
- Prevents movie rental if detected
- Waranty impacts (e.g. overclock/overheat, LCD damage, audio damage)
- Less secure, easier (or quicker with physical access) for hacker to bypass your security
Unwinding - Unroot/Relock
Rooting is reversable. In effect, root requires you to add a couple of files to the normally read-only /system area. These files may be included in a ROM which you flash, and you could easily un-root any ROM if you needed to. Some apps may check for the presence of root, for example.
On the prime, bootloader unlock is a one-way street. First, your serial number is logged by ASUS. 2nd, the process of unlocking is to replace your bootloader with one which no longer checks that it is loading a signed kernel - you are still unable to replace the bootloader. This makes it impossible for any dev to easily re-lock your prime. Unlocked can still flash any ROM (custom one or re-packaged stock) - just never a stock ROM direct from ASUS (either OTA or as a full-wipe).
I'll add links to some other posts later for most of the bullets above - feel free to offer contributions...
reserved...
very nice
maybe later you can add the difference between stock and rooted
some people still have no idea what the difference is
and or categorize them with + and -
Hello,
I have a new Sony xPeria Z3 compact and I put the latest lollipop by following the procedure here :
http://forum.xda-developers.com/z3-compact/general/how-to-root-backup-drm-keys-t3013343
Now I would like to have xPrivacy without loosing my DRM meaning no bootloader unlocking (I can change my mind if there is a trick to the Sony special/proprietary features that are no more available when loosing the DRM )
So, just because I wanted to try and see, I mostly followed this process
https://github.com/M66B/XPrivacy/#installation that I have started in step 6
So I'm not very surprise that I have some errors with Xposed...
It tells me "Failed to get root access" (I'm a bit surprise since I maybe misunderstood something but after making the TA backup and upgrade following the mentionned procedure I thought my phone was rooted)
Another reported errors :
- Xposed is not (yet) compatible with Android SDK version 21 or your processor architecture
- cannot link executable : could not load library "libdvm.so" needed by .....
===
So my question is : Is it possible to have xPrivacy without loosing the Sony proprietary algorithms of my camera ?
I'm trying to make all install via USB.
I would like (again if possible) to configure all apps authorizations before I install a SIM card or connect to WIFI
Thanks for all of your tips.
S.
Xposed requires root, which requires you to unlock your bootloader AFAIK. No other way around it. Check out the Xposed forum for more info on the Lollipop alpha release.
Recently, an exploit to the Linux kernel called "dirty cow" was released. If I understand correctly, it does not allow for temp root because SELinux blocks access to some system resources, even if the shell is running as root. However, would the root shell be privileged enough to grab a copy of the TA partition (also known as the DRM partition) before unlocking the bootloader?
Very good question! And for a similar train of thought, couldn't the root shell be used to get permanent root without unlocking the BL?
Saving TA would be very nice
I don't have (for the moment) Xperia X, but I've read something that I think you/we can try/modify/do some magic with.
Just here
It use Linux and Android NDK, but maybe, with some tinkering and skill it can temp root Xperia X (or other) in order to backup TA key
edit: nevermind
Now it is possible to backup the TA image using the dirtycow exploit
http://forum.xda-developers.com/crossdevice-dev/sony/universal-dirtycow-based-ta-backup-t3514236
Hi all
I need to disable HDCP on my phone, I found many sources what to change but all need root f.e.
https://forum.xda-developers.com/xperia-z2/help/fix-hdcp-error-miracast-ezcast-screen-t3123560
I want to change those settings without unlocking boot-loader.
I already found a possible solution to use temp-root from backup drm keys thread.
https://forum.xda-developers.com/xp...devonly-exploits-temp-root-to-backup-t3795510
I'm not sure if later upgrade to the latest firmware overwrite /system/etc/ files. Does anyone know if FOTA upgrade will restore those settings