Better Mobile App

iplay 7t (sc9832e processor) root / unlock bootloader suggestions

Recently purchased an iplay 7t after reading the xda review. This is replacing an LG v400 tablet that I had rooted. I updated the iplay to build T701_V1.20_20191112, enabled developer options, enabled oem unlock bootloader, found the corresponding firmware pac, installed magisk and used it to patch boot.img. So far so good.
I entered fastboot, then I attempted to flash the modified boot.img and was told:
Code:
target didn't report max-download-size
sending 'boot' (18584 KB)...
OKAY [ 0.593s]
writing 'boot'...
FAILED (remote: Flashing Lock Flag is locked. Please unlock it first!)
finished. total time: 0.608s
I tried various options to unlock the bootloader:
Code:
> fastboot getvar unlocked
unlocked:
finished. total time: -0.000s
> fastboot oem unlock
...
FAILED (remote: unknown cmd.)
finished. total time: -0.000s
> fastboot oem unlock-go
...
FAILED (remote: unknown cmd.)
finished. total time: 0.002s
> fastboot flashing get_unlock_ability
...
FAILED (remote: Not implement.)
finished. total time: -0.000s
> fastboot flashing unlock
...
FAILED (remote: Not implemet.)
finished. total time: -0.000s
> fastboot flashing unlock_critical
...
FAILED (remote: Not implement.)
finished. total time: 0.016s
> fastboot flashing unlock_bootloader
fastboot: usage: unknown 'flashing' command unlock_bootloader
> fastboot flashing unlock_bootloader_nonce
fastboot: usage: unknown 'flashing' command unlock_bootloader_nonce
Okay ... fine. I fired up SPD Research tool and attempted to use it to flash the modified boot.img. It transfers the image and then times out.
As a sanity check I used SPD Research tool to flash the original boot.img and that worked fine.
I'll note the modified image is smaller than the original, however padding the modified image with zeros to the same size didn't seem to help. Using SPD Research tool to flash the padded image still timed out.
I am looking to open a request up on the Alldocube support site (currently their registration form is giving me an error), in the meantime ... suggestions? Has anyone successfully flashed a modified boot.img on this device / rooted this device?

in the "developer option" on your phone, you should enable the "allow unlock bootloader" option.

DR.Doyle said:
in the "developer option" on your phone, you should enable the "allow unlock bootloader" option.
Click to expand...
Click to collapse
Yes ... I have that enabled.

Okay I was able to unlock the bootloader by using the procedure documented for the Qin 2 Pro. With the bootloader unlocked on reboot the device notes:
Code:
INFO: LOCK FLAG IS : UNLOCKED!!!
followed by:
Code:
WARNING: LOCK FLAG IS : UNLOCKED, SKIP VERIFY!!!
Using fastboot I can now reflash the stock vbmeta and the stock recovery without any problems and the stock recovery boots fine.
Also if I re-sign the stock recovery, then I can't flash it (fastboot flash hangs) until I've flashed a modified vbmeta containing the new public key for the re-signed recovery. Meaning flashing vbmeta is "working".
All this seems like I'm on the right track.
However attempting to boot into the re-signed stock recovery results in:
Code:
INFO: LOCK FLAG IS : UNLOCKED!!!
followed by the device hanging (without displaying the WARNING message) so there is still something that's unhappy.
Any thoughts on how to get to the point that I can flash a useable re-signed stock recovery? If I can get that to work, then I should be in good shape to install magisk.

jwehle said:
Okay I was able to unlock the bootloader by using the procedure documented for the Qin 2 Pro. With the bootloader unlocked on reboot the device notes:
Code:
INFO: LOCK FLAG IS : UNLOCKED!!!
followed by:
Code:
WARNING: LOCK FLAG IS : UNLOCKED, SKIP VERIFY!!!
Using fastboot I can now reflash the stock vbmeta and the stock recovery without any problems and the stock recovery boots fine.
Also if I re-sign the stock recovery, then I can't flash it (fastboot flash hangs) until I've flashed a modified vbmeta containing the new public key for the re-signed recovery. Meaning flashing vbmeta is "working".
All this seems like I'm on the right track.
However attempting to boot into the re-signed stock recovery results in:
Code:
INFO: LOCK FLAG IS : UNLOCKED!!!
followed by the device hanging (without displaying the WARNING message) so there is still something that's unhappy.
Any thoughts on how to get to the point that I can flash a useable re-signed stock recovery? If I can get that to work, then I should be in good shape to install magisk.
Click to expand...
Click to collapse
Dear jwehle:
good job, i have also modify the pac firmware file which based on chinese vesion firmware:T701-1101-vbmetapri-vennofbe-systemnore-recpri01.pac
What's modified:
1.resgin the vbmeta img
2.delete fbe Force encryption in vendor partitions
3.delete the script in system.img to prevent factory recovery restore
4.modify recovery.img to a magisk build-in recovery
please use SPD_Research_Tool to flash the pac,change the android os language from chinese to english ,install magiskmanager app ,and the use adb command (adb reboot recovery)to let tablet reboot to recovery.
after tablet reboot to android os again ,open magiskmanager app,you can see the magisk can get root authority .
how to change language from chinese to english,please see attach png file.
Considering that the Android os you are using is in English version(including Google services),according to the modification points above, you can try to use the vbmeta and recovery (built in magisk) modified by your own signature , and then delete the fbe Force encryption、 recovery restoration in the system and vendor images , then use the SPD_Research_Tool to package the imgs into a pac image, flash the pac image, install the magiskmanager app, and use the adb command to restart the machine into recovery mode, so you can use magisk to get root permissions.
twrp egg:https://mega.nz/#!YZ9VDZbT!1ptlOI6g3FS_ES-cLGhLy9ybGtdHQ8vzVHaasAXglXo
and last thanks PeterCxy on xda 、the other masters sifu on 4pda agian.

wangyiling said:
Dear jwehle:
good job, i have also modify the pac firmware file which based on chinese vesion firmware:T701-1101-vbmetapri-vennofbe-systemnore-recpri01.pac
What's modified:
1.resgin the vbmeta img
2.delete fbe Force encryption in vendor partitions
3.delete the script in system.img to prevent factory recovery restore
4.modify recovery.img to a magisk build-in recovery.
Click to expand...
Click to collapse
Thanks for supplying the modified PAC and for explaining the changes.
Your PAC seemed to work fine and now that I have a better understanding
of things I should be able build my own PAC when I have a chance.
Your time and effort in explaining things is appreciated.

What's the significance of removing the encryption for the vendor partitions?

jwehle said:
What's the significance of removing the encryption for the vendor partitions?
Click to expand...
Click to collapse
the vendor img in my pac，just use ext4 format.i have use simg2img convert the oringin vendor img to ext4 format,and modify the fstab file in vendor/etc folder.
fstab.sp9832e_1h10：
Code:
/dev/block/platform/soc/soc:ap-ahb/20600000.sdio/by-name/userdata /data f2fs noatime,nosuid,nodev,discard,inline_xattr,inline_data wait,check,[COLOR="DarkOrange"]fileencryption[/COLOR]=aes-256-xts,reservedsize=128M
/dev/block/platform/soc/soc:ap-ahb/20600000.sdio/by-name/userdata /data ext4 noatime,nosuid,nodev,nomblk_io_submit,noauto_da_alloc wait,check,[COLOR="darkorange"]fileencryption[/COLOR]=aes-256-xts
---------->
Code:
/dev/block/platform/soc/soc:ap-ahb/20600000.sdio/by-name/userdata /data f2fs noatime,nosuid,nodev,discard,inline_xattr,inline_data wait,check,[COLOR="darkorange"]encryptable[/COLOR]=aes-256-xts,reservedsize=128M
/dev/block/platform/soc/soc:ap-ahb/20600000.sdio/by-name/userdata /data ext4 noatime,nosuid,nodev,nomblk_io_submit,noauto_da_alloc wait,check,[COLOR="darkorange"]encryptable[/COLOR]=aes-256-xts

wangyiling said:
the vendor img in my pac，just use ext4 format.i have use simg2img convert the oringin vendor img to ext4 format,and modify the fstab file in vendor/etc folder.
Click to expand...
Click to collapse
Actually, I was more curious as to why it was necessary / desirable to remove the encryption from the vendor partitions.

jwehle said:
Actually, I was more curious as to why it was necessary / desirable to remove the encryption from the vendor partitions.
Click to expand...
Click to collapse
Just for twrp to read the data partition, convenient for personal use。

It looks like the issue on this tablet is similar to what the magisk documentation mentions regarding the new Samsung tablets. Meaning after the bootloader is unlocked when rooting you should flash newly signed versions of the following:
Code:
vbmeta
boot
recovery
What was happening is when the system started normally it saw that recovery image had been modified so it checked if the boot image was the factory standard image. Since I hadn't touched the boot image the OS went ahead and attempted to replace the recovery image I flashed with a standard recovery image generated on the fly from the factory standard boot image. This caused a soft-brick when I rebooted into recovery since that recovery image wasn't signed using the public key specified by my replacement vbmeta.
By also flashing a newly signed boot image because the signature is different from what's it knows about the system no longer attempts to use it to refresh the recovery image.
Here's an outline of what I did to successfully root the device:
Use the Qin 2 Pro instructions / tools to unlock the boot loader.
Flash the appropriate factory standard firmware to establish a know starting point. I used iplay7t(T701)-Android9.0-ALLDOCUBE-191112 from the Alldocube web site.
Use SPD Rsearch Tool to extract vbmeta-sign.img, boot.img, and recovery.img.
Use avbtool (with the below patch) to extract the public keys from vbmeta-sign.img like so:
Code:
avbtool info_image --image vbmeta-sign.img.
Use make (with the below makefile) to sign vbmeta, boot, and recovery using a new key.
Flashed vbmeta, boot, and recovery.
Booted into recovery, saw that it worked, and did a factory reset.
Used magisk to patch recovery.img in the normal fashion, signed the patched recovery using the new key, and flashed the patched recovery.
Proceed to finish installing magisk in the normal fashion.
Notes:
rsa4096_vbmeta.pem is the private key mentioned in the Qin 2 Pro article.
The dhtbsign-vbmeta command is basically the dhtb signing python script from Qin 2 Pro article.
Here's the trival patch for avbtool to dump the public keys.
Code:
--- avbtool 2020-02-22 22:11:55.107787032 -0500
+++ avbtool.dumpkeys 2020-02-22 22:15:36.046283077 -0500
@@ -1657,6 +1657,10 @@ class AvbChainPartitionDescriptor(AvbDes
Arguments:
o: The object to write the output to.
"""
+ kfd = open(self.partition_name, "w");
+ kfd.write(self.public_key);
+ kfd.close();
+
o.write(' Chain Partition descriptor:\n')
o.write(' Partition Name: {}\n'.format(self.partition_name))
o.write(' Rollback Index Location: {}\n'.format(
Here's the makefile I used for signing the images.
Code:
all: boot-sign.img recovery-sign.img vbmeta-sign.img
vbmeta-sign.img: Makefile avb4096_pkmd.bin keys/*
avbtool make_vbmeta_image --output vbmeta.img --padding_size 16384 \
--key ../rsa4096_vbmeta.pem --algorithm SHA256_RSA4096 --flag 0 \
--chain_partition boot:1:avb4096_pkmd.bin \
--chain_partition system:3:keys/system \
--chain_partition vendor:4:keys/vendor \
--chain_partition product:10:keys/product \
--chain_partition dtbo:9:keys/dtbo \
--chain_partition recovery:2:avb4096_pkmd.bin \
--chain_partition l_modem:5:keys/l_modem \
--chain_partition l_ldsp:6:keys/l_ldsp \
--chain_partition l_gdsp:7:keys/l_gdsp \
--chain_partition pm_sys:8:keys/pm_sys \
--chain_partition dtb:11:keys/dtb
dhtbsign-vbmeta vbmeta.img vbmeta-sign.img
@rm -f vbmeta.img
avb4096_pkmd.bin: avb4096.pem
avbtool extract_public_key --key avb4096.pem --output avb4096_pkmd.bin
avb4096.pem:
openssl genrsa -out avb4096.pem 4096
boot-sign.img: boot.img avb4096.pem
cp boot.img boot-sign.img
avbtool add_hash_footer --image boot-sign.img \
--partition_name boot --partition_size 36700160 \
--key avb4096.pem --algorithm SHA256_RSA4096
recovery-sign.img: recovery.img avb4096.pem
cp recovery.img recovery-sign.img
avbtool add_hash_footer --image recovery-sign.img \
--partition_name recovery --partition_size 36700160 \
--key avb4096.pem --algorithm SHA256_RSA4096

@ jwehle，Very grateful for your detailed sharing

Did you have any trouble getting the tablet to populate the fastboot devices list?
I have USB drivers installed and can view the tablet's internal storage when it's not in fastboot mode. She's plugged directly into the mobo and I've tried two cables.
When in fastboot mode, it comes up in the Windows Device Manager as fastboot Gadget and drivers are apparently not available. I've tried using Zadig to feed it a driver of some kind, but still nothing.

MissAyako said:
Did you have any trouble getting the tablet to populate the fastboot devices list?
I have USB drivers installed and can view the tablet's internal storage when it's not in fastboot mode. She's plugged directly into the mobo and I've tried two cables.
When in fastboot mode, it comes up in the Windows Device Manager as fastboot Gadget and drivers are apparently not available. I've tried using Zadig to feed it a driver of some kind, but still nothing.
Click to expand...
Click to collapse
Seems the issue was with Windows. I thought I would be able to get the unlock token with Windows and then use WSL to do the rest of the signing, but apparently not.
Luckily I had an old laptop lying around. I threw Linux Mint on it and it worked just fine.
It didn't seem to work just using a live USB; I had to install Linux to the hard disk, but YMMV.

jwehle said:
It looks like the issue on this tablet is similar to what the magisk documentation mentions regarding the new Samsung tablets. Meaning after the bootloader is unlocked when rooting you should flash newly signed versions of the following:
Click to expand...
Click to collapse
This was wonderful, thank you! I've added some of my own notes below as an experience of what I encountered when attempting this process myself (spoiler'd because it is a lot).
I do not have enough post count to add links, but titles to the relevant articles has been added.
Follow steps in Article "Guide: How to Unlock Xiaomi Qin 2 (Pro) and Install Custom ROMs" from step 1 to (and including) step 10 (Unlocking section).
Notes:
- A Linux PC is necessary.
- You'll have to mark the "fastboot" file from the "Android_device_unlock.rar" archive as executable (chmod +x).
- Run the "fastboot" file as root.
- Getting the "SPD Research Tool" to pick up the tablet and not let the tablet try to move to either the charging
screen or the bootlogo is difficult, but do-able. Press and hold Power+Vol_Up and release when Windows does its
USB device detected chime.
- Flashing takes a few minutes (I think around 300 seconds).
- The SPD Research Tool extracts the PAC file contents into a folder. Grab the system images from there.
- The "avbtool" is available to be cloned via git from Google's repo
- The avbtool is a python script that is patched with three lines of code at line 1776:
Code:
kfd = open(self.partition_name, "w");
kfd.write(self.public_key);
kfd.close();
- When you use the patched avbtool on the vbmeta-sign.img file you copied (avbtool info_image --image vbmeta-sign.img)
it will produce several partitions with relative public keys that need to be stored in separate files for the next step.
The contents of the files are simply the public key and the partition name as the file name. Store the files in a folder named "keys".
- When creating the makefile, ensure that proper indentation is used. The code segment below is properly formatted (hopefully). If you get make errors, remove and re-indent the lines.
- If your "rsa4096_vbmeta.pem" keyfile is not placed alongside the makefile, ensure the --key flag points to this file.
- The makefile exists in the same directory as the system images.
- I had to insert local paths to the avbtool, as it was not installed to the system PATH.
- The dhtbsign-vbmeta.py command is located below. Make sure to mark this as executable as well.
Everything else is rather straightforward.
# makefile
Code:
all: boot-sign.img recovery-sign.img vbmeta-sign.img
vbmeta-sign.img: makefile avb4096_pkmd.bin keys/*
avbtool make_vbmeta_image --output vbmeta.img --padding_size 16384 \
--key rsa4096_vbmeta.pem --algorithm SHA256_RSA4096 --flag 0 \
--chain_partition boot:1:avb4096_pkmd.bin \
--chain_partition system:3:keys/system \
--chain_partition vendor:4:keys/vendor \
--chain_partition product:10:keys/product \
--chain_partition dtbo:9:keys/dtbo \
--chain_partition recovery:2:avb4096_pkmd.bin \
--chain_partition l_modem:5:keys/l_modem \
--chain_partition l_ldsp:6:keys/l_ldsp \
--chain_partition l_gdsp:7:keys/l_gdsp \
--chain_partition pm_sys:8:keys/pm_sys \
--chain_partition dtb:11:keys/dtb
./dhtbsign-vbmeta.py vbmeta.img vbmeta-sign.img
@rm -f vbmeta.img
avb4096_pkmd.bin: avb4096.pem
avbtool extract_public_key --key avb4096.pem --output avb4096_pkmd.bin
avb4096.pem:
openssl genrsa -out avb4096.pem 4096
boot-sign.img: boot.img avb4096.pem
cp boot.img boot-sign.img
avbtool add_hash_footer --image boot-sign.img \
--partition_name boot --partition_size 36700160 \
--key avb4096.pem --algorithm SHA256_RSA4096
recovery-sign.img: recovery.img avb4096.pem
cp recovery.img recovery-sign.img
# dhtbsign-vbmeta.py file (from "How I Unlocked Xiaomi Qin 2 Pro and Installed Phh GSI")
Code:
#!/usr/bin/env python
import hashlib
import sys
f = open(sys.argv[1], "rb")
b = f.read()
sha = hashlib.sha256(b).digest()
f.close()
f = open("vbmeta_signed.img", "wb")
f.write(b)
f.seek(1048576 - 512)
f.write(b'\x44\x48\x54\x42\x01\x00\x00\x00')
f.write(sha)
f.write(b'\x00\x00\x00\x00\x00\x00\x00\x00\x00\x40\x00\x00')
f.seek(1048576 - 1)
f.write(b'\x00')
f.close()

wuxianlin has build a twrp device for T701.
i think this will be a help .

Help me
Sir help pliz same problem my device ,same chipset , Symphony i95 ,pliz sir modify my pac file pliz....

wangyiling said:
Dear jwehle:
good job, i have also modify the pac firmware file which based on chinese vesion firmware:T701-1101-vbmetapri-vennofbe-systemnore-recpri01.pac
What's modified:
1.resgin the vbmeta img
2.delete fbe Force encryption in vendor partitions
3.delete the script in system.img to prevent factory recovery restore
4.modify recovery.img to a magisk build-in recovery
please use SPD_Research_Tool to flash the pac,change the android os language from chinese to english ,install magiskmanager app ,and the use adb command (adb reboot recovery)to let tablet reboot to recovery.
after tablet reboot to android os again ,open magiskmanager app,you can see the magisk can get root authority .
how to change language from chinese to english,please see attach png file.
Considering that the Android os you are using is in English version(including Google services),according to the modification points above, you can try to use the vbmeta and recovery (built in magisk) modified by your own signature , and then delete the fbe Force encryption、 recovery restoration in the system and vendor images , then use the SPD_Research_Tool to package the imgs into a pac image, flash the pac image, install the magiskmanager app, and use the adb command to restart the machine into recovery mode, so you can use magisk to get root permissions.
twrp egg:https://mega.nz/#!YZ9VDZbT!1ptlOI6g3FS_ES-cLGhLy9ybGtdHQ8vzVHaasAXglXo
and last thanks PeterCxy on xda 、the other masters sifu on 4pda agian.
Click to expand...
Click to collapse
can i just flash the pac without unlocking the bootloader.
thanks in advances

hidroela said:
can i just flash the pac without unlocking the bootloader.
thanks in advances
Click to expand...
Click to collapse
yes,just falsh pac

wangyiling said:
yes,just falsh pac
Click to expand...
Click to collapse
i did unlocked the bootloader and flash the pac and follow the instructions for magisk to work, but after a third reboot Root was gone.
i don't know what I am missing.

[DEV][WIN/LINUX] Amlogic Kitchen

{
"lightbox_close": "Close",
"lightbox_next": "Next",
"lightbox_previous": "Previous",
"lightbox_error": "The requested content cannot be loaded. Please try again later.",
"lightbox_start_slideshow": "Start slideshow",
"lightbox_stop_slideshow": "Stop slideshow",
"lightbox_full_screen": "Full screen",
"lightbox_thumbnails": "Thumbnails",
"lightbox_download": "Download",
"lightbox_share": "Share",
"lightbox_zoom": "Zoom",
"lightbox_new_window": "New window",
"lightbox_toggle_sidebar": "Toggle sidebar"
}
Disclaimer:​
The user takes sole responsibility for any damage that might arise due to use of this tool.
This includes physical damage (to device), injury, data loss, and also legal matters.
This project was made as a learning initiative and the developer or organization cannot be held liable in any way for the use of it.
Click to expand...
Click to collapse
Kitchen for working with Amlogic firmware​Used for unpacking/packing amlogic images
Supported features
Unpack/repack Amlogic images
Unpack/repack partitions (system,product,system_ext,oem and odm)
Create flashable zip from amlogic image
Unpack/repack recovery,boot,logo and dtb
Create aml image from supported flashable zips
Support for super image unpack/repack
Dump os from device through /mask mode
Note:
Ignore some errors with dtb (some conditions are missing), decompiling/compiling dtb should work fine.
This tool is tested only in some firmwares and devices.
Theres no guarantee that packed flashable zips or amlogic images will flash successfully.
TODO:
....
Download : https://github.com/althafvly/AmlogicKitchen
Report issues: https://github.com/althafvly/AmlogicKitchen/issues
Flash-tool : https://github.com/althafvly/aml-flash-tool (Use Amlogic USB Burning Tool on windows)
Credits:​
Base kitchen (vtx_kitchen) - Vortex
gnuwin32 and cygwin for linux binary ports
aml update tool - osmc
7-Zip - Igor Pavlov
ImgExtractor - unix3dgforce, blackeange and xiaoxindada
AIK - osm0sis
SuperImage tools - LonelyFool
Aml dtb, unpack tools - LineageOS
simg2img - anestisb
img2sdat, sdat2img - xpirt
simg2img - A.S._id
let me know if i missed anyone
Contribution:
If you want to contribute or fix something i broke, just fork and give a pull request with your changes
Support:
XDA is preferred for main discussion. But if you need any other support, check support group.

Reserved

How can I download it? It seems very similar to Vortex's kitchen.

kalehrl said:
How can I download it? It seems very similar to Vortex's kitchen.
Click to expand...
Click to collapse
You can clone the repo or download as zip from github. Yes this was done on top of vtx_kitchen

I just tried it. I unpacked level1 fine. When I tried level2, the terminal window didn't open. I realised I needed python for Windows so I installed it and level2 unpacked fine. Maybe add a notification to install Python. Level3 unpacked boot, logo and recovery but no dtb:
Spoiler: level3
1 file(s) copied.
Android Image Kitchen - UnpackImg Script
by osm0sis @ xda-developers
Supplied image: recovery.img
Setting up work folders . . .
Image type: AOSP
Splitting image to "split_img/" . . .
ANDROID! magic found at: 0
BOARD_KERNEL_CMDLINE androidboot.dtbo_idx=0 --cmdline root=/dev/mmcblk0p18 buildvariant=userdebug
BOARD_KERNEL_BASE 0x01078000
BOARD_NAME
BOARD_PAGE_SIZE 2048
BOARD_HASH_TYPE sha1
BOARD_KERNEL_OFFSET 0x00008000
BOARD_RAMDISK_OFFSET 0xfff88000
BOARD_SECOND_OFFSET 0xffe88000
BOARD_TAGS_OFFSET 0xfef88100
BOARD_OS_VERSION 9.0.0
BOARD_OS_PATCH_LEVEL 2018-08
BOARD_HEADER_VERSION 1
BOARD_RECOVERY_DTBO_SIZE 438
BOARD_RECOVERY_DTBO_OFFSET 15835136
BOARD_HEADER_SIZE 1648
Unpacking ramdisk to "ramdisk/" . . .
Compression used: gzip
20266 blocks
Done!
Failed
1 dir(s) moved.
1 dir(s) moved.
1 file(s) copied.
Android Image Kitchen - UnpackImg Script
by osm0sis @ xda-developers
Supplied image: boot.img
Setting up work folders . . .
Image type: AOSP
Splitting image to "split_img/" . . .
ANDROID! magic found at: 0
BOARD_KERNEL_CMDLINE androidboot.dtbo_idx=0 --cmdline root=/dev/mmcblk0p18 buildvariant=userdebug
BOARD_KERNEL_BASE 0x01078000
BOARD_NAME
BOARD_PAGE_SIZE 2048
BOARD_HASH_TYPE sha1
BOARD_KERNEL_OFFSET 0x00008000
BOARD_RAMDISK_OFFSET 0xfff88000
BOARD_SECOND_OFFSET 0xffe88000
BOARD_TAGS_OFFSET 0xfef88100
BOARD_OS_VERSION 9.0.0
BOARD_OS_PATCH_LEVEL 2018-08
BOARD_HEADER_VERSION 1
BOARD_HEADER_SIZE 1648
Warning: No ramdisk found to be unpacked!
Done!
Failed
1 dir(s) moved.
1 dir(s) moved.
dbg:res-img ver is 0x2
dbg:item level3\logo/bootup
dbg:item level3\logo/bootup_X3
dbg:item level3\logo/upgrade_bar
dbg:item level3\logo/upgrade_error
dbg:item level3\logo/upgrade_fail
dbg:item level3\logo/upgrade_logo
dbg:item level3\logo/upgrade_success
dbg:item level3\logo/upgrade_unfocus
dbg:item level3\logo/upgrade_upgrading
FATAL ERROR: Blob has incorrect magic number
Done.
Press any key to continue . . .
I tried _pack_zip_to_aml.bat but it says to install python from Microsoft store. I uninstalled the existing python, installed python 3.10 from MS store but it still doesn't work.

kalehrl said:
I just tried it. I unpacked level1 fine. When I tried level2, the terminal window didn't open. I realised I needed python for Windows so I installed it and level2 unpacked fine. Maybe add a notification to install Python. Level3 unpacked boot, logo and recovery but no dtb:
Spoiler: level3
1 file(s) copied.
Android Image Kitchen - UnpackImg Script
by osm0sis @ xda-developers
Supplied image: recovery.img
Setting up work folders . . .
Image type: AOSP
Splitting image to "split_img/" . . .
ANDROID! magic found at: 0
BOARD_KERNEL_CMDLINE androidboot.dtbo_idx=0 --cmdline root=/dev/mmcblk0p18 buildvariant=userdebug
BOARD_KERNEL_BASE 0x01078000
BOARD_NAME
BOARD_PAGE_SIZE 2048
BOARD_HASH_TYPE sha1
BOARD_KERNEL_OFFSET 0x00008000
BOARD_RAMDISK_OFFSET 0xfff88000
BOARD_SECOND_OFFSET 0xffe88000
BOARD_TAGS_OFFSET 0xfef88100
BOARD_OS_VERSION 9.0.0
BOARD_OS_PATCH_LEVEL 2018-08
BOARD_HEADER_VERSION 1
BOARD_RECOVERY_DTBO_SIZE 438
BOARD_RECOVERY_DTBO_OFFSET 15835136
BOARD_HEADER_SIZE 1648
Unpacking ramdisk to "ramdisk/" . . .
Compression used: gzip
20266 blocks
Done!
Failed
1 dir(s) moved.
1 dir(s) moved.
1 file(s) copied.
Android Image Kitchen - UnpackImg Script
by osm0sis @ xda-developers
Supplied image: boot.img
Setting up work folders . . .
Image type: AOSP
Splitting image to "split_img/" . . .
ANDROID! magic found at: 0
BOARD_KERNEL_CMDLINE androidboot.dtbo_idx=0 --cmdline root=/dev/mmcblk0p18 buildvariant=userdebug
BOARD_KERNEL_BASE 0x01078000
BOARD_NAME
BOARD_PAGE_SIZE 2048
BOARD_HASH_TYPE sha1
BOARD_KERNEL_OFFSET 0x00008000
BOARD_RAMDISK_OFFSET 0xfff88000
BOARD_SECOND_OFFSET 0xffe88000
BOARD_TAGS_OFFSET 0xfef88100
BOARD_OS_VERSION 9.0.0
BOARD_OS_PATCH_LEVEL 2018-08
BOARD_HEADER_VERSION 1
BOARD_HEADER_SIZE 1648
Warning: No ramdisk found to be unpacked!
Done!
Failed
1 dir(s) moved.
1 dir(s) moved.
dbg:res-img ver is 0x2
dbg:item level3\logo/bootup
dbg:item level3\logo/bootup_X3
dbg:item level3\logo/upgrade_bar
dbg:item level3\logo/upgrade_error
dbg:item level3\logo/upgrade_fail
dbg:item level3\logo/upgrade_logo
dbg:item level3\logo/upgrade_success
dbg:item level3\logo/upgrade_unfocus
dbg:item level3\logo/upgrade_upgrading
FATAL ERROR: Blob has incorrect magic number
Done.
Press any key to continue . . .
I tried _pack_zip_to_aml.bat but it says to install python from Microsoft store. I uninstalled the existing python, installed python 3.10 from MS store but it still doesn't work.
Click to expand...
Click to collapse
i have made some changes now. download or pull from git and check. fixed python missing error not showing in windows. if its still not extracting your dtb then, link me you firmware or _aml_dtb.PARTITION

I reinstalled Python but this time I selected 'add to path' option which is not selected by default. _pack_zip_to_aml.bat now works but I didn't try the resulting image. DTB still isn't extracted with the updated version of the tool. Vortex's kitchen extracts it fine.
I tried to test the image I made from ota.zip and when I try to unpack level2, I get this error while extracting odm partition while other partitions extract fine. Maybe because my ota.zip is encrypted so maybe you can add some type of detection.Vortex''s edition also errors out when unpacking odm with the same error.
Spoiler: log
.....................
Amlogic Kitchen
.....................
Select level 1,2 or 3: 2
Python 3.10.2
imgextractor: Vortex Edition
Traceback (most recent call last):
File "imgextractor.py", line 374, in <module>
File "imgextractor.py", line 360, in main
File "imgextractor.py", line 346, in __getTypeTarget
File "imgextractor.py", line 338, in checkSignOffset
OSError: [WinError 8] Not enough memory resources are available to process this command
[2700] Failed to execute script imgextractor
imgextractor: Vortex Edition
Convert product.PARTITION to product.raw.img
Extraction from product.PARTITION to product
imgextractor: Vortex Edition
Convert vendor.PARTITION to vendor.raw.img
Extraction from vendor.PARTITION to vendor

kalehrl said:
I reinstalled Python but this time I selected 'add to path' option which is not selected by default. _pack_zip_to_aml.bat now works but I didn't try the resulting image. DTB still isn't extracted with the updated version of the tool. Vortex's kitchen extracts it fine.
I tried to test the image I made from ota.zip and when I try to unpack level2, I get this error while extracting odm partition while other partitions extract fine. Maybe because my ota.zip is encrypted so maybe you can add some type of detection.Vortex''s edition also errors out when unpacking odm with the same error.
Spoiler: log
.....................
Amlogic Kitchen
.....................
Select level 1,2 or 3: 2
Python 3.10.2
imgextractor: Vortex Edition
Traceback (most recent call last):
File "imgextractor.py", line 374, in <module>
File "imgextractor.py", line 360, in main
File "imgextractor.py", line 346, in __getTypeTarget
File "imgextractor.py", line 338, in checkSignOffset
OSError: [WinError 8] Not enough memory resources are available to process this command
[2700] Failed to execute script imgextractor
imgextractor: Vortex Edition
Convert product.PARTITION to product.raw.img
Extraction from product.PARTITION to product
imgextractor: Vortex Edition
Convert vendor.PARTITION to vendor.raw.img
Extraction from vendor.PARTITION to vendor
Click to expand...
Click to collapse
i have pushed a fix for dtb now. odm error is mostly because its an empty partition

2 other kitchens extract the odm partition just fine. The one from CRB: https://forum.xda-developers.com/t/tool-windows-kitchen-crb-v3-0-0-beta14.3947779/ and another one from a Russian developer from 4pda. The partition isn't empty. How does this kitchen handle encrypted partitions? I think in the ota.zip I mentioned, boot and dt.img are encrypted. Vortex's kitchen recognises encrypted partitions and they have .enc suffix at the end. I tested with encrypted factory img for X99 Max + box.

kalehrl said:
2 other kitchens extract the odm partition just fine. The one from CRB: https://forum.xda-developers.com/t/tool-windows-kitchen-crb-v3-0-0-beta14.3947779/ and another one from a Russian developer from 4pda. The partition isn't empty. How does this kitchen handle encrypted partitions? I think in the ota.zip I mentioned, boot and dt.img are encrypted. Vortex's kitchen recognises encrypted partitions and they have .enc suffix at the end. I tested with encrypted factory img for X99 Max + box.
Click to expand...
Click to collapse
i havent tried any firmware with encrypted partitions yet. i will check soon

I can send you my ota.zip if you need it. Here you can find X99 max plus firmware: http://geekbuying.mediafire.com/fil...3_d4_sp6330_100m_20200917_r1(x99max+).7z/file

kalehrl said:
I can send you my ota.zip if you need it. Here you can find X99 max plus firmware: http://geekbuying.mediafire.com/fil...3_d4_sp6330_100m_20200917_r1(x99max+).7z/file
Click to expand...
Click to collapse
Now you can extract odm. i was using an old binary from Vortex. now using python script, same as linux one. and
i think your dtb is encrypted, not sure. im not able extract yours. i can extract meson1 (also dtb). added support for that.

The dtb I attached is not encrypted. It is from a SlimBox custom rom. I will send you the link to my ota.zip in which some files are encrypted, probably boot.img and dt.img. Other files should be fine.
EDIT: With the new version, dtb is decompiled successfully

althafvly said:
Dump os from device through adb/flash/mask mode
Click to expand...
Click to collapse
I've stumbled upon an interesting script for dumping fw via adb from [email protected] I think. Maybe I can send it to you to have a look and improve on it and make it available on github.

It seems that it doesn't extract Android 7.1 images correctly.
system/usr folder isn't extracted and the terminal window closes prematurely.
I tried this image which extracts fine with another tool:
0 byte folder on MEGA
mega.nz

New changes
- Allow user to select vortex/python for extracing firmware in windows
- Added support to dump firmware from mask mode
- Added support for firmwares with super.img
Note: i have only test this in some firmware/device. report if theres any issues.

Create flashable zip from amlogic image
i created a zip can I flash this with or without wiping anything in twrp ?
failed with error 6

cali.s said:
Create flashable zip from amlogic image
i created a zip can I flash this with or without wiping anything in twrp ?
failed with error 6
Click to expand...
Click to collapse
Not sure which device and firmware your are talking about. Its better if you wipe before flashing and its best to flash amlogic image if you have one.

I tried to dump_to_aml.sh Android 6 image but it failed:
[email protected]:/home/kalehrl/Templates/android/AmlogicKitchen# ./dump_to_aml.sh
Code:
.....................
Amlogic Dumper
.....................
Unpacking system
Repacking system
Repacking boot
Repacking recovery
Repacking logo
Enter a name for aml package:
ott
[ERR]f(AmlImagePack.cpp)L1312:Open pack image out/ott.img failed
Image pack FAILED
.....................
Done.
I can send you my TWRP backup of the original iamge to try if you have time.

kalehrl said:
I tried to dump_to_aml.sh Android 6 image but it failed:
[email protected]:/home/kalehrl/Templates/android/AmlogicKitchen# ./dump_to_aml.sh
Code:
.....................
Amlogic Dumper
.....................
Unpacking system
Repacking system
Repacking boot
Repacking recovery
Repacking logo
Enter a name for aml package:
ott
[ERR]f(AmlImagePack.cpp)L1312:Open pack image out/ott.img failed
Image pack FAILED
.....................
Done.
I can send you my TWRP backup of the original iamge to try if you have time.
Click to expand...
Click to collapse
dump to aml script isn't ready yet. Im still testing it. I will check on free time. This error is because script isn't able to create ott.img. Try different name or close any apps which using that ott.img file.

[GUIDE] Important partitions you must backup after you have the phone rooted, Stock firmware reinstallation guide at worst case

These partitions are important when you'll have to restore the phone back to normal from worst case.
Code:
elableinfo (/dev/block/sda4) - This partition contains Certification Image, may not important.
imeilock (/dev/block/sdg1) - This partition contains your device IMEI.
persist (/dev/block/sda8) - This partition contains your device PSN, MAC, Bluetooth.
oemowninfo (/dev/block/sda2) - This partition contains SKUID, exclusive info, etc.
simlock (/dev/block/sde63) - Carrier locked TA-1251 only. Mandatory to allow your phone boot if your phone isn't carrier locked.
Other Snapdragon 765G based Android phones can also refer this, although we can't guarantee it will 100% apply on your phone. DO NOT FOLLOW THIS GUIDE IF YOU ARE USING TA-1257 (NOKIA 8 V 5G UW from Verizon Wireless).
WARNING:
1. DO NOT SHARE YOUR CRITICAL PARTITION BACKUP IMAGES TO ANYONE ELSE TO PREVENT ABUSE, PLUS, SHARING THIS VIOLATES THE RULE OF XDA.
2. CRITICAL PARTITION BACKUP IMAGES FOR BOTH TA-1243 AND TA-1251 AREN'T INTERCHANGEDABLE.
Click to expand...
Click to collapse
To backup these partitions:
1. Unlock the bootloader and root your phone with Magisk.
2. Execute these commands:
Code:
adb shell mkdir /storage/emulated/0/bgt-critical/
adb shell su
(Confirm root permission on your phone - if you missed that or didn't confirm it, open Magisk app and grant it manually)
adb shell su -c dd if=/dev/block/bootdevice/by-name/imeilock of=/storage/emulated/0/bgt-critical/imeilock.img
adb shell su -c dd if=/dev/block/bootdevice/by-name/persist of=/storage/emulated/0/bgt-critical/persist.img
adb shell su -c dd if=/dev/block/bootdevice/by-name/oemowninfo of=/storage/emulated/0/bgt-critical/oemowninfo.img
adb shell su -c dd if=/dev/block/bootdevice/by-name/simlock of=/storage/emulated/0/bgt-critical/simlock.img
adb pull /storage/emulated/0/bgt-critical/
3. Save entire bgt-critical directory at safe place.
Additionally, you must do QCN backup in case you erased NVRAM at worst case.
To do that:
1. Root your phone with Magisk.
2. Execute this command on your PC with ADB shell for enabling Qualcomm Diag Port:
Code:
adb shell su -c setprop sys.usb.config diag,serial_cdev,rmnet,adb
3. Install QPST 2.7.496 and use QPST Software Download to backup both XQCN and QCN images, and save both of them at bgt-critical partition you have saved.

Here's how to reinstall stock firmware, in case you bricked the phone at worst situation.
Please disable automatic translation on your web browser if you can't click "CLICK TO SHOW CONTENT" button.
Click to expand...
Click to collapse
Assuming you have UFS lun0-lun6 erased, or the phone is currently at Qualcomm 900E which are considered worst situation.
1. Download following firmware, and extract it 3 times - you'll get tons of files inside.
bgt-2210-0-00WW-B01.HMDSW.7z | by Hikari Calyx for Generic Device/Other
Download GApps, Roms, Kernels, Themes, Firmware, and more. Free file hosting for all Android developers.
www.androidfilehost.com
2. Use text editor to open rawprogram0_sparse.xml and delete the string super.img inside to save time when doing part 1 flashing.
Use text editor to open rawprogram4.xml and replace the string abl.elf into BGT-abl.elf , then save it.
3. Copy prototype ABL into the firmware directory, and make sure the filename is BGT-abl.elf .
4A. (For Windows users)
Please install QPST 2.7.496 or newer and Qualcomm USB Driver before you proceed. You'd better to erase all other incompatible drivers to increase success rate.
Once installed, please copy QSaharaServer.exe and fh_loader.exe from QPST installation directory (C:\Program Files (x86)\Qualcomm\QPST\bin by default) to firmware directory.
4B. (For macOS / Linux users)
Please install Python EDL from following website:
GitHub - bkerler/edl: Inofficial Qualcomm Firehose / Sahara / Streaming / Diag Tools :)
Inofficial Qualcomm Firehose / Sahara / Streaming / Diag Tools :) - GitHub - bkerler/edl: Inofficial Qualcomm Firehose / Sahara / Streaming / Diag Tools :)
github.com
5. If your phone is currently at 900E, you must disassemble the phone by opening the back cover and make sure the motherboard is exposed.
Disconnect the battery, use a pair of tweezers to short the test point, then connect your phone to PC. Using USB 2.0 port is strongly recommended for best stability.
{
"lightbox_close": "Close",
"lightbox_next": "Next",
"lightbox_previous": "Previous",
"lightbox_error": "The requested content cannot be loaded. Please try again later.",
"lightbox_start_slideshow": "Start slideshow",
"lightbox_stop_slideshow": "Stop slideshow",
"lightbox_full_screen": "Full screen",
"lightbox_thumbnails": "Thumbnails",
"lightbox_download": "Download",
"lightbox_share": "Share",
"lightbox_zoom": "Zoom",
"lightbox_new_window": "New window",
"lightbox_toggle_sidebar": "Toggle sidebar"
}
If you're using PC that only has USB 3.1 port you may like encounter USB port throttling issue. In this case you must buy an USB hub as workaround.
To check if your phone is properly connected:
(For Windows users)
Please open Device Manager and check if your phone is listed as Qualcomm HS-USB QDLoader 9008 / Qualcomm HS-USB Diagnostics 9008. If not you need to disconnect the phone, short the test point and connect the phone to PC again. Once it's listed you can remove the tweezer.
(For macOS / Linux users)
Please execute this command:
Code:
lsusb
and see if a device started from 05C6:9008 is listed. If yes, you can remove the tweezer and proceed to next step.
6A. (For Windows users)
Please check the COM port in Device Manager, assuming the COM port number is 8.
Open a Command Prompt or PowerShell window at directory where you have tons of firmware files extracted.
Execute this command (replace the COM port number to actual COM port number you see in Device Manager)
Code:
.\QSaharaServer -p \\.\COM8 -s 13:prog_firehose_ddr.elf
If you see a message says image uploaded successfully, you can proceed to next step.
Execute this command to upload rawprogram XML configuration:
Code:
.\fh_loader --port=\\.\COM8 --search_path=. --sendxml=rawprogram0_sparse.xml,rawprogram1.xml,rawprogram2.xml,rawprogram3.xml,rawprogram4.xml,rawprogram5.xml,rawprogram6.xml --noprompt --showpercentagecomplete --zlpawarehost=1 --memoryname=UFS
Wait for image files being uploaded, now write patch XML configuration:
Code:
.\fh_loader.exe --port=\\.\COM8 --search_path=. --sendxml=patch0.xml,patch1.xml,patch2.xml,patch3.xml,patch4.xml,patch5.xml,patch6.xml --noprompt --showpercentagecomplete --zlpawarehost=1 --memoryname=UFS
Once these commands are executed successfully, you can disconnect the phone, reconnect the battery and power it on.
Your phone should boot straight into Fastboot mode. If it doesn't boot the battery might be drained, recharge it a little bit before you proceed.
6B. (For macOS / Linux users)
Assuming you have Python EDL installed properly.
Open a terminal under the directory where you have firmware extracted, and execute this command:
Code:
edl qfil rawprogram0_sparse.xml,rawprogram1.xml,rawprogram2.xml,rawprogram3.xml,rawprogram4.xml,rawprogram5.xml,rawprogram6.xml patch0.xml,patch1.xml,patch2.xml,patch3.xml,patch4.xml,patch5.xml,patch6.xml /path/to/where/firmware/images/arelocated/ --memory=ufs --loader=prog_firehose_ddr.elf
Wait for image files being uploaded. If the flashing procedure is throttling, you may want to execute this command before connecting phone with test point shorted.
Once this command is executed successfully, you can disconnect the phone, reconnect the battery and power it on.
Your phone should boot straight into Fastboot mode. If it doesn't boot the battery might be drained, recharge it a little bit before you proceed.
7. Reinstall all other partitions with Fastboot command.
If you're Windows user, please DO NOT USE Minimal ADB and Fastboot, but use this instead: https://developer.android.com/studio/releases/platform-tools
Code:
fastboot flash partition:0 gpt_both0.bin
fastboot --set-active=a reboot-bootloader
fastboot flash xbl xbl.elf
fastboot flash xbl_config xbl_config.elf
fastboot flash abl abl.elf
fastboot flash tz tz.mbn
fastboot flash hyp hyp.mbn
fastboot flash devcfg devcfg.mbn
fastboot flash storsec storsec.mbn
fastboot flash pwinfo pwinfo.img
fastboot flash bluetooth BTFM.bin
fastboot flash modem NON-HLOS.bin
fastboot flash core_nhlos Core_NON-HLOS.bin
fastboot flash dsp dspso.bin
fastboot flash logfs logfs_ufs_8mb.bin
fastboot flash keymaster km4.mbn
fastboot flash featenabler featenabler.mbn
fastboot flash toolsfv tools.fv
fastboot flash metadata metadata.img
fastboot flash aop aop.mbn
fastboot flash qupfw qupv3fw.elf
fastboot flash imagefv imagefv.elf
fastboot flash uefisecapp uefi_sec.mbn
fastboot flash multiimgoem multi_image.mbn
fastboot flash vbmeta_system vbmeta_system.img
fastboot flash vbmeta vbmeta.img
fastboot flash dtbo dtbo.img
fastboot flash userdata userdata.img
fastboot flash recovery recovery.img
fastboot flash super super.img
fastboot flash boot boot.img
fastboot flash persist persist.img
By doing this will allow your phone boot as the bare minimal situation, but not ideally functional.
Next you must restore critical partitions you have backed up before.
Code:
fastboot erase fsc
fastboot erase modemst1
fastboot erase modemst2
fastboot flash fsg fs_image.img
fastboot flash elableinfo /path/to/bgt-critical/elableinfo.img
fastboot flash imeilock /path/to/bgt-critical/imeilock.img
fastboot flash persist /path/to/bgt-critical/persist.img
fastboot flash oemowninfo /path/to/bgt-critical/oemowninfo.img
fastboot reboot
8. Once your phone boots into normal OS, use Magisk to root your phone, and execute this command to enable Qualcomm Diag Port:
Code:
adb shell su -c setprop sys.usb.config diag,serial_cdev,rmnet,adb
9. (For Windows users) Use QPST Software Download to restore the QCN/XQCN image you backed up before. Eject SIM before you doing so to prevent issues.
10. (Skip if you're not using Carrier locked TA-1251) Reboot the phone into Fastboot mode and flash simlock partition:
Code:
adb reboot bootloader
fastboot flash simlock /path/to/bgt-critical/simlock.img
fastboot reboot
11. Enjoy your fully revived Nokia 8.3.

Reserved #3

How To Guide [Close] LineageOS 20 "Light"

《《 I only explain in A11 view , you can adjust to works with your A12 .》》
{
"lightbox_close": "Close",
"lightbox_next": "Next",
"lightbox_previous": "Previous",
"lightbox_error": "The requested content cannot be loaded. Please try again later.",
"lightbox_start_slideshow": "Start slideshow",
"lightbox_stop_slideshow": "Stop slideshow",
"lightbox_full_screen": "Full screen",
"lightbox_thumbnails": "Thumbnails",
"lightbox_download": "Download",
"lightbox_share": "Share",
"lightbox_zoom": "Zoom",
"lightbox_new_window": "New window",
"lightbox_toggle_sidebar": "Toggle sidebar"
}
DOWNLOAD: (vndklite = not works )
✓ lineage-20.0-20221111-UNOFFICIAL-arm64_bgN-secure.img.xz
(g = google apps, v= no google apps , N = not include SuperSU (root), secure=try to pass safetynet checked)
✓ lineage-20.0-20221111-UNOFFICIAL-arm64_bvN-secure.img.xz
: Note Only 2 variant are works.
Andy Yan's personal builds // GSI - Browse /lineage-20-td at SourceForge.net
sourceforge.net
》Can test (temporary install) with DSU Sideloader [A11]
》Can install with Fastboot of TWRP [A11]
》Can install with Odin [A11, A12] [ CustomAP]
✓This GSI is not suported exFAT.
✓Out of the box not able to connect internet. ( SM-T22x) not able to used adb.
But this bug fixed by...
connect to adb
On "secure", USB Debugging has to be toggled on each reboot.
connect to internet
Code:
adb shell settings put global restricted_networking_mode 0
There is no Navigation key or gesture options.
try adding "qemu.hw.mainkeys=0" to /system/build.prop.
These images are EXT4 unshared blocks, so as long you have verity disabled and root, you should be able to edit/save it.
______________________
May be you want
-》》LineageOS 20 "Light" A13
DOWNLOAD: (vndklite = not works )
Andy Yan's personal builds // GSI - Browse /lineage-20-light at SourceForge.net
sourceforge.net
✓ lineage-20.0-20221109-UNOFFICIAL-gsi_arm64_gN-secure.img.xz
》》》What do you want CustomAP or Fastboot mode?《《《​​CustomAP A11
(AP firmware version: T225XXU1AVB2)
Howto ? please read from my tutorial. here
CustomAP 2022
The only way to get away from the official firmware. Changes Degoogle (LeOS-TD.2.0 ) A13 GSI Home Launcher For SM-T225 FastbootD ☆☆☆ Tips and Tricks For [ LOS TD Unofficial GSI ] latest 2023-03-24 microG...
forum.xda-developers.com
Code:
sudo ./otatools/bin/lpmake --metadata-size 65536 \
--super-name super \
--metadata-slots 2 \
--device super:6094323712 \
--group main:4482433024\
--partition odm:readonly:4349952:main \
--image odm=./odm.img \
--partition system:readonly:2745270272:main \
--image system=./system.img \
--partition vendor:readonly:641204224:main \
--image vendor=./vendor.img \
--partition product:readonly:1091608576:main \
--image product=./product.img \
--sparse \
--output ./super_new.img
Now We can connected internet.
-Next updated magisk and testing with modifired system with mixplorer . very good new secure variant. (R/W system)
-exFAT may be very soon.
---------------------------------------------
Next Fastboot of TWRP
---------------------------------------------
full tutorial in jpg file here.
https://forum.xda-developers.com/attachments/ain1-jpg.5691897/
​》》From your Tab
- If this is the first time install use this.>
Howto install TWRP For SM-T225
# Patch Samsung AP Firmware via Magisk v24.0
1. Install Magisk.apk on your device SM-T225 with select no update checking, and transferred AP_xxx.tar.md5 from computer to your tab.
2. Patch Samsung AP Firmware via Magisk Manager.
( Once done, the newly created magisk_patched.tar file will be present under the
Downloads folder on your device.)
3. you may now transfer this patched TAR file to the folder on your PC where other extracted firmware files (AP, BL, CP, CSC, and HOME_CSC) are present.
4. FLASH it with ODin as usual by used magisk_patched.tar file at AP slot .
5. REBOOT SYSTEM Quick SETUP < NO NEED INTERNET>
6. Power Off and press Volum up +Volumn down + USB for boot into Download mode
7. FLASH TWRP.tar from https://github.com/DevZillion/android_device_samsung_gta7lite/releases at "AP slot"
But this time set Odin option NO Auto- REBOOT, yes do it yourself with key press ( power + volumn up). If you can't do this , let it reboot to system and uses cmd " adb reboot recovery".
When access to twrp
Go to Advanced > Terminal and type "multidisabler" (without quotes", then data wipe.
Now reboot into system, after completing first setup of the device reboot into TWRP again to see if you can see the contents of your Internal Storage, you should, if yes you have successfully disabled Samsung encryption of internal storage.
-install TWRP ( not for the first time installation )
From my tutorial: Easy & Quick RESTORE FROM (ANY GSI ) BACK TO (STOCK with TWRP)
!!! Download the actual Firmware A11 with Frija or samfirm or Bifrost, and extract
it and you will get 5 files (AP, BL, CP, CSC and HOME_CSC). All files are in tar format and can be opened by 7-Zip, WinRAR or other archrive software.
1. Flash the FW A11
- BL + AP + CP + CSC ( clean data)
- put (TWRP + vbmeta_disabler)dot tar in USERDATA slot.
and click "Start"
NOTE.
• Default Auto reboot to system.
• Your device will reboot but it will not boot into system as "vbmeta signature" has changed.
2. When Auto Boot into TWRP mode from step 1.
( May be Black screen , try to press power button + Volumn for activated twrp screen.)
In your TWRP Recovery menu.
• Go to Advanced > Terminal, type: multidisabler. Click Enter.
• Go back to Main menu , Wipe > Format Data > type yes.
Option<<<Install the Magisk.apk with TWRP >>>
3. Boot---->System
Done
NOTE: If you wish to install TWRP without rooting, there are numerous pitfalls to consider. For example, a stock device is protected by Android Verified Boot. This is implemented as a vbmeta partition that contains cryptographic digests for verifying the integrity of boot.img, recovery.img and other partitions/images. Flashing TWRP without first flashing a vbmeta image with verity disabled will render your device unable to boot.
Download:
(TWRP225 + vbmeta_disabler).tar https://mega.nz/file/QTIWmTJb#jIneu-vSC-tOSzN-mFhOurCtShGuZTkyoRrQ791R24s
twrp 220 + vbmeta_disabler :https://mega.nz/file/BTR1FbDL#oMfBn7TQCy2j0Qk3EtIOafoD2IY01AsX8UIOR-mSSVc
》》From your Computer
1. INSTALL "Android Bootloader interface" Driver.
Note: very important bootloader driver for used fastboot of the twrp.
Android Bootloader Interface Drivers are needed for your PC to identify the device connected in Fastboot Mode and hence execute the desired Fastboot Commands.
win10 :
File on MEGA
mega.nz
2. Copy & paste "Platform tools" to C:/ and copy &paste GSI.img into this folder.
( "vbmeta.img" IF NOT FOUNDED , PLEASE EXTRACTED FROM YOUR AP FILE)
Download Platform Tools for Android SDK Manager
Download Android SDK Platform-tools 29.0.0 , 29.0.0 , 30.0.0 , 30.0.0 , 31.0.0 , 31.0.0 , 31.0.0 , 33.0.0 , 33.0.0 , 33.0.0 , 34.0.0 ,
androidsdkmanager.azurewebsites.net
3. Run Cmd or Open from inside folder platform tools ,
Code:
adb reboot fastboot
>>>tab will auto reboot to "TWRP fastoot mode" (ignored black screen)
4.
Code:
fastboot devices
>>>Output screen will show your tab S/n
5.
Code:
fastboot --disable-verity --disable-verification flash vbmeta vbmeta.img
6.
Code:
fastboot erase system
7.
Code:
fastboot flash system yourGSI.img
>>> ignored invalid spare 'system'...at header magic
8.
Code:
fastboot -w
>>>This will also erase your internal storage.
9.
Code:
fastboot reboot recovery
10. * very important thing
》》from TWRP menu
wipe --->format data --->yes
reboot System
---------------------------------------
Accessories
---------------------------------------
Auto Brightness Fix
[Android 11 only) -Overlay for SM-T225 Magisk Mod By Tom.Android
13.8 KB file on MEGA
mega.nz
No need sound mod , original is very good.
On XDA forums
[GSI][13] LineageOS 20 "Light"
LineageOS is a free, community built, aftermarket firmware distribution of Android, which is designed to increase performance and reliability over stock Android for your device. LineageOS is based on the Android Open Source Project with extra...
forum.xda-developers.com
-‐------------------------------------------------------------------​

CHERISH OS - UNOFFICIAL GSI update Fixed (shows % battery offline charging)
Release v20221113 · ChonDoit/treble_cherishos_patches
CHANGELOG | Fix boot on MTK | Fix boot on Samsung (again) | Fix Missing APN NOTES slim = Basic GApps package lite = VNDK Lite secure = no inbuilt root RO = Read Only System (Secure too)
github.com
✓ CherishOS_A13-arm64-bgS-slim_20221113.img.xz ( not supported exFAT)
vndklite = not works
CHANGELOG​| Fix boot on MTK
| Fix boot on Samsung (again)
| Fix Missing APN
X Not Supported exFAT
✓ Can Install Magisk
✓ Read-writeable /system
✓ Slim ( basic Gapps packages)
Test Received 3G or 4G (LTE)​OK Can get LTE Data
Test Hotspot​
Advanced Gesture

screenshot for this rom ?

Difficul said:
screenshot for this rom ?
Click to expand...
Click to collapse
Do you want? video rec screen?

tom.android said:
Do you want? video rec screen?
Click to expand...
Click to collapse
video

Pixel Experience Plus 12.1 v415.1 update
Release Pixel Experience Plus 12.1 v415.1 · ponces/treble_build_pe
Sync with August sources of PE+
github.com
Not test cause changelog didn't specific MTK bugs fixed. only
Sync with August sources of PE+
( 90% not works for our tab A7 Lite)

save

tom.android said:
《《 I only explain in A11 view , you can adjust to works with your A12 .》》
View attachment 5760835​
DOWNLOAD: (vndklite = not works )
✓ lineage-20.0-20221111-UNOFFICIAL-arm64_bgN-secure.img.xz
(g = google apps, v= no google apps , N = not include SuperSU (root), secure=try to pass safetynet checked)
✓ lineage-20.0-20221111-UNOFFICIAL-arm64_bvN-secure.img.xz
Andy Yan's personal builds // GSI - Browse /lineage-20-td at SourceForge.net
sourceforge.net
》Can test (temporary install) with DSU Sideloader [A11]
》Can install with Fastboot of TWRP [A11]
》Can install with Odin [A11, A12] [ CustomAP]
✓This GSI is not suported exFAT.
✓Out of the box not able to connect internet. ( SM-T22x) not able to used adb.
But this bug fixed by...
connect to adb
On "secure", USB Debugging has to be toggled on each reboot.
connect to internet
Code:
adb shell settings put global restricted_networking_mode 0
There is no Navigation key or gesture options.
try adding "qemu.hw.mainkeys=0" to /system/build.prop.
These images are EXT4 unshared blocks, so as long you have verity disabled and root, you should be able to edit/save it.
______________________
May be you want
-》》LineageOS 20 "Light" A13
DOWNLOAD: (vndklite = not works )
Andy Yan's personal builds // GSI - Browse /lineage-20-light at SourceForge.net
sourceforge.net
✓ lineage-20.0-20221109-UNOFFICIAL-gsi_arm64_gN-secure.img.xz
》》》What do you want CustomAP or Fastboot mode?《《《​​CustomAP A11
(AP firmware version: T225XXU1AVB2)
Howto ? please read from my tutorial. here
CustomAP 2022
The only way to get away from the official firmware. Changes Degoogle (LeOS-TD.2.0 ) A13 GSI Home Launcher For SM-T225 FastbootD ☆☆☆ Tips and Tricks For [ LOS TD Unofficial GSI ] latest 2023-03-24 microG...
forum.xda-developers.com
Code:
sudo ./otatools/bin/lpmake --metadata-size 65536 \
--super-name super \
--metadata-slots 2 \
--device super:6094323712 \
--group main:4482433024\
--partition odm:readonly:4349952:main \
--image odm=./odm.img \
--partition system:readonly:2745270272:main \
--image system=./system.img \
--partition vendor:readonly:641204224:main \
--image vendor=./vendor.img \
--partition product:readonly:1091608576:main \
--image product=./product.img \
--sparse \
--output ./super_new.img
View attachment 5760021
View attachment 5760029
View attachment 5760039
View attachment 5760065
Now We can connected internet.
-Next updated magisk and testing with modifired system with mixplorer . very good new secure variant. (R/W system)
-exFAT may be very soon.
---------------------------------------------
Next Fastboot of TWRP
---------------------------------------------
full tutorial in jpg file here.
https://forum.xda-developers.com/attachments/ain1-jpg.5691897/
​》》From your Tab
-install TWRP
From my tutorial: Easy & Quick RESTORE FROM (ANY GSI ) BACK TO (STOCK with TWRP)
!!! Download the actual Firmware A11 with Frija or samfirm or Bifrost, and extract
it and you will get 5 files (AP, BL, CP, CSC and HOME_CSC). All files are in tar format and can be opened by 7-Zip, WinRAR or other archrive software.
1. Flash the FW A11
- BL + AP + CP + CSC ( clean data)
- put (TWRP + vbmeta_disabler)dot tar in USERDATA slot.
and click "Start"
NOTE.
• Default Auto reboot to system.
• Your device will reboot but it will not boot into system as "vbmeta signature" has changed.
2. When Auto Boot into TWRP mode from step 1.
In your TWRP Recovery menu.
• Go to Advanced > Terminal, type: multidisabler. Click Enter.
• Go back to Main menu , Wipe > Format Data > type yes.
Option<<<Install the Magisk.apk with TWRP >>>
3. Boot---->System
Done
NOTE: If you wish to install TWRP without rooting, there are numerous pitfalls to consider. For example, a stock device is protected by Android Verified Boot. This is implemented as a vbmeta partition that contains cryptographic digests for verifying the integrity of boot.img, recovery.img and other partitions/images. Flashing TWRP without first flashing a vbmeta image with verity disabled will render your device unable to boot.
Download:
(TWRP225 + vbmeta_disabler).tar https://mega.nz/file/QTIWmTJb#jIneu-vSC-tOSzN-mFhOurCtShGuZTkyoRrQ791R24s
twrp 220 + vbmeta_disabler :https://mega.nz/file/BTR1FbDL#oMfBn7TQCy2j0Qk3EtIOafoD2IY01AsX8UIOR-mSSVc
》》From your Computer
1. INSTALL "Android Bootloader interface" Driver.
Note: very important bootloader driver for used fastboot of the twrp.
Android Bootloader Interface Drivers are needed for your PC to identify the device connected in Fastboot Mode and hence execute the desired Fastboot Commands.
win10 :
File on MEGA
mega.nz
2. Copy & paste "Platform tools" to C:/ and copy &paste GSI.img into this folder.
( "vbmeta.img" IF NOT FOUNDED , PLEASE EXTRACTED FROM YOUR AP FILE)
Download Platform Tools for Android SDK Manager
Download Android SDK Platform-tools 29.0.0 , 29.0.0 , 30.0.0 , 30.0.0 , 31.0.0 , 31.0.0 , 31.0.0 , 33.0.0 , 33.0.0 , 33.0.0 , 34.0.0 ,
androidsdkmanager.azurewebsites.net
3. Run Cmd or Open from inside folder platform tools ,
Code:
adb reboot fastboot
>>>tab will auto reboot to "TWRP fastoot mode" (ignored black screen)
4.
Code:
fastboot devices
>>>Output screen will show your tab S/n
5.
Code:
fastboot --disable-verity --disable-verification flash vbmeta vbmeta.img
6.
Code:
fastboot erase system
7.
Code:
fastboot flash system yourGSI.img
>>> ignored invalid spare 'system'...at header magic
8.
Code:
fastboot -w
>>>This will also erase your internal storage.
9.
Code:
fastboot reboot recovery
10. * very important thing
》》from TWRP menu
wipe --->format data --->yes
reboot System
---------------------------------------
Accessories
---------------------------------------
Auto Brightness Fix
[Android 11 only) -Overlay for SM-T225 Magisk Mod By Tom.Android
13.8 KB file on MEGA
mega.nz
View attachment 5760395
No need sound mod , original is very good.
On XDA forums
[GSI][13] LineageOS 20 "Light"
LineageOS is a free, community built, aftermarket firmware distribution of Android, which is designed to increase performance and reliability over stock Android for your device. LineageOS is based on the Android Open Source Project with extra...
forum.xda-developers.com
Click to expand...
Click to collapse
can you provide me the magisk patched file of A11-AVB2 ?

alpezian said:
can you provide me the magisk patched file of A11-AVB2 ?
Click to expand...
Click to collapse
Downoad it from attach files.

anyone try the latest PE/CherishOS A13 build released yesterday ?

alpezian said:
anyone try the latest PE/CherishOS A13 build released yesterday ?
Click to expand...
Click to collapse
I only tried the most recent CherishOS A13 (for my T220) but had to go back to the 8/16 build because of lack of exFAT support for the microSD. That's a deal breaker for me.

Pixel Experience 12.1 v416
Fix boot on Mediatek devices
what is this varient worked now.?
https://github.com/ponces/treble_build_pe/releases/download/v416/PixelExperience_arm64-ab-slim-12.1-20221117-UNOFFICIAL.img.xz
Release Pixel Experience 12.1 v416 · ponces/treble_build_pe
Sync with November sources of PE Sync with AOSP 12.1 v416 (thanks @phhusson) Fix boot on Mediatek devices
github.com

Unable to update or install magisk! Can someone help? I installed mixplorer and it is working. The only issue with magisk installation.
CherishOS_A13-arm64-bgS-slim-lite_20221113.img.xz

yshiv666 said:
Unable to update or install magisk! Can someone help? I installed mixplorer and it is working. The only issue with magisk installation.
CherishOS_A13-arm64-bgS-slim-lite_20221113.img.xz
Click to expand...
Click to collapse
Try to delete /system/xbin/su with mixplorer before flash magisk.

tom.android said:
Try to delete /system/xbin/su with mixplorer before flash magisk.
Click to expand...
Click to collapse
/system/xbin/su is empty

yshiv666 said:
/system/xbin/su is empty
Click to expand...
Click to collapse
Delete
/system/xbin/su
/system/etc/init/su.rc
/system/bin/phh-su
/system/bin/phh-securize.sh
su app in /system/app/phh.superuser
Together with
*disable toggle SuperSU in phh-treble setting.

tom.android said:
Delete
/system/xbin/su
/system/etc/init/su.rc
/system/bin/phh-su
/system/bin/phh-securize.sh
su app in /system/app/phh.superuser
Together with
*disable toggle SuperSU in phh-treble setting.
Click to expand...
Click to collapse
Thank you for your time! but it didnt worked. Now im back on Crdroid 8.10 might stay on this for a little longer.
Again thanks for help .

How To Guide ( Rewrite).Using FastbootD .

This step by step tutorial is all about
☆☆☆ FastbootD video tutorial : https://m.youtube.com/playlist?list=PLvggR4skCxYzhB3SXxpSx4LvRzGwx9k45​Full round-trip of "GSIs flashing process".​
Step to install Stock ROM with Fastboot ability.(need 3in1.tar)
Step to flash GSI on top of Stock ROM.
get rid of SU.which came with "bvS" or "bgS" Variant.(option if you want Magisk)
Step to update GSI without lost your data include magisk.
Step to Recovery back to the First Boot with Magisk (hidden).
<<Additional for PHH AOSP>>
Add Adaptive Auto-brightness for T225 (magisk module) here
Add Face Unlock. here
<< Additional for Stock SAM A13 based>>
Add Restore Samsung Knox features.(had lost from unlocked and root)
Add Advanced Setup New LeOS
ADD DUAL BOOT WITH Vega Bobo DSU Sideloader. (SAM Stock A13 Base) Example here:
**FastbootD Help.
fastboot commands
fastboot commands. GitHub Gist: instantly share code, notes, and snippets.
gist.github.com
--info--
Sam did not provided " fastboot mode" for all devices. only "Odin flashing tool".
What is the FasdtbootD?
What is FastbootD? How to Boot to FastbootD Mode
In this tutorial, we will explain you what is FastbootD Mode in Android, how to boot to FastbootD Mode and how to exit this mode.
www.droidwin.com
*Limitation of FastbootD
FastbootD not the same as regular "fastboot", impossible to use fastbootd without " Dynamic partition. etc., dynamic partitions are automatically created, resized, or deleted as needed.
*FastbootD has access in logical partition like Super Partition.
( have odm +product+vendor+system partition inside) , Because dynamic partitions are implemented in userspace, partitions needed by the bootloader can't be made dynamic. For example, boot, dtbo, and vbmeta are read by the bootloader, and so must remain as physical partitions.
then
You can't uses by fastbootD performed
Code:
fastboot --disable-verity flash vbmata vbmeta.img
✓ Not enough space to resize partition solution
Solution:
Removing stock system_ext and/or product from fastbootd is enough, like so:
***Don't uses this command
"fastboot delete-logical-partition product"
why ?
the product partition, with around 1.3GB in size isn’t even required by the GSIs.
then you can delete data on product partition.
*(Didn't delete product partition itself but deletes only data inside this partition , then android will auto-resize product'spartition.)
Do this.
Code:
adb reboot fastboot
Code:
fastboot erase product
set the size of the product partition to 0
Code:
fastboot resize-logical-partition product 0x0
To verify if the partition size has become 0.
Code:
fastboot getvar all
If one of the lines shows the below code, then the process is a success.
Code:
(bootloader) partition-size:product:0x0
{
"lightbox_close": "Close",
"lightbox_next": "Next",
"lightbox_previous": "Previous",
"lightbox_error": "The requested content cannot be loaded. Please try again later.",
"lightbox_start_slideshow": "Start slideshow",
"lightbox_stop_slideshow": "Stop slideshow",
"lightbox_full_screen": "Full screen",
"lightbox_thumbnails": "Thumbnails",
"lightbox_download": "Download",
"lightbox_share": "Share",
"lightbox_zoom": "Zoom",
"lightbox_new_window": "New window",
"lightbox_toggle_sidebar": "Toggle sidebar"
}
or
>fastboot erase system_ext
>fastboot resize-logical-partition system_ext 0x0
---End Info--
Resource:
Basic knownledge.
my customAP tutorial.
** When using FastbootD you should knows
Set of fastbootd command.
-content-​
Flashing Any GSIs​Using Fastboot without CustomAP 》Save your time.​Example_use AOSP A13 from phhusson TrebleDroid GSI.
Complete Cycle From Fastboot Flashing >>>ROOT (Magisk,SU)>>Customized UI >>Update without Lost Data and Magisk.​Requirement:
-Unlocked BootLoader
-(Recommend) Stock Firmware Update to A13 such as
"SM-T225XXU1CWA2" etc.,
Why? Used Android 13 GSIs.
1. MTP works
2. Offline Charging works
3. Google Assistant can call for you. (Ok Google call xxx) Stock A13 didn't do it.
etc.,
>Step to install Stock ROM together with Fastboot ability at the same time.
(clean install with stock firmware)
Extract AP Framework File for "recovery.img.lz4" and patch to add FastbootD ability. [ Download Attach file ] or patch by yourself here https://github.com/Johx22/Patch-Recovery.
Flash Stock Framework File with odin. (AP , BL, CP, CSC_not_home) + Magisk patch-boot & vbmeta & patch-recovery at (USERDATA Slot) ( include 3 patch-files to one tar file) [ Download Attach file ] -After reboot must connects internet and set "Developer options = enable OEM unlocking + USB debugging"
(Computer) Download and extract Platform tools to C:\ https://developer.android.com/studio/releases/platform-tools.
(Computer) Download and install Fastboot interface Driver. https://www.droidwin.com/how-to-install-fastboot-drivers-in-windows-11/
Note:
1.you can dirty flash patched fastbootD-recovery at AP slot. When you had any firmware or gsi installed.
2.Howto magisk-patch (boot.img.lz4 + vbmeta.img.lz4). in General Section.
>Step to flash GSI on top of Stock ROM
Set of Command to install GSIs on top of Stock Firmware.
-Connect device with USB cable to Computer.
-Download your GSIs.
-Extract "GSI.img file into platform tools directory.
-open CMD inside the platform-tools folder and then type in the below command
** Check device was already connected with computer.
*** Check bootloader version (patched) is the same as your device's firmware.
0.
Code:
adb devices
1.
Code:
adb reboot fastboot
-Device will turn display into FastbootD mode
2.
Code:
fastboot erase system
option: if you founded ‘Not enough space to resize partition’) error.
Code:
fastboot delete-logical-partition product
3.
Code:
fastboot flash system gsi-filename.img
4. FastootD (pic below)​Select "Enter recovery menu"
5.Recovery (pic below)
Select "wipe data/factory reset" menu
6. Recovery (pic above)
Select "reboot system now" menu
​>>Finished " Flashing with FastbootD"<<​
After installation.
- This variant was included with " PHH-SU".
>Step get rid of SU.(option if you want Magisk) (bvS or bgS variant)
adb shell Enter
su Enter
chmod +x /system/bin/phh-securize.sh Enter
/system/bin/phh-securize.sh Enter
* Device will auto reboot.
After this Magisk icon will show up.
Click Magisk icon to continue setup additional files and reboot.
-----------------------------------------------------------------​
*Step to update GSI without lost your data include magisk.
*** (Recommended: use Magisk-Gapps, if you don't want to re-process install gapps again.)
Disable all magisk modules. (if you used another Launcher or Port it from another GSI , pleases uninstall it first.)
Flash New-Update-GSI with FastbootD
Code:
fastboot flash system new-gsi.IMG
then REBOOT System (No factory reset or wipe data)
Code:
fastboot reboot
After get rid of SU , magisk will show up.
get rid of SU
Code:
adb shell
Code:
su
Code:
chmod +x /system/bin/phh-securize.sh
Code:
/system/bin/phh-securize.sh
Note: After this magisk will works again. (with all modules you had installed .)
===End of Update Version info===
Scripts by phhusson to automatically build/CI/Release TrebleDroid GSI
more than 2 times per month
Then I write this easy additional way to update without lost your data..
​>Step to Recovery back toThe First Boot with Magisk (hidden installed).
​1.Run Factory Reset From Recovery by press and hold (Power+ Vol down)
2. Connect internet and enable Developer options.
3. Enable OEM unlocking & USB debugging.
4. Reboot after that Magisk setting icon will show up again.
--End update--
Happy Chinese New Year!​General Section
** Compared 2 projects
** Restore Samsung Knox features.​
✓ How to create Magisk patch for boot.img + vbmeta.img
extract (vbmeta.img.lz4 + boot.img.lz4) from your AP Stock
create compress one file xxx .tar with 7zip
move (vbmeta.img.lz4 + boot.img.lz4).tar (xxx.tar) to tab a7 lite
install magisk.apk on you tab a7 lite
patch the tar file. (with magisk manager)
result magisk-patch file at Tab a7 :-Download folder.
✓ Howto install fastboot driver.
How to Install Fastboot Drivers in Windows 11
In this comprehensive tutorial, we will show you the detailed steps to install the Fastboot Drivers onto your Windows 11 PC
www.droidwin.com
✓ [Add pre-patch-recovery-FastbootD]
*** S2 = can't downgrade (Android version) even firmware version.
SM-T220 A13SM-T225 A13SM-T 227U A13SM-T 225N A13T220XXS2CWA7T225XXS2CWA8T227UVLU3CVLAT225NKOU1CWA3T220XXU1CWA2T225XXS2CWA6T220XXU1CWA1T225XXU1CWA2T220XXU1CVL7T225XXU1CVL6T220XXU1CVL5T225XXU1CVL5T220XXS2CWA8T225XXU2CWB3
✓ Howto install "adb &fastboot" on PC
Samsung Android USB Driver | Samsung Developers
You need the driver only if you are developing on Windows and want to connect a Samsung Android device to your development environment over USB.
developer.samsung.com
You should also replace your adb with the latest binaries by Google.
SDK Platform Tools release notes | Android Studio | Android Developers
Android SDK Platform-Tools is a component for the Android SDK.
developer.android.com
Download the platform tools for windows zip file. Find out where your current adb.exe file is located. Extract the zip into that location, overwrite the old file(s).
Note: Don't delete any files from platform-tools
>>>>>>>>>>>>>>
√ Download:
Where are New AOSP A13 official?
Releases · TrebleDroid/treble_experimentations
Scripts to automatically build/CI/Release TrebleDroid GSI - TrebleDroid/treble_experimentations
github.com
Note: (Read/Write System should uses variant "vndklite".)
✓Changes PHH-SU to Magisk.
- Connect device with your computer. run below command.
Code:
adb shell Enter
su Enter
chmod +x /system/bin/phh-securize.sh Enter
/system/bin/phh-securize.sh Enter
May be didn't found phh-securize.sh only uses root file manager deleted "/system/xbin/su"
√ You can install "GAPPS" by adb shell or by Magisk-Gapps module.
(Cause we didn't have TWRP, but don't worry about TWRP.)
*install Bromite Systemwebview
*Vega Bobo DSU Sideloader (Root mode with magisk)
*this firmware can't downgrade.**S2**​T225XXS2CWA6 , it will no longer be possible to roll back even to the previous firmware .
( A13"SM-T225XXU1CWA2)
* Add some T220 FastbootD -Recovery-patch

Reserved:
Option tools for customize your AOSP GSI.
Install Gapps modules with Magisk. ( For Android 13)​DOWNLOAD: https://litegapps.site/index.html
CLICK NAME FOR DOWNLOAD
1. [MAGISK]LiteGapps_Nano_arm64_13.0_v2.8_official.zip (Base)
2. GoogleSearch_LiteGapps_Addon_arm64_13.0.zip. (add-on)
3. GoogleAssistant_LiteGapps_Addon_arm64_13.0.zip. (add-on)
Note: you can add add-on mod from here.
STEP. ( with magisk manager )
Flash 1 and Reboot
Flash 2 and Reboot
Flash 3 and Reboot
How to configure Google Assistant . ( For make a call )
-Set Default Digital Assistant.
Open Setting and Search with keyword " digital assistant or assistant"
-Configure OK Google.
Open Setting 》Google 》Setting for Google apps 》Search Assistant & Voice 》 Google Assistant 》Hey Google & Voice match
ENABLE Hey Google.

tom.android said:
You can install "GAPPS" by adb shell .
Click to expand...
Click to collapse
Where can I download a compatible package and what command besides adb shell do I have to run in order to install?

nirogu325 said:
Where can I download a compatible package and what command besides adb shell do I have to run in order to install?
Click to expand...
Click to collapse
readme inside archrive.

tom.android said:
readme inside archrive.
Click to expand...
Click to collapse
The readme only leads me to the package's website which does not tell me which specific command I have to run after adb shell. I then went to the Telegram group which basically tells me this: "adb root then adb shell or adb shell then su" and then "just run the script" Uh-huh. How do I run the script? "running it".

nirogu325 said:
The readme only leads me to the package's website which does not tell me which specific command I have to run after adb shell. I then went to the Telegram group which basically tells me this: "adb root then adb shell or adb shell then su" and then "just run the script" Uh-huh. How do I run the script? "running it".
Click to expand...
Click to collapse
nirogu325 said:
The readme only leads me to the package's website which does not tell me which specific command I have to run after adb shell. I then went to the Telegram group which basically tells me this: "adb root then adb shell or adb shell then su" and then "just run the script" Uh-huh. How do I run the script? "running it".
Click to expand...
Click to collapse
1. install root explorer app. (such as Mixplorer)
2. create directory "gapps" or anyname at /data
such as /data/gapps
3. extract archrive " TitaTheGapps.zip" to dir from 2
4. open terminal adb shell ----then su then
cd /data/gapps/tita
chmod +x ./installer.sh
5. add more space for new gapps by delete some unuseful from "/system/system_ext/apex"
Del "android.vndk.v.28,29,30,32 keep only v31
6. run script---> sh ./installer.sh
note you can use command "mount -o rw,remount /system" or used root explorer do it. (changes RO to RW) before mod system.

nirogu325 said:
The readme only leads me to the package's website which does not tell me which specific command I have to run after adb shell. I then went to the Telegram group which basically tells me this: "adb root then adb shell or adb shell then su" and then "just run the script" Uh-huh. How do I run the script? "running it".
Click to expand...
Click to collapse
Here is what I did to install GApps on AOSP A13:
Get TheGappsInstaller-Tita archive here: https://github.com/ChonDoit/TheGappsInstaller/releases/tag/Tita (specifically: TitaTheGapps_Terminal_20221225.tar.xz)
Extract the tar archive from the tar.xz file
Follow instructions below (credits: ozmage)
adb push TitaTheGapps_Terminal_20221225.tar /sdcard/Download
adb root
adb shell
cd /data
mkdir GAPPS
mv /sdcard/Download/TitaTheGapps_Terminal_20221225.tar GAPPS
cd GAPPS
tar xvpf TitaTheGapps_Terminal_20221225.tar
cd TitaTheGapps_Terminal_20221225
chmod a+x ./installer.sh
sh ./installer.sh

tom.android said:
1. install root explorer app. (such as Mixplorer)
2. create directory "gapps" or anyname at /data
such as /data/gapps
3. extract archrive " TitaTheGapps.zip" to dir from 2
Click to expand...
Click to collapse
dapr0b said:
Here is what I did to install GApps on AOSP A13:
Get TheGappsInstaller-Tita archive here: https://github.com/ChonDoit/TheGappsInstaller/releases/tag/Tita (specifically: TitaTheGapps_Terminal_20221225.tar.xz)
*instructions*
Click to expand...
Click to collapse
Thank you both, THAT is real support.

Update: Howto update GSI without lost your data.

Update.
Flashing Any GSIs​Using Fastboot without CustomAP any longer.​

tom.android said:
Update.​Flashing Any GSIs​Using Fastboot without CustomAP any longer.​
Click to expand...
Click to collapse
Thank you.
I have one question though.
My tab is already updated to SM-T225XXU1CWA2. In the firs step, can I just simply flash with ODIN your attached fastbootd-recovery.tar in AP slot and the 3-in-1.tar in USERDATA slot without including the stock framework file (AP, BL, CP, CSC)?

jtrakx said:
Thank you.
I have one question though.
My tab is already updated to SM-T225XXU1CWA2. In the firs step, can I just simply flash with ODIN your attached fastbootd-recovery.tar in AP slot and the 3-in-1.tar in USERDATA slot without including the stock framework file (AP, BL, CP, CSC)?
Click to expand...
Click to collapse
1. flash only 3in1.tar at AP slot. (magisk 25.2 + vbmeta + recovery-patch)
-install gsi
2. remove SU by
adb shell Enter
su Enter
bra bra bra
look at my tutorial

tom.android said:
1. flash only 3in1.tar at AP slot. (magisk 25.2 + vbmeta + recovery-patch)
2. remove SU by
adb shell Enter
su Enter
bra bra bra
look at my tutorial
Click to expand...
Click to collapse
Thank you. That's a big help.

update iconify v6.0 (extract zip file run iconify.apk ) or update from app.
Iconify • Customize Boring Android UI
Updated to v6.0.0
What's new?
• Custom battery color
• Semi Transparent Brightness bar style
• Semi Transparent QS tile style
• Semi Transparent Notification style
• 5 styles of volume panel
• Improved UI roundness
XPosed Menu: (LSPosed recommended)
• Transparent Qs Panel (Supports more rom)
• Window Level Blur and Force blur enabler for unsupported ROMs
• Vertical QS tiles
• Custom header image (GIF supported)
• Custom header clocks
• Custom lockscreen clocks (custom font supported)
• Clock and status icons background chip
Full Changelog: Click Here

Teamfly Launcher (Didn't test)
TeamFiles Launcher
A launcher which aims to provide stability, speed & customizationMore info at github.com/TeamFiles/TeamFiles-LauncherJoin t.me/loopprojects to get more updates!
store.kde.org
May be compatible with quick switch of OneUI 5.

I also have a question, is this only for SM-T225XXU1CWA2 only ? or T220 can do this too . I have T220 XAR us version android 13 gsi pixel Experience plus with magisk. I want to install fastbootD and install gsi without custom AP.. do I use this guide?

abc1054 said:
I also have a question, is this only for SM-T225XXU1CWA2 only ? or T220 can do this too . I have T220 XAR us version android 13 gsi pixel Experience plus with magisk. I want to install fastbootD and install gsi without custom AP.. do I use this guide?
Click to expand...
Click to collapse
yes u can , extract AP file>>recovery.img.lz4. boot.img.lz4. vbmeta.img.lz4. upload here if you can't patch.

Can you explain how to patch it. Thanks

abc1054 said:
Can you explain how to patch it. Thanks
Click to expand...
Click to collapse
1.boot.IMG.lz4. 2. vbmeta.IMG.lz4. patch with magisk
2.recovery.IMG.lz4. patch follow with https://github.com/Johx22/Patch-Recovery

tom.android said:
yes u can , extract AP file>>recovery.img.lz4. boot.img.lz4. vbmeta.img.lz4. upload here if you can't patch.
Click to expand...
Click to collapse
Here is my files