** UNOFFICIAL A-TEAM RELEASE**
*******Testing ONLY*******
**testing has only been done on GN2200 July patch device but should atleast boot into twrp on other sec patch on GN2200 devices***
***Let us know if not***
*****HEED THE WARNING OF IMPENDING APOCALYPSE, DOOM, BOOTLOOPS , BRIMSTONE AND FIRE, AND ALSO TWRP ******
***NOBODY IS RESPONSIBLE FOR WHAT YOU DO WITH THIS EXCEPT YOU***
***DO NOT BUILD AND FLASH THIS UNLESS YOU KNOW EXACTLY WHAT YOUR DOING***
****DONT DO ANYTHING I SAY, I CANT BE HELD RESPONSIBLE FOR WHAT I SAY OR DO*****
**THIS IS AN ** UNOFICIAL RELEASE ** SO DONT GO CRYING TO ANYONE THAT YOU MADE YOURSELF AN EXPENSIVE PAPERWEIGHT IF YOU USE ANYTHING IN THIS POST***
********* THE RESPNSIBILITY LIES SOLELY UPON YOU***
***FLASHING IN CURRENT STATE DOES NOT BOOT INTO SYSTEM****
****READ EVERYTHING BEFORE YOU DO ANYTHING******
******ONLY POSTING THIS FOR DEV PURPOSES*******
******Huge THANKS to PizzaG for this!!!******
***Thanks to Eduardo as well for his contributions, he may still be working on his own release***
Am posting this with a copy/paste i posted in telegram group..
We need people with the knowledge/skills and experience to help get this TWRP finished AND/OR work out the bugs.
GitHub - PizzaG/recovery_device_oneplus_OP515AL1
Contribute to PizzaG/recovery_device_oneplus_OP515AL1 development by creating an account on GitHub.
github.com
*this is not ready for release but the source is here for anyone who can build upon it*
touch is not working
you cant fastboot boot on this device so DO NOT flash this to your device without a backup of your stock/current boot image
issues we are having is no touch, can't mount /data, and so far cant boot into system with the recovery installed so if you want to use it youll need to flash this to boot, use it for whatever and then flash stock boot back, if your magisk patched youll need to flash the backup of that patched boot image you made before flashing this in order to get back into your system....... i have sort of found a slight work around for having to keep flashing the boot partitions until someone can get this to boot by placing my current boot image on an sdcard along with the twrp, flash the twrp to the active boot partition, boot into twrp, install image and install your backed up boot image to the current slot, then go back to advanced and install twrp to ramdisk and select and install the twrp image to the ramdisk, if your magisk patched you need to flash magisk zip right now, you can adb shell into twrp to pull a copy of this boot image if you want and i have flashed my "twrp-ramdisk installed boot image" on the Slot that my system is on and stock/backup boot image to inactive slot because its the only way to boot back to system for now without reflashing the stock(backed up) boot image back to the slot. and reboot into bootloader, change active and reboot and your back into your system.... when you need twrp you can set active to the other slot, it will bootloop once into bootloader and choose recovery to get back to twrp... when done reboot to bootloader and set active back to the other slot and reboot into system.............otg mouse works, adb works, mtp works, some work has been done on the touch but thats still not working yet, everything seems to be mounting except data............. big shout out to PizzaG for this
***this is a very round-about way to get a currently buggy twrp on the device but if you have a usb-c adapter and mouse you can navigate twrp....***
PizzaG doesnt have the device and has spent more time than anyone could possibly ask someone to spend on this for free... I dont have the skills required yet to really work on this. I have tested as much as possible and here it is for those who can build and work on it. i dont recommend releasing in its current form because im sure alot of people will be complaining and bricking their devices. if you can build it im sure you can work on it and should have the skills to atleast recover and have the sense to make backups first.......
Thanks again to everyone who has already donated the valuable time working on this for us and to everyone who will follow and build upon this!
You can find the telegram group for our device here:
You can find the A-Team in telegram
Also FYI in case you missed the post about our kernel source, it can be found here:
GitHub - OnePlusOSS/android_kernel_msm-5.4_oneplus_sm6375 at oneplus/sm6375_r_12.0.1_oneplus_nord_n20_5g
Contribute to OnePlusOSS/android_kernel_msm-5.4_oneplus_sm6375 development by creating an account on GitHub.
github.com
If anyone with experience building twrp and especially for OnePlus devices needs a tester or any files from the device hit me up on telegram @PsYk0n4uT2 and I will do my best to provide whatever you need and test builds along with providing logs.
heres a compiled boot image from the above tree as of 10/02/2022.
**remeber it DOES NOT boot to system, this is twrp only, not installed into recovery ramdisk yet. so BACKUP YOUR STOCK(current) boot image FIRST**** you will have to flash your stock(current) boot image back to boot back into your system. you can sort of get around this by above mentioned method BUT here it is for the GN2200 anyways. working on my July patched device and my May patched device so it should work for other GN2200 sec patches too...
***BACKUP BACKUP BACKUP*****
also cant change active slot from twrp, must reboot to bootloader to change active slot
Heres TWRP installed to ramdisk on a july patched boot image. does not boot to system but since it doesnt you should still be able to use this on any patch for testing purposes.....
You can backup your boot image and flash your current boot image to inactive slot and flash this to active slot by selecting recovery from bootloader after it loops once.... use twrp then go back to bootloader and change active and reboot to get back into your system.
**BACKUP YOUR CURRENT BOOT IMAGE****
***DOES NOT BOOT TO SYSTEM**
***YOU WILL NEED YOUR CURRENT BOOT IMAGE TO BOOT YOUR SYSTEM< YOU SHOULD ALREADY HAVE A BACKUP OF YOUR STOCK IMAGE IN THE CASE THAT YOU ARE MAGISK PATCHED ALREADY< KEEP A COPY OF BOTH IN CASE YOU DECIDE TO WIPE DATA< YOU WILL NOT BOOT BACK INTO YOUR SYSTEM WITH A MAGISK PATCHED BOOT IMAGE IF YOU WIPE DATA*******
if someone can get their system to boot after installing the TWRP from post 4 or their own build after personal edits please post here how you were able to achieve the install and maintain booting into system..
currently twrp indicates that path to /mnt could not be found and cant mount /data .. i think if someone could fix this maybe some progress could be made
ScarletWizard said:
I wonder if TWRP will work for devices with a serial number defeicy
Click to expand...
Click to collapse
halfway working on mine, just isnt finished yet, we need someone who knows alot more about this than i do. another dev is working on twrp but needs a device. the serial wont affect anything else other than the oneplus care app and getting the unlock token..... other than that u have full functionality.... the one posted above needs ALOT of work to finish. no touch yet but it could work for SOME things....
I know C/C++ at a decent level, however; I don't have much experience with low level stuff (especially dealing with bootloaders and other specific proprietary android kernel stuff). If there is anything that needs testing, I am down for it since this is just a secondary phone for me and I won't be too upset if it explodes.
I'm going to attempt this
[ SOLUTION ] [ MTK ] to Fix Touch not Working on TWRP / Philz Due to Kernel Disabled Touch.
In this tutorial, i'm going to show how i managed to patch kernel to enable touch in recovery TWRP / Philz. WARNING : This worked fo...
factopea.blogspot.com
It's written for mtk device but might have similar enough instructions to port for qcom kernel,
But I believe this is what is needed to get the TWRP touch going
Is the trwp.fstab using the right version? Both have different
Code:
/dev/block/bootdevice/by-name/userdata /data f2fs noatime,nosuid,nodev,discard,inlinecrypt,reserve_root=32768,resgid=1065,fsync_mode=nobarrier latemount,wait,resize,check,formattable,fileencryption=aes-256-xts:aes-256-cts:v2+inlinecrypt_optimized+wrappedkey_v0,keydirectory=/metadata/vold/metadata_encryption,metadata_encryption=aes-256-xts:wrappedkey_v0,quota,reservedsize=128M,checkpoint=fs
Try this instead in twrp.fstab
Code:
/data f2fs /dev/block/bootdevice/by-name/userdata flags=fileencryption=ice:aes-256-cts;wrappedkey;keydirectory=/metadata/vold/metadata_encryption
Techted89 said:
Is the trwp.fstab using the right version? Both have different
Code:
/dev/block/bootdevice/by-name/userdata /data f2fs noatime,nosuid,nodev,discard,inlinecrypt,reserve_root=32768,resgid=1065,fsync_mode=nobarrier latemount,wait,resize,check,formattable,fileencryption=aes-256-xts:aes-256-cts:v2+inlinecrypt_optimized+wrappedkey_v0,keydirectory=/metadata/vold/metadata_encryption,metadata_encryption=aes-256-xts:wrappedkey_v0,quota,reservedsize=128M,checkpoint=fs
Try this instead in twrp.fstab
Code:
/data f2fs /dev/block/bootdevice/by-name/userdata flags=fileencryption=ice:aes-256-cts;wrappedkey;keydirectory=/metadata/vold/metadata_encryption
Click to expand...
Click to collapse
i just unpacked the twrp image with AIK and made the suggested edits and repacked, reflashed, same...... another person is working on twrp and has gotten much of the fstab corrected in their build but their keeping their source closed til they get it ready for release and is still very far from being finished with it and doesnt have much time to work on it right now so we are just kinda stuck waiting on someone that knows what their doing to help get this going. the other person has touch working on theirs so i know its possible i just dont know how long it will be before we see a beta even
Techted89 said:
Is the trwp.fstab using the right version? Both have different
Code:
/dev/block/bootdevice/by-name/userdata /data f2fs noatime,nosuid,nodev,discard,inlinecrypt,reserve_root=32768,resgid=1065,fsync_mode=nobarrier latemount,wait,resize,check,formattable,fileencryption=aes-256-xts:aes-256-cts:v2+inlinecrypt_optimized+wrappedkey_v0,keydirectory=/metadata/vold/metadata_encryption,metadata_encryption=aes-256-xts:wrappedkey_v0,quota,reservedsize=128M,checkpoint=fs
Try this instead in twrp.fstab
Code:
/data f2fs /dev/block/bootdevice/by-name/userdata flags=fileencryption=ice:aes-256-cts;wrappedkey;keydirectory=/metadata/vold/metadata_encryption
Click to expand...
Click to collapse
also i see a recovery.fstab instead of twrp.fstab in /system/etc. is this what your referring to?
You need both from what iv read ,. TWRP.flags is a module that rewrites the stab at a certain point which may be the reason it's not compiling but I will post. Recovery.fstab is supposed to be a copy paste from the boot.img and gives the general mount partitions locations,. TWRP.fstab is mounted using the same partitions but different format/flag structure to be available to TWRP .
Techted89 said:
You need both from what iv read ,. TWRP.flags is a module that rewrites the stab at a certain point which may be the reason it's not compiling but I will post. Recovery.fstab is supposed to be a copy paste from the boot.img and gives the general mount partitions locations,. TWRP.fstab is mounted using the same partitions but different format/flag structure to be available to TWRP .
Click to expand...
Click to collapse
Interesting article above. Were you able to get that to work? I know it says MTK but seems like mechanism should be the same, or atleast I would assume anyways that the function would be very similar in the case of a flag. Was told you needed to use original kernel but then I couldn't get that to boot period. I'm out of my area of knowledge at this point but always willing to learn.
Also I tried messing around a little with the f stab and TWRP flags I was told that TWRP flags is pretty much the same as the twrp.fstab... also this build needs to have something added to the drivers I do believe that this is somehow related to USB touch it is a goodix gt9886 touch panel using the Samsung 9886 drivers. Maybe the init's need some help here as well.
I have the programming knowwledge that TWRP would require, but have not as of yet created one as my devices were typically readily complete before-hand. Once my device is back up, and running I am going to boot into Ubuntu and give it a go.
I need some excuse to have learned assembly x86, c, c++, Java, Python, and rust and have been eyeing learning scripting so it could be a fun side project assuming it is still incomplete as of the moment?
Is it normal for manufacturers to use components from other's in their builds? The kernel posted seemed to indicate at least a couple Samsung files included.
Well C is a guarantee possibly some C++ as well and definitely some sh scripting if you know rust and know how to attach it to C well enough that could add more possibilities I would imagine. The recovery is from my understanding in the boot image Android Image Kitchen would help you see it unmodified if that is the case.
I found a unofficial TWRP that flashes to the boot partition, and works pretty damn well, id have to say! I am not an experienced developer, I just like to flash around on my phone in my spare time.. Anyways here y'all go:
I am down while I got partitions backed up to the cloud.
Related
I have clean installed Magisk because of an irregularity. To be specific: when I TWRP>Install systemless_xposed-uninstaller-signed.zip, I get an error: Updater process ended with ERROR: 1. TWRP last_log shows ¨e2fsck: No such file or directory¨while trying to open /data/adb/magisk.img¨. So Magisk seems not to be installed.
While this happens, at the same time, when sytem is booted, I have no issues (seemingly) using Magisk manager and installing and using modules.
Because of this irregularity I clean installed Magisk:
- un-installed Magisk through Magisk manager>Uninstall>Complete uninstall
- flashed stock boot image using ¨fastboot flash ramdisk RAMDISK.img¨
- and re-installed Magisk TWRP>Install Magisk-v16.0.zip
After which the Magisk installation on my device is still broken in some way and regarded as ¨weird¨ by fellow xda members; I was advised to ask about it in the device forum.
I attach last_log-magisk-install.txt & last_log-systemless_xposed-uninstaller-signed.txt
Does anybody have a clue and/or experience in this matter maybe?
It's because /data/adb/ is encrypted after installing Magisk.
Not sure why it does that, that folder used to stay unencrypted after installing.
You can use TWRP file manager and check /data/adb/ for encrypted files, and check while booted too. If it's empty it is indeed not installing correctly.
Why are you running Xposed uninstaller by the way?
ante0 said:
It's because /data/adb/ is encrypted after installing Magisk.
Not sure why it does that, that folder used to stay unencrypted after installing.
You can use TWRP file manager and check /data/adb/ for encrypted files, and check while booted too. If it's empty it is indeed not installing correctly.
Why are you running Xposed uninstaller by the way?
Click to expand...
Click to collapse
/data/adb in twrp filemanager looks encrypted yes. Booted to system however, it shows correctly (screenshot). I do not understand why you expected it to be empty as you say.
What do you advise? Decrypt data partition maybe?
You ask why i run Xposed uninstaller; I just ran this script now to get the log. Before all this investgation started I was advised to run it to get rid of possible Xposed framework leftovers after I had installed Xposed, bootlooped and deletef the module.
lvbaal said:
/data/adb in twrp filemanager looks encrypted yes. Booted to system however, it shows correctly (screenshot). I do not understand why you expected it to be empty as you say.
What do you advise? Decrypt data partition maybe?
You ask why i run Xposed uninstaller; I just ran this script now to get the log. Before all this investgation started I was advised to run it to get rid of possible Xposed framework leftovers after I had installed Xposed, bootlooped and deletef the module.
Click to expand...
Click to collapse
No, I meant if it was empty it would be a reason why it can't find magisk.img. But in this case its encryption thats causing it.
You could decrypt, it would fix it. Though as you probably know you'd have to do this after each update.
You might be able to go back to fastboot directly after update finishes and flash twrp, then to twrp and replace fstab in /vendor/etc/ so it doesn't encrypt again. I haven't tested but should work. As long as you don't boot to system before replacing fstab it should stay decrypted.
I have a feeling it's caused by the FBE bypass that was introduced in v16 (actually 1541 from the custom honor v10 link, but added in 16 to stable). Magisk refused to even install because of encryption before this was fixed.
ante0 said:
No, I meant if it was empty it would be a reason why it can't find magisk.img. But in this case its encryption thats causing it.
You could decrypt, it would fix it. Though as you probably know you'd have to do this after each update.
You might be able to go back to fastboot directly after update finishes and flash twrp, then to twrp and replace fstab in /vendor/etc/ so it doesn'tencrypt again. I haven't tested but should work. As long as you don't boot to system before replacing fstab it should stay decrypted.
I have a feeling it's caused by the FBE bypass that was introduced in v16 (actually 1541 from the custom honor v10 link, but added in 16 to stable). Magisk refused to even install because of encryption before this was fixed.
Click to expand...
Click to collapse
Thanks for your input. I'll keep decrypting in mind. For now, it looks like I can install a module from Magisk manager - greenify4magisk. I could not do this however when I had v16. Now on v16.1 it installs. I will check it's functioning later.
ante0 said:
No, I meant if it was empty it would be a reason why it can't find magisk.img. But in this case its encryption thats causing it.
You could decrypt, it would fix it. Though as you probably know you'd have to do this after each update.
You might be able to go back to fastboot directly after update finishes and flash twrp, then to twrp and replace fstab in /vendor/etc/ so it doesn't encrypt again. I haven't tested but should work. As long as you don't boot to system before replacing fstab it should stay decrypted.
I have a feeling it's caused by the FBE bypass that was introduced in v16 (actually 1541 from the custom honor v10 link, but added in 16 to stable). Magisk refused to even install because of encryption before this was fixed.
Click to expand...
Click to collapse
I'm not sure what alteration in /vendor/etc/fstab is needed to prevent encryption. Can you elaborate maybe? Also, in this regard, can you confirm the following:
when I decide to format internal storage in TWRP with ¨Format Data¨and thus getting rid of encryption(link), will it still be (re-)encrypted if I use the unmodified stock kernel (I'm using stock Emui8)? If so, do you know of a modified kernel without encryption for BLA-L29(C432)?
lvbaal said:
I'm not sure what alteration in /vendor/etc/fstab is needed to prevent encryption. Can you elaborate maybe? Also, in this regard, can you confirm the following:
when I decide to format internal storage in TWRP with ¨Format Data¨and thus getting rid of encryption(link), will it still be (re-)encrypted if I use the unmodified stock kernel (I'm using stock Emui8)? If so, do you know of a modified kernel without encryption for BLA-L29(C432)?
Click to expand...
Click to collapse
This flag: ",fileencryption=aes-256-xts:aes-256-cts" on the /data line needs to be removed. After that you format data in twrp and decryption will stick. As of Oreo fstab is located in /vendor/etc so it doesn't matter what ramdisk you use, only matter is when you update firmware as /vendor is over-written. In theory you should be able to update, go straight to fastboot after and flash twrp, go to twrp and replace fstab. I haven't tested that yet, but as long as you don't boot to system it should stay decrypted.
(TWRP with FBE decryption support is on the horizon so you might want to wait. A fix was pushed a few days ago and it works on Honor 9, we just need a newly built twrp. I can't get the 8.1 tree to build a working one so I will check if it can be done with the 7.1 tree.)
ante0 said:
This flag: ",fileencryption=aes-256-xts:aes-256-cts" on the /data line needs to be removed. After that you format data in twrp and decryption will stick. As of Oreo fstab is located in /vendor/etc so it doesn't matter what ramdisk you use, only matter is when you update firmware as /vendor is over-written. In theory you should be able to update, go straight to fastboot after and flash twrp, go to twrp and replace fstab. I haven't tested that yet, but as long as you don't boot to system it should stay decrypted.
(TWRP with FBE decryption support is on the horizon so you might want to wait. A fix was pushed a few days ago and it works on Honor 9, we just need a newly built twrp. I can't get the 8.1 tree to build a working one so I will check if it can be done with the 7.1 tree.)
Click to expand...
Click to collapse
Hi and thanks for the clarification. As I'm in the process of re-flashing complete stock firmware (131->138 from pro-teammt.ru) I think I will be going for the solution provided by @Didgeridoohan. As I understand it at this moment, both solutions will permanently decrypt my /data, but the your solution does not mention Magisk installation. Does a Magisk installation not have any bearing to the issue then?
lvbaal said:
Hi and thanks for the clarification. As I'm in the process of re-flashing complete stock firmware (131->138 from pro-teammt.ru) I think I will be going for the solution provided by @Didgeridoohan. As I understand it at this moment, both solutions will permanently decrypt my /data, but the your solution does not mention Magisk installation. Does a Magisk installation not have any bearing to the issue then?
Click to expand...
Click to collapse
I'm not sure Magisk can. It could when I pushed a commit that added fileencryptioninline (this was for nougat), and when fstab was located in boot partition.
But that was removed as it broke support for Pixel devices.
This is what it looks for: https://github.com/topjohnwu/Magisk...285d860b4d95db13f7/native/jni/utils/pattern.c
"const char *encrypt_list[] = { "forceencrypt", "forcefdeorfbe", NULL };"
As you see it doesn't contain "fileencryption".
I'm not sure it even looks for fstab in /vendor. That would break the systemlessness of Magisk (doesn't modify /system or /vendor)
Though, it doesn't matter anyway, it does the exact same thing as manually editing /vendor/etc/fstab.kirin970
You can test though, to confirm
When you do Format Data you need to manually flash back the public and hw data zips in TWRP, they give errors but it's the folder "hw_init" that's placed in /data/ that's needed. Themes and stuff are in there.
ante0 said:
This flag: ",fileencryption=aes-256-xts:aes-256-cts" on the /data line needs to be removed. After that you format data in twrp and decryption will stick. As of Oreo fstab is located in /vendor/etc so it doesn't matter what ramdisk you use, only matter is when you update firmware as /vendor is over-written. In theory you should be able to update, go straight to fastboot after and flash twrp, go to twrp and replace fstab. I haven't tested that yet, but as long as you don't boot to system it should stay decrypted.
(TWRP with FBE decryption support is on the horizon so you might want to wait. A fix was pushed a few days ago and it works on Honor 9, we just need a newly built twrp. I can't get the 8.1 tree to build a working one so I will check if it can be done with the 7.1 tree.)
Click to expand...
Click to collapse
Thanks again But I cannot quite picture this; when you say ¨In theory you should be able to update, go straight to fastboot after and flash twrp¨, because when I have flashed the complete stock firmware, I suppose Developper option USB debugging is off and I cannot send command <fastboot flash recovery_ramdisk twrp.img> from PC, or can I?
lvbaal said:
Thanks again But I cannot quite picture this; when you say ¨In theory you should be able to update, go straight to fastboot after and flash twrp¨, because when I have flashed the complete stock firmware, I suppose Developper option USB debugging is off and I cannot send command <fastboot flash recovery_ramdisk twrp.img> from PC, or can I?
Click to expand...
Click to collapse
When you flash on Oreo it will not wipe anything, /data stays.
Basically it does an OTA but with a full fw.
Unless you factory reset after, then it would wipe.
As I said it's in theory as I haven't tested it yet, so you're free to try if you're going to update anyway
Mine has been on everytime I've updated anyway. Only difference was in Nougat where bootloader was locked and you had to unlock it, which meant a mandatory wipe...
ante0 said:
This flag: ",fileencryption=aes-256-xts:aes-256-cts" on the /data line needs to be removed. After that you format data in twrp and decryption will stick. As of Oreo fstab is located in /vendor/etc so it doesn't matter what ramdisk you use, only matter is when you update firmware as /vendor is over-written. In theory you should be able to update, go straight to fastboot after and flash twrp, go to twrp and replace fstab. I haven't tested that yet, but as long as you don't boot to system it should stay decrypted.
(TWRP with FBE decryption support is on the horizon so you might want to wait. A fix was pushed a few days ago and it works on Honor 9, we just need a newly built twrp. I can't get the 8.1 tree to build a working one so I will check if it can be done with the 7.1 tree.)
Click to expand...
Click to collapse
Hello again. I've studied the shell scripts used in the HWOTA8 package and found out that the kernel and stock recovery will be flashed to the device after which it switches to recovery mode and the update zips will be pushed to /data/update along with update commands in /cache/recovery/command. Then it is supposed to reboot to recovery; to apply the updates I presume?. So when I interrupt this flow and do not boot to recovery but to fastboot to flash twrp and replace fstab, how will the updates be applied then?
I attach the script in question.
Any news already on TWRP on the horizon?
lvbaal said:
Hello again. I've studied the shell scripts used in the HWOTA8 package and found out that the kernel and stock recovery will be flashed to the device after which it switches to recovery mode and the update zips will be pushed to /data/update along with update commands in /cache/recovery/command. Then it is supposed to reboot to recovery; to apply the updates I presume?. So when I interrupt this flow and do not boot to recovery but to fastboot to flash twrp and replace fstab, how will the updates be applied then?
I attach the script in question.
Any news already on TWRP on the horizon?
Click to expand...
Click to collapse
First, copy fstab to computer and remove the fileencryption flag.
If course you need to flash update first.
You install update using HWOTA8. After it's done with the update in recovery mode you boot directly to fastboot instead of booting to system. You'd have to watch phone while it's updating as it reboota automatically. You should have USB plugged in already, so just start holding vol down when it says update is complete and it will reboot and you should land in fastboot. Now flash twrp to recovery_ramdisk and type 'fastboot reboot'. Remove USB and hold vol up. Now you should boot to twrp. Adb push the modified fstab to /vendor/etc/fstab.kirin970.
Also check Internal storage in twrp to make sure it's still decrypted. (you would have to decrypt before installing update to make sure this theory actually works ).
I could actually test it tonight on my Mate 9.
As for TWRP, the fix has been pushed to gerrit but it's not merged yet. I've been trying to get the android-8.0/8.1 branch to build a functional twrp but no luck yet. For some reason a bunch of folders are missing, and I'm not sure why. They are there in the source branch for both 8.0/8.1... I will test using git clone instead if repo sync.
ante0 said:
As for TWRP, the fix has been pushed to gerrit but it's not merged yet. I've been trying to get the android-8.0/8.1 branch to build a functional twrp but no luck yet. For some reason a bunch of folders are missing, and I'm not sure why. They are there in the source branch for both 8.0/8.1... I will test using git clone instead if repo sync.
Click to expand...
Click to collapse
I managed to build an Ubuntu based development environment, but using minimal manifest (8.1 branch) to build TWRP throws errors (i don't know if you have the same errors).
Here's the error log - > https://pastebin.com/C6jVg2eY
ante0 said:
First, copy fstab to computer and remove the fileencryption flag.
If course you need to flash update first.
You install update using HWOTA8. After it's done with the update in recovery mode you boot directly to fastboot instead of booting to system. You'd have to watch phone while it's updating as it reboota automatically. You should have USB plugged in already, so just start holding vol down when it says update is complete and it will reboot and you should land in fastboot. Now flash twrp to recovery_ramdisk and type 'fastboot reboot'. Remove USB and hold vol up. Now you should boot to twrp. Adb push the modified fstab to /vendor/etc/fstab.kirin970.
Also check Internal storage in twrp to make sure it's still decrypted. (you would have to decrypt before installing update to make sure this theory actually works ).
I could actually test it tonight on my Mate 9.
As for TWRP, the fix has been pushed to gerrit but it's not merged yet. I've been trying to get the android-8.0/8.1 branch to build a functional twrp but no luck yet. For some reason a bunch of folders are missing, and I'm not sure why. They are there in the source branch for both 8.0/8.1... I will test using git clone instead if repo sync.
Click to expand...
Click to collapse
Actually the ota.sh script boots to recovery after pushing the update. Presumably to apply the update through stock recovery. There fore I issued command adb reboot bootloader in an other powershell window. Then I flashed TWRP rebooted to TWRP to replace replaced fstab but then TWRP decides to apply the update because of input in /cache/recovery/command, so at that point I cannot replace fstab. Therefor I altered the script ota.sh and de-activated writes to /cache/recovery/command, and started over...
[/B]
lvbaal said:
Actually the ota.sh script boots to recovery after pushing the update. Presumably to apply the update through stock recovery. There fore I issued command adb reboot bootloader in an other powershell window. Then I flashed TWRP rebooted to TWRP to replace replaced fstab but then TWRP decides to apply the update because of input in /cache/recovery/command, so at that point I cannot replace fstab. Therefor I altered the script ota.sh and de-activated writes to /cache/recovery/command, and started over...
[/B]
Click to expand...
Click to collapse
Well, it has to apply the update in stock recovery. It can't do it in TWRP.
Basically you:
Format Data in TWRP and replace fstab with one that has fileencryption flag removed.
Boot to system once and then back to TWRP, check that you are decrypted (file manager in TWRP to Internal SD or browse child folders in /data).
Run HWOTA8 and let it update through stock recovery.
When it's done updating and about to reboot back to system, hold vol down so it goes to fastboot mode.
Now flash TWRP and issue 'fastboot reboot', quickly remove usb cable and hold volume up. Or remove usb and hold power+vol up.
Check that you are still decrypted.
Replace Fstab again with the 'fileencryption' flag removed one.
Now you can boot to system.
Edit: I managed to get TWRP source working, will test the decrypt fix soon.
---------- Post added at 08:44 PM ---------- Previous post was at 08:01 PM ----------
Pretoriano80 said:
I managed to build an Ubuntu based development environment, but using minimal manifest (8.1 branch) to build TWRP throws errors (i don't know if you have the same errors).
Here's the error log - > https://pastebin.com/C6jVg2eY
Click to expand...
Click to collapse
You need the full Omni source. Takes a while to sync
It's missing stuff from minimal that's needed.
After it's done syncing, you need to git clone https://github.com/omnirom/android_bootable_recovery to TWRPfolder/bootable/ and replace the recovery folder.
Same with https://github.com/omnirom/android_external_busybox/ to TWRPfolder/external/busybox (folder doesn't exist).
I'm not sure why it does this, the source looks fine when viewed in browser, but it doesn't sync everything...
ante0 said:
Well, it has to apply the update in stock recovery. It can't do it in TWRP.
Basically you:
Format Data in TWRP and replace fstab with one that has fileencryption flag removed.
Boot to system once and then back to TWRP, check that you are decrypted (file manager in TWRP to Internal SD or browse child folders in /data).
Run HWOTA8 and let it update through stock recovery.
When it's done updating and about to reboot back to system, hold vol down so it goes to fastboot mode.
Now flash TWRP and issue 'fastboot reboot', quickly remove usb cable and hold volume up. Or remove usb and hold power+vol up.
Check that you are still decrypted.
Replace Fstab again with the 'fileencryption' flag removed one.
Now you can boot to system.
Edit: I managed to get TWRP source working, will test the decrypt fix soon.
Click to expand...
Click to collapse
When I format data in twrp, replace fstab and boot to system once and then back to twrp to check encryption state in twrp filemanager, will /data not be empty then, so there's noting to check? Or am I missing something here?
lvbaal said:
When I format data in twrp, replace fstab and boot to system once and then back to twrp to check encryption state in twrp filemanager, will /data not be empty then, so there's noting to check? Or am I missing something here?
Click to expand...
Click to collapse
/data will not be empty. Unless you completely wipe it. But I think phone refuses to boot if you Wipe instead of Format Data
ante0 said:
/data will not be empty. Unless you completely wipe it. But I think phone refuses to boot if you Wipe instead of Format Data
Click to expand...
Click to collapse
I took my chances and did as proposed: only booting to system will not happen: it tries 2 times and the third time Huawei eRecovery comes up ¨Data partition was damaged seriously and you are recommended to format it to recover your phone¨ . It recommends Low level format data partition or shutdown. I chose Shutdown and booted to twrp once more to check /data. There's only lost+found and media/0 both empty. So /data turns out to be empty nevertheless. I did not completely wipe it; I did TWRP>Wipe>Format Data and typed ¨yes¨ to continue. Is this not what you meant by Format data in TWRP then?
lvbaal said:
I took my chances and did as proposed: only booting to system will not happen: it tries 2 times and the third time Huawei eRecovery comes up ¨Data partition was damaged seriously and you are recommended to format it to recover your phone¨ . It recommends Low level format data partition or shutdown. I chose Shutdown and booted to twrp once more to check /data. There's only lost+found and media/0 both empty. So /data turns out to be empty nevertheless. I did not completely wipe it; I did TWRP>Wipe>Format Data and typed ¨yes¨ to continue. Is this not what you meant by Format data in TWRP then?
Click to expand...
Click to collapse
Yes. That's where you Format Data.
Hmm.
Unless this twrp actually wipes rather than format.
Did you do update too now or just remove the flag in fstab and Format Data?
To get to Low level format, flash stock recovery OR the nocheck recovery from HWOTA8.
Hi, so I just got this phone and I see there's not much on the postings like with links to a working TWRP, in particular. So I did some digging around and experented, and found this TWRP. It's from the Moto G9 Play (guamp). But it works, at least just booting it. I have not tried flashing it to the boot partition but it serves it's function when just booted (see command below) . Most important on the get go is a Android backup.
fastboot boot recovery.img
After booting, go to "Mount" and mount all the partitions listed there. Then backtrack to "Backup" and select where you want the backup to go. Then continue with backing it up. You don't have to back up both the 'Super' and the 'Super image' partitions, just choose one of those. Then once that finishes, it's a matter of bravery on your part. There was a 'vbmeta.img' you could flash then a Magisk_21.zip but I'm not sure if the Play G9 vbmeta would work. Anyhow, attached it the TWRP and then the link to it's source with the other files mentioned above. Let us know how it works or helps anyone. Oh, and it will ask for your internal PIN or password first to decrypt that partition. I think it's best to delete your finger prints and change the lock to NONE. Then boot it and backup everything. Remember to Mount everything first!
Link
Lastly, my recovery log shows this works on our Moto G Play 2021 (guamna)
It does work 100% I have tested every feature out and it all works do not install it only boot it I have tried to mod the recovery 3 times now to install it but Everytime I do it bootloops my phone and I have to reflash all the imgs to the device
You can boot it with terminal emulator by running the below steps
Step 1 (backup stock_boot.img so we can get back in to android)
dd if=/dev/block/by-name/boot_a of=/sdcard/stock_recovery_backup.img
Step 2 (dd recovery.img to boot_a)
dd if=(path to stock_recovery.img) of=/dev/block/by-name/boot_a
Step 3( from twrp terminal replace recovery very.img with stock_boot_a in twrp mount all that can be mounted)
dd if=/sdcard/stock_boot_a of=/dev/block/by-name/boot_a
Thank you for that info. I actually was not aware it could be done. For me, personally, this twrp serves best as being able to do a complete backup as well as I realized it does flash Magisk for root successfully as well. Until we get an official twrp, this seems sufficient enough for the most necessary functions.
It works 100% so there is no need for a official twrp this will work just need the device trees to add to it so it can be installed to recovery and stay after a reboot
Hey guys I built a TWRP from this one and the stock recovery you can flash it to the recovery partition it's 100% working.. I had a little problem with the touch but I fixed the kernel... I posted it in the development section
Hey Guys,
Since it doesnt seem like anybody else is-- im trying to port TWRP to the Duo.
Problem im running into is after extracting all the partitions i dont get a "Recovery.img" partition but i get a Boot_A and Boot_B partitions.
After extracting the Boot_A partition to check for recovery.img (or something relative) theres a recovery.fstab in there.
Does anyone know how I can get the recovery.img partition? or what I might be able to do with Boot_A/B?
none24 said:
Hey Guys,
Since it doesnt seem like anybody else is-- im trying to port TWRP to the Duo.
Problem im running into is after extracting all the partitions i dont get a "Recovery.img" partition but i get a Boot_A and Boot_B partitions.
After extracting the Boot_A partition to check for recovery.img (or something relative) theres a recovery.fstab in there.
Does anyone know how I can get the recovery.img partition? or what I might be able to do with Boot_A/B?
Click to expand...
Click to collapse
Pretty sure that modern A/B devices usually don’t come with a separate recovery partition. In my experience it’s a part of the boot image.
filfat said:
Pretty sure that modern A/B devices usually don’t come with a separate recovery partition. In my experience it’s a part of the boot image.
Click to expand...
Click to collapse
Correct.
Would u know what I could do as next steps given that I only have the a/b partition? I'm not sure where to transfer the files to. Or if there's a twrp porting guide that details A/B partitions
none24 said:
Correct.
Would u know what I could do as next steps given that I only have the a/b partition? I'm not sure where to transfer the files to. Or if there's a twrp porting guide that details A/B partitions
Click to expand...
Click to collapse
Im not 100% about this, but i think TWRP is dead as of the newer hardware specification in android, as it stands. You would have to package a boot image with the recovery programming, making it difficult to match up with existing setups. You would have to package for every kernel available, and hope your users dont pick the wrong one when they go to install, or else they will be stuck in a bootloop, with no way to force into recovery, because there is no recovery. I have been working on TWRP for the Unihertz Titan and have increasingly found information that TWRP if still active, is in its final days. I just bought a Duo, so there is a lot i dont know yet, but on the unihertz devices, there are tools to force your phone into preloader mode that all mediatek devices have, to flash your roms back to stock state. Even in a 100% not bootable state, you can save your device. Super slick. But if you nuke both your boot partitions by accident, there is effectively no way to recover to my knowledge, on the Duo. These tools are Very handy for developers. I am unaware of any tool that exists for the Duo that will do the same, not to say one can't or hasn't been written yet. But without someone with deep (im talking super deep) android experience, a Duo to spare, and the time and effort needed for the project, it might be safe to assume that most custom software will not arrive on the Duo, even with its ease of rooting and unlocking. I will be taking a close look at the kernel and everything else i can find to determine what will be possible for the Duo in the coming months.
Upon further research, there is a bootloader mode that does not seem to be based on boot/recovery partition. In powered off state, hold volume down and plug in to a computer. This will allow you to get into fastboot and flash anything you'd like.
Hi everyone. I recently bought an Alcatel 1t 7 (8067) tablet, 1Gb ram, 16Gb rom, just wifi (no 4G), mt6580 processor, android oreo go edition; a very simple and cheap tablet, but it seemed me a very nice one, because is slim and lightweight; worhty of root access, but also a custom recovery. I prefer TWRP recovery because it's more organized... ¡Anyway!... So I got down to work, but at first, as I didn't know how to backup all firmware, and when I learned how to do it and did it (esentially I could "tame" sp flash tools, hehe), I had already lost my original recovery file. Is needless to say that TWRP recovery, as far as I know, isn't available for this model, so I needed to port it, but as at first, I didn't know how to back it up, I overwritten it with other recoveries that didn't work. I mean, at this time, the tablet is working but is without recovery tool. I'm not going to talk about root access, because I already could get it, by using magisk manager, but I need my recovery image file, back; both to reinstall it and port it to TWRP.
So finally, if anyone has this stock recovery file, the full stock rom for it, or even better the ported TWRP for this tablet, please share it to me.
Thanks in advance for your attention.
just boot into android, stock recovery will be repaired from /system/recovery-from-boot.p automatically
aIecxs said:
just boot into android, stock recovery will be repaired from /system/recovery-from-boot.p automatically
Click to expand...
Click to collapse
Thank you for reply. Ok, I booted android. I have enabled usb debugging so, when android booted, I connected it to adb, and opened "adb reboot recovery" command, to be sure that android would reboot into that mode; but it didn't, it just rebooted several times on boot screen, and when it "got tired" of rebooting, it booted into android. Didn't boot into recovery, so I guess, It didn't repair it.
PS: I was looking for that file "recovery-from-boot.p" on that path, and there isn't such file, i can't find it.
on older devices it is /system/etc/install-recovery.sh or something, it's maybe disabled if your device isn't completely stock anymore?
you can port TWRP with kernel from boot. you can use this TWRP as base
aIecxs said:
on older devices it is /system/etc/install-recovery.sh or something, it's maybe disabled if your device isn't completely stock anymore?
Click to expand...
Click to collapse
¿Must that file have the same size that the original recovery image? Because the only file named recovery that i can find on that path is named "recovery-resource.dat" and its size is 807kb, and as I have seen before, is that recovery images have several Mb of size.
aIecxs said:
you can port TWRP with kernel from boot. you can use this TWRP as base
Click to expand...
Click to collapse
Two questions about it; as far as I can remember twrp image must be compatible not only for the same chipset, but the same screen resolution ¿Am I right? Also, this tablet is 600x1024 px, or 1024x 600 on landscape mode. All TWRP that I have installed on former machines, worked on portrait mode, so I wonder miself ¿Could TWRP also work on landscape mode?
/system/etc/recovery-resource.dat "generates a binary patch that creates the recovery image starting with the boot image. (Most of the space in these images is just the kernel, which is identical for the two," so the resulting patch is a executable file with smaller file size than the actual recovery.) It's just few lines of code.
https://android.googlesource.com/platform/build/+/b32161a^!/
TWRP is available in landscape mode. you can read more about here
[GUIDE]Porting TWRP without source
I don't think touchscreen will work at all, so resolution doesn't matter. you can use TWRP from cmd line
https://twrp.me/faq/openrecoveryscript.html
aIecxs said:
/system/etc/recovery-resource.dat "generates a binary patch that creates the recovery image starting with the boot image. (Most of the space in these images is just the kernel, which is identical for the two," so the resulting patch is a executable file with smaller file size than the actual recovery.) It's just few lines of code.
https://android.googlesource.com/platform/build/+/b32161a^!/
Click to expand...
Click to collapse
Ok... I can find that file on my tablet, but I'm not so skilled android user, as for rebuild recovery from that file or even port TRWP from that file, so ¿Is there an easy way to do it ( or at least, comprehensible for middle skilled android users) ? ¿How? (and supposedly this machine is easy to port and root, they say on internet. I also have a huawei y7 2018 for rooting, that seems harder to root. But that's a another (my next) struggle in here, hehe)
aIecxs said:
TWRP is available in landscape mode. you can read more about here
[GUIDE]Porting TWRP without source
Click to expand...
Click to collapse
Another question. ¿Are those programs who claim to help to port TWRP with just some clicks, reliable? (for instance TWRP porter for mediatek)
aIecxs said:
I don't think touchscreen will work at all, so resolution doesn't matter. you can use TWRP from cmd line
https://twrp.me/faq/openrecoveryscript.html
Click to expand...
Click to collapse
All the TWRP recoveries that i have ported before, have had a working touchscreen, but as I understand, resolution requirement is not only for touch calibration, but for correct displaying of TWRP GUI (that all buttons and options fit on the screen), Now I've read that new versions of TWRP adjust automatically to any screen resolution, ¿Is that right?
dump boot.img off device. you can use SP Flash Tool read back. download base TWRP and unpack with AIK. replace kernel and see what happens. if TWRP booted with black screen try to enter adb shell. get partition list from adb shell. create proper twrp.fstab and flash again. you should have functional TWRP now even without working GUI.
if touchscreen is disabled it might possible to hexpatch kernel with ghidra like I did for mine.
HCU-client needs 4 credits for Huawei.
I may reply in new thread.
aIecxs said:
dump boot.img off device. you can use SP Flash Tool read back. download base TWRP and unpack with AIK. replace kernel and see what happens. if TWRP booted with black screen try to enter adb shell. get partition list from adb shell. create proper twrp.fstab and flash again. you should have functional TWRP now even without working GUI.
if touchscreen is disabled it might possible to hexpatch kernel with ghidra like I did for mine.
Click to expand...
Click to collapse
¡No, man! If TWRP porting is kinda hard having the stock recovery image, without it, is a brain smashing task (or at least for me). I mean, I really don't understand well, how to port twrp starting only with boot.img, I mean, without recovery img. I've saw tutorials about the use of carliv kitchen (windows version), and seems easy, but all tutorials are made with stock recovery.img available, not with boot.img. So, what can I do there?
as I said. replace kernel with that from boot.img and see what happens? the generic base TWRP actually is recovery.img already, so you might lucky and it works? trial + error...
aIecxs said:
as I said. replace kernel with that from boot.img and see what happens? the generic base TWRP actually is recovery.img already, so you might lucky and it works? trial + error...
Click to expand...
Click to collapse
I saw a tutorial about. It said that I must to unpack stock recovery and twrp recovery, and replace some files of unpacked twrp recovery, with respective unpacked stock recovery files, and edit some files on twrp unpacked folder, and finally repack it.
Until that point, I assume that it should work, I mean, having stock recovery. But I did that, but using boot.img, I renamed all boot resources, to recovery, for instance, boot.imgkernel to recovery.imgkernel; and replaced it, repacked it, and reflashed it, but nothing happened, I mean, it didn`t want to boot into recovery. It`s interesting to "experiment", but I`m gonna try to find its original stock recovery, to at least get it back.
Hello!
I would like some help, alcatel 1T7" 8086 no4g I likely bricked it. There's nothing else than a black screen. The tablet doesn't react to anything. The computer finds it as unknown USB tool. No visibilty is shown. What can i do with it,for it to work? Or should i just put it in the trash?
Thank you for the reply.
Looking out for help
I need to edit the boot.img but my problem is that every time i unpack the img and repack it the phone doesnt boot anymore (even w/o modifyng the boot.img only unpacking and repacking) it enters into a bootloop
is this bcs the boot.img are signed ? or that theyre in a different fromat like ext4?
Im flashing the boot.img with SPFlash tools
I got the Custom Rom and the boot.img from this thread https://forum.xda-developers.com/t/...om-firmware-root-playstore-certified.4405615/
Some boot images are AVB0 signed. Hard to tell if that's even checked.
You've got to tell us how new/old, how fancy your boot image is.
My best advice (as always) is don't take apart a boot image if you don't need to.
You can always use my ImgUtil.
At the very least you can use it to see what you're dealing with.
Code:
C:\>imgutil.exe /v /l myboot.img
Renate said:
Some boot images are AVB0 signed. Hard to tell if that's even checked.
You've got to tell us how new/old, how fancy your boot image is.
My best advice (as always) is don't take apart a boot image if you don't need to.
You can always use my ImgUtil.
At the very least you can use it to see what you're dealing with.
Code:
C:\>imgutil.exe /v /l myboot.img
Click to expand...
Click to collapse
Thanks for your fast reply. is it possible to repack with the imgUtil tool?
what im trying to achieve is to block the access to the recovery menu on the phone
Just do the imgutil command above. It won't affect anything but it will tell us what we're dealing with.
I don't know why/what you want to do to recovery.
@Renate Oh my goodness, thank you! This is precisely where I left off last night I finally learned how to unpack the boot image (using linux wahh) and now you share such a cool tool! GOSH AND ITS WINDOWS TOO. Thank you! There's literally so much junk tools out there it held me up a year x.x Miss Renate do you have tools for the system images too? TBH I just used superrs kitchen to unpack my stock image, but i'm not sure the tool will work for repacks bc I tried in the past and kept getting boot loop but i suspect that's something to do with whatever is stored in the kernel and ram disk? Sorry last question, have you wrote up something somewhere that I could read about what to do with the ramdisk or kernel?? Thank you for always being on here
Renate said:
Just do the imgutil command above. It won't affect anything but it will tell us what we're dealing with.
I don't know why/what you want to do to recovery.
Click to expand...
Click to collapse
I did imgutil /i and worked !!! thanks a lot this is a great tool
how can I modify the recovery menu this is the file I get (attached) I tried with Hex and notepad++ but couldnt find the entries of the menu
What Im looking here is to remove the option to wipe and format the phone from the recovery menu
Or maybe I should modify the init.rc ? to create a reboot command when entering recovery
but how can I send this command ?
this is my init.rc
There are 5 versioned types of Android images plus the latest unversioned type.
The kernel could be compressed with gzip or lzma with/without a stub or uncompressed.
It could have the dtb appended to the kernel or in its own section or not present
It could have AVB0 signing or not.
Your image could be padded or even truncated.
I still don't know what device or what type of image we're talking about here.
Please quote at least the lines out of imgutil.exe myimage.img /v
Yes, the whole point of imgutil.exe is that you don't have to explode everything and park it in Windows directories and then try to put it all back.
I'm still unclear what the point of this whole project is.
Is it to prevent yourself from accidentally wiping your device in recovery by hitting the wrong key?
Or is it to prevent some evil person from wiping your device?
Me, I don't mess around with the recovery menu.
I make sure that I have rooted ADB available in recovery and just disable the whole recovery executable/menu.
Anything that I want to do I can do over ADB in recovery.
Renate said:
There are 5 versioned types of Android images plus the latest unversioned type.
The kernel could be compressed with gzip or lzma with/without a stub or uncompressed.
It could have the dtb appended to the kernel or in its own section or not present
It could have AVB0 signing or not.
Your image could be padded or even truncated.
I still don't know what device or what type of image we're talking about here.
Please quote at least the lines out of imgutil.exe myimage.img /v
Yes, the whole point of imgutil.exe is that you don't have to explode everything and park it in Windows directories and then try to put it all back.
I'm still unclear what the point of this whole project is.
Is it to prevent yourself from accidentally wiping your device in recovery by hitting the wrong key?
Or is it to prevent some evil person from wiping your device?
Me, I don't mess around with the recovery menu.
I make sure that I have rooted ADB available in recovery and just disable the whole recovery executable/menu.
Anything that I want to do I can do over ADB in recovery.
Click to expand...
Click to collapse
The point of this project is to prevents employees of a company to wipe their phones.. this phones are locked to some spcecific apps and nothing else, the company doesnt want their employees to have another apps on the phone.
How is it possible to disable the recovery from ADB?
I tried removing the recovery file but when accesing the recovery via adb reboot recovery the phones gets stucked at the boot logo and needs flashing back the boot.img to turn back on the system.
That is why I wanted to insert a reboot command in the init.rc from the ramdisk.
Please tell me what do you think is the best option and how can I achieve this.
The phone Im dealing with its a Xiaomi Qin F21 Pro
Thanks
Well, security is not my field of expertise (or passion), but:
Make sure ADB works in recovery
Set ro.adb.secure=1 to enforce ADB authentication
Generate some ADB keys and make sure that you have a safe copy
Put the public key in /adb_keys
Make sure that it all works
In init.rc under the recovery service add "disabled"
Now you've got a recovery that shows as a blank screen. ADB is present but will only work on your authorized keys. If you have a need for the recovery menu just type start recovery in ADB.
Now, there may be a problem that people can get to recovery but it keeps on going back to recovery. That may depend on who/what is supposed to wipe the BCB or /misc. When testing you can start recovery and exit that way. You may need to have a script or something wipe the BCB or /misc.
While ro.adb.secure=1 is no security in the regular system, in recovery it should be a guarantee as there is no confirm dialog possible. But check.
Renate said:
There are 5 versioned types of Android images plus the latest unversioned type.
The kernel could be compressed with gzip or lzma with/without a stub or uncompressed.
It could have the dtb appended to the kernel or in its own section or not present
It could have AVB0 signing or not.
Your image could be padded or even truncated.
I still don't know what device or what type of image we're talking about here.
Please quote at least the lines out of imgutil.exe myimage.img /v
Yes, the whole point of imgutil.exe is that you don't have to explode everything and park it in Windows directories and then try to put it all back.
I'm still unclear what the point of this whole project is.
Is it to prevent yourself from accidentally wiping your device in recovery by hitting the wrong key?
Or is it to prevent some evil person from wiping your device?
Me, I don't mess around with the recovery menu.
I make sure that I have rooted ADB available in recovery and just disable the whole recovery executable/menu.
Anything that I want to do I can do over ADB in recovery.
Click to expand...
Click to collapse
This is what I get:
imgutil.exe boot.img /v
Header2: 1,660 (0000067c)
Kernel: 11,291,051 (00ac49ab) 00000800
Ramdisk: 7,875,739 (00782c9b) 00ac5800 2022-11-09 17:08
DTB: 98,837 (00018215) 01248800
Signature: 1,600 (00000640) 01261000
Command: bootopt=64S3,32N2,64N2 buildvariant=user
Renate said:
Well, security is not my field of expertise (or passion), but:
Make sure ADB works in recovery
Set ro.adb.secure=1 to enforce ADB authentication
Generate some ADB keys and make sure that you have a safe copy
Put the public key in /adb_keys
Make sure that it all works
In init.rc under the recovery service add "disabled"
Now you've got a recovery that shows as a blank screen. ADB is present but will only work on your authorized keys. If you have a need for the recovery menu just type start recovery in ADB.
Now, there may be a problem that people can get to recovery but it keeps on going back to recovery. That may depend on who/what is supposed to wipe the BCB or /misc. When testing you can start recovery and exit that way. You may need to have a script or something wipe the BCB or /misc.
While ro.adb.secure=1 is no security in the regular system, in recovery it should be a guarantee as there is no confirm dialog possible. But check.
Click to expand...
Click to collapse
When I add disabled in the init.rc under recovery If the phone gets into recovery with adb it gets stucked a the boot logo.
Also I had some trouble creating the keys
Anyway I would like to say Thank you for all of your help
isach59 said:
When I add disabled in the init.rc under recovery If the phone gets into recovery with adb it gets stucked a the boot logo.
Click to expand...
Click to collapse
If you disable recovery the screen when it boots will be whatever. The important thing is if you have ADB running correctly. Moreover, if you get lonesome you only need to start recovery
isach59 said:
Also I had some trouble creating the keys
Click to expand...
Click to collapse
Recovery has a ramdisk. You need to add the adb_keys to that. If you're having trouble don't set ro.android.secure until you resolve it.
isach59 said:
Looking out for help
I need to edit the boot.img but my problem is that every time i unpack the img and repack it the phone doesnt boot anymore (even w/o modifyng the boot.img only unpacking and repacking) it enters into a bootloop
is this bcs the boot.img are signed ? or that theyre in a different fromat like ext4?
Im flashing the boot.img with SPFlash tools
I got the Custom Rom and the boot.img from this thread https://forum.xda-developers.com/t/...om-firmware-root-playstore-certified.4405615/
Click to expand...
Click to collapse
Hello and good morning, @isach59
Welcome to XDA. I hope you'll always get the support you require.
However, prior to your next posting please read the guidances that are stuck on top of every forum like
[ATTN] : Read before posting - Any questions posted here will be MOVED or CLOSED
Please read the below before posting. Any questions not development related will be moved or closed. Forum Searching | Posting | The Basics: (Make sure you've read them before starting a new thread) Forum Rules Forum Search Google Forum...
forum.xda-developers.com
and the others. I've moved your thread to Android Q&A.
Thanks for your cooperation!
Regards
Oswald Boelcke
Senior Moderator