Related
# I assume you are confident with ADB and Fastboot commands and you know what you are doing. #
# If you don't, search on Google before messing with your device. #
# I am not responsible for...you know what I mean. On the other hand, please feel free to point out any error in this guide. #
# Lots of useful information can be found on Telegram Group for Mi 9 SE #
# If you already unlocked your bootloader and flashed TWRP, go directly to part 2 of this guide #
PART 1 - UNLOCK DEVICE AND FLASH TWRP
# Before starting, be sure that you can unlock your bootloader and you have these files: #
- Mi Unlock tool (http://en.miui.com/unlock/)
- Minimal ADB & Fastboot 1.4.3 (https://forum.xda-developers.com/showthread.php?t=2317790)
- TWRP recovery for your device (please check the development section).
Install ADB and Fastboot drivers on your PC, if you don't have them already.
- enable developer options on device, allow OEM unlock and ADB debug.
- install Minimal ADB & Fastboot tool and run a command window. PLEASE DON'T USE WINDOWS 10 POWER SHELL. Double click on "cmdhere.dll" in root folder instead.
- move twrp image in the same folder where Minimal ADB & Fastboot is installed.
- for your convenience, rename twrp file as "twrp" only.
- connect your device to your PC USB port, pair it with PC then reboot it to bootloader (power + volume down combo).
Unlock bootloader using Mi Unlock tool (full unlocking guide at https://c.mi.com/thread-1635834-1-1.html)
Unlocking bootloader will erase all of your data, including storage.
Once you unlocked:
- reboot and setup device
- enable developer options again
- double check bootloader status and allow ADB debug
- connect to USB port and pair device with PC for ADB debug bridge then type in command window:
Code:
adb devices
Code:
adb reboot bootloader
once in bootloader screen code:
Code:
fastboot devices
Code:
fastboot flash recovery twrp.img
- don't give fastboot command "fastboot boot recovery twrp" or "fastboot reboot recovery twrp". Just press and hold power+volume up for about 10 seconds to reboot to recovery.
- swipe to allow twrp modifications.
- I would suggest to NOT format data to get rid of encryption unless you actually need it. Encryption does not slow down your device or harm your battery life.
- I would also suggest to NOT wipe system and reboot to recovery because it could lead to a fastboot bootloop.
PART 2 - HOW TO FLASH A GSI ROM
# IMPORTANT #
When flashing a GSI ROM, it is recommended to use a Stable firmware as base.
If device is running different builds, flash latest Global or China Stable before starting using MiFlash tool.
Beware that device could have the anti-rollback enabled, so be careful when flashing another firmware.
Mi 9 SE is a system-as-root device, so you must flash A/B type GSI ROMs.
You will need these files:
- GSI A/B ROM (FlokoROM at https://treble.andro.plus/ or choose one at https://forum.xda-developers.com/project-treble/trebleenabled-device-development)
- vbmeta.img (https://androidfilehost.com/?fid=818070582850505317)
- gapps for Google services (https://opengapps.org/) - select ARM64 - 9.0 - I would suggest nano or pico package.
- magisk for root and modules (https://forum.xda-developers.com/apps/magisk/official-magisk-v7-universal-systemless-t3473445)
- MiFlash flashable STABLE stock firmware (http://en.miui.com/download or https://mirom.ezbox.idv.tw/en/phone/grus/)
- MiFlash tool (https://www.xiaomiflash.com/)
If you are already running a Stable firmware start from here, if you don't, flash a Stable firmware.
- move GSI and vbmeta images in the same folder where Minimal ADB & Fastboot is installed.
- for your convenience, rename GSI file as "system" only.
- reboot device to bootloader, ensure you are connected with your PC properly
- to double check it, run a command window and type:
Code:
fastboot devices
once you get the device recognized type:
Code:
fastboot --disable-verity --disable-verification flash vbmeta vbmeta.img
this command will disable dm-verity and AVB on device. PLEASE DON'T USE WINDOWS 10 POWER SHELL to disable vbmeta or you will get an error feedback. Double click on "cmdhere.dll" in root folder instead.
then:
Code:
fastboot flash system system.img
this command will flash system.img
Code:
fastboot -w
this command will wipe data on device
Reboot your device in recovery using button combo and resize system partition to install Gapps.
From TWRP Wipe menu > advanced wipe > system > repair or change file system > resize system > swipe to resize
- move magisk and gapps from PC to device
- go to mount menu and tick mount system
- go back to install menu and flash gapps
- once you flashed gapps unmount system
- go to install and flash magisk
- go to wipe menu and swipe for factory reset
- reboot
once rebooted, complete the device setup.
be aware that some GSI could bootloop or not boot at all even if you followed the guide properly.
in case rely on GSI devs for assistance or fixes.
Of course you can flash a GSI ROM using TWRP.
The only fastboot command you need to perform is to disable dm-verity and AVB.
If you already disabled it while flashing TWRP for the first time, you can follow these steps to flash a GSI using TWRP:
- Tap on advanced Wipe menu and wipe cache, dalvik, data and system
- Tap on Install > Install Image > select image and flash it to system
- Install Gapps with the same process shown above.
- Swipe for factory reset and reboot.
-----------------------------------------------------------------------------------------------------------------------------------------------
If updating GSIs builds from the same branch (e.g. Floko 060219 to Floko 060919) you are not required to wipe data. You can update flashing system.img on TWRP and Gapps time by time.
If you are moving from unofficial builds to official, or if you are moving between branches (e.g. Floko to Havoc), you need to wipe data as well.
@pengus77 provided for a very useful Magisk Module that will fix adaptive brightness, battery stats and in-call BT. You will find it here: https://forum.xda-developers.com/showpost.php?p=79762257&postcount=242
If you flashed a GSI ROM, you are basically using a system.img flashed on top of your stock firmware so, unless you performed modifications to vendor or boot partition, you can revert to stock using fastboot or TWRP.
You need to extract system.img (and boot and vendor, if needed) from the stock firmware.
You will need the vbmeta file as well to re-enable AVB and dm-verity otherwise the device will reboot in fastboot mode only.
Beware: you must flash EXACTLY the same system.img of the firmware you were running before flashing a GSI
Once you have both files, you can follow these steps to go back to stock using fastboot:
- place the files on Minimal ADB & Fastboot root folder
- reboot bootloader
- start a command window from Minimal ADB and type: fastboot devices
once your device has been recognized type the following commands:
- fastboot -w
- fastboot flash system system.img
- (optional) fastboot flash vendor vendor.img
- (optional) fastboot flash boot boot.img
- fastboot flash vbmeta vbmeta.img
- fastboot reboot
You can also revert to stock using TWRP, by the way you will still need fastboot to flash vbmeta partition.
These are the steps to follow if you are using TWRP:
- place system.img on your device and vbmeta.img in Minimal ADB & Fastboot root folder.
- reboot to twrp and wipe dalvik, cache and data
- flash system.img to system partition
- (optional) flash vendor.img to vendor partition
- (optional) flash boot.img to boot partition
- reboot to bootloader
Start a command window in Minimal ADB & Fastboot, then type:
- fastboot devices
- fastboot flash vbmeta vbmeta.img
- fastboot reboot
Thansk for your work.
Does TWRP backup work?For getting back to stock?
Moh3n.B said:
Thansk for your work.
Does TWRP backup work?For getting back to stock?
Click to expand...
Click to collapse
I hope it is helpful
Backup worked for me on the TWRP I mentioned above.
If you want revert to stock you can flash again stock firmware using MiTool (fastboot ROM) or twrp (Recovery ROM).
Good thread! Might be confusing if there's no guide to install TWRP and GSI ?
Great guide. It will help a lot of people to flash and test roms. And us by extension to find the best rom for our device !
Today I had some time and I tried to install the latest Havoc Gsi, unfortunately the result was negative, I ran the guide both from xda and from here, my basic rom was 10.2.3.0, arrived at the command fastboot -w performs the various wipes, but then it does not allow me to go into recovery, it always and only goes in fastboot, and the only way to make the smartphone work is to use miflash and put the official version back.
scorpionredblack said:
Today I had some time and I tried to install the latest Havoc Gsi, unfortunately the result was negative, I ran the guide both from xda and from here, my basic rom was 10.2.3.0, arrived at the command fastboot -w performs the various wipes, but then it does not allow me to go into recovery, it always and only goes in fastboot, and the only way to make the smartphone work is to use miflash and put the official version back.
Click to expand...
Click to collapse
Try to flash vbmeta.
For me is not necesary.
Try like this from twrp:
- Wipe cache, dalvik cache, system, data
- Flash latest weekly eu firmware as base xiaomi.eu_multi_MI9SE_9.6.5_v10-9.zip
- Than flash havoc as system
Optional: flash magisk and custom kernel
Just stuck on bootloader unlocking.
Got this error "current account is not bound to this device"
I added device from mi unlock status too.
Moh3n.B said:
Just stuck on bootloader unlocking.
Click to expand...
Click to collapse
Search on Google. It looks like to be a common issue. If needed, follow the unlocking guide I linked on OP.
successfully flash Foloko ROM to Mi9 se, run very well!
just a small queastion, is DT2W is not working in all GSI rom?
Anyone try it yet?
Is there way to enable DC dimming (anti-pwm)?
I am using Havoc OS and my eyes are hurting..
sky104hk said:
successfully flash Foloko ROM to Mi9 se, run very well!
just a small queastion, is DT2W is not working in all GSI rom?
Anyone try it yet?
Click to expand...
Click to collapse
For now all gsi have same problem.
how to flash gapps ... i got error 70
raber111 said:
how to flash gapps ... i got error 70
Click to expand...
Click to collapse
Read carefully post n.2
Before I flash this, I world like to know from those already using this rom: How is the camera quality and finger print unlock response /speed?
I'm pissed at the frequent snow down of the miui system because I run vpn all day on my phone.
Sent from my Mi 9 SE using Tapatalk
krispuniq said:
Before I flash this...
Click to expand...
Click to collapse
Generally speaking, all the GSIs ROMs are based on Phhusson AOSP GSI ROM, so they have more or less the same performance and bugs.
At he moment FOD is not working well. You cannot unblock the device while on screen off or while on AOD.
For camera, you can install BSG Google Camera mod, that is working quite good.
Has any one been able to successfully install a treble compatible rom?
I tried pushing the system image but having issues with the commands with adb. The newer ab slot confuses me a bit.
Would be interesting to see how the phone works.
Any help would be appreciated.
Have you had any success yet?
I've tried with no success.
I've flashed google's android 11 gsi, and https://github.com/phhusson/treble_experimentations/releases/ v300 system via fastbootd, but cannot get them to boot past the android loading screen.
I think the issue is that for some reason on the Duo, vbmeta cannot be flashed from fastboot or fastbootd, so you cannot disable AVB, which then won't allow any GSI to boot.
simondyno said:
I've tried with no success.
I've flashed google's android 11 gsi, and https://github.com/phhusson/treble_experimentations/releases/ v300 system via fastbootd, but cannot get them to boot past the android loading screen.
I think the issue is that for some reason on the Duo, vbmeta cannot be flashed from fastboot or fastbootd, so you cannot disable AVB, which then won't allow any GSI to boot.
Click to expand...
Click to collapse
If there is no vbmeta, then it probably needs to be included in the boot image. There is a python script available for AOSP to append the vbmeta or an empty vbmeta to a boot image. I believe it is called avbtool.py
Hi all
i want to install TWRP on my Doogee N20PRO . i cannot find a TWRP File on the internet to install. I could find some for the N20 but not for the N20PRO. it´s an Helios P60 Processor with an MTK6771. I tried to install the HAVOC 3.7 but i get the Message "writing 1/15 failed (remote: this partition doesn´t exist)
beinfo said:
Hi all
i want to install TWRP on my Doogee N20PRO . i cannot find a TWRP File on the internet to install. I could find some for the N20 but not for the N20PRO. it´s an Helios P60 Processor with an MTK6771. I tried to install the HAVOC 3.7 but i get the Message "writing 1/15 failed (remote: this partition doesn´t exist)
Click to expand...
Click to collapse
This is simple about TWRP: Your phone have МТК Helio Р60 MT6771V/CA WITH Android 10.0 and it's a NEW phone now. So no developments yet.
For install GSI ROMs your need unlock bootloader and after follow the correct instructions to new phones shipped with A10!
If you only want install GSI so I suggest:
1- Have stock ROM first, always!!;
2- With security 1- you should unlock bootloader;
3- You can install GSI with stock recovery without problems.
The only part is: you cannot backup userdata.....
DragonPitbull said:
This is simple about TWRP: Your phone have МТК Helio Р60 MT6771V/CA WITH Android 10.0 and it's a NEW phone now. So no developments yet.
For install GSI ROMs your need unlock bootloader and after follow the correct instructions to new phones shipped with A10!
If you only want install GSI so I suggest:
1- Have stock ROM first, always!!;
2- With security 1- you should unlock bootloader;
3- You can install GSI with stock recovery without problems.
The only part is: you cannot backup userdata.....
Click to expand...
Click to collapse
Cool This helps already a lot.
i unlocked the Bootloader properly, but then i got a partition error. I assume i´ve an error in the command line. The phone was anyway only an interim solution till my POco F2 was back from repair. now i use it as a playground.
fastboot erase system - there i get a partition error.
erasing the User data was sucessful
but then
fastboot flash system system.img it stops at step 1/15 again for the partition error (partition doesn´t exist) Stock rom is available.
somebody knows the options i´ve to add to the command line?
beinfo said:
The phone was anyway only an interim solution till my POco F2 was back from repair. now i use it as a playground.
fastboot erase system - there i get a partition error.
erasing the User data was sucessful
but then
fastboot flash system system.img it stops at step 1/15 again for the partition error (partition doesn´t exist) Stock rom is available.
somebody knows the options i´ve to add to the command line?
Click to expand...
Click to collapse
Try but REMENBER I am not responsible for any errors. Bootloader should unlocked by adb-fastboot!!
Spoiler: Instructions
1. You need know the difference about fastboot and FASTBOOTD in your device!!
Your device has bootloader mode: recovery - fastboot - reboot (system)
Stock recovery has very options: reboot system - reboot to bootloader - wipe - Enter fastboot - ...
reboot to bootloader => normal fastboot
Enter fastboot => FASTBOOTD
FASTBOOTD => some options
2. Device in fastboot
Code:
fastboot --disable-verification flash vbmeta vbmeta.img
vbmeta file from stock ROM or pulled from device
3.
Code:
fastboot -w
4.
Code:
fastboot reboot fastboot
(you MUST be at the FASTBOOTD menu now. If not, you will not be able to flash the GSI successfully)
5.
Code:
fastboot erase system
or
Code:
fastboot delete-logical-partition system
6.
Code:
fastboot delete-logical-partition product
- deletes the product partition, allowing a larger system partition
I not need resize-logical-partition product. But if you want:
You will need a larger system partition to flash a GSI. There are 2 ways to achieve this
6A. fastboot resize-logical-partition product 509344768
6B. fastboot resize-logical-partition system 3089272064 or 3889272064
resizes product and system partitions. This gives you about 3GB of system partitions. You can adjust or arrive at your own numbers if you want different sizes.
7.
Code:
fastboot --disable-verity --disable-verification flash system GSI.img
8.
Code:
fastboot -w
for confirm great & fast start GSI
9.
Code:
fastboot reboot bootloader
9A.
Code:
fastboot erase userdata
for confirm and boot clean
10. Reboot to system
Code:
fastboot reboot
Enjoy
I also have an N20 Pro which I received Dec 2020. Had some trouble setting it up. I got the OEM ROM from Doogee customer support and was able to extract the boot image and patch it with Magisk. I then burned it with the SP Flash tool. It wouldn't boot until I burned a special vbmeta.img to turn off encryption. Now it's working fine.
Sorry this doesn't help you with TWRP but I think most people looking for TWRP are really looking to root their phone.
beinfo said:
Hi all
i want to install TWRP on my Doogee N20PRO . i cannot find a TWRP File on the internet to install. I could find some for the N20 but not for the N20PRO. it´s an Helios P60 Processor with an MTK6771. I tried to install the HAVOC 3.7 but i get the Message "writing 1/15 failed (remote: this partition doesn´t exist)
Click to expand...
Click to collapse
Okay so what ive seen is that you should avoid flashing custom roms via adb fastboot especially with our doogee phones, and also there are many incompatiable roms so what you will need is to unlock bootloader and do the whole twrp install thing adn also install magisk
before hand install treble info from google playstore and take down the information "arm64 a/b" and search for roms with that information to install custom os/rom/gsi properly. GSI versions are more preferred if your phone supports treblle
if your twrp keeps getting wiped after reboot open file :mount your system and connect to pc via usbcable (mtp if not showing disable mtp and re- enable it )
now got to where build.prop is saved there will be a file called recovery from boot.p , copy the file to pc , open with notepad, remove everything , save and copy back to phone (overwrite)
then go ahead and install magisk
make sure your magisk is working install edxposed, riru core , and busybox ndk get the apps you need for them (edxposed manager...) and then instal and activate a module which you can test if its working(if framework is active in edxposed manager and the module working correctly then you can go ahead and
Install custom os through twrp
follow these instructions ( https://forum.xda-developers.com/t/...lexperience-10-gsi-android-10-stable.4081685/ ) with your custom rom (corvus, havoc, lineage...
(the g-apps didnt flash for me (error code 64) but i just rebooted and everything was working fine (including gapps but camera sucked (doogee's rear camera setup was just terrible))
https://forum.xda-developers.com/t/...lexperience-10-gsi-android-10-stable.4081685/
** i can confirm follow instructions properly and it should work (i used this pixel experience on my doogee n20 make sure you unzip the .xz file and youre flashing a .img file
**also make sure its the gsi file (
Hello everyone !
I am a realme 7 user and I was trying to root my phone. But when i flashed vbmeta using the command "fastboot --disable-verity--disable-verfication flash vbmeta vbmeta.img " but it says unknown action
I have seen many users solving their problem by using the command fastboot flash vbmeta vbmeta.img
Can can I use the same command to root my device ?
Narayanxtry said:
Hello everyone !
I am a realme 7 user and I was trying to root my phone. But when i flashed vbmeta using the command "fastboot --disable-verity--disable-verfication flash vbmeta vbmeta.img " but it says unknown action
I have seen many users solving their problem by using the command fastboot flash vbmeta vbmeta.img
Can can I use the same command to root my device ?
Click to expand...
Click to collapse
I have also the same problem did you solve it bro?
vassiliszacharis said:
I have also the same problem did you solve it bro?
Click to expand...
Click to collapse
You mean at DELVIK etc? I think the first time I did it yes.
Also I was wondering if I am making a mistake, when I tried to install TWRP, I used this command:
fastboot flash boot path to patched boot img
instead of this
fastboot --disable-verity --disable-verification flash vbmeta vbmeta.img
as it was not recognised by ADB...
Rooting the POCO M4 Pro 4G (fleur) turned out to be quite straightforward. Note, I have a 2201117PG (EEA), you may have a different experience, it's not my fault if you brick your phone etc. Backup before you start as this will wipe your phone.
The process can be broken down into 4 steps:
Unlock Bootloader
Source boot.img
Patch boot.img (using Magisk)
Flash patched boot.img (using adb)
1. Unlock BootloaderNote: This step will wipe your phone.
This can be done using the official tool from MIUI, using MediatekBootloaderUnlock (Windows 10/11, which reportedly does not wipe your user data), or using mtkclient (Any OS but requires Python). I will explain the mtkclient option as I'm on Linux and don't trust MIUI with more personal data than I have to.
Step-by-step (adapted from this How to Guide):
Install mtkclient and its dependencies (easier if familiar with installing python packages etc., straightforward for me on Linux)
On your phone activate developer mode and turn on USB debugging and OEM unlocking
Turn off phone and disconnect from computer
In the directory where you installed mtkclient run:
python mtk e metadata,userdata,md_udc
This erases your data
At this point plug your phone in (still turned off)
python mtk da seccfg unlock
This unlocks the bootloader
python mtk reset
This reboots the phone
Disconnect USB cable and reboot phone
When it boots a message is displayed warning that dm-verity is corrupted. Click the power button to dismiss and continue booting.
2. Source boot.img
Find your MIUI version in Settings -> About phone -> MIUI Version and look for the version number (e.g. 13.0.6.0(RKEEUXM))
Visit the MIUI Updates Tracker and download the matching Stable Fastboot update (if you can't find it scroll down to Extracting boot.img from Payload)
Unzip the TGZ and the TAR that it contains then navigate to the images directory and find the boot.img file
3. Patch boot.imgWe need to patch the boot.img to give it root powers. We do this on the phone using Magisk.
Step-by-step (adapted from the Magisk installation instructions):
On your phone, download Magisk and install it
Connect your phone to your computer and put the boot.img you extracted on your phone somewhere
Open Magisk and in "Magisk" section tap "Install"
Choose the "Select and Patch a File" option and select your boot.img in the file browser and let Magisk patch it
Find the patched boot image in Downloads (called magisk_patched_*.img) and copy it to your computer in the same directory as the vbmeta.img we extracted earlier
4. Flash patched boot.imgFinally we need to replace the current boot.img on the phone with our patched one that has root powers. This is called flashing and is done using adb.
Step-by-step:
Install the Android SDK platform tools which contains adb and fastboot
Install a USB driver that supports fastboot mode (you cannot use fastbootd for this or you'll bootloop)
Ensure your phone is connected, USB debugging is enabled and working, and OEM Unlocking is enabled
In the directory you copied the magisk_patched_*.img to run:
adb reboot bootloader
This reboots your phone into fastboot mode. Wait until "FASTBOOT" is displayed on the screen
fastboot flash boot magisk_patched_*.img
This flashes the patched boot.img to give you root
fastboot flash vbmeta --disable-verity --disable-verification vbmeta.img
This flashes the vbmeta.img, disabling the dm-verity corruption message at startup
Once it's done reboot your phone by pressing and holding the power button
That's all there is to it! This took me about an hour as I was working out all the steps as I've not rooted in a phone in nearly a decade - I reckon with a fast internet connection you could get it done in about 15 minutes.
Extract boot.img from PayloadIf you can't find a fastboot image (boot.img) for your version then you might be able to extract it from the full firmware package. This will require the use of a third party tool such as payload-dumper (python) or payload-dumper-go. Note that you may be better off just waiting for the fastboot image to be released to the public.
Tidying upYou can delete all the stuff you downloaded onto your computer and the boot.img and magisk_patched_*.img from your phone.
It's a good idea to disable automatic OTA updates (Settings -> Additional settings -> Developer options -> Automatic sytem updates) so that you can update through Magisk.
Some apps will be able to tell that you have rooted your phone, and may stop you from using them. You can check this by downloading YASNAC onto your phone and seeing if it passes. If not (which it won't) the most straightforward solution is to add the Universal SafetyNet Fix module to Magisk, then enable Zygisk in Magisk settings and restart your phone, which will be enough to pass SafetyNet Attestation. If they're clever and still detect the root then in Magisk toggle Enforce DenyList and add the problematic apps to the DenyList.
Updating Magisk
You cannot update Magisk via the Magisk app, as this device does not allow writing to the boot partition at runtime.
Instead, update the Magisk app, then use it to patch your stock boot.img and flash it manually using fastboot, as if you were installing it from scratch (as above). This will not wipe your user data, but be sure to backup first in case something goes wrong.
aricooperdavis said:
Rooting the POCO M4 Pro 4G (fleur) turned out to be quite straightforward. Note, I have a 2201117PG (EEA), you may have a different experience, it's not my fault if you brick your phone etc.
The process can be broken down into 4 steps:
Unlock Bootloader
Source boot.img (using payload_dumper)
Patch boot.img (using Magisk)
Flash patched boot.img (using adb)
1. Unlock BootloaderThis can be done using the official tool from MIUI or using mtkclient. I went for the mtkclient option as I don't want to send more of my personal data to MIUI than I have to.
Step-by-step (adapted from this How to Guide):
Install mtkclient and its dependencies (easier if familiar with installing python packages etc., straightforward for me on Linux)
On your phone activate developer mode and turn on USB debugging and OEM unlocking
Turn off phone and disconnect from computer
In the directory where you installed mtkclient run:
python mtk e metadata,userdata,md_udc
At this point plug your phone in (still turned off)
python mtk da seccfg unlock
python mtk reset
Disconnect USB cable and reboot phone
When it boots a message is displayed saying it is corrupted. Click the power button to dismiss and continue booting.
2. Source boot.imgThe boot.img needs to be extracted from the official MIUI firmware package using payload_dumper.
Step-by-step:
Download the firmware package for your device (you can check what version you need in Settings -> About phone -> MIUI version (For POCO)
Extract the .zip and find the payload.bin file
Download the payload dumper, extract the zip, and place the payload.bin file in the payload_dumper folder
In the payload_dumper directory run:
python payload_dumper.py payload.bin
This will extract lots of files from the firmware package. You only need to keep boot.img and vbmeta.img
3. Patch boot.imgWe need to patch the boot.img to give it root powers. We do this on the phone using Magisk.
Step-by-step (adapted from the Magisk installation instructions):
On your phone, download Magisk and install it
Connect your phone to your computer and put the boot.img you extracted on your phone somewhere
Open Magisk and in "Magisk" section tap "Install"
Choose the "Select and Patch a File" option and select your boot.img in the file browser and let Magisk patch it
Find the patched boot image in Downloads (called magisk_patched_*.img) and copy it to your computer in the same directory as the vbmeta.img we extracted earlier
4. Flash patched boot.imgFinally we need to replace the current boot.img on the phone with our patched one that has root powers. This is called flashing and is done using adb.
Step-by-step:
Install the Android SDK platform tools which contains adb and fastboot
Install a USB driver that supports fastboot mode
Ensure your phone is connected, USB debugging is enabled and working, and OEM Unlocking is enabled
In the directory you copied the magisk_patched_*.img to run:
adb reboot bootloader
This reboots your phone into fastboot mode. Wait until "FASTBOOT" is displayed on the screen
fastboot flash boot magisk_patched_*.img
fastboot flash vbmeta --disable-verity --dsable-verification vbmeta.img
Once it's done reboot your phone by pressing and holding the power button
That's all there is to it! This took me about an hour as I was working out all the steps as I've not rooted in a phone in nearly a decade - I reckon with a fast internet connection you could get it done in about 15 minutes.
Tidying upYou can delete all the stuff you downloaded onto your computer and the boot.img and magisk_patched_*.img from your phone.
It's a good idea to disable automatic OTA updates (Settings -> Additional settings -> Developer options -> Automatic sytem updates) so that you can update through Magisk.
Some apps will be able to tell that you have rooted your phone, and may stop you from using them. You can check this by downloading YASNAC onto your phone and seeing if it passes. If not (which it won't) the most straightforward solution is to add the Universal SafetyNet Fix module to Magisk, then enable Zygisk in Magisk settings and restart your phone, which will be enough to pass SafetyNet Attestation. If they're clever and still detect the root then in Magisk toggle Enforce DenyList and add the problematic apps to the DenyList.
Click to expand...
Click to collapse
Wow, Thank you very much!
Very details!
Will try it in my spare time.
MarkLev said:
Wow, Thank you very much!
Very details!
Will try it in my spare time.
Click to expand...
Click to collapse
Good luck, let us know how it goes and what you do with your root! So far I've installed AdAway and De-Bloater
aricooperdavis. hi!I buy phone Poco M4 Pro (4G) (fleur). Please help me get ROOT rights for this phone.
I do not have PYTHON, but I have mtkclient - the bootloader is unlocked, and there is an Android SDK for fastboot firmware.
Global 13.0.7.0 RKEMIXM now. You have 2 file 1.magisk_patched_*.img and 2. vbmeta.img for Global 13.0.7.0 ? Can I save them for download?
After unlocking the bootloader, using the mtkclient method, a new notification appeared
- dm-verity coruption
You device is corrupt/
It can't be trusted and may not work properly
Press power button to contime
Or, device will power off in 5 sec. Always need PRESS POWER for contime again How to fix it?
It sounds like you've done everything right so far.
Lark5 said:
Global 13.0.7.0 RKEMIXM now. You have 2 file 1.magisk_patched_*.img and 2. vbmeta.img for Global 13.0.7.0 ? Can I save them for download?
Click to expand...
Click to collapse
Sorry, I have the EEA firmware; RKEEUXM.
If you want to extract the boot.img and vbmeta.img from your firmware package you will have to install python. This is worth doing as installing updates in the future may require you to do this extraction process again.
Alternatively you may be able to use mtk to dump these images directly from the phone, but I don't have any experience with this. To perform updates this way you would have to completely unroot and relock the bootloader, update the firmware, then re-dump the new boot and vbmeta images and root again. I think just installing python is probably easier...
The error message you're seeing is dm-verity, and we disable this when flashing the vbmeta.img in step 4, which I've edited to clarify. You can see that we disable it in the final fastboot command:
aricooperdavis said:
fastboot flash vbmeta --disable-verity --dsable-verification vbmeta.img
This flashes the vbmeta.img, disabling the dm-verity corruption message at startup
Click to expand...
Click to collapse
Good luck with your rooting!
Unlock Bootloade and Root and RECOVERY for Poco M4 Pro (4G) with out Pyton (on Windows 10\11):
Unlock Bootloader:
1.Download the MediatekBootloaderUnlock archive. Unpack the archive ZIP.
2. Open the Driver folder and right-click the cdc-acm.inf file, select "Install"
3.Now go back to the main folder and install the USBDK (x64 for 64-bit OS, x86 for 32-bit OS) on your PC (also right click - install).
4. Reboot the PC.
5.Turn off the phone.
6.Run the UnlockBootloader.bat file to start the bootloader unlock process. We keep it on, it is in a state of response from the phone, if the firewood, the cable is connected, then everything is ok, I’ll tell you right away that it turned out 3 times.
7.Now connect the phone to the computer with a cable by holding down the volume up + down + power button. (If the volume up button doesn't work, try using volume up or volume up + volume down or all three hardware buttons) while the UnlockBootloader.bat file is open.
8.Once the phone is detected, some commands will be run in the UnlockBootloader.bat file. Let the commands finish and as soon as the window closes. Your bootloader will be unlocked.
BY THE WAY! - You can lock the bootloader again by following the same steps without clearing. Just use LockBootloader.bat with the same steps.
Root:
Downloading the official firmware for the phone, I took fleur_global_images_V13.0.7.0.RKEMIXM_20220419.0000.00_11.0_global (approximately 5.6GB in weight)
Unpacked it ZIP, pulled out 2 files from there fleur_global_images_V13.0.7.0.RKEMIXM_20220419.0000.00_11.0_global\images
boot.img and vbmeta.img
Downloaded Magisk STABLE Version: 24.3 - download on telephone, setup APP
Launch Magisk Manager. When a pop-up window appears asking you to install Magisk, select INSTALL and select install again.
Click on "Fix Boot Image File".
Connect your device to PC via USB cable. Make sure USB debugging is enabled.
Download ADB \ fastoot (I took tools_r29.0.6-windows)
Run CMD as Administrator
We write -
adb devices - the phone must be determined (QX ********* device - so all drivers are correct)
adb reboot bootloader - The phone reboots into fastboot mode - an inscription on the screen if dm-verity corruption messages appear - press POWER to continue
fastboot flash boot boot_PATCH.img (file name how to change)
fastboot flash vbmeta --disable-verity --dsable-verification vbmeta.img - will remove the inscription dm-verity corruption
OrangeFox-R11 RECOVERY:
Downloads for : -Android- Generic Device/Other | AndroidFileHost.com | Download GApps, Roms, Kernels, Themes, Firmware and more. Free file hosting for all Android developers.
Download GApps, Roms, Kernels, Themes, Firmware, and more. Free file hosting for all Android developers.
androidfilehost.com
Download, and Run CMD as Administrator
We write -
fastboot flash boot XXXXNAMEXXXX.img
Flash !boot! not fastboot flash recovery XXXXNAMEXXXX.img
Well done, glad you've got it sorted!
To clarify, this essentially follows the same 4 steps outlined in my post but using different tools that don't require python:
Unlock Bootloader
- Used MediatekBootloaderUnlock rather than mtkclient
Source boot.img
- Managed to find the images online without having to extract them from a ROM. @Lark5, where?
Patch boot.img (using Magisk)
- Same
Flash patched boot.img (using adb)
- Same
I think there's also a custom recovery install too (OrangeFox [not yet officially supported]) at the end. I tend not to bother with custom recoveries as I stick with the stock MIUI ROM and a custom recovery would complicate applying OTA updates. However, if you wish to install a custom ROM (anything other than a stock MIUI signed boot.img) then a custom recovery would be necessary, and they can also facilitate taking device backups etc.
aricooperdavis said:
Well done, glad you've got it sorted!
To clarify, this essentially follows the same 4 steps outlined in my post but using different tools that don't require python:
Unlock Bootloader
- Used MediatekBootloaderUnlock rather than mtkclient
Source boot.img
- Managed to find the images online without having to extract them from a ROM. @Lark5, where?
Patch boot.img (using Magisk)
- Same
Flash patched boot.img (using adb)
- Same
I think there's also a custom recovery install too (OrangeFox). I tend not to bother, but it can be convenient.
Click to expand...
Click to collapse
2. Find ROM on this link: https://mirom.ezbox.idv.tw/en/phone/fleur/roms-global-stable/
Fastboot Download V13.0.7.0.RKEMIXM
Explanations:
For fastboot (~5.6Gb) - firmware version, just unzip the ZIP, inside there is boot.img and vbmeta
For recovery (-2.5Gb) needed to extract boot.img Through Pyton for example
thanks for the help aricooperdavis
Lark5 said:
Find ROM on this link: https://mirom.ezbox.idv.tw/en/phone/fleur/roms-global-stable/
Click to expand...
Click to collapse
That's a great resource - the files it links to seem to be hosted on MIUIs servers too, so they're verifiably official
The more general link for all regions (not just global) for this phone would be: https://mirom.ezbox.idv.tw/en/phone/fleur/
I've updated the instructions to reflect your experience, thanks @Lark5!
aricooperdavis said:
Rooting the POCO M4 Pro 4G (fleur) turned out to be quite straightforward. Note, I have a 2201117PG (EEA), you may have a different experience, it's not my fault if you brick your phone etc. Backup before you start as this will wipe your phone.
The process can be broken down into 4 steps:
Unlock Bootloader
Source boot.img
Patch boot.img (using Magisk)
Flash patched boot.img (using adb)
1. Unlock BootloaderNote: This step will wipe your phone.
This can be done using the official tool from MIUI, using MediatekBootloaderUnlock (Windows 10/11), or using mtkclient (Any OS but requires Python). I will explain the mtkclient option as I'm on Linux and don't trust MIUI with more personal data than I have to.
Step-by-step (adapted from this How to Guide):
Install mtkclient and its dependencies (easier if familiar with installing python packages etc., straightforward for me on Linux)
On your phone activate developer mode and turn on USB debugging and OEM unlocking
Turn off phone and disconnect from computer
In the directory where you installed mtkclient run:
python mtk e metadata,userdata,md_udc
This erases your data
At this point plug your phone in (still turned off)
python mtk da seccfg unlock
This unlocks the bootloader
python mtk reset
This reboots the phone
Disconnect USB cable and reboot phone
When it boots a message is displayed warning that dm-verity is corrupted. Click the power button to dismiss and continue booting.
2. Source boot.imgNote: if your MIUI version (Available at: Settings -> About phone -> MIUI version) has a "Fastboot" file listed here then you can download that file and unzip it to find the boot.img and vbmeta.img, then skip to step 3.
Otherwise you'll have to extract them from the official MIUI firmware package using payload_dumper as follows.
Step-by-step:
Download the firmware package for your device (you can check what version you need in Settings -> About phone -> MIUI version (For POCO))
Extract the .zip and find the payload.bin file
Download the payload dumper, extract the zip, and place the payload.bin file in the payload_dumper folder
In the payload_dumper directory run:
python payload_dumper.py payload.bin
This will extract lots of files from the firmware package. You only need to keep boot.img and vbmeta.img
3. Patch boot.imgWe need to patch the boot.img to give it root powers. We do this on the phone using Magisk.
Step-by-step (adapted from the Magisk installation instructions):
On your phone, download Magisk and install it
Connect your phone to your computer and put the boot.img you extracted on your phone somewhere
Open Magisk and in "Magisk" section tap "Install"
Choose the "Select and Patch a File" option and select your boot.img in the file browser and let Magisk patch it
Find the patched boot image in Downloads (called magisk_patched_*.img) and copy it to your computer in the same directory as the vbmeta.img we extracted earlier
4. Flash patched boot.imgFinally we need to replace the current boot.img on the phone with our patched one that has root powers. This is called flashing and is done using adb.
Step-by-step:
Install the Android SDK platform tools which contains adb and fastboot
Install a USB driver that supports fastboot mode
Ensure your phone is connected, USB debugging is enabled and working, and OEM Unlocking is enabled
In the directory you copied the magisk_patched_*.img to run:
adb reboot bootloader
This reboots your phone into fastboot mode. Wait until "FASTBOOT" is displayed on the screen
fastboot flash boot magisk_patched_*.img
This flashes the patched boot.img to give you root
fastboot flash vbmeta --disable-verity --dsable-verification vbmeta.img
This flashes the vbmeta.img, disabling the dm-verity corruption message at startup
Once it's done reboot your phone by pressing and holding the power button
That's all there is to it! This took me about an hour as I was working out all the steps as I've not rooted in a phone in nearly a decade - I reckon with a fast internet connection you could get it done in about 15 minutes.
Tidying upYou can delete all the stuff you downloaded onto your computer and the boot.img and magisk_patched_*.img from your phone.
It's a good idea to disable automatic OTA updates (Settings -> Additional settings -> Developer options -> Automatic sytem updates) so that you can update through Magisk.
Some apps will be able to tell that you have rooted your phone, and may stop you from using them. You can check this by downloading YASNAC onto your phone and seeing if it passes. If not (which it won't) the most straightforward solution is to add the Universal SafetyNet Fix module to Magisk, then enable Zygisk in Magisk settings and restart your phone, which will be enough to pass SafetyNet Attestation. If they're clever and still detect the root then in Magisk toggle Enforce DenyList and add the problematic apps to the DenyList.
Click to expand...
Click to collapse
When I gave this command fast boot flash dm verify it always unknown option in my cmd any solution ? can anybody help me??
Daafafagsgsgs said:
When I gave this command fast boot flash dm verify it always unknown option in my cmd any solution ? can anybody help me??
Click to expand...
Click to collapse
Make sure you're copying the command exactly - it's fastboot rather than fast boot and verity not verify. Did you install the Android SDK platform tools that contain fastboot? You may need to restart after this install to make the command available in your command prompt/shell.
aricooperdavis said:
Make sure you're copying the command exactly - it's fastboot rather than fast boot and verity not verify. Did you install the Android SDK platform tools that contain fastboot? You may need to restart after this install to make the command available in your command prompt/shell.
Click to expand...
Click to collapse
Yeah i copied the same command but how to install Android sdk tools can you suggest me a video?
Daafafagsgsgs said:
Yeah i copied the same command but how to install Android sdk tools can you suggest me a video?
Click to expand...
Click to collapse
Go to this link, scroll to the downloads section, and select the right download for your OS, then follow the instructions.
This video shows the process, but has very annoying music!
aricooperdavis said:
Make sure you're copying the command exactly - it's fastboot rather than fast boot and verity not verify. Did you install the Android SDK platform tools that contain fastboot? You may need to restart after this install to make the command available in your command prompt/shell.
Click to expand...
Click to collapse
I installed and tried everything this error comes
Interesting, that sounds like you've got an outdated version of fastbook. What does fastboot --version give you?
Can i flash it with my phone ??
Adb otg app??
I don't know, I can't help you with that.
aricooperdavis said:
Interesting, that sounds like you've got an outdated version of fastbook. What does fastboot --version give you?
Click to expand...
Click to collapse
Fastboot version
That's not an official version of fastboot, so it looks like it's missing the command you need. Download the proper Android SDK tools from Android (the same as the original link) and replace your "Minimal" version with it.
aricooperdavis said:
That's not an official version of fastboot, so it looks like it's missing the command you need. Download the proper Android SDK tools from Android (the same as the original link) and replace your "Minimal" version with it.
Click to expand...
Click to collapse
After many tries i found that the command given is wrong
fastboot flash vbmeta --disable-verity --dsable-verification vbmeta.img
This is given
It will be
fastboot flash vbmeta --disable-verity --disable-verification vbmeta.img
I is Missing Now i have flashed vb meta and problem is solved with the fastboot version i have
By the way thanks