Database Develop

RECOVERY ROM Flash… thru USB from PC ?? (no SD)

I wound up with a non functioning SD card reader after downgrading to dreaIMG. I managed to get a USB connection, after much, fuss to my PC. I am running a program (Droid Explorer) on my P.C. which, among it’s many functions, appears to allow you to upgrade your ROM and install programs from its PC UI. any body gone this route? Would you recommend ?
NOTE: I messed with the SD and usb connection for days, new SD cards, reformatting them every which way, and fiddled with the setup on the android (once registered). I suspect the ROM was corrupt and recover process might just fix it. If it dosn't’t I certainly want to finish the whole process anyway.
The keyboard is the size of my shaky thumbs, I’m dyslexic, far sighted and can only hunt and peck on a regular keyboard. There is absolutely no way I could blindly pump the arcane commands I’ve seen around that might let me finish. (I tried typing “am start -a android.intent.action.MAIN -n com.android.settings/.Settings” 21 times and never got it right)
So, if some one can confirm this USB to PC flash is a valid method (DroidExplorer or other), I guess It would just be like using the PC as a gigantic SD card, I would be jazzed. Right now, cant’ use the keyboard, and can’t use the SD, I see no other way to finish the job. (unless I could install a command prompt thing on the phone to see what I’m doing…still no SD.
Thanks in advance
\PK

Questions in general belong in the Q&A forum, not the Development forum. Questions regarding Droid Explorer, being an app, belong in the Apps forum.
Repost there and you'll likely get help. Here, you're likely to get flamed.

You can definitely flash images directly to the device (without use of the SD card), however, you cannot use update packages, but instead images. You will need separate recovery, boot and system images, and either apply them with the flash_image tool through adb, or through fastboot.
The flash_image route is going to be a bit difficult, since you need to have enough room on the internal RAM to keep a copy of the image you are flashing. (Perhaps you can overwrite the existing backup version ...)
In either case, this is not the best forum to be posting these questions. Obviously, you best course would have been in the Q&A (rather self-explanatory), or as another posted recommended, under Apps.

[Removed as duplicate]

Now that this post has been moved to Q&A: To the OP --
Have you tried issuing the "mount" command via console while in recovery? I.e.;
Code:
#mount /sdcard
I've had it come up where the /sdcard itself wasn't mounting properly.
Otherwise you're stuck flashing a full .NBH file via Fastboot, insofar as I am aware.

IConrad01 said:
Questions in general belong in the Q&A forum, not the Development forum. Questions regarding Droid Explorer, being an app, belong in the Apps forum.
Repost there and you'll likely get help. Here, you're likely to get flamed.
Click to expand...
Click to collapse
Sorry, I've been obssed and frutrated for 3 days/ Total lack of responce here (Q&A) and elswhere. I did a new search and everything resembling my issue was wherever my origional post was on xda, not Q&A.
Any way, I'll stay away. pk

rpcameron said:
You can definitely flash images directly to the device (without use of the SD card), however, you cannot use update packages, but instead images. You will need separate recovery, boot and system images, and either apply them with the flash_image tool through adb, or through fastboot.
The flash_image route is going to be a bit difficult, since you need to have enough room on the internal RAM to keep a copy of the image you are flashing. (Perhaps you can overwrite the existing backup version ...)
In either case, this is not the best forum to be posting these questions. Obviously, you best course would have been in the Q&A (rather self-explanatory), or as another posted recommended, under Apps.
Click to expand...
Click to collapse
I appreciate your reply very informative
1)if I reconstruct a zip file and get 3 or4 bin or img files, how do I determine which goes first?
2) Do they need to be renamed? if so, to what?
3) "The flash_image route is going to be a bit difficult" . so your saying that my P.C will not be behaving like an SD card? but just a dump truck?
4)n Sorry for crashing the party. I bought this thing on Ebay 4 days ago "for parts" and knew zip about it. I Posted several times in the Q&A section and pretty much got "format SD to fat 32"...Very well meaning but page one of every g1 how to.
Without bugging you guys, I know I'm a noob, but in 3 days I took this 50 buck T-mobile with no usb, no wifi, no bluetooth, no-way to input through the keyboard, no SD and, nothing on the screen but a 3 page sign up sheet for to google...to a functioning AT&T phone with most of the perks working.
I just want to finish the job, I think with a proper flash, the remaining probs. might go away. All I was looking for was a morsel of direction, not "format fat32", and you gave it!!
Thank you, PK

IConrad01 said:
Now that this post has been moved to Q&A: To the OP --
Have you tried issuing the "mount" command via console while in recovery? I.e.;
Code:
#mount /sdcard
I've had it come up where the /sdcard itself wasn't mounting properly.
Otherwise you're stuck flashing a full .NBH file via Fastboot, insofar as I am aware.
Click to expand...
Click to collapse
Thanks Ico...,
Yes, I have now. No luck. I resigned to the fact that I will have to install from my PC... for now. I tried out this little utility, Droid Explorer. It is the exactly what I think an interface should be. It's takes al these monstrous tasks an packs them m into a little windows type app. But, you have to heave a ROCK-SOLID connection.
I just have to think I had a bum DreaIMG rom. it loaded up from my SD card and installed swimmingly with a cheery concluding "SUCCESSFULLY INSTALLED!!". After that the card(s) were never to be recognized again. I wonder if I could Just get a normal usb-to-mini usb adapter and plug a thumb drive in, install of that.
Last night I got it to be recognized by my PC a little better, but, I still can't really transfer anything. (I also managed to inadvertently run up $208.00 in "data fees"...no bloody clue").
I've been following a different wiki every day. It seems as though most of them are outdated by a week or so (history). I think my problem lies in usb drivers because installations seems always seem inconclusive as to weather there there or not and adb seems to misbehave.
Chow

[HOW-TO/INFO] Bell FAQ [9-25-2011]

This is my attempt at a Bell FAQ, it is a work in progress.
Q. Why don't the instructions I found on how to do X not work?A. This is a development forum, sometimes things are written in shorthand assuming you know things you don't. At lot of things are specific to one carrier's phone or another. Sometimes things change and are now obsolete, something new was found, a better way of doing things, if you were not following it all along you are likely to be lost. Read between the lines, you are a human being with reasoning abilities, figure it out. ​Q. What should I do first?
A. Backup your phone. That means everything, especially your pds partition. Nandroid won't cut it and you have already modified your phone beyond the ability to get back if you can run it.
Ex. dd if=/dev/block/mmcblk0p3 of=/sdcard/backup/mmcblk0p3
Save your backup on your computer, create a zip of all the files, burn it off on cd/dvd, put it in a safety deposit box at your bank. Be prepared for bricking your phone. A lot of things mentioned in threads here are developed and tested for ATT phones, they may not work 100% on your phone.​Q. What is ADB?A. It stands for Android Debug Bridge or something like that. It is a program that runs on your computer that lets you talk to your phone using special commands. Your phone has to have adb enabled, it's a setting under application/development.
Ex. adb shell
This opens a linux shell connected to your phone. Linux is an operating system for computers, it is also used as the base for android phones.
Ex. adb install file.apk
Ex. adb push file /tmp
Ex. adb pull /tmp/file .​
Q. What is CWM recovery?A. Android phones come with a special boot configuration that allows for changes to the android system from a place outside the system. It is very corporate and does the job for official signed updates, but only Motorola and it's oems can sign the updates. Not much fun for us. CWM recovery is a replacement for the official recovery system that doesn't require signed updates.
You install CWM recovery using fastboot or moto-fastboot.​Q. What is unlocking the bootloader all about?A. It is the means of putting CWM recovery on your phone so you can install roms and other packages. It allows you to flash a partition with mods and have the phone not soft brick when you reboot. When the unlocked versions of the atrix bootloader were found it started a new round of mods. A lot of the threads prior to that are now obsolete.​Q. How do I unlock the bootloader?A. There is a huge thread already about this, see here.
WARNING: this is a permanent change to your phone.
Summary:
1. Download the archive
2. Extract the sbf inside, whatever it's called, that is the one to use.
3. Use linux sbf_flash or rsdlite from windows to install it.
3. fastboot oem unlock
4. Copy code fastboot spits out.
5. fastboot oem unlock code
6. fastboot reboot
You will see unlocked while booting and when you get into android you will have ~300MB of ram. This will need to be fixed. Also, you will lose all your data during the process, do a backup first.​Q. What is fastboot/moto-fastboot?A. It's a program to access the phone and do stuff, write phone partition images mostly. The stock one can only handle tiny system images, pretty useless for the Atrix, xda member eval- compiled the motorola version for us that can handle larger system images, do a search for moto-fastboot.
Ex. moto-fastboot flash recovery recovery.img.​Q. How do I fix the ram problem?A. I did up a CWM recovery zip to update the boot and recovery partitions to contain a kernel command line with the missing bit "[email protected]" added. See here.
There are other means of doing this, some boot images come prepackaged with the command line already embedded. There are ATT compiled kernels with a patch inside the kernel itself to do the same thing. You can search for those when you are ready to try things like custom ATT kernels on your phone.​Q. How do I root the phone?A. If you are unlocked and you have fastboot flashed a version of CWM recovery, it is trivial. By that I mean almost impossible for newbies to figure out.
It would go something like this:
1. Boot into CWM recovery.
2. use adb shell
3. adb push a su binary to the phone.
4. mount system as read write as /system
5. copy su binary to /system/bin
6. make sure it has the right permissions, 06755 mode , user root, group root.
7. unmount -l /system
8. when in android look on the market for Superuser.apk, install.
Every rooting method out there is all about putting su into /system/bin with 06755 permissions, most don't work anymore since Gingerbread. If you are looking for a simple, no brain involved solution, you are likely to get something working and also something else you didn't want like a replaced preinstall partition or an installed busybox with different functionality for some important system commands. (Busybox may be more up to date even, but if it doesn't do what is expected of the older version, it's still not good.)
Another way would be to create a CWM zip that simply puts the linux su binary in system with the correct permissions. Some info about creating your own can be found here. Doing this is more involved that just doing it manually, but it would be a good practice for getting into creating CWM updates.
Here is a link to a exploit someone did up to root the phone when running GB. Haven't tested it, and with an unlocked phone it is totally redundant, but it's nice that some found yet another security hole in the OS, seems similar in result to psneuter, so be sure to reboot the phone to fix the exploited system.
Seriously, if you are going to be reading or posting in the development section of xda for an android phone, take the 5 minutes to become familiar with adb and a few linux shell commands, it will save you hours of confusion and aggravation. If you fly blind trying things on your phone without understanding what you are doing you are eventually going to get into a place you can't get out of and need a new phone or REALLY have to struggle to understand things. You were warned. ​Q. How do I get back to stock?
A. You can't unless you have a backup of all your phone partitions and can update your radio and bootloader to be stock. Once you unlock your phone, it is recorded that you did so by blowing a physical fuse on the phone. This cannot be restored, you will need a new phone.
What does stock mean to you? When I bought my phone it had a certain radio, the bootloader couldn't be unlocked, the android system files had certain versions, etc. Beyond the android system there are 18 partitions that I know of on the phone, most phones do with 5-6. Every ota update or sbf files take the normal files and change them to something else, non android partitions get modified or replaced.
I have some solutions for getting close to stock, do a search for Gobstopper. There is one for Bell 2.2.2 and Bell 2.3.4, use one or the other. These attempt a full back to stock operation, that means the radio and bootloader will be stock, recovery will be stock as well. (All the partitions that are on the phone are written over with the ones that were on my phone when I bought it, with the exception of partitions 3 (pds), 15 (cache), 16 (data), and 18 (userdata or internal memory), factory reset clears cache and data, you don't want pds touched or internal memory.) Unlocked will no longer be displayed when you boot and you will no longer have CWM recovery installed. You will need to install the unlocked bootloader again and fastboot flash recovery again if stock is not what you wanted. (Your pds partition is not involved in this operation, so if you made changes to it, either directly or indirectly via a sbf this will not restore it, your pds partition contains individual phone information.)
More about sbf format here.​Q. What does the pds partition taste like?A. It's not really fit to eat. Now you know.
It is mmcblk0p3, a partition on your phone, it is mounted as /pds when android boots and contains a bunch of folders and files that nobody really understands fully but Motorola. Having a look at some of the files you will see things like your network physical address, bluetooth physical address. You will find threads where the display is all arsed up, cpu running at half speed, touch screen not working right, etc, all due to something going wrong with /pds. It is best to back it up and not mess with it. Restore it in an emergency. Maybe one day everything in there will be figured out, take a stab at it yourself.
See this thread by edgan for how to back up your pds partition.
See this thread by KeRmiT80 about attempting to fix your pds partition. Good motivation to see previous link.
​Q. I lost network data access after flashing X.
A. Check your APN list, if it's not a Bell firmware you are using, it probably doesn't have Bell's APN list. Scratch that, you don't know what that is or how to check it.
It stands for Access Point Name and a big list of them is stored on your phone in one big file (/system/etc/apns-conf.xml), each firmware has it's own version of it. Your phone will get two numbers from your carrier's phone network to do a look up in this list to figure out what configuration to use. So say it gets mcc 302, mcn 610, it will check the phone and look up 302, 610 in the file and read what it says there and use that config to try to connect. Now, another thing is that the phone knows what the home network is by these two numbers, embedded somewhere in the system. A foreign, non Bell carrier won't have Bell's numbers in there so your phone will think it's roaming. If you have roaming disabled, guess what, no data connection. Your carrier should be smart enough not to charge you for roaming, never had a problem with that, but you never know.
Here are the apn settings you can enter manually for your phone, see Bell's support link.
​Q. How do I get webtop over HDMI to work?
A. There are several threads on getting this to work on ATT phones and others, they are specific to the firmware being run on the phone. They involve copying two deodexed files to your system/app folder and replacing the ones already there. You will also need to clear your dalvik cache to get the new code recognized. They are DockService.apk and PortalApp.apk. If you are not deodexed then you also have to remove the .odex files for both.
Here is one thread for Gingerbread, in the zip there is one for ORFR that will get you to viewing the webtop on Bell GB, but applications don't load.
Here is another thread for Froyo that works, see the Bell specific bit in the OP. This does not work from Bell Gingerbread.​ To be continued...

Hoping the Mods sticky this
A link should be attached to the wiki as well. I will try to when I get home if it isn't done already.

shouldn't this be in general? or q&a?

Magnetox said:
shouldn't this be in general? or q&a?
Click to expand...
Click to collapse
Probably both. Most things referenced are in development.
Cheers!
Sent from my MB860 using xda premium

y2whisper said:
Hoping the Mods sticky this
A link should be attached to the wiki as well. I will try to when I get home if it isn't done already.
Click to expand...
Click to collapse
+1 this should be a sticky on either or both general or development...
cheers for this...this thread is going to help me with my youtube viewers BIG TIME!!

Very nice!
Keep it up NFHimself!

NFHimself said:
This is my attempt at a Bell FAQ, it is a work in progress.
Q. How do I root the phone?A. If you are unlocked and you have fastboot flashed a version of CWM recovery, it is trivial. By that I mean almost impossible for newbies to figure out.
It would go something like this:
1. Boot into CWM recovery.
2. use adb shell
3. adb push a su binary to the phone.
4. mount system as read write as /system
5. copy su binary to /system/bin
6. make sure it has the right permissions, 06755 mode , user root, group root.
7. unmount -l /system
8. when in android look on the market for Superuser.apk, install.
Every rooting method out there is all about putting su into /system/bin with 06755 permissions, most don't work anymore since Gingerbread. If you are looking for a simple, no brain involved solution, you are likely to get something working and also something else you didn't want like a replaced preinstall partition or an installed busybox with different functionality for some important system commands. (Busybox may be more up to date even, but if it doesn't do what is expected of the older version, it's still not good.)​ To be continued...
Click to expand...
Click to collapse
I used this method to root the stock Bell Gingerbread ROM. Works on an Atrix too. It's a quick download and easy for those people who may not be comfortable with the adb command line.
http://www.psouza4.com/Bionic/

thx
useful for newbies
but can you put some more details about returning to stock and explain the pds partition in details plz?

papakilo10 said:
I used this method to root the stock Bell Gingerbread ROM. Works on an Atrix too. It's a quick download and easy for those people who may not be comfortable with the adb command line.
http://www.psouza4.com/Bionic/
Click to expand...
Click to collapse
Had a look at the script in that one, should be fine, doesn't install a busybox or anything like that. I don't care for Superuser.apk in /system/app myself, but it won't harm anything having it there.
Cheers!

ytwytw said:
thx
useful for newbies
but can you put some more details about returning to stock and explain the pds partition in details plz?
Click to expand...
Click to collapse
I added a few things, anything in particular you wanted?
I am trying to avoid step by step tutorials or spoon feeding everything, so people who are lazy/careless will have to attempt to think for themselves. It just leads to more questions, more laziness, and bricked phones, and I don't have the time these days.
Cheers!

OMAP4430 boot.rom dump

My purpose is to locate the fastboot system, and I thought that I would start from, well, the start. Boot-up on the OMAP4430 tries many places, one is an on-chip 48kb ROM. I initially tried to read /dev/mem, but no matter what address I tried to read it would say Bad Address, so I had to make a kernel module, in which I dumped the boot ROM to a file... and it worked.
The reversion of the ROM on my bionic is 0x03 0x19
(Please read Ch 27(.4.2.1) of OMAP4430_ES2.x_PUBLIC_TRM_vY.zip )
I am more handy with ia32 assembly, not arm...
So where is fastboot? I can see a few other addresses, but if I try to map some of them, the device will reboot.. The TRM spoke of 0x08000000 for a fast boot XIP but a reboot occurs (I think) ... any ideas where to look next?

After a day of digging around, I was able to find that "fastboot"(0x08000000) address at 0x28C18 (0x28000 is the base address of the boot.rom) ... just helping out anyone else interested in looking into this. I somehow don't think that this is what I am looking for though... but atleast I do know that I am making some headway
Edit: Confirm that I am unable to read even one byte from 0x08000000 .. reboots
Edit2: Polling from the Control Register (0x4A0022C4) returned 0x00000AEF ... which means that
1) This is not a GP(General Purpose) OMAP4430
2) SYS_BOOT[5:0] is b101111 which tells us
a) to use Memory, not Peripheral boot devices
b) 1st boot device is MMC2(1)(perm) (eMMC/eSD = GPMC pins)
c) 2nd= USB-ULPI (external transceiver)
... Does the MMC mean it boots from the onboard 16gb? If so, then this might be easier to trace through than I thought...
Has anyone dumped the entire contents of that memory? or just the known partitions?
Edit3: Reading the TRM more (pg 5240) tells me that SDMMC2 only Raw mode is supported, no file system (FAT12/FAT16/FAT32) support because the purpose of this approach is to avoid the boot time penalty of searching for a file system hierarchy when it is not always necessary.
Edit4: ...and Sure enough, dumping the first 512 bytes of /dev/block/mmcblk1 shows the Bootable signature (0x55AA) at the end (0x01FE)
... I thought I read that it would just try to read in RAW mode, which makes it not want to even have such a thing, but I knew it had all those other partitions, so I figured I might have been wrong there...
A proper dump of this soon enough.. atleast I gave you guys the boot.rom from the actual OMAP4430 that would have been otherwise hard to retreive... I only wasted one day on this, not bad and I learned some ARM ASM
Edit5: Maybe I am getting ahead of myself, it is of type 0x83 ... which is Linux, not any of the FAT FS which the boot.rom supports... ?
Edit6: Well, it has the file it's looking for, not sure if it's a FAT system like it's suppose to be though, and it looks like in a 1MB dump that fastboot is in the 2nd or maybe more, partition... I still want to try to dump this "MLO" bootup file... but i have to learn about FAT fs structure, ugh...

The implications of deep hardware hacking like this make me very excited for what could be possible with the Bionic. It contains some absolutely absurd hardware for a mobile device so the sky's the limit at this point. Fantastic work! I could only dream of being able to comprehend the things that guys like you can.
Also I wonder if this thread would end up getting proper attention in the dev section.

projektorboy said:
The implications of deep hardware hacking like this make me very excited for what could be possible with the Bionic. It contains some absolutely absurd hardware for a mobile device so the sky's the limit at this point. Fantastic work! I could only dream of being able to comprehend the things that guys like you can.
Also I wonder if this thread would end up getting proper attention in the dev section.
Click to expand...
Click to collapse
I only wish I could comprehend what he is talking about. I'm glad to see a vested interest is being taken!
Sent from my DROID BIONIC

Thanks so much, Noxz for making the effort to do this!

hey, thanks finally for the responses, a full day after the initial dump and no responses... I think because it's NOT in the dev section... but I can't post a thread there until I have 10 posts... maybe I can get that privilege now, moderators?
The bad part with disassembling is that when it computes an jump in code(in ARM it's called a branch) and doesn't give a specific address, it makes finding that code very hard.. I found the text "MLO", the bootable file, in the boot.rom but nothing of the code I know referenced it yet, unfortunate because that partition is not a standard FAT fs and thus is taking a while to read, but if I did have the disassemble of the ROM code where it looks for that, or even just the file search, then I could easily see what it is reading...
Obviously knowing that fastboot and such is in the second or third partition is quite a step forward, but I need to dump this MLO file so we can read from start to finish...
I'll keep everyone posted

So this partition isn't a correct FAT fs... I don't know if being identified as a Linux partition means anything and I'm just not reading into it right, but I am having some time trying to look into these files, you can easily see the MLO file, a KEYS file, and a PRIMAPP file right at the start, or I should say the file name, but there isn't much information on where they are mapped, etc etc...
Maybe partition2 will be better? It's also identified as a Linux partition
I still have a few days to waste...

Sorry to ask dumb. But what exactly does this benefit me when flashing it?
Sent from my DROID BIONIC using Tapatalk

The current fastboot does not have several commands that is in the original source... but really, I am just interested in the entire boot procedure.. there's a few things I might like to change... The good news is because everything but the boot.rom resides on the eSD, that means we should be able to write to it very easily, so we can change quite a bit

Noxz, I am along with these guys in I would understand more if I was just dropped in the middle of Ghana :\ but I would like you to know that you have given me my 1024th item on my 'to research' list. So once I get bored with what I'm doing now, I am going to try to learn a little bit about ARM and OMAP

Hah, I understand...
I've done a bit of x86 ASM and BIOS disassembly before.. so I figured I might as well peek into this and see what is being hidden and such...
I am seeking help right now... If you know anything about the FAT filesystem... you can start by doing "dd if=/dev/block/mmcblk1p1 of=/mnt/sdcard-ext/partition1"
.. It obviously has that MLO bootup file in it as mentioned in the OMAP4430 TRM but I can't seem to trace what cluster it might be in... I have to assume that it is in fact a FAT fs... but it doesnt seem to follow any of the structures/formats I've been reading... ???

The boot rom you've dumped is the ti omap itself; the only real purpose of that is to bootstrap the bootloader. You are correct in that it's not a GP; none of the Motorola phones are -- this boot rom is what verifies the signature of the bootloader.
http://www.droid-developers.org/wiki/Booting_chain
While not exact, the above diagram will give you an overview of the layout used by Motorola phone. The short version is boot rom -> mbmloader -> mbm -> lbl -> kernel, where mbmloader is the Motorola terminology for the MLO or X-LOADER referenced in the TRM. mbm is the bootloader (motorola boot manager) and controls all actions henceforth, including fastboot (which replaced an older sbf protocol).
The CDT acts as a partition table and lists the layout of the device, including marking where the signatures are located and how often they're checked.
http://blog.opticaldelusion.org/2011/10/bionic-development-notes.html

Sorry for late answer.
Here you can find example of reversing OMAP 3430 bootrom http://hg.droid-developers.org/reverse_engineering/src/b8b881184b5f/asm
As mentioned before droid-developers wiki contain a lot of info about bootrom.
Here you can find info about bootrom itself http://www.droid-developers.org/wiki/Application_Processor_Boot_ROM
Here you can find info about security model in omap http://www.droid-developers.org/wiki/Security http://www.droid-developers.org/wiki/Secure_Services
Here you can find info about my project - emulation of early OMAP booting (including bootrom debugging) http://www.droid-developers.org/wiki/QEMU

[FIX] Get Out Of "Test Mode"

All credit for this find goes to alasdair529.
alasdair529 said:
What I did was, I went into LGPNST and I took the VS910 dll and the original VS910ZV4_04.S4_04.P58008.R5.user.tot
found here:
http://forum.xda-developers.com/show....php?t=1120062
and put my phone in download mode (emergency mode) holding power buttone and volume up
and I flashed it using LGPNST
and Voila my phone is back to normal, no more test mode. My phone is perfect working condition with all usb modes and internet connection working, no more test mode.
Also my phone is back to charging normal. I am so happy I fixed this, I was about to sell it and get something else
honestly there is nothing more to it then that took about 1 minute to set it all up then LGNPST did all the work, very simple, I just don't know why no one else on Google could figure this out or at least post a guide to it if they did, feel free to make a post in the development section, can't wait for mtmichaelson to see this and fix his phone too!
Click to expand...
Click to collapse

I tried to flash v4 or v6, but after that it doesn't boot.
v7, it boots well, but still shows me usb test mode or usb factory mode
weird...

lentm said:
I tried to flash v4 or v6, but after that it doesn't boot.
v7, it boots well, but still shows me usb test mode or usb factory mode
weird...
Click to expand...
Click to collapse
I've had factory cable connected a new USB cable fixed that.
Sent from my VS910 4G using xda premium

I found that fix out also, but I would like to know how to ax test mode without haveing to roll back to Froyo. Because, correct me if I'm wrong, but won't flashing the v7 tot file again just create the test mode issues all over again?

atomD21 said:
I found that fix out also, but I would like to know how to ax test mode without haveing to roll back to Froyo. Because, correct me if I'm wrong, but won't flashing the v7 tot file again just create the test mode issues all over again?
Click to expand...
Click to collapse
Yes it will
Sent from my Dread Ginger Revo using Tapatalk.

Not to dread this up again, but has anyone had any progress on this? Do we know where testmode is being set? Kernal, Radio, ROM...APK?
I would think if it were a bootup setting somewhere, we should be able to do a file or text-in-file search from root up up through the child folders within the core OS. If it were in the APKs, the settings could be in the XML prefs somewhere.. still very searchable.
I have my step-daughters phone stuck in test mode... /=
I dont what to re-create the wheel and spend hours doing stuff that has been done.... so I ask you all this: what do we know so far? Has a simple OS level search in the linux system been done? Is it something in in one of the .rc init files?
It must be somewhere and if we re-root after the TOT, then we should be able to fix this.
Any of the custom ROMs have this if we flash over the TOT? That would rule out APK and ROM settings.

Today I ended up doing a full factory reset, flashed clean V7 tot, then the V8 tot and re-rooted, and finally installed the new breakout rom and I'm still in test mode...

nasaiya said:
Today I ended up doing a full factory reset, flashed clean V7 tot, then the V8 tot and re-rooted, and finally installed the new breakout rom and I'm still in test mode...
Click to expand...
Click to collapse
So this would eliminate ROM and APK.
What are we left with... kernel, radio or recovery partition? Some other hidden partition?
The TOT does a complete re-partition so there must be some hidden key in here somewhere.
I wish I were one of the heavy ROM guys, but I'm just a linux novice and decent developer.
Lets keep brainstorming!

Well I'm just guessing here so bear with me...
AFAIK the cause is flashing in emergency download mode, which is something outside of the normal system, and also outside of the recovery partition. Based on that (and the previous post) I'd guess it set a test mode flag somewhere on another partition that gets "checked" at boot.
I figure we ought to be able to get images of all the partitions with dd but I wouldn't know what to do with that data once I had it... Maybe compare with a non-test-mode phone and look for inconsistancies.
I could be totally wrong though I'm not very familiar with the boot process and that sort of thing.
EDIT: found this: http://wiki.rootzwiki.com/LG_Revolution_Software_Breakdown
Maybe it sets a flag in the MISC partition like it does to boot into recovery or something like that. That stuff is a bit over my head though.

nasaiya said:
Well I'm just guessing here so bear with me...
AFAIK the cause is flashing in emergency download mode, which is something outside of the normal system, and also outside of the recovery partition. Based on that (and the previous post) I'd guess it set a test mode flag somewhere on another partition that gets "checked" at boot.
I figure we ought to be able to get images of all the partitions with dd but I wouldn't know what to do with that data once I had it... Maybe compare with a non-test-mode phone and look for inconsistancies.
I could be totally wrong though I'm not very familiar with the boot process and that sort of thing.
EDIT: found this: http://wiki.rootzwiki.com/LG_Revolution_Software_Breakdown
Maybe it sets a flag in the MISC partition like it does to boot into recovery or something like that. That stuff is a bit over my head though.
Click to expand...
Click to collapse
That's a great find. I'm going to spend some time reviewing that data in hopes that it is something as simple as tweaking one of those partitions.

Sounds good. I'm happy to help with this in any way possible, so let me know if you need anything...
Having to use adb to transfer files all the time is annoying!

I started playing around in the android OS and here are some files I found that ahve "testmode" within them. I tried doing a full system search, but the 'find' keeps stalling/freezing. init.rc has some, what looks like, programmer patch scripts in it that directly affect testmode. What's funny is that each "patch" is labeled by the devs email address! We could probably email the guy to find out how to disable testmode.... (=
# find . -type f -exec grep -l "testmode" {} + 2> /sdcard/err.log
./init.rc
./system/lib/libandroid_runtime.so
./system/lib/libhardware_legacy.so
./system/app/VerizonHiddenMenu.apk
./system/app/Settings.apk
./system/app/LgHiddenMenu.odex
./system/app/LgHiddenMenu.apk
./system/etc/efs.txt
./system/framework/framework.odex
./system/bin/btld
./system/bin/lg_diag_app
./sys/devices/platform/testmode/uevent
./sys/devices/platform/testmode/modalias

I emailed one of the engineers listed in the init.rc file.... MAYBE if we're lucky, he'll help us out.

So far, not looking good. I think he may be thinking I was it disabled in the core, but he doesn't understand that its running actively.
Code:
[B]Eric <[email protected]> Wed, Apr 4, 2012 at 9:13 AM
To: 김세현 <[email protected]>[/B]
[I]Thank you for your response!
Can testmode be disabled in Linux or from Android. Can we dial a code to turn it off?
How can I turn it off? Do you know how or can hint at how to do it?
Thank you again[/I]
[B]김세현 <[email protected]> Wed, Apr 4, 2012 at 9:25 AM
To: Eric <[email protected]>[/B]
[I]Impossible!!
If you are guru, then you can disable it and then it make a brick.
It’s useless job. Why are you trying that?
Give up I suggest. Testmode is lg version of QCT diag cmd set.
BR.[/I]

Guys, test mode is embedded deep inside the kernel source. Disabling it in one place will cause it to not build because it is referenced in another file. Remove it from there and it won't build because of another. Etc., etc., etc. Now what you can try is asking if he knows which partition holds the flag for test mode. It is obviously not /boot, /data, /system/, or /recovery.
Sent from my VS920 4G using Tapatalk

mtmichaelson said:
Guys, test mode is embedded deep inside the kernel source. Disabling it in one place will cause it to not build because it is referenced in another file. Remove it from there and it won't build because of another. Etc., etc., etc. Now what you can try is asking if he knows which partition holds the flag for test mode. It is obviously not /boot, /data, /system/, or /recovery.
Sent from my VS920 4G using Tapatalk
Click to expand...
Click to collapse
Hey mt,
Do we know why emergency mode installed tot's flag testmode whereas regular installed tot's (from cwm recovery or usbmode) dont flag flag testmode? Same tot's same kernel, right?
Is it possible to pull the other mounts images (not /system, /data, etc) and push them to a testmode device?

I don't believe it's tots flashed from emergency mode per se, but rather phones that had bad recoveries installed first, then flashed in emergency mode.
Sent from my VS920 4G using Tapatalk

mtmichaelson said:
I don't believe it's tots flashed from emergency mode per se, but rather phones that had bad recoveries installed first, then flashed in emergency mode.
Sent from my VS920 4G using Tapatalk
Click to expand...
Click to collapse
Agreed.
Now, where is the flag, byte offset, or whatever that is flagging the whole system to be in 'testmode'. If it can be set, it can be unset.
Since /system, /data and /cache are wiped and replaced with a new ROM, then that leaves one of the other.. what (3 or 4) mounted partitions that could contain this flag. Maybe the rootfs contains this flag as a byte offset?
Again, what if a partition from a non-testmode device was exported and pushed to a testmode device? Is there a way to compare these other partitions byte for byte between a good and testmode device?
How I wish I was a linux guru right now.... damn you Microsoft!

I found a program called wxHexEdit that seems about right for the job...
It can compare two binary files / images.
I'm currently having a peek at the MISC partition but I don't have a non-testmode copy to compare it with.
If someone could hook me up with an image (mmcblk0p8) from a non-test-mode phone that would be great!

I got out of test mode easy, just csll verizon and get a new phone.

Simple explanation to fix ADB unauthorized device in 'M'

QUESTION: Can someone please explain in simple form how to fix the ADB unauthorized issue that has been present since the update to M? The option for removing any current rsa keys is gone from the developer settings. And when you plug your phone in to a new computer it used to pop up a notification that would let you accept the rsa key. None of this is working any more. I cant believe that it is not a bigger issue and I have spent a few hours over a few days looking for a solution so if I have missed it, I am sorry. I have read a few things that say that google has just removed the ability to use adb and one post even explaining that, what looked to me to be a prop file variable, needed to be changed from 0 to 1, or vise versa, but didnt explain where the variable was. I dont see anything that I am confident with in the build.prop. Thanks. Please explain so that anyone will be able to overcome this issue, or point to a link.

Are you talking about the option to "Revoke USB debugging authorisations" under Developer options? It's there, at least on my N6 running stock 6.0.1 MMB29V... And I just tried to ADB to my device and the popup for the authorisation came up on the phone, just as it should.
I think you have some other problem going on.

Are you running the latest adb/fastboot tools on your PC?

Article showing removal of ADB
stevemw said:
Are you running the latest adb/fastboot tools on your PC?
Click to expand...
Click to collapse
Yes I am, I always use the one directly from the 'platform-tools' directory in the SDK. Another thing is I have read multiple articles that actually state that Google has removed the adb functionality in marshmallow... I don't get it. I even went from stock G.E. to CM an its exact same problem. Not to mention now I am dealing bwith the fact that the nethunter kernel isn't compatible with the CM build for Nexus... What!? Anyone can enlighten me on that subject I would love to know that as well... LoL. Here is link to one of the ADB articles though.
Tekto-kodi.com/kodi-news/marshmallow-android-6-removes-adb/

I looked at your link and the links provided in that article. The only thing I can read from those is that the ability to run ADB from your phone, i.e. from the terminal emulator (not your PC) has been removed. Are you trying to run ADB from your phone or your PC (I was under the impression that you're using your PC, but I have to ask)?
As I stated before, ADB from my PC to my N6 works just fine with Marshmallow (6.0.1 MMB29V).
You say that you use ADB directly from "platform-tools", but you don't say if you've updated the tools from the SDK-manager.