Hi,
Here's a method based on a security hole to gain root on the Galaxy Tab 2 7" without heavy flashing by Odin. I've successfuly tested this method on my GT-P3110 running stock Android 4.0.3 on kernel 3.0.8-379370, version IML74K.P3110XXALD4.
The original post by Miloj :good: can be viewed here :
http://forum.xda-developers.com/showthread.php?t=1704209
I've only "translated" the trick from TF300T to our Galaxy Tab. I guess it should work for other devices too... To make short, the goal here is to create a symbolic link from the famous /data/local/tmp to the block device on which /system is mounted. The mount command runned in an ADB shell can give the required information :
$ mount
rootfs / rootfs ro,relatime 0 0
tmpfs /dev tmpfs rw,nosuid,relatime,mode=755 0 0
devpts /dev/pts devpts rw,relatime,mode=600 0 0
proc /proc proc rw,relatime 0 0
sysfs /sys sysfs rw,relatime 0 0
none /acct cgroup rw,relatime,cpuacct 0 0
tmpfs /mnt/asec tmpfs rw,relatime,mode=755,gid=1000 0 0
tmpfs /mnt/obb tmpfs rw,relatime,mode=755,gid=1000 0 0
none /dev/cpuctl cgroup rw,relatime,cpu 0 0
/dev/block/platform/omap/omap_hsmmc.1/by-name/FACTORYFS /system ext4 ro,relatime,barrier=1,data=ordered 0 0
/dev/block/platform/omap/omap_hsmmc.1/by-name/DATAFS /data ext4 rw,nosuid,nodev,noatime,barrier=1,data=ordered,noauto_da_alloc,discard 0 0
/dev/block/platform/omap/omap_hsmmc.1/by-name/CACHE /cache ext4 rw,nosuid,nodev,noatime,barrier=1,nomblk_io_submit,data=ordered 0 0
/dev/block/platform/omap/omap_hsmmc.1/by-name/EFS /efs ext4 rw,relatime,barrier=1,data=ordered 0 0
/sys/kernel/debug /sys/kernel/debug debugfs rw,relatime 0 0
After identifying the block device, refer to the well-explained Miloj post and consider :
Code:
[COLOR="Red"]FOR SAMSUNG GALAXY TAB 2 7" ONLY:[/COLOR]
Code:
$ ln -s /dev/block/platform/omap/omap_hsmmc.1/by-name/FACTORYFS tmp
$ exit
Hope it will help !
after typing what you said all i get is " link failed Read-only file system"
tried on galaxy tab 2 p3100 (stock)
ze0 said:
after typing what you said all i get is " link failed Read-only file system"
tried on galaxy tab 2 p3100 (stock)
Click to expand...
Click to collapse
Well, you must follow Miloj's tutorial http://forum.xda-developers.com/showthread.php?t=1704209 from the start : push the binaries downloaded from http://db.tt/FBUNeVmo to /data/local, run an ADB shell and change directory to /data/local, move tmp to tmp.back then create the symbolic link to the block device with the ln command given in my post for the Galaxy Tab and type (or copy / paste) all the following commands (reboot, shell, clean-up, dirty work, ...) given by Miloj.
I know it's a little rough, I'll try to find some time to script all the stuff or adapt the one click tool quoted in Miloj's post.
Good luck !
yes it worked .awesome man thank you you rock ,now i have root in stock with binary counter value 0
The automated tool
Sparkym3 provides an automated tool for rooting the Transformer TF300T with Miloj method :
http://forum.xda-developers.com/showthread.php?t=1706588
I've modded the tool for the Samsung Galaxy Tab 2 7" (see attached file). Check the link above for the instructions and run the modded version called RootDebugfs_n95.bat instead of the original RootDebugfs.bat.
The original tool includes the Asus USB drivers... I failed to join the Samsung ones to the attached zip, maybe due to an excessive weight (near 19 Mo).
Happy rooting !
Gee, it's already been impossible with ICS4.0.4
Wish I hadn't upraded...
Thanks Nesquick95, I've updated my topic with your informations.
hayatama said:
Gee, it's already been impossible with ICS4.0.4
Wish I hadn't upraded...
Click to expand...
Click to collapse
If the security hole is patched in the 4.0.4 release, you'll get an "access denied" error while executing the "debugfs -w /data/local/tmp" command.
If it's the case, we must look for another rooting trick
Can you please tell which kind of error you get and if it's not the "access denied" one, post the result of a "mount" of your tablet (adb shell mount) ?
First,great job,thank you for your work,now we don't need to worry about warranity.Second,maybe you can help us again,can you please tell us how do we keep root,when upgrading 4.0.4? I know that Transformer tabs have some kind of app,named Root Keeper ,if you flash OTA update,and want to keep root.Maybe we can try something similar for our tab ,or using Mobile Odin maybe?
Thanks again!
Best Regards!
Nesquick95 said:
If the security hole is patched in the 4.0.4 release, you'll get an "access denied" error while executing the "debugfs -w /data/local/tmp" command.
If it's the case, we must look for another rooting trick
Can you please tell which kind of error you get and if it's not the "access denied" one, post the result of a "mount" of your tablet (adb shell mount) ?
Click to expand...
Click to collapse
thanx. if my memory serves, it was an error you mentioned, but i will check it soon.
btw, i've got another updates...
Sent from my GT-P3113 using xda app-developers app
hayatama said:
Gee, it's already been impossible with ICS4.0.4
Wish I hadn't upraded...
Click to expand...
Click to collapse
would you like to test this one?
I'm tested in my P3100 with 4.0.4 and worked
Fz.hary said:
would you like to test this one?
I'm tested in my P3100 with 4.0.4 and worked
Click to expand...
Click to collapse
Thanx, i know it'd work, but i want to root "without" flashing rom.
Sent from my SC-02C using xda app-developers app
Yep,the whole point of this root method it's not to flash unofficial kernel using Odin,because it triggers the counter ,and it will void your warranity.If you root without Odin,than you can use Mobile Odin to flash roms,and you'll have the counter 0 ,so you'll keep your warranity. intact.
Cheers
Nesquick95 said:
Sparkym3 provides an automated tool for rooting the Transformer TF300T with Miloj method :
http://forum.xda-developers.com/showthread.php?t=1706588
I've modded the tool for the Samsung Galaxy Tab 2 7" (see attached file). Check the link above for the instructions and run the modded version called RootDebugfs_n95.bat instead of the original RootDebugfs.bat.
The original tool includes the Asus USB drivers... I failed to join the Samsung ones to the attached zip, maybe due to an excessive weight (near 19 Mo).
Happy rooting !
Click to expand...
Click to collapse
So if i use this it will root amid leave tab 2 at 0 on odin
Sent from my Tab 2
photon4glover said:
So if i use this it will root amid leave tab 2 at 0 on odin
Sent from my Tab 2
Click to expand...
Click to collapse
Yes, because this root method exploits a security hole of the tab's software integration and thus doesn't need Odin.
But I'd like to say that this kind of rooting method isn't better or worst than recovery flash...
Recovery flash causes warranty to be broken but is nearly granted to work.
Tricky methods keep warranty alive but have short lifetimes, like the one discussed here that seems to work only on 4.0.3, since providers like Samsung can't leave security holes on their systems and apply patches so the work (find a new trick or write an OTA-rootkeeper) must be done each time an update is released.
Man so no method like this forv4.04
Sent from my Tab 2
photon4glover said:
Man so no method like this forv4.04
Sent from my Tab 2
Click to expand...
Click to collapse
Haven't got 4.0.4 myself so it's hard for me to say...
An unsuccessful try on 4.0.4 is reported here and hole patching by Samsung is strongly suspected.
Well, it's always the same never-ending rooting story : flashing & losing warranty or waiting for a rooting exploit that may never be found & keeping warranty alive.
May I ask how 4.0.4 comes to our tabs ? Is it regular OTA or alternative ROM flashing ? I'm on stock 4.0.3, rooted but not unlocked and have no signs of an OTA update coming.
4.0.4 is available from kies only [p3100] No OTA update
Nesquick95 said:
Haven't got 4.0.4 myself so it's hard for me to say...
An unsuccessful try on 4.0.4 is reported here and hole patching by Samsung is strongly suspected.
Well, it's always the same never-ending rooting story : flashing & losing warranty or waiting for a rooting exploit that may never be found & keeping warranty alive.
May I ask how 4.0.4 comes to our tabs ? Is it regular OTA or alternative ROM flashing ? I'm on stock 4.0.3, rooted but not unlocked and have no signs of an OTA update coming.
Click to expand...
Click to collapse
Since your alrdy rooted u can flash a recovery via mobile Odin or desktop Odin of your not worried about flash counter. If u guys have a link for your 4.0.4 update ill root and de odex for ya. Or let me know what region the 4.0.4 update is for ill try and find it on samsung firm
Sent from my ADR6425LVW using xda premium
Nesquick95 said:
Haven't got 4.0.4 myself so it's hard for me to say...
An unsuccessful try on 4.0.4 is reported here and hole patching by Samsung is strongly suspected.
Well, it's always the same never-ending rooting story : flashing & losing warranty or waiting for a rooting exploit that may never be found & keeping warranty alive.
May I ask how 4.0.4 comes to our tabs ? Is it regular OTA or alternative ROM flashing ? I'm on stock 4.0.3, rooted but not unlocked and have no signs of an OTA update coming.
Click to expand...
Click to collapse
Mine came OTA, and additional OTA was available (P3113)
Sent from my SC-02C using xda app-developers app
Related
recovery filesystem table
=========================
0 /tmp ramdisk (null) (null) '(null)' 0000 '(null)' 0
1 /efs ext4 /dev/block/mmcblk0p1 (null) '(null)' 0000 '(null)' 0
2 /recovery emmc /dev/block/mmcblk0p2 (null) '(null)' 0000 '(null)' 0
3 /boot emmc /dev/block/mmcblk0p3 (null) '(null)' 0000 '(null)' 0
4 /system ext4 /dev/block/mmcblk0p4 (null) '(null)' 0000 '(null)' 0
5 /cache ext4 /dev/block/mmcblk0p5 (null) '(null)' 0000 '(null)' 0
6 /data ext4 /dev/block/mmcblk0p8 (null) '(null)' 0000 '(null)' -16384
Thanks to Root we're now able to begin our work on ClockworkMod!
I'll be backing up all the partitions and then trying to get something set up.
Regards
How did you manage to get a nice list like that? I had check '/dev/block/' and guess my way through .
That's a little trick
After you've managed once to boot into recovery a nice little file under /cache/recovery called last_log appears
seraphimserapis said:
That's a little trick
After you've managed once to boot into recovery a nice little file under /cache/recovery called last_log appears
Click to expand...
Click to collapse
Nice find and thanks for the share .
Egan said:
Nice find and thanks for the share .
Click to expand...
Click to collapse
you're welcome
Maybe I'm ready the info wrong, but are you sure the file is thrustworthy? It also tells that the device is a P7510.
And that it fails to mount /system to p4
Sent from my GT-P7100 using XDA Premium App
That would be due to the recovery being ripped from that model.
Either way, the holy grail is buried in one of those undefined devices
EDIT: anyone looked at nvflash? You can get it to boot into apx mode by holding VOL-UP / VOL-DOWN when powered off. Too low-level?
the problem is currently only, that we can't get sdcard to mount because its a folder that gets created at boot time.
bcmobile said:
EDIT: anyone looked at nvflash?
Click to expand...
Click to collapse
I used it couple of times on my LG Optimus 2X and it is a life safer. You just cant brick your device when you have the proper APX file. IMO it is not too low-level, rather a great option for when you really mess things up.
How does one create such an APX file?
EDIT: APX file is really a ZIP with the nvflash.exe, some DLLs, images (*.img) and config files. You have to extract and run 'nvflash.exe'. Have a dig tonight and see if we can come up with a good nvflash restore image.
EDIT2: There is some BCT file in there which is compiled. Anyone know something about this type of file?
EDIT3: Asked Paul O'Brien on Twitter if he can point me in the right direction. He made the ZIP for the LG Optimus 2X.
Egan said:
EDIT3: Asked Paul O'Brien on Twitter if he can point me in the right direction. He made the ZIP for the LG Optimus 2X.
Click to expand...
Click to collapse
Excellent! Paul is also creating us a forum over at MoDaCo. I hope this means MCR action for the 10.1v!
bcmobile said:
Excellent! Paul is also creating us a forum over at MoDaCo. I hope this means MCR action for the 10.1v!
Click to expand...
Click to collapse
I've found out how the sdcard gets mounted.
There is a executable in /system/bin that gets used on device init.
Will have to figure out how to use it.
seraphimserapis said:
I've found out how the sdcard gets mounted.
There is a executable in /system/bin that gets used on device init.
Will have to figure out how to use it.
Click to expand...
Click to collapse
Isn't that the purpose of bin
Not that I could be of much help I guess but maybe if you told us which.. someone might have an answer...
Sent from my GT-I9000 using XDA Premium App
gjroeleveld said:
Isn't that the purpose of bin
Not that I could be of much help I guess but maybe if you told us which.. someone might have an answer...
Sent from my GT-I9000 using XDA Premium App
Click to expand...
Click to collapse
/system/bin contains all the executables i need to find out how to include this special executable at recovery boot time.
Just thinking, but the fastboot thing could be a really nice feature..
If we partition part of the "SD -card " we could build a multiboot without too much trouble...
Sent from my GT-I9000 using XDA Premium App
seraphimserapis said:
/system/bin contains all the executables i need to find out how to include this special executable at recovery boot time.
Click to expand...
Click to collapse
You might need to use a recovery.zip and execute it from an updater script. Not sure why, but the old CM recovery used to boot to a cut-down menu with the option to "Flash recovery.zip from SD Card", which would then load full CM recovery.
Perhaps it was for the same reason?
I got a viewpad 10 also a tegra II .
I have rooted it an flashed a dump of 3 devicesmixed up together to boot hc on it.
Maybe it is a long shot but it might contain how root and cwm will work.
It hadto be flashed treu nvflash
If you need it i wil share.
Just trying to help
And if you dont need it or you think it is useless noproblem just trying to help.
bcmobile said:
Excellent! Paul is also creating us a forum over at MoDaCo. I hope this means MCR action for the 10.1v!
Click to expand...
Click to collapse
It appears Paul isnt very helpful in this case. I friendly asked him twice via Twitter, but neither got a reply (while he was heavily replying on others). I guess we have to find out some other way or any of you may have a direct link with Paul?
Egan said:
It appears Paul isnt very helpful in this case. I friendly asked him twice via Twitter, but neither got a reply (while he was heavily replying on others). I guess we have to find out some other way or any of you may have a direct link with Paul?
Click to expand...
Click to collapse
I think Paul has lots of other work and devices to support Give him a rest.
seraphimserapis said:
I think Paul has lots of other work and devices to support Give him a rest.
Click to expand...
Click to collapse
I usually give replies like you do now over at Modaco . Maybe I just want to get it going. Still a simple tweet like "sorry can not help you" or "getting back on that" would be nice.
EDIT: I found some more info on how to retrieve the BCT file from the device itself. I'll try things later this week and hopefully have some progress to show by the weekend.
Some more partitions listed in ueventd.p3.rc in the IO tab recovery ramdisk
Code:
# misc partition
/dev/block/mmcblk0p6 0660 system system
# modem partition
/dev/block/mmcblk0p7 0660 system radio
Whe I attempt to root using superoneclick I first get a msg "auto version check failed". I verified my Sprint Hero is running 2.1. I click yes to the question am I using 2.0 or higher.
It continues on until I get "Getting mount path...
rootfs / rootfs ro 0 0
FAILED".
Now what?
Pm.sent
#Root/Hack-Mod_Always*
Nevermind. I was having the same issue, but I use z4root and am no longer having an issue
hello,
i have read on the forums about rooting the stock honeycomb through clockwork mod and fastboot and what not but i have tried everything know to man trying to get that to work, but no dice.
has anyone rooted successfully using SuperOneClick on a dell streak 7 with android 3.2 honeycomb official OTA update?
thanks for the help.
cboulais61 said:
hello,
i have read on the forums about rooting the stock honeycomb through clockwork mod and fastboot and what not but i have tried everything know to man trying to get that to work, but no dice.
has anyone rooted successfully using SuperOneClick on a dell streak 7 with android 3.2 honeycomb official OTA update?
thanks for the help.
Click to expand...
Click to collapse
Yes, with 2.2.2. You have to remember to take out the SD card before you do it though.
Regards,
Hans
Just tried this with the latest 2.3.1 on my Dell Streak 7 4G that came with 3.2 on it. SuperOneClick gets to:
Rooting Device Step #7 Wait for Device - and then hangs
In the output windows I see the following:
Code:
export TEMPRANDOM=92181 export PS1=END:$TEMPRANDOM;cat /data/local/tmp/output mount: permission denied (are you root?) END:92181export PS1="" /data/local/tmp/busybox mount > /data/local/tmp/output 2>&1 export TEMPRANDOM=49649 export PS1=END:$TEMPRANDOM;cat /data/local/tmp/output rootfs on / type rootfs (ro,relatime) tmpfs on /dev type tmpfs (rw,nosuid,relatime,mode=755) devpts on /dev/pts type devpts (rw,relatime,mode=600) proc on /proc type proc (rw,relatime) sysfs on /sys type sysfs (rw,relatime) none on /acct type cgroup (rw,relatime,cpuacct) tmpfs on /mnt/asec type tmpfs (rw,relatime,mode=755,gid=1000) tmpfs on /mnt/obb type tmpfs (rw,relatime,mode=755,gid=1000) none on /dev/cpuctl type cgroup (rw,relatime,cpu) /dev/APP on /system type ext4 (ro,relatime,barrier=1,data=ordered) /dev/UDA on /data type ext3 (rw,nosuid,nodev,noatime,barrier=0,data=writeback) /dev/CAC on /cache type ext3 (rw,nosuid,nodev,noatime,barrier=0,data=writeback) /dev/SDC on /mnt/sdcard type vfat (rw,dirsync,nosuid,nodev,noexec,relatime,uid=1000,gid=1015,fmask=0702,dmask=0702,allow_utime=0020,codepage=cp437,iocharset=iso8859-1,shortname=mixed,utf8,errors=remount-ro) END:49649export PS1="" mount -o rw,remount /dev/APP /system > /data/local/tmp/output 2>&1 export TEMPRANDOM=93079 export PS1=END:$TEMPRANDOM;cat /data/local/tmp/output mount: Operation not permitted END:93079
Any ideas?
All known exploits were patched in Android 3.0.
There have been no known exploits that work on anything newer then that since it was released.
TheManii said:
All known exploits were patched in Android 3.0.
There have been no known exploits that work on anything newer then that since it was released.
Click to expand...
Click to collapse
So back to trying to get drivers for my Streak 7 installed under Win 64 so I can fastboot is pretty much it then, eh?
Looks Confused said:
Yes, with 2.2.2. You have to remember to take out the SD card before you do it though.
Regards,
Hans
Click to expand...
Click to collapse
Fail. He asked for 3.2.
I think you should use the fastboot way
exebreez said:
Fail. He asked for 3.2.
I think you should use the fastboot way
Click to expand...
Click to collapse
Ha. You should be nicer (kidding). I meant SuperOneClick v2.2.2. Which is what I've used to root HC V3.2 a couple of times now. I've done this so I can use one of the application managers to remove some of the factory installed dross in the stock firmware (which I think requires root access).
I'm a bit puzzled about one thing: As mentioned in another post in this thread, there are no known exploits for HC. So, I don't understand how this could be working, unless I'm not really rooting my tablet, or maybe its because the boot loader isn't locked in the first place?
If anyone happens to understand what's going on, I'd be happy to listen.
Regards,
Hans
Looks Confused said:
Ha. You should be nicer (kidding). I meant SuperOneClick v2.2.2. Which is what I've used to root HC V3.2 a couple of times now. I've done this so I can use one of the application managers to remove some of the factory installed dross in the stock firmware (which I think requires root access).
I'm a bit puzzled about one thing: As mentioned in another post in this thread, there are no known exploits for HC. So, I don't understand how this could be working, unless I'm not really rooting my tablet, or maybe its because the boot loader isn't locked in the first place?
If anyone happens to understand what's going on, I'd be happy to listen.
Regards,
Hans
Click to expand...
Click to collapse
So what you are saying is super one click 2.2.2 root DS7 hc 3.2.. I tryed super one click 2.3. Whatever... And it didn't work...
Sent from my Desire HD using XDA App
s14evil said:
So what you are saying is super one click 2.2.2 root DS7 hc 3.2.. I tryed super one click 2.3. Whatever... And it didn't work...
Sent from my Desire HD using XDA App
Click to expand...
Click to collapse
TL;DR: Yes.
I went and double checked. I'm running HC 3.2 on my Streak 7. The latest version of SuperOneClick I have is 2.2, according to the file I downloaded (dunno where I got 2.2.2 from, probably some mental issue).
I enabled USB debugging, took out my SD card, plugged my tablet in, and clicked the "Root" button.
It said my tablet was rooted. I installed "Root Uninstaller" and Superuser asked me if I wanted to grant it root access. I used this to remove Evernote and Kongregate. So, I think it worked.
Regards,
Hans
Looks Confused said:
Ha. You should be nicer (kidding). I meant SuperOneClick v2.2.2. Which is what I've used to root HC V3.2 a couple of times now. I've done this so I can use one of the application managers to remove some of the factory installed dross in the stock firmware (which I think requires root access).
Hans
Click to expand...
Click to collapse
Sorry dude, i didnt read that carefully.
Looks Confused said:
TL;DR: Yes.
I went and double checked. I'm running HC 3.2 on my Streak 7. The latest version of SuperOneClick I have is 2.2, according to the file I downloaded (dunno where I got 2.2.2 from, probably some mental issue).
I enabled USB debugging, took out my SD card, plugged my tablet in, and clicked the "Root" button.
It said my tablet was rooted. I installed "Root Uninstaller" and Superuser asked me if I wanted to grant it root access. I used this to remove Evernote and Kongregate. So, I think it worked.
Regards,
Hans
Click to expand...
Click to collapse
Thanks mate
Sent from my Dell Streak 7 using XDA App
What rom did you have installed? It could have already been rooted.
Also, there's always the possibility that there is a new exploit out that SoC uses that isnt patched. If there is then it will work for the time being. I dont actually read SoCs changelogs.
It COULD get fixed in the next stock rom (dell is still making more updates, they're simply not releasing them as pkgs) though. IF they ever actually decide to release another update OTA
I tried it and it failed so I went about rooting the long way. Took a while but I got it figured out. I would recommend doing the same.
TheManii said:
What rom did you have installed? It could have already been rooted.
Also, there's always the possibility that there is a new exploit out that SoC uses that isnt patched. If there is then it will work for the time being. I dont actually read SoCs changelogs.
It COULD get fixed in the next stock rom (dell is still making more updates, they're simply not releasing them as pkgs) though. IF they ever actually decide to release another update OTA
Click to expand...
Click to collapse
One of the stock HC roms from Dell. The OEM version is: GLUNB1A350630.
I had rooted it before I did the upgrade (with the factory shipped firmware), but after upgrading, Superuser no longer worked. I did a full reset to stock 3.2 (via the recovery menu VOL+ or - (I forget which) while powering on), then did the SuperOneClick rooting procedure.
Regards,
Hans
Instead of trying to use Super one click, Why not just follow this guide. Should have no issues rooting using the following steps. Yes its more than just click and wait, but its not very difficult if you follow the steps to the letter.
http://forum.xda-developers.com/showthread.php?t=1411193
[Guide] Absolute Newbie's Guide to Rooting a Streak 7 that has Stock Honeycomb
Hope this helps someone
Noticed there was not a link to Superuser7.zip on the newbie guide to rooting.. so I'm attaching a link.
http://www.tablet-cables.com/streak/tools/root/Superuser7.zip (Cap in file name required or it won't be found.)
Superuser7.zip
These are git repos for the initramfs that I pulled from the Austria Firmware and the Kernel Source downloaded and reuploaded to github. I'm going to fork and start working on a kernel for when I get the 7.7 myself, but if anyone else wants to start working on it and use them, feel free.
Kernel is still uploading, mistakenly reuploaded the initramfs twice. (Facepalm)
https://github.com/bedwa/P6800-Kernel
https://github.com/bedwa/P6800-initramfs
Enjoy guys!
I have a 6800 device imported from Hong Kong and have been trying to figure out how to port CWM recovery to it. I work as a developer but I haven't looked at this before as I haven't needed to
So far I have rooted the device and had a dig around the filesystem. The partitioning looks similar to the 7 plus:-
179 1 20480 mmcblk0p1 /efs
179 2 1280 mmcblk0p2 /boot
179 3 1280 mmcblk0p3 /mnt/.lfs
179 4 8192 mmcblk0p4
179 5 8192 mmcblk0p5
179 6 8192 mmcblk0p6 / recovery
179 7 204800 mmcblk0p7 /cache
179 8 16384 mmcblk0p8 <radio/modem>
179 9 851968 mmcblk0p9 /system
179 10 13791232 mmcblk0p10 /data
179 11 458752 mmcblk0p11 /preload
179 12 8192 mmcblk0p12
I'm trying to figure out what's in 4,5 and 12.
I have the kernel source code downloaded and buildig and I'm now looking at where to go next. If anyone can post any links to resources on the web which might speed up the process then it would be most appreciated. I don't have a lot of time to spend on this.
Could you "if dd" them and send me a link? I'll be able to find out which is the recovery.img. ;-)
P4 - https://rapidshare.com/files/2298175628/mmcblk0p4.img?bin=1
P5 - https://rapidshare.com/files/2298175628/mmcblk0p4.img?bin=1
P6 - (/recovery) https://rapidshare.com/files/1289796625/recovery.img?bin=1
Let me know what you find and if you don't mind how you went about it. Have got to go and be sociable now
looking in /sys/block/mmbclk0/
gives all the partition info - name,size,ofset, corresponds with pit info from heimdall.
also interested in this
Heres the info (not sure if it helps):
mmcblk0/mmcblk0p4
alignment_ofset 0
discard_alignment 4265607168
inflight 0 0
partition 4
partition_name param
size 16384
start 57344
stat 25 118 1144 0 0 0 0 0 25 40
mmcblk0/mmcblk0p5
alignment_ofset 0
discard_alignment 4257218560
inflight 0 0
partition 5
partition_name kernel
size 16384
start 73728
stat 0 0 0 0 0 0 0 0 0 0
mmcblk0/mmcblk0p6
alignment_ofset 0
discard_alignment 4248829952
inflight 0 0
partition 6
partition_name recovery
size 16384
start 90112
stat 0 0 0 0 0 0 0 0 0 0
mmcblk0/mmcblk0p7
alignment_ofset 0
discard_alignment 4240441344
inflight 0 0
partition 7
partition_name cache
size 409600
start 106496
stat 11 128 20 6 2 64 465 0 280 485
mmcblk0/mmcblk0p8
alignment_ofset 0
discard_alignment 4030726144
inflight 0 0
partition 4
partition_name modem
size 32768
start 516096
stat 58 2560 20944 380 0 0 0 0 330 380
mmcblk0/mmcblk0p9
alignment_ofset 0
discard_alignment 4013948928
inflight 0 0
partition 9
partition_name factoryfs
size 1703936
start 548864
stat 8796 407 701658 31365 0 0 0 0 15540 31325
Thanks - that helps confirm what I had found by digging around and completes the list of partitions.
I have now extracted initramfs from both the runtime and recovery kernels.
Now I need to find time to do some reading on how to port CWM recovery.
Anyone know whats in the param partition?
A quick update....
The partitioning for the 7.7 is very similar to the 7plus.
I have been in contact with the garyd9 who ported CWM to the 7plus and he has given us a few pointers including his github username.
See:-
http://forum.xda-developers.com/showthread.php?p=21717604#post21717604
Interestingly he says that it's likely that the samsung's kernel source release will not have the correct defconfig so we are going to need to tweak it.
The recovery binary gets compiled from the Cyanogenmod sources which are easily obtained.
Unfortunately I'm going to be tied up with my day job for most of this week but will try and look at this again on Friday.
Is there anyone that can keep the ball rolling while I'm busy?
Thanks
Ddraig
I'm getting this one and selling my Note. I'm so excited to see you guys working out of something for P6800 here.
Thanks to all devs in advance!
...........
Dark-Master said:
I'm getting this one and selling my Note. I'm so excited to see you guys working out of something for P6800 here.
Thanks to all devs in advance!
Click to expand...
Click to collapse
+1 here
Anybody want to buy my outdated,used Note?
Hehehe.. well, at least I just *seconds ago* ordered my Tab 7.7 from ebay uk.
Let the modding and ROM flashing begin!
@Lucid what's wrong with your Note..?
Sent from another Galaxy...
Nexus
There is nothing wrong with my Note, it is the best phone I've ever had.
So I went ahead and bought the 7.7 to see if that one is even better. Needs to arrive still.
I intend to use it as a daily phone and will keep it to my ear if needed,
no matter the reactions of other people.
Gadgetwise, I live for myself, not the general public.
I might sell on of them, but history shows I keep all my "old" phones.
I use my galaxy nexus for day to day but since finding out about phoneleash i dont really touch my phone anymore.. check out phone leash if you have two SIMs.. although i guess it can work with GV also..
Sent from another Galaxy...
Tab 7.7
I placed my 7.7 next to my Titan, Sensation and the Galaxy Note today to see how it fares, no way is it practical to put to the ear and it is pretty ridiculous to carry. It's a compact device but not THAT compact. My Kindle Fire was more handy. The bezel is too large.
However, the phone functionality is superb and if one can find an unobtrusive way to carry it, we could finally unify our communication requirements in one device.
lucid said:
There is nothing wrong with my Note, it is the best phone I've ever had.
So I went ahead and bought the 7.7 to see if that one is even better. Needs to arrive still.
I intend to use it as a daily phone and will keep it to my ear if needed,
no matter the reactions of other people.
Gadgetwise, I live for myself, not the general public.
I might sell on of them, but history shows I keep all my "old" phones.
Click to expand...
Click to collapse
monakh said:
.However, the phone functionality is superb and if one can find an unobtrusive way to carry it, we could finally unify our communication requirements in one device.
Click to expand...
Click to collapse
Check out the Samsung HM5000 Bluetooth pen thingy.
Y Ddraig Goch said:
A quick update....
The partitioning for the 7.7 is very similar to the 7plus.
I have been in contact with the garyd9 who ported CWM to the 7plus and he has given us a few pointers including his github username.
See:-
http://forum.xda-developers.com/showthread.php?p=21717604#post21717604
Interestingly he says that it's likely that the samsung's kernel source release will not have the correct defconfig so we are going to need to tweak it.
The recovery binary gets compiled from the Cyanogenmod sources which are easily obtained.
Unfortunately I'm going to be tied up with my day job for most of this week but will try and look at this again on Friday.
Is there anyone that can keep the ball rolling while I'm busy?
Thanks
Ddraig
Click to expand...
Click to collapse
Ddraig - I have been trying to get this get up and running.
So far I have managed to compile a zImage (recovery.img) using pretty much with the default config. Flashed through heimdall
I have used garyd9 recovery_initramfs, used his /sbin folder as is. The rest of the files are taken from the stock gt-6800 ramdisk inc modules. Where necessary make changes to partition entrys.
It boots in to clockworkmod recovery fine. It can mount all partitions but not /cache partition properly. I have checked the path and it seems correct ??
(I can mount via adb but cwm says it cant find it)
I will try building recovery binary at some point but will be busy for some days now.
I can you sent you some of my config files / recovery.img if it helps.
ezynow said:
Ddraig - I have been trying to get this get up and running.
So far I have managed to compile a zImage (recovery.img) using pretty much with the default config. Flashed through heimdall
I have used garyd9 recovery_initramfs, used his /sbin folder as is. The rest of the files are taken from the stock gt-6800 ramdisk inc modules. Where necessary make changes to partition entrys.
It boots in to clockworkmod recovery fine. It can mount all partitions but not /cache partition properly. I have checked the path and it seems correct ??
(I can mount via adb but cwm says it cant find it)
I will try building recovery binary at some point but will be busy for some days now.
I can you sent you some of my config files / recovery.img if it helps.
Click to expand...
Click to collapse
Sounds like you have made some progress with custom recovery, you need to be careful if you are using garyd9 recovery_initramfs on your device, note one i think this for a wifi device being p6210 if you device is a p6800 check all the mounting points as there are some slight differences between wifi and 3g devices. how did you compile your source and make compatible odin file. i'm on a mac and so far i can't get heimdall to work with p6810.
kassemja said:
Sounds like you have made some progress with custom recovery, you need to be careful if you are using garyd9 recovery_initramfs on your device, note one i think this for a wifi device being p6210 if you device is a p6800 check all the mounting points as there are some slight differences between wifi and 3g devices. how did you compile your source and make compatible odin file. i'm on a mac and so far i can't get heimdall to work with p6810.
Click to expand...
Click to collapse
After 2 days of kernel building and insmod, I've finally got a P6810 module to insmod successfully into my stock device. This is the config. It comes from the samsung source (GT-P6810_HC_Opensource) download with some DEBUG params turned off, and the local version set for the Australian DTKL5 firmware. I hope it can help someone avoid some trial and error pain. The p6800 guys may be able to turn off similar debugs and get theirs working. This is not fully tested, if you find other params that need changing please advise.
EDIT: I flashed this kernel to my device and it worked.
Here is more information on the environment.
CodeSourcery toolchain arm-2009q3-67-arm-none-linux-gnueabi.bin
Change the supplied Makefile CROSS_COMPILE to point to installed toolchain (eg, /home/davp/toolchains/arm-2009q3/bin/arm-none-linux-gnueabi-)
Copy the supplied file to .config in the directory where you unpacked the kernel source, then run make
Links http://forum.xda-developers.com/showpost.php?p=21870378&postcount=23 for how to do a basic initramfs to go with the new kernel (the result of this is running a command like: make -j5 CONFIG_INITRAMFS_SOURCE=initramfs_root, and then tar and flash the zImage).
Copy of the .config file (from the kernel directory):
Can you confirm you have suscessfully compiled and flashed a working kernel?
I want to have a crack at custom recovery for the p6810, i'm pretty confident we can getting going using a blend of sources from https://github.com/garyd9/initramfs_recovery_GT-P6210 and our kernel stuff.
davp said:
After 2 days of kernel building and insmod, I've finally got a P6810 module to insmod successfully into my stock device. This is the config. It comes from the samsung source (GT-P6810_HC_Opensource) download with some DEBUG params turned off, and the local version set for the Australian DTKL5 firmware. I hope it can help someone avoid some trial and error pain. The p6800 guys may be able to turn off similar debugs and get theirs working. This is not fully tested, if you find other params that need changing please advise.
Click to expand...
Click to collapse
Oh great - the 7.7 also has binary-only modules?
Freaking Samsung, I thought they were making progress with the I9100/I777 (100% open-source kernels, no proprietary modules).
Good luck bedwa - feel free to browse my github for Exynos tips (although much of it will not directly patch onto HC kernels), garyd9 knows what he's doing too.
Hi all,
I have two Lg Optimus Black. One of them i already use for 6 mounts and i can update or flash it by using SmartFlashTool easily.
Second phone which i bought unfortunately from ebay, when i get it 1 mounth ago, i try to flash it. I done. Then i try to root it,but i couldnt and it bricked.
Now last one mounth i try to flash it again,again,again.. i have always strange problem.. Last rom - which i flashed before try to root- was V20_D..
Now, i try to flash it to v30 or v20 or v10, after finish flashing phone doesnt restart. I take out battery, then put it back. After this,phone geting start..
But, it starting again with V20_D..
When i try to save any contact or changing some settings on the phone, after restart, it start again like factory reset..
I checked on hidden menu (3845#*970#) firt menu VERSION INFO...
SW Version is V20_D but factory version is changing depens on which rom i flashed last..(V10 or V30 or V20)
I checked same thing also on my other P970, this two version is same..
I could do everything easily and properly on other P970..
Do you have any idea? What is the problem ? What can i do ?
ozkanyanik said:
Hi all,
I have two Lg Optimus Black. One of them i already use for 6 mounts and i can update or flash it by using SmartFlashTool easily.
Second phone which i bought unfortunately from ebay, when i get it 1 mounth ago, i try to flash it. I done. Then i try to root it,but i couldnt and it bricked.
Now last one mounth i try to flash it again,again,again.. i have always strange problem.. Last rom - which i flashed before try to root- was V20_D..
Now, i try to flash it to v30 or v20 or v10, after finish flashing phone doesnt restart. I take out battery, then put it back. After this,phone geting start..
But, it starting again with V20_D..
When i try to save any contact or changing some settings on the phone, after restart, it start again like factory reset..
I checked on hidden menu (3845#*970#) firt menu VERSION INFO...
SW Version is V20_D but factory version is changing depens on which rom i flashed last..(V10 or V30 or V20)
I checked same thing also on my other P970, this two version is same..
I could do everything easily and properly on other P970..
Do you have any idea? What is the problem ? What can i do ?
Click to expand...
Click to collapse
first of all you didnt read the rules , post in q\a section , secondly make sure its a p970 not a p970h or ku9500 , if its a p970 download any rooted cwm rom such as this and flash it , then you should be fine
Sorry for rules
rrgrrg said:
first of all you didnt read the rules , post in q\a section , secondly make sure its a p970 not a p970h or ku9500 , if its a p970 download any rooted cwm rom such as this and flash it , then you should be fine
Click to expand...
Click to collapse
Thanks for reply.. Yes you are right, i didnt read the rules. Sory about that..
And second, as i can see under the battery, it is writing P970..
So, it should be P970..
Is there any way else to learn which one it is ?
ozkanyanik said:
Thanks for reply.. Yes you are right, i didnt read the rules. Sory about that..
And second, as i can see under the battery, it is writing P970..
So, it should be P970..
Is there any way else to learn which one it is ?
Click to expand...
Click to collapse
this should be enought
rrgrrg said:
first of all you didnt read the rules , post in q\a section , secondly make sure its a p970 not a p970h or ku9500 , if its a p970 download any rooted cwm rom such as this and flash it , then you should be fine
Click to expand...
Click to collapse
Btw P970 and p970h roms are interchangeable. It doesn't matter if ROM is for Fra, EU (p970) or Mex, Bra (p970h) you can install one from p970 on a p970h and vice versa.
sent from my Optimus Black V28c
Reboot recovery
rrgrrg said:
this should be enought
Click to expand...
Click to collapse
Ok, but how can i reboot recovery now? Phone doesnt boot in recovery mode..
ozkanyanik said:
Ok, but how can i reboot recovery now? Phone doesnt boot in recovery mode..
Click to expand...
Click to collapse
Have you installed ROM manager, and inside ROM manager install alternative recovery then you can reboot in recovery.
sent from my Optimus Black V28c
re4lsk said:
Have you installed ROM manager, and inside ROM manager install alternative recovery then you can reboot in recovery.
sent from my Optimus Black V28c
Click to expand...
Click to collapse
Sorry, but i think you didnt read my main post..
Even i flash any different patched or custom rom , it start again with V20d rom..
I tried on different computer.. i tried to reinstall all usb and other drivers.. I download different SFT and tried with this...
I download different rom and tried with this..
After all, it seems like nothing happens after flashing..
So, when i flash any patched rom now, i can not reach to recovery mode..
And today i notice something else.. After flashing i tried to factory reset from settings menu.. it doesnt work.. I push button but nothing happends.And phone can not return to desktop (home)
ozkanyanik said:
Sorry, but i think you didnt read my main post..
Even i flash any different patched or custom rom , it start again with V20d rom..
I tried on different computer.. i tried to reinstall all usb and other drivers.. I download different SFT and tried with this...
I download different rom and tried with this..
After all, it seems like nothing happens after flashing..
So, when i flash any patched rom now, i can not reach to recovery mode..
And today i notice something else.. After flashing i tried to factory reset from settings menu.. it doesnt work.. I push button but nothing happends.And phone can not return to desktop (home)
Click to expand...
Click to collapse
To me it looks like your phone is read only. Can you please set up adb (one package is in my noob how to) the type: adb shell
Then type: mount
And post the output here.
Either this or the connection between your pc and your phone doesnt work for any other reason...
Sent from my LG-P970 using xda app-developers app
N00BY0815 said:
To me it looks like your phone is read only. Can you please set up adb (one package is in my noob how to) the type: adb shell
Then type: mount
And post the output here.
Either this or the connection between your pc and your phone doesnt work for any other reason...
Sent from my LG-P970 using xda app-developers app
Click to expand...
Click to collapse
$ su
su
su: permission denied
$ mount
mount
rootfs / rootfs ro,relatime 0 0
tmpfs /dev tmpfs rw,relatime,mode=755 0 0
devpts /dev/pts devpts rw,relatime,mode=600 0 0
proc /proc proc rw,relatime 0 0
sysfs /sys sysfs rw,relatime 0 0
none /acct cgroup rw,relatime,cpuacct 0 0
tmpfs /sqlite_stmt_journals tmpfs rw,relatime,size=4096k 0 0
tmpfs /mnt/asec tmpfs rw,relatime,mode=755,gid=1000 0 0
tmpfs /mnt/obb tmpfs rw,relatime,mode=755,gid=1000 0 0
none /dev/cpuctl cgroup rw,relatime,cpu 0 0
/dev/block/mmcblk0p8 /system ext3 ro,nodev,noatime,barrier=0,data=writeback 0 0
/dev/block/mmcblk0p9 /data ext3 rw,nosuid,nodev,relatime,errors=continue,barrier
=0,data=writeback 0 0
/dev/block/mmcblk0p6 /dvp/hwkey ext3 rw,nosuid,nodev,relatime,barrier=1,data=wri
teback 0 0
/dev/block/mmcblk0p6 /dvp/userdata ext3 rw,nosuid,nodev,relatime,barrier=1,data=
writeback 0 0
debugfs /sys/kernel/debug debugfs rw,relatime 0 0
/dev/block/mmcblk0p5 /lgdrm ext3 rw,nosuid,nodev,relatime,errors=continue,barrie
r=0,data=writeback 0 0
$ su
I checked from England LG Service for my P970 by using imei number and serial number.. And the answer is there is no record for this numbers..
They said it can be copy or fake LG optimus black..
Now i am trying to do something on adb server..
But after all commands after i write, phone says read only file system..
I can not wipe all data, or delete something..
((
Hi ozkan can you check your phone on this web site with your imei?
http://csmg.lgmobile.com:9002/csmg/b2c/client/auth_model_check2.jsp?esn=IMEI
Delete IMEI at the last word of the link and write your phone imei on there.And you can see your phone model and latest firmware verion number.If your phone has fake imei you will see nothing.
George Jetson said:
Hi ozkan can you check your phone on this web site with your imei?
http://csmg.lgmobile.com:9002/csmg/b2c/client/auth_model_check2.jsp?esn=IMEI
Delete IMEI at the last word of the link and write your phone imei on there.And you can see your phone model and latest firmware verion number.If your phone has fake imei you will see nothing.
Click to expand...
Click to collapse
Hi George, there is nothing open on the link.. Can you check the link please is it working or not..
ozkanyanik said:
Hi George, there is nothing open on the link.. Can you check the link please is it working or not..
Click to expand...
Click to collapse
Its working i tried it already.
You just have to DELETE the IMEI and INPUT your Phone's Imei Number.
from this
http://csmg.lgmobile.com:9002/csmg/b...2.jsp?esn=IMEI
to this
http://csmg.lgmobile.com:9002/csmg/b...2.jsp?esn=xxxx
Key in your IMEI (the "x" is where u Key in your IMEI)
its 100% working