Hi everyone,
I was one of the early "plungers" for the XZ1c, so I unlocked my bootloader without any TA key backup, flashed Oreo (47.1.A.12.145), and got by with Xperifix. But now I want to upgrade to Pie for a plethora of reasons (e.g. development).
I did a bit of reading here and there, and I came up with a set of steps for me to follow (and maybe anyone else who wants to attempt the same). Please do correct me if I'm wrong, and risk a brick:
Method A:
Backup all my stuff (a combination of manually, TitaniumBackup, Google, Sony)
Download the official stock firmware for Pie (47.2.A.10.45) via Xperifirm.
Flash Pie with a full format, to prevent any instabilities from apps.
Flash j4nn's bootloader unlock hide kernel to get root + Magisk (v18.1).
Restore backups.
Method b:
Backup all my stuff (a combination of manually, TitaniumBackup, Google, Sony)
Download the latest firmware and kernel for Pie (47.2.A.8.24) from janjan's thread.
Flash Pie with a full format, to prevent any instabilities from apps.
Flash janjan's kernel to get root + Magisk (v?).
Restore backups.
I'm leaning towards method A, as it'll be a newer version of Pie, but I do have some questions I couldn't manage to find a clear answer for:
Will Google Pay work with either method? This is kind of a deal breaker for me, as contactless payments are prevalent in my region.
Is there a reason to use Newflasher over Flashtool? I had used Flashtool for my XZ1c (even before they added official support in 0.9.24.3).
Does the gimmicky slo-mo video camera feature still work?
Is it possible to get TWRP with j4nn's method?
@TheFuzzy, concerning janjan's kernel, there is no drmfix included in pie releases, so that kernel seems to be only somehow tuned stock kernel.
My kernel releases are stock identical, no tuning at all, the only difference to stock is the kernel patch to hide bootloader unlocked state.
I believe this is a great benefit even in case of lost drm keys, if you need to use google pay or such apps. And yes, by following alternate use guide, my kernel can be flashed and used with twrp.
As tested by @russel5 (with some help and ideas from me), google pay now seems to use Android Attest Key (as I've expected long ago to happen) to truly detect bootloader unlock state.
In case you have Android Attest Key _working_ (see here to find out), even my kernel would not help to hide bootloader unlock (you can test that with the linked Auditor app even while running my kernel).
Destroying Android Attest Key seems to help to make google pay working as tested by russel5 - I did not test that myself, but @russel5 might confirm (thanks again for your testing and your finds, russel5).
But it seems to be irreversible change - we might still try to do some backup and restore tests...
@j4nn Thanks for the info! It is a bit confusing to keep up with the differences between the different methods.
I used your bootloader with 47.2.A.10.45, and it works like a charm.
I flashed your kernel directly as I'm not interested in FOTA. I've not tried to flash TWRP as I was afraid it might break the bootloader hide unlock patch (unless there is a specific order to follow, i.e. flashing it over TWRP or vice versa).
I ended up using Newflasher too, as I had read about not flashing the persist.sin file, and it seemed too tricky to do it with Flashtool.
One odd side effect is that I required the patched kernel to be flashed instead of booted from via adb, otherwise the device would boot loop and boot with the stock kernel instead.
I wasn't able to use your patched Auditor app as I don't have another phone at Nougat to verify. Indeed, Google Pay did pick up on the bootloader unlock status (maybe because of the Attest Key), but I was able to re-enable it using the SQLite trick mentioned here. My banking apps work fine with MagiskHide, too.
@TheFuzzy, you may use my patched Auditor app just with your single phone, which you like to check your attest key in.
Just install the patched Auditor and scan the QR code available on google play store in the Auditor's screenshots, instead of using a second phone.
That will trigger the verification just fine and then the audit results are simply displayed on the phone.
Related
I'm currently on a stable build of Oxygen OS 5.0.2 Oreo and I was thinking of rooting my phone using Magisk.Most of the guides that I've seen had users root using a nougat based version of OOS or they were on beta. I'll have to unlock the bootloader and flash TWRP but this is where the confusion comes in - Can I root a stable build of OOS? Will I have to switch to beta to root? Also, I'm a little scared about whether this DM-Verity issue will arise or not if I try to root or flash TWRP. So can someone please explain what that Issue really is and will it arise in my case? And if someone can just give me a guide on how to root it, I'll really appreciate it. And are there any known issues which arise after successfully rooting OOS 5.0.2?
No obstacles in rooting stable OOS and no problems should arise after doing it. You just need to make a backup of all your data, unlock bootloader, flash TWRP, flash Magisk and go.
If you trigger dm-verity, tyou have two choices - either ignore it on every reboot or follow a guide about removing it.
anshikohri said:
I'm currently on a stable build of Oxygen OS 5.0.2 Oreo and I was thinking of rooting my phone using Magisk.Most of the guides that I've seen had users root using a nougat based version of OOS or they were on beta. I'll have to unlock the bootloader and flash TWRP but this is where the confusion comes in - Can I root a stable build of OOS? Will I have to switch to beta to root? Also, I'm a little scared about whether this DM-Verity issue will arise or not if I try to root or flash TWRP. So can someone please explain what that Issue really is and will it arise in my case? And if someone can just give me a guide on how to root it, I'll really appreciate it. And are there any known issues which arise after successfully rooting OOS 5.0.2?
Click to expand...
Click to collapse
All things that you are mentioning show clearly that you didn't pay attention to all the basic info for rooting a 3/3T.
Why do u need a guide for Oreo, when you have a guide for nougat?
It's exactly the same method.
Also DM verity is just a warning, so why to be scared.
Maybe you should avoid doing something that you don't understand.
Unleashed by my rooted OP3T on 8.0
RASTAVIPER said:
All things that you are mentioning show clearly that you didn't pay attention to all the basic info for rooting a 3/3T.
Why do u need a guide for Oreo, when you have a guide for nougat?
It's exactly the same method.
Also DM verity is just a warning, so why to be scared.
Maybe you should avoid doing something that you don't understand.
Unleashed by my rooted OP3T on 8.0
Click to expand...
Click to collapse
Well I had a Redmi 2 before this and when I tried to root my lineage Os based on oreo with magisk using the same method I used with Nougat, i bricked my device. So that's why i was a little apprehensive. But thank you for your response.
przemcio510 said:
No obstacles in rooting stable OOS and no problems should arise after doing it. You just need to make a backup of all your data, unlock bootloader, flash TWRP, flash Magisk and go.
If you trigger dm-verity, tyou have two choices - either ignore it on every reboot or follow a guide about removing it.
Click to expand...
Click to collapse
Will I run into trouble with xposed or substratum on OOS?
anshikohri said:
Will I run into trouble with xposed or substratum on OOS?
Click to expand...
Click to collapse
No, if you use compatible modules and themes. I had no problems using both on OOS. Please note that if you install Xposed, you won't be able to use SafetyNet protected apps (Android Pay, Pokemon Go, Snapchat (you have to login before installing Xposed to make it work) etc.).
anshikohri said:
Well I had a Redmi 2 before this and when I tried to root my lineage Os based on oreo with magisk using the same method I used with Nougat, i bricked my device.
Click to expand...
Click to collapse
You aren't being specific enough when you say "same method". The general method is often similar. But you will virtually never use the exact same steps when rooting different Android builds (such as Nouget vs. Oreo). In particular, you always need to use updated versions of files for TWRP and Magisk. By definition, the root exploits will change between Android versions. So using old version Magisk is basically asking for a "soft brick". Not a real brick. It usually just means you need to use the correct version Magisk in order to recover. Or at worst, flash recovery image (or restore TWRP backup - which you should always have a backup of the stock ROM before rooting) then root with the proper files. Don't know anything about your old phone - but I'll guess this is what happened (which is a common enough scenario).
Similarly, you should also use the most current version TWRP. Older versions may sometimes work, depending on the situation. But Oreo (vs. Nougat) in particular, TWRP had to be updated to be compatible. Meaning you must use a Oreo-compatible version of TWRP to avoid problems. Short story, use current version TWRP to avoid problems.
Current versions are:
TWRP 3.2.1-0
Magisk v16.0
Also proceed with the knowledge that this device is very hard to brick. Just flashing TWRP and Magisk will not brick it (not a true brick anyway - a "soft" brick is easy to recover from as already described). Just make sure you are using Magisk for the OP3/3T (not some other device) and the risk is virtually zero. Even in the case of a brick, this device has an unbricking tool. Just be sure to take the following precautions:
- Make a TWRP backup of the stock ROM before you flash Magisk (always amazed at how many folks skip this!) or otherwise have the stock recovery image available in case anything happens. Basically always have a backup plan!
- Find the unbrick tool, and again have it available (at least bookmarked) in case you need it.
- Most importantly, read and understand all the steps and concepts before you begin. As another already mentioned, it seems your knowledge about some of the concepts is a bit lacking.
---------- Post added at 10:30 AM ---------- Previous post was at 10:06 AM ----------
anshikohri said:
Most of the guides that I've seen had users root using a nougat based version of OOS or they were on beta.
Click to expand...
Click to collapse
Beta or Stable doesn't matter. I don't know if I've ever seen a root guide specific to the Beta version, so I'm not even sure what you are talking about.
As far as the guides being for Nougat, I've already addressed that above. Basically, everything is the same, except the file versions (use updated TWRP, Magisk) so that is why nobody has bothered posting new guides for every OOS build.
anshikohri said:
Also, I'm a little scared about whether this DM-Verity issue will arise or not if I try to root or flash TWRP.
Click to expand...
Click to collapse
DM-verity is just a warning screen that appears when you reboot or power-on the phone. It will go away and continue to boot normally after 5 seconds, or just press the power button to dismiss the warning.
Once the phone has TWRP and rooted, you will have the DM-verity warning screen. If you like, you can flash a patched boot image, so you don't see the DM-verity warning screen on reboot/power-on.
You will also have a very similar (but separate) warning screen once the bootloader is unlocked. Unlike the DM-verity screen, the bootloader unlocked warning is impossible to be removed. The only way to remove it is to relock the bootloader, which I would strongly warn you not to do on a modified (TWRP and root) device! The bootloader unlock warning screen is just something you live with if you are rooted (just wait the 5 seconds or press the power button to skip it).
There is also the unlikely event that DM-verity will outright prevent the OS from booting. But this shouldn't happen just from flashing TWRP and Magisk (at least not if you've done it properly). Even if this happens, just restore your TWRP backup, or flash recovery image, and start over - checking what you did (cause you probably did something wrong).
anshikohri said:
And are there any known issues which arise after successfully rooting OOS 5.0.2?
Click to expand...
Click to collapse
This is so vague, as to make it hard to figure out what you are even asking.
In short, No.
Long answer: Some apps will not work with root, such as banking apps and Netflix. But the Magisk "Hide" feature should work to conceal root and make these apps work. It's a whole topic in itself, so read up in existing threads if this applies to you, and you want more info.
Other than that, there isn't anything with Magisk root that I would consider an "issue" and make me want to unroot.
redpoint73 said:
You aren't being specific enough when you say "same method". The general method is often similar. But you will virtually never use the exact same steps when rooting different Android builds (such as Nouget vs. Oreo). In particular, you always need to use updated versions of files for TWRP and Magisk. By definition, the root exploits will change between Android versions. So using old version Magisk is basically asking for a "soft brick". Not a real brick. It usually just means you need to use the correct version Magisk in order to recover. Or at worst, flash recovery image (or restore TWRP backup - which you should always have a backup of the stock ROM before rooting) then root with the proper files. Don't know anything about your old phone - but I'll guess this is what happened (which is a common enough scenario).
Similarly, you should also use the most current version TWRP. Older versions may sometimes work, depending on the situation. But Oreo (vs. Nougat) in particular, TWRP had to be updated to be compatible. Meaning you must use a Oreo-compatible version of TWRP to avoid problems. Short story, use current version TWRP to avoid problems.
Current versions are:
TWRP 3.2.1-0
Magisk v16.0
Also proceed with the knowledge that this device is very hard to brick. Just flashing TWRP and Magisk will not brick it (not a true brick anyway - a "soft" brick is easy to recover from as already described). Just make sure you are using Magisk for the OP3/3T (not some other device) and the risk is virtually zero. Even in the case of a brick, this device has an unbricking tool. Just be sure to take the following precautions:
- Make a TWRP backup of the stock ROM before you flash Magisk (always amazed at how many folks skip this!) or otherwise have the stock recovery image available in case anything happens. Basically always have a backup plan!
- Find the unbrick tool, and again have it available (at least bookmarked) in case you need it.
- Most importantly, read and understand all the steps and concepts before you begin. As another already mentioned, it seems your knowledge about some of the concepts is a bit lacking.
---------- Post added at 10:30 AM ---------- Previous post was at 10:06 AM ----------
Beta or Stable doesn't matter. I don't know if I've ever seen a root guide specific to the Beta version, so I'm not even sure what you are talking about.
As far as the guides being for Nougat, I've already addressed that above. Basically, everything is the same, except the file versions (use updated TWRP, Magisk) so that is why nobody has bothered posting new guides for every OOS build.
DM-verity is just a warning screen that appears when you reboot or power-on the phone. It will go away and continue to boot normally after 5 seconds, or just press the power button to dismiss the warning.
Once the phone has TWRP and rooted, you will have the DM-verity warning screen. If you like, you can flash a patched boot image, so you don't see the DM-verity warning screen on reboot/power-on.
You will also have a very similar (but separate) warning screen once the bootloader is unlocked. Unlike the DM-verity screen, the bootloader unlocked warning is impossible to be removed. The only way to remove it is to relock the bootloader, which I would strongly warn you not to do on a modified (TWRP and root) device! The bootloader unlock warning screen is just something you live with if you are rooted (just wait the 5 seconds or press the power button to skip it).
There is also the unlikely event that DM-verity will outright prevent the OS from booting. But this shouldn't happen just from flashing TWRP and Magisk (at least not if you've done it properly). Even if this happens, just restore your TWRP backup, or flash recovery image, and start over - checking what you did (cause you probably did something wrong).
This is so vague, as to make it hard to figure out what you are even asking.
In short, No.
Long answer: Some apps will not work with root, such as banking apps and Netflix. But the Magisk "Hide" feature should work to conceal root and make these apps work. It's a whole topic in itself, so read up in existing threads if this applies to you, and you want more info.
Other than that, there isn't anything with Magisk root that I would consider an "issue" and make me want to unroot.
Click to expand...
Click to collapse
That certainly cleared all my doubts and my inhibitions. Thank you so much for taking the time to address my questions.
anshikohri said:
That certainly cleared all my doubts and my inhibitions. Thank you so much for taking the time to address my questions.
Click to expand...
Click to collapse
You're certainly welcome. There is a "Thanks" button you can click for any posts that you found helpful, if you care to do so.
And a constructive criticism on forum etiquette: please don't quote a whole huge long post, like you did for my response. I know it's the default when responding to include a quote. But simply delete what isn't directly relevant (maybe keep a few lines, as appropriate) in the interest of keeping the forum free of clutter; and avoid folks have having to scroll down a whole screen/page which is just my post in duplicate. You can still edit the previous post, if you like.
Good luck on rooting. I'm sure it will go fine. Welcome to the dark side.
redpoint73 said:
And a constructive criticism on forum etiquette: please don't quote a whole huge long post, like you did for my response. I know it's the default when responding to include a quote. But simply delete what isn't directly relevant (maybe keep a few lines, as appropriate) in the interest of keeping the forum free of clutter; and avoid folks have having to scroll down a whole screen/page which is just my post in duplicate. You can still edit the previous post, if you like.
As you can see, I'm new to this, so forgive me. I'll keep this in mind the next time I post something and Thank You for your advise and your help.
Click to expand...
Click to collapse
redpoint73 said:
You aren't being specific enough when you say "same method". The general method is often similar. But you will virtually never use the exact same steps when rooting different Android builds (such as Nouget vs. Oreo). In particular, you always need to use updated versions of files for TWRP and Magisk. By definition, the root exploits will change between Android versions. So using old version Magisk is basically asking for a "soft brick". Not a real brick. It usually just means you need to use the correct version Magisk in order to recover. Or at worst, flash recovery image (or restore TWRP backup - which you should always have a backup of the stock ROM before rooting) then root with the proper files. Don't know anything about your old phone - but I'll guess this is what happened (which is a common enough scenario).
Similarly, you should also use the most current version TWRP. Older versions may sometimes work, depending on the situation. But Oreo (vs. Nougat) in particular, TWRP had to be updated to be compatible. Meaning you must use a Oreo-compatible version of TWRP to avoid problems. Short story, use current version TWRP to avoid problems.
Current versions are:
TWRP 3.2.1-0
Magisk v16.0
Also proceed with the knowledge that this device is very hard to brick. Just flashing TWRP and Magisk will not brick it (not a true brick anyway - a "soft" brick is easy to recover from as already described). Just make sure you are using Magisk for the OP3/3T (not some other device) and the risk is virtually zero. Even in the case of a brick, this device has an unbricking tool. Just be sure to take the following precautions:
- Make a TWRP backup of the stock ROM before you flash Magisk (always amazed at how many folks skip this!) or otherwise have the stock recovery image available in case anything happens. Basically always have a backup plan!
- Find the unbrick tool, and again have it available (at least bookmarked) in case you need it.
- Most importantly, read and understand all the steps and concepts before you begin. As another already mentioned, it seems your knowledge about some of the concepts is a bit lacking.
---------- Post added at 10:30 AM ---------- Previous post was at 10:06 AM ----------
Beta or Stable doesn't matter. I don't know if I've ever seen a root guide specific to the Beta version, so I'm not even sure what you are talking about.
As far as the guides being for Nougat, I've already addressed that above. Basically, everything is the same, except the file versions (use updated TWRP, Magisk) so that is why nobody has bothered posting new guides for every OOS build.
DM-verity is just a warning screen that appears when you reboot or power-on the phone. It will go away and continue to boot normally after 5 seconds, or just press the power button to dismiss the warning.
Once the phone has TWRP and rooted, you will have the DM-verity warning screen. If you like, you can flash a patched boot image, so you don't see the DM-verity warning screen on reboot/power-on.
You will also have a very similar (but separate) warning screen once the bootloader is unlocked. Unlike the DM-verity screen, the bootloader unlocked warning is impossible to be removed. The only way to remove it is to relock the bootloader, which I would strongly warn you not to do on a modified (TWRP and root) device! The bootloader unlock warning screen is just something you live with if you are rooted (just wait the 5 seconds or press the power button to skip it).
There is also the unlikely event that DM-verity will outright prevent the OS from booting. But this shouldn't happen just from flashing TWRP and Magisk (at least not if you've done it properly). Even if this happens, just restore your TWRP backup, or flash recovery image, and start over - checking what you did (cause you probably did something wrong).
This is so vague, as to make it hard to figure out what you are even asking.
In short, No.
Long answer: Some apps will not work with root, such as banking apps and Netflix. But the Magisk "Hide" feature should work to conceal root and make these apps work. It's a whole topic in itself, so read up in existing threads if this applies to you, and you want more info.
Other than that, there isn't anything with Magisk root that I would consider an "issue" and make me want to unroot.
Click to expand...
Click to collapse
Hi my oneplus 3t is on Oreo 5.0.2. I flashed twrp recovery nd super su root but when I restarted the phone it's stuck on black screen with white oneplus logo.what should I do now?my phone is going into twrp recovery
Should I flash stock oos 5.0.2 from twrp recovery? Pls guide
mannulko said:
Hi my oneplus 3t is on Oreo 5.0.2. I flashed twrp recovery nd super su root but when I restarted the phone it's stuck on black screen with white oneplus logo.what should I do now?my phone is going into twrp recovery
Should I flash stock oos 5.0.2 from twrp recovery? Pls guide
Click to expand...
Click to collapse
Please don't include page-long quotes in your post. For that matter, don't quote my posts at all, if you aren't going to refer to it, or read it.
And please only post your problem to one thread, per forum rules. It will be answered. Making more posts, will NOT get your question answered any faster. It will just confuse those trying to help you, and confuse you; jumping around to 4 different threads.
Hi,
I am very new to this android world so my queries might feel stupid. Actually i m here after 3 years and that is very long period in this world. I know about rooting(super Su), bootloader and recovery (stock,CM and TWRP) . Recently read about Magisk and got some queries. Hope you will help me out. These are not device specific but need to learn.
What i read/study i found these readings...
1. Magisk roots device systemlessly (does not touch system partition) so one can get OTA updates easily.
2.To install and run Magisk one needs to unlock the bootloader .
3.(Device Specific) My redmi MI Flash tool says,If you unlock the bootloader , you wont get OTA updates.
4.I have previously rooted my galaxy Y and uninstalled system apps. If i delete sys apps from magisk,still can we say that we are not touching system.
So all statements are true? or some? or none ?
Here my device is redmi 3s (6.0.1- MIUI 9.6.1.0 Global Stable).All these queries are just in relation to OTA system updates. Nothing related to warranty.
Thanking You
Yes.
Yes.
Don't know about Xiaomi, but I've never had issues with OTA on a device with an unlocked bootloader (I've mainly used different Google and Oneplus devices). Someone with a Xiaomi is gonna have to chime in on this one.
As long as you use Magisk's debloating feature of replacing files or directories with empty ones, you're good. The actual /system partition won't be touched. Use a module like the Debloater module by @veez21, or make a debloater module yourself.
Didgeridoohan said:
Don't know about Xiaomi, but I've never had issues with OTA on a device with an unlocked bootloader (I've mainly used different Google and Oneplus devices). Someone with a Xiaomi is gonna have to chime in on this one.
Click to expand...
Click to collapse
Ahh, Thank You.
You get OTA system updates for your STOCK ROM ?
inwell said:
Ahh, Thank You.
You get OTA system updates for your STOCK ROM ?
Click to expand...
Click to collapse
Yes. But, having both Magisk and a custom recovery (an OTA won't install with a modified boot image and a custom recovery installed) I always find it easier to download the update and flash it manually. But, like I said, I have no idea if this is true for Xiaomi.
1. Ok. i also heared that when you update your device,you lose root...not true ? Or you need to root again ?
2.In normal stock device,we get update notification and we downlaod then restart (as per convenience)device to update.
If i remove some system apps from my rooted device and unroot the device,manage to get stock recovery back ,will the OTA update system treat my device as Stock-untouched? And install updates just as stock device will do ?
3. Is boot.img and bootloader are same things? Coz i read that for re locking boot loader you need to flash boot.img from stock software. (But Some procedures just use fastboot and relock oem command-they wont use boot.img,dont know why )
I read that unrooting,restoring stock recovery and locking bootloader again is more difficult/complicated than the rooting procedure
Some one should come up with solution just like Windows Restore .If you want to go back to everything STOCK,just use that feature same as done to Restore Windows in its previous state.
Any update that also updates the boot image (which means pretty much all) will remove root. But, that's just a simple case of reflashing Magisk right after applying the update.
If you've touched /system in any way, removing system apps or even just mounting the /system partition read-write, an OTA will fail. To be able update with an OTA your /system and /vendor partitions need to be untouched and you need to have the stock boot image and stock recovery installed. If your device doesn't conform to this the OTA will fail.
Boot image and bootloader are not the same thing. That you can read up on all over the internet, so I won't go into details. If you have done any kind of modifications on your device, I suggest you leave your bootloader unlocked. It's to easy to mess things up otherwise.
Going back to full stock is usually just a matter of flashing a full factory image/firmware package/stock ROM. Quite easy... Of course, some manufacturers make it harder than others.
Didgeridoohan said:
Boot image and bootloader are not the same thing. That you can read up on all over the internet, so I won't go into details. If you have done any kind of modifications on your device, I suggest you leave your bootloader unlocked. It's to easy to mess things up otherwise.
Click to expand...
Click to collapse
Ok. As you say the two are different , but can you explain in simple words (terms) that how they both are related/linked/connected? Coz as i read some forums/posts i get to read
1. To relock/lock bootloader you need to flash boot.img which suggests these (terms) are linked/connected.
2. but same time some forums/post suggest no img file flashing but just a fastboot command(s) to relock bootloader. In this case it seems they are not linked/connected.
And if the above 2 statements are true and device specific then how the bootloader and boot image are linked and not linked in diff devices? what changes are made so that in some cases these are linked and in some not
Sorry for asking too much. But you were really very kind to help me out.Thank you once again
I'm not 100% accurate (and someone will hopefully come I'm and correct me if needed), but basically the bootloader checks that everything is alright and then starts up your device. After that the boot image (ramdisk and kernel) takes over. Ramdisk basically makes sure all the partitions are mounted, and the kernel is exactly what it sounds like. The core of the OS, making sure that everything is working as it should.
This is of course a huge over-simplification, so if you want more you'll have to search around (and there are tons of resources around the web).
The main reason I can think of right at the moment for wanting to flash a boot image before locking the bootloader is that it's generally a good idea to have your device fully stock and functional before doing so. After you've locked the bootloader there might not be any going back if things start acting up and you could end up with a nice paperweight.
Questions are good. That's how you learn. I do believe that you'd be much better of searching around the internet for your answers. They've been put out there many, many times.
Ok.Thank you very much.I will learn more ...
Hi,
about 2 years ago I rooted my S2 Galaxy Tab (T719) and now I would like to upgrade from Android 6.0.1 to Android version to 7 or 8. I have googled for instructions on how to upgrade a rooted S2 Tab but did not find anything useful (most info is on OTA upgrades which no longer works on rooted devices). Could someone please post step-by-step instructions (please bear in mind that I only ever deal with this kind of thing once every 2-3 years so I do not have much experience). I have TWRP v 3.0.2 installed (do I need to update this as well?) and the tablet is not encrypted (so hopefully I won't have to wipe the system partition and re-install all the app?!?). Thanks.
I also noticed that there is now a huge variety of ROMs out there. How can one know which ones are trustworthy? The main reason I rooted the tablet was to be able to increase privacy (control app permissions with XPrivacy). So I do not want to install some custom ROM that maybe contains spyware or other compromising features. Any advice on this would be greatly appreciated. Given my motivation (privacy) for rooting, would it maybe be better to go back to Stock ROMs (i.e. non rooted) and simply control web access via netguard (by preventing net access for some apps, they may still spy on my contacts, location, or email but cannot phone home to transmit the information)? At least I would still get OTA updates because being excluded from the OTA channel also poses a security risk in itself I suppose. Ok so any advice would be appreciated.
Thank you in advance!
There is no official Android 8 for our device. If you want 8 or 9 you have to install a custom ROM like LuK1337's LineageOS port. It is as safe as LineageOS is by itself on any device. Only problem you might have then is that calling is not possible anymore for now, but LTE works. If you want to use LOS, you HAVE to format data because it's not compatible at all. If you wanna stay on official Android you might keep it. Installing is done by flashing the official firmware with the correct country code over Odin. This will remove TWRP at first so you have to reflash it by Odin afterwards. For firmware download I always use: https://forum.xda-developers.com/galaxy-tab-s/general/tool-samfirm-samsung-firmware-t2988647 and Odin is found by google. If you wanna got the way to LOS you have to do all the steps I mentioned before too anyways to have a recent Modem firmware and bootloader. In that case you just have to flash LOS and OpenGAPPS by TWRP and delete /data aka Factory reset.
Regardless what you do, after ODIN is done, you HAVE TO boot into TWRP immediately to keep it from being removed by official firmware. While you are in there anyways you can install magisk to keep it from encrypting /data
Many thanks emuandco. So I guess I will stick with the Android 7 as I do not want to reformat the tablet and reinstall all the apps. I have started to download the Android 7 stock ROM, but it is taking quite long so in the meantime just to confirm, the steps to follow are:
1- use odin to flash the stock ROM (no steps required prior to this? I simply overwrite the existing ROM? I suppose that I will loose root then and need to re-root the device using the standard procedure as explained here: http://www.samsungsfour.com/tutoria...nougat-7-0-using-cf-auto-root-all-models.html ?)
2- use odin to flash TWRP (I will need the newest version I guess and cannot use the same as for Android 6?)
3- boot into recovery mode to ensure that TWRP does not get overwritten
4- done
Is this correct? Do I then need to reinstall Xposed, SuperSU and Xprivacy or will they be preserved?
Thanks again!
P.S.: BTW, I also found these instructions: https://forum.xda-developers.com/tab-s2/development/twrp-3-0-2-1-galaxy-tab-s22016-sm-t713-t3390627 which are slightly different from http://www.samsungsfour.com/tutoria...nougat-7-0-using-cf-auto-root-all-models.html and require a wipe of the data partition. Does this mean that for an update to Android 7 I definitely do need to wipe the data partition? If this is the case then this would be a major disadvantage of rooting in the first place and maybe I simply flash the stock ROM and do not root at all but go the "netguard" route as mentioned in my original message?
I never used the official Firmware that much. Fist thing I did was going on LuK1337's nerves to get a port of LOS for it up and running So no clue if Samsung manages to keep /data but I guess so. Yeah, looks fine what you list there. You COMPLETELY overwrite ANY modification in kernel or /system, so reflash your mods and root (Magisk). I always recommend to uase the MOST recent TWRP. (https://dl.twrp.me/gts28velte/ should be it in your case).
Ah and looking at your manuals... Check OEM unlock just to be rather safe than sorry if things go mad.
emuandco said:
I never used the official Firmware that much. Fist thing I did was going on LuK1337's nerves to get a port of LOS for it up and running So no clue if Samsung manages to keep /data but I guess so. Yeah, looks fine what you list there. You COMPLETELY overwrite ANY modification in kernel or /system, so reflash your mods and root (Magisk). I always recommend to uase the MOST recent TWRP. (https://dl.twrp.me/gts28velte/ should be it in your case).
Ah and looking at your manuals... Check OEM unlock just to be rather safe than sorry if things go mad.
Click to expand...
Click to collapse
Deleted
Anyone know a secure procedure and a custom recovery compatible?
marte66 said:
Anyone know a secure procedure and a custom recovery compatible?
Click to expand...
Click to collapse
We don't have TWRP yet, it's not officially out yet for any G7 models and I don't know when ours may be.
Root your G7 with Magisk
I noticed this method without using TWRP on the G7 XDA forum but haven't tried it, and you must unlock the bootloader first. Apparently it's working for a few G7 users so it should on G7+ too if the correct boot.img is used (for G7+/'lake' not G7/'river') according to your release channel. You still wouldn't have a custom recovery but could install Adaway, Magisk modules, and gain full access to the file system.
EDIT:
If anyone tries this method please report back, and don't forget to unlock the bootloader first and use the Lake/G7 Plus firmware from lolinet. No one has reported it not working but only a handful have used it afaik. I'm on RETLA w/Dec security patch so would rather wait until OTA updated and then I might try it because it would give me everything I need from root except nandroid backups and installing ROMs (of which there aren't any yet). I have my unlock code ready to go and have the needed boot.img from my channel-specific firmware but remain fully stock.
The instructions aren't that detailed but I found you can install Magisk Manager as an apk, open it and when you tap on Install Magisk 18.1 (which isn't installed yet) it also gives the option to "patch boot.img" (which I didn't select but assume it'll let you navigate to where you put the one from firmware & not alter the currently booted partition). When finished you put/copy that altered one on your pc (preferably in your Fastboot/ABD folder) and fastboot flash it, then reboot and you should be rooted in Magisk.
EDIT #2:
Tried it, it works!
I would like to try this also, however I've already updated to PPW29.98-66 (RETEU) and there is no firmware for this version and channel on lolinet.
Any idea where I can find it or when it will be available?
washoq said:
I would like to try this also, however I've already updated to PPW29.98-66 (RETEU) and there is no firmware for this version and channel on lolinet.
Any idea where I can find it or when it will be available?
Click to expand...
Click to collapse
If someone on your channel could capture their PPW29.98-66 OTA before installing, otherwise I think you'd have to wait until it appears on lolinet or Motorola's site, or we get TWRP. I realized I'd be in the same boat because my current firmware was also the only one so far on lolinet, so I decided to go ahead because I'd only get January's security patch (on Dec now) and still be a few months behind anyway.
Having done it I can say that Magisk Manager does let you navigate to the stock boot.img file after offering to patch it, then it goes through the same familiar steps as when installing in TWRP, and at the end tells you it's in your Download folder with the name patched_boot.img. After transferring to my pc I renamed it to boot.img and just manually typed in the fastboot flash boot command.
I also want to repeat that although rooted there's still no custom recovery/TWRP so you can't do nandroid backups, and now when my channel's OTA comes along I'll have to disable Magisk & flash back to my original boot.img before taking it, which I hope works but it should. It's great being rooted though on G7+ with Adaway and Youtube vanced background play, also Root Explorer to change my boot animation or debloat or whatever.
Dahenjo said:
If someone on your channel could capture their PPW29.98-66 OTA before installing, otherwise I think you'd have to wait until it appears on lolinet or Motorola's site, or we get TWRP. I realized I'd be in the same boat because my current firmware was also the only one so far on lolinet, so I decided to go ahead because I'd only get January's security patch (on Dec now) and still be a few months behind anyway.
Click to expand...
Click to collapse
Yeah, I thought so. Thanks anyway.
washoq said:
I would like to try this also, however I've already updated to PPW29.98-66 (RETEU) and there is no firmware for this version and channel on lolinet.
Any idea where I can find it or when it will be available?
Click to expand...
Click to collapse
I see there is a PPW29.98-66 RETAIL channel firmware on lolinet:
https://mirrors.lolinet.com/firmware/moto/lake/official/RETAIL/
I'm not sure what difference the boot.img would have between them if any, and the RETAIL channel is more a 'generic' type which might be a safer choice than others of the same build version. I know the G5+ debloated ROMs by NZedPred ended up with just one version (instead of by various channels as he did originally) after finding he didn't need to bother, though I believe he did make other changes. He'd be a good one to ask though if you want to PM him.
After I get updated (revert to full stock etc) I may try the RETAIL one to re-root to see if we can use it for this purpose regardless of channel. My 'international model' from Amazon is actually just the RETLA channel since it wasn't released in the US, so I'd almost rather be on the more generic channel if it works.
EDIT:
Did some experimenting, reverted to full stock then successfully tried it again with the boot.img from the RETAIL firmware (which for my version is still PPW29.98-28), so I believe RETAIL could be used for other channels too.
This process worked for me. Moto G7 Plus, International Unlocked version.
This worked for me, XT1965-2, AT&T mexican version. Also, managed to run Substratum, just needed to compile, reboot and activate each time I changed theme.
Well I am on the same Page...
Also my Channel Islands reteu2, I can only find reteu...
My g7pluswas shipped already with a newer Version than available. Anyone tried the retail bootloader?
Alternatively, can we somehow flash the whole "retail" version on this phone?
shaDNfro said:
Well I am on the same Page...
Also my Channel Islands reteu2, I can only find reteu...
My g7 was shipped already with a newer Version than available. Anyone tried the retail bootloader?
Alternatively, can we somehow flash the whole "retail" version on this phone?
Click to expand...
Click to collapse
I assume you have G7 Plus (not G7) with the build number you showed.
To answer your question:
I successfully fastboot flashed the full RETAIL channel PPW29.98-66 firmware a few days ago. I was on RETLA PPW29.98-28 with the December security patch and now have the January patch, and my channel is still shown as RETLA. I used the batch file posted in this thread which worked perfectly. Everything for my XT1965-2 RETLA model is working as it should on the newer RETAIL firmware, but I don't know if your RETEU2 has anything different that could cause issues.
Enforced Verity, Unlocked Bootloader, rooted Lake OPENMX Not working with Google Pay
"Couldn't finish setup to pay in stores
This phone can't be used to pay in stores. This may be because it is rooted or altered in some other way."
Did I screw up by not preserving dm/verity when I patched the boot and if so, is there a way to fix it? Reflash oem rom, reinstall magisk, repatch boot, rereflash new rom with dm/verity preserved?
vvarrior said:
"Couldn't finish setup to pay in stores
This phone can't be used to pay in stores. This may be because it is rooted or altered in some other way."
Did I screw up by not preserving dm/verity when I patched the boot and if so, is there a way to fix it? Reflash oem rom, reinstall magisk, repatch boot, rereflash new rom with dm/verity preserved?
Click to expand...
Click to collapse
I tried everything but its not working stalble for me either.
You can do delete google pay cache+data and google play services cache+data, reboot and then you can configure a payment method (e.g. add credit card). Afterwards I was able to pay exactly one time... next time it refues my card telling me I am not able to pay with that card any more...
(Bye the way, people say the issue might be connected with wifi as well, so I turned off wifi for that procedure I mentioned above)
Anyway I deleted google pay now using my banks own application, which does not detect root using magisk hide
shaDNfro said:
I tried everything but its not working stalble for me either.
You can do delete google pay cache+data and google play services cache+data, reboot and then you can configure a payment method (e.g. add credit card). Afterwards I was able to pay exactly one time... next time it refues my card telling me I am not able to pay with that card any more...
(Bye the way, people say the issue might be connected with wifi as well, so I turned off wifi for that procedure I mentioned above)
Anyway I deleted google pay now using my banks own application, which does not detect root using magisk hide
Click to expand...
Click to collapse
There's a bunch of Google apps that need verity to be enforced I think. I think we need the stock ROM with the stock boot. Maybe the phone has to be rooted to patch the stock boot.img with verity enforced? I'm not sure but I stepped up to the G7 Plus because it finally has NFC so I can use it to pay and it was an unlocked international version that works good with Google Fi (which also needs verity enforced).
Still looking for a solution and will probably just go back to my old phone until I can get Google Fi and Pay working.
Hello,
I have an unlocked bootloader, and SafetyNet 1st test (CTS Props) fails. Have someone found a way to solve this, but without Magisk/root?
I currently have a stock 9.6 version (which is the oldest I could find) installed, but would not mind to flash to any other version, including custom ROMs.. as long as I can make SafetNet works with bootloader unlocked.
On a side note, is there any custom ROM that flashes this phone to Android 6?
Thanks.
(And yes, I already used Search, but they all talk about Magisk).
I have not heard of any other means (for our phone) to hide unlocked bootloader form SafetyNet checking service, except Magisk with "Magisk Hide" option on.
If you are afraid of root: just do not grant root rights to any applications.
If you are afraid to tamper phone, just do not install any Magisk Modules (but, for example, using embedded "Systemless Host" module and a file manager with root rights I can avoid 99% of ads to my phone copying meaningful "hosts" file to /data/adb/modules/hosts/system/etc without tampering system and raising no problems with OTAs);
If you are afraid to loose ability of OTAs, just patch boot.img on phone, thus saving stock /boot image for "uninstalling Magisk", and do not tamper /system.
Note: since March, 2020, security updates Google can bypass Magisk Hide tricks at their will at any moment, and if they enforce this security rule, those who need SafetyNet would be forced to lock phones until Magisk developers could find a way to bypass Google's bypasses. It is like "armor vs shell" big game of XIX century.
If Google goes ahead with what it is considering, most of us will be in despair. In plain words Magisk, as it stands, will be able to hide root but not the unlocked bootloader status. So CTS / device integrity will fail.....
Yes, that's how I see it too. If Google enforces new "unlocked state" checks, those of us who do not want to lock (due to buggy OTAs from Xiaomy) and still want to use MiA2 and SafetyNet, will either have to "freeze" at a stock ROM version tricked to pass checks, or look towards a custom ROM and also freeze it, and thus live without security updates.
Khep said:
Hello,
I have an unlocked bootloader, and SafetyNet 1st test (CTS Props) fails. Have someone found a way to solve this, but without Magisk/root?
I currently have a stock 9.6 version (which is the oldest I could find) installed, but would not mind to flash to any other version, including custom ROMs.. as long as I can make SafetNet works with bootloader unlocked.
On a side note, is there any custom ROM that flashes this phone to Android 6?
Thanks.
(And yes, I already used Search, but they all talk about Magisk).
Click to expand...
Click to collapse
you can not flash android 6
if you dont want root why unlock your bootloader ?
just lock your bootloader using fastboot ( it is silly unless you are going to flash custom stuff )
* if it is to enable camera API2 there are methods without unlocked bootloader
**like others have told yoy and as you have read you can bypass it for now using Magisk
---------- Post added at 10:44 PM ---------- Previous post was at 10:43 PM ----------
Khep said:
Hello,
I have an unlocked bootloader, and SafetyNet 1st test (CTS Props) fails. Have someone found a way to solve this, but without Magisk/root?
I currently have a stock 9.6 version (which is the oldest I could find) installed, but would not mind to flash to any other version, including custom ROMs.. as long as I can make SafetNet works with bootloader unlocked.
On a side note, is there any custom ROM that flashes this phone to Android 6?
Thanks.
(And yes, I already used Search, but they all talk about Magisk).
Click to expand...
Click to collapse
you can not flash android 6
if you dont want root why unlock your bootloader ?
just lock your bootloader using fastboot ( it is silly unless you are going to flash custom stuff )
* if it is to enable camera API2 there are methods without unlocked bootloader
**like others have told yoy and as you have read you can bypass it for now using Magisk
the lowest version you can downgrade to is Oreo ....
Update: With new EdXposed 0.4.6.3 (4537)-YAHFA module for Magisk 20.4 I have fully passing SafetyNet checks under Android 10 again.
Just do not forget to switch on Magisk Hide and include into EdXposedManager BlackList:
- Google Pay Services and Google Pay - mandatory,
- Google Service Framework and Google Play Market - optionally, for future ?,
- Bank apps.
Also do not forget to preliminary uninstall previous EdXposed and Reboot, then update magisk-Riru-core module and Reboot (I have 19.8), then update to latest EdXposedManager app (I have 4.5.7).
This version (4537) is somehow still missing in GitHub, got from here..