Database Develop

[2016.10.10] suhide v0.55 [CLOSED]

THIS IS CURRENTLY NOT WORKING
A newer version is available here: https://forum.xda-developers.com/apps/supersu/suhide-lite-t3653855
suhide is an experimental (and officially unsupported) mod for SuperSU that can selectively hide root (the su binary and package name) from other applications.
Pros
- Hides root on a per-app base, no need to globally disable root
- Doesn't need Xposed
- Even supports SuperSU's ancient app compatibility mode (BINDSYSTEMXBIN)
- Passes SafetyNet attestation by default on stock ROMs (last officially tested on 2016.10.07)
Cons
- Ultimately a losing game (see the next few posts)
- No GUI (at the moment) - Unofficial GUI by loserskater
Requirements
- SuperSU v2.78 SR1 or newer (link)
- SuperSU installed in systemless mode
- Android 6.0 or newer
- TWRP (3.0.2 or newer, with access to /data - link!) or FlashFire (link)
Xposed
Xposed is not currently officially supported, but if you want to use it directly, you must be using @topjohnwu 's systemless xposed v86.2 exactly (attached at the bottom). It seems to mostly work during my non-extensive testing, but there are still some performance issues (both boot-time and run-time). Proceed with caution, expect bootloop.
Alternatively, there are some reports that the latest Magisk version + the latest systemless xposed (for Magisk) also works. I have not personally tested this.
CyanogenMod
I've personally tested with CM13 on i9300 without issue, however, several users are reporting it doesn't work for them. Proceed with caution, expect bootloop. Also, aside from just flashing SuperSU, you need to make sure /system/bin/su and /system/xbin/su are removed, or CM's internal root will still be used.
Usage
Install/Upgrade
- Make sure you have the latest SuperSU version flashed in systemless mode
- Make sure you are using the latest TWRP or FlashFire version
- Remove any and all Xposed versions
- If you have been having issues, flash suhide-rm-vX.YY.zip first, and note that your blacklist has been lost.
- Flash the attached suhide-vX.YY.zip
- If you are upgrading from suhide v0.16 or older, reflash SuperSU ZIP, and note that your blacklist has been lost.
- Optionally, flash the Xposed version linked above, and pray
At first install SafetyNet is automatically blacklisted.
If you have just flashed a ROM, it is advised to let it fully boot at least once before installing suhide.
Uninstall
- Flash the attached suhide-rm-vX.YY.zip. The version may appear older, the uninstall script doesn't change very often.
Blacklisting an app
You need the UID (10000 to 99999, usually 10xxx) of the app, which can be tricky to find, or the process name. There may be a GUI for this at some point.
(Note that all commands below need to be executed from a root shell)
If you know the package name, ls -nld /data/data/packagename will show the UID - usually the 3rd column.
Similarly, for running apps, ps -n | grep packagename will also show the UID - usually the 1st column.
Note that the process name is often the same as the package name, but this is not always the case. UID is more reliable for identifying a specific app, and it is also faster than blocking based on process names.
When you know the UID or process name:
Add to blacklist: /su/suhide/add UID or /su/suhide/add processname
Remove from blacklist: /su/suhide/rm UID or /su/suhide/rm processname
List blacklist: /su/suhide/list
All running processes for that UID or process name need to be killed/restarted for su binary hiding. For SuperSU GUI hiding, the device needs to be restarted. I recommend just (soft-)rebooting your device after making any changes.
Please keep in mind that many apps store their rooted state, so you may need to clear their data (and then reboot).
Integration into SuperSU
This mod isn't stable, and probably will never be (see the next few posts). As SuperSU does aim to be stable, I don't think they're a good match. But who knows, it all depends on how things progress on the detection side.
Detections
This mod hides the su binary pretty well, and does a basic job of hiding the SuperSU GUI. The hiding is never perfect, and suhide itself is not undetectable either. This will never be a perfectly working solution.
Debugging bootloops
- Get your device in a booting state
- Make sure you have TWRP or a similar recovery
- Install LiveBoot (link)
- If you are not a LiveBoot Pro user, enable the Freeload option
- Enable the Save logs option
- Recreate the bootloop
- In TWRP, get /cache/liveboot.log , and ZIP+attach it to a post here.
Download
Attached below.
Any rm version should work to uninstall any suhide version.
There may be multiple versions of suhide attached, please look carefully which one you are downloading!
YOU ARE EXPLICITLY NOT ALLOWED TO REDISTRIBUTE THESE FILES
(pre-v0.51: 17410 downloads)

Hiding root: a losing game - rant du jour
Most apps that detect root fall into the payment, banking/investing, corporate security, or (anit cheating) gaming category.
While a lot of apps have their custom root detection routines, with the introduction of SafetyNet the situation for power users has become worse, as developers of those apps can now use a single API to check if the device is not obviously compromised.
SafetyNet is of course developed by Google, which means they can do some tricks that others may not be able to easily do, as they have better platform access and control. In its current incarnation, ultimately the detection routines still run as an unprivileged user and do not yet use information from expected-to-be-secure components such as the bootloader or TPM. In other words, even though they have slightly more access than a 3rd party app, they still have less access than a root app does.
Following from this is that as long as there is someone who is willing to put in the time and effort - and this can become very complex and time consuming very quickly - and SafetyNet keeps their detection routines in the same class, there will in theory always be a way to beat these detections.
While reading that may initially make some of you rejoice, this is in truth a bad thing. As an Android security engineer in Google's employ has stated, they need to "make sure that Android Pay is running on a device that has a well documented set of API’s and a well understood security model".
The problem is that with a rooted device, it is ultimately not possible to guarantee said security model with the current class of SafetyNet tamper detection routines. The cat and mouse game currently being played out - SafetyNet detecting root, someone bypassing it, SafetyNet detecting it again, repeat - only serves to emphasize this point. The more we push this, the more obvious this becomes to all players involved, and the quicker SafetyNet (and similar solutions) will grow beyond their current limitations.
Ultimately, information will be provided and verified by bootloaders/TrustZone/SecureBoot/TIMA/TEE/TPM etc. (Samsung is already doing this with their KNOX/TIMA solutions). Parts of the device we cannot easily reach or patch, and thus there will come a time when these detection bypasses may no longer viable. This will happen regardless of our efforts, as you can be sure malware authors are working on this as well. What we power-users do may well influence the time-frame, however. If a bypass attains critical mass, it will be patched quickly.
More security requires more locking down. Ultimately these security features are about money - unbelievably large amounts of money. This while our precious unlocked bootloaders and root solutions are more of a developer and enthusiast thing. While we're all generally fond of shaking our fists at the likes of Google, Samsung, HTC, etc, it should be noted that there are people in all these companies actively lobbying to keep unlocked/unlockable devices available for us to play with, with the only limitation being that some financial/corporate stuff may not work if we play too hard.
It would be much easier (and safer from their perspective) for all these parties to simply plug that hole and fully lock down the platform (beyond 3rd party apps using only the normal APIs). Bypassing root checks en masse is nothing less than poking the bear.
Nevertheless, users want to hide their roots (so do malware authors...) and at least this implementation of suhide is a simple one. I still think it's a bad idea to do it. Then again, I think it's a bad idea to do anything financial related on Android smartphone that isn't completely clean, but that's just me.
Note that I have intentionally left out any debate on whether SafetyNet/AndroidPay/etc need to be this perfectly secure (most people do their banking on virus ridden Windows installations after all), who should get to decide which risk is worth taking, or even if Google and cohorts would be able to design the systems more robustly so the main app processor would not need to be trusted at all. (the latter could be done for Android Pay, but wouldn't necessarily solve anything for Random Banking App). While those are very interesting discussion points, ultimately it is Google who decides how they want this system to work, regardless of our opinions on the matter - and they want to secure it.

--- reserved ---

Changelogs
2016.10.10 - v0.55 - RELEASE NOTES
- Some code cleanup
- Support for blocking based on process name
- Should fix some crashes (requires uninstall/reinstall to activate)
2016.10.07 - v0.54 - RELEASE NOTES
- Fix for latest SafetyNet update
2016.09.19 - v0.53 - RELEASE NOTES
- Haploid container (monoploid)
2016.09.18 - v0.52 - see v0.51 release notes below
- Fix root loss on some firmwares
2016.09.18 - v0.51 - RELEASE NOTES
- Complete redesign
- Zygote proxying (haploid)
- Binder hijacking (diploid)
- su.d instead of ramdisk modification
- Xposed supported (-ish)
2016.09.04 - v0.16 - RELEASE NOTES
- Fix some SELinux access errors
- Should now work on devices that ask for a password/pattern/pin immediately at boot - for real this time!
- Binderjacking improvements for Nougat
2016.08.31 - v0.12 - RELEASE NOTES
- Fix some issues with suhide-add/rm scripts
- Fix not working at all on 32-bit devices
- Should now work on devices that ask for a password/pattern/pin immediately at boot
- Rudimentary GUI hiding
- No longer limited to arm/arm64 devices: support for x86/x86_64/mips/mips64 devices added
2016.08.29 - v0.01
- Initial release

As always thank you Chainfire! I will try and edit this post.
Edit @Chainfire this seems to work for enabling Android Pay! I didn't get the chance to actually pay yet. But it did let me add my card and did not display the message about a failed authorization of Android check! Before I couldn't even get past that first screen.
Edit 2: @Chainfire It seems to of had an adverse effect on Snapchat. I cleared cache on the app, uninstalled and reinstalled and restarted. It kept Force closing after a photo no matter what. I used suhide-rm and it seems to have fixed the app from any issues. Thanks again and hopefully we'll get you some more reports. Either way your solution works!
Tested on stock rooted 7.0 Nexus 6p.

@Chainfire
What was your reason for doing this project?
Sent from my Nexus 6P using XDA-Developers mobile app

Ofthecats said:
What was your reason for doing this project?
Click to expand...
Click to collapse
For building it, curious if the method I came up with would work well. For releasing, if others are doing it, join them or be left behind.

I'm assuming with custom ROM android pay still won't work right?

HamsterHam said:
I'm assuming with custom ROM android pay still won't work right?
Click to expand...
Click to collapse
I'd just give it a try. It's spoofing the specific app, not the entire ROM that matters. It's fairly simple to try.

Installed on LG G4 w/ V20g-EUR-XX update and rerooted with TWRP 3.0.2-0 and SuperSU-v2.76-2016063161323. seems to be working fine, for the moment. Thank you for the update.

So far so good, I was able to add card to android pay. I would try using it during lunch and report back. Again, thanks for the continuous hard work.

djide said:
So far so good, I was able to add card to android pay. I would try using it during lunch and report back. Again, thanks for the continuous hard work.
Click to expand...
Click to collapse
What was the UID or process you found to blacklist it with?
Sent from my ONEPLUS A3000 using Tapatalk

how to install it? which file should I flash ? Both?

I can't see to add an app using terminal.
I'm typing in
/data/adb/suhide-add 10284
Says file not found. Can someone help, cheers.

Joshmccullough said:
What was the UID or process you found to blacklist it with?
Click to expand...
Click to collapse
Android Pay comes blacklisted out-of-the-box

HamsterHam said:
I can't see to add an app using terminal.
I'm typing in
/data/adb/suhide-add 10284
Says file not found. Can someone help, cheers.
Click to expand...
Click to collapse
Are you in Android or TWRP ?
ls -l /data/adb/

Chainfire said:
Android Pay comes blacklisted out-of-the-box
Click to expand...
Click to collapse
Derp. That's what I get for not reading the entire sentence under 'Install' in the OP......thanks!

PedroM.CostaAndrade said:
how to install it? which file should I flash ? Both?
Click to expand...
Click to collapse
Please don't quote a large post like that just to ask a single question.
Please read the first post, so you know what to do.

OnePlus 2 here, stock 6.0.1, systemless rooted with SuperSU Pro v2.76, flahed using Flashfire.
Passes SafetyNet check, does not pass my bank's root check, propably for the reasons the OP states above.

thdervenis said:
OnePlus 2 here, stock 6.0.1, systemless rooted with SuperSU Pro v2.76, flahed using Flashfire.
Passes SafetyNet check, does not pass my bank's root check, propably for the reasons the OP states above.
Click to expand...
Click to collapse
You need to blacklist the UID for your bank. Directions are in the OP.

General System root + Passed Safety Net Pixel 5a

Hey everyone,
after some trial and error, I was able to pass Safety Net.
I just want to mention what I did in the process to get there. May have been a combination of things or just one...
1. I followed this guide, but make sure you notice that It's for the Pixel 5 not 5a. But the process is similar. This process didn't fix the issue. However, it's also a good how-to on how to root. I did also modify the props to the 3a.
How to Root the Pixel 5 & Still Pass SafetyNet — Full Guide for Beginners & Intermediate Users
The Pixel 5 is a great value proposition in this era of $1,500 phones. With its reasonable price tag, fully open-sourced software, and unlockable bootloader, it's also an ideal phone for rooting.
android.gadgethacks.com
2. When that didn't work, I followed this video, and hid all my banking apps besides the Google Play Services:
3. When that didn't work, I installed these both using Magisk from this post:
Magisk General Support / Discussion
This is the place for general support and discussion regarding "Public Releases", which includes both stable and beta releases. All information, including troubleshoot guides and notes, are in the Announcement Thread
forum.xda-developers.com
4. Cleared my data and cache with Google Play and GPay + any other banking apps.
That worked for me!
EDIT: IF GOOGLE MAPS reports the wrong location, its likely XPrivacy-LUA, Google Services. Uncheck some of them.

Oh man....the only thing holding me back is the safety net thing, and it looks like we have a work around tell someone has an actual method made for this phone. Not sure if I'm ready to actually mess with this yet...but thanks for the post, bro!

anubis2k3 said:
Oh man....the only thing holding me back is the safety net thing, and it looks like we have a work around tell someone has an actual method made for this phone. Not sure if I'm ready to actually mess with this yet...but thanks for the post, bro!
Click to expand...
Click to collapse
Didnt think it was that big of a deal to me. But it was fun with a new phone with nothing on it.

This was the Magisk module that worked to pass safety net for me. I didn't need any others.
Releases · kdrag0n/safetynet-fix
Google SafetyNet attestation workarounds for Magisk - kdrag0n/safetynet-fix
github.com
Google Pay "appears" to be working too. Haven't gone out and tried it yet though.

joemommasfat said:
Google Pay "appears" to be working too. Haven't gone out and tried it yet though.
Click to expand...
Click to collapse
That's the part that I use the most, and the reason I haven't rooted yet. Please let us know if it works. Much appreciated!

I can confirm that using google pay (newer GPay app) on my rooted 5a works at merchants. I've already used it several times over the last week or so with no problems.

Deadmau-five said:
3. When that didn't work, I installed these both using Magisk from this post:
Click to expand...
Click to collapse
Why? Isn't the shim version just for Samsungs? Either way, it's the same mod, just different versions.
Someone who actually knows what they're doing needs to write up a tutorial. Following instructions posted by people who have no idea what they're doing but "it works" for them is dangerous.

borxnx said:
Why? Isn't the shim version just for Samsungs? Either way, it's the same mod, just different versions.
Someone who actually knows what they're doing needs to write up a tutorial. Following instructions posted by people who have no idea what they're doing but "it works" for them is dangerous.
Click to expand...
Click to collapse
You're absolutely correct about the dangers in following instructions posted by who knows who. I'll go further and say when it comes to root and associated items stay away from anything posted on a site other than XDA. In many cases even if the instructions were correct at some point in time they may well be outdated now.
I haven't rooted yet for a few reasons yet but will, hopefully sometime very soon. In the meantime I can state the following:
They're is no need to modify props. Modifying props to identify as a different phone would only be required for custom ROMs that don't handle it themselves (or some non-certified Chinese phones, which doesn't apply here). If you're running stock just leave that portion alone. And, if I'm not mistaken (although not 100% certain) I think safetynet-fix takes care of that for you in any case.
You will definitely need kdragOn/safetynet-fix.
Hopefully that's all you need.
I'm not sure which version of Magisk you'll need. Unless you know what you're doing and how to get out of trouble I recommend staying away from the current alphas, they're extremely cutting edge and you can expect problems.
Best best is to check the following threads and see what's going on:
Actually see this post and the 2 posts immediately following
Magisk General Support / Discussion
This is the place for general support and discussion regarding "Public Releases", which includes both stable and beta releases. All information, including troubleshoot guides and notes, are in the Announcement Thread
forum.xda-developers.com
That should pretty much cover things for the moment. If nobody else (@hfam ?) has done it by the time I get around to rooting I'll write something up specific for the 5a.

I only mentioned what works for me since there was no step-by-step guide.
Dangerous how? Doing any mods to your phone is "dangerous". I fail to see how this is more so than others. Modifying your phone is risky.
If it didn't work I wouldn't have posted this guide. I only mentioned the steps that I took. It's not really a guide, just how I passed safety net.
But, my 5a has still been working great since then. GPay included.

jcmm11 said:
You're absolutely correct about the dangers in following instructions posted by who knows who. I'll go further and say when it comes to root and associated items stay away from anything posted on a site other than XDA. In many cases even if the instructions were correct at some point in time they may well be outdated now.
I haven't rooted yet for a few reasons yet but will, hopefully sometime very soon. In the meantime I can state the following:
They're is no need to modify props. Modifying props to identify as a different phone would only be required for custom ROMs that don't handle it themselves (or some non-certified Chinese phones, which doesn't apply here). If you're running stock just leave that portion alone. And, if I'm not mistaken (although not 100% certain) I think safetynet-fix takes care of that for you in any case.
You will definitely need kdragOn/safetynet-fix.
Hopefully that's all you need.
I'm not sure which version of Magisk you'll need. Unless you know what you're doing and how to get out of trouble I recommend staying away from the current alphas, they're extremely cutting edge and you can expect problems.
Best best is to check the following threads and see what's going on:
Actually see this post and the 2 posts immediately following
Magisk General Support / Discussion
This is the place for general support and discussion regarding "Public Releases", which includes both stable and beta releases. All information, including troubleshoot guides and notes, are in the Announcement Thread
forum.xda-developers.com
That should pretty much cover things for the moment. If nobody else (@hfam ?) has done it by the time I get around to rooting I'll write something up specific for the 5a.
Click to expand...
Click to collapse
Just a quick note to say I just finished with everything (new Pixel 5a 5G, rooted + Safety net, restored all my apps, etc) and it's a flawless victory, ALL banking apps work great, SafetyNet passes, no hiccups.
I'd be happy to craft up a step by step and post it if there's some interest. It's not often I get to give back to this outstanding community, so it's the least I can do jumping on the opportunity. UFC 266 Main card is just starting, so I'll get started right after the fight and post it here in this thread.
Great to see ya again @jcmm11! Coming back to root a new phone feels like a family reunion, so great to see many of you active folks still here helping out!!
hfam

Alright, as promised, here is my writeup for a step-by-step tutorial for rooting your new Pixel 5a and getting SafetyNet up and going. I know it looks like a book, but I wanted to put it into plain language and attempt to explain the process for everyone, even absolute first timers. I know when I first started I really appreciated when the person helping didn't presume I had any knowledge, so for those that may have some experience, sorry for the wordiness. I'll also include how I apply updates when a new Android security update is pushed out. I understand that there are now elegant ways to accept OTA updates, but that is out of the scope of this tutorial as I have always had issues with OTA, and have to catch up on how that works myself. I can attest to years of using this method though (using a full factory image) to perform the "monthly" security updates, and I have never had anything but full success, so I'll share that here below the rooting tutorial.
*Disclaimer and heads-up* this is for an UNLOCKED PIxel 5a purchased directly from Google Store. At the time of this writing that is the only place I'm aware of which currently offers the PIxel 5a. Once carriers like Verizon, etc, offer this device, there may be some changes to the process, so just know up front this is for the unlocked Pixel 5a*
*WARNING*! When you unlock the bootloader on your phone it WILL WIPE YOUR PHONE and reset it to factory. If you've already used your phone and set it up, you're going to lose that setup. If you can't bear it, then the rest of this isn't for you, as root cannot be achieved without unlocking the bootloader.
First, you'll need a few things
- https://developers.google.com/android/images
and download the latest FACTORY IMAGE for "barbet", which is the Pixel 5a. You want to download the SAME VERSION that is currently installed on your device. At the time of this writing, it's the September release.
From that same page, you will need the ADB+Fastboot platform tools which will allow you to perform the required tasks, download from this link:
- https://developer.android.com/studio/releases/platform-tools.html
I use Windows 10, and extract this tools download to a folder in the root of C: called "platform-tools". You will then need to add "c:\platform-tools" to your environment path.
On the Pixel 5a, you need to enable developer options. Go into Settings/About Phone/and tap "Build Number" 7 times. This enables developer options and it will let you know when you've unlocked this as you tap 7 times. Once developer options is unlocked, go back to Settings/System/Advanced, and you'll see Developer Options is now available.
Select Developer Options, and enable "USB Debugging" and also enable "OEM Unlocking".
(**NOTE** For now at least, until you decide how you want to proceed with handling updates in future (more on that later), I strongly recommend turning OFF "Automatic System Updates" as well, just a few items below "OEM Unlocking". This prevents any updates happening automatically on a phone reboot. You don't want to wake up and find an OTA update pushed out and removed root, or worse. You can always turn it back on later.)
Plug your phone into a USB port on your PC. Allow the PC to do it's thing. You can open up Computer Management on the PC (right click the windows menu button icon lower left of your toolbar and select "Computer Management". Select "Device Manager" on the left panel. You should see "Android ADB Device" appear at the top of the right pane list of devices. if not, then visit:
Install OEM USB drivers | Android Studio | Android Developers
Discover links to the web sites for several original equipment manufacturers (OEMs), where you can download the appropriate USB driver for your device.
developer.android.com
and download the appropriate USB driver for your system and retry the above directions.
First thing we have to do is unlock the bootloader.
On the PC, open a command prompt and change directory to "C:\platform-tools" as discussed above.
Now, type in "adb reboot bootloader". The phone will reboot into bootloader. (you may receive a dialog on the phone which says something to the effect of not recognizing the PC. Go ahead and allow it, check the box to allow it in the future, and proceed.
Phone is now at the bootloader, and shows you some info letting you know it's so, including that the bootloader is locked. Also, look at the Device Manager we opened earlier and confirm that you see Android ADB Device (or similar) which confirms your PC recognizes the phone and setup for ADB commands .
To unlock the bootloader, in the command prompt type:
fastboot flashing unlock
This will unlock the bootloader, you will likely see a warning that it's going to wipe the phone. Proceed and allow the unlock. The phone will then reboot and take you to your wiped phone just as you received it out of the box, except the bootloader is now unlocked and Developer Options are still available. Let the phone continue through it's first-time setup, and leave the phone plugged into the PC. If you unplugged no biggie, but we're going right back to the PC shortly and it will need to be plugged back in before the next step to accept the file we're going to push to it.
Now, you want to open a browser on the phone and go to (at the time of this writing, v23.0 is the current stable Magisk):
Release Magisk v23.0 · topjohnwu/Magisk
This release is focused on fixing regressions and bugs. Note: Magisk v22 is the last major version to support Jellybean and Kitkat. Magisk v23 only supports Android 5.0 and higher. Bug Fixes [App]...
github.com
Scroll down and under "Assets" select that Magisk 23.apk file, download and install it. Open Magisk if it doesn't open on install, and just let it sit, we're coming back to it shortly.
PATCHING THE BOOT.IMG FILE
On the PC, go back to the Factory Image you downloaded, and extract it to a temporary directory. You will see 6 files; a few "flash-all" files, a radio image, a bootloader image, and a ZIP file called "image-barbet-XXXXXXXXXXX.zip (the xxx's are whatever the version number is you've downloaded). Double click that ZIP file and you will see a dozen files. The one we need to root the device is "boot.img".
Copy (don't move!!) this file to c:\platform-tools. Now, go back to your command prompt (still pointing to c:\platform-tools) and type in:
adb push boot.img /sdcard/Download
Now back on the phone, within the Magisk app we left open, at the top where it says Magisk, choose to install. A dialog box will open, select Patch Boot File Image. Point the process to your /sdcard/Download, and select the boot.img file we just pushed there. Now allow it to patch the boot.img and Magisk will show you it's patching it, and in a moment tell you it was successful. Close the Magisk app, open "Files" and direct it to sdcard/Download. Note the name of the patched boot file, which is called "magisk_patched-XXXXX_xxxxx.img (the X's are the Magisk version, and the x's are 5 random chars). Feel free to leave it there as you go back to the PC...
Back on the PC, in the command prompt, now type:
adb pull /sdcard/Download/magisk_patched-XXXXX_xxxxx.img
make certain you get the name exact or it won't go, no worries, just get it correct. The file now resides in the "c:\platform-tools" directory along with the unpatched "boot.img" and your ADB+Fastboot tools.
Just about done rooting, here we go!
Now, in the command prompt type:
adb reboot bootloader
The phone reboots into bootloader. Now type:
fastboot flash boot magisk_patched-XXXXX_xxxxx.img (again, use the numbers and letters in YOUR patched file!)
Lastly, type:
fastboot reboot
Your phone reboots, and you should be rooted!! Unplug your phone from the PC, open up Magisk App and confirm, the Magisk entry at the top of the main Magisk App screen should now show you the version you installed, etc!
Time to get your banking apps (and any others that may detect unlocked bootloaders/root/etc) working!
In the Magisk App, on the bottom of the screen is a 4 item menu bar. Select the right-most icon, which is "Modules". At the top of the screen select "sorting order" and sort alphabetically. Scroll down to "riru" and select the module that is JUST "RIRU", (not any of the other "riru _______" modules). Choose to download it, then choose to install it. You'll be prompted to reboot the phone, so reboot the phone.
Next, we're going to install drag0n's Universal SafetyNet fix (at the time of this writing it's currently v 2.1.1) You will need to download this via a browser on your phone, so open a web browser and go to:
GitHub - kdrag0n/safetynet-fix: Google SafetyNet attestation workarounds for Magisk
Google SafetyNet attestation workarounds for Magisk - GitHub - kdrag0n/safetynet-fix: Google SafetyNet attestation workarounds for Magisk
github.com
On the right-hand side, you'll find "Releases", and v2.1.1 is the latest. Select that, then scroll down to "Assets" and download "safetynet-fix-v2.1.1.zip" By default this will download to sdcard/Download.
Go back into the Magisk App, select the "Modules" menu as above, and at the very top select the "Install from Storage" bar. Point to the file we just downloaded and install it (don't extract it, etc, it requires the zip exactly as downloaded and will do it's thing). Again, it will install the module and prompt you to reboot. Reboot.
Almost there!
At this point, if you havent installed your banking apps, do so. DON'T RUN THEM, just install them. I also have a Nintendo Switch Online app which failed because of root, so if you also have or want this app, install it now, again, do NOT run it yet, just install. Same with any other apps you are aware which have root/bootloader unlocked issues, get them installed, but don't run 'em.
Now, we're going to use MagiskHide to hide these apps and complete the process for passing SafetyNet and running apps which may not run due to root.
in the Magisk App, at that 4 item menu bar at the bottom, select the 2nd from left, or "MagiskHide". Select the MagiskHide item and it will open to a scan of all the apps on your system. By default I believe Magisk sets up to hide Google Play Services. You will see it selected, and all the other apps on your system unselected. Select each of the banking apps, the Nintendo Switch Online (if you have it), and any other apps that YOU ARE SURE will complain about unlocked bootloaders and/or root. Any onilne gaming that's popular are good choices, but again, it's easiest to NOT RUN them PRIOR to hiding them via MagiskHide. Pokemon GO comes to mind as one I've seen that needs hiding, etc, so make it easy on yourself and do a little research on any suspect apps prior to running them, then hide them if needed.
Anyhow, select your banking apps to hide them.
Now, we're going to check SafetyNet to make sure youll now pass.
On the Home menu in the Magisk App, select "Check SafetyNet". You will be prompted to download some proprietary SafetyNet shhhhhhhtuff....so let it download. Once done, SafetyNet check will open, and you should show a blue screen which says SUCCESS, and "basicintegrity" and "ctsProfile" will be checkmarked, evalType will show BASIC.
You're good to go, rooted, SafetyNet works perfect, and you can now open your banking apps and should open right up!!
If you find any specific issues about specific apps not working, or detecting root, etc, the best place to get help is in the Magisk General Discussion forum:
Magisk General Support / Discussion
This is the place for general support and discussion regarding "Public Releases", which includes both stable and beta releases. All information, including troubleshoot guides and notes, are in the Announcement Thread
forum.xda-developers.com
I owe those folks eternally for showing me what I know, and always having the answers for any issues I've ever had. Some of the nicest, smartest people Ive had the pleasure of knowing, they're always helpful, and even maintain fantastic sites for FAQ and chock full of great info about every aspect of Magisk.
BONUS ITEM: As I indicated above, I'd share the method I know, trust, and have used many many times, trouble free, to apply a system update to the phone without overwriting anything, and not hitting any issues many encounter using the OTA method (though I understand that's been vastly improved, I haven't educated myself as to that process and will likely continue to use this method).
Security Update (monthlies) Process using Full System Image
As above, download the newest Full Factory Image from the site. Extract this full image to a directory inside C:\platform-tools
In this directory, if you're on Windows, open the "flash-all.bat" file (don't run it, open it with Notepad or something similar, I really like Notepad++ as it's free, has a LOT of great functionality and, like the native Notepad, doesn't do any goofy formatting/fonting/etc when modifying and saving a file.)
In flash-all.bat, look for the "-w" entry in the fastboot command near the end of the file and REMOVE ONLY THE "-w", leaving the line correctly formatted (don't leave an extra space or something goofy), then save the file over the top of the original with the same name. This will remove the overwriting of your data when pushing the image, the "-w" tells the process to overwrite, so we remove it.
Open up a Windows Explorer and go to your c:\platform-tools directory. Delete (or move to another location) any "boot.img" files along with any "magisk_patched-XXXXX_xxxxx.img" files from previous operations. Also note and confirm that you have correctly extracted the latest Full System Image to it's own directory, residing in c:\platform-tools.
Now, connect your phone to the PC. Open your command prompt and point to "C:\platform-tools" again. Type: cd <name of Full system Image directory>
In command prompt, type:
adb reboot bootloader
The phone is now in bootloader. In command prompt, confirm you're pointing to "C:\platform-tools\<Full System Image extract dir>" Type:
flash-all
This will do a full factory image push to your phone, you'll see a couple quick writes and phone reboots, then begins writing the rest of the image to your phone, but since we removed the "-w" from "flash-all.bat", it's NOT overwriting your data, just the necessary system files to update it to the latest version!
Reboot your phone, let it do any optimizing and updating it needs to do, and don't run anything yet, we're not quite done, just let the phone settle in and finish booting and doing it's thing.
Now, go back and perform the steps above listed under "PATCHING THE BOOT.IMG FILE" to patch the newest boot.img from the Full System Image we just updated the phone with (push the boot.img to sdcard/Download, patch with Magisk App, pull magisk_patched-XXXXX_xxxxx.img to your PC, blast it back using fastboot), and you've now rerooted the phone.
Lemme just say again that I know this was a friggin' book, and I tried to make it as clear and plain language as I could to help even a first timer, so my apologies if it seems like an onerous process. It's really not, and once you've done this once or twice, it's a cakewalk and takes about 10 minutes of your time from start to finish to do the whole system update and reroot. Again, the newer methods to take OTA without losing root may be something you'd like to look into, i definitely will, but I'm very confident in sharing this method as I know it works like a champ and is foolproof if you take your time the first few times and make sure you do what's required (remove the "-w" from the flash-all.bat, etc)
Lastly, I've been using this method since the Pixel 2, and just performed it on my new 5a, it worked exactly as it has for years for me on the P2, so you can be confident moving forward that, if you follow instructions and take your time until it's all familiar, you'll be successful in rooting, passing SafetyNet, and applying system updates without screwing up the A/B slots or overwriting your data in the process.
I hope this helps even one person, and since I rarely find myself able to give back to the community in any real meaningful way (many of these folks are WAAAY beyond my modest skills and know so much!!), I hope that this provides some folks with a useful and meaningful tutorial, providing confidence that anyone can root their P5a (or about any Pixel it seems) without being a Magisk/Android prodigy.
@Didgeridoohan, @pndwal, @zgfg, @jcmm11, and so many others over the years have been so helpful, I couldn't have done any of this without their selfless help, so give those folks a big thanks also if this is any help to you.
Best of luck,
hfam

Thanks for the write-up @hfam, it's good to know that some of the steps that i tried aren't really necessary, like using props config or hiding the actual magisk app.
Appreciate you!

nsoult said:
Thanks for the write-up @hfam, it's good to know that some of the steps that i tried aren't really necessary, like using props config or hiding the actual magisk app.
Appreciate you!
Click to expand...
Click to collapse
Awww, thanks! Glad to do it and really hope it helps some folks tackle rooting their phones and passing SN!

Rooted with magisk v.23 - flashed zip as a module

So has anyone installed the October update yet?

GrandAdmiral said:
So has anyone installed the October update yet?
Click to expand...
Click to collapse
Yep, good to go. I used the same method I shared above.

Is this working with Android 12? Which Magisk version to use?

This method did not work for Android 12. I updated my rooted phone to android 12 OTA. It returned to stock. I followed the method above to patch the factory boot.img file with magisk. After flashing my phone in bootloader with the patched boot.img, my phone will not reboot. says:
failed to load/verify boot images
Any advice? My Magisk is v23. Do I need to use a beta version?

Poking around in this thread, it seems that android 12 root is a much more involved process, requiring factory wipe and additional steps.
[Guide] Flash Magisk on Android 12
Trying to root the Pixel 5 running Android 12 by flashing a magisk-patched boot image results in the phone only booting to fastboot mode ("failed to load/verify boot images") Some users have reported that booting (instead of flashing) the patched...
forum.xda-developers.com

tintn00+xda said:
This method did not work for Android 12. I updated my rooted phone to android 12 OTA. It returned to stock. I followed the method above to patch the factory boot.img file with magisk. After flashing my phone in bootloader with the patched boot.img, my phone will not reboot. says:
failed to load/verify boot images
Any advice? My Magisk is v23. Do I need to use a beta version?
Click to expand...
Click to collapse
As you stated, you are correct. You need to perform a full wipe or flash the factory image with a wipe and then root works fine and phone boots. Tried myself and works fine.

General Flashing GSI on Edge S/20 Pro (Magisk enabled)

First of all, thanks to ilia3367 for his Pure Edition ROM which contains some very useful stuffs for flashing and booting GSI.
Code:
/*
* Your warranty is now void.
*
* I am not responsible for bricked devices, dead SD cards,
* thermonuclear war, or you getting fired because the alarm app failed. Please
* do some research if you have any concerns about features included in the GSI
* before flashing it! YOU are choosing to make these modifications, and if
* you point the finger at me for messing up your device, I will laugh at you.
*/
What you need
1. Unlocked bootloader
Follow this guide to unlock bootloader. In overall, the unlock process is not as difficult compared to other brands, provided your device is eligible to unlock.
WARNING: The following steps assume you have already unlocked your bootloader. If you haven't unlocked your bootloader yet, or your device isn't eligible, DO NOT PROCEED.
2. fastboot
The process utilizes fastboot exclusively, so make sure you have fastboot installed.
3. A Magisk patched boot.img.
You can either patch it yourself using Magisk Manager, or use boot_magisk.img from Pure Edition ROM.
Although you should be able to use GSI without Magisk, you'll probably need to patch vbmeta (or vbmeta_system) so the stock kernel won't refuse to boot the GSI in this case. This guide does not cover non-Magisk scenario for now, as I'm not entirely sure. With Magisk, patching vbmeta is not needed.
4. A backup of factory images in case something goes wrong.
The factory image (both S and 20 Pro) can be found in the Pure Edition ROM thread as well.
Steps to flash GSI
1. Enter fastboot
Hold down both POWER and VOL- to enter fastboot mode.
Or you can use the following adb command to do so.
Code:
adb reboot bootloader
2. Enter fastbootd
Enter the following command to enter fastbootd, where you can actually access the system partitions, as this phone uses Dynamic Paritions.
Code:
fastboot reboot fastboot
WARNING: The following steps will actually modify your system partitions and may leave your phone unbootable. Make sure you have backed up everything before proceeding.
3. Flash Magisk patched boot.img
Assume you have the Magisk patched boot.img as boot_magisk.img, enter the following command.
Code:
fastboot flash boot boot_magisk.img
Note that you can also flash boot.img directly from fastboot, before entering fastbootd.
4. Remove the product partition
The phone's system partition is very small (about 1GB), but has a very big product partition (about 2.7GB). You'll get an error if you try to flash the GSI right away, as the super partition does not have enough room to resize the system partition to hold the GSI image if it's too large.
As the product partition is not useful for GSIs, it can be safely removed. Enter the following commands.
Code:
fastboot erase product
fastboot resize-logical-partition product_a 0x0
This will erase the stuffs in the product partition and set its size to zero, so the system partition would be able to claim its space when resizing.
You can always use the following command to check bootloader variables.
Code:
fastboot getvar all
In this case, check if the product_a partition has indeed been resized to zero. If yes, you can proceed.
Code:
(bootloader) partition-size:product_a:0x0
5. Flashing the GSI
Enter the following commands.
Code:
fastboot erase system
fastboot flash system gsi.img
Note that the erase command is optional. Replace gsi.img with the actual GSI image file of your choice.
6. Wipe userdata if needed
You don't need to wipe userdata if you are dirty flashing newer build of a same GSI over the existing one.
In case you need to do so (such as flashing a different GSI, or factory reset), enter the following commands.
WARNING: These commands will erase everything in the internal storage, not just app data! Make sure you have everything in the internal storage backed up before doing this. You may try this unofficial TWRP for this device if you want to perform factory reset while keeping your files, as well as creating a nandroid backup.
Code:
fastboot erase userdata
fastboot erase metadata
7. Reboot
Enter the following command to reboot.
Code:
fastboot reboot
If nothing goes wrong and the GSI doesn't have any major issue that might prevent it from successfully booting, you should be able to boot the GSI and further configure it yourself.

I'm still experimenting with GSI so I'm not sure which feature works and which doesn't.
The GSI I'm currently testing is DotOS. Different GSIs may produce different results but should be mostly similar.
For now it seems the following stuffs are working fine:
- Wi-Fi
- Bluetooth (Audio is problematic, other parts appear to work fine)
- 5G (Data)
- NFC
- Camera
- Display color settings (such as Boosted, Saturated)
- Fingerprint Sensor (Turned out it works!)
- Encryption (GSI can work with untouched vendor, which enforces encryption)
- 120/144 fps (On GSI it defaults to 120 fps, which can be changed in Phh-Treble settings)
The following stuffs are problematic:
- MTP (I recommend using ADB as it's a hit-or-miss on Linux. On some environments it works, on other environments it doesn't)
- Bluetooth Audio (Need to enable "alternate audio policy" and also "Force disable A2DP offload" for headsets to work correctly)
The following stuffs are not working:
- VoLTE (While you can enable "Force the password of 4G Calling setting" in Phh Treble Settings -> IMS features" then toggle it off then on upon system startup to make it active, it does not work correctly!)
Here are some functionalities that I won't be able to test as I'm not actually using them.
- SafetyNet related (I use microG now)
- USB Type-C Audio (I mainly use bluetooth headsets if needed for all except gaming)
- SIM2 (I'm confident it'll work as both SIM slot's IMEIs are correctly detected)
- Carrier-specific issues (Need someone using Verizon or other GSI-problematic carriers to test this)

Currently I've tested that the most recent DotOS, OctaviOS GSIs are working.
Keep in mind that not all GSIs can boot. You'll need to look for another build if the one you flashed doesn't boot correctly (which seems to be SELinux related).
For now, most of the functionalities work on GSI using a Magisk patched stock kernel and untouched vendor. The kernel source for RRA31 build (Global) is currently in the process of being released.
UPDATE (11/3/2021): The source code is now available.

but i've still have a question for the step 5
this mobile is a/b slot but you didn't use fastbootd mode is that work?

ZhenYuSAMA said:
but i've still have a question for the step 5
this mobile is a/b slot but you didn't use fastbootd mode is that work?
Click to expand...
Click to collapse
Step 2 is switching to fastbootd. The rest of the commands are done in fastbootd mode.
fastbootd uses the same syntax as fastboot.
This phone uses dynamic partitions, but is also A/B. Usually you would be on slot A if it's a new phone, but be sure to pay attention to active slot if the phone has taken OTA updates before.
I don't know if there are already OTA updates out, though this phone is still relatively new.

LSS4181 said:
Step 2 is switching to fastbootd. The rest of the commands are done in fastbootd mode.
fastbootd uses the same syntax as fastboot.
This phone uses dynamic partitions, but is also A/B. Usually you would be on slot A if it's a new phone, but be sure to pay attention to active slot if the phone has taken OTA updates before.
I don't know if there are already OTA updates out, though this phone is still relatively new.
Click to expand...
Click to collapse
whoa, now i see much thx

I tried DotOS 5.2 since i don't have volte on my area, and it was usable, only thing that annoyed me a little is CPU being capped at 2500MHz. Do you know how to have the same frecuency config as with the stock ROM?. With stock i noticed everytime i open a benchmark app the CPU stays at max frecuency on all cores even if it's not running the actual benchmark.
I don't have much knowledge with tweaking system code since the phone i had before had every ROM in every flavor already optimized (k20 pro) and with this one i'm getting a little bit bored to be honest so i wanted to do something myself but i couldn't get around those frecuency issues. Tried with Franco Kernel Manager and EX, the frecuecies applied but after around 1 minute everything went back to default.
Also, did you try the stock camera app?
Thanks.

rodrimax10 said:
I tried DotOS 5.2 since i don't have volte on my area, and it was usable, only thing that annoyed me a little is CPU being capped at 2500MHz. Do you know how to have the same frecuency config as with the stock ROM?. With stock i noticed everytime i open a benchmark app the CPU stays at max frecuency on all cores even if it's not running the actual benchmark.
I don't have much knowledge with tweaking system code since the phone i had before had every ROM in every flavor already optimized (k20 pro) and with this one i'm getting a little bit bored to be honest so i wanted to do something myself but i couldn't get around those frecuency issues. Tried with Franco Kernel Manager and EX, the frecuecies applied but after around 1 minute everything went back to default.
Also, did you try the stock camera app?
Thanks.
Click to expand...
Click to collapse
VoLTE doesn't work with GSIs yet. I tried forcing the toggle out. It does register, but calls do not function at all (hangs). I've reported the issue to phh, but I'm yet to make any progress. One thing I know is that IMS is in `/system_ext`, and that is not used by GSI.
As for CPU cap, I haven't really tried using kernel managers on the device yet (I prefer using SmartPack). My experience with SmartPack on other devices is similar, that any changes to frequencies would be reverted to default after a while.
It seems the system (or maybe just stock kernel) nowadays don't allow you to freely change CPU/GPU frequencies anymore, and your experience with Franco and EX further proved it. As for benchmark apps capping CPU frequency... I suspect the phone has some cheating mechanisms similar to some other ones in the past.
Don't know about stock camera app. For custom ROMs/GSIs my favorite is Open Camera, which is installed via NanoDroid to replace the stock ones.
Plus, with stock ROM, the system partition doesn't really have many stuffs. Other stuffs were placed in `/system_ext` and `/product`, and it appears that GSIs use neither of those. It's possible that the libraries of some essential features reside in `/system_ext` and therefore would not be available for GSIs (like IMS).

This procedure could be used to A12?

vinaaa said:
This procedure could be used to A12?
Click to expand...
Click to collapse
Yes but from my experience apart from the bugs mencioned above, in A12 fingerprint and magisk don't work and bluetooth doesn't either even with the workaround. Once i found these bugs i went back to stock so i didn't test it more than 15 minutes, it probably has a lot more to be found

LSS4181 said:
VoLTE doesn't work with GSIs yet. I tried forcing the toggle out. It does register, but calls do not function at all (hangs). I've reported the issue to phh, but I'm yet to make any progress. One thing I know is that IMS is in `/system_ext`, and that is not used by GSI.
As for CPU cap, I haven't really tried using kernel managers on the device yet (I prefer using SmartPack). My experience with SmartPack on other devices is similar, that any changes to frequencies would be reverted to default after a while.
It seems the system (or maybe just stock kernel) nowadays don't allow you to freely change CPU/GPU frequencies anymore, and your experience with Franco and EX further proved it. As for benchmark apps capping CPU frequency... I suspect the phone has some cheating mechanisms similar to some other ones in the past.
Don't know about stock camera app. For custom ROMs/GSIs my favorite is Open Camera, which is installed via NanoDroid to replace the stock ones.
Plus, with stock ROM, the system partition doesn't really have many stuffs. Other stuffs were placed in `/system_ext` and `/product`, and it appears that GSIs use neither of those. It's possible that the libraries of some essential features reside in `/system_ext` and therefore would not be available for GSIs (like IMS).
Click to expand...
Click to collapse
Thank you for the reply
I don't know if this is of any relevance but after disabling system tracing on developer options on stock A11, the CPU is not capped when opening benchmark apps anymore

I didn't like the DotOS. Yes, it has an interesting interface, interesting graphical solutions. But many additional settings and functions don't work.

ilia3367 said:
I didn't like the DotOS. Yes, it has an interesting interface, interesting graphical solutions. But many additional settings and functions don't work.
Click to expand...
Click to collapse
GSIs aren't 100% bug-free from my own experiences. Sometimes regressions or plain oversights can happen with certain versions. A long time ago with older devices I even had times when Bluetooth didn't work on a certain GSI because the maintainer forgot to include Bluetooth related libraries (as the logcat errors implied the files were absent).
A recent example would be that custom fonts used to work with an earlier build of OctaviOS (July) but broken with the latest (September). Either the maintainer somehow forgot to actually include the fonts this time, or there were regressions/bugs in the OS itself causing the feature to break.
Plus, it seems substratum is still alive and active, yet I'm quite a n00b when it comes to adding additional features to system with it (preferrably on top of plain AOSP). Back then I mainly used it for custom themes I bought, and when custom ROMs started including built-in theming and the features I need, substratum is pretty much dead to me and I haven't touched it for years since then.
PS: There is an ongoing bug with DotOS for this device, since 5.1, that keyboard layout button would not show up when using 3-button navbar (which is my favorite). The button correctly shows when using gestures or 2-button navbar. I reported the issues several times in the group but I got very limited response (probably because few users are using it thus affected)... so the issue persists with the recently released DotOS 5.2 GSI.

[UNOFFICIAL][ROM]BETA LineageOS 18.1 for SM-T710 - June 10, 2023

LineageOS 18.1 UNOFFICIAL for 2015 Samsung Galaxy Tab S2 SM-T710 ONLY​Model: SM-T710 (wifi) - gts28wifi - 8" screen, Exynos 5433 SoC, no LTE
This is the ONLY model that the ROM will work on.​
There is NO ROM for the T715 or T815 in this thread. Questions about T715 or T815 will be completely IGNORED.
You MUST READ posts 1-4 (about 10 minute read) before deciding to install this rom. If you think this is an unreasonable request, then stop reading now and find another rom. Thank you.
DISCLAIMER
I am not responsible for lost data, identity theft, lost money, security vulnerabilities, bricked devices or any other hardware or software malfunctions that comes as a result of flashing this rom.
All involved in bringing this build to you are working voluntarily on it in very limited spare time, and their other life commitments have much higher priority. Don't expect a prompt, or even any, response to questions and bug reports.
Before attempting to install this ROM
1. Ask yourself: would bricking your device be a disaster for you? If yes, don't try this ROM! It can't be guaranteed stable and reliable enough to depend on for daily use.
2. BACKUP YOUR DATA AND EXISTING ROM. Be prepared for a complete restore if anything goes wrong.
3. RESEARCH adb, fastboot, Odin/heimdall, and TWRP and how to use them, if not already familiar with these.
What works
1. bluetooth
2. wifi
3. brightness
4. external audio
5. GPS
6. audio through headphone jack
7. audio over bluetooth
8. selinux enforcing
9. DRM level 3 (SD definition)
10. deep sleep
What doesn't work
1. fingerprint. As I wrote in post 1891 at
https://forum.xda-developers.com/t/...t810-t815-t815y.3879302/page-95#post-85533725
I will not spend anymore time looking at fingerprint. If you need fingerpint to work, stay with stock Samsung rom.
2. DRM level 1 (no HD definition). There's more detail in post 1891 above. I will not be trying to achieve level 1 for HD definition. If you need HD definition for your $treaming media, stay with stock Samsung rom.
3. If you charge the device while it's powered off and then want to power it on, you MUST wait at least 30 seconds AFTER disconnecting the charger cable before pressing the power button otherwise you might run into strange boot problems such as the touch screen not working.
4. Possibly other features that I haven't tested or do not use.
Source Code
See FAQ 1 for links in post #2.
Thanks
1. LineageOS team for source code.
2. @retiredtab, @ananjaser1211, @lpedia, @Yogi555 and @CuckooPenguin for spending nearing 1 month fixing the 2 most biggest bugs in 17.1 that plagued users for nearly 10 months: the wifi instability and random reboots. These are discussed in detail at
https://forum.xda-developers.com/t/...rs-running-any-version-of-android-10.4308193/
https://forum.xda-developers.com/t/...rs-running-any-version-of-android-10.4308203/
3. All past contributors of the exynos5433 code.
4. @rINanDO for his lmkd spam fix in 18.1.
5. beta testers: lpedia, Yogi555 and CuckooPenguin
6. lpedia for building the public T710 monthly roms starting April 2022
7. lpedia for suggestions, proof reading and FAQ table format in post #2.

Frequently Asked Questions. You MUST READ this before posting any questions. Thank you.
QuestionAnswerQ1. Can I build this ROM for myself? Where are the source and kernel source files?A1. Yes, you can. The source files are listed below.
Kernel
https://github.com/retiredtab/android_kernel_samsung_universal5433-selinux
Device Tree
https://github.com/retiredtab/android_device_samsung_gts2-common-selinux
https://github.com/retiredtab/android_device_samsung_gts28wifi
Vendor
https://github.com/retiredtab/proprietary_vendor_samsung-selinux
In addition, there is a repo diff file for device-specific tweaks needed to work and a roomservice.xml (local manifest file) file so you can build this rom yourself. The other patch required for tcp/ip is at https://github.com/DerpFest-11/pack...mmit/22fd53a977eeaf4e36be7bf6358ecf2c2737fa5eQ2. Is this ROM suitable as a daily driver?A2. It might be, depending on your requirements. You would need to try it yourself, with your preferred apps, to see if suits your purposes. I've been using it myself since mid August 2021 with no major issues.Q3. What do I do if my app xyz doesn't work?A3. I can't help diagnose problems with random apps I know nothing about. If the app is critically important to you and it doesn't work on this ROM, go back to a ROM where it did work.Q4. Why is this ROM laggy and/or buggy?A4. The device will be noticeably slower if you're using any Gapps package. Consider going gapps-free. A lot of apps will work without Google's services, or there exist alternatives that will. Check out F-Droid, Aurora Store, NewPipe, etc.Q5. What TWRP should I use?A5. You MUST use my unofficial TWRP 3.5.2_9. Get it from
https://sourceforge.net/projects/retiredtab/files/SM-T710/TWRP/Q6. Why should I use this ROM?A6. You don't have to! If you don't like it, go back to your old ROM.Q7. Will you offer monthly updates with security patches?A7. We plan to do so. lpedia will try to update the ROM with the monthly security patches after LineageOS has released them, free time permitting. Each monthly build will be tested to make sure all the "What's working" functionality listed in post #1 still works, before it's made available (which might in some cases delay the release).Q8. I'm a newbie. Can you provide step by step instructions?A8. We simply don't have the time to do this, but there are lots of tutorials, videos, etc online showing how to flash custom ROMs and how to deal with common problems. Newbie questions are also accepted in the XDA General Questions and Answers forum. Having said that, @pflyaz has kindly make a guide in post #37.Q9. Can I report a bug with respect to the ROM?A9. Yes, but you need to supply the following information. If you don't, I won't look at it.
Provide an adb logcat of the problem, and if possible describe how to reproduce it. Note that I can't help if it involves downloading any app I don't already use that requires payment or creating a userid/password.
To get a logcat, open a terminal window on your PC, connect your device to it via USB, and do this:
Bash:
# clear the logcat first
adb logcat -c
# start logcat trace
adb logcat > problem.txt
# reproduce problem
# wait until problem has occurred,
# then stop trace by hitting ctrl-c then zip the problem.txt file
# before uploading it.
Q10. How long will you build 18.1 for this device?A10. For now, 18.1 will be built for all of 2022. After that, we will make a decision depending on a number of factors.Q11. Do I need to erase everything and format my data before installing this ROM for the first time?A11. Under most circumstances, yes.
If you're coming from stock Samsung Android, or an earlier version of LineageOS, or a different custom ROM, you MUST 'clean flash': boot to TWRP recovery, wipe system, data, dalvik/art cache, and cache partitions, then Format Data, then install this ROM.
If you don't do this you're likely to run into problems, such as getting stuck at the boot animation for more than 5 minutes.
The ONLY exception is that if you are coming from LOS 18.1 with the April 5 2022 security patch or later, you can dirty flash the latest security patch build.Q12. What Gapps should I use?A12. Your choice! There are several well-known Gapps packages, such as NikGapps, BiTGapps, OpenGapps, and MindTheGapps. OpenGapps is being removed as per post #11. Do your own research as to what is the most reliable gapps option for you.
I recommend installing the SMALLEST version of any of these, preferably with just the minimum Google services needed to access the Play Store and run apps that depend on Google services.
You could also consider Google alternatives, such as Aurora Store, which mirrors the Google Play Store apps but doesn't need any Google services itself. Many Play Store apps do not actually depend on Google services.
If you are going to install any Gapps package, follow the installation instructions given for that particular package.Q13. I'm having problems with Gapps. Can you tell me why it's not working?A13. I can't answer any questions about Gapps, because I don't use them. Ask your questions on the XDA thread for the Gapps package you're using.Q14. Why isn't my post answered?A14. There are several possible reasons: the question is answered in the FAQ (in which case it will be ignored completely); or it involves apps or operating systems that I don't use; or it's about Gapps, which I don't use; or I simply have not had time to answer any questions.Q15. What speed up/optimization tips do you suggest?A15. These steps can make a big difference to performance:
Turn off animations. Go to Settings > System > Developer options, scroll down to the Drawing section, and set Window, Transition and Animator scale all to "Animation off".
Don't install Gapps unless you depend on something that only Google is providing. Use Aurora Store to get your preferred Play Store apps - they will all be available on Aurora Store. You can choose to access this anonymously or use a Google account.
Don't run more than two apps at the same time. You can probably listen to music in the background and use a web browser at the same time.
Use a web browser with built-in adblock and privacy features, such as Brave.
Use NewPipe to watch your streaming content. It has built in adblock so you don't have to watch forced ads.
Look for apps that are open source, ad-free and lightweight.
Q16. Does this ROM support Magisk so I can root my device?A16. Magisk works with this ROM as reported by beta testsers, but that could change with any revision and changes by Google. However I don't use it myself and can't help with any related issues. Direct any questions about Magisk to the XDA Magisk forum.Q17. Will this ROM ever become official?A17. Never. Official maintainers have onerous responsibilities, and I know my device trees, code organization and git commits will NOT meet LineageOS standards. I'm not able or willing to take on the responsibilities and commit the extra time to supporting an official build.Q18. What is the difference between this ROM and others?A18. This ROM tries to be pure LineageOS with little or no modification. Other ROMs may come with a different UI, different bundled apps, etc.Q19. Will there be any major 18.1 code modifications in the future?A19. I don't anticipate any major modifications. There may be some slight tweaking to the SEpolicy, small bug fixes and minor code cleanup, but all the hard work - getting the rom up and running, and fixing all the major bugs - has been done. This doesn't mean the code is perfect or well organized, but I won't be making any major changes.Q20. Why did you fork the trees?A20. I wanted my own private branch where I could make changes that would only affect my own personal builds.Q21. Can you build a variant of this device? For example, a LTE or S-pen version?A21. I cannot and will not try to build for a variant device if I don't physically have that device. I have to be able to boot and test it myself, and there's no guarantee that I can get those variant features working. So I will NEVER build T715, T810 and T815.Q22. Can I load this ROM on a variant device like LTE or S-pen version?A22. This ROM is for the device explicitly listed and will only work on that device. Do not try to install it on any other device.
ONLY if you are an advanced user and understand TWRP, adb, odin, heimdall, etc, you could try loading it on a LTE or S-pen variant by modifying the updater-script, but be warned: there are likely to be problems, including a bricked device, bootloops, or the ROM not being able to support the functionality of LTE/S-pen.Q23. Does this ROM have any wifi connection issues?A23. This ROM's wifi has been stable on the specified device ever since lpedia and I determined the root cause of the wifi problems back in July 2021 and re-installed the original S2 network 'blobs' with LOS 17.1.Q24. Is this ROM secure so I can do financial transactions?A24. Although Android monthly security patches do improve general security, this ROM's outdated kernel and old proprietary vendor blobs/drivers will NEVER get updates of any kind, and could have significant security holes.
In addition, although the ROM is SElinux enforcing, there's a good chance that the rules written (about 800+ lines of code) have some errors.
If the device is rooted, this would further weaken the security.
With this information, it's up to you to make an informed decision about whether you trust this ROM to be secure enough for your financial transactions.Q25. Okay, I understand the consequences and willing to take the risks outlined, now where can I find the BETA rom?A25. Downloads are at
https://sourceforge.net/projects/lpedia-sf/files/gts28wifi/

Monthly release notes
June 10, 2023 release notes
1. Incorporates June 5 as per https://review.lineageos.org/q/topic:R_asb_2023-06
May 8, 2023 release notes
1. Incorporates May 5 as per https://review.lineageos.org/q/topic:R_asb_2023-05
Apr 18, 2023 release notes
1. Incorporates Apr 5 as per https://review.lineageos.org/q/topic:R_asb_2023-04
March 19, 2023 release notes
1. Incorporates Feb 5 and Mar 5 security patches as per https://review.lineageos.org/q/topic:R_asb_2023-02 and https://review.lineageos.org/q/topic:R_asb_2023-03
Jan 8, 2023 release notes
1. Incorporates Jan 5 security patches as per https://review.lineageos.org/q/topic:R_asb_2023-01
Dec 12 release notes
1. Incorporates Dec 5 security patches as per https://review.lineageos.org/q/topic:R_asb_2022-12
Nov 12 release notes
1. Incorporates Nov 5 security patches as per https://review.lineageos.org/q/topic:R_asb_2022-11
Oct 9 release notes
1. Incorporates Oct 5 security patches as per https://review.lineageos.org/q/topic:R_asb_2022-10
Sept 11 release notes
1. Incorporates Sept 5 security patches as per https://review.lineageos.org/q/topic:R_asb_2022-09
2. Fixes non working touchscreen and hardware buttons when powering up with power cable plugged in and device turned off. However, the recommendation is still to unplug your charger, wait 30 seconds before pressing power button when your device is turned off.
https://github.com/retiredtab/andro...mmit/7e0657629efedc7f06f6f6fb57199fca0b4e8ea6
https://github.com/retiredtab/andro...mmit/e17c44d2e282d67b243a1c99ce62127e83052c4f
3. Removed settings menu option for fast charging. S2 tablet devices do not support this.
https://github.com/retiredtab/andro...mmit/6db8e690141a98e5cf9e6952c3572c127c0cf8ea
Aug 10 release notes
1. Incorporates Aug 5 security patches as per https://review.lineageos.org/q/topic:R_asb_2022-08
2. Fixes saving of color profile in live display during a reboot/shutdown.
https://github.com/retiredtab/andro...mmit/01b1ed6ba8c268a19762031415fde1b4e45d4ac3
3. Fixes offline battery charging by writing rules to allow charger to access certain files. This removes the previous workaround. Thanks to @simon-edwards for providing an adb logcat that showed the denials.
https://github.com/retiredtab/andro...mmit/041ae45960170e68410b059f4f709e9c14b79a99
July 23, 2022
1. Added argosd to improve wifi throughput as per https://github.com/retiredtab/andro...mmit/c181aa0c5192e46a5a03d4451e2648481a520c0f
2. Incorporates July 5th security patches as per https://review.lineageos.org/q/topic:R_asb_2022-07
3. Incorporates a workaround for offline charging.
https://github.com/retiredtab/andro...mmit/9d019f0a3be789850a9add18d042990631f05b44
Previously, if the device was off and you plugged in a charger, it would show a battery icon and this would display indefinitely giving no sign of charging animation. With this workaround, the battery icon is displayed for a few seconds and then a white circle with a charge symbol inside it is shown to indicate it's charging.
After a few seconds, the screen will go blank and continue charging. The side effect of this workaround is that in order to turn on the device, you first must unplug the charger and then turn on your device. If you try to turn on the device with the charger cable plugged in, it won't turn on.
June 12, 2022
1. Removed vibrator code from gts2-common as wifi only models don't have vibrator motor (only LTE models).
https://github.com/retiredtab/andro...mmit/e54aee73a98e3cef6e74f96c1815cec9c82ff10d
https://github.com/retiredtab/andro...mmit/dd846b06378182398c55b57b2edc2537369bd509
2. Incorporates June 5th security patches as per https://review.lineageos.org/q/topic:R_asb_2022-06
May 12, 2022
1. Added overlay for led capacitive led buttons as per https://github.com/retiredtab/andro...mmit/83551570e4627a0e353e358787f83aa65484b528
2. Incorporates May 5th security patches as per https://review.lineageos.org/q/topic:R_asb_2022-05
April 11, 2022
1. YOU MUST read posts 1-4 if you haven't already
2. First public BETA release of selinux enforcing T710 build.
3. Incorporates April 5th security patches as per https://review.lineageos.org/q/topic:R_asb_2022-04
4. BACKUP your data because YOU MUST wipe dalvik/cache, cache, system, data and internal storage partitions in TWRP and FORMAT DATA after as this is the first release of this build. You cannot dirty flash at all. See FAQ.

Reserved.

Initial public build called lineage-18.1-20220411-UNOFFICIAL-gts28wifi.zip. The sha256sum file is provided as well to ensure integrity of download.
lpedia has tested all the functionality as to what works as per post #1 before uploading the build. Having said that, there's still a chance it won't work on your device due to human error, your configuration, your apps, etc. If it won't boot, always start with a complete wipe of everything and format your data. This is known has a clean install. Backup your data before a clean install.
April 11, 2022
1. YOU MUST read posts 1-4 if you haven't already
2. First public BETA release of selinux enforcing T710 build.
3. Incorporates April 5th security patches as per https://review.lineageos.org/q/topic:R_asb_2022-04
4. BACKUP your data because YOU MUST wipe dalvik/cache, cache, system, data and internal storage partitions in TWRP and FORMAT DATA after as this is the first release of this build. You cannot dirty flash at all. See FAQ Q11.

Congratulations on the awesome release!

New build called lineage-18.1-20220512-UNOFFICIAL-gts28wifi.zip
lpedia has tested all the functionality as to what works as per post #1 before uploading the build. Having said that, there's still a chance it won't work on your device due to human error, your configuration, your apps, etc. If it won't boot, always start with a complete wipe of everything and format your data. This is known has a clean install. Backup your data before a clean install.
May 12, 2022 release notes
1. YOU MUST read posts 1-4 if you haven't already
2. Added overlay for led capacitive led buttons as per https://github.com/retiredtab/andro...mmit/83551570e4627a0e353e358787f83aa65484b528
3. Incorporates May 5th security patches as per https://review.lineageos.org/q/topic:R_asb_2022-05
4. If you are upgrading from the April 11 build, you may dirty flash the May 10 build. If you are NOT coming from the April 11th, 2022 build, you MUST BACKUP your data because YOU MUST wipe dalvik/cache, cache, system, data and internal storage partitions in TWRP and FORMAT DATA. You cannot dirty flash at all. See FAQ Q11.

Hi there, thanks for your ROM. I would like to report a bug with using it.
May 12, 2022 release "lineage-18.1-20220512-UNOFFICIAL-gts28wifi" with "open_gapps-arm-11.0-pico-20220503".
All factory resetted through TWRP, after flashing and booting the device it is stuck on "Just a sec..." when selecting set up offlie. If you try to set it up over wifi it is stuck on "Getting your tablet ready."
I've included my logcat, if you need more info or another reproduction please let me know.
Thanks!
Kim

kimrosebush said:
Hi there, thanks for your ROM. I would like to report a bug with using it.
May 12, 2022 release "lineage-18.1-20220512-UNOFFICIAL-gts28wifi" with "open_gapps-arm-11.0-pico-20220503".
All factory resetted through TWRP, after flashing and booting the device it is stuck on "Just a sec..." when selecting set up offlie. If you try to set it up over wifi it is stuck on "Getting your tablet ready."
I've included my logcat, if you need more info or another reproduction please let me know.
Thanks!
Kim
Click to expand...
Click to collapse
Hi, @kimrosebush. Thank you for sending a logcat.
This kind of problem is often because the gapps package isn't quite right for some reason. Google Setup needs the underlying Google Play services to be present and working properly. This line from your logcat suggests they are not:
Code:
05-12 22:29:54.077 4147 4225 W GooglePlayServicesUtil: com.google.android.setupwizard requires Google Play services, but they are missing.
A few questions about the process you followed:
1. What OS was on the T710 before you began? If it was stock Android, was it the latest version available?
2. Did you install the correct version of TWRP (see Q5 in the FAQ)?
3. When you say "All factory resetted through TWRP", what did you actually do?
4. When did you install the gapps package? Just after the ROM, before first boot?
Have you checked whether everything else is working? In particular, is wifi connecting and working properly? [Pressing the Home button should get you out of the stuck Google Setup.]

lpedia said:
Hi, @kimrosebush. Thank you for sending a logcat.
This kind of problem is often because the gapps package isn't quite right for some reason. Google Setup needs the underlying Google Play services to be present and working properly. This line from your logcat suggests they are not:
Code:
05-12 22:29:54.077 4147 4225 W GooglePlayServicesUtil: com.google.android.setupwizard requires Google Play services, but they are missing.
A few questions about the process you followed:
1. What OS was on the T710 before you began? If it was stock Android, was it the latest version available?
2. Did you install the correct version of TWRP (see Q5 in the FAQ)?
3. When you say "All factory resetted through TWRP", what did you actually do?
4. When did you install the gapps package? Just after the ROM, before first boot?
Have you checked whether everything else is working? In particular, is wifi connecting and working properly? [Pressing the Home button should get you out of the stuck Google Setup.]
Click to expand...
Click to collapse
Hey @lpedia thanks for the reply.
1. LineageOS 17.1 I believe was the build.
2. Yes I installed the provided version.
3. I formatted all partitions except SD, flashed the images and then formatted the SD to ensure a completely wiped device.
4. Just after the ROM.
I tried a few times further, then I decided to go for the 'full' OpenGApps package; once I used this one and attempted the offline setup again I was able to proceed further in configuring the tablet.
Thanks for the hint in the right direction. Am glad to be on Android 11 now.
Kind Regards,
Kim

I will be removing opengapps from the FAQ because for several months now (starting around Oct 2021), the opengapps project has been releasing UNTESTED builds that results in bootloops or non working gapps services. Despite numerous requests/posts from the community to slow down the releases and actually TEST THEM BEFORE release, the latest May 3, 2022 shows there is still room for improvement.
This thread in the opengapps forum is just the latest example. Details of UNTESTED builds are also in the same megathread below.
https://forum.xda-developers.com/t/...rsions-devices.3098071/page-367#post-86885091
It's also shown up in other roms like
https://forum.xda-developers.com/t/...7-1-04-30-2022.3937956/page-100#post-86885353
This would be a good time for user to do their own research on which gapps is best for them or use NONE at all. I use Aurora Store myself.
Just a reminder that the builds we release are TESTED and verified to have all the functionality as listed in post #1.

kimrosebush said:
Hey @lpedia thanks for the reply.
1. LineageOS 17.1 I believe was the build.
2. Yes I installed the provided version.
3. I formatted all partitions except SD, flashed the images and then formatted the SD to ensure a completely wiped device.
4. Just after the ROM.
I tried a few times further, then I decided to go for the 'full' OpenGApps package; once I used this one and attempted the offline setup again I was able to proceed further in configuring the tablet.
Thanks for the hint in the right direction. Am glad to be on Android 11 now.
Kind Regards,
Kim
Click to expand...
Click to collapse
Good to hear!
Note that you don't have to be quite so brutal about wiping absolutely everything for a 'clean' flash. I manually wipe Dalvik / ART Cache, Cache, and System, and then Format Data. I have never reformatted the SD.
If you have any further trouble, I suggest you try starting again with a clean flash and a different gapps package, or try doing without any gapps, as @retiredtab has recommended in the post above.
In my experience, some gapps packages, or sometimes just a particular version of a gapps package, don't work with some ROMs. I have not tried opengapps, but I can confirm that BiTGApps-arm-11.0.0-R45_signed.zip does work on my T710 with this particular ROM version.
I personally like BiTGapps because it installs only the bare minimum needed (Google services and Play Store; doesn't even automatically run Google Setup) and doesn't have to be installed before first boot. So it's possible to install LOS, boot the system, make sure everything's working, then go back into TWRP and install gapps. If any problems turn up, this approach also makes it easier to tell whether it's something to do with LOS or with gapps.
You could also try running LOS without any gapps, and if you decide you want gapps after all, install BiTGapps without having to clean-flash and start again.

I just installed this rom two days ago. It has been working great. Today, however, I noticed that Trust gave me a message about the build having public keys. Yesterday, I don't recall getting that message. Also, root checker says "root access is not properly installed." The last time I checked, it was not rooted. Finally, my CRAVE (a Canadian streaming service) app won't play videos but gives a "device is rooted" message. Netflix works however.
Would you have any idea what is going on or how I should deal with this?
Thanks,
MC

Dr_MC said:
Today, however, I noticed that Trust gave me a message about the build having public keys. Yesterday, I don't recall getting that message.
Click to expand...
Click to collapse
On April 6, @lpedia and I had a PM discussion about signing builds.
lpedia wrote
Code:
"About signing builds ... an issue with just using the default test-keys signature is that someone can easily create
their own builds and pass them off as someone else's, possibly adding malicious or just plain bad code, and their
package would look just like the original."
I replied
Code:
"For our purposes, maybe we should just include the sha256sum and recommend that the users verify
them to ensure the file downloaded correctly and it wasn't modified?"
To get stop seeing that trust message, goto settings, privacy, trust, turn off build signature.
Dr_MC said:
Also, root checker says "root access is not properly installed." The last time I checked, it was not rooted. Finally, my CRAVE (a Canadian streaming service) app won't play videos but gives a "device is rooted" message. Netflix works however.
Click to expand...
Click to collapse
I can't see the Crave app in Aurora Store. I use the app devcheck to check for root access and the screenshot clearly shows it's not rooted.
There's nothing in my code to enable root. In fact, I don't even want root on my devices.
For Crave, you can try using Magisk and it's hide root function to see if that will fool Crave into thinking the device is not rooted.

Dr_MC said:
Also, root checker says "root access is not properly installed." The last time I checked, it was not rooted.
Click to expand...
Click to collapse
I did installed the above root checker app and got the same message. That is, the T710 rom, by default is NOT rooted. I don't know why Crave would say it's rooted.
I believe root checker's main function is to verify that your rom is "rooted" so when it says "root access is not properly installed.", it's trying to tell you that your attempt to use Magisk or similar type app to root the rom was unsuccessful.
BTW, you are better off using devcheck as it's an excellent ad-free utility that I use on a regular basis to help develop this rom vs the ad-infested root checker app. While devcheck isn't open source, it's written by flar2 who is a xda member here.

Dr_MC said:
Also, root checker says "root access is not properly installed." The last time I checked, it was not rooted.
Click to expand...
Click to collapse
Root Checker Basic says "Sorry! Root access is not properly installed on this device" when asked to confirm root status on an unrooted device. So as far as that app's concerned, it just means "I can't confirm it's rooted". Which is to be expected if it isn't rooted and you haven't even tried to root it.
If that isn't the app you're using, see if you can find out what it means to your particular root-checker app.
Dr_MC said:
Finally, my CRAVE (a Canadian streaming service) app won't play videos but gives a "device is rooted" message. Netflix works however.
Click to expand...
Click to collapse
Did the CRAVE app work on this device when it had the stock Samsung ROM? Do you have to register devices to receive this service? If so, might it need to be re-registered? Because its device ID will have changed.

Thanks for suggesting devcheck. It says I'm unrooted. Perhaps Crave noticed the unlocked bootloader or the custom ROM.

It did work with stock. It was registered, twice in fact. I deleted both, registered it again. The ap still says I'm rooted. Oh well, that's ok, I can use crave through a browser.
BTW do you know where I can find the stock keyboard?
Thanks

Dr_MC said:
BTW do you know where I can find the stock keyboard?
Click to expand...
Click to collapse
If you mean the Samsung keyboard - sorry, no, I don't. I switched to a different keyboard years ago. Google's GBoard has similar functionality, I think. MS SwiftKey is OK, too - has the best (most relevant) suggested text of any of the keyboards I've tried.

ROM working fine for me after trial and error with various gapps. FWIW I ran into the "just a sec " with opengapps. I finally had some joy by flashing the rom, but not gapps. Boot the ROM and completely setup it up Lineage. Then I restarted and flashed open gapps. When I rebooted everything came uo fine and has been solid eversince. Kudos your you gentlemen for fixing the Wifi ! Its been nice to have it work stably.

[UNOFFICIAL][ROM]BETA LineageOS 18.1 for SM-T813 - June 9, 2023

PLEASE BEFORE YOU decide to try this rom, you MUST read all of post 1, 2, 3 and 4 (about 10 minute read). If you think this is an unreasonable request, then stop reading now and find another rom. Thank you.
This is ONLY for the T813. I do not have and will NOT build T713, T719 and T819. See post #2, FAQ 20. Any questions asking to build these will be ignored.
I am not responsible for lost data, identity theft, lost money, security vulnerabilities, bricked devices or any other hardware or software malfunctions that comes as a result of flashing this rom.
BACKUP YOUR DATA AND OLD rom BEFORE trying my rom.
If you are NOT an expert in using fastboot, adb, odin, heimdall, twrp, DO NOT use this rom. You must know how to use these tools to revert back to your old rom. If you are new to flashing custom roms, do NOT attempt this. If you need your tablet for work and something important, do NOT flash this rom. This rom could result in a bricked device or boot loop or non booting device or you not being able to revert back to your old rom.
What works
1. bluetooth
2. wifi
3. brightness
4. external audio
5. GPS
6. audio through headphone jack
7. audio over bluetooth
8. selinux enforcing
9. deep sleep
10 DRM level 3 (SD definition)
Known issues/What doesn't work/what's not tested
NOTE: If any following features are important to you, don't use this rom as I will not be fixing them because I
i. don't use/need that feature
ii. already tried fixing it and couldn't succeed and won't spend anymore time on it.
1. Stock camera doesn't work at all (reason i and ii). Opencamera version 1.51.1 works for taking pictures and videos BUT with a 10 to 15 second delay when switching between functions.
I have not tested any video conferencing apps so they may or may not work. If they don't work, revert back to old rom as I will not be spending anytime trying to fix/troubleshoot.
2. fingerprint (reason i). I never use it and I see it doesn't even load correctly in the logs.
3. ARM64 gapps (reason i). Some of you require gapps for whatever reason. I use Aurora Store for my purposes and thus have NO KNOWLEDGE of the current state of ARM64 gapps.
There are various gapps projects (at least 5 in 2023). Each has pros and cons. It's your job to do the research and find a suitable gapps project. I suggest you allocate at least a couple of hours/days doing your own research. My rom works by itself fine without gapps. DO NOT talk about gapps in this thread. As a courtesy to gapps users, I have opened a new thread at
https://forum.xda-developers.com/t/...o-use-discussion-for-18-1-rom-sm-t813.4540423
so you may discuss gapps. I will NOT be participating in that thread as I do NOT use gapps.
4. disk encryption (reason i). Never tested.
5. If you restart the device with the purpose to reboot it and the usb cable is plugged in, the device will not reboot and stay in charging mode. Simply unplug the usb cable, wait 15 seconds and restart the device.
Source code
All the source code including the kernel is provided in post #2 FAQ1.
Thanks
1. LineageOS team for source code.
The rest in alphabetical order.
2. @Deltadroid for updating the msm8976 kernel for branches 14.1 and 16.0 with bug and security fixes. I'm using his 16.0 branch.
3. @lifehackerhansol for suggesting that I kang the pm-* proprietary blobs from another rom and making suggestions for possible fixes to the camera.
4. Team Infusion Developers github.

FAQ - I spent hundreds of hours building this rom. The least you can do is spend a few minutes reading everything before posting.
Q1. Where are the source and kernel source files?
A1. The kernel source files are at
https://github.com/syphyr/android_kernel_samsung_msm8976/tree/lineage-16.0
The device tree files are at
https://github.com/retiredtab/android_device_samsung_msm8976-common
https://github.com/retiredtab/android_device_samsung_gts210vewifi
The vendor tree files are at
https://github.com/retiredtab/proprietary_vendor_samsung_msm8976
The manifest.xml (or roomservice.xml) and build instructions for 18.1 are at
https://github.com/retiredtab/LineageOS-build-manifests/tree/main/18.1
Q2. Is this BETA rom suitable as a daily driver?
A2. It can be depending on your requirements. I can't test every app so you try it yourself to see if it's suitable. I've been using this rom myself since Oct 2022 with no major issues. I suggest you do a clean install, see FAQ 11, and flash this ROM BY ITSELF (no gapps, magisk, etc) and see if you like it.
Q3. What if my app, xyz, doesn't work?
A3. If your app doesn't work, then go back to your old rom.
Q4. Your rom is laggy and buggy.
A4. If you find the above, then go back to your old rom. Your tablet will also run slower when you use gapps. You can run a lot of software without using gapps. Research fdroid, newpipe, Aurora store etc.
Q5. What TWRP should I use?
A5. You MUST use TWRP 3.6.2_9-0. Do not use any other version for these reasons.
https://forum.xda-developers.com/t/...or-sm-t810-jan-11-2023.4430349/#post-86745013
https://dl.twrp.me/gts210vewifi/
I will not answer questions if you don't use this exact TWRP version.
Q6. Why should I use this rom?
A6. If you don't like this rom, then don't use it.
Q7. Will you offer monthly updates with security patches?
A7. I will try to offer monthly security patches, but that all depends on if I continue to have high speed Internet in the future.
Q8. Can you help me? I'm a newbie. Can you provide step by step instructions?
A8. I don't have the time to help newbies, so please do your own research. There are lots of tutorials, videos, etc on how to flash roms. Newbie questions must be posted in the Questions and Answers forum, not here. In addition, I don't run Windows OS at all.
Q9. Can I report a bug with respect to the rom?
A9. Yes, but you need to supply the following information. If you don't, I won't look at it.
You must provide an adb logcat of the problem and tell me how to reproduce it. Note I will not be downloading any apps that require money or an userid/password. For example, if you have problems with Netflix, I cannot help you since I don't have a paid subscription. If you use some app that requires an userid/password, I cannot help you as I'm not willing to create another userid/password even if it's free.
To get a logcat, open up a terminal window.
Code:
# clear the logcat first
adb logcat -c
# start logcat trace
adb logcat > problem.txt
# reproduce problem
# wait until problem has occured, then stop trace by hitting ctrl-c
# attach the problem.txt ZIPPED as text files don't seem to get attached properly
Q10. Will you build 19.1 and higher for this device?
A10. Any questions on higher Android versions will be completely ignored. I do this in my free/spare time and will not be subject to any ETAs or demands. If you want a higher version, the source code is freely available as per FAQ #1 and you can build it yourself.
Q11. Do I need to erase everything and format my data?
A11. Yes, you MUST erase all the partitions (system, data, dalvik/art cache, cache) using TWRP and MUST format your data before installing 18.1 when you are coming from stock or an earlier version of LineageOS or from another custom rom. If you get stuck at the boot animation for more than 5 minutes, it's likely because you didn't follow the instructions I just wrote. Dirty flashes from stock, other custom roms or older LineageOS versions are not supported and not likely to work.
You MUST FORMAT DATA in TWRP so backup your files first to some external storage (external microsd or PC).
NOTE: After you do the above, first boot (without gapps, magisk, etc) will take about 90 seconds. It may pop with a message saying "System UI isn't responding". Hit close app and then reboot the tablet again.
Q12. What gapps should I use?
A12. I don't use gapps anymore. I use Aurora Store. As of Nov 6, 2021, I no longer make recommendations on which gapps to use as your mileage may vary.
Let me by crystal clear. YOU NEED TO DO YOUR OWN HOMEWORK selecting between the various ARM64 gapps offered. There are 5: opengapps, nikgapps, mindthegapps, flamegapps and bitgapps. Each one will have it's own installation instructions. The only recommendation I will offer to use the SMALLEST version of gapps.
Don't be surprised that whatever gapps you use might have problems like "Just a sec", voice not working, updating google play store please wait, etc. These are NOT problems of the OS as the OS will run fine without gapps. These are gapps problems and you must ask in the gapps forum why it doesn't work.
In addition, some of the gapps may not install properly when using TWRP and say "cannot /mnt/system".
Q13. I'm having problems with gapps, can you answer why it's not working?
A13. I WILL NOT answer any questions regarding gapps. This thread is about the rom, not gapps. Android does not depend on gapps in order to work.
Questions about gapps, for your courtesy, should be asked in the thread below.
https://forum.xda-developers.com/t/...-use-discussion-for-18-1-rom-sm-t813.4540423/
Q14. Why isn't my post answered or ignored?
A14. Questions already answered in the FAQ will be completely ignored. Again, I do not use Windows OS or gapps.
Q15. What speed up/optimization tips do you suggest?
A15.
1. Turn off animations. Go into developer settings, scroll down to the drawing section, and set window, transition and animator scale all to "off".
2. If you don't have a google account, don't install gapps. Use Aurora Store to get your apps as you can get all the same apps from the play store using an anonymous login.
3. Use a web browser like Brave that has built in adblock and privacy features.
4. Use newpipe to watch your streaming content. It has built in adblock so you don't have to watch forced ads.
5. Look for apps that are open source, ad free and lightweight.
Q16. Does this rom support Magisk for root?
A16. I don't use Magisk. Magisk is always being updated to fool Google's certification process which may or may not work.
Q17. Will this rom ever become official?
A17. Never. I don't want the responsibilities that come with being an official maintainer.
Q18. What is the difference between this rom and others?
A18. This rom tries to be pure LineageOS with little to no modifications.
Q19. Will there be any major 18.1 code modifications in the future?
A19. I don't anticipate any major modifications. There may be some small bug fixes and minor code cleanup, but all the hard work in getting the rom up and running and fixing all the major bugs have been completed. This doesn't mean the code is perfect or well organized, but I won't be doing any major changes now that 18.1 is working.
Q20. Can you build a variant of this device? For example, a LTE or S-pen version.
A20. If I don't physically have the device, I cannot and will not build it unless I can boot and test it myself. Even then, there's no guarantee that I can get those variant features working. To be clear, I will NOT build T713, T719 and T819.
Q21. Can I load this rom on a variant devivce like LTE or S-pen version?
A21. The rom is built for the device explicitly listed. If you are an advanced user and understand TWRP, adb, odin, heimdall, you can try loading it on a LTE or S-pen variant by modifying the updater-script, but it may cause a bricked device, bootloops or non functionality of LTE/S-pen. You have been informed and warned!
Q22. Does this rom support OTA updates?
A22. No and I have no plans to add that functionality.
Q23. Okay, I understand the consequences and that this is BETA rom and willing to take the risks outlined, now where can I find the rom?
A23. You can download it from
https://sourceforge.net/projects/retiredtab/files/SM-T813/18.1/

Release Notes
I have personally tested all the functionality as to what works as per post #1 before uploading the build. Having said that, there's still a chance it won't work on your device due to human error, your configuration, your apps, etc. If it won't boot, always start with a complete wipe of everything and format your data. This is known has a clean install. Backup your data before a clean install.
June 9, 2023 release notes
1. Incorporates June 5 security patches as per https://review.lineageos.org/q/topic:R_asb_2023-06
2. Whatever LineageOS changed since May 5th patches (about 5,600 files had to be recompiled).
May 7, 2023 release notes
1. Incorporates May 5 security patches as per https://review.lineageos.org/q/topic:R_asb_2023-05
2. Whatever LineageOS changed since Apr 5th patches (about 6,600 files had to be recompiled).
Apr 15, 2023 release notes
1. Incorporates Apr 5 security patches as per https://review.lineageos.org/q/topic:R_asb_2023-04
2. Whatever LineageOS changed since Mar 5th patches (about 4,500 files had to be recompiled).
3. Updated aptX code so that it works and stops crashing (broken in 17.1) as per https://github.com/retiredtab/propr...mmit/3f6bd0d979ae25e3ba23e2c214fa7207c81f6b32
March 17, 2023 release notes
1. Incorporates Mar 5 security patches as per https://review.lineageos.org/q/topic:R_asb_2023-03
2. Whatever LineageOS changed since Feb 5th patches (about 24,000 files had to be recompiled).
3. Added overlay to control capactive key light buttons to enable/disable or change duration as per
https://github.com/retiredtab/andro...mmit/5a2649a040adfb879fd03076f97dd5321c5e27e6
Feb 13, 2023 release notes
1. Incorporates Feb 5 security patches as per https://review.lineageos.org/q/topic:R_asb_2023-02
2. Whatever LineageOS changed since Jan 5th patches (about 13,000 files had to be recompiled).
3. Updated DRM code so that Disney+ works. See
https://github.com/retiredtab/andro...mmit/6c41d16cf1a8b2e8c436b3bef922a47e606381ee
https://github.com/retiredtab/propr...mmit/fed0f34d48330908165f78051066127b0e1870d8
Jan 7, 2023 release notes
1. Initial release of 18.1
2. Incorporates Jan 5 security patches as per https://review.lineageos.org/q/topic:R_asb_2023-01
3. If you are upgrading from a custom rom, stock or any older versions of LineageOS (like 14.1, 16.0 or 17.1) YOU MUST wipe dalvik/cache, cache, system, data and internal storage partitions in TWRP and FORMAT DATA in TWRP. You cannot dirty flash at all. Backup your data first.

Reserved #4

I have personally tested all the functionality as to what works as per post #1 before uploading the build. Having said that, there's still a chance it won't work on your device due to human error, your configuration, your apps, etc. If it won't boot, always start with a complete wipe of everything and format your data. This is known has a clean install. Backup your data before a clean install.
18.1 has been my daily driver since Oct 2022.
Jan 7, 2023 release notes
1. YOU MUST read posts 1-4 if you haven't already.
2. Incorporates Jan 5 security patches as per https://review.lineageos.org/q/topic:R_asb_2023-01
3. If you are upgrading from a custom rom, stock or any older versions of LineageOS (like 14.1, 16.0 or 17.1) YOU MUST wipe dalvik/cache, cache, system, data and internal storage partitions in TWRP and FORMAT DATA in TWRP. You cannot dirty flash at all. Backup your data first.

Thanks for all your efforts. I never thought anything above Android 10 would see the light of days on the T813 model, since it was highly neglected here in my opinion. I will definitly try it out

THANK YOU "RETIREDTAB" this is awesome!
I will try it out on my T813 and report back here if there are any problems, Thanks a lot for this rom!!!

@retiredtab, many, many thanks for this rom. Have done a full clean install, the backup of the previous 17.1 took longer. So far everything I need to use is working perfectly. I mainly read the news, pick up emails and buy too much stuff from amazon.
went with the opengapps pico set, and all my google stuff is working, and it restored my apps from the previous backup. Did have some odd issues giving permissions to to the various google apps but once that was sorted it ran.
keep up the good work, and will keep testing

Further update after a weekend of use, the screen off battery drain seems to be minimal(may be Greenify helping) but appears to be better than I had on the previous 17.1 rom. No other issues found as yet.

will the camera issue be adressed or it will stay like that?

Ferchurito said:
will the camera issue be adressed or it will stay like that?
Click to expand...
Click to collapse
I'd say its unlikely to change, far as I know its never been fixed in the previous 17.1 rom either. As retiredtab mentions in point 1, camera use is not a big need or he has alrady tried to fix it and not been able to.

I did everything wrong with a working result:
-My Starting point: LineageOS 17.1 (ripee) installed
- Backup of User Data @ Android System (copy to MicroSD)
- Updated the TWRP version to the recommended in TWRP (coming from ripee version for 17.1)
- Boot to System to ensure it's still working
- Backup everything in TWRP
In one batch without booting in between:
- I dirty flashed "lineageOS 18.1" over "lineageOS 17.1 (from ripee)"
- Flashed the Arm64 version for Android 11 of "mindTheGapps" over existing "OpenGapps (for Android 10)"
- Flashed Magisk *.zip
- Deleted Cache and Dalvik
Boot to system and it's working perfectly so far
FYI.: Camera App "ProcamX" is working as well.
FYI.: Especially for lineageOS 17.1 users: I can confirm GPS is working (GPS Test Plus)
For sure I wouldn't recommend this procedure and maybe I will do a clean install later to gain smoothness and to make it stable in general but so far it's super nice, no bootloop, random restarts (BUT it's based on a few hour usage only) or whatever and a big thank you to ritiredtab

I have Magisk and safetynet pass flashed. I can download Netflix from Playstore but it doesn't play any content. It seems that Widevine / DRM is not part of the ROM at all as the App "DRM Info" doesn't show any Widevine information. In consequence Netflix doesn't play and stuck in "loading". Anyway it seems to enable some old DRM blobs can fix the issue like at least for L3 which is SD playback. Something like here needs to be added I think....:
https://review.lineageos.org/c/LineageOS/android_device_moto_shamu/+/339185
Didn't dig deeper into the topic so far. Just want to share the info.

Renzke said:
It seems that Widevine / DRM is not part of the ROM at all as the App "DRM Info" doesn't show any Widevine information.
Click to expand...
Click to collapse
As I listed in post #1, DRM L3 works as I check/test/verify ALL my public xda builds for the functionality in post #1 before uploading.
Here's the results of checking DRM with 4 different programs. Devcheck by flar2 is what I use to check all my ROMS for a variety of values and widevine DRM L3 (along with clearkey) is clearly shown. Device Info HW and DRM Check also show widevine properly.
DRM Info by Android Fung is the only one that cannot show the widevine information which may be due to a bug in this program or it's poorly written and being denied by selinux enforcing.
DevCheck and Device Info HW are both ad free while DRM Check and DRM Info are infested with ads. The latter 2 are programs I will never use again.
In addition, DRM Info by Android Fung shows this in the logcat
Code:
GooglePlayServicesUtil: com.androidfung.drminfo requires the Google Play Store, but it is missing.
As I mentioned several times, I do NOT and will NOT install any gapps.
Your link to gerrit regarding DRM is already in my code (done a bit differently, but works as clearly shown by Devcheck).
https://github.com/retiredtab/propr...mmit/92ecf0f7615a291281e4b39da6be956e92e66d82
https://github.com/retiredtab/andro...mmit/5a91ac3d5d14510b335f8d6ec650b254edcdb2dc

@retiredtab Thanks for the detailed reply. You are right. I See Widevine L3 in other Apps as well. Shame on me '-'. Even Netflix itself gives this Info... Anyway... Playback is not starting while preview videos are working. Tried already a couple of versions without success and checked the permissions. As I'm customized with Magisk the rootcause could be on my side for sure. Prime Video is working by the way. Would be nice to know if a clean install has the same behaviour.

Renzke said:
@retiredtab I See Widevine L3 in other Apps as well.
Click to expand...
Click to collapse
There's a reason why I always recommend clean installs. When you don't do it, it leads to unexplained problems. If Prime is working, that suggests DRM L3 is working.
If a clean install doesn't work with Netflix, then see FAQ 9 and send me the logs (zipped). There's no guarantee that it will show anything wrong or if I can fix it. I don't have/use Netflix or any other $treaming service.
Having said that, I do build other roms like the T810 (S2 2015 exynos model) and others have commented that they do not need Magisk hide, root, etc to get Netflix shown in the playstore because my T810, like this T813, is selinux enforcing. They report that the T810 shows up as "device is certified".
Again, since I don't use gapps, I cannot confirm if "device is certified" is true for T813, but if it is, then Netflix should show up without Magisk/hide, root, etc. If it does show up, it's a bonus. If the T813 shows up as "device not certified", I have no plans to fix this as I don't use gapps.

@retiredtab I'm not sure if I will do a clean install as the system is working quite well expect Netflix and at the end of the day it's not super important for me. In case I do a clean install I will provide a log and be thankfull for the offer to fix things
The chances to have an indication is maybe low in the logs as Netflix loops in the loading screen without an error at all. Anyway I don't want to waste your time with this topic currently as I cleary didn't follow your instructions by doing a dirty flash and so on. And again... Super nice to have this rom which gives my tablet a 2nd life. Thanks a lot.

Renzke said:
@retiredtab I'm not sure if I will do a clean install as the system is working quite well expect Netflix and at the end of the day it's not super important for me. In case I do a clean install I will provide a log and be thankfull for the offer to fix things
The chances to have an indication is maybe low in the logs as Netflix loops in the loading screen without an error at all. Anyway I don't want to waste your time with this topic currently as I cleary didn't follow your instructions by doing a dirty flash and so on. And again... Super nice to have this rom which gives my tablet a 2nd life. Thanks a lot.
Click to expand...
Click to collapse
I don't really care about using Netflix on this device, but figured I'd let you know that I'm having the same issues after a clean flash. Will try and grab a log later.

I have this strange problem
I have two tablets SM-T813 and SM-T819.
I installed Lineage os 18.1 on SM-T813 and SM-T819 (I modified the installer). On the T813 it booted without any problems. On the T819, on the other hand, it stands in bootloop. I went into recovery and there were no files in INTERNAL STORAGE, it was empty. To T819 I need to install some file or something so that it can start reading Memory and come out of bootloop?

K-BOX2022 said:
On the T819, on the other hand, it stands in bootloop.
Click to expand...
Click to collapse
As I mentioned in the FAQ, there's nothing I can do without the T819 physically in my hands. If the T813 worked on T819, then it's a bonus. If not, it was worth a try.