Related
Hello guys, I'm having a problem with my phone. I was trying out some scripts to improve the performance of the ms2, then all of a sudden it stopped working. So I turned it off and rebooted it, that's when it never came back again.
Following that, I tried flashing a sbf file, but using the RSDlite, no file is "clickable" to start flashing. What should I do??
I was using the EndlessCM7 but now I just want it working.... Any help would do!
Thanks...
Edit: ok so after searching (a lot) the forum, I got the answer from a post by r2beta0
Get the official ROM and start with that. Flash the SBF and it should wipe everything and put you back to day one.
Kangburra said:
Get the official ROM and start with that. Flash the SBF and it should wipe everything and put you back to day one.
Click to expand...
Click to collapse
The RSDlite would not accept any sbf, so I had to modify the froyo sbf, renaming some file, and then it worked flawlessly
Link the r2beta0's post, so other people with your problem could unbrick their phones.
Sent from my Milestone 2 XDA App
Quote- r2beta0
"I don't know if this is going to help, but you could try that anyway:
- Download MotoAndroidDepacker (utility to unpack/repack SBF's)
- Choose one stock SBF (2.2 FR for example)
- Open and unpack it with the utility
- Rename CG66.smg to CG37.smg (you are going to use preinstall image as data image, both are ext3, but has different sizes. Don't know if it's going to work).
- Use utility to open folder with unpacked images and repack it
- Put phone in bootloader mode and flash the repacked SBF (rebuilt/firmware.sbf)
- Post results here"
We have an incorrect SBF for Defy+ DEFYPLUS_4.5.1-134_DFP-125_45.0.1250.MB526.NonEFIGSRetail.en.EU which has incorrect bootloader.
And we have a correct SBF file Defy+ 4.5.1-134-DFP-125-CEE.
With MotoAndroidDepacker we can extract (or repack) sbf file and then we get some smg files.
The CG39.smg contains the "system". This CG39 file is a simple image file, we can mount it under linux: mount -o loop CG39.smg /mnt
Is it possible to modify SBF file, and get a working NonEFIGSRetail.en.EU?
i downloaded and i want to try because i have a sbf file where the wifi has very good signal+no market and one that is newer and has market but the wifi is terrible weak signal. pls help, what to switch?
Modding sbfs is impossible because the locked bootloader checks that every sbf that is flashed/booted is signed by Motorola. If we change anything in the sbf, then we break the signature and we won't be able to boot. That's the reason why we can't play around with the kernel, which is something we'd all love to do.
CM7 + CM9 double boot
crakeron said:
Modding sbfs is impossible because the locked bootloader checks that every sbf that is flashed/booted is signed by Motorola. If we change anything in the sbf, then we break the signature and we won't be able to boot. That's the reason why we can't play around with the kernel, which is something we'd all love to do.
CM7 + CM9 double boot
Click to expand...
Click to collapse
Just searching for a way to "mod" my Pro Plus, and i bumped into this discution.
I want to try a modify a sbf file to flash it via RDS Lite ( we have no modded recovery or so for the Motorola Pro Plus ).
My question is this: Can't you try and "fake" motorola's signature on the sbf file. Or can you try and bypass the check for the signature?
mereTz said:
Just searching for a way to "mod" my Pro Plus, and i bumped into this discution.
I want to try a modify a sbf file to flash it via RDS Lite ( we have no modded recovery or so for the Motorola Pro Plus ).
My question is this: Can't you try and "fake" motorola's signature on the sbf file. Or can you try and bypass the check for the signature?
Click to expand...
Click to collapse
Well, you can't fake or bypass the signature, but you CAN modify an SBF file to some extent without touching the signature. See this thread:
http://forum.xda-developers.com/showthread.php?t=1097754
Hi everybody. Sorry for my poor English. So, now I have just another brick. It was a stupid idea, I know, but I tryed to flash Aussie firmware (4.1.2) to my Retail Verizon Droid Razr M. Actually it's not work. Now I can download into fastboot mode, but I can't flash VZW 4.1.1 or 4.0.4 back. On the first step in RSD I have error "Failed flashing process: flash partition "gpt_mail0.bin" ->Phone returned FAIL" On the screen I can see: "downgraded security version update gpt_main version failed". Every partition flash successfully (singly) exсept "boot" , "system" and "gpt_mail0.bin".
What I can do to unbrick my phone? And can I do somethink? Try to google it, but can't find somethink better then buy broken device and change motherboard. But this is my last resort. I hope that possibily awake my phone.
If anyone have idea, I glad to hear. Thanks.
I think the reason is signed partitions in Australian firmwares. Now after flashing this I can't install any unsigned firmware (Like VZW). The only choise is unlock bootloader or signed VZW firmware. This 2 things is unreal in this time.
might try flashing the the aussie boot and system over the mostly vzw flash?
gpt_main0.bin doesn't exist in the aussie fxz, so no idea about that.
Q9Nap said:
might try flashing the the aussie boot and system over the mostly vzw flash?
gpt_main0.bin doesn't exist in the aussie fxz, so no idea about that.
Click to expand...
Click to collapse
I know message about gpt_main is about VZW firmware, not about Aussie. As I sayed, I try to roll back into Verizon. Flash aussie boot & system with VZW remains not work cause vzw partitions is unsigned.
all moto firmware is signed. the problem is different secure versions.
Q9Nap said:
might try flashing the the aussie boot and system over the mostly vzw flash?
gpt_main0.bin doesn't exist in the aussie fxz, so no idea about that.
Click to expand...
Click to collapse
Q9Nap said:
all moto firmware is signed. the problem is different secure versions.
Click to expand...
Click to collapse
Sorry, I mean partitions mark as signed or not.
So, I need to rollback from Australian firmware to Verizon,
Verizon's "gpt_main0.bin" file is "partition_signed" file in AU frimware.
Have dev. edition and somehow solved rollback with all partition except this gpt_main0.bin which now isn't flashable even on unlocked bootloader.
Looks like this file is basic flash partition scheme, don't know how to completely wipe it using terminal.
Same problems with boot.img and system.img were solved by deleting these partition under terminal in TWRP and creating new ones.
Any suggestions? Why the hell dev.edition is needed if i can't flash back partitions?
my guess is this gpt_main0.bin/partition_signed is the "new" cdt.bin from older firmware. it contains the secure version scheme for the partitions. surprised that the secure version can't be reverted on dev edition devices
Q9Nap said:
my guess is this gpt_main0.bin/partition_signed is the "new" cdt.bin from older firmware. it contains the secure version scheme for the partitions. surprised that the secure version can't be reverted on dev edition devices
Click to expand...
Click to collapse
maybe try to erase cid in moto fastboot?
I've read this post: http://forum.xda-developers.com/showthread.php?t=1262266
Basically, what partition is contained in this gpt_main0.bin file from the list in that post?
Maybe it is the correct way to determine the correct partition and after that delete it? Since unlocked bootloader already permited deleting signed system and boot partitions and reflashing them with regular unsigned.
---------- Post added at 08:55 AM ---------- Previous post was at 08:45 AM ----------
I've inspected both VZ gpt_main0.bin and AU partition_signed in HEX, they're both signed with motorola certificate. 00007D7A - 00007E79.
So this is not comparison between signed and unsigned versions. Look like AU file just enabled this checking in some currently unknown way.
Any ideas how to roll back security version?
You cant revert the secure version on stock hardware, It's connected to the locked bootloader signatures.
I would try using the partition_signed file from the AU XML.zip and flashing that using all of the other partitions from the VZW 4.11 XML.zip.
That should allow you to flash successfully and have a bootable phone, albeit a hybrid of sorts with the AU signed partition table.
why on earth are so many Verizon XT907 users trying to flash Aussie XT905 firmware?????
wintermute000 said:
why on earth are so many Verizon XT907 users trying to flash Aussie XT905 firmware?????
Click to expand...
Click to collapse
Anybody else??? I'm surprised about it. I agree that's not lucky idea
Welcome to the “All Things” Razr I Index thread. This Index thread contains basic information about the Motorola Razr I a.k.a. XT890 to get you started. It won’t contain any KERNEL and ROM Development, because of the numerous kernels and roms people can make. It would just flood this thread if it happens.
All the work that is presented in this thread belong to their rightful owners. I just sorted them and linked the threads in here.
Everything that u do to your phone it totally your own responsibility. Nobody here or elsewhere can be held account for a failure in flashing, device bricked or a rom problem if u tempered with your own device. But maybe we can help if u ask nicely.
This Index thread contains the following in this order:
A. GENERAL DISCUSSIONs
B. GENERAL (DEV) TOOLs
C. UNLOCK BOOTLOADER and ROOT
D. RECOVERYs
E. FIRMWAREs
F. MODs
G. WARNINGs, BRICKED DEVICEs SOLUTIONs/DISCUSSIONs
H. DOWNGRADE TO ICS
I. FROM STOCK TO CUSTOM ROM
J. FROM CUSTOM ROM TO STOCK (with RELOCK BOOTLOADER)
Some important notes:
When using 3rd party software to alter your device u warranty may be voided. In every country this is different. Before going ahead, read your legal rights!!!
Each thread/sections can contain “important” notes
Do your research before doing anything
Read the information the owner of the thread gives u
Highly recommended to have a look at the ‘warnings, bricked devices solutions/discussions’ threads before using RSD-Lite and fastboot commands like flashing manual firmware versions.
Last note:
If u find something missing that should definitely be in this Index thread, please share.
If u find anything wrong and u know the answer, please share.
Can someone have a look at the downgrade section. That’s the only one I don’t know for sure.
A. GENERAL DISCUSSIONs
Are recommended discussions about new firmware and features
RAZR I Help Guide (2013)
Motorola 4.4 (2014)
FM Radio (2013)
RAZRi XT890 USB OTG Capabilities
B. GENERAL (DEV) TOOLs
Contains threads with information about tools that you may need for your device
Motorola USB drivers
Motorola Device manager (driver)(Windows)
Motorola Device manager (driver)(Mac)
Motorola usb drivers for all devices. It also installs the device manager that checks for updates for your device. You can delete the program and still use the drivers. If u want the drivers alone, search the internet. No valid official link yet.
[TOOL] [WINDOWS] ADB, Fastboot and Drivers - 15 seconds ADB Installer
In different threads are different methods to acquire those tools. If u have them ones installed right, u don’t need them twice. It isn’t bad to have them multiple times though.
Motorola mFastboot (fastboot file sized > 100mb)
Put the mFastboot executable as 'mfastboot' in the directory where adb and the normal fastboot file are stored
RSD-Lite
Motorola Tools [Specially for Noobs] (November, 2012)
RSD-Lite in this thread is outdated(5.7), use the newest 6.1.x series from here
If one version doesn’t work, try another. 1 of the 3 should work for you!
ALWAYS USE YOUR CURRENT FIRMWARE OR HIGHER! DON’T DOWNGRADE WITH RSD-LITE. Downgrading with RSD-Lite will cause a soft-brick or if really screwed up a hard-brick. See ‘warnings, bricked devices solutions/discussions’ for more information.
[How to] Change Radio Firmware (February, 2013)
Flashing the radio can do more harm than good, but can also be rewarding, be careful
[DEVS only] Unpacking RAZR i boot images (November, 2012)
C. UNLOCK BOOTLOADER and ROOT
Threads about the bootloader and getting root access.
How To Update/Unbrick/Root Razr I To Jelly Bean (With Review) (Maart, 2013)
Makes use of video’s, a tad outdated.
Unlock the Bootloader on Your RAZR i (Oktober, 2012)
If this doesn’t work, your device isn’t supported (can happen). At this moment u can only achieve root access with the method: TwerkMyMoto, if your bootloader can’t be unlocked.
[Root] TwerkMyMoto 1.0 (no unlock root)(Jellybean) (november, 2013)
Doesn’t require unlocked bootloader
RAZR i Root 2 (Jellybean 4.1.2) (January, 2013)
RAZR i Root (ICS) (December, 2012)
D. RECOVERYs
The recovery’s can behave at every device differently. So a user can have no problems with CWM and almost can’t use TWRP. But it is the same the other way around. Try them and see which one u like and works for u.
To enter Fastboot mode to get to the Recovery
After booting up fastboot mode, navigate with volume - down to the recovery and select it with volume + up
[RECOVERY] Installer for CWM 6.0.1.9 / CWM 6.0.3.6 / TWRP 2.6.3 / STOCK (February, 2014)
To enter stock recovery, press volume up and down at the same time when the Android appears.
CWMR or TWRP install easy 19-Sep-13 (September, 2013)
E. FIRMWAREs
The Unofficial Thread of Official OTA Updates (April, 2013)
Motorola Razr i XT890 Firmware (up-to-date)
F. MODs
Recommended to make a backup before applying
[MOD] Collections of mods for Omar-Avelar Rom (April, 2013)
[MOD] Changing the brightness curve in stock JellyBean (September, 2013)
[Tool] Swap Internal SDcard With External SDcard no init.d need UPDATE (December, 2012)
Enabling USB Mass Storage on the Razr I (Needs root access) (November, 2012)
G. WARNINGs, BRICKED DEVICEs SOLUTIONs/DISCUSSIONs
Downgrade problems JB -> ICS | Black screen green led | service required code currupt
Downgrading from JB to ICS with a locked bootloader is bad. According to a lot of users it will give u a bricked device. This is because RSD-Lite can also flash the motoboot (bootloader), gpt.bin (partition table) and motobp (radio?) and those 3 may never be downgraded only upgraded. Can only be resolved at a service station.
With an unlocked bootloader it is possible, but then again, don’t flash the motoboot, gpt.bin and motobp!
WARNING - Avoiding Bricked Phones + RSD Lite Tutorial (April, 2013)
Recommend to read before attempting to downgrade
RSD-Lite tutorial, not a downgrade tutorial
Unbricking JB to ICS downgraded hardbricks (Maart, 2013)
This is a unbrick method when u have the following message: Service Required Code Corrupt or black screen - green light. But be careful. This fix can help most of the problems, but not all because of the firmware differences. If it doesn't work for you, have a look at the one below. The owner and thread is still worth mentioning because of the finding of a possible fix, the many devices the owner saved and the discussion about the problem that came along.
Unbricking "Service Required Code Corrupt" (May, 2013)
A better documented unbrick method as the one above, but the same. Still won’t help everybody. But won’t harm your device more than it can and already is if u need this. Only for downgrade problems, everything other needs RSD-Lite or Jellybean versions of the files.
Other issues/discussions
Locked Bootloader, can't access Recovery
If u have a locked bootloader and u can’t access the recovery anymore and even RSD-Lite (latest version) with stock firmware (JB) won't work, there is no possible way to resurrect it, yet. Most of the time it means that you have a bad sector in your EMMC (flash memory) and with a locked bootloader it can’t be erased/written to.
PDS Partition Fix (July, 2014)
In TWRP recovery u can erase PDS. Never do it! Will be fixed when 4.4 is out.
Issue Locked bootloader
If u have any issue with your phone (bootloop, stuck on bootlogo) and u have a locked bootloader, try the following:
Reboot to stock recovery
Do a "factory reset"
If that doesn't solve it, flash your original firmware (JB) with RSD-Lite! Make sure u use one of the latest versions of RSD-Lite, 6.1.x. 6.1.5 is the latest (Augustus, 2014)
Unlocked bootloader
If u have any issue with your phone (bootloop, stuck on bootlogo) and u have a unlocked bootloader, try the following (all staps are on there own. If one doesn't work, try another):
Reflash your custom ROM if u use one (don't wipe) (Renews your system partition, stays of your data)
Wipe your data/cache in recovery (does what it says)
Wipe partitions system/data/cache and flash new rom (reflash whole new system)
Do a nandroid restore if u have a nandroid backup of the rom (restore a previous nandroid)
Do a RSD-Lite flash, use latest versions of your stock firmware and RSD-Lite. (reflash to complete stock)
H. DOWNGRADE TO ICS
If u still want to downgrade from JB to ICS for whatever reason, those are the most save methods, because we disable the flashing of the ‘motoboot’, ‘gpt.bin’ and 'motobp'. There are 2 methods, 1 is by RSD-Lite with a modified xml file and the other one is flashing all the files manually. CANNOT BE DONE WITH LOCKED BOOTLOADER only unlocked!!!
RSD Lite:
Follow and read one of the tutorials for RSD-Lite and download your ICS Stock version of your device!
Set everything up and before flashing remove the following lines from the included XML file of the firmware u want to flash:
Code:
“<step operation= “flash” partition= “gpt” filename= “gpt_signed” MD5= “*****”>”
“<step operation= “flash” partition= “motoboot” filename= “motoboot” MD5= “*****”>”
“<step operation= “flash” partition= “motobp” filename= “motobp” MD5= “*****”>”
U maybe need to delete the following line also:
Code:
“<step operation= “getvar” var=”max-download-size”
U should be good to go!
Manually:
For manually flashing we need “mFastboot”. See GERNERAL (DEV) Tools for more information.
Download your firmware and extract it.
Now use the following commands in a command prompt. Make sure they are correctly spelled and return an “OKEY”!
Code:
[LIST]
[*]mfastboot flash boot boot_signed
[*]mfastboot flash recovery recovery_signed
[*]mfastboot flash system system_signed
[*]mfastboot erase cache
[*]mfastboot erase userdata
[/LIST]
I. FROM STOCK TO CUSTOM ROM
See threads that are mentioned above for more details.
Backup your important data from your phone to PC or elsewhere
Get ADB, Fastboot and your device drivers working
Unlock your bootloader with the above method
Install one of the recovery’s
Install a Rom and/or kernel from one of the threads in the Development section of the Razr I Board through custom recovery.
J. FROM CUSTOM ROM TO STOCK
See threads that are mentioned above for more details. If u want to relock too, have a look here (only for jellybean)
Backup your important data from your phone to PC or elsewhere
Get RSD-Lite working
Download the latest official android firmware for your device. (Always jellybean, unless u had ICS installed before the custom rom and to be on the safe side, never used a Jellybean version, then u can try ICS too)
Flash through RSD-Lite
Enormous post hazou! THank's a lot for all your work!
(work on rom, work on thread... etc)
Excellent job!
Thanks for this guide !
A question :
I'm whith KTR rom 2.2 ( JB 4.1.2 ) and, as all users, i have the unlocked phone screen when i boot my razr I.
If i do the step H. of the guide in order to downgrade to ICS, can i change the unlocked screen whith another one, and after reflash KTR rom ( JB ) in order to don't have anymore this unlocked screen at boot ???
elreydelaplaya said:
Thanks for this guide !
A question :
I'm whith KTR rom 2.2 ( JB 4.1.2 ) and, as all users, i have the unlocked phone screen when i boot my razr I.
If i do the step H. of the guide in order to downgrade to ICS, can i change the unlocked screen whith another one, and after reflash KTR rom ( JB ) in order to don't have anymore this unlocked screen at boot ???
Click to expand...
Click to collapse
To flash a working logo image u need the bootloader (motoboot) from ICS. But if u flash the motoboot from ICS coming from a jellybean rom (is using the motoboot from jellybean) u will brick your device. (unless as stated, u have never bean on stock JB or installed the firmware from stock JB and u flashed from stock ICS to KTR-rom. So u have the stock ICS bootloader. But i think nobody in this world has that anymore.)
The bootloader and its necessary files may never be downgraded!! I will make a point in the guide to address your question.
So, to answer your question. No u can't!
OK , thanks hazou !
There is definitively no solutions to remove this shi...of bootscreen ....
hey, I wanted to flash the stock rom with the rsd tool and I got my phone bricked, green light flashing, no code error message. Is there any solution for that problem?
edit: ok, I made a stupid mistake by accidentally downloading the ICS stock rom instead of the JB... f**k
bongofred said:
hey, I wanted to flash the stock rom with the rsd tool and I got my phone bricked, green light flashing, no code error message. Is there any solution for that problem?
edit: ok, I made a stupid mistake by accidentally downloading the ICS stock rom instead of the JB... f**k
Click to expand...
Click to collapse
Always read as much as you can and do lots of research to prevent a brick.
waj3k said:
Always read as much as you can and do lots of research to prevent a brick.
Click to expand...
Click to collapse
yep sure, I got it unbricked with the tut hazou linked in his post, so everything is fine
THX!
Nice thread. Thank you! This helps so much!
Motorola RAZR i xt 890 stuck at bootloader is unlocked
Please help!!!
My Motorola razr i xt 890 is stuck at AP Fastboot Flash Mode(secure boot)
and there are options like:
Normal Poweup
Recovery
Factory
BP tools
Switch Console [NULL: null]
Power Off
Now when I select any of the options from above it shows the screen saying "warning bootloader is unlocked" and after that it remains in the same condition.I can't access any of the options.
Please help me....
anuragtripathi said:
Please help!!!
My Motorola razr i xt 890 is stuck at AP Fastboot Flash Mode(secure boot)
and there are options like:
Normal Poweup
Recovery
Factory
BP tools
Switch Console [NULL: null]
Power Off
Now when I select any of the options from above it shows the screen saying "warning bootloader is unlocked" and after that it remains in the same condition.I can't access any of the options.
Please help me....
Click to expand...
Click to collapse
i have the same problem.
I managed to enter after many power + volume up press and it rebooted after many minutes, to the rom.
and it worked!
the only problem is that I can't make the antenna work. it's not working
from this thread/post by Hashcode, to install KK "4.4.2 Stock Root Odex/DeOdex [04/23/14]" by BeansTown106 on dev edition note 3:
I have a dev edition VZW Note 3 still with the 4.3 (JellyBean) bootloader / aboot. Obviously I can't just flash the 4.4 aboot without locking it and turning it into a retail version.
I'm aware of the bootloader unlock using the CID exploit to convert any VZ Note 3 into a dev edition version, however, I'd like to avoid modifying my CID and want to keep it as is.
Apparently, there is this kernel that will let the "older" dev edition to run a 4.4-based rom. The links in the post seem to have expired, or are no longer working now;
"(Goo.im)"
"(Crackflashers)"
I also did a search for that file on google, and nothing useful came up.
With a regular 4.4.2 kernel, my phone just gets stuck at the "Note 3" screen after running the kernel, it won't get to /system, if I use the de-odex rom's kernel from Hashcode, the 4.3 bootloader won't even run the kernel and just freezes. I'd really appreciate it if someone could re-post it with a link here, if they still happen to have that modified 4.4.2 kernel for the dev edition, it is called
flash-vzw-de-4.4-kernel-v1.0.zip
supposedly it also needs this file, but I'm sure it'll still work without it:
flash-tw44-sys-files-fixes-v1.0.zip
If anyone still happens to have these files, I would really appreciate it they could post a link for download.
There is a link for the kernel source in that post, but I'm not really good at compiling my own kernels.
Thanks for any assistance
newuser134 said:
from this thread/post by Hashcode, to install KK "4.4.2 Stock Root Odex/DeOdex [04/23/14]" by BeansTown106 on dev edition note 3:
I have a dev edition VZW Note 3 still with the 4.3 (JellyBean) bootloader / aboot. Obviously I can't just flash the 4.4 aboot without locking it and turning it into a retail version.
I'm aware of the bootloader unlock using the CID exploit to convert any VZ Note 3 into a dev edition version, however, I'd like to avoid modifying my CID and want to keep it as is.
Apparently, there is this kernel that will let the "older" dev edition to run a 4.4-based rom. The links in the post seem to have expired, or are no longer working now;
"(Goo.im)"
"(Crackflashers)"
I also did a search for that file on google, and nothing useful came up.
With a regular 4.4.2 kernel, my phone just gets stuck at the "Note 3" screen after running the kernel, it won't get to /system, if I use the de-odex rom's kernel from Hashcode, the 4.3 bootloader won't even run the kernel and just freezes. I'd really appreciate it if someone could re-post it with a link here, if they still happen to have that modified 4.4.2 kernel for the dev edition, it is called
flash-vzw-de-4.4-kernel-v1.0.zip
supposedly it also needs this file, but I'm sure it'll still work without it:
flash-tw44-sys-files-fixes-v1.0.zip
If anyone still happens to have these files, I would really appreciate it they could post a link for download.
There is a link for the kernel source in that post, but I'm not really good at compiling my own kernels.
Thanks for any assistance
Click to expand...
Click to collapse
Suggest you try to PM hashcode if you haven't already.
For what it's worth... I am running Jasmine 6.1 (based on lollipop OF1) witb the lean kernal and NC4 bootloader. I am not seeing any issues with that combination.
I do have a TWRP backup of the bootloader if that would do you any good.
Sent from my SM-N900V using Tapatalk
donc113 said:
Suggest you try to PM hashcode if you haven't already.
For what it's worth... I am running Jasmine 6.1 (based on lollipop OF1) witb the lean kernal and NC4 bootloader. I am not seeing any issues with that combination.
I do have a TWRP backup of the bootloader if that would do you any good.
Sent from my SM-N900V using Tapatalk
Click to expand...
Click to collapse
Hi,
Thanks for your offer to help. I wish that would work. I'm assuming you have a retail version Note 3 that was bootloader unlocked with the CID conversion method, right?
I can always do it that way, but then I will have to change my phone's CID, which is a unique number to the device. That's what converts any retail Note 3 into a dev edition Note 3.
The phone I have came as a dev edition (unlocked bootloader) from the manufacturer. That means it has a bootloader from factory with a signature in it matching my original CID. Obviously that makes it impossible for me to use anybody else's bootloader other than my own, unless I also change my CID to theirs (which defeats the purpose because my phone already has an unlocked bootloader).
My problem is that my bootloader is Android 4.3-based (JellyBean), not 4.4 (KitKat). Any Android version above 4.3 WILL run on the 4.4 bootloader. That's why your Lollipop-based (Android 5.x-based) rom will run on a 4.4 (KitKat)-based bootloader. The bootloader I have is older than KitKat, it's from Android JellyBean (4.3). The version of the bootloader that you have is exactly what I need, but not just from any phone, it would have to be "signed" with the CID from my phone.
You CANNOT backup the bootloader (aboot) with twrp, what you have backed up, is the BOOT partition, boot.img, which is the kernel image or backup. Bootlader is even at a lower level on your phone than kernel, it's the very first thing that runs when you power up your phone, which shows the "Note 3 - Custom" screen while it's booting up. It's what you overwrote when you unlocked your bootloader, if that's what you did. Be very careful that you NEVER overwrite it from what you have now, otherwise you will either lock your phone back, or you will hard brick it.
You can backup your bootloader (or aboot) using either ADB from a pc, or from Terminal Emulator app (if your phone is rooted) with this set of commands:
su <enter>
dd if=dev/block/platform/msm_sdcc.1/by-name/aboot of=/mnt/extSdCard/aboot.mbn <enter>
Don't type <enter>, that just means you hit enter after typing the command(s).
That set of commands will produce a backup file called "aboot.mbn", which is exactly 2.0 Mb, on the main directory of you external sd card if you need to keep it for later. DO NOT ever try to write to the aboot partition unless you know what you're doing, and DO NOT enter the commands above incorrectly, it could easily hard-brick your phone, it cannot be recovered from that if it gets hard-bricked.
Anyway, what you have backed up with twrp, is boot.img, a backup of the lean kernel you use. It should be stored in your TWRP "BACKUP" folder, along with an MD5 file, they are called boot.emmc.win and boot.emmc.win.md5 depending on your version of twrp, the first file should be between 10 to 12 Mb, the md5 file is under 1Kb, like maybe 48 bytes. Could you get those two files and share them with me, I might be able to use the lean kernel to fix my issue. If you are unable to post a link to share those with me, or link them on this thread to share, could you point me to where you downloaded the lean kernel you use from? You should be able to share those files with dropbox or google drive or something similar.
Thank you again
newuser134 said:
Hi,
Thanks for your offer to help. I wish that would work. I'm assuming you have a retail version Note 3 that was bootloader unlocked with the CID conversion method, right?
I can always do it that way, but then I will have to change my phone's CID, which is a unique number to the device. That's what converts any retail Note 3 into a dev edition Note 3.
The phone I have came as a dev edition (unlocked bootloader) from the manufacturer. That means it has a bootloader from factory with a signature in it matching my original CID. Obviously that makes it impossible for me to use anybody else's bootloader other than my own, unless I also change my CID to theirs (which defeats the purpose because my phone already has an unlocked bootloader).
My problem is that my bootloader is Android 4.3-based (JellyBean), not 4.4 (KitKat). Any Android version above 4.3 WILL run on the 4.4 bootloader. That's why your Lollipop-based (Android 5.x-based) rom will run on a 4.4 (KitKat)-based bootloader. The bootloader I have is older than KitKat, it's from Android JellyBean (4.3). The version of the bootloader that you have is exactly what I need, but not just from any phone, it would have to be "signed" with the CID from my phone.
You CANNOT backup the bootloader (aboot) with twrp, what you have backed up, is the BOOT partition, boot.img, which is the kernel image or backup. Bootlader is even at a lower level on your phone than kernel, it's the very first thing that runs when you power up your phone, which shows the "Note 3 - Custom" screen while it's booting up. It's what you overwrote when you unlocked your bootloader, if that's what you did. Be very careful that you NEVER overwrite it from what you have now, otherwise you will either lock your phone back, or you will hard brick it.
You can backup your bootloader (or aboot) using either ADB from a pc, or from Terminal Emulator app (if your phone is rooted) with this set of commands:
su
dd if=dev/block/platform/msm_sdcc.1/by-name/aboot of=/mnt/extSdCard/aboot.mbn
Don't type , that just means you hit enter after typing the command(s).
That set of commands will produce a backup file called "aboot.mbn", which is exactly 2.0 Mb, on the main directory of you external sd card if you need to keep it for later. DO NOT ever try to write to the aboot partition unless you know what you're doing, and DO NOT enter the commands above incorrectly, it could easily hard-brick your phone, it cannot be recovered from that if it gets hard-bricked.
Anyway, what you have backed up with twrp, is boot.img, a backup of the lean kernel you use. It should be stored in your TWRP "BACKUP" folder, along with an MD5 file, they are called boot.emmc.win and boot.emmc.win.md5 depending on your version of twrp, the first file should be between 10 to 12 Mb, the md5 file is under 1Kb, like maybe 48 bytes. Could you get those two files and share them with me, I might be able to use the lean kernel to fix my issue. If you are unable to post a link to share those with me, or link them on this thread to share, could you point me to where you downloaded the lean kernel you use from? You should be able to share those files with dropbox or google drive or something similar.
Thank you again
Click to expand...
Click to collapse
Towards the bottom of this post is a link to the lean kernel under dev edition options (part of the Jasmine 6.1 announcement.
http://forum.xda-developers.com/showthread.php?p=62769340
Yes.. On aboot... The code for the exploit is on github under beaups and if you read YOUR cid and then use that and YOUR aboot signature you can redo YOUR cid and signature to re unlock your dev edition.
Read these 2 threads
http://forum.xda-developers.com/showthread.php?t=3359370
http://forum.xda-developers.com/showthread.php?p=66068899
Sent from my SM-N900V using Tapatalk
donc113 said:
Towards the bottom of this post is a link to the lean kernel under dev edition options (part of the Jasmine 6.1 announcement.
http://forum.xda-developers.com/showthread.php?p=62769340
Yes.. On aboot... The code for the exploit is on github under beaups and if you read YOUR cid and then use that and YOUR aboot signature you can redo YOUR cid and signature to re unlock your dev edition.
Read these 2 threads
http://forum.xda-developers.com/showthread.php?t=3359370
http://forum.xda-developers.com/showthread.php?p=66068899
Sent from my SM-N900V using Tapatalk
Click to expand...
Click to collapse
I'm very grateful that you let me know about the exploit code on how to use your own original CID and maybe sign the new 4.4 bootloader with my own CID. That was very nice to point me in that direction. Looks like I need to do a little research and figure out how to do that.
Now I wonder though that if I upgrade my bootloader to the next version, even if I am able to unlock my dev edition again, if I'll be able to use use JellyBean android with the newer aboot if KitKat or Lollipop don't work out for me?! I am under the impression that once you upgrade your bootloader, you CANNOT roll it back, it blacklists all the older aboot versions. Looks like I also need to figure out if older kernels will run on the newer bootloader, the reverse of what I am having trouble with now, with a newer kernel and older bootloader problem.
newuser134 said:
I'm very grateful that you let me know about the exploit code on how to use your own original CID and maybe sign the new 4.4 bootloader with my own CID. That was very nice to point me in that direction. Looks like I need to do a little research and figure out how to do that.
Now I wonder though that if I upgrade my bootloader to the next version, even if I am able to unlock my dev edition again, if I'll be able to use use JellyBean android with the newer aboot if KitKat or Lollipop don't work out for me?! I am under the impression that once you upgrade your bootloader, you CANNOT roll it back, it blacklists all the older aboot versions. Looks like I also need to figure out if older kernels will run on the newer bootloader, the reverse of what I am having trouble with now, with a newer kernel and older bootloader problem.
Click to expand...
Click to collapse
The original code for an S5 us here:
https://github.com/beaups/SamsungCID?files=1
There's also a Sam_Dunk pdf that explains the exploit.
My SLIGHTLY modified version of beaups code is in the zip located here
http://forum.xda-developers.com/showthread.php?p=66529761
Hopefully you can read and modify C code, I compiled it right on my Note 3 using C4DROID app and its GCC module.
@beaups can probably tell you if the exploit can be used to go backwards on ABOOT
Sent from my SM-N900V using Tapatalk
donc113 said:
The original code for an S5 us here:
https://github.com/beaups/SamsungCID?files=1
There's also a Sam_Dunk pdf that explains the exploit.
My SLIGHTLY modified version of beaups code is in the zip located here
http://forum.xda-developers.com/showthread.php?p=66529761
Hopefully you can read and modify C code, I compiled it right on my Note 3 using C4DROID app and its GCC module.
@beaups can probably tell you if the exploit can be used to go backwards on ABOOT
Sent from my SM-N900V using Tapatalk
Click to expand...
Click to collapse
Thank you
I know enough C to probably figure it out. I'm glad to hear that it is possible to compile code on the phone with an app, I haven't used a PC for years to compile any kind of computer code, it's a lot easier to setup an android phone for that. I will give it a try.
I wasn't able to get stock (or de-odexed) KitKat 4.4.2 to work on the older aboot even with Lean Kernel. I was, however, able to get get the latest version of Jasmine Rom (to which you provided the link to get Lean Kernel from its post ), even though it's even newer than KitKat 4.4.2! As you said, Jasmine Rom 6.1 is Lollipop-based, KitKat 4.4.2 is a lot closer to my own JellyBean aboot (4.3), so if Android 5.0 or 5.1 is working on the old aboot, I don't see why Android 4.4.2 should be able to work?! I know for sure it has something to do with the kernel, I know if I flash the right kernel, it will work. Stupid somewhat-locked bootloader! On older phones with truly unlocked, unsigned bootloaders, once the bootloader handed the chain to the kernel, it would care less if they were "compatible", the kernel would then run and boot into /system. These signed/encrypted bootloaders, along with secure boot being on on the phone, aren't really unlocked even when unlocked, they just enforce slightly less when checking for boot.img or recovery.img signature, they still check for version and compatibility. I've never had an issue with a bootloader version not being compatible with kernel version, the bootloader's purpose is just to load the operating system or kernel. Ever heard of a PC's bios not being compatible with a version of Windows or Linux?!
I confirmed with someone else's dev edition phone that the new aboot (version 4.4) will NOT boot into old Android 4.3 JellyBean, so since downgrading aboot may not be possible, I will hold on upgrading my aboot for now till I figure out more. If Lollipop will work with the older aboot, then KitKat must be able to as well, it's just a question of figuring it out eventually, and getting the right kernel. Maybe I'll have to start learning on how to modify kernels and turn on/off kernel modules.
Thank you for all your help again. I'll get your code and look at it a little later once I figure it out a little more.