Database Users

[TUTORIAL][Tethering]+[Android Pay] How to have your Nougat, and eat it too!

Obviously I'm not responsible for your mom exploding or your phone disowning you, but.....
I got tethering and Android Pay working on stock Nougat - that's Android N, folks - on a Nexus.
(confirmed will work on Marshmallow and up on 5, 5x, 6, 6p...etc.)
Thanks to @Chainfire, @ManHands and @interloper, and you!
click thanks if this helps, or buy me a beer or something.
prerequisites:
working adb and fastboot (from platform-tools in the Android SDK if you don't know where to find it)
twrp .img for your device
latest stable systemless supersu
1. be on Marshmallow or Nougat obviously
2. flash twrp
(volume down + power on nexus gets you into bootloader, then after flashing recovery, use volume buttons to scroll and power button to select recovery mode)
3. flash systemless root while booted into twrp (unsure if .supersu SYSTEMLESS=true in /data is still needed, but can't hurt - mine is still there from earlier.)
4. while still in twrp, go to mount and check system. Make sure you allow changes.
5. from your computer, do this
Code:
adb shell
echo "net.tethering.noprovisioning=true" >> /system/build.prop
6. reboot into Android.
7. Install Terminal Emulator from the Play Store.
8. Launch it, and in Terminal Emulator, do this
Code:
su
settings put global tether_dun_required 0
exit
9. go into Supersu, expert, scroll to the bottom and hit full unroot. No, you don't want it to patch you back to the stock boot image or recovery*. If it hangs, just reboot and try doing it again.
10. ????
11. Profit! You should have tethering unlocked, be unrooted, and have full Android Pay goodness working.
To take an OTA, do this, because Flashfire gets confused after you've done build.prop edits -
1. go to About Phone, scroll down. Find your build number.
2. download that Nexus Factory Image.
3. Unzip it all. ALL OF IT.
4. Make sure you have Android SDK & platform-tools (or just a working Fastboot and ADB)
5. just flash boot, system, and recovery - you can now OTA with no problems. Then repeat the above guide on your new OTA. Confirmed working 10 minutes ago, OTA'ing from Marshmallow to Nougat and then getting tethering working again
ALTERNATE IF YOU PREFER FLASHFIRE:
All the above steps, but you only have to flash the System image to fix the build.prop hash fail then flashfire should work for you. Wouldn't necessarily recommend upgrading version numbers (6.0.1 to 7.0.0) with Flashfire, but who knows, it might work great! Chainfire is a wizard.
*you can do this if you want, but when I let it patch my boot image I got the dreaded "device corrupt!!!!1" message at boot. Did not try letting it flash stock recovery image.

You're mentioning to do a systemless root but enable read/write on the system partition. Isnt't that counter-intuitive?

codycook said:
You're mentioning to do a systemless root but enable read/write on the system partition. Isnt't that counter-intuitive?
Click to expand...
Click to collapse
Nope! rw system is only for the build.prop echo, other than that you don't touch /system

Have you been able to get this to work with the latest factory Nougat images from Google's website?
I successfully did your process above when I was on an older version of Nougat for Nexus 6 (beta release), but when I try now with NBD90Z Google Pay won't work after rooting after a full unroot.

Yes i'm seeing this also and other not root methods for tethering don't not seem to work either with NBD90Z .

cal028 said:
Yes i'm seeing this also and other not root methods for tethering don't not seem to work either with NBD90Z .
Click to expand...
Click to collapse
Hmm. Bummer. For a split second, I felt like I finally had a fully functioning Android
Almost regret upgrading to NBD90Z, but figured it would be less buggy. If anyone has figured out how to get AP and NBD90Z to work with a slightly modified build.prop file (to allow tethering), please update this thread!

cal028 said:
Yes i'm seeing this also and other not root methods for tethering don't not seem to work either with NBD90Z .
Click to expand...
Click to collapse
same for me too. Pulled build.prop and verified net.tethering.noprovisioning=true and settings put global tether_dun_required 0
still no luck on NBD90Z

w8291 said:
same for me too. Pulled build.prop and verified net.tethering.noprovisioning=true and settings put global tether_dun_required 0
still no luck on NBD90Z
Click to expand...
Click to collapse
Flashed back down to NRD90S and the method works again.

Where did you download that version?
The stock Nexus 6 images on the official Google site do not list that version as valid for the Nexus 6.
Are you using the Nexus 6P image?

May be a dumb question but I have a Moto X Pure running Ressurection Remix nougat ROM and I don't have WiFi tethering in my settings. Would this method work on it?

worked, thanks

n8onXDA said:
Have you been able to get this to work with the latest factory Nougat images from Google's website?
I successfully did your process above when I was on an older version of Nougat for Nexus 6 (beta release), but when I try now with NBD90Z Google Pay won't work after rooting after a full unroot.
Click to expand...
Click to collapse
With the current build, no methods work. SafetyNet check fails with the last 2 builds

Safety net now requires OEM lock, even fully stock with open bootloader never rooted fails
Sent from my Nexus 6 using Tapatalk

Ok great! Well at least I know I'm not missing some clever workaround. Isn't there a way to bypass SafetyNet and/or OEM lock? I thought someone was trying or working on something like this...

wrecklesswun said:
With the current build, no methods work. SafetyNet check fails with the last 2 builds
Click to expand...
Click to collapse
So I read that the March 2017 7.1.1 Update for Nexus 6 broke Android Pay even on non-rooted devices so Google released images with SafetyNet disabled. Would that version allow us to root AND use Android Pay since SafetyNet is disabled to make it work for regular users?

Had to do this but gaining root was going to be tricky (encrypted partition), and I didn't need root for any other reason. I unlocked the bootloaded, flashed twrp, and used adb to pull build.prop, added the line in (net.tethering.noprovisioning=true), pushed it back using adb (with twrp still running), and rebooted. Tethering is working fine now.
By the way -- this is so infuriating. When tethering does not work it asks your provider's permission even in airplane mode (which fails, it's airplane mode), so you can't use the phone to provide wifi to other devices. Such an amateurish disrespect for my rights as an owner of an unlocked device.

I flashed Vanilla rom 7.1.2, then flash stock recovery and locked bootloader and Android pay, Netflix and Snapchat etc all work. After I flashed Vanilla rom Android pay wasn't working stating I had a root, so I locked bootloader but was bootlooping into twrp. After flashing stock recovery it worked just fine

I discovered that you can you can have TWRP recovery and still use android pay so long as you have your bootloader locked. I am pretty sure you can still flash roms w/ locked bootloader in recovery but I am not positive

It is impossible for me to pass safetynet CTS profile

I have reflashed my phone about 3 times and the last resulting in a fresh start without carrying over any data. My original rooting method was system mode which left me unable to accept OTA updates and was unstable. I am now using systemless magisksu and systemless Xposed with a untouched system partition. And at first I was able to play games like fire emblem heroes and pokemon go without trouble, then after a while I noticed that the same issues were happening again. Fire emblem gives a error code dispite me having hide magisk and automagisk enables for it, same for pokemon go. No matter what I do or how many times I reinstall I always get the errors.
I have read that you cannot hide root if you have a unlocked bootloader which I do. I have a stock ROM but a unlocked bootloader because I have a developer global installed. Do I need to modify my boot.img to not have the flag?

With original developer I think that you can relock the bootloader.... But you have to flash the original recovery too... I think I tried and it stuck so you might consider flashing via fastboot the original developer. I am not sure what happens to root
To lock bootloader you have to go to fastboot mode and type fastboot oem lock

jimger said:
With original developer I think that you can relock the bootloader.... But you have to flash the original recovery too... I think I tried and it stuck so you might consider flashing via fastboot the original developer. I am not sure what happens to root
To lock bootloader you have to go to fastboot mode and type fastboot oem lock
Click to expand...
Click to collapse
1. i have heard that relocking bootloader is actually more dangerous then unlocking and i have permabricked a 3s before and
2. no way will i unhack and relock just so that i can use some apps that to ignorant to leave rooted people alone. i will have to find away to make a custom kernal that removed the saftynet flag. someone was talking about that for another phone.

I don't think it is easy to brick redmi 3s.... Have you tried getting it into edl?
For me even when I had it with black screen I could "do" stuff to it. You can relock it if you use miflash and put developer and/or stable from en.miui.com. It will replace both your system and your recovery but also delete your media to your internal "sd".
I use an xposed module that responds well to safetynet but actually it doesn't really pass. Android pay can't be activated (to me) and I am not sure about pokemon or whatever because I don't use it. But safety net passes. I use an app from play store safetynet helper which in latest version included a basic integrity check. Well my device responds ok to cts profile but fails to basic integrity. Not sure why exactly but even thought I have magisk+ supersu in systemless mode I have touched the /system partition perhaps with adaway or I don't know for sure. I don't know how undroid checks for tampered system partition. I have miui-globe rom which is not official

jimger said:
I don't think it is easy to brick redmi 3s.... Have you tried getting it into edl?
For me even when I had it with black screen I could "do" stuff to it. You can relock it if you use miflash and put developer and/or stable from en.miui.com. It will replace both your system and your recovery but also delete your media to your internal "sd".
I use an xposed module that responds well to safetynet but actually it doesn't really pass. Android pay can't be activated (to me) and I am not sure about pokemon or whatever because I don't use it. But safety net passes. I use an app from play store safetynet helper which in latest version included a basic integrity check. Well my device responds ok to cts profile but fails to basic integrity. Not sure why exactly but even thought I have magisk+ supersu in systemless mode I have touched the /system partition perhaps with adaway or I don't know for sure. I don't know how undroid checks for tampered system partition. I have miui-globe rom which is not official
Click to expand...
Click to collapse
trust me i have tried everything to unbrick that phone it is IMPOSSIBLE no one can fix it, it just sits as spare parts in my storage now as i brought another one
https://forum.xda-developers.com/xiaomi-redmi-3s/help/bricked-redmi-3s-identify-test-force-t3438220
http://en.miui.com/thread-326730-1-1.html
http://en.miui.com/thread-373634-1-1.html
and even when my phone isn't rooted like after a fresh miflash after like 20 minutes the test fails but for that little time before then everything is ok.

Which test?
I saw that you ordered the deep flash cable and still not ok?
Have you tried the modified reboot to edl?
Also have you got x64 windows with test mode enabled?
https://forum.xda-developers.com/redmi-note-3/how-to/guide-reboot-to-edl-mode-fastboot-test-t3398718

jimger said:
Which test?
I saw that you ordered the deep flash cable and still not ok?
Have you tried the modified reboot to edl?
Also have you got x64 windows with test mode enabled?
https://forum.xda-developers.com/redmi-note-3/how-to/guide-reboot-to-edl-mode-fastboot-test-t3398718
Click to expand...
Click to collapse
yes and yes the cable did not do anything
trust me i have tried everything anyone can ever imagine.

xdarkmario said:
yes and yes the cable did not do anything
trust me i have tried everything anyone can ever imagine.
Click to expand...
Click to collapse
Well don't know Then you are one of the very few... I can't tell anything else

If you reflash in fastboot it will be relocked. And there is no problem at all....

I am still having issues with this, i dont have the knowledge for compiling a kernel from source. no matter what i try i just cant bypass this stupid saftynet. if i flash the phone from scratch it will allow me to use saftynet protected app for a little bit but on reboot or something i cant use use it again.

As far as I know, developer ROMs don't pass SafetyNet, only the stable ROMs. And only with locked bootloader and without any modifications (root, xposed, magisk, etc.). For locking bootloader I recommend you to flash a fastboot ROM in fastboot mode and in MiFlash choose flash all and lock option, this way you will not brick your phone. But if it's not working and as I see you can unlock your bootloader, I recommend you xiaomi.eu ROMs. If all is true, the next release (both of beta and stable) will bypass SafetyNet (of course without modifications, but with this ROM don't lock your bootloader). But since it's based on china ROMs, beta releases are suspended until august. From the stable ROMs MIUI 8.2 doesn't pass SafetyNet yet, so you have to wait to MIUI 8.5.

22Dávid22 said:
As far as I know, developer ROMs don't pass SafetyNet, only the stable ROMs. And only with locked bootloader and without any modifications (root, xposed, magisk, etc.). For locking bootloader I recommend you to flash a fastboot ROM in fastboot mode and in MiFlash choose flash all and lock option, this way you will not brick your phone. But if it's not working and as I see you can unlock your bootloader, I recommend you xiaomi.eu ROMs. If all is true, the next release (both of beta and stable) will bypass SafetyNet (of course without modifications, but with this ROM don't lock your bootloader). But since it's based on china ROMs, beta releases are suspended until august. From the stable ROMs MIUI 8.2 doesn't pass SafetyNet yet, so you have to wait to MIUI 8.5.
Click to expand...
Click to collapse
i know how to relock my bootloader, i have done it before and relocked it as well as my xiaomi account is allowed to do so but for what i do i at least a rooted phone at the least. xposed it a heavy want but not mandatory like root is. i also need to be on the global weekly because the stable haven't added EXfat support yet.

Use magisk 13.3 =_=

jimger said:
I don't think it is easy to brick redmi 3s.... Have you tried getting it into edl?
For me even when I had it with black screen I could "do" stuff to it. You can relock it if you use miflash and put developer and/or stable from en.miui.com. It will replace both your system and your recovery but also delete your media to your internal "sd".
I use an xposed module that responds well to safetynet but actually it doesn't really pass. Android pay can't be activated (to me) and I am not sure about pokemon or whatever because I don't use it. But safety net passes. I use an app from play store safetynet helper which in latest version included a basic integrity check. Well my device responds ok to cts profile but fails to basic integrity. Not sure why exactly but even thought I have magisk+ supersu in systemless mode I have touched the /system partition perhaps with adaway or I don't know for sure. I don't know how undroid checks for tampered system partition. I have miui-globe rom which is not official
Click to expand...
Click to collapse
All the neccessary apps ( android pay & Pokemon ) use basic integrity

[REQ] ZIP to install TWRP to ramdisk

Hello y'all,
I've noticed that on the Pixel 2 and on many other A/B devices, there is a twrp zip available that can be flashed after flashing the twrp image to boot and booting into recovery and flashing the stock boot image (like we do on the Essential) which patches the ramdisk in the stock boot.img to add twrp to it so that twrp can be permanently installed on the device.
If I could make something like this myself, I would have a long time ago, but unfortunately, it's over my head. Just curious why something like this has never been made for the Essential. Also, but much less important, TWRP 3.2.3-0 is about to be released (code is on GitHub), yet the latest available to us is version 3.2.1-1.
I know one of you smart devs could make the zip to install twrp to the ramdisk (and possibly build the latest version of twrp also) probably in almost no time at all. I love my Essential, but having to connect it to a PC just to get into TWRP is very irritating.
When one of you guys have the time, could you give it a try? I'd be happy to test whatever you come up with.
Much thanks!

starcms said:
Hello y'all,
I've noticed that on the Pixel 2 and on many other A/B devices, there is a twrp zip available that can be flashed after flashing the twrp image to boot and booting into recovery and flashing the stock boot image (like we do on the Essential) which patches the ramdisk in the stock boot.img to add twrp to it so that twrp can be permanently installed on the device.
If I could make something like this myself, I would have a long time ago, but unfortunately, it's over my head. Just curious why something like this has never been made for the Essential. Also, but much less important, TWRP 3.2.3-0 is about to be released (code is on GitHub), yet the latest available to us is version 3.2.1-1.
I know one of you smart devs could make the zip to install twrp to the ramdisk (and possibly build the latest version of twrp also) probably in almost no time at all. I love my Essential, but having to connect it to a PC just to get into TWRP is very irritating.
When one of you guys have the time, could you give it a try? I'd be happy to test whatever you come up with.
Much thanks!
Click to expand...
Click to collapse
It's definitely possible but I don't know how many Devs would want to take this up. I'm all for the idea, I really miss having TWRP permanently, but you kinda get used to the whole PC flashing thang.
I don't know how different the Pixel 2 is in comparison to the Essential phone, but they both share A/B partitions, so it wouldn't be too outlandish if someone were able to port something like this over to our Mata's down the road.
?

starcms said:
Hello y'all,
I've noticed that on the Pixel 2 and on many other A/B devices, there is a twrp zip available that can be flashed after flashing the twrp image to boot and booting into recovery and flashing the stock boot image (like we do on the Essential) which patches the ramdisk in the stock boot.img to add twrp to it so that twrp can be permanently installed on the device.
If I could make something like this myself, I would have a long time ago, but unfortunately, it's over my head. Just curious why something like this has never been made for the Essential. Also, but much less important, TWRP 3.2.3-0 is about to be released (code is on GitHub), yet the latest available to us is version 3.2.1-1.
I know one of you smart devs could make the zip to install twrp to the ramdisk (and possibly build the latest version of twrp also) probably in almost no time at all. I love my Essential, but having to connect it to a PC just to get into TWRP is very irritating.
When one of you guys have the time, could you give it a try? I'd be happy to test whatever you come up with.
Much thanks!
Click to expand...
Click to collapse
MoistPicklez said:
It's definitely possible but I don't know how many Devs would want to take this up. I'm all for the idea, I really miss having TWRP permanently, but you kinda get used to the whole PC flashing thang.
I don't know how different the Pixel 2 is in comparison to the Essential phone, but they both share A/B partitions, so it wouldn't be too outlandish if someone were able to port something like this over to our Mata's down the road.
?
Click to expand...
Click to collapse
The problem lies in the way our touch driver is implemented. For lack of a better explanation, what good would it do to need to carry a type c mouse around to use twrp if touch doesn't work. Many many people have tried and failed getting touch to work on Oreo source, let alone P. That is why twrp resides on a nougat kernel meant for LOS. Someone I know even rewrote the driver in c, no go. It's gonna be tough sledding.

Does it have to be touch though? Could it be more old school clockworkmod recovery where you use the buttons or really like default recovery. I don't know enough about it but just a thought. You definitely get use to just downloading and flashing in twrp and it would be cool to find that with the PH-1.

Atleaset there is a way to use TWRP on the fly.
1) Root the phone the first time using the PC.
2) Copy the TWRP and boot.img(rooted) files to the Phone.
3) While booted and rooted, use apps like Rashr - Flash Tool or Flashify available on the playstore to flash TWRP and boot to it.
4) Once you are done using TWRP, flash the boot.img and boot to the phone.

Gundabolu SC said:
Atleaset there is a way to use TWRP on the fly.
1) Root the phone the first time using the PC.
2) Copy the TWRP and boot.img(rooted) files to the Phone.
3) While booted and rooted, use apps like Rashr - Flash Tool or Flashify available on the playstore to flash TWRP and boot to it.
4) Once you are done using TWRP, flash the boot.img and boot to the phone.
Click to expand...
Click to collapse
Been waiting for someone to share this for 6 months.. thanks lol

aer0zer0 said:
The problem lies in the way our touch driver is implemented. For lack of a better explanation, what good would it do to need to carry a type c mouse around to use twrp if touch doesn't work. Many many people have tried and failed getting touch to work on Oreo source, let alone P. That is why twrp resides on a nougat kernel meant for LOS. Someone I know even rewrote the driver in c, no go. It's gonna be tough sledding.
Click to expand...
Click to collapse
Thanks for the explanation. Now I understand why it hasn't been done before.
But why the issue with touch in TWRP with an Oreo kernel in the first place? What's so special/different/difficult about the touch driver that the Essential uses? And why does it work fine with TWRP with a Nougat kernel? No other devices (to my knowledge) have this issue.
Edit: I wonder if since TWRP worked with the touch driver from the Nougat kernel, if it could work with the P kernel? Maybe whatever was changed in Oreo that prevented it from working has been fixed?

starcms said:
Thanks for the explanation. Now I understand why it hasn't been done before.
But why the issue with touch in TWRP with an Oreo kernel in the first place? What's so special/different/difficult about the touch driver that the Essential uses? And why does it work fine with TWRP with a Nougat kernel? No other devices (to my knowledge) have this issue.
Click to expand...
Click to collapse
Hbtp_daemon (touchscreen) doesn't work in twrp on 8.x and newer sources.
Hbtp_daemon runs in userspace iirc, which is the problem. So an entire driver needs to be hogged together in order to get twrp to work. same process that worked on N doesn't work now.

aer0zer0 said:
Hbtp_daemon (touchscreen) doesn't work in twrp on 8.x and newer sources.
Hbtp_daemon runs in userspace iirc, which is the problem. So an entire driver needs to be hogged together in order to get twrp to work. same process that worked on N doesn't work now.
Click to expand...
Click to collapse
Not possible to use the driver in userspace after TWRP decrypts the device (userspace) using the default password (after any patterns or pins are removed from the lockscreen)?
Edit: And what the heck is the driver doing in userspace anyway? Shouldn't it be in /vendor? If the driver is in userspace, then how can the touchscreen work after a factory reset?

The new Lineage Recovery is not bad but I see no way to apply other zips like Magisk. Maybe it can be worked on and adapted. No touch , just button control.

galakanokis said:
The new Lineage Recovery is not bad but I see no way to apply other zips like Magisk. Maybe it can be worked on and adapted. No touch , just button control.
Click to expand...
Click to collapse
It doesn't after you lets say flash magisk and gapps they create a script in /system/addon....and when updatting lineage it runs the scripts in the addon folder which is how gapps and magisk get installed to the new updated system and boot.....first magisk and gapps have to be flashed in twrp....after that u shudnt need it on dirty flashes

galakanokis said:
The new Lineage Recovery is not bad but I see no way to apply other zips like Magisk. Maybe it can be worked on and adapted. No touch , just button control.
Click to expand...
Click to collapse
@aer0zer0
This seems like the easiest solution to getting TWRP working on the Oreo and P boot images and being able to keep it permanently installed in ramdisk. Make TWRP use the volume up/down keys for scrolling and the power key to select. If the touchscreen is soooo difficult to get working, forget it. If someone really wants to use the touchscreen, they can use the existing TWRP version built on the Nougat boot image.

galakanokis said:
The new Lineage Recovery is not bad but I see no way to apply other zips like Magisk. Maybe it can be worked on and adapted. No touch , just button control.
Click to expand...
Click to collapse
What can you do in Lineage recovery if you can't flash zips? Can you make backups? What else can you do? If you have it installed, could you attach a pic (assuming you have another phone/camera)?

Has anyone looked in the stock P kernel? I was poking around and noticed some twrp residual files. This was straight from the images zip from essential. I didn't touch it.Wth are they in there for? Could they have a better twrp on the back burner for kernel development purposes for Essential? It was in the ramdisk, ill look again tomorrow when I unpack the boot.img. it would make sense to have it in ramdisk, pixel 2 has it like that. Ill post screenshots after work. But, the conversation looks good folks, you are on to something. We could always bust out some phillz recovery, or clockwork mod.

starcms said:
What can you do in Lineage recovery if you can't flash zips? Can you make backups? What else can you do? If you have it installed, could you attach a pic (assuming you have another phone/camera)?
Click to expand...
Click to collapse
I would say it is more stock-ish as far as recoverys go. It's a stock LOS recovery. You can factory reset, flash or sideload update.zips or signed zips no regular custom ROM zips or magisk. It is meant to run on LOS, it only runs on LOS actually and not made for the flashaholics out there. It's a good start though.
Sorry, out right now and no other phone/camera handy.

Gundabolu SC said:
Atleaset there is a way to use TWRP on the fly.
1) Root the phone the first time using the PC.
2) Copy the TWRP and boot.img(rooted) files to the Phone.
3) While booted and rooted, use apps like Rashr - Flash Tool or Flashify available on the playstore to flash TWRP and boot to it.
4) Once you are done using TWRP, flash the boot.img and boot to the phone.
Click to expand...
Click to collapse
Just wanted to mention this works perfectly, tried it last night was able to get into TWRP and then back into my P Beta 3 with root, no issues. Thanks for this!

One could also theoretically copy a copy of the twrp boot. Img to the ex kernel manager backup file, and while booted into the system, hit restore kernel and since its in the boot partition it will flash it then reboot into recovery. Then from there flash your normal kernel and boot back to system/android.. i backup all my kernels after rooting them so after flashing otas, i can just flash my prerooted kernel and reboot without having to flash magisk
Edit. This works, i just did it, but u must make it reboot to bootloader to then tell it to reboot recovery. I dont know if flashify is the same

MoistPicklez said:
Just wanted to mention this works perfectly, tried it last night was able to get into TWRP and then back into my P Beta 3 with root, no issues. Thanks for this!
Click to expand...
Click to collapse
Hey, I'm just curious, before I try it, anyway when using flashify and selecting flash zip - does a recovery other than stock need to be present?

dirtyreturn said:
Hey, I'm just curious, before I try it, anyway when using flashify and selecting flash zip - does a recovery other than stock need to be present?
Click to expand...
Click to collapse
Not sure what you mean by that but to be honest all I did was take the TWRP11.img, and flashed it to boot (kernel) using Rashr, Flashify didn't load up oddly, then reboot to bootloader, select Recovery and bam, there was TWRP. Then to get back I just flashed my boot.img, and Magisk and all my modules and everything were all good to go. No issues at all. ?
Edit: as long as you have TWRP.img, your boot.img, and Magisk, you can easily get to TWRP and back, just make sure you have the img's you need and boom we all got TWRP on the fly.
Wish I had tried this sooner.

MoistPicklez said:
Not sure what you mean by that but to be honest all I did was take the TWRP11.img, and flashed it to boot (kernel) using Rashr, Flashify didn't load up oddly, then reboot to bootloader, select Recovery and bam, there was TWRP. Then to get back I just flashed my boot.img, and Magisk and all my modules and everything were all good to go. No issues at all. ?
Edit: as long as you have TWRP.img, your boot.img, and Magisk, you can easily get to TWRP and back, just make sure you have the img's you need and boom we all got TWRP on the fly.
Wish I had tried this sooner.
Click to expand...
Click to collapse
Hey, Rashr doesn't support this device(phone). I get a reboot to recovery option and if I tap cancel the app just closes. Did the app identify what it needed to?
In Flashify there are 3 options ,Flash - kernel,boot, and zip. What I'm curious about is , when choosing just the zip option - would twrp first need to be flashed to the boot partition?

[GUIDE] [TB-X606F] [Lenovo M10 Plus FHD] How to flash TWRP, Generic System Image (Android 11, Android 12), and Root with Magisk

Hi, I'm a long-time lurker on these forums but recently had some success flashing a GSI and rooting the Lenovo Tab M10 Plus (FHD) (X606F) with TWRP, and wanted to share my exact steps here. This device is awesome for the price point but unfortunately not popular enough to have many guides available. The tablet is Project Treble compatible and uses A/B roms (although it is not an A/B device in terms of OTA updates). You can use the Treble Info app to confirm that the devices uses an ARM64 A/B operating system. This was tested with the CAOS 11 GSI based on Android 11; it may work on other GSIs and other Android versions but I have not tested those (NOTE: user below confirms working on Android 12). I've written this guide at a bird's-eye-view meant for users familiar with flashing.
A couple useful notes before we begin:
- Hardware force off: hold down both volume buttons + power button
- Hardware boot into bootloader: while powered off, hold volume down + power button
- Hardware boot into recovery: hold down both volume buttons + power button
- While in fastboot mode, the command `fastboot reboot recovery` does not work for me on this device. You may have to hardware boot into recovery using the hardware steps above (power off completely then hardware boot). [This command may work for some people. It does not work for my device.]
Obviously, make sure your bootloader is unlocked before starting.
1. I used Ubuntu since Windows was having trouble recognizing the device in fastboot mode; linux drivers seem to be better developed for this particular device. I used `sudo apt install android-sdk` to get the drivers. Much easier than the nonsense that you have to do on Windows to get this device to work. Unfortunately, the Lenovo rescue app is available only for Windows, so you'll need access to Windows to gain access to vbmeta.img for installing TWRP (below).
2. Install TWRP following this guide: https://forum.xda-developers.com/t/...rp-3-5-x-for-lenovo-tab-m10-fhd-plus.4222887/. It is important that you follow all these steps. After flashing the recovery, you must reboot into recovery to ensure that TWRP permanently installs. If the `fastboot reboot recovery` command does not work for you, hold down the power button to power off the device, then hardware boot into TWRP by holding down both volume buttons + power button to boot into TWRP. If you do not perform this step, the device will boot normally and TWRP will be erased. After booting into TWRP, wipe -> format data.
3. In TWRP, flash CAOS 11 GSI: https://forum.xda-developers.com/t/official-aosp-r-mod-caos11.4265059/. You can try with other GSIs - it will probably work - but I've only tested this particular one, and can attest for the stability of CAOS 11 on this device. The image you'll want is named with -arm64-bgZ. If you use another GSI, make sure to use the A/B arm64 image. CAOS 11 has gapps included, so no need to flash here; if you use another GSI that does not have, you'll need to flash the appropriate gapps yourself. You can also opt for the non-gapps download if you don't want Google spying on you.
4. (Optional/No longer necessary) In TWRP, flash to disable dm-versity: https://zackptg5.com/android.php#disverfe.
5. (Optional - many GSIs come with root) In TWRP, flash standard Magisk.zip: https://github.com/topjohnwu/Magisk. I didn't need to use Magisk-Phh.
6. Reboot system.
7. You may or may not get errors from Google Play saying that the device is not certified. Follow these steps:
- Sign into Google account on device via settings
- Download and install the Get ID app: https://f-droid.org/en/packages/makeinfo.com.getid/
- Open the app and Copy Google Service Framework Key
- Go to https://www.google.com/android/uncertified/
- Sign in and paste the copied value to it, register
- Reboot (this actually took me a few tries to get working, I believe the key is to make sure you're signed into your Google account)
- Google Play should be working
Feel free to ask any questions here.

I got this working with the PHH android 12 pre-release version. So far everything seems to be working. There are a couple things I have to sort out still like it passes safetynet but some apps still don't show up in the play store.

dpn982 said:
I got this working with the PHH android 12 pre-release version. So far everything seems to be working. There are a couple things I have to sort out still like it passes safetynet but some apps still don't show up in the play store.
Click to expand...
Click to collapse
Good to know that Android 12 works. What apps aren't showing up for you? Maybe they are simply incompatible with Android 12.

shnioob said:
Good to know that Android 12 works. What apps aren't showing up for you? Maybe they are simply incompatible with Android 12.
Click to expand...
Click to collapse
Netflix is one, maybe Disney plus too. It could be that I just need to restart cause I haven't done that since I got safetynet passing. I was waiting for the bulk of the apps to restore first.

dpn982 said:
Netflix is one, maybe Disney plus too. It could be that I just need to restart cause I haven't done that since I got safetynet passing. I was waiting for the bulk of the apps to restore first.
Click to expand...
Click to collapse
I think this tablet has always had an issue with Netflix due to lack of DRM or something of that nature - I wasn't able to get Netflix on the stock version. Disney+ is probably the same issue.
If you have some free time, it would be great if you can outline your steps for getting safetynet to pass. I haven't bothered with it.

Nice thread. Here's some thoughts to help make this process simpler.
Following the numbering in the OP:
If you are using Windows, just make sure you have the latest OEM drivers from Mediatek (MTK).
after flashing TWRP and vbmeta, you can try fastboot reboot recovery to boot to twrp. I know the OP says it doesn't work, but it works on my TB-X606FA.
..and it's also a good idea to format data, especially if you're upgrading to a new OS level. This will delete everything on the data partition.
phhusson keeps a list of GSIs based on his work.
this step is now optional. TWRP (v3.6.0) has been patched to handle the A12 keymaster.
many GSIs come with root as standard. If yours does (or if you installed Magisk-Phh), then you can use the Magisk app as a root manager, but be aware that updating Magisk from inside the app might break the GSI.
-
some of the latest GSIs have fixed this issue and the integrated gapps should just work.

Yahoo Mike said:
Nice thread. Here's some thoughts to help make this process simpler.
Following the numbering in the OP:
If you are using Windows, just make sure you have the latest OEM drivers from Mediatek (MTK).
after flashing TWRP and vbmeta, you can try fastboot reboot recovery to boot to twrp. I know the OP says it doesn't work, but it works on my TB-X606FA.
..and it's also a good idea to format data, especially if you're upgrading to a new OS level. This will delete everything on the data partition.
phhusson keeps a list of GSIs based on his work.
this step is now optional. TWRP (v3.6.0) has been patched to handle the A12 keymaster.
many GSIs come with root as standard. If yours does (or if you installed Magisk-Phh), then you can use the Magisk app as a root manager, but be aware that updating Magisk from inside the app might break the GSI.
-
some of the latest GSIs have fixed this issue and the integrated gapps should just work.
Click to expand...
Click to collapse
Thanks!
By the way, about point number 7, which roms are like this? I have tried: Phhusson Android 12 latest version, PE 12 latest version and Lineage OS by AndyYan, all with gapps but I get the error

emilio666 said:
Thanks!
By the way, about point number 7, which roms are like this? I have tried: Phhusson Android 12 latest version, PE 12 latest version and Lineage OS by AndyYan, all with gapps but I get the error
Click to expand...
Click to collapse
NEVERMIND, it got solved by just waiting a couple of hours after using the Google website: https://www.google.com/android/uncertified/

Thanks a lot for this guide.
I just installed the latest Phh AOSP 12 GSI (system-squeak-arm64-ab-vndklite-gapps.img.xz) without problems by following your recommendations. I used the lastest twrp_X606FA_11. Flashing dm-verity or Magisk was not required for this GSI to work (it's already rooted). I did have to register my device to solve the "Google Uncertified" issue.

Yahoo Mike said:
Nice thread. Here's some thoughts to help make this process simpler.
Following the numbering in the OP:
If you are using Windows, just make sure you have the latest OEM drivers from Mediatek (MTK).
after flashing TWRP and vbmeta, you can try fastboot reboot recovery to boot to twrp. I know the OP says it doesn't work, but it works on my TB-X606FA.
..and it's also a good idea to format data, especially if you're upgrading to a new OS level. This will delete everything on the data partition.
phhusson keeps a list of GSIs based on his work.
this step is now optional. TWRP (v3.6.0) has been patched to handle the A12 keymaster.
many GSIs come with root as standard. If yours does (or if you installed Magisk-Phh), then you can use the Magisk app as a root manager, but be aware that updating Magisk from inside the app might break the GSI.
-
some of the latest GSIs have fixed this issue and the integrated gapps should just work.
Click to expand...
Click to collapse
Thanks for the clarifying info, updated the OP a bit. And thanks for providing us with a TWRP to make this possible. Otherwise this awesome tablet would be stuck on Android 10 forever.
vladilog said:
Thanks a lot for this guide.
I just installed the latest Phh AOSP 12 GSI (system-squeak-arm64-ab-vndklite-gapps.img.xz) without problems by following your recommendations. I used the lastest twrp_X606FA_11. Flashing dm-verity or Magisk was not required for this GSI to work (it's already rooted). I did have to register my device to solve the "Google Uncertified" issue.
Click to expand...
Click to collapse
Happy to help, glad it worked for you. I tried installing some other GSIs with and without flashing Magisk - LineageOS 12 boots but is very buggy, after reboot I was unable to get past the lockscreen. PixelExperience 11 and 12 cause a bootloop. If anyone has had success with PixelExperience I would love to get your input.

Yahoo Mike said:
Nice thread. Here's some thoughts to help make this process simpler.
Following the numbering in the OP:
If you are using Windows, just make sure you have the latest OEM drivers from Mediatek (MTK).
after flashing TWRP and vbmeta, you can try fastboot reboot recovery to boot to twrp. I know the OP says it doesn't work, but it works on my TB-X606FA.
..and it's also a good idea to format data, especially if you're upgrading to a new OS level. This will delete everything on the data partition.
phhusson keeps a list of GSIs based on his work.
this step is now optional. TWRP (v3.6.0) has been patched to handle the A12 keymaster.
many GSIs come with root as standard. If yours does (or if you installed Magisk-Phh), then you can use the Magisk app as a root manager, but be aware that updating Magisk from inside the app might break the GSI.
-
some of the latest GSIs have fixed this issue and the integrated gapps should just work.
Click to expand...
Click to collapse
So i can flash the official google GSI using these steps?
Branch Grid
ci.android.com
I don't need root and want to be stock as possible.

jebise101 said:
So i can flash the official google GSI using these steps?
Branch Grid
ci.android.com
I don't need root and want to be stock as possible.
Click to expand...
Click to collapse
Give it a try and let us know. I think some GSIs are more stable than others. I've had trouble with LOS and PE on this device.

shnioob said:
Give it a try and let us know. I think some GSIs are more stable than others. I've had trouble with LOS and PE on this device.
Click to expand...
Click to collapse
How do you go back to stock in case this does not work?
Is there a factory image?

jebise101 said:
How do you go back to stock in case this does not work?
Is there a factory image?
Click to expand...
Click to collapse
you can download the stock ROM from LMSA

I also have Lenovo tab m10 fhd plus but it is tb-x606v. Can I flash x606f rom on this device and flash twrp after.i don't want my device to be bricked.

vladilog said:
Thanks a lot for this guide.
I just installed the latest Phh AOSP 12 GSI (system-squeak-arm64-ab-vndklite-gapps.img.xz) without problems by following your recommendations. I used the lastest twrp_X606FA_11. Flashing dm-verity or Magisk was not required for this GSI to work (it's already rooted). I did have to register my device to solve the "Google Uncertified" issue.
Click to expand...
Click to collapse
Hi, I'm trying to follow what you did, but I'm having issues with the Gapps, do you have some pointers to solve it? Thank you in advance

Hello everybody!
I finally installed CAOS 11 and it's working like a charm. Gapps are definitely working as excpected and system seems to be stable as possible.
I have two question to those that installed it to :
Is anyone kow why some widgets on X606F are not clickable, an do not actualize till reboot?
Am I the only one that lost double tap to wake on CAOS?
Thank you all

I tried AOSP V412 12L too, we lost fingerprint sensor and face unlock, widevine DRM. There is some troubles on wifi, beside of this it is pleasant. Of course this not as smooth as android 10. I do not recommend it for daily basis.

I have tb-X606X. I’ve tried AOSP 11 and AOSP 12, Pixel Exp 11 and 12, LineageOS 11 and 12, but finally I stay with CAOS11, which is from all I tried, the most stable, smooth and bug free.
Btw, I do not have any issue with widgets on CAOS.
And yes, the double tap to wake is lost. I think it is not because of CAOS, it is because of Android 11 and above.

garconblair said:
I have tb-X606X. I’ve tried AOSP 11 and AOSP 12, Pixel Exp 11 and 12, LineageOS 11 and 12, but finally I stay with CAOS11, which is from all I tried, the most stable, smooth and bug free.
Btw, I do not have any issue with widgets on CAOS.
And yes, the double tap to wake is lost. I think it is not because of CAOS, it is because of Android 11 and above.
Click to expand...
Click to collapse
Thanks for the feedback. What about Widevine L1 and SafetyNet test with CAOS11? Are you able to play content at 1080p resolution with the Netflix App?

Magisk 23 to 24 ruined

Hi!
I had Magisk v23 working fine with Magisk hide but then I upgraded to v24. Magisk app successfully installed and shows Magisk not present. And when I try to DirectInstall Magisk, I get verification failed error. Attached both screenshots.
Now, I have installed and confirm TWRP is working but do not know how to make Magisk working again and it seems it gonna be a wipe. Any help appreciated.

[Discussion] Magisk - The Age of Zygisk.
This is a discussion and help thread for the newer versions of Magisk. The main goal of this thread is to help users migrate to Magisk v24+ SafetyNet Basic integrity Pass CTS profile match Pass Play Protect certification Device is certified...
forum.xda-developers.com
Step by step: Magisk 24.1 is new and as you have seen completely different.
Installation instructions: https://topjohnwu.github.io/Magisk/install.html

Issue is that on my other phone, Sony Xperia XZ Premium G8142, the same in-app upgrade weas successful with out any issues. I lost Magisk Hide but an extension recovered that function. But it all went haywire on this S8

xabu said:
[Discussion] Magisk - The Age of Zygisk.
This is a discussion and help thread for the newer versions of Magisk. The main goal of this thread is to help users migrate to Magisk v24+ SafetyNet Basic integrity Pass CTS profile match Pass Play Protect certification Device is certified...
forum.xda-developers.com
Step by step: Magisk 24.1 is new and as you have seen completely different.
Installation instructions: https://topjohnwu.github.io/Magisk/install.html
Click to expand...
Click to collapse
This guide expects me to know what ROM I have. Thing is, I do not know what my device really is. It's running a ROM that I do not recognize (My post: https://forum.xda-developers.com/t/...l-and-odin-cannot-flash.4372669/post-86069051). I do not have the sources for it so I cannot acquire the required two files. Ramdisk is Yes as per my screenshot but I cannot follow the rest of the guide without the files.

try this
Check hardware and software info Galaxy:
*#12580*369#
Android 9 shows almost certainly a stockrom Pie .

xabu said:
try this
Check hardware and software info Galaxy:
*#12580*369#
Android 9 shows almost certainly a stockrom Pie .
Click to expand...
Click to collapse
I can't seem to get that code run when I dial it. Also, calling doesn't do anything.

Your phone needs twrp and a new good custom ROM ...
HELP! S8 got bricked, can't access recovery mode and OEM is locked
Can I get some help? I bricked my phone because I was trying to install twrp. It flashed but I got an error where it reset my data, after data reset I was stuck at the boot screen with the logo . I've tried steps like flashing stock rom, odin...
forum.xda-developers.com
Here are certainly members of the forum with lots of expertise!

Doomer D. Great said:
I can't seem to get that code run when I dial it. Also, calling doesn't do anything.
Click to expand...
Click to collapse
Maybe only European ?

xabu said:
Your phone needs twrp and a new good custom ROM ...
HELP! S8 got bricked, can't access recovery mode and OEM is locked
Can I get some help? I bricked my phone because I was trying to install twrp. It flashed but I got an error where it reset my data, after data reset I was stuck at the boot screen with the logo . I've tried steps like flashing stock rom, odin...
forum.xda-developers.com
Here are certainly members of the forum with lots of expertise!
Click to expand...
Click to collapse
I just TWRP it. It went smoothly. I love a new ROM but need to know what device is it.
Download mode say it is SM-G950N
Android say it is SM-950FD
Both SIM slots have the same IMEI number. This part is beyond my understanding.
I have Odin and know the basics. Just need to find a ROM I can go for: What official I should flash first and what custom. Any recommendation?

As soon as you make a TWRP total backup, you can see your boot.img and move a copy to your internal sd-card. There it can be picked up by Magisk and patched....Magisk will put it in your download folder on the internal sd-card ...
for the best Rom ask members with your S8 phone. I'am on the S7 Edge.

xabu said:
Maybe only European ?
Click to expand...
Click to collapse
Doomer D. Great said:
I can't seem to get that code run when I dial it. Also, calling doesn't do anything.
Click to expand...
Click to collapse
Just found out:The "famous" secret codes only work on stock based ROMs ¯\_( ͡❛ ͜ʖ ͡❛)_/¯

xabu said:
As soon as you make a TWRP total backup, you can see your boot.img and move a copy to your internal sd-card. There it can be picked up by Magisk and patched....Magisk will put it in your download folder on the internal sd-card ...
for the best Rom ask members with your S8 phone. I'am on the S7 Edge.
Click to expand...
Click to collapse
I have been trying to make the total backup but I do not see any boot.img:
And I do not see the file in the Device/TWRP/Backups:
Again, I must be missing something obvious. And as per the Magisk guide, I need the boot.img

magisk 24 is ****, it's bricking MediaTek powered Samsung phones

Boot.img from TWRP backup
In clockworkmod kernel and recovery are backed up as IMGs. But in TWRP it is boot.emmc.win Anybody know how to convert jt to boot.img? Help will be really appereciated. Sent from my HTC One X using xda app-developers app
forum.xda-developers.com
I must tell you that my custom rom for the s7 gives me the boot.img as the first file as soon as i open the zip.
the boot.img can also be reached by downloading the right stock rom for your phone. In that case it is the best practice to patch the whole
AP file by using Magisk.