unrooted XT1644 (previously Magisk rooted)
bootloader unlocked
TWRP 3.1.1-0
ElementalX kernel 3.10.84
OS version: 7.0
Security patch level: June 1, 2017, firmware NPJ25.93-14.5
Baseband: M8952_70030.25.03.62R ATHENE_RETUSA_CUST
SafetyNet app failed "CTS profile" on unrooted Android. Oddly, my phone passed SafetyNet when I used Magisk. But after restoring my phone from a Nandroid backup taken before Magisk was flashed, it no longer passes. Might there be file directory remnants of Magisk that are affecting the SafetyNet result? Any troubleshooting steps appreciated.
There's now a September 1, 2017 OEM security OTA update waiting for me in my Notifications bar. I'm hopeful that the update will create a new system partition that'll get rid of what's causing the SafetyNet fail. Unfortunately a logo.bin TWRP flash fix made a change to my system partition settings that won't allow me to safely take an OTA update. The last time I flashed a security update was through the kindness of someone who provided a TWRP-flashable zip of the June 2017 NPJ25.93-14.5 OTA file. I'm hoping the same will eventually be provided for the September OTA update.
Same case with me too but I have model XT1643 (Indian Version), Build number: NPJS25.93.14-10.
Also, while booting up I still get bootloader unlocked warning and in Google Play Store it is showing Device Certification as Uncertified.
When I type fastboot oem lock in cmd bootloader slot count, bootloader slot suffixes and one more bootloader line all are showing not found.
And yes, in Bootloader Unlock warning it is showing 'ID: Bad key'
Other than this my device is working fine, IMEI numbers and Fingerprint sensor is working perfectly.
I followed guide by tywinlannister7: https://forum.xda-developers.com/moto-g4-plus/how-to/stock-rom-npjs25-93-14-4-march-1-t3608138
Please can anyone tell how can I correct it.
Its the Elemental X kernel. If you don't have magisk installed, it trips the safetynet. I am using a XT1642, I experienced this about a year ago when I was first experimenting with custom firmware.
I downloaded the September 1, 2017 security patch update but would prefer to flash it via TWRP instead of letting the system install it. However I can't even determine where it was downloaded to and I can't access the root directory anymore. Is it safe to manually flash it on an unrooted system containing TWRP, ElementalX kernel and the logo.bin boot screen fix? I'm especially concerned about flashing it on a system that doesn't pass SafetyNet.
TCUofficial said:
Its the Elemental X kernel. If you don't have magisk installed, it trips the safetynet.
Click to expand...
Click to collapse
Thank you for that essential information. I won't consider it a problem since the phone doesn't have NFC, so no Android Pay support anyway. However, I need some additional info before proceeding with the update.
Do I need to get rid of the ElementalX kernel and restore the original?
Do I need to undo the logo.bin bootloader unlock screen fix?
Do I need to get rid of TWRP before allowing the system to install the security patch?
Thanks.
Sorry to be redundant but I am pressed for an answer. Thanks in advance.
RE: downloaded but installed Moto G4+ September 1, 2017 security patch NPJS25.93-14-10.
- Can the patch be safely installed after TWRP has been flashed on the phone?
- Can the patch be safely installed after an ElementalX kernel has been flashed on the phone?
mel2000 said:
Can the patch be safely installed after TWRP has been flashed on the phone?
- Can the patch be safely installed after an ElementalX kernel has been flashed on the phone?
Click to expand...
Click to collapse
Answer is NO to both your questions. You need a STOCK boot image and a stock recovery image to “patch” (by which I think you mean upgrade via an OTA) your phone.
mel2000 said:
Sorry to be redundant but I am pressed for an answer. Thanks in advance.
RE: downloaded but installed Moto G4+ September 1, 2017 security patch NPJS25.93-14-10.
- Can the patch be safely installed after TWRP has been flashed on the phone?
- Can the patch be safely installed after an ElementalX kernel has been flashed on the phone?
Click to expand...
Click to collapse
In addition to zeomal's reply, your device would also need an unmodified system partition (no root, readonly, so no TWRP modifications) else the OTA will fail too.
Furthermore, I don't think the update you've downloaded is suitable for US retail devices, and if flashed might stop you from receiving future OTA updates. If you want the stock NPJ25.93-14.5 full ROM to revert to: https://androidfilehost.com/?fid=673368273298984458
Or the NPJ25.93-14.7 stock ROM: https://androidfilehost.com/?fid=817906626617945295 Of course, either of these will reset your device to stock, erasing TWRP, root and ElementalX and most likely your data, so back up. However, they should permit you to take OTA updates. Flash only in fastboot.
If you've already installed NPJS25.93-14-10, then you won't likely get the OTA update if installed on US devices.
As for SafetyNet/ device uncertified, I recall that's likely due to an unlocked bootloader. Magisk has the ability to hide the bootloader unlocked status from Safetynet, hence why when you removed magisk, the Safetynet detection saw your unlocked bootloader and therefore trips Safetynet. An easy way to get Safetynet passed is to reflash ElementalX and magisk.
I want to thank both zeomal and echo92 for their prompt and clear responses. I will address related issues before I move on.
EDIT: Used OEM Flash.bat to reupdate to June 2017 NPJ25.93-14.5, then allowed NPJ25.93-14.7 to be installed from Moto. All went well with an unlocked bootloader. Didn't lose any apps.
- TWRP (gone)
- ElementalX (gone)
- Logo.bin fix (gone)
- SafetyNet (failed - due to unlocked bootloader)
Thanks again to all.
Hi,
I had December patch running in Slot B beforing installing TWRP (in both partitions) and then installing Magisk in slot A.
So I am currently running November patch in this slot (rooted) with Dec patch in Slot B. (I get a December update notification rn cuz of that but after downloading it doesn't get installed)
How can I update to Oreo keeping the root and data?
Thank you in advance.
You will get stuck in a bootloop if you try to root Oreo with magisk when installing OTA. Just install ota and don't root using magisk. After booting oreo flash the patched boot image to get root access using magisk.
Please share the link of rooted file which helps to root February security patch of Moto G4 Plus please help me and explain me in detail please I tried different supersu zip files but my boot is not completing its booting and booting continuously please give me perfect supersu zip file for February security patch update
You need to flash a custom kernel before you attempt to root on stock Nougat. Attempting to root with the stock Motorola hudsoncm kernel results in boot failures, as you've mentioned.
Easiest way is to flash ElementalX before you attempt to root as per this guide here. https://forum.xda-developers.com/mo...de-root-moto-g4-plus-supersu-android-t3587918 you may choose to use magisk instead of SuperSU.
I'm stably rooted on NPJS25.93-14-15 with shrep's TWRP 3.1.1, ElementalX 2.0 and magisk 15.3/16.1
Hello, my nokia is rooted , bootloader unlocked and twrp installed.
I am with march security patch update.
Can i install latest security patch via twrp?
Without unrooting?
Or is there any other method?
you can't do it bro , ur phone will get bootloop
u must hard reset first
Hello friends,
I would like to know how to apply OTA update via TWRP with the magisk running. I have not found any good tutorials that explain the correct procedure. Always when I need to update the security path, I remove all the root magisk through the zip unistall magisk via TWRP, update the system and then return with custom recovery + root.