There is a modem for the optimus G here:
http://downloads.codefi.re/houstonn/lgog/modem/E975_E977_E976
but it is from firmware 10b. You may want to try if it works better than your firmware. In this case, it is better if you make a backup of your current modem firmware, so you can go back to your version. Here I will write instructions to backup your modem, so you can restore it if you need.
Probably some of you know this already and feel like these are old news, but maybe we can build a modem firmware library.
You need root and a way to make an adb connection to your phone. If you cannot use adb, you can always use a terminal emulator on your phone, but this makes it a bit harder to type the commands. Also, this is for people who understand what they are doing. If after reading the tutorial you don't understand what the commands do, please don't try it. Or at least don't make me responsible if your phone bricks. Here we go.
NON NEEDED STEPS: This steps are here to show why this works.
1-Connect to your phone by adb.
2- On the terminal type :
Code:
mount
You'll see the following (amongst other things):
Code:
/dev/block/platform/msm_sdcc.1/by-name/modem /firmware vfat ro,context=u:object_r:radio_efs_file:s0,relatime,uid=1000,gid=1000,fmask=0337,dmask=0227,codepage=cp437,iocharset=iso8859-1,shortname=mixed,errors=remount-ro 0 0
This means that the partition containing the firmware is /dev/block/platform/msm_sdcc.1/by-name/modem and it is mounted at /firmware.
NEEDED STEPS
1- Connect by adb
2- On the terminal type
Code:
su
Check if confirmation is needed on the phone screen. If needed, accept.
3-
On the terminal type:
Code:
dd if=/dev/block/platform/msm_sdcc.1/by-name/modem of=/sdcard/modem.img
4-You will receive the following after some seconds:
Code:
131072+0 records in
131072+0 records out
67108864 bytes transferred in 29.959 secs (2240023 bytes/sec)
5-Type
Code:
exit
exit
adb pull /sdcard/modem.img
6-Now you have your backup.
HOW TO PACK THIS BACKUP FOR FLASH:
1-Download the file: cwm-lgog_e975-europe-10b_modem.zip from http://downloads.codefi.re/houstonn/lgog/modem/E975_E977_E976
2-Open the zip file and replace the existing modem.img with your file
3-Rename the file to something meaningful, like cwm-lgog_e975-europe-10f_modem.zip
After these steps, you should be able to flash any modem, knowing that you can go back to your old version.
You can upload the packed files here, so we can have a library. I will upload the modem from european 10f version here. I tested it and it works correctly, but I won't take any responsibility for what you do with this file.
Good luck.
All this info is obtained from examining the houstonn LGOG modem flasher from team codefire, so all thanks go to them. Thanks.
Very nice tutorial man. It will help newbies like me to back up and restore our modem.img, especially those who have F180* phones that wants or being converted to E975. Nice job. :good:
Nice,i'll add this to the Freaking Annoying Questions.
Sent from Asylum via LG E975/smart phones,dumb people.
Nice job.. Its work in e977 with 10a firmware?
Thx.
Sent from my LG-E975 using xda app-developers app
You should be able to backup your e977 modem following this tutorial.
renatonolo said:
Nice job.. Its work in e977 with 10a firmware?
Thx.
Sent from my LG-E975 using xda app-developers app
Click to expand...
Click to collapse
could you please do the same thing for the misc partition and upload it somewhere?
I saw that freegee is touching this one so please mention if your phone was opened with freegee.
sonty said:
could you please do the same thing for the misc partition and upload it somewhere?
I saw that freegee is touching this one so please mention if your phone was opened with freegee.
Click to expand...
Click to collapse
I am sorry, I am not going to upload my misc partition, as this partition contains my IMEI.
I can, however, tell you how to backup it:
Code:
dd if=/dev/block/platform/msm_sdcc.1/by-name/misc of=/sdcard/misc.img
Can I ask why you need that?
dapaua said:
I am sorry, I am not going to upload my misc partition, as this partition contains my IMEI.
Can I ask why you need that?
Click to expand...
Click to collapse
I had no idea the IMEI is also there. I asked for it because the baseband version is also stored there and it's kind of odd to know I'm flashing the modem from EU-10f and the displayed version is TW-10a. I'm still hoping to solve that issue.
Ah, OK. Tomorrow I'll check if the misc partition can be mounted, this would make editing it much easier.
dapaua said:
Ah, OK. Tomorrow I'll check if the misc partition can be mounted, this would make editing it much easier.
Click to expand...
Click to collapse
I think it is not possible to mount the misc partition.
“In any case, the misc partition isn't a "filesystem" partition as you are familiar with. It is actually just a simple data structure. In fact, only the system, cache, and userdata partitions are actually filesystem partitions, and the cache partition is only a filesystem partition part of the time -- during radio and spl updates, it also is used as a simple data structure with a header field and a payload field...”
http://forum.xda-developers.com/showpost.php?p=7254425&postcount=3
I was trying to find some additional info about this structure but without success so far.
On may F180K the misc partition has 16 777 216 Bytes. Some interesting offset:
0x8000 – 0x800E IMEI (15Bytes)
0x8800 – 0x8824 Baseband version (37Bytes)
0x9000 – 0x9024 Baseband version (37Bytes)
CyanogenMod display the last one data on the Settings->About phone->Baseband version
jumper8 said:
I think it is not possible to mount the misc partition.
“In any case, the misc partition isn't a "filesystem" partition as you are familiar with. It is actually just a simple data structure. In fact, only the system, cache, and userdata partitions are actually filesystem partitions, and the cache partition is only a filesystem partition part of the time -- during radio and spl updates, it also is used as a simple data structure with a header field and a payload field...”
http://forum.xda-developers.com/showpost.php?p=7254425&postcount=3
I was trying to find some additional info about this structure but without success so far.
On may F180K the misc partition has 16 777 216 Bytes. Some interesting offset:
0x8000 – 0x800E IMEI (15Bytes)
0x8800 – 0x8824 Baseband version (37Bytes)
0x9000 – 0x9024 Baseband version (37Bytes)
CyanogenMod display the last one data on the Settings->About phone->Baseband version
Click to expand...
Click to collapse
Thanks.
You are totally right, this partition is not a filesystem. And it is mostly empty, it's all zeros except for some bytes. Most of it are text strings, but there are some small binary parts.
I think the 0x8800 - 0x8824 part is the original firmware version.
I wouldn't touch that partition, seems too dangerous .
dapaua said:
I wouldn't touch that partition, seems too dangerous .
Click to expand...
Click to collapse
freegee touches it. I see it made a backup and the difference is that it changed some bytes to 0 (offsets 0x40-0x52), then wrote ANDROID-BOOT at offset 0x4000. the rest is the same. it seems there's nothing like a crc so basically I could write whatever I want in that version field. the bad part is that as an user you'll never know what modem version you have since its version is not stored on the modem partition. I wonder who came up with this system and what was he thinking.
thanks for the clarification. offtopic over .
sonty said:
I had no idea the IMEI is also there. I asked for it because the baseband version is also stored there and it's kind of odd to know I'm flashing the modem from EU-10f and the displayed version is TW-10a. I'm still hoping to solve that issue.
Click to expand...
Click to collapse
Some time ago I had the same issue. I solved it by modifying binary data on the misc partition. I was done this only on CM10.1 (F180K). I don’t know if it will work on other custom rom especially stock one.
Today I’ve done this one more time for preparation the following procedure. Maybe some one will use it on the future.
STEPS:
0. Backup the misc partition with your recovery. I was used CWM Advance Edition PhilZ Touch 5:
Backup and Restore-> Custom Backup and Restore->Custom Backup Job->Backup misc (*)
I’m not sure if all CWMs version support misc partition backup. TWRP not support it right now.
1. Dump the misc partition to /sdcard.
Code:
adb wait-for-device
adb root
adb shell "dd if=/dev/block/platform/msm_sdcc.1/by-name/misc of=/sdcard/misc_orig.img"
OUTPUT:
32768+0 records in
32768+0 records out
16777216 bytes transferred in 6.539 secs (2565715 bytes/sec)
2. Pull the image to your PC
Code:
adb pull /sdcard/misc_orig.img misc_orig.img
3. Edit downloaded image file by your favorite hex editor (e.g. Notepad++ with Hex-Editor plugin)
Find both baseband name strings (mine were on offset 0x8800 and 0x9000) and change them (CM10.1 use the last one to set gsm.version.baseband in file /system/bin/fetch-swv).
REMEMBER:
- Do not use regular text editor (like Notepad or vi) – they can add some extra characters to the file.
- If possible try to modify only bytes responsible for original baseband name. If the new name is shorter, simply put spaces char (0x20) to clear unwanted chars. If you need to put the longer name, be careful. I don’t know the max size for this string. There are dozens of zeros behind the baseband name on my image file. So, for testing I added extra 20 Bytes text. The new baseband name was shown without problem.
4. Push the modified image file to your phone
Code:
adb push misc_orig.img /sdcard/misc_mod.img
Check if size of the original and modified files are equal.
5. Write the modified image to the misc partition
Code:
adb shell "dd if=/sdcard/misc_mod.img of=/dev/block/platform/msm_sdcc.1/by-name/misc "
OUTPUT:
32768+0 records in
32768+0 records out
16777216 bytes transferred in 4.183 secs (4010809 bytes/sec)
6. Reboot your phone
DONE.
Hi all,
I just create a .zip to backup your modem / baseband / radio with your recovery (CWM / TWRP...)
ok as a newbie i cant figure out how to back up modem using adb... but after reading stuff what i did :
downloaded "Android Terminal Emulator" from playstore
open emulator in phone wrote as u mentioned :
su
dd if=/dev/block/platform/msm_sdcc.1/by-name/modem of=/sdcard/modem.img
after some seconds this came out :
131072+0 records in
131072+0 records out
67108864 bytes transferred in 15.229 secs
then :
exit
exit
after that i checked sdcard but there was no img file...
then i open file manager from the phone and there it was my precious :laugh:
size = 64mb... is it normal?
anyway .. made a new folder "modem" copied the img file into modem folder (using file manger) again connected the phone to pc copied the modem folder on my desktop...
hope it will help new guys here like me :good:
after installing the European kitkat I lost my LGOG E977 modem, anyone have some backup there to help me?
how to fix this?
:crying::crying::crying::crying::crying::crying::crying::crying::crying:
pedro5148 said:
after installing the European kitkat I lost my LGOG E977 modem, anyone have some backup there to help me?
how to fix this?
:crying::crying::crying::crying::crying::crying::crying::crying::crying:
Click to expand...
Click to collapse
root using towelroot. unlock and install custom recovery using freegee and flash the modem in this post via recovery: http://forum.xda-developers.com/showpost.php?p=54016773&postcount=4
akahroba said:
root using towelroot. unlock and install custom recovery using freegee and flash the modem in this post via recovery: http://forum.xda-developers.com/showpost.php?p=54016773&postcount=4
Click to expand...
Click to collapse
I already did that, did not work out ...
any more solution?
pedro5148 said:
I already did that, did not work out ...
any more solution?
Click to expand...
Click to collapse
Get back to JB and wait for your midel update
Back to JB I recovered the IMEI, but I have no carrier signal.
So do the root with towelroot, unlock custom recovery with FreeGee, do I back up EFS, and when I restart the machine it loses the IMEI.
So I install the modem and E97710b.kdz for E97710b model recover EFS and nothing happens, still no sign of the operator ...
---------- Post added at 02:22 PM ---------- Previous post was at 02:22 PM ----------
akahroba said:
Get back to JB and wait for your midel update
Click to expand...
Click to collapse
even going back to JB, I continued without the modem
Related
I've just flashed the boot.img and system.img from Peter Alfonso:
http://www.peteralfonso.com/2011/11/download-100-stock-fastboot-images-for.html
Boot.img worked fine after the reboot. I've flashed the system.img now and its been on the pretty colours screen for a good few minutes.
Anyone got any ideas? Trying to unroot my device
Anyone :'(
Sent from my iPad 2 using Tapatalk
Can someone please upload their system.img so I can flash it.
Sent from my iPad 2 using Tapatalk
I believe your problem is that those images are for the VZW LTE version and the build.prop is telling the system to use the LTE ril and you have a GSM radio. There may be other discrepancies as well between versions. Check to development forum for a GSM system and
boot image that you can fastboot to restore your phone.
cellzealot said:
I believe your problem is that those images are for the VZW LTE version and the build.prop is telling the system to use the LTE ril and you have a GSM radio. There may be other discrepancies as well between versions. Check to development forum for a GSM system and
boot image that you can fastboot to restore your phone.
Click to expand...
Click to collapse
They are for a GSM version I believe aren't they. I cant find a system.img anywhere
I think I was wrong, I read about updating the VZW images when its released and got confused sorry.
Not sure why it might have hosed your phone. Have you tried reflashing it in fastboot?
cellzealot said:
I think I was wrong, I read about updating the VZW images when its released and got confused sorry.
Not sure why it might have hosed your phone. Have you tried reflashing it in fastboot?
Click to expand...
Click to collapse
yep. I did ./fastboot flash system system.img
Just gets in a loop on the loading screen
Could I flash the CWM image in fastboot and install the modaco rom? Would that work?
Theoretically, yes it should, but I was hesitant to suggest something like that because we weren't sure what caused the issue to begin with. If you are willing to give it a shot and have already resigned yourself to losing your warranty, then it seems worth a try.
At this point, the safest thing would be to wait until an OTA update is pushed out and it will either fix everything or give you a clearer chance at getting it replaced under warranty.
Not a very satisfying answer, sorry.
cellzealot said:
Theoretically, yes it should, but I was hesitant to suggest something like that because we weren't sure what caused the issue to begin with. If you are willing to give it a shot and have already resigned yourself to losing your warranty, then it seems worth a try.
At this point, the safest thing would be to wait until an OTA update is pushed out and it will either fix everything or give you a clearer chance at getting it replaced under warranty.
Not a very satisfying answer, sorry.
Click to expand...
Click to collapse
The issue occured when i flashed the system.img. The boot.img from his package worked fine.
I can only get the device into fastboot it seems, so I cant adb push the ROM to the device anyway :'(
http://forum.xda-developers.com/showthread.php?t=1352347
Did you try downloading the images from that thread? They may work better for you since they were pulled from a UK device.
Do you mean the DD image? I was a bit weary as it was 600mb .img file and a normal system.img is 250mb
Not entirely sure what that is and don't want to make it worse. Also, not sure what the zip file is either
Sent from my iPad 2 using Tapatalk
Evostance said:
Do you mean the DD image? I was a bit weary as it was 600mb .img file and a normal system.img is 250mb
Not entirely sure what that is and don't want to make it worse. Also, not sure what the zip file is either
Sent from my iPad 2 using Tapatalk
Click to expand...
Click to collapse
It's probably a sparse image judging from the size of it. If it compresses down to a normal size when you zip it you will know if my guess was correct.
Not sure how you would flash those though, other than using dd to write them back.
blunden said:
It's probably a sparse image judging from the size of it. If it compresses down to a normal size when you zip it you will know if my guess was correct.
Not sure how you would flash those though, other than using dd to write them back.
Click to expand...
Click to collapse
He has put
cd dump
adb pull /system system
## Edited /META-INF/com/google/android/update-script with:
## show_progress 0.1 0
##
## copy_dir PACKAGE:system SYSTEM:
## set_perm_recursive 0 0 0755 0644 SYSTEM:app
## show_progress 0.1 10
##
## Zip system and META-INF folders into gnsys.zip
## Signed using testsign.jar
So the system is in gnsys.zip and fasboot can flash system via a zip I take it.
I have no idea how to use dd either :/
Evostance said:
He has put
cd dump
adb pull /system system
## Edited /META-INF/com/google/android/update-script with:
## show_progress 0.1 0
##
## copy_dir PACKAGE:system SYSTEM:
## set_perm_recursive 0 0 0755 0644 SYSTEM:app
## show_progress 0.1 10
##
## Zip system and META-INF folders into gnsys.zip
## Signed using testsign.jar
So the system is in gnsys.zip and fasboot can flash system via a zip I take it.
I have no idea how to use dd either :/
Click to expand...
Click to collapse
If it's an update.zip is has to be flashed using recovery, a custom recovery in this case since the signature will be changed or incorrect.
My dd comment was referring to what parts of the emmc you should set as the output. Using dd in general is not a problem, even though one should always be careful when using it.
Rather than try to cobble together a solution, I think it's probably best to wait until someone posts a proper system image or an official set of stock images is made available. While I believe it could very well work and should, I just think its safer to try to restore it with known good images, especially since you haven't done anything that extreme yet and the fix should be very simple.
That is the frustrating part because all you need is the right set of images to restore.
Edit: /system is about 643MBs when you use dd to make an image and mmcblk0p10 is the /system partition
I am generally all for DIY solutions but without a safety net of stock images this early, when an official solution is likely to be made available shortly, I recommend waiting.
OK cheers guys.
Won't the OTA just have part of a system rather than the lock?
I've got in contact with Pete so might try see of we can solve that. If not, hopefully patch will be out before Wednesday so I can flash and send back.
Failing that I'll have to hope someone accepts it anyway
Sent from my HTC Desire HD using Tapatalk
I would like create a backup (of my entire system including boot image, data and system partitions. Is there any way I can do this without the CWM. The main reason is that I could return the phone to the original state in case if I have to return for service.
For my knowledge (and i have no knoledge! ) samsung accept rooted device on service (otherwise if the phone has broken screen it is not accepted)...but, if i were you, i would install cwm and make a nandroid backup of the whole system. If you want to have all of google system images(to restore original stock) you could set your sdk environment http://developer.android.com/sdk/index.html and download google images (bootloader, rom, radio) and put in a safe place (the SDK supply adb/fasboot which are tools that you would use to restore the google's files). that's the thread with these contents: http://forum.xda-developers.com/showthread.php?t=1366806 That's the standard (so yours) original stock files from google actually on your phone!
and also i advise you to follow these steps to save your /EFS partition (you never know) before flashing custom things, BUT IT REQUIRES ROOT: http://forum.xda-developers.com/showthread.php?t=1352371
BUT, if you don't want to install cwm, you could also see here: http://forum.xda-developers.com/showthread.php?t=1392310
Thank you. If I am right, msskip's tools will install the CWM onto my phone as well. I have just come across a guide for back-up without CWM <http://forum.xda-developers.com/showthread.php?t=1420351>. I am just not quite sure if it is the same full back-up as I get for the Nandriod or CWM. Does anyone have any experience with this?
The post you linked doens' backup /boot partition and recovery. So you can backup only /system and /data; you can obtain these EXACTLY files just downloading the google system (4.0.1 - 4.0.2 - 4.0.3) files (*.img estension) and you have the same result, plus you can get bootloader.img and recovery (evrything stock, meaning samsung galaxy nexus stock files)...these are in the post i linked and are the stock google images and these are the files that our phones has inside (also including system.img).
that' the explanation why i think that is basically useless to make a backup of /system and /data for warranty purpose, because google (or first phone users in november when the phone came out on the market) provied all .img that you need to revert (using fastboot) anytime your phone to a stock 'new'phone (which is your now, so in warranty!). Make, instead, a backup for the files and apps (apk) (usually /data) that you need if you want to try custom roms and then if you are not satisfied get back to stock...
To answer to your question, no is not the same kind of backup, you will lack /boot and recovery.
adding that you can use adb to generate .img by
Code:
cat /proc/mtd
and you will have a fs table with adresses (i have no phone now so cannot provide), then using dd (assuming boot is on mtd2):
Code:
dd if=/dev/mtd/mtd2 of=/sdcard/boot-stock.img bs=2048
and also use this for recovery partition...never tried for system and data partition (but could work, i'm not sure so not do that in this way, wait more knowing-knoledge people and also never tried on ics but, just ginger remembering...dont' know if it's the same in this new system)
but this process make use of
Code:
adb shell
su
the second one requires root....
as of now, i dont' now any method not involving root to make these things but as i stated at first post, i don't know anything
Thank you. I am wondering if the image file you have provided is for yakjuux. I have come across many posts that if I get the wrong baseband, the phone will not work correctly.
post, please, your baseband version which you can find on settings->phone info->basedand version in your phone; mine is 19250xxkl1 that i have recently updated from xxkk1 (the stock one)
My Build # is ITL41F I9250 UGKL1 and the kernel is 3.0.1-ga052f63 [email protected] #1.
Do you think you have a image of this? Thanks.
As far is i know, you have a GSM version of Galaxy Nexus. So it's safe to grab google image of /system, /boot and for the radio grab UGKL1 radio/baseband version. To better answear it's better to know also you bootloader version (which probably is primekk15): you can view this by going on bootloader on you phone doing this:
1 setup android sdk environment (include fastboot) for your pc system (windows-linux-osx)
2 enter in the settings menu of the phone and tic the 'debug usb'
3 attach the phone to the pc and let it recognize your phone (windows-osx), for linux install udev that already are in your distrib/repo
4 (assuming you are on windows) on pc... start/run/ cmd: the the terminal open up and go in your android-sdk directory, enter and then go to platform-tools; there is adb command, run: adb reboot bootloader
this will restart your phone in the bootloader menu. There, you have all of information you need...just write here your bootloader version (to have a confirmation) to understand which versione you need to download and put in a safe place in case of warranty-need...
Then wait someone better than me that knows how to make backup of all partitions without root (without exploit i think it's difficult to grant su access on the standard ics system); if there is no such possibility, just root, install cwm and do a nandroid backup and then trasnferr on a safe place on your place and you are good to go to try modding.....
now i need sleep as here is 8 in the morning and finishing compilemy l701x kernel which weight 3,4 mb lzo compressed, fine tuning.....good nite,ehm,good mornig..mmm... good is enough
Thank you. It takes some time to download the packages.
The Bootloader shows the following
Product Name: Tuna
Variant: Maguro
HW Version: 9
Bootloader Verson: Primekk14
Baseband Version: I9250UGKL1
Carrier Info: None
Signing: Production
What would be the appropriate to donload. Do you have their respective link? Thank you for your ongoing support.
Would anyone with experience please provide me with inputs if:
1. there is any way to back-up without root
OR
2. the phone has to be rooted, is there any way to have a program residing in my computer iso the phone (CWM in this case).
OR
3. there is any way to remove CWM and other rooted apps before I use GNex Toolkit to relock the phone.
Thanks.
Here you go:
http://forum.xda-developers.com/showthread.php?t=1420351
Would anyone with experience please help?
I am struggling with the same issue. Restoring the nandroid, removing su and superuser.apk and then relocking the bootloader actually brings the phone to quite factory looking mode (except for timestamps in system)
I wonder if it is possible to pull dump of system the same way it is done for boot and recovery.
Guys - it is pretty trivial to restore all partitions you would be modifying to factory conditions because Google provides the factory images for which you can use fastboot to restore. You don't even need to be unlocked much less rooted or have CWM installed because the Google images are official and have the correct signatures.
As for making image copies of your phones partitions this cannot be done w/o root access because these partitions are only available to root. If you are rooted you can use a utility such as dd on the phone to copy the partitions.
Sent from my Galaxy Nexus using XDA App
silow said:
Guys - it is pretty trivial to restore all partitions you would be modifying to factory conditions because Google provides the factory images for which you can use fastboot to restore. You don't even need to be unlocked much less rooted or have CWM installed because the Google images are official and have the correct signatures.
As for making image copies of your phones partitions this cannot be done w/o root access because these partitions are only available to root. If you are rooted you can use a utility such as dd on the phone to copy the partitions.
Sent from my Galaxy Nexus using XDA App
Click to expand...
Click to collapse
Google provides yakju images only. Phones here in Canada come with yakjuux which is even 4.0.1. It will be pretty obvious you have thinkered with your phone if you return it with yakju image instead the original one.
As for root - I think it might not be necesary - I was able to do nandroid backup without flashing neither recovery or root to my system by simply unlocking the boot loader and booting CWM off fastboot. I am thinking can we dd while in CWM (flash of phone still intact - except of bootloader which is not an issue since it can be relocked)
Anyone have the dd syntax handy and the partition that needs to be dumped?
system partition seems to be /dev/block/platform/omap/omap_hsmmc.0/by-name/system (this is the df output after I mounted it in CWM)
Would the dd command be something like
Code:
dd if=/dev/block/platform/omap/omap_hsmmc.0/by-name/system of=/sdcard/yakjuux.img
CWM provides you "root" because it has the su binaries in the ramdisk.
You can run the following when booted into CWM since CWM will mount /data:
Code:
dd if=/dev/block/mmcblk0p10 of=/data/media/system.img
leobg said:
[snip]
Anyone have the dd syntax handy and the partition that needs to be dumped?
system partition seems to be /dev/block/platform/omap/omap_hsmmc.0/by-name/system (this is the df output after I mounted it in CWM)
Would the dd command be something like
Code:
dd if=/dev/block/platform/omap/omap_hsmmc.0/by-name/system of=/sdcard/yakjuux.img
Click to expand...
Click to collapse
I think that may work. The output file may be padded with extra zeros, so you may need to trim them before flashing (this is certainly the case when you dump the radio).
EDIT: I would probably use this instead (although I am not sure it will make a difference:
Code:
dd if=/dev/block/platform/omap/omap_hsmmc.0/by-name/system of=/data/media/yakjuux.img
efrant said:
I think that may work. The output file may be padded with extra zeros, so you may need to trim them before flashing (this is certainly the case when you dump the radio).
EDIT: I would probably use this instead (although I am not sure it will make a difference:
Code:
dd if=/dev/block/platform/omap/omap_hsmmc.0/by-name/system of=/data/media/yakjuux.img
Click to expand...
Click to collapse
Yes, that was what I actually ended up doing since /sdcard was a sym link to /data/media. Resulting file is 654MB uncompressed. I wonder how can I easily check if content is right on a win machine.
---------- Post added at 09:44 PM ---------- Previous post was at 09:37 PM ----------
silow said:
CWM provides you "root" because it has the su binaries in the ramdisk.
You can run the following when booted into CWM since CWM will mount /data:
Code:
dd if=/dev/block/mmcblk0p10 of=/data/media/system.img
Click to expand...
Click to collapse
Yes, I meant it's not necessary to make any changes on the filesystem to achieve it once bootloader lock is off. And by simply relocking the device after, there are zero traces of any 'hackery' being done on the phone.
leobg said:
Yes, that was what I actually ended up doing since /sdcard was a sym link to /data/media. Resulting file is 654MB uncompressed. I wonder how can I easily check if content is right on a win machine.
Click to expand...
Click to collapse
There is obviously some extra padding in there, as the file size should be closer to half that size uncompressed.
---------- Post added at 09:08 AM ---------- Previous post was at 08:51 AM ----------
leobg said:
[snip]
And by simply relocking the device after, there are zero traces of any 'hackery' being done on the phone.
Click to expand...
Click to collapse
Not sure why so many people are worried about "traces of hackery". I can't speak from personal experience, but many Nexus One owners (if not all of who have attempted), had NO issues returning devices to HTC that were unlocked... Remember, the N1 did not have a relockable bootloader, so they obviously knew you were messing around.
You don't have to FLASH CWM to USE CWM.
Just BOOT CWM. Simple.
Hi
My wife bought a Note 2 (N7100) in China, second hand. I thought it was stock, so I tried to update it manually (official update) with Odin. But of course it was rooted and with some chinese ROM (my guess since I saw chinese charachters).
That didn't work so I proceeded to install a custom rom. After trying over and over, my phone would not recognise the SIM no longer (it worked before I started out with this mess). I have basically tried installing multiple roms (4.1, 4.3, 4.4), Odin fails when trying offical roms, multiple modem zips etc. Dont know what to do.
Problem is that I can not get the PCode because there is no connection with the SIM. IMEI is on the back of the phone, but trying *272*#IMEI-code# doesn't give me nothing because i just get fail. Trying to download a official rom from china over baidu.com, but until now no luck. What would you do? Right now its a phablet with wifi, nothing else. Anyone have an idea how to fix this little mess I put myself into?
Flash custom recovery and TRY THIS method in ADB.
Confirm if they have the same efs address though, but I think it's the same.
cz4r3n said:
Flash custom recovery and TRY THIS method in ADB.
Confirm if they have the same efs address though, but I think it's the same.
Click to expand...
Click to collapse
Looks like my /efs/ partition is zero, nill nothing. What to do? Use it as a wifi phablet? I dont have linux, only mac, so I cant do these two steps, but I guess it does not matter since I can not open the efs.img file
linux# losetup /dev/loop0 efs.img
linux# fsck /dev/loop0
So the phone is impossible to fix now - right? /efs/ folder on phone is emtpy.
Found my IMEI number for this phone on Google Dashboard. Is it possible to restore the EFS image only using that?
mikasjoman said:
Found my IMEI number for this phone on Google Dashboard. Is it possible to restore the EFS image only using that?
Click to expand...
Click to collapse
Did you ever have a backup on your efs?If yes, then restore it.there are so many threads on how to restore your efs.
---------- Post added at 07:55 PM ---------- Previous post was at 07:44 PM ----------
mount efs in adb.
adb shell
su
mount
dd if=/dev/block/mmcblk0p3 of=/sdcard/mmcblk0p3.bin
Code:
dd if=/dev/zero of=/dev/block/mmcblk0p3
dd if=/sdcard/mmcblk0p3.bin of=/dev/block/mmcblk0p3
mmcblk0p3.bin
That is a no Or maybe. I made a copy to my harddrive with those instructions you linked to. Could I email the efs.img file to you and you check if its usable? Maybe it is just corrupt. I really don't know how to figure it out on this mac. If it was empty it should not be the 21 MB it is.
I did a "cat" on the efs.img file and it seems full of info.
Being the poor student I am, I wont be able to buy a new phone in some time
I understand it is currently not possible to unlock a Razr M with 98.18.94 or 98.30.1 OTA. Never the less, I had been trying to restore a previous VooDoo root that I deleted before the last OTA. Through the experimenting, I screwed up the flash on my phone, and recovering it, I found something that might be interesting.
As others pointed out, downgrading does not work. Flashboot gives various errors. When I screwed up my file system, I was able to flash from 98.18.94 (which I had) to 98.30.1 (which was the only download I could find) using RSD Lite. I was lucky it worked. And since I have been able to experiment and keep flashing 98.30.1 over and over.
I would like to report that in my experiments, I noticed an interesting fact about the recovery.img:
I am able to flash stock 98.18.78 recovery to my phone running 98.30.1.
I have verified the recovery.img contents are not the same, according to a WinMerge file compare, they are ~10% the same
When I try to flash twrp or cwm recovery, the only fastboot error is to the effect "wrong partition size".
The size of .78 and 98.30.1 recovery are the same, 10,485,760 bytes
On the other hand, if I try to flash the .78 system.img fastboot, or use RSD lite to flash .78, I see different security related errors on the phone's fastboot screen- none of which mention partition size. Of course, this is related to the Locked Bootloader I have.
What I wonder is, since the error for the recovery.img is not a security related one, but one of size, and the fact that it took recovery from .78- I wonder if a cwm or twrp made to be the same size as stock Moto recovery, would it be able to sneak in?
Right now my Razr M has gone from 98.18.94 to 98.30.1 with a 98.18.78 recovery. And I'm working ok.
I am not a professional Android Dev. But I am going to do the research and try to modify a cwm type recovery to match the size of a Moto recovery, and see what happens.
I invite anyone with real experience to contribute.
Bryan
bryanwieg said:
What did you say?
Click to expand...
Click to collapse
Well I hope you have something here!
We need someone like jbaumert or Phil3759 to chime in here.
aviwdoowks said:
Well I hope you have something here!
We need someone like jbaumert or Phil3759 to chime in here.
Click to expand...
Click to collapse
I have already found that if I take the OTA recovery and unpackbootimg and then mkbootimg without changing anything.. it recompiles down to aprox 5mb, which is different than the size it started from Moto.
So I am looking at if the size is set in how the img is compiled.
30.1 and .94 are the same updates, just different system versions. As for the other stuff, I'm not even sure what to say. I'm with Avi on this, I definitely would like to see what a dev has to say.
New Philz coming BTW.
http://forum.xda-developers.com/showpost.php?p=48881182&postcount=2003
Others could ask for the padded up Philz or at least Quote my post.
http://forum.xda-developers.com/showpost.php?p=48886733&postcount=2004
aviwdoowks said:
New Philz coming BTW.
http://forum.xda-developers.com/showpost.php?p=48881182&postcount=2003
Others could ask for the padded up Philz or at least Quote my post.
http://forum.xda-developers.com/showpost.php?p=48886733&postcount=2004
Click to expand...
Click to collapse
I found out via a hex editor, both files have empty data insert after the same point, with certificate data at the end, and it winds up making each file the same size. The data before the 'empty data' in each file is mostly different bits.
My current problem is that when I decompile an img, and recompile it, it's bigger, meaning that I cannot insert the 'empty data' at the same point they did.
bryanwieg said:
I found out via a hex editor, both files have empty data insert after the same point, with certificate data at the end, and it winds up making each file the same size. The data before the 'empty data' in each file is mostly different bits.
My current problem is that when I decompile an img, and recompile it, it's bigger, meaning that I cannot insert the 'empty data' at the same point they did.
Click to expand...
Click to collapse
They are both signed with the 128, or more, bit code. Which is what makes this a such a Loooooong shot.
aviwdoowks said:
They are both signed with the 128, or more, bit code. Which is what makes this a such a Loooooong shot.
Click to expand...
Click to collapse
Well, you'r right on the money. I appended data to a CWM recovery the same as Moto did to thiers, including the certificate at the end.
I didn't get a partition size error this time, but I did get a 'Failed to hab check for recovery'.
Granted, I didn't manage to place the 'empty data' at the same point in the file as the stock roms did. Other than that, it must be the certificate.
bryanwieg said:
What I wonder is, since the error for the recovery.img is not a security related one, but one of size, and the fact that it took recovery from .78- I wonder if a cwm or twrp made to be the same size as stock Moto recovery, would it be able to sneak in?
Click to expand...
Click to collapse
No, because it first checks the size (or whether it's a valid image at all) and if the size is correct, it checks the signature.
I found that I can put recovery all the way back to 98.15.66. I haven't tried further back due to kernel version.
I tried to then apply an update ZIP to something pre 98.30.1, and it passed validation (woohoo), but if failed an assert that checked the version in the props. (cry)
I wish there was something in the older recoveies we could exploit.
Really glad to see someone is still trying to find some sort of exploit for this device in it's updated state, it seemed like everyone had completely given up on it. My girlfriend recently grabbed a used Razr M to use for a while but it's fully updated, and I would love to be able to root it for her. I'll be following this thread to see if anything comes of this recovery downgrading
I'm pretty sure you can edit the props from what I can remember.
Sent from my XT907 using xda app-developers app
bryanwieg said:
I found that I can put recovery all the way back to 98.15.66. I haven't tried further back due to kernel version.
I tried to then apply an update ZIP to something pre 98.30.1, and it passed validation (woohoo), but if failed an assert that checked the version in the props. (cry)
I wish there was something in the older recoveies we could exploit.
Click to expand...
Click to collapse
You can use root eplorer free to extract the single img from the 404 or 411 xml.zips
---------- Post added at 10:44 AM ---------- Previous post was at 10:39 AM ----------
Here http://sbf.droid-developers.org/phone.php?device=8
---------- Post added at 10:48 AM ---------- Previous post was at 10:44 AM ----------
The razr hd (2), atrix hd, photon Q all use a recovery w/ same key. Git to work man!
Re:
So, it is RSD that is keeping it from flashing, would the bootloader(locked) boot a recovery partition that isn't signed? Has anybody tried to dd the recovery partition? I will grab a TWRP dd recovery image if you guys have an interest in trying that.
It would still require root and either a terminal emulator or adb shell.
815turbo said:
So, it is RSD that is keeping it from flashing, would the bootloader(locked) boot a recovery partition that isn't signed? Has anybody tried to dd the recovery partition? I will grab a TWRP dd recovery image if you guys have an interest in trying that.
It would still require root and either a terminal emulator or adb shell.
Click to expand...
Click to collapse
Am I alone here now?
Does anyone with a locked boot loader want to try this? I could create a windows shell script to make it easier if that's the worry.
I am willing to try it out. Win 7 64bit... pass me needed staf to flash it
Sent from my XT907 using xda app-developers app
please do
815turbo said:
Am I alone here now?
Does anyone with a locked boot loader want to try this? I could create a windows shell script to make it easier if that's the worry.
Click to expand...
Click to collapse
sure do, i'm on win8, but also had win xp, how can i do it? what to download, what to execute? i can adb shell i think. i've survived from bricked before the screen said "flash failure".
benya274 said:
sure do, i'm on win8, but also had win xp, how can i do it? what to download, what to execute? i can adb shell i think. i've survived from bricked before the screen said "flash failure".
Click to expand...
Click to collapse
I'll post it in just a few minutes. I will also post the required commands and we'll be backing up current recovery. If it fails, it should be no problem to restore your backed up recovery.
Download TWRP image on your phone from: titanroms.com/upload/rec.img
Please get to an adb prompt and run these commands:
su
cd /sdcard
dd if=/dev/block/platform/msm_sdcc.1/by-name/recovery of=/sdcard/recbak1.img
dd if=/dev/block/platform/msm_sdcc.1/by-name/recovery of=/sdcard/recbak2.img
Please ensure that both copies are 10MB. The dd command should end by saying "10485760 Bytes Copied" on all of the "dd" commands.
Now, you should have two backups of the recovery partition and the TWRP Image you downloaded from here all on your sdcard.
You can follow with these commands AFTER your backup has completed.
cp /sdcard/Download/rec.img /sdcard/rec.img
dd if=/sdcard/rec.img of=/dev/block/platform/msm_sdcc.1/by-name/recovery
dd if=/dev/block/platform/msm_sdcc.1/by-name/recovery of=twrprecbak.img
mount -o remount,rw /system
mv /system/etc/install-recovery.sh /system/etc/install-recovery.bak
mv /system/recovery-from-boot.p /system/recovery-from-boot.bak
reboot recovery
In the event of a failed attempt at this you can run the following from adb:
su
cd /sdcard/
dd if=/sdcard/recbak1.img of=/dev/block/platform/msm_sdcc.1/by-name/recovery
Give me a holler if you don't understand this well. Good luck, guys.
I am gonna try it out tomorrow,i dont have time to do it tonight cause i need to go to work. My pc on work does not have internet connection I will keep u guys posted on any progress.
Sent from my XT907 using xda app-developers app
Just wanted to say I flashed the old ICS recovery to mine using fastboot commands but it didn't get me very far though.if I then try and flash the corresponding blur zip from recovery it just says invalid signature. Was trying to find a way to downgrade so I could get rooted..
Sent from my XT907 using Tapatalk
I'm planning to root my G4 (LGH815 Germany) running v10b-EUR-xx. Before I'm attempting to root I took a backup using the following command:
dd if=/dev/block/mmcblk0 bs=8192 skip=55296 count=529920 of=/data/media/0/system.img
Is there any way of verifying the backup img before I proceed to root so I can be sure the backup is working in case something goes wrong during rooting?
There seems to be a difference between the size of my backup and the rooted image:
My backup: 4,341,104,640
Rooted img: 4,749,520,896
Why is there such a big difference?
b3n_ said:
I'm planning to root my G4 (LGH815 Germany) running v10b-EUR-xx. Before I'm attempting to root I took a backup using the following command:
dd if=/dev/block/mmcblk0 bs=8192 skip=55296 count=529920 of=/data/media/0/system.img
Is there any way of verifying the backup img before I proceed to root so I can be sure the backup is working in case something goes wrong during rooting?
There seems to be a difference between the size of my backup and the rooted image:
My backup: 4,341,104,640
Rooted img: 4,749,520,896
Why is there such a big difference?
Click to expand...
Click to collapse
The skip argument to dd tells it to skip reading 55296 blocks. Each block is 8192 bytes which means 55296*8192 bytes are being skipped, that brings it to total of 452,984,832 bytes, which is exactly the difference you have.
As for the reliability of your backup I suggest at least mounting it to see if structure is valid and files are there.
Sent from my LG-H815 using Tapatalk
Definately try mounting it. Search for "mount android image in windows" if you are using windows, or just mount it in Linux.
kuku2004 said:
The skip argument to dd tells it to skip reading 55296 blocks. Each block is 8192 bytes which means 55296*8192 bytes are being skipped, that brings it to total of 452,984,832 bytes, which is exactly the difference you have.
As for the reliability of your backup I suggest at least mounting it to see if structure is valid and files are there.
Sent from my LG-H815 using Tapatalk
Click to expand...
Click to collapse
In this case should I re-create my backup but put a skip count of 0 in to get a full image of the current system partition? Sounds like it would make more sense to have a full image rather than just a partial?
b3n_ said:
In this case should I re-create my backup but put a skip count of 0 in to get a full image of the current system partition? Sounds like it would make more sense to have a full image rather than just a partial?
Click to expand...
Click to collapse
Really don't know but I guess there's a reason for that skip, maybe the start is something fixed (zeroed?) so it would be a waste of space reading it.
Sent from my LG-H815 using Tapatalk
kuku2004 said:
Really don't know but I guess there's a reason for that skip, maybe the start is something fixed (zeroed?) so it would be a waste of space reading it.
Sent from my LG-H815 using Tapatalk
Click to expand...
Click to collapse
Why would it be included in their image then? Maybe @autoprime could comment on this?
Sorry for the OT question, but how do I create a system.img backup without root?
creaky said:
Sorry for the OT question, but how do I create a system.img backup without root?
Click to expand...
Click to collapse
Look at the rooting thread you need to use the send_command tool and the basically revert the dd command.
b3n_ said:
Look at the rooting thread you need to use the send_command tool and the basically revert the dd command.
Click to expand...
Click to collapse
Thanks. I'll start sifting through.
So I was able to mount my image in Ubuntu and I can see all the folders/files in there. In case I have to restore, do I have to use seek=0 and I used the recommended skip when I created the image?