Related
(Avis aux intéressés, j'ai traduit mon message en français, et reparti une discussion sur Frandroid.)
Hello,
I managed to map the partitions on the Gio 5660M (Bell Canada, 2.3.4, MUGK3) in order to extract an ODIN flashable complete stock backup.
I have also made a stock, rooted ROM backup by working in a hex editor. Other tools that helped the mapping were Winmerge, to do file comparisons with an Euro 5660 ROM, and Notepad++ for string searches.
Those with a 5660M that are experiencing issues after flashing Euro 5660 ROMs that have been posted here now have the possibility of flashing back their original radio and kernel.
ROM development and deployment is going to be safer going forward.
I copied the blocks with the dd command as follows:
dd if=/dev/block/bml1 of=/sdcard/bml1 bs=4096
WARNING!!! DO NOT dd /dev/block/stl5 as there have been multiple reports of bricking following reading it. We already know that this block contains the EFS partition, including the SIM-lock code. You can however dd bml5 without issue from a "live" phone. If you absolutely want stl5, you may get it by using a rooted custom recovery.
From what I've gathered bml is essentially a lower level interface to the same blocks accessed by stl, but the results differ somewhat in resulting file size.
Here are the results:
Code:
/dev/block/bml1 MIBIB
/dev/block/bml2 QCSBL
/dev/block/bml3 OEMSBL
/dev/block/bml4 AMSS
/dev/block/bml6 Essentially empty, with a FSR_STL string at the beginning.
/dev/block/bml7 arm11boot
/dev/block/bml8 boot.img. My initial assumption was based on the .ops file supplied with the Euro ROM I've done my comparisons with. This has since been confirmed with actual flashing.
/dev/block/bml9 recovery.img for the same reasons as above.
/dev/block/bml10 Essentially empty. Mine has a BMC string at the beginning which matches the CSC code on this phone, followed by an ON and an OFF.
/dev/block/bml11 Empty. \xFF all around.
/dev/block/bml12 Seems to contain the same RFS data as stl12, but with an additional 8 megs of data/padding, not readable by MagicISO.
/dev/block/bml13 Like 12 above, but user data
/dev/block/bml14 As above, but the almost empty partition
/dev/block/stl1 cannot open for read
/dev/block/stl2 cannot open for read
/dev/block/stl3 cannot open for read
/dev/block/stl4 cannot open for read
/dev/block/stl6 Empty: contains only \xFF
/dev/block/stl7 cannot open for read
/dev/block/stl8 cannot open for read
/dev/block/stl9 cannot open for read
/dev/block/stl10 cannot open for read
/dev/block/stl11 cannot open for read
/dev/block/stl12 system.rfs - is flashable as-is once tarballed. Also contains the CSC files as we're taking this from a "live" installation, contrary to an OEM provided image. (My image is also rooted for the same reason.)
/dev/block/stl13 data.rfs - User data partition
/dev/block/stl14 cache.rfs - Odin hangs when I try to flash it. Use CWM and dd back into place from the SD card.
From what I see we can't repartition our phones like the GT-I9000 guys do, so there are no PIT files to worry about. Only the OPS files which ODIN uses. We're not able to flash with Heimdall in its current configuration as it requires a PIT file.
GT-S5660M_MUGKG3_stock_rooted_ROM_v2.7z (101.46 MB)
Un7-Zip, flash tarball with Odin using the "One Package" option. Tested working on my phone. I think it goes without saying that flashing this is at your own risk.
(PDA: S5660MUGKG3 PHONE: S5660MUGKG3 CSC: S5660MBMCKG3)
Tutorial on flashing with Odin, with link for the appropriate version for our phone.
I've released my custom 5660M ROM, ArpegGioMod.
Goodbye,
Darkshado
Wow,
Thank you very much. The screen brightness issues and problems connecting to the mobile 3G network were very troublesome.
I will be flashing this ROM back to my s5660m.
THANK YOU!
STATUS UPDATE:
I have successfully flashed the image to my phone, i had to rename factory.rfs to system.rfs in order for ODIN to flash successfully. Also, it may not be important but I noticed that your image is missing the csc.rfs file.
I copied it from another ROM but it still didn't take it.
Even with the CSC.RFS file missing, it SEEMS to work GREAT! No more screen issues or 3G problems so far, I will keep you updated!
Again, thank you for uploading this, Hopefully soon there will be a CM7 for the s5660m!
Cool! Please, pretty please let me know as soon as possible how it turns out. When do you plan on trying this? This afternoon or later tonight?
Depending on how much you feel at ease with experimenting, you might be able to make a modified OPS file and new tar archive to flash only AMSS and boot.img to your system. Boot in recovery to wipe cache and dalvik-cache, then reboot the phone in normal mode. *If* things go according to plan you'd be left with a custom ROM'ed and functional phone. Otherwise just flash the whole thing back to stock.
Good luck,
Darkshado
Coolty said:
STATUS UPDATE:
I have successfully flashed the image to my phone, i had to rename factory.rfs to system.rfs in order for ODIN to flash successfully. Also, it may not be important but I noticed that your image is missing the csc.rfs file.
I copied it from another ROM but it still didn't take it.
Even with the CSC.RFS file missing, it SEEMS to work GREAT! No more screen issues or 3G problems so far, I will keep you updated!
Again, thank you for uploading this, Hopefully soon there will be a CM7 for the s5660m!
Click to expand...
Click to collapse
Great! You just made my day!
About the missing CSC file: CSC is an acronym for Carrier/Country Specific Code. The csc.rfs file is a partition image file that, as far as I can tell, is merged with the contents of the system.rfs partition. In our case, the CSC file would contain the APN settings, as well as the Bell proprietary apps like self-serve and remote PVR.
Instead, since I took the system partition from a live phone, the CSC content is already in the system.rfs partition. I think the idea behind this is that Samsung can release new CSC packages without having to update the whole firmware when "new" carriers add the phone to their lineup.
I'll see if I can edit the RFS partitions, (maybe by mounting them on the phone directly?) if so, I would be able to unroot, and make that separate CSC partition as well. That would make the backup completely stock, as if it came right from Samsung.
Another, simpler solution would be to modify the OPS file to skip the CSC partition.
One question: did you re-tar each file individually for ODIN to take them?
CM7 port: I'd love to have one on that phone as well, but I'm not in a position to tackle that project, yet. The good news is that since we now have a way to bring the phone back to stock, we can experiment safely.
Goodbye,
Darkshado
Depending on how much you feel at ease with experimenting, you might be able to make a modified OPS file and new tar archive to flash only AMSS and boot.img to your system. Boot in recovery to wipe cache and dalvik-cache, then reboot the phone in normal mode. *If* things go according to plan you'd be left with a custom ROM'ed and functional phone. Otherwise just flash the whole thing back to stock.
Click to expand...
Click to collapse
I will try this as well, will let you know the status of that as soon as I get to that. I am pretty confident with flashing phones by now
One question: did you re-tar each file individually for ODIN to take them?
Click to expand...
Click to collapse
No, I use linux so it was an easy process of copying the factory.rfs to my HDD, renaming it to system.rfs, deleting factory.rfs from TAR, and then adding system.rfs to the TAR file.
Let me know if you want me to try anything else, as I have access to linux and am pretty knowledgeable when it comes to things of that nature.
I can confirm that replacing amss and boot.img for 5660m from custom firmware meant for the 5660 works perfectly. I am using this tar: GioPro-1_2-LITE-by_ZimniY-S5660XXKQ6_S5660XXKQ5_S5660SEBKQ1.tar AND the GioPro 1.3 update zip. No screen issues or 3G problems. If you like I can upload the edited ROM for ODIN.
Step by Step guide for Noobs?
Hello,
My Samsung Gio S5660M is on an infinite loop.
Will this method fix the issue?
Can someone kindly give a step-by-step guide to this method (starting from what software/driver needed)?
Thanks a lot.
red02 said:
Hello,
My Samsung Gio S5660M is on an infinite loop.
Will this method fix the issue?
Can someone kindly give a step-by-step guide to this method (starting from what software/driver needed)?
Thanks a lot.
Click to expand...
Click to collapse
Why is your phone stuck in an infinite loop? What did you do to cause this?
did you somehow overwrote stl5(the efs partition afaik) while trying to unlock your phone?
Coolty said:
I can confirm that replacing amss and boot.img for 5660m from custom firmware meant for the 5660 works perfectly. I am using this tar: GioPro-1_2-LITE-by_ZimniY-S5660XXKQ6_S5660XXKQ5_S5660SEBKQ1.tar AND the GioPro 1.3 update zip. No screen issues or 3G problems. If you like I can upload the edited ROM for ODIN.
Click to expand...
Click to collapse
if you could post it, that would be much appreciated!!
steez003 said:
if you could post it, that would be much appreciated!!
Click to expand...
Click to collapse
I am currently in the process of uploading the edited TAR file to megaupload. The file is rather large so it may take another hour or so to complete. I will update this post when it is completed.
EDIT:
Here you go! GioPro 1.2 LITE edited for use with the Samsung Galaxy s5660m
Gio Pro 1.2 LITE updated for canadian s5660m by coolty
Coolty said:
Why is your phone stuck in an infinite loop? What did you do to cause this?
did you somehow overwrote stl5(the efs partition afaik) while trying to unlock your phone?
Click to expand...
Click to collapse
Hello Coolty,
Yes, that's exactly what happened. I tried to unlock it using Andorid Terminal Emulator, and although it gave me the unlock code, it fell into infinite loop upon restart.
Will your uploaded file fix this problem?
What would possibly provide a detailed guide on how to use the file?
Thanks.
red02 said:
Hello Coolty,
Yes, that's exactly what happened. I tried to unlock it using Andorid Terminal Emulator, and although it gave me the unlock code, it fell into infinite loop upon restart.
Will your uploaded file fix this problem?
What would possibly provide a detailed guide on how to use the file?
Thanks.
Click to expand...
Click to collapse
Hi,
I'm not one for explaining things in great detail, but the basic breakdown of the things you need (google is your friend) are:
1) Odin_Multi_Downloader_v4.42
2) The USB drivers for your phone (Hint: Samsung Kies)
3) OPS File (for this phone, I recommend GIO_v1.0.OPS)
4) Either a single TAR file or multiple files (eg, appboot, PDA, etc) For the file I am uploading it will be a single TAR file which is a package that includes all the things needed.
Then, you just remove the battery in your phone, unplug it from USB or wall charger, put battery back in, hold vol down + HOME + power until you see a screen (you may have to press a vol key after that, read the screen to see if you need to) Your screen on the phone should say DOWNLOADING... This is when you:
1) connect phone to computer via USB after installing drivers (kies, usb driver)
2) make sure kies is closed
3) run ODIN
4) choose the proper OPS file
5) click single package
6) choose the TAR file you want to flash to your phone
That's it!
EDIT:
I am providing some forum links that may better explain how to do what you need done:
How to unbrick (for samsung ACE, but applies to the 5660m) http://forum.xda-developers.com/showthread.php?t=1071970
How to use ODIN to flash your phone: http://forum.xda-developers.com/showpost.php?p=16979859&postcount=549
And of course, the great bible of GIO 5660 links and information: http://forum.xda-developers.com/showthread.php?t=1209425
I have updated my previous post to include the download link to the fixed rom for use with the s5660m.
(search for "s5660m by coolty" on the forums to find it)
Coolty said:
I am currently in the process of uploading the edited TAR file to megaupload. The file is rather large so it may take another hour or so to complete. I will update this post when it is completed.
EDIT:
Here you go! GioPro 1.2 LITE edited for use with the Samsung Galaxy s5660m
Gio Pro 1.2 LITE updated for canadian s5660m by coolty
Click to expand...
Click to collapse
Thanks! I ended up flashing my phone and I have run into a problem. For some reason Wifi won't work in GioPro. It says 'Turning on...' and then it will say 'Error'. Any ideas?
Thanks
Will this help at at all with a blank IMEI? I assume this would only help for people flashing back to stock firmware or recovering from a non-bootable or reboot loop phone?
steez003 said:
Thanks! I ended up flashing my phone and I have run into a problem. For some reason Wifi won't work in GioPro. It says 'Turning on...' and then it will say 'Error'. Any ideas?
Thanks
Click to expand...
Click to collapse
I'm also running into the same issue
Sent from my Nexus S using XDA App
Thats why i recommend you guys always do a factory reset before and after flashing , these glitches , like gps issue , wifi , stuck on boot logo , won't happen if you properly fectory reset before and after flashing....
Waqasshazad: Maybe wiping the caches will help, but the issues might be due to running a 5660 on a 5660M as well. We know the kernels and modems aren't compatible, it may go a bit further. By the way, it's spelled factory.
MacrossFX: I've seen mentions of people dd'ing their stl5 partition into a file and then back on the phone, but I'm unsure this worked in the end. I'm afraid your only solution might involve a shipment to the service center...
ClockworkMod Recovery for the Samsung Galaxy Gio GT-S5660
http://forum.xda-developers.com/showpost.php?p=16980117&postcount=559
May be this can backup for you , too with s5660m , i have tested on Gt s5660 and it worked perfectly fine..
waqasshahzad1986 said:
Thats why i recommend you guys always do a factory reset before and after flashing , these glitches , like gps issue , wifi , stuck on boot logo , won't happen if you properly fectory reset before and after flashing....
Click to expand...
Click to collapse
I followed your instructional video and did do a factory reset before and after. Maybe i'll try reflashing it again tonight and see what happens.
Hello all and a good day.
Device: Samsung Galaxy Note 8.0 GT-N5100 (3G) - XME (Malaysia)
What I did: Nothing unusual! Device mainly used for text reading and some writing. After updated to Android 4.2.2 (PDA: N5100XXCMI1, CSC: N5100OLBCMH2, MODEM: N5100XXCMI1) via ODIN, the symptom # 1 appeared. The firmware for Malaysia was downloaded from the sammobile.com.
Same time I came to know the importance of /efs backup, so rooted (1st time) the device, backed-up /efs via EFS Pro, used Triangle Away, unroot, and flashed the stock. Since the symptom # 1 continued, I did a factory reset, and then all other symptoms appeared.
Symptoms:
1) Tablet doesn’t vibrate.
2) Kies is unable to detect the tablet.
3) SIM Cards are not detected. A prohibition sign is shown at the cell signal (left to the battery indicator) (see image 1).
4) In “Settings > About device”, and in “Settings > About device > Status”, many fields are stated as “Unknown”, e.g.:
Baseband and IMEI (see image 1 and image 2). Incorrect Serial number (/efs has the correct one as in the back cover).
5) Camera view is upside down.
6) Proximity sensor doesn’t work. In the *#0*# Test mode, Proximity value is 1.0. If exit and check again value becomes 0.0.
7) Regardless of Flight mode or not Cell standby drains the battery a lot. Once activated, Flight mode turns grey (see image 3).
8) [SOLVED, see 5th post] Several times (not always), a white screen appeared at the boot screen (model name), and also when plugged to power source while the tablet switched off. I guess something to do with param partition.
9) [SOLVED, see 5th post] "No command" error message in the stock recovery (3e).
9) “Modem boot timeout” and “Couldn't find 'rild' socket” errors in logcat -b radio.
10) When tried to use the tablet as a modem from Windows 7, it gives an Error 692, and the diagnostics states, “Timed out waiting for response from modem”.
Solutions tried (no success): As many, I too tried various /efs based solutions mentioned in XDA, and flashed all the five firmwares available for the device, but the problem stays same. I tried to solve this without troubling others much, but now I am lost.
Help needed: Is this problem can be fixed by me with some guidance, which would be great since to claim warranty the tablet need to be send to another country. Or is it a hardware problem, therefore I should send it straight to Samsung service without wasting more time?
Attached files, if they help:
1) Outputs of the following commands
logcat -b radio
logcat *:E
dmesg
ls -la /efs
ls -la
mount
cbd -t xmm626x -o t
2)
- recovery log from - CivZ_rev1.1-PhilZ 5.1.1 (touch)
- build.prop file
Thank you for reading. Greatly appreciate any help and guidance. Sorry, if I violate any XDA rules in this post. Kind regards!
New Problem: "There is no PIT partition."
Last night managed to fix a part of the problem (customer.xml error in logcat) in the above post thanks to the guidance from civato. In an attempt to fix other problems, last night I had mistakenly executed the following cmd in ADB while in recovery.
Code:
dd if=/data/media/0/efs.img of=/dev/block/[B]mmcblk0[/B]
The correct one should have used is mmcblk0p3 (/efs partition in Note 8.0). At least I managed to do some damage, otherwise all the credit goes to Samsung.
Now I can go to download mode only. A white screen flashes if try recovery mode or normal boot or even connect to a power source to recharge. Since charging or not also unsure (before this happened battery was 100%), I have a limited time to use the device to get it to work properly. Other problem is, if fail, can’t claim warranty as there’s no way to use the Triangle Away in this situation.
Now when try to flash via ODIN:
1) normal way - it failed stating, "There is no PIT partition." (see image 1).
2) with kona3g.pit I have - it failed stating, "Re-partition operation failed." (see image 2).
Even when the device was working properly, 2nd option never worked for me.
My kona3g.pit read well by PIT Magic 1.3.10.
Can anyone provide me a working .pit for Note 8 GT-N5100. Thinking of trying Heimdall Suite 1.4.0 tonight, but need some reading as I never used it and limited battery time for flashing.
Any advice to recover my device is highly welcome.
King regards.
Here you go, unzip it and in Odin select repartition and then Odin a new stock rom. (PDA)
Or look here for the 5110 pit file it should alos work on the 5100 as the modem partition is also created.
reinstall your csc also after rom onstallation
PS try the included Odin
Working kona3g.pit for GT-N5100
civato said:
Here you go, unzip it and in Odin select repartition and then Odin a new stock rom. (PDA)
Or look here for the 5110 pit file it should alos work on the 5100 as the modem partition is also created.
reinstall your csc also after rom onstallation
PS try the included Odin
Click to expand...
Click to collapse
Brilliant and thank you! The Odin3_v3.07.exe you provided missing an Odin3.ini (see image). I used an Odin3.ini (see attached files) that I have (for the same version) together with your Odin3_v3.07.exe and kona3g.pit, and the flashing went perfectly without any errors. So your kona3g.pit is a genuine working one. Thank you
I’ll continue further tonight and post here. My friend share his laptop with me, therefore I have limited time.
EDIT: When looked from the PIT Magic 1.3.10, the GT-N5110.pit is same as the GT-N5100 one (kona3g.pit). But when looked from the HxD - Hexeditor 1.7.7.0, the signatures at the end of the files are different, so it might not work on the sister device. Also, your GT-N5110.pit has trailing zeros after the signature, somewhere I read that these zeros must be deleted from a hexeditor for it to work.
Kind regards!
Image:
Solutions for symptoms 8 & 9
Solution for symptom 8:
Googled for a param.bin for Note 8.0, but only found one for Galaxy S3. Anyway, being fed up with the white screen, I copied S3 param.bin to the mmcblk0p4 partition of Note 8.0, surprise it worked. But the boot screen became S3 . Later among my backups, I found a param backup of mmcblk0p4 that I took via EFS Pro. Unfortunately couldn't restore it via EFS Pro as I had renamed the tar.gz to keep things tidy. So I extracted it to get a file called param. Since this param didn't work after copying, I compared it in the hex editor with the working S3 param, and noticed EFS Pro add some data to the beginning of the file. I removed this begining data and also the trailing zeros, and renamed it to param.bin (to go along with the name in kona3g.pit, perhaps not necessary). Finally, copied it by "dd if=/sdcard/param.bin of=/dev/block/mmcblk0p4" command, after couple of reboots white screen disappeared.
Solution for symptom 9:
Difficult to say this is a solution but it disappeared after this. In order to send for warranty claim, I restored the device to clean stock. First used Triangle Away to reset the counter. Booted and fully unroot via SuperSU. Then flashed the stock rom with the pit file, and without restart option. Shut down the device and boot into the recovery to do a full wipe, and the "No command" error wasn't there.
I must say, since my modem not working, capslock66's Android Reverse Tethering 3.15 saved my day to download the required Triangle Away add-on via laptop's broadband connection.
Since all other symptoms couldn't be solved my me after much effort, I sent the tablet for Samsung service.
Hi there !
I just registered to this huge forum full of ressources and so many stuffs to dig in.. I own a Z1 Compact I bought last week and got into mods etc.. This is my first Android device and therefore got into it for the first time.. and what a world.. so many things over here..
As a developper, I'm getting interested in this environment so I first tried to gain access to this unix-based system called Android in order to see how this works..
Here my first steps: I needed to be root on this device..okay.. through tutos I read, I needed to unlock bootloader then I needed to install a new boot called ClockWorkMod (I believe this is a boot, according fastboot argument I supplied..) to allow me running the SuperUser script to be root. Afterwards, I backed up my TA partition..
Okay, these steps were done pretty out of the box, without Android knowledge so far.. Now, I'm about to install busybox for tools I'm used to use on every linux platforms.. but I really lack Android knowledge about Android partitioning system (I came across TA partition, /boot, /data what else ??), content, permissions management.. in few words, Android philosophophy So guys, do you know good web ressources around my questionings so that I can start properly and the right way
I'd really like to contribute in a humbly manner, I've already developped upon ARM platforms with realtime OS and many stuffs around linux kernel, so if you guys had any suggestions for low-level dev and Android in-depth ressources etc.. I'd be grateful
Thanks a lot.
PaowZ said:
Hi there !
I just registered to this huge forum full of ressources and so many stuffs to dig in.. I own a Z1 Compact I bought last week and got into mods etc.. This is my first Android device and therefore got into it for the first time.. and what a world.. so many things over here..
As a developper, I'm getting interested in this environment so I first tried to gain access to this unix-based system called Android in order to see how this works..
Here my first steps: I needed to be root on this device..okay.. through tutos I read, I needed to unlock bootloader then I needed to install a new boot called ClockWorkMod (I believe this is a boot, according fastboot argument I supplied..) to allow me running the SuperUser script to be root. Afterwards, I backed up my TA partition..
Okay, these steps were done pretty out of the box, without Android knowledge so far.. Now, I'm about to install busybox for tools I'm used to use on every linux platforms.. but I really lack Android knowledge about Android partitioning system (I came across TA partition, /boot, /data what else ??), content, permissions management.. in few words, Android philosophophy So guys, do you know good web ressources around my questionings so that I can start properly and the right way
I'd really like to contribute in a humbly manner, I've already developped upon ARM platforms with realtime OS and many stuffs around linux kernel, so if you guys had any suggestions for low-level dev and Android in-depth ressources etc.. I'd be grateful
Thanks a lot.
Click to expand...
Click to collapse
Welcome in the exciting world of Android! I am by no means a programmer, but I have been here for a while and will just explain a few things I think are helpful. If it's stuff you already know, feel free to ignore it.
Important things first: I hope you have made a Backup of your TA-Partition before unlocking the bootloader. Unlocking the bootloader modifies the TA- partition. It is not possible to undo it if you d not have a backup. Flashing someone else's TA will brick your device!
If I am not mistaken, the TA is mainly used to verify that the phone is in original condition e.g. not modified.
Unlocking the Bootloader (BL) removes Sony's DRM-Keys from the partition, because unlocking enables you to get root access and copy all the protected stuff anyways. The result is that you loose access to some of sony's services and the use of XReality engine.
Unlocking the BL breaks the Sony Update Service, but if you unlocked with Flashtool, you will be able to relock easily. Do only relock while on a stock kernel, else the phone won't boot because it detects modified firmware.
AFAIK root is a function of the kernel, as is ClockWorkMod Recovery (CWM). they come included in, for example, DooMKernel.
Superuser and SuperSU are apps that allow you to manage root acces, giving it to the apps that need it, and stopping bad apps from getting it.
Recovery and fastboot *for me* something like a secondary boot partition. I don't know if that's technically correct, but even if the system is unbootable, you can boot into CWM and work from there.
TWRP (TeamWin Recovery Project) is another custom recovery that allows you to do interesting things.
Do not mess with the BL and TA more than necessary. A broken TA, aswell as a messed-up BL, can prevent you from booting. As long as the BL is functional and you can get into Flashmode or fastboot mode, the phone can be saved.
If/when you have root, use Terminal Emulator from Google play to find partitions.
for more tecnical aspects, go over to the "Original Android Development" forum for the Z1C. Be aware that you need a minimum uf 10 posts to be able to post there. They are a little picky about the quality of your posts.
LINKS
http://forum.xda-developers.com/wiki/Android
https://developer.android.com/index.html
https://source.android.com/
http://en.wikipedia.org/wiki/Android_(operating_system)
http://www.google.com :angel:
Hi Coirpre !!
Thanks a lot for the tips
Important things first: I hope you have made a Backup of your TA-Partition before unlocking the bootloader. Unlocking the bootloader modifies the TA- partition. It is not possible to undo it if you d not have a backup. Flashing someone else's TA will brick your device!
Click to expand...
Click to collapse
Unlocking the Bootloader (BL) removes Sony's DRM-Keys from the partition, because unlocking enables you to get root access and copy all the protected stuff anyways. The result is that you loose access to some of sony's services and the use of XReality engine.
Click to expand...
Click to collapse
Well, this step is pretty confusing, since *they* indeed advise you to proceed to TA backup before any BL unlocking but before running the script that saves your TA, you need to be root.. and thus, to load CWM and guess what ? Need to unlock BL to install CWM.. Unless I missed something, it looks a bit weird..
Anyway, I unlocked through the use of FlashTool utility and apparently it hadn't compromised XReality nor TrackID either.. (I read somewhere TrackID app won't start if your DRM are broken.. true ??)
Do not mess with the BL and TA more than necessary. A broken TA, aswell as a messed-up BL, can prevent you from booting. As long as the BL is functional and you can get into Flashmode or fastboot mode, the phone can be saved.
Click to expand...
Click to collapse
This is one of my first questioning.. Usually, if you consider a mainstream PC, you have a piece of code we formerly called a BIOS before EFI system, this BIOS launchs a bootloader (GRUB/LILO whatever.. for linux or NTLDR for Win) and even if you wipe this bootloader, you can always rewrite a fresh one and the BIOS will then start it and the OS to start as well.. You just need to boot upon another medium to restore/install a bootloader, the BIOS is not altered.
But in this device, it appears one can hard-break the unit, solely by messing with BL/TA partitions.. like if there wasn't any BIOS equivalent.. When you say As long as the BL is functional [..] you can get into Flashmode/Fastboot mode I wonder how that piece of code responsible of this feature is not hard-coded in a ROM.. Powering up this device while gently pushing a hardware button is usually processed by a hard-coded system - the BIOS. Just like when you hold pressed the Power button of your running PC, this is the BIOS which interprets this command as a "Shut down right now !!" this is not the role of a bootloader.. I have to know more about Sony system
Thanks for the links, btw
There is a way to root and install CWM without unlocking the bootloader.
BTW Root is allowing us to modify /system and unlocking to change kernel.
/system partition is same as C:/WINDOWS on PC.
Only, on android this is prohibited. And you gain access by rooting it.
So, if you want to root you insert a few apps and scripts to /system. Since it's prohibited developers find exploits to insert those files to /system by various tricks.
That's how you are rooted without unlocking the bootloader. And that's how you can backup your TA before unlocking the bootloader.
And, yeah, CWM can be inserted to /system as well as in kernel. But it's better to be in kernel since it won't be easily wiped out when you screw up something.
Basically, what you did is unlock the bootloader (lost DRM?) > insert CWM to kernel > Use CWM to root.
But don't worry, one couldn't care less about DRM. You don't need that for anything. And I heard Sony fixed removing DRM issues by unlocking the bootloader on latest firmwares but I'm not sure.
And about BIOS, yeah...I was wondering about that as well. But for sure if you mess up with boot.img that you flashed phone won't be able to recover / must go to the service. That's a good question why. Anyone could tell me more about that?
PaowZ said:
Well, this step is pretty confusing, since *they* indeed advise you to proceed to TA backup before any BL unlocking but before running the script that saves your TA, you need to be root.. and thus, to load CWM and guess what ? Need to unlock BL to install CWM.. Unless I missed something, it looks a bit weird..
[...]
I have to know more about Sony system
Click to expand...
Click to collapse
As option58 said, you can root using exploits. Unlocking is the official way provided by sony. However, there are always some hacks which can get you root without unlocking. That way you can back up TA without unlocking. On this device it is quite a hassle and involves flashing japanese and english firmwares...
Some of it is Sony, mainly the TA stuff they integrated for security and modification-checking. The boot process however is probably more or less the same on all android devices.
Option58 said:
And about BIOS, yeah...I was wondering about that as well. But for sure if you mess up with boot.img that you flashed phone won't be able to recover / must go to the service. That's a good question why. Anyone could tell me more about that?
Click to expand...
Click to collapse
I agree that there must be something hardcoded that runs after the power button is pressed, but it probably is not enough. Notice that the device must be acessible (R/W) to restore a messed up BL, which is probably only the case after boot is completed. So:
Buttonpress --> BIOS --> BL (Whichever mode) --> partitions acessible. So If you can not get past the BL, you can not access the memory and thus not fix the BL.
But I am just speculating, so either we get some knowledgeable people in here, or someone has to read it up/google it.
[EDIT:] Oh, and by the way, PaowZ, can you change the topic to something more descriptive, "technical questions about boot process and partition handling" or something? maybe that will attract knowledgeable people...
Buttonpress --> BIOS --> BL (Whichever mode) --> partitions acessible. So If you can not get past the BL, you can not access the memory and thus not fix the BL.
Click to expand...
Click to collapse
I'm almost sure there must be a way to access to raw flash r/o through addressing.. at least from some pin-outs on the motherboard of the Z1C..
I don't know S1 flashing protocol, maybe there is a way to force writes at a specific address, provided we could know start addresses of each partition..
This is actually what I do when I have to deal with ARM devices through a rs232 port.. I can flash wherever I want and too bad if I make a typo in the address. The device just won't load up anything, but it won't hard-brick anything..
PaowZ said:
I'm almost sure there must be a way to access to raw flash r/o through addressing.. at least from some pin-outs on the motherboard of the Z1C..
I don't know S1 flashing protocol, maybe there is a way to force writes at a specific address, provided we could know start addresses of each partition..
This is actually what I do when I have to deal with ARM devices through a rs232 port.. I can flash wherever I want and too bad if I make a typo in the address. The device just won't load up anything, but it won't hard-brick anything..
Click to expand...
Click to collapse
well, this thread might interest you...
and I found this by chance, you were interested in the partitions:
Android-supported hardware shares some common features due to the nature of the operating system. The Android OS is organized into the following images:
Bootloader - Initiates loading of the boot image during startup
Boot image - Kernel and RAMdisk
System image - Android operating system platform and apps
Data image - User data saved across power cycles
Recovery image - Files used for rebuilding or updating the system
Radio image - Files of the radio stack
Click to expand...
Click to collapse
However: this topic is far beyond my knowledge, at the moment I have just started learning Java to start tinkering with Android on app-level. You will have to find out by yourself. However, I am VERY interested in what you find, because these thingsa are always good to know. There are a lot people from the forums which could help you. Just go read a bit in the "Original Android Development" subforum to find the good people
In the Google's YouTube channel there are quite many deep dive videos for multiple aspects of the Android system.
Use the search Luke ?
As far as I read this thread it is too late to make TA backup.
My tail of woe. From what I have read there is nothing that can be done but I thought I would ask anyhow.
I was overseas with an SGH-T999L, and took it to a man in a market to be unlocked. 2 hours later it was useless. The man said it would be OK once it was back in the US, but it wasn't. Obviously he didn't keep backups.
Dialing *#06# gives me "null/null".
I cannot turn on wifi (I slie the switch and it slides right back) but can turn on bluetooth, gps and nfc.
Baseband version is "Unknown"
Build number is JSS15J.T999LUVUBNC1
It appears that he used vRoot to get root.
According to the "odin screen"
CUSTOM BINARY DOWNLOAD: No
CURENT BINARY: Samsung Official
SYSTEM: STATUS: Custom
QUALCOMM SECUREBOOT: ENABLE
Warranty Bit: 0
BOOTLOADER AP SWREV: 1
I used this article from techglobal101.wordpress.com 2013/05/02/how-to-solve-no-service-on-samsung-galaxy-s3/ following the imei already corrupt steps to generate
the text file with the imei in it. However the NV Reader/writer has problems. Firstly *#7284# only gives me a choice of "Modem" or "PDA". However *#0808# does give me more options including "RMNET + DM + MODEM". The bigger problem is that the SPC code of 000000 is not accepted, so NV reader/writer can not access anything.
Looking in the /efs filesystem (using "adb shell" and "su" and "busybox find /efs -size +1000k" ) does not find any files larger than 1MB (I believe the nv_data.bin should be at least 2MB) so no original ".nv_data" file, no "nv_data.bin" nor "nv_data.bak". There are smaller files, for example there is a file /efs/imei/mps_code.dat, 3 bytes long containing TMB. The /efs partition is 13716 blocks in size and is only 33% full (4556 blocks in use).
I can use adb to install and uninstall packages, and copy files.
Things which look interesting to me in the output of "getprop" are (with a valid sim card installed)
[DEVICE_PROVISIONED]: [1]
[gsm.operator.alpha]: []
[gsm.sim,state]: [NOT_READY]
[gsm.sim.unknownready]: [1]
So far I have not done anything else. In particular I have not tried using ODIN to download a stock image, nor have I tried removing the files which are in /efs.
I also have not tried creating a 2MB file of NUL characters called /efs/nv_data.bin in the hope that that would at least advance the solution.
I would be pleased to get any good advice on what to do next. Please assume I know my way around a unix command prompt, but this is my first venture into the world of Android.
First thing, don't mess with the efs. It's not relevant to the issue at hand and sounds to be just fine. Most of the NV Data is stored on different partitions. Don't assume its the same as on other devices like many others seem to advise.
Second, download your stock firmware (NC1)(root66 firmware is ok), flash via Odin on your computer, and factory reset (will wipe internal sd). This often fixes these problems without having to touch the NV data.
Something tells me that whoever you took it to may have tried to flash the 4.1.1 modem to use our free unlock method. If so, that will cause the exact same thing you are experiencing now.
If after that it is still not fixed, PM me and I will try to help get your imei restored. We are not allowed to post information, tools, links or further discuss that here, so if it comes to that, I can only help you via PM.
Sent from my SAMSUNG-SGH-I747 using Tapatalk
Hey, Ive been out of the scene for a long time. Lately due to OP's poor software, I've been wanting to run a custom rom. I have a Chinese LE2120 crossflashed to global and was wondering if 1) its okay to downgrade using the Global MSM tool. and 2) how I can do a complete backup of my phone. For reference, on my OP8 I lost the ability to use the fingerprint sensor after restoring my device. luckily OP fixed it for free but im not sure theyd be so kind with a chinese variant that I got on ebay. I was thinking I need to at least back up my modem and whatever partition the fingerprint sensor calibration is on. What else should I back up and how should I do it? Im not rooted currently.
You can find full firmware of all partition in your phones ssd. Go to this website https://onepluscommunityserver.com/list/Unbrick_Tools/ and select your phone model and version. Download file. After download finished unpack zip and delete all file without the ops file. You can use this tool to decrypt ops file and extract partitions from it. https://github.com/bkerler/oppo_decrypt
After you have decrypted.
In your extract folder, will you get many non partition file. You can open settings.xml and see who file is partition, on program tags.