The below is a guide to installing GSI images on the Mi 8 Pro. I specifically have experience with the PixelExperience 9.0 (Unofficial) but have had other GSI ROMs booting and working. I hope this is useful for some.
GSI (Generic System Image) ROMS can be flashed to any Project Treble enabled device. These devices have either an A/B partition layout (these allow for seamless updating as the system can boot from A or B partition) or just an A only partition layout. The Mi 8 Pro is an arm64 a only device and support project treble ROMs. You can choose from suitable ROMs listed here and here.
The instructions given below are for Android Pie (9.0). The same basic setup can be used for Android Oreo (8.0, 8.1) ROMs, but the Mi 8 Pro should be flashed with the appropriate Xiaomi base ROM first before flashing any 8 based GSI ROM
As the ROM development for the Mi 8 Pro is basically dead, I decided to buy a OnePlus 6T and sell my Mi 8 Pro. However, due to having my new OnePlus 6T stolen, and due to a lack of funds to buy a new device, I have revived my Mi 8 Pro to try to get something other than MIUI working on it. I now have The PixelExperience (Unofficial) GSI ROM running very smoothly on my Mi 8 Pro.
As the PixelExperience team has stated they will be delivering GSI images again, if there are enough of us asking, we could get better support for things like the fingerprint sensor, for a more complete experience.
Some of the below steps may be unnecessary, but are there for a complete beginner's guide to doing this and getting the right results.
Working:
WiFi
Bluetooth (with APTX)
NFC (Including Google Pay)
RIL
Mobile data (LTE / HSPDA / 3G / EDGE)
GPS
Camera (with camera built in to ROM, as well as some GCAM implementations)
Video Camera (not working on GCAM implementations tested so far - only working on Camer built in to ROM)
Flashlight
Sound / Vibrations
Face Unlock
Hotspot
Not Working:
VoLTE (I have had it working, but unable to end phone calls and problems receiving SMS messages, so reverted)
Fingerprint (There is some support. The fingerprint area of the screen lights up when trying to enrol a new fingerprint. The screen dims when a finger is placed on the sensor, and a green light us emitted from the sensor area, but it does not register the fingerprint and this is not currently working.)
Notification LED
You Tell Me
How to install
Flash the latest Fastboot Global Stable Android PIE (9.0) ROM for the Mi 8 Pro. (eg. equuleus_global_images_V10.3.4.0.PECMIXM_20190712.0000.00_9.0_global_9a181f79c1.tgz) using the Xiaomi Tool.
Update: Use the latest MIUI system. The contents of the vendor partition are important. The most compatible vendor partition as of 2019-08-19 is from equuleus_global_V10.3.5.0.PECMIXM. You can download and flash that vendor independantly, if you have already set up your GSI image.
Reboot and finish basic MIUI setup.
Reboot to recovery.
[*]Format data (Wipe - Advanced - format data - confirm by typing yes)
DO NOT FORMAT DATA. Just perform a factory reset. Formatting data can cause issues and prevent booting.
Wipe Cache - Dalvik Cache and System
Reboot recovery
Use adb to push PixelExperience GSI image (img file extracted from download) and latest version of Magisk to root of SDCard. (Empty due to formatting data).
("adb push c:\path\system.img /sdcard/" and then "adb push c:\path\Magiskv19.3.apk /sdcard/")
Flash the image to system partition by taping INSTALL and then on the "Install Image" button (to toggle between flashing zip and img files). Do not reboot yet.
Flash magisk zip in the normal way (hit the same button as in previous step to show zip files to flash. (This is necessary to avoid bootloops)
Reboot, and enjoy.
You can now set up your "PixelExperience" device with your apps and settings, including registering a face for face unlock.
To pass cts validation for the safetynet and to allow service such as Google Pay to work
In Magisk, under settings - Find “Magisk Hide” and toggle the switch on
Magisk restarts. Go to Magisk Hide from the Magisk menu and ensure that...
Google Pay
Google Play
Google Play Services
Google Service Framework
Any Banking Apps
...are checked so that they cannot see Magisk (canont see phone as rooted).
Now go to downloads and install the SafetyPatch v3 module (created by hackintosh5).
Reboot.
Open settings - go to apps and notifications - and find the above apps to clear all data.
Enjoy your rooted safetynet compliant, as close to stock as possible Xiaomi Mi 8 Pro.
nice work thanks for this great notice, i will test PixelExperience, how work the face unlock? i use the finger print very much, all day, but not work i will use the facial unlock. Then i wanna know how work this.
thanks!!
axelgrox said:
nice work thanks for this great notice, i will test PixelExperience, how work the face unlock? i use the finger print very much, all day, but not work i will use the facial unlock. Then i wanna know how work this.
thanks!!
Click to expand...
Click to collapse
Face unlock works fine. I have it paired with Pick to wake phone - so when I pick it up it wakes up to allow face unlock.
However, be prepared for some investment of time (not for face unlock).... I am a bit stuck now and cannot reproduce the above to get this working. Sometimes the results are different depending on base ROM etc.
Share how you get on and anything you may need to do to get this working.
Thanks
Nice work, i will try it .
The mi8 pro 's fingerprint is so bad which can be ignored, and the face unlock is the mostly used, hahahah
thank you very much for your work
Hi, I am waiting to unlock bootloader. Need 148hrs. Will install this. Thanks for sharing.
Quick update: There are some issues with GSI ROMs and the Mi 8 Pro. SOe of these relate to the SIMcard settings - and selection of preferred SIM for data, calls etc.
My experience shows that the vendor image from equuleus_global_V10.3.5.0.PECMIXM fixes many of these. The vendor image from the original MIUI ROM is used with the GSI system image to make the whole Project treble stuff work. I advise flashing this latest vendor image for maximum compatibility.
Do you know what issues remain after flashing the latest vendor image?
Does the face unlock on Pixel Experience work with IR camera or front cam?
I tried installing this and it got stuck on the loading screen with the Google logo. I tried following your instructions and a few other ways and couldn't get it to work at all i'm also not able to root my phone at all. When ever I try rooting my phone just reboots to twrp until I reflash the ram or flash the magisk uninstaller.
Do you have any tips, tricks, or suggestions I might try?
Thanks!
eremeya said:
I tried installing this and it got stuck on the loading screen with the Google logo. I tried following your instructions and a few other ways and couldn't get it to work at all i'm also not able to root my phone at all. When ever I try rooting my phone just reboots to twrp until I reflash the ram or flash the magisk uninstaller.
Do you have any tips, tricks, or suggestions I might try?
Thanks!
Click to expand...
Click to collapse
Have experienced this on occasion also.
What GSI image have you tried? after my multiple efforts, I would recommend... in this order: Omni. HavocOS, Descendant(no future updates), PIxelExperience. I am hopeful about the PixelExperience team who have made an announcement that as of August they will no longer produce CAF versions of PixelExperience, and that they will maintain regular GSI builds also. PE official GSI - I am full of hope.
Anyway, back on topic: Try this.
Follow the instructions - a few precisions:
Use XiaoMiFlash to flash the equuleus_global_images_V10.3.4.0 as a base. You can update the vendor partition once you have GSI up and running, but don't let the MIUI update to 10.3.5. Ensure you define a PIN to make sure that data partition is encrypted. (everyone should use encryption nowadays, and besides, I have had bad experiences whn using a xiaomi eu or mi-globe ROM (unencrypted) as the base
Reboot and finish basic MIUI setup. - What I mean here is to let the ROM boot, don't have to sign in to Google or Mi, but get to the home screen after the initial setup.
Then reboot fastboot and flash TWRP 3.3.0. Search for TWRP-3.3.0-0504-XIAOMI8UD-CN-wzsx150.zip.
Boot to TWRP. Make sure that you are able to decrypt the data partition with the PIN you set earlier. If TWRP does not ask you for the passcode / PIN - something is wrong. Try again. ONce all is OK in TWRP, perform factory reset. (DO NOT FORMAT DATA for the aforementioned encryption reason).
adb push the img file.
adb push the Magisk 19.3 zip.
Flash both in TWRP
Reboot TWRP
Reboot system. If it appears to hang, after 5 minutes you can force restart with the power button. I have had the ROM boot OK after second boot only?
Pretty sure that if you strictly follow the above you should get a working GSI image on Mi 8 Pro. Let me know...
It's a bit flaky to set up, but once set up, apart from fingerprint sensor not working, very stable and lovely to have the stock ish android system on a MIUI phone!
Be careful with preferred network type for mobile network as some selections have messed up incoming SMS messages for me... a dealbreaker.
What happens when you flash Magisk? What does TWRP say? Have you tried flashing Magisk, rebooting TWRP, and flahing Magisk again? It may be a TWRP version issue?
Thanks for your reply!
The version of twrp you mention is what I have used. I have not tried installing then rebooting to twrp so I try that.
When flashing magisk it usually flashes fine (I have had a couple times where it just throws an error) then when I reboot the phone will boot past the Mi logo the the Android boot logo then after 10-15 sec. it just reboots to twrp.
I was finally able to get the twrp to stick across boots by flashing twrp, signing boot image, removing twrp then reboot to Miui.
Do I need to adb push the GSI image or should it be fine to install from a USB drive?
The SMS issue isn't really a big deal for me as I use Google Fi routed through hangouts for one sim and a local sim where I'm living for mostly data and a few phone calls for the second one
Thanks so much for this post. I was completely oblivious to the fact that the Mi 8 Pro would actually be different to the Mi 8 when it comes to custom roms. When I decided on my next phone, I read the positive reviews and saw enough Mi 8 roms to be willing to make a switch to Xiaomi. Until I read your post I was close to despairing as I don't want a Xiaomi rom on my phone for various reasons (among them is the fact that I don't trust them and the way they have decided to collect user data).
I've tried to follow your guide in every step (I've also flashed the updated vendor.img), but unfortunately I have not been able to install the Pixel Experience rom on my device. I do see the boot animation but it never stops, I'm forever stuck with the Google-G and the progress bar below it. Has anyone else managed to install the Pixel Experience rom on the Mi 8 Pro? If yes, did you follow the guide here or did you do something else?
Also, in your initial post you write that we should wipe the system in TWRP but as far as I can tell GSI roms need you to wipe data, cache and dalvik cache but not the system partition (if you do it, you also don't get asked for your PIN code in TWRP any more, which - as you said - indicates that something went wrong).
Did you install a particular version of the Pixel Experience rom? Maybe that might be part of my issue?
I have try many times installing it. Didn't manage to boot it up.
Finally, tested with Miroom ROM as base then flash the system.img manage to boot up.
Don't know why it didn't boot but at lease any one who have issue booting may want to try using Miroom rom as base.
tllim73 said:
I have try many times installing it. Didn't manage to boot it up.
Finally, tested with Miroom ROM as base then flash the system.img manage to boot up.
Don't know why it didn't boot but at lease any one who have issue booting may want to try using Miroom rom as base.
Click to expand...
Click to collapse
What did you do to install miroom? I've been trying to install it and it just stays on the boot screen. The only non-official from I've been able to install and boot is the unofficial LineageOS rom by fenix-UK.
eremeya said:
What did you do to install miroom? I've been trying to install it and it just stays on the boot screen. The only non-official from I've been able to install and boot is the unofficial LineageOS rom by fenix-UK.
Click to expand...
Click to collapse
I install it using twrp 3.3.0 version. Build 0503. But before that I have install the stock rom goble stable version 10.3.5.0. update FW & Vendor using the same twrp.
tllim73 said:
I install it using twrp 3.3.0 version. Build 0503. But before that I have install the stock rom goble stable version 10.3.5.0. update FW & Vendor using the same twrp.
Click to expand...
Click to collapse
Thanks.
Is your phone a Chinese version or EU version? Were you able to root global stock rom?
eremeya said:
Thanks.
Is your phone a Chinese version or EU version? Were you able to root global stock rom?
Click to expand...
Click to collapse
Hi, I am using a Chinese version. But once you unlock it you will be able to flash any version with the twrp.
I try rooting it with magisk but unable to boot up. That's why I turn to Miroom Rom. They have done something which can boot it up.
tllim73 said:
Hi, I am using a Chinese version. But once you unlock it you will be able to flash any version with the twrp.
Click to expand...
Click to collapse
I'm also using the Chinese version but no matter what I try I cannot root the global version of the rom. I can root the Chinese version fine.
eremeya said:
I'm also using the Chinese version but no matter what I try I cannot root the global version of the rom. I can root the Chinese version fine.
Click to expand...
Click to collapse
Might be the developer version is only for the Chinese Rom. Anyway I am happy now running with GSI Rom.
eremeya said:
I'm also using the Chinese version but no matter what I try I cannot root the global version of the rom. I can root the Chinese version fine.
Click to expand...
Click to collapse
What version of TWRP are you using?
Introduction
This is a LineageOS Recovery compiled from the source tree of LineageOS 17.1 for Redmi K30 5G. This is part of my ongoing work to port LineageOS 17.1 to this device. Work on the actual LineageOS 17.1 ROM is still under way (but it should be available very soon), while the recovery has been usable for quite some time now. Since it is not possible for TWRP to support any device launched with Android 10 for now, I figured that this might be useful even before I release the LineageOS custom ROM (e.g. people may want to flash Magisk on official ROMs).
I am aware that there is a TWRP port for this device, but since the source code is not accessible (as for as I can tell, maybe I just did not look hard enough for the source code), I can only advice against using it. The official TWRP open-sourced under GPLv3 does not even support devices launched with Android 10 yet, so there's clearly something going on here. I do not fix compatibility issues between my ROM and that TWRP port.
Instructions (Installing Recovery)
This recovery ONLY works on MIUI firmware version v11.0.11.0 (stable firmware before May 2020). Xiaomi hasn't released kernel source update for later firmware versions and you may experience blank screen and similar issues if you are on a newer firmware.
1. Download vbmeta.img, recovery-XXXX.zip (extract to get recovery.img)
2. Reboot to bootloader (`adb reboot bootloader`)
3. Run `fastboot --disable-verification --disable-verity flash vbmeta vbmeta.img`
4. Run `fastboot flash recovery recovery.img`
5. Run `fastboot reboot recovery` to enter LineageOS Recovery
Instructions (Installing Magisk)
You have to use the official Magisk, version 20.4 or later. Installing an older Magisk will make the system unbootable.
1. Download Magisk >= 20.4, put onto computer
2. Reboot to LineageOS recovery, select `Mount /system` (you may see some errors, but they can be safely ignored)
3. Select `Apply update from ADB`
4. Run `adb sideload Magisk-xxx.zip`
5. You will see a signature verification error, select `Yes` to bypass the check
6. Reboot to system to enjoy your Magisk installation.
Caveats
1. Since it's not TWRP, you cannot decrypt your /data in recovery for now, which means no data backup or recovery, and you cannot install on-device flashable zips through this recovery.
2. Since it's not TWRP, it cannot prevent your OS from overwriting recovery automatically. If you use official ROM, you may need to manually re-flash the recovery every time. I'm not sure whether this can be bypassed with some Magisk module.
3. Don't expect to be able to flash anything into /system (e.g. OpenGAPPS) on stock ROMs; you might be able to do so once my LineageOS ROM is released
4. When trying to install OpenGAPPS on LineageOS 17.1 (not released yet as of 2020-03-06), it will get stuck at the end of the flashing process. This does not affect the functionality of the installed system and gapps, and a force-reboot into system will work just fine. Use my patched OpenGAPPS in the LineageOS thread.
5. You need to always click "Mount /system" before flashing any mods into the system (i.e. Magisk, OpenGapps, etc., ROMs themselves are not affected), otherwise they will fail to install. (Clicking the option does not actually mount /system; it just sets up necessary mappings from the super partition to each of the dynamic partitions so that the installation scripts will work)
Downloads
LineageOS Recovery (17.1, 2020-03-06): https://mega.nz/#!PZRCBaiA!L-c3Tn6E295xcAIZCSt9ribpGsutX3QJRt04uyQGg_k
Changelog: Improved compatibility with OpenGAPPS (won't work with MIUI; this change is solely for the soon-to-be-released LineageOS 17.1 port)
LineageOS Recovery (17.1, 2020-03-01): https://mega.nz/#!XI4BGDQS!CPH2kIUdqaTtU_Zdzx8bUiL7FcU-G51RwmdH0MGbSRk
vbmeta.img: https://mega.nz/#!vQohmJgJ!IWAjbxGIxxxQ4OScQH8YT8oKJMx8Q-2pV83zqxbItD4
Source Code
Device Tree (including LineageOS 17.1 port): https://github.com/PeterCxy/android_device_xiaomi_picasso
Kernel: https://github.com/PeterCxy/android_kernel_xiaomi_sm7250
Hello,
Thanks for the custom recovery and Magisk. Would that recovery work on K30 (not 5G) or Poco X2?
Good work and keep it up!
DyXen said:
Hello,
Thanks for the custom recovery and Magisk. Would that recovery work on K30 (not 5G) or Poco X2?
Good work and keep it up!
Click to expand...
Click to collapse
Probably won't. Those two phones are totally different from the 5G version, despite their similar name / non-SoC specs. They are closer to K20 than K30 5G.
What is the progress of this LineageOS?
How long can you experience it?
syutung said:
What is the progress of this LineageOS?
How long can you experience it?
Click to expand...
Click to collapse
I'm dogfooding right now. If I don't brick my phone by dogfooding my LOS port then it will be available for download in one or two days.
PeterCxy said:
I'm dogfooding right now. If I don't brick my phone by dogfooding my LOS port then it will be available for download in one or two days.
Click to expand...
Click to collapse
I got blanky blank screen on booting this recovery :/
It only shows the first two lines
Help
Hello!
I am trying to follow the instructions to install the Lineage Recovery on my K30 5G (Speed edition), which is also codenamed "picasso" and shares the same MIUI ROM with normal K30 5G.
No luck with a mostly blank screen after booting into recovery:
imgur.com/a/cmpDedZ (sorry for the bad quality because I shot it with a webcam). As in the picture, only one and a half lines of yellow text are visible near the top, which reads "Lineage Recovery" and "Redmi/picasso/picasso". The other part is just in grey without anything except a dotted vertical blue line (almostly invisible in the picture; not the thick white lines which is just reflection) in the middle of the screen. Besides, it seems to respond to the power/volume key.
I notice that you mentioned in the other thread that your ROM requires a specific MIUI firmware version. Then does the Recovery also require so? (I didn't have a chance to try that because my phone got fully bricked immediately after downgrading to V11.0.11.0 (now fixed).) Or do you kindly have any advice?
Thanks.
Pycoo said:
Hello!
I am trying to follow the instructions to install the Lineage Recovery on my K30 5G (Speed edition), which is also codenamed "picasso" and shares the same MIUI ROM with normal K30 5G.
No luck with a mostly blank screen after booting into recovery:
imgur.com/a/cmpDedZ (sorry for the bad quality because I shot it with a webcam). As in the picture, only one and a half lines of yellow text are visible near the top, which reads "Lineage Recovery" and "Redmi/picasso/picasso". The other part is just in grey without anything except a dotted vertical blue line (almostly invisible in the picture; not the thick white lines which is just reflection) in the middle of the screen. Besides, it seems to respond to the power/volume key.
I notice that you mentioned in the other thread that your ROM requires a specific MIUI firmware version. Then does the Recovery also require so? (I didn't have a chance to try that because my phone got fully bricked immediately after downgrading to V11.0.11.0 (now fixed).) Or do you kindly have any advice?
Thanks.
Click to expand...
Click to collapse
The recovery may not work on newer MIUI firmware versions because Xiaomi didn't release corresponding kernel source updates for those newer versions. This is unfortunate, but I can do nothing about it. Ask Xiaomi to release their source code.
Hi Peter,
Thanks very much for porting Lineage OS onto the Redmi K30 5G Pro. Mine arrived today, and I'm planning on installing your port ASAP.
However, I have run into a problem: The device shipped with MIUI version 11.0.12.0. Your post in the Lineage OS Recovery thread says that I can only install it on MIUI 11.0.11.0.
Do you know how I can downgrade my MIUI software so that I can install Lineage OS Recovery?
Thanks!
After doing this now I can't flash Twrp anymore (got bootloop). pls help
Code:
/*
* Your warranty is now void.
*
* I am not responsible for bricked devices, dead SD cards,
* thermonuclear war, or you getting fired because the alarm app failed. Please
* do some research if you have any concerns about features included in this ROM
* before flashing it! YOU are choosing to make these modifications, and if
* you point the finger at me for messing up your device, I will laugh at you.
*/
This is tested on my SM-T976B, but I think the same should work on other models as well.
1. WARNING AND DISCLAIMER
Just unlocking the bootloader will not trip the warranty bit yet, so you can still go back at this point.
The warranty bit will be tripped (0x1) as soon as you actually try flashing something unofficial via Odin. YOU HAVE BEEN WARNED.
Make sure you back up all the important files in your internal storage, as you need to disable encryption with Multi-Disabler in order to let TWRP access the data partition, which would require you to format the data partition (wiping everything in the process). Additionally, keep a few nandroid backups with you so you can recover yourself in case something goes wrong.
2. Requirements
- Bootloader unlocked
- ianmacd's TWRP
- Neutralized vbmeta*
- (Optional**) vendor.img from Android 10 stock FW (I used ATK3, but any A10 vendor should do)
- Multi-Disabler
* An empty vbmeta is not recommended. You need to patch the vbmeta of the stock FW you're currently on.
** UPDATE (2022-08-29): It seems Magisk now works with recent A11 GSIs using A11 vendor, so there's no explicit need to flash A10 vendor in the following tutorial steps, unless you run into issues. Thanks to @AnonVendetta for testing and confirming. Using a more recent version of Magisk is recommended.
3. Flashing
Since this device uses dynamic partitions. Flashing system images is not as straightforward as before but not impossible.
azteria2000's GSI Flasher provided a good example on how to use dd/simg2img to flash dynamic partitions using just recovery. This is extremely helpful, as TWRP currently doesn't support fastbootd, which would make flashing even easier.
(1). Extracting Android 10 vendor.img (Optional, unless you have issues with your current vendor)
While you can boot recent GSIs with Android 11 vendor, Magisk currently doesn't work with it. Android 10 vendor is required for Magisk to work properly.
The Android 10 vendor can be extracted from the factory image's super.img. You need to unsparse the image using simg2img then use lpunpack to extract it, and you'll obtain the vendor.img.
(2). Flashing GSI and (Optional) Android 10 vendor.img
The entire flashing process can be done from TWRP.
NOTE 1 (UPDATE 2022-08-29): Flashing A10 vendor is no longer necessary now, unless you have issues.
NOTE 2: At present, Multi-Disabler expects /system_root to be mountable r/w, which cannot be done with a non-vndklite GSI. As such, if you're about to flash /vendor at this step, use a vndklite GSI, or if you're coming from stock, flash Multi-Disabler before actually flashing GSI (a reboot is needed after flashing /vendor to make it accessible).
The corresponding block devices for system and vendor are as follows:
Code:
/dev/block/dm-0 - system
/dev/block/dm-1 - vendor
First set the block devices to r/w so you can flash images.
Code:
# blockdev --setrw /dev/block/dm-0
# blockdev --setrw /dev/block/dm-1
Now actually flash the images with dd. Change the "if" parts to point to where the GSI system image and Android 10 vendor image are.
Code:
# dd if=<GSI image here> of=/dev/block/dm-0 bs=1m
# dd if=<vendor image here> of=/dev/block/dm-1 bs=1m
In rare cases that the GSI image you're about to flash is sparsed, run the following command instead of dd. You need to point to your sparsed GSI image here.
The vendor.img you obtain from super.img is not sparsed and can be flashed directly using the dd command above.
Code:
# simg2img <sparsed GSI image here> /dev/block/dm-0
If nothing goes wrong, you've flashed the GSI as well as Android 10 vendor.
Android 10 vendor flashed this way will work even if you have upgraded past BUC1 (which blocked the downgrade to Android 10).
It's advised to reboot recovery before trying to access system and vendor, to avoid potential issues.
NOTE: If you flashed vendor in this step, DO NOT REBOOT TO SYSTEM JUST YET.
(3). Flashing Multi-Disabler
You need to flash Multi-Disabler to disable encryption of internal storage so TWRP could access it.
If you flashed the vendor.img when flashing GSI, you MUST flash Multi-Disabler again if you have already disabled encryption with it before.
After flashing Multi-Disabler, you can now try booting to see if the GSI of your choice works.
4. Important Notes
(1). Neutralizing Software (Platform) Watchdog
There's a software (platform) watchdog that by default doesn't get fed while running GSI, causing system to reboot about 100 seconds after boot due to "platform watchdog bite". See this issue and this issue for details.
It's possible to disable this watchdog after boot, by executing the following command using a root shell.
Code:
# echo 'V' > /dev/watchdog
You need to look for a way to execute the command above at boot to automatically disable the problematic watchdog so the GSI can function normally. There are several ways to do this, like putting the command into a Magisk module's service.sh so it gets executed when the Magisk module loads.
EDIT: I've filed an issue regarding the matter here. After some testing, it seems /dev/watchdog0 is the real culprit for our device. Disabling either /dev/watchdog or /dev/watchdog0 will work this around.
UPDATE (2021-09-11): I can confirm that DragKernel is not affected by this issue. The offending watchdog is not present and the system won't reboot after 100 seconds.
UPDATE (2022-08-29): The watchdog is mainly an issue if you use A10 vendor. You may not have issues with that watchdog if using A11 vendor but it's still recommended to get it disabled.
(2). Uncertified Device
Since phh-AOSP v303 and onwards, the device is considered uncertified which will prevent you from logging in to your Google account.
Manually registering the device is required for using Google Play Services, but for some reasons that didn't work for me, so I recommend using NanoDroid with microG if applicable (requires Magisk).
(3). Offline Charging Icon
With some GSIs, when powered off, plugging in the charger would make the tablet enter a screen with a white charging battery icon in the middle, that I couldn't easily get out of by pressing POWER button alone. Although I did manage to get out of that screen and boot to the system, I don't really know which button combination is required, and how long I should be holding them. So for now, charging while powered off is not advised...
(4). Potential soft bricks with Securize
UPDATE (2022-08-29): Should have pointed this out earlier that if you attempt to Securize on official phh-AOSP, the device will softbrick. Additionally, merely removing phh-SU is enough to cause the softbrick (thanks to AnonVendetta again for confirming).
While the cause is uncertain, it's quite likely that the tablet cannot work if not using any form of root (be it phh-SU or Magisk) due to Samsung's security mechanisms getting in the way.
5. Working Stuffs
- 120 fps working (by forcing FPS using Phh-Treble Settings).
- Wi-Fi and Bluetooth work fine.
- S-Pen works as a pointer device.
- Alternate Audio Policies (from Phh-Treble Settings) is needed to get audio out through USB Type-C.
- Front and rear camera appears working.
6. Not Working Stuffs
- MTP does not appear to work properly for some reasons. You'll need ADB for transferring files.
- USB Type-C audio adapters may or may not work depending on GSI, Kernel or maybe other aspects.
- Bluetooth audio currently has issues that cause the system to freeze.
7. Untested Stuffs
- Haven't tested telephony-related stuffs as I'm not using a SIM card on the tablet yet.
- Haven't tested fingerprint sensors as I'm not using it.
There are still some functionalities I haven't tested yet, but anyone is free to test if you want to use a GSI.
Special thanks to: ianmacd, phhusson, Bushcat, Vntnox, azteria2000, dron39 and many more...
Original GSI progress issue: here
I finally got this working on my SM-T970. Though I had some troubles getting it working by following your instructions exactly, it would still boot loop even after neutralizing vbmeta.img (perhaps I changed the wrong offset?). Though for some reason flashing magisk made it boot perfectly? I assume Magisk disables AVB entirely or something. Thank you for this guide, may this tablet live a long life thanks to treble!
sambow23 said:
I finally got this working on my SM-T970. Though I had some troubles getting it working by following your instructions exactly, it would still boot loop even after neutralizing vbmeta.img (perhaps I changed the wrong offset?). Though for some reason flashing magisk made it boot perfectly? I assume Magisk disables AVB entirely or something. Thank you for this guide, may this tablet live a long life thanks to treble!
Click to expand...
Click to collapse
i also got SM-T970 please help me to get back to android 10... Most of the game which play crashes in the middle for android 11 ... Can you please help me to do what you did ... i am new to this custom ROMs and flashing so help me..
As I know, you can't. All android 10 bootloaders are XXU1 - if you upgraded to XXU2 then nothing can be done.
ivanox1972 said:
As I know, you can't. All android 10 bootloaders are XXU1 - if you upgraded to XXU2 then nothing can be done.
Click to expand...
Click to collapse
Sorry, didn't notice there were new posts in my actual thread...
While you certainly can't flash XXU1 firmware via Odin once you upgraded to XXU2, you can follow the instructions to use dd in TWRP to flash the logical partitions. This is how I used to flash vendor image extracted from Android 10 FW, as due to SELinux policy issues, Android 11 vendor does not work well with GSIs on Samsung Qualcomm devices in general. Magisk won't work, and the tablet would semi-brick if you attempt to use Securize from Phh-Treble settings.
While I mostly use Android 11 GSIs, the same should work with Android 10 GSIs of your choice, but I haven't tested, as most A10 GSIs are no longer maintained. GSI image of your choice (/system) and A10 vendor (/vendor) are all you need, as GSIs do not care about /odm and /product so it's safe to leave them as-is.
A WARNING: I DO NOT recommend flashing A10 stock FW using this method as you're literally violating the rollback protection which has the risk of causing A HARD BRICK!!! Similar cases have happened on other devices of other vendors before.
ONE MORE WARNING: Due to the ongoing case of Samsung disabling cameras on Z Fold 3, I seriously advise against upgrading the device any further, especially in case a XXU3 firmware comes out in the future, as there are potential signs that such crippling behavior might spread to existing devices.
@LSS4181 thanks dor for deep explanation, but I'm afraid my level is not high enough to understand all of this. I am also tempted to try gsi but not want to risk lot...
So, can it be installed over stock android 11, new bootloader XXU2?
Thanks
ivanox1972 said:
@LSS4181 thanks dor for deep explanation, but I'm afraid my level is not high enough to understand all of this. I am also tempted to try gsi but not want to risk lot...
So, can it be installed over stock android 11, new bootloader XXU2?
Thanks
Click to expand...
Click to collapse
I can't guarantee A10 GSI will work on such environment, but GSIs probably won't have issues with rollback protections. It's just stock ROM might have something that would do dirty stuffs in case such violation happens so I personally would not recommend such use case.
However, A11 GSIs will certainly work fine, just that with A10 vendor you need to use DragKernel as the stock one has a watchdog that'll reboot the system after 100 seconds.
@LSS4181 - thank you for the guide, I've had a T970 for nearly 1 year now, always wanted to run a custom rom on it!
I've tried your guide twice now, but it results in failures for me.
I've unlocked the bootloader, flashed TWRP (twrp-gts7xl-3.5.0_10-A11_3_ianmacd.img), running ATK3.
Not sure if TWRP for Android 11 and ATK3 being Android 10 makes a difference?
I extracted a vbmeta.img.lz4 from the ATK3 pack online, decompressed it to get the vbmeta.img, and wrote 0x03 to decimal offset 123.
(Tried to follow the instructions exactly)
I think it's the flashing/dd part.
After I dd the gsi img to dm-0, I can not reflash the multidisabler anymore. It tells me something like:
"Failed to mount '/system_root' (Invalid argument)"
Then, I can't even mount 'system' in TWRP, the checkbox is unselectable.
To get back to a working state, I have reflashed the stock rom (ATK3).
The GSI I tried to use was: system-roar-arm64-ab-vanilla.img.xz - from AOSP 11.0 v313
Is this the correct version to use (A, A/B etc?)
And how can I tell if the image file is sparsed or not?
Any input is appreciated, thank you!
zxczxc4 said:
@LSS4181 - thank you for the guide, I've had a T970 for nearly 1 year now, always wanted to run a custom rom on it!
I've tried your guide twice now, but it results in failures for me.
I've unlocked the bootloader, flashed TWRP (twrp-gts7xl-3.5.0_10-A11_3_ianmacd.img), running ATK3.
Not sure if TWRP for Android 11 and ATK3 being Android 10 makes a difference?
I extracted a vbmeta.img.lz4 from the ATK3 pack online, decompressed it to get the vbmeta.img, and wrote 0x03 to decimal offset 123.
(Tried to follow the instructions exactly)
I think it's the flashing/dd part.
After I dd the gsi img to dm-0, I can not reflash the multidisabler anymore. It tells me something like:
"Failed to mount '/system_root' (Invalid argument)"
Then, I can't even mount 'system' in TWRP, the checkbox is unselectable.
To get back to a working state, I have reflashed the stock rom (ATK3).
The GSI I tried to use was: system-roar-arm64-ab-vanilla.img.xz - from AOSP 11.0 v313
Is this the correct version to use (A, A/B etc?)
And how can I tell if the image file is sparsed or not?
Any input is appreciated, thank you!
Click to expand...
Click to collapse
Uh... I should have mentioned earlier. Multi-Disabler expects /system_root to be mountable r/w, which cannot be done with a non-vndklite GSI.
As such, to disable encryption, you'll initially need to flash a vndklite GSI, or simply just do that before you actually flash the GSI (stock ROM can be mounted r/w). As Multi-Disabler is only needed once per /vendor flash, you'll be able to use non-vndklite GSI afterwards.
EDIT: If you are experienced in modifying recovery zips, you can edit the Multi-Disabler install script and comment out the parts actually involving /system or /system_root.
EDIT 2: I just realized this... I recall that phh AOSP GSI is sparsed. You need to use simg2img command instead of dd to flash it.
@LSS4181 - thank you for the reply.
I am not sure if the images I was trying to us were sparsed or not.
Since you mentioned vndklite images, I tried those - `simg2img` told me that the hash/magic was not valid, so at least these ones are not sparsed.
But good idea to attempt to use `simg2img` if you are not sure about an image, it doesn't hurt to try.
I flashed phh's v313 ab vndklite image, my device was stuck on the samsung boot screen for about 10 minutes (the screen with "your device is unlocked" etc...) I then held some buttons to force reboot/power down. I powered back on and I finally saw the rom booting.
Vanilla AOSP was a bit boring, so flashed LOS 18.x (vndklite again) and that is great. Dark mode can be made BLACK which I really appreciate.
No issues with the watchdog/no reboot after 100 seconds.
I did try to install microg... tried to install (adb push) to /system/priv-data but must have done something wrong.
It gave me bootloops, tried to reflash the gsi twice but didn't seem to change anything...
I ended up reflashing stock again, repeated the whole process (apart from microg!) and my system is up working again.
I should go and ask on the lineage os gsi thread for advice about microg.
Thanks again for the guide.
zxczxc4 said:
@LSS4181 - thank you for the reply.
I am not sure if the images I was trying to us were sparsed or not.
Since you mentioned vndklite images, I tried those - `simg2img` told me that the hash/magic was not valid, so at least these ones are not sparsed.
But good idea to attempt to use `simg2img` if you are not sure about an image, it doesn't hurt to try.
I flashed phh's v313 ab vndklite image, my device was stuck on the samsung boot screen for about 10 minutes (the screen with "your device is unlocked" etc...) I then held some buttons to force reboot/power down. I powered back on and I finally saw the rom booting.
Vanilla AOSP was a bit boring, so flashed LOS 18.x (vndklite again) and that is great. Dark mode can be made BLACK which I really appreciate.
No issues with the watchdog/no reboot after 100 seconds.
I did try to install microg... tried to install (adb push) to /system/priv-data but must have done something wrong.
It gave me bootloops, tried to reflash the gsi twice but didn't seem to change anything...
I ended up reflashing stock again, repeated the whole process (apart from microg!) and my system is up working again.
I should go and ask on the lineage os gsi thread for advice about microg.
Thanks again for the guide.
Click to expand...
Click to collapse
You could always flash magisk and use the microg module, works perfectly for me
sambow23 said:
You could always flash magisk and use the microg module, works perfectly for me
Click to expand...
Click to collapse
That's exactly what I ended up doing.
Originally I wanted to avoid the 'newer' style, using Magisk etc, it seems more complicated than just using a rom that is already rooted. For my use case of this device, I don't care about safetynet etc, don't care about keeping system untouched etc.
BUT! Flashing Magisk was so easy, no need to patch any images... I simply flashed the latest version of the Magisk apk via TWRP.
On restart, Magisk app wanted to finish the install itself... but failed? So I simply installed the same apk myself, and it's been working perfectly
Thank you @LSS4181 for the exquisitely detailed instructions! I think have enough experience with this stuff to be succesful, but have not yet bought this tablet to try it (currently using a rooted, debloated S6).
Questions:
Which vendor does it ship with? ATK3? I wouldn't do any upgrades when I got it, but would immediately start flashing.
Has anyone succesfully used XPrivacyLua (XPL) on this? I currently use XPL Pro, and I know that it depends on a working EdXposed (or Lsposed, which I've never used) which requires a working Magisk. From reading this thread, the Magisk part seems Okay, but what about Ed/L Xposed?
Thanks again.
TiTiB said:
Thank you @LSS4181 for the exquisitely detailed instructions! I think have enough experience with this stuff to be succesful, but have not yet bought this tablet to try it (currently using a rooted, debloated S6).
Questions:
Which vendor does it ship with? ATK3? I wouldn't do any upgrades when I got it, but would immediately start flashing.
Has anyone succesfully used XPrivacyLua (XPL) on this? I currently use XPL Pro, and I know that it depends on a working EdXposed (or Lsposed, which I've never used) which requires a working Magisk. From reading this thread, the Magisk part seems Okay, but what about Ed/L Xposed?
Thanks again.
Click to expand...
Click to collapse
XPrivacyLua/LSPosed does work, I'm able to pass safetynet thanks to it
TiTiB said:
Thank you @LSS4181 for the exquisitely detailed instructions! I think have enough experience with this stuff to be succesful, but have not yet bought this tablet to try it (currently using a rooted, debloated S6).
Questions:
Which vendor does it ship with? ATK3? I wouldn't do any upgrades when I got it, but would immediately start flashing.
Has anyone succesfully used XPrivacyLua (XPL) on this? I currently use XPL Pro, and I know that it depends on a working EdXposed (or Lsposed, which I've never used) which requires a working Magisk. From reading this thread, the Magisk part seems Okay, but what about Ed/L Xposed?
Thanks again.
Click to expand...
Click to collapse
I got my tablet early so it was on an earlier version than ATK3.
If your device ships with BUBB or before, you should be able to downgrade directly if you know how to use Odin.
Flashing ATK3 (or earlier) vendor via dd from TWRP is only needed if your device is on BUC1 or later, as from that version onwards SW REV has been incremented so you can't downgrade via Odin anymore.
sambow23 said:
XPrivacyLua/LSPosed does work, I'm able to pass safetynet thanks to it
Click to expand...
Click to collapse
Which Xposed are you using? I'm not very familiar with Lsposed.
Thanks ag
LSS4181 said:
I got my tablet early so it was on an earlier version than ATK3.
If your device ships with BUBB or before, you should be able to downgrade directly if you know how to use Odin.
Flashing ATK3 (or earlier) vendor via dd from TWRP is only needed if your device is on BUC1 or later, as from that version onwards SW REV has been incremented so you can't downgrade via Odin anymore.
Click to expand...
Click to collapse
Thanks again for the detailed response. The info you've shared gives me confidence. Now I just need to convince myself that I 'need' to buy it.
@LSS4181: I've been running the stock Android 11 firmware since I bought the Tab S7+ SM-T970, about halfway into this year. Mine shipped with a version 2 bootloader, so there is no possibility of running stock 10 for me.
Then I saw your note about Bluetooth earbuds not working. This would be a big deal for me on a GSI. I don't want to use a USB C headphone jack adapter, since it would prevent charging while using them. And it would wear out the charging port by constantly inserting/removing.
What BT earbuds do you use? Does it happen on all GSIs that you've tried? I saw your recent issue on GitHub, and noticed that no one else has commented.
GApps is another big deal for me, a must have. I used to use MicroG on my daily driver devices, but stopped using it about a year ago due to issues that I was unable to find solutions for.
Can you elaborate a bit more on how to modify vbmeta and what to change? I'm not particularly skilled with the usage of hex editors, so not sure how to proceed here or what to edit.
I know there will probably be issues inherent to running to a GSI, but I'd like to change things up a bit and experiment. If I don't like what I see, I can always return to stock rooted. I'm not a big fan of stock firmwares, but so far it has been very stable for me. However, if I can get a custom ROM like AOSP, RR, LOS, etc running reliably, then I'd definitely switch. There are no features on stock besides Dex and Secure Folder, that are compelling enough to me me stay on it.
AnonVendetta said:
@LSS4181: I've been running the stock Android 11 firmware since I bought the Tab S7+ SM-T970, about halfway into this year. Mine shipped with a version 2 bootloader, so there is no possibility of running stock 10 for me.
Then I saw your note about Bluetooth earbuds not working. This would be a big deal for me on a GSI. I don't want to use a USB C headphone jack adapter, since it would prevent charging while using them. And it would wear out the charging port by constantly inserting/removing.
What BT earbuds do you use? Does it happen on all GSIs that you've tried? I saw your recent issue on GitHub, and noticed that no one else has commented.
GApps is another big deal for me, a must have. I used to use MicroG on my daily driver devices, but stopped using it about a year ago due to issues that I was unable to find solutions for.
Can you elaborate a bit more on how to modify vbmeta and what to change? I'm not particularly skilled with the usage of hex editors, so not sure how to proceed here or what to edit.
I know there will probably be issues inherent to running to a GSI, but I'd like to change things up a bit and experiment. If I don't like what I see, I can always return to stock rooted. I'm not a big fan of stock firmwares, but so far it has been very stable for me. However, if I can get a custom ROM like AOSP, RR, LOS, etc running reliably, then I'd definitely switch. There are no features on stock besides Dex and Secure Folder, that are compelling enough to me me stay on it.
Click to expand...
Click to collapse
Bluetooth audio works if you disable the a2dp hardware offload in the phh treble app
AnonVendetta said:
@LSS4181: I've been running the stock Android 11 firmware since I bought the Tab S7+ SM-T970, about halfway into this year. Mine shipped with a version 2 bootloader, so there is no possibility of running stock 10 for me.
Then I saw your note about Bluetooth earbuds not working. This would be a big deal for me on a GSI. I don't want to use a USB C headphone jack adapter, since it would prevent charging while using them. And it would wear out the charging port by constantly inserting/removing.
What BT earbuds do you use? Does it happen on all GSIs that you've tried? I saw your recent issue on GitHub, and noticed that no one else has commented.
GApps is another big deal for me, a must have. I used to use MicroG on my daily driver devices, but stopped using it about a year ago due to issues that I was unable to find solutions for.
Can you elaborate a bit more on how to modify vbmeta and what to change? I'm not particularly skilled with the usage of hex editors, so not sure how to proceed here or what to edit.
I know there will probably be issues inherent to running to a GSI, but I'd like to change things up a bit and experiment. If I don't like what I see, I can always return to stock rooted. I'm not a big fan of stock firmwares, but so far it has been very stable for me. However, if I can get a custom ROM like AOSP, RR, LOS, etc running reliably, then I'd definitely switch. There are no features on stock besides Dex and Secure Folder, that are compelling enough to me me stay on it.
Click to expand...
Click to collapse
sambow23 said:
Bluetooth audio works if you disable the a2dp hardware offload in the phh treble app
Click to expand...
Click to collapse
Don't know if audio issues might be caused by using a different kernel (as I've switched to using DragKernel for this tablet). I don't recommend using stock kernel, though, due to a nasty 100-second watchdog that you need to manually disable after system startup (DragKernel has that removed from config).
I recall it's now possible to patch vbmeta using Magisk now. Simply provide the vbmeta of your FW version to Magisk and it'll patch it for you. I haven't tried, though, as I always do this by hand with a hex editor (it's just to change a single byte, which the recent Magisk versions would do).
Back then I couldn't get the device certified so I switched to microG which is working well. I recommend using NanoDroid as it comes with a modded Play Store which allows you to purchase apps as well as IAPs. The modded Play Store still works, despite being quite dated.
I don't really have anything blocking me from using microG now. If you need real GApps and know about the workflow for uncertified devices, you may try flashing a bgN flavor GSI as opposed to bvN (g means the GSI ships with GApps).