DO NOT USE THIS ON THE GINGERBREAD RELEASES ! THE SAMSUNG GINGERBREAD RELEASES DO HAVE SIGNED BOOTLOADERS, BUT THEY ARE NOT LOCKED. In other words, you can still flash custom kernels and such, and the bootloader patch will only break things, not fix them.
To read the history of this problem, see the 2nd post of this thread (scroll down).
A number of new firmwares for the Samsung Galaxy Tab come with "signed / protected" bootloaders. These new bootloaders prevent you from flashing custom or otherwise unsigned kernels on the device. Trying to do so anyway will result in errors and usually requires you to reflash your ROM completely.
I hope everybody here has learned the lesson not to just flash anything that SamFirmware releases
The patch
After a great many hours of researching, testing and coding, myself (Chainfire) and Rotohammer have come up with a patch that works on most devices (currently all known GSM Tab variants), and flashes back unprotected JJ4 (T-Mobile ?) bootloaders, or the original P1000N bootloaders for the Latin models. The app only patches when it finds protected bootloaders, and you have to press a button for that, so the app can also be used to look at your current status.
The patch has been tested repeatedly and with success on (0 bricks so far):
- GT-P1000 Euro/International/Unbranded Galaxy Tab
- SGH-I987 AT&T Galaxy Tab
- SGH-I987 Rogers Galaxy Tab
- SGH-T849 T-Mobile Galaxy Tab
- GT-P1000L Latin Galaxy Tab (use LATIN version!)
- GT-P1000N Latin Galaxy Tab (use LATIN version!)
Additional thanks to: koush, neldar, richardtrip, AColwill, farahbolsey, deezid, wgery, tmaurice, rmanaudio, crisvillani, alterbridge86, ivannw, themartinohana, luisfer691 (in no particular order!)
Please note that even though there have not been any bricks so far, replacing bootloaders is a very dangerous operation that may BRICK your device, and you should think twice before using the patch. Using the patch is completely AT YOUR OWN RISK!
Instructions
Download the attached APK, install it on your device, and run it. It will show you a status screen, and if your device is compatible and you have protected bootloaders, the bottom entry "Patch bootloaders" will become available. Tapping it will start the patch procedure.
Note that the patch requires root !
Mini-FAQ
--- After the fix, my "zImage" still shows signed ! Is this a problem ?
No, this is perfectly fine! What matters is that "PBL", "SBL" and "SBL_Backup" are not signed. If "zImage" is signed, it means this ROM can be flashed onto a device that has signed bootloaders. UNsigned "zImage"s can NOT be flashed on signed bootloaders. This is the origin of the problem, because custom kernels are always UNsigned "zImage"s !
--- Can I now flash any ROM and just use this application to fix the bootloaders ?
Technically yes. But it would be stupid to do so. Flashing bootloaders (what this app does) is VERY dangerous, it is the only way to really brick a Tab. If you want to flash a new ROM, make sure it DOES NOT contain bootloaders. Remove them yourself, or wait for somebody else (like Rotohammer) to remove the bootloaders and post the "safe" ROM. Even though this patch is available, if at all possible, you should always try to avoid having to use it.
CDMA tabs
There is currently no support for CDMA Galaxy Tabs, nor do we know if support is needed at this time.
LINKING
You are expressly forbidden to repost the APK elsewhere. If you post about this, post a link to this thread, not to the download (or a repost of the download).
Download
Don't forget to donate and/or press the thanks button!
For non-XDA members who cannot access the attachment, here are multiupload links:
Euro / International / Unbranded / AT&T / Rogers / T-Mo: http://www.multiupload.com/EMOCU1S0V2
Latin (P1000L and P1000N): http://www.multiupload.com/3TJ3YWMWJR
MAKE SURE TO SELECT THE RIGHT DOWNLOAD!
WARNING! Do not flash JM6/9/A/C/D/E/F... Before reading this !
THIS POST, #2 OF THIS THREAD, IS HISTORICAL AND LEFT HERE "FOR THE RECORD". SEE THE FIRST POST FOR WHAT IS CURRENT!
BREAKING NEWS / JAN 15: A fix has been found ! See this post. Also see the bounty thread: http://forum.xda-developers.com/showthread.php?t=906464.
This really applies to other ROMs as well, but the "new" JM6/9/A/C/D/E/F ROMs specifically.
Some of these ROMs include new bootloaders. These bootloaders check checksums/signatures in various parts of the firmwares. The "normal" Samsung ROMs, nor custom ROMs and kernels, have these checksums.
The result is that once flashed, you cannot revert to older/official/custom Samsung ROMs, and you are pretty much stuck using one of these four ROMs, as they are the only ones containing the right checksums.
At least TRIPLE CHECK if you want to flash one of these ROMs, that what you are flashing DOES NOT include the new bootloaders ( boot.bin and sbl.bin ). I know from the CF-Root thread that a fair number of you are already too late, but I thought to warn new users anyways. Some modders (like rotohammer) already usually remove these parts, but still triple check everything to make sure.
There is no known fix. I know, I've tried all of them some people suggested in other threads. None of them really works. Sure, with some effort, you can get a different firmware to somewhat run, but you'll still be using the "checksum" bootloaders and the kernel will not be modified. You will still be running the kernel from the "checksum" firmware you loaded earlier. You will not be able to do full flashes, nor will KIES updates work.
Hopefully somebody will find a real solution for this issue for those already affected. If so, please post it in this thread.
Are you affected ?
NEW DEC 28: See SGTBootloaderCheck script below!
It is hard to say for sure without actually trying to flash a non-JM6/A/C/D kernel without the correct checksum. Here's a screenshot of the error you'll get:
If you still have the original files for the ROM you flashed, but do not want to try flashing a non-Samsung-stock kernel, there are some indicators:
- Rename all .tar.md5 files to .tar
- Extract all the .tar files with WinRAR
- Look at the resulting files:
--- Includes "boot.bin" (primary bootloader)
--- Includes "sbl.bin" (secondary bootloader)
If one or both are present, this indicates new bootloaders are being flashed. That does not make it certain if they are "protected" or not, though. But if a large zImage is also present (see the next item), it is very likely they are.
- Look at the resulting files:
--- "zImage" (kernel)
If zImage is about 7800 kb (as opposed to 4000 - 5500 kb that is normal), it is very likely this kernel includes a checksum. If you want to be 100% sure, open zImage in a hex editor, and go all the way to the end. There will be a few mb of 0's, followed by 128 bytes checksum - the very last 128 bytes in the file.
Such a zImage can be flashed both on "original" and the new "protected" bootloaders. The "protected" bootloaders can only flash these zImage, not the smaller variants.
If you have boot.bin, sbl.bin and a 7800 kb zImage, it is 99% likely flashing this ROM will give you a "protected" bootloader.
Some tech
Once these ROMs are flashed, it is required updates to "boot", "sbl", "zImage" have a 128-byte checksum/signature. In boot.bin and sbl.bin these are near the end, in zImage (7800 kb files) they are the very last 128 bytes. Only firmwares with a zImage that have this signature will be flashable (which at the time of this writing are only JM6/A/C/D).
I have no idea how this signature is generated as of yet, so "faking it" is also not an option. If somebody figures that out, please post it in this thread. Then we could just insert the signatures in the older bootloaders and flash them back (still a dangerous effort by itself).
I think, and possible others will correct me on this, the verification goes as follows, on a running device:
- PBL ( boot.bin ) checks SBL ( sbl.bin ) signature
- SBL checks kernel ( zImage ) signature
While flashing, I think it's the SBL that verifies the PBL/SBL/kernel flash, and refuses to write if the signature isn't correct.
Possible solutions
Flashing back "unprotected" bootloaders from older ROMs through either Odin or Heimdall does not work. These older bootloaders do not have the required signatures/checksums and thus the flash will fail.
A possible solution would be rooting the device, using Koush' bmlunlock, and dd'ing back bml1 and bml4 from backups, complete bypassing the flash checks. This is a very very dangerous to be trying out though, and unless you really know what you are doing, I wouldn't attempt it. Maybe someone has Samsung repair center contacts or a JTAG unit close by ?
Personal note
I have tried to flash back older bootloaders and kernels several times and in several ways (from for example JJ4) but this fails. Odin said it succeeded the very last time I tried, however it really didn't, as my device is now a full (user-wise) brick. It doesn't even turn on to show me the "phone --- | --- pc" error screen. So I guess I need to make a trip to the nearest Samsung repair center (200 miles away). Too bad my car also broke down today Guess it'll be some time (and money) before I have a working Tab again. Note that the brick was a problem with Odin, probably, not directly caused by the protected bootloaders themselves.
Update: Tab is back and working Replaced mobo, so I no longer have the signed bootloaders myself.
NEW DEC. 28: SGTBootloaderCheck
Attached is also SGTBootloaderCheck. This is a script run on your Windows PC through ADB to check your bootloaders. It requires root, SuperUser, and a working ADB connection.
Just unzip the archive to a new folder, and double-click "check.bat". That should dump your bootloaders and kernel, copy them to your computer, check the content for signatures, and let you know the result.
I can't guarantee it works, but it should
Attached
An archive with some relevant files for those who want to do some research. DON'T FLASH THESE FILES !!!
( 467, 909 )
I'm sorry about your Tab man.
After flashing JM6, I have "zImage" and "Sbl.bin" but no "boot.bin" in my internal SD. Am I affected?
Also, is it safe to delete these files from my internal SD? I'm guessing they were put there temporarily and are now stored somewhere else already?
hey chainfire,
i'm sorry about the brick :/
my english seems to be very bad... could u explain me why ur tab is bricked now?
i think i understood why its not possible to flash to another firmware but why ur tab is bricked now? yesterday i flashed to jm6 from an old arabic fw (i think it was JJ1) with pit p1 and code, modem and csc file with re-part. on. so is anything there i have to look out now?
codewisp said:
After flashing JM6, I have "zImage" and "Sbl.bin" but no "boot.bin" in my internal SD. Am I affected?
Also, is it safe to delete these files from my internal SD? I'm guessing they were put there temporarily and are now stored somewhere else already?
Click to expand...
Click to collapse
You could be affected, I can't say for sure. The only way to be sure is trying to flash a custom kernel and see if Odin gives an error. See the CF-Root thread for screenshots of the error that is produced if you are affected. If there's no error and it boots, you have probably not been affected. Note that you can flash back the original JM6 kernel with both the "protected" as well as the "original" bootloaders.
I'll update the first post to add a bit more information.
Also yes, those files on your internal SD are temporary, you can delete them.
DubZyy said:
hey chainfire,
i'm sorry about the brick :/
my english seems to be very bad... could u explain me why ur tab is bricked now?
i think i understood why its not possible to flash to another firmware but why ur tab is bricked now? yesterday i flashed to jm6 from an old arabic fw (i think it was JJ1) with pit p1 and code, modem and csc file with re-part. on. so is anything there i have to look out now?
Click to expand...
Click to collapse
The brick is a result of a bad bootloader flash... it's not something any of you are likely to encounter (unless you are trying to fix this issue).
If you successfully flashed to JJ1 - Odin did not produce any errors - you are probably safe!
Thanks for the information, but a little bit late for me --> bricked
My luck: Next samsung repair center is 5 kilometers away.
But I don't know what i should tell him.
The truth?
@chainfire
Have your tried hexediting the version of the SBL to a "fake" newer version? or does the check only care about the checksum ? on older phone we used to be able to do this....
I'm unpacking my dev. tab as we speak so I hope to have some time to play between x-mas dinners
chinchen said:
Thanks for the information, but a little bit late for me --> bricked
My luck: Next samsung repair center is 5 kilometers away.
But I don't know what i should tell him.
The truth?
Click to expand...
Click to collapse
Damned lucky the repair center is close!
You wouldn't happen to be living near me and I just never heard of this service center, would ya ?
How exactly is it a brick ? It's only a brick if it doesn't turn on at all anymore (like mine). If you can get anything on screen, you can bring it back to life (although maybe with protected bootloaders).
Jesterz said:
@chainfire
Have your tried hexediting the version of the SBL to a "fake" newer version? or does the check only care about the checksum ? on older phone we used to be able to do this....
I'm unpacking my dev. tab as we speak so I hope to have some time to play between x-mas dinners
Click to expand...
Click to collapse
As far as I have been able to deduce (I have not done a full decompile yet, and not sure if I'm going to) it's only the checksum that matters. But I could be wrong there.
I'll upload some files for you in a minute, so you can look at them yourself as well.
chinchen said:
Thanks for the information, but a little bit late for me --> bricked
My luck: Next samsung repair center is 5 kilometers away.
But I don't know what i should tell him.
The truth?
Click to expand...
Click to collapse
Anything besides truth - tell them that you turn off Tab at evevning, and at the morning he doesnt start... they believe
Chainfire - my condolence... i also cannot flash CF-Root on JMC so i think i have new bootloader - im waiting for next steps when yours Galaxy Tab alive
sorry for my english
@Jesterz:
Some files you might want to look at attached to first post.
Is there any way to check what version of bootloader i have installed? I cannot install CF-Root on JMC -its enough to say i upgrade bootloader in my Tab?
faust86 said:
Is tehere any way to check what version of bootloader i have installed? I cannot install CF-Root on JMC -its enough to say i upgrade bootloader in my Tab?
Click to expand...
Click to collapse
If you get the same error as in the screenshot linked to in the first post, yes, you have the protected bootloaders.
good to know i am not effected. and for people who has effected roms i think as we know the reason there will be a quick solution for this.
Chainfire said:
If you get the same error as in the screenshot linked to in the first post, yes, you have the protected bootloaders.
Click to expand...
Click to collapse
So i install this *** bootloader... maybe i brick my Tab and take it to service point... i have 100 meters :>
Me too
Chainfire said:
If you get the same error as in the screenshot linked to in the first post, yes, you have the protected bootloaders.
Click to expand...
Click to collapse
I have the error and I cant change ROM (a part from switching between JM6, JMA and JMC)... Hope someone soon find a fix!
My tab some ago was in a similar state (complete black and didnt show in ODIN).
My luck was that it was stuck in some kind of download mode. Leaving it connected to the computer has made a miracle: after more than 15 minutes it has appeared as connected in ODIN and was possible to flash back a ROM).
patomas said:
I have the error and I cant change ROM (a part from switching between JM6, JMA and JMC)... Hope someone soon find a fix!
My tab some ago was in a similar state (complete black and didnt show in ODIN).
My luck was that it was stuck in some kind of download mode. Leaving it connected to the computer has made a miracle: after more than 15 minutes it has appeared as connected in ODIN and was possible to flash back a ROM).
Click to expand...
Click to collapse
I'll just try that. I have no hope of it working, but hey, it's not like I'm using the Tab for anything else right now
patomas said:
My tab some ago was in a similar state (complete black and didnt show in ODIN).
My luck was that it was stuck in some kind of download mode. Leaving it connected to the computer has made a miracle: after more than 15 minutes it has appeared as connected in ODIN and was possible to flash back a ROM).
Click to expand...
Click to collapse
While the Tab was at a black screen, did you ever press the power button or did you just leave it alone for Odin to eventually find it?
rotohammer said:
While the Tab was at a black screen, did you ever press the power button or did you just leave it alone for Odin to eventually find it?
Click to expand...
Click to collapse
While you're here... any chance of both STL and BML dumps of your (hopefully proper) PBL and SBL ?
Chainfire said:
While you're here... any chance of both STL and BML dumps of your (hopefully proper) PBL and SBL ?
Click to expand...
Click to collapse
Of course. I have dumps of everything. I'm just about to run some diffs to make sure my current bootloaders are ok, I can't remember what Ive flashed
Related
Hi All,
Just curious how I would go about flashing a replacement bootloader to a Samsung Galaxy S?
I am trying to do this because my phone doesn't allow the 3 button boot mode into recovery or download mode.
I know you can activate it by running
adb reboot recovery
or
abd reboot download
However if I end up with a bad flash I will never be able to do that 3 button recovery so in essense I will brick my phone.
From the BML map
http://forum.xda-developers.com/wiki/index.php?title=Samsung_Galaxy_S#Modifications
My guess is the bootloader I am looking for is at BML5
I have sucessfully backed up my BML5 from my 'neutered' phone and tonight will be backing up a BML5 from a phone which has 3 button mode active.
I backed them up using this command
dd if=/dev/block/bml5 of=/sdcard/bml5.bak
I will compare the two after this but am pretty confident they will be different. If they are different how can I go about copying a 3 button recovery mode bootloader to my device?
This post
http://forum.xda-developers.com/showpost.php?p=7610625&postcount=29
suggests there is a way to write to the bml however it is strongly discouraged.
Is there another way I can copy a non 'neutered' bootloader?
keep up the good work,
it'll be cool if you or anyone with that knowledge can get it working.
then we wont have to go back to the stores to exchange the Neutered phones
Odin?
Sent from my GT-I9000 using XDA App
it may be unwise to flash only the bml5. if the bml4 is different between the two phones, and references something in the bml5 that is also different, it may cause a brick state.
i would suggest backing up bml1-12 and comparing them. at the least bml4 and bml5 as they both deal with the secondary program loader, which should enable the 3button boot to recover if there is an error.
good work none the less
Odin doesn't work because one essential condition for Odin working is phone conected in download mode. Or, without phone in downloadmode Odin is no working.
Oef, difficult one. But what is the chance of having a bad flash by flashing a tar-ed Sbl.bin and/or boot.bin with Odin? Just wondering...
dentimarius said:
Odin doesn't work because one essential condition for Odin working is phone conected in download mode. Or, without phone in downloadmode Odin is no working.
Click to expand...
Click to collapse
Well you can get the phone into download mode by running
adb reboot download
so that isn't a problem... however I still am unsure how to flash it...
I suppose this would possibly work (in su)
dd if=/sdcard/bm5.bak of=/dev/block/bm5
but I am not game to run that until someone here with a bit more knowledge knows if it will work.
phoenixdigital said:
Hi All,
Just curious how I would go about flashing a replacement bootloader to a Samsung Galaxy S?
I am trying to do this because my phone doesn't allow the 3 button boot mode into recovery or download mode.
I know you can activate it by running
adb reboot recovery
or
abd reboot download
However if I end up with a bad flash I will never be able to do that 3 button recovery so in essense I will brick my phone.
From the BML map
http://forum.xda-developers.com/wiki/index.php?title=Samsung_Galaxy_S#Modifications
My guess is the bootloader I am looking for is at BML5
I have sucessfully backed up my BML5 from my 'neutered' phone and tonight will be backing up a BML5 from a phone which has 3 button mode active.
I backed them up using this command
dd if=/dev/block/bml5 of=/sdcard/bml5.bak
I will compare the two after this but am pretty confident they will be different. If they are different how can I go about copying a 3 button recovery mode bootloader to my device?
This post
http://forum.xda-developers.com/showpost.php?p=7610625&postcount=29
suggests there is a way to write to the bml however it is strongly discouraged.
Is there another way I can copy a non 'neutered' bootloader?
Click to expand...
Click to collapse
I see that you are going in a very good hackable way ...
Contact @ Cotulla
phoenixdigital said:
Well you can get the phone into download mode by running
adb reboot download
so that isn't a problem... however I still am unsure how to flash it...
I suppose this would possibly work (in su)
dd if=/sdcard/bm5.bak of=/dev/block/bm5
but I am not game to run that until someone here with a bit more knowledge knows if it will work.
Click to expand...
Click to collapse
i would definitely recommend odin for that! did you try to flash a international firmware version like XWJM2 as it contains a bootloader that allows the 3 button goto download/recovery mode? you can use odin to just flash boot.bin and Spl.bin to just replace the 1st and 2nd bootloader...
what is your exact hardware version of the device? i think you have to be very careful when you want to replace the bootloader(s) to not brick your phone!!
jodue said:
i would definitely recommend odin for that!
Click to expand...
Click to collapse
how would I package up the backup via dd into something that odin would be able to use?
jodue said:
did you try to flash a international firmware version like XWJM2 as it contains a bootloader that allows the 3 button goto download/recovery mode? you can use odin to just flash boot.bin and Spl.bin to just replace the 1st and 2nd bootloader...
what is your exact hardware version of the device? i think you have to be very careful when you want to replace the bootloader(s) to not brick your phone!!
Click to expand...
Click to collapse
My device is
My phone specs
Model: GT-I9000
Firmware: 2.1-update1
Baseband: I9000DTJG3
Kernel: 2.6.29 [email protected] #2
Build Number: ECLAIR.DTJG4
Would that be suitable for the XWJM2?
Thanks for the response too.
Ok I have backed BML4 and BML5 for the following
1) My 'neutered' phone on DTJG4 - I will call this NEUT1
2) A 3 click working phone on DTJG3 - I will call this 3Click1
3) A 3 click working phone on DTJG4 - I will call this 3Click2
the BML5 backup from all of the phones just contains FFFFFFFFFF data and nothing else
BML4 is definitely different between NEUT1 and 3Click2
BML4 is the same for 3Click1 and 3Click2 so the JG4 update doesn't touch the bootloader...
Soooooooo.... How do I write this working BML4 to my NEUT1 device
Anyone? Bueller?
phoenixdigital said:
how would I package up the backup via dd into something that odin would be able to use?
My device is
My phone specs
Model: GT-I9000
Firmware: 2.1-update1
Baseband: I9000DTJG3
Kernel: 2.6.29 [email protected] #2
Build Number: ECLAIR.DTJG4
Would that be suitable for the XWJM2?
Thanks for the response too.
Click to expand...
Click to collapse
i think so but i am curious why your device doesn't allow the 3 button combo in the first place? is it provider bound? if yes, which one? i'm not sure if you can flash a open firmware onto a branded sgs but i think so! does anybody else has experience with that? btw. you can find boot.bin & Spl.bin in the pda archive of the firmwares but i wouldn't flash them before you can be sure it won't brick your sgs...
jodue said:
i think so but i am curious why your device doesn't allow the 3 button combo in the first place? is it provider bound? if yes, which one?
Click to expand...
Click to collapse
It is OPTUS Australia... in recent weeks there have been a few phones being released by Optus which have the 3 button click disabled. So it appears either Samsung or Optus are disabling it.
If someone else in Australia who has rooted their phone and knows a bit of unix can run this command from a terminal on their phone
su
dd if=/dev/block/bml4 of=/sdcard/bml4.bak
then post the bml4.bak file up somewhere I can compare it to the ones I have.
It doesn't even have to be australia anyone's would be good to compare.. just let me know what firmware you are running too.. and if the 3 click mode works for you.
jodue said:
i'm not sure if you can flash a open firmware onto a branded sgs but i think so! does anybody else has experience with that? btw. you can find boot.bin & Spl.bin in the pda archive of the firmwares but i wouldn't flash them before you can be sure it won't brick your sgs...
Click to expand...
Click to collapse
I have heard of people in Australia using these Eurpoean firmwares so I should be safe there.
I wont be flashing anything until we get some advice from some senior members of this forum. I am still thinking
dd if=/sdcard/bml4.bak of=/dev/block/bml4
should do the trick but I am too scared to run it
Ok I grew a pair and flashed JM5... It flashed successfully but the 3 button mode still doesn't work...
Hmmmmmm... so the 3 button mode isn't in boot.bin or Spl.bin???
I extracted bml4 and it has not changed at all?
phoenixdigital said:
Ok I grew a pair and flashed JM5... It flashed successfully but the 3 button mode still doesn't work...
Hmmmmmm... so the 3 button mode isn't in boot.bin or Spl.bin???
I extracted bml4 and it has not changed at all?
Click to expand...
Click to collapse
strange because it should be in the 1st bootloader ...
sorry for the stupid question but i haveto ask the obvious. are you sure pressing the 3 buttons doesn't work at all? it can be tricky and often it doesn't work so maybe you are just doing something wrong? have you tried holding home+voldown and then just press power once? this is all very strange! why forbid the key combination and still allow adb boot download? makes no sense to me!
jodue said:
sorry for the stupid question but i haveto ask the obvious. are you sure pressing the 3 buttons doesn't work at all?
This is all very strange! why forbid the key combination and still allow adb boot download? makes no sense to me!
Click to expand...
Click to collapse
Yep definitely pressing them right. I performed it perfectly on the non neutered phone just an hour ago and it worked perfectly.
phoenixdigital said:
Yep definitely pressing them right. I performed it perfectly on the non neutered phone just an hour ago and it worked perfectly.
Click to expand...
Click to collapse
have you tried re-extracting the bml4 from your neut1 phone and see if it is identical to the bml4 you extracted from the 3click phones? maybe it didn't flash correctly if at all?
phoenixdigital said:
Ok I grew a pair and flashed JM5... It flashed successfully but the 3 button mode still doesn't work...
Hmmmmmm... so the 3 button mode isn't in boot.bin or Spl.bin???
I extracted bml4 and it has not changed at all?
Click to expand...
Click to collapse
Here's a Quote from another thread:
mike.sw said:
Hey again
I'm looking the flash.bat and see it need two files that my firmware (I9000JPJG8) don't have in zip/tar file:
-boot boot.bin -sbl Sbl.bin
How heimdall will handle it? Is it safe to go on?
Click to expand...
Click to collapse
Seems like some firmwares out there don't contain the bootloader. Therefore, when you flash such a firmware, the bootloader section will remain unchanged even after flashing. Maybe you should check JM5 if it even contains the bootloader section in it or not.
wang1chung said:
have you tried re-extracting the bml4 from your neut1 phone and see if it is identical to the bml4 you extracted from the 3click phones? maybe it didn't flash correctly if at all?
Click to expand...
Click to collapse
I think that was the issue actually. When I flashed JM5 in odin I selected the
PIT
PDA
PHONE
CSA
I also ticked Re-Partition (Is this really needed if you are remaining on 512-PIT?)
When it rebooted the phone went through some terminal screens and appeared to give an error. Something to do with there being two CSC config files... can't remember the exact error. So it's possible it never got to the section where it replaced the bootloader...
It did however manage to update the firmware for PDA as the JM5 European firmware was definitely installed.
So a few questions about ODIN
Is it flashing the phone directly or just uploading the .bin and .rfs files to the phone?
If it's just uploading the .bin and .rfs files when the phone reboots after a flash does the phone then install/flash these .bin and.rfs files to the final location when it reboots after ODIN?
So in short is ODIN flashing or is the phone actually flashing after ODIN has uploaded the update files?
Do you really need to tick re-partition if you are staying on 512-PIT?
just a FYI
according to a post in the General forums, Samsung is aware of the problem, and might release the fix with their next official ROM
First, I'm an idiot,,,got new to android,,had no idea about flashing,, so I just randomly picked a Rom, and turned out its a GT-N7100 ROM, now my phone has no signal at all,,, anyone know how to flash back ? or I have to wait a att ROM come out?
BTW, Im with Rogers.
Thanks:laugh:
your gonna have to wait till either someone makes a odin back with a stock rom or makes a stock rom you can flash via recovery.
EDIT: did you make a backup?
this reminds me of the following youtube video:
http://www.youtube.com/watch?v=wwleOote5M0
Can you give a link to the firmware you flashed? It'd be useful to know if it contained a modem and/or kernel (or not.)
If it contained a modem, you'll need another modem. If it contained a kernel, you'll need another kernel. We have those. Regardless, you'll need to talk someone into getting you a system image (someone that has the same phone as you and has already rooted.)
Also, do you have CWM recovery installed? Is the existing firmware (as trashed as it might be) rooted? Can you use adb?
im an idiot
garyd9 said:
this reminds me of the following youtube video:
http://www.youtube.com/watch?v=wwleOote5M0
Can you give a link to the firmware you flashed? It'd be useful to know if it contained a modem and/or kernel (or not.)
If it contained a modem, you'll need another modem. If it contained a kernel, you'll need another kernel. We have those. Regardless, you'll need to talk someone into getting you a system image (someone that has the same phone as you and has already rooted.)
Also, do you have CWM recovery installed? Is the existing firmware (as trashed as it might be) rooted? Can you use adb?
Click to expand...
Click to collapse
nope,, I didnt back up anything,,
heres the ROM link I used.
http://forum.xda-developers.com/showthread.php?t=1925402
...
I just opened the file you linked to.. it includes a modem, kernel, etc.
I know you won't be happy with this, but until an ODIN image shows up, you're kind of out of luck. If someone you know has the same phone, you could ask them to do a backup to an external memory card, and then you restore that backup to your device. Assuming the modem wasn't flashed when you installed, that would get you back into business. If a modem was flashed, you'll need to get someone to extract a modem (and I'm not sure how to go about doing that.)
garyd9 said:
Please answer ALL of these questions. I can't help you if you don't answer them all...
Does your phone work now, with the exception of connecting to the mobile network?
Are you familiar with adb? If so, are you able to get a shell via adb?
When you plug your phone into your computer, are you able to copy files to/from the phone?
Which custom recovery do you have installed? CWM recovery or TWRP?
Is your phone rooted? (it probably is with a custom firmware - assuming the phone works at all.)
Click to expand...
Click to collapse
sorry buddy,,,
right now, the phone has no signal, asking for a sim card, which Ive already inserted it.
noepe, I donno what adb is, I tried google it, but I think its too complicate for me.
I'm able to copy files into or from my phone( SD card)
i rooted my phone through this:
http://forum.xda-developers.com/showthread.php?t=1923956
donno if i successed,,, but it has a superSU on my screen after I done it,(guess it count as rooted?) and I may used the TWRP
thank you for your help....
now Im back to my old Iphone 4
I updated that post. Basically, I can't think of anything you can do right now.. until an ODIN dump is available - or if someone gets you a backup you can restore. However, a backup won't flash the proper modem (and it appears you also overwrote the modem.)
garyd9 said:
I updated that post. Basically, I can't think of anything you can do right now.. until an ODIN dump is available - or if someone gets you a backup you can restore. However, a backup won't flash the proper modem (and it appears you also overwrote the modem.)
Click to expand...
Click to collapse
so, if theres a ATT ROM avaiable in the future,,,I can use my phone again by flashing the ATT ROM?
callmejoe1 said:
so, if theres a ATT ROM avaiable in the future,,,I can use my phone again by flashing the ATT ROM?
Click to expand...
Click to collapse
Was the phone originally from AT&T or Rogers?
callmejoe1 said:
First, I'm an idiot,,,got new to android,,had no idea about flashing,, so I just randomly picked a Rom, and turned out its a GT-N7100 ROM, now my phone has no signal at all,,, anyone know how to flash back ? or I have to wait a att ROM come out?
BTW, Im with Rogers.
Thanks:laugh:
Click to expand...
Click to collapse
Welcome to club i've been here for 6 days... it's a crappy feeling especially when its your work phone :[
garyd9 said:
Was the phone originally from AT&T or Rogers?
Click to expand...
Click to collapse
with rogers,but I heard ppl say ATT AND ROGERS‘s ROM can be equivalent , are they ?
callmejoe1 said:
with rogers,but I heard ppl say ATT AND ROGERS‘s ROM can be equivalent , are they ?
Click to expand...
Click to collapse
Perhaps - perhaps not. Until one actually flashes from the other, we don't know. (Many will tell you that they've done it with a different phone model - my answer to that is simply that it was a different phone model. Until its tried with THIS one, we can only guess.)
I think the biggest stumbling block for you right now is the modem. We have a stock kernel and recovery. A "near" stock system partition image can also be made from another device with a simple command. I have to be honest, though, that I have no clue how to extract the modem from these LTE phones.
A recovery (and kernel) can easily be flashed with ODIN (or with dd from a rooted shell.) Same for the system partition (which is, basically, the OS.) Getting a system image might be annoying, as you'd need to find someone with a roger's phone to make it for you, upload it, etc.
The modem, however... I'm not sure how to go about getting that for you. I've never had to create a modem image...
If/when a ODIN package appears, you can use a program that will, basically, reflash your entire phone to stock. Modem, kernel, recovery, bootloader, etc. Everything. Normally, users wouldn't see those ODIN packages, but there are a couple of websites that have access to some samsung servers where they a put. Once they are put there, we can get it...
Take care
Gary
Mobiletechvideos. Have them Jtag it for you.
Sent from my SAMSUNG-SGH-I317 using Tapatalk 2
Just me happy you don't have the note 1 if you would have made that same mistake you could have bricked your phone
envision said:
Just me happy you don't have the note 1 if you would have made that same mistake you could have bricked your phone
Click to expand...
Click to collapse
Yup your very lucky
I firmly believe you cna just flash your modem and kernel on top and it will be fine ,.
im hella busy this weekend but im sure we can get you fix withou a single $$ injected on your part
DAGr8 said:
I firmly believe you cna just flash your modem and kernel on top and it will be fine ,.
im hella busy this weekend but im sure we can get you fix withou a single $$ injected on your part
Click to expand...
Click to collapse
Looking forward to this remedy as this is the reason I am jumping from att Galaxy S 3 to the note2. Want my international dev community back!
Unfortunately so far down here in Southern Florida Miami beach there is no white Note 2 anywhere.
For those that have the ATT version of the Note 2, if you've mistakenly flashed the ROM, I highly suggest visiting your nearest AT&T Device Support Center. Since I've previously worked in those centers, they have a propietary Samsung flashing tool that allows them to flash to the stock ROM, even if it's rooted. Granted they'll be able to tell if you've rooted it or not (which may or may not void the warranty, depending on who you talk to), as long as the phone can turn on and go to firmware recovery mode, the flashing works almost 100% of the time and it's a free service.
However, as I got my Note 2 yesterday, I've contacted my nearest DSC and they said that they don't have the ability to flash the Note 2 yet and they may have that ability to do so in the next few weeks or possibly by the end of the year (if you can wait that long). Being that the associates are just corporate drones, if they can't fix it, they'll more than likely replace your phone under warranty (which I don't suggest since the replacements are refurbished, and besides you should be within the 14 day return period for a new phone).
Sorry if it doesn't help the ones who have the Rogers versions.
DAGr8 said:
I firmly believe you cna just flash your modem and kernel on top and it will be fine ,.
im hella busy this weekend but im sure we can get you fix withou a single $$ injected on your part
Click to expand...
Click to collapse
would you mind if you can post the link for the modem and kernel please?
thank you
DAGr8 said:
I firmly believe you cna just flash your modem and kernel on top and it will be fine ,.
im hella busy this weekend but im sure we can get you fix withou a single $$ injected on your part
Click to expand...
Click to collapse
Im having the same problem. I hope you can roll out a fix!
I just bought this metro s3 and wanted to root it, well supersu was giving error everytime I tapped it so I decided to try an unroot with many of the methods on here and along the way ended up where my phone will not get past the galaxy siii sgh-t999n boot screen.
I used odin to do this, my phone is not being recognized under auto play but pc makes the connection sound when I plug usb in to my pc.
anyways I'm stuck at that screen and can only enter odin recovery on my phone and I have tried factory reset and still end up at the same boot screen and left it like that all night an woke up to the same screen.
I'm hoping this is not not a $300. brick.
I did download the files from a thread that described the files below were for the "T999l & T999n" and IF there was any difference int he files then the OP would point that out he said and I tripple checked to make sure in the section of the listed files to download did not mention the T999n was not for those specific files but there was nothing mentioned..
Please link the said thread.
You have not specified the firmware and android version you had before all this happened. Please specify that. Next Course of action depends on as much information you could provide about previous setup, Bootloader, Rom, Kernel & Baseband.
I think you only have a Non-Bootable Rom. I'd call that as a soft-Brick and not Hard-Brick. So there's no chance of you getting a $300 Paperweight. :laugh:
Having said that, given that all you want is Root, then
1. Flash Root66 version of your Firmware.
Perseus71 said:
Please link the said thread.
You have not specified the firmware and android version you had before all this happened. Please specify that. Next Course of action depends on as much information you could provide about previous setup, Bootloader, Rom, Kernel & Baseband.
I think you only have a Non-Bootable Rom. I'd call that as a soft-Brick and not Hard-Brick. So there's no chance of you getting a $300 Paperweight. :laugh:
Having said that, given that all you want is Root, then
1. Flash Root66 version of your Firmware.
Click to expand...
Click to collapse
Well I have solved my boot issues my installing CWM (which before would not stick after boot) and flashing 3 files from Docholiday on a thread but now the phone boots up as a T999L 4g LTE and has changed the model number under about phone. I have to unlock the phone as I only have a tmobile sim for this said Metropcs T999N device so I will see what happens after I try to unlock it.
thanks you for your prompt response!!
If Settings > About > Model is the only problem you have, then use Build.prop Editor from Playstore and change the value for RO.BUILD.DISPLAY.ID. Set it to what your device is.
Im not bothered by it myself as long as it wont effect my device?? also effect any future updates or when a program tries to sync with my device or anything other??
I don't believe there would be issues of this nature.
- The one labeled Factory is the Combination file; the other one is consumer/retail firmware
- As with other current devices, I'm assuming that "Odin 3.13 3b patched" will be needed in order to flash the stock firmware, and that the Combination file will fail to flash, until a method is found
- Once the device is released, retail firmware will be available via SamFirm and other sources, so I'm really only providing this now as early access, for anyone that wants to dig in and play around and see what they can find, etc
- I compress extra small for space and bandwidth savings. The default Windows extractor can't handle it, so you'll need a 3rd party tool like 7zip, WinRAR, etc
Happy flashing!
https://www.androidfilehost.com/?w=files&flid=297936
There's a working firmware released already.
Thanks for the Combination ROM.
Cheers.
JazonX said:
There's a working firmware released already.
Thanks for the Combination ROM.
Cheers.
Click to expand...
Click to collapse
did you flash combination?
iBowToAndroid said:
- The one labeled Factory is the Combination file; the other one is consumer/retail firmware
- As with other current devices, I'm assuming that "Odin 3.13 3b patched" will be needed in order to flash the stock firmware, and that the Combination file will fail to flash, until a method is found
- Once the device is released, retail firmware will be available via SamFirm and other sources, so I'm really only providing this now as early access, for anyone that wants to dig in and play around and see what they can find, etc
- I compress extra small for space and bandwidth savings. The default Windows extractor can't handle it, so you'll need a 3rd party tool like 7zip, WinRAR, etc
Happy flashing!
https://www.androidfilehost.com/?w=files&flid=297936
Click to expand...
Click to collapse
Thanks my dear, I am not sure if this will fix my problem, but I feel it will, I lost the EFS file by mistake and lost the IMEI.
Best Regards
tarik2 said:
Thanks my dear, I am not sure if this will fix my problem, but I feel it will, I lost the EFS file by mistake and lost the IMEI.
Best Regards
Click to expand...
Click to collapse
Hello There
Did it fix your issue?
Tarar said:
Hello There
Did it fix your issue?
Click to expand...
Click to collapse
Hi,
No, I tried a lot to install it but since Samsung S10 and above Samsung made a special security things to stop us installing the Combination ROM, I used all available methods like TWRP but the ROM never boot, but you can see my fix here: https://forum.xda-developers.com/ga...nt/fixed-repair-imei-fix-deleted-efs-t4011433
Tarar said:
Hello There
Did it fix your issue?
Click to expand...
Click to collapse
I am still trying, please check https://forum.xda-developers.com/galaxy-note-10+/help/n975f-restarting-flashing-combination-t4063557
I've figured out how to do it.
Not free though
can someone find Combination (Factory) for N9750 with U2 N9750ZSU2CTD1 or N9750ZSU2BTC1 firmwares.
I got FRP lock after instalation last firmware with root. Cant enter in recovery, load only in download mode
Hello community, I need some explanation first if my approach is incorrect. I am trying to downgrade to Android 10, but i was soul-crashed after reading some information about the bit/binary value that samsung uses on its firmware(basically you cant downgrade if this value is not equal to your targeted frimware). However even though i feel scammed by Samsung, i would like to ask you the community as my final resort to guide me.
Is there some way i can trick SW REV checker or delete this partition containing this binary file?. Does "deleting" it affect my ability to boot into the download mode?
{Temp_User} said:
Hello community, I need some explanation first if my approach is incorrect. I am trying to downgrade to Android 10, but i was soul-crashed after reading some information about the bit/binary value that samsung uses on its firmware(basically you cant downgrade if this value is not equal to your targeted frimware). However even though i feel scammed by Samsung, i would like to ask you the community as my final resort to guide me.
Is there some way i can trick SW REV checker or delete this partition containing this binary file?. Does "deleting" it affect my ability to boot into the download mode?
Click to expand...
Click to collapse
you can downgrade by simply flashing system,kernel and vendor from android 10 on twrp
JuanTamqd21 said:
you can downgrade by simply flashing system,kernel and vendor from android 10 on twrp
Click to expand...
Click to collapse
Hi, thank you for the reply.
Sorry for the late reply. I will try this today
JuanTamqd21 said:
you can downgrade by simply flashing system,kernel and vendor from android 10 on twrp
Click to expand...
Click to collapse
Okay. I am may be misunderstanding something because this way did not work for me. Do I have to manually extract files from the lz4 files?
{Temp_User} said:
Okay. I am may be misunderstanding something because this way did not work for me. Do I have to manually extract files from the lz4 files?
Click to expand...
Click to collapse
well, I can provide vendor and kernel in telegram. You can also get them by extracting lz4 files
make sure its from Android 10/Q/one ui 2.x firmware
I have with me the latest (previous) android 10 . I have extracted correctly ( used 7-zip zstd ) the lz4 files and flashed the vendor, system and kernel in that order.
upon reboot, I can not get past the splash screen. However i do see that an error appears on top left of my screen as CHECK FAIL binary 7(BOOT). The words are not clear though.
What did i do wrong?
JuanTamqd21 said:
well, I can provide vendor and kernel in telegram. You can also get them by extracting lz4 files
make sure its from Android 10/Q/one ui 2.x firmware
Click to expand...
Click to collapse
please provide an in-depth process?
Okay, so after a number of attempts i finally have android 10/Q on my phone. Keep in mind that i am not tech savvy, as all this was a guessing game(well not all of it)
I will share my story and hope it may be useful to others who intend to downgrade their android version.
SW REV ERRORSYou cannot and you should not change the bit version. If you see this error, it means you tried to flash a firmware or maybe just a boot file that is outdated or incompatible with the current secure boot loader.
With my limited knowledge, I went with what was easier for me at the time of writing this,
Flash latest firmware for model A505F,(yours may differ) using Odin.(SUCCESS)Boot into system normally.(make sure the OEM unlock is greyed out.Flash the latest custom recovery(TWRP or 'sky hawk recovery project', I chose the latter. )Boot into your recovery and Format data., also make advanced wipes. System kernel vendor Dalvik Cache Data.Pay attention to what exactly you are wiping.With your targeted firmware (A10) somewhere nearby, I recommend to use a reliable tool to extract the lz4 compressed file. I used this to get 'system.img' 'vendor.img' 'boot.img' . If you are on windows, look at the type column in your file explorer or enable 'view filename extension'.Flash/Install the image files in your recovery. Be patient.
Here is the tricky part for me. the boot loader wont accept this older kernel.(thus the boot loops).
A faster way to work around this, is installing a custom kernel that supports android 10. e.g. quantum kernel.
You may have to reboot a number of times before you can get past the splash screen. Be patient.Success, you now have a weird but working system. (I call it weird because the kernel you will use will carry along with its bugs e.g. camera fails, random reboots.)You can not update the system. this may be due to the different AP/CP/CSC/ match. This is not a step by step guide, i am only sharing with the public what i did to get my final point.
Of course this goes without saying that you are attempting a risky route and you the user shall carry all responsibility.
{Temp_User} said:
Okay, so after a number of attempts i finally have android 10/Q on my phone. Keep in mind that i am not tech savvy, as all this was a guessing game(well not all of it)
I will share my story and hope it may be useful to others who intend to downgrade their android version.
SW REV ERRORSYou cannot and you should not change the bit version. If you see this error, it means you tried to flash a firmware or maybe just a boot file that is outdated or incompatible with the current secure boot loader.
With my limited knowledge, I went with what was easier for me at the time of writing this,
Flash latest firmware for model A505F,(yours may differ) using Odin.(SUCCESS)Boot into system normally.(make sure the OEM unlock is greyed out.Flash the latest custom recovery(TWRP or 'sky hawk recovery project', I chose the latter. )Boot into your recovery and Format data., also make advanced wipes. System kernel vendor Dalvik Cache Data.Pay attention to what exactly you are wiping.With your targeted firmware (A10) somewhere nearby, I recommend to use a reliable tool to extract the lz4 compressed file. I used this to get 'system.img' 'vendor.img' 'boot.img' . If you are on windows, look at the type column in your file explorer or enable 'view filename extension'.Flash/Install the image files in your recovery. Be patient.
Here is the tricky part for me. the boot loader wont accept this older kernel.(thus the boot loops).
A faster way to work around this, is installing a custom kernel that supports android 10. e.g. quantum kernel.
You may have to reboot a number of times before you can get past the splash screen. Be patient.Success, you now have a weird but working system. (I call it weird because the kernel you will use will carry along with its bugs e.g. camera fails, random reboots.)You can not update the system. this may be due to the different AP/CP/CSC/ match. This is not a step by step guide, i am only sharing with the public what i did to get my final point.
Of course this goes without saying that you are attempting a risky route and you the user shall carry all responsibility.
Click to expand...
Click to collapse
Hello, you will not be able to downgrade your phone to Android 11, if it is not on theese firmware updates:
Of course, the reason is, that the binaries of newer updates are higher, than 7 (A505FNPUU7CUC2).
vmirrimv said:
Of course, the reason is, that the binaries of newer updates are higher, than 7 (A505FNPUU7CUC2).
Click to expand...
Click to collapse
So long as we both happy and got what we wanted. I finally have a working android 10 on my device(coming from a11)
vmirrimv said:
Hello, you will not be able to downgrade your phone to Android 11, if it is not on theese firmware updates:
Click to expand...
Click to collapse
You are correct. I gave up on changing the binaries after seeing it was impossible.
Camera should still work on custom android 10 one ui roms and GSI. I think I tested them before.