Develop Bugs

Bricked Phone After Magisk Install

Today, my phone got bricked after I installed Magisk, am i am looking for a way of sorting it out. The phone was running Android 9 DP3 when rooted, and I was following HighOnAndroids root guide on Youtube for reference,
I unlocked my bootloader and successfully installed TWRP. After this, I installed Magisk, which went throuygh perfectly fine. However, after rebooting the phone, I am stuck on the google splash screen, with a small progress bar that stays for the duration of the time on this screen. After about 2 minutes, the phone reboots into TWRP again.
Does anyone know how I could return to stock Android or at least escape this issue?
Many thanks
James

Jameswebb97 said:
Today, my phone got bricked after I installed Magisk, am i am looking for a way of sorting it out. The phone was running Android 9 DP3 when rooted, and I was following HighOnAndroids root guide on Youtube for reference,
I unlocked my bootloader and successfully installed TWRP. After this, I installed Magisk, which went throuygh perfectly fine. However, after rebooting the phone, I am stuck on the google splash screen, with a small progress bar that stays for the duration of the time on this screen. After about 2 minutes, the phone reboots into TWRP again.
Does anyone know how I could return to stock Android or at least escape this issue?
Many thanks
James
Click to expand...
Click to collapse
Use duces script to flash June google factory image.

jlokos said:
Use duces script to flash June google factory image.
Click to expand...
Click to collapse
I followed the guide on the DeucesScript XDA page but the command window keeps saying "'fastboot' is not recognized as an internal or external command, operable program or batch file."

Jameswebb97 said:
I followed the guide on the DeucesScript XDA page but the command window keeps saying "'fastboot' is not recognized as an internal or external command, operable program or batch file."
Click to expand...
Click to collapse
You need this information (the stuff I made bold + the hyperlink):
Code:
If you are having issues with this script:
Download the latest fastboot and adb Platform Tools UPDATED Dec. 22, 2017!!! This is the most common problem!!!
Download/Update Google USB Drivers
Video: Force-Installing the Android USB Drivers Fastboot & ADB
[B]Verify you have the [URL="https://wiki.lineageos.org/adb_fastboot_guide.html"]environment variable (path)[/URL] set for adb and fastboot[/B]
Try a different USB port
Try a different cable
Format Userdata in Stock Recovery
Try to boot stock before doing mods like Locking Bootloader / Kernel / TWRP / Magisk

Jameswebb97 said:
I followed the guide on the DeucesScript XDA page but the command window keeps saying "'fastboot' is not recognized as an internal or external command, operable program or batch file."
Click to expand...
Click to collapse
umph....hate to tell you, but you have a long way to go...
so before going on this "journey", I would suggest you booting into TWRP again, and try installing (not adb sideloading, just in case you're doing that) Magisk again. Also, be sure you are using the latest (might be considered "beta") 16.4 for taimen... I'm thinking your boot.img or dtbo.img simply may have gotten glitchy and repatching (by installing Magisk again) might fix it...
Also, if you want to go a step further, you might want to consider using the official Magisk uninstaller. Since Magisk makes a copy of your stock boot and dtbo image, it may put that back so you can get it in working order to get into the system (although without root), and then figure things out and/or reinstall Magisk (through TWRP is best) while all things Magisk was removed...
Good luck and hope this helps....

Make sure you are trying to open from the correct location, and put .\fastboot

EvilDobe said:
You need this information (the stuff I made bold + the hyperlink):
Code:
If you are having issues with this script:
Download the latest fastboot and adb Platform Tools UPDATED Dec. 22, 2017!!! This is the most common problem!!!
Download/Update Google USB Drivers
Video: Force-Installing the Android USB Drivers Fastboot & ADB
[B]Verify you have the [URL="https://wiki.lineageos.org/adb_fastboot_guide.html"]environment variable (path)[/URL] set for adb and fastboot[/B]
Try a different USB port
Try a different cable
Format Userdata in Stock Recovery
Try to boot stock before doing mods like Locking Bootloader / Kernel / TWRP / Magisk
Click to expand...
Click to collapse
Ive tried all of this now, i got the script working, but now the phne says it is corrupt and i cannot get into recovery. Is this game over do you think?

simplepinoi177 said:
umph....hate to tell you, but you have a long way to go...
so before going on this "journey", I would suggest you booting into TWRP again, and try installing (not adb sideloading, just in case you're doing that) Magisk again. Also, be sure you are using the latest (might be considered "beta") 16.4 for taimen... I'm thinking your boot.img or dtbo.img simply may have gotten glitchy and repatching (by installing Magisk again) might fix it...
Also, if you want to go a step further, you might want to consider using the official Magisk uninstaller. Since Magisk makes a copy of your stock boot and dtbo image, it may put that back so you can get it in working order to get into the system (although without root), and then figure things out and/or reinstall Magisk (through TWRP is best) while all things Magisk was removed...
Good luck and hope this helps....
Click to expand...
Click to collapse
This is good advice, thanks. i have a new problem (ugh), where i got the script working through changing the paths, but now the phone says that it is corrupt and i cannot access TWRP. Game over?

Jameswebb97 said:
Ive tried all of this now, i got the script working, but now the phne says it is corrupt and i cannot get into recovery. Is this game over do you think?
Click to expand...
Click to collapse
With the unlocked bootloader it'll always say the device is corrupt. Manually put the device into the bootloader & flash the DeucesScript. You're basically starting over at this point but it is possible to get up & going again.

Jameswebb97 said:
This is good advice, thanks. i have a new problem (ugh), where i got the script working through changing the paths, but now the phone says that it is corrupt and i cannot access TWRP. Game over?
Click to expand...
Click to collapse
EvilDobe said:
With the unlocked bootloader it'll always say the device is corrupt. Manually put the device into the bootloader & flash the DeucesScript. You're basically starting over at this point but it is possible to get up & going again.
Click to expand...
Click to collapse
EvilDobe might be right...but I have a bit to offer before maybe starting all over...
I doubt you needed to edit the script and "change the paths." Most likely you merely did not have the images (you extracted from the .zip of the Full Factory image you got from the Google Developers site) inside the "platform-tools" folder with the adb & fastboot .exe and all the other files and folders.
In any case, I suggest you get the TWRP image file [.img] (NOT the installer .zip necessarily), put the .img file "... inside the "platform-tools" folder with the adb & fastboot .exe and all the other files and folders." (I've seen some users simply cut and paste those 2 .exe files only to the extracted folder -- this is why I state it this way) Then, power down your device. After it's off, hold down the Volume Down button and press & hold the Power button (this is the manual way to get into the Bootloader Mode). Once there, plug your phone into your computer (USB-A to USB-C would be best) and open a command prompt/powershell ("run as administrator" or with administrative priveleges) and direct it to the platform-tools folder (i.e. if I put it on my desktop, it would be "C:\Users\MyName\Desktop\platform-tools"), you can temporarily boot into TWRP via command
Code:
fastboot boot twrp-3.2.1-2-taimen.img
When in TWRP (hopefully), I suggest trying to do what I advised before -- try either Magisk installer to repatch the boot and dtbo image, or Magisk Uninstaller to attempt to replace your boot and dtbo to stock.
*NOTE: Of course, this is assuming you are running Microsoft Windows (if not, you will need to input .\ as @naiku suggested) and also the whole "device is corrupt" is due to "funky" boot image issues. If not, I/we can guide you to flashing the Full Factory back onto the phone (hopefully without losing data and settings)...
Good luck and hope this helps...

simplepinoi177 said:
EvilDobe might be right...but I have a bit to offer before maybe starting all over...
I doubt you needed to edit the script and "change the paths." Most likely you merely did not have the images (you extracted from the .zip of the Full Factory image you got from the Google Developers site) inside the "platform-tools" folder with the adb & fastboot .exe and all the other files and folders.
In any case, I suggest you get the TWRP image file [.img] (NOT the installer .zip necessarily), put the .img file "... inside the "platform-tools" folder with the adb & fastboot .exe and all the other files and folders." (I've seen some users simply cut and paste those 2 .exe files only to the extracted folder -- this is why I state it this way) Then, power down your device. After it's off, hold down the Volume Down button and press & hold the Power button (this is the manual way to get into the Bootloader Mode). Once there, plug your phone into your computer (USB-A to USB-C would be best) and open a command prompt/powershell ("run as administrator" or with administrative priveleges) and direct it to the platform-tools folder (i.e. if I put it on my desktop, it would be "C:\Users\MyName\Desktop\platform-tools"), you can temporarily boot into TWRP via command
Code:
fastboot boot twrp-3.2.1-2-taimen.img
When in TWRP (hopefully), I suggest trying to do what I advised before -- try either Magisk installer to repatch the boot and dtbo image, or Magisk Uninstaller to attempt to replace your boot and dtbo to stock.
*NOTE: Of course, this is assuming you are running Microsoft Windows (if not, you will need to input .\ as @naiku suggested) and also the whole "device is corrupt" is due to "funky" boot image issues. If not, I/we can guide you to flashing the Full Factory back onto the phone (hopefully without losing data and settings)...
Good luck and hope this helps...
Click to expand...
Click to collapse
Pleased to be editing this comment; managed to get it working following your step by step. Think i'm going to stay away from rooting something this expensive in the future! Thanks so much!

Jameswebb97 said:
Pleased to be editing this comment; managed to get it working following your step by step. Think i'm going to stay away from rooting something this expensive in the future! Thanks so much!
Click to expand...
Click to collapse
I wouldn't go that far with staying away. When I come across people IRL that want to start doing this stuff I always tell them to read the instructions, step through them, read the instructions again, ask questions (as you did here) BEFORE you get started, read the instructions again, and only when you're confident start messing with your device. This is a fun, and at times stressful, hobby. It's great when everything goes according to plan but it's an omg omg omg omg omg omg moment when you mess something up.
Start with baby steps. The straight upgrade to P is fairly simple provided your device is unlocked. Get that working & you'll be set. I have root on my DP3 & the only thing I've done so far is delete some apps from system that I know I don't want/need. If your main goal is to just enjoy your phone, test out Android P, and maybe go back... root isn't needed. Once everything is squared away & you're running for a day or so you can always fastboot to recovery, make a backup, and then try to add root. I hope you don't shy away & get deeper into the hobby. It truly starts to get fun when you begin to understand more of what is going on.

Jameswebb97 said:
Pleased to be editing this comment; managed to get it working following your step by step. Think i'm going to stay away from rooting something this expensive in the future! Thanks so much!
Click to expand...
Click to collapse
Hey I'm so glad you got it working! Leave me a "Thanks!" would make it up to me ... I'm always happy to help out and get things figured out...yet I don't get the satisfaction of knowing if it does end up helping a lot of the time because a good number don't come back with their experience...so thanks for that! Glad you got it going...
EvilDobe said:
I wouldn't go that far with staying away. When I come across people IRL that want to start doing this stuff I always tell them to read the instructions, step through them, read the instructions again, ask questions (as you did here) BEFORE you get started, read the instructions again, and only when you're confident start messing with your device. This is a fun, and at times stressful, hobby. It's great when everything goes according to plan but it's an omg omg omg omg omg omg moment when you mess something up.
Start with baby steps. The straight upgrade to P is fairly simple provided your device is unlocked. Get that working & you'll be set. I have root on my DP3 & the only thing I've done so far is delete some apps from system that I know I don't want/need. If your main goal is to just enjoy your phone, test out Android P, and maybe go back... root isn't needed. Once everything is squared away & you're running for a day or so you can always fastboot to recovery, make a backup, and then try to add root. I hope you don't shy away & get deeper into the hobby. It truly starts to get fun when you begin to understand more of what is going on.
Click to expand...
Click to collapse
And it's as @EvilDobe means.....
I remember back in the days of the Motorola Droids (OG Droid1, Droid 3, & Droid 4) where you could really mess things up and come out with a big ol' "brick" "paperweight" as there were many instances where you could not come back from (i.e. updating to a certain point, then attempting to downgrade when Google/Motorola/Verizon put blocks that breaks it). But this isn't the case these days. @Jameswebb97, at least with the Pixel 2's, Oreo and/or P(Android OS 9), it's actually more difficult than easy to get that too far gone. The only reason why I can help so many troubleshooting their issues is because I, myself, have wrecked my current device in some serious ways! So I can relate and have experience in helping in the same situations. I've gotten it to where it says "device is corrupt," (which isn't all that uncommon), BUT with the added desperate troubleshooting where I had to wipe/erase, changing partition types, format several partitions, even go about "resizing" the partition to match the "target extraction size" of the Full Factory flash, and even as far as learning to manually flash the various system partitions and that there are two (system_a & system_b) but, in Google's infinite wisdom(?), one flashes to system_a and the other to system_other!!! And I haven't even started on reading others' issues when going after the Slot A and Slot B complications -- I didn't even attempt to touch this in that troubleshooting story.
My point is: I think I've broken my device farther than most people and got it so close to the brink, and yet I was able to bring it back and am still using that same device today (most people would usually, at that point, go and get a RMA replacement). Honestly, as long as you have access to Bootloader Mode (which Google, in their infinite wisdom, seems to have placed it in the main board memory or separate memory rather than storage as to make it always accessible which makes it hard to "lose"), you have a really good (seemingly perfect) "safety net" in which you can always flash back to a working, stock state -- which is why it's the best policy to just make good backups before experimenting so, if anything, you get back to this state and restore all your data. I'm not trying to convince you to root or to try custom ROMs or anything -- even though there are many great reasons and capabilities of rooting -- I am simply appealingl to your sense of curiosity and reassure you so you aren't held back and you don't restrict and limit yourself if you don't want to, but are to fearful to experiment.
I hope you don't take this post as "lecturing" or anything, just some thoughts I hope you consider...
Glad it worked out in the end for you!

Is My Mi MIX 2 Ruined?

Someone was "helping" me root my Mi Mix2. I can't be 100% sure what went wrong, but he managed to get it stuck in Fastboot mode, such that no matter what I do (i.e. any combination of power offs, or simultaneous button presses, or commands from terminal). I suspect he did not understand me when I said Magisk was tool best suited...he may have used some more familiar or standard tool like SuperSU or something to try and root.
Assuming I have sufficiently described my problem, is there anything I can do to get the phone back into a usable state?

Is your bootloader unlocked? If yes try to flash ROM using miflash tool.

I appreciate the response/suggestion.
fotocreaman said:
Is your bootloader unlocked?
Click to expand...
Click to collapse
Yes. I double checked with "fastboot oem device-info" commmand
fotocreaman said:
If yes try to flash ROM using miflash tool.
Click to expand...
Click to collapse
On your advice I did that, including downloading current (?) version and current(?) version of stock ROM. I received a message to effect that a flash script (.bat) file was missing (or at least not found).
Other threads regarding this error suggest unzipping something (?) twice but I didn't see a file inside the original zip file that could be additionally unzipped, and certainly nothing with a .bat extension.

Can you put here the exact error message and when it exactly occurs? Describe the steps you did to get to that point

Hi aa040371
1- download fastboot rom for your phone and unzip it twice , put folder in C:\ storage http://update.miui.com/updates/v1/fullromdownload.php?d=chiron_global&b=F&r=global&n=
2- Look at the tutorial to use miflashtool https://c.mi.com/thread-1857937-1-1.html
regards

I'm Still Here...
So, after more than a few detours and distractions, I have my phone (Mi Mix 2S, not the plain "2" I originally indicated!) basically back to stock...good frustration-tolerance building exercise.
I am currently in the process of trying to get TWRP to remain after booting to OS. I have researched/read numerous threads on this -- e.g. boot into TWRP, flash TWRP, reboot directly into TWRP again -- but somehow none of them do the trick. Every time I boot into the OS, the Recovery partition gets overwritten and I am back to the stock recovery tool. If I can trust/believe what at least one person has indicated online, this appears to be due to a script in /system/bin, but I can't get at that file to rename or delete it. In fact, I can't even see it in the file system as that area is completely locked down. I know it is there as a Find command executed via ADB shell lists it even though it indicates it is off-limits.
So I turned my attention to loading a rooting app/tool instead hoping that would let me get TWRP to hang around for long term...another excursion in futility. My phone model is M1803D5XA, so according to one more forum thread somewhere, I am supposed to be using SuperSU rather than Magisk? Whatever...it seems impossible: most of the zip files I located don't pass security/file-signing check. The one I found that at least starts to load/install (SR5-SuperSU-v2.82-SR5-20171001224502) works fine right up until it fails while trying to update "sepolicy" files. For some reason I have to sideload SuperSU from TWRP because I am not allowed to push a file even to my SDcard via ADB.
I just don't get why this all has to be so difficult, as in each and every step along the way. I feel like Sisyphus or Job or someone similar...sigh Any thoughts or suggestions still welcome...thanks.

aa040371 said:
So, after more than a few detours and distractions, I have my phone (Mi Mix 2S, not the plain "2" I originally indicated!) basically back to stock...good frustration-tolerance building exercise.
I am currently in the process of trying to get TWRP to remain after booting to OS. I have researched/read numerous threads on this -- e.g. boot into TWRP, flash TWRP, reboot directly into TWRP again -- but somehow none of them do the trick. Every time I boot into the OS, the Recovery partition gets overwritten and I am back to the stock recovery tool. If I can trust/believe what at least one person has indicated online, this appears to be due to a script in /system/bin, but I can't get at that file to rename or delete it. In fact, I can't even see it in the file system as that area is completely locked down. I know it is there as a Find command executed via ADB shell lists it even though it indicates it is off-limits.
So I turned my attention to loading a rooting app/tool instead hoping that would let me get TWRP to hang around for long term...another excursion in futility. My phone model is M1803D5XA, so according to one more forum thread somewhere, I am supposed to be using SuperSU rather than Magisk? Whatever...it seems impossible: most of the zip files I located don't pass security/file-signing check. The one I found that at least starts to load/install (SR5-SuperSU-v2.82-SR5-20171001224502) works fine right up until it fails while trying to update "sepolicy" files. For some reason I have to sideload SuperSU from TWRP because I am not allowed to push a file even to my SDcard via ADB.
I just don't get why this all has to be so difficult, as in each and every step along the way. I feel like Sisyphus or Job or someone similar...sigh Any thoughts or suggestions still welcome...thanks.
Click to expand...
Click to collapse
Recovery will get overwritten by dm-verity, you have to flash either magisk or another mod that disables dm-verity, but personally I suggest to use a custom rom if you don't care about miui

HrX said:
Recovery will get overwritten by dm-verity, you have to flash either magisk or another mod that disables dm-verity, but personally I suggest to use a custom rom if you don't care about miui
Click to expand...
Click to collapse
Hello...thanks. I definitely don't care about MIUI...in fact the whole exercise I am struggling through is so I can get LineageOS onto my phone. I've probably read 50+ threads/posts on 6-7 different forums regarding unbricking/unlocking/rooting/TWRPing/customROMing my particular phone, but this is the first time I've seen mention of DM-Verity. I'll look into it...not really hopeful, though. But anyway...thanks again.

[GUIDE] Recovering from a magisk bootloop without twrp

Just to add my experience here, I flashed MARS_SOM magisk rom module which entered a seemingly unrecoverable endless bootloop. This was likely as it conflicted with another magisk module or xposed that I have installed, so not the fault of the rom!
However given we've no twrp yet, the best way (after a LOT of research!) to fix this wasn't easy or obvious. I thought I could just flash stock kernel, uninstall magisk, flash magisk again and uninstall the module. Which unfortunately you can't as they remain in the system files and without root, you can't touch them, though with root, it loads and you get the bootloop - so a vicious endless cycle!
The solution I managed to work out, rather than a full clean wipe was to extract the stock boot from downloaded firmware (using Xperifirm), convert it to an img file using UnSIN, use to unpack, place a certain folder in there (found via the link below), repack and then fastboot flash. This makes magisk operate in core root mode only allowing you to uninstall the module. Once the module is uninstalled, you can simply disable core only mode from the magisk settings.
This saved me from a full wipe!
See here for more details about that unpacking the img, copying a folder etc see here:
https://forum.xda-developers.com/pi...modules-disabler-booting-magisk-t3976621/amp/
This worked for me and so hope it helps someone out too!

cd993 said:
Just to add my experience here, I flashed MARS_SOM magisk rom module which entered a seemingly unrecoverable endless bootloop. This was likely as it conflicted with another magisk module or xposed that I have installed, so not the fault of the rom!
However given we've no twrp yet, the best way (after a LOT of research!) to fix this wasn't easy or obvious. I thought I could just flash stock kernel, uninstall magisk, flash magisk again and uninstall the module. Which unfortunately you can't as they remain in the system files and without root, you can't touch them, though with root, it loads and you get the bootloop - so a vicious endless cycle!
The solution I managed to work out, rather than a full clean wipe was to extract the stock boot from downloaded firmware (using Xperifirm), convert it to an img file using UnSIN, use to unpack, place a certain folder in there (found via the link below), repack and then fastboot flash. This makes magisk operate in core root mode only allowing you to uninstall the module. Once the module is uninstalled, you can simply disable core only mode from the magisk settings.
This saved me from a full wipe!
See here for more details about that unpacking the img, copying a folder etc see here:
https://forum.xda-developers.com/pi...modules-disabler-booting-magisk-t3976621/amp/
This worked for me and so hope it helps someone out too!
Click to expand...
Click to collapse
With Unsin (on windows at least) you can just drag your file over the cmd without having to mess with command lines

AJHutchinson said:
With Unsin (on windows at least) you can just drag your file over the cmd without having to mess with command lines
Click to expand...
Click to collapse
Yeah that's a handy little feature, makes converting it super simple!

cd993 said:
Just to add my experience here, I flashed MARS_SOM magisk rom module which entered a seemingly unrecoverable endless bootloop. This was likely as it conflicted with another magisk module or xposed that I have installed, so not the fault of the rom!
However given we've no twrp yet, the best way (after a LOT of research!) to fix this wasn't easy or obvious. I thought I could just flash stock kernel, uninstall magisk, flash magisk again and uninstall the module. Which unfortunately you can't as they remain in the system files and without root, you can't touch them, though with root, it loads and you get the bootloop - so a vicious endless cycle!
The solution I managed to work out, rather than a full clean wipe was to extract the stock boot from downloaded firmware (using Xperifirm), convert it to an img file using UnSIN, use to unpack, place a certain folder in there (found via the link below), repack and then fastboot flash. This makes magisk operate in core root mode only allowing you to uninstall the module. Once the module is uninstalled, you can simply disable core only mode from the magisk settings.
This saved me from a full wipe!
See here for more details about that unpacking the img, copying a folder etc see here:
https://forum.xda-developers.com/pi...modules-disabler-booting-magisk-t3976621/amp/
This worked for me and so hope it helps someone out too!
Click to expand...
Click to collapse
Hi there; I was in the same situation, flashing a corrupted magisk boot image from standard firmware for XQ-AT51, provided by same author for simple rooting Xperia 1 II; my phone was without xposed, it was in clean factory state. the magisk boot image was taken from another thread "[ROOT] Magisk patched Boot Images & Instructions" designated for rooting of Xperia 1 II;
unfortunately is the same author who build your ROM, he delivered also corrupted magisk image.
It was not enter in bootloop if you flash only one image on phone, not both; his instructions are wrong. the correct flashing instruction is below, at end of my comment.
I solved in smilar way like you: using flashtool to obtain XQ-AT51 ftf file: XQ-AT51_58.0.A.3.39_1321-7706_R13A.ftf;
Attention: the name of file depends of region firmware you want to flash and type of phone (single or dual sim); the given names are with title of example.
Then from download folder of flashtool form your disk C:\Users\username\.flashTool\firmwares\Downloads (username is your username on pc); check for file: boot_X-FLASH-ALL-2389.sin ( applicable for XQ-AT51) and convert the file to .img using unsin; check on xda for unsin, extract unsin archive in exe file and then drag & drop over unsin.exe the file boot_X-FLASH-ALL-2389.sin; will be generated boot_X-FLASH-ALL-2389.img file.
This name file can be other, is just an example, if you have another phone with firmware for other region, pay attention to this!
This can be flashed then back to phone using adb comands; fastboot flash boot boot_X-FLASH-ALL-2389.img;
The same image can be transfered to phone and used later to generate correct magisk image and root the phone.
Best to you all!

daphix said:
Hi there; I was in the same situation, flashing a corrupted magisk boot image from standard firmware for XQ-AT51, provided by same author for simple rooting Xperia 1 II; my phone was without xposed, it was in clean factory state. the magisk boot image was taken from another thread "[ROOT] Magisk patched Boot Images & Instructions" designated for rooting of Xperia 1 II;
unfortunately is the same author who build your ROM, he delivered also corrupted magisk image.
It was not enter in bootloop if you flash only one image on phone, not both; his instructions are wrong. the correct flashing instruction is below, at end of my comment.
I solved in smilar way like you: using flashtool to obtain XQ-AT51 ftf file: XQ-AT51_58.0.A.3.39_1321-7706_R13A.ftf;
Attention: the name of file depends of region firmware you want to flash and type of phone (single or dual sim); the given names are with title of example.
Then from download folder of flashtool form your disk C:\Users\username\.flashTool\firmwares\Downloads (username is your username on pc); check for file: boot_X-FLASH-ALL-2389.sin ( applicable for XQ-AT51) and convert the file to .img using unsin; check on xda for unsin, extract unsin archive in exe file and then drag & drop over unsin.exe the file boot_X-FLASH-ALL-2389.sin; will be generated boot_X-FLASH-ALL-2389.img file.
This name file can be other, is just an example, if you have another phone with firmware for other region, pay attention to this!
This can be flashed then back to phone using adb comands; fastboot flash boot boot_X-FLASH-ALL-2389.img;
The same image can be transfered to phone and used later to generate correct magisk image and root the phone.
Best to you all!
Click to expand...
Click to collapse
Thanks for that, glad you managed to fix your situation too!

cd993 said:
Thanks for that, glad you managed to fix your situation too!
Click to expand...
Click to collapse
What to posted you is very very usefull; it helps you to fix after flashing wrong magisk module.
:good:

Root guide (updated)

==== READ THIS POST BEFORE ROOTING ====​https://www.reddit.com/r/surfaceduo/comments/wn5joi/a_warning_to_wouldbe_developers_and_hobbyist/
(ORIGINAL GUIDE BELOW)​Since the last guy hasn't been updating his op, I figured I'd start a fresh thread with what we know and what to do for newcomers.
I will not be posting patched boot images in this thread, I'm a firm believer of "give you steps to follow from the top so you know what's going on and can do this yourself in the future". The more hands we have in the kitchen, the more we learn, and the better we are off as a community.
Walkthroughs for both fresh rooting and updating while rooted are both below:
==== FRESH ROOT ====​
0. make sure USB debugging is on in settings > developer options
0. make sure the phone's bootloader is actually unlocked, if the below doesn't work, back up all the data on your phone because we're about to wipe it
Code:
.\fastboot.exe flashing unlock
.\fastboot.exe flashing unlock_critical
I did both, but it might only require one of the two, if you only did one and it doesn't work you may not be fully unlocked and might have to do the other. Both of these commands from the bootloader will factory reset your phone. if you've already done this, go to step 1.
1. go here https://support.microsoft.com/en-us/surface-recovery-image put in your serial number (can be found in settings) and download the latest recovery image
2. download payload_dumper from here https://gist.github.com/ius/42bd02a.../48ffe1eee59af9a7da883d9ec7902d1507428dc4.zip
3. download the latest platform-tools from here https://developer.android.com/studio/releases/platform-tools
4. extract all three zips to the same folder, a folder on your desktop is fine, mine is just the name of the current MS zip archive (2021_314_91 at time of writing and used in the below examples)
5. open powershell, and cd to that folder.
6. from the folder, run it like this
Code:
PS C:\wherever\your\****\is\2021_314_91> python.exe -m payload_dumper ./payload.bin
(this will extract a bunch of stuff, boot.img is all we care about today)
6a. if you don't have python, get it from ninite https://ninite.com/pythonx3/ and go back to step 5/6 and try again, you will likely also need to do a "pip install protobuf" to get the required python libraries for payload-dumper
7. download the latest version of magisk manager (the new magisk app may work, but I've not tested it, this is the exact version I am using on the exact phone you are using. If you feel like trying the app please report in the thread below!) https://github.com/topjohnwu/Magisk/releases/download/manager-v8.0.7/MagiskManager-v8.0.7.apk
8. install magisk manager on your phone
9. make a text file, I called mine magisk_channel.txt and put this in it
Code:
https://raw.githubusercontent.com/Lethany/magisk_files/0755a7d5f596dc2a351270120b31b665fb561294/stable.json
this is the "custom" channel we are using to force an older version of magisk that doesn't choke on our device like newer versions do.
10. use usb data transfer mode to copy the boot.img file we extracted from step 6 and the text file we created in step 8 to your phone's internal storage, I have a folder on the root of the internal storage directory called Z_Phone, but anywhere is fine as long as you know where it is and remember it later.
11. in magisk manager, click the gear in the top right and then select "update channel" > "custom channel"
12. use your duo's dank duo mode to open a file browser on the other screen, open the text file we made in step 9
13. copy and paste the custom channel text into the custom channel field under update channel in magisk so it has the text from step 9 in it. (the text file just saves us typing it out by hand)
14. go back to the magisk main screen, and click install next to "magisk"
14b. click next
14c. click "select and patch a zip file"
14d. browse to the location we uploaded boot.img to in step 9 and select boot.img
14e. click let's go
(this will create the patched boot.img, it'll be named magisk_patched_[some garbage].img)
15. open the internal storage on your PC again, and go to your phone's "downloads" folder, it'll have that patched boot.img (if you've tried this a bunch of times and don't remember which one we just made, feel free to delete all the old ones and do 14-14e again) copy this patched_boot.img to your computer, I just put it in that same folder as step 4
16. in powershell, cd back to that same working folder we've been using and run
Code:
.\adb.exe reboot bootloader
The phone will reboot to the bootloader and we can now try booting the patched image
16. in powershell, run
Code:
.\fastboot.exe boot .\magisk_patched_[WHATEVER_YOURS_IS_NAMED].img
17. if your phone boots, that's a great sign and we're out of the woods, nothing else will probably go wrong from here, if it doesn't boot factory reset your phone and start at step 0.
18. open an adb shell prompt and make our boot partitions writable with the below 4 lines, run one by one. Right now we're "rooted" but we've booted off an image over usb, what we really want is to boot off the images on your phone so we need to.
Code:
.\adb.exe shell
su
chmod 777 /dev/block/by-name/boot_a
chmod 777 /dev/block/by-name/boot_b
19. write the patched boot image to your boot partitions with the below lines, again run one by one
Code:
adb shell
su
dd if=/sdcard/[PATH TO IMAGE]/[PATCHED BOOT].img of=/dev/block/by-name/boot_a
dd if=/sdcard/[PATH TO IMAGE]/[PATCHED BOOT].img of=/dev/block/by-name/boot_b
(my patched boot image is in a folder called "Z_Phone" and my patched image is called "magisk_patched_ks4OZ.img" so my commands look like:
Code:
dd if=/sdcard/Z_Phone/magisk_patched_ks4OZ.img of=/dev/block/by-name/boot_a
dd if=/sdcard/Z_Phone/magisk_patched_ks4OZ.img of=/dev/block/by-name/boot_b
)
20. reboot your phone via the power button menu and if all went well, you're now rooted!
==== UPDATE WHILE ROOTED ====​
1. go here https://support.microsoft.com/en-us/surface-recovery-image put in your serial number (can be found in settings) and download the latest recovery image
2. download payload_dumper from here https://gist.github.com/ius/42bd02a.../48ffe1eee59af9a7da883d9ec7902d1507428dc4.zip
3. download the latest platform-tools from here https://developer.android.com/studio/releases/platform-tools
4. extract all three zips to the same folder, a folder on your desktop is fine, mine is just the name of the current MS zip archive (2021_314_91 at time of writing)
5. open powershell, and cd to that folder.
6. from the folder, run it like this
Code:
PS C:\wherever\your\****\is\2021_314_91> python.exe -m payload_dumper ./payload.bin
(this will extract a bunch of stuff, boot.img is all we care about today)
7. boot off of your old magisk patched boot image
Code:
.\adb.exe reboot bootloader
.\fastboot.exe boot ..\[LAST VERSION'S FOLDER]\magisk_patched_[WHATEVER_YOURS_IS_NAMED].img
8. write the old, unpatched boot partition to your boot partitions with the below lines, again run one by one
Code:
adb shell
su
dd if=/sdcard/[PATH TO IMAGE]/boot.img of=/dev/block/by-name/boot_a
dd if=/sdcard/[PATH TO IMAGE]/boot.img of=/dev/block/by-name/boot_b
(my unpatched boot image is in a folder called "Z_Phone" and my unpatched image in this example is called "boot.img" so my commands look like:
Code:
dd if=/sdcard/Z_Phone/boot.img of=/dev/block/by-name/boot_a
dd if=/sdcard/Z_Phone/boot of=/dev/block/by-name/boot_b
)
9. reboot
10. run the OTA update on your now freshly stock phone
11. use magisk to patch the new boot image same as in the first root instructions (14a-14e)
12. copy this patched image off of the phone and into our working directory. leave a copy of this on the phone (I put it in my Z_Phone folder)
13. reboot to bootloader (in powershell, in that same working folder we've been using run)
Code:
.\adb.exe reboot bootloader
14. Boot your phone using the patched boot image (in powershell, run)
Code:
.\fastboot.exe boot .\magisk_patched_[WHATEVER_YOURS_IS_NAMED].img
15. write the patched boot image to your boot partitions with the below lines, again run one by one
Code:
adb shell
su
dd if=/sdcard/[PATH TO IMAGE]/[PATCHED BOOT].img of=/dev/block/by-name/boot_a
dd if=/sdcard/[PATH TO IMAGE]/[PATCHED BOOT].img of=/dev/block/by-name/boot_b
(my patched boot image is in a folder called "Z_Phone" and my patched image is called "magisk_patched_ks4OZ.img" so my commands look like:
Code:
dd if=/sdcard/Z_Phone/magisk_patched_ks4OZ.img of=/dev/block/by-name/boot_a
dd if=/sdcard/Z_Phone/magisk_patched_ks4OZ.img of=/dev/block/by-name/boot_b
)
16. reboot and you're updated and rooted!

special thanks to Perseu5 and his original thread!
Unlocking Bootloader/ Magisk Attempt
MAGISK FULL GUIDE (APK for install and other mods coming soon!) The bootloader unlock is pretty similar to any other phone. Go to settings>about> click on build number until developer options are enabled. Go back and select system>Developer...
forum.xda-developers.com

Nice work!

NTchrist said:
special thanks to Perseu5 and his original thread!
Unlocking Bootloader/ Magisk Attempt
MAGISK FULL GUIDE (APK for install and other mods coming soon!) The bootloader unlock is pretty similar to any other phone. Go to settings>about> click on build number until developer options are enabled. Go back and select system>Developer...
forum.xda-developers.com
Click to expand...
Click to collapse
my magisk still shows that theres an update pending for the framework. when i try to patch the stock boot or the custom, it doesnt boot past the windows logo. im guessing the update is for Magisk 21+?

LocBox said:
my magisk still shows that theres an update pending for the framework. when i try to patch the stock boot or the custom, it doesnt boot past the windows logo. im guessing the update is for Magisk 21+?
Click to expand...
Click to collapse
Magisk updates are based on the git channel it's fed. Best guess is you don't have the same git repo as in the guide. If you feed it a repo link to a static version it should never be aware of any updates ever. As far as the app is concerned you're on the latest version.

On vacation until Wed, then I'll push through the new patch and update the guide

update process works successfully and is unchanged from previous versions

update process for 2021.525.62 works successfully and is unchanged from previous versions

This is incredibly helpful! I didn't even know you could unpack the payload.bin lol. I'll be doing some work in the kitchen thanks to this!

For anyone who needs it, here is a patched boot.img for ATT Locked 2021_525_63

nevergrownup said:
For anyone who needs it, here is a patched boot.img for ATT Locked 2021_525_63
Click to expand...
Click to collapse
Can you send the link or tell me how you were able to get the boot.img? When I try to download the factory image from MS, it is still giving me 2021.419.71.
EDIT: The new "Surface Duo - 256GB - Android 10 - ATT - 2021.525.63" recovery image is available on the "Surface Recovery Image Download" page. Thanks nevergrownup for giving me the heads up on Reddit

Is anyone on 2021.525.63 having issues? I've followed the exact guide above, as well as using the newest Magisk version & attempting to boot the patched boot.img just leads my Duo to hang on the Microsoft logo. Just want to see if anyone else has an issue or it's just me.
Thanks.

Veritas06 said:
Is anyone on 2021.525.63 having issues? I've followed the exact guide above, as well as using the newest Magisk version & attempting to boot the patched boot.img just leads my Duo to hang on the Microsoft logo. Just want to see if anyone else has an issue or it's just me.
Thanks.
Click to expand...
Click to collapse
when flashing stock July, my lockscreen keypad is frozen. cant unlock t to use.

LocBox said:
when flashing stock July, my lockscreen keypad is frozen. cant unlock t to use.
Click to expand...
Click to collapse
That's on a fresh install or after flashing the Magisk-modified boot.img?
I'm about to restore with the recovery image & start this again, in case there's some different between OTA & recovery.
EDIT: Doing a factory reset, ADB sideload of the recovery image, creating the new Magisk boot.img, & booting still doesn't work. I'm going to try the guide's version one more time to use the older version of Magisk Manager & the custom channel, but based on previous experience, I'm not hopeful. I only bought this as a device to have fun with because it can be rooted, so I'm regretting this purchase right now =\

Veritas06 said:
That's on a fresh install or after flashing the Magisk-modified boot.img?
I'm about to restore with the recovery image & start this again, in case there's some different between OTA & recovery.
EDIT: Doing a factory reset, ADB sideload of the recovery image, creating the new Magisk boot.img, & booting still doesn't work. I'm going to try the guide's version one more time to use the older version of Magisk Manager & the custom channel, but based on previous experience, I'm not hopeful. I only bought this as a device to have fun with because it can be rooted, so I'm regretting this purchase right now =\
Click to expand...
Click to collapse
I do have the factory unlocked, not the ATT version. In my experience when your lockscreen touch input is not recognized, that happens when either the boot image doesn't match the factory image, or someone has used the factory unlocked boot on an ATT phone or vice-versa.
I'd try a dirty flash of the complete applicable factory images (not just boot/recovery) and then factory reset, then start again from the top. It's possible one of your updates didn't complete or something's become inconsistent between A/B

NTchrist said:
I do have the factory unlocked, not the ATT version. In my experience when your lockscreen touch input is not recognized, that happens when either the boot image doesn't match the factory image, or someone has used the factory unlocked boot on an ATT phone or vice-versa.
I'd try a dirty flash of the complete applicable factory images (not just boot/recovery) and then factory reset, then start again from the top. It's possible one of your updates didn't complete or something's become inconsistent between A/B
Click to expand...
Click to collapse
Thanks. I never even got far enough to see failed touch input, but may try rooting again this weekend. I wasn't able to ever get past the MS logo on boot, after attempting to fastboot boot the Magisk-modified boot.img.

I am in the same boat as Veritas is. My Duo is from ATT and hangs on the Microsoft logo as well. I am very new to rooting and what goes into it so a lot of this stuff I am seeing for the first time. How do I know if I have the correct boot? I went through the whole process of extracting the boot image from the recovery file for my phone off of the Microsoft website. Does that get me the right boot to use?

ThrowARoot said:
I am in the same boat as Veritas is. My Duo is from ATT and hangs on the Microsoft logo as well. I am very new to rooting and what goes into it so a lot of this stuff I am seeing for the first time. How do I know if I have the correct boot? I went through the whole process of extracting the boot image from the recovery file for my phone off of the Microsoft website. Does that get me the right boot to use?
Click to expand...
Click to collapse
It should, yes. Unfortunately I do not have an ATT phone to test against. You'd have to have someone else in the thread confirm it works on the ATT build. About the only thing you can do is boot to stock, and check that settings>about>build number matches the images you downloaded from microsoft (2021.525.62) at time of writing

Actually in checking my settings I noticed there was a new update available, so ignore the build number above just make sure the image you download matches the image on your device

NTchrist said:
Since the last guy hasn't been updating his op, I figured I'd start a fresh thread with what we know and what to do for newcomers.
I will not be posting patched boot images in this thread, I'm a firm believer of "give you steps to follow from the top so you know what's going on and can do this yourself in the future". The more hands we have in the kitchen, the more we learn, and the better we are off as a community.
Walkthroughs for both fresh rooting and updating while rooted are both below:
==== FRESH ROOT ====​
0. make sure USB debugging is on in settings > developer options
0. make sure the phone's bootloader is actually unlocked, if the below doesn't work, back up all the data on your phone because we're about to wipe it
Code:
.\fastboot.exe flashing unlock
.\fastboot.exe flashing unlock_critical
I did both, but it might only require one of the two, if you only did one and it doesn't work you may not be fully unlocked and might have to do the other. Both of these commands from the bootloader will factory reset your phone. if you've already done this, go to step 1.
1. go here https://support.microsoft.com/en-us/surface-recovery-image put in your serial number (can be found in settings) and download the latest recovery image
2. download payload_dumper from here https://gist.github.com/ius/42bd02a.../48ffe1eee59af9a7da883d9ec7902d1507428dc4.zip
3. download the latest platform-tools from here https://developer.android.com/studio/releases/platform-tools
4. extract all three zips to the same folder, a folder on your desktop is fine, mine is just the name of the current MS zip archive (2021_314_91 at time of writing and used in the below examples)
5. open powershell, and cd to that folder.
6. from the folder, run it like this
Code:
PS C:\wherever\your\****\is\2021_314_91> python.exe -m payload_dumper ./payload.bin
(this will extract a bunch of stuff, boot.img is all we care about today)
6a. if you don't have python, get it from ninite https://ninite.com/pythonx3/ and go back to step 5/6 and try again
7. download the latest version of magisk manager (the new magisk app may work, but I've not tested it, this is the exact version I am using on the exact phone you are using. If you feel like trying the app please report in the thread below!) https://github.com/topjohnwu/Magisk/releases/download/manager-v8.0.7/MagiskManager-v8.0.7.apk
8. install magisk manager on your phone
9. make a text file, I called mine magisk_channel.txt and put this in it
Code:
https://raw.githubusercontent.com/Lethany/magisk_files/0755a7d5f596dc2a351270120b31b665fb561294/stable.json
this is the "custom" channel we are using to force an older version of magisk that doesn't choke on our device like newer versions do.
10. use usb data transfer mode to copy the boot.img file we extracted from step 6 and the text file we created in step 8 to your phone's internal storage, I have a folder on the root of the internal storage directory called Z_Phone, but anywhere is fine as long as you know where it is and remember it later.
11. in magisk manager, click the gear in the top right and then select "update channel" > "custom channel"
12. use your duo's dank duo mode to open a file browser on the other screen, open the text file we made in step 9
13. copy and paste the custom channel text into the custom channel field under update channel in magisk so it has the text from step 9 in it. (the text file just saves us typing it out by hand)
14. go back to the magisk main screen, and click install next to "magisk"
14b. click next
14c. click "select and patch a zip file"
14d. browse to the location we uploaded boot.img to in step 9 and select boot.img
14e. click let's go
(this will create the patched boot.img, it'll be named magisk_patched_[some garbage].img)
15. open the internal storage on your PC again, and go to your phone's "downloads" folder, it'll have that patched boot.img (if you've tried this a bunch of times and don't remember which one we just made, feel free to delete all the old ones and do 14-14e again) copy this patched_boot.img to your computer, I just put it in that same folder as step 4
16. in powershell, cd back to that same working folder we've been using and run
Code:
.\adb.exe reboot bootloader
The phone will reboot to the bootloader and we can now try booting the patched image
16. in powershell, run
Code:
.\fastboot.exe boot .\magisk_patched_[WHATEVER_YOURS_IS_NAMED].img
17. if your phone boots, that's a great sign and we're out of the woods, nothing else will probably go wrong from here, if it doesn't boot factory reset your phone and start at step 0.
18. open an adb shell prompt and make our boot partitions writable with the below 4 lines, run one by one. Right now we're "rooted" but we've booted off an image over usb, what we really want is to boot off the images on your phone so we need to.
Code:
.\adb.exe shell
su
chmod 777 /dev/block/by-name/boot_a
chmod 777 /dev/block/by-name/boot_b
19. write the patched boot image to your boot partitions with the below lines, again run one by one
Code:
adb shell
su
dd if=/sdcard/[PATH TO IMAGE]/[PATCHED BOOT].img of=/dev/block/by-name/boot_a
dd if=/sdcard/[PATH TO IMAGE]/[PATCHED BOOT].img of=/dev/block/by-name/boot_b
(my patched boot image is in a folder called "Z_Phone" and my patched image is called "magisk_patched_ks4OZ.img" so my commands look like:
Code:
dd if=/sdcard/Z_Phone/magisk_patched_ks4OZ.img of=/dev/block/by-name/boot_a
dd if=/sdcard/Z_Phone/magisk_patched_ks4OZ.img of=/dev/block/by-name/boot_b
)
20. reboot your phone via the power button menu and if all went well, you're now rooted!
==== UPDATE WHILE ROOTED ====​
1. go here https://support.microsoft.com/en-us/surface-recovery-image put in your serial number (can be found in settings) and download the latest recovery image
2. download payload_dumper from here https://gist.github.com/ius/42bd02a.../48ffe1eee59af9a7da883d9ec7902d1507428dc4.zip
3. download the latest platform-tools from here https://developer.android.com/studio/releases/platform-tools
4. extract all three zips to the same folder, a folder on your desktop is fine, mine is just the name of the current MS zip archive (2021_314_91 at time of writing)
5. open powershell, and cd to that folder.
6. from the folder, run it like this
Code:
PS C:\wherever\your\****\is\2021_314_91> python.exe -m payload_dumper ./payload.bin
(this will extract a bunch of stuff, boot.img is all we care about today)
7. boot off of your old magisk patched boot image
Code:
.\adb.exe reboot bootloader
.\fastboot.exe boot ..\[LAST VERSION'S FOLDER]\magisk_patched_[WHATEVER_YOURS_IS_NAMED].img
8. write the old, unpatched boot partition to your boot partitions with the below lines, again run one by one
Code:
adb shell
su
dd if=/sdcard/[PATH TO IMAGE]/boot.img of=/dev/block/by-name/boot_a
dd if=/sdcard/[PATH TO IMAGE]/boot.img of=/dev/block/by-name/boot_b
(my unpatched boot image is in a folder called "Z_Phone" and my unpatched image in this example is called "boot.img" so my commands look like:
Code:
dd if=/sdcard/Z_Phone/boot.img of=/dev/block/by-name/boot_a
dd if=/sdcard/Z_Phone/boot of=/dev/block/by-name/boot_b
)
9. reboot
10. run the OTA update on your now freshly stock phone
11. use magisk to patch the new boot image same as in the first root instructions (14a-14e)
12. copy this patched image off of the phone and into our working directory. leave a copy of this on the phone (I put it in my Z_Phone folder)
13. reboot to bootloader (in powershell, in that same working folder we've been using run)
Code:
.\adb.exe reboot bootloader
14. Boot your phone using the patched boot image (in powershell, run)
Code:
.\fastboot.exe boot .\magisk_patched_[WHATEVER_YOURS_IS_NAMED].img
15. write the patched boot image to your boot partitions with the below lines, again run one by one
Code:
adb shell
su
dd if=/sdcard/[PATH TO IMAGE]/[PATCHED BOOT].img of=/dev/block/by-name/boot_a
dd if=/sdcard/[PATH TO IMAGE]/[PATCHED BOOT].img of=/dev/block/by-name/boot_b
(my patched boot image is in a folder called "Z_Phone" and my patched image is called "magisk_patched_ks4OZ.img" so my commands look like:
Code:
dd if=/sdcard/Z_Phone/magisk_patched_ks4OZ.img of=/dev/block/by-name/boot_a
dd if=/sdcard/Z_Phone/magisk_patched_ks4OZ.img of=/dev/block/by-name/boot_b
)
16. reboot and you're updated and rooted!
Click to expand...
Click to collapse
Ok I am not sure what I am doing wrong and before anyone says anything is not my first or 10th phone I have rooted, first the so called image that you download from Microsoft is nothing but folders of useless text docs. and the patched magisk image in this thread says it works. I went through the whole set up it says the boot image was successfully done yet upon rebooting my device is not rooted. Can anyone help with this.

Question Kernel updated, root lost

Hi Guys,
For some reasons, my kernel got updated without any change from me, not sure how this is possible.
Now, because of that, I lost root, is there a quick way to restore root (magisk) ?
Thanks in advance !

Yep. Just download the matching factory image zip for your currently installed build of Android. Then, extract the boot.img file, copy it over to your phone, patch it within the Magisk app and it will spit out a patched boot.img file into your "Download" folder. Next, copy that patched boot.img file back to your computer and flash that patched boot file using fastboot.
That may look like a lot of different steps, however, the process usually takes less time than it has taken me to type this comment, haha. Enjoy your root access =)