Develop Bugs

Advice/suggestions on best stable custom rom for new Moto G5 Cedric (XT1671)

Hi, I'm replacing a lost Moto G3 TE with a Moto G5 (xt1671 dual sim) that should be coming in the mail on Monday. I'd like to do whatever mods I want to my phone right away, before activating my google account on it and everything. So, I'd really like any advice any of you can give as to preferred custom rom with root that I should put on my new phone, so I can get to it right away. I've already found the thread to unlock it (same process as in past mostly), and I've found the guides for putting on TWRP (either 32-bit or 64-bit). So, now I just need to decide which custom ROM to use. Please advise!
I've also had a Moto G2 in the past. I've unlocked and used custom roms and root on all my phones so far, from Cyanogenmod 12.1 to AOSP Extended, ViperOS, and LineageOS. My wife's Moto G2 has Oreo on it (through AEX) and we're enjoying it (I had her add me as an account until I get my new phone). So, I'd like to continue using an Oreo system if possible, and I'd even prefer AEX, but it seems that it's discontinued for the Moto G5. Is that correct?
My overall goals for a custom rom are, in order of priority: reliability, speed/performance, battery life, and customization options. I found that AEX balanced all of that well on our past phones. Is the discontinued AEX for this phone reliable, or not? I've also seen the LineageOS thread and the KAOSP thread and have glanced at a few others. I use google accounts and half their apps for sure (so I'll want to install a GApps package with it). And I see there's a possibility to unlock RAW/DNG files for the camera, which I'd really like to try (as I prefer raw file editing instead of JPGs). And the customizations I like (if still possible) are mainly involving the way the launcher responds - I like having the navigation buttons hide, or to swipe up to get them back, I like being able to modify the status bar, etc.... typical customizations that were usually available in AEX that I've used. I also use root for file explorer and a few other functions - I used to always use SuperSU in the past, but just recently started using Magisk (on the Moto G2) and it seems good, though I'm open to any recommendation about which root to use.
So, please fire away! Please give your suggestion as to which currently available custom ROMs are stable, have good performance, good battery life, and offer standard customization, plus which I can root. I appreciate any suggestions and any advice you can give, especially regarding if there's a recommended rom but if it has known issues and any known workarounds. Also, I'd appreciate advice anytime today or tomorrow (since it'll likely be the afternoon or evening of Monday +3 GMT time - Madagascar - that I'm able to start working on unlocking it, installing custom recovery, etc.). But even if the advice is late, I might still be able to use it. I know this is a bit much to ask, but please give your own opinions freely!
Oh, by the way, do I need updated Motorola drivers, or will the motorola drivers and adb/fastboot I installed last time (for the Moto G3 TE) keep working with the new phone? The unlock thread I've found here doesn't say anything about motorola drivers or adb/fastboot. Thanks in advance!

the best stable rom is stock rooted

woozie.2007 said:
the best stable rom is stock rooted
Click to expand...
Click to collapse
Thanks for the response! Is there a stock oreo available? And is stock rooted still customizable (like with AEX or something - can I install some sort of thing to let me customize it more?). And is there a debloated version of the stock rom available? I saw one thread on here about a debloated stock rom, but it looked like it was still nougat.
If it's possible to customize the stock rom further, please point me in the right direction. And if not possible to customize it further... then are you suggesting that any of the custom roms available aren't very stable to be used well for a daily driver?
Again, thanks for your response and also for any more feedback you can give!

So, I have my phone now and it came with stock Nougat. I've unlocked it, and I'm currently working on getting TWRP, Dm-verity thing on it, and then magisk. After that can I still update it to Oreo or not? Please advise. Thank you!

madagascaradam said:
So, I have my phone now and it came with stock Nougat. I've unlocked it, and I'm currently working on getting TWRP, Dm-verity thing on it, and then magisk. After that can I still update it to Oreo or not? Please advise. Thank you!
Click to expand...
Click to collapse
no, you have to update oreo first, after that install twrp and magisk for root it

woozie.2007 said:
no, you have to update oreo first, after that install twrp and magisk for root it
Click to expand...
Click to collapse
Crud, that sucks! I was already finished rooting and everything on magisk, then I let the OTA update download and when it restarted my phone, it just automatically sends it into recovery (TWRP) every time now! I tried to install this TWRP stock Oreo (dirtying flashing it) hoping it would fix the boot-loop-to-TWRP-recovery problem, but it didn't. So now I need to figure out a way to get back to the original, so I can start over and try again.
I'm trying to do a factory reset and try again, but in TRWP it says ""Failed to mount '/data' (Device or resource busy)'" This sucks! Any ideas where I can go or what I can do (such as some fastboot commands or something) to get it all working again?
EDIT: It does reboot to bootloader though, so it's not hardbricked. Just need to figure out what to do from here. Thanks for any help!

try to flash via fastboot only boot, recovery, oem and system from oreo, then aply update, then root

Thanks! I downloaded the firmware (for latest Nougat) from this thread: https://forum.xda-developers.com/g5/development/stock-upgrade-to-official-stock-oreo-8-t3823598
Then I flashed everything they said through fastboot (ignoring the modem stuff) because I'm still downloading the oreo firmware right now anyway (my connection is quite slow). At first the bootloader got stuck and said "error" and I was freaking out thinking I'd hard-bricked it. But I turned it off and on again anyway and it loaded fine back into nougat for that latest version.
So now I'm downloading the latest stock Oreo and I'll probably try to ADB sideload it.
Which root do you recommend? I have the Magisk I did for nougat that worked great - 11.6 But there's this thread here (https://forum.xda-developers.com/g5/how-to/guide-how-to-root-stock-oreo-8-1-soak-t3832347) that talks about what seems like a complicated way of doing Magisk 15.3 and then getting it up to 16. What do you suggest?

magisk 17.1 its ok, but you have to flash only partition that i said, not full firmware, and DONT flash the bootloader and GPT partition
---------- Post added at 06:11 PM ---------- Previous post was at 06:10 PM ----------
better let the phone to update ota for latest security patch, dont flash via fastboot

OK, I installed the stock oreo through ADB sideload (it wouldn't read my storage for some reason).... then I reinstalled TWRP, no problem... then installed Magisk 17.1 (per your suggestion) and then the apk for the manager. Everything's working great! Didn't even need that dm-verity thing.
I'm still looking into the mods I can do to it now that it's rooted (such as changing boot logo and boot animation, adding that 'camera 2' setting, etc.) So I'm not sure I'm at a finished product yet, but I'm definitely at a stable rooted oreo with all my regular stuff installed, so that's a good place to start! I've made a nandroid backup here in case any of my further experimenting messes it up.
Thanks again for your help! And if you can give any suggestions towards the best way to customize the look (for example - is nova launcher still the best way to do that?) or other aspects of the system UI, while still being on this stock rom, then please let me know. I'll look up how to get that better camera mode working.

woozie.2007 said:
magisk 17.1 its ok, but you have to flash only partition that i said, not full firmware, and DONT flash the bootloader and GPT partition
---------- Post added at 06:11 PM ---------- Previous post was at 06:10 PM ----------
better let the phone to update ota for latest security patch, dont flash via fastboot
Click to expand...
Click to collapse
Could you help me with this: if I backup my system (everything) with TWRP.... can I then switch to a custom rom to try it out (in case I want a different user interface, more tweaks, etc.) and if I don't like it can I easily switch back to the stock rom nandroid backup I have saved in TWRP (thus restoring my previous state, but without having to start from factory reset)? Or would it be difficult to switch back - like would I have to redo it through fastboot or something and factory reset, etc.?
I'm asking because in the past I never used the stock rom much and I definitely never switched between a custom rom and the stock rom. Once I went for custom rom, I didn't go back - so I don't know if it's as simple as restoring a nandroid backup or if it's much more effort. Please let me know. Thanks a lot!

you must be very carefully because most of the custom roms need twrp on 64 bits, now you have official twrp 32. When you come back from custom roms 64bit to previous nandroid backup, you must install 32 bits twrp, otherwise you may lose the imei of the phone, just read very well when you want to do something risky

woozie.2007 said:
you must be very carefully because most of the custom roms need twrp on 64 bits, now you have official twrp 32. When you come back from custom roms 64bit to previous nandroid backup, you must install 32 bits twrp, otherwise you may lose the imei of the phone, just read very well when you want to do something risky
Click to expand...
Click to collapse
OK, thanks a lot for that helpful info! So just to clarify to be sure: basically, if I want to switch back and forth, I'll install the 64-bit twrp first, then the custom rom(s). Then if I want to come back to my stock image backup, I re-install the 32-bit twrp (like the one I'm currently using) and then I can just restore my nandroid backup I took of the stock and all is well? And it's not risky if I do it like that?

yes, its correct that

Would this procedure work? (install magisk and twrp on 10.0.3.0)

First, let me say I have been using rooted phones with twrp for several years and never had the slightest problem with them, so I generally know what I am doing, but the Mi A2 Lite is just a disaster area for me, not with Magisk, that works fine, but twrp seems impossible for me to install on 10.0.3.0 without soft bricking ( I had twrp installed on 10.0.2.0 and 10.0.1.0 so I am not unfamiliar with the method, but on 10.0.3.0 - no way). I have done so many factory resets now I have my own parking space at the factory! (That is humour btw).
So I wondered if a different approach to the problem might work. I am not a coder or phone guru, so what I propose might be nonsense, if it is I am sure somebody will tell me.
We are all used to the concept of the 'patched_boot.img' created by Magisk and if you don't want to produce your own version the forum usually has a link to it. Magisk though is not the problem, twrp is, so what I am proposing is that somebody provides a link to a 'double_patched_boot.img' ie a flashable boot image that contains both twrp and magisk and that can directly replace the stock boot via fastboot.
Apparently there are some folks that have managed to install both twrp and magisk on 10.0.3.0, so if one of them could extract the 'double_patched_boot.img' from their phone it might help out a lot. How do you achieve that? Well there is probably more than one way, but the way that I would choose (if I could manage to install them both in the first place) is to boot into twrp, connect to pc, take a miflash backup of the phone and then unzip it with the following command (this is a linux command I am sure someone can provide a windows equivalent):
Code:
tar -xzf ********.tgz
where ********.tgz is the name of your miflash backup.
Then extract the boot.img from the resulting folder, rename it to something like 'double_patched_boot_10.0.3.0.img' and provide a link to it on the forum. Then some brave soul could try it out (probably not me as I am sick of doing factory resets and don't have any backups because I don't have any recovery to make them from).
OTOH this might just not be practical, I don't know enough to be sure.

i was having similar issues. replaced my mi a2 lite and followed the guide for the aosp 109 gsi here in the forum replacing the fstab and one other file i forgot they name but it's instructed. i have twrp zero the fixed one, magisk, and I'm running the RR PIE ROM with zero issues and I've been back and forth in and out of recovery no problem. I'm pretty sure it will work for you too.

12:121390 said:
i was having similar issues. replaced my mi a2 lite and followed the guide for the aosp 109 gsi here in the forum replacing the fstab and one other file i forgot they name but it's instructed. i have twrp zero the fixed one, magisk, and I'm running the RR PIE ROM with zero issues and I've been back and forth in and out of recovery no problem. I'm pretty sure it will work for you too.
Click to expand...
Click to collapse
Interesting. I have certainly thought of jumping ship to a custom rom, but I would like to wait a little before I do so, ideally until someone fires up a Lineage rom for the A2 Lite. But if things continue as badly as they have done so far with stock roms then I might well join you on RR.

viking777 said:
Interesting. I have certainly thought of jumping ship to a custom rom, but I would like to wait a little before I do so, ideally until someone fires up a Lineage rom for the A2 Lite. But if things continue as badly as they have done so far with stock roms then I might well join you on RR.
Click to expand...
Click to collapse
also because of the new ARB thing, custom is much safer, i think i bricked my last device rolling back from ota 9.0 software to ota 8.1. that's a non-issue with custom. just something to be wary of. the current RR pie gsi is near flawless for he so far. hope that helps a little

12:121390 said:
also because of the new ARB thing, custom is much safer, i think i bricked my last device rolling back from ota 9.0 software to ota 8.1. that's a non-issue with custom. just something to be wary of. the current RR pie gsi is near flawless for he so far. hope that helps a little
Click to expand...
Click to collapse
Anti roll back is disabled and not an issue if bootloader is unlocked

Nice thread. Tried it as well but no chance 10.0.3.00 + twrp + magisk. And you are right the problem is twrp.
Sent from my Phh-Treble vanilla using Tapatalk

12:121390 said:
i was having similar issues. replaced my mi a2 lite and followed the guide for the aosp 109 gsi here in the forum replacing the fstab and one other file i forgot they name but it's instructed. i have twrp zero the fixed one, magisk, and I'm running the RR PIE ROM with zero issues and I've been back and forth in and out of recovery no problem. I'm pretty sure it will work for you too.
Click to expand...
Click to collapse
Does RR Pie have any issues on Mi A2 Lite? Whichever GSI I'd tried, I had lags :/

12:121390 said:
i was having similar issues. replaced my mi a2 lite and followed the guide for the aosp 109 gsi here in the forum replacing the fstab and one other file i forgot they name but it's instructed. i have twrp zero the fixed one, magisk, and I'm running the RR PIE ROM with zero issues and I've been back and forth in and out of recovery no problem. I'm pretty sure it will work for you too.
Click to expand...
Click to collapse
brother i also want to install RR PIE Rom can you please give me the guide link?

hossman said:
Anti roll back is disabled and not an issue if bootloader is unlocked
Click to expand...
Click to collapse
correct it is not. what happened was.. lol. i thought i was crafty and did some file swapping and made miflash setups that would flash so the stock files as usual , but with gsi's like RR and/or bootleggers for the system image. and it works, up until i flashed from RR to bootleggers with those setups described previously . there is where my genius was flawed. lol. lesson learned
---------- Post added at 06:43 AM ---------- Previous post was at 06:38 AM ----------
marstonpear said:
Does RR Pie have any issues on Mi A2 Lite? Whichever GSI I'd tried, I had lags :/
Click to expand...
Click to collapse
for me, i have not come across anything caused by the GSI. any issues I've faced are purely self inflicted.

I don´t get your problems... Just boot twrp, and install it as described in original thread.
After that flash back aboot from 9.6.11.0 and the message "your system got destroyed" will disappear!

Voodoojonny said:
I don´t get your problems... Just boot twrp, and install it as described in original thread.
After that flash back aboot from 9.6.11.0 and the message "your system got destroyed" will disappear!
Click to expand...
Click to collapse
You might not get my problem, but likewise I don't get your solution. Firstly aboot has never been touched during the attempted twrp install so why flash it at all, it has not been changed, and secondly you suggest I flash it with something that is how many versions old 4?, 5?, I'm not sure, when just about every post you ever read stresses that you should not mix old and new partitions at the same time.
I hope you forgive my scepticism, but can you actually suggest the slightest reason why this might work?
Or is it all just voodoo johnny (sorry, couldn't resist that).

viking777 said:
You might not get my problem, but likewise I don't get your solution. Firstly aboot has never been touched during the attempted twrp install so why flash it at all, it has not been changed, and secondly you suggest I flash it with something that is how many versions old 4?, 5?, I'm not sure, when just about every post you ever read stresses that you should not mix old and new partitions at the same time.
I hope you forgive my scepticism, but can you actually suggest the slightest reason why this might work?
Or is it all just voodoo johnny (sorry, couldn't resist that).
Click to expand...
Click to collapse
Aboot is the bootloader. Since Pie the aboot was modified to check wheather there are modification on your boot.img. So everytime you modify something (like installing twrp), you get the message "your system got destroyed".
9.6.11.0 is the last version of Oreo. Here the bootloader didn´t check boot.img.
That´s why you need to flash 9.6.11.0 - maybe the older verstions will work too. Didn´t check. But I guess only 9.6.11.0 will work becouse it was the latest oreo version and it had to have a bootloader which can boot up pie (to have ota working).
Here you can find the aboot.img I use... and which works without any problem on pie - right now I´m running 10.0.3.0...
Just flash it via fastboot.

Voodoojonny said:
Aboot is the bootloader. Since Pie the aboot was modified to check wheather there are modification on your boot.img. So everytime you modify something (like installing twrp), you get the message "your system got destroyed".
9.6.11.0 is the last version of Oreo. Here the bootloader didn´t check boot.img.
That´s why you need to flash 9.6.11.0 - maybe the older verstions will work too. Didn´t check. But I guess only 9.6.11.0 will work becouse it was the latest oreo version and it had to have a bootloader which can boot up pie (to have ota working).
Here you can find the aboot.img I use... and which works without any problem on pie - right now I´m running 10.0.3.0...
Just flash it via fastboot.
Click to expand...
Click to collapse
OK that makes sense now - thank you for the explanation. I will probably give that a try sometime, but not right now as I have a stable working phone for the first time in ages and I don't want to jeopardise that.
Just one question though. When I had twrp installed on 10.0.2.0, it was fine at doing backups, but on the two occasions I tried to restore with them they failed, by which I don't mean that the restore didn't repair the phone, but that it was impossible to even carry out the restore, it started but did not complete - just ended with 'Restore Failed' message.
Have you tried any restores with twrp installed in the manner you suggest and if so did they work? No point in installing it otherwise.

viking777 said:
OK that makes sense now - thank you for the explanation. I will probably give that a try sometime, but not right now as I have a stable working phone for the first time in ages and I don't want to jeopardise that.
Just one question though. When I had twrp installed on 10.0.2.0, it was fine at doing backups, but on the two occasions I tried to restore with them they failed, by which I don't mean that the restore didn't repair the phone, but that it was impossible to even carry out the restore, it started but did not complete - just ended with 'Restore Failed' message.
Have you tried any restores with twrp installed in the manner you suggest and if so did they work? No point in installing it otherwise.
Click to expand...
Click to collapse
There seems to be some bugs restoring system and vendor... Some users talked about... I usually only save and restore the data and boot partition and I never had any problems with that. For all other partitions you can use miflash or fastboot...

Yeah all my twrp full backups don't work after a fresh stock installment either, that's very annoying.
The twrp version for daisy is bugged. Backups are not working, the wifi with GSI Roms on pie stock is not working anymore as soon as twrp is installed as well.
Sent from my Phh-Treble vanilla using Tapatalk

Thanks for the replies above. @voodoojohnny
In my case it was the data partition that caused the restore to fail, vendor and system and boot all seemed to go through normally. @cd492
Based on what you say along with my own experiences and those of voovoojohnny, it looks like twrp is more trouble than it is worth at the moment. I think I will make do without it for now and hope for a better version in the future.

viking777 said:
First, let me say I have been using rooted phones with twrp for several years and never had the slightest problem with them, so I generally know what I am doing, but the Mi A2 Lite is just a disaster area for me, not with Magisk, that works fine, but twrp seems impossible for me to install on 10.0.3.0 without soft bricking ( I had twrp installed on 10.0.2.0 and 10.0.1.0 so I am not unfamiliar with the method, but on 10.0.3.0 - no way). I have done so many factory resets now I have my own parking space at the factory! (That is humour btw).
So I wondered if a different approach to the problem might work. I am not a coder or phone guru, so what I propose might be nonsense, if it is I am sure somebody will tell me.
We are all used to the concept of the 'patched_boot.img' created by Magisk and if you don't want to produce your own version the forum usually has a link to it. Magisk though is not the problem, twrp is, so what I am proposing is that somebody provides a link to a 'double_patched_boot.img' ie a flashable boot image that contains both twrp and magisk and that can directly replace the stock boot via fastboot.
Apparently there are some folks that have managed to install both twrp and magisk on 10.0.3.0, so if one of them could extract the 'double_patched_boot.img' from their phone it might help out a lot. How do you achieve that? Well there is probably more than one way, but the way that I would choose (if I could manage to install them both in the first place) is to boot into twrp, connect to pc, take a miflash backup of the phone and then unzip it with the following command (this is a linux command I am sure someone can provide a windows equivalent):
where ********.tgz is the name of your miflash backup.
Then extract the boot.img from the resulting folder, rename it to something like 'double_patched_boot_10.0.3.0.img' and provide a link to it on the forum. Then some brave soul could try it out (probably not me as I am sick of doing factory resets and don't have any backups because I don't have any recovery to make them from).
OTOH this might just not be practical, I don't know enough to be sure.
Click to expand...
Click to collapse
THIS HAS NOT BEEN TESTED ON GSI'S YET
I'm currently in the process of RR with TWRP but having extreme Encryption errors
Grab these two files (Big Thanks to Zerovoid, Seryioo, and mac12m99)
Fixed SDCard Support TWRP Image File (Put this on your SDCard and Computer)-
https://forum.xda-developers.com/mi...unofficial-twrp-daisy-mount-sd-fixed-t3889390
Fixed SDCard Support TWRP Installer Zip (Put this on your SDCard)-
https://androidfilehost.com/?fid=11410963190603893418
But I got TWRP on 10.0.3.0 with magisk, and Justic Kernel.
THIS WILL WIPE YOUR DEVICE I'M DEFINITELY NOT RESPONSIBLE FOR LOST DATA
Start with the phone being on with USB Debugging enabled correctly
Type adb reboot bootloader
So flash the 10.0.3.0 ROM through MiFlash using the flash_all.bat, this process has to be done so backup your data before erasing.
After it is done flashing it restarts, go ahead and hold power and volume down right back to the Bootloader
Type: fastboot boot twrp-3.2.3-0-daisy_zero.img
It would boot into TWRP, if you see something about decryption hit cancel this may mean you haven't followed directions so far
Tap install and find your SD Card, find the fixed-twrp-installer-daisy.zip where ever you put it on your SD Card and install it, this process takes a few minutes when finished DO NOT HIT REBOOT SYSTEM!
Hit the home button back to TWRP home screen and tap reboot >>> bootloader
Download this to your computer - https://androidfilehost.com/?fid=11410963190603884024
Type: fastboot flash aboot aboot_9.6.4.img
Then type: fastboot reboot
Afterwards your phone shall boot up to Android if it does hold power and volume up and release power and keep hold volume up when the screen turns back on to go-to recovery, if TWRP boots up you have successfully completed the task.
Now flash Magisk zip (optional)
Hopefully this helped kind of my first tutorial, this was my process.

InfinityXDA said:
THIS HAS NOT BEEN TESTED ON GSI'S YET
I'm currently in the process of RR with TWRP but having extreme Encryption errors
Grab these two files (Big Thanks to Zerovoid, Seryioo, and mac12m99)
Fixed SDCard Support TWRP Image File (Put this on your SDCard and Computer)-
https://forum.xda-developers.com/mi...unofficial-twrp-daisy-mount-sd-fixed-t3889390
Fixed SDCard Support TWRP Installer Zip (Put this on your SDCard)-
https://androidfilehost.com/?fid=11410963190603893418
But I got TWRP on 10.0.3.0 with magisk, and Justic Kernel.
THIS WILL WIPE YOUR DEVICE I'M DEFINITELY NOT RESPONSIBLE FOR LOST DATA
Start with the phone being on with USB Debugging enabled correctly
Type adb reboot bootloader
So flash the 10.0.3.0 ROM through MiFlash using the flash_all.bat, this process has to be done so backup your data before erasing.
After it is done flashing it restarts, go ahead and hold power and volume down right back to the Bootloader
Type: fastboot boot twrp-3.2.3-0-daisy_zero.img
It would boot into TWRP, if you see something about decryption hit cancel this may mean you haven't followed directions so far
Tap install and find your SD Card, find the fixed-twrp-installer-daisy.zip where ever you put it on your SD Card and install it, this process takes a few minutes when finished DO NOT HIT REBOOT SYSTEM!
Hit the home button back to TWRP home screen and tap reboot >>> bootloader
Download this to your computer - https://androidfilehost.com/?fid=11410963190603884024
Type: fastboot flash aboot aboot_9.6.4.img
Then type: fastboot reboot
Afterwards your phone shall boot up to Android if it does hold power and volume up and release power and keep hold volume up when the screen turns back on to go-to recovery, if TWRP boots up you have successfully completed the task.
Now flash Magisk zip (optional)
Hopefully this helped kind of my first tutorial, this was my process.
Click to expand...
Click to collapse
Thank you very much for posting this process in such detail, unfortunately I think you must have missed my last post where I said:
it looks like twrp is more trouble than it is worth at the moment. I think I will make do without it for now and hope for a better version in the future.
Click to expand...
Click to collapse
I meant it, at least for now, but maybe your post will help somebody else.

viking777 said:
Thank you very much for posting this process in such detail, unfortunately I think you must have missed my last post where I said:
I meant it, at least for now, but maybe your post will help somebody else.
Click to expand...
Click to collapse
Yes I didn't see that post but understand I didn't give you links to the official TWRP, I gave you the unofficial fixed TWRP which actually features SD Card Support and trust me it works completely fine I haven't had a problem yet. This took me hours upon hours to figure out what I was doing wrong.
The only specific reason you are not successfully getting TWRP is because you didn't flash the aboot.img after installing the zip.
I hope this helps you in the future!

thanks InfinityXDA for the tutorial, you should create a post just for it~

General help with bootloader & flashing (coming from Sony phones)

Any help is greatly appreciated, I have no experience with Google phones, I was years into Sony.
I have just bought a Pixel 2 XL from a local shop in Greece, and of course, I want to root it and be able to install custom roms etc.
I have a few questions that I am searching everywhere recently and I would really appreciate if someone can make it clear to me:
1) I have read that you have to buy your phone from Google so you are able to unlock it? Can someone explain this to me? (My phone is not a specific carrier) How do I know if I am able to unlock my bootloader?
2)I have flashed roms and kernels in the past on my Sony phones, however I haven't really messed with the bootloader other than just unlocking it in the beginning. So now on the Pixel 2 XL I am reading so much about the unlock_critical vs the normal unlock, and I can admit I cannot understand the difference. Why does someone want to flash a bootloader? ( I do not understand what does "flash a bootloader" mean)
What I want to be able to do is flash custom roms, flash factory images to revert back to stock whenever I want, flash custom kernel, flash stock kernel, make a nandroid backup with twrp and restore a nandroid backup with twrp. That is all I want to be able to do without facing any errors with the bootloader,so do I need the unlock_critical ? And why?
3)If I unlock the bootloader with any of the two ways, am I able to re-lock it like nothing has happened? For example if the screen has dead pixels for some reason and I want to send it back for warranty but the bootloader is unlocked, can I lock it without it being logged? Or once unlocked, there is no going back to the warranty by re-locking? On many Sony phones we could do that.
4)If I unlock the bootloader and install TWRP I read that I will not be able to receive official updates from settings any more (OTA):
"NOTE #1: If you have mounted /system as rw at any point (like in TWRP), you must upgrade using the factory image method. OTAs will fail because they cannot verify the integrity of the disk since its verity data has been changed."
My question is, if I flash a stock image, does that get fixed? ( so if I flash 8.1.0 stock manually, will I be able to get an official update e.g. 9.0.0 from settings?)
Or if I just grab the stock boot.img of my current version of android and flash it with fastboot, then will I be able to get official updates from settings normally again?
5)Can I do the following on this order? :
Enable USB Debugging and OEM Unlocking
Unlock the bootloader (either critical or normal, whatever works)
Boot into Fastboot
Boot the twrp image from fastboot to the device
Flash the twrp zip to the phone to install TWRP
Flash the magisk zip so I root the device
Reboot and everything works? (Or do I need a custom kernel for TWRP or Magisk to work?)
Is there any issue you see with the above plan of mine?
6) Before I tweak my device in any way, is it okay if I update the device fully? So can I install any update available (OTA) and then unlock the bootloader and root etc? Or do I have to be on a specific version and not on the latest?
7)I have read something about 2 different slots on some flashing forums here, slot a and slot b, but it is not clear to me what that is. Does anyone know what that is? At which point may I face this?
Thank you very much.

A quick and not complete response to get you going
Plan 5 seems solid, unlock the bootloader to allow custom stuff. At boot you will get a warning screen to let you know.
I forgot if I only unlocked the bootloader or also the critical, try it etc.
Personally I never had to tinker with the A/B slots, within TWRP you can choose which to use.
Before Magisk, I used to flash another recovery like cwm or twrp but it is not required. You must however boot to twrp.img to flash the magisk zip.
As far as I know it is indeed the altering of the /system folder that denies future OTA (when using factory image). A manual flash (of future OTA) is easy but may require altering (removing) a switch command in the install.bat file to remove the -w (wipe).
As to the custom kernels, I never noticed the need and am running the latest v10 image with only Magisk flashed to get root.
My main goal is to get rid of ads. I use AdAway.
To get that to work in v10 you need to enable systemless host module im the Magisk manager app (reboot after).
A final feedback; when you get to sideload and need to get to recovery you may get the screen 'no command' or so; press volume-up and click power or power->click volume.
Let us know if you worked it etc!

arismelachrinos said:
Any help is greatly appreciated, I have no experience with Google phones, I was years into Sony.
I have just bought a Pixel 2 XL from a local shop in Greece, and of course, I want to root it and be able to install custom roms etc.
I have a few questions that I am searching everywhere recently and I would really appreciate if someone can make it clear to me:
1) I have read that you have to buy your phone from Google so you are able to unlock it? Can someone explain this to me? (My phone is not a specific carrier) How do I know if I am able to unlock my bootloader?
2)I have flashed roms and kernels in the past on my Sony phones, however I haven't really messed with the bootloader other than just unlocking it in the beginning. So now on the Pixel 2 XL I am reading so much about the unlock_critical vs the normal unlock, and I can admit I cannot understand the difference. Why does someone want to flash a bootloader? ( I do not understand what does "flash a bootloader" mean)
What I want to be able to do is flash custom roms, flash factory images to revert back to stock whenever I want, flash custom kernel, flash stock kernel, make a nandroid backup with twrp and restore a nandroid backup with twrp. That is all I want to be able to do without facing any errors with the bootloader,so do I need the unlock_critical ? And why?
3)If I unlock the bootloader with any of the two ways, am I able to re-lock it like nothing has happened? For example if the screen has dead pixels for some reason and I want to send it back for warranty but the bootloader is unlocked, can I lock it without it being logged? Or once unlocked, there is no going back to the warranty by re-locking? On many Sony phones we could do that.
4)If I unlock the bootloader and install TWRP I read that I will not be able to receive official updates from settings any more (OTA):
"NOTE #1: If you have mounted /system as rw at any point (like in TWRP), you must upgrade using the factory image method. OTAs will fail because they cannot verify the integrity of the disk since its verity data has been changed."
My question is, if I flash a stock image, does that get fixed? ( so if I flash 8.1.0 stock manually, will I be able to get an official update e.g. 9.0.0 from settings?)
Or if I just grab the stock boot.img of my current version of android and flash it with fastboot, then will I be able to get official updates from settings normally again?
5)Can I do the following on this order? :
Enable USB Debugging and OEM Unlocking
Unlock the bootloader (either critical or normal, whatever works)
Boot into Fastboot
Boot the twrp image from fastboot to the device
Flash the twrp zip to the phone to install TWRP
Flash the magisk zip so I root the device
Reboot and everything works? (Or do I need a custom kernel for TWRP or Magisk to work?)
Is there any issue you see with the above plan of mine?
6) Before I tweak my device in any way, is it okay if I update the device fully? So can I install any update available (OTA) and then unlock the bootloader and root etc? Or do I have to be on a specific version and not on the latest?
7)I have read something about 2 different slots on some flashing forums here, slot a and slot b, but it is not clear to me what that is. Does anyone know what that is? At which point may I face this?
Thank you very much.
Click to expand...
Click to collapse
1) The reason for this is Google had an exclusivity contract to sell through the US cellular company, Verizon; much like the original Apple iPhone did (at first) with AT&T. And, for reasons that are most likely stupid, foolish, and unconvincing in its justifications, Verizon locks their device's bootloaders. So, not that it's "locked" or "unlocked" in terms of carriers, but more-so whether a device is "locked bootloader" or unlockable because it was purchased from Google (or elsewhere, but at least originally Google) and not from Verizon. If you're wondering further, getting it from Verizon would allow Verizon subscribers and customers to be able to "lease" and pay the Pixel off in increments with their usual cell phone bill; but it's not all too exclusive because Google offers to lease if you purchase from them also! The only caveat is you have to pass a credit check when leasing from Google; but, then again, you have to pass a credit check when signing up for a Verizon cell plan as well!
2) So, with my limited understanding between the difference between just a regular "unlock" and an "unlock_critical" is that it might be that a regular unlock allows you to get a R/W access (root access) to the various vital partitions (i.e. system, data [not to be confused with userdata], even boot to a degree) while unlock_critical allows you to straight modify and replace partitions (i.e. what would've been the recovery partition [but now there's no such thing and recovery just resides in the boot partition], the whole system & data partition to have/run custom ROMs, bootloading screen, etc.). But it all is rather convoluted that Google probably agreed and, so you can/should be aware, they updated things within the past few months (I'm guessing June or July) where they rid the need to "unlock_critical" and bootloaders that are newer than a certain point/month no longer needs that fastboot command to unlock the bootloader and everything else in order to flash custom anythings...
3) Okay, so here's a very tricky thing to this.... Technically, yes you can relock the bootloader as well as there have been many who have successfully done so; BUT there are so many more that have COMPLETELY and permanently bricked their device attempting to do so and most (if not all) the experts here would advise anyone to just leave well enough alone. But, if it is insisted and must be, the way to do it is to remove all Magisk modules (because, for whatever reason, these modules can survive a complete flashing of a Full Factory stock image), run a Full Factory image where the flash-all command is left intact (meaning “-w” is unedited; I’ll go more into this later), running it through the initial set up process, then (for good measure, this step might not be at all absolutely necessary) switch slots and run the flash-all command on the other slot, running the initial set up process again, then rebooting to Bootloader Mode and running the fastboot locking command, then unticking (if wished and insisted) unticking the OEM unlocking. Again, a word of warning, that so many have relocked the bootloader and unticked the OEM unlocking which allows the unlocking of the bootloader, then find that their device goes into a bootloop; and since they had just locked the bootloader in 2/all different ways, it leaves rescuing the device with all but the fewest options – usually because it’s forgotten in one way or another returning all of the device back to stock.
If anything, what has been said around these forums is that, if returning to Google, there hasn’t been an (proven) instance that Google refused to repair/replace it because it had its bootloader unlocked. But it’s usually for that fear or re-selling the device in which this is usually sought; but in most (if not all) cases (the experts here figure), having the bootloader unlocked would be refused or looked down upon.
4) So, most of what you assumed here is correct; but may be a bit misguided due to not knowing some things – which, of course, can be expected since you had just said you just moved to this device from a totally different manufacturer (Sony). If you are rooted (Magisk), there is absolutely no way you can update via the regular System Update from an OTA from within the Settings in the OS. And even having just an unlocked bootloader will cause OTAs to not work -- but there are conflicting reports stating differently, but I, personally, am under the understanding that even at that point you cannot.
But here’s the key thing; there really isn’t any reason to install updates by download and using OTAs anyways. Most (if not all) the experts here actually forego the OTAs and merely download the Full Factory stock images from Google’s Developers website and flash those. Here’s the reason; in the “olden days”, flashing a stock Full Factory image would erase absolutely everything and return the device to a complete factory state. But Google, in their “infinite wisdom”, allowed it to be possible to flash this but still withhold and save/keep all of one’s apps, settings, and data – essentially leaving both device data and userdata untouched! This is achieved by simply editing a batch file called “flash-all.bat” (or “flash-all.sh” for Linux and MacOS) and removing the 3 characters “-w” (3rd character would be a space “character”) from within its code. In this manner, OTAs can be considered a “dirty flash” because, while a Full Factory will completely overwrite (I could be wrong, but I believe it erases and formats it) the system, radio, bootloader, boot, etc., which would/should take care of any erroneous bugs or glitches, while OTA’s do not necessarily do this and just “modifies” the existing data; and therefore bugs and glitches may still remain being more on the root of things and/or OTAs would just modify “on top” or elsewhere where those glitches may reside.
And in either/both cases, one would still be required to reflash/reinstall everything root.
But, if insisted, there are multiple methods to achieve a state where you can run an OTA; either downloading an OTA image from Google and manually flashing it (“sideloading”), or unrooting temporarily to be able to use & download the regular System Updater (can be found HERE : https://github.com/topjohnwu/Magisk/blob/master/docs/tutorials.md#ota-installation under the “Devices with A/B Partitions” which is my preferred method if I was to do this sort of thing, but I have never done this so I’m unsure if it even is successful in our device). I even wrote out an in-depth and step-by-step guide, but it is rather convoluted and was written in the beginnings of our taimen and there are most likely more updated methods now; but if you want to check it out, you can HERE.
But, to answer your questions directly; No, flashing the stock image will not allow you to user the stock System Updater; although there are conflicting reports, I am under the impression that anything other than a locked bootloader will allow the stock System Updater to work.
5)More correctly, you boot into “Bootloader Mode” to be able to use the “fastboot” commands. And no, you do not need to permanently flash a custom recovery (TWRP), a custom kernel, or anything else to achieve root – although I do highly recommend it – as you can temporarily boot into TWRP (by downloading the TWRP image file (*.img) and install Magisk in that manner – I do not suggest you root/install Magisk using the app. Other people have had success, but many (most?) have issues that you wouldn’t run into if you installed it via TWRP – but here’s a key thing; no matter what you intend to flash and install, unless you need to have root for it to already be installed, you should always flash Magisk last. Moreso, as the great Az Biker of ‘round thes’ parts greatly suggests, you should even reboot to bootloader after each and every flash separately. Explanation is, for whatever reason and even though many claim to be able to “detect” and modify their flash for an already modified boot and dtbo (where modifications must happen for root access), most don’t play well with Magisk and Magisk must modify the boot and dtbo after all other modifications or else problems can arise (or at least it has for me).
Just keep these things in mind, but, for the most part, your “order” of things will do well enough. Again, just keep in mind that if you are going to install a custom recovery or kernel, try to do that before Magisk as well as if you can avoid it, don’t use the Magisk app to install or manually flash any boot.img if you can help it.
6)No, you don’t have to stick to a specific version; it might even be suggested to update it stock before doing anything. BUT (of course there is a caveat), consider this; many things (especially anything root and specifically TWRP) aren’t really “playing nice” with Android Q/10; so, if you update and go to the most up to date, but don’t wish to run into those glitches/bugs and wish to “hold off” (like I am, actually and for the same reasoning), then of course you should only go up to August (I believe that was the last before the upgrade to Q/10) Full Factory.
7) There are many great resources on the information on having the 2 different slots; I apologize if I can’t recall where I even saw them – other members (maybe an RC or Mod even) input a URL to read and I can’t for the life of me recall where it possibly could be. But, for the most part, you would really only run into identifying and manually changing to a specific one if you were attempting to rescue or deeply modify your device; I can say that me and the great @Az Biker have never felt the necessity to manually change or choose a certain, specific slot. And, my guess, is that, because the coding and flashing output when running the Full Factory states something about “system_other” or a “system_b”, but while the main system can be close to 3GB, the system_other is closer to 300MB, and that boot, dtbo, vendor, and something called lafb has a “_b” partition, I’m thinking it’s something as a safety or backup, maybe something like what used to be in old laptops a sort of RAM to help load things up faster. In any case, it seems that going from one to the other, a to b or vice-versa, doesn’t seem to be too key or much of a hassle, so….take that for what you will.
Alright…hopefully I was able to answer all your inquiries. And, if you have any more, please feel free to ask them…that’s what we’re all about here. And I know I can run on and get wordy, so thank you for bearing with me with all of this.
I mean, it’s really good to have a user/member who really does their research, reading, and due diligence before getting into their new device; there are so many instances here and in my own experience where the “…if I only knew that beforehand…” would be supremely helpful, and supremely easier on everyone else! So that’s to be commended and reinforced…!
Hope this helps and welcome to your Pixel and this taimen forum!

I really cannot thank you enough for your time. I truly appreciate it very much.
1) Very clear.
2) Do you happen to have a link or do you know how to check if my phone supports unlock_critical? How can I check if I have that newer bootloader? Or do you remember where did you learn this?
3) Thank you so much about that. Very clear aand you just saved my phone
4) Very clear.
5) Thank you for the info! Interesting, I was searching on how to root the device running Android 10 (I have fully updated and I really am not going back to Android 9 ), and I saw that you have to patch your boot.img with the Magisk app, and then flash it with fastboot. So first you get the factory image from google and you extract the boot.img and insert it to the phone. Then you load it into Magisk app and patch it. Then moving the patched to the PC, booting to bootloader and flash it on boot partition. This is the way I saw on how to get root working fine with Android 10, not sure if it is the best method or the worst.
6) What do you mean with "go up to August"? Do you mean that the "oldest" image I can flash is "9.0.0 (PQ3A.190801.002, Aug 2019)"? So one cannot go back to 8.0.0 and Google has done something to prevent us from doing that? Also, if I wanted to go back to that August image or any "compatible", the procedure is just to run the flash-all.bat file of that image?
I used to experement a lot with custom roms, custom kernels and mods with my Sony devices, but that was mainly because I wanted stock android and some more features. The thing is that I have almost anything I need with this device, with some minor wishes. So I can leave without flashing custom roms and kernels, but I wanted to just root and at least install Adaway(!!!!!! I cannot leave with those ads!!!!!!), Titanium Backup and some other similar root apps that don't really do any harm. Have you tried rooting Android 10 and it was unusable? Do you suggest that it is not really worth it? The thing is that I love Android 10, the gestures and all the features, and I could not go back to Android 9, even though I only used the phone for a week, I am used to it and really like the way it currently is.
7)Hmm okay so I should not really mess with that. Maybe as I saw online, when flashing stock or unrooting, it is best to flash the same thing to both a and b slots, seems a bit complicated but whatever
Thank you for being so helpful!!

arismelachrinos said:
I really cannot thank you enough for your time. I truly appreciate it very much.
1) Very clear.
2) Do you happen to have a link or do you know how to check if my phone supports unlock_critical? How can I check if I have that newer bootloader? Or do you remember where did you learn this?
3) Thank you so much about that. Very clear aand you just saved my phone
4) Very clear.
5) Thank you for the info! Interesting, I was searching on how to root the device running Android 10 (I have fully updated and I really am not going back to Android 9 ), and I saw that you have to patch your boot.img with the Magisk app, and then flash it with fastboot. So first you get the factory image from google and you extract the boot.img and insert it to the phone. Then you load it into Magisk app and patch it. Then moving the patched to the PC, booting to bootloader and flash it on boot partition. This is the way I saw on how to get root working fine with Android 10, not sure if it is the best method or the worst.
6) What do you mean with "go up to August"? Do you mean that the "oldest" image I can flash is "9.0.0 (PQ3A.190801.002, Aug 2019)"? So one cannot go back to 8.0.0 and Google has done something to prevent us from doing that? Also, if I wanted to go back to that August image or any "compatible", the procedure is just to run the flash-all.bat file of that image?
I used to experement a lot with custom roms, custom kernels and mods with my Sony devices, but that was mainly because I wanted stock android and some more features. The thing is that I have almost anything I need with this device, with some minor wishes. So I can leave without flashing custom roms and kernels, but I wanted to just root and at least install Adaway(!!!!!! I cannot leave with those ads!!!!!!), Titanium Backup and some other similar root apps that don't really do any harm. Have you tried rooting Android 10 and it was unusable? Do you suggest that it is not really worth it? The thing is that I love Android 10, the gestures and all the features, and I could not go back to Android 9, even though I only used the phone for a week, I am used to it and really like the way it currently is.
7)Hmm okay so I should not really mess with that. Maybe as I saw online, when flashing stock or unrooting, it is best to flash the same thing to both a and b slots, seems a bit complicated but whatever
Thank you for being so helpful!!
Click to expand...
Click to collapse
It’s really my pleasure! And I’m just as thankful that you/anyone would even go through the trouble of reading all of that…!
1) Thank you for the compliment
2)Usually, if your bootloader version is within a certain version – which you can find when in bootloader mode – then you either do or do not need unlock_critical. I can’t remember how many months prior to Android 10/Q, it was within 6 I believe, so any bootloader version from 5 or 6 months ago to now, and obviously if you’re on 10/Q, you would not need to run the command unlock_critical. But, if anything, you don’t have to have any fear of it, whether you need to or not, or don’t know your bootloader version, running the “fastboot flashing unlock_critical” when you don’t need to will just amount to a simple error and nothing bad will happen. And if it does end up doing something, well, then that’s a good thing. It almost amounts to unlock_critical-ing twice, the second on will just state that it’s already unlocked and that’s it.
If anything, I believe I found the resource here from the great Az Biker: https://forum.xda-developers.com/showpost.php?p=78908055&postcount=2843
If you are very curious, it should address much of what you’re seeking and/or at least point you to where you might find that information.
3) You’re very welcome. It really is a good thing that saves you in the future, and saves those who try to help some grief as well.
4) Thank you for the compliment.
5) I would say that the process you described is certainly doable, but is far from the best/easiest. From my experience helping many here on this forum, many bugs or things go wrong when loading the stock boot.img to the phone, having Magisk modify it, then getting the modified boot.img and successfully flashing it. More often than not, one ends up having a device turn into a boot loop and are usually forced to flash the stock boot.img and have to give it a number of tries.
The best way (subjectively) is to download the Magisk installation .zip. Then boot into TWRP (which doesn’t mean you have to replace the stock recovery since you can temporarily boot into it), and “Install” it using the .zip. Then everything is automated and done for you, if anything goes wrong you have an output log you can use to troubleshoot, but it seems best to leave it to the experts who created all this than us manually attempting to ourselves.
Oh and AFAIK this method still works on Android 10/Q as it has for Pie and Oreo.
6) I meant that, if you did not wish to update to 10/Q, then you shouldn’t do anything newer than from August’s security update/patch, since all the Full Factory images and updates are of 10/Q. But, if you go to Google’s Developers site, you’ll see that they pretty much list and make available all the Full Factory images ever published; to the point that there are some that go back to Oreo!
And everything you’ve said is understandable. And I kinda feel the same way. For me, in my humble opinion, it is supremely good idea to root and for whatever issues you get doing that, the returns are incalculable. It is most definitely worth it/rooting! The extra options and customizations and modifications all make it worth while and more! And, even if rooting gives the capability of rendering the device rather unusable, take confidence in that Google, in all their “infinite wisdom”, gave us “Bootloader Mode”…and pretty much, as long as you can get into Bootloader Mode and successfully connect to a computer, your phone would never be considered too far lost/gone. I’ve only witnessed that be opposite on less than a handful of cases.
But, most importantly, and if you have been in the rooting and ROMing game, you should well know this, but the most vital part of having root access is the ability to make the best backups! So, as long as you make sure to backup (Nandroid is best) and key times, running into some pitfalls here and there shouldn’t take you all the way out of the game….
7) Yeah…I mean, it is rather fascinating, and when up against an issue and you have an idea that deals with it, that’s when you can read up and learn about it and experiment I imagine. But for me and one of the great ones here in all of XDA, we’ve done all the custom ROM, custom recovery, custom kernel, Full Factory recover, root, Magisk modules, theming, Xposed, and countless other things, and all without the need to ever mess with manually or forcing an assignment between the two.
Again, it’s my pleasure. And if you any further questions or thoughts, bring them on! I’d be happy to address them…
Hope these are helpful….

arismelachrinos said:
I really cannot thank you enough for your time. I truly appreciate it very much.
1) Very clear.
2) Do you happen to have a link or do you know how to check if my phone supports unlock_critical? How can I check if I have that newer bootloader? Or do you remember where did you learn this?
3) Thank you so much about that. Very clear aand you just saved my phone
4) Very clear.
5) Thank you for the info! Interesting, I was searching on how to root the device running Android 10 (I have fully updated and I really am not going back to Android 9 ), and I saw that you have to patch your boot.img with the Magisk app, and then flash it with fastboot. So first you get the factory image from google and you extract the boot.img and insert it to the phone. Then you load it into Magisk app and patch it. Then moving the patched to the PC, booting to bootloader and flash it on boot partition. This is the way I saw on how to get root working fine with Android 10, not sure if it is the best method or the worst.
6) What do you mean with "go up to August"? Do you mean that the "oldest" image I can flash is "9.0.0 (PQ3A.190801.002, Aug 2019)"? So one cannot go back to 8.0.0 and Google has done something to prevent us from doing that? Also, if I wanted to go back to that August image or any "compatible", the procedure is just to run the flash-all.bat file of that image?
I used to experement a lot with custom roms, custom kernels and mods with my Sony devices, but that was mainly because I wanted stock android and some more features. The thing is that I have almost anything I need with this device, with some minor wishes. So I can leave without flashing custom roms and kernels, but I wanted to just root and at least install Adaway(!!!!!! I cannot leave with those ads!!!!!!), Titanium Backup and some other similar root apps that don't really do any harm. Have you tried rooting Android 10 and it was unusable? Do you suggest that it is not really worth it? The thing is that I love Android 10, the gestures and all the features, and I could not go back to Android 9, even though I only used the phone for a week, I am used to it and really like the way it currently is.
7)Hmm okay so I should not really mess with that. Maybe as I saw online, when flashing stock or unrooting, it is best to flash the same thing to both a and b slots, seems a bit complicated but whatever
Thank you for being so helpful!!
Click to expand...
Click to collapse
As @simplepinoi177 said, I'm part of the community that just let's the factory image flash the slot it needs/wants to, and it's never once been an issue.
Look at it like this; some people prefer to simply copy/paste a link or block of text in the PC, some people prefer to CTRL + C then CTRL + V.... BOTH take you to the same end.
Plus, knowing me, the more I manually mess with Slot A vs Slot B, the more chance there is for me to screw something up
Best of luck with your 2 XL, it's a FICKLE device, but it's a really, really great device once you get it as you want it.

Thank you all very much! I am pretty busy these days so once I find some time I will do more research and root it.
@simplepinoi177
I am not sure if your paypal address works, I felt like buying you a coffee earlier, the least I could do with all the time you spent explaining

Oh forgot to ask some minor things,
to make a nandroid backup, I just send twrp.img via fastboot to the phone and boot into it and make it? And if I want to revert back I do the same and restore it?
Also if TWRP asks me the question about if I want to enable modification to the system, what do I answer? Either for the nandroid backup, the restore or for flashing magisk.zip? Do any of those require that enabled?
Lastly, I understood that just unlocking the bootloader alone can result in no OTAs. But, will I keep getting the security updates? I heared something about security updates that are frequently available from the playstore or something like that but I have the phone for less than a week and haven't gotten anything. No OTAs mean no security updates as well? Or they are irrelevant and I will keep getting those security updates once rooted?

arismelachrinos said:
Oh forgot to ask some minor things,
to make a nandroid backup, I just send twrp.img via fastboot to the phone and boot into it and make it? And if I want to revert back I do the same and restore it?
Also if TWRP asks me the question about if I want to enable modification to the system, what do I answer? Either for the nandroid backup, the restore or for flashing magisk.zip? Do any of those require that enabled?
Lastly, I understood that just unlocking the bootloader alone can result in no OTAs. But, will I keep getting the security updates? I heared something about security updates that are frequently available from the playstore or something like that but I have the phone for less than a week and haven't gotten anything. No OTAs mean no security updates as well? Or they are irrelevant and I will keep getting those security updates once rooted?
Click to expand...
Click to collapse
So, about booting TWRP...
You can temporarily boot into TWRP just the one time if you wish. If you are using the newest version of TWRP (for the Pixel 2), they actually give an option to flash and replace the recovery with TWRP from within their recovery environment; I'm guessing they use the temporarily booted twrp.img to install. In any case, you can find the option in the Install section. In any case, it's up to you whether you install it as your custom recovery, but it's easy enough to restore it back to stock recovery either by manually flashing the stock boot.img (and maybe dtbo.img for good measure, as I'm unsure...) and/or if you update your device via a Full Factory (or even a downloaded OTA) image, as that will update and replace the boot partition regardless...
So, about the alert for enabling modification to the system; In the past, I had always enabled it. Of course you would want to have r/w and mounting capabilities towards the device's system and data partitions. But keep this in mind...until the TWRP team updates the latest version, there is no write capabilities/permissions. It will pull up an error that it either can't mount or doesn't write -- For this reason, I'm holding off so I don't have firsthand experience... -- but installing and flashing and backing up from within TWRP does work even if it spits up some errors. What you should be careful about is if/when it asks to install it as a "system service" or something, as general consensus says at no circumstance should you do this as it "forks" up many other things while at it.
But, to answer your question directly, I'm unsure whether you can or cannot install Magisk root or restoring without enabling this "modification" capability, but I say it can't hurt.....
As for your inquiries on OTAs, as I understand it (so anyone please correct me if I'm wrong), but the monthly security updates come with the OTAs (also monthly, so I believe they may be one in the same). I'm unsure about the whole seeing the security updates on the Play Store or something like that, but I highly doubt that is the case. Conventional knowledge says that you can only get these either from the stock System Updater or if you download them yourself and either sideload or "flash-all" it. That's why many (most) experts will download the Full Factory image every month (usually first Monday of the month) and we have this whole step-by-step process in updating platform-tools, unregistering Magisk modules and screenlocks/fingerprints, running the flash-all, temporarily booting TWRP, installing all custom modifications (Magisk last), rebooting after each and every flash/install, then going back into the OS and resetting up the screenlock/fingerprints and Magisk modules. As it would be nice if we could simply and always use the stock System Updater, but in any case, one would need to re-install all the custom modifications anyways. So, it is one of the sacrifices/compromises having a rooted Pixel 2….
But it is peculiar that you haven’t gotten any alert (unless you inadvertently updated to the latest already), for it still should alert you that there is an update available, and usually, if you have unlocked your bootloader, while it’s downloading and attempting to install, it will throw up an error; but everything would look like normal up to that point. But, then again, Google notifying updates on their various devices are intermittent at best. It would be simpler and best if you just keep it in mind that there’s usually the monthly update on/after the first Monday of the month and do what we all do and have to manually install the updates to keep most up to date.
If there’s anything else, you know you can ask…
Good luck and hope this helps…!

I'm on 10 with an unlocked bootloader, 1st gen Pixel. I still get security updates. Twrp doesn't mount /system or /vendor, so I take system/vendor IMAGE backups with no issue. Not sure if I'll get updates still after unrooting. I've always flashed factory after rooting. Theoretically it should return to stock if you flash the Magisk uninstaller. The boot image (boot + recovery + base system) will be restored. You should then be able to get OTA updates. They will be installed to the OTHER slot, so if the phone fails to boot (3 times?) it will switch back to the first slot. If you have issues and want to go back, you can manually switch slots in fastboot or go into twrp, tap reboot, tap the other slot, then reboot system. It will show a message that the slot has changed. You can of course always check the active slot in fastboot to make sure. If you want to roll back an OTA update, reboot to twrp, change the active slot, then reboot system, and it should boot to the older version. Make sure to turn off automatic updates or else it will redownload the same update again. I believe I've lost twrp by installing an OTA update, which installs to the inactive slot, which overwrites recovery, and then boots to that slot. Meaning if you don't have a pc to switch slots in fastboot, you can't go back to the first slot which still has twrp. The command is fastboot set_active, something like that. Quick google search.. No pc means no restore if something goes wrong while you're away from a computer. The only way I know of to change slots at that point is to hard reset 3 times, which will trigger the phone to switch slots. ALWAYS reboot after flashing bootloader/radio. I'm decently sure that the bootloader has to match the system, so if you install lineage Pie, you need to flash the bootloader/radio from Pie or the phone won't boot. Flash bootloader, reboot, flash radio, reboot, flash matching rom. It is technically possible to have dual boot, where one slot is lineage and the other is stock, as long as they're the same Android versions. Lineage Pie/stock Pie for example, because the bootloader won't match if you flash Lineage Oreo/stock Pie. Keep in mind OTAs will overwrite twrp with stock recovery, so if you reboot, you might lose access to twrp, and I don't know of a way to OTA and reboot on the same slot. I don't know if there is an app or command for this, WHICH WOULD BE REALLY FREAKING NICE. Also, when restoring boot from twrp, I always reflash twrp to make sure. It will install to both slots. You can keep a copy of twrp on your data partition. To reflash twrp from within twrp, Install > Select Image > find twrp.img > flash to RAMDISK. If you flash to boot, it will overwrite system, and leave you with only twrp. When installing in older twrp's, I believe it will install to the same slot. With newer twrp's that specifically support Treble, it will flash to the other slot. Don't quote me on that. Due to the single data partition, there's a chance Lineage will have issues with stock data. I've never seen it though. I've dirty flashed a couple times with few issues. I think I've even dirty flashed different OS versions. If you get app crashes, open that app's info, delete its storage/cache, and reopen the app. Most of the app data is the same across versions anyway. The Pixel is a complete pain in the ass when coming from non Treble phones. Sorry if this is repeated info, the posts above are LONG lol. Hope this helps.
Edit- not sure if relevant to you, but I get bootloops when flashing twrp to the ramdisk. There should be an option in twrp to fix it. I always do this after flashing twrp this way.

Help! Modifications to system partition in TWRP dont show up when booted into Android

Will someone please help me before i go crazy. I done rooted several phones but i ran into this problem with the G7play. The bootloader is unlocked but Magisk wont install an everytime I modify the system partition (A or B) in TWRP recovery but I boot into Android and nothing changed… I go back to TW RP and it's still showing the files I put are all there but then when I boot back into Android nothing I do affects the actual system partition… why the hell can i modify it in TWRP an it has no effect when booted? is there a 3rd system partition or something's i don't know about??? where is it storing this original copy? someone please help me its drivin me crazy.

I'm having the same problem. I just created a new thread myself on this very issue. It seems some security has been implemented with the most recent stock OTA updates cause on older versions of the stock room, Magisk would flash fine and remain there once the phone started again.

DenhamsOwnSmoky said:
Will someone please help me before i go crazy. I done rooted several phones but i ran into this problem with the G7play. The bootloader is unlocked but Magisk wont install an everytime I modify the system partition (A or B) in TWRP recovery but I boot into Android and nothing changed… I go back to TW RP and it's still showing the files I put are all there but then when I boot back into Android nothing I do affects the actual system partition… why the hell can i modify it in TWRP an it has no effect when booted? is there a 3rd system partition or something's i don't know about??? where is it storing this original copy? someone please help me its drivin me crazy.
Click to expand...
Click to collapse
theburrus1 said:
I'm having the same problem. I just created a new thread myself on this very issue. It seems some security has been implemented with the most recent stock OTA updates cause on older versions of the stock room, Magisk would flash fine and remain there once the phone started again.
Click to expand...
Click to collapse
That is a pain the ass known as FEC hard at work. The only way around it is system root (which magisk doesn't use) or a custom kernel. Twrp is actually using a magisk binary to do root work. Magisk uses mirrors which don't actually change any files. They only simulate changes. So everything you do in twrp will never actually change anything until you root with magisk. If you make changes then root later, they'll show up when you boot the system.
I investigated it a couple months ago. If you want to see the technical side of it, read my posts that start on this page.
https://forum.xda-developers.com/android/software/universal-dm-verity-forceencrypt-t3817389/page90
FEC is like ECC RAM, but for system files instead.

Spaceminer said:
That is a pain the ass known as FEC hard at work. The only way around it is system root (which magisk doesn't use) or a custom kernel. Twrp is actually using a magisk binary to do root work. Magisk uses mirrors which don't actually change any files. They only simulate changes. So everything you do in twrp will never actually change anything until you root with magisk. If you make changes then root later, they'll show up when you boot the system.
I investigated it a couple months ago. If you want to see the technical side of it, read my posts that start on this page.
https://forum.xda-developers.com/android/software/universal-dm-verity-forceencrypt-t3817389/page90
FEC is like ECC RAM, but for system files instead.
Click to expand...
Click to collapse
Thanks that makes sense now...I managed to get it where I could modify it by installing AOSP. That's why I don't like Magisk confuses the hell outta me. Only reason I was installing it is cuz SuperSU dont usually work on newer systems no more but I have a trick with Magisk I did on my G6...This might be helpful to anyone who wants a system root with Magisk. Backup your boot an dtbo an system partition. Then install magisk. Then you go in an find all the lil files that magisk added that aren't really there (system-less) an create tarfiles of them. /sbin /data/adb /init /init.rc an there mite be more I don't remember fer sure. After you make the tarfiles you reflash the original magisk-free images you backed up earlier an go into TWRP (assuming youre usin the TWRP version that lets you make permanent changes to the system partition) an extract all the tarfiles into the same locations an then you install the magisk apk an if you did it right it'll act like magisk is installed an it manages root fer you an everything but it dont have all that system-less problems you get with regular magisk.

[GUIDE][A10/A11] Flashing and booting GSI on Galaxy Tab S7+

Code:
/*
* Your warranty is now void.
*
* I am not responsible for bricked devices, dead SD cards,
* thermonuclear war, or you getting fired because the alarm app failed. Please
* do some research if you have any concerns about features included in this ROM
* before flashing it! YOU are choosing to make these modifications, and if
* you point the finger at me for messing up your device, I will laugh at you.
*/
This is tested on my SM-T976B, but I think the same should work on other models as well.
1. WARNING AND DISCLAIMER
Just unlocking the bootloader will not trip the warranty bit yet, so you can still go back at this point.
The warranty bit will be tripped (0x1) as soon as you actually try flashing something unofficial via Odin. YOU HAVE BEEN WARNED.
Make sure you back up all the important files in your internal storage, as you need to disable encryption with Multi-Disabler in order to let TWRP access the data partition, which would require you to format the data partition (wiping everything in the process). Additionally, keep a few nandroid backups with you so you can recover yourself in case something goes wrong.
2. Requirements
- Bootloader unlocked
- ianmacd's TWRP
- Neutralized vbmeta*
- (Optional**) vendor.img from Android 10 stock FW (I used ATK3, but any A10 vendor should do)
- Multi-Disabler
* An empty vbmeta is not recommended. You need to patch the vbmeta of the stock FW you're currently on.
** UPDATE (2022-08-29): It seems Magisk now works with recent A11 GSIs using A11 vendor, so there's no explicit need to flash A10 vendor in the following tutorial steps, unless you run into issues. Thanks to @AnonVendetta for testing and confirming. Using a more recent version of Magisk is recommended.
3. Flashing
Since this device uses dynamic partitions. Flashing system images is not as straightforward as before but not impossible.
azteria2000's GSI Flasher provided a good example on how to use dd/simg2img to flash dynamic partitions using just recovery. This is extremely helpful, as TWRP currently doesn't support fastbootd, which would make flashing even easier.
(1). Extracting Android 10 vendor.img (Optional, unless you have issues with your current vendor)
While you can boot recent GSIs with Android 11 vendor, Magisk currently doesn't work with it. Android 10 vendor is required for Magisk to work properly.
The Android 10 vendor can be extracted from the factory image's super.img. You need to unsparse the image using simg2img then use lpunpack to extract it, and you'll obtain the vendor.img.
(2). Flashing GSI and (Optional) Android 10 vendor.img
The entire flashing process can be done from TWRP.
NOTE 1 (UPDATE 2022-08-29): Flashing A10 vendor is no longer necessary now, unless you have issues.
NOTE 2: At present, Multi-Disabler expects /system_root to be mountable r/w, which cannot be done with a non-vndklite GSI. As such, if you're about to flash /vendor at this step, use a vndklite GSI, or if you're coming from stock, flash Multi-Disabler before actually flashing GSI (a reboot is needed after flashing /vendor to make it accessible).
The corresponding block devices for system and vendor are as follows:
Code:
/dev/block/dm-0 - system
/dev/block/dm-1 - vendor
First set the block devices to r/w so you can flash images.
Code:
# blockdev --setrw /dev/block/dm-0
# blockdev --setrw /dev/block/dm-1
Now actually flash the images with dd. Change the "if" parts to point to where the GSI system image and Android 10 vendor image are.
Code:
# dd if=<GSI image here> of=/dev/block/dm-0 bs=1m
# dd if=<vendor image here> of=/dev/block/dm-1 bs=1m
In rare cases that the GSI image you're about to flash is sparsed, run the following command instead of dd. You need to point to your sparsed GSI image here.
The vendor.img you obtain from super.img is not sparsed and can be flashed directly using the dd command above.
Code:
# simg2img <sparsed GSI image here> /dev/block/dm-0
If nothing goes wrong, you've flashed the GSI as well as Android 10 vendor.
Android 10 vendor flashed this way will work even if you have upgraded past BUC1 (which blocked the downgrade to Android 10).
It's advised to reboot recovery before trying to access system and vendor, to avoid potential issues.
NOTE: If you flashed vendor in this step, DO NOT REBOOT TO SYSTEM JUST YET.
(3). Flashing Multi-Disabler
You need to flash Multi-Disabler to disable encryption of internal storage so TWRP could access it.
If you flashed the vendor.img when flashing GSI, you MUST flash Multi-Disabler again if you have already disabled encryption with it before.
After flashing Multi-Disabler, you can now try booting to see if the GSI of your choice works.
4. Important Notes
(1). Neutralizing Software (Platform) Watchdog
There's a software (platform) watchdog that by default doesn't get fed while running GSI, causing system to reboot about 100 seconds after boot due to "platform watchdog bite". See this issue and this issue for details.
It's possible to disable this watchdog after boot, by executing the following command using a root shell.
Code:
# echo 'V' > /dev/watchdog
You need to look for a way to execute the command above at boot to automatically disable the problematic watchdog so the GSI can function normally. There are several ways to do this, like putting the command into a Magisk module's service.sh so it gets executed when the Magisk module loads.
EDIT: I've filed an issue regarding the matter here. After some testing, it seems /dev/watchdog0 is the real culprit for our device. Disabling either /dev/watchdog or /dev/watchdog0 will work this around.
UPDATE (2021-09-11): I can confirm that DragKernel is not affected by this issue. The offending watchdog is not present and the system won't reboot after 100 seconds.
UPDATE (2022-08-29): The watchdog is mainly an issue if you use A10 vendor. You may not have issues with that watchdog if using A11 vendor but it's still recommended to get it disabled.
(2). Uncertified Device
Since phh-AOSP v303 and onwards, the device is considered uncertified which will prevent you from logging in to your Google account.
Manually registering the device is required for using Google Play Services, but for some reasons that didn't work for me, so I recommend using NanoDroid with microG if applicable (requires Magisk).
(3). Offline Charging Icon
With some GSIs, when powered off, plugging in the charger would make the tablet enter a screen with a white charging battery icon in the middle, that I couldn't easily get out of by pressing POWER button alone. Although I did manage to get out of that screen and boot to the system, I don't really know which button combination is required, and how long I should be holding them. So for now, charging while powered off is not advised...
(4). Potential soft bricks with Securize
UPDATE (2022-08-29): Should have pointed this out earlier that if you attempt to Securize on official phh-AOSP, the device will softbrick. Additionally, merely removing phh-SU is enough to cause the softbrick (thanks to AnonVendetta again for confirming).
While the cause is uncertain, it's quite likely that the tablet cannot work if not using any form of root (be it phh-SU or Magisk) due to Samsung's security mechanisms getting in the way.
5. Working Stuffs
- 120 fps working (by forcing FPS using Phh-Treble Settings).
- Wi-Fi and Bluetooth work fine.
- S-Pen works as a pointer device.
- Alternate Audio Policies (from Phh-Treble Settings) is needed to get audio out through USB Type-C.
- Front and rear camera appears working.
6. Not Working Stuffs
- MTP does not appear to work properly for some reasons. You'll need ADB for transferring files.
- USB Type-C audio adapters may or may not work depending on GSI, Kernel or maybe other aspects.
- Bluetooth audio currently has issues that cause the system to freeze.
7. Untested Stuffs
- Haven't tested telephony-related stuffs as I'm not using a SIM card on the tablet yet.
- Haven't tested fingerprint sensors as I'm not using it.
There are still some functionalities I haven't tested yet, but anyone is free to test if you want to use a GSI.
Special thanks to: ianmacd, phhusson, Bushcat, Vntnox, azteria2000, dron39 and many more...
Original GSI progress issue: here

I finally got this working on my SM-T970. Though I had some troubles getting it working by following your instructions exactly, it would still boot loop even after neutralizing vbmeta.img (perhaps I changed the wrong offset?). Though for some reason flashing magisk made it boot perfectly? I assume Magisk disables AVB entirely or something. Thank you for this guide, may this tablet live a long life thanks to treble!

sambow23 said:
I finally got this working on my SM-T970. Though I had some troubles getting it working by following your instructions exactly, it would still boot loop even after neutralizing vbmeta.img (perhaps I changed the wrong offset?). Though for some reason flashing magisk made it boot perfectly? I assume Magisk disables AVB entirely or something. Thank you for this guide, may this tablet live a long life thanks to treble!
Click to expand...
Click to collapse
i also got SM-T970 please help me to get back to android 10... Most of the game which play crashes in the middle for android 11 ... Can you please help me to do what you did ... i am new to this custom ROMs and flashing so help me..

As I know, you can't. All android 10 bootloaders are XXU1 - if you upgraded to XXU2 then nothing can be done.

ivanox1972 said:
As I know, you can't. All android 10 bootloaders are XXU1 - if you upgraded to XXU2 then nothing can be done.
Click to expand...
Click to collapse
Sorry, didn't notice there were new posts in my actual thread...
While you certainly can't flash XXU1 firmware via Odin once you upgraded to XXU2, you can follow the instructions to use dd in TWRP to flash the logical partitions. This is how I used to flash vendor image extracted from Android 10 FW, as due to SELinux policy issues, Android 11 vendor does not work well with GSIs on Samsung Qualcomm devices in general. Magisk won't work, and the tablet would semi-brick if you attempt to use Securize from Phh-Treble settings.
While I mostly use Android 11 GSIs, the same should work with Android 10 GSIs of your choice, but I haven't tested, as most A10 GSIs are no longer maintained. GSI image of your choice (/system) and A10 vendor (/vendor) are all you need, as GSIs do not care about /odm and /product so it's safe to leave them as-is.
A WARNING: I DO NOT recommend flashing A10 stock FW using this method as you're literally violating the rollback protection which has the risk of causing A HARD BRICK!!! Similar cases have happened on other devices of other vendors before.
ONE MORE WARNING: Due to the ongoing case of Samsung disabling cameras on Z Fold 3, I seriously advise against upgrading the device any further, especially in case a XXU3 firmware comes out in the future, as there are potential signs that such crippling behavior might spread to existing devices.

@LSS4181 thanks dor for deep explanation, but I'm afraid my level is not high enough to understand all of this. I am also tempted to try gsi but not want to risk lot...
So, can it be installed over stock android 11, new bootloader XXU2?
Thanks

ivanox1972 said:
@LSS4181 thanks dor for deep explanation, but I'm afraid my level is not high enough to understand all of this. I am also tempted to try gsi but not want to risk lot...
So, can it be installed over stock android 11, new bootloader XXU2?
Thanks
Click to expand...
Click to collapse
I can't guarantee A10 GSI will work on such environment, but GSIs probably won't have issues with rollback protections. It's just stock ROM might have something that would do dirty stuffs in case such violation happens so I personally would not recommend such use case.
However, A11 GSIs will certainly work fine, just that with A10 vendor you need to use DragKernel as the stock one has a watchdog that'll reboot the system after 100 seconds.

@LSS4181 - thank you for the guide, I've had a T970 for nearly 1 year now, always wanted to run a custom rom on it!
I've tried your guide twice now, but it results in failures for me.
I've unlocked the bootloader, flashed TWRP (twrp-gts7xl-3.5.0_10-A11_3_ianmacd.img), running ATK3.
Not sure if TWRP for Android 11 and ATK3 being Android 10 makes a difference?
I extracted a vbmeta.img.lz4 from the ATK3 pack online, decompressed it to get the vbmeta.img, and wrote 0x03 to decimal offset 123.
(Tried to follow the instructions exactly)
I think it's the flashing/dd part.
After I dd the gsi img to dm-0, I can not reflash the multidisabler anymore. It tells me something like:
"Failed to mount '/system_root' (Invalid argument)"
Then, I can't even mount 'system' in TWRP, the checkbox is unselectable.
To get back to a working state, I have reflashed the stock rom (ATK3).
The GSI I tried to use was: system-roar-arm64-ab-vanilla.img.xz - from AOSP 11.0 v313
Is this the correct version to use (A, A/B etc?)
And how can I tell if the image file is sparsed or not?
Any input is appreciated, thank you!

zxczxc4 said:
@LSS4181 - thank you for the guide, I've had a T970 for nearly 1 year now, always wanted to run a custom rom on it!
I've tried your guide twice now, but it results in failures for me.
I've unlocked the bootloader, flashed TWRP (twrp-gts7xl-3.5.0_10-A11_3_ianmacd.img), running ATK3.
Not sure if TWRP for Android 11 and ATK3 being Android 10 makes a difference?
I extracted a vbmeta.img.lz4 from the ATK3 pack online, decompressed it to get the vbmeta.img, and wrote 0x03 to decimal offset 123.
(Tried to follow the instructions exactly)
I think it's the flashing/dd part.
After I dd the gsi img to dm-0, I can not reflash the multidisabler anymore. It tells me something like:
"Failed to mount '/system_root' (Invalid argument)"
Then, I can't even mount 'system' in TWRP, the checkbox is unselectable.
To get back to a working state, I have reflashed the stock rom (ATK3).
The GSI I tried to use was: system-roar-arm64-ab-vanilla.img.xz - from AOSP 11.0 v313
Is this the correct version to use (A, A/B etc?)
And how can I tell if the image file is sparsed or not?
Any input is appreciated, thank you!
Click to expand...
Click to collapse
Uh... I should have mentioned earlier. Multi-Disabler expects /system_root to be mountable r/w, which cannot be done with a non-vndklite GSI.
As such, to disable encryption, you'll initially need to flash a vndklite GSI, or simply just do that before you actually flash the GSI (stock ROM can be mounted r/w). As Multi-Disabler is only needed once per /vendor flash, you'll be able to use non-vndklite GSI afterwards.
EDIT: If you are experienced in modifying recovery zips, you can edit the Multi-Disabler install script and comment out the parts actually involving /system or /system_root.
EDIT 2: I just realized this... I recall that phh AOSP GSI is sparsed. You need to use simg2img command instead of dd to flash it.

@LSS4181 - thank you for the reply.
I am not sure if the images I was trying to us were sparsed or not.
Since you mentioned vndklite images, I tried those - `simg2img` told me that the hash/magic was not valid, so at least these ones are not sparsed.
But good idea to attempt to use `simg2img` if you are not sure about an image, it doesn't hurt to try.
I flashed phh's v313 ab vndklite image, my device was stuck on the samsung boot screen for about 10 minutes (the screen with "your device is unlocked" etc...) I then held some buttons to force reboot/power down. I powered back on and I finally saw the rom booting.
Vanilla AOSP was a bit boring, so flashed LOS 18.x (vndklite again) and that is great. Dark mode can be made BLACK which I really appreciate.
No issues with the watchdog/no reboot after 100 seconds.
I did try to install microg... tried to install (adb push) to /system/priv-data but must have done something wrong.
It gave me bootloops, tried to reflash the gsi twice but didn't seem to change anything...
I ended up reflashing stock again, repeated the whole process (apart from microg!) and my system is up working again.
I should go and ask on the lineage os gsi thread for advice about microg.
Thanks again for the guide.

zxczxc4 said:
@LSS4181 - thank you for the reply.
I am not sure if the images I was trying to us were sparsed or not.
Since you mentioned vndklite images, I tried those - `simg2img` told me that the hash/magic was not valid, so at least these ones are not sparsed.
But good idea to attempt to use `simg2img` if you are not sure about an image, it doesn't hurt to try.
I flashed phh's v313 ab vndklite image, my device was stuck on the samsung boot screen for about 10 minutes (the screen with "your device is unlocked" etc...) I then held some buttons to force reboot/power down. I powered back on and I finally saw the rom booting.
Vanilla AOSP was a bit boring, so flashed LOS 18.x (vndklite again) and that is great. Dark mode can be made BLACK which I really appreciate.
No issues with the watchdog/no reboot after 100 seconds.
I did try to install microg... tried to install (adb push) to /system/priv-data but must have done something wrong.
It gave me bootloops, tried to reflash the gsi twice but didn't seem to change anything...
I ended up reflashing stock again, repeated the whole process (apart from microg!) and my system is up working again.
I should go and ask on the lineage os gsi thread for advice about microg.
Thanks again for the guide.
Click to expand...
Click to collapse
You could always flash magisk and use the microg module, works perfectly for me

sambow23 said:
You could always flash magisk and use the microg module, works perfectly for me
Click to expand...
Click to collapse
That's exactly what I ended up doing.
Originally I wanted to avoid the 'newer' style, using Magisk etc, it seems more complicated than just using a rom that is already rooted. For my use case of this device, I don't care about safetynet etc, don't care about keeping system untouched etc.
BUT! Flashing Magisk was so easy, no need to patch any images... I simply flashed the latest version of the Magisk apk via TWRP.
On restart, Magisk app wanted to finish the install itself... but failed? So I simply installed the same apk myself, and it's been working perfectly

Thank you @LSS4181 for the exquisitely detailed instructions! I think have enough experience with this stuff to be succesful, but have not yet bought this tablet to try it (currently using a rooted, debloated S6).
Questions:
Which vendor does it ship with? ATK3? I wouldn't do any upgrades when I got it, but would immediately start flashing.
Has anyone succesfully used XPrivacyLua (XPL) on this? I currently use XPL Pro, and I know that it depends on a working EdXposed (or Lsposed, which I've never used) which requires a working Magisk. From reading this thread, the Magisk part seems Okay, but what about Ed/L Xposed?
Thanks again.

TiTiB said:
Thank you @LSS4181 for the exquisitely detailed instructions! I think have enough experience with this stuff to be succesful, but have not yet bought this tablet to try it (currently using a rooted, debloated S6).
Questions:
Which vendor does it ship with? ATK3? I wouldn't do any upgrades when I got it, but would immediately start flashing.
Has anyone succesfully used XPrivacyLua (XPL) on this? I currently use XPL Pro, and I know that it depends on a working EdXposed (or Lsposed, which I've never used) which requires a working Magisk. From reading this thread, the Magisk part seems Okay, but what about Ed/L Xposed?
Thanks again.
Click to expand...
Click to collapse
XPrivacyLua/LSPosed does work, I'm able to pass safetynet thanks to it

TiTiB said:
Thank you @LSS4181 for the exquisitely detailed instructions! I think have enough experience with this stuff to be succesful, but have not yet bought this tablet to try it (currently using a rooted, debloated S6).
Questions:
Which vendor does it ship with? ATK3? I wouldn't do any upgrades when I got it, but would immediately start flashing.
Has anyone succesfully used XPrivacyLua (XPL) on this? I currently use XPL Pro, and I know that it depends on a working EdXposed (or Lsposed, which I've never used) which requires a working Magisk. From reading this thread, the Magisk part seems Okay, but what about Ed/L Xposed?
Thanks again.
Click to expand...
Click to collapse
I got my tablet early so it was on an earlier version than ATK3.
If your device ships with BUBB or before, you should be able to downgrade directly if you know how to use Odin.
Flashing ATK3 (or earlier) vendor via dd from TWRP is only needed if your device is on BUC1 or later, as from that version onwards SW REV has been incremented so you can't downgrade via Odin anymore.

sambow23 said:
XPrivacyLua/LSPosed does work, I'm able to pass safetynet thanks to it
Click to expand...
Click to collapse
Which Xposed are you using? I'm not very familiar with Lsposed.

Thanks ag
LSS4181 said:
I got my tablet early so it was on an earlier version than ATK3.
If your device ships with BUBB or before, you should be able to downgrade directly if you know how to use Odin.
Flashing ATK3 (or earlier) vendor via dd from TWRP is only needed if your device is on BUC1 or later, as from that version onwards SW REV has been incremented so you can't downgrade via Odin anymore.
Click to expand...
Click to collapse
Thanks again for the detailed response. The info you've shared gives me confidence. Now I just need to convince myself that I 'need' to buy it.

@LSS4181: I've been running the stock Android 11 firmware since I bought the Tab S7+ SM-T970, about halfway into this year. Mine shipped with a version 2 bootloader, so there is no possibility of running stock 10 for me.
Then I saw your note about Bluetooth earbuds not working. This would be a big deal for me on a GSI. I don't want to use a USB C headphone jack adapter, since it would prevent charging while using them. And it would wear out the charging port by constantly inserting/removing.
What BT earbuds do you use? Does it happen on all GSIs that you've tried? I saw your recent issue on GitHub, and noticed that no one else has commented.
GApps is another big deal for me, a must have. I used to use MicroG on my daily driver devices, but stopped using it about a year ago due to issues that I was unable to find solutions for.
Can you elaborate a bit more on how to modify vbmeta and what to change? I'm not particularly skilled with the usage of hex editors, so not sure how to proceed here or what to edit.
I know there will probably be issues inherent to running to a GSI, but I'd like to change things up a bit and experiment. If I don't like what I see, I can always return to stock rooted. I'm not a big fan of stock firmwares, but so far it has been very stable for me. However, if I can get a custom ROM like AOSP, RR, LOS, etc running reliably, then I'd definitely switch. There are no features on stock besides Dex and Secure Folder, that are compelling enough to me me stay on it.

AnonVendetta said:
@LSS4181: I've been running the stock Android 11 firmware since I bought the Tab S7+ SM-T970, about halfway into this year. Mine shipped with a version 2 bootloader, so there is no possibility of running stock 10 for me.
Then I saw your note about Bluetooth earbuds not working. This would be a big deal for me on a GSI. I don't want to use a USB C headphone jack adapter, since it would prevent charging while using them. And it would wear out the charging port by constantly inserting/removing.
What BT earbuds do you use? Does it happen on all GSIs that you've tried? I saw your recent issue on GitHub, and noticed that no one else has commented.
GApps is another big deal for me, a must have. I used to use MicroG on my daily driver devices, but stopped using it about a year ago due to issues that I was unable to find solutions for.
Can you elaborate a bit more on how to modify vbmeta and what to change? I'm not particularly skilled with the usage of hex editors, so not sure how to proceed here or what to edit.
I know there will probably be issues inherent to running to a GSI, but I'd like to change things up a bit and experiment. If I don't like what I see, I can always return to stock rooted. I'm not a big fan of stock firmwares, but so far it has been very stable for me. However, if I can get a custom ROM like AOSP, RR, LOS, etc running reliably, then I'd definitely switch. There are no features on stock besides Dex and Secure Folder, that are compelling enough to me me stay on it.
Click to expand...
Click to collapse
Bluetooth audio works if you disable the a2dp hardware offload in the phh treble app

AnonVendetta said:
@LSS4181: I've been running the stock Android 11 firmware since I bought the Tab S7+ SM-T970, about halfway into this year. Mine shipped with a version 2 bootloader, so there is no possibility of running stock 10 for me.
Then I saw your note about Bluetooth earbuds not working. This would be a big deal for me on a GSI. I don't want to use a USB C headphone jack adapter, since it would prevent charging while using them. And it would wear out the charging port by constantly inserting/removing.
What BT earbuds do you use? Does it happen on all GSIs that you've tried? I saw your recent issue on GitHub, and noticed that no one else has commented.
GApps is another big deal for me, a must have. I used to use MicroG on my daily driver devices, but stopped using it about a year ago due to issues that I was unable to find solutions for.
Can you elaborate a bit more on how to modify vbmeta and what to change? I'm not particularly skilled with the usage of hex editors, so not sure how to proceed here or what to edit.
I know there will probably be issues inherent to running to a GSI, but I'd like to change things up a bit and experiment. If I don't like what I see, I can always return to stock rooted. I'm not a big fan of stock firmwares, but so far it has been very stable for me. However, if I can get a custom ROM like AOSP, RR, LOS, etc running reliably, then I'd definitely switch. There are no features on stock besides Dex and Secure Folder, that are compelling enough to me me stay on it.
Click to expand...
Click to collapse
sambow23 said:
Bluetooth audio works if you disable the a2dp hardware offload in the phh treble app
Click to expand...
Click to collapse
Don't know if audio issues might be caused by using a different kernel (as I've switched to using DragKernel for this tablet). I don't recommend using stock kernel, though, due to a nasty 100-second watchdog that you need to manually disable after system startup (DragKernel has that removed from config).
I recall it's now possible to patch vbmeta using Magisk now. Simply provide the vbmeta of your FW version to Magisk and it'll patch it for you. I haven't tried, though, as I always do this by hand with a hex editor (it's just to change a single byte, which the recent Magisk versions would do).
Back then I couldn't get the device certified so I switched to microG which is working well. I recommend using NanoDroid as it comes with a modded Play Store which allows you to purchase apps as well as IAPs. The modded Play Store still works, despite being quite dated.
I don't really have anything blocking me from using microG now. If you need real GApps and know about the workflow for uncertified devices, you may try flashing a bgN flavor GSI as opposed to bvN (g means the GSI ships with GApps).