Related
For anybody that has bought the US Retail version of the Moto G5 Plus (XT1687) and noticed that using it on Freedom Mobile in Canada results in the phone getting stuck on 3G after a call, there is a fix.
Note: This fix is specific to Freedom Mobile, it will break VoLTE for other providers. Likewise, it will break OTA updates.
Prerequisites
Stock firmware NPNS25.137.35-5 (may work with others)
Unlocked bootloader (UPDATE: Does not seem to require this as confirmed below)
Installation
Ensure you are on stock firmware, with unlocked bootloader
Boot into bootloader (hold vol up + vol down + power when phone is off)
Download the attached fsg.mbn unzip it and flash it in the bootloader (fastboot flash fsg fsg.mbn) and erase modem config (fastboot erase modemst1 and fastboot erase modemst2), boot into the OS
Once phone boots, wait a bit of time for the signal to come back
Make a call, it will go down to 3G. Once you finish the call, it will go back to LTE.
Uninstall
Download the stock firmware and flash it. Alternative, you can do "fastboot flash fsg fsg.bin" and modem config erase (fastboot erase modemst1 and fastboot erase modemst2) part only to keep your data.
Proof
Doesn't apply to me, but glad to see it fixed! Out of curiosity, what in the modem file broke this?
It was just missing configuration. I posted this on the OP5 forum for their engineers:
You need to update the EFS image so the following settings are present for PLMN 302 490:
in /nv/item_files/wcdma/rrc/
rrc_b66_plmn_support to contain "0x03 0x00 0x02 0x03 0x04 0x09 0x00" (i.e 302 490)
wcdma_rrc_fast_return_to_lte_after_csfb to contain "0x01" i.e true
wcdma_rrc_fast_return_to_lte_after_csfb_timer to have a valid timer setting
You'll need to add a new .mbn file to NON-HLOS.bin:/image/modem_pr/mcfg/configs/mcfg_sw/generic/.... to apply the above settings when the right ICCID (starting with 89149000) or PLMN (302 490) is detected. This would be the "FSG" partition on Moto phones.
zivan56 said:
It was just missing configuration. I posted this on the OP5 forum for their engineers:
You need to update the EFS image so the following settings are present for PLMN 302 490:
in /nv/item_files/wcdma/rrc/
rrc_b66_plmn_support to contain "0x03 0x00 0x02 0x03 0x04 0x09 0x00" (i.e 302 490)
wcdma_rrc_fast_return_to_lte_after_csfb to contain "0x01" i.e true
wcdma_rrc_fast_return_to_lte_after_csfb_timer to have a valid timer setting
You'll need to add a new .mbn file to NON-HLOS.bin:/image/modem_pr/mcfg/configs/mcfg_sw/generic/.... to apply the above settings when the right ICCID (starting with 89149000) or PLMN (302 490) is detected. This would be the "FSG" partition on Moto phones.
Click to expand...
Click to collapse
Would you be able to advise in more details how you would usually modify modem firmware with new config settings or point me in the right direction?
The file provided does help recover back to LTE after a voice call, but not if phone dropped to 3g due to poor reception.
Thank you
You would need to use QXDM/EFS Explorer to modify the various NV items relating to that.
The file is not meant to make the phone hold on to weak signal (or touch any such parameters), it simply allows it to switch back to LTE from 3G.
Thanks zivan. This is amazing find and fix. Unfortunately for me for some reason phone does not return back to LTE even in strong signal areas. It only returns to LTE after a call.
Not sure why.
Hmm, that's quite strange, I'm not experiencing that issue myself.
I only have 3G coverage at work, but as soon as I go outside it goes back to LTE automatically.
Damn.
Thanks for the help though. I flashed your file with fastboot commands and erased modemst1/2.
I don't have bootloader unlocked, not sure if this makes any difference, stock 137-35-5.
Thanks.
Hmm, if it fixed going back to LTE after a voice call, then it means it did apply despite a locked bootloader.
I am not sure why it would accept this image, as its unsigned...I guess Motorola doesn't check this partition for valid signatures.
Perhaps you have an app in the background that is constantly using data? Most phones will not go back to LTE from 3G unless all apps stop using data.
I think it is working as expected now.. not sure why.
So, as I said. It would never return to LTE even in strong signal areas. I played a little with the *#*#2436#*#* menu. I switched from LTE/UMTS auto PRL to LTE/TD-UCDMA/UMTS. I know TD-UCDMA (or whatever is in the menu) will not work with freedom mobile, but I was looking for an LTE/UMTS option without auto PRL.
So I switched to that, rebooted, (the phone still returned back to LTE/UMTS auto after reboot) and now it does recover to LTE. Sometimes it takes a minute or two, but it does recover. So I am very happy.
This is great fix, and it does work. Thank you for your work. I really hope once new OTA update comes out, you will implement the fix for the new version
thank you!
Good to hear it is working now
I agree the phone is a bit "lazy" in terms of going back to LTE sometimes...I am not sure if this is a phone issue or the network setting the threshhold.
Thanks for confirming it works with a locked bootloader, I have updated the main post to reflect this.
I am hoping the next OTA makes this patch unnecessary, but I do plan to patch the next version if it comes to that.
What would the process be for making this work with an unlocked Moto G5S Plus (assuming they have the issue)?
It would need the same NV items modified as any other Qualcomm device.
zivan56 said:
It would need the same NV items modified as any other Qualcomm device.
Click to expand...
Click to collapse
And that would probably require an unlocked bootloader, right?
sensi277 said:
And that would probably require an unlocked bootloader, right?
Click to expand...
Click to collapse
If it is similar to most other non-Verizon Moto phones, then no. Only the configuration is signed and not the FSG partition itself.
zivan56 said:
If it is similar to most other non-Verizon Moto phones, then no. Only the configuration is signed and not the FSG partition itself.
Click to expand...
Click to collapse
Cool. Okay, one more question - can someone confirm that there are issues with the phone switching back to LTE after dropping to 3G due to a weak signal? Does it do it eventually, or do you need to force it?
Edit: Oh, and one more thing - when the Oreo update comes out, I'll have to flash the OTA from my computer, right? How would I go about doing that when the time comes?
Sorry for all the questions, I'm very seriously considering the G5+ or G5S+ for use on the Freedom network and it's been a while since I've had a Moto G device.
sensi277 said:
Cool. Okay, one more question - can someone confirm that there are issues with the phone switching back to LTE after dropping to 3G due to a weak signal? Does it do it eventually, or do you need to force it?
Edit: Oh, and one more thing - when the Oreo update comes out, I'll have to flash the OTA from my computer, right? How would I go about doing that when the time comes?
Sorry for all the questions, I'm very seriously considering the G5+ or G5S+ for use on the Freedom network and it's been a while since I've had a Moto G device.
Click to expand...
Click to collapse
There are a few reasons. One is how the network is configured, its not made to hold onto LTE like Big 3, this is purely a config on the network side.
The Qualcomm issue is only after calls or for any other reason for being dropped down to 3G.
I've posted a guide for the Moto E4 here. You can give it a try, it should work on any Moto Qualcomm based phone. However, some phones overwrite these settings upon reboot, so it may not stick. YMMV.
Hey zivan. So I did ota update for the latest August security patch. Was no problem phone works fine. Did not have a chance to test if "Freedom mobile fix" is still in place, since my house is in 3g area. will test tomorrow. Wonder if you had a chance to see if LTE still works.
zivan56 said:
There are a few reasons. One is how the network is configured, its not made to hold onto LTE like Big 3, this is purely a config on the network side.
The Qualcomm issue is only after calls or for any other reason for being dropped down to 3G.
I've posted a guide for the Moto E4 here. You can give it a try, it should work on any Moto Qualcomm based phone. However, some phones overwrite these settings upon reboot, so it may not stick. YMMV.
Click to expand...
Click to collapse
Hey, in your OP you had instructions to uninstall. I flashed the latest NA stock image from here. I actually did try the fix again since is it was working fine on an earlier build (-67). When I rebooted, there were no signals being found at all. So I re-flashed the stock image and rebooted. So the issue is the same.
The first time I applied the fix, did I make any irreversible changes that could not be undone by flashing stock firmware? Also, did you test this fix on later firmware? Either way, with or without the fix, I'm not connecting to any networks.
Any help would be appreciated!
It's not irreversible.
Best to get an official Motorola image, which includes the radio and other misc partitions, and flash it back to 100% stock with their provided script. It sounds like you have a radio/FSG mismatch.
This wil be a list of firmware sources and a bit of explanation in different firmware versions and builds. This information has been gathered over the past few weeks, mainly by helping others to find the proper stock roms.
First of all, there seem to be multiple regions that have different firmware’s, and there seem to be different software channels per region or per region per provider. ( for instance vfeu vs reteu )
The phone model is XT2041-X where the X can stand for 1 to 4
The development name / moto name is called: Sofiar ( XT2041-1/3)
the development name for the US name is: Sofia ( xt2041-4 )
The easiest way to find the proper firmware would be via the Lenovo rescue and smart assistant ( LMSA)
you can download it from here: https://download.lenovo.com/consumer/mobiles/rescue_and_smart_v5.0.0.25_setup.exe
Since a few days support has been added to rescue the g8 power
you can download the current firmware for your device via the rescue page.
Manual selection of firmware sources:
So far, every source on the internet points to the lolinet mirror
see https://mirrors.lolinet.com/firmware/moto/sofiar/official/
US version: https://mirrors.lolinet.com/firmware/moto/sofia/official/
a 2nd source would be the moto updates tracker, but I expect that everything you find here Will appear on lolinet
US: https://t.me/s/MotoUpdatesTracker?q=#sofia
The rest of the world: https://t.me/s/MotoUpdatesTracker?q=#sofiar
so far I have not been able to find any other sources. I hope this helps a bit in downloading / finding the stock firmware for your phone.
If you find any other / better source, please let me know, I'll add it to this first post.
Thanks
I successfully updated mine and regained root.
I will post manual update guide later.
A side note: the following must be flashed in fastbootd (fastboot reboot fastbootd or adb reboot fastboot)
boot.img, recovery.img, vbmeta.img, super, dtbo.img
@mingkee Pls can you share manual update guide? THX
endva3 said:
@mingkee Pls can you share manual update guide? THX
Click to expand...
Click to collapse
There's a simple method using LMSA rescue method, but make sure you backup your phone because your phone will be wiped during the process.
Hi, I'm running into a little problem. I used the lolinet link to download the factory ROM for my Moto G Power (Best Buy unlocked, on Verizon). I downloaded the sofia VZW factory ROM first (thinking because I'm on Verizon). I used Magisk to patch the boot.img and fastbooted it. After reboot, I lost the touch screen and cell service -- could not unlock the phone. So I thought no big deal, I'll just reflash the unpatched boot.img from the sofia retus ROM this time. However, I still do not have touch screen. Does anyone have the factory boot.img for QPM30.80.50-1 that originally came with this G Power? Thanks in advance.
quangtran1 said:
Hi, I'm running into a little problem. I used the lolinet link to download the factory ROM for my Moto G Power (Best Buy unlocked, on Verizon). I downloaded the sofia VZW factory ROM first (thinking because I'm on Verizon). I used Magisk to patch the boot.img and fastbooted it. After reboot, I lost the touch screen and cell service -- could not unlock the phone. So I thought no big deal, I'll just reflash the unpatched boot.img from the sofia retus ROM this time. However, I still do not have touch screen. Does anyone have the factory boot.img for QPM30.80.50-1 that originally came with this G Power? Thanks in advance.
Click to expand...
Click to collapse
You may have patched unmatched build number.
Solution: flash full ROM
LMSA rescue is the simplest method but it will wipe the phone
Thanks! That was what I ended up doing.
Is it possible to change fw xt2041-3 (PAHF0004PL) to XT2041-3 (PAHF0006GB)? I'm on the PL version (andoid security January 2020) and the GB version is May 2020. If possible, the bootloader must be unlocked? Can it be changed via any tool (mototool) or via adb commands?
Anyone have the boot.img for QPMS30.80-51-3?
I cant download the latest May update from their server. Some reason the link to download expired a few days after. So if anyone has another link or can just hook it up with the boot.img please
I couldnt get it with the rescue app either it was a lower version.
EDIT
Found it here
https://forum.xda-developers.com/showpost.php?p=82865201&postcount=73
Some lessons learned
pjottrr said:
The easiest way to find the proper firmware would be via the Lenovo rescue and smart assistant ( LMSA)
you can download it from here: https://download.lenovo.com/consumer/mobiles/rescue_and_smart_v5.0.0.25_setup.exe
Since a few days support has been added to rescue the g8 power
you can download the current firmware for your device via the rescue page.
Click to expand...
Click to collapse
In my case, you in fact cannot exactly download the "current" firmware via the rescue page - the phone's updater app thinks QPM30.80-51-3 is the latest version, but the rescue app installs the newer QPM30.80-109. Both are 5/1/2020 security patch level, but the boot.img files are most certainly not interchangeable.
I ended up in a bootloop which I had to rescue the phone to escape. I'd advise anyone wanting to root this phone to just rescue it first.
Also it's essential that you install the Motorola Device Manager/USB drivers in addition to LRSA, otherwise LRSA will incorrectly insist your phone is not in fastboot flash mode if you have to resort to rescuing from fastboot mode.
Finally, the rescue process will not work from a Windows VM under KVM, whether you have the USB device redirected or shared with the host. You need Windows running on bare metal.
Hope this saves someone the hours of annoyance I just went through trying to unbrick the damn thing.
Can jump from a carrier Rom to a unlocked version? And if yes, what's the unlocked phone rom? Cause I only see carrier versions.
Mikael1013 said:
Can jump from a carrier Rom to a unlocked version? And if yes, what's the unlocked phone rom? Cause I only see carrier versions.
Click to expand...
Click to collapse
Switching from a carrier rom to an unlocked version won't SIM unlock a phone (at least not to my knowledge), if that's your objective. But if you're looking to switch the retail flavor rom, try RETUS, specifically XT2041-4_SOFIA_RETUS_10_QPM30.80-13-2_subsidy-DEFAULT_regulatory-DEFAULT_CFC.xml.zip.
rlrevell said:
In my case, you in fact cannot exactly download the "current" firmware via the rescue page - the phone's updater app thinks QPM30.80-51-3 is the latest version, but the rescue app installs the newer QPM30.80-109. Both are 5/1/2020 security patch level, but the boot.img files are most certainly not interchangeable.
I ended up in a bootloop which I had to rescue the phone to escape. I'd advise anyone wanting to root this phone to just rescue it first.
Also it's essential that you install the Motorola Device Manager/USB drivers in addition to LRSA, otherwise LRSA will incorrectly insist your phone is not in fastboot flash mode if you have to resort to rescuing from fastboot mode.
Finally, the rescue process will not work from a Windows VM under KVM, whether you have the USB device redirected or shared with the host. You need Windows running on bare metal.
Hope this saves someone the hours of annoyance I just went through trying to unbrick the damn thing.
Click to expand...
Click to collapse
Also a good word of advice before flashing a boot.bin
run the command
fastboot boot boot.bin
or whatever your boot.bin is called
Then you can test your patched file before patching it. Also even better once you get into Android you can open MAGISK and use direct install
TNS201 said:
Also a good word of advice before flashing a boot.bin
run the command
fastboot boot boot.bin
or whatever your boot.bin is called
Then you can test your patched file before patching it. Also even better once you get into Android you can open MAGISK and use direct install
Click to expand...
Click to collapse
I've never actually had this work on any device I've tried to root. Command not implemented or some such error was always the result. Does it work for you on this device?
The download link for the latest Google Fi firmware works again if anyone wants to grab it before it expires...again heh.
SOFIA_RETAIL_QPMS30.80-51-3
CodyF86 said:
The download link for the latest Google Fi firmware works again if anyone wants to grab it before it expires...again heh.
SOFIA_RETAIL_QPMS30.80-51-3
Click to expand...
Click to collapse
Do you have stock boot IMG by any chance? Thx in advance
freddienuxx said:
Do you have stock boot IMG by any chance? Thx in advance
Click to expand...
Click to collapse
sofia_80-51-3boot.img
CodyF86 said:
sofia_80-51-3boot.img
Click to expand...
Click to collapse
Thx man
rlrevell said:
I've never actually had this work on any device I've tried to root. Command not implemented or some such error was always the result. Does it work for you on this device?
Click to expand...
Click to collapse
yea when you are in bootloader with phone attached to the PC it should work
It worked on my pixel 2 xl and this phone
Does anybody have this file available? (Sorry for the spaces, I can't post a link...). The download link has expired.
t.me /motoupdatestracker/ 2752
filename: SOFIA_RETAIL_QPMS30.80-51-5_subsidy-DEFAULT_regulatory-DEFAULT_CFC.xml.zip
What's the difference between that and RETUS on lolinet? Is there any? Reason I'm asking is that I don't have any radios after that OTA (Google Fi) and flashing the boot.img from RETUS QPMS-30.80-51-5.
Hello all,
-I bought a 'refurbished' LG G4 online (claimed to be H815), but when I got it & checked the motherboard inside, it's VS986 instead.
Currently it's on H815 v10h (Lollipop), with ARB v2, and Baseband is MPSS.BO.2.5.c3-00070-M8992FAAAANAZM-1.19025.1
-What's is the best option I have (which ROM to flash)? I'm from Malaysia & I need GSM for 2G/3G capability (AFAIK Verizon's VS986 uses CDMA)*.
Please advise, thank you.
*EDIT: I entered Service Menu & found that several GSM & WCDMA modes are supported, but none of LTE modes is available.
Musafir_86 said:
Hello all,
-I bought a 'refurbished' LG G4 online (claimed to be H815), but when I got it & checked the motherboard inside, it's VS986 instead.
Currently it's on H815 v10h (Lollipop), with ARB v2, and Baseband is MPSS.BO.2.5.c3-00070-M8992FAAAANAZM-1.19025.1
-What's is the best option I have (which ROM to flash)? I'm from Malaysia & I need GSM for 2G/3G capability (AFAIK Verizon's VS986 uses CDMA)*.
Please advise, thank you.
*EDIT: I entered Service Menu & found that several GSM & WCDMA modes are supported, but none of LTE modes is available.
Click to expand...
Click to collapse
The problem with Frankensteins like this is nobody knows what EXACTLY they did to make it look like a h815.
First thing to try is checking the ARB (Antirollback, see my sig) and if you are one of the 1% of lucky users then you may see "nonfusing device" instead of an ARB level.
Assuming that you did that already (as u mentioned ARB2) u are screwed.
There is no valid way to get to a good result here.
Your main issue is that the modem partition must be a vs986 one - or at least a vs986 compatible one as the ARB also takes place in that partition.
Second, if you cannot change the modem partition u might not be able to get 2G/3G as you already found out.
unlocking the device won't help either as the main issue you have relies on the the modem (partition) and even when flashing a vs986 ROM or any other it might never work.
Last - but not least - whatever you do or plan to do: kee my first sentence in mind. Each step you do can easily hard brick your device.
Ofc you can use QFIL to likely bring it back to life (the G4's are really hard to brick until an unusable state) but for this you need the extra tools, knowledge and time to learn.
sorry but there is nothing much you can do other then request your money back as you were tricked.
if you can't I may would try getting another modem partition to work with but doing that requires also a lot of time to learn how to use SALT to extract KDZs, identify the ARB of the modem partition properly (so you do not increase the ARB level by flashing a wrong modem partition) and so on..
gl
.-
steadfasterX said:
The problem with Frankensteins like this is nobody knows what EXACTLY they did to make it look like a h815.
First thing to try is checking the ARB (Antirollback, see my sig) and if you are one of the 1% of lucky users then you may see "nonfusing device" instead of an ARB level.
Assuming that you did that already (as u mentioned ARB2) u are screwed.
There is no valid way to get to a good result here.
Your main issue is that the modem partition must be a vs986 one - or at least a vs986 compatible one as the ARB also takes place in that partition.
Second, if you cannot change the modem partition u might not be able to get 2G/3G as you already found out.
unlocking the device won't help either as the main issue you have relies on the the modem (partition) and even when flashing a vs986 ROM or any other it might never work.
Last - but not least - whatever you do or plan to do: kee my first sentence in mind. Each step you do can easily hard brick your device.
Ofc you can use QFIL to likely bring it back to life (the G4's are really hard to brick until an unusable state) but for this you need the extra tools, knowledge and time to learn.
sorry but there is nothing much you can do other then request your money back as you were tricked.
if you can't I may would try getting another modem partition to work with but doing that requires also a lot of time to learn how to use SALT to extract KDZs, identify the ARB of the modem partition properly (so you do not increase the ARB level by flashing a wrong modem partition) and so on..
gl
.-
Click to expand...
Click to collapse
-Thanks for your reply.
-About returning & requesting a refund, I think it'll be hard as I already damaged the warranty sticker over one of the screws while trying to check the board.
-If we ignore the modem issue for now (maybe use it as WiFi-only device), then what's the best ROM I could flash? I hope at least Marshmallow so it'll last longer as more & more apps are targetting higher Android API levels.
-BTW, I just tried flashing VS9862BA_00_0525_ARB02.kdz but LG UP says "KDZ file is invalid". On another note, while in download mode, I just noticed it says:
Code:
USER S0.0 AS0.0 B91 UHS
S U LG-H810 05.1 Hrev_10
H81010o
-So, now it also has AT&T's H810 pieces inside too?
-BTW, sorry for PM'ing you earlier; I didn't notice your signature (even though you put it in big, red fonts!).
Musafir_86 said:
-Thanks for your reply.
-About returning & requesting a refund, I think it'll be hard as I already damaged the warranty sticker over one of the screws while trying to check the board.
-If we ignore the modem issue for now (maybe use it as WiFi-only device), then what's the best ROM I could flash? I hope at least Marshmallow so it'll last longer as more & more apps are targetting higher Android API levels.
-BTW, I just tried flashing VS9862BA_00_0525_ARB02.kdz but LG UP says "KDZ file is invalid". On another note, while in download mode, I just noticed it says:
Code:
USER S0.0 AS0.0 B91 UHS
S U LG-H810 05.1 Hrev_10
H81010o
-So, now it also has AT&T's H810 pieces inside too?
-BTW, sorry for PM'ing you earlier; I didn't notice your signature (even though you put it in big, red fonts!).
Click to expand...
Click to collapse
-Okay, now I have successfully flashed VS9862BA_00_0525_ARB02.kdz by extracting the DZ file & flashing it directly! :good:
However, it seems Android FRP (Firmware Reset Protection) has been triggered; need to figure on how to bypass this while on 2BA firmware.....
Musafir_86 said:
-Thanks for your reply.
-About returning & requesting a refund, I think it'll be hard as I already damaged the warranty sticker over one of the screws while trying to check the board.
-If we ignore the modem issue for now (maybe use it as WiFi-only device), then what's the best ROM I could flash? I hope at least Marshmallow so it'll last longer as more & more apps are targetting higher Android API levels.
-BTW, I just tried flashing VS9862BA_00_0525_ARB02.kdz but LG UP says "KDZ file is invalid". On another note, while in download mode, I just noticed it says:
-Okay, now I have successfully flashed VS9862BA_00_0525_ARB02.kdz by extracting the DZ file & flashing it directly! :good:
However, it seems Android FRP (Firmware Reset Protection) has been triggered; need to figure on how to bypass this while on 2BA firmware.....
Click to expand...
Click to collapse
Warranty or not i would return it as its not what you had paid for. But up to you and ofc as you flashed a kdz on it you would need to get it back to the state jt was before..
You could unlock and flash nougat, oreo, pie but as with flashing the vs986 kdz/dz nothing comes without a risk ofc. Especially on Frankensteins!
The good is that you likely can revert UsU if you ever want to as you have a fusing device.
Sent from my OnePlus 7T Pro using XDA Labs
Hello community, I need some explanation first if my approach is incorrect. I am trying to downgrade to Android 10, but i was soul-crashed after reading some information about the bit/binary value that samsung uses on its firmware(basically you cant downgrade if this value is not equal to your targeted frimware). However even though i feel scammed by Samsung, i would like to ask you the community as my final resort to guide me.
Is there some way i can trick SW REV checker or delete this partition containing this binary file?. Does "deleting" it affect my ability to boot into the download mode?
{Temp_User} said:
Hello community, I need some explanation first if my approach is incorrect. I am trying to downgrade to Android 10, but i was soul-crashed after reading some information about the bit/binary value that samsung uses on its firmware(basically you cant downgrade if this value is not equal to your targeted frimware). However even though i feel scammed by Samsung, i would like to ask you the community as my final resort to guide me.
Is there some way i can trick SW REV checker or delete this partition containing this binary file?. Does "deleting" it affect my ability to boot into the download mode?
Click to expand...
Click to collapse
you can downgrade by simply flashing system,kernel and vendor from android 10 on twrp
JuanTamqd21 said:
you can downgrade by simply flashing system,kernel and vendor from android 10 on twrp
Click to expand...
Click to collapse
Hi, thank you for the reply.
Sorry for the late reply. I will try this today
JuanTamqd21 said:
you can downgrade by simply flashing system,kernel and vendor from android 10 on twrp
Click to expand...
Click to collapse
Okay. I am may be misunderstanding something because this way did not work for me. Do I have to manually extract files from the lz4 files?
{Temp_User} said:
Okay. I am may be misunderstanding something because this way did not work for me. Do I have to manually extract files from the lz4 files?
Click to expand...
Click to collapse
well, I can provide vendor and kernel in telegram. You can also get them by extracting lz4 files
make sure its from Android 10/Q/one ui 2.x firmware
I have with me the latest (previous) android 10 . I have extracted correctly ( used 7-zip zstd ) the lz4 files and flashed the vendor, system and kernel in that order.
upon reboot, I can not get past the splash screen. However i do see that an error appears on top left of my screen as CHECK FAIL binary 7(BOOT). The words are not clear though.
What did i do wrong?
JuanTamqd21 said:
well, I can provide vendor and kernel in telegram. You can also get them by extracting lz4 files
make sure its from Android 10/Q/one ui 2.x firmware
Click to expand...
Click to collapse
please provide an in-depth process?
Okay, so after a number of attempts i finally have android 10/Q on my phone. Keep in mind that i am not tech savvy, as all this was a guessing game(well not all of it)
I will share my story and hope it may be useful to others who intend to downgrade their android version.
SW REV ERRORSYou cannot and you should not change the bit version. If you see this error, it means you tried to flash a firmware or maybe just a boot file that is outdated or incompatible with the current secure boot loader.
With my limited knowledge, I went with what was easier for me at the time of writing this,
Flash latest firmware for model A505F,(yours may differ) using Odin.(SUCCESS)Boot into system normally.(make sure the OEM unlock is greyed out.Flash the latest custom recovery(TWRP or 'sky hawk recovery project', I chose the latter. )Boot into your recovery and Format data., also make advanced wipes. System kernel vendor Dalvik Cache Data.Pay attention to what exactly you are wiping.With your targeted firmware (A10) somewhere nearby, I recommend to use a reliable tool to extract the lz4 compressed file. I used this to get 'system.img' 'vendor.img' 'boot.img' . If you are on windows, look at the type column in your file explorer or enable 'view filename extension'.Flash/Install the image files in your recovery. Be patient.
Here is the tricky part for me. the boot loader wont accept this older kernel.(thus the boot loops).
A faster way to work around this, is installing a custom kernel that supports android 10. e.g. quantum kernel.
You may have to reboot a number of times before you can get past the splash screen. Be patient.Success, you now have a weird but working system. (I call it weird because the kernel you will use will carry along with its bugs e.g. camera fails, random reboots.)You can not update the system. this may be due to the different AP/CP/CSC/ match. This is not a step by step guide, i am only sharing with the public what i did to get my final point.
Of course this goes without saying that you are attempting a risky route and you the user shall carry all responsibility.
{Temp_User} said:
Okay, so after a number of attempts i finally have android 10/Q on my phone. Keep in mind that i am not tech savvy, as all this was a guessing game(well not all of it)
I will share my story and hope it may be useful to others who intend to downgrade their android version.
SW REV ERRORSYou cannot and you should not change the bit version. If you see this error, it means you tried to flash a firmware or maybe just a boot file that is outdated or incompatible with the current secure boot loader.
With my limited knowledge, I went with what was easier for me at the time of writing this,
Flash latest firmware for model A505F,(yours may differ) using Odin.(SUCCESS)Boot into system normally.(make sure the OEM unlock is greyed out.Flash the latest custom recovery(TWRP or 'sky hawk recovery project', I chose the latter. )Boot into your recovery and Format data., also make advanced wipes. System kernel vendor Dalvik Cache Data.Pay attention to what exactly you are wiping.With your targeted firmware (A10) somewhere nearby, I recommend to use a reliable tool to extract the lz4 compressed file. I used this to get 'system.img' 'vendor.img' 'boot.img' . If you are on windows, look at the type column in your file explorer or enable 'view filename extension'.Flash/Install the image files in your recovery. Be patient.
Here is the tricky part for me. the boot loader wont accept this older kernel.(thus the boot loops).
A faster way to work around this, is installing a custom kernel that supports android 10. e.g. quantum kernel.
You may have to reboot a number of times before you can get past the splash screen. Be patient.Success, you now have a weird but working system. (I call it weird because the kernel you will use will carry along with its bugs e.g. camera fails, random reboots.)You can not update the system. this may be due to the different AP/CP/CSC/ match. This is not a step by step guide, i am only sharing with the public what i did to get my final point.
Of course this goes without saying that you are attempting a risky route and you the user shall carry all responsibility.
Click to expand...
Click to collapse
Hello, you will not be able to downgrade your phone to Android 11, if it is not on theese firmware updates:
Of course, the reason is, that the binaries of newer updates are higher, than 7 (A505FNPUU7CUC2).
vmirrimv said:
Of course, the reason is, that the binaries of newer updates are higher, than 7 (A505FNPUU7CUC2).
Click to expand...
Click to collapse
So long as we both happy and got what we wanted. I finally have a working android 10 on my device(coming from a11)
vmirrimv said:
Hello, you will not be able to downgrade your phone to Android 11, if it is not on theese firmware updates:
Click to expand...
Click to collapse
You are correct. I gave up on changing the binaries after seeing it was impossible.
Camera should still work on custom android 10 one ui roms and GSI. I think I tested them before.
Hello, could someone PLEASE provide me with a stock or source for stock firmware for the AT&T LG G8 Thinq (LMG820UM). I've looked everywhere and can only find the U.S. Cellular, Verizon, Sprint, and T-mobile versions (everything except what I exactly need )!!!! The carrier's already unlocked. I wanna unlock the bootloader, flash custom ROMs like LineageOS (and TWRP) and root it and be able to revert back and LOCK the bootloader safely. I have LGup and other tools (though I don't know exactly what everything's for, such as firehose and other bootthings). I don't think cross flashing works and I don't want to do it anyway. Thanx!
PHANX0M said:
Hello, could someone PLEASE provide me with a stock or source for stock firmware for the AT&T LG G8 Thinq (LMG820UM). I've looked everywhere and can only find the U.S. Cellular, Verizon, Sprint, and T-mobile versions (everything except what I exactly need )!!!! The carrier's already unlocked. I wanna unlock the bootloader, flash custom ROMs like LineageOS (and TWRP) and root it and be able to revert back and LOCK the bootloader safely. I have LGup and other tools (though I don't know exactly what everything's for, such as firehose and other bootthings). I don't think cross flashing works and I don't want to do it anyway. Thanx!
Click to expand...
Click to collapse
Haven't seen anyone post their qfil backup of ATT rom, but it may be around. Yeah you won't find a kdz file of att rom because att doesn't allow that publicly.
Do you have att now? I'm guessing from what you say that you do, but you would like a kdz so you can go back if needed?
If you do have att, use qfil to back up ea partition individually, or use (I prefer) the bkerler edl utilities (search google), they take some effort to get up and running, but do a great job once done.
If u don't have att now... why would u want it? U may want to use them as a carrier but I'm pretty sure they still check the device imei, and if it's not one sold by them, some things *may* be restricted. I don't use them, only what I've read from others.
maybe you could explain better exactly what you want to do.
Yeah I have the AT&T phone now, and I want the kdz but don't know how to extract that ) :
And what do you mean they don't have it publicly? What if I extract it and post it?
Do you know anywhere where I could find them? I have and android 10 one with a broken screen (which I use Vysor for) and a working android 11 one.
PHANX0M said:
Yeah I have the AT&T phone now, and I want the kdz but don't know how to extract that ) :
Click to expand...
Click to collapse
you can't extract the kdz, that's not possible. You'll never find an ATT or Sprint kdz, they are simply not available, never will be, never have been.
The only thing you can do is back up what you currently have. Using qfil (look in guides section and you'll find how to set that up and use it) is probably the simplest option. You'll have to back up ea partition, and be sure to name them appropriately, as the back up doesn't do that.
Once you've done that, assuming the sim is unlocked, you can do other things you mention you want. But if the sim is not unlocked, you have to do that first, because flashing a different rom does not unlock it.
good luck
AsItLies said:
you can't extract the kdz, that's not possible. You'll never find an ATT or Sprint kdz, they are simply not available, never will be, never have been.
The only thing you can do is back up what you currently have. Using qfil (look in guides section and you'll find how to set that up and use it) is probably the simplest option. You'll have to back up ea partition, and be sure to name them appropriately, as the back up doesn't do that.
Once you've done that, assuming the sim is unlocked, you can do other things you mention you want. But if the sim is not unlocked, you have to do that first, because flashing a different rom does not unlock it.
good luck
Click to expand...
Click to collapse
So if I flash something custom, and then flash the backed up EA partition, it'll have the AT&T ROM/firmware again? I assume the bootloader has to be unlocked for this?
PHANX0M said:
So if I flash something custom, and then flash the backed up EA partition, it'll have the AT&T ROM/firmware again? I assume the bootloader has to be unlocked for this?
Click to expand...
Click to collapse
You'll have to flash back all the att partitions, not just some part of them. The device won't boot otherwise. And no, the boot loader does not have to be unlocked. Look in the guides section for the 'cross flashing' guide, it will explain what you need to do to make that happen, and you'll need a kdz you want to crossflash to. If you decide to x flash to a stock rom.
If all you wan to do is a custom rom, make sure the version of whatever rom you have, including if it's the att one, matches with the custom rom you want to use.
One note though re custom roms on LG devices; you will never be able to have Volte. That's an issue for US people especially, and other countries are getting there also.
LG, in it's infinite wisdom, has their ims stack (needed for volte to work) all over the rom, people have tried to port it, but it's a proprietary implementation, and has not, and probably never will be, ported. So, if you need volte, then your only option is a stock LG rom.
There's only ONE firehose for LG G8 Thinq all models, right? (If I even need to use that thing)
What are the EXACT things I have to back up to be able to revert back to AT&T ROM/Firmware?
So I know the T-Mobile version doesn't work with VoLTE (I've tried it myself and customer service told me I had to have them disable 3G blocker). But will the factory unlocked ROM work with it on an AT&T phone?
Even if I can't do this, is there ANY other way to go back to AT&T stock ROM/Firmware if I flash something else?
AsItLies said:
You'll have to flash back all the att partitions, not just some part of them. The device won't boot otherwise. And no, the boot loader does not have to be unlocked. Look in the guides section for the 'cross flashing' guide, it will explain what you need to do to make that happen, and you'll need a kdz you want to crossflash to. If you decide to x flash to a stock rom.
If all you wan to do is a custom rom, make sure the version of whatever rom you have, including if it's the att one, matches with the custom rom you want to use.
One note though re custom roms on LG devices; you will never be able to have Volte. That's an issue for US people especially, and other countries are getting there also.
LG, in it's infinite wisdom, has their ims stack (needed for volte to work) all over the rom, people have tried to port it, but it's a proprietary implementation, and has not, and probably never will be, ported. So, if you need volte, then your only option is a stock LG rom.
Click to expand...
Click to collapse
There's only ONE firehose for LG G8 Thinq all models, right? (If I even need to use that thing)
What are the EXACT things I have to back up to be able to revert back to AT&T ROM/Firmware?
So I know the T-Mobile version doesn't work with VoLTE (I've tried it myself and customer service told me I had to have them disable 3G blocker). But will the factory unlocked ROM work with it on an AT&T phone?
Even if I can't do this, is there ANY other way to go back to AT&T stock ROM/Firmware if I flash something else?
PHANX0M said:
There's only ONE firehose for LG G8 Thinq all models, right? (If I even need to use that thing)
What are the EXACT things I have to back up to be able to revert back to AT&T ROM/Firmware?
So I know the T-Mobile version doesn't work with VoLTE (I've tried it myself and customer service told me I had to have them disable 3G blocker). But will the factory unlocked ROM work with it on an AT&T phone?
Even if I can't do this, is there ANY other way to go back to AT&T stock ROM/Firmware if I flash something else?
Click to expand...
Click to collapse
Yes there's only one firehose file, and it does need to be used to when using Qfil. And you need to use Qfil to back up ALL PARTITIONS (not just some, all).
I can't help with specific carrier requirements, I only have used Mint. You'll have to ask the carrier what will and won't work.
No, there is no way to go back to att stock firmware. Period. No Other Way than whats already been indicated, from a back up.
AsItLies said:
Yes there's only one firehose file, and it does need to be used to when using Qfil. And you need to use Qfil to back up ALL PARTITIONS (not just some, all).
I can't help with specific carrier requirements, I only have used Mint. You'll have to ask the carrier what will and won't work.
No, there is no way to go back to att stock firmware. Period. No Other Way than whats already been indicated, from a back up.
Click to expand...
Click to collapse
Thank you for all the information thus far. If I restore the backup it can be completely as it was before and functional, including all data and everything? Do I have to unlock bootloader for this? And can I restore a backup from another phone (of the same model)?
Also, if I use the OPEN_CA ROM it'll let me use VoLTE?
Sorry, I'm only used to working with Xperia . Flashtool with Xperifirm was so much easier
PHANX0M said:
Thank you for all the information thus far. If I restore the backup it can be completely as it was before and functional, including all data and everything? Do I have to unlock bootloader for this? And can I restore a backup from another phone (of the same model)?
Also, if I use the OPEN_CA ROM it'll let me use VoLTE?
Sorry, I'm only used to working with Xperia . Flashtool with Xperifirm was so much easier
Click to expand...
Click to collapse
If you restore the backup the phone should then be back to 'stock'. The data partition backup would be probably in excess of 40 gig, no one backs those up.
No, the bootloader only needs to be unlocked if you want root access, this doesn't require root.
Volte depends on numerous things, 1 obviously being that the phone is capable of it, then the carrier has to have that capability, and it has to allow your specific device to use it on their network. I haven't used the open_ca rom so can't say, but have used the us_open in the States, and with Mint mobile it has definitely worked, as has vowifi.
good luck
AsItLies said:
If you restore the backup the phone should then be back to 'stock'. The data partition backup would be probably in excess of 40 gig, no one backs those up.
No, the bootloader only needs to be unlocked if you want root access, this doesn't require root.
Volte depends on numerous things, 1 obviously being that the phone is capable of it, then the carrier has to have that capability, and it has to allow your specific device to use it on their network. I haven't used the open_ca rom so can't say, but have used the us_open in the States, and with Mint mobile it has definitely worked, as has vowifi.
good luck
Click to expand...
Click to collapse
Thank you very much, I've not found such accurate and digestible information elsewhere!
But just to be sure.... I DON'T need to backup the userdata partition? And if I do.... Can I restore it from my old Broken G8 Thinq (which's android 10) to my new one (which's android 11) if I like the apps and stuff better (Both're AT&T). Would I have to unlock the carrier of the old one first (the new one is already unlocked)?
What if it were the same android version? What if it were different preinstalled carrier?
Also does that mean someone can get all my data with use of simple EDL?
PHANX0M said:
Thank you very much, I've not found such accurate and digestible information elsewhere!
But just to be sure.... I DON'T need to backup the userdata partition? And if I do.... Can I restore it from my old Broken G8 Thinq (which's android 10) to my new one (which's android 11) if I like the apps and stuff better (Both're AT&T). Would I have to unlock the carrier of the old one first (the new one is already unlocked)?
What if it were the same android version? What if it were different preinstalled carrier?
Also does that mean someone can get all my data with use of simple EDL?
Click to expand...
Click to collapse
Sorry, I can't be of much help with something like this. I've never tried to back up user data because it's just too much data and I would just prefer to reinstall the apps. Yes, someone could put the device in edl mode and pull off the user data, but if it's a stock device, it will be encrypted.
AsItLies said:
Sorry, I can't be of much help with something like this. I've never tried to back up user data because it's just too much data and I would just prefer to reinstall the apps. Yes, someone could put the device in edl mode and pull off the user data, but if it's a stock device, it will be encrypted.
Click to expand...
Click to collapse
So you're saying if the ROM (whether stock or not) supports encryption, the data pulled will be useless? And could I restore other partitions backed up from ANOTHER of the same device (whether different android version or not)?
And it's only encrypted if there's a lock code/pattern?
And if the bootloader was unlocked someone could just flash a custom recovery and bypass the lockscreen right?
Also luckily Mint doesn't read the IMEI like greedy AT&T