Author Topic: Rooting the Cosmo Communicator  (Read 20065 times)

TauPan

  • Newbie
  • *
  • Posts: 36
    • View Profile
    • http://
Rooting the Cosmo Communicator
« Reply #105 on: February 07, 2020, 04:25:22 am »
I'd like to add that it's possible to do a full backup (make sure to include *every* partition from my scatter file) unlock the bootloader, backup seccfg again and then flash your complete backup and replace the boot img with the rooted one and the seccfg with the unlocked file. This way you can unlock and root without losing any data.

In theory it should even be possible to reflash your userdate after repartitioning this way, but I'm not sure which partitions beside userdata you need to reflash in order to be able to decrypt your userdata successfully. (Can't test at the moment, my Cosmo is in London since December for repairs.)

Quote from: Noppe
Quote from: Zarhan
- When starting to root the phone you need to unlock the bootloader. This will wipe all data. However, this is the only situation where data wipe is required - afterwards my data will stay even if I change to different firmwares.  Correct?

Correct.  You need to unlock the bootloader only once, and that is the only action that will wipe your data.  Best to do it early!  

Quote
- One thing that troubles me is that how can I get the system to remain rooted when new firmware versions arrive. The problem is that I don't want to unroot, relock bootloader (wipe data), upgrade, lock bootloader (wipe data), and root.

OTA updates don't care if your bootloader is unlocked.  If the OTA requires the untouched boot.img, you can flash the unrooted image back, apply the OTA, flash the new rooted boot.img, and be back to rooted.  You won't be touching the bootloader at all in this process, and your data are safe.

Quote
=> If there are prebuilt rooted images (either by the Community or planet), I can just apply a new FW directly. E.g. if I had a rooted V16, I could just install Ninji's rooted V19 and device would stay rooted, no data loss?

Correct, as long as you started with your bootloader already unlocked.

Quote
Essentially: If I don't want to lose my data at every OTA upgrade, do I need to always wait for community or Planet to publish pre-rooted images?

Nope, you can certainly follow the method of using SP Flash Tool or equivalent to extract the new boot.img, patch it in unrooted Cosmo userland with Magisk Manager, and then flash it back with SP Flash Tool.  Again, as long as you've got your bootloader unlocked, your data are fine.  (Although obviously when doing any of this stuff, it's a good idea to have backups.)

Zarhan

  • Full Member
  • ***
  • Posts: 201
    • View Profile
Rooting the Cosmo Communicator
« Reply #106 on: February 07, 2020, 04:49:02 am »
Quote from: Noppe
Nope, you can certainly follow the method of using SP Flash Tool or equivalent to extract the new boot.img, patch it in unrooted Cosmo userland with Magisk Manager, and then flash it back with SP Flash Tool.  Again, as long as you've got your bootloader unlocked, your data are fine.  (Although obviously when doing any of this stuff, it's a good idea to have backups.)

Thanks for clarifying... I was a bit worried about this warning at http://support.planetcom.co.uk/index.php/L..._Flashing_Guide about the fact that if I flash the wrong thing (NVRAM), my IMEI codes and stuff like that might end up hosed.

So, would this be the correct procedure in a generic case? I'm really trying to gather complete instructions in the sense that I know my way around Linux, but Android architecture is a completely new beast for me.

Initial rooting:
1. Install ADB and Fastboot
2. Set developer options: Go to "About device", tap it 7 times to get into developer settings. In developer settings:
 - Remove automatic updates
 - Allow USB debugging
 - Allow OEM unlocking
(Anything else?)

3. Turn off Cosmo. Attach to PC via USB. Turn it back on while holding Power and Volume buttons (ESC on keyboard + fingerprint sensor on the cover) for 10 seconds. As an alternative, just issue "adb reboot-bootloader" in ADB.
4. Issue 'fastbood flashing unlock'. This will wipe data and allow installation of custom images. Due to the wiping of data, you need to boot back to android and enable developer settings again.
5. Extract boot.img to memory card. This can be done in adb shell by ???? (Can it even be done if you are still unrooted?). Also make a copy with e.g. name boot-orig.img so that you can revert for OTA updates later on.
6. Boot to Android as usual.
7. Install magisk manager from https://github.com/topjohnwu/Magisk/releases (allow unknown sources).
8. Patch the boot.img on your memory card.
9. Transfer the boot.img and boot-orig.img to PC.
10. Reboot back to fastboot mode as in Step 3.
11. issue "fastboot flash boot boot-patched.img" (where the filename is the image patched by Magisk manager).
12. Reboot to rooted Android.


OTA update is pending:

1. Reboot to fastboot mode as in Step 3 of previous set of instructions.
2. issue "fastboot flash boot boot-orig.img" (where the filename is the original boot image).
3. Reboot to Android. Android is now unrooted and you can apply OTA as normal.
4. Apply OTA update and restart phone.
5. Extract boot.img and a copy boot-orig.img to memory card like in step 5 of the previous set.
6. Boot to Android.
Follow the steps 8-12 in the previous set (flash with your newly-patched boot.img from the OTA-upgraded firmware release).

Only thing that I'm missing that how are you actually supposed to get the extract the boot image (Step 5).
Other than that, is this accurate?

I'm a bit worried about warnings in using SP Flash Tool since there are warnings about the possibility of essentially bricking your device if you wipe the wrong partition (NVRAM) by accident. Then again, if it is required and I only use the readback function, I should be reasonably safe, right?
« Last Edit: February 07, 2020, 09:39:59 am by Zarhan »

Noppe

  • Newbie
  • *
  • Posts: 22
    • View Profile
Rooting the Cosmo Communicator
« Reply #107 on: February 07, 2020, 10:27:28 am »
Quote from: Zarhan
Only thing that I'm missing that how are you actually supposed to get the extract the boot image (Step 5).
Other than that, is this accurate?

I'm a bit worried about warnings in using SP Flash Tool since there are warnings about the possibility of essentially bricking your device if you wipe the wrong partition (NVRAM) by accident. Then again, if it is required and I only use the readback function, I should be reasonably safe, right?

Your listed procedure is correct, and you're right about the problem with step 5.  You can't do that on a non-rooted device using adb.  You have to extract the boot.img using SP Flash Tool, and the scatter file you can pick up earlier in this thread.  You can then transfer the resulting file back into the booted, non-rooted device however you like, and then patch it using Magisk Manager, pull it back off the device, and then use either SP Flash Tool or fastboot to flash it.  (Unfortunately for situations like this one, fastboot is write-only, so you cannot use it to extract the image, only to write it back.)

As long as you are using SP Flash Tool only for readback (and you don't *need* to use it for writing anything here), and as long as you follow the procedure correctly (i.e. "fastboot flash boot ..."), your nvram is safe.  But it is still recommended to make a backup using SP Flash Tool.  Just use SP Flash tool to pull everything from 0x0 to 0x11b000000 (that's where cache starts) and you'll get ~400 MB of output, which you can then save for the day you accidentally trash your nvram.    (You could of course just back up the nvram partition, but since 400 MB is not a lot of data, I personally like the idea of saving the whole thing this way, because you just never know.)
« Last Edit: February 07, 2020, 10:28:23 am by Noppe »

Zarhan

  • Full Member
  • ***
  • Posts: 201
    • View Profile
Rooting the Cosmo Communicator
« Reply #108 on: February 07, 2020, 10:39:20 am »
I'm now at my step 5 with an unlocked bootloader. Now I'm trying to grab the stock boot image off the Cosmo.

I could of course just grab Ninji's images off the links above and flash with those. However, what about when the next OTA upgrade comes up?

So...question: Suppose I use the available V19 images just for the initial rooting. Can I do without external tools like SP Flash Tool afterwards, after I got root and just rely on adb?

Essentially it comes down to this: At what time in the OTA process does boot partition get patched?

According to ADB shell (unrooted)
Code: [Select]
1|Cosmo_Communicator:/ $ ls -al /dev/block/platform/*/by-name | grep boot
lrwxrwxrwx 1 root root  21 2020-02-07 16:17 boot -> /dev/block/mmcblk0p30
lrwxrwxrwx 1 root root  20 2020-02-07 16:17 boot_para -> /dev/block/mmcblk0p1
lrwxrwxrwx 1 root root  23 2020-02-07 16:17 preloader_a -> /dev/block/mmcblk0boot0
lrwxrwxrwx 1 root root  23 2020-02-07 16:17 preloader_b -> /dev/block/mmcblk0boot1

Could I do the following for the OTA upgrade? Before using dd you need to 'su'.

1. Restore boot image to stock using dd if=/sdcard/boot-orig.img of=/dev/block/mmcblk0p30
2. Apply OTA update, DO NOT restart device after upgrade has been installed
3. Copy new boot image to memory card (dd if=/dev/block/mmcblk0p30 of=/sdcard/boot-new.img), make another copy and patch using magisk
4. Copy the new magisk boot image back in using dd
5. Restart to new version, rooted

Essentially: After firmware update is installed, does the boot.img get modified *right away* or only after the first restart to the new version?

Zarhan

  • Full Member
  • ***
  • Posts: 201
    • View Profile
Rooting the Cosmo Communicator
« Reply #109 on: February 07, 2020, 11:02:43 am »
Quote from: Noppe
As long as you are using SP Flash Tool only for readback (and you don't *need* to use it for writing anything here), and as long as you follow the procedure correctly (i.e. "fastboot flash boot ..."), your nvram is safe.  But it is still recommended to make a backup using SP Flash Tool.  Just use SP Flash tool to pull everything from 0x0 to 0x11b000000 (that's where cache starts) and you'll get ~400 MB of output, which you can then save for the day you accidentally trash your nvram.    (You could of course just back up the nvram partition, but since 400 MB is not a lot of data, I personally like the idea of saving the whole thing this way, because you just never know.)

400 MB? 0x11b000000 is about 4 Gigabytes. Are you certain? I can see the scatterfile indeed have cache start at that address.

I also cannot seem to be able to read back the boot partition using SP Flashtool. I put start address as 0x2170000 and length of 0x2000000 and I get an alignment error. Both of those figures are divisible by 512 (as well as 4096), so I'm not sure what the problem is... Mostly I'd like to do this part to check if I'm able to extract the boot image and have the same result as Ninji.

Zarhan

  • Full Member
  • ***
  • Posts: 201
    • View Profile
Rooting the Cosmo Communicator
« Reply #110 on: February 07, 2020, 11:12:30 am »
Quote from: Zarhan
I also cannot seem to be able to read back the boot partition using SP Flashtool. I put start address as 0x2170000 and length of 0x2000000 and I get an alignment error. Both of those figures are divisible by 512 (as well as 4096), so I'm not sure what the problem is... Mostly I'd like to do this part to check if I'm able to extract the boot image and have the same result as Ninji.

Ok, this was apparently due to some quirk in SP Flashtool. I needed to input 0x00000000002000000 (with the leading zeroes) instead of just 0x2000000. I could grab off the boot partition, and then cut if to same size as Ninji's image and sha1sums indeed match.

Now going to try to see if Magisk happens. Still concerned about OTA upgrade process.

Zarhan

  • Full Member
  • ***
  • Posts: 201
    • View Profile
Rooting the Cosmo Communicator
« Reply #111 on: February 07, 2020, 11:45:34 am »
Quote from: Zarhan
Now going to try to see if Magisk happens. Still concerned about OTA upgrade process.

OMG. Magic indeed happened. I now have a rooted phone with an image I built "myself".

However, my speculated process about being able to put the original boot image into place without resorting to external tools ran into a snag.

If I ran

dd if=sdcard/Boot.img of=/dev/block/mmcblk0p30 bs=65536

The end result was that I'm *not* unrooted. I even tried pushing in the full 32 MB of padded zeroes, didn't help.

I could of course fastboot and flash the stock rom back in, but then I cannot do the next level of patching.

My next guess is that I actually attempted to write to the wrong block device. Luckily I have backups...

Noppe

  • Newbie
  • *
  • Posts: 22
    • View Profile
Rooting the Cosmo Communicator
« Reply #112 on: February 07, 2020, 01:52:28 pm »
Quote from: Zarhan
400 MB? 0x11b000000 is about 4 Gigabytes. Are you certain? I can see the scatterfile indeed have cache start at that address.

Eh, what's a factor of ten between friends?    (Yeah, you're right, sorry about my error.)

Quote
dd if=sdcard/Boot.img of=/dev/block/mmcblk0p30 bs=65536

I can't really speak to this process.  I've only used SP Flash Tool and fastboot for flashing the boot image.

Zarhan

  • Full Member
  • ***
  • Posts: 201
    • View Profile
Rooting the Cosmo Communicator
« Reply #113 on: February 08, 2020, 05:39:22 am »
Quote from: Noppe
I can't really speak to this process.  I've only used SP Flash Tool and fastboot for flashing the boot image.

Oh well, at least I now have *some* process of getting this done, although I'd really want to get rid of the requirement for a PC whenever an OTA upgrade rolls around.

Maybe TWRP would help...

Charliest

  • Newbie
  • *
  • Posts: 7
    • View Profile
Rooting the Cosmo Communicator
« Reply #114 on: February 17, 2020, 07:57:29 am »
In order to flash the full firmware image (a few posts up), do I use the SP Flash tool or TWRP? I tried the flash tool and it reports that the scatter file is an invalid format.

sup

  • Newbie
  • *
  • Posts: 25
    • View Profile
Rooting the Cosmo Communicator
« Reply #115 on: March 02, 2020, 03:17:16 am »
Quote from: TauPan
I'd like to add that it's possible to do a full backup (make sure to include *every* partition from my scatter file) unlock the bootloader, backup seccfg again and then flash your complete backup and replace the boot img with the rooted one and the seccfg with the unlocked file. This way you can unlock and root without losing any data.

In theory it should even be possible to reflash your userdate after repartitioning this way, but I'm not sure which partitions beside userdata you need to reflash in order to be able to decrypt your userdata successfully. (Can't test at the moment, my Cosmo is in London since December for repairs.)

Any news on this? I would love to backup my data (including userdata, which, if I understand it correctly, are the most important anyway) before reflashing.

Also, now that there are official root images from Planet, is there any advantage at using procedures in this thread?

Also, regarding the official way - can I root the phone without changing partitions so that I do not lose my data?

Zarhan

  • Full Member
  • ***
  • Posts: 201
    • View Profile
Rooting the Cosmo Communicator
« Reply #116 on: March 02, 2020, 09:29:48 am »
Quote from: sup
Also, now that there are official root images from Planet, is there any advantage at using procedures in this thread?

Considering that Planet's own rooted image apparently causes your SIM card to stop functioning then yeah...I'd rather keep rolling my own image.

cam1965

  • Sr. Member
  • ****
  • Posts: 264
    • View Profile
    • http://
Rooting the Cosmo Communicator
« Reply #117 on: March 26, 2020, 10:13:36 am »
There is a  new version of firmware today  ( ota update )  . I've rooted android the unnoficial way following the steps in this forum. But this firmware update from Planet didn't install ( error ). Can someoone help ? Thank you.

Zarhan

  • Full Member
  • ***
  • Posts: 201
    • View Profile
Rooting the Cosmo Communicator
« Reply #118 on: March 26, 2020, 10:56:19 am »
Quote from: cam1965
There is a  new version of firmware today  ( ota update )  . I've rooted android the unnoficial way following the steps in this forum. But this firmware update from Planet didn't install ( error ). Can someoone help ? Thank you.

You need to unroot your device first, obviously. I haven't tested the process myself, but you need to essentially install the original boot image via fastboot. Then boot, patch, and re-root (you need to create a new rooted image or wait for someone to publish one here).

mibry

  • Jr. Member
  • **
  • Posts: 58
    • View Profile
Rooting the Cosmo Communicator
« Reply #119 on: March 26, 2020, 11:03:40 am »
I was wondering if someone could help me. I was trying to be smart by deleting google system files off my cosmo. When I try to apply the v20 patch it fails. I have downloaded the system dump files from post 83 and when I try to restore my cosmo from the scatter files it is missing some files. So far I have been able to resolve some of the error I am getting but I have hit a road block. I seem to be missing the bin files for scp1, scp2, lk, lk2, logo, tee1, tee2, cache and userdata. If I am able to restore without these file please let me know.

Thanks in advance.

Regards

Mibry