[Q] Change Bluetooth Address
I'm looking for some help verifying a few bits of information before I take a leap and risk bricking my phone. I need to change my bluetooth address. With any luck back to my original hardware address. I do have the original address, as "btnvtool -p" outputs a different address than is reported in 'about phone' -> 'status'. I problem is that both my wife and I have the same phone with the same ROM history, and now we both have the same improper mac address.
By way of links provided by another helpful users I have partial information in Russian. http://4pda.ru/forum/index.php?showt...#entry28414922
post 6853. I think I understand what to do via google translate and my partial understanding of how this works. The post points me to the /misc partition but I can't find any useful information about the partition for this phone that would backup the claims. Also the specific location that the post references, offset 4000, contains a string "ANDROID-BOOT!". While "ANDROI" is hex of 414E44524F49 which matches my incorrect mac address, the fact that it says "BOOT" makes me worry about changing it.
I'm hoping someone can help me any verify that this string isn't part of the boot process, or that the /misc partition isn't required to boot recovery. I feel fairly confident that I could create a flashable zip to restore a backup of this partition if needed. Below is my cleaned translation of the Russian post. If anyone with an e970 and a proper BT address could complete the first half, dd the partition to a file and check out the contents in a hex editor, I would feel much better about doing the rest.
Hello, using this method you can restore your original Bluetooth addresses. The active mac address is in raw MISC partition at hex offset 4000, it is not spelled out or anything.
perform the following (root is required)
dd if=/dev/block/platform/msm_sdcc.1/by-name/misc of=/sdcard/misc.img
and get at the file on the SD card and in a HEX editor zero the MAC address starting at hex offset 4000, save the file. Save the changed file to your phone:
dd if=/sdcard/misc.img of=/dev/block/platform/msm_sdcc.1/by-name/misc
After rebooting the details in the “About Phone” should show the real MAC BT.
So I found a little corroborating evidence to this post. I found this post
about the LS970(Sprint LGOG) stating that "All rooted LGOG Bluetooth MAC addresses are 41:4E:44:52:4F:49". Reading the thread a bit, I found a link to a "BT MAC FIX" script found with this kernel
Looking at what the file does, it uses btnvtool to get the real mac and writes it to byte 16384 ( hex 4000 ) of the misc partition. Seeing as this file has people confirming it works, I took the leap. It worked. Problem solved.
Sound like to me this is a problem as old as unlocking with freegee. Could be wrong but that seems like the common denominator to me from the posts I was reading. And yes for the record, now the dump of the misc partition now reads "******D-BOOT!" *s to hide my real mac.