Attend XDA's Second Annual Developer Conference, XDA:DevCon 2014!
5,736,274 Members 45,942 Now Online
XDA Developers Android and Mobile Development Forum
View Poll Results: Will this work or will I royally #$%# my phone
Yes 6 54.55%
No 0 0%
Maybe 3 27.27%
I don't know 2 18.18%
Voters: 11. You may not vote on this poll

Building a pre-rooted, de-knoxed stock ROM for S4 (i337m)

Tip us?
 
The French Tickl3r
Old
#1  
The French Tickl3r's Avatar
Senior Member - OP
Thanks Meter 22
Posts: 161
Join Date: May 2013
Location: Montreal
Info 2 Building a pre-rooted, de-knoxed stock ROM for S4 (i337m)

Hello XDA-san

This is my first time working with cygwin and Android Kitchen and I wanted to make sure I didn't miss anything that will royally brick my s4. I have attached screenshots of my journey for reference.

I started with the stock ROM from you know where, version 4.4.2 (i337MOYAFNC1) and proceeded to remove the KNOX bootloader (using instructions from SilviuMik). I skipped the last step where it is re-md5, to continue on to the kitchen..

Using the de-knoxed tar file, I created a working folder for the ROM in the kitchen. It started unpacking, everthing went well. When i was prompted to choose if I wanted to extract the CSC, I said no.. because the DiskInternals Linux reader was giving me an error saying along the lines of cant read disk..

From my working folder, I proceeded to root & busybox, all went well. I then deodexed both the system apps and framework, all went well.

lastly, I made a build from the working folder. Selected all default options while doing so (see pictures) , signed the freshly minted rom and voila.

Attached Thumbnails
Click image for larger version

Name:	android kitchen S4 part 1.jpg
Views:	650
Size:	134.1 KB
ID:	2640558   Click image for larger version

Name:	android kitchen S4 part 2.jpg
Views:	548
Size:	226.0 KB
ID:	2640559   Click image for larger version

Name:	android kitchen S4 part 3.jpg
Views:	463
Size:	140.0 KB
ID:	2640560   Click image for larger version

Name:	android kitchen S4 part 4.jpg
Views:	399
Size:	185.1 KB
ID:	2640561   Click image for larger version

Name:	android kitchen S4 part 5.jpg
Views:	368
Size:	121.4 KB
ID:	2640566  

Click image for larger version

Name:	android kitchen S4 part 6.jpg
Views:	363
Size:	161.9 KB
ID:	2640567   Click image for larger version

Name:	android kitchen S4 part 7.jpg
Views:	361
Size:	155.0 KB
ID:	2640568   Click image for larger version

Name:	removing KNOX from Stock S4 Kitkat.jpg
Views:	370
Size:	118.3 KB
ID:	2640569  
 
broodplank1337
Old
#2  
broodplank1337's Avatar
Recognized Contributor / Recognized Developer
Thanks Meter 9902
Posts: 4,922
Join Date: Nov 2011
Location: Nijmegen

 
DONATE TO ME
If the repacking was successful there is not much to fear about.

(You may want to lookup if there is any dependents (in the rom) by using the removed knox bootloader (atleast remove the knox apks I guess)

the CSC is really nothing important:

Quote:
A common short code (CSC) is a short telephone number, usually consisting of five digits, that is used to address SMS and MMS messages from a cellular telephone. Common short codes may also be called mobile short codes or short numbers. Each common short code is designed to be unique to each operator.
Just include the one from the stockrom. btw, I have successfully manually unpacked the CSC file a year ago or so with simg2img, it only contained crap (samsung only files for altering behavior in TW rom and bloatware), the hidden partition or preload partition may also contain unwanted crap btw

So go ahead and flash it, your phone will not get bricked by this in any way.
Device: Samsung Galaxy S4 (i9505)

Latest Development:
 

Roms:
AOSP v4.4.4 (KTU84P) from source for I9505 (Github)
- Cleanest ROM available for i9505. along with up-to-date stock kernel, also forms a perfect base for ROM developers.

Apps:
Galaxy S4 Glove Mode App (Playstore link)
- Do you want the Glove Mode of the S4 but your ROM doesn't support it? Use this app to enable/disable it easily.

Latest Scraps:
Proprietary Lib Cleaner / Silent proprietary libs / Live Thermal Monitor / GIT Conflict Fixer

Projects in development:
 

broodROM KitKat "Aiming for perfection"
- Custom ROM with really high standards, more info soon

For sources you can visit my Github. Or take a look at all my projects

The Following User Says Thank You to broodplank1337 For This Useful Post: [ Click to Expand ]
 
The French Tickl3r
Old
#3  
The French Tickl3r's Avatar
Senior Member - OP
Thanks Meter 22
Posts: 161
Join Date: May 2013
Location: Montreal
Quote:
Originally Posted by broodplank1337 View Post
If the repacking was successful there is not much to fear about.

(You may want to lookup if there is any dependents (in the rom) by using the removed knox bootloader (atleast remove the knox apks I guess)

the CSC is really nothing important:



Just include the one from the stockrom. btw, I have successfully manually unpacked the CSC file a year ago or so with simg2img, it only contained crap (samsung only files for altering behavior in TW rom and bloatware), the hidden partition or preload partition may also contain unwanted crap btw

So go ahead and flash it, your phone will not get bricked by this in any way.
Hi broodplank1337, thhank you for your reply

So would it be better to go into my newly minted zip file and hunt down the knox apks / dependencies? Or should I flash the ROM then use root browser to get rid of them?

I found this list "

Delete the files in the following files in this order.


/system/app/KNOXAgent.apk
/system/app/KNOXAgent.odex
/system/app/KLMSAgent.apk
/system/app/KLMSAgent.odex
/system/app/KnoxAttestationAgent.apk
/system/app/KnoxAttestationAgent.odex
/system/app/KNOXStore.apk
/system/app/KNOXStore.odex
/system/app/ContainerAgent.apk
/system/app/ContainerAgent.odex

/system/lib/libknoxdrawglfunction.so

/system/app/ContainerEventsRelayManager.apk
/system/app/ContainerEventsRelayManager.odex
/system/app/KNOXStub.apk <--- delete if you have, some will not


Delete the following folders

/system/containers
/system/preloadedkiosk
/system/preloadedsso

/system/etc/secure_storage/com.sec.knox.store
/data/data/com.sec.knox.seandroid
/data/data/com.sec.knox.store
/data/data/com.sec.knox.containeragent
/data/data/com.samsung.android.walletmanager
Certified Couch Tester

Current: Phoneless (thank you DHL) and Galaxy Tab 2 10.1; SlimKat

Past: Galaxy S5 XtreStoLite
Galaxy S4; Samy Deluxe Jelly Biafra
Nexus 4; Z1 ROM (xperia XL)
Galaxy S3; SlimKat
Galaxy S2; HellKat (Diablo kernel)

 
broodplank1337
Old
#4  
broodplank1337's Avatar
Recognized Contributor / Recognized Developer
Thanks Meter 9902
Posts: 4,922
Join Date: Nov 2011
Location: Nijmegen

 
DONATE TO ME
Quote:
Originally Posted by The French Tickl3r View Post
Hi broodplank1337, thhank you for your reply

So would it be better to go into my newly minted zip file and hunt down the knox apks / dependencies? Or should I flash the ROM then use root browser to get rid of them?

I found this list "

Delete the files in the following files in this order.


/system/app/KNOXAgent.apk
/system/app/KNOXAgent.odex
/system/app/KLMSAgent.apk
/system/app/KLMSAgent.odex
/system/app/KnoxAttestationAgent.apk
/system/app/KnoxAttestationAgent.odex
/system/app/KNOXStore.apk
/system/app/KNOXStore.odex
/system/app/ContainerAgent.apk
/system/app/ContainerAgent.odex

/system/lib/libknoxdrawglfunction.so

/system/app/ContainerEventsRelayManager.apk
/system/app/ContainerEventsRelayManager.odex
/system/app/KNOXStub.apk <--- delete if you have, some will not


Delete the following folders

/system/containers
/system/preloadedkiosk
/system/preloadedsso

/system/etc/secure_storage/com.sec.knox.store
/data/data/com.sec.knox.seandroid
/data/data/com.sec.knox.store
/data/data/com.sec.knox.containeragent
/data/data/com.samsung.android.walletmanager
Oh I thought you were building an odin rom? zip you say?
Anyways, just remove em from the system folder and test it's result. You can always test roms without damaging your device at any time, read: it's impossible for a ROM to brick a phone, the thing that can brick it is the kernel, but only if using a kernel from an other device or so.

so don't be afraid to test it, if it doesn't work just continue your work. if it works, good joob
Device: Samsung Galaxy S4 (i9505)

Latest Development:
 

Roms:
AOSP v4.4.4 (KTU84P) from source for I9505 (Github)
- Cleanest ROM available for i9505. along with up-to-date stock kernel, also forms a perfect base for ROM developers.

Apps:
Galaxy S4 Glove Mode App (Playstore link)
- Do you want the Glove Mode of the S4 but your ROM doesn't support it? Use this app to enable/disable it easily.

Latest Scraps:
Proprietary Lib Cleaner / Silent proprietary libs / Live Thermal Monitor / GIT Conflict Fixer

Projects in development:
 

broodROM KitKat "Aiming for perfection"
- Custom ROM with really high standards, more info soon

For sources you can visit my Github. Or take a look at all my projects

The Following 2 Users Say Thank You to broodplank1337 For This Useful Post: [ Click to Expand ]
 
Surge1223
Old
#5  
Surge1223's Avatar
Recognized Contributor
Thanks Meter 3377
Posts: 1,644
Join Date: Nov 2012
Location: Iowa

 
DONATE TO ME
Quote:
Originally Posted by broodplank1337 View Post
Oh I thought you were building an odin rom? zip you say?
Anyways, just remove em from the system folder and test it's result. You can always test roms without damaging your device at any time, read: it's impossible for a ROM to brick a phone, the thing that can brick it is the kernel, but only if using a kernel from an other device or so.

so don't be afraid to test it, if it doesn't work just continue your work. if it works, good joob
One caveat to this, and this mostly applies to Verizon and AT&T users, but if you have upgraded to KitKat and kept root using SuperSu's survival mode and your planning to test a rom using Safestrap, you better make sure that the su binary is in xbin and bin (.ext/.su) and that the Superuser.apk is in /system/app. Also make sure that the permissions are set correctly for su (chmod 06755 chown 0.0) and have busybox in the rom as well, or at least have busybox install in the updater-script and make sure everything symlinks correctly.

The best thing to do when testing roms to avoid having to worry about losing root is to download Chainfire's SuperSu zip and flash it after you flash your rom you're testing (but before it reboots into the rom for the first time) the reason I even mention all of this is because currently we (Verizon and AT&T users) have no way to root a device thats taken a complete 4.4.2 OTA.
The Following User Says Thank You to Surge1223 For This Useful Post: [ Click to Expand ]
 
broodplank1337
Old
#6  
broodplank1337's Avatar
Recognized Contributor / Recognized Developer
Thanks Meter 9902
Posts: 4,922
Join Date: Nov 2011
Location: Nijmegen

 
DONATE TO ME
Quote:
Originally Posted by Surge1223 View Post
One caveat to this, and this mostly applies to Verizon and AT&T users, but if you have upgraded to KitKat and kept root using SuperSu's survival mode and your planning to test a rom using Safestrap, you better make sure that the su binary is in xbin and bin (.ext/.su) and that the Superuser.apk is in /system/app. Also make sure that the permissions are set correctly for su (chmod 06755 chown 0.0) and have busybox in the rom as well, or at least have busybox install in the updater-script and make sure everything symlinks correctly.

The best thing to do when testing roms to avoid having to worry about losing root is to download Chainfire's SuperSu zip and flash it after you flash your rom you're testing (but before it reboots into the rom for the first time) the reason I even mention all of this is because currently we (Verizon and AT&T users) have no way to root a device thats taken a complete 4.4.2 OTA.
Seriously? wow, thanks for mentioning, I can't believe what a pricks Verizon and AT&T are. Same count for Samsung that handles knox regulation in the USA (while not in other countries). In the USA you get pretty much screwed by the carriers and manufacturers the hard way.

In The Netherlands (where I live) it's even illegal to sell smartphones that are not unlocked by default. and the only thing a carrier may do is adding a CSC (Consumer Software Customization) package. This should be in the USA as well!

In the USA companies get to private / independent it seems. they should be regulated by national government rules. instead of making their own. (this keeps the crap like the problem you described away)

But Samsung should be regulated as well, there is no chance that will happen (south-korea), and their phones will contain more and more backdoors / suspicious daemons / methods of screwing you and so on, because who checks it, no one. Oh yes only someone, the NSA that adds even more of this stuff, like a VPN Interceptor, which no one is waiting for as well.

Anyways, life (or actually companies) is (are) a bitch. Only strict regulation could solve this, but who still believes in regulation after seeing what the NSA all did, they broke like every single rule and forced companies to merge their crap (most likely, or a huge payment, but no single company actually likes that)
- NSA 'was allowed' to break in all PC's because that where outside the USA. that just ridiculous but true
- NSA applied their 'jizz' to all super famous apps like Facebook.

Even though it sounds like I say USA is the culprit thats not true, The netherlands have BREIN, which is the anti piracy company.

This asshole tim kuik has,

a. destroyed the piratebay for the whole world (even though it's recuping soon)
b. have done a million requests on removing uploaded movies (on newsgroups)

I really went OT all the way at this reply xd but you get my point

The product gets made, then infected by the creator, then gets forced to merge nsa crap. after that it goes to the carrier which installs even more crap.

there is not a single bit of freedom left
Device: Samsung Galaxy S4 (i9505)

Latest Development:
 

Roms:
AOSP v4.4.4 (KTU84P) from source for I9505 (Github)
- Cleanest ROM available for i9505. along with up-to-date stock kernel, also forms a perfect base for ROM developers.

Apps:
Galaxy S4 Glove Mode App (Playstore link)
- Do you want the Glove Mode of the S4 but your ROM doesn't support it? Use this app to enable/disable it easily.

Latest Scraps:
Proprietary Lib Cleaner / Silent proprietary libs / Live Thermal Monitor / GIT Conflict Fixer

Projects in development:
 

broodROM KitKat "Aiming for perfection"
- Custom ROM with really high standards, more info soon

For sources you can visit my Github. Or take a look at all my projects

The Following 2 Users Say Thank You to broodplank1337 For This Useful Post: [ Click to Expand ]
 
The French Tickl3r
Old
#7  
The French Tickl3r's Avatar
Senior Member - OP
Thanks Meter 22
Posts: 161
Join Date: May 2013
Location: Montreal
Thank you both for these tips. Being a rather unexperienced cook, I would have never thought of these important details mentioned above.

it really is a shame how tightly service provider have our collective balls in a grasp..
Certified Couch Tester

Current: Phoneless (thank you DHL) and Galaxy Tab 2 10.1; SlimKat

Past: Galaxy S5 XtreStoLite
Galaxy S4; Samy Deluxe Jelly Biafra
Nexus 4; Z1 ROM (xperia XL)
Galaxy S3; SlimKat
Galaxy S2; HellKat (Diablo kernel)

 
elesbb
Old
#8  
elesbb's Avatar
Senior Member
Thanks Meter 4251
Posts: 6,656
Join Date: Jun 2010

 
DONATE TO ME
Quote:
Originally Posted by broodplank1337 View Post
 
Seriously? wow, thanks for mentioning, I can't believe what a pricks Verizon and AT&T are. Same count for Samsung that handles knox regulation in the USA (while not in other countries). In the USA you get pretty much screwed by the carriers and manufacturers the hard way.

In The Netherlands (where I live) it's even illegal to sell smartphones that are not unlocked by default. and the only thing a carrier may do is adding a CSC (Consumer Software Customization) package. This should be in the USA as well!

In the USA companies get to private / independent it seems. they should be regulated by national government rules. instead of making their own. (this keeps the crap like the problem you described away)

But Samsung should be regulated as well, there is no chance that will happen (south-korea), and their phones will contain more and more backdoors / suspicious daemons / methods of screwing you and so on, because who checks it, no one. Oh yes only someone, the NSA that adds even more of this stuff, like a VPN Interceptor, which no one is waiting for as well.

Anyways, life (or actually companies) is (are) a bitch. Only strict regulation could solve this, but who still believes in regulation after seeing what the NSA all did, they broke like every single rule and forced companies to merge their crap (most likely, or a huge payment, but no single company actually likes that)
- NSA 'was allowed' to break in all PC's because that where outside the USA. that just ridiculous but true
- NSA applied their 'jizz' to all super famous apps like Facebook.

Even though it sounds like I say USA is the culprit thats not true, The netherlands have BREIN, which is the anti piracy company.

This asshole tim kuik has,

a. destroyed the piratebay for the whole world (even though it's recuping soon)
b. have done a million requests on removing uploaded movies (on newsgroups)

I really went OT all the way at this reply xd but you get my point

The product gets made, then infected by the creator, then gets forced to merge nsa crap. after that it goes to the carrier which installs even more crap.

there is not a single bit of freedom left
The NSA can screw a cow. USA is Freedom? Like hell. I live here and am starting to become ashamed of my country. I hate the government, more directly this president. Anyway, whats a VPN Interceptor? Sounds scary..

But about the OP, can you build an Odin tar with the older Bootloaders in and newer system images to remove knox warranty and allow users to upgrade without screwing themselves? Last i checked, you needed a way to sign the tar file to match with the current bootloader checking.
 
sorg
Old
#9  
Senior Member
Thanks Meter 565
Posts: 689
Join Date: Sep 2006
Location: 台灣
Quote:
Originally Posted by broodplank1337 View Post
the CSC is really nothing important:
CSC is "Country/Carrier Specific Config", not "common short code"
While it's not so important, skipping it may produce many side effects in normal work.

The common way to deal with CSC is extract it and pre-integrate into system - that's what stock recovery is doing upon first boot after flash.
Samsung Galaxy S4 SHV-E330S: Optimus ROM (TW 4.4.2) & Kernel. CPU OC 2.7GHz, GPU OC 645MHz, non-KNOX bootloader, UHD/SM/360 Camera.
Samsung Galaxy S4 GT-I9500: Optimus ROM (TW 4.3), Perseus Kernel. CPU No-OC, GPU OC 700MHz, non-KNOX bootloader.
Past models: Samsung Galaxy SIII SHV-E210K & GT-I9300, Samsung Galaxy SII GT-I9100.
 
garwynn
Old
#10  
garwynn's Avatar
Forum Moderator / Recognized Developer
Thanks Meter 7392
Posts: 4,621
Join Date: Jul 2011
Location: Chi-town

 
DONATE TO ME
Quote:
Originally Posted by sorg View Post
CSC is "Country/Carrier Specific Config", not "common short code"
While it's not so important, skipping it may produce many side effects in normal work.

The common way to deal with CSC is extract it and pre-integrate into system - that's what stock recovery is doing upon first boot after flash.
This doesn't always work. I used to try this with rooted dump/repacks for S4, N2 and E4GT and we got mixed results not including Samsung's cache.img. In Sprint's case this defaulted the carrier to XAS, an internal use only code that doesn't fully enable everything for Sprint. I don't recall if this was on images with a blank data.img only or "nodata" cases as well.
Contact: Twitter || Google+/Hangouts (Non-Moderator issues only please)
Useful Links: Forum Moderator List || Forum Rules

Please continue to thank and support those who bring these great things to our devices!
(That includes RTs, RCs, RDs/SRDs, FMs/SFMs and the people who maintain the site.)

Tags
android kitchen, knox, rooting
Thread Tools Search this Thread
Search this Thread:

Advanced Search
Display Modes