This will be the main, and ONLY thread we will keep updated for the progress of root on the Snapdragon variants of these phones from here on out.
As the other few threads are multi topic and confusing for people anticipating root, as well as for us working on it trying to sift through comments to keep each other updated. Those will be cleaned up to avoid confusion as well. This will make it easier for everyone to check back to see any new progress as I will be updating the OP whenever we make movement
**First, and foremost, I would like to recognize and thank @STF_TimelessGoD for his work on the initial post R&D Carrier Switch/Root Snapdragon. Without his time and effort putting that thread together and maintaining it, there would still be a lot of unanswered questions and we probably would not be as far as we are**
That thread will still continue for the Carrier Switching and a full guide is available at this link
[HOW TO] Carrier Switch For S8 Snapdragon
Current Root Progress
We are currently working on 2 main possible methods for this. Refer to each method in RED below the Key Notes.
Please, if you do not know what terms are, or what files are, Google search them to avoid filling the thread with easily answered questions
*UPDATE* 1 - 6-19_2:34pm CST
The first 2 are the main needed, as the provisioning can possibly be made from provisioning info already on the phone.
*UPDATE* 2 - 6-19_9:00pm CST
We have aquired the necessary Elf files from above. Now doing more research on proper ways to use them as they are qualcomm/device specific
*UPDATE* 3 - 6-22_1:34am CST
Much much time spent combing through code of these files and tools that are able to handle them. As well as the verification process andriod uses in conjunction with qualcomm between all 3 bootloaders and the Learned a lot tonight.
We learned enough to be able to begin some new tests tomorrow that is not the same as either of the methods below. However I cannot at this time divulge the method being used and for that I am sorry!
*UPDATE* 4 - 6-28_4:35pm CST
We studied up a lot on our selinux and the way that Nougat 7.0 has changed how security works and are currently working on adb permissive with *a debuggable user* kernel. Refer to Update in key notes for more info.
-METHODS UPDATED WITH METHOD 3
In general order of them happening/being found out.
- - Pre Release Combo Firmware is only known Firm to contain Allow OEM Unlock and have SELinux set to permissive by default. However, @elliwigy went through this thoroughly and found that permissive did literally nothing to help elevate privileges as it should have, and that the OEM unlock check box didn't seem to have any effect on secureboot.
Flashing Modified Bootloader Via EDL Mode
- Modify a current serial flashing tool (such as the Mi flash tool) to include our partition table and options to flash to certain partitions individually
- Modifying the bootloader source code to to be unlocked, then flashing unlocked bootloader via EDL
- At that point we could Odin Twrp and then flash whatever we wanted
Flashing True ENG Boot Via EDL Mode
- - As the first method, would need to modify a serial flashing tool for this.
- - First check would be to flash the True ENG Boot to the device via EDL.
- - Then check if it boots because you can't Odin the Eng Boot without it failing as stated in key notes above. Because EDL has elevated privileges, it will flash to the device, but we have to see upon starting, if it will still binary check and stop from booting.
- - If it boots, we should then be able to access su shell, and run a batch to obtain system root as usual.
METHOD 3 - Update 4
Modifying Boot Parameters with SELinux
- - Using the permissive boot that we figured out proper capabilities
- - Gain access to proper partitions to make the phone load a custom selinux profile that allows rw to system
- - Mount system r/w and install su binaries via adb
- - Modify remaining parameters needed within boot.img and create a runnable script for everyone!
^^EVERYTHING ABOVE WILL BE UPDATED AS PROGRESS IS MADE, WITH EDIT DATES. JUST LOOK FOR THE WORD *UPDATE* NEAR RELEVANT AREAS.^^
- CLICK HERE -
**If you would like to help or contribute in any way, please message me.**
It may take a bit to get back to you, and for that I apologize
**Please be patient with us as this is not a simple task and it is not a standard root method that has ever been used on Samsung as EDL was not previously available**