...
But before you do that, you need to get FF working:
-- Install FF v0.24 but do not open it. You can make it a system app at this point. I used Link2SD (right-click on the app and convert it to a system app), but moving it to /system/app or /system/priv-app works just as well. For SuperSU, just choose the option in Settings to make it a system app (this moves SuperSU to /system/app; you can check it using a root explorer). Reboot after you convert user apps into system apps.
-- Assuming you have Xposed working (v89 works fine), install and activate the Per App Hacking module.
-- Go to the aforementioned module and scroll down to FF. Under Time Machine, choose a date right after v0.24 was released (but before v0.26 just to be safe). I went with late Sept. 2015. The format is (date time): 2015-09-25 12:55.
-- Now start FF. It should open w/o complaints. Under Settings, use the best compression and all the cores.
-- This is not needed if you use FF to backup /system as a raw image, but here's how you use dd (make sure you copy the backup off the tablet after it's done):
Code:
adb shell
su
dd if=/dev/block/mmcblk0p13 of=/sdcard/system.img
-- If you are happy with your system partition, you can now backup using FF. Choose "raw" backup.
-- Here's where you wait ... and wait ... and wait. I have timed this (I know what you're thinking!): First, the Fire will reboot to a near-black screen. It will spend about 4 minutes on that screen before a huge Loading sign in the center and a bunch of /system modules being loaded. Next, you will be on a black, but slightly brighter, screen for another 4 minutes, after which you will see the red FF logo at the top and backup progress at the bottom. The actual backup should take a minute or so and the Fire will reboot. Your backup should be in /sdcard/FlashFire/Backups/. Open system.gz in 7-Zip and extract system. Save it as system.img (file extension optional).
-- To backup /data, choose Normal backup in FF, check the data partition, and repeat the rest of the steps in FF (above). FF does not give you the option to backup /data as a raw image (thankfully, so you're not left with a 20G backup because /sdcard is in /data).
-- After a factory reset (or if root is lost), use the Kingo PC app and root as usual (do not reboot), but don't jump through hoops to install SuperSU. Use dd to write back the saved system img (assuming it's in /sdcard):
Code:
adb shell
su
mount -w -o remount /system
dd if=/sdcard/system.img of=/dev/block/mmcblk0p13; sync
Wait a few minutes and reboot. (If your Fire reboots before this is done, you will be stuck at the Fire logo, but adb shell and su will still be available. Repeat the dd and it should work this time.)
-- After confirming SuperSU is working as expected (change the default access to Grant), uninstall the Kingo junk.
-- Finally, restore the data partition using FF, but before you do so, install Per App Hacking and tweak it to get FF working.
