How to root after January security patch (SM-A520F) A5 2017

Search This thread

kobejor

Senior Member
Dec 8, 2017
127
11
Here you go, this is a mix of the Marshmallow A520FXXU2AQF7 sboot and the rest from the Nougat A520FXXU2BQK1 BL file.

https://androidfilehost.com/?fid=962187416754456246

.

ok sir. thaks... i'll try it .. if not working try to repack these BL ... this is my current BL and lates MM BL...
https://drive.google.com/file/d/1yLP8Q0sASbsnEKmOFV7e6jA5wJEAU0Qf/view?usp=sharing

https://drive.google.com/file/d/1dKsfkZs8hM017iuMa7Yw5JTkhVrwq4ir/view?usp=sharing

failed to flashed...
 
Last edited:
  • Like
Reactions: mixgame1

BlackMesa123

Recognized Contributor
Aug 29, 2015
2,365
4,129
Samsung Galaxy S5
Samsung Galaxy J5
RMM State Lock fix

Hello everybody. I got interested about this problem since my friends @Yahia Angelo and @corsicanu got the "Only official released binaries are allowed to be flashed" problem, so we decided to search deeply about this. We found out that this problem isn't related to FRP/OEM Unlock (even if enabled same problem comes), but to a new prop that you can see in Download Mode (RMM State: Prenormal). By searching in system, seems this prop is related to a new "thief" protection Samsung added in latest firmwares. Let's make an example: you get the device, setup Google Account, all good... then someone steals the device and wipes it... ok. After wipe he boots, but he can't pass the setup without internet, and when he connects to internet it asks for your Google account, since your account is saved in FRP partition, so he can't setup. This RMM State is more than that simple FRP, as it doesn't allow him to flash custom binaries to remove FRP. So now let's cut to the chase: who still doesn't have this RMM lock can avoid to get the device locked by following these two simple steps:

1. In build.prop, make sure "ro.security.vaultkeeper.feature" property is set to 0, like this:
Code:
sys.use_fifo_ui=0
ro.wsmd.enable=true
ro.security.vaultkeeper.feature=[COLOR="Blue"]0[/COLOR]
keyguard.no_require_sim=true
ro.carrier=unknown

2. Remove Rlc app. To do this go in "/system/priv-app" folder with a root file manager or with twrp file manager and remove "Rlc" folder.

For those who unfortunately has RMM State set to "Prenormal", as this user reports, seems that by keeping your phone running without shut it off/reboot, at a certain device running time value RMM State prop will set again to "Normal", so you can flash custom binaries again, if it works to you make sure to follow the above steps to not get locked again, I'll keep you guys updated about this when there will be news.

EDIT:
In attachments now you can find a zip that does the job for you. So when RMM State is set back to "Normal", flash a custom recovery and then flash the zip below to avoid lock again. Thanks to @_alexndr for his edit version of the zip to fully support new Samsung devices!
 

Attachments

  • RMM-State_Bypass_Mesa_v2.zip
    1.6 KB · Views: 213,262
Last edited:

ashyx

Inactive Recognized Contributor
Oct 14, 2012
15,055
9,943
Hello everybody. I got interested about this problem since my friends @Yahia Angelo and @corsicanu got the "Only official released binaries are allowed to be flashed" problem, so I decided to search deeply about this. Find out that this problem isn't related to FRP/OEM Unlock (even if enabled same problem comes), but to a new prop that you can see in Download Mode (RMM State: Prenormal). By searching in system, seems this prop is related to a new "thief" protection Samsung added in latest firmwares. Let's make an example: you get the device, setup Google Account, all good... then someone steals the device and wipes it... ok. After wipe he boots, but he can't pass the setup without internet, and when he connects to internet it asks for your Google account, since your account is saved in FRP partition, so he can't setup. This RMM State is more than that simple FRP, as it doesn't allow him to flash custom binaries. Let's cut to the chase: who still doesn't have this RMM lock, you can avoid to get your device locked by following these two simple steps:

1. In build.prop, make sure "ro.security.vaultkeeper.feature" property is set to 0, like this:


2. Remove Rlc app. To do this go in "/system/priv-app" folder with a root file manager or with twrp file manager and remove "Rlc" folder.

For those who unfortunately has RMM State set to "Prenormal", I'm still searching if there's a way to get you guys out from the lock. Anyway as this user reports, seems that by keeping your phone running without shut it off/reboot, at a certain device running time value RMM State prop will set again to "Normal", so you can flash custom binaries again, if it works to you make sure to follow the above steps to not get locked again, I'll keep you guys updated about this when there will be news.
Good find. Pity I don't have a device new enough to have this issue, but anything I come across I'll be sure to post it.
I'm sure there will be a way around it.
We have already managed to bypass it with down grading the bootloader, but Samsung keep updating the bootloader to lock us out.

Anything past an XXU2 bootloader and you're gonna have issues.
 

ermakovermakov7878

Senior Member
May 25, 2015
131
83
Chelyabinsk
Hello everybody. I got interested about this problem since my friends @Yahia Angelo and @corsicanu got the "Only official released binaries are allowed to be flashed" problem, so I decided to search deeply about this. Find out that this problem isn't related to FRP/OEM Unlock (even if enabled same problem comes), but to a new prop that you can see in Download Mode (RMM State: Prenormal). By searching in system, seems this prop is related to a new "thief" protection Samsung added in latest firmwares. Let's make an example: you get the device, setup Google Account, all good... then someone steals the device and wipes it... ok. After wipe he boots, but he can't pass the setup without internet, and when he connects to internet it asks for your Google account, since your account is saved in FRP partition, so he can't setup. This RMM State is more than that simple FRP, as it doesn't allow him to flash custom binaries. Let's cut to the chase: who still doesn't have this RMM lock, you can avoid to get your device locked by following these two simple steps:

1. In build.prop, make sure "ro.security.vaultkeeper.feature" property is set to 0, like this:
Code:
sys.use_fifo_ui=0
ro.wsmd.enable=true
ro.security.vaultkeeper.feature=[COLOR="Blue"]0[/COLOR]
keyguard.no_require_sim=true
ro.carrier=unknown

2. Remove Rlc app. To do this go in "/system/priv-app" folder with a root file manager or with twrp file manager and remove "Rlc" folder.

For those who unfortunately has RMM State set to "Prenormal", I'm still searching if there's a way to get you guys out from the lock. Anyway as this user reports, seems that by keeping your phone running without shut it off/reboot, at a certain device running time value RMM State prop will set again to "Normal", so you can flash custom binaries again, if it works to you make sure to follow the above steps to not get locked again, I'll keep you guys updated about this when there will be news.
This is a good solution if it is!:good:
 
  • Like
Reactions: dukedusty

kobejor

Senior Member
Dec 8, 2017
127
11
Hello everybody. I got interested about this problem since my friends @Yahia Angelo and @corsicanu got the "Only official released binaries are allowed to be flashed" problem, so I decided to search deeply about this. Find out that this problem isn't related to FRP/OEM Unlock (even if enabled same problem comes), but to a new prop that you can see in Download Mode (RMM State: Prenormal). By searching in system, seems this prop is related to a new "thief" protection Samsung added in latest firmwares. Let's make an example: you get the device, setup Google Account, all good... then someone steals the device and wipes it... ok. After wipe he boots, but he can't pass the setup without internet, and when he connects to internet it asks for your Google account, since your account is saved in FRP partition, so he can't setup. This RMM State is more than that simple FRP, as it doesn't allow him to flash custom binaries. Let's cut to the chase: who still doesn't have this RMM lock, you can avoid to get your device locked by following these two simple steps:

1. In build.prop, make sure "ro.security.vaultkeeper.feature" property is set to 0, like this:
Code:
sys.use_fifo_ui=0
ro.wsmd.enable=true
ro.security.vaultkeeper.feature=[COLOR="Blue"]0[/COLOR]
keyguard.no_require_sim=true
ro.carrier=unknown

2. Remove Rlc app. To do this go in "/system/priv-app" folder with a root file manager or with twrp file manager and remove "Rlc" folder.

For those who unfortunately has RMM State set to "Prenormal", I'm still searching if there's a way to get you guys out from the lock. Anyway as this user reports, seems that by keeping your phone running without shut it off/reboot, at a certain device running time value RMM State prop will set again to "Normal", so you can flash custom binaries again, if it works to you make sure to follow the above steps to not get locked again, I'll keep you guys updated about this when there will be news.

Nice info sir.....these method is only for devices that not locked the RMM?
But if RMM already locked? What is the possible solution?
It is possible to edit RMM FROM firmware then you can flash via Odin?
 
Last edited:
  • Like
Reactions: Babiri.talib

BlackMesa123

Recognized Contributor
Aug 29, 2015
2,365
4,129
Samsung Galaxy S5
Samsung Galaxy J5
Nice info sir.....these method is only for devices that not locked the RMM?
But if RMM already locked? What is the possible solution?
It is possible to edit RMM FROM firmware then you can flash via Odin?

I repeat again, if you are not locked you can follow above steps to disable RMM lock, if you are locked you have to wait RMM prop returns "Normal" after Device On Time reachs a specific value, in the case of that user, 7 days. Also you can't modify RMM Status since it's a prop contained into bootloader and you need root permissions in order to edit that value.
 

kobejor

Senior Member
Dec 8, 2017
127
11
I repeat again, if you are not locked you can follow above steps to disable RMM lock, if you are locked you have to wait RMM prop returns "Normal" after Device On Time reachs a specific value, in the case of that user, 7 days. Also you can't modify RMM Status since it's a prop contained into bootloader and you need root permissions in order to edit that value.


Ok sir. I get it.... sorry for my english not very good....
After 7days how can I know if the RMM is "Normal" ?
 
Last edited:

kobejor

Senior Member
Dec 8, 2017
127
11
Your OEM_UNLOCK option may have disappeared. After 7 days it should reappear. I would also think RMM status will be NORMAL.

But my OEM_Unlock is always appeared in developers option?
and I can flashed any of firmware version except BL.... once I update to a latest virsion....it can't downgrade anymore....
 

corsicanu

Recognized Developer
I got locked outside my own device but i don't consider this a bad thing, since this surfaced some interesting things. I had custom rom and omc instead of csc. I was playing with mps_code.dat inside efs/imei. Being romanian i had ROM inside that file. The lock was triggered when i changed to ETL, the phone knowing ETL as being the owner carrier, and inserted sim being ROManian, so he wanted to switch, as the new omc does, and that triggered the lock of custom binary, because changing the country might not seem as a traveling guy and more like a thief. If you are on stock rom all this time, you might not feel the change, as the device reboots and wipes data, but it will eventually boot.
As my friend @BlackMesa123 said, this is more like an anti-theft solution, and quite good actually, not a dev-lock by samsung. By waiting for 7 days uptime you proove you are the owner of the device, orelse in this time the owner might find the stolen device. I'm gonna wait for the next days and proove this theory, and meanwhile gonna digg more into our stock system to find more details about all of this.

Sent from my SM-A520F using Tapatalk
 
Last edited:

Logel

Senior Member
Apr 3, 2011
3,721
5,307
Rheinau
I was 7 days in jail but don't checked the download mode that time. Then I flashed custom binaries again and flashed a custom Rom again. And again I was 168h on jail until this morning. I have read your post to late. Now I see my ro. security.vaultkeeper line is set to 1.
So I will do your steps and set to 0 and delete that Rlc file. I will report if I get on jail again or not [emoji85] IMG_20180129_162042_322.jpg

Gesendet von meinem SM-N950F mit Tapatalk
 
Last edited:

BlackMesa123

Recognized Contributor
Aug 29, 2015
2,365
4,129
Samsung Galaxy S5
Samsung Galaxy J5
I was 7 days in jail but don't checked the download mode that time. Then I flashed custom binaries again and flashed a custom Rom again. And again I was 168h on jail until this morning. I have read your post to late. Now I see my ro. security.vaultkeeper line is set to 1.
So I will do your steps and set to 0 and delete that Rlc file. I will report if I get on jail again or not [emoji85]View attachment 4403533

Gesendet von meinem SM-N950F mit Tapatalk

Console yourself since you are not the only one that has to stay with stock for 1 week?
 

jcrompton

Senior Member
Nov 30, 2004
4,279
757
63
Hurricane, WV
Google Pixel 5
Google Pixel 5a
Hello everybody. I got interested about this problem since my friends @Yahia Angelo and @corsicanu got the "Only official released binaries are allowed to be flashed" problem, so I decided to search deeply about this. Find out that this problem isn't related to FRP/OEM Unlock (even if enabled same problem comes), but to a new prop that you can see in Download Mode (RMM State: Prenormal). By searching in system, seems this prop is related to a new "thief" protection Samsung added in latest firmwares. Let's make an example: you get the device, setup Google Account, all good... then someone steals the device and wipes it... ok. After wipe he boots, but he can't pass the setup without internet, and when he connects to internet it asks for your Google account, since your account is saved in FRP partition, so he can't setup. This RMM State is more than that simple FRP, as it doesn't allow him to flash custom binaries to remove FRP. So now let's cut to the chase: who still doesn't have this RMM lock can avoid to get the device locked by following these two simple steps:

1. In build.prop, make sure "ro.security.vaultkeeper.feature" property is set to 0, like this:
Code:
sys.use_fifo_ui=0
ro.wsmd.enable=true
ro.security.vaultkeeper.feature=[COLOR="Blue"]0[/COLOR]
keyguard.no_require_sim=true
ro.carrier=unknown

2. Remove Rlc app. To do this go in "/system/priv-app" folder with a root file manager or with twrp file manager and remove "Rlc" folder.

For those who unfortunately has RMM State set to "Prenormal", as this user reports, seems that by keeping your phone running without shut it off/reboot, at a certain device running time value RMM State prop will set again to "Normal", so you can flash custom binaries again, if it works to you make sure to follow the above steps to not get locked again, I'll keep you guys updated about this when there will be news.

EDIT:
In attachments now you can find a zip that does the job for you. So when RMM State is set back to "Normal", flash a custom recovery and then flash the zip below to avoid lock again

Just got my device today
My OEM Unlock was visible

I flashed DrKetans N8 version

To make sure I put the lines above in my build.prop and deleted the app

My OEM remains visible
BUT upon each reboot my saved WiFI passwords are gone

Not sure if related ???
 

BlackMesa123

Recognized Contributor
Aug 29, 2015
2,365
4,129
Samsung Galaxy S5
Samsung Galaxy J5
Just got my device today
My OEM Unlock was visible

I flashed DrKetans N8 version

To make sure I put the lines above in my build.prop and deleted the app

My OEM remains visible
BUT upon each reboot my saved WiFI passwords are gone

Not sure if related ???

Does ro.securestorage.support in build.prop is set to false?
 
  • Like
Reactions: ALLDAT

Top Liked Posts

  • There are no posts matching your filters.
  • 289
    RMM State Lock fix

    Hello everybody. I got interested about this problem since my friends @Yahia Angelo and @corsicanu got the "Only official released binaries are allowed to be flashed" problem, so we decided to search deeply about this. We found out that this problem isn't related to FRP/OEM Unlock (even if enabled same problem comes), but to a new prop that you can see in Download Mode (RMM State: Prenormal). By searching in system, seems this prop is related to a new "thief" protection Samsung added in latest firmwares. Let's make an example: you get the device, setup Google Account, all good... then someone steals the device and wipes it... ok. After wipe he boots, but he can't pass the setup without internet, and when he connects to internet it asks for your Google account, since your account is saved in FRP partition, so he can't setup. This RMM State is more than that simple FRP, as it doesn't allow him to flash custom binaries to remove FRP. So now let's cut to the chase: who still doesn't have this RMM lock can avoid to get the device locked by following these two simple steps:

    1. In build.prop, make sure "ro.security.vaultkeeper.feature" property is set to 0, like this:
    Code:
    sys.use_fifo_ui=0
    ro.wsmd.enable=true
    ro.security.vaultkeeper.feature=[COLOR="Blue"]0[/COLOR]
    keyguard.no_require_sim=true
    ro.carrier=unknown

    2. Remove Rlc app. To do this go in "/system/priv-app" folder with a root file manager or with twrp file manager and remove "Rlc" folder.

    For those who unfortunately has RMM State set to "Prenormal", as this user reports, seems that by keeping your phone running without shut it off/reboot, at a certain device running time value RMM State prop will set again to "Normal", so you can flash custom binaries again, if it works to you make sure to follow the above steps to not get locked again, I'll keep you guys updated about this when there will be news.

    EDIT:
    In attachments now you can find a zip that does the job for you. So when RMM State is set back to "Normal", flash a custom recovery and then flash the zip below to avoid lock again. Thanks to @_alexndr for his edit version of the zip to fully support new Samsung devices!
    7
    Nice info sir.....these method is only for devices that not locked the RMM?
    But if RMM already locked? What is the possible solution?
    It is possible to edit RMM FROM firmware then you can flash via Odin?

    I repeat again, if you are not locked you can follow above steps to disable RMM lock, if you are locked you have to wait RMM prop returns "Normal" after Device On Time reachs a specific value, in the case of that user, 7 days. Also you can't modify RMM Status since it's a prop contained into bootloader and you need root permissions in order to edit that value.
    6
    I got locked outside my own device but i don't consider this a bad thing, since this surfaced some interesting things. I had custom rom and omc instead of csc. I was playing with mps_code.dat inside efs/imei. Being romanian i had ROM inside that file. The lock was triggered when i changed to ETL, the phone knowing ETL as being the owner carrier, and inserted sim being ROManian, so he wanted to switch, as the new omc does, and that triggered the lock of custom binary, because changing the country might not seem as a traveling guy and more like a thief. If you are on stock rom all this time, you might not feel the change, as the device reboots and wipes data, but it will eventually boot.
    As my friend @BlackMesa123 said, this is more like an anti-theft solution, and quite good actually, not a dev-lock by samsung. By waiting for 7 days uptime you proove you are the owner of the device, orelse in this time the owner might find the stolen device. I'm gonna wait for the next days and proove this theory, and meanwhile gonna digg more into our stock system to find more details about all of this.

    Sent from my SM-A520F using Tapatalk
    6
    So now let's cut to the chase: who still doesn't have this RMM lock can avoid to get the device locked by following these two simple steps:

    1. In build.prop, make sure "ro.security.vaultkeeper.feature" property is set to 0, like this:
    Code:
    sys.use_fifo_ui=0
    ro.wsmd.enable=true
    ro.security.vaultkeeper.feature=[COLOR="Blue"]0[/COLOR]
    keyguard.no_require_sim=true
    ro.carrier=unknown

    2. Remove Rlc app. To do this go in "/system/priv-app" folder with a root file manager or with twrp file manager and remove "Rlc" folder.

    For those who unfortunately has RMM State set to "Prenormal", as this user reports, seems that by keeping your phone running without shut it off/reboot, at a certain device running time value RMM State prop will set again to "Normal", so you can flash custom binaries again, if it works to you make sure to follow the above steps to not get locked again, I'll keep you guys updated about this when there will be news.

    Hello thank you for looking into this problem.
    Is it possible that this would work for Model SM-N950F note8?

    Works for all the phones that has RMM lock
    5
    Hello everybody. I got interested about this problem since my friends @Yahia Angelo and @corsicanu got the "Only official released binaries are allowed to be flashed" problem, so I decided to search deeply about this. Find out that this problem isn't related to FRP/OEM Unlock (even if enabled same problem comes), but to a new prop that you can see in Download Mode (RMM State: Prenormal). By searching in system, seems this prop is related to a new "thief" protection Samsung added in latest firmwares. Let's make an example: you get the device, setup Google Account, all good... then someone steals the device and wipes it... ok. After wipe he boots, but he can't pass the setup without internet, and when he connects to internet it asks for your Google account, since your account is saved in FRP partition, so he can't setup. This RMM State is more than that simple FRP, as it doesn't allow him to flash custom binaries. Let's cut to the chase: who still doesn't have this RMM lock, you can avoid to get your device locked by following these two simple steps:

    1. In build.prop, make sure "ro.security.vaultkeeper.feature" property is set to 0, like this:


    2. Remove Rlc app. To do this go in "/system/priv-app" folder with a root file manager or with twrp file manager and remove "Rlc" folder.

    For those who unfortunately has RMM State set to "Prenormal", I'm still searching if there's a way to get you guys out from the lock. Anyway as this user reports, seems that by keeping your phone running without shut it off/reboot, at a certain device running time value RMM State prop will set again to "Normal", so you can flash custom binaries again, if it works to you make sure to follow the above steps to not get locked again, I'll keep you guys updated about this when there will be news.
    Good find. Pity I don't have a device new enough to have this issue, but anything I come across I'll be sure to post it.
    I'm sure there will be a way around it.
    We have already managed to bypass it with down grading the bootloader, but Samsung keep updating the bootloader to lock us out.

    Anything past an XXU2 bootloader and you're gonna have issues.