[Closed] Android 12 Update and Root ***Obsolete***

[V0latyle]

At this point, on Android 11, you can even apply Magisk patch during the build, and before the generation of vbmeta. So, when your rom is built, no Magisk flashing is required, which means, bootloader could be locked with custom key and you can have prerooted rom, which will pass all verifications.

I don't think Google cares about root. What it does care is that custom roms would fail Safetynet. That's why, they won't allow Magisk hide.

Whether or not Google cares about root isn't really relevant.

I did forget to mention something: This is only a problem that we have seen on a few devices, namely the Pixel 4a 5g and the Pixel 5 to name a couple. Android 12 has been released on the Pixel 3 and 4, and neither of those lines are dealing with this issue - they are able to patch and flash the boot image the same as always.

So if I'm wrong, what's your explanation for this issue that we are having on the Pixel 5? What's your solution? I'm not really interested in a custom build, but if you think you could come up with a method to easily patch /boot and /vbmeta in such a way that we will never run into this problem again, I think there's more than a few people who would be itching to try.

 

[optimumpro]

Whether or not Google cares about root isn't really relevant.

I did forget to mention something: This is only a problem that we have seen on a few devices, namely the Pixel 4a 5g and the Pixel 5 to name a couple. Android 12 has been released on the Pixel 3 and 4, and neither of those lines are dealing with this issue - they are able to patch and flash the boot image the same as always.

So if I'm wrong, what's your explanation for this issue that we are having on the Pixel 5? What's your solution? I'm not really interested in a custom build, but if you think you could come up with a method to easily patch /boot and /vbmeta in such a way that we will never run into this problem again, I think there's more than a few people who would be itching to try.

Well, it is relevant whether Google cares about things or not especially if you are only interested in stock, as there is a lot less you can do there.

It's the bootloader stupid. Apparently Android 12 bootloader requires AVB-2 and verity in orange state.

The reason it happens on newer Pixels only has to do with the Android version these devices came out originally. Devices that didn't come with Android 11 originally have legacy bootloaders. Such devices were converted to Android 11 with their bootloaders still backward compatible with Android 9. Pixels 4/5 probably came out with Android 11, so, they are only compatible with Android 10.

Anyway, the only thing you can do is try to extract Android 11 bootloader from stock and flash it on your device that has Android 12.

It works on Oneplus 6/6T, which were recently updated to stock Android 11. That update broke TWRP, However, when you flash Android 10 bootloader on stock Android 11, all problems disappear.

 

[V0latyle]

Well, it is relevant whether Google cares about things or not especially if you are only interested in stock, as there is a lot less you can do there.

It's the bootloader stupid. Apparently Android 12 bootloader requires AVB-2 and verity in orange state.

The reason it happens on newer Pixels only has to do with the Android version these devices came out originally. Devices that didn't come with Android 11 originally have legacy bootloaders. Such devices were converted to Android 11 with their bootloaders still backward compatible with Android 9. Pixels 4/5 probably came out with Android 11, so, they are only compatible with Android 10.

Anyway, the only thing you can do is try to extract Android 11 bootloader from stock and flash it on your device that has Android 12.

It works on Oneplus 6/6T, which were recently updated to stock Android 11. That update broke TWRP, However, when you flash Android 10 bootloader on stock Android 11, all problems disappear.

Not sure if you're calling me stupid or the bootloader stupid, either way you should be careful about the insults.

My point on relevancy is that it doesn't change the issue we are dealing with - I agree in that I don't think Google is interested in preventing root, but I do think that they implemented new features that had the unintended effect of what we are dealing with here.

I don't think this is a bootloader issue, because the bootloader that shipped with 210812.015 (A12 initial public release) is the same as 210812.002 (A12 beta 5) - and as I mentioned previously, all we had to do on Beta 5 is flash vbmeta with the disable flags.

And, against my better judgement, I tried flashing the A11 bootloader. Unsurprisingly, I got the corrupted system error. I'm not sure where you got your information; bootloaders are typically backwards compatible, but systems are not - you can run an Android 9 ROM on an Android 11 bootloader, but you typically cannot do the reverse.

Not to be rude but it seems like you're basing your comments on incorrect information, or at least information that is relevant to a different device. In this specific case, the Pixel 5 bootloader only handles one part of AVB - verifying the kernel against vbmeta as it loads. If it doesn't match, and verification is not disabled, the bootloader will halt and display the "Unable to load/verify boot images" message.

But we aren't dealing with that. We already discovered this on the 12 beta and discovered that using --disable-verification and --disable-verity turns off this initial verification.

The issue we are running into now, as I have tried to explain exhaustively, is that the kernel begins to boot, but something in the kernel itself - probably dm-verity - finds some sort of mismatch, regardless of the bootloader state, has a kernel panic, reboots the device, and boots into recovery mode with the data corrupted error.

So what I believe we need to do is disable verity in the boot.img itself. I'm going to fire up a hex editor and use this guide, specifically Method 1, to see if I have any success.

 

[mistermojorizin]

Not sure if you're calling me stupid or the bootloader stupid, either way you should be careful about the insults.

I don't think this is a bootloader issue, because the bootloader that shipped with 210812.015 (A12 initial public release) is the same as 210812.002 (A12 beta 5) - and as I mentioned previously, all we had to do on Beta 5 is flash vbmeta with the disable flags.

On the Betas, I tried flashing the disable verity and it wouldn't boot without a wipe. The guides said a wipe would be needed. My 12 stable is behaving like my Beta 5 did.

For example, this guides explains that a wipe had to be done on the Betas https://forum.xda-developers.com/t/...ndroid-12-keep-root-and-data-no-wipe.4350835/

My issue with the wipe is it takes forever to setup my widgets, neither the launcher nor the various apps I use save the contents of the widgets, not to mention exact dimensions. Hours it takes, would pay for a new phone.

 

[ipdev]

Whether or not Google cares about root isn't really relevant.

I did forget to mention something: This is only a problem that we have seen on a few devices, namely the Pixel 4a 5g and the Pixel 5 to name a couple. Android 12 has been released on the Pixel 3 and 4, and neither of those lines are dealing with this issue - they are able to patch and flash the boot image the same as always.

So if I'm wrong, what's your explanation for this issue that we are having on the Pixel 5? What's your solution? I'm not really interested in a custom build, but if you think you could come up with a method to easily patch /boot and /vbmeta in such a way that we will never run into this problem again, I think there's more than a few people who would be itching to try.

So far I only updated my Pixel 5 [redfin].

Originally I did a clean flash (double flash so it installed to both slots) then did the normally patch and boot method with Magisk.
When I installed Magisk (Direct install option in Magisk app) I rebooted and well..
Nothing but bootloader..

The next night (thanks to your guide ) I did another clean flash disabling verification before initial boot.

fastboot --disable-verity --disable-verification flash --slot=all vbmeta vbmeta.img

Then did the same Magisk patching and boot steps I normally use.
Magisk installed and is working fine.

I thought this started with the 5 series but, now that you mention it also affects Pixel 4a (5G) [bramble].

I wonder if it has anything to do with the fact that the 4a (5G) [bramble] starts the use of BOARD_HEADER_VERSION 3

[TOOL] Android Image Kitchen - Unpack/Repack Kernel Ramdisk [Win/Android/Linux/Mac] - xdaThread - Post 2,480
[TOOL] Android Image Kitchen - Unpack/Repack Kernel Ramdisk [Win/Android/Linux/Mac] - xdaThread - Post 2,481​

I do not have a 4a (5G) but, I plan to update my 4a [sunfish] tomorrow.
I will let you know if I need to disable verification on sunfish.

Cheers.

Edit.
Pixel 4a [sunfish] updated from 11 to 12 like normal.
No need to disable verification.

 

[ipdev]

Well, it is relevant whether Google cares about things or not especially if you are only interested in stock, as there is a lot less you can do there.

It's the bootloader stupid. Apparently Android 12 bootloader requires AVB-2 and verity in orange state.

The reason it happens on newer Pixels only has to do with the Android version these devices came out originally. Devices that didn't come with Android 11 originally have legacy bootloaders. Such devices were converted to Android 11 with their bootloaders still backward compatible with Android 9. Pixels 4/5 probably came out with Android 11, so, they are only compatible with Android 10.

Anyway, the only thing you can do is try to extract Android 11 bootloader from stock and flash it on your device that has Android 12.

It works on Oneplus 6/6T, which were recently updated to stock Android 11. That update broke TWRP, However, when you flash Android 10 bootloader on stock Android 11, all problems disappear.

A bit OT for this thread but, since I happen to have a OnePlus 6T.

I had no issues with TWRP running OOS v11 and no issues with TWRP since updating to OOS v11.1.1.1.
Yes I was (and still) rooted with Magisk so the OTA downloaded the full v11.1.1.1 OTA.

Cheers.

 

[optimumpro]

Not sure if you're calling me stupid or the bootloader stupid, either way you should be careful about the insults.

I don't think this is a bootloader issue, because the bootloader that shipped with 210812.015 (A12 initial public release) is the same as 210812.002 (A12 beta 5) - and as I mentioned previously, all we had to do on Beta 5 is flash vbmeta with the disable flags.

Who is calling you stupid?!?! It's an American expression: for example, your costume is ruined by rain, so, you say: it's the weather stupid.

Anyway, I am trying to help, so, there is no reason to seek insults where there isn't one.

 

[V0latyle]

Who is calling you stupid?!?! It's an American expression: for example, your costume is ruined by rain, so, you say: it's the weather stupid.

Anyway, I am trying to help, so, there is no reason to seek insults where there isn't one.

I didn't seek one, I guess I misunderstood. I have never heard of that expression before, at least not in that context. I'm American too, and I've generally heard it like this:

"Hey, what's making that howling noise?"
"It's the wind, stupid!"

I digress.

I'll have to pick this up later; it's late, my wife is demanding....attention, and I want to enjoy the weekend.

 

[optimumpro]

I didn't seek one, I guess I misunderstood. I have never heard of that expression before, at least not in that context. I'm American too, and I've generally heard it like this:

"Hey, what's making that howling noise?"
"It's the wind, stupid!"

I digress.

I'll have to pick this up later; it's late, my wife is demanding....attention, and I want to enjoy the weekend.

All right. I didn't use the comma: It's the bootloader stupid. Not bootloader, stupid

Regards.

 

[Homeboy76]

I wonder if anything in the Android 12 Release Notes helps explain the problem(s) rooting the Pixel 4a5g and Pixel 5.

 

[andybones]

Who is calling you stupid?!?! It's an American expression: for example, your costume is ruined by rain, so, you say: it's the weather stupid.

Anyway, I am trying to help, so, there is no reason to seek insults where there isn't one.

It's just the way you worded it is all. I am born in America, and actually thought the same thing when I read it.
It's confusing to me though..

I would say, not "it's the weather, stupid"
but rather
"it's the stupid weather"

so reading "It's the bootloader stupid"
I feel should be,
"it the stupid bootloader"

but thank you for clearing up that you aren't passing insults.
And it's hard to tell through text whose being argumentative, and whose being helpful.
Glad you're the latter.

 

[thatsupnow]

Perfect updated to Android 12 and rooted no problem! And passed safety net

 

[mistermojorizin]

Perfect updated to Android 12 and rooted no problem! And passed safety net

and your 3a turned into a pixel 5? amazing!

 

[Rumsfield]

There are only two solutions for XDA members who dirty flashed Android 12 and want root.

• Reflash Android 12 with an edited flash-all.bat file that disables verity, disables verification and wipes the phone:
  Post in thread '[GUIDE] Update to and Re-Root Android 12 **READ THE NOTES**' https://forum.xda-developers.com/t/...droid-12-read-the-notes.4345627/post-85805653
  
• Temporaily live boot a magisk_ patched.img: Post in thread '[GUIDE] Update to and Re-Root Android 12 **READ THE NOTES**' https://forum.xda-developers.com/t/...droid-12-read-the-notes.4345627/post-85811561
  
  I'm thinking about wiping my phone to root it, but I'm going to wait until the November 2021 factory image drops. Why? I want to know if wiping the phone will be required with each factory/OTA image update.

I backed up the P5 with Google1 and wiped it and re-did everything which was a major PITA.
Root does work again so I am sure the owner will be happy.
I just got a notification just now a new beta version of Magisk just dropped about an hour after I finished.
Maybe that will make some sort of change, it does show A12 is now better supported in the release notes.
If this fixes the problem, well good for everyone but danggit I just wasted 3 hours of my time.

 

[killchain]

Has anyone tried the new Magisk (23010)? Is there something notable in the update? Or is it really not new? Maybe the same update popped up for me again for some reason... Is there a way to see which Magisk version was used to patch an image?

 

[Rumsfield]

Has anyone tried the new Magisk (23010)? Is there something notable in the update? Or is it really not new? Maybe the same update popped up for me again for some reason... Is there a way to see which Magisk version was used to patch an image?

So I guess you didn't read my post? I just said a new magisk beta came out tonight.

 

[killchain]

So I guess you didn't read my post? I just said a new magisk beta came out tonight.

Sorry, I missed that indeed, I was reading diagonally. Thanks for confirming though, so it's really new after all. I was confused by the "in case you missed it" in the release notes pointing to a blog post from August.

 

[Rumsfield]

Sorry, I missed that indeed, I was reading diagonally. Thanks for confirming though, so it's really new after all. I was confused by the "in case you missed it" in the release notes pointing to a blog post from August.

It's a canary (beta) build that just got pushed around 4AM. I already wiped the P5 so I cannot test whether it works on a dirty flash. I'm sure someone else will chime in here shortly.

 

[killchain]

Just tested 23010 on my dirty flashed 4a 5G; direct patching with it (having booted a previously patched boot.img) results in failed to load/verify boot images again.

Edit: recovered the usual way, now I'm back where I was:

fastboot flash vbmeta vbmeta.img
fastboot flash boot boot.img
fastboot boot magisk_patched.img

 

[Rumsfield]

Just tested 23010 on my dirty flashed 4a 5G; direct patching with it (having booted a previously patched boot.img) results in failed to load/verify boot images again.

Was worth a shot.