Question [CLOSED] Read this before rooting your Raven ***OBSOLETE***

[V0latyle]

Firmware is out

I don't have the experience with messing with dm-verity so I can't answer for sure (someone else correct me if I'm wrong), but I think it's a one time thing, so long as you don't flash vbmeta again without it? So basically don't use flash-all and flash the images manually, skipping vbmeta.

V0latyle was also saying that the requirement was worked around on the other Pixels anyway so it might not even be required by the next monthly patch.

In fact, re-reading his message again I could probably have got stock to boot again if I re-flashed vbmeta, which just shows my lack of experience with the newer Pixels.

The solution, if you can call it that, was to avoid the automatic OTA; instead, sideload the OTA via ADB, then enter fastboot without rebooting, and flash /vbmeta and /boot.

Still not 100%, I tested this on my Pixel 5 and got stuck at rescue party too...with the stock images.

If it makes you feel any better, those of us who updated to Android 12 already have another update notification, but the OTA hasn't been posted to Google yet, so there's no way to compare the build number.

 

[Quinny899]

Confirmed.

 

[V0latyle]

View attachment 5443701

Confirmed.

Awesome.

Did you get the "your system may be corrupted" message after flashing /vbmeta and /boot?

I'm wondering if perhaps the issue was the previous version of Magisk.

 

[Quinny899]

Awesome.

Did you get the "your system may be corrupted" message after flashing /vbmeta and /boot?

I'm wondering if perhaps the issue was the previous version of Magisk.

Yes, after flashing just boot (before I realised you had to do vbmeta too), and also after. Not sure if the latter was due to the former, but I'd guess it probably still happens if you flash boot *and* disable vbmeta in one swoop.

FYI, "Your system may be corrupted" is what I refer to as Rescue Party, because it does the same thing (though it might be something different as Rescue Party is in the system and it didn't get that far): https://source.android.com/devices/tech/debug/rescue-party

 

[V0latyle]

Yes, after flashing just boot (before I realised you had to do vbmeta too), and also after. Not sure if the latter was due to the former, but I'd guess it probably still happens if you flash boot *and* disable vbmeta in one swoop.

FYI, "Your system may be corrupted" is what I refer to as Rescue Party, because it does the same thing (though it might be something different as Rescue Party is in the system and it didn't get that far): https://source.android.com/devices/tech/debug/rescue-party

Yeah, that's Rescue Party. Us Pixel 5 guys still haven't figured out why that's happening.

Might be something to do with Magisk and ramdisk, I have no idea.

 

[Lughnasadh]

Firmware is out

The solution, if you can call it that, was to avoid the automatic OTA; instead, sideload the OTA via ADB, then enter fastboot without rebooting, and flash /vbmeta and /boot.

Still not 100%, I tested this on my Pixel 5 and got stuck at rescue party too...with the stock images.

If it makes you feel any better, those of us who updated to Android 12 already have another update notification, but the OTA hasn't been posted to Google yet, so there's no way to compare the build number.

If I'm understanding this right, then flashing the factory image with the -w removed from the flash-all.bat file "may" not work because after you do that it automatically reboots and you want to avoid rebooting before disabling dm-verity? Or did this just pertain to going from Beta to Stable 12?

Trying to understand this because it seems that if you flash the factory image with the -w removed, you are on an unrooted/unmodified boot.img so having to disable dm-verity shouldn't be needed at that point because you aren't rooted when it automatically boots up after flashing the factory image. And that when disabling dm-verity is needed is before you boot up with a patched boot image.

Does that make any sense?

 

[V0latyle]

If I'm understanding this right, then flashing the factory image with the -w removed from the flash-all.bat file "may" not work because after you do that it automatically reboots and you want to avoid rebooting before disabling dm-verity? Or did this just pertain to going from Beta to Stable 12?

Trying to understand this because it seems that if you flash the factory image with the -w removed, you are on an unrooted/unmodified boot.img so having to disable dm-verity shouldn't be needed at that point because you aren't rooted when it automatically boots up after flashing the factory image. And that when disabling dm-verity is needed is before you boot up with a patched boot image.

Does that make any sense?

You can dirty flash the system image if you want; honestly I don't see the point vs sideloading the OTA. So far, the only way of (possibly) avoiding Rescue Party and a data wipe is to use the OTA > fastboot method.

However, if you want to start completely clean, you can add the disable flags when you flash the system image:

fastboot update -w --disable-verity --disable-verification raven-image.zip

When the update completes, you can force bootloader via key combo, flash the patched boot.img, and boot into fresh Android 12 with root.

On the other hand, if you don't care about root, then yes, you can either OTA or dirty flash factory, it makes no difference.

 

[Lughnasadh]

You can dirty flash the system image if you want; honestly I don't see the point vs sideloading the OTA. So far, the only way of (possibly) avoiding Rescue Party and a data wipe is to use the OTA > fastboot method.

However, if you want to start completely clean, you can add the disable flags when you flash the system image:

fastboot update -w --disable-verity --disable-verification raven-image.zip

When the update completes, you can force bootloader via key combo, flash the patched boot.img, and boot into fresh Android 12 with root.

On the other hand, if you don't care about root, then yes, you can either OTA or dirty flash factory, it makes no difference.

Thanks for that info. Yeah, for the last several years I'm just used to flashing the factory image without the -w to keep data, having it automatically boot without being rooted, then patching the boot image, and going back an flashing that.

But it sounds like now may be the method du jour would be to just sideload the OTA and go from there.

Sounds good

 

[Quinny899]

On the Magisk note, I just tried using Magisk stable to see if I could get Hide working, but it fails to extract the boot image. I would guess that the patching updates mentioned in the changelog are important: https://cdn.jsdelivr.net/gh/topjohnwu/magisk-files@9537c5d8cedfc09ca723ae0392b1219e75d9b636/notes.md

This does mean we're "stuck" with zygisk, though modules are adding support pretty fast so it's not the end of the world.

 

[V0latyle]

On the Magisk note, I just tried using Magisk stable to see if I could get Hide working, but it fails to extract the boot image. I would guess that the patching updates mentioned in the changelog are important: https://cdn.jsdelivr.net/gh/topjohnwu/magisk-files@9537c5d8cedfc09ca723ae0392b1219e75d9b636/notes.md

This does mean we're "stuck" with zygisk, though modules are adding support pretty fast so it's not the end of the world.

I was able to use Canary 23001 on the Pixel 5.

To pass SafetyNet on 23010/23011, you'll have to use pre-Riru Universal SafetyNet Fix (v1.2.0) and MagiskHide Props Config. USNF 2.0.0+ was written for Riru, which is not compatible with Zygisk.

 

[Quinny899]

I was able to use Canary 23001 on the Pixel 5.

To pass SafetyNet on 23010/23011, you'll have to use pre-Riru Universal SafetyNet Fix (v1.2.0) and MagiskHide Props Config. USNF 2.0.0+ was written for Riru, which is not compatible with Zygisk.

23001 doesn't work either sadly. USNF 1.2.0 also rejects Android 12, but there's an early build of 2.0 here that is pre-riru and installs fine. Someone on Reddit linked that. Not got it to pass yet, working on it.

 

[snovvman]

So far, the only way of (possibly) avoiding Rescue Party and a data wipe is to use the OTA > fastboot method.

Whoa--so you are seeing that with >P4a (and P6/P), one can update via OTA sideload and gain permanent root without having to wipe (with verity flags, of course)?

 

[V0latyle]

Whoa--so you are seeing that with >P4a (and P6/P), one can update via OTA sideload and gain permanent root without having to wipe (with verity flags, of course)?

Potentially. Not a guarantee by any means.

The trick is to sideload the OTA, then immediately enter fastboot and flash vbmeta and boot.

 

[plasticarmyman]

Just wanted to give you a public shoutout and thank you for the bit of tech support. I was able to revert back to Magisk 23001, install RIRU, and Universal SafetyNet fix, and now I am back to officially passing Safetynet and all banking apps are working.

I appreciate it.

what device are you on?

 

[diesteldorf]

what device are you on?

I'm sorry....I clarified earlier, but it was further upthread.

Pixel 4 XL

 

[Ingenium13]

You can dirty flash the system image if you want; honestly I don't see the point vs sideloading the OTA. So far, the only way of (possibly) avoiding Rescue Party and a data wipe is to use the OTA > fastboot method.

However, if you want to start completely clean, you can add the disable flags when you flash the system image:

fastboot update -w --disable-verity --disable-verification raven-image.zip

When the update completes, you can force bootloader via key combo, flash the patched boot.img, and boot into fresh Android 12 with root.

On the other hand, if you don't care about root, then yes, you can either OTA or dirty flash factory, it makes no difference.

You can likely remove -w and add --skip-reboot so that you can flash patched boot without rebooting. That's how I historically did the updates: extract boot.img and patch. Reboot to bootloader, replace -w with --skip-reboot in the flash-all script, then fastboot flash magisk patched boot. That might be enough to avoid Rescue Party?

 

[V0latyle]

You can likely remove -w and add --skip-reboot so that you can flash patched boot without rebooting. That's how I historically did the updates: extract boot.img and patch. Reboot to bootloader, replace -w with --skip-reboot in the flash-all script, then fastboot flash magisk patched boot. That might be enough to avoid Rescue Party?

Unsure, although probably not TBH.

 

[zee3are0]

You guys are amazing. Fastest from open box brand new phone to root I've ever had.

FYI, the patching process works for Fi as well as Verizon, though I hadn't accepted the OTA prior to patching. I did have to do the wipe after the verity, but I'd just opened the box and wiped for the unlocked bootloader anyway, so literally lost zero data.

root working, I'm transferring files now. Not sure about banking apps, etc., but I only had a few apps in my MagiskHide on my old Pixel 3 (Peacock, Google Pay and my banking apps). Guessing they'll work with deny now.

 

[Cares]

You guys are amazing. Fastest from open box brand new phone to root I've ever had.

FYI, the patching process works for Fi as well as Verizon, though I hadn't accepted the OTA prior to patching. I did have to do the wipe after the verity, but I'd just opened the box and wiped for the unlocked bootloader anyway, so literally lost zero data.

root working, I'm transferring files now. Not sure about banking apps, etc., but I only had a few apps in my MagiskHide on my old Pixel 3 (Peacock, Google Pay and my banking apps). Guessing they'll work with deny now.

All my apps work fine with MagiskHide and Zygist. Unfortunately I can't pass any part of SafetyNet so I can't use GPay and Chase bank also prevents biometrics with root detected.

 

[bd177]

Incorrect. DM verity and vbmeta verification MUST be disabled to run a patched boot image. This is true regardless of whether it's the 12 Beta or the public release.


Remove Magisk via the Uninstall option within the app; first use Restore Images, then use Complete Uninstall. This will restore the boot image, so you don't have to. It will then reboot the phone.

At that point, yes, you would install the older version of Magisk, then root as usual by patching the boot image.

I rooted the android 12 release version on my Pixel 4XL by patching the boot image. I first adb sideloaded the OTA image then rebooted from recovery to bootloader and fastboot flashed the magisk boot image. I didn't do anything else. The only thing that doesn't work are GPay etc.