[GUIDE] unlock bl | kernel | twrp | root | restore ta

[nathan30]

Hi,
After some errors I did, I decide to write a guide for new people with the Xperia XZ. First of all, I want to thanks @DGHE for his complete guide on my thread. Lot of informations here are coming from his post.
Also thank a lot to @shoey63 for his guide to restore TA partition

Let's go now

*** Disclaimer

Your waranty is now void
Do all this manipulations at your own risk.
Me, XDA and any members are not responsible if you brick your device while doing any of this manipulations

PRE-REQUISITES
​

1. ADB and FASTBOOT : https://forum.xda-developers.com/showthread.php?t=2317790
2. Xperia XZ drivers : http://developer.sonymobile.com/downloads/drivers/xperia-xz/
3. FlashTool : http://www.flashtool.net/downloads.php *optional*

UNLOCK your bootloader
​

Before doing any things like rooting or flashing TWRP you have to unlock your bootloader. To begin, you have to check if your bootloader could be unlock.

1. Open dialer app
2. Type *#*#7378423#*#*
3. Go to Service info/Configuration
4. Under "Rooting status" check if "Bootloader unlock allowed " is on "yes". If not, you can leave this thread, there is no solutions for you.

Before unlock it, you have to know a things. If you unlock your bootloader, you will loose the DRM Keys (More infos here : https://forum.xda-developers.com/z3-compact/general/loss-drm-keys-t2890936) and your device will be factory reset. So you HAVE TO BACKUP YOUR TRIM AREA partition first and backup your data(like pictures, SMS etc..). For this, follow this steps :

1. If you are under Nougat already, you have to downgrade to Marshmallow first. The TA Backup Tool won't work under Nougat (If you're under MM, go to 6) )
2. Download the latest version of FlashTool from the official website : http://www.flashtool.net/downloads.php
3. Install it and install the drivers for fastmode and for your device (stituated in the driver folder of flashtool)
4. Go to XperiFirm (hint : http://imgur.com/cjTzitM) and choose Xperia XZ (Kagura) then F8831 or F8832. Click on "Check All" on the top right and choose a 39.0.A.1.250 firmware. Personnaly I took the FR/PT - Altice FR/PT fw. On you're right you'll see, under the Xperia XZ pic, something like this : http://imgur.com/Nb78HWT. Just click on the fw name and download it. Close it after download, and close XperiFirm. FlashTool will now unpack the new firmware, wait for the end. Then click on Flash (hint : http://imgur.com/Yp9dpVx) and choose Flashmode option. Choose your downloaded firmware on the left and check the following : http://imgur.com/6U2PRvC then click on "Flash". Last step is to put your phone in Flashmode : Power OFF then Press VOLUME DOWN while you're plug the USB cable IN, you'll see a black screen with a green LED. Don't forget to wait until FlashTool say the job is done !
5. Reboot, you are now on MM
   
6. Go to this thread and download the "backup-TA.zip" file : https://forum.xda-developers.com/crossdevice-dev/sony/universal-dirtycow-based-ta-backup-t3514236
7. Check USB debugging in your phone and check ADB is installed
8. Run BackupTA.sh or BackupTA.cmd if you're on Windows
9. Your partition will be saved in a file called TA-ModelNumber-Serial-Timestamp.img. BACKUP IT

Next step is ask Sony for an unlock code. Go to http://developer.sonymobile.com/unlockbootloader/unlock-yourboot-loader/ and follow the following steps :

1. Read carrefully the disclaimer
2. Check OEM UNLOCKING and USB Debugging under Developer Options
3. Choose XPERIA XZ at the bottom of the page
4. Enter your email address and click on the link you'll received in your inbox and follow the instructions given by Sony.
5. BE CAREFUL and, from now on, NEVER EVER enable the MyXperia software. It could hard brick your phone
6. If you want to go back to Nougat, just repeat the step into Flashtool, but with the last firmware now ( 39.2.A.0.442 )

Flash AndroPlus Kernel​

This kernel includes some battery improvements and DRM fixes, to recover some of the lost functions. Here is how to install it :

1. Upgrade to latest firmware via Flashtool
2. Go to the official thread and download the latest XZ_AndroPlusKernel_vXX.zip file : https://forum.xda-developers.com/xperia-xz/development/kernel-andropluskernel-v01-t3475240
3. Unzip the boot.img
4. Put your phone in bootloader mode (POWER OFF then VOL UP while you're plug the USB cable IN or adb reboot bootloader)
5. Flash the kernel with : fastboot flash boot boot.img
6. Reboot your phone

Flash TWRP​

Last step before rooting your XPERIA XZ !

1. Thanks to AndroPlus, again, go to this link and download the latest TWRP img (TWRP-3.0.2-4-kagura.img) : https://drive.google.com/drive/folders/0B0j3VJ1Xp5N8Y1FZSmMwM1BOZDQ
2. Put your phone in bootloader mode
3. Flash the recovery with : fastboot flash recovery TWRP-3.0.2-4-kagura.img
4. Reboot your phone in recovery (POWER and VOLUME DOWN) to see if all is working good

ROOT your XPERIA XZ​

Finally, you can root your phone

1. Download the flashable zip of SuperSU : https://download.chainfire.eu/1021/
2. Reboot to recovery
3. Flash SuperSU zip and wipe cache/dalvik

Here it is, your phone is now root !

RESTORE TA partition and RELOCK bootloader​

Now, if you want to restore your TA partition and relock your Bootloader this is absolutely simple.

1. First of all, backup all the data you care of. Because your phone will be factory reset. Take your backuped TA partition and rename it TAbackup.img
2. Then, start your phone into recovery mode (TWRP)
3. Plug your phone with USB and check your device is recognized in recovery mode : adb devices
4. If it's okay, let's run this command now : adb push TAbackup.img /data/local/tmp/TAbackup.img
5. Then run this one : adb shell dd if=/data/local/tmp/TAbackup.img of=/dev/block/bootdevice/by-name/TA
6. Well, your TA partition is now back. Plug your phone off and you just have to flash a new STOCK ROM via FlashTool.
7. Now you have your original DRM and your bootloader is automatically relock !
8. Flash the stock ROM you want with Flashtool and enjoy a fresh and clean install

 

[DHGE]

First of all, I want to thanks @DGHE for his complete guide on my thread. Lot of informations here are coming from his post.

And where is your ORIGINAL work?

For me it reads: "lot of" = all

 

[nathan30]

And where is your ORIGINAL work?

For me it reads: "lot of" = all

Stop your scene. I quote you, I didn't take any credits for what I wrote. But I make a guide as clear as possible, to help other new users. So if you're displeased by that, this is too bad. This is not like if I steal your "work" or somethings. Stop complain now

 

[phamgia]

Thank you. This guide helps a lot.

 

[nathan30]

Thank you. This guide helps a lot.

Glad to hear that

 

[danilobertelli]

Hello guys,

This might be a dumb question but, is there the problem of loosing camera quality when unlocking the bootloader as in the old xperia models? (because of the DRM keys)

Thanks!

 

[cal_l_lka]

what's the deal with myxperia? previous guides didn't have this note, and i've just turned it off under ubl romaur.
should i reflash it with cache wipes or full wipe?

 

[phamgia]

So if I am going to use a custom rom after unlocking the bootloader, I don't need to do a backup with TA Backup because some CUSTOM ROMS will restore some features. Is it correct? The reason I am asking is because I am on Nougat, it will save me some steps to downgrade to MM first. Thanks in advance.

 

[[email protected]@d!c]

So if I am going to use a custom rom after unlocking the bootloader, I don't need to do a backup with TA Backup because some CUSTOM ROMS will restore some features. Is it correct? The reason I am asking is because I am on Nougat, it will save me some steps to downgrade to MM first. Thanks in advance.

Hi
No allways allways backup ta
Ta is for warranty and stuff like that... If you only flash drm fix waraNty will find out and wont give u any service
Drm fix is only a fix and wont wont wont give u back your ta

 

[nathan30]

Hello guys,

This might be a dumb question but, is there the problem of loosing camera quality when unlocking the bootloader as in the old xperia models? (because of the DRM keys)

Thanks!

I didn't notice a big difference. Maybe because I'm using the AndroPlus's kernel, with some DRM fixes

what's the deal with myxperia? previous guides didn't have this note, and i've just turned it off under ubl romaur.
should i reflash it with cache wipes or full wipe?

If you turn it off, it's all good

 

[cal_l_lka]

ok, thanks!
under locked. 386 i had almost 6hrs sot. now i barely get over 3. how can i fix this?

 

[nathan30]

ok, thanks!
under locked. 386 i had almost 6hrs sot. now i barely get over 3. how can i fix this?

Is the idle drain your battery ? Because it's my case too, and a lot of other users. I don't know how to fix it, according to certains review, it's a common problem due to Sony after recent upgrade (MM to Nougat)

 

[Exue84]

26/010/2017 20:10:30 - INFO - Creating bundle for Xperia XZ Altice FR/PT 39.0.A.1.250
26/010/2017 20:10:30 - ERROR - null

Why cant my flashtool create the bundle you think?

Got all excited and jumpy when I found this guide! Hehe, just that something is going wrong on my end.

 

[nathan30]

26/010/2017 20:10:30 - INFO - Creating bundle for Xperia XZ Altice FR/PT 39.0.A.1.250
26/010/2017 20:10:30 - ERROR - null

Why cant my flashtool create the bundle you think?

Got all excited and jumpy when I found this guide! Hehe, just that something is going wrong on my end.

Under Windows ? If yes, try run it with admin privilege. Try also another firmware

 

[DHGE]

26/010/2017 20:10:30 - ERROR - null

Why cant my flashtool create the bundle you think?

mass storage full?

should be at least 5 GBytes for these operation

 

[Exue84]

26/033/2017 22:33:45 - INFO - Creating bundle for Xperia XZ 3 UK 39.0.A.1.250
26/033/2017 22:33:45 - ERROR - null
26/033/2017 22:33:46 - INFO - Creating bundle for Xperia XZ Altice FR/PT 39.0.A.1.250
26/033/2017 22:33:46 - ERROR - null

Downloaded a second firmare, opening the tool as administrator under Windows 10. Got 24gb to spare atm on the ssd drive its on. Still nothing.

*UPDATE*
Just set the tool to debug mode and got this:
26/057/2017 22:57:22 - INFO - (XperiFirm.java:95) - Creating bundle for Xperia XZ Altice FR/PT 39.0.A.1.250
26/057/2017 22:57:22 - DEBUG - (Bundle.java:135) - Added this entry to the bundle list : adspso_S1-SW-LIVE-DE8D-PID1-0006-MMC.sin
26/057/2017 22:57:22 - DEBUG - (Bundle.java:135) - Added this entry to the bundle list : amss_fsg_S1-MODEMSW-LIVE-DE8D-PID1-0006-MMC.sin
26/057/2017 22:57:22 - DEBUG - (Bundle.java:135) - Added this entry to the bundle list : amss_fs_1_S1-MODEMSW-LIVE-DE8D-PID1-0006-MMC.sin
26/057/2017 22:57:22 - DEBUG - (Bundle.java:135) - Added this entry to the bundle list : amss_fs_2_S1-MODEMSW-LIVE-DE8D-PID1-0006-MMC.sin
26/057/2017 22:57:22 - DEBUG - (Bundle.java:135) - Added this entry to the bundle list : apps_log_S1-SW-LIVE-DE8D-PID1-0006-MMC.sin
26/057/2017 22:57:22 - DEBUG - (Bundle.java:135) - Added this entry to the bundle list : auto-boot.ta
26/057/2017 22:57:22 - DEBUG - (Bundle.java:135) - Added this entry to the bundle list : boot_delivery.xml
26/057/2017 22:57:22 - DEBUG - (Bundle.java:135) - Added this entry to the bundle list : cache_S1-SW-LIVE-DE8D-PID1-0006-MMC.sin
26/057/2017 22:57:23 - DEBUG - (Bundle.java:135) - Added this entry to the bundle list : cust-reset.ta
26/057/2017 22:57:23 - DEBUG - (Bundle.java:135) - Added this entry to the bundle list : diag_S1-SW-LIVE-DE8D-PID1-0006-MMC.sin
26/057/2017 22:57:23 - DEBUG - (Bundle.java:135) - Added this entry to the bundle list : elabel-F8331-row-row_201609120657889.1_39.0.A.1.250_S1-ELABEL-LIVE-DE8D-PID1-0004-MMC.sin
26/057/2017 22:57:23 - DEBUG - (Bundle.java:135) - Added this entry to the bundle list : fota-reset.ta
26/057/2017 22:57:23 - DEBUG - (Bundle.java:135) - Added this entry to the bundle list : fotakernel_S1-SW-LIVE-DE8D-PID1-0006-MMC.sin
26/057/2017 22:57:23 - DEBUG - (Bundle.java:135) - Added this entry to the bundle list : kernel_S1-SW-LIVE-DE8D-PID1-0006-MMC.sin
26/057/2017 22:57:23 - DEBUG - (Bundle.java:135) - Added this entry to the bundle list : master-reset.ta
26/057/2017 22:57:23 - DEBUG - (Bundle.java:135) - Added this entry to the bundle list : modem_S1-MODEMSW-LIVE-DE8D-PID1-0006-MMC.sin
26/057/2017 22:57:23 - DEBUG - (Bundle.java:135) - Added this entry to the bundle list : oem_S1-SW-LIVE-DE8D-PID1-0006-MMC.sin
26/057/2017 22:57:23 - DEBUG - (Bundle.java:135) - Added this entry to the bundle list : osv-restriction.ta
26/057/2017 22:57:23 - DEBUG - (Bundle.java:135) - Added this entry to the bundle list : partition-image_S1-SW-LIVE-DE8D-PID1-0006-MBR.sin
26/057/2017 22:57:23 - DEBUG - (Bundle.java:135) - Added this entry to the bundle list : persist_S1-SW-LIVE-DE8D-PID1-0006-MMC.sin
26/057/2017 22:57:23 - DEBUG - (Bundle.java:135) - Added this entry to the bundle list : Qnovo_S1-SW-LIVE-DE8D-PID1-0006-MMC.sin
26/057/2017 22:57:23 - DEBUG - (Bundle.java:135) - Added this entry to the bundle list : ramdump_S1-SW-LIVE-DE8D-PID1-0006-MMC.sin
26/057/2017 22:57:23 - DEBUG - (Bundle.java:135) - Added this entry to the bundle list : reset-non-secure-adb.ta
26/057/2017 22:57:23 - DEBUG - (Bundle.java:135) - Added this entry to the bundle list : reset-wipe-reason.ta
26/057/2017 22:57:23 - DEBUG - (Bundle.java:135) - Added this entry to the bundle list : ssd_S1-SW-LIVE-DE8D-PID1-0006-MMC.sin
26/057/2017 22:57:23 - DEBUG - (Bundle.java:135) - Added this entry to the bundle list : system_S1-SW-LIVE-DE8D-PID1-0006-MMC.sin
26/057/2017 22:57:23 - DEBUG - (Bundle.java:135) - Added this entry to the bundle list : userdata_S1-SW-LIVE-DE8D-PID1-0006-MMC.sin
26/057/2017 22:57:23 - ERROR - (XperiFirm.java:99) - null

 

[DHGE]

26/057/2017 22:57:23 - ERROR - (XperiFirm.java:99) - null

ask on SONY cross device in the FlashTool thread there (or read it, chances are someone had the same problem and got hints how to solve it)

update/reinstall your java runtime

use another/the latest FlashTool and make sure you delete everything (esp. the directories devices and mydevices) before trying again

 

[cal_l_lka]

Is the idle drain your battery ? Because it's my case too, and a lot of other users. I don't know how to fix it, according to certains review, it's a common problem due to Sony after recent upgrade (MM to Nougat)

reflashed kernel, twrp and romaur with disabled fast dormancy.
first go 4.5 hrs sot, phone idle #3 after display and chrome

the really funny thing is that i 've managed 5hrs41 sot before unlocking bl on a stock .386 with very little phone idle.

 

[seltoon]

I'm getting this error when trying to flash a MM ROM
WARN - No loader found or set manually. Skipping loader

 

[DHGE]

I'm getting this error when trying to flash a MM ROM
WARN - No loader found or set manually. Skipping loader

For me this reads like a warning...

There is no loader with Flashtool for XZ. Proceed with the FSC (script).