Search This thread

aIecxs

Senior Member
Feb 17, 2016
1,889
538
gitlab.com
okay, maybe I gave bad advice. you can add your own block of code, but do not add lines in other blocks (for now). as you can clearly see line 17 - 33 is one code block ;)
 
Last edited:
  • Like
Reactions: optimusodd

optimusodd

Senior Member
Mar 15, 2011
659
164
okay, maybe I gave bad advice. you can add your own block of code, but do not add lines in other blocks (for now). as you can clearly see line 17 - 33 is one code block ;)
initnew.jpg

I re-edited it.Is it okay now ?
I hope 2 seperate blocks starting with the same code on early-init won't create any conflict.
 
  • Like
Reactions: aIecxs

optimusodd

Senior Member
Mar 15, 2011
659
164
you could try to get dmesg as early as possible, but there is nothing mounted so no idea where to save log. lets try cache partition. you need to pack some files in boot ramdisk
https://topjohnwu.github.io/Magisk/guides.html#root-directory-overlay-system
myscript.sh
Code:
#!/system/bin/sh
/system/bin/dmesg -w >> /cache/recovery/dmesg.log
(magisk patched boot.img required for overlay.d

or
modify init.rc directly, place myscript somewhere else and hardcode path)
Code:
on early-init
    start myservice

service myservice /sbin/myscript.sh
    oneshot

edit: both is needed, any .rc file and any .sh file, which then execute dmesg (it's like logcat) I hope it's not too confusing.
Still getting same boot-loop o_O
 

optimusodd

Senior Member
Mar 15, 2011
659
164
next you can get a copy of cache.bin and loop mount (you have done it before). if you find
yes, of course you get same boot-loop. this modification is intended to write dmesg log to cache partition,
In case you bricked just restore backup boot.img and go for logs in cache partition. loop mount the partition image
Bash:
mkdir ~/cache
sudo -H mount -t ext4 -o loop,ro,noexec,noload,noatime ./cache.img ~/cache
sudo -H thunar ~/cache
Restored boot.bin and ran the commands given above.
Here is the outcome.
cache1.png
 
Last edited:

aIecxs

Senior Member
Feb 17, 2016
1,889
538
gitlab.com
failed to setup loop device - try to setup manually, then mount the loop device. it's purely linux error shoud not happen. for /dev/loop? insert the correct loop device displayed in the previous command.
(use prefix sudo for running commands with root privileges)
Code:
losetup -vf cache.img
losetup -a
mount -t ext4 -vo loop,ro,noexec,noload,noatime /dev/loop? ~/cache
 

optimusodd

Senior Member
Mar 15, 2011
659
164
failed to setup loop device - try to setup manually, then mount the loop device. it's purely linux error shoud not happen. for /dev/loop? insert the correct loop device displayed in the previous command.
(use prefix sudo for running commands with root privileges)
Code:
losetup -vf cache.img
losetup -a
mount -t ext4 -vo loop,ro,noexec,noload,noatime /dev/loop? ~/cache
"Setup manually ? Mount the loop device ? Insert the correct loop device? " I am sorry, didn't get even a single thing.I am a complete novice in the field of Linux and don't understand the terms being used.I love learning new stuff and I have learnt a lot in past few months.Though I adapt quickly ,at this point of time I am occupied with so many things and unable to give my time and focus to learn Linux stuff.It has already been 6 months and I desperately need to retireve my data.I am starting to lose hope.

Am I supposed to run given commands ? If yes.again "use prefix sudo for running commands with root privileges".How would we know which command to be run with sudo ?

Can you please give straight forward instructions to be followed, like, run this command or edit that file ? I am not asking for spoon feeding,I don't like it.I am just requesting for step by step instructions as that will save a lot of confusion and time.Your understanding and patience is greatly appreciated!! Thank you!✌️
 

aIecxs

Senior Member
Feb 17, 2016
1,889
538
gitlab.com
do you have cache.bin on your desktop? after myscript.sh was executed from myservice (modified init.rc) you must dump cache partition off device again, as this is the target where the dmesg log is suppposed to saved from myscript.sh

~/Desktop is from your screenshot post #67, if the file is somewhere else cd into correct directory.
 
Last edited:
  • Like
Reactions: optimusodd

aIecxs

Senior Member
Feb 17, 2016
1,889
538
gitlab.com
I don't know how your files are organized. have a look into /media/optimus/01D82E33678EEF20 maybe. it's your computer
 

optimusodd

Senior Member
Mar 15, 2011
659
164
after myscript.sh was executed from myservice (modified init.rc) you must dump cache partition off device again, as this is the target where the dmesg log is suppposed to saved from myscript.sh
Hello, I ran ./edl.py r cache cache.img and that dumped cache.img inside edl folder.
Then I moved cache.img to Desktopand ran following commands
Bash:
mkdir ~/cache
sudo -H mount -t ext4 -o loop,ro,noexec,noload,noatime ./cache.img ~/cache
sudo -H thunar ~/cache
It displayed 5 folders in /home/optimus/cache/.
cache1.pngcache2.pngcacheedl.png
Is it done correctly ? What are we supposed to do now ? Thank you!

One thing I failed to understand that when I used 7 zip to open same cache.img on Windows,it displayed 7 folders.
cacheqfil.png

One more thing,it's not letting me move recovery folder or create an archive.
zip.png
 

Attachments

  • cache1.png
    cache1.png
    210.2 KB · Views: 12
Last edited:
  • Like
Reactions: aIecxs

aIecxs

Senior Member
Feb 17, 2016
1,889
538
gitlab.com
yes done correctly. maybe enable View - Show Hidden Files will show all 7 directories.

creating dmesg.log was not successful, there is no such file. maybe insufficient permissions.

I don't have a device to test so this is just guesswork.. try again with more settings. (the goal is to execute myscript.sh successfully)

Code:
on early-init
    start myservice

service myservice /sbin/myscript.sh
    seclabel u:r:init:s0
    user root
    group root
    oneshot
    disabled

I am not quite sure its even possible to run anything under u:r:init:s0 secontext on your android version, so if you patch boot.img with Magisk you can use above code with u:r:magisk:s0 instead.

Code:
on early-init
    start myservice

service myservice /sbin/myscript.sh
    seclabel u:r:magisk:s0
    user root
    group root
    oneshot
    disabled
 
Last edited:

optimusodd

Senior Member
Mar 15, 2011
659
164
Are you really hopeful that we can make it and retrieve the data or am I on a wild goose chase ?
 
Last edited:

optimusodd

Senior Member
Mar 15, 2011
659
164
maybe enable View - Show Hidden Files will show all 7 directories.creating dmesg.log was not successful, there is no such file.
Recovery files I shared were extracted on Windows.How do you obtain these files on Linux where it doesn't let you move recovery folder or create an archive citing you don't have the right permissions ?
zip.png
 

aIecxs

Senior Member
Feb 17, 2016
1,889
538
gitlab.com
you have mounted cache.img read-only so you can read files but you cannot create files inside cache. you can copy recovery or create archive to other location
 
  • Like
Reactions: optimusodd

Top Liked Posts

  • There are no posts matching your filters.
  • 2
    what's the output of losetup please?
    Code:
    cd ~/Desktop
    sudo losetup -vf cache.bin
    losetup -a
    1
    encryption is downgrade protected so you probably broke it. so first you should dump cache partition and search kernel logs for QSEECOM. if your bootloader is unlocked, boot custom recovery from fastboot boot command and dump partitions from adb pull, otherwise dump from edl.py.
    loaders can be found here
    https://forum.xda-developers.com/showthread.php?t=3603643&page=4
    https://forum.xda-developers.com/showthread.php?t=3759473
    https://romprovider.com/download-prog_emmc_firehose-qcom-phone-cpus
    https://www.firmware27.com/2017/06/collectionprog-emmc-firehose-prog-ufs.html
    https://www.leakite.com/collection-qualcomm-emmc-programmer-files
    https://github.com/programmer-collection
    https://github.com/bkerler/Loaders
    https://www.tuserhp.com/2018/02/prog-emmc-firehose-ufs-firehose.html
    https://firmwarego.com/index.php?a=downloads&b=folder&id=2288

    edit: or try to get logcat during boot-loop
    Code:
    fastboot oem adb_enable
    fastboot continue
    adb logcat > logcat.log
    1
    sorry I didn't know that fastboot oem adb_enable requires unlocked bootloader.
    yes there is maybe. you can flash adb enabled AVBv1 signed modified boot.img from Qualcomm HS-USB QDLoader 9008 EDL mode if you have deep flash cable or figure out test point

    first backup all partitions to PC
    (replace ./ with proper path on disk or cd into directory. home directory ~ might run out of disk space)
    Bash:
    mkdir ~/tmp
    cp -v ./prog_emmc_firehose_8953_ddr.mbn ~/tmp
    cd edl
    python3 ./Loaders/fhloaderparse.py ~/tmp Loaders
    python3 ./edl.py printgpt
    python3 ./edl.py r boot boot.img
    python3 ./edl.py r system system.img
    python3 ./edl.py r cache cache.img
    python3 ./edl.py r metadata metadata.bin
    python3 ./edl.py r devinfo devinfo.bin
    python3 ./edl.py r userdata userdata.img
    python3 ./edl.py r ...

    second modify default.prop in boot.img ramdisk with AIK
    Code:
    ro.debuggable=1
    ro.adb.secure=0
    ro.secure=0
    persist.sys.usb.config=mtp,adb

    third flash image-new.img (which is hopefully AVBv1-signed) back to device and try get logcat while booting android (might brick your device)
    Bash:
    python3 ./edl.py w boot image-new.img
    python3 ./edl.py reset
    adb logcat '*:W' -b all | tee ~/logcat.txt

    In case you bricked just restore backup boot.img and go for logs in cache partition. loop mount the partition image
    Bash:
    mkdir ~/cache
    sudo -H mount -t ext4 -o loop,ro,noexec,noload,noatime ./cache.img ~/cache
    sudo -H thunar ~/cache

    edit: optional patch avb/dm-verity with Magisk
    (attachments removed)
    1
    no worry, just follow the install instructions, then follow above steps. you can also do it on windows. but when it comes to loop-mount partition images it's far more easier to do it in linux (viewing logs in cache partition). another reason is you don't have to struggle with Qualcomm HS-USB QDLoader 9008 Drivers as linux fully handle all usb drivers automatically.

    Prerequisites Step 1 (linux)
    open terminal with CTRL + ALT + T and navigate to any directory on your hard disk with cd
    Code:
    cd /media/xubuntu/*

    Prerequisites Step 2
    install dependencies
    Code:
    # Debian/(X)ubuntu/Mint/etc
    sudo apt update
    sudo apt install adb fastboot python3-dev python3-pip liblzma-dev git

    (optional) disable mobile broadband communication (skip this)
    Code:
    sudo apt purge modemmanager
    sudo systemctl stop ModemManager
    sudo systemctl disable ModemManager
    sudo apt purge ModemManager

    Prerequisites Step 3
    download build and install edl.py
    Code:
    # edl.py (required)
    git clone -b 3.52.1 https://github.com/bkerler/edl.git
    cd edl
    
    # common firehose programmer collection = factory loaders (optional)
    git submodule update --init --recursive
    
    # build + install
    python3 setup.py build
    sudo python3 setup.py install

    (optional) set usb permissions so edl.py can run without sudo
    Code:
    sudo cp Drivers/51-edl.rules /etc/udev/rules.d
    sudo cp Drivers/50-android.rules /etc/udev/rules.d

    Prerequisites Step 4
    connect device in EDL mode and check if linux can see it
    Code:
    lsusb

    now ready for installing own loader and backup everything!
    (see above)
    - fhloaderparse.py
    - edl.py

    next step can be skipped because I already did it for you (see attachments)

    - download and extract AIK-Linux-v3.8-ALL.tar.gz
    - copy boot.img into AIK directory
    - execute unpackimg.sh shell script
    - modify default.prop
    - execute repackimg.sh shell script
    once you have backup proceed with flashing modified boot, reboot phone and get a logcat.txt
    (see above)
    1
    I have spare phone redmi 6 for testing but it's not unlocked yet, so I have to wait a few days until I get approval from xiaomi to unlock bootloader. I will test init.rc modification myself and tell you next week