Applicable Models:
All Exynos models including but not limited to:
SM-G980F or SM-G980F/DS (S20)
SM-G981B or SM-G981B/DS (S20)
SM-G985F or SM-G985F/DS (S20+)
SM-G986B or SM-G986B/DS (S20+)
SM-G988B or SM-G988B/DS (S20 Ultra)
All BL-unlockable Snapdragon models including but not limited to:
SM-G9810 (S20, Hong Kong, Taiwan, China mainland)
SM-G9860 (S20+, Hong Kong, Taiwan, China mainland)
SM-G9880 (S20 Ultra, Hong Kong, Taiwan, China mainland)
SM-G981N (S20, Korea)
SM-G986N (S20+, Korea)
SM-G988N (S20 Ultra, Korea)
Japanese model (SC-*) also use Snapdragon but I can't not confirm that its bootloader is unlockable.
It is known that bootloader can NOT be unlocked on U.S. models (U/U1) .
Frequently used key combinations of S20 series:
FORCE REBOOT: Hold "Volume Down" and "Bixby/Power" button.
DOWNLOAD MODE: With the phone off, hold "Volume Down" and "Volume Up" button, connect your phone to a computer via a cable. Release the buttons after you see the "Warning" screen and then press "Volume Up"
RECOVERY MODE: With the phone off, hold "Volume Up" and "Bixby/Power" button.
Some facts:
1. S20 series uses dynamic partition which means there is only one "super" partition (instead of "system", "vendor", "product").
3. S20 series uses A-only partition which means there is only one set of system partition.
3. S20 series uses 2 stage init (2SI).
4. KNOX will be tripped after you flash a custom image. As a result, Samsung Pay and Secure Folder will become permanently (even after restore to stock firmware) unusable and your warranty may be voided. However, many jurisdictions including the European Union has law mandating manufacturer to provide hardware warranty even if user modifies the software.
5. Samsung devices are almost impossible to hard brick (render the device unusable without a hardware-level repair) as critical sections including the bootloader are well-protected. However, if you do things incorrectly, you may soft brick your phone, but that can usually be resolved by resetting to factory settings (wipe data and cache) or restoring to stock firmware (check out Stage 4).
Tools needed:
On your computer:
1. Odin 3.14.4 or newer
2. Samsung Android USB driver
3. SamFirm or other tools/websites to download official firmwares
4. Android Verified Boot Metadata Image with verification disabled (vbmeta_disabled.tar)
On your device:
1. Magisk Manager
Stage 1: Know your model and carrier code (CSC)
1. Open "Settings"
2. Go to "About phone" -> "Software information"
3. Pay attention to "Service provider SW ver."
4. Starting with "SM-", for example "SM-G9810", that's the model of your phone.
5. Immediately after that, there are two 3-letter code, for example "OZL_CHC". The second 3-letter code "CHC" is your CSC.
6. Remember your model and CSC.
Stage 2: Unlock the bootloader
WARNING: ALL data on your device, including apps, settings and files in internal storage, will be lost. You do not need to repeat this if you didn't re-lock your bootloader.
1. Open "Settings"
2. Turn on "Developer mode" by going to "About phone" -> "Software information" and pressing "Build number" for several times.
3. Go to main menu of "Settings" and at the bottom you will find "Developer options"
4. Go to "Developer options". You will find a toggle "OEM unlocking". Turn it on.
5. Skip to step 8 if your device reboots to "Unlock bootloader?" screen. Make sure the toggle is on and then turn off your phone.
6. With the phone off, hold "Volume Down" and "Volume Up" button, connect your phone to a computer via a cable. (don't use charging only cables)
7. Release the buttons after you see the "Warning" screen. Then, hold the "Volume Up" button.
8. You will see "Unlock bootloader?" screen. Proceed and unlock your bootloader by pressing "Volume Up" button.
9. Your device will be reset to factory settings. Proceed with the Setup Wizard. Only connect to network via Wi-Fi or cellular and skip everything else. (to save time as data will be cleared again later.)
10. Repeat step 1-4 to validate that "OEM Unlocking" is on. If it is not, turn it on.
11. Repeat step 6.
12. Release the buttons after you see the "Warning" screen. This time, press (not hold) the "Volume Up" button.
13. You will see "Downloading" screen. On the top left, there are some important info.
14. Pay attention to "OEM LOCK" and "REACTIVATION LOCK". If both of them are "OFF", you have unlocked the bootloader.
Stage 3: Disable Android Verified Boot
1. Reboot to DOWNLOAD mode. If you are already in the download mode, skip to step 2.
2. Download Odin 3.14.4 or newer and make sure Samsung USB drivers are installed.
3. Open Odin and put the vbmeta_disabled.tar into USERDATA slot and click "Start"
4. Your device will reboot but it will not boot into system as vbmeta signature has changed.
5. Your device will reboot into RECOVERY mode automatically and prompt "You have to reset your device to factory settings". Use "Volume Up" or "Volume Down" button to move and "Power/Bixby" button to select. Confirm and reset the device to factory settings.
6. This is the last time the data on the device has to be cleared. Afterwards, if you don't re-lock bootloader or re-enable the Android Verified Boot, you will not lose your data. Be aware, a stock firmware package contains a Android Verified Boot Metadata Image (vbmeta.img) with verifications enabled. You will need to flash the vbmeta_disable image (put into USERDATA slot) along with the stock firmware (use BL, AP, CP, CSC slots) to make sure AVB is not re-enabled and the data is preserved.
View attachment 4990053
With bootloader unlocked and AVB disabled, it is now possible to boot modified images on the device.
If a recovery is available and you don't want to go through the process of downloading official firmware, go to #2.
You can also download a KERNEL TAR archive of your version here:
Exynos: https://github.com/jesec/proprietary_vendor_samsung_xyzs/releases
Snapdragon: https://github.com/jesec/proprietary_vendor_samsung_xyzq/releases
and then skip to Step 6.
Stage 4: Obtain the official firmware and upgrade
1. Open SamFirm
2. Type in your model and your region (CSC) and click "Check Update"
3. "Download" and you will get a zip file.
View attachment 4990061
4. Extract it and you will get 5 files (AP, BL, CP, CSC and HOME_CSC). All files are in tar format and can be opened by 7-Zip, WinRAR or other software.
5. Check the version code, for example (G9810ZCU1ATD1). The last 4 letters (ATD1) indicates the version of the firmware. If the version is the same as your current firmware, skip to Stage 5.
Your data will be preserved if you do it right but it is good to have a backup.
6. Open Odin on your computer and reboot your device to DOWNLOAD mode.
7. Put AP, BL, CP files in their Odin slots. It takes time to verify the firmware so be patient.
8. Put HOME_CSC file in CSC slot. Be careful here. Unlike AP, BL, CP slots, you should NOT use CSC file for CSC slot. Instead, you should use HOME_CSC file. CSC file contains partition table (PIT) which will erase all your data.
9. Put vbmeta_disabled file in USERDATA slot so AVB remains disabled and your data preserved.
10. Click "Start" and wait for it to finish. Allow the device to boot into system to complete the upgrade process. Do NOT interrupt/disconnect phones/hold button. It needs to complete the process without interruption or strange BUGs may appear.
View attachment 4990063
Stage 5: Extract boot (kernel) image from firmware
If you are having trouble creating tar file, you can skip to Stage 6. (NOT RECOMMENDED as AP is basically full system image. It is huge (takes long time to flash/process) and Magisk may misbehave.)
1. Extract boot.img.lz4 from the AP file.
2. Use 7-Zip to create a tar archive which contains boot.img.lz4 only. (or "tar cvf boot.tar boot.img.lz4")
View attachment 4990065View attachment 4990067View attachment 4990069View attachment 4990071
Stage 6: Patch the boot (Kernel) image via Magisk
1. Transfer the tar archive (or the AP file if you skipped stage 5) to your phone.
2. Open Magisk Manager.
3. Click top-right "Install" button
4. Make sure "Recovery Mode" is off in Options.
5. Click "Next" and select "Select and Patch a File" in Method.
6. Select the file you transferred to your phone in step 1.
7. Click "Next" and "LET'S GO".
8. Transfer the patched file (in Download/magisk_patched.tar) to your computer
9. Reboot the device to DOWNLOAD mode.
10. Open Odin, put patched file to AP slot and then click "Start".
11. After reboot, Magisk is installed and you will have the root access.
HOW TO upgrade the firmware
Repeat stage 4-6.
XDA:DevDB Information
Root S20 series and upgrade firmware, Tool/Utility for the Samsung Galaxy S20
Contributors
jesec
Version Information
Status: Stable
Created 2020-04-08
Last Updated 2020-04-08
All Exynos models including but not limited to:
SM-G980F or SM-G980F/DS (S20)
SM-G981B or SM-G981B/DS (S20)
SM-G985F or SM-G985F/DS (S20+)
SM-G986B or SM-G986B/DS (S20+)
SM-G988B or SM-G988B/DS (S20 Ultra)
All BL-unlockable Snapdragon models including but not limited to:
SM-G9810 (S20, Hong Kong, Taiwan, China mainland)
SM-G9860 (S20+, Hong Kong, Taiwan, China mainland)
SM-G9880 (S20 Ultra, Hong Kong, Taiwan, China mainland)
SM-G981N (S20, Korea)
SM-G986N (S20+, Korea)
SM-G988N (S20 Ultra, Korea)
Japanese model (SC-*) also use Snapdragon but I can't not confirm that its bootloader is unlockable.
It is known that bootloader can NOT be unlocked on U.S. models (U/U1) .
Frequently used key combinations of S20 series:
FORCE REBOOT: Hold "Volume Down" and "Bixby/Power" button.
DOWNLOAD MODE: With the phone off, hold "Volume Down" and "Volume Up" button, connect your phone to a computer via a cable. Release the buttons after you see the "Warning" screen and then press "Volume Up"
RECOVERY MODE: With the phone off, hold "Volume Up" and "Bixby/Power" button.
Some facts:
1. S20 series uses dynamic partition which means there is only one "super" partition (instead of "system", "vendor", "product").
3. S20 series uses A-only partition which means there is only one set of system partition.
3. S20 series uses 2 stage init (2SI).
4. KNOX will be tripped after you flash a custom image. As a result, Samsung Pay and Secure Folder will become permanently (even after restore to stock firmware) unusable and your warranty may be voided. However, many jurisdictions including the European Union has law mandating manufacturer to provide hardware warranty even if user modifies the software.
5. Samsung devices are almost impossible to hard brick (render the device unusable without a hardware-level repair) as critical sections including the bootloader are well-protected. However, if you do things incorrectly, you may soft brick your phone, but that can usually be resolved by resetting to factory settings (wipe data and cache) or restoring to stock firmware (check out Stage 4).
Tools needed:
On your computer:
1. Odin 3.14.4 or newer
2. Samsung Android USB driver
3. SamFirm or other tools/websites to download official firmwares
4. Android Verified Boot Metadata Image with verification disabled (vbmeta_disabled.tar)
On your device:
1. Magisk Manager
Stage 1: Know your model and carrier code (CSC)
1. Open "Settings"
2. Go to "About phone" -> "Software information"
3. Pay attention to "Service provider SW ver."
4. Starting with "SM-", for example "SM-G9810", that's the model of your phone.
5. Immediately after that, there are two 3-letter code, for example "OZL_CHC". The second 3-letter code "CHC" is your CSC.
6. Remember your model and CSC.
Stage 2: Unlock the bootloader
WARNING: ALL data on your device, including apps, settings and files in internal storage, will be lost. You do not need to repeat this if you didn't re-lock your bootloader.
1. Open "Settings"
2. Turn on "Developer mode" by going to "About phone" -> "Software information" and pressing "Build number" for several times.
3. Go to main menu of "Settings" and at the bottom you will find "Developer options"
4. Go to "Developer options". You will find a toggle "OEM unlocking". Turn it on.
5. Skip to step 8 if your device reboots to "Unlock bootloader?" screen. Make sure the toggle is on and then turn off your phone.
6. With the phone off, hold "Volume Down" and "Volume Up" button, connect your phone to a computer via a cable. (don't use charging only cables)
7. Release the buttons after you see the "Warning" screen. Then, hold the "Volume Up" button.
8. You will see "Unlock bootloader?" screen. Proceed and unlock your bootloader by pressing "Volume Up" button.
9. Your device will be reset to factory settings. Proceed with the Setup Wizard. Only connect to network via Wi-Fi or cellular and skip everything else. (to save time as data will be cleared again later.)
10. Repeat step 1-4 to validate that "OEM Unlocking" is on. If it is not, turn it on.
11. Repeat step 6.
12. Release the buttons after you see the "Warning" screen. This time, press (not hold) the "Volume Up" button.
13. You will see "Downloading" screen. On the top left, there are some important info.
14. Pay attention to "OEM LOCK" and "REACTIVATION LOCK". If both of them are "OFF", you have unlocked the bootloader.
Stage 3: Disable Android Verified Boot
1. Reboot to DOWNLOAD mode. If you are already in the download mode, skip to step 2.
2. Download Odin 3.14.4 or newer and make sure Samsung USB drivers are installed.
3. Open Odin and put the vbmeta_disabled.tar into USERDATA slot and click "Start"
4. Your device will reboot but it will not boot into system as vbmeta signature has changed.
5. Your device will reboot into RECOVERY mode automatically and prompt "You have to reset your device to factory settings". Use "Volume Up" or "Volume Down" button to move and "Power/Bixby" button to select. Confirm and reset the device to factory settings.
6. This is the last time the data on the device has to be cleared. Afterwards, if you don't re-lock bootloader or re-enable the Android Verified Boot, you will not lose your data. Be aware, a stock firmware package contains a Android Verified Boot Metadata Image (vbmeta.img) with verifications enabled. You will need to flash the vbmeta_disable image (put into USERDATA slot) along with the stock firmware (use BL, AP, CP, CSC slots) to make sure AVB is not re-enabled and the data is preserved.
View attachment 4990053
With bootloader unlocked and AVB disabled, it is now possible to boot modified images on the device.
If a recovery is available and you don't want to go through the process of downloading official firmware, go to #2.
You can also download a KERNEL TAR archive of your version here:
Exynos: https://github.com/jesec/proprietary_vendor_samsung_xyzs/releases
Snapdragon: https://github.com/jesec/proprietary_vendor_samsung_xyzq/releases
and then skip to Step 6.
Stage 4: Obtain the official firmware and upgrade
1. Open SamFirm
2. Type in your model and your region (CSC) and click "Check Update"
3. "Download" and you will get a zip file.
View attachment 4990061
4. Extract it and you will get 5 files (AP, BL, CP, CSC and HOME_CSC). All files are in tar format and can be opened by 7-Zip, WinRAR or other software.
5. Check the version code, for example (G9810ZCU1ATD1). The last 4 letters (ATD1) indicates the version of the firmware. If the version is the same as your current firmware, skip to Stage 5.
Your data will be preserved if you do it right but it is good to have a backup.
6. Open Odin on your computer and reboot your device to DOWNLOAD mode.
7. Put AP, BL, CP files in their Odin slots. It takes time to verify the firmware so be patient.
8. Put HOME_CSC file in CSC slot. Be careful here. Unlike AP, BL, CP slots, you should NOT use CSC file for CSC slot. Instead, you should use HOME_CSC file. CSC file contains partition table (PIT) which will erase all your data.
9. Put vbmeta_disabled file in USERDATA slot so AVB remains disabled and your data preserved.
10. Click "Start" and wait for it to finish. Allow the device to boot into system to complete the upgrade process. Do NOT interrupt/disconnect phones/hold button. It needs to complete the process without interruption or strange BUGs may appear.
View attachment 4990063
Stage 5: Extract boot (kernel) image from firmware
If you are having trouble creating tar file, you can skip to Stage 6. (NOT RECOMMENDED as AP is basically full system image. It is huge (takes long time to flash/process) and Magisk may misbehave.)
1. Extract boot.img.lz4 from the AP file.
2. Use 7-Zip to create a tar archive which contains boot.img.lz4 only. (or "tar cvf boot.tar boot.img.lz4")
View attachment 4990065View attachment 4990067View attachment 4990069View attachment 4990071
Stage 6: Patch the boot (Kernel) image via Magisk
1. Transfer the tar archive (or the AP file if you skipped stage 5) to your phone.
2. Open Magisk Manager.
3. Click top-right "Install" button
4. Make sure "Recovery Mode" is off in Options.
5. Click "Next" and select "Select and Patch a File" in Method.
6. Select the file you transferred to your phone in step 1.
7. Click "Next" and "LET'S GO".
8. Transfer the patched file (in Download/magisk_patched.tar) to your computer
9. Reboot the device to DOWNLOAD mode.
10. Open Odin, put patched file to AP slot and then click "Start".
11. After reboot, Magisk is installed and you will have the root access.
HOW TO upgrade the firmware
Repeat stage 4-6.
XDA:DevDB Information
Root S20 series and upgrade firmware, Tool/Utility for the Samsung Galaxy S20
Contributors
jesec
Version Information
Status: Stable
Created 2020-04-08
Last Updated 2020-04-08
Last edited:
