• Introducing XDA Computing: Discussion zones for Hardware, Software, and more!    Check it out!

[Mod][Systemless Root][Pixel/Pixel XL] TetherMod - Bypass provisioning checks.

Search This thread

Fenny

Inactive Recognized Developer
Jun 28, 2007
1,383
2,072
This guide presupposes that you have Supersu installed as systemless, and that you have access to adb.

This will bypass provisioning checks for builtin tether app. The modded apk should work with future updates without touching /system at all.

Installation

Method 1 - Manual install
Download the attached CarrierEntitlement apk.

If you have su.img su:
Code:
adb push CarrierEntitlement.apk /sdcard/CarrierEntitlement.apk
adb shell
su
mkdir /su/CarrierEntitlement
cp /sdcard/CarrierEntitlement.apk /su/CarrierEntitlement/CarrierEntitlement.apk
chmod 644 /su/CarrierEntitlement/CarrierEntitlement.apk
echo "mount -o bind /su/CarrierEntitlement/CarrierEntitlement.apk /system/priv-app/CarrierEntitlement/CarrierEntitlement.apk" > /su/su.d/05TetherMod
chmod +x /su/su.d/05TetherMod
reboot

If you have sbin su (Android 8.0+)
Code:
adb push CarrierEntitlement.apk /sdcard/CarrierEntitlement.apk
adb shell
su
mkdir /sbin/supersu/CarrierEntitlement
cp /sdcard/CarrierEntitlement.apk /sbin/supersu/CarrierEntitlement/CarrierEntitlement.apk
chmod 644 /sbin/supersu/CarrierEntitlement/CarrierEntitlement.apk
echo "mount -o bind /sbin/supersu/CarrierEntitlement/CarrierEntitlement.apk /system/priv-app/CarrierEntitlement/CarrierEntitlement.apk" > /sbin/supersu/su.d/05TetherMod
chmod +x /sbin/supersu/su.d/05TetherMod
reboot

Method 2 - Flashable Zip (su.img only)
Code:
1. Download attached zip. 
2. Flash in TWRP (Last tested in alpha 2)

Information

This mod is accomplished by replacing the following function:
Code:
.method public static getCarrierEntitlement(Landroid/content/Context;)Lcom/google/android/carrierentitlement/CarrierEntitlement;
    .registers 2
    .param p0, "context"    # Landroid/content/Context;
    .prologue

    .line 56
    const/4 v0, 0x0

    return-object v0
.end method

NOTE: Post install
You may need to edit your APNs to get tethering working for your carrier.

On sprint, where editing APNs is disabled, the fix is here: Sprint Fix
Be sure to thank @Builtfordtough1 for all his help in diagnosing the issue at this post: The Solution!

Be sure to thank sb1893 for sbin su instructions.
 

Attachments

  • CarrierEntitlement.apk
    938.3 KB · Views: 1,526
  • Pixel-PixelXL-Systemless-TetherMod-1.0.zip
    928.1 KB · Views: 2,171
Last edited:

coolhandz

Senior Member
Apr 1, 2011
358
98
Denver
Google Pixel 6 Pro
So I am on stock with unlocked bootloader, twrp installed, and rooted with SuperSU. Because this is an apk file, do i just download onto the phone and install as I would with any other .apk file?
 

pcriz

Senior Member
Aug 23, 2008
5,009
2,935
Google Pixel 6 Pro
So I am on stock with unlocked bootloader, twrp installed, and rooted with SuperSU. Because this is an apk file, do i just download onto the phone and install as I would with any other .apk file?

The directions clearly state in adb speak that you need to create a directory for the file. Move to said directory, change permissions, etc etc. Nothing about installing via the apk.
 

pcriz

Senior Member
Aug 23, 2008
5,009
2,935
Google Pixel 6 Pro
well, i can follow basic commands in minimal adb & fastboot. I think this may be above me unless there is an idiots' guide.

Do you have access to adb? They are pretty straight forward. May need to view them on the website but if you are using an app it may throw the word wrap off and make the commands seem confusing. The directions are pretty word for word.
 
Last edited:

pcriz

Senior Member
Aug 23, 2008
5,009
2,935
Google Pixel 6 Pro
If by adb you mean minimal adb & fastboot, then yes I have access and I could probably brave it.

I wouldn't suggest doing it how I did it but I downloaded the file to my phone. I created the directory using a root enabled file browser (see mkdir command {make directory}). I even used the file properties option in solid explorer to change the permissions (see chmod 644). Every other command I did on the phone from a terminal emulator. Just had to ignore the adb shell command because I am actually doing them on the device and not through a shell on my computer.
 
  • Like
Reactions: coolhandz

coolhandz

Senior Member
Apr 1, 2011
358
98
Denver
Google Pixel 6 Pro
I wouldn't suggest doing it how I did it but I downloaded the file to my phone. I created the directory using a root enabled file browser (see mkdir command {make directory}). I even used the file properties option in solid explorer to change the permissions (see chmod 644). Every other command I did on the phone from a terminal emulator. Just had to ignore the adb shell command because I am actually doing them on the device and not through a shell on my computer.

yeah, all that is definitely outside of my comfort zone, but thank you for the info.
 

njeri123

Member
Sep 12, 2013
28
8
Can you normally update your device with OTA-updates like a un-rooted device, without flashfire or connect to your computer?
 

Fenny

Inactive Recognized Developer
Jun 28, 2007
1,383
2,072
Is there an advantage to doing this over adding "net.tethering.noprovisioning=true" to the build.prop file?
This mod is systemless, and should survive OTAs. That mod changes the build.prop on the system partition, which could prevent taking OTAs.

Can you normally update your device with OTA-updates like a un-rooted device, without flashfire or connect to your computer?

Any modification to the boot image *should* prevent OTAs from working at all. However, you can flash back to stock boot images, and take OTAs as long as you have not modified /system, which this mod does not do.
Furthermore, as long as you don't wipe /data/ this mod will live in su.img and survive when you flash newer system software.
 
Last edited:

airmaxx23

Senior Member
Jun 25, 2010
4,678
1,388
Colton, NY
This mod is systemless, and should survive OTAs. That mod changes the build.prop on the system partition, which could prevent taking OTAs.



Any modification to the boot image *should* prevent OTAs from working at all. However, you can flash back to stock boot images, and take OTAs as long as you have not modified /system, which this mod does not do.
Furthermore, as long as you don't wipe /data/ this mod will live in su.img and survive when you flash newer system software.

Thanks for the explanation, I removed the build.prop line and used this method and it's working fine. Thank you.
 

ddarvish

Senior Member
Dec 20, 2009
420
37
is there a non root method to bypass the checks? i dont plan on unlocking or rooting since i use android pay...
 

Fenny

Inactive Recognized Developer
Jun 28, 2007
1,383
2,072
is there a non root method to bypass the checks? i dont plan on unlocking or rooting since i use android pay...

I also use Android pay, so I have two boot images ready to fastboot or flash. I have a boot image with root, and a boot image without root running a kernel that hides the bootloader unlocked flag.

So, the way I handle this, I flash the unrooted (bootloader flag hidden) image as my daily driver kernel, this passes safetynet, and allows me to use Android pay.

I make a backup of that boot image. Then, I install TWRP, my custom kernel, and SuperSU. I make a backup of that image as well.

So I have two backed up boot images:

rooted.img
HideBLUnlock.img

I flash HideBLUnlock.img to boot a, and boot b, safetynet passes.
Whenever I need to tether I have my computer with me, so I "fastboot boot rooted.img" which leaves me rooted until my next reboot.

Depending on your usage you might want to reverse that.

All my mods get stored in su.img, so switching out the boot images is all I need to have the best of both worlds.
 
  • Like
Reactions: Misfit and DA6030

Ocelot13

Senior Member
Jun 26, 2010
73
23
Is it possible to fastboot boot twrp and flash the zip without being rooted or having twrp actually installed? O unlocked my bootloader but that's been it
 

Fenny

Inactive Recognized Developer
Jun 28, 2007
1,383
2,072
Is it possible to fastboot boot twrp and flash the zip without being rooted or having twrp actually installed? O unlocked my bootloader but that's been it

You can use the fastboot twrp image to install this mod but you MUST have SuperSu. I have basic validation to check that in my update.zip. If you don't have a su.img in /cache or /data, this mod cannot be installed.
 

IceNova

Senior Member
Jun 15, 2009
64
4
Wondering Aimlessly
I also use Android pay, so I have two boot images ready to fastboot or flash. I have a boot image with root, and a boot image without root running a kernel that hides the bootloader unlocked flag.

So, the way I handle this, I flash the unrooted (bootloader flag hidden) image as my daily driver kernel, this passes safetynet, and allows me to use Android pay.

I make a backup of that boot image. Then, I install TWRP, my custom kernel, and SuperSU. I make a backup of that image as well.

So I have two backed up boot images:

rooted.img
HideBLUnlock.img

I flash HideBLUnlock.img to boot a, and boot b, safetynet passes.
Whenever I need to tether I have my computer with me, so I "fastboot boot rooted.img" which leaves me rooted until my next reboot.

Depending on your usage you might want to reverse that.

All my mods get stored in su.img, so switching out the boot images is all I need to have the best of both worlds.

This is facinating, do you ever think where we can use boot a and boot b in a multiboot like fashion so that when you turn on the device you can choose what to boot?
 

Top Liked Posts

  • There are no posts matching your filters.
  • 25
    This guide presupposes that you have Supersu installed as systemless, and that you have access to adb.

    This will bypass provisioning checks for builtin tether app. The modded apk should work with future updates without touching /system at all.

    Installation

    Method 1 - Manual install
    Download the attached CarrierEntitlement apk.

    If you have su.img su:
    Code:
    adb push CarrierEntitlement.apk /sdcard/CarrierEntitlement.apk
    adb shell
    su
    mkdir /su/CarrierEntitlement
    cp /sdcard/CarrierEntitlement.apk /su/CarrierEntitlement/CarrierEntitlement.apk
    chmod 644 /su/CarrierEntitlement/CarrierEntitlement.apk
    echo "mount -o bind /su/CarrierEntitlement/CarrierEntitlement.apk /system/priv-app/CarrierEntitlement/CarrierEntitlement.apk" > /su/su.d/05TetherMod
    chmod +x /su/su.d/05TetherMod
    reboot

    If you have sbin su (Android 8.0+)
    Code:
    adb push CarrierEntitlement.apk /sdcard/CarrierEntitlement.apk
    adb shell
    su
    mkdir /sbin/supersu/CarrierEntitlement
    cp /sdcard/CarrierEntitlement.apk /sbin/supersu/CarrierEntitlement/CarrierEntitlement.apk
    chmod 644 /sbin/supersu/CarrierEntitlement/CarrierEntitlement.apk
    echo "mount -o bind /sbin/supersu/CarrierEntitlement/CarrierEntitlement.apk /system/priv-app/CarrierEntitlement/CarrierEntitlement.apk" > /sbin/supersu/su.d/05TetherMod
    chmod +x /sbin/supersu/su.d/05TetherMod
    reboot

    Method 2 - Flashable Zip (su.img only)
    Code:
    1. Download attached zip. 
    2. Flash in TWRP (Last tested in alpha 2)

    Information

    This mod is accomplished by replacing the following function:
    Code:
    .method public static getCarrierEntitlement(Landroid/content/Context;)Lcom/google/android/carrierentitlement/CarrierEntitlement;
        .registers 2
        .param p0, "context"    # Landroid/content/Context;
        .prologue
    
        .line 56
        const/4 v0, 0x0
    
        return-object v0
    .end method

    NOTE: Post install
    You may need to edit your APNs to get tethering working for your carrier.

    On sprint, where editing APNs is disabled, the fix is here: Sprint Fix
    Be sure to thank @Builtfordtough1 for all his help in diagnosing the issue at this post: The Solution!

    Be sure to thank sb1893 for sbin su instructions.
    3
    Now that Magisk appears to be working for the Pixel XL, is there any way to convert this into a Magisk module?


    I have Sprint for the smaller Pixel. Does this mod zip still work ?


    Looks like dude has jetted...

    This works with SuperSu. I plan on doing a Magisk module if it continues to be stable for me.
    3
    Is there an advantage to doing this over adding "net.tethering.noprovisioning=true" to the build.prop file?
    This mod is systemless, and should survive OTAs. That mod changes the build.prop on the system partition, which could prevent taking OTAs.

    Can you normally update your device with OTA-updates like a un-rooted device, without flashfire or connect to your computer?

    Any modification to the boot image *should* prevent OTAs from working at all. However, you can flash back to stock boot images, and take OTAs as long as you have not modified /system, which this mod does not do.
    Furthermore, as long as you don't wipe /data/ this mod will live in su.img and survive when you flash newer system software.
    3
    Quick question, just to make sure i'm understanding correctly, this will allow us to tether without it counting towards our "mobile hotspot" data allocation? Is that correct?

    Yes, that is the idea. Be aware that T-Mobile has invested in technologies to inspect packets and determine if you are tethering a device that is not your phone. As of this time, they don't slap you on the wrist or display a warning like they once did, they just deduct it from your usage if they detect it. YMMV with tethering devices that aren't android tablets, I.E. PC, PS4, Xbox, etc...
    2
    is there a non root method to bypass the checks? i dont plan on unlocking or rooting since i use android pay...

    I also use Android pay, so I have two boot images ready to fastboot or flash. I have a boot image with root, and a boot image without root running a kernel that hides the bootloader unlocked flag.

    So, the way I handle this, I flash the unrooted (bootloader flag hidden) image as my daily driver kernel, this passes safetynet, and allows me to use Android pay.

    I make a backup of that boot image. Then, I install TWRP, my custom kernel, and SuperSU. I make a backup of that image as well.

    So I have two backed up boot images:

    rooted.img
    HideBLUnlock.img

    I flash HideBLUnlock.img to boot a, and boot b, safetynet passes.
    Whenever I need to tether I have my computer with me, so I "fastboot boot rooted.img" which leaves me rooted until my next reboot.

    Depending on your usage you might want to reverse that.

    All my mods get stored in su.img, so switching out the boot images is all I need to have the best of both worlds.