That would open up root for atleast 7.3.1.1 if they can downgrade since lk version was untouched
New Fire HD10 2019 Bootless Root Method + Bootloader Unlock Brainstorming
- Thread starter Kctucka
- Start date
Downgrading only boot/system/vendor might even work for newer versions, since the mtk-su bug is in the boot.img.
So as long as the newer lk can successfully boot the old boot.img that should work.
If someone with root can get me a dump of the gpt and preloader, I could probably create a scatter-file to use with SP-Flash.
EDIT:
gpt would probably suffice, since preloader should be available in the OTA-bins.
for dumping gpt with root:
Code:
dd if=/dev/block/mmcblk0 bs=512 count=34 of=gpt.bin
Last edited:
No GPT as far as I can tell.
But maybe @dr_docdoc can dump it?
sorry - my fault for not seeing gpt not there!
hmm...tried dumping it on my 7.3.1.0 w/ su granted in emulator:
Code:
dd if=/dev/block/mmcblk0 bs=512 count=34 of=gpt.binwhen i tried to mount w/ rw
Code:
mount -o rw, remont /block/mmcblk0not sure what im missing as read-only should still allow dumping gpt...
Sorry, the problem is the destination file.
It should probably be something like
Code:
dd if=/dev/block/mmcblk0 bs=512 count=34 of=/sdcard/gpt.bin
Here is a scatter, if anyone wants to give it a try.
Try doing Readback first, you can enable ShowByScatter=true in option.ini to get all partitions conveniently listed in the Readback tab.
DON'T EVER SELECT "Format All + Download".
Don't flash lk, preloader, tee1, tee2, sspm_1 (Unless you want to update, there is currently no way back)
Try doing Readback first, you can enable ShowByScatter=true in option.ini to get all partitions conveniently listed in the Readback tab.
DON'T EVER SELECT "Format All + Download".
Don't flash lk, preloader, tee1, tee2, sspm_1 (Unless you want to update, there is currently no way back)
Last edited:
So the scatter file is confirmed working thanks to @bengris32.
He currently has 7.3.1.1 and tried downgrading only the boot.img.
While that did allow using mtk-su, it broke wifi and battery (and probably other drivers).
So what we need now is a full dump of the (unmodified) 7.3.1.0 firmware.
That is:
This can either be achieved using root and dd or using the Readback function in SP Flash.
@Kramar111 @dr_docdoc @newnewcomputer I think you all have 7.3.1.0, if one of you could dump it, that would be great
He currently has 7.3.1.1 and tried downgrading only the boot.img.
While that did allow using mtk-su, it broke wifi and battery (and probably other drivers).
So what we need now is a full dump of the (unmodified) 7.3.1.0 firmware.
That is:
- system
- vendor
- spmfw
- sspm_1
- cam_vpu1
- cam_vpu2
- cam_vpu3
- tee1/2
This can either be achieved using root and dd or using the Readback function in SP Flash.
@Kramar111 @dr_docdoc @newnewcomputer I think you all have 7.3.1.0, if one of you could dump it, that would be great
Last edited:
Thanks to @Kramar111, we now have a full dump of 7.3.1.0:
mega.nz
And a little present from me, minimal kamakiri for maverick.
All it does is downgrade RPMB, flashing can be done with SP Flash.
Thanks again to @bengris32 for testing.
1.1 GB file on MEGA
And a little present from me, minimal kamakiri for maverick.
All it does is downgrade RPMB, flashing can be done with SP Flash.
Thanks again to @bengris32 for testing.
Great little unexpected surprise, so this should theoretically work for any 10" 9th gen with access to bootrom?Thanks to @Kramar111, we now have a full dump of 7.3.1.0:
1.1 GB file on MEGA
And a little present from me, minimal kamakiri for maverick.
All it does is downgrade RPMB, flashing can be done with SP Flash.
Thanks again to @bengris32 for testing.
1. Downgrade bootrom (kamakiri)
2. Downgrade firmware using Sp-flash (mtk-bypass)
And what about the fix-gpt script? I was roughly trying to follow Fire 7 (2019, mustang) unbrick, downgrade, unlock & root to get an idea of the order but saw no mention of it.
Yeah, it should.
Order would be the other way around, flash first, then downgrade RPMB.
RPMB downgrade is only needed if you downgrade pl/tee1/tee2/lk/sspm.
fix-gpt is just in case GPT gets corrupted, shouldn't normally be needed.
for RPMB-downgrade better follow https://xdaforums.com/t/unlock-root-twrp-unbrick-fire-tv-stick-4k-mantis.3978459/
Time to start collecting everything and give it a try.
Thanks again @k4y0z and for jumping in and some major developments
Merry Christ...Happy New....Happy Valentine Day and Chinese New Year!!!
Thank YOU, @k4y0z !!! no idea why im so excited as ive loaded up on HD10 2019 back when Amazon was still shipping 7.3.1.0
for those who have been waiting on this, here is the link to the systemless root by @diplomatic https://xdaforums.com/t/amazing-tem...rmv8-2020-08-24.3922213/page-50#post-82081703
dm-verity still in place means no change allowed in /system
...until...
Thank YOU, @k4y0z !!! no idea why im so excited as ive loaded up on HD10 2019 back when Amazon was still shipping 7.3.1.0
for those who have been waiting on this, here is the link to the systemless root by @diplomatic https://xdaforums.com/t/amazing-tem...rmv8-2020-08-24.3922213/page-50#post-82081703
dm-verity still in place means no change allowed in /system
...until...
I have repacked and reuploaded maverick-downgrade-7.0_PS7310_940N.zip
It contains FireOS 7.0/PS7310/940N, scatter file and kamakiri for RPMB downgrade.
Apparently there are multiple versions of 7.3.1.0 and the files originally uploaded here are from version 7.0/PS7310/939N.
Also lk was incomplete.
Thanks again to @Kramar111 for the files
It contains FireOS 7.0/PS7310/940N, scatter file and kamakiri for RPMB downgrade.
Apparently there are multiple versions of 7.3.1.0 and the files originally uploaded here are from version 7.0/PS7310/939N.
Also lk was incomplete.
Thanks again to @Kramar111 for the files
Hey guys; a long time ago i was active in the developement section as well, but i have to admit, that i am not longer that fit there. In addition, all the different names of the models and the possibilities to root or not becaus of software number confuse me a bit. I overread some of the postings in here, seing the last one by k4y0z, so now my question is:
Could someone be so kind and tell me 1) if i can root and 2) flash my Fire Tab10 from 2019with current FireoOS Firmware 7.3.1.8 and if so, 3) can someone explain shortly what i have to do with links to the posts or so? I would really appreciate it. I am using Windows 10, if that does make a difference ( read something about linux and exploits and stuff so that confused me tho lol)
7 years ago I tested some software for my One X and Iconia Tab A210 which I thought was annoying enough with all the typing in adb, so I am known to that. But seems like the fire tab is even more complex haha
Greetings Ardian
Could someone be so kind and tell me 1) if i can root and 2) flash my Fire Tab10 from 2019with current FireoOS Firmware 7.3.1.8 and if so, 3) can someone explain shortly what i have to do with links to the posts or so? I would really appreciate it. I am using Windows 10, if that does make a difference ( read something about linux and exploits and stuff so that confused me tho lol)
7 years ago I tested some software for my One X and Iconia Tab A210 which I thought was annoying enough with all the typing in adb, so I am known to that. But seems like the fire tab is even more complex haha
Greetings Ardian
welcome back, Ardian! u picked a good time as there havent been much going on for Fire HD10 2019 since the initial root n subsequent patch!
1) probably but first the fw needs to be rolled back to 7.3.1.0.
1a) current root is achieved after boot n new android restriction called dm-verity remains. so ur root access is somewhat limited; depending on wat u need.
2) current flash requires SP flash tool n has been confirmed to work for 7.3.1.1 -> 7.3.1.0. u may want to wait a bit for ur 7.3.1.8.
3) @k4y0z package above is all u need to roll back to 7.3.1.0. once dats done, u can follow the systemless root method linked in my post above.
again depending on wat u need, u may skip everything n simply tweak ur tab w/ the fire toolbox for windows:
Downgrade to 7.3.1.0 should be possible with any version, given we can also downgrade RPMB.
That said, there hasn't been any feedback yet.
Additionally to the package you'll also need the Bypass Utility
okay tbh that sounds a bit complicated and I just started to work again, so my time is limited to read through all this. Maybe I'll just stick with the Fire Toolbox; I did that when i got that tablet a year ago, but thelatest software version available at that time was 6.6 lol so i guess there happend much.
Thank you very much to you two, i'll definitely come back to thatpost and try all of that with rooting and stuff.
Greeting
Thank you very much to you two, i'll definitely come back to thatpost and try all of that with rooting and stuff.
Greeting
Similar threads
Top Liked Posts
-
There are no posts matching your filters.
-
1111mtk-su for OS 7.3.1.0
I just uploaded the latest mtk-su (a thing that gives you temp root) in the Temp root thread. It only supports the original OS. No solution yet for the updated version, but hoping a downgrade or unlock method will be found.11I have repacked and reuploaded maverick-downgrade-7.0_PS7310_940N.zip
It contains FireOS 7.0/PS7310/940N, scatter file and kamakiri for RPMB downgrade.
Apparently there are multiple versions of 7.3.1.0 and the files originally uploaded here are from version 7.0/PS7310/939N.
Also lk was incomplete.
Thanks again to @Kramar111 for the files8
AmznUser444,
I’m actually going to respectfully ask you to stop responding to my posts and stop asking me for anything. I will no longer reply to your posts other than to make this request.8Thanks to @Kramar111, we now have a full dump of 7.3.1.0:
1.1 GB file on MEGA
And a little present from me, minimal kamakiri for maverick.
All it does is downgrade RPMB, flashing can be done with SP Flash.
Thanks again to @bengris32 for testing.
