• Introducing XDA Computing: Discussion zones for Hardware, Software, and more!    Check it out!

[oreo]XZ1C-drmfix-root-ricoff

Search This thread

pbarrette

Senior Member
Aug 7, 2012
267
367
Alabama
I think you misunderstand me. I may be posting this is the wrong thread (I've tried in several others) but these aren't two different issues at all. My question is very specific. I require 3 different things simultaneously (1. Root, 2. working fingerprint sensor, 3. working wifi calling) and I'm not sure that this is possible. My concern is that root (or the requisite unlocked bootloader to achieve root) will flag something with t-mobile and disable Vo-LTE/Wifi Calling.

I'm simply looking for confirmation that I can have all three at once. If that is indeed possible, I'm looking for some guidance as to what order to perform the requisite tasks in to ensure those results.
Re-read my post. I addressed that.
Start at the line that reads: "T-Mobile VoLTE and VoWiFi will continue to work."

You must unlock the bootloader to achieve root.
Bootloader unlock / root does not affect fingerprint or wifi calling.

I can confirm. I am currently operating this way. Bootloader unlocked, root with Magisk, fingerprint working, T-Mo VoWiFi working.
My personal update process is described above.

WiFi calling and VoLTE is entirely a function of the modem configuration file and the UI overlays which allow the functions to be enabled.
The modem config file selection and UI overlays are handled by the CustomizationSelector APK, which reads the MCC/MNC of the SIM and uses the config files on the OEM partition to set the corresponding configuration.
Root doesn't change that, and there's basically no way that T-Mobile would know that you have root.
 

POMF2K

Senior Member
Jan 2, 2009
154
20
Traverse City, MI
Re-read my post. I addressed that.
Start at the line that reads: "T-Mobile VoLTE and VoWiFi will continue to work."

You must unlock the bootloader to achieve root.
Bootloader unlock / root does not affect fingerprint or wifi calling.

I can confirm. I am currently operating this way. Bootloader unlocked, root with Magisk, fingerprint working, T-Mo VoWiFi working.
My personal update process is described above.

WiFi calling and VoLTE is entirely a function of the modem configuration file and the UI overlays which allow the functions to be enabled.
The modem config file selection and UI overlays are handled by the CustomizationSelector APK, which reads the MCC/MNC of the SIM and uses the config files on the OEM partition to set the corresponding configuration.
Root doesn't change that, and there's basically no way that T-Mobile would know that you have root.

Thank you for that clarification. Also really appreciate your update procedure towards the end.

I'm guessing the only way to unlock the bootloader is still via the sony development website?

In terms of root method... any advice? So far I've found a few options:

1: https://forum.xda-developers.com/xp...lopment/oreo-xz1c-drmfix-root-ricoff-t3727029
This thread, obviously.

2. https://forum.xda-developers.com/xp...nel-sony-xz1-compact-16-january-2018-t3736068
You seem to prefer this one(?). This also seems closest to root method I have used for previous sony devices.

3. https://www.xperifix.com/download/xperifix-latest/
Looks like this was actually created by sToRm//. Anyone used this? Any downsides aside from paying for it and not doing the hard work myself? To be honest I've never used magisk and have used supersu pro all the way back to my droid x.

Am I correct in assuming that none of these root methods should change the firmware and, as you've stated, should not affect the vo-lte or wifi calling functionality in any way?
 
Last edited:

sToRm//

Senior Member
Jun 24, 2017
524
2,032
Munich
Thank you for that clarification. Also really appreciate your update procedure towards the end.

I'm guessing the only way to unlock the bootloader is still via the sony development website?

In terms of root method... any advice? So far I've found a few options:

1: https://forum.xda-developers.com/xp...lopment/oreo-xz1c-drmfix-root-ricoff-t3727029
This thread, obviously.

2. https://forum.xda-developers.com/xp...nel-sony-xz1-compact-16-january-2018-t3736068
You seem to prefer this one(?). This also seems closest to root method I have used for previous sony devices.

3. https://www.xperifix.com/download/xperifix-latest/
Looks like this was actually created by sToRm//. Anyone used this? Any downsides aside from paying for it and not doing the hard work myself? To be honest I've never used magisk and have used supersu pro all the way back to my droid x.

Am I correct in assuming that none of these root methods should change the firmware and, as you've stated, should not affect the vo-lte or wifi calling functionality in any way?

The root method (Magisk) doesn't change the firmware. But the DRM patch does. All 3 options are using my DRM patch. The first 2 are using the old files that will never be updated, because it's from the last free version of my software. XperiFIX was created by me, yes. And it's the only solution for upcoming updates, without being related to other developers releases, because the software is flexible and does patch the original kernel ramdisk (no pre-modded kernel ramdisk needed). It's your choice in the end.

Cheers
 

janjan

Recognized Developer
May 20, 2007
3,176
3,420
Aalborg
tweaksyourandroid.weebly.com
The root method (Magisk) doesn't change the firmware. But the DRM patch does. All 3 options are using my DRM patch. The first 2 are using the old files that will never be updated, because it's from the last free version of my software. XperiFIX was created by me, yes. And it's the only solution for upcoming updates, without being related to other developers releases, because the software is flexible and does patch the original kernel ramdisk (no pre-modded kernel ramdisk needed). It's your choice in the end.

Cheers


Please correct me if I am wrong. I am just wondering.. Isn't these fixes based on Tobias Waldvogels previous work?

I am using the secd extension and libta_drm_ext.so files from modpunk. Using selinux policy rule.
 
Last edited:
  • Like
Reactions: pbarrette

POMF2K

Senior Member
Jan 2, 2009
154
20
Traverse City, MI
The root method (Magisk) doesn't change the firmware. But the DRM patch does. All 3 options are using my DRM patch. The first 2 are using the old files that will never be updated, because it's from the last free version of my software. XperiFIX was created by me, yes. And it's the only solution for upcoming updates, without being related to other developers releases, because the software is flexible and does patch the original kernel ramdisk (no pre-modded kernel ramdisk needed). It's your choice in the end.

Cheers

Excellent. Thank you for your response. I'm not too worried about the firmware alteration. As pbarrette states, it shouldn't affect wifi calling or vo-lte.

I'm too ignorant to know what you are referring to in regards to kernel ramdisk so I'll take it as a sign that it's time to pony up a little cash to those who have worked so hard to make my device fully functional.

My xz1 compact arrives in a few days so hopefully all goes well. I'm a little saddened by the current smartphone market. Sony seemed to be the only one manufacturing square sophisticated looking devices and now even they changed their design. I'm also concerned they will stop making pocketable devices.

Regardless thanks to you and others who work so hard to make our devices rootable (and functional as well). As far as I'm concerned a device that's not rooted is basically neutered. Threatening to void a warranty is one thing, but breaking functionality because someone unlocked their bootloader is just wrong, especially when sony "allows" the unlocking of the bootloader.

Thanks again.
 
Last edited:

sToRm//

Senior Member
Jun 24, 2017
524
2,032
Munich
Please correct me if I am wrong. I am just wondering.. Isn't these fixes based on Tobias Waldvogels previous work?

I am using the secd extension and libta_drm_ext.so files from modpunk. Using selinux policy rule.
I meant the firmware patch and parts of the hooks in libraries, that are by me. He asked about changes in the firmware, so I thought that's relevant. The DRM fix needs some hooks and a working key table. The old method by Tobias was not working on new devices, because Sony changed the device security system and included advanced checks to get the rooting status. That means that the firmware must be patched (secd), too. I reversed the firmware and provided the needed patch. I also extended the hooks with own. User modpunk took the source from Tobias and reverse engineered my library and merged it together. He also took my patched secd and included it. Hehe...

The method of integration by modpunk was not really working months ago. I tested it the way he made it, but the logs were telling me that the fix works partially only. I didn't test it again. No idea if he changed this then.

:)
 

janjan

Recognized Developer
May 20, 2007
3,176
3,420
Aalborg
tweaksyourandroid.weebly.com
I meant the firmware patch and parts of the hooks in libraries, that are by me. He asked about changes in the firmware, so I thought that's relevant. The DRM fix needs some hooks and a working key table. The old method by Tobias was not working on new devices, because Sony changed the device security system and included advanced checks to get the rooting status. That means that the firmware must be patched (secd), too. I reversed the firmware and provided the needed patch. I also extended the hooks with own. User modpunk took the source from Tobias and reverse engineered my library and merged it together. He also took my patched secd and included it. Hehe...

The method of integration by modpunk was not really working months ago. I tested it the way he made it, but the logs were telling me that the fix works partially only. I didn't test it again. No idea if he changed this then.

:)

It seems he changed that. I don't own the devices (XZ1 compact, XZ1 and XZ premium) to check the logs. It seems the integration by modpunk is working in most of the new devices.

Actually we can edit the secd to get it work for the newer devices too.. such as XZ2, XZ2P but don't sure about XZ3. We have to check when it is released on that time.

I am not sure I will continue my work here anymore :) depends on my free time :)
 

sToRm//

Senior Member
Jun 24, 2017
524
2,032
Munich
It seems he changed that. I don't own the devices (XZ1 compact, XZ1 and XZ premium) to check the logs. It seems the integration by modpunk is working in most of the new devices.

Actually we can edit the secd to get it work for the newer devices too.. such as XZ2, XZ2P but don't sure about XZ3. We have to check when it is released on that time.

I am not sure I will continue my work here anymore :) depends on my free time :)
It works, but as i tested it then, the fix wasn't fully functional. Some enhancements were disabled, because of the credential management. Don't know if he changed that in any way.

The secd on the new devices is different to the XZP and XZ1 devices. Sony changed something in the firmware. So the old secd shouldn't be used with this devices (possible brick).
 

janjan

Recognized Developer
May 20, 2007
3,176
3,420
Aalborg
tweaksyourandroid.weebly.com
It works, but as i tested it then, the fix wasn't fully functional. Some enhancements were disabled, because of the credential management. Don't know if he changed that in any way.

The secd on the new devices is different to the XZP and XZ1 devices. Sony changed something in the firmware. So the old secd shouldn't be used with this devices (possible brick).


Unfortunately I don't own the devices to check and find out which enhancements are disabled. Can u tell us which enhancement are disabled? The logs which I received from different user (logcat from different user own XZ1 C, XZ1 and XZP) shows that the fix actually works fully functional. The library gets successfully loaded and drm extension added to secd. I am just wondering which enhancement/enhancements are not working.

Actually I was even able to get it work (fully functional) on newer devices from 2018 OFC with some modifications due to seamless partitions A and B and patching (patched with magisk) my own build kernel from source. But since I don't won the device anymore I can't investigate further.

I will OFC investigate a bit more to find out which enhancements are not working, whenever I have free time.

You mean possible brick of Camera function or possible brick of device :)
 

sToRm//

Senior Member
Jun 24, 2017
524
2,032
Munich
Unfortunately I don't own the devices to check and find out which enhancements are disabled. Can u tell us which enhancement are disabled? The logs which I received from different user (logcat from different user own XZ1 C, XZ1 and XZP) shows that the fix actually works fully functional. The library gets successfully loaded and drm extension added to secd. I am just wondering which enhancement/enhancements are not working.

Actually I was even able to get it work (fully functional) on newer devices from 2018 OFC with some modifications due to seamless partitions A and B and patching (patched with magisk) my own build kernel from source. But since I don't won the device anymore I can't investigate further.

I will OFC investigate a bit more to find out which enhancements are not working, whenever I have free time.

You mean possible brick of Camera function or possible brick of device :)
Like I mentioned, it's a long time ago since I tested the library. The problem then was the partially preload. Because it will only hook the functions on the loaded service. Sony is using multiple ways to check the rooting status and credentials. It looked like the fix is fully working, but the logs had some credential errors. I don't know if this is still a problem.

I mean a possible brick of the device, because it's possible that Sony changes the TA data on the different devices. If the wrong binary is used, it could be that the wrong units were written and the user gets a irreversible data loss. That was the reason I checked the firmware on every new release. Because Sony doesn't love our drm work. Haha...
 

Top Liked Posts

  • There are no posts matching your filters.
  • 15
    [oreo]XZ1C-drmfix-root-ricoff:eek:
    Available for any version of the official 8.0 oreo
    First you have twrp https://forum.xda-developers.com/xp...t/recovery-twrp-3-1-1-stock-security-t3706704

    Be sure to use the zip I provided,Make sure your rom is clean.If you want wipe data,cache and dalvik, please execute it first.

    1,flash drmpatch.zip
    2,flash SuperSU.zip
    3,flash RicOff.zip
    4,reboot

    Perfect, please enjoy.:D

    download
    https://mega.nz/#F!s8QlGD7S!cSlNJcZArwwdvZGGE5sVdA


    drmfix.so/drm****.so thank @sToRm// :good:

    The secd of 47.1.A.12.34 is the same as 47.1.A.8.49.
    secd original file(G8441_47.1.A.8.49_CE) https://mega.nz/#!IpYg1Q4Q!ONXXqHoP6JkrFQ9jGUHMMXlzHcPAfog3ISrMgogO8go
    modify
    E803003206000014E8031F3204000014E807003202000014E8031E32
    for
    08008052060000140800805204000014080080520200001408008052

    drmpatch.zip
    Install XperiFIX
    In C:\XperiFIX\DATA\XZP\G8142\Oreo2
    Modify the update binary
    ui_print "******************************"
    ui_print "Sony XZ Premium *OREO* DRM restore by //sToRm"
    ui_print "******************************"
    change
    ui_print "******************************"
    ui_print "Sony XZ1/XZ1C *OREO* DRM restore by //sToRm"
    ui_print "******************************"

    / system
    change
    /vendor

    And replace secd


    SuperSU.zip
    Modify init.supersu.rc.24 and init.supersu.rc.24.bindsbin

    on post-fs
    exec u:r:supersu:s0 root root -- /sbin/fbe_bypass.sh
    export LD_PRELOAD drmfix.so:drm****.so

    #RIC disable
    mount securityfs securityfs /sys/kernel/security nosuid nodev noexec
    write /sys/kernel/security/sony_ric/enable 0

    RicOff.zip
    The status of SELinux changes to permissive

    The original machao44 account is lost
    I do not know how to misunderstand me
    12
    drmfix.so/drm****.so is @ sToRm //
    I modified secd

    You didn't. I checked your files. The drmfix.zip is an unofficial version for XZ1/XZ1C which I gave to 2 testers via pm. I have forbidden to share the files. The secd is 1:1 patched and the rest of the files is also from my package. Dude... That just pisses me off.
    10
    To all XZ1 and XZ1 Compact users:

    XperiFIX now supports your devices! You can download the current version (fixed) again, install and run it.
    https://www.xperifix.com/download/xperifix-latest/


    Please report if it works for you!
    Original thread: https://forum.xda-developers.com/xz...hack-mod-sony-xperia-xz-premium-twrp-t3695171

    Cheers!
    6
    Oh yeah of course, damn money, they always interferes. But okay I understand than
    For me it's not the money. It's never the money.
    5
    In case some people still don't understand, this patch from @M-Rom is basically stolen work from @sToRm//
    It contains files that were privately shared to testers, which were still in development and not ready for release, that somehow leaked.
    In addition, @M-Rom is not willing to acknowledge any wrongdoing, and is either playing dumb by pretending not to understand inquiries about his source or details of his patch, or truly has the sketchiest English skills ever, which is no excuse for being disrespectful and stealing other people's works.

    In summary, DO NOT DOWNLOAD and DO NOT USE this patch!
    This is a shameful act. DO NOT support this type of behavior. Retract any thanks given to @M-Rom.
    I also urge everyone to halt further discussion in this thread and let it die.
    Ask yourself, are you willing to trust your *rooted* phone to an untrustworthy person? Who is not the actual developer of the patch, and likely has no means to help you in case something goes wrong, or further developments down the road (e.g. new firmware update)?