[ROM][[Santoni][ARM64]LINEAGE 15.1[Official]

[grogosa]

Since official LineageOS builds stopped for santoni i uploaded the latest releases to my mega drive. I also tried to summarize all official checksums in the Internet Archive (always for the last build(s) of each version).

I tried to flash both 16th version of lineage on my santoni 4x first got error 7 then I tried the gapps one and got error 7 after I turned my phone off and restarted it , mi logo flashes only for a second and Im unable to get into recovery or do anything, phone was 96% battery, and the mi logo was flashing around 15 seconds until it booted to recovery previously. Can you please tell me what could happened and how can I fix this ? 32gb global version santoni I think it have 3gb of ram. Previous custom rom functioned well flashed via micro sd and via usb otg
thank you

 

[CMiRedmi4]

I tried to flash both 16th version of lineage on my santoni 4x first got error 7 then I tried the gapps one and got error 7 after I turned my phone off and restarted it , mi logo flashes only for a second and Im unable to get into recovery or do anything, phone was 96% battery, and the mi logo was flashing around 15 seconds until it booted to recovery previously. Can you please tell me what could happened and how can I fix this ? 32gb global version santoni I think it have 3gb of ram. Previous custom rom functioned well flashed via micro sd and via usb otg
thank you

Which recovery do you use?
I had problems with TWRP + GAPPS.
Try TWRP without GAPPS or OrangeFox.

 

[grogosa]

Since official LineageOS builds stopped for santoni i uploaded the latest releases to my mega drive. I also tried to summarize all official checksums in the Internet Archive (always for the last build(s) of each version).

Dont install lineage 16 latest versions it will brick your phone

 

[grogosa]

Which recovery do you use?
I had problems with TWRP + GAPPS.
Try TWRP without GAPPS or OrangeFox.

orange fox I tried without g apps first ( lineage 16 version mentioned above) I was fortunately able to boot twrp and reflash to working rom which does not showed error 7, my device was so hardbricked that the mi logo stayed on for split second, then phone off. It was impossible to get into the recovery, only via fastboot I was possible to boot twrp and reflash working rom.

 

[SebiderSushi]

I tried to flash both 16th version of lineage on my santoni 4x first got error 7 then I tried the gapps one and got error 7 after I turned my phone off and restarted it , mi logo flashes only for a second and Im unable to get into recovery or do anything, phone was 96% battery, and the mi logo was flashing around 15 seconds until it booted to recovery previously. Can you please tell me what could happened and how can I fix this ? 32gb global version santoni I think it have 3gb of ram. Previous custom rom functioned well flashed via micro sd and via usb otg
thank you

I also get an error 7 with twrp version 3.4.0-0-santoni but when i downgrade twrp to version 3.3.1-0-santoni i can flash the official lineage-16.0-20210210-nightly-santoni-signed.zip and boot it without any errors and without bricking anything. The first boot takes a long time (allow up to 5-10 minutes) especially if the internal storage is not yet encrypted as LineageOS 16.0 ships with forceencrypt.

EDIT: Weirdly now after the first succesful install i can also install the lineage-16.0-20210210-nightly-santoni-signed.zip with twrp version 3.4.0-0-santoni and 3.5.0_9-0-santoni and also the latest 3.5.2_9-0-santoni. idk, maybe the crucial part might have been to format the internal storage.

EDIT2: I tried reproducing the error 7 again but no success. I have no clue why but now i definitely am able to flash and boot lineage-16.0-20210210-nightly-santoni-signed.zip. Things i have done are:
- Flash twrp version 3.2.3-1-santoni This version was unable to decrypt the encrypted internal storage so i did
- Format internal storage
- Flash twrp version 3.3.1-0-santoni. Able to install lineage-16.0
- Flash twrp version 3.4.0-0-santoni. Able to install lineage-16.0
- Flash twrp version 3.5.0_9-0-santoni. Able to install lineage-16.0
- Flash twrp version 3.5.2_9-0-santoni. Able to install lineage-16.0

 

[jccaguisa]

hi, can you pls give me link of twrp version 3.3.1-0-santoni? I still cannot find it. thanks.

edit: and one more thing, lineage 16.0 is still android 8.x right? or it is already 9.x? thanks for your help guys

I also get an error 7 with twrp version 3.4.0-0-santoni but when i downgrade twrp to version 3.3.1-0-santoni i can flash the official lineage-16.0-20210210-nightly-santoni-signed.zip and boot it without any errors and without bricking anything. The first boot takes a long time (allow up to 5-10 minutes) especially if the internal storage is not yet encrypted as LineageOS 16.0 ships with forceencrypt.

EDIT: Weirdly now after the first succesful install i can also install the lineage-16.0-20210210-nightly-santoni-signed.zip with twrp version 3.4.0-0-santoni and 3.5.0_9-0-santoni and also the latest 3.5.2_9-0-santoni. idk, maybe the crucial part might have been to format the internal storage.

EDIT2: I tried reproducing the error 7 again but no success. I have no clue why but now i definitely am able to flash and boot lineage-16.0-20210210-nightly-santoni-signed.zip. Things i have done are:
- Flash twrp version 3.2.3-1-santoni This version was unable to decrypt the encrypted internal storage so i did
- Format internal storage
- Flash twrp version 3.3.1-0-santoni. Able to install lineage-16.0
- Flash twrp version 3.4.0-0-santoni. Able to install lineage-16.0
- Flash twrp version 3.5.0_9-0-santoni. Able to install lineage-16.0
- Flash twrp version 3.5.2_9-0-santoni. Able to install lineage-16.0o

 

[SebiderSushi]

hi, can you pls give me link of twrp version 3.3.1-0-santoni? I still cannot find it. thanks.

edit: and one more thing, lineage 16.0 is still android 8.x right? or it is already 9.x? thanks for your help guys

Dude just visit the official twrp download page: https://dl.twrp.me/santoni/

LineageOS 15.1 is based on AOSP 8.1, LineageOS 16.0 is based on AOSP 9, LineageOS 17.1 is based on AOSP 10 and LineageOS 18.1 is based on AOSP 11.
In their blog the folks from LineageOS sometimes explain how the specific version numbers came to be, for example in the latest blog post about LineageOS 18.1: https://lineageos.org/Changelog-25/

 

[jccaguisa]

Dude just visit the official twrp download page: https://dl.twrp.me/santoni/

LineageOS 15.1 is based on AOSP 8.1, LineageOS 16.0 is based on AOSP 9, LineageOS 17.1 is based on AOSP 10 and LineageOS 18.1 is based on AOSP 11.
In their blog the folks from LineageOS sometimes explain how the specific version numbers came to be, for example in the latest blog post about LineageOS 18.1: https://lineageos.org/Changelog-25/

thanks alot. would you suggest flashing 15.1 instead of 16.0? why & why not? thanks.

 

[SebiderSushi]

thanks alot. would you suggest flashing 15.1 instead of 16.0? why & why not? thanks.

TL;DR: Unless you have specific reasons to choose 15.1 take the latest release possible. Especially as the last LineageOS 15.1 build is from Q3 2019. For example, someone once asked specifically for the last lineage 15.1 build because apparently Android Auto works with that.

I suggest to always flash the most secure ROM that works as a daily driver. That is, your ROM must enforce SELinux, should really be signed with developer keys and include as much security patches as possible. SELinux status should be displayed at the bottom of the about phone screen. To check the signature you need a tool to view X.509 Certificates. It should be enough to check the file META-INF/com/android/otacert inside the ROM flashing ZIP file. For example if it is issued & verified by "Android", expires at "17.07.2035" and the certificate fingerprint reads 61 ED 37 7E 85 D3 86 A8 DF EE 6B 86 4B D8 5B 0B FA A5 AF 81 then it is definitely a public key and should be avoided.

Other than this just look for the ROM with most stability and best device support. For the devices i have used in the past (the OnePlus X and the Redmi 4X), ResurrectionRemix always had the best device trees while LineageOS usually had some issues with hardware support. For example the official LineageOS builds for the Redmi 4X had problems with the fingerprint & a very long delay when taking photos while i last tried them out.

Unfortunately, LineageOS, Lineage4microg, /e/ OS and OmniROM are the only ROM distributors that i know of who have consistently paid attention to enforcing SELinux and signing with developer keys. Those are fundamental parts of the android security model and while taking care of SELinux can take quite some work, seeing ROM Developers release roms that do not enforce SELinux or sign with proper keys really makes you doubt that they sufficiently understand what they are doing.

So yeah it's a tradeoff between usability, stability & security. You can hardly get out of that unless you compile yourself, potentially putting in a lot of additional work, get a newer phone or get another phone with a good LineageOS device tree or better custom rom support overall like the Pixel devices which are usually the main support group of security focused android distributions like GrapheneOS.

Why is this important?
Simply put SELinux is an advanced permission managent system that can be used together with Linux operating systems. The android security depends on SELinux so much that there are even exlpoits that work as soon as you turn SELinux into permissive mode and nothing else.
The takes of John Wu & the LineageOS team on this topic:
https://twitter.com/topjohnwu/status/1318843385487093760
https://twitter.com/LineageAndroid/status/1365603869493919748/

Regarding signatures:
Since android system apps are granted much more powerful permissions and privileges than regular user apps the android security model requires that an application or an upgrade for that application may only be a system app if it is verified that the application comes from the ROM developer. This is because whoever controls the ROM can get themselves access to all the permissions and privileges they want anyway.
In order to ensure this, every system app must be signed with a special signing key only known to the ROM developer. This ensures that no one can compile & sign a valid application that could be installed as a system app or that could upgrade a system app and take its place.
During the android development process security is not necessary and only a nuisance while debugging so the AOSP source code includes pre-created signing keys for this purpose. While using these, an android ROM developer doesn't need to think about all of this or enter a passphrase to unlock their signing key on every build of the ROM while debugging it.
But since these keys come with the AOSP source code everyone can use them to compile and sign applications with them. They could compile a malicious system application that can be sideloaded on every ROM that is signed with the same keys. Such a malicious application can then take the place of the original system application and gain access to all data saved by the application along with all permissions and system privileges that are granted to that application. Since even the upgrade is classified as a system application by android it can also request additional permissions.

 

[SebiderSushi]

thanks alot. would you suggest flashing 15.1 instead of 16.0? why & why not? thanks.

If you are interested in a secure & up-to-date ROM then Lineage4microg and /e/ OS are still being built for the Redmi 4X:
https://download.lineage.microg.org/santoni/
https://doc.e.foundation/devices/santoni/
If you can vibe with the UI of /e/ and the preinstalled applications. Both ROMs are otherwise based on the LineageOS 16.0 source for the Redmi 4X.
Also keep in mind that both of these ROMs can't be used with GoogleApps since they ship the Google Play Services replacement microg.

If proper signing is not so important to you (i'm not an expert but as far as i can see as long as you don't install APKs from the internet you should be fine) then any other well maintained and updated custom rom should do. Just don't use an SELinux permissive ROM with any personal data.

 

[jccaguisa]

If you are interested in a secure & up-to-date ROM then Lineage4microg and /e/ OS are still being built for the Redmi 4X:
https://download.lineage.microg.org/santoni/
https://doc.e.foundation/devices/santoni/
If you can vibe with the UI of /e/ and the preinstalled applications. Both ROMs are otherwise based on the LineageOS 16.0 source for the Redmi 4X.
Also keep in mind that both of these ROMs can't be used with GoogleApps since they ship the Google Play Services replacement microg.

If proper signing is not so important to you (i'm not an expert but as far as i can see as long as you don't install APKs from the internet you should be fine) then any other well maintained and updated custom rom should do. Just don't use an SELinux permissive ROM with any personal data.

So this microg is like replacement of google right? So if I'm to flash rom with microg, I'm good not to flash gaaps anymore right? Thanks

 

[SebiderSushi]

So this microg is like replacement of google right? So if I'm to flash rom with microg, I'm good not to flash gaaps anymore right? Thanks

Yes, flashing GApps on a ROM with microG like Lineage4microg or /e/ is not necessary. Also, it won't even work

As can be read on their homepage, the microG project aims at reimplementing core Google Play Services features. Keep in mind though that not all GApps features are intended to be replicated and those that are intended might be only partially implemented or not at all.

But you should be able to use Network location, Firebase Cloud Messaging (formerly Google Cloud Messaging) i.e. push notifications & the MapsApi with apps that rely on Google Play Services for these features.
Also the Covid tracing framework is reimplemented in microG and works.

I am using a microG ROM as a daily driver and i am happy with it. Not every app will work with it but most do. Be extra careful with apps that require a working SafetyNet attestation as microG isn't quite there yet with replicating that and i have never got that to work. Fortunately i do not depend on SafetyNet. For example i'm lucky enough to be with a bank whose Android app does not rely on SafetyNet.

 

[jccaguisa]

Yes, flashing GApps on a ROM with microG like Lineage4microg or /e/ is not necessary. Also, it won't even work

As can be read on their homepage, the microG project aims at reimplementing core Google Play Services features. Keep in mind though that not all GApps features are intended to be replicated and those that are intended might be only partially implemented or not at all.

But you should be able to use Network location, Firebase Cloud Messaging (formerly Google Cloud Messaging) i.e. push notifications & the MapsApi with apps that rely on Google Play Services for these features.
Also the Covid tracing framework is reimplemented in microG and works.

I am using a microG ROM as a daily driver and i am happy with it. Not every app will work with it but most do. Be extra careful with apps that require a working SafetyNet attestation as microG isn't quite there yet with replicating that and i have never got that to work. Fortunately i do not depend on SafetyNet. For example i'm lucky enough to be with a bank whose Android app does not rely on SafetyNet.

thank you so much for the advice, indeed i am having fun and excited with my new microg rom. but i just have one problem, it seems that gps/location is loading slow/not functioning well. do you have the same problem? and can you share the solution? thanks alot, BTW, f-droid apps are amazing. just what i need. thanks!

 

[SebiderSushi]

thank you so much for the advice, indeed i am having fun and excited with my new microg rom. but i just have one problem, it seems that gps/location is loading slow/not functioning well. do you have the same problem? and can you share the solution? thanks alot, BTW, f-droid apps are amazing. just what i need. thanks!

If Network based location does not work you can checkout the installation guide to make sure everything falls into place as intended. As far as i've seen /e/ comes preconfigured on first boot and on lineage4microg you will have to open MicroG Settings and manually enable all Location providers under "Location Modules".

The preinstalled module uses the Mozilla database. If that is not perfect for you you can search F-Droid for the term "NLP" and you can choose to install additional Network Location Providers like the Apple Wi-Fi Module for example.

 

[dantrolene]

After the support for Santoni has been stopped for Lineage 16 I have been building the ROM for my personal use using the source from lineage git and default kernel and device blobs. It is stable and working alright. I use santoni as my secondary device. I am here by sharing the file.
It has SeLinux Enforcing and signed and most banking apps I tried are working alright. I am not a developer and I am not sure how to generate/share change log.
The ROM has June 21 security update. Please don't expect me to be fixing bugs or making customizations. I do not know about it. I am just doing this to keep my device running for a couple more years.

PS: The credit for the ROM goes to the original developers, not me. All I have done was run some codes and cook the ROM.