Don't complicate yourself by trying this thread instructions; are full of mistakes, contradictions and the most important fact: instead to deliver a clear procedure for noobs, claim to be adressed to experts, without having real backgound on it;
I'm sort of a passive expert at rooting the few phones I've owned. I've yet to see a procedure, here, for the v40, comparable in clarity and cohesiveness to other root methods. Granted, it would be great to be rooted, but most/many of the reasons I've rooted are covered by features within the stock ROM, or 3rd party apps that don't need root.
Thats not right. I had my U405EBW rooted succesful with this guide, but after the last firmware update root was gone and I can not downgrade the firmware. So i need a new patched boot.img.
I'm sort of a passive expert at rooting the few phones I've owned. I've yet to see a procedure, here, for the v40, comparable in clarity and cohesiveness to other root methods. Granted, it would be great to be rooted, but most/many of the reasons I've rooted are covered by features within the stock ROM, or 3rd party apps that don't need root.
Coming from slower-than-molasses Motorola, I've never had a security patch issue because of late/no updates. But, I also had anti-viral apps on the phone as well. As I see it, if you want root, security patches are vital. If not rooted, the patches are still needed, just not as critically.
I tried to follow the guide in first post for Pie, but looks like kdztools is not able to cope with that ROM yet. I did not have to alter kdztool as described in OP - that code has been changed already in git. undz.py is giving me lots of warnings like this:
Code:
[!] Warning: extraneous data found IN version
[!] Warning: pad is not empty
[!] pad contains: DS
[!] Warning: Chunk is part of "OP_S", but starts in front of slice?!
[!] Warning: Chunk is part of "OP_S", but starts in front of slice?!
[!] Warning: Chunk is part of "xbl_a", but starts in front of slice?!
[!] Warning: Chunk is part of "xbl_config_a", but starts in front of slice?!
[!] Warning: Chunk is part of "BackupGPT", but starts in front of slice?!
[!] Warning: Chunk is part of "xbl_b", but starts in front of slice?!
and it eventually fails with the following error:
Code:
[+] Extracting single slice / partition!
[+] Extracting boot.img_65286 to boot_a.image
Traceback (most recent call last):
File "../undz.py", line 1069, in <module>
dztools.main()
File "../undz.py", line 1065, in main
self.dz_file.saveHeader(cmd.dzfile)
File "../undz.py", line 839, in saveHeader
params.write("factoryversion={:s}\n".format(self.ro_lge_factoryversion.decode("utf8")))
UnicodeDecodeError: 'utf-8' codec can't decode byte 0xe3 in position 128: invalid continuation byte
---------- Post added at 10:16 AM ---------- Previous post was at 09:48 AM ----------
I tried to follow the guide in first post for Pie, but looks like kdztools is not able to cope with that ROM yet. I did not have to alter kdztool as described in OP - that code has been changed already in git. undz.py is giving me lots of warnings like this:
and it eventually fails with the following error:
---------- Post added at 10:16 AM ---------- Previous post was at 09:48 AM ----------
Don't complicate yourself by trying this thread instructions; are full of mistakes, contradictions and the most important fact: instead to deliver a clear procedure for noobs, claim to be adressed to experts, without having real backgound on it;
I have not claimed anything, only that I basically pasted the command lines and the tools I used and that I don't have the time to write stuff in a form that everyone can easily understand. Also I'm under no obligation to provide noobs with a one click solution or teach them basic Linux so they can follow the kdz extraction procedure (which isn't really necessary, btw).
Just booting a patched image and installing Magisk should be pretty simple for any noob who's not computer illiterate. Those should probably stay away from rooting the V40 anyway, since making the slightest mistake with Magisk (installing a bad module) will make the phone bootloop. And there's no way to recover it except factory reset given the lack of a TWRP release for the V40 that can work with LG's encryption.
I have not claimed anything, only that I basically pasted the command lines and the tools I used and that I don't have the time to write stuff in a form that everyone can easily understand. Also I'm under no obligation to provide noobs with a one click solution or teach them basic Linux so they can follow the kdz extraction procedure (which isn't really necessary, btw).
Just booting a patched image and installing Magisk should be pretty simple for any noob who's not computer illiterate. Those should probably stay away from rooting the V40 anyway, since making the slightest mistake with Magisk (installing a bad module) will make the phone bootloop. And there's no way to recover it except factory reset given the lack of a TWRP release for the V40 that can work with LG's encryption.
Forgive my lack of knowledge, but any help is appreciated. I have a LM-V405EBW with Android version 9 (Pie), security patch level 1 July 2019. My software version is V20a-IND-xx. Which patched boot image should I use?
I couldn't find any guide for rooting the V40, so I thought I'd write down the steps I took to root my new EUR V40 - LMV405EBW. Maybe it will help others. Sorry if this is somewhat confusing, I didn't have time to make a polished version. It's basically made from my notes during the process with the commands copied from bash history.
-First, unlock the bootloader following LG's instructions here: https://developer.lge.com/resource/mobile/RetrieveBootloader.dev
There's no TWRP for the V40 and the one made for G7 doesn't work. I don't have the time and knowledge to even attempt to compile TWRP for the V40, so I proceeded with just patching an original boot image with Magisk.
You can get the patched boot images that I used from here:
You can try to boot it with with fastboot if you have a LNV405EBW and skip the KDZ extraction part.
Installing Magisk:
Flashing this image isn't necessary, just straight boot should be sufficient and safe.
First install Magisk Manager 7 on the phone then connect the phone to the PC and run:
After the phone boots the OS with the external boot image, open Magisk Manager and tap on Install. Select the option to Direct install to the active slot. I played it safe and decided to NOT flash also on the inactive slot. I've left it alone so I can use it in case of need of recovery.
You'll probably notice that you don't have a connection to the carrier. Just ignore it, it will back once the phone is booted normally.
Reboot and you will have permanent root until you switch the A/B slots.
In case my patched boot image doesn't work, you can just make your own.
Tools needed:
Magisk Manager 7.0.0 installed on the phone
LG Bridge installed on a Windows machine.
a Linux machine or VM (I used the latest ubuntu desktop), python3 with the zstandard module installed and kdztools from steadfasterX's repo. Maybe kdztools would work on Windows too, I haven't tried it.
adb, fastboot
You need to procure an original ROM file for your phone model. It can be downloaded easily with LG Bridge. Just connect the phone to a Windows PC, start LG bridge, go to the Software update tab and click on Update error recovery. Wait for the download to start and disconnect the phone. Ignore LG Bridge complains about not being able to flash after the downloading stage is completed. Don't click anything in Bridge and before closing it go to C:\Users\<your_username>\AppData\Local\LG Electronics\LG Bridge\SWUpgrade and copy your KDZ somewhere else. Preferably send it to the Linux VM to the LG work folder, it'll be needed there.
On Linux open a terminal:
Code:
cd ~/Documents
mkdir LG
cd LG
git clone https://github.com/steadfasterX/kdztools.git
cd kdztools
nano undz.py -c
For kdztools to be able to extract the V40 images, I needed to edit undz.py and comment the lines 88-90. So, this block should all be commented or undz will fail to extract the boot partitions.
Code:
#if len(dz_item['pad']) != 0:
# print("[!] Error: pad is not empty", file=sys.stderr)
# sys.exit(1)
To extract, with the KDZ copied to ~/Documents/LG/
Code:
cd ~/Documents/LG/kdztools
./unkdz.py -f ../V405EBW10e_00_OPEN_EU_DS_OP_0109.kdz -x
cd kdzextracted/
List the partitions contents and look for the IDs of boot_a and/or boot_b. In my case they were 44 for boot_a and 63 for boot_b
Code:
../undz.py -f V40510e_00.dz -l
Extract boot_a or boot_b or both, they're identical:
You can find the extracted boot images in the dzextracted subfolder. Get boot_a.image or boot_b.image or both from there and send them to the phone in a location accessible by Magisk Manager. The Download folder should do fine.
Open Magisk Manager and tap Install, select Patch Boot Image file and patch the image file(s) you extracted. Get the patched_boot.img that Magisk Manager saves in the Download folder and send it to a PC where you have adb and fastboot.
Go to the beginning of the post to the Installing Magisk section.
Can you please provide us with original boot.img of Pie 20a version.
It will be helpful in restoring boot image while getting future update.
It will immensely save data as well as time.
The peoples like you make the XDA what it is today.
Thanks
---------- Post added at 03:35 PM ---------- Previous post was at 03:33 PM ----------
Forgive my lack of knowledge, but any help is appreciated. I have a LM-V405EBW with Android version 9 (Pie), security patch level 1 July 2019. My software version is V20a-IND-xx. Which patched boot image should I use?
- I've unlocked an LG V40 EBW with LG unlock;
- Extracted boot_a, boot_b image from latest kdz ( 20f) in a Linux VM
- Installed Magisk Manager, patched boot_a with Magisk Manager
- Booted in ADB from magisk_patched.img
- Installed magisk_patched.img in Magisk Manager on slot 1
I have obtained permanent root on the stock rom.
I'm trying to edit vo_config.xml from /oem/OP/OPEN_EN_DS/config for VoWiFi/VoLTE.
It seems this is mounted on /dev/block/dm-0.
Even if i can write to the file, change permissions etc. , the changes are reset after a reboot.
I have already HEX edited magisk_patched.img "judypn androidboot.product.lge.op_verity=0" and flashed it in ADB and it didn't solve my problem.
How could this be done? I'm on Android 9, stock rom ( 20f)
Help would be appreciated.
I can confirm this method still works, but can't edit the vo_config.xml to stick.
P.S.
For the banking apps, once you edit the files, you can relock the phone and i guess it would be fine.
I downloaded firmware V405EBW20g_00_OPEN_EU_DS_OP_0520, which is Pie 20g, but I'm unable to extract the .dz file as per OP instructions. Also tried a Windows app, didn't work either.
All I get is this error:
python ..\kdztools-master\undz.py -f .\kdzextracted\V40520g_00_OPEN_EU_DS_0520.dz -l
[!] Error: extraneous data found IN version
I'm on Windows if it matters, or is it that newer kdz/dz files are not compatible?
Anyone managed to extract the pie 20g boot image?
---------- Post added at 03:01 PM ---------- Previous post was at 02:52 PM ----------
FWIW, on a S10+, I enabled Magisk hide and select *all* apps (400+ took quite some time), rebooted and then configured my G account, pay etc. It was working fine for a few months.
There's trick about modifying a DB content and I applied it (sorry can't remember the post).
Then came an update (store or pay, can't tell) and it stopped working complaining device was insecure or something similar. I just gave up as I have a watch that works for payment.
So, short answer is you'll likely loose ability to pay with NFC.
---------- Post added at 03:04 PM ---------- Previous post was at 03:01 PM ----------
- I've unlocked an LG V40 EBW with LG unlock;
- Extracted boot_a, boot_b image from latest kdz ( 20f) in a Linux VM
- Installed Magisk Manager, patched boot_a with Magisk Manager
- Booted in ADB from magisk_patched.img
- Installed magisk_patched.img in Magisk Manager on slot 1
I have obtained permanent root on the stock rom.
I'm trying to edit vo_config.xml from /oem/OP/OPEN_EN_DS/config for VoWiFi/VoLTE.
It seems this is mounted on /dev/block/dm-0.
Even if i can write to the file, change permissions etc. , the changes are reset after a reboot.
I have already HEX edited magisk_patched.img "judypn androidboot.product.lge.op_verity=0" and flashed it in ADB and it didn't solve my problem.
How could this be done? I'm on Android 9, stock rom ( 20f)
Help would be appreciated.
I can confirm this method still works, but can't edit the vo_config.xml to stick.
P.S.
For the banking apps, once you edit the files, you can relock the phone and i guess it would be fine.
