How To Guide Root permissions guide for OP11 EU (2449) & backup partition "Persist.img"

[Steps Parku]

@qriozum thank you very much for taking the time for this thorough tutorial. Root and persist.img backup works.

why do we need persist.img backup?

 

[Steps Parku]

Fastboot flash init_boot init_magisk_patched.img

Thanks a million. that helped. all my issues fixed and fully rooted now.

 

[Steps Parku]

Colleague @MrSteelX wrote you where you went wrong.
You used the tutorial very inattentively.

Yes rectified that. I must say it wasn't easy to understand your entire comprehension but it's pretty much straightforward if you are familiar with the process. newbies will not have a smooth understanding, but then again. Yeah!! you are the man!! you helped a lot in getting root for the oneplus 11 and I say a big Thank you!!

 

[phoe zay]

You do everything you do according to this guide only at your own responsibility.

There were a lot of contradictory and various complications during the process of rooting the new OnePlus 11 model.
The process described below was performed on my own copy of OnePlus 11 (model EU, CPH2449) with an OTA installed with the number CPH2449_11_A.07.


Necessary:
- Android SDK Platform eg. Android SDK Platform,
- fastboot/adb drivers to the operating system,
- Magisk V25.2 - Magisk,
- payload-dumper-go_1.2.2 and/or fastbbot enhance v1.4.0 - Payload-dumper-Go/Fastboot Enhance,
- OTA CPH2449_11_A.07 package - CPH2449_11_A.07 (Eu) - thnx @ChrisFeiveel84
- safetynet-fix-v2.4.0 - Safety-Net Fix - MOD SafetyNet-Fix_2.4.0-MOD_1.2 (Displax)


Here is the whole process of obtaining a root after which there are no problems with the automatic brightness of the screen, changing the color of the display, setting PIN/fingerprints/Facial unlock:

A. Factory Reset:

1. Complete reset for factory settings,​

B. Unlocking bootloader:

2. After launching, the basic configuration without setting locks, logging in to the Google account,​

3. Turn on the programmer's options (click 7 times in the "Compilation number" field in the "device information/version" section),​

3. Go to "Additional settings/programmer options" enable "USB debugging" and connect a USB cable and agree with remembering the imprint of our computer address,​

4. Being still in "Additional Settings/Programmer Options" Turn on "OEM blocking",​

5. We run the CMD console in the system from the "Android SDK Platform" directory,,​

6. In the console window, enter:​

7. Just in case, we check whether the controller works correctly by entering the command in CMD:​

After completing the command, it should be displayed:​

8. Now it remains only to unlock the bootloader by entering the command in CMD:​

Now information about the consistency of unlocking will be displayed on the OP11 screen, there are two options at the bottom of the screen:​

- resignation from unlocking and the second about starting unlocking. We make the choice of calm volume. We use the "Power" key for approval.​

9. After unlocking the bootloader in the CMD window, the status will be displayed:​

10. Now only restart is left. Remember that it may take a while!​

You will see text information on the start screen that the device has no integrity (or something similar).​

C. First start after unlocking the bootloader:

11. After launching, the basic configuration without setting locks, logging in to the Google account,​

12. Turn on the programmer's options (click 7 times in the "Compilation number" field in the "device information/version" section),​

13. Go to "Additional settings/programmer options" enable "USB debugging" and connect a USB cable and agree with remembering the imprint of our computer address,​

D. Preparation for rooting:

14. We copy a file called "payload.bin" to the Payload-Dumper directory from our Ota archive,​

16. In the open command line window in the "Payload-Dumper" directory, enter the command:​

there will be a process of extraction of partition images, which will be presented in the CMD window,​

17. After the process is completed in the Payload-Dumper catalog, a subdirectory called "extracted_data unpacking" was created,​

18. In this subdirectory we find a file called "Init_boot.img" and copy it to the catalog with "Android SDK Platform",​

19. You can close the CMD window with payload-dumper,​

20. Copy the "Init_boot.img" file from the computer to our OP11 is the best for the main memory catalog or to the Download subdirectory on OP11,​

21. We copy the Magisk installation file from the computer to our OP11,​

22. In OP11 we install "Magisk V25.2",​

23. After installing, we run Magisk and in the upper right corner we will see the "Install" field, click it and select the only "Select and Patched File" option,,​

24. We indicate the file that we copied to the OP11 called "Init_boot.img" - the process of its patch by Magisk will begin,​

25. After the process is completed in the "Download" subdirectory, a modified file was created called more or less such "magisk_patched_25200_xxxx.img",​

26. We copy this file to our hard disk for the "Android SDK Platform" directory,​

E. Starting root:

27. In the CMD console opened in the "Android SDK Platform" catalog, enter:​

We check the correctness of the connection and drivers by entering:​

After completing the command, it should be displayed:​

28. Now the key moment, we flash the dealing init_boot by entering the command in a dollar CMD window:​

29. The status of the process should be displayed:​

30. Make a restart by entering the command:​

Remember that it may take a while!​

You will see text information on the start screen that the device has no integrity (or something similar).​

F. First launch after obtaining root:

31. After starting OP11, we check if it went properly. We run "Magisk" and in the upper part there should be the status that Ramdisk is enabled.​

It is recommended to include in the "magciscus" options "zygisk" and "forcing the refusal list".​

After turning it on, "Set the refusal list" will be activated and after selecting it will be displayed a list of installed applications, click in the upper corner​

Three dots and select "System applications". Press the applications that we intend to use and which are "allergic" for root (e.g. banking applications, proximity payments).​

32. Make a reboot from the "Magisk" level,​

G. Final configuration:

33. After starting OP11, you can easily set and turn on PIN/Pattern/fingerprints/Facial unlock.​

It also works without any problems automatically set screen brightness, change of color mode​

H. Hiding "Magisk":

34. In Magisk options, select "Hide Magisk applications",​

35. A prompt for permission will be displayed for installation,​

36. We give our name of the "Magisk" application.​

I. Safety-Net Fix:

37. In "Magisk" we enter the "Modules" section,​

38. We indicate the archive "SafetyNet-Fix-V2.4.0" and after loading the module from the "Magisk" level we make a reboot.​

J. Copy of security of the "Persist" partition:

39. In the opened CMD window launched in the "Android SDK Platform" catalog, enter:​

We will then enter the shell op11 shell and we will have a similar sign of encouragement:​

Now we simply enter the command:​

The OP11 screen will display a prompt for granting root - we accept, after that, the console will change the sign with "$" to "#", meaning:​

40. Now we will make a copy of the "Persist.img" partition by entering the command:​

After completing the command, the state will be returned:​

41. We can enter the exit and simply closing the CMD console window.​

42. Now you should copy to your hard disk and/or in your cloud image file "Persist.img" partitions from the memory of our OP11.​

​

​

​

​

State on 2023.02.17:
The official script "SafetyNet-Fix_2.4.0" despite the fact that it goes through all integrity tests, you can't add your cards to the "Google wallet".
The situation is changed by the mod of this script by Displax:
SafetyNet-Fix_2.4.0-MOD_1.2

Now cards added to the "Google wallet" )

Why we need Persist.img?

 

[hellraiserportimao]

Why we need Persist.img?

I also wanted to know. I have this exact model and wanted to know if more people are sucessfully rooting their device, i am little scare of doing it because of the lack of unbrick tools

 

[_Johnito_]

All calibration details of most of the sensors embarqued on (recent) android devices are stored in a partition called persist.img.

Those calibration details are different for every device (by this, i mean every UNIT) and wiping this partition to replace it with nothing or a wrong one will result in an impaired or even deeply faulty device (issues with GPS, wifi, bluetooth, gyroscope...). It is said here and there you should backup your persist.img with EVERY new firmware installed on the device. While i doubt this is actually needed (persist.img is nearly never modified by new firmwares), i do it myself because it is easy and why not.

Two informations to consider though :

- In real life, restoring persist.img rarely help. Probably because if you actually obliterated this partition that 99% of firmwares will never try to replace, you are probably facing bigger issues. The kind that prevent you to actually do anything (hard brick)

- @hellraiserportimao you cannot brick your device by backing up a partition of course. Considering the rooting process, main thing to stay safe (since there is indeed no unbrick tool publicly available) is to always keep your bootloader unlocked and be careful to restore the initial 'init_boot.img" before flashing any OTA update. That is all. For people able to read english, use all of their fingers and owning a classic OP11 (i mean, without forcing COS->OOS), all will be fine.

 

[qriozum]

- In real life, restoring persist.img rarely help. Probably because if you actually obliterated this partition that 99% of firmwares will never try to replace, you are probably facing bigger issues. The kind that prevent you to actually do anything (hard brick)

Just restoring "persist.img" will indeed not do much, but already in combination with the rest of the actions - this, however, restores the non-functioning fingerprint:
How to restore "persist.img" & functional fingerprint (OP8Pro)

 

[Canuck Knarf]

You do everything you do according to this guide only at your own responsibility.

There were a lot of contradictory and various complications during the process of rooting the new OnePlus 11 model.
The process described below was performed on my own copy of OnePlus 11 (model EU, CPH2449) with an OTA installed with the number CPH2449_11_A.07.


Necessary:
- Android SDK Platform eg. Android SDK Platform,
- fastboot/adb drivers to the operating system,
- Magisk V25.2 - Magisk,
- payload-dumper-go_1.2.2 and/or fastbbot enhance v1.4.0 - Payload-dumper-Go/Fastboot Enhance,
- OTA CPH2449_11_A.07 package - CPH2449_11_A.07 (Eu) - thnx @ChrisFeiveel84
- safetynet-fix-v2.4.0 - Safety-Net Fix - MOD SafetyNet-Fix_2.4.0-MOD_1.2 (Displax)


Here is the whole process of obtaining a root after which there are no problems with the automatic brightness of the screen, changing the color of the display, setting PIN/fingerprints/Facial unlock:

A. Factory Reset:

1. Complete reset for factory settings,​

B. Unlocking bootloader:

2. After launching, the basic configuration without setting locks, logging in to the Google account,​

3. Turn on the programmer's options (click 7 times in the "Compilation number" field in the "device information/version" section),​

3. Go to "Additional settings/programmer options" enable "USB debugging" and connect a USB cable and agree with remembering the imprint of our computer address,​

4. Being still in "Additional Settings/Programmer Options" Turn on "OEM blocking",​

5. We run the CMD console in the system from the "Android SDK Platform" directory,,​

6. In the console window, enter:​

7. Just in case, we check whether the controller works correctly by entering the command in CMD:​

After completing the command, it should be displayed:​

8. Now it remains only to unlock the bootloader by entering the command in CMD:​

Now information about the consistency of unlocking will be displayed on the OP11 screen, there are two options at the bottom of the screen:​

- resignation from unlocking and the second about starting unlocking. We make the choice of calm volume. We use the "Power" key for approval.​

9. After unlocking the bootloader in the CMD window, the status will be displayed:​

10. Now only restart is left. Remember that it may take a while!​

You will see text information on the start screen that the device has no integrity (or something similar).​

C. First start after unlocking the bootloader:

11. After launching, the basic configuration without setting locks, logging in to the Google account,​

12. Turn on the programmer's options (click 7 times in the "Compilation number" field in the "device information/version" section),​

13. Go to "Additional settings/programmer options" enable "USB debugging" and connect a USB cable and agree with remembering the imprint of our computer address,​

D. Preparation for rooting:

14. We copy a file called "payload.bin" to the Payload-Dumper directory from our Ota archive,​

16. In the open command line window in the "Payload-Dumper" directory, enter the command:​

there will be a process of extraction of partition images, which will be presented in the CMD window,​

17. After the process is completed in the Payload-Dumper catalog, a subdirectory called "extracted_data unpacking" was created,​

18. In this subdirectory we find a file called "Init_boot.img" and copy it to the catalog with "Android SDK Platform",​

19. You can close the CMD window with payload-dumper,​

20. Copy the "Init_boot.img" file from the computer to our OP11 is the best for the main memory catalog or to the Download subdirectory on OP11,​

21. We copy the Magisk installation file from the computer to our OP11,​

22. In OP11 we install "Magisk V25.2",​

23. After installing, we run Magisk and in the upper right corner we will see the "Install" field, click it and select the only "Select and Patched File" option,,​

24. We indicate the file that we copied to the OP11 called "Init_boot.img" - the process of its patch by Magisk will begin,​

25. After the process is completed in the "Download" subdirectory, a modified file was created called more or less such "magisk_patched_25200_xxxx.img",​

26. We copy this file to our hard disk for the "Android SDK Platform" directory,​

E. Starting root:

27. In the CMD console opened in the "Android SDK Platform" catalog, enter:​

We check the correctness of the connection and drivers by entering:​

After completing the command, it should be displayed:​

28. Now the key moment, we flash the dealing init_boot by entering the command in a dollar CMD window:​

29. The status of the process should be displayed:​

30. Make a restart by entering the command:​

Remember that it may take a while!​

You will see text information on the start screen that the device has no integrity (or something similar).​

F. First launch after obtaining root:

31. After starting OP11, we check if it went properly. We run "Magisk" and in the upper part there should be the status that Ramdisk is enabled.​

It is recommended to include in the "magciscus" options "zygisk" and "forcing the refusal list".​

After turning it on, "Set the refusal list" will be activated and after selecting it will be displayed a list of installed applications, click in the upper corner​

Three dots and select "System applications". Press the applications that we intend to use and which are "allergic" for root (e.g. banking applications, proximity payments).​

32. Make a reboot from the "Magisk" level,​

G. Final configuration:

33. After starting OP11, you can easily set and turn on PIN/Pattern/fingerprints/Facial unlock.​

It also works without any problems automatically set screen brightness, change of color mode​

H. Hiding "Magisk":

34. In Magisk options, select "Hide Magisk applications",​

35. A prompt for permission will be displayed for installation,​

36. We give our name of the "Magisk" application.​

I. Safety-Net Fix:

37. In "Magisk" we enter the "Modules" section,​

38. We indicate the archive "SafetyNet-Fix-V2.4.0" and after loading the module from the "Magisk" level we make a reboot.​

J. Copy of security of the "Persist" partition:

39. In the opened CMD window launched in the "Android SDK Platform" catalog, enter:​

We will then enter the shell op11 shell and we will have a similar sign of encouragement:​

Now we simply enter the command:​

The OP11 screen will display a prompt for granting root - we accept, after that, the console will change the sign with "$" to "#", meaning:​

40. Now we will make a copy of the "Persist.img" partition by entering the command:​

After completing the command, the state will be returned:​

41. We can enter the exit and simply closing the CMD console window.​

42. Now you should copy to your hard disk and/or in your cloud image file "Persist.img" partitions from the memory of our OP11.​

​

​

​

​

State on 2023.02.17:
The official script "SafetyNet-Fix_2.4.0" despite the fact that it goes through all integrity tests, you can't add your cards to the "Google wallet".
The situation is changed by the mod of this script by Displax:
SafetyNet-Fix_2.4.0-MOD_1.2

Now cards added to the "Google wallet" )

Great guide...worked prefect

 

[zeldomar]

Hi,
i did exactly what you wrote before. (not my first device rooting. Also had Opo9P etc)

But by mistake, i did instead of

fastboot flash init_boot magisk_patched_25200_xxxx.img

->

fastboot boot magisk_patched_25200_xxxx.img


Now the device constantly restarts with the Oneplus logo, and does not show the yellow text of an unlocked bootloader.

I did the same mistake

After that, I did:

fastboot flash init_boot stock_init_boot.img
fastboot flash boot stock_boot.img

-> was successfull, but still bootloop.

Someone can help me please ?

Thanks a lot

 

[zeldomar]

I did the same mistake

After that, I did:

fastboot flash init_boot stock_init_boot.img
fastboot flash boot stock_boot.img

-> was successfull, but still bootloop.

Someone can help me please ?

Thanks a lot

My OP 11 works again thanks to this tutorial : https://forum.xda-developers.com/t/...ock-oxygenos-firmware-on-oneplus-10r.4465077/

 

[ReVaNzz]

Hi guys, is anyone else facing problems unlocking the bootloader?

My OP11 is totally brand new, just booted to get dev options, USB debugging and OEM Unlock options activated, I adb rebooted into fastboot mode, the device is recognized, but the command "fastboot flashing unlock" doesn't work.

I am using the latest SDK platform tools (r34.0.1), and Bootloader driver is the one from Google (11.0.0.0, 28/08/2014).
Tried using PowerShell, Terminal, and CMD run as admin with no success.

The only difference I noticed is that CMD is giving me
"usage: fastboot [ <option> ] <command>"
And then shows all the fastboot command list. (?)

while PowerShell and Terminal says
"FAILED (remote: Command not supported in default implementation)
finished. total time: 0.004s"
(Just to clarify, I am sure I am sending the commands in Bootloader/Fastbooted Mode).

The USB cable is the original one, using a USB 3.0 port on Windows 10, but I don't know what else to try. Drivers are supposed to be right, the cable is the original one, so... what am I missing here?

 

[ChrisFeiveel84]

Hi guys, is anyone else facing problems unlocking the bootloader?

My OP11 is totally brand new, just booted to get dev options, USB debugging and OEM Unlock options activated, I adb rebooted into fastboot mode, the device is recognized, but the command "fastboot flashing unlock" doesn't work.

I am using the latest SDK platform tools (r34.0.1), and Bootloader driver is the one from Google (11.0.0.0, 28/08/2014).
Tried using PowerShell, Terminal, and CMD run as admin with no success.

The only difference I noticed is that CMD is giving me
"usage: fastboot [ <option> ] <command>"
And then shows all the fastboot command list. (?)

while PowerShell and Terminal says
"FAILED (remote: Command not supported in default implementation)
finished. total time: 0.004s"
(Just to clarify, I am sure I am sending the commands in Bootloader/Fastbooted Mode).

The USB cable is the original one, using a USB 3.0 port on Windows 10, but I don't know what else to try. Drivers are supposed to be right, the cable is the original one, so... what am I missing here?

Try it with cmd qnd not with powershell
And open the cmd in the platform tools folder

 

[ReVaNzz]

Try it with cmd qnd not with powershell
And open the cmd in the platform tools folder

Thank you @ChrisFeiveel84 for replying, made sure I was doing as you said, but as a result I get like other times before the error message:

"FAILED (remote: 'Unrecognized command flashing unlock')
fastboot: error: Command failed"

 

[ChrisFeiveel84]

Fastboot flashing unlock?
This comand?
And you ar on bootloader modus? Not on fastbootd

 

[ReVaNzz]

Fastboot flashing unlock?
This comand?
And you ar on bootloader modus? Not on fastbootd

Alright, it seems I was in Fastbootd mode and not in Bootloader as I should be. This has become (even more) confusing since now there are this two modes plus recovery. Before wasn't like that.
Well, I hope at least this can be helpful for somebody facing the same mistake.
Thanks a lot @ChrisFeiveel84 for your help, you hinted the exact issue.

 

[ReVaNzz]

Try changing your active slot like someone else suggested. This fixed for me, as booting instead of flashing screws up what is booting. Just enter bootloader, and then from pc do "fastboot --set-active=b" then do "fastboot reboot" this should fix.

This solved the same orange state alert issue to me, thank you guys! I miss the old times when rooting and doing advanced stuff with Android was way easier and simple than nowadays.

 

[forever_omkar]

i just unlocked bootloader and now its not accepting any passwords, it saying password is already changer please try in another type!!

device op11

 

[surajpai524]

i just unlocked bootloader and now its not accepting any passwords, it saying password is already changer please try in another type!!

device op11

Lock and unlock again. Try this till you can set password

 

[forever_omkar]

Lock and unlock again. Try this till you can set password

Means by using command fastboot flashing lock & unlock?
Nothing any extra process right?


Cause i just broke my phn
And went to service centre
They even didn't found any way to flash software
Now they said they are gonna replacing the board.

 

[surajpai524]

Means by using command fastboot flashing lock & unlock?
Nothing any extra process right?


Cause i just broke my phn
And went to service centre
They even didn't found any way to flash software
Now they said they are gonna replacing the board.

Same... I had the same issue .. Got new Phone And I did all procedure in OnePlus Store itself the next time. Some OnePlus engineers where staring at me