- Apr 13, 2016
- 25,850
- 23
- 59,526
- 67
fastboot flash vbmeta --disable-verity --disable-verification vbmeta.img
fastboot update -w --disable-verity --disable-verification update codename-image.zip
I have been waiting for the November update to test updating Android 12.@ipdev does this mean that we may potentially have to wipe /data every single time vbmeta is flashed, unless we follow the OTA sideload method? As far as that goes, why does it only seem to succeed after the OTA is sideloaded?
I mean this is better than not having a workaround.
fastboot --disable-verity --disable-verification --skip-secondary --skip-reboot update image-redfin-NameOfUpdate.zip
fastboot reboot bootloader
fastboot_d
so I add a reboot to bootloader.fastboot reboot
.--skip-secondary
is not needed, I just included it to speed up the flash a bit. [ip@lost AIK-Linux]$ ./unpackimg.sh redfin-sp1a.210812.015-boot.img
Android Image Kitchen - UnpackImg Script
by osm0sis @ xda-developers
Supplied image: redfin-sp1a.210812.015-boot.img
Setting up work folders...
Image type: AOSP
Signature with "AVBv2" type detected.
Splitting image to "split_img/"...
ANDROID! magic found at: 0
BOARD_KERNEL_CMDLINE
BOARD_PAGE_SIZE 4096
BOARD_OS_VERSION 12.0.0
BOARD_OS_PATCH_LEVEL 2021-10
BOARD_HEADER_VERSION 3
BOARD_HEADER_SIZE 1580
Unpacking ramdisk (as root) to "ramdisk/"...
Compression used: lz4-l
4937 blocks
Done!
[ip@lost AIK-Linux]$ ./repackimg.sh --original --origsize
Android Image Kitchen - RepackImg Script
by osm0sis @ xda-developers
Repacking with original ramdisk...
Getting build information...
kernel = redfin-sp1a.210812.015-boot.img-kernel
ramdisk = redfin-sp1a.210812.015-boot.img-ramdisk.cpio.lz4
cmdline =
os_version = 12.0.0
os_patch_level = 2021-10
header_version = 3
Building image...
Using format: AOSP
Padding to original size...
Done!
fastboot_d
is part of the boot image (not the bootloader) and is the boot mode used to flash critical partitions.fastboot flashing unlock_critical
Hi.Thanks @ipdev and @V0latyle for the great posts, this looks like you've sorted this issue out as a solid workaround!
I'm on a Pixel 5a 5G/A11/Magisk 23, and want to go to A12. Since the Pixel 2 I too did all my updates via full system image and flash-all (del -w) using platform-tools and don't know much about OTA while maintaining root, I never needed it. @ipdev post gives me some hope because I understand that approach using the flash-all and full system images for updates because it's very familiar.
That said, can you confirm I have fully grasped the way forward based on your posts and code above?
- using latest platform-tools, update from A11 to A12 with full system image with supplied stock flash-all, leave in -w to allow the data wipe, and let it finish, of course removes root and is essentially a clean A12 (Is this correct or do I need to use the OTA for A12 instead? Do I need any disable flags on this first run?)
- using platform-tools, install the same full system image (because we don't have a newer monthly yet, so same image) again only this time use the edits in flash-all @ipdev shared (modified with the correct image name) which does a dirty full system flash (without -w, preserving /data), sets the appropriate disable flags, and will then allow using Magisk 23 to patch boot.img from the system image, and proceed to reflash it to boot as we used to do before A12 without failing.
- from that point forward, for the monthlies we can continue to update using full system image using the edited fastboot lines in @ipdev example (has no -w flag) to apply the monthly update in a way that will keep A12 from rejecting the patched boot.img to regain root.
Sorry for the lengthy post, but I really want to get this right, and I'm pretty excited and relieved that it appears we can do this all using full system images as I always have, no OTAs are required. I'm extremely grateful for this thread and the quick work of @ipdev @V0latyle @osm0sis and all the good folks working to get this sorted out.
Thanks all,
hfam
fastboot -w --disable-verity --disable-verification update image-redfin-sp1a.211105.003.zip
-w
Wipe userdata. (This is done at the end of update
).--disable-verity
Sets disable-verity when flashing vbmeta.--disable-verification
Sets disable-verification when flashing vbmeta.-w
option.fastboot --disable-verity --disable-verification update image-redfin-sp1a.211105.003.zip
--skip-reboot
Don't reboot device after flashing.bootloader
to the flash-all script.--skip-secondary
Don't flash secondary slots in flashall/update.This is what I was referring to in my previous post.View attachment 5446899
We finally figured it out.
Turns out that once dm-verity and vbmeta verification are disabled, you CANNOT let the system boot with them enabled. If /vbmeta gets flashed, such as during an OTA or a factory image, and you let it boot into system, disabling verity/verification is going to require a wipe.
Unfortunately, for those of you upgrading from Android 11, there is simply no way around this - for permanent root, verity/verification must be disabled, and to disable verity/verification, /data must be clean.
I will be updating my guides shortly.
As long as you disabled verity, verification and wiped data when initially updating to (or clean flash) Android 12.
This is what I plan to try.
Code:fastboot --disable-verity --disable-verification --skip-secondary --skip-reboot update image-redfin-NameOfUpdate.zip fastboot reboot bootloader
Just to clerify this last quote. I was dirty-flashing the full factory image disabling verity and verification during the update flash.Once Android 12 is installed, verity and verification are disabled and data is wiped.
You can flash the boot partition as much as you want on Android 12.You can dirty-flash Android 12 again using the above fastboot command without having to wipe data again.The--skip-secondary
is not needed, I just included it to speed up the flash a bit.
#!/bin/sh
# Copyright 2012 The Android Open Source Project
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
if ! [ $($(which fastboot) --version | grep "version" | cut -c18-23 | sed 's/\.//g' ) -ge 3103 ]; then
echo "fastboot too old; please download the latest version at https://developer.android.com/studio/releases/platform-tools.html"
exit 1
fi
fastboot flash bootloader bootloader-redfin-r3-0.4-7617468.img
fastboot reboot-bootloader
sleep 5
fastboot flash radio radio-redfin-g7250-00147-210811-b-7631450.img
fastboot reboot-bootloader
sleep 5
# fastboot -w update image-redfin-sp1a.211105.003.zip
fastboot --disable-verity --disable-verification --skip-secondary --skip-reboot update image-redfin-sp1a.211105.003.zip
fastboot reboot bootloader