So, for an AT&T - did u manage to upgrade/flash to 10 and have both SIMs working (baseband ok?)
If yes, can you please indicate exactly what image u used and what qcn for restored did u used?
Thanks and regards
If yes, can you please indicate exactly what image u used and what qcn for restored did u used?
Thanks and regards
I am interested in putting together a rawprogram0.xml for Sonim Android 10. With the phone in EDL mode, and doing the following
QSaharaServer.exe -p \\.\COM6 -s 13: prog_emmc_ufs_firehose_Sdm660_ddr.elf
GPTConsole COM6
I get the error message "Cannot find gpt_header in C:/Flashtools/"
What am I missing here? Thanks in advance.
Update: Got it. Nevermind.
QSaharaServer.exe -p \\.\COM6 -s 13: prog_emmc_ufs_firehose_Sdm660_ddr.elf
GPTConsole COM6
I get the error message "Cannot find gpt_header in C:/Flashtools/"
What am I missing here? Thanks in advance.
Update: Got it. Nevermind.
Last edited:
yes with a imei editor and used sonim software updater to push imei both are working to my knowledge but havent tested both slots since i only have one sim card
has tested verizon android 10 doesnt accpet TWRP from research i think they changed the location of the recovery which no longer sits in boot.img when i flash i get android corrupted wont boot and the programs ive used to port twrp to the boot image fail on recompiling
do you have the raw program0 file for this and the patch0 im trying to port twrp to android 10 not having success with VZW build even tho it states oem unlock in settings bootloader still locked , fastboot unlock commands fail
I do not have the patch0 as I pulled this backup with the instructions on the first page. There should be a rawprogram0.xml file in the package but NO patch0. I am not sure how to get / create that. I can confirm that this does work for ATT phones but the phone needs to be unlocked from the network.
both phones are unlocked it for some reason bootloops on both phones , but it shows my bootloader unlock even tho all the commands fail
I have had some issues with the fastboot commands failing, I resolved this issue with a different usb cable. as for the "unlocked" I am referencing the ATT network lock pin not the bootloader lock, I have been able to do this carrier changing with the bootloader locked and unlocked using QFIL.
im following , both phones are unlocked the VZW android 10 claims the bootloader is locked even tho its unlocked on both phones im working on porting a android 10 twrp
We have success just have to figure out how to edit the mount points but I have tarp 3.7 up and running , still can’t flash system via fast boot working on doing so with tarp so we have a chance at running at least android Q GSI’s
does anyone have another android 10 variant ? to test the recovery works ( flashes/mounts system ) but wont boot on VZW build ( gives the cant be trusted phone wont boot error ) , it boots on the canada bell but never goes past recovery
bricked flashing bell canada removed ( 0's ) from the end of files can only boot 7.1.1 lol this phone is weird af trying to install VZW keeps giving device is corrupted cant be trusted errror
this saved my life ( so discovery ) if your phone bootloops after flashing load this - tested with the VZW android 10 Build - currently flashing android 8.1 userdebug will upload the twrp 3.7 build later have to figure out how to add the a/b slot option , but the OG Twrp ive posted works fine will add some fixes like enabling adb,mtp
Im working on a Flashable.Zip via Twrp created the rom in Super R's Kitchen as a test no modifications but need someone to help me fix the updater-script ( keeps throwing error 7 ) some mount point flags can upload the zip for testing if anyone has resources and knowledge
i think you made a post a while back about compiling android 9 for this devices , could you tell me more about how you accomplished this and what do i need tool wise if so i might be able to assist in porting roms i have ubuntu on my macbook and windows 10 on my alienware , can send you the flashable zip i created i couldnt get passed an error 7 but the structure seemed like it would pass TWRP script check
Four. Qualcomm QCN
1. The most original qcn file of the project is to select a RF card driver that is close to the project motherboard from the Qualcomm original code (similar GPIO configuration and frequency band configuration), and use the QCN corresponding to the RF card driver as the basic QCN file. After adding the static radio frequency NV item and frequency band configuration, it can be used as a QCN configuration file, and the corresponding NV modification of the subsequent software can be modified through QXDM and then backed up from the mobile phone to QCN.
2. QCN tar package production process:
2.1 First define and open the macro FEATURE_EFS_ENABLE_FACTORY_IMAGE_SECURITY_HOLE in the modem code and compile the modem.
2.2 Take a machine and use the fastboot erase command to erase the existing qnc data in the mobile phone, use the QPST tool to burn the prepared QCN file, connect the mobile phone to the computer to open the diag port, and enter the modem side modem_proc/core/storage on the PC command terminal In the /tools directory, execute the perl efsreadimage.pl -z command, which will generate fs_image.tar.gz in the current directory, and copy fs_image.tar.gz to the modem_proc/core/storage/tools/qdst directory, in linux Execute python QDSTMBN.py fs_image.tar.gz in the environment. After completion, the fs_image.tar.gz.mbn file will be generated in the same directory.
2.3 Create a new folder create_efs locally on the PC side, and put the modem_proc\build\ms\bin\AAAAANAZ\efs_image_meta.bin file, fs_image.tar.gz.mbn file and \modem_proc\core\bsp\efs_image_header\tools\ on the modem side Copy all files to create_efs, execute efs_image_create.py efs_image_meta.bin fs_image.tar.gz.mbn in the windows command window, and the final QCN Tar package fs_image.tar.gz.mbn.img file will be generated in this directory if the command is executed successfully .
3. After executing the modem image file unpacking script when compiling the software version, add the prepared QCN tar package fs_image.tar.gz.mbn.img to the fsg partition in the generated download partition file rawprogram0.xml, so that Burn the QCN file by downloading the software.
1. The most original qcn file of the project is to select a RF card driver that is close to the project motherboard from the Qualcomm original code (similar GPIO configuration and frequency band configuration), and use the QCN corresponding to the RF card driver as the basic QCN file. After adding the static radio frequency NV item and frequency band configuration, it can be used as a QCN configuration file, and the corresponding NV modification of the subsequent software can be modified through QXDM and then backed up from the mobile phone to QCN.
2. QCN tar package production process:
2.1 First define and open the macro FEATURE_EFS_ENABLE_FACTORY_IMAGE_SECURITY_HOLE in the modem code and compile the modem.
2.2 Take a machine and use the fastboot erase command to erase the existing qnc data in the mobile phone, use the QPST tool to burn the prepared QCN file, connect the mobile phone to the computer to open the diag port, and enter the modem side modem_proc/core/storage on the PC command terminal In the /tools directory, execute the perl efsreadimage.pl -z command, which will generate fs_image.tar.gz in the current directory, and copy fs_image.tar.gz to the modem_proc/core/storage/tools/qdst directory, in linux Execute python QDSTMBN.py fs_image.tar.gz in the environment. After completion, the fs_image.tar.gz.mbn file will be generated in the same directory.
2.3 Create a new folder create_efs locally on the PC side, and put the modem_proc\build\ms\bin\AAAAANAZ\efs_image_meta.bin file, fs_image.tar.gz.mbn file and \modem_proc\core\bsp\efs_image_header\tools\ on the modem side Copy all files to create_efs, execute efs_image_create.py efs_image_meta.bin fs_image.tar.gz.mbn in the windows command window, and the final QCN Tar package fs_image.tar.gz.mbn.img file will be generated in this directory if the command is executed successfully .
3. After executing the modem image file unpacking script when compiling the software version, add the prepared QCN tar package fs_image.tar.gz.mbn.img to the fsg partition in the generated download partition file rawprogram0.xml, so that Burn the QCN file by downloading the software.
Similar threads
Top Liked Posts
-
There are no posts matching your filters.
-
1
i think you made a post a while back about compiling android 9 for this devices , could you tell me more about how you accomplished this and what do i need tool wise if so i might be able to assist in porting roms i have ubuntu on my macbook and windows 10 on my alienware , can send you the flashable zip i created i couldnt get passed an error 7 but the structure seemed like it would pass TWRP script check1Four. Qualcomm QCN
1. The most original qcn file of the project is to select a RF card driver that is close to the project motherboard from the Qualcomm original code (similar GPIO configuration and frequency band configuration), and use the QCN corresponding to the RF card driver as the basic QCN file. After adding the static radio frequency NV item and frequency band configuration, it can be used as a QCN configuration file, and the corresponding NV modification of the subsequent software can be modified through QXDM and then backed up from the mobile phone to QCN.
2. QCN tar package production process:
2.1 First define and open the macro FEATURE_EFS_ENABLE_FACTORY_IMAGE_SECURITY_HOLE in the modem code and compile the modem.
2.2 Take a machine and use the fastboot erase command to erase the existing qnc data in the mobile phone, use the QPST tool to burn the prepared QCN file, connect the mobile phone to the computer to open the diag port, and enter the modem side modem_proc/core/storage on the PC command terminal In the /tools directory, execute the perl efsreadimage.pl -z command, which will generate fs_image.tar.gz in the current directory, and copy fs_image.tar.gz to the modem_proc/core/storage/tools/qdst directory, in linux Execute python QDSTMBN.py fs_image.tar.gz in the environment. After completion, the fs_image.tar.gz.mbn file will be generated in the same directory.
2.3 Create a new folder create_efs locally on the PC side, and put the modem_proc\build\ms\bin\AAAAANAZ\efs_image_meta.bin file, fs_image.tar.gz.mbn file and \modem_proc\core\bsp\efs_image_header\tools\ on the modem side Copy all files to create_efs, execute efs_image_create.py efs_image_meta.bin fs_image.tar.gz.mbn in the windows command window, and the final QCN Tar package fs_image.tar.gz.mbn.img file will be generated in this directory if the command is executed successfully .
3. After executing the modem image file unpacking script when compiling the software version, add the prepared QCN tar package fs_image.tar.gz.mbn.img to the fsg partition in the generated download partition file rawprogram0.xml, so that Burn the QCN file by downloading the software. -
6Enjoy!
XP8 Android Root Theory - DEBUG or Magisk over EDL
EDL is a must since Fastboot cannot be unlocked initially from standard "user" builds.
One option is flash a userdebug image (below) allowing for adb root, fastboot unlocking, and other useful features.
or
Without unlocking the bootloader - Similar flashing methods remain valid when standard magisk powered root is desired. This method allows preservation of all current system data aside from boot.img. All is covered since Magisk works with AVB and we have EDL as a flashing alternative. Please see Android Boot Flow > LOCKED Devices with Custom Root of Trust for more information.
Recommend method ..
It's up to you.. If you want OTA updates and your planning to use root apps then go with Magisk. As of today we have current debug images available and I personally prefer isolated adb root access only however future availability of updated Debug images cannot be guaranteed.
Disclaimer
-Devices with locked bootloaders will display a custom OS warning at boot
-Tested on AT&T branded devices only - please provide system dump for validation on other builds
-I have not identified any JTAG procedures and I can not help if you hard brick your device!
-This guide only touches boot_a and should be relatively safe since boot_b remains unmodified. I'm pretty sure this is enough to restore the original boot.img to boot_a under a failure scenario.. But I'm not really qualified enough to say definitively either.
-Take great caution - this is raw emmc access and critical system data! You are proceeding at your own risk!
Magisk Root
USERDEBUG Flash
Images and OTA Files
XP5s
Sprint Image: XP5SA.0.2-03-7.1.2-29.03.00
Works the same. Tested with unmodified Sprint firmware. Like most other apps, the Magisk manager app is unusable since the XP5s has no touch screen - I had to patch the boot image on another device. You can plug in a USB mouse however the cursor does not seem to invoke in-app tap's.
Need to use the appropriate Firehose loader (prog_emmc_firehose_8920.mbn) and replace the boot image location according to the XP5s GPT (start_sector="790528").4xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
Sonim XP8 is officially Rooted with TWRP
replace downloaded boot.img with your boot.img in firmware folder from the link below
tested on android 7x-8x USERDEBUG builds.
xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
=======================================================================
Bugs -
cant flash system.img
wipe/format data wipes phone completely
ive tested both functions its the way this phone is setup its pretty weird.
=======================================================================
Updates -
will be working on figuring out how to build a custom OS
any help would be greatly appreciated
=======================================================================
NEW LINK with sonim flash tool , boot.img , magisk , and no verity
I dont ! take any credit for the mentioned applications just the TWRP port
==========
Thank you to all who kept this thread in motion lets keep it going !!
========================================================================
ADB -
adb reboot bootloader - takes you to fastboot where you can select recovery mode
adb reboot edl - takes you to flash mode.
adb rebootrecoverydoesnt work !
========================================================================
NEW LINK - GDRIVE 3Hey guys, been a while and I'm glad to share some updates with the community!
Main post here has been updated according to the progress made in the previous posts. Much thanks to everyone for providing early debug images, files, and knowledge!
Updates
- Torrent file hosting moved to Android FIle Host
- Current 8.1.0 AT&T Debug image uploaded
- 8.1.0 Debug image verified to retain dm-verity! At least on current AT&T builds.
- Additional factory images uploaded
- All basic flash tools, elf files, drivers, and GPTConsole executable uploaded
- More images will be uploaded in the following days. Ran out of time to upload everything tonight.
Full Android File Host Repository - Here
We continue to welcome new images for the file collection.2ATT XP8 backup, rooting, and wifi hotspot
Rooted an ATT (carrier unlocked) Sonim XP8 this afternoon and enabled wifi hotspot on the device. Below are notes. These are compiled mostly from XDA posts by Smokeyou. Kudos for his efforts and posts. Thanks also to Sergsinger for his PDA forum posts .Wifi hotspot adjustment by RJGlenn. Feel free to PM me with corrections, additions, and clarifications. This is a work in progress
Instructions below assume lap/desktop OS is recent MS Windows.
Pre-install:
1.) Download and install "Flash Tools" from https://androidfilehost.com/?fid=4349826312261641937
This compressed archive contains,
fh_loader.exe GPTConsole.exe prog_emmc_firehose_8920.mbn
prog_emmc_ufs_firehose_Sdm660_ddr.elf
QC.QMSLPhone.dll
QMSL_MSVC10R.dll
QSaharaServer.exe
SubSysSwDownload.DLL
Download the FlashTools archive and unpack it to C:\ drive.
2.) Download Android Debug Bridge (ADB) from here, https://developer.android.com/studio/releases/platform-tools.
Install ADB on your desktop. Update Windows PATH, (life is short).
3.) Download and install QDLoader HS-USB Driver.zip from here, https://androidfilehost.com/?fid=24459283995295983
In the installation menu, always click "Next" and do not select anything else. Reboot your PC.
4.) Download and install "XP8 drivers" from here, https://www.androidfilehost.com/?fid=4349826312261641909
5.) Secure copies of Magisk.zip and MagiskManager.apk for installation on Android device. Website is https://github.com/topjohnwu/Magisk
6.) On your Sonim XP8 handset, enable developer settings and,
-allow OEM (bootloader) unlocking,
-allow USB debugging,
-allow verify apps over USB, and
-download and install Root Browser Classic (JRummy apps).
PHASE I.) BACKUP YOUR ROM-
1.) Put the smartphone in EDL (Emergency Download) mode. Phone can be put into EDL manually by turning it off, then hold down both Volume buttons and press the Power button: Sonim will appear, then screen will go blank. Phone is now in EDL mode. Another option is via ADB. Open a command prompt window by right-clicking in an empty space while holding the Shift key on the keyboard, then select "open command window here" type in, "adb reboot edl". Connect the phone to the PC, the phone will be identified as " Qualcomm HS-USB QDLoader 9008" in the Device Manager, under Ports (COM and LPT). Remember the port number (COM) displayed here to which the phone is connected. This is very important.
2. Create a backup. In the unpacked FlashTools folder, on an empty space, right-click while holding the Shift key on the keyboard and select "open command window here". Execute the following commands:
2a.) "QSaharaServer.exe -p \\. \ COM<X> -s 13: prog_emmc_ufs_firehose_Sdm660_ddr.elf"
<X> is the port number your phone is connected to, becomes COM1 or COM2 (hard brackets go away)
2b.) Create a backup XML file named "backup.xml". This grabs much of the ROM for a backup. Contents of this .xml are:
2c.) Enter this in a terminal window to create the backup, "fh_loader.exe --convertprogram2read --port=\\.\COM<X> --sendxml=backup.xml" .
<X> is the port number your phone is connected to, becomes COM1 or COM2 (hard brackets go away).
Note: To restore the backup, execute the commands: "QSaharaServer.exe -p \\. \ COM<X> -s 13: prog_emmc_ufs_firehose_Sdm660_ddr.elf",
and "fh_loader.exe --port = \\. \ COM <X> --sendxml = Backup.xml"
Remember <X> is the port number,to which your phone is connected!
PHASE II.) ESTABLISHING ROOT. This is done via MagiskManager and boot patching.
1.) Pull Boot.img. We need a copy of the stock boot image for MagiskManager to patch. It's also good to keep a backup copy of the stock boot image on hand should you need to restore for any reason.
1a.) Create an XML file named "bootbackup.xml" in C:\FlashTools using below code. This will create a backup of boot_a from the Sonim XP8 and save it as "backup_boot.img" in C:\FlashTools.
1b.) Boot to EDL mode using methods in Phase I, step 1. Remember the COM port in use. Run the following commands.
A) Load the firehose programmer, "QSaharaServer.exe -p \\.\COM<X> -s 13
rog_emmc_ufs_firehose_Sdm660_ddr.elf"
Remember <X> is the port number,to which your phone is connected.
B) Run the bootbackup.xml file to create backup_boot.img in C:\FlashTools using the following command.
"fh_loader.exe --convertprogram2read --port=\\.\COM<X> --sendxml=bootbackup.xml --lun=0 --memoryname=emmc --noprompt --reset"
2.) Magisk Manager and boot patch
2a.) Transfer "backup_boot.img" to /downloads on the device. MagiskManager will access it here and modify it.
Do this by using Android Debug Bridge (ADB) thus: "adb push C:\FlashTools\backup_boot.img /storage/self/primary/Download/". Note device is NOT in EDL mode.
2b.) On the handset, install magiskmanager.apk. Do this either via ADB, or put the .apk file on the device sdcard, browse to it using RootBrowser, and install.
2c.) Open MagiskManager application, follow presented instructions and apply patch to backup_boot.img in device /downloads directory.
2d.) Run, "ADB pull /storage/self/primary/Download/magisk_patched.img". File should be in whatever directory command was called from (C:\FlashTools\magisk_patched.img).
3.) Apply patched boot.img to device operating system by pushing a copy of magisk_patched.img to the device and overwriting boot_a with it as follows,
3a.) Create an XML file named "magiskoverwrite.xml"
3b.) Boot back into EDL mode and load firehose programmer, "QSaharaServer.exe -p \\.\COM<#> -s 13rog_emmc_ufs_firehose_Sdm660_ddr.elf"
3c.) Apply magisk_patched.img using the following command, "fh_loader.exe --port=\\.\COM<#> --sendxml=magiskoverwrite.xml --lun=0 --memoryname=emmc --noprompt --reset"
Post install notes: Phone asked for password upon reboot following completion of step 3. Screenlock pin did not resolve this.
Did factory reset. Reinstalling MagiskManager.apk from copy on device sdcard, followed by "install" in the application, granted root privileges.
Phase III.) ENABLING WIFI HOTSPOT.
1.) Download and install Root Browser Classic (JRummy apps). Open Root Browser Classic and browse to /system/build.prop. Open with a text editor. Scroll down to "#property to enable entitlement check". Change att.service.entitlement= from "true" to "false". Below this add "net.tethering.noprovisioning=true". Hit save. Close the text editor, then reboot the phone.
