[stock-rom/UPDATE][LB/UB][SGP511/512/521][Prerooted flashable zip][23.0.1.a.0.167]

[crazymister]

Hello Guys,

I packed the rom in a flashable zip, it's pre-rooted and nut's dual recovery is included, also the kernel is included so need to flash that afterwards

Thanks to @zxz0O0 for his PRFCreator, @[NUT] for his dualrecovery, @Chainfire for root package, and me for combining their great work work for you


I got some reactions that root isn't working properly, So i will be working on a new version, but that will have to wait until i got Linux working and setup again (ages ago since i worked with Linux ) and made the new version. After that i might even consider tweaking it etc, but don't hold your hopes up yet, i don't have much spare time to work on it


SGP511
https://mega.co.nz/#!ndFxUCTR!xVE235NjuIFiugEofrQaWjWP5cLfSBffgyx1sIgV1ak

SGP512
https://mega.co.nz/#!bJ8lTJiA!vg4B_TSlKnwJPxm3WK5Rgc13h0ejx3Jq6x7LGtTu-6w

SGP521
https://mega.co.nz/#!TB9lULCI!v2m-wL4JGEDs_fIQt83Qrbmn0JerkMfL-aSIOh-mtVY

You should know that Playstation PS4 remote play Won't work due to Root.
If you want to use that wait for a different root/altered ps remote play app and just enjoy stock unrooted untill then

instructions:
make sure you are on a rom with recovery
flash this rom, wipe cache/dalvik cache, reboot
enjoy

 

[tansy]

Thanksss

 

[Bird40]

R/W

Root Explorer does not switch /system in mode R/W

 

[smarcisin]

This work with SGP561?

Sent from my SGP561 using XDA Premium HD app

 

[crazymister]

I don't think so. I'll see if i can make one for 561 tomorrow

Sent from my SGP521 using XDA Premium HD app

 

[crazymister]

Root Explorer does not switch /system in mode R/W

I'm sorry to hear that. Haven't really tested it since i want to use ps4 remote play.
I'll see if i can make a new version later tomorrow

Sent from my SGP521 using XDA Premium HD app

 

[Moscow Desire]

I'm sorry to hear that. Haven't really tested it since i want to use ps4 remote play.
I'll see if i can make a new version later tomorrow

Sent from my SGP521 using XDA Premium HD app

Did you modify the kernel "ramdisk" to make it insecure?

Generally with most ramdisks, you'll need to split the boot.img, unpack the ramdisk gz, and edit the line in the default.prop (might be in a different location)

Change this line from ro.secure=1 to ro.secure=0

Then repack ramdisk, and repack the boot.img

Virtuous Ten Studio should do this automatically when you split the boot.img.

 

[crazymister]

Did you modify the kernel "ramdisk" to make it insecure?

Generally with most ramdisks, you'll need to split the boot.img, unpack the ramdisk gz, and edit the line in the default.prop (might be in a different location)

Change this line from ro.secure=1 to ro.secure=0

Then repack ramdisk, and repack the boot.img

Virtuous Ten Studio should do this automatically when you split the boot.img.

No i didn't do anything to the kernel. It's completely stock

Sent from my SGP521 using XDA Premium HD app

 

[Moscow Desire]

No i didn't do anything to the kernel. It's completely stock

Sent from my SGP521 using XDA Premium HD app

There's the issue, and why you can't get /system RW.

On most devices, if you can get OEM Bootloader Unlock, then it's just a matter of modifying Ramdisk as stated above, then fastboot (flash) the new boot image. You can do a simple adb push and permissions for SU and SuperSU.apk.

When you split a boot.img, you get 2 parts basically, zimage (kernel) and ramdisk. Ramdisk you can edit.

As with the easyroot program (worked prior to .167), it used an exploit to split the bootimg, and modify ramdisk with the above parameters internally, then packing it back. Hence why it was copying it to a temp folder to do it's work. This was all great as we didn't need to unlock bootloader. But it doesn't negate the fact the ramdisk was still modified.

Get Virtuous Ten Studio here at XDA. Unpack the boot.img, make the change, pack it back and flash it. Should work. Program is pretty simple.

I just can't get it working right under Win 10, and not sure when I can get to it.

 

[crazymister]

There's the issue, and why you can't get /system RW.

On most devices, if you can get OEM Bootloader Unlock, then it's just a matter of modifying Ramdisk as stated above, then fastboot (flash) the new boot image. You can do a simple adb push and permissions for SU and SuperSU.apk.

When you split a boot.img, you get 2 parts basically, zimage (kernel) and ramdisk. Ramdisk you can edit.

As with the easyroot program (worked prior to .167), it used an exploit to split the bootimg, and modify ramdisk with the above parameters internally, then packing it back. Hence why it was copying it to a temp folder to do it's work. This was all great as we didn't need to unlock bootloader. But it doesn't negate the fact the ramdisk was still modified.

Get Virtuous Ten Studio here at XDA. Unpack the boot.img, make the change, pack it back and flash it. Should work. Program is pretty simple.

I just can't get it working right under Win 10, and not sure when I can get to it.

That will be a problem for me since my bootloader is still locked. So i will not be able to flash an insecure kernel.
And im not going to unlock it anytime soon either, so if you want an insecure kernel you will have to build it yourself. In whatever environment. You can always start a VM with win/linux just to build it

And sorry if i sound harsh that'snot my intention. :good:

 

[Moscow Desire]

That will be a problem for me since my bootloader is still locked. So i will not be able to flash an insecure kernel.
And im not going to unlock it anytime soon either, so if you want an insecure kernel you will have to build it yourself. In whatever environment. You can always start a VM with win/linux just to build it

And sorry if i sound harsh that'snot my intention. :good:

Naw, no offense taken. :highfive:

I hate unlocking mine as well, but eventually will probably have to. Just hate going through Sony to do it, as they will have my tab ID on record

 

[crazymister]

Btw, i didn't use an easyroot utility but injected the root directly into the ROM. (not a nandroid backup, but downloaded the sony files, decrypted them, turned that into ftf and used the ftf to build a zip with root build into it
On the brief test i did, i did have root privileges, but i didn't do an extensive test because i only tested if root was there (used root checker), because i use the ps4 remote app :good: that just gives an error as soon as you have a superuser app installed

So from the reactions i got (and I'll change the op until i got a new, good working version) root isn't working properly, but working nonetheless

Sent from my SGP521 using XDA Premium HD app

 

[Moscow Desire]

Btw, i didn't use an easyroot utility but injected the root directly into the ROM. (not a nandroid backup, but downloaded the sony files, decrypted them, turned that into ftf and used the ftf to build a zip with root build into it
On the brief test i did, i did have root privileges, but i didn't do an extensive test because i only tested if root was there (used root checker), because i use the ps4 remote app :good: that just gives an error as soon as you have a superuser app installed

So from the reactions i got (and I'll change the op until i got a new, good working version) root isn't working properly, but working nonetheless

Sent from my SGP521 using XDA Premium HD app

Yeah, and I'm not totally familiar with the way Sony has their kernel/boot image laid out. Different from other tablets I've worked on.

Will look into things though as time permits.

 

[crazymister]

Naw, no offense taken. :highfive:

I hate unlocking mine as well, but eventually will probably have to. Just hate going through Sony to do it, as they will have my tab ID on record

Oh yeah, if you have made a backup of your TA you can safely re-lock your tab again without worrying about warranty. Because the DRM keys are in TA, and if you restore that (only if you backed it up prior to unlocking the first time) you also restore your drm keys

Tested to work when i had xperia T, with my current Z and a bunch of other Sony phones from friends
Even used warranty once after screwing things up i just restored TA, made it completely stock and went to the shop to claim my warranty

Sent from my SGP521 using XDA Premium HD app

 

[Jeddix]

Quick question: If the rom can't write to the system, can the recoveries? The only thing I need write access to the system partition is for changing the fonts and for the hosts file but I can do that in recovery. If that's the case I could live with root without full system access like in this rom.

 

[Moscow Desire]

Oh yeah, if you have made a backup of your TA you can safely re-lock your tab again without worrying about warranty. Because the DRM keys are in TA, and if you restore that (only if you backed it up prior to unlocking the first time) you also restore your drm keys

Tested to work when i had xperia T, with my current Z and a bunch of other Sony phones from friends
Even used warranty once after screwing things up i just restored TA, made it completely stock and went to the shop to claim my warranty

Sent from my SGP521 using XDA Premium HD app

Yeah, had to use my other PC, but they are backed up.

Just info, should probably look at this;
http://forum.xda-developers.com/showthread.php?t=2699858

So seeing the kernel itself isn't being changed, it may work changing ramdisk only.

 

[crazymister]

Yeah, had to use my other PC, but they are backed up.

Just info, should probably look at this;
http://forum.xda-developers.com/showthread.php?t=2699858

So seeing the kernel itself isn't being changed, it may work changing ramdisk only.

Nah that won't work. The only thing spoken of is how to extract boot.img from an ftf and how to inject that into your update.zip. As soon as you make even the tiniest change in kernel (ramdisk included) the kernel isn't signed anymore and you won't be able to flash it.

I have build my own rom in the past for xperia t, and i decided that learning to build your own rom and kernel at the same time is to much work
I will see what i can do later today, when my ex picks up my son I'll have some free time at hand then.
So to install Ubuntu and configure it to use it again. I hope i have something usefull tonight.


Sent from my SGP521 using XDA Premium HD app

 

[flipside101]

in the kulverti thread 4.4.4 starts rolling out today he mentions some files that need modding in the recovery installer to kill sonyric so you can get rw system access . does that help ?

 

[steff_1964]

any fix of system rights?

Quick question: If the rom can't write to the system, can the recoveries? The only thing I need write access to the system partition is for changing the fonts and for the hosts file but I can do that in recovery. If that's the case I could live with root without full system access like in this rom.

I tried this rom, but I also got no full system access. So I couldn't apply the sd fix patch. But I do have regular root rights. Is there any way so far to get also write permissions in the system?

 

[Moscow Desire]

I tried this rom, but I also got no full system access. So I couldn't apply the sd fix patch. But I do have regular root rights. Is there any way so far to get also write permissions in the system?

Well, if you want to unlock your bootloader it makes it easier

Basically I run a modified ramdisk with some of the security disabled and a different patched adbd binary, Fastboot flash the boot.img, Fastboot boot the current TWRP, exit out (it installs SuperSU and the binary automatically), then reboot. Have full system RW, exposed modules, greenify, etc.

It's sort of a round-about way of getting root and /system rw, but the selinux is a pain.

Still looking for available adbd binaries that also work and clean up all my ramdisk comments I don't need :laugh::laugh::laugh: