[stock-rom/UPDATE][LB/UB][SGP511/512/521][Prerooted flashable zip][23.0.1.a.0.167]

crazymister

Senior Member
Sep 18, 2010
715
262
93
33
Almere
Hello Guys,

I packed the rom in a flashable zip, it's pre-rooted and nut's dual recovery is included, also the kernel is included so need to flash that afterwards

Thanks to @zxz0O0 for his PRFCreator, @[NUT] for his dualrecovery, @Chainfire for root package, and me for combining their great work work for you ;)


I got some reactions that root isn't working properly, So i will be working on a new version, but that will have to wait until i got Linux working and setup again (ages ago since i worked with Linux :D) and made the new version. After that i might even consider tweaking it etc, but don't hold your hopes up yet, i don't have much spare time to work on it



SGP511
https://mega.co.nz/#!ndFxUCTR!xVE235NjuIFiugEofrQaWjWP5cLfSBffgyx1sIgV1ak

SGP512
https://mega.co.nz/#!bJ8lTJiA!vg4B_TSlKnwJPxm3WK5Rgc13h0ejx3Jq6x7LGtTu-6w

SGP521
https://mega.co.nz/#!TB9lULCI!v2m-wL4JGEDs_fIQt83Qrbmn0JerkMfL-aSIOh-mtVY

You should know that Playstation PS4 remote play Won't work due to Root.
If you want to use that wait for a different root/altered ps remote play app and just enjoy stock unrooted untill then

instructions:
make sure you are on a rom with recovery
flash this rom, wipe cache/dalvik cache, reboot
enjoy :D
 
Last edited:

Moscow Desire

Retired Senior Moderator
I'm sorry to hear that. Haven't really tested it since i want to use ps4 remote play.
I'll see if i can make a new version later tomorrow

Sent from my SGP521 using XDA Premium HD app
Did you modify the kernel "ramdisk" to make it insecure?

Generally with most ramdisks, you'll need to split the boot.img, unpack the ramdisk gz, and edit the line in the default.prop (might be in a different location)

Change this line from ro.secure=1 to ro.secure=0

Then repack ramdisk, and repack the boot.img

Virtuous Ten Studio should do this automatically when you split the boot.img.
 
Last edited:
  • Like
Reactions: Bird40

crazymister

Senior Member
Sep 18, 2010
715
262
93
33
Almere
Did you modify the kernel "ramdisk" to make it insecure?

Generally with most ramdisks, you'll need to split the boot.img, unpack the ramdisk gz, and edit the line in the default.prop (might be in a different location)

Change this line from ro.secure=1 to ro.secure=0

Then repack ramdisk, and repack the boot.img

Virtuous Ten Studio should do this automatically when you split the boot.img.
No i didn't do anything to the kernel. It's completely stock

Sent from my SGP521 using XDA Premium HD app
 

Moscow Desire

Retired Senior Moderator
No i didn't do anything to the kernel. It's completely stock

Sent from my SGP521 using XDA Premium HD app
There's the issue, and why you can't get /system RW.

On most devices, if you can get OEM Bootloader Unlock, then it's just a matter of modifying Ramdisk as stated above, then fastboot (flash) the new boot image. You can do a simple adb push and permissions for SU and SuperSU.apk.

When you split a boot.img, you get 2 parts basically, zimage (kernel) and ramdisk. Ramdisk you can edit.

As with the easyroot program (worked prior to .167), it used an exploit to split the bootimg, and modify ramdisk with the above parameters internally, then packing it back. Hence why it was copying it to a temp folder to do it's work. This was all great as we didn't need to unlock bootloader. But it doesn't negate the fact the ramdisk was still modified.

Get Virtuous Ten Studio here at XDA. Unpack the boot.img, make the change, pack it back and flash it. Should work. Program is pretty simple.

I just can't get it working right under Win 10, and not sure when I can get to it.
 
  • Like
Reactions: Bird40

crazymister

Senior Member
Sep 18, 2010
715
262
93
33
Almere
There's the issue, and why you can't get /system RW.

On most devices, if you can get OEM Bootloader Unlock, then it's just a matter of modifying Ramdisk as stated above, then fastboot (flash) the new boot image. You can do a simple adb push and permissions for SU and SuperSU.apk.

When you split a boot.img, you get 2 parts basically, zimage (kernel) and ramdisk. Ramdisk you can edit.

As with the easyroot program (worked prior to .167), it used an exploit to split the bootimg, and modify ramdisk with the above parameters internally, then packing it back. Hence why it was copying it to a temp folder to do it's work. This was all great as we didn't need to unlock bootloader. But it doesn't negate the fact the ramdisk was still modified.

Get Virtuous Ten Studio here at XDA. Unpack the boot.img, make the change, pack it back and flash it. Should work. Program is pretty simple.

I just can't get it working right under Win 10, and not sure when I can get to it.
That will be a problem for me since my bootloader is still locked. So i will not be able to flash an insecure kernel.
And im not going to unlock it anytime soon either, so if you want an insecure kernel you will have to build it yourself. In whatever environment. You can always start a VM with win/linux just to build it :)

And sorry if i sound harsh that'snot my intention. :good:
 
  • Like
Reactions: fribriz

Moscow Desire

Retired Senior Moderator
That will be a problem for me since my bootloader is still locked. So i will not be able to flash an insecure kernel.
And im not going to unlock it anytime soon either, so if you want an insecure kernel you will have to build it yourself. In whatever environment. You can always start a VM with win/linux just to build it :)

And sorry if i sound harsh that'snot my intention. :good:
Naw, no offense taken. :highfive:

I hate unlocking mine as well, but eventually will probably have to. Just hate going through Sony to do it, as they will have my tab ID on record :eek:
 
  • Like
Reactions: crazymister

crazymister

Senior Member
Sep 18, 2010
715
262
93
33
Almere
Btw, i didn't use an easyroot utility but injected the root directly into the ROM. (not a nandroid backup, but downloaded the sony files, decrypted them, turned that into ftf and used the ftf to build a zip with root build into it
On the brief test i did, i did have root privileges, but i didn't do an extensive test because i only tested if root was there (used root checker), because i use the ps4 remote app :good: that just gives an error as soon as you have a superuser app installed :(

So from the reactions i got (and I'll change the op until i got a new, good working version) root isn't working properly, but working nonetheless

Sent from my SGP521 using XDA Premium HD app
 

Moscow Desire

Retired Senior Moderator
Btw, i didn't use an easyroot utility but injected the root directly into the ROM. (not a nandroid backup, but downloaded the sony files, decrypted them, turned that into ftf and used the ftf to build a zip with root build into it
On the brief test i did, i did have root privileges, but i didn't do an extensive test because i only tested if root was there (used root checker), because i use the ps4 remote app :good: that just gives an error as soon as you have a superuser app installed :(

So from the reactions i got (and I'll change the op until i got a new, good working version) root isn't working properly, but working nonetheless

Sent from my SGP521 using XDA Premium HD app
Yeah, and I'm not totally familiar with the way Sony has their kernel/boot image laid out. Different from other tablets I've worked on.

Will look into things though as time permits.
 

crazymister

Senior Member
Sep 18, 2010
715
262
93
33
Almere
Naw, no offense taken. :highfive:

I hate unlocking mine as well, but eventually will probably have to. Just hate going through Sony to do it, as they will have my tab ID on record :eek:
Oh yeah, if you have made a backup of your TA you can safely re-lock your tab again without worrying about warranty. Because the DRM keys are in TA, and if you restore that (only if you backed it up prior to unlocking the first time) you also restore your drm keys :)

Tested to work when i had xperia T, with my current Z and a bunch of other Sony phones from friends :D
Even used warranty once after screwing things up :D i just restored TA, made it completely stock and went to the shop to claim my warranty :p

Sent from my SGP521 using XDA Premium HD app
 

Jeddix

Senior Member
Jul 7, 2010
239
134
0
Quick question: If the rom can't write to the system, can the recoveries? The only thing I need write access to the system partition is for changing the fonts and for the hosts file but I can do that in recovery. If that's the case I could live with root without full system access like in this rom.
 

Moscow Desire

Retired Senior Moderator
Oh yeah, if you have made a backup of your TA you can safely re-lock your tab again without worrying about warranty. Because the DRM keys are in TA, and if you restore that (only if you backed it up prior to unlocking the first time) you also restore your drm keys :)

Tested to work when i had xperia T, with my current Z and a bunch of other Sony phones from friends :D
Even used warranty once after screwing things up :D i just restored TA, made it completely stock and went to the shop to claim my warranty :p

Sent from my SGP521 using XDA Premium HD app
Yeah, had to use my other PC, but they are backed up.

Just info, should probably look at this;
http://forum.xda-developers.com/showthread.php?t=2699858

So seeing the kernel itself isn't being changed, it may work changing ramdisk only.
 

crazymister

Senior Member
Sep 18, 2010
715
262
93
33
Almere
Yeah, had to use my other PC, but they are backed up.

Just info, should probably look at this;
http://forum.xda-developers.com/showthread.php?t=2699858

So seeing the kernel itself isn't being changed, it may work changing ramdisk only.
Nah that won't work. The only thing spoken of is how to extract boot.img from an ftf and how to inject that into your update.zip. As soon as you make even the tiniest change in kernel (ramdisk included) the kernel isn't signed anymore and you won't be able to flash it.

I have build my own rom in the past for xperia t, and i decided that learning to build your own rom and kernel at the same time is to much work :p
I will see what i can do later today, when my ex picks up my son ;) I'll have some free time at hand then.
So to install Ubuntu and configure it to use it again. I hope i have something usefull tonight.


Sent from my SGP521 using XDA Premium HD app
 
  • Like
Reactions: fribriz

flipside101

Senior Member
Feb 1, 2006
572
105
63
in the kulverti thread 4.4.4 starts rolling out today he mentions some files that need modding in the recovery installer to kill sonyric so you can get rw system access . does that help ?
 

steff_1964

Senior Member
Dec 27, 2005
82
9
0
www.classic-flights.de.vu
any fix of system rights?

Quick question: If the rom can't write to the system, can the recoveries? The only thing I need write access to the system partition is for changing the fonts and for the hosts file but I can do that in recovery. If that's the case I could live with root without full system access like in this rom.
I tried this rom, but I also got no full system access. So I couldn't apply the sd fix patch. But I do have regular root rights. Is there any way so far to get also write permissions in the system?
 

Moscow Desire

Retired Senior Moderator
I tried this rom, but I also got no full system access. So I couldn't apply the sd fix patch. But I do have regular root rights. Is there any way so far to get also write permissions in the system?
Well, if you want to unlock your bootloader it makes it easier ;)

Basically I run a modified ramdisk with some of the security disabled and a different patched adbd binary, Fastboot flash the boot.img, Fastboot boot the current TWRP, exit out (it installs SuperSU and the binary automatically), then reboot. Have full system RW, exposed modules, greenify, etc.

It's sort of a round-about way of getting root and /system rw, but the selinux is a pain.

Still looking for available adbd binaries that also work and clean up all my ramdisk comments I don't need :laugh::laugh::laugh:
 
Last edited:
Our Apps
Get our official app!
The best way to access XDA on your phone
Nav Gestures
Add swipe gestures to any Android
One Handed Mode
Eases uses one hand with your phone