I am using OTG cable, works fine.. (tried pen drive and use PS3 Dualshock controller as it doesn't work wit bluetooth stack
)Tegra Note Discoveries
- Thread starter e8hffff
- Start date
)
Ok cool man. I wasn't sure if the protocol was supported or not or if it's broken with modification of the system.I am using OTG cable, works fine.. (tried pen drive and use PS3 Dualshock controller as it doesn't work wit bluetooth stack
Are the 3 thick black strips on the big white piece in pic 3 the magnetic strips? If so, can the be removed without damaging the integrity of the unit or software? I have a theory I'd like to try out.
Sent from my SPH-L900 using XDA Premium 4 mobile app
Sent from my SPH-L900 using XDA Premium 4 mobile app
I think they are just electrical insulation tape, but I haven't tested the magnetic effect. The tape is to isolate the copper chassis sheet from the battery.
My intention is to find and remove all magnetic strips in the unit. I know the cover that was made for it wont work anymore, but I want to see if removing the magnetic will improve GPS lock. The magnets aren't really all that strong, but there's enough of them to impact the signal. That's the theory I'm trying to work out.
Sent from my Nexus 4 using XDA Premium 4 mobile app
Sent from my Nexus 4 using XDA Premium 4 mobile app
Well it seems it is a hardware fault burning smell and then it failed to even access APX so its return it for a replacement.
Edit: Got a new Tablet under replacement, So now its time to find away to kill the OTA updater.
I suggest if your still on 4.2.2 is for now to stay there as 4.2.2 has a unlocked Bootloader by default and is not SBK signed.
SBK Signed is the reason for some of us are getting bricks when using the likes of super tools to update to 4.4.2. SBK signing came with the OTA 4.3 which is why when on 4.3 we do a fastboot oem unlock why we get the red text about Warrenty. Once SBK signing is on thats it Nvflash then talks when flashing in a encrypted format and without the SBK AES128bit keys nvflashing the wrong APX will result in SBK and DK showing fused which then bricks the tablet, this intern causes the reboot loop brick.
So if you on 4.3 and want to go back to 4.2.2 you can't and its the same with 4.4.2 to 4.3 it will brick your device if your blob.bin and the sbk is not correct.
Also in 4.2.2 /System partition there is 178mb free space yet on 4.3 and 4.4.2 there is only 17.8mb free space after OS install.
Now to disable OTA's on 4.2.2 we need to find away to disable out right com.nvidia.ota.GCMintentService and com.nvidia.ota.DownoadService as that on 4.2.2 is the OTA updater.
Now i have tried FOTAKill.apk but that doesn't cover the com.nvidia.ota parts at all and using Disable Service.apk doesn't do anything it still runs.
As for the SBK signing which was used in Tegra 2 and 3 products we need to dump the sbk key in a decrypted format so when using nvflash we can use the --sbk <SBK CODE> to flash with.
Now the SBK is unique to each tablet i would think but i will look into that, when i have the time. If your already bricked then the only other thing you can do with your warrenty being void is talk to nvidia like ehfff did.
Now i am going to sign up to Nvidia's Dev area and have a look at https://developer.nvidia.com/tegra-4-technical-reference-manual see if that sheds some light.
Edit: 2 (Should go Directly to OP first post!!!!!)
To kill the OTA on Android 4.2.2 on the Tegra Note 7 you must chmod the following file TegraOTA.apk .
to do this you must have root which if you have 4.2.2 you should be rooted already by now using the Root_n7.img with the fastboot boot root_n7.img from fastboot.
type the following in order and exactly like this.
$su
# mount -o rw,remount /system
# cd system/app
# chmod 000 TegraOTA.apk
# reboot (if it quits you out of ADB then just use adb reboot)
System Updates is now disabled on your device!
Edit: Got a new Tablet under replacement, So now its time to find away to kill the OTA updater.
I suggest if your still on 4.2.2 is for now to stay there as 4.2.2 has a unlocked Bootloader by default and is not SBK signed.
SBK Signed is the reason for some of us are getting bricks when using the likes of super tools to update to 4.4.2. SBK signing came with the OTA 4.3 which is why when on 4.3 we do a fastboot oem unlock why we get the red text about Warrenty. Once SBK signing is on thats it Nvflash then talks when flashing in a encrypted format and without the SBK AES128bit keys nvflashing the wrong APX will result in SBK and DK showing fused which then bricks the tablet, this intern causes the reboot loop brick.
So if you on 4.3 and want to go back to 4.2.2 you can't and its the same with 4.4.2 to 4.3 it will brick your device if your blob.bin and the sbk is not correct.
Also in 4.2.2 /System partition there is 178mb free space yet on 4.3 and 4.4.2 there is only 17.8mb free space after OS install.
Now to disable OTA's on 4.2.2 we need to find away to disable out right com.nvidia.ota.GCMintentService and com.nvidia.ota.DownoadService as that on 4.2.2 is the OTA updater.
Now i have tried FOTAKill.apk but that doesn't cover the com.nvidia.ota parts at all and using Disable Service.apk doesn't do anything it still runs.
As for the SBK signing which was used in Tegra 2 and 3 products we need to dump the sbk key in a decrypted format so when using nvflash we can use the --sbk <SBK CODE> to flash with.
Now the SBK is unique to each tablet i would think but i will look into that, when i have the time. If your already bricked then the only other thing you can do with your warrenty being void is talk to nvidia like ehfff did.
Now i am going to sign up to Nvidia's Dev area and have a look at https://developer.nvidia.com/tegra-4-technical-reference-manual see if that sheds some light.
Edit: 2 (Should go Directly to OP first post!!!!!)
To kill the OTA on Android 4.2.2 on the Tegra Note 7 you must chmod the following file TegraOTA.apk .
to do this you must have root which if you have 4.2.2 you should be rooted already by now using the Root_n7.img with the fastboot boot root_n7.img from fastboot.
type the following in order and exactly like this.
$su
# mount -o rw,remount /system
# cd system/app
# chmod 000 TegraOTA.apk
# reboot (if it quits you out of ADB then just use adb reboot)
System Updates is now disabled on your device!
Last edited:
So the bootloader_signed.bin is used to talk to the signed core on the device, and the bootloader.bin on those with older images that aren't signed.
Other means could be to iptable the ip.
I used to get this piped out to the console when using an old nvflash in experiments.
"chip uid from BR is: 0x600000015c4192010c0000000ffe0400"
Unique, or of use?
0x600000015c4192010c0000000ffe0400 is not the SBK if we are going by tegra 2 and 3 standard as it was in groups like 0x0000 0x0000 0x0000 0x0000 and its not enough for a SBK. thats why i am after a DEV image with the APX that way its not signed and maybe able to push it to the device to get it going again but i am now waiting on a reply from the mobile team.
Yeah I wasn't implying it was the skey. It may have something to do with interfacing an encrypted tunnel, though.
To tell you the truth I haven't spent enough time researching the APX protocol, or what's been documented on it. I'm fairly new to Android hacking, even though I flashed and done basics for past few years.
Last edited:
This is my first APX recovery android device its a bit different from flashing my desire HD or HTC. Wildfire thats for sure what I have learnt so far is based on Tegra 2 and 3 as 4 and 4i are new not much is known about it. It was the same with the nexus 7 2012 edition which was a Tegra 3 but the key was found in the end. Problem is if the SBK is device unique like it was with the other the ones that are bricked might struggle. Let's just hope there is a brand master key.. We are all learning about Tegra 4 and 4i weather we a veterans or not. Ideas are best shared at the end of the day. But at least people on 4.2.2 can kill the OTA updater for now thus saving them from the updates that cause the bricks.
Sent from my TegraNote-P1640 using XDA Premium 4 mobile app
EDIT: (PC) I have a Mission if you Choose to accept!!!!
Operation SBK Finder:
In this mission we need the Following requirements .
If you can do the above please PM me once we have a collection of information then we can probe the kernel into showing the key.
Commands you will be using via ADB with will be using SU (Hence Root Requirement). It will not brick your device as this is just a looking about and parsing logs.
List of Log Parsing Commands: (Thanks to TonyP's Thread!)
Next batch of commands is in adb shell with SU.
Once you get these logs i would like you to zip them with just the brand name and if they are within the XDA's upload file size requirement attach them to your post if note please use an external site and link directly to the download please. Mega GDrive OneDrive would be ideal.
So why is the SBK key so important and why am i hunting it to find if its Brand or Per Device bound.
The main reason for this search is to find the SBK so you can have a Totally Unbrickable tablet as it currently stands and i have found this out myself is you can Only flash X amount of times using APX after the OTA updates before we get a SBK Fuse fail marker and or DK Fuse fail marker once this happens we get the famous Power Down loop i.e you can boot all the way to just loading android fully and then it goes to shutdown. This is due to the kernel looking at the status of the SBK and DK fuse, from what i can gather if it shows as fail the kernel simply tells the tablet to shutdown.
Now the SBK key when used in APX resets that check back to working and not false and also allows use to flash the device to our hearts content without the worry of bricking our device.
The current Unbricking is basically Software and that will cause a hard brick after time. the SBK key is for that hardware brick!!
So who is with me!!! lets find this key.
P.S: If like its counter parts a SBK key file might be in /sys/firmware/fuse and might be called secure_boot_key it might be called something else if you find it all i want is for now the know the location to it.
Sent from my TegraNote-P1640 using XDA Premium 4 mobile app
EDIT: (PC) I have a Mission if you Choose to accept!!!!
Operation SBK Finder:
In this mission we need the Following requirements .
- Two Users Per Device Brand
- Official OTA Devices to either Android 4.3 or 4.4.2 (If you haven't had a Official OTA and have super tools sorry you can not help!)
- You must be bootloader Unlocked and rooted
- You must have ADB Drivers and ABD access (If you have a rooted device then you have this)
- You must be able to use ADB for searching for the SBK Key file and to parse logs for uploading (Logs being Logcat, Last_Kmsg and Dmsg!)
If you can do the above please PM me once we have a collection of information then we can probe the kernel into showing the key.
Commands you will be using via ADB with will be using SU (Hence Root Requirement). It will not brick your device as this is just a looking about and parsing logs.
List of Log Parsing Commands: (Thanks to TonyP's Thread!)
- adb logcat -v time -d > logcat.txt
Next batch of commands is in adb shell with SU.
- dmesg > /sdcard/dmesg.txt
- cat /proc/last_kmsg > /sdcard/last_kmsg.txt
- cat /proc/kmsg > /sdcard/kmsg.txt
Once you get these logs i would like you to zip them with just the brand name and if they are within the XDA's upload file size requirement attach them to your post if note please use an external site and link directly to the download please. Mega GDrive OneDrive would be ideal.
So why is the SBK key so important and why am i hunting it to find if its Brand or Per Device bound.
The main reason for this search is to find the SBK so you can have a Totally Unbrickable tablet as it currently stands and i have found this out myself is you can Only flash X amount of times using APX after the OTA updates before we get a SBK Fuse fail marker and or DK Fuse fail marker once this happens we get the famous Power Down loop i.e you can boot all the way to just loading android fully and then it goes to shutdown. This is due to the kernel looking at the status of the SBK and DK fuse, from what i can gather if it shows as fail the kernel simply tells the tablet to shutdown.
Now the SBK key when used in APX resets that check back to working and not false and also allows use to flash the device to our hearts content without the worry of bricking our device.
The current Unbricking is basically Software and that will cause a hard brick after time. the SBK key is for that hardware brick!!
So who is with me!!! lets find this key.
P.S: If like its counter parts a SBK key file might be in /sys/firmware/fuse and might be called secure_boot_key it might be called something else if you find it all i want is for now the know the location to it.
Last edited:
I could probably help with a 4.4 scan. My tablet is EVGA and I have a Homecare Flyone that is failing due to incompatible core files. At the moment I'm a little busy but I will do the scan outs asap when I get time.
Thumbs up,
Thanks mate. I downloaded the 4.3 OTA via the OTA updater on tablet but was unable to even open it up. If we can a way to do what they did withe the Nexus 7 2012 then it would make life a lot easier. Still looking for CPU UID though. I have found some files in 4.2.2 and still checking them for relevance to what I am trying to achieve. Thanks for you reply though.
Sent from my TegraNote-P1640 using XDA Premium 4 mobile app
Edit(PC):
I have now OTA updated to 4.3, unlocked the bootloader and rooted. Certain apps have forced me to update to 4.3 so i can now at least start making some progress again on finding the SBK.
Hopefully i don't get issues don't want to be getting another one LOL. Lets just hope i can keep my 11 hours battery life total on this version of android.
Sent from my TegraNote-P1640 using XDA Premium 4 mobile app
Edit(PC):
I have now OTA updated to 4.3, unlocked the bootloader and rooted. Certain apps have forced me to update to 4.3 so i can now at least start making some progress again on finding the SBK.
Hopefully i don't get issues don't want to be getting another one LOL. Lets just hope i can keep my 11 hours battery life total on this version of android.
Last edited:
OK I need some people to test something for me. Based on the TEGRA 2&3 where the CPU ID was used for SBK, I downloaded a CPU Info app which gave me a CPU serial. So I need some volunteers to download either a CPU Info or Quadrant Standard to get their CPU Serial so I can check to see if its the same as mine or different.
Here is mine as a screenshot. If you could PM me or Attach your serial if possible we might be one step from a total unbrickable tablet via APX.
I will also try and find a way of getting a working blob and bootloader as well.
Sent from my TegraNote-P1640 using XDA Premium 4 mobile app
Here is mine as a screenshot. If you could PM me or Attach your serial if possible we might be one step from a total unbrickable tablet via APX.
I will also try and find a way of getting a working blob and bootloader as well.
Sent from my TegraNote-P1640 using XDA Premium 4 mobile app
Attachments
I'm guessing I need root to view the serial number? It isn't displayed on mine. I won't have time to gain root for a few days, but I'll report back once I do.
nope just quadrant standard or any cpu info app.
CPU Serial: 066803e804000000
SBK possibility: 0x6C210000 0x406F0700 0xF0D1E302 0x306EE402
So that is the same as mine so it might no be a SBK... Need some with a bricked tablet in APX mode to send it nvflash --SBK just to check if it works.
Sent from my TegraNote-P1640 using XDA Premium 4 mobile app
Sent from my TegraNote-P1640 using XDA Premium 4 mobile app
Super Tool Has Been Updated to 2.4 OTA Enjoy
Stock rom based on OTA 2.4 can be found here http://rootjunkysdl.com/?device=Tegra%20Note%207&folder=Rom%20Stock%204.4.2-2.4
Stock rom based on OTA 2.4 can be found here http://rootjunkysdl.com/?device=Tegra%20Note%207&folder=Rom%20Stock%204.4.2-2.4
Last edited:
Our Apps
Get our official app!
The best way to access XDA on your phone
Nav Gestures
Add swipe gestures to any Android
One Handed Mode
Eases uses one hand with your phone