[Tutorial] Crossflash, Bypass OPID Mismatched Error

Search This thread

arwindr79

New member
Sep 25, 2014
3
2
Hello, thanks a lot for the guide, was able to cross-flash my Sprint G820UM to OPEN CA G820UM30c without major problems. I normally wouldn't risk it, but it was either that or buying a new phone since the apps I need for work won't work on Android 10 starting from June.
Only issue I'm having right now is that I lost the ability to make NFC payments - does anyone know of a possible solution?
On the last phone I used (a Huawei) I had a similar problem after rooting, but was able to solve it by installing a magisk plugin. Is there a chance I can recover NFC if I root the phone?

Update: as usual, the best way to figure something out is by reading the thread)) Thanks to your guys' older posts I managed to restore NFC payments and google protect certification. In case anyone's confused, here's a rough outline of things I had to do:
1) Unlock bootloader and get magisk root following this guide (it says Android 10 required, worked flawlessly on CA OP A11);
2) Backup vbmeta images with QFIL
3) With QFIL, flash engineering abl (same way we did following the root guide) and reboot to fastboot
4) Flash vbmeta images with fastboot using the commands from this post
5) With fastboot, recover the original abl images we backed up when we were unlocking the bootloader
6) Reboot into system
7) Configure Magisk stuff (enable Zygisk, Enforce Denylist, check google apps in Denylist, also consider adding your banking apps to denylist)
8) Wipe all data for Play Store and Google Services.

While the store itself says that the device is Play Protect certified, and Google Pay seems to be working fine, some other apps (LG Mobile Switch) still claim that key attestation has been deleted. Hope I won't be having any additional issues with that.
Now all that's left is to figure out the NT Code error at boot, although it doesn't really bother me much...
 
Last edited:
  • Like
Reactions: nortnil

dalponis

Member
Apr 12, 2013
24
1
Stratford
www.uniquehardware.ca
NO. You did right.
This is the last one come into my mind: Flashing vbmeta. So steps would be:
1. Flash the Korean KDZ I suggested.
2. Create backup of abl, xbl and xbl_config on both A and B sides.
3. Restore engineering files using Qfil. (attached)
4. Dump vbmeta_a or vbmeta_b and rename it as vbmeta.bin.
5. Go to Fastboot.
6. Flash vbmeta:
fastboot --disable-verity --disable-verification flash vbmeta_a vbmeta.bin
fastboot --disable-verity --disable-verification flash vbmeta_b vbmeta.bin
7. Flash the original abl, xbl and xbl_config on both sides:
fastboot flash abl_a abl_a.bin
fastboot flash xbl_a xbl_a.bin
fastboot flash xbl_config_a xbl_config_a.bin
fastboot flash abl_b abl_b.bin
fastboot flash xbl_b xbl_b.bin
fastboot flash xbl_config_b xbl_config_b.bin
8. Boot into OS.
9. Go to hidden menu and try editing NT Code.


They do not work on non stock Roms.


Don't worry about it.

I've changed mine to ("1","FFF,FFF,FFFFFFFF,FFFFFFFF,71").
I'm trying this.

When I go adb reboot fastboot or adb reboot bootloader, it just reboots into the Korean Open Android.

Can you remind me how to get to Fastboot mode?
 
Last edited:

nortnil

Member
Jul 8, 2010
37
9
This all seemed to work until reboot when I got "Current version is not available for user. Can't find matched carrier. Check NT-Code: FFFFFF : 84". My serial number is also missing now too. IMEI is intact. I have model LM-G820QM that I flashed with G820UM30b_00_VZW_US_OP_1123.kdz. It now shows model LM-G820UM.

Anyone have any pointers on how I get my serial number back and get rid of the Check NT-Code: FFFFFF : 84 to go away?
 

surgemanx

Senior Member
Jan 29, 2022
172
31
This all seemed to work until reboot when I got "Current version is not available for user. Can't find matched carrier. Check NT-Code: FFFFFF : 84". My serial number is also missing now too. IMEI is intact. I have model LM-G820QM that I flashed with G820UM30b_00_VZW_US_OP_1123.kdz. It now shows model LM-G820UM.

Anyone have any pointers on how I get my serial number back and get rid of the Check NT-Code: FFFFFF : 84 to go away?
This is what dalponis is working on is the NT Code change.The serial is still in tact,but will disappear with a crossflash using LGUP.

Edit:Oh by the way nortnil,you'll need this NT Code if you change it.Best of luck!

"1","311,480,FFFFFFFF,FFFFFFFF,FF"
 
Last edited:

netmsm

Senior Member
Oct 3, 2010
350
158
Esfahan
I'm trying this.

When I go adb reboot fastboot or adb reboot bootloader, it just reboots into the Korean Open Android.

Can you remind me how to get to Fastboot mode?
We restore engineering fastboot files so that we can get into fastboot mode. So, follow the instructions step by step and you'll be able to enter fastboot. restart the phone and press vol+.
 

dalponis

Member
Apr 12, 2013
24
1
Stratford
www.uniquehardware.ca
We restore engineering fastboot files so that we can get into fastboot mode. So, follow the instructions step by step and you'll be able to enter fastboot. restart the phone and press vol+.
Sounds good, doing it.

When I get to the fast boot step:

fastboot --disable-verity --disable-verification flash vbmeta_a vbmeta.bin
fastboot: unknown option -- disable-verity

Fast boot says unknown option -- disable-verity

Do I need to Magisk my phone first?
 
Last edited:

nortnil

Member
Jul 8, 2010
37
9
This is what dalponis is working on is the NT Code change.The serial is still in tact,but will disappear with a crossflash using LGUP.

Edit:Oh by the way nortnil,you'll need this NT Code if you change it.Best of luck!

"1","311,480,FFFFFFFF,FFFFFFFF,FF"
Thanks for the reply surgemanx. I read through the earlier replies to see if I could determine what I needed to do. My problem is I can't even get into the hidden menu anymore. Either It gives me a ussd code running message followed by invalid mmi code or it actually places a call and I get a message saying to contact support.

I also tried to follow this guide to change it with LGUP https://www.hovatek.com/forum/thread-38827-page-2.html but I get an error 0x5A03, Unknow Process Type. PDM.

Any other guidance you can provide?
 

netmsm

Senior Member
Oct 3, 2010
350
158
Esfahan
Sounds good, doing it.

When I get to the fast boot step:

fastboot --disable-verity --disable-verification flash vbmeta_a vbmeta.bin
fastboot: unknown option -- disable-verity

Fast boot says unknown option -- disable-verity

Do I need to Magisk my phone first?
Maybe it's because of the Fastboot you have. Use the attached one.
 

Attachments

  • mini adb fastboot.zip
    1.1 MB · Views: 6

dalponis

Member
Apr 12, 2013
24
1
Stratford
www.uniquehardware.ca
Maybe it's because of the Fastboot you have. Use the attached one.
1. Flash the Korean KDZ I suggested.
Easy, did this.

2. Create backup of abl, xbl and xbl_config on both A and B sides.
4. Dump vbmeta_a or vbmeta_b and rename it as vbmeta.bin.
Done using QFIL.

3. Restore engineering files using Qfil. (attached)
Loaded_images with QFIL.

5. Go to Fastboot.
Done, fastboot works.

6. Flash vbmeta:
fastboot --disable-verity --disable-verification flash vbmeta_a vbmeta.bin
fastboot --disable-verity --disable-verification flash vbmeta_b vbmeta.bin
It worked with your modifed fastboot.exe.

7. Flash the original abl, xbl and xbl_config on both sides:
fastboot flash abl_a abl_a.bin
fastboot flash xbl_a xbl_a.bin
fastboot flash xbl_config_a xbl_config_a.bin
fastboot flash abl_b abl_b.bin
fastboot flash xbl_b xbl_b.bin
fastboot flash xbl_config_b xbl_config_b.bin
No problems here.

8. Boot into OS.
Done,

9. Go to hidden menu and try editing NT Code.
it still won't let me change anything

I've tried this twice, even erasing abl_a xbl_a and xbl_config_a before loading engineering files. Even erasing VBmeta_a and vbmeta_b with QFIL in EDL prior to reboot and fastboot --disable-verity.
 
Last edited:

netmsm

Senior Member
Oct 3, 2010
350
158
Esfahan
it still won't let me change anything
I gave my all for this and I should say that's an example of a really weird case!
I remember that there was some talks about putting NT Code in a file in this thread. Maybe it's your last chance so search for all posts here containing the phrase "NT Code". However, as far as I know to make that method working flashing vbmeta is necessary.
 

netmsm

Senior Member
Oct 3, 2010
350
158
Esfahan
I'll keep trying but I think this ATT phone is really locked to ATT
Maybe there's something in hidden partitions that prevents NT Code from getting changed. There's one way to make sure about this: You need to flash the phone in "chip erase" mode. But before chip erase create backup. After flashing is completed you need to flash it again to bypass the OPID error.
Then go for flashing vbmeta...
Do not restore ftm and LUN5 partitions until after editing NT Code.
 

surgemanx

Senior Member
Jan 29, 2022
172
31
Maybe there's something in hidden partitions that prevents NT Code from getting changed. There's one way to make sure about this: You need to flash the phone in "chip erase" mode. But before chip erase create backup. After flashing is completed you need to flash it again to bypass the OPID error.
Then go for flashing vbmeta...
Do not restore ftm and LUN5 partitions until after editing NT Code.
I'm working with it also netmsm,and seeing what I can get around on a test G8x I have.So far,I have re-tried the same methods he has,and it still shows it as IMPL 1 in the MID menu and won't let you edit anything.My biggest issue I have the Sprint variant,and I have a complete LUNS backup of that firmware,but none of the dialer codes work.I'm currently crossflashed to G85030bQM,and I'll make a LUNS of it and reflash it and skip LUNS 5 and try it.I need to be able to edit the NT Code as well because I have it cross flashed so it's good experience...lol...
 

netmsm

Senior Member
Oct 3, 2010
350
158
Esfahan
I'm working with it also netmsm,and seeing what I can get around on a test G8x I have.So far,I have re-tried the same methods he has,and it still shows it as IMPL 1 in the MID menu and won't let you edit anything.My biggest issue I have the Sprint variant,and I have a complete LUNS backup of that firmware,but none of the dialer codes work.I'm currently crossflashed to G85030bQM,and I'll make a LUNS of it and reflash it and skip LUNS 5 and try it.I need to be able to edit the NT Code as well because I have it cross flashed so it's good experience...lol...
Also my G8 is Sprint and if I remember it correctly it was showing IMPL=1 before erasing LUN5 and chip erase.
Don't forget to make backup of FTM and do not restore it until after editing NT Code.
 

Sufi101

New member
May 27, 2022
3
0
so when i click partition maneger this happens. this is the first time im doing something like this so if there are additional guidelines i should be ffollowing please let me know. do i need xml files? if so where do i get them? my phone is an lg g8 thinq from at&t
 

Attachments

  • 1654059448422.png
    1654059448422.png
    231.5 KB · Views: 18

Top Liked Posts

  • There are no posts matching your filters.
  • 2
    issue as of now is blank SN..
    Restore the original FTM.
    1
    UPDATE: I was able to flash the kdz file, but unfortunately I get OPID Mismatched error and bootloop... What can I do next? Can I flash original firmware with LG UP? If yes, what option should I choose? Upgrade? Refurbish?
    Refurbish if you're going back to a stock rom.
    1
    English
    Hmm, I have no idea why this happened but I've flashed "KDZ" several different times and the gyroscope issue still persists.


    How would I do the "doing a complete deletion of the flash" is it by "QFILE" or by "LGUP"?

    Spanish
    mmm, no tengo idea de porque pasó esto pero he flasheado varias veces diferentes "KDZ" y aun sigue el problema del giroscopio.


    como haría el "haciendo un borrado completo del flash" es por "QFILE" o por "LGUP"?
    While it may be possible through lgup, I don't know how to do it. I did it through QFIL, just make sure to make a complete backup of your LUNS (follow netmsm's method) in case anything goes wrong. Also when deleting the flash, don't erase the GPT or your partition manager will be blank and you will have to do extra work to restore it.
    1
    Do I need to do some extras since it's a roll back or it doesn't matter and just go with the tutorial ?
    I've done this many times on LG G8 without any issue but on V50 I didn't. You may give it a go, however create backup before going for crossflash.
    1
    Thank you very much for answering kind Sir. :)
    Glad to help =)
  • 34
    Hi there ;)
    Thanks to all other guys here who have made helpful development to tame this beautiful =)

    LG has made things difficult in flashing custom and even stock roms by this new OPID thing! It prevents us from crossflashing but we have been able to use TWRP and change the system and some other partitions to have a different rom. We had to make some changes into OP partition using HxD editor.
    But now, through this tutorial, we're able to flash any rom without the need to change OPID in OP partition. Also, there is no need to root or unlock boot-loader.
    I was successful to do this on some G8 (LMG820UM) but I AM NOT RESPONSIBLE FOR ANY HARM TO YOUR PHONE!

    By continuing to read the following instructions you are actually accepting the risk.


    IMPORTANT!
    first, MAKE A FULL BACKUP OF ALL PARTITIONS; and I mean it!!!
    at least, for your sake, make a backup of "modemst1, modemst2, fsg, fsc, ftm" partitions, for emergency.


    Requirements
    QPST and Qualcomm USB Driver (get)
    LGE SM8150 Firehose (get)
    LGUP 1.16.0.3 (get)
    LGUP_Common.dll (get)
    UI_Config.lgl (get)
    LG Mobile Driver 4.4.2 (get)


    Preparation
    1. Install QPST and Qualcomm USB Driver.
    2. Install LGUP.
    3. Find the folder named "model" in the installation directory of LGUP, then Create a folder named "common" in the "model" folder.
    4. Move "LGUP_Common.dll" and "UI_Config.lgl" into "common" folder. Change the attribute of "UI_Config.lgl" to read only.
    5. Install LG Mobile Driver 4.4.2.


    Steps
    A)
    1. Open QFIL.
    2. Change "Storage Type" to UFS.
    3. Select "Flat Build".
    4. Browse for "LGE SM8150 Firehose" and pick it.
    5. Now, connect the phone to PC and boot into EDL mode.
    6. Open "Select Port" and select the phone, press OK.
    7. In "Tools" open the "Partition Manager".

    B)
    !!!BE CAREFUL TO DO EXACTLY AS THE INSTRUCTIONS SAY OR YOU WILL BRICK THE PHONE!!!
    1. Make a backup of and erase these 7 partitions: FTM, Modem_A, Modem_B, SID_A, SID_B, OP_A, OP_B.
    1.1. You have to left-click on a partition then right-click on it and select "Manage Partition Data".
    1.2. In the pop-up window, you have 4 choices: I. Erase (to erase data on the partition), II. Read Data (to dump or back up the partition), III. Load Image (to restore the partition), IV. Close (to close the window).
    1.3. First dump/back up the partition by choosing "Read Data" then Erase it.
    2. Close the "Partition Manager" window.
    3. Wait for 5 seconds then press Vol- and Power until it restart.
    3.1. Immediately after rebooting, Release the Vol- and Power buttons and press Vol+ to get into Download Mode.
    Note: Do not let the phone to begin to boot! If it begins to boot, it may regenerate the SID and FTM partitions data and so you need to redo the whole step B.

    C)
    1. Open LGUP.
    2. Pick your favorite KDZ.
    3. Select "PARTITION DL".
    4. Press Start. And a pop-up window will appear. In this window you can select which partitions to be flashed.
    5. Here, uncheck these partitions: SID_A and SID_B. It will make it able to bypass the OPID Mismatched Error.
    6. If you are in Sprint or other platforms you will get the message whether to change the model or not. Of course you know what to do =)

    after completing the process it will boot up in some minutes and before starting the customization it will do one restart. just be patient.
    4
    Hey good for you, so the Open a11 must be the Kor version right? Either way, could u do a big favor and try to get to recovery? Of course don't erase anything, but just verify you can get to the recovery screen?

    thnx!

    So, we just got this sorted. Thanks to SGMarkus as he mentioned it's the ftm partition that controls recovery access and fastboot access. So, with the newly flashed kdz, as it is, you can't even get to fasboot although u flashed the eng abl to it.

    But! Restore your old ftm, after flashing, and then you'll get access to both recovery and ability to get to fastboot after flashing eng abl.

    cheers!
    3
    Some pictures of flashing my LMG820UM, unlocked from Sprint, into OPEN_CA 20j. In normal mode you cannot flash SPR_US to OPEN_CA which is shown in the pictures. But using this thread instruction it allows to flash, even it asks to change the model from SPR_US to OPEN_CA :D
    Until performing the instructions, it shows the "id: 2(SPR_US)" on the Download Mode screen, but after that it cannot recognize the phone model id and shows "id: 0()" :D
    Have fun ^_^
    3
    I would like to know the following:
    (1) first, MAKE A FULL BACKUP OF ALL PARTITIONS; and I mean it!!! How, exactly, does one make this full backup? How does it get restored if needed?
    (2) 1. Make a backup of and erase these 5 partitions: FTM, Modem_A, Modem_B, SID_A, SID_B, OP_A, OP_B. What does this mean, exactly? What tool is being used for this?
    (3)If you are in Spring or other platforms you will get the message whether to change the model or not. Of course you know what to do =). I do not know what to do. It is not helpful to write such a vague, obtuse instruction.

    I don't speak for netmsm, and he's more than capable of doing that himself.

    But, for myself, I just wanted to say I think your comments are very unfair. 1st) The guide does say exactly how to back up those partitions, you, obviously, just don't recognize that, and probably thus have no idea what the utilities mentioned in the guide do. (hint: see where qualcomm and qfil are mentioned - just before 'make a backup'.

    2nd) If u don't understand something in the guide, read the comments others have made, because it's possible someone else has already asked that question. Re the 'Of course u know what to do', you'll find others have said they got that pop-up, and others didn't. From that u can deduce, it's not **critical**. And, if anything, u realize it's kind of a joke... as in 'who want's a sprint phone anyway?' Get it?

    There's no reason to be disparaging because u can't follow a guide without having to do any thinking at all. Sometimes, a guide can be 'over our head'. I.E. u just don't have enough experience in this area. Remember, a guide writer faces a dilemma; how to get the information across, succinctly, without becoming too verbose. Too verbose and the guide becomes a book, and most of us that write guides have no desire to spend the time it takes to write a book.

    If u don't understand, ask questions, but don't be disparaging. We should all be thankful netmsm even bothered to take the time to write this!

    cheers
    3
    alright, G8x Sprint succesfully crossflashed to OPEN CA :cowboy: