FORUMS
Remove All Ads from XDA
Honor 7x
Win an Honor 7X!

[Tutorial][8.0] Step-by-step guide to gain root access properly

59 posts
Thanks Meter: 23
 
By zlRampageSlz, Member on 26th May 2017, 05:46 PM
Post Reply Email Thread
Please see note section before doing anything.
Though all the instructions are updated, you may want
to read through all comments.


For Oreo (both models), patch this patch after flashing custom kernel
drmfix.zip
in the recovery BEFORE booting into system.

Before start you need to install USB driver (for Windows). If it's not working, try using Androxyde's driver instead.

To flash stock image (not required, just for newer firmware or fingerprint support)
1. Download latest Flashtool. *make sure you patch x10flasher.jar to latest version by replacing it in your installation directory (mine was 0.9.23.2).
2. Download G82XX support for Flashtool from this thread (thanks IcemanSu)
3. Extract the file to "C:\Users\<username>\.flashTool\devices\G82XX" .
4. Launch Flashtool, select Devices > Manage > Import. It should say "Loaded 95 devices" (before is 94).

2. Thanks to Androxyde, device list now includes G82XX on github so skip those steps.
3. Click Xperifirm icon (XF rightmost icon below toolbar), find and download firmware.
4. Tools > Bundle > Create. Select your firmware, choose all content then Create . If it says "a fsc script is found..." click Yes. (I tried choosing no and I cannot flash system partition (system.sin finished with errors).
5. Start devices in flash mode (hold vol. down and connect USB until LED blinking green).
6. Click Flash icon (first one) in Flashmode, select all content from bundle you created then Flash. Again, if it ask to use .fsc script, click Yes. It should finish without error.
*Device list from Github hasn't updated yet. So if you flash 41.3 (Oreo), make sure you duplicate 41.2.fsc to 41.3.fsc in C:\Users\%HOMEPATH%\.flashTool\devices\G82XX
7. Done, you can try booting to test if it works.

Starting from locked bootloader
1. Check "OEM unlocking" under developer options.
2. Unlock bootloader - follow instruction from this link. *Select Xperia XZ, it requires same unlock code as XZs. ** Data including internal storage will be wiped like typical Sony unlocking. Make sure you do some backup copy your important files out before proceed.
3. Enter fastboot - press vol. up the moment you connect USB. LED should be blue light.
4.1 Flash kernel with DRM patch *the kernel is specific to firmware version (not customizations) , so it will bootloop if you flash the wrong version.
41.3.A.0.401
41.2.A.7.76
41.2.A.7.65
41.2.A.7.53
41.2.A.4.35 dual sim
41.2.A.7.8 -.235

4.2 Flash TWRP (XZ still work perfectly) as recovery.
For new people, you can use Minimal ADB and Fastboot. Do "fastboot flash recovery <twrp_name>.img" and "fastboot flash boot <kernel_name>.img".
5. Once you installed recovery, give it a try. Enter recovery by holding power and vol. down when the phone is off (no LED).
6. Root your phone - Transfer SU flashable zip (only systemless for now, either Magisk with sony fix or SuperSU) to anywhere in the phone (MTP in recovery, OTG, external, or just boot up and download)
7. Install zip in recovery. If you can't mount internal and install SU, doing factory reset (format data) will remove encryption and do the trick. Magisk might work with encrypted data*see note below about magisk installation
8. Enjoy!

Note
(September 15 2017) To install Xposed
Don't install it with TWRP. Just install the module in Magisk Manager and you'll be fine.

(August 20, 2017) To disable force data encryption
I think I passed safety net by install magisk inside /data (with patched kernel).
Take a look at my thread. I also wrote how to modify it, so you can just download .img or do it yourself.

(July 31, 2017) To fix the green camera & other rooting problems on any firmware version ie. To use rootkernel tool (thanks tobias.waldvogel) to patch drm/ric fix.
Follow instruction from his thread.

TL;DR
- Download zip in the attactments and extract.
- Extract kernel.sin (using any archive manager eg. 7zip winrar) from your .ftf firmware.
- In Flashtool, use tool -> sin editor and extract your kernel.sin into .elf.
- Move your kernel image.elf in the same directory you just extracted.
- (Windows) Shift + right click -> open command windows here in the extracted directory and run "rootkernel <extracted elf> boot.img" (Linux) Just use terminal, cd to that directory and do the same.
- Select Y for everything except busybox.
- Done! you got patched kernel image.

(July 11, 2017) To make it compatible with magisk 13+
- Use the kernel with both DRM and RIC Protection patches so that it works well with magisk 13.1 and gets working camera.
Make sure you uninstall old version using uninstaller through TWRP or flash fresh kernel, wipe cache, install new one, then install latest magisk manager because it was made only for newer version.


If you have question or something goes wrong, feel free to ask me or other nice guys on XDA!
Thanks for everyone who contributes these contents.
Attached Files
File Type: zip patch.zip - [Click for QR Code] (438.2 KB, 38 views)
The Following 7 Users Say Thank You to zlRampageSlz For This Useful Post: [ View ] Gift zlRampageSlz Ad-Free
 
 
26th May 2017, 07:50 PM |#2  
Senior Member
Thanks Meter: 170
 
More
Nicely written tutorial!

The kernel isn't required. You could just unlock bootloader and flash magiskv12sonyfix directly and get root + pass in safetypass but causes the pictures you take to become green images.
The kernel from arjun.arora has DRM-fix embedded which solves the camera problem but then it doesn't pass in safetypass in magisk. Rather a working camera than a pass I guess.

Personally I flashed TWRP-3.0.2-4 because it mounts internal+external while the newest version only mounts external.
The Following User Says Thank You to FartyParty For This Useful Post: [ View ] Gift FartyParty Ad-Free
27th May 2017, 03:40 AM |#3  
Junior Member
Thanks Meter: 0
 
More
WOW! It works perfectly. Thank you so much!
27th May 2017, 09:43 AM |#4  
OP Member
Flag Pennsylvania
Thanks Meter: 23
 
More
Quote:
Originally Posted by CIVMC

WOW! It works perfectly. Thank you so much!

Congrats!
If you use magisk, let me know if it passes safetynet test or not. Thanks.
27th May 2017, 11:39 AM |#5  
Junior Member
Thanks Meter: 0
 
More
Quote:
Originally Posted by zlRampageSlz

Congrats!
If you use magisk, let me know if it passes safetynet test or not. Thanks.

In fact, I don't know what magisk is .
27th May 2017, 01:40 PM |#6  
Senior Member
Thanks Meter: 170
 
More
Quote:
Originally Posted by zlRampageSlz

Congrats!
If you use magisk, let me know if it passes safetynet test or not. Thanks.

It does if you skip the kernel but once you flash the kernel it doesn't pass anymore.
27th May 2017, 02:45 PM |#7  
OP Member
Flag Pennsylvania
Thanks Meter: 23
 
More
Quote:
Originally Posted by FartyParty

It does if you skip the kernel but once you flash the kernel it doesn't pass anymore.

Before I flashed this kernel, it didn't pass and got green screen too lol.
27th May 2017, 02:48 PM |#8  
Senior Member
Thanks Meter: 170
 
More
Quote:
Originally Posted by zlRampageSlz

Before I flashed this kernel, it didn't pass and got green screen too lol.

I tried a bunch of combination but everytime I flashed magisk directly after fresh new fw flash it passed, as soon as I flashed the kernel and then magick it stopped passing.

So for me, if I flashed magisk first it passes but then I get green image so I have to flash kernel and then magisk but then I lose safetypass, oh well .

Obviously not worth losing camera over safetypass.
28th May 2017, 12:07 AM |#9  
Senior Member
Thanks Meter: 69
 
More
Is X-Reality working with arjunarora DRM kernel? and where is the link to that kernel?
Quote:
Originally Posted by FartyParty

Nicely written tutorial!

The kernel isn't required. You could just unlock bootloader and flash magiskv12sonyfix directly and get root + pass in safetypass but causes the pictures you take to become green images.
The kernel from arjun.arora has DRM-fix embedded which solves the camera problem but then it doesn't pass in safetypass in magisk. Rather a working camera than a pass I guess.

Personally I flashed TWRP-3.0.2-4 because it mounts internal+external while the newest version only mounts external.

28th May 2017, 06:13 AM |#10  
OP Member
Flag Pennsylvania
Thanks Meter: 23
 
More
Quote:
Originally Posted by inteltecra1700

Is X-Reality working with arjunarora DRM kernel? and where is the link to that kernel?

It's working great. Here is the link: https://forum.xda-developers.com/xzs...a-xzs-t3607488
2nd June 2017, 12:02 PM |#11  
Junior Member
Thanks Meter: 0
 
More
this morning i unlocked bootloader, flash modified kernel and flash twrp kagura
then my phone wont boot, after sony logo directly enter twrp mode
tried flash stock rom, but failed
can someone tell whats wrong? below the log from flashtool
thanks

02/037/2017 16:37:46 - INFO - <- This level is successfully initialized
02/037/2017 16:37:47 - INFO - Flashtool Version 0.9.23.1 built on 11-01-2017 15:12:00
02/037/2017 16:37:47 - INFO - Executing search strategies to find proxy selector
02/037/2017 16:37:48 - INFO - No proxy found for IE. Trying next one
02/037/2017 16:37:48 - INFO - Strategy firefox failed trying next one : No Firefox installation found
02/037/2017 16:37:48 - INFO - No proxy found for java. Trying next one
02/037/2017 16:37:48 - INFO - Syncing devices from github
02/037/2017 16:37:48 - INFO - Opening devices repository.
02/037/2017 16:37:48 - INFO - Scanning devices folder for changes.
02/038/2017 16:38:04 - INFO - Changes have been found. Doing a hard reset (removing user modifications).
02/038/2017 16:38:04 - INFO - Pulling changes from github.
02/038/2017 16:38:05 - INFO - Quietly closing devices repository.
02/038/2017 16:38:05 - INFO - Devices sync finished.
02/038/2017 16:38:05 - INFO - Loading devices database
02/038/2017 16:38:05 - INFO - Loaded 94 devices
02/038/2017 16:38:05 - INFO - Starting phone detection
02/038/2017 16:38:10 - INFO - Device connected in flash mode
02/038/2017 16:38:29 - INFO - Loading devices database
02/038/2017 16:38:29 - INFO - Loaded 95 devices
02/039/2017 16:39:23 - INFO - Selected Bundle for Sony Xperia XZs(G8232). FW release : 41.2.A.0.235. Customization : Customized SG
02/039/2017 16:39:23 - INFO - Preparing files for flashing
02/041/2017 16:41:11 - INFO - Please connect your device into flashmode.
02/041/2017 16:41:12 - INFO - Opening device for R/W
02/041/2017 16:41:13 - INFO - Reading device information
02/041/2017 16:41:13 - INFO - Phone ready for flashmode operations.
02/041/2017 16:41:13 - INFO - Opening TA partition 2
02/041/2017 16:41:13 - INFO - Current device : G8232 - BH902M7972 - 1307-9001_R4D - 1306-8087_41.2.A.0.219 - GENERIC_41.2.A.0.219
02/041/2017 16:41:13 - INFO - Closing TA partition
02/041/2017 16:41:13 - INFO - Start Flashing
02/041/2017 16:41:13 - INFO - No loader in the bundle. Searching for one
02/041/2017 16:41:13 - INFO - No matching loader found
02/041/2017 16:41:13 - WARN - No loader found or set manually. Skipping loader
02/041/2017 16:41:13 - INFO - Loader : S1_Root_de8d - Version : 1299-4832_S1_Boot_MSM8996_LA2.0_N_115 / Boot version : 1299-4832_S1_Boot_MSM8996_LA2.0_N_115 / Bootloader status : ROOTED
02/041/2017 16:41:13 - INFO - Max packet size set to 4M
02/041/2017 16:41:13 - INFO - USB buffer size set to 512K
02/041/2017 16:41:25 - INFO - Parsing boot delivery
02/041/2017 16:41:25 - INFO - No flash script found.
02/041/2017 16:41:25 - INFO - Flash script is mandatory. Closing session
02/041/2017 16:41:25 - INFO - Ending flash session
02/041/2017 16:41:25 - INFO - Flashing finished.
02/041/2017 16:41:25 - INFO - Please unplug and start your phone
02/041/2017 16:41:25 - INFO - For flashtool, Unknown Sources and Debugging must be checked in phone settings
02/041/2017 16:41:25 - INFO - Device connected in flash mode
Post Reply Subscribe to Thread

Guest Quick Reply (no urls or BBcode)
Message:
Previous Thread Next Thread
Thread Tools Search this Thread
Search this Thread:

Advanced Search
Display Modes