วันพุธที่ 8 กรกฎาคม พ.ศ. 2558

NVRAM backup


https://cooltrainer.org/samsung-galaxy-s-iii-sgh-i747-complete-cm10-update-guide/
Samsung Galaxy S III (SGH-i747) Complete CM10 Update Guide

2012-11-28 14:11


My employer graced me with an awesome new flagship Android handset, the AT&T variant (SGH-i747 / d2att) of Samsung’s Galaxy S III. The hardware is powerful and sleek, but I find Samsung’s Touchwiz UI skin less usable and much less attractive than Google’s AOSP UI. Luckily, there are many AOSP-derived versions of Android available. Let’s switch to one!


In celebration of the stable release of Cyanogenmod 10.0, a popular AOSP-based third-party version of Android, here’s a complete guide to take an unmodified i747 to CM10 without tripping the device’s internal flash counter.
Preparation





Install the Android SDK on your computer. This guide assumes you have the platform-tools directory in yourPATH environment variable, such as PATH=$PATH:/Applications/android-sdk-macosx/platform-tools. You will use adb, the Android Debug Bridge, to control and communicate with your handset from your computer over USB.


Enable USB debugging on your handset in System Settings under the Developer Options section. Connect the device to your computer, and you should be able to see your device listed in adb devices.

adb devices

List of devices attached
28108e4e device



NVRAM backup


Before continuing, trigger your device’s built-in method to back up the IMEI and carrier identification data stored in NVRAM. This will copy the contents of the modemst1 (mmcblk0p12) partition to fsg (mmcblk0p21) and the contents of modemst2(mmcblk0p13) to backup (mmcblk0p20). The data in these partitions identifies your device to its mobile network for data service and can be lost as one result of a bad flash.



adb reboot nvbackup





Your device will reboot and display two lines of small blue text momentarily as the backup commenses. The process takes no more than a few seconds. Should you ever need to restore, adb reboot nvrestore. Do not attempt an nvrestore if you haven’t performed your own nvbackup or you will find your IMEI overwritten with the all-zeros factory backup.
Obtain root


Most other SGS3 root guides involve flashing a modified OS image with Samsung’s ODIN flasher. Running ODIN was a fantastic frustration on my Macbook, so I prefer this debugfs method originally covered on XDA-Developers. This exploit works by symbolically linking the /system partition’s block device to a temporary location and editing the filesystem with the debugfs ext filesystem debugger to inject the su binary into that otherwise-protected partition.


Download the archive, extract it, then use adb to move the debugfs and su binaries to the /data/local/ directory on your device.



adb push /Users/nicolereid/Downloads/debugfs_su/debugfs /data/local/
adb push /Users/nicolereid/Downloads/debugfs_su/su /data/local/





Open a shell on your device. Commands executed inside the adb shell run on your handset.



adb shell





Inspect the available block devices to make sure we’re operating on the correct partitions. system should mount from mmcblk0p14and recovery from mmcblk0p18.

shell@android:/ $ ls -al /dev/block/platform/msm_sdcc.1/by-name

lrwxrwxrwx root root 1970-02-07 01:11 aboot -> /dev/block/mmcblk0p5
lrwxrwxrwx root root 1970-02-07 01:11 backup -> /dev/block/mmcblk0p20
lrwxrwxrwx root root 1970-02-07 01:11 boot -> /dev/block/mmcblk0p7
lrwxrwxrwx root root 1970-02-07 01:11 cache -> /dev/block/mmcblk0p17
lrwxrwxrwx root root 1970-02-07 01:11 efs -> /dev/block/mmcblk0p11
lrwxrwxrwx root root 1970-02-07 01:11 fota -> /dev/block/mmcblk0p19
lrwxrwxrwx root root 1970-02-07 01:11 fsg -> /dev/block/mmcblk0p21
lrwxrwxrwx root root 1970-02-07 01:11 grow -> /dev/block/mmcblk0p23
lrwxrwxrwx root root 1970-02-07 01:11 modem -> /dev/block/mmcblk0p1
lrwxrwxrwx root root 1970-02-07 01:11 modemst1 -> /dev/block/mmcblk0p12
lrwxrwxrwx root root 1970-02-07 01:11 modemst2 -> /dev/block/mmcblk0p13
lrwxrwxrwx root root 1970-02-07 01:11 pad -> /dev/block/mmcblk0p9
lrwxrwxrwx root root 1970-02-07 01:11 param -> /dev/block/mmcblk0p10
lrwxrwxrwx root root 1970-02-07 01:11 persist -> /dev/block/mmcblk0p16
lrwxrwxrwx root root 1970-02-07 01:11 recovery -> /dev/block/mmcblk0p18
lrwxrwxrwx root root 1970-02-07 01:11 rpm -> /dev/block/mmcblk0p6
lrwxrwxrwx root root 1970-02-07 01:11 sbl1 -> /dev/block/mmcblk0p2
lrwxrwxrwx root root 1970-02-07 01:11 sbl2 -> /dev/block/mmcblk0p3
lrwxrwxrwx root root 1970-02-07 01:11 sbl3 -> /dev/block/mmcblk0p4
lrwxrwxrwx root root 1970-02-07 01:11 ssd -> /dev/block/mmcblk0p22
lrwxrwxrwx root root 1970-02-07 01:11 system -> /dev/block/mmcblk0p14
lrwxrwxrwx root root 1970-02-07 01:11 tz -> /dev/block/mmcblk0p8
lrwxrwxrwx root root 1970-02-07 01:11 userdata -> /dev/block/mmcblk0p15





Rename the original tmp directory, then link /system’s block device there and exit your adb shell.

shell@android:/ $

cd /data/local
mv tmp tmp.back
ln -s /dev/block/mmcblk0p14 tmp
exit





Reboot the device.



adb reboot





Grab another shell on the freshly-booted device. Make the debugfs binary executable, then use it to edit the block device you just linked to tmp.



adb shell
shell@android:/ $

toolbox chmod 755 /data/local/debugfs
/data/local/debugfs -w /data/local/tmp





At the debugfs: prompt, enter the xbin directory, remove the dummy su binary, inject the new su, make it executable, and set its ownership to 0:0.


Note: expect a “File not found by ext2_lookup while trying to resolve filename” error when removing the dummy su. Just continue.

debugfs:

cd xbin
rm su
write /data/local/su su
set_inode_field su mode 0106755
set_inode_field su uid 0
set_inode_field su gid 0
quit





With that done, remove the block device symlink, restore the original tmp, and reboot the device.

shell@android: $

cd /data/local
rm tmp
mv tmp.back tmp
exit


adb reboot





Grab a shell on the rebooted device and run the su binary we injected.



adb shell
shell@android:/ $

/system/xbin/su





You should get a root user shell. Run id to check.

root@android:/ #

id





Are you uid=0 / gid=0? Success!
Update su





Install Superuser from the Play Store and use it to update the copy of su we just injected.
Custom Recovery


“Recovery” in the Android world refers to a bootable partition separate from the main OS providing functionality such as backups and backup restoration, installing system updates, and wiping user data. Replacing Samsung’s recovery with a third-party version allows you to install update archives not signed by the manufacturer, including Cyanogenmod.


Download the latest d2att version of TWRP and push it to your device with adb.



adb push /Users/nicolereid/Downloads/openrecovery-twrp-2.3.1.0-d2att.img /sdcard/





Copy the custom recovery image over the recovery partition’s block device with dd, then reboot to your new recovery. Exercise caution with dd, and double-check your command before accidentally overwriting an incorrect partition.

shell@android:/ $

su
dd if=/sdcard/recoveryfilename.img of=/dev/block/mmcblk0p18





Reboot to your newly-installed recovery.

shell@android:/ $

reboot recovery





Create a complete (OS, apps, user data) backup of your stock Samsung firmware in recovery by tapping “Backup”, and swiping to start. This backup contains the entire Android operating system, all installed applications, and all user data. You can restore this backup at any time if you find yourself dissatisfied with CM10.


Return to the main menu of TWRP and touch “Reboot” then “System” to exit recovery and boot Android.


Note: You may see ClockworkMod Recovery (CWM) mentioned elsewhere around the web. CWM is another extremely popular third-party recovery for Android devices and is functionally equivalent to TWRP.
User data backup





With superuser access you can now install TitaniumBackup and use it to back up your applications and settings individually for later restoration in CM.


Back up (“App+Data”) any application you want to save along with “Accounts” (your Google account information), saved Wi-Fi passwords, SMS/call history, and anything else that catches your eye. The paid version of the application, pictured here, supports batch backup.
:files:


Fetch the newest stable release of Cyanogenmod for d2att. That’s 10.0 at the time of this writing, cm-10.0.0-d2att.zip. This is the base Android operating system.


Grab the newest Google Apps (“gapps”) package matching your Android version. CM10 is based on Android 4.1, “Jelly Bean”, so download the latest jb gapps package compatible with that version. At the time of this writing it’s gapps-jb-20121011-signed.zip. This contains the Play Store, Google accounts support, and other proprietary Google applications not included in Cyanogenmod.


Note: Check the release notes for the gapps package you’re downloading. Versions build for Android 4.2.x or newer will break the Android 4.1.2-based CM10 in catastrophic ways.


Download TitaniumBackup_latest.apk from the Titanium Backup site. You’ll side-load this to restore your Google account information in CM, since you can’t install TB from the Play Store without a logged-in Google account.


Optionally, download any additional flashable zips you want to include. I use the KT747 kernel and the flashable version of the excellentCerberus mobile device management package.


Push these files to your device in an accessible location.



adb push /Users/nicolereid/Downloads/cm-10.0.0-d2att.zip /sdcard/
adb push /Users/nicolereid/Downloads/gapps-jb-20121011-signed.zip /sdcard/
adb push /Users/nicolereid/Downloads/KT747-Kernel-AOSP-JB-ATT-11-13-2012.zip /sdcard/
adb push /Users/nicolereid/Downloads/cerberus-ICS.zip /sdcard/
adb push /Users/nicolereid/Downloads/TitaniumBackup_latest.apk /sdcard/



Erase and Flash


Reboot to recovery using the SDK.


adb reboot recovery


Clear out the remnants of the stock OS by tapping Wipe -> Factory Reset. This will erase the /data and cache partitions containing your user data and installed applications. Be sure not to erase your internal faux-SD storage or your external SD cards if you have one.


Once erased, tap “Install” at the main menu and browse to the update archives you pushed in the previous step. Flash CM itself first, then gapps, then any extras.
Restore





Reboot to your freshly-flashed CM. The Android first-run wizard will prompt for your Google account credentials. Hit “Skip” if you wish to restore your accounts through Titanium Backup.


Enable side-loading of APKs in System Settings under Security, then open CM’s included File Manager and browse to your TitaniumBackup APK. Install it, then open the application and use it to restore Accounts, applications, and anything else you backed up from the stock OS.
Miscellany


The only bit of functionality I missed from Touchwiz is Smart Stay, a feature that keeps the screen on if it detects a face with the front-facing camera. You can duplicate this functionality on AOSP by installing ISeeYou or SmartStay EX.
Conclusion





That’s it! You’re done! You may now enjoy the best of the excellent Samsung hardware, the beautiful AOSP Android interface, and the enhancements of Cyanogenmod 10.


ไม่มีความคิดเห็น:

แสดงความคิดเห็น