rigacci.org

User Tools

Site Tools

Trace:
doc:appunti:hardware:xiaomi_mi_a1

Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Both sides previous revisionPrevious revision
Next revision		Previous revision
Last revisionBoth sides next revision
doc:appunti:hardware:xiaomi_mi_a1 [2020/03/25 16:08] – [March 2020 security update] niccolodoc:appunti:hardware:xiaomi_mi_a1 [2020/09/23 17:05] – [August 2020 security update] niccolo
Line 10: Line 10:
 ^ Internal Memory  | 32 Gb   | ^ Internal Memory  | 32 Gb   |
 ^ CPU              | Qualcomm Snapdragon 625 2.0GHz 8-core  | ^ CPU              | Qualcomm Snapdragon 625 2.0GHz 8-core  |
 +^ Architecture     | arm64-v8a  |
 ^ Screen           | 5.5 Inches, 1920 x 1080  | ^ Screen           | 5.5 Inches, 1920 x 1080  |
 ^ Connector        | USB Type C  | ^ Connector        | USB Type C  |
Line 347: Line 348:
 </code> </code>
  
-**I got a problem** during this step: may be the **boot_b.img** was not the current one, but one of two versions before! Luckily the only negative effect was that **the WiFi was not working**. This is a **logcat** excerpt:+I got **a problem** during this step: may be the **boot_b.img** was saved from version **9.6.8.0**, not from the currently installed **10.0.14.0**. Luckily enough, the only negative effect was that **the WiFi was not working**. This is a **logcat** excerpt:
  
 <code> <code>
Line 356: Line 357:
 </code> </code>
  
-I proceeded with the standard procedure, trusting that the boot partition would be recognized as original and therefore upgradeable (remember: the update were already downloaded by the phone, so I just launched the reboot and install procedure). After some minutes and three reboots, the system was upgraded**Android v.9** and build number **PKQ1.180917.001.V10.0.19.0.PDHMIXM**. Fortunately enough the WiFi were recovered.+I proceeded with the standard upgrade path, trusting that the boot partition would be recognized as original and therefore upgraded to the new one. Remember: the update ZIP archive were already downloaded into the phone, so I just launched the **reboot and install** action. After some minutes and a few reboots, the system was upgraded to **Android v.9** build number **PKQ1.180917.001.V10.0.19.0.PDHMIXM**. Fortunately enough the WiFi were recovered.
  
 To complete the upgrade: To complete the upgrade:
  
-  - Backup the stock boot partitions +  - Copy **twrp-installer-3.3.0-2-tissot.zip** and **Magisk-v20.1.zip** into the phone internal storage. 
-  - Reinstall TWRP +  - Backup the stock boot partitions. 
-  - Reinstall Magisk +  - Reinstall TWRP. 
-  - Backup the rooted boot partitions+  - Reinstall Magisk. 
 +  - Backup the rooted boot partitions.
  
-First of all **boot into TWRP** without installing it:+First of all **run the TWRP** recovery //fastbooting// the image directly from the PC hard disk (i.e. **without installing it into the phone**):
  
 <code> <code>
Line 372: Line 374:
 </code> </code>
  
-Into //TWRP// => //Reboot// menu I verified that the **Current SlotA**. It is normal that the upgrade procedure swaps the boot partition during the upgrade. Then i backed up the stock images from a PC connected via ADB:+From //TWRP// => //Reboot// menuI verified that the **Current Slot** is **A**: it is normal that the upgrade procedure swaps the boot partition during the upgrade. Using ADB from the connected PC, I backed up the stock boot images:
  
 <code> <code>
Line 379: Line 381:
 </code> </code>
  
-Now I installed the TWRP recovery into the boot partitions: //TWRP// => //Install// => **twrp-installer-3.3.0-2-tissot.zip**. The installation warns about //Running boot image patcher on slot// A and B, and spit some harmless warnings about the **/vendor** mounting point.+Now I installed the TWRP recovery into the boot partitions: from //TWRP// => //Install// => **twrp-installer-3.3.0-2-tissot.zip**. The installation warns about //Running boot image patcher on slot// A and B, and spit some harmless warnings about the **/vendor** mounting point. It is necessary to install TWRP before Magisk, otherwise TWRP will unroot the phone during its install.
  
-After a system reboot, and again a boot into Recovery I performed //TWRP// => //Install// => **Magisk-v20.1.zip**. Once again some harmless warnings about the /vendor mounting point.+After a system reboot, and another boot into Recoverydid //TWRP// => //Install// => **Magisk-v20.1.zip**. This will install //root// on the phone(the **su** program). Once again I got some harmless warnings about the /vendor mounting point.
  
 Finally I repeated the procedure to **backup** the patched **boot_a** and **boot_b** partitions. Finally I repeated the procedure to **backup** the patched **boot_a** and **boot_b** partitions.
  
-**NOTICE**: the ADB client is active when I boot TWRP using ''fastboot boot twrp-3.3.0-2-tissot.img''. If instead I boot TWRP from the phone, the ADB client is not active.+**NOTICE**: the ADB client required to perform the ''adb pull'' command is active when I boot TWRP using ''fastboot boot twrp-3.3.0-2-tissot.img''. If instead I boot TWRP from the phone, the ADB client is not active. 
 + 
 +Once rebooted the phone into normal system, I installed the root permissions manager: **MagiskManager-v7.5.1.apk**. 
 + 
 +===== August 2020 security update ===== 
 + 
 +This is a new update from Xiaomi, still featuring **AndroidOne v.9** relase, build **PKQ1.180917.001.V10.0.24.0.PDHMIXM**. The upgrade was downloaded nightly over the WiFi. It seems impossibile to prevent such automatic download: I did not find any settings to prevent automatic upgrade download. After downloading, the phone asks to reboot to complete the upgrade. 
 + 
 +The starting conditions were: 
 + 
 +  * A/B System Updates status: **Current Slot: ?** (may be it was **A**, because after installation it is **B**). 
 +  * Bootloader is **unlocked**. 
 +  * **Magisk** and **TWRP** were installed, but may be they were hidden by accident. Infact the installation of the upgrade went OK after a reboot, whereas it should fail because the boot sector is tampered with **Magisk su**. 
 +  * **System partition** was the stock one: root privileges were never used to tamper the **/system** hierarchy. 
 + 
 +After the upgrade, I did the following to get **root again**: 
 + 
 +  * adb reboot bootloader 
 +  * fastboot boot twrp-3.3.0-2-tissot.img 
 +  * Verified from TWRP => Reboot: **Current slot: B** 
 +  * adb pull /dev/block/mmcblk0p22 boot_a.img 
 +  * adb pull /dev/block/mmcblk0p23 boot_b.img 
 +  * TWRP ⇒ Install ⇒ **twrp-installer-3.3.0-2-tissot.zip**\\ Running boot image patcher on slot a and b. 
 +  * system reboot 
 +  * adb reboot bootloader 
 +  * fastboot boot twrp-3.3.0-2-tissot.img 
 +  * TWRP ⇒ Install ⇒ **Magisk-v20.3.zip**\\ Current boot slot: _b, unpacking, patching, repacking, flashing new boot image. 
 ===== Web References ===== ===== Web References =====
  
doc/appunti/hardware/xiaomi_mi_a1.txt · Last modified: 2020/09/23 17:06 by niccolo