User Tools

Site Tools


doc:appunti:hardware:xiaomi_mi_a1

Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Both sides previous revisionPrevious revision
Next revision
Previous revision
doc:appunti:hardware:xiaomi_mi_a1 [2020/03/25 16:09] – [March 2020 security update] niccolodoc:appunti:hardware:xiaomi_mi_a1 [2020/09/23 17:06] (current) – [August 2020 security update] niccolo
Line 10: Line 10:
 ^ Internal Memory  | 32 Gb   | ^ Internal Memory  | 32 Gb   |
 ^ CPU              | Qualcomm Snapdragon 625 2.0GHz 8-core  | ^ CPU              | Qualcomm Snapdragon 625 2.0GHz 8-core  |
 +^ Architecture     | arm64-v8a  |
 ^ Screen           | 5.5 Inches, 1920 x 1080  | ^ Screen           | 5.5 Inches, 1920 x 1080  |
 ^ Connector        | USB Type C  | ^ Connector        | USB Type C  |
Line 347: Line 348:
 </code> </code>
  
-**I got a problem** during this step: may be the **boot_b.img** was not the current one, but one of two versions before! Luckily the only negative effect was that **the WiFi was not working**. This is a **logcat** excerpt:+I got **a problem** during this step: may be the **boot_b.img** was saved from version **9.6.8.0**, not from the currently installed **10.0.14.0**. Luckily enough, the only negative effect was that **the WiFi was not working**. This is a **logcat** excerpt:
  
 <code> <code>
Line 356: Line 357:
 </code> </code>
  
-I proceeded with the standard procedure, trusting that the boot partition would be recognized as original and therefore upgradeable (remember: the update were already downloaded by the phone, so I just launched the reboot and install procedure). After some minutes and three reboots, the system was upgraded**Android v.9** and build number **PKQ1.180917.001.V10.0.19.0.PDHMIXM**. Fortunately enough the WiFi were recovered.+I proceeded with the standard upgrade path, trusting that the boot partition would be recognized as original and therefore upgraded to the new one. Remember: the update ZIP archive were already downloaded into the phone, so I just launched the **reboot and install** action. After some minutes and a few reboots, the system was upgraded to **Android v.9** build number **PKQ1.180917.001.V10.0.19.0.PDHMIXM**. Fortunately enough the WiFi were recovered.
  
 To complete the upgrade: To complete the upgrade:
  
-  - Backup the stock boot partitions +  - Copy **twrp-installer-3.3.0-2-tissot.zip** and **Magisk-v20.1.zip** into the phone internal storage. 
-  - Reinstall TWRP +  - Backup the stock boot partitions. 
-  - Reinstall Magisk +  - Reinstall TWRP. 
-  - Backup the rooted boot partitions+  - Reinstall Magisk. 
 +  - Backup the rooted boot partitions.
  
-First of all **boot into TWRP** without installing it:+First of all **run the TWRP** recovery //fastbooting// the image directly from the PC hard disk (i.e. **without installing it into the phone**):
  
 <code> <code>
Line 372: Line 374:
 </code> </code>
  
-Into //TWRP// => //Reboot// menu I verified that the **Current SlotA**. It is normal that the upgrade procedure swaps the boot partition during the upgrade. Then i backed up the stock images from a PC connected via ADB:+From //TWRP// => //Reboot// menuI verified that the **Current Slot** is **A**: it is normal that the upgrade procedure swaps the boot partition during the upgrade. Using ADB from the connected PC, I backed up the stock boot images:
  
 <code> <code>
Line 379: Line 381:
 </code> </code>
  
-Now I installed the TWRP recovery into the boot partitions: //TWRP// => //Install// => **twrp-installer-3.3.0-2-tissot.zip**. The installation warns about //Running boot image patcher on slot// A and B, and spit some harmless warnings about the **/vendor** mounting point.+Now I installed the TWRP recovery into the boot partitions: from //TWRP// => //Install// => **twrp-installer-3.3.0-2-tissot.zip**. The installation warns about //Running boot image patcher on slot// A and B, and spit some harmless warnings about the **/vendor** mounting point. It is necessary to install TWRP before Magisk, otherwise TWRP will unroot the phone during its install.
  
-After a system reboot, and again a boot into Recovery I performed //TWRP// => //Install// => **Magisk-v20.1.zip**. Once again some harmless warnings about the /vendor mounting point.+After a system reboot, and another boot into Recoverydid //TWRP// => //Install// => **Magisk-v20.1.zip**. This will install //root// on the phone(the **su** program). Once again I got some harmless warnings about the /vendor mounting point.
  
 Finally I repeated the procedure to **backup** the patched **boot_a** and **boot_b** partitions. Finally I repeated the procedure to **backup** the patched **boot_a** and **boot_b** partitions.
  
 **NOTICE**: the ADB client required to perform the ''adb pull'' command is active when I boot TWRP using ''fastboot boot twrp-3.3.0-2-tissot.img''. If instead I boot TWRP from the phone, the ADB client is not active. **NOTICE**: the ADB client required to perform the ''adb pull'' command is active when I boot TWRP using ''fastboot boot twrp-3.3.0-2-tissot.img''. If instead I boot TWRP from the phone, the ADB client is not active.
 +
 +Once rebooted the phone into normal system, I installed the root permissions manager: **MagiskManager-v7.5.1.apk**.
 +
 +===== August 2020 security update =====
 +
 +This is a new update from Xiaomi, still featuring **AndroidOne v.9** relase, build **PKQ1.180917.001.V10.0.24.0.PDHMIXM**. The upgrade was downloaded nightly over the WiFi. It seems impossibile to prevent such automatic download: I did not find any settings to prevent automatic upgrade download. After downloading, the phone asks to reboot to complete the upgrade.
 +
 +The starting conditions were:
 +
 +  * A/B System Updates status: **Current Slot: ?** (may be it was **A**, because after installation it is **B**).
 +  * Bootloader is **unlocked**.
 +  * **Magisk** and **TWRP** were installed, but may be they were hidden by accident. Infact the installation of the upgrade went OK after a reboot, whereas it should fail because the boot sector is tampered with **Magisk su**.
 +  * **System partition** was the stock one: root privileges were never used to tamper the **/system** hierarchy.
 +
 +After the upgrade, I did the following to get **root again**:
 +
 +  * adb reboot bootloader
 +  * fastboot boot twrp-3.3.0-2-tissot.img
 +  * Verified from TWRP => Reboot: **Current slot: B**
 +  * adb pull /dev/block/mmcblk0p22 boot_a.img
 +  * adb pull /dev/block/mmcblk0p23 boot_b.img
 +  * TWRP ⇒ Install ⇒ **twrp-installer-3.3.0-2-tissot.zip**\\ Running boot image patcher on slot a and b.
 +  * system reboot
 +  * adb reboot bootloader
 +  * fastboot boot twrp-3.3.0-2-tissot.img
 +  * TWRP ⇒ Install ⇒ **Magisk-v20.4.zip**\\ Current boot slot: _b, unpacking, patching, repacking, flashing new boot image.
 +
 ===== Web References ===== ===== Web References =====
  
doc/appunti/hardware/xiaomi_mi_a1.1585148963.txt.gz · Last modified: 2020/03/25 16:09 by niccolo