THIS IS A DANGEROUS OPERATION AND COULD POTENTIALLY BRICK YOUR DEVICE. PROCEED AT YOUR OWN RISK. A USB JIG IS PREFERRED IF YOU HAVE ONE.
( and by brick I mean brick - only a board replacement or a JTAG unit will be able to save you, don't mess with boot(loader) stuff unless you really mean it! )
Please check the values the app displays are correct before resetting the counters. There really isn't much more to say about it, except for the technical details, which most of you will likely skip.
Also, Samsung may well change behavior for this in the future, so with any major firmware updates you should check and doublecheck if this app still works before attempting a reset.
CHECK AND DOUBLE CHECK THE INFORMATION UNDER "CURRENT STATUS" IS CORRECT BEFORE RESETTING THE COUNTER !
( If triangle, counter, or device is not showing or not correct, DO NOT USE but report back here )
Note: using Triangle Away may unmount your SD card. Reboot or manually remount it from Android settings.
Technical details (Updated 13.02.2012)
The flash counter and triangle state had to be stored somewhere. Everybody knew that. Guesses have been made in the past where it could be, and I have personally compared the raw flash disk contents between different amount of custom flashes in the past, unable to find any differences. You can dump and compare the entire /dev/block/mmcblk0 and you won't find a difference (you'll find a few unallocated and unused gaps, though).
The solution comes with the new kernel uses by ICS builds. The flash disk actually has two hidden boot partitions, /dev/block/mmcblk0boot0 and /dev/block/mmcblk0boot1 . The MMC driver in the kernels used for Gingerbread did not present these partitions in the past, the MMC driver in the ICS kernel does.
Teamhacksung members said something about having found the location, so I retried locating the position on ICS. Until recently I had always ran the KH4 Gingerbread build because until the LPB ICS build USB host was not properly supported on ICS, and I need that for other apps I make. It's really easy to find now on ICS. Dump and compare the partitions and you'll have found them in no time. I've already done it, so here is the information.
Structure /dev/block/mmcblk0boot0 @ 0x00020000:
0x00020000 header magic: 32bit - 0x12340011
0x00020004 flash count: 16bit
0x00020006 future: 16bit - 0x0000
0x00020008 type: 16bit - 0x0000 unknown, 0x0001 custom (triangle), 0x0002 Samsung Official
0x0002000A name: max 16 chars
0x0002001A end: 16bit - 0x0000
The boot partitions are presented as readonly by default, but allowing modification is a simple matter of executing the following before writing the data:
echo 0 > /sys/block/mmcblk0boot0/force_ro
That should give you all the information you need to replicate this. A number of bytes trailing this structure also change between flashes and appear to be checksum related.
As stated above, this isn't easily doable on Gingerbread. That is also why this currently does not work on the SGNote. When ICS is released for the SGNote it'll probably be compatible out of the box, or trivial to make it compatible. I say on Gingerbread it is not easily doable, but it is not impossible. If you put a lot of effort into it, you can probably talk to the MMC device directly and modify these partitions, I personally don't feel it is worth the effort for Gingerbread, as (at the time of this writing) official ICS firmwares should be available for both the SGS2 as well as the SGNote very shortly.
Update 16.02.2012: Users have confirmed TriangleAway works on the I9220 SGNote ICS leak !
Update 13.05.2012: TriangleAway does *not* work on the latest official SGNote ICS firmwares. There will be a fixed version soon, but it has to wait for my Note to return from repairs, else I cannot test it
Update 04.06.2012: v1.50 should work with the I9220 and N7000 SGNote's again
Changelogs
18.07.2012 - v1.70
- Support for:
--- Samsung Galaxy S3 AT&T
--- Samsung Galaxy S3 Sprint
--- Samsung Galaxy S3 T-Mobile
--- Samsung Galaxy S3 Verizon
--- Samsung Galaxy S3 Canadia
06.06.2012 - v1.51
- Support for Galaxy S3 GT-I9300*T*
04.06.2012 - v1.50
- Fixes for Galaxy Note GT-N7000/GT-I9220
- Support for Galaxy S3 GT-I9300
02.03.2012 - v1.25
- Updated icon
- Updated some texts
- Added automatic reset at boot option
- Uploaded to Market
13.02.2012 - v1.10
- Updated technical details
- Device check removed, instead the app checks the header magic
- Internal structure changed
FAQ
- Triangle Away shows a negative counter ?
If you have a very large flash count (over 127) this is known to happen. Please confirm in download mode that you actually have that large a flash count before resetting the counter.
- After using Triangle Away I get no bootscreen at all or an error message on screen ?
Try flashing the attached "param.tar" as PDA in ODIN (no repartition!), that may clear up the issue. Samsung Galaxy S II GT-I9100 ONLY
- What about future updats and devices ?
Please read this article I wrote about this: http://www.chainfire.eu/articles/118...ay_vs_Samsung/
- On the SGS3, Download Mode says my System is modified, and Triangle Away does not reset it
Triangle Away attempt to reset this status and block it from coming back, but it depends on the firmware. It works on the ALE8 firmware, try flashing that if you absolutely must reset this value.
- On the SGS3, System->Settings->About device->Status still shows "Modified"
This is outside the scope of Triangle Away. The "system" status is not even always resettable in the bootloader. If you are going for warrenty, you need to also reflash a full stock firmware and wipe your device. If they boot up your device and find root apps, you're not going to get any warranty anyway. If you do such a full stock reflash and wipe, the "Modified" value will go away.
Download
Download from Google Play
The Google Play download is not free - it costs about a beer (thanks!). The download listed below is 100% the exact same program, but free. I provide it for free because I believe this app should be available even to people who cannot pay on Google Play. If you are able to purchase on Play, please consider that I have spent a great many hours on this, and the latest version also uses server resources I have to pay for.
REDISTRIBUTION IS NOT ALLOWED
( 1.00: 634; 1.10: 12795; 1.25: 59699)
Download V1.70 for FREE
----------------------
Download V1.51
Download V1.50
param.tar
----------------------
----------------------
Download V1.51
Download V1.50
param.tar
----------------------
OR
The Android Market download is not free - it costs about a beer (thanks!).
Please do not redistribute for the moment (soon?)
( 1.00: 634; 1.10: 12795 )
0 comments:
Post a Comment