On Sun, 09 Sep 2018 09:17:52 +0000 Fil Lupin <fillu...@protonmail.com> wrote:
> Hello, > After searching, I did not find any method working on all devices to > allow to backup a device's partitions without flashing it to get > root. Could you add a summary of your research on the wiki? > Moreover, I found several posts assuring this is not possible > for GT-I9300 At the beginning of Replicant, I also had a lot of comments on Android IRC channels telling me that what I was trying to do (replace the HTC Dream nonfree libraries with free software) was impossible. > (see B.6. in > https://forum.xda-developers.com/showthread.php?t=723596). I didn't find anything stating that in B.6. > On GT-I9300 (Samsung Galaxy S3), it seems the only way to get root is > to flash recovery partition. There is a bootloader exploit with a hello world (helloworld.c) in git://github.com/oranav/i9300_emmc_toolbox.git that gives you code execution at the bootloader level. Beside that I didn't do enough research on rooting to have something tangible, but I know that some have source code. > First step should then be to get a > recovery partition which will not harm the device before installing > it on device. What I mean here is one should not only checking > integrity of the downloaded file by checking MD5 signature but also > checking that recovery partition will do what it is made for and only > this. MD5 checksums are broken. And checksums only tells you that the file you downloaded (for instance the recovery image) matches the checksum that you check against. To get better assurance that the file you downloaded really comes from the developers you could rely on either or both: - Your TLS connection, assuming that the developer(s) control the website they distribute the recovery from. - detached GPG signature files, that enables you to check that the file you downloaded really comes from the developers. > Some websites allow to download firmware but I do not know how to > guaranty those firmware authenticity. Since I am not an expert, I > hope someone can let me know how to do this. I've no idea beside comparing them with the stock device images that you dumped yourself. If the websites publish hashes of the images, it could enable people to check it way more easily. At the end of the day I don't see many uses cases of making a backup of the i9300 recovery: All devices are most probably out of warranty from Samsung by now. As for the warranties of the shops selling it second hand, they often already have TWRP or similar. There may be cases where it might be interesting to run the stock OS on it to test things or to understand how the stock RIL works, but so far all that could also be done with Cyanogenmod or LineageOS. Assuming you really need a valid recovery because you need to run the stock OS, and it complains about you using a wrong recovery, you could still try dodgy recoveries and look if it still complains. If the stock OS is able to somehow check the integrity of the recovery, there might be a way to find how to do it ourselves. The Bootloader might also do that, in that case it's probably way easier to do it ourselves. However if you manage to backup all the other partitions without erasing the user data partition, in a way that is easy enough for users to do, and doesn't require to run nonfree or dodgy apk, it could enable people to backup their data (but not the recovery) and be able to migrate to Replicant without loosing all their data. If you manage to build a free software a root exploit that works on some Replicant compatible devices, then it should be fairly easy to modify the source code to backup the recovery and enable users to do a full backup. Alternatively you could try to go use bootloader exploit to run u-boot or something like that. There is someone working on porting u-boot to the i9300. When USB support will be ready for u-boot, you could try to run the this command to export the eMMC over USB: > ums 0 mmc 0 or this one: > ums 0 mmc 1 Both paths requires some work but it would be very beneficial as users could way more easily migrate their data. Denis.
pgpLrz4eZbJzL.pgp
Description: OpenPGP digital signature
_______________________________________________ Replicant mailing list Replicant@osuosl.org https://lists.osuosl.org/mailman/listinfo/replicant