TWRP Recovery and patched boot for D09 Prime 2

DISCLAIMER - USE AT YOUR OWN RISK - ANY WARRANTY WILL BE VOID !!!

https://mega.nz/folder/OFo1iYLZ#-R1FzjLAxHu-HrA4F_dmDw

@none has made this for us - it comes as is and is only for those who know what they are doing.
With this recovery you cannot flash zip files and Magisk apk has to be installed to use SU.
You can take backups and use Magisk Modules - but don’t try to update Magisk - apart from the manager apk. Once installed you will achieve SU privaliges - however - due to the security, it is limited to system-less root only.

Unless:

You can unlock the pre-loader by setting OEM unlock in developer settings to ON
ADB reboot to bootloader
Issue “fastboot flashing unlock” and device will factory reset.

However - this will likely only allow you to flash unsigned boot or recovery images. Nothing else.

This means you cannot edit or change the super.img system.img etc etc …

2 Likes

How did root mode work? Magisk?

2 Likes

Yes, I rooted with Magisk, without TWRP. I even made a step by step how to do it, but I haven’t posted here yet on the forum.

1 Like

Many thanks.
Waiting for your step by step guide on how you rooted kp2 with magisk without twrp.
Can you thoroughly evaluate its battery according to your use please?:slight_smile:

Very interested in your root method also. Are you able to accomplish with standard Magisk method using latest Magisk or are there other steps involving the signed boot image?

are you able to modify the system partition? I achieved root today, but am not able to modify the system partition

1 Like

@noidremained, Since luisreche seems to have left the building for the moment can you elaborate on how you got root even if you can’t change anything on the system partition? If nothing else I like to snoop around :wink:

Root achieved! Much thanks to @noidremained for some tips. If it is okay to discuss how to do this I’ll post info. Not that difficult but as noidremained mentioned you still won’t be able to modify the system partition. However snooping around in places you couldn’t even see before is great fun and we’ll see what else can be done.

Thanks pablo11 !! First I should say that if you choose to unlock the pre-loader (bootloader) as I did using Fastboot that I don’t believe there is any way to relock it as relocking requires direct access to volume buttons and since the Prime 2 has NO volume buttons you won’t be able to relock it and will have a permanent ‘Orange State’ notice any time you reboot or turn on the phone. It doesn’t cause a problem other than a 5 second delay on boot but it might make the watch harder to sell to less knowledgeable people if you decide sometime to sell it.

Now two questions for you pablo11 - if you are feeling better - no worries if you aren’t as this can wait.
1 - You said “You can unlock the pre-loader by setting OEM unlock in developer settings to OFF”
Mine is already grayed out and appears to be set to the right (as in ON) but it does say “bootloader is already unlocked” so I’m thinking that is Okay ?

2 - Since I rooted with the latest canary version of Magisk would it be okay to use that one or would it be better to un-root and use the patched boot version in the Zip file with TWRP that you have provided from ‘none’?

Hope you are feeling better!

The way I got root (before reading pablo11’s post):

Unlock bootloader with Fastboot
Use Magisk canary channel version to install Magisk and patch boot image.
You need to have the specific scatter file for your device.
Open Sp Flashtool and load Scatter File
Untick all options except ‘boot.img’ and ‘vbmeta.img’ (use the blank vbmeta.img)
Select the new Magisk patched boot image
Turn off watch and disconnect from computer
Then hit the download button in SP Flash tool
Make sure you have proper drivers installed
Connect the phone to PC ( powered off with or without battery )
Wait until it finishes flashing
After completion
Unplug the device and
Reboot
:smiley:

Blank vbmeta.img in a zip file if you need it : blank vbmeta.img in a Zip

To somewhat answer my own question to pablo11 about using the existing Magisk canary patched boot.img I made earlier today I tried flashing it instead of the provided boot.img and just flashed the TWRP recovery and blank vbmeta.img. Seems TWRP is working fine and watch is still rooted and working although I haven’t done a lot with it yet. I used ROM Toolbox to reboot into TWRP recovery with it’s built in ‘Rebooter’ or you can of course use ‘adb reboot recovery’.

TWRP.2nd TWRP.main

Edited first post because oem unlock should be turned on and yes it will be greyed out after you unlock the preloader.

I believe fastboot flashing relock might work because the power button is configured to work on the preloader.

However, that’s the point of the disclaimer.

1 Like

If you change anything in the other partitions - don’t be surprised if you have some undesired issues and have to fully flash stock firmware again.

1 Like

Yes, it would work because you have unlocked the preloader.
But for people who don’t want to do this - the images @none has provided will be ok.

I really don’t see the point in flashing vbmeta because it will not help in the long run. But whatever floats your boat :joy:

Earlier when I tried flashing the canary Magisk patched boot without the blank vbmeta.img I was boot looping so at least with that one it didn’t like working without the blank vbmeta.

Will it be possible to backup and restore with TWRP anything other than ‘data’? Other 3 choices are ‘nvdata’ , ‘nvram’ , and ‘Super’. I’m guessing ‘Super’ would not be of any use to backup as I don’t think it can be changed but not sure about the other two.

Back up of nvram and data is a good idea.
This is where your IMEI and MAC addresses are stored.
Always good to keep.

1 Like

Interesting… Even with unlocked preloader?
Oh well, that is interesting.
Cheers

Yes I agree good to have backups of nvram but just wasn’t sure if it could be safely restored with TWRP on Android 10.

Actually I just remembered…
Even though the preloader is unlocked you still have to type a few commands to disable Verity and image signature requirements.

Yes I’ve had the preloader unlocked since I was first trying root back in November. Maybe it would have worked with the boot.img you shared with the TWRP but since I already had root I didn’t try that way.

:+1: