SM-G973F DOWNGRADE 10 to 9 FIRMWARE | ROOT | METHOD (Error Fix) Trick


Samsung Galaxy S10 is one of the secure handset. Rooting is much difficult on that handset. if you are on android version 10, You should downgrade it to android 9 which is completely safe till U3 binary. I test it on my handset. Logs are at the end of this post. 

DOWNLOAD ANDROID 9 U3 VERSION 

G973FXXU3ASG8_G973FOXM3ASG8_PHE 9.0 

THANKS for the Samsung Galaxy S10 (SM-G973F), by Robert Smali

After downgrading you must factory reset / wipe data from recovery after that you can root and patch that handset. For rooting use magisk manager complete method is as below: (Start from Samsung (System-as-root)) 

Magisk

Installation

If you already have Magisk installed, it is strongly recommended to upgrade directly via Magisk Manager. The following tutorial is for first time users.

Getting Started

  • If you are using a Huawei device running EMUI 8 and higher, please check its section.
  • If you are using a Samsung device that is launched with Android 9.0 (new devices in 2019), please check its section.
Otherwise, follow the instructions in Knowing Your Device, and choose the right steps
  • If your device is NOT A/B, but IS using system-as-root, then you will have to install Magisk to the recovery partition of your device. Follow the instructions in Boot Image Patching, but instead of using your boot image, use your recovery image. Read through the Magisk in Recovery section!
  • Otherwise, you can either follow the instructions in Custom Recovery (if your device has custom recovery available) or Boot Image Patching.
Other notes:
  • If you plan to install custom kernels, flash the zip AFTER installing Magisk
  • Make sure to remove any ‘boot image mods’ such as other root solutions. The easiest way is to restore the boot image from factory images, or reflash a non-prerooted custom ROM

Knowing Your Device

If your device is running anything older than Android 7.1, skip this section as your device will not be using A/B nor system-as-root.
First, you need to know whether your device is using A/B partitions. If you don’t know, use a terminal (adb shell or any terminal emulator) to check with this command:
getprop ro.build.ab_update
If the result is true, then your device is using A/B partitions.
If your device is A/B, then your device is also certainly using system-as-root. To find out whether you are using system-as-root on a non-A/B device, use a terminal to check with this command:
getprop ro.build.system_root_image
If the result is true, then your device is using system-as-root.
(P.S. If you are interested more regarding system-as-root, please check this Twitter thread)

Custom Recovery

If your device has custom recovery support, the easiest way is to install it through custom recoveries, such as TWRP.
  • Download the Magisk installer zip
  • Reboot to custom recovery
  • Flash the zip and reboot
  • Check whether Magisk Manager is installed. If for some reason it isn’t installed automatically, manually install the APK

Boot Image Patching

You would want to choose this method if either your device does not have custom recoveries, your device is A/B and you don’t want to mix recovery and boot images, or your device is using system-as-root without A/B partitions.
To use this method, you are required to obtain a copy of the stock boot/recovery image, which can be found by extracting OEM provided factory images or extracting from OTA update zips. If you are unable to obtain one yourself, you might be able to find it somewhere on the internet. The following instructions will guide you through the process after you have the copy of boot/recovery image.
  • Copy the boot/recovery image to your device
  • Download and install the latest Magisk Manager
  • If you are patching a recovery image, manually check “Recovery Mode” in Advanced Settings!
  • Press Install → Install → Select and Patch a File, and select your stock boot/recovery image file
  • Magisk Manager will patch the image, and store it in [Internal Storage]/Download/magisk_patched.img
  • Copy the patched image from your device to your PC. If you can’t find it via MTP, you can pull the file with ADB:
    adb pull /sdcard/Download/magisk_patched.img
  • Flash the patched boot/recovery image to your device and reboot. For most devices, here is the fastboot command:
    fastboot flash boot /path/to/magisk_patched.img or
    fastboot flash recovery /path/to/magisk_patched.img if you are patching a recovery image

Magisk in Recovery

Since some devices no longer use ramdisk in boot images, Magisk has no choice but to be installed in the recovery partition. For these devices, you will have to boot to recovery every time if you want Magisk. Since both Magisk and recovery lives in the same partition, what you actually end up getting when you choose to boot to recovery will be determined by how long you press volume up.
Each OEM and device has its own key combo to boot into recovery. For example on Samsung S10 it is (Power + Bixby + Volume Up), and for Huawei it is (Power + Volume Up). As soon as you press the combo and the device vibrates with a splash screen, the bootloader has already chosen which mode it is booting, either it be bootrecovery, or some OEM specific modes like downloadfastboot, or erecovery. After the splash screen, release all buttons to boot into Magisk, since by default recovery mode will boot to the system with Magisk enabled. If you decide to boot to actual recovery, continue to press volume up until you see the recovery screen.
After installing Magisk in recovery:
  • (Powering up normally) → (System with NO Magisk)
  • (OEM Recovery Key Combo) → (Splash screen) → (Release all buttons) → (System with Magisk)
  • (OEM Recovery Key Combo) → (Splash screen) → (Keep pressing volume up) → (Actual recovery)
Important Note: You CANNOT use custom recoveries to install/upgrade Magisk!

Samsung (System-as-root)

If your device is NOT launched with Android 9.0 or higher (released after 2019), you are reading the wrong section.

Before Installing Magisk

  • Your device is non-A/B and uses system-as-root, so Magisk will be installed to the recovery partition of your device. Please read the Magisk in Recovery section!
  • Installing Magisk WILL trip KNOX
  • Installing Magisk for the first time REQUIRES a full data wipe, backup before continue
  • You have to have your bootloader unlocked before following the instructions


Unlocking Bootloader

Normally I wouldn’t provide instructions for this, but since things had changed drastically from previous Samsung devices, and there are some caveats, I figure this would be helpful.
  • Allow bootloader unlocking in Developer options → OEM unlocking
  • Reboot your device to download mode. Either use adb reboot download, or use the key combo for your device.
  • Long press volume up to unlock the bootloader. This will wipe your data and automatically reboot.
Just when you think the bootloader is unlocked, it is actually not! Samsung introduced VaultKeeper, meaning the bootloader will reject any unofficial partitions before VaultKeeper explicitly allows it.
  • Go through the initial setup. Skip through all the steps since data will be wiped again later when we are installing Magisk. Connect the device to internet in the setup!
  • Enable developer options, and confirm that the OEM unlocking option exists and grayed out! The VaultKeeper service will unleash the bootloader after it confirms that the user has the OEM unlocking option enabled.
  • Your bootloader now accepts unofficial images in download mode.

Instructions

  1. Download the firmware for your device.
  2. Unzip the firmware and copy the AP tar file to your device. It is normally named as AP_[device_model_sw_ver].tar.md5
  3. Install the latest Magisk Manager
  4. In Magisk Manager: Install → Install → Select and Patch a File and select the AP tar file.
  5. Magisk Manager will patch the whole firmware file and store the output to [Internal Storage]/Download/magisk_patched.tar
  6. Copy the patched file to your PC with adb pull /sdcard/Download/magisk_patched.tar. Do not use MTP as it is reported to corrupt files.
  7. Reboot to download mode, and flash magisk_patched.tar as AP in Odin, together with the BL, CP and HOME_CSC files. Never flash only an AP file, as Odin can shrink your /data file-system if you do.
    Important: Uncheck “Auto Reboot” in Options!
  8. Magisk is now successfully flashed to your device! But there are still several steps before you can properly use the device.
  9. We now want to boot into the stock recovery to factory reset our device.
    Full data wipe is mandatory! Do not skip this step.
    Press Power + Volume Down to exit download mode. As soon as the screen turns off, immediately press the combo key to boot to recovery (e.g. on the S10 it is Power + Bixby + Volume Up). Since we want to boot into stock recovery, continue pressing the volume up button until you see the stock recovery screen.
  10. Use volume buttons to navigate through the stock recovery menu, and the power button to select an option. Choose Wipe data/factory reset to wipe the data of the device.
  11. This time, we can finally boot to the system with Magisk. Select Reboot system now, and immediately press the combo key to recovery. After seeing the bootloader warning screen, release all buttons so it can boot to the system.
  12. The device will automatically reboot for the first time it boots. This is completely normal and done by design.
  13. After the device is booted up, do the usual initial setup. The following steps will need an internet connection.
  14. You shall see Magisk Manager in your app drawer; if not, manually install the APK you downloaded in step 3 and continue to the next step. The app would be a stub and it shall automatically upgrade to the full Magisk Manager when you open it.
  15. Magisk Manager will ask to do additional setups. Let it do its job and the app will automatically reboot your device.
  16. Voila! Enjoy Magisk :)

Additional Info

  • Magisk actually patches 3 partitions on your device:
    • vbmeta: replace with empty vbmeta image to disable partition verification
    • boot: remove the signature of the image to prevent soft bricks
    • recovery: this is where Magisk is actually installed
  • Never, ever try to restore either of the 3 images mentioned back to stock! You can easily brick your device by doing so, and the only way out is to do full Odin restore following with factory reset. Just don’t do it.
  • If you want to upgrade your device, never flash the stock AP tar file with the reasons mentioned above. Always pre-patch the firmware before flashing in Odin.
  • If you don’t need to patch the full firmware, you can manually create a tar file with at least vbmeta.imgboot.img, and recovery.img to let Magisk Manager patch your images in the proper way.



For complete successful root you must follow the 10 and 11 Point of the above. Without that trick you can'not get through this root process. Because of the security Boot.img will automatically unroot your device if you miss that points. 

If you want to repair imei do the following procedure:


  • Repair Imei using any professional tool like Z3x (Paid/ Credit base) or if you have Chimera tool you can also do it without any problem. This procedure must be done without root. if you did that procedure with root, Chimera will auto un-root your device. So keep in mind do it without root. 
  • After successful repair imei now you have to root your phone with magisk method. You must follow the above mention procedure. Full AP file must be patched and flash to your phone. And keep in mind 10 and 11 number procedure to get success. 
Here is log:

SM-G970F ANDROID 10 INFO:


Gathering phone info...
Collecting information. Be patient! Do NOT disconnect the phone! 
Model: SM-G973F 
Sales Code: BTU 
Country Code: UK & IRE 
Timezone: Asia/Karachi 
Android Version: 10 [QP1A.190711.020] [SDK 29] 
Build Date: Fri Dec 13 17:33:15 KST 2019 
PDA Version: G973FXXS3BSL4 [december 2019, rev4] 
Phone Version: G973FXXS3BSL4 [december 2019, rev4] 
CSC Version: G973FOXM3BSKO [november 2019, revO] 
Product Code: BTU 
HIDSw Version: G973FXXS3BSL4/G973FOXM3BSKO/G973FXXS3BSL4/G973FXXS3BSL4 
Board Platform: UNIVERSAL9820 
Modem Platform: SHANNON5000 
Serial Number: RF8M12LAR3T 
Imei: 450000000000000
Unique Number: CE11182B51DF85191C7E 
Connections: AT,MTP 
Network Type: GSM 
SIM Status: ABSENT,ABSENT 
Multisim Config: DSDS 
Knox Version: v30 
Warranty Bit: 0 
Security Patch: 2020-01-01 
Data Encryption State: encrypted 
Successfully finished. 
Finished at local time: [02.06.20 22:56:38] 

Downgrade to Android 9 and Repair IMEI 

Gathering phone info...
Collecting information. Be patient! Do NOT disconnect the phone! 
Model: SM-G973F 
Sales Code: BTU 
Country Code: UK & IRE 
Timezone: Asia/Karachi 
Android Version: 9 [PPR1.180610.011] [SDK 28] 
Build Date: Fri Jul 19 16:02:40 KST 2019 
PDA Version: G973FXXU3ASG8 [july 2019, rev8] 
Phone Version: G973FXXU3ASG8 [july 2019, rev8] 
CSC Version: G973FOXM3ASG8 [july 2019, rev8] 
Product Code: BTU 
HIDSw Version: G973FXXU3ASG8/G973FOXM3ASG8/G973FXXU3ASG8/G973FXXU3ASG8 
Board Platform: EXYNOS5 
Modem Platform: SHANNON5000 
Serial Number: RF8M12LAR3T 
Imei: 45000000000000
Unique Number: CE11182B51DF85191C7E 
Connections: AT,MTP 
Battery Status: 3.82V (24%) 
Network Type: GSM 
SIM Status: ABSENT,ABSENT 
Multisim Config: DSDS 
Knox Version: v30 
Warranty Bit: 1 
Security Patch: 2019-07-01 
Data Encryption State: encrypted 
Repair imei...
The operation is in progress. Be patient! Do NOT disconnect the phone! 
Current imei: 450000000000012 
Repaired imei: 35xxxxxxxxxxxx4 
Current imei2: 4500000000000000 
Repaired imei2: 35xxxxxxxxxxxx
Successfully finished. 
Finished at local time: [02.07.20 01:59:07] 

PATCH CERT IN ANDROID 9

Patch certificate started
Gathering phone info...
Collecting information. Be patient! Do NOT disconnect the phone! 
Model: SM-G973F 
Sales Code: BTU 
Country Code: UK & IRE 
Timezone: Asia/Karachi 
Android Version: 9 [PPR1.180610.011] [SDK 28] 
Build Date: Fri Jul 19 16:02:40 KST 2019 
PDA Version: G973FXXU3ASG8 [july 2019, rev8] 
Phone Version: G973FXXU3ASG8 [july 2019, rev8] 
CSC Version: G973FOXM3ASG8 [july 2019, rev8] 
Product Code: BTU 
HIDSw Version: G973FXXU3ASG8/G973FOXM3ASG8/G973FXXU3ASG8/G973FXXU3ASG8 
Board Platform: EXYNOS5 
Modem Platform: SHANNON5000 
Serial Number: RF8M12LAR3T 
Imei: 35XXXXXXXXXXXXXXX
Unique Number: CE11182B51DF85191C7E 
Connections: AT,MTP 
Battery Status: 3.73V (20%) 
Network Type: GSM 
SIM Status: ABSENT,ABSENT 
Multisim Config: DSDS 
Knox Version: v30 
Warranty Bit: 0 
Security Patch: 2019-07-01 
Data Encryption State: encrypted 
Preparing...
Checking root access. 
The phone is rooted by: 20.3:MAGISKSU 
Reading data...
The operation is in progress. Be patient! Do NOT disconnect the phone! 
Patching certificate...
Checking root access. 
About 30-90 seconds after the phone starts, the signal strength indicator turns OFF and then turns ON again after a few seconds. 
You can check the status of the imei using: *#0011# 
The patchcert can be removed by repeating the process. 
If a new firmware is used, the patchcert process must be repeated. 
Successfully finished. 
Finished at local time: [02.07.20 02:12:28] 

HOW TO REMOVE BOOTLOADER UNLOCK MESSAGE 

If you want to remove bootloader unlocked warning from the startup you can use my file which i already made from stock rom. You can flash that file in BL slot of Odin. 



No comments