(sm8350) sd 888 available?
Closed this issue · 40 comments
Sure. If you open View-Device collection, there are 15 devices there. Of these, 4 were guaranteed to be connected with this software. One programmer on the server.
Wow 😍😍 nice thanks
Please can you add for Realme GT2 Porsche (RMX3312) ?
I have stock firehouse programmer file.. if you want I can share..
Please can you add for Realme GT2 Porsche (RMX3312) ? I have stock firehouse programmer file.. if you want I can share..
Thank you very much. I will definitely add it, but I need information about the device (HWID, OEM PK HASH). You can write the data here or just connect this device to the FhF program. If you have a working programmer, then you can also attach it to the message here or in the program (FhF) after the successful completion of the storage data request command.
Please can you add for Realme GT2 Porsche (RMX3312) ? I have stock firehouse programmer file.. if you want I can share..
Thank you very much. I will definitely add it, but I need information about the device (HWID, OEM PK HASH). You can write the data here or just connect this device to the FhF program. If you have a working programmer, then you can also attach it to the message here or in the program (FhF) after the successful completion of the storage data request command.
I have stock firehouse programmer elf file.. i don't have patched firehouse programmer.. if you really want to stock firehouse programmer then i can easily share.. for my realme GT 2 device i have to use realme msm tool which requires paid service for msm tool authentication.. so i want to bypass auth.. then every user can easily unbrick
If possible.. just tell me how do I share with you HWID, OEM PK HASH fow our device.. will share.. of if you want to connect with team viewer then obviously welcome 🤗 i don't have any issues..
Everything is very simple. Put the program FhF. Connect the device in normal mode and press one button "Poll the device". If it supports the emergency reboot mode from ADB, then all IDs will be sent to the telegram chat automatically. It is necessary to enable the "USB Debugging" mode on the device.
Everything is very simple. Put the program FhF. Connect the device in normal mode and press one button "Poll the device". If it supports the emergency reboot mode from ADB, then all IDs will be sent to the telegram chat automatically. It is necessary to enable the "USB Debugging" mode on the device.
Yes i already tested something ago my device support adb reboot edl . Just tell me cmmdline.. like
./edl ...... my device ufs storage.. chipset sm8350 just only tell me cmmdline l will give you others
For Powershell
Reboot to edl
./adb reboot edl
Then check portnumber for 9008 (here COM6)
Send requests for IDs
./qsaharaserver -u 6 -c 1 -c 2 -c 3 -c 7
Find files in directory with qsaharaserver - commandop01.bin:commandop07.bin
Thats the IDs.
In attach all you need.
1.zip
For Powershell Reboot to edl ./adb reboot edl Then check portnumber for 9008 (here COM6) Send requests for IDs ./qsaharaserver -u 6 -c 1 -c 2 -c 3 -c 7 Find files in directory with qsaharaserver - commandop01.bin:commandop07.bin Thats the IDs. In attach all you need. 1.zip
After too many errors I saw qsahara asking for port number 6 but my device on Port number 10 so after some changes successfully done
qsaharaserver -u 10 -c 1 -c 2 -c 3 -c 7
Realme GT2 (3312)
realme-gt2-rmx3312.zip
Thanks, added.
Thanks, added.
Now can we recover in edl mode if we brick our device in feature?
Now can we recover in edl mode if we brick our device in feature?
No. Now it will be possible to search or select a programmer without connecting the device. It won't work to restore from 9008 yet, because I still don't have the programmer without authorization.
Now can we recover in edl mode if we brick our device in feature?
No. Now it will be possible to search or select a programmer without connecting the device. It won't work to restore from 9008 yet, because I still don't have the programmer without authorization.
So is it possible to create without auth firehouse.elf file for our Device ?
So is it possible to create without auth firehouse.elf file for our Device ?
Some software manufacturers take a regular elf file and change one byte in the header at the beginning. Then the code itself does not change, and the file is perceived by the system not as elf, but, for example, as ele. At the same time, when using their software, the program changes this byte and uses the programmer as it should. Such a programmer can be easily corrected manually. But it is unrealistic with others, because all modern programmers have a digital signature (a chain of several certificates) and any change in the code leads to the impossibility of using them (the hash amount does not match).
Where is my device loader ? Is it removed ?
Where is my device loader ? Is it removed ?
As far as I know, no. Attach the programmer here and write the name of the device model. If there is no such thing on the server, I will add it.
Where is my device loader ? Is it removed ?
As far as I know, no. Attach the programmer here and write the name of the device model. If there is no such thing on the server, I will add it.
Linux version available?
Linux version available?
No. Many functions are tied to command-line executable files (adb, fastboot, qsaharaserver, fh_loader). Rewriting them for another system would be unreasonably labor-intensive. This is, after all, an amateur project.
Linux version available?
No. Many functions are tied to command-line executable files (adb, fastboot, qsaharaserver, fh_loader). Rewriting them for another system would be unreasonably labor-intensive. This is, after all, an amateur project.
Actually I found no auth firehouse for my device.. but I have time out issue.. it not related to this issue.. but is it possible to to fix ? If yes then I will share no auth firehouse for my device..
log_20231014142715.txt
This is my pk has & id
------------------------
HWID: 0x001350e100510000 (MSM_ID:0x001350e1,OEM_ID:0x0051,MODEL_ID:0x0000)
CPU detected: "lahaina"
PK_HASH: 0xd8e3b5a8dada006de3600d3489af632f62511e17bc2f0834ccd8855294b3eaea5806184aac7bf6fd5def121311a5ff49000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000
Serial: 0xde952c21
is it possible to to fix ?
If the programmer does not exactly require authorization, attach it here to the message. I'll add it to the database. The timeout is most likely due to the instability of the connected device. It could be a board or memory error. I will definitely not be able to edit the programmer's code, because there is a digital signature and making changes to the executable code of the programmer will cause a change in the hash summ.
is it possible to to fix ?
If the programmer does not exactly require authorization, attach it here to the message. I'll add it to the database. The timeout is most likely due to the instability of the connected device. It could be a board or memory error. I will definitely not be able to edit the programmer's code, because there is a digital signature and making changes to the executable code of the programmer will cause a change in the hash summ.
No it's not required auth but I am freezing on this line.. and debug report I attached past ..
it's not required auth
Added, thanks.
It is difficult for me to answer edl errors. If there is an opportunity, try to launch an FhF in Windows with a request for storage data and attach a log from there.
it's not required auth
Added, thanks. It is difficult for me to answer edl errors. If there is an opportunity, try to launch an FhF in Windows with a request for storage data and attach a log from there.
I asked dev only patching supported
It looks like it's flailing. Check dmesg for 110 errors on USB, timeout.
Try different ports, different machine, different OS, different EDL client.
It looks like it's flailing. Check dmesg for 110 errors on USB, timeout. Try different ports, different machine, different OS, different EDL client.
No actually only patching supported.. no read back support..
I'm so confused. You have a no-auth Firehose loader, right?
I had never heard of qsaharaserver or fh_loader.
Why aren't you using a normal EDL client, like bkerler?
Also, this virtual com port stuff is bogus.
I'm so confused. You have a no-auth Firehose loader, right? I had never heard of qsaharaserver or fh_loader. Why aren't you using a normal EDL client, like bkerler? Also, this virtual com port stuff is bogus.
What do you recommend?
I also used "bkerler" exactly same error.. "time out"..
Is it actually disconnecting when it timeouts?
It's really hard to see what's going on when it's filtered through software that I don't know.
I don't know what all this "detaching kernel driver" is.
Can you try the bkerler on Windows using WinUsb driver and just trying to print the GPT.
Is it actually disconnecting when it timeouts? It's really hard to see what's going on when it's filtered through software that I don't know. I don't know what all this "detaching kernel driver" is. Can you try the bkerler on Windows using WinUsb driver and just trying to print the GPT.
Okay I will try.. but I have issues with qfil also.. mey be I don't have readback support that's why unable to read lun & than timeout
port_trace (1).txt
I don't know fh_loader. All this nonsense of using an existing file to determine size of a read. --convertprogram2read is the stupidest idea ever. Oh, wait, virtual com ports instead of nice clean USB bulk endpoints is stupider. Why was it trying to read 8192 bytes for a single sector? Why is it putting the filename in the XML? And ugly, stupid ASCII art.
Use the Temblast EDL, follow the instructions, edl /lfirehose.elf, edl /u /g
it trying to read 8192 bytes for a single sector
No, that`s buffer size. Read 1 sector (sector number 1 for partition table) in 4096 bytes. Norm.
putting the filename in the XML
All instructions are transmitted via the Sahara protocol in xml format. Qualcomm specificity.
All commands to Sahara are in binary format.
All commands to Firehose are in XML.
Still, that doesn't explain why Firehose needs to know the filename of where this data is eventually going.
Only the EDL client needs to know that.
port.trace.1.txt does not indicate why it's NAKing.
Maybe spurious attributes in the XML is making it balk.
My last suggestion remains.
why Firehose needs to know the filename
The file name in the xml request is necessary for the --convertprogram2read command to work correctly. The requested data is converted to binary format and written to a file with the name specified in the xml.
Nope. The Firehose loader has no idea that that data it is sending will be going to a file and what it is named.
Yes, the EDL client wants to know. We've seen the stupid thing trying to stat the file a few time before it is written.
If I ask the Firehose loader to dump sectors 12345 through 12378 what would the file be called and why would Firehose care?
(The preceeding is based on my own experience of asking Firehose to send partitions, parts of partitions or complete devices without ever indicating to Firehose that the destination file will be gumby.jpg.)
Ok, you may have a dead/disconnected UFS controller, but we'll never find that out from such sketchy software.
Ok, you may have a dead/disconnected UFS controller, but we'll never find that out from such sketchy software.
Yes. You're right there. Perhaps that is why Qualcomm has ended QPST(QFIL) support. Interestingly, when installing PCAT, the software packages also include qsaharaserver.exe and fh_loader.exe .
If I ask the Firehose loader to dump sectors 12345 through 12378 what would the file be called and why would Firehose care?
If you are interested in the sources of my program, then look at the Func.cs file (https://github.com/hoplik/Firehose-Finder/blob/master/Func.cs ) lines 535-567. This is an xml query generation function. The use of various names of binary files in a loop for dumping several sections can be viewed in the file /Forms/Form1.cs (https://github.com/hoplik/Firehose-Finder/blob/master/Forms/Form1.cs ) lines 2860-2915.
That's why I asked @Saikatsaha1996 to try #24 (comment)
That's why I asked @Saikatsaha1996 to try #24 (comment)
So in that case I have to unzip #24 (comment)
And I have to run edl /my_firehose.elf ?
Just go to http://www.temblast.com/edl.htm and follow the instructions (including loading WinUsb drivers).
Load the loader: edl /lmy_firehose.elf
Print the GPT (test if anything works): edl /u /g
If it doesn't work: edl /u /g /v
Bump @Saikatsaha1996
Sorry guys. May I suggest that you continue the discussion in the Telegram chat? Here, after all, is not a forum, but a branch of answers to the starting question.
I will be glad to see you in the channel chat https://t.me/+Suwc1u6h8PYzM2Qy
or in the public channel
https://t.me/+hv2C2MsFSLg2NTg6