• After 15+ years, we've made a big change: Android Forums is now Early Bird Club. Learn more here.

Root [CDMA] S-OFF, S-On

wake69

wake69

Android Expert
Here is some reading for those new to the community with an explanation of what we are trying to do to get this phone rooted

OK, about sixteen million posts have been flying back and forth about what you can do with root, can't do, what S-OFF is, is not... So I'm going to try to clear it all up for you, OK?

ROOT means you have full control over the OS. From the OS, you can write to the recovery partition. Without root, the only way to write recovery is through hboot, which will only let you flash a custom recovery if you have S-OFF. But even with S-ON, you can write recovery from the OS if you have root. Then, with a custom recovery, you can write the hboot with an engineering bootloader, which has S-OFF. This way, you get S-OFF without a warranty-voiding watermark.

S-OFF means you can flash a custom recovery or ROM from hboot. Things you could already do with root, except that it's hard to get root while S-ON. But if you get it, you're set.

HTC says they'll ship an update which sets S-OFF, and then we're set, except their update will almost assuredly drop a watermark and void the warranty.

ANALOGY: Say the phone is a fortress, and you're trying to get in. S-ON means the gate is shut. If you root it with S-ON, you do it with an exploit, so you find a weak spot in the wall and pack it full of C4 and BOOM, you're in. S-OFF means they opened the gate from the inside, and you just walked in. Either way (S-OFF or root) you're in.

SUMMARY: With S-OFF, you get everything. With root, you get everything. End of story.

Final comment: rooting with S-ON means you used an exploit. Exploits are bad!! But HTC is forcing us to resort to such brutish, nasty means (blowing up walls to the fortress) because they locked the gate before selling us the place. We have a right to get inside, but they aren't opening the gate, so we have to get in some other way. Remember, if you can blow up the wall and walk in, a malicious program can do so too. Exploits are bad, and HTC should patch them. But let's get some legitimate use out of them first, ehhh?


**taken from linked xda post, if this is cool leave it, if not will replace with link**

Originally posted at XDA by DigitalPioneer
 
This part was interesting. I didn't know you could write to /recovery from a root shell...

ROOT means you have full control over the OS. From the OS, you can write to the recovery partition. Without root, the only way to write recovery is through hboot, which will only let you flash a custom recovery if you have S-OFF. But even with S-ON, you can write recovery from the OS if you have root. Then, with a custom recovery, you can write the hboot with an engineering bootloader, which has S-OFF. This way, you get S-OFF without a warranty-voiding watermark.
Click to expand...
 
You may want to give credit to the original poster, incase they want to follow him on XDa, just a thought. You already have set up as a link incase no one noticed, ;)


wake69 said:
Here is some reading for those new to the community with an explanation of what we are trying to do to get this phone rooted

OK, about sixteen million posts have been flying back and forth about what you can do with root, can't do, what S-OFF is, is not... So I'm going to try to clear it all up for you, OK?

ROOT means you have full control over the OS. From the OS, you can write to the recovery partition. Without root, the only way to write recovery is through hboot, which will only let you flash a custom recovery if you have S-OFF. But even with S-ON, you can write recovery from the OS if you have root. Then, with a custom recovery, you can write the hboot with an engineering bootloader, which has S-OFF. This way, you get S-OFF without a warranty-voiding watermark.

S-OFF means you can flash a custom recovery or ROM from hboot. Things you could already do with root, except that it's hard to get root while S-ON. But if you get it, you're set.

HTC says they'll ship an update which sets S-OFF, and then we're set, except their update will almost assuredly drop a watermark and void the warranty.

ANALOGY: Say the phone is a fortress, and you're trying to get in. S-ON means the gate is shut. If you root it with S-ON, you do it with an exploit, so you find a weak spot in the wall and pack it full of C4 and BOOM, you're in. S-OFF means they opened the gate from the inside, and you just walked in. Either way (S-OFF or root) you're in.

SUMMARY: With S-OFF, you get everything. With root, you get everything. End of story.

Final comment: rooting with S-ON means you used an exploit. Exploits are bad!! But HTC is forcing us to resort to such brutish, nasty means (blowing up walls to the fortress) because they locked the gate before selling us the place. We have a right to get inside, but they aren't opening the gate, so we have to get in some other way. Remember, if you can blow up the wall and walk in, a malicious program can do so too. Exploits are bad, and HTC should patch them. But let's get some legitimate use out of them first, ehhh?


**taken from linked xda post, if this is cool leave it, if not will replace with link**
Click to expand...
 
jerofld said:
The whole post was a link to the original article :P I'd say you linked to the original author enough
Click to expand...
i know what i did lol, i linked article to post so ppl could read more in the comment section if they may have questions. just tryin to help out with this whole root thing coming

i remember in college if something wasn't quoted right you had to go in front of the honor board and that is the devs here lol
 
Correct, but I wasn't sure that was his intent to make the whole post a link, so I asked


jerofld said:
The whole post was a link to the original article :P I'd say you linked to the original author enough
Click to expand...
 
 
wake69 said:
learned some interesting stuff. the 3d is not nand, it is emmc

eMMC describes an architecture consisting of an embedded storage solution with MMC interface, flash memory and controller, all in a small ball grid array (BGA) package.[4]
Embedded MultiMediaCard (e-MMC) e-MMC/Card Product Standard, High Capacity, including Reliable Write, Boot, Sleep Modes, Dual Data Rate, Multiple Partitions Supports and Security Enhancement

so some things that used to be true are no longer. interested in finding out what is next!
Click to expand...

eMMC in the 3vo is nand logic flash memory, using an embedded MMC interface.

Saying eMMC is not nand flash is very much like saying HDMI is not 1080p.

From your own wiki reference:

eMMC describes an architecture consisting of an embedded storage solution with MMC interface, flash memory and controller...
Click to expand...

For a complete and definitive (yeah, I said it) post on this:

http://androidforums.com/htc-evo-3d/346198-htc-evo-3d-full-specs-techies-dummies-2.html#post2776843

And it's quoted in the OP of that thread. ;)


wake69 said:
i remember in college if something wasn't quoted right you had to go in front of the honor board and that is the MODS here not-lol
Click to expand...

ftfy ;) :D

I hate kanging and appreciate that you didn't.
 
novox77 said:
This part was interesting. I didn't know you could write to /recovery from a root shell...
Click to expand...

Yeap, that's news to me.

I've had full s-off on my Evo since the early days. I just did an adb shell and then threw a mount command - here's what I got:

Code: 
# mount
rootfs / rootfs ro 0 0
tmpfs /dev tmpfs rw,mode=755 0 0
devpts /dev/pts devpts rw,mode=600 0 0
proc /proc proc rw 0 0
sysfs /sys sysfs rw 0 0
none /acct cgroup rw,cpuacct 0 0
tmpfs /mnt/asec tmpfs rw,mode=755,gid=1000 0 0
none /dev/cpuctl cgroup rw,cpu 0 0
/dev/block/mtdblock4 /system yaffs2 ro 0 0
/dev/block/mtdblock6 /data yaffs2 rw,nosuid,nodev 0 0
/dev/block/mtdblock5 /cache yaffs2 rw,nosuid,nodev 0 0
tmpfs /app-cache tmpfs rw,size=8192k 0 0
/dev/block/mtdblock5 /data/dalvik-cache yaffs2 rw,nosuid,nodev 0 0
/dev/block/vold/179:1 /mnt/sdcard vfat rw,dirsync,nosuid,nodev,noexec,uid=1000,gid=1015,fmask=0702,dmask=0702,allow_utime=0020,codepage=cp437,iocharset=iso8859-1,shortname=mixed,utf8,errors=remount-ro 0 0
/dev/block/vold/179:1 /mnt/secure/asec vfat rw,dirsync,nosuid,nodev,noexec,uid=1000,gid=1015,fmask=0702,dmask=0702,allow_utime=0020,codepage=cp437,iocharset=iso8859-1,shortname=mixed,utf8,errors=remount-ro 0 0

Not seeing a /recovery partition - I thought that recovery was akin to a dual-boot - so - how do write to it?
 
ROM Manager can flash a recovery without rebooting the phone. That must be the way. Not sure how it happens. Does the mount command show you all available mount points or just what's currently mounted?

ROM Manager also has the ability to kick off a NANDroid or flash a ROM, but these trigger the phone to reboot. Still, once the phone boots, the recovery does its thing and then auto-reboots back into the OS. Pretty impressive.
 
You must log in or register to reply here.
Back
Top Bottom