Project

General

Profile

Actions

Issue #2024

open

Issue #2025: Enable to recreate the EFS partition completely from scratch

Find offset and encoding of IMEI in the EFS for libsamsung-ipc

Added by Denis 'GNUtoo' Carikli over 4 years ago. Updated over 3 years ago.

Status:
New
Priority:
Normal
Assignee:
-
Category:
Telephony and mobile data
Target version:
Start date:
04/21/2020
Due date:
% Done:

0%

Estimated time:
Resolution:
Device:
Galaxy Nexus (GT-I9250), Galaxy Nexus (I9250), Galaxy Note (GT-N7000), Galaxy Note (N7000), Galaxy Note 2 (GT-N7100), Galaxy Note 2 (N7100), Galaxy Note 8.0 (N51xx), Galaxy S (I9000), Galaxy S 2 (I9100), Galaxy S 3 (I9300), Galaxy Tab 2 10.1 (P51xx), Galaxy Tab 2 7.0 (P31xx), Nexus S (I902x)
Grant:
Type of work:
C programming, Wiki editions
Actions #1

Updated by Denis 'GNUtoo' Carikli over 4 years ago

Libsamsung-ipc already has a tool to compute the checksum of the EFS nv_data.bin files, so we can change their content.

The idea would be to write a tool to restore the EFS.

As the EFS is usually printed under the battery, users would lookup the EFS there and would give that to the tool.

Some XDA threads have probably the information for various devices.

It would be interesting to have information for any of the devices that are or could be supported by libsamsung-ipc, so if anyone has links to that it would be nice to post it here.

Actions #2

Updated by Denis 'GNUtoo' Carikli over 4 years ago

  • Parent task set to #1869

This would be useful to be able to reconstruct EFS from scratch.

Actions #3

Updated by Denis 'GNUtoo' Carikli over 4 years ago

  • Parent task changed from #1869 to #2025
Actions #4

Updated by Denis 'GNUtoo' Carikli over 4 years ago

  • Device Galaxy Nexus (I9250), Galaxy Note (N7000), Galaxy Note 2 (N7100), Galaxy Note 8.0 (N51xx), Galaxy S (I9000), Galaxy S 2 (I9100), Galaxy S 3 (I9300), Galaxy Tab 2 10.1 (P51xx), Galaxy Tab 2 7.0 (P31xx) added
Actions #5

Updated by Denis 'GNUtoo' Carikli over 4 years ago

We now have a tool from Paulk for the XMM616:

However the only device with an XMM616 I have is the Galaxy S, and it's EFS is completely gone. Because of that I wasn't able to manage to verify that the original tool or my modifications are supposed to work.

Also once the nv_data.bin has been rebuilt from LineageOS, I still wasn't able to change the IMEI:
  • Some fields weren't set, I could clearly see things like 'REV__' and 'Not Active'
  • The IMEI is 004999010640000 which is the default IMEI
  • The IMEI field was reset to 0xFFFFFFFF in the first RFS messages right after restarting the Replicant RIL
  • After changing the IMEI, I also tried changing 'Not Active' and many other fields, adjusted the checksum, and here again the IMEI fields was overwritten with 0xFFFFFFFF.
  • I tried setting the IMEI to 004999010640000 with the tool, and here again the field was changed to 0xFFFFFFFF again, probably even after trying to change some fields like 'Not Active' too.

edit1: add more background.

Actions #6

Updated by Denis 'GNUtoo' Carikli almost 4 years ago

  • Device Galaxy Nexus (GT-I9250) added
Actions #7

Updated by Denis 'GNUtoo' Carikli almost 4 years ago

  • Device Galaxy Note (GT-N7000) added
Actions #8

Updated by Denis 'GNUtoo' Carikli almost 4 years ago

  • Device Galaxy Note 2 (GT-N7100) added
Actions #9

Updated by _I3^ RELATIVISM over 3 years ago

  • Type of work C programming, Wiki editions added
Actions

Also available in: Atom PDF