This was as perfect as I could go. There is nothing wrong in this ROM.
I am, as usual, not responsible for anything YOU do to YOUR tab. Still, I will try to help to the best of my capabilities. Post a comment for issues/thanks.
/* I request EVERYONE to please do a thorough reading of the previous post dated 07/12/11. Though its procedure has been superseded by this build, but still it is VERY important to understand how the things work. And I'm not going to detail that much again. Spare time, and study. Its only 3300 words. */
If 3,500 people have opened up the original post in the previous one-and-a-half months, I think, to some extent, मेरी महनत रंग लायी।
//It will be good if you try to read this too. A bit more technical post, I agree, but will benefit. Still, if you don't want to, just do the procedure.
= As always, this is free. But still, it took me a considerable time. Twenty hours of work per day. So, if anyone feels like 'donating', he may top-up my cell number with whatever amount he feels like. Its a BSNL.
The person who tries to root and unlock anyone's tab with MY files, taking money for it, will face the wrath of hell. Of course, you can go and help your friends, but please remember, had it been something which could be sold, I would have done it in the first step.
I repeat again. Its MY work. Something I did for MY own tab. Just sharing this with everyone. This ROM is NOT for sale.
$ visit Arpan Deb's blog. Nice read. Funny at times. And there only, it all started.
Happy 63rd Republic Day to all Indians.
To all. Welcome!
Instructions: Section One in my previous post. Steps 1 to 16, only, verbatim. Except, use http://www.4shared.com/zip/nPK-vai1/Jugaad.html instead of the link mentioned in Step 1. Here is the guide, corrected:
1. Download the above file on your desktop and extract it.
2. Turn the tablet off.
3. Press and hold the VOL - button. Without releasing it, press and hold the POWER button also. Do not release any of them for ~15 seconds.
4. This will take you either to the FTM mode, in which big letters with white background will appear on the screen, or the ClockWorkMod recovery, if you had installed CM7. Both scenarios are O.K.
5. Connect the device to the computer with any nicely-working micro-USB cable.
6. Open Start menu, right-click on Computer, select Properties. Click on Device Manager (top left).
7. Expand the Ports (COM & LPT) section. You will see a ZTE Handset Diagnostic Interface (DFU) entry. Note down the COM port number that appears in front of it.
8. Open the folder you extracted the downloaded file to. Start Sales_MultiDL_MSM7227_patched.exe
9. Choose Option -> Port Config and configure the COM on Line 1 -- DIAG to the port number you noted down above. Click OK when finished.
10. If you followed the steps correctly, at 1., you will see your device's name in the SW box and a READY in green at the right. If not, repeat steps 2-9.
11. Choose "Backup NV" in 'Action Mode' and click "Start All". Wait. Now a file called Channel1.nvm will be created in that directory, ~70 KB. Make a copy of it somewhere else, e.g. your Documents folder. This is very important, even though it won't be used normally. Helps you restore accidentally-lost IMEI.
12. Switch action mode to "Download" and click on "SW Directory". Choose the "files" folder, which is inside our extracted to directory. Click OK.
13. Say 'Jai Mata Di' and click "Start All".
14. After 3-4 minutes it should have finished flashing. Disconnect the USB cable and remove the battery from your Tab.
15. Put the battery back after ~10 seconds and power up the device normally, i.e. using only the power button, as you usually do.
Be patient. It will take some time to boot. And here on, its a new set.
16. Complete the V9C First Run Wizard. This will assure you that the touchscreen is working.
You will have to add access point specific to your service provider using the android settings menu.
You will have to add access point specific to your service provider using the android settings menu.
Changes here, with respect to the Original ZTE Firmware:
1. Rooted.
2. Bootloader Unlocked, i.e. full root access.
3. Changed power-on (splash) image.
4. Changed boot animation (removed the irritating Reliance one).
5. Deleted many applications, which came pre-installed as system apps. They can be re-installed through the market.
6. Changed in-built Launcher with Zeam (lighter, faster).
7. Modified partition table. 275 MB of internal memory now.
Everything else remains same.
Side-effects:
over factory-shipped Reliance tablet: none.
over previous CM7 customized tablet: little slow. no CWM.
Read on for details:
I hope, that most of you have at least read (if not enacted), my previous post. It described some fundamentals, and the not-so-very-easy procedure to unlock the V9C (which is a famous device), and install the infamous CyanogenMod ROM, which is meant for its younger cousin, the V9.
Which, unfortunately, doesn't has a front camera. And an Atheros chipset for Bluetooth & Wi-Fi. And some different sensors. Because of the slightly different hardware, the V9 ROM we flashed was not able to support the Broadcom 4319 chipset, and the front VGA camera.
On android, installing drivers is not as simple as in Windows. An entirely fresh kernel is required. Which by no standards is an easy job. Moreover, we didn't knew what components does the V9C uses, since without a root on the stock ROM, nothing is visible.
Now, the ZTE V9 happens to be a widely sold and supported device, and there is a huge developer community for it. Even those people were unable to help since no one had the stock firmware for V9C. Had we got that, it would have been easier to extract/modify the kernel, root it, and tweak it so that it gets unlocked.
We have it now. And that's exactly what I did.
Facts:
1. ZTE never released the ROM for this device. I talked to them, and they said they won't. Only service centre guys were authorised to have it, but they won't give it to anyone.
2. NO method of unlocking, or NO person, whether working for money or otherwise, is authorized by ZTE. And NOTHING can get your warranty back if they get to know your tab has been unlocked/tweaked/modded/played with. Its clearly mentioned on the Warranty Card.
3. This tab CANNOT be bricked unless specifically intended to. And once it is actually bricked, it goes to a point where it does nothing. No, not even the startup LED. And then the service center promptly attend to it and replace the PCB (mainboard), which makes it exactly like it was. With stock firmware and everything. And that too, for free.
I know this because I myself got this done. But do not attempt till actually required.
Now, the chain of events in January, 2012.
I happened to find a method to extract the system partition out of the tablet. But, since I was running CM7 at that time, I had no way out.
Desperate, I flashed ZTE Blade II firmware on the tab. As expected, bricked. And replaced. Was back on the stock firmware, again. And locked.
Took out the files. I was able to see every single driver and configurations the tab used. Tried coupling them with lots of kernels/boot images. None worked.
The conclusion:
system and boot cannot work independently. There are some parts of the boot.img, which explicitly control how the tablet starts up. So, even though all the files are correct, but since there is no one who knows that they must be loaded, it doesn't start.
Missing my BSNLnet, and root access, I flashed back to CM7, but sitting on top of the /system files. Somehow, they inspired me.
The only guy, who happened to have to have the ROM, won't give it to anyone, since he had made a business out of it. Taking money from people who needed their wi-fi back, just to flash it on the tab. Never handed over the files. Ethically not correct, because even he was not authorized to have it. And we all had as much right as he did.
*चोर के घर में डकैती पड़ी।*
I thank the guy named Jimmy Sidhu with all my heart. HE did it. Took the ROM from the chor and uploaded. Dude, you will be blessed by many.
And then, I was back on work.
When I downloaded the Stock firmware, I was relaxed, since I can now switch at will to tweak things. A simple look into the firmware files had told me that:
1. The lock is in the Stock System Files. As some libraries, supported by something in the NAND chip. Something actually has been hard-coded. I suspected it to be the firmware, since when we earlier flashed it with the V9 set of files, the firmware had also got overwritten. That is why, maybe, other SIMs started working.
2. This cannot be rooted easily. No exploit will work, since the bootloader is locked. i.e. the boot partition has something in it which prevents changes being made to it.
3. Once someone flashes with the Stock, he will obviously have wifi etc. back, but he again will be stuck with the RGSM payload and less internal memory.
Anyhow, I flashed my tab with the Original Firmware shared by jimmy. To my extreme surprise, it was still unlocked.
How did this happen?
As it turned out, yes, there were libraries blocking the SIM slot to a specific operator. But then again, it must be dependent on something.
Its in the V9 Windows Flasher mechanism which we use. Anyone who has watched it work will understand now:
a. It backs up the NVRAM. More commonly called the NV Items, these attributes store the IMEI, MAC addresses, etc. This is later restored to the handset.
b. It deletes EVERYTHING. Absolute zeroing out. This is done by flashing the low-level firmware onto the set. (armprgZTE.bin).
c. It starts loading the files, one by one. NAND is partitioned (partition_zte.mbn). Baseband loaded (amss.mbn). system.img. boot.img. recovery.img. etc.
d. It restores the NV items back.
I thought it was in either the baseband or firmware which locks it. But, actually it was in the NV.
But how does this happens, because flasher restores the items in the end?
*The ZTE windows flasher backs up and restores only those NV items which it is aware of. It somehow, leaves the operator lock aside. When the board is flashed, everything gets deleted, including the lock. Then, when others are written, lock is omitted, since it was never copied.*
This means, that whatever ROM one flashes using that software for the first time, will unlock his tablet forever. Even if it is the original Reliance firmware.
Next, I wanted to root it. Obviously. For the usual benefits. Powerful software, removing irritating operator customizations, and stuff. But more than all this, the internal memory.
As said, no exploit would work.
That left only one option, which I did, and got through many things in the process:
1. I modified the system image. Opened it up, copied root binaries.
2. Deleted orkut/facebook/blah blah etc.
I did this because I wanted to make the system partition as compact as possible. All these apps can be installed later on, easily, on the user data space, if that's sufficiently large enough.
3. Changed the Reliance boot animation. (I HATED IT!!!). The new one seems nice to me, and is good for a change.
4. Changed the default, buggy, space-hogging launcher with a minimalistic, blazing fast one, for starters.
5. Reduced the size of the system partition image to ~130MB from ~195MB. Re-packed it.
6. Modified the boot image to make it insecure. In other words, unlocked the bootloader.
7. Modified the splash image. You'll get to know what it is.
8. Removed a few ringtones, apart from the pre-installed XT9 keyboard input method, since these were taking up a lot of space. Had to do it.
9. Modified the partition table. This was, by far, the most complicated and difficult part. The new ones stand as follows (I'm specifying only the important ones):
RECOVERY : 6 MB
BOOT : 4 MB
CACHE : 32 MB
SYSTEM : 136 MB
DATA : 273 MB
Data is the internal memory, on which application and their temporary files/caches are stored. Many people have said that the Reliance Tab's memory is insufficient. This was just an oversight in partitioning by the original programmers.
Those who used the CM7 guide in between must have realized that having ample userdata space actually takes away the daily disprin one might need otherwise. And I didn't want them to feel cramped again. Hence the repartitioning, and deletion of pre-installed system apps.
PLEASE DON'T CRIB ABOUT IT. Every single application which I deleted from the stock, was either useless, or can be installed again. It actually improves stability if apps do not work out from the system area. Still, if someone still uses Orkut, please re-install it from the market. Nothing is lost.
***ALL SYSTEM CORE FILES, FIRMWARES, CONFIGS, FRAMEWORKS, ESSENTIAL APPS, ARE STILL THERE***. This is just to make you believe that you are still using the Original Software.
The previous guide made use of the CyanogenMod ROMs and kallt_kaffe's (swedroid.se) custom partitioning table.
This one, has everything edited by me and myself. The only contribution I had was the stock ZTE V9C Reliance firmware. If anyone is to curse or bless, it will fall on me solely.
By slow, I mean comparing to a CM7-installed tab. NOT THE STOCK. This ROM, which I made, will for sure be faster than the original one, since it is rooted. But slower than the Cyanogen. Due to overclocking not being there.
I have not touched the kernel, or the recovery image. This will restore FTM mode to the tablet. CWM won't be available for the time being, till a proper working version is available.
Please respect the power of #. It can do anything to a perfectly OK-working installation. So, think before you type 'su'.
My work is not finished yet. This was the first release. Next, I have to overclock the kernel. Maybe port it to CyanogenMod. Compile a custom recovery. ICS. And what not...
Signing off.
Take Care.
