Thursday, July 5, 2012

Sprint SGS3 CM9 Status & Development Plan

Follow us on Google+ or Facebook for the latest development news!  Join us in IRC Chat on Freenode channel #gs3-sprint.

Current Status Updated: 7/8/2012
  • 7/8/2012: kexec for SGS3 LTE variants and a proof-of-concept kexec-based method to bypass Verizon's boot loader lock and allow modified kernels is on this page.  Awesome work, mkasick!
  • 7/5/2012: CWM Install and Root .zip are both demonstrated in QBKing77's video here.
  • 7/3/2012: Root from Recovery .zip version 5 has been released.  v5 cleans all previous root methods that conflict with the cleanest root method provided in this tool.  If you already have working root with version 4, you do not need to upgrade.
  • 6/30/2012: Sprint SGS3 received the LF9 OTA update from Sprint today.  If you used our previous root method, applying this OTA update works.  After applying the update, you need to flash the latest version of our Root .zip in order to retain custom recovery and root status.  You may also want to upgrade to CWM for SGS3 LTE variants version 4 as it contains an important fix for backups.
    • Reportedly LF9 fixes the Google Wallet not Certified issue.
    • If you deleted things from stock Samsung ROM, OTA will fail.  You need to restore the stock system image and stock kernel in order for OTA to succeed. 
  • 6/29/2012: Sprint SGS3 Stock Restore allows you to restore your rooted stock ROM to a "Normal" unmodified state. 
  • 6/29/2012: bbelos and warren updated the Temporary-CM9-on-EMMC plan written below.  kexec is getting closer to working.  As soon as kexec is working, we'll be able to implement this plan to make CM9 development and testing safer and faster.
  • 6/28/2012: noobnl fixed a few problems in the SGS3 CDMA RIL (provisioning, hang up, crashes).  There still remain other major issues (source-built audio, signal strength, mms) that need to be fixed before CM9 is ready for public testing.
  • 6/27/2012: CWM recovery for all SGS3 variants has been updated to v2 (6/29/2012 now v3).  It can now access/write to external sdcards during CWM recovery and enables key repeat..
  • 6/24/2012: Unroot from Recovery removes root from SGS3.
  • 6/23/2012: Root from Recovery allows you to root Samsung's stock ROM by flashing a .zip in CWM.  Tested on SGS3.
  • 6/23/2012: noobnl fixed 3G.  Audio built from source is still busted.  bbelos is beginning work on kexec this weekend.
  • 6/22/2012: noobnl's CWM recovery for all SGS LTE variants is here.
  • 6/21/2012: The 16GB version of the phones arrived for noobnl and bbelos while the 32GB's were delayed to maybe next week.  Apparently the kernel source provided by Samsung is broken.  They continue work on it.
  • 6/20/2012: CM9 reportedly is booting on the GSM variant of SGS3 LTE.  Currently audio is completely busted and there are numerous other problems.  Our Sprint variant may have additional challenges for CDMA support.  We will learn more soon... when we actually have the phones!
ETA: Sometime before entropy death of the Universe.  (No promises.  Don't ask.)

Team Epic's Rough Plan
  • Implement CWM and TWRP recovery for Sprint SGS3.
  • Figure out differences between Sprint and GSM variants and merge changes into CM9.
  • If we can, help fix the common SGS3 LTE features like audio.
  • Implement kexec for the SGS3 LTE kernel.  Kexec makes testing new kernels safer and faster, thus hastening all future development.  It also enables the following development tools and utilities.
Temporary CM9-on-EMMC
  • In the early days of CM9 development, this will allow users to use Samsung's ROM for a known good stable phone.  They can reboot into CM9 and back into Samsung ROM in order to easily compare ROM behavior.  This aids in CM9 development and testing.
  • CM9-on-EMMC uses loopback mounts to boot an alternate Android operating system from an alternate kernel booted via kexec.
    • /data/media/multiboot/CM9/system.ext4.img -> /system
    • /data/media/multiboot/CM9/data.ext4.img -> /data
    • /data/media/multiboot/CM9/cache.ext4.img -> /cache
  • The drawback of this approach is you are unable to mount the underlying storage as USB Mass Storage.  For this reason, loopback mounted Android ROM's are best for for only temporary testing purposes.
  • Actual implementation is more complicated due to "internal sdcard" not having its own storage, but it actually lives in /data/media as part of the ext4 /data filesystem.  Thus bbelos and warren came up with this plan.
    • During temp ROM boot, mount the block device that is normally data as /internalmmc.
    • Then loopback mount /internalmmc/media/multiboot/CM9/data.ext4.img as /data
    • mkdir /data/media; chown/chmod
    • mount --bind /internalmmc/media/ /data/media
      • This makes "internal sdcard" accessible to the temp ROM.
  • We plan on implementing a fakeflash emmc CWM recovery as a convenience utility.  It is the same thing as standard CWM, except mount points are changed to the above loopback devices.  Rather than explain it further, it can be used in this way.
    • Boot CWM.  Flash
    • Title and colors are different, to remind you this is a different CWM.  Formatting, mounting filesystems, or flashing any .zip here manipulates the loopback devices instead of the phone's standard partitions.
    • Use this fake recovery in order to flash new CM9 .zip test builds or to manually manipulate the CM9 filesystem if you are unable to boot.
  • Fake CWM Details
    • Override the update-binary used to flash the .zip.  Instead of flashing the kernel to the phone, it rewrites /data/media/multiboot/CM9/zImage.  update-binary would need to unpack zImage from the boot.img, and strip out the initramfs.  Temp ROM kernels use a replacement initramfs.cpio.gz loaded by kexec.
    • Remove Nandroid Backup/Restore.  Why?
      • CM9 really doesn't need it much at all.
      • Users can more intuitively make copies of multiboot/CM9/*.img if they want backups.
      • Backups made by fakeflash CWM would be visible to real CWM, and the user can screw up their phone if they restore it by accident.
    • The override update-binary must also delete the ROM Manager apk.  Why?
      • Reboot into CWM to flash a .zip would work, but would seriously mess up the phone!
      • For this reason the user MUST manually CWM then fakeflash CWM if they want to manipulate CM9.
  • Installer Plan 
    • It creates /data/media/multiboot/CM9/*.ext4.img /data/media/multiboot/CM9/ kexec launcher, and a CWM fakeflash .zip described above.
    • /data/media/multiboot/CM9/*.ext4.img are empty, ext4 formatted images.  You use the CWM fakeflash to install CM9 from a standard CM9 .zip.  This way the is tiny, and we don't have to update it.
    Temporary SamsungROM-on-EMMC
    • After CM9 becomes usable as a daily driver ROM, we can reverse it and make it possible to temporarily boot Samsung's ROM from loopback images stored on EMMC.  Like the Epic and E4GT, this approach remains useful for a few purposes.
      • Update PRL/Profile on CM9 phone without flashing back to stock.
      • Sprint Activation
      • Dial Codes, Diagnostic Mode
      • Possibly needed to recalibrate sensors (like Epic) or fix GPS (like E4GT)
      • Boot SamsungROM to compare behavior with CM9, aid in CM9 development.


    1. Exciting to see CM9 for Sprint SG3 already on its way. My SG3 is reportedly (by UPS) on the truck for delivery today.

    2. This excites me so much! Also root from recovery v5 works on rooted roms as well, which is awesome because I randomly lost root on one of my roms.

    3. So when is CyanogenMod for sgh i747 (galaxy s3 North America version) Coming?
      thanks ahead of time :)

    4. CyanogenMod 9 for SGSIII sph-L710: running fine after 24 hrs (via Dual-boot + red Fake_CWM.)