刷文石boox poke5s

作者 : Iseri Nina
internet
發布日期:   2025-12-28

0. Entering 9008

先用Activity Launcher打开A11的com.android.settings,对Android原生的设置戳五下版本号打开开发者设定

然后进入fastboot确定一下当前的slot:

> fastboot getvar current-slot
current-slot: a
Finished. Total time: 0.001s

注:文石似乎在bootloader下了黑手 flash会no command。

所以只能用edl硬刷。。。

1.使用 bkerler/edl 在9008读取vbmeta.img与boot.img

执行前确定slot (别刷错了)

> adb reboot edl
> edl r vbmeta_a vbmeta.img
Qualcomm Sahara / Firehose Client V3.62 (c) B.Kerler 2018-2025.
main - Trying with no loader given ...
main - Waiting for the device
main - Device detected :)
sahara - Protocol version: 2, Version supported: 1
main - Mode detected: sahara
sahara - 
Version 0x2
------------------------
HWID:              0x001860e100000000 (MSM_ID:0x001860e1,OEM_ID:0x0000,MODEL_ID:0x0000)
CPU detected:      "qcs2290"
...
> edl r boot_a boot.img
Qualcomm Sahara / Firehose Client V3.62 (c) B.Kerler 2018-2025.
main - Trying with no loader given ...
main - Waiting for the device
main - Device detected :)
sahara - Protocol version: 2, Version supported: 1
main - Mode detected: sahara
sahara - 
Version 0x2
------------------------
HWID:              0x001860e100000000 (MSM_ID:0x001860e1,OEM_ID:0x0000,MODEL_ID:0x0000)
CPU detected:      "qcs2290"
...
> edl reset

于是得到了原始的vbmeta.img与boot.img

2.Magisk打补丁,vbmeta打补丁

下载vbmeta-disable-verification-rust对vbmeta.img打补丁

> ./vbmeta-disable-verification vbmeta.img 
Successfully disabled verification on the provided vbmeta image.

(如果不打补丁AVB2.0会马上爆炸——于是乎就只有Boox的Logo看了)

然后用Magisk对boot.img打上补丁。

3.重新刷回vbmeta与boot

> edl w vbmeta_a vbmeta-mod.img 
Qualcomm Sahara / Firehose Client V3.62 (c) B.Kerler 2018-2025.
main - Trying with no loader given ...
main - Waiting for the device
main - Device detected :)
sahara - Protocol version: 2, Version supported: 1
main - Mode detected: sahara
sahara - 
Version 0x2
------------------------
HWID:              0x001860e100000000 (MSM_ID:0x001860e1,OEM_ID:0x0000,MODEL_ID:0x0000)
CPU detected:      "qcs2290"
...
> edl w boot_a magisk_patched-30600_JQwv9.img 
Qualcomm Sahara / Firehose Client V3.62 (c) B.Kerler 2018-2025.
main - Trying with no loader given ...
main - Waiting for the device
main - Device detected :)
main - Mode detected: firehose
firehose
...
> edl reset

然后等待,一切正常就可以开机了(不过不开机你就需要买根9008线缆了)

且注:9008 线怎么用:当你在开机Logo卡住的时候按住按钮与开关插入电脑 并edl printgpt等待hard reset后正常联机print出来分区表即可。

文石的其他qualcomm系列请注意loader,如果加载错误会导致sahara变脏,需要重新进入9008。

再注: 文石的内核是4.19 不支援较新的KSU及SukiSU等方法。

注:文石似乎拿QCS2290造了一堆电子书:包括但不限于Leaf 2/Poke5/5s等,自测。

又:已提取Android DeviceTree 放置于Github,有想要的自取

文章連結: https://mtf.org.uk/2025/12/27/%E5%88%B7%E6%96%87%E7%9F%B3Boox%20Poke5s/
版權聲明: 本部落格所有文章除特別聲明外,均採用 CC BY 4.0 許可協議。轉載請註明來源 Iseri Nina !
internet
  目錄