I have recently received a Jolla C2 and, like many other people here, was also unable to set it up (almost nothing worked on first boot and the phone did not unlock after rebooting). I was initially planning to send it back, but then decided to check if the phone provides some sort of flashing method. It turns out that the Unisoc flashing mode can be entered by holding the Volume Up button while turning on the phone.
This makes it possible to dump partitions and even restore bricked/failed devices, although the latter is quite complicated if no factory images are available. I can try to provide some more detailed instructions if anyone is interested, but please be aware that this is very likely to void your warranty and that it is very easy to do something wrong in this process.
Wow, Very interesting! Even if it will void warranty - it would be very good to know the way, the device is flashed and restored. If you can provide more detailed information - it would be very appreciated by the community!
My process involved extracting the recovery image from a partial dump, modifying and flashing it to boot_a to obtain a root shell. However, this is probably more complicated than necessary. Looking at the boot scripts in the initramfs, it seems that on every boot, the first 2MB of the super are checked, and if they are not all zeros, the entire partition is copied to the userdata partition, after which the first 2MB are zeroed out. Since these 2MB mostly consist of LVM and filesystem headers that do not change significantly, it is probably not that hard to restore the userdata partition to its initial state.
Here are the general steps for flashing/dumping the phone (when the spd_dump command says “waiting for connection”, hold the Power and Volume Up keys of the phone):
Download the ums9230_universal_unlock.zip archive from here and extract it into the spreadtrum_flash directory (required files are custom_exec_no_verify_65015f08.bin, fdl1-dl.bin and fdl2-dl.bin)
FDL2 is usually identical to the device bootloader. Run the following command to read out the bootloader, since it is more reliable than the generic FDL2:
Wait until the phone boots and see if it shows the setup screen again. If it doesn’t, you will have to wait for someone to provide an original super image.
I’d be very interested to learn how you did that. I would love to try that out when the phone was locked. I have tried a series of well known combinations to bring the phone into “flashing” mode. No luck here.- And no time at the moment.
Yet, you write :
How ? Can you post a video / photos ? Did you receive a phone with version 5.0.0.21 already ? Why did this not work for me ?
The flashing mode is a USB-only thing. You might notice that the phone takes a bit longer to turn on if you hold the Volume Up button. This is because it’s actually waiting for a flashing tool to connect to it. At this point, no display drivers have been loaded yet, so there is nothing to see.
I was one of the unlucky from the first batch of users who received the C2 in a borked state with empty battery. I sent the device back to Jolla back in November from the UK to arrive to Finland in December. They never received the device for whatever reason and came back just a week ago.
My amount of frustration at that point was… lets say I probably didn’t sound friendly in my reply to Jolla in my Zendsek ticket. I waited for 2 months for nothing.
Apparently, I can’t flash with Flashboot as there is no Flashboot in the factory firmware. I only had to build the repo above copy the files needed and run the commands exactly as you post them as root and boom, I was greeted with the setup screen and this time everything went smoothly. The only tricky thing is that you don’t get any feedback from the phone when booting with the volume up key pressed so it took some time to troubleshoot why the tool above was not working (lsusb was showing nothing until I changed the usb cable).
Sorry to hear! We have one guy at UK who probably could help you out or at least UK internal mailing should be simpler. Could you send me a private message? Thanks and sorry about your troubles.
@rainemak I assume @explit reply was targeting @Allstar12345 message as I managed to get the device working with the above exploit by erasing the user partition. I mentioned that to my Zendesk ticket too.
Really sorry for doing that a bit late. Dealing with early parenthood at the moment and replying to online matters is a bit lower in my priorities compared to anything else including finding time to sleep.
I still haven’t sent mine back to Jolla haha