Samsung Galaxy S9 "only official released binaries are allowed to be flashed(RECOVERY)"

Here is the exact issue I am having. I can’t event get TWRP on the phone. If you read the comments at the end of the article this is the exact issue I am having. Does anyone know of a fix? It seems that Samsung, Google, or Knox have released an update or patch that causes this and it won’t allow me access to the bootloader on this S9+ SM-G965F/DS.

Is there any possibility you still have any sort of lock, (even screen lock or PIN) or account, especially Google account, still exists within the phone?

In general you must remove all traces of ownership, especially by a third (or fourth) party before you Factory Reset.

Can you be sure you are doing exactly as required for “a Samsung first boot into TWRP”

A. Is there any possibility you still have any sort of lock, (even screen lock or PIN) or account, especially Google account, still exists within the phone?

A. I don’t believe this is possible. The phone was in a brand new sealed box when I received it. Before I opened the box I had the IMEI checked and it came back clean, the phone was a genuine new phone. When I first turned it on I did not create any PINs and I opted to NOT login to a Google account or Samsung account. So I am unsure what would be tripping KNOX to flag the RMM as “Prenormal”.

B. In general you must remove all traces of ownership, especially by a third (or fourth) party before you Factory Reset.

B. See answer in " 1." above. I never set up any PINs or passwords on this new phone (maybe this tripped Knox by not doing so?)

C. Can you be sure you are doing exactly as required for “a Samsung first boot into TWRP”

C. I can’t get this far along in the process because KNOX (RMM set to “Prenormal”) blocks TWRP from being flashed to the bootloader. The process begins (via ODIN, Command Prompt, and Easy Installer) but then fails at the very end. Because of this it is impossible for me to get to the Boot Recovery step.

Here is what It does when installing by Terminal (Linux):point_down:. I will post the line code from Odin and Easy Installer later.

Initialising connection…
Detecting device…
Claiming interface…
Setting up interface…

Initialising protocol…
Protocol initialisation successful.

Beginning session…

Some devices may take up to 2 minutes to respond.
Please be patient!

Session begun.

Downloading device’s PIT file…
PIT file download successful.

Uploading RECOVERY
100%
RECOVERY upload successful

Ending session…
ERROR: Failed to receive session end confirmation!
Releasing device interface…

*:point_up_2:The phone does NOT shut down between " RECOVERY upload successful" > “Ending session…” It just stays in download mode.

So that is the error!

Well documented, thank you :smiley:
but
Uploading RECOVERY
100%
RECOVERY upload successful

Please could you post an image of Download mode screen at this time?

It could still point to “timing” of the response to “TWRP installed” and boot into TWRP and not letting Samsung overwrite your new TWRP with the Samsung Recovery. Compare with "First TWRP link above. :slight_smile:

but
It just stays in download mode

How? Surely the [Vol - + Home + Power] eventually (12 seconds) stops Download mode to a black screen?

@egx470,
please don’t get me wrong, but from a distance, what I’m describing sounds a bit mysterious.

How many days and hours has the S9+ been blocked?

Normally, the blocked RMM status returns to normal within a certain time, e.g. within seven days (168 hours). After seven days (24 hours each) at the latest, the OEM unblocking option should be displayed again and the RMM status should be normal. So much for the theory. There are tricks to bypass this 7-day lock, but I recommend you wait and see first.

[???] Was your very first attempt to flash /e/OS with the /e/asy installer tool?

In any case, I would already try to flash the current stock Android 10 with security patch level 2021-03-01 with Odin v3.14.4. This will restore the device to its current factory state and fix any bugs. You should, of course, choose the right build for your region.

Thanks @SuzieQ.

1.I received the new phone on Wednesday March 24, 2021.

2.I am unsure how long the “RMM STATE : Prenormal” has been showing. I only began trying to figure out the problem after I couldn’t get TWRP to flash.

2a. Is “RMM STATE : Prenormal” the reason why "Only official released binaries are allowed to be flashed (recovery)” is showing on the phone after flashing via Heimdall?

  1. I can access the OEM Unlocking option in developer options and it is on when I flash with Heimdall. From what I can tell the bootloader is unlocked but Knox is blocking the flash.

  2. My first attempt to flash this S9+ was via Odin 14.4. Here is what it does👇

  1. My 3rd attempt was the Easy Installer.

Thanks for documenting well.

I must just persue this. Going into Download mode from Download mode makes no sense! :smile:

You’ve done the heimdall flash, got upload success, then end of session fail and red error message.
If you disregard the error message, disconnect USB, press [Vol- +Home +Power] for 12 seconds. Now attend to timing, the very instant the screen begins to go black, move your finger on the Volume button from [-] to [+], hold for another 12 seconds, what happens?

Another angle:
To see the FRP, what is the output of
adb shell getprop ro.frp.pst

@aibd “You’ve done the heimdall flash, got upload success, then end of session fail and red error message.
If you disregard the error message, disconnect USB, press [Vol- +Home +Power] for 12 seconds. Now attend to timing, the very instant the screen begins to go black, move your finger on the Volume button from [-] to [+], hold for another 12 seconds, what happens?”

-It boots to recovery.

1 Like

Thanks for making that clear.

Here are my results from
adb shell getprop ro.frp.pst
Q: /dev/block/platform/13540000.dwmmc0/by-name/PERSISTENT
pie: /dev/block/platform/13540000.dwmmc0/by-name/PERSISTENT
oreo: /dev/block/persistent
The first two are from a Samsung running /e/ nicely including easy flash from pie to Q yesterday.
The oreo result is from a google-in-place virgin Samsung.

Edit
This Samsung UK page makes me think that your phone may have shipped with a “Regional Lock”.

And from an eu reseller:
For correct operation, at the very first use, this handset should be activated with a network sim card issued from one of these countries. Activation requires turning the device on for the first time and completing set-up with the simcard installed, then completing at least 5 minutes of voice call(s) with that sim. This process will automatically remove the EU Regional Lock from the device and user is then able to use the device with any region compatible network simcard/s.

  1. Which Stock Android version did you get the S9+ with?

  2. Have you tried a stock Android downgrade?

  3. In the meantime, have you tried to flash the current stock Android 10 with security patch level 2021-03-01 with Odin v3.14.4?

  4. Try a lower version of TWRP 3.5.1_9-0, e.g. twrp-3.3.1-1-star2lte

@SuzieQ

  1. The phone came with Android 8 (Oreo) I believe. I allowed it to update OTA to 10 (Q) because I just successfully flashed a non-plus S9 with /e/ based on Android 10 with no issues (via ODIN). This regular S9 running /e/ (Q, Android 10) is my current cellular phone I use daily and it is great overall.

  2. Something is blocking my ability to flash back to Android 8 or 9 (I believe the RMM:Prenormal). Both fail and are blocked.

  3. Yes, flashing to the latest version of Android 10 with patch March 1 2021 works but… RMM is still Prenormal.

  4. I have tried the 4 previous versions (from current) of TWRP, all fail.

I now am almost certain the problem is Knox. I am at a loss.

@aibd

So now I should read up on removing a regional lock. Oh no.

Looks like you might be correct. I just flashed Q again and this is the default when I start the phone. I am flashing the same firmware based on CSC: G965FOXFFUB3 and PDA: G965FXXSFFUB3 that showed from my OTA update from Android 8 >9>10. Anyone know how to remove regional locks? Thank you so much for your help @aibd.

Hi, the info is in the Samsung link! Basicly, use the phone. Sim card and 5 minutes calls is mentioned.

They also suggest you can ring Samsung Support. That seems a good idea, since your actual issue is not documented. I guess this solution does not come up on the web much, as not so many are as brave as you to hack a brand new phone? Good luck. :smiley:

@aibd

I have my TMobile SIM it on a call right now trying the 5 min trick. I called Samsung earlier, zero help. They directed to a 3rd party local brick and mortar store and they couldn’t do anything we haven’t discussed here. I’ll report back. I am not a fan of Samsung, can’t wait for more support here in the US for non-Samsung phones.

UPDATE: I have now placed multiple 5+ minute calls with a TMobile SIM in the phone. RMM is still “prenormal”. I set the phone up over WiFi so I now will try a factory reset and set up with the SIM in the phone only over TMobile network data. Then I will make a few more 5+ minute calls and give sometime for propagation.

UPDATE: Activation on Tmobile’s network followed by multiple 5 minute calls does not work. I am back to believing this is something relating to Knox > RMM: Prenormal (maybe prenormal is because I am in US and not in the region the phone was made for. :frowning: ). It is looking like Samsung has figured out away to keep the bootloader open for official binaries >= Android 10 but block any bianary < Android 10 as well as custom bianary like eOS :angry:

@SuzieQ, " In any case, I would already try to flash the current stock Android 10 with security patch level 2021-03-01 with Odin v3.14.4. This will restore the device to its current factory state and fix any bugs. You should, of course, choose the right build for your region."

Thank you for your help. The issue is there is no USA region firmware for this “S9+ G965F international phone” (Exynos version not Qualcomm, Qualcomm bootloader can’t be unlocked).

@egx470, the fact that you use a Galaxy S9+ intended for the European market in the US had escaped me until now. Maybe I should clean my glasses better :|)

It says you should make calls for at least five minutes with a SIM card from the same market as the device. That means you are supposed to use your European S9+ (UK) to make calls for at least 5 minutes with a European SIM card. It should not matter whether you make the call yourself or are called. After that, the region lock should be unlocked and you can use your S9+ with your TMobile SIM card. [You have Dual-SIM? Then you have to make a five-minute call even with the second SIM card.]

@SuzieQ Thanks. Yes I have dual SIM. It seems impossible for me to do while here in the US, no?

@aibd here is another curious fact. I successfully flashed /e/ (Android Q) to a SM-G960 S9 about 3-4 weeks ago. It also was a brand new phone when flashed, never used in another region. I use it daily on Tmob. This leads me to believe that something in recent code sent out by Samsung/Knox (time between then and now) could be causing this RMM prenormal. This, or I did something to trip Knox, or this code is only in G965F and not G960. :man_shrugging:

I have another family member who I bought a S9+ for directly from /e/ (Android 8) and it is working very good here on TMob (other than a lack of VoLTE and VoWiFi).

[You have Dual-SIM? Then you have to make a five-minute call even with the second SIM card.]

@SuzieQ :point_up_2:do you mean just use my T-Mobile SIM here in both slots? My understanding is this would need to be done in the European region.

Your local Samsung Support would not help you because they would not be briefed how to work round the commercial arrangement they have with USA to only ship in locked phones.

Time for lateral thinking.

So the phone was sold in UK? Did the seller ship it to USA or a third party? Who handed over £££s in the UK?

@aibd I purchased 2 of these new S9+ G965F models from a private seller on eday from Florida, USA(2nd one will be here in the next few days). The estore was out of stock and because I successfully flashed a new S9 G960F not too long ago I didn’t think there would be any issues. I also bought the new S9 G960F on eBay from a different seller in Texas, USA. I have purchased these S9+s for family members to get them using /e/ ecosystem (OS, cloud, etc).