[Technical] Bypassing Restrictions on Samsung xCover3 Lollipop 5.1.1. [Read Desc]

Hello XDA, I am a user of a Samsung xCover 3, which is considered a low activity device. With Samsung as they are and the new restrictions placed on the phone after updating to Lollipop 5.1.1, obtaining root or a custom recovery is a hard task, which I and @VolterPL Have yet to crack.

Since about page 2, I and VolterPL have been trying different attack vectors to gain root but to no avail, I have been doing a decent amount of research in try various methods, will describe the methods below, and am wondering if you guys have any suggestions or corrections to different attack vectors to gain root. Since this is a low activity device their is no experienced developers working on this device.
http://ift.tt/2bTJMWF

So Without further ado, lets try and figure out this problem

Device Specifications:

• Current Android Version: Android Lollipop 5.1.1
• Chipset: Marvell Armada PXA1908 (Note: Due to this being a rarely used chip, the CF-Auto root wont work)
• Custom Recovery Status: TWRP 3.0.2-0 (More on this later on)
• Root Status (This is why I am here): Android KitKat 4.4.4 - Root , Android Lollipop 5.1.1. - NO ROOT
• ARM 64-bit

Currently Attempted Attack Vectors to Gain Root and TWRP on 5.1.1.

- Generic Flashing TWRP Via Odin, and then Flashing SuperSU

Failed: When Flashing TWRP with Auto Reboot: Enabled. This fails and Displays an message saying that "Recovery is not Seandroid Enforcing. Then the recovery gets replaced with stock again, due to the "install-recovery.sh" script that is found in "/system/bin" which replaces the custom recovery to stock when it realize the SHA-1 sums are incorrect to what is has in the script

- Flashing TWRP Via Odin(Auto Reboot OFF), Flashing SuperSU, Removing the "install-recovery.sh" script and Flash TWRP Back again, http://ift.tt/2bTIA5Q

Failed: When Flashing TWRP with Auto Reboot: Disabled, so we could boot straight to TWRP. But when VolterPL tried, he failed, http://ift.tt/2bTI3Rc, it wont boot into any recovery. Also with the "Recovery is not Seandroid Enforcing" I realize Now (TODAY, 1/09/2016) that this will always show unless its signed by samsung.

- Compiling custom kernel with a flag disabled to allow switching between "Permissive" and "Enforcing" modes

Failed: I was planning to compile the kernel myself (Haven't yet compiled it yet due to internet limitations on my end), but VolterLP Compiled one himself. We where following, and changing instructions when need, this guide http://ift.tt/TjLtQU
The Flag we disbaled was this

Code:

---

EXTRA_CFLAGS += -DCONFIG_ALWAYS_ENFORCE=true

---

where we changed it from "true" to "false" to allow switching between selinux modes, this is a custom flag by samsung which disables the ability to switch between selinux modes unless you compile the kernel with that flag disabled, which we tried and failed.
Reasons why I believed this might work was due to this line

Code:

---

service set_permissive /sbin/toolbox setenforce 0
oneshot
seclabel u:r:recovery:s0

---

in the TWRP Source code, "init.rc" file which set the recovery to run in permissive mode. http://ift.tt/2bTIn2q

When trying to boot after flashing the compiled kernel, VolterLP was unable to boot his device correctly, http://ift.tt/2bTJuiI

- One Click Root Apps

Failed: I myself haven't tried this yet, but plenty of other users are reporting that theses types of rooting are not working on the lollipop version of the device.

- VolterPL try a modified TWRP, see his post here: http://ift.tt/1G2Y91E

Currently Unknown if it has worked or not as he has not replied back yet

If anyone is able to help, please responds back, I would really appreciate it. If there is any error or the like please tell me.

from xda-developers http://ift.tt/2cdFLuk
via IFTTT