Question Is it possible to reach widevine 1? - Lenovo P11

Hello,
I received a P11 Pro 2021 with global rom and open boot loader, I was able to change to CN rom, update and close bootloader but I am not able to reach L1 in widevine.
Now I am in last rom with android 12, with bootloader locked and still widevine L3, is there any method to download or flash again the keys to reach L1?
It is a pity to have this hardware and have to watch streaming platforms in SD.
Is it posible to contact Xiaoxin to receive widevine keys again? some brands like Xiaomi have this option in the system.
Thanks for your support,

Mee too facing same problem. Mine used to have L1 but after an update downgraded to L3

As I can see, nobody has been able to upgrade from L3 to L1. I had hope on last update but with no luck.

Torettini said:
As I can see, nobody has been able to upgrade from L3 to L1. I had hope on last update but with no luck.
Click to expand...
Click to collapse
I read somewhere, that if you relock bootloader with anything else flashed on your device other than original manufacturer FW, you are pretty much risking hard brick ... so consider yourself lucky, that the only consequence of relocking bootloader is degraded Widevine security level...
If you feel that you must have L1 on your device, you can try to flash your device back to original manufacturer FW and then relock your bootloader again, theoretically you should have L1 security level back (I may be wrong, because I have not tested this personally)...

I have tried to lock and unlock in almost every possibility and I have almost bricked several times.
But, isn't suppossed to work out of the box with widevine L1 and stream in HD?

Not sure if you did factory reset after either reflash, but if you didn't, it's worth the try, of course at your own risk ...
And if you didn't already - read this thread, may be an inspiration for something untested on your side...
If you received original tablet (not secondhand, or tampered by the seller), I'm 99% sure that if you flash FW, which put manufacturer on it when it was produced, you will get L1 security level back.
If you have secondhand device or from AliExpress, or from China and seller flashed Google Play Store for you, etc., AFAIK then unless you'll find out what FW exactly was flashed on your tablet in the factory, you may not get L1 back...
But, I'm not expert at all, and I do hope somebody else will provide better solution for you...

Torettini said:
I have tried to lock and unlock in almost every possibility and I have almost bricked several times.
But, isn't suppossed to work out of the box with widevine L1 and stream in HD?
Click to expand...
Click to collapse
If you have root and magisk, you can try to install safetynet pass, shamiko and then try to spoof your device with some module from cyberelon on GitHub. I didn't try it yet on P11 Plus, but I am using instantnoodle module on my M10 FHD Plus and Netflix is running with L1.

Related

Widevine DRM, Level 1, and Root

As the title states, is there a way to get this going?
I picked up a OnePlus 6 which supports L1. Once I rooted the device it appears to have dropped to L3. Is there a way to keep root and have L3? The only instance I care about this for is YouTube TV. It's not so much the resolution but the frame rate. 60 FPS content isn't available unless you're at 720p minimum and L3 only gives you a maximum of 480p which is at 30 FPS. I tried searching couldn't find any topic of discussion.
Is my only way to get back to L1 to unroot and relock the bootloader?
Nosferatu. said:
Is my only way to get back to L1 to unroot and relock the bootloader?
Click to expand...
Click to collapse
Unfortunately yes. It has nothing to do with root, but Widevine L1 requires a locked bootloader on all android devices. More detailed information is available here. Seems like it would make more people more likely to pirate the content since they can't use the services they actually pay for like Netflix, Amazon, Google, etc; but I that's DRM for ya.
Yes and no. I've got a device which have L1 and unlocked bootloader to gain root. All fine.
@whyou how did you do it?
protheusDK said:
@whyou how did you do it?
Click to expand...
Click to collapse
Device motorola Z3 China version. Flashed to Verizon ROM. Then simply unlock and flash magisk-ed boot.img. Interesting that unlocking bootloader does not break Widevine L1.
I've lost my widevine L1 certification after Oneplus 7 Pro 11.0.1.1 update. PLEASE HELPPP

L1 DRM with unlocked bootloader

Currently I am on stock OOS with a locked bootloader and I heard that when you unlock the bootloader the DRM gets downgraded to L3.
Is this correct and does it go back to L1 if you relock the bootloader?
Also, is there a hack of some sort that allows the device to continue using L1 DRM with an unlocked bootloader?
L1 not working
I unlocked bootloader and then relocked it again but it is still showing L3 what should i do
Hey check this -> https://forums.oneplus.com/threads/closed-widevine-drm-on-op6.815683/page-2#post-18476836
You can try to flash magisk to pass the saftynet and hide netflix/amazon prime video to try HD content
edit:
My OnePlus 6 with unlocked bootloader and I have DRM lvl 3
Pundy said:
Hey check this -> https://forums.oneplus.com/threads/closed-widevine-drm-on-op6.815683/page-2#post-18476836
You can try to flash magisk to pass the saftynet and hide netflix/amazon prime video to try HD content
edit:
My OnePlus 6 with unlocked bootloader and I have DRM lvl 3
Click to expand...
Click to collapse
Ok so it is reversible
But there is no way to get L1 with an unlocked bootloader?
ThePiGuy said:
Ok so it is reversible
But there is no way to get L1 with an unlocked bootloader?
Click to expand...
Click to collapse
What I've seen by now, no it's not possible.
Pundy said:
What I've seen by now, no it's not possible.
Click to expand...
Click to collapse
Ah ok that's unfortunate
I'll probably stay with official OOS for the moment anyway, but thanks for the info
So, has anyone tried OOS 5.1.6 and the fastboot locked bootloader bug to backup and restore the DRM keys while locked or to use Magisk root while on 5.1.6 locked bootloader and see if L1 keys are retained?
driverdis said:
So, has anyone tried OOS 5.1.6 and the fastboot locked bootloader bug to backup and restore the DRM keys while locked or to use Magisk root while on 5.1.6 locked bootloader and see if L1 keys are retained?
Click to expand...
Click to collapse
There's another thread in this forum that poses that exact question. No one to date has succeeded and I'm not sure it's even possible using the 5.6 boot exploit because Widevine calls home every time it proxies protected content.
I suggested chipping in on a bounty that would go to whomever can find a way to get L1 on a OP6 with its' bootloader unlocked using a method that would be successful with ROMs based on OOS, LOS and AOSP. I figured a little financial incentive could provide some motivation, but nobody else seemed willing to contribute. ?
TuxRuffian said:
There's another thread in this forum that poses that exact question. No one to date has succeeded and I'm not sure it's even possible using the 5.6 boot exploit because Widevine calls home every time it proxies protected content.
I suggested chipping in on a bounty that would go to whomever can find a way to get L1 on a OP6 with its' bootloader unlocked using a method that would be successful with ROMs based on OOS, LOS and AOSP. I figured a little financial incentive could provide some motivation, but nobody else seemed willing to contribute.
Click to expand...
Click to collapse
Since I need L1 on an unlocked bootloader, I ended up getting a Moto Z3 Play despite it being slower since Widevine L1 stays regardless of bootloader state or Magisk being installed.

Widevine Security Level after unlocking bootloader/root

UPDATE 2020-11-12:
With the latest 11.0.3.4 update, Widevine stays at L1 even if you unlock the bootloader or root!
Hi all,
I have seen one comment that someone rooted the 8T and widevine becomes L3 instead of L1, unlike the 8/8 Pro.
Can anyone with rooted 8T or bootloader unlocked 8T comment below what is your widevine security level? You can use the app here to check: https://play.google.com/store/apps/details?id=com.androidfung.drminfo&hl=en
Please include your 8T model (e.g. KB2005), whether bootloader is unlocked and/or your phone is rooted. Thanks in advance!
8T model KB2005
Unlocked bootloader
Rooted
It has security level L3
Sent from my KB2005 using Tapatalk
Keinta15 said:
8T model KB2005
Unlocked bootloader
Rooted
It has security level L3
Sent from my KB2005 using Tapatalk
Click to expand...
Click to collapse
Ah this is bad... It doesn't retain L1
zellleonhart said:
Ah this is bad... It doesn't retain L1
Click to expand...
Click to collapse
Why is that bad?
freddienuxx said:
Why is that bad?
Click to expand...
Click to collapse
Phones with Widevine L3 cannot stream HD content from many DRM protected services such as Netflix. You can stream max 480p.
does locking/unlocking the bootloader have any effect on Widevine?
bad pixel said:
does locking/unlocking the bootloader have any effect on Widevine?
Click to expand...
Click to collapse
When I got my phone and set it up, I had updates from the play store. Netflix was one of those it updated.
I unlocked my bootloader and later on when I tried to use netflix, it promoted me I needed to update the app. When I said ok. It took me to the play store where it said Netflix isn't compatible with my device.
Installing an apk for netflix found on the web gets me netflix, but it still doesn't show in the play store. Plus maximum playback is SD only.
Unlocking the bootloader changed my L1 to L3.
KB2005
JWhetstone02 said:
When I got my phone and set it up, I had updates from the play store. Netflix was one of those it updated.
I unlocked my bootloader and later on when I tried to use netflix, it promoted me I needed to update the app. When I said ok. It took me to the play store where it said Netflix isn't compatible with my device.
Installing an apk for netflix found on the web fixes this, but it still doesn't show in the play store.
I am also rooted now. KB2005
Click to expand...
Click to collapse
Thanks for the reply!
Have you tried relocking your bootloader to see if you go back to L1?
JWhetstone02 said:
When I got my phone and set it up, I had updates from the play store. Netflix was one of those it updated.
I unlocked my bootloader and later on when I tried to use netflix, it promoted me I needed to update the app. When I said ok. It took me to the play store where it said Netflix isn't compatible with my device.
Installing an apk for netflix found on the web gets me netflix, but it still doesn't show in the play store. Plus maximum playback is SD only.
Unlocking the bootloader changed my L1 to L3.
KB2005
Click to expand...
Click to collapse
Enabling MagiskHide, then clearing cache and data for play store allows netflix to show up in the play store. However still has the SD issue in the netflix app.
Sent from my [device_name] using XDA-Developers Legacy app
bad pixel said:
does locking/unlocking the bootloader have any effect on Widevine?
Click to expand...
Click to collapse
bad pixel said:
Thanks for the reply!
Have you tried relocking your bootloader to see if you go back to L1?
Click to expand...
Click to collapse
I have not reid to relock yet.
ethantarheels123 said:
Enabling MagiskHide, then clearing cache and data for play store allows netflix to show up in the play store. However still has the SD issue in the netflix app.
Sent from my [device_name] using XDA-Developers Legacy app
Click to expand...
Click to collapse
I had this problem before being rooted, so never had magisk to do that. But will give that a try now.
Also. Just doing a quick Google search, there are a few things I've found out. The persist.img apparently holds the DRM keys. If this was changed or damaged it sets Widevine to L3.
I don't think by unlocking the bootloader or rooting that it touches the persist.img, so not sure if that has anything to do with it?
Also, by reading some xda threads and threads on the OnePlus forum, it seems like a system update can fix the issue and you still be unlocked\rooted. Seems to be the case for op8 and some older ones
JWhetstone02 said:
I had this problem before being rooted, so never had magisk to do that. But will give that a try now.
Also. Just doing a quick Google search, there are a few things I've found out. The persist.img apparently holds the DRM keys. If this was changed or damaged it sets Widevine to L3.
I don't think by unlocking the bootloader or rooting that it touches the persist.img, so not sure if that has anything to do with it?
Also, by reading some xda threads and threads on the OnePlus forum, it seems like a system update can fix the issue and you still be unlocked\rooted. Seems to be the case for op8 and some older ones
Click to expand...
Click to collapse
I don't think it has anything to do with persist.img (that one is more related to the fingerprint). On OP8, OnePlus released a fix and solve the issue, but for older phones like OP6, as long as you unlocked the bootloader, it's permanently Widevine L3 even if you relock it. This is what I am worried about.
zellleonhart said:
I don't think it has anything to do with persist.img (that one is more related to the fingerprint). On OP8, OnePlus released a fix and solve the issue, but for older phones like OP6, as long as you unlocked the bootloader, it's permanently Widevine L3 even if you relock it. This is what I am worried about.
Click to expand...
Click to collapse
Hopefully they release a fix then
Sent from my KB2005 using Tapatalk
Have you Guys Tried this apk?
https://forum.xda-developers.com/poco-f1/how-to/watch-netflix-hd-ultra-hd-poco-f1-t3840727/amp/
Once unlocked, you can't go back to L1. Qualcomm has a "feature" called QFuse, a microscopic fuse on the SOC. It blows if the device is unlocked. That breaks the chain of trust.
Is this something that will affect warranty? Like Knox on Samsung?
Hello! I did what you wanted me to do. I'm rooted with Magisk, Magisk Hide turned on for the DRM checker, and I'm on the latest 11.0.1.2.KB05BA (EU) Widevine is L3.
Can't open the picture
doppelhelix said:
Once unlocked, you can't go back to L1. Qualcomm has a "feature" called QFuse, a microscopic fuse on the SOC. It blows if the device is unlocked. That breaks the chain of trust.
Click to expand...
Click to collapse
Nah. Xiaomi and Pixel devices retain L1 on bootloader unlock, even though those devices use Qualcomm chipsets too. So it's definitely not that.
After unlocking the bootloader I was unable lo load Netflix.
Then I have relocked the bootload and Netflix works in full HD
Windewine after relocking
This is DRM info reports now after relocking the bootloader

Widevine L1 lost

Hi people,
I'd like to know if someone can help me:
I had VF European ROM on my Mi 10 Lite, so I decided to change the EEA ROM without Vodafone. I flashed it closing bootloader, so Google Pay and Netflix HD worked. I kept Widevine L1 without problems.
But last week I played Netflix and I checked HD was lost! I tested Widevine with DRM info app and I had L3??
I've tried to flash again European and Global ROMs, both closing bootloader, but Widevine L1 has dissapear! What can I do to recover it?
Any idea?? I haven't don't anything strange with the phone, so I don't understand what is happening.
Thanks for your attention.
PD: Phone is locked, Google Pay keep on working.

Getting Widevine L1 back while bootloader unlocked

There is some sort of weird magic where unlocking the bootloader instantly breaks Widevine but locking it again fixes it.
How does that even work? How is it possible that NOBODY has figured out how to fix Widevine with an unlocked bootloader? You can emulate anything in software, right? Surely the information must be retained on the device somewhere if relocking the bootloader brings it back?
Is there still no solution to this? (please provide a more detailed answer than "it's not possible")
There is no way to hide a unlocked bootloader and because of that, it's not possible to have widevine l1 with an unlocked bootloader.
matze19999 said:
There is no way to hide a unlocked bootloader and because of that, it's not possible to have widevine l1 with an unlocked bootloader.
Click to expand...
Click to collapse
What do you mean there's no way to hide it? I don't think OnePlus uses like hardware secure environment stuff, especially because the 7 Pro doesn't have hardware backed SafetyNet...
@LoganDark Only OnePlus can fix it, at first 8 series didn't had Widevine L1 while having unlocked bootloader, OnePlus patched it in 10.5.11 (8) & 10.5.13 (8Pro) specifically, so ya the answer is Only OnePlus fix/patch it & they should do it for 7 Series as well IMO!
aaryan45 said:
@LoganDark Only OnePlus can fix it, at first 8 series didn't had Widevine L1 while having unlocked bootloader, OnePlus patched it in 10.5.11 (8) & 10.5.13 (8Pro) specifically, so ya the answer is Only OnePlus fix/patch it & they should do it for 7 Series as well IMO!
Click to expand...
Click to collapse
I mean, OnePlus can do it but that doesn't necessarily mean that nobody else can, right? I'm curious to know where these claims came from, that it's completely impossible to fake a locked bootloader...
My best guess is that the unlocked state of the bootloader prevents it from sharing the widevine keys with Android (something like that), but it should be possible to extract those keys if they are stored in such a way that relocking the bootloader restores L1 functionality. That is, of course, only possible if they aren't locked away with TrustZone or similar.
I hope the 7 series continues to receive updates and attention because it's the only good phone on the market right now with no notch or screen cutout. Nothing else compares... But since OnePlus is already starting to leave it out of OxygenOS beta tests, I feel EOL is not too far away. :/
I doubt they will add any new features or fix any functionality like Widevine support... They will just backport code they write for newer devices, until the update window is over.
LoganDark said:
I mean, OnePlus can do it but that doesn't necessarily mean that nobody else can, right? I'm curious to know where these claims came from, that it's completely impossible to fake a locked bootloader...
My best guess is that the unlocked state of the bootloader prevents it from sharing the widevine keys with Android (something like that), but it should be possible to extract those keys if they are stored in such a way that relocking the bootloader restores L1 functionality. That is, of course, only possible if they aren't locked away with TrustZone or similar.
I hope the 7 series continues to receive updates and attention because it's the only good phone on the market right now with no notch or screen cutout. Nothing else compares... But since OnePlus is already starting to leave it out of OxygenOS beta tests, I feel EOL is not too far away. :/
I doubt they will add any new features or fix any functionality like Widevine support... They will just backport code they write for newer devices, until the update window is over.
Click to expand...
Click to collapse
I did some research on widevine L1 on unlocked bootloader and if I'm not wrong,
liboemcrypto.so is the file which needs to be patched!
aaryan45 said:
I did some research on widevine L1 on unlocked bootloader and if I'm not wrong,
liboemcrypto.so is the file which needs to be patched!
Click to expand...
Click to collapse
Yeah, that might be the case, but the hard part is figuring out what patch to apply.
Possible sure, but this isn't really something you can just spoof or emulate through software.
This is very complicated things, both of a software and hardware level. Really the only people who discovers exploits of this are responsible security researchers who disclose this to Qualcomm and Google. Which I don't blame them for, they get a pretty juicy bounty.
I guess you can hope OnePlus messes up like they did for OP8/Pro and accidentally(?) enable L1 for unlocked bootloaders, but I am pretty sure they just implemented TEE differently to actually do that.
If you're curious, here;
https://googleprojectzero.blogspot.com/2017/07/trust-issues-exploiting-trustzone-tees.html?m=1
https://research.checkpoint.com/2019/the-road-to-qualcomm-trustzone-apps-fuzzing/
Lossyx said:
Possible sure, but this isn't really something you can just spoof or emulate through software.
This is very complicated things, both of a software and hardware level. Really the only people who discovers exploits of this are responsible security researchers who disclose this to Qualcomm and Google. Which I don't blame them for, they get a pretty juicy bounty.
I guess you can hope OnePlus messes up like they did for OP8/Pro and accidentally(?) enable L1 for unlocked bootloaders, but I am pretty sure they just implemented TEE differently to actually do that.
If you're curious, here;
https://googleprojectzero.blogspot.com/2017/07/trust-issues-exploiting-trustzone-tees.html?m=1
https://research.checkpoint.com/2019/the-road-to-qualcomm-trustzone-apps-fuzzing/
Click to expand...
Click to collapse
So it is implemented with complicated hardware stuff?
Okay, well, the only way to get L1 back is to lock the bootloader again. I know that now. All L1 stuff is handled in hardware. I'm working on a solution for custom ROMs and rooted OOS though, stay tuned
LoganDark said:
Okay, well, the only way to get L1 back is to lock the bootloader again. I know that now. All L1 stuff is handled in hardware. I'm working on a solution for custom ROMs and rooted OOS though, stay tuned
Click to expand...
Click to collapse
That sounds interesting. Can I help you with that?
sToRm1nG said:
That sounds interesting. Any way I could help you with that?
Click to expand...
Click to collapse
Yes, you can definitely help - the main blocker for me is that this is my daily driver so I haven't done anything in months, but if you're willing to be my "guinea pig" for a while, that would be a huge help.
LoganDark said:
Yes, you can definitely help - the main blocker for me is that this is my daily driver so I haven't done anything in months, but if you're willing to be my "guinea pig" for a while, that would be a huge help.
Click to expand...
Click to collapse
I'll be switching from my OP7Pro to my new OP8Pro shortly. So I'll be able to test what ever you need.
Do you think this research will also be applicable to the OP8Pro?
sToRm1nG said:
I'll be switching from my OP7Pro to my new OP8Pro shortly. So I'll be able to test what ever you need.
Click to expand...
Click to collapse
Niiiice~ Contact me on Discord: LoganDark#4357
sToRm1nG said:
Do you think this research will also be applicable to the OP8Pro?
Click to expand...
Click to collapse
Honestly I'm not sure. I haven't even confirmed if L1 will come back on the OP7Pro. It's just a rumor, after all, and I think OnePlus spent literally all of their benevolence on the 7.
Edit: It looks like OP might have made it so that the OP8 still has L1 even with an unlocked bootloader. Major oof
LoganDark said:
Niiiice~ Contact me on Discord: LoganDark#4357
Honestly I'm not sure. I haven't even confirmed if L1 will come back on the OP7Pro. It's just a rumor, after all, and I think OnePlus spent literally all of their benevolence on the 7.
Edit: It looks like OP might have made it so that the OP8 still has L1 even with an unlocked bootloader. Major oof
Click to expand...
Click to collapse
Yeah there is still a chance to get L1 with an unlocked bootloader on the OP8Pro though I'm not part of the lucky ones.
I'll contact you ASAP.
This is big for me, I was just watching Prime and saw 1080p HD on the overlay.
I checked DRM info to find I am on L1.
I am rooted obviously with an unlocked bootloader.
7T 256gB
OP7T_O2_BETA_3.
Amazing.
Tagtag123 said:
This is big for me, I was just watching Prime and saw 1080p HD on the overlay.
I checked DRM info to find I am on L1.
I am rooted obviously with an unlocked bootloader.
7T 256gB
OP7T_O2_BETA_3.
Amazing.
Click to expand...
Click to collapse
Did you unlock boot loader freshly after you updated to beta 3 or u were unlocked before that?
antonyben006 said:
Did you unlock boot loader freshly after you updated to beta 3 or u were unlocked before that?
Click to expand...
Click to collapse
Was unlocked from day 1 of using the device. Installed OB3 and noticed prime play 1080p. Checked DRM Info to see I have got L1, checked Netflix(it still showed L3, so I cleared cache and then it showed L1).
I've seen people managed to have l1 certification with unlocked bootloader with the oos 11 ob 3 or newer than that even with custom rom. It seemed so simple that I've tried it myself
but then when I was in oos 11 with bootloader unlocked, the widevine was still l3.
I even went as far as installing fresh oos 10 with msm tool, unlock the bootloader and then immediately install twrp, flash oos 11 ob4/stable 11.0.0.0/stable 11.0.0.2 + dfe + magisk, turned on magisk hide but unfortunately it was still in l3, and whenever I locked the bootloader it always successfully went back to l1..
Can someone please tell me the step by step instruction to gain l1 on unlocked bootloader ?
I got the oneplus 7 pro 1910 chinese version 128/6
Griffiths_Anna said:
I've seen people managed to have l1 certification with unlocked bootloader with the oos 11 ob 3 or newer than that even with custom rom. It seemed so simple that I've tried it myself
but then when I was in oos 11 with bootloader unlocked, the widevine was still l3.
I even went as far as installing fresh oos 10 with msm tool, unlock the bootloader and then immediately install twrp, flash oos 11 ob4/stable 11.0.0.0/stable 11.0.0.2 + dfe + magisk, turned on magisk hide but unfortunately it was still in l3, and whenever I locked the bootloader it always successfully went back to l1..
Can someone please tell me the step by step instruction to gain l1 on unlocked bootloader ?
I got the oneplus 7 pro 1910 chinese version 128/6
Click to expand...
Click to collapse
Got L1 on OOS 11 rooted

Categories

Resources