Related
I don't fully understand the process of unlocking a bootloader on a phone, but what makes a Samsung phone so difficult to unlock? For instance could we unlock this phone using the same method as went use on other phone with a Snapdragon 835 processor?
State.of.mind said:
I don't fully understand the process of unlocking a bootloader on a phone, but what makes a Samsung phone so difficult to unlock? For instance could we unlock this phone using the same method as went use on other phone with a Snapdragon 835 processor?
Click to expand...
Click to collapse
It's not difficult to unlock, it's impossible to unlock. The team of guys who achieved root access on an SD835 S8 used a root exploit to get root on the phone, the bootloader is still locked and they won't be able to flash anything that isn't signed by Samsung.
As for your second question, ABSOLUTELY NOT.
Each OEM has a different way of unlocking their devices bootloaders.
Sony and HTC email you an unlock code after you submit your IMEI for bootloader unlocking, only with that code you can unlock your device.
Samsung phones (on applicable devices like Exynos ones), simply have a switch in developer options for OEM Unlock, just like Google's Pixel and Nexus devices, once that option is enabled, consider the bootloader 'unlocked', and you should be able to flash whatever you want, regardless of whether it's signed by Samsung or developed by some guy in his moms basement.
TL;DR:
No.
murtaza02 said:
It's not difficult to unlock, it's impossible to unlock. The team of guys who achieved root access on an SD835 S8 used a root exploit to get root on the phone, the bootloader is still locked and they won't be able to flash anything that isn't signed by Samsung.
As for your second question, ABSOLUTELY NOT.
Each OEM has a different way of unlocking their devices bootloaders.
Sony and HTC email you an unlock code after you submit your IMEI for bootloader unlocking, only with that code you can unlock your device.
Samsung phones (on applicable devices like Exynos ones), simply have a switch in developer options for OEM Unlock, just like Google's Pixel and Nexus devices, once that option is enabled, consider the bootloader 'unlocked', and you should be able to flash whatever you want, regardless of whether it's signed by Samsung or developed by some guy in his moms basement.
TL;DR:
No.
Click to expand...
Click to collapse
If you're using a phone with an unlocked boot loader could you in theory switch between operating systems? For instance could I flash a rom to run Lollipop on one slot and on another slot run Nougat?
State.of.mind said:
If you're using a phone with an unlocked boot loader could you in theory switch between operating systems? For instance could I flash a rom to run Lollipop on one slot and on another slot run Nougat?
Click to expand...
Click to collapse
Most phones don't have 'slots'. It's not a common thing yet.
The Google Pixel and Moto Z2 are the only ones that come to mind that have A/B partitions for seamless OS updates and in theory (on a Pixel), one should be able to flash Nougat on Slot A and Android O on Slot B, however I wouldn't recommend it at all, I always like having the same sh*t on both slots.
Also, Lollipop and Nougat are too far apart and there is no device in existence that has its OEM ROM based on LP and N. So no you wouldn't be able to.
Introduction
This is the bootloader unlock from ZTE. It was provided to me in private email by a ZTE engineer.
Warning
This package is for the USA version of the Axon 7 Mini (tulip) running 7.1.1 b14 firmware. If you are running any other device or firmware version, it may not work.
Note
After some testing, it appears that the Axon 7 Mini is not locked in any way. In other words, apparently neither this package nor tuliptool's unlock are required to flash custom ROMs. The only apparent advantage to flashing this is to get access to fastboot, which provides a way to flash a custom boot and recovery (among other things).
Flashing Instructions
Place axon_mini_unlock.zip on the root of your sdcard.
Reboot into recovery.
Select "Apply update from SD card".
Select axon_mini_unlock.zip.
Usage Instructions
After the package is flashed, you may boot into the bootloader:
adb reboot bootloader
Once in the bootloader, you will see an on-screen menu. Additionally, you may access the typical fastboot commands:
fastboot oem device-info
fastboot oem unlock
fastboot flash ...
... etc ...
Download
axon_mini_unlock.zip
md5: ea8f1a21c8a46b3045d00f17a37fe359
So, after this is done, I can flash TWRP through fastboot and tuliptool is no longer necessary, correct?
Yes, that is correct.
JoeGatto said:
So, after this is done, I can flash TWRP through fastboot and tuliptool is no longer necessary, correct?
Click to expand...
Click to collapse
This package is for the USA version of the Axon 7 Mini (tulip) running 7.1.1 b14 firmware. If you are running any other device or firmware version, it may not work.
Click to expand...
Click to collapse
Is this something your contact mentioned or something that you believe based on your experience?
Any harm in trying it on verdandi/other versions without any risk of bricking?
After some testing, it appears that the Axon 7 Mini is not locked in any way. In other words, apparently neither this package nor tuliptool are required to flash custom ROMs. The only apparent advantage to flashing this is to get access to fastboot.
Click to expand...
Click to collapse
Any way to confirm this is also the case with other versions as well?
Thanks TDM.... you're going to have a lot of Canadians asking about verdandi as it is quite cheap here at the moment. Better get those questions out of the way early. The source is released, same kernel version as the U.S. one with some small differences with drivers (from what I can see) and I am sure that if people know that custom roms are possible on that version (not bootloader locked forever) it would be appreciated.
trpn111 said:
Is this something your contact mentioned or something that you believe based on your experience?
Any harm in trying it on verdandi/other versions without any risk of bricking?
Any way to confirm this is also the case with other versions as well?
Thanks TDM.... you're going to have a lot of Canadians asking about verdandi as it is quite cheap here at the moment. Better get those questions out of the way early. The source is released, same kernel version as the U.S. one with some small differences with drivers (from what I can see) and I am sure that if people know that custom roms are possible on that version (not bootloader locked forever) it would be appreciated.
Click to expand...
Click to collapse
Yeah...verdandi is stuck on Marshmellow. But since it has different hardware it could brick if this is tried.
The ZTE engineer is USA based, he is not on the China development team (read: probably a support engineer). He said: "I attached the unlock update zip package, please try it. It is based on B14 build."
Sorry, that's all I have to go by for "official" information.
I do not want to be responsible for anyone bricking their device, so I cannot claim that this bootloader will work with anything other than a tulip device running 7.1.1 b14.
If you want to try and report back, I'm sure others will appreciate it. But I can't be responsible for the results.
trpn111 said:
Is this something your contact mentioned or something that you believe based on your experience?
Any harm in trying it on verdandi/other versions without any risk of bricking?
Any way to confirm this is also the case with other versions as well?
Thanks TDM.... you're going to have a lot of Canadians asking about verdandi as it is quite cheap here at the moment. Better get those questions out of the way early. The source is released, same kernel version as the U.S. one with some small differences with drivers (from what I can see) and I am sure that if people know that custom roms are possible on that version (not bootloader locked forever) it would be appreciated.
Click to expand...
Click to collapse
Oh, and here is some more information to help you decide...
The volume key combo to enter EDL is handled by aboot (bootloader, eg. the thing we are flashing). This means even if you aren't currently able to use the key combo, you should be able to use it with the new aboot here. And if you can get to EDL, you can never really brick the device.
The volume key combo is detected very early in the aboot code. Like, first thing after basic platform init. So even if this isn't compatible with your device, it's likely we could restore the old aboot (assuming you back it up first, of course).
I'm convinced that the tulip is not locked based on my investigation today. So I have no idea if this aboot is properly signed. If your device is locked and this aboot is not signed properly, the lower boot loader won't load it. I'm not quite sure if that kicks you into EDL or not.
Not sure if that makes the decision easier or harder...
How did you come to the conclusion that tulip is not locked to begin with? If we don't need tuliptool or this aboot, how can I check verdandi if the device is the same 'locked but not really locked' state?
I will have a read about backing up aboot and see what I come up with concerning getting into edl.
So here's the deal...
I initially assumed the bootloader was locked because... well... it's supposed to be. So I found the place in aboot code where it checks the lock flag in the devinfo partition. I used the firehose to write unlocked to that flag. Then I built TWRP, flashed it and it booted. So I assumed everything was working just as I expected.
Today, I flashed the aboot with fastboot support and ran "fastboot oem device-info". It said that my device was locked. So I went to look and, sure enough, my devinfo partition flag was still set. Hmm, that's odd.
So I wrote locked back to the flag. TWRP still booted. Now things are looking pretty suspicious.
But maybe the new aboot doesn't even support locking? So I flashed the original b14 version of aboot and TWRP still booted.
That's pretty hard evidence that aboot is ignoring the lock flag. I don't know what they did -- whether they just removed the code that reads the lock flag or introduced a bug or what.
This does not necessarily mean that the lower layers are unlocked. That is, the lower boot loader may still required a properly signed aboot. I don't know, and I'm not ready to brick my device trying to find out.
trpn111 said:
How did you come to the conclusion that tulip is not locked to begin with? If we don't need tuliptool or this aboot, how can I check verdandi if the device is the same 'locked but not really locked' state?
I will have a read about backing up aboot and see what I come up with concerning getting into edl.
Click to expand...
Click to collapse
Hmm... Looks like this package incompatible with ZTE/P852A11/tulip.
Got error while trying to flash it by stock recovery. Error message says that it is for A12 version of tulip.
Ah, yes, you have the euro model. See the "calling all mini owners" thread, posts #76 and #77.
maestromony said:
Hmm... Looks like this package incompatible with ZTE/P852A11/tulip.
Got error while trying to flash it by stock recovery. Error message says that it is for A12 version of tulip.
Click to expand...
Click to collapse
i get a message saying "cant update from sd card?"
yeshivabachur said:
i get a message saying "cant update from sd card?"
Click to expand...
Click to collapse
Make sure battery level is at least 30% before applying any update. It's a standard protection feature.
JoeGatto said:
Make sure battery level is at least 30% before applying any update. It's a standard protection feature.
Click to expand...
Click to collapse
My battery was 80%+ mine still said can't update from sdcard
Aries2010 said:
My battery was 80%+ mine still said can't update from sdcard
Click to expand...
Click to collapse
Try turning on the OEM unlock setting in developer settings.
JoeGatto said:
Try turning on the OEM unlock setting in developer settings.
Click to expand...
Click to collapse
Thank you so much that worked I appreciate the it . Now I have one more question I have been searching for a way to root stock rom but I can't find any instructions on it. Could you walk me through it or post a link for me if possible? I have the USA mini 7 with B14 firmware
Aries2010 said:
Thank you so much that worked I appreciate the it . Now I have one more question I have been searching for a way to root stock rom but I can't find any instructions on it. Could you walk me through it or post a link for me if possible? I have the USA mini 7 with B14 firmware
Click to expand...
Click to collapse
Rooting the stock ROM will require that you remove verity, so that the OS won't refuse to boot once you've made any changes to the system partition. You'll need to use tuliptool to flash a new boot image, which you can find in this section of the forum. Then, you could either install TWRP through fastboot or using tuliptool.
JoeGatto said:
Rooting the stock ROM will require that you remove verity, so that the OS won't refuse to boot once you've made any changes to the system partition. You'll need to use tuliptool to flash a new boot image, which you can find in this section of the forum. Then, you could either install TWRP through fastboot or using tuliptool.
Click to expand...
Click to collapse
Thank you sir I appreciate it I shall try it tomorrow.
here's a stupid question.... I have only dealt with Samsung devices so, I have trouble understanding any other kind of process that is not Samsung. If a new update comes out while my device is bootloader unlocked can i update it? or will it brick my device?
The "standard" (not Samsung) method of updating via OTA is to ship:
1. Full images of any firmware partitions (rpm, tz, aboot, etc.)
2. Full image of boot.
3. A delta (patch) to system.
Also note that custom recoveries generally do not work with vendor OTA's.
This means that if you wish to apply an OTA, you must first have stock recovery and a completely pristine, unmodified system partition. The rest doesn't matter.
yeshivabachur said:
here's a stupid question.... I have only dealt with Samsung devices so, I have trouble understanding any other kind of process that is not Samsung. If a new update comes out while my device is bootloader unlocked can i update it? or will it brick my device?
Click to expand...
Click to collapse
What does the manufacturer do to the phone to make it un-rootable?
This quote: "Strictly speaking, when we talk about a platform as open as the Android OS, it is almost impossible for a manufacturer to make an ‘un-rootable’ device."
would suggest that most likely the manufacturer is not making the phone un-rootable. So then that would leave the OS, but my 4.2.2 KitKat has and is rooted on other devices.
So who and what is at fault here? Seems to me that if it was software, that would be easy. Find an exploit and root. But if it was that easy then all phones/devices would be rootable.
That brings us back to hardware and the manufacturer.
RealRobD said:
What does the manufacturer do to the phone to make it un-rootable?
This quote: "Strictly speaking, when we talk about a platform as open as the Android OS, it is almost impossible for a manufacturer to make an ‘un-rootable’ device."
would suggest that most likely the manufacturer is not making the phone un-rootable. So then that would leave the OS, but my 4.2.2 KitKat has and is rooted on other devices.
So who and what is at fault here? Seems to me that if it was software, that would be easy. Find an exploit and root. But if it was that easy then all phones/devices would be rootable.
That brings us back to hardware and the manufacturer.
Click to expand...
Click to collapse
It is more a matter of the carriers trying their hardest to prevent us from being able to unlock/root the devices they offer and less a matter of the manufacturer trying to prevent it.. They do this for several reasons. But the main reasons are to prevent security breaches, to protect the information on their customer's devices, to prevent having to repair/replace devices that have been broken due to failed rooting/flashing/modifying attempts and to prevent us from using their devices on another carrier's network.
It is considered to be impossible to make devices that absolutely can't be rooted. They are all vulnerable in some manner, these vulnerabilities are called exploits, it's just a matter of finding the right exploit. When exploits are found, the manufacturer or carrier will patch the exploit and release an update for their devices to apply the patch.
The main thing they do to make devices unrootable is to use a locked bootloader, some even use specific hardware components to prevent unapproved software from booting.
It's a combination of things really, there is not necessarily one certain thing they do to keep us from rooting, because there are many different ways to unlock/root devices, they try their best to account for them all.
Sent from my SM-S767VL using Tapatalk
It is considered to be impossible to make devices that absolutely can't be rooted. They are all vulnerable in some manner, these vulnerabilities are called exploits, it's just a matter of finding the right exploit.
Click to expand...
Click to collapse
Can you direct me to the recommended newbie reading to get my learn on?
My Alcatel onetouch has stumped current one click methods, so it's time to learn and crack this puppy on my own.
RealRobD said:
Can you direct me to the recommended newbie reading to get my learn on?
My Alcatel onetouch has stumped current one click methods, so it's time to learn and crack this puppy on my own.
Click to expand...
Click to collapse
If all one click methods have failed, the only option left is to flash some kind of customized software or methods to modify parts of your boot and/or system partitions. Flashing custom software and modifying boot or system requires the device to have an unlocked bootloader.
This means that your first step is to determine whether or not your device has an unlocked bootloader. If it is unlocked, you can flash/modify the device, if it is locked, you can't flash/modify unless you find a method to unlock the bootloader, then you can flash/modify. Do some searches for methods to check your bootloader status.
If you find that the bootloader is unlocked, then you have a few choices:
1) if you can obtain a copy of your stock firmware then you can use the Magisk rooting method to modify the boot.img from your firmware to create a patched boot.img then flash that boot.img using the appropriate flash tool for your device brand.
2) if you can find a copy of TWRP custom recovery for your specific device model number you can flash the TWRP file using the appropriate flash tool for your device brand.
3) if there is no TWRP for your specific model number, you can build your own version of TWRP if the necessary resources are available for your specific model number.
4) if the necessary resources to build TWRP for your specific model number are not available, you can try finding a TWRP for a similar device with the same exact CPU that your device has and port that TWRP to be compatible with your own device.
Do your own searching and researching about each of these options, the more you read about them, the more you will understand.
Sent from my SM-S767VL using Tapatalk
Droidriven said:
If all one click methods have failed, the only option left is to flash some kind of customized software or methods to modify parts of your boot and/or system partitions. Flashing custom software and modifying boot or system requires the device to have an unlocked bootloader.
This means that your first step is to determine whether or not your device has an unlocked bootloader. If it is unlocked, you can flash/modify the device, if it is locked, you can't flash/modify unless you find a method to unlock the bootloader, then you can flash/modify. Do some searches for methods to check your bootloader status.
If you find that the bootloader is unlocked, then you have a few choices:
1) if you can obtain a copy of your stock firmware then you can use the Magisk rooting method to modify the boot.img from your firmware to create a patched boot.img then flash that boot.img using the appropriate flash tool for your device brand.
2) if you can find a copy of TWRP custom recovery for your specific device model number you can flash the TWRP file using the appropriate flash tool for your device brand.
3) if there is no TWRP for your specific model number, you can build your own version of TWRP if the necessary resources are available for your specific model number.
4) if the necessary resources to build TWRP for your specific model number are not available, you can try finding a TWRP for a similar device with the same exact CPU that your device has and port that TWRP to be compatible with your own device.
Do your own searching and researching about each of these options, the more you read about them, the more you will understand.
Sent from my SM-S767VL using Tapatalk
Click to expand...
Click to collapse
Can't get past "Waiting on devices" when using
Code:
fastboot oem device-info
.
Device manager shows the phone is connected just fine.
The phone has no manual way to set fast boot, whether it be the buttons or entering numbers on the keypad.
Device recognized.
Code:
fastboot devices
returns nothing. I guess that means it's not in fast boot mode.
Code:
adb reboot bootloader
and
Code:
adb reboot fastboot
only reboots the phone.
On the other hand,
Code:
adb reboot recovery
does work.
RealRobD said:
Can't get past "Waiting on devices" when using
Code:
fastboot oem device-info
.
Device manager shows the phone is connected just fine.
The phone has no manual way to set fast boot, whether it be the buttons or entering numbers on the keypad.
Device recognized.
Code:
fastboot devices
returns nothing. I guess that means it's not in fast boot mode.
Code:
adb reboot bootloader
and
Code:
adb reboot fastboot
only reboots the phone.
On the other hand,
Code:
adb reboot recovery
does work.
Click to expand...
Click to collapse
Your device probably doesn't even have fastboot mode, some carriers remove fastboot from their devices, especially MVNO(subcontracted) networks.
Sent from my SM-S767VL using Tapatalk
Yep, looks like no Fastboot onboard...
galaxys said:
Yep, looks like no Fastboot onboard...
Click to expand...
Click to collapse
If it's just software, why can't it be bypassed, cracked, hacked, blown up etc?
RealRobD said:
If it's just software, why can't it be bypassed, cracked, hacked, blown up etc?
Click to expand...
Click to collapse
If you're asking about what was said about not having fastboot, it is a lack of software, as in, the software is not even there.
If you're asking if the software can be bypassed, it can, the trick is to find the right exploit. That is the problem, a working exploit has not been discovered for this device.
Without fastboot, there is no way to flash custom files such as TWRP or patched boot.img. This means, the only chance of rooting the device is if one of the one-click universal rooting apps or universal PC rooting programs has an exploit that just happens to network on this device.
Sent from my SM-S767VL using Tapatalk
Droidriven said:
If you're asking about what was said about not having fastboot, it is a lack of software, as in, the software is not even there.
If you're asking if the software can be bypassed, it can, the trick is to find the right exploit. That is the problem, a working exploit has not been discovered for this device.
Without fastboot, there is no way to flash custom files such as TWRP or patched boot.img. This means, the only chance of rooting the device is if one of the one-click universal rooting apps or universal PC rooting programs has an exploit that just happens to network on this device.
Sent from my SM-S767VL using Tapatalk
Click to expand...
Click to collapse
Have any fastboot-less phones in the past been rooted?
If so, do you have any recommended reading as far as exploit hunting is concerned?
I see that I can add user-settable root of trust to the bootloader so I can set custom secure boot keys like PCs at https://source.android.com/docs/security/features/verifiedboot/device-state , so I think I can use a user modified init_boot image (including the magisk patched one) by signing it with my own keypair.
Also, I know that some manufacturers require 7 days for new devices to be unlocked (like Xiaomi) or do not allow user unlock at all. However, authorized repairers can flash signed factory system images without unlocking it. I guess it is implemented by internal (read-only) root of trust. But can I do this with user-settable root of trust part so I can become authorized repairer to my own device?
P.S. I am using a bootloader-unlocked Pixel 4 XL as my major phone now. I have bought a Pixel 7 Pro but not yet switched to it. I am looking for a method to take both security and scalability into account.
Good and interesting question, sadly I don't have a definitive answer to it - but a few thoughts:
As to your own keypair: I would think that the bootloader checks for integrity and you would need to patch bootloader as well to accept a user-key - not sure if this is feasible.....
AFAIK for Xiaomi devices the authorized repairers use EDL mode with a separate authentification - EDL-mode is (IMO) a separate very low-level boot mode.... I don't think this is related to the "normal" boot mechanism and its keys.....
Is there any specific reason you are aiming for a re-locked bootloader ? The only aspect I could think about is some specific apps that can detect an unlocked bootloader and refuse to function.... from a pure security standpoint I don't see a benefit from re-locking a modified device, at least until you really (!) know all modifications that have been done in low-level detail.....
s3axel said:
Good and interesting question, sadly I don't have a definitive answer to it - but a few thoughts:
As to your own keypair: I would think that the bootloader checks for integrity and you would need to patch bootloader as well to accept a user-key - not sure if this is feasible.....
AFAIK for Xiaomi devices the authorized repairers use EDL mode with a separate authentification - EDL-mode is (IMO) a separate very low-level boot mode.... I don't think this is related to the "normal" boot mechanism and its keys.....
Is there any specific reason you are aiming for a re-locked bootloader ? The only aspect I could think about is some specific apps that can detect an unlocked bootloader and refuse to function.... from a pure security standpoint I don't see a benefit from re-locking a modified device, at least until you really (!) know all modifications that have been done in low-level detail.....
Click to expand...
Click to collapse
The reason why I am aiming for a re-locked bootloader is that everyone can flash a modified image at bootloader. An evil maid or cop may be able to flash a trojan boot image when I am not with my phone.
My phone just got into fastboot mode this morning which I cannot access to recovery/ rescue mode. Everytime I choose the option it will bring me back to the fastboot screen.
I havn't unlocked the bootloader/ OEM previously. Anything I can do to make the phone start working again?
Hi,
What did you do to end up in this situation?
Good luck,
Sébastien.
5.1 said:
Hi,
What did you do to end up in this situation?
Good luck,
Sébastien.
Click to expand...
Click to collapse
Nothing! all I did was normal usage and it became bricked over the night. Onlything I did was leaving the phone being charged.
tonydigimon said:
Nothing! all I did was normal usage and it became bricked over the night. Onlything I did was leaving the phone being charged.
Click to expand...
Click to collapse
Android Flash Tool
flash.android.com
do this
jons99 said:
Android Flash Tool
flash.android.com
do this
Click to expand...
Click to collapse
Tried but it said the phone is not unlocked and therefore cannot be flash.
tonydigimon said:
Tried but it said the phone is not unlocked and therefore cannot be flash.
Click to expand...
Click to collapse
to supplement, it shows as below:
Device Unlock DisabledFor security reasons, you need to enable "OEM unlocking" in order to flash your device. See the device preparation instructions for more information.
tonydigimon said:
Tried but it said the phone is not unlocked and therefore cannot be flash.
Click to expand...
Click to collapse
Can you boot into safe mode?
andy242 said:
Can you boot into safe mode?
Click to expand...
Click to collapse
No. I can't even see the google logo. It directly jumped to the fastboot page.
Supposedly, when I've seen instances like this before (stuck in fastboot mode, can't access recovery mode, locked bootloader, no oem unlock ticked), you might be able to forcibly change slots to the other one. There are 2 slots for this very reason -- supposedly to have a working one when things go to crap (but primarily for OTA and when that doesn't work out right).
IIRC, you don't need an unlocked bootloader to change slots...
If that doesn't work, I'm curious if you'd be able to get into recovery mode using the button combination vs. selecting it from fastboot mode......
simplepinoi177 said:
Supposedly, when I've seen instances like this before (stuck in fastboot mode, can't access recovery mode, locked bootloader, no oem unlock ticked), you might be able to forcibly change slots to the other one. There are 2 slots for this very reason -- supposedly to have a working one when things go to crap (but primarily for OTA and when that doesn't work out right).
IIRC, you don't need an unlocked bootloader to change slots...
If that doesn't work, I'm curious if you'd be able to get into recovery mode using the button combination vs. selecting it from fastboot mode......
Click to expand...
Click to collapse
You can't use fastboot commands to change slots when your bootloader is locked. And even if you could, the slot would not be bootable until you flashed the firmware onto it since these aren't dual boot devices. Only the last slot on which you flashed the firmware on will boot.
Lughnasadh said:
You can't use fastboot commands to change slots when your bootloader is locked. And even if you could, the slot would not be bootable until you flashed the firmware onto it since these aren't dual boot devices. Only the last slot on which you flashed the firmware on will boot.
Click to expand...
Click to collapse
I don't see why one would need an unlocked bootloader to change slots (especially considering it can happen on a locked bootloader when OTA's fail)...but I'll take your word for it.
But I understand things differently as @badabing2003 explained the two slot device aspect on these devices that, for the most part, the partitions are intact and accessible when either slot is active -- things depend differently on whether a slot can boot on them or not. If I understood correctly, one doesn't necessarily need to flash the firmware to make a particular slot to become bootable...
But I understood badabing2003's explanation in a very rudimentary sense so....I acknowledge I could very easily be under the wrong impression.....
Wouldn't slots change automatically upon boot failure? Isn't that the point?
simplepinoi177 said:
I don't see why one would need an unlocked bootloader to change slots (especially considering it can happen on a locked bootloader when OTA's fail)...but I'll take your word for it.
But I understand things differently as @badabing2003 explained the two slot device aspect on these devices that, for the most part, the partitions are intact and accessible when either slot is active -- things depend differently on whether a slot can boot on them or not. If I understood correctly, one doesn't necessarily need to flash the firmware to make a particular slot to become bootable...
But I understood badabing2003's explanation in a very rudimentary sense so....I acknowledge I could very easily be under the wrong impression.....
Click to expand...
Click to collapse
When you flash the factory image the system_other.img gets moved to the inactive slot, basically making that slot unbootable until you flash the firmware onto that slot.
krakout said:
Wouldn't slots change automatically upon boot failure? Isn't that the point?
Click to expand...
Click to collapse
The main point for having 2 slots (A/B partitions) is for seamless OTA updates.
simplepinoi177 said:
I don't see why one would need an unlocked bootloader to change slots (especially considering it can happen on a locked bootloader when OTA's fail)...but I'll take your word for it.
But I understand things differently as @badabing2003 explained the two slot device aspect on these devices that, for the most part, the partitions are intact and accessible when either slot is active -- things depend differently on whether a slot can boot on them or not. If I understood correctly, one doesn't necessarily need to flash the firmware to make a particular slot to become bootable...
But I understood badabing2003's explanation in a very rudimentary sense so....I acknowledge I could very easily be under the wrong impression.....
Click to expand...
Click to collapse
As @Lughnasadh says, only one slot is bootable, so switching even if it was possible don't help.
System of the inactive slot gets overwritten with optimized Dex files to be copied on first boot.
And even if one manually skips the system_other partition, avb doesn't allow you to boot on newer devices.
I managed to make it work on Pixel XL, but couldn't on newer devices.
tonydigimon said:
My phone just got into fastboot mode this morning which I cannot access to recovery/ rescue mode. Everytime I choose the option it will bring me back to the fastboot screen.
I havn't unlocked the bootloader/ OEM previously. Anything I can do to make the phone start working again?
Click to expand...
Click to collapse
if you cant use the volume buttons to access recovery from the bootloader, and you did nothing to the device, you should be able to return to google and get a new one depending on where you bought it
I got the same thing on my Pixel 7 Pro. Nothing would flash and my bootloader was unlocked. I just sent mine to Google last week and I'm currently waiting for them to send a replacement back.
Very weird. Wish I had a solution for you OP. Just goes to show an unlocked bootloader is a great fail safe to have in resurrecting a bricked device
Lughnasadh said:
And even if you could, the slot would not be bootable until you flashed the firmware onto it
Click to expand...
Click to collapse
The inactive slot holds the previous firmware build. In theory that shouldn't be a problem to switch the slots. But in most cases it ends up in a bootloop until you wipe /data because that partition has no slot.
krakout said:
Wouldn't slots change automatically upon boot failure? Isn't that the point?
Click to expand...
Click to collapse
Only right after an update. If the updated slot once is marked as "boot successfully" than the bootloader won't change to the inactive slot in case the active one is unbootable. It's only a rollback option for corrupted updates. But not a rollback for corrupted devices.