The phone restarted as if it had been factory reset (I had to reconfigure it as if it were starting up for the first time). But when I restart the phone, at boot I still get the message "The boot loader is unlock and software integrity… ".
If I switch back to fastboot mode and run the command again:
The commands can be a bit confusing, fastboot flashing lock_critical locks the critical partitions from being modified, what you want is fastboot flashing lock to actually lock the bootloader.
You generally don’t need to lock the critical partitions, because those aren’t accessible with a locked bootloader anyway.
But make sure that fastboot flashing get_unlock_ability returns 1 before you lock the bootloader to give you a chance to recover from a brick.
If it doesn’t, reinstall the OS and don’t boot into Android before locking it (and also check get_unlock_ability again immediatelly before issuing the lock command!)
So, if I understand correctly, I need to reinstall the stock ROM. But now the critical partitions are locked.
… INFO: Looking for connected device(s)… INFO: One Fairphone 4 in fastboot mode found (serial number: 4b418009). ERROR: The critical partitions are not unlocked. Please refer to our support articles for help. ERROR: Aborting now (press Enter to terminate). …
What is the correct procedure for unlocking the critical partitions?
You won’t need a code since your bootloader is still unlocked, just fastboot flashing unlock_critical is enough.
Make sure to stop the phone from booting into Android after installation. I haven’t looked at the install bash script in a while if they still have the reboot step in there
You can just take that line out, calculate the new hash for the script, and change the hash in the file with all the other hashes in the same folder (can’t remember what the file is called).
Or you hold one of the volume buttons when it tries to reboot after the installation.
After installation of stock rom. This avoids that system boots into “user land” (normal phone using mode) after installation, causing “unlock ability” to reset from “1” to “0”.
It describes how you can edit the installation script so that it does not directly boot after the installation.
If that seems too complicated to you, then you just can monitor the installation and press “vol-down” at the end of the installation process to start directly into fastboot instead of “user land”.
Apologies, I worded that badly, you can just take the route @Volker described, it’s easier
What I meant in a bit more detail:
When you download & extract the factory images, there’s a flash_fp4_factory.command file in that directory. At the beginning of that file are a few options you can change, one of those is
REBOOT_TO_BOOTLOADER="false" # default value is "false"
If you change that to "true" the phone will reboot to the bootloader instead of Android userland when the installation is complete, which is what we want (and should be default).
But the installation script also compares all the extracted files against the checksums in the SHA256SUMS file to make sure none of the partitions that get flashed is wrong.
Since we modified the flash_fp4_factory.command file the checksums don’t match anymore and the installation fails.
So you have to run sha256sum flash_fp4_factory.command to generate a new checksum, then search for flash_fp4_factory.command in the SHA256SUMS file, and finally replace that line with the new checksum.
Way more complicated, buuut you don’t have to watch the phone to catch the reboot in time
1/ I switch to fastboot mode and unlock the critical partitions: fastboot flashing unlock_critical
2/ I modify the flash_fp4_factory.command file and change the value of REBOOT_TO_BOOTLOADER from false to true.
3/ I run the checksum (sha256) on the new flash_fp4_factory.command file and replace the old checksum value in the SHA256SUMS file.
4/ I start installing the stock ROM.
5/ At the end of the installation, the phone remains in fastboot mode and I check that unlock ability has the value 1: fastboot flashing get_unlock_ability
6/ If the value is 1, then I launch the bootloader lock: fastboot flashing lock
7/ Once this is done, I restart the system in Android.
Please let me know if I made any mistakes.
I will keep you informed of the process.
In any case, thank you very much for your valuable help.
Right, I forgot that your get_unlock_ability is 0, and that’s needed for unlock_critical as well… It’s a weird state to be in
If we go by the Fairphone instructions they first unlock OEM and then perform flashing unlock followed by flashing unlock_critical, which works because get_unlock_ability is only reset on first boot, so it stays on 1 during those reboots and the commands work.
However, since your bootloader is already unlocked, the OEM unlocking switch is greyed out in the settings, so we can’t just get it enabled again.
Check if you can toggle OEM unlocking in the developer options, if it’s greyed out we’ll have to take the Magisk route to make it toggleable again.
If that’s the case and I’m not back to the forum in the next few hours and you get bored, here are the (very old) instructions for the Magisk route:
You’ll need a patched root-enabled boot.img, so after the first step transfer the boot.img from your extracted factory images to your phone, open the Magisk app and patch it, transfer the patched one back to your PC and continue the next step with that image.
The specific Magisk version isn’t important, that’s just what was available in April 22 when I wrote those steps, the F-Droid one is fine
Don’t worry about the patching part, I uploaded you a patched boot.img for the latest Fairphone factory images.
But check the OEM toggle in developer options first, if it isn’t greyed out you can just switch it back on and skip the Magisk part (it should be greyed out, but doesn’t hurt to check).
I had already checked, and OEM unlocking is indeed not available.
I installed Magisk in the FP4 and downloaded your boot.img to my PC and then patched the boot.img on the FP 4 with Magisk that’s became magisk_patched-29000_VUj3I.img
I suppose that I have to replace the command you’ve gave me :
The boot.img I uploaded was already patched and ready to go, you can just use it like that, not sure what happens if you patch it again, I guess we’ll find out
Edit: I took to long with my reply, I meant the first screenshot.
That’s good news
Yeah, that screenshot seems to indicate you don’t have root, no idea why
When you use fastboot boot boot.img does your phone boot normally?
If the boot process gets interupted and it reboots before reaching Android userland for some reason, that would load the boot partition on the phone instead, which isn’t rooted.
