Can't lock bootloader

Had some issues with my fairphone 4 that was solved by manually installing the OS. This seems to have made the device lose it’s play protect certification, and several apps are not working. I hoped locking the bootloader again would get the certification back, but I’ve run into a problem.
I tried locking it once, but it still says “DEVICE STATE - unlocked” in fastboot mode. And when booting the phone it still gives a warning about it being unlocked.
When trying the command; “fastboot flashing lock_critical” the response is;
FAILED (remote: ’ Device already : locked ! ’ )
fastboot: error: Command failed

I have no idea what to do. Can anyone help?

Lock critical is not to lock the bootloader. However be super careful to not brick the phone by locking the bootloader!!! Please do a longer reading in the forum and provide more info on what you did. Which OS? Version before, version now?

In very short


To unlock the bootloader I followed this guide:
I followed this to manually install the OS:
I installed the FP4.TP25.C.095 version. I updated and now have FP4.TP2D.C.0112.
I unfortunately did not do the “fastboot flashing get_unlock_ability” before booting into the OS.

Thats a quite old version, do you happen to know which version was installed before you manually installed.

Between FP4.TP25.C.095 and FP4.TP2D.C.0112 was another version and I dont know when you downgraded (what would cause a brick when locking the bootloader) to C.095 with the manual install, if the OTA update to C.0112 is sufficient.

Maybe better wait if someone more experienced will provide some feedback, else I guess my apprpach would be to manually install the current version FP4.TP2D.C.0112 , check unlock ability is 1 and lock the bootloader before booting into the system

1 Like

It was FP4.TP29.C.0101
If I do another manual instal, do you think I have to unlock the bootloader again or should I just try without doing it?

Is that no longer the case? If its now in device state locked, check is OEM unlocking is not greyed out and can be enablwd.

Else, what might be locked is critical and I think according to Fairphones instructions that should be unlocked as well.

1 Like

OEM is greyed out, and I’m still getting a message upon booting that says the device is unlocked. I will also check in fastboot when I get home, but I’m thinking it will say it’s unlocked.
So should I just do the “fastboot flashing unlocked_critical” command, to make sure critical is unlocked?

Well without any guarantee: yes when the manual installation per instructions require critical to be unlocked and because you used the locking command, I would unlock it again.

1 Like

Okey. Thank you for the help.

Not sure how far you get, it seems its not easily posdible to not boot into system after ßanually installing FPOS

1 Like

So to lock the bootloader you can’t boot into os after flash install, but the install boots automatically into os…great…

You can lock the bootloader after the first boot, it’s just a lot riskier and I would always advise against.

If everything is as it should be, meaning the security patch level of the factory images you are flashing matches / is higher than the current ones and the keys those images are signed with are the ones the system expects, get_unlock_ability doesn’t concern you at all.

But for your example where you installed old factory images, that would have been a brick :grimacing:

I won’t repeat my rant(s) here because I’ve said it all before, bottom line is all of this could be handled better by Fairphone and it just isn’t, for whatever reason :man_shrugging:


So if you lock the device with an older os installed it will render the device useless?
To be honest I’m regretting buying this phone. I’ve never had issues like these with other brands.


But that isn’t really a Fairphone issue per se, that’s what rollback protection is meant to do on a modern phone. The phone keeps track of the rollback index (security patch level in Fairphone’s case) so you / an attacker can’t install an older version which might contain unpatched known vulnerabilities that could be exploited.
Locking the bootloader enforces that check, but OEMs can also opt to always enforce it as well.

Normally that rollback index should get cleared when the phone is completely reflashed (search this forum / the Android documentation for specifics, I don’t have the links handy), and the Pixels manage to do that just fine.
Now there’s apparently a bug in certain Qualcomm bootloaders (according to the CalyxOS devs) which affects the Fairphone as well that leads to the rollback never being reset. So on any devices (not only Fairphones) affected by that the only way is forward.

I don’t think Fairphone as a company has the necessary access / ressources to fix low level Qualcomm bootloader bugs, I might be wrong, you’d have to ask them.
But they could make the install process safer by implementing checks and locking the bootloader during installation. And they failed to do that for two years, that is absolutely on them!

(Got a bit ranty again, sorry, I’ll see myself out :see_no_evil:)


Finally got the time to try manually installing the OS again.
So turns out that when I do the “fastboot flashing unlock_critical” command I get the following respons:
“FAILED (remote: ‘Flashing Unlock is not allowed’)
fastboot: error: Command failed”
I tried manually installing again, but I of course get an error that critical is locked.

Sorry to hear that and no idea from my end, not sure if @hirnsushi has time to troubleshoot with you.

1 Like

Could you please post the output of fastboot oem device-info :pray:

What is the current state of your phone, does it boot into Android userland, are you getting any bootloops.
Did the installation go through or did it fail with an error? :thinking:

If you can successfully run an installation my advice would be to modifiy the install script as outlined here:

Don’t boot into Android userland at that point, we want to stay in the bootloader!
Unless the partition that stores get_unlock_ability is part of the critical partitions (which I don’t think it is) that should reset that value to 1 and you should be able to issue fastboot flashing unlock_critical :crossed_fingers:

Edit: Yeah, nope, scratch that, I checked the install script and it won’t let us go through with it, and we are not going down the manual route. This calls for the Magisk method.

You’ll need the latest Magisk app and the boot.img that you can find in the images folder where you extracted the factory images to (not the old ones, we want the images matching your current install). Transfer both to your phone, install the app, go to Install → Select and patch file, patch the boot.img and transfer it back to your PC. (I can do that part for you if you are struggling, but I don’t have time right now)
Then it’s basically:

after that you should be able to use fastboot flashing unlock_critical :crossed_fingers:


Output from fastboot oem device-info:
(bootloader) Verity mode: true
(bootloader) Device unlocked: true
(bootloader) Device critical unlocked: false
(bootloader) Charger screen enabled: false
OKAY [ 0.006s]
Finished. Total time: 0.008s

The phone boots fine into fpos.
I got an error at the beginning of the installation basically stating that it couldn’t do it because critical is locked.

I’m gonna have to wait until Sunday to try the Magisk method. I’ll give it a go then.

Alright then, that’s looking good, keep me posted :slightly_smiling_face:

Oh and don’t lock the critical partitions after the installation, there’s really no reason to if you are going to lock the bootloader anyway, that takes away the ability to mess with them (most custom ROMs just keep them unlocked).

1 Like

So I could’nt figure out how to install Magisk after transfering to phone. So I installed it directly on the phone. Don’t know if that matters.
I transfered the boot.img to my phone. There were 2 Install options in the Magisk app. 1 besides Magisk and another besides Program. I chose Magisk, but I’m not sure this was the right one. I then chose the boot.img file and got a new .img file. I transfered this back to my pc.
I then booted into fastboot and put in the command for booting into Magisk. I get the following output:
Sending ‘boot.img’ (98304 KB) OKAY [ 2.251s]
Booting OKAY [ 10.116s]
Finished. Total time: 12.426s

The phone then booted into FPOS, and not Magisk. What did I do wrong?