English

Official LineageOS 17.1 for Fairphone 3/Fairphone 3+

Since you linked to my unbricking thread, I also documented how to do the unlock you did here.
And since fastboot allows flashing critical partitions (even in locked state), it doesn’t even require the use of EDL.
As for FRP, wiping the frp partition should get rid of it :wink:

5 Likes

Good points. I did not know you could always flash “critical” partitions. Are you sure overwriting the devinfo partition is sufficient in all cases? I found that the bootloader code that came with release 110 appears to check the config partition first, and then devinfo only as a fallback. Second, are you sure it is safe to give people a generic, non-device specific version of devinfo? Feel free to reply per PM if things get too detailed, so that we don’t spam this thread.

1 Like

Hi,
I’m new to using smartphone, because I wanted one on which I could install a Linux OS.
But well, I was given the opportunity to have a FairPhone 3+.
So, I wanted to change from stock Android to LineageOS.

First, I’d like to thanks @dk1978 and everybody who has been working hard to port LineageOS 17.1 to the FairPhone.

My problem is that the install process does not seem to work for me.
But since I have no experience, I can’t be sure if I have done things right.

I followed the guide given here : ✏ [ALPHA] FP3/FP3+: Complete guide for installing LineageOS which sums up every step to install LineageOS.
So, I did the following parts :

  • OEM Unlock
  • Bootloader Unlock
  • Download lineage-17.1-20210201-nightly-FP3-signed

I then tried 2 things :

  • fastboot boot lineage-17.1-20210201-nightly-FP3-signed.zip
    creating boot image…
    creating boot image - 668729344 bytes
    downloading ‘boot.img’…
    FAILED (remote: data too large)
    finished. total time: 0.113s
  • adb sideload lineage-17.1-20210201-nightly-FP3-signed.zip
    serving: ‘lineage-17.1-20210201-nightly-FP3-signed.zip’ (~47%) adb: failed to read command: Success

But on the Fairphone side :
Verifying update package
E: failed tp verify while-file signature
Update package verification took 52.2 s (result 1).
E:Signature verification failed
E:error : 21

Install from ADB completed with status 2
Installation aborted.

I’m at a loss of option.
Did I do something wrong ?
Do I really need TWRP like I could read from other posts ?

Best regards.

The command fastboot boot is meant for booting the LineageOS-recovery file from where you can install LineageOS. In your case, you have to download the recovery file lineage-17.1-20210201-recovery-FP3.img from the LineageOS website.
Then, you can install LineageOS with the command adb sideoad. See point 5 on the tutorial :slight_smile:
PS. I wrote this tutorial for Windows. There might be some differences when making those steps with Linux…

4 Likes

Did you boot into the recovery (with the .img-file) before you tried to sideload the lineage-.zip-file from there?

I can recommend this step-by-step guide.
It worked fine for me. I wouldn’t use TWRP, better use the recovery image-file from this site:

Good luck :wink:

2 Likes

There is actually also a bit for disabling flashing “critical” partitions in devinfo, however it is enabled by default.
I haven’t looked at it in a while, but at the time I did compare a full firmware dump (taken using EDL) before and after unlocking and there was only the bit in devinfo.
It’s possible that changed since then.

Also there is really nothing device-specific in there, actually there is not much in there at all:

devinfo-unlocked
00000000  41 4e 44 52 4f 49 44 2d  42 4f 4f 54 21 00 00 00  |ANDROID-BOOT!...|
00000010  01 00 00 00 00 00 00 00  01 00 00 00 01 00 00 00  |................|
00000020  00 00 00 00 00 00 00 00  00 00 00 00 00 00 00 00  |................|
*
000000e0  01 00 00 00 00 00 00 00  00 00 00 00 00 00 00 00  |................|
000000f0  00 00 00 00 00 00 00 00  00 00 00 00 00 00 00 00  |................|
*
000009f0  ff ff ff ff ff ff ff ff  ff ff ff ff ff ff ff ff  |................|
00000a00  00 00 00 00 00 00 00 00  00 00 00 00 00 00 00 00  |................|
*
00100000
devinfo-locked
00000000  41 4e 44 52 4f 49 44 2d  42 4f 4f 54 21 00 00 00  |ANDROID-BOOT!...|
00000010  00 00 00 00 00 00 00 00  01 00 00 00 01 00 00 00  |................|
00000020  00 00 00 00 00 00 00 00  00 00 00 00 00 00 00 00  |................|
*
000000e0  01 00 00 00 00 00 00 00  00 00 00 00 00 00 00 00  |................|
000000f0  00 00 00 00 00 00 00 00  00 00 00 00 00 00 00 00  |................|
*
000009f0  ff ff ff ff ff ff ff ff  ff ff ff ff ff ff ff ff  |................|
00000a00  00 00 00 00 00 00 00 00  00 00 00 00 00 00 00 00  |................|
*
00100000

Feel free to PM me, if you want to discuss this further.

Thank you @dk1978 for reporting the state of your work! By reading your post about the unlocking of your used device i am getting horrified! So can we consider FP3 as not that secure it’s supposed to be? And furthermore @anyone: will it be possible to re-implement FDE (full device encryption) into LOS 17.1, although google dropped the support for it starting from android 10? Most of my fear was relying on the “your boot loader is locked, you are safe!” -strategy. Having FDE running, even the recovery is encrypted. That was a real security point for me.

I would say the current FBE strategy is better. The same security, plus added advantages such as not having to encrypt all data on the partition.

My opinion on the security topic in general: theoretically, the data on your device is never safe, if someone has physical access to it, such as after stealing it - or would you ask users to type in a 2048bit AES key as password? :smiley:
Practically, all security measures in computing end up making life harder for legitimate users. All I can hope for is to find a decent compromise between these two extremes, and make it hard enough to crack my data to discourage casual attempts.

2 Likes

Well i am with you on that! That’s my daily challenge. So i encourage not using google dependent software on phones and no use of super confidential data on it, either. With LOS and FP3 it’s a charm for me. @dk1978 i wish you all the best in your new job and a easy moving without obstacles. If it was possible, i would donate not only coffee, but a bucket of time to you! :wink:

2 Likes

@HolosericaCaligo, @DerJuelz : thanks for your answers.

The command fastboot boot is meant for booting the LineageOS-recovery file from where you can install LineageOS. In your case, you have to download the recovery file lineage-17.1-20210201-recovery-FP3.img from the LineageOS website.

Did you boot into the recovery (with the .img-file) before you tried to sideload the lineage-.zip-file from there?

It seems I was wrong about this step, and about what was needed to be downloaded.
I’ll try again tomorrow, as the new build will be out.

All right, I did it. \o/
Thank you both @HolosericaCaligo and @DerJuelz.

Just a little remark to @HolosericaCaligo : I think there is a little mistake in your guide.
In section 5. Installing LineageOS, step 5 : Open Minimal ADB and Fastboot and enter the command **fastboot boot RECOVERY-FILENAME.img**
However, I think it should be fastboot flash boot RECOVERY-FILENAME.img

I followed the simple boot method and I ended up in a classical boot of stock Android, making me go crazy not understanding what was going on. ^^

3 Likes

This indeed is intentional, as it’s not (any longer on a/b devices) to install twrp but to just temporarily boot into it. I use this method for quite some updates now

3 Likes

Hum, well, I understand the semantical difference between boot and flash … but it did not work for me… or so I think.
When doing fastboot boot RECOVERY-FILENAME.img, it just booted the stock android.

Are you talking about installing LineageOS to replace a stock android, or about installing a new version of LineageOS to replace an already installed LineageOS ?

Both. I never installed twrp on my FP3. It was only on the FP2. I followed the recommendation to simply not install it as it’s so easy to just boot it transiently…

Hey, I succeeded in building FP3 zip from source today! :heart_eyes:
So far the good news, but many questions arose during this process.


I followed the instructions on the lineageOS page for FP3 and found it helpful but not perfect.


E.g. I had to use the process described in ‘Extracting proprietary blobs from payload-based OTAs’ and could not mount one of the three images, because it did not exist. So I just mounted two images and crossed fingers.

Second, the target ‘FP3’ is not listet in ‘breakfast’, but three other targets are. I nevertheless tried with ‘breakfast FP3’ and ‘brunch FP3’ . But now I dont know if I have a ‘user’ build, with or without ‘debug’.


The whole thing took about five tries to succeed and more than one day (downloading and everything).

During compiling with ‘brunch FP3’ once there was an clang++ error, once some kernel build missed a file, once some strange java error etc.

So this leaves a slight ‘unstable feeling’ about the process and about this ninja tool used to build FP3.


But after ~5 tries I now have this file ‘out/target/product/FP3/lineage-17.1-20210210-UNOFFICIAL-FP3.zip’ and wonder what to do.

On my FP3+ I have installed the beta OTA zip provided by dk1978 from last december.
Can I just sideload my zip the same way without loosing data?
Do I have built an OTA Image now?


Now that I done it I have to understand better WHAT I did :slight_smile: So that I can adapt the process to my needs, e.g. build my own software for it.


Thanks for hints and for the work done by everybody here!

Hi Guys,

Thank you for getting this to where it is, it’s really great.

How can tip/gift the developers?

:grinning:

1 Like

2 Likes

See also the discussion here. Bottom line: the Fairphone 3 has some real security issues which are independent of the OS you are running (LineageOS, Fairphone OS, /e/). On the other hand, it makes the phone very re-usable, as it is virtually unbrickable :slight_smile:

To get a user build, use breakfast FP3 user. The default breakfast FP3 produces a userdebug build.

1 Like

Thank you for that clarification. After having read all facts, i am chilling down for now. I consider the phone as enough secure for my needs and a stolen phone could only be wiped for reusing, as far as i got it. That seems ok to me. Knowing the advanced methods of accessing the device when bricked is helpful, too for the future. Very interesting!