Can’t unlock the bootloader if you don’t have the ability to unlock the bootloader 
3 Likes
Yes, that makes sense.
That was ever with mine before the repair also so.
But @brickman comes / came at least still in the recovery menu
My contribution should also be a help / possibility for those who still come. 
I think the difference in your case that you installed /e/ and not CalyxOS as in the meantime /e/OS defaults to OEM unlocked when manually installed… (imho for good reasons…).
2 Likes
Continuing the discussion from Divest OS: Everything about Divest OS on the Fairphones:
So you was lucky as your system works and there was no need to unlock the bootloader so far. I think you can check OEM unlocking in the developer settings and see if its enabled/disabled, geyed out or not? Moved this here for further discussion in the user forum. FP stated they are aware and working on a solution (since months)…
Well, it is greyed out and set to “no”. And also get_unkock_ability 0.
1 Like
That should probably not happen…
You can follow the steps outlaid here if you want to unlock your bootloader again. I wouldn’t lock it again after that though, not until we fully understand what’s the issue here.
I’m not an Android developer, so my understanding is also somewhat limited.
In general, (to me) it looks like we are dealing with 2 separate problems here:
get_unlock_abilityreset to0when flashing (some) ROMs- Rollback Protection kicking in when the bootloader is locked
We’ve had people on iodé, who where able to just unlock the bootloader again after an unsuccessful locking attempt. That’s how I think it’s supposed to work (if you didn’t trigger anti-rollback-protection with an older build than the installed one).
It’s not the bootloaders unlockability, it gives you the unlock ability 
Personally my biggest problem is, that nobody at Fairphone has bothered to share their insights with us. Sure, they have made changes to the factory images and tried to address this, but no “here’s what’s happening, avoid doing x”.
The support is already swamped and we are trying to keep additional cases from piling up there, but half a year later and people still keep bricking their phones… 
4 Likes
I flashed a Fairphone 4 from CalyxOS 3.7.2 back to Stock ROM (FP4.FP40.A.142.20220628) a few days ago to do some tests and was able to relock the bootloader.
What I did was flashing Stock ROM, keep the bootloader unlocked, booted the device up once, rebooted into fastboot and get_unlock_ability was 0.
Then I flashed Stock ROM again but did not boot it. I checked get_unlock_ability and it was set to 1. I locked the bootloader using fastboot flashing lock, crossed my fingers and rebooted the device.
Everything went well, it booted up fine with a locked bootloader. Not sure if I just had a ton of luck though…
3 Likes
Interesting!
I tried flashing the ROM multiple times in the past (both FPOS and Calyx) and couldn’t get it to change get_unlock_ability to 1.
Maybe something meaningful actually has changed 
Just to be sure: OEM unlocking in Developer Options is available (not greyed) after that procedure?
I wonder if this is the same behavior I observed a while ago after flashing CalyxOS: immediately after flashing get_unlock_ability is 1, only after the first system boot it changes to 0. So probably this might work with re-flashing CalyxOS too - but I am unwilling to try 
Okay so, followed the latest forum guide here, respectively the official FP guide i.e. including fastboot flashing unlock_critical to flash CalyxOS.
From/old ROM: Stock FP4 ROM (OTA-updated to the one with patch level July or so, should be FP4.FP40.A.142.20220628).
To/new ROM: CalyxOS 3.9.0, i.e. SQ3A.220705.003.A1.22309000
using fastboot v33.0.3-8952118.
Given that these are quite recent versions, but it is a version upgrade (i.e. not using the version released some minutes ago for which CalyxOS has no version yet.), I felt quite safe.
So the log while flashing also looked successful:
Flash log
Sending 'abl_a' (148 KB) OKAY [ 0.006s]
Writing 'abl_a' OKAY [ 0.034s]
Finished. Total time: 0.048s
Sending 'abl_b' (148 KB) OKAY [ 0.006s]
Writing 'abl_b' OKAY [ 0.003s]
Finished. Total time: 0.015s
Sending 'aop_a' (176 KB) OKAY [ 0.008s]
Writing 'aop_a' OKAY [ 0.002s]
Finished. Total time: 0.018s
Sending 'aop_b' (176 KB) OKAY [ 0.008s]
Writing 'aop_b' OKAY [ 0.003s]
Finished. Total time: 0.017s
Sending 'bluetooth_a' (940 KB) OKAY [ 0.036s]
Writing 'bluetooth_a' OKAY [ 0.004s]
Finished. Total time: 0.049s
Sending 'bluetooth_b' (940 KB) OKAY [ 0.026s]
Writing 'bluetooth_b' OKAY [ 0.004s]
Finished. Total time: 0.037s
Sending 'core_nhlos_a' (108492 KB) OKAY [ 2.876s]
Writing 'core_nhlos_a' OKAY [ 0.287s]
Finished. Total time: 3.172s
Sending 'core_nhlos_b' (108492 KB) OKAY [ 3.132s]
Writing 'core_nhlos_b' OKAY [ 0.258s]
Finished. Total time: 3.398s
Sending 'devcfg_a' (44 KB) OKAY [ 0.009s]
Writing 'devcfg_a' OKAY [ 0.001s]
Finished. Total time: 0.018s
Sending 'devcfg_b' (44 KB) OKAY [ 0.008s]
Writing 'devcfg_b' OKAY [ 0.001s]
Finished. Total time: 0.016s
Sending 'dsp_a' (65536 KB) OKAY [ 1.719s]
Writing 'dsp_a' OKAY [ 0.142s]
Finished. Total time: 1.869s
Sending 'dsp_b' (65536 KB) OKAY [ 2.280s]
Writing 'dsp_b' OKAY [ 0.149s]
Finished. Total time: 2.436s
Sending 'featenabler_a' (88 KB) OKAY [ 0.013s]
Writing 'featenabler_a' OKAY [ 0.002s]
Finished. Total time: 0.023s
Sending 'featenabler_b' (88 KB) OKAY [ 0.007s]
Writing 'featenabler_b' OKAY [ 0.003s]
Finished. Total time: 0.017s
Sending 'hyp_a' (396 KB) OKAY [ 0.017s]
Writing 'hyp_a' OKAY [ 0.003s]
Finished. Total time: 0.028s
Sending 'hyp_b' (396 KB) OKAY [ 0.017s]
Writing 'hyp_b' OKAY [ 0.003s]
Finished. Total time: 0.027s
Sending 'imagefv_a' (524 KB) OKAY [ 0.026s]
Writing 'imagefv_a' OKAY [ 0.003s]
Finished. Total time: 0.037s
Sending 'imagefv_b' (524 KB) OKAY [ 0.027s]
Writing 'imagefv_b' OKAY [ 0.003s]
Finished. Total time: 0.037s
Sending 'keymaster_a' (240 KB) OKAY [ 0.016s]
Writing 'keymaster_a' OKAY [ 0.003s]
Finished. Total time: 0.027s
Sending 'keymaster_b' (240 KB) OKAY [ 0.007s]
Writing 'keymaster_b' OKAY [ 0.003s]
Finished. Total time: 0.017s
Sending 'modem_a' (146332 KB) OKAY [ 3.878s]
Writing 'modem_a' OKAY [ 0.346s]
Finished. Total time: 4.231s
Sending 'modem_b' (146332 KB) OKAY [ 3.929s]
Writing 'modem_b' OKAY [ 0.343s]
Finished. Total time: 4.279s
Sending 'multiimgoem_a' (16 KB) OKAY [ 0.009s]
Writing 'multiimgoem_a' OKAY [ 0.001s]
Finished. Total time: 0.018s
Sending 'multiimgoem_b' (16 KB) OKAY [ 0.009s]
Writing 'multiimgoem_b' OKAY [ 0.001s]
Finished. Total time: 0.017s
Sending 'qupfw_a' (56 KB) OKAY [ 0.009s]
Writing 'qupfw_a' OKAY [ 0.001s]
Finished. Total time: 0.017s
Sending 'qupfw_b' (56 KB) OKAY [ 0.011s]
Writing 'qupfw_b' OKAY [ 0.001s]
Finished. Total time: 0.028s
Sending 'tz_a' (2944 KB) OKAY [ 0.109s]
Writing 'tz_a' OKAY [ 0.008s]
Finished. Total time: 0.124s
Sending 'tz_b' (2944 KB) OKAY [ 0.112s]
Writing 'tz_b' OKAY [ 0.008s]
Finished. Total time: 0.127s
Sending 'uefisecapp_a' (124 KB) OKAY [ 0.010s]
Writing 'uefisecapp_a' OKAY [ 0.002s]
Finished. Total time: 0.021s
Sending 'uefisecapp_b' (124 KB) OKAY [ 0.007s]
Writing 'uefisecapp_b' OKAY [ 0.002s]
Finished. Total time: 0.017s
Sending 'xbl_a' (3300 KB) OKAY [ 0.098s]
Writing 'xbl_a' OKAY [ 0.011s]
Finished. Total time: 0.116s
Sending 'xbl_b' (3300 KB) OKAY [ 0.109s]
Writing 'xbl_b' OKAY [ 0.008s]
Finished. Total time: 0.124s
Sending 'xbl_config_a' (96 KB) OKAY [ 0.011s]
Writing 'xbl_config_a' OKAY [ 0.002s]
Finished. Total time: 0.021s
Sending 'xbl_config_b' (96 KB) OKAY [ 0.010s]
Writing 'xbl_config_b' OKAY [ 0.002s]
Finished. Total time: 0.028s
Sending 'frp' (512 KB) OKAY [ 0.017s]
Writing 'frp' OKAY [ 0.003s]
Finished. Total time: 0.028s
Sending 'devinfo' (4 KB) OKAY [ 0.007s]
Writing 'devinfo' OKAY [ 0.001s]
Finished. Total time: 0.015s
Erasing 'misc' OKAY [ 0.012s]
Finished. Total time: 0.017s
Erasing 'modemst1' OKAY [ 0.014s]
Finished. Total time: 0.018s
Erasing 'modemst2' OKAY [ 0.013s]
Finished. Total time: 0.017s
Setting current slot to 'a' OKAY [ 0.026s]
Finished. Total time: 0.028s
Rebooting into bootloader OKAY [ 0.001s]
Finished. Total time: 0.201s
< waiting for any device >
Erasing 'avb_custom_key' OKAY [ 0.014s]
Finished. Total time: 0.020s
Sending 'avb_custom_key' (1 KB) OKAY [ 0.008s]
Writing 'avb_custom_key' OKAY [ 0.011s]
Finished. Total time: 0.028s
--------------------------------------------
Bootloader Version...:
Baseband Version.....:
Serial Number........: eb077c0a
--------------------------------------------
extracting android-info.txt (0 MB) to RAM...
Checking 'product' OKAY [ 0.002s]
Setting current slot to 'a' OKAY [ 0.003s]
extracting boot.img (96 MB) to disk... took 0.291s
archive does not contain 'boot.sig'
Sending 'boot_a' (98304 KB) OKAY [ 2.601s]
Writing 'boot_a' OKAY [ 0.264s]
archive does not contain 'init_boot.img'
extracting dtbo.img (24 MB) to disk... took 0.088s
archive does not contain 'dtbo.sig'
Sending 'dtbo' (24576 KB) OKAY [ 0.638s]
Writing 'dtbo' OKAY [ 0.062s]
archive does not contain 'dt.img'
archive does not contain 'pvmfw.img'
extracting recovery.img (96 MB) to disk... took 0.293s
archive does not contain 'recovery.sig'
Sending 'recovery' (98304 KB) OKAY [ 2.582s]
Writing 'recovery' OKAY [ 0.233s]
extracting vbmeta.img (0 MB) to disk... took 0.000s
archive does not contain 'vbmeta.sig'
Sending 'vbmeta' (8 KB) OKAY [ 0.008s]
Writing 'vbmeta' OKAY [ 0.003s]
extracting vbmeta_system.img (0 MB) to disk... took 0.000s
archive does not contain 'vbmeta_system.sig'
Sending 'vbmeta_system' (4 KB) OKAY [ 0.002s]
Writing 'vbmeta_system' OKAY [ 0.003s]
archive does not contain 'vbmeta_vendor.img'
archive does not contain 'vendor_boot.img'
archive does not contain 'vendor_kernel_boot.img'
extracting super_empty.img (0 MB) to disk... took 0.000s
Rebooting into fastboot OKAY [ 0.001s]
< waiting for any device >
Sending 'super' (4 KB) OKAY [ 0.001s]
Updating super partition OKAY [ 0.007s]
Resizing 'odm_a' OKAY [ 0.004s]
Resizing 'product_a' OKAY [ 0.004s]
Resizing 'system_a' OKAY [ 0.004s]
Resizing 'system_ext_a' OKAY [ 0.004s]
Resizing 'system_b' OKAY [ 0.004s]
Resizing 'vendor_a' OKAY [ 0.004s]
Resizing 'vendor_b' OKAY [ 0.004s]
archive does not contain 'boot_other.img'
extracting odm.img (1 MB) to disk... took 0.009s
archive does not contain 'odm.sig'
Resizing 'odm_a' OKAY [ 0.004s]
Sending 'odm_a' (1052 KB) OKAY [ 0.032s]
Writing 'odm_a' OKAY [ 0.051s]
archive does not contain 'odm_dlkm.img'
extracting product.img (1081 MB) to disk... took 3.173s
archive does not contain 'product.sig'
Resizing 'product_a' OKAY [ 0.004s]
Sending sparse 'product_a' 1/5 (262140 KB) OKAY [ 8.212s]
Writing 'product_a' OKAY [ 0.955s]
Sending sparse 'product_a' 2/5 (262140 KB) OKAY [ 8.135s]
Writing 'product_a' OKAY [ 1.045s]
Sending sparse 'product_a' 3/5 (262140 KB) OKAY [ 8.204s]
Writing 'product_a' OKAY [ 0.972s]
Sending sparse 'product_a' 4/5 (262140 KB) OKAY [ 8.424s]
Writing 'product_a' OKAY [ 0.936s]
Sending sparse 'product_a' 5/5 (58488 KB) OKAY [ 1.549s]
Writing 'product_a' OKAY [ 0.260s]
extracting system.img (853 MB) to disk... took 2.915s
archive does not contain 'system.sig'
Resizing 'system_a' OKAY [ 0.005s]
Sending sparse 'system_a' 1/4 (262140 KB) OKAY [ 8.148s]
Writing 'system_a' OKAY [ 0.945s]
Sending sparse 'system_a' 2/4 (262140 KB) OKAY [ 7.970s]
Writing 'system_a' OKAY [ 1.025s]
Sending sparse 'system_a' 3/4 (262140 KB) OKAY [ 8.351s]
Writing 'system_a' OKAY [ 0.913s]
Sending sparse 'system_a' 4/4 (87672 KB) OKAY [ 2.365s]
Writing 'system_a' OKAY [ 0.407s]
archive does not contain 'system_dlkm.img'
extracting system_ext.img (222 MB) to disk... took 0.703s
archive does not contain 'system_ext.sig'
Resizing 'system_ext_a' OKAY [ 0.004s]
Sending 'system_ext_a' (227956 KB) OKAY [ 6.225s]
Writing 'system_ext_a' OKAY [ 0.817s]
archive does not contain 'system_other.img'
extracting vendor.img (420 MB) to disk... took 1.397s
archive does not contain 'vendor.sig'
Resizing 'vendor_a' OKAY [ 0.004s]
Sending sparse 'vendor_a' 1/2 (262140 KB) OKAY [ 8.205s]
Writing 'vendor_a' OKAY [ 0.940s]
Sending sparse 'vendor_a' 2/2 (168668 KB) OKAY [ 5.369s]
Writing 'vendor_a' OKAY [ 0.611s]
archive does not contain 'vendor_dlkm.img'
archive does not contain 'vendor_other.img'
Finished. Total time: 125.886s
Rebooting into bootloader OKAY [ 0.001s]
Finished. Total time: 0.051s
Now the only issue is the “OEM unlock” thingy. As others reported it is indeed:
- greyed out, i.e. not toggable
- the toggle is at the left, i.e. at OFF state
- however, what no one reported so far, it says “Bootloader is already unlocked”.
Screenshot (German language):
Screenshot (English):
The last sentence is quite good and true. I just wondered whether that is good or bad now.
So I booted into recovery again and unfortunately, the magic variable there says nope 
:
$ fastboot flashing get_unlock_ability
(bootloader) get_unlock_ability: 0
OKAY [ 0.001s]
Finished. Total time: 0.001s
So of course, I did not lock the bootloader.
So what should I do now? Wait for a CalyxOS to fix this (if they can?), reflash CalyxOS? Revert to Stock ROM?
Nobody really knows what’s the proper way forward, since nobody at Fairphone has bothered to fill us in for quite some time…
As far is I can tell, the issue has to be fixed by Fairphone, the Calyx devs have mentioned several times that it’s a bug in the bootloader. If that’s the case, that’s proprietary code and can’t be fixed by an outside dev.
There is a way to set get_unlock_ability back to 1 using Magisk, which you’ll find in this thread, but there is no guarantee that procedure reduces the likelihood of bricking the device.
I would #contactsupport , maybe this issue eventually gets prioritized at same point 
3 Likes
I don’t quite get what you want to say.
You wrote that you didn’t lock the bootloader. So it’s no surprise that the message is “bootloader is unlocked”, isn’t it?
And get_unlock_ability is “0” as the switch is on the left side (so OEM unlock is disabled).
I think what they could do to “fix it” is, what was already done for /e/OS: even when the bootloader is not locked, the switch of OEM unlock is still not greyed out. So you’re able to to select a status in any case:
Yep.
It is.
The issue is if I’d lock the bootloader now I cannot change the switch from OFF to ON again, I’d say. So I could not re-flash another (Custom)ROM and kinda be locked in there forever. 
AFAIK OEM unlocking needs to be enabled before locking the bootloader.
Exactly. So the “fix” is (as I’ve said before) to leave the slider/toggle enabled even if the bootloader is unlocked (as it was developed for /e/OS).
Once you lock the bootloader, that switch becomes togglable again. The Magisk workaround uses that exact mechanism, you change the property ro.boot.flash.locked to 1, the system thinks the bootloader is locked and you can flick the switch to ON.
The reason you have to check that get_unlock_ability isn’t 0 is, that if something goes wrong when locking the bootloader and your phone is unbootable, you wouldn’t be able to unlock it again.
CalyxOS does reset get_unlock_ability to 0 after you successfully booted with a locked bootloader, keep that in mind if you lock it at some point.
Does that “fix” reliably keep people on /e/ from bricking? If that’s the case, the Magisk route would be a viable alternative for other ROMs in the meantime.
1 Like
No, but in case your phone boots after installation you can easily enable OEM unlock (without fiddling with Magisk) in order to be safe when locking the bootloader afterwards.
People will always find a way to brick their phones 
That’s what I was asking about, so toggling that switch to ON on /e/ actually lets people attempt a disaster recovery if something goes wrong after locking the bootloader?
The reason I’m asking, since we don’t really know what’s causing it, couldn’t locking the bootloader just reset get_unlock_ability as well?
Don’t think so. I’ve never experienced it when I was playing around a lot with locking and unlocking and I’ve read a lot of reports from users having locked the bootloader (after /e/OS installation) and getting an unbootable device but being able to unlock it again (because OEM unlock had been enabled).
I also can’t remember any report where OEM unlock was enabled and (only) locking the device changed this.
(Unfortunately I don’t have a test device atm to try it out myself.)
1 Like
Hmm apparently also did so when booting with an unlocked bootloader.
Anyway, actually locking directly after flashing without a reboot succeeded and I had a properly locked bootloader and device:
IIRC this is also how the usual installation process for other devices like the Pixel devices does it, so not that wrong.
After all, for the beta at least, you can do what I did and first boot into the system before locking, testing some things/checking everything is correct and then re-flash it and follow the steos above. That may be a good compromise, as then you’ve tested it at least somewhat.
That’s the bootloader bug we are talking about and shouldn’t happen.
I’m glad this worked for you, but I really wouldn’t recommend locking a system you haven’t booted. If you get hit by the bug (which you were) and something goes wrong, you will end up with a 
instead of a phone…
3 Likes