I managed to set get_unlock_ability back to 1 again (with an unlocked bootloader, don’t get your hopes up) by using Magisks resetprop…
adb shell su -c 'resetprop ro.boot.flash.locked 1'
…and switching the OEM toggle in developer settings back to on.
Magisk for the rescue again
We should advise people to check fastboot flashing get_unlock_ability before locking the bootloader.
It’s a bit of a hassle having to set up Magisk just to reset that flag, but beats bricking the phone. Maybe there’s another way to fix this
Hi there, thank you all for your contributing to this thread!
We’ve been following it closely and your feedback has not gone unheard.
There is a new package for manual installation available for download here, it’s for build 107 - the latest at time of writing. The script now addresses an error that can be introduced by installing software manually. As long as you use the latest available package, you should not be getting stuck in Fastboot mode.
Thank you very much for this!
Could you explain a bit more what the problem is? So that we understand it and the community also knows what to do in case of further problems?
Can confirm that for me the get_unlock_ability flag unexpectedly changed as well to 0, in my case when going from e/os to CalyxOS without having OEM-locked the phone at any point:
From stock to e/os
Fresh FP4
OEM unlock on untouched stock OS
bootloader unlock and unlock_critical
checking: get_unlock_ability=1
flashing e/os, worked fine
still get_unlock_ability=1
bootloader lock and lock_critical
still get_unlock_ability=1
From e/os to CalyxOS
bootloader unlock and unlock_critical
still get_unlock_ability=1
flashing CalyxOS
get_unlock_ability=0, OEM unlocking greyed out while bootloader is still unlocked (which I will not lock for now, of course, until I get that flag set back to 1)
In /e/OS “root debugging” can be enabled. Maybe in CalyxOS too? If yes, is it possible after enabling it to type in the adb command mentioned by @hirnsushi
and execute it without using magisk?
Interesting. From the name of the command I have an idea what it does, but a google search only revealed some posts in the FP-forum from 2017 or so. Where did the ${FATBOOT_BIN} go?
All in all, does this in any way help to figure out what is going wrong and help to recover already bricked devices?
resetprop is a feature of Magisk to change read-only properties, so no. But installing the Magisk app and fastboot booting a Magisk patched boot.img should be enough for this to work.
That’s a function declared somewhere else in the script, has been used before to flash the other partitions. It’s essentially a fancy way of saying fastboot flash foo with some error handling. ${FASTBOOT_BIN} is just a variable to point to the included fastboot.
It does, that’s why we need to set ro.boot.flash.locked to 1 so the system thinks the bootloader is locked and the toggle gets enabled.
We are talking unlocked bootloader here, that only applies if you locked it, I’m running Magisk on Calyx right now.
How else would I have been able to change that property on a Calyx device that got changed to get_unlock_property=0?
The part in bold is important here. This isn’t a way to revive bricked phones, only a possibility to maybe save people beforehand.
I would like to give this a try since I want to use CalyxOS with a locked bootloader. However, I’ve never used Magisk or patched a boot.img to use it – would it be possible for you to point me in the right directions to get started/roughly guide me what I need to do? I would very much appreciate the help!
Sure
Keep in mind that I haven’t tested this, because I didn’t lock my bootloader afterwards and I can’t guarantee that there’s no possibility left to brick your phone!
With that out of the way, download the boot.img and the Magisk.apk (for others trying this on a different ROM, please use the corresponding boot.img for that ROM!) from those two links to your PC…
…and enable ADB debugging on your FP4 if you haven’t already.
Install the Magisk app by either running adb install Magisk-v24.3.apk or transferring the .apk to your phone
adb reboot bootloader and fastboot boot calyx-3.3.2_magisk_boot.img should boot you into a Magisk enabled Calyx
adb shell su -c 'resetprop ro.boot.flash.locked 1' should show a prompt on your phone screen to grant root privileges…
Change OEM unlocking to on in Developer options.
adb reboot bootloader and most importantly check if fastboot flashing get_unlock_ability actually returns 1
Pray to the ancient gods
fastboot flashing lock
There might be, I only went with the tools I know, so others more knowledgeable in low level stuff maybe can help here
Thank you very much for the guide – OEM re-enabling worked! After having booted with the patched boot.img and issuing adb shell su -c 'resetprop ro.boot.flash.locked 1', OEM unlocking can be toggled again and in fastboot, get_unlock_ability is back to 1.
Before attempting to lock the bootloader, I rebooted again normally without the patched boot.img. OEM unlocking still is set to “on”, but again cannot be toggled anymore (greyed-out) – is this same for you? For me, it would be enough (I do not need to change OEM locking as I did not before on e/os as long as it is ON).
Just want to confirm everything before I attempt locking…
EDIT: Just realized, that OEM unlocking is grayed out regardless of the state of get_unlock_ability as it can be only toggled after issuing adb shell su -c 'resetprop ro.boot.flash.locked 1' granting super-user rights. As it stays “ON”, I should be safe locking the bootloader… (being nervous, nevertheless)
That’s correct, yes, ro.boot.flash.locked is set back to 0 once you reboot, that flag gets set automatically if the bootloader is unlocked. We only changed it temporarily to make the OEM unlocking toggle changeable.