Trying to revert to Fairphone OS but get_unlock_ability: 0

You successfully summoned me :smirk:

If all you are trying to do is check the functionality and then send it to Cordon no need to lock the bootloader IMO, they’ll probably reflash the phone as a matter of policy.

But let’s get into it anyway :nerd_face:

Calyx only locks the bootloader and doesn’t lock the critical partitions beforehand (because you can’t touch those with a locked bootloader anyway), so those being already unlocked is perfectly fine as you suspected.

There is your first problem, you don’t want to boot into the OS before locking because the first boot resets get_unlock_ability.

  • Open the flash_fp4_factory.command file in the folder where you extracted the Fairphone factory images and change line 23 to REBOOT_TO_BOOTLOADER="true"
  • Get the new SHA256SUM for the script (sha256sum flash_fp4_factory.command if you are on Linux) and replace the one in the SHA256SUM file with it (last line)
  • Run the installation again and check fastboot flashing get_unlock_ability afterwards

(Yeah I have no idea either why the official script boots you into the system and the docs instruct you to lock it afterwards, which makes it waaay more unsafe :man_shrugging:
I mean just make locking the bootloader part of the script and automatically check get_unlock_ability beforehand, like Calyx does, that would have saved so many devices from needlessly having to be sent to Cordon. But I’ve honestly given up at this point, this stuff isn’t going to change.)

No, you don’t, CalyxOS follows Fairphones SPL (you can see the updates here), so as long as you install the latest FPOS release ( FP4.TP2D.C.0112 in this case), or update your system to that state if current factory releases aren’t available, you should never end up with a security patch level that makes it impossible to lock your bootloader.

TL;DR: I wouldn’t lock it just for a check, but if you want to don’t boot into it and always check get_unlock_ability.

2 Likes