Unlocking Bootloader / Rooting / Updating | Play Integrity / SafetyNet | ADB/Fastboot & Windows USB Drivers
Unlocking Bootloader / Rooting / Updating:
How to Root the first time / aka How to unlock the Bootloader:
Unlocking the bootloader will factory reset your device. There is no way around this. I highly suggest never re-locking your bootloader once you unlock it. If you do ever re-lock the bootloader, only do so after restoring the phone to 100% stock by using the latest Pixel 7 Pro Factory Image or Official Google Android Flash Tool.
Verizon variants:
Will never be able to have their bootloader unlocked. It's like winning the lottery, and just as rare and relatively random. There is nothing that anyone on XDA can do to help you unlock your Verizon variant.
T-Mobile and AT&T variants:
Can be unlocked once you pay the phone off, then you contact the carrier and arrange to Carrier unlock the phone. Once the phone is Carrier unlocked, then you can unlock the bootloader with the usual caveats (will wipe the device and there's no way around it).
The direct-from-Google (or other retailers who aren't U.S. Carriers), the factory Carrier Unlocked Pixels:
Can be bootloader unlocked at any time. I'd try it first before putting a SIM card in the phone. If OEM unlocking is grayed out, try connecting to Wi-Fi, and reboot if necessary. If it's still grayed out, try with your SIM card, and reboot again. Historically on Pixels, most of the time you can toggle OEM unlocking immediately, but occasionally some users have found it took a little while after being either connected to Wi-Fi or having your SIM card installed in it, and then eventually (hours? day? days?) you can toggle OEM unlocking.
Spectrum:
Ericarthurc said:
@roirraW "edor" ehT
You could add Spectrum Mobile purchased phones to the T-Mobile/AT&T section for bootloader unlock.
Spectrum uses Verizon's towers but they purchase directly from Google. These are not Verizon variants.The phone needs to be paid off and active for 60 days on Spectrum's service then you can request an unlock from support.
I bring it up because a lot of people have been asking about Spectrum lately and people seem to be confused. Spectrum mobile even has an official support page about unlocking and all the requirements.
The rest of the world's carriers:
No idea. Feel free to ask in the thread and hopefully, someone with specific knowledge will answer.
Other than trying the things I mentioned above, there is nothing else that anyone on XDA can do to help get OEM unlocking to be ungrayed.
Unlocking Bootloader (required in order to root)
The one-time first steps are:
- Android Settings
- About phone
- Click on
Build numberrepeatedly, about seven times- Go back to the main Android Settings
- System
- Developer options
- Toggle
OEM unlockingon. See @Namelesswonder's tip below (this won't help with variants that are supposed to be bootloader locked):Namelesswonder said:
Also a little tip for anyone trying to enable OEM unlocking on a device and it is grayed out, you can force the phone to check for eligibility by connecting to the internet in whatever way, going to the dialer, and dialing
*#*#2432546#*#*(CHECKIN).
You should receive a notification from Google Play services with "checkin succeeded" and OEM unlocking should be available immediately if the device is eligible.
Google account not needed, SIM not needed, no other setup required. Works on completely-skipped-setup-wizard. Just need to make sure to connect to the internet and select the connection as metered to avoid any updates.- Toggle
USB debuggingon.- [Optional] I highly suggest you also disable
Automatic system updates. Note that in a situation such as the Android 12 serious bootloader security issue, this setting will not keep Google from forcing an update to come through anyway.- How to actually root follows the same steps below as how to update each month.
- Download the latest ADB/Fastboot (SDK Platform Tools) and Windows USB Drivers.
- Unzip the Platform Tools and Drivers.
NOTE: If you have USB drivers for other Android devices installed, like Samsung, they can alternately sometimes work and not work with Google Pixels. I recommend uninstalling those drivers, or at least updating that driver to Google's driver as instructed below (the Device Manager entry may be different with other OEMs).
- The Windows USB Drivers may have to be installed twice:
- The first time while your phone is running and unlocked as normal.
- In Windows, right-click on the Start Button and choose
Device Manager.- Plug your phone into the computer and look for the new hardware entry in Device Manager. Near the top of Device Manager should be
Android Device. Click the drop-down arrow to the left of it.- Below
Android Device, it should now showAndroid Composite ADB Interface- Right-click the
Android Composite ADB Interfaceand chooseUpdate driver- Choose
Browse my computer for drivers- Click
Browseand navigate to where you unzipped the Windows USB drivers to.- Follow the prompts to install the driver.
- Keep Device Manager itself open - you'll need it again in a minute, but you can close any other Device Manager windows after you have installed the driver.
- Open a Command Prompt and navigate to the
platform-toolsfolder.- Run command:
Code:
adb devices- On your Android device, you'll get an ADB prompt. Check the box to always give ADB permission and click
OK.- Confirm that the command results in a list of Android devices. When doing these producedures, you should only have the one device you want to work on connected, to keep things simple.
- The second time to install the driver is while the phone is in Bootloader (fastboot mode), notFastbootD (fastbootd) mode. I know it's confusing.
- Run command:
Code:
adb reboot bootloader- Repeat the instructions above starting with "Right-click the Android Composite ADB Interface".
- This second time installing the drivers while in Bootloader (fastboot mode), it will show up as "Android Bootloader Interface". Thanks @simplepinoi177 for the suggestion to add this detail.
- Run command:
Code:
fastboot flashing unlock- On the phone, press either the up or down volume button once until you see
Unlock the bootloader |>|beside the power button.- Press the power button. The phone will go black for a second and then show near the bottom
Device state: unlocked.- After these first-time steps to unlock the bootloader, if you want to root, continue below at the step:
- Download the latest Pixel 7 Pro Factory Image (at the bottom of the "cheetah" section).
NOTE that as @Lughnasadh has previously found and reported, both the factory image method using Flash-All.Bat, and the Official Google Android Flash Tool (webpage) cause only the most recently flashed slot to boot. If you want both slots to be bootable, you want the Full OTA Zip method a couple of sections down in this post.
badabing2003 said:
And it's a double warning if the device is brand new, the secondary slot does not even get into bootloader (because it is blank) if the active slot is becomes not bootable, automatic switching to the secondary slot bricks the device (no bootloop).
At least with factory image flashed on both slots, even if the primary slot is not system bootable, you get bootlooped and you can flash again.
Old habits are hard to break, specially if people never had issues with it in the past and are comfortable with the steps (I see a lot of people still doing factory flashing), for the very least if one chooses to stick with factory flashing, both slots should be flashed, specially with a brand new device.
Although that is still a very high risk for brand new devices because anything goes bad it's likely to end up with a brick.
OTA instructions should be the dominant guides, and factory would be used for downgrade (with a wipe).
How to update each month (and also how to root)
[requires an unlocked bootloader for updating via this factory image method, and for the Full OTA method if you're rooting]
- These three instructions only apply if you're already rooted and updating from one firmware version to another:
- Made sure all Magisk Modules have been updated.
- Disable all Magisk Modules.
- UNhide Magisk!
- If you are going to use the Official Google Android Flash Tool, then skip the steps I indicate with FAB(Flash-All.Bat).
- If using the Android Flash Tool to update/dirty flash, you should have the following items notselected:
- Deselect Wipe
- Deselect Force Flash all partitions (which will also wipe)
- Deselect re-lock bootloader
- If using the Android Flash Tool to update/dirty flash, you should have the following items notselected:
- Always use the latest ADB/Fastboot (SDK Platform Tools) and Windows USB Drivers.
- Unzip the Platform Tools.
- At this point, if you're going to use the Full OTA Zip method, go to the:
Full OTA Zip method
section below the next section.
Factory Image / Android Flash Tool method:
- Download the latest Pixel 7 Pro Factory Image (at the bottom of the "cheetah" section).
- Unzip the factory image to the same
platform-toolsfolder, i.e. so that flash-all.bat and all other files are in the same folder as ADB and Fastboot from the platform-tools.- * FAB VERY important - Edit the
flash-all.bat(on Windows) orflash-all.sh(on Linux) and remove the-wfrom thefastboot update image-cheetah-etcetera.zipline. This will keep the script from wiping your phone when you run it.- Extract only the
init_boot.imgfile from theimage-cheetah-etcetera.zipto the sameplatform-toolsfolder.- Copy the init_boot.img from the PC to the phone's internal storage.
- On the phone: Apply Magisk Stable to the new stock
init_boot.img. NOTE: It is always possible that an Android Update (Monthly, QPR [Quarterly Platform Release], new major Android versions, and Beta versions) might need a new version of Magisk Stable, Beta, or Canary from GitHub to work correctly. XDA forum for Magisk is here.
- Launch the Magisk app.
- Beside "Magisk", click "Install".
- Click "Select and Patch a File", and choose the init_boot.img that you just copied to the phone's storage.
- Copy the Magisk'd init_boot.img (filename similar to
magisk_patched-25200_1a2B3c.img)back over to the computer.- * FAB Run commands:
Code:
adb reboot bootloaderflash-all.bat (on Windows)orflash-all.sh (on Linux)(Note: At least two Apple Macintosh users had trouble using the flash-all.sh - at least one of those users, everything went smooth once they used a Windows PC for this part of the process)IMPORTANT - The flash-all will take several minutes and reboot on its own several times including to a mode called "FastbootD", and finally reboot into full Android when it's done. Do not interrupt this process. On the FastbootD screen on the phone, do not use any of the manual selection options - let the flash-all script do it's work. Do not unplug your phone until it has fully booted into Android.
Thanks to @PurppleMonkey and @xgerryx for suggesting a warning about this. Thanks to @simplepinoi177 for suggesting the "FastbootD" clarification.- On the phone:
- Wait for the phone to boot normally.
- OPTIONAL: If you want to flash both slots, after this first time, then after do the following:
So you're doing the flash-all.bat a second time on the second slot.
Code:
adb reboot bootloaderfastboot --set-active=otherflash-all.bat- On the computer:
- Open a Command Prompt and navigate to the
platform-toolsfolder.- Run command:
Code:
adb reboot bootloader- After phone has rebooted into Bootloader (Fastboot) mode, run command:
Code:
fastboot flash init_boot magisk_patched-25200_1a2B3c.imgfastboot reboot- Unlock the phone.
- Confirm that the phone boots completely normally.
- Cautiously re-enable Magisk Modules.
- Reboot.
- Confirm everything worked fine.
- If the phone won't boot correctly after having enabled Magisk Modules, see either of the two solutions below:
Jon8RFC said:
For the future, you don't need to go into safe mode unless that's your preference. I forgot what all it resets, but it's many settings and it's bothersome. I'd rather just reinstall my modules and not have to figure out those Android settings/changes which I come across days or weeks later when I infrequently do something. Have your phone reboot and run this:
Code:
adb wait-for-device shell magisk --remove-modulesI like to just do this first:
Code:
adb devicesSo the server is running, then I have the long one pasted and ready to go once the phone turns off.
- Find problem apps, Magisk, and LSposed Modules by (three different methods) section in my next post. After following that link, you may have to scroll up a little bit and the section title will be highlighted.
Rooting or updating using the (preferred) Full OTA Zip method
These days I recommend this Full OTA Zip method instead of the Factory Image, for both rooting and updating each month.
NOTE that as @Lughnasadh and @badabing2003 have previously found and reported, both the factory image method using Flash-All.Bat, and the Official Google Android Flash Tool (webpage) cause only the most recently flashed slot to boot. If you want both slots to be bootable, you want the Full OTA Zip method a couple of sections down in this post.
badabing2003 said:
And it's a double warning if the device is brand new, the secondary slot does not even get into bootloader (because it is blank) if the active slot is becomes not bootable, automatic switching to the secondary slot bricks the device (no bootloop).
At least with factory image flashed on both slots, even if the primary slot is not system bootable, you get bootlooped and you can flash again.
Old habits are hard to break, specially if people never had issues with it in the past and are comfortable with the steps (I see a lot of people still doing factory flashing), for the very least if one chooses to stick with factory flashing, both slots should be flashed, specially with a brand new device.
Although that is still a very high risk for brand new devices because anything goes bad it's likely to end up with a brick.
OTA instructions should be the dominant guides, and factory would be used for downgrade (with a wipe).
- These three instructions only apply if you're already rooted and updating from one firmware version to another:
- Made sure all Magisk Modules have been updated.
- Disable all Magisk Modules.
- UNhide Magisk!
- Always use the latest ADB/Fastboot (SDK Platform Tools) and Windows USB Drivers.
- Unzip the Platform Tools.
[you don't normally have to manually switch slots - this is just an FYI]
If you ever manually need to switch slots, then from running Android:
Code:
adb reboot bootloaderfastboot --set-active=otherfastboot reboot[you can also follow all of these Full OTA Zip method instructions without a locked bootloader - just ignore anything having to do with Magisk or init_boot.img]
Full OTA Zip method:
These instructions assume that you've already followed the directions for unlocking your bootloader (previous post), which includes installing the necessary drivers and platform-tools.
NOTE that it's optional to flash the Magisk'd (rooted) init_boot.img. You can flash it to both slots, you can flash it to just one slot if you need an unrooted copy of Android.
Because of some details of how the factory image zip method works, you can't use that method twice (switching slots) to update both slots AND be able to switch slots. Only one slot will work.
This Full OTA method will allow you to boot either slot.
Thanks to @Lughnasadh and @badabing2003 for testing, detailing, and refining the steps. Thanks especially to @Lughnasadh for proof-reading these steps and giving great suggestions, and making me aware of options I didn't know about.
- Download the Full OTA Zip file for your device from:
- Install Magisk Stable on the phone. NOTE: It is always possible that an Android Update (Monthly, QPR [Quarterly Platform Release], new major Android versions, and Beta versions) might need a new version of Magisk Stable, Beta, Canary, or Delta from GitHub to work correctly. XDA forum for Magisk is here.
- [ONLY if you already had your phone rooted before]:
- UN-hide Magisk on the phone.
- Disable all Magisk Modules just in case they're not compatible with and cause a bootloop on the new firmware
- There are three ways to get the init_boot.img (the third option is possibly the easiest):
- You can download the latest factory image zip from the bottom of the "Cheetah" section, but that's a lot of wasted download for just the init_boot.img. In the factory image zip, the init_boot.img is inside the inner zip that's inside the zip you download. Put the init_boot.img in the same folder as the extracted platform-tools.
- The more effecient method is to extract the init_boot.img out of the payload.bin file, which is inside the Full OTA zip:
- Use @ssssut's (XDA thread [TOOL] A QUICK Android OTA payload dumper) OR directly from GitHub.
- At the GitHub link, click the Releases link at the far right, down the screen a bit.
- Download the latest payload dumper in the Assets section for the latest release, appropriate to whichever platform you're going to run it on. For Windows, you'll likely want the .tar.gz archive that ends in
windows_amd64.- I use the free 7-Zip to extract the .tar.gz. I use it for zips, too. I use it for everything with rare exception.
- Extract the payload dumper to the same folder you have ADB, Fastboot, and the OTA zip.
- Extract the payload.bin out of the OTA zip.
- Open a Command Prompt while in the same folder as the ADB, Fastboot, OTA zip, payload.bin, and payload dumper.
payload-dumper-go.exe -p init_boot -o . payload.bin- The period . after -o will cause it to put init_boot.img in the same folder as where you're running the command in.
- Possibly the easiest way to get the init_boot.img out of the payload.bin (and patch it at the same time), and still two variations of this particular solution: Magisk does all the work.
- Your choice - either copy the entire Full OTA zip, OR just the payload.bin from the zip to your phone.
- OPTIONAL - if you need to disable Verity and Verification (for custom kernels that require it), then use either of the first two init_boot.img extraction methods above for the vbmeta.img, substituting the correct partition/image name, as appropriate.
- If one of the first two methods were used (factory image zip OR using payload dumper on the payload.bin), copy the init_boot.img to your phone.
- Continue here for all methods:
- Launch Magisk.
- To the right of "Magisk", click "Install".
- Click "Select and Patch a File"
- Find and click on either the Full OTA zip, payload.bin, OR init_boot.img, depending on which method you decided to use.
- As appropriate, Magisk extracts and generates the Magisk-patched init_boot.img.
- Copy the Magisk'd init_boot.img back to the PC.
adb reboot sideloadadb sideload cheetah-ota-AB#a.YYMMDD.##-blah.zip- Choose recovery menu option
reboot to bootloader- OPTIONAL - if you need to disable Verity and Verification (for custom kernels that require it):
fastboot --disable-verity --disable-verification flash vbmeta vbmeta.imgfastboot flash init_boot Magisk'd_init_boot.img
- If your Magisk'd init_boot.img filename has spaces in it, then use Quotes " " around it:
fastboot flash init_boot "Magisk'd init_boot.img"- Temporarily boot into the newly updated/rooted slot, to test to make sure it boots and all seems normal:
fastboot reboot- Unlock your phone to be assured things are working satisfactorily.
- The rest (except
fastboot rebootat the end) is optional, if you want to update the other slot.- NOTE that it it NOT necessary to tell the phone to change slots. Each time you flash the OTA, the phone changes slots already.
adb reboot sideloadadb sideload cheetah-ota-AB#a.YYMMDD.##-blah.zip- Choose recovery menu option
reboot to bootloader- OPTIONAL - if you need to disable Verity and Verification (for custom kernels that require it):
fastboot --disable-verity --disable-verification flash vbmeta vbmeta.imgfastboot flash init_boot Magisk'd_init_boot.img
- If your Magisk'd init_boot.img filename has spaces in it, then use Quotes " " around it:
fastboot flash init_boot "Magisk'd init_boot.img"fastboot reboot- Unlock the phone.
- Confirm that the phone boots completely normally.
- Cautiously re-enable Magisk Modules.
- Reboot.
- Confirm everything worked fine.
- If the phone won't boot correctly after having enabled Magisk Modules, see either of the two solutions below:
Jon8RFC said:
For the future, you don't need to go into safe mode unless that's your preference. I forgot what all it resets, but it's many settings and it's bothersome. I'd rather just reinstall my modules and not have to figure out those Android settings/changes which I come across days or weeks later when I infrequently do something. Have your phone reboot and run this:
Code:
adb wait-for-device shell magisk --remove-modulesI like to just do this first:
Code:
adb devicesSo the server is running, then I have the long one pasted and ready to go once the phone turns off.
- Find problem apps, Magisk, and LSposed Modules by (three different methods) section in my next post. After following that link, you may have to scroll up a little bit and the section title will be highlighted.
![June 11, 2024 AP2A.240605.024 QPR3 STABLE - Unlock bootloader / Root Pixel 7 Pro [Cheetah] Stable firmware / SafetyNet (1)](https://i0.wp.com/xdaforums.com/proxy.php?image=https%3A%2F%2Fwww.gstatic.com%2Fdevrel-devsite%2Fprod%2Fvd59826aff4c44c40ae6b66bb6749cdc41cdaad671ce8aa5208d5acf15cc7ec42%2Fdevelopers%2Fimages%2Ffavicon-new.png&hash=5779ab1665b60b10f08c34ef372621ad&return_error=1 "June 11, 2024 AP2A.240605.024 QPR3 STABLE - Unlock bootloader / Root Pixel 7 Pro [Cheetah] Stable firmware / SafetyNet (1)")
If you ever need to manually switch slots, then from running Android:
Code:
adb reboot bootloaderfastboot --set-active=otherfastboot rebootPlay Integrity / SafetyNet:
You do not need more than one of these:
- @chiteroman's [MODULE] Play Integrity Fix (SafetyNet fix)
- @osm0sis PlayIntegrityFork (fork of @chiteroman's)
chiteroman said:
You don't need playcurl, my module has the latest working print built-in. Just plug and play ☺
- I had been also using the following up until June 12, 2024, when @chiteroman said the above quote.
- I haven't actually used the second one by osm0sis, so I don't know for sure, but I use the first one by chiteroman, combined with:
- daboynb's PlayIntegrityNEXT (actually just playcurl) - you can use it to (your choice) automatically or manually update the Play Integrity fingerprints used.
- Also for reference, @simplepinoi177's thread
- Launch the Magisk app.
- Go to Magisk's Settings (Gear in top right).
- Click
Hide the Magisk app. - When you hide it, you'll have the optional opportunity to change the Magisk app's name to whatever you wish. It doesn't have to be complex to fool apps that check for Magisk.
- Important: When you have the Magisk app hidden or renamed, you can accidentally install a new copy of Magisk. This situation won't work at all - neither copy of Magisk will work with two installed. This is one reason why I don't completely hide Magisk, so I can tell it's installed because I have it renamed as something easily recognizable.
- Back to the Magisk app's Settings...
- Click
Systemless hosts. This adds a Magisk Module to Magisk, which you can verify in a later step. - Toggle
Zygiskon. - Toggle
Enforce DenyListon. - Click
Configure DenyList.- Add every app that you want to explicitly deny root and the existence of root.
- You can click the 3-dot menu and choose the options to display system and/or OS apps, if necessary.
- Note that for many apps, it is not enough to click the single checkmark to the right of the app name in this list. For many but not all apps, you should click on the app name and you'll see it expand to two or more entries, each with its own toggles. In this expanded state, you can now check the single top checkbox beside the main app name and it'll toggle all individual sub-entries.
- Some apps add new entries to this list from time to time, so if you find that an app used to work for you when rooted and doesn't now, check this list again and look for the entries that aren't fully checked. There will be an incomplete horizontal line above the apps that don't have all of their sub-entries toggled.
- You can use the Search button at the top of this list to find specific apps quickly.
- The most common apps you should definitely fully check in this list are:
IMPORTANT - There are some things, such as
Google Play Serviceswhich it's fine to add to the DenyList, but it's perfectly normal when used in combination with the Universal SafetyNet Fix (USNF) that it is back to being unchecked the next time you visit the DenyList. Since USNF takes care of Google Play Services, you don't even have to add it to the DenyList in the first place.- Google Play Store
- Google Services Framework
- Google Play Protect Service
- Wallet
- GPay
- Any banking apps.
- Any streaming apps that use DRM.
- Any 2FA apps, especially those for work.
- Some of those Google apps might not need denying, but it doesn't hurt to deny them.
- Any time you toggle more entries in this list, it may be necessary to reboot the phone for it to take effect.
- Click
- From the main screen in the Magisk app, go to
Modulesat the bottom. - Confirm that the
Systemless hostsMagisk Module is added to this list, and enabled. - Install the appropriate Magisk Module: Universal SafetyNet Fix referenced above these numbered instructions.
- Reboot.
The Play Integrity pop-up that appears should say:HipKat said:
Go to the Play Store/Settings/General/About and tap the Version 4 times til the Dev Options for the Play Store Opens, then back out.
Go to those new Dev Options and check integrity there.
[MEETS_BASIC_INTEGRITY, MEETS_DEVICE_INTEGRITY]- Sometimes, clearing app cache and/or data for apps like the Google Play Store, GPay, Wallet and others (and then rebooting) after these steps may help pass SafetyNet as well.
HipKat said:
Did you try clearing cache and data in Wallet, GPay, Play Services, Google Framework, make sure SELinux is Enforcing??
Also I have the Deny List enabled.
- See @V0latyle's explanation (and further linked post) for why we can't achieve
STRONG_INTEGRITYwith an unlocked bootloader. - See @V0latyle's [DISCUSSION] Play Integrity API regarding why SafetyNet, per se, is actually defunct and replaced with Play Integrity - and New Official Universal SafetyNet Fix released by @kdrag0n v2.4.0 referenced in the steps above takes care of the latter.
Optional steps when updating - flashing custom kernels:
- Download the custom kernel of choice on the phone.
Be sure to read the particular installation instructions in the kernel threads' OP - any instructions in their OPs takes priority over anything I say here, which is generalized.
How to determine if you already have Verity and Verification disabled - see section in Post #3 - Other, most important resources- The two schools of thought on disabling Verity and Verification:
- My post here. If you want to discuss it any, please do so in my thread, or at least not in that custom kernel thread, so as to keep the thread on-topic.
- Extract the
vbmeta.imgfile from the inner Zip of the factory image zip and put it in the same folder with the extracted platform-tools.- Hook the phone up to your computer and run the following commands:
Code:
adb reboot bootloaderCode:
fastboot flash vbmeta vbmeta.img --disable-verityfastboot reboot- Unlock the phone once it's booted up.
- Make sure the Kernel Flasher app is up to date. XDA thread for the Kernel Flasher app is here.
- Launch Kernel Flasher.
- Select the slot that's mounted.
- Choose Flash AK3 Zip.
- Select the custom kernel zip just downloaded.
- When it's done flashing, head to Android Settings and perform a Factory Reset, as is currently needed for Despair kernel.
- If you failed to disable Verity and Verification ahead of time, if you have to, just force the phone off using these instructions: Turn your Pixel phone on & off, then press the Volume Down and Power buttons for a couple of seconds to get into the bootloader (fastboot mode). You'll still have to factory reset after disabling Verity in combination with this kernel, for now.
- Whenever you use the flash-all to flash your phone, as long as you want to continue to disable Verity and Verification, you'll have to further modify the flash-all script as such:
Code:
fastboot update image-husky-buildnumber.zip --disable-verity --disable-verificationA relevant excerpt from @Freak07's Pixel 7 Pro Kirisakura custom kernel thread:
Freak07 said:
F.A.Q:
Question: How do I disable the vbmeta flags for verity/verification?
Answer: The easiest solution is to use the android web flash tool and tick the correct checkbox.
Alternatively extract the vbmeta.img from the matching factory image and flash it in fastboot via:Code:
fastboot --disable-verity --disable-verification flash vbmeta vbmeta.imgPlease note that disabling those flags will require a full wipe for the device to boot if coming from flags enabled state!
And a further note: You need to repeat this command every time you flash a full firmware zip ( a factory image or a full OTA.zip) to update the firmware of your phone as those contain a vbmeta image. Otherwise the flags will be reset to default enabled and it will require another wipe to disable them again! As with the firmware.zips, you need to tick the checkbox in the webflasher every month you update your phone or flash a firmware there!
IF you forget to disable Verity and Verification:
badabing2003 said:
Verity enabled -> Verity disabled will require a wipe (every single time)
Verity disabled -> Verity enabled does not require a wipe, but if this happened because you forgot to keep it disabled, then you would need to disable it again and it will require a wipe.Another caveat that you should be careful about, these devices have two slots, you might end up disabling verity on one slot, switch to the other intentionally or unintentionally which has it enabled, you can't switch back without a wipe.
Hence why it is advisable that the very first time you want to disable Verity, you do the following.
Code:
adb reboot bootloaderfastboot --slot all --verbose --disable-verity --disable-verification flash vbmeta vbmeta.imgfastboot -wfastboot rebootThis will disable verity on both slots, perform the wipe and bring your to OOBE
At this point do what you want, and making sure that each time you keep Verity disabled.
My own words:
If you forget to disable Verity and Verification, then if you don't actually try to boot the phone, you can disable them and no factory reset will be required.
If you forget to disable them, and you do try to boot the phone, then yes, you'll have to factory reset.
Note that disabling or not disabling them doesn't actually wipe your device, no matter what. It's a small difference, but rather, they corrupt (or report as corrupt) your device until you wipe it manually (although that's not the only cause of corruption messages, and in at least one other case, a different solution is required).
I have chosen to never disable them, but that's my personal preference. I have one or two accidents a year anyway where I forget some step on my phone, without having to worry about disabling them.
I am hoping that the method that has been found recently on the Pixel 7 Pro, to not need to disable them for custom kernels that implement the fix, will apply to the Pixel 8 Pro, too. If not, then I won't be using custom kernels. Nothing against anyone at all, especially the Developers. I'm just too clumsy.
![June 11, 2024 AP2A.240605.024 QPR3 STABLE - Unlock bootloader / Root Pixel 7 Pro [Cheetah] Stable firmware / SafetyNet (2)](data:image/gif;base64,R0lGODlhAQABAAAAACH5BAEKAAEALAAAAAABAAEAAAICTAEAOw== "June 11, 2024 AP2A.240605.024 QPR3 STABLE - Unlock bootloader / Root Pixel 7 Pro [Cheetah] Stable firmware / SafetyNet (2)")
Optional steps when updating - flashing custom kernels:
- Download the custom kernel of choice on the phone.
Be sure to read the particular installation instructions in the kernel threads' OP - any instructions in their OPs takes priority over anything I say here, which is generalized.
How to determine if you already have Verity and Verification disabled - see section in Post #3 - Other, most important resources- The two schools of thought on disabling Verity and Verification:
- My post here. If you want to discuss it any, please do so in my thread, or at least not in that custom kernel thread, so as to keep the thread on-topic.
- Extract the
vbmeta.imgfile from the inner Zip of the factory image zip and put it in the same folder with the extracted platform-tools.- Hook the phone up to your computer and run the following commands:
Code:
adb reboot bootloaderCode:
fastboot flash vbmeta vbmeta.img --disable-verityfastboot reboot- Unlock the phone once it's booted up.
- Make sure the Kernel Flasher app is up to date. XDA thread for the Kernel Flasher app is here.
- Launch Kernel Flasher.
- Select the slot that's mounted.
- Choose Flash AK3 Zip.
- Select the custom kernel zip just downloaded.
- When it's done flashing, head to Android Settings and perform a Factory Reset, as is currently needed for Despair kernel.
- If you failed to disable Verity and Verification ahead of time, if you have to, just force the phone off using these instructions: Turn your Pixel phone on & off, then press the Volume Down and Power buttons for a couple of seconds to get into the bootloader (fastboot mode). You'll still have to factory reset after disabling Verity in combination with this kernel, for now.
- Whenever you use the flash-all to flash your phone, as long as you want to continue to disable Verity and Verification, you'll have to further modify the flash-all script as such:
Code:
fastboot update image-cheetah-buildnumber.zip --disable-verity --disable-verificationA relevant excerpt from @Freak07's Pixel 7 Pro Kirisakura custom kernel thread:
Freak07 said:
F.A.Q:
Question: How do I disable the vbmeta flags for verity/verification?
Answer: The easiest solution is to use the android web flash tool and tick the correct checkbox.
Alternatively extract the vbmeta.img from the matching factory image and flash it in fastboot via:Code:
fastboot --disable-verity --disable-verification flash vbmeta vbmeta.imgPlease note that disabling those flags will require a full wipe for the device to boot if coming from flags enabled state!
And a further note: You need to repeat this command every time you flash a full firmware zip ( a factory image or a full OTA.zip) to update the firmware of your phone as those contain a vbmeta image. Otherwise the flags will be reset to default enabled and it will require another wipe to disable them again! As with the firmware.zips, you need to tick the checkbox in the webflasher every month you update your phone or flash a firmware there!
IF you forget to disable Verity and Verification:
badabing2003 said:
Verity enabled -> Verity disabled will require a wipe (every single time)
Verity disabled -> Verity enabled does not require a wipe, but if this happened because you forgot to keep it disabled, then you would need to disable it again and it will require a wipe.Another caveat that you should be careful about, these devices have two slots, you might end up disabling verity on one slot, switch to the other intentionally or unintentionally which has it enabled, you can't switch back without a wipe.
Hence why it is advisable that the very first time you want to disable Verity, you do the following.
Code:
adb reboot bootloaderfastboot --slot all --verbose --disable-verity --disable-verification flash vbmeta vbmeta.imgfastboot -wfastboot rebootThis will disable verity on both slots, perform the wipe and bring your to OOBE
At this point do what you want, and making sure that each time you keep Verity disabled.
My own words:
If you forget to disable Verity and Verification, then if you don't actually try to boot the phone, you can disable them and no factory reset will be required.
If you forget to disable them, and you do try to boot the phone, then yes, you'll have to factory reset.
Note that disabling or not disabling them doesn't actually wipe your device, no matter what. It's a small difference, but rather, they corrupt (or report as corrupt) your device until you wipe it manually (although that's not the only cause of corruption messages, and in at least one other case, a different solution is required).
I have chosen to never disable them, but that's my personal preference. I have one or two accidents a year anyway where I forget some step on my phone, without having to worry about disabling them.
I am hoping that the method that has been found recently on the Pixel 7 Pro, to not need to disable them for custom kernels that implement the fix, will apply to the Pixel 7 Pro, too. If not, then I won't be using custom kernels. Nothing against anyone at all, especially the Developers. I'm just too clumsy.
ADB/Fastboot & Windows USB Drivers:
You'll need this if you're going to unlock the bootloader on your Pixel 7 Pro: SDK Platform Tools (download links for Windows, Mac, and Linux). Note that you can find links to download the tools elsewhere, but I wouldn't trust them - you never know if they've been modified. Even if the person providing the link didn't do anything intentionally, the tools could be modified without them being aware. Why take a chance of putting your phone security further at risk?
Direct downloads:
Mac https://dl.google.com/android/repository/platform-tools-latest-darwin.zip
Linux https://dl.google.com/android/repository/platform-tools-latest-linux.zip
Windows https://dl.google.com/android/repository/platform-tools-latest-windows.zipYou can alternately use the tools from the SDK Manager, but most of us will want to stick to the basic tools-only without the complications of the full development manager.
For Windows, get Google's drivers here Get the Google USB Driver (ADB will likely work while the phone is fully booted, but if you're like me, you'll need these drivers for after you
adb reboot-bootloader, to be able to use ADB and Fastboot.
![June 11, 2024 AP2A.240605.024 QPR3 STABLE - Unlock bootloader / Root Pixel 7 Pro [Cheetah] Stable firmware / SafetyNet (2024)](data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAAAEAAAABCAQAAAC1HAwCAAAAC0lEQVR42mP8/h8AAvMB+NzmkbcAAAAASUVORK5CYII=)