OEM unlock and FRP questions - Samsung Galaxy S7 Edge Questions and Answers

I have read around but am struggling to fully understand the significance of the OEM unlock option in developer settings and how/if it relates to FRP.
I have read this article which only goes some way to filling the gaps in my understanding. So I have a few questions and would be grateful for any answers.
1/ OEM unlock.
My understanding is that this should be enabled when the goal is to flash a custom binary (e.g. TWRP) to root the phone. Without this enabled attempting to flash a custom binary via odin will fail. Is this correct?
2/ Flashing stock FW to recover device
In the article linked to above it suggests that if you have an OTA update fail, without having OEM unlock enabled you are stuffed if you wish to recover your device by flashing stock factory fw via odin. Having followed this thread with interest regarding the flashing of stock fw it does not state that you need OEM unlock enabled (no custom binaries are being flashed). So if you are unlucky enough to have an OTA fail do you need OEM unlocked in order to flash a stock fw via odin to recover the device? Surely not???
3/ Relationship between OEM unlock and FRP
FRP requires you to enter your google password to unlock a device after a factory reset. I get this. And you can avoid this by removing your google account from the phone before executing the factory reset. So what is the relationship between OEM unlock and FRP? Is it that if you have OEM unlock enabled you can flash a custom binary (recovery and/or ROM) to then get around the FRP? I'm guessing though. I just don't understand the point. If it's my device I know my google account details so how does having OEM unlock enabled help after a factory reset.
My questions stem from the article I have linked to above which for me raises more questions than it answers. I found myself enabling OEM unlock last night "just in case" but I'm not fully sure what options I've given myself by doing this because as it stands I don't intend to root the phone.

Related

unlock after relock

several questions in no particular order:
Does the "OEM Unlocking" toggle do anything on the XT1572?
If I issue the fastboot OEM LOCK command after having sucessfully unlocked the device before, do I need to go through the full data wipe+send oem data+flash unlock code process again?
Lastly, I was able to flash the MM firmware for my Single SIM AISA model XT1572 despite having the bootloader locked (I think).
Is that normal that I can flash the official moto firmware using just fastboot without having to tweak with anything else?
I presume that since the digital signatures are correct the bootloader has no issue accepting the MM files.
Not quite the end of the world if I have to wipe everything and start over (it's only been a day) but I regret not knowing earlier. Nor did I expect to get this far with a relocked boot loader. Was trying to add SuperSU and found that while I can overwrite flash the stock recovery I cannot flash TWRP.
psyvenrix said:
several questions in no particular order:
Does the "OEM Unlocking" toggle do anything on the XT1572?
If I issue the fastboot OEM LOCK command after having sucessfully unlocked the device before, do I need to go through the full data wipe+send oem data+flash unlock code process again?
Lastly, I was able to flash the MM firmware for my Single SIM AISA model XT1572 despite having the bootloader locked (I think).
Is that normal that I can flash the official moto firmware using just fastboot without having to tweak with anything else?
I presume that since the digital signatures are correct the bootloader has no issue accepting the MM files.
Not quite the end of the world if I have to wipe everything and start over (it's only been a day) but I regret not knowing earlier. Nor did I expect to get this far with a relocked boot loader. Was trying to add SuperSU and found that while I can overwrite flash the stock recovery I cannot flash TWRP.
Click to expand...
Click to collapse
As far as I am concerned relocking the bootloader wont wipe your data and yes about the question regarding the stock firmware
PS: Dont relock your bootloader once you unlock it the warranty doesnt come back even if you lock it again

relock bootloader

What will happen if I relock bootloader .. because I hate the pop up "your device has been unlocked .." while it boots.. does after relocking bootloader stops twrp to work ?
dhenewar said:
What will happen if I relock bootloader .. because I hate the pop up "your device has been unlocked .." while it boots.. does after relocking bootloader stops twrp to work ?
Click to expand...
Click to collapse
If you relock your bootloader with TWRP or anything else non stock, you'll likely boot loop until you unlock again. It's likely you'll trip the verification checks -performed by a locked bootloader - with TWRP, which means you need to be fully stock for a successful locked bootloader. If you've not enabled OEM unlocking in developers options if you locked, then you'll have major issues as you can't then unlock.
If you want to, you can flash a custom logo.bin (plenty of links in the Mods section) which will hide the warning, won't shorten the delay but it'll be nicer to look at.
echo92 said:
If you relock your bootloader with TWRP or anything else non stock, you'll likely boot loop until you unlock again. It's likely you'll trip the verification checks -performed by a locked bootloader - with TWRP, which means you need to be fully stock for a successful locked bootloader. If you've not enabled OEM unlocking in developers options if you locked, then you'll have major issues as you can't then unlock.
If you want to, you can flash a custom logo.bin (plenty of links in the Mods section) which will hide the warning, won't shorten the delay but it'll be nicer to look at.
Click to expand...
Click to collapse
Ok bro thanks for the info ..will SuperSu be as same as twrp causing bootloop?... luckily I have got stock recovery n firmware .. as u said "If you've not enabled OEM unlocking in developers options if you locked, then you'll have major issues " .. I am having the problem in other device(Samsung Galaxy grand prime G531H .. Cuz of my careless n rush.i forgot to enable oem n then flashed custom rom in Odin .. then it got bricked.. searched alot in internet for solution..also .. i have created post here.. still no solution .. and Now my device is just waste ..gave up on it ... RIP :angel: ..
dhenewar said:
Ok bro thanks for the info ..will SuperSu be as same as twrp causing bootloop?... luckily I have got stock recovery n firmware .. as u said "If you've not enabled OEM unlocking in developers options if you locked, then you'll have major issues " .. I am having the problem in other device(Samsung Galaxy grand prime G531H .. Cuz of my careless n rush.i forgot to enable oem n then flashed custom rom in Odin .. then it got bricked.. searched alot in internet for solution..also .. i have created post here.. still no solution .. and Now my device is just waste ..gave up on it ... RIP :angel: ..
Click to expand...
Click to collapse
I think so, a locked bootloader, as I understand it, checks the integrity of your recovery, kernel and system, and if it detects a break in the chain of trust (e.g. if there's a custom modification that changes the signature expected), then as a security measure the device just won't boot/bootloop. SuperSU or any root, custom kernel, or TWRP or even if you've allowed TWRP to make modifications may result in bootloops thus.
Therefore, if you wish to re-lock your device, you'll want to re-flash the stock firmware and then lock. You can only lock your device with the same firmware or newer than the version your device was updated to (including OTA updates). The latest version we have is the June fastboot ROM: https://forum.xda-developers.com/moto-g4-plus/how-to/stock-rom-npjs25-93-14-4-march-1-t3608138 Of course, flashing this will wipe TWRP, root and possibly your data from your device, so back up and keep the backups off your device. Alternatively, you may just wish to flash the custom logo.bin as mentioned previously, which would hide the bootloader warning.
About your Galaxy Grand Prime, ouch - that's a horrible situation to be in; unless there's a potential bootloader exploit, you're caught in the nasty situation where you can't unlock your bootloader (because of the OEM unlock) and because the security's been tripped, won't allow you to boot to get to the OEM unlock Are there any Samsung service centres or repair shops that could help you recover? You could have a look around the Galaxy Grand Prime forum, see if there's anything that could help: https://forum.xda-developers.com/grand-prime
echo92 said:
I think so, a locked bootloader, as I understand it, checks the integrity of your recovery, kernel and system, and if it detects a break in the chain of trust (e.g. if there's a custom modification that changes the signature expected), then as a security measure the device just won't boot/bootloop. SuperSU or any root, custom kernel, or TWRP or even if you've allowed TWRP to make modifications may result in bootloops thus.
Therefore, if you wish to re-lock your device, you'll want to re-flash the stock firmware and then lock. You can only lock your device with the same firmware or newer than the version your device was updated to (including OTA updates). The latest version we have is the June fastboot ROM: https://forum.xda-developers.com/moto-g4-plus/how-to/stock-rom-npjs25-93-14-4-march-1-t3608138 Of course, flashing this will wipe TWRP, root and possibly your data from your device, so back up and keep the backups off your device. Alternatively, you may just wish to flash the custom logo.bin as mentioned previously, which would hide the bootloader warning.
About your Galaxy Grand Prime, ouch - that's a horrible situation to be in; unless there's a potential bootloader exploit, you're caught in the nasty situation where you can't unlock your bootloader (because of the OEM unlock) and because the security's been tripped, won't allow you to boot to get to the OEM unlock Are there any Samsung service centres or repair shops that could help you recover? You could have a look around the Galaxy Grand Prime forum, see if there's anything that could help: https://forum.xda-developers.com/grand-prime
Click to expand...
Click to collapse
Thanx bro I will try it out .. yep bro I got it in service center n they told me .. No way of fixing it .. Aahh n that's it ? .well there was option change of hardware price was half of the phone cost ..better to buy new one ?

[Guide] Best way to protect your Bootloader and internal security

Warning: This guide recommends the user to backup their data as this process includes an automated wipe
Hello XDA,
I'm suggesting this Tutorial for anyone aware of another person flashing a system on the phone, and I do not recommend it for TWRP users,
unlock bootloader using "fastboot flashing unlock"
do not run the fastboot critical unlock command if you did then relock it,
when you use your phone without magisk installed you won't be able to edit the OEM unlocking option from developer options.
when you install magisk the option OEM unlocking in developer options can be edited and switched off
switch off OEM unlocking option in dev options as long as long as you didn't unlock critical in the bootloader.
while the "critical partition is locked" this will not allow you to flash a full system from google website
only use OTA using recovery when you update
make sure you enable OEM unlocking option in dev option when you make internal partition changes
this method may be a wall against a full system change from thefts as when someone tries to flash a message will pop saying failed to update
even if someone tries to unlock the critical partitions using fastboot unlock_critical it will display failed as you disabled the OEM unlocking option from developer options.
if someone tries to factory reset from recovery this should trigger FRP ( factory reset protection) which will ask about the google account used before that factory reset.
I hope this somehow protects unlocked bootloader phones from any external changes without vulnerabilities or exploits,
Cheers. :fingers-crossed:

Trying to relock bootloader of One Plus 5 need help!

Hi,
I've tried all the following steps in the video and I got the error "flashing lock is not allowed". I've already flashed stock rom and recovery and wiped the phone so it's as stock as it gets yet I still get the same error when I enter "fastboot oem lock". Please help ASAP!!!! I'm trying to update to Android 8.0 but the update keeps failing because my bootloader is unlocked
Thanks in advanced.
https://forum.xda-developers.com/oneplus-5/how-to/lock-oneplus-5-bootloader-guide-t3651819
Go to developer settings.. check the oem unlock option. If it's off, bootloader won't relock. You need to turn it on. If it's greyed out & can't be turned on, then you need to root your firmware or flash custom rom & turn it on.
When you have this problem, only magisk will help you turn on allow bootloader unlocked when it's grayed out.
So, you have to flash magisk, turn on allow bootloader to be unlocked in devlopper settings, then flash a clean OOS, make sure there's no modification like custom recovery or root, then relock your bootloader.
Good luck!
use command "fastboot flashing lock" instead of "fastboot oem lock", this will lock your bootloader
hope this tutorial will help you....!!! https://www.youtube.com/watch?v=CQYCSdDUdAU
I had the same problem and solved using magistik, reenable unlock volta loader and After relock.

FRP unlock

Is there any way to unlock frp from the fastboot if the bootloader is unlocked and the device is bricked.
Already tried : fastboot oem relock xxxxx
Returns : command not allowed
I am on stock recovery and the device is bricked right now.
Help needed!Many thanks!
http://www.androidash.com/6-easy-steps-to-unbrick-huawei-honor-v9/
you can try this, I dont know how usefull it can be
I don't think there will be FRP because the V9 doesn't come with all the Google stuff. Unless, they were added afterwards by installing them all manually.

Categories

Resources