Originally Posted by albert.r
So, someone from SonimTech has confirmed that secure boot on XP8800 do verify both kernel and initrd files during boot sequence. So it looks like without unlocking bootloader we are out of luck? The phone will either go into boot loop or will trip “QFuse” and gets bricked. I'm not sure whether Magisk touches initrd or not, so beware of consequences.
I guess to start with.. Secure boot and bootloader locking are 2 different things all together. Each does play a part in the others role but that is still 2 different topics. We have never had to disable secure boot for Magisk on any device that I know of - not even on a Pixel.
I wouldn't trust much of what they say unless you asked someone from the "Sonim Technologies (Shenzhen) Ltd" office where the phones are actually designed.. The US guys are only here to sell phones & make business relationships. Part of their relationship with carriers is to ensure the phones are locked to the carriers for where contractual agreements exist. They can and will tell you anything to prevent modification as it's not in their best interest. This is universal too if you take a look at other players, for example, Google said the Verizon Pixel bootloader was not unlockable - until people here figured out that was a lie
. Having a manufacturer provide "Fluff" is very common unfortunately.
At the end of the day - according to public sources - they have 1 (possibly 2) firmware engineers and I highly doubt they have spare time to reinvent the wheel. It's much easier to copy what Qualcomm gives them in the dev kit. Hence why the XP8 is branded with QC_Reference_Design in many places. They design rugged phones, not rugged firmware.
If your hesitant though then I would strongly recommend avoiding any steps in the thread here. This is still alpha essentially intended only for developers and advanced users. As far as I know, I'm the only one with a rooted XP8 still and my results may not apply the same in your case. I don't personally have time to test for every unique scenario that we may see in the wild.
The QFuse is a good point also. Every possible fuse has gotta be blown in my phone at this point
. Still works fine though. In most cases this is used for warranty verification only - rooting will void your warranty likely by blowing one of the QFuses. Because bootloader locking usually goes hand and hand with rooting this is where we typically see the QFuse blow. In short, don't expect Sonim (or anyone else) to replace a bricked phone!
---------- Post added at 11:06 PM ---------- Previous post was at 10:43 PM ----------
Originally Posted by albert.r
@smokeyou, maybe you can dump the image of the unlocked bootloader (is it a single eMMC partition or multiple partitions?) and share it with the forum, so we can flash it to our phones?
It's 2 parts or 4 in total for both a and b sides of xbl and abl
I'm not sure if I'm allowed to share it since I'm not technically licensed to own a dev kit. But since I do, I basically just compiled GSI using dev tools under snapdragon-high-mid-2017-spf. Completed signing with my own test keys and applied over EDL with ease. It's risky though because anything applied incorrectly to keymaster will hard brick the device. That's why I'm hoping to avoid this route because without having the Sonim private key, I cant provide it without also providing a keymaster.
That was a first stab though too. After further testing I came to the determination that a modified bootloader may not actually be needed since this does not impact secure boot directly. All in theory only.