How To Guide December 5, 2022 (TQ1A.221205.011 - Global / .012 O2 UK) - Unlock bootloader / Root Pixel 7 Pro [Cheetah] / SafetyNet

Search This thread

roirraW "edor" ehT

Forum Moderator
Staff member
I'd love to see places that can SIM unlock the AT&T version so I can unlock the bootloader. Stuck doing the carrier version - hard to pass up $3 a month with a trade.
I didn't realize the AT&T versions of Pixels couldn't be bootloader unlocked once it's paid for. I presumed once it's paid for that it was carrier unlocked and that OEM unlocking would be ungrayed. It's hard for me to keep track - I know that's the case for T-Mobile.

Understood on the gt-axe16000, it's great, but Wifi 7 combines all channels 2.4 GHz, 5 GHz, and 6 GHz into a 320 MHz bandpass channel. With 6E, you can only get half that. It's almost there but I can wait another 2 years. Then my desktop, phones, and routers will all be converted. 😀
Interesting. In my opinion, they should also just go ahead and start making 2.5Gb ports the base standard, as well. My first self-built desktop with gigabit Ethernet was from 13 years ago! Time to retire the standard. I know gigabit is still more than what the average user needs, but typically home networking uses faster speeds than ISPs, and gigabit internet is getting more and more common, although I mostly upgraded because it'll save me money over what my cable internet cost me.
 
  • Like
Reactions: rester555

Superguy

Senior Member
Nov 28, 2007
936
194
Baltimore
I didn't realize the AT&T versions of Pixels couldn't be bootloader unlocked once it's paid for. I presumed once it's paid for that it was carrier unlocked and that OEM unlocking would be ungrayed. It's hard for me to keep track - I know that's the case for T-Mobile.
No, they're bootloader unlockable once they're SIM unlocked. You have to request the unlock code though - it's not automatic.

T-MO's the only one I know of that does the weird server side unlock.
 
  • Like
Reactions: roirraW "edor" ehT

roirraW "edor" ehT

Forum Moderator
Staff member
No, they're bootloader unlockable once they're SIM unlocked. You have to request the unlock code though - it's not automatic.

T-MO's the only one I know of that does the weird server side unlock.
I see, thanks for clarifying. About the only thing else I can say about it, then, is that talking about illegal ways to bypass the carrier's legal restrictions isn't allowed on XDA. :) But I understand where you're coming from.
 

Superguy

Senior Member
Nov 28, 2007
936
194
Baltimore
I see, thanks for clarifying. About the only thing else I can say about it, then, is that talking about illegal ways to bypass the carrier's legal restrictions isn't allowed on XDA. :) But I understand where you're coming from.
None of the ways are illegal. You either get the carrier to give you the code or find a service that will.

I would find methods used to root more questionable than a SIM unlock.
 
  • Like
Reactions: roirraW "edor" ehT

NepoRood

Recognized Contributor / Retired Forum Moderator
Jan 26, 2016
2,993
3,994
Bugtussle
It's usually pretty easy to talk a T-Mobile rep into sim unlocking a device, as most of them really don't care one way or another. That's been my experience anyway, along with a few other people I know. Basically, just get on Twitter and ask, lol

Took me 3 tries with OnePlus 7 Pro, though...
 
  • Like
Reactions: roirraW "edor" ehT

NepoRood

Recognized Contributor / Retired Forum Moderator
Jan 26, 2016
2,993
3,994
Bugtussle
Hello @NepoRood! Always good to "meet" another RC and moderator who I wasn't familiar with.

I was much less active between 2017 and late 2021, though.
Right on, no way I could keep up with the comings and goings of "The Staff". However, I have noticed a few of the guys members that were "Rookies" with me have moved on up to the East side these days.

I'm looking forward to the Pixel 7/Pro, the last device I actually purchased with my own money and did a bring-up on was the Pixel 3 XL, and that's been a while, lol
 

buddyj

New member
Oct 8, 2022
1
1
Germany
This is the first phone I'm getting at launch. How quickly has root typically become available in the past?

My plan right now is to unlock the bootloader immediately and root later once it's available.
But I'm worried about not being able to use banking apps etc. while the bootloader is unlocked and I have no way to hide it. Any advice/experience?
 
  • Like
Reactions: roirraW "edor" ehT

madmuthertrucker

Senior Member
Jan 4, 2013
222
102
Tucson, Az
Google Pixel 7 Pro
This is the first phone I'm getting at launch. How quickly has root typically become available in the past?

My plan right now is to unlock the bootloader immediately and root later once it's available.
But I'm worried about not being able to use banking apps etc. while the bootloader is unlocked and I have no way to hide it. Any advice/experience?
It should be rootable as soon as it shows up. The root method does not usually change that much. I see some of the developers on here already. They are some smart guys. I'm pretty confident you will have a root method on here quick.
 

roirraW "edor" ehT

Forum Moderator
Staff member
This is the first phone I'm getting at launch. How quickly has root typically become available in the past?

My plan right now is to unlock the bootloader immediately and root later once it's available.
But I'm worried about not being able to use banking apps etc. while the bootloader is unlocked and I have no way to hide it. Any advice/experience?
As @madmuthertrucker said, I expect it to be rootable immediately just as soon as we get our hands on it. Android 12 came out 24 days before the Pixel 6/Pro was received by the earliest pre-order customers, so the changes that were necessary for Magisk to work with Android 12 were either still in alpha or beta, or were just about to be alpha or beta.

Android 13 came out two months ago, so I think it's likely there won't have to be any changes to work on the Pixel 7 Pro. Only trying will tell, though. :D
 

NippleSauce

Senior Member
Jun 23, 2013
494
329
None of the ways are illegal. You either get the carrier to give you the code or find a service that will.

I would find methods used to root more questionable than a SIM unlock.
This is why I always buy the faculty unlocked versions of the phones. I can unlock the bootloader immediately without any restrictions - even if the device hasn't been fully paid off yet.

As far as root goes, I agree with the others in this thread that we will have root immediately once we get our hands on the devices. Nothing questionable =)
 

wildlime

Senior Member
Mar 2, 2014
286
138
41
When do we think OTA or factory images will be live? I have both the 7 and 7 pro. The 7 got the 0 day update already with all the new camera features but my pro hasn't updated yet!
 
  • Like
Reactions: roirraW "edor" ehT

roirraW "edor" ehT

Forum Moderator
Staff member
When do we think OTA or factory images will be live? I have both the 7 and 7 pro. The 7 got the 0 day update already with all the new camera features but my pro hasn't updated yet!
Will probably be made available on October 13th, the official release day.

Editing this post. The Pixel 6 factory images were posted on the same day the phone was released (not when pre-orders started). So maybe Oct. 13? or around there.
EDIT: I was wrong. The Pixel 6 was released on Oct. 28, 2021 and the factory images were released the same day. Pre-orders for the Pixel 6 began on Oct. 19, if I remember correctly.
 

roirraW "edor" ehT

Forum Moderator
Staff member
I guess we're gonna have to disable verity and verification again to be able to use custom kernels without any problem. Or am I the only one who did that on the P6P?
You're not the only one, but I didn't disable Verity or Verification on my Pixel 6 Pro after last December or so, and I used a custom kernel every month. I don't remember what they did that made them able to be used without disabling Verity or Verification.
 
  • Like
Reactions: NippleSauce

roirraW "edor" ehT

Forum Moderator
Staff member
Added Thanks to OP:
Thank you to the following users who have all contributed greatly to my knowledge of Pixels since I came back to XDA a year ago after a few years of mostly inactivity. Apologies if I miss anybody. In alphabetical order:
Also organized the heck out of the OP and reserved posts. I wanted to do this with my Pixel 6 Pro OP which became so much of a mess, and when I looked at the underlying BB-Code, it was even more of a mess than it seemed on the surface.
 
Last edited:

Top Liked Posts

  • 2
    My Pixel 7 is the first phone I've run rooted since my OnePlus 6T on Android 9. It appears the process to OTA update has changed since the last time I did it a few years ago. If I follow the steps in post #2 of this thread to update (running modified flash-all.bat w/ full factory image, patching the init_boot.img in Magisk, flashing patched .img), will this automatically put the new images on the inactive slot then switch it to active? Or do I need to manually switch slots first then run flash-all.bat?
    You don't need to switch slots manually, generally ever, when updating your phone. If you flash full factory image, it'll just install over your current active slot and done. If you sideload OTA zip, it'll flash to the other slot and change slots for you and boot (you won't even notice it happening tbh).

    One question though: are you currently running with verity/verification disabled? If you don't know what I'm talking about, it's probably a "no", but keep in mind if you want to flash a custom kernel for this device you'll need to disable them. And unfortunately that will require a data wipe the first time you do it, and then you need to remember to disable again each time you update on future updates. There's a very slim chance they'll find a workaround to needing them disabled eventually but I wouldn't count on it. More info on this can be found in the OP's and kernel development threads (e.g. Kirisakura). If you don't care about flashing custom kernels, simply disregard this last point and the next.

    But my major reason for that last point is that if you are running verity and verification disabled, in that case you may want to manually switch slots and flash full factory image with v/v disabled as a means of being overcautious. My reasoning for this is that you never know when you may run into a bootloop from a bad flash, which will automatically trigger an active slot switch, and once it attempts to boot without those flags disabled, you're beat and have to wipe. So out of an abundance of caution, I flashed both slots last month with the flags disabled.
    2
    Learning about Pixel OTAs + retain root.
    * Unhide Magisk + disable modules
    * Flash stock init_boot.img
    * OTA or OTA side load
    * Re-patch / flash init_boot.img

    Question on side load. Google says to check System update before side loading?
    I'm still on Oct - Pixel took it upon itself to start downloaded and I paused it.
    Upon reviewing it shows resume...without any build info which I find annoying - pretty sure wants to update to Nov. It OK to sideload OTA in this paused state?

    Which leads my 2nd question - is it that OTA via phone always incremental / delta. IE I need Nov OTA before Dec. 2 separate updates in this case?
    But side load OTAs are full so one can jump to latest release via single ota side load?

    I'm kinda leaning toward only dealing update / re-root quarterly so prefer the single update. Would also like to know how to block OTA check / auto download. Anything native or can I block with afwall+? (Auto updates was disabled in dev options but it still began downloading anyway)

    Lastly will safeynet fixes periodically get broken with OTAs?

    Thanks
    Sorry I can't answer much of your questions; I just wanted to answer what I can and hope to bump your post a bit so maybe it can be answered by experts better than I.
    I am not certain as for your first question (so please just take it as my opinion and don't base further action from it), I imagine Google anticipates such actions that by sideloading OTAs would cancel/invalidate whatever partial/paused OTA is currently being downloaded. If anything, I imagine it would only be troublesome if it was in the process of "installing", but if you paused it early on, most likely it was still downloading and/or I doubt you could pause it once it was actually in the middle of installing.
    As for your second question (again, just my opinion and do not base further action from it), I imagine OTA's, although incremental, carry-over and/or include whatever improvements the previous OTA's had and it merely modifies & works-on the core system and much of it isn't really touched outside what the OTA patches so applying each update step-by-step isn't really applied to much of the core system. In the end, what I'm implying is that if I were in your position, I, myself, would not apply each OTA from what version you are in to current -- I would merely install the latest OTA only.
    Honestly, if you are concerned with the incremental differences OTA's apply and are going to sideload them anyways and you mentioned you'd like to update it quarterly and prefer a "single update", you should consider flashing the full factory images instead of the OTA's. You have to open up a command prompt and run commands anyways (also you would need to if you plan to re-root), the major differences is you run commands in the bootloader mode (than recovery mode) and run a few more commands (fastboot than adb); one other important addition is you MUST remove "-w" from the flash-all script to keep your data -- but that's basically it. Again, this case & opinion only applies if you are sideloading OTA's, un-rooting and implementing the (very fairly slow, although it's been announced it has been more streamlined and process time has been cut down significantly) System Update in the OS would not need you using the adb command (necessarily) and downloading & applying images.
    One other thing I might mention since you mention "Pixel OTAs + retain root" (even if it seems you know this info already, but take it as a reminder if that's the case) is you are unable to apply the OTA through System Update if you are rooted as well as once you apply the OTA (or Factory Image), you will lose root; there is (currently) no way to apply the OTA and "retain root" -- it must be re-applied.
    As for your inquiry about blocking the OTA check/auto-download, roirraW "edor" ehT touched on the topic and pointed to a post that might be applicable back in post #1318. It might do and/or at least point you in the right direction.
    Lastly, yes, sometimes the firmware & OTA updates break things related to root and bypassing root checks, but you can always count on it being reported/discussed here and can keep updated on things and its progress here -- but such is the risk of rooting and keeping the device up-to-date. Depending on the "damage", it's usually dealt with swiftly enough...the great developers that work on aspects of this device, Android OS, and Magisk work ever so diligently...
    Thanks, @i5lee8bit. When I rooted my P7, I don't think I did anything to disable verity/verification. I just patched/flashed the init_boot.img then configured some stuff in Magisk. I don't plan on running a custom kernel.

    I didn't think I could sideload just the OTA being rooted. Thought I needed to flash the full factory image and re-root. It's been a while since I've done this. Looks like I need to do a bit more research before I do this update.
    I could be completely wrong, but I don't believe you need to be unrooted to sideload the OTA; you only need to be unrooted if you plan on using the System Update in the OS. BUT, regardless, in all options, root is lost and must always re-root afterwards. As I said with taysandman, I implore you to seriously consider still updating using the Full Factory images rather than sideloading the OTA merely because the Full Factory is a superior update (@roirraW "edor" ehT explains it best) as well as sideloading the OTA is not that much different or far-fetched from updating using the Full Factory image (both have to download images, open a command prompt, run commands, and you'd have to open/run fastboot to re-root anyway) -- the only big differences is it being done in bootloader mode instead of recovery, fastboot commands instead of adb, and you must modify the flash-all script before running it.


    Apologies for the wordiness, but I hope it helps...
    1
    Is it just me or I can't seem to find the new Security& Privacy hub, and the Google One VPN is still not activated after the December update? Maybe it has to do with the safetynet module in magisk?
    It's not just you. Could be we need a server side update, a Google Play System update or the like. Doesn't have anything to do with the safetynet mod b/c I'm not using that.
    1
    If I haven't previously disable verity, will this trigger a wipe?
    Yes because it will reboot to recovery and tell you that you have to wipe.
    1
    With the update to battery usage in Settings, is the graph gone for anyone else? Everything is properly listed in usage since last full charge, but there is no longer any sort of graph.
    wait few hours, it will be there, the same was with latest BETA
  • 11
    All: I'm a bit overwhelmed right now with real-life work and other responsibilities. I hope you all can continue to help each other in my absence, and that I don't have to stay away too long. Thank you.
    7
    A lot of mixed information. Really long time ago was much easier to understand any tutorial. I looking for information how to update stock and don't lost root and don't turn on Verity or something like that.
    for those who may be a bit confused about the update process. I have put together a full walkthrough that covers the entire process.

    7
    So, just be 100% clear. If we're not going to flash custom kernel, we don't need to worry about init_boot.img to update to Nov patch?
    Also, we can just uninstall magisk, update with the Android Flash Tool, install, then install Magisk to root again, right? Sorry, Post #2 is kinda confusing.
    The only thing you don't have to worry about if you're not going to flash a custom kernel it's disabling Verity and Verification (and wiping after).

    init_boot.img is the file you root with Magisk and then flash too the init_boot partition.

    Whether using the Android Flash Tool or the firmware image zip method, there's no need to uninstall Magisk, and doing so would just lead to more steps to re-root. Whichever of those two methods you use, you'll still need the firmware image zip because you need the init_boot.img file from the inner zip to re-root that file with Magisk.

    I'd be happy to modify the steps if you can help me figure where exactly needs adjustment. I'm constantly in search of ways to make things clearer.

    Thanks.
    7
    Question: I'm guessing whatever magisk / lsposed modules will need to be reapplied? Is there a process that people do?

    Or do they automatically get re-applied after a dirty flash?
    This is my update path every month: I disable verity and verification and also uses a custom kernel so YMMV. I'm also rooted.

    MAKE A BACK-UP of anything important
    ** Check if platform tools are up to date!! **
    ** Disable Magisk Hide!! **
    ** Disable Magisk modules!! **
    ** Disable Substratum overlays!! **

    1- Within the Platform Tools folder, find the FLASH-ALL (.bat) file

    2- Open it with text editor and replace -w with --disable-verity --disable-verification in file (keep ONE space between commands)

    3- Verify FASTBOOT DEVICES by typing CMD in the address bar of the same platform tools folder

    4- adb reboot bootloader

    5- Type FLASH-ALL

    6- Let it boot into system and settle for a minute

    7- Patch the boot image:

    Connect your device and PC and put the extracted init_BOOT.img file (from the CURRENT factory image you are flashing) on your device where you can easily find it

    Open Magisk and choose SELECT AND PATCH FILE (select the init_BOOT.img you just put on your device)

    Copy the new PATCHED init_BOOT.img from your download folder back into your PLATFORM TOOLS folder where the fastboot application is located on your PC

    8- Boot device into fastboot/bootloader, connect device and PC

    9- Type fastboot flash init_boot --slot=all (drag and drop patched init_boot.img here OR type in the file name magisk_patched-xxxxxxxxxx.img)

    10- Reboot into System

    ** Flash custom kernel **
    6
    13.0.0 (TQ1A.221205.011, Dec 2022)FlashLinkb144b4262b6a349efe756a9446c9e9ce9123d839280f5e5b06ebbc661c577b68
    13.0.0 (TQ1A.221205.012, Dec 2022, O2 UK)FlashLink4406695deca324c94ef49b9be594362e350d45bdf2e7fad40cf147cdcfe5dc89
  • 54
    13.0.0 (TQ1A.221205.011, Dec 2022)FlashLinkb144b4262b6a349efe756a9446c9e9ce9123d839280f5e5b06ebbc661c577b68
    13.0.0 (TQ1A.221205.012, Dec 2022, O2 UK)FlashLink4406695deca324c94ef49b9be594362e350d45bdf2e7fad40cf147cdcfe5dc89

    Kush M.
    Community Manager•Original Poster
    3 min. ago


    Google Pixel Update - December 2022​

    Announcement
    Hello Pixel Community,

    We have provided the monthly software update for December 2022. All supported Pixel devices running Android 13 will receive these software updates starting today. The rollout will continue over the next week in phases depending on carrier and device. Users will receive a notification once the OTA becomes available for their device. We encourage you to check your Android version and update to receive the latest software.

    Details of this month’s security fixes can be found on the Android Security Bulletin: https://source.android.com/security/bulletin

    Thanks,
    Google Pixel Support Team


    Software versions

    Global
    • Pixel 4a: TQ1A.221205.011
    • Pixel 4a (5G): TQ1A.221205.011
    • Pixel 5: TQ1A.221205.011
    • Pixel 5a (5G): TQ1A.221205.011
    • Pixel 6: TQ1A.221205.011
    • Pixel 6 Pro: TQ1A.221205.011
    • Pixel 6a: TQ1A.221205.011
    • Pixel 7: TQ1A.221205.011
    • Pixel 7 Pro: TQ1A.221205.011

    Canada
    • Pixel 4a: TQ1A.221205.011.B1

    O2 (UK)
    • Pixel 6a: TQ1A.221205.012
    • Pixel 7: TQ1A.221205.012
    • Pixel 7 Pro: TQ1A.221205.012
    What’s included

    In addition to new features, the December 2022 software update for Pixel devices includes several fixes and improvements across several areas including device performance, stability, connectivity, and more – see below for some notable improvements.

    Apps
    • Fix for issue causing text input to certain fields in the Phone app to display in a darker color
    • Fix for issue occasionally causing playback errors when seeking through video content in certain apps
    • Fix for issue occasionally preventing text messages from restoring from cloud backups during device setup
    • General improvements for background performance in certain Google apps

    Audio
    • General improvements for USB audio support for various cables or accessories *[1]
    • General improvements to support various audio codecs with certain devices or accessories *[4]

    Battery & Charging
    • Battery usage in Settings displays information since last full charge (up to 7 days)
    • Fix for issue occasionally causing device to power off while Battery Share is active *[4]
    • Fix for issue occasionally causing higher battery usage during media playback with certain apps *[2]
    • Fix for issue occasionally preventing Adaptive charging from working in certain conditions *[2]
    • Fix for issue occasionally preventing wireless charging from working with certain accessories *[2]
    • General improvements for charging, battery usage or thermal performance in certain conditions *[1]

    Biometrics
    • Fix for issue occasionally causing audio to skip when played over certain Bluetooth devices or accessories *[2]
    • Fix for issue occasionally delaying when the fingerprint icon is displayed on the lock screen *[1]
    • Fix for issue occasionally preventing fingerprint sensor from detecting touch while always-on display is active *[3]
    • Fix for issue where fingerprint enrollment may occasionally display visual glitches in certain conditions *[1]
    • Improvements for face unlock lock screen helper text shown in certain conditions *[2]

    Bluetooth
    • Fix for issue causing music playback to continue without audible sound after ending a call while using certain Bluetooth accessories *[2]
    • Fix for issue occasionally causing audio to skip when played over certain Bluetooth devices or accessories *[2]
    • Fix for issue occasionally preventing audio switching between connected Bluetooth devices in certain conditions
    • Fix for issue occasionally preventing Bluetooth Low Energy devices from displaying a device name during pairing
    • Fix for issue occasionally preventing connection to car head units using older Bluetooth versions
    • Fix for issue occasionally preventing discovery of certain Bluetooth devices or accessories
    • Fix for issue occasionally preventing previously paired Bluetooth devices from reconnecting
    • General improvements for Bluetooth stability and performance in certain conditions

    Camera
    • Fix for issue occasionally causing Camera app to crash while zoomed in or switching modes *[2]
    • Fix for issue occasionally causing viewfinder preview to display a blank screen *[2]
    • Fix for issue where video that is recorded while switching between camera modes occasionally shows gaps in playback *[2]
    • General improvements for camera stability and performance in certain conditions

    Display & Graphics
    • Fix for issue occasionally causing screen to flicker when waking from always-on display
    • Fix for issue occasionally causing visual artifacts or glitches while using certain apps or games *[3]

    Framework
    • Fix for issue occasionally causing notifications to display in a different color theme from the system
    • Fix for issue occasionally causing the wrong character to display after a new line in certain apps or UI elements
    • Fix for issue occasionally causing Work Profile app notifications to appear even if Work Profile is paused
    • Fix for issue occasionally preventing certain apps to rotate to landscape orientation
    • Fix for issue occasionally preventing keyboard from being dismissed while using certain apps

    Sensors
    • Fix for issue occasionally preventing "tap to wake" or "lift to wake" from working in certain conditions *[1]
    • Fix for issue occasionally preventing Adaptive brightness from activating in certain conditions
    • Fix for issue occasionally preventing Quick Tap from triggering app or system shortcuts in certain conditions
    • Fix to improve Adaptive brightness transitions during phone calls in certain conditions *[1]
    • General improvements for proximity sensor performance under certain lighting conditions *[1]

    System
    • General improvements for system stability and performance in certain conditions
    • General improvements to optimize device thermal performance in certain conditions or use cases *[1]

    Telephony
    • Fix for issue causing reduced network or call stability under certain conditions *[2]
    • Fix for issue occasionally preventing network SIM cards from activating in certain conditions *[3]
    • General improvements for network connection stability and performance in certain conditions
    • General improvements for network connectivity after toggling airplane mode off
    • General improvements for switching between 3G to 4G on certain carrier networks
    • General improvements for VPN connection stability and performance on mobile networks under certain conditions
    • General improvements for Wi-Fi calling stability and performance for certain carriers or networks
    • Improve dual SIM network connectivity in certain conditions *[3]
    • Improve RCS messaging stability under certain conditions *[2]

    Touch
    • General improvements for touch response and performance in certain conditions *[1]

    User Interface
    • Change for home screen search bar behavior to open the Google app when tapping the G logo
    • Fix for issue occasionally causing "Pause work apps" button display over app drawer or in the wrong position
    • Fix for issue occasionally causing certain Settings toggles to appear disabled, or set to the wrong state
    • Fix for issue occasionally causing device color theme to change unexpectedly
    • Fix for issue occasionally causing home screen app icons to appear duplicated after adjusting grid size
    • Fix for issue occasionally causing home screen widgets or icons to appear small or scaled down in certain conditions
    • Fix for issue occasionally causing media player controls to appear invisible or hidden in notification shade
    • Fix for issue occasionally causing notification overflow dot to overlay app icons on lock screen
    • Fix for issue occasionally causing notifications to disappear or appear invisible in notification shade
    • Fix for issue occasionally causing screenshot captures to fail in certain conditions
    • Fix for issue occasionally causing suggested apps in Search to overlap or display over results
    • Fix for issue occasionally causing text to appear incorrectly cutoff or truncated at different font sizes
    • Fix for issue occasionally causing UI to reset after adjusting display resolution
    • Fix for issue occasionally causing wallpaper to appear black or empty in certain conditions
    • Fix for issue occasionally enabling touch interaction during the lock screen transition after screen is turned off
    • Fix for issue occasionally preventing media player album art from updating when content changes
    • Fix for issue occasionally preventing media player controls from displaying on lock screen
    • Fix for issue occasionally preventing screen to appear blank or frozen after launching certain apps
    • Fix for issue where incoming notifications would occasionally display over others listed in the notification shade
    • Fix to improve responsiveness of At A Glance home and lock screen widget for certain conditions or use cases
    • Fix to improve spacing for certain UI modals in device setup and Settings
    • General improvements for performance in certain UI transitions and animationas

    Wi-Fi
    • Fix for issue occasionally preventing hotspot from turning on in certain conditions *[1]
    • General improvements for Wi-Fi network connection stability & performance in certain conditions *[1]
    ---------------------------------------------------------------

    Device Applicability

    Fixes are available for all supported Pixel devices unless otherwise indicated below.

    *[1] Included on Pixel 6, Pixel 6 Pro, Pixel 6a, Pixel 7, Pixel 7 Pro
    *[2] Included on Pixel 7, Pixel 7 Pro
    *[3] Included on Pixel 6, Pixel 6 Pro, Pixel 6a
    *[4] Included on Pixel 6, Pixel 6 Pro, Pixel 7, Pixel 7 Pro


    Details
    Other

    Kush M.
    Community Manager•Original Poster

    New software features have arrived to the Pixel family​

    Announcement
    Your Pixel devices get a boost of helpfulness with Feature Drops *[1]. They’re automatic software updates that send new and upgraded features to your phone, earbuds, and watch, making them even better as time goes on. With the latest feature drop, your Pixel phone now has clearer incoming calls *[2], next-level audio with Pixel Buds Pro *[3], speaker labels on recordings *[4], a VPN by Google One for online protection *[5], and more. And it all happens over the air, so you get that new-device feeling without needing to get anything new.

    The latest features will begin rolling out to Pixel devices starting on December 5, with rollout continuing over the next few weeks. Be sure to update to the latest Android version and update your Android apps, then look out for a notification from the Pixel Tips app to learn more about all of the ways your Pixel just got more helpful.

    Hear voices clearly.
    Pixel enhances the other caller’s voice and reduces their background noise to help you hear them when they’re in a noisy place *[2].

    Surround yourself with sound (coming January 2023).
    Feel like you’re at the center of the action in your favorite movies and shows. When paired with Pixel Buds Pro, your Pixel supports spatial audio with head tracking for immersive surround sound all around *[3].

    Note taking just got easier.
    Pixel helps you keep track of who said what in meetings and lectures with more than one participant. It transcribes recordings of multiple speakers by labeling each one and adding line breaks when speakers change *[4].

    Extra protection when you’re online.
    With VPN by Google One, Pixel 7 and Pixel 7 Pro help protect your online activity no matter what app or web browser you use. With no added cost to you *[5].

    Wallpaper that wows.
    Bring your Pixel screen to life with the new Live Bloom wallpaper collection. Explore the latest set of custom designs featuring vibrant images that shift and sway when your phone moves *[6].

    New cultural wallpapers.
    Keep your Pixel screens culturally relevant with the latest Curated Culture wallpapers. This new installment, illustrated by Morgan Harper Nichols, celebrates the International Day of Persons with Disabilities. Morgan is an artist, poet, podcaster, and author whose work is inspired by real-life interactions and stories.

    Find it. Fast.
    Bring the power of Google Search to your Pixel to search your entire phone and the web, so you can quickly find what you’re looking for – a contact, app, screenshot, setting, and more. Now available for Pixel 4a and later.

    Security and privacy, simplified.
    Now Pixel makes it easier to protect your phone, accounts, and passwords by having all your security and privacy settings in one place. This includes new action cards that notify you of any safety risks and provide easy steps to enhance your privacy and security.

    More ways to lift language barriers.
    Live Translate can now translate texts in your messaging apps into more languages, including Arabic, Persian, Swedish, Vietnamese, and Danish *[7].

    Understand how you sleep.
    Pixel can help you understand what affects your sleep, like coughing, snoring, or how much you’re on your phone at bedtime *[8], now available for Pixel 6 & Pixel 6 Pro.

    Get smarter about your sleep.
    Gain a better understanding of your sleep quality with helpful insights from Sleep Profile on Pixel Watch *[9]. It looks beyond your nightly sleep patterns and tracks your habits and trends over a month-long period. You’ll get a sleep analysis based on 10 key metrics, be matched with one of six sleep animals representing distinct sleeper types, and receive education and personalized metric ranges so you can understand what to focus on to get better rest.
    Summary of availability per device
    thread-191508448-8769439867867785176.png



    † Only available in English (US).

    ----------------------------------------------------------------

    Disclaimers
    *[1] Your Pixel will generally receive Feature Drops during the applicable Android update and support periods for the phone. See g.co/pixel/updates for details. Availability of some Feature Drops may vary.
    *[2] Available only on Pixel 7 and Pixel 7 Pro. Not available on VOIP calls. Call quality of incoming call depends on the environment, carrier network conditions, and other factors. Actual results may vary.
    *[3] Coming in January 2023. Available only on Pixel 6, Pixel 6 Pro, Pixel 7 and Pixel 7 Pro. Requires compatible app and supported content. See
    g.co/pixelbudspro/help for details. Pixel Buds Pro sold separately.
    *[4] Available only on Pixel 6 or newer Pixel phones. Not available in all languages.
    *[5] Available only on Pixel 7 and Pixel 7 Pro. Restrictions apply. Some data is not transmitted through VPN. Not available in all countries. All other Google One membership benefits sold separately. This VPN offer does not impact price or benefits of Google One Premium plan. Use of VPN may increase data costs depending on your plan. See
    g.co/pixel/vpn for details.
    *[6] Available only on Pixel 6 or newer Pixel phones.
    *[7] Available only on Pixel 6 or newer Pixel phones. Not available in all languages or countries. Not available on all media or apps. See
    g.co/pixel/livetranslate for more information.
    *[8] Not intended to diagnose, cure, mitigate, prevent or treat any disease or condition. Consult your healthcare professional if you have questions about your health. See
    g.co/pixel/digitalwellbeing for details.
    *[9] Requires Fitbit account and mobile app, and Fitbit Premium membership. Not intended for medical purposes. Consult your healthcare professional for questions about your health. Feature not available in all countries or languages.


    Details
    Other

    Pixel Update Bulletin—December2022​

    bookmark_border
    Published December 5, 2022
    The Pixel Update Bulletin contains details of security vulnerabilities and functional improvements affecting supported Pixel devices (Google devices). For Google devices, security patch levels of 2022-12-05 or later address all issues in this bulletin and all issues in the December 2022 Android Security Bulletin. To learn how to check a device's security patch level, see Check and update your Android version.
    All supported Google devices will receive an update to the 2022-12-05 patch level. We encourage all customers to accept these updates to their devices.
    Note: The Google device firmware images are available on the Google Developer site.

    Announcements​

    • In addition to the security vulnerabilities described in the December 2022 Android Security Bulletin, Google devices also contain patches for the security vulnerabilities described below.

    Security patches​

    Vulnerabilities are grouped under the component that they affect. There is a description of the issue and a table with the CVE, associated references, type of vulnerability, severity, and updated Android Open Source Project (AOSP) versions (where applicable). When available, we link the public change that addressed the issue to the bug ID, like the AOSP change list. When multiple changes relate to a single bug, additional references are linked to numbers following the bug ID.

    Framework​

    CVEReferencesTypeSeverityUpdated AOSP versions
    CVE-2022-20504A-225878553EoPModerate13
    CVE-2022-20512A-238602879EoPModerate13
    CVE-2022-20514A-245727875EoPModerate13
    CVE-2022-20524A-228523213EoPModerate13
    CVE-2022-20553A-244155265EoPModerate13
    CVE-2022-20554A-245770596EoPModerate13
    CVE-2022-20510A-235822336IDModerate13
    CVE-2022-20511A-235821829IDModerate13
    CVE-2022-20513A-244569759IDModerate13
    CVE-2022-20523A-228222508IDModerate13
    CVE-2022-20530A-231585645IDModerate13
    CVE-2022-20538A-235601770IDModerate13
    CVE-2022-20559A-219739967IDModerate13
    CVE-2022-20543A-238178261DoSModerate13
    CVE-2022-20526A-229742774EoPLow13

    Media Framework​

    CVEReferencesTypeSeverityUpdated AOSP versions
    CVE-2022-20548A-240919398EoPModerate13
    CVE-2022-20528A-230172711IDModerate13

    System​

    CVEReferencesTypeSeverityUpdated AOSP versions
    CVE-2021-39771A-224545390EoPModerate13
    CVE-2022-20503A-224772890EoPModerate13
    CVE-2022-20505A-225981754EoPModerate13
    CVE-2022-20506A-226133034EoPModerate13
    CVE-2022-20507A-246649179EoPModerate13
    CVE-2022-20508A-218679614EoPModerate13
    CVE-2022-20509A-244713317EoPModerate13
    CVE-2022-20519A-224772678EoPModerate13
    CVE-2022-20520A-227203202EoPModerate13
    CVE-2022-20522A-227470877EoPModerate13
    CVE-2022-20525A-229742768EoPModerate13
    CVE-2022-20529A-231583603EoPModerate13
    CVE-2022-20533A-232798363EoPModerate13
    CVE-2022-20536A-235100180EoPModerate13
    CVE-2022-20537A-235601169EoPModerate13
    CVE-2022-20539A-237291425EoPModerate13
    CVE-2022-20540A-237291506EoPModerate13
    CVE-2022-20544A-238745070EoPModerate13
    CVE-2022-20546A-240266798EoPModerate13
    CVE-2022-20547A-240301753EoPModerate13
    CVE-2022-20549A-242702451EoPModerate13
    CVE-2022-20550A-242845514EoPModerate13
    CVE-2022-20556A-246301667EoPModerate13
    CVE-2022-20557A-247092734EoPModerate13
    CVE-2022-20558A-236264289EoPModerate13
    CVE-2022-42542A-231445184EoPModerate13
    CVE-2022-20199A-199291025IDModerate13
    CVE-2022-20515A-220733496IDModerate13
    CVE-2022-20516A-224002331IDModerate13
    CVE-2022-20517A-224769956IDModerate13
    CVE-2022-20518A-224770203IDModerate13
    CVE-2022-20527A-229994861IDModerate13
    CVE-2022-20531A-231988638IDModerate13
    CVE-2022-20535A-233605242IDModerate13
    CVE-2022-20541A-238083126IDModerate13
    CVE-2022-20552A-243922806IDModerate13
    CVE-2022-20555A-246194233IDModerate13
    CVE-2022-42535A-224770183IDModerate13
    CVE-2022-20521A-227203684DoSModerate13
    CVE-2022-20545A-239368697DoSModerate13

    Kernel components​

    In addition to the platform fixes described above, Pixel also ingested the upstream kernel security fixes associated with snapping to LTS version 5.10.107.
    More information is available at the Android Common Kernels page.
    CVEReferencesTypeSeveritySubcomponent
    CVE-2022-0500A-228560539
    Upstream kernel
    EoPModerateKernel
    CVE-2022-1116A-234020136
    Upstream kernel
    EoPModerateKernel
    CVE-2022-1419A-235540888
    Upstream kernel
    EoPModerateKernel
    CVE-2022-20565A-160818461
    Upstream kernel
    EoPModerateKernel
    CVE-2022-20566A-165329981
    Upstream kernel [2]
    EoPModerateBluetooth L2CAP
    CVE-2022-20567A-186777253
    Upstream kernel
    EoPModerateKernel
    CVE-2022-20568A-220738351
    Upstream kernel
    EoPModerateio_uring
    CVE-2022-20571A-234030265
    Upstream kernel
    EoPModeratedm-verity
    CVE-2022-20572A-234475629
    Upstream kernel [2]
    EoPModeratedm-verity
    CVE-2022-28390A-228694391
    Upstream kernel
    EoPModerateKernel
    CVE-2022-30594A-233438137
    Upstream kernel [2] [3]
    EoPModerateKernel
    CVE-2022-34494A-238479990
    Upstream kernel
    EoPModerateKernel
    CVE-2022-34495A-238480163
    Upstream kernel
    EoPModerateKernel
    CVE-2022-20573A-235183128
    Upstream kernel [2]
    IDModerateKernel

    Pixel​

    CVEReferencesTypeSeveritySubcomponent
    CVE-2022-20582A-233645166 *EoPCriticalLDFW
    CVE-2022-20583A-234859169 *EoPCriticalLDFW
    CVE-2022-20584A-238366009 *EoPCriticalTF-A
    CVE-2022-20585A-238716781 *EoPCriticalLDFW
    CVE-2022-20586A-238718854 *EoPCriticalLDFW
    CVE-2022-20587A-238720411 *EoPCriticalLDFW
    CVE-2022-20588A-238785915 *EoPCriticalLDFW
    CVE-2022-20597A-243480506 *EoPCriticalLDFW
    CVE-2022-20598A-242357514 *EoPCriticalLDFW
    CVE-2022-20599A-242332706 *EoPCriticalPixel firmware
    CVE-2022-42534A-237838301 *EoPCriticalTF-A
    CVE-2022-20498A-249998113 *IDCriticallibfdt
    CVE-2022-20589A-238841928 *IDCriticalLDFW
    CVE-2022-20590A-238932493 *IDCriticalLDFW
    CVE-2022-20591A-238939706 *IDCriticalLDFW
    CVE-2022-20592A-238976908 *IDCriticalLDFW
    CVE-2022-20603A-219265339 *RCEHighModem
    CVE-2022-20607A-238914868 *RCEHighCellular Firmware
    CVE-2022-20610A-240462530 *RCEHighPixel cellular modem
    CVE-2022-20561A-222162870 *EoPHighAudio
    CVE-2022-20564A-243798789 *EoPHighlibufdt
    CVE-2022-42531A-231500967 *EoPHighTF-A
    CVE-2022-20562A-231630423 *IDHighAudio processor
    CVE-2022-20574A-237582191 *IDHighLDFW
    CVE-2022-20575A-237585040 *IDHighLDFW
    CVE-2022-20602A-211081867 *IDHighModem
    CVE-2022-20604A-230463606 *IDHighExynos Firmware
    CVE-2022-20608A-239239246 *IDHighCellular firmware
    CVE-2022-42529A-235292841 *IDHighKernel
    CVE-2022-42530A-242331893 *IDHighPixel firmware
    CVE-2022-42532A-242332610 *IDHighPixel firmware
    CVE-2022-20563A-242067561 *EoPModerateBootloader
    CVE-2022-20569A-229258234 *EoPModeratePixel Thermal Control Driver
    CVE-2022-20576A-239701761 *EoPModerateTelephony
    CVE-2022-20577A-241762281 *EoPModeratesitril
    CVE-2022-20578A-243509749 *EoPModeraterild_exynos
    CVE-2022-20579A-243510139 *EoPModeraterild_exynos
    CVE-2022-20580A-243629453 *EoPModeratelibufdt
    CVE-2022-20581A-245916120 *EoPModeratePixel camera driver
    CVE-2022-20594A-239567689 *EoPModerateWireless Charger
    CVE-2022-20596A-239700400 *EoPModerateWireless Charger
    CVE-2022-20600A-239847859 *EoPModerateLWIS
    CVE-2022-42501A-241231403 *EoPModeraterild_exynos
    CVE-2022-42502A-241231970 *EoPModeraterild_exynos
    CVE-2022-42503A-241231983 *EoPModeraterild_exynos
    CVE-2022-42504A-241232209 *EoPModeraterild_exynos
    CVE-2022-42505A-241232492 *EoPModeraterild_exynos
    CVE-2022-42506A-241388399 *EoPModeraterild_exynos
    CVE-2022-42507A-241388774 *EoPModeraterild_exynos
    CVE-2022-42508A-241388966 *EoPModeraterild_exynos
    CVE-2022-42509A-241544307 *EoPModeraterild_exynos
    CVE-2022-42510A-241762656 *EoPModeraterild_exynos
    CVE-2022-42511A-241762712 *EoPModeraterild_exynos
    CVE-2022-42513A-241763204 *EoPModeraterild_exynos
    CVE-2022-42518A-242536278 *EoPModeraterild_exynos
    CVE-2022-42519A-242540694 *EoPModeraterild_exynos
    CVE-2022-42520A-242994270 *EoPModeraterild_exynos
    CVE-2022-42521A-243130019 *EoPModeraterild_exynos
    CVE-2022-42523A-243376893 *EoPModeraterild_exynos
    CVE-2022-42525A-243509750 *EoPModeraterild_exynos
    CVE-2022-42526A-243509880 *EoPModeraterild_exynos
    CVE-2022-20560A-212623833 *IDModerateKernel
    CVE-2022-20570A-230660904 *IDModerateModem
    CVE-2022-20593A-239415809 *IDModerategralloc
    CVE-2022-20595A-239700137 *IDModerateWireless Charger
    CVE-2022-20601A-204541506 *IDModerateModem
    CVE-2022-20605A-231722405 *IDModerateModem
    CVE-2022-20606A-233230674 *IDModerateModem
    CVE-2022-20609A-239240808 *IDModerateCellular firmware
    CVE-2022-42512A-241763050 *IDModeraterild_exynos
    CVE-2022-42514A-241763298 *IDModeraterild_exynos
    CVE-2022-42515A-241763503 *IDModeraterild_exynos
    CVE-2022-42516A-241763577 *IDModeraterild_exynos
    CVE-2022-42517A-241763682 *IDModeraterild_exynos
    CVE-2022-42522A-243130038 *IDModeraterild_exynos
    CVE-2022-42524A-243401445 *IDModerateModem
    CVE-2022-42527A-244448906 *DoSModerateModem

    Qualcomm components​

    CVEReferencesSeveritySubcomponent
    CVE-2022-25677A-235114749
    QC-CR#3122626
    QC-CR#3103567
    ModerateBootloader

    Qualcomm closed-source components​

    CVEReferencesSeveritySubcomponent
    CVE-2021-30348A-202032128 *ModerateClosed-source component
    CVE-2022-25675A-208302286 *ModerateClosed-source component

    Functional patches​

    For details on the new bug fixes and functional patches included in this release, refer to the Pixel Community forum.

    Common questions and answers​

    This section answers common questions that may occur after reading this bulletin.
    1. How do I determine if my device is updated to address these issues?
    Security patch levels of 2022-12-05 or later address all issues associated with the 2022-12-05 security patch level and all previous patch levels. To learn how to check a device's security patch level, read the instructions on the Google device update schedule.
    2. What do the entries in the Type column mean?
    Entries in the Type column of the vulnerability details table reference the classification of the security vulnerability.
    AbbreviationDefinition
    RCERemote code execution
    EoPElevation of privilege
    IDInformation disclosure
    DoSDenial of service
    N/AClassification not available
    3. What do the entries in the References column mean?
    Entries under the References column of the vulnerability details table may contain a prefix identifying the organization to which the reference value belongs.
    PrefixReference
    A-Android bug ID
    QC-Qualcomm reference number
    M-MediaTek reference number
    N-NVIDIA reference number
    B-Broadcom reference number
    U-UNISOC reference number
    4. What does an * next to the Android bug ID in the References column mean?
    Issues that are not publicly available have an * next to the Android bug ID in the References column. The update for that issue is generally contained in the latest binary drivers for Pixel devices available from the Google Developer site.
    5. Why are security vulnerabilities split between this bulletin and the Android Security Bulletins?
    Security vulnerabilities that are documented in the Android Security Bulletins are required to declare the latest security patch level on Android devices. Additional security vulnerabilities, such as those documented in this bulletin are not required for declaring a security patch level.

    Versions​

    VersionDateNotes
    1.0December 5, 2022Bulletin Published


    The answer to life, the universe, and everything.​

    1667221900824.jpeg
    (* I do not claim copyright to this image, nor do I benefit monetarily from it or these posts)

    Just kidding (the answer is 42, by the way):
    Here there be dragons. 🐉 I am not responsible for anything at all. 😹

    VERY IMPORTANT - On the Pixel 7/Pro, we use Magisk to patch init_boot.img, NOT boot.img AND we flash the patched init_boot to the init_boot partition - do not flash it to the boot partition.​

    Thanks to @edcsxz, @Lughnasadh, and @AndyYan for news about that and confirming it.

    Moved @mariusnoor's provided zero-day OTA.zip to Post #8 - Old news from the OP.

    Unlocking or locking the bootloader will wipe the device every single time, so be sure to have your data backed up before doing so, or better yet, just unlock it as soon as you get the device.​

    Keep in mind that unlocking the bootloader or rooting might affect your phone's capability to use banking apps such as Google Pay, your local bank's app, or even the ability to install some apps like NetFlix. See Post #2 - Unlocking Bootloader / Rooting / Updating | SafetyNet | ADB/Fastboot & Windows USB Drivers.​

    If you're going to re-lock the bootloader, make sure the ROM you have on your phone is completely stock (by flashing the latest official firmware) BEFORE re-locking it.​

    There are no permanent negative consequences if you unlock or re-lock the bootloader other than it will wipe your phone, and while your bootloader is unlocked you get a brief screen when you boot the phone telling you (and anyone who sees your phone at the time) that it's unlocked. You will also continue to receive updates (if you've merely unlocked the bootloader, you can take updates as normal) unlike Samsung, Sony, et cetera, which have permanent major consequences with reduced functionality even if you un-root and re-lock your bootloader. If you're actually rooted (not just bootloader unlocked), you'll have to perform extra steps to manually update each month, and to keep root/re-root.

    INDEX:

    • Post #2 - Unlocking Bootloader / Rooting / Updating | SafetyNet | ADB/Fastboot & Windows USB Drivers:
      • How to Root the first time / aka How to unlock the Bootloader
      • TL;DR - for the seasoned repeat users
        • Unlocking Bootloader (required in order to root)
        • How to update each month (and also how to root)[requires an unlocked bootloader for updating via this factory image method]
          • OPTIONAL: If you want to flash both slots, after this first time, then after do the following
        • SafetyNet
        • Optional steps when updating - flashing custom kernels
          • The two schools of thought on disabling Verity and Verification
      • ADB/Fastboot and Windows USB Drivers - direct download links and the most recent changelog
    • Post #3 - Other, most important resources:
      • A list of other important apps
      • TWRP [not made for the Pixel 7 (or 6) Pro yet - will update when or if ever it has - don't hold your breath]
      • Factory Images (requires an unlocked bootloader)
      • Full OTA Images(doesn't require an unlocked bootloader - you can ask questions in this thread, but I won't be providing the steps necessary, as I always use the factory image)
        • @mariusnoor's provided official URL to download the zero-day OTA to TD1A.220804.031.
      • Check warranty status
      • Official Google Pixel Update and Software Repair (reported as of January 23, 2022 to still not be updated for the Pixel 6/Pro - no idea if it has yet now, or if it will be for the 7/Pro)
      • Official Google Pixel Install fingerprint calibration software (also available at the bottom of the Update and Software Repair page above) - I believe this is only helpful if you've replaced the screen - if it's anything like the Pixel 6 Pro: if you have the screen replaced, then you *must* have the fingerprint reader replaced as well.
      • Find problem apps or Magisk Modules by rebooting to safe mode
      • Official Google Android Flash Tool (OEM Unlocking needs to be toggled on - you do not have to manually unlock the bootloader - their site will do that on its own)
      • How to determine if you already have Verity and Verification disabled (required for custom kernels for now)
      • How to unroot
    • Post #4 - Google Pixel Updates (more user-friendly to read than Pixel Update Bulletins) (nothing for the P7P yet)
      • Old Google posts/updates
    • Post #5 - Pixel Update Bulletins
      • Old Bulletins
    • Post #6 - Regarding P7P 5G model numbers and capabilities, and how to determine your hardware version
    • Post #7 - My personal advice for how to get your device back up and running as you had it before a factory reset
    • Post #8 - Old news from the OP

    Thank you to the following users who have all contributed greatly to my knowledge of Pixels since I came back to XDA a year ago after a few years of mostly inactivity. Apologies if I miss anybody. In alphabetical order:

    39

    Unlocking Bootloader / Rooting / Updating | SafetyNet | ADB/Fastboot & Windows USB Drivers


    Unlocking Bootloader / Rooting / Updating:

    How to Root the first time / aka How to unlock the Bootloader:
    Unlocking the bootloader will factory reset your device. There is no way around this. I highly suggest never re-locking your bootloader once you unlock it. If you do ever re-lock the bootloader, only do so after restoring the phone to 100% stock by using the latest Pixel 7 Pro Factory Image or Official Google Android Flash Tool.

    Verizon variants:
    Will never be able to have their bootloader unlocked. It's like winning the lottery, and just as rare and relatively random. There is nothing that anyone on XDA can do to help you unlock your Verizon variant.

    T-Mobile and AT&T variants:
    Can be unlocked once you pay the phone off, then you contact the carrier and arrange to Carrier unlock the phone. Once the phone is Carrier unlocked, then you can unlock the bootloader with the usual caveats (will wipe the device and there's no way around it).

    The direct-from-Google (or other retailers who aren't U.S. Carriers), the factory Carrier Unlocked Pixels:
    Can be bootloader unlocked at any time. I'd try it first before putting a SIM card in the phone. If OEM unlocking is grayed out, try connecting to Wi-Fi, and reboot if necessary. If it's still grayed out, try with your SIM card, and reboot again. Historically on Pixels, most of the time you can toggle OEM unlocking immediately, but occasionally some users have found it took a little while after being either connected to Wi-Fi or having your SIM card installed in it, and then eventually (hours? day? days?) you can toggle OEM unlocking.

    The rest of the world's carriers:
    No idea. Feel free to ask in the thread and hopefully, someone with specific knowledge will answer.

    Other than trying the things I mentioned above, there is nothing else that anyone on XDA can do to help get OEM unlocking to be ungrayed.

    Unlocking Bootloader (required in order to root)
    The one-time first steps are:
    1. Android Settings
    2. About phone
    3. Click on Build number repeatedly, about seven times
    4. Go back to the main Android Settings
    5. System
    6. Developer options
      • Toggle OEM unlocking on. See @Namelesswonder's tip below (this won't help with variants that are supposed to be bootloader locked):
        Also a little tip for anyone trying to enable OEM unlocking on a device and it is grayed out, you can force the phone to check for eligibility by connecting to the internet in whatever way, going to the dialer, and dialing *#*#2432546#*#* (CHECKIN).
        You should receive a notification from Google Play services with "checkin succeeded" and OEM unlocking should be available immediately if the device is eligible.
        Google account not needed, SIM not needed, no other setup required. Works on completely-skipped-setup-wizard. Just need to make sure to connect to the internet and select the connection as metered to avoid any updates.
      • Toggle USB debugging on.
      • [Optional] I highly suggest you also disable Automatic system updates. Note that in a situation such as the Android 12 serious bootloader security issue, this setting will not keep Google from forcing an update to come through anyway.
    7. How to actually root follows the same steps below as how to update each month.
    8. Download the latest ADB/Fastboot (SDK Platform Tools) and Windows USB Drivers.
    9. Unzip the Platform Tools and Drivers.
    10. NOTE: If you have USB drivers for other Android devices installed, like Samsung, they can alternately sometimes work and not work with Google Pixels. I recommend uninstalling those drivers, or at least updating that driver to Google's driver as instructed below (the Device Manager entry may be different with other OEMs).​

    11. The Windows USB Drivers may have to be installed twice:
      • The first time while your phone is running and unlocked as normal.
        1. In Windows, right-click on the Start Button and choose Device Manager.
        2. Plug your phone into the computer and look for the new hardware entry in Device Manager. Near the top of Device Manager should be Android Device. Click the drop-down arrow to the left of it.
        3. Below Android Device, it should now show Android Composite ADB Interface
        4. Right-click the Android Composite ADB Interface and choose Update driver
        5. Choose Browse my computer for drivers
        6. Click Browse and navigate to where you unzipped the Windows USB drivers to.
        7. Follow the prompts to install the driver.
        8. Keep Device Manager itself open - you'll need it again in a minute, but you can close any other Device Manager windows after you have installed the driver.
        9. Open a Command Prompt and navigate to the platform-tools folder.
        10. Run command:
          Code:
          adb devices
        11. On your Android device, you'll get an ADB prompt. Check the box to always give ADB permission and click OK.
        12. Confirm that the command results in a list of Android devices. When doing these producedures, you should only have the one device you want to work on connected, to keep things simple.
      • The second time to install the driver is while the phone is in Bootloader (fastboot mode), notFastbootD (fastbootd) mode. I know it's confusing.
        • Run command:
          Code:
          adb reboot bootloader
        • Repeat the instructions above starting with "Right-click the Android Composite ADB Interface".
          • This second time installing the drivers while in Bootloader (fastboot mode), it will show up as "Android Bootloader Interface". Thanks @simplepinoi177 for the suggestion to add this detail.
    12. Run command:
      Code:
      fastboot flashing unlock
    13. On the phone, press either the up or down volume button once until you see Unlock the bootloader |>| beside the power button.
    14. Press the power button. The phone will go black for a second and then show near the bottom Device state: unlocked.
    15. After these first-time steps to unlock the bootloader, if you want to root, continue below at the step:
    How to update each month (and also how to root) [requires an unlocked bootloader for updating via this factory image method]
    1. These three instructions only apply if you're already rooted and updating from one firmware version to another:
      • Made sure all Magisk Modules have been updated.
      • Disable all Magisk Modules.
      • UNhide Magisk!
    2. If you are going to use the Official Google Android Flash Tool, then skip the steps I indicate with FAB (Flash-All.Bat).
      • If using the Android Flash Tool to update/dirty flash, you should have the following items not selected:
        • Deselect Wipe
        • Deselect Force Flash all partitions (which will also wipe)
        • Deselect re-lock bootloader
    3. Always use the latest ADB/Fastboot (SDK Platform Tools) and Windows USB Drivers.
    4. Unzip the Platform Tools.
    5. Download the latest Pixel 7 Pro Factory Image (at the bottom of the "Cheetah" section).
    6. Unzip the factory image to the same platform-tools folder, i.e. so that flash-all.bat and all other files are in the same folder as ADB and Fastboot from the platform-tools.
    7. * FAB VERY important - Edit the flash-all.bat (on Windows) or flash-all.sh (on Linux) and remove the -w from the fastboot update image-cheetah-etcetera.zip line. This will keep the script from wiping your phone when you run it.
    8. Extract only the init_boot.img file from the image-cheetah-etcetera.zip to the same platform-tools folder.
    9. Copy the init_boot.img from the PC to the phone's internal storage.
    10. * FAB Run commands:
      Code:
      adb reboot bootloader
      flash-all.bat (on Windows)
      or
      flash-all.sh (on Linux)
      
      (Note:  At least two Apple Macintosh users had trouble using the flash-all.sh - at least one of those users, everything went smooth once they used a Windows PC for this part of the process)

      IMPORTANT - The flash-all will take several minutes and reboot on its own several times including to a mode called "FastbootD", and finally reboot into full Android when it's done. Do not interrupt this process. On the FastbootD screen on the phone, do not use any of the manual selection options - let the flash-all script do it's work. Do not unplug your phone until it has fully booted into Android.​

      Thanks to @PurppleMonkey and @xgerryx for suggesting a warning about this. Thanks to @simplepinoi177 for suggesting the "FastbootD" clarification.
    11. On the phone:
      • Wait for the phone to boot normally. Unlock the phone.
      • OPTIONAL: If you want to flash both slots, after this first time, then after do the following:

        • Code:
          adb reboot bootloader
          fastboot --set-active=other
          fastboot reboot bootloader
          flash-all.bat
        So you're doing the flash-all.bat a second time on the second slot.
      • Apply Magisk Stable to it. NOTE: It is always possible that an Android Update (Monthly, QPR [Quarterly Platform Release], new major Android versions, and Beta versions) might need a new version of Magisk Stable, Beta, or Canary from GitHub to work correctly. XDA forum for Magisk is here.
        • Launch the Magisk app.
        • Beside "Magisk", click "Install".
        • Click "Select and Patch a File", and choose the init_boot.img that you just copied to the phone's storage.
    12. Copy the Magisk'd init_boot.img (filename similar to magisk_patched-25200_1a2B3c.img)back over to the computer.
    13. Open a Command Prompt and navigate to the platform-tools folder.
    14. Run command:
      Code:
      adb reboot bootloader
    15. After phone has rebooted into Bootloader (Fastboot) mode, run command:
      Code:
      fastboot flash init_boot magisk_patched-25200_1a2B3c.img
      fastboot reboot
    16. Confirm that the phone boots completely normally.
    17. Cautiously re-enable Magisk Modules.
    18. Reboot.
    19. Confirm everything worked fine.
    20. If the phone won't boot correctly after having enabled Magisk Modules, see either of the two solutions below:
      • For the future, you don't need to go into safe mode unless that's your preference. I forgot what all it resets, but it's many settings and it's bothersome. I'd rather just reinstall my modules and not have to figure out those Android settings/changes which I come across days or weeks later when I infrequently do something. Have your phone reboot and run this:
        Code:
        adb wait-for-device shell magisk --remove-modules
        I like to just do this first:
        Code:
        adb devices
        So the server is running, then I have the long one pasted and ready to go once the phone turns off.
      • Find problem apps or Magisk Modules by rebooting to safe mode section in my next post. After following that link, you may have to scroll up a little bit and the section title will be highlighted.

    SafetyNet:

    New Universal SafetyNet Fix released by @Displax, which is a later minor revision of the test MOD version previously posted in this thread, and of the original MOD 2.0 which apparently had some typos - the latter which didn't work due to the typos but is now fixed if you download the latest one. You can get it either from XDA or on GitHub.
    1. Launch the Magisk app.
    2. Go to Magisk's Settings (Gear in top right).
      • Click Hide the Magisk app.
      • When you hide it, you'll have the optional opportunity to change the Magisk app's name to whatever you wish. It doesn't have to be complex to fool apps that check for Magisk.
      • Important: When you have the Magisk app hidden or renamed, you can accidentally install a new copy of Magisk. This situation won't work at all - neither copy of Magisk will work with two installed. This is one reason why I don't completely hide Magisk, so I can tell it's installed because I have it renamed as something easily recognizable.
      • Back to the Magisk app's Settings...
      • Click Systemless hosts. This adds a Magisk Module to Magisk, which you can verify in a later step.
      • Toggle Zygisk on.
      • Toggle Enforce DenyList on.
      • Click Configure DenyList.
        • Add every app that you want to explicitly deny root and the existence of root.
        • You can click the 3-dot menu and choose the options to display system and/or OS apps, if necessary.
        • Note that for many apps, it is not enough to click the single checkmark to the right of the app name in this list. For many but not all apps, you should click on the app name and you'll see it expand to two or more entries, each with its own toggles. In this expanded state, you can now check the single top checkbox beside the main app name and it'll toggle all individual sub-entries.
        • Some apps add new entries to this list from time to time, so if you find that an app used to work for you when rooted and doesn't now, check this list again and look for the entries that aren't fully checked. There will be an incomplete horizontal line above the apps that don't have all of their sub-entries toggled.
        • You can use the Search button at the top of this list to find specific apps quickly.
        • The most common apps you should definitely fully check in this list are:
          • IMPORTANT - There are some things, such as Google Play Services which it's fine to add to the DenyList, but it's perfectly normal when used in combination with the Universal SafetyNet Fix (USNF) that it is back to being unchecked the next time you visit the DenyList. Since USNF takes care of Google Play Services, you don't even have to add it to the DenyList in the first place.​

          • Google Play Store
          • Google Services Framework
          • Google Play Protect Service
          • Wallet
          • GPay
          • Any banking apps.
          • Any streaming apps that use DRM.
          • Any 2FA apps, especially those for work.
          • Some of those Google apps might not need denying, but it doesn't hurt to deny them.
          • Any time you toggle more entries in this list, it may be necessary to reboot the phone for it to take effect.
    3. From the main screen in the Magisk app, go to Modules at the bottom.
    4. Confirm that the Systemless hosts Magisk Module is added to this list, and enabled.
    5. Install the Magisk Module: Universal SafetyNet Fix. For now, use @Displax new Universal SafetyNet Fix, which is a later minor revision of the test MOD version previously posted in this thread, and of the original MOD 2.0 which apparently had some typos - the latter which didn't work due to the typos but is now fixed if you download the latest one. You can get it either from XDA or on GitHub.
    6. Reboot.
    7. Install from the Play Store:
      • YASNAC - SafetyNet Checker
        • Launch it.
        • Click Run SafetyNet Attestation.
        • It should say:
          • Basic integrity: Pass
          • CTS profile match: Pass
          • Evaluation type: BASIC
      • Play Integrity API Checker
        • Launch it.
        • Click Check.
        • It should have the following with a green checkmark:
          • MEETS_DEVICE_INTEGRITY
          • MEETS_BASIC_INTEGRITY
        • It's normal for MEETS_STRONG_INTEGRITY to have a red X.
      • You don't have to keep these installed, although I keep them handy.
      • Sometimes, clearing app cache and/or data for apps like the Google Play Store, GPay, Wallet and others (and then rebooting) after these steps may help pass SafetyNet as well.
    8. See @V0latyle's explanation (and further linked post) for why we can't achieve STRONG_INTEGRITY with an unlocked bootloader.
    9. See @V0latyle's [DISCUSSION] Play Integrity API regarding why SafetyNet, per se, is actually defunct and replaced with Play Integrity - and @Displax new Universal SafetyNet Fix referenced in the steps above takes care of the latter.

    Optional steps when updating - flashing custom kernels:
    • Download the custom kernel of choice on the phone.
      • Be sure to read the particular installation instructions in the kernel threads' OP - any instructions in their OPs takes priority over anything I say here, which is generalized.​

        For now even the AK3 Zip versions of custom kernels requires Verity and Verification to be disabled.
        How to determine if you already have Verity and Verification disabled - see section in Post #3 - Other, most important resources
      • The two schools of thought on disabling Verity and Verification:
        • My post here. If you want to discuss it any, please do so in my thread, or at least not in that custom kernel thread, so as to keep the thread on-topic.
    • Extract the vbmeta.img file from the inner Zip of the factory image zip and put it in the same folder with the latest extracted platform-tools.
    • Hook the phone up to your computer and run the following commands:

      • Code:
        adb reboot bootloader
        [wait for the phone to reboot to bootloader (fastboot mode)]
        Code:
        fastboot flash vbmeta vbmeta.img --disable-verity
        fastboot reboot
    • Unlock the phone once it's booted up.
    • Make sure the Kernel Flasher app is up to date. XDA thread for the Kernel Flasher app is here.
    • Launch Kernel Flasher.
    • Select the slot that's mounted.
    • Choose Flash AK3 Zip.
    • Select the custom kernel zip just downloaded.
    • When it's done flashing, head to Android Settings and perform a Factory Reset, as is currently needed for Despair kernel.
    • If you failed to disable Verity and Verification ahead of time, if you have to, just force the phone off using these instructions: Turn your Pixel phone on & off, then press the Volume Down and Power buttons for a couple of seconds to get into the bootloader (fastboot mode). You'll still have to factory reset after disabling Verity in combination with this kernel, for now.
    • Whenever you use the flash-all to flash your phone, as long as you want to continue to disable Verity and Verification, you'll have to further modify the flash-all script as such:

      • Code:
        fastboot update image-cheetah-buildnumber.zip --disable-verity --disable-verification

    ADB/Fastboot & Windows USB Drivers:

    Platform Tools was updated in August 2022 to v33.0.3:
    Windows: https://dl.google.com/android/repository/platform-tools-latest-windows.zip
    Mac: https://dl.google.com/android/repository/platform-tools-latest-darwin.zip
    Linux: https://dl.google.com/android/repository/platform-tools-latest-linux.zip

    Release Notes https://developer.android.com/studio/releases/platform-tools:

    33.0.3 (Aug 2022)​

    • adb
      • Don't retry adb root if first attempt failed.
      • Fix track-devices duplicate entry.
      • Add receive windowing (increase throughput on high-latency connections).
      • More specific error messages in the "more than one device" failure cases.
      • Reject unexpected reverse forward requests.
      • Fix install-multi-package on Windows.
    • fastboot
      • Remove e2fsdroid as part of SDK platform-tools.
      • Print OemCmdHandler return message on success.
    You'll need this if you're going to unlock the bootloader on your Pixel 7 Pro: SDK Platform Tools (download links for Windows, Mac, and Linux). Note that you can find links to download the tools elsewhere, but I wouldn't trust them - you never know if they've been modified. Even if the person providing the link didn't do anything intentionally, the tools could be modified without them being aware. Why take a chance of putting your phone security further at risk?

    You can alternately use the tools from the SDK Manager, but most of us will want to stick to the basic tools-only without the complications of the full development manager.
    For Windows, get Google's drivers here Get the Google USB Driver (ADB will likely work while the phone is fully booted, but if you're like me, you'll need these drivers for after you adb reboot-bootloader, to be able to use ADB and Fastboot.
    33
    Please test this UNSF build. Should be passing basic/device integrity.

    Use updated version from main post instead
    17

    Other, most important resources


    A list of other important apps: - be sure to thank the respective OPs:
    How to unroot
    One of these two options:
    1. Official Google Android Flash Tool (OEM Unlocking needs to be toggled on - you do not have to manually unlock the bootloader - their site will do that on its own).
      Select the options to:
      • Wipe
      • Force flash all partitions
      • Re-lock bootloader
    2. Flash the completely stock init_boot.img from the same firmware version that you're on:
      Code:
      adb reboot bootloader
      fastboot flash init_boot init_boot.img

    TWRP [not made for the Pixel 7 (or 6) Pro yet - will update when or if ever it has - don't hold your breath]
    I would guess that this should be the appropriate URL for official TWRP custom recovery for the Pixel 7 Pro, but who knows when/if that will actually be made available, and it may become available unofficially in these forum sections before being made official. I'll adjust this URL as needed. https://twrp.me/google/googlepixel7pro.html.

    Factory Images (requires an unlocked bootloader)
    It's also handy to have to the full official firmware available, whether it's to recover from accidents or for actual development. Note the official link to the general Factory Images for Nexus and Pixel Devices page. The following link goes directly to the Pixel 7 Pro (Cheetah) section: Pixel 7 Pro Factory Images. I prefer to actually bookmark a link to the device listed immediately below the device I want the firmware for, because Google dumbly (in my opinion) puts the latest firmware at the bottom of the list for each particular device, and that ends up making you scroll a lot after a year or two of monthly updates.

    Full OTA Images (doesn't require an unlocked bootloader - you can ask questions in this thread, but I won't be providing the steps necessary, as I always use the factory image)

    Check warranty status - *may* reveal if a phone is refurbished, only if the phone was refurbished through Google - thanks to @Alekos for making me aware of the site.

    Official Google Pixel Update and Software Repair (reported as of January 23, 2022 to still not be updated for the Pixel 6/Pro - no idea if it has yet now, or if it will be for the 7/Pro)

    Official Google Pixel Install fingerprint calibration software (also available at the bottom of the Update and Software Repair page above) - I believe this is only helpful if you've replaced the screen - if it's anything like the Pixel 6 Pro: if you have the screen replaced, then you *must* have the fingerprint reader replaced as well.

    Find problem apps or Magisk Modules by rebooting to safe mode
    Google's Help Page for Find problem apps by rebooting to safe mode - this can be a lifesaver and keep you from having to do a restore to 100% complete stock or even from having to do a factory reset. This will deactivate all Magisk modules, and they'll remain deactivated even after you boot normally after briefly booting to safe mode. You can re-enable the Magisk modules as you wish to try to narrow down the problem if it was caused by a Magisk module. This can even get things working again after a Magisk Module wasn't finished installing and potentially causing a bootloop.
    You can also follow @Jon8RFC's advice:
    For the future, you don't need to go into safe mode unless that's your preference. I forgot what all it resets, but it's many settings and it's bothersome. I'd rather just reinstall my modules and not have to figure out those Android settings/changes which I come across days or weeks later when I infrequently do something. Have your phone reboot and run this:
    Code:
    adb wait-for-device shell magisk --remove-modules
    I like to just do this first:
    Code:
    adb devices
    So the server is running, then I have the long one pasted and ready to go once the phone turns off.

    Worked for me yesterday when I accidentally tried some old version of a Magisk Module. You have to reinstall your Magisk Modules, but if you're using a third-party widget, it won't disable them like Safe mode does.

    Official Google Android Flash Tool (OEM Unlocking needs to be toggled on - you do not have to manually unlock the bootloader - their site will do that on its own)
    OEM unlocking in developer options needs to be toggled on. I don't "believe" you have to actually do the "fastboot flashing unlock" command.

    How to determine if you already have Verity and Verification disabled (required for custom kernels for now)
    I keep seeing this asked, so I added a Magisk module for it to the linked Github release. With the module installed, you can just run:

    Code:
    su
    avbctl get-verity
    avbctl get-verification

    I spent way more time debugging that I downloaded Github's HTML of the update-binary script rather than the raw file than I care to admit. 🤦‍♂️ Off to bed.
    Alternative two more manual ways of checking:
    Since you´re probably already rooted anyway if you plan to flash this kernel, simply reboot your device. After you enter the device immediately take a kernel log with for example EXKM or any other app that allows to do that, terminal, etc.

    Look for that line
    [ 1.273480] init: [libfs_avb]AVB HASHTREE disabled on: /vendor_dlkm

    If you see this line, verity/verification should be disabled.
    I've seen several cases where having the ability to check would have been handy, so I pushed an avbctl binary built against the latest aosp sources here.

    The simplest way to use it would be the following:

    Code:
    adb push avbctl /data/local/tmp
    adb shell
    su
    cd /data/local/tmp
    chmod +x avbctl
    ./avbctl get-verity
    ./avbctl get-verification
    14
    Added Thanks to OP:
    Thank you to the following users who have all contributed greatly to my knowledge of Pixels since I came back to XDA a year ago after a few years of mostly inactivity. Apologies if I miss anybody. In alphabetical order:
    Also organized the heck out of the OP and reserved posts. I wanted to do this with my Pixel 6 Pro OP which became so much of a mess, and when I looked at the underlying BB-Code, it was even more of a mess than it seemed on the surface.