[GUIDE] Pixel 3a XL "bonito": Unlock Bootloader, Update, Root, Pass SafetyNet

Search This thread

V0latyle

Forum Moderator
Staff member
If you are looking for my guide on a different Pixel, find it here:
WARNING: YOU AND YOU ALONE ARE RESPONSIBLE FOR ANYTHING THAT HAPPENS TO YOUR DEVICE. THIS GUIDE IS WRITTEN WITH THE EXPRESS ASSUMPTION THAT YOU ARE FAMILIAR WITH ADB, MAGISK, ANDROID, AND ROOT. IT IS YOUR RESPONSIBILITY TO ENSURE YOU KNOW WHAT YOU ARE DOING.

Prerequisites:


Android Source - Setting up a device for development


  1. Follow these instructions to enable Developer Options and USB Debugging.
  2. Enable OEM Unlocking. If this option is grayed out, unlocking the bootloader is not possible.
  3. Connect your device to your PC, and open a command window in your Platform Tools folder.
  4. Ensure ADB sees your device:
    Code:
    adb devices
    If you don't see a device, make sure USB Debugging is enabled, reconnect the USB cable, or try a different USB cable.
    If you see "unauthorized", you need to authorize the connection on your device.
    If you see the device without "unauthorized", you're good to go.
  5. Reboot to bootloader:
    Code:
    adb reboot bootloader
  6. Unlock bootloader: THIS WILL WIPE YOUR DEVICE!
    Code:
    fastboot flashing unlock
    Select Continue on the device screen.

  1. Install Magisk on your device.
  2. Download the factory zip for your build.
  3. Inside the factory zip is the update zip: "device-image-buildnumber.zip". Open this, and extract boot.img
  4. Copy boot.img to your device.
  5. Patch boot.img with Magisk: "Install" > "Select and Patch a File"
  6. Copy the patched image back to your PC. It will be named "magisk_patched-23xxx_xxxxx.img". Rename this to "master root.img" and retain it for future updates.
  7. Reboot your device to bootloader.
  8. Flash the patched image:
    Code:
    fastboot flash boot <drag and drop master root.img here>
  9. Reboot to Android. Open Magisk to confirm root - under Magisk at the top, you should see "Installed: <Magisk build number>

  1. Before you download the OTA, open Magisk, tap Uninstall, then Restore Images. If you have any Magisk modules that modify system, uninstall them now.
  2. Take the OTA update when prompted. To check for updates manually, go to Settings > System > System Update > Check for Update
  3. Allow the update to download and install. DO NOT REBOOT WHEN PROMPTED. Open Magisk, tap Install at the top, then Install to inactive slot. Magisk will then reboot your device.
  4. You should now be updated with root.

  1. Download the OTA.
  2. Reboot to recovery and sideload the OTA:
    Code:
    adb reboot sideload
    Once in recovery:
    Code:
    adb sideload ota.zip
  3. When the OTA completes, you will be in recovery mode. Select "Reboot to system now".
  4. Allow system to boot and wait for the update to complete. You must let the system do this before proceeding.
  5. Reboot to bootloader.
  6. Boot the master root image (See note 1):
    Code:
    fastboot boot <drag and drop master root.img here>
    Note: If you prefer, you can download the factory zip and manually patch the new boot image, then flash it after the update. Do not flash an older boot image after updating.
  7. Your device should boot with root. Open Magisk, tap Install, and select Direct Install.
  8. Reboot your device. You should now be updated with root.
Note: You can use Payload Dumper to extract the contents of the OTA if you want to manually patch the new boot image. However, I will not cover that in this guide.

Please note that the factory update process expects an updated bootloader and radio. If these are not up to date, the update will fail.
  1. Download the factory zip and extract the contents.
  2. Reboot to bootloader.
  3. Compare bootloader versions between phone screen and bootloader.img build number
    Code:
    fastboot flash bootloader <drag and drop new bootloader.img here>
    If bootloader is updated, reboot to bootloader.
  4. Compare baseband versions between phone screen and radio.img build number
    Code:
    fastboot flash radio <drag and drop radio.img here>
    If radio is updated, reboot to bootloader.
  5. Apply update:
    Code:
    fastboot update --skip-reboot image-codename-buildnumber.zip
    When the update completes, the device will be in fastbootd. Reboot to bootloader.
  6. Boot the master root image (See note 1):
    Code:
    fastboot boot <drag and drop master root.img here>
    Note: If you prefer, you can manually patch the new boot image, then flash it after the update. Do not flash an older boot image after updating.
  7. Your device should boot with root. Open Magisk, tap Install, and select Direct Install.
  8. Reboot your device. You should now be updated with root.
Note: If you prefer, you can update using the flash-all script included in the factory zip. You will have to copy the script, bootloader image, radio image, and update zip into the Platform Tools folder; you will then have to edit the script to remove the -w option so it doesn't wipe your device.
The scripted commands should look like this:
Code:
fastboot flash bootloader <bootloader image name>
fastboot reboot bootloader
ping -n 5 127.0.0.1 > nul
fastboot flash radio <radio image name>
fastboot reboot bootloader
ping -n 5 127.0.0.1 > nul
fastboot update  --skip-reboot --slot=all <image-device-buildnumber.zip>
Once this completes, you can reboot to bootloader and either boot your master patched image, or if you patched the new image, flash it at this time.

  1. Follow the instructions on the Android Flash Tool to update your device. Make sure Lock Bootloader and Wipe Device are UNCHECKED.
  2. When the update completes, the device will be in fastbootd. Reboot to bootloader.
  3. Boot the master root image (See note 1):
    Code:
    fastboot boot <drag and drop master root.img here>
    Note: If you prefer, you can download the factory zip and manually patch the new boot image, then flash it after the update. Do not flash an older boot image after updating.
  4. Your device should boot with root. Open Magisk, tap Install, and select Direct Install.
  5. Reboot your device. You should now be updated with root.

This is my configuration that is passing Safety Net. I will not provide instructions on how to accomplish this. Attempt at your own risk.

Zygisk + DenyList enabled
All subcomponents of these apps hidden under DenyList:
  • Google Play Store
  • GPay
  • Any banking/financial apps
  • Any DRM media apps
Modules:
To check SafetyNet status:
I do not provide support for Magisk or modules. If you need help with Magisk, here is the Magisk General Support thread. For support specifically with Magisk v24+, see this thread.

Points of note:
  • The boot image is NOT the bootloader image. Do not confuse the two - YOU are expected to know the difference. Flashing the wrong image to bootloader could brick your device.
  • While the Magisk app is used for patching the boot image, the app and the patch are separate. This is what you should see in Magisk for functioning root:
    screenshot_20211218-194517-png.5486339
  • "Installed" shows the version of patch in the boot image. If this says N/A, you do not have root access - the boot image is not patched, or you have a problem with Magisk.
  • "App" simply shows the version of the app itself.
  • If you do not have a patched master boot image, you will need to download the factory zip if you haven't already, extract the system update inside it, then patch boot.img.
  • If you prefer updating with the factory image, you can also extract and manually patch the boot image if desired.
  • Some Magisk modules, especially those that modify read only partitions like /system, may cause a boot loop after updating. As a general rule, disable these modules before updating. You are responsible for knowing what you have installed, and what modules to disable.


Credits:
Thanks to @ipdev , @kdrag0n , @Didgeridoohan , and last but not least, @topjohnwu for all their hard work!
 
Last edited:

Cheetah_Bear

New member
May 30, 2022
3
2
Hi, thank you for the guide. I am very new here and I have some questions that I hope you can answer before I proceed.

First of all, I assume I should back up my device on an external medium if I screw the pooch. With that in mind, do you have any suggestions/ links on guides that can help me with that? If not, I'm sure I can do some good digging to find something suitable.

Second, I'm not exactly sure what "Bonito" is and from what I have seen from googling, it seems to be connected to the LineageOS operating system. Is this different from the current, factory OS that my phone is running? Is there a way to root my device without changing the factory OS if that's the case? If not, that's okay, I don't mind switching to an open-source OS that seems to have a good reputation.

Third, is the guide supposed to be followed sequentially with the first step being, "Spoiler: Downloads" and the last step being, "Spoiler: Pass SafetyNet?" Or are the first 3 steps, "Spoiler: Downloads", "Spoiler: Unlock Bootloader" and, "Spoiler: Initial Root / Create Master Root Image" are essential steps and the subsequent steps afterwards are based on personal needs? Ideally, using Android Flash Tool seems painless and foolproof which is perfect for me. Afterwards, I will attempt to copy the Spoiler: Pass SafetyNet" step.

Fourth, what is your take on using Android Flash Tool vs TOOL ALL IN ONE for flashing? TOOL ALL IN ONE seems even more painless and fool-proof and apart from backing up, seems easier. But I would love your take on this?

Feel free to answer any or none of these questions. I know it's a lot but id rather ask questions to a staff member before proceeding?

Thanks again for the guide!
 

V0latyle

Forum Moderator
Staff member
Hi, thank you for the guide. I am very new here and I have some questions that I hope you can answer before I proceed.

First of all, I assume I should back up my device on an external medium if I screw the pooch. With that in mind, do you have any suggestions/ links on guides that can help me with that? If not, I'm sure I can do some good digging to find something suitable.
Without root, there is no way to do a full backup including app data. The best you can do is sync your Pixel with your Google account.
Second, I'm not exactly sure what "Bonito" is and from what I have seen from googling, it seems to be connected to the LineageOS operating system. Is this different from the current, factory OS that my phone is running? Is there a way to root my device without changing the factory OS if that's the case? If not, that's okay, I don't mind switching to an open-source OS that seems to have a good reputation.
"Bonito" is Google's internal name for the device and has little to do with the software. The Pixel 5 is "redfin", the 5a is "bramble", the Pixel 2 was "walleye".

As far as rooting your device, yes - if you follow this guide, you will gain root on the stock OS. I am currently using my Pixel 5 with the OEM firmware, patched with Magisk.
Third, is the guide supposed to be followed sequentially with the first step being, "Spoiler: Downloads" and the last step being, "Spoiler: Pass SafetyNet?" Or are the first 3 steps, "Spoiler: Downloads", "Spoiler: Unlock Bootloader" and, "Spoiler: Initial Root / Create Master Root Image" are essential steps and the subsequent steps afterwards are based on personal needs? Ideally, using Android Flash Tool seems painless and foolproof which is perfect for me. Afterwards, I will attempt to copy the Spoiler: Pass SafetyNet" step.
This guide is not sequential; I provided different instructions for different scenarios. The downloads are simply the resources you will need. To attain root, simply follow the instructions under "Initial Root". When the June update is released, you can update using your method of choice, and follow the relevant instructions to regain root.
Fourth, what is your take on using Android Flash Tool vs TOOL ALL IN ONE for flashing? TOOL ALL IN ONE seems even more painless and fool-proof and apart from backing up, seems easier. But I would love your take on this?
I personally do not like using third party tools, and I simply use adb/fastboot. The Android Flash Tool is simply for flashing factory firmware and cannot flash custom images.
Feel free to answer any or none of these questions. I know it's a lot but id rather ask questions to a staff member before proceeding?
No worries. It sounds like you have a lot to learn but you're at the right place; XDA is full of knowledgeable people who can help you out.
Thanks again for the guide!
Thank you for your appreciation.
 
  • Like
Reactions: Cheetah_Bear

Cheetah_Bear

New member
May 30, 2022
3
2
Well, with a bit of hard work and head-bashing into my desk, my phone is fully rooted and backed up. I want to extend my thanks again for this guide. I'll be sure to return when the next updates roles around.

I am still trying to play around with Safety Net and my financial app. YASNAC says my Saftey Net passes, but my finance app won't open because it's still, somehow, detecting root, even after being placed under the Deny List.

Regardless, that is a problem for another day. Today is a day of celebration because my phone is rooted and rocking. 🥳🥳

Thank you again.
 
  • Like
Reactions: V0latyle

V0latyle

Forum Moderator
Staff member
Well, with a bit of hard work and head-bashing into my desk, my phone is fully rooted and backed up. I want to extend my thanks again for this guide. I'll be sure to return when the next updates roles around.

I am still trying to play around with Safety Net and my financial app. YASNAC says my Saftey Net passes, but my finance app won't open because it's still, somehow, detecting root, even after being placed under the Deny List.

Regardless, that is a problem for another day. Today is a day of celebration because my phone is rooted and rocking. 🥳🥳

Thank you again.
Make sure you're using USNF and MHPC; DenyList alone won't do it.

You may also have to block the Play Store due to Play Protect.
 

BadRx

Senior Member
Dec 15, 2014
52
8
46
Azusa, CA
Google Pixel 3a XL
Moto G 5G
Most likely not. There is no way to force unlock. If you bought a branded variant like Verizon, unlocking the bootloader is not possible.
Why is that? I find that sooo... disturbing. From a hobbyist point of view this is just so unacceptable. You mean to tell me that I can't flash the chips somehow on this phone? Now there was a way carrier lock... you mean to tell me there is no way to carrier unlock? Not even the carrier? That's... just hard to believe.
 

V0latyle

Forum Moderator
Staff member
Why is that? I find that sooo... disturbing. From a hobbyist point of view this is just so unacceptable. You mean to tell me that I can't flash the chips somehow on this phone? Now there was a way carrier lock... you mean to tell me there is no way to carrier unlock? Not even the carrier? That's... just hard to believe.
I'm talking about bootloader unlock. It is a well known fact, having been established since the original Pixel (if not the Nexus series) that Google devices sold through carriers such as Verizon are not bootloader unlockable. This is why if you want a completely unlocked device, you must buy directly from Google.

As far as carrier unlock...that depends on the carrier. If you bought your device from Google, it's already carrier unlocked. But if you bought it through a carrier, they may or may not unlock it depending on their own policies. I don't know what Verizon's is, but most US carriers will allow carrier unlock as long as 1) there is no lien on the device (it's paid off) and 2) your account is not under contractual obligations.

It may seem weird to you, but they're protecting their investments. You can't reasonably expect a carrier to provide you a device at a discount with no restrictions. Either buy used from Swappa, or new full price from Google, and use the carrier only as a carrier. If you buy a phone through them, don't expect the same freedom.
 

BadRx

Senior Member
Dec 15, 2014
52
8
46
Azusa, CA
Google Pixel 3a XL
Moto G 5G
I'm talking about bootloader unlock. It is a well known fact, having been established since the original Pixel (if not the Nexus series) that Google devices sold through carriers such as Verizon are not bootloader unlockable. This is why if you want a completely unlocked device, you must buy directly from Google.

As far as carrier unlock...that depends on the carrier. If you bought your device from Google, it's already carrier unlocked. But if you bought it through a carrier, they may or may not unlock it depending on their own policies. I don't know what Verizon's is, but most US carriers will allow carrier unlock as long as 1) there is no lien on the device (it's paid off) and 2) your account is not under contractual obligations.

It may seem weird to you, but they're protecting their investments. You can't reasonably expect a carrier to provide you a device at a discount with no restrictions. Either buy used from Swappa, or new full price from Google, and use the carrier only as a carrier. If you buy a phone through them, don't expect the same freedom.
I do find it weird. I don't believe they're protecting their investments in the long run. But. OK, I see your argument.

I'm just one of those guys that's ONE way about things vs. TWO ways about things. Let me explain...

... For me, perhaps others, "two ways about things" is when you have a Terms of Service or Terms of Use as being:
1.) Their way for the "user" or consumer of their product/service.​
2.) Not being their way for their "use" or consumption of YOUR money.​
a.) In other words THEY can do whatever the @#$% THEY want with YOUR money. YOU cannot do whatever the #@$% you want with THEIR product.*​

... ONE way about things IS contrary 2a.*
1.) 50/50​
a.) Why is there not a "Terms of Use" even available for the use of MY money? I want to tell them where they can spend the money and on what they can spend it on. Only fair.​
In conclusion... I STILL find some of THESE policies WEIRD and in ERROR but NOT ALL policies are --I understand. But just because we (as a democracy) write a policy, it does not make that policy good. The "USER" has unalienable rights! And a lot of policies, floating around the murky waters of legalities, have lost this foresight.

(In my opinion.)
-BRx
 

V0latyle

Forum Moderator
Staff member
I do find it weird. I don't believe they're protecting their investments in the long run. But. OK, I see your argument.

I'm just one of those guys that's ONE way about things vs. TWO ways about things. Let me explain...

... For me, perhaps others, "two ways about things" is when you have a Terms of Service or Terms of Use as being:
1.) Their way for the "user" or consumer of their product/service.​
2.) Not being their way for their "use" or consumption of YOUR money.​
a.) In other words THEY can do whatever the @#$% THEY want with YOUR money. YOU cannot do whatever the #@$% you want with THEIR product.*​

... ONE way about things IS contrary 2a.*
1.) 50/50​
a.) Why is there not a "Terms of Use" even available for the use of MY money? I want to tell them where they can spend the money and on what they can spend it on. Only fair.​
In conclusion... I STILL find some of THESE policies WEIRD and in ERROR but NOT ALL policies are --I understand. But just because we (as a democracy) write a policy, it does not make that policy good. The "USER" has unalienable rights! And a lot of policies, floating around the murky waters of legalities, have lost this foresight.

(In my opinion.)
-BRx
If you're talking about the United States...we are a republic, not a democracy. Not everything is subject to majority vote, and I think recent events show how that's a good thing.

While I agree with most of the sentiments - terms of use of a product or service of which ownership is retained by the provider should not include terms of use of a product or service purchased, we both know that's not the case - planned obsolescence, right to repair, etc...The fact remains that this is the way things are, and no amount of ranting is going to change it. I understand it can be frustrating, but this is why one must do his research. I bought a VW GTI because the prospect of a significant power increase with no other mods beyond a software tune appealed to me, but I did so with the understanding that VW could, and would, and did, refuse warranty coverage even on parts not materially affected by any software or hardware modifications. I've replaced 2 engine speed sensors and 3 water pumps out of my own pocket; these are items that are not subject to any additional stress or wear with the engine putting out more power, so per the Magnussen-Moss Warranty Act, VW should have covered them. But, I also understand that such things are an uphill battle, so I simply accepted the cost. In the same way, I recognized that the only way I'd be able to use a Pixel device to its full potential would be buy an unlocked device, so I paid full MSRP for my Pixels direct from Google.

I don't know why Verizon variants of Pixels are not bootloader unlockable. I don't know the legality of the situation. But I know it's not something I'm likely to change, regardless of how I feel about it, so instead of complaining, I have simply paid for the alternative.
 
  • Like
Reactions: BadRx

BadRx

Senior Member
Dec 15, 2014
52
8
46
Azusa, CA
Google Pixel 3a XL
Moto G 5G
If you're talking about the United States...we are a republic, not a democracy. Not everything is subject to majority vote, and I think recent events show how that's a good thing.

We are a republic? Regarding the Public or is that just luminism?
But whether Republican or Democratic, whether Libertarian or Conservative, whether layman or .... not --all follow The Constitution. There's the pursuit of happiness and then there's the superlative Pursuit of Happiness.

While I agree with most of the sentiments - terms of use of a product or service of which ownership is retained by the provider should not include terms of use of a product or service purchased, we both know that's not the case - planned obsolescence, right to repair, etc...The fact remains that this is the way things are, and no amount of ranting is going to change it. I understand it can be frustrating, but this is why one must do his research. I bought a VW GTI because the prospect of a significant power increase with no other mods beyond a software tune appealed to me, but I did so with the understanding that VW could, and would, and did, refuse warranty coverage even on parts not materially affected by any software or hardware modifications. I've replaced 2 engine speed sensors and 3 water pumps out of my own pocket; these are items that are not subject to any additional stress or wear with the engine putting out more power, so per the Magnussen-Moss Warranty Act, VW should have covered them. But, I also understand that such things are an uphill battle, so I simply accepted the cost. In the same way, I recognized that the only way I'd be able to use a Pixel device to its full potential would be buy an unlocked device, so I paid full MSRP for my Pixels direct from Google.

Hey, thanks. And agreed. We see together here, I want to say?

I don't know why Verizon variants of Pixels are not bootloader unlockable. I don't know the legality of the situation. But I know it's not something I'm likely to change, regardless of how I feel about it, so instead of complaining, I have simply paid for the alternative

It must be government. Just... one......mans......thoughts over here. Nah.

But hey "what goes into the wash...comes out in the dry". Sometimes good.....
 
  • Like
Reactions: V0latyle

Top Liked Posts

  • There are no posts matching your filters.
  • 1
    Well, with a bit of hard work and head-bashing into my desk, my phone is fully rooted and backed up. I want to extend my thanks again for this guide. I'll be sure to return when the next updates roles around.

    I am still trying to play around with Safety Net and my financial app. YASNAC says my Saftey Net passes, but my finance app won't open because it's still, somehow, detecting root, even after being placed under the Deny List.

    Regardless, that is a problem for another day. Today is a day of celebration because my phone is rooted and rocking. 🥳🥳

    Thank you again.
    1
    I do find it weird. I don't believe they're protecting their investments in the long run. But. OK, I see your argument.

    I'm just one of those guys that's ONE way about things vs. TWO ways about things. Let me explain...

    ... For me, perhaps others, "two ways about things" is when you have a Terms of Service or Terms of Use as being:
    1.) Their way for the "user" or consumer of their product/service.​
    2.) Not being their way for their "use" or consumption of YOUR money.​
    a.) In other words THEY can do whatever the @#$% THEY want with YOUR money. YOU cannot do whatever the #@$% you want with THEIR product.*​

    ... ONE way about things IS contrary 2a.*
    1.) 50/50​
    a.) Why is there not a "Terms of Use" even available for the use of MY money? I want to tell them where they can spend the money and on what they can spend it on. Only fair.​
    In conclusion... I STILL find some of THESE policies WEIRD and in ERROR but NOT ALL policies are --I understand. But just because we (as a democracy) write a policy, it does not make that policy good. The "USER" has unalienable rights! And a lot of policies, floating around the murky waters of legalities, have lost this foresight.

    (In my opinion.)
    -BRx
    If you're talking about the United States...we are a republic, not a democracy. Not everything is subject to majority vote, and I think recent events show how that's a good thing.

    While I agree with most of the sentiments - terms of use of a product or service of which ownership is retained by the provider should not include terms of use of a product or service purchased, we both know that's not the case - planned obsolescence, right to repair, etc...The fact remains that this is the way things are, and no amount of ranting is going to change it. I understand it can be frustrating, but this is why one must do his research. I bought a VW GTI because the prospect of a significant power increase with no other mods beyond a software tune appealed to me, but I did so with the understanding that VW could, and would, and did, refuse warranty coverage even on parts not materially affected by any software or hardware modifications. I've replaced 2 engine speed sensors and 3 water pumps out of my own pocket; these are items that are not subject to any additional stress or wear with the engine putting out more power, so per the Magnussen-Moss Warranty Act, VW should have covered them. But, I also understand that such things are an uphill battle, so I simply accepted the cost. In the same way, I recognized that the only way I'd be able to use a Pixel device to its full potential would be buy an unlocked device, so I paid full MSRP for my Pixels direct from Google.

    I don't know why Verizon variants of Pixels are not bootloader unlockable. I don't know the legality of the situation. But I know it's not something I'm likely to change, regardless of how I feel about it, so instead of complaining, I have simply paid for the alternative.
    1
    If you're talking about the United States...we are a republic, not a democracy. Not everything is subject to majority vote, and I think recent events show how that's a good thing.

    We are a republic? Regarding the Public or is that just luminism?
    But whether Republican or Democratic, whether Libertarian or Conservative, whether layman or .... not --all follow The Constitution. There's the pursuit of happiness and then there's the superlative Pursuit of Happiness.

    While I agree with most of the sentiments - terms of use of a product or service of which ownership is retained by the provider should not include terms of use of a product or service purchased, we both know that's not the case - planned obsolescence, right to repair, etc...The fact remains that this is the way things are, and no amount of ranting is going to change it. I understand it can be frustrating, but this is why one must do his research. I bought a VW GTI because the prospect of a significant power increase with no other mods beyond a software tune appealed to me, but I did so with the understanding that VW could, and would, and did, refuse warranty coverage even on parts not materially affected by any software or hardware modifications. I've replaced 2 engine speed sensors and 3 water pumps out of my own pocket; these are items that are not subject to any additional stress or wear with the engine putting out more power, so per the Magnussen-Moss Warranty Act, VW should have covered them. But, I also understand that such things are an uphill battle, so I simply accepted the cost. In the same way, I recognized that the only way I'd be able to use a Pixel device to its full potential would be buy an unlocked device, so I paid full MSRP for my Pixels direct from Google.

    Hey, thanks. And agreed. We see together here, I want to say?

    I don't know why Verizon variants of Pixels are not bootloader unlockable. I don't know the legality of the situation. But I know it's not something I'm likely to change, regardless of how I feel about it, so instead of complaining, I have simply paid for the alternative

    It must be government. Just... one......mans......thoughts over here. Nah.

    But hey "what goes into the wash...comes out in the dry". Sometimes good.....
  • 2
    If you are looking for my guide on a different Pixel, find it here:
    WARNING: YOU AND YOU ALONE ARE RESPONSIBLE FOR ANYTHING THAT HAPPENS TO YOUR DEVICE. THIS GUIDE IS WRITTEN WITH THE EXPRESS ASSUMPTION THAT YOU ARE FAMILIAR WITH ADB, MAGISK, ANDROID, AND ROOT. IT IS YOUR RESPONSIBILITY TO ENSURE YOU KNOW WHAT YOU ARE DOING.

    Prerequisites:


    Android Source - Setting up a device for development


    1. Follow these instructions to enable Developer Options and USB Debugging.
    2. Enable OEM Unlocking. If this option is grayed out, unlocking the bootloader is not possible.
    3. Connect your device to your PC, and open a command window in your Platform Tools folder.
    4. Ensure ADB sees your device:
      Code:
      adb devices
      If you don't see a device, make sure USB Debugging is enabled, reconnect the USB cable, or try a different USB cable.
      If you see "unauthorized", you need to authorize the connection on your device.
      If you see the device without "unauthorized", you're good to go.
    5. Reboot to bootloader:
      Code:
      adb reboot bootloader
    6. Unlock bootloader: THIS WILL WIPE YOUR DEVICE!
      Code:
      fastboot flashing unlock
      Select Continue on the device screen.

    1. Install Magisk on your device.
    2. Download the factory zip for your build.
    3. Inside the factory zip is the update zip: "device-image-buildnumber.zip". Open this, and extract boot.img
    4. Copy boot.img to your device.
    5. Patch boot.img with Magisk: "Install" > "Select and Patch a File"
    6. Copy the patched image back to your PC. It will be named "magisk_patched-23xxx_xxxxx.img". Rename this to "master root.img" and retain it for future updates.
    7. Reboot your device to bootloader.
    8. Flash the patched image:
      Code:
      fastboot flash boot <drag and drop master root.img here>
    9. Reboot to Android. Open Magisk to confirm root - under Magisk at the top, you should see "Installed: <Magisk build number>

    1. Before you download the OTA, open Magisk, tap Uninstall, then Restore Images. If you have any Magisk modules that modify system, uninstall them now.
    2. Take the OTA update when prompted. To check for updates manually, go to Settings > System > System Update > Check for Update
    3. Allow the update to download and install. DO NOT REBOOT WHEN PROMPTED. Open Magisk, tap Install at the top, then Install to inactive slot. Magisk will then reboot your device.
    4. You should now be updated with root.

    1. Download the OTA.
    2. Reboot to recovery and sideload the OTA:
      Code:
      adb reboot sideload
      Once in recovery:
      Code:
      adb sideload ota.zip
    3. When the OTA completes, you will be in recovery mode. Select "Reboot to system now".
    4. Allow system to boot and wait for the update to complete. You must let the system do this before proceeding.
    5. Reboot to bootloader.
    6. Boot the master root image (See note 1):
      Code:
      fastboot boot <drag and drop master root.img here>
      Note: If you prefer, you can download the factory zip and manually patch the new boot image, then flash it after the update. Do not flash an older boot image after updating.
    7. Your device should boot with root. Open Magisk, tap Install, and select Direct Install.
    8. Reboot your device. You should now be updated with root.
    Note: You can use Payload Dumper to extract the contents of the OTA if you want to manually patch the new boot image. However, I will not cover that in this guide.

    Please note that the factory update process expects an updated bootloader and radio. If these are not up to date, the update will fail.
    1. Download the factory zip and extract the contents.
    2. Reboot to bootloader.
    3. Compare bootloader versions between phone screen and bootloader.img build number
      Code:
      fastboot flash bootloader <drag and drop new bootloader.img here>
      If bootloader is updated, reboot to bootloader.
    4. Compare baseband versions between phone screen and radio.img build number
      Code:
      fastboot flash radio <drag and drop radio.img here>
      If radio is updated, reboot to bootloader.
    5. Apply update:
      Code:
      fastboot update --skip-reboot image-codename-buildnumber.zip
      When the update completes, the device will be in fastbootd. Reboot to bootloader.
    6. Boot the master root image (See note 1):
      Code:
      fastboot boot <drag and drop master root.img here>
      Note: If you prefer, you can manually patch the new boot image, then flash it after the update. Do not flash an older boot image after updating.
    7. Your device should boot with root. Open Magisk, tap Install, and select Direct Install.
    8. Reboot your device. You should now be updated with root.
    Note: If you prefer, you can update using the flash-all script included in the factory zip. You will have to copy the script, bootloader image, radio image, and update zip into the Platform Tools folder; you will then have to edit the script to remove the -w option so it doesn't wipe your device.
    The scripted commands should look like this:
    Code:
    fastboot flash bootloader <bootloader image name>
    fastboot reboot bootloader
    ping -n 5 127.0.0.1 > nul
    fastboot flash radio <radio image name>
    fastboot reboot bootloader
    ping -n 5 127.0.0.1 > nul
    fastboot update  --skip-reboot --slot=all <image-device-buildnumber.zip>
    Once this completes, you can reboot to bootloader and either boot your master patched image, or if you patched the new image, flash it at this time.

    1. Follow the instructions on the Android Flash Tool to update your device. Make sure Lock Bootloader and Wipe Device are UNCHECKED.
    2. When the update completes, the device will be in fastbootd. Reboot to bootloader.
    3. Boot the master root image (See note 1):
      Code:
      fastboot boot <drag and drop master root.img here>
      Note: If you prefer, you can download the factory zip and manually patch the new boot image, then flash it after the update. Do not flash an older boot image after updating.
    4. Your device should boot with root. Open Magisk, tap Install, and select Direct Install.
    5. Reboot your device. You should now be updated with root.

    This is my configuration that is passing Safety Net. I will not provide instructions on how to accomplish this. Attempt at your own risk.

    Zygisk + DenyList enabled
    All subcomponents of these apps hidden under DenyList:
    • Google Play Store
    • GPay
    • Any banking/financial apps
    • Any DRM media apps
    Modules:
    To check SafetyNet status:
    I do not provide support for Magisk or modules. If you need help with Magisk, here is the Magisk General Support thread. For support specifically with Magisk v24+, see this thread.

    Points of note:
    • The boot image is NOT the bootloader image. Do not confuse the two - YOU are expected to know the difference. Flashing the wrong image to bootloader could brick your device.
    • While the Magisk app is used for patching the boot image, the app and the patch are separate. This is what you should see in Magisk for functioning root:
      screenshot_20211218-194517-png.5486339
    • "Installed" shows the version of patch in the boot image. If this says N/A, you do not have root access - the boot image is not patched, or you have a problem with Magisk.
    • "App" simply shows the version of the app itself.
    • If you do not have a patched master boot image, you will need to download the factory zip if you haven't already, extract the system update inside it, then patch boot.img.
    • If you prefer updating with the factory image, you can also extract and manually patch the boot image if desired.
    • Some Magisk modules, especially those that modify read only partitions like /system, may cause a boot loop after updating. As a general rule, disable these modules before updating. You are responsible for knowing what you have installed, and what modules to disable.


    Credits:
    Thanks to @ipdev , @kdrag0n , @Didgeridoohan , and last but not least, @topjohnwu for all their hard work!
    1
    Hi, thank you for the guide. I am very new here and I have some questions that I hope you can answer before I proceed.

    First of all, I assume I should back up my device on an external medium if I screw the pooch. With that in mind, do you have any suggestions/ links on guides that can help me with that? If not, I'm sure I can do some good digging to find something suitable.
    Without root, there is no way to do a full backup including app data. The best you can do is sync your Pixel with your Google account.
    Second, I'm not exactly sure what "Bonito" is and from what I have seen from googling, it seems to be connected to the LineageOS operating system. Is this different from the current, factory OS that my phone is running? Is there a way to root my device without changing the factory OS if that's the case? If not, that's okay, I don't mind switching to an open-source OS that seems to have a good reputation.
    "Bonito" is Google's internal name for the device and has little to do with the software. The Pixel 5 is "redfin", the 5a is "bramble", the Pixel 2 was "walleye".

    As far as rooting your device, yes - if you follow this guide, you will gain root on the stock OS. I am currently using my Pixel 5 with the OEM firmware, patched with Magisk.
    Third, is the guide supposed to be followed sequentially with the first step being, "Spoiler: Downloads" and the last step being, "Spoiler: Pass SafetyNet?" Or are the first 3 steps, "Spoiler: Downloads", "Spoiler: Unlock Bootloader" and, "Spoiler: Initial Root / Create Master Root Image" are essential steps and the subsequent steps afterwards are based on personal needs? Ideally, using Android Flash Tool seems painless and foolproof which is perfect for me. Afterwards, I will attempt to copy the Spoiler: Pass SafetyNet" step.
    This guide is not sequential; I provided different instructions for different scenarios. The downloads are simply the resources you will need. To attain root, simply follow the instructions under "Initial Root". When the June update is released, you can update using your method of choice, and follow the relevant instructions to regain root.
    Fourth, what is your take on using Android Flash Tool vs TOOL ALL IN ONE for flashing? TOOL ALL IN ONE seems even more painless and fool-proof and apart from backing up, seems easier. But I would love your take on this?
    I personally do not like using third party tools, and I simply use adb/fastboot. The Android Flash Tool is simply for flashing factory firmware and cannot flash custom images.
    Feel free to answer any or none of these questions. I know it's a lot but id rather ask questions to a staff member before proceeding?
    No worries. It sounds like you have a lot to learn but you're at the right place; XDA is full of knowledgeable people who can help you out.
    Thanks again for the guide!
    Thank you for your appreciation.
    1
    Well, with a bit of hard work and head-bashing into my desk, my phone is fully rooted and backed up. I want to extend my thanks again for this guide. I'll be sure to return when the next updates roles around.

    I am still trying to play around with Safety Net and my financial app. YASNAC says my Saftey Net passes, but my finance app won't open because it's still, somehow, detecting root, even after being placed under the Deny List.

    Regardless, that is a problem for another day. Today is a day of celebration because my phone is rooted and rocking. 🥳🥳

    Thank you again.
    1
    I do find it weird. I don't believe they're protecting their investments in the long run. But. OK, I see your argument.

    I'm just one of those guys that's ONE way about things vs. TWO ways about things. Let me explain...

    ... For me, perhaps others, "two ways about things" is when you have a Terms of Service or Terms of Use as being:
    1.) Their way for the "user" or consumer of their product/service.​
    2.) Not being their way for their "use" or consumption of YOUR money.​
    a.) In other words THEY can do whatever the @#$% THEY want with YOUR money. YOU cannot do whatever the #@$% you want with THEIR product.*​

    ... ONE way about things IS contrary 2a.*
    1.) 50/50​
    a.) Why is there not a "Terms of Use" even available for the use of MY money? I want to tell them where they can spend the money and on what they can spend it on. Only fair.​
    In conclusion... I STILL find some of THESE policies WEIRD and in ERROR but NOT ALL policies are --I understand. But just because we (as a democracy) write a policy, it does not make that policy good. The "USER" has unalienable rights! And a lot of policies, floating around the murky waters of legalities, have lost this foresight.

    (In my opinion.)
    -BRx
    If you're talking about the United States...we are a republic, not a democracy. Not everything is subject to majority vote, and I think recent events show how that's a good thing.

    While I agree with most of the sentiments - terms of use of a product or service of which ownership is retained by the provider should not include terms of use of a product or service purchased, we both know that's not the case - planned obsolescence, right to repair, etc...The fact remains that this is the way things are, and no amount of ranting is going to change it. I understand it can be frustrating, but this is why one must do his research. I bought a VW GTI because the prospect of a significant power increase with no other mods beyond a software tune appealed to me, but I did so with the understanding that VW could, and would, and did, refuse warranty coverage even on parts not materially affected by any software or hardware modifications. I've replaced 2 engine speed sensors and 3 water pumps out of my own pocket; these are items that are not subject to any additional stress or wear with the engine putting out more power, so per the Magnussen-Moss Warranty Act, VW should have covered them. But, I also understand that such things are an uphill battle, so I simply accepted the cost. In the same way, I recognized that the only way I'd be able to use a Pixel device to its full potential would be buy an unlocked device, so I paid full MSRP for my Pixels direct from Google.

    I don't know why Verizon variants of Pixels are not bootloader unlockable. I don't know the legality of the situation. But I know it's not something I'm likely to change, regardless of how I feel about it, so instead of complaining, I have simply paid for the alternative.
    1
    If you're talking about the United States...we are a republic, not a democracy. Not everything is subject to majority vote, and I think recent events show how that's a good thing.

    We are a republic? Regarding the Public or is that just luminism?
    But whether Republican or Democratic, whether Libertarian or Conservative, whether layman or .... not --all follow The Constitution. There's the pursuit of happiness and then there's the superlative Pursuit of Happiness.

    While I agree with most of the sentiments - terms of use of a product or service of which ownership is retained by the provider should not include terms of use of a product or service purchased, we both know that's not the case - planned obsolescence, right to repair, etc...The fact remains that this is the way things are, and no amount of ranting is going to change it. I understand it can be frustrating, but this is why one must do his research. I bought a VW GTI because the prospect of a significant power increase with no other mods beyond a software tune appealed to me, but I did so with the understanding that VW could, and would, and did, refuse warranty coverage even on parts not materially affected by any software or hardware modifications. I've replaced 2 engine speed sensors and 3 water pumps out of my own pocket; these are items that are not subject to any additional stress or wear with the engine putting out more power, so per the Magnussen-Moss Warranty Act, VW should have covered them. But, I also understand that such things are an uphill battle, so I simply accepted the cost. In the same way, I recognized that the only way I'd be able to use a Pixel device to its full potential would be buy an unlocked device, so I paid full MSRP for my Pixels direct from Google.

    Hey, thanks. And agreed. We see together here, I want to say?

    I don't know why Verizon variants of Pixels are not bootloader unlockable. I don't know the legality of the situation. But I know it's not something I'm likely to change, regardless of how I feel about it, so instead of complaining, I have simply paid for the alternative

    It must be government. Just... one......mans......thoughts over here. Nah.

    But hey "what goes into the wash...comes out in the dry". Sometimes good.....