How To Guide March 13, 2023 TQ2A.230305.008.C1 Global | .A3 WINDTRE/Canada - Unlock bootloader / Root Pixel 7 Pro [Cheetah] / SafetyNet

Search This thread
By:
Advanced…
wr3cckl3ss1

wr3cckl3ss1

Senior Member
Mar 28, 2021
353
253
TEXAS
Samsung Galaxy Tab S7 FE
Samsung Galaxy Watch 4
simplepinoi177 said:
@wr3cckl3ss1 is working very hard on it...
I'm unsure how far he's gotten, although I have high major doubts it will ever be achievable...
but he acknowledges how seemingly impossible it is and is still willing to keep going at it...
you can see a bit of how he's progressing HERE and HERE
Click to expand...
Click to collapse
Sorry I've been kind of quiet around here but I'm still at it....trying various things and also working with a few guys. But....i have reached a little bit of progress but on a different scale. As you know...magisk patches init_boot.....and you can only flash with an unlocked bootloader.....but there's one option that doesn't require it.....OTA (sideload OTA)....so far...I've been able to unpack alot of the firmware and even have a patched init_boot inside the payload folder.....if I can find a way to correctly repack that payload folder into payload.bin....then altogether repack and get an update.zip....then I can try to see if it would work....sounds kind of far fetched but I'm trying to stay positive. I feel close in a way but still far....I'll keep pushing until a solution is solved by me or someone else. It's only a matter of time before this cracks or DirtyCred Android PoC comes out and hopefully covers this kernel...and here we go....at least root....then the real fun can start trying to reverse the packages and crack the two java packages that are responsible for maintaining that OEM toggle off. Another thing.....i know talking about certain apps....are against the rules but LuckyPatcher. Does anyone here have an idea of who makes it or develops it. Reason Im asking is because LP patches Play Services...well on VZW Pixel 7 Pro...the only package that has OEM perms to manage or set OEM is "com.google.android.gms"....that's another road i would like to drive down and see how maybe patching Play services and/or modifying Play services to a vulnerable state where a shell user can ultimately use "run-as" or maybe change context to one of play services.....just a few things I'm working on right now. As well as this S22 Ultra US Version. Big things coming soon. No root yet but at least I can say...I can modify things inside /data/system....like make an app a system-trusted app and it persist. Stay tuned folks. I'm still working.... 😁😁😁
 
  • Like
Reactions: mightyvenom, sensation4gking, bryan1854 and 2 others
J

jmac052002

Senior Member
Feb 16, 2014
169
58
41
South Fulton
so does anyone know if theres any possibilty at all to unlock the bootloader on my pixel 7 pro bootloader on my t-mobile variant that im about to be receiving from UPS in about a day or so from now even though i wont have it completely paid off when i receive the device? Actually nevermind I spoke with T mobile and all they did was ask me to pay 48 bucks which is two more payments on the device and there going to unlock me in 48 to 72 hours!
 
Last edited:
J

jmac052002

Senior Member
Feb 16, 2014
169
58
41
South Fulton
sensation4gking said:
My HTC 10 and Galaxy S10 both got Verizon unlocked. It took around a year+ but it did get bootloader unlocked. Might be very hard but I wouldn't say never.
Click to expand...
Click to collapse
yeah i have the snapdragon s21 ultra verizon and afaneh who is awesome can unlock it and so i thought i wouldve been screwed but they get unlock tokens through samsung and they can unlock verizons and many other carriers...sorry just thought id throw that in there. there is hope more than we realize sometimes even with the asshole policies at verizon.
 
Sib64

Sib64

Forum Moderator
Staff member
May 27, 2010
4,122
5,410
Somewhere between Sea Air Land, don't search me!
Nexus 7 (2013)
Samsung Galaxy Tab S2
Hondroid said:
I'm currently rooted/magidkd on the original firmware that came on my 7 Pro. What's the best method to update to the recent firmware update?
Click to expand...
Click to collapse
Follow this process that I have used to update my P7 Pro : it's from this post writing by @roirraW "edor" ehT
    • need a new version of Magisk Stable, Beta, or Canary from GitHub to work correctly. XDA forum for Magisk is here.
      • Launch the Magisk app.
      • Beside "Magisk", click "Install".
      • Click "Select and Patch a File", and choose the init_boot.img that you just copied to the phone's storage.
  2. Copy the Magisk'd init_boot.img (filename similar to magisk_patched-25200_1a2B3c.img)back over to the computer.
  3. Open a Command Prompt and navigate to the platform-tools folder.
  4. Run command:
    Code:
    adb reboot bootloader
  5. After phone has rebooted into Bootloader (Fastboot) mode, run command:
    Code:
    fastboot flash init_boot magisk_patched-25200_1a2B3c.img
    fastboot reboot
  6. Confirm that the phone boots completely normally.
  7. Cautiously re-enable Magisk Modules.
  8. Reboot.
  9. Confirm everything worked fine.
 
Last edited:
  • Like
Reactions: roirraW "edor" ehT and Loustsoul
N

Neuken6969

Senior Member
Sep 25, 2018
146
20
Question to all, I use a custom kernel. It has ad blocking baked in. I don't need that or want that ( yes should have read the kernel description better ) to get back to stick kernel I can just reflash my magisk patched init_boot?
 
  • Like
Reactions: Loustsoul
W

w9909989

Member
Nov 6, 2015
38
9
OnePlus 7 Pro
Samsung Galaxy Tab S7 / S7 Plus
IF SOMEONE HAVE ROOT PROBLEM WITH (init_boot) not found)
LOOK AT THIS.
fastboot flash init_boot_X XXXX.IMG (X mean ur active solt)
ITS WORK FOR ME
again falsh to solt A or slot B。
1669617244635.png
 
  • Like
Reactions: Loustsoul
roirraW "edor" ehT

roirraW "edor" ehT

Forum Moderator
Staff member
May 8, 2010
14,499
17,406
Tralfamadore
Sprint Samsung Galaxy S III
Samsung Epic 4G Touch
  • Like
Reactions: Loustsoul
Loustsoul

Loustsoul

Senior Member
Feb 28, 2011
259
78
mesa
T-Mobile Samsung Galaxy Note 3
LG V20
xdrc45 said:
The most current is the November .001 it's a global OTA. Which is what you should use on T-Mobile network. The other two OTA's for November are network specific for Verizon and Telia.
Click to expand...
Click to collapse
TMobile said they sim unlocked me but the phone won't show it until I try another providers sim. Is that a fact and is there a way around that? I don't have another provider sim.
 
xdrc45

xdrc45

Senior Member
May 16, 2012
844
383
Great White , Michigan
Google Pixel 7 Pro
Loustsoul said:
TMobile said they sim unlocked me but the phone won't show it until I try another providers sim. Is that a fact and is there a way around that? I don't have another provider sim.
Click to expand...
Click to collapse
It's not guaranteed to work from my understanding. I'm pretty sure you need another providers SIM in it and then factory reset the phone and cross your fingers. You could try borrowing a friend's or get one from a local retail store. I purchased my P7P straight from Google so I didn't have to do the SIM stuff. Take a look at this discussion here
 
  • Like
Reactions: Loustsoul
You must log in or register to reply here.

Similar threads

Freak07
Development [Kernel][23.03.2023][Android 13.0.0 Stable]Kirisakura_Raviantah 1.0.1 for Pixel 7/Pro aka "Pantah"
Replies
1K
Views
108K
H
HeTReI
roirraW "edor" ehT
General March 29, 2023 QPR3 Beta 2 T3B2.230316.003 - Pixel 7 Pro [Cheetah] - [thread also for future Android QPR Betas]
Replies
436
Views
50K
D
dd805bb
H
How To Guide [Guide] Root Pixel 7 Pro with Magisk + Unlock Bootloader + Pass SafetyNet + More
Replies
329
Views
36K
H
Homeboy76
N
Development [ROM][UNOFFICIAL][cheetah/panther] LineageOS 20.0 for the Pixel 7 Pro/7
Replies
295
Views
39K
G
gap30
badabing2003
Themes / Apps / Mods 📳🔥PixelFlasher for Google Pixel 7 Pro Support Thread.
Replies
641
Views
41K
badabing2003
badabing2003

Top Liked Posts

24 Hours 30 Days All time
  • 1
    roirraW "edor" ehT
    roirraW "edor" ehT
    simplepinoi177 said:
    Looks like a different (i.e. weird) attempt at competing with the iPhone dynamic island...?

    Do you know what might've been recently updated? I imagine maybe Pixel Launcher...
    Click to expand...
    Click to collapse
    Not that one, that's @Jawomo's [APP] dynamicSpot - iPhone 14 Pro Dynamic Island for android!. Sorry for not clarifying further. I mean in the middle of the screen, and Google Voice is just an example - all notifications were coming up minimized at first on my lock screen.

    Then after a few seconds, they would maximize. In the last hour or two, the minimized lock screen notifications would no longer expand on their own, and not expand when I tried to manually expand them either, so I just checked, and my phone was set to hide sensitive content on my lock screen.

    I can't swear which way I had it set most recently because there has been a time when I had sensitive content hidden, but I know my notifications had always used to come up as expanded on the lock screen - unless there were multiple notifications from the same app, that is.

    Yesterday, I was fooling with BlueStacks Android emulator on my Windows PC, and I didn't set a lock screen or even fool with the lock screen settings, but I wonder if it synced some setting from there, but slowly in some strange way.

    Either that or the whole thing is just some weird Google goings-on behind the scenes. So now I have it set to show sensitive content again, so the trouble should be over. Weird.

    Edit: I don't use Pixel Launcher, I use Nova. I recently installed one 2FA app and a restaurant app, but I think that's all.
    View
  • 9
    Namelesswonder
    Namelesswonder
    boontje3 said:
    whats different between these 2 TQ1A TQ2A?
    13.0.0 (TQ1A.230205.002,
    13.0.0 (TQ2A.230305.008
    Click to expand...
    Click to collapse
    https://source.android.com/docs/setup/about/build-numbers#build-ids-defined

    First character is the version code of the release of Android, in this case Tiramisu (T) which is Android 13.

    The second character is the branch of device platform that the build is from.
    • D: Device specific branch, what the device launches with until the next branch merge.
    • P: Primary branch, designates release branch for a successive version of Android for the device.
    • Q: Quarterly platform release, the feature drops that happen every quarter.
    The third and fourth characters further define the subbranch. It's only well defined for QPRs, with the number defining which QPR the build is from. The number was "2" for the case of Android 12L.

    The date roughly corresponds to when it was branched, but is mainly used to distinguish what the security patch level for release builds. Developers builds are closer to the true time it was branched.

    The next three digits relate to versions based on that dated branch, and differ when a telecom needs a larger change, for example in the radio firmware or other larger change.

    The last two characters are hotfixes, which usually include small changes for telecoms that need something like their APN changed after the date branch.

    In this case TQ1A.230205.002 is Android 13 QPR1 that includes security patch 2023-02-05, and TQ2A.230305.008 is Android 13 QPR2 that includes security patch 2023-03-05.
    View
    7
    swieder711
    swieder711
    Did my usual prep for the March update and everything went fine.
    1. Unhid Magisk
    2. Patched init_boot
    3. Edited Flash-all.bat by removing -w and adding -disable-verity and -disable-verification.
    4. Ran edited Flash-all
    5. Flashed modified init_boot
    6. Restored AOSPmod
    7. Hid Magisk
    =profit

    Just waiting for an updated kernel from Kiri
    View
    7
    Displax
    Displax
    roirraW edor ehT said:
    Note that more than three users have said that 34.0.1 did not work correctly for them. I recommend sticking with 33.0.3
    Click to expand...
    Click to collapse
    So, here is the commit with fix. Waiting to merge.
    View
    5
    V0latyle
    V0latyle
    Lughnasadh said:
    Google concerning Platform Tools bug:

    "Thanks, we've identified the root cause of this issue and are working on a fix."

    Edit: Ninja'd 😅

    Google Issue Tracker

    issuetracker.google.com issuetracker.google.com
    Click to expand...
    Click to collapse
    There's a bug in their bug report...

    "imporper"
    View
    5
    W
    WoKoschekk
    powershift said:
    That isn't the build I'm running. What you posted is an unreleased beta version. My phone has the stable version running on it TQ2A.230305.008. I'm confused. If I try using the boot.img with magisk and then doing a test boot with the patched image, the phone doesn't boot and gets stuck at the bootloader screen.
    Click to expand...
    Click to collapse
    Have a look at your bootloader.img + radio.img. The device's name of a Pixel 7 Pro is "cheeta" and "bramble" (like yours) is the Pixel 4a 5G.
    View
  • 59
    roirraW "edor" ehT
    roirraW "edor" ehT
    Pixel 7 Pro [Cheetah]

    Note that more than three users have said that 34.0.1 did not work correctly for them. I recommend sticking with 33.0.3 (just below these quotes)
    Someone reported it to Google (added a comment about 34.0.1 to the existing 34.0.0 report).
    b0uNz said:
    tried to flash the latest build of AncientOS with it, did not work. Back to r33.0.3 and it worked fine
    Click to expand...
    Click to collapse
    Aphex13 said:
    platform-tools_r34.0.1-windows is not functioning properly. Back to 33.0.3 we go...
    Click to expand...
    Click to collapse
    budmannxx said:
    Add me to the list of users that had a problem with platform-tools 34.0.1. I got into a bootloop after running flash-all.bat. Downgraded to 33.0.3, reran the new (old) flash-all.bat, and was all good.

    Using 34.0.1, the phone never even got to the fastbootd part of the process
    Click to expand...
    Click to collapse

    The download links for 33.0.3:
    Namelesswonder said:
    Anyone that updated their platform tools and needs to downgrade can use these links.

    Windows

    Mac

    Linux
    Click to expand...
    Click to collapse

    March 13, 2023
    Download links working now, and thanks to @Ghisy for making me aware the links were up:

    Factory Images for Nexus and Pixel Devices | Google Play services | Google Developers

    developers.google.com developers.google.com
    13.0.0 (TQ2A.230305.008.A3, Mar 2023, WINDTRE/Canada)FlashLinkda1d99156fa03162ee8216277a8ff06b626f16efbc7e8b5d12096c5a10ede1ef
    13.0.0 (TQ2A.230305.008.C1, Mar 2023)FlashLinkcefc4e564cb920af510a44a9cdb982ba4e8af879f6796490e03128f12f92189e

    https://support.google.com/profile/79501506
    Kush M.
    Community Manager•Original Poster
    40 min. ago
    Google Pixel Update - March 2023
    Announcement
    Google Pixel Update - March 2023

    Hello Pixel Community,

    We have provided the monthly software update for March 2023. All supported Pixel devices running Android 13 will receive these software updates starting today. The rollout will continue over the next few weeks in phases depending on carrier and device. Users will receive a notification once the OTA becomes available for their device. We encourage you to check your Android version and update to receive the latest software.

    Details of this month’s security fixes can be found on the Android Security Bulletin: https://source.android.com/security/bulletin

    Thanks,
    Google Pixel Support Team


    Software versions

    Global
    • Pixel 4a: TQ2A.230305.008.C1
    • Pixel 4a (5G): TQ2A.230305.008.C1
    • Pixel 5: TQ2A.230305.008.C1
    • Pixel 5a (5G): TQ2A.230305.008.C1
    • Pixel 7: TQ2A.230305.008
    • Pixel 7 Pro: TQ2A.230305.008.C1

    T-Mobile & MVNOs, Google Fi (US)
    • Pixel 4a (5G): TQ2A.230305.008.A3
    • Pixel 5: TQ2A.230305.008.A3
    • Pixel 5a (5G): TQ2A.230305.008.A3

    Canada
    • Pixel 7: TQ2A.230305.008.A1
    • Pixel 7 Pro: TQ2A.230305.008.A3

    WINDTRE (Italy)
    • Pixel 7: TQ2A.230305.008.A1
    • Pixel 7 Pro: TQ2A.230305.008.A3
    What’s included

    In addition to new features, the March 2023 software update for Pixel devices includes several fixes and improvements across several areas, including device stability, connectivity, performance and more – see below for some notable improvements.

    Apps
    • Fix for issue causing Live Translate feature to prompt for translation too frequently in certain apps *[1]
    • Fix for issue occasionally keeping display on while certain app activities are active
    • Fix for issue occasionally preventing screenshots from being captured in certain apps
    • Fix for issue occasionally preventing Wallpaper & style settings to open

    Battery & Charging
    • Fix for issue occasionally causing app-specific battery restriction settings to be reset after a software update
    • Fix for issue occasionally preventing Battery Share from charging certain devices or accessories *[2]
    • General improvements for charging, battery usage or performance in certain conditions *[1]
    • General improvements for wireless charging stability or performance in certain conditions *[2]

    Biometrics
    • Additional improvements for fingerprint recognition and response in certain conditions *[1]

    Bluetooth
    • Fix for issue occasionally preventing Android Auto to connect wirelessly with certain vehicle head units
    • Improvements for connection stability with certain Bluetooth LE headsets or accessories

    Camera
    • General improvements for camera stability and performance in certain conditions *[1]
    • Improvements for color accuracy or exposure level while using the front camera in certain conditions *[3]

    Display & Graphics
    • Fix for issue occasionally causing display flicker or artifacts in certain apps or conditions *[1]
    • Fix for issue occasionally causing instability or playback errors with certain media apps or content *[1]
    • Fix for issue occasionally causing video preview to flicker in certain apps *[1]

    Framework
    • Fix for issue occasionally preventing keyboard from displaying in certain apps or conditions

    Sensors
    • Additional tuning for haptics intensity and response in certain conditions *[4]
    • General improvements for adaptive brightness response in certain conditions

    System
    • Fix for issue preventing device bootloader from being unlocked in certain conditions *[4]
    • Fix for issue preventing device from booting to Android in certain conditions *[4]
    • General improvements for system stability and performance in certain conditions
    • Kernel updates to 4.14.295 *[5], 4.19.261 *[6], 5.10.149 *[1]

    Telephony
    • General improvements for network connection stability and performance in certain conditions

    Touch
    • General improvements for touch response and performance in certain conditions *[3]

    User Interface
    • Fix for issue causing certain on-device search results to launch apps in work profile
    • Fix for issue causing certain text entries in Battery Usage settings to overlap each other while scrolling
    • Fix for issue causing home screen UI to appear blurred in certain conditions
    • Fix for issue causing lag or delay with switching between apps while third-party launcher apps are in use
    • Fix for issue occasionally causing inner launcher icons to appear clipped after closing a folder
    • Fix for issue occasionally causing input text to overlap inside search bar
    • Fix for issue occasionally causing media player notification to appear cut off or trimmed
    • Fix for issue occasionally causing navigation UI to display over Assistant interface
    • Fix for issue occasionally causing notification drawer to appear empty or blank
    • Fix for issue occasionally causing Overview screen panels to display over home screen
    • Fix for issue occasionally causing Quick Settings tiles to be activated while menu is not pulled down
    • Fix for issue occasionally causing screen unlock to overlap with notifications, home screen or other UI elements
    • Fix for issue occasionally causing silent mode icon to appear hidden or missing from status bar
    • Fix for issue occasionally preventing app icon size to scale correctly when changing display size
    • Fix for issue occasionally preventing screenshot sharing or editing to work when tapping overlay buttons
    • Fix for issue preventing haptic feedback when interacting with notification drawer in certain conditions
    • General improvements for performance in certain UI transitions and animations
    • Improvements for home screen icon behavior when switching between different grid sizes
    • Improvements for status bar layout and response in certain device orientations

    Wi-Fi
    • General improvements for Wi-Fi network connection stability & performance in certain conditions
    • Improvements for connection stability with certain Wi-Fi 6E-capable routers or networks *[1]
    ---------------------------------------------------------------

    Device Applicability
    Fixes are available for all supported Pixel devices unless otherwise indicated below.

    *[1] Included on Pixel 6, Pixel 6 Pro, Pixel 6a, Pixel 7, Pixel 7 Pro
    *[2] Included on Pixel 6, Pixel 6 Pro, Pixel 7, Pixel 7 Pro
    *[3] Included on Pixel 7, Pixel 7 Pro
    *[4] Included on Pixel 6a
    *[5] Included on Pixel 4a
    *[6] Included on Pixel 4a (5G), Pixel 5, Pixel 5a (5G)



    Details
    Other
    Click to expand...
    Click to collapse

    Android Security Bulletin—March 2023 | Android Open Source Project

    source.android.com source.android.com
    (revised v1.1 March 8, 2023)

    Android Security Bulletin—March 2023​

    bookmark_border
    Published March 6, 2023 | Updated March 8, 2023
    The Android Security Bulletin contains details of security vulnerabilities affecting Android devices. Security patch levels of 2023-03-05 or later address all of these issues. To learn how to check a device's security patch level, see Check and update your Android version.
    Android partners are notified of all issues at least a month before publication. Source code patches for these issues have been released to the Android Open Source Project (AOSP) repository and linked from this bulletin. This bulletin also includes links to patches outside of AOSP.
    The most severe of these issues is a critical security vulnerability in the System component that could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation. The severity assessment is based on the effect that exploiting the vulnerability would possibly have on an affected device, assuming the platform and service mitigations are turned off for development purposes or if successfully bypassed.
    Refer to the Android and Google Play Protect mitigations section for details on the Android security platform protections and Google Play Protect, which improve the security of the Android platform.

    Android and Google service mitigations​

    This is a summary of the mitigations provided by the Android security platform and service protections such as Google Play Protect. These capabilities reduce the likelihood that security vulnerabilities could be successfully exploited on Android.
    • Exploitation for many issues on Android is made more difficult by enhancements in newer versions of the Android platform. We encourage all users to update to the latest version of Android where possible.
    • The Android security team actively monitors for abuse through Google Play Protect and warns users about Potentially Harmful Applications. Google Play Protect is enabled by default on devices with Google Mobile Services, and is especially important for users who install apps from outside of Google Play.

    2023-03-01 security patch level vulnerability details​

    In the sections below, we provide details for each of the security vulnerabilities that apply to the 2023-03-01 patch level. Vulnerabilities are grouped under the component they affect. Issues are described in the tables below and include CVE ID, associated references, type of vulnerability, severity, and updated AOSP versions (where applicable). When available, we link the public change that addressed the issue to the bug ID, like the AOSP change list. When multiple changes relate to a single bug, additional references are linked to numbers following the bug ID. Devices with Android 10 and later may receive security updates as well as Google Play system updates.

    Framework​

    The most severe vulnerability in this section could lead to local escalation of privilege after updating an app to a higher Target SDK with no additional execution privileges needed. User interaction is not needed for exploitation.
    CVEReferencesTypeSeverityUpdated AOSP versions
    CVE-2023-20906A-221040577EoPHigh11, 12, 12L, 13
    CVE-2023-20911A-242537498EoPHigh11, 12, 12L, 13
    CVE-2023-20917A-242605257 [2]EoPHigh11, 12, 12L, 13
    CVE-2023-20947A-237405974EoPHigh12, 12L, 13
    CVE-2023-20963A-220302519EoPHigh11, 12, 12L, 13
    CVE-2023-20956A-240140929IDHigh12, 12L, 13
    CVE-2023-20958A-254803162IDHigh13
    CVE-2023-20964A-238177121 [2]DoSHigh12, 12L, 13

    System​

    The most severe vulnerability in this section could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation.
    CVEReferencesTypeSeverityUpdated AOSP versions
    CVE-2023-20951A-258652631RCECritical11, 12, 12L, 13
    CVE-2023-20954A-261867748RCECritical11, 12, 12L, 13
    CVE-2023-20926A-253043058EoPHigh12, 12L, 13
    CVE-2023-20931A-242535997EoPHigh11, 12, 12L, 13
    CVE-2023-20936A-226927612EoPHigh11, 12, 12L, 13
    CVE-2023-20953A-251778420EoPHigh13
    CVE-2023-20955A-258653813EoPHigh11, 12, 12L, 13
    CVE-2023-20957A-258422561EoPHigh11, 12, 12L
    CVE-2023-20959A-249057848EoPHigh13
    CVE-2023-20960A-250589026 [2] [3]EoPHigh12L, 13
    CVE-2023-20966A-242299736EoPHigh11, 12, 12L, 13
    CVE-2022-4452A-251802307IDHigh13
    CVE-2022-20467A-225880741IDHigh11, 12, 12L, 13
    CVE-2023-20929A-234442700IDHigh13
    CVE-2023-20952A-186803518IDHigh11, 12, 12L, 13
    CVE-2023-20962A-256590210IDHigh13
    CVE-2022-20499A-246539931DoSHigh12, 12L, 13
    CVE-2023-20910A-245299920DoSHigh11, 12, 12L, 13

    Google Play system updates​

    The following issues are included in Project Mainline components.
    SubcomponentCVE
    Media CodecsCVE-2023-20956
    Permission ControllerCVE-2023-20947
    TetheringCVE-2023-20929
    WiFiCVE-2022-20499, CVE-2023-20910

    2023-03-05 security patch level vulnerability details​

    In the sections below, we provide details for each of the security vulnerabilities that apply to the 2023-03-05 patch level. Vulnerabilities are grouped under the component they affect. Issues are described in the tables below and include CVE ID, associated references, type of vulnerability, severity, and updated AOSP versions (where applicable). When available, we link the public change that addressed the issue to the bug ID, like the AOSP change list. When multiple changes relate to a single bug, additional references are linked to numbers following the bug ID.

    Kernel​

    The vulnerability in this section could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.
    CVEReferencesTypeSeveritySubcomponent
    CVE-2021-33655A-240019719
    Upstream kernel [2] [3]    		EoPHighFrame Buffer

    MediaTek components​

    These vulnerabilities affect MediaTek components and further details are available directly from MediaTek. The severity assessment of these issues is provided directly by MediaTek.
    CVEReferencesSeveritySubcomponent
    CVE-2023-20620A-264149248
    M-ALPS07554558 *    		Highadsp
    CVE-2023-20621A-264208866
    M-ALPS07664755*    		Hightinysys
    CVE-2023-20623A-264209787
    M-ALPS07559778 *    		Highion

    Unisoc components​

    These vulnerabilities affect Unisoc components and further details are available directly from Unisoc. The severity assessment of these issues is provided directly by Unisoc.
    CVEReferencesSeveritySubcomponent
    CVE-2022-47459A-264598465
    U-2032124 *    		HighKernel
    CVE-2022-47461A-264834026
    U-2066617 *    		Highsystem
    CVE-2022-47462A-264834568
    U-2066754 *    		Highsystem
    CVE-2022-47460A-264831217
    U-2044606 *    		HighKernel

    Qualcomm components​

    These vulnerabilities affect Qualcomm components and are described in further detail in the appropriate Qualcomm security bulletin or security alert. The severity assessment of these issues is provided directly by Qualcomm.
    CVEReferencesSeveritySubcomponent
    CVE-2022-22075A-193434313
    QC-CR#3129138
    QC-CR#3112398 [2] [3]    		HighDisplay
    CVE-2022-40537A-261468700
    QC-CR#3278869 [2] [3] [4]    		HighBluetooth
    CVE-2022-40540A-261470730
    QC-CR#3280498    		HighKernel

    Qualcomm closed-source components​

    These vulnerabilities affect Qualcomm closed-source components and are described in further detail in the appropriate Qualcomm security bulletin or security alert. The severity assessment of these issues is provided directly by Qualcomm.
    CVEReferencesSeveritySubcomponent
    CVE-2022-33213A-238106224 *CriticalClosed-source component
    CVE-2022-33256A-245402790 *CriticalClosed-source component
    CVE-2022-25655A-261469326 *HighClosed-source component
    CVE-2022-25694A-235102547 *HighClosed-source component
    CVE-2022-25705A-235102507 *HighClosed-source component
    CVE-2022-25709A-235102420 *HighClosed-source component
    CVE-2022-33242A-245402503 *HighClosed-source component
    CVE-2022-33244A-245402728 *HighClosed-source component
    CVE-2022-33250A-245403450 *HighClosed-source component
    CVE-2022-33254A-245403473 *HighClosed-source component
    CVE-2022-33272A-245403311 *HighClosed-source component
    CVE-2022-33278A-245402730 *HighClosed-source component
    CVE-2022-33309A-261468683 *HighClosed-source component
    CVE-2022-40515A-261469638 *HighClosed-source component
    CVE-2022-40527A-261470448 *HighClosed-source component
    CVE-2022-40530A-261471028 *HighClosed-source component
    CVE-2022-40531A-261469091 *HighClosed-source component
    CVE-2022-40535A-261470732 *HighClosed-source component

    Common questions and answers​

    This section answers common questions that may occur after reading this bulletin.
    1. How do I determine if my device is updated to address these issues?
    To learn how to check a device's security patch level, see Check and update your Android version.
    • Security patch levels of 2023-03-01 or later address all issues associated with the 2023-03-01 security patch level.
    • Security patch levels of 2023-03-05 or later address all issues associated with the 2023-03-05 security patch level and all previous patch levels.
    Device manufacturers that include these updates should set the patch string level to:
    • [ro.build.version.security_patch]:[2023-03-01]
    • [ro.build.version.security_patch]:[2023-03-05]
    For some devices on Android 10 or later, the Google Play system update will have a date string that matches the 2023-03-01 security patch level. Please see this article for more details on how to install security updates.
    2. Why does this bulletin have two security patch levels?
    This bulletin has two security patch levels so that Android partners have the flexibility to fix a subset of vulnerabilities that are similar across all Android devices more quickly. Android partners are encouraged to fix all issues in this bulletin and use the latest security patch level.
    • Devices that use the 2023-03-01 security patch level must include all issues associated with that security patch level, as well as fixes for all issues reported in previous security bulletins.
    • Devices that use the security patch level of 2023-03-05 or newer must include all applicable patches in this (and previous) security bulletins.
    Partners are encouraged to bundle the fixes for all issues they are addressing in a single update.
    3. What do the entries in the Type column mean?
    Entries in the Type column of the vulnerability details table reference the classification of the security vulnerability.
    AbbreviationDefinition
    RCERemote code execution
    EoPElevation of privilege
    IDInformation disclosure
    DoSDenial of service
    N/AClassification not available
    4. What do the entries in the References column mean?
    Entries under the References column of the vulnerability details table may contain a prefix identifying the organization to which the reference value belongs.
    PrefixReference
    A-Android bug ID
    QC-Qualcomm reference number
    M-MediaTek reference number
    N-NVIDIA reference number
    B-Broadcom reference number
    U-UNISOC reference number
    5. What does an * next to the Android bug ID in the References column mean?
    Issues that are not publicly available have an * next to the corresponding reference ID. The update for that issue is generally contained in the latest binary drivers for Pixel devices available from the Google Developer site.
    6. Why are security vulnerabilities split between this bulletin and device / partner security bulletins, such as the Pixel bulletin?
    Security vulnerabilities that are documented in this security bulletin are required to declare the latest security patch level on Android devices. Additional security vulnerabilities that are documented in the device / partner security bulletins are not required for declaring a security patch level. Android device and chipset manufacturers may also publish security vulnerability details specific to their products, such as Google, Huawei, LGE, Motorola, Nokia, or Samsung.

    Versions​

    VersionDateNotes
    1.0March 6, 2023Bulletin Published
    1.1March 8, 2023Bulletin revised to include AOSP links
    Click to expand...
    Click to collapse

    Here there be dragons. 🐉 I am not responsible for anything at all. 😹

    VERY IMPORTANT - On the Pixel 7/Pro, we use Magisk to patch init_boot.img, NOT boot.img AND we flash the patched init_boot to the init_boot partition - do not flash it to the boot partition.​

    Thanks to @edcsxz, @Lughnasadh, and @AndyYan for news about that and confirming it.

    Moved @mariusnoor's provided zero-day OTA.zip to Post #8 - Old news from the OP.

    Unlocking or locking the bootloader will wipe the device every single time, so be sure to have your data backed up before doing so, or better yet, just unlock it as soon as you get the device.​

    Click to expand...
    Click to collapse

    Keep in mind that unlocking the bootloader or rooting might affect your phone's capability to use banking apps such as Google Pay, your local bank's app, or even the ability to install some apps like NetFlix. See Post #2 - Unlocking Bootloader / Rooting / Updating | SafetyNet | ADB/Fastboot & Windows USB Drivers.​

    Click to expand...
    Click to collapse

    If you're going to re-lock the bootloader, make sure the ROM you have on your phone is completely stock (by flashing the latest official firmware) BEFORE re-locking it.​

    Click to expand...
    Click to collapse

    There are no permanent negative consequences if you unlock or re-lock the bootloader other than it will wipe your phone, and while your bootloader is unlocked you get a brief screen when you boot the phone telling you (and anyone who sees your phone at the time) that it's unlocked. You will also continue to receive updates (if you've merely unlocked the bootloader, you can take updates as normal) unlike Samsung, Sony, et cetera, which have permanent major consequences with reduced functionality even if you un-root and re-lock your bootloader. If you're actually rooted (not just bootloader unlocked), you'll have to perform extra steps to manually update each month, and to keep root/re-root.

    Click to expand...
    Click to collapse

    INDEX:

    • Post #2 - Unlocking Bootloader / Rooting / Updating | SafetyNet | ADB/Fastboot & Windows USB Drivers:
      • How to Root the first time / aka How to unlock the Bootloader
      • TL;DR - for the seasoned repeat users
        • Unlocking Bootloader (required in order to root)
        • How to update each month (and also how to root)[requires an unlocked bootloader for updating via this factory image method]
          • OPTIONAL: If you want to flash both slots, after this first time, then after do the following
        • SafetyNet
        • Optional steps when updating - flashing custom kernels
          • The two schools of thought on disabling Verity and Verification
      • ADB/Fastboot and Windows USB Drivers - direct download links and the most recent changelog
    • Post #3 - Other, most important resources:
      • A list of other important apps
      • TWRP [not made for the Pixel 7 (or 6) Pro yet - will update when or if ever it has - don't hold your breath]
      • Factory Images (requires an unlocked bootloader)
      • Full OTA Images(doesn't require an unlocked bootloader - you can ask questions in this thread, but I won't be providing the steps necessary, as I always use the factory image)
        • @mariusnoor's provided official URL to download the zero-day OTA to TD1A.220804.031.
      • Check warranty status
      • Official Google Pixel Update and Software Repair (reported as of January 23, 2022 to still not be updated for the Pixel 6/Pro - no idea if it has yet now, or if it will be for the 7/Pro)
      • Official Google Pixel Install fingerprint calibration software (also available at the bottom of the Update and Software Repair page above) - I believe this is only helpful if you've replaced the screen - if it's anything like the Pixel 6 Pro: if you have the screen replaced, then you *must* have the fingerprint reader replaced as well.
      • Find problem apps, Magisk, and LSposed Modules by (three different methods)
      • Official Google Android Flash Tool (OEM Unlocking needs to be toggled on - you do not have to manually unlock the bootloader - their site will do that on its own)
      • How to determine if you already have Verity and Verification disabled (required for custom kernels for now)
      • How to unroot
    • Post #4 - Build ID definitions
    • Post #5 - Blank
    • Post #6 - Regarding P7P 5G model numbers and capabilities, and how to determine your hardware version
    • Post #7 - My personal advice for how to get your device back up and running as you had it before a factory reset
    • Post #8 - Old news from the OP

    Thank you to the following users who have all contributed greatly to my knowledge of Pixels since I came back to XDA a year ago after a few years of mostly inactivity. Apologies if I miss anybody. In alphabetical order:

    Click to expand...
    Click to collapse
    View
    40
    roirraW "edor" ehT
    roirraW "edor" ehT

    Unlocking Bootloader / Rooting / Updating | SafetyNet | ADB/Fastboot & Windows USB Drivers


    Unlocking Bootloader / Rooting / Updating:

    How to Root the first time / aka How to unlock the Bootloader:
    Unlocking the bootloader will factory reset your device. There is no way around this. I highly suggest never re-locking your bootloader once you unlock it. If you do ever re-lock the bootloader, only do so after restoring the phone to 100% stock by using the latest Pixel 7 Pro Factory Image or Official Google Android Flash Tool.

    Verizon variants:
    Will never be able to have their bootloader unlocked. It's like winning the lottery, and just as rare and relatively random. There is nothing that anyone on XDA can do to help you unlock your Verizon variant.
    Click to expand...
    Click to collapse

    T-Mobile and AT&T variants:
    Can be unlocked once you pay the phone off, then you contact the carrier and arrange to Carrier unlock the phone. Once the phone is Carrier unlocked, then you can unlock the bootloader with the usual caveats (will wipe the device and there's no way around it).
    Click to expand...
    Click to collapse

    The direct-from-Google (or other retailers who aren't U.S. Carriers), the factory Carrier Unlocked Pixels:
    Can be bootloader unlocked at any time. I'd try it first before putting a SIM card in the phone. If OEM unlocking is grayed out, try connecting to Wi-Fi, and reboot if necessary. If it's still grayed out, try with your SIM card, and reboot again. Historically on Pixels, most of the time you can toggle OEM unlocking immediately, but occasionally some users have found it took a little while after being either connected to Wi-Fi or having your SIM card installed in it, and then eventually (hours? day? days?) you can toggle OEM unlocking.
    Click to expand...
    Click to collapse

    The rest of the world's carriers:
    No idea. Feel free to ask in the thread and hopefully, someone with specific knowledge will answer.
    Click to expand...
    Click to collapse

    Other than trying the things I mentioned above, there is nothing else that anyone on XDA can do to help get OEM unlocking to be ungrayed.

    Unlocking Bootloader (required in order to root)
    The one-time first steps are:
    1. Android Settings
    2. About phone
    3. Click on Build number repeatedly, about seven times
    4. Go back to the main Android Settings
    5. System
    6. Developer options
      • Toggle OEM unlocking on. See @Namelesswonder's tip below (this won't help with variants that are supposed to be bootloader locked):
        Namelesswonder said:
        Also a little tip for anyone trying to enable OEM unlocking on a device and it is grayed out, you can force the phone to check for eligibility by connecting to the internet in whatever way, going to the dialer, and dialing *#*#2432546#*#* (CHECKIN).
        You should receive a notification from Google Play services with "checkin succeeded" and OEM unlocking should be available immediately if the device is eligible.
        Google account not needed, SIM not needed, no other setup required. Works on completely-skipped-setup-wizard. Just need to make sure to connect to the internet and select the connection as metered to avoid any updates.
        Click to expand...
        Click to collapse
      • Toggle USB debugging on.
      • [Optional] I highly suggest you also disable Automatic system updates. Note that in a situation such as the Android 12 serious bootloader security issue, this setting will not keep Google from forcing an update to come through anyway.
    7. How to actually root follows the same steps below as how to update each month.
    8. Download the latest ADB/Fastboot (SDK Platform Tools) and Windows USB Drivers.
    9. Unzip the Platform Tools and Drivers.

    10. NOTE: If you have USB drivers for other Android devices installed, like Samsung, they can alternately sometimes work and not work with Google Pixels. I recommend uninstalling those drivers, or at least updating that driver to Google's driver as instructed below (the Device Manager entry may be different with other OEMs).​

    11. The Windows USB Drivers may have to be installed twice:
      • The first time while your phone is running and unlocked as normal.
        1. In Windows, right-click on the Start Button and choose Device Manager.
        2. Plug your phone into the computer and look for the new hardware entry in Device Manager. Near the top of Device Manager should be Android Device. Click the drop-down arrow to the left of it.
        3. Below Android Device, it should now show Android Composite ADB Interface
        4. Right-click the Android Composite ADB Interface and choose Update driver
        5. Choose Browse my computer for drivers
        6. Click Browse and navigate to where you unzipped the Windows USB drivers to.
        7. Follow the prompts to install the driver.
        8. Keep Device Manager itself open - you'll need it again in a minute, but you can close any other Device Manager windows after you have installed the driver.
        9. Open a Command Prompt and navigate to the platform-tools folder.
        10. Run command:
          Code: 
          adb devices
        11. On your Android device, you'll get an ADB prompt. Check the box to always give ADB permission and click OK.
        12. Confirm that the command results in a list of Android devices. When doing these producedures, you should only have the one device you want to work on connected, to keep things simple.
      • The second time to install the driver is while the phone is in Bootloader (fastboot mode), notFastbootD (fastbootd) mode. I know it's confusing.
        • Run command:
          Code: 
          adb reboot bootloader
        • Repeat the instructions above starting with "Right-click the Android Composite ADB Interface".
          • This second time installing the drivers while in Bootloader (fastboot mode), it will show up as "Android Bootloader Interface". Thanks @simplepinoi177 for the suggestion to add this detail.
    12. Run command:
      Code: 
      fastboot flashing unlock
    13. On the phone, press either the up or down volume button once until you see Unlock the bootloader |>| beside the power button.
    14. Press the power button. The phone will go black for a second and then show near the bottom Device state: unlocked.
    15. After these first-time steps to unlock the bootloader, if you want to root, continue below at the step:
    Click to expand...
    Click to collapse
    How to update each month (and also how to root) [requires an unlocked bootloader for updating via this factory image method]
    1. These three instructions only apply if you're already rooted and updating from one firmware version to another:
      • Made sure all Magisk Modules have been updated.
      • Disable all Magisk Modules.
      • UNhide Magisk!
    2. If you are going to use the Official Google Android Flash Tool, then skip the steps I indicate with FAB(Flash-All.Bat).
      • If using the Android Flash Tool to update/dirty flash, you should have the following items notselected:
        • Deselect Wipe
        • Deselect Force Flash all partitions (which will also wipe)
        • Deselect re-lock bootloader
    3. Always use the latest ADB/Fastboot (SDK Platform Tools) and Windows USB Drivers.
    4. Unzip the Platform Tools.
    5. Download the latest Pixel 7 Pro Factory Image (at the bottom of the "Cheetah" section).
    6. Unzip the factory image to the same platform-tools folder, i.e. so that flash-all.bat and all other files are in the same folder as ADB and Fastboot from the platform-tools.
    7. * FAB VERY important - Edit the flash-all.bat (on Windows) or flash-all.sh (on Linux) and remove the -w from the fastboot update image-cheetah-etcetera.zip line. This will keep the script from wiping your phone when you run it.
    8. Extract only the init_boot.img file from the image-cheetah-etcetera.zip to the same platform-tools folder.
    9. Copy the init_boot.img from the PC to the phone's internal storage.
    10. On the phone: Apply Magisk Stable to the new stock init_boot.img. NOTE: It is always possible that an Android Update (Monthly, QPR [Quarterly Platform Release], new major Android versions, and Beta versions) might need a new version of Magisk Stable, Beta, or Canary from GitHub to work correctly. XDA forum for Magisk is here.
      • Launch the Magisk app.
      • Beside "Magisk", click "Install".
      • Click "Select and Patch a File", and choose the init_boot.img that you just copied to the phone's storage.
    11. Copy the Magisk'd init_boot.img (filename similar to magisk_patched-25200_1a2B3c.img)back over to the computer.
    12. * FAB Run commands:
      Code: 
      adb reboot bootloader
flash-all.bat (on Windows)
or
flash-all.sh (on Linux)

(Note:  At least two Apple Macintosh users had trouble using the flash-all.sh - at least one of those users, everything went smooth once they used a Windows PC for this part of the process)

      IMPORTANT - The flash-all will take several minutes and reboot on its own several times including to a mode called "FastbootD", and finally reboot into full Android when it's done. Do not interrupt this process. On the FastbootD screen on the phone, do not use any of the manual selection options - let the flash-all script do it's work. Do not unplug your phone until it has fully booted into Android.​

      Thanks to @PurppleMonkey and @xgerryx for suggesting a warning about this. Thanks to @simplepinoi177 for suggesting the "FastbootD" clarification.
    13. On the phone:
      • Wait for the phone to boot normally.
      • OPTIONAL: If you want to flash both slots, after this first time, then after do the following:

        • Code: 
          adb reboot bootloader
fastboot --set-active=other
flash-all.bat
        So you're doing the flash-all.bat a second time on the second slot.
    14. On the computer:
      • Open a Command Prompt and navigate to the platform-tools folder.
      • Run command:
        Code: 
        adb reboot bootloader
      • After phone has rebooted into Bootloader (Fastboot) mode, run command:
        Code: 
        fastboot flash init_boot magisk_patched-25200_1a2B3c.img
fastboot reboot
    15. Unlock the phone.
    16. Confirm that the phone boots completely normally.
    17. Cautiously re-enable Magisk Modules.
    18. Reboot.
    19. Confirm everything worked fine.
    20. If the phone won't boot correctly after having enabled Magisk Modules, see either of the two solutions below:
      • Jon8RFC said:
        For the future, you don't need to go into safe mode unless that's your preference. I forgot what all it resets, but it's many settings and it's bothersome. I'd rather just reinstall my modules and not have to figure out those Android settings/changes which I come across days or weeks later when I infrequently do something. Have your phone reboot and run this:
        Code: 
        adb wait-for-device shell magisk --remove-modules
        I like to just do this first:
        Code: 
        adb devices
        So the server is running, then I have the long one pasted and ready to go once the phone turns off.
        Click to expand...
        Click to collapse
      • Find problem apps, Magisk, and LSposed Modules by (three different methods) section in my next post. After following that link, you may have to scroll up a little bit and the section title will be highlighted.

    SafetyNet:

    Use whichever of these is newer than the other:
    • @Displax Universal SafetyNet Fix Mod on XDA.
    • Official Universal SafetyNet Fix released by @kdrag0n available at XDA.
    1. Launch the Magisk app.
    2. Go to Magisk's Settings (Gear in top right).
      • Click Hide the Magisk app.
      • When you hide it, you'll have the optional opportunity to change the Magisk app's name to whatever you wish. It doesn't have to be complex to fool apps that check for Magisk.
      • Important: When you have the Magisk app hidden or renamed, you can accidentally install a new copy of Magisk. This situation won't work at all - neither copy of Magisk will work with two installed. This is one reason why I don't completely hide Magisk, so I can tell it's installed because I have it renamed as something easily recognizable.
      • Back to the Magisk app's Settings...
      • Click Systemless hosts. This adds a Magisk Module to Magisk, which you can verify in a later step.
      • Toggle Zygisk on.
      • Toggle Enforce DenyList on.
      • Click Configure DenyList.
        • Add every app that you want to explicitly deny root and the existence of root.
        • You can click the 3-dot menu and choose the options to display system and/or OS apps, if necessary.
        • Note that for many apps, it is not enough to click the single checkmark to the right of the app name in this list. For many but not all apps, you should click on the app name and you'll see it expand to two or more entries, each with its own toggles. In this expanded state, you can now check the single top checkbox beside the main app name and it'll toggle all individual sub-entries.
        • Some apps add new entries to this list from time to time, so if you find that an app used to work for you when rooted and doesn't now, check this list again and look for the entries that aren't fully checked. There will be an incomplete horizontal line above the apps that don't have all of their sub-entries toggled.
        • You can use the Search button at the top of this list to find specific apps quickly.
        • The most common apps you should definitely fully check in this list are:

          • IMPORTANT - There are some things, such as Google Play Services which it's fine to add to the DenyList, but it's perfectly normal when used in combination with the Universal SafetyNet Fix (USNF) that it is back to being unchecked the next time you visit the DenyList. Since USNF takes care of Google Play Services, you don't even have to add it to the DenyList in the first place.​

          • Google Play Store
          • Google Services Framework
          • Google Play Protect Service
          • Wallet
          • GPay
          • Any banking apps.
          • Any streaming apps that use DRM.
          • Any 2FA apps, especially those for work.
          • Some of those Google apps might not need denying, but it doesn't hurt to deny them.
          • Any time you toggle more entries in this list, it may be necessary to reboot the phone for it to take effect.
    3. From the main screen in the Magisk app, go to Modules at the bottom.
    4. Confirm that the Systemless hosts Magisk Module is added to this list, and enabled.
    5. Install the appropriate Magisk Module: Universal SafetyNet Fix referenced above these numbered instructions.
    6. Reboot.
    7. Install from the Play Store:
      • YASNAC - SafetyNet Checker
        • Launch it.
        • Click Run SafetyNet Attestation.
        • It should say:
          • Basic integrity: Pass
          • CTS profile match: Pass
          • Evaluation type: BASIC
      • Play Integrity API Checker
        • Launch it.
        • Click Check.
        • It should have the following with a green checkmark:
          • MEETS_DEVICE_INTEGRITY
          • MEETS_BASIC_INTEGRITY
        • It's normal for MEETS_STRONG_INTEGRITY to have a red X.
      • You don't have to keep these installed, although I keep them handy.
      • Sometimes, clearing app cache and/or data for apps like the Google Play Store, GPay, Wallet and others (and then rebooting) after these steps may help pass SafetyNet as well.
    8. See @V0latyle's explanation (and further linked post) for why we can't achieve STRONG_INTEGRITY with an unlocked bootloader.
    9. See @V0latyle's [DISCUSSION] Play Integrity API regarding why SafetyNet, per se, is actually defunct and replaced with Play Integrity - and New Official Universal SafetyNet Fix released by @kdrag0n v2.4.0 referenced in the steps above takes care of the latter.
    Click to expand...
    Click to collapse

    Optional steps when updating - flashing custom kernels:
    • Download the custom kernel of choice on the phone.

      • Be sure to read the particular installation instructions in the kernel threads' OP - any instructions in their OPs takes priority over anything I say here, which is generalized.​

        For now even the AK3 Zip versions of custom kernels requires Verity and Verification to be disabled.
        How to determine if you already have Verity and Verification disabled - see section in Post #3 - Other, most important resources
      • The two schools of thought on disabling Verity and Verification:
        • My post here. If you want to discuss it any, please do so in my thread, or at least not in that custom kernel thread, so as to keep the thread on-topic.
    • Extract the vbmeta.img file from the inner Zip of the factory image zip and put it in the same folder with the latest extracted platform-tools.
    • Hook the phone up to your computer and run the following commands:

      • Code: 
        adb reboot bootloader
        [wait for the phone to reboot to bootloader (fastboot mode)]
        Code: 
        fastboot flash vbmeta vbmeta.img --disable-verity
fastboot reboot
    • Unlock the phone once it's booted up.
    • Make sure the Kernel Flasher app is up to date. XDA thread for the Kernel Flasher app is here.
    • Launch Kernel Flasher.
    • Select the slot that's mounted.
    • Choose Flash AK3 Zip.
    • Select the custom kernel zip just downloaded.
    • When it's done flashing, head to Android Settings and perform a Factory Reset, as is currently needed for Despair kernel.
    • If you failed to disable Verity and Verification ahead of time, if you have to, just force the phone off using these instructions: Turn your Pixel phone on & off, then press the Volume Down and Power buttons for a couple of seconds to get into the bootloader (fastboot mode). You'll still have to factory reset after disabling Verity in combination with this kernel, for now.
    • Whenever you use the flash-all to flash your phone, as long as you want to continue to disable Verity and Verification, you'll have to further modify the flash-all script as such:

      • Code: 
        fastboot update image-cheetah-buildnumber.zip --disable-verity --disable-verification
    Click to expand...
    Click to collapse

    ADB/Fastboot & Windows USB Drivers:

    Platform Tools was updated in August 2022 to v33.0.3 (don't use the newer v34.0.0 - it has issues):
    Namelesswonder said:
    Anyone that updated their platform tools and needs to downgrade can use these links.

    Windows

    Mac

    Linux
    Click to expand...
    Click to collapse

    Release Notes https://developer.android.com/studio/releases/platform-tools:

    33.0.3 (Aug 2022)​

    • adb
      • Don't retry adb root if first attempt failed.
      • Fix track-devices duplicate entry.
      • Add receive windowing (increase throughput on high-latency connections).
      • More specific error messages in the "more than one device" failure cases.
      • Reject unexpected reverse forward requests.
      • Fix install-multi-package on Windows.
    • fastboot
      • Remove e2fsdroid as part of SDK platform-tools.
      • Print OemCmdHandler return message on success.
    Click to expand...
    Click to collapse
    Click to expand...
    Click to collapse
    You'll need this if you're going to unlock the bootloader on your Pixel 7 Pro: SDK Platform Tools (download links for Windows, Mac, and Linux). Note that you can find links to download the tools elsewhere, but I wouldn't trust them - you never know if they've been modified. Even if the person providing the link didn't do anything intentionally, the tools could be modified without them being aware. Why take a chance of putting your phone security further at risk?

    You can alternately use the tools from the SDK Manager, but most of us will want to stick to the basic tools-only without the complications of the full development manager.
    Click to expand...
    Click to collapse
    For Windows, get Google's drivers here Get the Google USB Driver (ADB will likely work while the phone is fully booted, but if you're like me, you'll need these drivers for after you adb reboot-bootloader, to be able to use ADB and Fastboot.
    Click to expand...
    Click to collapse
    View
    33
    Displax
    Displax
    Please test this UNSF build. Should be passing basic/device integrity.

    Use updated version from main post instead
    View
    22
    Displax
    Displax
    roirraW edor ehT said:
    I would expect that once 2.4.0 is released publicly, we should probably go back to using the official release, but conversely, as long as something works for you, there's also not necessarily a need to fix what isn't broken. Personally, I plan on switching once it's made completely public.

    Note that @Displax wasn't trying to replace the official version - they always kept it the same version as the most recent official along with "Mod", "Mod 2", or "Mod 2.1", so that suggests to me they were merely making temporary workarounds until/if the official was updated.
    Click to expand...
    Click to collapse
    Indeed. My MOD is a temporary solution until kdrag0n release accurate fix.

    I didn't change the update channel in the module on purpose so that everyone can upgrade to the new official version automatically without any problems.
    View
    21
    roirraW "edor" ehT
    roirraW "edor" ehT

    Other, most important resources


    A list of other important apps: - be sure to thank the respective OPs:
    How to unroot
    One of these two options:
    1. Official Google Android Flash Tool (OEM Unlocking needs to be toggled on - you do not have to manually unlock the bootloader - their site will do that on its own).
      Select the options to:
      • Wipe
      • Force flash all partitions
      • Re-lock bootloader
    2. Flash the completely stock init_boot.img from the same firmware version that you're on:
      Code: 
      adb reboot bootloader
fastboot flash init_boot init_boot.img

    TWRP [not made for the Pixel 7 (or 6) Pro yet - will update when or if ever it has - don't hold your breath]
    I would guess that this should be the appropriate URL for official TWRP custom recovery for the Pixel 7 Pro, but who knows when/if that will actually be made available, and it may become available unofficially in these forum sections before being made official. I'll adjust this URL as needed. https://twrp.me/google/googlepixel7pro.html.
    Click to expand...
    Click to collapse

    Factory Images (requires an unlocked bootloader)
    It's also handy to have to the full official firmware available, whether it's to recover from accidents or for actual development. Note the official link to the general Factory Images for Nexus and Pixel Devices page. The following link goes directly to the Pixel 7 Pro (Cheetah) section: Pixel 7 Pro Factory Images. I prefer to actually bookmark a link to the device listed immediately below the device I want the firmware for, because Google dumbly (in my opinion) puts the latest firmware at the bottom of the list for each particular device, and that ends up making you scroll a lot after a year or two of monthly updates.
    Click to expand...
    Click to collapse

    Full OTA Images (doesn't require an unlocked bootloader - you can ask questions in this thread, but I won't be providing the steps necessary, as I always use the factory image)
    Full OTA Images for Nexus and Pixel Devices
    Click to expand...
    Click to collapse

    Check warranty status - *may* reveal if a phone is refurbished, only if the phone was refurbished through Google - thanks to @Alekos for making me aware of the site.

    Official Google Pixel Update and Software Repair (reported as of January 23, 2022 to still not be updated for the Pixel 6/Pro - no idea if it has yet now, or if it will be for the 7/Pro)

    Official Google Pixel Install fingerprint calibration software (also available at the bottom of the Update and Software Repair page above) - I believe this is only helpful if you've replaced the screen - if it's anything like the Pixel 6 Pro: if you have the screen replaced, then you *must* have the fingerprint reader replaced as well.

    Find problem apps, Magisk, and LSposed Modules by (three different methods):
    1. Google's Help Page for Find problem apps by rebooting to safe mode - this can be a lifesaver and keep you from having to do a restore to 100% complete stock or even from having to do a factory reset. This will deactivate all Magisk modules, and they'll remain deactivated even after you boot normally after briefly booting to safe mode. You can re-enable the Magisk modules as you wish to try to narrow down the problem if it was caused by a Magisk module. This can even get things working again after a Magisk Module wasn't finished installing and potentially causing a bootloop.
    2. You can also follow @Jon8RFC's advice:
      Jon8RFC said:
      For the future, you don't need to go into safe mode unless that's your preference. I forgot what all it resets, but it's many settings and it's bothersome. I'd rather just reinstall my modules and not have to figure out those Android settings/changes which I come across days or weeks later when I infrequently do something. Have your phone reboot and run this:
      Code: 
      adb wait-for-device shell magisk --remove-modules
      I like to just do this first:
      Code: 
      adb devices
      So the server is running, then I have the long one pasted and ready to go once the phone turns off.
      Click to expand...
      Click to collapse
      Worked for me yesterday when I accidentally tried some old version of a Magisk Module. You have to reinstall your Magisk Modules, but if you're using a third-party widget, it won't disable them like Safe mode does.
    3. (May only be for mis-behaving LSposed modules):
      siavash79 said:
      In the future try this

      adb wait-for-device shell su -c "touch /data/adb/modules/zygisk_lsposed/disable"
      adb reboot
      Click to expand...
      Click to collapse

      Official Google Android Flash Tool (OEM Unlocking needs to be toggled on - you do not have to manually unlock the bootloader - their site will do that on its own)
      Lughnasadh said:
      OEM unlocking in developer options needs to be toggled on. I don't "believe" you have to actually do the "fastboot flashing unlock" command.
      Click to expand...
      Click to collapse

      How to determine if you already have Verity and Verification disabled (required for custom kernels for now)
      capntrips said:
      I keep seeing this asked, so I added a Magisk module for it to the linked Github release. With the module installed, you can just run:

      Code: 
      su
avbctl get-verity
avbctl get-verification

      I spent way more time debugging that I downloaded Github's HTML of the update-binary script rather than the raw file than I care to admit. 🤦‍♂️ Off to bed.
      Click to expand...
      Click to collapse
      Alternative two more manual ways of checking:
      Freak07 said:
      Since you´re probably already rooted anyway if you plan to flash this kernel, simply reboot your device. After you enter the device immediately take a kernel log with for example EXKM or any other app that allows to do that, terminal, etc.

      Look for that line
      [ 1.273480] init: [libfs_avb]AVB HASHTREE disabled on: /vendor_dlkm

      If you see this line, verity/verification should be disabled.
      Click to expand...
      Click to collapse
      capntrips said:
      I've seen several cases where having the ability to check would have been handy, so I pushed an avbctl binary built against the latest aosp sources here.

      The simplest way to use it would be the following:

      Code: 
      adb push avbctl /data/local/tmp
adb shell
su
cd /data/local/tmp
chmod +x avbctl
./avbctl get-verity
./avbctl get-verification
      Click to expand...
      Click to collapse
    View

New posts