Started with device on July 5th security patch Android Oreo 8.1. 100% Verizon device. Got replacement phone in the mail. No SIM inside. Turned it on. Plugged it in to a computer. Skipped past everything on setup. Turned on Developer options. OEM Unlock was grayed out.
Turned off automatic system updates in dev options. Turned on USB Debugging. Keep screen awake while charging. Ran ADB "adb shell pm uninstall --user 0 com.android.phone". Turned on wifi and waited a couple minutes in the chrome browser. Returned to Developer options and OEM Unlock was no longer grayed out. Ticked it.
Kept phone running for a few minutes. Turned device off and booted to fastboot. Still locked. Returned to system from bootloader. OEM Unlock still blue. Let apps update and also logged into Google account. Noticed OEM Unlock was staying unlocked through a couple reboots.
Decided to upgrade to Pie. Did it OTA. OEM Unlock stuck through the update. Shut down phone from system. Once phone was off I held down power button and the volume down button to take me to Fastboot mode. Ran "fastboot flashing unlock". BOOM! Got the the screen to say yes or no to bootloader unlock.
Warranty swap, Verizon, came with Pie, December 5,2018. Followed your instructions: Ran adb shell pm uninstall --user 0 com.android.phone. Received "Success" response and OEM Unlock was still grey. Continued by enabling WIFI and opening Chrome. I let it sit for a few minutes as well and when I came back Dev Options, OEM unlock was blue and allowed me to toggle it to unlock. Restarted into fastboot, to find the bootloader was still reporting locked status. Restarted to system and OEM unlock was once again greyed out and locked. Now when I run command - adb shell pm uninstall --user 0 com.android.phone - I receive the following failure message
PS C:\android-studio\tools> PS C:\android-studio\tools> adb shell pm uninstall --user 0 com.android.phone
Get-Process : A positional parameter cannot be found that accepts argument 'adb'.
At line:1 char:1
+ PS C:\android-studio\tools> adb shell pm uninstall --user 0 com.andro ...
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+ CategoryInfo : InvalidArgument:
) [Get-Process], ParameterBindingException
+ FullyQualifiedErrorId : PositionalParameterNotFound,Microsoft.PowerShell.Commands.GetProcessCommand
PS C:\android-studio\tools> Failure [not installed for 0]
Failure : The term 'Failure' is not recognized as the name of a cmdlet, function, script file, or operable program.
Check the spelling of the name, or if a path was included, verify that the path is correct and try again.
At line:1 char:1
+ Failure [not installed for 0]
+ ~~~~~~~
+ CategoryInfo : ObjectNotFound: (Failure:String) [], CommandNotFoundException
+ FullyQualifiedErrorId : CommandNotFoundException
PS C:\android-studio\tools> PS C:\android-studio\tools>
Methinks I missed my opportunity.
Note: an update did download while wifi was enabled but, it has not been installed. I'm going to try a factory reset and see if I can't get it blue again. Update to follow.
UPDATE 1: performed factory reset without installing anything and ran "adb shell pm uninstall --user 0 com.android.phone" and was able to acheive "success" again:
PS C:\android-studio\tools> adb shell pm uninstall --user 0 com.android.phone
Success
PS C:\android-studio\tools>
Ran Chrome WITHOUT connecting to Wifi which did nothing but, the minute I connected to wifi and news updates came up (in chrome), I was able to toggle it again. I played with the toggle and everytime I lock it, a message pops up that tells me to restart to enable this protection feature. I wonder if this is happening Automatically, even if you restart the phone with OEM unlocked. For now, dinner is ready but, I will continue to play with this awhile tonight. More updates to come.
As you stated "Returned to system from bootloader. OEM Unlock still blue."
This is where things are different for me. I returned to system from bootloader and it was grey again. I almost wonder if the Pie update addressed your exploit at this very junction. It stays blue if I just do a simple restart (note that system date reverted back to Jan. 1) but, I'm a bit afraid of rebooting to fastboot.
UPDATE 2: tried running some commands in system, powershell just sat there waiting, never did a thing with either fastboot oem unlock or fastboot flashing unlock_critical. Turned off Wifi and tried running the commands again in fastboot (which Idk anything about deving so feel free to laugh at me) and again, nothing. Restarted phone . . . it's grey again.
UPDATE 3: I've allowed all the apps to update. Based on what I've read, it seems the firmware can accept updates without affecting the OEM unlock toggle. I'm crossing my fingers, as I'm going to let the phone install the security update, which I realize could be a game ending move but, there's still no IMEI registered to the device (or rather, it's not reporting inside the system software at this time) so I'm either going to screw myself or, determine that the problem exists within IMEI. The question I have yet to find an answer to is, do the security updates keep us locked out or is it IMEI? fingers crossed I don't screw myself here. Either way I have a Sprint SIM. But, at this time fastboot unlock commands are not responding in my powershell.
UPDATE 4:
So after considering how irreversible IMEI registration and Security updates are, I decided to NOT allow the security update and instead, get my SIM card going (I figured, if it has something to do with Verizon SIMs, I should be ok with a Sprint SIM). For some reason or another, my IMEI/MEID info would not show up. I performed another factory reset and the SIM began to talk. I ran the command "adb shell pm uninstall --user 0 com.android.phone" and once again acheived "success" however, after repeating the steps - disabling auto updates, enable USB debug, etc. (which I did every time I reset) - the OEM unlock is still greyed out, despite the success message. I still haven't installed the security update and will try another factory reset without SIM to see if any problems or successes replicate, though I have a feeling, the IMEI now being registered, is permanent AND possibly the culprit AND my gut tells me there's no going back. I know very little about these things compared to most here however, I hope at the very least I was able to confirm suspicions and/or provide info not previously provided. To confirm this is a refurbished Google Pixel 2XL originally purchased from Verizon, warrant replacement that came with Android 9 (Pie) on the December 5, 2018. I hope the information I've provided here is of some use and I will play with it a bit more tomorrow. if I discover anything new or useful, I will run back here and share my findings ASAP.
I should have never gone against my gut, purchasing direct from Verizon; instead of the unlocked variant, online. feeling like an ass.
