/!\ WARNING /!\ Do NOT relock your bootloader around the time of updating to 5.1!

Status
Not open for further replies.

danarama

Senior Member
Aug 22, 2010
31,287
18,810
0
Oxenhope, West Yorkshire, UK
Guys,

We've seen several people have flashed system.img's and OTA's and ended up in a bootloop.. Not the end of the world really, BUT for some reason, before you can unlock your bootloader using fastboot, you must enable OEM unlock in Developer options in Android settings - which you cannot do if you are bootlooping.

If you still have a custom recovery, you'll be fine but if you're 100%, locked bootloader and bootlooping, we haven't found a fix yet so please do not lock your bootloader.

If you feel you absolutely must relock your bootloader (at your own risk) please boot the phone up to check it works properly before doing this. If you intend flashing roms and kernels or custom recoveries, locking the bootloader is not a good idea

Please also see the below link provided by @efrant
https://support.google.com/nexus/answer/6172890?hl=en
This goes into more detail about how google have enhanced device security with 5.1 and some other pitfalls that you may wish to avoid. This is pretty salient information, so do give it a read.
 
Last edited:

daijizai

Senior Member
Oct 27, 2005
306
49
0
Good advice, i would add to that NEVER LOCK YOUR BOOTLOADER.

Sent from my Nexus 9 using XDA Free mobile app
And I would add that I completely disagree with this statement. Coming from an infosec standpoint, I keep my bootloader locked, and just suffer the reset when I need to tweak. If you don't, anyone - not just you - can replace your system partition or boot a random IMG which could inject functionality. This may not be the most common mechanism for attack as it requires physical access, but it basically obviates the encryption with a deepfreeze style boot IMG.

Additionally, when you think about this in context of the border crossing exemptions many countries, including the US, have to protections against unwarranted search, I would recommend that anyone with proprietary or sensitive business data who crosses international borders keeps their bootloader locked when not modifying the system. Also, until custom recoveries include security features, I recommend using stock.

Why are we making our phones so insecure just to have root? Not cool.
 

y2whisper

Senior Member
Aug 17, 2006
2,482
274
153
Toronto
So just to be clear the correct procedure would be to boot the device after updating enable the setting and then go and lock your bootloader? Or just keep it unlocked overall.

Personally I keep mine unlocked but for those wanting to take full advantage of androids new device protection a locked bootloader would serve a purpose. Preventing someone from just flashing a custom rom and keeping your device.
 
Last edited:
  • Like
Reactions: phishfi

xander45

Senior Member
Jul 10, 2013
115
22
0
I thought I really #$# up

Thank you for posting this...when 5.1 was dropping, I attempted to return to stock...all the way.to be able to take Verizon's OTA...when i locked the boot loader, i was stuck in a boot loop with the android guy and the gear box spinning FOREVER.....its is not easy to get out of the loop, but i managed to boot back up into boot loader mode, and force a stock image using toolkit.

I am now unlocked, running 5.1 on Verizon, have full LTE/VOLTE, can speak and surf at same time...i have not rooted yet...but just glad it was not me....had a heart attack two nights ago...
 

kng60ft

Member
Jun 17, 2010
25
2
0
Thank you for posting this...when 5.1 was dropping, I attempted to return to stock...all the way.to be able to take Verizon's OTA...when i locked the boot loader, i was stuck in a boot loop with the android guy and the gear box spinning FOREVER.....its is not easy to get out of the loop, but i managed to boot back up into boot loader mode, and force a stock image using toolkit.

I am now unlocked, running 5.1 on Verizon, have full LTE/VOLTE, can speak and surf at same time...i have not rooted yet...but just glad it was not me....had a heart attack two nights ago...
im so new to this but im rooted with an unlocked bootloader but im running full stock android. i only rooted just so i can chance the provision to get free tethering with my unlimited data. i have the wugfresh nexus tool kit and cant for the life of me figure out how to upgrade my nexus 6 to 5.1. Is there in anyone that can get me a step by step on how to update so i can take advantage of hd calling and silmutaneous voice and data... ive been waiting tooooooooooo long for this update..
 

RW-1

Senior Member
Jun 30, 2010
889
336
93
www.dynamicflight.com
Guys,

We've seen several people have flashed system.img's and OTA's and ended up in a bootloop.. Not the end of the world really, BUT for some reason, before you can unlock your bootloader using fastboot, you must enable OEM unlock in Developer options in Android settings - which you cannot do if you are bootlooping.

If you still have a custom recovery, you'll be fine but if you're 100%, locked bootloader and bootlooping, we haven't found a fix yet so please do not lock your bootloader.
Hi root,

I saw that thread yesterday ...

I thought this was already covered when the N6 came out, to get the bootloader unlocked you had to do a 1st boot of the device and ENABLE OEM Unlock, then you were good to go to get into fastboot and unlock.
The reason was google put the option there for 5.0, vice all our previous versions which had no toggle for it.

I think it was people jumping the gun and not doing that first boot, but immediately jumping into fastboot and flashing, and that caused it, yes? Because the BL wasn't unlocked, they couldn't flash the OTA and boot img ...
 

doitright

Senior Member
Oct 31, 2014
1,512
861
0
And I would add that I completely disagree with this statement. Coming from an infosec standpoint, I keep my bootloader locked, and just suffer the reset when I need to tweak. If you don't, anyone - not just you - can replace your system partition or boot a random IMG which could inject functionality. This may not be the most common mechanism for attack as it requires physical access, but it basically obviates the encryption with a deepfreeze style boot IMG.

Additionally, when you think about this in context of the border crossing exemptions many countries, including the US, have to protections against unwarranted search, I would recommend that anyone with proprietary or sensitive business data who crosses international borders keeps their bootloader locked when not modifying the system. Also, until custom recoveries include security features, I recommend using stock.

Why are we making our phones so insecure just to have root? Not cool.
This is nonsense.
You need *physical* access to it in order to carry out such an attack.
If your phone leaves your PHYSICAL access, then you already know not to trust what is on it, whether or not it has an unlocked bootloader.
 

the_rooter

Senior Member
Aug 3, 2014
2,070
523
193
Olean
Thank you for posting this...when 5.1 was dropping, I attempted to return to stock...all the way.to be able to take Verizon's OTA...when i locked the boot loader, i was stuck in a boot loop with the android guy and the gear box spinning FOREVER.....its is not easy to get out of the loop, but i managed to boot back up into boot loader mode, and force a stock image using toolkit.

I am now unlocked, running 5.1 on Verizon, have full LTE/VOLTE, can speak and surf at same time...i have not rooted yet...but just glad it was not me....had a heart attack two nights ago...
im so new to this but im rooted with an unlocked bootloader but im running full stock android. i only rooted just so i can chance the provision to get free tethering with my unlimited data. i have the wugfresh nexus tool kit and cant for the life of me figure out how to upgrade my nexus 6 to 5.1. Is there in anyone that can get me a step by step on how to update so i can take advantage of hd calling and silmutaneous voice and data... ive been waiting tooooooooooo long for this update..
There is no need to lock the device to take an OTA. You can keep it unlocked and do an ota
 

daijizai

Senior Member
Oct 27, 2005
306
49
0
This is nonsense.
You need *physical* access to it in order to carry out such an attack.
If your phone leaves your PHYSICAL access, then you already know not to trust what is on it, whether or not it has an unlocked bootloader.
Not nonsense. Yes you need physical access to carry out the attack, but with a locked bootloader and the new precautions against unlocking and fastboot it makes locked bootloaders fairly bulletproof.

I cannot recommend unlocked bootloaders to anyone that works SCIF'd and leaves their phone in a shared box during the day, anyone that crosses international borders, or anyone whose phone might contain IP or trade secrets and could be a target of theft.

This is as much about trusting the phone afterwards as it is about protecting your data on the phone - even when encrypted.
 
  • Like
Reactions: schwartz.matthew.e

the_rooter

Senior Member
Aug 3, 2014
2,070
523
193
Olean
So just to be clear the correct procedure would be to boot the device after updating enable the setting and then go and lock your bootloader? Or just keep it unlocked overall.

Personally I keep mine unlocked but for those wanting to take full advantage of androids new device detection a locked bootloader would serve a purpose.
Just keep it unlocked
 

nyteryder79

Member
Jun 10, 2012
15
30
0
Guys,

We've seen several people have flashed system.img's and OTA's and ended up in a bootloop.. Not the end of the world really, BUT for some reason, before you can unlock your bootloader using fastboot, you must enable OEM unlock in Developer options in Android settings - which you cannot do if you are bootlooping.

If you still have a custom recovery, you'll be fine but if you're 100%, locked bootloader and bootlooping, we haven't found a fix yet so please do not lock your bootloader.

If you feel you absolutely must relock your bootloader (at your own risk) please boot the phone up to check it works properly before doing this. If you intend flashing roms and kernels or custom recoveries, locking the bootlaoder is not a good idea
I had this boot loop also, but clearing Cache and Dalvik seemed to fix the loop for me.
 
  • Like
Reactions: Televinken

Marcellus1

Senior Member
Apr 8, 2011
123
31
0
is there a fix if my mem shows i own a 32g device when i bought a 64g device, im unlocked/rooted and on custom rom?
I'd like to know too. I'm unrooted, stock everything, with 64GB Blue, but it shows 23GB total space for the device with 16GB available. Was fine before the 5.1 update.
 

danarama

Senior Member
Aug 22, 2010
31,287
18,810
0
Oxenhope, West Yorkshire, UK
is there a fix if my mem shows i own a 32g device when i bought a 64g device, im unlocked/rooted and on custom rom?
I'd like to know too. I'm unrooted, stock everything, with 64GB Blue, but it shows 23GB total space for the device with 16GB available. Was fine before the 5.1 update.
Factory reset?

Not really the thread to ask this though.
 
  • Like
Reactions: Marcellus1
Status
Not open for further replies.
Our Apps
Get our official app!
The best way to access XDA on your phone
Nav Gestures
Add swipe gestures to any Android
One Handed Mode
Eases uses one hand with your phone