On Sat, 22 Apr 2023 17:34:11 +0100 J05HYYY via Replicant wrote: > The way to find out is to try and unlock it, and see if it tells you > if it's already unlocked.
How do I do that? FWIW, currently my devices are running Replicant 6.0-0004 downloaded from the website. Are the website images with a locked or unlocked bootloader? >From your words it understand that it is more secure to have a locked bootloader, as it would prevent the bypassing of signature checks I found some old forum thread about re-locking the bootloader which: 1. Implies Replicant's bootloader is unlocked 2. From the replies it is not clear whether Replicant will work with a locked bootloader. One person says it won't, another one says it might and suggests trying through 'fastboot oem lock' (without explaining where and how this should be run) The thread is from 8 years ago, so I really don't know how relevant the info is: https://redmine.replicant.us/boards/39/topics/9123 What can you tell about this? > Sometimes there is an unlock symbol on the bootloader screen upon > booting, but this is not really a reliable way of testing. Of course, > if it is locked, you will have then unlocked the bootloader, but I > assume you'd be wanting to install new images anyway. I suppose you are right. I am not an expert, still learning about Replicant (and all this Android stuff in general). Still, if a locked bootloader would improve security, I would be interested to learn about that. > Flashing an unsigned boot.img should be OK if the bootloader is > unlocked. > > I have: Unlocked bootloader + unsigned boot.img + signed system.img > running. Thanks for this info. How did you sign system.img? I am still hoping for an answer to the other thread I opened about how to sign at the end of the build process and how this whole signature checking works, hence how it should be approached properly. > You could probably back up boot.img beforehand if you wanted to be > safe about it. Isn't that recovery-i9300.img from the website? Or do I need to backup anything else? > I can't help with telling you what those files are really. I really hope someone else can step in and clarify it for us. Not having documentation, a non-expert like me is really lost without help. I appreciate your answers. > What I can say is that I assume the images on the > https://redmine.replicant.us/projects/replicant/wiki/Images page are > probably signed. I see they have signatures as separate files. I have no clue about anything else signature-related though. *I am changing the subject of this sub-thread as it got somewhat off-topic of the main one but it is still related. I hope that is OK. _______________________________________________ Replicant mailing list Replicant@osuosl.org https://lists.osuosl.org/mailman/listinfo/replicant
