[AreYouLoco?]

Hi, I have a device its Blackview BV9600 Pro (MT6771) which is a brick now because I might have damaged the screen tape on the way somehow and doesnt show any output on the screen. Wasted money since it was new but its good enough to make further experiments on it. I have taken it apart so I have access to the board and images of the stock partitions. Planning to identify serial port and solder jumpers to get bootloader/kernel log to see if it works. I am able to flash with SP Flash Tools. But stock tjat worked with previous soft-bricked attempts is not resurecting the device no more. Nevermind.

Long story short the bootloader probbably has color states which are green yellow orange and red. As in google docs about verified boot: Signed stock, locked bootloader is green; unlocked bootloader and custom rom state is orange. Red is locked custom rom (doesnt allow to boot) and the missing state according to docs I would like to achieve is possible yellow which is whole correctly self-signed rom booting with locked bootloader. How do I verify if its possible?


I am new to Android Verified Boot and I've read in docs that it should have vbmeta partition with pub keys but it is not there (AVBv1 or AVBv1.1 but not AVBv2.0 for sure) and the keys are somehow appended to the signed stock boot partition which I cannot unsign/unpack correctly. Only worked partially with osm0sis scripts to see that there is some binary file inside called boot-verified. And it might be the one with keys.

How do I replace keys that I am gling to use to sign my own boot.img? For now no kernel sources yet but working on port and anoyying company to give stock kernel sources. Rom building, rooting, unlocking bootloader is not a problem at all so not related and please do skip that part unless well argumented. I have generated my own keys already and to sign each partition should not be a problem as well with android google docs. But how to tell the kernel to use my self-signed keys and ignore vendor/google/root key? And how to append them to the boot-signed.img?

Anybody got some experience with AVB on mediatek devices and Verified Boot? Thanks for any tips. Seriously

[X3non]

Hi, I have a device its Blackview BV9600 Pro (MT6771) which is a brick now because I might have damaged the screen tape on the way somehow and doesnt show any output on the screen. Wasted money since it was new but its good enough to make further experiments on it. I have taken it apart so I have access to the board and images of the stock partitions. Planning to identify serial port and solder jumpers to get bootloader/kernel log to see if it works. I am able to flash with SP Flash Tools. But stock tjat worked with previous soft-bricked attempts is not resurecting the device no more. Nevermind.

Long story short the bootloader probbably has color states which are green yellow orange and red. As in google docs about verified boot: Signed stock, locked bootloader is green; unlocked bootloader and custom rom state is orange. Red is locked custom rom (doesnt allow to boot) and the missing state according to docs I would like to achieve is possible yellow which is whole correctly self-signed rom booting with locked bootloader. How do I verify if its possible?


I am new to Android Verified Boot and I've read in docs that it should have vbmeta partition with pub keys but it is not there (AVBv1 or AVBv1.1 but not AVBv2.0 for sure) and the keys are somehow appended to the signed stock boot partition which I cannot unsign/unpack correctly. Only worked partially with osm0sis scripts to see that there is some binary file inside called boot-verified. And it might be the one with keys.

How do I replace keys that I am gling to use to sign my own boot.img? For now no kernel sources yet but working on port and anoyying company to give stock kernel sources. Rom building, rooting, unlocking bootloader is not a problem at all so not related and please do skip that part unless well argumented. I have generated my own keys already and to sign each partition should not be a problem as well with android google docs. But how to tell the kernel to use my self-signed keys and ignore vendor/google/root key? And how to append them to the boot-signed.img?

Anybody got some experience with AVB on mediatek devices and Verified Boot? Thanks for any tips. Seriously

what you plan to do will not work, only the OEM's keys will work on the device and they most certainly won't hand it to you
if you can't get stock signed firmware from them to repair the device (check the blackview website and contact their support team) then either send the device to them for repair or discard

[AreYouLoco?]

How do you know it wont work on that device? Some source or info to confirm that?

I am not able to send it back. And I dont even want to I crack opened it so no any guarantee or whatsover anyway. And not like I did even care about that from the begining.

I do have signed stock. But it doesnt fix it anyway. I suspect hardware damage. So thats why I want to use it anyway to experiment.

Any other follow-ups?

[hovatek]

Hi, I have a device its Blackview BV9600 Pro (MT6771) which is a brick now because I might have damaged the screen tape on the way somehow and doesnt show any output on the screen. Wasted money since it was new but its good enough to make further experiments on it. I have taken it apart so I have access to the board and images of the stock partitions. Planning to identify serial port and solder jumpers to get bootloader/kernel log to see if it works. I am able to flash with SP Flash Tools. But stock tjat worked with previous soft-bricked attempts is not resurecting the device no more. Nevermind.

Long story short the bootloader probbably has color states which are green yellow orange and red. As in google docs about verified boot: Signed stock, locked bootloader is green; unlocked bootloader and custom rom state is orange. Red is locked custom rom (doesnt allow to boot) and the missing state according to docs I would like to achieve is possible yellow which is whole correctly self-signed rom booting with locked bootloader. How do I verify if its possible?


I am new to Android Verified Boot and I've read in docs that it should have vbmeta partition with pub keys but it is not there (AVBv1 or AVBv1.1 but not AVBv2.0 for sure) and the keys are somehow appended to the signed stock boot partition which I cannot unsign/unpack correctly. Only worked partially with osm0sis scripts to see that there is some binary file inside called boot-verified. And it might be the one with keys.

How do I replace keys that I am gling to use to sign my own boot.img? For now no kernel sources yet but working on port and anoyying company to give stock kernel sources. Rom building, rooting, unlocking bootloader is not a problem at all so not related and please do skip that part unless well argumented. I have generated my own keys already and to sign each partition should not be a problem as well with android google docs. But how to tell the kernel to use my self-signed keys and ignore vendor/google/root key? And how to append them to the boot-signed.img?

Anybody got some experience with AVB on mediatek devices and Verified Boot? Thanks for any tips. Seriously

Some devices do accept self signed boot images on a locked bootloader. We've not tested this with the Blackview. We have access to a BV5900 and are interested in testing how Blackview handles self signed images.
What X3non meant is that if what we've been encountering lately is anything to go by then this might not work. Its absolutely worth a shot and we're game if you're ready to test too.
Question is how do you test since your device is faulty?

[AreYouLoco?]

*TO BE DELETED*

[AreYouLoco?]

Thx @hovatek for your interest. I am willimg to test and see what I can get from that device (and if to fix or buy new one) for sure thats the whole point.

As for how to test... Thats a bit tricky with no screen working but if I am going to manage to identify serialTTY and connect there and see output of the bootloader and/or kernel then I know if its booting or not. That should be enough. Then I could force usb.debbuging=1 and get shell after it boots.

For now the bootloader state is unlocked. And I could lock it back blind when I am in fastboot mode. Just the command to lock and UP button to confirm. And SP Flash Tools are working fine for flashing stuff. That should be enough to test, no?

The bigger problem would be if there is accually something broken for good with the SoC or memory. I am going to test memory with SP Flash Tools and report.

Are you willing to invest some time in research?

[hovatek]

Well thx for interest. I am willing to test. It is faulty but if I get console output from serial TTY then I do not need screen to see if it boots.

Lets know once you succeed with that

[AreYouLoco?]

Just pinging myself so the subject will not get closed because of inactivity. I am just super busy now. But will get into that when I have possibility.