qianmo-xw
commented
2 months ago Found unknown public key used to sign /system mean not accept third-party signatures?
Closed qianmo-xw closed 2 months ago
qianmo-xw
commented
2 months ago Found unknown public key used to sign /system mean not accept third-party signatures?
pixincreate
commented
2 months ago From what I know, no, xiaomi does not allow custom signatures. Trying to lock bootloader with custom AVB Key might end you up bricking the device.
The devices that allows lockable bootloaders with custom keys are Google Pixels and few OnePlus phones
qianmo-xw
commented
2 months ago From what I know, no, xiaomi does not allow custom signatures. Trying to lock bootloader with custom AVB Key might end you up bricking the device.
The devices that allows lockable bootloaders with custom keys are Google Pixels and few OnePlus phones
f**k xiaomi.It would be great if it could support custom signatures. This is the only device I have found that won't be tee damaged so far
pixincreate
commented
2 months ago No, they wouldn't. In fact, with HyperOS (Xiaomi's latest OS for Android), they made it much more harder for users to unlock bootloader. So there's no hopes left.
qianmo-xw
commented
2 months ago No, they wouldn't. In fact, with HyperOS (Xiaomi's latest OS for Android), they made it much more harder for users to unlock bootloader. So there's no hopes left.
oh,I know,maybe I need to find a new device support unlock bootloader and tee not damaged. As far as I know only xiaomi device will not be tee damaged.....
pixincreate
commented
2 months ago Even you say "will not be tee damaged.....", can you elaborate that?
I assume you previously used a Samsung device, unlocked it's bootloader that blowed up the Knox fuse.
qianmo-xw
commented
2 months ago Even you say "will not be tee damaged.....", can you elaborate that?
I assume you previously used a Samsung device, unlocked it's bootloader that blowed up the Knox fuse.
trusted execution environment is be called tee, some banking software will detect this, WeChat will not be able to use fingerprints, Netflix clarity will be damaged, presumably so, you can use the momo app to detect whether it is damaged.
pixincreate
commented
2 months ago From what I remember, if the bootloader is unlocked, then Momo used (2 - 3 years back) to yell at the user saying TEE is broken which could easily be overridden by spoofing.
If you're so concerned about that, rooting is not for you. Or, buy a pixel, flash GrapheneOS.
chenxiaolong
commented
2 months ago Yep, as far as I'm aware, Xiaomi's bootloaders do not actually allow custom keys, even if fastboot flash avb_custom_key happens to work. Unfortunately, there's nothing you can do to make avbroot work on your device.
[ 1.613176] init: [libfs_avb]Returning avb_handle with status: Success [ 1.613538] init: [libfs_avb]: Error verifying vbmeta image: OK_NOT_SIGNED [ 1.613550] init: [libfs_avb]Found unknown public key used to sign /system [ 1.613554] init: [libfs_avb]Returning avb_handle for '/system' with status: VerificationError
I already use fastboot flash avb_custom_key,Have any possible to solve it?
it not report boot unsigned,Just System.
Device:XiaoMi Pad6 Pro
If you need OTA package,download from https://xiaomirom.com/rom/xiaomi-pad-6-pro-liuqin-china-fastboot-recovery-rom/
I don't know if Xiaomi doesn't accept third-party signatures, or if the system signature failed during the signing process