Once the bootloader is locked, you'll be installing updates via update packages, either via recovery or a system update app. Those get installed to the alternate partition set and if they fail to boot a single time it will automatically fall back to the previous installation.
Conversation
This Tweet was deleted by the Tweet author. Learn more
This Tweet was deleted by the Tweet author. Learn more
No, you can't erase or format partitions with a locked bootloader. However, I'm extremely doubtful that this is actually happening. The device will not boot a single time with a modified system partition and locked bootloader. Locking the bootloader enables verified boot.
1
In order to boot, it has to pass verified boot with either the hard-wired key or the custom Android Verified Boot key that was flashed while the bootloader was unlocked. I highly doubt that people are doing that. If it can't boot, how are they able to disable OEM unlocking... ?
1
I've had a lot of experience with these devices and also with users making mistakes and then doing a bad diagnosis of what happened based on a lack of understanding and incorrect assumptions. Stock OS and AOSP don't support disabling OEM unlocking until the bootloader is locked.
1
Bootloader locked implies a pristine stock OS or a custom OS with a custom verified boot signing key that has been flashed via a mechanism that was not even publicly documented or mentioned anywhere until we discovered it via reverse engineering and submitted the documentation.
1
That applies to both the Pixel 2 and Pixel 3 generations. A custom verified boot key must be flashed to successfully boot anything other than the stock OS with the bootloader locked. How could they boot a single time if they weren't? I think they misunderstand what happened.
1
If you have anything other than the pristine stock OS and lock the bootloader without flashing a custom AVB key, it will not boot. You could call the inability to boot a form of soft bricking, but it's perfectly recoverable since OEM unlocking wouldn't have been disabled.
1
You can wipe userdata from the standard stock and AOSP recovery though, just not via fastboot. The reason for that is things like factory reset protection is entirely up to the OS to implement. It can choose not to provide that wipe option or it can gate it behind a check, etc.
1
The option to disable OEM unlocking on the Pixel 2 and 3 is only available when you're using an OS providing verified boot, since you have to be able to boot it successfully with a locked bootloader to get there. At least if no OS is stupid enough to remove that UX sanity check.