Those wondering why they cannot unlock their Pixel 6a currently, you (most likely) need to wait for Google's servers to begin authenticating Pixel 6a OEM unlocking. Hopefully should happen soon!
Conversation
Replying to
Wait, OEM unlocking in Pixel is tied to online service? I thought it was a local process in Pixel unlike other OEMs that issue unlock key for your device.
1
It checks the service to determine if the Pixel is unlocked. Hardware, firmware and software is identical across all Pixels whether or not they're locked by carriers. That's the point of the service. It allows the same hardware to be sold as unlocked or as locked carrier devices.
1
5
Where does this OEM Unlocking enabled/disabled byte is stored? I'm guessing, in Titan M so that the user cannot physically tamper with the byte?
1
Stored in the OEM lock data block which is backed by Titan M on Pixels just like lock state, verified boot rollback indexes for the OS, user flashed verified boot key, Weaver tokens used as an extra input for encryption for throttling, factory reset protection data block, etc.
2
1
4
Is there a specific instruction that goes from the OS to Titan M that tells the chip that the user has toggled OEM unlocking? I'm wondering if I can physically fake that signal. This of course will require dismantling the SoC and technical proficiency to pull this off.
1
There's authenticated encryption for the connection between the Titan M and the TEE or secure core in the SoC. They're paired together at the factory.
The carrier locking system is entirely implemented at the UI layer and bypassing that just requires OS (not even root) exploit.
Please see twitter.com/GrapheneOS/sta. We found a workaround for the issue with the OEM unlocking service. It works for the June 2022 releases they published for Japanese carriers and Verizon, but you need to factory reset the device after updating to the newer release.
Quote Tweet
First experimental release of GrapheneOS for the Pixel 6a can now be installed. 6a camera support still has to be implemented.
grapheneos.org/install/web
grapheneos.org/install/cli
grapheneos.org/releases
We've provided instructions on working around the stock OS OEM unlocking bug.
Show this thread
2