chenxiaolong/avbroot

For Xiaomi Device Systerm Verify failed.

qianmo-xw opened this issue · 11 comments

[ 1.613176] init: [libfs_avb]Returning avb_handle with status: Success
[ 1.613538] init: [libfs_avb]: Error verifying vbmeta image: OK_NOT_SIGNED
[ 1.613550] init: [libfs_avb]Found unknown public key used to sign /system
[ 1.613554] init: [libfs_avb]Returning avb_handle for '/system' with status: VerificationError

I already use fastboot flash avb_custom_key,Have any possible to solve it?

it not report boot unsigned,Just System.

Device:XiaoMi Pad6 Pro

If you need OTA package,download from https://xiaomirom.com/rom/xiaomi-pad-6-pro-liuqin-china-fastboot-recovery-rom/

I don't know if Xiaomi doesn't accept third-party signatures, or if the system signature failed during the signing process

Found unknown public key used to sign /system mean not accept third-party signatures?

From what I know, no, xiaomi does not allow custom signatures. Trying to lock bootloader with custom AVB Key might end you up bricking the device.

The devices that allows lockable bootloaders with custom keys are Google Pixels and few OnePlus phones

From what I know, no, xiaomi does not allow custom signatures. Trying to lock bootloader with custom AVB Key might end you up bricking the device.

The devices that allows lockable bootloaders with custom keys are Google Pixels and few OnePlus phones

f**k xiaomi.It would be great if it could support custom signatures. This is the only device I have found that won't be tee damaged so far

No, they wouldn't. In fact, with HyperOS (Xiaomi's latest OS for Android), they made it much more harder for users to unlock bootloader. So there's no hopes left.

No, they wouldn't. In fact, with HyperOS (Xiaomi's latest OS for Android), they made it much more harder for users to unlock bootloader. So there's no hopes left.

oh,I know,maybe I need to find a new device support unlock bootloader and tee not damaged. As far as I know only xiaomi device will not be tee damaged.....

Even you say "will not be tee damaged.....", can you elaborate that?

I assume you previously used a Samsung device, unlocked it's bootloader that blowed up the Knox fuse.

Even you say "will not be tee damaged.....", can you elaborate that?

I assume you previously used a Samsung device, unlocked it's bootloader that blowed up the Knox fuse.

trusted execution environment is be called tee, some banking software will detect this, WeChat will not be able to use fingerprints, Netflix clarity will be damaged, presumably so, you can use the momo app to detect whether it is damaged.

From what I remember, if the bootloader is unlocked, then Momo used (2 - 3 years back) to yell at the user saying TEE is broken which could easily be overridden by spoofing.

If you're so concerned about that, rooting is not for you. Or, buy a pixel, flash GrapheneOS.

Yep, as far as I'm aware, Xiaomi's bootloaders do not actually allow custom keys, even if fastboot flash avb_custom_key happens to work. Unfortunately, there's nothing you can do to make avbroot work on your device.