Moto G32 Locking issue

Hi iodeOS community,

I need some help concerning the Bootloader Lock on my Moto G32 mobile(XT2235-2).

I successfully maanaged to install iodéOS 6.2 ROM through the flash_all.bat.

When I lock the bootloader (Last installation step), iodéOS boot is prevented, and following message appear on the screen :

No valid operating system could be found. The device will not boot. For more information visit our support forums: support.motorola.com

When I go back into Fastboot, unlock the bootloader again and restart, iodéOS is correctly launched.

However, I would like to properly lock the bootloader.

Did someone has an idea about the reason and the way to lock the bootloader ?

Thanks and regards,

FK

Just to add a precision, I suspect that my issue is linked to this Warning during installation :

(bootloader) WARNING : vbmeta_a anti rollbck downgrade, 23 vs 24

After some research on other forum, this anti rollback mecanism doesn’t seem easy to solve.

Did anyone face this issue ?

Thanks !

Sorry not a Moto user (well not since a Moto G6), but do you (or others) know for certain it is possible to re-lock the bootloader with a custom ROM installed? Some manufacturers allow the bootloader to be unlocked but not relocked, etc.

@FonkyKoala
(re)locking the bootloader with iodè OS works perfectly for me with my three Motorola G32, G42, G52.

It is important that Moto firmware works properly. For example, a pending stock Android OTA update registered in the device must also be fully completed, otherwise the relocking bootloader with iodéOS will be blocked.

Thanks @rik and @iodysseus for your help !

Actually, I personally own a moto g32 on which I’ve already installed a iodéOS and lock the bootloader without any issue.
When ordering a second one for my wife, I encoutered this lock issue.

As suggested by the iodé wiki on the G32 section, I’ve previously updated the stock firmware to the latest (the latest official security update is from March 2025), before flashing iodéOS.
Therefore, concerning the Moto firmware, I was ok.

I’m an android beginner, but as far as I understood, the iodé ROM (like every ROM) comes with a vbmeta.img, which is part of the Verified Boot process. The aims of that is to ensure the integrity of the software that will be launch at startup. (More detail here : Android Verified Boot 2.0)

This “Verified Boot” mechanism includes an anti-roolback protection which prevents the device from being downgrading in term of security feature.
And this is where I face my issue (At least, I guess to) : The vbmeta.img included in the iodéOS 6.2 is not the latest one, compared to the one I’ve officially installed before iodé flashing. And that triggered the anti-rollback protection, and prevent my device bootloader from being locked.

I think there should be a hack that could make possible to downgrade this VBMeta, but I really don’t want to dive into such painful and risky manipulation

As far as I understand, I don’t have any solution to lock the bootloader for now. I must wait for iodéOS team to release a new version (a 6.3 maybe) that includes the latest Verified Boot version.

Is there someone from the iodéOS team that could confirm that, or help ?

And could it be possible to patch the vbmeta.omg/vbmeta_system.img from the 6.2 release to be able to lock the bootloader before waiting the next release ?

(What annoy me, is that locking the bootloader will erase the personal data. And if the backup/restore by SeedVault doesn’t work as expected and lead to a loss of data, I may face serious personal issue )

iodéOS 6.2 (as well as LineageOS 22.1) is based on stock Android 13 (XT2235-2_DEVON_xxxxx_13_T2SNS33.73-22-3-13) March, 2025.

I only know one person who can provide qualified information and a remedy - his majesty @vince31fr lead developer of iodéOS.

Thanks very much for this info @iodysseus !
The official ROM that I had on my Moto G32 before flashing iodéOS 6.2 was :

DEVON_G_T2SNS33.73_22_3_13_subsidy_DEFAULT_regulatory_DEFAULT_cid50_CFC

That has been confirmed by the Software Fix v7.2.3.13 software downloaded from Motorola website.

It seems to be more or less the one that you mentionned.

I must have missed something somewhere. But I have very limited knowledge about Android architecture, so I’m navigating in the fog

I also tried to re-flash this official ROM and then lock manually the bootloader in the Fastboot, and it works well.

But when I lock the bootloader with iodéOS flashed, startup message told me that no valid OS is installed, and thus system can’t boot.

That would be great if his majesty @vince31fr could bring us with his lights on this ! (Next time I go to Toulouse, I offer you a fresh bier)

I have saved the flash_all.bat logs, if someone can see something…

PS C:\Users\xxx\Documents\Moto g32\iodeos\6.2\iode-6.2-20250407-devon-fastboot> .\flash-all.bat
Erasing 'avb_custom_key'                           OKAY [  0.014s]
Finished. Total time: 0.020s
Warning: skip copying avb_custom_key image avb footer (avb_custom_key partition size: 0, avb_custom_key image size: 1032).
Sending 'avb_custom_key' (1 KB)                    OKAY [  0.001s]
Writing 'avb_custom_key'                           OKAY [  0.014s]
Finished. Total time: 0.029s
Warning: userdata type is raw, but f2fs was requested for formatting.

    F2FS-tools: mkfs.f2fs Ver: 1.16.0 (2023-04-11)

Info: Debug level = 1
Info: Trim is disabled
Info: Set conf for android
Info: Enable Project quota
Info: Segments per section = 1
Info: Sections per zone = 1
Info: sector size = 512
Info: total sectors = 230928344 (112757 MB)
Info: zone aligned segment0 blkaddr: 512
Info: add quota type = 0 => 4
Info: add quota type = 1 => 5
Info: add quota type = 2 => 6
Info: format version with
  ""
[f2fs_init_sit_area: 641]       Filling sit area at offset 0x00600000
[f2fs_init_nat_area: 675]       Filling nat area at offset 0x01200000
[f2fs_add_default_dentry_root:1258]     Writing default dentry root, at offset 0x1d800
[f2fs_write_root_inode:1303]    Writing root inode (hot node), offset 0x1d200
[f2fs_write_default_quota:1390]         Writing quota data, at offset 0001d801 (1/2)
[f2fs_write_default_quota:1390]         Writing quota data, at offset 0001d802 (2/2)
[f2fs_write_qf_inode:1441]      Writing quota inode (hot node), offset 0x1d201
[f2fs_write_default_quota:1390]         Writing quota data, at offset 0001d803 (1/2)
[f2fs_write_default_quota:1390]         Writing quota data, at offset 0001d804 (2/2)
[f2fs_write_qf_inode:1441]      Writing quota inode (hot node), offset 0x1d202
[f2fs_write_default_quota:1390]         Writing quota data, at offset 0001d805 (1/2)
[f2fs_write_default_quota:1390]         Writing quota data, at offset 0001d806 (2/2)
[f2fs_write_qf_inode:1441]      Writing quota inode (hot node), offset 0x1d203
[f2fs_update_nat_default:1478]  Writing nat root, at offset 0x00001200
Info: Overprovision ratio = 0.430%
Info: Overprovision segments = 246 (GC reserved = 239)
[f2fs_write_check_point_pack: 857]      Writing main segments, cp at offset 0x00000200
[f2fs_write_check_point_pack: 945]      Writing Segment summary for HOT/WARM/COLD_DATA, at offset 0x00000201
[f2fs_write_check_point_pack: 959]      Writing Segment summary for HOT_NODE, at offset 0x00000202
[f2fs_write_check_point_pack: 971]      Writing Segment summary for WARM_NODE, at offset 0x00000203
[f2fs_write_check_point_pack: 982]      Writing Segment summary for COLD_NODE, at offset 0x00000204
[f2fs_write_check_point_pack: 990]      Writing cp page2, at offset 0x00000205
[f2fs_write_check_point_pack:1010]      Writing NAT bits pages, at offset 0x000003fe
[f2fs_write_check_point_pack:1031]      Writing cp page 1 of checkpoint pack 2, at offset 0x00000400
[f2fs_write_check_point_pack:1050]      Writing cp page 2 of checkpoint pack 2, at offset 0x00000405
[f2fs_write_super_block:1083]   Writing super block, at offset 0x00000000
Info: format successful
Warning: skip copying userdata image avb footer due to sparse image.
Sending 'userdata' (97 KB)                         OKAY [  0.004s]
Writing 'userdata'                                 (bootloader) flash permission denied
FAILED (remote: '')
fastboot: error: Command failed
Warning: skip copying modem_a image avb footer due to sparse image.
Sending 'modem_a' (75544 KB)                       OKAY [  1.732s]
Writing 'modem_a'                                  OKAY [  0.395s]
Finished. Total time: 2.145s
--------------------------------------------
Bootloader Version...: MBM-3.0-devon_g-8847829342a-250214
Baseband Version.....: HAK11_15.154.01.89R DEVON_EUDSDS_CUST
Serial Number........: ZY22H3G5G3
--------------------------------------------
extracting android-info.txt (0 MB) to RAM...
Checking 'product'                                 OKAY [  0.000s]
Setting current slot to 'a'                        OKAY [  0.201s]
extracting fastboot-info.txt (0 MB) to RAM...
extracting super_empty.img (0 MB) to RAM...
extracting super_empty.img (0 MB) to disk... took 0.000s
(bootloader) super-partition-name: not found
Writable partitions are not supported
extracting super_empty.img (0 MB) to RAM...
extracting super_empty.img (0 MB) to RAM...
extracting super_empty.img (0 MB) to RAM...
extracting super_empty.img (0 MB) to RAM...
extracting super_empty.img (0 MB) to RAM...
extracting super_empty.img (0 MB) to RAM...
extracting super_empty.img (0 MB) to RAM...
extracting super_empty.img (0 MB) to RAM...
extracting super_empty.img (0 MB) to RAM...
extracting super_empty.img (0 MB) to RAM...
extracting super_empty.img (0 MB) to RAM...
extracting boot.img (96 MB) to disk... took 0.248s
archive does not contain 'boot.sig'
extracting super_empty.img (0 MB) to RAM...
Sending 'boot_a' (98304 KB)                        OKAY [  2.873s]
Writing 'boot_a'                                   OKAY [  1.160s]
extracting super_empty.img (0 MB) to RAM...
extracting dtbo.img (24 MB) to disk... took 0.043s
archive does not contain 'dtbo.sig'
extracting super_empty.img (0 MB) to RAM...
Sending 'dtbo_a' (24576 KB)                        OKAY [  0.768s]
Writing 'dtbo_a'                                   OKAY [  0.090s]
extracting super_empty.img (0 MB) to RAM...
extracting vendor_boot.img (96 MB) to disk... took 0.170s
archive does not contain 'vendor_boot.sig'
extracting super_empty.img (0 MB) to RAM...
Sending 'vendor_boot_a' (98304 KB)                 OKAY [  2.673s]
Writing 'vendor_boot_a'                            OKAY [  0.380s]
extracting super_empty.img (0 MB) to RAM...
extracting vbmeta.img (0 MB) to disk... took 0.003s
archive does not contain 'vbmeta.sig'
extracting super_empty.img (0 MB) to RAM...
Sending 'vbmeta_a' (8 KB)                          OKAY [  0.001s]
Writing 'vbmeta_a'                                 (bootloader) WARNING: vbmeta_a anti rollback downgrade, 23 vs 24
OKAY [  0.008s]
extracting super_empty.img (0 MB) to RAM...
extracting vbmeta_system.img (0 MB) to disk... took 0.000s
archive does not contain 'vbmeta_system.sig'
extracting super_empty.img (0 MB) to RAM...
Sending 'vbmeta_system_a' (4 KB)                   OKAY [  0.001s]
Writing 'vbmeta_system_a'                          (bootloader) WARNING: vbmeta_system_a anti rollback downgrade, 23 vs 24
OKAY [  0.007s]
Rebooting into fastboot                            OKAY [  0.000s]
< waiting for any device >
extracting super_empty.img (0 MB) to disk... took 0.002s
Sending 'super' (4 KB)                             OKAY [  0.001s]
Updating super partition                           OKAY [  0.012s]
Resizing 'system_a'                                OKAY [  0.005s]
Resizing 'system_ext_a'                            OKAY [  0.005s]
Resizing 'product_a'                               OKAY [  0.005s]
Resizing 'vendor_a'                                OKAY [  0.004s]
extracting super_empty.img (0 MB) to RAM...
extracting system.img (900 MB) to disk... took 3.586s
archive does not contain 'system.sig'
Resizing 'system_a'                                OKAY [  0.005s]
Sending sparse 'system_a' 1/4 (262092 KB)          OKAY [  7.921s]
Writing 'system_a'                                 OKAY [  0.615s]
Sending sparse 'system_a' 2/4 (262052 KB)          OKAY [  8.314s]
Writing 'system_a'                                 OKAY [  0.599s]
Sending sparse 'system_a' 3/4 (262092 KB)          OKAY [  8.176s]
Writing 'system_a'                                 OKAY [  0.639s]
Sending sparse 'system_a' 4/4 (132232 KB)          OKAY [  3.732s]
Writing 'system_a'                                 OKAY [  0.404s]
extracting super_empty.img (0 MB) to RAM...
extracting system_ext.img (444 MB) to disk... took 1.869s
archive does not contain 'system_ext.sig'
Resizing 'system_ext_a'                            OKAY [  0.005s]
Sending sparse 'system_ext_a' 1/2 (260462 KB)      OKAY [  7.969s]
Writing 'system_ext_a'                             OKAY [  1.089s]
Sending sparse 'system_ext_a' 2/2 (191652 KB)      OKAY [  5.782s]
Writing 'system_ext_a'                             OKAY [  0.526s]
extracting super_empty.img (0 MB) to RAM...
extracting product.img (1076 MB) to disk... took 6.821s
archive does not contain 'product.sig'
Resizing 'product_a'                               OKAY [  0.005s]
Sending sparse 'product_a' 1/5 (262036 KB)         OKAY [  8.194s]
Writing 'product_a'                                OKAY [  0.642s]
Sending sparse 'product_a' 2/5 (262108 KB)         OKAY [  8.122s]
Writing 'product_a'                                OKAY [  0.599s]
Sending sparse 'product_a' 3/5 (262044 KB)         OKAY [  8.198s]
Writing 'product_a'                                OKAY [  0.612s]
Sending sparse 'product_a' 4/5 (262120 KB)         OKAY [  8.194s]
Writing 'product_a'                                OKAY [  0.619s]
Sending sparse 'product_a' 5/5 (49612 KB)          OKAY [  1.574s]
Writing 'product_a'                                OKAY [  0.187s]
extracting super_empty.img (0 MB) to RAM...
extracting vendor.img (481 MB) to disk... took 1.895s
archive does not contain 'vendor.sig'
Resizing 'vendor_a'                                OKAY [  0.005s]
Sending sparse 'vendor_a' 1/2 (261897 KB)          OKAY [  8.240s]
Writing 'vendor_a'                                 OKAY [  0.685s]
Sending sparse 'vendor_a' 2/2 (229208 KB)          OKAY [  6.681s]
Writing 'vendor_a'                                 OKAY [  0.559s]
Finished. Total time: 147.074s
Erasing 'userdata'                                 OKAY [  0.267s]
Finished. Total time: 0.282s
is-userspace: yes
Sending 'abl_a' (332 KB)                           OKAY [  0.008s]
Writing 'abl_a'                                    OKAY [  0.006s]
Finished. Total time: 0.037s
Warning: skip copying bluetooth_a image avb footer due to sparse image.
Sending 'bluetooth_a' (792 KB)                     OKAY [  0.020s]
Writing 'bluetooth_a'                              OKAY [  0.008s]
Finished. Total time: 0.047s
Sending 'devcfg_a' (123 KB)                        OKAY [  0.004s]
Writing 'devcfg_a'                                 OKAY [  0.007s]
Finished. Total time: 0.029s
Sending 'dsp_a' (32768 KB)                         OKAY [  0.962s]
Writing 'dsp_a'                                    OKAY [  0.080s]
Finished. Total time: 1.124s
Warning: skip copying fsg image avb footer (fsg partition size: 0, fsg image size: 18464768).
Sending 'fsg' (18032 KB)                           OKAY [  0.431s]
Writing 'fsg'                                      FAILED (remote: 'No such file or directory')
fastboot: error: Command failed
Sending 'hyp_a' (507 KB)                           OKAY [  0.013s]
Writing 'hyp_a'                                    OKAY [  0.012s]
Finished. Total time: 0.050s
Sending 'keymaster_a' (507 KB)                     OKAY [  0.013s]
Writing 'keymaster_a'                              OKAY [  0.009s]
Finished. Total time: 0.042s
Sending 'logo_a' (10544 KB)                        OKAY [  0.269s]
Writing 'logo_a'                                   OKAY [  0.030s]
Finished. Total time: 0.348s
Sending 'prov_a' (251 KB)                          OKAY [  0.008s]
Writing 'prov_a'                                   OKAY [  0.005s]
Finished. Total time: 0.047s
Sending 'qupfw_a' (75 KB)                          OKAY [  0.002s]
Writing 'qupfw_a'                                  OKAY [  0.004s]
Finished. Total time: 0.023s
Sending 'rpm_a' (507 KB)                           OKAY [  0.013s]
Writing 'rpm_a'                                    OKAY [  0.007s]
Finished. Total time: 0.041s
Sending 'storsec_a' (123 KB)                       OKAY [  0.004s]
Writing 'storsec_a'                                OKAY [  0.005s]
Finished. Total time: 0.026s
Sending 'tz_a' (4091 KB)                           OKAY [  0.104s]
Writing 'tz_a'                                     OKAY [  0.021s]
Finished. Total time: 0.170s
Sending 'uefisecapp_a' (2043 KB)                   OKAY [  0.055s]
Writing 'uefisecapp_a'                             OKAY [  0.016s]
Finished. Total time: 0.102s
Sending 'xbl_config_a' (251 KB)                    OKAY [  0.007s]
Writing 'xbl_config_a'                             OKAY [  0.010s]
Finished. Total time: 0.034s
Sending 'xbl_a' (5115 KB)                          OKAY [  0.132s]
Writing 'xbl_a'                                    OKAY [  0.037s]
Finished. Total time: 0.215s
Rebooting into bootloader                          OKAY [  0.000s]
Finished. Total time: 0.004s
< waiting for any device >
FAILED (remote: '')
fastboot: error: Command failed
Press any key to exit...

Last command (fastboot oem lock) failed because I didn’t choose to lock the bootloader. (I sent the command manually in fastboot mode).

Hi again Fonkykoala,
I have also tried to install on a second moto g32 for my son and have come up against exactly the same problem as yourself.
Everything exactly as you describe in the original post.
Just wondered if you had made any progress?
Stu.

Hello stu,

No, I didn’t make any progress. For the moment, the moto g32 is still in unlocked state.
I take the opportunity to ask if @vince31fr could help us on this topic ?
Thanks

Before my initial installation, my Moto G32 had the firmware September 1, 2024 installed. With the installation of iodéOS 6.1, my Moto firmware was updated to January 1, 2025. The bootloader was locked again without any problems. The iodéOS 6.2 update did not include a firmware update, but everything runs like clockwork.

thanks @iodysseus for your feedback !
Actually, on my own moto g32 phone, everythone worked very well. Then I decided to order one for my wife.
I did the same things… and surprisingly I face this issue.
However, my wife started to use her phone wihout the bootloader being locked, and all the apps work well. But it’s still better to have the bootloader locked for security reason.

Hey !

Could someone from the iodéOS team enlight us on this issue ?
Thanks a lot !

Yes true a locked bootloader is more secure but only from the risk of an “evil maid” type attack where someone with physical access to your device could possibly alter the system then you unknowingly keep using it. But even then they can’t directly get your userdata, instead they physically take the device, then install some sort of touchscreen logger, then you use the phone again, then they take your phone again, check the logs for your unlock sequence, then they can start your phone and unlock it, exposing your data.

To clarify, your userdata partition IS encrypted and only unlocked when the unlock sequence (pattern or pin) is successfully entered. This is the same if your bootloader is locked or unlocked.

So in my non authoritative opinion a locked bootloader is not that high of a priority for me personally. I look at the “warning your device is unlocked and can’t be trusted” message at boot as a “badge of honor” that I am running a more trustworthy system on it rather than stock

NOTE: I am not part of the iodéOS team, only a volunteer moderator

Privacy is often confused or mixed up with security…

Thanks @rik for your detailed feedback !
It’s really nice to have such constructives posts.

My main concern was that I didn’t want that some applications refuse to execute themselves because of a bootloader unlock state (especially banking apps). But maybe it is not even possible by API…

Even if I didn’t identify the root cause of my issue, everything works great !