Quick Tips to check for Anti-Rollback Protection

Quick Tips to check for Anti-Rollback Protection 1

Follow the given instruction below to check whether Xiaomi’s anti-rollback protection is enabled or not on your MIUI device. The workaround to find out the status is basically simple. Nevertheless, it is better to first understand what is an anti-rollback protection and why is this activated. We try to keep the explanation simple and as easy-to-understand as possible.

What is MIUI Anti-rollback Protection? It is a protection mechanism adopted from Google’s Android 8.0 and 8.1 Oreo. The protection feature makes use of Android Verified Boot 2.0 (also known as Verified Boot). This prevents the device from booting if it detects that the device has been downgraded to an older, unapproved software build. However, there is a major difference between what Xiaomi and Google have. While Google’s anti-rollback protection can be disabled if you unlock the bootloader, the Xiaomi’s can’t be disabled even if the bootloader has been unlocked.

Why does such a feature have been put in place? The Anti-rollback protection is essential to prevent attackers from loading older software on a device that is susceptible to an exploit. The security measure will stop any unauthorized retailer from taking advantage of exploits in older MIUI versions, thus protecting users from exploitation.

Why must we check whether the feature is enabled or not before downgrading? Flashing the stock MIUI ROM using recovery method will verify the version of MIUI being flashed. Hence, downgrading can be prevented. However, some users prefer to flash the ROM through TWRP Recovery which does not have any checks in place to stop users from installing older MIUI version. This will, unfortunately, lead to a bricked device. Even worst, this type of bricked state is not recoverable using the Fastboot method. The device will stop functioning at all. The only solution is bringing the broken device to a nearest Xiaomi service point since EDL mode has been locked down by default.

What Xiaomi devices are having such protection? Known devices having anti-rollback feature are Mi 8, Mi 8 SE/EE/Pro/Lite, Mi Max 3, Redmi S2, Redmi Note 5 Pro/Global/AI, Redmi 6 Pro, and Mi 6X. However, all currently supported Xiaomi devices will eventually gain anti-rollback protection. Therefore, it is crucial for you to understand the method on how to check for Anti-rollback protection before downgrading. It is also important to understand what you can do if anti-rollback protection is enabled.

How to check

MIUI uses a mechanism called the “rollback index”. The verified boot technology that we have talked about in the above section will check for this rollback index.

Verified Boot has a rollback index that is compared with the rollback index of the images to be installed. Depending on how the rollback indices compare, the following will happen:

  • If the current rollback index of ROM image file is greater than the rollback index of ROM running in the device, then the images will be flashed and the current rollback index will be incremented to match the new rollback index.
  • If the current rollback index of ROM image file is equal to the rollback index of ROM running in the device, then the images will be flashed and the rollback index won’t change.
  • If the current rollback index of ROM image file is lesser than the rollback index of ROM running in the device, then the images will be rejected, if you’re flashing via fastboot or Mi Flash. Unfortunately, TWRP does not check the rollback indices before flashing. Hence, nearly all bricks were the result of downgrading via TWRP.

Now you can check the rollback index following these steps:

  1. Disable Windows Driver Signature Enforcement on your computer – read here.
  2. Install Mi Flash tool – download here.
  3. Enable Developer Options. Go to Settings > About phone > tap the MIUI version several times until the developer options being enabled.
  4. Also, enable USB Debugging through Settings > Additional Settings > Developer Options > USB Debugging > toggle it on
  5. Turn off your device completely.
  6. Press the Power button and Volume Down (-) buttons simultaneously to enter bootloader mode (fastboot).
  7. Connect your phone to your computer.
  8. Launch Command Prompt window or Windows PowerShell. You can search for it in the Cortana search bar.
  9. Type the following command and hit Enter on your keyboard: fastboot getvar anti
  10. If the output is blank, then anti-rollback has not yet been enabled. If you get a number in the output, then that is your current rollback index.
  11. Download the MIUI fastboot ROM of the version you are going to install.
  12. Extract the .tar.gz file using either WinRAR or 7zip.
  13. Open “flash-all.bat” file in a text editor like Notepad++ or Sublime and look for the following line: set CURRENT_ANTI_VER=#
  14. That number (#) is the rollback index of the MIUI version you want to flash. If that number is equal to or greater than your current rollback index, then it’s safe to flash in TWRP, Mi Flash, etc.
  15. If that number is less than your current rollback index, then DO NOT FLASH THIS ROM VIA TWRP.

This is how the command will look like:

Quick Tips to check for Anti-Rollback Protection 2

Check the rollback index in the flash-all.bat file:

Quick Tips to check for Anti-Rollback Protection 3

A folk at XDA has pointed out several guidelines to stay safe having an MIUI device with anti-rollback protection enabled:

  1. What do I avoid if I don’t want to brick my device?
    • Do not flash an MIUI version with a rollback index less than your device’s current rollback index. See above for instructions.
    • Do not flash an official MIUI Global ROM on Chinese Xiaomi hardware with a locked bootloader.
  2. Can I still install custom AOSP ROMs, kernels, Magisk, Xposed, Substratum, ARISE, and other mods?
    • Yes, of course, you can.
  3. Can I still switch between MIUI Global Stable, MIUI Global Developer, MIUI China Stable, and MIUI China Developer?
    • Yes, but you need to compare the rollback indices before you install an older MIUI version.
  4. Why doesn’t Xiaomi disable anti-rollback protection when you unlock the bootloader?
    • MIUI Developer team has not explained about it yet.
  5. Why does Xiaomi hard brick your phone if anti-rollback protection is triggered, which Google doesn’t do?
    • Either Google or Xiaomi has its own judgment on how should they use such feature.
  6. Why doesn’t Xiaomi display the standard Verified Boot warning to show the user the software has been tampered with?
    • You’re on a roll with these great questions! In all seriousness, this one can be somewhat justified because it’s possible to disable this splash screen – at least on some devices.

5 Comments

  1. Greg February 22, 2019
    • Alichia Johar February 22, 2019
  2. bernie March 11, 2019
    • Fandi A. Fiki March 14, 2019
  3. Clauton Ferreira November 16, 2019

Leave a Reply