setting gbb flags will keep your device in developer mode with option to boot from usb at any time even if your battery runs dry

these flags are usually protected by hardware write protection so you will need to disable it first

But before

in order to set gbb flags you need to enable developer mode on your device

hardware write protection can be dissabled in a few ways

Warning. opening your chromebook will likely void your warranty and may result in your device being bricked even if you think you know what you are doing

Note. only on some chromebooks, if you don't see your device below it either doesn't have this or you will have to look it up urself

below is a list of known write protection screws/circuts

Tip. you can look for hardware maintanace manual for ur device urself, these are sometimes mentioned there

Note. if you find one yourself PR is welcome

Warning. opening your chromebook will likely void your warranty and may result in your device being bricked even if you think you know what you are doing

Note. this might not work on all chromebooks, for example ideapad duet

1. this option like the one above requires you to open up your device

2. disconnect the battery from the mainboard and connect

3. connect the device to a charger

Note. there are minimal voltage requirements for device to turn on, you device doesn't turn on, it's likely your power source is too weak

4. turn on your device

as long as the battery is disconnected the write protection should be dissabled on most devices

in order to perform this you will need suzyqcable to, buy or make one

- https://chromium.googlesource.com/chromiumos/third_party/hdctools/+/HEAD/docs/ccd.md#making-your-own-suzyq

- https://www.youtube.com/watch?v=WGsyXlgSxFk

enter console (details)

and check if CCD (Closed Case Debugging) is opened

gsctool -a -I

if it is opened you can skip opening it

but if it isn't run

gsctool -a -o

Note. it will require you to press PP button (a fancy word for "person presence" button which usually is the power button of the device) shortly (to not power off the device) a few times, if you screen turns off after pressing that button just press it twice in a row quicklu

after last press the device will shutdonw and you will have to enable developer mode again

now running

gsctool -a -I

should show that ccd is open

now plugin suzyqcable to your chromebook or diffrent pc

Note. if you do this from diffrent pc, you run commands below on that pc, also this is linux only

Note. it will only work plugged into one of chromebooks ports and in one orientation

now check if it works

ls /dev/ttyU*

output

ttyUSB0 ttyUSB1 ttyUSB2

Note. this may not appear on some chromebooks with non chromeos (due to a partially broken usb-stack in mainline linux for them), in such a case you can connect the other end diffrent linux pc

Note. you can connect the device to itself if it has 2 ports

you can disable hardware writeprotection on any linux/chromeos (as long as device gets detected) with

echo "wp false" > /dev/ttyUSB0 echo "wp false atboot" > /dev/ttyUSB0

Note. on debian devices that detect the ttyUSB0 you can use minicom -D /dev/ttyUSB0 (sudo apt install minicom) to see whats going on behind the sceen and type the same commands as below but without "echo" and "/dev/ttyUSB0" part

after doing it enable it back just to be safe

echo "wp true" > /dev/ttyUSB0 echo "wp true atboot" > /dev/ttyUSB0

The Open state is lost if Cr50 reboots, the device loses power (e.g., battery runs out and AC is not plugged in), or the battery is removed. Note that Cr50 does not reboot when the system reboots; it only reboots if it is updated, the devices loses power, the battery runs out, or it crashes. If you plan on flashing the AP firmware or flashing the EC firmware, it is recommended you modify the capability settings or set a CCD password, so you can reopen the device in the case that you accidentally brick it with bad firmware. The simplest way to do this is to reset to factory settings and enable testlab mode. more

Note. This isn't required and will require you to press pp button a few times, so it might be easier to do it using minicom

echo "ccd reset factory" > /dev/ttyUSB0 echo "ccd testlab enable" > /dev/ttyUSB0

sources :

- https://www.chromium.org/chromium-os/developer-information-for-chrome-os-devices

- https://wiki.mrchromebox.tech/Firmware_Write_Protect#Disabling_WP_on_CR50_Devices_via_CCD

- https://chromium.googlesource.com/chromiumos/platform/ec/+/cr50_stab/docs/case_closed_debugging_cr50.md

- https://chromium.googlesource.com/chromiumos/docs/+/master/write_protection.md

- https://github.com/jackrosenthal/ec-zephyr-build/blob/master/docs/case_closed_debugging_cr50.md

- https://wiki.mrchromebox.tech/Unbricking

- https://chromium.googlesource.com/chromiumos/platform/ec/+/cr50_stab/docs/case_closed_debugging_cr50.md#Option-2_OpenNoDevMode-and-OpenFromUSB-are-set-to-Always

gbb flags set some default behaviour for a chromeook which canl result in it not forgetting being in developer mode and being able to boot from usb devices if the battery runs dry (especially for older chromebooks). as a result you won't lose access to your system in such a case

in order to set gbb flags you need to enable developermode and disable hardware write protection

1. start by booting chrome os and entering tty with [ctrl] [alt] [->] or [ctrl] [alt] [refresh] or [ctrl] [alt] [f2]

2. login with username chronos (no password required)

3. move to directory where touch testfile works (cd /tmp should be ok)

4. check software write protection with flashrom --wp-status

it will probaly be enabled, you can disable it with flashrom --wp-disable and check it again with flashrom --wp-status

Note. this will only work if the hardware write protection has been disabled beforehand

Note. the command might throw unknown WP error, you can proceed and only worry if GBB flags don't update in step 6.

*Note. in case the boot screen should be changed as well, look here it might be a good idea to do this first to avoid resetting the changed gbb settings again then*

5. set the desired gbb flags via the command /usr/share/vboot/bin/set_gbb_flags.sh 0x19,

on newer chromeos versions (around 112+ or so) one should use futility gbb --set --flash --flags=0x19 instead

6. check current flags via the command /usr/share/vboot/bin/get_gbb_flags.sh (newer version: futility gbb --get --flash --flags)

7. re-enable the software write protection via flashrom --wp-enable

8. re-check the software write protect via flashrom --wp-status - it should be enabled again now

9. if everything looks good, you can shutdown your system now

10. enable hardware write protection with screw or ccd or just leave it open if that is ok

sources :

- https://chromium.googlesource.com/chromiumos/docs/+/master/write_protection.md#Enabling-write-protect