The device has a 5.0.x bootloader and keymaster (this is the case, if you run OxygenOS 5.0.x, if you use a custom rom and flashed some 5.0.x firmware yourself or if you use a previous version of the firmware package provided in this thrread. The 5.0.x bootloader is unlocked. The device is encrypted (meaning: the userdata partition is encrypted; always keep in mind OxygenOS forces encryption of userdata, no matter if you set a secured boot passphrase).

If you just update the firmware from 5.0.x to 9.0.x and boot the above defined setup, your data is gone. It doesn't matter if you boot to recovery or system: your data is gone.

If you just downgrade the firmware from 9.0.x to 5.0.x on a system formated and encrypted with 9.0.x and boot, your data is gone. It doesn't matter if you boot to recovery or system: your data is gone.

flash official twrp-3.3.1-0 and reboot to recovery (you can skip this, if you already use twtp-3.3.1-0, of course - later twrp versions may also work, but twrp-3.3.1-0 has proofed to work) take a nandroid (dirty) flash OxygenOS 9.0.x rom's flashable zip without rebooting(!) flash for Oneplus 3T: oxygenos-9.0.6-bl-km-5.0.8-firmware-3T.zip

for Oneplus 3: oxygenos-9.0.6-bl-km-5.0.8-firmware-3.zip without rebooting(!) flash twrp-3.3.1-0 again wipe cache and dalvik reboot to system and enjoy OxygenOS 9.0.x!

flash the twrp, recommended for the custom rom you are going to use take a nandroid flash for Oneplus 3T: oxygenos-9.0.6-bl-km-5.0.8-firmware-3T.zip

for Oneplus 3: oxygenos-9.0.6-bl-km-5.0.8-firmware-3.zip reboot to recovery (dirty) flash your preferred, 9.0.x firmware needing custom rom (if your rom doesn't need 9.0.x firmware, stay with 5.0.8) wipe cache and dalvik reboot to system and enjoy your custom rom

your device runs 9.0.x firmware your device shows selinux is running in permissive mode or selinux is disabled

Code: grep /dev/block/bootdevice/by-name/modem /proc/mounts | cut -d ' ' -f2 grep /dev/block/sde11 /proc/mounts | cut -d ' ' -f2

Code: mount /system #if not already mounted mount /dev/block/bootdevice/by-name/modem /system/vendor/firmware_mnt

Code: dd if=/dev/block/bootdevice/by-name/aboot | strings | grep "compiled at"

This is NOT the complete rom. This is just the firmware. If you don't know the difference see https://forum.xda-developers.com/sho...&postcount=173 First we've assumed his thread is for users wanting to avoid relocking the bootloader, reformating and reencrypting or suffering from selinux isn't enforcing anymore after updating. Since more and more issues with upgrading from 5.0.x firmware to 9.0.x firmware have shown up recently, you should consider this: https://forum.xda-developers.com/one...7#post79827007 For avoiding reformating all these three requirements have to be met:If only one single of these three prerequisites in not met, this thread is not for you! Every direction, flashable zip package and help in this thread relies on the above setup! (You can use the modded firmwarw packages, too, of course! But you arn't in need to do so, and may want to consider using the stock fw packages from @ hellcat50 , @ kamilmirza or from my firmware archive Before processing further we need to know and accept some basic information on the bootloader and the keymaster:To avoid this (and to be able to change between 9.0.x and 5.0.x firwmares and roms on the fly without loosing data), I've created firmware packages, which contain the complete 9.0.x firmware, but bootloader and keymaster. These are taken from OxygenOS 5.0.8.General note: for sdcard-slot-less devices like Oneplus 3 and 3T I highly recommend a type-c usb stick for keeping backups, firmwares, roms etc.(not containing firmware - to my knowledge: all custom roms)Prerequisites:Just take a nandroid and flash the modded fw and reboot. If you get a decryption failure, format (not wipe!) data and resetup (either clean or from a nandroid).Sidenote: keeping the 5.0.8 bootloader and keymaster is less then ideal. It's working for now - nobody knows which nice surprises future builds will have. Perhaps the future bootloaders don't require to be locked on encrypted userdata partition, which would mean we wouldn't expirience the 9.0.x-5.0.x barrier any more. If Oneplus keeps it the way it is now, a clean flash (including format and reencryption) is the way to go.Sidenote 2 (credits: @ Viper The Ripper ):To determine the currently installed fw, just look at /system/vendor/firmware_mnt/verinfo/ver_info.txt. Either in your currently run rom, or within twrp.If you choose to check ver_info .txt in twrp firmware_mnt isn't mounted:firmware_mnt is the modem partition. In twrp's terminal check if the modem partion is already mounted:If one of the commands returns the mountpoint for the modem partition append /verinfo/ver_info.txt.If no mountpoint is returned mount it manually:Check the fs layout for system as root. In twrp /system may end up as /system/system.Now check for "Time_Stamp".To determine the currently used bootloader (is different from "Time_Stamp" for my modded fw packages, of course!) use a rooted shell (i.e. "adb shell su -c" or the twrp terminal):None of the above is really new. None of the above can't be found across other threads. Since it's ask over and over again, I thought it's a good idea to put it in one thread.The modem firmware contains some alipay* and soter* files used for Alipay and WeChatpay. Since these are suspect to be a privacy hazard, I've modified NON-HALOS.bin to not contain any of these files any more. You'll find these packages in the Firmware archive with "-no-alipay" in it's filename. For details on rom included Alipay/WeChatpay stuff see: https://forum.xda-developers.com/one...soter-t4064893 Happy flashing!