From 894b5d5e52f93e989edbbc9a8c223999105f0076 Mon Sep 17 00:00:00 2001 From: Alex Naidis Date: Sun, 9 Apr 2017 01:29:27 +0200 Subject: [PATCH 01/18] init: Weaken property override security for the init extension Sometimes we need to override ro.* properties by using our vendor init extension. Previously there was a security check which was blocking that. To resolve the issue, we need to weaken the security check during the execution of our vendor init extension. This is safe because the vendor init extension gets executed as part of init construction and it is considered a trusted system component. Change-Id: I6198b453745cb92c65d3e3d49e3262354cddd2a2 Signed-off-by: Alex Naidis Signed-off-by: Park Ju Hyung --- init/property_service.cpp | 15 +++++++++++++-- 1 file changed, 13 insertions(+), 2 deletions(-) diff --git a/init/property_service.cpp b/init/property_service.cpp index c8e1e14c35d3..c2f8623ccdaa 100644 --- a/init/property_service.cpp +++ b/init/property_service.cpp @@ -128,6 +128,8 @@ struct PropertyAuditData { const char* name; }; +static bool weaken_prop_override_security = false; + static int PropertyAuditCallback(void* data, security_class_t /*cls*/, char* buf, size_t len) { auto* d = reinterpret_cast(data); @@ -397,8 +399,8 @@ static std::optional PropertySet(const std::string& name, const std::s prop_info* pi = (prop_info*)__system_property_find(name.c_str()); if (pi != nullptr) { - // ro.* properties are actually "write-once". - if (StartsWith(name, "ro.")) { + // ro.* properties are actually "write-once", unless the system decides to + if (StartsWith(name, "ro.") && !weaken_prop_override_security) { *error = "Read-only property was already set"; return {PROP_ERROR_READ_ONLY_PROPERTY}; } @@ -1207,6 +1209,9 @@ void PropertyLoadBootDefaults() { } } + // Weaken property override security during execution of the vendor init extension + weaken_prop_override_security = true; + // Update with vendor-specific property runtime overrides vendor_load_properties(); @@ -1217,7 +1222,13 @@ void PropertyLoadBootDefaults() { property_initialize_ro_cpu_abilist(); property_initialize_ro_vendor_api_level(); + // Restore the normal property override security after init extension is executed + weaken_prop_override_security = false; + update_sys_usb_config(); + + // Restore the normal property override security after init extension is executed + weaken_prop_override_security = false; } bool LoadPropertyInfoFromFile(const std::string& filename, From 29928086d53dcb92340f6c0d805a8c18b824f991 Mon Sep 17 00:00:00 2001 From: Park Ju Hyung Date: Mon, 6 Nov 2017 20:30:39 +0900 Subject: [PATCH 02/18] init: workaround SafetyNet check Doing this in the userspace allows more properties to be spoofed and eliminate the needs for a hack in the kernel. Former-commit-id: e036a461c7dd4d97e1df77979c85f3c198e1e784 Change-Id: I76f6e210247a032b764dea2f5a23a184745f59a0 Former-commit-id: 74af52f30476991814fff83b850af1883e3944ee Former-commit-id: 0709c6917bbd814ae88fc04ff82425c2892ef4ad Former-commit-id: 00e6bc4f619eaad5b7fcd0524c99cf31bcc5b5e1 --- init/property_service.cpp | 47 +++++++++++++++++++++++++++++++++++++++ 1 file changed, 47 insertions(+) diff --git a/init/property_service.cpp b/init/property_service.cpp index c2f8623ccdaa..6ad6ea839189 100644 --- a/init/property_service.cpp +++ b/init/property_service.cpp @@ -860,6 +860,50 @@ static void load_override_properties() { } } +static const char *snet_prop_key[] = { + "ro.boot.vbmeta.device_state", + "ro.boot.verifiedbootstate", + "ro.boot.flash.locked", + "ro.boot.selinux", + "ro.boot.veritymode", + "ro.boot.warranty_bit", + "ro.warranty_bit", + "ro.debuggable", + "ro.secure", + "ro.build.type", + "ro.build.keys", + "ro.build.tags", + "ro.system.build.tags", + NULL +}; + +static const char *snet_prop_value[] = { + "locked", // ro.boot.vbmeta.device_state + "green", // ro.boot.verifiedbootstate + "1", // ro.boot.flash.locked + "enforcing", // ro.boot.selinux + "enforcing", // ro.boot.veritymode + "0", // ro.boot.warranty_bit + "0", // ro.warranty_bit + "0", // ro.debuggable + "1", // ro.secure + "user", // ro.build.type + "release-keys", // ro.build.keys + "release-keys", // ro.build.tags + "release-keys", // ro.system.build.tags + NULL +}; + +static void workaround_snet_properties() { + std::string error; + LOG(INFO) << "snet: Hiding sensitive props"; + + // Hide all sensitive props + for (int i = 0; snet_prop_key[i]; ++i) { + PropertySet(snet_prop_key[i], snet_prop_value[i], &error); + } +} + // If the ro.product.[brand|device|manufacturer|model|name] properties have not been explicitly // set, derive them from ro.product.${partition}.* properties static void property_initialize_ro_product_props() { @@ -1227,6 +1271,9 @@ void PropertyLoadBootDefaults() { update_sys_usb_config(); + // Workaround SafetyNet + workaround_snet_properties(); + // Restore the normal property override security after init extension is executed weaken_prop_override_security = false; } From 2a2e0c369d6d46ee2349673d329d2eaf9132765b Mon Sep 17 00:00:00 2001 From: Chris Renshaw Date: Sat, 9 May 2020 06:53:32 -0300 Subject: [PATCH 03/18] init: add vendor.* keys to spoof safetynet aswinas@pixysos: add some more props from magisk hide to userspace hack by arter97 Former-commit-id: fc79269db601c9cd0dad3781d4e6ee8f209c55fc Change-Id: I8a88862674ca5a9eb8df5050e04344a2acb0a79f Former-commit-id: bd20ecc029c4d82226b40f7c56185abdd59955fc Former-commit-id: 10d57a483aca29386196d4284085c35f84d7cff9 Former-commit-id: af9890ace1d4df6eb040be59a7fe5dcbed2749f9 --- init/property_service.cpp | 8 ++++++++ 1 file changed, 8 insertions(+) diff --git a/init/property_service.cpp b/init/property_service.cpp index 6ad6ea839189..d63f41df21d2 100644 --- a/init/property_service.cpp +++ b/init/property_service.cpp @@ -874,6 +874,10 @@ static const char *snet_prop_key[] = { "ro.build.keys", "ro.build.tags", "ro.system.build.tags", + "ro.vendor.boot.warranty_bit", + "ro.vendor.warranty_bit", + "vendor.boot.vbmeta.device_state", + "vendor.boot.verifiedbootstate", NULL }; @@ -891,6 +895,10 @@ static const char *snet_prop_value[] = { "release-keys", // ro.build.keys "release-keys", // ro.build.tags "release-keys", // ro.system.build.tags + "0", // ro.vendor.boot.warranty_bit + "0", // ro.vendor.warranty_bit + "locked", // vendor.boot.vbmeta.device_state + "green", // vendor.boot.verifiedbootstate NULL }; From c1068135a05bf72b440c9d445421704cbaba69f9 Mon Sep 17 00:00:00 2001 From: jhenrique09 Date: Fri, 20 Nov 2020 11:34:54 -0300 Subject: [PATCH 04/18] init: Weaken property override security only when spoofing safetynet Change-Id: I740afaa27de82bec1e6d58b58d431141ca6b4e3f Former-commit-id: ca62a22d017f44c9f63553a44f5017eb5b8e9095 Change-Id: Icea7076c6c0ffc2ab3d66899335a5a477ccc519a Former-commit-id: 688821317d5bed7701362875143dc43c4b152630 Former-commit-id: ba856e490845683ea08fc22183e12ee419f064a2 Former-commit-id: 2eb3d3e12d17668c17f1f2ccb9a5149bda5ea479 --- init/property_service.cpp | 9 ++++++--- 1 file changed, 6 insertions(+), 3 deletions(-) diff --git a/init/property_service.cpp b/init/property_service.cpp index d63f41df21d2..f25a87e32768 100644 --- a/init/property_service.cpp +++ b/init/property_service.cpp @@ -903,6 +903,9 @@ static const char *snet_prop_value[] = { }; static void workaround_snet_properties() { + // Weaken property override security to set safetynet props + weaken_prop_override_security = true; + std::string error; LOG(INFO) << "snet: Hiding sensitive props"; @@ -910,6 +913,9 @@ static void workaround_snet_properties() { for (int i = 0; snet_prop_key[i]; ++i) { PropertySet(snet_prop_key[i], snet_prop_value[i], &error); } + + // Restore the normal property override security after safetynet props have been set + weaken_prop_override_security = false; } // If the ro.product.[brand|device|manufacturer|model|name] properties have not been explicitly @@ -1281,9 +1287,6 @@ void PropertyLoadBootDefaults() { // Workaround SafetyNet workaround_snet_properties(); - - // Restore the normal property override security after init extension is executed - weaken_prop_override_security = false; } bool LoadPropertyInfoFromFile(const std::string& filename, From 400d75544d3fa728c3f9d3244766544acc3225c8 Mon Sep 17 00:00:00 2001 From: jhenrique09 Date: Fri, 20 Nov 2020 20:33:21 -0300 Subject: [PATCH 05/18] init: Only set safetynet props if not eng build Change-Id: Ic07539b4a7a97316720defd000425d1b6d15fd67 Former-commit-id: 9d4ca9403943feecd6f902e69d581aad3ee84839 Change-Id: Ic34d95c23afd8caf95c7b2a2517650dbf116fdde Former-commit-id: 1b99c0d0cc89f113d35eb065e435f61b51408b12 Former-commit-id: 6a32cd3778d9aca584751d7acd092be95cb85985 Former-commit-id: 6bcf9412a4f3def6c2bb49507045e685df2e55a4 --- init/property_service.cpp | 14 +++++++++----- 1 file changed, 9 insertions(+), 5 deletions(-) diff --git a/init/property_service.cpp b/init/property_service.cpp index f25a87e32768..283d29a908f4 100644 --- a/init/property_service.cpp +++ b/init/property_service.cpp @@ -903,16 +903,20 @@ static const char *snet_prop_value[] = { }; static void workaround_snet_properties() { + std::string build_type = android::base::GetProperty("ro.build.type", ""); + // Weaken property override security to set safetynet props weaken_prop_override_security = true; std::string error; - LOG(INFO) << "snet: Hiding sensitive props"; - // Hide all sensitive props - for (int i = 0; snet_prop_key[i]; ++i) { - PropertySet(snet_prop_key[i], snet_prop_value[i], &error); - } + // Hide all sensitive props if not eng build + if (build_type != "eng") { + LOG(INFO) << "snet: Hiding sensitive props"; + for (int i = 0; snet_prop_key[i]; ++i) { + PropertySet(snet_prop_key[i], snet_prop_value[i], &error); + } + } // Restore the normal property override security after safetynet props have been set weaken_prop_override_security = false; From 0094403bd477ee223ad7264eb5ca11f1033e0da5 Mon Sep 17 00:00:00 2001 From: jhenrique09 Date: Sat, 19 Mar 2022 19:40:40 +0000 Subject: [PATCH 06/18] core: Add more props for snet spoofing Also reformat code Change-Id: I98aafcc2c1d8dae1448ecf3c18981fb7945599ba Former-commit-id: 72351d5aebdd5ed340429bb7228ec0ce5fc55318 Former-commit-id: acefb8c963d303ba91fbe861728860b51c7c5917 Former-commit-id: 0ccf4976491b9e85a1293ccd1f062a79656cbf90 --- init/property_service.cpp | 98 +++++++++++++++++++++++---------------- 1 file changed, 57 insertions(+), 41 deletions(-) diff --git a/init/property_service.cpp b/init/property_service.cpp index 283d29a908f4..a9195f9952bd 100644 --- a/init/property_service.cpp +++ b/init/property_service.cpp @@ -861,45 +861,55 @@ static void load_override_properties() { } static const char *snet_prop_key[] = { - "ro.boot.vbmeta.device_state", - "ro.boot.verifiedbootstate", - "ro.boot.flash.locked", - "ro.boot.selinux", - "ro.boot.veritymode", - "ro.boot.warranty_bit", - "ro.warranty_bit", - "ro.debuggable", - "ro.secure", - "ro.build.type", - "ro.build.keys", - "ro.build.tags", - "ro.system.build.tags", - "ro.vendor.boot.warranty_bit", - "ro.vendor.warranty_bit", - "vendor.boot.vbmeta.device_state", - "vendor.boot.verifiedbootstate", - NULL + "ro.boot.vbmeta.device_state", + "ro.boot.verifiedbootstate", + "ro.boot.flash.locked", + "ro.boot.selinux", + "ro.boot.veritymode", + "ro.boot.warranty_bit", + "ro.warranty_bit", + "ro.debuggable", + "ro.secure", + "ro.build.type", + "ro.system.build.type", + "ro.system_ext.build.type", + "ro.vendor.build.type", + "ro.product.build.type", + "ro.odm.build.type", + "ro.build.keys", + "ro.build.tags", + "ro.system.build.tags", + "ro.vendor.boot.warranty_bit", + "ro.vendor.warranty_bit", + "vendor.boot.vbmeta.device_state", + "vendor.boot.verifiedbootstate", + NULL }; static const char *snet_prop_value[] = { - "locked", // ro.boot.vbmeta.device_state - "green", // ro.boot.verifiedbootstate - "1", // ro.boot.flash.locked - "enforcing", // ro.boot.selinux - "enforcing", // ro.boot.veritymode - "0", // ro.boot.warranty_bit - "0", // ro.warranty_bit - "0", // ro.debuggable - "1", // ro.secure - "user", // ro.build.type - "release-keys", // ro.build.keys - "release-keys", // ro.build.tags - "release-keys", // ro.system.build.tags - "0", // ro.vendor.boot.warranty_bit - "0", // ro.vendor.warranty_bit - "locked", // vendor.boot.vbmeta.device_state - "green", // vendor.boot.verifiedbootstate - NULL + "locked", // ro.boot.vbmeta.device_state + "green", // ro.boot.verifiedbootstate + "1", // ro.boot.flash.locked + "enforcing", // ro.boot.selinux + "enforcing", // ro.boot.veritymode + "0", // ro.boot.warranty_bit + "0", // ro.warranty_bit + "0", // ro.debuggable + "1", // ro.secure + "user", // ro.build.type + "user", // ro.system.build.type + "user", // ro.system_ext.build.type + "user", // ro.vendor.build.type + "user", // ro.product.build.type + "user", // ro.odm.build.type + "release-keys", // ro.build.keys + "release-keys", // ro.build.tags + "release-keys", // ro.system.build.tags + "0", // ro.vendor.boot.warranty_bit + "0", // ro.vendor.warranty_bit + "locked", // vendor.boot.vbmeta.device_state + "green", // vendor.boot.verifiedbootstate + NULL }; static void workaround_snet_properties() { @@ -908,16 +918,22 @@ static void workaround_snet_properties() { // Weaken property override security to set safetynet props weaken_prop_override_security = true; - std::string error; + std::string error; - // Hide all sensitive props if not eng build + // Hide all sensitive props if not eng build if (build_type != "eng") { - LOG(INFO) << "snet: Hiding sensitive props"; - for (int i = 0; snet_prop_key[i]; ++i) { + LOG(INFO) << "snet: Hiding sensitive props"; + for (int i = 0; snet_prop_key[i]; ++i) { PropertySet(snet_prop_key[i], snet_prop_value[i], &error); - } + } } + // Extra pops + std::string build_flavor_key = "ro.build.flavor"; + std::string build_flavor_value = android::base::GetProperty(build_flavor_key, ""); + build_flavor_value = android::base::StringReplace(build_flavor_value, "userdebug", "user", false); + PropertySet(build_flavor_key, build_flavor_value, &error); + // Restore the normal property override security after safetynet props have been set weaken_prop_override_security = false; } From fadbb1a44a29d2105f03714ea49ffc49571696f5 Mon Sep 17 00:00:00 2001 From: Danny Lin Date: Wed, 7 Oct 2020 00:24:54 -0700 Subject: [PATCH 07/18] init: Check for fastbootd before spoofing safetynet props The real prop values must be retained in recovery/fastbootd in order for fastbootd to allow/deny flashing correctly based on the bootloader lock state. This is accomplished by checking androidboot keys in the kernel cmdline and bootconfig (necessary on Pixel 6), and not spoofing anything if the boot isn't a normal full-blown Android boot. @jhenrique09 - Adapt to PE Change-Id: I66d23fd91d82906b00d5eb020668f01ae83ec31f Former-commit-id: 33d4578679733fb2d6fd0fd9b7baba8fd5f0be57 Former-commit-id: b929a87f6ee30e21f795442d52c6a9ece2822c66 --- init/property_service.cpp | 38 ++++++++++++++++++++++++++++++++------ 1 file changed, 32 insertions(+), 6 deletions(-) diff --git a/init/property_service.cpp b/init/property_service.cpp index a9195f9952bd..346449490060 100644 --- a/init/property_service.cpp +++ b/init/property_service.cpp @@ -860,6 +860,8 @@ static void load_override_properties() { } } +constexpr auto ANDROIDBOOT_MODE = "androidboot.mode"sv; + static const char *snet_prop_key[] = { "ro.boot.vbmeta.device_state", "ro.boot.verifiedbootstate", @@ -915,17 +917,41 @@ static const char *snet_prop_value[] = { static void workaround_snet_properties() { std::string build_type = android::base::GetProperty("ro.build.type", ""); + // Check whether this is a normal boot, and whether the bootloader is actually locked + auto isNormalBoot = true; // no prop = normal boot + // This runs before keys are set as props, so we need to process them ourselves. + ImportKernelCmdline([&](const std::string& key, const std::string& value) { + if (key == ANDROIDBOOT_MODE && value != "normal") { + isNormalBoot = false; + } + }); + ImportBootconfig([&](const std::string& key, const std::string& value) { + if (key == ANDROIDBOOT_MODE && value != "normal") { + isNormalBoot = false; + } + }); + + // Bail out if this is recovery, fastbootd, or anything other than a normal boot. + // fastbootd, in particular, needs the real values so it can allow flashing on + // unlocked bootloaders. + if (!isNormalBoot) { + return; + } + + // Exit if eng build + if (build_type == "eng") { + return; + } + // Weaken property override security to set safetynet props weaken_prop_override_security = true; std::string error; - // Hide all sensitive props if not eng build - if (build_type != "eng") { - LOG(INFO) << "snet: Hiding sensitive props"; - for (int i = 0; snet_prop_key[i]; ++i) { - PropertySet(snet_prop_key[i], snet_prop_value[i], &error); - } + // Hide all sensitive props + LOG(INFO) << "snet: Hiding sensitive props"; + for (int i = 0; snet_prop_key[i]; ++i) { + PropertySet(snet_prop_key[i], snet_prop_value[i], &error); } // Extra pops From a561f0c4ca0851af9651d1157a98ee0b59b35188 Mon Sep 17 00:00:00 2001 From: Jarl-Penguin Date: Wed, 16 Jun 2021 11:28:46 +0000 Subject: [PATCH 08/18] core: Don't spoof props in recovery mode Signed-off-by: Jarl-Penguin Change-Id: Ib6d3808c3b8f3e0cffab685a24d3cdd436b0fe9b Former-commit-id: 739111e6414984ad9dc0d30358e2370bfb4edc29 Former-commit-id: 8bd32066ec64aa48270ba7e11042b4cca19a35e8 Former-commit-id: 8686645611965f468ee635c1e81f6f743385fb91 --- init/property_service.cpp | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) diff --git a/init/property_service.cpp b/init/property_service.cpp index 346449490060..42e3bcfd7f4b 100644 --- a/init/property_service.cpp +++ b/init/property_service.cpp @@ -934,7 +934,7 @@ static void workaround_snet_properties() { // Bail out if this is recovery, fastbootd, or anything other than a normal boot. // fastbootd, in particular, needs the real values so it can allow flashing on // unlocked bootloaders. - if (!isNormalBoot) { + if (!isNormalBoot || IsRecoveryMode()) { return; } @@ -1332,7 +1332,9 @@ void PropertyLoadBootDefaults() { update_sys_usb_config(); // Workaround SafetyNet - workaround_snet_properties(); + if (!IsRecoveryMode()) { + workaround_snet_properties(); + } } bool LoadPropertyInfoFromFile(const std::string& filename, From 11ef173a9c6f91883960989baf0495caa7569a41 Mon Sep 17 00:00:00 2001 From: zlewchan Date: Wed, 26 Oct 2022 21:59:10 +0200 Subject: [PATCH 09/18] core: Treat reboot boot mode same as normal one OnePlus SM8250 sets this as a value while rebooting the OS for some reason. This causes the checks to fail and finally SafetyNet to fail after reboot. Signed-off-by: zlewchan Change-Id: Idc8cbd084c86b83815616be17f2a0828aa16f3af --- init/property_service.cpp | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/init/property_service.cpp b/init/property_service.cpp index 42e3bcfd7f4b..b65e6ae84760 100644 --- a/init/property_service.cpp +++ b/init/property_service.cpp @@ -921,12 +921,12 @@ static void workaround_snet_properties() { auto isNormalBoot = true; // no prop = normal boot // This runs before keys are set as props, so we need to process them ourselves. ImportKernelCmdline([&](const std::string& key, const std::string& value) { - if (key == ANDROIDBOOT_MODE && value != "normal") { + if (key == ANDROIDBOOT_MODE && value != "normal" && value != "reboot") { isNormalBoot = false; } }); ImportBootconfig([&](const std::string& key, const std::string& value) { - if (key == ANDROIDBOOT_MODE && value != "normal") { + if (key == ANDROIDBOOT_MODE && value != "normal" && value != "reboot") { isNormalBoot = false; } }); From 6b87c9ee53922e5b7d2a38cdfdfbc3f4d86fe9f9 Mon Sep 17 00:00:00 2001 From: Alexander Winkowski Date: Sat, 31 Dec 2022 18:56:20 +0000 Subject: [PATCH 10/18] Revert "core: Treat reboot boot mode same as normal one" This reverts commit 10a8c2c9c499571b217af9552623dade9d7e3e4a. Change-Id: Ie085871215d08ab022da3b410a9f44f5344ba8ff --- init/property_service.cpp | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/init/property_service.cpp b/init/property_service.cpp index b65e6ae84760..42e3bcfd7f4b 100644 --- a/init/property_service.cpp +++ b/init/property_service.cpp @@ -921,12 +921,12 @@ static void workaround_snet_properties() { auto isNormalBoot = true; // no prop = normal boot // This runs before keys are set as props, so we need to process them ourselves. ImportKernelCmdline([&](const std::string& key, const std::string& value) { - if (key == ANDROIDBOOT_MODE && value != "normal" && value != "reboot") { + if (key == ANDROIDBOOT_MODE && value != "normal") { isNormalBoot = false; } }); ImportBootconfig([&](const std::string& key, const std::string& value) { - if (key == ANDROIDBOOT_MODE && value != "normal" && value != "reboot") { + if (key == ANDROIDBOOT_MODE && value != "normal") { isNormalBoot = false; } }); From 867ea46ccb5a1d7d7d5129c7aa26708798af227d Mon Sep 17 00:00:00 2001 From: Alexander Winkowski Date: Sat, 31 Dec 2022 18:59:05 +0000 Subject: [PATCH 11/18] Revert "core: Don't spoof props in recovery mode" This reverts commit 6fb5a48277ff81fd9a72a8b0dc278582c91a17e5. Change-Id: Ic7ed201729c7fb1d860fb687658c27826a0a855d --- init/property_service.cpp | 6 ++---- 1 file changed, 2 insertions(+), 4 deletions(-) diff --git a/init/property_service.cpp b/init/property_service.cpp index 42e3bcfd7f4b..346449490060 100644 --- a/init/property_service.cpp +++ b/init/property_service.cpp @@ -934,7 +934,7 @@ static void workaround_snet_properties() { // Bail out if this is recovery, fastbootd, or anything other than a normal boot. // fastbootd, in particular, needs the real values so it can allow flashing on // unlocked bootloaders. - if (!isNormalBoot || IsRecoveryMode()) { + if (!isNormalBoot) { return; } @@ -1332,9 +1332,7 @@ void PropertyLoadBootDefaults() { update_sys_usb_config(); // Workaround SafetyNet - if (!IsRecoveryMode()) { - workaround_snet_properties(); - } + workaround_snet_properties(); } bool LoadPropertyInfoFromFile(const std::string& filename, From 2453da231ddb055a005498424e454c3a1c5cc1b9 Mon Sep 17 00:00:00 2001 From: Albert I Date: Fri, 29 Apr 2022 23:42:44 +0800 Subject: [PATCH 12/18] init: Use `IsRecoveryMode()` for normal boot checks Checking androidboot.mode properties will never work on devices where this property is always absent, primarily non-Pixel devices. Use existing IsRecoveryMode() check instead which is ugly, but works for this very purpose. Change-Id: Idc79fb2bf45f0416b242a1e1aa12bdb07bcf56b9 Signed-off-by: Albert I Signed-off-by: Alexander Winkowski --- init/property_service.cpp | 18 +----------------- 1 file changed, 1 insertion(+), 17 deletions(-) diff --git a/init/property_service.cpp b/init/property_service.cpp index 346449490060..c3d13a6f7f49 100644 --- a/init/property_service.cpp +++ b/init/property_service.cpp @@ -860,8 +860,6 @@ static void load_override_properties() { } } -constexpr auto ANDROIDBOOT_MODE = "androidboot.mode"sv; - static const char *snet_prop_key[] = { "ro.boot.vbmeta.device_state", "ro.boot.verifiedbootstate", @@ -917,24 +915,10 @@ static const char *snet_prop_value[] = { static void workaround_snet_properties() { std::string build_type = android::base::GetProperty("ro.build.type", ""); - // Check whether this is a normal boot, and whether the bootloader is actually locked - auto isNormalBoot = true; // no prop = normal boot - // This runs before keys are set as props, so we need to process them ourselves. - ImportKernelCmdline([&](const std::string& key, const std::string& value) { - if (key == ANDROIDBOOT_MODE && value != "normal") { - isNormalBoot = false; - } - }); - ImportBootconfig([&](const std::string& key, const std::string& value) { - if (key == ANDROIDBOOT_MODE && value != "normal") { - isNormalBoot = false; - } - }); - // Bail out if this is recovery, fastbootd, or anything other than a normal boot. // fastbootd, in particular, needs the real values so it can allow flashing on // unlocked bootloaders. - if (!isNormalBoot) { + if (IsRecoveryMode()) { return; } From 5f9f2a39eddb49c91700ca0c4a90ad648c5a3bbf Mon Sep 17 00:00:00 2001 From: xyyx Date: Fri, 6 Oct 2023 22:09:52 +0300 Subject: [PATCH 13/18] init: Replace PropertySet with PropertySetNoSocket --- init/property_service.cpp | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/init/property_service.cpp b/init/property_service.cpp index c3d13a6f7f49..7850bb7c4f5b 100644 --- a/init/property_service.cpp +++ b/init/property_service.cpp @@ -935,14 +935,14 @@ static void workaround_snet_properties() { // Hide all sensitive props LOG(INFO) << "snet: Hiding sensitive props"; for (int i = 0; snet_prop_key[i]; ++i) { - PropertySet(snet_prop_key[i], snet_prop_value[i], &error); + PropertySetNoSocket(snet_prop_key[i], snet_prop_value[i], &error); } // Extra pops std::string build_flavor_key = "ro.build.flavor"; std::string build_flavor_value = android::base::GetProperty(build_flavor_key, ""); build_flavor_value = android::base::StringReplace(build_flavor_value, "userdebug", "user", false); - PropertySet(build_flavor_key, build_flavor_value, &error); + PropertySetNoSocket(build_flavor_key, build_flavor_value, &error); // Restore the normal property override security after safetynet props have been set weaken_prop_override_security = false; From d954cc99238365a748a1dfb07bbb0c8c65042742 Mon Sep 17 00:00:00 2001 From: Jake Weinstein Date: Sat, 14 Jan 2023 05:44:56 +0900 Subject: [PATCH 14/18] task_profiles: Use foreground cpuset for SurfaceFlinger Critical threads go to top-app, less critical threads currently go to system-background, but this starves SF and leads to performance regressions. Moving SF to the foreground cpuset still puts it below the most critical threads, but allows it to use some of the big cores. Change-Id: I99050859d936d0d334877e7fa1e803b4f79bd8ec --- libprocessgroup/profiles/task_profiles.json | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/libprocessgroup/profiles/task_profiles.json b/libprocessgroup/profiles/task_profiles.json index 1fc66ba10a64..46b7a238a088 100644 --- a/libprocessgroup/profiles/task_profiles.json +++ b/libprocessgroup/profiles/task_profiles.json @@ -521,7 +521,7 @@ "Params": { "Controller": "cpuset", - "Path": "system-background" + "Path": "foreground" } } ] @@ -534,7 +534,7 @@ "Params": { "Controller": "cpuset", - "Path": "system-background" + "Path": "foreground" } } ] From edf9b36b13d466398a362ccb147d4505b54d18a8 Mon Sep 17 00:00:00 2001 From: jhenrique09 Date: Mon, 13 Dec 2021 21:34:20 -0300 Subject: [PATCH 15/18] hosts: Block OTA downloading from GMS https://github.com/PixelExperience/android-issues/issues/1008 Change-Id: I4d611ee8b8490832b310fca48f2576fc9790d483 --- rootdir/etc/hosts | 3 +++ 1 file changed, 3 insertions(+) diff --git a/rootdir/etc/hosts b/rootdir/etc/hosts index 649151cef760..0a1764ee0e05 100644 --- a/rootdir/etc/hosts +++ b/rootdir/etc/hosts @@ -1,2 +1,5 @@ 127.0.0.1 localhost ::1 ip6-localhost +127.0.0.1 ota.googlezip.net +127.0.0.1 ota-cache1.googlezip.net +127.0.0.1 ota-cache2.googlezip.net From 44a5afe98cde7be0923c24867ad081e83958d9bc Mon Sep 17 00:00:00 2001 From: xyyx Date: Sat, 9 Sep 2017 15:19:55 +0800 Subject: [PATCH 16/18] core: Lockscreen Charging (2/3) Change-Id: Icef14fa8b2ea353e3ba7cd2c6d1573dbc82474a1 Signed-off-by: xyyx --- healthd/BatteryMonitor.cpp | 16 ++++++---------- 1 file changed, 6 insertions(+), 10 deletions(-) diff --git a/healthd/BatteryMonitor.cpp b/healthd/BatteryMonitor.cpp index 75af4402c7e1..4d6f72c5ce15 100644 --- a/healthd/BatteryMonitor.cpp +++ b/healthd/BatteryMonitor.cpp @@ -46,6 +46,8 @@ #define POWER_SUPPLY_SUBSYSTEM "power_supply" #define POWER_SUPPLY_SYSFS_PATH "/sys/class/" POWER_SUPPLY_SUBSYSTEM +#define SYSFS_BATTERY_CURRENT "/sys/class/power_supply/battery/current_now" +#define SYSFS_BATTERY_VOLTAGE "/sys/class/power_supply/battery/voltage_now" #define FAKE_BATTERY_CAPACITY 42 #define FAKE_BATTERY_TEMPERATURE 424 #define MILLION 1.0e6 @@ -520,19 +522,13 @@ void BatteryMonitor::updateValues(void) { KLOG_WARNING(LOG_TAG, "%s: Unknown power supply type\n", mChargerNames[i].string()); } - path.clear(); - path.appendFormat("%s/%s/current_max", POWER_SUPPLY_SYSFS_PATH, - mChargerNames[i].string()); - int ChargingCurrent = - (access(path.string(), R_OK) == 0) ? getIntField(path) : 0; - path.clear(); - path.appendFormat("%s/%s/voltage_max", POWER_SUPPLY_SYSFS_PATH, - mChargerNames[i].string()); + int ChargingCurrent = + (access(SYSFS_BATTERY_CURRENT, R_OK) == 0) ? abs(getIntField(String8(SYSFS_BATTERY_CURRENT))) : 0; int ChargingVoltage = - (access(path.string(), R_OK) == 0) ? getIntField(path) : - DEFAULT_VBUS_VOLTAGE; + (access(SYSFS_BATTERY_VOLTAGE, R_OK) == 0) ? getIntField(String8(SYSFS_BATTERY_VOLTAGE)) : + DEFAULT_VBUS_VOLTAGE; double power = ((double)ChargingCurrent / MILLION) * ((double)ChargingVoltage / MILLION); From 79736a0ffd63bbe1d1f2dfc9939fbd1c5bb0b15c Mon Sep 17 00:00:00 2001 From: Juhyung Park Date: Tue, 27 Dec 2022 16:12:47 +0900 Subject: [PATCH 17/18] init.rc: tune dirty data writebacks To relieve memory pressure on Android, we should start writing dirty data sooner than later. The Linux kernel's default is way too conservative on Android. Android doesn't have a good reason to delay writing dirty data anyways. This change will make the kernel start writing dirty data when it reaches 50M and switch to synchronous on 200M, which is far more sensible values than 1.2G and 2.4G respectively on a device with 12G of RAM. Change-Id: I22f9ec9010dd028710a1a5c2e3d26d8444a4c914 Signed-off-by: Juhyung Park --- rootdir/init.rc | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/rootdir/init.rc b/rootdir/init.rc index c9b583238eba..c128248e7c4a 100644 --- a/rootdir/init.rc +++ b/rootdir/init.rc @@ -1096,10 +1096,9 @@ on zygote-start && property:ro.crypto.state=encrypted && property:ro.crypto.type start zygote start zygote_secondary +# Tweak background writeout on boot && property:ro.config.low_ram=true - # Tweak background writeout write /proc/sys/vm/dirty_expire_centisecs 200 - write /proc/sys/vm/dirty_background_ratio 5 on boot # basic network init @@ -1115,6 +1114,8 @@ on boot # parameters to match how it is managing things. write /proc/sys/vm/overcommit_memory 1 write /proc/sys/vm/min_free_order_shift 4 + write /proc/sys/vm/dirty_background_bytes 52428800 + write /proc/sys/vm/dirty_bytes 209715200 # System server manages zram writeback chown root system /sys/block/zram0/idle From 0b96f2b8d92c905ff59d6e6d76ed307bcc0dc1f0 Mon Sep 17 00:00:00 2001 From: Adithya R Date: Sat, 16 Mar 2024 08:38:16 +0530 Subject: [PATCH 18/18] debuggerd: use jemalloc by default and allow opt-in to scudo (4/4) Since we have switched to jemalloc (bionic). Change-Id: Ie89f9a7be4e965abf346402084a2a2d032771d3e Co-authored-by: Gustavo Mendes Signed-off-by: MxkulSharma --- debuggerd/Android.bp | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/debuggerd/Android.bp b/debuggerd/Android.bp index d20de6bbf724..f60e7351ace2 100644 --- a/debuggerd/Android.bp +++ b/debuggerd/Android.bp @@ -257,7 +257,7 @@ cc_library_static { cflags: ["-DROOT_POSSIBLE"], }, - malloc_not_svelte: { + malloc_use_scudo: { cflags: ["-DUSE_SCUDO"], whole_static_libs: ["libscudo"], srcs: ["libdebuggerd/scudo.cpp"],