Assessing binary blob patch level - LineageOS Questions & Answers

Dear community,
I am wondering how to assess the security of needed binary blobs for lineageos. As far as I understood there is no possibility to update these blobs, when the device becomes unsupported by the vendor.
So this proprietary code would be a weak attack surface, or? At least when some of the code runs in priviledged mode, it seems to be dangerous...
I only have found this aged presentation on how to assess the security of these blobs, is there any newer stuff, or some standardized methodology for doing this?
https://recon.cx/2013/slides/Recon2013-Joshua%20J.%20Drake-Reversing%20and%20Auditing%20Android%27s%20Proprietary%20Bits-public.pdf
I think there should be warnings for using blobs that are known to have security relevant bugs...

Related

How will patch for wpa2 (krack) happen if at all?

With this recent scare regarding the wpa2 vulnerability I was wondering if the fix would be in firmware or software.
Obviously for rooted devices without ota and Samsung possibly not interested (conveniently) in updating these 1st gen devices we could be stuck with this vulnerability. I'd be Interested in the thoughts of other owners.
You gotta be kidding me. Of course, Samsung has already washed its hands of this tablet. If we stand a chance of patching this problem, it's from the open source community.
All of the tab s varients do not have security patch updates, and no plans ever to introduce.
Here is the list of Samsung devices with quarterly or monthly updates
https://security.samsungmobile.com/workScope.smsb
AOSP/LIN should be applying security updates when available. But this is only for their current projects, they don't seem to maintain "stale" branches.
Is there an effective patch available ? MS claim to have patched, but remains to be seen, as has been stated its a deep vunrability.
I am waiting to see the patch war that will follow, if its a true problem in the wpa standard we will get a series of software firmware patches, each being breached in turn, untill everyone is forced to switch to a new standard. Anyone remember WEP? Lol.
If its not a real standards issue, we will see an effective patch within a month, Google are only behind the Linux kernel project in their responsiveness, and that's a compliment.
The sad reality is that Google itself hasn't made a coherent statement regarding what is it that needs to be patched. Is this a package that's part of the Android OS, the Linux kernel, or is this something that can be pushed through Play Store updates? According to the security advisories, a whole lot of Linux distributions deal with this security problem by updating the wpa_supplicant package. This package being open source clearly can be updated with root. So all we need is a flashable zip file, or just plain binaries that can be put in place.
As an update to last post
Its not that searious at all, not embedded in the standard, will not require hardware or firmware updates. A simple software patch will do.
Google have already patched it on 16th October, omnirom on the 23rd. Google released patch in Nov 6 security patch level update.
https://www.kb.cert.org/vuls/byvendor?searchview&Query=FIELD+Reference=228519&SearchOrder=4
So that means Linage should also be patched if they merge security patches monthly.
For my Fenris Rom project I am desperately trying to port large sections of the tab s 2 refresh frameworks and binaries, which does get monthly security updates. Not an easy job, and that's going to be for the T705 only.

[KERNEL][OREO] [SM-T830/T835] [2019-11-21] Modesty 1.0.0 [Linux 4.4.202] [ARK4]

Modesty - a modest custom kernel for the Samsung Tab S4
Modesty aims to provide a mildly appealing and reasonable alternative to the stock 4.4.78 kernel that comes with The Tab S4. In its pursuit of being both mildly appealing and reasonable, it will eschew features that could compromise device stability, whilst gleefully embracing low-risk, self-contained enhancements. In other words, your lowest expectation should be that this kernel will be at least as stable as the stock kernel.
Since there are currently no other custom kernel projects supporting the Tab S4, there isn't really any previous device-specific work to build on. Development of this kernel is therefore likely to be slow and steady.
"Why is this kernel called Modesty? That's crap! Why not Wolverine, Intrepid or Jupiter?"
Because it's just a operating-system kernel, not a turbo-charged supercar or a mission into outer space. Even as operating-system kernels go, this one is pretty dull. Besides, I'm a weary curmudgeon in his fifties, not a teenager.
This project has the modest aim of modestly enhancing the pleasure you derive from your Tab S4 and is therefore modestly named Modesty.
Key characteristics
Supports both the wi-fi only (T830) and wi-fi/LTE (T835) models.
Forked from Samsung's pristine kernel source code (Linux 4.4.78 for ARGH firmware at time of launch).
Regular merging of the upstream Linux kernel's linux-4.4.y branch (4.4.161 at time of public launch).
Regular merging of Samsung's updates to its modified kernel source as they are made available.
Includes @savoca's KCAL advanced colour/gamma control driver.
Includes @flar2's sound control driver to manage headphone and microphone gain.
Disables a huge amount of tracing and logging features inexplicably left enabled by Samsung in the stock release kernel. These debugging features have no place outside engineering builds.
Packed into a boot.img (boot image) taken directly from Samsung's latest stock firmware and kept as close to the original as possible. No obscure boot-time kernel configuration is stashed away here, and no changes are made to any other part of the file system at either install time or run time.
Provides a fully automated installer, with the option of interactive installation to allow manual selection of features and the ability to automatically root the device with Magisk in the post-installation phase.
Includes WireGuard VPN support (version 0.0.20180818 at the time of public launch), which will be updated as available.
Includes @Lord Boeffla's generic kernel wakelock blocker. The conservative default block-list is: qcom_rx_wakelock and NETLINK.
Utilises Westwood+ TCP congestion algorithm by default.
Includes Veno TCP congestion algorithm.
SELinux operates in enforcing mode and cannot be dynamically switched to permissive mode.
FAQ
Q. Is this kernel still actively developed?
A. No. The final ianmacd release was v1.0.0 on 21st November 2019 and no-one else has picked up maintenance of the project.​
Q. Will this kernel also run on Android 9.0 (Pie) devices?
A. No. Modesty targets Android 8.1 (Oreo) and there was never an intention to update it for 9.0 (Pie).​
Q. Can I overclock or underclock the CPU using this kernel?
A. No.​
Q. How does interactive installation mode work?
A. If the ZIP file name contains the string _interactive or a dot-file called .modesty_interactive is present in the root of the external SD card, interactive installation mode is triggered. Please note that this mode overrides any selections implied by the archive name or the presence of dot-files on the file-system.
In interactive mode, you will be asked whether to root the device afterwards with Magisk. Selections are made using the Volume buttons. Just follow the on-screen prompts.​
Q. Can I safely block wakelock X?
A. Perhaps. However, unless you know what a particular wakelock does and are certain that it is causing an actual problem on your device, I suggest you leave it alone.​
Q. Why is this kernel labelled beta? Is it safe to use? And who are you, anyway? Can you be trusted?
A. My T830 has been running this kernel every day since I first rooted it, and I can therefore personally vouch for its stability on this model.
A couple of users have reported Modesty running well on the T835. Initially, it was reported that the kernel did not boot on this model, but after trying several test kernels, the user in question discovered that his machine had a non-standard firmware installation. Once this situation was remedied, Modesty booted and worked as designed.
As the person who built the kernel, I know exactly what's in it, and therefore the only risk I'm exposing myself to when I run it is that of my own incompetence. That's not true for you, however, and you should exercise due caution and at least pause for a moment to consider what you are installing, and the far-reaching powers you are about to grant this unaudited code over your device. Although I link to the source code below, you have only my word for it that this bears any resemblance to the kernel actually provided in the installer.
There are likely to be many iterations of this kernel before it sees a 1.0 release. Features may be added or removed along the way, although there is no clear roadmap at this point in time. Development will go where the needs of the users take it.
Please see the Installation section below for an important note regarding the use of this kernel in combination with stock (i.e. unmodified) Samsung firmware.​
Q. Can I safely root this kernel?
A. Of course. What use would it be if you couldn't? I recommend Magisk for the task. It has a few minor issues, but as a project is very much alive, something that cannot be said about its peers. Magisk has arguably now established itself as the de facto root solution for Android devices.
It just so happens that I also produce my own builds of Magisk, which you are welcome to use. These are release builds (as opposed to debugging builds), produced from my own fork of @topjohnwu's original source, often augmented with patches. You can use anyone's builds, though.
Again, these builds work for me on various Samsung devices, but they are unofficial and you should approach them with fitting caution.​
Q. Can I install Magisk at the same time as Modesty?
A. Yes. The Modesty installer allows you to automatically root your device with Magisk following installation of Modesty..
To make use of this facility, either rename the Modesty zip file to contain the string _magisk or create a file called .modesty_magisk in either the root of your external SD card or in the standard Download directory of the internal SD card. Alternatively, you can utilise interactive installation mode. See above for details.
If any of these trigger conditions is met, the installer will look in the standard internal Download directory as well as in ./Magisk (if present) on the external SD card (if present) for a suitable Magisk zip file to install. Preference is given to versioned files matching the glob Magisk-v*, in which case the latest according to lexical sort order will be used. If none is found, the installer then looks for unversioned release builds (e.g. official Canary channel release builds) called magisk-release.zip in the same locations, selecting the one with the most recent timestamp. If none is found, the installer will then try to find unversioned debug builds (e.g. official Canary channel debug builds) called magisk-debug.zip, again picking the one with the most recent timestamp. Finally, the installer falls back to looking for the most recent file called Magisk.zip or magisk.zip. If still no files have been found by this stage, chaining of Magisk is abandoned.
For example:
Code:
star2lte:/ $ ls -l /storage/0000-0000/.modesty_magisk
-rwxrwx--x 1 root sdcard_rw 0 2018-09-15 14:31 /storage/0000-0000/.modesty_magisk
star2lte:/ $ ls /storage/0000-0000/Magisk/Magisk-* | tail -n 3
/storage/0000-0000/Magisk/Magisk-v17.2-2018091001-ianmacd.zip
/storage/0000-0000/Magisk/Magisk-v17.2-2018091201-ianmacd.zip
/storage/0000-0000/Magisk/Magisk-v17.2-2018091501-ianmacd.zip
When you flash the Modesty archive in TWRP, the most recent version of Magisk that could be found will now be used to automatically root your kernel, i.e. Magisk-v17.2-2018091501-ianmacd.zip in this example.​
Q. Why doesn't Modesty have its own Telegram group?
A. Because my experience of Android-themed Telegram groups is that they invariably degenerate into seething cesspits of rudeness, ignorance, superstition and — on a good day — pseudo-science. I don't wish to police such a den of iniquity. Of course, it's a free world (or so I still like to kid myself), so you are at liberty to create your own Telegram group for Modesty if you wish. Just please don't invite me to it.​
Building
Building the kernel from source is beyond the scope of this document. If you want to build this kernel from scratch, for example to change its configuration, start with this handy reference tailored to building kernels for Android.
Download
See posting #2 in this thread for links to the latest and all previous versions.
Known Issues
Bluetooth HID (input) devices do not work.
Versions 0.99.11 to 0.99.22 contained a bug that caused Bluetooth HID (input) devices, such as mice, keyboards and gamepads, not to function. They could be paired with the tablet, but their input was not recognised. This bug was finally traced and fixed in 0.99.23.​
Installation
Make a back-up of your existing boot partition using the custom recovery environment provided by TWRP. If your device doesn't yet have TWRP, you will need to install it first. Then, use it to flash the Modesty ZIP file. The boot image will automatically be installed in the boot partition of your device.
If your device has unmodified Samsung firmware, you will encounter problems with Bluetooth (namely delayed initialisation and forgotten pairings) after installing this or any other custom kernel. To remedy this, you will need to patch your system with modified libsecure_storage.so libraries. Some custom kernel installers actually install these without telling you, overwriting your system libraries and transparently circumventing the problem before you can run into it. This approach necessarily modifies your device's file-system, however, and that may not be what you want. At the very least, the user should be made aware what is happening to his device.
For this reason, I have instead prepared a companion Magisk module that achieves the same goal without modifying the file-system. This will allow you to run a custom kernel (not just this one, but any custom kernel) on pristine stock firmware without any Bluetooth issues. The module can be found in the official Magisk module repository, accessible from Magisk Manager on your tablet. If you install this Magisk module, you may wish to also disable the secure_storage_daemon by editing /system/etc/init/secure_storage_daemon.rc (change start to stop), as it no longer serves a purpose.
In a similar vein, you may encounter authentication errors when connecting to wireless networks after installing this or any other custom kernel. This problem is not serious and easily remedied by re-entering your passphrase for the networks you use.
Finally, if SecurityLogAgent notifies you that unauthorised actions have been detected, do not be alarmed. This is a normal consequence of having installed a custom kernel. You may wish to disable SecurityLogAgent to avoid being repeatedly notified..
Whilst the above issues are the only ones you can expect to encounter when running this kernel vs. the stock Samsung kernel, they may sound like more trouble than they're worth. In that case, you might be happier just sticking to Samsung's stock kernel. The company supplies a perfectly good kernel straight from the factory.
Configuration
You are encouraged to use either @morogoku's excellent MTweaks (a modified version of Kernel Aduitor) or @flar2's EX Kernel Manager to manage the features provided by this kernel.
Source code
Modesty's GitHub repository.
References
A useful guide to CPU governors, I/O schedulers (and more).
For more information on the some of the individual schedulers included in this kernel, you can also look under Documentation/block in the kernel source.
The WireGuard user guide, control app, home page and source code.
Credits
Thank you to everyone in the Linux kernel universe for getting us this far. Within the Android development community, I am grateful to the following people for their time-saving contributions:
@osm0sis for Android Image Kitchen, which has saved me a huge amount of work in packing and unpacking boot images.
An honorary mention must go to @Chainfire, the extent of whose benefaction to the Android community is still not fully understood or appreciated in some quarters.
Change log
v1.0.0 (final ianmacd release) (2019-11-21)
Kernel proclaimed stable. Version number incremented. No code changes since v0.99.49.
v0.99.49 (2019-11-16)
Updated to Linux 4.4.202.
v0.99.48 (2019-11-13)
Updated to Linux 4.4.201.
v0.99.47 (2019-11-11)
Updated to Linux 4.4.200.
v0.99.46 (2019-11-06)
Updated to Linux 4.4.199.
v0.99.45 (2019-10-31)
Updated to Linux 4.4.198.
v0.99.44 (2019-10-19)
Updated to Linux 4.4.197.
v0.99.43 (2019-10-08)
Updated to Linux 4.4.196.
v0.99.42 (2019-10-07)
Updated to Linux 4.4.195.
v0.99.41 (2019-09-22)
Updated to Linux 4.4.194.
v0.99.40 (2019-09-16)
Updated to Linux 4.4.193.
v0.99.39 (2019-09-11)
Updated to Linux 4.4.192.
Fixes unavailability of external SD card in Modesty 0.99.38.
v0.99.38 (2019-09-08) Release withdrawn (External SD card unavailable)
Updated to Linux 4.4.191.
v0.99.37 (2019-08-26)
Updated to Linux 4.4.190.
v0.99.36 (2019-08-12)
Updated to Linux 4.4.189.
v0.99.35 (2019-08-07)
Updated to Linux 4.4.188.
v0.99.34 (2019-08-05)
Updated to Linux 4.4.187.
v0.99.33 (2019-07-23)
Updated to Linux 4.4.186.
v0.99.32 (2019-07-12)
Updated to Linux 4.4.185.
v0.99.31 (2019-06-28)
Updated to Linux 4.4.184.
v0.99.30 (2019-06-22)
Updated to Linux 4.4.183.
v0.99.29 (2019-06-18)
Updated to Linux 4.4.182.
v0.99.28 (2019-06-12)
Updated to Linux 4.4.181.
v0.99.27 (2019-05-17)
Updated to Linux 4.4.180.
v0.99.26 (2019-04-28)
Updated to Linux 4.4.179.
v0.99.25 (2019-04-07)
Updated to Linux 4.4.178.
v0.99.24 (2019-03-26)
Updated to Linux 4.4.177.
Build only the latest revision of the DTB.
v0.99.23 (2019-03-02)
Fixed bug, introduced in v0.99.11, that caused input from Bluetooth HID devices, such as keyboards, mice and gamepads to be ignored.
v0.99.22 (2019-02-23)
Updated to Linux 4.4.176.
v0.99.21 (2019-02-20)
Updated to Linux 4.4.175.
v0.99.20 (2019-02-11)
Updated to Linux 4.4.174.
v0.99.19 (2019-02-08)
Updated to Linux 4.4.173.
v0.99.18 (2019-01-26)
Updated to Linux 4.4.172.
v0.99.17 (2019-01-17)
Updated to Linux 4.4.171.
v0.99.16 (2019-01-13)
Updated to Linux 4.4.170.
v0.99.15 (2018-12-30)
Rebased on ARK4 kernel source code and boot images.
v0.99.14 (2018-12-23)
Updated to Linux 4.4.169.
Merged four more UPSTREAM commits from android-4.4 kernel branch.
v0.99.13 (2018-12-13)
Updated to Linux 4.4.167.
Merged selected BACKPORT and UPSTREAM commits from android-4.4 kernel branch.
v0.99.12 (2018-12-05)
Updated to Linux 4.4.166.
Realtek USB Ethernet driver upgraded from v2.08.0 to v2.10.00.
v0.99.11 (2018-11-29)
Updated to Linux 4.4.165.
KCAL advanced colour/gamma control driver optimisation.
Added @flar2's sound control driver for controlling headphone and microphone gain. (Configure with MTweaks or EX Kernel Manager).
v0.99.10 (2018-11-21)
Updated to Linux 4.4.164.
Added KCAL advanced colour/gamma control driver. (Configure with MTweaks or EX Kernel Manager).
Lots of tracing and debug logging disabled, further reducing kernel size.
CONFIG_DISPLAY_USE_INFO
CONFIG_SEC_DISPLAYPORT_LOGGER
CONFIG_FB_MSM_MDSS_XLOG_DEBUG
CONFIG_SEC_FILE_LEAK_DEBUG
CONFIG_SEC_DEBUG_USER
CONFIG_SEC_DEBUG_SUMMARY
CONFIG_SCSI_UFSHCD_CMD_LOGGING
CONFIG_MSM_SMEM_LOGGING
CONFIG_PROFILING
CONFIG_DEBUG_INFO
CONFIG_SCHED_DEBUG
CONFIG_SEC_PM_DEBUG
CONFIG_CORESIGHT
Built as monolithic kernel (i.e. without CONFIG_MODULES).
Built as relocatable code (CONFIG_RELOCATABLE_KERNEL).
Assembler symbols stripped (CONFIG_STRIP_ASM_SYMS set).
Embedded kernel config (reported via /proc/config.gz) now falsely reports stock settings to allow disabling of superfluous kernel features that otherwise cause grave Android System warning on boot.
v0.99.9 (2018-11-13)
Rebased on ARJ3 kernel source code and boot images.
v0.99.8 (2018-11-10)
Updated to Linux 4.4.163.
More than 100 fixes applied from upstream AOSP android-4.4 and android 4.4-o branches.
Lots of tracing and debug logging disabled:
CONFIG_IPC_LOGGING (debug logging for IPC drivers)
CONFIG_QCOM_RTB (register tracing)
CONFIG_TRACER_PKT (for tracing IPC protocols)
CONFIG_FTRACE (kernel tracing infrastructure)
CONFIG_CPU_FREQ_SWITCH_PROFILER (CPU frequency switch profiler)
CONFIG_TRACING_EVENTS_GPIO (traces GPIO subsystem)
Fixes to allow kernel to build when above logging and tracing options are disabled.
v0.99.7 (2018-10-30)
Rebased on ARH5 kernel source code.
Reworked the v4l2 fix that restores liboemcrypto-dependent apps to working state.
v0.99.6 (2018-10-28)
v4l2 fixes to restore liboemcrypto-dependent apps to working state.
v0.99.5 (2018-10-21)
Updated to Linux 4.4.162.
v0.99.4 (2018-10-19)
Initial public release, based on Linux 4.4.161.
v0.99.3
Internal build, based on Linux 4.4.160.
v0.99.2
Internal build, based on Linux 4.4.159.
v0.99.1
Initial internal build, based on Linux 4.4.78.
It begins! Awesome to finally see a custom kernel for the Tab S4.
I want to test for you once I can get root back
ianmacd said:
Change log
v0.99.4 (2018-10-19)
Initial public release, based on Linux 4.4.161. Caution: This kernel remains completely untested on the T835.
v0.99.3
Internal build, based on Linux 4.4.160.
v0.99.2
Internal build, based on Linux 4.4.159.
v0.99.1
Initial internal build, based on Linux 4.4.78.
Click to expand...
Click to collapse
Flashed on T835 device doesnt even get past the Boot (custom device) screen is there a way to get logs without using a computer?
Sent from my Samsung SM-G950F using XDA Labs
dr460nf1r3 said:
Flashed on T835 device doesnt even get past the Boot (custom device) screen is there a way to get logs without using a computer?
Click to expand...
Click to collapse
I'll look into it this evening. I'm just about to get off a plane.
Were there any errors when installing? Was your device properly detected as a T835?
Sent from my SM-G965F using XDA Labs
ianmacd said:
I'll look into it this evening. I'm just about to get off a plane.
Were there any errors when installing? Was your device properly detected as a T835?
Click to expand...
Click to collapse
Installing just fine, correctly detected as well.
Sent from my Samsung SM-G950F using XDA Labs
dr460nf1r3 said:
Installing just fine, correctly detected as well.
Click to expand...
Click to collapse
I've gone through the ramdisk of the T835's boot image with a fine-tooth comb and can find nothing untoward. I also verified that I properly removed the dm-verity flag from the T835's device tree.
There are actually very few source code differences between the T830 and T835. Both can be built from a single tree. The only differences lie in the kernel config file and the device tree, but I am building with the default T835 configuration, and with the proper device tree for that device.
Let's try at least ruling out my installer code. Please image-flash this new boot image[/i] to your device and tell me if it boot-loops. If it does, my installer isn't the problem, because it's only used for a ZIP flash. I've already checked the installer code and can't see any bugs, so I don't think the issue lies there.
Can you also please tell me which version of the firmware your device is running? Possibly there's an issue there, too. Samsung has so far released the source to the ARGH kernel only. This seems to work fine on my ARH5 firmware, but it's uncertain whether it would still work on something based on ARI*, and I've seen that a couple of countries do now have ARI firmware available. Mind you, even if it wasn't compatible, it should still get as far as booting.
Anyway, please test that boot image and let me know your firmware version.
While I soldier on with the issues afflicting the T835 build, can anyone else verify the T830 build as working for them?
Don't be shy; I'm running it on my own device, so I'm certain that build boots.
ianmacd said:
While I soldier on with the issues afflicting the T835 build, can anyone else verify the T830 build as working for them?
Don't be shy; I'm running it on my own device, so I'm certain that build boots.
Click to expand...
Click to collapse
Sorry for the noob question if i flash this kernal on my SM-T835 will i lose DEX ? Sorry i'm not quite understanding what KERNEL does ? Thanks in advance!
N1NJATH3ORY said:
Sorry for the noob question if i flash this kernal on my SM-T835 will i lose DEX ? Sorry i'm not quite understanding what KERNEL does?
Click to expand...
Click to collapse
When the kernel is working as intended, you won't lose DeX, but it currently isn't even booting on the T835.
Only those who are able to assist in debugging the current boot failure should install the T835 build at this time.
The T830 build, on the other hand, is rock solid for me, and I encourage anyone who is capable of recovering from an unexpected bootloop to try it out.
Version 0.99.5 released.
This release updates the kernel to the latest upstream Linux.
T830 owners, install at will. T835 owners, beware: The previous release has been reported unbootable on this model, and this release is likely to be similarly afflicted. Investigations are ongoing. Until this issue is resolved, the whole project has been downgraded to alpha status.
Change log
Updated to Linux 4.4.162. Caution: This release is likely to cause a bootloop on the T835.
ianmacd said:
I've gone through the ramdisk of the T835's boot image with a fine-tooth comb and can find nothing untoward. I also verified that I properly removed the dm-verity flag from the T835's device tree.
There are actually very few source code differences between the T830 and T835. Both can be built from a single tree. The only differences lie in the kernel config file and the device tree, but I am building with the default T835 configuration, and with the proper device tree for that device.
Let's try at least ruling out my installer code. Please image-flash this new boot image[/i] to your device and tell me if it boot-loops. If it does, my installer isn't the problem, because it's only used for a ZIP flash. I've already checked the installer code and can't see any bugs, so I don't think the issue lies there.
Can you also please tell me which version of the firmware your device is running? Possibly there's an issue there, too. Samsung has so far released the source to the ARGH kernel only. This seems to work fine on my ARH5 firmware, but it's uncertain whether it would still work on something based on ARI*, and I've seen that a couple of countries do now have ARI firmware available. Mind you, even if it wasn't compatible, it should still get as far as booting.
Anyway, please test that boot image and let me know your firmware version.
Click to expand...
Click to collapse
Firmware Version ist arh5 and after flashing your img the device still constantly reboots on the start screen and doesnt even get to the boot Screen
Sent from my Samsung SM-G950F using XDA Labs
dr460nf1r3 said:
Firmware Version ist arh5 and after flashing your img the device still constantly reboots on the start screen and doesnt even get to the boot Screen
Click to expand...
Click to collapse
Thanks. That absolves the installer of any wrongdoing, at least.
Something is fundamentally wrong with the kernel for the T835.
The boot image is taken from stock firmware, and modified just enough to allow a custom kernel to boot. I very much doubt the problem lies there. A virtually identical image works for the T830.
The kernel config used is the one supplied by Samsung. The only modifications made to it are the same ones I made to the T830's.
I think my next step will be to produce a kernel built without downstreaming the 4.4.y Linux branch, so back to 4.4.78. If that works, it will indicate that an error affecting only the T835 was introduced during all of my merging of the upstream kernel.
I'll post again when I've built the kernel, which won't be for a few hours, as I'm on holiday at the moment.
Sent from my SM-G965F using XDA Labs
ianmacd said:
I think my next step will be to produce a kernel built without downstreaming the 4.4.y Linux branch, so back to 4.4.78. If that works, it will indicate that an error affecting only the T835 was introduced during all of my merging of the upstream kernel.
Click to expand...
Click to collapse
OK, @dr460nf1r3, please try this new T835 build.
This is rewound to 4.4.78, with just a few extra cherry-picked commits to enable it to build cleanly and boot without triggering dm-verity.
In other words, this kernel should be 99% identical to the one that shipped with the machine. This assumes that the source as supplied by Samsung was actually used to build the stock kernel.. They have been known to publish sources that don't match what's on the machine.
ianmacd said:
OK, @dr460nf1r3, please try this new T835 build.
This is rewound to 4.4.78, with just a few extra cherry-picked commits to enable it to build cleanly and boot without triggering dm-verity.
In other words, this kernel should be 99% identical to the one that shipped with the machine. This assumes that the source as supplied by Samsung was actually used to build the stock kernel.. They have been known to publish sources that don't match what's on the machine.
Click to expand...
Click to collapse
Thanks, flashing now will report back in a few minutes
Sent from my Samsung SM-G950F using XDA Labs
---------- Post added at 05:44 PM ---------- Previous post was at 05:17 PM ----------
ianmacd said:
OK, @dr460nf1r3, please try this new T835 build.
This is rewound to 4.4.78, with just a few extra cherry-picked commits to enable it to build cleanly and boot without triggering dm-verity.
In other words, this kernel should be 99% identical to the one that shipped with the machine. This assumes that the source as supplied by Samsung was actually used to build the stock kernel.. They have been known to publish sources that don't match what's on the machine.
Click to expand...
Click to collapse
Did not work still the same issue.. flashed via twrp to boot partition. Noob question, the boot backup i got is 64mb while your kernel hardly has 25.. whats going on here?
Sent from my Samsung SM-G950F using XDA Labs
dr460nf1r3 said:
Did not work still the same issue.. flashed via twrp to boot partition.
Click to expand...
Click to collapse
Well, that's disappointing. I was hoping that it was my screw-up, rather than Samsung's, but at this point almost everything I've done has been backed out and it still won't boot.
Noob question, the boot backup i got is 64mb while your kernel hardly has 25.. whats going on here?
Click to expand...
Click to collapse
Good question.
Your back-up is of the entire partition, including the area with no data on it, so you're getting a file the same size as the partition itself. My boot image contains just the data segment, so it's smaller.
If you pull the stock boot image from the AP file of Samsung's firmware, you'll see that it's a very similar size to mine (slightly smaller, actually):
Code:
$ unzip -p T835XXU1ARH5_T835OXM1ARH5_PHN.zip AP_T835XXU1ARH5_CL14008523_QB19263559_REV00_user_low_ship_MULTI_CERT_meta.tar.md5| tar xf - -O boot.img.\*lz4 | lz4 -dc > boot.img
$ ls -l boot.img
-rw-rw-r--. 1 ianmacd ianmacd 23593232 Oct 21 22:01 boot.img
$ file boot.img
boot.img: Android bootimg, kernel (0x8000), ramdisk (0x2000000), page size: 4096, cmdline (console=null androidboot.hardware=qcom user_debug=31 msm_rtb.filter=0x37 ehci-hcd.park=3 lpm_le)
So, what now?
I'll see which other minor changes I can back out, in an effort to arrive at a kernel built from source that is as close to stock as possible. If you're wondering Why doesn't he just build from pristine sources?, the answer is: Because Samsung's source code won't even build out of the box. Many of the kernel header files are simply not in the expected locations. Alas, this is a fairly common problem with Samsung's kernel source code releases.
I suspect the solution to this problem may actually lie in changes that have yet to be made, rather than changes made that need to be reverted. In other words, the T835 may require some kernel modifications or configuration that the T830 doesn't. Theoretically, a kernel compiled from Samsung's pristine sources should just work, but that's starting to look unlikely now.
I'm hoping that I can enable/disable a few further options in the kernel config, rebuild and produce a kernel that works for you. If, however, the problem is that the source itself is faulty, we may have to wait for a future release by Samsung to give us something that compiles into a working kernel.
But I don't intend to throw in the towel on the T835 just yet. There are still a few more things we can try.
ianmacd said:
Well, that's disappointing. I was hoping that it was my screw-up, rather than Samsung's, but at this point almost everything I've done has been backed out and it still won't boot.
Good question.
Your back-up is of the entire partition, including the area with no data on it, so you're getting a file the same size as the partition itself. My boot image contains just the data segment, so it's smaller.
If you pull the stock boot image from the AP file of Samsung's firmware, you'll see that it's a very similar size to mine (slightly smaller, actually):
So, what now?
I'll see which other minor changes I can back out, in an effort to arrive at a kernel built from source that is as close to stock as possible. If you're wondering Why doesn't he just build from pristine sources?, the answer is: Because Samsung's source code won't even build out of the box. Many of the kernel header files are simply not in the expected locations. Alas, this is a fairly common problem with Samsung's kernel source code releases.
I suspect the solution to this problem may actually lie in changes that have yet to be made, rather than changes made that need to be reverted. In other words, the T835 may require some kernel modifications or configuration that the T830 doesn't. Theoretically, a kernel compiled from Samsung's pristine sources should just work, but that's starting to look unlikely now.
I'm hoping that I can enable/disable a few further options in the kernel config, rebuild and produce a kernel that works for you. If, however, the problem is that the source itself is faulty, we may have to wait for a future release by Samsung to give us something that compiles into a working kernel.
But I don't intend to throw in the towel on the T835 just yet. There are still a few more things we can try.
Click to expand...
Click to collapse
Thanks for explaining everything for me. Id like to help you were i can but i dont have a computer by my hands right now for the next time
Sent from my gts4llte using XDA Labs
dr460nf1r3 said:
Thanks for explaining everything for me. Id like to help you were i can but i dont have a computer by my hands right now for the next time
Click to expand...
Click to collapse
Here's a new build to try. This one reverts the last few changes I originally made to the T835's kernel configuration before building. This is as close to stock as possible, whilst still being able to build.
If this doesn't boot, it pretty much means that Samsung has supplied code for the T835 that simply will not compile into a working kernel. At that point, we'll probably have to wait for updated sources. I already have a request pending with Samsung for the release of the BRI sources.
Just to be clear, the current status quo as I understand it is that the Samsung logo never starts to be written from left to right. You never get past the static screen with the device name and the word Custom. Is that correct?
ianmacd said:
Here's a new build to try. This one reverts the last few changes I originally made to the T835's kernel configuration before building. This is as close to stock as possible, whilst still being able to build.
If this doesn't boot, it pretty much means that Samsung has supplied code for the T835 that simply will not compile into a working kernel. At that point, we'll probably have to wait for updated sources. I already have a request pending with Samsung for the release of the BRI sources.
Just to be clear, the current status quo as I understand it is that the Samsung logo never starts to be written from left to right. You never get past the static screen with the device name and the word Custom. Is that correct?
Click to expand...
Click to collapse
Im sorry to tell you but this doesnt boot either in fact it doesnt even reboot the static screen. Your right about the current status quo sadly.
Sent from my Samsung SM-G950F using XDA Labs

Widevine support in ROM with current security patches?

Hi,
is there any current ROM with Widevine support (e.g. for Netflix app >= 5.x) and security patches?
It seems AICP 13.1 and LOS 15.1 both lack e.g. /system/vendor/lib/libwvdrm_L3.so which seems to be present in stock ROMs (and those derived from stock, see e.g. https://github.com/munjeni/D5503_14.3.A.0.757/blob/master/system/vendor/lib/libwvdrm_L3.so).
A discussion in a fairphone forum mentions that Widevine related libs are usually part of a proprietary blob (see https://forum.fairphone.com/t/widev...-fairphone-open-18-10-0-android-7-1-2/45143/7), but I haven't seen blobs for Sony devices which contain anything in vendor/libs/....
I'd be thankful for any kind of help and/or explanation.
This is included on proprietary/vendor/sony
https://github.com/AICP/proprietary_vendor_sony/tree/o8.1/widevine
raschad said:
This is included on proprietary/vendor/sony
https://github.com/AICP/proprietary_vendor_sony/tree/o8.1/widevine
Click to expand...
Click to collapse
Thanks for the answer, but I have two further questions:
This only includes the dynlib /vendor/lib/libwvhidl.so. Why is this different than for other phones? I expected that the set of proprietary libraries is fixed and then the open part links against them (if available).
Furthermore, this file is present in AICP 13.1 and LOS 15 but DRM info and similar apps all fail (silently or with obscure errors). Does one need some part of a TA partition backup (I have one for the phone in question) to make Widevine work?

Lineage OS 17.1 on old blobs - possible?

Ever since LineageOS started using the OxygenOS 9.0.x blobs for OnePlus 3 I have had lots of issues with the phone. The worst being total lockup during the night on airplane mode. Basically white light comes on and you have to force reset. If not found until morning then the battery will also be totally flat. When this happens pstore is totally empty so zero logs of the event.
Stock OxygenOS 9.0.x is the same.
As I am stubborn I don't want to buy a new phone due to something introduced by software, even if the "bug" doesn't affect all hardware. Downgrading to Oreo consistently fixes the problem!
Anyway, I was wondering how possible would it be to run the old blobs, old firmwares but on Android 10?
So far I have tried the following:
https://forum.xda-developers.com/oneplus-3t/how-to/guide-cope-9-0-3-5-0-8-firmware-barrier-t3941164 - Running the old bootloader and keymaster. Issue persists.
Modifying my NON-HLOS partition to use the modem binaries from the Oreo NON-HLOS partition. RIL doesn't play nicely. Issue persists anyway.
Building LineageOS, but using old blobs. Took proprietary files from this commmit, https://github.com/LineageOS/androi...mmit/d6915c5315d7a3272860f8fc940aab8ba076d6e3, the last one before the new blobs were introduced. Got the blobs from checking out the equivalent commit on The Muppets repo. Phone wouldn't boot errors in pstore about not being able to talk to most of the blobs (keymaster, gnss, etc). I guess its because theres a tonne of commits that Android 10 requires after this point, but its complete spaghetti working out whats what.
Tried without Soter/Alipay as I don't want to run that stuff anyway and soter was introduced at this time also, but issue persists.
I am also beginning to think the new blobs are an actual requirement for Android 10, so I might be wasting time anyway.
There are no Kernel commits around this time. https://github.com/LineageOS/android_device_oneplus_oneplus3/ A block of commits on 16th June 2019 is when things broke. By process of elimination, it isn't: the boot loader, the key master, the old modem (but COULD be the RIL), the kernel.
So I am guessing what would be really helpful to me would be:
How can I debug this? It seems its not a Kernel panic as there is no pstore, but white LED comes on (if lineageos) or no LED (if oxygenos).
Is it possible to build LineageOS 17.1 but with old blobs/firmwares? I don't want a step by step or anything but pointers if its possible even...

How to "Bump Security String" ?

Hey there, I hope that maybe someone could take the time to explain this process to me a bit.
I'm building LineageOS 15.1 for the Axon7. As there hardly are any updates, besides monthly Security Updates, I'm always just waiting for those to get merged. As hardly anyone is still interested in the 15.1 source this sometimes takes quite a while (not complaining).
I've had a look at the merged commits in the Lineage source and all I can see is that literately one string gets updated. The Date.
Now my question is. If I were to change that string in my local source, with the (as mentioned in the "version_defaults.mk") corresponding and matching date of the Android Security Patch Level , would that automatically sync all necessary patches and the security patch level of my ROM (if it builds)would be up to date?
Also does it have to be the exact date, or simply any date, after the Security Patch was commited?
Would that really be all it takes?
Thanks in advance to anyone, who might help me clear that up.
You can use repopick to build with patches not merged yet. Like...repo sync source build/envsetup.sh repopick -t n-asb-2020-04 breakfast...
July patches for oreo are merged
https://review.lineageos.org/q/topic:%22O_asb_2020-07%22
August patches are not yet in gerrit
Also erstmal danke für deine Antwort.
I'm really relatively new to building roms and I appreciate any and all info that I can get, so again, thanks you for that.
Is there, like I asked, any chance tho to build it with the latest security updates before they are added as "open" to the gerrit?
Can it be added the way I mentioned above, or is there more to it?

Categories

Resources