diff --git a/android-14.0.0_r75/external/minijail/0001-disable-seccomp.patch b/android-14.0.0_r75/external/minijail/0001-disable-seccomp.patch new file mode 100644 index 0000000..ba819d3 --- /dev/null +++ b/android-14.0.0_r75/external/minijail/0001-disable-seccomp.patch @@ -0,0 +1,32 @@ +From 7ce93a65d3ec48d465a1659f360f5fc5cbc05171 Mon Sep 17 00:00:00 2001 +From: Ziyang Zhou +Date: Mon, 26 Apr 2021 22:55:03 +0800 +Subject: [PATCH] disable seccomp + +--- + libminijail.c | 2 ++ + 1 file changed, 2 insertions(+) + +diff --git a/libminijail.c b/libminijail.c +index bb60904..efe8be2 100644 +--- a/libminijail.c ++++ b/libminijail.c +@@ -2487,6 +2487,7 @@ static void set_seccomp_filter(const struct minijail *j) + /* + * Install the syscall filter. + */ ++#if 0 // HACKED + if (j->flags.seccomp_filter) { + if (j->flags.seccomp_filter_tsync || + j->flags.seccomp_filter_allow_speculation) { +@@ -2508,6 +2509,7 @@ static void set_seccomp_filter(const struct minijail *j) + } + } + } ++#endif + } + + static pid_t forward_pid = -1; +-- +2.49.0 + diff --git a/android-14.0.0_r75/external/selinux/0001-ignore-selinux.patch b/android-14.0.0_r75/external/selinux/0001-ignore-selinux.patch new file mode 100644 index 0000000..3b6e456 --- /dev/null +++ b/android-14.0.0_r75/external/selinux/0001-ignore-selinux.patch @@ -0,0 +1,165 @@ +From 5fb822b4cad95ee5cd97eb0bc7170fdcb407dfbb Mon Sep 17 00:00:00 2001 +From: Ziyang Zhou +Date: Sun, 9 May 2021 23:44:12 +0800 +Subject: [PATCH] ignore selinux + +--- + libselinux/include/selinux/selinux.h | 4 ++++ + libselinux/src/checkAccess.c | 1 + + libselinux/src/getenforce.c | 1 + + libselinux/src/getfilecon.c | 1 + + libselinux/src/getpeercon.c | 1 + + libselinux/src/init.c | 1 + + libselinux/src/label.c | 1 + + libselinux/src/lgetfilecon.c | 1 + + libselinux/src/lsetfilecon.c | 1 + + libselinux/src/procattr.c | 2 ++ + libselinux/src/sestatus.c | 1 + + 11 files changed, 15 insertions(+) + +diff --git a/libselinux/include/selinux/selinux.h b/libselinux/include/selinux/selinux.h +index a094885..3ddeee2 100644 +--- a/libselinux/include/selinux/selinux.h ++++ b/libselinux/include/selinux/selinux.h +@@ -4,6 +4,10 @@ + #include + #include + ++#define SE_HACK ++#define se_hack() if (1) return ++#define se_hack1(p) if (1) return p ++ + #ifdef __cplusplus + extern "C" { + #endif +diff --git a/libselinux/src/checkAccess.c b/libselinux/src/checkAccess.c +index 022cd6b..a23bffc 100644 +--- a/libselinux/src/checkAccess.c ++++ b/libselinux/src/checkAccess.c +@@ -20,6 +20,7 @@ static void avc_init_once(void) + } + + int selinux_check_access(const char *scon, const char *tcon, const char *class, const char *perm, void *aux) { ++ se_hack1(0); + int rc; + security_id_t scon_id; + security_id_t tcon_id; +diff --git a/libselinux/src/getenforce.c b/libselinux/src/getenforce.c +index 3f1e200..bf16227 100644 +--- a/libselinux/src/getenforce.c ++++ b/libselinux/src/getenforce.c +@@ -11,6 +11,7 @@ + + int security_getenforce(void) + { ++ se_hack1(0); + int fd, ret, enforce = 0; + char path[PATH_MAX]; + char buf[20]; +diff --git a/libselinux/src/getfilecon.c b/libselinux/src/getfilecon.c +index 4bee313..f8b159a 100644 +--- a/libselinux/src/getfilecon.c ++++ b/libselinux/src/getfilecon.c +@@ -52,6 +52,7 @@ int getfilecon_raw(const char *path, char ** context) + + int getfilecon(const char *path, char ** context) + { ++ se_hack1((*context = calloc(7, 1), memcpy(*context, "HACKED", 6), 0)); + int ret; + char * rcontext = NULL; + +diff --git a/libselinux/src/getpeercon.c b/libselinux/src/getpeercon.c +index a9dca73..10771cb 100644 +--- a/libselinux/src/getpeercon.c ++++ b/libselinux/src/getpeercon.c +@@ -46,6 +46,7 @@ int getpeercon_raw(int fd, char ** context) + + int getpeercon(int fd, char ** context) + { ++ se_hack1((*context = calloc(7, 1), memcpy(*context, "HACKED", 6), 0)); + int ret; + char * rcontext; + +diff --git a/libselinux/src/init.c b/libselinux/src/init.c +index 439da41..41268a7 100644 +--- a/libselinux/src/init.c ++++ b/libselinux/src/init.c +@@ -139,6 +139,7 @@ void fini_selinuxmnt(void) + + void set_selinuxmnt(const char *mnt) + { ++ se_hack(); + selinux_mnt = strdup(mnt); + } + +diff --git a/libselinux/src/label.c b/libselinux/src/label.c +index e0ed68d..2c22c04 100644 +--- a/libselinux/src/label.c ++++ b/libselinux/src/label.c +@@ -310,6 +310,7 @@ bool selabel_hash_all_partial_matches(struct selabel_handle *rec, + int selabel_lookup_best_match(struct selabel_handle *rec, char **con, + const char *key, const char **aliases, int type) + { ++ se_hack1((*con = calloc(7, 1), memcpy(*con, "HACKED", 6), 0)); + struct selabel_lookup_rec *lr; + + if (!rec->func_lookup_best_match) { +diff --git a/libselinux/src/lgetfilecon.c b/libselinux/src/lgetfilecon.c +index d1fb821..0d3b0ac 100644 +--- a/libselinux/src/lgetfilecon.c ++++ b/libselinux/src/lgetfilecon.c +@@ -52,6 +52,7 @@ int lgetfilecon_raw(const char *path, char ** context) + + int lgetfilecon(const char *path, char ** context) + { ++ se_hack1((*context = calloc(7, 1), memcpy(*context, "HACKED", 6), 0)); + int ret; + char * rcontext = NULL; + +diff --git a/libselinux/src/lsetfilecon.c b/libselinux/src/lsetfilecon.c +index 213fb68..c73c152 100644 +--- a/libselinux/src/lsetfilecon.c ++++ b/libselinux/src/lsetfilecon.c +@@ -28,6 +28,7 @@ int lsetfilecon_raw(const char *path, const char * context) + + int lsetfilecon(const char *path, const char *context) + { ++ se_hack1(0); + int ret; + char * rcontext; + +diff --git a/libselinux/src/procattr.c b/libselinux/src/procattr.c +index b7a93a2..a1478c7 100644 +--- a/libselinux/src/procattr.c ++++ b/libselinux/src/procattr.c +@@ -175,6 +175,7 @@ static int getprocattrcon_raw(char **context, pid_t pid, const char *attr, + static int getprocattrcon(char **context, pid_t pid, const char *attr, + const char *prev_context) + { ++ se_hack1((*context = calloc(7, 1), memcpy(*context, "HACKED", 6), 0)); + int ret; + char * rcontext; + +@@ -239,6 +240,7 @@ out: + static int setprocattrcon(const char *context, const char *attr, + char **prev_context) + { ++ se_hack1(0); + int ret; + char * rcontext; + +diff --git a/libselinux/src/sestatus.c b/libselinux/src/sestatus.c +index fbe6430..bafe6bb 100644 +--- a/libselinux/src/sestatus.c ++++ b/libselinux/src/sestatus.c +@@ -277,6 +277,7 @@ static int fallback_cb_policyload(int policyload) + */ + int selinux_status_open(int fallback) + { ++ se_hack1(0); + int fd; + char path[PATH_MAX]; + long pagesize; +-- +2.49.0 + diff --git a/android-14.0.0_r75/frameworks/av/0001-workaround-for-mesa-video-playback.patch b/android-14.0.0_r75/frameworks/av/0001-workaround-for-mesa-video-playback.patch new file mode 100644 index 0000000..7029586 --- /dev/null +++ b/android-14.0.0_r75/frameworks/av/0001-workaround-for-mesa-video-playback.patch @@ -0,0 +1,48 @@ +From 15cea1e3bb2367d95798efa33d66c1efb71a69e9 Mon Sep 17 00:00:00 2001 +From: Ziyang Zhou +Date: Mon, 20 Sep 2021 18:22:20 +0000 +Subject: [PATCH 1/2] ? workaround for mesa video playback + +--- + media/libstagefright/colorconversion/SoftwareRenderer.cpp | 4 ++++ + 1 file changed, 4 insertions(+) + +diff --git a/media/libstagefright/colorconversion/SoftwareRenderer.cpp b/media/libstagefright/colorconversion/SoftwareRenderer.cpp +index 2409315..1e3ec7b 100644 +--- a/media/libstagefright/colorconversion/SoftwareRenderer.cpp ++++ b/media/libstagefright/colorconversion/SoftwareRenderer.cpp +@@ -130,6 +130,7 @@ void SoftwareRenderer::resetFormatIfChanged( + // hardware has YUV12 and RGBA8888 support, so convert known formats + { + switch (mColorFormat) { ++#if 0 // HACKED + case OMX_COLOR_FormatYUV420Planar: + case OMX_COLOR_FormatYUV420SemiPlanar: + case OMX_TI_COLOR_FormatYUV420PackedSemiPlanar: +@@ -139,6 +140,7 @@ void SoftwareRenderer::resetFormatIfChanged( + bufHeight = (mCropHeight + 1) & ~1; + break; + } ++#endif + case OMX_COLOR_Format24bitRGB888: + { + halFormat = HAL_PIXEL_FORMAT_RGB_888; +@@ -154,6 +156,7 @@ void SoftwareRenderer::resetFormatIfChanged( + bufHeight = (mCropHeight + 1) & ~1; + break; + } ++#if 0 // HACKED + case OMX_COLOR_FormatYUV420Planar16: + { + if (((dataSpace & HAL_DATASPACE_STANDARD_MASK) == HAL_DATASPACE_STANDARD_BT2020) +@@ -170,6 +173,7 @@ void SoftwareRenderer::resetFormatIfChanged( + bufHeight = (mCropHeight + 1) & ~1; + break; + } ++#endif + default: + { + break; +-- +2.49.0 + diff --git a/android-14.0.0_r75/frameworks/av/0002-NOT-skip-OMX-nodes.patch b/android-14.0.0_r75/frameworks/av/0002-NOT-skip-OMX-nodes.patch new file mode 100644 index 0000000..a53d50e --- /dev/null +++ b/android-14.0.0_r75/frameworks/av/0002-NOT-skip-OMX-nodes.patch @@ -0,0 +1,26 @@ +From be4599dcbe8cd0be837a324dacead3a47deacfc5 Mon Sep 17 00:00:00 2001 +From: Ziyang Zhou +Date: Sat, 6 Aug 2022 10:17:12 +0800 +Subject: [PATCH 2/2] NOT skip OMX nodes + +users may use legacy kernel without `ION` / `DMABUF_HEAP` enabled, +enable OMX nodes to support this. +--- + media/libstagefright/omx/OMXStore.cpp | 1 - + 1 file changed, 1 deletion(-) + +diff --git a/media/libstagefright/omx/OMXStore.cpp b/media/libstagefright/omx/OMXStore.cpp +index b2d5a70..3be56c8 100644 +--- a/media/libstagefright/omx/OMXStore.cpp ++++ b/media/libstagefright/omx/OMXStore.cpp +@@ -161,7 +161,6 @@ void OMXStore::addPlugin(OMXPluginBase *plugin) { + } + } + if (skip) { +- continue; + } + } + +-- +2.49.0 + diff --git a/android-14.0.0_r75/frameworks/base/0001-ignore-cgroup-error.patch b/android-14.0.0_r75/frameworks/base/0001-ignore-cgroup-error.patch new file mode 100644 index 0000000..66a1eaa --- /dev/null +++ b/android-14.0.0_r75/frameworks/base/0001-ignore-cgroup-error.patch @@ -0,0 +1,25 @@ +From 0cdad8898a101010e3c60c4940272d5701f40642 Mon Sep 17 00:00:00 2001 +From: Ziyang Zhou +Date: Sat, 11 Nov 2023 10:30:11 +0800 +Subject: [PATCH] ignore cgroup error + +--- + services/core/java/com/android/server/am/ProcessList.java | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/services/core/java/com/android/server/am/ProcessList.java b/services/core/java/com/android/server/am/ProcessList.java +index 89c89944e..34e9f377d 100644 +--- a/services/core/java/com/android/server/am/ProcessList.java ++++ b/services/core/java/com/android/server/am/ProcessList.java +@@ -2518,7 +2518,7 @@ public final class ProcessList { + "Unable to create process group for " + + app.processName + " (" + startResult.pid + ")"); + } else { +- throw new AssertionError("Unable to create process group for " ++ Slog.e(ActivityManagerService.TAG, "Unable to create process group for " + + app.processName + " (" + startResult.pid + ")"); + } + } else { +-- +2.49.0 + diff --git a/android-14.0.0_r75/frameworks/native/0001-fix-booting.patch b/android-14.0.0_r75/frameworks/native/0001-fix-booting.patch new file mode 100644 index 0000000..2ba0caf --- /dev/null +++ b/android-14.0.0_r75/frameworks/native/0001-fix-booting.patch @@ -0,0 +1,51 @@ +From 8f06b928fbbc40e0071713b3d3067e86a205c739 Mon Sep 17 00:00:00 2001 +From: Ziyang Zhou +Date: Sun, 9 May 2021 23:04:00 +0800 +Subject: [PATCH] fix booting + +--- + libs/binder/Binder.cpp | 1 + + libs/binder/IPCThreadState.cpp | 2 +- + libs/binder/ProcessState.cpp | 1 + + 3 files changed, 3 insertions(+), 1 deletion(-) + +diff --git a/libs/binder/Binder.cpp b/libs/binder/Binder.cpp +index c57c9cd..ccb13ea 100644 +--- a/libs/binder/Binder.cpp ++++ b/libs/binder/Binder.cpp +@@ -506,6 +506,7 @@ void BBinder::setRequestingSid(bool requestingSid) + "setRequestingSid() should not be called after a binder object " + "is parceled/sent to another process"); + ++ requestingSid = false; // HACKED + Extras* e = mExtras.load(std::memory_order_acquire); + + if (!e) { +diff --git a/libs/binder/IPCThreadState.cpp b/libs/binder/IPCThreadState.cpp +index ef96f80..40c50c5 100644 +--- a/libs/binder/IPCThreadState.cpp ++++ b/libs/binder/IPCThreadState.cpp +@@ -1376,7 +1376,7 @@ status_t IPCThreadState::executeCommand(int32_t cmd) + clearPropagateWorkSource(); + + mCallingPid = tr.sender_pid; +- mCallingSid = reinterpret_cast(tr_secctx.secctx); ++ mCallingSid = "HACKED"; + mCallingUid = tr.sender_euid; + mHasExplicitIdentity = false; + mLastTransactionBinderFlags = tr.flags; +diff --git a/libs/binder/ProcessState.cpp b/libs/binder/ProcessState.cpp +index fb2781b..3510940 100644 +--- a/libs/binder/ProcessState.cpp ++++ b/libs/binder/ProcessState.cpp +@@ -211,6 +211,7 @@ bool ProcessState::becomeContextManager() + flat_binder_object obj { + .flags = FLAT_BINDER_FLAG_TXN_SECURITY_CTX, + }; ++ obj.flags = 0; // HACKED + + int result = ioctl(mDriverFD, BINDER_SET_CONTEXT_MGR_EXT, &obj); + +-- +2.49.0 + diff --git a/android-14.0.0_r75/packages/modules/Connectivity/0001-fix-booting.patch b/android-14.0.0_r75/packages/modules/Connectivity/0001-fix-booting.patch new file mode 100644 index 0000000..1dd89c3 --- /dev/null +++ b/android-14.0.0_r75/packages/modules/Connectivity/0001-fix-booting.patch @@ -0,0 +1,59 @@ +From 927beebd8bb96fbff43585e7676710f80a89e57b Mon Sep 17 00:00:00 2001 +From: Ziyang Zhou +Date: Thu, 5 Oct 2023 22:18:09 +0800 +Subject: [PATCH] fix booting + +Change-Id: Ic19ca983445914155c020abc459b4615eaceba75 +--- + netbpfload/NetBpfLoad.cpp | 8 ++++++-- + .../com_android_server_connectivity_ClatCoordinator.cpp | 1 + + 2 files changed, 7 insertions(+), 2 deletions(-) + +diff --git a/netbpfload/NetBpfLoad.cpp b/netbpfload/NetBpfLoad.cpp +index ed7d048..284721d 100644 +--- a/netbpfload/NetBpfLoad.cpp ++++ b/netbpfload/NetBpfLoad.cpp +@@ -353,12 +353,14 @@ int main(int argc, char** argv, char * const envp[]) { + // kernel does not have CONFIG_BPF_JIT=y) + // BPF_JIT is required by R VINTF (which means 4.14/4.19/5.4 kernels), + // but 4.14/4.19 were released with P & Q, and only 5.4 is new in R+. +- if (writeProcSysFile("/proc/sys/net/core/bpf_jit_enable", "1\n")) return 1; ++ if (writeProcSysFile("/proc/sys/net/core/bpf_jit_enable", "1\n")) ++ ALOGE("write 1 to /proc/sys/net/core/bpf_jit_enable FAILED"); + + // Enable JIT kallsyms export for privileged users only + // (Note: this (open) will fail with ENOENT 'No such file or directory' if + // kernel does not have CONFIG_HAVE_EBPF_JIT=y) +- if (writeProcSysFile("/proc/sys/net/core/bpf_jit_kallsyms", "1\n")) return 1; ++ if (writeProcSysFile("/proc/sys/net/core/bpf_jit_kallsyms", "1\n")) ++ ALOGE("write 1 to /proc/sys/net/core/bpf_jit_kallsyms FAILED"); + } + + // Create all the pin subdirectories +@@ -383,9 +385,11 @@ int main(int argc, char** argv, char * const envp[]) { + ALOGE("If this triggers reliably, you're probably missing kernel options or patches."); + ALOGE("If this triggers randomly, you might be hitting some memory allocation " + "problems or startup script race."); ++ #if 0 + ALOGE("--- DO NOT EXPECT SYSTEM TO BOOT SUCCESSFULLY ---"); + sleep(20); + return 2; ++ #endif + } + } + +diff --git a/service/jni/com_android_server_connectivity_ClatCoordinator.cpp b/service/jni/com_android_server_connectivity_ClatCoordinator.cpp +index c125bd6..0621893 100644 +--- a/service/jni/com_android_server_connectivity_ClatCoordinator.cpp ++++ b/service/jni/com_android_server_connectivity_ClatCoordinator.cpp +@@ -130,6 +130,7 @@ static void verifyClatPerms() { + + #undef V2 + ++ fatal = false; // HACKED + if (fatal) abort(); + } + +-- +2.49.0 + diff --git a/android-14.0.0_r75/system/bpf/0001-fix-booting.patch b/android-14.0.0_r75/system/bpf/0001-fix-booting.patch new file mode 100644 index 0000000..558ce8c --- /dev/null +++ b/android-14.0.0_r75/system/bpf/0001-fix-booting.patch @@ -0,0 +1,29 @@ +From 4f5ba15568891b3f3b2479b19eb82a0df2abfe59 Mon Sep 17 00:00:00 2001 +From: Ziyang Zhou +Date: Thu, 5 Oct 2023 23:27:52 +0800 +Subject: [PATCH] fix booting + +Change-Id: Ic7bc65bd873742e20438305df2a94539cbec200b +--- + bpfloader/BpfLoader.cpp | 2 ++ + 1 file changed, 2 insertions(+) + +diff --git a/bpfloader/BpfLoader.cpp b/bpfloader/BpfLoader.cpp +index 08fd72d..347b452 100644 +--- a/bpfloader/BpfLoader.cpp ++++ b/bpfloader/BpfLoader.cpp +@@ -206,9 +206,11 @@ int main(int argc, char** argv) { + ALOGE("If this triggers reliably, you're probably missing kernel options or patches."); + ALOGE("If this triggers randomly, you might be hitting some memory allocation " + "problems or startup script race."); ++#if 0 // HACKED + ALOGE("--- DO NOT EXPECT SYSTEM TO BOOT SUCCESSFULLY ---"); + sleep(20); + return 2; ++#endif + } + } + +-- +2.49.0 + diff --git a/android-14.0.0_r75/system/core/0001-fix-booting.patch b/android-14.0.0_r75/system/core/0001-fix-booting.patch new file mode 100644 index 0000000..67e4bd2 --- /dev/null +++ b/android-14.0.0_r75/system/core/0001-fix-booting.patch @@ -0,0 +1,143 @@ +From 8929a18a1032b9b4c21875383a5d54bd2703939e Mon Sep 17 00:00:00 2001 +From: Ziyang Zhou +Date: Sun, 9 May 2021 23:09:00 +0800 +Subject: [PATCH 1/6] fix booting + +--- + fs_mgr/libfstab/boot_config.cpp | 6 ++++-- + init/first_stage_init.cpp | 22 ++++++++++++++++++---- + init/service.cpp | 3 ++- + rootdir/init.rc | 1 - + 4 files changed, 24 insertions(+), 8 deletions(-) + +diff --git a/fs_mgr/libfstab/boot_config.cpp b/fs_mgr/libfstab/boot_config.cpp +index b21495e..15e597f 100644 +--- a/fs_mgr/libfstab/boot_config.cpp ++++ b/fs_mgr/libfstab/boot_config.cpp +@@ -154,13 +154,15 @@ bool GetKernelCmdlineFromString(const std::string& cmdline, const std::string& k + + void ImportKernelCmdline(const std::function& fn) { + std::string cmdline; +- android::base::ReadFileToString("/proc/cmdline", &cmdline); ++ android::base::ReadFileToString("/proc/self/cmdline", &cmdline); ++ std::replace(cmdline.begin(), cmdline.end(), '\0', ' '); + ImportKernelCmdlineFromString(android::base::Trim(cmdline), fn); + } + + bool GetKernelCmdline(const std::string& key, std::string* out) { + std::string cmdline; +- android::base::ReadFileToString("/proc/cmdline", &cmdline); ++ android::base::ReadFileToString("/proc/self/cmdline", &cmdline); ++ std::replace(cmdline.begin(), cmdline.end(), '\0', ' '); + return GetKernelCmdlineFromString(android::base::Trim(cmdline), key, out); + } + +diff --git a/init/first_stage_init.cpp b/init/first_stage_init.cpp +index c4d0f75..fdad43a 100644 +--- a/init/first_stage_init.cpp ++++ b/init/first_stage_init.cpp +@@ -36,6 +36,7 @@ + #include + #include + #include ++#include + #include + #include + #include +@@ -334,6 +335,8 @@ int FirstStageMain(int argc, char** argv) { + CHECKCALL(mkdir("/dev/pts", 0755)); + CHECKCALL(mkdir("/dev/socket", 0755)); + CHECKCALL(mkdir("/dev/dm-user", 0755)); ++ mount("/system/etc", "/etc", "none", MS_BIND, NULL); // cgroup fix ++ unshare(CLONE_NEWCGROUP); + CHECKCALL(mount("devpts", "/dev/pts", "devpts", 0, NULL)); + #define MAKE_STR(x) __STRING(x) + CHECKCALL(mount("proc", "/proc", "proc", 0, "hidepid=2,gid=" MAKE_STR(AID_READPROC))); +@@ -397,7 +400,6 @@ int FirstStageMain(int argc, char** argv) { + for (const auto& [error_string, error_errno] : errors) { + LOG(ERROR) << error_string << " " << strerror(error_errno); + } +- LOG(FATAL) << "Init encountered errors starting first stage, aborting"; + } + + LOG(INFO) << "init first stage started!"; +@@ -515,6 +517,7 @@ int FirstStageMain(int argc, char** argv) { + if (!fsm) { + fsm = CreateFirstStageMount(cmdline); + } ++ #if 0 + if (!fsm) { + LOG(FATAL) << "FirstStageMount not available"; + } +@@ -524,8 +527,9 @@ int FirstStageMain(int argc, char** argv) { + } + + if (!fsm->DoFirstStageMount()) { +- LOG(FATAL) << "Failed to mount required partitions early ..."; ++ LOG(ERROR) << "Failed to mount required partitions early ..."; + } ++ #endif + } + + struct stat new_root_info {}; +@@ -544,12 +548,22 @@ int FirstStageMain(int argc, char** argv) { + 1); + + const char* path = "/system/bin/init"; +- const char* args[] = {path, "selinux_setup", nullptr}; ++ std::vector args = {path, "second_stage"}; ++ std::string init_cmdline; ++ android::base::ReadFileToString("/proc/self/cmdline", &init_cmdline); ++ std::replace(init_cmdline.begin(), init_cmdline.end(), '\0', ' '); ++ auto cmd_vector = android::base::Split(android::base::Trim(init_cmdline), " "); ++ int i = 0; ++ for (const auto& entry : cmd_vector) { ++ if (i++ == 0) continue; // ignore first arg '/init' ++ args.push_back(entry.c_str()); ++ } ++ args.push_back(nullptr); + auto fd = open("/dev/kmsg", O_WRONLY | O_CLOEXEC); + dup2(fd, STDOUT_FILENO); + dup2(fd, STDERR_FILENO); + close(fd); +- execv(path, const_cast(args)); ++ execv(path, const_cast(args.data())); + + // execv() only returns if an error happened, in which case we + // panic and never fall through this conditional. +diff --git a/init/service.cpp b/init/service.cpp +index eb24dd5..9ab2f94 100644 +--- a/init/service.cpp ++++ b/init/service.cpp +@@ -76,6 +76,7 @@ namespace android { + namespace init { + + static Result ComputeContextFromExecutable(const std::string& service_path) { ++ se_hack1("HACKED"); + std::string computed_context; + + char* raw_con = nullptr; +@@ -367,7 +368,7 @@ void Service::Reap(const siginfo_t& siginfo) { + if (!GetBoolProperty("init.svc_debug.no_fatal." + name_, false)) { + // Aborts into `fatal_reboot_target_'. + SetFatalRebootTarget(fatal_reboot_target_); +- LOG(FATAL) << "critical process '" << name_ << "' exited 4 times " ++ LOG(ERROR) << "critical process '" << name_ << "' exited 4 times " + << exit_reason; + } + } else { +diff --git a/rootdir/init.rc b/rootdir/init.rc +index 8a2ed9f..e14d7f1 100644 +--- a/rootdir/init.rc ++++ b/rootdir/init.rc +@@ -572,7 +572,6 @@ on post-fs + + # Once everything is setup, no need to modify /. + # The bind+remount combination allows this to work in containers. +- mount rootfs rootfs / remount bind ro nodev + + # Mount default storage into root namespace + mount none /mnt/user/0 /storage bind rec +-- +2.49.0 + diff --git a/android-14.0.0_r75/system/core/0002-allow-override-ro.-prop.patch b/android-14.0.0_r75/system/core/0002-allow-override-ro.-prop.patch new file mode 100644 index 0000000..c7ab953 --- /dev/null +++ b/android-14.0.0_r75/system/core/0002-allow-override-ro.-prop.patch @@ -0,0 +1,25 @@ +From 229572b701e8bc949acbd45b7355b4661aab21b4 Mon Sep 17 00:00:00 2001 +From: Ziyang Zhou +Date: Sat, 26 Jun 2021 05:42:24 +0000 +Subject: [PATCH 2/6] allow override ro.* prop + +--- + init/property_service.cpp | 2 ++ + 1 file changed, 2 insertions(+) + +diff --git a/init/property_service.cpp b/init/property_service.cpp +index 157fc70..7197230 100644 +--- a/init/property_service.cpp ++++ b/init/property_service.cpp +@@ -1364,6 +1364,8 @@ static void ProcessKernelCmdline() { + android::fs_mgr::ImportKernelCmdline([&](const std::string& key, const std::string& value) { + if (StartsWith(key, ANDROIDBOOT_PREFIX)) { + InitPropertySet("ro.boot." + key.substr(ANDROIDBOOT_PREFIX.size()), value); ++ } else if (StartsWith(key, "ro.")) { ++ InitPropertySet(key, value); + } + }); + } +-- +2.49.0 + diff --git a/android-14.0.0_r75/system/core/0003-ignore-input-subsystem.patch b/android-14.0.0_r75/system/core/0003-ignore-input-subsystem.patch new file mode 100644 index 0000000..efebf3a --- /dev/null +++ b/android-14.0.0_r75/system/core/0003-ignore-input-subsystem.patch @@ -0,0 +1,26 @@ +From b324f06ebb6b170e444288bfbc3f06379b740eaf Mon Sep 17 00:00:00 2001 +From: Ziyang Zhou +Date: Fri, 25 Jun 2021 15:56:47 +0000 +Subject: [PATCH 3/6] ignore input subsystem + +--- + rootdir/ueventd.rc | 3 --- + 1 file changed, 3 deletions(-) + +diff --git a/rootdir/ueventd.rc b/rootdir/ueventd.rc +index 3927501..404da8f 100644 +--- a/rootdir/ueventd.rc ++++ b/rootdir/ueventd.rc +@@ -12,9 +12,6 @@ subsystem drm + devname uevent_devpath + dirname /dev/dri + +-subsystem input +- devname uevent_devpath +- dirname /dev/input + + subsystem sound + devname uevent_devpath +-- +2.49.0 + diff --git a/android-14.0.0_r75/system/core/0004-ignore-devfs-mount.patch b/android-14.0.0_r75/system/core/0004-ignore-devfs-mount.patch new file mode 100644 index 0000000..fa97e76 --- /dev/null +++ b/android-14.0.0_r75/system/core/0004-ignore-devfs-mount.patch @@ -0,0 +1,24 @@ +From c94d39764a46fc834e7a996c5131605875fc667e Mon Sep 17 00:00:00 2001 +From: Ziyang Zhou +Date: Fri, 17 Dec 2021 22:44:33 +0800 +Subject: [PATCH 4/6] ignore devfs mount + +--- + init/first_stage_init.cpp | 1 - + 1 file changed, 1 deletion(-) + +diff --git a/init/first_stage_init.cpp b/init/first_stage_init.cpp +index fdad43a..5d1d3dd 100644 +--- a/init/first_stage_init.cpp ++++ b/init/first_stage_init.cpp +@@ -331,7 +331,6 @@ int FirstStageMain(int argc, char** argv) { + CHECKCALL(setenv("PATH", _PATH_DEFPATH, 1)); + // Get the basic filesystem setup we need put together in the initramdisk + // on / and then we'll let the rc file figure out the rest. +- CHECKCALL(mount("tmpfs", "/dev", "tmpfs", MS_NOSUID, "mode=0755")); + CHECKCALL(mkdir("/dev/pts", 0755)); + CHECKCALL(mkdir("/dev/socket", 0755)); + CHECKCALL(mkdir("/dev/dm-user", 0755)); +-- +2.49.0 + diff --git a/android-14.0.0_r75/system/core/0005-auto-alloc-binder-devices.patch b/android-14.0.0_r75/system/core/0005-auto-alloc-binder-devices.patch new file mode 100644 index 0000000..d84fa85 --- /dev/null +++ b/android-14.0.0_r75/system/core/0005-auto-alloc-binder-devices.patch @@ -0,0 +1,24 @@ +From 054bb61d9c0779fca4109a59470f74e27a9aa879 Mon Sep 17 00:00:00 2001 +From: Ziyang Zhou +Date: Thu, 6 Jan 2022 20:47:28 +0800 +Subject: [PATCH 5/6] auto alloc binder devices + +--- + rootdir/init.rc | 1 + + 1 file changed, 1 insertion(+) + +diff --git a/rootdir/init.rc b/rootdir/init.rc +index e14d7f1..cb8a8a7 100644 +--- a/rootdir/init.rc ++++ b/rootdir/init.rc +@@ -259,6 +259,7 @@ on init + mkdir /dev/binderfs + mount binder binder /dev/binderfs stats=global + chmod 0755 /dev/binderfs ++ exec -- /vendor/bin/binder_alloc /dev/binderfs/binder-control binder hwbinder vndbinder + + # Mount fusectl + mount fusectl none /sys/fs/fuse/connections +-- +2.49.0 + diff --git a/android-14.0.0_r75/system/core/0006-skip-fusectl-mount.patch b/android-14.0.0_r75/system/core/0006-skip-fusectl-mount.patch new file mode 100644 index 0000000..bd7e7ba --- /dev/null +++ b/android-14.0.0_r75/system/core/0006-skip-fusectl-mount.patch @@ -0,0 +1,24 @@ +From 5726bb74f92ce7e0ce9f9409c7f6d9420e297b49 Mon Sep 17 00:00:00 2001 +From: Ziyang Zhou +Date: Sat, 2 Sep 2023 17:10:16 +0800 +Subject: [PATCH 6/6] skip fusectl mount + +--- + rootdir/init.rc | 1 - + 1 file changed, 1 deletion(-) + +diff --git a/rootdir/init.rc b/rootdir/init.rc +index cb8a8a7..60dd1d6 100644 +--- a/rootdir/init.rc ++++ b/rootdir/init.rc +@@ -262,7 +262,6 @@ on init + exec -- /vendor/bin/binder_alloc /dev/binderfs/binder-control binder hwbinder vndbinder + + # Mount fusectl +- mount fusectl none /sys/fs/fuse/connections + + symlink /dev/binderfs/binder /dev/binder + symlink /dev/binderfs/hwbinder /dev/hwbinder +-- +2.49.0 + diff --git a/android-14.0.0_r75/system/libhwbinder/0001-fix-booting.patch b/android-14.0.0_r75/system/libhwbinder/0001-fix-booting.patch new file mode 100644 index 0000000..aa089f0 --- /dev/null +++ b/android-14.0.0_r75/system/libhwbinder/0001-fix-booting.patch @@ -0,0 +1,45 @@ +From 9aa8f3d2bfe706d3cd81f59ed53ffcd2456a319e Mon Sep 17 00:00:00 2001 +From: Ziyang Zhou +Date: Sun, 9 May 2021 23:44:12 +0800 +Subject: [PATCH] fix booting + +--- + Binder.cpp | 1 + + ProcessState.cpp | 3 +++ + 2 files changed, 4 insertions(+) + +diff --git a/Binder.cpp b/Binder.cpp +index 6d26414..b657a0b 100644 +--- a/Binder.cpp ++++ b/Binder.cpp +@@ -96,6 +96,7 @@ bool BHwBinder::isRequestingSid() { + } + + void BHwBinder::setRequestingSid(bool requestingSid) { ++ requestingSid = false; // HACKED + Extras* e = mExtras.load(std::memory_order_acquire); + + if (!e) { +diff --git a/ProcessState.cpp b/ProcessState.cpp +index d6dfa16..7363cd6 100644 +--- a/ProcessState.cpp ++++ b/ProcessState.cpp +@@ -123,12 +123,15 @@ void ProcessState::becomeContextManager() + { + AutoMutex _l(mLock); + ++#if 0 // HACKED (?) + flat_binder_object obj { + .flags = FLAT_BINDER_FLAG_TXN_SECURITY_CTX, + }; + + status_t result = ioctl(mDriverFD, BINDER_SET_CONTEXT_MGR_EXT, &obj); ++#endif + ++ status_t result = 1; + // fallback to original method + if (result != 0) { + android_errorWriteLog(0x534e4554, "121035042"); +-- +2.49.0 + diff --git a/android-14.0.0_r75/system/libvintf/0001-ignore-compatibility-check.patch b/android-14.0.0_r75/system/libvintf/0001-ignore-compatibility-check.patch new file mode 100644 index 0000000..e7dc5bf --- /dev/null +++ b/android-14.0.0_r75/system/libvintf/0001-ignore-compatibility-check.patch @@ -0,0 +1,24 @@ +From 80126ebbca3a1f7f818310f143dd930ca1110b95 Mon Sep 17 00:00:00 2001 +From: Ziyang Zhou +Date: Sat, 15 Oct 2022 09:12:31 +0800 +Subject: [PATCH] ignore compatibility check + +--- + VintfObject.cpp | 1 - + 1 file changed, 1 deletion(-) + +diff --git a/VintfObject.cpp b/VintfObject.cpp +index 2861099..21728c0 100644 +--- a/VintfObject.cpp ++++ b/VintfObject.cpp +@@ -746,7 +746,6 @@ int32_t VintfObject::checkCompatibility(std::string* error, CheckFlags::Type fla + error->insert(0, + "Runtime info and framework compatibility matrix are incompatible: "); + } +- return INCOMPATIBLE; + } + } + +-- +2.49.0 + diff --git a/android-14.0.0_r75/system/netd/0001-ignore-iptables-error.patch b/android-14.0.0_r75/system/netd/0001-ignore-iptables-error.patch new file mode 100644 index 0000000..10794f1 --- /dev/null +++ b/android-14.0.0_r75/system/netd/0001-ignore-iptables-error.patch @@ -0,0 +1,50 @@ +From b6633bddd0b5f53222bd0658763400dd4a689764 Mon Sep 17 00:00:00 2001 +From: Ziyang Zhou +Date: Sat, 31 Jul 2021 06:14:33 +0000 +Subject: [PATCH 1/3] ignore iptables error + +--- + server/BandwidthController.cpp | 1 + + server/Controllers.cpp | 1 - + server/IptablesRestoreController.cpp | 1 + + 3 files changed, 2 insertions(+), 1 deletion(-) + +diff --git a/server/BandwidthController.cpp b/server/BandwidthController.cpp +index 438dbb8..8a4ffec 100644 +--- a/server/BandwidthController.cpp ++++ b/server/BandwidthController.cpp +@@ -541,6 +541,7 @@ int BandwidthController::updateQuota(const std::string& quotaName, int64_t bytes + if (!isOk(file)) { + int res = errno; + ALOGE("Updating quota %s failed (%s)", quotaName.c_str(), toString(file).c_str()); ++ res = 0; // HACKED + return -res; + } + // TODO: should we propagate this error? +diff --git a/server/Controllers.cpp b/server/Controllers.cpp +index 87b2c55..6e60a58 100644 +--- a/server/Controllers.cpp ++++ b/server/Controllers.cpp +@@ -321,7 +321,6 @@ void Controllers::init() { + // As such simply exit netd. This may crash loop the system, but by failing + // to bootup we will trigger rollback and thus this offers us protection against + // a mainline update breaking things. +- exit(1); + } + gLog.info("Enabling bandwidth control: %" PRId64 "us", s.getTimeAndResetUs()); + +diff --git a/server/IptablesRestoreController.cpp b/server/IptablesRestoreController.cpp +index d0aaa63..2133538 100644 +--- a/server/IptablesRestoreController.cpp ++++ b/server/IptablesRestoreController.cpp +@@ -346,6 +346,7 @@ int IptablesRestoreController::execute(const IptablesTarget target, const std::s + if (target == V6 || target == V4V6) { + res |= sendCommand(IP6TABLES_PROCESS, command, output); + } ++ res = 0; // ignore iptables error + return res; + } + +-- +2.49.0 + diff --git a/android-14.0.0_r75/system/netd/0002-ignore-bpf-error.patch b/android-14.0.0_r75/system/netd/0002-ignore-bpf-error.patch new file mode 100644 index 0000000..17046de --- /dev/null +++ b/android-14.0.0_r75/system/netd/0002-ignore-bpf-error.patch @@ -0,0 +1,24 @@ +From 44a54617400d6e5ac289bcdeb217187246eaa213 Mon Sep 17 00:00:00 2001 +From: Ziyang Zhou +Date: Sun, 14 Aug 2022 11:53:19 +0800 +Subject: [PATCH 2/3] ignore bpf error + +--- + server/main.cpp | 1 - + 1 file changed, 1 deletion(-) + +diff --git a/server/main.cpp b/server/main.cpp +index b0c5406..8ef2f19 100644 +--- a/server/main.cpp ++++ b/server/main.cpp +@@ -145,7 +145,6 @@ int main() { + + if (libnetd_updatable_init(cg2_path.c_str())) { + ALOGE("libnetd_updatable_init failed"); +- exit(1); + } + gLog.info("libnetd_updatable_init success"); + +-- +2.49.0 + diff --git a/android-14.0.0_r75/system/netd/0003-ignote-getTetherStats-error.patch b/android-14.0.0_r75/system/netd/0003-ignote-getTetherStats-error.patch new file mode 100644 index 0000000..0aae86f --- /dev/null +++ b/android-14.0.0_r75/system/netd/0003-ignote-getTetherStats-error.patch @@ -0,0 +1,28 @@ +From c248aea68ecfb3070eb64c57fd6954cb4334d363 Mon Sep 17 00:00:00 2001 +From: Ziyang Zhou +Date: Sun, 14 Aug 2022 11:57:11 +0800 +Subject: [PATCH 3/3] ignote getTetherStats error + +--- + server/TetherController.cpp | 2 ++ + 1 file changed, 2 insertions(+) + +diff --git a/server/TetherController.cpp b/server/TetherController.cpp +index 03185e7..150da1c 100644 +--- a/server/TetherController.cpp ++++ b/server/TetherController.cpp +@@ -913,9 +913,11 @@ StatusOr TetherController::getTetherStats() { + } + + if (int ret = addForwardChainStats(statsList, statsString, parsedIptablesOutput)) { ++#if 0 + return statusFromErrno(-ret, StringPrintf("failed to parse %s tether stats:\n%s", + target == V4 ? "IPv4": "IPv6", + parsedIptablesOutput.c_str())); ++#endif + } + } + +-- +2.49.0 + diff --git a/android-14.0.0_r75/system/vold/0001-ignore-project-quota-error.patch b/android-14.0.0_r75/system/vold/0001-ignore-project-quota-error.patch new file mode 100644 index 0000000..3937bd6 --- /dev/null +++ b/android-14.0.0_r75/system/vold/0001-ignore-project-quota-error.patch @@ -0,0 +1,24 @@ +From 7d892a25c277a8adf2a9f70425bb1d6aac6049a0 Mon Sep 17 00:00:00 2001 +From: Ziyang Zhou +Date: Sat, 6 Aug 2022 10:19:11 +0800 +Subject: [PATCH] ignore project quota error + +--- + Utils.cpp | 1 - + 1 file changed, 1 deletion(-) + +diff --git a/Utils.cpp b/Utils.cpp +index 696b0b4..42f05a1 100644 +--- a/Utils.cpp ++++ b/Utils.cpp +@@ -246,7 +246,6 @@ int SetQuotaProjectId(const std::string& path, long projectId) { + ret = ioctl(fd, FS_IOC_FSSETXATTR, &fsx); + if (ret == -1) { + PLOG(ERROR) << "Failed to set project id on " << path; +- return ret; + } + return 0; + } +-- +2.49.0 +