support android-14.0.0_r75

android-14.0.0_r75/external/minijail/0001-disable-seccomp.patch

@@ -0,0 +1,32 @@
+From 7ce93a65d3ec48d465a1659f360f5fc5cbc05171 Mon Sep 17 00:00:00 2001
+From: Ziyang Zhou <ziyang.zhou@outlook.com>
+Date: Mon, 26 Apr 2021 22:55:03 +0800
+Subject: [PATCH] disable seccomp
+
+---
+ libminijail.c | 2 ++
+ 1 file changed, 2 insertions(+)
+
+diff --git a/libminijail.c b/libminijail.c
+index bb60904..efe8be2 100644
+--- a/libminijail.c
++++ b/libminijail.c
+@@ -2487,6 +2487,7 @@ static void set_seccomp_filter(const struct minijail *j)
+ 	/*
+ 	 * Install the syscall filter.
+ 	 */
++#if 0 // HACKED
+ 	if (j->flags.seccomp_filter) {
+ 		if (j->flags.seccomp_filter_tsync ||
+ 		    j->flags.seccomp_filter_allow_speculation) {
+@@ -2508,6 +2509,7 @@ static void set_seccomp_filter(const struct minijail *j)
+ 			}
+ 		}
+ 	}
++#endif
+ }
+ 
+ static pid_t forward_pid = -1;
+-- 
+2.49.0
+

android-14.0.0_r75/external/selinux/0001-ignore-selinux.patch

@@ -0,0 +1,165 @@
+From 5fb822b4cad95ee5cd97eb0bc7170fdcb407dfbb Mon Sep 17 00:00:00 2001
+From: Ziyang Zhou <ziyang.zhou@outlook.com>
+Date: Sun, 9 May 2021 23:44:12 +0800
+Subject: [PATCH] ignore selinux
+
+---
+ libselinux/include/selinux/selinux.h | 4 ++++
+ libselinux/src/checkAccess.c         | 1 +
+ libselinux/src/getenforce.c          | 1 +
+ libselinux/src/getfilecon.c          | 1 +
+ libselinux/src/getpeercon.c          | 1 +
+ libselinux/src/init.c                | 1 +
+ libselinux/src/label.c               | 1 +
+ libselinux/src/lgetfilecon.c         | 1 +
+ libselinux/src/lsetfilecon.c         | 1 +
+ libselinux/src/procattr.c            | 2 ++
+ libselinux/src/sestatus.c            | 1 +
+ 11 files changed, 15 insertions(+)
+
+diff --git a/libselinux/include/selinux/selinux.h b/libselinux/include/selinux/selinux.h
+index a094885..3ddeee2 100644
+--- a/libselinux/include/selinux/selinux.h
++++ b/libselinux/include/selinux/selinux.h
+@@ -4,6 +4,10 @@
+ #include <sys/types.h>
+ #include <stdarg.h>
+ 
++#define SE_HACK
++#define se_hack() if (1) return
++#define se_hack1(p) if (1) return p
++
+ #ifdef __cplusplus
+ extern "C" {
+ #endif
+diff --git a/libselinux/src/checkAccess.c b/libselinux/src/checkAccess.c
+index 022cd6b..a23bffc 100644
+--- a/libselinux/src/checkAccess.c
++++ b/libselinux/src/checkAccess.c
+@@ -20,6 +20,7 @@ static void avc_init_once(void)
+ }
+ 
+ int selinux_check_access(const char *scon, const char *tcon, const char *class, const char *perm, void *aux) {
++    se_hack1(0);
+ 	int rc;
+ 	security_id_t scon_id;
+ 	security_id_t tcon_id;
+diff --git a/libselinux/src/getenforce.c b/libselinux/src/getenforce.c
+index 3f1e200..bf16227 100644
+--- a/libselinux/src/getenforce.c
++++ b/libselinux/src/getenforce.c
+@@ -11,6 +11,7 @@
+ 
+ int security_getenforce(void)
+ {
++	se_hack1(0);
+ 	int fd, ret, enforce = 0;
+ 	char path[PATH_MAX];
+ 	char buf[20];
+diff --git a/libselinux/src/getfilecon.c b/libselinux/src/getfilecon.c
+index 4bee313..f8b159a 100644
+--- a/libselinux/src/getfilecon.c
++++ b/libselinux/src/getfilecon.c
+@@ -52,6 +52,7 @@ int getfilecon_raw(const char *path, char ** context)
+ 
+ int getfilecon(const char *path, char ** context)
+ {
++    se_hack1((*context = calloc(7, 1), memcpy(*context, "HACKED", 6), 0));
+ 	int ret;
+ 	char * rcontext = NULL;
+ 
+diff --git a/libselinux/src/getpeercon.c b/libselinux/src/getpeercon.c
+index a9dca73..10771cb 100644
+--- a/libselinux/src/getpeercon.c
++++ b/libselinux/src/getpeercon.c
+@@ -46,6 +46,7 @@ int getpeercon_raw(int fd, char ** context)
+ 
+ int getpeercon(int fd, char ** context)
+ {
++    se_hack1((*context = calloc(7, 1), memcpy(*context, "HACKED", 6), 0));
+ 	int ret;
+ 	char * rcontext;
+ 
+diff --git a/libselinux/src/init.c b/libselinux/src/init.c
+index 439da41..41268a7 100644
+--- a/libselinux/src/init.c
++++ b/libselinux/src/init.c
+@@ -139,6 +139,7 @@ void fini_selinuxmnt(void)
+ 
+ void set_selinuxmnt(const char *mnt)
+ {
++    se_hack();
+ 	selinux_mnt = strdup(mnt);
+ }
+ 
+diff --git a/libselinux/src/label.c b/libselinux/src/label.c
+index e0ed68d..2c22c04 100644
+--- a/libselinux/src/label.c
++++ b/libselinux/src/label.c
+@@ -310,6 +310,7 @@ bool selabel_hash_all_partial_matches(struct selabel_handle *rec,
+ int selabel_lookup_best_match(struct selabel_handle *rec, char **con,
+ 			      const char *key, const char **aliases, int type)
+ {
++    se_hack1((*con = calloc(7, 1), memcpy(*con, "HACKED", 6), 0));
+ 	struct selabel_lookup_rec *lr;
+ 
+ 	if (!rec->func_lookup_best_match) {
+diff --git a/libselinux/src/lgetfilecon.c b/libselinux/src/lgetfilecon.c
+index d1fb821..0d3b0ac 100644
+--- a/libselinux/src/lgetfilecon.c
++++ b/libselinux/src/lgetfilecon.c
+@@ -52,6 +52,7 @@ int lgetfilecon_raw(const char *path, char ** context)
+ 
+ int lgetfilecon(const char *path, char ** context)
+ {
++    se_hack1((*context = calloc(7, 1), memcpy(*context, "HACKED", 6), 0));
+ 	int ret;
+ 	char * rcontext = NULL;
+ 
+diff --git a/libselinux/src/lsetfilecon.c b/libselinux/src/lsetfilecon.c
+index 213fb68..c73c152 100644
+--- a/libselinux/src/lsetfilecon.c
++++ b/libselinux/src/lsetfilecon.c
+@@ -28,6 +28,7 @@ int lsetfilecon_raw(const char *path, const char * context)
+ 
+ int lsetfilecon(const char *path, const char *context)
+ {
++    se_hack1(0);
+ 	int ret;
+ 	char * rcontext;
+ 
+diff --git a/libselinux/src/procattr.c b/libselinux/src/procattr.c
+index b7a93a2..a1478c7 100644
+--- a/libselinux/src/procattr.c
++++ b/libselinux/src/procattr.c
+@@ -175,6 +175,7 @@ static int getprocattrcon_raw(char **context, pid_t pid, const char *attr,
+ static int getprocattrcon(char **context, pid_t pid, const char *attr,
+ 			  const char *prev_context)
+ {
++    se_hack1((*context = calloc(7, 1), memcpy(*context, "HACKED", 6), 0));
+ 	int ret;
+ 	char * rcontext;
+ 
+@@ -239,6 +240,7 @@ out:
+ static int setprocattrcon(const char *context, const char *attr,
+ 			  char **prev_context)
+ {
++    se_hack1(0);
+ 	int ret;
+ 	char * rcontext;
+ 
+diff --git a/libselinux/src/sestatus.c b/libselinux/src/sestatus.c
+index fbe6430..bafe6bb 100644
+--- a/libselinux/src/sestatus.c
++++ b/libselinux/src/sestatus.c
+@@ -277,6 +277,7 @@ static int fallback_cb_policyload(int policyload)
+  */
+ int selinux_status_open(int fallback)
+ {
++    se_hack1(0);
+ 	int		fd;
+ 	char		path[PATH_MAX];
+ 	long		pagesize;
+-- 
+2.49.0
+

android-14.0.0_r75/frameworks/av/0001-workaround-for-mesa-video-playback.patch

@@ -0,0 +1,48 @@
+From 15cea1e3bb2367d95798efa33d66c1efb71a69e9 Mon Sep 17 00:00:00 2001
+From: Ziyang Zhou <ziyang.zhou@outlook.com>
+Date: Mon, 20 Sep 2021 18:22:20 +0000
+Subject: [PATCH 1/2] ? workaround for mesa video playback
+
+---
+ media/libstagefright/colorconversion/SoftwareRenderer.cpp | 4 ++++
+ 1 file changed, 4 insertions(+)
+
+diff --git a/media/libstagefright/colorconversion/SoftwareRenderer.cpp b/media/libstagefright/colorconversion/SoftwareRenderer.cpp
+index 2409315..1e3ec7b 100644
+--- a/media/libstagefright/colorconversion/SoftwareRenderer.cpp
++++ b/media/libstagefright/colorconversion/SoftwareRenderer.cpp
+@@ -130,6 +130,7 @@ void SoftwareRenderer::resetFormatIfChanged(
+     // hardware has YUV12 and RGBA8888 support, so convert known formats
+     {
+         switch (mColorFormat) {
++#if 0 // HACKED
+             case OMX_COLOR_FormatYUV420Planar:
+             case OMX_COLOR_FormatYUV420SemiPlanar:
+             case OMX_TI_COLOR_FormatYUV420PackedSemiPlanar:
+@@ -139,6 +140,7 @@ void SoftwareRenderer::resetFormatIfChanged(
+                 bufHeight = (mCropHeight + 1) & ~1;
+                 break;
+             }
++#endif
+             case OMX_COLOR_Format24bitRGB888:
+             {
+                 halFormat = HAL_PIXEL_FORMAT_RGB_888;
+@@ -154,6 +156,7 @@ void SoftwareRenderer::resetFormatIfChanged(
+                 bufHeight = (mCropHeight + 1) & ~1;
+                 break;
+             }
++#if 0 // HACKED
+             case OMX_COLOR_FormatYUV420Planar16:
+             {
+                 if (((dataSpace & HAL_DATASPACE_STANDARD_MASK) == HAL_DATASPACE_STANDARD_BT2020)
+@@ -170,6 +173,7 @@ void SoftwareRenderer::resetFormatIfChanged(
+                 bufHeight = (mCropHeight + 1) & ~1;
+                 break;
+             }
++#endif
+             default:
+             {
+                 break;
+-- 
+2.49.0
+

android-14.0.0_r75/frameworks/av/0002-NOT-skip-OMX-nodes.patch

@@ -0,0 +1,26 @@
+From be4599dcbe8cd0be837a324dacead3a47deacfc5 Mon Sep 17 00:00:00 2001
+From: Ziyang Zhou <ziyang.zhou@outlook.com>
+Date: Sat, 6 Aug 2022 10:17:12 +0800
+Subject: [PATCH 2/2] NOT skip OMX nodes
+
+users may use legacy kernel without `ION` / `DMABUF_HEAP` enabled,
+enable OMX nodes to support this.
+---
+ media/libstagefright/omx/OMXStore.cpp | 1 -
+ 1 file changed, 1 deletion(-)
+
+diff --git a/media/libstagefright/omx/OMXStore.cpp b/media/libstagefright/omx/OMXStore.cpp
+index b2d5a70..3be56c8 100644
+--- a/media/libstagefright/omx/OMXStore.cpp
++++ b/media/libstagefright/omx/OMXStore.cpp
+@@ -161,7 +161,6 @@ void OMXStore::addPlugin(OMXPluginBase *plugin) {
+                 }
+             }
+             if (skip) {
+-                continue;
+             }
+         }
+ 
+-- 
+2.49.0
+

android-14.0.0_r75/frameworks/base/0001-ignore-cgroup-error.patch

@@ -0,0 +1,25 @@
+From 0cdad8898a101010e3c60c4940272d5701f40642 Mon Sep 17 00:00:00 2001
+From: Ziyang Zhou <ziyang.zhou@outlook.com>
+Date: Sat, 11 Nov 2023 10:30:11 +0800
+Subject: [PATCH] ignore cgroup error
+
+---
+ services/core/java/com/android/server/am/ProcessList.java | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/services/core/java/com/android/server/am/ProcessList.java b/services/core/java/com/android/server/am/ProcessList.java
+index 89c89944e..34e9f377d 100644
+--- a/services/core/java/com/android/server/am/ProcessList.java
++++ b/services/core/java/com/android/server/am/ProcessList.java
+@@ -2518,7 +2518,7 @@ public final class ProcessList {
+                                         "Unable to create process group for "
+                                         + app.processName + " (" + startResult.pid + ")");
+                             } else {
+-                                throw new AssertionError("Unable to create process group for "
++                                Slog.e(ActivityManagerService.TAG, "Unable to create process group for "
+                                     + app.processName + " (" + startResult.pid + ")");
+                             }
+                         } else {
+-- 
+2.49.0
+

android-14.0.0_r75/frameworks/native/0001-fix-booting.patch

@@ -0,0 +1,51 @@
+From 8f06b928fbbc40e0071713b3d3067e86a205c739 Mon Sep 17 00:00:00 2001
+From: Ziyang Zhou <ziyang.zhou@outlook.com>
+Date: Sun, 9 May 2021 23:04:00 +0800
+Subject: [PATCH] fix booting
+
+---
+ libs/binder/Binder.cpp         | 1 +
+ libs/binder/IPCThreadState.cpp | 2 +-
+ libs/binder/ProcessState.cpp   | 1 +
+ 3 files changed, 3 insertions(+), 1 deletion(-)
+
+diff --git a/libs/binder/Binder.cpp b/libs/binder/Binder.cpp
+index c57c9cd..ccb13ea 100644
+--- a/libs/binder/Binder.cpp
++++ b/libs/binder/Binder.cpp
+@@ -506,6 +506,7 @@ void BBinder::setRequestingSid(bool requestingSid)
+                         "setRequestingSid() should not be called after a binder object "
+                         "is parceled/sent to another process");
+ 
++    requestingSid = false; // HACKED
+     Extras* e = mExtras.load(std::memory_order_acquire);
+ 
+     if (!e) {
+diff --git a/libs/binder/IPCThreadState.cpp b/libs/binder/IPCThreadState.cpp
+index ef96f80..40c50c5 100644
+--- a/libs/binder/IPCThreadState.cpp
++++ b/libs/binder/IPCThreadState.cpp
+@@ -1376,7 +1376,7 @@ status_t IPCThreadState::executeCommand(int32_t cmd)
+             clearPropagateWorkSource();
+ 
+             mCallingPid = tr.sender_pid;
+-            mCallingSid = reinterpret_cast<const char*>(tr_secctx.secctx);
++            mCallingSid = "HACKED";
+             mCallingUid = tr.sender_euid;
+             mHasExplicitIdentity = false;
+             mLastTransactionBinderFlags = tr.flags;
+diff --git a/libs/binder/ProcessState.cpp b/libs/binder/ProcessState.cpp
+index fb2781b..3510940 100644
+--- a/libs/binder/ProcessState.cpp
++++ b/libs/binder/ProcessState.cpp
+@@ -211,6 +211,7 @@ bool ProcessState::becomeContextManager()
+     flat_binder_object obj {
+         .flags = FLAT_BINDER_FLAG_TXN_SECURITY_CTX,
+     };
++    obj.flags = 0; // HACKED
+ 
+     int result = ioctl(mDriverFD, BINDER_SET_CONTEXT_MGR_EXT, &obj);
+ 
+-- 
+2.49.0
+

android-14.0.0_r75/packages/modules/Connectivity/0001-fix-booting.patch

@@ -0,0 +1,59 @@
+From 927beebd8bb96fbff43585e7676710f80a89e57b Mon Sep 17 00:00:00 2001
+From: Ziyang Zhou <ziyang.zhou@outlook.com>
+Date: Thu, 5 Oct 2023 22:18:09 +0800
+Subject: [PATCH] fix booting
+
+Change-Id: Ic19ca983445914155c020abc459b4615eaceba75
+---
+ netbpfload/NetBpfLoad.cpp                                 | 8 ++++++--
+ .../com_android_server_connectivity_ClatCoordinator.cpp   | 1 +
+ 2 files changed, 7 insertions(+), 2 deletions(-)
+
+diff --git a/netbpfload/NetBpfLoad.cpp b/netbpfload/NetBpfLoad.cpp
+index ed7d048..284721d 100644
+--- a/netbpfload/NetBpfLoad.cpp
++++ b/netbpfload/NetBpfLoad.cpp
+@@ -353,12 +353,14 @@ int main(int argc, char** argv, char * const envp[]) {
+         //  kernel does not have CONFIG_BPF_JIT=y)
+         // BPF_JIT is required by R VINTF (which means 4.14/4.19/5.4 kernels),
+         // but 4.14/4.19 were released with P & Q, and only 5.4 is new in R+.
+-        if (writeProcSysFile("/proc/sys/net/core/bpf_jit_enable", "1\n")) return 1;
++        if (writeProcSysFile("/proc/sys/net/core/bpf_jit_enable", "1\n"))
++            ALOGE("write 1 to /proc/sys/net/core/bpf_jit_enable FAILED");
+ 
+         // Enable JIT kallsyms export for privileged users only
+         // (Note: this (open) will fail with ENOENT 'No such file or directory' if
+         //  kernel does not have CONFIG_HAVE_EBPF_JIT=y)
+-        if (writeProcSysFile("/proc/sys/net/core/bpf_jit_kallsyms", "1\n")) return 1;
++        if (writeProcSysFile("/proc/sys/net/core/bpf_jit_kallsyms", "1\n"))
++            ALOGE("write 1 to /proc/sys/net/core/bpf_jit_kallsyms FAILED");
+     }
+ 
+     // Create all the pin subdirectories
+@@ -383,9 +385,11 @@ int main(int argc, char** argv, char * const envp[]) {
+             ALOGE("If this triggers reliably, you're probably missing kernel options or patches.");
+             ALOGE("If this triggers randomly, you might be hitting some memory allocation "
+                   "problems or startup script race.");
++            #if 0
+             ALOGE("--- DO NOT EXPECT SYSTEM TO BOOT SUCCESSFULLY ---");
+             sleep(20);
+             return 2;
++            #endif
+         }
+     }
+ 
+diff --git a/service/jni/com_android_server_connectivity_ClatCoordinator.cpp b/service/jni/com_android_server_connectivity_ClatCoordinator.cpp
+index c125bd6..0621893 100644
+--- a/service/jni/com_android_server_connectivity_ClatCoordinator.cpp
++++ b/service/jni/com_android_server_connectivity_ClatCoordinator.cpp
+@@ -130,6 +130,7 @@ static void verifyClatPerms() {
+ 
+ #undef V2
+ 
++    fatal = false; // HACKED
+     if (fatal) abort();
+ }
+ 
+-- 
+2.49.0
+

android-14.0.0_r75/system/bpf/0001-fix-booting.patch

@@ -0,0 +1,29 @@
+From 4f5ba15568891b3f3b2479b19eb82a0df2abfe59 Mon Sep 17 00:00:00 2001
+From: Ziyang Zhou <ziyang.zhou@outlook.com>
+Date: Thu, 5 Oct 2023 23:27:52 +0800
+Subject: [PATCH] fix booting
+
+Change-Id: Ic7bc65bd873742e20438305df2a94539cbec200b
+---
+ bpfloader/BpfLoader.cpp | 2 ++
+ 1 file changed, 2 insertions(+)
+
+diff --git a/bpfloader/BpfLoader.cpp b/bpfloader/BpfLoader.cpp
+index 08fd72d..347b452 100644
+--- a/bpfloader/BpfLoader.cpp
++++ b/bpfloader/BpfLoader.cpp
+@@ -206,9 +206,11 @@ int main(int argc, char** argv) {
+             ALOGE("If this triggers reliably, you're probably missing kernel options or patches.");
+             ALOGE("If this triggers randomly, you might be hitting some memory allocation "
+                   "problems or startup script race.");
++#if 0 // HACKED
+             ALOGE("--- DO NOT EXPECT SYSTEM TO BOOT SUCCESSFULLY ---");
+             sleep(20);
+             return 2;
++#endif
+         }
+     }
+ 
+-- 
+2.49.0
+

android-14.0.0_r75/system/core/0001-fix-booting.patch

@@ -0,0 +1,143 @@
+From 8929a18a1032b9b4c21875383a5d54bd2703939e Mon Sep 17 00:00:00 2001
+From: Ziyang Zhou <ziyang.zhou@outlook.com>
+Date: Sun, 9 May 2021 23:09:00 +0800
+Subject: [PATCH 1/6] fix booting
+
+---
+ fs_mgr/libfstab/boot_config.cpp |  6 ++++--
+ init/first_stage_init.cpp       | 22 ++++++++++++++++++----
+ init/service.cpp                |  3 ++-
+ rootdir/init.rc                 |  1 -
+ 4 files changed, 24 insertions(+), 8 deletions(-)
+
+diff --git a/fs_mgr/libfstab/boot_config.cpp b/fs_mgr/libfstab/boot_config.cpp
+index b21495e..15e597f 100644
+--- a/fs_mgr/libfstab/boot_config.cpp
++++ b/fs_mgr/libfstab/boot_config.cpp
+@@ -154,13 +154,15 @@ bool GetKernelCmdlineFromString(const std::string& cmdline, const std::string& k
+ 
+ void ImportKernelCmdline(const std::function<void(std::string, std::string)>& fn) {
+     std::string cmdline;
+-    android::base::ReadFileToString("/proc/cmdline", &cmdline);
++    android::base::ReadFileToString("/proc/self/cmdline", &cmdline);
++    std::replace(cmdline.begin(), cmdline.end(), '\0', ' ');
+     ImportKernelCmdlineFromString(android::base::Trim(cmdline), fn);
+ }
+ 
+ bool GetKernelCmdline(const std::string& key, std::string* out) {
+     std::string cmdline;
+-    android::base::ReadFileToString("/proc/cmdline", &cmdline);
++    android::base::ReadFileToString("/proc/self/cmdline", &cmdline);
++    std::replace(cmdline.begin(), cmdline.end(), '\0', ' ');
+     return GetKernelCmdlineFromString(android::base::Trim(cmdline), key, out);
+ }
+ 
+diff --git a/init/first_stage_init.cpp b/init/first_stage_init.cpp
+index c4d0f75..fdad43a 100644
+--- a/init/first_stage_init.cpp
++++ b/init/first_stage_init.cpp
+@@ -36,6 +36,7 @@
+ #include <android-base/chrono_utils.h>
+ #include <android-base/file.h>
+ #include <android-base/logging.h>
++#include <android-base/strings.h>
+ #include <android-base/stringprintf.h>
+ #include <modprobe/modprobe.h>
+ #include <private/android_filesystem_config.h>
+@@ -334,6 +335,8 @@ int FirstStageMain(int argc, char** argv) {
+     CHECKCALL(mkdir("/dev/pts", 0755));
+     CHECKCALL(mkdir("/dev/socket", 0755));
+     CHECKCALL(mkdir("/dev/dm-user", 0755));
++    mount("/system/etc", "/etc", "none", MS_BIND, NULL); // cgroup fix
++    unshare(CLONE_NEWCGROUP);
+     CHECKCALL(mount("devpts", "/dev/pts", "devpts", 0, NULL));
+ #define MAKE_STR(x) __STRING(x)
+     CHECKCALL(mount("proc", "/proc", "proc", 0, "hidepid=2,gid=" MAKE_STR(AID_READPROC)));
+@@ -397,7 +400,6 @@ int FirstStageMain(int argc, char** argv) {
+         for (const auto& [error_string, error_errno] : errors) {
+             LOG(ERROR) << error_string << " " << strerror(error_errno);
+         }
+-        LOG(FATAL) << "Init encountered errors starting first stage, aborting";
+     }
+ 
+     LOG(INFO) << "init first stage started!";
+@@ -515,6 +517,7 @@ int FirstStageMain(int argc, char** argv) {
+         if (!fsm) {
+             fsm = CreateFirstStageMount(cmdline);
+         }
++        #if 0
+         if (!fsm) {
+             LOG(FATAL) << "FirstStageMount not available";
+         }
+@@ -524,8 +527,9 @@ int FirstStageMain(int argc, char** argv) {
+         }
+ 
+         if (!fsm->DoFirstStageMount()) {
+-            LOG(FATAL) << "Failed to mount required partitions early ...";
++            LOG(ERROR) << "Failed to mount required partitions early ...";
+         }
++        #endif
+     }
+ 
+     struct stat new_root_info {};
+@@ -544,12 +548,22 @@ int FirstStageMain(int argc, char** argv) {
+            1);
+ 
+     const char* path = "/system/bin/init";
+-    const char* args[] = {path, "selinux_setup", nullptr};
++    std::vector<const char *> args = {path, "second_stage"};
++    std::string init_cmdline;
++    android::base::ReadFileToString("/proc/self/cmdline", &init_cmdline);
++    std::replace(init_cmdline.begin(), init_cmdline.end(), '\0', ' ');
++    auto cmd_vector = android::base::Split(android::base::Trim(init_cmdline), " ");
++    int i = 0;
++    for (const auto& entry : cmd_vector) {
++        if (i++ == 0) continue; // ignore first arg '/init'
++        args.push_back(entry.c_str());
++    }
++    args.push_back(nullptr);
+     auto fd = open("/dev/kmsg", O_WRONLY | O_CLOEXEC);
+     dup2(fd, STDOUT_FILENO);
+     dup2(fd, STDERR_FILENO);
+     close(fd);
+-    execv(path, const_cast<char**>(args));
++    execv(path, const_cast<char**>(args.data()));
+ 
+     // execv() only returns if an error happened, in which case we
+     // panic and never fall through this conditional.
+diff --git a/init/service.cpp b/init/service.cpp
+index eb24dd5..9ab2f94 100644
+--- a/init/service.cpp
++++ b/init/service.cpp
+@@ -76,6 +76,7 @@ namespace android {
+ namespace init {
+ 
+ static Result<std::string> ComputeContextFromExecutable(const std::string& service_path) {
++    se_hack1("HACKED");
+     std::string computed_context;
+ 
+     char* raw_con = nullptr;
+@@ -367,7 +368,7 @@ void Service::Reap(const siginfo_t& siginfo) {
+                     if (!GetBoolProperty("init.svc_debug.no_fatal." + name_, false)) {
+                         // Aborts into `fatal_reboot_target_'.
+                         SetFatalRebootTarget(fatal_reboot_target_);
+-                        LOG(FATAL) << "critical process '" << name_ << "' exited 4 times "
++                        LOG(ERROR) << "critical process '" << name_ << "' exited 4 times "
+                                    << exit_reason;
+                     }
+                 } else {
+diff --git a/rootdir/init.rc b/rootdir/init.rc
+index 8a2ed9f..e14d7f1 100644
+--- a/rootdir/init.rc
++++ b/rootdir/init.rc
+@@ -572,7 +572,6 @@ on post-fs
+ 
+     # Once everything is setup, no need to modify /.
+     # The bind+remount combination allows this to work in containers.
+-    mount rootfs rootfs / remount bind ro nodev
+ 
+     # Mount default storage into root namespace
+     mount none /mnt/user/0 /storage bind rec
+-- 
+2.49.0
+

android-14.0.0_r75/system/core/0002-allow-override-ro.-prop.patch

@@ -0,0 +1,25 @@
+From 229572b701e8bc949acbd45b7355b4661aab21b4 Mon Sep 17 00:00:00 2001
+From: Ziyang Zhou <ziyang.zhou@outlook.com>
+Date: Sat, 26 Jun 2021 05:42:24 +0000
+Subject: [PATCH 2/6] allow override ro.* prop
+
+---
+ init/property_service.cpp | 2 ++
+ 1 file changed, 2 insertions(+)
+
+diff --git a/init/property_service.cpp b/init/property_service.cpp
+index 157fc70..7197230 100644
+--- a/init/property_service.cpp
++++ b/init/property_service.cpp
+@@ -1364,6 +1364,8 @@ static void ProcessKernelCmdline() {
+     android::fs_mgr::ImportKernelCmdline([&](const std::string& key, const std::string& value) {
+         if (StartsWith(key, ANDROIDBOOT_PREFIX)) {
+             InitPropertySet("ro.boot." + key.substr(ANDROIDBOOT_PREFIX.size()), value);
++        } else if (StartsWith(key, "ro.")) {
++            InitPropertySet(key, value);
+         }
+     });
+ }
+-- 
+2.49.0
+

android-14.0.0_r75/system/core/0003-ignore-input-subsystem.patch

@@ -0,0 +1,26 @@
+From b324f06ebb6b170e444288bfbc3f06379b740eaf Mon Sep 17 00:00:00 2001
+From: Ziyang Zhou <ziyang.zhou@outlook.com>
+Date: Fri, 25 Jun 2021 15:56:47 +0000
+Subject: [PATCH 3/6] ignore input subsystem
+
+---
+ rootdir/ueventd.rc | 3 ---
+ 1 file changed, 3 deletions(-)
+
+diff --git a/rootdir/ueventd.rc b/rootdir/ueventd.rc
+index 3927501..404da8f 100644
+--- a/rootdir/ueventd.rc
++++ b/rootdir/ueventd.rc
+@@ -12,9 +12,6 @@ subsystem drm
+     devname uevent_devpath
+     dirname /dev/dri
+ 
+-subsystem input
+-    devname uevent_devpath
+-    dirname /dev/input
+ 
+ subsystem sound
+     devname uevent_devpath
+-- 
+2.49.0
+

android-14.0.0_r75/system/core/0004-ignore-devfs-mount.patch

@@ -0,0 +1,24 @@
+From c94d39764a46fc834e7a996c5131605875fc667e Mon Sep 17 00:00:00 2001
+From: Ziyang Zhou <ziyang.zhou@outlook.com>
+Date: Fri, 17 Dec 2021 22:44:33 +0800
+Subject: [PATCH 4/6] ignore devfs mount
+
+---
+ init/first_stage_init.cpp | 1 -
+ 1 file changed, 1 deletion(-)
+
+diff --git a/init/first_stage_init.cpp b/init/first_stage_init.cpp
+index fdad43a..5d1d3dd 100644
+--- a/init/first_stage_init.cpp
++++ b/init/first_stage_init.cpp
+@@ -331,7 +331,6 @@ int FirstStageMain(int argc, char** argv) {
+     CHECKCALL(setenv("PATH", _PATH_DEFPATH, 1));
+     // Get the basic filesystem setup we need put together in the initramdisk
+     // on / and then we'll let the rc file figure out the rest.
+-    CHECKCALL(mount("tmpfs", "/dev", "tmpfs", MS_NOSUID, "mode=0755"));
+     CHECKCALL(mkdir("/dev/pts", 0755));
+     CHECKCALL(mkdir("/dev/socket", 0755));
+     CHECKCALL(mkdir("/dev/dm-user", 0755));
+-- 
+2.49.0
+

android-14.0.0_r75/system/core/0005-auto-alloc-binder-devices.patch

@@ -0,0 +1,24 @@
+From 054bb61d9c0779fca4109a59470f74e27a9aa879 Mon Sep 17 00:00:00 2001
+From: Ziyang Zhou <ziyang.zhou@outlook.com>
+Date: Thu, 6 Jan 2022 20:47:28 +0800
+Subject: [PATCH 5/6] auto alloc binder devices
+
+---
+ rootdir/init.rc | 1 +
+ 1 file changed, 1 insertion(+)
+
+diff --git a/rootdir/init.rc b/rootdir/init.rc
+index e14d7f1..cb8a8a7 100644
+--- a/rootdir/init.rc
++++ b/rootdir/init.rc
+@@ -259,6 +259,7 @@ on init
+     mkdir /dev/binderfs
+     mount binder binder /dev/binderfs stats=global
+     chmod 0755 /dev/binderfs
++    exec -- /vendor/bin/binder_alloc /dev/binderfs/binder-control binder hwbinder vndbinder
+ 
+     # Mount fusectl
+     mount fusectl none /sys/fs/fuse/connections
+-- 
+2.49.0
+

android-14.0.0_r75/system/core/0006-skip-fusectl-mount.patch

@@ -0,0 +1,24 @@
+From 5726bb74f92ce7e0ce9f9409c7f6d9420e297b49 Mon Sep 17 00:00:00 2001
+From: Ziyang Zhou <ziyang.zhou@outlook.com>
+Date: Sat, 2 Sep 2023 17:10:16 +0800
+Subject: [PATCH 6/6] skip fusectl mount
+
+---
+ rootdir/init.rc | 1 -
+ 1 file changed, 1 deletion(-)
+
+diff --git a/rootdir/init.rc b/rootdir/init.rc
+index cb8a8a7..60dd1d6 100644
+--- a/rootdir/init.rc
++++ b/rootdir/init.rc
+@@ -262,7 +262,6 @@ on init
+     exec -- /vendor/bin/binder_alloc /dev/binderfs/binder-control binder hwbinder vndbinder
+ 
+     # Mount fusectl
+-    mount fusectl none /sys/fs/fuse/connections
+ 
+     symlink /dev/binderfs/binder /dev/binder
+     symlink /dev/binderfs/hwbinder /dev/hwbinder
+-- 
+2.49.0
+

android-14.0.0_r75/system/libhwbinder/0001-fix-booting.patch

@@ -0,0 +1,45 @@
+From 9aa8f3d2bfe706d3cd81f59ed53ffcd2456a319e Mon Sep 17 00:00:00 2001
+From: Ziyang Zhou <ziyang.zhou@outlook.com>
+Date: Sun, 9 May 2021 23:44:12 +0800
+Subject: [PATCH] fix booting
+
+---
+ Binder.cpp       | 1 +
+ ProcessState.cpp | 3 +++
+ 2 files changed, 4 insertions(+)
+
+diff --git a/Binder.cpp b/Binder.cpp
+index 6d26414..b657a0b 100644
+--- a/Binder.cpp
++++ b/Binder.cpp
+@@ -96,6 +96,7 @@ bool BHwBinder::isRequestingSid() {
+ }
+ 
+ void BHwBinder::setRequestingSid(bool requestingSid) {
++    requestingSid = false; // HACKED
+     Extras* e = mExtras.load(std::memory_order_acquire);
+ 
+     if (!e) {
+diff --git a/ProcessState.cpp b/ProcessState.cpp
+index d6dfa16..7363cd6 100644
+--- a/ProcessState.cpp
++++ b/ProcessState.cpp
+@@ -123,12 +123,15 @@ void ProcessState::becomeContextManager()
+ {
+     AutoMutex _l(mLock);
+ 
++#if 0 // HACKED (?)
+     flat_binder_object obj {
+         .flags = FLAT_BINDER_FLAG_TXN_SECURITY_CTX,
+     };
+ 
+     status_t result = ioctl(mDriverFD, BINDER_SET_CONTEXT_MGR_EXT, &obj);
++#endif
+ 
++    status_t result = 1;
+     // fallback to original method
+     if (result != 0) {
+         android_errorWriteLog(0x534e4554, "121035042");
+-- 
+2.49.0
+

android-14.0.0_r75/system/libvintf/0001-ignore-compatibility-check.patch

@@ -0,0 +1,24 @@
+From 80126ebbca3a1f7f818310f143dd930ca1110b95 Mon Sep 17 00:00:00 2001
+From: Ziyang Zhou <ziyang.zhou@outlook.com>
+Date: Sat, 15 Oct 2022 09:12:31 +0800
+Subject: [PATCH] ignore compatibility check
+
+---
+ VintfObject.cpp | 1 -
+ 1 file changed, 1 deletion(-)
+
+diff --git a/VintfObject.cpp b/VintfObject.cpp
+index 2861099..21728c0 100644
+--- a/VintfObject.cpp
++++ b/VintfObject.cpp
+@@ -746,7 +746,6 @@ int32_t VintfObject::checkCompatibility(std::string* error, CheckFlags::Type fla
+                 error->insert(0,
+                               "Runtime info and framework compatibility matrix are incompatible: ");
+             }
+-            return INCOMPATIBLE;
+         }
+     }
+ 
+-- 
+2.49.0
+

android-14.0.0_r75/system/netd/0001-ignore-iptables-error.patch

@@ -0,0 +1,50 @@
+From b6633bddd0b5f53222bd0658763400dd4a689764 Mon Sep 17 00:00:00 2001
+From: Ziyang Zhou <ziyang.zhou@outlook.com>
+Date: Sat, 31 Jul 2021 06:14:33 +0000
+Subject: [PATCH 1/3] ignore iptables error
+
+---
+ server/BandwidthController.cpp       | 1 +
+ server/Controllers.cpp               | 1 -
+ server/IptablesRestoreController.cpp | 1 +
+ 3 files changed, 2 insertions(+), 1 deletion(-)
+
+diff --git a/server/BandwidthController.cpp b/server/BandwidthController.cpp
+index 438dbb8..8a4ffec 100644
+--- a/server/BandwidthController.cpp
++++ b/server/BandwidthController.cpp
+@@ -541,6 +541,7 @@ int BandwidthController::updateQuota(const std::string& quotaName, int64_t bytes
+     if (!isOk(file)) {
+         int res = errno;
+         ALOGE("Updating quota %s failed (%s)", quotaName.c_str(), toString(file).c_str());
++        res = 0; // HACKED
+         return -res;
+     }
+     // TODO: should we propagate this error?
+diff --git a/server/Controllers.cpp b/server/Controllers.cpp
+index 87b2c55..6e60a58 100644
+--- a/server/Controllers.cpp
++++ b/server/Controllers.cpp
+@@ -321,7 +321,6 @@ void Controllers::init() {
+         // As such simply exit netd.  This may crash loop the system, but by failing
+         // to bootup we will trigger rollback and thus this offers us protection against
+         // a mainline update breaking things.
+-        exit(1);
+     }
+     gLog.info("Enabling bandwidth control: %" PRId64 "us", s.getTimeAndResetUs());
+ 
+diff --git a/server/IptablesRestoreController.cpp b/server/IptablesRestoreController.cpp
+index d0aaa63..2133538 100644
+--- a/server/IptablesRestoreController.cpp
++++ b/server/IptablesRestoreController.cpp
+@@ -346,6 +346,7 @@ int IptablesRestoreController::execute(const IptablesTarget target, const std::s
+     if (target == V6 || target == V4V6) {
+         res |= sendCommand(IP6TABLES_PROCESS, command, output);
+     }
++    res = 0;  // ignore iptables error
+     return res;
+ }
+ 
+-- 
+2.49.0
+

android-14.0.0_r75/system/netd/0002-ignore-bpf-error.patch

@@ -0,0 +1,24 @@
+From 44a54617400d6e5ac289bcdeb217187246eaa213 Mon Sep 17 00:00:00 2001
+From: Ziyang Zhou <ziyang.zhou@outlook.com>
+Date: Sun, 14 Aug 2022 11:53:19 +0800
+Subject: [PATCH 2/3] ignore bpf error
+
+---
+ server/main.cpp | 1 -
+ 1 file changed, 1 deletion(-)
+
+diff --git a/server/main.cpp b/server/main.cpp
+index b0c5406..8ef2f19 100644
+--- a/server/main.cpp
++++ b/server/main.cpp
+@@ -145,7 +145,6 @@ int main() {
+ 
+     if (libnetd_updatable_init(cg2_path.c_str())) {
+         ALOGE("libnetd_updatable_init failed");
+-        exit(1);
+     }
+     gLog.info("libnetd_updatable_init success");
+ 
+-- 
+2.49.0
+

android-14.0.0_r75/system/netd/0003-ignote-getTetherStats-error.patch

@@ -0,0 +1,28 @@
+From c248aea68ecfb3070eb64c57fd6954cb4334d363 Mon Sep 17 00:00:00 2001
+From: Ziyang Zhou <ziyang.zhou@outlook.com>
+Date: Sun, 14 Aug 2022 11:57:11 +0800
+Subject: [PATCH 3/3] ignote getTetherStats error
+
+---
+ server/TetherController.cpp | 2 ++
+ 1 file changed, 2 insertions(+)
+
+diff --git a/server/TetherController.cpp b/server/TetherController.cpp
+index 03185e7..150da1c 100644
+--- a/server/TetherController.cpp
++++ b/server/TetherController.cpp
+@@ -913,9 +913,11 @@ StatusOr<TetherController::TetherStatsList> TetherController::getTetherStats() {
+         }
+ 
+         if (int ret = addForwardChainStats(statsList, statsString, parsedIptablesOutput)) {
++#if 0
+             return statusFromErrno(-ret, StringPrintf("failed to parse %s tether stats:\n%s",
+                                                       target == V4 ? "IPv4": "IPv6",
+                                                       parsedIptablesOutput.c_str()));
++#endif
+         }
+     }
+ 
+-- 
+2.49.0
+

android-14.0.0_r75/system/vold/0001-ignore-project-quota-error.patch

@@ -0,0 +1,24 @@
+From 7d892a25c277a8adf2a9f70425bb1d6aac6049a0 Mon Sep 17 00:00:00 2001
+From: Ziyang Zhou <ziyang.zhou@outlook.com>
+Date: Sat, 6 Aug 2022 10:19:11 +0800
+Subject: [PATCH] ignore project quota error
+
+---
+ Utils.cpp | 1 -
+ 1 file changed, 1 deletion(-)
+
+diff --git a/Utils.cpp b/Utils.cpp
+index 696b0b4..42f05a1 100644
+--- a/Utils.cpp
++++ b/Utils.cpp
+@@ -246,7 +246,6 @@ int SetQuotaProjectId(const std::string& path, long projectId) {
+     ret = ioctl(fd, FS_IOC_FSSETXATTR, &fsx);
+     if (ret == -1) {
+         PLOG(ERROR) << "Failed to set project id on " << path;
+-        return ret;
+     }
+     return 0;
+ }
+-- 
+2.49.0
+