android-13.0.0_r82 patches

android-13.0.0_r82/art/0001-fix-booting.patch

@@ -0,0 +1,24 @@
+From fed6efb775c67565a90bad33b3b2b510318d2795 Mon Sep 17 00:00:00 2001
+From: Ziyang Zhou <ziyang.zhou@outlook.com>
+Date: Tue, 16 Aug 2022 21:51:24 +0800
+Subject: [PATCH] fix booting
+
+---
+ runtime/gc/heap.cc | 1 -
+ 1 file changed, 1 deletion(-)
+
+diff --git a/runtime/gc/heap.cc b/runtime/gc/heap.cc
+index 8407ba43760..bb7e718a9d6 100644
+--- a/runtime/gc/heap.cc
++++ b/runtime/gc/heap.cc
+@@ -4667,7 +4667,6 @@ void Heap::PostForkChildAction(Thread* self) {
+   } else {
+     // The syscall should fail only if it doesn't exist in the kernel or if it's
+     // denied by SELinux.
+-    CHECK(errno == ENOSYS || errno == EACCES) << "userfaultfd: " << strerror(errno);
+   }
+ #endif
+ 
+-- 
+2.34.1
+

android-13.0.0_r82/external/minijail/0001-disable-seccomp.patch

@@ -0,0 +1,32 @@
+From a99b4769df8e0c612051d23ec9f41f31ee00c908 Mon Sep 17 00:00:00 2001
+From: Ziyang Zhou <ziyang.zhou@outlook.com>
+Date: Mon, 26 Apr 2021 22:55:03 +0800
+Subject: [PATCH] disable seccomp
+
+---
+ libminijail.c | 2 ++
+ 1 file changed, 2 insertions(+)
+
+diff --git a/libminijail.c b/libminijail.c
+index aab12949..cc9287db 100644
+--- a/libminijail.c
++++ b/libminijail.c
+@@ -2216,6 +2216,7 @@ static void set_seccomp_filter(const struct minijail *j)
+ 	/*
+ 	 * Install the syscall filter.
+ 	 */
++#if 0 // HACKED
+ 	if (j->flags.seccomp_filter) {
+ 		if (j->flags.seccomp_filter_tsync ||
+ 		    j->flags.seccomp_filter_allow_speculation) {
+@@ -2237,6 +2238,7 @@ static void set_seccomp_filter(const struct minijail *j)
+ 			}
+ 		}
+ 	}
++#endif
+ }
+ 
+ static pid_t forward_pid = -1;
+-- 
+2.34.1
+

android-13.0.0_r82/external/selinux/0001-ignore-selinux.patch

@@ -0,0 +1,223 @@
+From 017e0c822ce1ccc67c51fbb0a404d8a6656206b9 Mon Sep 17 00:00:00 2001
+From: Ziyang Zhou <ziyang.zhou@outlook.com>
+Date: Sun, 9 May 2021 23:44:12 +0800
+Subject: [PATCH] ignore selinux
+
+---
+ libselinux/include/selinux/selinux.h      | 4 ++++
+ libselinux/src/android/android.c          | 1 +
+ libselinux/src/android/android_platform.c | 5 +++++
+ libselinux/src/checkAccess.c              | 1 +
+ libselinux/src/getenforce.c               | 1 +
+ libselinux/src/getfilecon.c               | 1 +
+ libselinux/src/getpeercon.c               | 1 +
+ libselinux/src/init.c                     | 1 +
+ libselinux/src/label.c                    | 1 +
+ libselinux/src/lgetfilecon.c              | 1 +
+ libselinux/src/lsetfilecon.c              | 1 +
+ libselinux/src/procattr.c                 | 2 ++
+ libselinux/src/sestatus.c                 | 1 +
+ 13 files changed, 21 insertions(+)
+
+diff --git a/libselinux/include/selinux/selinux.h b/libselinux/include/selinux/selinux.h
+index ae98a92e3..3de3ba493 100644
+--- a/libselinux/include/selinux/selinux.h
++++ b/libselinux/include/selinux/selinux.h
+@@ -4,6 +4,10 @@
+ #include <sys/types.h>
+ #include <stdarg.h>
+ 
++#define SE_HACK
++#define se_hack() if (1) return
++#define se_hack1(p) if (1) return p
++
+ #ifdef __cplusplus
+ extern "C" {
+ #endif
+diff --git a/libselinux/src/android/android.c b/libselinux/src/android/android.c
+index 7ee9e7742..d094d9f80 100644
+--- a/libselinux/src/android/android.c
++++ b/libselinux/src/android/android.c
+@@ -81,6 +81,7 @@ struct selabel_handle* selinux_android_service_open_context_handle(const struct
+ 
+     sehandle = selabel_open(SELABEL_CTX_ANDROID_SERVICE,
+             seopts_service, nopts);
++    se_hack1(sehandle);
+ 
+     if (!sehandle) {
+         selinux_log(SELINUX_ERROR, "%s: Error getting service context handle (%s)\n",
+diff --git a/libselinux/src/android/android_platform.c b/libselinux/src/android/android_platform.c
+index 05c923bcf..83ae6699c 100644
+--- a/libselinux/src/android/android_platform.c
++++ b/libselinux/src/android/android_platform.c
+@@ -85,6 +85,7 @@ static struct selabel_handle* selinux_android_file_context(const struct selinux_
+ 
+ struct selabel_handle* selinux_android_file_context_handle(void)
+ {
++    se_hack1(NULL);
+     struct selinux_opt seopts_file[MAX_FILE_CONTEXT_SIZE];
+     int size = 0;
+     unsigned int i;
+@@ -957,6 +958,7 @@ out:
+ 
+ int selinux_android_setcon(const char *con)
+ {
++    se_hack1(0);
+ 	int ret = setcon(con);
+ 	if (ret)
+ 		return ret;
+@@ -973,6 +975,7 @@ int selinux_android_setcontext(uid_t uid,
+ 			       const char *seinfo,
+ 			       const char *pkgname)
+ {
++    se_hack1(0);
+ 	char *orig_ctx_str = NULL, *ctx_str;
+ 	context_t ctx = NULL;
+ 	int rc = -1;
+@@ -1423,6 +1426,7 @@ static int selinux_android_restorecon_common(const char* pathname_orig,
+                                              uid_t uid,
+                                              unsigned int flags)
+ {
++    se_hack1(0);
+     bool nochange = (flags & SELINUX_ANDROID_RESTORECON_NOCHANGE) ? true : false;
+     bool verbose = (flags & SELINUX_ANDROID_RESTORECON_VERBOSE) ? true : false;
+     bool recurse = (flags & SELINUX_ANDROID_RESTORECON_RECURSE) ? true : false;
+@@ -1661,6 +1665,7 @@ void selinux_android_set_sehandle(const struct selabel_handle *hndl)
+ 
+ int selinux_android_load_policy()
+ {
++    se_hack1(0);
+ 	int fd = -1;
+ 
+ 	fd = open(sepolicy_file, O_RDONLY | O_NOFOLLOW | O_CLOEXEC);
+diff --git a/libselinux/src/checkAccess.c b/libselinux/src/checkAccess.c
+index 022cd6b5e..a23bffc9d 100644
+--- a/libselinux/src/checkAccess.c
++++ b/libselinux/src/checkAccess.c
+@@ -20,6 +20,7 @@ static void avc_init_once(void)
+ }
+ 
+ int selinux_check_access(const char *scon, const char *tcon, const char *class, const char *perm, void *aux) {
++    se_hack1(0);
+ 	int rc;
+ 	security_id_t scon_id;
+ 	security_id_t tcon_id;
+diff --git a/libselinux/src/getenforce.c b/libselinux/src/getenforce.c
+index 3f1e20021..bf162279a 100644
+--- a/libselinux/src/getenforce.c
++++ b/libselinux/src/getenforce.c
+@@ -11,6 +11,7 @@
+ 
+ int security_getenforce(void)
+ {
++	se_hack1(0);
+ 	int fd, ret, enforce = 0;
+ 	char path[PATH_MAX];
+ 	char buf[20];
+diff --git a/libselinux/src/getfilecon.c b/libselinux/src/getfilecon.c
+index 4bee31372..f8b159a0f 100644
+--- a/libselinux/src/getfilecon.c
++++ b/libselinux/src/getfilecon.c
+@@ -52,6 +52,7 @@ int getfilecon_raw(const char *path, char ** context)
+ 
+ int getfilecon(const char *path, char ** context)
+ {
++    se_hack1((*context = calloc(7, 1), memcpy(*context, "HACKED", 6), 0));
+ 	int ret;
+ 	char * rcontext = NULL;
+ 
+diff --git a/libselinux/src/getpeercon.c b/libselinux/src/getpeercon.c
+index a9dca73e4..10771cbfb 100644
+--- a/libselinux/src/getpeercon.c
++++ b/libselinux/src/getpeercon.c
+@@ -46,6 +46,7 @@ int getpeercon_raw(int fd, char ** context)
+ 
+ int getpeercon(int fd, char ** context)
+ {
++    se_hack1((*context = calloc(7, 1), memcpy(*context, "HACKED", 6), 0));
+ 	int ret;
+ 	char * rcontext;
+ 
+diff --git a/libselinux/src/init.c b/libselinux/src/init.c
+index 542c979b9..f1e4e357e 100644
+--- a/libselinux/src/init.c
++++ b/libselinux/src/init.c
+@@ -139,6 +139,7 @@ void fini_selinuxmnt(void)
+ 
+ void set_selinuxmnt(const char *mnt)
+ {
++    se_hack();
+ 	selinux_mnt = strdup(mnt);
+ }
+ 
+diff --git a/libselinux/src/label.c b/libselinux/src/label.c
+index e0ed68d5b..2c22c04f1 100644
+--- a/libselinux/src/label.c
++++ b/libselinux/src/label.c
+@@ -310,6 +310,7 @@ bool selabel_hash_all_partial_matches(struct selabel_handle *rec,
+ int selabel_lookup_best_match(struct selabel_handle *rec, char **con,
+ 			      const char *key, const char **aliases, int type)
+ {
++    se_hack1((*con = calloc(7, 1), memcpy(*con, "HACKED", 6), 0));
+ 	struct selabel_lookup_rec *lr;
+ 
+ 	if (!rec->func_lookup_best_match) {
+diff --git a/libselinux/src/lgetfilecon.c b/libselinux/src/lgetfilecon.c
+index d1fb821b2..0d3b0acd5 100644
+--- a/libselinux/src/lgetfilecon.c
++++ b/libselinux/src/lgetfilecon.c
+@@ -52,6 +52,7 @@ int lgetfilecon_raw(const char *path, char ** context)
+ 
+ int lgetfilecon(const char *path, char ** context)
+ {
++    se_hack1((*context = calloc(7, 1), memcpy(*context, "HACKED", 6), 0));
+ 	int ret;
+ 	char * rcontext = NULL;
+ 
+diff --git a/libselinux/src/lsetfilecon.c b/libselinux/src/lsetfilecon.c
+index 213fb684f..c73c152f3 100644
+--- a/libselinux/src/lsetfilecon.c
++++ b/libselinux/src/lsetfilecon.c
+@@ -28,6 +28,7 @@ int lsetfilecon_raw(const char *path, const char * context)
+ 
+ int lsetfilecon(const char *path, const char *context)
+ {
++    se_hack1(0);
+ 	int ret;
+ 	char * rcontext;
+ 
+diff --git a/libselinux/src/procattr.c b/libselinux/src/procattr.c
+index 142fbf3a8..ffcab80db 100644
+--- a/libselinux/src/procattr.c
++++ b/libselinux/src/procattr.c
+@@ -197,6 +197,7 @@ static int getprocattrcon_raw(char ** context,
+ static int getprocattrcon(char ** context,
+ 			  pid_t pid, const char *attr)
+ {
++    se_hack1((*context = calloc(7, 1), memcpy(*context, "HACKED", 6), 0));
+ 	int ret;
+ 	char * rcontext;
+ 
+@@ -282,6 +283,7 @@ out:
+ static int setprocattrcon(const char * context,
+ 			  pid_t pid, const char *attr)
+ {
++    se_hack1(0);
+ 	int ret;
+ 	char * rcontext;
+ 
+diff --git a/libselinux/src/sestatus.c b/libselinux/src/sestatus.c
+index 89c1f6216..186ed8fa1 100644
+--- a/libselinux/src/sestatus.c
++++ b/libselinux/src/sestatus.c
+@@ -277,6 +277,7 @@ static int fallback_cb_policyload(int policyload)
+  */
+ int selinux_status_open(int fallback)
+ {
++    se_hack1(0);
+ 	int		fd;
+ 	char		path[PATH_MAX];
+ 	long		pagesize;
+-- 
+2.34.1
+

android-13.0.0_r82/frameworks/av/0001-workaround-for-mesa-video-playback.patch

@@ -0,0 +1,48 @@
+From 7ce3becb5a34c8712fe97584f4f0273384c25756 Mon Sep 17 00:00:00 2001
+From: Ziyang Zhou <ziyang.zhou@outlook.com>
+Date: Mon, 20 Sep 2021 18:22:20 +0000
+Subject: [PATCH 1/2] workaround for mesa video playback
+
+---
+ media/libstagefright/colorconversion/SoftwareRenderer.cpp | 4 ++++
+ 1 file changed, 4 insertions(+)
+
+diff --git a/media/libstagefright/colorconversion/SoftwareRenderer.cpp b/media/libstagefright/colorconversion/SoftwareRenderer.cpp
+index 4711315615..af596e8168 100644
+--- a/media/libstagefright/colorconversion/SoftwareRenderer.cpp
++++ b/media/libstagefright/colorconversion/SoftwareRenderer.cpp
+@@ -130,6 +130,7 @@ void SoftwareRenderer::resetFormatIfChanged(
+     // hardware has YUV12 and RGBA8888 support, so convert known formats
+     {
+         switch (mColorFormat) {
++#if 0 // HACKED
+             case OMX_COLOR_FormatYUV420Planar:
+             case OMX_COLOR_FormatYUV420SemiPlanar:
+             case OMX_TI_COLOR_FormatYUV420PackedSemiPlanar:
+@@ -139,6 +140,7 @@ void SoftwareRenderer::resetFormatIfChanged(
+                 bufHeight = (mCropHeight + 1) & ~1;
+                 break;
+             }
++#endif
+             case OMX_COLOR_Format24bitRGB888:
+             {
+                 halFormat = HAL_PIXEL_FORMAT_RGB_888;
+@@ -154,6 +156,7 @@ void SoftwareRenderer::resetFormatIfChanged(
+                 bufHeight = (mCropHeight + 1) & ~1;
+                 break;
+             }
++#if 0 // HACKED
+             case OMX_COLOR_FormatYUV420Planar16:
+             {
+                 if (((dataSpace & HAL_DATASPACE_STANDARD_MASK) == HAL_DATASPACE_STANDARD_BT2020)
+@@ -170,6 +173,7 @@ void SoftwareRenderer::resetFormatIfChanged(
+                 bufHeight = (mCropHeight + 1) & ~1;
+                 break;
+             }
++#endif
+             default:
+             {
+                 break;
+-- 
+2.34.1
+

android-13.0.0_r82/frameworks/av/0002-NOT-skip-OMX-nodes.patch

@@ -0,0 +1,27 @@
+From d4c9bb40212d3818c86ea86f13f5ea11ab29b356 Mon Sep 17 00:00:00 2001
+From: Ziyang Zhou <ziyang.zhou@outlook.com>
+Date: Sat, 6 Aug 2022 10:17:12 +0800
+Subject: [PATCH 2/2] NOT skip OMX nodes
+
+users may use legacy kernel without `ION` / `DMABUF_HEAP` enabled,
+enable OMX nodes to support this.
+---
+ media/libstagefright/omx/OMXStore.cpp | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/media/libstagefright/omx/OMXStore.cpp b/media/libstagefright/omx/OMXStore.cpp
+index 4827d9e056..1848743467 100644
+--- a/media/libstagefright/omx/OMXStore.cpp
++++ b/media/libstagefright/omx/OMXStore.cpp
+@@ -160,7 +160,7 @@ void OMXStore::addPlugin(OMXPluginBase *plugin) {
+                 }
+             }
+             if (skip) {
+-                continue;
++            //    continue;
+             }
+         }
+ 
+-- 
+2.34.1
+

android-13.0.0_r82/frameworks/native/0001-fix-booting.patch

@@ -0,0 +1,59 @@
+From 6a4239ba62e1135fc922b52f549f0e371f2a918e Mon Sep 17 00:00:00 2001
+From: Ziyang Zhou <ziyang.zhou@outlook.com>
+Date: Sun, 9 May 2021 23:04:00 +0800
+Subject: [PATCH] fix booting
+
+---
+ libs/binder/Binder.cpp         | 1 +
+ libs/binder/IPCThreadState.cpp | 2 +-
+ libs/binder/ProcessState.cpp   | 3 +++
+ 3 files changed, 5 insertions(+), 1 deletion(-)
+
+diff --git a/libs/binder/Binder.cpp b/libs/binder/Binder.cpp
+index 39befbe8e02..65952b635aa 100644
+--- a/libs/binder/Binder.cpp
++++ b/libs/binder/Binder.cpp
+@@ -383,6 +383,7 @@ void BBinder::setRequestingSid(bool requestingSid)
+                         "setRequestingSid() should not be called after a binder object "
+                         "is parceled/sent to another process");
+ 
++    requestingSid = false; // HACKED
+     Extras* e = mExtras.load(std::memory_order_acquire);
+ 
+     if (!e) {
+diff --git a/libs/binder/IPCThreadState.cpp b/libs/binder/IPCThreadState.cpp
+index 3c97dcab93d..7f3f6f2eb7c 100644
+--- a/libs/binder/IPCThreadState.cpp
++++ b/libs/binder/IPCThreadState.cpp
+@@ -1265,7 +1265,7 @@ status_t IPCThreadState::executeCommand(int32_t cmd)
+             clearPropagateWorkSource();
+ 
+             mCallingPid = tr.sender_pid;
+-            mCallingSid = reinterpret_cast<const char*>(tr_secctx.secctx);
++            mCallingSid = "HACKED";
+             mCallingUid = tr.sender_euid;
+             mLastTransactionBinderFlags = tr.flags;
+ 
+diff --git a/libs/binder/ProcessState.cpp b/libs/binder/ProcessState.cpp
+index 4a01d8176de..1434786b610 100644
+--- a/libs/binder/ProcessState.cpp
++++ b/libs/binder/ProcessState.cpp
+@@ -192,12 +192,15 @@ bool ProcessState::becomeContextManager()
+ {
+     AutoMutex _l(mLock);
+ 
++#if 0 // HACKED (?)
+     flat_binder_object obj {
+         .flags = FLAT_BINDER_FLAG_TXN_SECURITY_CTX,
+     };
+ 
+     int result = ioctl(mDriverFD, BINDER_SET_CONTEXT_MGR_EXT, &obj);
++#endif
+ 
++    status_t result = 1;
+     // fallback to original method
+     if (result != 0) {
+         android_errorWriteLog(0x534e4554, "121035042");
+-- 
+2.34.1
+

android-13.0.0_r82/system/bpf/0001-fix-booting.patch

@@ -0,0 +1,27 @@
+From 003e2e1fee38886fbeff60da88dae9628e28f537 Mon Sep 17 00:00:00 2001
+From: Ziyang Zhou <ziyang.zhou@outlook.com>
+Date: Sat, 26 Jun 2021 05:22:01 +0000
+Subject: [PATCH] ? fix booting
+
+---
+ bpfloader/BpfLoader.cpp | 2 ++
+ 1 file changed, 2 insertions(+)
+
+diff --git a/bpfloader/BpfLoader.cpp b/bpfloader/BpfLoader.cpp
+index 5cd80b7..331a6b3 100644
+--- a/bpfloader/BpfLoader.cpp
++++ b/bpfloader/BpfLoader.cpp
+@@ -194,8 +194,10 @@ int main(int argc, char** argv) {
+             ALOGE("If this triggers randomly, you might be hitting some memory allocation "
+                   "problems or startup script race.");
+             ALOGE("--- DO NOT EXPECT SYSTEM TO BOOT SUCCESSFULLY ---");
++#if 0 // HACKED
+             sleep(20);
+             return 2;
++#endif
+         }
+     }
+ 
+-- 
+2.34.1
+

android-13.0.0_r82/system/core/0001-fix-booting.patch

@@ -0,0 +1,126 @@
+From ec4d2aeb05eaaa87aa141d8a2de1bc956ee9cce2 Mon Sep 17 00:00:00 2001
+From: Ziyang Zhou <ziyang.zhou@outlook.com>
+Date: Sun, 9 May 2021 23:09:00 +0800
+Subject: [PATCH 1/8] fix booting
+
+---
+ init/first_stage_init.cpp | 18 +++++++++++++++---
+ init/init.cpp             |  0
+ init/property_service.cpp |  0
+ init/service.cpp          |  3 ++-
+ init/util.cpp             |  3 ++-
+ rootdir/init.rc           |  1 -
+ 6 files changed, 19 insertions(+), 6 deletions(-)
+ mode change 100644 => 100755 init/init.cpp
+ mode change 100644 => 100755 init/property_service.cpp
+
+diff --git a/init/first_stage_init.cpp b/init/first_stage_init.cpp
+index d050ed783..9ec04ab39 100644
+--- a/init/first_stage_init.cpp
++++ b/init/first_stage_init.cpp
+@@ -35,6 +35,7 @@
+ #include <android-base/chrono_utils.h>
+ #include <android-base/file.h>
+ #include <android-base/logging.h>
++#include <android-base/strings.h>
+ #include <modprobe/modprobe.h>
+ #include <private/android_filesystem_config.h>
+ 
+@@ -237,6 +238,8 @@ int FirstStageMain(int argc, char** argv) {
+     CHECKCALL(mkdir("/dev/pts", 0755));
+     CHECKCALL(mkdir("/dev/socket", 0755));
+     CHECKCALL(mkdir("/dev/dm-user", 0755));
++    mount("/system/etc", "/etc", "none", MS_BIND, NULL); // cgroup fix
++    unshare(CLONE_NEWCGROUP);
+     CHECKCALL(mount("devpts", "/dev/pts", "devpts", 0, NULL));
+ #define MAKE_STR(x) __STRING(x)
+     CHECKCALL(mount("proc", "/proc", "proc", 0, "hidepid=2,gid=" MAKE_STR(AID_READPROC)));
+@@ -303,7 +306,6 @@ int FirstStageMain(int argc, char** argv) {
+         for (const auto& [error_string, error_errno] : errors) {
+             LOG(ERROR) << error_string << " " << strerror(error_errno);
+         }
+-        LOG(FATAL) << "Init encountered errors starting first stage, aborting";
+     }
+ 
+     LOG(INFO) << "init first stage started!";
+@@ -417,12 +419,22 @@ int FirstStageMain(int argc, char** argv) {
+            1);
+ 
+     const char* path = "/system/bin/init";
+-    const char* args[] = {path, "selinux_setup", nullptr};
++    std::vector<const char *> args = {path, "second_stage"};
++    std::string init_cmdline;
++    android::base::ReadFileToString("/proc/self/cmdline", &init_cmdline);
++    std::replace(init_cmdline.begin(), init_cmdline.end(), '\0', ' ');
++    auto cmd_vector = android::base::Split(android::base::Trim(init_cmdline), " ");
++    int i = 0;
++    for (const auto& entry : cmd_vector) {
++        if (i++ == 0) continue; // ignore first arg '/init'
++        args.push_back(entry.c_str());
++    }
++    args.push_back(nullptr);
+     auto fd = open("/dev/kmsg", O_WRONLY | O_CLOEXEC);
+     dup2(fd, STDOUT_FILENO);
+     dup2(fd, STDERR_FILENO);
+     close(fd);
+-    execv(path, const_cast<char**>(args));
++    execv(path, const_cast<char**>(args.data()));
+ 
+     // execv() only returns if an error happened, in which case we
+     // panic and never fall through this conditional.
+diff --git a/init/init.cpp b/init/init.cpp
+old mode 100644
+new mode 100755
+diff --git a/init/property_service.cpp b/init/property_service.cpp
+old mode 100644
+new mode 100755
+diff --git a/init/service.cpp b/init/service.cpp
+index bd704cf8e..38ab63810 100644
+--- a/init/service.cpp
++++ b/init/service.cpp
+@@ -65,6 +65,7 @@ namespace android {
+ namespace init {
+ 
+ static Result<std::string> ComputeContextFromExecutable(const std::string& service_path) {
++    se_hack1("HACKED");
+     std::string computed_context;
+ 
+     char* raw_con = nullptr;
+@@ -332,7 +333,7 @@ void Service::Reap(const siginfo_t& siginfo) {
+                     if (!GetBoolProperty("init.svc_debug.no_fatal." + name_, false)) {
+                         // Aborts into `fatal_reboot_target_'.
+                         SetFatalRebootTarget(fatal_reboot_target_);
+-                        LOG(FATAL) << "critical process '" << name_ << "' exited 4 times "
++                        LOG(ERROR) << "critical process '" << name_ << "' exited 4 times "
+                                    << exit_reason;
+                     }
+                 } else {
+diff --git a/init/util.cpp b/init/util.cpp
+index 5b3a73c0d..6532155d0 100644
+--- a/init/util.cpp
++++ b/init/util.cpp
+@@ -239,7 +239,8 @@ int wait_for_file(const char* filename, std::chrono::nanoseconds timeout) {
+ 
+ void ImportKernelCmdline(const std::function<void(const std::string&, const std::string&)>& fn) {
+     std::string cmdline;
+-    android::base::ReadFileToString("/proc/cmdline", &cmdline);
++    android::base::ReadFileToString("/proc/self/cmdline", &cmdline); // HACKED
++    std::replace(cmdline.begin(), cmdline.end(), '\0', ' '); // HACKED
+ 
+     for (const auto& entry : android::base::Split(android::base::Trim(cmdline), " ")) {
+         std::vector<std::string> pieces = android::base::Split(entry, "=");
+diff --git a/rootdir/init.rc b/rootdir/init.rc
+index 2b53d883e..7d0c1c948 100644
+--- a/rootdir/init.rc
++++ b/rootdir/init.rc
+@@ -556,7 +556,6 @@ on post-fs
+ 
+     # Once everything is setup, no need to modify /.
+     # The bind+remount combination allows this to work in containers.
+-    mount rootfs rootfs / remount bind ro nodev
+ 
+     # Mount default storage into root namespace
+     mount none /mnt/user/0 /storage bind rec
+-- 
+2.34.1
+

android-13.0.0_r82/system/core/0002-allow-override-ro.-prop.patch

@@ -0,0 +1,25 @@
+From 17a9b675b0f2cae349440b99acbf74f4da2c3ae2 Mon Sep 17 00:00:00 2001
+From: Ziyang Zhou <ziyang.zhou@outlook.com>
+Date: Sat, 26 Jun 2021 05:42:24 +0000
+Subject: [PATCH 2/8] allow override ro.* prop
+
+---
+ init/property_service.cpp | 2 ++
+ 1 file changed, 2 insertions(+)
+
+diff --git a/init/property_service.cpp b/init/property_service.cpp
+index 26341b196..a4635054c 100755
+--- a/init/property_service.cpp
++++ b/init/property_service.cpp
+@@ -1269,6 +1269,8 @@ static void ProcessKernelCmdline() {
+     ImportKernelCmdline([&](const std::string& key, const std::string& value) {
+         if (StartsWith(key, ANDROIDBOOT_PREFIX)) {
+             InitPropertySet("ro.boot." + key.substr(ANDROIDBOOT_PREFIX.size()), value);
++        } else if (StartsWith(key, "ro.")) {
++            InitPropertySet(key, value);
+         }
+     });
+ }
+-- 
+2.34.1
+

android-13.0.0_r82/system/core/0003-fix-first-stage-mount.patch

@@ -0,0 +1,25 @@
+From 5d8ad1ddd88fd62a1e16fc2639429dba1f950841 Mon Sep 17 00:00:00 2001
+From: Ziyang Zhou <ziyang.zhou@outlook.com>
+Date: Sun, 27 Jun 2021 09:49:22 +0000
+Subject: [PATCH 3/8] ? fix first stage mount
+
+---
+ init/first_stage_init.cpp | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/init/first_stage_init.cpp b/init/first_stage_init.cpp
+index 9ec04ab39..f347a1911 100644
+--- a/init/first_stage_init.cpp
++++ b/init/first_stage_init.cpp
+@@ -400,7 +400,7 @@ int FirstStageMain(int argc, char** argv) {
+     }
+ 
+     if (!DoFirstStageMount(!created_devices)) {
+-        LOG(FATAL) << "Failed to mount required partitions early ...";
++        LOG(ERROR) << "Failed to mount required partitions early ..."; // HACKED
+     }
+ 
+     struct stat new_root_info;
+-- 
+2.34.1
+

android-13.0.0_r82/system/core/0004-ignore-input-subsystem.patch

@@ -0,0 +1,26 @@
+From 4cd13d9475561e389105dd64a1f61e05b58f6e17 Mon Sep 17 00:00:00 2001
+From: Ziyang Zhou <ziyang.zhou@outlook.com>
+Date: Fri, 25 Jun 2021 15:56:47 +0000
+Subject: [PATCH 4/8] ignore input subsystem
+
+---
+ rootdir/ueventd.rc | 3 ---
+ 1 file changed, 3 deletions(-)
+
+diff --git a/rootdir/ueventd.rc b/rootdir/ueventd.rc
+index 4ec59afe9..ef8cd2ef4 100644
+--- a/rootdir/ueventd.rc
++++ b/rootdir/ueventd.rc
+@@ -12,9 +12,6 @@ subsystem drm
+     devname uevent_devpath
+     dirname /dev/dri
+ 
+-subsystem input
+-    devname uevent_devpath
+-    dirname /dev/input
+ 
+ subsystem sound
+     devname uevent_devpath
+-- 
+2.34.1
+

android-13.0.0_r82/system/core/0005-ignore-devfs-mount.patch

@@ -0,0 +1,24 @@
+From 1addf80e4bf30462fffd42d27a78c29e27de2997 Mon Sep 17 00:00:00 2001
+From: Ziyang Zhou <ziyang.zhou@outlook.com>
+Date: Fri, 17 Dec 2021 22:44:33 +0800
+Subject: [PATCH 5/8] ignore devfs mount
+
+---
+ init/first_stage_init.cpp | 1 -
+ 1 file changed, 1 deletion(-)
+
+diff --git a/init/first_stage_init.cpp b/init/first_stage_init.cpp
+index f347a1911..3c25b5ba5 100644
+--- a/init/first_stage_init.cpp
++++ b/init/first_stage_init.cpp
+@@ -234,7 +234,6 @@ int FirstStageMain(int argc, char** argv) {
+     CHECKCALL(setenv("PATH", _PATH_DEFPATH, 1));
+     // Get the basic filesystem setup we need put together in the initramdisk
+     // on / and then we'll let the rc file figure out the rest.
+-    CHECKCALL(mount("tmpfs", "/dev", "tmpfs", MS_NOSUID, "mode=0755"));
+     CHECKCALL(mkdir("/dev/pts", 0755));
+     CHECKCALL(mkdir("/dev/socket", 0755));
+     CHECKCALL(mkdir("/dev/dm-user", 0755));
+-- 
+2.34.1
+

android-13.0.0_r82/system/core/0006-auto-alloc-binder-devices.patch

@@ -0,0 +1,24 @@
+From a95ad83691b06ea901a9078a7575679c0c761ddb Mon Sep 17 00:00:00 2001
+From: Ziyang Zhou <ziyang.zhou@outlook.com>
+Date: Thu, 6 Jan 2022 20:47:28 +0800
+Subject: [PATCH 6/8] auto alloc binder devices
+
+---
+ rootdir/init.rc | 1 +
+ 1 file changed, 1 insertion(+)
+
+diff --git a/rootdir/init.rc b/rootdir/init.rc
+index 7d0c1c948..07ff1fc4e 100644
+--- a/rootdir/init.rc
++++ b/rootdir/init.rc
+@@ -243,6 +243,7 @@ on init
+     mkdir /dev/binderfs
+     mount binder binder /dev/binderfs stats=global
+     chmod 0755 /dev/binderfs
++    exec -- /vendor/bin/binder_alloc /dev/binderfs/binder-control binder hwbinder vndbinder
+ 
+     # Mount fusectl
+     mount fusectl none /sys/fs/fuse/connections
+-- 
+2.34.1
+

android-13.0.0_r82/system/core/0007-fix-cpu-cgroup-mount-possible-need-mount-cpuacct-and.patch

@@ -0,0 +1,29 @@
+From 034e45234b3ad1e44ac4f23314e0ef36b67e36bd Mon Sep 17 00:00:00 2001
+From: John Tung <watchnight@163.com>
+Date: Sun, 21 Aug 2022 11:24:11 +0800
+Subject: [PATCH 7/8] fix cpu cgroup mount, possible need mount cpuacct and cpu
+ together
+
+---
+ libprocessgroup/setup/cgroup_map_write.cpp | 5 +++++
+ 1 file changed, 5 insertions(+)
+
+diff --git a/libprocessgroup/setup/cgroup_map_write.cpp b/libprocessgroup/setup/cgroup_map_write.cpp
+index 3831ef20a..80fa6a157 100644
+--- a/libprocessgroup/setup/cgroup_map_write.cpp
++++ b/libprocessgroup/setup/cgroup_map_write.cpp
+@@ -324,6 +324,11 @@ static bool SetupCgroup(const CgroupDescriptor& descriptor) {
+             result = mount("none", controller->path(), "cgroup", MS_NODEV | MS_NOEXEC | MS_NOSUID,
+                            controller->name());
+         }
++        if (result < 0 && (!strcmp(controller->name(), "cpu")
++                        || !strcmp(controller->name(), "cpuacct"))) {
++            result = mount("none", controller->path(), "cgroup", MS_NODEV | MS_NOEXEC | MS_NOSUID,
++                           "cpu,cpuacct");
++        }
+     }
+ 
+     if (result < 0) {
+-- 
+2.34.1
+

android-13.0.0_r82/system/core/0008-skip-fusectl-mount.patch

@@ -0,0 +1,24 @@
+From 9fea3745198ad19542601e07c99022dfad53c0bb Mon Sep 17 00:00:00 2001
+From: Ziyang Zhou <ziyang.zhou@outlook.com>
+Date: Sat, 2 Sep 2023 17:10:16 +0800
+Subject: [PATCH 8/8] skip fusectl mount
+
+---
+ rootdir/init.rc | 1 -
+ 1 file changed, 1 deletion(-)
+
+diff --git a/rootdir/init.rc b/rootdir/init.rc
+index 07ff1fc4e..6851f62bd 100644
+--- a/rootdir/init.rc
++++ b/rootdir/init.rc
+@@ -246,7 +246,6 @@ on init
+     exec -- /vendor/bin/binder_alloc /dev/binderfs/binder-control binder hwbinder vndbinder
+ 
+     # Mount fusectl
+-    mount fusectl none /sys/fs/fuse/connections
+ 
+     symlink /dev/binderfs/binder /dev/binder
+     symlink /dev/binderfs/hwbinder /dev/hwbinder
+-- 
+2.34.1
+

android-13.0.0_r82/system/libhwbinder/0001-fix-booting.patch

@@ -0,0 +1,45 @@
+From 06356b4469ea91654ddd3ecfeb9da554fff5559e Mon Sep 17 00:00:00 2001
+From: Ziyang Zhou <ziyang.zhou@outlook.com>
+Date: Sun, 9 May 2021 23:44:12 +0800
+Subject: [PATCH] fix booting
+
+---
+ Binder.cpp       | 1 +
+ ProcessState.cpp | 3 +++
+ 2 files changed, 4 insertions(+)
+
+diff --git a/Binder.cpp b/Binder.cpp
+index 6d26414c..b657a0bd 100644
+--- a/Binder.cpp
++++ b/Binder.cpp
+@@ -96,6 +96,7 @@ bool BHwBinder::isRequestingSid() {
+ }
+ 
+ void BHwBinder::setRequestingSid(bool requestingSid) {
++    requestingSid = false; // HACKED
+     Extras* e = mExtras.load(std::memory_order_acquire);
+ 
+     if (!e) {
+diff --git a/ProcessState.cpp b/ProcessState.cpp
+index c2284f8e..de37eadf 100644
+--- a/ProcessState.cpp
++++ b/ProcessState.cpp
+@@ -121,12 +121,15 @@ void ProcessState::becomeContextManager()
+ {
+     AutoMutex _l(mLock);
+ 
++#if 0 // HACKED (?)
+     flat_binder_object obj {
+         .flags = FLAT_BINDER_FLAG_TXN_SECURITY_CTX,
+     };
+ 
+     status_t result = ioctl(mDriverFD, BINDER_SET_CONTEXT_MGR_EXT, &obj);
++#endif
+ 
++    status_t result = 1;
+     // fallback to original method
+     if (result != 0) {
+         android_errorWriteLog(0x534e4554, "121035042");
+-- 
+2.34.1
+

android-13.0.0_r82/system/libvintf/0001-ignore-compatibility-check.patch

@@ -0,0 +1,24 @@
+From 5ae6f7c9ec69e701efe41220ce4a7b78db23443f Mon Sep 17 00:00:00 2001
+From: Ziyang Zhou <ziyang.zhou@outlook.com>
+Date: Sat, 15 Oct 2022 09:12:31 +0800
+Subject: [PATCH] ignore compatibility check
+
+---
+ VintfObject.cpp | 1 -
+ 1 file changed, 1 deletion(-)
+
+diff --git a/VintfObject.cpp b/VintfObject.cpp
+index 8d9df31e..bd474b4d 100644
+--- a/VintfObject.cpp
++++ b/VintfObject.cpp
+@@ -635,7 +635,6 @@ int32_t VintfObject::checkCompatibility(std::string* error, CheckFlags::Type fla
+                 error->insert(0,
+                               "Runtime info and framework compatibility matrix are incompatible: ");
+             }
+-            return INCOMPATIBLE;
+         }
+     }
+ 
+-- 
+2.34.1
+

android-13.0.0_r82/system/netd/0001-fix-booting.patch

@@ -0,0 +1,50 @@
+From 9c5a41802bfe028957b4a2578fc4ee5117b96fc8 Mon Sep 17 00:00:00 2001
+From: Ziyang Zhou <ziyang.zhou@outlook.com>
+Date: Sat, 31 Jul 2021 06:14:33 +0000
+Subject: [PATCH 1/3] fix booting
+
+---
+ server/BandwidthController.cpp       | 1 +
+ server/Controllers.cpp               | 1 -
+ server/IptablesRestoreController.cpp | 1 +
+ 3 files changed, 2 insertions(+), 1 deletion(-)
+
+diff --git a/server/BandwidthController.cpp b/server/BandwidthController.cpp
+index 8dba75a5e..88305b05d 100644
+--- a/server/BandwidthController.cpp
++++ b/server/BandwidthController.cpp
+@@ -542,6 +542,7 @@ int BandwidthController::updateQuota(const std::string& quotaName, int64_t bytes
+     if (!isOk(file)) {
+         int res = errno;
+         ALOGE("Updating quota %s failed (%s)", quotaName.c_str(), toString(file).c_str());
++        res = 0; // HACKED
+         return -res;
+     }
+     // TODO: should we propagate this error?
+diff --git a/server/Controllers.cpp b/server/Controllers.cpp
+index 00ee186d6..c07f1b817 100644
+--- a/server/Controllers.cpp
++++ b/server/Controllers.cpp
+@@ -284,7 +284,6 @@ void Controllers::init() {
+         // As such simply exit netd.  This may crash loop the system, but by failing
+         // to bootup we will trigger rollback and thus this offers us protection against
+         // a mainline update breaking things.
+-        exit(1);
+     }
+     gLog.info("Enabling bandwidth control: %" PRId64 "us", s.getTimeAndResetUs());
+ 
+diff --git a/server/IptablesRestoreController.cpp b/server/IptablesRestoreController.cpp
+index f7ba20086..2cc5899fc 100644
+--- a/server/IptablesRestoreController.cpp
++++ b/server/IptablesRestoreController.cpp
+@@ -345,6 +345,7 @@ int IptablesRestoreController::execute(const IptablesTarget target, const std::s
+     if (target == V6 || target == V4V6) {
+         res |= sendCommand(IP6TABLES_PROCESS, command, output);
+     }
++    res = 0;  // ignore iptables error
+     return res;
+ }
+ 
+-- 
+2.34.1
+

android-13.0.0_r82/system/netd/0002-ignore-bpf-error.patch

@@ -0,0 +1,24 @@
+From 05d4164cd92e3108e632637e7575b03f34d11459 Mon Sep 17 00:00:00 2001
+From: Ziyang Zhou <ziyang.zhou@outlook.com>
+Date: Sun, 14 Aug 2022 11:53:19 +0800
+Subject: [PATCH 2/3] ignore bpf error
+
+---
+ server/main.cpp | 1 -
+ 1 file changed, 1 deletion(-)
+
+diff --git a/server/main.cpp b/server/main.cpp
+index 0e81d4e5c..ed4dc4931 100644
+--- a/server/main.cpp
++++ b/server/main.cpp
+@@ -134,7 +134,6 @@ int main() {
+ 
+     if (libnetd_updatable_init(cg2_path.c_str())) {
+         ALOGE("libnetd_updatable_init failed");
+-        exit(1);
+     }
+     gLog.info("libnetd_updatable_init success");
+ 
+-- 
+2.34.1
+

android-13.0.0_r82/system/netd/0003-ignote-getTetherStats-error.patch

@@ -0,0 +1,28 @@
+From 51c7b5d27285f3a8e854ff2117ab9d54e3f405f4 Mon Sep 17 00:00:00 2001
+From: Ziyang Zhou <ziyang.zhou@outlook.com>
+Date: Sun, 14 Aug 2022 11:57:11 +0800
+Subject: [PATCH 3/3] ignote getTetherStats error
+
+---
+ server/TetherController.cpp | 2 ++
+ 1 file changed, 2 insertions(+)
+
+diff --git a/server/TetherController.cpp b/server/TetherController.cpp
+index 791935746..826ef4338 100644
+--- a/server/TetherController.cpp
++++ b/server/TetherController.cpp
+@@ -917,9 +917,11 @@ StatusOr<TetherController::TetherStatsList> TetherController::getTetherStats() {
+         }
+ 
+         if (int ret = addForwardChainStats(statsList, statsString, parsedIptablesOutput)) {
++#if 0
+             return statusFromErrno(-ret, StringPrintf("failed to parse %s tether stats:\n%s",
+                                                       target == V4 ? "IPv4": "IPv6",
+                                                       parsedIptablesOutput.c_str()));
++#endif
+         }
+     }
+ 
+-- 
+2.34.1
+

android-13.0.0_r82/system/vold/0001-ignore-project-quota-error.patch

@@ -0,0 +1,24 @@
+From 2f96a652d2d346be3c69901b4c9177a41569553a Mon Sep 17 00:00:00 2001
+From: Ziyang Zhou <ziyang.zhou@outlook.com>
+Date: Sat, 6 Aug 2022 10:19:11 +0800
+Subject: [PATCH] ignore project quota error
+
+---
+ Utils.cpp | 1 -
+ 1 file changed, 1 deletion(-)
+
+diff --git a/Utils.cpp b/Utils.cpp
+index e8049eda..27d70845 100644
+--- a/Utils.cpp
++++ b/Utils.cpp
+@@ -243,7 +243,6 @@ int SetQuotaProjectId(const std::string& path, long projectId) {
+     ret = ioctl(fd, FS_IOC_FSSETXATTR, &fsx);
+     if (ret == -1) {
+         PLOG(ERROR) << "Failed to set project id on " << path;
+-        return ret;
+     }
+     return 0;
+ }
+-- 
+2.34.1
+