From c4d3a1bee4ecfae1c3f225b9fb079a347455ba7a Mon Sep 17 00:00:00 2001 From: Ziyang Zhou Date: Thu, 5 Oct 2023 22:21:34 +0800 Subject: [PATCH] android-14.0.0_r2 patches --- .../minijail/0001-disable-seccomp.patch | 32 ++++ .../selinux/0001-ignore-selinux.patch | 165 ++++++++++++++++++ ...1-workaround-for-mesa-video-playback.patch | 48 +++++ .../av/0002-NOT-skip-OMX-nodes.patch | 26 +++ .../frameworks/native/0001-fix-booting.patch | 59 +++++++ .../Connectivity/0001-fix-booting.patch | 24 +++ .../system/bpf/0001-fix-booting.patch | 45 +++++ .../system/core/0001-fix-booting.patch | 126 +++++++++++++ .../core/0002-allow-override-ro.-prop.patch | 25 +++ .../core/0003-fix-first-stage-mount.patch | 25 +++ .../core/0004-ignore-input-subsystem.patch | 26 +++ .../system/core/0005-ignore-devfs-mount.patch | 24 +++ .../core/0006-auto-alloc-binder-devices.patch | 24 +++ .../system/core/0007-skip-fusectl-mount.patch | 24 +++ .../system/libhwbinder/0001-fix-booting.patch | 45 +++++ .../0001-ignore-compatibility-check.patch | 24 +++ .../netd/0001-ignore-iptables-error.patch | 50 ++++++ .../system/netd/0002-ignore-bpf-error.patch | 24 +++ .../0003-ignote-getTetherStats-error.patch | 28 +++ .../0001-ignore-project-quota-error.patch | 24 +++ 20 files changed, 868 insertions(+) create mode 100644 android-14.0.0_r2/external/minijail/0001-disable-seccomp.patch create mode 100644 android-14.0.0_r2/external/selinux/0001-ignore-selinux.patch create mode 100644 android-14.0.0_r2/frameworks/av/0001-workaround-for-mesa-video-playback.patch create mode 100644 android-14.0.0_r2/frameworks/av/0002-NOT-skip-OMX-nodes.patch create mode 100644 android-14.0.0_r2/frameworks/native/0001-fix-booting.patch create mode 100644 android-14.0.0_r2/packages/modules/Connectivity/0001-fix-booting.patch create mode 100644 android-14.0.0_r2/system/bpf/0001-fix-booting.patch create mode 100644 android-14.0.0_r2/system/core/0001-fix-booting.patch create mode 100644 android-14.0.0_r2/system/core/0002-allow-override-ro.-prop.patch create mode 100644 android-14.0.0_r2/system/core/0003-fix-first-stage-mount.patch create mode 100644 android-14.0.0_r2/system/core/0004-ignore-input-subsystem.patch create mode 100644 android-14.0.0_r2/system/core/0005-ignore-devfs-mount.patch create mode 100644 android-14.0.0_r2/system/core/0006-auto-alloc-binder-devices.patch create mode 100644 android-14.0.0_r2/system/core/0007-skip-fusectl-mount.patch create mode 100644 android-14.0.0_r2/system/libhwbinder/0001-fix-booting.patch create mode 100644 android-14.0.0_r2/system/libvintf/0001-ignore-compatibility-check.patch create mode 100644 android-14.0.0_r2/system/netd/0001-ignore-iptables-error.patch create mode 100644 android-14.0.0_r2/system/netd/0002-ignore-bpf-error.patch create mode 100644 android-14.0.0_r2/system/netd/0003-ignote-getTetherStats-error.patch create mode 100644 android-14.0.0_r2/system/vold/0001-ignore-project-quota-error.patch diff --git a/android-14.0.0_r2/external/minijail/0001-disable-seccomp.patch b/android-14.0.0_r2/external/minijail/0001-disable-seccomp.patch new file mode 100644 index 0000000..967f3aa --- /dev/null +++ b/android-14.0.0_r2/external/minijail/0001-disable-seccomp.patch @@ -0,0 +1,32 @@ +From fce354d9875fb0296fb6fc24a3dcbaa1801793ad Mon Sep 17 00:00:00 2001 +From: Ziyang Zhou +Date: Mon, 26 Apr 2021 22:55:03 +0800 +Subject: [PATCH] disable seccomp + +--- + libminijail.c | 2 ++ + 1 file changed, 2 insertions(+) + +diff --git a/libminijail.c b/libminijail.c +index bb60904..efe8be2 100644 +--- a/libminijail.c ++++ b/libminijail.c +@@ -2487,6 +2487,7 @@ static void set_seccomp_filter(const struct minijail *j) + /* + * Install the syscall filter. + */ ++#if 0 // HACKED + if (j->flags.seccomp_filter) { + if (j->flags.seccomp_filter_tsync || + j->flags.seccomp_filter_allow_speculation) { +@@ -2508,6 +2509,7 @@ static void set_seccomp_filter(const struct minijail *j) + } + } + } ++#endif + } + + static pid_t forward_pid = -1; +-- +2.34.1 + diff --git a/android-14.0.0_r2/external/selinux/0001-ignore-selinux.patch b/android-14.0.0_r2/external/selinux/0001-ignore-selinux.patch new file mode 100644 index 0000000..fbcd76e --- /dev/null +++ b/android-14.0.0_r2/external/selinux/0001-ignore-selinux.patch @@ -0,0 +1,165 @@ +From 25c1521451ebcf5733fa7893bf76d7ffb659dc37 Mon Sep 17 00:00:00 2001 +From: Ziyang Zhou +Date: Sun, 9 May 2021 23:44:12 +0800 +Subject: [PATCH] ignore selinux + +--- + libselinux/include/selinux/selinux.h | 4 ++++ + libselinux/src/checkAccess.c | 1 + + libselinux/src/getenforce.c | 1 + + libselinux/src/getfilecon.c | 1 + + libselinux/src/getpeercon.c | 1 + + libselinux/src/init.c | 1 + + libselinux/src/label.c | 1 + + libselinux/src/lgetfilecon.c | 1 + + libselinux/src/lsetfilecon.c | 1 + + libselinux/src/procattr.c | 2 ++ + libselinux/src/sestatus.c | 1 + + 11 files changed, 15 insertions(+) + +diff --git a/libselinux/include/selinux/selinux.h b/libselinux/include/selinux/selinux.h +index a0948853..3ddeee2d 100644 +--- a/libselinux/include/selinux/selinux.h ++++ b/libselinux/include/selinux/selinux.h +@@ -4,6 +4,10 @@ + #include + #include + ++#define SE_HACK ++#define se_hack() if (1) return ++#define se_hack1(p) if (1) return p ++ + #ifdef __cplusplus + extern "C" { + #endif +diff --git a/libselinux/src/checkAccess.c b/libselinux/src/checkAccess.c +index 022cd6b5..a23bffc9 100644 +--- a/libselinux/src/checkAccess.c ++++ b/libselinux/src/checkAccess.c +@@ -20,6 +20,7 @@ static void avc_init_once(void) + } + + int selinux_check_access(const char *scon, const char *tcon, const char *class, const char *perm, void *aux) { ++ se_hack1(0); + int rc; + security_id_t scon_id; + security_id_t tcon_id; +diff --git a/libselinux/src/getenforce.c b/libselinux/src/getenforce.c +index 3f1e2002..bf162279 100644 +--- a/libselinux/src/getenforce.c ++++ b/libselinux/src/getenforce.c +@@ -11,6 +11,7 @@ + + int security_getenforce(void) + { ++ se_hack1(0); + int fd, ret, enforce = 0; + char path[PATH_MAX]; + char buf[20]; +diff --git a/libselinux/src/getfilecon.c b/libselinux/src/getfilecon.c +index 4bee3137..f8b159a0 100644 +--- a/libselinux/src/getfilecon.c ++++ b/libselinux/src/getfilecon.c +@@ -52,6 +52,7 @@ int getfilecon_raw(const char *path, char ** context) + + int getfilecon(const char *path, char ** context) + { ++ se_hack1((*context = calloc(7, 1), memcpy(*context, "HACKED", 6), 0)); + int ret; + char * rcontext = NULL; + +diff --git a/libselinux/src/getpeercon.c b/libselinux/src/getpeercon.c +index a9dca73e..10771cbf 100644 +--- a/libselinux/src/getpeercon.c ++++ b/libselinux/src/getpeercon.c +@@ -46,6 +46,7 @@ int getpeercon_raw(int fd, char ** context) + + int getpeercon(int fd, char ** context) + { ++ se_hack1((*context = calloc(7, 1), memcpy(*context, "HACKED", 6), 0)); + int ret; + char * rcontext; + +diff --git a/libselinux/src/init.c b/libselinux/src/init.c +index 439da417..41268a74 100644 +--- a/libselinux/src/init.c ++++ b/libselinux/src/init.c +@@ -139,6 +139,7 @@ void fini_selinuxmnt(void) + + void set_selinuxmnt(const char *mnt) + { ++ se_hack(); + selinux_mnt = strdup(mnt); + } + +diff --git a/libselinux/src/label.c b/libselinux/src/label.c +index e0ed68d5..2c22c04f 100644 +--- a/libselinux/src/label.c ++++ b/libselinux/src/label.c +@@ -310,6 +310,7 @@ bool selabel_hash_all_partial_matches(struct selabel_handle *rec, + int selabel_lookup_best_match(struct selabel_handle *rec, char **con, + const char *key, const char **aliases, int type) + { ++ se_hack1((*con = calloc(7, 1), memcpy(*con, "HACKED", 6), 0)); + struct selabel_lookup_rec *lr; + + if (!rec->func_lookup_best_match) { +diff --git a/libselinux/src/lgetfilecon.c b/libselinux/src/lgetfilecon.c +index d1fb821b..0d3b0acd 100644 +--- a/libselinux/src/lgetfilecon.c ++++ b/libselinux/src/lgetfilecon.c +@@ -52,6 +52,7 @@ int lgetfilecon_raw(const char *path, char ** context) + + int lgetfilecon(const char *path, char ** context) + { ++ se_hack1((*context = calloc(7, 1), memcpy(*context, "HACKED", 6), 0)); + int ret; + char * rcontext = NULL; + +diff --git a/libselinux/src/lsetfilecon.c b/libselinux/src/lsetfilecon.c +index 213fb684..c73c152f 100644 +--- a/libselinux/src/lsetfilecon.c ++++ b/libselinux/src/lsetfilecon.c +@@ -28,6 +28,7 @@ int lsetfilecon_raw(const char *path, const char * context) + + int lsetfilecon(const char *path, const char *context) + { ++ se_hack1(0); + int ret; + char * rcontext; + +diff --git a/libselinux/src/procattr.c b/libselinux/src/procattr.c +index b7a93a2b..a1478c7f 100644 +--- a/libselinux/src/procattr.c ++++ b/libselinux/src/procattr.c +@@ -175,6 +175,7 @@ static int getprocattrcon_raw(char **context, pid_t pid, const char *attr, + static int getprocattrcon(char **context, pid_t pid, const char *attr, + const char *prev_context) + { ++ se_hack1((*context = calloc(7, 1), memcpy(*context, "HACKED", 6), 0)); + int ret; + char * rcontext; + +@@ -239,6 +240,7 @@ out: + static int setprocattrcon(const char *context, const char *attr, + char **prev_context) + { ++ se_hack1(0); + int ret; + char * rcontext; + +diff --git a/libselinux/src/sestatus.c b/libselinux/src/sestatus.c +index fbe64301..bafe6bb6 100644 +--- a/libselinux/src/sestatus.c ++++ b/libselinux/src/sestatus.c +@@ -277,6 +277,7 @@ static int fallback_cb_policyload(int policyload) + */ + int selinux_status_open(int fallback) + { ++ se_hack1(0); + int fd; + char path[PATH_MAX]; + long pagesize; +-- +2.34.1 + diff --git a/android-14.0.0_r2/frameworks/av/0001-workaround-for-mesa-video-playback.patch b/android-14.0.0_r2/frameworks/av/0001-workaround-for-mesa-video-playback.patch new file mode 100644 index 0000000..327aa6f --- /dev/null +++ b/android-14.0.0_r2/frameworks/av/0001-workaround-for-mesa-video-playback.patch @@ -0,0 +1,48 @@ +From 929c5fbe4b57b7682c8fe1f02b289431b08ec39f Mon Sep 17 00:00:00 2001 +From: Ziyang Zhou +Date: Mon, 20 Sep 2021 18:22:20 +0000 +Subject: [PATCH 1/2] ? workaround for mesa video playback + +--- + media/libstagefright/colorconversion/SoftwareRenderer.cpp | 4 ++++ + 1 file changed, 4 insertions(+) + +diff --git a/media/libstagefright/colorconversion/SoftwareRenderer.cpp b/media/libstagefright/colorconversion/SoftwareRenderer.cpp +index 240931591d..1e3ec7bf41 100644 +--- a/media/libstagefright/colorconversion/SoftwareRenderer.cpp ++++ b/media/libstagefright/colorconversion/SoftwareRenderer.cpp +@@ -130,6 +130,7 @@ void SoftwareRenderer::resetFormatIfChanged( + // hardware has YUV12 and RGBA8888 support, so convert known formats + { + switch (mColorFormat) { ++#if 0 // HACKED + case OMX_COLOR_FormatYUV420Planar: + case OMX_COLOR_FormatYUV420SemiPlanar: + case OMX_TI_COLOR_FormatYUV420PackedSemiPlanar: +@@ -139,6 +140,7 @@ void SoftwareRenderer::resetFormatIfChanged( + bufHeight = (mCropHeight + 1) & ~1; + break; + } ++#endif + case OMX_COLOR_Format24bitRGB888: + { + halFormat = HAL_PIXEL_FORMAT_RGB_888; +@@ -154,6 +156,7 @@ void SoftwareRenderer::resetFormatIfChanged( + bufHeight = (mCropHeight + 1) & ~1; + break; + } ++#if 0 // HACKED + case OMX_COLOR_FormatYUV420Planar16: + { + if (((dataSpace & HAL_DATASPACE_STANDARD_MASK) == HAL_DATASPACE_STANDARD_BT2020) +@@ -170,6 +173,7 @@ void SoftwareRenderer::resetFormatIfChanged( + bufHeight = (mCropHeight + 1) & ~1; + break; + } ++#endif + default: + { + break; +-- +2.34.1 + diff --git a/android-14.0.0_r2/frameworks/av/0002-NOT-skip-OMX-nodes.patch b/android-14.0.0_r2/frameworks/av/0002-NOT-skip-OMX-nodes.patch new file mode 100644 index 0000000..f7865f8 --- /dev/null +++ b/android-14.0.0_r2/frameworks/av/0002-NOT-skip-OMX-nodes.patch @@ -0,0 +1,26 @@ +From e1853e0b73fca06ee2f53da7e71047b2c630afdd Mon Sep 17 00:00:00 2001 +From: Ziyang Zhou +Date: Sat, 6 Aug 2022 10:17:12 +0800 +Subject: [PATCH 2/2] NOT skip OMX nodes + +users may use legacy kernel without `ION` / `DMABUF_HEAP` enabled, +enable OMX nodes to support this. +--- + media/libstagefright/omx/OMXStore.cpp | 1 - + 1 file changed, 1 deletion(-) + +diff --git a/media/libstagefright/omx/OMXStore.cpp b/media/libstagefright/omx/OMXStore.cpp +index 0906433a8a..8ea62b6e3d 100644 +--- a/media/libstagefright/omx/OMXStore.cpp ++++ b/media/libstagefright/omx/OMXStore.cpp +@@ -161,7 +161,6 @@ void OMXStore::addPlugin(OMXPluginBase *plugin) { + } + } + if (skip) { +- continue; + } + } + +-- +2.34.1 + diff --git a/android-14.0.0_r2/frameworks/native/0001-fix-booting.patch b/android-14.0.0_r2/frameworks/native/0001-fix-booting.patch new file mode 100644 index 0000000..b9fb48e --- /dev/null +++ b/android-14.0.0_r2/frameworks/native/0001-fix-booting.patch @@ -0,0 +1,59 @@ +From d284d0be72c01ce3f712a201baf023f356826de8 Mon Sep 17 00:00:00 2001 +From: Ziyang Zhou +Date: Sun, 9 May 2021 23:04:00 +0800 +Subject: [PATCH] fix booting + +--- + libs/binder/Binder.cpp | 1 + + libs/binder/IPCThreadState.cpp | 2 +- + libs/binder/ProcessState.cpp | 3 +++ + 3 files changed, 5 insertions(+), 1 deletion(-) + +diff --git a/libs/binder/Binder.cpp b/libs/binder/Binder.cpp +index 3e49656575..8b91975ca3 100644 +--- a/libs/binder/Binder.cpp ++++ b/libs/binder/Binder.cpp +@@ -506,6 +506,7 @@ void BBinder::setRequestingSid(bool requestingSid) + "setRequestingSid() should not be called after a binder object " + "is parceled/sent to another process"); + ++ requestingSid = false; // HACKED + Extras* e = mExtras.load(std::memory_order_acquire); + + if (!e) { +diff --git a/libs/binder/IPCThreadState.cpp b/libs/binder/IPCThreadState.cpp +index da58251149..4a18b4297d 100644 +--- a/libs/binder/IPCThreadState.cpp ++++ b/libs/binder/IPCThreadState.cpp +@@ -1393,7 +1393,7 @@ status_t IPCThreadState::executeCommand(int32_t cmd) + clearPropagateWorkSource(); + + mCallingPid = tr.sender_pid; +- mCallingSid = reinterpret_cast(tr_secctx.secctx); ++ mCallingSid = "HACKED"; + mCallingUid = tr.sender_euid; + mHasExplicitIdentity = false; + mLastTransactionBinderFlags = tr.flags; +diff --git a/libs/binder/ProcessState.cpp b/libs/binder/ProcessState.cpp +index 5f1f50672a..adc451a148 100644 +--- a/libs/binder/ProcessState.cpp ++++ b/libs/binder/ProcessState.cpp +@@ -211,12 +211,15 @@ bool ProcessState::becomeContextManager() + { + AutoMutex _l(mLock); + ++#if 0 // HACKED (?) + flat_binder_object obj { + .flags = FLAT_BINDER_FLAG_TXN_SECURITY_CTX, + }; + + int result = ioctl(mDriverFD, BINDER_SET_CONTEXT_MGR_EXT, &obj); ++#endif + ++ status_t result = 1; + // fallback to original method + if (result != 0) { + android_errorWriteLog(0x534e4554, "121035042"); +-- +2.34.1 + diff --git a/android-14.0.0_r2/packages/modules/Connectivity/0001-fix-booting.patch b/android-14.0.0_r2/packages/modules/Connectivity/0001-fix-booting.patch new file mode 100644 index 0000000..098a9c1 --- /dev/null +++ b/android-14.0.0_r2/packages/modules/Connectivity/0001-fix-booting.patch @@ -0,0 +1,24 @@ +From 329d11797edbf1a86266aef49b38a16d341f79da Mon Sep 17 00:00:00 2001 +From: Ziyang Zhou +Date: Thu, 5 Oct 2023 22:18:09 +0800 +Subject: [PATCH] fix booting + +--- + service/jni/com_android_server_connectivity_ClatCoordinator.cpp | 1 + + 1 file changed, 1 insertion(+) + +diff --git a/service/jni/com_android_server_connectivity_ClatCoordinator.cpp b/service/jni/com_android_server_connectivity_ClatCoordinator.cpp +index 059b7168ff..79f5270afe 100644 +--- a/service/jni/com_android_server_connectivity_ClatCoordinator.cpp ++++ b/service/jni/com_android_server_connectivity_ClatCoordinator.cpp +@@ -143,6 +143,7 @@ static void verifyClatPerms() { + return; + } + ++ fatal = false; // HACKED + if (fatal) abort(); + } + +-- +2.34.1 + diff --git a/android-14.0.0_r2/system/bpf/0001-fix-booting.patch b/android-14.0.0_r2/system/bpf/0001-fix-booting.patch new file mode 100644 index 0000000..6ae7b8f --- /dev/null +++ b/android-14.0.0_r2/system/bpf/0001-fix-booting.patch @@ -0,0 +1,45 @@ +From 118f5f96200087f43707f0bc75e5c196f73ca3c7 Mon Sep 17 00:00:00 2001 +From: Ziyang Zhou +Date: Thu, 5 Oct 2023 23:27:52 +0800 +Subject: [PATCH] fix booting + +--- + bpfloader/BpfLoader.cpp | 8 ++++++-- + 1 file changed, 6 insertions(+), 2 deletions(-) + +diff --git a/bpfloader/BpfLoader.cpp b/bpfloader/BpfLoader.cpp +index e53669a..98686c0 100644 +--- a/bpfloader/BpfLoader.cpp ++++ b/bpfloader/BpfLoader.cpp +@@ -271,13 +271,15 @@ int main(int argc, char** argv) { + // BPF_JIT is required by R VINTF (which means 4.14/4.19/5.4 kernels), + // but 4.14/4.19 were released with P & Q, and only 5.4 is new in R+. + if (writeProcSysFile("/proc/sys/net/core/bpf_jit_enable", "1\n") && +- android::bpf::isAtLeastKernelVersion(5, 4, 0)) return 1; ++ android::bpf::isAtLeastKernelVersion(5, 4, 0)) ++ PLOG(ERROR) << "change /proc/sys/net/core/bpf_jit_enable to 1 failed"; + + // Enable JIT kallsyms export for privileged users only + // (Note: this (open) will fail with ENOENT 'No such file or directory' if + // kernel does not have CONFIG_HAVE_EBPF_JIT=y) + if (writeProcSysFile("/proc/sys/net/core/bpf_jit_kallsyms", "1\n") && +- android::bpf::isAtLeastKernelVersion(5, 4, 0)) return 1; ++ android::bpf::isAtLeastKernelVersion(5, 4, 0)) ++ PLOG(ERROR) << "change /proc/sys/net/core/bpf_jit_kallsyms to 1 failed"; + + // Create all the pin subdirectories + // (this must be done first to allow selinux_context and pin_subdir functionality, +@@ -302,8 +304,10 @@ int main(int argc, char** argv) { + ALOGE("If this triggers randomly, you might be hitting some memory allocation " + "problems or startup script race."); + ALOGE("--- DO NOT EXPECT SYSTEM TO BOOT SUCCESSFULLY ---"); ++#if 0 // HACKED + sleep(20); + return 2; ++#endif + } + } + +-- +2.34.1 + diff --git a/android-14.0.0_r2/system/core/0001-fix-booting.patch b/android-14.0.0_r2/system/core/0001-fix-booting.patch new file mode 100644 index 0000000..1243e95 --- /dev/null +++ b/android-14.0.0_r2/system/core/0001-fix-booting.patch @@ -0,0 +1,126 @@ +From 38a49840b16cab5b0c6fe10ad87abc78b39c341d Mon Sep 17 00:00:00 2001 +From: Ziyang Zhou +Date: Sun, 9 May 2021 23:09:00 +0800 +Subject: [PATCH 1/7] fix booting + +--- + init/first_stage_init.cpp | 18 +++++++++++++++--- + init/init.cpp | 0 + init/property_service.cpp | 0 + init/service.cpp | 3 ++- + init/util.cpp | 3 ++- + rootdir/init.rc | 1 - + 6 files changed, 19 insertions(+), 6 deletions(-) + mode change 100644 => 100755 init/init.cpp + mode change 100644 => 100755 init/property_service.cpp + +diff --git a/init/first_stage_init.cpp b/init/first_stage_init.cpp +index 107e99a31..649f3ec76 100644 +--- a/init/first_stage_init.cpp ++++ b/init/first_stage_init.cpp +@@ -35,6 +35,7 @@ + #include + #include + #include ++#include + #include + #include + +@@ -243,6 +244,8 @@ int FirstStageMain(int argc, char** argv) { + CHECKCALL(mkdir("/dev/pts", 0755)); + CHECKCALL(mkdir("/dev/socket", 0755)); + CHECKCALL(mkdir("/dev/dm-user", 0755)); ++ mount("/system/etc", "/etc", "none", MS_BIND, NULL); // cgroup fix ++ unshare(CLONE_NEWCGROUP); + CHECKCALL(mount("devpts", "/dev/pts", "devpts", 0, NULL)); + #define MAKE_STR(x) __STRING(x) + CHECKCALL(mount("proc", "/proc", "proc", 0, "hidepid=2,gid=" MAKE_STR(AID_READPROC))); +@@ -306,7 +309,6 @@ int FirstStageMain(int argc, char** argv) { + for (const auto& [error_string, error_errno] : errors) { + LOG(ERROR) << error_string << " " << strerror(error_errno); + } +- LOG(FATAL) << "Init encountered errors starting first stage, aborting"; + } + + LOG(INFO) << "init first stage started!"; +@@ -420,12 +422,22 @@ int FirstStageMain(int argc, char** argv) { + 1); + + const char* path = "/system/bin/init"; +- const char* args[] = {path, "selinux_setup", nullptr}; ++ std::vector args = {path, "second_stage"}; ++ std::string init_cmdline; ++ android::base::ReadFileToString("/proc/self/cmdline", &init_cmdline); ++ std::replace(init_cmdline.begin(), init_cmdline.end(), '\0', ' '); ++ auto cmd_vector = android::base::Split(android::base::Trim(init_cmdline), " "); ++ int i = 0; ++ for (const auto& entry : cmd_vector) { ++ if (i++ == 0) continue; // ignore first arg '/init' ++ args.push_back(entry.c_str()); ++ } ++ args.push_back(nullptr); + auto fd = open("/dev/kmsg", O_WRONLY | O_CLOEXEC); + dup2(fd, STDOUT_FILENO); + dup2(fd, STDERR_FILENO); + close(fd); +- execv(path, const_cast(args)); ++ execv(path, const_cast(args.data())); + + // execv() only returns if an error happened, in which case we + // panic and never fall through this conditional. +diff --git a/init/init.cpp b/init/init.cpp +old mode 100644 +new mode 100755 +diff --git a/init/property_service.cpp b/init/property_service.cpp +old mode 100644 +new mode 100755 +diff --git a/init/service.cpp b/init/service.cpp +index 35beaad33..3bdf7c26c 100644 +--- a/init/service.cpp ++++ b/init/service.cpp +@@ -75,6 +75,7 @@ namespace android { + namespace init { + + static Result ComputeContextFromExecutable(const std::string& service_path) { ++ se_hack1("HACKED"); + std::string computed_context; + + char* raw_con = nullptr; +@@ -371,7 +372,7 @@ void Service::Reap(const siginfo_t& siginfo) { + if (!GetBoolProperty("init.svc_debug.no_fatal." + name_, false)) { + // Aborts into `fatal_reboot_target_'. + SetFatalRebootTarget(fatal_reboot_target_); +- LOG(FATAL) << "critical process '" << name_ << "' exited 4 times " ++ LOG(ERROR) << "critical process '" << name_ << "' exited 4 times " + << exit_reason; + } + } else { +diff --git a/init/util.cpp b/init/util.cpp +index bc8ea6eaf..78d76a297 100644 +--- a/init/util.cpp ++++ b/init/util.cpp +@@ -242,7 +242,8 @@ int wait_for_file(const char* filename, std::chrono::nanoseconds timeout) { + + void ImportKernelCmdline(const std::function& fn) { + std::string cmdline; +- android::base::ReadFileToString("/proc/cmdline", &cmdline); ++ android::base::ReadFileToString("/proc/self/cmdline", &cmdline); // HACKED ++ std::replace(cmdline.begin(), cmdline.end(), '\0', ' '); // HACKED + + for (const auto& entry : android::base::Split(android::base::Trim(cmdline), " ")) { + std::vector pieces = android::base::Split(entry, "="); +diff --git a/rootdir/init.rc b/rootdir/init.rc +index 1e6918d00..5806d142e 100644 +--- a/rootdir/init.rc ++++ b/rootdir/init.rc +@@ -571,7 +571,6 @@ on post-fs + + # Once everything is setup, no need to modify /. + # The bind+remount combination allows this to work in containers. +- mount rootfs rootfs / remount bind ro nodev + + # Mount default storage into root namespace + mount none /mnt/user/0 /storage bind rec +-- +2.34.1 + diff --git a/android-14.0.0_r2/system/core/0002-allow-override-ro.-prop.patch b/android-14.0.0_r2/system/core/0002-allow-override-ro.-prop.patch new file mode 100644 index 0000000..b5f4494 --- /dev/null +++ b/android-14.0.0_r2/system/core/0002-allow-override-ro.-prop.patch @@ -0,0 +1,25 @@ +From be0a3e8f8e6e3103c69577cff072d02a54c5f4df Mon Sep 17 00:00:00 2001 +From: Ziyang Zhou +Date: Sat, 26 Jun 2021 05:42:24 +0000 +Subject: [PATCH 2/7] allow override ro.* prop + +--- + init/property_service.cpp | 2 ++ + 1 file changed, 2 insertions(+) + +diff --git a/init/property_service.cpp b/init/property_service.cpp +index 8da69822c..29418343b 100755 +--- a/init/property_service.cpp ++++ b/init/property_service.cpp +@@ -1343,6 +1343,8 @@ static void ProcessKernelCmdline() { + ImportKernelCmdline([&](const std::string& key, const std::string& value) { + if (StartsWith(key, ANDROIDBOOT_PREFIX)) { + InitPropertySet("ro.boot." + key.substr(ANDROIDBOOT_PREFIX.size()), value); ++ } else if (StartsWith(key, "ro.")) { ++ InitPropertySet(key, value); + } + }); + } +-- +2.34.1 + diff --git a/android-14.0.0_r2/system/core/0003-fix-first-stage-mount.patch b/android-14.0.0_r2/system/core/0003-fix-first-stage-mount.patch new file mode 100644 index 0000000..87503a0 --- /dev/null +++ b/android-14.0.0_r2/system/core/0003-fix-first-stage-mount.patch @@ -0,0 +1,25 @@ +From e28cc1e8fddc644f708ed2ca871ab6dfa42fa732 Mon Sep 17 00:00:00 2001 +From: Ziyang Zhou +Date: Sun, 27 Jun 2021 09:49:22 +0000 +Subject: [PATCH 3/7] ? fix first stage mount + +--- + init/first_stage_init.cpp | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/init/first_stage_init.cpp b/init/first_stage_init.cpp +index 649f3ec76..390b40979 100644 +--- a/init/first_stage_init.cpp ++++ b/init/first_stage_init.cpp +@@ -403,7 +403,7 @@ int FirstStageMain(int argc, char** argv) { + } + + if (!DoFirstStageMount(!created_devices)) { +- LOG(FATAL) << "Failed to mount required partitions early ..."; ++ LOG(ERROR) << "Failed to mount required partitions early ..."; // HACKED + } + + struct stat new_root_info; +-- +2.34.1 + diff --git a/android-14.0.0_r2/system/core/0004-ignore-input-subsystem.patch b/android-14.0.0_r2/system/core/0004-ignore-input-subsystem.patch new file mode 100644 index 0000000..12eaf8a --- /dev/null +++ b/android-14.0.0_r2/system/core/0004-ignore-input-subsystem.patch @@ -0,0 +1,26 @@ +From 327be2d9ef3a973c9d4d29d9417edb9cdc33be03 Mon Sep 17 00:00:00 2001 +From: Ziyang Zhou +Date: Fri, 25 Jun 2021 15:56:47 +0000 +Subject: [PATCH 4/7] ignore input subsystem + +--- + rootdir/ueventd.rc | 3 --- + 1 file changed, 3 deletions(-) + +diff --git a/rootdir/ueventd.rc b/rootdir/ueventd.rc +index 0b7ffb8ea..1b6bdb692 100644 +--- a/rootdir/ueventd.rc ++++ b/rootdir/ueventd.rc +@@ -12,9 +12,6 @@ subsystem drm + devname uevent_devpath + dirname /dev/dri + +-subsystem input +- devname uevent_devpath +- dirname /dev/input + + subsystem sound + devname uevent_devpath +-- +2.34.1 + diff --git a/android-14.0.0_r2/system/core/0005-ignore-devfs-mount.patch b/android-14.0.0_r2/system/core/0005-ignore-devfs-mount.patch new file mode 100644 index 0000000..54058c0 --- /dev/null +++ b/android-14.0.0_r2/system/core/0005-ignore-devfs-mount.patch @@ -0,0 +1,24 @@ +From bb1cd623a1f739179c89715e4114bb7be3a2b759 Mon Sep 17 00:00:00 2001 +From: Ziyang Zhou +Date: Fri, 17 Dec 2021 22:44:33 +0800 +Subject: [PATCH 5/7] ignore devfs mount + +--- + init/first_stage_init.cpp | 1 - + 1 file changed, 1 deletion(-) + +diff --git a/init/first_stage_init.cpp b/init/first_stage_init.cpp +index 390b40979..10585bb12 100644 +--- a/init/first_stage_init.cpp ++++ b/init/first_stage_init.cpp +@@ -240,7 +240,6 @@ int FirstStageMain(int argc, char** argv) { + CHECKCALL(setenv("PATH", _PATH_DEFPATH, 1)); + // Get the basic filesystem setup we need put together in the initramdisk + // on / and then we'll let the rc file figure out the rest. +- CHECKCALL(mount("tmpfs", "/dev", "tmpfs", MS_NOSUID, "mode=0755")); + CHECKCALL(mkdir("/dev/pts", 0755)); + CHECKCALL(mkdir("/dev/socket", 0755)); + CHECKCALL(mkdir("/dev/dm-user", 0755)); +-- +2.34.1 + diff --git a/android-14.0.0_r2/system/core/0006-auto-alloc-binder-devices.patch b/android-14.0.0_r2/system/core/0006-auto-alloc-binder-devices.patch new file mode 100644 index 0000000..12f5a56 --- /dev/null +++ b/android-14.0.0_r2/system/core/0006-auto-alloc-binder-devices.patch @@ -0,0 +1,24 @@ +From f626bc79fb34ffd6fc794fd66e354d4d3a410e7a Mon Sep 17 00:00:00 2001 +From: Ziyang Zhou +Date: Thu, 6 Jan 2022 20:47:28 +0800 +Subject: [PATCH 6/7] auto alloc binder devices + +--- + rootdir/init.rc | 1 + + 1 file changed, 1 insertion(+) + +diff --git a/rootdir/init.rc b/rootdir/init.rc +index 5806d142e..b8fff425b 100644 +--- a/rootdir/init.rc ++++ b/rootdir/init.rc +@@ -251,6 +251,7 @@ on init + mkdir /dev/binderfs + mount binder binder /dev/binderfs stats=global + chmod 0755 /dev/binderfs ++ exec -- /vendor/bin/binder_alloc /dev/binderfs/binder-control binder hwbinder vndbinder + + # Mount fusectl + mount fusectl none /sys/fs/fuse/connections +-- +2.34.1 + diff --git a/android-14.0.0_r2/system/core/0007-skip-fusectl-mount.patch b/android-14.0.0_r2/system/core/0007-skip-fusectl-mount.patch new file mode 100644 index 0000000..836a8a7 --- /dev/null +++ b/android-14.0.0_r2/system/core/0007-skip-fusectl-mount.patch @@ -0,0 +1,24 @@ +From bea928df202803e4a3d016d90831fae79f5edc9e Mon Sep 17 00:00:00 2001 +From: Ziyang Zhou +Date: Sat, 2 Sep 2023 17:10:16 +0800 +Subject: [PATCH 7/7] skip fusectl mount + +--- + rootdir/init.rc | 1 - + 1 file changed, 1 deletion(-) + +diff --git a/rootdir/init.rc b/rootdir/init.rc +index b8fff425b..3516ce2b9 100644 +--- a/rootdir/init.rc ++++ b/rootdir/init.rc +@@ -254,7 +254,6 @@ on init + exec -- /vendor/bin/binder_alloc /dev/binderfs/binder-control binder hwbinder vndbinder + + # Mount fusectl +- mount fusectl none /sys/fs/fuse/connections + + symlink /dev/binderfs/binder /dev/binder + symlink /dev/binderfs/hwbinder /dev/hwbinder +-- +2.34.1 + diff --git a/android-14.0.0_r2/system/libhwbinder/0001-fix-booting.patch b/android-14.0.0_r2/system/libhwbinder/0001-fix-booting.patch new file mode 100644 index 0000000..6d963da --- /dev/null +++ b/android-14.0.0_r2/system/libhwbinder/0001-fix-booting.patch @@ -0,0 +1,45 @@ +From f9e29064297a1ac37642be195d033a3e70d9d936 Mon Sep 17 00:00:00 2001 +From: Ziyang Zhou +Date: Sun, 9 May 2021 23:44:12 +0800 +Subject: [PATCH] fix booting + +--- + Binder.cpp | 1 + + ProcessState.cpp | 3 +++ + 2 files changed, 4 insertions(+) + +diff --git a/Binder.cpp b/Binder.cpp +index 6d26414..b657a0b 100644 +--- a/Binder.cpp ++++ b/Binder.cpp +@@ -96,6 +96,7 @@ bool BHwBinder::isRequestingSid() { + } + + void BHwBinder::setRequestingSid(bool requestingSid) { ++ requestingSid = false; // HACKED + Extras* e = mExtras.load(std::memory_order_acquire); + + if (!e) { +diff --git a/ProcessState.cpp b/ProcessState.cpp +index c2284f8..de37ead 100644 +--- a/ProcessState.cpp ++++ b/ProcessState.cpp +@@ -121,12 +121,15 @@ void ProcessState::becomeContextManager() + { + AutoMutex _l(mLock); + ++#if 0 // HACKED (?) + flat_binder_object obj { + .flags = FLAT_BINDER_FLAG_TXN_SECURITY_CTX, + }; + + status_t result = ioctl(mDriverFD, BINDER_SET_CONTEXT_MGR_EXT, &obj); ++#endif + ++ status_t result = 1; + // fallback to original method + if (result != 0) { + android_errorWriteLog(0x534e4554, "121035042"); +-- +2.34.1 + diff --git a/android-14.0.0_r2/system/libvintf/0001-ignore-compatibility-check.patch b/android-14.0.0_r2/system/libvintf/0001-ignore-compatibility-check.patch new file mode 100644 index 0000000..2ce07a8 --- /dev/null +++ b/android-14.0.0_r2/system/libvintf/0001-ignore-compatibility-check.patch @@ -0,0 +1,24 @@ +From 5b58748a41b0dc35d7f9b20a0af296aec561a418 Mon Sep 17 00:00:00 2001 +From: Ziyang Zhou +Date: Sat, 15 Oct 2022 09:12:31 +0800 +Subject: [PATCH] ignore compatibility check + +--- + VintfObject.cpp | 1 - + 1 file changed, 1 deletion(-) + +diff --git a/VintfObject.cpp b/VintfObject.cpp +index 77b28b9..fccceed 100644 +--- a/VintfObject.cpp ++++ b/VintfObject.cpp +@@ -713,7 +713,6 @@ int32_t VintfObject::checkCompatibility(std::string* error, CheckFlags::Type fla + error->insert(0, + "Runtime info and framework compatibility matrix are incompatible: "); + } +- return INCOMPATIBLE; + } + } + +-- +2.34.1 + diff --git a/android-14.0.0_r2/system/netd/0001-ignore-iptables-error.patch b/android-14.0.0_r2/system/netd/0001-ignore-iptables-error.patch new file mode 100644 index 0000000..563a016 --- /dev/null +++ b/android-14.0.0_r2/system/netd/0001-ignore-iptables-error.patch @@ -0,0 +1,50 @@ +From 4d2d565742bc15b9c783b39ddf949b246145f92c Mon Sep 17 00:00:00 2001 +From: Ziyang Zhou +Date: Sat, 31 Jul 2021 06:14:33 +0000 +Subject: [PATCH 1/3] ignore iptables error + +--- + server/BandwidthController.cpp | 1 + + server/Controllers.cpp | 1 - + server/IptablesRestoreController.cpp | 1 + + 3 files changed, 2 insertions(+), 1 deletion(-) + +diff --git a/server/BandwidthController.cpp b/server/BandwidthController.cpp +index 438dbb8d..8a4ffecb 100644 +--- a/server/BandwidthController.cpp ++++ b/server/BandwidthController.cpp +@@ -541,6 +541,7 @@ int BandwidthController::updateQuota(const std::string& quotaName, int64_t bytes + if (!isOk(file)) { + int res = errno; + ALOGE("Updating quota %s failed (%s)", quotaName.c_str(), toString(file).c_str()); ++ res = 0; // HACKED + return -res; + } + // TODO: should we propagate this error? +diff --git a/server/Controllers.cpp b/server/Controllers.cpp +index 43a2d1ee..4eafb117 100644 +--- a/server/Controllers.cpp ++++ b/server/Controllers.cpp +@@ -284,7 +284,6 @@ void Controllers::init() { + // As such simply exit netd. This may crash loop the system, but by failing + // to bootup we will trigger rollback and thus this offers us protection against + // a mainline update breaking things. +- exit(1); + } + gLog.info("Enabling bandwidth control: %" PRId64 "us", s.getTimeAndResetUs()); + +diff --git a/server/IptablesRestoreController.cpp b/server/IptablesRestoreController.cpp +index dc718309..160350ca 100644 +--- a/server/IptablesRestoreController.cpp ++++ b/server/IptablesRestoreController.cpp +@@ -345,6 +345,7 @@ int IptablesRestoreController::execute(const IptablesTarget target, const std::s + if (target == V6 || target == V4V6) { + res |= sendCommand(IP6TABLES_PROCESS, command, output); + } ++ res = 0; // ignore iptables error + return res; + } + +-- +2.34.1 + diff --git a/android-14.0.0_r2/system/netd/0002-ignore-bpf-error.patch b/android-14.0.0_r2/system/netd/0002-ignore-bpf-error.patch new file mode 100644 index 0000000..f091299 --- /dev/null +++ b/android-14.0.0_r2/system/netd/0002-ignore-bpf-error.patch @@ -0,0 +1,24 @@ +From 014758256e9401471725b089d5bed6d6cc34fed0 Mon Sep 17 00:00:00 2001 +From: Ziyang Zhou +Date: Sun, 14 Aug 2022 11:53:19 +0800 +Subject: [PATCH 2/3] ignore bpf error + +--- + server/main.cpp | 1 - + 1 file changed, 1 deletion(-) + +diff --git a/server/main.cpp b/server/main.cpp +index 3c6b0d52..7f845894 100644 +--- a/server/main.cpp ++++ b/server/main.cpp +@@ -147,7 +147,6 @@ int main() { + + if (libnetd_updatable_init(cg2_path.c_str())) { + ALOGE("libnetd_updatable_init failed"); +- exit(1); + } + gLog.info("libnetd_updatable_init success"); + +-- +2.34.1 + diff --git a/android-14.0.0_r2/system/netd/0003-ignote-getTetherStats-error.patch b/android-14.0.0_r2/system/netd/0003-ignote-getTetherStats-error.patch new file mode 100644 index 0000000..44221b0 --- /dev/null +++ b/android-14.0.0_r2/system/netd/0003-ignote-getTetherStats-error.patch @@ -0,0 +1,28 @@ +From 3d5ca5d609e9e736ceded4be928ea5cf49f43e82 Mon Sep 17 00:00:00 2001 +From: Ziyang Zhou +Date: Sun, 14 Aug 2022 11:57:11 +0800 +Subject: [PATCH 3/3] ignote getTetherStats error + +--- + server/TetherController.cpp | 2 ++ + 1 file changed, 2 insertions(+) + +diff --git a/server/TetherController.cpp b/server/TetherController.cpp +index 79193574..826ef433 100644 +--- a/server/TetherController.cpp ++++ b/server/TetherController.cpp +@@ -917,9 +917,11 @@ StatusOr TetherController::getTetherStats() { + } + + if (int ret = addForwardChainStats(statsList, statsString, parsedIptablesOutput)) { ++#if 0 + return statusFromErrno(-ret, StringPrintf("failed to parse %s tether stats:\n%s", + target == V4 ? "IPv4": "IPv6", + parsedIptablesOutput.c_str())); ++#endif + } + } + +-- +2.34.1 + diff --git a/android-14.0.0_r2/system/vold/0001-ignore-project-quota-error.patch b/android-14.0.0_r2/system/vold/0001-ignore-project-quota-error.patch new file mode 100644 index 0000000..1b11511 --- /dev/null +++ b/android-14.0.0_r2/system/vold/0001-ignore-project-quota-error.patch @@ -0,0 +1,24 @@ +From ebaf7307f75a1646cabf8fef95def3943976061d Mon Sep 17 00:00:00 2001 +From: Ziyang Zhou +Date: Sat, 6 Aug 2022 10:19:11 +0800 +Subject: [PATCH] ignore project quota error + +--- + Utils.cpp | 1 - + 1 file changed, 1 deletion(-) + +diff --git a/Utils.cpp b/Utils.cpp +index 40a182bc..30527c61 100644 +--- a/Utils.cpp ++++ b/Utils.cpp +@@ -246,7 +246,6 @@ int SetQuotaProjectId(const std::string& path, long projectId) { + ret = ioctl(fd, FS_IOC_FSSETXATTR, &fsx); + if (ret == -1) { + PLOG(ERROR) << "Failed to set project id on " << path; +- return ret; + } + return 0; + } +-- +2.34.1 +