Android/redroid-patches
2
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

android-9.0.0_r61 patches

Browse Source
This commit is contained in:
Ziyang Zhou
2023-10-05 22:39:22 +08:00
parent 629a8db239
commit da422ab6de
16 changed files with 3362 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

32
android-9.0.0_r61/external/minijail/0001-disable-seccomp.patch vendored Normal file
View File

@@ -0,0 +1,32 @@
From 0323a592bebe3d5dfb42cc4f1ac4e36075faa8f4 Mon Sep 17 00:00:00 2001
From: Ziyang Zhou <ziyang.zhou@outlook.com>
Date: Mon, 26 Apr 2021 22:55:03 +0800
Subject: [PATCH] disable seccomp
---
libminijail.c | 2 ++
1 file changed, 2 insertions(+)
diff --git a/libminijail.c b/libminijail.c
index f9fb0e9..cb5c482 100644
--- a/libminijail.c
+++ b/libminijail.c
@@ -1830,6 +1830,7 @@ static void set_seccomp_filter(const struct minijail *j)
/*
* Install the syscall filter.
*/
+#if 0 // HACKED
if (j->flags.seccomp_filter) {
if (j->flags.seccomp_filter_tsync) {
if (sys_seccomp(SECCOMP_SET_MODE_FILTER,
@@ -1844,6 +1845,7 @@ static void set_seccomp_filter(const struct minijail *j)
}
}
}
+#endif
}
static pid_t forward_pid = -1;
--
2.34.1

192
android-9.0.0_r61/external/selinux/0001-ignore-selinux.patch vendored Normal file
View File

@@ -0,0 +1,192 @@
From 673fb05c5508643173705d87b129fc6ff406f1cf Mon Sep 17 00:00:00 2001
From: Ziyang Zhou <ziyang.zhou@outlook.com>
Date: Sun, 9 May 2021 23:12:46 +0800
Subject: [PATCH] ignore selinux
---
libselinux/include/selinux/selinux.h | 4 ++++
libselinux/src/android/android_platform.c | 6 ++++++
libselinux/src/checkAccess.c | 1 +
libselinux/src/getenforce.c | 1 +
libselinux/src/getpeercon.c | 1 +
libselinux/src/init.c | 1 +
libselinux/src/label.c | 1 +
libselinux/src/lgetfilecon.c | 1 +
libselinux/src/lsetfilecon.c | 1 +
libselinux/src/procattr.c | 2 ++
10 files changed, 19 insertions(+)
diff --git a/libselinux/include/selinux/selinux.h b/libselinux/include/selinux/selinux.h
index 01201ee..86db829 100644
--- a/libselinux/include/selinux/selinux.h
+++ b/libselinux/include/selinux/selinux.h
@@ -4,6 +4,10 @@
#include <sys/types.h>
#include <stdarg.h>
+#define SE_HACK
+#define se_hack() if (1) return
+#define se_hack1(p) if (1) return p
+
#ifdef __cplusplus
extern "C" {
#endif
diff --git a/libselinux/src/android/android_platform.c b/libselinux/src/android/android_platform.c
index 69566eb..cd6989c 100644
--- a/libselinux/src/android/android_platform.c
+++ b/libselinux/src/android/android_platform.c
@@ -158,6 +158,7 @@ static struct selabel_handle* selinux_android_file_context(const struct selinux_
struct selabel_handle* selinux_android_file_context_handle(void)
{
+ se_hack1(NULL);
struct selinux_opt seopts_file[MAX_FILE_CONTEXT_SIZE];
int size = 0;
unsigned int i;
@@ -184,6 +185,7 @@ struct selabel_handle* selinux_android_file_context_handle(void)
struct selabel_handle* selinux_android_prop_context_handle(void)
{
+ se_hack1(NULL);
struct selabel_handle* sehandle;
struct selinux_opt seopts_prop[MAX_FILE_CONTEXT_SIZE];
int size = 0;
@@ -1098,6 +1100,7 @@ oom:
int selinux_android_setcon(const char *con)
{
+ se_hack1(0);
int ret = setcon(con);
if (ret)
return ret;
@@ -1114,6 +1117,7 @@ int selinux_android_setcontext(uid_t uid,
const char *seinfo,
const char *pkgname)
{
+ se_hack1(0);
char *orig_ctx_str = NULL, *ctx_str;
context_t ctx = NULL;
int rc = -1;
@@ -1452,6 +1456,7 @@ static int selinux_android_restorecon_common(const char* pathname_orig,
uid_t uid,
unsigned int flags)
{
+ se_hack1(0);
bool nochange = (flags & SELINUX_ANDROID_RESTORECON_NOCHANGE) ? true : false;
bool verbose = (flags & SELINUX_ANDROID_RESTORECON_VERBOSE) ? true : false;
bool recurse = (flags & SELINUX_ANDROID_RESTORECON_RECURSE) ? true : false;
@@ -1665,6 +1670,7 @@ void selinux_android_set_sehandle(const struct selabel_handle *hndl)
int selinux_android_load_policy()
{
+ se_hack1(0);
int fd = -1;
fd = open(sepolicy_file, O_RDONLY | O_NOFOLLOW | O_CLOEXEC);
diff --git a/libselinux/src/checkAccess.c b/libselinux/src/checkAccess.c
index 8de5747..e1048d8 100644
--- a/libselinux/src/checkAccess.c
+++ b/libselinux/src/checkAccess.c
@@ -33,6 +33,7 @@ static void avc_init_once(void)
}
int selinux_check_access(const char *scon, const char *tcon, const char *class, const char *perm, void *aux) {
+ se_hack1(0);
int rc;
security_id_t scon_id;
security_id_t tcon_id;
diff --git a/libselinux/src/getenforce.c b/libselinux/src/getenforce.c
index d909dce..fb782b7 100644
--- a/libselinux/src/getenforce.c
+++ b/libselinux/src/getenforce.c
@@ -11,6 +11,7 @@
int security_getenforce(void)
{
+ se_hack1(0);
int fd, ret, enforce = 0;
char path[PATH_MAX];
char buf[20];
diff --git a/libselinux/src/getpeercon.c b/libselinux/src/getpeercon.c
index 3a77a2d..f8dab8e 100644
--- a/libselinux/src/getpeercon.c
+++ b/libselinux/src/getpeercon.c
@@ -47,6 +47,7 @@ hidden_def(getpeercon_raw)
int getpeercon(int fd, char ** context)
{
+ se_hack1((*context = calloc(7, 1), memcpy(*context, "HACKED", 6), 0));
int ret;
char * rcontext;
diff --git a/libselinux/src/init.c b/libselinux/src/init.c
index 2690a72..24a212d 100644
--- a/libselinux/src/init.c
+++ b/libselinux/src/init.c
@@ -142,6 +142,7 @@ hidden_def(fini_selinuxmnt)
void set_selinuxmnt(const char *mnt)
{
+ se_hack();
selinux_mnt = strdup(mnt);
}
diff --git a/libselinux/src/label.c b/libselinux/src/label.c
index c051e9f..b526316 100644
--- a/libselinux/src/label.c
+++ b/libselinux/src/label.c
@@ -285,6 +285,7 @@ bool selabel_partial_match(struct selabel_handle *rec, const char *key)
int selabel_lookup_best_match(struct selabel_handle *rec, char **con,
const char *key, const char **aliases, int type)
{
+ se_hack1((*con = calloc(7, 1), memcpy(*con, "HACKED", 6), 0));
struct selabel_lookup_rec *lr;
if (!rec->func_lookup_best_match) {
diff --git a/libselinux/src/lgetfilecon.c b/libselinux/src/lgetfilecon.c
index db67bc6..7123480 100644
--- a/libselinux/src/lgetfilecon.c
+++ b/libselinux/src/lgetfilecon.c
@@ -53,6 +53,7 @@ hidden_def(lgetfilecon_raw)
int lgetfilecon(const char *path, char ** context)
{
+ se_hack1((*context = calloc(7, 1), memcpy(*context, "HACKED", 6), 0));
int ret;
char * rcontext = NULL;
diff --git a/libselinux/src/lsetfilecon.c b/libselinux/src/lsetfilecon.c
index 1d3b28a..7062703 100644
--- a/libselinux/src/lsetfilecon.c
+++ b/libselinux/src/lsetfilecon.c
@@ -29,6 +29,7 @@ hidden_def(lsetfilecon_raw)
int lsetfilecon(const char *path, const char *context)
{
+ se_hack1(0);
int ret;
char * rcontext;
diff --git a/libselinux/src/procattr.c b/libselinux/src/procattr.c
index 48dd8af..ab516e2 100644
--- a/libselinux/src/procattr.c
+++ b/libselinux/src/procattr.c
@@ -184,6 +184,7 @@ static int getprocattrcon_raw(char ** context,
static int getprocattrcon(char ** context,
pid_t pid, const char *attr)
{
+ se_hack1((*context = calloc(7, 1), memcpy(*context, "HACKED", 6), 0));
int ret;
char * rcontext;
@@ -269,6 +270,7 @@ out:
static int setprocattrcon(const char * context,
pid_t pid, const char *attr)
{
+ se_hack1(0);
int ret;
char * rcontext;
--
2.34.1

42
android-9.0.0_r61/frameworks/av/0001-video-playback-workaround.patch Normal file
View File

@@ -0,0 +1,42 @@
From 92a5b646a5ef14f0b7dd2c10e7441ac3ba449519 Mon Sep 17 00:00:00 2001
From: Ziyang Zhou <ziyang.zhou@outlook.com>
Date: Mon, 26 Apr 2021 23:01:03 +0800
Subject: [PATCH] video playback workaround
---
media/libstagefright/colorconversion/SoftwareRenderer.cpp | 4 ++++
1 file changed, 4 insertions(+)
diff --git a/media/libstagefright/colorconversion/SoftwareRenderer.cpp b/media/libstagefright/colorconversion/SoftwareRenderer.cpp
index 657a05b420..f08454e217 100644
--- a/media/libstagefright/colorconversion/SoftwareRenderer.cpp
+++ b/media/libstagefright/colorconversion/SoftwareRenderer.cpp
@@ -122,6 +122,7 @@ void SoftwareRenderer::resetFormatIfChanged(
// hardware has YUV12 and RGBA8888 support, so convert known formats
{
switch (mColorFormat) {
+#if 0 // HACKED
case OMX_COLOR_FormatYUV420Planar:
case OMX_COLOR_FormatYUV420SemiPlanar:
case OMX_TI_COLOR_FormatYUV420PackedSemiPlanar:
@@ -131,6 +132,7 @@ void SoftwareRenderer::resetFormatIfChanged(
bufHeight = (mCropHeight + 1) & ~1;
break;
}
+#endif
case OMX_COLOR_Format24bitRGB888:
{
halFormat = HAL_PIXEL_FORMAT_RGB_888;
@@ -156,7 +158,9 @@ void SoftwareRenderer::resetFormatIfChanged(
// use render engine to convert it to RGB if needed.
halFormat = HAL_PIXEL_FORMAT_RGBA_1010102;
} else {
+#if 0 // HACKED
halFormat = HAL_PIXEL_FORMAT_YV12;
+#endif
}
bufWidth = (mCropWidth + 1) & ~1;
bufHeight = (mCropHeight + 1) & ~1;
--
2.34.1

46
android-9.0.0_r61/frameworks/base/0001-fix-booting.patch Normal file
View File

@@ -0,0 +1,46 @@
From c651d427ac02015e992cd30e41b0a5705c513b3a Mon Sep 17 00:00:00 2001
From: Ziyang Zhou <ziyang.zhou@outlook.com>
Date: Sun, 9 May 2021 22:04:12 +0800
Subject: [PATCH 1/2] fix booting
---
core/jni/android_os_VintfObject.cpp | 1 +
.../com/android/server/net/NetworkPolicyManagerService.java | 3 ++-
2 files changed, 3 insertions(+), 1 deletion(-)
diff --git a/core/jni/android_os_VintfObject.cpp b/core/jni/android_os_VintfObject.cpp
index e8ef349f..58e13292 100644
--- a/core/jni/android_os_VintfObject.cpp
+++ b/core/jni/android_os_VintfObject.cpp
@@ -97,6 +97,7 @@ static jobjectArray android_os_VintfObject_report(JNIEnv* env, jclass)
}
static jint verify(JNIEnv* env, jobjectArray packageInfo, android::vintf::DisabledChecks checks) {
+ if (env) return 0; // HACKED NO sepolicy
std::vector<std::string> cPackageInfo;
if (packageInfo) {
size_t count = env->GetArrayLength(packageInfo);
diff --git a/services/core/java/com/android/server/net/NetworkPolicyManagerService.java b/services/core/java/com/android/server/net/NetworkPolicyManagerService.java
index ab482bb2..ae3012d6 100644
--- a/services/core/java/com/android/server/net/NetworkPolicyManagerService.java
+++ b/services/core/java/com/android/server/net/NetworkPolicyManagerService.java
@@ -712,6 +712,7 @@ public class NetworkPolicyManagerService extends INetworkPolicyManager.Stub {
Process.setThreadPriority(Process.THREAD_PRIORITY_FOREGROUND);
if (!isBandwidthControlEnabled()) {
Slog.w(TAG, "bandwidth controls disabled, unable to enforce policy");
+ initCompleteSignal.countDown(); // HACKED
return;
}
@@ -3856,7 +3857,7 @@ public class NetworkPolicyManagerService extends INetworkPolicyManager.Stub {
if (packages != null) {
for (String packageName : packages) {
- if (!mUsageStats.isAppIdle(packageName, uid, userId)) {
+ if (mUsageStats != null && !mUsageStats.isAppIdle(packageName, uid, userId)) {
return false;
}
}
--
2.34.1

37
android-9.0.0_r61/frameworks/base/0002-fix-networking.patch Normal file
View File

@@ -0,0 +1,37 @@
From eabc5f138894eec1234e336ff5ba9d51618d4d71 Mon Sep 17 00:00:00 2001
From: Ziyang Zhou <ziyang.zhou@outlook.com>
Date: Sun, 9 May 2021 22:29:50 +0800
Subject: [PATCH 2/2] fix networking
---
core/java/android/net/ConnectivityManager.java | 1 +
.../java/com/android/server/connectivity/NetworkMonitor.java | 1 +
2 files changed, 2 insertions(+)
diff --git a/core/java/android/net/ConnectivityManager.java b/core/java/android/net/ConnectivityManager.java
index c5cb1f5b..df564509 100644
--- a/core/java/android/net/ConnectivityManager.java
+++ b/core/java/android/net/ConnectivityManager.java
@@ -1044,6 +1044,7 @@ public class ConnectivityManager {
@RequiresPermission(android.Manifest.permission.ACCESS_NETWORK_STATE)
public NetworkInfo getNetworkInfo(int networkType) {
try {
+ if (networkType == ConnectivityManager.TYPE_WIFI) networkType = ConnectivityManager.TYPE_ETHERNET;
return mService.getNetworkInfo(networkType);
} catch (RemoteException e) {
throw e.rethrowFromSystemServer();
diff --git a/services/core/java/com/android/server/connectivity/NetworkMonitor.java b/services/core/java/com/android/server/connectivity/NetworkMonitor.java
index 208fb105..3c478f95 100644
--- a/services/core/java/com/android/server/connectivity/NetworkMonitor.java
+++ b/services/core/java/com/android/server/connectivity/NetworkMonitor.java
@@ -1083,6 +1083,7 @@ public class NetworkMonitor extends StateMachine {
@VisibleForTesting
protected CaptivePortalProbeResult sendHttpProbe(URL url, int probeType,
@Nullable CaptivePortalProbeSpec probeSpec) {
+ if (url != null) return new CaptivePortalProbeResult(CaptivePortalProbeResult.SUCCESS_CODE);
HttpURLConnection urlConnection = null;
int httpResponseCode = CaptivePortalProbeResult.FAILED_CODE;
String redirectUrl = null;
--
2.34.1

43
android-9.0.0_r61/frameworks/native/0001-choose-GLES-driver-by-ro.hardware.egl.patch Normal file
View File

@@ -0,0 +1,43 @@
From 12e1b51851b30afe4588b0e71846e6bfeaded223 Mon Sep 17 00:00:00 2001
From: Ziyang Zhou <ziyang.zhou@outlook.com>
Date: Sun, 9 May 2021 23:19:00 +0800
Subject: [PATCH] choose GLES driver by `ro.hardware.egl`
---
opengl/libs/EGL/Loader.cpp | 13 +++++--------
1 file changed, 5 insertions(+), 8 deletions(-)
diff --git a/opengl/libs/EGL/Loader.cpp b/opengl/libs/EGL/Loader.cpp
index 91a3455..c50494f 100644
--- a/opengl/libs/EGL/Loader.cpp
+++ b/opengl/libs/EGL/Loader.cpp
@@ -338,14 +338,6 @@ static void* load_system_driver(const char* kind) {
result = std::string("/vendor/lib64/egl/lib") + kind + "_emulation.so";
#else
result = std::string("/vendor/lib/egl/lib") + kind + "_emulation.so";
-#endif
- return result;
- case 2:
- // Use guest side swiftshader library
-#if defined(__LP64__)
- result = std::string("/vendor/lib64/egl/lib") + kind + "_swiftshader.so";
-#else
- result = std::string("/vendor/lib/egl/lib") + kind + "_swiftshader.so";
#endif
return result;
default:
@@ -382,6 +374,11 @@ static void* load_system_driver(const char* kind) {
// libEGL_*.so, libGLESv1_CM_*.so, libGLESv2_*.so
pattern.append("_");
+ {
+ char prop[PROPERTY_VALUE_MAX];
+ property_get("ro.hardware.egl", prop, "swiftshader");
+ pattern.append(prop);
+ }
for (size_t i=0 ; i<NELEM(searchPaths) ; i++) {
if (find(result, pattern, searchPaths[i], false)) {
return result;
--
2.34.1

175
android-9.0.0_r61/system/core/0001-fix-booting.patch Normal file
View File

@@ -0,0 +1,175 @@
From a9deda7d1726bf5e39e56bbe268744042f7e1562 Mon Sep 17 00:00:00 2001
From: Ziyang Zhou <ziyang.zhou@outlook.com>
Date: Sun, 9 May 2021 23:27:12 +0800
Subject: [PATCH 1/7] fix booting
---
init/init.cpp | 13 +++++++++++--
init/log.cpp | 2 ++
init/property_service.cpp | 0
init/selinux.cpp | 2 ++
init/service.cpp | 3 ++-
init/util.cpp | 3 ++-
rootdir/init.rc | 21 ++++++++++-----------
7 files changed, 29 insertions(+), 15 deletions(-)
mode change 100644 => 100755 init/init.cpp
mode change 100644 => 100755 init/property_service.cpp
diff --git a/init/init.cpp b/init/init.cpp
old mode 100644
new mode 100755
index 4fe115e92..bf57f50c9
--- a/init/init.cpp
+++ b/init/init.cpp
@@ -576,6 +576,7 @@ int main(int argc, char** argv) {
mount("tmpfs", "/dev", "tmpfs", MS_NOSUID, "mode=0755");
mkdir("/dev/pts", 0755);
mkdir("/dev/socket", 0755);
+ unshare(CLONE_NEWCGROUP); // HACKED
mount("devpts", "/dev/pts", "devpts", 0, NULL);
#define MAKE_STR(x) __STRING(x)
mount("proc", "/proc", "proc", 0, "hidepid=2,gid=" MAKE_STR(AID_READPROC));
@@ -635,8 +636,16 @@ int main(int argc, char** argv) {
setenv("INIT_STARTED_AT", std::to_string(start_ms).c_str(), 1);
char* path = argv[0];
- char* args[] = { path, nullptr };
- execv(path, args);
+ std::vector<const char *> args = {};
+ std::string cmdline;
+ android::base::ReadFileToString("/proc/self/cmdline", &cmdline);
+ std::replace(cmdline.begin(), cmdline.end(), '\0', ' ');
+ auto cmd_vector = android::base::Split(android::base::Trim(cmdline), " ");
+ for (const auto& entry : cmd_vector) {
+ args.push_back(entry.c_str());
+ }
+ args.push_back(nullptr);
+ execv(path, const_cast<char**>(args.data()));
// execv() only returns if an error happened, in which case we
// panic and never fall through this conditional.
diff --git a/init/log.cpp b/init/log.cpp
index 6198fc25f..eaef5d3d8 100644
--- a/init/log.cpp
+++ b/init/log.cpp
@@ -53,6 +53,7 @@ static void InitAborter(const char* abort_message) {
}
void InitKernelLogging(char* argv[]) {
+#if 0 // HACKED
// Make stdin/stdout/stderr all point to /dev/null.
int fd = open("/sys/fs/selinux/null", O_RDWR);
if (fd == -1) {
@@ -66,6 +67,7 @@ void InitKernelLogging(char* argv[]) {
dup2(fd, 2);
if (fd > 2) close(fd);
+#endif
android::base::InitLogging(argv, &android::base::KernelLogger, InitAborter);
}
diff --git a/init/property_service.cpp b/init/property_service.cpp
old mode 100644
new mode 100755
diff --git a/init/selinux.cpp b/init/selinux.cpp
index 0ba5c4ae3..eb9ace2da 100644
--- a/init/selinux.cpp
+++ b/init/selinux.cpp
@@ -382,6 +382,8 @@ bool LoadPolicy() {
} // namespace
void SelinuxInitialize() {
+ setenv("INIT_SELINUX_TOOK", "0", 1);
+ se_hack();
Timer t;
LOG(INFO) << "Loading SELinux policy";
diff --git a/init/service.cpp b/init/service.cpp
index 37d3a8807..ffbd5a5a0 100644
--- a/init/service.cpp
+++ b/init/service.cpp
@@ -67,6 +67,7 @@ namespace android {
namespace init {
static Result<std::string> ComputeContextFromExecutable(const std::string& service_path) {
+ se_hack1("HACKED");
std::string computed_context;
char* raw_con = nullptr;
@@ -369,7 +370,7 @@ void Service::Reap(const siginfo_t& siginfo) {
if ((flags_ & SVC_CRITICAL) && !(flags_ & SVC_RESTART)) {
if (now < time_crashed_ + 4min) {
if (++crash_count_ > 4) {
- LOG(FATAL) << "critical process '" << name_ << "' exited 4 times in 4 minutes";
+ LOG(ERROR) << "critical process '" << name_ << "' exited 4 times in 4 minutes";
}
} else {
time_crashed_ = now;
diff --git a/init/util.cpp b/init/util.cpp
index 4455b2eb1..5d83fc5a6 100644
--- a/init/util.cpp
+++ b/init/util.cpp
@@ -245,7 +245,8 @@ int wait_for_file(const char* filename, std::chrono::nanoseconds timeout) {
void import_kernel_cmdline(bool in_qemu,
const std::function<void(const std::string&, const std::string&, bool)>& fn) {
std::string cmdline;
- android::base::ReadFileToString("/proc/cmdline", &cmdline);
+ android::base::ReadFileToString("/proc/self/cmdline", &cmdline); // HACKED
+ std::replace(cmdline.begin(), cmdline.end(), '\0', ' '); // HACKED
for (const auto& entry : android::base::Split(android::base::Trim(cmdline), " ")) {
std::vector<std::string> pieces = android::base::Split(entry, "=");
diff --git a/rootdir/init.rc b/rootdir/init.rc
index b9464e7fd..aee250bdd 100644
--- a/rootdir/init.rc
+++ b/rootdir/init.rc
@@ -163,28 +163,28 @@ on init
# this ensures that the cpusets are present and usable, but the device's
# init.rc must actually set the correct cpus
mkdir /dev/cpuset/foreground
- copy /dev/cpuset/cpus /dev/cpuset/foreground/cpus
- copy /dev/cpuset/mems /dev/cpuset/foreground/mems
+ copy /dev/cpuset/cpuset.cpus /dev/cpuset/foreground/cpuset.cpus
+ copy /dev/cpuset/cpuset.mems /dev/cpuset/foreground/cpuset.mems
mkdir /dev/cpuset/background
- copy /dev/cpuset/cpus /dev/cpuset/background/cpus
- copy /dev/cpuset/mems /dev/cpuset/background/mems
+ copy /dev/cpuset/cpuset.cpus /dev/cpuset/background/cpuset.cpus
+ copy /dev/cpuset/cpuset.mems /dev/cpuset/background/cpuset.mems
# system-background is for system tasks that should only run on
# little cores, not on bigs
# to be used only by init, so don't change system-bg permissions
mkdir /dev/cpuset/system-background
- copy /dev/cpuset/cpus /dev/cpuset/system-background/cpus
- copy /dev/cpuset/mems /dev/cpuset/system-background/mems
+ copy /dev/cpuset/cpuset.cpus /dev/cpuset/system-background/cpuset.cpus
+ copy /dev/cpuset/cpuset.mems /dev/cpuset/system-background/cpuset.mems
# restricted is for system tasks that are being throttled
# due to screen off.
mkdir /dev/cpuset/restricted
- copy /dev/cpuset/cpus /dev/cpuset/restricted/cpus
- copy /dev/cpuset/mems /dev/cpuset/restricted/mems
+ copy /dev/cpuset/cpuset.cpus /dev/cpuset/restricted/cpuset.cpus
+ copy /dev/cpuset/cpuset.mems /dev/cpuset/restricted/cpuset.mems
mkdir /dev/cpuset/top-app
- copy /dev/cpuset/cpus /dev/cpuset/top-app/cpus
- copy /dev/cpuset/mems /dev/cpuset/top-app/mems
+ copy /dev/cpuset/cpuset.cpus /dev/cpuset/top-app/cpuset.cpus
+ copy /dev/cpuset/cpuset.mems /dev/cpuset/top-app/cpuset.mems
# change permissions for all cpusets we'll touch at runtime
chown system system /dev/cpuset
@@ -323,7 +323,6 @@ on post-fs
# Once everything is setup, no need to modify /.
# The bind+ro combination avoids modifying any other mount flags.
- mount rootfs rootfs / remount bind ro
# Mount shared so changes propagate into child namespaces
mount rootfs rootfs / shared rec
# Mount default storage into root namespace
--
2.34.1

2267
android-9.0.0_r61/system/core/0002-bring-back-fuse.patch Normal file
View File

File diff suppressed because it is too large Load Diff

25
android-9.0.0_r61/system/core/0003-allow-override-ro.-prop.patch Normal file
View File

@@ -0,0 +1,25 @@
From e83538ff2dff5a9af1cd16a76a1a9efb38e7fcd8 Mon Sep 17 00:00:00 2001
From: Ziyang Zhou <ziyang.zhou@outlook.com>
Date: Sun, 9 May 2021 23:29:12 +0800
Subject: [PATCH 3/7] allow override ro.* prop
---
init/init.cpp | 2 ++
1 file changed, 2 insertions(+)
diff --git a/init/init.cpp b/init/init.cpp
index bf57f50c9..ccba25f8a 100755
--- a/init/init.cpp
+++ b/init/init.cpp
@@ -356,6 +356,8 @@ static void import_kernel_nv(const std::string& key, const std::string& value, b
strlcpy(qemu, value.c_str(), sizeof(qemu));
} else if (android::base::StartsWith(key, "androidboot.")) {
property_set("ro.boot." + key.substr(12), value);
+ } else if (android::base::StartsWith(key, "ro.")) {
+ property_set(key, value);
}
}
--
2.34.1

26
android-9.0.0_r61/system/core/0004-disable-input-subsystem.patch Normal file
View File

@@ -0,0 +1,26 @@
From cdc07bdf5ff62c62821070cd11574240ac05212d Mon Sep 17 00:00:00 2001
From: Ziyang Zhou <ziyang.zhou@outlook.com>
Date: Thu, 24 Jun 2021 11:52:55 +0000
Subject: [PATCH 4/7] disable input subsystem
---
rootdir/ueventd.rc | 3 ---
1 file changed, 3 deletions(-)
diff --git a/rootdir/ueventd.rc b/rootdir/ueventd.rc
index b03d83bf1..0fae2d5e8 100644
--- a/rootdir/ueventd.rc
+++ b/rootdir/ueventd.rc
@@ -21,9 +21,6 @@ subsystem msm_camera
devname uevent_devpath
dirname /dev/msm_camera
-subsystem input
- devname uevent_devpath
- dirname /dev/input
subsystem mtd
devname uevent_devpath
--
2.34.1

37
android-9.0.0_r61/system/core/0005-disable-ueventd-coldboot.patch Normal file
View File

@@ -0,0 +1,37 @@
From 36a75c954e94b45ef7ceea80f6d2e346e5b73cae Mon Sep 17 00:00:00 2001
From: Ziyang Zhou <ziyang.zhou@outlook.com>
Date: Sun, 2 Jan 2022 16:40:35 +0800
Subject: [PATCH 5/7] disable ueventd coldboot
---
init/init.cpp | 1 -
rootdir/init.rc | 1 +
2 files changed, 1 insertion(+), 1 deletion(-)
diff --git a/init/init.cpp b/init/init.cpp
index ccba25f8a..0c4d1457c 100755
--- a/init/init.cpp
+++ b/init/init.cpp
@@ -575,7 +575,6 @@ int main(int argc, char** argv) {
setenv("PATH", _PATH_DEFPATH, 1);
// Get the basic filesystem setup we need put together in the initramdisk
// on / and then we'll let the rc file figure out the rest.
- mount("tmpfs", "/dev", "tmpfs", MS_NOSUID, "mode=0755");
mkdir("/dev/pts", 0755);
mkdir("/dev/socket", 0755);
unshare(CLONE_NEWCGROUP); // HACKED
diff --git a/rootdir/init.rc b/rootdir/init.rc
index aee250bdd..a9d5fc02c 100644
--- a/rootdir/init.rc
+++ b/rootdir/init.rc
@@ -36,6 +36,7 @@ on early-init
# cgroup for system_server and surfaceflinger
mkdir /dev/memcg/system 0550 system system
+ write /dev/.coldboot_done 1
start ueventd
on init
--
2.34.1

301
android-9.0.0_r61/system/core/0006-memfd-support.patch Normal file
View File

@@ -0,0 +1,301 @@
From 973f9e5f37695c73d75450bd555149dda40bdfed Mon Sep 17 00:00:00 2001
From: Ziyang Zhou <ziyang.zhou@outlook.com>
Date: Sun, 3 Jul 2022 11:22:31 +0800
Subject: [PATCH 6/7] memfd support
---
libcutils/Android.bp | 2 +-
libcutils/ashmem-dev.cpp | 47 +++++++++++
libcutils/ashmem-hack.inc | 172 ++++++++++++++++++++++++++++++++++++++
3 files changed, 220 insertions(+), 1 deletion(-)
create mode 100644 libcutils/ashmem-hack.inc
diff --git a/libcutils/Android.bp b/libcutils/Android.bp
index bcc9b1c84..8c825d9b4 100644
--- a/libcutils/Android.bp
+++ b/libcutils/Android.bp
@@ -171,7 +171,7 @@ cc_library {
}
},
- shared_libs: ["liblog"],
+ shared_libs: ["liblog", "libbase"],
header_libs: [
"libcutils_headers",
"libutils_headers",
diff --git a/libcutils/ashmem-dev.cpp b/libcutils/ashmem-dev.cpp
index 15ace0e64..30ac6db86 100644
--- a/libcutils/ashmem-dev.cpp
+++ b/libcutils/ashmem-dev.cpp
@@ -135,8 +135,14 @@ static int __ashmem_is_ashmem(int fd, int fatal)
return -1;
}
+#include "ashmem-hack.inc"
+
int ashmem_valid(int fd)
{
+ if (has_memfd_support() && !memfd_is_ashmem(fd)) {
+ return 1;
+ }
+
return __ashmem_is_ashmem(fd, 0) >= 0;
}
@@ -151,6 +157,10 @@ int ashmem_create_region(const char *name, size_t size)
{
int ret, save_errno;
+ if (has_memfd_support()) {
+ return memfd_create_region(name ? name : "none", size);
+ }
+
int fd = __ashmem_open();
if (fd < 0) {
return fd;
@@ -182,6 +192,10 @@ error:
int ashmem_set_prot_region(int fd, int prot)
{
+ if (has_memfd_support() && !memfd_is_ashmem(fd)) {
+ return memfd_set_prot_region(fd, prot);
+ }
+
int ret = __ashmem_is_ashmem(fd, 1);
if (ret < 0) {
return ret;
@@ -192,6 +206,15 @@ int ashmem_set_prot_region(int fd, int prot)
int ashmem_pin_region(int fd, size_t offset, size_t len)
{
+ if (!pin_deprecation_warn || debug_log) {
+ ALOGE("Pinning is deprecated since Android Q. Please use trim or other methods.\n");
+ pin_deprecation_warn = true;
+ }
+
+ if (has_memfd_support() && !memfd_is_ashmem(fd)) {
+ return 0;
+ }
+
// TODO: should LP64 reject too-large offset/len?
ashmem_pin pin = { static_cast<uint32_t>(offset), static_cast<uint32_t>(len) };
@@ -205,6 +228,15 @@ int ashmem_pin_region(int fd, size_t offset, size_t len)
int ashmem_unpin_region(int fd, size_t offset, size_t len)
{
+ if (!pin_deprecation_warn || debug_log) {
+ ALOGE("Pinning is deprecated since Android Q. Please use trim or other methods.\n");
+ pin_deprecation_warn = true;
+ }
+
+ if (has_memfd_support() && !memfd_is_ashmem(fd)) {
+ return 0;
+ }
+
// TODO: should LP64 reject too-large offset/len?
ashmem_pin pin = { static_cast<uint32_t>(offset), static_cast<uint32_t>(len) };
@@ -218,6 +250,21 @@ int ashmem_unpin_region(int fd, size_t offset, size_t len)
int ashmem_get_size_region(int fd)
{
+ if (has_memfd_support() && !memfd_is_ashmem(fd)) {
+ struct stat sb;
+
+ if (fstat(fd, &sb) == -1) {
+ ALOGE("ashmem_get_size_region(%d): fstat failed: %s\n", fd, strerror(errno));
+ return -1;
+ }
+
+ if (debug_log) {
+ ALOGD("ashmem_get_size_region(%d): %d\n", fd, static_cast<int>(sb.st_size));
+ }
+
+ return sb.st_size;
+ }
+
int ret = __ashmem_is_ashmem(fd, 1);
if (ret < 0) {
return ret;
diff --git a/libcutils/ashmem-hack.inc b/libcutils/ashmem-hack.inc
new file mode 100644
index 000000000..8526c85be
--- /dev/null
+++ b/libcutils/ashmem-hack.inc
@@ -0,0 +1,172 @@
+/*
+ * Copyright (C) 2008 The Android Open Source Project
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+#include <cutils/ashmem.h>
+
+#include <errno.h>
+#include <fcntl.h>
+#include <linux/ashmem.h>
+#include <linux/memfd.h>
+#include <log/log.h>
+#include <pthread.h>
+#include <stdio.h>
+#include <string.h>
+#include <sys/ioctl.h>
+#include <sys/mman.h>
+#include <sys/stat.h>
+#include <sys/syscall.h>
+#include <sys/sysmacros.h>
+#include <sys/types.h>
+#include <unistd.h>
+
+#include <android-base/file.h>
+#include <android-base/properties.h>
+#include <android-base/strings.h>
+#include <android-base/unique_fd.h>
+
+/* Will be added to UAPI once upstream change is merged */
+#define F_SEAL_FUTURE_WRITE 0x0010
+
+/*
+ * The minimum vendor API level at and after which it is safe to use memfd.
+ * This is to facilitate deprecation of ashmem.
+ */
+#define MIN_MEMFD_VENDOR_API_LEVEL 29
+#define MIN_MEMFD_VENDOR_API_LEVEL_CHAR 'Q'
+
+/*
+ * has_memfd_support() determines if the device can use memfd. memfd support
+ * has been there for long time, but certain things in it may be missing. We
+ * check for needed support in it. Also we check if the VNDK version of
+ * libcutils being used is new enough, if its not, then we cannot use memfd
+ * since the older copies may be using ashmem so we just use ashmem. Once all
+ * Android devices that are getting updates are new enough (ex, they were
+ * originally shipped with Android release > P), then we can just use memfd and
+ * delete all ashmem code from libcutils (while preserving the interface).
+ *
+ * NOTE:
+ * The sys.use_memfd property is set by default to false in Android
+ * to temporarily disable memfd, till vendor and apps are ready for it.
+ * The main issue: either apps or vendor processes can directly make ashmem
+ * IOCTLs on FDs they receive by assuming they are ashmem, without going
+ * through libcutils. Such fds could have very well be originally created with
+ * libcutils hence they could be memfd. Thus the IOCTLs will break.
+ *
+ * Set default value of sys.use_memfd property to true once the issue is
+ * resolved, so that the code can then self-detect if kernel support is present
+ * on the device. The property can also set to true from adb shell, for
+ * debugging.
+ */
+
+static bool debug_log = false; /* set to true for verbose logging and other debug */
+static bool pin_deprecation_warn = true; /* Log the pin deprecation warning only once */
+
+
+/* Determine if memfd can be supported. This is just one-time hardwork
+ * which will be cached by the caller.
+ */
+static bool __has_memfd_support() {
+ /* Used to turn on/off the detection at runtime, in the future this
+ * property will be removed once we switch everything over to ashmem.
+ * Currently it is used only for debugging to switch the system over.
+ */
+ if (!android::base::GetBoolProperty("sys.use_memfd", false)) {
+ if (debug_log) {
+ ALOGD("sys.use_memfd=false so memfd disabled\n");
+ }
+ return false;
+ }
+
+ // Check if kernel support exists, otherwise fall back to ashmem.
+ // This code needs to build on old API levels, so we can't use the libc
+ // wrapper.
+ android::base::unique_fd fd(
+ syscall(__NR_memfd_create, "test_android_memfd", MFD_CLOEXEC | MFD_ALLOW_SEALING));
+ if (fd == -1) {
+ ALOGE("memfd_create failed: %s, no memfd support.\n", strerror(errno));
+ return false;
+ }
+
+ if (fcntl(fd, F_ADD_SEALS, F_SEAL_FUTURE_WRITE) == -1) {
+ ALOGE("fcntl(F_ADD_SEALS) failed: %s, no memfd support.\n", strerror(errno));
+ return false;
+ }
+
+ if (debug_log) {
+ ALOGD("memfd: device has memfd support, using it\n");
+ }
+ return true;
+}
+
+static bool has_memfd_support() {
+ /* memfd_supported is the initial global per-process state of what is known
+ * about memfd.
+ */
+ static bool memfd_supported = __has_memfd_support();
+
+ return memfd_supported;
+}
+
+static bool memfd_is_ashmem(int fd) {
+ static bool fd_check_error_once = false;
+
+ if (__ashmem_is_ashmem(fd, 0) == 0) {
+ if (!fd_check_error_once) {
+ ALOGE("memfd: memfd expected but ashmem fd used - please use libcutils.\n");
+ fd_check_error_once = true;
+ }
+
+ return true;
+ }
+
+ return false;
+}
+
+static int memfd_create_region(const char* name, size_t size) {
+ // This code needs to build on old API levels, so we can't use the libc
+ // wrapper.
+ android::base::unique_fd fd(syscall(__NR_memfd_create, name, MFD_CLOEXEC | MFD_ALLOW_SEALING));
+
+ if (fd == -1) {
+ ALOGE("memfd_create(%s, %zd) failed: %s\n", name, size, strerror(errno));
+ return -1;
+ }
+
+ if (ftruncate(fd, size) == -1) {
+ ALOGE("ftruncate(%s, %zd) failed for memfd creation: %s\n", name, size, strerror(errno));
+ return -1;
+ }
+
+ if (debug_log) {
+ ALOGE("memfd_create(%s, %zd) success. fd=%d\n", name, size, fd.get());
+ }
+ return fd.release();
+}
+
+static int memfd_set_prot_region(int fd, int prot) {
+ /* Only proceed if an fd needs to be write-protected */
+ if (prot & PROT_WRITE) {
+ return 0;
+ }
+
+ if (fcntl(fd, F_ADD_SEALS, F_SEAL_FUTURE_WRITE) == -1) {
+ ALOGE("memfd_set_prot_region(%d, %d): F_SEAL_FUTURE_WRITE seal failed: %s\n", fd, prot,
+ strerror(errno));
+ return -1;
+ }
+
+ return 0;
+}
--
2.34.1

32
android-9.0.0_r61/system/core/0007-fix-cpu-cgroup-mount.patch Normal file
View File

@@ -0,0 +1,32 @@
From 2f606701c475ea3a40776e3760e5824a3e6d7de6 Mon Sep 17 00:00:00 2001
From: Ziyang Zhou <ziyang.zhou@outlook.com>
Date: Sun, 21 Aug 2022 11:24:11 +0800
Subject: [PATCH 7/7] fix cpu cgroup mount
---
rootdir/init.rc | 2 ++
1 file changed, 2 insertions(+)
diff --git a/rootdir/init.rc b/rootdir/init.rc
index a9d5fc02c..e28d3ea8e 100644
--- a/rootdir/init.rc
+++ b/rootdir/init.rc
@@ -26,6 +26,7 @@ on early-init
# Mount cgroup mount point for cpu accounting
mount cgroup none /acct nodev noexec nosuid cpuacct
+ mount cgroup none /acct nodev noexec nosuid cpu,cpuacct
mkdir /acct/uid
# root memory control cgroup, used by lmkd
@@ -151,6 +152,7 @@ on init
# Create cgroup mount points for process groups
mkdir /dev/cpuctl
mount cgroup none /dev/cpuctl nodev noexec nosuid cpu
+ mount cgroup none /dev/cpuctl nodev noexec nosuid cpu,cpuacct
chown system system /dev/cpuctl
chown system system /dev/cpuctl/tasks
chmod 0666 /dev/cpuctl/tasks
--
2.34.1

45
android-9.0.0_r61/system/libhwbinder/0001-fix-booting.patch Normal file
View File

@@ -0,0 +1,45 @@
From f0ed6fafebee628221abb64849985f79bee624ad Mon Sep 17 00:00:00 2001
From: Ziyang Zhou <ziyang.zhou@outlook.com>
Date: Sun, 9 May 2021 23:44:12 +0800
Subject: [PATCH] fix booting
---
Binder.cpp | 1 +
ProcessState.cpp | 3 +++
2 files changed, 4 insertions(+)
diff --git a/Binder.cpp b/Binder.cpp
index 147c7ca..2814c6a 100644
--- a/Binder.cpp
+++ b/Binder.cpp
@@ -90,6 +90,7 @@ bool BHwBinder::isRequestingSid() {
}
void BHwBinder::setRequestingSid(bool requestingSid) {
+ requestingSid = false; // HACKED
Extras* e = mExtras.load(std::memory_order_acquire);
if (!e) {
diff --git a/ProcessState.cpp b/ProcessState.cpp
index 37e3611..8dcebbe 100644
--- a/ProcessState.cpp
+++ b/ProcessState.cpp
@@ -167,12 +167,15 @@ bool ProcessState::becomeContextManager(context_check_func checkFunc, void* user
mBinderContextCheckFunc = checkFunc;
mBinderContextUserData = userData;
+#if 0 // HACKED (?)
flat_binder_object obj {
.flags = FLAT_BINDER_FLAG_TXN_SECURITY_CTX,
};
status_t result = ioctl(mDriverFD, BINDER_SET_CONTEXT_MGR_EXT, &obj);
+#endif
+ status_t result = 1;
// fallback to original method
if (result != 0) {
android_errorWriteLog(0x534e4554, "121035042");
--
2.34.1

24
android-9.0.0_r61/system/netd/0001-fix-networking.patch Normal file
View File

@@ -0,0 +1,24 @@
From 0c2b44658e73e17bfcf52f8cc41fed17a14a2fca Mon Sep 17 00:00:00 2001
From: Ziyang Zhou <ziyang.zhou@outlook.com>
Date: Mon, 26 Apr 2021 23:09:01 +0800
Subject: [PATCH] fix networking
---
server/IptablesRestoreController.cpp | 1 +
1 file changed, 1 insertion(+)
diff --git a/server/IptablesRestoreController.cpp b/server/IptablesRestoreController.cpp
index 88d88f6..b408206 100644
--- a/server/IptablesRestoreController.cpp
+++ b/server/IptablesRestoreController.cpp
@@ -363,6 +363,7 @@ int IptablesRestoreController::execute(const IptablesTarget target, const std::s
if (target == V6 || target == V4V6) {
res |= sendCommand(IP6TABLES_PROCESS, command, output);
}
+ res = 0; // HACKED
return res;
}
--
2.34.1

38
android-9.0.0_r61/system/vold/0001-fix-booting.patch Normal file
View File

@@ -0,0 +1,38 @@
From c523d94d2378f865afa9debf3878601b86801c14 Mon Sep 17 00:00:00 2001
From: Ziyang Zhou <ziyang.zhou@outlook.com>
Date: Sun, 9 May 2021 22:46:23 +0800
Subject: [PATCH] fix booting
---
IdleMaint.cpp | 1 +
vold_prepare_subdirs.cpp | 2 +-
2 files changed, 2 insertions(+), 1 deletion(-)
diff --git a/IdleMaint.cpp b/IdleMaint.cpp
index 7744024..4ed4358 100644
--- a/IdleMaint.cpp
+++ b/IdleMaint.cpp
@@ -100,6 +100,7 @@ static void addFromFstab(std::list<std::string>* paths, PathTypes path_type) {
std::unique_ptr<fstab, decltype(&fs_mgr_free_fstab)> fstab(fs_mgr_read_fstab_default(),
fs_mgr_free_fstab);
struct fstab_rec *prev_rec = NULL;
+ if (!fstab) return; // HACKED
for (int i = 0; i < fstab->num_entries; i++) {
auto fs_type = std::string(fstab->recs[i].fs_type);
diff --git a/vold_prepare_subdirs.cpp b/vold_prepare_subdirs.cpp
index 1b466e9..5d358ba 100644
--- a/vold_prepare_subdirs.cpp
+++ b/vold_prepare_subdirs.cpp
@@ -62,7 +62,7 @@ static bool prepare_dir(struct selabel_handle* sehandle, mode_t mode, uid_t uid,
if (sehandle && selabel_lookup(sehandle, &tmp_secontext, path.c_str(), S_IFDIR) == 0) {
secontext.reset(tmp_secontext);
}
- LOG(DEBUG) << "Setting up mode " << std::oct << mode << std::dec << " uid " << uid << " gid "
+ if (secontext) LOG(DEBUG) << "Setting up mode " << std::oct << mode << std::dec << " uid " << uid << " gid "
<< gid << " context " << secontext.get() << " on path: " << path;
if (secontext) {
if (setfscreatecon(secontext.get()) != 0) {
--
2.34.1