[Q] Un-trust CA - Android Q&A, Help & Troubleshooting

How do I un-trust a CA on the Android? I'm not sure if this is an OS level issue (as in OS X) or browser lever (as with Windows).
Since *.android.com has been compromised in the digiNotar debacle, I would like to remove them as a trusted CA.
As a related question, how can I also purge the DNS cache?
Se my sig for device and ROM versions.
Walt

Android keeps its certs in
/system/etc/security/cacerts.bks
Preventing modification on non rooted devices (gingerbread is a bit better but still not full access..)
A program might have its own certs (such as firefox on osx) but I don't think I've seen such in the wild.
You may find something useful in this post related to one of the roms I distribute (and links contained in it):
http://forum.xda-developers.com/showpost.php?p=17303669&postcount=2832
(Don't worry as most security updates go its being [mostly] ignored.......)

Thanks, ezterry.
The program ran OK on CM7 - it says it deleted the certificate; I assume it really did it
Walt

Related

[Q] Samsung ODE (On Device Encryption)

Has anybody already found out how the On Device Encryption can be activated on this device?
Do you have to add an Exchange server or Afaria ([com.Android.Afaria, which says "this version of the client does not support the Samsung Galaxy S2 AES." at the moment)?
I found some clues in having a Encrypt.apk in /system/app, which uses the permissions "com.sec.android.permission.ENCRYPT" and "android.permission.sec.MDM_SECURITY" and publishes an intent filter for "com.sec.android.app.encrypt.action.ENCRYPT".
There also is a clue in init.rc:
" # SEC_DMCRYPT efs or cache or lfs partition required
exec apply_sec_devenc_init"
Any luck with this? I'm very interested in getting on-device encryption up and running (with-out the need for any server bound tools from MS) and have a Galaxy S II on it's way (should arrive Wed/Thur.
I plan on digging around once I get it, but so far searchers here, Samsung, and through Google have not turned up anything. Only this thread and a lot of marketing junk.
I'm quite interested in this too. From what I've read from Samsung, it seems to be enabled automatically.
Gonna have a deeper look on how it's implemented, but there's really only 2 ways they could do it, at the filesystem level (eg. encrypting per cluster) or at a flash level (eg. encrypting per block).
From what i've heard,,setting up an exchange server will do this automatically,,,m not sure,never tried..
Old thread, don't shoot at me, got new news for old thread
First off, yeah, it's a feature only used when an Exchange policy enforces "device must be enrypted".
Samsung obviously didn't plan on making this feature "publically" accessible by the average user.
I hope they will keep Android 4.0's device encryption feature, as since 3.x it's an official part of Android, just not in 2.3.x or even below - so Sammy really added somthing usually not available here, like the USB OTG/host.
Anyways, I'm at ~85% of having Device Encryption "under my controll", i.e. enabling it without an Exchange account that enforces said policy
(click for larger view)
There will be a few quirks:
must disable the "On Boot Completed" autostart of Encrypt.apk using some app managing app
Will NOT work with most (if not all) custom kernels! If your kernel of choice uses CWM there's a 100% chance it will NOT work. The whole thing (even the "unlock" on boot) depends on the stock recovery being present.
Additional commands (usually symlinks to busybox) in /sbin will also get you stuck in a bootloop
Since /data isn't available unless "unlocked", some things like the language setting will snap back to the default of the ROM you're using.
Only "Password" unlock will be usable when using device encryption as you need to enter it on boot, very early when the OS starts booting up, no pattern unlock or the likes are supported for that.
Apart from that, the SGS2 really becomms a kind of a high-security fortress when using the encryption.
I now need to figure out a few last smaller details and make an idiot-pove app to enable it.
The app is what now will take the most of time XD

[Android ABC] What's a Bootloader,ROM,Kernel,Firmware,ADB,Root etc

Android ABC​
I've gathered some info for newcomers to the Android world.
Copied over from my thread at androidforums...
I've tried to keep it relatively simple. So if you want more info, follow the links!
And please if you want anything added, do post!
I hope this helps someone....
Inventory:
Bootloader
Kernel
CWM
Firmware
Flashing
Rooting
Custom ROMs
ADB
Baseband
Dalvik
init.d​
What's A Bootloader?
Taken from: Android 101: What is a bootloader? | Android-Does.com
In literal terms, the bootloader is code that is executed before any Operating System starts to run. Bootloaders basically package the instructions to boot operating system kernel and most of them also have their own debugging or modification environment. Think of the bootloader as a security checkpoint for all those partitions. Because if you’re able to swap out what’s on those partitions, you’re able to break things if you don’t know what you’re doing.
As the bootloader kicks off before any piece of software on your device, it makes it extremely processor specific and every motherboard has it’s own bootloader. This is one reason that all Android phones have different custom ROMS developed due to high variance of processing hardware present on the device.
Android Bootloader
Every Android phone has a bootloader that instructs the operating system kernel to boot normally. But you need to understand one thing here that as Android OS is an open source OS and is available on a variety of different hardware, every manufacturer has their own version of bootloader specific for the hardware present in it’s environment. At its most basic level, your Android smartphone is like a hard drive, made of up several partitions. One of those partitions holds the Android system files, another holds all the app data you accumulate (which is how you’re usually able to update without losing all your stuff), and others to do more behind-the scenes stuff.
A lot has been said about bootloaders being “locked” and even the developer-friendly Nexus devices shipped with a locked bootloader (Nexus devices and a couple tablets are easily unlocked with a single command).In fact, a lot bootloaders are locked and encrypted, meaning simple commands like “fastboot oem unlock”, won’t do a thing.
Why are Bootloaders Locked?
A bootloader is usually locked on an Android device because although it’s an open source OS, still the manufacturers want you to stick to their Android OS version specifically designed for the device. In order to apply this concept, manufacturers lock the bootloader. With a locked bootloader on Android devices, it is virtually impossible to flash a Custom ROM and forced attempts void warranty as well as usually end up in bricks. Therefore, the first step is to always unlock the bootloader.
Why keep a bootloader out of reach? One of the biggest reasons is that the carriers and manufacturers don’t want to have to support hacked phones. The other is that a lot of time and money is spent developing these things. HTC Sense ain’t cheap. Neither is TouchWiz. But Samsung and HTC both have managed to find a middle ground with the modding community, and pressure is on other companies to do so as well.
Also a very good read about bootloaders: http://www.tested.com/news/feature/1879-know-your-android-bootloaderwhat-it-is-and-why-it-matters/
---------------------------------------------------------------------------
What's a kernel?
Taken from: Android A to Z: What is a kernel? | Android Central
A kernel isn't something unique to Android -- iOS and MacOS have one, Windows has one, BlackBerry's QNX has one, in fact all high level operating systems have one. The one we're interested in is Linux, as it's the one Android uses. Let's try to break down what it is and what it does.
Android devices use the Linux kernel, but it's not the exact same kernel other Linux-based operating systems use. There's a lot of Android specific code built in, and Google's Android kernel maintainers have their work cut out for them. OEMs have to contribute as well, because they need to develop hardware drivers for the parts they're using for the kernel version they're using. This is why it takes a while for independent Android developers and hackers to port new versions to older devices and get everything working. Drivers written to work with the Gingerbread kernel on a phone won't necessarily work with the Ice Cream Sandwich kernel. And that's important, because one of the kernel's main functions is to control the hardware. It's a whole lot of source code, with more options while building it than you can imagine, but in the end it's just the intermediary between the hardware and the software.
When software needs the hardware to do anything, it sends a request to the kernel. And when we say anything, we mean anything. From the brightness of the screen, to the volume level, to initiating a call through the radio, even what's drawn on the display is ultimately controlled by the kernel. For example -- when you tap the search button on your phone, you tell the software to open the search application. What happens is that you touched a certain point on the digitizer, which tells the software that you've touched the screen at those coordinates. The software knows that when that particular spot is touched, the search dialog is supposed to open. The kernel is what tells the digitizer to look (or listen, events are "listened" for) for touches, helps figure out where you touched, and tells the system you touched it. In turn, when the system receives a touch event at a specific point from the kernel (through the driver) it knows what to draw on your screen. Both the hardware and the software communicate both ways with the kernel, and that's how your phone knows when to do something. Input from one side is sent as output to the other, whether it's you playing Angry Birds, or connecting to your car's Bluetooth.
It sounds complicated, and it is. But it's also pretty standard computer logic -- there's an action of some sort generated for every event. Without the kernel to accept and send information, developers would have to write code for every single event for every single piece of hardware in your device. With the kernel, all they have to do is communicate with it through the Android system API's, and hardware developers only have to make the device hardware communicate with the kernel. The good thing is that you don't need to know exactly how or why the kernel does what it does, just understanding that it's the go-between from software to hardware gives you a pretty good grasp of what's happening under the glass. Sort of gives a whole new outlook towards those fellows who stay up all night to work on kernels for your phone, doesn't it?
---------------------------------------------------------------------------
What's CWM?
Taken from: AddictiveTips » Blog ArchiveWhat Is ClockworkMod Recovery And How To Use It On Android [Complete Guide]
ClockworkMod, abbreviated as CWM, is a popular custom recovery for Android phones and tablets developed by Koushik Dutta (Koush), a well-known name in the Android dev community. ClockworkMod recovery allows you to perform several advanced recovery, restoration, installation and maintenance operations on your Android device that aren’t possible with the stock recovery, and is one of the most common ways used to gain root access, back up device data, install a custom ROMs, kernels, themes, mods and more. However, for anyone new to Android customization and hacking, some of its options might prove to be a tad confusing. In what follows, we will cover all that this recovery is capable of doing, and how to do it.
About Android Recovery
All Android devices ship with a recovery console that is basically a partition on the device’s internal memory and can be booted into. The stock recovery of almost all Android devices provides a few basic yet handy options that allow you to factory reset your device and also to recover its operating system using an official ROM in zip format, but that’s all you can do with it. That’s where a custom recovery comes handy.
A custom Android recovery basically replaces the stock recovery with one that lets you do all you can do with the stock recovery, plus a plethora of more options to give you a lot more control on your device. With a custom recovery, you can install official and unofficial ROMs as well as other updates including apps, themes, kernels etc. using zip files, wipe not just user data but pretty much every partition on your device, mount the storage card for USB mass storage access without leaving recovery, partition your SD card, wipe Dalvik cache and battery stats, fix permissions, perform, manage and restore backups and so on.
Introduction To ClockworkMod
ClockworkMod recovery is one of the most widely used custom Android recoveries that is available for most mainstream Android devices. It is our custom recovery of choice here at AddictiveTips and almost every custom ROM that we install on our devices is done using this recovery.
ClockworkMod recovery has been developed by Koushik Dutta (also known as Koush) – the same guy who brought us the Android ROM Manager. He can be found at his blog hacking away at Android devices and at Twitter.
CWM options explained:
[REF] CWM - Clockworkmode menu options & Partitions– GENERAL KNOWLEDGE - xda-developers
---------------------------------------------------------------------------
What's Firmware?
Taken from: What is Firmware, Rom and Firmware Flashing ? - I Teach Android
What the heck is this firmware? Definition of firmware is permanent software programmed into a read-only memory
In Simple words, you can understand it like windows for pc , in case of android we are going to do same thing – installing firmware (Froyo,Gingerbread, ICS, Jelly Bean etc.) on your phone. All phones have their different firmwares and installing tools regard less to the Andriod version (Froyo,Gingerbred). So never think that we can install any firmware on any android phone like we do in PCs.
Wiki link for even more info: Firmware - Wikipedia, the free encyclopedia
---------------------------------------------------------------------------
What's Flashing?
Flashing refers to the overwriting of existing data on ROM modules present in an electronic device with new data. This can be done to upgrade a device or to change the provider of a service associated with the function of the device, such as changing from one mobile phone service provider to another or installing a new operating system.
In simple words flashing is called installing firmware on your phone.
---------------------------------------------------------------------------
What's Rooting?
Taken from: Rooting for Android: What, why and how? | Ubergizmo
WiKi link: https://en.wikipedia.org/wiki/Rooting_(Android_OS)
When carriers and manufacturers sell you your device, it is almost certain that the device would come with certain software restrictions in place. There are a variety of different reasons why they might do that – some claim that this is done to protect the user, preserve the device’s warranty (this policy will vary from manufacturer to manufacturer), prevent users from getting rid of carrier bloatware apps or simply because the manufacturer would prefer if your device was distinguishable from the competition based purely on its user interface (i.e. Samsung’s TouchWiz, HTC Sense UI, etc).
Whatever their reasoning may be, chances are if you are looking to customize your device on a deeper level, you’d be out of luck and this is where rooting comes into play.
Rooting is essentially a process that allows users of smartphones, tablets or other devices running on Android to gain “superuser” access to the software. This will allow the user to perform administrative tasks such as writing to locations normally restricted by the system which in turn will allow for deeper customization. For iOS users, rooting on Android devices could be thought of as a close equivalent to jailbreaking your device.
---------------------------------------------------------------------------
What are custom ROMs?
Taken from: Custom ROMs For Android Explained - Here Is Why You Want Them
A stock ROM is the version of the phone's operating system that comes with your phone when you buy it.
A custom ROM is a fully standalone version of the OS, including the kernel (which makes everything run), apps, services, etc - everything you need to operate the device, except it's customized by someone in some way.
So what does the "customized" part mean? Since Android is open source, developers are free to take stock ROMs, modify them, strip them of garbage, optimize them, add things, and pretty much do whatever their imagination and skills allow.
---------------------------------------------------------------------------
What is ADB?
Taken from: Android 201: What is adb? | Android Central
According to Google "Android Debug Bridge (adb) is a versatile tool lets you manage the state of an emulator instance or Android-powered device." That certainly sounds like Google, doesn't it? To put it simply, adb is two different applications -- one running on your computer (Windows, Linux or Mac) and one running on your phone. When your phone is connected, and USB debugging is enabled, you can issue commands and communicate with the phone using your computer screen and keyboard.
Your Android phone uses a modified Linux kernel and tools as a base. This means that quite a few Linux commands can be sent via the adb server (the one running on your computer) to the adb client (the one running on your phone) and they will be executed. In our example picture, I've sent the "top" command over the wire to my phone, and my phone sent me back the information and printed it to my terminal.
This can be awfully handy for debugging things that aren't going right, as well sending those weird commands you need when you're hacking away in the middle of the night. Chances are, if you aren't actively debugging something or trying to break hack at your phone, you won't have much use for adb. And that's OK -- there's more than one way to have fun with an Android device.
----------------------------------------------------------------------------
What's baseband?
Baseband is the Radio or Modem version depending upon the Phone Model, Carrier and Android Software Stack version. The Radio/Modem file is flashed via Recovery tool (other options are ADB/ODIN). The mismatched Radio/Modem and ROM will lead to things not working. You need to find the matching Radio/Modem for the particular ROM you are running.
The radio firmware controls basic low-level functions like network connectivity, Wi-Fi, and GPS. Upgrading Radio firmware will fix connectivity issues, increase range or performance, decrease battery usage, etc. Incorrec tRadio frimeware can disable some functions in your phone such as MMS, 3G Data, VM Notifications, etc. Network operators/carriers select the correct version of the Radio firmware that is suitable for the phone, network and bandwidth.
There is also Modem and Baseband Radio Processor chipsets in Mobile phones. Usually, Google, Phone Manufacturers and carriers develop various types of modem firmware/software that controls the functions of these chipsets.
Firmware is the overall version of the Android system on your phone. Baseband version is the version of the radio embedded in the device. Since Android is based on the Linux operating system, they show you the current version of the Kernel used in the heart of the system. The Build number is just an indicator of which numerical version of the current overall system was built by developers for your device.
You cannot update any of these from the official web site. Updates to the Android system are pushed to the phone over-the-air by the manufacturer or the cell phone carrier. The only other way to update or change an Android phone it to install custom modified ROMs in place of the existing system firmware. That usually requires rooting the phone and a fairly considerable knowledge of how to hack hardware.
----------------------------------------------------------------------------
What's Dalvik?
http://www.techopedia.com/definition/4262/dalvik
http://butterflydroid.wordpress.com/2011/09/22/what-is-dalvik-vm-heapsize-benefits-and-downfalls/
Dalvik is named after a fishing village in Iceland where ancestors of Dan Bornstein, the person who wrote the VM’s original code, lived. Dalvik is designed for fast execution speeds and operatation in resource-constrained environments like those in mobile devices (with limited memory, CPU and battery power). A Dalvik VM is designed to run multiple instances of itself with each instance hosted on its own separate process and running one application each. When one instance crashes, other concurrently running applications don’t suffer.
Although Android apps are written in Java, they are first compiled into the Dalvik Executable (DEX) format to make them run on the Dalvik VM. DEX files are generally smaller than compressed .JAR (Java Archive) files, making them suitable for mobile devices.
The main difference between Dalvik and a typical Java VM is that the former is register-based while the latter is stack-based. Register-based VMs require fewer instructions than their stack-based counterparts. Although the register-based VMs also require more code, they are generally considered to exhibit faster startups and have better performance than stack-based VMs.
The Dalvik source code license is based on the Apache license. That means, it is free to modify and hence attractive to mobile phone carriers.
What's init.d?
init.d is a folder located at /system/etc
To keep it simple, it allows the user to run scripts at system startup/ boot.
You can adjust many different things/settings with scripts. You can tweak system settings, prolong battery life etc.
To enable init.d and to get some scripts, go here: http://forum.xda-developers.com/showthread.php?t=1881401
----------------------------------------------------------------------------
great job brother, do much to newcomers become familiar with android and they need to know :highfive:
woooow , thats nice and great thread ...... thx ..... but between that , can u continue explain many things like what each android device need to boot up and what the most commen partitions in android devics , and getting deeper in android world ad then give some tut about adb using
thx so much
Good stuff, thanks!
Great guide for android noobie who want to learn how to root
add CID and MID ... ?
Hey -- a really great resource. great work.
could be nice to include CID, MID, etc.
also, would like to understand why ROM has to be built for specific carrier variant of phone.
Example: HTC ONE M8 has multiple different ROM threads -- ATT, Tmobile, Verizon, etc. While I understand there are some small frequencies support differences between an M8_tmobile and M8_Verison, why doesn't a Rooted with S-off M8 care whether it's a ATT or Verizon model?
thx
Thanks iONEx, this post helped me some. I already have 20 years of experience with Linux on PCs and Macs, so I already understood concepts like Bootloader, Kernel, Rooting, Flashing, Firmware, and init.d. I've had to flash a new BIOS on several PC motherboards, so I understand the difference between nonvolatile storage in firmware mounted on an integrated circuit of the motherboard versus nonvolatile storage in a physical spinning magnetic hard drive connected to the motherboard via a SCSI or SATA bus and controller. I rooted my first Android (a Motorola Atrix) a year ago, so I also understand CWM, Custom ROMs, and ADB. But your explanation of Baseband and Dalvik was new and helpful to me.
Right now I'm running Paranoid Android on my Oneplus One and using the Settings app in it, I see that I have Android version 4.4.4, ParanoidAndroid version 4.6-BETA6, Baseband version MPSS.DI.2.0.1..., Kernel version 3.4.0-ParanoidAndroid (Mon Nov 3 21:55:14 UTC 2014), Build number pa_bacon-userdebug...).
I found your post while trying to understand more about my OPO that I rooted a few days ago. I installed TWRP, F-Droid, Busybox, MultiROM, and a few other major customizations on it, but I feel like there's still a whole lot that I don't understand at all. For example, in this thread [forums.oneplus.net/threads/unofficial-beanstalk-rom-for-bacon-lollipop-5-02-r1.247146/#post-9394373] I commented that I was unable to get Beanstalk 5.0.2 to function reliably on my OPO.
From chineel's reply "The Steps To Have Better Experience With OnePlus One With Lollipop ROMs" though, I realized that I must still be missing some important concepts, so I started searching for a comprehensive picture of my OPO and of Android phones in general, and although your post helped some, I'm still looking for a much more comprehensive understanding of this device.
I do understand that the nonvolatile storage in my phone must be partitioned into several mutually exclusive sections and that's how it's possible for me to wipe (using TWRP) all of the partitions (Dalvik Cache, System, Data, and Cache) except Internal Storage and flash a new ROM like Beanstalk and yet I still have the contents of /sdcard/ as they were before I wiped and flashed. Obviously, /sdcard/ as mounted in ParanoidAndroid and Beanstalk must be on the Internal Storage partition that did not get wiped.
But when chineel wrote that I should download latest “Cm Nightly” and “(CM Nightly Is for Modem and firmware Update only ) you can Just Flash Firm ware Update [s.basketbuild.com/filedl/devs?dev=chineel&dl=chineel/BeanStalk/bacon/Full-CM-12.01.18-modem-flashable.zip] Instead of...”, that's when I realized that when I flashed a new ROM, I was apparently still leaving something aside from the Internal Storage partition untouched: the modem/baseband/radio?
And so if I flash the latest CM nightly from [download.cyanogenmod.org/?device=bacon&type=] then I'll end up doing what I have not been doing before which is to also change the modem/baseband/radio. Is that right?
So then if I flash a new ROM (like Beanstalk) AFTER flashing the CM Nightly, then I'll be replacing the ROM (from the CM Nightly to Beanstalk), but I won't be changing again the modem/baseband/radio that was changed when I flashed the CM Nightly. Is that right?
If so, then where in this partition system is the modem/baseband/radio firmware (which is apparently separate from the whole ROM) stored in nonvolatile storage? Is it also on Internal Storage? Or is it stored on a separate integrated circuit (like the BIOS is on a PC) or on some other hidden partition?
And what about flashing the kernel? When I flashed my PA ROM, I got a new kernel with it, without explicitly installing from TWRP a new kernel. So sometimes flashing a ROM gives you a new kernel and sometimes flashing a ROM does not change the existing kernel? Is that right? And so is it also possible to flash a ROM and then subsequently flash a kernel and that second flash replaces the kernel that was part of the ROM of the first flash?
I just need to understand where all of this information is getting stored (in which partitions). I know I flash a ROM, then I flash GAPPS, then I flash a kernel, then I flash a modem/radio/baseband. But I can't tell; is all that software going to the System partition? If so, then why don't all the later flashes completely write over all the earlier flashes?
TL;DR
My real question here is what to read for a comprehensive explanation of all these pieces and how they fit together and why flashing sometimes replaces something that was there before, but it doesn't replace everything (like the modem/radio/baseband)? I think I need a book or something. Can you recommend one?
Thanks, and sorry for the long post.
iONEx said:
Android ABC​
I've gathered some info for newcomers to the Android world.
Copied over from my thread at androidforums...
I've tried to keep it relatively simple. So if you want more info, follow the links!
And please if you want anything added, do post!
I hope this helps someone....
Inventory:
Bootloader
Kernel
CWM
Firmware
Flashing
Rooting
Custom ROMs
ADB
Baseband
Dalvik
init.d​
What's A Bootloader?
Taken from: Android 101: What is a bootloader? | Android-Does.com
In literal terms, the bootloader is code that is executed before any Operating System starts to run. Bootloaders basically package the instructions to boot operating system kernel and most of them also have their own debugging or modification environment. Think of the bootloader as a security checkpoint for all those partitions. Because if you’re able to swap out what’s on those partitions, you’re able to break things if you don’t know what you’re doing.
As the bootloader kicks off before any piece of software on your device, it makes it extremely processor specific and every motherboard has it’s own bootloader. This is one reason that all Android phones have different custom ROMS developed due to high variance of processing hardware present on the device.
Android Bootloader
Every Android phone has a bootloader that instructs the operating system kernel to boot normally. But you need to understand one thing here that as Android OS is an open source OS and is available on a variety of different hardware, every manufacturer has their own version of bootloader specific for the hardware present in it’s environment. At its most basic level, your Android smartphone is like a hard drive, made of up several partitions. One of those partitions holds the Android system files, another holds all the app data you accumulate (which is how you’re usually able to update without losing all your stuff), and others to do more behind-the scenes stuff.
A lot has been said about bootloaders being “locked” and even the developer-friendly Nexus devices shipped with a locked bootloader (Nexus devices and a couple tablets are easily unlocked with a single command).In fact, a lot bootloaders are locked and encrypted, meaning simple commands like “fastboot oem unlock”, won’t do a thing.
Why are Bootloaders Locked?
A bootloader is usually locked on an Android device because although it’s an open source OS, still the manufacturers want you to stick to their Android OS version specifically designed for the device. In order to apply this concept, manufacturers lock the bootloader. With a locked bootloader on Android devices, it is virtually impossible to flash a Custom ROM and forced attempts void warranty as well as usually end up in bricks. Therefore, the first step is to always unlock the bootloader.
Why keep a bootloader out of reach? One of the biggest reasons is that the carriers and manufacturers don’t want to have to support hacked phones. The other is that a lot of time and money is spent developing these things. HTC Sense ain’t cheap. Neither is TouchWiz. But Samsung and HTC both have managed to find a middle ground with the modding community, and pressure is on other companies to do so as well.
Also a very good read about bootloaders: http://www.tested.com/news/feature/1879-know-your-android-bootloaderwhat-it-is-and-why-it-matters/
---------------------------------------------------------------------------
What's a kernel?
Taken from: Android A to Z: What is a kernel? | Android Central
A kernel isn't something unique to Android -- iOS and MacOS have one, Windows has one, BlackBerry's QNX has one, in fact all high level operating systems have one. The one we're interested in is Linux, as it's the one Android uses. Let's try to break down what it is and what it does.
Android devices use the Linux kernel, but it's not the exact same kernel other Linux-based operating systems use. There's a lot of Android specific code built in, and Google's Android kernel maintainers have their work cut out for them. OEMs have to contribute as well, because they need to develop hardware drivers for the parts they're using for the kernel version they're using. This is why it takes a while for independent Android developers and hackers to port new versions to older devices and get everything working. Drivers written to work with the Gingerbread kernel on a phone won't necessarily work with the Ice Cream Sandwich kernel. And that's important, because one of the kernel's main functions is to control the hardware. It's a whole lot of source code, with more options while building it than you can imagine, but in the end it's just the intermediary between the hardware and the software.
When software needs the hardware to do anything, it sends a request to the kernel. And when we say anything, we mean anything. From the brightness of the screen, to the volume level, to initiating a call through the radio, even what's drawn on the display is ultimately controlled by the kernel. For example -- when you tap the search button on your phone, you tell the software to open the search application. What happens is that you touched a certain point on the digitizer, which tells the software that you've touched the screen at those coordinates. The software knows that when that particular spot is touched, the search dialog is supposed to open. The kernel is what tells the digitizer to look (or listen, events are "listened" for) for touches, helps figure out where you touched, and tells the system you touched it. In turn, when the system receives a touch event at a specific point from the kernel (through the driver) it knows what to draw on your screen. Both the hardware and the software communicate both ways with the kernel, and that's how your phone knows when to do something. Input from one side is sent as output to the other, whether it's you playing Angry Birds, or connecting to your car's Bluetooth.
It sounds complicated, and it is. But it's also pretty standard computer logic -- there's an action of some sort generated for every event. Without the kernel to accept and send information, developers would have to write code for every single event for every single piece of hardware in your device. With the kernel, all they have to do is communicate with it through the Android system API's, and hardware developers only have to make the device hardware communicate with the kernel. The good thing is that you don't need to know exactly how or why the kernel does what it does, just understanding that it's the go-between from software to hardware gives you a pretty good grasp of what's happening under the glass. Sort of gives a whole new outlook towards those fellows who stay up all night to work on kernels for your phone, doesn't it?
---------------------------------------------------------------------------
What's CWM?
Taken from: AddictiveTips » Blog ArchiveWhat Is ClockworkMod Recovery And How To Use It On Android [Complete Guide]
ClockworkMod, abbreviated as CWM, is a popular custom recovery for Android phones and tablets developed by Koushik Dutta (Koush), a well-known name in the Android dev community. ClockworkMod recovery allows you to perform several advanced recovery, restoration, installation and maintenance operations on your Android device that aren’t possible with the stock recovery, and is one of the most common ways used to gain root access, back up device data, install a custom ROMs, kernels, themes, mods and more. However, for anyone new to Android customization and hacking, some of its options might prove to be a tad confusing. In what follows, we will cover all that this recovery is capable of doing, and how to do it.
About Android Recovery
All Android devices ship with a recovery console that is basically a partition on the device’s internal memory and can be booted into. The stock recovery of almost all Android devices provides a few basic yet handy options that allow you to factory reset your device and also to recover its operating system using an official ROM in zip format, but that’s all you can do with it. That’s where a custom recovery comes handy.
A custom Android recovery basically replaces the stock recovery with one that lets you do all you can do with the stock recovery, plus a plethora of more options to give you a lot more control on your device. With a custom recovery, you can install official and unofficial ROMs as well as other updates including apps, themes, kernels etc. using zip files, wipe not just user data but pretty much every partition on your device, mount the storage card for USB mass storage access without leaving recovery, partition your SD card, wipe Dalvik cache and battery stats, fix permissions, perform, manage and restore backups and so on.
Introduction To ClockworkMod
ClockworkMod recovery is one of the most widely used custom Android recoveries that is available for most mainstream Android devices. It is our custom recovery of choice here at AddictiveTips and almost every custom ROM that we install on our devices is done using this recovery.
ClockworkMod recovery has been developed by Koushik Dutta (also known as Koush) – the same guy who brought us the Android ROM Manager. He can be found at his blog hacking away at Android devices and at Twitter.
CWM options explained:
[REF] CWM - Clockworkmode menu options & Partitions– GENERAL KNOWLEDGE - xda-developers
---------------------------------------------------------------------------
What's Firmware?
Taken from: What is Firmware, Rom and Firmware Flashing ? - I Teach Android
What the heck is this firmware? Definition of firmware is permanent software programmed into a read-only memory
In Simple words, you can understand it like windows for pc , in case of android we are going to do same thing – installing firmware (Froyo,Gingerbread, ICS, Jelly Bean etc.) on your phone. All phones have their different firmwares and installing tools regard less to the Andriod version (Froyo,Gingerbred). So never think that we can install any firmware on any android phone like we do in PCs.
Wiki link for even more info: Firmware - Wikipedia, the free encyclopedia
---------------------------------------------------------------------------
What's Flashing?
Flashing refers to the overwriting of existing data on ROM modules present in an electronic device with new data. This can be done to upgrade a device or to change the provider of a service associated with the function of the device, such as changing from one mobile phone service provider to another or installing a new operating system.
In simple words flashing is called installing firmware on your phone.
---------------------------------------------------------------------------
What's Rooting?
Taken from: Rooting for Android: What, why and how? | Ubergizmo
WiKi link: https://en.wikipedia.org/wiki/Rooting_(Android_OS)
When carriers and manufacturers sell you your device, it is almost certain that the device would come with certain software restrictions in place. There are a variety of different reasons why they might do that – some claim that this is done to protect the user, preserve the device’s warranty (this policy will vary from manufacturer to manufacturer), prevent users from getting rid of carrier bloatware apps or simply because the manufacturer would prefer if your device was distinguishable from the competition based purely on its user interface (i.e. Samsung’s TouchWiz, HTC Sense UI, etc).
Whatever their reasoning may be, chances are if you are looking to customize your device on a deeper level, you’d be out of luck and this is where rooting comes into play.
Rooting is essentially a process that allows users of smartphones, tablets or other devices running on Android to gain “superuser” access to the software. This will allow the user to perform administrative tasks such as writing to locations normally restricted by the system which in turn will allow for deeper customization. For iOS users, rooting on Android devices could be thought of as a close equivalent to jailbreaking your device.
---------------------------------------------------------------------------
What are custom ROMs?
Taken from: Custom ROMs For Android Explained - Here Is Why You Want Them
A stock ROM is the version of the phone's operating system that comes with your phone when you buy it.
A custom ROM is a fully standalone version of the OS, including the kernel (which makes everything run), apps, services, etc - everything you need to operate the device, except it's customized by someone in some way.
So what does the "customized" part mean? Since Android is open source, developers are free to take stock ROMs, modify them, strip them of garbage, optimize them, add things, and pretty much do whatever their imagination and skills allow.
---------------------------------------------------------------------------
What is ADB?
Taken from: Android 201: What is adb? | Android Central
According to Google "Android Debug Bridge (adb) is a versatile tool lets you manage the state of an emulator instance or Android-powered device." That certainly sounds like Google, doesn't it? To put it simply, adb is two different applications -- one running on your computer (Windows, Linux or Mac) and one running on your phone. When your phone is connected, and USB debugging is enabled, you can issue commands and communicate with the phone using your computer screen and keyboard.
Your Android phone uses a modified Linux kernel and tools as a base. This means that quite a few Linux commands can be sent via the adb server (the one running on your computer) to the adb client (the one running on your phone) and they will be executed. In our example picture, I've sent the "top" command over the wire to my phone, and my phone sent me back the information and printed it to my terminal.
This can be awfully handy for debugging things that aren't going right, as well sending those weird commands you need when you're hacking away in the middle of the night. Chances are, if you aren't actively debugging something or trying to break hack at your phone, you won't have much use for adb. And that's OK -- there's more than one way to have fun with an Android device.
----------------------------------------------------------------------------
What's baseband?
Baseband is the Radio or Modem version depending upon the Phone Model, Carrier and Android Software Stack version. The Radio/Modem file is flashed via Recovery tool (other options are ADB/ODIN). The mismatched Radio/Modem and ROM will lead to things not working. You need to find the matching Radio/Modem for the particular ROM you are running.
The radio firmware controls basic low-level functions like network connectivity, Wi-Fi, and GPS. Upgrading Radio firmware will fix connectivity issues, increase range or performance, decrease battery usage, etc. Incorrec tRadio frimeware can disable some functions in your phone such as MMS, 3G Data, VM Notifications, etc. Network operators/carriers select the correct version of the Radio firmware that is suitable for the phone, network and bandwidth.
There is also Modem and Baseband Radio Processor chipsets in Mobile phones. Usually, Google, Phone Manufacturers and carriers develop various types of modem firmware/software that controls the functions of these chipsets.
Firmware is the overall version of the Android system on your phone. Baseband version is the version of the radio embedded in the device. Since Android is based on the Linux operating system, they show you the current version of the Kernel used in the heart of the system. The Build number is just an indicator of which numerical version of the current overall system was built by developers for your device.
You cannot update any of these from the official web site. Updates to the Android system are pushed to the phone over-the-air by the manufacturer or the cell phone carrier. The only other way to update or change an Android phone it to install custom modified ROMs in place of the existing system firmware. That usually requires rooting the phone and a fairly considerable knowledge of how to hack hardware.
----------------------------------------------------------------------------
What's Dalvik?
http://www.techopedia.com/definition/4262/dalvik
http://butterflydroid.wordpress.com/2011/09/22/what-is-dalvik-vm-heapsize-benefits-and-downfalls/
Dalvik is named after a fishing village in Iceland where ancestors of Dan Bornstein, the person who wrote the VM’s original code, lived. Dalvik is designed for fast execution speeds and operatation in resource-constrained environments like those in mobile devices (with limited memory, CPU and battery power). A Dalvik VM is designed to run multiple instances of itself with each instance hosted on its own separate process and running one application each. When one instance crashes, other concurrently running applications don’t suffer.
Although Android apps are written in Java, they are first compiled into the Dalvik Executable (DEX) format to make them run on the Dalvik VM. DEX files are generally smaller than compressed .JAR (Java Archive) files, making them suitable for mobile devices.
The main difference between Dalvik and a typical Java VM is that the former is register-based while the latter is stack-based. Register-based VMs require fewer instructions than their stack-based counterparts. Although the register-based VMs also require more code, they are generally considered to exhibit faster startups and have better performance than stack-based VMs.
The Dalvik source code license is based on the Apache license. That means, it is free to modify and hence attractive to mobile phone carriers.
What's init.d?
init.d is a folder located at /system/etc
To keep it simple, it allows the user to run scripts at system startup/ boot.
You can adjust many different things/settings with scripts. You can tweak system settings, prolong battery life etc.
To enable init.d and to get some scripts, go here: http://forum.xda-developers.com/showthread.php?t=1881401
----------------------------------------------------------------------------
Click to expand...
Click to collapse
Thanks, good info
teejbee said:
Thanks, good info
Click to expand...
Click to collapse
Strewth! Not only did you quote the ENTIRE OP post in order to reply with a 3 word thank you but 2 people actually thanked you for it. I might print that out and hang it on my wall. :laugh:
Hi, what does the "Allow bootloader unlock" (or similar) mean in advanced settings on s7 and some other devices? My phablet also has this option and I turned it on without any changes after typing oem unlock. With selfmade cwm I can root my phone, if its allowed to unlock or not.. is this setting only a placeholder or did someone get the real function? M a ybe this is important for nexus devices only, or not. I do not know.
Gesendet von meinem SM-G900F mit Tapatalk
Edit: sorry for asking in xperia forums.. used tapatalk and saw the title is matching my purposes.. did not see the xperia section, but my question you can answer, too. Sry
louiscar said:
Strewth! Not only did you quote the ENTIRE OP post in order to reply with a 3 word thank you but 2 people actually thanked you for it. I might print that out and hang it on my wall. :laugh:
Click to expand...
Click to collapse
hahahahahahaha :laugh:
Dear, Can I make a custom ROM for my Android TV that can use the TV remote and IR key?
I mean, after installing a custom ROM like Lineage OS, do the remote and inputs work properly?

Android root security considerations

hello,
sorry if this isn't the right place to ask this question, and please redirect me, this is a fairly huge site.
I know this question has been asked many times, but I didn't see a clear answer to it from security experts, or it is from several years ago and things might have changed.
My question is double:
first of all, nowadays, how does the process of rooting an android phone work (please detail if there are various alternatives) ? Does it rely on a security hole, or is it a kind of attack (such as physical access to the device) that is not part of the security perimeter of android ? In the first case, why is it that it's not fixed, as there are open bounties for the android system ? Note that I'm just talking about the android system itself (such as a Nexus Phone), with the latest patches.
Second related question: What would be the security risk of rooting an android phone ? If I am not mistaken, these could be grouped in at least two issues: the rooting process itself, and the aftermath.
a. Regarding the rooting process, is there any open source procedure (or at least closely reviewed) to root a nexus phone that could guarantee that there's no malware installed in the process ? (see also first question)
b. From what I understand, having a rooted android is no different than having a linux OS with a root account. Are there any (free, open source?) apps that can monitor (what commands have been launched, etc) and prevent apps from getting access to the root account without my agreement ? (so that it is linux OS where any account that requires root privileges must go through 'sudo' and ask the user to enter their password).
Please tell me if I'm asking in the wrong part of the site.

SU for Android on ChromeOS

This is a cross-post from a reddit thread I started, but this is probably a more appropriate location for it.
I have been trying to modify files in the system folder for the Android container on the Asus Flip so I can install SuperSu, but have run into some problems.
The system folder is contained in a squashfs image on the chromebook at /opt/google/containers/android/system.raw.img. Mounted squashfs images appear to not support read-write access. I have been able to unsquash the image, add the SuperSU apk to the /system/priv-app folder and su to the /system/xbin folder, and remake the image. This boots, but SuperSU force closes as soon as it starts.
To make tinkering easier, I've tried building a writable image using dd and mkfs. I placed it in a location that has rw access and modified the /etc/init/android-ureadahead.conf script which mounts it to enable rw access. Unfortunately though it won't boot. The boot logs for the android container show a litany of SELinux errors for different things that it could not set context, operation not permitted. I can post the exact log if necessary. Some googling led me to find that the SELinux security context attributes weren't being replicated in my image, so I tried mounting with context and fscontext options equal to the contexts from the original image, but I get the same problem.
If anyone has any ideas I'd be especially grateful.
lionclaw said:
This is a cross-post from a reddit thread I started, but this is probably a more appropriate location for it.
I have been trying to modify files in the system folder for the Android container on the Asus Flip so I can install SuperSu, but have run into some problems.
The system folder is contained in a squashfs image on the chromebook at /opt/google/containers/android/system.raw.img. Mounted squashfs images appear to not support read-write access. I have been able to unsquash the image, add the SuperSU apk to the /system/priv-app folder and su to the /system/xbin folder, and remake the image. This boots, but SuperSU force closes as soon as it starts.
To make tinkering easier, I've tried building a writable image using dd and mkfs. I placed it in a location that has rw access and modified the /etc/init/android-ureadahead.conf script which mounts it to enable rw access. Unfortunately though it won't boot. The boot logs for the android container show a litany of SELinux errors for different things that it could not set context, operation not permitted. I can post the exact log if necessary. Some googling led me to find that the SELinux security context attributes weren't being replicated in my image, so I tried mounting with context and fscontext options equal to the contexts from the original image, but I get the same problem.
If anyone has any ideas I'd be especially grateful.
Click to expand...
Click to collapse
Wayyyy out of my area of expertise, but here's my (completely novice) best guess.
>All Chromebooks are write-protected with a screw on the motherboard
>Putting a Chromebook in developer mode allows for some tinkering ie things like chroots, and on the asus flip, the ability to install apks from unknown sources.
>Unscrewing the write-protect screw allows for the ability to completely install a new operating system or dual boot setup.
>Maybe you need to do that before you're able to accomplish root access?
My other idea would be to try and figure out a way of doing a systemless root?
Also, total aside but since this is the only thread I've found on XDA about this device, I think chroots are theoretically possible now without the need to be in developer mode via Android apps (even without root on Android). Download the GIMP port from the Play Store to see what I'm talking about. Playing around with that for a few minutes really made me wish that it didn't use emulated mouse/keyboard in it's implementation. Also, it appears that apt-get is broken, but regardless it might interest someone out there looking for a project.
back from the dead, any progress on this?
I have been able to successfully root the Android image on my Asus Flip.
I built a blank image with dd in /usr/local, formatted it with mkfs, mounted it to a folder, mounted the original system.raw.img to a folder, copied the files across, placed *all* the SuperSU files listed as 'required' in the SuperSU update-binary in the relevant places in /system in my new image, set permissions & contexts for those files, edited arc-system-mount.conf and arc-ureadahead.conf to point to the new image and, finally, patched /etc/selinux/arc/policy/policy.30 with the SuperSU sepolicy patching tool in order to boot my rooted Android instance with selinux set to enforcing.
I have created a couple of scripts which more-or-less fully automate this procedure, which can be downloaded from nolirium.blogspot.com. Please feel free to download, open the scripts in a text editor to check them out, and try them out if you like. Only tested on Asus Flip, though.
I seem to be unable to post attachments at the moment so I will just add the descriptions here, I could probably post the entire scripts here too if anyone wants. Feel free to let me know what you think.
DESCRIPTIONS:
1-3.sh
Combines the first three scripts listed below.
01Makecontainer.sh
Creates an 900MB filesystem image in /usr/local/Android_Images, formats it, then copies Android system files therein.
02Editconf.sh
Modifies two system files: arc-system-mount.conf - changing the mount-as-read-only flag and replacing the Android system image location with a new location; and arc-ureadahead.conf - again replacing the Android system image location. Originals are renamed .old - copies of which are also placed in /usr/local/Backup.
03Androidroot.sh
Mounts the previously created Android filesystem image to a folder, and copies SuperSU files to the mounted image as specified in the SuperSU update-binary.
04SEpatch.sh
Copies an SELinux policy file found at /etc/selinux/arc/policy/policy.30 to the Downloads folder, opens an Android root shell for the SuperSU policy patching command to be entered, then copies the patched policy back to the original location. A copy of the original policy.30 is saved at /etc/selinux/arc/policy/policy.30.old and /usr/local/Backup/policy.30.old
Uninstall.sh
Removes the folder /usr/local/Android_Images and attempts to restore the modified system files arc-system-mount.conf and arc-ureadahead.conf.
ok so two questions, one do you think this would work on the Acer r13 convertable? and 2 where can I find the actual instructions/scripts
keithkaaos said:
ok so two questions, one do you think this would work on the Acer r13 convertable? and 2 where can I find the actual instructions/scripts
Click to expand...
Click to collapse
The R13 has a 64-bit Mediatek processor, right?
I have added a version for ARM64, but I haven't tested it.
You can find the instructions and scripts at nolirium.blogspot.com
ya, its a mediatek. and thanks ill go see if i can find it
---------- Post added at 03:31 AM ---------- Previous post was at 02:58 AM ----------
wow, ok. i can do this but im not sure i want to.. after reading the possible problems i may run into. Im going to be getting the G. Home in a couple weeks and i gotta keep things running smooth. This seems like going a tad too far then i need to. The other day i had action launcher going and it looked pretty damn good but i really want to try and get the action3.apk that i have put into the pri-app folder or whatever the chromebook uses i found the syst folder but cant access it. Im wondering if i make the machine writable it would work but im afraid of losing my updates, as long as i could do them manualy, i guess that would be cool. Also since im already going on... has anyone found a way to disable the dev boot screen without tinkering with the physical chromebook yet?
SuperSU on Chromebook
Hey there I love this post but unfortunately im on the mediatek (well not unfortunately cause i love it) but i do really want super su .. But i found this other post that i tried out but i am having a problem executing the scripts. When i go to run the first one, it says can not open "name of script" but the dev takes a pretty cool approach. Im still new to Chrome OS but thanks for the post and if you have any advice on executing scripts id love to hear it!! http://nolirium.blogspot.com/
I'm guessing the above post was moved from another thread...
Anyway, it turns out that zipping/unzipping the files in Chrome OS's file manager sets all the permissions to read-only. Apologies! sudo chmod+x *scriptname* should fix it...
Regarding OS updates, I actually haven't had a problem receiving auto-updates with software write-protect switched off; the main possible potential issue I could imagine arising from the procedure I outlined would involve restoring the original conf files if both sets of backups get deleted/overwritten. This seems unlikely, but in that case either manually editing the files to insert the original string (/opt/google/containers/android/system.raw.img), or doing a powerwash with forced update might be necessary in order to get the original Android container booting again.
I don't think anyone's found a way to shorten/disable the dev boot screen without removing the hardware write-protect screw - from what I've read, the flags are set in a part of the firmware which is essentially read-only unless the screw is removed. Perhaps at some point the Chrome OS devs will get fed up of reading reports from users whose relatives accidentally reset the device by pressing spacebar, and change the setup. Here's hoping.
Hey just jumpig in the thread right quick to see if these instructions are old or what-- got a chromebook pro and the notion of having to update a squashed filesystem every timeto install su seems like a pain..
Is there any kind of authoritative documentation/breakdown regarding what Chromeos is mounting where before I start breaking things? Also anyone happen to know if there's a write-protect screw anywhere in the chromebook plus/pro?
Other questions:
* adbd is running, but is not accessible from adb in the (linux) shell, which shows no devices. Do I need to access adb from another device (i'm short a usb c cable right now) or can I use adb (which is there!) on the chrome side to access adbd on the android side?
* Anyone know if adb via tcp/ip is available? Don't see it in the android settings.
Hey,
There's no real documentation AFAIK, the thing is that ARC++ is a bit of a moving target, as it's so actively being developed/reworked. For instance, with the method described earlier in the thread - it started off being possible to just swap out a file location in arc-ureadahead.conf, then they changed it to arc-setup-conf, and now, since a few CrOS versions ago, the rootfs squashfs image is mounted in a loop fashion via the /usr/sbin/arc-setup binary instead, making an overview of the setup somewhat opaque to the casual observer.
I was kind of hoping to implement a kind of hybrid systemless root style setup myself, but unfortunately I haven't really managed to find the time to sit down and fully figure out a few parts of the puzzle, in particular relating to minijail and working with namespaces. So, I'm still using the method mentioned in posts above for my rooting needs at the moment, the only significant changes being that at the moment I'm replacing /opt/google/containers.android.system.raw.img with a symlink to my writeable rooted rootfs img, and also that in recent CrOS versions the mount-as-read only and debuggable flags can be found in /etc/init/arc-setup-env ("Environment variables for /usr/sbin/arc-setup").
In general though, one can kind of get an idea of what's going on in the default setup by reading through the various /etc/init/arc-* Chrome OS upstart jobs (and their logs in /var/log). Though, like I say, things keep changing around somewhat with every CrOS update, as the implementation 'improves'. As time goes by, and the subsystem matures, it'll certainly be interesting to see what other approaches are possible relating to customizing Android on Chrome OS.
There should definitely be a write protect screw somewhere on the motherboard for the Samsungs, but so far I haven't come across any pics showing exactly which screw it is. So far, no-one seems to have been brave/foolhardy enough to fully tear down their own machine and locate the screw!
Regarding adb, on my device I found the following in arc-setup-env:
# The IPV4 address of the container.
export ARC_CONTAINER_IPV4_ADDRESS=100.115.92.2/30
adb 100.115.92.2 (in Chrome OS's shell) works fine for me, the authorisation checkbox pops up and then good to go. su works fine through adb as expected. There's also a useful little nsenter script in Chrome OS to get into the android shell; /usr/sbin/android-sh, which I've been using in my script to help patch SE linux.
I actually just updated my rooting scripts recently to support 7.1.1, though I've only tested on my own Armv7 device (Flip C100).
I'll attach them to this post in case anyone wants to take a look. There's a readme in the zip, some more details can also be found here and below
EDIT: Fixed the SE Linux issue occurring with the previous version I uploaded (it was launching daemonsu from u:r:init:s0 instead of u:r:supersu:s0).
Anyone considering giving them a spin should bear in mind that the method does involve creating a fairly large file on the device as a rooted copy of the android rootfs. (1GB for arm, 1.4GB for Intel). There's a readme in the zip but the other couple of important points are that:
a) The SuperSU 2.82 SR1 zip also needs to be downloaded and extracted to ~/Downloads on the Chromebook.
b) Rootfs verification needs to be off. The command to force this is:
Code:
sudo /usr/share/vboot/bin/make_dev_ssd.sh --remove_rootfs_verification --force --partitions $(( $(rootdev -s | sed -r 's/.*(.)$/\1/') - 1))
or the regular command to do it is:
Code:
sudo /usr/share/vboot/bin/make_dev_ssd.sh --remove_rootfs_verification
c) If, subsequent to running the scripts, there's a problem loading Android apps (e.g. after a powerwash or failed install), the command to restore the original rootfs image is:
Code:
sudo mv /opt/google/containers/android/system.raw.img.bk /opt/google/containers/android/system.raw.img
Hey this is a great response.. thanks!
Nolirum said:
Hey,
There's no real documentation AFAIK, the thing is that ARC++ is a bit of a moving target, as it's so actively being developed/reworked. For instance, with the method described earlier in the thread - it started off being possible to just swap out a file location in arc-ureadahead.conf, then they changed it to arc-setup-conf, and now, since a few CrOS versions ago, the rootfs squashfs image is mounted in a loop fashion via the /usr/sbin/arc-setup binary instead, making an overview of the setup somewhat opaque to the casual observer.
Click to expand...
Click to collapse
verity
Yeah playing with it now, I'm looking at these /etc/init/arc-*-conf files... I see that the /dev/loop# files are being set up... (more below)
Nolirum said:
I was kind of hoping to implement a kind of hybrid systemless root style setup myself, but unfortunately I haven't really managed to find the time to sit down and fully figure out a few parts of the puzzle, in particular relating to minijail and working with namespaces. So, I'm still using the method mentioned in posts above for my rooting needs at the moment, the only significant changes being that at the moment I'm replacing /opt/google/containers.android.system.raw.img with a symlink to my writeable rooted rootfs img, and also that in recent CrOS versions the mount-as-read only and debuggable flags can be found in /etc/init/arc-setup-env ("Environment variables for /usr/sbin/arc-setup").
Click to expand...
Click to collapse
Sorry not sure what you mean by "hybrid systemless root style setup"? I take it you're modifying the startup script and replaced the squashfs file in /opt... my concern about doing it was whether they were implementing some kind of dm-verity equivalent to the squashfs file to make sure it hasn't been tampered with (say, by adding /sbin/su or whatever) or whether it's safe to replace that file.. Sounds like you're saying it is? (update: I guess that's what rootfs verification does, and we can turn it off....)
Also you mean arc-setup.conf:
env ANDROID_DEBUGGABLE = 0
right?
Nolirum said:
In general though, one can kind of get an idea of what's going on in the default setup by reading through the various /etc/init/arc-* Chrome OS upstart jobs (and their logs in /var/log). Though, like I say, things keep changing around somewhat with every CrOS update, as the implementation 'improves'. As time goes by, and the subsystem matures, it'll certainly be interesting to see what other approaches are possible relating to customizing Android on Chrome OS.
Click to expand...
Click to collapse
I hadn't realized the boot was still in flux-- I'd have figured they'd worked that out by now...
Nolirum said:
There should definitely be a write protect screw somewhere on the motherboard for the Samsungs, but so far I haven't come across any pics showing exactly which screw it is. So far, no-one seems to have been brave/foolhardy enough to fully tear down their own machine and locate the screw!
Click to expand...
Click to collapse
Heh.. not gonna be me..
Nolirum said:
Regarding adb, on my device I found the following in arc-setup-env:
# The IPV4 address of the container.
export ARC_CONTAINER_IPV4_ADDRESS=100.115.92.2/30
adb 100.115.92.2 (in Chrome OS's shell) works fine for me, the authorisation checkbox pops up and then good to go. su works fine through adb as expected. There's also a useful little nsenter script in Chrome OS to get into the android shell; /usr/sbin/android-sh, which I've been using in my script to help patch SE linux.
Click to expand...
Click to collapse
Cool-- adb connect 100.115.92.2 does indeed work I was gonna use netcat to open port 5555 in chromeos and pipe it through, but looks like nc isn't here and I'm not yet ready to start changing the FS..though probably will be soon... btw any idea which partitions get overwritten when chrome it does it's updates? Will /root and /etc get overwritten, for example... would a "powerwash" overwrite it or can you get easily get into an unbootable state on these things?
It's also kind of strange that adb is listening to port 30 at that (internal?) bridge address by default witho no UI to turn it off.. and it's inaccessible from outside.. i wonder if there's an easy way to change the bridge to share the same IP as the actual interface...
Final thought-- I'd love to build that system image myself soup-to-nuts, but I can't find any "caroline" device tree set up... do you or anyone else happen to know if there's a standalone AOSP device tree for the chromebooks? It would be cool to have a mashup AOSP/lineageos if such a think could be possible-- I'm guessing chromiumos is just taking the android tree, building it and then adding it into their build... I Haven't build chromiumos for many years now so I can't even begin to imagine how this android build integrates with the whole emerge thing they had going.. but I bet it takes a while
Nolirum said:
I actually just updated my rooting scripts recently to support 7.1.1, though I've only tested on my own Armv7 device (Flip C100).
Click to expand...
Click to collapse
Cool I'll take a look at these scripts.
So I haven't yet run the scripts-- just looking through them-- I noticed the section starting:
if [ -e /etc/init/arc-setup-env ]; then
echo "Copying /etc/init/arc-setup-env to /usr/local/Backup"
This doesn't exist on the x86 CB Pro. There's an arc-setup.conf that sets up the environment variables though. It sets WRITABLE_MOUNT to 0, but then so does arc-system-mount.conf
Not sure if these are different between x86 and ARM or if it's just in the latest update.. but figured I'd let you know. Wanna throw thse scripts up on github somewhere? (Or I can do it) and we can maybe look at keeping them up to date and/or standardizing them? It wouldn't be hard to determine if it's running on ARM or x86_64 (uname -i for example)..
fattire said:
So I haven't yet run the scripts-- just looking through them-- I noticed the section starting:
if [ -e /etc/init/arc-setup-env ]; then
echo "Copying /etc/init/arc-setup-env to /usr/local/Backup"
This doesn't exist on the x86 CB Pro. There's an arc-setup.conf that sets up the environment variables though. It sets WRITABLE_MOUNT to 0, but then so does arc-system-mount.conf
Not sure if these are different between x86 and ARM or if it's just in the latest update.. but figured I'd let you know. Wanna throw thse scripts up on github somewhere? (Or I can do it) and we can maybe look at keeping them up to date and/or standardizing them? It wouldn't be hard to determine if it's running on ARM or x86_64 (uname -i for example)..
Click to expand...
Click to collapse
Oh, the arc-setup-env thing is intentional. There does appear to be another issue with the x86 version though. I've written up a detailed response to your previous post; it's in a text file at the moment so I'll copy it over and format it for posting here with quotes etc now - should only take a few minutes. Yeah, sticking them on github might be a good idea; I've been meaning to create an account over there anyway.
Yeah, so... Regarding the scripts, since I've put them up here for people to download - I should mention that the first person to test them (aside from me) has reported that something's not working right (I'm waiting for confirmation but I think he tried out the x86 version). It's likely either an error on my part when copying across from my Arm version, or perhaps something not working right with conditionals, meant to deal with the various OS versions ('if; then' statements, I mean). Once I find out more, I'll edit my earlier post...
fattire said:
Sorry not sure what you mean by "hybrid systemless root style setup"? I take it you're modifying the startup script and replaced the squashfs file in /opt... my concern about doing it was whether they were implementing some kind of dm-verity equivalent to the squashfs file to make sure it hasn't been tampered with (say, by adding /sbin/su or whatever) or whether it's safe to replace that file.. Sounds like you're saying it is?
Click to expand...
Click to collapse
Oh, sorry for being a bit vague - I just mean perhaps implementing a kind of systemless root à la Magisk/SuperSU (from what I understand of how these work) - avoiding the need to actually replace files in /system. Since I'm mainly just using su for the privileges rather than actually wanting to write to /system, I had the idea that perhaps a sort of overlay on e.g. xbin and a few other locations, rather than actually rebuilding the whole of /system, might be an interesting approach....
Yep, I've been replacing /opt/google/containers/android/system.raw.img with a symlink to my modified image lately. Works fine... I think they've been focused on just getting the apps working properly, maybe something like dm-verity is still to come.
Although, one of the cool things with Chromebooks IMO is that once the Developer Mode (virtual) switch has been flipped, the system's pretty open to being hacked around with. I think a large part of the much-trumpeted "security" of the system is thanks to the regular mode/Dev mode feature, once in Dev Mode with verified boot disabled on the rootfs, we can pretty much do what we want (I like the message that comes up in the shell when entering the first command I posted under the spoiler - it literally says "YOU ARE ON YOUR OWN!").
So yeah, with Dev Mode switched off, verified boot switched on, we can't even get into the shell (just the walled-off 'crosh' prompt), making the system indeed rather secure (but, for some of us, rather limited).
fattire said:
Also you mean arc-setup.conf:
env ANDROID_DEBUGGABLE = 0
right?
Click to expand...
Click to collapse
That's what I mean by a moving target, lol. On my device the Canary channel is at Chrome OS version 61; I think they started to move out some ARC++ (the acronym stands for Android Runtime on Chrome, version 2, if anyone's wondering, btw) environment variables to a separate file in version 60, or maybe 61. Problems with being on the more 'bleeding edge' channels include:
#Sometimes stuff gets broken as they commit experimental changes.
#Any updates sometimes overwrite rootfs customizations; the higher the channel - the more frequent the updates occur.
#Some of the stuff that gets updated, may later get reverted.
And so on...
fattire said:
I hadn't realized the boot was still in flux-- I'd have figured they'd worked that out by now...
Click to expand...
Click to collapse
Yeah you'd think so. Honestly, the more I use CrOS the more it seems like a (very polished) work-in-progress to me. Though, I guess most modern OSs are also works-in-progress though. (I don't mean the former statement in a critical way; I'm very happy that new features keep getting added to the OS - Android app support being a perfect case in point, that was a lovely surprise, greatly extending the functionality of my Chromebook).
fattire said:
Cool-- adb connect 100.115.92.2 does indeed work I was gonna use netcat to open port 5555 in chromeos and pipe it through, but looks like nc isn't here and I'm not yet ready to start changing the FS..though probably will be soon...
Click to expand...
Click to collapse
Netcat's not there but socat, which I haven't any experience with but have seen described as a "more advanced version of netcat", is listed in /etc/portage/make.profile/package.installable, meaning that adding it to CrOS is supported, and as simple as:
Code:
sudo su -
dev_install #(sets up portage in /usr/local)
emerge socat
I tried socat out and it seems to work, might be interesting to play around with.
fattire said:
btw any idea which partitions get overwritten when chrome it does it's updates? Will /root and /etc get overwritten, for example...
Click to expand...
Click to collapse
Theres a question. I forget some of the exact details now (gleaned from browsing the developer mailing lists and the documentation on chromium.org), but from what I do remember and my experiences tinkering, I can say:
The auto-update model uses kernel/rootfs pairs, e.g. at the moment my device is booting from partition 2 (KERN-A) with the rootfs being partition 3 (ROOTFS-B). My understanding is that with the next OS update pushed to my device, CrOS will download the deltas of the files to be changed, and apply the changes to partitions 4 and 5 (KERN-B and ROOTS-B), setting new kernel GPT flags (priority=, tries=, successful=), which will, post-reboot, let the BIOS know that 4 and 5 will form the new working kernel/rootfs pair. Then the following update will do the same, but with partitions 2 and 3, and so on and so forth, alternating pairs each time. It's a pretty nifty system, and I think something similar might be happening with new Android devices from version O onward (?).
So partitions 2,3,4,5 are fair game for being overwritten (from the perspective of the CrOS updater program). Partition 1, the 'stateful partition') is a bit special, in addition to a big old encrypted file containing all of the userdata (/home/chronos/ dir?), it also has some extra dirs which get overlaid on the rootfs at boot. If you have a look in /mnt/stateful/, there should also be a dir called 'dev_image', which (on a device in Dev mode) gets mounted up over /usr/local/ at boot. As I mentioned above, if you do
Code:
sudo su -
dev_install
you can then emerge anything listed in /etc/portage/make.profile/package.installable (not a great deal of stuff admittedly, compared to Gentoo), which gets installed to subdirs in /usr/local/. So I think stuff in partition 1; /mnt/stateful/, should be safe from being overwritten with an OS update. I think crouton chroots get put there by default.
Most of the other partitions don't really get used, and shouldn't get touched by the updater, here's a design doc on the disk format, and here's a Reddit post (from a Google/Chromium employee) mentioning dual booting from partitions 6 and 7.
fattire said:
would a "powerwash" overwrite it or can you get easily get into an unbootable state on these things?
Click to expand...
Click to collapse
It's not too hard to mess up the system and get it into an unbootable state, lol. The "powerwash" just seems to remove user data, mainly. If you change up (the contents of) some files in /etc, or /opt, for example, then powerwash, normally they won't get restored to their original state (unless you also change release channel).
But, as long as the write-protect screw's not been removed and the original BIOS overwritten, it's always possible to make a recovery USB in Chrome's Recovery Utility on another device, and then restore the entire disk image fresh (this does overwrite all partitions). Another thing that I did was make a usb to boot into Kali; I was experimenting with the cgpt flags on my internal drive and got it into an unbootable state, but was still able to boot into Kali with Ctrl+U, and restore the flags manually from there. (To successfully boot from USB, it was essential to have previously run the enable_dev_usb_boot or crossystem dev_boot_usb=1 command in CrOS). I understand also that the BIOS type varies with device release date and CPU architecture, and that Intel devices may have some extra potential BIOS options ('legacy boot').
fattire said:
It's also kind of strange that adb is listening to port 30 at that (internal?) bridge address by default with no UI to turn it off.. and it's inaccessible from outside.. i wonder if there's an easy way to change the bridge to share the same IP as the actual interface...
Click to expand...
Click to collapse
I think I saw something related to this on the bug tracker. If I come across any info, I'll let you know...
fattire said:
Final thought-- I'd love to build that system image myself soup-to-nuts, but I can't find any "caroline" device tree set up... do you or anyone else happen to know if there's a standalone AOSP device tree for the chromebooks? It would be cool to have a mashup AOSP/lineageos if such a think could be possible-- I'm guessing chromiumos is just taking the android tree, building it and then adding it into their build... I Haven't build chromiumos for many years now so I can't even begin to imagine how this android build integrates with the whole emerge thing they had going.. but I bet it takes a while
Click to expand...
Click to collapse
Yeah, I haven't built Chromium OS or anything, but apparently, there's an option to create a 'private' overlay for the build, which doesn't get synced with the public stuff.
I think that the higher-ups at Google might be still umming and ahing as to whether or not to make source code available for the Android container, it's certainly not been made public yet. Actually, I remember seeing a Reddit post from a Google/Chromium employee mentioning this.
"That article is a little misleading in terms of open source. While the wayland-server and services that communicate with the ARC++ container are open source, the actual ARC++ container is not."
Perhaps they're waiting to see how similar implementations of Android within a larger Linux setup (e.g. Anbox) fare.
There doesn't seem to be too much that differs from AOSP in the ARC++ container - a few binaries and bits and pieces linking the hardware to the container (e.g. the camera etc), maybe some stuff related to running in a container with the graphics being piped out to Wayland?, and so on.
Oh, I was searching the bug tracker for something else, and just saw this (quoted below). Looks like it might be possible to run AOSP based images on CrOS soon!
arc: Implement android settings link for AOSP image
Reported by [email protected], Today (72 minutes ago)
Status: Started
Pri: 1
Type: Bug
M-60
When ARC started without the Play Store support there is no way for user to activate Android settings. We need implement corresponded section that has
Title: Android settings:
Link: Manage android preferences:
Inner bug: b/62945384
Click to expand...
Click to collapse
Great response! I read it once and I'll read it again in more detail then will probably have questions For whatever it may be worth, my only experience with chromiumos was building the whole thing maybe 4 years ago for my original 2011 Samsung "snow" Chromebook-- and making a bootable USB (or was it an SDcard?) to run it on (with a modified firmware that did... something I can't remember.. i think it was basically a stripped down uboot and I remember adding a simple menu or something-- I think I was trying to bypass that white startupscreen or something..). However, after doing this a few times to play with it, I realized that Chromiumos without the Chrome goodies kinda sucks and I promptly forgot everything and went back to stock.
I did have it re-partitioned to run linux as a dual boot from the SD slot or something-- I remember using that cgpt thing to select the different boot modes and vaguely recall the way it would A/B the updates (which "O" is now doing)... but anyhoo I was using the armhf ubuntu releases with the native kernel and ran into all kinds of sound issues and framebuffer only was a little crappy so...
I'm gonna re-read in more detail soon and I'm sure I'll have questions-- one of which will be-- assuming that most stuff is the same on x86 vs arm, why are there two scripts? How do they differ?
ol. On my device the Canary channel is at Chrome OS version 61; I think they started to move out some ARC++ (the acronym stands for Android Runtime on Chrome, version 2, if anyone's wondering, btw) environment variables to a separate file in version 60, or maybe 61.
Click to expand...
Click to collapse
This is the -env file I'm missing, I presume?
I think that the higher-ups at Google might be still umming and ahing as to whether or not to make source code available for the Android container, it's certainly not been made public yet. Actually, I remember seeing a Reddit post from a Google/Chromium employee mentioning this.
Click to expand...
Click to collapse
It looks from the response that the gapps portion might be what's in question-- just like ChromiumOS vs Chrome has all the proprietary bits taken out?
Here's what I'd ideally like to see:
* Rooted Android, with a toggle switch to hide su in settings a la lineage (requires a kernel patch something like this one) + settings changes from lineageos
* adb access from outside the device-- critical for quickly testing apks from android studio w/o a cable. Basically put the chromebook in a "device mode" where adb is passed through... I'm going to see if I can pipe adb through with socat as you suggest...
* what else... I dunno watch this space.
An update from a couple of guys that have tested out the scripts on Intel: It seems to be that while they are able to launch daemonsu manually (with daemonsu --auto-daemon), it apparently does not seem to be getting launched at boot.
I am waiting for some more information on this. Previously, for Marshmallow, the script was setting up the app_process hijack method in order to to launch daemonsu at boot; to support Nougat I changed it to instead create an .rc file with a service for daemonsu, and add a line to init.rc importing it. This works for me, and from what I can gather, it copied/created all files successfully on the testers devices, too, so I'm not sure at this point what the issue is there.
Edit: Fixed the issue. I updated my previous post with further details.
fattire said:
I realized that Chromiumos without the Chrome goodies kinda sucks and I promptly forgot everything and went back to stock.
Click to expand...
Click to collapse
lol yeah. True, that.
fattire said:
...assuming that most stuff is the same on x86 vs arm, why are there two scripts? How do they differ?
Click to expand...
Click to collapse
It's literally just two things that differ: the few lines where we copy the su binary over e.g.
/x86/su.pie → /system/xbin/su, daemonsu, sugote
vs
/armv7/su → /system/xbin/su, daemonsu, sugote
...and also the size of the created container. The x86 container is about 30 percent larger than the Arm one.
I had a little look at how to determine the CPU architecture programmatically on Chrome OS a while back, but couldn't seem to find a reliable way of doing this, at least not without maybe getting a bunch of people with different CrOS devices to run something like, as you mentioned, uname -i (which returns 'Rockchip' on my device, uname -m (which returns 'armv7'), or such similar, and collating the results. It was just easier to do separate versions for x86/arm, rather than introduce more conditionals (with potential for errors). I'm certainly not averse to adding a check for $ARCH, and thus standardizing the script, as long as it's reliable.
fattire said:
This is the -env file I'm missing, I presume?
Click to expand...
Click to collapse
Yep! It's just the same few envs as in the .confs, moved into a new file. I'm fairly confident that the script's conditionals deals with them OK.
fattire said:
It looks from the response that the gapps portion might be what's in question-- just like ChromiumOS vs Chrome has all the proprietary bits taken out?
Click to expand...
Click to collapse
Yeah, although the respondant there perhaps doesn't seem to realise that he's talking to a Google/Chromium dev, the way he responds. Not that that makes anything he says in his post is necessarily less valid, though.
fattire said:
Here's what I'd ideally like to see:
* Rooted Android, with a toggle switch to hide su in settings a la lineage (requires a kernel patch something like this one) + settings changes from lineageos
* adb access from outside the device-- critical for quickly testing apks from android studio w/o a cable. Basically put the chromebook in a "device mode" where adb is passed through... I'm going to see if I can pipe adb through with socat as you suggest...
Click to expand...
Click to collapse
Interesting... I agree, those would both be useful additions to the functionality of ARC++...
Quick question-- has Samsung provided the source for the GPL components (including the kernel, obviously)? I looked here but didn't see anything...? Previously the kernel was included along with the chromium source and there was like a kernel and kernel-next repository.. but this was like five years ago. I think the codename for the samsung chromebook pro is called caroline... let me quickly see if I can find a defconfig in the chromium source...
Back.. nothing here in the chromeos-4.4 branch. Nothing here either in the master branch. Maybe I'm looking in the wrong branches-- master is probably mainline kernel. Also the directories.. it took me five minutes to realize it wasn't going to be in arch/arm - force of habit I guess. I'll keep looking unless anyone knows. This "chromium-container-vm-x86" one seems to have dm_verity as an unused option. Ah, this is looking promising.
...and... here!
So it would seem that this would be built as part of the chromiumos build system, which seemed to be half gentoo five years ago building out of a chroot and was kind of a pain to set up... still, I'm guessing that since it's got that weird script to make the defconfig, what you could do is use google's chromiumos build script to make the kernel image (with whatever changes you want), then, assuming that it doesn't care if you replace the kernel, just throw it over the right Kernel A/B partition and see if it boots and starts up chromeos... it's weird cuz the kernel has to do double-duty for chromeos and android.. but I bet you can just replace it and it would work fine...
I had a cursory go at building a couple of kernel modules for my Flip C100 a while back - I didn't get too far though, lol. People do seem to have had success building their own kernels and running them with Chrome OS though, as with most things I suppose it's just how much time/effort you're willing to put in.
I think I used this and maybe this, from the crouton project to guide me.
From what I remember, I just got fed up of all the arcane errors/config choices. I remember that even though I'd imported my current device config from modprobe configs, there were then such an incredibly long string of hoops/config choices to have to go through one by one, to then be confronted with various errors (different every time ISTR) that I think I just thought "screw this". I think there were some other issue with the Ubuntu version I was using at the time as well. I know that sort of stuff's kind of par for the course with kernel compilation, but I was mainly only doing it so I could edit xpad in order to get my joypad working, in the end I found a different solution.
It shouldn't be too much hassle though, in theory I guess.... Oh, also, in order to get a freshly built kernel booting up with the CrOS rootfs, in addition to the gpt flags, I think you might have to sign it, too? (just with the devkeys & vbutil_kernel tool provided on the rootfs), some info here, and here.
From what I remember, the build system would do whatever key signing was necessary.... although I do now remember you're right there was some manual step when I was building the kernel, but I can't remember if that's because of MY changes or that was just part of the build process.
I I just dug out the old VM (Xubuntu) I was using to build and, well, let's just say I'll be doing a LOT of ubuntu updates before I can even realistically look at this. I do kinda recall setting up the environment was a huge pain so I'm going to see if I can just update the 5 year old source, target the pro and just build the kernel image and see what pops out the other end. At least I won't have to deal with the cross compiler, though I think it should hopefully take care of that itself.
Interesting to see that those crouton projects have emerged (no pun intended) so I'll check them out too while ubuntu updates itself
Thanks for the github links.. I'm going to go read that wiki.
Update: Looked at it-- funny they just stripped out the chromeos-specific parts they needed rather than emerge everything which is smart. My only question is now that Android is involved, there's that script I linked to earlier that seems to say "if you want Android support you'll need these bits too"-- wonder if the same config scripts apply, and if there are any other device tree considerations as well...
I may play a bit and see how smoothly it goes.. Unfortunately I don't have unlimited time either :/
Also, please do let me know if you put the scripts on github and I can send you pull requests if I come up with anything.
Update: Finally updated like 3 major versions of ubuntu... the "depot_tools" repo had its last commit in 2013, so I updated that. Wow, this is so much clearer than previous docs... it looks like something called gclient is used now, which I configured with:
gclient config --spec 'solutions = [
{
"url": "https://chromium.googlesource.com/chromium/src.git",
"managed": False,
"name": "src",
"deps_file": ".DEPS.git",
"custom_deps": {},
},
]
'
that let me do gclient sync --nohooks --no-history ...which i think is updating the ancient source. I probably should have just started over, but anyway... we'll see what happens.
Update again: After updating with this new gclinet tool, it appears that the old repo sync method is still required as described here. That hasn't changed after all, so now I'm going to go through this old method, which will probably completely overwhelm my storage as it's downloading with history.. but anyway, in case anyone is trying this-- looks like the whole chroot/repo sync thing may still be how it's done... the /src directory described above may only be for building just the browser, not the whole OS...
...and here it is. I will have zero room to actually build anything tho, but hey.
* [new branch] release-R58-9334.B-caroline-chromeos-3.18 -> cros/release-R58-9334.B-caroline-chromeos-3.18
Note to self: use cros_sdk --enter to actually get in the chroot. Then:
~/trunk/src/scripts $ ./setup_board --board=caroline
to set up the build for caroline. Then to build:
./build_packages --board=caroline --nowithdebug
Useful links:
* Building ChromiumOS
* [URL="http://www.chromium.org/chromium-os/how-tos-and-troubleshooting/portage-build-faq"]eBuild FAQ
[/URL]

Apps that work on phone but not Android box

I came across this issue 3 or 4 years ago. I searched internet and there were some discussions saying that there is a file (or profile) in Android that contains info on the type of device it is running on. The reason for the Apps not running was because the software (OS or Apps) detected that it is not on the right device. One circumvention is to modify the file (or profile) on the Android box to fool the software that it is running on the right device (e.g. a phone). This kind of modification require root access. At that time, I did not have any spare device to risk with. I did not write down the details. Now I have a spare android box and like to revisit the problem. But I am not able to find the info anymore. I hope my memory is correct. I am not sure if this is still true with the current Android version. If anyone has seen this before, can you kindly point me to the right direction.
There are some protections in app like RootBeer or PiracyChecker that check few things that crash certain apps on rooted phones and android emulators.
Check examples: is there superuser.apk, is there /system/bin access, is there SU binary or magisksu, is there Android_x86/Android_x64/MoboGenie/Droid4X in signature in build.prop, or hacking apps like AC Market, Black market, Lucky patcher etc.

Categories

Resources