nehemiah-zb/lineage_patches_unified
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
lineage_patches_unified/patches_treble/device_phh_treble/0007-treble-Remove-Securize-1-2.patch
Andy CrossGate Yan bcc6abe459 Changes for July 2024, syncing up to 20240721
2024-07-21 17:19:43 +08:00

167 lines
5.8 KiB
Diff
Raw Permalink Blame History

From 6049d780bfdddc2d11a0b3f1bca6b6de6a761ed5 Mon Sep 17 00:00:00 2001
From: Andy CrossGate Yan <GeForce8800Ultra@gmail.com>
Date: Mon, 15 Jul 2024 22:30:54 +0800
Subject: [PATCH 7/7] treble: Remove Securize (1/2)
Leave this Play Integrity mess to the professionals
Change-Id: Ic4ef0512d8b555b85e7497464a07913101fcc819
---
base.mk | 1 -
files/ota.sh | 3 ---
phh-securize.sh | 38 -----------------------------
rw-system.sh | 63 ++++++-------------------------------------------
4 files changed, 7 insertions(+), 98 deletions(-)
delete mode 100644 phh-securize.sh
diff --git a/base.mk b/base.mk
index 1c2fe3d..dea8d2d 100644
--- a/base.mk
+++ b/base.mk
@@ -178,7 +178,6 @@ PRODUCT_PACKAGES += \
resetprop_phh
PRODUCT_COPY_FILES += \
- device/phh/treble/phh-securize.sh:system/bin/phh-securize.sh \
device/phh/treble/files/ota.sh:system/bin/ota.sh \
PRODUCT_COPY_FILES += \
diff --git a/files/ota.sh b/files/ota.sh
index a43ce81..78fea95 100644
--- a/files/ota.sh
+++ b/files/ota.sh
@@ -8,9 +8,6 @@ if ! [ "$(getprop ro.boot.dynamic_partitions)" = true ];then
fi
flavor=$(getprop ro.product.product.name)
-if [ -f /system/phh/secure ];then
- flavor=${flavor}-secure
-fi
nextVersion=$(curl --silent -L https://raw.githubusercontent.com/phhusson/treble_experimentations/master/ota/squeak/$flavor/date)
if [ -z "$nextVersion" ];then
echo "Couldn't find any OTA for $flavor"
diff --git a/phh-securize.sh b/phh-securize.sh
deleted file mode 100644
index 80b46d7..0000000
--- a/phh-securize.sh
+++ /dev/null
@@ -1,38 +0,0 @@
-#!/system/bin/sh
-
-if [ -e /system/bin/magisk ]
-then
- # remove bind-mount of phh-su overriding /system/bin/su -> ./magisk
- umount -l /system/bin/magisk
- # we need to modify the real system partition
- MAGISK_MIRROR="$(magisk --path)/.magisk/mirror"
- SYSTEM=$MAGISK_MIRROR/system
- MOUNTPOINT_LIST="$MAGISK_MIRROR/system_root $MAGISK_MIRROR/system"
-else
- SYSTEM=/system
- MOUNTPOINT_LIST="/system /"
-fi
-
-# remove bind-mount of phh-su (preventing $SYSTEM/xbin/su to be removed)
-umount -l /system/xbin/su
-
-for MOUNTPOINT in $MOUNTPOINT_LIST
-do
- [ -d $MOUNTPOINT ] && mountpoint -q $MOUNTPOINT && break
-done
-
-mount -o remount,rw $MOUNTPOINT
-remount
-
-touch $SYSTEM/phh/secure
-rm $SYSTEM/xbin/su
-rm $SYSTEM/bin/phh-su
-rm $SYSTEM/etc/init/su.rc
-rm $SYSTEM/bin/phh-securize.sh
-rm -Rf $SYSTEM/{app,priv-app}/me.phh.superuser/
-rm -Rf /data/su || true
-mount -o remount,ro $MOUNTPOINT
-sync
-mkdir /metadata/phh
-touch /metadata/phh/secure
-reboot
diff --git a/rw-system.sh b/rw-system.sh
index 3ddfdda..7546fae 100644
--- a/rw-system.sh
+++ b/rw-system.sh
@@ -779,65 +779,16 @@ copyprop() {
resetprop_phh "$1" "$(getprop "$2")"
fi
}
-if [ -f /system/phh/secure ] || [ -f /metadata/phh/secure ];then
- copyprop ro.build.device ro.vendor.build.device
- copyprop ro.system.build.fingerprint ro.vendor.build.fingerprint
- copyprop ro.bootimage.build.fingerprint ro.vendor.build.fingerprint
- copyprop ro.build.fingerprint ro.vendor.build.fingerprint
- copyprop ro.build.device ro.vendor.product.device
- copyprop ro.product.system.device ro.vendor.product.device
- copyprop ro.product.device ro.vendor.product.device
- copyprop ro.product.system.device ro.product.vendor.device
- copyprop ro.product.device ro.product.vendor.device
- copyprop ro.product.system.name ro.vendor.product.name
- copyprop ro.product.name ro.vendor.product.name
- copyprop ro.product.system.name ro.product.vendor.device
- copyprop ro.product.name ro.product.vendor.device
- copyprop ro.system.product.brand ro.vendor.product.brand
- copyprop ro.product.brand ro.vendor.product.brand
- copyprop ro.product.system.model ro.vendor.product.model
- copyprop ro.product.model ro.vendor.product.model
- copyprop ro.product.system.model ro.product.vendor.model
- copyprop ro.product.model ro.product.vendor.model
- copyprop ro.build.product ro.vendor.product.model
- copyprop ro.build.product ro.product.vendor.model
- copyprop ro.system.product.manufacturer ro.vendor.product.manufacturer
- copyprop ro.product.manufacturer ro.vendor.product.manufacturer
- copyprop ro.system.product.manufacturer ro.product.vendor.manufacturer
- copyprop ro.product.manufacturer ro.product.vendor.manufacturer
- (getprop ro.vendor.build.security_patch; getprop ro.keymaster.xxx.security_patch) |sort |tail -n 1 |while read v;do
- [ -n "$v" ] && resetprop_phh ro.build.version.security_patch "$v"
- done
- resetprop_phh ro.build.tags release-keys
- resetprop_phh ro.boot.vbmeta.device_state locked
- resetprop_phh ro.boot.verifiedbootstate green
- resetprop_phh ro.boot.flash.locked 1
- resetprop_phh ro.boot.veritymode enforcing
- resetprop_phh ro.boot.warranty_bit 0
- resetprop_phh ro.warranty_bit 0
- resetprop_phh ro.debuggable 0
- resetprop_phh ro.secure 1
- resetprop_phh ro.build.type user
- resetprop_phh --delete ro.build.selinux
-
- resetprop_phh ro.adb.secure 1
-
- # Hide system/xbin/su
- mount /mnt/phh/empty_dir /system/xbin
- mount /mnt/phh/empty_dir /system/app/me.phh.superuser
- mount /system/phh/empty /system/xbin/phh-su
-else
- mkdir /mnt/phh/xbin
- chmod 0755 /mnt/phh/xbin
- chcon u:object_r:system_file:s0 /mnt/phh/xbin
+mkdir /mnt/phh/xbin
+chmod 0755 /mnt/phh/xbin
+chcon u:object_r:system_file:s0 /mnt/phh/xbin
- #phh-su will bind over this empty file to make a real su
- touch /mnt/phh/xbin/su
- chcon u:object_r:system_file:s0 /mnt/phh/xbin/su
+#phh-su will bind over this empty file to make a real su
+touch /mnt/phh/xbin/su
+chcon u:object_r:system_file:s0 /mnt/phh/xbin/su
- mount -o bind /mnt/phh/xbin /system/xbin
-fi
+mount -o bind /mnt/phh/xbin /system/xbin
for abi in "" 64;do
f=/vendor/lib$abi/libstagefright_foundation.so
--
2.34.1
Reference in New Issue View Git Blame Copy Permalink