As many of you may or may not have seen, there has finally been some progress made regarding S6 memory management issues. There is a long winded thread HERE with lots of reports of bootloops, lots of the same question being asked over, and over. I just wanted to share what I found, get more knowledgeable eyes on it, and hopefully get this memory issue ironed out.
After way to many hours of testing and messing with this stuff, here is what I know.
ro.config.dha_cached_max=20 <~~~ This line is pretty obvious in what it does. This is the limit for cached apps/services
ro.config.dha_empty_max=36 <~~~ Same here, this is the limit of empty apps/services (Do some research on LMK if you don't know what this means)
ro.config.dha_empty_init=36 <~~~ I'm not sure what this line does exactly but the value here corresponds the the empty_max value
ro.config.dha_th_rate=0.75 <~~~ I'm not entirely sure what this line does yet, it may not even be needed
ro.config.dha_lmk_scale=0.272 <~~~ This is the line that sets the LMK values. These override anything set in the ROM or kernel. This is probably the most important line that I actually understand
ro.config.sdha_apps_bg_max=90 <~~~ This line sets the total overall background apps/processes allowed
Here are what I've found the lmk_scale values to represent:
0.272 = 18, 25, 31, 40, 46, 55
0.545 = 29, 38, 46, 56, 65, 79
0.767 = 38, 48, 58, 70, 80, 99
0.990 = 47, 59, 71, 83, 95, 119
1.2 = 56, 69, 83, 96, 109, 137
1.5 = 68, 84, 100, 114, 130, 164
It's been my understanding that with arm64 devices with 2+ GB RAM, the LMK values are set lower as mostly a fail safe, and we let the cached, empty, and bg limits do the work. That is where the issues we are having with instability over time come in. Finding the best values for each property has proven to be difficult to say the least. Anyway, I just wanted to share what I know. Now we're all on the same page.
Click to expand...
Click to collapse
Code:
Here is most of what I found regarding DHA:
ProcessList.smali
ro.config.dha_cached_max=6
ro.config.dha_cached_min=2
ro.config.dha_empty_init=30
ro.config.dha_empty_min=6
ro.config.dha_empty_max=30
ro.config.oomminfree_high=73728,92160,110592,129024,147456,184320
ro.config.ldha_es_enable=false
ro.config.ldha_spc_enable=true
sys.config.s_dha_margin
ro.config.64bit_lmk_enable=false
ro.config.dha_ils_enable=true
ro.config.dha_ils_dyna_lmk=false
ro.config.dha_ils_rate=1.5
sys.config.s_dha_bg_max
ro.config.dha_ils_sdha_rate=1.8
ro.config.dha_whitelist_enable=2
ro.config.dha_goldenlist_enable=0
ro.config.dha_HEC_enable=0
ro.config.dha_frag_enable=0
ro.config.dha_lmk_scale=-1
ro.config.dha_lmk_rate=1
ro.config.dha_dyna_lmk_enable=false
ro.config.sdha_margin_min_low=20
ro.config.sdha_margin_min_high=60
ro.config.sdha_apps_bg_max=40
ro.config.sdha_apps_bg_min=4
ro.config.dha_step
ro.config.dha_th_rate
ro.config.dha_th_level=15
ro.config.dha_defend_th_level=3
ro.config.dha_increase_th
ro.config.dha_ils_dynamic_lmk_flag
ro.config.dha_whl_key
ActivityManagerService.smali
ro.config.dha_whl_key=255
ro.config.dha_gdl_key=63
Here is what I recommend:
For stabilty, a slight improvement over stock:
Code:
#DHA
ro.config.dha_cached_max=9
ro.config.dha_lmk_scale=1.5
ro.config.sdha_apps_bg_max=50
This should be stable with multi tasking improved over stock
Code:
#DHA
ro.config.dha_cached_max=12
ro.config.dha_empty_max=32
ro.config.dha_empty_init=32
ro.config.dha_lmk_scale=0.990
ro.config.sdha_apps_bg_max=60
This will multi task very well, stability over time is doubtful...
Code:
#DHA
ro.config.dha_cached_max=20
ro.config.dha_empty_max=36
ro.config.dha_empty_init=36
ro.config.dha_lmk_scale=0.545
ro.config.sdha_apps_bg_max=70
And, for those of you that want to have every app on your phone open...
Code:
#DHA
ro.config.dha_cached_max=20
ro.config.dha_empty_max=42
ro.config.dha_empty_init=42
ro.config.dha_lmk_scale=0.272
ro.config.sdha_apps_bg_max=90
Great work thanks.
I flashed men_testing5.zip you posted here.
https://www.androidfilehost.com/?w=f...2145dc090d76bc
It definitely works even keeps old chrome pages properly in recents, no refresh on going back to them.
It has triggered the "unauthorised actions have been detected" nag.
I also had to reselect and give password for my WiFi it had forgotten for some reason.
HEEEELLP!
I tried this and now my phone won't boot - not sure why.. i can get into the menu that lets me run ADB (power/vol down) but i can't seem to get su to work
how can I push the old build.prop back so I can get the phone to boot? need help asap .. basically if i reboot in "normal" mode, i just get a black screen..
FiddlerMD said:
HEEEELLP!
I tried this and now my phone won't boot - not sure why.. i can get into the menu that lets me run ADB (power/vol down) but i can't seem to get su to work
how can I push the old build.prop back so I can get the phone to boot? need help asap .. basically if i reboot in "normal" mode, i just get a black screen..
Click to expand...
Click to collapse
Please post this in the other thread linked in the OP. There are people there that will help.
No input? Interesting. We'll see how many ROM's get updated with these edits in the next few days LOL. Good day XDA.
I'd love to help @mikeyinid but unfortunately I don't have enough android knowledge for this kind of stuff. I was speaking to you on twitter 2 nights ago re if ur rom worked on this model. We really appreciate your help on this and I'm sure some dev will come on and she'd some light.
These seem to work better, don't need the oom line:
Code:
ro.config.dha_cached_max=15
ro.config.dha_empty_max=42
ro.config.dha_empty_init=42
ro.config.dha_th_rate=2.3
ro.config.dha_lmk_scale=0.545
ro.config.sdha_apps_bg_max=70
ro.config.sdha_apps_bg_min=2
KennyLegend said:
I'd love to help @mikeyinid but unfortunately I don't have enough android knowledge for this kind of stuff. I was speaking to you on twitter 2 nights ago re if ur rom worked on this model. We really appreciate your help on this and I'm sure some dev will come on and she'd some light.
Click to expand...
Click to collapse
Ah yea man. No worries, this is stuff that's been around a while so there sure to be people that know what to do. This is the first Samsung I've owned in a few years so I had no idea what DHA was.
I've no prob editing build.prop and trying tweaks but I haven't flashed a custom recovery yet so I can't use a rom.
I've read most of ur US thread though and it's fantastic things have worked out. Surely it can't be that difficult for someone to carry on ur great work and implement into this model.
KennyLegend said:
I've no prob editing build.prop and trying tweaks but I haven't flashed a custom recovery yet so I can't use a rom.
I've read most of ur US thread though and it's fantastic things have worked out. Surely it can't be that difficult for someone to carry on ur great work and implement into this model.
Click to expand...
Click to collapse
I stumbled upon this by nothing more than dumb luck. But, the more I research the subject, the more surprised I am someone else didn't figure this out within a few hours or days of release. Oh well, better late than never I suppose.
mikeyinid said:
These seem to work better, don't need the oom line:
Code:
ro.config.dha_cached_max=15
ro.config.dha_empty_max=42
ro.config.dha_empty_init=42
ro.config.dha_th_rate=2.3
ro.config.dha_lmk_scale=0.545
ro.config.sdha_apps_bg_max=70
ro.config.sdha_apps_bg_min=2
Click to expand...
Click to collapse
I have mine like this, can I replace empty_init 42 for spc _enable?
# DHA property
ro.config.dha_cached_max=15
ro.config.dha_empty_max=42
ro.config.ldha_spc_enable=false
ro.config.dha_th_rate=2.3
ro.config.dha_lmk_scale=0.545
ro.config.sdha_apps_bg_max=70
ro.config.sdha_apps_bg_min=8
ro.config.oomminfree_high=7628,9768,11909,14515,16655,20469
jah2110 said:
I have mine like this, can I replace empty_init 42 for spc _enable?
# DHA property
ro.config.dha_cached_max=15
ro.config.dha_empty_max=42
ro.config.ldha_spc_enable=false
ro.config.dha_th_rate=2.3
ro.config.dha_lmk_scale=0.545
ro.config.sdha_apps_bg_max=70
ro.config.sdha_apps_bg_min=8
ro.config.oomminfree_high=7628,9768,11909,14515,16655,20469
Click to expand...
Click to collapse
Yes, you can. You can also leave that line if you'd like, and let us know how it does with it. That line only exists in the OE firmware updates. I didn't mess with it because it wasn't in mine. I'm curious if it has any effect.
no need to replace. I just tested. lines do not conflict, you can rune both.
# DHA property
ro.config.dha_cached_max=15
ro.config.dha_empty_max=42
ro.config.dha_empty_init=42
ro.config.ldha_spc_enable=false
ro.config.dha_th_rate=2.3
ro.config.dha_lmk_scale=0.545
ro.config.sdha_apps_bg_max=70
ro.config.sdha_apps_bg_min=2
Works great more smooth multitasking, and no conflict with that line.
jah2110 said:
# DHA property
ro.config.dha_cached_max=15
ro.config.dha_empty_max=42
ro.config.dha_empty_init=42
ro.config.ldha_spc_enable=false
ro.config.dha_th_rate=2.3
ro.config.dha_lmk_scale=0.545
ro.config.sdha_apps_bg_max=70
ro.config.sdha_apps_bg_min=2
Works great more smooth multitasking, and no conflict with that line.
Click to expand...
Click to collapse
Samsung added that line for a reason, maybe I need to add it to my build.prop and see what's up. Then again, this phone should have had these issues fixed before release.
I have "better" results with this conf.
But I think there is a "time out" somewhere because it was working well for some min and after a "pause", it re-start to reload the apps...
-JFK- said:
I have "better" results with this conf.
But I think there is a "time out" somewhere because it was working well for some min and after a "pause", it re-start to reload the apps...
Click to expand...
Click to collapse
Yes. I see the same behavior. Oom is known to have a timeout, and I'm sure one of the lines in the OP effects this. That's exactly why I posted this. I'm hoping someone will mess with this stuff and figure out what needs to change. Some people are saying the line with the oom values isn't needed but I see better results with it. Idk
Running without oom line give me better results...
I haven't enough skills about it to tweak it but ready to test!
Do you know/remember "V6 supercharger" from Zeppelinrox?
I gess this man have the key/skills for us.
I hope that a recognized dev can contact him.
http://forum.xda-developers.com/showthread.php?t=991276
-JFK- said:
Running without oom line give me better results...
I haven't enough skills about it to tweak it but ready to test!
Do you know/remember "V6 supercharger" from Zeppelinrox?
I gess this man have the key/skills for us.
I hope that a recognized dev can contact him.
http://forum.xda-developers.com/showthread.php?t=991276
Click to expand...
Click to collapse
His scripts are phenomenal. Unfortunately they're geared toward devices with less ram. I messed with his stuff along the way to finding this.
jah2110 said:
# DHA property
ro.config.dha_cached_max=15
ro.config.dha_empty_max=42
ro.config.dha_empty_init=42
ro.config.ldha_spc_enable=false
ro.config.dha_th_rate=2.3
ro.config.dha_lmk_scale=0.545
ro.config.sdha_apps_bg_max=70
ro.config.sdha_apps_bg_min=2
Works great more smooth multitasking, and no conflict with that line.
Click to expand...
Click to collapse
Another positive feedback, this config is the best works like a charm. :good:
Related
Not sure if this is anyones current kernels or not, so dont slay me if it already is.
This code is courtesy of Nenolod via nenolod.net, I'm just the messenger.
Here goes...
how to improve user performance on android phones
June 28th, 2010
I am not responsible if you mess your phone up. Seriously.
Connect to your phone with adb shell, then:
$ su
# mount -o remount,rw /system
# echo 'kernel.sched_latency_ns = 600000' >> /etc/sysctl.conf
# echo 'kernel.sched_min_granularity_ns = 400000' >> /etc/sysctl.conf
# echo 'kernel.sched_features = 24188' >> /etc/sysctl.conf
# mount -o remount,ro /system
# sysctl -p
The Output should be...
kernel.sched_latency_ns = 600000
kernel.sched_min_granularity_ns = 400000
kernel.sched_features = 24188
# exit
$ exit
Now your phone will behave a lot better. To explain what those settings do:
Changing sched_features to 24188 disables some annoying CFS features (GENTLE_FAIR_SLEEPERS and NORMALIZE_SLEEPERS) that are stupid even on the desktop. The other two crank the timeslice length down to 0.6ms/0.4ms.
What about BFS you say? Well BFS does not appear to perform very well on Android, and Android’s legitimate use of cgroups does not work on BFS. However, the settings that the sysctls above change make CFS behave a lot more like BFS.
What does this mean?
This means that all the hype about JIT in Android 2.2 being the biggest possible source of performance improvement is a load of crap. JIT will improve CPU-bound tasks, but it will not improve the interactivity of the underlying OS, which is what people are really complaining about.
I mean, my (nenolods) Milestone is actually usable now. It’s 550mhz and it has absolutely no problems keeping up with the Incredible’s 1000mhz CPU. Just think about that. The HTC’s CPU is being put to waste due to the way that the scheduler allocates timeslices. If you disable the GENTLE_FAIR_SLEEPERS option, CFS becomes a very good scheduler for android, as it allows for sub-1ms timeslice deadlines.
Dont expect for your benchmarks to change drastically, if at all. However I do notice that my slide-to-unlock is basically instant now. No lag whatsoever there.
I should also mention that I am on JT's 11/13 nonvoodoo kernel. Smooth as butter...
Our phones don't use cfs.
Sent from my SCH-I500 using XDA App
Just ran the steps testing shall ensue so far my phone hasn't blown up or anything.
adrynalyne said:
Our phones don't use cfs.
Sent from my SCH-I500 using XDA App
Click to expand...
Click to collapse
Really? Cuz JT just added this same mod to his git about an hour ago....
https://github.com/jt1134/linux-2.6-fascinate/commit/21406928afe43f1db6acab4931bb8c886f4d04ce
https://github.com/jt1134/linux-2.6-fascinate/commit/485ea2630d6608cf3b1516e0cf2ac19de478dc38
I'm not claiming to know exactly what it changed, but there is no question its running smoother.
adrynalyne said:
Our phones don't use cfs.
Sent from my SCH-I500 using XDA App
Click to expand...
Click to collapse
Does this mean what I just did to my phone is bad? Heh?
LexusBrian400 said:
Really? Cuz JT just added this same mod to his git about an hour ago....
https://github.com/jt1134/linux-2.6-fascinate/commit/21406928afe43f1db6acab4931bb8c886f4d04ce
https://github.com/jt1134/linux-2.6-fascinate/commit/485ea2630d6608cf3b1516e0cf2ac19de478dc38
I'm not claiming to know exactly what it changed, but there is no question its running smoother.
Click to expand...
Click to collapse
Maybe he added cfs to the kernel.
Sent from my SCH-I500 using XDA App
DigitalDementia said:
Does this mean what I just did to my phone is bad? Heh?
Click to expand...
Click to collapse
Nothing that can't be reverted if need be.
Sent from my SCH-I500 using XDA App
this or you could just add
kernel.sched_latency_ns = 600000
kernel.sched_min_granularity_ns = 400000
kernel.sched_features = 24188
to your existing sysctl.conf and push it to /etc right?
i currently have this:
http://forum.xda-developers.com/showthread.php?t=814463
EDIT:
just added it, rebooted and it does seem a bit smoother. just a bit tho. im running the latest stupidfast kernel
I don't know what is meant by the phone will run better but I did linpack quadrant and speed pi tests before and after this mod with no change in the averages as well as scrolling through websites that have quite a bit of content is much slower such as scrolling through xda developers site as well as engadget. Its clear from at least a practical standpoint this mod does nothing to make your phone run any better.
wisconsinated said:
I don't know what is meant by the phone will run better but I did linpack quadrant and speed pi tests before and after this mod with no change in the averages as well as scrolling through websites that have quite a bit of content is much slower such as scrolling through xda developers site as well as engadget. Its clear from at least a practical standpoint this mod does nothing to make your phone run any better.
Click to expand...
Click to collapse
LexusBrian400 said:
Dont expect for your benchmarks to change drastically, if at all. However I do notice that my slide-to-unlock is basically instant now. No lag whatsoever there.
Click to expand...
Click to collapse
its the UI that runs smoother. benchmarks dont change
Doesnt really matter. If it requires cfs (being that its disabling cfs features), none of y'all are noticing anything but placebo effects.
If it works for other schedulers, great.
However, currently our kernels (Im sure geeknik's too) only have:
anticipatory
deadline (default on JT's latest kernel and maybe earlier)
noop
bfq
cfq
If CFS is in the kernel, its not compiled for it. I'd have to look closer, and I don't have time to boot to Linux at this moment.
adrynalyne said:
Doesnt really matter. If it requires cfs (being that its disabling cfs features), none of y'all are noticing anything but placebo effects.
If it works for other schedulers, great.
However, currently our kernels (Im sure geeknik's too) only have:
anticipatory
deadline (default on JT's latest kernel and maybe earlier)
noop
bfq
cfq
If CFS is in the kernel, its not compiled for it. I'd have to look closer, and I don't have time to boot to Linux at this moment.
Click to expand...
Click to collapse
My E-Penis is obviously no match for your Gargantuan sized E-Penis. Thanks for pointing this out.
Id take the post down, but then you wouldnt be able to **** in the punch bowl anymore (judging by your other posts, you like to do that a lot) so, I'll leave it up for you to keep growing your massive E-Penis.
Thank you sir, thank you for your wonderful and all knowing E-Penis.
LexusBrian400 said:
My E-Penis is obviously no match for your Gargantuan sized E-Penis. Thanks for pointing this out.
Id take the post down, but then you wouldnt be able to **** in the punch bowl anymore (judging by your other posts, you like to do that a lot) so, I'll leave it up for you to keep growing your massive E-Penis.
Thank you sir, thank you for your wonderful and all knowing E-Penis.
Click to expand...
Click to collapse
As far as I am concerned I am trying to inform people and have a dialog (note that I said if several times, hoping for discussion). Be a **** all you want but if I am being civil, so should you. Grow up.
Sent from my SCH-I500 using XDA App
I've never seen penis written so much in a development post
I guess you missed the episode I was referring to.
It was a joke, relax.
JT just told me cfs is an option in his kernel, but bfq is enabled by default.
LexusBrian400 said:
I guess you missed the episode I was referring to.
It was a joke, relax.
JT just told me cfs is an option in his kernel, but bfq is enabled by default.
Click to expand...
Click to collapse
Which kernel?
Sent from my SCH-I500 using XDA App
adrynalyne said:
Which kernel?
Sent from my SCH-I500 using XDA App
Click to expand...
Click to collapse
I'm guessing his latest. But When I ran the code against his newest one, the output wasn't the same as when I ran it against his 11/13 test kernel. which was before he added a variation of this same edit, permanently, to his newest kernel on github.
I apologize about my post earlier. All I ever do is try to help people (you can look through my posts to confirm) and I guess I got a little upset that I posted something that may or may not be helpful to everyone. The code ran through fine, so I assumed it worked. I tried it on other phones/kernels, and it wouldnt work. So when it worked on this one, I decided to post it for others to try out and report back. But its hard to get feedback when someone is clouding the thread all up saying its a placebo effect.
I just wanted others input who have actually tried to run it, not just assume it doesnt work.
Hope that explains...
LexusBrian400 said:
I'm guessing his latest. But When I ran the code against his newest one, the output wasn't the same as when I ran it against his 11/13 test kernel. which was before he added a variation of this same edit, permanently, to his newest kernel on github.
I apologize about my post earlier. All I ever do is try to help people (you can look through my posts to confirm) and I guess I got a little upset that I posted something that may or may not be helpful to everyone. The code ran through fine, so I assumed it worked. I tried it on other phones/kernels, and it wouldnt work. So when it worked on this one, I decided to post it for others to try out and report back. But its hard to get feedback when someone is clouding the thread all up saying its a placebo effect.
I just wanted others input who have actually tried to run it, not just assume it doesnt work.
Hope that explains...
Click to expand...
Click to collapse
Gotta read closely. I said IF it relies on cfs and it's not in the kernel, then it is placebo.
I have verified cfs is not in my kernel, which is dated 11/13.
Sent from my SCH-I500 using XDA App
adrynalyne said:
Gotta read closely. I said IF it relies on cfs and it's not in the kernel, then it is placebo.
I have verified cfs is not in my kernel, which is dated 11/13.
Sent from my SCH-I500 using XDA App
Click to expand...
Click to collapse
He made a new one last night 11/15, but I don't not have the know how to check this stuff, lol. Just informing everyone there is a newer one. It's in his rommanager manifest on his website, not sure if it's actually in rommanager yet or not.
phoenx06 said:
He made a new one last night 11/15, but I don't not have the know how to check this stuff, lol. Just informing everyone there is a newer one. It's in his rommanager manifest on his website, not sure if it's actually in rommanager yet or not.
Click to expand...
Click to collapse
Yeah, that is EXACTLY when i posted this.. it was kind of eeeery cuz we were both in IRC at the same time. Then he showed me his commits and they were very similar to this edit.
Oh well, either use it or dont.
GL guys...
Hi All,
I have been checking a lot of ROM's recently i have find 2-3 settings in all ROM's which might sound a good choice for dev's however i am not sure whether they should be the same for user or not.
Some of the samples include
Code:
chmod 0777 /system
and all internal places.
this effectively allows us to do a adb push easily and without any hassels however per my study this allow just about anyone to mingle with any file whatsoever on my system.
Note : Having root of my own device to tinker with it is one thing. and handing over my device all permissions to someone else is another thing.
also another setting which bothers me is
Code:
ro.secure=0
which effectively allows adb to open shell in root mode directly.
can any dev help me in understand is this necessary for normal users.
also the reason why this thread is here is coz this needs discussion as this could very well turn out to be a security issues, as android platform is starting to get the limelight so will be getting eyes of both good and bad too....
also would love if someone can help me in compiling tips for normal users what they need to do and not do.
example
USB debugging should only be enabled when it is needed and not everytime.
Mod's I hope i am not voilating any rules by posting this here.
My point of view is cleary no and the obvious reason for that is that most users dont really know what they're doing, just try (most of the times to reach performance) something that someone who knows what are doing to get this or that.
I think what needs to be done is something like linux system.
You may have root but to get some modifications at least should appear some kind of msg or password needed like super root (is this the name? Cant remember, but you know what im talking )
Edit:
I wonder with some behavior of some guys and with super root access that de had what could happen to the most of users around here if we have a real bootloader crack instead of bypass. Probably need to be rich to buy a new like avery week
Cheers old IBM'ER friend
Sent from my X10i using Tapatalk
Wait, rendeiro, I think you meant Super User. But SU=Root. SU is just a method to make things simpler and safer as logging in directly as root is very dangerous.
@OP -- by CHMOD-ing the system folder to 777, you're completely vulnerable. 777 basically allows everyone to access it.
I'm not sure about the ro.secure=0 setting, but the default value is 1 instead of 0, root exploits change the value to 0 -- which lowers the security, hence allows you to be root. I think this value is also available in the kernel, just like what D did with Arc's insecure kernel -- yes, it makes the kernel insecure to allow you to root your phone.
@Hzu
You're write about the name I just forgot it since I wont use linux for about four years (since I work where im on now) but I think you get my point
Cheers
Sent from my X10i using Tapatalk
But you are still right though, people messing with the system without knowing what they are doing, and then blames the system for corrupting.
Seems like OP has did research, it should be OK for him to continue his research.
Hzu said:
Wait, rendeiro, I think you meant Super User. But SU=Root. SU is just a method to make things simpler and safer as logging in directly as root is very dangerous.
@OP -- by CHMOD-ing the system folder to 777, you're completely vulnerable. 777 basically allows everyone to access it.
I'm not sure about the ro.secure=0 setting, but the default value is 1 instead of 0, root exploits change the value to 0 -- which lowers the security, hence allows you to be root. I think this value is also available in the kernel, just like what D did with Arc's insecure kernel -- yes, it makes the kernel insecure to allow you to root your phone.
Click to expand...
Click to collapse
thats what i also thought and that's why posted here to make everyone atleast think once.
ro.secure setting i understand is to allow adb to run as root or not... basically ro.secure 1 disallows pushing to /system... also it puts you to $ prompt and you need to manually su.
Another thing i notices is we see a lot of update.zip's floating around i am not puting a question mark on anyones ethics however i suppose there should be some mechanism to check what's inside the zip or what that zip will do user should be aware of the stuff that may happen... I will try to write something in this regard in case people agree.
basically i want user to know
1) what files will be tampered specially bin xbin etc folder stuff
2) shell scripts executed.
3) partition format or permission change specially something like 777 stuff should be indicated.
and ya i will keep checking all these, i don't have any plan on launching a ROM however will keep a close eye on what others are cooking.
anantshri said:
thats what i also thought and that's why posted here to make everyone atleast think once.
ro.secure setting i understand is to allow adb to run as root or not... basically ro.secure 1 disallows pushing to /system... also it puts you to $ prompt and you need to manually su.
Another thing i notices is we see a lot of update.zip's floating around i am not puting a question mark on anyones ethics however i suppose there should be some mechanism to check what's inside the zip or what that zip will do user should be aware of the stuff that may happen... I will try to write something in this regard in case people agree.
basically i want user to know
1) what files will be tampered specially bin xbin etc folder stuff
2) shell scripts executed.
3) partition format or permission change specially something like 777 stuff should be indicated.
and ya i will keep checking all these, i don't have any plan on launching a ROM however will keep a close eye on what others are cooking.
Click to expand...
Click to collapse
Even though I tend to agree with the above posts, I have to say that there is also another side that we should all consider.
Each and every one of us, should try and be "educated" on Android. XDA forums can be a mess, but with patience and a little time every now and then, we can all learn more about what our phones do and how.
I've seen people eager to flash an update.zip with a tweak that they have ABSOLUTELY no idea what it does. Sometimes we just sit back and wait for everything to be done for us.
I am always actively interested in development and I learn new things every day.
Developers give us the tools, we need to learn how to use them.
Xperia X10i via Tapatalk
rendeiro2005 said:
I think what needs to be done is something like linux system.
You may have root but to get some modifications at least should appear some kind of msg or password needed like super root (is this the name? Cant remember, but you know what im talking )
Click to expand...
Click to collapse
Is that not what the superuser app does?
I'm not a dev but I kno enough about linux to want rw to /system but I agree most users are stupid (well at least don't know what there doing). Apps that let you do damage to /system like root explorer allows you to easily mount it rw anyway. I can't see much extra danger having it always rw when you've already got root.
Each and every one of us, should try and be "educated" on Android. XDA forums can be a mess, but with patience and a little time every now and then, we can all learn more about what our phones do and how.
I've seen people eager to flash an update.zip with a tweak that they have ABSOLUTELY no idea what it does. Sometimes we just sit back and wait for everything to be done for us.
I am always actively interested in development and I learn new things every day.
Developers give us the tools, we need to learn how to use them.
Click to expand...
Click to collapse
Agree ppl flashing roms should take a little time to learn about what they're doing but ppl are too lazy and want a quick fix. But if someone soft bricks their phone because they don't understand what their doing and don't read the instructions properly then its their fault and not the devs. But its not hard to connect to PC companion and repair and they've learnt a valuable lesson in the process.
No, the superuser app don't ask for password. Like in linux distros for the pc, you can set whether to have password or not, this can be done via visudo. Just google for visudo then you will understand.
Sent from my X10 using XDA App
Yeah the post requested a message or password, superuser provides a message. Yeah I use linux for a PVR so know what you mean.
resurrecting an old thread just to inform all dev's i have compiles some of the issues that i see could be a potential security issues.
http://blog.anantshri.info/whitepaper-security-issues-in-android-custom-roms/
hope this could help making ROMs more secure.
From http://blog.anantshri.info/whitepaper-security-issues-in-android-custom-roms/#comment-66733
"
Hi Anant
After i´ve read your white paper i got 2 conclusions:
1. you`re absolutely right and explain it as it should but…
2. If Devs consider all that why develop anything?
As principle i think you´re right but that fact is if any rom will be developed as “closed” almost anyone use it and no matter what make you develop you certain won´t develop for 1/2 guys/gals. For that we have stock ones
Now. I can agree with something like a big alert on every rom development section/thread about the potential risk by install an “open” rom but more than that it will kill all development in the end
Cheers pal
"
Perhaps the way forward is to have the warnings you have mentioned, but also encourage our devs to have a "security tester", another dev with the time and skill to give approval to the zip package. Zips have worried me too. This is a community after all, security is in all our interests.
Sent from my X10i using XDA App
Hi All,
few things to clarify.
see i am not against development.
the point is when we have developer style softwares like say flashtool its just too good for people like us.
now look from a prospective of a person who is visiting this forum just to get a new rom coz he is told they are good.
he is handling his faith to us.
in this case lets say we say in flashtool for example
after rebooting, check usb debugging and unknown source.
however we never say to disable it after you are done with flashtool or tell that this could be a problem.
also most of the rom's have ro.secure set to 0. Good for dev's i loved it.
but no use for a normal user besides the prospects that due to ignorance a person could actually move in and install a backdoor or malware in.
All i am saying is we should have something like two profiles
1) if you are supporting dev launch this
2) if you are normal user use this.
hope you all get my point.
besides that issues like custom recoveries. right now as i said the efforts are towards improving them and people might look at security prospective after that.
I know some of you might say if a person is visiting a after market forum he should be smart enough to read a bit.
that's idealism, not reality.
NOTE :
I am excited about 4.0 ICS coz with that comes features like disk encryption etc.
anantshri said:
Hi All,
few things to clarify.
see i am not against development.
the point is when we have developer style softwares like say flashtool its just too good for people like us.
now look from a prospective of a person who is visiting this forum just to get a new rom coz he is told they are good.
he is handling his faith to us.
in this case lets say we say in flashtool for example
after rebooting, check usb debugging and unknown source.
however we never say to disable it after you are done with flashtool or tell that this could be a problem.
also most of the rom's have ro.secure set to 0. Good for dev's i loved it.
but no use for a normal user besides the prospects that due to ignorance a person could actually move in and install a backdoor or malware in.
All i am saying is we should have something like two profiles
1) if you are supporting dev launch this
2) if you are normal user use this.
hope you all get my point.
besides that issues like custom recoveries. right now as i said the efforts are towards improving them and people might look at security prospective after that.
I know some of you might say if a person is visiting a after market forum he should be smart enough to read a bit.
that's idealism, not reality.
NOTE :
I am excited about 4.0 ICS coz with that comes features like disk encryption etc.
Click to expand...
Click to collapse
Hi bro
i did get your point! maybe i didn´t explain my point very clearly sorry if i didn`t
i perfectly support your idea...as you say ... "that's idealism, not reality."
like i said before, may devs should include those issues on there threads, i agree, but more than that...do no know it´s like ...hey! i got a custom rom but...i can´t do nothing...
cheers R
Crowds said:
Hi bro
like i said before, may devs should include those issues on there threads, i agree, but more than that...do no know it´s like ...hey! i got a custom rom but...i can´t do nothing...
cheers R
Click to expand...
Click to collapse
actually that's my point
keeping
say ro.secure=1
disabling usbdebugging, unknown sources or portecting custom recoveries
I still see a normal user can use all the benifits of rooting inside the device.
i am right now focusing on what third party can do when phone is giving out data outside.
well we both agree that its a point that needs some consideration so i think i have succedded in making my point heard.
anantshri said:
actually that's my point
keeping
say ro.secure=1
disabling usbdebugging, unknown sources or portecting custom recoveries
I still see a normal user can use all the benifits of rooting inside the device.
i am right now focusing on what third party can do when phone is giving out data outside.
well we both agree that its a point that needs some consideration so i think i have succedded in making my point heard.
Click to expand...
Click to collapse
ok, ok, you won
but regarding that ro.secure
i understand your explanation on white paper and try to include on my current build.prop file but...can´t see any diference why? my phone "behaves" exactly the same way as before
Crowds said:
ok, ok, you won
but regarding that ro.secure
i understand your explanation on white paper and try to include on my current build.prop file but...can´t see any diference why? my phone "behaves" exactly the same way as before
Click to expand...
Click to collapse
change in ro.secure need to go to ramdisk.
also after that setting try pulling /data/data or /system in adb.
nothing except adb's default behaviour will change.
Hey, I was wondering if it was hard to create these roms?
It looks like the equivalent to using nLite or somethin to slipstream different packages in, and to remove anything else unwanted. Is it that way? But perhaps, with a command line rather than a GUI?
I am currently running UnNamed 1.0.3, but there are still a few changes I'd like to make myself, i.e. to touchwiz. Could I go and edit this too?
demon9206 said:
Hey, I was wondering if it was hard to create these roms?
It looks like the equivalent to using nLite or somethin to slipstream different packages in, and to remove anything else unwanted. Is it that way? But perhaps, with a command line rather than a GUI?
I am currently running UnNamed 1.0.3, but there are still a few changes I'd like to make myself, i.e. to touchwiz. Could I go and edit this too?
Click to expand...
Click to collapse
Depends on the customizations - removing stuff can be quite easy - just remount /system read/write and go to town on /system/app
https://spreadsheets.google.com/spr...1gdDJRekl4QmkyNmIzUmRvX2h3UDVkQXc&output=html has a list of safe/unsafe removals for I9100 - we're pretty close to it.
Adding stuff can often be quite difficult - In general, many of the frameworks are interconnected, so for example, you might add something that depends on our framework having a component that isn't there, and it'll go break. Or that component might be there, but have a different resource ID. Things get really difficult really fast once you start getting into smali/baksmali land...
At some point I'm going to start documenting the steps I've taken to where I am with my own personal device right now in terms of debloating and modifications - but I haven't had the time to document it yet. Whenever it does come, I will warn you - my guide will be useless to someone that doesn't have a fairly high degree of familiarity with a Unix shell. I intend it to be a high-level guide for people who have reasonably good general technical skills but lack familiarity with the Android userspace stack.
Entropy512 said:
Depends on the customizations - removing stuff can be quite easy - just remount /system read/write and go to town on /system/app
https://spreadsheets.google.com/spr...1gdDJRekl4QmkyNmIzUmRvX2h3UDVkQXc&output=html has a list of safe/unsafe removals for I9100 - we're pretty close to it.
Adding stuff can often be quite difficult - In general, many of the frameworks are interconnected, so for example, you might add something that depends on our framework having a component that isn't there, and it'll go break. Or that component might be there, but have a different resource ID. Things get really difficult really fast once you start getting into smali/baksmali land...
Click to expand...
Click to collapse
Ahhh... Somalia/baksmali land. Oh how I hated that place when I began to learn.
Entropy512 said:
I will warn you - my guide will be useless to someone that doesn't have a fairly high degree of familiarity with a Unix shell. I intend it to be a high-level guide for people who have reasonably good general technical skills but lack familiarity with the Android userspace stack.
Click to expand...
Click to collapse
I'll really be looking forward to this guide then as the Unix shell is where I'm comfortable, but I'm not too familiar with the Android userspace stack. I suppose I've my own self to blame for not making the time to get familiar with it, but as busy as I stay with work, being on-call and all the ad-hoc that comes in between, time for Android can be scarce. A guide would save me a lot of time for sure and be very much appreciated.
Ah, gotcha. Seems pretty intense then, not quite like Slipstreaming Windows as I imagined. Too bad.
So this is not something to pick up quickly and just do it then, huh? Too bad. Guess I'll have to rely on you guys! Thanks to all that go through this lol
demon9206 said:
Ah, gotcha. Seems pretty intense then, not quite like Slipstreaming Windows as I imagined. Too bad.
So this is not something to pick up quickly and just do it then, huh? Too bad. Guess I'll have to rely on you guys! Thanks to all that go through this lol
Click to expand...
Click to collapse
Some things are easy, some things are harder.
Debloating is easy - just nuke stuff from /system/app one at a time, using this as a guide: https://spreadsheets.google.com/spr...1gdDJRekl4QmkyNmIzUmRvX2h3UDVkQXc&output=html
Keep a backup around in case you nuke something you shouldn't.
Deodexing - harder, I needed to use dsixda kitchen with a few caveats (such as CWM 5.x backups will NOT work as input to a dsixda dump - you need to use dd to dump your /system partition). According to gtg465x, deodexing with dsixda is OK, doing any more with it will incur the wrath of the ROM gods.
One thing to clearly start looking at - smali/baksmali. Smali/baksmali is a ***** on odexed ROMs, if a ROM you're using is odexed, deodex it or run away unless you like pain and suffering.
gtg's github repo for unnamed ROM serves as great smali/baksmali reference for many runs - but if you try to copypasta his changes, Bad Things will usually happen.
This is from the Sony Xperia X10 section, which is the phone I came from. Not sure if this Script/Application can be adapted for the Galaxy, but this allows a user to Port a MiUI ROM in "30 seconds" I only played with it a little bit.
http://forum.xda-developers.com/showthread.php?t=1294451
btw, Entropy512 one of my good friends I went to college with is from Oswego!
highaltitude said:
This is from the Sony Xperia X10 section, which is the phone I came from. Not sure if this Script/Application can be adapted for the Galaxy, but this allows a user to Port a MiUI ROM in "30 seconds" I only played with it a little bit.
http://forum.xda-developers.com/showthread.php?t=1294451
btw, Entropy512 one of my good friends I went to college with is from Oswego!
Click to expand...
Click to collapse
I'm in Owego, not Oswego... One S makes a few hundred miles difference. (Northern vs. southern border of the state.)
Entropy512 said:
I'm in Owego, not Oswego... One S makes a few hundred miles difference. (Northern vs. southern border of the state.)
Click to expand...
Click to collapse
LOL, oops
I'm confused about undervolting. I don't exactly understand what the numbers mean. I know I can get better battery life through successful undervolting, but I have no clue how to do it.
I'm currently running Euphoria RC2.1 with the Kiss 5.1 kernel.
Could someone explain what the numbers mean, and how to choose said numbers?
Check out these articles for a pretty good overview of undervolting:
http://bigfatreality.blogspot.com/2012/03/guide-to-undervolt-android-safely.html
http://bigfatreality.blogspot.com/2012/04/complete-android-undervolting-guide.html
If you haven't already also checkout Woodrube's better battery life guide:
http://forum.xda-developers.com/showthread.php?t=1389069
For more technical information on kernel govenors, cpu tweaks, etc., the best source is droidphile's guide here:
http://forum.xda-developers.com/showthread.php?t=1369817
Thanks for the nod JR.
In my guide (post # 2) there are examples of Overclocking and Undervolting from some users that were on MIUI and the voltages that work for them.
Here is a short thread with some ICS OC/UV #'s from some advanced users that know what they are doing. YMMV so what works for them, JR, me may not work for you, as far as exact numbers.
Words of advice: Step down you UV by increments of -25 and see if they work. If not you will know b/c you will get a random reboot right in the middle of some app or task that you are doing that is drawing too much power. That is an indication that you UV'd too much. Step it up and then keep testing.
Important part-------> DO NOT SET ON BOOT until you know for a fact that they are working. I usually UV and let it set with normal everyday use for 1 whole day. If it works fine, if not, then I can tune it accordingly and once I find that sweet spot, THEN I "Set On Boot"
just a odd idea I thought I would share
I wonder if its possible to patch a kernel on load using safestrap
I am wondering if maby we can hex-patch the DVFS table at execute to at least gain some overclocking
I read the kexec thread but the consensus there is that development is stalled waiting for a breakthrough
thoughts :fingers-crossed:
Legitsu said:
just a odd idea I thought I would share
I wonder if its possible to patch a kernel on load using safestrap
I am wondering if maby we can hex-patch the DVFS table at execute to at least gain some overclocking
I read the kexec thread but the consensus there is that development is stalled waiting for a breakthrough
thoughts :fingers-crossed:
Click to expand...
Click to collapse
You can overclock via module sure, hex patch prob not needed.
Surge1223 said:
You can overclock via module sure, hex patch prob not needed.
Click to expand...
Click to collapse
hrmmm.... you talking about patching the dvfs kernel module or writing a custom module ...
if so I am surprised nobody has done that yet ..
is hex-patching from safestrap at all feasible ... it would grant you the 'keys' to all manner of "doors"
I used to fiddle with it on my cheap mk808 tv stick before we had kernel sources
I am surprised nobody has used kmodule's as a "attack vector" people seem to be chipping away and the Mountain that is kexec instead of just focusing on patching the issues we have with the stock kernel .. . a few years ago somebody was doing hex patches to implement kernel changes on the first generation of rockchip powered "tv sticks" the same logic should apply here
then again maby I have just been out of the game for way to long ....
*continues pondering*
Legitsu said:
hrmmm.... you talking about patching the dvfs kernel module or writing a custom module ...
if so I am surprised nobody has done that yet ..
is hex-patching from safestrap at all feasible ... it would grant you the 'keys' to all manner of door if it was
I used to fiddle with it on my cheap mk808 tv stick before we had kernel sources
I am surprised nobody has used kmodule's as a "attack vector" people seem to be chipping away and the Mountain that is kexec instead of just focusing on patching the issues we have with the stock kernel .. . a few years ago somebody was doing hex patches to implement kernel changes on the first generation of rockchip powered "tv sticks" the same logic should apply here
Click to expand...
Click to collapse
I have dabbled with this, using a custom module based on the 8660 overclock module I found source for somewhere. The reason kexec is so much more desired then fixing the current kernel is because patching the current kernel might give us more io schedulers, overclock, custom governors etc, but at the end of the day all that crap isn't worth much on the poor excuse for android ui known as touchwiz.
Idk about you but I can tell you I for sure would not want to post a thread on overclocking or modifying cpu via modules in this day and age of 'the entitled xda user'. Maybe that's why you don't see any threads.
You bring up a good point about how people don't understand the various uses kernel modules can provide including but not limited to being attack vectors (though to some degree this is being done with kexec).
Surge1223 said:
I have dabbled with this, using a custom module based on the 8660 overclock module I found source for somewhere. The reason kexec is so much more desired then fixing the current kernel is because patching the current kernel might give us more io schedulers, overclock, custom governors etc, but at the end of the day all that crap isn't worth much on the poor excuse for android ui known as touchwiz.
Idk about you but I can tell you I for sure would not want to post a thread on overclocking or modifying cpu via modules in this day and age of 'the entitled xda user'. Maybe that's why you don't see any threads.
You bring up a good point about how people don't understand the various uses kernel modules can provide including but not limited to being attack vectors (though to some degree this is being done with kexec).
Click to expand...
Click to collapse
ill be the first one to admit I haven't keept up on this stuff simply because the effort started outweighing the gain
it just seems to me that people are chasing clouds ... with kexec the possibility of getting it working is basically nill due to lack of debugging information so why not attack something you can debug such as a kernel module hell in theory it should be possible to add io schedulers and governors via a module hell with a properly 'crafted' module we may even get kexec(kgraft?) as a result if you could create a exploit you could use to the proper effect ..
I agree that touchwizz is utter poo and should be stabbed with white hot knives and buried under 12ft of cement but the phrase "if life gives you lemons ... make lemonade" rings to mind ...
I am sure somebody will give me the usual speech about "if you are so smart do it your self" but sometimes people just need to step back and look at it another way .. + I am fighting insomnia and am on my third shot of jack ...
wow did I really write all that jesus ... no more jack for me at 12 am...
Legitsu said:
wow did I really write all that jesus ... no more jack for me at 12 am...
Click to expand...
Click to collapse
Lol. At least your question is a good topic of debate. Most questions and posts in our forum are boring to me but this isn't, so there's that I guess.
Surge1223 said:
Lol. At least your question is a good topic of debate. Most questions and posts in our forum are boring to me but this isn't, so there's that I guess.
Click to expand...
Click to collapse
realistically you probably could't alter to much but adding overclocking a variety of minor tweaks could be done in hex
on a personal note I would be content with figuring out how to get some overclocking/undervolting done
Legitsu said:
realistically you probably could't alter to much but adding overclocking a variety of minor tweaks could be done in hex
on a personal note I would be content with figuring out how to get some overclocking/undervolting done
Click to expand...
Click to collapse
When you reply to me, you realize you are actually continuing your thoughts and not actually replying to me right?
Surge1223 said:
When you reply to me, you realize you are actually continuing your thoughts and not actually replying to me right?
Click to expand...
Click to collapse
Lol I am just rambling feel free to ignore me lol
board software here is a bit odd
*deleted tired*