Better Mobile App

[APP] LUKS Manager [v2.3] - Encrypted volumes via loopback for rooted phones

Introduction
This is my first Android application and I'm looking for testers and feedback.
LUKS Manager
LUKS Manager provides on-the-fly encryption (AES by default) to virtual folders on Android devices.
The virtual folders can be dynamically mounted, unmounted, created and deleted as needed.
(Think TrueCrypt like functionality)
Volumes and loopback device information are stored in: /mnt/sdcard/luks/.data
And the encrypted volumes are mounted at: /mnt/sdcard/luks/<volume_name>
Requirements
The Android device must:
Be rooted
Have a kernel that supports secure dm-crypt modes and loopback devices
Have a current version of BusyBox installed
Have SuperUser app installed
This package contains:
A statically compiled, stripped and UPX compressed version of cryptsetup for the ARM using the tools provided by the The Guardian Project.
A statically compiled and stripped version of mkdosfs from dosfstools package for the ARM7.
A bash shell script called "luks" that does volume management.
And a native java app that provides a GUI interface to the luks script, a basic file explorer and simple text editor.
Download
You can find more on the apps homepage at:
nemesis2.qx.net/pages/LUKSManager/
Or the Android Market:
market.android.com/details?id=com.nemesis2.luksmanager
Changelog
Version 2.3:
Major rewrite to the luks shell script and GUI app to support user defined volume locations.
Encryption cipher and keysize are now user definable. (kernel support required)
Moved storage of volume information from /mnt/sdcard/luks/.data to /data/data/com.nemesis2.luksmanager/.data
Prompts to upgrade if loop device files are found in SDCard .data directory.
Removed top level restriction on file explorer activity.
Default file system changed from EXT4 to EXT2.
FAT file system support now enabled by default.
Added volume mount and unmount desktop shortcuts.
Added notification when volumes are mounted. (Can be toggled off in preferences)
Added landscape support to the main and volume edit activities.
Added basic SDcard support to install binaries routine.
(Fixes java.lang.NullPointerException on binary install.)
Added toggle to disable binary hash checks on startup. This enables
customized luks scripts and/or binaries.
Small fix to application initialization. (hopefully fixes odd reboot
issue on some devices)
Attempts to unmount volumes on ACTION_SHUTDOWN and MEDIA_EJECT broadcasts.
Additional checks and error handling if no volumes exist.
Additional error handling in luks script during volume mounting and creation.
Added required BusyBox applet checks on startup.
About Dialog additions / changes.
Small text changes (formatting and typo fixes).
Version 2.2:
Recompiled lm.crypsetup binary under android-ndk-r6b.
Hopefully this will stop segfaults on various devices.
Version 2.1:
Added widget:
When volumes are mounted the widget will turn red and display the number of currently mounted volumes.
A single touch unmounts all volumes.
Rewrote luks script and internal routines to use busybox all the time to avoid toolbox/busybox symlink conflicts.
Added the ability to password protect the create/remove buttons, volume properties and preferences dialog.
Improved error handling in luks script on mount.
Added additional scripts: pre-mount and pre-unmount.
Added volume management Activity.
Volume mount points are now user defineable.
The volumes loopback device is now user definable.
Added an internal file editor (to edit bash scripts).
(Editor can be used outside of LUKS Manager to edit files).
Fixed Force Close when mounting with a blank password.
Version 2.0: Added Preferences Activity.
Now allows FAT formatted volumes.
(works w/FreeOTFE on windows)
Improved error handling/cleanup on failed volume creation.
Added lm.mkdosfs binary to assets.
The lm.mkdosfs binary is sha1 hashed and replaced if out-dated or changed.
Remove Binaries nows includes the lm.mkdosfs binary.
Added additional menu options to Activities.
Increased debug logging and added system probe.
(Don't enable for normal usage!)
Added option to launch Explorer on volume mount.
Redirected stderr to stdout using redirectErrorStream.
Added validation checks to volume creation. (non-blank, sanitize filename).
Moved to dp units instead of pixels for display scaling.
Fixed a few items that needed to be .destroyed (oops).
SD Card path fix (typo fix).
File Explorer now saves/recalls list view position on directory changes and when opening files.
About Dialog updates.
Added run script on mount/unmount: <volume>.mount.sh and <volume>.unmount.sh
Added su/root check on startup.
Version 1.9:Renamed cryptsetup to lm.cryptsetup to avoid overwriting pre-existing copies.
LUKS script will use cryptsetup if it exists, solves Samsung Galaxy S2 issues.
(Users will need to manually restore the cryptsetup binary if it was overwritten!)
Added sanity checks to File Explorer. (path /mnt/sdcard must exist)
File Explorer now saves and restores path on rotation change.
Moved about html to assets file instead of an inline string.
Version 1.8: Removed Internet Access Permission (decided not to include ads).
The cryptsetup binary is no longer UPX compressed in an attempt to improve compatibility.
The cryptsetup and luks binaries are now sha1 hashed and replaced if outdated or changed.
Since "Unmount All" can take a while to complete it has been changed to an AsyncTask.
When mounted all volumes will get chmod 777 applied recursively to avoid file permission issues.
Numerous improvements and changes to the internal file explorer.
Slight wording changes to activity titles and About Dialog.
Added change log to About Dialog.
Version 1.7: Added file explorer (no longer requires ASTRO File Manager)
Updated the About Dialog
First Market Release
Version 1.6: updated and optimized the icon and background images
Updated the About Dialog
Updated failure logging to syslog
Version 1.5: now quotes passwords (oops)
Spaces in volume names are converted to underscores: _
About dialog updated
Version 1.4: code refactoring
Added about/homepage menu items
Added "Remove Binaries" to remove /system/bin files: luks and cryptsetup
Added explore menu option to explore to volume location (requires Astro Filemanager)
Added background
Version 1.3: moved binaries into apk and added extractor/binary installer
Version 1.2: first public release
Screen Shots

Any Kernals for the OTA Sense
Nemesis][ said:
Introduction
This is my first Android application and I'm looking for testers and feedback.
LUKS Manager
LUKS Manager provides on-the-fly encryption (AES by default) to virtual folders on Android devices.
The virtual folders can be dynamically mounted, unmounted, created and deleted as needed.
(Think TrueCrypt like functionality)
Volumes and loopback device information are stored in: /mnt/sdcard/luks/.data
And the encrypted volumes are mounted at: /mnt/sdcard/luks/<volume_name>
Requirements
The Android device must:
Be rooted
Have a kernel that supports secure dm-crypt modes and loopback devices
Have a current version of BusyBox installed
Have SuperUser app installed
This package contains:
A statically compiled, stripped and UPX compressed version of cryptsetup for the ARM using the tools provided by the Guardianproject.
A bash shell script called "luks" that does volume management.
And a native java app that provides a GUI interface to the luks script.
Download
You can find more on the apps homepage at:
nemesis2.qx.net/pages/LUKSManager/
(I've been a long time lurker but since I'm a first time poster I'm not allowed to post this is the main Android App Dev section nor am I allowed to post external links. )
Screen Shots
Click to expand...
Click to collapse
Hi I was wondering if you knew any kernals for the Gingerbread sense OTA cuz ive been looking around for some but i couldnt find any. THX if you reply

h4ck0rk1d said:
Hi I was wondering if you knew any kernals for the Gingerbread sense OTA cuz ive been looking around for some but i couldnt find any. THX if you reply
Click to expand...
Click to collapse
This has been mentioned again and again, there will bo NO custom kernels for the 2.3 update until the source is released. Be patient.
Sent from my MiuiSpeedy

Won't download the full file on my phone using the stock browser and dolphin HD. 1 star because I can't install it. Just joking, but can you put up a mirror please? The download link seems to work fine in Chrome, but mobile browsers it seems to crap out on.
Sent from my PG06100 using XDA App

Download Fixed (I believe)
OK. I believe I've fixed mobile downloads on the server so please try again.
And I've also updated LUKS Manager to v1.4. (lots of little fixes, tweaks)
-N2

Here's a pretty icky bug report for you: LuksManager fails to create a volume if you use spaces in the password.

Ron Overdrive said:
Here's a pretty icky bug report for you: LuksManager fails to create a volume if you use spaces in the password.
Click to expand...
Click to collapse
Thanks for catching that. Version 1.5 should now quote passwords properly.
Any other issues? (I know I should validate user input more on volume creation; but the luks script should handle failures gracefully.)
-N2

Released v1.6
Version 1.6 notes:
Images updated and optimized using optipng.
Updated the about box text.
Added additional failure logging to syslog.
And did a small bit of code cleanup.

just tried this on my hero and its almost very good it seems to create, mount and unmount ok but i'm getting an error that it cant find mkdir (i think this might be because my busybox is in /system/xbin rather than /system/bin?) and also the graphics for the buttons dont seem to resize so on a low resolution screen they overlap and arent readable.

clarkk said:
just tried this on my hero and its almost very good it seems to create, mount and unmount ok but i'm getting an error that it cant find mkdir (i think this might be because my busybox is in /system/xbin rather than /system/bin?) and also the graphics for the buttons dont seem to resize so on a low resolution screen they overlap and arent readable.
Click to expand...
Click to collapse
Ok, I switched over from pixels to dp units. It seems to render fine in the emulator with the display settings for the Hero. Please let me know if it works.

Nemesis][ said:
Ok, I switched over from pixels to dp units. It seems to render fine in the emulator with the display settings for the Hero. Please let me know if it works.
Click to expand...
Click to collapse
Thanks looks great now on the screen, still have a problem mounting though, could it auto-detect the location of busybox or have a changeable option?

Some feature recomendations to consider:
* auto-mount select volumes on startup
* auto-dismount all volumes on shutdown
* auto-dismount all volumes on X number of failed lockscreen attempts
* graphical support for moving/linking directories/files into encrypted volumes (so we can link our folders for downloads, camera, dropbox, etc. to the volumes directly)
Sent from my PG06100 using XDA App

Doesn't work on HTC DesireHD/Android 2.3.3 and Tattoo/Cyanogenmod 7.0.3
Code:
# dd if=/dev/zero of=1.vol bs=1024k count=1024
# lm.cryptsetup luksFormat 1.vol
lm.cryptsetup luksFormat 1.vol
...
Verify passphrase: 1
device-mapper: reload ioctl failed: Invalid argument
Failed to setup dm-crypt key mapping for device /dev/loop0.
Check that kernel supports aes-cbc-essiv:sha256 cipher (check syslog for more info).
#
Relevant syslog lines
Code:
<3>[ 3257.202941] device-mapper: table: 254:0: crypt: Error initializing ESSIV hash
<4>[ 3257.203338] device-mapper: ioctl: error adding target to table
Looks like kernel problem... Any way to fix? YES.
Compile sha256_generic.ko as module, insmod it and all works normally.
Important note - kernel compilations with default NDK toolchain creates
broken module - kexec error - bad relocations: 27 - R_ARM_PLT32.
To compile correct module for your kernel use code sorcery arm compiler.
Details -on cyanogenmod's "compile kernel" page.

on which roms it is working ? i have zte blade - i know wrong topic but what rom should i install to have it working ?

xtam said:
on which roms it is working ? i have zte blade - i know wrong topic but what rom should i install to have it working ?
Click to expand...
Click to collapse
I think it'll work on any rom that has root, but I could be wrong. I use the latest CyanogenMod Nightlies.

Xtam, 2.0 GUI starts working for me with cyanogen 7.x ROM. It requires sha256_generic.ko module for aes-cbc-essiv cipher (FreeOTFE volume), but aes-cbc-plain volume works without additional modules.

Ron Overdrive said:
Some feature recomendations to consider:
* auto-mount select volumes on startup
* auto-dismount all volumes on shutdown
* auto-dismount all volumes on X number of failed lockscreen attempts
* graphical support for moving/linking directories/files into encrypted volumes (so we can link our folders for downloads, camera, dropbox, etc. to the volumes directly)
Click to expand...
Click to collapse
Ron,
I'll look into/consider adding some of those. I've add some code to unmount the volumes on shutdown but I'm not 100% sure it's working properly.
I like the idea of unmounting them all on after X number of failed lock screen attempts. Not quite sure how I can hook into that however.
In version 2.1 you can set the mount point; not sure if I'll write a GUI interface for symlinking however.
-N2

I'm having problems unmounting volumes in 2.1. Whenever I attempt to unmount a volume it tells me without any errors its unmounted, but when you try to remount the volume or check the status its still mounted.

I have a Samsung Infuse which is basically an i9000 galaxy S with a bigger screen and like most galaxy S devices I know of, it has internal storage which is mounted to /mnt/sdcard and an external sd card which is mounted to /mnt/sdcard/exteral_sd. I really like the app and it works perfectly, however I have a problem. It wants to create the volume on the internal sdcard instead of the external one. I edited the lukspath in the luks script but it keeps overwriting it when I start up the gui and go to create a volume. Is there a way to make this setting stick in the luks script without recompiling? Or could you update the app to allow people to change where it creates the volume? I just need to be able to create a volume in /mnt/sdcard/external_sd/. Thanks!

Nice app, thank you Nemesis.
Another suggestion for improvement: it would be nice to be able to change a volume password.

SSL Ciphers in Android Gingerbread

************ UPDATE *****************
update.zip flashable for DSC and DSC PDroid can be found at
openssl 1.0.1e update for DSC/407
*****************************************
Hello,
you may have heard of the badly choosen default ssl ciphers (1) in gingerbread.
Gingerbread devices use outdated encryption algorithms for ssl communication.
That problem effects also gingerbread based roms like 407 or dsc. You can check this by sending
your default browser (or for example nakedbrowser) to a ssl browser test-server (2)
You will get a result like in attachment 1 ciphers_original: We are using the RC4-SHA without perfect forward secrecy. That is problematic cause of the Lucky 13 attack agains this encryption (3)
With some patch in core.jar in our framework (attachment ciphers_reorder.patch) I got DHE-RSA-AES128-SHA which is considered more secure and also supports perfect forward secrecy. (attachment ciphers_pfs)
You can get my core.jar from http://ge.tt/api/1/files/1MKLbUv/0/blob?download. Install it into /system/framework and rebuild your dalvik-cache.
I can't support TLSv1.1 or TLSv1.2 yet, because it would need to recompile a more recent version of libssl.so.
Users of Opera get even DHE-RSA-AES256-SHA in their connection (attachment ciphers_opera) which is considered state-of-the art cryptography. But even than, other android apps will use the badly choosen systems default. So it is a good idea even for opera
users, to update core.jar.
Can please someone confirm my findings, and install core.jar in a 407 or dsc rom and check your browser on (2)
(1) http://op-co.de/blog/posts/android_ssl_downgrade/
(2) https://cc.dcsec.uni-hannover.de/
(3) http://www.isg.rhul.ac.uk/tls/Lucky13.html

@hunderteins,
Thanks for the post.
I am on currently BB407, PCM ROM. Should I do this too?
How is it, which one to choose? Copy your given "core.jar" and paste to "/system/framework" and rebuild your dalvik-cache... OR flash " ciphers_reorder.patch" ?
Ops, sorry I don't know how to handle file.patch... how is it?
Attached are test run using Firefox and Opera.
I have also run using STOCK browser, BOAT browser, and ONE browser. Result same as you shown in your post's 1st picture.
Dell Streak | InnerSD 8GB | ExternalSD 32GB | Custom ROM

Razak RK said:
I am on currently BB407, PCM ROM. Should I do this too?
Click to expand...
Click to collapse
don't know pcm rom. Can you checksum your /system/framework/core.jar ?
For example
Code:
$ sha1sum /system/framework/core.jar
126bad1df158f1af179d353ecd9e781501a30c73 /system/framework/core.jar
$ md5sum /system/framework/core.jar
1b1c955e837b4413fcbeead0a54cd4b7 /system/framework/core.jar
If you get the same values as above, it's safe to copy my core.jar into
your /system/framework/ and rebuild dalvik-cache (for example with a restart).
If you have other checksum values, you would need to decompile (smali) your core.jar, apply the patch-file and compile (smali) it again and replace classes.dex in your core.jar.
Razak RK said:
Attached are test run using Firefox and Opera.
I have also run using STOCK browser, BOAT browser, and ONE browser. Result same as you shown in your post's 1st picture.
Click to expand...
Click to collapse
Well thank your for the confirmation. Firefox seems also immune. The others use the default android classes.
There is one thing in firefox though. It is able to use TLSv1.2 on the desktop. I wonder if this would work on the mobile version also. Go into about:config and set security.tls.version.max from 1 to 3. Reconnect to the test-server. You should see a nice 'This connection uses TLSv1.2'
Good luck,
hunderteins

Thank you Hunderteins!
How about kernel 3.0?
Are you still working on it?
Regards...

hunderteins said:
don't know pcm rom. Can you checksum your /system/framework/core.jar ?
For example
Code:
$ sha1sum /system/framework/core.jar
126bad1df158f1af179d353ecd9e781501a30c73 /system/framework/core.jar
$ md5sum /system/framework/core.jar
1b1c955e837b4413fcbeead0a54cd4b7 /system/framework/core.jar
If you get the same values as above, it's safe to copy my core.jar into
your /system/framework/ and rebuild dalvik-cache (for example with a restart).
If you have other checksum values, you would need to decompile (smali) your core.jar, apply the patch-file and compile (smali) it again and replace classes.dex in your core.jar.
Well thank your for the confirmation. Firefox seems also immune. The others use the default android classes.
There is one thing in firefox though. It is able to use TLSv1.2 on the desktop. I wonder if this would work on the mobile version also. Go into about:config and set security.tls.version.max from 1 to 3. Reconnect to the test-server. You should see a nice 'This connection uses TLSv1.2'
Good luck,
hunderteins
Click to expand...
Click to collapse
~•~•~•~•~
@hunderteins,
Thank you for your reply.
Here is the checksum I get when I run in Terminal Emulator:-
$ export PATH=/data/local/bin:$PATH
$sha1sum /system/framework/core.jar
1291fcce44f4be036e2209ccb46d3313b65bdfdc /system/framework/core.jar
$md5sum /system/framework/core.jar
19bd48b8eac1bb123a823d039415a344 /system/framework/core.jar
$
So, they are NOT the same.
I don't have knowledge of how to decompile (smali) of core.jar, applying the patch-file, compile (smali) it again and replace classes.dex in my core.jar. Nope... I'm stuck to go further.
As for Firefox mobile on my Streak PCM7, I have check the menu and settings, here is NO option as per you mention.
Reason I'm interested to know is to set my Streak at best.
BTW, I'm currently installing and testing all the Streak Custom ROMs in XDA, trying to find a ROM that would probably best for my daily use = Performance+Save Power+Other Features. I probably end up having to learn to mix some ROMs into my own personal use...if I got the time to do it though...
Dell Streak | InnerSD 8GB | ExternalSD 32GB | Custom ROM

Razak RK said:
I don't have knowledge of how to decompile (smali) of core.jar, applying the patch-file, compile (smali) it again and replace classes.dex in my core.jar. Nope... I'm stuck to go further.
Click to expand...
Click to collapse
basically you need http://code.google.com/p/smali/downloads/list
a good tutorial how the framework is decompiled/updated can be found at
http://forum.xda-developers.com/showthread.php?t=1084850
for how to apply a patch to a source-file consult the manpage of patch
back to topic. I updated core.jar http://ge.tt/api/1/files/7F3UKbv/0/blob?download
Now DHE-RSA-AES256-SHA is included in the list of useable ciphers.
This way in stockbrowser/nakedbrowser the same encrpytion is used as in opera/firefox
look into attached image.
Patch is also included for thoose who find it useful.
Have a nice weekend,
hunderteins

sinan33 said:
How about kernel 3.0?
Are you still working on it?
Click to expand...
Click to collapse
didn't post in that thread, did I?

hunderteins said:
didn't post in that thread, did I?
Click to expand...
Click to collapse
Sorry dude; just eagerness

Confirmed working on Traveller DSC. ROM updates will be coming shortly.
Flashable zip for core.jar patch suitable for DSC and Traveller DSC: MediaFire | Mega

Elliptic curve Diffie–Hellman Key exchange
Hello,
the libssl 1.0.0a on the streak supports elliptic curve Diffie–Hellman key exchange.
With the right server, this speeds up https compared to normal Diffie–Hellman key exchange.
So I had to change the core.jar again to support these cyphers.
With this update I removed the know weak ciphers (export, 56bit etc)
I attached a openssl command for the commandline, to check libssl.so for features. It might
be useful elsewhere.
Have fun,
hunderteins

TLSv1.1 and TLSv1.2 protocol
Hello,
SSLv3/TLSv1.0 are known to be problematic with stream ciphers (the cbc ones) and
as mentioned before, I had to compiled a more recent version of libssl to support
the modern TLS variants.
Attached are the openssl binary and the libssl.so and libcrypto.so of openssl 1.0.1e.
They work on my streak and I get a clean https TLSv1.2 connection to the testserver.
Next step is, to modify core.jar again to get the modern GCM streaming methods
and SHA384 hashes.
Have a nice evening,
hunderteins

GCM streaming, sha384 hashes and server name indication (SNI)
Hello,
as mentioned before, I modified core.jar to match the ciphers from libssl 1.01e. So we get modern ciphers like ECDHE-RSA-AES256-GCM-SHA384 which are considered strong cryptographie. That's even more recent than Android 4.4 KitKat.
But Android Gingerbread has another serious flaw: SNI (server name indication) is not supported with Apache Http Client. Google fixed this *tada* in Honeycomb.
I looked into that problem, but we have to change framework.jar for that, too.
I attached the patches against the backsmalied core.jar and framework.jar. Together with openssl 1.0.1e I get a very beautiful https connection to the testservers (attached screenshots): ECDHE-RSA-AES256-GCM-SHA384 with TLS V1.2 and SNI - in stock android 2.3 browser.
Please confirm my findings. I'll try to make an streakmod compatible update.zip to spread that little security to the masses. If you point me to your core.jar/framework.jar I will consider to integrate your rom into that update.zip.
Have fun,
hunderteins

So if I understand how you put the update.zip together, the update patches the files rather than simply copying a new version of the file over the existing one?
BTW, the PDroid version is working perfectly.

Strephon Alkhalikoi said:
So if I understand how you put the update.zip together, the update patches the files rather than simply copying a new version of the file over the existing one?
BTW, the PDroid version is working perfectly.
Click to expand...
Click to collapse
Thank you for your feedback.
Update.zip deploys openssl 1.0.1e into /system/lib and /system/bin. It replaces classes.dex inside framework.jar and core.jar when the sha1_check is correct. That is mostly like replacing the files itself, because classes.dex is the main ingredient.
An elegant way would be to baksmali/smali on the device itself, but that didn't work because of memory constraint.
have fun,
hunderteins

openssl 1.0.1g for android 2.3
Hello,
you may have heard of the heartbleed bug [1] before. The 1.0.1e version of openssl I did build for the Dell Streak last autumn is affected. So I made an updated package and attached it. Just put the files into your /system/bin and /system/lib and reboot.
Good luck,
hunderteins
[1] http://heartbleed.com/

hunderteins said:
Hello,
you may have heard of the heartbleed bug [1] before. The 1.0.1e version of openssl I did build for the Dell Streak last autumn is affected. So I made an updated package and attached it. Just put the files into your /system/bin and /system/lib and reboot.
Good luck,
hunderteins
[1] http://heartbleed.com/
Click to expand...
Click to collapse
I'll make a flashable zip for this shortly as well as release an update to Traveller DSC.

hunderteins said:
you may have heard of the heartbleed bug before. The 1.0.1e version of openssl I did build for the Dell Streak last autumn is affected.
Click to expand...
Click to collapse
I stand corrected. The 1.0.1e version was build with -DOPENSSL_NO_HEARTBEATS. So it was not affected at all. Tested it with the stock browser and naked browser against pacemaker [1].
Anyway, 1.0.1g is not affected, too.
warning: Stock browser on Android 4.1.1 is affected.
[1] https://github.com/Lekensteyn/pacemaker

Regardless, the upgrade to 1.01g should improve performance slightly, shouldn't it?

Strephon Alkhalikoi said:
Regardless, the upgrade to 1.01g should improve performance slightly, shouldn't it?
Click to expand...
Click to collapse
I don't think so. As of today in 1.0.1-versions of openssl there are only bugfixes. New, improved features are in 1.0.2. [1]
The changelog between 1.0.1e and 1.0.1g shows detailed bugfixes:
Code:
Changes between 1.0.1f and 1.0.1g [7 Apr 2014]
*) A missing bounds check in the handling of the TLS heartbeat extension
can be used to reveal up to 64k of memory to a connected client or
server.
Thanks for Neel Mehta of Google Security for discovering this bug and to
Adam Langley <[email protected]> and Bodo Moeller <[email protected]> for
preparing the fix (CVE-2014-0160)
[Adam Langley, Bodo Moeller]
*) Fix for the attack described in the paper "Recovering OpenSSL
ECDSA Nonces Using the FLUSH+RELOAD Cache Side-channel Attack"
by Yuval Yarom and Naomi Benger. Details can be obtained from:
http://eprint.iacr.org/2014/140
Thanks to Yuval Yarom and Naomi Benger for discovering this
flaw and to Yuval Yarom for supplying a fix (CVE-2014-0076)
[Yuval Yarom and Naomi Benger]
*) TLS pad extension: draft-agl-tls-padding-03
Workaround for the "TLS hang bug" (see FAQ and PR#2771): if the
TLS client Hello record length value would otherwise be > 255 and
less that 512 pad with a dummy extension containing zeroes so it
is at least 512 bytes long.
[Adam Langley, Steve Henson]
Changes between 1.0.1e and 1.0.1f [6 Jan 2014]
*) Fix for TLS record tampering bug. A carefully crafted invalid
handshake could crash OpenSSL with a NULL pointer exception.
Thanks to Anton Johansson for reporting this issues.
(CVE-2013-4353)
*) Keep original DTLS digest and encryption contexts in retransmission
structures so we can use the previous session parameters if they need
to be resent. (CVE-2013-6450)
[Steve Henson]
*) Add option SSL_OP_SAFARI_ECDHE_ECDSA_BUG (part of SSL_OP_ALL) which
avoids preferring ECDHE-ECDSA ciphers when the client appears to be
Safari on OS X. Safari on OS X 10.8..10.8.3 advertises support for
several ECDHE-ECDSA ciphers, but fails to negotiate them. The bug
is fixed in OS X 10.8.4, but Apple have ruled out both hot fixing
10.8..10.8.3 and forcing users to upgrade to 10.8.4 or newer.
[Rob Stradling, Adam Langley]
It is sad, that on regular android devices, these bugfixes never see the light. Basically you can take these known bugs and rig most of the android 4.x devices.
reg. hunderteins
[1] http://www.openssl.org/news/changelog.html

Regardless, it's not a bad thing to have the latest version.

[CM13] ALSA instead of tinyALSA

Hey guys
I already asked this in some way over at Zenfone 2 sub forum but it might be better to post it here since it could be more CM-related than phone related.
At work we're developing an app which requires an x86 based processor to function properly. But we also need to use ALSA instead of tinyALSA related to various startup scripts required for that mentioned application and the application itself. Rewrite the whole parser is out of question due to the amount of work involved to port it over ARM platform.
Anyway we digged through the mixer settings of tinyALSA and came to the conclusion that it's not suitable for our app.
Currently I'm using the CyanogenMod 13 source code with ALSA lib and ALSA utils packages from Android x86 project (the Marshmallow-one of course). The build process is all fine and the binaries are usable inside an ADB shell but I'm not really able to use aplay for recording or playback of audio files.
Right now I'm stuck with the following error:
Code:
aplay: pcm_write:1684: write error: I/O error
I used "alsa_aplay /sdcard/Front_Center.wav -D hw:0,5 " to test the audio playback.
Some other problems occur when I want to use "alsa_ctl init", alsa_amixer can't load default mixer settings, "alsa_aplay -L" results in "NULL" output and so on.
Any suggestions on how to get audio capabilities working with true ALSA?
By the way: Our Zenfone 2 uses an Intel Atom Z3560 processor with rt5647-audio codec.

[GUIDE][OREO][8.x] How to modify Oreo kernels to support DualBoot Patcher

The Problem
TLDR: In Oreo ROMs, i.e. Android 8.0/8.1, DualBoot Patcher no longer works, as patched ROMs/kernels will get stuck on Android logo screen(for the Axon 7, it's the 'ZTE, POWERED BY android' screen), and never boot up.
In Oreo(Android 8.0/8.1), Google introduced a new function to fstab, which is early mounting specific partitions. The purpose was so that Android can boot up faster, by ensuring that essential partitions like /system and /vendor are mounted first and the boot process will not be held back by delays in non-essential things like setting up apps. More details can be found here. So the important changes that affect DualBoot Patcher are: 1) There's an important file 'fstab.qcom', which lists all the partitions that Android can use, that got shifted from the '/' directory(the root partition/ramdisk, Android 7.x and below) to the '/system/vendor/etc' directory(in Android 8.x) 2) In addition, another file 'init.qcom.rc', once found in the '/' directory too(in Android 7.x and below), is now shifted to '/system/vendor/etc/init/hw' directory(in Android 8.x) 3) Because of 1), 'init.qcom.rc' now believes that 'fstab.qcom' is in '/system/vendor/etc' and not '/', and so it asks Android to read 'fstab.qcom' from '/system/vendor/etc' 4) In the 'fstab.qcom' file, there are entries for all partitions except /system(and /vendor for Treble devices). For these 2 partitions, they are now found in the dtb(short for Device Tree Binary). How does this affect DualBoot Patcher? 1) DualBoot Patcher expects that 'fstab.qcom' is still in '/' directory(correct me if I'm wrong), so it fails to find this file in Android 8.x ROMs/kernels 2) DualBoot Patcher expects that '/system' is still defined in 'fstab.qcom', which is not the case. Below are the exact changes that Google made(in the case of our Axon 7), note the red parts(the changes):
fstab.qcom(the strike means those lines are now removed/gone)
Code:
/dev/block/bootdevice/by-name/recovery /recovery emmc defaults defaults
[STRIKE][COLOR="red"]/dev/block/bootdevice/by-name/system /system ext4 ro,barrier=1,discard wait[/COLOR][/STRIKE]
init.qcom.rc
Code:
on fs
wait /dev/block/platform/soc/${ro.boot.bootdevice}
symlink /dev/block/platform/soc/${ro.boot.bootdevice} /dev/block/bootdevice
mount_all [COLOR="Red"]/vendor/etc/fstab.qcom[/COLOR]
dtb(converted into dts with dtc)
Code:
fstab {
compatible = "android,fstab";
vendor {
compatible = "android,vendor";
dev = "/dev/block/platform/soc/7464900.sdhci/by-name/vendor";
type = "ext4";
mnt_flags = "ro,barrier=1,discard";
fsmgr_flags = "wait";
status = "disabled";
};
[COLOR="red"]system {
compatible = "android,system";
dev = "/dev/block/platform/soc/624000.ufshc/by-name/system";
type = "ext4";
mnt_flags = "ro,barrier=1,discard";
fsmgr_flags = "wait";
status = "ok";
};[/COLOR]
};
The Solution
There are 3 changes to make for each ROM/kernel: 1) Edit fstab.qcom, dtb and init.qcom.rc 2) Add fstab.qcom and init.qcom.rc back into the ramdisk(i.e. edit the ramdisk) 3) Delete '/system/vendor/etc/fstab.qcom' and '/system/vendor/etc/init/hw/init.qcom.rc'. There are 2 ways you can do this, either manually, or with my script(Work in progress, my sincere apologies)
Method 1: Manually modify ROM and kernel
Files you will need:
Note: the 'files.zip' attached below contains 'dtc', 'magiskboot', 'mkbootimg', 'unpackbootimg'. Extract it to get these files. Feel free to scan them for viruses, I assure you they are clean and not viruses for sure
- boot.img you want to patch
- init.qcom.rc, fstab.qcom from the ROM you are patching
- magiskboot binary(found in /data/magisk or /data/adb/magisk if you installed magisk, otherwise download the one attached below)
- dtc binary(download the one attached below)
If you are patching Hellsgate or Schwifty, you also need:
- unpackbootimg, mkbootimg(attached below)
- Image.gz-dtb(from the flashable zip of the kernel)
Note: You also need a boot.img, but this will be from the ROM you are flashing/have flashed(extract from the ROM zip)
Preliminary step: Prepare the files
- Before you start, I would recommend copying all the files into a directory where you can chmod/execute binaries. I personally recommend '/data/local/tmp', or '/cache'(anywhere in /cache is fine). The guide below assumes that all these files are in the same directory. Also, chmod all the binaries, for example, do this in your working directory:
Code:
chmod 0755 *
- Also, I would recommend backing up 'fstab.qcom' and 'init.qcom.rc'
Additional Step: If you wish to patch kernels like Hellsgate and Schwifty
- First, unpack your ROM's stock kernel:
Code:
./unpackbootimg -i boot.img
- Then, repack the kernel as a Hellsgate/Schwifty kernel:
Code:
./mkbootimg --kernel Image.gz-dtb --ramdisk boot.img-ramdisk.gz --cmdline "androidboot.hardware=qcom user_debug=31 msm_rtb.filter=0x237 ehci-hcd.park=3 lpm_levels.sleep_disabled=1 [email protected] androidboot.selinux=permissive buildvariant=userdebug" --base 80000000 --pagesize 4096 --kernel_offset 00008000 --ramdisk_offset 01000000 --second_offset 00f00000 --tags_offset 00000100 --os_version 8.1.0 --os_patch_level [COLOR="red"]2018-06[/COLOR] --hash sha1 --output ./boot-new.img
- Note: For the red part in the above command, adjust for the month that your desired kernel is released. E.g. If your desired kernel was released in 2018 June, you put '2018-06', while if it was released in 2018 July, you put '2018-07', and so on.
- From now on, take note that everytime I mention 'boot.img', for you, it will be 'boot-new.img'(I'll bold each one that you have to change to 'boot-new.img')
Step 1: Unpack the boot.img
Code:
./magiskboot --unpack [COLOR="red"]boot.img[/COLOR]
- Now you get 3 additional files: 1) kernel(not editing this) 2) ramdisk.cpio(gonna edit this) 3) dtb(also editing this)
Step 2: Decompile the dtb
Note: dtb is a BINARY so don't open it with a text editor
Code:
./dtc -I dtb -O dts -o dt.txt dtb
- Another note: It will probably give you a lot of warnings, but it's harmless so just ignore them(I've edited multiple kernels and tested them myself, no bugs so far)
Step 3: Edit the decompiled dts
- Open the created 'dt.txt' with a root text editor(I use Simple Explorer, you can use FX file explorer, or ES file explorer)
- Search for this word:
Code:
/system
. You should find this line:
Code:
dev = "/dev/block/platform/soc/624000.ufshc/by-name/system";
- Remove the entire chunk quoted below:
Code:
system {
compatible = "android,system";
dev = "/dev/block/platform/soc/624000.ufshc/by-name/system";
type = "ext4";
mnt_flags = "ro,barrier=1,discard";
fsmgr_flags = "wait";
status = "ok";
};
- Take note that you will have to remove 1 '};'(at the bottom of the above quote), nothing more, nothing less
Step 4: Recompile the dtb
Code:
./dtc -I dts -O dtb -o dtb1 dt.txt
- Again, it might give you a lot of warnings but just ignore them
- Also, rename the new dtb so that magiskboot will compile this new dtb into your modified kernel:
Code:
mv dtb dtb.bak
Code:
mv dtb1 dtb
Step 5: Edit fstab.qcom
- Open 'fstab.qcom' file with a root text editor
- Add the following red line, below the line about '/recovery', above the line about '/data':
Code:
/dev/block/bootdevice/by-name/recovery /recovery emmc defaults defaults
[COLOR="red"]/dev/block/bootdevice/by-name/system /system ext4 ro,barrier=1,discard wait[/COLOR]
/dev/block/bootdevice/by-name/userdata /data f2fs nosuid,nodev,noatime,nodiratime,data_flush wait,check,encryptable=/dev/block/bootdevice/by-name/cryptkey,quota,formattable[/CODE]
- Save the 'fstab.qcom' file
Step 6: Edit init.qcom.rc
- Open 'init.qcom.rc' with a root text editor
- Look for this line:
Code:
mount_all /vendor/etc/fstab.qcom
- Change it into this line:
Code:
mount_all [COLOR="red"]/fstab.qcom[/COLOR]
- Save the 'init.qcom.rc' file
Step 7: Modify kernel ramdisk
-First do:
Code:
./magiskboot --cpio ramdisk.cpio 'add 0640 fstab.qcom fstab.qcom'
- Then do:
Code:
./magiskboot --cpio ramdisk.cpio 'add 0750 init.qcom.rc init.qcom.rc'
Step 8: Create a new, DBP-compatible boot.img
Code:
./magiskboot --repack [COLOR="red"]boot.img[/COLOR]
- You will get a new boot.img, named 'new-boot.img'
Step 9: Install the modified kernel
- First, flash the boot.img(using TWRP or Flashify or another tool)
- Then, delete these 2 files:
Code:
/system/vendor/etc/fstab.qcom
and
Code:
/system/vendor/etc/init/hw/init.qcom.rc
- Note: Make sure you do not reboot after installing boot.img and before deleting the above 2 files
That's it! If you completed all the steps above properly, you should have a working DBP-compatible boot.img that you can put in a flashable zip and patch with DualBoot Patcher
if you don't know how to make a flashable zip to install your modified boot.img, you can use the one I attached below(named 'flashable-kernel-template.zip'). What you have to do is download it, then extract it and make a new zip containing your modified boot.img(basically, create a new zip with the 'META-INF' folder from my zip and your 'boot.img'. The zip automatically deletes
Code:
/system/vendor/etc/fstab.qcom
and
Code:
/system/vendor/etc/init/hw/init.qcom.rc
so you won't need to do this yourself
Note: If you are using my flashable zip, note that you have to rename your modified 'new-boot.img' to 'boot.img' before you compress it into a new flashable zip. Otherwise you will get an error when flashing in recovery
Note 2: Avoid using the flashable zip template for non-modified kernels, it can render your ROM unable to boot!
Method 2: Work in Progress
Method 2: Use my automated script
Please do leave feedback on whether this guide is clear, and also if any of the steps are not working for you! Happy Dualbooting
Sources:
Github Problem Discussion
Problem Solution

Reserved 1

Reserved 2

This is going to be useful. Personally I just want to run custom O as primary and N as a secondary. Mainly because O doesn't have properly working Daydream and for a couple of games that aren't compatible anymore with O. If I'm only trying to attach LOS14.1 as secondary I wouldn't need to patch anything extra O from this guide? Though I can't install the patched ROM it gives an error.
Edit: Oops missed reading from the old guide the primary ROM needs to be stock. I guess I need to patch then. Do I need Linux to do all the editing?

Infy_AsiX said:
This is going to be useful. Personally I just want to run custom O as primary and N as a secondary. Mainly because O doesn't have properly working Daydream and for a couple of games that aren't compatible anymore with O. If I'm only trying to attach LOS14.1 as secondary I wouldn't need to patch anything extra O from this guide? Though I can't install the patched ROM it gives an error.
Edit: Oops missed reading from the old guide the primary ROM needs to be stock. I guess I need to patch then. Do I need Linux to do all the editing?
Click to expand...
Click to collapse
Actually yeah, if your custom O is primary you don't need to patch it(the kernel, I mean)! You still need to patch the ROM so that it doesn't wipe /system when you OTA update your custom O, which means you need an unpatched custom O stock kernel flsshable zip(sorry for the mouthful). But if you don't OTA update then no need The last I tried, using stock ROM as secondary worked for me though? Didn't find any issues. But I might just be lucky, be careful if you try that.
As for your last question, nope all these commands are meant for Terminal Emulator app on an Android phone! Just use the binaries in the attached files.zip, they are all compiled for Android and do not work on Linux desktops. All the best If you need help just ask here!

haoyangw said:
Actually yeah, if your custom O is primary you don't need to patch it(the kernel, I mean)! You still need to patch the ROM so that it doesn't wipe /system when you OTA update your custom O, which means you need an unpatched custom O stock kernel flsshable zip(sorry for the mouthful). But if you don't OTA update then no need The last I tried, using stock ROM as secondary worked for me though? Didn't find any issues. But I might just be lucky, be careful if you try that.
As for your last question, nope all these commands are meant for Terminal Emulator app on an Android phone! Just use the binaries in the attached files.zip, they are all compiled for Android and do not work on Linux desktops. All the best If you need help just ask here!
Click to expand...
Click to collapse
Figured out the error after dual boot patch on LOS14.1 was my mistake in modifying the update-script incorrectly. Nothing to do with N/O/this guide. However now I tried installing it to data slot so dirty flashing and restoring the system partition won't be complicated. The issue is trying to boot primary it vibrates five times at ZTE logo and goes to recovery. Trying to switch to primary in dualbootutilities gives an error something like (from memory) data/media/0/boot.img cannot be found. I guess DBP installed even on data changes the structure of boot and primary on O doesn't fit so can't boot. Just want your advice, it probably means patching O when O is primary is necessary then?

Infy_AsiX said:
Figured out the error after dual boot patch on LOS14.1 was my mistake in modifying the update-script incorrectly. Nothing to do with N/O/this guide. However now I tried installing it to data slot so dirty flashing and restoring the system partition won't be complicated. The issue is trying to boot primary it vibrates five times at ZTE logo and goes to recovery. Trying to switch to primary in dualbootutilities gives an error something like (from memory) data/media/0/boot.img cannot be found. I guess DBP installed even on data changes the structure of boot and primary on O doesn't fit so can't boot. Just want your advice, it probably means patching O when O is primary is necessary then?
Click to expand...
Click to collapse
Oh you mean you flashed custom O, and after that you flashed you N data slot ROM? You're partially right, if you flash your data slot ROM after a non-patched ROM, you'll have the data slot kernel installed i.e. the LOS 14.1 stock kernel, which cannot boot an O ROM. This is because DBP works by storing multiple kernels on your /data/media/0/Multiboot folder, when you 'switch ROMs' actually what happens is DBP flashes the kernel of the ROM you're switching to. Obviously a N kernel cannot boot an O ROM so you cannot boot. Unfortunately, DBP only stores kernels that you flash with patched zips(i.e. if you flash a DBP-patched ROM/kernel zip, only then will DBP store the kernel in its custom Multiboot folder). So because you didn't patch your O primary ROM, its kernel is not saved and you cannot use DBPUtilities. What you can do is either make your own non-patched kernel zip file for your O ROM's stock kernel that you flash everytime you want to switch to primary, or you patch your primary ROM and then you can use DBPUtilities. However B01 kernel has a slightly different precedure for adding DBP support that this guide doesn't explain(I'm sorry) I'll update it when I find time. Don't follow this guide to patch B01! It won't boot, I tried But I know what changes to make when modifying a B01 kernel don't worry

lost this post when I pressed reply. This RR-O Kranoner 20180511 has the fstab.qcom and init.qcom.rc still on root / directory. But patching only DBP patching hellsgate kernel after having LOS14.1 on data slot 1 still has the same issue. Alternatively installing the mod boot.img allows primary to boot but after using DBP utilities to switch to data slot 1 (onscreen says success) the data slot 1 gets stuck on ZTE logo with 5 vibrates instead. Even tried flashing the final Beastmode 14.1 kernel DBP patched to data slot 1 after switched, five vibrates to recovery.
Lost Magisk install after step nine. Just reinstalling it is fine. Did you forget the flashable zip template by the way?

Infy_AsiX said:
lost this post when I pressed reply. This RR-O Kranoner 20180511 has the fstab.qcom and init.qcom.rc still on root / directory. But patching only DBP patching hellsgate kernel after having LOS14.1 on data slot 1 still has the same issue. Alternatively installing the mod boot.img allows primary to boot but after using DBP utilities to switch to data slot 1 (onscreen says success) the data slot 1 gets stuck on ZTE logo with 5 vibrates instead. Even tried flashing the final Beastmode 14.1 kernel DBP patched to data slot 1 after switched, five vibrates to recovery.
Lost Magisk install after step nine. Just reinstalling it is fine. Did you forget the flashable zip template by the way?
Click to expand...
Click to collapse
Oh hmm did you install the right version of Hellsgate for your data slot 1? I think LOS 14.1 needs a very old version(R2.1? I think). I'm not sure about beastmode kernel though, I'm sorry And thanks for the reminder about the zip template, o dear I forgot about it I'll upload it now!

haoyangw said:
Oh hmm did you install the right version of Hellsgate for your data slot 1? I think LOS 14.1 needs a very old version(R2.1? I think). I'm not sure about beastmode kernel though, I'm sorry And thanks for the reminder about the zip template, o dear I forgot about it I'll upload it now!
Click to expand...
Click to collapse
Sorry that post was worded poorly due to rushed recalling. I meant RR-O primary had Hellsgate kernel patched by this guide, which shouldn't be necessary as the two issue ROM files are still on root directory (patching with DBP instead didn't work as I posted before)? Still had to install the mod boot.img to manage to boot but then data slot 1 LOS14.1 won't boot. I was going to try patching with this guide the kernel I intend for LOS14.1 but it's lacking the image.gz-dtb file, I'd only patched it with DBP and that should be enough as it's an N ROM. I guess I could use an older hellsgate suited to N but Beastmode was updated til a little later so I'd prefer it.
Thanks for the zip template. Just checking, it's not actually needed if I can just install the modded boot.img directly in TWRP anyway?

Infy_AsiX said:
Sorry that post was worded poorly due to rushed recalling. I meant RR-O primary had Hellsgate kernel patched by this guide, which shouldn't be necessary as the two issue ROM files are still on root directory (patching with DBP instead didn't work as I posted before)? Still had to install the mod boot.img to manage to boot but then data slot 1 LOS14.1 won't boot. I was going to try patching with this guide the kernel I intend for LOS14.1 but it's lacking the image.gz-dtb file, I'd only patched it with DBP and that should be enough as it's an N ROM. I guess I could use an older hellsgate suited to N but Beastmode was updated til a little later so I'd prefer it.
Thanks for the zip template. Just checking, it's not actually needed if I can just install the modded boot.img directly in TWRP anyway?
Click to expand...
Click to collapse
Oh you're right, if the 2 files are still present you don't have to patch using this guide. Just checking, what version of hellsgate are you using for primary? And yes you're right! N ROMs/kernels don't have to be patched with this guide for DBP I'm not very sure why you can't boot and get the 5 led flashes though
As for your last question, you're right no need this zip in you install using TWRP.

haoyangw said:
Oh you're right, if the 2 files are still present you don't have to patch using this guide. Just checking, what version of hellsgate are you using for primary? And yes you're right! N ROMs/kernels don't have to be patched with this guide for DBP I'm not very sure why you can't boot and get the 5 led flashes though
As for your last question, you're right no need this zip in you install using TWRP.
Click to expand...
Click to collapse
The last B32+10 hellsgate v3.0. Dunno but the guide did manage to allow primary to boot whereas it wouldn't before. Both N hellsgate and beastmode are lacking the image.gz-dtb so I can't patch them. I guess I'll try stock next, I really wanted KCAL to use on Daydream tho ::crying:. If that fails I might try stock N as primary when I'm about to clean flash update O.

Infy_AsiX said:
The last B32+10 hellsgate v3.0. Dunno but the guide did manage to allow primary to boot whereas it wouldn't before. Both N hellsgate and beastmode are lacking the image.gz-dtb so I can't patch them. I guess I'll try stock next, I really wanted KCAL to use on Daydream tho ::crying:. If that fails I might try stock N as primary when I'm about to clean flash update O.
Click to expand...
Click to collapse
Oh dear I'm sorry to hear Just checking are you using LOS 14.1 builds from 2018? I might know what's wrong

haoyangw said:
Oh dear I'm sorry to hear Just checking are you using LOS 14.1 builds from 2018? I might know what's wrong
Click to expand...
Click to collapse
yeah latest official
Sent from my Xperia Z3C using XDA Labs

Infy_AsiX said:
yeah latest official
Click to expand...
Click to collapse
Oh I probably should add this in the OP, Nougat builds with 2018 Security patch level behaves the same way as Oreo ROMs, they also have the init.qcom.rc and fstab.qcom in /system. So I would believe that latest LOS 14.1 also needs the exact same patching method as Oreo(if you can check and confirm this that'll be great). I haven't analysed the Nougat hellsgate and beastmode kernels so I'm not sure how to patch them, I'll let you know asap when I find out something. Sorry about the mistake, I didn't realise there's still a Nougat ROM being regularly updated

Great thanks for the guide and mods. Sorry for the late follow up, it did take awhile to get working. After some confusion and trouble with figuring out how some O ROMs still don't use the early mount method. While N ROM and kernels don't in fact need patching by this guide. Also B12 can't be dual booted with any N ROMs due to bootstack incompatibility (flashing bootstack after a DBP install doesn't seem to take effect to help). My target kernel was Hellsgate 3 for B32+10, which oddly needed fstab.qcom modded per guide but not init.qcom.rc all despite the kernel being for non early mount ROMs. Yes really, after all of that figured out, I got it working!
I'm glad to report it works as intended with the right setup. Now with B12 ROMs currently all affected by the wired audio cpu extra 50% load bug, using B32+10 is a working fallback. The trade off being apparently dual-sim issues (reported by some as present, some not), no GCam HDR support and improper hi-res audio support (though hi-fi DAC was already working and hi-res is debatably useless). In any case if dual booting O with N is desired B32+10 is the latest supported available with above stated differences. This is the only way presently for using a stable-ish O ROM and N's fully functioning Daydream and a couple of AAA games deprecated after N such as Fahrenheit: Indigo Prophecy and Jade Empire. Now I can also play around testing Kranoner's N Vertex EAS supported ROM and kernel.
I've attached the B32+10 Hellsgate 3 modded per this guide using Kranoner's 180511 RR-O for anyone interested in getting it straight working without the mess. A few pointers. The zip still needs needs to be patched to primary/secondary/whatever chosen slot before use. Magisk has to be reinstalled after installing the modified kernel, primary Magisk zip does not need DB patching. Using secondary slot, to fill up like huge wasted space 6GB system partition is smart if you're not installing many apps.
Sent from my ZTE Axon 7 using XDA Labs

////[removed]////

Tried this with my device and it didn't work. Alcatel Tetra with 8.1 Stock. Runs GSI images up to 10. MT6739 SOC. Doesn't boot if you simply remove the entry. Couldn't even change ro to rw and have it boot. I was able to remove verify and that was about it. I was able to get the fstab and init file migrated back to ramdisk and it booted once i modified the init file to point to the right locations. I got DBP supporting my treble device properly. The last step is to figure out how to disable/remove the system early mount. This topic seems dead but I figure it's worth a try. I've been working on this Project on and off for 2+ months now and would really like to hit paydirt.

you do realize this is an Axon7 thread , yes?

mrrocketdog said:
you do realize this is an Axon7 thread , yes?
Click to expand...
Click to collapse
I'm Sure he's not lost .
U realize this is a place Dev's take ideas from each other and try to port it to other devices Right?

Question Propietary blobs/files for Odin

Hey, does anyone know how to get the propietary blobs out of the device? I'm kinda done with MIUI and i wanna try to compile some custom rom and maybe a legit twrp.

SanHelios said:
Hey, does anyone know how to get the propietary blobs out of the device? I'm kinda done with MIUI and i wanna try to compile some custom rom and maybe a legit twrp.
Click to expand...
Click to collapse
lol i am looking for the same
check this out

vamsi209 said:
lol i am looking for the same
check this out
Click to expand...
Click to collapse
what shall i check out?

SanHelios said:
what shall i check out?
Click to expand...
Click to collapse
Extracting proprietary blobs from LineageOS zip files | LineageOS Wiki
wiki.lineageos.org

SanHelios said:
Hey, does anyone know how to get the propietary blobs out of the device? I'm kinda done with MIUI and i wanna try to compile some custom rom and maybe a legit twrp.
Click to expand...
Click to collapse
Trying to look for the Chinese tool to flash the unofficial TWRP, once I manage to do that will try help on grabbing those needed proprietary blobs. May need guide on how to pull the blobs, am still a noob

dan079 said:
Trying to look for the Chinese tool to flash the unofficial TWRP, once I manage to do that will try help on grabbing those needed proprietary blobs. May need guide on how to pull the blobs, am still a noob
Click to expand...
Click to collapse
Me too... TWRP is tricky, since it can only be done by this OneInject-function of TWRP, but it's possible. I tried the 'current' unofficial release of TWRP for this, but all i got was a reboot to BL.

vamsi209 said:
Extracting proprietary blobs from LineageOS zip files | LineageOS Wiki
wiki.lineageos.org
Click to expand...
Click to collapse
yshalsager, who created the Firmware-script, told me the same.. here is his answer.
"
Hi,
Thanks for your words, glad to hear my work helps.
You can use LineageOS extract files script that will generate vendor tree for you. It is available in any device tree but you should use one of your device so it reads from its proprietary-files.txt or something.
"
Maybe LOS is closer than we think.

SanHelios said:
yshalsager, who created the Firmware-script, told me the same.. here is his answer.
"
Hi,
Thanks for your words, glad to hear my work helps.
You can use LineageOS extract files script that will generate vendor tree for you. It is available in any device tree but you should use one of your device so it reads from its proprietary-files.txt or something.
"
Maybe LOS is closer than we think.
Click to expand...
Click to collapse
niceee, so for mix 4, i extracted the twrp trees using this,
[SCRIPT] TWRP device tree generator
Create a TWRP-compatible device tree only from an Android recovery image (or a boot image if the device uses non-dynamic partitions A/B) of your device's stock ROM. It has been confirmed that this script supports images built starting from...
forum.xda-developers.com
setup the local repo for building twrp trees, using these
1. Installing the tools
A Python library/script to automatically generate TWRP-compatible device tree from a boot/recovery image - twrpdtgen/twrpdtgen
github-wiki-see.page
tried building but the device doesn't lunch after following the steps shown above,
Code:
http://www.hastebin.com/jonexiyowu.md
and one of the dev https://github.com/imjyotiraditya , helped me build an aospa rom for g8x,
now he is on to building twrp for our device odin.
if anyone has twrp trees, we can try geting aospa build ready for our device

vamsi209 said:
niceee, so for mix 4, i extracted the twrp trees using this,
[SCRIPT] TWRP device tree generator
Create a TWRP-compatible device tree only from an Android recovery image (or a boot image if the device uses non-dynamic partitions A/B) of your device's stock ROM. It has been confirmed that this script supports images built starting from...
forum.xda-developers.com
setup the local repo for building twrp trees, using these
1. Installing the tools
A Python library/script to automatically generate TWRP-compatible device tree from a boot/recovery image - twrpdtgen/twrpdtgen
github-wiki-see.page
tried building but the device doesn't lunch after following the steps shown above,
Code:
http://www.hastebin.com/jonexiyowu.md
and one of the dev https://github.com/imjyotiraditya , helped me build an aospa rom for g8x,
now he is on to building twrp for our device odin.
if anyone has twrp trees, we can try geting aospa build ready for our device
Click to expand...
Click to collapse
hey, i'm trying it right now... was able to manage a device tree from the latest weekly of the EU-rom. Repo is syncing right now for the aosp-twrp-11 repository.

U used the same script for the recovery trees?

vamsi209 said:
U used the same script for the recovery trees?
Click to expand...
Click to collapse
yes, i extracted it from the boot.img.
Update... build/envsetup.sh error, anyone any suggestions?
Update managed to get envsetup.sh to work, got following error messages
source build/envsetup.sh
including device/xiaomi/odin/vendorsetup.sh
COMMON_LUNCH_CHOICES: Befehl nicht gefunden.
COMMON_LUNCH_CHOICES: Befehl nicht gefunden.
lunch twrp_odin-eng
In file included from build/make/core/config.mk:291:
In file included from build/make/core/envsetup.mk:266:
build/make/core/product_config.mk:155: error: Can not locate config makefile for product "twrp_odin".
23:22:04 dumpvars failed with: exit status 1
WARNING: Trying to fetch a device that's already there
Traceback (most recent call last):
File "/home/dave/AOSP-Recovery/vendor/twrp/build/tools/roomservice.py", line 431, in <module>
fetch_device(device)
File "/home/dave/AOSP-Recovery/vendor/twrp/build/tools/roomservice.py", line 399, in fetch_device
git_data = search_gerrit_for_device(device)
File "/home/dave/AOSP-Recovery/vendor/twrp/build/tools/roomservice.py", line 86, in search_gerrit_for_device
device_data = check_repo_exists(git_data, device)
File "/home/dave/AOSP-Recovery/vendor/twrp/build/tools/roomservice.py", line 62, in check_repo_exists
raise Exception("{device} not found,"
Exception: odin not found,exiting roomservice
In file included from build/make/core/config.mk:291:
In file included from build/make/core/envsetup.mk:266:
build/make/core/product_config.mk:155: error: Can not locate config makefile for product "twrp_odin".
23:22:05 dumpvars failed with: exit status 1
** Don't have a product spec for: 'twrp_odin'
** Do you have the right repo manifest?
Anyone a good guess?

Did you had any luck, or any chance I can help?

Puksom said:
Did you had any luck, or any chance I can help?
Click to expand...
Click to collapse
well, i made some progress, but i failed again. I posted a thread in the official twrp forum. Maybe you might want to take a look at it.. thx.
Post in thread '[DEV]How to compile TWRP touch recovery' https://forum.xda-developers.com/t/dev-how-to-compile-twrp-touch-recovery.1943625/post-85686505

Puksom said:
Did you had any luck, or any chance I can help?
Click to expand...
Click to collapse
I'm a total beginner, so i might be wrong. But as far as i can tell, the makefiles of the extracted device tree need to be update or even completely rebuild.

Hi, it seems like I was able to execute the script successfully.
It didn't work on Windows because it got stuck on the execution of unpackimg.bat.
I ran it on Linux and it worked (after chmod 777 of boot.img). This is the command I ran:
python3 -m twrpdtgen -o ./odin ./boot.img
output:
Code:
TWRP device tree generator
Version 1.3.0
[INFO] Cloning AIK...
Done! You can find the device tree in odin/xiaomi/odin
I took boot.img from the latest MIUI 12.5.7.0 China Stable
Now I have what it seems to be the device tree (odin.zip) but I don't know what to do it it or what it is.

radoinc said:
Hi, it seems like I was able to execute the script successfully.
It didn't work on Windows because it got stuck on the execution of unpackimg.bat.
I ran it on Linux and it worked (after chmod 777 of boot.img). This is the command I ran:
python3 -m twrpdtgen -o ./odin ./boot.img
output:
Code:
TWRP device tree generator
Version 1.3.0
[INFO] Cloning AIK...
Done! You can find the device tree in odin/xiaomi/odin
I took boot.img from the latest MIUI 12.5.7.0 China Stable
Now I have what it seems to be the device tree (odin.zip) but I don't know what to do it it or what it is.
Click to expand...
Click to collapse
This is great, so we know this script works and does what it is supposed to do...
I checked the makefiles to see if there are any differences, but there are none. So it suggests that it doesn't matter, from which version you get the files from. I love, that the users of the Mi Mix 4 are more open so compiling than the community of the MI 11 Ultra is..

SanHelios said:
This is great, so we know this script works and does what it is supposed to do...
I checked the makefiles to see if there are any differences, but there are none. So it suggests that it doesn't matter, from which version you get the files from. I love, that the users of the Mi Mix 4 are more open so compiling than the community of the MI 11 Ultra is..
Click to expand...
Click to collapse
I'm trying to replicate your steps but I get the same "Can not locate config makefile for product "twrp_odin"." as you did above. In the other topic I see you managed to get past that step.
I see you get some output after executing envsetup.sh and it seems like this is related to the device tree.
Can you please share what you did with the device tree before attempting to compile twrp? I'd like to try myself but I can't find clear instructions.

radoinc said:
I'm trying to replicate your steps but I get the same "Can not locate config makefile for product "twrp_odin"." as you did above. In the other topic I see you managed to get past that step.
I see you get some output after executing envsetup.sh and it seems like this is related to the device tree.
Can you please share what you did with the device tree before attempting to compile twrp? I'd like to try myself but I can't find clear instructions.
Click to expand...
Click to collapse
Acutally i left it completely unchanged, the only thing i did was to change the repository. I deleted the aosp-repository and took the omni-twrp-repository
(https://github.com/minimal-manifest-twrp/platform_manifest_twrp_omni)
mkdir twrp
cd twrp
repo init -u git://github.com/minimal-manifest-twrp/platform_manifest_twrp_omni.git -b twrp-10.0
repo sync
after syncing was complete, i followed these instructions
4. Build TWRP from source
A Python library/script to automatically generate TWRP-compatible device tree from a boot/recovery image - twrpdtgen/twrpdtgen
github-wiki-see.page

SanHelios said:
Acutally i left it completely unchanged, the only thing i did was to change the repository. I deleted the aosp-repository and took the omni-twrp-repository
(https://github.com/minimal-manifest-twrp/platform_manifest_twrp_omni)
mkdir twrp
cd twrp
repo init -u git://github.com/minimal-manifest-twrp/platform_manifest_twrp_omni.git -b twrp-10.0
repo sync
after syncing was complete, i followed these instructions
4. Build TWRP from source
A Python library/script to automatically generate TWRP-compatible device tree from a boot/recovery image - twrpdtgen/twrpdtgen
github-wiki-see.page
Click to expand...
Click to collapse
Thanks! Now I managed to get the same result as you. The error seems to be raised by mkbootimg.py:
Python:
def write_header(args):
BOOT_IMAGE_HEADER_V1_SIZE = 1648
BOOT_IMAGE_HEADER_V2_SIZE = 1660
BOOT_MAGIC = 'ANDROID!'.encode()
if (args.header_version > 2):
raise ValueError('Boot header version %d not supported' % args.header_version)
To me it seems like this Omni repo includes old version of mkbootimg.py, because in the google repos I can see that the current version of this function looks like this:
Python:
def write_header(args):
if args.header_version > 4:
raise ValueError(
f'Boot header version {args.header_version} not supported')
if args.header_version in {3, 4}:
return write_header_v3_and_above(args)
It seems like Boot header version 3 was introduced with Android 11: https://source.android.com/devices/bootloader/boot-image-header
I think we can't do much with the Omnia repos until they get updated with current mkbootimg.

radoinc said:
Thanks! Now I managed to get the same result as you. The error seems to be raised by mkbootimg.py:
Python:
def write_header(args):
BOOT_IMAGE_HEADER_V1_SIZE = 1648
BOOT_IMAGE_HEADER_V2_SIZE = 1660
BOOT_MAGIC = 'ANDROID!'.encode()
if (args.header_version > 2):
raise ValueError('Boot header version %d not supported' % args.header_version)
To me it seems like this Omni repo includes old version of mkbootimg.py, because in the google repos I can see that the current version of this function looks like this:
Python:
def write_header(args):
if args.header_version > 4:
raise ValueError(
f'Boot header version {args.header_version} not supported')
if args.header_version in {3, 4}:
return write_header_v3_and_above(args)
It seems like Boot header version 3 was introduced with Android 11: https://source.android.com/devices/bootloader/boot-image-header
I think we can't do much with the Omnia repos until they get updated with current mkbootimg.
Click to expand...
Click to collapse
My question is, do the makefiles from the devicetree need to be adjusted or completely rebuild to android 11 parameters? I.e. rhe command "add_lunch_combo" is obsolete and "COMMAND_LUNCH_CHOICES" took its place..
Sorry in advance for this nooby questions...