I just noticed when sniffing the new 9500UBUAMDK kernel is that they activated a new "feature" / CONFIG_SEC_RESTRICT_SETUID in the kernel.
This means no more rooting is possible, at least not anymore in the usual methods. Your SuperUser will tell you it will have granted access, but it's neutered on the kernel level.
There is the exception of allowing /system/bin/pppd to gain root access so somebody will want to maybe replace that somehow to gain it as an entry-point. Somebody will want to check that.
This doesn't apply to custom compiled kernels which disable this config option.
Omg.......hope somebody can bypass that one.......sad news for me.....XXUAMDL now....arghhhh
Sent from my GT-I9500 using xda premium
This makes sense cause I flashed MDM for I9505, I used djembey's modfied stock root and apparantley it works, well yeh it works but that because it reverted my kernel back to an older version it didn't actually root the current kernel it reverted back to the older kernel. Because my rom was dated 12th April after i updated the firmware it was 25th april. Then I used the Modified root that is meant to work on all firmwares, I checked the date of the kernel after i rooted and I am now back to the 12th.
AndreiLux said:
I just noticed when sniffing the new 9500UBUAMDK kernel is that they activated a new "feature" / CONFIG_SEC_RESTRICT_SETUID in the kernel.
This means no more rooting is possible, at least not anymore in the usual methods. Your SuperUser will tell you it will have granted access, but it's neutered on the kernel level.
There is the exception of allowing /system/bin/pppd to gain root access so somebody will want to maybe replace that somehow to gain it as an entry-point. Somebody will want to check that.
This doesn't apply to custom compiled kernels which disable this config option.
Click to expand...
Click to collapse
CORRECT!!
I've tested it and it's true.... I9505 STOCK Kernel for new builds MDM/MDN has been LOCKED as well....
My solution is to use Kernel from builds up to MDF and include it into CF-AutoRoot package and it WORKS like charm... (Future proof..)
BTW, they have changed something in system.img.ext4 as well!! Checksum added or something like this, if you re-build it, whole integrity is broken... SYSTEM IS LOCKED!!
CSC is impossible to apply usual way, I've implanted it into system and modified to achieve HD Voice support on all networks.. NOTHING can be added to it afterwards..
Ahhh, this is why I'm getting the following error, damnit!
"BusyBox works but the "su" command does not elevate to root. There's something wrong with your "su" binary and/or "Superuser" app."
I am sure other methods will be found soon. u know u can count on the good folks here at xda.
Sent from my GT-I9500 using xda premium
removed
WOW
great work Samsung :crying::silly:
AndreiLux said:
I just noticed when sniffing the new 9500UBUAMDK kernel is that they activated a new "feature" / CONFIG_SEC_RESTRICT_SETUID in the kernel.
This means no more rooting is possible, at least not anymore in the usual methods. Your SuperUser will tell you it will have granted access, but it's neutered on the kernel level.
There is the exception of allowing /system/bin/pppd to gain root access so somebody will want to maybe replace that somehow to gain it as an entry-point. Somebody will want to check that.
This doesn't apply to custom compiled kernels which disable this config option.
Click to expand...
Click to collapse
Damn!.. I updated my GS4 from UBUAMDE to UBUAMDK and was just now planning to root it when i saw this post.. *sigh*... Nonetheless,thank you for the information and insight kind sir, and I hope there will be a workaround soon for root access *fingers crossed*
Well can we just flash a rooted rom from recovery?
Sent from my GT-I9500 using xda premium
samomamo said:
Well can we just flash a rooted rom from recovery?
Sent from my GT-I9500 using xda premium
Click to expand...
Click to collapse
no u need kernel that disable CONFIG_SEC_RESTRICT_SETUID to get the SU binary working
> kernel that disable CONFIG_SEC_RESTRICT_SETUID
patch one byte in kernel file?
yahyoh said:
no u need kernel that disable CONFIG_SEC_RESTRICT_SETUID to get the SU binary working
Click to expand...
Click to collapse
Well then we can flash a kernel.
Sent from my GT-I9500 using xda premium
AndreiLux said:
I just noticed when sniffing the new 9500UBUAMDK kernel is that they activated a new "feature" / CONFIG_SEC_RESTRICT_SETUID in the kernel.
Click to expand...
Click to collapse
I'm afraid you are right. I did a source code review a few days ago in a German forum and came to the same conclusion: We need a Stock Kernel with deactivated Root Restriction Feature or a custom kernel without these features.
I'm not sure, if we can build something around the pppd issue. Some "rename pppd temporarily if root is needed special hacking service". But sounds somehow crazy, and I'm not sure, if it is worth a try. You have to modify the systemfs, and I think, a Custom Kernel is easier.
Do you think there are dependencies in the rest of the firmware to the Root Restriction Feature? In other words: Will disabling this feature cause trouble, e.g. with Knox?
And since we have kernel sources can't we recompile our own kernel with this option disabled? I don't think this as a deadlock state. It is pretty much possible to bypass.
I think, this will be possible. At least it will be my first try as soon as I have my own S4 in my hands. Building a stock kernel from source without Root Restriction.
BTW: In the actual Samsung source code the feature is disabled in the default configuration. Hmmm ...
AndreiLux said:
I just noticed when sniffing the new 9500UBUAMDK kernel is that they activated a new "feature" / CONFIG_SEC_RESTRICT_SETUID in the kernel.
This means no more rooting is possible, at least not anymore in the usual methods. Your SuperUser will tell you it will have granted access, but it's neutered on the kernel level.
There is the exception of allowing /system/bin/pppd to gain root access so somebody will want to maybe replace that somehow to gain it as an entry-point. Somebody will want to check that.
This doesn't apply to custom compiled kernels which disable this config option.
Click to expand...
Click to collapse
Could they possibly be getting some kernels ready for military purpose devices?
Sent from my GT-I9300 using xda app-developers app
RiverSource said:
BTW: In the actual Samsung source code the feature is disabled in the default configuration. Hmmm ...
Click to expand...
Click to collapse
They enabled it in the last sources.
Anyway the problem with a compiled kernel is to get exFat working; I can load exfat_core now but exfat_fs is giving me kernel page faults.
thats because latest exynos exploit story, so now u dont have to worry about holes in os. its unrootable
Aaaaaaaaaannnddd im returning my s4. Not gonna keep dealing with this s*** every time that there's updates.
Related
This is an APK that uses the ExynosAbuse exploit (by alephzain) to be able to do various things on your Exynos4 based device.
Features for non-rooters:
- Securely patch the exploit
Features for rooters:
- Root the device (SuperSU v0.99)
- Enable/disable the exploit at will
- Enable/disable patching the exploit at boot
- Unroot and cleanup (optionally leaving the exploit patch at boot in place)
Please note that patching the exploit may break camera functionality, depending on device and firmware. Also note that if use the patch method without rooting, or keep patching the exploit at boot enabled when unrooting, you need an alternate method to re-root the device to disable this feature (like CF-Auto-Root) - you cannot use ExynosAbuse to do this since it patched the exploit. Unlike other patch authors, I do not believe in keeping an invisible rooted process running in the background while pretending you aren't rooted, to be able to unpatch this way.
While the exploit patches work (aside from possibly disabling your camera), these are more work-around than actual fixes. A proper patch would be a kernel fix, either from a third party or Samsung themselves (hopefully one day...)
My method vs Supercurio, RyanZA
Mine is the only one that is secure. Both Supercurio's and RyanZA's method leave you with easily exploitable holes any serious malware author will abuse. More details http://forum.xda-developers.com/showthread.php?t=2053824
Exploit
For more details on the exploit itself, see this thread: http://forum.xda-developers.com/showthread.php?t=2048511. The exploit is used by this APK in unmodified form. You should be very afraid of this exploit - any app can use it to gain root without asking and without any permissions on a vulnerable device. Let's hope for some fixes ASAP !
Camera
If your camera keeps working depends on your device/firmware combination. Affected are mostly the SGS3, but there is good news too, there is a potential fix here: http://forum.xda-developers.com/showthread.php?t=2052675 SGS3 I9300 ONLY. It seems to work for a number of people. It replaces some system libraries with libraries from a different firmware version that does not rely on /dev/exynos-mem. Do not attempt this unless your camera actually breaks due to the exploit, and beware it may cause you to have to reflash your firmware. Also beware that even though this change will not prevent OTAs from downloading, it can possibly prevent OTAs from flashing succesfully.
Device status
Using this patch may turn your device status into modified. There's not really a proper solution to that at the moment, but you can restore status by removing the patch (and SuperSU) again and rebooting your phone. This will however leave you unprotected again. Doing all sorts of weird stuff (like for example wiping data) to get rid of this modified status while you're still have the patch applied at boot or keep SuperSU around, is an exercise in futility. If you want to go ahead and do that, that is fine, but do not litter my thread with your comments. Because eventually, the modified status is likely to return
Compatibility:
(If your device isn't listed it could still be both compatible with the exploit as well as this fix !)
Samsung Galaxy S2 GT-I9100
Samsung Galaxy S3 GT-I9300
Samsung Galaxy S3 LTE GT-I9305
Samsung Galaxy Note GT-N7000
Samsung Galaxy Note 2 GT-N7100
Samsung Galaxy Note 2 LTE GT-N7105
AT&T Galaxy Note 2 SGH-I317
Verizon Galaxy Note 2 SCH-I605 both locked and unlocked bootloaders work
Samsung Galaxy Camera EK-GC100
Samsung Galaxy Tab Plus GT-P6210
Samsung Galaxy Note 10.1 GT-N8000, GT-N8010, GT-N8013, GT-N8020
Google Nexus 10 not compatible, Exynos5
Post in this thread if you have a device to add.
Notes
I'm not sure if this APK will work right on Android 2.x devices (not tested yet), doesn't mean the exploit doesn't work. So if you're on Android 2.x and this APK doesn't work for you, try doing the exploit manually.
Download
Please do not redistribute, link to this thread instead
v1.40 hashes:
MD5: be4a373ff2848a16bfb948d7e1d1f7d2
SHA1: 79670ab10da59ea58df222e94ad9e8ed83c791a9
(v1.00: 3786; v1.10: 6397; v1.20: 12004; v1.30: 14480)
Changelogs
2012.12.19 - v1.40
- Added check for updates functionality
- Added "current status" display
- Split into sections for non-rooters and rooters
- Added "One-click secure exploit patch" for those who just want to patch their device and forget about
- Added ability to unroot and clean up the leftovers (optionally leaving the patch code in place)
2012.12.18 - v1.30
- Adjusted many things in the shell code, the app will now properly detect an install SuperSU/Superuser with the wrong permissions as NOT having root
- Added a startup notification telling you your device/firmware is not susceptible to this exploit, if it isn't
2012.12.17 - v1.20
- Gingerbread-related fixes - note that not all Gingerbread firmwares of affected devices are vulnerable (for example, I know several SGS2 GB firmwares are not exploitable)
- Added some spam (view my apps on Play, follow me on Twitter, that sort of BS)
- Added icon
2012.12.16 - v1.10
- Added ability to disable and re-enable the exploit (which may break camera)
- Added ability to disable exploit at boot (before any Play-installed app runs, other solutions run later which means they are still vulnerable)
- Both above features require being rooted
2012.12.16 - v1.00
- Initial release
--- reserved as well ---
Nice, fast work. Thanks.
Wow that was quick. Good work Chainfire!
Confirmed working on Samsung Galaxy S2 GT-I9100
Sent from my GT-I9100 using xda premium
Will this root the Sprint/Boost mobile version of the Galaxy S2? Thank you in advance.
Confirmed working on the Verizon Galaxy Note 2 (SCH-I605)
imnuts said:
Confirmed working on the Verizon Galaxy Note 2 (SCH-I605)
Click to expand...
Click to collapse
Locked or unlocked bootloader ?
Chainfire said:
Locked or unlocked bootloader ?
Click to expand...
Click to collapse
Still locked and fully stock.
Works as expected under note 10.1 n8010 4.1.1 stock.
Sent from my GT-N8010 using xda app-developers app
This is a amazing apk app. Right from my phone rooted my phone. Wow! It's unbelievable.
How do you unroot?
SupperDroid said:
How do you unroot?
Click to expand...
Click to collapse
SuperSU --> Settings --> Full unroot
SupperDroid said:
How do you unroot?
Click to expand...
Click to collapse
If you've got SuperSU installed, open it, go to Settings and scroll down and you'll see it says unroot.
Sent from my Nexus 7 using xda premium
benzmar said:
This is a amazing apk app. Right from my phone rooted my phone. Wow! It's unbelievable.
Click to expand...
Click to collapse
as pointed out by Chainfire, this is dangerous too, so beware. :angel:
drraptor said:
as pointed out by Chainfire, this is dangerous too, so beware. :angel:
Click to expand...
Click to collapse
The danger is inherited from the stock kernel and not an outcome by the use of CF's app.
The app just exploits the kernel's security hole.
Does anyone know if this will work on an S2 i777? It too is running an exynos processor.
Sent from my Nexus 4 using Tapatalk 2
Worked flawlessly on my Boost Mobile Galaxy S2! Thank you sir.
Works also with Galaxy S3 Lte
So my last s3 stopped working and I got a new one sent via my extended warranty. Previously I had an unlocked bootloader and root running gummy 4.4 which was awesome! My new phone came stock with 4.3 touchwiz which I am reading might be bad news. So here are my questions:
1) Is there really no way to unlock the bootloader on 4.3?
2) What are my alternatives to installing custom roms?
3) Is safestrap a stable/safe option even though its in beta?
4) Can safestrap be reversed if a method for unlocking the bootloader is revealed?
5) Where can I find a rooting tutorial for 4.3? Can I lose root easily/ corrupt my phone if a Samsung update is applied?
6) Should I wait for a downgrade option? Slash is it supposedly possible (twitter update)?
jl2222 said:
So my last s3 stopped working and I got a new one sent via my extended warranty. Previously I had an unlocked bootloader and root running gummy 4.4 which was awesome! My new phone came stock with 4.3 touchwiz which I am reading might be bad news. So here are my questions:
1) Is there really no way to unlock the bootloader on 4.3?
Click to expand...
Click to collapse
Nope.
2) What are my alternatives to installing custom roms?
Click to expand...
Click to collapse
As of this minute, one option: Saferoot then Safestrap.
3) Is safestrap a stable/safe option even though its in beta?
Click to expand...
Click to collapse
Yup. Read the replies in Safestrap if you need reassurance.
4) Can safestrap be reversed if a method for unlocking the bootloader is revealed?
Click to expand...
Click to collapse
Yup, you could even Odin flash VRUCML1 4.3 tar and be back to "normal" again. However, don't count on the 4.3 bootloader being unlocked. There's no guarantee anyone is even utilizing their time to find an exploit and its entirely possible no one is.
5) Where can I find a rooting tutorial for 4.3? Can I lose root easily/ corrupt my phone if a Samsung update is applied?
Click to expand...
Click to collapse
Read me. Use Saferoot, then SafeStrap. Yes, much worse could happen in a future update as well.
6) Should I wait for a downgrade option? Slash is it supposedly possible (twitter update)?
Click to expand...
Click to collapse
That's your call. It's possible, but whether it comes to fruition is entirely different.
Will xposed module work using safestrap safe ROM? Gotta get my greenify experimental features back! And keep chat!
Sent from my SCH-I535 using xda app-developers app
jl2222 said:
Will xposed module work using safestrap safe ROM? Gotta get my greenify experimental features back! And keep chat!
Sent from my SCH-I535 using xda app-developers app
Click to expand...
Click to collapse
They should
Sent from my SCH-I535 using Tapatalk 4
SlimSnoopOS said:
They should
Sent from my SCH-I535 using Tapatalk 4
Click to expand...
Click to collapse
Im in the same situation as OP.. Xposed works. I'm on alliance 23.
I was wondering can we flash custom kernels then flash the dependencies or are we stuck with the safestrap kernel?
Sent from my SCH-I535 using Tapatalk
omair2005 said:
Im in the same situation as OP.. Xposed works. I'm on alliance 23.
I was wondering can we flash custom kernels then flash the dependencies or are we stuck with the safestrap kernel?
Sent from my SCH-I535 using Tapatalk
Click to expand...
Click to collapse
I think flashing a custom kernel isn't suggested with SafeStrap. I don't know the specifics, maybe @BadUsername or someone else can expand on that? I thought I read that you are still running the stock kernel even if you flash a custom kernel when using SafeStrap. Someone was discussing this before but it was not explicitly proven they were in fact running the custom kernel.
omair2005 said:
Im in the same situation as OP.. Xposed works. I'm on alliance 23.
I was wondering can we flash custom kernels then flash the dependencies or are we stuck with the safestrap kernel?
Sent from my SCH-I535 using Tapatalk
Click to expand...
Click to collapse
Good deal! Glad xposed works. How you liking alliance by the way? I'm torn between that and clean rom. I'm actually not the most familiar with TW roms currently. Before this replacement phone I was all ASOP.
Sent from my SCH-I535 using xda app-developers app
jl2222 said:
Good deal! Glad xposed works. How you liking alliance by the way? I'm torn between that and clean rom. I'm actually not the most familiar with TW roms currently. Before this replacement phone I was all ASOP.
Sent from my SCH-I535 using xda app-developers app
Click to expand...
Click to collapse
I've come to the conclusion I want to use my partitions to the full capacity so I'm sticking with stock rom + xposed for any modifications I need..
Yeah same here, I was AOSP for awhile soon as I discovered Quantum Kernels..
omair2005 said:
I've come to the conclusion I want to use my partitions to the full capacity so I'm sticking with stock rom + xposed for any modifications I need..
Yeah same here, I was AOSP for awhile soon as I discovered Quantum Kernels..
Click to expand...
Click to collapse
Quantum Kernels huh. Not familiar with those kernels. Ill have to check them out. I would use the stock rom as well Im just worried about a random automatic update that would kill root and make my replacement phone even more useless than it already is without an unlocked bootloader. Do you know if there a way to disable the Samsung update center on the stock rom using root?
jl2222 said:
Quantum Kernels huh. Not familiar with those kernels. Ill have to check them out. I would use the stock rom as well Im just worried about a random automatic update that would kill root and make my replacement phone even more useless than it already is without an unlocked bootloader. Do you know if there a way to disable the Samsung update center on the stock rom using root?
Click to expand...
Click to collapse
Use TiBu and freeze SDM, FWupgrade
On an Odex Stock Sprint S5 with root & PhilZ.
Is there anyway at ALL to change the setenforce to permissive? Anything.....a script, a mod, a .zip? I haven't found anything on the forums.
The simple terminal "su setenforce 0" doesn't work.
Thanks in advance to all that can help.
jpgranger said:
On an Odex Stock Sprint S5 with root & PhilZ.
Is there anyway at ALL to change the setenforce to permissive? Anything.....a script, a mod, a .zip? I haven't found anything on the forums.
The simple terminal "su setenforce 0" doesn't work.
Thanks in advance to all that can help.
Click to expand...
Click to collapse
I'm facing the same issue! I have rooted with towel root. Need se for android to be premissive so that my pioneer app radio 3 can send touch commands to the device. This has made my nice head unit an over grown radio...
S5 Verizon
Thanks!
jp712 said:
I'm facing the same issue! I have rooted with towel root. Need se for android to be premissive so that my pioneer app radio 3 can send touch commands to the device. This has made my nice head unit an over grown radio...
S5 Verizon
Thanks!
Click to expand...
Click to collapse
I'm on the same boat as you. I was super excited when the towelroot for my VZW S5 came out only to be disappointed when I searched for a solution to the no touch input issue.
You need to flash a kernel that is permissive. I was previously using 'the governaa' wich is a near stock kernel for ND2 and my app radio worked
Since the NE5 update I have not found a near stock kernel to use
bigred97 said:
You need to flash a kernel that is permissive. I was previously using 'the governaa' which is a near stock kernel for ND2 and my app radio worked
Since the NE5 update I have not found a near stock kernel to use
Click to expand...
Click to collapse
Ok so im back on this hunt again...
Just flashed the Governaa ND2 v1.0a and v0.2 with no success.
Tried the terminal commands setenforce 0 and get enforce still enforcing and this is reflected in system/about too. :-/
Offering a $20 prize to anyone who gets this set to permissive on a stock rom.
SO just noticed that kernel is for a sprint phone... woops! been working on this for the last 5 hours... I give up for tonight.
jp712 said:
Ok so im back on this hunt again...
Just flashed the Governaa ND2 v1.0a and v0.2 with no success.
Tried the terminal commands setenforce 0 and get enforce still enforcing and this is reflected in system/about too. :-/
Offering a $20 prize to anyone who gets this set to permissive on a stock rom.
SO just noticed that kernel is for a sprint phone... woops! been working on this for the last 5 hours... I give up for tonight.
Click to expand...
Click to collapse
Is the stock rom de-knoxed?
Dunkin401 said:
Is the stock rom de-knoxed?
Click to expand...
Click to collapse
Yes, the rom Im using has it removed.
http://forum.xda-developers.com/showthread.php?t=2793931
Thought this might have something to do with Knox. I had removed it from the true stock rom and tried this as well before I flashed the one listed above.
jp712 said:
Yes, the rom Im using has it removed.
http://forum.xda-developers.com/showthread.php?t=2793931
Thought this might have something to do with Knox. I had removed it from the true stock rom and tried this as well before I flashed the one listed above.
Click to expand...
Click to collapse
Forgive me but have you tried https://play.google.com/store/apps/details?id=com.mrbimc.selinux&hl=en ?
Dunkin401 said:
Forgive me but have you tried https://play.google.com/store/apps/details?id=com.mrbimc.selinux&hl=en ?
Click to expand...
Click to collapse
Yeah tried it stock and on the rom I am running now. It says in the app that it changed but getenforce and the system about never shows it as changed. The dev has a note on the app that it does not work with Knox, eventho my rom is Knox free it's still not working. In theory that app should be all I need, but no luck yet.
Sometime this weekend or next week when I get the time I am going to try a few other roms.
Thanks!
Custom kernel will get ya there. Can also try this if Knox is truly disabled on your device and it might work with the stock kernel: http://forum.xda-developers.com/showthread.php?t=2524485
Wanam Xposed also has an option to change to permissive upon boot.
Just a few more options for you.
CCallahan said:
Custom kernel will get ya there. Can also try this if Knox is truly disabled on your device and it might work with the stock kernel: http://forum.xda-developers.com/showthread.php?t=2524485
Wanam Xposed also has an option to change to permissive upon boot.
Just a few more options for you.
Click to expand...
Click to collapse
Would you mind recommending a kernel for the VZW S5? I'm quite familiar with custom roms and the whole process have been doing that for years. Just never messed with changing kernels.
UPDATE:
Ok so I think Im missing something here...
I just flashed http://forum.xda-developers.com/showthread.php?t=2741086
Blaze Kernel
Downloaded the zip and flashed it with safestrap. Said it worked.
In about phone my kernel version did not change (Thought it would.)
Still cant seem to disable SElinux.
Thoughts?
Thanks!!
jp712 said:
Would you mind recommending a kernel for the VZW S5? I'm quite familiar with custom roms and the whole process have been doing that for years. Just never messed with changing kernels.
UPDATE:
Ok so I think Im missing something here...
I just flashed http://forum.xda-developers.com/showthread.php?t=2741086
Blaze Kernel
Downloaded the zip and flashed it with safestrap. Said it worked.
In about phone my kernel version did not change (Thought it would.)
Still cant seem to disable SElinux.
Thoughts?
Thanks!!
Click to expand...
Click to collapse
This is the Sprint specific thread for the S5. Therefore I cannot speak to what kernels work best on VZW devices. This is a question that is best posted in the VZW thread.
I also cannot comment on kernels that are for the international/unlocked version of the S5. If you are using a Sprint version of the S5 then I would stick with the kernels built for that device. Otherwise post in the threads relative to your device for better answers.
CCallahan said:
Custom kernel will get ya there. Can also try this if Knox is truly disabled on your device and it might work with the stock kernel: http://forum.xda-developers.com/showthread.php?t=2524485
Wanam Xposed also has an option to change to permissive upon boot.
Just a few more options for you.
Click to expand...
Click to collapse
Thanks for the ideas.
I have tried flashing other kernels but the kernel version never changes in about. Not sure its really doing it. Have been rooting and chaning roms for years but never messed with the kernels could you recommend one for my S5 on VZW? G900V I believe.
As far as the App , it doesn't work. Also tried Wanam Xposed it never changed the status to permissive.
Also tried an init.d script with a rom that is supposed to support them. Saw the log the script made but it wasnt able to change selinux satus either.
Any other ideas? Trying to get this to work with my Pioneer AppRadio and it has to allow bluetooth touch emulation.
Thanks!
jp712 said:
Thanks for the ideas.
I have tried flashing other kernels but the kernel version never changes in about. Not sure its really doing it. Have been rooting and chaning roms for years but never messed with the kernels could you recommend one for my S5 on VZW? G900V I believe.
As far as the App , it doesn't work. Also tried Wanam Xposed it never changed the status to permissive.
Also tried an init.d script with a rom that is supposed to support them. Saw the log the script made but it wasnt able to change selinux satus either.
Any other ideas? Trying to get this to work with my Pioneer AppRadio and it has to allow bluetooth touch emulation.
Thanks!
Click to expand...
Click to collapse
Like I stated in my previous post, this forum is for the Sprint specific S5. You will have better luck flashing kernels and posting questions in the VZW S5 thread.
CCallahan said:
Like I stated in my previous post, this forum is for the Sprint specific S5. You will have better luck flashing kernels and posting questions in the VZW S5 thread.
Click to expand...
Click to collapse
I posted that reply while I was at work and had not seen your's yet. I understand that this is a Sprint thread. As you know the phones are very similar and there are some kernels out there that claim to be universal. Just trying to see if someone on the other side of the same road had any input that could help since the developers often tend to support multiple variants. Thanks for the tip tho.
Is it just me or has development waned for the S5 due to the locked bootloader? There's just so much you can do with safestrap and modifying Touchwiz. In reality, the odds of a bootloader unlock being discovered is rather slim. Look at the S4, the newest firmware releases are still not unlocked and you're forced to use safestrap. I realize we rely on a talented hacker out there to find an exploit that lets us replace the bootloader with a custom one OR the carrier allowing the bootloader to be unlocked. I've read somewhere that the S5 is approved for use by the U.S. Government so the likelihood of Verizon making the phone insecure by allowing people to unlock the bootloader is close to nil. I just really really want to see this phone not slip into XDA obscurity.
terrigan said:
Is it just me or has development waned for the S5 due to the locked bootloader? There's just so much you can do with safestrap and modifying Touchwiz. In reality, the odds of a bootloader unlock being discovered is rather slim. Look at the S4, the newest firmware releases are still not unlocked and you're forced to use safestrap. I realize we rely on a talented hacker out there to find an exploit that lets us replace the bootloader with a custom one OR the carrier allowing the bootloader to be unlocked. I've read somewhere that the S5 is approved for use by the U.S. Government so the likelihood of Verizon making the phone insecure by allowing people to unlock the bootloader is close to nil. I just really really want to see this phone not slip into XDA obscurity.
Click to expand...
Click to collapse
it is slipping away, but not because of the bootloader being locked. Not as many people (devs included) bought the phone as early adopters, so i'm guessing there's just not enough interest or intent in the phone.
terrigan said:
There's just so much you can do with safestrap and modifying Touchwiz.
Click to expand...
Click to collapse
That right there is why development is slow. There's only so much one can do with a stock system to work with. Expect to see development have a boost after each OTA until all mods are worked in, then the same downward slope until the next OTA. Repeat. :good:
MrHyde03 said:
That right there is why development is slow. There's only so much one can do with a stock system to work with. Expect to see development have a boost after each OTA until all mods are worked in, then the same downward slope until the next OTA. Repeat. :good:
Click to expand...
Click to collapse
There may be hope for that. Over in the Verizon S4 forums, they got kexec working. No aosp yet, and its very unstable, but they found it. It should work on the S5 with a little more work. Hopefully this happens this month.
Sent from my SM-G900V using XDA Premium 4 mobile app
eragon5779 said:
There may be hope for that. Over in the Verizon S4 forums, they got kexec working. No aosp yet, and its very unstable, but they found it. It should work on the S5 with a little more work. Hopefully this happens this month.
Sent from my SM-G900V using XDA Premium 4 mobile app
Click to expand...
Click to collapse
This would be good. kexec was the savior of my previous phone.
eragon5779 said:
There may be hope for that. Over in the Verizon S4 forums, they got kexec working. No aosp yet, and its very unstable, but they found it. It should work on the S5 with a little more work. Hopefully this happens this month.
Sent from my SM-G900V using XDA Premium 4 mobile app
Click to expand...
Click to collapse
I'm not sure if kexec is possible without having a SELinux permissive kernel. I believe the Galaxy s5 is enforcing unfortunately (not vulnerable).
jal3223 said:
I'm not sure if kexec is possible without having a SELinux permissive kernel. I believe the Galaxy s5 is enforcing unfortunately (not vulnerable).
Click to expand...
Click to collapse
That is being worked on already. There is a thread about it.
Sent from my SM-G900V using XDA Premium 4 mobile app
I really hope they are successful.
eragon5779 said:
There may be hope for that. Over in the Verizon S4 forums, they got kexec working. No aosp yet, and its very unstable, but they found it. It should work on the S5 with a little more work. Hopefully this happens this month.
Sent from my SM-G900V using XDA Premium 4 mobile app
Click to expand...
Click to collapse
Actually I'm running a GPE ROM on my Verizon S4 right now. It's SafeStrap compatible. I love AOSP vs TouchWiz.
Being pessimistic it does seem like the beginning of the end for s5. By this I mean to say that safestrap just doesn't cut it as I do not like stock kernel. But everyone's done an amazing job thus far so haven't completely given up but I think nexus devices are the route I will take.
jal3223 said:
I'm not sure if kexec is possible without having a SELinux permissive kernel. I believe the Galaxy s5 is enforcing unfortunately (not vulnerable).
Click to expand...
Click to collapse
to my knowledge it is in the kernel. on vzw s4 mdk devicds were unlocked allowing you to flash custom kernals that were modded by devs like ktoons to make it permissive..
The later firmware builds (cant go back to mdk if took ota to a newer firmware) are in the same boat as the s5 so if they have it on later kernal builds for the s4 then it might b possible.. then again, they have it on the note 3 but doesnt work on the s5 so that concept isnt always possible
Not slipping away. Just at a road block. Everyone has done all the modding they can do on the device. I think everyone is waiting on 5.0.
elliwigy said:
to my knowledge it is in the kernel. on vzw s4 mdk devicds were unlocked allowing you to flash custom kernals that were modded by devs like ktoons to make it permissive..
The later firmware builds (cant go back to mdk if took ota to a newer firmware) are in the same boat as the s5 so if they have it on later kernal builds for the s4 then it might b possible.. then again, they have it on the note 3 but doesnt work on the s5 so that concept isnt always possible
Click to expand...
Click to collapse
I'm working on it. It's rather difficult. It appears the kernel was compiled with no /dev/mem(kmem) character devices in the config. After going through the kernel source, it looks like SELinux was set to always enforce. This is where ro.build.selinux.enforce=1 comes from. The bootloader checks the boot.img hash and for a special cookie
Code:
SEANDROIDENFORCE
which appears before the hash. If this cookie/magic isn't present, the warranty bit will blow. Since I can't access memory directly, and the methods I could use are significantly limited because of the Enforcing status, some sort of vulnerability in the kernel will need to be present. As soon as we can get Permissive, I can get us kernel modules, and hopefully kexec with the help of a few other great devs @Surge1223 @CalcProgrammer1
Your efforts are truly appreciated!
Sent from my SM-G900V using Tapatalk
The OP is originally from September something. I just seen this post and was interested in it, it is now November and if you ask me, yes it has slipped away, technology moves on quickly, i6+ is out and now we will start seeing things about a s6 in the works and it is what it is.
I blame the locked bootloader on a ton of stuff not being created. You have to grab ahold of technology in the moment and use it fast or else its gone before you know it.
It is certainly nothing like the S3 forums. That place is still kicking.
From what I understand they're close to kexec on it and the S4, since they only need KK-compatible kernels and they previously had unlocked bootloaders. That isn't the case here.
Samsung really screwed up with this one. If the N6 wasn't assured to be a failure on Verizon and it didn't have a massive footprint I'd be all over it.
Everybody panic.
Wish we can get some good news soon.
Dead is all I'm seeing, except for the few amazing devs we have now. Those still building, thank you
Galaxy 6s Os 6.2.8▪Ss° Pen
I have heard that there will be a SafeStrap build that will allow kernels to be install through some space-time thingy that a newb like me wouldn't understand. If all of you want to read about it, here you go: http://forum.xda-developers.com/showthread.php?t=2500826&page=162
lohacks4pone said:
I have heard that there will be a SafeStrap build that will allow kernels to be install through some space-time thingy that a newb like me wouldn't understand. If all of you want to read about it, here you go: http://forum.xda-developers.com/showthread.php?t=2500826&page=162
Click to expand...
Click to collapse
They are talking about using kexec which as I understand it will allow use a kernel module (called kexec) to bootstrap to another kernel, allowing the bootloader to stay locked but use other complete non-samsung based roms.
dmichael said:
They are talking about using kexec which as I understand it will allow use a kernel module (called kexec) to bootstrap to another kernel, allowing the bootloader to stay locked but use other complete non-samsung based roms.
Click to expand...
Click to collapse
This is true. If you haven't been keeping up with this thread, it's the location of the last light for unlocking/exploiting our bootloader. Try to keep discussion and even praise in there to a minimum to allow maximum visibility between developer posts and progress.
^In other words stay out of their way and let the devs work their magic.
God I hope they find something. I can't remember the last time I flashed a kernel.
Cool! Sure hope they find a way
Youd think, with Samsung's profits down , hopefully sammy will consider opening tha bootloader and allowing enthusiasts to buy their phones, even if they give us a way to do it by tripping Knox after all the phone so old who cares about Knox
Sent from my SAMSUNG-SM-G900A using XDA Free mobile app
cybershawngates said:
Cool! Sure hope they find a way
Youd think, with Samsung's profits down , hopefully sammy will consider opening tha bootloader and allowing enthusiasts to buy their phones, even if they give us a way to do it by tripping Knox after all the phone so old who cares about Knox
Sent from my SAMSUNG-SM-G900A using XDA Free mobile app
Click to expand...
Click to collapse
I wouldn't hold my breath, it's not Samsung who is forcing us to have a locked bootloader. It's the carriers, specifically AT&T and Verizon in this case who asked Samsung to lock the device as part of the contract to sell them on their network. This is the reason why the T-Mobile S4, Canadian I337m, and of course the international S4 don't have a locked bootloader..