[CVE-2013-3741] LGInstallServices Silent Install + Privilege escalation XDA:DevCon - Security Discussion

LGInstallServices.apk
Silent Install + Privilege escalation
CVE-2013-3741
LG Install Service has an unprotected bindable service that allows other appliations to install apps, uninstall apps, set app defualts, enable apps, disable apps, clear app dataand "install system package", which causes installed apps to behave as if they were installed on /system/app. Apps installed this way can use system only permissions.
LG provied a nice permission available to system apps
<!-- LGE_CHANGE_S, [IMS][[email protected]], 20121010, [LGE_IMS_FEATURE] for LGE IMS Client Solution -->
<permission name="android.permission.IMS" >
<group gid="system" />
<group gid="radio" />
<group gid="inet" />
<group gid="net_admin" />
<group gid="qcom_oncrpc" />
<group gid="audio" />
<group gid="camera" />
<group gid="media" />
</permission>
<!-- LGE_CHANGE_E, [IMS][[email protected]], 20121010 , [LGE_IMS_FEATURE] for LGE IMS Client Solution } -->
POC attached for LG Optimus G Running JellyBean. POC uses LG's IMS permission to gain system group and patched dalvik-cache of a system-uid app to execute code as system user. This POC uses a prepatched odex, due to time constraints of mine. Once it has patched the cache is uses "GiantPune"'s property_service symlink attack to write a patch to uevent_helper and gain root. Will upload source sometime after I get home. This is the first vuln I presented at XDA-DevCon today.

Thanks for posting this up! Can't wait to have some fun with it.

Is LGSlap.apk same as LGInstallServices.apk? No success with P769 V20h
[
jcase said:
LGInstallServices.apk
Click to expand...
Click to collapse
I tried LGSlap.apk (I do not see LGInstallServices.apk anywhere, is it the same thing?. On T-Mobile P769 V20h I did not get root (after multiple attempts). I have another post asking for a reference to other exploits you alluded to. Sorry for being repetitious, just not sure in which thread I should feedback on LGSlap.apk.
Here is the other post: http://forum.xda-developers.com/showthread.php?p=45778443&posted=1#post45778443

reikred said:
[
I tried LGSlap.apk (I do not see LGInstallServices.apk anywhere, is it the same thing?. On T-Mobile P769 V20h I did not get root (after multiple attempts). I have another post asking for a reference to other exploits you alluded to. Sorry for being repetitious, just not sure in which thread I should feedback on LGSlap.apk.
Here is the other post: http://forum.xda-developers.com/showthread.php?p=45778443&posted=1#post45778443
Click to expand...
Click to collapse
I have no idea what LGSlap is, not what that device is, The exploit is specific to the LG OG i was working on, however feel free to reverse engineer it, no obfuscation was applied. The vuln exists on many LG devices, but the patched optimized dex will need to be redone.

Stymied
jcase said:
I have no idea what LGSlap is, not what that device is, The exploit is specific to the LG OG i was working on, however feel free to reverse engineer it, no obfuscation was applied. The vuln exists on many LG devices, but the patched optimized dex will need to be redone.
Click to expand...
Click to collapse
Very sorry but I truly do not comprehend what you are saying here. I downloaded LGSlap.apk from your post 3 posts above what I am writing this moment. That post talked about LGInstallServices.apk, but the apk that was attached was named LGSlap.apk , and when loaded into the phone it showed up as LGPwn.pk (icon).
I understand that LGInstallServices.apk is for LG OG and not my P769, and that I should try to modify it to make it work. But as you see I'm not even sure I have the correct to apk to work on. I looked on your google+ and github as well.
Forgive me for being a java and Android noob. I have 25+ years of unix experience, but the mechanics of Java and Android Apps is still black magic to me. I'll try to improve.

reikred said:
Very sorry but I truly do not comprehend what you are saying here. I downloaded LGSlap.apk from your post 3 posts above what I am writing this moment. That post talked about LGInstallServices.apk, but the apk that was attached was named LGSlap.apk , and when loaded into the phone it showed up as LGPwn.pk (icon).
I understand that LGInstallServices.apk is for LG OG and not my P769, and that I should try to modify it to make it work. But as you see I'm not even sure I have the correct to apk to work on. I looked on your google+ and github as well.
Forgive me for being a java and Android noob. I have 25+ years of unix experience, but the mechanics of Java and Android Apps is still black magic to me. I'll try to improve.
Click to expand...
Click to collapse
The app shows up as "notmalware", LGPwn is another root for LG that I released, it exploits LGInstallServices that came pre installed on some LG phones

Related

PDFviewer - HTC Framework Clues

PDFviewer is probably (one of) the most requested features in the builds. So far only Haykuro's H build (from which this HTC app originated from) and Dude's build has this feature.
I have been trying to get this to work myself, but have not been able to do so, if anyone else has any clues on how to get this to work please post (if the dude himself can come show us how that would be great!).
Below are my noob attempt to get this to work.
If the APK is simply installed over, the installation works however it will force close as it references certain HTC libraries.
Copying over the files com.htc.android.pimlib.jar, com.htc.framework.jar and com.htc.resources.apk does not fix the problem.
The platform.xml with working builds have the lines:
<library name="com.android.im.plugin" file="/system/framework/com.android.im.plugin.jar" />
<library name="com.htc.android.pimlib" file="/system/framework/com.htc.android.pimlib.jar" />
Adding these lines does not solve the problem either. It appears that either I'm still missing some files or that there is some way to link the app to these files which I have not been able to recreate or both. Any enlightenment would be great.
you don't need those libraries. you need to copy over /system/app/FilePicker.apk and /system/lib/libpdfreader.so from the H build. This will allow the pdfreader to run without force crash. But unfortunate that won't work, because there are checks in pdfreader.apk or the library for HTC build. So it will pop up a dialog saying so, and if you hit ok it will uninstall pdfreader.apk. Copying the build.prop does not help. There is a thread in the apps forum with a workaround to this issue but its very inconvenient.

[Guide]Barclays mobile banking anti-anti-rootcheck patching

Edit: I've created a xposed module which works with the banking app version 1.7.1 see post below.
---------------------------------------------------
Edit: The changes needed to work with the latest version of the app (1.7.1) are listed in a post below below.
---------------------------------------------------
*There was a error in the diff file. I've uploaded the correct version. Also this patch will definitely not work with the latest version of the app.*
I managed to patch the Barclays mobile banking app version 1.4.2 to make it work with cyanagonmod 10.0 and cyanogenmod 11.
I realize that the current version on play store is 1.7.1 but I haven't updated to the latest version yet. If you do try the latest version please let me know if it differs greatly from the current version in it's root checks
I'm not going to attach the patched apk since using banking app from a stranger on the internet is really not a smart thing . Instead I will detail the work I did which hopefully someone else will find useful.
This guide is geared towards more technical people who already have some experience with android development. It will not give a detailed step by step how to, rather a general information about the process.
Obfuscation methods used in the app
The app obfuscates the names of some but not all of the namespaces/classes/methods which can stump some decompilers.
It seems to generously sprinkle useless switch statements and loops which does nothing but make the code appear way more complicated than it really is. I would guess quite a lot of the bulk in the code is coming through these dummy statements. smali2java-toolkit was of great help to figure this out.
All strings in the app have been encrypted by a simple xor algorithm which is then decrypted at run time just before they are used:
for example rather than
Code:
myfunction(“Hello world”)
the code writes something in the sort of:
Code:
myfunction(decrypt(“Juqqdxidqw”, 'x'))
The decryption function is a static method 'bЮЮЮЮЮЮ' in the class appears to be 'rrrrrr.srrrrr' (the method/class/namespace names are obfusecated)
I extracted the decompiled code from this method to write a console application which let me decrypt any string in the application:
Code:
static String decrypt(String crypStr, char keyChar) {
char[] arrayOfChar1 = crypStr.toCharArray();
char[] arrayOfChar2 = new char[arrayOfChar1.length];
for (int i = 0; i < arrayOfChar1.length; i++)
{
int j = keyChar ^ arrayOfChar1[i];
arrayOfChar2[i] = ((char)j);
}
return new String(arrayOfChar2);
}
Anti root methods used in the app
Checking for 'test-keys' string in the build tag. (/system/build.prop file)
Checking for superuser related package/apk files.
Checking for superuser hider package/apk files.
Checking for existance of 'su' binary
Attempting to execute 'su' binary​The above checks are done both in the java/dex code and in a native code library.
Defeating the anti-root methods in Java/dex code:
The Java code is fairly easy defeat since changing the strings of the apk/file names which are checked as root related will make it think that no 'bad' apps are on the phone.
A bulk of checks happen in the isRootedDevice method of the com.barclays.android.application.BMBApplication class. While it checks for quite a lot of apk's, for my particular purpose I only needed to patch 2 lines in the method:
Smali file line 306 – which starts the checks for “test-keys” string in the build tag.
Smali file line 407 – which start the check for the string “/system/app/Superuser.apk”.​The next method in the same class 'runRootCommand' attempts to execute 'su'
Smali line: 956 – which contains the string “su” which will be passed to java.lang.Runtime.exec
A (mostly?) duplicate of the isRootedDevice function exists in the com.barclays.android.container.DeviceData the relevant lines are :
smali file line 1237: "test-keys" string check
smali file line 1271: "/system/app/Superuser.apk" file check​All of the above checks can easily be defeated by changing the the string so that it will check for a non existent package or file.
Keep in mind that all the strings listed above are in encrypted form. You can use the decrypt function listed above to decode them. I found the key char/byte needed to decrypt a given string is in the very next line to the one containing the encrypted string.
Defeating the anti-root methods in Native library
From what I can see the exact same tests which were done in the Java code is repeated in the native code library 'libtest_ndk.so'. As this check appears to form part of the authentication mechanism i don't believe it's possible to simply stop this check from being called from the Java code.
Also the com.barclays.android.container.sampler.SharedLibraryLoader which loads the native library appears to be doing some kind of checksum validation. While this probably could be easily worked around, disassembling an arm shared library was non trivial for me.
My approach was to write another native library which would hook into all the system calls such as 'system' 'stat' 'fopen', '__system_property_get' and redirect any operations to non existent targets, or change the return value. This achieves the same thing as what was done for the java code.
I put in some extra code into the smali classes to load my native library and to call it's initializer with the path to the actual native library.
Basic steps performed to patch the library:
Use apktool to decompile the original apk.
Code:
apktool d barclays.apk barclays
Use smali2java as helper to understand the code: This tool cannot decompile the critical check functions due to obfuscation. However it made it easier to understand the smali files generated by the apktool.
Patch the smali files to work around the checks as described above.
Build the hooking native library seperately
Code:
~/adt/adt-bundle-linux-x86_64-20131030/sdk/tools/android update project --path . --target android-19
ndk-build
Include the hooking shared library into the lib/armeabi of the decompiled package and change the smali files to load the new shared library.
Use apktool to rebuild the apk.
Code:
Apktool b barclays barclays.apk
Sign the apk from using your own key.
Create keystore:
Code:
keytool.exe -genkey -v -keystore my-release-key.keystore -alias release -keyalg RSA -keysize 2048 -validity 20000
Sign Keystore:
Code:
jarsigner -verbose -sigalg SHA1withRSA -digestalg SHA1 -keystore my-release-key.keystore barclays.apk release
Attached is the code for the hook library native project and the diff for the smali changes. Please note that this is for the smali files for generated by apktool (v1.5.2) for the version 1.4.2 of the Barclays mobile banking app.
For Users of other ROMs/SU applications and root hiders.
The app checks for a lot of common packages which I did not bother to patch since I don't use them, but if you do then you should put fixes for all those package/file names in both the smali and native code hook library.
A non exhustive list of files it check are:
Code:
/system/bin/amphoras
/system/bin/su
/system/xbin/su
/system/app/superuser.apk
/data/data/com.amphoras.hidemyroot
/data/data/eu.chainfire.supersu
/data/data/stericson.busybox
/data/data/stericson.busybox.donate
/data/data/com.jrummy.busybox.installer.pro
/data/data/com.jrummy.busybox.installer
/data/data/com.rootuninstaller.free
/data/data/com.rootuninstaller
Hey i will try this out shortly and post a APK (whether you use it or not thats up to you, but i am well known in the xperia play section of this website and should be trusted, Still its up to you.)
EDIT: well i am not a android developer, i can follow almost all this post except the bits about the native library any chance of a bit more information
specifically this bit "Include the hooking shared library into the lib/armeabi of the decompiled package and change the smali files to load the new shared library."
i assume that means just simply copy the built lib file in to that folder then include the file in the code somewhere? where do i do that to?
Sorry about the late reply but I just saw this message.
fma965 said:
EDIT: well i am not a android developer, i can follow almost all this post except the bits about the native library any chance of a bit more information
specifically this bit "Include the hooking shared library into the lib/armeabi of the decompiled package and change the smali files to load the new shared library."
i assume that means just simply copy the built lib file in to that folder then include the file in the code somewhere? where do i do that to?
Click to expand...
Click to collapse
That's pretty much correct. There is already a 'libtest_ndk.so' file in the lib/armeabi folder of the apk. You just have to build my code from the zip file to get the libhooktest.so, which should then be copied into the lib/armeabi folder alongside the libtest_ndk.so.
Edit: Not sure if this is enough instructions. I'm just not good at writing instructions. Steps you need to build the native library are in my post. If you need more info i suggest about building the library http://code.google.com/p/awesomeguy/wiki/JNITutorial#Setup_Environment is a good
Afterwards you have to do the modifications I've listed in the diff to the .smali files.
But i have some bad news about this patch:
The diff file i have attached in the post is wrong. I've mistakenly uploaded the patch to reverse the changes i did . I will update the post with the correct diff file.
It will only work for Barclays app version 1.4.2. it will definitely not work for the latest version of the app which is 1.7.1.
I'm currently going through the code of 1.7.1 I've made some headway into the code but there I'm quite way off from getting it to work.
If you wish I can give you a copy of the original 1.4.2 of Barclays app, the built lib file and the patched app. I would recommend against using the patched app blindly but it might make it easier to figure out the changes i did. I would rather not upload them to xda though.
HiddenRambler said:
Sorry about the late reply but I just saw this message.
That's pretty much correct. There is already a 'libtest_ndk.so' file in the lib/armeabi folder of the apk. You just have to build my code from the zip file to get the libhooktest.so, which should then be copied into the lib/armeabi folder alongside the libtest_ndk.so.
Edit: Not sure if this is enough instructions. I'm just not good at writing instructions. Steps you need to build the native library are in my post. If you need more info i suggest about building the library http://code.google.com/p/awesomeguy/wiki/JNITutorial#Setup_Environment is a good
Afterwards you have to do the modifications I've listed in the diff to the .smali files.
But i have some bad news about this patch:
The diff file i have attached in the post is wrong. I've mistakenly uploaded the patch to reverse the changes i did . I will update the post with the correct diff file.
It will only work for Barclays app version 1.4.2. it will definitely not work for the latest version of the app which is 1.7.1.
I'm currently going through the code of 1.7.1 I've made some headway into the code but there I'm quite way off from getting it to work.
If you wish I can give you a copy of the original 1.4.2 of Barclays app, the built lib file and the patched app. I would recommend against using the patched app blindly but it might make it easier to figure out the changes i did. I would rather not upload them to xda though.
Click to expand...
Click to collapse
No worries about the late reply, yeah you basically told me what i assumed it was i had to do, however when i was trying to do it i didn't have a 1.4.2 apk so was trying ot use 1.7.X and obviously failed .
Yeah the modifications to smali files is easy well when you know what your changing xD
if you could upload the apk for 1.4.2 that would be great, i would assume that as long as the signature matches the official apk its untampered, your modified one will obviously be signed with a different signature though.
:cyclops:
Good news. I've managed to get latest version 1.7.1 patched . I will try to post the patch information this weekend. In the meantime i suggest anyone interested download a copy from the play store and keep a backup of the apk in case they release a new version.
Fix for latest version of the mobile banking app (version 1.7.1)
I've figured out the changes required for the v1.7.1 of the app which is the latest version as of this post.
Changes from the old 1.4.2 are:
Almost all the classes in the app are now obfuscated, whereas before only some of the core class names were obfuscated.
The string encryption has changed. rather than a single encryption function it now uses a group of functions to perform the encryption. rrrrrr/vuuuvu class seems to manage invoking the proper decryptor based on the arguments.
All root checking is now done via the native library.
Native library now does some checks as soon as it's loaded before any methods are called.
The last change is a big problem since its not possible to do the patching of the dll after loading it as was done before. The onload/init of the dll exits the whole application as soon as it detects the phone is rooted.
My solution was to use a modified version of the 'crazy_linker' custom loader library which comes with the ndk to load the library into memory without invoking it's onload/init functions. This lets us hook into the necessary functions before they are called.
I've attached the smali changes as a diff and the new native hook library in this post.
As a side note I think the version 1.4.2 is a far better version. Why on earth would a banking app need to permissions to take pictures, who spends their time 'customizing' a banking app with personal pictures.
Edit: I've fixed a bug where the root was still being detected when used with chainfire su app. Special thanks to lil-diabo for helping me fix the issue. :good:
Xposed module for barclays banking app 1.7.1
Edit: New version (BarcPosed1.1.apk) has some support for barclays pingit. I've not tested this my self as I don't use the application personally. If anyone tries it please let me know.
I've converted my patch into xposed module. This module is compatible with the current banking app (version 1.7.1).
Please consider this as a beta version for now. I've tested it on cyanogenmod but it might have some issues with other roms. If you try it please let me know if it worked.
Assuming you already have a working xposed installation the steps to get the app working are:
1) Install banking app from playstore. Make sure it's version 1.7.1
2) Install the BarcPosed.apk from my post.
3) Run the BarcPosed app and click the 'install' button. You will need to grant it root permissions.
4) Enable the module in xposed and reboot.
5) Use the barclays app as normal.
6) Disable automatic updates for the banking app to prevent it from updating.
I've included the source code for the app.
Thanks, works perfectly. You sir (or madam) are a genius
Sent from my GT-I9300 using XDA Premium 4 mobile app
Works like a charm
Just tested it and it works!
Most excellent, Thanks again for your hard work.
So much easier than having to manually edit the files etc.
It works,excellent job, finally can use Barclays mobile, thank you very much
sent from Samsung Galaxy S4 Active
Just tested and it worked marvellously. Could you please make a fix for pingit as well?
Zell Dinch said:
Just tested and it worked marvellously. Could you please make a fix for pingit as well?
Click to expand...
Click to collapse
HiddenRambler said:
Edit: New version (BarcPosed1.1.apk) has some support for barclays pingit. I've not tested this my self as I don't use the application personally. If anyone tries it please let me know.
Click to expand...
Click to collapse
I've updated my post with version that stops the rooted warning from pingit. Don't use pingit myself so don't know how successful it is. Let me know if you try it.
Brilliant, been struggling in vain with Root Cloak Plus on my N5 but this works perfectly. Many thanks.
Sent from my Xoom Wifi using Tapatalk
Before I switched to KK, I used Barclays App 1.3 doing a small trick with SuperSU. It worked perfectly. I signed the app myself so that it wouldn't update itself from the market and so that I could still use the automatic update in the market.
Do you think it would be possible to make your AMAZING solution work with my v1.3 signed app instead?
thnx
vivelafrance said:
Before I switched to KK, I used Barclays App 1.3 doing a small trick with SuperSU. It worked perfectly. I signed the app myself so that it wouldn't update itself from the market and so that I could still use the automatic update in the market.
Do you think it would be possible to make your AMAZING solution work with my v1.3 signed app instead?
thnx
Click to expand...
Click to collapse
You could try "root cloak" or "root cloak plus" they probably will work.
Actually, what I did, is sign the app with OneClickSigner and it worked fine. Now, the app is not attached to the market anymore since the signature changed, so that means I can continue to use the "automatic update" from the market and it won't ask me to update the app all the time when Barclays upload a new version.
thnx
HiddenRambler said:
...
I've converted my patch into xposed module. This module is compatible with the current banking app (version 1.7.1).
...
Click to expand...
Click to collapse
Hello,
I have a request, can you make it compatible with GingerBread plz?
Thanks.
LoMAX_HUN said:
Hello,
I have a request, can you make it compatible with GingerBread plz?
Thanks.
Click to expand...
Click to collapse
Can you try the attached apk. It's the same code but built as an app for gingerbread version (API lvl 10). I couldn't test it as I don't have a phone for that version.
If it doesn't work please give me a logcat.
Banking Works, but Not PingIt
HiddenRambler said:
Edit: New version (BarcPosed1.1.apk) has some support for barclays pingit. I've not tested this my self as I don't use the application personally. If anyone tries it please let me know.
I've converted my patch into xposed module. This module is compatible with the current banking app (version 1.7.1).
Please consider this as a beta version for now. I've tested it on cyanogenmod but it might have some issues with other roms. If you try it please let me know if it worked.
Assuming you already have a working xposed installation the steps to get the app working are:
1) Install banking app from playstore. Make sure it's version 1.7.1
2) Install the BarcPosed.apk from my post.
3) Run the BarcPosed app and click the 'install' button. You will need to grant it root permissions.
4) Enable the module in xposed and reboot.
5) Use the barclays app as normal.
6) Disable automatic updates for the banking app to prevent it from updating.
I've included the source code for the app.
Click to expand...
Click to collapse
xposed is fantastic!
This worked for me. It's so nice to be able to update my SU binaries without fear of breaking the app.
I'm running Cyanogenmod v10.2.0 on a Samsung Galaxy S3 (International) (i9300).
I tried using the v1.1 of the BarcPosed.apk with PingIt, but it still tried to gain root and then closed itself immediately.

Shaw FreeRange for MI Box V4.2.1.001

Shaw Free Range v 4.2.1.001 on MI Box
I used these instruction posted from another user in a different forum, thought i would share.
Tools used:
APK Icon Editor
apktool
APK 4.2.1.001 APK from apkpure.com ( shaw Freerange )
1.) Download APK
2.) Decompile the APK
apktool d {download location} -o {output location}
3.) Goto {output location} open AndroidManifest.xml
4.) Add the below lines after line 61 (other apk may not be line 61)
Code:
Code:
<activity android:label="" android:launchMode="singleTop" android:name="com.xfinity.cloudtvr.view.AndroidTvBrowseActivity" android:theme="@style/DefaultAppTheme.Xtv.Browse" android:windowSoftInputMode="adjustPan"/>
<activity android:configChanges="orientation|screenSize" android:label="" android:launchMode="singleTop" android:name="com.xfinity.cloudtvr.view.PlayerActivity" android:parentActivityName="com.xfinity.cloudtvr.view.AndroidTvBrowseActivity" android:theme="@style/DefaultAppTheme.Xtv.Browse.Player" android:windowSoftInputMode="adjustPan">
<meta-data android:name="android.support.PARENT_ACTIVITY" android:value=".view.AndroidTvBrowseActivity"/>
</activity>
5.) Recompile the APK
apktool b {output location}
6.) open APK in APK Icon Editor
7.) In APK Icon Editor File -> Explore APK Contents
8.) copy {output location}/build/apk/AndroidManifest.xml to the Explore APK Contents - [replace file]
9.) In APK Icon Editor File -> Export (Pack) APK
10.) Sideload to you Mi Box
Extra stuff abbout the shaw mod
Shaw Freerange.
The menu items on the top of the screen are still chopped but it manageable. Just to clarify this is working for the MI Box. The App will not launch if you are using the Sideload Launcher. You must launch from the Apps in Settings. .
Would either of you be willing to post the APK here for download? I'd love to test this on my Shield TV.
Shaw/Xfinity Android TV TOP MENU FIX!
Tools Used: APK Icon Editor
Process:
1. Open APK with APK-Icon-Editor
2. Change Current mode to APKTOOL (If you are in ZIP mode, you will not see all files.)
3. Explorer APK Contents
4. Open file (\res\layout-television-v13\actionbar_custom.xml)
5. Change the following to 78.0dip form 64dip ( android:layout_height="78.0dip) and save.
Code:
<?xml version="1.0" encoding="utf-8"?>
<LinearLayout android:gravity="bottom|center" android:orientation="horizontal" android:layout_width="fill_parent" android:layout_height="fill_parent"
xmlns:android="http://schemas.android.com/apk/res/android" xmlns:app="http://schemas.android.com/apk/res-auto">
<com.xfinity.common.view.metadata.ActionViewContainer android:id="@id/ab_animated_button_bar" android:background="@drawable/animated_button_bar_bg" android:layout_width="fill_parent" [B][SIZE="5"]android:layout_height="78.0dip[/SIZE][/B]" android:layout_marginLeft="24.0dip" android:layout_marginTop="8.0dip" android:layout_marginRight="24.0dip" android:layout_marginBottom="8.0dip" app:textSize="@dimen/nav_bar_button_text_size" />
</LinearLayout>
5. Open file ( \res\values-television-v13\dimens.xml)
6. change the follwoing to 25dip from 32dip (<dimen name="nav_bar_button_text_size">25.0dip</dimen>) and save
Code:
<?xml version="1.0" encoding="utf-8"?>
<resources>
<dimen name="list_item_side_padding">48.0dip</dimen>
<dimen name="action_view_spacing_inner">64.0dip</dimen>
<dimen name="overscan_horizontal_adjustment">48.0dip</dimen>
<dimen name="overscan_vertical_adjustment">27.0dip</dimen>
[B][SIZE="5"]<dimen name="nav_bar_button_text_size">25.0dip</dimen>[/SIZE][/B]
<dimen name="nav_item_text_selected_spacing">16.0dip</dimen>
<dimen name="nav_item_text_spacing">8.0dip</dimen>
</resources>
7. Export (Pack) APK
8. Install apk and Enjoy
atheoncrutch said:
Would either of you be willing to post the APK here for download? I'd love to test this on my Shield TV.
Click to expand...
Click to collapse
Can you please let us know if you are successful with the apk on Shield TV? Thanks very much.
Integrity2 said:
Can you please let us know if you are successful with the apk on Shield TV? Thanks very much.
Click to expand...
Click to collapse
With the fixed mentioned above, along with the first fix at the top of the form, the one to make it work on Android TV, i do believe this does work on Shield TV as well. Sorry i don't have a shield TV box to test with. There is another form that may be of help from Xfinity TV Mod Android Box (HDMI output) by aiemassfiria. He will be taking my menu fix and integrating it into some of the APK's he's been working on.
https://forum.xda-developers.com/android/apps-games/xfinity-tv-mod-android-box-hdmi-output-t3535881
I used the steps above to modify the apk but unfortunately it crashes immediately upon launch on my shield. If anyone wants to post their modified apk I can try that as well, in case I messed up with mine.
Shaw FreeRange TV no longer works on my android tv (Sony Bravia from 2016 -- model KDL-55W800C).
The last version that worked (always had to sideload it) was 2.1.0.004 but I believe they updated something on the server-side so it no longer works
Here's a direct download to it in case you want to look at what changed in the android protections since then: https://drive.google.com/open?id=0B7UKT-gQprNPSkwzRmRyWl9hNVU
I can confirm the apk here doesn't work: https://forum.xda-developers.com/showpost.php?p=72048755&postcount=65
Shaw Free Range v 4.2.2.001
t0i said:
Shaw FreeRange TV no longer works on my android tv (Sony Bravia from 2016 -- model KDL-55W800C).
The last version that worked (always had to sideload it) was 2.1.0.004 but I believe they updated something on the server-side so it no longer works
Here's a direct download to it in case you want to look at what changed in the android protections since then: https://drive.google.com/open?id=0B7UKT-gQprNPSkwzRmRyWl9hNVU
I can confirm the apk here doesn't work: https://forum.xda-developers.com/showpost.php?p=72048755&postcount=65
Click to expand...
Click to collapse
Try this one From
http://199.175.53.21/shawfreerangetv.leanback422001.apk
buggine said:
Try this one From
h t t p : / / 199.175.53.21/ shawfreerangetv.leanback422001.apk
Click to expand...
Click to collapse
This one works! thanks.
Who is responsible for this apk? Can I learn how this is done?
Thanks,
Shaw TV
t0i said:
This one works! thanks.
Who is responsible for this apk? Can I learn how this is done?
Thanks,
Click to expand...
Click to collapse
Who is responsible for the APK? Well, we all are! The link I provided was from this thread https://forum.xda-developers.com/an...v-mod-android-box-hdmi-output-t3535881/page13. I don't personally post links to my server. If you would like to know how its done, I suggest you follow the steps listed in this thread to modify the APK. the first one will get it to work on android TV boxes for Shield and Mi box, the second fixes the menu. There is also a fix for the HDMI as well, but not needed for the MI box or the Shield TV. you will find it in the link in this post and thanks to aiemassfiria . One thing I've observed though, the App will not work if your time isn't correct on your device, it will give a connection error when registering. So make sure the time is correct.
buggine said:
Who is responsible for the APK? Well, we all are! The link I provided was from this thread https://forum.xda-developers.com/an...v-mod-android-box-hdmi-output-t3535881/page13. I don't personally post links to my server. If you would like to know how its done, I suggest you follow the steps listed in this thread to modify the APK. the first one will get it to work on android TV boxes for Shield and Mi box, the second fixes the menu. There is also a fix for the HDMI as well, but not needed for the MI box or the Shield TV. you will find it in the link in this post and thanks to aiemassfiria . One thing I've observed though, the App will not work if your time isn't correct on your device, it will give a connection error when registering. So make sure the time is correct.
Click to expand...
Click to collapse
Thanks very much for posting the apk, it works great! I can confirm it's working for me on the Nvidia Shield and Nexus Player.
Shaw Free Range v 4.2.2.001
atheoncrutch said:
Thanks very much for posting the apk, it works great! I can confirm it's working for me on the Nvidia Shield and Nexus Player.
Click to expand...
Click to collapse
Curious, what version of android is running on the shield? 6.0 or 7.0
buggine said:
Curious, what version of android is running on the shield? 6.0 or 7.0
Click to expand...
Click to collapse
Shield is running 7.0 with the latest Shield Experience 5.2 update.
atheoncrutch said:
Thanks very much for posting the apk, it works great! I can confirm it's working for me on the Nvidia Shield and Nexus Player.
Click to expand...
Click to collapse
Confirmed working on the first-gen FireTV and Beelink GT1 as well.
buggine said:
Try this one From
Click to expand...
Click to collapse
This is awesome! Thanks for posting. I'm a Shaw Direct subscriber (satellite TV only) and usually after the Get Started prompt the login credentials includes a banner allowing you to select Shaw Direct to enter an account number in a ###-###-#### format, but this seems to be missing in this version. Any idea if it can be accessed? The login page seems to be for Shaw cable subscribers only as my account number isn't recognized. Thanks again!
fearandtrembling said:
This is awesome! Thanks for posting. I'm a Shaw Direct subscriber (satellite TV only) and usually after the Get Started prompt the login credentials includes a banner allowing you to select Shaw Direct to enter an account number in a ###-###-#### format, but this seems to be missing in this version. Any idea if it can be accessed? The login page seems to be for Shaw cable subscribers only as my account number isn't recognized. Thanks again!
Click to expand...
Click to collapse
Do the following,
Shaw Cable:
Sign in with your Shaw ID, My Account Username, or @Shaw.ca email.
Shaw Direct:
Your username is your account number - do not include dashes.
Mi box remote doesn't work with the app
Having problems......
First, I couldn't edit anything. I had to use an external xml editor to change my files.
Then when I tried to load the new apk to the Amazon FireTV (using adblink), in wouldn't install, adblink just loops on 'adb running'.
The original, pre-modified-by-me apk installed and worked fine before, using adblink.
just want to say thanks to the creator of this modded apk. finally got freerange working on my firetv box.

oreo 8.1.0 by gavin19

Here we have linage Oreo 8.1.0 built by XDA member gavin19
A working bootable lineage 8.1.0 that he hand built himself so all credit's go to him
We are needing a dev to go over and fix a few things like camera app not opening
Apart from that it seems fully functional and smooth,
Disclaimer:
We are not responsible for anything that may happen to your phone as a result of installing custom roms and/or kernels. you do so at your own risk and take the responsibility upon yourself.
Install full wipe
Flash latest firmware 8.something
Flash lineage 15.1
Flash gapps 8.1
Once os has booted go back Into recovery and flash magist 14.5 for root
Done
https://mega.nz/#F!rhpExB7L!ypCJwgXQqhQjaJ0muml1aw 15.1+ magist 14.5
https://mega.nz/#F!zlJBQJhJ!BJuv0brw0doTafuLTXJATw. Latest firmware
Thanks too.
LineageOS team
Xda member Gavin19
And all other open source Devs
Google+ community
Telegram group
ROM source
Tree of all official devices
Kernel Source
All thumbs up please send gav not me
Thank you @gavin19 for the build and thank you @mr911 for the thread :good:
omerbagi10 said:
Thank you @gavin19 for the build and thank you @mr911 for the thread :good:
Click to expand...
Click to collapse
Yeah gav is the man, he devoted alot of time to building it smart guy, I've hit quite a big issue since running Oreo 8 I've fully restored fine back to vipor os through twrp restore but I'm guessing somehow Oreo has done something to my twrp and I can't back up any more I hit error createTarFork() process ended with ERROR=255 every time I try and do a back up re flashing twrp gives the same error but firmware flashed fine,
Edit fixed*
Coming from Oreo created a file called addons.d in system, stopping me from making new backups in twrp after flashing my original vipor os backup
1 dirty flash os once your original backup restores (so you don't have to start a fresh)
2 flash gapps
3 reinstall busy box/magist .zip
4 backups work perfect.
Most important thing here is that I'm not a dev. All I did was follow the build guide to the letter. After the initial 'breakfast lithium' stage, I copied this manifest into the .repo/local_manifests folder, ran 'repo sync' again, ran 'breakfast lithium' again then continued with the guide to the end.
Note, you'll need ~170GB of HDD space to build (unless you start trimming some packages). Build time for me with a 4690k at 4.4GHz/16GB RAM and on an SSD was still just over 3 hours.
The build isn't optimised (better toolchain, no removed packages to speed up build process etc) but it was pretty smooth. Not AICP smooth, but pretty close.
For installation I had to remove the device check because our working TWRP builds won't let it install (error 7). You'll need a recent firmware too. Another quirk is that if you try to install GApps immediately after flashing the ROM (for me at least) it complained that it was the incorrect Android version (once reported 7.1.2, then 6.0.0??), and it wouldn't boot properly. What you'll need to do is boot into the ROM and go through the usual setup then reboot and flash GApps and it'll work fine. For root, only Magisk 14.5 worked for me.
Calls, wi-fi, DT2W, sound etc all work.
Camera is broken. Vibrate only works partially (not on tap for example). Keyboard sometimes defaults to voice search for some reason. I didn't find any other issues except that I couldn't install apks from any other file manager than the Lineage one.
This was just a proof of concept. I was asking myself for months why the Mi Max (a bargain Mi Mix) and other Xiaomi devices have several Oreo ROMs (and with working cam), when we had nothing. It was either we were still waiting on some update/blobs etc **or** no-one had really tried. Turned out it was the latter.
EDIT: Moved to AICP from LOS since it's LOS-based and I much prefer it. Should be released very soon.
EDIT2 : https://forum.xda-developers.com/mi-mix/development/rom-aicp-13-1-t3746648
Which one is the latest firmware 8.1.4?
camoway said:
Which one is the latest firmware 8.1.4?
Click to expand...
Click to collapse
I posted a link to all the newest firmwares in my last comment.
gavin19 said:
I posted a link to all the newest firmwares in my last comment.
Click to expand...
Click to collapse
That really helped thanks some much!
gavin19 said:
Most important thing here is that I'm not a dev. All I did was follow the build guide to the letter. After the initial 'breakfast lithium' stage, I copied this manifest into the .repo/local_manifests folder, ran 'repo sync' again, ran 'breakfast lithium' again then continued with the guide to the end.
Note, you'll need ~170GB of HDD space to build (unless you start trimming some packages). Build time for me with a 4690k at 4.4GHz/16GB RAM and on an SSD was still just over 3 hours.
The build isn't optimised (better toolchain, no removed packages to speed up build process etc) but it was pretty smooth. Not AICP smooth, but pretty close.
For installation I had to remove the device check because our working TWRP builds won't let it install (error 7). You'll need a recent firmware too. Another quirk is that if you try to install GApps immediately after flashing the ROM (for me at least) it complained that it was the incorrect Android version (once reported 7.1.2, then 6.0.0??), and it wouldn't boot properly. What you'll need to do is boot into the ROM and go through the usual setup then reboot and flash GApps and it'll work fine. For root, only Magisk 14.5 worked for me.
Calls, wi-fi, DT2W, sound etc all work.
Camera is broken. Vibrate only works partially (not on tap for example). Keyboard sometimes defaults to voice search for some reason. I didn't find any other issues except that I couldn't install apks from any other file manager than the Lineage one.
This was just a proof of concept. I was asking myself for months why the Mi Max (a bargain Mi Mix) and other Xiaomi devices have several Oreo ROMs (and with working cam), when we had nothing. It was either we were still waiting on some update/blobs etc **or** no-one had really tried. Turned out it was the latter.
Click to expand...
Click to collapse
Mate can you shoot me a log dump of your rom? So that I can help you analyze and pinpoint the camera issue.
Also, fantastic work there mate!
Sent from my MI MIX using Tapatalk
E50AK said:
Mate can you shoot me a log dump of your rom? So that I can help you analyze and pinpoint the camera issue.
Also, fantastic work there mate!
Click to expand...
Click to collapse
Been testing for an hour so far just flash light not working, and camera, YouTube app no playback,plays fine through chrome.
Can't seem to find anything else broken
gavin19 said:
Most important thing here is that I'm not a dev. All I did was follow the build guide to the letter. After the initial 'breakfast lithium' stage, I copied this manifest into the .repo/local_manifests folder, ran 'repo sync' again, ran 'breakfast lithium' again then continued with the guide to the end.
Note, you'll need ~170GB of HDD space to build (unless you start trimming some packages). Build time for me with a 4690k at 4.4GHz/16GB RAM and on an SSD was still just over 3 hours.
The build isn't optimised (better toolchain, no removed packages to speed up build process etc) but it was pretty smooth. Not AICP smooth, but pretty close.
For installation I had to remove the device check because our working TWRP builds won't let it install (error 7). You'll need a recent firmware too. Another quirk is that if you try to install GApps immediately after flashing the ROM (for me at least) it complained that it was the incorrect Android version (once reported 7.1.2, then 6.0.0??), and it wouldn't boot properly. What you'll need to do is boot into the ROM and go through the usual setup then reboot and flash GApps and it'll work fine. For root, only Magisk 14.5 worked for me.
Calls, wi-fi, DT2W, sound etc all work.
Camera is broken. Vibrate only works partially (not on tap for example). Keyboard sometimes defaults to voice search for some reason. I didn't find any other issues except that I couldn't install apks from any other file manager than the Lineage one.
This was just a proof of concept. I was asking myself for months why the Mi Max (a bargain Mi Mix) and other Xiaomi devices have several Oreo ROMs (and with working cam), when we had nothing. It was either we were still waiting on some update/blobs etc **or** no-one had really tried. Turned out it was the latter.
Click to expand...
Click to collapse
GREAT JOB!!!! :victory::victory::victory:
PLease, could you clarify?? You are saying you just synced LOS repo for lineage-15.1, then device trees (lithium and common) also from lineageos repo, blobs from TheMuppets, compiled, and it just worked and boots???
If it's like that it's great news. Means, among other things, that LOS sources for Oreo 8.1 are ready or almost almost and that if you update your worktree periodically you would be able to get a better rom just from source.
It also means that newbies like me trying for some days to build Oreo from other rom sources, AOSP ones, can still have hope
Thanks again and good job, man.
E50AK said:
Mate can you shoot me a log dump of your rom? So that I can help you analyze and pinpoint the camera issue.
Also, fantastic work there mate!
Sent from my MI MIX using Tapatalk
Click to expand...
Click to collapse
Where would it be? The closest thing I could find was a build.trace file
---------- Post added at 16:12 ---------- Previous post was at 16:03 ----------
albertoduqe said:
GREAT JOB!!!! :victory::victory::victory:
PLease, could you clarify?? You are saying you just synced LOS repo for lineage-15.1, then device trees (lithium and common) also from lineageos repo, blobs from TheMuppets, compiled, and it just worked and boots???
If it's like that it's great news. Means, among other things, that LOS sources for Oreo 8.1 are ready or almost almost and that if you update your worktree periodically you would be able to get a better rom just from source.
It also means that newbies like me trying for some days to build Oreo from other rom sources, AOSP ones, can still have hope
Thanks again and good job, man.
Click to expand...
Click to collapse
It really was just the build guide I linked to, except I changed 'repo init -u https://github.com/LineageOS/android.git -b cm-14.1' to 'repo init -u git://github.com/LineageOS/android.git -b staging/lineage-15.1'. The key was using the local manifest where I referenced specific repos/revisions (15.1 or staging/15.1, whichever was the latest). The first time I tried manually cloning those repos and literally copy pasting them into where they were meant to go, but clearly I made a mistake somewhere.
The second time i used the cache (I assigned 30GB) but it only used ~4GB and the build time was only ~10 minutes quicker. I wanted to remove a bunch of packages but I was honestly afraid of removing something essential. I'm pretty sure I could remove all the darwin packages since they're only for Mac, e.g adding these into the custom manifest
Code:
<!-- Removals -->
<remove-project name="platform/prebuilts/clang/host/darwin-x86" />
<remove-project name="platform/prebuilts/gcc/darwin-x86/aarch64/aarch64-linux-android-4.9" />
<remove-project name="platform/prebuilts/gcc/darwin-x86/arm/arm-eabi-4.8" />
<remove-project name="platform/prebuilts/gcc/darwin-x86/arm/arm-linux-androideabi-4.9" />
<remove-project name="platform/prebuilts/gcc/darwin-x86/host/i686-apple-darwin-4.2.1" />
<remove-project name="platform/prebuilts/gcc/darwin-x86/x86/x86_64-linux-android-4.9" />
<remove-project name="platform/prebuilts/python/darwin-x86/2.7.5" />
<remove-project name="platform/prebuilts/gdb/darwin-x86" />
<remove-project name="platform/prebuilts/go/darwin-x86" />
Could probably remove a bunch more to speed up the build but I'd need to be 100% sure they weren't needed.
We share the camera as several other devices too, but it's the Mi Max that I think might help us out the most given it's also Xiaomi. If someone with more knowledge could merge what they have for the cam (and so the flashlight too) then we might at least get the rear one working (I think they have a different front).
gavin19 said:
Where would it be? The closest thing I could find was a build.trace file
---------- Post added at 16:12 ---------- Previous post was at 16:03 ----------
It really was just the build guide I linked to, except I changed 'repo init -u https://github.com/LineageOS/android.git -b cm-14.1' to 'repo init -u git://github.com/LineageOS/android.git -b staging/lineage-15.1'. The key was using the local manifest where I referenced specific repos/revisions (15.1 or staging/15.1, whichever was the latest). The first time I tried manually cloning those repos and literally copy pasting them into where they were meant to go, but clearly I made a mistake somewhere.
The second time i used the cache (I assigned 30GB) but it only used ~4GB and the build time was only ~10 minutes quicker. I wanted to remove a bunch of packages but I was honestly afraid of removing something essential. I'm pretty sure I could remove all the darwin packages since they're only for Mac, e.g adding these into the custom manifest
Code:
<!-- Removals -->
<remove-project name="platform/prebuilts/clang/host/darwin-x86" />
<remove-project name="platform/prebuilts/gcc/darwin-x86/aarch64/aarch64-linux-android-4.9" />
<remove-project name="platform/prebuilts/gcc/darwin-x86/arm/arm-eabi-4.8" />
<remove-project name="platform/prebuilts/gcc/darwin-x86/arm/arm-linux-androideabi-4.9" />
<remove-project name="platform/prebuilts/gcc/darwin-x86/host/i686-apple-darwin-4.2.1" />
<remove-project name="platform/prebuilts/gcc/darwin-x86/x86/x86_64-linux-android-4.9" />
<remove-project name="platform/prebuilts/python/darwin-x86/2.7.5" />
<remove-project name="platform/prebuilts/gdb/darwin-x86" />
<remove-project name="platform/prebuilts/go/darwin-x86" />
Could probably remove a bunch more to speed up the build but I'd need to be 100% sure they weren't needed.
We share the camera as several other devices too, but it's the Mi Max that I think might help us out the most given it's also Xiaomi. If someone with more knowledge could merge what they have for the cam (and so the flashlight too) then we might at least get the rear one working (I think they have a different front).
Click to expand...
Click to collapse
https://play.google.com/store/apps/details?id=rs.pedjaapps.alogcatroot.app
Use this app and select the share or save button from the options menu.
Sent from my MI MIX using Tapatalk
E50AK said:
Where would it be? The closest thing I could find was a build.trace file
---------- Post added at 16:12 ---------- Previous post was at 16:03 ----------
It really was just the build guide I linked to, except I changed 'repo init -u https://github.com/LineageOS/android.git -b cm-14.1' to 'repo init -u git://github.com/LineageOS/android.git -b staging/lineage-15.1'. The key was using the local manifest where I referenced specific repos/revisions (15.1 or staging/15.1, whichever was the latest). The first time I tried manually cloning those repos and literally copy pasting them into where they were meant to go, but clearly I made a mistake somewhere.
The second time i used the cache (I assigned 30GB) but it only used ~4GB and the build time was only ~10 minutes quicker. I wanted to remove a bunch of packages but I was honestly afraid of removing something essential. I'm pretty sure I could remove all the darwin packages since they're only for Mac, e.g adding these into the custom manifest
https://play.google.com/store/apps/details?id=rs.pedjaapps.alogcatroot.app
Use this app and select the share or save button from the options menu.
Click to expand...
Click to collapse
Yh I keep seeing camera outlined in red
mr 911 said:
Yh I keep seeing camera outlined in red
Click to expand...
Click to collapse
Okay, thanks. Are you guys available in telegram? It'd be more convenient for us to discuss over there. If yes, add me up - @AKWiro
Sent from my MI MIX using Tapatalk
gavin19 said:
Where would it be? The closest thing I could find was a build.trace file
---------- Post added at 16:12 ---------- Previous post was at 16:03 ----------
It really was just the build guide I linked to, except I changed 'repo init -u https://github.com/LineageOS/android.git -b cm-14.1' to 'repo init -u git://github.com/LineageOS/android.git -b staging/lineage-15.1'. The key was using the local manifest where I referenced specific repos/revisions (15.1 or staging/15.1, whichever was the latest). The first time I tried manually cloning those repos and literally copy pasting them into where they were meant to go, but clearly I made a mistake somewhere.
The second time i used the cache (I assigned 30GB) but it only used ~4GB and the build time was only ~10 minutes quicker. I wanted to remove a bunch of packages but I was honestly afraid of removing something essential. I'm pretty sure I could remove all the darwin packages since they're only for Mac, e.g adding these into the custom manifest
Could probably remove a bunch more to speed up the build but I'd need to be 100% sure they weren't needed.
We share the camera as several other devices too, but it's the Mi Max that I think might help us out the most given it's also Xiaomi. If someone with more knowledge could merge what they have for the cam (and so the flashlight too) then we might at least get the rear one working (I think they have a different front).
Click to expand...
Click to collapse
Would you mind sharing which projects you put in your local manifest? A copy-paste of the content would be great
Also if you guys don't mind adding me to telegram... I've been in contact with E50AK for a while now working on several nougat builds...
By the way camera errors point to camera service manager... E50AK is much better than me at logs but that points at some basic piece of camera drivers missing... Will need much more in depth work though...
---------- Post added at 07:09 PM ---------- Previous post was at 06:45 PM ----------
As I said I am by no means an expert but for the camera I would personally start looking at what this line points:
E/[email protected](15065): Could not get passthrough implementation for ...
Where do the hardware/camera repo comes from? Is it Lineage? Maybe you could try removing that one if it is lineage and syncing google's one... But I'm talking without real good knowledge...
albertoduqe said:
Would you mind sharing which projects you put in your local manifest? A copy-paste of the content would be great
Also if you guys don't mind adding me to telegram... I've been in contact with E50AK for a while now working on several nougat builds...
By the way camera errors point to camera service manager... E50AK is much better than me at logs but that points at some basic piece of camera drivers missing... Will need much more in depth work though...
---------- Post added at 07:09 PM ---------- Previous post was at 06:45 PM ----------
As I said I am by no means an expert but for the camera I would personally start looking at what this line points:
E/[email protected](15065): Could not get passthrough implementation for ...
Where do the hardware/camera repo comes from? Is it Lineage? Maybe you could try removing that one if it is lineage and syncing google's one... But I'm talking without real good knowledge...
Click to expand...
Click to collapse
This is the local manifest I used - https://raw.githubusercontent.com/gavin19/manifest/master/manifest.xml
The local_manifest folder only gets created after the first run of 'breakfast lithium', then I pasted it into that folder and ran 'repo sync' again to pull those down.
I went back to AICP so I can't even dump any logs from Oreo.
As for the camera, I tried looking at the Mi Max ROMs to see if their repos had any different camera-related entries. I found some like this, but whether they would make any difference is unknown. The thing is, I don't want to run blind 3-hour builds on the off chance that something might work or not. I need to figure out how to reduce build time (aside from the ccache which I've already implemented). Surely it shouldn't take ~3 hours?
On that topic, since my out folder is already populated with ~28GB of files, how would I go about cleaning that up for a new build. Should I just delete it or ...? Are there any other folders I should remove before trying further builds or any commands that i should run?
gavin19 said:
This is the local manifest I used - https://raw.githubusercontent.com/gavin19/manifest/master/manifest.xml
The local_manifest folder only gets created after the first run of 'breakfast lithium', then I pasted it into that folder and ran 'repo sync' again to pull those down.
I went back to AICP so I can't even dump any logs from Oreo.
As for the camera, I tried looking at the Mi Max ROMs to see if their repos had any different camera-related entries. I found some like this, but whether they would make any difference is unknown. The thing is, I don't want to run blind 3-hour builds on the off chance that something might work or not. I need to figure out how to reduce build time (aside from the ccache which I've already implemented). Surely it shouldn't take ~3 hours?
On that topic, since my out folder is already populated with ~28GB of files, how would I go about cleaning that up for a new build. Should I just delete it or ...? Are there any other folders I should remove before trying further builds or any commands that i should run?
Click to expand...
Click to collapse
I'll look into the local folder and the rest you say. I've always had to create it manually as haven't built any supported devices from any rom source (what would be the point other than in a situation like we have with Mix and oreo?)
Although I know some guys around here will be much more helpful than myself with the logs and ideas to fix camera, I can see that what you share is just a camera package, that is, the app that uses the hardware. The problem in the rom is at the driver level, I think, and will probably be fixed changing some stuff in hardware or whereabouts...
As to building time and resources: if you didn't erase your working dir, after the first build compiling can take as little as 15 minutes, or up to say 30, depending on the amount of modifications to your sources. The big thing you already did and will not take so long until you make clobber before another one.
---------- Post added at 08:24 PM ---------- Previous post was at 07:55 PM ----------
gavin19 said:
This is the local manifest I used - https://raw.githubusercontent.com/gavin19/manifest/master/manifest.xml
The local_manifest folder only gets created after the first run of 'breakfast lithium', then I pasted it into that folder and ran 'repo sync' again to pull those down.
I went back to AICP so I can't even dump any logs from Oreo.
As for the camera, I tried looking at the Mi Max ROMs to see if their repos had any different camera-related entries. I found some like this, but whether they would make any difference is unknown. The thing is, I don't want to run blind 3-hour builds on the off chance that something might work or not. I need to figure out how to reduce build time (aside from the ccache which I've already implemented). Surely it shouldn't take ~3 hours?
On that topic, since my out folder is already populated with ~28GB of files, how would I go about cleaning that up for a new build. Should I just delete it or ...? Are there any other folders I should remove before trying further builds or any commands that i should run?
Click to expand...
Click to collapse
I found this line strange in your local manifest:
<project name="LineageOS/android_hardware_qcom_media" path="device/qcom/media" remote="github" revision="staging/lineage-15.1" />
Did it came like this after breakfast you say? Cause that is a hardware project that exists already in the manifest.xml and goes to hardware/qcom/media and here it goes to device/qcom... Curious...
Might be one of the things making it work...
albertoduqe said:
I found this line strange in your local manifest:
<project name="LineageOS/android_hardware_qcom_media" path="device/qcom/media" remote="github" revision="staging/lineage-15.1" />
Did it came like this after breakfast you say? Cause that is a hardware project that exists already in the manifest.xml and goes to hardware/qcom/media and here it goes to device/qcom... Curious...
Might be one of the things making it work...
Click to expand...
Click to collapse
The manifest file was added by me. The 'breakfast' command only generates the local_manifests folder, but it doesn't add anything to it. I just discovered that that was where custom manifests are supposed to go.
I copied that manifest from another Oreo project (can't remember which offhand) and just replaced the device names to lithium and the revisions to whichever were the latest for the corresponding repos. I wasn't sure about that line either since it didn't appear to be especially relevant. The only reason I made the manifest was to make sure the build process was pulling in all the lithium-related repos since I couldn't find reference to them elsewhere.
gavin19 said:
The manifest file was added by me. The 'breakfast' command only generates the local_manifests folder, but it doesn't add anything to it. I just discovered that that was where custom manifests are supposed to go.
I copied that manifest from another Oreo project (can't remember which offhand) and just replaced the device names to lithium and the revisions to whichever were the latest for the corresponding repos. I wasn't sure about that line either since it didn't appear to be especially relevant. The only reason I made the manifest was to make sure the build process was pulling in all the lithium-related repos since I couldn't find reference to them elsewhere.
Click to expand...
Click to collapse
Yeah that is the way it is when device is not supported by rom: breakfast doesn't pull anything. It does for lithium nougat but lineage 15.1 is not out, so not ready.
Well it is more than clear that you did perfect as it worked. That line puts a project in a path that's not intended for but either it doesn't conflict with anything or it somehow should be there.
Thanks for the info and replies.
Hope u keep working on it and we can help you each in its measure to make it a fully working rom!!

Question Pixel 7 Pro Volte and Vowifi in unsuported Country

Hey guys, from what I see we get same issues as in all previous Pixels. No Volte for me in Romania, Vodafone. Same as in P6p I previously had. Is there any way to enable it without root? Phone is unlocked, bought from Google Store Germany.
hi, same for me on belgium with orange.be
Same here omantel
I tried the workarounds on the other tread and enabled 5g and also vo5g
Volte, VoWifi, Vo5g all not working.
I come from the oneplus 7 pro and using the nbm file method managed to successfully enable volte.
I wonder if that method will work with the pixel.
Anyone can chime in?
Can you please explain what is nbm file method? First time that i heard about it
No, because it doesn't apply to our phone.
Won't get anywhere without root.
when i go to option in Dial *#*#4636#*#* for volte it can not be selected in my pizel 7 pro .
other wise its working in s22 ultra !!
my career is orange france !!
LLStarks said:
No, because it doesn't apply to our phone.
Click to expand...
Click to collapse
Hi
Are you sure?
It seems to be working on the pixel 5
Module to enable 5G/VoLTE/VoWIFI on Pixel4a 5G/Pixel5
Update (9 Oct 2022): Upload module here. Update (7 Apr 2021): If you are looking for the manual way to add 5G support besides the magisk module way or the module does not work for you. Please refer to #54 for the detailed steps. Thanks again to...
forum.xda-developers.com
Any ideas are welcomed
snapdesign said:
Can you please explain what is nbm file method? First time that i heard about it
Click to expand...
Click to collapse
Here is a detailed post.
In my reply above for the pixel 5 guide, it mentions some of the steps as well.
I won't have access to a proper pc for the next few days, if u managed to get it to work please share.
snapdesign said:
Can you please explain what is nbm file method? First time that i heard about it
Click to expand...
Click to collapse
mbn files are used on Qualcomm, not Shannon modems like on the Pixel 6&7. These will have zero effect.
The reason why VoLTE works for some using the old modules from the Qualcomm pixels is due to the fact that the module also changes some build.prop values (look inside the modules to see which props exactly).
You can also achieve this by editing the /data/user_de/0/com.android.phone/files/carrierconfig-com.google.android.carrier-*.xml file (these are generated from .pb files somewhere, cant remember where they resided on the fs) and adding these lines there:
<boolean name="enhanced_4g_lte_on_by_default_bool" value="true" />
<boolean name="carrier_volte_available_bool" value="true" />
<boolean name="vendor_hide_volte_settng_ui" value="false" />
and after that you will get a toggle in the Settings where you can turn on VoLTE - that will force the VoLTE IMS stack to start working with the stock volte profile. If your carrier has incompatibilities with that profile it wont work.
tauio111 said:
mbn files are used on Qualcomm, not Shannon modems like on the Pixel 6&7. These will have zero effect.
The reason why VoLTE works for some using the old modules from the Qualcomm pixels is due to the fact that the module also changes some build.prop values (look inside the modules to see which props exactly).
You can also achieve this by editing the /data/user_de/0/com.android.phone/files/carrierconfig-com.google.android.carrier-*.xml file (these are generated from .pb files somewhere, cant remember where they resided on the fs) and adding these lines there:
<boolean name="enhanced_4g_lte_on_by_default_bool" value="true" />
<boolean name="carrier_volte_available_bool" value="true" />
<boolean name="vendor_hide_volte_settng_ui" value="false" />
and after that you will get a toggle in the Settings where you can turn on VoLTE - that will force the VoLTE IMS stack to start working with the stock volte profile. If your carrier has incompatibilities with that profile it wont work.
Click to expand...
Click to collapse
Huh
Noted with thanks
Now i wonder since the are many profiles for different operators around the world and On my oneplus 7 pro i used the malaysian maxi nbm, is there a way to rename one of the current profiles to omantel my operator.
My thinking is if i can find the Malaysian profile on the pixel 7 pro and rename it to omantel it might work.
What do u think?
well this only works with root i think right?
hubono said:
Hi
Are you sure?
It seems to be working on the pixel 5
Module to enable 5G/VoLTE/VoWIFI on Pixel4a 5G/Pixel5
Update (9 Oct 2022): Upload module here. Update (7 Apr 2021): If you are looking for the manual way to add 5G support besides the magisk module way or the module does not work for you. Please refer to #54 for the detailed steps. Thanks again to...
forum.xda-developers.com
Any ideas are welcomed
Click to expand...
Click to collapse
hubono said:
Here is a detailed post.
In my reply above for the pixel 5 guide, it mentions some of the steps as well.
I won't have access to a proper pc for the next few days, if u managed to get it to work please share.
Click to expand...
Click to collapse
The Pixel 6 and 7 are completely different chip and modem designs than the Pixel 5.
Last I checked, this breaks more things than it fixes.
tauio111 said:
mbn files are used on Qualcomm, not Shannon modems like on the Pixel 6&7. These will have zero effect.
The reason why VoLTE works for some using the old modules from the Qualcomm pixels is due to the fact that the module also changes some build.prop values (look inside the modules to see which props exactly).
You can also achieve this by editing the /data/user_de/0/com.android.phone/files/carrierconfig-com.google.android.carrier-*.xml file (these are generated from .pb files somewhere, cant remember where they resided on the fs) and adding these lines there:
<boolean name="enhanced_4g_lte_on_by_default_bool" value="true" />
<boolean name="carrier_volte_available_bool" value="true" />
<boolean name="vendor_hide_volte_settng_ui" value="false" />
and after that you will get a toggle in the Settings where you can turn on VoLTE - that will force the VoLTE IMS stack to start working with the stock volte profile. If your carrier has incompatibilities with that profile it wont work.
Click to expand...
Click to collapse
Pretty much this. Can also use this method for other flags that a carrier might support such as VoNR.
In order to enable vowifi and volte, has the carrier to do something or is it google that has to implement this (for a country or a certain carrier)?
kraaiven said:
In order to enable vowifi and volte, has the carrier to do something or is it google that has to implement this (for a country or a certain carrier)?
Click to expand...
Click to collapse
The carrier has to support and enable it, which means you need to be on a tariff that supports it. Not all do. For example, PayG tariffs in the UK quite often don't come with it even if the carrier supports it.
My tarrif definitely does, I used to use it previously on my Note 10 Plus with the same sim card. However, despite sending the SMS code to enable it again last Wednesday just in case changing the phone stopped it working, and getting a response from Vodafone UK to say it will be enabled, it's still unselected on my phone info screen and it's greyed out stopping it being manually turned on.
Annoying.
Ok so i went and copied the carrier file from my oneplus to the pixel but that also didn't work.
Don't know what else i can try
tauio111 said:
mbn files are used on Qualcomm, not Shannon modems like on the Pixel 6&7. These will have zero effect.
The reason why VoLTE works for some using the old modules from the Qualcomm pixels is due to the fact that the module also changes some build.prop values (look inside the modules to see which props exactly).
You can also achieve this by editing the /data/user_de/0/com.android.phone/files/carrierconfig-com.google.android.carrier-*.xml file (these are generated from .pb files somewhere, cant remember where they resided on the fs) and adding these lines there:
<boolean name="enhanced_4g_lte_on_by_default_bool" value="true" />
<boolean name="carrier_volte_available_bool" value="true" />
<boolean name="vendor_hide_volte_settng_ui" value="false" />
and after that you will get a toggle in the Settings where you can turn on VoLTE - that will force the VoLTE IMS stack to start working with the stock volte profile. If your carrier has incompatibilities with that profile it wont work.
Click to expand...
Click to collapse
If you don't mind me asking, Where does the stock volte profile preside?
file:///data/user_de/0/com.android.phone/files/carrierconfig-com.google.android.carrier-*.xml
I get permission denied. I do it on my laptop and termix. Still can't access the file
azooooooooo said:
file:///data/user_de/0/com.android.phone/files/carrierconfig-com.google.android.carrier-*.xml
I get permission denied. I do it on my laptop and termix. Still can't access the file
Click to expand...
Click to collapse
Use fxexplorer
VoWifi Vodafone is stil not working on a pixel 7 (pro) ??
is there a solution?

Categories

Resources