Related
hello,
i open this thread to collect informations about a common problem that happens after flashing new roms
this thread has generic purpose, and is not intended for a specific board...
- suggestions on how to discover the cause of the problem
- suggestions on how to fix the problem
anyone that think to have some useful informations on this issue can insert his post
i am not an expert ( and still my wifi is not working )
but i collected some informations, and i would like to share them
The first thing is:
what happens when from the settings i click on wifi to turn it on
to see this, i opened a terminal emulator session
and i have written this:
adb logcat > 'some file name on a writable directory' (for example , i redirected the output to the external sd card)
here is what was written on the file (extracting from the file only the last part, that is the output related to my action of wifi activation):
D/WifiHW ( 368): Read wifi chip type OK ! wifi_chip_type = RK901
D/WifiHW ( 368): wifi_load_driver: DRIVER_MODULE_PATH = /system/lib/modules/rkwifi.ko, DRIVER_MODULE_ARG =
D/BluetoothAdapterService(1097373104)( 811): getState(): mAdapterProperties: [email protected] 4168aef0
D/BluetoothAdapterService(1097373104)( 811): getState(): mAdapterProperties: [email protected] 4168aef0
D/WifiService( 368): setWifiEnabled: true pid=870, uid=1000
D/AudioHardwareALSA( 109): Audio exiting sandby will open audio device
D/AudioHardwareALSA( 109): AudioStreamOutALSA::standby().....
D/WifiHW ( 368): wifi_load_driver: driver load failed
D/WifiHW ( 368): Unable to unload driver module "wlan": No such file or directory
E/WifiStateMachine( 368): Failed to load driver!
E/WifiStateMachine( 368): DriverFailedState
Searching on the web this string: "Read wifi chip type OK ! wifi_chip_type"
i found this:
https://github.com/aloksinha2001/pi****u-3.0.8-alok/blob/master/RK30_MT5931_MT6622/wifi/wifi.c
into procedure check_wifi_chip_type() i saw exactly this part:
else if (0 == strncmp(buf, "RK901", strlen("RK901")) )
{
wifi_chip_type = RK901;
ALOGD("Read wifi chip type OK ! wifi_chip_type = RK901");
}
here is compared the value of string buf with "RK901"
the string buf is read from this file: "/sys/class/rkwifi/chip"
(so i suppose that this file has been written before by some other procedure)
so, i searched the caller procedure of check_wifi_chip_type():
in the same source i find this caller:
int wifi_load_driver()
{
#ifdef WIFI_DRIVER_MODULE_PATH
char driver_status[PROPERTY_VALUE_MAX];
int count = 100; /* wait at most 20 seconds for completion */
int type;
char path[64];
if (is_wifi_driver_loaded()) {
return 0;
}
strcpy(path, DRIVER_MODULE_PATH);
type = check_wifi_chip_type();
if((type == RK901) || (type == RK903) || (type == BCM4330)) {
strcpy(path, "/system/lib/modules/rkwifi.ko");
} else if (type == RTL8188CU) {
....
this procedure as first step checks if the driver is already loaded,
if not:
the driver module path is set by default to "/system/lib/modules/wlan.ko"
Then basing on the chip type is got a more specific path:
for example, for RK901/RK903/BCM4330 the path is set to : "/system/lib/modules/rkwifi.ko"
Then, is checked if the file does exist, and if not the path is seth to the default DRIVER_MODULE_PATH,
that is "/system/lib/modules/wlan.ko"
// judge if the KO file exist, if not, insmod wlan.ko
if (access(path, F_OK) < 0) {
ALOGD("DRIVER_MODULE_PATH = %s (Not such file)...", path);
strcpy(path, DRIVER_MODULE_PATH);
}
Then,
is called insmod (insert module),
to load the driver file in 'memory' (a new module into the kernel, i suppose):
if (insmod(path, DRIVER_MODULE_ARG) < 0) {
ALOGD("%s: driver load failed", __FUNCTION__);
wifi_unload_driver();
if(retry_count-- > 0) goto retry_load_driver;
return -1;
}
Looking the logcat above,
the flow in my case stops here, with : wifi_load_driver: driver load failed
so something happened in insmod:it is not able to load the file /system/lib/modules/rkwifi.ko in memory or initialize it
(the file is found, else the process should stop before, when checking access to the file)
The insmod function does this:
allocates memory for the structure name (type utsname) :
memset(&name, 0, sizeof(name));
and load the file on this area:
module = load_file(filename_release, &size);
Then is checked if the file has been loaded
if (!module)
return -1;
and finally
the module is 'initialized':
ret = init_module(module, size, args);
One of this two events went wrong, because insmod returned -1
My investigation stops here... i am not able to proceed more...
but i am open to all suggestions and hints
Thank you!!
Vicolodo said:
The first thing is:
what happens when from the settings i click on wifi to turn it on
to see this, i opened a terminal emulator session
and i have written this:
adb logcat > 'some file name on a writable directory' (for example , i redirected the output to the external sd card)
here is what was written on the file (extracting from the file only the last part, that is the output related to my action of wifi activation):
D/WifiHW ( 368): Read wifi chip type OK ! wifi_chip_type = RK901
D/WifiHW ( 368): wifi_load_driver: DRIVER_MODULE_PATH = /system/lib/modules/rkwifi.ko, DRIVER_MODULE_ARG =
D/BluetoothAdapterService(1097373104)( 811): getState(): mAdapterProperties: [email protected] 4168aef0
D/BluetoothAdapterService(1097373104)( 811): getState(): mAdapterProperties: [email protected] 4168aef0
D/WifiService( 368): setWifiEnabled: true pid=870, uid=1000
D/AudioHardwareALSA( 109): Audio exiting sandby will open audio device
D/AudioHardwareALSA( 109): AudioStreamOutALSA::standby().....
D/WifiHW ( 368): wifi_load_driver: driver load failed
D/WifiHW ( 368): Unable to unload driver module "wlan": No such file or directory
E/WifiStateMachine( 368): Failed to load driver!
E/WifiStateMachine( 368): DriverFailedState
Searching on the web this string: "Read wifi chip type OK ! wifi_chip_type"
i found this:
https://github.com/aloksinha2001/pi****u-3.0.8-alok/blob/master/RK30_MT5931_MT6622/wifi/wifi.c
into procedure check_wifi_chip_type() i saw exactly this part:
else if (0 == strncmp(buf, "RK901", strlen("RK901")) )
{
wifi_chip_type = RK901;
ALOGD("Read wifi chip type OK ! wifi_chip_type = RK901");
}
here is compared the value of string buf with "RK901"
the string buf is read from this file: "/sys/class/rkwifi/chip"
(so i suppose that this file has been written before by some other procedure)
so, i searched the caller procedure of check_wifi_chip_type():
in the same source i find this caller:
int wifi_load_driver()
{
#ifdef WIFI_DRIVER_MODULE_PATH
char driver_status[PROPERTY_VALUE_MAX];
int count = 100; /* wait at most 20 seconds for completion */
int type;
char path[64];
if (is_wifi_driver_loaded()) {
return 0;
}
strcpy(path, DRIVER_MODULE_PATH);
type = check_wifi_chip_type();
if((type == RK901) || (type == RK903) || (type == BCM4330)) {
strcpy(path, "/system/lib/modules/rkwifi.ko");
} else if (type == RTL8188CU) {
....
this procedure as first step checks if the driver is already loaded,
if not:
the driver module path is set by default to "/system/lib/modules/wlan.ko"
Then basing on the chip type is got a more specific path:
for example, for RK901/RK903/BCM4330 the path is set to : "/system/lib/modules/rkwifi.ko"
Then, is checked if the file does exist, and if not the path is seth to the default DRIVER_MODULE_PATH,
that is "/system/lib/modules/wlan.ko"
// judge if the KO file exist, if not, insmod wlan.ko
if (access(path, F_OK) < 0) {
ALOGD("DRIVER_MODULE_PATH = %s (Not such file)...", path);
strcpy(path, DRIVER_MODULE_PATH);
}
Then,
is called insmod (insert module),
to load the driver file in 'memory' (a new module into the kernel, i suppose):
if (insmod(path, DRIVER_MODULE_ARG) < 0) {
ALOGD("%s: driver load failed", __FUNCTION__);
wifi_unload_driver();
if(retry_count-- > 0) goto retry_load_driver;
return -1;
}
Looking the logcat above,
the flow in my case stops here, with : wifi_load_driver: driver load failed
so something happened in insmod:it is not able to load the file /system/lib/modules/rkwifi.ko in memory or initialize it
(the file is found, else the process should stop before, when checking access to the file)
The insmod function does this:
allocates memory for the structure name (type utsname) :
memset(&name, 0, sizeof(name));
and load the file on this area:
module = load_file(filename_release, &size);
Then is checked if the file has been loaded
if (!module)
return -1;
and finally
the module is 'initialized':
ret = init_module(module, size, args);
One of this two events went wrong, because insmod returned -1
My investigation stops here... i am not able to proceed more...
but i am open to all suggestions and hints
Thank you!!
Click to expand...
Click to collapse
Interesting... Yesterday i was trying to solve this problem caused by a cwm recovery flashing during about 8 hours with my mk809ii. I let my pc downloading about 10 different roms from other similar devices, and this morning i stay to try one by one. Finally i found "mk808B bob finless 2.1 room (jb4.2.2) with wifi APxxxx" (APxxxx is my wifi chip, i can't remember the xxxx just now) fix both wifi and bluetooth.
You did a good research, i will save your post on case i get the error again, but i think the best thing to do is to search for a compatible rom and try, with same both cpu and wifi chipset. Also now after read your post i am going to save a backup of system /lib and system /etc directories, maybe changing the wifi library files fix the error without needing of flash and reflash...
Thanks, i liked your post!
Enviado desde mi GT-P7510 usando Tapatalk 2
This NOT a Q&A thread. Only people working out the problem are welcome.
okay , so as of flashing even supersu beta version BETA-SuperSU-v2.49 this is the issue i'm guessing for our device
for reference the firmware release api in question is Android 5.1 , API Level 22
Code:
[email protected]:/# adb logcat -d | grep F/
F/appproc ( 305): Error changing dalvik-cache ownership : Permission denied
F/libc ( 305): Fatal signal 6 (SIGABRT), code -6 in tid 305 (app_process32_o)
F/appproc ( 1026): Error changing dalvik-cache ownership : Permission denied
F/libc ( 1026): Fatal signal 6 (SIGABRT), code -6 in tid 1026 (app_process32_o)
F/appproc ( 1389): Error changing dalvik-cache ownership : Permission denied
F/libc ( 1389): Fatal signal 6 (SIGABRT), code -6 in tid 1389 (app_process32_o)
F/appproc ( 1758): Error changing dalvik-cache ownership : Permission denied
F/libc ( 1758): Fatal signal 6 (SIGABRT), code -6 in tid 1758 (app_process32_o)
F/appproc ( 2123): Error changing dalvik-cache ownership : Permission denied
F/libc ( 2123): Fatal signal 6 (SIGABRT), code -6 in tid 2123 (app_process32_o)
F/appproc ( 2482): Error changing dalvik-cache ownership : Permission denied
F/libc ( 2482): Fatal signal 6 (SIGABRT), code -6 in tid 2482 (app_process32_o)
[email protected]:/#
after looking at the script i ran and got this
Code:
[email protected]:/# adb shell ls -al /system/bin/app*
[COLOR="Red"]lrwxrwxrwx root root 2014-03-07 10:19 app_process -> /system/xbin/daemonsu
lrwxrwxrwx root root 2014-03-07 10:19 app_process32 -> /system/xbin/daemonsu
-rwxr-xr-x root shell 13588 2015-07-02 14:29 app_process32_original[/COLOR]
-rwxr-xr-x root shell 13588 2014-03-07 10:19 app_process_init
-rwxr-xr-x root shell 57688 2015-07-02 14:29 applypatch
-rwxr-xr-x root shell 213 2015-07-02 14:29 appops
-rwxr-xr-x root shell 215 2015-07-02 14:29 appwidget
undoing that with this
Code:
rm -f app_process app_process32
ln -sf /system/bin/app_process32_original /system/bin/app_process
"resolved" the "error" so if you flashed supersu thinking YAY ROOT ! and ended up with what you got you need to run what i did to
regain what you had.
SO, linking daemonsu in a different way is probably the thing but, how?
so far selinux is still alive i am trying out a patch @RunasSudo suggested here
http://forum.xda-developers.com/goo...orrect-to-compile-permissive-selinux-t3074761
also i am trying to figure out how app_process works
@thisisapoorusernamechoice
sorry for hijacking your thread. m
Okay, so with a modified adbd in /sbin i achieve a root prompt through adb
Note - at this point i do have full control over the system. yay!
but at the cost of blank display and no functions of hardware input [no touch hard buttons] awww (frowny face)
interesting note, the stock adbd has root access/privelege when executing adb reboot recovery.
does anyone have a lead on how to bind a block device to a tcp port ?
something like this, but that works, and as a service maybe?
cat /dev/whatever | nc -l 2345
okay if i'm seeing this right...,
Code:
F/appproc ( 305): Error changing dalvik-cache ownership : [COLOR="Red"]Permission denied[/COLOR]
F/libc ( 305): Fatal signal 6 (SIGABRT), code -6 in [COLOR="Red"]tid[/COLOR] 305 (app_process32_o)
my gues would be selinux denial based on wrong/incorrect type id
from file contexts
Code:
/system/bin/app_process32 u:object_r:[COLOR="Red"]zygote_exec[/COLOR]:s0
from zygote.te
Code:
# zygote
[COLOR="Red"]type[/COLOR] zygote, domain;
type [COLOR="Red"]zygote_exec[/COLOR], exec_type, file_type;
soooooo when the shuffling around of app_process* happens and /system/xbin/daemonsu is linked to /system/bin/app_process
should daemonsu instead of being [from supersu installer script]
Code:
/system/xbin/daemonsu 0755 u:object_r:system_file:s0
be
Code:
/system/xbin/daemonsu 0755 u:object_r:zygote_exec:s0
?
i don't think it sepolicy version 26, same as sm-t530nu, i'm also using the sm-t53nu's LL kernel source release for my sm-t330nu LP kernel build, so it's not the knox ****ery in the kernel source. so it's the actual policy itself ?
I'm going to do an experiment by flashing/writing the system.img.ext4 from the sm-t530nu LP release with a modified boot.img
to the sm-t330nu [post LP release flash]
If it works it would effectively be a downgrade to 5.0.X
This has worked with @sub77 's LP builds for sm-t530nu to "port" them to sm-t330nu soooo
more to come ?
okay, sooooo
now that my sm-t330nu has the official LP release installed, i CAN flash the system.img from the official sm-t530nu to it and boot successfully,
so i was right about the tied to firmware thing.
Now after a few different tests i am unable to "downgrade" my boot.img to match the sm-t530nu release version wise, policy and all
and remain at android 5.1.1 NNNYYYAAAAAHHHHHHHHH ! [WHEW okay , glad to get that out.. ]
SO, i flashed supersu to see what would happen and got the same result as before BUT, totally sepolicy contexts
Without restoring system or doing the meatball surgery from the previous post, i instead manually changed the policy context
of /system/xbin/daemonsu through adb in recovery
[note- you must enbale dev-options--->debugging
Code:
adb reboot recovery
adb shell mount /system
adb shell
chcon u:object_r:zygote_exec:s0 /system/xbin/daemonsu
chattr +i /system/xbin/daemonsu
reboot
SHINY ! no root. but boots
Code:
[email protected]:/system/bin/.ext $ ls -Z /system/xbin/daemonsu
-rwxr-xr-x root root u:object_r:zygote_exec:s0 daemonsu
Okay so now we need to know proper context for
/system/xbin/su
/system/bin/.ext/.su
hmmmm... i am going outside to play.
Nature sucks, the resolution is terrible ! xD
okay android 5.1.1 samsung policy context for system libraries is
Code:
u:object_r:system_library_file:s0
okay so far nutz..,
i found this for setool utility [setools-android-sepolicy-inject] project by @Mikos
http://forum.xda-developers.com/android/software/setools-android-sepolicy-inject-t2977563
i've forked his sources https://github.com/xmikos/setools-android
adjusted for api, and will try this method.
Android NDK
wget https://dl.google.com/android/ndk/android-ndk-r10e-linux-x86.bin
m
okay,
got Miko's toolkit compiled, this is the output of seinfo
Code:
\[email protected]:/ $ seinfo
Statistics for policy file: /sepolicy
Policy Version & Type: v.26 (binary, mls)
Classes: 86 Permissions: 271
Common classes: 5
Sensitivities: 1 Categories: 1024
Types: 1169 Attributes: 162
Users: 1 Roles: 2
Booleans: 0 Cond. Expr.: 0
Allow: 14802 Neverallow: 0
Auditallow: 0 Dontaudit: 401
Type_trans: 458 Type_change: 0
Type_member: 0 Role allow: 0
Role_trans: 0 Range_trans: 0
Constraints: 59 Validatetrans: 0
Initial SIDs: 27 Fs_use: 19
Genfscon: 43 Portcon: 0
Netifcon: 0 Nodecon: 0
Permissives: 0 Polcap: 2
[email protected]:/ $
i'm looking for someone who can run me through how sepolicy injection works specifically.
I don't know enough to interpret a generic example.
what i can understand right now is daemonsu disguised as app_process cannot access/change what it needs to in dalvik-cache due to incorrect/wrong -tid if that's the right way to say it.
this again
Code:
F/appproc ( 305): Error changing dalvik-cache ownership : Permission denied
F/libc ( 305): Fatal signal 6 (SIGABRT), code -6 in tid 305 (app_process32_o)
Mikos said the following as to command line syntax
Mikos said:
Hello, the syntax is simple, if you want comparison with supolicy, here is one example (taken from my SnooperStopper app):
Code:
supolicy --live 'allow vdc init fifo_file {read write getattr}'
is equivalent to:
Code:
sepolicy-inject -s vdc -t init -c fifo_file -p read,write,getattr -l
Click to expand...
Click to collapse
m
so how much progress you have done so far? need any help?
jazzespresso said:
so how much progress you have done so far? need any help?
Click to expand...
Click to collapse
Jazz,
have you ever done any work with sepolicy, setools ?
is there a way or do you know the right way to do the policy injection part of what Mikos described for
su and daemonsu ?
when i run strings on the sepolicy binary i do find su_exec.
so i'm still at daemonsu being the culprit. @Chainfire does make it clear the there is a hijack of app_process going on
and i do believe it works for other devices running a "state sanctioned" 5.1.1 so this is/has to be a dicky samsung move.
also how to determine the correct tid if that is indeed what i'm looking for. [see OP]
m
Will look into that, not sure how much differences between android 5.0.X and 5.1.1..
jazzespresso said:
Will look into that, not sure how much differences between android 5.0.X and 5.1.1..
Click to expand...
Click to collapse
It seems to be all sepolicy, i had to adblock and put in my usual apps minus root apps via adb push.
Swapping policy from the 5.0 boot.img reseults in no visuals or input but at adb/terminal i have access,
It just occured to me that i have not yet tried the policy swap and then applied root, hmm.
After i unscrew my system, i upgraded but forgot to change from sid so now wifi is totally boned, xD
I'll try that out, i figure it's something with ueventd.?
On disabling the policy it's complete no go so far.
In spite of modding init.rc
To disab;e sepolicy reload, to write to sys/fs/selinux/enable/0 and trying kernel cmdline edits for enforce=0 androidboot.selinux=0 etc, results
In bogus disable or no boot and dead adbd. Fun fun fun !
this is a copy/paste from my earlier sepolicy trip from galaxy tab 3 forum, putting here for reference
On-Device Policy Files
/sepolicy: Kernel binary policy
/file_contexts: File security contexts
/property_contexts: Property security contexts
/seapp_contexts: App security contexts
/system/etc/security/mac_permissions.xml: App certificate to seinfo mapping
On mac_permissions.xml
●At build time, mac_permissions.xml signature tag names (e.g. @platform) are rewritten to the actual
certificate value extracted from .pem file specified by external/sepolicy/keys.conf
.●build/tools/releasetools/sign_target_files_apks rewrites mac_permissions.xml with updated certificate values for new keys.
System Apps by Certificate
●mac_permissions.xml:
<signer signature= @platform" >
<seinfo value="platform" />
</signer>
●
seapp_contexts:
user=_app seinfo=platform domain=platform_app
type= app_data_file
---------------------------------------------------
Okay so what is this _u _r _t suffix stuff?
• _u – SELinux user
eg: system_u – used for running system services
• _r – SELinux role
eg: system_r – for daemons and background processes
• _t – SELinux type / domain
eg:httpd_t
you can change a single domain to permissive mode
-------------------------------------
the original thread is here, i forgot all about mac_permissions.xml when swapping policy
http://forum.xda-developers.com/galaxy-tab-3/general/se-linux-policy-information-thread-t2865457
moonbutt74 said:
It seems to be all sepolicy, i had to adblock and put in my usual apps minus root apps via adb push.
Swapping policy from the 5.0 boot.img reseults in no visuals or input but at adb/terminal i have access,
It just occured to me that i have not yet tried the policy swap and then applied root, hmm.
After i unscrew my system, i upgraded but forgot to change from sid so now wifi is totally boned, xD
I'll try that out, i figure it's something with ueventd.?
On disabling the policy it's complete no go so far.
In spite of modding init.rc
To disab;e sepolicy reload, to write to sys/fs/selinux/enable/0 and trying kernel cmdline edits for enforce=0 androidboot.selinux=0 etc, results
In bogus disable or no boot and dead adbd. Fun fun fun !
Click to expand...
Click to collapse
I was thinking about getting policy from the 5.0 boot.img and try and see...not sure if it would work - you may try and let me know your results
1) 5.0 sepolicy file.
2) initrd.img current one
3) initrd.img current one
It has been long time man I worked on it or dig this stuff......hmmm....hmmm....Galaxy S6 developers got root on 5.1.1, so this should be not so hard.....
okay so the sesearch string looks something like this , yielding the following output
Code:
[email protected]:/storage/AIK-Linux/ramdisk# sesearch -A -s shell -t system [COLOR="Red"]-c file[/COLOR] sepolicy
Found 3 semantic av rules:
allow shell newAttr33 : file { ioctl read write getattr lock open } ;
allow newAttr7 newAttr33 : file { ioctl read write getattr lock open } ;
allow appdomain newAttr33 : file { ioctl read write getattr lock open } ;
but if i leave out the -c [class=name] option it works sort of like a wild-card and i get this
Code:
[email protected]:/storage/AIK-Linux/ramdisk# sesearch -A -s shell -t system sepolicy
Found 20 semantic av rules:
allow shell system_server : process { transition siginh rlimitinh } ;
allow shell newAttr33 : process getattr ;
allow shell newAttr33 : file { ioctl read write getattr lock open } ;
allow shell newAttr33 : dir { ioctl read getattr search open } ;
[COLOR="Red"]allow shell newAttr33 : lnk_file { ioctl read getattr lock open } ;[/COLOR]
allow appdomain domain : process getattr ;
allow domain system_server : fd use ;
allow newAttr7 newAttr33 : file { ioctl read write getattr lock open } ;
allow newAttr7 newAttr33 : dir { ioctl read getattr search open } ;
[COLOR="Red"] allow newAttr7 newAttr33 : lnk_file { ioctl read getattr lock open } ; [/COLOR]
allow newAttr1 binderservicedomain : fd use ;
allow newAttr1 binderservicedomain : binder { call transfer } ;
allow appdomain system_server : fd use ;
allow appdomain system_server : fifo_file { ioctl read write getattr lock append open } ;
allow appdomain system_server : tcp_socket { read write getattr getopt shutdown } ;
allow appdomain system_server : unix_stream_socket { read write getattr getopt setopt shutdown } ;
allow appdomain newAttr33 : file { ioctl read write getattr lock open } ;
allow appdomain newAttr33 : dir { read getattr search open } ;
allow appdomain newAttr33 : lnk_file { read write getattr open } ;
allow appdomain system_server : binder { call transfer } ;
the lnk_file ones seem interesing, i'm not sure if write is the correct perm or if it's readwrite
using sepolicy inject i've been adding to that list like so
Code:
sepolicy-inject -s appdomain -t newAttr33 -c lnk_file -p write -P sepolicy -o sepolicy-UNdead
but nothing yet, as i go further i will learn more, i think it's finding out what need to be made permissive, getting a read on audit and allow rules don't seem to work, i'm using debian's sepolicy dev tools, as well as Miko's set, and the originating source for sepolicy-inject as well.
finding the permissions/av denial connected to daemonsu being prevented from changing dalvik-cache ownership is what i think i'm looking for
but i'm not 100% on that, though when i
Code:
chcon u:object_r:su_exec:s0 su
, i do get a denial in terminal when i reboot and run su, so i'm still uncertain if su is the culprit.
what makes you think su is the culprit, it is because 5.1.1?
jazzespresso said:
what makes you think su is the culprit, it is because 5.1.1?
Click to expand...
Click to collapse
well, su runs the daemon right the daemon and supolicy need root privelege to run and load
for the portion of the logcat, changing ownership in dalvik-cache fails because damonsu hijacks the app_process/32
changing ownership is the function of chown which needs root priveleges, that particular function happens after the init process,
the init process work with root privelege for the beginning stages of the boot process then lock down and throws over to the system,
without the system's su functioning that process of changing dalvik cache ownership fails and sigabrt , the system hangs.
the reason i'm not 100% sure it's su is because when i chcon app_process/32 -> /xbin/daemonsu to ubject_r:zygote_exec
then the process goes through so...
moonbutt74 said:
well, su runs the daemon right the daemon and supolicy need root privelege to run and load
for the portion of the logcat, changing ownership in dalvik-cache fails because damonsu hijacks the app_process/32
changing ownership is the function of chown which needs root priveleges, that particular function happens after the init process,
the init process work with root privelege for the beginning stages of the boot process then lock down and throws over to the system,
without the system's su functioning that process of changing dalvik cache ownership fails and sigabrt , the system hangs.
the reason i'm not 100% sure it's su is because when i chcon app_process/32 -> /xbin/daemonsu to ubject_r:zygote_exec
then the process goes through so...
Click to expand...
Click to collapse
re-moved
Jazz,
what i am actually going to say is;
pingpong root is a fail, i tried it a few days ago.
dumping general links into this thread is not help.
Linking DIRECTLY to kernel patches/mods etc., is better.
I am looking at the s6 source from the thread you linked to.
I don't think kernel version will make too much of a difference.
The interest, MY interest is in how to mod the default sepolicy to unbreak root.
I do NOT want permissive, i want enforcing with root functioning correctly.
I am getting a better hang of the sepolicy tools but have yet to find what needs changing adjusting
I did manage to disable [set permissive] the policy AND achieve root BUT with display,touch,input broken as before. [grumble]
In the furture please remove quoted text when you reply to post. Thanks.
m
moonbutt74 said:
Jazz,
what i am actually going to say is;
pingpong root is a fail, i tried it a few days ago.
dumping general links into this thread is not help.
Linking DIRECTLY to kernel patches/mods etc., is better.
I am looking at the s6 source from the thread you linked to.
I don't think kernel version will make too much of a difference.
The interest, MY interest is in how to mod the default sepolicy to unbreak root.
I do NOT want permissive, i want enforcing with root functioning correctly.
I am getting a better hang of the sepolicy tools but have yet to find what needs changing adjusting
I did manage to disable [set permissive] the policy AND achieve root BUT with display,touch,input broken as before. [grumble]
In the furture please remove quoted text when you reply to post. Thanks.
m
Click to expand...
Click to collapse
sorry....removed the links and references on my previous post....
jazzespresso said:
sorry....removed the links and references on my previous post....
Click to expand...
Click to collapse
Jazz,
security: SELinux: Avoid enabling enforcing by conventional flag
as to this https://github.com/djvoleur/V_925R4_BOF7/commit/3e33f1fb5538fb2f0f055e9035fe8885a3471322
i'll give it a try and see what happens, but i still want sepolicy enforcing.
@jazzespresso
EDIT - okay i tried it out straight and no-go, but looking at the diff between our selinuxfs.c
and the one you linked to i see that we have a compile/build flag
#ifdef CONFIG_ALWAYS_ENFORCE
//If build is user build and enforce option is set, selinux is always enforcing
new_value = 1;
[blah blah blah]
selinux_enforcing = new_value;
there's some more but i think you get the idea of where i'm going with this.
the new_value change has been used before to success so it will work with our kernel source,
it's just a matter of getting it right. =]
Android IPC binder throwing "failed to retrieve pid" in Samsung Galaxy S6 Nougat 7.0
Hi,
1). I just updated my Samsung Galaxy S6 device to Nougat 7.0.
2). Then after i rooted the phone, put the device into SELINUX permissive mode by doing the following command.
setenforce 0
3).Downloaded and compiled "SM-G920I_SWA_NN_Opensource" from opensource.samsung.com site.
4).Flash the kernel image using mkbootimg
5).Then i installed my android test application which calls IPC binder native service methods (testservice) from JNI (IPC client). For the first time after installation, application is able to get the testservice binder object if i called as below in JNI file,
binder = sm->getService(android::String16("testservice"));
6).But from the second time onwards i am getting the following error,
09-14 19:42:51.217 3177 3177 E ServiceManager: SELinux: getpidcon(pid=0) failed to retrieve pid context.
09-14 19:42:51.218 9675 10155 I ServiceManager: Waiting for service testservice...
09-14 19:42:51.422 3721 6035 D TelephonyManager: getAllCellInfo : Caller (PID / UID / TID): 3721 / 1000 / 6035
09-14 19:42:52.220 3177 3177 E ServiceManager: SELinux: getpidcon(pid=0) failed to retrieve pid context.
09-14 19:42:52.221 9675 10155 I ServiceManager: Waiting for service testservice..
Getting the above logs continuously even though the testservice is running in the background.
Please help to sort out the issue.
Hello sr4shantan,
Were you able to resolve the issue? I am facing similar issue on Samsung GS7 Edge phone after upgrading to Nougat 7.0. Any pointers to help resolve the issue would be appreciated.
Thanks
sr4shantan said:
Hi,
1). I just updated my Samsung Galaxy S6 device to Nougat 7.0.
2). Then after i rooted the phone, put the device into SELINUX permissive mode by doing the following command.
setenforce 0
3).Downloaded and compiled "SM-G920I_SWA_NN_Opensource" from opensource.samsung.com site.
4).Flash the kernel image using mkbootimg
5).Then i installed my android test application which calls IPC binder native service methods (testservice) from JNI (IPC client). For the first time after installation, application is able to get the testservice binder object if i called as below in JNI file,
binder = sm->getService(android::String16("testservice"));
6).But from the second time onwards i am getting the following error,
09-14 19:42:51.217 3177 3177 E ServiceManager: SELinux: getpidcon(pid=0) failed to retrieve pid context.
09-14 19:42:51.218 9675 10155 I ServiceManager: Waiting for service testservice...
09-14 19:42:51.422 3721 6035 D TelephonyManager: getAllCellInfo : Caller (PID / UID / TID): 3721 / 1000 / 6035
09-14 19:42:52.220 3177 3177 E ServiceManager: SELinux: getpidcon(pid=0) failed to retrieve pid context.
09-14 19:42:52.221 9675 10155 I ServiceManager: Waiting for service testservice..
Getting the above logs continuously even though the testservice is running in the background.
Please help to sort out the issue.
Click to expand...
Click to collapse
The Blackview BV9800 Pro is a relatively rare device, and has no support from LineageOS or any other popular ROM project I can find. This is kind of a shame, because it's a pretty cool device - in particular, it has an integrated thermal camera, and is also just a nice ruggedized phone at a surprisingly low price. The bootloader is unlockable out of the box without any need for an unlock code or other nonsense from the vendor, which is also a big bonus.
Being a Project Treble-compatible device, it's possible to run unofficial GSI builds of LineageOS on it, such as these, which are replacement images to flash over /system. These work well with the majority of the BV9800 Pro's functions (wireless, visible-light cameras, sensors, etc.), but getting the thermal camera to work requires a little bit more work. I have done this successfully, so I wanted to share what I did in case anyone else finds themselves in the same situation.
I have only tested these procedures on a BV9800 Pro (EEA version), running LineageOS 16 (Android 9) from the link above. Other versions of Android may work, but I do not know whether they do or not, and decided to stay with Android 9, since this is what the vendor ships on the device. Your results may vary if you decide to try a newer version.
The factory MyFLIR app for the device can be found at this location in the stock ROM:
Code:
/system/app/myflir-bv2.3.6-release-signed/myflir-bv2.3.6-release-signed.apk
However, if you try to just install it like a normal app package under LineageOS, it crashes on startup without providing any useful information. The system logs reveal that it crashes because it's trying to communicate with a system service that manages the thermal camera, but this service isn't installed. Fortunately, you can install it by just copying a few files from the factory ROM over to the LineageOS system. The files in question are located at these paths in the factory ROM:
Code:
/system/bin/leptonServer
/system/etc/init/LeptonCameraServer.rc
/system/lib64/libleptoncamera.so
If you copy these files to the same paths in the LineageOS /system tree, then the Lepton camera server backend, which is required for the MyFLIR app to function, will be installed and configured to start at boot.
SELinux seems to prevent the app from connecting to the Lepton server on my device, so I had to disable it by running
Code:
setenforce 0
in a root shell on the device. I didn't install it as a system app, though, which could be part of the problem. I don't know much about how SELinux actually works, but I feel comfortable enough disabling it. If you don't want to disable it, you can probably find information about how to make it allow the FLIR app to work, but I'm afraid I can't be of much help there.
You can find a copy of the stock BV9800 Pro ROM here on the Blackview forum.
If you want to root the stock ROM to allow you to inspect /system, this thread explains how. If you prefer, you can instead extract the ROM zip archive on a computer, decompress the included system.img with simg2img, and mount it to inspect the contents directly, which is what I did. Modifying /system on a running device can be difficult these days, so it will probably work best to mount up the GSI image the same way and copy the files into it, rather than try to edit it in-place on a running device.
I hope this information helps. The thermal camera is one of the most important (and expensive) features of the BV9800 Pro, and getting it working was pretty much the deciding factor for me as to whether I would keep the (kind of bad) factory ROM, or get to enjoy all the perks of LineageOS. I'm not really knowledgeable enough to write a complete and trustworthy guide to installing LineageOS, though, so if you're just getting started, you'll want to find a more detailed tutorial about how installing custom ROMs (especially GSI/Treble builds) works.
That's a cool rugged phone. Stock it's running on Pie... personally I leave it be and optimize it as best I could to get maximum battery life.
I was looking at these... FLIR, hell yes.
I was following your guide, I'm using my Blackview 9800pro without GApps (but with MicroG 0.2.18.204714) on LineageOS 17.1-20210321. When opening the MyFlir camera or gallery app, it asks me for all the relevant permissions on the first start and then promptly crashes every time I open it. I tried both as a system and a regular app, with and without selinux. In the error below, it complains about not finding the right function in libvndksupport.so. This library is much smaller in LineageOS than it is shipped in the Stock ROM from Blackview. Replacing the LineageOS shared object file with the one from Blackview causes my phone not to boot. Is there something I am missing that causes my instance of the app (I tried both 2.3.6 and 2.3.8) to crash?
Code:
04-28 00:27:34.047 1383 5788 I ActivityTaskManager: START u0 {act=android.intent.action.MAIN cat=[android.intent.category.LAUNCHER] flg=0x10200000 cmp=com.flir.tiger/com.flir.monarch.ui.MainActivity bnds=[27,996][232,1321]} from uid 10121
04-28 00:27:34.057 783 804 I [email protected]: powerHintAsync hint:8, data:1
04-28 00:27:34.061 783 803 I libPowerHal: 8: legacy set freq: 1989000 -1 2106000 -1
04-28 00:27:34.076 1383 1420 E system_server: Invalid ID 0x00000000.
04-28 00:27:34.077 1383 1419 W ActivityManager: Stopping service due to app idle: u0a216 -10s135ms com.flir.tiger/com.flir.monarch.media.MediaScanner
04-28 00:27:34.084 1008 1008 D Zygote : Forked child process 7648
04-28 00:27:34.087 1383 1426 I ActivityManager: Start proc 7648:com.flir.tiger/u0a216 for pre-top-activity {com.flir.tiger/com.flir.monarch.ui.MainActivity}
04-28 00:27:34.147 1579 1579 D ImageWallpaper: wallpaper visibility changes to: false
04-28 00:27:34.161 762 864 I hwcomposer: [DEV] 1024 0 0 0
04-28 00:27:34.162 762 864 I hwcomposer: [DEV] 0 741 0 0
04-28 00:27:34.162 762 864 I hwcomposer: [DEV] 0 0 470 0
04-28 00:27:34.162 762 864 I hwcomposer: [DEV] 0 0 0 1024
04-28 00:27:34.173 7648 7648 D FirebaseApp: com.google.firebase.auth.FirebaseAuth is not linked. Skipping initialization.
04-28 00:27:34.174 7648 7648 D FirebaseApp: com.google.firebase.crash.FirebaseCrash is not linked. Skipping initialization.
04-28 00:27:34.174 7648 7648 I FirebaseInitProvider: FirebaseApp initialization successful
04-28 00:27:34.177 762 864 I hwcomposer: [DEV] [DEV] (Send identity matrix)
04-28 00:27:34.187 7648 7673 I FA : App measurement is starting up, version: 15300
04-28 00:27:34.187 7648 7673 I FA : To enable debug logging run: adb shell setprop log.tag.FA VERBOSE
04-28 00:27:34.187 7648 7673 I FA : To enable faster debug mode event logging run:
04-28 00:27:34.187 7648 7673 I FA : adb shell setprop debug.firebase.analytics.app com.flir.tiger
04-28 00:27:34.196 762 864 I hwcomposer: [DEV] 1024 0 0 0
04-28 00:27:34.196 762 864 I hwcomposer: [DEV] 0 741 0 0
04-28 00:27:34.196 762 864 I hwcomposer: [DEV] 0 0 470 0
04-28 00:27:34.196 762 864 I hwcomposer: [DEV] 0 0 0 1024
04-28 00:27:34.200 7648 7648 I CrashlyticsCore: Initializing Crashlytics 2.6.8.32
04-28 00:27:34.207 7648 7686 W ContextImpl: Failed to ensure /data/user/0/com.google.android.gms/shared_prefs: mkdir failed: EACCES (Permission denied)
04-28 00:27:34.208 7648 7648 I CrashlyticsInitProvider: CrashlyticsInitProvider initialization successful
04-28 00:27:34.212 762 864 I hwcomposer: [DEV] [DEV] (Send identity matrix)
04-28 00:27:34.220 2428 2428 D GmsMeasureBrokerSvc: onBind: Intent { act=com.google.android.gms.measurement.START pkg=com.google.android.gms }
04-28 00:27:34.222 3179 3179 D GmsGcmRegister: onBind: Intent { act=com.google.android.c2dm.intent.REGISTER pkg=com.google.android.gms }
04-28 00:27:34.223 1024 1024 I netd : firewallSetUidRule(2, 10161, 1) <2.63ms>
04-28 00:27:34.227 1024 1024 I netd : firewallSetUidRule(2, 10160, 1) <1.74ms>
04-28 00:27:34.230 1024 1024 I netd : firewallSetUidRule(2, 10157, 1) <2.14ms>
04-28 00:27:34.233 1024 1024 I netd : firewallSetUidRule(2, 10151, 1) <1.85ms>
04-28 00:27:34.236 7648 7648 I ashmem : memfd: device VNDK version (28) is < Q so using ashmem.
04-28 00:27:34.277 7648 7648 D AndroidRuntime: Shutting down VM
04-28 00:27:34.277 7648 7648 E AndroidRuntime: FATAL EXCEPTION: main
04-28 00:27:34.277 7648 7648 E AndroidRuntime: Process: com.flir.tiger, PID: 7648
04-28 00:27:34.277 7648 7648 E AndroidRuntime: java.lang.UnsatisfiedLinkError: dlopen failed: cannot locate symbol "android_get_exported_namespace" referenced by "/data/app/com.flir.tiger-EcVVz9vk2XWvVymOtKJxOQ==/lib/arm64/libvndksupport.so"...
04-28 00:27:34.277 7648 7648 E AndroidRuntime: at java.lang.Runtime.loadLibrary0(Runtime.java:1071)
04-28 00:27:34.277 7648 7648 E AndroidRuntime: at java.lang.Runtime.loadLibrary0(Runtime.java:1007)
04-28 00:27:34.277 7648 7648 E AndroidRuntime: at java.lang.System.loadLibrary(System.java:1667)
04-28 00:27:34.277 7648 7648 E AndroidRuntime: at com.flir.flirone.sdk.FlirOne.<clinit>(FlirOne.java:59)
04-28 00:27:34.277 7648 7648 E AndroidRuntime: at com.flir.flirone.sdk.FlirOne.registerDeviceCallback(FlirOne.java:341)
04-28 00:27:34.277 7648 7648 E AndroidRuntime: at com.flir.monarch.app.ForegroundApplication.onActivityStarted(ForegroundApplication.java:88)
04-28 00:27:34.277 7648 7648 E AndroidRuntime: at android.app.Application.dispatchActivityStarted(Application.java:406)
04-28 00:27:34.277 7648 7648 E AndroidRuntime: at android.app.Activity.dispatchActivityStarted(Activity.java:1238)
04-28 00:27:34.277 7648 7648 E AndroidRuntime: at android.app.Activity.onStart(Activity.java:1723)
04-28 00:27:34.277 7648 7648 E AndroidRuntime: at android.support.v4.app.FragmentActivity.onStart(FragmentActivity.java:614)
04-28 00:27:34.277 7648 7648 E AndroidRuntime: at android.support.v7.app.AppCompatActivity.onStart(AppCompatActivity.java:178)
04-28 00:27:34.277 7648 7648 E AndroidRuntime: at com.flir.monarch.ui.MainActivity.onStart(MainActivity.java:79)
04-28 00:27:34.277 7648 7648 E AndroidRuntime: at android.app.Instrumentation.callActivityOnStart(Instrumentation.java:1432)
04-28 00:27:34.277 7648 7648 E AndroidRuntime: at android.app.Activity.performStart(Activity.java:7847)
04-28 00:27:34.277 7648 7648 E AndroidRuntime: at android.app.ActivityThread.handleStartActivity(ActivityThread.java:3294)
04-28 00:27:34.277 7648 7648 E AndroidRuntime: at android.app.servertransaction.TransactionExecutor.performLifecycleSequence(TransactionExecutor.java:221)
04-28 00:27:34.277 7648 7648 E AndroidRuntime: at android.app.servertransaction.TransactionExecutor.cycleToPath(TransactionExecutor.java:201)
04-28 00:27:34.277 7648 7648 E AndroidRuntime: at android.app.servertransaction.TransactionExecutor.executeLifecycleState(TransactionExecutor.java:173)
04-28 00:27:34.277 7648 7648 E AndroidRuntime: at android.app.servertransaction.TransactionExecutor.execute(TransactionExecutor.java:97)
04-28 00:27:34.277 7648 7648 E AndroidRuntime: at android.app.ActivityThread$H.handleMessage(ActivityThread.java:2016)
04-28 00:27:34.277 7648 7648 E AndroidRuntime: at android.os.Handler.dispatchMessage(Handler.java:107)
04-28 00:27:34.277 7648 7648 E AndroidRuntime: at android.os.Looper.loop(Looper.java:214)
04-28 00:27:34.277 7648 7648 E AndroidRuntime: at android.app.ActivityThread.main(ActivityThread.java:7356)
04-28 00:27:34.277 7648 7648 E AndroidRuntime: at java.lang.reflect.Method.invoke(Native Method)
04-28 00:27:34.277 7648 7648 E AndroidRuntime: at com.android.internal.os.RuntimeInit$MethodAndArgsCaller.run(RuntimeInit.java:491)
04-28 00:27:34.277 7648 7648 E AndroidRuntime: at com.android.internal.os.ZygoteInit.main(ZygoteInit.java:940)
04-28 00:27:35.334 1383 5501 D AlarmManagerService: Kernel timezone updated to -120 minutes west of GMT
04-28 00:27:35.348 1383 6143 D AlarmManagerService: Kernel timezone updated to -120 minutes west of GMT
04-28 00:27:35.709 1090 1371 I 1090 1371 [sunwave-hal] : (711) 'healthMonitoringThread' enter.
04-28 00:27:35.710 1090 1371 I 1090 1371 [sunwave-client] : (90) ---8<---- TA LOG BEGINS ---------
04-28 00:27:35.710 1090 1371 I 1090 1371 [sunwave-ta-core] : (2869) 'sf_get_device_state' state:0008
04-28 00:27:35.710 1090 1371 I 1090 1371 [sunwave-client] : (107) --------- TA LOG FINISH ---->8---
Thanks for the info for the flir Camera,
It works fine with lineage OS 16 !
I want to add the info I got while doing it:
It does not work with all version of Andy Custom Lineage OS: I could not make it works with this one: lineage-16.0-20191017-UNOFFICIAL-treble_arm64_bvN.img.xz the lepton server had a seg fault.
I try with a lineage OS 18 , the lepton server worked but the application failed, I will look into it one day... maybe
I root my phone with magisk
I used a script to bypass SElinux and start the server when i want ( because i don't know if it wise to always have SElinux in permissive mode)
tylab said:
Thanks for the info for the flir Camera,
It works fine with lineage OS 16 !
I want to add the info I got while doing it:
It does not work with all version of Andy Custom Lineage OS: I could not make it works with this one: lineage-16.0-20191017-UNOFFICIAL-treble_arm64_bvN.img.xz the lepton server had a seg fault.
I try with a lineage OS 18 , the lepton server worked but the application failed, I will look into it one day... maybe
I root my phone with magisk
I used a script to bypass SElinux and start the server when i want ( because i don't know if it wise to always have SElinux in permissive mode)
Click to expand...
Click to collapse
thank u for the additional info!,so which version of lineage os 16 worked for u? iam on lineage-16.0-20191017-UNOFFICIAL-treble_arm64_bvN.img.xz and tried the author's steps but didn't work for me, also it'd be nice if u share with us the script u use to bybass selinux,thanks.
I want to report back some of my own success in regards to this thread. I have the camera working, but it's not a perfect solution and was wondering if you guys could assist me in checking what I could have possibly missed. I'm running it on the most current Lineage OS 18.1; I've compiled a version using the Treble ROM lineage-18.1-20210512-UNOFFICIAL-treble_arm64_bvS with Magisk as root (I also added MindTheGapps into it after some workarounds with the mounts, and had to register my device as an "unsupported device").
I followed the OP's guide to the T, and still couldn't get the app to even open. The logs revealed it was trying to call leptonServer, nulling out after five tries, and then crashing. Narrowed this down to being an issue with the /bin/leptonServer file itself being set as -rwx-r--r--, and changing it to -rwxr-x-r-x got the app to boot up. The only problem is, for the camera to actually start, I have to open a terminal session and start leptonServer from there, and I assume this has something to do with the SELinux policies in place. I've fought half the battle and got a version of sepolicy-inject set up to run (using the following policy: allow untrusted_app_27 default_android_service:service_manager { find }; (sepolicy-inject -s untrusted_app_27 -t default_android_service -c service_manager -p find (if this doesn't work for you, try doing logcat ServiceManager:V SELinux:V *:S to find the relevant SELinux policies that you need to apply, and follow the formulas))), but I figure this is still erroring out somewhere, since, after a restart, the only way I can get it working again is to go and disable SELinux using setenforce to 0 and then starting the server again using some sort of terminal. I also installed the MyFlir app as a system app.
I believe that part of the issue might be that I haven't properly added the SELinux policy, but I'm not entirely positive how I would go about testing this (I've more or less just gotten into the ROM building scene last week, but feel I have somewhat of an edge being a software developer for a living). I think if I boot into recovery I can grab the sepolicy file, but I'm not sure what else to do with it at this point.
The error I get when it's not running, aside from the PID is pretty consistent too:
05-31 19:19:06.814 372 372 E SELinux : avc: denied { find } for pid=20308 uid=10195 name=LeptonCameraService scontext=u:r:untrusted_app_27:s0:c195,c256,c512,c768 tcontext=ubject_r:default_android_service:s0 tclass=service_manager permissive=0
Hopefully, this helps someone to find the right answers before I can; I know I'll keep tinkering with it until I find the solution (I'm also attempting to overcome the CTSProfile/Basic failure in Magisk, which I plan to make a guide if I can find an answer).
I get the same error as @&00&V5yt$r2$E!n1IDUiJ9bF on Lineage18.1 - treble_arm64_bvS-userdebug
04-28 00:27:34.277 7648 7648 E AndroidRuntime: java.lang.UnsatisfiedLinkError: dlopen failed: cannot locate symbol "android_get_exported_namespace" referenced by "/data/app/com.flir.tiger-EcVVz9vk2XWvVymOtKJxOQ==/lib/arm64/libvndksupport.so"...
My leptonServer is working correctly and service runs from the start so it I feel this is related to the /system/app/myflir-bv2.3.6-release-signed.
Are you guys using a different version of the app?
Flir said:
I get the same error as @&00&V5yt$r2$E!n1IDUiJ9bF on Lineage18.1 - treble_arm64_bvS-userdebug
04-28 00:27:34.277 7648 7648 E AndroidRuntime: java.lang.UnsatisfiedLinkError: dlopen failed: cannot locate symbol "android_get_exported_namespace" referenced by "/data/app/com.flir.tiger-EcVVz9vk2XWvVymOtKJxOQ==/lib/arm64/libvndksupport.so"...
My leptonServer is working correctly and service runs from the start so it I feel this is related to the /system/app/myflir-bv2.3.6-release-signed.
Are you guys using a different version of the app?
Click to expand...
Click to collapse
I also used myflir-bv2.3.6-release-signed, pulled straight from the currently available 9.0 ROM.
For that specifically, if you are looking at the most recent ROM build available from Blackview, in the directory /system/system/app/myflir-bv2.3.6-release-signed, there is both the APK and a lib folder. I'd copy the lib folder over to your phone in that same directory; I think you're missing the dependencies from there.
If you already have those libaries in there, try the read/write settings on the folder too.
Hi bv9800 pro customers! Anyone tryed the magisk module in the thread https://forum.xda-developers.com/t/blackview-bv9900pro-magisk-modules.4331187/
to get flir worked on linage?
ilich79 said:
Hi bv9800 pro customers! Anyone tryed the magisk module in the thread https://forum.xda-developers.com/t/blackview-bv9900pro-magisk-modules.4331187/
to get flir worked on linage?
Click to expand...
Click to collapse
Hi ilich79
I tryed the magisk module for BV9900pro.
I have installed it manualy to improve my understanding.
First, selinux block as always :
E/SELinux ( 338): avc: denied { find } for pid=18411 uid=10175 name=LeptonCameraService scontext=u:r:priv_app:s0:c512,c768 tcontext=u:object_r:default_android_service:s0 tclass=service_manager permissive=0
After enforce selinux and relanch the leptonServer.
Application launch completly but the camera send only the first image and block after that
So, i replace the leptonServer by the old one and retry.
Finally it works fully.
I someone know how to correctly set the selinux policy for this app ? I will be graceful
May be this can help?
[MODULE] SELinux Mode Inverter (Advanced SELinux Mode Changer)
It Is Now A Part Of The Main Module Of MultiFunctions & Its Thread https://forum.xda-developers.com/apps/magisk/module-multifunctions-bootloop-t3933386. Introduction: Simple Module To Invert The Default Android SELinux Mode During Startup ([From...
forum.xda-developers.com
Flir said:
I get the same error as @&00&V5yt$r2$E!n1IDUiJ9bF on Lineage18.1 - treble_arm64_bvS-userdebug
04-28 00:27:34.277 7648 7648 E AndroidRuntime: java.lang.UnsatisfiedLinkError: dlopen failed: cannot locate symbol "android_get_exported_namespace" referenced by "/data/app/com.flir.tiger-EcVVz9vk2XWvVymOtKJxOQ==/lib/arm64/libvndksupport.so"...
My leptonServer is working correctly and service runs from the start so it I feel this is related to the /system/app/myflir-bv2.3.6-release-signed.
Are you guys using a different version of the app?
Click to expand...
Click to collapse
I get the same error, @QuentinX5 : Did you use a different version? Would be nice to have a Lineage upgrade.
Regarding the problem with the MyFlir camera app: I had the same problem (unable to read camera files). I looked everywhere. I mean, everywhere trying to find an answer. There's also a video on youtube with comments suggesting flashing the APD.BIN file (I did not try). I even translated different language websites. Finally, I contacted the BV customer support and their reply was the classic (clear the app cache), which doesn't work at all and not just for me. I tried to get the APK file from the image and installing it which didn't work either.
Here's the simple magic solution that kept me trying for a week, and no one wrote it anywhere:
There's a folder named (com.flir.tiger) inside the Android folder in the phone storage with the contents:
com.flir.tiger\files\iron
com.flir.tiger\files\CameraFiles\system\calib.rsc
com.flir.tiger\files\CameraFiles\system\maps\ds_we_ap_fi_le_LCFMap.fff
Just copy the folder from another phone and paste it on your phone, and that's it!
thelaseman said:
Regarding the problem with the MyFlir camera app: I had the same problem (unable to read camera files). I looked everywhere. I mean, everywhere trying to find an answer. There's also a video on youtube with comments suggesting flashing the APD.BIN file (I did not try). I even translated different language websites. Finally, I contacted the BV customer support and their reply was the classic (clear the app cache), which doesn't work at all and not just for me. I tried to get the APK file from the image and installing it which didn't work either.
Here's the simple magic solution that kept me trying for a week, and no one wrote it anywhere:
There's a folder named (com.flir.tiger) inside the Android folder in the phone storage with the contents:
com.flir.tiger\files\iron
com.flir.tiger\files\CameraFiles\system\calib.rsc
com.flir.tiger\files\CameraFiles\system\maps\ds_we_ap_fi_le_LCFMap.fff
Just copy the folder from another phone and paste it on your phone, and that's it!
Click to expand...
Click to collapse
Hi do you think your solution works for all lineageos releases? If I change the stock rom I was thinking on putting release 19.1
thelaseman said:
Regarding the problem with the MyFlir camera app: I had the same problem (unable to read camera files). I looked everywhere. I mean, everywhere trying to find an answer. There's also a video on youtube with comments suggesting flashing the APD.BIN file (I did not try). I even translated different language websites. Finally, I contacted the BV customer support and their reply was the classic (clear the app cache), which doesn't work at all and not just for me. I tried to get the APK file from the image and installing it which didn't work either.
Here's the simple magic solution that kept me trying for a week, and no one wrote it anywhere:
There's a folder named (com.flir.tiger) inside the Android folder in the phone storage with the contents:
com.flir.tiger\files\iron
com.flir.tiger\files\CameraFiles\system\calib.rsc
com.flir.tiger\files\CameraFiles\system\maps\ds_we_ap_fi_le_LCFMap.fff
Just copy the folder from another phone and paste it on your phone, and that's it!
Click to expand...
Click to collapse
Hi, I'm trying to get the flir camera working on lineage 19.1 can @thelaseman gime me the file you write about? beacause I don't have another phone to copy from.
Thanks
Max
max74926 said:
Hi, I'm trying to get the flir camera working on lineage 19.1 can @thelaseman gime me the file you write about? beacause I don't have another phone to copy from.
Thanks
Max
Click to expand...
Click to collapse
If you are still looking for it I might be able to extract these files for you.
@thelaseman @QuentinX5
Is anyone still using a BV9800 Pro with a Lineage ROM? What version are you on, what specific build did you install, did you encounter any specific issues, were they fixable and how?
Not asking for a full guide (wouldn't mind of course ) but before I start messing with what is currently my daily driver I'd like to know if anyone else was successful with a certain version. Particularly interested if any newer versions have also ended up working with the FLIR-camera.
Hi @dj__jg,
I use the attached files for lineage 19.1 GSI (https://forum.xda-developers.com/t/gsi-12-lineageos-19-x-gsi-a64b-64b.4358041/).
My camera calib is wrong (the thermal camera is upside down.) so I don't push the calib file here, if you have a good one, i'm interested.
I don't have fixed the selinux error for the moment, so just disable it went you launch the '/system/bin/leptonServer'
I missnamed the attached file, it's for BV9800 pro
I suddenly feel very stupid, I just realised I've gotten confused about my phones model number
I actually have a Blackview ninethousandninehundred pro, not 9800. I either had a brainfart or made a typo as I was searching if anyone had managed to use a recent Lineage ROM on it and accidentally ended up on this thread and didn't notice.
Luckily I didn't upload my calib file etc here, or someone could have gotten very confused. I think I will try to run a GSI build at some point, but when I have some more spare time/don't need this phone every day. The information about the com.flir.tiger folder is still very handy because it is the same on my model, I hope the same tactics will work to get the FLIR working in a GSI build.
(Wrote out the model number in text so other people googling the model number won't end up confused on this thread without even making a typo)
It's my bad i missnamed my file, it's 9800 pro not 9800 (who don't have thermal camera)
This includes the camera, chrome as well as the default file browser. I would say pretty much anything stock doesn't work. I am rooted on newest Android with Ketan ROM. While checking various logs I found some messages for this happening:
Some verbose logs from LSPosed:
Early in the logs:
java.lang.NullPointerException: Attempt to invoke interface method 'void android.os.IBinder.linkToDeath(android.os.IBinder$DeathRecipient,int)' on a null object reference
W/System No compatibility callbacks set!
Not sure for which app:
neither user nor current process has android.permission.cache_content
When camera crashes:
java.lang.RuntimeException: fail to create directory :/storage/emulated/0/DCIM
Some lines found in logcat:
01-24 20:54:59.638 8878 8878 E DBManager: query: mDBAdapter is null. please init first.
When browser fails to download file:
01-24 19:41:38.415 16215 16329 E cr_DownloadCollection: Unable to copy content to pending Uri.
01-24 19:41:38.415 16215 16329 E cr_DownloadCollection: java.io.FileNotFoundException: open failed: EACCES (Permission denied)
01-24 19:41:38.415 16215 16329 E cr_DownloadCollection: at android.database.DatabaseUtils.readExceptionWithFileNotFoundExceptionFromParcel(DatabaseUtils.java:151)
01-24 19:42:17.636 16215 16339 W cr_ContentUriUtils: Cannot open content uri: content://media/external/downloads/1000000307
01-24 19:42:17.636 16215 16339 W cr_ContentUriUtils: java.io.FileNotFoundException: open failed: EACCES (Permission denied)
Some other denials:
01-24 19:28:30.861 1313 1313 W ExtconUEventObserver: Unable to read /sys/devices/platform/10ab0000.displayport/extcon/extcon0/cable.1/name. This probably means the selinux policies need to be changed.
01-24 19:28:30.861 1313 1313 W ExtconUEventObserver: java.io.FileNotFoundException: /sys/class/extcon/extcon0/cable.1/name: open failed: EACCES (Permission denied)
Several of this:
01-24 19:29:10.933 4113 10177 D IPM : Failed to open stream '/sys/devices/system/cpu/cpu0/online' in mode 'WRITE': Permission denied
Any ideas please?