New Linux TCP side-channel attack - Samsung Galaxy S Relay 4G

Last week they announced a new TCP side-channel attack against the Linux networking stack. I believe the fix is already in the mainline kernel, though I have no idea when it will be back-ported to the kernel used by Android, and especially no idea IF it will be ported to the KitKat kernel, which is what we seem to be stuck with on the Relay.
In the meantime, there is a mitigation that can be applied by setting /proc/sys/net/ipv4/tcp_challenge_ack_limit to something much bigger than the default "100". Normally on a Linux system this is set in "/etc/sysctl.conf", but I see that my Relay does not have that file. I've done a little searching and see that others have tampered with the file, perhaps on other ROMs, primarily for power tuning.
Does anyone here know anything more about /etc/sysctl.conf on the CM11 as used by the Relay>

I'm still running a stock Android 4.1.2 ROM.
BusyBox and Toybox each include a sysctl tool — but not a sysctl.conf file. If you use the sysctl binary to make a change, I don't think it'll persist across reboots.
Did your ROM ship with a /system/etc/sysctl.conf file? Could you create one? If you add a line to it and reboot, does the option in the file get successfully loaded into RAM?
Your question isn't really so specific to the Galaxy S Relay. Maybe post a question elsewhere and provide us with a link to that question?

No, "/system/etc/sysctl.conf" does not exist. I wasn't even able to get into "/system" without root, but with it I did. I tried:
echo "net.ipv4.tcp_challenge_ack_limit=999999" >/system/etc/systcl.conf" and got the error that it was a read-only filesystem.
Next question... What's up with "/etc" and "/system/etc"? I've always seen the former on Linux, but I've seen references to the latter on Android, and found both to exist on Android. Many of the Linux-isms I've grown accustomed to seem to exist in multiple places under multiple names on Android. Is there a simple explanation to this somewhere?

Related

[Idea] Rom deployment / setup scripts for ROM developers

I'm thinking about creating an application ( based on GScript ) that allows Rom developers to add the ability for rom developers to run shell scripts after the actual rom is flashed and to allow the user to run some rom-specific scripts.
I don't know if there is any need for this by any of the devs, but i have seen TwistedUmbrella used GScript Lite to add some scripts to his build, so that people don't have to ask the same question on how-to run the scripts ( and commands ) over and over.
Although GScript can be easily used for it I think that a special project could offer much more then this and the actual output can be a lot user friendly when its less generic ( i have done the same for the LucidREM script application which can be found in the market ).
And maybe the ability to run some scripts when the actual rom is started the first time after flashing etc.
If you think this could be useful in rom deployment or you have ideas/feature requests etc please drop a post so i know if its worth the work.
like UC
Kinda like UC for windows mobile (I said kinda)? I suppose it could have its uses. First thing that comes to mind is automatic restoration of sms, wep settings, etc.. after a wipe. One thing I like about the g1 is it so easy to build and customize your own builds in comparison to winmo (from a development standpoint). Well, depending on how you look at it I guess.
Curiously, If a function or program like this existed already, what uses would you get from it.
Edit)
I suppose it could be useful afterall. I drew a blank when I initially read your post because everything I run from a script or terminal for that matter is because I'm not behind a computer. If I'm gonna modify something it can be implemented in the update.zip before flash ect.. but if I'm flashing a new rom and I want the dalvikvm updated, louder sound mod, Odex optimized, etc to be done from the first boot I guess it'd be cool. But usuall i'd implement it in an update.zip. I donno I don't think I'm thinkin creatively enough about its uses.
We could create an easy way to backup/restore sms mms bookmarks etc, which can be started before updating and which will run to restore when the image is flashed.
Automatically create the apps2sd settings etc after a flash.
Or even create "smaller"-distributions which asks if the user wants to download extra applications after reflashing...
We could even incorporate google source projects so that users can look for and report issues from within the app for the given distribution.
An easy way to bring out small updates without users having to reflash or have to do manual stuff
Just shooting out some ideas....
I love this idea, I'm a huge supporter for GScript so this only seems natural. Since I use gscript after wipes/loading custom roms ANYWAY it'd be awesome if the process was automated. Chances are people are going to want to restore previous settings and info when they load new roms. I hope more Rom devs see this. So mildly bumping for notice.
Eventually user support will be deciding for developers to use it or not...
I will have a test application finished in a few days.
I will post the first screenshots tomorrow if i will find some time...

Understanding Android platform in a nutshell (in layman's terms)

System.out.println("Hello peoples");
==>The purpose of this guide is to help people who don't know anything about programming,aren't modders,guys with knowledge about technology.
==>Initially I loved computers and their capabilities and have a little knowledge on the C and Java languages and just how computers (think).
You have to understand that computing tries to emulate human behaviors on how to solve problems.This is where programming kicks in.
So what is Android?
===================
1)Android in general is an operating system that was meant to run on mobile devices e.g. cell phones
and has expanded to tablets and notebooks.Android is divided into three language groups:
a)the system's framework and apps are written in java.
b)the Android's core [kernel] is pure C -language.
c)the Android's libraries are written in C++.
App libraries are called by apps that need more functionality that java can't provide.These are usually plugins like
decoders e.g. ffmpeg libraries that are used in video decoding,flash-players e.t.c. Here,java native methods are used and the android NDK platform
is used to enable the java apps call these libraries during execution.(Please read further on Android SDK,NDK and Jni).
So what happens when you have just flashed that new Rom.
====================================================================
First you have to understand that cell phones have their own embedded firmware not including the recovery and you will see why.
a)the recovery partition can be flashed to install aftermarket recovery roms.So even if you mess your recovery,you can still install again.(This varies with different phones).
b)their is that system chip which you cannot touch and there is a reason for it.Think of this partition like a PC BIOS.If you mess with your bios
your system is toast aka Bricking the system.Since phones are classed as embedded systems,manufactures don't want people messing with it as it would result into
cryptic errors and system vulnerability.
when the on button is pressed something simple yet complicated happens:
1==>The kernel which is compressed to save space usually in a (zImage) format is deflated or expanded.Since your NAND chips are partitioned,the kernel is given a very
special chunk in which is protected from user data.
2==>The kernel finds which base address it needs to start executing e.g.(0x00200000) and mostly when you put a wrong kernel base
address your phone enters into a boot-loop because arguments are being passed to invalid locations.It is important to know where your kernel base address
starts.You can try looking it up in your kernel sources(try searching for the mach msm folder and into the makefile) or just goggle it up or use Xda-Kitchen.
3==>with the correct kernel base address,execution starts.Usually the (init.rc) file in the (ramdisk folder) gives symlinks and creates structures i.e. folders that will house
modules and sets the correct paths to android files and framework.
4==>After arguments have successfully been passed,the handles are now passed to Android.Basically Android checks for (init.d) scripts that are available
this is true to GingerBread and Cyanogenmod 7.After that audio checks are done followed by camera services and then arguments are passed to (core.jar),a
critical framework file which is huge around 50Mb in size in CyanogenMod 7.
5==>Here the DalvikVM (Dalvik virtual machine) is called and the process of optimizing your system files starts.The framework get optimized first as this contains critical
code needed to run your device.Then your flingers and renderers and called.This are engines used by android e.g. (pixelflnger) which is used in touchscreen.
Your system's sensors are usually started around this point (your compass,light sensors e.t.c)your phone apps e.g. contacts,calendar get optimized around this point
and depending on the number of apps your manufacturer installed,it will take some time.
6==>your network get's activated around this point and is probably the time the capacitive buttons and lights on your gadget light up.This is usually a good indication
that your system has loaded.When your bootanimation ends the handles are passed to activate your home launcher.There is usually still a lot of activity going
on to fully ready your system and this is why if you try to use it immediately especially on low-end phones,your system lags or get (not responding) errors.
common misconceptions
=====================
1==>There is are reason why goggle gave minimum specifications needed to run Android because this is a full operating system(OS) unlike the past relic
phones that ran on 50MHz processors.
2==>please don't complain that some of your Ram is not the same as specified on the phones catalog(e.g. you have 256Mb of Ram but in the task manager it indicates you have 179Mb).
There is a reason to it.There are core processes that eat a chunk of your Ram and are hidden so that you don't try silly stuff like trying to kill them in thinking that your are trying to get more memory.
Think of it like this,it's like trying to kill (services.exe or svchost.exe) processes in Windows.You will just be trying to get system hangs,bluescreens
or just a system crash.
Will Add more info later.Please feel free to correct anything i might have not addressed properly or share your views.
Happy modding.
Kernel topic
============
In simple terms,the kernel is the core of any operating system e.g. windows, Mac,or any Linux distro like Ubuntu and Android.Android kernels come mostly
in the form of a compressed kernel (zImage).The kernel is written in pure C-language,which gives it direct access to memory and registers unlike java
which has to pass through the java VM(virtual machine).This makes code written in C-language to be very fast and robust but also dangerous.
==>Many Androids in the eclair regime ran on kernel 2.6.29. This was not a complete kernel and as by my experience there was alot of code missing from it.
2.6.29
======
==>a lot of androids did not have adb functionality due to the framework being embedded to allow USB mounting to PC.This was a very rigid method
of doing it(also a very old method).
==>In the case of other devices, when viewing the internal task manager,many processes were viewed as (0.00) byte files.In essence you could not determine
the amount of RAM your app was taking.This is true in the case of huawei u8120.
==>In the case of shutting down the phone,even in some cases under load,it did so very fast.It killed threads and handles mercilessly. Many people misunderstood
this concept and thought their phones ran faster as compared to 2.6.32 kernel.
2.6.32.9
========
Here there was a ton of improvements as developers and modders became more aware of support and tweaks.
==>Fixed issues like the internal task managers.It was now possible to accurately know how much RAM your apps were taking.
==>Resolved how the android system shutdown.Instead of merciless killing of handles and threads still running,it killed them appropriately.This is why
when shutting down your system takes a while.You can use adb to see these events.
==>Usb mounting to pc was also made somewhat generic and flexible across many devices.
==>It did change some methods on how the camera is being accessed mostly in eclair,donout and earlier versions of android phones.This issue made
cameras not function.
==>wifi methods were also changed and developers and modders had to re-write their code to allow compatibility.
==>This was also the year of many froyo phones and overclocking was a common thing.
extra notes
===========
During eclair era,many developers were in such a hurry to produce new android phones every few months that they never even thought of long-term support
to newer versions of android that would come much later.This is where i have to praise Iphones for standardisation of its OS across all of its devices.
==>If you try to copy paste code from 2.6.32.9 and paste it into 2.6.29 and expect it to work then expect tons of errors when compiling.The (g_android)
module was properly coded into 2.6.32.9 so if you try enabling it an older kernel,expect errors.
==>If you are a modder and looking to buy a new phone,please see if it has a fan base of coders or support.Avoid buying phones where you will not get
any support from the manufacturers or other devs e.g Huawei Technologies.This company sucks alot.After they produce a phone they forget about you the customer
so you will have to handle the upgrades all by yourself.
Do not use this command (make -i)when compiling kernels.It will skip errors and you may smile after it's finished but the end is just a tragedy.your kernel is bound
not to function properly or even function at all.
Happy modding.

[R&D] [DEV]init.d scripts included in roms

Been looking at some roms here on xda and realizing that the devs are mostly
Either not including much in their roms, or including lots, and even duplicating some.
Personally these have been a way to add complete user-level customization in my roms
My question is simple, ive started on a HTC varient of one of my roms and have to make my init.d scripts more universal, which was an objective anyways
Would the DEVS here like an extensive set of user configurable scripts?
Controlling TCP settings, various kernel, vm, On/off for many aspects, custom cfg/log dir, etc.
Basicly pop em in, reboot, edit the cfg, reboot find the settings you like, package em with your cwm zip and have it completely configured no more fumbling with bash xD
No matter how easy it is
I wrote it as basic as possible for compatibility, which broke one part but should have it fixed when i get a working runtime for it xD seems to work on sky ics build and a few others..
First boot after injection only creates default folders and stock config and sets permissions on them. User level customization is key here
Basis is simple:
Create bash style cfg including user variable
Load said cfg in required script
Inject user settings
To no use a setting, remove either cvar or entire line from cfg
The runtime i need if sum1 can paste is zipalign would b nixe
If your intererested just lemme know..

[Q] Build.prop variables

Hello everyone.
I was just curious as i'm trying to explore the build.prop variables a bit (and maybe some other files if they exist on Android, i know there are tons of released "tweak" packages out there, but i would like to study a bit myself.
Is there a full-list somewhere of all the variables for tweaking or some explanation on what each variable does (like a wiki), i use Cyanogenmod 13 and i think these have it's own custom CM-variables too?
It's mainly for gaming purposes (CPU/GPU Rendering variables). i would like to test to see if it makes a difference.
where are the variables located? (are they pre-programmed or listed in a certain file for example?).
I have a rooted HTC One M8 (Vodafone) (S-On) with CM13 Nightly and latest TWRP Recovery.
Trackah123 said:
Hello everyone.
I was just curious as i'm trying to explore the build.prop variables a bit (and maybe some other files if they exist on Android, i know there are tons of released "tweak" packages out there, but i would like to study a bit myself.
Is there a full-list somewhere of all the variables for tweaking or some explanation on what each variable does (like a wiki), i use Cyanogenmod 13 and i think these have it's own custom CM-variables too?
It's mainly for gaming purposes (CPU/GPU Rendering variables). i would like to test to see if it makes a difference.
where are the variables located? (are they pre-programmed or listed in a certain file for example?).
I have a rooted HTC One M8 (Vodafone) (S-On) with CM13 Nightly and latest TWRP Recovery.
Click to expand...
Click to collapse
1)Pls make a backup first:silly:
https://www.viraltecho.com/build-prop-tweaks-for-jellybean-kitkat-lollipop-android-smartphones/
Thanks, i also have found this one (which is a bit more recent with Marshmallow 6.0.1).
https://irisbuddies.blogspot.com/2016/06/best-build-prop-tweaks-for-android.html

I have an issue. I do not know if my code modification or my device is to blame.

Info:
my device is rooted (fully) and my phone consist of Supersu, Nethunter terminal, bcmon, Reaver.
(below are the codes i modified for my device)
The history
when I first started running reaver i would receive many errors; [...not found] [...can't enable] [...can't change permissions (appearently you can't change permissions within sdcard folder... anyways, moving on.)]
[...no internet connection found]
my point is after looking at the custom scripts I had installed (with notepad++) i noticed that the actual scripts were the big issue. so I started changing things one by one in-order to not mess-up everything. yeah sure, I made some errors that made things last longer- way longer than normal. Nevertheless, at some point I actually started making things better and slowly started knocking down those errors!! until i hit the 'test' button and sure enough
"Cannot link executable... libfake_driver.so is 32 instead of 64.... only PIE are supported."
Truth Be Told
as you might can tell from the kind of question I'm asking, I am not an expert.
And I understand these kind of questions comes with others looking at the questioner as annoying- and with the thought of 'these beginners just want everyone to give answers instead of learning themselves...' It's NOT COMPLETELY wrong, since now days a comment like such is ... pretty much true-
So i'll say this: Not Every One Is The Same.
I am a programmer. my programming is mostly within game design/ game development so if more coding is needed to solve my issue at hand, then let me know and please (at the lease) point me in the right direction.
if I need to google something, please clarify what to search. For I am just one person, so it is possible I haven't thought of something to type in- however, that does not mean I haven't type MANY searches in already.
The Question
Am I able to use Rfa and bcmon on nexus 5x, and if so, then what is needed to get my phone operating (the app(s)) correctly? This is the complete error i am receiving in RfA.
CANNOT LINK EXECUTABLE: "/system/app/bcmon/assets/libs/libfake_driver.so" is 32-bit instead of 64-bit page record for 0x7f98e8c010 was not found (block_size=64)
error: only position independent executables (PIE) are supported.
My Done Work
with the rfa settings you can choose to use custom scripts the following shows the scripts i used and it's placement.
these scripts i had to modify to get the device's errors fixed ( not all though )
Activation Script:
#!/bin/bash
svc wifi disable
LD_LIBRARY_PATH=/sdcard/bcmon/assets/libs
LD_PRELOAD=/data/sdcard/bcmon/assets/libs/libfake_driver.so sh
cd /sdcard/bcmon/assets/tools
./enable_bcmon
echo “rfasuccess”
exit
Warm-up Script
#!/bin/bash
LD_LIBRARY_PATH=/sdcard/bcmon/assets/libs
LD_PRELOAD=/sdcard/bcmon/assets/libslibfake_driver.so sh
cd /sdcard/bcmon/assets/tools
Stop Script
#!/bin/bash
svc wifi enable
echo “rfasuccess”
Will you care to help me?

Categories

Resources