Android N and new SELinux configuration. - Nexus 5 Developer Discussion [Developers Only]

First of all, I don't have a Nexus 5, but I have a Galaxy Tab Pro 8.4 with the same SoC and I think the N5 has the same issues with the new SELinux policy.
I'm having issues building Android 7.0 because of this SELinux rule: allow mediaserver system_file:file execmod;
Which is also needed on the N5.
Code:
# Grant access to Qualcomm MSM Interface (QMI) audio sockets to mediaserver
qmux_socket(mediaserver)
unix_socket_send(mediaserver, camera, camera)
unix_socket_send(mediaserver, mpdecision, mpdecision)
# Permit mediaserver to create sockets with no specific SELinux class.
# TODO: Investigate the specific type of socket.
allow mediaserver self:socket create_socket_perms;
[B]# For text relocations in /system/vendor/lib/libmmjpeg.so
allow mediaserver system_file:file execmod;[/B]
https://github.com/CyanogenMod/andr.../blob/staging/cm-14.0/sepolicy/mediaserver.te
When I try to build with it uncommented I get a neverallow error. The same rule is applied to other modules, so if I comment it out I can successfully build and boot, but many things don't work.
I don't know much about SELinux and I haven't found a way to bypass this rule without disabling SELinux. Maybe in this subforum someone can help me since there are already Nougat ROMs for the N5.
Thanks.

The sepolicy in bold was for text relocation as it commented. Bionic linker in Nougat has disallowed this feature, that's, all libraries must contain no text relocation section. So it was officially deprecated even in CM codes.
If you just want to bypass the build error, comment out disallow policy in externel/sepolicy to fix up the conflicts. But if you're wondering to get libmmjpeg.so working, go allow text relocation in bionic or find out the proper prebuilts (see bullhead).
BTW, This library is just for jpeg deconding/encoding. And of course it's not related to 'many things'.

Related

Xposed API changelog / developer news

This thread is intended for module developers. Make sure you follow it (i.e. subscribe) to be informed about any API changes and additions.
I will announce changes before the release if they might make existing modules incompatible.
If you're interested in more details, you can follow the GitHub repositories:
https://github.com/rovo89/XposedBridge/commits/master
https://github.com/rovo89/Xposed/commits/master
https://github.com/rovo89/XposedInstaller/commits/master
Here you can also download the API jar file that you need to reference from your project. Make sure you read the development tutorial to understand how it works. Especially make sure that the classes are not included in your APK, but only referenced.
Note that I will only post the latest API version here to drive the adoption of updates.
This is on pretty short notice, but I have removed the method AndroidAppHelper.getActivityThread_mPackages(): https://github.com/rovo89/XposedBridge/commit/892ba9195da5516dd79f175ac95be2b313c8f8ca
It had been used internally some time ago. I scanned the modules which have been uploaded to the repository and didn't find any which uses this method.
Apart from that, I'm planning to make Xposed for command line tools (e.g. am and pm), implemented via IXposedHookCmdInit/initCmdApp(), optional and disabled by default. It is currently used only by App Settings (but unnecessary and therefore removed in the next version) and NFC LockScreenOff Enabler (I will contact the authors).
As the low usage shows, this feature is hardly needed, so there is no need to load Xposed every time such an app is started. It also avoids the additional log entries, which could be confusing for some users. Actually it is so rarely used that I might not even offer a setting in the UI for it, just a command file for experts. I will not remove it completely as it's useful for low-level framework development (I can quickly test whether my native code changes work without having to reboot).
Xposed 2.6 will bring support for replacing dimensions defined in code (instead of merely forwarding to your own resources): https://github.com/rovo89/XposedBridge/commit/48227c5b0a7ae3e3f81d76ad3bbaf017dc95614c
The new API will be published once that version is out. Until then, it would still be possible to make adjustments of the API. If you think anything should be changed, please let me know as soon as possible.
Ok devs, 2.6 beta1 is out, and so is the new API (version 52).
Here are the relevant XposedBridge changes to version 42 (internal changes/optimizations are not listed):
The resources API can be disabled via a debug setting in the UI. If your module implements IXposedHookInitPackageResources, it will not be loaded because it likely depends on this API. You can also check (but don't change) the status via XposedBridge.disableResources if you use the API in other ways.
Hooking abstract methods (including methods declared in interfaces) will throw an IllegalArgumentException now. The callback was never executed for them anyway. This change avoids debugging effort on your side because you will notice it immediately.
It's now possible to create a DimensionReplacement object and use it to replace "dimen" resources with values calculated at runtime. Previously it was only possible to forward such resources to your module. Example in the commit message: https://github.com/rovo89/XposedBridge/commit/48227c5b0a7ae3e3f81d76ad3bbaf017dc95614c
Removed AndroidAppHelper.createResourcesKey() methods and AndroidAppHelper.getActivityThread_mPackages() - weren't used by any module in the repository.
Fix delayed configuration update for forwarded resources. That's only of interest if your replacement resource contains variants for different qualifiers that might change at runtime (e.g. drawable-land/drawable-port). https://github.com/rovo89/XposedBridge/commit/1c81954e295cdda191cf8a1cf33d21d7c5ea334d
New findConstructorExact() / findAndHookConstructor() methods, similar to the one for methods: https://github.com/rovo89/XposedBridge/commit/a233fa0bc9499eadbe2efc0b49fc3f4a46264614
IXposedHookCmdInit is deprecated now, initCmdApps() won't be called anymore unless an undocumented file has been created. Only two modules used it, both got rid of it without any loss of functionality. This also averts situations like this where logging for tools like am/pm masks errors for Zygote.
Due to some internal changes, the constructor of XResources isn't called anymore (a good thing!), which breaks some features in App Settings (a not so good thing). That's because it relied on updateConfiguration() being called twice, so it could retrieve the package name in the second call and do its changes. A fix for that is on the way, using a new method (getPackageNameDuringConstruction()) added in the last minute, which returns the package name for a very specific situation. You will probably not need it.
Apart from that, there is now an official way to open a certain section in the installer:
Code:
Intent intent = new Intent("de.robv.android.xposed.installer.OPEN_SECTION");
intent.setPackage("de.robv.android.xposed.installer");
intent.putExtra("section", "modules");
intent.addFlags(Intent.FLAG_ACTIVITY_NEW_TASK);
startActivity(intent);
Possible values for "section" are currently: install, modules, download, logs, settings, about.
You can for example use this to send the user to the module section if you find out that your module isn't active yet. The best way to find out is something like that:
Code:
// in your Activity, call it to find out the activation status
private static boolean isModuleActive() {
return false;
}
// in handleLoadPackage()
if (lpparam.packageName.equals("your.package.name")) {
// don't use YourActivity.class here
findAndHookMethod("your.package.name.YourActivity", lpparam.classLoader,
"isModuleActive", XC_MethodReplacement.returnConstant(true));
}
Do NOT try to read - or even change - the internal files of the Xposed Installer to get this information or force your module to be activated. Not only can this break anytime, it will also be bad user experience and a security threat if your module is active without explicit selection in the app. You will probably see your app removed from the repository if you break the rules.
If you have any questions or remarks, please let me know. And if you haven't subscribed to this thread yet, make sure to do so now in order to stay up-to-date with new developments.
IllegalAccessException if you use reflection yourself
One additional change in the new version was the removal of a hack that nuked some access checks in Dalvik by making them return "true" every time. After some of the other internal changes, some of the processing that required this hack was no longer necessary. With some more refactoring, I was finally able get rid of this hack. That's good because it caused crashes on some badly built ROMs (incorrect smali hacks), but also in some rare cases in normal apps: https://github.com/rovo89/XposedInstaller/issues/89
However, some modules relied on the deactivation of these access checks. Now they get IllegalAccessExceptions when trying to access e.g. private fields or methods.
Does this mean that Xposed used to cause security issues on the whole system? After all, it meant that any app could access things that they couldn't access otherwise, right? So it destroyed Java's security system!
The answer is: No, that wasn't a security issue! The Java access check system is actually optional. When you get a field/method/class via reflection, you just need to call setAccessible(true) on it to disable the access check. Example in XPrivacy: https://github.com/M66B/XPrivacy/co...430849f#diff-a350382a0ec1158ad9769d07bd754a63
Note that this is only needed if you use reflection yourself, e.g. with getDeclaredMethod() / getDeclaredField(). The methods in XposedHelpers call setAccessible() on the result before returning it to you.
2.6 final comes with XposedBridge v54.
The only changes relevant for developers are the addition of XSharedPreferences.hasFileChanged() and XSharedPreferences.getFile(), and a fix for replaced animation/xml resources. If you're using the latter and want to avoid that someone with the buggy version 2.6 beta1 runs into issues with your module, consider bumping the minimum required Xposed version to 54.
In Lollipop, there were a few architectural changes in Android. I hinted one of them in the Q&A:
The most significant one is that the code for system services has been moved to a separate file. For most of the affected modules, this can be solved by a little refactoring (moving code to a different place).
Click to expand...
Click to collapse
In detail, this means: If you want to hook a system service like PackageManagerService, you can no longer do that in initZygote(). Instead, move your code to handleLoadPackage() and check for dummy package "android". Make sure you use lpparam.classLoaders when looking for classes and hooking methods. This way has worked in older Android versions as well, so you don't lose backwards-compatiblity.
I'll just repeat here what I wrote in the official announcement thread, as it'll be helpful for all module developers:
rovo89 said:
After a long time with mainly bug fixes, version 81 focuses on improvements for developers:
There is a proper API now. Previously, I basically published the sources of XposedBridge.jar, which included many internal classes/methods that modules shouldn't use. Hiding them makes it easier to find the correct methods to use and also makes it easier for me to change implementation details.
The API is published on Bintray/JCenter, so it's easy to use, especially with Gradle/Android Studio. Full explanations here: https://github.com/rovo89/XposedBridge/wiki/Using-the-Xposed-Framework-API
100% of the API are documented with Javadoc now: http://api.xposed.info/
Apart from that, downloads have moved to http://dl-xda.xposed.info/framework/ and are GPG-signed now. You can verify them against this key (fingerprint: 0DC8 2B3E B1C4 6D48 33B4 C434 E82F 0871 7235 F333). That's actually the master key, the files are signed with subkey 852109AA.
There are no real changes for end-users in this release, nevertheless I would recommend that at least developers test their modules with it.
Click to expand...
Click to collapse

chroot success: ? about Freedreno drivers

Hey everyone. Hope this is 'dev' enough.
I haven't seen anything anywhere about AT&T note3 chroots, other than AT&T N3 can not because of lack of boot loop. Anyway, I thought i'd mention that it works quite well with partition & Xsdl. I made a small post for the interested in the general forum.
To my question: has anyone tried the freedreno drivers? ~Github link~
I haven't been able to build it properly, it's missing some .o's. I have gcc working on my chroot.
I'm also having problems with pulse/alsa/gstreamer, I think it's a permission problem. The android audio user shows as aid_audio, but the dir /dev/socket/ shows as usr:Media/grp:audio and the socket is system/system. They're recognized as users in the chroot, but they're still unable to find get access to it. I couldn't get an alsa recording app on from playstore to connect to it either.
I'm kinda wondering if something funky with permissions after towelroot. I couldn't get su,chroot, etc to work properly until I got the system to recognize su as 'root' instead of uid:0. Once I got that everything for su started working? So, lost and confused. Ideas on what i'm doing wrong?
thanks!
I was able to build a kernel with DRM and KGSL DRM interface enabled, boot CM11 with it, open SSH in my Debian chroot, kill Android, and then attempt to run Xorg with the freedreno driver but I ended up getting a memory mapping error and a segfault.
The Note 3's panel is a command-mode DSI panel which means it will not automatically display what is written to /dev/graphics/fb0 like you would expect. Instead, you must call an ioctl (FBIOPAN_DISPLAY) to force a refresh of the display. The panel must be on for this to work. I'm not sure the exact sequence required to turn on the display but it involves opening /dev/graphics/fb0 and possibly mmap'ing it. If you use the fbdev Xorg driver it will turn on the panel, but you must then run a program to continuously send the FBIOPAN_DISPLAY ioctl to refresh it. This is non-accelerated and also seems to crash any GTK apps (only X11 basic apps like xterm worked, and even then the refreshing was glitchy).
I'm trying to tackle kexec-hardboot first because that will allow booting an entirely-Debian-focused kernel with the correct color mode and the DRM drivers and all. It will likely require some patches to the KGSL GPU code in the kernel, at least it did on my Note 1. Get on #freedreno on Freenode if you aren't already there, lots of knowledgeable people there to analyze logs and find patches. I got it working on my HP TouchPad and Note i717 with help from there.
Very nice, thanks!
I've only gotten fb to work on my nexus5.
Also thanks for the heads up on the freenode. Going to check it out.
Have you messed with sound at all?
Edit:
Wait, did you do this on a 900A? (I'm probably way behind times?)
N900T, so bootloader-unlocked. It will be doubly hard to do on the N900A since you'll have to compile as modules rather than just compile your own kernel, at least unless you guys get kexec (non-hardboot) working on the locked variants. You should be able to mess around with the framebuffer on the stock kernel just fine though, only the freedreno driver needs custom kernel changes.
I haven't messed around with sound at all. On my HP TouchPad I figured out how to use ALSA UCM files which set up the mixer controls. By default Android locks the sound devices so using them from a chroot while Android is running probably won't happen, but with Android out of the way you may be able to use them. I do know on the Note 1 and the HP TouchPad you have to load q6.xxx firmware files for the audio system to initialize during boot.
This file will be of interest when writing ALSA UCM files:
https://github.com/CyanogenMod/android_device_samsung_hlte-common/blob/cm-11.0/audio/mixer_paths.xml
I used the TouchPad's mixer_paths.xml file to write two UCM "verbs" - one to turn on internal speakers and one to turn on headphones. The UCM file basically sets the given switches to the given values and is basically just a reformatting of mixer_paths.xml. I was unable to find a mixer_paths.xml for the Note 1 and thus haven't messed with sound on it yet (it has to exist somewhere...).
CalcProgrammer1 said:
N900T, so bootloader-unlocked. It will be doubly hard to do on the N900A since you'll have to compile as modules rather than just compile your own kernel, at least unless you guys get kexec (non-hardboot) working on the locked variants. You should be able to mess around with the framebuffer on the stock kernel just fine though, only the freedreno driver needs custom kernel changes.
I haven't messed around with sound at all. On my HP TouchPad I figured out how to use ALSA UCM files which set up the mixer controls. By default Android locks the sound devices so using them from a chroot while Android is running probably won't happen, but with Android out of the way you may be able to use them. I do know on the Note 1 and the HP TouchPad you have to load q6.xxx firmware files for the audio system to initialize during boot.
This file will be of interest when writing ALSA UCM files:
https://github.com/CyanogenMod/android_device_samsung_hlte-common/blob/cm-11.0/audio/mixer_paths.xml
I used the TouchPad's mixer_paths.xml file to write two UCM "verbs" - one to turn on internal speakers and one to turn on headphones. The UCM file basically sets the given switches to the given values and is basically just a reformatting of mixer_paths.xml. I was unable to find a mixer_paths.xml for the Note 1 and thus haven't messed with sound on it yet (it has to exist somewhere...).
Click to expand...
Click to collapse
Great thanks! That explains a few things with the boot lock. FB has been a total no go for me. I read something about the type of display not working with it? I have no idea if that's true, and can't seem to find that information right now. (it worked great on the my note2). If someone has gotten success let me know! I'll check out the UCM once more. I did get ALSA working with debian on the note 1, so that's the first thing I tried. My Touchpad, I thought, worked right out of the box. (I miss that thing!)
I'll give it shot tonight and see what I get. thanks a lot to both of you.
The Note 3's panel is a command mode panel while the Note 1's panel is video mode. I'm not sure about the Note 2 as I don't have one but if it worked for you it was likely video mode as well. In video mode it works like you'd expect any display to work - the framebuffer memory is automatically drawn to the screen at a fixed refresh rate (60Hz). A command mode panel is different, the framebuffer is only drawn to the display when it is commanded to, and thus the software has control over the refresh rate of the display. I did a test where I found the section of code in the Note 3's kernel where it does the software refresh and stuck a printk in there. I had the kmsg printing out over SSH while I swiped the screen around in Android. Sure enough, the printout only happened when I moved my finger and caused the framebuffer to update, the screen completely stopped refreshing otherwise.
I'm still trying to find a good solution to this, especially in regards to running kexec-hardboot and the kexecboot bootloader GUI. I've been able to get kexecboot to display by sticking an FBIOPAN_DISPLAY ioctl into the framebuffer sync function that kexecboot calls after it updates the screen. This ioctl seems to force the display to refresh, but only if certain conditions are met (and I'm unsure what all these conditions are). I do know that the LCD (actually AMOLED but it's listed as LCD panel in the code) must be powered on, the framebuffer must be open (i.e. call the open() function to /dev/graphics/fb0 and get a file descriptor), and possibly memory-mapped as well (the code I was using as a software refresher had mmap, though it might not be necessary). This is another thing to go to #freedreno for, a user there (crondog) has been working on Freedreno on the 2013 Nexus 7 which also has a command mode panel and he's done some software refresher work.

SUPolicy Problem With Marshmallow

I want to connect to an abstract Unix domain socket owned by rild from within my app. This fails with
Code:
avc: denied { connectto } for pid=11492 comm=4173796E635461736B202332 path=0072736170 scontext=u:r:untrusted_app:s0:c512,c768 tcontext=u:r:rild:s0 tclass=unix_stream_socket permissive=0
With Lollipop a
Code:
supolicy --live "allow untrusted_app rild unix_stream_socket { connectto }"
fixed the permission, but no longer with Marshmallow. I still get the "avc: denied" message. When I switch SELinux temporarily to permissive I'm able to connect to the socket.
The new permission does show in supolicy --dumpav
As far as I understand it is always possible to add an SELinux permission. Was there some change in Marshmallow that breaks this rule? Am I simply doing something wrong? Or is it a bug in supolicy?
I'm seeing the same thing with a device file. I've allowed all permissions, but I still can't write to the file.
The only thing I can find is that there is a set of "neverallow" rules that may be preventing us from overriding some permissions. From what I've read, these rules are hard-coded into the policy at compile-time. If that's the case, we'd have to do a build from source to remove these restrictions.
I also suspected "neverallow", but as far as I understand they are only used at compile-time to remove contradicting allow rules. At least policy dumps don't show any "neverallow" rules.
I noticed that the untrusted_app avc outputs have security levels c512,c768 attached (whatever this means...). Maybe you have to specify a level in the "allow" rule?
Try:
Code:
supolicy --live "attradd rild mlstrustedsubject"
MLS is complicated, and as of yet supolicy does not support modifying (or even listing) anything related to MLS, other than adding/remove the mlstrustedsubject and mlstrustedobject attributes, which does not always have the desired effect.
Two things are noteworthy here:
(1) Things running as root are generally not bothered by MLS
(2) Regardless of MLS, you are trying to open up a hole where every 3rd party app can talk to the ril daemon. It should not take any explaining from my end that that is a spectacularly bad idea security wise.
What would be better, is if you write some code that can actually be run as root, which in turn talks to the ril daemon, so talking to the ril daemon remains shielded by first requiring root access.
Thanks for your answer. I did a quick check and it didn't make a difference. It's strange anyway: I only get 'audit' output in permissive mode, not in enforcing mode.
Of course you are right with your comment on security. My approach enables other apps to access rild unnoticed, which is no good idea. I simply was too lazy to write such a "gateway" code and thought tweaking SELinux was easier. I couldn't have been more wrong.
I only hope 'init' is able to open a 'rild' socket...

[MODULE] Disable Bluetooth HCI snoop log

I was very annoyed that for some weird reason my device kept writing to '/sdcard/btsnoop_hci.log' every bluetooth packet even though the option enabling this was disabled. While all I'm using is just a smart band I can imagine how big this file can become when using headsets...
I searched a bit and found that '/system/etc/bluetooth/bt_stack.conf' config causes that, 'BtSnoopExtDump' and 'BtSnoopLogOutput' variables to be precise.
This module forces values of these variables to false which disables this forced logging.
No idea if this is something that will work across all devices but I can say it will work on Xiaomi's MIUI based roms.
Compatibility: Magisk 14+
27-09-2017 - v1 - Initial version
This is an issue with the nextbit robin stock rom, i'll give it a shot. Thanks
edit: doesnt work with magisk v16
I've updated the module to set BtSnoopConfigFromFile=true, needed for the Nextbit Robin to use the modified config file. Requires Magisk v15+ (so I can include the new install script).
Also added a repo at:
https://github.com/trisk/btsnoopnope

New Xposed API Proposal

We are now working on the new Xposed API, which allows modules to get / set scope, to get framework info, and to store configs across apps without the embarrassing New-XSharedPreferences interface. The API library will be released to GitHub/libxposed and maven central after it is ready.
Now we are considering removal of resources hook in the incoming new API, so we need to know whether it is still needed or unreplaceable for some modules.
About why we want to remove this API: Resources hook is very hard to maintain and is even not fully supported now under some frameworks (e.g. Taichi). So even if we keep it, it will be maintain-only.
Old modules can still use this feature. We are just considering remove it in the new API.
You can vote at the LSPosed Telegram group or write your opinion here. Also we are glad to hear your suggestions about the new API.
@AndroidX @siavash79 @Dark_Eyes_ @firefds @David B. @Quinny899 @wanam
Just mentioning you guys since you're all active here on XDA. Please see the first post.
Regards,
shadowstep
Senior Moderator
Dr-TSNG said:
We are now working on the new Xposed API, which allows modules to get / set scope, to get framework info, and to store configs across apps without the embarrassing New-XSharedPreferences interface. The API library will be released to GitHub/libxposed and maven central after it is ready.
Now we are considering removal of resources hook in the incoming new API, so we need to know whether it is still needed or unreplaceable for some modules.
About why we want to remove this API: Resources hook is very hard to maintain and is even not fully supported now under some frameworks (e.g. Taichi). So even if we keep it, it will be maintain-only.
Old modules can still use this feature. We are just considering remove it in the new API.
You can vote at the LSPosed Telegram group or write your opinion here. Also we are glad to hear your suggestions about the new API.
Click to expand...
Click to collapse
Thanks for getting opinions
1. Xshared preferences interface overhaul is good news since it was always unstable for me. I personally switched to remote preferences API for AOSPMods
2. When going to systemUI and framework, it's sometimes very difficult and complicated to change some variable values through Xposed, specially with R8 code optimizations which dramatically limit the points we can hook into code.
There are two workarounds I know of, being Xposed resource hooking that can be also dynamic in runtime, or overlays, which being static, still limit the way we can change resources dramatically.
So, I'd really suggest keeping it in the API
siavash79 said:
2. When going to systemUI and framework, it's sometimes very difficult and complicated to change some variable values through Xposed, specially with R8 code optimizations which dramatically limit the points we can hook into code.
Click to expand...
Click to collapse
For R8 code optimizations, we introduced a new API to parse dex file, which allows modules to find methods/fields more accurately.
Anyway if we finally decide to keep resources hook API, do you have any suggestions on keeping/adding/removing specific methods of it or refine it to a more modern interface?
Perfect news.
About resource hooking, few things to note are that: it can't differentiate between different resource files, for example normal values vs landscape or dark/light values. It would be great if there's a way to push different values to different resource files.
Also, there are more limitations when talking about special resources such as themes. As an example, in AOSPMods, one of the reasons it's a magisk module instead of being a normal APK is that overlay files have to be used in cases that need modification of theme resources and that can't be done via resource hooking.
I personally love to get a more complete/flexible resource hooking API, but I completely understand if that's too much to ask. So even keeping it as currently is would be good enough
Thank you @shadowstep for bringing this to my attention!
Dr-TSNG said:
We are now working on the new Xposed API, which allows modules to get / set scope, to get framework info, and to store configs across apps without the embarrassing New-XSharedPreferences interface. The API library will be released to GitHub/libxposed and maven central after it is ready.
Click to expand...
Click to collapse
That's wonderful news, although I do not quite understand what you have against the new XSharedPreferences interface. I use it in my modules, and I've never had any issues with it.
Dr-TSNG said:
Now we are considering removal of resources hook in the incoming new API, so we need to know whether it is still needed or unreplaceable for some modules.
About why we want to remove this API: Resources hook is very hard to maintain and is even not fully supported now under some frameworks (e.g. Taichi). So even if we keep it, it will be maintain-only.
Old modules can still use this feature. We are just considering remove it in the new API.
Click to expand...
Click to collapse
I am not currently using the resources hook in any of my modules, so removing it would not impact me, but even so, I'm not a fan of the suggestion to get rid of it completely. I think that at the very least, it should be kept as maintain-only. It is unfortunate that it does not work with Taichi, but given that Taichi isn't a true Xposed implementation, I'm not sure that it's worth worrying about.
This looks great, I've been waiting for it since the initial issue talking about it. Prefs are always a pain to handle, and while the "new" method worked, I always preferred to use a Content Provider, which was nerfed in Android 12.
Really like the idea of setting the scope, it would be beneficial to the Xposed part of DarQ, the only suggestion I have is to make sure it includes some sort of "am I enabled?" check - currently I use self hooks (literally the module hooking itself and changing a method returning false to true) to verify it's enabled, but it doesn't seem to be foolproof as people sometimes still complain it doesn't work.
Quinny899 said:
the only suggestion I have is to make sure it includes some sort of "am I enabled?" check
Click to expand...
Click to collapse
Of course does, and the module app can get more info about the the Xposed state like it's under which framework and which version, and whether it is rootless or not without self-hooking.
You can view the detail here.
@shadowstep Thanks for the head up.
Glad to see a new api to manage configs across apps, shared prefs has been always painful to handle even with the new-xshared prefs.
I would suggest having an api to get the version name of scope's package, I'm aware of some workarounds that help get the version name, but it's not a reliable solution on the latest Android versions, this information is needed for logging/debugging purposes.
@Dr-TSNG thanks and keep up the good work.
@Dr-TSNG Thanks for new api I was wating for this api from more then 1 year coz when I build my first module (Android Faker) its was really pain in ass coz of Xsharedpreference after some research I found better solution which was remote preference but Quinny899 mention in Github issue that its not work in android 11 so after that I move to new Xsharedpreference which was introduce by lsposed team and its working great but its still create issue in some devices so I think it will be a better solution if we get it soon and I am not sure about resources hook coz I don't use it before .
The problem with xshared preferences is that if the apk is a system app it won't work for some reason. Only works on user apps
siavash79 said:
The problem with xshared preferences is that if the apk is a system app it won't work for some reason. Only works on user apps
Click to expand...
Click to collapse
Interesting. I use XSharedPreferences in a System Framework hook and haven't had any issues with it.
David B. said:
Interesting. I use XSharedPreferences in a System Framework hook and haven't had any issues with it.
Click to expand...
Click to collapse
Is your module installed as APK or as magisk module?
Try mounting it to system through magisk and preferences will stop working
siavash79 said:
Is your module installed as APK or as magisk module?
Try mounting it to system through magisk and preferences will stop working
Click to expand...
Click to collapse
It's installed as an APK. I misunderstood what you had said earlier. I thought you meant that the hook doesn't work when you try to use it on system APKs. I didn't realize that you meant that it doesn't work when the module is itself a system APK.
siavash79​Yeah I agree with this and in my testing if you set target sdk 23 its doesn't matter if its as system app or user its work without any issues but its not worth coz it have some other issues
Thank you for accepting the API invokeSpecial() !
Add invokeSpecial · libxposed/[email protected]
Fix #2
github.com
Implement invoke special and new instance special · LSPosed/[email protected]
LSPosed Framework. Contribute to LSPosed/LSPosed development by creating an account on GitHub.
github.com
Looking forward to the new API release.
Happy Chinese New Year!
I just want to see @M66B happy again
Somewhat unrelated, but is there any chance of seeing original Xprivacy return or compatibility? I think it's a lot better than Lua
lawrencee said:
Somewhat unrelated, but is there any chance of seeing original Xprivacy return or compatibility? I think it's a lot better than Lua
Click to expand...
Click to collapse
No. Xprivacy will never "return".
XPrivacyLua is the best ever

Categories

Resources