search

AdguardTeam / adguardcert

Magisk module that allows using AdGuard's HTTPS filtering for all apps
https://adguard.com/
MIT License
336 stars 22 forks source link

Android 14 support #45

Closed sfionov closed 1 year ago

sfionov commented 1 year ago

Problem and solution

Android 14 changed the place of system certificates from /system/etc/security/cacerts to /apex/com.android.conscrypt/cacerts. The benefit is that APEX may be installed independently from system.

But there is a problem - Magisk does not inject module files into /apex directory.

So we do not rely to Magisk file injection and instead use our own tmpfs clone.

Thanks to blog of "HTTP Toolkit" for some ideas, even though our solution is slightly different.

Why module copying and other magic should be done in post-fs-data boot phase?

In last Android releases, there are mount namespaces, that are cloned for every process, so it is difficult to setup bind mounts after system boot. So any interventions should be done before boot phase (on post-fs-data phase).

Resolves #32

aussiebro commented 1 year ago

I think you had written the update wrong. I added the text to my post fs data file and zipped the module and reflashed and it didn't work. I looked through postfs data and changes the directory lines from

Clone directory into tmpfs

mkdir -p /data/local/tmp-ca-copy
mount -t tmpfs tmpfs /data/local/tmp/tmp-ca-copy
cp -f /apex/com.android.conscrypt/cacerts/* /data/local/tmp/tmp-ca-copy

To

Clone directory into tmpfs

mkdir -p /data/local/tmp/tmp-ca-copy/
mount -t tmpfs tmpfs /data/local/tmp/tmp-ca-copy/
cp -f /apex/com.android.conscrypt/cacerts/* /data/local/tmp/tmp-ca-copy/

Use must have miss written it. The module now works for me on a14 newest beta.

I found out from the log file it said the folder wasn't found tmp copy ca

sfionov commented 1 year ago

@aussiebro Thanks! It worked for me because /data/local/tmp/tmp-ca-copy was already existed

aussiebro commented 1 year ago

here is the updated zip for any one that doesnt know how to update the module https://drive.google.com/file/d/1G9jPQWUnNHxwrXz3FS0BGFB4rEBHFWe2/view?usp=sharing

not sure if its aloud. i can remove though if asked though.

edit i see your updated script removed the old folder cool i didnt think of that my upload doesnt include that line i am actually abit of a noob to magisk scripts. i just manually deleted that folder with a root explorer.