linsui
commented
4 months ago KernelSU is not on F-Droid, at least not in the official repo. The Magisk build metadata for F-Droid is maintained by me. If APatch agrees to be included, I can help.
Open d-RealMusic-b opened 6 months ago
linsui
commented
4 months ago KernelSU is not on F-Droid, at least not in the official repo. The Magisk build metadata for F-Droid is maintained by me. If APatch agrees to be included, I can help.
d-RealMusic-b
commented
4 months ago KernelSU is not on F-Droid, at least not in the official repo. The Magisk build metadata for F-Droid is maintained by me. If APatch agrees to be included, I can help.
I was mistaken, KernelSU is currently in the lzzyOnDroid F-Droid Repo. Thanks for your work, hopefully we'll see APatch in F-Droid too.
bmax121
commented
3 months ago I agree, if it doesn't inconvenience you too much.
bmax121
commented
3 months ago @linsui
linsui
commented
3 months ago I'll have a try. Looks like we need to build magisk first for these libs in https://github.com/bmax121/APatch/tree/main/app/libs/arm64-v8a. But it seems libmagiskpolicy.so is from a different version of magisk?
pomelohan
commented
3 months ago I'll have a try. Looks like we need to build magisk first for these libs in https://github.com/bmax121/APatch/tree/main/app/libs/arm64-v8a. But it seems libmagiskpolicy.so is from a different version of magisk?
Yes, it was a modified version, so that magiskpolicy can compatible with APatch
linsui
commented
3 months ago Where is the source code of the modified version?
pomelohan
commented
3 months ago Where is the source code of the modified version?
Wait for @bmax121 upload patiently.
Btw, should the modified magiskpolicy being built together with APatch? If true, we may need hack gradle to do that.
linsui
commented
3 months ago Btw, should the modified magiskpolicy being built together with APatch? If true, we may need hack gradle to do that.
It needs to be built from source. We can build it first then put it in the required location.
pomelohan
commented
3 months ago Btw, should the modified magiskpolicy being built together with APatch? If true, we may need hack gradle to do that.
It needs to be built from source. We can build it first then put it in the required location.
Sorry for the delay and thanks for supporting APatch. We’re currently working on developing these days so didn’t reply on time. We will notify you once we finished that. ;)
bmax121
commented
3 months ago The source is at https://github.com/bmax121/Magisk, Mainly changed this file: https://github.com/bmax121/Magisk/blob/master/native/src/sepolicy/rules.cpp
linsui
commented
3 months ago Which commit do you use? I didn't see any change on master branch.
bmax121
commented
3 months ago linsui
commented
3 months ago IIUC, APatch doesn't use ONDK to build the rust code. Then does it make sense to build the magisk libs with ONDK? I have to rebuild ONDK from source so if it's not needed maybe I can skip that step.
linsui
commented
3 months ago What is the downloaded compiler in https://github.com/bmax121/KernelPatch/blob/main/.github/workflows/build.yml used for? Is there any simple way to build those kernel patch binaries?
shuvashish76
commented
1 month ago @bmax121 Requested at IzzyOnDroid. According to their scanner report
No offending libs found.
Dangerous flags:
----------------
* usesCleartextTraffic
Permissions:
------------
* android.permission.INTERNET
* android.permission.WRITE_EXTERNAL_STORAGE
* android.permission.READ_EXTERNAL_STORAGE
* android.permission.QUERY_ALL_PACKAGES
* me.bmax.apatch.DYNAMIC_RECEIVER_NOT_EXPORTED_PERMISSION
Need some clarification regarding usesCleartextTraffic and QUERY_ALL_PACKAGES
pomelohan
commented
1 month ago @bmax121 Requested at IzzyOnDroid. According to their scanner report
No offending libs found. Dangerous flags: ---------------- * usesCleartextTraffic Permissions: ------------ * android.permission.INTERNET * android.permission.WRITE_EXTERNAL_STORAGE * android.permission.READ_EXTERNAL_STORAGE * android.permission.QUERY_ALL_PACKAGES * me.bmax.apatch.DYNAMIC_RECEIVER_NOT_EXPORTED_PERMISSIONNeed some clarification regarding
usesCleartextTrafficandQUERY_ALL_PACKAGES
Hey shuvashish76 Thank you for your contribution.
usesCleartextTraffic is for APatch Module WebUI feature and QUERY_ALL_PACKAGES is being used for selecting SuperUsers Applications. Are those enough? Feel free to notify me if you need more clarification ;)
pomelohan
commented
1 month ago What is the downloaded compiler in https://github.com/bmax121/KernelPatch/blob/main/.github/workflows/build.yml used for? Is there any simple way to build those kernel patch binaries?
Used for compiling kpimg, no more simple way but use this compiler because other one may lead to kpimg broken.
shuvashish76
commented
1 month ago @pomelohan Thanks. Please add Fastlane metadata as mentioned here. (Necessary for both F-Droid / IzzyOnDroid)
linsui
commented
1 month ago Used for compiling kpimg, no more simple way but use this compiler because other one may lead to kpimg broken.
Where is this special gcc from? How can I build it?
shuvashish76
commented
1 month ago
usesCleartextTrafficis for APatch Module WebUI feature
usesCleartextTraffic is only used locally on-device (and not to reach out to the internet)? Is that ensured e.g. via a "network security police"?
pomelohan
commented
1 month ago Used for compiling kpimg, no more simple way but use this compiler because other one may lead to kpimg broken.
Where is this special gcc from? How can I build it?
Sorry for the delay, busy those days...
Update: No need special gcc, only aarch64-elf gcc is required. But it's better to use the same gcc version as KernelPatch using.
pomelohan
commented
1 month ago
usesCleartextTrafficis for APatch Module WebUI feature
usesCleartextTrafficis only used locally on-device (and not to reach out to the internet)? Is that ensured e.g. via a "network security police"?
Sorry for the delay, busy those days...
Yes, usesCleartextTraffic is only used locally on-device. (Located on: /data/adb/modules/<module>/webroot, it is providing an interface for a
module to control itself). It wouldn't reach out to the internet unless module author do that.
linsui
commented
1 month ago Update: No need special gcc, only aarch64-elf gcc is required. But it's better to use the same gcc version as KernelPatch using.
Am I understand it correctly that I just need an aarch64-elf gcc for all the build related to kernel patch?
pomelohan
commented
1 month ago Update: No need special gcc, only aarch64-elf gcc is required. But it's better to use the same gcc version as KernelPatch using.
Am I understand it correctly that I just need an aarch64-elf gcc for all the build related to kernel patch?
Yes, but it is recommended to use the same gcc version as KernelPatch CI using because KernelPatch Project is special, unlike other programs. Newer or old version may lead to issues because of optimizations.
marat2509
commented
1 month ago Thanks! That only leaves the storage permissions then which could use a short explanation, too 😉
@bmax121 @pomelohan
linsui
commented
1 month ago Yes, but it is recommended to use the same gcc version as KernelPatch CI using because KernelPatch Project is special, unlike other programs. Newer or old version may lead to issues because of optimizations.
Can I use this package? Or I should build the aarch64-elf-gcc somehow? I'm not sure what the difference is.
pomelohan
commented
1 month ago Yes, but it is recommended to use the same gcc version as KernelPatch CI using because KernelPatch Project is special, unlike other programs. Newer or old version may lead to issues because of optimizations.
Can I use this package? Or I should build the aarch64-elf-gcc somehow? I'm not sure what the difference is.
I thought this version maybe too old to make KernelPatch working. KernelPatch CI is using this one: https://armkeil.blob.core.windows.net/developer/Files/downloads/gnu/12.2.rel1/binrel/arm-gnu-toolchain-12.2.rel1-x86_64-aarch64-none-elf.tar.xz
linsui
commented
1 month ago I thought both of them are GCC 12.2?
pomelohan
commented
1 month ago Thanks! That only leaves the storage permissions then which could use a short explanation, too 😉
@bmax121 @pomelohan
storage permissions are used to store patched boot image and module upgrading🌹
pomelohan
commented
1 month ago I thought both of them are GCC 12.2?
Sorry I didn’t notice the version. I thought it was OK if version is 12.2 xD
linsui
commented
1 month ago Sorry I didn’t notice the version. I thought it was OK if version is 12.2 xD
So I can just use the gcc-linux-gnu? That's great. So the elf target is not necessary? Do I need any special configuration?
pomelohan
commented
1 month ago gcc-linux-gnu
Yes have a try, author said maybe working😂
linsui
commented
1 month ago Yes have a try, author said maybe working😂
OK. :joy:
marat2509
commented
1 month ago linsui
commented
1 month ago Yes have a try, author said maybe working😂
https://gitlab.com/linsui/fdroiddata/-/jobs/6942666334 Does this mean that it doesn't work?
pomelohan
commented
1 month ago Yes have a try, author said maybe working😂
https://gitlab.com/linsui/fdroiddata/-/jobs/6942666334 Does this mean that it doesn't work?
Yes, kpimg.elf is necessary. Can’t we use prebuilt toolchain like the one KernelPatch using?
linsui
commented
2 weeks ago Finally I build the gcc from source. I got an apk but not sure if it works. Could you please downgrade the jdk version to 17? Currently newer jdk versions are only available in testing channels of debian and they are conflict with packages I need to install to build gcc. I can build the apk with jdk 17 so I thought newer jdk is not necessary. I didn't use ondk because it takes a long time to build it and it seems APatch doesn't use ondk for other libs. But it seems this makes the size of magisk binaries much larger. Not sure if it's important.
linsui
commented
2 days ago @bmax121 @pomelohan What can I do now? Do I need to build the magisk libs with ONDK? Can you downgrade the jdk version?
Magisk and KernelSU are both up on f-droid for download, so why not APatch? And here is F-Droid's inclusion policy, I think APatch is in line with their policy.