> -17 following

[bphd]

          > Are you using a custom ROM ?

The killing question

Anyway I personally "resolved" that by reinstalling user/system gsf/gms/vending and now I'm stuck at BASIC_INTEGRITY (and I don't pass CTSPM), dunno how to get DEVICE_INTEGRITY (important remark, despite having that verdict, I still get in logs -17, go figure out)

W/keystore2(): system/security/keystore2/src/remote_provisioning.rs:105 - Error occurred: system/security/keystore2/src/remote_provisioning.rs:138: Trying to get IRPC name.
W/keystore2():     1: Error::Km(r#HARDWARE_TYPE_UNAVAILABLE)
W/keymaster_tee(): [WRN]start nwd_generate_key
W/keymaster_tee(): [WRN]ret OK PARAMS: 
W/keymaster_tee(): [WRN]start nwd_attest_key
E/keymaster_tee(): [ERR]Unexpected title ignore.. title: TEE
W/keymaster_tee(): [WRN]nwd_attest_key GAK ret 0
E/keystore2(): system/security/keystore2/src/gc.rs:139 - Error trying to delete blob entry. system/security/keystore2/src/gc.rs:129: Trying to invalidate key.
E/keystore2():     0: system/security/keystore2/src/globals.rs:171: Trying to invalidate key blob.
E/keystore2():     1: Error::Km(r#UNIMPLEMENTED)
W/id.gms.unstable(): Shared library "/data/user/0/com.google.android.gms/app_cache_dg//the.apk!/lib.so" already opened by ClassLoader 0xc33(dalvik.system.DexClassLoader[DexPathList[[zip file "/data/user/0/com.google.android.gms/app_cache_dg//the.apk"],nativeLibraryDirectories=[/system/lib64, /system/system_ext/lib64]]]); can't open in ClassLoader 0x(dalvik.system.DexClassLoader[DexPathList[[zip file "/data/user/0/com.google.android.gms/app_cache_dg//the.apk"],nativeLibraryDirectories=[/system/lib64, /system/system_ext/lib64]]])
W/android.vending(): Reducing the number of considered missed Gc histogram windows from 101 to 100
W/android.vending(): ApkAssets: Deleting an ApkAssets object '/data/resource-cache/.frro' with 1 weak references
W/SystemServiceRegistry(): No service published for: persistent_data_block
W/libc    (): Access denied finding property "ro.csc.countryiso_code"
/libc    (): Access denied finding property "ro.csc.countryiso_code"
W/Sensors (): Cannot get virtualdevice_native service
W/android.vending(): Missing inline cache for void com.google.ccc.abuse.droidguard.DroidGuard.<init>(android.content.Context, android.os.Parcelable)
W/ProcessStats(): Tracking association SourceState{ com.android.vending/ BTop #} whose proc state 2 is better than process ProcessState{ com.google.android.gms.unstable/ pkg=com.google.android.gms} proc state 14 (68 skipped)
D/GrammaticalInflection(): The flag must be enabled to allow calling the API.
I/PixelPropsUtils(): Blocked key attestation
D/GmsMultiConKeeper(): $GmsServiceConnection@, false) has=false
W/System  (): A resource failed to call release. 
D/keymaster_swd(): keymaster_swd [ERR] (tz_check_oem:74) Device is compromized: fuse loc=5,status=0,sw_fuse_blown=1
W/FeatureConnection(): getRegistrationTech: ImsRegistration is null
I/PlayCore(): UID: []  PID: [] IntegrityService : requestIntegrityToken(IntegrityTokenRequest{ cloudProjectNumber=null, network=null})
I/PlayCore(): UID: []  PID: [] IntegrityService : linkToDeath
I/Ads     (): Ad failed to load : 8
D/GmsDummySvc(): bound by: GetServiceRequest{serviceId=UNKNOWN(370), gmsVersion=, packageName='com.android.vending', extras=Bundle[{}]}
W/id.gms.unstable(): Accessing hidden field Landroid/os/Build$VERSION;->DEVICE_INITIAL_SDK_INT:I (blocked,test-api, reflection, denied)
W/id.gms.unstable(): If this is a platform test consider enabling VMRuntime.ALLOW_TEST_API_ACCESS change id for this package.
E/Finsky  (): [596] txq.call(652): Following exception occurred while getting serviceInfo: android.content.pm.PackageManager$NameNotFoundException: ComponentInfo{krypton.tbsafetychecker/org.chromium.content.app.SandboxedProcessService0:0}
W/ActivityManager(): Forcing bringing down service: ServiceRecord{ u0 krypton.tbsafetychecker/org.chromium.content.app.SandboxedProcessService0:0 c:krypton.tbsafetychecker}
F/webview_zygote(): jni_internal.cc:825] JNI FatalError called: (zygote) Failed open(/product/overlay/Overlay/Overlay.apk, 0): No such file or directory
E/libc    (): failed to connect to tombstoned: Permission denied
F/DEBUG   ():       #25 pc 005005e0  /system/framework/framework.jar
W/libc    (): Access denied finding property "tas.smartamp.disable"
W/GoogleApiManager(): cfje could not execute call because it requires feature (get_storage_info_api, 1).

As a workaround, we can take advantage of the fact that SafetyNet's usage of key attestation is opportunistic (i.e. falls back to basic integrity checks if it fails) and prevent it from getting the attestation certificate chain from KeyStore. This is done by checking the stack for DroidGuard, which is the codename for SafetyNet, and pretending that the device doesn't support key attestation.

https://github.com/PixysOS-Beta/frameworks_base/pull/1

falls back to basic integrity checks if it fails

now I'm stuck at BASIC_INTEGRITY

Originally posted by @bphd in https://github.com/chiteroman/PlayIntegrityFix/issues/429#issuecomment-2365328969

[bphd]

OP has closed without explaing anything whatsoever, and I guess author won't support on a self closed issue with OP that don't have the problem anymore. So we need to continue troubleshooting here

[rompelhd]

The only thing I did was to reinstall gsm and the play integrity fix module. No more.

[Lonelysoulman]

and how do i reinstall gms? i dont even have it installed in the first place. at least cant find it in system apps

[bphd]

The only thing I did was to reinstall gsm and the play integrity fix module. No more.

@rompelhd What is "gsm"?

Reinstall, you mean uninstall and install, or install upon already installed?

You did only user or system application aswell?

You shouldn't close your issue as even if the verdict is made, that error stills appears in logs as I stated previously in my own message

[bphd]

and how do i reinstall gms? i dont even have it installed in the first place. at least cant find it in system apps

Afaik com.google.android.gms is needed for Integrity verdict because I think it's that that manage binder, that makes the actual request, so no verdict possible without it. But you can take different GMS that is more respective of private life and so. To install it some get it with their SROM/CROM that comes with installed GApps (GMS included), some flash modules that install it, some install APKs, but don't quote me on that, @chiteroman should give you the right way, but he don't seems to be around for more than 3 days

[rompelhd]

The first thing I did was to check with adb or some terminal emulator with root access if there is any GMS service disabled.

pm list packages -d | awk -F: '{print $2}'

This run should tell you if you have it deactivated

If there is anything concerning GMS you must activate it with pm enable and services.

[luoxuebinfei]

I also encountered the same problem. Initially, after completing the custom ROM installation, I used Apatch to manage my root access. After installing Zygisk Next, Tricky Store, and PLF V17.4, everything seemed fine during checks. The Play Store integrity check passed, and the Simple Play Integrity Checker app showed three green indicators. However, because I couldn't log into the ChatGPT app, I upgraded to new versions of the Google Play Store and Google Play Services. After this, although the device could pass the Play Store's device verification, Play Integrity showed -17, and Simple Play Integrity Checker displayed three red indicators. I've tried clearing Google Play Services data, clearing Google Play Store data, and even changing versions of these two apps, but none of these attempts had any effect...

Regarding the disabling of GMS services and activities mentioned above, I discovered that I also have this behavior. However, even after enabling them, reflashing the module, and rebooting, they still show as disabled...

[bphd]

The first thing I did was to check with adb or some terminal emulator with root access if there is any GMS service disabled.

pm list packages -d | awk -F: '{print $2}'

This run should tell you if you have it deactivated

If there is anything concerning GMS you must activate it with pm enable and services.

But you said earlier that you deactivated some services to resolve your problem

$ su -c pm list packages -d returns only a user utility package that I deactivated myself earlier, not system

[bphd]

I upgraded

Could you state precisely all what you updated, from what version to what version?

the device could pass the Play Store's device verification

Really curious, everything was okay for vending but not for SPIC. After all, if vending is okay, that's all it counts. Personally I can't achieve to make a verification in vending, I can't find no button to make a check on it. But it's written that my device isn't certified, without launching any checks

changing versions of these two apps, but none of these attempts had any effect...

So that new state was kind of irreversible, nothing you did, even a downgrade, changed anything

Most straightforward thing I can advise is to re-flash the very same things you flashed at start that gave you all green indicators. If you flash them all, normally you should get the same state. And take note of source and version of all those things you flashed/installed, before losting them

I also have this behavior

You have that "behaviour"? What precisely you found? What was deactivated? Anything else?

they still show as disabled...

What is "they"?

[luoxuebinfei]

Could you state precisely all what you updated, from what version to what version?

google play store and Google Play services，Upgrade from a lower version to the latest version. Now store Version: 42.8.21-23, Google Play services Version: 24.36.62

You have that "behaviour"? What precisely you found? What was deactivated? Anything else? What is "they"?

They are components within Google Play services, including activities, services, and more.⬇️Perhaps this is an incorrect disabling...

[maozhenyu123]

Clear gms data (App Manager) worked for me.

[bphd]

Clear gms data (App Manager) worked for me.

Clearing the storage downgraded me from BASIC to NO, and killing the app from NO to -17 and rebooting from -17 to -12. Installing user GMS and rebooting upgraded to BASIC_INTEGRITY (though I'm not sure if installing system GSF/GMS/Vending would be necessary here too)

[bphd]

Could you state precisely all what you updated, from what version to what version?

google play store and Google Play services，Upgrade from a lower version to the latest version. Now store Version: 42.8.21-23, Google Play services Version: 24.36.62

You have that "behaviour"? What precisely you found? What was deactivated? Anything else? What is "they"?

They are components within Google Play services, including activities, services, and more.⬇️Perhaps this is an incorrect disabling...

Would be important to know old/previous version of everything you installed

You actived everything on Blocker for GMS. Is that it?

[luoxuebinfei]

Would be important to know old/previous version of everything you installed

I did not remember the old version number, the Play Store is probably 40.x.x, and GMS is probably 24.x.x? 23.x.x? This is what my ROM came with, but it seems incomplete, causing ChatGPT to be unable to log in, prompting the following error. I had to upgrade my store and GMS.

Something went wrong. Please make sure your device's date and time are set properly. Check that your internet connection is stable, then restart the app and try again.

You actived everything on Blocker for GMS. Is that it?

Yes, but it seems to be of no use. I cannot clear the GMS and Play Store data because it would make my device authentication fail. Although it can be resolved by reflashing the module, doing so will disable some components again.

I have tried many times already.

[NCLnclNCL]

The first thing I did was to check with adb or some terminal emulator with root access if there is any GMS service disabled.

pm list packages -d | awk -F: '{print $2}'

This run should tell you if you have it deactivated

If there is anything concerning GMS you must activate it with pm enable and services.

you can use this app to enable easily https://github.com/lihenggui/blocker

[bphd]

The first thing I did was to check with adb or some terminal emulator with root access if there is any GMS service disabled. pm list packages -d | awk -F: '{print $2}' This run should tell you if you have it deactivated If there is anything concerning GMS you must activate it with pm enable and services.

you can use this app to enable easily https://github.com/lihenggui/blocker

The command he use seems to be about activating packages, where your application is to block network requests

[bphd]

Idk if I still experiencing the error, haven't checked logs, but by deactivating persist.sys.pixelprops.gapps persist.sys.pixelprops.gms properties and resintalling vending/gsf/gms and spoofing build and provider (and btw using that module, or Osm0sis one when that one bother me) I achieve device integrity. I have difficulties achieving strong integrity but it's probably because my CROM throw UnsupportedOperationException() when DroidGuard ask for certificate chain, have to figure out how to patch from MagiSK, or LSP, or by replacing files

[JordK5]

Clear gms data (App Manager) worked for me.

Clearing the storage downgraded me from BASIC to NO, and killing the app from NO to -17 and rebooting from -17 to -12. Installing user GMS and rebooting upgraded to BASIC_INTEGRITY (though I'm not sure if installing system GSF/GMS/Vending would be necessary here too)

I cleared the gms and google play store data without knowing and I have error -12 because of that, how did you install user gms to fix it?

[bphd]

Clear gms data (App Manager) worked for me.

Clearing the storage downgraded me from BASIC to NO, and killing the app from NO to -17 and rebooting from -17 to -12. Installing user GMS and rebooting upgraded to BASIC_INTEGRITY (though I'm not sure if installing system GSF/GMS/Vending would be necessary here too)

I cleared the gms and google play store data without knowing and I have error -12 because of that, how did you install user gms to fix it?

If you clear data of gms take care each time to reactivate device registration and certifications. Otherwise no attestation possible

I'm not sure of the pertinence of clearing hacked MG GMS compared to Google GMS. Like MicroG isn't supposed to keep anything problematic that has to be cleared, I'm not sure, what @nift4 thinks about it?

But if it's Google one then idk. But reflashing MGIR systemize those reinstalled user applications and from there everything is set for a certification

[luoxuebinfei]

I resolved this issue, but at the cost of wiping all data...

After using a flashing tool to reinstall an official firmware package and booting into the system, I installed all hidden modules and configured the settings before restarting the system. Then, I enabled the system’s built-in Google services, but did not log into a Google account. Using the APKPure app store, I updated the Play Store, after which I logged into my account without encountering the -17 error. This allowed me to pass all integrity checks and use ChatGPT normally.

[bphd]

Not really sure it was necessary, but in any case returning to a totally stable state does indeed permit to resolve lot of problems

I'm personally all against clean flashing, because Android system is really badly managed about data backup, so you end up loosing too much only to resolve some problems