64bit binary not available on 0.1.0-10

[jamorford]

DroidGuard Helper force closed when running SafetyNet check. Tested on Google Pixel Android 8.1 stock 64bit.

java.lang.UnsatisfiedLinkError: dlopen failed: "/data/data/org.microg.gms.droidguard/app_dg_cache/060a8a22981ed66858a6c5ae81d080f1910911f1/libd623F13F0E0A4.so" is 32-bit instead of 64-bit
    at java.lang.Runtime.load0(Runtime.java:928)
    at java.lang.System.load(System.java:1621)
    at com.google.ccc.abuse.droidguard.DroidGuard.<clinit>(Unknown Source:225)
    at java.lang.reflect.Constructor.newInstance0(Native Method)
    at java.lang.reflect.Constructor.newInstance(Constructor.java:334)
    at org.microg.gms.droidguard.DroidguardHelper.invoke(Unknown Source:42)
    at org.microg.gms.droidguard.DroidguardHelper.guard(Unknown Source:218)
    at org.microg.gms.droidguard.RemoteDroidGuardService$1$1.run(Unknown Source:8)
    at java.lang.Thread.run(Thread.java:764)

[ale5000-git]

@ibleedbinari The problem is already fixed in the latest unstable release (currently 0.1.0-10).

[jamorford]

That is the version I was using, installed from the F-Droid repo. I picked the latest version of GmsCore and DroidGuard.

[ale5000-git]

It is what I was saying, the auto-selected latest version is pretty old, you should enable the installation of unstable updates in F-Droid and select manually what have the higher version number.

[Allfd]

I can confirm that this is an issue with 0.10.0-10. I am getting the same error message.

[ale5000-git]

I think that it is physically impossible because the latest version do not use any ".so" library at all. But I don't know exactly the code so maybe someone that know better the code can check.

[nermolov]

Can confirm, installed latest unstable build from F-Droid repo and get the same error.

05-01 19:31:07.204  5462  5478 E AndroidRuntime: FATAL EXCEPTION: Thread-2
05-01 19:31:07.204  5462  5478 E AndroidRuntime: Process: com.google.android.gms.unstable, PID: 5462
05-01 19:31:07.204  5462  5478 E AndroidRuntime: java.lang.UnsatisfiedLinkError: dlopen failed: "/data/data/org.microg.gms.droidguard/app_dg_cache/060a8a22981ed66858a6c5ae81d080f1910911f1/libd623F13F0E0A4.so" is 32-bit instead of 64-bit
05-01 19:31:07.204  5462  5478 E AndroidRuntime:    at java.lang.Runtime.load0(Runtime.java:928)
05-01 19:31:07.204  5462  5478 E AndroidRuntime:    at java.lang.System.load(System.java:1621)
05-01 19:31:07.204  5462  5478 E AndroidRuntime:    at com.google.ccc.abuse.droidguard.DroidGuard.<clinit>(Unknown Source:225)
05-01 19:31:07.204  5462  5478 E AndroidRuntime:    at java.lang.reflect.Constructor.newInstance0(Native Method)
05-01 19:31:07.204  5462  5478 E AndroidRuntime:    at java.lang.reflect.Constructor.newInstance(Constructor.java:334)
05-01 19:31:07.204  5462  5478 E AndroidRuntime:    at org.microg.gms.droidguard.DroidguardHelper.invoke(Unknown Source:42)
05-01 19:31:07.204  5462  5478 E AndroidRuntime:    at org.microg.gms.droidguard.DroidguardHelper.guard(Unknown Source:218)
05-01 19:31:07.204  5462  5478 E AndroidRuntime:    at org.microg.gms.droidguard.RemoteDroidGuardService$1$1.run(Unknown Source:8)
05-01 19:31:07.204  5462  5478 E AndroidRuntime:    at java.lang.Thread.run(Thread.java:764)

Running OnePlus 3T with LineageOS 15.1

[rootd]

Happens to me too. Version 0.10.0-10, OnePlus 3T with latest microG LineageOS 15.1 version

[ArchangeGabriel]

I can confirm this too, this is a new issue in addition to https://github.com/microg/android_packages_apps_GmsCore/issues/482.

[ArchangeGabriel]

I think this is likely Google that changed something on their end again, and μG needing to adapt to that too. But since there seems to be only one person with the required knowledge and competences, we can only wait for @mar-v-in to know more about this.

[alpianon]

I confirm this issue, too. I have a HTC-10 with Lineage OS 14.1 and DroidGuard Helper v.0.1.0-10-gf64bf69 installed in /system/priv-app/, and these are the relevant log lines:

[ 05-17 08:32:07.300  1415: 1716 I/ActivityManager ]
Start proc 3098:com.google.android.gms.unstable/u0a37 for service org.microg.gms.droidguard/.RemoteDroidGuardService

[ 05-17 08:32:07.331  3098: 3098 W/System   ]
ClassLoader referenced unknown path: /system/priv-app/DroidGuard/lib/arm64

[ 05-17 08:32:07.353  3098: 3115 D/GmsDroidguardHelper ]
-- Request --
DGRequest{usage=DGUsage{type=attest, packageName=com.google.android.gms}, info=[KeyValuePair{key=BOARD, val=MSM8996}, KeyValuePair{key=BOOTLOADER, val=1.0.0.0000}, KeyValuePair{key=BRAND, val=HTC}, KeyValuePair{key=CPU_ABI, val=arm64-v8a}, KeyValuePair{key=CPU_ABI2, val=}, KeyValuePair{key=DEVICE, val=htc_pmeuhl}, KeyValuePair{key=DISPLAY, val=lineage_pme-userdebug 7.1.2 NJH47F 20180512 dev-keys}, KeyValuePair{key=FINGERPRINT, val=htc/pmeuhl_00401/htc_pmeuhl:6.0.1/MMB29M/761759.3:user/release-keys}, KeyValuePair{key=HARDWARE, val=qcom}, KeyValuePair{key=HOST, val=607725803abf}, KeyValuePair{key=ID, val=NJH47F}, KeyValuePair{key=MANUFACTURER, val=HTC}, KeyValuePair{key=MODEL, val=HTC 10}, KeyValuePair{key=PRODUCT, val=lineage_pme}, KeyValuePair{key=RADIO, val=unknown}, KeyValuePair{key=SERIAL, val=*******************}, KeyValuePair{key=TAGS, val=release-keys}, KeyValuePair{key=TIME, val=1526111028000}, KeyValuePair{key=TYPE, val=user}, KeyValuePair{key=USER, val=root}, KeyValuePair{key=CODENAME, val=REL}, KeyValuePair{key=INCREMENTAL, val=215316acc8}, KeyValuePair{key=RELEASE, val=7.1.2}, KeyValuePair{key=SDK, val=25}, KeyValuePair{key=SDK_INT, val=25}], versionNamePrefix=10.0.84 (430-, isGoogleCn=false, enableInlineVm=true, cached=[], currentVersion=3, arch=aarch64}

[ 05-17 08:32:07.718  3098: 3115 D/GmsDroidguardHelper ]
Using provided response data for /data/user/0/org.microg.gms.droidguard/app_dg_cache/fb0ca76275dc755ebcd15654daa817ae34f09eb0.apk

[ 05-17 08:32:07.756  3120: 3120 I/dex2oat  ]
/system/bin/dex2oat --dex-file=/data/user/0/org.microg.gms.droidguard/app_dg_cache/fb0ca76275dc755ebcd15654daa817ae34f09eb0/the.apk --oat-fd=37 --oat-location=/data/user/0/org.microg.gms.droidguard/app_dg_cache/fb0ca76275dc755ebcd15654daa817ae34f09eb0/opt/the.dex --compiler-filter=speed

[ 05-17 08:32:07.803  3120: 3120 I/dex2oat  ]
dex2oat took 48.318ms (threads: 4) arena alloc=444KB (455664B) java alloc=80KB (82160B) native alloc=1202KB (1231848B) free=2MB (2962456B)

[ 05-17 08:32:07.825  3098: 3115 E/AndroidRuntime ]
FATAL EXCEPTION: Thread-2
Process: com.google.android.gms.unstable, PID: 3098
java.lang.UnsatisfiedLinkError: dlopen failed: "/data/data/org.microg.gms.droidguard/app_dg_cache/fb0ca76275dc755ebcd15654daa817ae34f09eb0/libdD5EB9CD8D8E6.so" is 32-bit instead of 64-bit
    at java.lang.Runtime.load0(Runtime.java:908)
    at java.lang.System.load(System.java:1537)
    at com.google.ccc.abuse.droidguard.DroidGuard.<clinit>(Unknown Source)
    at java.lang.reflect.Constructor.newInstance0(Native Method)
    at java.lang.reflect.Constructor.newInstance(Constructor.java:430)
    at org.microg.gms.droidguard.DroidguardHelper.invoke(Unknown Source)
    at org.microg.gms.droidguard.DroidguardHelper.guard(Unknown Source)
    at org.microg.gms.droidguard.RemoteDroidGuardService$1$1.run(Unknown Source)
    at java.lang.Thread.run(Thread.java:761)

[alpianon]

As far as I can understand, DroidGuard Helper "asks" Google to return the correct droidguard binary package for the specific device/system and saves it as "the.apk" in its cache dir. "the.apk" returned by Google contains a library that DroidGuard Helper extracts to its cache dir in order to run it in a sandbox. In my case, such library is named libdD5EB9CD8D8E6.so but if I inspect it with readelf I find that its soname is libdroidguard.so.

[alpianon]

The strange thing is that the .dex file that is extracted and compiled from "the.apk" to opt/the.dex in DroidGuard Helper cache dir is an aarch64 binary, while the library libdD5EB9CD8D8E6.so (aka libdroidguard.so) contained in the same "the.apk" is a 32-bit ARM binary.

I attach a full copy of droidguard helper cache: droidguard_helper_cache.zip

[alpianon]

I checked in another device of mine (OPO1 with Lineage OS 14.1 and Gapps - NOT microG - installed, with SafetyNet working - checked with Magisk). In /data/data/com.google.android.gms/app_dg_cache/FB0CA76275DC755EBCD15654DAA817AE34F09EB0 I have found exactly the same "the.apk" package, with the same checksum, and the same libdD5EB9CD8D8E6.so inside. However, in that device, it seems that Gapps did not extract such library to cache dir.

In any case, "the.apk" file downloaded by DroidGuard Helper seems to be correct. Maybe that library should not be extracted at all?

[ale5000-git]

@alpianon: I just noticed that the folder name is the same but it has a different case (uppercase/lowercase). I don't really know if it make a difference but who know.

[ClearlyClaire]

@ibleedbinari are you able to build and install your own RemoteDroidGuard? If so, there are a couple of things you could try, one by one, the commits I added in https://github.com/ThibG/android_packages_apps_RemoteDroidGuard/tree/aarch64?

[mattpctech]

I am having the same issue where it downloads the wrong version for my 64 bit phone. I was able to compile your modified version, and I think I updated it correctly on the phone. It is still however pulling the 32 bit file. Is there a way I can confirm the correct version is installed/running on the phone, and are there any cached files I need to remove for it to work? Thank you!

[ClearlyClaire]

@mattpctech you could run adb logcat | grep GmsDroidguardHelper, it should, among other things, return a line looking like GmsDroidguardHelper: DGRequest{usage=DGUsage{type=attest, packageName=com.google.android.gms}, info=[…], …) and something like GmsDroidguardHelper: Using cached file from /data/user/0/org.microg.gms.droidguard/app_dg_cache/322d473b5c6076250d7a2ce450fef526f05a89c4/the.apk. The first line will give you how RemoteDroidGuardHelper requested the binary, the fields for arch, CPU_ABI and versionNamePrefix are the most interesting there. The second line will give you the hash of the VM binary, that you could download and inspect to check whether it's the correct version.

[AlvaroBrey]

I'm having this issue as well. Any workarounds?

[ClearlyClaire]

@ontherunvaro you could try building from source with these changes: https://github.com/ThibG/android_packages_apps_RemoteDroidGuard/tree/aarch64

I don't have a 64-bit phone to try out, but I'm fairly confident this fixes the issue.

[AlvaroBrey]

@ThibG I can confirm that does fix the issue, thanks!

[csolisr]

@ThibG @ontherunvaro Would you kindly provide a compiled version of your changes? I've been unable to use SafetyNet-locked apps because of this bug.

[AlvaroBrey]

@csolisr Here you go (mediafire link because github won't let me attach APKs).

It's a debug APK compiled with test keys, but it worked for me.

[jansohn]

@ThibG unfortunately your changes don't work on my phone (Moto G, LineageOS 14.1, Magisk v16.7, GmsCore 0.2.4-111-gf1cdb48). Any idea?

logcat_safetynet.txt

[ArchangeGabriel]

@jansohn Your GmsCore is not sufficiently up-to-date for SafetyNet. You need https://github.com/microg/android_packages_apps_GmsCore/pull/553 in addition to @ThibG changes.

[jansohn]

I'm not able to build GmsCore with the provided gradle configuration.

[jansohn]

I was able to build the latest GmsCore from @ThibG (stupid symlinks...) but the DroidGuard service still crashes before receiving an answer.

08-19 19:31:54.004  1707  1707 D GmsSafetyNetClientSvc: onBind: Intent { act=com.google.android.gms.safetynet.service.START pkg=com.google.android.gms }
08-19 19:31:54.019  1707  1728 D GmsSafetyNetClientSvc: bound by: GetServiceRequest{serviceId=SAFETY_NET_CLIENT, gmsVersion=7095000, packageName='com.topjohnwu.magisk', extras=Bundle[{}]}
08-19 19:31:54.156  3879  4093 D NetworkSecurityConfig: No Network Security Config specified, using platform default
08-19 19:31:54.157  3879  4093 W System  : ClassLoader referenced unknown path: /system/framework/tcmclient.jar
08-19 19:31:54.187  3879  4093 D GmsDroidguardHelper: -- Request --
08-19 19:31:54.187  3879  4093 D GmsDroidguardHelper: DGRequest{usage=DGUsage{type=attest, packageName=com.google.android.gms}, info=[KeyValuePair{key=BOARD, val=MSM8226}, KeyValuePair{key=BOOTLOADER, val=0x411A}, KeyValuePair{key=BRAND, val=motorola}, KeyValuePair{key=CPU_ABI, val=armeabi-v7a}, KeyValuePair{key=CPU_ABI2, val=armeabi}, KeyValuePair{key=SUPPORTED_ABIS, val=armeabi-v7a,armeabi}, KeyValuePair{key=DEVICE, val=falcon_umts}, KeyValuePair{key=DISPLAY, val=lineage_falcon-userdebug 7.1.2 NJH47F 20180808 dev-keys}, KeyValuePair{key=FINGERPRINT, val=motorola/falcon_retuglb/falcon_umts:5.1/LPB23.13-58/58:user/release-keys}, KeyValuePair{key=HARDWARE, val=qcom}, KeyValuePair{key=HOST, val=b707df026c3d}, KeyValuePair{key=ID, val=NJH47F}, KeyValuePair{key=MANUFACTURER, val=motorola}, KeyValuePair{key=MODEL, val=Moto G}, KeyValuePair{key=PRODUCT, val=lineage_falcon}, KeyValuePair{key=RADIO, val=unknown}, KeyValuePair{key=SERIAL, val=TA93000ZZG}, KeyValuePair{key=TAGS, val=release-keys}, KeyValuePair{key=TIME, val=1533729487000}, KeyValuePair{key=TYPE, val=user}, KeyValuePair{key=USER, val=root}, KeyValuePair{key=CODENAME, val=REL}, KeyValuePair{key=INCREMENTAL, val=783bffbc3a}, KeyValuePair{key=RELEASE, val=7.1.2}, KeyValuePair{key=SDK, val=25}, KeyValuePair{key=SDK_INT, val=25}], versionNamePrefix=12.2.21 (040300-{{cl}}), isGoogleCn=false, enableInlineVm=true, cached=[ByteString[size=20 md5=ee66f26c8865bb15f28a33b979494a96]], currentVersion=3, arch=armv7l}
08-19 19:31:54.660  3879  4093 D GmsDroidguardHelper: Using cached file from /data/user/0/org.microg.gms.droidguard/app_dg_cache/a6946e165e824f57ce2527562f020e6abcb35e04/the.apk
08-19 19:31:55.085   768  1654 I ActivityManager: Process com.google.android.gms.unstable (pid 3879) has died
08-19 19:31:55.085   768  1654 D ActivityManager: cleanUpApplicationRecord -- 3879
08-19 19:31:55.086   768  1654 W ActivityManager: Scheduling restart of crashed service org.microg.gms.droidguard/.RemoteDroidGuardService in 1000ms
08-19 19:31:55.111   254   254 I Zygote  : Process 3879 exited due to signal (11)
08-19 19:31:56.097   768   800 I ActivityManager: Start proc 4098:com.google.android.gms.unstable/u0a79 for service org.microg.gms.droidguard/.RemoteDroidGuardService

[jamorford]

Forgot to close this issue a while back. Thanks for fixing @ThibG