Closed NewDwarf closed 2 years ago
How did you root your device? Did you try to disable SELinux?
$ setenforce 0
Perfect. It seems I know what is the reason of that behaviour. Device is "rooted" directly in the kernel, to prevent exposing of this state, I modified the kernel to tell always via the procfs that SELinux is in the enforcing state. I use approach similar to https://git.zx2c4.com/kernel-assisted-superuser/tree/ with more modification required for me.
Good to know, this is Interesting.
Closing this ticket as the reason is clear now.
On attempt to run the leak.sh script, I get:
The problem is the citadeld cannot be stopped by the 'stop vendor.citadeld' command. dmesg reports:
init: Unable to set property 'ctl.stop' from uid:0 gid:0 pid:11245: Invalid permissions to perform 'stop' on 'vendor.citadeld'
Attaching the GDB debugger to the init process (PID 1) and hooking the
function by returning 1 helps to stop the citadeld process. I am using android version 11.0.0 (RQ3A.211001.001, Oct 2021). What android version you used to run the dumping script?