Last active
June 5, 2024 14:13
-
-
Save kirelagin/211af699bd321f9448d310502074bd9c to your computer and use it in GitHub Desktop.
Android (Lineage OS) kernel patch for SafetyNet
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
diff --git a/fs/proc/cmdline.c b/fs/proc/cmdline.c | |
index 14a4c5887848..ebce46d998b0 100644 | |
--- a/fs/proc/cmdline.c | |
+++ b/fs/proc/cmdline.c | |
@@ -2,10 +2,13 @@ | |
#include <linux/init.h> | |
#include <linux/proc_fs.h> | |
#include <linux/seq_file.h> | |
+#include <asm/setup.h> | |
+ | |
+static char new_command_line[COMMAND_LINE_SIZE]; | |
static int cmdline_proc_show(struct seq_file *m, void *v) | |
{ | |
- seq_printf(m, "%s\n", saved_command_line); | |
+ seq_printf(m, "%s\n", new_command_line); | |
return 0; | |
} | |
@@ -21,14 +24,39 @@ static const struct file_operations cmdline_proc_fops = { | |
.release = single_release, | |
}; | |
+static void remove_flag(char *cmd, const char *flag) | |
+{ | |
+ char *start_addr, *end_addr; | |
+ /* Ensure all instances of a flag are removed */ | |
+ while ((start_addr = strstr(cmd, flag))) { | |
+ end_addr = strchr(start_addr, ' '); | |
+ if (end_addr) | |
+ memmove(start_addr, end_addr + 1, strlen(end_addr)); | |
+ else | |
+ *(start_addr - 1) = '\0'; | |
+ } | |
+} | |
+ | |
+static void remove_safetynet_flags(char *cmd) | |
+{ | |
+ remove_flag(cmd, "androidboot.enable_dm_verity="); | |
+ remove_flag(cmd, "androidboot.secboot="); | |
+ remove_flag(cmd, "androidboot.verifiedbootstate="); | |
+ remove_flag(cmd, "androidboot.veritymode="); | |
+} | |
+ | |
static int __init proc_cmdline_init(void) | |
{ | |
char *offset_addr; | |
- offset_addr = strstr(saved_command_line, "androidboot.mode=reboot"); | |
+ strcpy(new_command_line, saved_command_line); | |
+ | |
+ offset_addr = strstr(new_command_line, "androidboot.mode=reboot"); | |
if (offset_addr != NULL) | |
strncpy(offset_addr + 17, "normal", 6); | |
+ remove_safetynet_flags(new_command_line); | |
+ | |
proc_create("cmdline", 0, NULL, &cmdline_proc_fops); | |
return 0; | |
} |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment