Profile cover photo
Profile photo
Chainfire
440,205 followers
440,205 followers
About
Chainfire's posts

Post is pinned.
Public
PSA: There is no support on G+

While Google Plus is a nice medium to share information, it is utterly unsuitable for any form of support.

All releases have their own discussion threads on XDA-Developers.com, which are referenced in most posts here. If you need assistance, want to file a bug report, or discuss anything related to a release, please go the relevant XDA thread.

You will not receive any support here on G+.

Additionally, all posts should be English only.

Post has attachment
SuperSU v2.82 SR1 (BETA) released

Before I go into details of this release, some have questioned whether this G+ account and the Chainfire developer account on Play are being controlled by CCMT. They aren't, it still me - Chainfire - writing this, and I am still in full control of these accounts.

This update focuses primarily on changes introduced by the latest security patches to Nougat and O Preview. I've noticed some people posting everything is fine and old versions of SuperSU already work great, but these are probably users of the Nexus 5X and 6P. All the interesting (and breaking) stuff is premiering on the Pixels! Those changes may not be coming to the 5X/6P soon or even at all (or they may be in ODP4, who knows?).

I'll start with some other changes, and end with everything O.

Android 5.1 and older
A small number of users have reported dalvik-cache rebuilds on every boot on 5.1 with v2.82. We have not been able to reproduce this on our 5.x devices. If you're seeing this issue, please come to the BETA thread (linked below) and help us figure out the problem.

Huawei
There have been some minor changes to the ZIP that makes it compatible with the very latest firmwares of some Huawei devices that were not previously compatible. We are aware that is still doesn't work for some other Huawei devices/firmwares. If you are using a Huawei that is currently not supported by SuperSU, please come to the BETA thread (linked below) and help us correct the issue. Please include information about your device and firmware version in your report.

Samsung Nougat and encryption
Samsung has recently made some changes on how encryption works on their Nougat firmwares that could ultimately cause full bricks for root users not paying attention. This appears to be a security measure (good) that is still a little rough on the edges (bad).

You can read the full details about the changes and my experiments with it here: https://forum.xda-developers.com/showpost.php?p=72204306&postcount=978

My personal advice for the moment is, if you're going to run rooted on a Samsung device with Nougat, format /data before flashing SuperSU, or otherwise ensure /data is not encrypted.

From v2.82-SR1 onwards, on Samsung devices running Android Nougat 7.0+, SuperSU will detect an unencrypted /data partition (which is always the case directly after a format) and by default attempt to fully disable encryption, to prevent the device from re-encrypting /data next boot. Obviously this means reduced security for your files, but also a significantly reduced risk of ending up with a brick. For advanced users there are flags to control this behavior.

Android Verified Boot signing
On the Pixels with the May security update or newer (and probably many devices and firmwares in the future), boot images are required to be signed for Android Verified Boot. I have detailed the procedure and created a flashable ZIP that does this on-device here: https://forum.xda-developers.com/android/software-hacking/signing-boot-images-android-verified-t3600606

From v2.82-SR1 onwards, the SuperSU ZIP will automatically sign the patched boot image, if the original boot image is also signed. Please note that if you first flash an unsigned image (like a custom kernel install that doesn't sign the new image), then SuperSU will not sign the output image; this is because SuperSU cannot know if your device needs a signed image or not, and just signing all images might create problems for other devices, so signing the output is based on whether the input was signed.

For advanced users there are flags to control this behavior. For the security paranoid, you can even provide your own signing keys rather than using SuperSU's default ones.

I am very curious if we will run into a device that does have AVB signing and currently works with an unsigned SuperSU image but not with a signed one.

Noteworthy caveat: signing only works if your /system partition is intact.

Android O - SELinux policy rules
As usual, a major new Android version brings some SELinux policy changes. These were very minor and only have to do with the introduction of two new security contexts: untrusted_v2_app and untrusted_app_25. Most of these changes were already implemented in v2.79-SR4, but two lines were added for v2.82-SR1 to complete the set.

Android O - Split policies
On the Pixel, O increases separation between Google provided system parts (Android), and manufacturer parts (such as drivers and SoC-specific components). Ultimately this will make it easier for (future) older devices to run newer Android versions. For more information about that, read this blog post about Project Treble: https://android-developers.googleblog.com/2017/05/here-comes-treble-modular-base-for.html

For SELinux policies this means that some of the policies are loaded from the boot image or /system partition, and some are loaded from the /vendor partition. These are merged at first boot and cached for future boots.

As SuperSU needs to modify SELinux policies for it to be able to run, it pre-merges the two sets of policies at ZIP flash time, makes the required modifications, and forces this merged policy to be loaded at boot instead.

Noteworthy caveat: merging only works if your /system and /vendor partitions are intact.

Android O - lz4 compressed kernel binary
On the Pixel, Google is using lz4 compression for the kernel binary, so support for that (but not for lz4 compressed ramdisks) has been added to SuperSU. I assume this is part of their efforts (mentioned elsewhere) to improve boot-up performance on the Pixel series.

I don't think we've seen lz4 compression employed by official Google images before ODP2.

Android O - fstab/dtb
On the Pixel, it appears the rootfs fstab has been completely removed, in favor of automatic partition detection and dtb-based fstab.

The system and vendor partitions are both required to be mounted early now that the policies have been split in two. The system partition was already pre-mounted by the kernel on the Pixel series (and other devices that have the root directory inside the system partition rather than in the boot image ramdisk), but now the mounting of the vendor partition has also moved to earlier in the boot sequence.

The fstab entry for vendor has now been moved to the dtb (device-tree blob) section of the kernel image. To me this is slightly odd as the device-tree is supposed to be OS independent, but then again, it is contained inside a very OS-specific boot image...

To cope with the dtb-based fstab, SuperSU (sukernel specifically) has gained functionality to extract, modify, repack and replace the dtb.

Android O - boot image size
When the Pixel was first released, there was a lot of space available in the boot image. Unfortunately, Google's stock boot image has grown significantly since then. This hardly leaves room for all the files SuperSU wants to include.

I could significantly reduce those files by disabling some features (in-ramdisk backup of modified files and factory-reset survival for example) but I would rather not.

As such I have had to implement some smart coding to reduce the files' footprint by pulling files into the ramdisk from /system dynamically at boot time rather than including them at ZIP flash time.

While this is sufficient for now, we'll have to see how this works out when O-compatible TWRP builds and custom kernels become available (both of which also need to go into the same limited boot image space).

We could reduce the used space by eliminating unused dtb parts, but this would create a very device-specific solution rather than a generic solution I always aim to create. While you may argue that currently most of this only affects the Pixel (XL) anyway, several devices will be released shortly that are using the same setup.

Android O - suinit
The above combined have required significant changes to the suinit binary. It has to handle the new mounting sequence as well as creating the ramdisk dynamically.

All in all, expressed in lines of code added or changed the number is not impressive at all (rather disappointing really), but figuring out all of the above and implementing the fixes is very time-consuming. It is slow (and frustrating) to debug this part of the boot process; especially as proper sources are not yet available and you're mostly stabbing in the dark, hoping to hit something that sheds some light on what is going on.

Noteworthy caveat: for the rare advanced user who uses KEEPVERITY functionality, note that keeping dm-verity enabled on the Pixel on O Preview is currently only supported for the vendor partition, not for the system partition. The system partition is not modified in any way, but we can no longer rely on the real init to enable dm-verity for the system partition, so suinit will have to do this, and the code for that is not yet written. Previously we got the original init to do this using fstab, but the dtb-based fstab is too limited to get this to work.

Links
As with all SR releases, you are supposed to update them by flashing the ZIP, not by installing the APK.

Flashable ZIP:
https://download.chainfire.eu/1114/SuperSU/SR1-SuperSU-v2.82-SR1-20170608224931.zip

BETA discussion thread on XDA:
https://forum.xda-developers.com/apps/supersu/2014-09-02-supersu-v2-05-t2868133

Instructions for flashing this ZIP with TWRP on Pixel (XL) with ODP1/2/3:
https://forum.xda-developers.com/showpost.php?p=72604085&postcount=10323

Changelog
- ZIP: Detect AVB signature on input boot image, and sign output image accordingly (force with SIGNBOOTIMAGE, custom keys in /tmp/avb)
- ZIP: Samsung/7.0+: if /data is not currently encrypted, disable encryption (unless KEEPFORCEENCRYPT or REMOVEENCRYPTABLE are set)
- ZIP: Detect TWRP UI slot switch (Pixel/XL: 3.1.0-RC2+)
- ZIP: Further improve /system device detection
- ZIP: Support compiling sepolicy from split CILs
- ZIP: Kernel patch: support LZ4 compressed kernels (new format only)
- ZIP: Mount /vendor
- ZIP: Add /vendor/lib[64] to LD_LIBRARY_PATH
- ZIP: Initial Pixel+ODP2 support
- ZIP+APK: Fixes in boot partition detection
- sukernel: Allow cpio-add of 0-byte files
- sukernel: Add dtb (in-kernel only) related features
- suinit: Improve logging
- suinit: Support pre-mounting /system and /system_root (ODP2+)
- sukernel+suinit+ZIP: Reduce system_root footprint by dynamically importing entries at boot
- supolicy: Adjustments for ODP3

Post has attachment
SuperSU v2.82 released on Play

Roll-out started on the new Play release last week, and by now it should be distributed to most users on Play.

This release contains a lot of bug fixes and improvements, as well as increased compatibility with many recent devices and Android versions. Most changes focus on Nougat, though there are numerous O-Preview related fixes as well.

Support for Android 2.1 Eclair and 2.2 Froyo has officially been dropped - Android 2.3 Gingerbread is now the oldest supported Android version.

SELinux handling has been significantly reworked for Nougat and up: the required ruleset has been reduced, and the binaries now live and execute commands in their own supersu context.

More O fixes are coming; though SuperSU works with ODP2 on some devices already, you'll have to wait for SR1 (maybe SR2) for ODP2 support on all of them (especially the Pixel, which is being characteristically difficult to work with). More on that in a different post.

There was some trouble with the roll-out initially, and again we apologize for the inconvenience caused to the affected users. I will go into more (technical) detail about what exactly happened in the forums.

For the moment all I would like to point out is that the Play release still has an issue with many Xperia devices running older Android versions, as well as some other devices if SuperSU is running in system mode. These are already fixed in the linked ZIP.

Boot image signing is not yet integrated (coming in SR1), though the Pixel and Pixel XL require it from the May update onwards. Until integration is completely, you need to flash the VerifiedBootSigner ZIP after flashing the SuperSU ZIP, and before rebooting - https://forum.xda-developers.com/android/software-hacking/signing-boot-images-android-verified-t3600606

Links

Play Store:
https://play.google.com/store/apps/details?id=eu.chainfire.supersu&hl=en

Flashable ZIP:
https://download.chainfire.eu/supersu
(advised source for update)

Discussion thread on XDA:
https://forum.xda-developers.com/apps/supersu/stable-2016-09-01supersu-v2-78-release-t3452703

And for BETA releases:
https://forum.xda-developers.com/apps/supersu/2014-09-02-supersu-v2-05-t2868133

Changelog (since v2.79's Play release)

(zip linked above only)
- supolicy: Newer libsupol version used
- su: Fix sdk parameter not always being passed to supolicy in system mode

(zip and Play)
- su: Fix su.d scripts running in the wrong mount context (introduced by ODP sdcardfs fix)
- CCMT: Update language files
- CCMT: Update guide screen
- CCMT: Update privacy policy screen
- CCMT: Updater: remove 4.3 and 5.0 specific upgrade messages, replace with generic; and detect if root must be manually updated
- CCMT: Drop support for Android 2.1 and 2.2. Minimum is now 2.3 (SDK 9, up from 7)
- su: Update mount namespace separation code to improve sdcardfs compatibility
- su: Fix kernel panic on ODP1/2 on 5X/6P
- su: Fix ODP1 compatibility on Pixel (XL)
- launch_daemonsu: Revert previous ODP1 work-around
- sukernel: Add option to patch out optional /data encryption (encryptable)
- suinit: cleanup /boot
- ZIP: Get boot image from fstab last-effort
- ZIP: Add REMOVEENCRYPTABLE flag to force disable encryption on newer Samsung firmwares
- ZIP: Fix slow /dev/random on some devices, apparently freezing install at "Creating image"
- ZIP: Fix LD_LIBRARY_PATH for hex-patch execution
- supolicy: Fix applying deferred allow rules
- supolicy: Fix setting impossible XPERM causing policy corruption
- supolicy: Add policies for ODP1
- launch_daemonsu: Work-around kernel panic on ODP1 on 5X/6P. Forces service mode for ODP1 on all devices.
- Fix erroneously deleting SuperSU's copy of app_process on 6.0 since 2.79-SR1
- GUI: Fix app_process requirement detection when supersu context used
- Fully eliminate sugote binary, no longer needed due to SELinux handling improvements in earlier versions
- Support /system/xbin/sush as default shell
- Adjust LD_PRELOAD filtering to exclude suhide's libraries
- ZIP: Motorola: default to systemless mode
- supolicy: fix some segfaults(NPEs) in pre-7.0 sepolicy handling
- ZIP: write boot block device once instead of twice (@_alexndr)
- (c) 2017 + CCMT
- Expand Samsung detection
- GUI: reworked portions to work with 'supersu' context on 7.0+
- GUI: fix binary update notice when superuser disabled by user in some cases
- su: reworked portions to work with 'supersu' context on 7.0+
- su/GUI: improve responsiveness when device busy on 7.0+
- sukernel: fix cpio restore failure with very short filenames
- sukernel: no longer patches file_contexts(.bin)
- sukernel: revert force seclabel (no longer needed with 'supersu' context)
- supolicy: add "create", "auditallow", "auditdeny" policy commands
- supolicy: support "*" for permission/range parameter of "allow", "deny", "auditallow", "auditdeny", "allowxperm" policy commands
- supolicy: -live/--file no longer apply default patches if custom patches are supplied
supolicy: -sdk=X option added (required for 7.0+)
supolicy: reworked all SELinux rules for 7.0+, run as 'supersu' context
- ZIP: Separate slotselect and system_root logic
- ZIP: Adjust system/system_root device and mount-point detection
- ZIP: Fix minor errors in documentation
- ZIP/frp: Explicitly label /su

FlashFire updated to v0.57

This update focuses primarily on two issues relating to flashing OTAs:

- Uncrypting errors: some users experienced issues while uncrypting freshly downloaded OTAs (app crash or corrupted uncrypt). This issue should now be solved. If this ever failed for you, there is a good chance your next OTA flash attempt will fail again as well (with a red line complaining about an invalid ZIP file), due to left-over files. The solution is to simply do it twice.

- Multi-stage OTAs: some recent OTAs install in multiple stages; they first flash a new recovery to the boot partition (that is not a typo), then boot to that recovery to perform the rest of the firmware update. FlashFire can now directly handle these OTAs without going through recovery.

Note that sometimes, after flashing an OTA, the device may still boot to recovery (and show you an error message). Simply reboot the device if that happens - it doesn't mean the flash failed.

Google Play should start rolling out the new version in a couple of hours. You can also grab the APK directly from own servers (link below).

Links

Google Play:
https://play.google.com/store/apps/details?id=eu.chainfire.flash&hl=en

Discussion thread at XDA:
https://forum.xda-developers.com/general/paid-software/flashfire-t3075433

Direct APK download:
http://download.chainfire.eu/1025/FlashFire/FlashFire-v0.57-20170403162805.apk

Changelogs
- Add support for multi-stage OTAs
- Fix possible NPE during OTA uncrypt
- Fix logic failure during OTA uncrypt
- Fix unsupported root detection
- Fix root detection sometimes failing
- Prefer system-supplied reboot binary to our own
- Adjust timebomb for non-Pro users to September 01, 2017
NOTE: Sometimes OTA still reboots to recovery with an error, just reboot manually

Post has shared content
Patagonia and Easter Island 2015 (Panoramas only)

I know some of you guys here enjoyed seeing my older albums and there are proper photographers among you, but it seems I haven't re-posted from my personal account since 2014. So here are the missing albums :)
Some panoramas taken on my trip to Patagonia (during the rare moments it wasn't raining) and Easter Island at the end of 2015.

Edited to taste, so no arguing about that :)

Post has shared content
Tanzania 2015

I know some of you guys here enjoyed seeing my older albums and there are proper photographers among you, but it seems I haven't re-posted from my personal account since 2014. So here are the missing albums :)
Just a handful of shots from my trip to Tanzania in 2015. Not necessarily the very best shots in my collection, though.

Post has shared content
NYC 2015

I know some of you guys here enjoyed seeing my older albums and there are proper photographers among you, but it seems I haven't re-posted from my personal account since 2014. So here are the missing albums :)
Some shots of my short trip to NYC a few weeks ago
PhotoPhotoPhotoPhotoPhoto
New York City 2015
15 Photos - View album

Post has attachment
Recently updated to v1.40

This update brings Nougat compatibility. And that's it, really :)

Post has attachment
CF.lumen updated to v3.70

This minor update primarily fixes 'performance mode' of the 'CF.lumen driver' on various Nougat devices. The grayscale filter is now scale from grayscale to normal saturation, instead of a plain toggle.

Changelog
- (c) 2017
- Upgrade grayscale filter from a toggle to a saturation slider
- CF.lumen driver: fix 'performance mode' on Nougat (bypass new linker protections)
- CF.lumen driver: fix darken filter math issue (still doesn't work on invert, though)

Post has attachment
FlashFire v0.55 released

This update brings a lot of bug fixes, improvements, and new features. The latter is mostly related to Pixel devices, though.

There was a pre-release of this version on XDA (v0.54-PRE) a few weeks ago, without much further comment. This post and the changelog includes all the changes in that version as well.

As with any release, if an issue with a previous version of FlashFire has not been solved by this update, please report it again in the XDA thread linked below. Please link to your previous posts in your new post.

Partition layouts with slots

Initial support has been added for devices with multiple copies (slots) of some partitions, such as the new Google Pixel line. Slot management is mostly automatic, but most actions let you manually override the slot the action is performed on.

The new OTA format introduced with these devices is now also supported. Unlike traditional devices, FlashFire will even attempt to intercept the OTA download and launch its GUI to flash it when the download is complete. (It is questionable if this will work on future devices that are not made by Google itself)

File-based encryption

Initial support has been added for the new file-based encryption introduced with Android 7.0, which is the default encryption method for the new Google Pixel line.

Due to how this encryption method works, FlashFire can only be guaranteed to have full access to the data of the primary user. At this time, data of other users will not be backed up or restored.

Additionally, for a backup to be restored in encrypted form, it has to be both made and restored with the device in an encrypted state, and be restore by FlashFire. Restoring on an unencrypted device will always lead to an unencrypted result, as will an emergency restore with TWRP.

OTA ZIPs

Aside from the already mentioned slot-OTA format, a number of issues with handling other OTA formats have been fixed, and support for 'uncrypted' (unencrypted files on an encrypted block device) OTAs has been added.

Magisk

Basic support has been added for using FlashFire on a device with Magisk present, both with SuperSU as well as (only) topjohnwu's mod of superuser. I have only done basic testing, so your mileage may vary.

Read/write access to /system

FlashFire used to auto-detect whether /system was modified, and pre-set some flashing options based on this, if you selected a ZIP or firmware package to flash.

It turns out this detection (based on ext4 lifetime writes) is not completely reliable unless checked immediately after boot. As such, by default /system is now always treated as original. There is now an option in the settings screen to change this behavior.

ZIP intent

By request, I've added the capability for external programs to launch FlashFire and set up flashing a provided ZIP file. See the documentation site for further information.

Links

Google Play:
https://play.google.com/store/apps/details?id=eu.chainfire.flash&hl=en

XDA Developers:
https://forum.xda-developers.com/showthread.php?p=59959596#post59959596

Documentation:
https://flashfire.chainfire.eu/

Direct APK download:
http://download.chainfire.eu/1022/FlashFire/FlashFire-v0.55-20170125213241.apk

Changelog
- (C) 2017
- Improved 32/64 bit handling (fixes some blackscreens)
- Improved handling of devices that have a /vendor partition
- Add initial support for devices with multiple slots
- Add support for uncrypted OTA ZIPs
- Add support for A/B OTA ZIPs
- Add support for file-based encryption backup/restore (primary user only)
- Add additional Pixel partitions
- Add support for Magisk+SuperSU (preliminary)
- Add support for Magisk+phh (topjohnwu version only) (preliminary)
- Add circular icon (Android 7.1)
- Restrict app usage to primary user
- Make treating system/vendor/oem as original a setting (auto-detection is not completely reliable)
- File selection activity now remembers last location
- Fix drawer closing on back button press on tablets like Pixel C
- Fix overlay display visibility on S7@Nougat
- Detect and handle screen scaling on S7@Nougat
- Fix archive scanner freeze when reading password protected ZIPs inside another archive
- Fix seeking issue with custom recovery detector
- Fix archive scanner inconsistency with multiple files targeting the same partition
- Fix archive scanner scanning inside images
- Fix archive creator display inconsistency
- Fix unconditional block update ZIP detection
- Fix busybox/untar not setting SELinux file context on files that already existed
- Hide cache wiping options if no cache partition present
- Restart and re-check for root if root not found initially
- Refactor boot image analysis
- Preserve recovery: option hidden from devices without a dedicated recovery partition
- Replace update_engine service on A/B update devices
- Add intent to flash a specific ZIP file
- Workaround adb restore 'never-finish' issue by using adb push (temporary?)
- Embedded SuperSU updated to v2.79 SR3
- Adjust timebomb for non-Pro users to May 01, 2017

Wait while more posts are being loaded