Next Android version: even more breakage

A while ago, I already reported on the state of AOSP and its repercussions for root apps - https://plus.google.com/+Chainfire/posts/Lyhjzu1z9s1

With 4.4.3 (or 4.5, or ...) expected to be released very soon, it was time to take another look at the state of AOSP, and it appears there are changes aplenty! Of course, current AOSP is not the same as stock 4.4.3, so some things may yet change - though I don't really expect them to.

SuperSU

Let's get this out of the way first - I have built a new version of SuperSU (v1.97) with all the massive changes required to work on the latest AOSP builds. It is linked in the box below, or you can click here - http://download.chainfire.eu/supersu

I am not spreading this version through Play just yet, but I encourage all tech-savvy users to give it a shot and report back issues, not just for AOSP builds but also for older common firmwares.

I have tested this build on over a dozen devices running various Android revisions in various states, and it all worked for me. The first rule of Android development thus guarantees that there will be a lot of breakage and it will crash for absolutely everyone - so don't forget to report those problems.

The XDA thread for SuperSU can be found here - http://forum.xda-developers.com/showthread.php?t=1538053 - and is the preferred location for feedback. G+ comments do not work as well for bug reports.

Of course, my How-To SU guide - http://su.chainfire.eu/ - has also been updated with the changes, and aside from the rest of this post, I would urge every developer to re-read the SELinux section.

SELinux on steroids

In my previous post on this subject, I already mentioned the need for root apps to switch contexts for certain situations. The method I used then no longer works on AOSP (it was already broken on Samsung's latest 4.4 stock firmwares as well), but the relevant code for the -cn/--context su parameter has been replaced with a version that does work again - and is much, much more complex.

Context switching is becoming much more important for root apps, as SELinux policies have been made significantly more secure. For example, executing code in /data as root doesn't work in the default context, and calling Java-based code (like 'am' and 'pm') should no longer be done from the default context either, as things will break in new and exciting ways; apps contacting daemons using sockets as IPC mechanism no longer work out-of-the-box; the list goes on - the How-To SU guide has details on these issues and on how to switch contexts to solve them.

Thanks to these changes, SuperSU has gained some more binaries in its installation, so if you are doing custom ROMs with integrated SuperSU, be sure to look at the new flashable ZIP and copy the changes/additions.

Additionally, the SuperSU daemon now must run as the init context (not the init_shell or whatever context), or things will not work correctly. This was always the way it was meant to be, but I know this is not the case on some custom ROMs.

ART

It seems ART is now the default setting in AOSP. It remains to be seen if that is carried over to production firmwares, but it creates some issues for root apps.

Above I detailed the need to call Java-based code like 'am' and 'pm' from a different context. Of course, existing root apps don't yet do this. If you're running Dalvik, some of the 'am' and 'pm' options still work without issue, and some simply don't work at all. If you're running ART though, the combination of SELinux restrictions and the immaturity of ART can cause crashes that take down the entire system.

That's right - the wrong call to for example 'am' will crash Android entirely and ultimately lead to a reboot. Not to mention that it will then also have to re-optimize all the packages (snore). Maybe this will be fixed before official release of 4.4.3, but I wouldn't count on it, as these crashes never happen outside of root apps.

As such, I would advise early adopters of root apps on 4.4.3 to run Dalvik for the moment, and for developers to make haste testing with ART on current AOSP builds.

PIE

It also appears PIE (Position-Independent Executable) is now a requirement. Non-statically built executables must be PIE, or they will not run at all (even if switched to the right context).

PIE has been supported since Android 4.1. So this means that if you are not using statically built executables, you need to provide a PIE and a non-PIE version if you want to support both pre-4.1 and post-4.4.2.

Note that the NDK's Application.mk's APP_PIE option can be used to enable building your executable as a PIE.

For a lot of root apps this is not a problem, as they come with statically linked executables (if any), which still work. But some apps will definitely choke on this.

Conclusion

This version of SuperSU took quite a bit longer to update than I had expected. For most apps, work-arounds (if needed) will not be very complicated. Unfortunately, most of the simple work-arounds were not viable for SuperSU and all it's edge cases - they would seem to mostly work, but then I'd run into a needed case where it didn't - repeatedly. Granted, I didn't know that much about SELinux when I started out - and now I feel I know more about it than any sane person could want ... live and learn!

Either way, these additional changes made in AOSP since the last time I looked mean that a lot more root apps will need updating than I initially thought - still by no means all of them, but certainly a lot of them.

Let's get to it!
Shared publiclyView activity