Texas2607
Administrateur
- Inscrit
- 5 Février 2012
- Messages
- 14 429
- Points
- 113
- #1 001
Hello les z'amis,
Merci pour les infos :wink:
Merci pour les infos :wink:
WHAT'S NEW
21.01.2016 - v2.67 - BETA
- (systemless) Improved deep sleep fix for Samsung 5.1+
- (systemless) Added fallback method to mounting /su on system boot
- supolicy: fix bug copying system_server capabilities to init
- supolicy: replaced transitions: copy capabilities and attributes, silence audits
- supolicy: work-around shell-based services being executed as undefined_service on Samsung 5.1+
- sukernel: refuse to patch ChromeOS boot image
- FSTABSYSTEMRW: flag removed; worked around remount /system r/w issue
- ZIP: improved handling of loop devices
- ZIP: detect boot image partition being a symlink to a file on /data, and skip wipe if so
- Updated translation files
Titi2B a dit:Bsr Sky, pour une fois suis plus rapide, tu prends de la bouteille . . .
MerciNetsky75 a dit:Salut les gars,
Sortie de SuperSU v2.65 Final Stable
WHAT'S NEW
Added the ability to backup/restore/change the device’s Android ID on Android 6.0 Marshmallow.
Updated translations.
28.02.2016 - v2.68 - BETA
- su: Add -mns/--mount-namespace option
- su: Fix issue with sdcard on Note4/5.1
- sukernel: Fix issue where writing to /dev could truncate early at 64k barriers
- supolicy: Fix logcat issue on Omni/CM/etc
- supolicy: Disable AUDITDENY entries, to make debugging easier for devs
- supolicy: extend fake-permissive to work with new Samsung firmwares
- ZIP: Fix TWRP log truncating and screen output on installs embedded in other ZIPs
- ZIP: Improve loopback device setup handling
- ZIP: Add PERMISSIVE flag
- ZIP: Move variable reading to after /system and /data have been mounted
- ZIP: Added call to custom patcher script, if any (/data/custom_ramdisk_patch.sh)
- ZIP: chmod 0751 /su/bin
dug30 a dit:Merci ! !
On a des retours ?
Quelqu'un l'a testé ?
2016.03.22 - v0.29 - BETA
- Fix some compatibility issues with N Preview
- Fix app_process causing a reboot during startup
- Fix bug which could cause flashing /system to freeze
- Improve partition detection size accuracy
- Reduce app startup time
- Reduce time taken to switch to flash mode
- Add option to format /cache (wipe action)
- Improve external sdcard compatibility
- Improve adopted storage compatibility
- Improve USB drive compatibility
- Add additional OTA paths for NVidia
- Improve partition platform detection
- Add support for backing up internal storage (excludes FlashFire, TWRP and CWM backups)
- Fix error when opening bootloader image not wrapped in an archive
- Add setting to enable flashing primary and secondary bootloaders (automatically disabled)
- EverRoot: "Enable ADB" no longer enabled by default
WHAT'S NEW
2016.03.31 - v0.30 - BETA
- Exclude TitaniumBackup folder from internal storage backup as well
- Add location (internal storage, sd card, USB drive, ...) to backup listing
- Improve compatibility with StickMount-based USB mounts
- Fix a number of issues that could cause reboot while switching to flash mode
- Fix display brightness on some devices
- Framebuffer emulation for AROMA Installer (pretends to be a debugger, hijacks graphics calls)
- Fix bug where cache partition could lose data
- Complete refactor of flash mode code
- Improve Samsung CSC handling
- Fix bug where internal storage mounting could fail if external (sdcard/usb) storage present
- Update embedded SuperSU to v2.71
2016.04.20 - v0.32 - BETA - RELEASE NOTES
- Exclude multirom folder from internal storage backup as well
- Ability to create fastboot flashable backups (read the release notes!)
- Use proper ioctls for partition and block size detection
- Added option to backup recovery before installing ZIP/OTA and restoring it afterwards (automatically enabled when a custom recovery is detected)
- Added a watchdog to detect SurfaceFlinger crashes, fixes some black screen issues
- Prevent repeating OTA flash suggestion on rotate
- Added credits listing
2016.04.05 - v0.31 - BETA - RELEASE NOTES
- Exclude usbStorage folder from internal storage backup as well
- Switched to multi-threaded lz4 implementation (much faster backup/restore)
- Replace gzip with pigz in flash mode
- Set umask to 0 in flash mode
- Use tmpfs for /tmp
- Fix several other issues preventing flash mode from starting (reboots)
- Fix bug in TWRP restore listing (warning: old backups may not restore in TWRP !)
- Fix files present in firmware packages not being shown if the partition cannot be found
- Fix sdcard daemon running multiple times and eating CPU for no reason
- AROMA: prevent reboot call
- AROMA: only do framebuffer emulation if AROMA is actually detected, to prevent running intoS'il vous plaît, Connexion ou S'inscrire pour voir le contenu ou les urls !
Unfortunately SuperSU did not work on the Note7 (Exynos) out-of-the-box. As its release has been delayed in my country, we've had to resort to remote debugging, which is slow and frustrating. But, thanks to the ever helpful Dr.Ketan and SeraphSephiroth we finally got it working.
New exploit protections
As isn't uncommon with Samsung, they've built-in some new (and arguably ineffective to actual exploits) protections directly to the kernel code, that cannot be turned off by just modifying the boot image ramdisk.
This time, they've decided to kernel panic in case a 'priviliged' process (uid or gid below or equal to 1000, so this includes root and system processes) creates another process that isn't stored in /system or rootfs. SuperSU itself does this, but so do a great many root apps. Any time this happens: immediate reboot.
I'm not going to elaborate why in my opinion this is a fairly useless protection exploit-wise, but needless to say it is fairly bothersome for the normal root user, which is probably a lot more relevant for the average reader here.
Unfortunately - unlike many of the security features developed by Google - this feature is not easily disabled by modifying initramfs (boot image ramdisk), and requires further trickery to bypass.
Maybe a better bypass is yet to by found, but for the time being, I have resorted to patching the check inside the kernel itself when the systemless SuperSU boot image is created. This prevents the user from needing a custom source-built kernel, but it's questionable how long this hex patch will work. The code that performs this patch is fairly trivial - it may keep working the rest of the Note7's lifetime, or stop working the next update.
In other words, this could end up being resource intensive to support, or not. We don't know yet. We have to wait and see what Samsung is going to do.
Bearer of bad news
We know S and Note development are generally strongly related, so we should assume to see the same 'protections' appear in the S7 sooner or later as well. This is probably the (ugly) way forward.
Workarounds
Aside from the binary/hex patch SuperSU employs (see common/hexpatch inside the ZIP), there are some more ways to get around this protection.
If you're compiling kernels from source, it seems that setting CONFIG_RKP_NS_PROT=n gets rid of these protections. You may want to disable other RKP and TIMA settings as well, but that is the one directly relating to this issue.
This protection also disables itself in recovery mode, so simply copying a boot image with these protections to the recovery partition and rebooting into recovery (which will then just launch Android) will work beautifully as well.
CF-Auto-Root
The test CFARs I have made so far for the Note7 have not worked, so since both TWRP and SuperSU ZIPs are already available for this device, I'm dropping CFAR development until I have a device in-hand.
WHAT'S NEW
15.09.2016 - v2.78 - SR1
- subinary: Adjust app_process detection with manipulated mount namespaces
- subinary: Adjust Zygote PID detection to prefer 64-bit
- subinary: Fix possible NPE in LD_PRELOAD sanitization
- subinary: In systemless mode, ensure PATH contains /su/bin and /su/xbin
- supolicy: Ensure zero-on-alloc for new rules
- supolicy: Fix parsing allowxperm with multiple sources/targets in a single definition
- ZIP/Systemless: Give su.d 60 seconds to execute (from 4 seconds)
laupuy a dit:Hello,
mise à jour SuperSu 2.78 SR2
téléchargement:S'il vous plaît, Connexion ou S'inscrire pour voir le contenu ou les urls !
changelog: SuperSU changelog
- File-based-encryption support
- CCMT: Add privacy policy dialog
- CCMT: Update translation files
- su+gui: support /system_root paths
- sukernel: add kernel binary extract/replace
- sukernel: add kernel cmdline extract/replace
- sukernel: add system_root import
- sukernel: add slot-kernel patch
- sukernel: support /boot paths
- suinit: new binary component
- launch_daemonsu: restructure to support /su in initramfs or system_root
- ZIP: Support systemless on 5.0 (requires 3rd party patches)
- ZIP: Support for A/B slot systems with / inside system partition
source:S'il vous plaît, Connexion ou S'inscrire pour voir le contenu ou les urls !
@+