Add boot timing and AVB/Play Integrity evasion
Boot timing system defers all modifications until after Play Integrity first attestation completes. Monitors DroidGuard (com.google.android.gms.unstable) CPU activity to detect attestation window. PI watcher daemon auto-hides mods during periodic re-checks — unmounts spoofs, removes non-stock props, ensures boot state reads green/locked/enforcing, then re-applies after check finishes. post-fs-data.sh cleaned to only set stock-safe props during early boot. KernelSU version props hidden. WebUI boot timing panel with hide/unhide controls.
This commit is contained in:
sssnake
@@ -1,17 +1,37 @@
|
||||
#!/system/bin/sh
|
||||
# Driver Manager - post-fs-data
|
||||
# Early boot: set core driver properties before services start
|
||||
# EARLY BOOT — runs before verification checks
|
||||
#
|
||||
# IMPORTANT: Keep this CLEAN. Only set props that already exist
|
||||
# on stock or that won't trigger root/mod detection.
|
||||
# All custom/non-stock props are deferred to service.sh (after PI).
|
||||
|
||||
MODDIR=${0%/*}
|
||||
CONFDIR="$MODDIR/config"
|
||||
|
||||
# GPU — PowerVR latest driver hints
|
||||
# GPU — these are stock props, safe to set early
|
||||
resetprop ro.hardware.egl powervr
|
||||
resetprop ro.hardware.vulkan powervr
|
||||
resetprop graphics.gpu.profiler.support true
|
||||
|
||||
# OpenCL compute
|
||||
resetprop vendor.powervr.opencl.allowfp16 1
|
||||
resetprop vendor.powervr.opencl.profiling 1
|
||||
# Boot state — ensure these look locked/verified from the start
|
||||
# These are checked by early-running verification services
|
||||
BOOT_TIMING=$(cat "$CONFDIR/boot_timing" 2>/dev/null || echo "0")
|
||||
if [ "$BOOT_TIMING" = "1" ]; then
|
||||
resetprop ro.boot.verifiedbootstate green
|
||||
resetprop ro.boot.flash.locked 1
|
||||
resetprop ro.boot.vbmeta.device_state locked
|
||||
resetprop ro.boot.veritymode enforcing
|
||||
resetprop ro.build.selinux 1
|
||||
|
||||
# USB OTG — required for SDR dongles, HackRF, game controllers
|
||||
resetprop persist.sys.usb.otg 1
|
||||
# Hide KernelSU props if they exist
|
||||
resetprop --delete ro.kernelsu.version 2>/dev/null
|
||||
resetprop --delete ro.kernelsu.versionCode 2>/dev/null
|
||||
fi
|
||||
|
||||
# DO NOT set these during early boot — they're non-stock:
|
||||
# vendor.powervr.opencl.allowfp16
|
||||
# vendor.powervr.opencl.profiling
|
||||
# persist.sys.usb.otg
|
||||
# input.gamepad.enabled
|
||||
# bluetooth.le.no_location_permission_scan
|
||||
# These are applied later by service.sh or boot_timing.sh
|
||||
|
||||
Reference in New Issue
Block a user