PlayIntegrityFix/module/service.sh

# Conditional sensitive properties

resetprop_if_diff() {
    local NAME=$1
    local EXPECTED=$2
    local CURRENT=$(resetprop $NAME)

    [ -z "$CURRENT" ] || [ "$CURRENT" == "$EXPECTED" ] || resetprop $NAME $EXPECTED
}

resetprop_if_match() {
    local NAME=$1
    local CONTAINS=$2
    local VALUE=$3

    [[ "$(resetprop $NAME)" == *"$CONTAINS"* ]] && resetprop $NAME $VALUE
}

# Magisk recovery mode
resetprop_if_match ro.bootmode recovery unknown
resetprop_if_match ro.boot.mode recovery unknown
resetprop_if_match vendor.boot.mode recovery unknown

# SELinux
if [ -n "$(resetprop ro.build.selinux)" ]; then
    resetprop --delete ro.build.selinux
fi

# use toybox to protect *stat* access time reading
if [ "$(toybox cat /sys/fs/selinux/enforce)" == "0" ]; then
    chmod 640 /sys/fs/selinux/enforce
    chmod 440 /sys/fs/selinux/policy
fi

# KernelSU handles boot completed state in different file.
if [ -z "$KSU" ] || [ "$KSU" = false ]; then
	{
		# late props which must be set after boot_completed for various OEMs
		until [ "$(resetprop sys.boot_completed)" == "1" ]; do
			sleep 1
		done

		# Avoid breaking Realme fingerprint scanners
		resetprop_if_diff ro.boot.flash.locked 1

		# Avoid breaking Oppo fingerprint scanners
		resetprop_if_diff ro.boot.vbmeta.device_state locked

		# Avoid breaking OnePlus display modes/fingerprint scanners
		resetprop_if_diff vendor.boot.verifiedbootstate green

		# Avoid breaking OnePlus/Oppo display fingerprint scanners on OOS/ColorOS 12+
		resetprop_if_diff ro.boot.verifiedbootstate green
		resetprop_if_diff ro.boot.veritymode enforcing
		resetprop_if_diff vendor.boot.vbmeta.device_state locked
		
		# Restrict permissions to socket file
		chmod 440 /proc/net/unix
	}&
fi
Module scripts fixes/improvements - add back check_resetprop but rename functions to make their use more clear (thanks HuskyDG) - combine system.prop (runs at post-fs-data) entries into service.sh so that they're only set if needed (note that they therefore wouldn't need to be late props) - use a uniform style in all scripts (only necessary quoting and brackets, add trailing newlines, spaces not tabs :P) - remove GMS data pif.prop/pif.json files left over from previous releases to ensure they don't trigger detection at some point (these lines can be removed again in a later release once we're satisfied everyone affected has this resolved) 2023-11-29 06:19:14 +02:00			`# Conditional sensitive properties`
v13.6 2023-11-24 21:58:30 +02:00
Module scripts fixes/improvements - add back check_resetprop but rename functions to make their use more clear (thanks HuskyDG) - combine system.prop (runs at post-fs-data) entries into service.sh so that they're only set if needed (note that they therefore wouldn't need to be late props) - use a uniform style in all scripts (only necessary quoting and brackets, add trailing newlines, spaces not tabs :P) - remove GMS data pif.prop/pif.json files left over from previous releases to ensure they don't trigger detection at some point (these lines can be removed again in a later release once we're satisfied everyone affected has this resolved) 2023-11-29 06:19:14 +02:00			`resetprop_if_diff() {`
			`local NAME=$1`
			`local EXPECTED=$2`
			`local CURRENT=$(resetprop $NAME)`
v13.6 2023-11-24 21:58:30 +02:00
Module scripts fixes/improvements - add back check_resetprop but rename functions to make their use more clear (thanks HuskyDG) - combine system.prop (runs at post-fs-data) entries into service.sh so that they're only set if needed (note that they therefore wouldn't need to be late props) - use a uniform style in all scripts (only necessary quoting and brackets, add trailing newlines, spaces not tabs :P) - remove GMS data pif.prop/pif.json files left over from previous releases to ensure they don't trigger detection at some point (these lines can be removed again in a later release once we're satisfied everyone affected has this resolved) 2023-11-29 06:19:14 +02:00			`[ -z "$CURRENT" ] \|\| [ "$CURRENT" == "$EXPECTED" ] \|\| resetprop $NAME $EXPECTED`
v13.6 2023-11-24 21:58:30 +02:00			`}`
New update :D 2023-11-30 19:28:01 +02:00
Module scripts fixes/improvements - add back check_resetprop but rename functions to make their use more clear (thanks HuskyDG) - combine system.prop (runs at post-fs-data) entries into service.sh so that they're only set if needed (note that they therefore wouldn't need to be late props) - use a uniform style in all scripts (only necessary quoting and brackets, add trailing newlines, spaces not tabs :P) - remove GMS data pif.prop/pif.json files left over from previous releases to ensure they don't trigger detection at some point (these lines can be removed again in a later release once we're satisfied everyone affected has this resolved) 2023-11-29 06:19:14 +02:00			`resetprop_if_match() {`
			`local NAME=$1`
			`local CONTAINS=$2`
			`local VALUE=$3`

			`[[ "$(resetprop $NAME)" == "$CONTAINS" ]] && resetprop $NAME $VALUE`
			`}`

v13.6 2023-11-24 21:58:30 +02:00			`# Magisk recovery mode`
Module scripts fixes/improvements - add back check_resetprop but rename functions to make their use more clear (thanks HuskyDG) - combine system.prop (runs at post-fs-data) entries into service.sh so that they're only set if needed (note that they therefore wouldn't need to be late props) - use a uniform style in all scripts (only necessary quoting and brackets, add trailing newlines, spaces not tabs :P) - remove GMS data pif.prop/pif.json files left over from previous releases to ensure they don't trigger detection at some point (these lines can be removed again in a later release once we're satisfied everyone affected has this resolved) 2023-11-29 06:19:14 +02:00			`resetprop_if_match ro.bootmode recovery unknown`
			`resetprop_if_match ro.boot.mode recovery unknown`
			`resetprop_if_match vendor.boot.mode recovery unknown`
v13.6 2023-11-24 21:58:30 +02:00
Module scripts fixes/improvements - add back check_resetprop but rename functions to make their use more clear (thanks HuskyDG) - combine system.prop (runs at post-fs-data) entries into service.sh so that they're only set if needed (note that they therefore wouldn't need to be late props) - use a uniform style in all scripts (only necessary quoting and brackets, add trailing newlines, spaces not tabs :P) - remove GMS data pif.prop/pif.json files left over from previous releases to ensure they don't trigger detection at some point (these lines can be removed again in a later release once we're satisfied everyone affected has this resolved) 2023-11-29 06:19:14 +02:00			`# SELinux`
Move props that need to be changed earlier into post-fs-data.sh 2023-11-29 18:49:52 +02:00			`if [ -n "$(resetprop ro.build.selinux)" ]; then`
			`resetprop --delete ro.build.selinux`
Fix JSON parsing, less libs size and few code updates! 2023-11-29 11:10:07 +02:00			`fi`
New update :D 2023-11-30 19:28:01 +02:00
Module scripts fixes/improvements - add back check_resetprop but rename functions to make their use more clear (thanks HuskyDG) - combine system.prop (runs at post-fs-data) entries into service.sh so that they're only set if needed (note that they therefore wouldn't need to be late props) - use a uniform style in all scripts (only necessary quoting and brackets, add trailing newlines, spaces not tabs :P) - remove GMS data pif.prop/pif.json files left over from previous releases to ensure they don't trigger detection at some point (these lines can be removed again in a later release once we're satisfied everyone affected has this resolved) 2023-11-29 06:19:14 +02:00			`# use toybox to protect stat access time reading`
			`if [ "$(toybox cat /sys/fs/selinux/enforce)" == "0" ]; then`
v13.7 2023-11-25 03:13:22 +02:00			`chmod 640 /sys/fs/selinux/enforce`
			`chmod 440 /sys/fs/selinux/policy`
			`fi`

v14.2.1 2023-12-11 01:22:38 +02:00			`# KernelSU handles boot completed state in different file.`
Fix code 2023-12-07 14:53:00 +02:00			`if [ -z "$KSU" ] \|\| [ "$KSU" = false ]; then`
			`{`
			`# late props which must be set after boot_completed for various OEMs`
v14.2.1 2023-12-11 01:22:38 +02:00			`until [ "$(resetprop sys.boot_completed)" == "1" ]; do`
Fix code 2023-12-07 14:53:00 +02:00			`sleep 1`
			`done`

			`# Avoid breaking Realme fingerprint scanners`
			`resetprop_if_diff ro.boot.flash.locked 1`

			`# Avoid breaking Oppo fingerprint scanners`
			`resetprop_if_diff ro.boot.vbmeta.device_state locked`

			`# Avoid breaking OnePlus display modes/fingerprint scanners`
			`resetprop_if_diff vendor.boot.verifiedbootstate green`

			`# Avoid breaking OnePlus/Oppo display fingerprint scanners on OOS/ColorOS 12+`
			`resetprop_if_diff ro.boot.verifiedbootstate green`
			`resetprop_if_diff ro.boot.veritymode enforcing`
			`resetprop_if_diff vendor.boot.vbmeta.device_state locked`
v14.7 2023-12-22 21:10:12 +02:00
			`# Restrict permissions to socket file`
			`chmod 440 /proc/net/unix`
Fix code 2023-12-07 14:53:00 +02:00			`}&`
			`fi`