mirror of
https://github.com/chiteroman/PlayIntegrityFix.git
synced 2025-01-19 03:22:39 +02:00
1a9eb9d2e7
- add back check_resetprop but rename functions to make their use more clear (thanks HuskyDG) - combine system.prop (runs at post-fs-data) entries into service.sh so that they're only set if needed (note that they therefore wouldn't need to be late props) - use a uniform style in all scripts (only necessary quoting and brackets, add trailing newlines, spaces not tabs :P) - remove GMS data pif.prop/pif.json files left over from previous releases to ensure they don't trigger detection at some point (these lines can be removed again in a later release once we're satisfied everyone affected has this resolved)
69 lines
1.9 KiB
Bash
69 lines
1.9 KiB
Bash
# Conditional sensitive properties
|
|
|
|
resetprop_if_diff() {
|
|
local NAME=$1
|
|
local EXPECTED=$2
|
|
local CURRENT=$(resetprop $NAME)
|
|
|
|
[ -z "$CURRENT" ] || [ "$CURRENT" == "$EXPECTED" ] || resetprop $NAME $EXPECTED
|
|
}
|
|
resetprop_if_match() {
|
|
local NAME=$1
|
|
local CONTAINS=$2
|
|
local VALUE=$3
|
|
|
|
[[ "$(resetprop $NAME)" == *"$CONTAINS"* ]] && resetprop $NAME $VALUE
|
|
}
|
|
|
|
# RootBeer, Microsoft
|
|
resetprop_if_diff ro.build.tags release-keys
|
|
|
|
# Samsung
|
|
resetprop_if_diff ro.boot.warranty_bit 0
|
|
resetprop_if_diff ro.vendor.boot.warranty_bit 0
|
|
resetprop_if_diff ro.vendor.warranty_bit 0
|
|
resetprop_if_diff ro.warranty_bit 0
|
|
|
|
# OnePlus
|
|
resetprop_if_diff ro.is_ever_orange 0
|
|
|
|
# Other
|
|
resetprop_if_diff ro.build.type user
|
|
resetprop_if_diff ro.debuggable 0
|
|
resetprop_if_diff ro.secure 1
|
|
|
|
# Magisk recovery mode
|
|
resetprop_if_match ro.bootmode recovery unknown
|
|
resetprop_if_match ro.boot.mode recovery unknown
|
|
resetprop_if_match vendor.boot.mode recovery unknown
|
|
|
|
# SELinux
|
|
resetprop --delete ro.build.selinux
|
|
# use toybox to protect *stat* access time reading
|
|
if [ "$(toybox cat /sys/fs/selinux/enforce)" == "0" ]; then
|
|
chmod 640 /sys/fs/selinux/enforce
|
|
chmod 440 /sys/fs/selinux/policy
|
|
fi
|
|
|
|
# SafetyNet/Play Integrity
|
|
{
|
|
# late props which must be set after boot_completed for various OEMs
|
|
until [ "$(getprop sys.boot_completed)" == "1" ]; do
|
|
sleep 1
|
|
done
|
|
|
|
# Avoid breaking Realme fingerprint scanners
|
|
resetprop_if_diff ro.boot.flash.locked 1
|
|
|
|
# Avoid breaking Oppo fingerprint scanners
|
|
resetprop_if_diff ro.boot.vbmeta.device_state locked
|
|
|
|
# Avoid breaking OnePlus display modes/fingerprint scanners
|
|
resetprop_if_diff vendor.boot.verifiedbootstate green
|
|
|
|
# Avoid breaking OnePlus/Oppo display fingerprint scanners on OOS/ColorOS 12+
|
|
resetprop_if_diff ro.boot.verifiedbootstate green
|
|
resetprop_if_diff ro.boot.veritymode enforcing
|
|
resetprop_if_diff vendor.boot.vbmeta.device_state locked
|
|
}&
|