Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Android 14 support #45

Merged
merged 6 commits into from
Sep 25, 2023
Merged

Android 14 support #45

merged 6 commits into from
Sep 25, 2023

Conversation

sfionov
Copy link
Member

@sfionov sfionov commented Sep 23, 2023

Problem and solution

Android 14 changed the place of system certificates from /system/etc/security/cacerts to /apex/com.android.conscrypt/cacerts. The benefit is that APEX may be installed independently from system.

But there is a problem - Magisk does not inject module files into /apex directory.

So we do not rely to Magisk file injection and instead use our own tmpfs clone.

Thanks to blog of "HTTP Toolkit" for some ideas, even though our solution is slightly different.

Why module copying and other magic should be done in post-fs-data boot phase?

In last Android releases, there are mount namespaces, that are cloned for every process, so it is difficult to setup bind mounts after system boot. So any interventions should be done before boot phase (on post-fs-data phase).

Resolves #32

@aussiebro
Copy link

aussiebro commented Sep 24, 2023

I think you had written the update wrong. I added the text to my post fs data file and zipped the module and reflashed and it didn't work. I looked through postfs data and changes the directory lines from

Clone directory into tmpfs

mkdir -p /data/local/tmp-ca-copy
mount -t tmpfs tmpfs /data/local/tmp/tmp-ca-copy
cp -f /apex/com.android.conscrypt/cacerts/* /data/local/tmp/tmp-ca-copy

To

Clone directory into tmpfs

mkdir -p /data/local/tmp/tmp-ca-copy/
mount -t tmpfs tmpfs /data/local/tmp/tmp-ca-copy/
cp -f /apex/com.android.conscrypt/cacerts/* /data/local/tmp/tmp-ca-copy/

Use must have miss written it. The module now works for me on a14 newest beta.

I found out from the log file it said the folder wasn't found tmp copy ca

@sfionov
Copy link
Member Author

sfionov commented Sep 24, 2023

@aussiebro Thanks! It worked for me because /data/local/tmp/tmp-ca-copy was already existed

@aussiebro
Copy link

aussiebro commented Sep 24, 2023

here is the updated zip for any one that doesnt know how to update the module
https://drive.google.com/file/d/1G9jPQWUnNHxwrXz3FS0BGFB4rEBHFWe2/view?usp=sharing

not sure if its aloud. i can remove though if asked though.

edit i see your updated script removed the old folder cool i didnt think of that my upload doesnt include that line i am actually abit of a noob to magisk scripts. i just manually deleted that folder with a root explorer.

@sfionov sfionov requested a review from Versty September 25, 2023 08:43
@sfionov sfionov merged commit 1cf67da into master Sep 25, 2023
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

Doesn't work with Android 14 beta 3
5 participants