init: Set properties to make SafetyNet pass (!3) · Merge requests · e / os / android_system_core

Jonathan Klee requested to merge safetynet-r into v1-r Mar 10, 2022

Description

Google's SafetyNet integrity checks will check the values of these properties when performing basic attestation. Setting fake values helps us pass basic SafetyNet with no Magisk Hide or kernel patches necessary.

Note that these properties need to be set very early, before parsing the kernel command-line, as they are read-only properties that the bootloader sets using androidboot kernel arguments. The bootloader's real values cause SafetyNet to fail with an unlocked bootloader and/or custom software because the verified boot chain is broken in that case.

Issues

https://gitlab.e.foundation/e/backlog/-/issues/4353

https://gitlab.e.foundation/e/backlog/-/issues/4356

https://gitlab.e.foundation/e/backlog/-/issues/4357

Edited Mar 10, 2022 by Jonathan Klee

init: Set properties to make SafetyNet pass

Description

Issues

Merge request reports