Magisk Patched Unofficial GrapheneOS for the Pixel 6 / 6 Pro (oriole/raven)
This ROM will allow you to lock the boot loader. Do not ever disable the OEM unlocking checkbox when using a locked bootloader with root.
This is critically important. With root access, it is possible to corrupt the running system, for example by zeroing out the boot partition.
In this scenario, if the checkbox is turned off, both the OS and recovery mode will be made unbootable and fastboot flashing unlock will not be allowed.
This effectively renders the device hard bricked.
I am not responsible for any harm you may do to your device, follow at your own risk etc etc, Rooting your device can potentially introduce security flaws, I am not claiming this to be secure. If you would like to have more security and peace of mind then I highly recommend you follow This Guide to build this rom using your own encryption keys.
GrapheneOS is a privacy and security focused mobile OS with Android app compatibility developed as a non-profit open source project. It's focused on the research and development of privacy and security technology including substantial improvements to sandboxing, exploit mitigations and the permission model. It was founded in 2014 and was formerly known as CopperheadOS.
The features page provides an overview of the substantial privacy and security improvements added by GrapheneOS to the Android Open Source Project (AOSP). Many of the past features were contributed to AOSP, Linux and other projects to improve privacy and security for billions of users so they're no longer listed on the features page.
More info:
Official releases are available on the releases page (Not Magisk Patched) and installation instructions are on the install page.
GrapheneOS also develops various apps and services with a focus on privacy and security. Vanadium is a hardened variant of the Chromium browser and WebView specifically built for GrapheneOS. GrapheneOS also includes our minimal security-focused PDF Viewer, our hardware-based Auditor app / attestation service providing local and remote verification of devices, our modern privacy / security focused camera app, and the externally developed Seedvault encrypted backup which was initially developed for inclusion in GrapheneOS.
No Google apps or servicesGrapheneOS will never include either Google Play services or another implementation of Google services like microG. It's possible to install Play services as a set of fully sandboxed apps without special privileges via our sandboxed Google Play compatibility layer. See the FAQ section for more details on our plans for filling in the gaps from not shipping Play services and Google apps.
Installation Instructions: Fashing-factory-image
Locking the bootloader is Optional but does increase the device security Locking-the-bootloader
Update Instructions: simply follow these instructions Updates-sideloading to sideload the latest patched OTA update package (You can update from any previous version if using full ota update)
Android OS Version: 13
Current Version: See Post #2
Download: See Post #2
Sources: GrapheneOS - AVBRoot - Magisk - Patch Guide
PayPal Donation Link
Builds for Pixel 6 Pro (Raven)
Magisk-Patched GrapheneOS Factory Install Build
Full system install builds for clean and new installs
Build based on release#2023061402 (2023-06-14)
SourceForge_Download
Build based on release#2023050100 (2023-05-01)
SourceForge_Download
Build based on release#2023041100 (2023-04-11)
SourceForge_Download
Build based on release#2023032000 (2023-03-20)
SourceForge_Download
Build based on release#2023022300 (2023-02-23)
SourceForge_Download
Build based on release#2023020600 (2023-02-06)
SourceForge_Download
Build based on release#2023020200 (2023-02-02)
SourceForge_Download
Build based on release#2023012500 (2023-01-25)
SourceForge_Download
Build based on release#2023011000 (2023-01-10)
SourceForge_Download
Build based on release#2023010300 (2023-01-03)
Anonfiles Download | 1fichier Download | SourceForge_Download
Build based on release#2022122000 (2022-12-20)
Anonfiles Download | 1fichier Download
Build based on release#2022121400 (2022-12-14)
Anonfiles Download | 1fichier Download
Build based on release#2022121100 (2022-12-11)
Anonfiles Download | 1fichier Download
Build based on release#2022120300 (2022-12-03)
Anonfiles Download | 1fichier Download
Build based on release#2022113000 (2022-11-30)
Anonfiles Download
Build based on release#2022112500 (2022-11-25)
Anonfiles Download
Build based on release#2022111800 (2022-11-18)
Anonfiles Download
Build based on release#2022111000 (2022-11-10)
Anonfiles Download
Build based on release#2022101800 (2022-10-18)
Anonfiles Download
Click to expand...
Click to collapse
Magisk Patched OTA Update packages
Full OTA Builds will let you update from any older version
Patched OTA based on release#2023061402 (2023-06-14)
SourceForge_Download
Patched OTA based on release#2023050100 (2023-05-01)
SourceForge_Download
Patched OTA based on release#2023041100 (2023-04-11)
SourceForge_Download
Patched OTA based on release#2023032000 (2023-03-20)
SourceForge_Download
Patched OTA based on release#2023022300 (2023-02-23)
SourceForge_Download
Patched OTA based on release#2023020600 (2023-02-06)
SourceForge_Download
Patched OTA based on release#2023020200 (2023-02-02)
SourceForge_Download
Patched OTA based on release#2023012500 (2023-01-25)
SourceForge_Download
Patched OTA based on release#2023011000 (2023-01-10)
SourceForge_Download
Patched OTA based on release#2023010300 (2023-01-03)
Anonfiles Download | 1fichier_Download | SourceForge_Download
Patched OTA based on release#2022122000 (2022-12-20)
Anonfiles Download | 1fichier_Download
Patched OTA based on release#2022121400 (2022-12-14)
Anonfiles Download | 1fichier Download
Patched OTA based on release#2022121100 (2022-12-11)
Anonfiles Download | 1fichier Download
Patched OTA based on release#2022120300 (2022-12-03)
Anonfiles Download | 1fichier Download
Patched OTA based on release#2022113000 (2022-11-30)
Anonfiles Download
Patched OTA based on release#2022112500 (2022-11-25)
Anonfiles Download
Patched OTA based on release#2022111800 (2022-11-18)
Anonfiles Download
Patched OTA based on release#2022111000 (2022-11-10)
Anonfiles Download
Patched OTA based on release#2022110800 (2022-11-08)
Anonfiles Download
Click to expand...
Click to collapse
Builds for Pixel 6 (oriole)
Always do a backup of your data before flashing any updates, just in case.
I make no promises that this works or that I will provide regular updates. I will attempt to provide updates when they are available and I have time, you may have issues with this rom, you could lose your data or brick your device (although it's very unlikely if you follow the instructions and use common sense)
#Reserved
Isn't there already an official build for graphene for Raven?
iBe.Jacob said:
Isn't there already an official build for graphene for Raven?
Click to expand...
Click to collapse
Yes. But not for a rooted version of it.
New Release 2022111800
Changes since the 2022111000 release:
don't skip ahead-of-time (AOT) compilation of apps that weren't recently used since we depend on full AOT compilation being done for performance rather than JIT compilation with background JIT profile guided AOT compilation like Android
battery usage UI: use fallback name for unknown components
change minimal value of battery saver schedule to 5% again as it was before Android 13
enable the post-upgrade "Optimizing apps" progress indication UI
app crash UI: show process uptime and optional extra text
Sandboxed Google Play compatibility layer: show version of GmsCompatConfig in the crash UI
Sandboxed Google Play compatibility layer: stop splitting multi-package PackageInstaller sessions
Sandboxed Google Play compatibility layer: improve handling of activity starts
Sandboxed Google Play compatibility layer: bugfix: Parcel position wasn't reset by dynamic stubs
Sandboxed Google Play compatibility layer: bugfix: missing handling of ListSlices in dynamic stub
GmsCompatConfig: make sure Play Store PhenotypeFlags are overridable by Gservices flags (further deterring Play Store trying to update Play services / Play Store beyond supported versions)
Pixel 7, Pixel 7 Pro (adevtool): drop unused face unlock components since we have no plans to enable support for an insecure face unlock implementation incapable providing reasonable security due to lack of dedicated face unlock hardware (Pixel 4 and Pixel 4 XL had dual infrared cameras, IR dot projector and IR flood illuminator providing a more secure biometric unlock system than fingerprint unlock as opposed to simply using the front camera in a way that could be done on any device)
Pixel 4, Pixel 4 XL, Pixel 4a, Pixel 4a (5G), Pixel 5, Pixel 5a, Pixel 6, Pixel 6 Pro, Pixel 7, Pixel 7 Pro: include gril library to avoid qns crash on Pixel 7 and Pixel 7 Pro
Pixel 7, Pixel 7 Pro: include vendor_kernel_boot partition requirement in factory images metadata to force an error with an incompatible fastboot such as the currently buggy Arch Linux package
kernel (Pixel 6, Pixel 6 Pro, Pixel 6a, Pixel 7, Pixel 7 Pro): update GKI to Linux 5.10.150
Auditor: update to version 66
Click to expand...
Click to collapse
Download in Post #2
I don't see a real value in locking the bootloader. In theory, the only thing it protects is undetectable modification being made when the device is out of your direct control. However, strong security practices require you to assume that *anything* could have been done to the device when it is outside of your direct control, so the "security" you get from the locked bootloader is artificial.
ANY time a device leaves your physical control, you have to assume it to be compromised. No exceptions.
I would also like to point out that, no offense to OP, but using a "high security" operating system that *HAS* been modified by an unknown 3rd party.... is insane. I'd recommend that anyone interested in this actually take the time to understand the process and reproduce it on their own.
96carboard said:
I don't see a real value in locking the bootloader. In theory, the only thing it protects is undetectable modification being made when the device is out of your direct control. However, strong security practices require you to assume that *anything* could have been done to the device when it is outside of your direct control, so the "security" you get from the locked bootloader is artificial.
ANY time a device leaves your physical control, you have to assume it to be compromised. No exceptions.
I would also like to point out that, no offense to OP, but using a "high security" operating system that *HAS* been modified by an unknown 3rd party.... is insane. I'd recommend that anyone interested in this actually take the time to understand the process and reproduce it on their own.
Click to expand...
Click to collapse
Sorry but I am not interested in arguing about this stuff
I didn't create this thread to argue about potential security issues or how secure phones really are
it seems you have more of an issue with the security of Android in general
I would recommend everyone who just wants to share opinions like this which are essentially unrelated to the ROM, please just don't
I am not claiming rooting your phone to be perfectly secure and I am not interested in arguing about it
Although as explained here https://forum.xda-developers.com/t/...pdated-november-9-2022.4343431/#post-85733797
there are advantages to using a locked bootloader, even with root.
optimumpro said:
The rom could be used on locked bootloader with ROOT (donate feature) with or without Gapps.
The benefits of LOCKED BOOTLOADER combined with WORKING AVB-2 protection are:
Get back your DRM L1 certificate. Most banking apps will work regardless of Magisk.
Security: Nobody and nothing can modify Kernel, Recovery and Virtual Partitions without triggering a red screen of death with the message 'your device is corrupted and cannot boot'.
At that point, the only option is to unlock bootloader. But, if a user had previously disabled OEM unlock in Developer settings, then unlocking becomes unavailable, and so does flashing via fastboot. In other words, if your phone gets into the hands of an adversary, their only option is to use MSM tool to make the phone work again, but no access to your data or any other partition.
Why prebuilt Magisk? Because you can't modify kernel or recovery on locked bootloader post installation, and that's exactly what Magisk does.
Click to expand...
Click to collapse
I am offering this as a free feature, not a donate feature and I have also created a guide so that anyone is able to build the rom and sign it using their own keys for even greater security than trusting me.
Magisk isn't just some unknown third party, Graphene, Magisk, AVBRoot, they are all open source projects
FireRattus said:
Sorry but I am not interested in arguing about this stuff
I didn't create this thread to argue about potential security issues or how secure phones really are
it seems you have more of an issue with the security of Android in general
I would recommend everyone who just wants to share opinions like this which are essentially unrelated to the ROM, please just don't
I am not claiming rooting your phone to be perfectly secure and I am not interested in arguing about it
Click to expand...
Click to collapse
I'm not talking about the utility or security of root (hint: Its perfectly safe and secure when used RESPONSIBLY). I'm talking about the value of using a security hardened OS with modifications made by someone who you don't know and can't trust. Doing so throws away ALL security because there is no way to tell what else someone has changed.
96carboard said:
I'm not talking about the utility or security of root (hint: Its perfectly safe and secure when used RESPONSIBLY). I'm talking about the value of using a security hardened OS with modifications made by someone who you don't know and can't trust. Doing so throws away ALL security because there is no way to tell what else someone has changed.
Click to expand...
Click to collapse
So just follow the guide I provided so you can build the rom yourself, you can inspect all the source code and work out exactly what it's all doing if you are so inclined
https://forum.xda-developers.com/t/...-using-rooted-grapheneos-magisk-root.4510295/
FireRattus said:
So just follow the guide I provided so you can build the rom yourself, you can inspect all the source code and work out exactly what it's all doing if you are so inclined
https://forum.xda-developers.com/t/...-using-rooted-grapheneos-magisk-root.4510295/
Click to expand...
Click to collapse
Yes exactly!
@FireRattus is there any chance we can see pre-build images for Oriole in the future? I'm having trouble building it myself.
KainoaK said:
@FireRattus is there any chance we can see pre-build images for Oriole in the future? I'm having trouble building it myself.
Click to expand...
Click to collapse
What are the troubles you are having with building it yourself? I can try my best to help
I would be able to build images for Oriole probably but I wouldn't be able to test them myself and building for more variants would take more time making updates slower so I don't want to invest in that currently.
I do think it's best to build it yourself if you are able so I am glad you have tried already
> What are the troubles you are having with building it yourself? I can try my best to help
My computer just doesn't have enough RAM + Disk space to build it, plus I seem to keep getting stuck at getting all the tools to work together
I'd be happy to donate monthly or whatnot to help keep up oriole builds though
KainoaK said:
> What are the troubles you are having with building it yourself? I can try my best to help
My computer just doesn't have enough RAM + Disk space to build it, plus I seem to keep getting stuck at getting all the tools to work together
I'd be happy to donate monthly or whatnot to help keep up oriole builds though
Click to expand...
Click to collapse
I will try to build it for you, since the pixel 6 and 6 pro share the same Build ID, I should be able to build it without needing to download everything again
New Release #2022112500
Changes since the 2022111800 release:
Sandboxed Google Play compatibility layer: fix missing handling of APEX ListSlices in dynamic stubs (improves compatibility when granting Nearby devices permission to Play services with a WearOS device connected)
Sandboxed Google Play compatibility layer: mark PackageInstallerStatusForwarder as not exported
Settings: avoid OBB toggle unnecessarily force stopping app
extend original-package renaming to static launcher shortcuts to fix Vanadium new tab shortcut for users with an install predating the package rename
Camera: update to version 57
Vanadium: update Chromium base to 107.0.5304.141
Contacts: add support for dark mode
kernel (Pixel 6, Pixel 6 Pro, Pixel 6a, Pixel 7, Pixel 7 Pro): restore fix for CVE-2022-3176 which was reverted upstream (GKI LTS branch) due to not being marked as a security fix and changing the GKI ABI
Pixel 4, Pixel 4 XL: set frozen patch level string to 2022-11-01 (has been provided since the 2022110800 release but we initially left the patch level string at the previous value)
port GrapheneOS changes to Linux 5.15 GKI LTS branch in order to prepare for 6th/7th generation Pixels potentially moving to the Linux 5.15 LTS and late 2023 devices which will be based on it
Click to expand...
Click to collapse
Download in Post #2
KainoaK said:
My computer just doesn't have enough RAM + Disk space to build it, plus I seem to keep getting stuck at getting all the tools to work together
I'd be happy to donate monthly or whatnot to help keep up oriole builds though
Click to expand...
Click to collapse
I am not able to test them myself but I have provided a patched, signed build which should work
just check post #3 for the download links, I would appreciate a donation if you feel it's worth it but no pressure
Edit: Moved it to post #2 with the other downloads
96carboard said:
I don't see a real value in locking the bootloader. In theory, the only thing it protects is undetectable modification being made when the device is out of your direct control. However, strong security practices require you to assume that *anything* could have been done to the device when it is outside of your direct control, so the "security" you get from the locked bootloader is artificial.
ANY time a device leaves your physical control, you have to assume it to be compromised. No exceptions.
I would also like to point out that, no offense to OP, but using a "high security" operating system that *HAS* been modified by an unknown 3rd party.... is insane. I'd recommend that anyone interested in this actually take the time to understand the process and reproduce it on their own.
Click to expand...
Click to collapse
To be fair you'll always be using something done by a third party, including android itself, unless it's you writing and compiling your own OS.
MidnightDevil said:
To be fair you'll always be using something done by a third party, including android itself, unless it's you writing and compiling your own OS.
Click to expand...
Click to collapse
Android is open source. Open source code is auditable. Compiled binaries are NOT.
Related
Welcome to Jaguar Oreo 8.1. As some may know, the emphasis of the project is on Security and Performance. I have recently transitioned from Lenovo Zuk Z2 plus and previously from Sony Xperias, and the rom is still actively maintained for Zuk Z2. You are welcome to visit the thread for user feedback: https://forum.xda-developers.com/lenovo-zuk-z2/development/jaguar-oreo-8-1-official-t3734597
In addition to most, if not all, familiar Oreo features starting from multiple options in statusbar, navbar, QS, gestures etc. to alarm blocker, wakelock blocker, smart pixels and omni features (I am not going to list all of them), you will have the following:
1. Hardened/fortified bionic (over 150 commits) to prevent bad behavior by system and third party apps.
2. Many classes and resources are NOT pre-loaded or compiled during boot. Instead, they are compiled after the initial startup and put in ram and cache. So, after initial settling, you will have increased speed in almost everything: interface transitions, app startup time, etc. . In addition, it takes 4-5 seconds to fully boot, after Oneplus logo ends (initial boot after flashing will obviously take longer).
3. Most runtime permissions are limited to 'read only'.
4. FBE encryption is replaced with FDE, and it is not forced. Plus, you can have separate passwords, one longer for boot and another short one for screen lock. I, personally, don't like FBE. I think it is weaker than FDE. Also, I don't want my device to boot at all or be partially decrypted, unless I enter boot password.
5. Many additional security features are enabled in kernel. Kernel is based on DU for Oneplus 5 (the work on it just started).
6. Yama security to replace Selinux.
7. Wireguard support in kernel
8. DNS over TLS
9. Background WIFI scanning is hard-disabled
10. Type zero sms: phone's silent response 'received and processed' (without user noticing) eliminated. If you don't know what type zero sms is, Google it. Not class zero sms, which flashes on screen, but doesn't get saved, but rather type zero, which doesn't show at all, but nonetheless is silently acknowledged. Creepy.
11. MicroG support.
12. Builtin CPU power profiles, based on AKT profiles (heavily modified)
13. Sound control and KCAL are added in kernel
14. Fully working native recorder (in Dialer on active call)
INSTRUCTIONS:
1. Be on 5.1.4 firmware
2. If you are encrypted, you must do factory reset in TWRP (you will have to type 'YES' for factory reset). This will result in all data including internal SD erased. So, transfer the contents to your PC. If you are decrypted, you may skip this step. You may think you are decrypted, but make sure that it is in fact so: check in Settings/Security. If it says phone encrypted, you must do factory reset in TWRP.
3. After factory reset, reboot in TWRP and format system/dalvik-cache/data/internal SD again, as TWRP apparently leaves some remnants of encryption after factory reset.
4. Transfer the rom, Gapps, Magisk and whatever else you need to internal card; flash the rom; flash Gapps (optionally) and reboot
5. Go back to TWRP and flash Magisk (optionally). Why not flash Magisk right away? Because Gapps need to run once before Magisk to get appropriate permissions
ROM DOWNLOAD: https://androidfilehost.com/?fid=1322778262904007030
Subsequent releases (and I will continue to update until Android 9 becomes stable) will be in post #3.
WARNINGS: Usual XDA: Get ready to be burned and don't complain
CREDIT: AOSP, CopperheadOS, DU, Omni, Slim, Lineage, Benzo, Carbon, Xtended, AKT profiles team
Also, credit for a Jaguar bootanimation to @Ashish9 and @The.Night.King who made one of the header's icons
Kernel Source for October 8 release and on: https://github.com/AOSPME/android_kernel_oneplus_msm8998
Kernel Source: https://github.com/optimumpr/android_kernel_oneplus_msm8998
Bionic Source where most commits came from: https://github.com/CopperheadOS/platform_bionic
XDA:DevDB Information
JAGUAR OREO ONEPLUS 5, ROM for the OnePlus 5
Contributors
optimumpro, optimumpro
Source Code: https://github.com/optimumpr/android_kernel_oneplus_msm8998
ROM OS Version: 8.x Oreo
ROM Kernel: Linux 4.x
ROM Firmware Required: Unlocked bootloader and 5.1.4 firmware
Based On: AOSP, DU, Lineage, Omni, Xtended, Carbon, Benzo, Slim
Version Information
Status: Stable
Stable Release Date: 2018-09-16
Created 2018-09-16
Last Updated 2019-01-12
Instructions on FDE encryption
How to encrypt the phone:
The rom has FDE, instead of FBE, and it is not forced. So, you will be decrypted, unless you encrypt.
You can encrypt within Settings, but the preferred way is to do it via ADB. This way, you could have 2 separate passwords one longer for boot and another shorter for screen lock. YOU MUST HAVE MAGISK INSTALLED FOR ADB method to work.
1. DON'T set up screen lock pin/password/pattern yet
2. Enable ADB in Developer settings
3. Connect the phone to your PC. Open terminal (on PC) and type adb devices to make sure that the phone is listed
4. Type adb shell and press enter; type su and press enter - at this point, you should have Magisk prompt (on the phone) for root; grant it for at least 20 minutes - the prompt on terminal should change to root
Now the fun part:
5. type vdc cryptfs enablecrypto inplace password "your actual password" and press enter
WARNING: No quotation marks anywhere in terminal, and don't type the words 'your actual password', but rather your chosen password. There is no limit on the length of boot password.
The phone will reboot and start encrypting. In about 10-15 minutes, you will get a familiar prompt for boot password. After the first password input, the phone might not fully boot (it happened to me). In this case, just force-shutdown and reboot.
After encrypting, you will lose root. So, re-flash Magisk. Otherwise, you might have kernel panic, due to Magisk not being able to find your lockscreen pin..
6. After everything is done and Magisk is working, set up a short pin/pattern/password for screen. WHEN ASKED IF YOU WANT SECURE BOOT, SELECT NO, because you already have it. If you select 'yes, your long boot password will be overwritten, which you don't want.
P.S. You can also do the same on phone's Terminal. In this case, skip 'adb shell' and start with 'su'. But in my experience, if you make a slight mistake with the password, you won't be able to boot, and you will have to do factory reset in TWRP, which will result in the loss of all data. On PC, you can still see the password you set and boot the phone
Updates are in this post
January 12. New release
1. January security patches
2. Oreo release 60
3. New and hardened clang chain
4. Separate ringtones for Sim1/2
5. Updated kernel
1. If you are on a previous release, you may flash dirty. Just make sure to wipe dalvik/cache
2. Coming from another rom, read the OP about doing factory reset
Download rom January 12 release: https://androidfilehost.com/?fid=11410963190603897246
November 8. New release
November security patches
Instructions:
1. If you are on a previous release, you may flash dirty
2. Coming from another rom, read the OP about doing factory reset
Download rom release November 8: https://forum.xda-developers.com/devdb/project/dl/?id=30812
October 11. New release
1. Fully working native call recording
2. KCAL in kernel
3. Sound control in kernel
Instructions:
1. If you are on a previous release, you may flash dirty
2. Coming from another rom, read the OP about doing factory reset
Download rom, October 11 release: https://forum.xda-developers.com/devdb/project/dl/?id=30630
____________________________________________________________________________________________________________________
October 8. Major release
1. Different kernel. EAS thrown out, as providing no benefits, and actually slowing down the phone. Now you have one of the best governors, Interactive, back
2. CPU profiles built in. Based on AKT profiles, but heavily modified. Now, you have 16 working CPU profiles (must be on Interactive)
Instructions:
1. If you are on a previous release, you may flash dirty
2. Coming from another rom, read the OP about doing factory reset
Download rom October 8 release: https://forum.xda-developers.com/devdb/project/dl/?id=30586
_______________________________________________________________________________________________________________________
October 5. New release
1. October security patches, Google Oreo release 48
2. Kernel overclocked to 2035 and 2592
Download Rom, October5 release: https://forum.xda-developers.com/devdb/project/dl/?id=30551
Instructions
If you are on a previous release, you can flash dirty. If coming from another rom, clean flash. If force-encrypted, you need to do factory reset in TWRP, reboot in TWRP and manually format /system/data/dalvik/cache/internalSD. Why? Because Jaguar has FDE, as opposed to FBE encryption, and it is not forced.
________________________________________________________________________________________________________________________
September 26. New release
1. Alert slider is fixed - all options work
2. System update toggle removed
Instructions: if you are on a previous release (or the original one), dirty flash; otherwise - clean flash
Download rom September 26 release: https://forum.xda-developers.com/devdb/project/dl/?id=30488
September 20. Rom updated
1. DNS-over-TLS (in Development settings)
2. Wireguard support added
3. A bunch of other commits in kernel.
Download rom release September 20: https://forum.xda-developers.com/devdb/project/dl/?id=30444
If you are on a previous release, dirty flash is fine.
What's U/B? And does the ROM support signature spoofing?
d1n0x said:
What's U/B? And does the ROM support signature spoofing?
Click to expand...
Click to collapse
U/B is unlocked bootloader. Signature spoofing is missing. Next release will have it.
optimumpro said:
U/B is unlocked bootloader. Signature spoofing is missing. Next release will have it.
Click to expand...
Click to collapse
Well considering you need to have an unlocked bootloader to flash TWRP and consequently custom ROMs, it's kind of redundant info
Alright, gonna try out the next release with MicroG!
Nice to see you here, i used to use jaguar at my z2 plus, WELCOME!!!
Welcome @optimumpro ? your ROMs for the Xperia Z1 were legendary. Good to see you here.
d1n0x said:
Well considering you need to have an unlocked bootloader to flash TWRP and consequently custom ROMs, it's kind of redundant info
Alright, gonna try out the next release with MicroG!
Click to expand...
Click to collapse
Most devs stopped implementing Microg, because you have both Xposed and Magisk modules for that.
Security and performance, I see! What about battery life?
Im_Mattgame said:
Security and performance, I see! What about battery life?
Click to expand...
Click to collapse
That's superior too, but emphasis is on security & performance.
This is a ROM that's truly user customized, request a useful feature and watch it get added.
Keep it up OP.:good:
Does this have MAC randomizer?
Zocker1304 said:
Does this have MAC randomizer?
Click to expand...
Click to collapse
The rom has it, but I haven't implemented it in kernel yet.
@optimumpro keep it up .
And to others .
The JAGUAR ROM emphasise mainly on SECURITY & RAW PERFORMANCE. Since you have a SD 835 , this ROM will make sure to use everything it has to offer .
So if you are searching for a performance ROM this is it.
PS : Jaguar is best served GAAPS LESS so if you are a anti google guy this might be the ROM for you.
optimumpro said:
The rom has it, but I haven't implemented it in kernel yet.
Click to expand...
Click to collapse
Means when implemented it will randomize my Mac on every reconnect?
WOW!
thank you!
learned from this thread already and hope very much to see this project continue.
is the fact that this is a userdebug build, test keys, and a permissive kernel a security/ privacy concern? maybe some of this will change? maybe xposed is the reason?
I lost track of xposed stuff quite awile back, maybe it will returning to my life! lol
ROM is very feature rich already, and the randomizer post a few back really caught my attention. Know of the reasoning for, but never have had the oportunity to use anything of the like
concerning the type zero sms. After googling about it im still not exactly sure about it all, but a question about it if i may. Does it matter what sms app is used?
I have been a fan if Signal for some time. I understand how it is best utilized when both/all parties use it. Seems it hides your sms from other apps tho too. Opinions of it? recomendations for differs?
please excuse my ignorance on amy of this, so much has changed over the past couple of years reguarding tech, privacy/security and android OS, while at that same time my time in front of a PC has grown less and less. I havent kept up as well as i should. I am not a dev, but always managed to follow along to maximize user control. I can read! lol
scorch away! but i wont be posting like a lil school girl any more. will be watching tho! :cyclops:
Fellings about bromite browser? maybe it can be implemented as the default webview? or even default browser?
https://www.bromite.org/
opinions on dnscrypt magisk module? i use it in its default installed iptables config
:good::highfive::silly:
Vcolumn said:
thank you!
is the fact that this is a userdebug build, test keys, and a permissive kernel a security/ privacy concern? maybe some of this will change? maybe xposed is the reason?
ROM is very feature rich already, and the randomizer post a few back really caught my attention. Know of the reasoning for, but never have had the oportunity to use anything of the like
concerning the type zero sms. After googling about it im still not exactly sure about it all, but a question about it if i may. Does it matter what sms app is used?
I have been a fan if Signal for some time. I understand how it is best utilized when both/all parties use it. Seems it hides your sms from other apps tho too. Opinions of it? recomendations for differs?
Fellings about bromite browser? maybe it can be implemented as the default webview? or even default browser?
opinions on dnscrypt magisk module? i use it in its default installed iptables config
Click to expand...
Click to collapse
User debug builds are no less secure than user builds. Instead of Selinux, you have Yama security implemented in kernel. I don't like Selinux. Apart from questionable origins, it is a huge monster that is, in my view, an unnecessary overhead.
Test key, as opposed to development/release key is just a name. All my keys, including the test key, have been uniquely re-generated. So, they are not Google's outdated keys that are included by default in all custom builds.
I use Icecat browser. With regard to dnscrypt, I have a better idea: DNS over TLS, and it is already done (will be in the next release), see picture.
Signal: There are many problems with the app and the developer. It's a long discussion, and I have already posted about in on XDA. One I would mention: the dev used to be harassed by TSA in airports. Then all of a sudden, he obtained over a $13 million funding channeled to him through a known government hand for "development" purposes. Then again, all of a sudden, he got lucrative contracts to provide "security" for one of the widely known "bastions" of privacy What'sup/Facebook. You don't get that for nothing. Next, he removed encryption capabilities from SMS portion of the app, the ones that really were forcing adversaries to go through the pains of targeting individual phones through the air, which is expensive. To tell you more: as long, as you have Gapps installed, any encryption is useless, as Google can get your outgoing messages before they are encrypted, and incoming ones after they are decrypted. People may say "sand box", "permissions", but as long as you have Google Services Framework, which is the central part of Google apps, it can do with your device whatever it wants without you ever noticing. And Signal can't work without Google services.
I use Silence for SMS.
Zocker1304 said:
Means when implemented it will randomize my Mac on every reconnect?
Click to expand...
Click to collapse
Yes. Although, it is somewhat difficult, because Qualcomm has a proprietary (as opposed to open source) implementation of MAC.
@optimumpro
Mate, any snapshots, please? Also, will MicroG or Nano-Droid work?
Also, does the GPS work, cause, that is the only reason, I am not able to get out of GApps. I want to be free of Google's Slavery Programme.
Danke. Vishal
vdbhb59 said:
@optimumpro
Mate, any snapshots, please? Also, will MicroG or Nano-Droid work?
Also, does the GPS work, cause, that is the only reason, I am not able to get out of GApps. I want to be free of Google's Slavery Programme.
Danke. Vishal
Click to expand...
Click to collapse
Microg should work with either Xposed or Magisk module. Without Google services, GPS would work with most apps, but not with Google maps, which require Gapps.
optimumpro said:
User debug builds are no less secure than user builds. Instead of Selinux, you have Yama security implemented in kernel. I don't like Selinux. Apart from questionable origins, it is a huge monster that is, in my view, an unnecessary overhead.
Test key, as opposed to development/release key is just a name. All my keys, including the test key, have been uniquely re-generated. So, they are not Google's outdated keys that are included by default in all custom builds.
I use Icecat browser. With regard to dnscrypt, I have a better idea: DNS over TLS, and it is already done (will be in the next release), see picture.
Signal: There are many problems with the app and the developer. It's a long discussion, and I have already posted about in on XDA. One I would mention: the dev used to be harassed by TSA in airports. Then all of a sudden, he obtained over a $13 million funding channeled to him through a known government hand for "development" purposes. Then again, all of a sudden, he got lucrative contracts to provide "security" for one of the widely known "bastions" of privacy What'sup/Facebook. You don't get that for nothing. Next, he removed encryption capabilities from SMS portion of the app, the ones that really were forcing adversaries to go through the pains of targeting individual phones through the air, which is expensive. To tell you more: as long, as you have Gapps installed, any encryption is useless, as Google can get your outgoing messages before they are encrypted, and incoming ones after they are decrypted. People may say "sand box", "permissions", but as long as you have Google Services Framework, which is the central part of Google apps, it can do with your device whatever it wants without you ever noticing. And Signal can't work without Google services.
I use Silence for SMS.
Yes. Although, it is somewhat difficult, because Qualcomm has a proprietary (as opposed to open source) implementation of MAC.
Click to expand...
Click to collapse
Thank you for the detailed insight. Although I have to say that Signal does work without Google play services. However, it falls back to a legacy polling method (increasing battery drain a bit) and shows a persistent notification in the status bar.
Great to see some privacy-conscious people here, amidst all of the Google fanboys who share every part of their life with Google and in the process jeopardize other people's privacy for the sake of "convenience".
Modesty - a modest custom kernel for the Samsung Tab S4
Modesty aims to provide a mildly appealing and reasonable alternative to the stock 4.4.78 kernel that comes with The Tab S4. In its pursuit of being both mildly appealing and reasonable, it will eschew features that could compromise device stability, whilst gleefully embracing low-risk, self-contained enhancements. In other words, your lowest expectation should be that this kernel will be at least as stable as the stock kernel.
Since there are currently no other custom kernel projects supporting the Tab S4, there isn't really any previous device-specific work to build on. Development of this kernel is therefore likely to be slow and steady.
"Why is this kernel called Modesty? That's crap! Why not Wolverine, Intrepid or Jupiter?"
Because it's just a operating-system kernel, not a turbo-charged supercar or a mission into outer space. Even as operating-system kernels go, this one is pretty dull. Besides, I'm a weary curmudgeon in his fifties, not a teenager.
This project has the modest aim of modestly enhancing the pleasure you derive from your Tab S4 and is therefore modestly named Modesty.
Key characteristics
Supports both the wi-fi only (T830) and wi-fi/LTE (T835) models.
Forked from Samsung's pristine kernel source code (Linux 4.4.78 for ARGH firmware at time of launch).
Regular merging of the upstream Linux kernel's linux-4.4.y branch (4.4.161 at time of public launch).
Regular merging of Samsung's updates to its modified kernel source as they are made available.
Includes @savoca's KCAL advanced colour/gamma control driver.
Includes @flar2's sound control driver to manage headphone and microphone gain.
Disables a huge amount of tracing and logging features inexplicably left enabled by Samsung in the stock release kernel. These debugging features have no place outside engineering builds.
Packed into a boot.img (boot image) taken directly from Samsung's latest stock firmware and kept as close to the original as possible. No obscure boot-time kernel configuration is stashed away here, and no changes are made to any other part of the file system at either install time or run time.
Provides a fully automated installer, with the option of interactive installation to allow manual selection of features and the ability to automatically root the device with Magisk in the post-installation phase.
Includes WireGuard VPN support (version 0.0.20180818 at the time of public launch), which will be updated as available.
Includes @Lord Boeffla's generic kernel wakelock blocker. The conservative default block-list is: qcom_rx_wakelock and NETLINK.
Utilises Westwood+ TCP congestion algorithm by default.
Includes Veno TCP congestion algorithm.
SELinux operates in enforcing mode and cannot be dynamically switched to permissive mode.
FAQ
Q. Is this kernel still actively developed?
A. No. The final ianmacd release was v1.0.0 on 21st November 2019 and no-one else has picked up maintenance of the project.
Q. Will this kernel also run on Android 9.0 (Pie) devices?
A. No. Modesty targets Android 8.1 (Oreo) and there was never an intention to update it for 9.0 (Pie).
Q. Can I overclock or underclock the CPU using this kernel?
A. No.
Q. How does interactive installation mode work?
A. If the ZIP file name contains the string _interactive or a dot-file called .modesty_interactive is present in the root of the external SD card, interactive installation mode is triggered. Please note that this mode overrides any selections implied by the archive name or the presence of dot-files on the file-system.
In interactive mode, you will be asked whether to root the device afterwards with Magisk. Selections are made using the Volume buttons. Just follow the on-screen prompts.
Q. Can I safely block wakelock X?
A. Perhaps. However, unless you know what a particular wakelock does and are certain that it is causing an actual problem on your device, I suggest you leave it alone.
Q. Why is this kernel labelled beta? Is it safe to use? And who are you, anyway? Can you be trusted?
A. My T830 has been running this kernel every day since I first rooted it, and I can therefore personally vouch for its stability on this model.
A couple of users have reported Modesty running well on the T835. Initially, it was reported that the kernel did not boot on this model, but after trying several test kernels, the user in question discovered that his machine had a non-standard firmware installation. Once this situation was remedied, Modesty booted and worked as designed.
As the person who built the kernel, I know exactly what's in it, and therefore the only risk I'm exposing myself to when I run it is that of my own incompetence. That's not true for you, however, and you should exercise due caution and at least pause for a moment to consider what you are installing, and the far-reaching powers you are about to grant this unaudited code over your device. Although I link to the source code below, you have only my word for it that this bears any resemblance to the kernel actually provided in the installer.
There are likely to be many iterations of this kernel before it sees a 1.0 release. Features may be added or removed along the way, although there is no clear roadmap at this point in time. Development will go where the needs of the users take it.
Please see the Installation section below for an important note regarding the use of this kernel in combination with stock (i.e. unmodified) Samsung firmware.
Q. Can I safely root this kernel?
A. Of course. What use would it be if you couldn't? I recommend Magisk for the task. It has a few minor issues, but as a project is very much alive, something that cannot be said about its peers. Magisk has arguably now established itself as the de facto root solution for Android devices.
It just so happens that I also produce my own builds of Magisk, which you are welcome to use. These are release builds (as opposed to debugging builds), produced from my own fork of @topjohnwu's original source, often augmented with patches. You can use anyone's builds, though.
Again, these builds work for me on various Samsung devices, but they are unofficial and you should approach them with fitting caution.
Q. Can I install Magisk at the same time as Modesty?
A. Yes. The Modesty installer allows you to automatically root your device with Magisk following installation of Modesty..
To make use of this facility, either rename the Modesty zip file to contain the string _magisk or create a file called .modesty_magisk in either the root of your external SD card or in the standard Download directory of the internal SD card. Alternatively, you can utilise interactive installation mode. See above for details.
If any of these trigger conditions is met, the installer will look in the standard internal Download directory as well as in ./Magisk (if present) on the external SD card (if present) for a suitable Magisk zip file to install. Preference is given to versioned files matching the glob Magisk-v*, in which case the latest according to lexical sort order will be used. If none is found, the installer then looks for unversioned release builds (e.g. official Canary channel release builds) called magisk-release.zip in the same locations, selecting the one with the most recent timestamp. If none is found, the installer will then try to find unversioned debug builds (e.g. official Canary channel debug builds) called magisk-debug.zip, again picking the one with the most recent timestamp. Finally, the installer falls back to looking for the most recent file called Magisk.zip or magisk.zip. If still no files have been found by this stage, chaining of Magisk is abandoned.
For example:
Code:
star2lte:/ $ ls -l /storage/0000-0000/.modesty_magisk
-rwxrwx--x 1 root sdcard_rw 0 2018-09-15 14:31 /storage/0000-0000/.modesty_magisk
star2lte:/ $ ls /storage/0000-0000/Magisk/Magisk-* | tail -n 3
/storage/0000-0000/Magisk/Magisk-v17.2-2018091001-ianmacd.zip
/storage/0000-0000/Magisk/Magisk-v17.2-2018091201-ianmacd.zip
/storage/0000-0000/Magisk/Magisk-v17.2-2018091501-ianmacd.zip
When you flash the Modesty archive in TWRP, the most recent version of Magisk that could be found will now be used to automatically root your kernel, i.e. Magisk-v17.2-2018091501-ianmacd.zip in this example.
Q. Why doesn't Modesty have its own Telegram group?
A. Because my experience of Android-themed Telegram groups is that they invariably degenerate into seething cesspits of rudeness, ignorance, superstition and — on a good day — pseudo-science. I don't wish to police such a den of iniquity. Of course, it's a free world (or so I still like to kid myself), so you are at liberty to create your own Telegram group for Modesty if you wish. Just please don't invite me to it.
Building
Building the kernel from source is beyond the scope of this document. If you want to build this kernel from scratch, for example to change its configuration, start with this handy reference tailored to building kernels for Android.
Download
See posting #2 in this thread for links to the latest and all previous versions.
Known Issues
Bluetooth HID (input) devices do not work.
Versions 0.99.11 to 0.99.22 contained a bug that caused Bluetooth HID (input) devices, such as mice, keyboards and gamepads, not to function. They could be paired with the tablet, but their input was not recognised. This bug was finally traced and fixed in 0.99.23.
Installation
Make a back-up of your existing boot partition using the custom recovery environment provided by TWRP. If your device doesn't yet have TWRP, you will need to install it first. Then, use it to flash the Modesty ZIP file. The boot image will automatically be installed in the boot partition of your device.
If your device has unmodified Samsung firmware, you will encounter problems with Bluetooth (namely delayed initialisation and forgotten pairings) after installing this or any other custom kernel. To remedy this, you will need to patch your system with modified libsecure_storage.so libraries. Some custom kernel installers actually install these without telling you, overwriting your system libraries and transparently circumventing the problem before you can run into it. This approach necessarily modifies your device's file-system, however, and that may not be what you want. At the very least, the user should be made aware what is happening to his device.
For this reason, I have instead prepared a companion Magisk module that achieves the same goal without modifying the file-system. This will allow you to run a custom kernel (not just this one, but any custom kernel) on pristine stock firmware without any Bluetooth issues. The module can be found in the official Magisk module repository, accessible from Magisk Manager on your tablet. If you install this Magisk module, you may wish to also disable the secure_storage_daemon by editing /system/etc/init/secure_storage_daemon.rc (change start to stop), as it no longer serves a purpose.
In a similar vein, you may encounter authentication errors when connecting to wireless networks after installing this or any other custom kernel. This problem is not serious and easily remedied by re-entering your passphrase for the networks you use.
Finally, if SecurityLogAgent notifies you that unauthorised actions have been detected, do not be alarmed. This is a normal consequence of having installed a custom kernel. You may wish to disable SecurityLogAgent to avoid being repeatedly notified..
Whilst the above issues are the only ones you can expect to encounter when running this kernel vs. the stock Samsung kernel, they may sound like more trouble than they're worth. In that case, you might be happier just sticking to Samsung's stock kernel. The company supplies a perfectly good kernel straight from the factory.
Configuration
You are encouraged to use either @morogoku's excellent MTweaks (a modified version of Kernel Aduitor) or @flar2's EX Kernel Manager to manage the features provided by this kernel.
Source code
Modesty's GitHub repository.
References
A useful guide to CPU governors, I/O schedulers (and more).
For more information on the some of the individual schedulers included in this kernel, you can also look under Documentation/block in the kernel source.
The WireGuard user guide, control app, home page and source code.
Credits
Thank you to everyone in the Linux kernel universe for getting us this far. Within the Android development community, I am grateful to the following people for their time-saving contributions:
@osm0sis for Android Image Kitchen, which has saved me a huge amount of work in packing and unpacking boot images.
An honorary mention must go to @Chainfire, the extent of whose benefaction to the Android community is still not fully understood or appreciated in some quarters.
Change log
v1.0.0 (final ianmacd release) (2019-11-21)
Kernel proclaimed stable. Version number incremented. No code changes since v0.99.49.
v0.99.49 (2019-11-16)
Updated to Linux 4.4.202.
v0.99.48 (2019-11-13)
Updated to Linux 4.4.201.
v0.99.47 (2019-11-11)
Updated to Linux 4.4.200.
v0.99.46 (2019-11-06)
Updated to Linux 4.4.199.
v0.99.45 (2019-10-31)
Updated to Linux 4.4.198.
v0.99.44 (2019-10-19)
Updated to Linux 4.4.197.
v0.99.43 (2019-10-08)
Updated to Linux 4.4.196.
v0.99.42 (2019-10-07)
Updated to Linux 4.4.195.
v0.99.41 (2019-09-22)
Updated to Linux 4.4.194.
v0.99.40 (2019-09-16)
Updated to Linux 4.4.193.
v0.99.39 (2019-09-11)
Updated to Linux 4.4.192.
Fixes unavailability of external SD card in Modesty 0.99.38.
v0.99.38 (2019-09-08) Release withdrawn (External SD card unavailable)
Updated to Linux 4.4.191.
v0.99.37 (2019-08-26)
Updated to Linux 4.4.190.
v0.99.36 (2019-08-12)
Updated to Linux 4.4.189.
v0.99.35 (2019-08-07)
Updated to Linux 4.4.188.
v0.99.34 (2019-08-05)
Updated to Linux 4.4.187.
v0.99.33 (2019-07-23)
Updated to Linux 4.4.186.
v0.99.32 (2019-07-12)
Updated to Linux 4.4.185.
v0.99.31 (2019-06-28)
Updated to Linux 4.4.184.
v0.99.30 (2019-06-22)
Updated to Linux 4.4.183.
v0.99.29 (2019-06-18)
Updated to Linux 4.4.182.
v0.99.28 (2019-06-12)
Updated to Linux 4.4.181.
v0.99.27 (2019-05-17)
Updated to Linux 4.4.180.
v0.99.26 (2019-04-28)
Updated to Linux 4.4.179.
v0.99.25 (2019-04-07)
Updated to Linux 4.4.178.
v0.99.24 (2019-03-26)
Updated to Linux 4.4.177.
Build only the latest revision of the DTB.
v0.99.23 (2019-03-02)
Fixed bug, introduced in v0.99.11, that caused input from Bluetooth HID devices, such as keyboards, mice and gamepads to be ignored.
v0.99.22 (2019-02-23)
Updated to Linux 4.4.176.
v0.99.21 (2019-02-20)
Updated to Linux 4.4.175.
v0.99.20 (2019-02-11)
Updated to Linux 4.4.174.
v0.99.19 (2019-02-08)
Updated to Linux 4.4.173.
v0.99.18 (2019-01-26)
Updated to Linux 4.4.172.
v0.99.17 (2019-01-17)
Updated to Linux 4.4.171.
v0.99.16 (2019-01-13)
Updated to Linux 4.4.170.
v0.99.15 (2018-12-30)
Rebased on ARK4 kernel source code and boot images.
v0.99.14 (2018-12-23)
Updated to Linux 4.4.169.
Merged four more UPSTREAM commits from android-4.4 kernel branch.
v0.99.13 (2018-12-13)
Updated to Linux 4.4.167.
Merged selected BACKPORT and UPSTREAM commits from android-4.4 kernel branch.
v0.99.12 (2018-12-05)
Updated to Linux 4.4.166.
Realtek USB Ethernet driver upgraded from v2.08.0 to v2.10.00.
v0.99.11 (2018-11-29)
Updated to Linux 4.4.165.
KCAL advanced colour/gamma control driver optimisation.
Added @flar2's sound control driver for controlling headphone and microphone gain. (Configure with MTweaks or EX Kernel Manager).
v0.99.10 (2018-11-21)
Updated to Linux 4.4.164.
Added KCAL advanced colour/gamma control driver. (Configure with MTweaks or EX Kernel Manager).
Lots of tracing and debug logging disabled, further reducing kernel size.
CONFIG_DISPLAY_USE_INFO
CONFIG_SEC_DISPLAYPORT_LOGGER
CONFIG_FB_MSM_MDSS_XLOG_DEBUG
CONFIG_SEC_FILE_LEAK_DEBUG
CONFIG_SEC_DEBUG_USER
CONFIG_SEC_DEBUG_SUMMARY
CONFIG_SCSI_UFSHCD_CMD_LOGGING
CONFIG_MSM_SMEM_LOGGING
CONFIG_PROFILING
CONFIG_DEBUG_INFO
CONFIG_SCHED_DEBUG
CONFIG_SEC_PM_DEBUG
CONFIG_CORESIGHT
Built as monolithic kernel (i.e. without CONFIG_MODULES).
Built as relocatable code (CONFIG_RELOCATABLE_KERNEL).
Assembler symbols stripped (CONFIG_STRIP_ASM_SYMS set).
Embedded kernel config (reported via /proc/config.gz) now falsely reports stock settings to allow disabling of superfluous kernel features that otherwise cause grave Android System warning on boot.
v0.99.9 (2018-11-13)
Rebased on ARJ3 kernel source code and boot images.
v0.99.8 (2018-11-10)
Updated to Linux 4.4.163.
More than 100 fixes applied from upstream AOSP android-4.4 and android 4.4-o branches.
Lots of tracing and debug logging disabled:
CONFIG_IPC_LOGGING (debug logging for IPC drivers)
CONFIG_QCOM_RTB (register tracing)
CONFIG_TRACER_PKT (for tracing IPC protocols)
CONFIG_FTRACE (kernel tracing infrastructure)
CONFIG_CPU_FREQ_SWITCH_PROFILER (CPU frequency switch profiler)
CONFIG_TRACING_EVENTS_GPIO (traces GPIO subsystem)
Fixes to allow kernel to build when above logging and tracing options are disabled.
v0.99.7 (2018-10-30)
Rebased on ARH5 kernel source code.
Reworked the v4l2 fix that restores liboemcrypto-dependent apps to working state.
v0.99.6 (2018-10-28)
v4l2 fixes to restore liboemcrypto-dependent apps to working state.
v0.99.5 (2018-10-21)
Updated to Linux 4.4.162.
v0.99.4 (2018-10-19)
Initial public release, based on Linux 4.4.161.
v0.99.3
Internal build, based on Linux 4.4.160.
v0.99.2
Internal build, based on Linux 4.4.159.
v0.99.1
Initial internal build, based on Linux 4.4.78.
It begins! Awesome to finally see a custom kernel for the Tab S4.
I want to test for you once I can get root back
ianmacd said:
Change log
v0.99.4 (2018-10-19)
Initial public release, based on Linux 4.4.161. Caution: This kernel remains completely untested on the T835.
v0.99.3
Internal build, based on Linux 4.4.160.
v0.99.2
Internal build, based on Linux 4.4.159.
v0.99.1
Initial internal build, based on Linux 4.4.78.
Click to expand...
Click to collapse
Flashed on T835 device doesnt even get past the Boot (custom device) screen is there a way to get logs without using a computer?
Sent from my Samsung SM-G950F using XDA Labs
dr460nf1r3 said:
Flashed on T835 device doesnt even get past the Boot (custom device) screen is there a way to get logs without using a computer?
Click to expand...
Click to collapse
I'll look into it this evening. I'm just about to get off a plane.
Were there any errors when installing? Was your device properly detected as a T835?
Sent from my SM-G965F using XDA Labs
ianmacd said:
I'll look into it this evening. I'm just about to get off a plane.
Were there any errors when installing? Was your device properly detected as a T835?
Click to expand...
Click to collapse
Installing just fine, correctly detected as well.
Sent from my Samsung SM-G950F using XDA Labs
dr460nf1r3 said:
Installing just fine, correctly detected as well.
Click to expand...
Click to collapse
I've gone through the ramdisk of the T835's boot image with a fine-tooth comb and can find nothing untoward. I also verified that I properly removed the dm-verity flag from the T835's device tree.
There are actually very few source code differences between the T830 and T835. Both can be built from a single tree. The only differences lie in the kernel config file and the device tree, but I am building with the default T835 configuration, and with the proper device tree for that device.
Let's try at least ruling out my installer code. Please image-flash this new boot image[/i] to your device and tell me if it boot-loops. If it does, my installer isn't the problem, because it's only used for a ZIP flash. I've already checked the installer code and can't see any bugs, so I don't think the issue lies there.
Can you also please tell me which version of the firmware your device is running? Possibly there's an issue there, too. Samsung has so far released the source to the ARGH kernel only. This seems to work fine on my ARH5 firmware, but it's uncertain whether it would still work on something based on ARI*, and I've seen that a couple of countries do now have ARI firmware available. Mind you, even if it wasn't compatible, it should still get as far as booting.
Anyway, please test that boot image and let me know your firmware version.
While I soldier on with the issues afflicting the T835 build, can anyone else verify the T830 build as working for them?
Don't be shy; I'm running it on my own device, so I'm certain that build boots.
ianmacd said:
While I soldier on with the issues afflicting the T835 build, can anyone else verify the T830 build as working for them?
Don't be shy; I'm running it on my own device, so I'm certain that build boots.
Click to expand...
Click to collapse
Sorry for the noob question if i flash this kernal on my SM-T835 will i lose DEX ? Sorry i'm not quite understanding what KERNEL does ? Thanks in advance!
N1NJATH3ORY said:
Sorry for the noob question if i flash this kernal on my SM-T835 will i lose DEX ? Sorry i'm not quite understanding what KERNEL does?
Click to expand...
Click to collapse
When the kernel is working as intended, you won't lose DeX, but it currently isn't even booting on the T835.
Only those who are able to assist in debugging the current boot failure should install the T835 build at this time.
The T830 build, on the other hand, is rock solid for me, and I encourage anyone who is capable of recovering from an unexpected bootloop to try it out.
Version 0.99.5 released.
This release updates the kernel to the latest upstream Linux.
T830 owners, install at will. T835 owners, beware: The previous release has been reported unbootable on this model, and this release is likely to be similarly afflicted. Investigations are ongoing. Until this issue is resolved, the whole project has been downgraded to alpha status.
Change log
Updated to Linux 4.4.162. Caution: This release is likely to cause a bootloop on the T835.
ianmacd said:
I've gone through the ramdisk of the T835's boot image with a fine-tooth comb and can find nothing untoward. I also verified that I properly removed the dm-verity flag from the T835's device tree.
There are actually very few source code differences between the T830 and T835. Both can be built from a single tree. The only differences lie in the kernel config file and the device tree, but I am building with the default T835 configuration, and with the proper device tree for that device.
Let's try at least ruling out my installer code. Please image-flash this new boot image[/i] to your device and tell me if it boot-loops. If it does, my installer isn't the problem, because it's only used for a ZIP flash. I've already checked the installer code and can't see any bugs, so I don't think the issue lies there.
Can you also please tell me which version of the firmware your device is running? Possibly there's an issue there, too. Samsung has so far released the source to the ARGH kernel only. This seems to work fine on my ARH5 firmware, but it's uncertain whether it would still work on something based on ARI*, and I've seen that a couple of countries do now have ARI firmware available. Mind you, even if it wasn't compatible, it should still get as far as booting.
Anyway, please test that boot image and let me know your firmware version.
Click to expand...
Click to collapse
Firmware Version ist arh5 and after flashing your img the device still constantly reboots on the start screen and doesnt even get to the boot Screen
Sent from my Samsung SM-G950F using XDA Labs
dr460nf1r3 said:
Firmware Version ist arh5 and after flashing your img the device still constantly reboots on the start screen and doesnt even get to the boot Screen
Click to expand...
Click to collapse
Thanks. That absolves the installer of any wrongdoing, at least.
Something is fundamentally wrong with the kernel for the T835.
The boot image is taken from stock firmware, and modified just enough to allow a custom kernel to boot. I very much doubt the problem lies there. A virtually identical image works for the T830.
The kernel config used is the one supplied by Samsung. The only modifications made to it are the same ones I made to the T830's.
I think my next step will be to produce a kernel built without downstreaming the 4.4.y Linux branch, so back to 4.4.78. If that works, it will indicate that an error affecting only the T835 was introduced during all of my merging of the upstream kernel.
I'll post again when I've built the kernel, which won't be for a few hours, as I'm on holiday at the moment.
Sent from my SM-G965F using XDA Labs
ianmacd said:
I think my next step will be to produce a kernel built without downstreaming the 4.4.y Linux branch, so back to 4.4.78. If that works, it will indicate that an error affecting only the T835 was introduced during all of my merging of the upstream kernel.
Click to expand...
Click to collapse
OK, @dr460nf1r3, please try this new T835 build.
This is rewound to 4.4.78, with just a few extra cherry-picked commits to enable it to build cleanly and boot without triggering dm-verity.
In other words, this kernel should be 99% identical to the one that shipped with the machine. This assumes that the source as supplied by Samsung was actually used to build the stock kernel.. They have been known to publish sources that don't match what's on the machine.
ianmacd said:
OK, @dr460nf1r3, please try this new T835 build.
This is rewound to 4.4.78, with just a few extra cherry-picked commits to enable it to build cleanly and boot without triggering dm-verity.
In other words, this kernel should be 99% identical to the one that shipped with the machine. This assumes that the source as supplied by Samsung was actually used to build the stock kernel.. They have been known to publish sources that don't match what's on the machine.
Click to expand...
Click to collapse
Thanks, flashing now will report back in a few minutes
Sent from my Samsung SM-G950F using XDA Labs
---------- Post added at 05:44 PM ---------- Previous post was at 05:17 PM ----------
ianmacd said:
OK, @dr460nf1r3, please try this new T835 build.
This is rewound to 4.4.78, with just a few extra cherry-picked commits to enable it to build cleanly and boot without triggering dm-verity.
In other words, this kernel should be 99% identical to the one that shipped with the machine. This assumes that the source as supplied by Samsung was actually used to build the stock kernel.. They have been known to publish sources that don't match what's on the machine.
Click to expand...
Click to collapse
Did not work still the same issue.. flashed via twrp to boot partition. Noob question, the boot backup i got is 64mb while your kernel hardly has 25.. whats going on here?
Sent from my Samsung SM-G950F using XDA Labs
dr460nf1r3 said:
Did not work still the same issue.. flashed via twrp to boot partition.
Click to expand...
Click to collapse
Well, that's disappointing. I was hoping that it was my screw-up, rather than Samsung's, but at this point almost everything I've done has been backed out and it still won't boot.
Noob question, the boot backup i got is 64mb while your kernel hardly has 25.. whats going on here?
Click to expand...
Click to collapse
Good question.
Your back-up is of the entire partition, including the area with no data on it, so you're getting a file the same size as the partition itself. My boot image contains just the data segment, so it's smaller.
If you pull the stock boot image from the AP file of Samsung's firmware, you'll see that it's a very similar size to mine (slightly smaller, actually):
Code:
$ unzip -p T835XXU1ARH5_T835OXM1ARH5_PHN.zip AP_T835XXU1ARH5_CL14008523_QB19263559_REV00_user_low_ship_MULTI_CERT_meta.tar.md5| tar xf - -O boot.img.\*lz4 | lz4 -dc > boot.img
$ ls -l boot.img
-rw-rw-r--. 1 ianmacd ianmacd 23593232 Oct 21 22:01 boot.img
$ file boot.img
boot.img: Android bootimg, kernel (0x8000), ramdisk (0x2000000), page size: 4096, cmdline (console=null androidboot.hardware=qcom user_debug=31 msm_rtb.filter=0x37 ehci-hcd.park=3 lpm_le)
So, what now?
I'll see which other minor changes I can back out, in an effort to arrive at a kernel built from source that is as close to stock as possible. If you're wondering Why doesn't he just build from pristine sources?, the answer is: Because Samsung's source code won't even build out of the box. Many of the kernel header files are simply not in the expected locations. Alas, this is a fairly common problem with Samsung's kernel source code releases.
I suspect the solution to this problem may actually lie in changes that have yet to be made, rather than changes made that need to be reverted. In other words, the T835 may require some kernel modifications or configuration that the T830 doesn't. Theoretically, a kernel compiled from Samsung's pristine sources should just work, but that's starting to look unlikely now.
I'm hoping that I can enable/disable a few further options in the kernel config, rebuild and produce a kernel that works for you. If, however, the problem is that the source itself is faulty, we may have to wait for a future release by Samsung to give us something that compiles into a working kernel.
But I don't intend to throw in the towel on the T835 just yet. There are still a few more things we can try.
ianmacd said:
Well, that's disappointing. I was hoping that it was my screw-up, rather than Samsung's, but at this point almost everything I've done has been backed out and it still won't boot.
Good question.
Your back-up is of the entire partition, including the area with no data on it, so you're getting a file the same size as the partition itself. My boot image contains just the data segment, so it's smaller.
If you pull the stock boot image from the AP file of Samsung's firmware, you'll see that it's a very similar size to mine (slightly smaller, actually):
So, what now?
I'll see which other minor changes I can back out, in an effort to arrive at a kernel built from source that is as close to stock as possible. If you're wondering Why doesn't he just build from pristine sources?, the answer is: Because Samsung's source code won't even build out of the box. Many of the kernel header files are simply not in the expected locations. Alas, this is a fairly common problem with Samsung's kernel source code releases.
I suspect the solution to this problem may actually lie in changes that have yet to be made, rather than changes made that need to be reverted. In other words, the T835 may require some kernel modifications or configuration that the T830 doesn't. Theoretically, a kernel compiled from Samsung's pristine sources should just work, but that's starting to look unlikely now.
I'm hoping that I can enable/disable a few further options in the kernel config, rebuild and produce a kernel that works for you. If, however, the problem is that the source itself is faulty, we may have to wait for a future release by Samsung to give us something that compiles into a working kernel.
But I don't intend to throw in the towel on the T835 just yet. There are still a few more things we can try.
Click to expand...
Click to collapse
Thanks for explaining everything for me. Id like to help you were i can but i dont have a computer by my hands right now for the next time
Sent from my gts4llte using XDA Labs
dr460nf1r3 said:
Thanks for explaining everything for me. Id like to help you were i can but i dont have a computer by my hands right now for the next time
Click to expand...
Click to collapse
Here's a new build to try. This one reverts the last few changes I originally made to the T835's kernel configuration before building. This is as close to stock as possible, whilst still being able to build.
If this doesn't boot, it pretty much means that Samsung has supplied code for the T835 that simply will not compile into a working kernel. At that point, we'll probably have to wait for updated sources. I already have a request pending with Samsung for the release of the BRI sources.
Just to be clear, the current status quo as I understand it is that the Samsung logo never starts to be written from left to right. You never get past the static screen with the device name and the word Custom. Is that correct?
ianmacd said:
Here's a new build to try. This one reverts the last few changes I originally made to the T835's kernel configuration before building. This is as close to stock as possible, whilst still being able to build.
If this doesn't boot, it pretty much means that Samsung has supplied code for the T835 that simply will not compile into a working kernel. At that point, we'll probably have to wait for updated sources. I already have a request pending with Samsung for the release of the BRI sources.
Just to be clear, the current status quo as I understand it is that the Samsung logo never starts to be written from left to right. You never get past the static screen with the device name and the word Custom. Is that correct?
Click to expand...
Click to collapse
Im sorry to tell you but this doesnt boot either in fact it doesnt even reboot the static screen. Your right about the current status quo sadly.
Sent from my Samsung SM-G950F using XDA Labs
Intro
I'll start with this important note: this will likely be interesting to a small subset of users as it 1) does cost money to deploy and run this cloud infrastructure in AWS 2) requires a bit more technical knowledge to get this up and running than most things on XDA 3) the OS build process maintains verified boot with your own custom keys which means things like root/magisk are not a good fit. Anyways, I've created a cross platform tool, rattlesnakeos-stack, that allows you to build your own customized Android OS for Google Pixel phones using AWS cloud infrastructure. The default OS that this tools builds without any customizations is called RattlesnakeOS, which is really just AOSP with very minor additions. If there is something you don't like about the default OS, you can add customizations on top of it or start with a completely blank slate and build your own OS.
Features
Support for Google Pixel phones
Based on latest AOSP 11.0
Software and firmware security updates delivered through built in OTA updater
Maintains verified boot with a locked bootloader just like official Android but with your own personal signing keys
Support for building latest stable Chromium browser and webview
Support for custom OS builds
If any of that sounds interesting to you, head over to the README for full setup, build, customization, and flashing instructions. Also, feel free to stop by our matrix room RattlesnakeOS (#ros.matrix.org).
Intro
I'll start with this important note: this will likely be interesting to a small subset of users as it 1) does cost money to deploy and run this cloud infrastructure in AWS 2) requires a bit more technical knowledge to get this up and running than most things on XDA 3) the OS build process maintains verified boot with your own custom keys which means things like root/magisk are not a good fit. Anyways, I've created a cross platform tool, rattlesnakeos-stack, that allows you to build your own customized Android OS for Google Pixel phones using AWS cloud infrastructure. The default OS that this tools builds without any customizations is called RattlesnakeOS, which is really just AOSP with very minor additions. If there is something you don't like about the default OS, you can add customizations on top of it or start with a completely blank slate and build your own OS.
Features
Support for Google Pixel phones
Based on latest AOSP 11.0
Software and firmware security updates delivered through built in OTA updater
Maintains verified boot with a locked bootloader just like official Android but with your own personal signing keys
Support for building latest stable Chromium browser and webview
Support for custom OS builds
If any of that sounds interesting to you, head over to the README for full setup, build, customization, and flashing instructions. Also, feel free to stop by our matrix room RattlesnakeOS (#ros.matrix.org).
@dantheman78 awesome job. How would I go about setting up another time to build? Aosp based. Do you have any guides?
This ROM is ONLY for SM-T560NU, NOT SM-T560. I CANNOT make a SM-T560 build as they are different CPU/SoCs.
PLEASE BEFORE YOU decide to try this rom, you MUST read all of post 1, 2, 3 and 4 (about 10 minute read). If you think this is an unreasonable request, then stop reading now and find another rom. Thank you.
I am not responsible for lost data, identity theft, lost money, security vulnerabilities, bricked devices or any other hardware or software malfunctions that comes as a result of flashing this rom.
BACKUP YOUR DATA AND OLD rom BEFORE trying my rom.
If you are NOT an expert in using fastboot, adb, odin, heimdall, twrp, DO NOT use this rom. You must know how to use these tools to revert back to your old rom.
If you are new to flashing custom roms, do NOT attempt this.
If you need your tablet for work and something important, do NOT flash this rom. This rom could result in a bricked device or boot loop or non booting device or you not being able to revert back to your old rom.
What works
1. bluetooth
2. wifi
3. brightness
4. external audio
5. GPS
6. audio through headphone jack
7. audio over bluetooth
What doesn't work
1. Camera. The stock camera app video recording doesn't work. Use Simple Camera 5.3.1 from https://f-droid.org/en/packages/com.simplemobiletools.camera/ . I have no plans to work on camera.
2. selinux is permissive. I have tried to make this build enforcing for weeks, but when I do, the OS doesn't boot and there is no adb logcat output despite making an "eng" build. Without adb logcat output, it's virtually impossible to determine what is wrong and I'm not spending anymore time on it. If having enforcing mode is important to you, use my 18.1 builds.
3. keyboard bug workaround. When prompted to enter something like a Bluetooth pin or text based password, sometimes the keyboard is not shown on the screen or off screen. The workaround is to goto settings, system, languages & input, on-screen keyboard, Android Keyboard (AOSP), appearance & layout, theme and choose "Material - follow system settings".
This keyboard bug is a LineageOS bug as per
https://review.lineageos.org/c/LineageOS/android_packages_inputmethods_LatinIME/+/325438
4. gapps. Some of you require gapps for whatever reason. I use Aurora Store for my purposes and thus have NO KNOWLEDGE of the current state of gapps.
There are various gapps projects (at least 5 in 2022). Each has pros and cons. It's your job to do the research and find a suitable gapps project. I suggest you allocate at least a couple of hours doing your own research. My rom works by itself fine without gapps. DO NOT talk about gapps in this thread. As a courtesy to gapps users, if you want to talk about gapps, I have opened a new thread at
https://forum.xda-developers.com/t/...m-t35x-sm-t550-sm-t560nu-and-sm-p550.4479285/
so you may discuss gapps wrt to the msm8916 platform. I will NOT be participating in that thread as I do NOT use gapps.
Thanks
1. LineageOS team for source code.
2. Kyle Harrison
- looking through the adb logcat and suggesting that my binder code was too old to work with Android 12's keystore2 code
- for the graphics and legacy camera patches to allow msm8916 to work with Android 12
- for his Motorola LineageOS 19.1 device trees so I could use his patches as a template for msm8916
3. @tarkzim
- adding back audio hal 2.0 and legacy camera hal 1.0 into the LineageOS trees
- helping me think through the msm8916 random reboots which was due to the TCP/IP patches
- maintaing and updating his repos so I can study them for learning purposes
4. pre ALPHA testers @RDS5 and @Sigster for willing to test pre ALPHA builds and leaving feedback.
FAQ - I spent hundreds of hours building this rom. It was frustrating process from Nov 2021 to Aug 2022 running into bug after bug. The least you can do is spend a few minutes reading everything before posting.
Q1. Where are the source and kernel source files?
A1. The kernel source files are at
https://github.com/retiredtab/android_kernel_samsung_msm8916
The device tree files are at
https://github.com/retiredtab/android_device_samsung_msm8916-common/tree/lineage-19.1
https://github.com/retiredtab/android_device_samsung_gtelwifiue/tree/lineage-19.1
https://github.com/retiredtab/device_samsung_gte-common/tree/lineage-19.1
The vendor tree files are at
https://github.com/retiredtab/vendor_samsung_gtelwifiue
https://github.com/retiredtab/vendor_samsung_msm8916-common/tree/lineage-19.1
The manifest.xml (or roomservice.xml) and build instructions for 19.1 are at
https://github.com/retiredtab/LineageOS-build-manifests
Q2. Is this ALPHA rom suitable as a daily driver?
A2. It can be depending on your requirements. I can't test every app so you try it yourself to see if it's suitable. I've been using this rom myself since mid March 2022 with no major issues. I suggest you do a clean install, see FAQ 11, and flash this 19.1 ROM BY ITSELF (no gapps, magisk, etc) and see if you like it. If you do like it and want to add gapps then see FAQ 12.
Q3. What if my app, xyz, doesn't work?
A3. If your app doesn't work, then go back to your old rom.
Q4. Your rom is laggy and buggy.
A4. If you find the above, then go back to your old rom. There's only so much software can do on a 2015 budget level tablet. Remember a budget tablet will have the slower SoC/CPU and less DRAM than a top of the line model. Your tablet will also run slower when you use gapps. You can run a lot of software without using gapps. Research fdroid, newpipe, Aurora store etc.
Q5. What TWRP should I use?
A5. You MUST use TWRP 3.5.2_9. Get it from
https://sourceforge.net/projects/retiredtab/files/SM-T560NU/TWRP/
Q6. Why should I use this rom?
A6. If you don't like this rom, then don't use it.
Q7. Will you offer monthly updates with security patches?
A7. I will try to offer monthly security patches, but that all depends on if I continue to have high speed Internet in the future.
Q8. Can you help me? I'm a newbie. Can you provide step by step instructions?
A8. I don't have the time to help newbies, so please do your own research. There are lots of tutorials, videos, etc on how to flash roms. Newbie questions must be posted in the Questions and Answers forum, not here.
Q9. Can I report a bug with respect to the rom?
A9. Yes, but you need to supply the following information. If you don't, I won't look at it.
You must provide an adb logcat of the problem and tell me how to reproduce it. Note I will not be downloading any apps that require money or an userid/password. For example, if you have problems with Netflix, I cannot help you since I don't have a paid subscription. If you use some app that requires an userid/password, I cannot help you as I'm not willing to create another userid/password even if it's free.
To get a logcat, open up a terminal window.
Code:
# clear the logcat first
adb logcat -c
# start logcat trace
adb logcat > problem.txt
# reproduce problem
# wait until problem has occured, then stop trace by hitting ctrl-c
# attach the problem.txt ZIPPED as text files don't seem to get attached properly
Q10. Will you still build 18.1 for this device?
A10. Yes, for rest of 2022, but I will make a decision in January 2023 on how 18.1 and 19.1 will be maintained. If you like to help by building 18.1/19.1, please let me know.
Q11. Do I need to erase everything and format my data?
A11. Yes, you MUST erase all the partitions (system, data, dalvik/art cache, cache) using TWRP and MUST format your data before installing 19.1 when you are coming from stock or an earlier version of LineageOS or from another custom rom. If you get stuck at the boot animation for more than 5 minutes, it's likely because you didn't follow the instructions I just wrote. Dirty flashes from stock, other custom roms or older LineageOS versions are not supported and not likely to work.
Q12. What gapps should I use?
A12. I don't use gapps anymore. I use Aurora Store. As of Nov 6, 2021, I no longer make recommendations on which gapps to use as your mileage may vary.
Let me by crystal clear. YOU NEED TO DO YOUR OWN HOMEWORK selecting between the various gapps offered. There are 5: opengapps, nikgapps, mindthegapps, flamegapps and bitgapps. Each one will have it's own installation instructions. The only recommendation I will offer to use the SMALLEST version of gapps.
Don't be surprised that whatever gapps you use might have problems like "Just a sec", voice not working, updating google play store please wait, etc. These are NOT problems of the OS as the OS will run fine without gapps. These are gapps problems and you must ask in the gapps forum why it doesn't work.
In addition, some of the gapps may not install properly when using TWRP and say "cannot /mnt/system". For those cases, please use the LineageOS recovery.img you can download from
https://sourceforge.net/projects/retiredtab/files/SM-T560NU/LineageOS-recovery/
By flashing the LineageOS recovery.img, it will overwrite the existing TWRP and you will get a different UI.
Q13. I'm having problems with gapps, can you answer why it's not working?
A13. I WILL NOT answer any questions regarding gapps. This thread is about the rom, not gapps. Android does not depend on gapps in order to work.
Questions about gapps, for your courtesy, should be asked at
https://forum.xda-developers.com/t/...m-t35x-sm-t550-sm-t560nu-and-sm-p550.4479285/
Q14. Why isn't my post answered or ignored?
A14. Questions already answered in the FAQ will be completely ignored. Again, I do not use Windows OS or gapps.
Q16. What speed up/optimization tips do you suggest?
A16.
1. Turn off animations. Go into developer settings, scroll down to the drawing section, and set window, transition and animator scale all to "off".
2. If you don't have a google account, don't install gapps. Use Aurora Store to get your apps as you can get all the same apps from the play store using an anonymous login.
3. Dont' run more than 2 apps at the same time. You can probably listen to music in the background and use a web browser at the same time, but don't expect great performance from a 2015 entry level tablet.
4. Use a web browser like Brave that has built in adblock and privacy features.
5. Use newpipe to watch your streaming content. It has built in adblock so you don't have to watch forced ads.
6. Look for apps that are open source, ad free and lightweight.
7. Remove all unused quick setting "bubbles" from the quick pull down menu. I only need and have 6.
Q17. Does this rom support Magisk for root?
A17. I don't use Magisk myself so I don't know and Magisk is always being updated to fool Google's certification process. Others have reported Magisk as working, but I won't answer any questions regarding it.
Q18. Will this rom ever become official?
A18. With 19.1, legacy devices like ours will NEVER be official due to lack of ebpf support. See https://lineageos.org/Changelog-26/
Also, I don't want the responsibilities that come with being an official maintainer.
Q19. What is the difference between this rom and others?
A19. This rom tries to be pure LineageOS with little to no modifications.
Q20. Will there be any major 19.1 code modifications in the future?
A20. I don't anticipate any major modifications. There may be some small bug fixes and minor code cleanup, but all the hard work in getting the rom up and running and fixing all the major bugs have been done completed. This doesn't mean the code is perfect or well organized, but I won't be doing any major changes now that 19.1 is working.
Q21. Why did you fork the device and vendor trees for 19.1?
A21. The msm8916 repos seem geared towards phones and sometimes do not work or cause boot animation loops for tablets so I decided to fork their repos. In other words, what's deemed as msm8916-common code isn't common to all devices.
In addition, since I'm building SM-T350, SM-T357W, SM-T550, SM-P550 and SM-T560NU (all use the same msm8916 code), it seems easier to maintain all of them if I can control my own code repos and not worry if my changes affects the phones or not.
I have completely decommonized and rearranged the 19.1 msm8916-common tree so it's easier for me to maintain and build.
Q22. Can you build a variant of this device? For example, a LTE or S-pen version.
A22. If I don't physically have the device, I cannot and will not build it unless I can boot and test it myself. Even then, there's no guarantee that I can get those variant features working.
Q23. Can I load this rom on a variant devivce like LTE or S-pen version?
A23. The rom is built for the device explicitly listed. If you are an advanced user and understand TWRP, adb, odin, heimdall, you can try loading it on a LTE or S-pen variant by modifying the updater-script, but it may cause a bricked device, bootloops or non functionality of LTE/S-pen. You have been informed and warned!
Q24. What major code changes are in 19.1 vs 18.1.
A24.
- iptables has been removed in favour of ebpf
- keystore v1 has been replaced with keystore v2 which requires that the binder calls have some built-in security
- audio hal 2.0 has been deprecated
- legacy camera hal 1.0 and snap app have deprecated
Q25. I don't like the taskbar, how do I turn it off?
A25. Choose settings, type task into the search bar. Choose enable taskbar and disable taskbar. This will leave the on screen nav bar. If you want to disable that, go to settings, system, gestures, system navigation, gesture navigation.
Q26. Will this run on the SM-T560 or SM-T561?
A26. No, the SM-T560 and SM-T561 use a different CPU/SoC. The SM-T560NU rom will NOT work on SM T560/SM-T561.
Q27. Okay, I understand the consequences and that this is ALPHA rom and willing to take the risks outlined, now where can I find the rom?
A27. You can download it from https://sourceforge.net/projects/retiredtab/files/SM-T560NU/19.1/
NOTE: All builds that I upload have been personally tested on my device to boot and function as described in post #1. Having said that, there's still a chance it won't work on your device due to human error, your configuration, your apps, etc. If it won't boot, always start with a complete wipe of everything and format your data in TWRP. This is known has a clean install. Backup your data before a clean install.
19.1 has been my daily driver since March 2022.
May 7, 2023 release notes
1. May 5 security patches as per https://review.lineageos.org/q/topic:S_asb_2023-05
2. Whatever LineageOS changed since Apr 5 patches. About 7,400 files had to be recompiled.
Apr 12, 2023 release notes
1. Apr 5 security patches as per https://review.lineageos.org/q/topic:S_asb_2023-04
2. Whatever LineageOS changed since Mar 5 patches. About 23,000 files had to be recompiled.
March 19 , 2023 release notes
1. Mar 5 security patches as per https://review.lineageos.org/q/topic:S_asb_2023-03
2. Whatever LineageOS changed since Feb 5 patches. About 24,500 files had to be recompiled.
Feb 12, 2023 release notes
1. Feb 5 security patches as per https://review.lineageos.org/q/topic:S_asb_2023-02
2. Whatever LineageOS changed since Jan 5 patches. About 12,500 files had to be recompiled.
Dec 9, 2022 release notes
1. Dec 5 security patches as per https://review.lineageos.org/q/topic:S_asb_2022-12
2. Whatever LineageOS changed since Nov 5 patches. About 7,100 files had to be recompiled.
Nov 11, 2022 release notes
1. Nov 5 security patches as per https://review.lineageos.org/q/topic:S_asb_2022-11
2. Whatever LineageOS changed since Oct 5 patches. About 5,400 files had to be recompiled.
Oct 6, 2022 release notes
1. Oct 5 security patches as per https://review.lineageos.org/q/topic:S_asb_2022-10
2. Whatever LineageOS changed since Sept 5 patches. About 4,300 files had to be recompiled.
Sept 11, 2022 release notes
1. Sept 5 security patches as per https://review.lineageos.org/q/topic:S_asb_2022-09
2. Switched to different timekeep repo that works with Android 12 and up.
3. Whatever LineageOS changed since Aug 5 patches. About 4,600 files had to be recompiled.
Aug 10, 2022 release notes
1. Aug 5 security patches as per https://review.lineageos.org/q/topic:S_asb_2022-08
2. Initial ALPHA release to public.
Reserved.
Works great, thank you for your hard work.
My only problem so far is getting Dropbox to work in Mixplorer which I had no problems with in 18.1, but that could be unrelated and there's a way around it either way.
New build called lineage-19.1-20220911-UNOFFICIAL-gtelwifiue.zip
NOTE: All builds that I upload have been personally tested on my device to boot and function as described in post #1. Having said that, there's still a chance it won't work on your device due to human error, your configuration, your apps, etc. If it won't boot, always start with a complete wipe of everything and format your data in TWRP. This is known has a clean install. Backup your data before a clean install.
19.1 has been my daily driver since March 2022.
Sept 11, 2022 release notes
1. Sept 5 security patches as per https://review.lineageos.org/q/topic:S_asb_2022-09
2. Switched to different timekeep repo that works with Android 12 and up.
3. Whatever LineageOS changed since Aug 5 patches. About 4,600 files had to be recompiled.
retiredtab said:
This ROM is ONLY for SM-T560NU, NOT SM-T560.
PLEASE BEFORE YOU decide to try this rom, you MUST read all of post 1, 2, 3 and 4 (about 10 minute read). If you think this is an unreasonable request, then stop reading now and find another rom. Thank you.
I am not responsible for lost data, identity theft, lost money, security vulnerabilities, bricked devices or any other hardware or software malfunctions that comes as a result of flashing this rom.
BACKUP YOUR DATA AND OLD rom BEFORE trying my rom.
If you are NOT an expert in using fastboot, adb, odin, heimdall, twrp, DO NOT use this rom. You must know how to use these tools to revert back to your old rom.
If you are new to flashing custom roms, do NOT attempt this.
If you need your tablet for work and something important, do NOT flash this rom. This rom could result in a bricked device or boot loop or non booting device or you not being able to revert back to your old rom.
What works
1. bluetooth
2. wifi
3. brightness
4. external audio
5. GPS
6. audio through headphone jack
7. audio over bluetooth
What doesn't work
1. Camera. The stock camera app video recording doesn't work. Use Simple Camera 5.3.1 from https://f-droid.org/en/packages/com.simplemobiletools.camera/ . I have no plans to work on camera.
2. selinux is permissive. I have tried to make this build enforcing for weeks, but when I do, the OS doesn't boot and there is no adb logcat output despite making an "eng" build. Without adb logcat output, it's virtually impossible to determine what is wrong and I'm not spending anymore time on it. If having enforcing mode is important to you, use my 18.1 builds.
3. keyboard bug workaround. When prompted to enter something like a Bluetooth pin or text based password, sometimes the keyboard is not shown on the screen or off screen. The workaround is to goto settings, system, languages & input, on-screen keyboard, Android Keyboard (AOSP), appearance & layout, theme and choose "Material - follow system settings".
This keyboard bug is a LineageOS bug as per
https://review.lineageos.org/c/LineageOS/android_packages_inputmethods_LatinIME/+/325438
4. gapps. Some of you require gapps for whatever reason. I use Aurora Store for my purposes and thus have NO KNOWLEDGE of the current state of gapps.
There are various gapps projects (at least 5 in 2022). Each has pros and cons. It's your job to do the research and find a suitable gapps project. I suggest you allocate at least a couple of hours doing your own research. My rom works by itself fine without gapps. DO NOT talk about gapps in this thread. As a courtesy to gapps users, if you want to talk about gapps, I have opened a new thread at
https://forum.xda-developers.com/t/...m-t35x-sm-t550-sm-t560nu-and-sm-p550.4479285/
so you may discuss gapps wrt to the msm8916 platform. I will NOT be participating in that thread as I do NOT use gapps.
Thanks
1. LineageOS team for source code.
2. Kyle Harrison
- looking through the adb logcat and suggesting that my binder code was too old to work with Android 12's keystore2 code
- for the graphics and legacy camera patches to allow msm8916 to work with Android 12
- for his Motorola LineageOS 19.1 device trees so I could use his patches as a template for msm8916
3. @tarkzim
- adding back audio hal 2.0 and legacy camera hal 1.0 into the LineageOS trees
- helping me think through the msm8916 random reboots which was due to the TCP/IP patches
- maintaing and updating his repos so I can study them for learning purposes
4. pre ALPHA testers @RDS5 and @Sigster for willing to test pre ALPHA builds and leaving feedback.
Click to expand...
Click to collapse
Hello. I wanted to thank you for this amazing custom ROM here. I flashed it onto my grandma's old Tab E. It works very well!
Thanks again!
New build called lineage-19.1-20221006-UNOFFICIAL-gtelwifiue.zip
NOTE: All builds that I upload have been personally tested on my device to boot and function as described in post #1. Having said that, there's still a chance it won't work on your device due to human error, your configuration, your apps, etc. If it won't boot, always start with a complete wipe of everything and format your data in TWRP. This is known has a clean install. Backup your data before a clean install.
19.1 has been my daily driver since March 2022.
Oct 6, 2022 release notes
1. Oct 5 security patches as per https://review.lineageos.org/q/topic:S_asb_2022-10
2. Whatever LineageOS changed since Sept 5 patches. About 4,300 files had to be recompiled.
Thank you for this ROM. Can you recommend a good media player for this ROM? I've always used VLC, but VLC has no audio on this ROM (Gallery can play videos with audio just fine). I'd like to have a decent media player. I'm using Aurora like you recommended.
zswielder said:
Thank you for this ROM. Can you recommend a good media player for this ROM? I've always used VLC, but VLC has no audio on this ROM (Gallery can play videos with audio just fine). I'd like to have a decent media player. I'm using Aurora like you recommended.
Click to expand...
Click to collapse
I also build 19.1 T710/T810 and just had this question re VLC and it should work for 19.1 SM-T560NU. See post #20 from @lpedia
https://forum.xda-developers.com/t/...or-sm-t710-oct-10-2022.4480065/#post-87625761
Aurora Store is down for me right now so I can't verify by downloading VLC on 19.1 SM-T560NU.
retiredtab said:
I also build 19.1 T710/T810 and just had this question re VLC and it should work for 19.1 SM-T560NU. See post #20 from @lpedia
https://forum.xda-developers.com/t/...or-sm-t710-oct-10-2022.4480065/#post-87625761
Aurora Store is down for me right now so I can't verify by downloading VLC on 19.1 SM-T560NU.
Click to expand...
Click to collapse
Thank you for the info. The audio output sort of fixed the issue, but the sound cuts out for a second every now and then when playing a video file, so there seems to be an issue still.
zswielder said:
Thank you for the info. The audio output sort of fixed the issue, but the sound cuts out for a second every now and then when playing a video file, so there seems to be an issue still.
Click to expand...
Click to collapse
I don't use the SM-T560NU on a regular basis, but I downloaded VLC from Aurora Store, now that it works again, and played a video for 20 minutes and have no sound cuts at all.
retiredtab said:
I don't use the SM-T560NU on a regular basis, but I downloaded VLC from Aurora Store, now that it works again, and played a video for 20 minutes and have no sound cuts at all.
Click to expand...
Click to collapse
Do you think a resolution of a video file should affect that at all? Before I upgraded to this ROM, I was on Lineage 16, and my tablet couldn't handle 1080p files, so I was only watching 720p. With this ROM, it can play 1080p fine (no issue with the native Gallery player), but when I play 1080p video with VLC, the sound cuts off momentarily here and there. If you have any suggestions, I'd very much appreciate it.
zswielder said:
Do you think a resolution of a video file should affect that at all? Before I upgraded to this ROM, I was on Lineage 16, and my tablet couldn't handle 1080p files, so I was only watching 720p. With this ROM, it can play 1080p fine (no issue with the native Gallery player), but when I play 1080p video with VLC, the sound cuts off momentarily here and there. If you have any suggestions, I'd very much appreciate it.
Click to expand...
Click to collapse
The video I was watching is 1080p (h.264) with audio aac encoding. It actually played 40 minutes after I wrote the initial reply with no audio dropouts.
I suggest you look for a DRM free 1080p video somewhere on the Internet that's public domain and shows this problem so I can download and see if it happens on my tablet.
Also, download an app called MediaInfo (8MB file) by MedaArea.net from Aurora Store. It's ad-free and contains no privacy trackers according to Aurora Store. Use that app to see what audio encoding is being used in your 1080p video.
If there's no obvious answers to VLC dropping audio, I guess you will have to find another player if native Gallery player works fine.
Hello. Is there a chance to make this rom to sm t560?
New build called lineage-19.1-20221111-UNOFFICIAL-gtelwifiue.zip
NOTE: All builds that I upload have been personally tested on my device to boot and function as described in post #1. Having said that, there's still a chance it won't work on your device due to human error, your configuration, your apps, etc. If it won't boot, always start with a complete wipe of everything and format your data in TWRP. This is known has a clean install. Backup your data before a clean install.
Nov 11, 2022 release notes
1. Nov 5 security patches as per https://review.lineageos.org/q/topic:S_asb_2022-11
2. Whatever LineageOS changed since Oct 5 patches. About 5,400 files had to be recompiled.
New build called lineage-19.1-20221209-UNOFFICIAL-gtelwifiue.zip
NOTE: All builds that I upload have been personally tested on my device to boot and function as described in post #1. Having said that, there's still a chance it won't work on your device due to human error, your configuration, your apps, etc. If it won't boot, always start with a complete wipe of everything and format your data in TWRP. This is known has a clean install. Backup your data before a clean install.
19.1 has been my daily driver since March 2022.
Dec 9, 2022 release notes
1. Dec 5 security patches as per https://review.lineageos.org/q/topic:S_asb_2022-12
2. Whatever LineageOS changed since Nov 5 patches. About 7,100 files had to be recompiled.
Hi, is there any chance to make it also work for SM-T560?
Thanks a lot
cannabis4711 said:
Hi, is there any chance to make it also work for SM-T560?
Thanks a lot
Click to expand...
Click to collapse
SM-T560/SM-T561 doesn't support this rom.
cannabis4711 said:
Hi, is there any chance to make it also work for SM-T560?
Thanks a lot
Click to expand...
Click to collapse
those use a spreadtrum SoC (sc8830) and the source code for their kernels isnt up to date, and the latest port was android 7.1.2 however whoever ported it violated the GPL and didnt release the source code, so the most recent i could find for the SM-T560's kernel is this
device tree, vendor.
the T560NU however has much better community support as it uses the MSM8916 SoC, so thats why this rom supports it.