Porting LineageOS to FP2

Lazalatin · August 8, 2017, 8:35am

So should the recent testbuild from 07.08.2017 contain the binary blobs 17.07.6? (As they can be downloaded here )
If so, why is the build.prop of the actual testbuild referring to fp2-gms-17.04.8 in its fingerprint?
Am I getting something wrong? Is the version number in the fingerprint not related to the binary blobs delivered with the image?

snevas · August 8, 2017, 9:05am

The buildserver uses this repo for the blobs:
https://github.com/FairBlobs/proprietary_vendor_fairphone-fork
which contains the 17.07.6.1 blobs

So I think the version number does not match the actual blobs used.

aral-matrix · August 8, 2017, 5:31pm

Bugreport:
SIM slot 1: Main Sim w/ PIN
SIM slot 2: prepaid Sim with default 0000 PIN

Turn on phone, upon entering the correct SIM1 PIN: “SIM PIN Operation failed”

Compare:
SIM slot 1: prepaid Sim with default 0000 PIN
SIM slot 2: Main Sim w/ PIN

Turn on phone, SIM1 PIN request skipped(*), upon entering the correct SIM2 PIN: both SIMs are activated correctly, all network services can be used

(*) There is a setting activated on the Sim card (as I just learned) that it is not locked

lklaus · August 8, 2017, 6:21pm

Is this FP2 specific or general LOS?

08-08 20:12:30.647 14273 14273 W sh : type=1400 audit(0.0:304): avc: denied { read } for name="/" dev=“rootfs” ino=1 scontext=u:r:untrusted_app:s0:c512,c768 tcontext=u:object_r:rootfs:s0 tclass=dir permissive=0

I see this also when working with a terminal emulator. Not being root gives a a permission denied (termux) or “empty directory” (file manager)

“of course”

z3ntu · August 8, 2017, 7:46pm

I’d call this wanted behavior because why should a non-root user be allowed to see that folder?

WolleTD · August 8, 2017, 8:04pm

I recently built and installed LineageOS on my FP2, works decent so far. Thanks to all contributors.

I just realized a feature I loved on the Fairphone OS that seems missing in Lineage: Mounting the SD card as USB Mass Storage to a computer.

I’m not an Android dev, but some digging around makes it look like 1) nobody believes this is possible, while 2) it’s perfectly possible and low-level implementation just waits for a userspace button.

lklaus · August 8, 2017, 8:05pm

Well, why not? This is root, the start of everything, and what secret do you expect there? Besides, on every SELinux enabled system, / is readable by everyone. I can’t think of any reason not to be able to read /. Except you would propose security by obscurity. But even then, the contents of root are no secret on Android. You may argue for /system, and the likes, but /? Also /data is only readable as root, as seen by the permissions. So, if /data is rwxrwx–x, which reflects this, / is rwxr-xr-x, as on every Unix system, and forbidden by policy? I wouldn’t call this consistent…

sky · August 9, 2017, 9:31am

It’s more about signed builds and release keys

BUILD_FINGERPRINT=Fairphone/FP2/FP2:6.0.1/FP2-gms-17.04.8/FP2-gms-17.04.8:user/release-keys

github.com

LineageOS/android_device_fairphone_FP2/blob/cm-14.1/lineage.mk

# Copyright (C) 2017 The LineageOS Project
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
#      http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.

# Inherit from those products. Most specific first.
$(call inherit-product, $(SRC_TARGET_DIR)/product/full_base_telephony.mk)

# Inherit from FP2 device
$(call inherit-product, device/fairphone/FP2/FP2.mk)

This file has been truncated. show original

Nivve · August 9, 2017, 9:43am

After a few days of testing, I notice that LineageOS has significant trouble on my phone with Mobile data. I have the modem version as is mentioned in the post I reply to, so I think the modem files are up to date. My Lineage version is of 3 august, so that’s up to date as well.

Messaging and mails in general work, but anything more bandwith heavy (even simple web browsing) just refuses to load (not slow but time-outs and ‘no network’ errors). Also my VPN (TCP connection) is unable to connect under mobile data, while it works fine with Wifi. Under FPOOS my vpn never had any issue connecting to mobile networks.
Btw, the icon in the status bar sometimes has a small X, but other times just shows a healthy graph with LTE above it while the symptoms appear (No X or other additions). So this doesn’t seem to reliably indicate that there is an issue. I also tried turning airplane mode on and off. Sometimes it works a bit, but does not solve the issue completely.

Anybody knows something I can try to debug this? Is anyone else having this much trouble with mobile data?

chrmhoffmann · August 9, 2017, 7:15pm

Untrusted apps are not getting any additional SELinux privileges. That’s what SELinux is about.

Chris

chrmhoffmann · August 9, 2017, 7:16pm

Hi,

the fingerprint should from time to time being updated to the latest FP version that Fairphone has officially released including android CTS tests passing. As far as I know, some apps on playstore test this.

Chris

chrmhoffmann · August 9, 2017, 7:17pm

You should rather discuss this with the lineage community. There wont be any fairphone specific enhancements.

Chris

lklaus · August 9, 2017, 7:25pm

Well, i wouldn’t restrict it to untrusted apps. SELinux is about controlling all accesses. But i guess this is no point of argument. I just question the access denial to /, which on one hand isn’t reflected by file system permissions, and for good reason, because that’s what / is all about in Unix in the first place, and denying read access does not offer any security pluses.
Besides, but this may just be my problem, i don’t know what’s all put into the untrusted apps domain. It looks like all apps installed by the user land there… Most of the time you don’t see this, but with a file manager and a terminal it’s obvious. Re file manager: it’s quite annoying not being able to walk the tree just because you aren’t allowed to start at /. Breaks expected behavior. In every (SELinux enabled system everybody may read /, because that’s the way the unit file system works)

lklaus · August 9, 2017, 7:25pm

Thanks. This was one of my questions

maba007 · August 10, 2017, 12:36pm

I noticed two random reboots in the last days (14.1-20170807-UNOFFICIAL-FP2). I had this already with the Fairphone Open version. Had anyone here? Whether that is possibly related to the properitäre firmware (blobs)?

chrmhoffmann · August 10, 2017, 7:21pm

Can you get the /proc/last_kmsg file after a random reboot and post it here?

Chris

maba007 · August 11, 2017, 6:05am

I’ll make it the next time.

maba007 · August 11, 2017, 6:12am

FP2:/ # cat /proc/last_kmsg
[…]
5NwanD: Unknown sxmbol aDdress c01028c0
unw)nd: Index not fkund c01028c0
COde: 00000000 00000000 00000000 00000000 (00000000)
—[ end trace da227214a82495a8 ]—
Kernel panic - not syncing: Fatal exception in hnterrupt
CU2: stoppijg
[] (unwifd_backtrace+0x0/0x!38) froi [,c010dab> (handhe_IPI+0x044/0X248)
[] (handle[IPI+0x144/0x248) from [<c0102914<] (gic_handle_irq+0xec/0824)
unwinD: Unknmwn symbOd a`dress c010914
unwild: INd%x foT found c01 2914
SMP: failed to st/p secondary CPUs
wcj3s cra3h shutdown 0
Rebkotin’ in 4 seconds…
SMP: failed to stop sebondary CPQr
Going douf for restart no7
Calling CCM to disable SPMI PC arbiter
2729 Corrected bytes, 420 unrecoverable blocks
FP2:/ $

Looks like kernel panic. If you need a full kmsg, let me know.

chrmhoffmann · August 11, 2017, 6:15am

Yes, please upload always full one.

Chris

maba007 · August 11, 2017, 6:41am

Here it is: FP2 · GitHub