[Info] Rooting will be impossible on newer stock kernels

Search This thread
By:
Advanced…
AndreiLux

AndreiLux

Senior Member
Jul 9, 2011
3,209
14,598
I just noticed when sniffing the new 9500UBUAMDK kernel is that they activated a new "feature" / CONFIG_SEC_RESTRICT_SETUID in the kernel.

This means no more rooting is possible, at least not anymore in the usual methods. Your SuperUser will tell you it will have granted access, but it's neutered on the kernel level.

There is the exception of allowing /system/bin/pppd to gain root access so somebody will want to maybe replace that somehow to gain it as an entry-point. Somebody will want to check that.

This doesn't apply to custom compiled kernels which disable this config option.
 
Last edited:
  • Like
Reactions: kaizokan, bnbasarir, hav0c and 31 others
H

hazri1974

Senior Member
Jun 13, 2012
897
108
Omg.......hope somebody can bypass that one.......sad news for me.....XXUAMDL now....arghhhh

Sent from my GT-I9500 using xda premium
 
btemtd

btemtd

Senior Member
Aug 8, 2012
2,052
1,002
This makes sense cause I flashed MDM for I9505, I used djembey's modfied stock root and apparantley it works, well yeh it works but that because it reverted my kernel back to an older version it didn't actually root the current kernel it reverted back to the older kernel. Because my rom was dated 12th April after i updated the firmware it was 25th april. Then I used the Modified root that is meant to work on all firmwares, I checked the date of the kernel after i rooted and I am now back to the 12th.
 
DjeMBeY

DjeMBeY

Senior Member
Dec 23, 2011
3,235
6,567
London, UK
www.soundcloud.com
AndreiLux said:
I just noticed when sniffing the new 9500UBUAMDK kernel is that they activated a new "feature" / CONFIG_SEC_RESTRICT_SETUID in the kernel.

This means no more rooting is possible, at least not anymore in the usual methods. Your SuperUser will tell you it will have granted access, but it's neutered on the kernel level.

There is the exception of allowing /system/bin/pppd to gain root access so somebody will want to maybe replace that somehow to gain it as an entry-point. Somebody will want to check that.

This doesn't apply to custom compiled kernels which disable this config option.
Click to expand...
Click to collapse

CORRECT!! :(
I've tested it and it's true.... I9505 STOCK Kernel for new builds MDM/MDN has been LOCKED as well....
My solution is to use Kernel from builds up to MDF and include it into CF-AutoRoot package and it WORKS like charm... (Future proof..)
BTW, they have changed something in system.img.ext4 as well!! Checksum added or something like this, if you re-build it, whole integrity is broken... SYSTEM IS LOCKED!!
CSC is impossible to apply usual way, I've implanted it into system and modified to achieve HD Voice support on all networks.. NOTHING can be added to it afterwards..
 
Last edited:
  • Like
Reactions: sleshepic and PLUG313
cmd512

cmd512

Senior Member
Aug 25, 2009
3,348
841
Shanghai
Ahhh, this is why I'm getting the following error, damnit!

"BusyBox works but the "su" command does not elevate to root. There's something wrong with your "su" binary and/or "Superuser" app."
 
  • Like
Reactions: m.van.iperen
yonoshiro

yonoshiro

Senior Member
Aug 10, 2010
115
139
AndreiLux said:
I just noticed when sniffing the new 9500UBUAMDK kernel is that they activated a new "feature" / CONFIG_SEC_RESTRICT_SETUID in the kernel.

This means no more rooting is possible, at least not anymore in the usual methods. Your SuperUser will tell you it will have granted access, but it's neutered on the kernel level.

There is the exception of allowing /system/bin/pppd to gain root access so somebody will want to maybe replace that somehow to gain it as an entry-point. Somebody will want to check that.

This doesn't apply to custom compiled kernels which disable this config option.
Click to expand...
Click to collapse

Damn!.. I updated my GS4 from UBUAMDE to UBUAMDK and was just now planning to root it when i saw this post.. *sigh*... Nonetheless,thank you for the information and insight kind sir, and I hope there will be a workaround soon for root access *fingers crossed*
 
Last edited:
samomamo

samomamo

Senior Member
Jul 17, 2010
1,146
310
Well can we just flash a rooted rom from recovery?

Sent from my GT-I9500 using xda premium
 
R

RiverSource

Senior Member
Sep 22, 2010
187
299
AndreiLux said:
I just noticed when sniffing the new 9500UBUAMDK kernel is that they activated a new "feature" / CONFIG_SEC_RESTRICT_SETUID in the kernel.
Click to expand...
Click to collapse
I'm afraid you are right. I did a source code review a few days ago in a German forum and came to the same conclusion: We need a Stock Kernel with deactivated Root Restriction Feature or a custom kernel without these features.

I'm not sure, if we can build something around the pppd issue. Some "rename pppd temporarily if root is needed special hacking service". But sounds somehow crazy, and I'm not sure, if it is worth a try. You have to modify the systemfs, and I think, a Custom Kernel is easier.

Do you think there are dependencies in the rest of the firmware to the Root Restriction Feature? In other words: Will disabling this feature cause trouble, e.g. with Knox?
 
Last edited:
Rahulrulez

Rahulrulez

Senior Member
Oct 18, 2010
1,798
1,465
32
India
And since we have kernel sources can't we recompile our own kernel with this option disabled? I don't think this as a deadlock state. It is pretty much possible to bypass.
 
R

RiverSource

Senior Member
Sep 22, 2010
187
299
I think, this will be possible. At least it will be my first try as soon as I have my own S4 in my hands. Building a stock kernel from source without Root Restriction.

BTW: In the actual Samsung source code the feature is disabled in the default configuration. Hmmm ...
 
SlimJ87D

SlimJ87D

Senior Member
Jan 16, 2008
2,326
424
AndreiLux said:
I just noticed when sniffing the new 9500UBUAMDK kernel is that they activated a new "feature" / CONFIG_SEC_RESTRICT_SETUID in the kernel.

This means no more rooting is possible, at least not anymore in the usual methods. Your SuperUser will tell you it will have granted access, but it's neutered on the kernel level.

There is the exception of allowing /system/bin/pppd to gain root access so somebody will want to maybe replace that somehow to gain it as an entry-point. Somebody will want to check that.

This doesn't apply to custom compiled kernels which disable this config option.
Click to expand...
Click to collapse

Could they possibly be getting some kernels ready for military purpose devices?

Sent from my GT-I9300 using xda app-developers app
 
  • Like
Reactions: RMXO and HassanM
R

resore

Senior Member
Apr 12, 2011
115
25
thats because latest exynos exploit story, so now u dont have to worry about holes in os. its unrootable
 
opz187

opz187

Senior Member
Sep 30, 2012
1,459
480
Aaaaaaaaaannnddd im returning my s4. Not gonna keep dealing with this s*** every time that there's updates.
 
You must log in or register to reply here.

Similar threads

samersh72
[GUIDE] Unroot/Unbrick, Flash official stock firmware on Galaxy S4 GT-I9500 & I9505
Replies
4K
Views
2M
S
speedy8
DjeMBeY
[GUIDE] ROOT + OTA & KIES Updates + OFFICIAL Device Status (XXUGNF1) [GT-I9500/I9505]
Replies
1K
Views
561K
C
chadElle
davidcsv
[OFFICIAL] Korean SGS4 LTE-A (SHV-E330S/K/L) Rooting, ROMs, Kernels & Guides
Replies
609
Views
328K
captsingh787
captsingh787
theq86
[RESEARCH] Samsung Knox: Warranty Void Behavior
Replies
3K
Views
1M
D
dave678
blackcat67
[GT-I9500][Official][ROM]5.0.1 Android Lollipop Update [SER/INU] 10.07.2015
Replies
2K
Views
746K
Raagul.K
Raagul.K

Top Liked Posts

24 Hours All time
  • There are no posts matching your filters.
  • 41
    jeboo
    jeboo
    Here's the 1-byte binary hack to enable rooting with a stock kernel compiled with CONFIG_SEC_RESTRICT_SETUID. I've attached a screen cap of the ARM disassembly so you can see how it relates to the source. The most important part for patching are the blue numbers which represent the hexadecimal code. On the highlighted line, the change needed is 01 to 00. You can unpack/repack the kernel with various tools on XDA.

    Kernel for this example was GT-I9500-TTT-I9500UBUAMDK.

    QAKokmS.jpg
    View
    34
    AndreiLux
    AndreiLux
    I just noticed when sniffing the new 9500UBUAMDK kernel is that they activated a new "feature" / CONFIG_SEC_RESTRICT_SETUID in the kernel.

    This means no more rooting is possible, at least not anymore in the usual methods. Your SuperUser will tell you it will have granted access, but it's neutered on the kernel level.

    There is the exception of allowing /system/bin/pppd to gain root access so somebody will want to maybe replace that somehow to gain it as an entry-point. Somebody will want to check that.

    This doesn't apply to custom compiled kernels which disable this config option.
    View
    32
    KillaHurtz
    KillaHurtz
    #1. The bootloaders are locked at the carriers request, not Samsung's.
    #2. These patches are being applied due to the slew of retards that can't read the damn existing threads and end up bricking their phones.
    #3. They always release source, most times before the device even releases.
    #4. If this is too much for you, move on. All you have to do is odin a custom kernel or an earlier version than the patched one, as long is it is 4.2.2 it will work.
    #5. Stop b!tching, this is a dev community devoted to outsmarting the big dogs.
    View
    8
    AndreiLux
    AndreiLux
    jcase said:
    A lot of people are misunderstanding the OP I believe. Tried to clear it up a little bit http://www.androidpolice.com/2013/0...os-galaxy-s4-update-but-this-is-a-good-thing/
    Click to expand...
    Click to collapse

    Oh, and by the way. People are misunderstanding it because it was not meant for them in the first place.

    I posted this thread in the development forum solely for other devs to know about, but some moderator thought to move it in general discussion, and they've ignored requests to move it back.
    View
    6
    jcase
    jcase
    tuxonhtc said:
    Wow, absolutely ridiculous. Do they gain something from doing this at all? How about putting in a little more effort in fixing the ****ty touchwiz bugs for starters rather than making it harder for users and devs? FFS. Thank god for Andrei and rest of the devs though.
    Click to expand...
    Click to collapse

    Do you really not get what they are doing here? They are trying to preemptively mitigate some of the more dangerous unknown bugs (like ones used by root exploits). Andrei is very clear, they are not stopping users from having root.

    Android community doesn't seem to get this, vulnerabilities especially those leading to root are NOT a good thing to have on your phone. Patching them, or doing things to mitigate unknown ones is a GOOD thing. Advocating against these kinds of messures is like, advocating users run an outdated version of java on their PC, use IE8, and running any EXE that porn ads auto download.
    View

New posts