[MOD][HACK] Disable ASEC (Forward locked packages) on Jellybean

CosmicDan · Mar 7, 2013

I will not detail what ASEC is, how it ruines sd-ext linking (e.g. especially in Link2SD), that it can hurt performance and boot time, nor why it does nothing to deter piracy. A quick summary on this wide-spread problem with Jellybean can be found in this blog post.

From the same blog, this article explains how to disable it in sourcecode so all paid apps are installed as normal APK's - like what pre-Jellybean Android would. Full credits go to him for the original fix.

I have translated this to smali so you can apply it to any Jellybean ROM without source compile.

1) Decompile services.jar
2) Open smali/com/android/server/pm/PackageManagerService.smali in a Unix line-ending compatible editor (GEdit, Notepad++)
3) Search for this text...

Code:

android.permission.INSTALL_PACKAGES

... there will be only one match, within the installPackageWithVerification method.
4) Including the couple of lines after it, you should see something like this...

Code:

const-string v1, "android.permission.INSTALL_PACKAGES"

const/4 v2, 0x0

invoke-virtual {v0, v1, v2}, Landroid/content/Context;->enforceCallingOrSelfPermission(Ljava/lang/String;Ljava/lang/String;)V

.line 5389
invoke-static {}, Landroid/os/Binder;->getCallingUid()I

...your locals/registers (v#) may be different.
5) Before the last line - the call to getCallingUid() - add a new line...

Code:

const-string v1, "android.permission.INSTALL_PACKAGES"

const/4 v2, 0x0

invoke-virtual {v0, v1, v2},  Landroid/content/Context;->enforceCallingOrSelfPermission(Ljava/lang/String;Ljava/lang/String;)V

[COLOR=Green][B]and-int/lit8 p3, p3, -0x2[/B][/COLOR]

.line 5389
invoke-static {}, Landroid/os/Binder;->getCallingUid()I

...recompile and push back to device. All done.

With this mod, any APK you install from market that would usually go in an ASEC container should now install as a standard APK, allowing you to move it to sd-ext with e.g. Link2SD. If you have existing ASEC apps already, uninstall and reinstall them.

Enjoy the extra internal space and no more headaches

JunDavis · Mar 7, 2013

Nice job Dan! :thumbup:

Sent from my LG-P920 using xda app-developers app

ZduneX25 · Mar 8, 2013

Anyone tested with miui jb? Seems like I kinda lost lockscreen and statsubar no longer refresh.

Edit: fixed, wrong gapps caused my problems

CosmicDan · Mar 8, 2013

ZduneX25 said:
Anyone tested with miui jb? Seems like I kinda lost lockscreen and statsubar no longer refresh.

Edit: fixed, wrong gapps caused my problems

Yeah I use it on MIUI5, works perfectly.

Sage · Mar 22, 2013

very nice mate thank you

mikeyxda · Apr 11, 2013

Thanks for this. I tried it, however, and it's not working for me. I'm on the Galaxy Note II LL4 base (4.1.1) and when I make the change and then try to install an app, I get "Package has a bad manifest" and the app will not install. I'll look later to see if there are any other checks that need to be disabled but might you know what is going on? I was able to find the code and add the line no problem so I'm sure I did as this guide instructs. Just not working.

Regards,
Mike

webleeper · Apr 11, 2013

Worked great

Thanks for this, worked great on my Note 2 running Cleanrom ACE 4.7

CosmicDan · Apr 11, 2013

mikeyxda said:
Thanks for this. I tried it, however, and it's not working for me. I'm on the Galaxy Note II LL4 base (4.1.1) and when I make the change and then try to install an app, I get "Package has a bad manifest" and the app will not install. I'll look later to see if there are any other checks that need to be disabled but might you know what is going on? I was able to find the code and add the line no problem so I'm sure I did as this guide instructs. Just not working.

Regards,
Mike

Not sure. If you are certain you did it correctly, maybe 4.1.1 needs something different. I only did thus on 4.1.2.

Sent with Tapatalk

curiouscrackers · Apr 11, 2013

Wasn't working for me either. After reboot it gets stuck at boot animation. I'm on 4.2.2 (PAC-Man ROM).

Sent from my SAMSUNG-SGH-I727 using Tapatalk 2

mikeyxda · Apr 11, 2013

CosmicDan said:
Not sure. If you are certain you did it correctly, maybe 4.1.1 needs something different. I only did thus on 4.1.2.

Sent with Tapatalk

OK. Could be. I'll take a look at the differences between 4.1.1 and 4.1.2 and I'll let you know if I solve this for 4.1.1.

Re: curiouscrackers... sounds like yours didn't compile correctly or the jar didn't get put back together correctly. This change won't cause a boot loop as it only affects app installations and a bootloop after modifying services.jar usually means the decompile/recompile didn't go right.

Mike

mikeyxda · Apr 11, 2013

Has anyone tried this with the new Google Play 4.0.25? Since that "Package file has a bad manifest" error is coming from Google Play, I wonder if they did something in the latest version of Google Play to thwart this fix? I looked at the 4.1.1 and 4.1.2 code and even tried copying the package manager smali code over from 4.1.2 to 4.1.1 and it did the same thing.

Mike

ZduneX25 · Apr 11, 2013

It works just fine Mike no such problem by my side, looks like you should dig a bit deeper.

mikeyxda · Apr 12, 2013

Dug as deep as I'm willing to go (a couple hours). Looks like this just doesn't work on 4.1.1, or at least on the Verizon incarnation of the Galaxy Note II 4.1.1. Logcat shows the file being downloaded but then the download-1.apk file is unable to be opened. There is some indication that it is downloaded in encrypted format and then an attempt made to install it as an un-encrypted file. I'd have to spend a lot more time on it to be sure but it looks like there's more code that needs to be changed in order for the non-asec flag to be carried on into other functions in the framework. I traced the code a half dozen function calls back and don't see anything obvious. Looks like it should work especially since the code inside that method is identical. So either some of the VZW authentication messes it up or it isn't 4.1.1 friendly. Don't really want to spend too much time on it since it's a no brainer to pull the app out of /mnt/asec anyway. Just a curiosity.

Mike

Sage · May 3, 2013

if anyone came here looking for a method to convert ASEC to APK rather than prevent them installed. you can run this script in a terminal emulator with root access.

It will transfer all your asec files to apk's no loss of data or reboot required!

Code:

#!/system/xbin/sh

LD_LIBRARY_PATH="/system/lib"
PATH="/system/xbin:/system/sbin:/system/bin"

for ASEC in $(find /data/app-asec/ -name '*.asec')
do
        echo "Deasec $ASEC"
	PKG=$(basename $ASEC|cut -d'-' -f1)
	echo "Package name $PKG"
	if [ -d /mnt/asec/$PKG*/lib ]
	then
		echo "Relocate libs"
		find /data/data/$PKG/ -type l -name lib -exec rm {} \;
		cp -r /mnt/asec/$PKG*/lib /data/data/$PKG/
		echo "Fix libs permissions"
		chown -R system:system /data/data/$PKG/lib
		chmod -R 755 /data/data/$PKG/lib
	fi
	APK=$(pm path $PKG|cut -d':' -f2)
	echo "APK location $APK"
        cp $APK /data/local/tmp/pkg.apk
        chmod 644 /data/local/tmp/pkg.apk
        pm install -r -f /data/local/tmp/pkg.apk && rm /data/local/tmp/pkg.apk
done

CosmicDan · May 4, 2013

mikeyxda said:
Dug as deep as I'm willing to go (a couple hours). Looks like this just doesn't work on 4.1.1, or at least on the Verizon incarnation of the Galaxy Note II 4.1.1. Logcat shows the file being downloaded but then the download-1.apk file is unable to be opened. There is some indication that it is downloaded in encrypted format and then an attempt made to install it as an un-encrypted file. I'd have to spend a lot more time on it to be sure but it looks like there's more code that needs to be changed in order for the non-asec flag to be carried on into other functions in the framework. I traced the code a half dozen function calls back and don't see anything obvious. Looks like it should work especially since the code inside that method is identical. So either some of the VZW authentication messes it up or it isn't 4.1.1 friendly. Don't really want to spend too much time on it since it's a no brainer to pull the app out of /mnt/asec anyway. Just a curiosity.

Mike

We use this in ICS devices so the issue isn't specific to platform version. The smali mod itself is fine, it's just a compiled version of a safe modification in sourcecode to tell PackageManager to turn off encryption when installing. Your device/ROM must have some other non-standard protection. Being a Samsung, probably some more encryption nonsense. Hard to diagnose because Samsung are terrible with releasing source code.

hadi_rena · Jun 1, 2013

Sage said:

if anyone came here looking for a method to convert ASEC to APK rather than prevent them installed. you can run this script in a terminal emulator with root access.

It will transfer all your asec files to apk's no loss of data or reboot required!

Code:

#!/system/xbin/sh

LD_LIBRARY_PATH="/system/lib"
PATH="/system/xbin:/system/sbin:/system/bin"

for ASEC in $(find /data/app-asec/ -name '*.asec')
do
        echo "Deasec $ASEC"
	PKG=$(basename $ASEC|cut -d'-' -f1)
	echo "Package name $PKG"
	if [ -d /mnt/asec/$PKG*/lib ]
	then
		echo "Relocate libs"
		find /data/data/$PKG/ -type l -name lib -exec rm {} \;
		cp -r /mnt/asec/$PKG*/lib /data/data/$PKG/
		echo "Fix libs permissions"
		chown -R system:system /data/data/$PKG/lib
		chmod -R 755 /data/data/$PKG/lib
	fi
	APK=$(pm path $PKG|cut -d':' -f2)
	echo "APK location $APK"
        cp $APK /data/local/tmp/pkg.apk
        chmod 644 /data/local/tmp/pkg.apk
        pm install -r -f /data/local/tmp/pkg.apk && rm /data/local/tmp/pkg.apk
done

Hi, thanks for this awesome script, but when I try this script its return directory not found error. I check all directories / mount folder and there is accessible. Sorry I'm noob related to this...

Sage · Jun 1, 2013

try installing a terminal..

type
su
and allow root access

then type each line one by one enter after each.

Should work fine.

If you want to turn it into a single script. (.sh file). Then you will need use a linux or notepad++ to make it. If you make the script in windows it will not work.

you can then type sh filename.sh in terminal (after SU) to execute it.

Hit thanks if i helped.

Cheers.

MattBooth · Jun 1, 2013

SGS3 GT-i9300 running 4.1.2... Bad package manifest :/

EMSpilot · Jan 30, 2014

Verizon S4 on 4.3

Very Nice Job!!!

Works perfectly on my Verizon S4 running MK2 Android 4.3.

Thanks for this!!! This is where I inserted it.

heyjoe66 · May 16, 2014

Bad manifest here on Play Store 4.6.17

As far as I understand, packages for paid apps com from Play Store encrypted and get stored encrypted.
So I guess, that asec file in asec folder IS an encrypted package, came from Play Store, and if one will try to install it as a regular apk, the "Bad manifest..." error will occur. So it happens. Too bad.

[MOD][HACK] Disable ASEC (Forward locked packages) on Jellybean

Senior Member

Senior Member

Recognized Themer

Senior Member

Senior Member

Inactive Recognized Developer

Senior Member

Senior Member

Senior Member

Inactive Recognized Developer

Inactive Recognized Developer

Recognized Themer

Inactive Recognized Developer

Senior Member

Senior Member

Senior Member

Senior Member

Senior Member

Inactive Recognized Themer

Senior Member

Similar threads

Top Liked Posts