Palm phone firmware?

Tell Rodrigo if he wants to "improve the product" he could publish a way to unlock the bootloader, like Samsung and Google both do, thus expanding the audience for this ill-conceived niche product. Also, put a bigger battery in the next version. What were they thinking?!

anyway the battery might have been ok if the processor had been slower and with less cores and with lower power architecture, this phone is not for gaming or multitasking, so half the cores would have been more than enough

---------- Post added at 11:48 PM ---------- Previous post was at 11:46 PM ----------

Guys, one question: does root help for modifying LTE bands?

Arpruss is trying to help us! Here's what he says:

"What happens if you run poc98 from my github on the device?

Here are the crucial offsets:
#define OFFSET__task_struct__cred 0x550
#define OFFSET__task_struct__seccomp 0x9b0
#define OFFSET__cred__uid 0x004
#define OFFSET__cred__securebits 0x024
#define OFFSET__cred__cap_permitted 0x030

If you're lucky, none need to be changed.

If you're not lucky, you will need to change cred and seccomp. These are offsets of the cred and seccomp fields in task_struct, defined in the kernel's sched.h file. Getting these offsets isn't trivial, however, because there are a lot of #ifdefs to deal with. Tonight I plan to see if I can modify the code to automatically detect these offsets, but I don't guarantee it'll work.

If you're really unlucky, you will need to change them all."

Can anyone of you, guys, perform the test he needs (compiling and running poc98 from his github repository and let us know the outcome)?

I ran it with the default values, here is the output
epito:/data/local/tmp $ ./poc98
Starting POC
Leak size 4096
dataBuffer = 75f5a1bb80
PARENT: Calling WRITEV
CHILD: Doing EPOLL_CTL_DEL.
CHILD: Finished EPOLL_CTL_DEL.
CHILD: initial page
CHILD: dummy data
CHILD: leak data
writev() returns 0x12001
CHILD: Finished write to FIFO.
PARENT: Done with leaking
00000000 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................|
00000010 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................|
00000020 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................|
00000030 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................|
00000040 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................|

*/ a bunch of lines were removed to make the text fit post limits/*

000005a0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................|
000005b0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................|
000005c0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................|
000005d0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................|
000005e0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................|
000005f0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................|
00000600 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................|
00000610 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................|
00000620 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................|
00000630 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................|
00000640 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................|
00000650 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................|
00000660 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................|
00000670 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................|
00000680 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................|
00000690 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................|
000006a0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................|
000006b0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................|
000006c0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................|
000006d0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................|
000006e0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................|
000006f0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................|
00000700 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................|
00000710 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................|
00000720 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................|
00000730 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................|
00000740 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................|
00000750 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................|
00000760 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................|
00000770 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................|
00000780 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................|
00000790 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................|
000007a0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................|
000007b0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................|
000007c0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................|
000007d0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................|
000007e0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................|
000007f0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................|
00000800 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................|
00000810 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................|
00000820 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................|
00000830 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................|
00000840 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................|
00000850 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................|
00000860 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................|
00000870 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................|
00000880 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................|
00000890 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................|
000008a0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................|
000008b0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................|
000008c0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................|
000008d0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................|
000008e0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................|
000008f0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................|
00000900 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................|
00000910 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................|
00000920 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................|
00000930 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................|
00000940 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................|
00000950 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................|
00000960 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................|
00000970 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................|
00000980 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................|
00000990 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................|
000009a0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................|
000009b0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................|
000009c0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................|
000009d0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................|
000009e0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................|
000009f0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................|
00000a00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................|
00000a10 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................|
00000a20 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................|
00000a30 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................|
00000a40 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................|
00000a50 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................|
00000a60 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................|
00000a70 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................|
00000a80 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................|
00000a90 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................|
00000aa0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................|
00000ab0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................|
00000ac0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................|
00000ad0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................|
00000ae0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................|
00000af0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................|
00000b00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................|
00000b10 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................|
00000b20 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................|
00000b30 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................|
00000b40 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................|
00000b50 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................|
00000b60 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................|
00000b70 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................|
00000b80 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................|
00000b90 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................|
00000ba0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................|
00000bb0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................|
00000bc0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................|
00000bd0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................|
00000be0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................|
00000bf0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................|
00000c00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................|
00000c10 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................|
00000c20 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................|
00000c30 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................|
00000c40 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................|
00000c50 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................|
00000c60 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................|
00000c70 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................|
00000c80 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................|
00000c90 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................|
00000ca0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................|
00000cb0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................|
00000cc0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................|
00000cd0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................|
00000ce0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................|
00000cf0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................|
00000d00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................|
00000d10 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................|
00000d20 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................|
00000d30 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................|
00000d40 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................|
00000d50 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................|
00000d60 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................|
00000d70 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................|
00000d80 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................|
00000d90 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................|
00000da0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................|
00000db0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................|
00000dc0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................|
00000dd0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................|
00000de0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................|
00000df0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................|
00000e00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................|
00000e10 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................|
00000e20 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................|
00000e30 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................|
00000e40 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................|
00000e50 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................|
00000e60 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................|
00000e70 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................|
00000e80 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................|
00000e90 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................|
00000ea0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................|
00000eb0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................|
00000ec0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................|
00000ed0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................|
00000ee0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................|
00000ef0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................|
00000f00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................|
00000f10 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................|
00000f20 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................|
00000f30 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................|
00000f40 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................|
00000f50 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................|
00000f60 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................|
00000f70 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................|
00000f80 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................|
00000f90 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................|
00000fa0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................|
00000fb0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................|
00000fc0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................|
00000fd0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................|
00000fe0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................|
00000ff0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................|
tasklist = 0
current_ptr = 0
Pepito:/data/local/tmp $ ./poc98
Starting POC
Leak size 4096
dataBuffer = 700141b7c0
PARENT: Calling WRITEV
CHILD: Doing EPOLL_CTL_DEL.
CHILD: Finished EPOLL_CTL_DEL.
CHILD: initial page
CHILD: dummy data
CHILD: leak data
writev() returns 0x12001
CHILD: Finished write to FIFO.
PARENT: Done with leaking
00000000 a0 7c df 97 c0 ff ff ff a0 7c df 97 c0 ff ff ff |.|.......|......|
00000010 c0 b7 41 01 70 00 00 00 01 00 01 00 00 00 00 00 |..A.p...........|
00000020 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................|

*/I cut out a bunch of line here to make the text fit post limits/*

00000530 65 73 00 76 6f 73 5f 73 74 61 72 74 00 64 6f 74 |es.vos_start.dot|
00000540 31 31 66 55 6e 70 61 63 6b 49 65 50 32 50 57 53 |11fUnpackIeP2PWS|
00000550 43 50 72 6f 76 69 73 69 6f 6e 44 69 73 63 6f 76 |CProvisionDiscov|
00000560 65 72 79 52 65 73 00 57 44 49 5f 50 72 6f 63 65 |eryRes.WDI_Proce|
00000570 73 73 53 65 74 42 73 73 4b 65 79 52 65 71 00 57 |ssSetBssKeyReq.W|
00000580 4c 41 4e 54 4c 5f 52 65 73 65 74 52 78 53 53 4e |LANTL_ResetRxSSN|
00000590 00 76 6f 73 5f 77 64 74 68 72 65 61 64 5f 69 6e |.vos_wdthread_in|
000005a0 69 74 5f 74 69 6d 65 72 5f 77 6f 72 6b 00 57 44 |it_timer_work.WD|
000005b0 49 5f 50 72 6f 63 65 73 73 44 65 6c 53 54 41 52 |I_ProcessDelSTAR|
000005c0 65 71 00 76 6f 73 5f 70 6b 74 5f 72 65 73 65 72 |eq.vos_pkt_reser|
000005d0 76 65 5f 68 65 61 64 5f 66 61 73 74 00 57 4c 41 |ve_head_fast.WLA|
000005e0 4e 54 4c 5f 53 65 74 53 54 41 50 72 69 6f 72 69 |NTL_SetSTAPriori|
000005f0 74 79 00 63 73 72 49 73 46 75 6c 6c 50 6f 77 65 |ty.csrIsFullPowe|
00000600 72 4e 65 65 64 65 64 00 64 6f 74 31 31 66 55 6e |rNeeded.dot11fUn|
00000610 70 61 63 6b 41 64 64 42 41 52 65 71 00 57 44 49 |packAddBAReq.WDI|
00000620 5f 46 61 74 61 6c 45 76 65 6e 74 4c 6f 67 73 52 |_FatalEventLogsR|
00000630 65 71 00 57 44 49 5f 52 65 6d 6f 76 65 53 54 41 |eq.WDI_RemoveSTA|
00000640 42 63 61 73 74 4b 65 79 52 65 71 00 6c 69 6d 50 |BcastKeyReq.limP|
00000650 72 6f 63 65 73 73 44 65 61 75 74 68 46 72 61 6d |rocessDeauthFram|
00000660 65 00 64 6f 74 31 31 66 50 61 63 6b 46 66 4c 69 |e.dot11fPackFfLi|
00000670 6e 6b 4d 61 72 67 69 6e 00 57 44 49 5f 53 65 6e |nkMargin.WDI_Sen|
00000680 64 4e 76 42 6c 6f 62 52 65 71 00 57 4c 41 4e 54 |dNvBlobReq.WLANT|
00000690 4c 5f 49 73 44 75 70 6c 69 63 61 74 65 4d 63 61 |L_IsDuplicateMca|
000006a0 73 74 46 72 6d 00 6c 69 6d 49 73 43 68 61 6e 53 |stFrm.limIsChanS|
000006b0 77 69 74 63 68 52 75 6e 6e 69 6e 67 00 57 4c 41 |witchRunning.WLA|
000006c0 4e 53 41 50 5f 43 6c 6f 73 65 00 77 6c 61 6e 5f |NSAP_Close.wlan_|
000006d0 68 64 64 5f 63 68 65 63 6b 5f 6d 6f 6e 69 74 6f |hdd_check_monito|
000006e0 72 5f 73 74 61 74 65 00 77 6c 61 6e 5f 68 64 64 |r_state.wlan_hdd|
000006f0 5f 74 64 6c 73 5f 72 65 65 6e 61 62 6c 65 00 63 |_tdls_reenable.c|
00000700 73 72 52 6f 61 6d 46 69 6e 64 49 6e 50 65 53 74 |srRoamFindInPeSt|
00000710 61 74 73 52 65 71 4c 69 73 74 00 57 44 41 5f 49 |atsReqList.WDA_I|
00000720 73 57 63 6e 73 73 57 6c 61 6e 43 6f 6d 70 69 6c |sWcnssWlanCompil|
00000730 65 64 56 65 72 73 69 6f 6e 47 72 65 61 74 65 72 |edVersionGreater|
00000740 54 68 61 6e 4f 72 45 71 75 61 6c 00 6c 69 6d 53 |ThanOrEqual.limS|
00000750 65 6e 64 54 64 6c 73 4c 69 6e 6b 53 65 74 75 70 |endTdlsLinkSetup|
00000760 52 65 71 46 72 61 6d 65 00 64 6f 74 31 31 66 55 |ReqFrame.dot11fU|
00000770 6e 70 61 63 6b 49 65 43 68 61 6c 6c 65 6e 67 65 |npackIeChallenge|
00000780 54 65 78 74 00 6c 69 6d 47 65 74 53 74 61 48 61 |Text.limGetStaHa|
00000790 73 68 42 73 73 69 64 78 00 57 44 49 5f 50 72 6f |shBssidx.WDI_Pro|
000007a0 63 65 73 73 53 65 74 54 6d 4c 65 76 65 6c 52 65 |cessSetTmLevelRe|
000007b0 71 00 64 6f 74 31 31 66 50 61 63 6b 4e 65 69 67 |q.dot11fPackNeig|
000007c0 68 62 6f 72 52 65 70 6f 72 74 52 65 71 75 65 73 |hborReportReques|
000007d0 74 00 6c 69 6d 55 70 64 61 74 65 53 74 61 52 75 |t.limUpdateStaRu|
000007e0 6e 54 69 6d 65 48 54 43 61 70 61 62 69 6c 69 74 |nTimeHTCapabilit|
000007f0 79 00 57 4c 41 4e 54 4c 5f 43 6c 65 61 72 53 54 |y.WLANTL_ClearST|
00000800 41 43 6c 69 65 6e 74 00 77 70 61 6c 50 61 63 6b |AClient.wpalPack|
00000810 65 74 49 6e 69 74 00 57 44 41 5f 44 65 6c 53 54 |etInit.WDA_DelST|
00000820 41 52 73 70 43 61 6c 6c 62 61 63 6b 00 43 6f 6e |ARspCallback.Con|
00000830 76 65 72 74 57 50 41 4f 70 61 71 75 65 00 6c 69 |vertWPAOpaque.li|
00000840 6d 53 65 6e 64 4b 65 65 70 41 6c 69 76 65 54 6f |mSendKeepAliveTo|
00000850 50 65 65 72 00 57 44 49 5f 44 65 6c 53 54 41 52 |Peer.WDI_DelSTAR|
00000860 65 71 00 77 6c 61 6e 5f 68 64 64 5f 73 65 74 49 |eq.wlan_hdd_setI|
00000870 50 76 36 46 69 6c 74 65 72 00 70 65 43 72 65 61 |Pv6Filter.peCrea|
00000880 74 65 53 65 73 73 69 6f 6e 00 6c 69 6d 43 6f 6c |teSession.limCol|
00000890 6c 65 63 74 42 73 73 44 65 73 63 72 69 70 74 69 |lectBssDescripti|
000008a0 6f 6e 00 73 6d 65 5f 67 65 74 52 6f 61 6d 52 73 |on.sme_getRoamRs|
000008b0 73 69 44 69 66 66 00 57 44 49 5f 48 54 34 30 4f |siDiff.WDI_HT40O|
000008c0 42 53 53 53 74 6f 70 53 63 61 6e 49 6e 64 00 6c |BSSStopScanInd.l|
000008d0 69 6d 44 65 61 75 74 68 54 78 43 6f 6d 70 6c 65 |imDeauthTxComple|
000008e0 74 65 43 6e 66 00 70 6d 63 52 65 61 64 79 00 57 |teCnf.pmcReady.W|
000008f0 4c 41 4e 54 4c 5f 52 65 61 64 52 53 53 49 00 73 |LANTL_ReadRSSI.s|
00000900 6d 65 5f 51 6f 73 52 65 6c 65 61 73 65 52 65 71 |me_QosReleaseReq|
00000910 00 5f 5f 68 64 64 5f 69 70 76 36 5f 6e 6f 74 69 |.__hdd_ipv6_noti|
00000920 66 69 65 72 5f 77 6f 72 6b 5f 71 75 65 75 65 00 |fier_work_queue.|
00000930 64 6f 74 31 31 66 55 6e 70 61 63 6b 49 65 50 32 |dot11fUnpackIeP2|
00000940 50 47 4f 4e 65 67 43 6e 66 00 68 64 64 5f 69 73 |PGONegCnf.hdd_is|
00000950 5f 61 6e 79 5f 73 65 73 73 69 6f 6e 5f 63 6f 6e |_any_session_con|
00000960 6e 65 63 74 65 64 00 63 73 72 4c 4c 49 6e 73 65 |nected.csrLLInse|
00000970 72 74 48 65 61 64 00 62 74 63 53 65 6e 64 43 66 |rtHead.btcSendCf|
00000980 67 4d 73 67 00 50 6f 70 75 6c 61 74 65 44 6f 74 |gMsg.PopulateDot|
00000990 31 31 66 54 64 6c 73 45 78 74 43 61 70 61 62 69 |11fTdlsExtCapabi|
000009a0 6c 69 74 79 00 67 52 61 74 65 66 72 6f 6d 49 64 |lity.gRatefromId|
000009b0 78 00 50 6f 70 75 6c 61 74 65 44 6f 74 31 31 66 |x.PopulateDot11f|
000009c0 57 4d 4d 50 61 72 61 6d 73 00 73 6d 65 5f 51 6f |WMMParams.sme_Qo|
000009d0 73 54 72 69 67 67 65 72 55 61 70 73 64 43 68 61 |sTriggerUapsdCha|
000009e0 6e 67 65 00 57 44 49 5f 53 77 69 74 63 68 43 68 |nge.WDI_SwitchCh|
000009f0 52 65 71 5f 56 31 00 57 4c 41 4e 54 4c 5f 52 65 |Req_V1.WLANTL_Re|
00000a00 67 69 73 74 65 72 4d 67 6d 74 46 72 6d 43 6c 69 |gisterMgmtFrmCli|
00000a10 65 6e 74 00 57 44 49 5f 44 53 5f 4d 65 6d 50 6f |ent.WDI_DS_MemPo|
00000a20 6f 6c 41 64 64 53 54 41 00 64 6f 74 31 31 66 50 |olAddSTA.dot11fP|
00000a30 61 63 6b 49 65 51 42 53 53 4c 6f 61 64 00 57 4c |ackIeQBSSLoad.WL|
00000a40 41 4e 54 4c 5f 43 6c 65 61 72 54 78 58 6d 69 74 |ANTL_ClearTxXmit|
00000a50 50 65 6e 64 69 6e 67 00 68 64 64 5f 77 6c 61 6e |Pending.hdd_wlan|
00000a60 5f 65 78 69 74 00 64 6f 74 31 31 66 55 6e 70 61 |_exit.dot11fUnpa|
00000a70 63 6b 49 65 50 6f 77 65 72 43 6f 6e 73 74 72 61 |ckIePowerConstra|
00000a80 69 6e 74 73 00 6c 69 6d 53 65 6e 64 42 65 61 63 |ints.limSendBeac|
00000a90 6f 6e 50 61 72 61 6d 73 00 77 6c 61 6e 5f 70 6b |onParams.wlan_pk|
00000aa0 74 5f 73 74 61 74 73 5f 74 6f 5f 75 73 65 72 00 |t_stats_to_user.|
00000ab0 57 44 49 5f 50 72 6f 63 65 73 73 45 6e 74 65 72 |WDI_ProcessEnter|
00000ac0 42 6d 70 73 52 65 71 00 68 64 64 5f 66 75 6c 6c |BmpsReq.hdd_full|
00000ad0 5f 70 77 72 5f 63 62 6b 00 70 6d 6d 45 6e 74 65 |_pwr_cbk.pmmEnte|
00000ae0 72 57 6f 77 6c 61 6e 52 65 73 70 6f 6e 73 65 48 |rWowlanResponseH|
00000af0 61 6e 64 6c 65 72 00 57 44 49 5f 50 72 6f 63 65 |andler.WDI_Proce|
00000b00 73 73 54 64 6c 73 43 68 61 6e 53 77 69 74 63 68 |ssTdlsChanSwitch|
00000b10 52 65 71 00 57 4c 41 4e 44 58 45 5f 54 78 46 72 |Req.WLANDXE_TxFr|
00000b20 61 6d 65 00 63 73 72 53 65 6e 64 4d 42 47 65 74 |ame.csrSendMBGet|
00000b30 57 50 53 50 42 43 53 65 73 73 69 6f 6e 73 00 57 |WPSPBCSessions.W|
00000b40 4c 41 4e 44 58 45 5f 43 68 61 6e 6e 65 6c 44 65 |LANDXE_ChannelDe|
00000b50 62 75 67 00 6c 69 6d 53 65 6e 64 53 6d 65 41 64 |bug.limSendSmeAd|
00000b60 64 74 73 52 73 70 00 73 6d 73 4c 6f 67 00 70 75 |dtsRsp.smsLog.pu|
00000b70 72 67 65 53 6d 65 53 65 73 73 69 6f 6e 43 6d 64 |rgeSmeSessionCmd|
00000b80 4c 69 73 74 00 63 73 72 4e 65 69 67 68 62 6f 72 |List.csrNeighbor|
00000b90 52 6f 61 6d 45 6d 70 74 79 53 63 61 6e 52 65 66 |RoamEmptyScanRef|
00000ba0 72 65 73 68 54 69 6d 65 72 43 61 6c 6c 62 61 63 |reshTimerCallbac|
00000bb0 6b 00 57 44 49 5f 64 65 6c 42 61 49 6e 64 00 63 |k.WDI_delBaInd.c|
00000bc0 73 72 5f 72 65 67 69 73 74 65 72 5f 72 6f 61 6d |sr_register_roam|
00000bd0 69 6e 67 5f 6d 62 62 5f 63 61 6c 6c 62 61 63 6b |ing_mbb_callback|
00000be0 00 57 44 41 5f 53 65 6e 64 42 65 61 63 6f 6e 50 |.WDA_SendBeaconP|
00000bf0 61 72 61 6d 73 43 61 6c 6c 62 61 63 6b 00 73 6d |aramsCallback.sm|
00000c00 65 5f 52 65 6d 61 69 6e 4f 6e 43 68 61 6e 6e 65 |e_RemainOnChanne|
00000c10 6c 00 72 72 6d 43 6c 65 61 6e 75 70 00 63 73 72 |l.rrmCleanup.csr|
00000c20 41 70 70 6c 79 50 6f 77 65 72 32 43 75 72 72 65 |ApplyPower2Curre|
00000c30 6e 74 00 57 44 49 5f 57 6f 77 6c 44 65 6c 42 63 |nt.WDI_WowlDelBc|
00000c40 50 74 72 6e 52 65 71 00 57 44 49 5f 50 72 6f 63 |PtrnReq.WDI_Proc|
00000c50 65 73 73 55 70 64 61 74 65 43 68 61 6e 6e 65 6c |essUpdateChannel|
00000c60 50 61 72 61 6d 73 52 65 71 00 6c 69 6d 44 65 6c |ParamsReq.limDel|
00000c70 65 74 65 42 41 53 65 73 73 69 6f 6e 73 00 63 73 |eteBASessions.cs|
00000c80 72 53 63 61 6e 47 65 74 41 67 65 4f 75 74 54 69 |rScanGetAgeOutTi|
00000c90 6d 65 00 64 6f 74 31 31 66 55 6e 70 61 63 6b 49 |me.dot11fUnpackI|
00000ca0 65 50 72 6f 70 43 61 70 61 62 69 6c 69 74 79 00 |ePropCapability.|
00000cb0 64 6f 74 31 31 66 55 6e 70 61 63 6b 49 65 53 75 |dot11fUnpackIeSu|
00000cc0 70 70 43 68 61 6e 6e 65 6c 73 00 73 6d 65 5f 47 |ppChannels.sme_G|
00000cd0 65 74 52 6f 61 6d 53 63 61 6e 43 6f 6e 74 72 6f |etRoamScanContro|
00000ce0 6c 00 63 73 72 46 72 65 65 53 63 61 6e 52 65 73 |l.csrFreeScanRes|
00000cf0 75 6c 74 45 6e 74 72 79 00 76 6f 73 5f 77 61 74 |ultEntry.vos_wat|
00000d00 63 68 64 6f 67 5f 6f 70 65 6e 00 57 44 41 5f 45 |chdog_open.WDA_E|
00000d10 6e 74 65 72 42 6d 70 73 52 65 73 70 43 61 6c 6c |nterBmpsRespCall|
00000d20 62 61 63 6b 00 63 73 72 52 6f 61 6d 50 72 6f 63 |back.csrRoamProc|
00000d30 65 73 73 57 6d 53 74 61 74 75 73 43 68 61 6e 67 |essWmStatusChang|
00000d40 65 43 6f 6d 6d 61 6e 64 00 57 44 49 5f 50 61 63 |eCommand.WDI_Pac|
00000d50 6b 52 6f 61 6d 53 63 61 6e 4f 66 66 6c 6f 61 64 |kRoamScanOffload|
00000d60 50 61 72 61 6d 73 00 6c 69 6d 50 72 6f 63 65 73 |Params.limProces|
00000d70 73 42 65 61 63 6f 6e 46 72 61 6d 65 4e 6f 53 65 |sBeaconFrameNoSe|
00000d80 73 73 69 6f 6e 00 57 4c 41 4e 54 4c 5f 48 53 42 |ssion.WLANTL_HSB|
00000d90 4d 50 53 52 53 53 49 52 65 67 69 6f 6e 43 68 61 |MPSRSSIRegionCha|
00000da0 6e 67 65 64 4e 6f 74 69 66 69 63 61 74 69 6f 6e |ngedNotification|
00000db0 00 73 6d 65 5f 48 61 6e 64 6c 65 43 68 61 6e 67 |.sme_HandleChang|
00000dc0 65 43 6f 75 6e 74 72 79 43 6f 64 65 42 79 43 6f |eCountryCodeByCo|
00000dd0 72 65 00 76 6f 73 5f 66 65 74 63 68 5f 74 6c 5f |re.vos_fetch_tl_|
00000de0 63 66 67 5f 70 61 72 6d 73 00 57 44 49 5f 44 65 |cfg_parms.WDI_De|
00000df0 6c 42 41 52 65 71 00 5f 5f 77 6c 61 6e 5f 68 64 |lBAReq.__wlan_hd|
00000e00 64 5f 64 65 6c 5f 76 69 72 74 75 61 6c 5f 69 6e |d_del_virtual_in|
00000e10 74 66 00 73 79 73 42 75 69 6c 64 4d 65 73 73 61 |tf.sysBuildMessa|
00000e20 67 65 48 65 61 64 65 72 00 70 61 6c 53 65 6d 61 |geHeader.palSema|
00000e30 70 68 6f 72 65 47 69 76 65 00 73 6d 65 5f 47 65 |phoreGive.sme_Ge|
00000e40 74 43 75 72 72 65 6e 74 43 6f 75 6e 74 72 79 43 |tCurrentCountryC|
00000e50 6f 64 65 00 73 6d 65 5f 53 74 61 72 74 00 70 6d |ode.sme_Start.pm|
00000e60 63 53 74 6f 70 55 61 70 73 64 00 64 6f 74 31 31 |cStopUapsd.dot11|
00000e70 66 55 6e 70 61 63 6b 54 44 4c 53 44 69 73 52 65 |fUnpackTDLSDisRe|
00000e80 71 00 57 44 49 5f 50 72 6f 63 65 73 73 45 78 69 |q.WDI_ProcessExi|
00000e90 74 42 6d 70 73 52 73 70 00 76 6f 73 5f 6e 76 5f |tBmpsRsp.vos_nv_|
00000ea0 67 65 74 56 61 6c 69 64 69 74 79 00 57 44 49 5f |getValidity.WDI_|
00000eb0 50 72 6f 63 65 73 73 55 70 64 61 74 65 53 63 61 |ProcessUpdateSca|
00000ec0 6e 50 61 72 61 6d 73 52 73 70 00 73 61 70 53 65 |nParamsRsp.sapSe|
00000ed0 74 4f 70 65 72 61 74 69 6e 67 43 68 61 6e 6e 65 |tOperatingChanne|
00000ee0 6c 00 64 6f 74 31 31 66 55 6e 70 61 63 6b 49 65 |l.dot11fUnpackIe|
00000ef0 4d 65 61 73 75 72 65 6d 65 6e 74 52 65 71 75 65 |MeasurementReque|
00000f00 73 74 00 57 44 49 5f 50 72 6f 63 65 73 73 52 65 |st.WDI_ProcessRe|
00000f10 6d 42 65 61 63 6f 6e 46 69 6c 74 65 72 52 73 70 |mBeaconFilterRsp|
00000f20 00 76 6f 73 5f 6d 65 6d 5f 76 6d 61 6c 6c 6f 63 |.vos_mem_vmalloc|
00000f30 00 64 6f 74 31 31 66 50 61 63 6b 49 65 4c 6f 61 |.dot11fPackIeLoa|
00000f40 64 42 61 6c 61 6e 63 65 00 68 64 64 5f 74 78 5f |dBalance.hdd_tx_|
00000f50 63 6f 6d 70 6c 65 74 65 5f 63 62 6b 00 57 44 49 |complete_cbk.WDI|
00000f60 5f 50 72 6f 63 65 73 73 55 6e 6b 41 64 64 72 46 |_ProcessUnkAddrF|
00000f70 72 61 6d 65 49 6e 64 00 57 44 41 5f 55 70 64 61 |rameInd.WDA_Upda|
00000f80 74 65 50 72 6f 62 65 52 73 70 50 61 72 61 6d 73 |teProbeRspParams|
00000f90 43 61 6c 6c 62 61 63 6b 00 63 73 72 54 64 6c 73 |Callback.csrTdls|
00000fa0 50 72 6f 63 65 73 73 44 65 6c 53 74 61 00 57 44 |ProcessDelSta.WD|
00000fb0 49 5f 50 72 6f 63 65 73 73 45 58 54 53 63 61 6e |I_ProcessEXTScan|
00000fc0 53 65 74 48 6f 74 6c 69 73 74 42 53 53 49 44 52 |SetHotlistBSSIDR|
00000fd0 73 70 00 68 64 64 5f 73 65 74 5f 70 72 65 5f 63 |sp.hdd_set_pre_c|
00000fe0 6c 6f 73 65 00 68 64 64 5f 67 65 74 5f 63 6f 6e |lose.hdd_get_con|
00000ff0 63 75 72 72 65 6e 63 79 5f 6d 6f 64 65 00 77 6c |currency_mode.wl|
tasklist = ffffffc097df7ca0
current_ptr = ffffffc094b61980

---------- Post added at 03:28 AM ---------- Previous post was at 02:44 AM ----------

GUYS WE HAVE ROOT. ARPRUSS su98 works!!!!!!!!!!!

As Proof here is the build.prop obtained from /system

#IMPORT REGIONALIZATION VENDOR PROP PATH FIRST IN ORDER TO CUSTOMIZE ro.* PROPERTIES#
import /persist/speccfg/vendor_ro.prop


# begin build properties
# autogenerated by buildinfo.sh
ro.build.id=OPM1.171019.019
ro.build.display.id=PVG100
ro.build.version.incremental=v2AGA-0
ro.build.version.sdk=27
ro.build.version.preview_sdk=0
ro.build.version.codename=REL
ro.build.version.all_codenames=REL
ro.build.version.release=8.1.0
ro.build.version.security_patch=2019-03-01
ro.build.version.base_os=
ro.build.date=Wed Mar 20 18:36:42 CST 2019
ro.build.date.utc=1553078202
ro.build.type=user
ro.build.user=android-bld
ro.build.host=WS228
ro.build.tags=release-keys
ro.build.flavor=Pepito-user
# ro.product.cpu.abi and ro.product.cpu.abi2 are obsolete,
# use ro.product.cpu.abilist instead.
ro.product.cpu.abi=arm64-v8a
ro.product.cpu.abilist=arm64-v8a,armeabi-v7a,armeabi
ro.product.cpu.abilist32=armeabi-v7a,armeabi
ro.product.cpu.abilist64=arm64-v8a
ro.wifi.channels=
# Do not try to parse description, fingerprint, or thumbprint
ro.build.description=Pepito-user 8.1.0 OPM1.171019.019 v2AGA-0 release-keys
ro.build.fingerprint=Palm/PVG100/Pepito:8.1.0/OPM1.171019.019/v2AGA-0:user/release-keys
ro.build.characteristics=nosdcard
# end build properties
#
# from device/jrdcom/Pepito/system.prop
#
#
# system.prop for msm8937
#

rild.libpath=/vendor/lib64/libril-qc-qmi-1.so
rild.libargs=-d /dev/smd0
persist.rild.nitz_plmn=
persist.rild.nitz_long_ons_0=
persist.rild.nitz_long_ons_1=
persist.rild.nitz_long_ons_2=
persist.rild.nitz_long_ons_3=
persist.rild.nitz_short_ons_0=
persist.rild.nitz_short_ons_1=
persist.rild.nitz_short_ons_2=
persist.rild.nitz_short_ons_3=
ril.subscription.types=NV,RUIM
DEVICE_PROVISIONED=1
#
# Set network mode to (T/L/G/W/1X/EVDO, T/G/W/L) for 7+5 mode device on DSDS mode
# (22, 20 )
# Mod Defect5765845 by [email protected] 20171215
ro.telephony.default_network=9

debug.sf.enable_hwc_vds=1
debug.sf.hw=0
debug.sf.latch_unsignaled=1
debug.egl.hw=0
persist.hwc.mdpcomp.enable=true
debug.mdpcomp.logs=0
dalvik.vm.heapsize=36m
dev.pm.dyn_samplingrate=1
persist.demo.hdmirotationlock=false
debug.enable.sglscale=1
sdm.debug.disable_skip_validate=1
debug.sf.recomputecrop=0

#ro.hdmi.enable=true
#tunnel.decode=true
#
# system props for the cne module
#
persist.cne.feature=1

#system props for the MM modules
media.msm8956hw=0
mm.enable.smoothstreaming=true
mmp.enable.3g2=true
media.aac_51_output_enabled=true
media.settings.xml=/vendor/etc/media_profiles_vendor.xml
#codecsPARSER_)AAC AC3 AMR_NB AMR_WB ASF AVI DTS FLV 3GP 3G2 MKV MP2PS MP2TS MP3 OGG QCP WAV FLAC AIFF APE
mm.enable.qcom_parser=1048575

# system prop for UBWC
video.disable.ubwc=1

# system prop to disable split mode
vendor.vidc.disable.split.mode=1

# system property to accelerate Progressive Download using STA
persist.mm.sta.enable=0


#
# system props for the camera
#
# preferred IS type for 8937 is IS_TYPE_DIS i.e, 1
# IS_TYPE_NONE=0, IS_TYPE_DIS=1, IS_TYPE_GA_DIS=2, IS_TYPE_EIS_1_0=3, IS_TYPE_EIS_2_0=4 IS_TYPE_MAX=5
#
persist.camera.is_type=1
persist.camera.gyro.android=1
#add by [email protected] for close pdaf focus windows 20180117
persist.camera.stats.test=5
#modefy by [email protected] for reducing power consumption 20180504
persist.debug.set.fixedfps=0
#
# system props for the data modules
#
ro.use_data_netmgrd=true
persist.data.netmgrd.qos.enable=true
persist.data.mode=concurrent

#system props for time-services
persist.timed.enable=true

#
# system prop for opengles version
#
# 196608 is decimal for 0x30000 to report major/minor versions as 3/0
# 196609 is decimal for 0x30001 to report major/minor versions as 3/1
#ro.opengles.version=196609

# System property for cabl
ro.qualcomm.cabl=2

# Property to enable display default color mode
vendor.display.enable_default_color_mode=1

#
# System props for telephony
# System prop to turn on CdmaLTEPhone always
telephony.lteOnCdmaDevice=1

#
# System props for bluetooh
# System prop to turn on hfp client
bluetooth.hfp.client=1

#Simulate sdcard on /data/media
#
persist.fuse_sdcard=true

#System property for FM transmitter
ro.fm.transmitter=false

#property to enable user to access Google WFD settings
persist.debug.wfd.enable=1
#property to enable VDS WFD solution
persist.hwc.enable_vds=1

#selects CoreSight configuration to enable
persist.debug.coresight.config=stm-events

#selects Console configuration to enable
persist.console.silent.config=1

#property for vendor specific library
ro.vendor.at_library=libqti-at.so
ro.vendor.gt_library=libqti-gt.so

#property for game detection feature
debug.enable.gamed=0

#property to enable narrow search range for video encoding
vendor.vidc.enc.narrow.searchrange=1

#property to enable fingerprint
persist.qfp=false

#min/max cpu in core control
ro.vendor.qti.core_ctl_min_cpu=2
ro.vendor.qti.core_ctl_max_cpu=4

#HWUI properties
ro.hwui.texture_cache_size=72
ro.hwui.layer_cache_size=48
ro.hwui.r_buffer_cache_size=8
ro.hwui.path_cache_size=32
ro.hwui.gradient_cache_size=1
ro.hwui.drop_shadow_cache_size=6
ro.hwui.texture_cache_flushrate=0.4
ro.hwui.text_small_cache_width=1024
ro.hwui.text_small_cache_height=1024
ro.hwui.text_large_cache_width=2048
ro.hwui.text_large_cache_height=2048



# add by mulin.kang for tctfeedback
#open "Report" button to app crash dialog
ro.error.receiver.system.apps=com.tct.feedback
debug.key.adb.kernel.enable=0
# add by mulin.kang for tctfeedback

# add by [email protected] for tctGboard
#ro.com.google.rlzbrandcode=TCTB
#ro.com.google.rlz_ap_whitelist=YG
#add by [email protected] for tctGboard

#Enable B service adj transition by default
ro.vendor.qti.sys.fw.bservice_enable=true
ro.vendor.qti.sys.fw.bservice_limit=5
ro.vendor.qti.sys.fw.bservice_age=5000

#Trim properties
ro.vendor.qti.sys.fw.use_trim_settings=true
ro.vendor.qti.sys.fw.empty_app_percent=50
ro.vendor.qti.sys.fw.trim_empty_percent=100
ro.vendor.qti.sys.fw.trim_cache_percent=100
ro.vendor.qti.sys.fw.trim_enable_memory=2147483648

# Enable Delay Service Restart
ro.vendor.qti.am.reschedule_service=true

# Create zram disk
ro.vendor.qti.config.zram=true

# Create Swap disk, if below sys-prop enabled & also if device has lower (< 1 GB) RAM
ro.vendor.qti.config.swap=true

# set cutoff voltage to 3200mV
ro.cutoff_voltage_mv=3200

#set device emmc size
ro.emmc_size=16GB

#[FEATURE]-Add-BEGIN by [email protected],2017/12/15, Defect5724127, TCT DRM solution
drm.service.enabled=true
#[FEATURE]-Add-END by [email protected],2017/12/15, Defect5724127, TCT DRM solution

#force HAL1 for below packages
camera.hal1.packagelist=com.skype.raider,com.googl e.android.talk

#properties for limiting preview size in camera
persist.vendor.camera.display.umax=1920x1080
persist.vendor.camera.display.lmax=1280x720

#set cutoff voltage to 3400mV
ro.cutoff_voltage_mv=3400

#Set the SIM model for SSSS. ssss - Single model, dsds - Dual model.
persist.radio.multisim.config=ssss

#add start by [email protected] for exif debug 20171226
#enable camera jpeg exif debug
persist.camera.mobicat=2
persist.vendor.camera.stats.debugexif=16711680
#add end by [email protected] for exif debug 20171226

#add start by [email protected] for defect 6338098
ro.product.man.dm=Palm Ventures Group Inc
#add end by [email protected] for defect 6338098

#add preload message+ and disable vma 2018/07/18
#ro.product.vma=false
#end prdload message+ and disable vma 2018/07/18

#
# ADDITIONAL_BUILD_PROPERTIES
#
ro.treble.enabled=true
ro.ship=true
persist.sys.dalvik.vm.lib.2=libart.so
dalvik.vm.isa.arm64.variant=generic
dalvik.vm.isa.arm64.features=default
dalvik.vm.isa.arm.variant=cortex-a53
dalvik.vm.isa.arm.features=default
net.bt.name=Android
dalvik.vm.stack-trace-dir=/data/anr
ro.expect.recovery_id=0x60975c28962bcebcd2e9dea805 75c41917e49df2000000000000000000000000


import /vendor/package/vendor.prop

import /system/vendor/vendor.prop



#IMPORT REGIONALIZATION VENDOR PROP PATH LAST IN ORDER TO OVERRIDE PROPERTIES#
import /persist/speccfg/vendor_persist.prop

import /vendor/package/default.prop

import /vendor/package/power.prop

---------- Post added at 04:13 AM ---------- Previous post was at 03:29 AM ----------

Guys I started a new thread covering the rooting process: https://forum.xda-developers.com/and...guide-t3992043

Enjoy!!

---------- Post added at 04:13 AM ---------- Previous post was at 04:13 AM ----------

Guys I started a new thread covering the rooting process: https://forum.xda-developers.com/and...guide-t3992043

Enjoy!!

Great team work, guys, I knew this community was great!

Special thanks for this achievement to:
Maddie Stone for discovering the cve2019-2215 vulnerability (https://twitter.com/maddiestone/stat...17132575887360)
Grant Hernandez for writing great code and a great tutorial to explain why and how the magic works (https://hernan.de/blog/2019/10/15/ta...-achieve-root/)
arpruss for writing great code for this exploit and for responding promptly to my messages to guide us in the process (https://github.com/arpruss/cve2019-2215-3.18)
greatjack1 for pointing out that Palm PVG100 (Pepito) kernel version can be associated with vulnerability cve2019-2215 and for starting a new thread with a walkthrough for the rooting process (https://forum.xda-developers.com/and...guide-t3992043)

Now, guys, what are the next steps? (besides waiting for responses to my email message to "rodrigo", from Palm company)

Can we compile a TWRP version now that we have temporary root privileges, maybe following the following guide?
https://forum.xda-developers.com/sho...5#post32965365

Hi, guys, after this great achievement, permanent root might be desirable.
I'll tell you a story...I've always loved qwerty phones and one of the rare phones I've always wanted is NEC Terrain (distributed by AT&T). Unfortunately AT&T has locked it to its network and I found no working solution for unlocking it for other SIM cards (please let me know if you know of a working SIM unlock service!), BUT I've always wanted to gain permanent root privileges for this device. The story of NEC Terrain is very similar to Palm Phone PVG100 (Pepito):
NEC Terrain was released by AT&T and the bootloader locked, while Palm Phone PVG100 (Pepito) was released by Verizon and the bootloader locked...
NEC company is not on the market anymore and Palm company is in a similar condition, which makes contacts with the company difficult and the hope of updates to be released unlikely...
Code for NEC Terrain was developed by enthusiasts (https://github.com/android-rooting-t...run_root_shell) similar to arpruss code for Palm Phone PVG100 (Pepito) (https://github.com/arpruss/cve2019-2215-3.18)...
Temporary root solution for NEC Terrain was achieved (https://github.com/x29a/nec_terrain_root) like root solution for Palm Phone PVG100 (Pepito) was achieved (https://github.com/arpruss/cve2019-2...master/release)...
For NEC Terrain a creative permanent root solution was developed by x29a (https://github.com/x29a/nec_terrain_...root/README.md) and now my suggestion is that we might want to follow his steps for Palm Phone PVG100 (Pepito)!
Here are the details of "HOW ALEX-KAS DID IT"!:
https://forum.xda-developers.com/sho...&postcount=186
Does anyone of you find this path convincing?

Why is there three threads about this?

People started them independently and each one is on a specific thing, but all things are connected (there are interconnections and it's not always clear if rooting helps unlocking bootloader or if unlocking bootloader helps permanently rooting or if for compiling custom recoveries (TWRP) one needs root or bootloader unlocking), so these threads have a reason to exist and there are overlaps, but feel free to let people know if you want to merge something!

Hi, guys, unfortunately arpruss removed his repository from github:
https://forum.xda-developers.com/sho...&postcount=164
Luckily another user, which I thank a lot (ilikenwf) has a mirror of what has been done so far:
https://forum.xda-developers.com/sho...&postcount=167

---------- Post added at 09:08 AM ---------- Previous post was at 08:48 AM ----------

Hi, folks, Rodrigo from Palm Company responded to me:

Thanks again for your interest. After reviewing your proposal internally, we concluded that Palm, at this point, wants to reserve the right to share publicly that type of low-level software. On the other hand, we are not allowed to share any third-party tool outside the organization.
We, again appreciate you are Palm's active user and we encourage you to continue to follow us at our website supporting our movement of living outside big screens.
Best Regards,
Rodrigo

Palm has released this phone in China for 1999 RMB, hopefully some guys in China will get something done.

https://item.m.jd.com/product/100009207810.html