[MOD] Kernel Permissive Patcher for Android

AdrianDC

Recognized Developer
Dec 22, 2009
2,206
12,943
208
Île-de-France
adriandc.github.io


Code:
#include <std_disclaimer.h>
/*
 * Your warranty is now void.
 *
 * I am not responsible for bricked devices, dead SD cards,
 * thermonuclear war, or you getting fired because the alarm app failed. Please
 * do some research if you have any concerns about features included in this ROM
 * before flashing it! YOU are choosing to make these modifications, and if
 * you point the finger at me for messing up your device, I will laugh at you.
 */


About the project
Kernel Permissive Patcher is born out of an idea to ease the development of ROMs.
Its purpose is to append the permissive flag to a kernel command-line,
in order to disable the kernel selinux security on boot without user changes.

The project implements the logic from the MultiROM injection (originally by Tasssadar),
finds the bootimage of your device (boot naming similar to Chainfire's boot detection),
and extends the cmdline with the permissive flag if required.

The project also uses my version of libbootimg to support Sony ELF bootimages.

The objective of Kernel Permissive Patcher is therefore to simply enable permissive
on a regular kernel for developers and users who would require it.

Developer no longer need to recompile or edit their bootimages with permissive settings,
nor do users need to perform a setenforce command on boot if they really need it.

The patcher needs to be flashed again after a ROM / bootimage update.


Downloads (Unlocked Bootloader only)



Other related useful projects
Android Bootimage ADB Unsecure Patcher - http://forum.xda-developers.com/-/-t3618558


Source code
Project sources - https://github.com/AdrianDC/kernel_permissive_patcher (branch master)
libbootimg sources - https://github.com/multirom-dev/libbootimg (branch master)
MultiROM sources - https://github.com/AdrianDC/multirom_core (branch master)



Kernel Permissive Patcher created also thanks to :
- Tasssadar for the original MultiROM sources
- The MultiROM-Dev team for our evolution of MultiROM
- Chainfire for the boot detection
- Everyone involved in testing it​


XDA:DevDB Information
Kernel Permissive Patcher, Tool/Utility for all devices (see above for details)

Contributors
Adrian DC

Version Information
Status: No Longer Updated

Created 2016-11-24
Last Updated 2019-08-06
 

AdrianDC

Recognized Developer
Dec 22, 2009
2,206
12,943
208
Île-de-France
adriandc.github.io
Reserved

Changelog
Code:
Kernel Permissive Patcher - 20/12/2016
======================================
* Fix the 32/64 bits dual support

Kernel Permissive Patcher - 18/12/2016
======================================
* Added support for Sony Stock ELF (64 bits) bootimages
* libbootimg changes from my recent updates

Kernel Permissive Patcher - 27/11/2016
======================================
* Add support for newer Sony ELF partitions
* Allows to patch Stock Sony ROMs on the Xperia Z2
* Updated in collaboration with Alexander Diewald

Kernel Permissive Patcher - 24/11/2016
======================================
* Initial public release on XDA

Devices confirmed
Code:
Sony Xperia SP (Huashan)
Sony Xperia T/TX/V (Mint, Hayabusa, Tsubasa)
Sony Xperia L (Taoshan)
Sony Xperia Z2 (Sirius)
Sony Xperia X Performance (Dora)

OnePlus One (Bacon)
...
 
Last edited:

dic1911

Senior Member
Feb 22, 2014
800
795
128
dic1911.github.io
Wat do work?


Sent from my Redmi Note 3 using Tapatalk
Seriously? Please try to read the OP, this is rather short than most other threads, if you don't understand what's this for, you probably won't need this.

About the project
Kernel Permissive Patcher is born out of an idea to ease development of ROMs,
its purpose is to append the permissive flag to a kernel command-line,
in order to disable the kernel security on boot without user changes.

The project implements the logic from the MultiROM injection (originally by Tasssadar),
finds the boot image of your device (boot naming similar to Chainfire's boot detection),
and extends the cmdline with the permissive flag if required.

The project also uses my version of libbootimg to support Sony ELF bootimages.

The objective of Kernel Permissive Patcher is therefore to simply enable permissive
on a regular kernel for developers and users who would require it.

The patcher needs to be flashed again after a ROM / boot image update.​
 

rgadge

Senior Member
May 25, 2011
153
46
58
New Delhi
profiles.google.com
Hello AdrianDC,
First of all, thank you for this wonderful MOD, I can set my phone running in permissive mode without rooting it.
I have BlackBerry work and for the same reason I'm not rooting my phone.
I have OnePlus One your MOD worked fine with LineageOS but with the version sultanxda's CAF version this mod won't keep the SELinux permissive.
Please suggest if there is a way to find the root cause and fix it?
Thank you in advance.
 

Eversmile23

Senior Member
Aug 15, 2014
308
41
0
Rourkela
S-ON problem.

Can I do Operations which are possible when a device is with 'S-OFF', by flashing this zip? I have got HTC desire 10 Lifestyle, which is bootloader unlocked but 'S-ON'. For example, when I write something on to my '/system' partition, the files vanish after a reboot.
 

JumboMan

Senior Member
Aug 3, 2013
561
216
73
Pink City
Thanks for this. Can you make a zip that does the opposite, which is patching the kernel to enforcing? Thanks
This is very simple . you can do yourself.
steps.
1.Take .zip from here and decompile
2. Edit kernel_permissive.sh file
At line No.18 replace "androidboot.selinux=permissive" with "androidboot.selinux=enforcing"
3. Re-compile zip
4. Flash

---------- Post added at 09:12 AM ---------- Previous post was at 09:10 AM ----------

how to uninstall it?
Restore your stock boot.img
 

☆KØŁØЯΛĐØ☆

Senior Member
Oct 20, 2016
196
98
0
Indianapolis
@AdrianDC To start off, I have the Galaxy J7 Refine (SM-J737P) (2018) from Boost Mobile & this device seems incapable of setting SELinux to permissive, except in TWRP. The Kernel Patcher receives an error when attempting to flash, yet the adb unsecure patcher flashed no problem. No matter what methods I try or files I flash, SELinux remains set to Enforcing. I am wondering if you could shed some light on this situation or if this device remains permanently enforced by SELinux.

Screenshot_2019-04-27-21-14-05.png
 

Zackptg5

Recognized Developer
Sep 18, 2014
4,081
6,649
263
zackptg5.com
@AdrianDC To start off, I have the Galaxy J7 Refine (SM-J737P) (2018) from Boost Mobile & this device seems incapable of setting SELinux to permissive, except in TWRP. The Kernel Patcher receives an error when attempting to flash, yet the adb unsecure patcher flashed no problem. No matter what methods I try or files I flash, SELinux remains set to Enforcing. I am wondering if you could shed some light on this situation or if this device remains permanently enforced by SELinux.

I made one here that can switch between permissive and enforcing: https://github.com/Zackptg5/Kernel-Sepolicy-Patcher
Hopefully it'll work for your device