[MOD] Kernel Permissive Patcher for Android

Search This thread

AdrianDC

Recognized Developer
Dec 22, 2009
2,206
12,970
Île-de-France
adriandc.github.io
logo.png


Code:
#include <std_disclaimer.h>
/*
 * Your warranty is now void.
 *
 * I am not responsible for bricked devices, dead SD cards,
 * thermonuclear war, or you getting fired because the alarm app failed. Please
 * do some research if you have any concerns about features included in this ROM
 * before flashing it! YOU are choosing to make these modifications, and if
 * you point the finger at me for messing up your device, I will laugh at you.
 */


About the project
Kernel Permissive Patcher is born out of an idea to ease the development of ROMs.
Its purpose is to append the permissive flag to a kernel command-line,
in order to disable the kernel selinux security on boot without user changes.

The project implements the logic from the MultiROM injection (originally by Tasssadar),
finds the bootimage of your device (boot naming similar to Chainfire's boot detection),
and extends the cmdline with the permissive flag if required.

The project also uses my version of libbootimg to support Sony ELF bootimages.

The objective of Kernel Permissive Patcher is therefore to simply enable permissive
on a regular kernel for developers and users who would require it.

Developer no longer need to recompile or edit their bootimages with permissive settings,
nor do users need to perform a setenforce command on boot if they really need it.

The patcher needs to be flashed again after a ROM / bootimage update.


Downloads (Unlocked Bootloader only)



Other related useful projects
Android Bootimage ADB Unsecure Patcher - http://forum.xda-developers.com/-/-t3618558


Source code
Project sources - https://github.com/AdrianDC/kernel_permissive_patcher (branch master)
libbootimg sources - https://github.com/multirom-dev/libbootimg (branch master)
MultiROM sources - https://github.com/AdrianDC/multirom_core (branch master)



Kernel Permissive Patcher created also thanks to :
- Tasssadar for the original MultiROM sources
- The MultiROM-Dev team for our evolution of MultiROM
- Chainfire for the boot detection
- Everyone involved in testing it​


XDA:DevDB Information
Kernel Permissive Patcher, Tool/Utility for all devices (see above for details)

Contributors
Adrian DC

Version Information
Status: No Longer Updated

Created 2016-11-24
Last Updated 2019-08-06
 

AdrianDC

Recognized Developer
Dec 22, 2009
2,206
12,970
Île-de-France
adriandc.github.io
Reserved

Changelog
Code:
Kernel Permissive Patcher - 20/12/2016
======================================
* Fix the 32/64 bits dual support

Kernel Permissive Patcher - 18/12/2016
======================================
* Added support for Sony Stock ELF (64 bits) bootimages
* libbootimg changes from my recent updates

Kernel Permissive Patcher - 27/11/2016
======================================
* Add support for newer Sony ELF partitions
* Allows to patch Stock Sony ROMs on the Xperia Z2
* Updated in collaboration with Alexander Diewald

Kernel Permissive Patcher - 24/11/2016
======================================
* Initial public release on XDA


Devices confirmed
Code:
Sony Xperia SP (Huashan)
Sony Xperia T/TX/V (Mint, Hayabusa, Tsubasa)
Sony Xperia L (Taoshan)
Sony Xperia Z2 (Sirius)
Sony Xperia X Performance (Dora)

OnePlus One (Bacon)
...
 
Last edited:

dic1911

Senior Member
Feb 22, 2014
814
807
dic1911.github.io
Google Pixel 4a 5G
Wat do work?


Sent from my Redmi Note 3 using Tapatalk

Seriously? Please try to read the OP, this is rather short than most other threads, if you don't understand what's this for, you probably won't need this.

About the project
Kernel Permissive Patcher is born out of an idea to ease development of ROMs,
its purpose is to append the permissive flag to a kernel command-line,
in order to disable the kernel security on boot without user changes.

The project implements the logic from the MultiROM injection (originally by Tasssadar),
finds the boot image of your device (boot naming similar to Chainfire's boot detection),
and extends the cmdline with the permissive flag if required.

The project also uses my version of libbootimg to support Sony ELF bootimages.

The objective of Kernel Permissive Patcher is therefore to simply enable permissive
on a regular kernel for developers and users who would require it.

The patcher needs to be flashed again after a ROM / boot image update.​
 

rgadge

Senior Member
May 25, 2011
156
46
New Delhi
profiles.google.com
Hello AdrianDC,
First of all, thank you for this wonderful MOD, I can set my phone running in permissive mode without rooting it.
I have BlackBerry work and for the same reason I'm not rooting my phone.
I have OnePlus One your MOD worked fine with LineageOS but with the version sultanxda's CAF version this mod won't keep the SELinux permissive.
Please suggest if there is a way to find the root cause and fix it?
Thank you in advance.
 

Eversmile23

Senior Member
Aug 15, 2014
308
41
Rourkela
S-ON problem.

Can I do Operations which are possible when a device is with 'S-OFF', by flashing this zip? I have got HTC desire 10 Lifestyle, which is bootloader unlocked but 'S-ON'. For example, when I write something on to my '/system' partition, the files vanish after a reboot.
 

dic1911

Senior Member
Feb 22, 2014
814
807
dic1911.github.io
Google Pixel 4a 5G
Can I do Operations which are possible when a device is with 'S-OFF', by flashing this zip? I have got HTC desire 10 Lifestyle, which is bootloader unlocked but 'S-ON'. For example, when I write something on to my '/system' partition, the files vanish after a reboot.

Nope, having a permissive kernel won't change this behavior
 

JumboMan

Senior Member
Aug 3, 2013
570
223
Pink City
Thanks for this. Can you make a zip that does the opposite, which is patching the kernel to enforcing? Thanks
This is very simple . you can do yourself.
steps.
1.Take .zip from here and decompile
2. Edit kernel_permissive.sh file
At line No.18 replace "androidboot.selinux=permissive" with "androidboot.selinux=enforcing"
3. Re-compile zip
4. Flash

---------- Post added at 09:12 AM ---------- Previous post was at 09:10 AM ----------

how to uninstall it?

Restore your stock boot.img
 
Dec 30, 2018
17
1
Can I use this on a Samsung Galaxy S5 mini Marshmallow Stock Rom to make it permissive?

If not, what else could I do? (except trying to compile a custom kernel)
 

☆KØŁØЯΛĐØ☆

Senior Member
Oct 20, 2016
196
99
Indianapolis
@AdrianDC To start off, I have the Galaxy J7 Refine (SM-J737P) (2018) from Boost Mobile & this device seems incapable of setting SELinux to permissive, except in TWRP. The Kernel Patcher receives an error when attempting to flash, yet the adb unsecure patcher flashed no problem. No matter what methods I try or files I flash, SELinux remains set to Enforcing. I am wondering if you could shed some light on this situation or if this device remains permanently enforced by SELinux.

Screenshot_2019-04-27-21-14-05.png
 

Zackptg5

Recognized Developer
Sep 18, 2014
4,124
6,898
zackptg5.com
Google Pixel 4a
Google Pixel 5a
@AdrianDC To start off, I have the Galaxy J7 Refine (SM-J737P) (2018) from Boost Mobile & this device seems incapable of setting SELinux to permissive, except in TWRP. The Kernel Patcher receives an error when attempting to flash, yet the adb unsecure patcher flashed no problem. No matter what methods I try or files I flash, SELinux remains set to Enforcing. I am wondering if you could shed some light on this situation or if this device remains permanently enforced by SELinux.


I made one here that can switch between permissive and enforcing: https://github.com/Zackptg5/Kernel-Sepolicy-Patcher
Hopefully it'll work for your device
 
  • Like
Reactions: pocketrule

Zackptg5

Recognized Developer
Sep 18, 2014
4,124
6,898
zackptg5.com
Google Pixel 4a
Google Pixel 5a
I was hoping it would but sadly it doesn't look like it. Even mounted the system in TWRP before flashing.

(See attached screenshots)
It's not supposed to mount system. It's all in the boot I'm headers. Can you send twrp log after flashing?

Also, it's setenforce 0, you don't want the equal there
 
  • Like
Reactions: pocketrule

Top Liked Posts

  • There are no posts matching your filters.
  • 44
    logo.png


    Code:
    #include <std_disclaimer.h>
    /*
     * Your warranty is now void.
     *
     * I am not responsible for bricked devices, dead SD cards,
     * thermonuclear war, or you getting fired because the alarm app failed. Please
     * do some research if you have any concerns about features included in this ROM
     * before flashing it! YOU are choosing to make these modifications, and if
     * you point the finger at me for messing up your device, I will laugh at you.
     */


    About the project
    Kernel Permissive Patcher is born out of an idea to ease the development of ROMs.
    Its purpose is to append the permissive flag to a kernel command-line,
    in order to disable the kernel selinux security on boot without user changes.

    The project implements the logic from the MultiROM injection (originally by Tasssadar),
    finds the bootimage of your device (boot naming similar to Chainfire's boot detection),
    and extends the cmdline with the permissive flag if required.

    The project also uses my version of libbootimg to support Sony ELF bootimages.

    The objective of Kernel Permissive Patcher is therefore to simply enable permissive
    on a regular kernel for developers and users who would require it.

    Developer no longer need to recompile or edit their bootimages with permissive settings,
    nor do users need to perform a setenforce command on boot if they really need it.

    The patcher needs to be flashed again after a ROM / bootimage update.


    Downloads (Unlocked Bootloader only)



    Other related useful projects
    Android Bootimage ADB Unsecure Patcher - http://forum.xda-developers.com/-/-t3618558


    Source code
    Project sources - https://github.com/AdrianDC/kernel_permissive_patcher (branch master)
    libbootimg sources - https://github.com/multirom-dev/libbootimg (branch master)
    MultiROM sources - https://github.com/AdrianDC/multirom_core (branch master)



    Kernel Permissive Patcher created also thanks to :
    - Tasssadar for the original MultiROM sources
    - The MultiROM-Dev team for our evolution of MultiROM
    - Chainfire for the boot detection
    - Everyone involved in testing it​


    XDA:DevDB Information
    Kernel Permissive Patcher, Tool/Utility for all devices (see above for details)

    Contributors
    Adrian DC

    Version Information
    Status: No Longer Updated

    Created 2016-11-24
    Last Updated 2019-08-06
    16
    Reserved

    Changelog
    Code:
    Kernel Permissive Patcher - 20/12/2016
    ======================================
    * Fix the 32/64 bits dual support
    
    Kernel Permissive Patcher - 18/12/2016
    ======================================
    * Added support for Sony Stock ELF (64 bits) bootimages
    * libbootimg changes from my recent updates
    
    Kernel Permissive Patcher - 27/11/2016
    ======================================
    * Add support for newer Sony ELF partitions
    * Allows to patch Stock Sony ROMs on the Xperia Z2
    * Updated in collaboration with Alexander Diewald
    
    Kernel Permissive Patcher - 24/11/2016
    ======================================
    * Initial public release on XDA


    Devices confirmed
    Code:
    Sony Xperia SP (Huashan)
    Sony Xperia T/TX/V (Mint, Hayabusa, Tsubasa)
    Sony Xperia L (Taoshan)
    Sony Xperia Z2 (Sirius)
    Sony Xperia X Performance (Dora)
    
    OnePlus One (Bacon)
    ...
    2
    Can I do Operations which are possible when a device is with 'S-OFF', by flashing this zip? I have got HTC desire 10 Lifestyle, which is bootloader unlocked but 'S-ON'. For example, when I write something on to my '/system' partition, the files vanish after a reboot.

    Nope, having a permissive kernel won't change this behavior
    2
    Thanks for this. Can you make a zip that does the opposite, which is patching the kernel to enforcing? Thanks
    This is very simple . you can do yourself.
    steps.
    1.Take .zip from here and decompile
    2. Edit kernel_permissive.sh file
    At line No.18 replace "androidboot.selinux=permissive" with "androidboot.selinux=enforcing"
    3. Re-compile zip
    4. Flash

    ---------- Post added at 09:12 AM ---------- Previous post was at 09:10 AM ----------

    how to uninstall it?

    Restore your stock boot.img
    1
    Wat do work?


    Sent from my Redmi Note 3 using Tapatalk

    Seriously? Please try to read the OP, this is rather short than most other threads, if you don't understand what's this for, you probably won't need this.

    About the project
    Kernel Permissive Patcher is born out of an idea to ease development of ROMs,
    its purpose is to append the permissive flag to a kernel command-line,
    in order to disable the kernel security on boot without user changes.

    The project implements the logic from the MultiROM injection (originally by Tasssadar),
    finds the boot image of your device (boot naming similar to Chainfire's boot detection),
    and extends the cmdline with the permissive flag if required.

    The project also uses my version of libbootimg to support Sony ELF bootimages.

    The objective of Kernel Permissive Patcher is therefore to simply enable permissive
    on a regular kernel for developers and users who would require it.

    The patcher needs to be flashed again after a ROM / boot image update.​