[ROM][MTK][STOCK] fairphone FP1 kitkat 4.4.4
- Thread starter chrmhoffmann
- Start date
-
- Tags
- development
0.3 released
Hi,
new CVE fixes in 0.3. VTS and Bluebox Trusted are getting greener!
EDIT: I found out why VTS and Bluebox Trusted did not go 100% green. MTK reports errors with MPEG4Extractor a bit different than stock. If I change this, they go green, too. The underlying security fixes are DONE!
If I don't find any issues, I'll correct that so that they report green, too.
Chris
Hi,
new CVE fixes in 0.3. VTS and Bluebox Trusted are getting greener!
EDIT: I found out why VTS and Bluebox Trusted did not go 100% green. MTK reports errors with MPEG4Extractor a bit different than stock. If I change this, they go green, too. The underlying security fixes are DONE!
If I don't find any issues, I'll correct that so that they report green, too.
Chris
Last edited:
Can you do something about this one? https://code.google.com/p/android/issues/detail?id=78187
Our owncloud server has TLS 1.2 with modern ciphers enabled and SSLv3 disabled and I think the problem is that the first attempt with TLS 1.2 fails and then it tries SSLv3 hardcoded...
Apparently it still happens with KitKat for some of the people in the bug report and it also happens with our owncloud server.
Our owncloud server has TLS 1.2 with modern ciphers enabled and SSLv3 disabled and I think the problem is that the first attempt with TLS 1.2 fails and then it tries SSLv3 hardcoded...
Apparently it still happens with KitKat for some of the people in the bug report and it also happens with our owncloud server.
Hi,
I have SSLv3 disabled and my owncloud client app from playstore runs fine with it on the FP1 (latest version). Have you tried it?
Or which client are u using?
Chris
Last edited:
I use the one from f-droid.
If you want to try: https://owncloud.frickel.club
As I said, possibly because some TLS 1.2 ciphers are disabled on the server... I get this exception every time:
Code:
D/NativeCrypto( 2765): ssl=0x0 NativeCrypto_SSL_interrupt
E/GetRemoteStatusOperation( 2765): Connection check at https://owncloud.frickel.club: SSL exception
E/GetRemoteStatusOperation( 2765): javax.net.ssl.SSLHandshakeException: javax.net.ssl.SSLProtocolException: SSL handshake aborted: ssl=0x614ab4a0: Failure in SSL library, usually a protocol error
E/GetRemoteStatusOperation( 2765): error:14077410:SSL routines:SSL23_GET_SERVER_HELLO:sslv3 alert handshake failure (external/openssl/ssl/s23_clnt.c:744 0x5df286fd:0x00000000)
E/GetRemoteStatusOperation( 2765): at com.android.org.conscrypt.OpenSSLSocketImpl.startHandshake(OpenSSLSocketImpl.java:448)
E/GetRemoteStatusOperation( 2765): at com.owncloud.android.lib.common.network.AdvancedSslSocketFactory.verifyPeerIdentity(AdvancedSslSocketFactory.java:248)
E/GetRemoteStatusOperation( 2765): at com.owncloud.android.lib.common.network.AdvancedSslSocketFactory.createSocket(AdvancedSslSocketFactory.java:185)
E/GetRemoteStatusOperation( 2765): at org.apache.commons.httpclient.HttpConnection.open(HttpConnection.java:707)
E/GetRemoteStatusOperation( 2765): at org.apache.commons.httpclient.MultiThreadedHttpConnectionManager$HttpConnectionAdapter.open(MultiThreadedHttpConnectionManager.java:1361)
E/GetRemoteStatusOperation( 2765): at org.apache.commons.httpclient.HttpMethodDirector.executeWithRetry(HttpMethodDirector.java:387)
E/GetRemoteStatusOperation( 2765): at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(HttpMethodDirector.java:171)
E/GetRemoteStatusOperation( 2765): at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397)
E/GetRemoteStatusOperation( 2765): at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:323)
E/GetRemoteStatusOperation( 2765): at com.owncloud.android.lib.common.OwnCloudClient.executeMethod(OwnCloudClient.java:222)
E/GetRemoteStatusOperation( 2765): at com.owncloud.android.lib.common.OwnCloudClient.executeMethod(OwnCloudClient.java:192)
E/GetRemoteStatusOperation( 2765): at com.owncloud.android.lib.resources.status.GetRemoteStatusOperation.tryConnection(GetRemoteStatusOperation.java:89)
E/GetRemoteStatusOperation( 2765): at com.owncloud.android.lib.resources.status.GetRemoteStatusOperation.run(GetRemoteStatusOperation.java:194)
E/GetRemoteStatusOperation( 2765): at com.owncloud.android.lib.common.operations.RemoteOperation.execute(RemoteOperation.java:136)
E/GetRemoteStatusOperation( 2765): at com.owncloud.android.operations.GetServerInfoOperation.run(GetServerInfoOperation.java:81)
E/GetRemoteStatusOperation( 2765): at com.owncloud.android.lib.common.operations.RemoteOperation.execute(RemoteOperation.java:136)
E/GetRemoteStatusOperation( 2765): at com.owncloud.android.services.OperationsService$ServiceHandler.nextOperation(OperationsService.java:478)
E/GetRemoteStatusOperation( 2765): at com.owncloud.android.services.OperationsService$ServiceHandler.handleMessage(OperationsService.java:413)
E/GetRemoteStatusOperation( 2765): at android.os.Handler.dispatchMessage(Handler.java:110)
E/GetRemoteStatusOperation( 2765): at android.os.Looper.loop(Looper.java:193)
E/GetRemoteStatusOperation( 2765): at android.os.HandlerThread.run(HandlerThread.java:61)
E/GetRemoteStatusOperation( 2765): Caused by: javax.net.ssl.SSLProtocolException: SSL handshake aborted: ssl=0x614ab4a0: Failure in SSL library, usually a protocol error
E/GetRemoteStatusOperation( 2765): error:14077410:SSL routines:SSL23_GET_SERVER_HELLO:sslv3 alert handshake failure (external/openssl/ssl/s23_clnt.c:744 0x5df286fd:0x00000000)
E/GetRemoteStatusOperation( 2765): at com.android.org.conscrypt.NativeCrypto.SSL_do_handshake(Native Method)
E/GetRemoteStatusOperation( 2765): at com.android.org.conscrypt.OpenSSLSocketImpl.startHandshake(OpenSSLSocketImpl.java:405)
E/GetRemoteStatusOperation( 2765): ... 20 moreBut on android 5 it works fine.
I think that it's expected behavior on android 4.4.x: https://code.google.com/p/android/issues/detail?id=61085#c8
TLS 1.2 only is not supported on 4.4x.
Chris
you are really putting a lot of effort into that. thanks a ton! Is there any way to help you financially (as that topic already came up on the fairphone forums) - bitcoin account / paypal account for donations / Amazon wishlist?
Cheers!
Hey,
thanks. I have a day job and don't want to get paid! This is the "fairphone", so if you want you can just instead make a donation to some "fair" project and report about your donation here?
Chris
Xposed Fix
I recompiled the xposed module by myself and it works with the latest 0.4 version.
Prerequisites:
Only the original app_process exists on /system/bin folder (Usually after a wipe), no app_process.orig or app_proces.xposed should be there.
Installation:
- Install the xposed installer (to manage the modules, etc).
- To install this you have to download the attached file somewhere on the device.
- Reboot into recovery and apply the "xposed-v58-sdk19-arm-custom-build-by-Quallenauge-20151119.zip" file.
- Reboot, done.
PS: It's a little bit hackish but it works...
I recompiled the xposed module by myself and it works with the latest 0.4 version.
Prerequisites:
Only the original app_process exists on /system/bin folder (Usually after a wipe), no app_process.orig or app_proces.xposed should be there.
Installation:
- Install the xposed installer (to manage the modules, etc).
- To install this you have to download the attached file somewhere on the device.
- Reboot into recovery and apply the "xposed-v58-sdk19-arm-custom-build-by-Quallenauge-20151119.zip" file.
- Reboot, done.
PS: It's a little bit hackish but it works...
Sorry I don't have time to fix the installer.... so there are some instructions how to solve this issue:
Code:
adb shell
su
mount -o remount,rw /system
rm /system/bin/app_process
mv /system/bin/app_process_xposed /system/bin/app_process
chown root:shell /system/bin/app_process
rebootIssue: Phone doesn't lock and statusbar is locked...
At the fairphone forum there are users which also have this problem.
At the fairphone forum @ralf_xda observed the following:
Also in case the alarm clock starts ringing...after close the alarm I get directly to the launcher (statusbar locked).
Maybe it has to do with the keyguard from MTK. I think it would help to switch to 4.4.2 and record an locgat with the above steps so that the differences can be analyzed.
At the fairphone forum there are users which also have this problem.
At the fairphone forum @ralf_xda observed the following:
I can provoke this behavior any time I open maps and set up a navigation. Then I turn power off, wait some seconds. When I turn the phone on and close the map ap there is no lock screen but the normal launcher screen (statusbar locked).
Also in case the alarm clock starts ringing...after close the alarm I get directly to the launcher (statusbar locked).
Maybe it has to do with the keyguard from MTK. I think it would help to switch to 4.4.2 and record an locgat with the above steps so that the differences can be analyzed.
Yes, there are no issues (for me) regarding this one. E.g. After answering the alarm at the alarm clock moves me to the lock screen. At the 4.4.4 it goes directly to the launcher screen.
...Currently I disabled the lock screen, to avoid such situations ( sideeffect: Locked status bar)
Last edited:
Similar threads
- Poll
Top Liked Posts
-
There are no posts matching your filters.
-
27This is Android 4.4.4 kitkat compiled from scratch from some other device sources that you find on the web. Adapted to fairphone FP1(U).
It includes various security fixes on top of 4.4.4 - but most likely not all. Major security hole detectors are green now (VTS, Bluebox, Zimperium).
NOTE: PHONES CAN BE LIFE SAVERS. DON'T RELY ON THIS PHONE AS YOUR SOLE COMMUNICATION MEANS. I HAVE NOT TESTED EMERGENCY CALLS, NOR CAN I GUARANTEE THAT THIS PHONE WILL WORK IF YOU ARE IN DANGER. CARRY ANOTHER PHONE WITH YOU. DON'T GO FOR A 3 DAY HIKE ONLY WITH THIS PHONE!
Without much ado...
To install...
- Flash the recovery from here: https://basketbuild.com/filedl/devs?dev=chrmhoffmann&dl=chrmhoffmann/fp1-kk-stock/recovery.img
- Boot into recovery and flash the rom, eg. with adb sideload. Download here: https://basketbuild.com/filedl/devs...mhoffmann/fp1-kk-stock/fp1-kk444-CH-0.9.7.zip MD5sum: 9140c93ff8f2b8327fdd330d2448c16f
- I guess you also want to flash some KK gapps that can be found somewhere (e.g http://opengapps.org/?api=4.4&variant=nano)
- You might also lose your IMEI like me? Don't PANIC! The IMEI's are noted on your FP. Remove the battery and write down the numbers. Then once you have booted the phone, follow this simple tutorial to fix this: https://www.facebook.com/fXDAdev/posts/448292925303711
Bugs:
- IMEI loss when flashing from stock FP1. No clue why this happens. Are we somehow overriding some NVRAM?
- CTS is complaining about some issues. https://christianhoffmann.info/2015.11.29_16.17.03/testResult.xml
- As this is a merge of 4.4.4 into the MTK stuff, watch out for more bugs than the previous release. Not merged: the new 4.4.4 dialer screen (we stick with 4.4.2 dialer as the modifications are too heavy), chromium does not support wml anymore (who cares?).
- You most likely need to wipe to install this when coming from the previous KK version to 4.4.4. Email app e.g. seems to crash without.
- Playstore version of Google Authenticator does not work (see https://github.com/google/google-authenticator-android/pull/4). Use the OSS version https://github.com/google/google-authenticator-android/releases - this is not specific to FP1 but seems an MTK issue.
- A dirty update (without wipe) from 0.8 on an encrypted device seems to reboot once during the "Android is upgrading" dialog
- Sometimes the lower part of the homescreen launcher seems to lose transparency.
Changelog fp1-kk444-CH-0.9.7 (you might want to check if there are new gapps here as you need to flash them again at same time: http://opengapps.org/):
- Android Security Updates from Google bulletin 1-MAY-2016 (https://source.android.com/security/bulletin/2016-05-01.html)
- Kernel CVEs including the mediatek wifi ones from https://source.android.com/security/advisory/2016-03-18.html, CVE-2016-2549, CVE-2016-2847, CVE-2016-2547, CVE-2016-2546, CVE-2016-2545, CVE-2016-2384
Changelog fp1-kk444-CH-0.9.6 (you might want to check if there are new gapps here as you need to flash them again at same time: http://opengapps.org/):
- Android Security Updates from Google bulletin 2-APR-2016 (https://source.android.com/security/bulletin/2016-04-02.html)
- Kernel CVEs including the one from https://source.android.com/security/advisory/2016-03-18.html, CVE-2015-7550, CVE-2016-0774, CVE-2016-0821, CVE-2016-0723.
Changelog fp1-kk444-CH-0.9.5 (you might want to check if there are new gapps here as you need to flash them again at same time: http://opengapps.org/):
- Android Security Updates from Google bulletin 1-MAR-2016 (https://source.android.com/security/bulletin/2016-03-01.html)
(incl. the kernel fixes that Google only publishes for Google One / Sprout - ported to MT6589)
Changelog fp1-kk444-CH-0.9.4 (you might want to check if there are new gapps here as you need to flash them again at same time: http://opengapps.org/):
- Android Security Updates from Google bulletin 1-FEB-2016 (http://source.android.com/security/b...016-02-01.html)
- Kernel CVE CVE-2015-8785
Changelog fp1-kk444-CH-0.9.3:
- Android Security Updates from Google bulletin 1-JAN-2015 (http://source.android.com/security/bulletin/2016-01-01.html)
- Some kernel CVEs (CVE2015-8543, CVE2015-8575, CVE2015-7509)
- Attempt to fix German's E-PLUS on O2 roaming
Changelog fp1-kk444-CH-0.9.2:
- Fix that you can now call funny numbers like *143# without phone application crash
- Fix to be able to add contacts to SIM card
Changelog fp1-kk444-CH-0.9.1:
- several kernel CVEs (CVE-2015-5697, CVE-2015-8539, CVE-2015-8215, and a few more without CVE yet)
- the december 1st security advisory bulletin skia issue introduced in 0.9.0 - aka as the dilbert bug - is fixed now
Changelog fp1-kk444-CH-0.9:
- android security bulletin https://source.android.com/security/bulletin/2015-12-01.html
- also update gapps if you install them: http://opengapps.org/?api=4.4&variant=nano
Changelog fp1-kk444-CH-0.8:
- google location providers are used now, which should enable network location provider (in case you installed google apps).
Changelog fp1-kk444-CH-0.7:
- National roaming should be fixed (at least as good as CM). If you still have issue with national roaming, send me your mmc/mmn data.
- Use original FP1 lens parameters for fm50af lens - does this improve the auto/manual focus issues that some people reported compared to stock FP jellybean?
- Attempt to fix the problem where sometimes the scrollbar and recents screen stopped working and screen locked despite having higher screen timeouts.
- Full CTS result: https://christianhoffmann.info/2015.11.29_16.17.03/testResult.xml
Changelog fp1-kk444-CH-0.5:
- SELinux enforcing
- Camera app now shows all resolutions
- adb now requires acceptance of adb key
Changelog fp1-kk444-CH-0.4:
- ro.adb.secure set
- browser default pages revisited (removed wrong thumbnail).
- removed MTK root CAs that are not in AOSP
- fixed remaining security false-positives in VTS and Bluebox Trustable - all green now
- USB default setting should be MTP now
Changelog fp1-kk444-CH-0.3:
- More CVE fixes (e.g CVE-2015-3845). VTS and Bluebox Trustable are almost green. For some reasons they still think "Stagefright" is not fixed. Zimperium nevertheless shows all stagefright OK. Edit: found out why. It's false positive as MTK reports errors in MPEG4Extractor differently than stock.
Changelog fp1-kk444-CH-0.2:
- Netflix issue fixed with new blob from E3
- Some CTS issues fixed
- More security fixes CVE-2014-7911
Changelog fp1-kk444-CH-0.1:
- Upgraded to 4.4.4_r2.0.1: Yay! That was an insane amount of work. The following "shortcuts" were taken:
-- Chromium sources taken from AOSP - MTK added wml but it was too much work to merge this back in
-- Email app sources taken from aosp - MTK customized something there esp. exchange sync, is that really giving someone problems?
-- Dialer app taken from MTK without 4.4.4 updates - that stuff is too heavily customized also for dual sim, and 4.4.4 revamped the UI, so this was just too much work for now.
- Latest security fixes up to November 2015. Security fixes also for wpa_supplicant_8 (thanks to Michael Bestas for collecting them for CM)
- Kernel sec fixes
- FP1 power profile xml (does this actually change anything)
As usual some credits:
- @Santhosh M : for some advice on the modem/baseband
- @keesj and fairphone for ___providing___ me a fairphone that replaced my own broken one (never figured out why it doesn't boot anymore)
- @CyanogenMod and koush for superuser stuff that I kanged into the MTK stock
- @CyanogenMod for the stagefright fixes
Let me know if
- it works also on older FP1 (without U).
- you have problems with your IMEI, too
- if you find other major issues
- if you think I am missing some security updates
- i had some issues getting the "phone" part of it work. Somehow it started working - not sure what it was. If you don't get the phone (call, etc.) to work, check your IMEIs first.80.7
0.7 changelog:
- fix the R - oaming symbol for some virtual operators (like Free in France)
- Use fm50AF lens params from original FP - does this make auto focus better?
- Fix lock screen issue (thx @Quallenauge for the reproducible test case from Google Maps navigation). This fixes at least one pattern that broke the slider and recents screen. I am not sure if this fixes all those issues, but I hope so
Give it a go!
Chris760.9.1 released...
It fixes:
- several kernel CVEs
- the december 1st security advisory bulletin skia issue introduced in 0.9.0 - aka as the dilbert bug6
