From 355c0444c76bec9a9c0df6ac26be24642e95893b Mon Sep 17 00:00:00 2001 From: KOWX712 Date: Thu, 6 Mar 2025 14:13:09 +0800 Subject: [PATCH] feat: handle vbmeta related prop - enforce boot hash to lowercase --- module/common/boot_hash | 6 ------ module/install_func.sh | 9 ++++----- module/service.sh | 18 +++++++++++++----- module/webui/scripts/boot_hash.js | 9 ++++++--- 4 files changed, 23 insertions(+), 19 deletions(-) delete mode 100644 module/common/boot_hash diff --git a/module/common/boot_hash b/module/common/boot_hash deleted file mode 100644 index 959c99e..0000000 --- a/module/common/boot_hash +++ /dev/null @@ -1,6 +0,0 @@ -# This file is to pass Minotaur native test 'Partition Check Fail' -# Download Key Attestation (chiteroman fork recommended) -# Link: https://github.com/chiteroman/KeyAttestation/releases -# Get your VerifiedBootHash value from Key Attestation app -# Ask here if you don't know how to do: https://t.me/kowchannelchat -# Paste verifiedBootHash value on next line and save \ No newline at end of file diff --git a/module/install_func.sh b/module/install_func.sh index 5bc1fba..ef58261 100644 --- a/module/install_func.sh +++ b/module/install_func.sh @@ -32,11 +32,10 @@ find_config() { } migrate_config() { - # Migrate boot_hash - if [ ! -f "/data/adb/boot_hash" ]; then - mv "$COMPATH/boot_hash" "/data/adb/boot_hash" - else - rm -f "$COMPATH/boot_hash" + # remove empty file + if [ -f "/data/adb/boot_hash" ]; then + hash_value=$(grep -v '^#' "/data/adb/boot_hash" | tr -d '[:space:]' | tr '[:upper:]' '[:lower:]') + [ -z "$hash_value" ] && rm -f /data/adb/boot_hash || echo "$hash_value" > /data/adb/boot_hash fi # Migrate security_patch config* diff --git a/module/service.sh b/module/service.sh index e973f27..431cfb4 100644 --- a/module/service.sh +++ b/module/service.sh @@ -22,17 +22,25 @@ add_denylist_to_target() { done } +resetprop_if_empty() { + CURRENT=$(getprop "$1") + [ -z "$CURRENT" ] && resetprop -n "$1" "$2" +} + # Spoof security patch if [ -f "/data/adb/tricky_store/security_patch_auto_config" ]; then sh "$MODPATH/common/get_extra.sh" --security-patch fi -# Reset verified Boot Hash -hash_value=$(grep -v '^#' "/data/adb/boot_hash" | tr -d '[:space:]') -if [ -n "$hash_value" ]; then - resetprop -n ro.boot.vbmeta.digest "$hash_value" +# Reset vbmeta related prop +if [ -f "/data/adb/boot_hash" ]; then + hash_value=$(grep -v '^#' "/data/adb/boot_hash" | tr -d '[:space:]' | tr '[:upper:]' '[:lower:]') + [ -z "$hash_value" ] && rm -f /data/adb/boot_hash || resetprop -n ro.boot.vbmeta.digest "$hash_value" fi - +resetprop_if_empty ro.boot.vbmeta.invalidate_on_error yes +resetprop_if_empty ro.boot.vbmeta.avb_version 1.0 +resetprop_if_empty ro.boot.vbmeta.hash_alg sha256 +resetprop_if_empty ro.boot.vbmeta.size 10496 # Disable TSupport-A auto update target to prevent overwrite if [ -d "$TSPA" ]; then diff --git a/module/webui/scripts/boot_hash.js b/module/webui/scripts/boot_hash.js index d562c3d..9030bec 100644 --- a/module/webui/scripts/boot_hash.js +++ b/module/webui/scripts/boot_hash.js @@ -4,9 +4,9 @@ const bootHashOverlay = document.getElementById('boot-hash-overlay'); const inputBox = document.getElementById('boot-hash-input'); const saveButton = document.getElementById('boot-hash-save-button'); -// Remove empty spaces from input +// Remove empty spaces from input and convert to lowercase window.trimInput = (input) => { - input.value = input.value.replace(/\s+/g, ''); + input.value = input.value.replace(/\s+/g, '').toLowerCase(); }; // Function to handle Verified Boot Hash @@ -38,10 +38,13 @@ document.getElementById("boot-hash").addEventListener("click", async () => { saveButton.addEventListener("click", async () => { const inputValue = inputBox.value.trim(); try { - await execCommand(`echo "${inputValue}" > /data/adb/boot_hash`); await execCommand(` PATH=/data/adb/ap/bin:/data/adb/ksu/bin:/data/adb/magisk:$PATH resetprop -n ro.boot.vbmeta.digest ${inputValue} + [ -z "${inputValue}" ] && rm -f /data/adb/boot_hash || { + echo "${inputValue}" > /data/adb/boot_hash + chmod 644 /data/adb/boot_hash + } `); showPrompt("prompt.boot_hash_set"); closeBootHashMenu();