From aba51a6ed5c39f9f54da9e0a2bc77b1e85705146 Mon Sep 17 00:00:00 2001
From: Park Ju Hyung <qkrwngud825@gmail.com>
Date: Mon, 6 Nov 2017 20:30:39 +0900
Subject: [PATCH] init: workaround SafetyNet check

Doing this in the userspace allows more properties to be spoofed
and eliminate the needs for a hack in the kernel.

Change-Id: I6ad755c085491c958c8a7d75db7df2c8e5481a55
Signed-off-by: Dmitrii <bankersenator@gmail.com>
---
 init/property_service.cpp | 47 +++++++++++++++++++++++++++++++++++++++
 1 file changed, 47 insertions(+)

diff --git a/init/property_service.cpp b/init/property_service.cpp
index aeee5c5f7..d93487cf9 100644
--- a/init/property_service.cpp
+++ b/init/property_service.cpp
@@ -875,6 +875,50 @@ static void load_override_properties() {
     }
 }
 
+static const char *snet_prop_key[] = {
+	"ro.boot.vbmeta.device_state",
+	"ro.boot.verifiedbootstate",
+	"ro.boot.flash.locked",
+	"ro.boot.selinux",
+	"ro.boot.veritymode",
+	"ro.boot.warranty_bit",
+	"ro.warranty_bit",
+	"ro.debuggable",
+	"ro.secure",
+	"ro.build.type",
+	"ro.build.keys",
+	"ro.build.tags",
+	"ro.system.build.tags",
+	NULL
+};
+
+static const char *snet_prop_value[] = {
+	"locked", // ro.boot.vbmeta.device_state
+	"green", // ro.boot.verifiedbootstate
+	"1", // ro.boot.flash.locked
+	"enforcing", // ro.boot.selinux
+	"enforcing", // ro.boot.veritymode
+	"0", // ro.boot.warranty_bit
+	"0", // ro.warranty_bit
+	"0", // ro.debuggable
+	"1", // ro.secure
+	"user", // ro.build.type
+	"release-keys", // ro.build.keys
+	"release-keys", // ro.build.tags
+	"release-keys", // ro.system.build.tags
+	NULL
+};
+
+static void workaround_snet_properties() {
+	std::string error;
+	LOG(INFO) << "snet: Hiding sensitive props";
+
+	// Hide all sensitive props
+	for (int i = 0; snet_prop_key[i]; ++i) {
+		PropertySetNoSocket(snet_prop_key[i], snet_prop_value[i], &error);
+	}
+}
+
 // If the ro.product.[brand|device|manufacturer|model|name] properties have not been explicitly
 // set, derive them from ro.product.${partition}.* properties
 static void property_initialize_ro_product_props() {
@@ -1259,6 +1303,9 @@ void PropertyLoadBootDefaults() {
 
     update_sys_usb_config();
 
+    // Workaround SafetyNet
+    workaround_snet_properties();
+
     // Restore the normal property override security after init extension is executed
     weaken_prop_override_security = false;
 }