What's new in SuperSU
plus.google.com/+Chainfire/posts/S4ucYdfqPhq
SuperSU v2.77 BETA - Note7 (Exynos) shenanigans
Unfortunately SuperSU did not work on the Note7 (Exynos) out-of-the-box. As its release has been delayed in my country, we've had to resort to remote debugging, which is slow and frustrating. But, thanks to the ever helpful Dr.Ketan and SeraphSephiroth we finally got it working.
New exploit protections
As isn't uncommon with Samsung, they've built-in some new (and arguably ineffective to actual exploits) protections directly to the kernel code, that cannot be turned off by just modifying the boot image ramdisk.
This time, they've decided to kernel panic in case a 'priviliged' process (uid or gid below or equal to 1000, so this includes root and system processes) creates another process that isn't stored in /system or rootfs. SuperSU itself does this, but so do a great many root apps. Any time this happens: immediate reboot.
I'm not going to elaborate why in my opinion this is a fairly useless protection exploit-wise, but needless to say it is fairly bothersome for the normal root user, which is probably a lot more relevant for the average reader here.
Unfortunately - unlike many of the security features developed by Google - this feature is not easily disabled by modifying initramfs (boot image ramdisk), and requires further trickery to bypass.
Maybe a better bypass is yet to by found, but for the time being, I have resorted to patching the check inside the kernel itself when the systemless SuperSU boot image is created. This prevents the user from needing a custom source-built kernel, but it's questionable how long this hex patch will work. The code that performs this patch is fairly trivial - it may keep working the rest of the Note7's lifetime, or stop working the next update.
In other words, this could end up being resource intensive to support, or not. We don't know yet. We have to wait and see what Samsung is going to do.
Bearer of bad news
We know S and Note development are generally strongly related, so we should assume to see the same 'protections' appear in the S7 sooner or later as well. This is probably the (ugly) way forward.
Workarounds
Aside from the binary/hex patch SuperSU employs (see common/hexpatch inside the ZIP), there are some more ways to get around this protection.
If you're compiling kernels from source, it seems that setting CONFIG_RKP_NS_PROT=n gets rid of these protections. You may want to disable other RKP and TIMA settings as well, but that is the one directly relating to this issue.
This protection also disables itself in recovery mode, so simply copying a boot image with these protections to the recovery partition and rebooting into recovery (which will then just launch Android) will work beautifully as well.
CF-Auto-Root
The test CFARs I have made so far for the Note7 have not worked, so since both TWRP and SuperSU ZIPs are already available for this device, I'm dropping CFAR development until I have a device in-hand.
Links
SuperSU BETA thread: forum.xda-developers.com/apps/supersu/2014-09-02-supersu-v2-05-t2868133
TWRP flashable ZIP: download.chainfire.eu/999/SuperSU/BETA-SuperSU-v2.77-20160827190633.zip
About SuperSU
SuperSU is the Superuser access management tool of the future ;)
!!! SuperSU requires a rooted device !!!
SuperSU allows for advanced management of Superuser access rights for all the apps on your device that need root. SuperSU has been built from the ground up to counter a number of problems with other Superuser access management tools.
Features include:
- Superuser access prompt
- Superuser access logging
- Superuser access notifications
- Per-app notification configuration
- Temporary unroot
- Deep process detection (no more unknowns)
- Works in recovery (no more segfaulting)
- Works when Android isn't properly booted
- Works with non-standard shell locations
- Always runs in ghost mode
- Wake on prompt
- Convert to /system app
- Complete unroot
- Backup script to survive CyanogenMod nightlies
- Icon selectable from 5 options + invisible
- Theme selectable from 4 options
- Launch from dialer: *#*#1234#*#* or *#*#7873778#*#* (*#*#SUPERSU#*#*)
NOTE: Not all phones take both codes. On some phones you need to use single *# instead of double *#*#
The Pro version additionally offers:
- OTA survival mode (no guarantees)
- Full color-coded command content logging (input/output/error)
- Per-app logging configuration
- Per-app user override
- Grant/deny root to an app for a set amount of time
- PIN protection
- Per-app PIN protection
- Adjust auto-deny countdown
The discussion and support thread can be found on XDA-Developers here:
forum.xda-developers.com/showthread.php?t=1538053
SUPERUSER
This is meant to replace Superuser (if installed), you use either one or the other. You cannot combine them. Statements that this breaks Superuser are therefore completely nonsensical.
NOTICE: A SPECIAL PROCEDURE IS NEEDED FOR UNINSTALLATION. IF YOU DO NOT LIKE THE APP, DO *NOT* JUST UNINSTALL IT, YOU *WILL* LOSE ROOT.
Superuser access management runs through a so called "su binary". There can be only one of these at a time. So if you install SuperSU, your previous superuser access management solution will no longer operate. So if you want to switch back: (1) Open that application, and search for an option for it to install/update/replace the "su binary". (2) Confirm root-using apps are using the superuser solution you want. (3) Uninstall SuperSU.
TRANSLATIONS
Want to help translate SuperSU ? See www.getlocalization.com/supersu/ !
IN-APP PURCHASES
These are completely optional and more like donations. They do not unlock any functionality.
Download SuperSU
This release may come in several variants. Consult our handy FAQ to see which download is right for you.
Version:2.82.1
Uploaded:January 1, 2018 at 8:18PM UTC
File size:5.97 MB
Downloads:183,979
Version:2.82-SR5
Uploaded:October 1, 2017 at 10:15PM UTC
File size:6.06 MB
Downloads:80,977
Version:2.82-SR4
Uploaded:September 18, 2017 at 7:11PM UTC
File size:6.06 MB
Downloads:3,543
Version:2.82-SR3
Uploaded:August 13, 2017 at 2:44PM UTC
File size:6.06 MB
Downloads:7,188
Version:2.82-SR2
Uploaded:August 12, 2017 at 11:33PM UTC
File size:6.06 MB
Downloads:2,479
Version:2.82-SR1
Uploaded:June 15, 2017 at 9:04PM UTC
File size:6.03 MB
Downloads:7,355
Version:2.82
Uploaded:May 29, 2017 at 4:33PM UTC
File size:5.93 MB
Downloads:14,256
Version:2.81
Uploaded:May 25, 2017 at 3:21PM UTC
File size:5.87 MB
Downloads:8,321
Version:2.80
Uploaded:May 24, 2017 at 10:47PM UTC
File size:5.87 MB
Downloads:6,597
Version:2.79-SR4
Uploaded:March 23, 2017 at 9:48PM UTC
File size:6.24 MB
Downloads:24,473