尝试着自己修改了下，Android 10 MIUI 11可用 #17

tofuliang · 2020-06-20T12:42:40Z

看着MIUI 11反编译出来的代码

private void checkSystemSelfProtection(boolean arg2) {
        new Thread(arg2) {
            public void run() {
                PackageInfo v4_1;
                Process.setThreadPriority(10);
                if(!Build.IS_TABLET && !this.val$onlyCore) {
                    System.currentTimeMillis();
                    PackageManager v2 = SecurityManagerService.this.mContext.getPackageManager();
                    try {
                        v4_1 = v2.getPackageInfo("android", 0x40);
                    }
                    catch(PackageManager$NameNotFoundException v4) {
                        v4.printStackTrace();
                        throw new RuntimeException("System error: cannot find android package.");
                    }

                    Signature[] v4_2 = v4_1.signatures;
                    if(SecurityManagerService.this.nativeIsReleased()) {
                        SecurityManagerService.this.enforcePlatformSignature(v4_2);
                    }

                    ArrayList v5 = new ArrayList();
                    v5.add("com.lbe.security.miui");
                    String v6 = "com.android.updater";
                    v5.add(v6);
                    String v7 = "com.miui.securitycenter";
                    v5.add(v7);
                    String v8 = "com.xiaomi.finddevice";
                    v5.add(v8);
                    v5.add("com.miui.home");
                    v5.add("com.miui.guardprovider");
                    v5.add("com.miui.gallery");
                    String v10 = "com.xiaomi.market";
                    if(!Build.IS_INTERNATIONAL_BUILD && !Build.IS_CM_CUSTOMIZATION && !Build.IS_CM_CUSTOMIZATION_TEST) {
                        v5.add("com.miui.player");
                        v5.add("com.android.browser");
                        v5.add(v10);
                    }

                    Iterator v9 = v5.iterator();
                    while(v9.hasNext()) {
                        SecurityManagerService.this.checkEnabled(v2, v9.next());
                    }

                    SecurityManagerService.this.enforceAppSignature(v4_2, v6, true);
                    int v9_1 = 0;
                    SecurityManagerService.this.enforceAppSignature(v4_2, v7, false);
                    SecurityManagerService.this.enforceAppSignature(v4_2, v8, true);
                    if(!Build.IS_INTERNATIONAL_BUILD && !Build.IS_CM_CUSTOMIZATION && !Build.IS_CM_CUSTOMIZATION_TEST) {
                        SecurityManagerService.this.enforceAppSignature(v4_2, v10, false);
                    }

                    boolean v6_1 = SecurityManagerService.this.isOldmanMode();
                    v8 = "SecurityManagerService";
                    if(!SecurityManagerService.this.nativeIsReleased() || (v6_1)) {
                        Log.d(v8, "nativeIsReleased not set or " + v6_1);
                    }
                    else {
                        Log.d(v8, "nativeIsReleased set and " + v6_1);
                        SecurityManagerService v7_2 = SecurityManagerService.this;
                        if(v7_2.checkSysAppCrack()) {
                            v9_1 = 1;
                        }

                        v7_2.mSysAppCracked = v9_1;
                    }

                    System.currentTimeMillis();
                }
            }
        }.start();
    }

再看原来的代码，没搞懂

MIUIAnesthetist/app/src/main/java/com/xposed/miuianesthetist/DisableSecurityCheck.java

Line 50 in df9b2f5

param.args[1] = true;

的用意何在，然后看到注释说onlyCore模式，猜想是这里的传值变了，翻遍这个services.jar也没找到哪里有这个val$onlyCore的赋值操作，就粗暴的使用

setIntField(param.thisObject, "val$onlyCore", 1);

试一下，成功了。
我的是K20 Pro 12+512. MIUI 是 11.0.8
配合Magisk模块终于可以去掉自带的应用商店，使用Google Play作为默认商店了。
修改后的源码在此
其他地方没认真验证过是否生效，不敢PR。
#15

附上成功冻结不反弹的列表

The text was updated successfully, but these errors were encountered:

lzk50136 · 2020-07-11T10:53:07Z

miui12有效吗？大兄弟

tofuliang · 2020-07-12T17:22:21Z

miui12有效吗？大兄弟

有效的！

neoblackxt · 2020-07-14T01:00:27Z

有点意思

Rakau · 2020-10-29T14:18:36Z

我自己没环境，LZ可否编译一个

tofuliang · 2020-10-29T14:26:19Z

我自己没环境，LZ可否编译一个

app-debug.apk.zip

Rakau · 2020-10-30T05:32:31Z

我自己没环境，LZ可否编译一个

app-debug.apk.zip

非常感谢

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

尝试着自己修改了下，Android 10 MIUI 11可用 #17

尝试着自己修改了下，Android 10 MIUI 11可用 #17

tofuliang commented Jun 20, 2020 •

edited

lzk50136 commented Jul 11, 2020

tofuliang commented Jul 12, 2020

neoblackxt commented Jul 14, 2020

Rakau commented Oct 29, 2020

tofuliang commented Oct 29, 2020

Rakau commented Oct 30, 2020

尝试着自己修改了下，Android 10 MIUI 11可用 #17

尝试着自己修改了下，Android 10 MIUI 11可用 #17

Comments

tofuliang commented Jun 20, 2020 • edited

lzk50136 commented Jul 11, 2020

tofuliang commented Jul 12, 2020

neoblackxt commented Jul 14, 2020

Rakau commented Oct 29, 2020

tofuliang commented Oct 29, 2020

Rakau commented Oct 30, 2020

tofuliang commented Jun 20, 2020 •

edited