PlayIntegrityFix/module/service.sh

# Conditional sensitive properties

resetprop_if_diff() {
    local NAME=$1
    local EXPECTED=$2
    local CURRENT=$(resetprop $NAME)
    
    [ -z "$CURRENT" ] || [ "$CURRENT" == "$EXPECTED" ] || resetprop $NAME $EXPECTED
}

resetprop_if_match() {
    local NAME=$1
    local CONTAINS=$2
    local VALUE=$3
    
    [[ "$(resetprop $NAME)" == *"$CONTAINS"* ]] && resetprop $NAME $VALUE
}

# Magisk recovery mode
resetprop_if_match ro.bootmode recovery unknown
resetprop_if_match ro.boot.mode recovery unknown
resetprop_if_match vendor.boot.mode recovery unknown

# SELinux
if [ -n "$(resetprop ro.build.selinux)" ]; then
    resetprop --delete ro.build.selinux
fi

# use toybox to protect *stat* access time reading
if [ "$(toybox cat /sys/fs/selinux/enforce)" == "0" ]; then
    chmod 640 /sys/fs/selinux/enforce
    chmod 440 /sys/fs/selinux/policy
fi

# must be set after boot_completed for various OEMs
until [ "$(getprop sys.boot_completed)" == "1" ]; do
    sleep 1
done

# RootBeer, Microsoft
resetprop_if_diff ro.build.tags release-keys

# Samsung
resetprop_if_diff ro.boot.warranty_bit 0
resetprop_if_diff ro.vendor.boot.warranty_bit 0
resetprop_if_diff ro.vendor.warranty_bit 0
resetprop_if_diff ro.warranty_bit 0

# Xiaomi
resetprop_if_diff ro.secureboot.lockstate locked

# Realme
resetprop_if_diff ro.boot.realmebootstate green

# OnePlus
resetprop_if_diff ro.is_ever_orange 0

# Other
resetprop_if_diff ro.build.type user
resetprop_if_diff ro.debuggable 0
resetprop_if_diff ro.secure 1

# avoid breaking Realme fingerprint scanners
resetprop_if_diff ro.boot.flash.locked 1
resetprop_if_diff ro.boot.realme.lockstate 1

# avoid breaking Oppo fingerprint scanners
resetprop_if_diff ro.boot.vbmeta.device_state locked

# avoid breaking OnePlus display modes/fingerprint scanners
resetprop_if_diff vendor.boot.verifiedbootstate green

# avoid breaking OnePlus/Oppo display fingerprint scanners on OOS/ColorOS 12+
resetprop_if_diff ro.boot.verifiedbootstate green
resetprop_if_diff ro.boot.veritymode enforcing
resetprop_if_diff vendor.boot.vbmeta.device_state locked
Module scripts fixes/improvements - add back check_resetprop but rename functions to make their use more clear (thanks HuskyDG) - combine system.prop (runs at post-fs-data) entries into service.sh so that they're only set if needed (note that they therefore wouldn't need to be late props) - use a uniform style in all scripts (only necessary quoting and brackets, add trailing newlines, spaces not tabs :P) - remove GMS data pif.prop/pif.json files left over from previous releases to ensure they don't trigger detection at some point (these lines can be removed again in a later release once we're satisfied everyone affected has this resolved) 2023-11-29 12:19:14 +08:00			`# Conditional sensitive properties`
v13.6 2023-11-25 03:58:30 +08:00
Module scripts fixes/improvements - add back check_resetprop but rename functions to make their use more clear (thanks HuskyDG) - combine system.prop (runs at post-fs-data) entries into service.sh so that they're only set if needed (note that they therefore wouldn't need to be late props) - use a uniform style in all scripts (only necessary quoting and brackets, add trailing newlines, spaces not tabs :P) - remove GMS data pif.prop/pif.json files left over from previous releases to ensure they don't trigger detection at some point (these lines can be removed again in a later release once we're satisfied everyone affected has this resolved) 2023-11-29 12:19:14 +08:00			`resetprop_if_diff() {`
			`local NAME=$1`
			`local EXPECTED=$2`
			`local CURRENT=$(resetprop $NAME)`
Refactor code v15.2 2024-01-12 20:32:32 +08:00
v15.5 2024-02-03 22:24:43 +08:00			`[ -z "$CURRENT" ] \|\| [ "$CURRENT" == "$EXPECTED" ] \|\| resetprop $NAME $EXPECTED`
v13.6 2023-11-25 03:58:30 +08:00			`}`
New update :D 2023-12-01 01:28:01 +08:00
Module scripts fixes/improvements - add back check_resetprop but rename functions to make their use more clear (thanks HuskyDG) - combine system.prop (runs at post-fs-data) entries into service.sh so that they're only set if needed (note that they therefore wouldn't need to be late props) - use a uniform style in all scripts (only necessary quoting and brackets, add trailing newlines, spaces not tabs :P) - remove GMS data pif.prop/pif.json files left over from previous releases to ensure they don't trigger detection at some point (these lines can be removed again in a later release once we're satisfied everyone affected has this resolved) 2023-11-29 12:19:14 +08:00			`resetprop_if_match() {`
			`local NAME=$1`
			`local CONTAINS=$2`
			`local VALUE=$3`
Refactor code v15.2 2024-01-12 20:32:32 +08:00
v15.5 2024-02-03 22:24:43 +08:00			`[[ "$(resetprop $NAME)" == "$CONTAINS" ]] && resetprop $NAME $VALUE`
Module scripts fixes/improvements - add back check_resetprop but rename functions to make their use more clear (thanks HuskyDG) - combine system.prop (runs at post-fs-data) entries into service.sh so that they're only set if needed (note that they therefore wouldn't need to be late props) - use a uniform style in all scripts (only necessary quoting and brackets, add trailing newlines, spaces not tabs :P) - remove GMS data pif.prop/pif.json files left over from previous releases to ensure they don't trigger detection at some point (these lines can be removed again in a later release once we're satisfied everyone affected has this resolved) 2023-11-29 12:19:14 +08:00			`}`

v13.6 2023-11-25 03:58:30 +08:00			`# Magisk recovery mode`
Module scripts fixes/improvements - add back check_resetprop but rename functions to make their use more clear (thanks HuskyDG) - combine system.prop (runs at post-fs-data) entries into service.sh so that they're only set if needed (note that they therefore wouldn't need to be late props) - use a uniform style in all scripts (only necessary quoting and brackets, add trailing newlines, spaces not tabs :P) - remove GMS data pif.prop/pif.json files left over from previous releases to ensure they don't trigger detection at some point (these lines can be removed again in a later release once we're satisfied everyone affected has this resolved) 2023-11-29 12:19:14 +08:00			`resetprop_if_match ro.bootmode recovery unknown`
			`resetprop_if_match ro.boot.mode recovery unknown`
			`resetprop_if_match vendor.boot.mode recovery unknown`
v13.6 2023-11-25 03:58:30 +08:00
Module scripts fixes/improvements - add back check_resetprop but rename functions to make their use more clear (thanks HuskyDG) - combine system.prop (runs at post-fs-data) entries into service.sh so that they're only set if needed (note that they therefore wouldn't need to be late props) - use a uniform style in all scripts (only necessary quoting and brackets, add trailing newlines, spaces not tabs :P) - remove GMS data pif.prop/pif.json files left over from previous releases to ensure they don't trigger detection at some point (these lines can be removed again in a later release once we're satisfied everyone affected has this resolved) 2023-11-29 12:19:14 +08:00			`# SELinux`
Move props that need to be changed earlier into post-fs-data.sh 2023-11-30 00:49:52 +08:00			`if [ -n "$(resetprop ro.build.selinux)" ]; then`
			`resetprop --delete ro.build.selinux`
Fix JSON parsing, less libs size and few code updates! 2023-11-29 17:10:07 +08:00			`fi`
New update :D 2023-12-01 01:28:01 +08:00
Module scripts fixes/improvements - add back check_resetprop but rename functions to make their use more clear (thanks HuskyDG) - combine system.prop (runs at post-fs-data) entries into service.sh so that they're only set if needed (note that they therefore wouldn't need to be late props) - use a uniform style in all scripts (only necessary quoting and brackets, add trailing newlines, spaces not tabs :P) - remove GMS data pif.prop/pif.json files left over from previous releases to ensure they don't trigger detection at some point (these lines can be removed again in a later release once we're satisfied everyone affected has this resolved) 2023-11-29 12:19:14 +08:00			`# use toybox to protect stat access time reading`
			`if [ "$(toybox cat /sys/fs/selinux/enforce)" == "0" ]; then`
v13.7 2023-11-25 09:13:22 +08:00			`chmod 640 /sys/fs/selinux/enforce`
			`chmod 440 /sys/fs/selinux/policy`
			`fi`

Remove unused files and move logic to C 2024-02-07 18:48:47 +08:00			`# must be set after boot_completed for various OEMs`
			`until [ "$(getprop sys.boot_completed)" == "1" ]; do`
			`sleep 1`
			`done`

			`# RootBeer, Microsoft`
			`resetprop_if_diff ro.build.tags release-keys`

			`# Samsung`
			`resetprop_if_diff ro.boot.warranty_bit 0`
			`resetprop_if_diff ro.vendor.boot.warranty_bit 0`
			`resetprop_if_diff ro.vendor.warranty_bit 0`
			`resetprop_if_diff ro.warranty_bit 0`

			`# Xiaomi`
			`resetprop_if_diff ro.secureboot.lockstate locked`

			`# Realme`
			`resetprop_if_diff ro.boot.realmebootstate green`

			`# OnePlus`
			`resetprop_if_diff ro.is_ever_orange 0`

			`# Other`
			`resetprop_if_diff ro.build.type user`
			`resetprop_if_diff ro.debuggable 0`
			`resetprop_if_diff ro.secure 1`
v15.0 2023-12-28 08:18:58 +08:00
Remove unused files and move logic to C 2024-02-07 18:48:47 +08:00			`# avoid breaking Realme fingerprint scanners`
			`resetprop_if_diff ro.boot.flash.locked 1`
			`resetprop_if_diff ro.boot.realme.lockstate 1`
Refactor code v15.2 2024-01-12 20:32:32 +08:00
Remove unused files and move logic to C 2024-02-07 18:48:47 +08:00			`# avoid breaking Oppo fingerprint scanners`
			`resetprop_if_diff ro.boot.vbmeta.device_state locked`
Refactor code v15.2 2024-01-12 20:32:32 +08:00
Remove unused files and move logic to C 2024-02-07 18:48:47 +08:00			`# avoid breaking OnePlus display modes/fingerprint scanners`
			`resetprop_if_diff vendor.boot.verifiedbootstate green`
Refactor code v15.2 2024-01-12 20:32:32 +08:00
Remove unused files and move logic to C 2024-02-07 18:48:47 +08:00			`# avoid breaking OnePlus/Oppo display fingerprint scanners on OOS/ColorOS 12+`
			`resetprop_if_diff ro.boot.verifiedbootstate green`
			`resetprop_if_diff ro.boot.veritymode enforcing`
			`resetprop_if_diff vendor.boot.vbmeta.device_state locked`