小米845系列机器类原生调用红外摄像头进行人脸识别 背景 小米845系列的小米8、小米8屏幕指纹版有一颗前置红外摄像头用于面部识别，这样即使在无光的环境下仍可以使用面部解锁。然而如果使用LineageOS的设备树不加修改编译出来的类原生无法使用红外摄像头，只能使用普通的摄像头，而PixelExperience的设备树是可以的，故探究其原因。 原因 CameraID 首先是需要指定人脸识别模块使用红外摄像头。翻阅PixelExperience的相关设备树源码可以发现：在overlay中设置了调用CameraID为5的摄像头用作人脸识别。 https://github.com/PixelExperience-Devices/device_xiaomi_dipper/blob/fourteen/overlay/packages/apps/FaceUnlockService/app/src/main/res/values/config.xml <?xml version="1.0" encoding="utf-8"?> <resources> <integer name="override_front_cam_id">5</integer> <bool name="use_alternative_vendor_impl">true</bool> </resources> PixelExperience使用的是motorola的人脸解锁方案，而现在很多类原生使用的是AOSPA的ParanoidSense，因此上述设置的overlay并不适用。 查阅ParanoidSense源码可以看到：使用了Properties属性ro.face.sense_service.camera_id标识使用的摄像头。 https://github.com/AOSPA/android_packages_apps_ParanoidSense/blob/uvite/src/co/aospa/sense/camera/CameraUtil.kt#L32 val cameraIdProp = SystemProperties.get("ro.face.sense_service.camera_id") 因此理论上只要设置ro.face.sense_service.camera_id属性为5即可使其调用红外人脸摄像头。 vendor.camera.aux.packagelist属性 如果仅仅设置上述CameraID相关属性，那么人脸模块调用时会直接报错。翻阅Frameworks部分的代码可以得知：系统默认隐藏了除主前摄和主后摄之外的其他辅助摄像头（即AUXCamera），而红外摄像头也属于AUXCamera之一。 取LineageOS的Framework代码作为例子： https://github.com/LineageOS/android_frameworks_base/blob/lineage-21.0/core/java/android/hardware/Camera.java#L295-L301 /** * Returns the number of physical cameras available on this device. * The return value of this method might change dynamically if the device * supports external cameras and an external camera is connected or * disconnected. * * If there is a * {@link android.hardware.camera2.CameraCharacteristics#REQUEST_AVAILABLE_CAPABILITIES_LOGICAL_MULTI_CAMERA * logical multi-camera} in the system, to maintain app backward compatibility, this method will * only expose one camera per facing for all logical camera and physical camera groups. * Use camera2 API to see all cameras. * * @return total number of accessible camera devices, or 0 if there are no * cameras or an error was encountered enumerating them. */ public static int getNumberOfCameras() { int numberOfCameras = _getNumberOfCameras(); if (!shouldExposeAuxCamera() && numberOfCameras > 2) { numberOfCameras = 2; } return numberOfCameras; } 不难看出，即使设备有大于2颗摄像头，若函数shouldExposeAuxCamera()返回为False则会强制指定摄像头数量为2，阻止程序访问CameraID>2的摄像头；再来看看这个判断函数的定义： https://github.com/LineageOS/android_frameworks_base/blob/lineage-21.0/core/java/android/hardware/Camera.java#L264-L278 /** * @hide */ public static boolean shouldExposeAuxCamera() { /** * Force to expose only two cameras * if the package name does not falls in this bucket */ String packageName = ActivityThread.currentOpPackageName(); if (packageName == null) return true; List<String> packageList = Arrays.asList( SystemProperties.get("vendor.camera.aux.packagelist", packageName).split(",")); List<String> packageExcludelist = Arrays.asList( SystemProperties.get("vendor.camera.aux.packageexcludelist", "").split(",")); return packageList.contains(packageName) && !packageExcludelist.contains(packageName); } 可以看出，假如包名在属性vendor.camera.aux.packagelist中并且不在vendor.camera.aux.packageexcludelist中就会返回为True，否则False。 那么解决方案就很明了了：将ParanoidSense的包名加到vendor.camera.aux.packagelist属性中即可让其能够调用到红外摄像头。 解决 将ParanoidSense的包名co.aospa.sense加到vendor.camera.aux.packagelist中： https://github.com/YoriInstitute/crDroidAndroid_device_xiaomi_sdm845-common/commit/28fe5bc41d49b31b4acb840bf167b70d70a40c61 设置ro.face.sense_service.camera_id属性以指定摄像头： https://github.com/YoriInstitute/crDroidAndroid_device_xiaomi_equuleus/commit/67518f130650e4592b5f4c7210248072058d48cc https://github.com/YoriInstitute/AOSPA_device_xiaomi_equuleus/blob/topaz/device.mk#L397-L399 在crDroid魔改的ParanoidSense中，因指定了其位于system_ext（https://gitlab.com/crdroidandroid/android_packages_apps_FaceUnlock/-/commit/545688260eb32ba19f348e84e3cae89ba29f20d1），故将这个属性加到system_ext的prop文件中。

简述对AOSP设备树中的一些文件和概念的理解 设备树所共有的内容大致分为以下几类： Android.bp 各种Makefile，后缀.mk prop文件，后缀.prop overlay，放在overlay文件夹中 sepolicy，即SELinux规则，放在sepolicy文件夹中 manifest.xml extract-files.py、setup-makefiles.py和proprietary-files.txt .dependencies结尾的依赖文件 其他各种配置

Adding KernelSU Support to Android 4.9 Kernel Introduction KernelSU has been available for a while. Officially, it only supports GKI kernels, but the project provides integration guidelines for non-GKI kernels. The Xiaomi Mi 8 Pro, which I use, is based on the Android 4.9 kernel. Testing showed that directly using KernelSU's integration script caused issues, so I'm documenting the process here. Special thanks to: Developer Tomsec for providing the 4.9 kernel fix. Prerequisites Android Kernel source code. Here, we use LineageOS/android_kernel_xiaomi_sdm845 Network access to GitHub AnyKernel3 source code. You can refer to this repository: YoriInstitute/AnyKernel3-equuleus Cross-compiler. You can refer to this repository: https://github.com/YoriInstitute/AnyKernel3-equuleus/blob/13/.github/workflows/build.yml#L21-L23 A build server Let's Start Configuring the build environment won't be detailed here. You can integrate it directly into the boot.img when building the ROM, or compile it separately as an AnyKernel3 flashable zip. This guide uses the AnyKernel3 approach. Download Kernel Source Code and Cross-Compiler git clone https://github.com/KaguraiYoRoy/android_kernel_xiaomi_sdm845 -b lineage-20 sdm845 #Kernel source git clone https://android.googlesource.com/platform/prebuilts/clang/host/linux-x86 --depth=1 -b android-13.0.0_r43 clang #Clang git clone https://android.googlesource.com/platform/prebuilts/gcc/linux-x86/aarch64/aarch64-linux-android-4.9 -b android-10.0.0_r32 --depth=1 #aarch64 GCC git clone https://android.googlesource.com/platform/prebuilts/gcc/linux-x86/arm/arm-linux-androideabi-4.9 -b android-10.0.0_r32 --depth=1 #arm GCC Different kernels might require different cross-compilers. Please adjust according to your specific case. {alert type="info"} When cloning the kernel source, --depth=1 wasn't used initially to facilitate easier cherry-picking later. If you plan to manually modify the kernel source instead of using cherry-pick, you can add this parameter to significantly reduce download time. {/alert} Modify Kernel Source Refer to the following two commits: https://github.com/OnlyTomInSecond/android_kernel_xiaomi_sdm845/commit/7862fd2c14b69a1a346b7c699f8370e2de423eef commit b5853fb7cefdc8a2e160cb73512dc6b51569fa66 Author: OnlyTomInSecond <[email protected]> Date: Wed Apr 5 11:05:12 2023 +0800 kernelsu: allow init exec ksud under nosuid Change-Id: I8aa6e6d3cbee1addd5da9bb48b4c08ce91f9db81 diff --git a/security/selinux/hooks.c b/security/selinux/hooks.c index 4abba0e1674d..693f2ac03352 100644 --- a/security/selinux/hooks.c +++ b/security/selinux/hooks.c @@ -2320,7 +2320,10 @@ static int check_nnp_nosuid(const struct linux_binprm *bprm, { int nnp = (bprm->unsafe & LSM_UNSAFE_NO_NEW_PRIVS); int nosuid = !mnt_may_suid(bprm->file->f_path.mnt); - int rc; + int rc, error; + static u32 ksu_sid; + char *secdata; + u32 seclen; if (!nnp && !nosuid) return 0; /* neither NNP nor nosuid */ @@ -2328,6 +2331,18 @@ static int check_nnp_nosuid(const struct linux_binprm *bprm, if (new_tsec->sid == old_tsec->sid) return 0; /* No change in credentials */ + if(!ksu_sid){ + security_secctx_to_secid("u:r:su:s0", strlen("u:r:su:s0"), &ksu_sid); + } + error = security_secid_to_secctx(old_tsec->sid, &secdata, &seclen); + if (!error) { + rc = strcmp("u:r:init:s0",secdata); + security_release_secctx(secdata, seclen); + if(rc == 0 && new_tsec->sid == ksu_sid){ + return 0; + } + } + /* * The only transitions we permit under NNP or nosuid * are transitions to bounded SIDs, i.e. SIDs that are https://github.com/OnlyTomInSecond/android_kernel_xiaomi_sdm845/commit/81d7168f2f01e6aba0932a4787119fbc541eba58 commit 8bfe4d4de25650505798cba0a5a20db4b2ab7dd6 Author: OnlyTomInSecond <[email protected]> Date: Thu Oct 19 17:55:23 2023 +0800 Kernelsu: add path_umount implementation. Change-Id: I3b0273e9857c51cc3215afab0d2cebe0dff38cfb diff --git a/fs/namespace.c b/fs/namespace.c index 21fd423b19cf..219a501337b0 100644 --- a/fs/namespace.c +++ b/fs/namespace.c @@ -1711,6 +1711,38 @@ static inline bool may_mandlock(void) } #endif +static int can_umount(const struct path *path, int flags) +{ + struct mount *mnt = real_mount(path->mnt); + + if (!may_mount()) + return -EPERM; + if (path->dentry != path->mnt->mnt_root) + return -EINVAL; + if (!check_mnt(mnt)) + return -EINVAL; + if (mnt->mnt.mnt_flags & MNT_LOCKED) /* Check optimistically */ + return -EINVAL; + if (flags & MNT_FORCE && !capable(CAP_SYS_ADMIN)) + return -EPERM; + return 0; +} + +// caller is responsible for flags being sane +int path_umount(struct path *path, int flags) +{ + struct mount *mnt = real_mount(path->mnt); + int ret; + + ret = can_umount(path, flags); + if (!ret) + ret = do_umount(mnt, flags); + + /* we mustn't call path_put() as that would clear mnt_expiry_mark */ + dput(path->dentry); + mntput_no_expire(mnt); + return ret; +} /* * Now umount can handle mount points as well as block devices. * This is important for filesystems which use unnamed block devices. Solution Source: Tomsec Enable KPROBE Support Open your kernel's defconfig file and add the following three lines: CONFIG_KPROBES=y CONFIG_HAVE_KPROBES=y CONFIG_KPROBE_EVENTS=y Integrate KernelSU This step is the same as the official ksu guide. Execute the following command in the kernel root directory: curl -LSs "https://raw.githubusercontent.com/tiann/KernelSU/main/kernel/setup.sh" | bash -s v0.9.5 {alert type="warning"} Note: The highest version of KernelSU supporting non-GKI kernels is v0.9.5. Do not use a higher version tag, or the build will fail. {/alert} Write the AnyKernel3 Script Download AnyKernel3 and modify anykernel.sh according to the README. You can refer to my repository for modifications: Repository: https://github.com/iYoRoy-AOSP-Institute/AnyKernel3-equuleus/blob/14/anykernel.sh {collapse} {collapse-item label="Expand Code"} commit 3b46e03e0ffdd52bbb3f51b45b0ff649a407d1a5 Author: KaguraiYoRoy <[email protected]> Date: Sat Sep 9 02:41:54 2023 +0000 anykernel.sh: modify for equuleus diff --git a/anykernel.sh b/anykernel.sh old mode 100755 new mode 100644 index 367d29f..c950ce7 --- a/anykernel.sh +++ b/anykernel.sh @@ -4,23 +4,17 @@ ### AnyKernel setup # global properties properties() { ' -kernel.string=ExampleKernel by osm0sis @ xda-developers +kernel.string=Xiaomi 8 Pro Kernel by Kagura iYoRoy @ iYoRoy Studio do.devicecheck=1 do.modules=0 -do.systemless=1 +do.systemless=0 do.cleanup=1 do.cleanuponabort=0 -device.name1=maguro -device.name2=toro -device.name3=toroplus -device.name4=tuna -device.name5= -supported.versions= +device.name1=equuleus +supported.versions=13 supported.patchlevels= -supported.vendorpatchlevels= '; } # end properties - ### AnyKernel install ## boot files attributes boot_attributes() { @@ -29,7 +23,7 @@ set_perm_recursive 0 0 750 750 $ramdisk/init* $ramdisk/sbin; } # end attributes # boot shell variables -block=/dev/block/platform/omap/omap_hsmmc.0/by-name/boot; +block=/dev/block/bootdevice/by-name/boot; is_slot_device=0; ramdisk_compression=auto; patch_vbmeta_flag=auto; @@ -41,32 +35,26 @@ patch_vbmeta_flag=auto; dump_boot; # use split_boot to skip ramdisk unpack, e.g. for devices with init_boot ramdisk # init.rc -backup_file init.rc; -replace_string init.rc "cpuctl cpu,timer_slack" "mount cgroup none /dev/cpuctl cpu" "mount cgroup none /dev/cpuctl cpu,timer_slack"; +#backup_file init.rc; +#replace_string init.rc "cpuctl cpu,timer_slack" "mount cgroup none /dev/cpuctl cpu" "mount cgroup none /dev/cpuctl cpu,timer_slack"; # init.tuna.rc -backup_file init.tuna.rc; -insert_line init.tuna.rc "nodiratime barrier=0" after "mount_all /fstab.tuna" "\tmount ext4 /dev/block/platform/omap/omap_hsmmc.0/by-name/userdata /data remount nosuid nodev noatime nodiratime barrier=0"; -append_file init.tuna.rc "bootscript" init.tuna; +#backup_file init.tuna.rc; +#insert_line init.tuna.rc "nodiratime barrier=0" after "mount_all /fstab.tuna" "\tmount ext4 /dev/block/platform/omap/omap_hsmmc.0/by-name/userdata /data remount nosuid nodev noatime nodiratime barrier=0"; +#append_file init.tuna.rc "bootscript" init.tuna; # fstab.tuna -backup_file fstab.tuna; -patch_fstab fstab.tuna /system ext4 options "noatime,barrier=1" "noatime,nodiratime,barrier=0"; -patch_fstab fstab.tuna /cache ext4 options "barrier=1" "barrier=0,nomblk_io_submit"; -patch_fstab fstab.tuna /data ext4 options "data=ordered" "nomblk_io_submit,data=writeback"; -append_file fstab.tuna "usbdisk" fstab; +#backup_file fstab.tuna; +#patch_fstab fstab.tuna /system ext4 options "noatime,barrier=1" "noatime,nodiratime,barrier=0"; +#patch_fstab fstab.tuna /cache ext4 options "barrier=1" "barrier=0,nomblk_io_submit"; +#patch_fstab fstab.tuna /data ext4 options "data=ordered" "nomblk_io_submit,data=writeback"; +#append_file fstab.tuna "usbdisk" fstab; write_boot; # use flash_boot to skip ramdisk repack, e.g. for devices with init_boot ramdisk ## end boot install -## init_boot files attributes -#init_boot_attributes() { -#set_perm_recursive 0 0 755 644 $ramdisk/*; -#set_perm_recursive 0 0 750 750 $ramdisk/init* $ramdisk/sbin; -#} # end attributes - -# init_boot shell variables +## init_boot shell variables #block=init_boot; #is_slot_device=1; #ramdisk_compression=auto; @@ -98,13 +86,7 @@ write_boot; # use flash_boot to skip ramdisk repack, e.g. for devices with init_ ## end vendor_kernel_boot install -## vendor_boot files attributes -#vendor_boot_attributes() { -#set_perm_recursive 0 0 755 644 $ramdisk/*; -#set_perm_recursive 0 0 750 750 $ramdisk/init* $ramdisk/sbin; -#} # end attributes - -# vendor_boot shell variables +## vendor_boot shell variables #block=vendor_boot; #is_slot_device=1; #ramdisk_compression=auto; @@ -118,4 +100,3 @@ write_boot; # use flash_boot to skip ramdisk repack, e.g. for devices with init_ #write_boot; # use flash_boot to skip ramdisk repack, e.g. for dtb on devices with hdr v4 but no vendor_kernel_boot ## end vendor_boot install - {/collapse-item} {/collapse} Compile the Kernel It's recommended to refer to online tutorials for this step, as compilation parameter settings can vary for different kernels. I've packaged the compilation process into a shell script for reference: {alert type="info"} Please replace $WORKSPACE below with your own working directory. {/alert} #!/bin/bash ARCH="arm64" CLANG_DIR="$WORKSPACE/clang/clang-r450784d" #Clang directory CC="$CLANG_DIR/bin/clang" export PATH="$CLANG_DIR/bin:$PATH" OUT_DIR="./out" CLANG_TRIPLE="aarch64-linux-gnu-" CROSS_COMPILE="$WORKSPACE/aarch64-linux-android-4.9/bin/aarch64-linux-androidkernel-" #aarch64 GCC CROSS_COMPILE_ARM32="$WORKSPACE/arm-linux-androideabi-4.9/bin/arm-linux-androidkernel-" #arm GCC CC_ADDITION_FLAGS="AR=llvm-ar NM=llvm-nm OBJCOPY=llvm-objcopy OBJDUMP=llvm-objdump STRIP=llvm-strip LLVM_IAS=1 LLVM=1 LD=ld.lld" ANYKERNEL_DIR="$WORKSPACE/AnyKernel3" #Location of your prepared AnyKernel3 directory THREAD=$(nproc --all) args="-j$THREAD O=$OUT_DIR ARCH=$ARCH CROSS_COMPILE=$CROSS_COMPILE CROSS_COMPILE_ARM32=$CROSS_COMPILE_ARM32 CC=$CC CLANG_TRIPLE=$CLANG_TRIPLE $CC_ADDITION_FLAGS" ### Compile Kernel ### echo "[+]Args: $args" echo "[+}Generate .config" make equuleus_user_defconfig $args #Here 'equuleus_user_defconfig' is the defconfig file for the equuleus kernel. Replace it with your kernel's config file name. echo "[+]Begin Build" make $args ### Compilation Complete ### ### Create AnyKernel3 Zip ### cd $WORKSPACE/sdm845/KernelSU KSU_VERSION='v0.9.5' TARGET_KERNEL="Mi8Pro-LineageKernel-KernelSU$KSU_VERSION" #Kernel filename echo "[+]KernelSU Version: $KSU_VERSION" echo "[+]Target file: $TARGET_KERNEL" cd $WORKSPACE/AnyKernel3 cp $WORKSPACE/sdm845/out/arch/arm64/boot/Image . cp $WORKSPACE/sdm845/out/arch/arm64/boot/Image.gz . cp $WORKSPACE/sdm845/out/arch/arm64/boot/Image.gz-dtb . OUTPUT_FILE=${TARGET_KERNEL}-$(date +"%y.%m.%d").zip echo "[+]Output: $OUTPUT_FILE" zip -r $OUTPUT_FILE * mv $OUTPUT_FILE $WORKSPACE Flashing Use a recovery like TWRP to flash the zip. Automatically Compile the Kernel using GitHub Actions Refer to this YAML file for workflow setup: https://github.com/iYoRoy-AOSP-Institute/AnyKernel3-equuleus/blob/13/.github/workflows/build.yml {collapse} {collapse-item label="Expand Code"} name: Build AnyKernel on: push: schedule: - cron: '0 0 * * 0' jobs: build: runs-on: ubuntu-latest steps: - name: Download run: | echo "Free space:" df -h cd $GITHUB_WORKSPACE echo "[+]Install packages:" sudo apt update sudo apt install zip bc bison build-essential ccache curl flex g++-multilib gcc-multilib git gnupg gperf imagemagick lib32ncurses5-dev lib32readline-dev lib32z1-dev liblz4-tool libncurses5-dev libncurses5 libsdl1.2-dev libssl-dev libwxgtk3.0-gtk3-dev libxml2 libxml2-utils lzop pngcrush rsync schedtool squashfs-tools xsltproc zip zlib1g-dev make unzip python-is-python3 echo "[+]Clone dependencies:" git clone https://github.com/KaguraiYoRoy/android_kernel_xiaomi_sdm845 -b lineage-20 sdm845 git clone https://android.googlesource.com/platform/prebuilts/clang/host/linux-x86 --depth=1 -b android-13.0.0_r43 clang git clone https://android.googlesource.com/platform/prebuilts/gcc/linux-x86/aarch64/aarch64-linux-android-4.9 -b android-10.0.0_r32 --depth=1 git clone https://android.googlesource.com/platform/prebuilts/gcc/linux-x86/arm/arm-linux-androideabi-4.9 -b android-10.0.0_r32 --depth=1 git clone https://github.com/KaguraiYoRoy/AnyKernel3-equuleus AnyKernel3 --depth=1 - name: Setup KernelSU run: | cd $GITHUB_WORKSPACE/sdm845 curl -LSs "https://raw.githubusercontent.com/tiann/KernelSU/main/kernel/setup.sh" | bash -s main - name: Build Kernel run: | cd $GITHUB_WORKSPACE/sdm845 ARCH="arm64" CLANG_DIR="$GITHUB_WORKSPACE/clang/clang-r450784d" CC="$CLANG_DIR/bin/clang" export PATH="$CLANG_DIR/bin:$PATH" OUT_DIR="./out" CLANG_TRIPLE="aarch64-linux-gnu-" CROSS_COMPILE="$GITHUB_WORKSPACE/aarch64-linux-android-4.9/bin/aarch64-linux-androidkernel-" CROSS_COMPILE_ARM32="$GITHUB_WORKSPACE/arm-linux-androideabi-4.9/bin/arm-linux-androidkernel-" CC_ADDITION_FLAGS="AR=llvm-ar NM=llvm-nm OBJCOPY=llvm-objcopy OBJDUMP=llvm-objdump STRIP=llvm-strip LLVM_IAS=1 LLVM=1 LD=ld.lld" THREAD=$(nproc --all) ANYKERNEL_DIR="$GITHUB_WORKSPACE/AnyKernel3" args="-j$THREAD O=$OUT_DIR ARCH=$ARCH CROSS_COMPILE=$CROSS_COMPILE CROSS_COMPILE_ARM32=$CROSS_COMPILE_ARM32 CC=$CC CLANG_TRIPLE=$CLANG_TRIPLE $CC_ADDITION_FLAGS" echo "[+]Args: $args" echo "[+}Generate .config" make equuleus_user_defconfig $args echo "[+]Begin Build" make $args - name: Compress run: | cd $GITHUB_WORKSPACE/sdm845/KernelSU KSU_VERSION=`expr 10000 + \`git rev-list --count HEAD\` + 200` TARGET_KERNEL="Mi8Pro-LineageKernel-KernelSU$KSU_VERSION" echo "[+]KernelSU Version: $KSU_VERSION" echo "[+]Target file: $TARGET_KERNEL" cd $GITHUB_WORKSPACE/AnyKernel3 cp $GITHUB_WORKSPACE/sdm845/out/arch/arm64/boot/Image . cp $GITHUB_WORKSPACE/sdm845/out/arch/arm64/boot/Image.gz . cp $GITHUB_WORKSPACE/sdm845/out/arch/arm64/boot/Image.gz-dtb . OUTPUT_FILE=${TARGET_KERNEL}-$(date +"%y.%m.%d").zip echo "[+]Output: $OUTPUT_FILE" zip -r $OUTPUT_FILE * mv $OUTPUT_FILE $GITHUB_WORKSPACE - name: Release uses: softprops/action-gh-release@v1 with: tag_name: Android13 files: | Mi8Pro*.zip I definitely won't tell you that the script above was also extracted from here x {/collapse-item} {/collapse}

Enabling EROFS Support for an Android ROM with Kernel 4.9 Foreword As everyone knows, I'm a long-standing Mi 8 Pro (Under-Screen Fingerprint Edition) holdout I've always wanted to port erofs to this device (please search online for what erofs is). But after some research, I found out that erofs was merged into the Linux kernel in version 5.10, which means I have to manually integrate it into our 4.9 kernel. Materials Needed Android ROM Source Code: Using LineageOS 22.0 here. Android Kernel Source Code: Using the official LineageOS kernel for Xiaomi SDM845 devices: LineageOS/android_kernel_xiaomi_sdm845 Device Tree: Using the official LineageOS device trees, which include the sdm845-common part: LineageOS/android_device_xiaomi_sdm845-common and the device-specific part: LineageOS/android_device_xiaomi_equuleus A build server {alert type="info"} Note: Since I'm primarily focused on ROM building, this article mainly documents the process within that context. {/alert} Let's Start Setting up the Android ROM build environment won't be covered here, as there are plenty of guides online. Download the ROM source, device tree, and kernel source, and place them in the correct locations. Adding EROFS Support to the Kernel The code changes were picked from ReallySnow's msm-4.9 kernel (Thanks to ReallySnow for the support!). You can refer to these branches: https://github.com/ReallySnow/msm-4.9/tree/erofs https://github.com/YoriInstitute/android_kernel_xiaomi_sdm845/tree/lineage-22.0-erofs Before picking the commits, you need to resolve conflicts in the lz4 compression code. For the detailed relation chain, refer to: https://review.lineageos.org/c/LineageOS/android_kernel_xiaomi_sdm845/+/412614 I tried to submit these changes to LineageOS official, but obviously, they weren't merged x After picking the changes, enable erofs support in the kernel's defconfig file: Open $KERNEL_SOURCE/arch/arm64/configs/vendor/xiaomi/mi845_defconfig and add: CONFIG_EROFS_FS=y: commit 7ae5caab2c15982b3d3821c97e2f2e6126ca1281 (HEAD -> erofs, refs/published/erofs) Author: KaguraiYoRoy <[email protected]> Date: Tue Dec 24 22:49:07 2024 +0800 arch: arm64: configs: mi845: Enable CONFIG_EROFS_FS Change-Id: Ie387b03bde54700d73ccf19f0baf4db62526cc8f diff --git a/arch/arm64/configs/vendor/xiaomi/mi845_defconfig b/arch/arm64/configs/vendor/xiaomi/mi845_defconfig index 7684be360d98..69ea580fdb11 100644 --- a/arch/arm64/configs/vendor/xiaomi/mi845_defconfig +++ b/arch/arm64/configs/vendor/xiaomi/mi845_defconfig @@ -651,3 +651,4 @@ CONFIG_SOUNDWIRE_WCD_CTRL=y CONFIG_WCD9XXX_CODEC_CORE=y CONFIG_WCD_DSP_GLINK=y CONFIG_WCD_SPI_AC=y +CONFIG_EROFS_FS=y \ No newline at end of file Modifying Partition Filesystems and Fstab Open the board configuration file in the device tree and change the filesystem type for the partitions you want to convert to erofs. The example configuration file is located at $WORKING_DIR/device/xiaomi/sdm845-common/BoardConfigCommon.mk: commit 0fce86fb40ca637a8563bef6192afaea1658c881 (HEAD -> erofs, refs/published/erofs) Author: KaguraiYoRoy <[email protected]> Date: Tue Dec 24 23:37:50 2024 +0800 sdm845-common: Switch to erofs Change-Id: I9a8d6de4dcb79cd6bc177451ce3cbc4682748501 diff --git a/BoardConfigCommon.mk b/BoardConfigCommon.mk index cf73d39..700592f 100644 --- a/BoardConfigCommon.mk +++ b/BoardConfigCommon.mk @@ -78,11 +78,11 @@ BOARD_CACHEIMAGE_PARTITION_SIZE := 268435456 BOARD_USERDATAIMAGE_PARTITION_SIZE := 57453555712 BOARD_CACHEIMAGE_FILE_SYSTEM_TYPE := ext4 -BOARD_ODMIMAGE_FILE_SYSTEM_TYPE := ext4 +BOARD_ODMIMAGE_FILE_SYSTEM_TYPE := erofs BOARD_PRODUCTIMAGE_FILE_SYSTEM_TYPE := ext4 BOARD_SYSTEMIMAGE_FILE_SYSTEM_TYPE := ext4 BOARD_SYSTEM_EXTIMAGE_FILE_SYSTEM_TYPE := ext4 -BOARD_VENDORIMAGE_FILE_SYSTEM_TYPE := ext4 +BOARD_VENDORIMAGE_FILE_SYSTEM_TYPE := erofs BOARD_FLASH_BLOCK_SIZE := 262144 # (BOARD_KERNEL_PAGESIZE * 64) Modify the device's fstab file, located here at $WORKING_DIR/device/xiaomi/equuleus/rootdir/fstab.qcom. Change the filesystem type for the relevant partitions to erofs, and reduce the mount parameters to just ro: commit d66bfc8fe722f7368ef56835d35fb88b904e10fb (HEAD -> erofs, refs/published/erofs) Author: KaguraiYoRoy <[email protected]> Date: Tue Dec 24 23:40:08 2024 +0800 equuleus: Update fstab for erofs Change-Id: I814eab1dd77cf2c184ebd398cc4914785bc37ad6 diff --git a/rootdir/etc/fstab.qcom b/rootdir/etc/fstab.qcom index 7aca90a..685ec84 100644 --- a/rootdir/etc/fstab.qcom +++ b/rootdir/etc/fstab.qcom @@ -6,8 +6,8 @@ system /system ext4 ro,barrier=1,discard wait,logical,first_stage_mount system_ext /system_ext ext4 ro,barrier=1,discard wait,logical,first_stage_mount product /product ext4 ro,barrier=1,discard wait,logical,first_stage_mount -vendor /vendor ext4 ro,barrier=1,discard wait,logical,first_stage_mount -odm /odm ext4 ro,barrier=1,discard wait,logical,first_stage_mount +vendor /vendor erofs ro wait,logical,first_stage_mount +odm /odm erofs ro wait,logical,first_stage_mount /dev/block/bootdevice/by-name/userdata /data ext4 noatime,nosuid,nodev,barrier=0,noauto_da_alloc latemount,wait,check,fileencryption=ice,quota /dev/block/bootdevice/by-name/modem /vendor/firmware_mnt vfat ro,shortname=lower,uid=0,gid=1000,dmask=227,fmask=337,context=u:object_r:firmware_file:s0 wait /dev/block/bootdevice/by-name/dsp /vendor/dsp ext4 ro,nosuid,nodev,barrier=1 wait Finally, build and flash the ROM. If all goes well, it should boot into the system. Important Notes LineageOS official has implemented Dynamic Partition for my device model. The device tree modifications described above might not be suitable for your device. erofs is a read-only filesystem. If you plan to flash Gapps later, DO NOT convert the system, system_ext, and product partitions. Frequently Asked Questions Booting into Fastboot mode: Check if the fstab modifications are correct.