mer-hybris / bluebinder Goto Github PK
View Code? Open in Web Editor NEWbluebinder is a simple proxy for using android binder based bluetooth through vhci.
bluebinder is a simple proxy for using android binder based bluetooth through vhci.
Seems like an issue similar to #20 is back again on the same device:
I could only do this with a screen shot, since I needed the device to work normally and so rebooted. Also fishy are 10% of mem usage for bluebinder.
I hope the issue lies here. Let me know if not. Carwhisperer works with external bluetooth adapter, however it doesn't work with bluebinder (and internal vhci). It supposed to listen or inject sound into bluetooth devices with less security through SCO channel.
I tried various devices and also tried to find kernel differences. Spent way too many time on it :)
My bet is that if the kernel lets all packet types for external bt, there may be a solution on bluebinder side. Do you have any idea on this, is there restrictions through bluebinder, or from android bluetooth? Looking at btmon, my SCO transmission fails after packet types are changed, here's a screenshot of the log. Let me know if you'd like to see both external, or bluebinder btmon logs.
Hi, we are struggling with one of the NetHunter supported device: Nexus 6P (oreo, and lineage17.1 too). (VHCI, UART H4, IPC_BINDER enabled)
Looks like there are no [email protected] on there. Do you have any suggests where to look at or what can usually replace that? That's what we can see:
kali:/ # find / -name android.hardware.bluetooth* 2>/dev/null
/sbin/.magisk/mirror/vendor/lib/hw/[email protected]
/sbin/.magisk/mirror/vendor/lib64/hw/[email protected]
/data/local/nhsystem/kali-arm64/system/etc/permissions/android.hardware.bluetooth_le.xml
/data/local/nhsystem/kali-arm64/system/lib/[email protected]
/data/local/nhsystem/kali-arm64/system/lib/[email protected]
/data/local/nhsystem/kali-arm64/system/lib/[email protected]
/data/local/nhsystem/kali-arm64/system/lib64/[email protected]
/data/local/nhsystem/kali-arm64/system/lib64/[email protected]
/data/local/nhsystem/kali-arm64/system/lib64/[email protected]
/vendor/lib/hw/[email protected]
/vendor/lib64/hw/[email protected]
/system/etc/permissions/android.hardware.bluetooth_le.xml
/system/lib/[email protected]
/system/lib/[email protected]
/system/lib/[email protected]
/system/lib64/[email protected]
/system/lib64/[email protected]
/system/lib64/[email protected]
With the SHIFT 6mq, Ubuntu Touch as OS I get these logs all the time:
01-24 10:38:49.464 235 1225 I [email protected]_handler: ProcessIbsCmd: Received IBS_SLEEP_IND: 0xFE
01-24 10:38:49.464 235 1225 D [email protected]_handler: SerialClockVote: vote for UART CLK OFF
01-24 10:38:49.493 235 1225 I [email protected]_handler: ProcessIbsCmd: Received IBS_WAKE_IND: 0xFD
01-24 10:38:49.493 235 1225 D [email protected]_handler: SerialClockVote: vote for UART CLK ON
01-24 10:38:49.493 235 1225 I [email protected]_handler: ProcessIbsCmd: Writing IBS_WAKE_ACK
01-24 10:38:49.536 235 1225 I [email protected]_handler: ProcessIbsCmd: Received IBS_SLEEP_IND: 0xFE
01-24 10:38:49.536 235 1225 D [email protected]_handler: SerialClockVote: vote for UART CLK OFF
01-24 10:38:49.543 235 1225 I [email protected]_handler: ProcessIbsCmd: Received IBS_WAKE_IND: 0xFD
01-24 10:38:49.543 235 1225 D [email protected]_handler: SerialClockVote: vote for UART CLK ON
01-24 10:38:49.543 235 1225 I [email protected]_handler: ProcessIbsCmd: Writing IBS_WAKE_ACK
A closer inspection with strace in bluebinder yields:
[pid 4512] ppoll([{fd=4, events=POLLIN|POLLERR|POLLHUP|POLLNVAL}, {fd=5, events=POLLIN|POLLERR|POLLHUP|POLLNVAL}], 2, NULL, NULL, 0) = 1 ([{fd=4, revents=POLLIN}])
[pid 4512] ioctl(4, BINDER_WRITE_READ, 0x7f8c2b87c8) = 0
[pid 4512] write(3, "\1\0\0\0\0\0\0\0", 8) = 8
[pid 4504] <... ppoll resumed> ) = 1 ([{fd=3, revents=POLLIN}])
[pid 4512] ppoll([{fd=5, events=POLLIN|POLLERR|POLLHUP|POLLNVAL}, {fd=8, events=POLLIN|POLLERR|POLLHUP|POLLNVAL}], 2, NULL, NULL, 0 <unfinished ...>
[pid 4504] read(3, "\1\0\0\0\0\0\0\0", 16) = 8
[pid 4504] write(10, "\4>+\2\1\3\1\302;7\365\2016\37\2\1\32\3\3o\375\27\26o\375^\210h\315#Y\244"..., 46) = -1 ENXIO (No such device or address)
[pid 4504] write(2, "Writing packet to device failed:"..., 59) = 59
[pid 4504] write(9, "*", 1 <unfinished ...>
[pid 4512] <... ppoll resumed> ) = 1 ([{fd=8, revents=POLLIN}])
[pid 4504] <... write resumed> ) = 1
[pid 4512] read(8, <unfinished ...>
[pid 4504] ppoll([{fd=3, events=POLLIN}, {fd=10, events=POLLIN}], 2, NULL, NULL, 0 <unfinished ...>
[pid 4512] <... read resumed> "*", 1) = 1
[pid 4512] ioctl(4, BINDER_WRITE_READ, 0x7f8c2b86d8) = 0
[pid 4512] ioctl(4, BINDER_WRITE_READ, 0x7f8c2b8678) = 0
[pid 4512] ioctl(4, BINDER_WRITE_READ, 0x7f8c2b8678) = 0
[pid 4512] ioctl(4, BINDER_WRITE_READ, 0x7f8c2b8758) = 0
So bluebinder is relaying writes to devices that are no longer visible. Also it does not matter if Bluetooth is turned on or of. This behaviour will slowly build up after boot since more and more devices are seen.
This is unique to that device so far, but its also my first Android 10 device. Any hint for debugging welcome!
Failed to open /dev/vhci deviceUnable to open virtual device
In some cases, only ro.vendor.bt.bdaddr_path property is existent. This causes bluebinder_post.sh not finding Bluetooth address and killing bluebinder.
Hello all, I am attempting to run bluebinder on a Oneplus 7 Pro running Kali Nethunter. The kernel I am using has VHCI, UART H4, BinderFS. The plan was to use Bluebinder with the VHCI to have Nethunter recognize the internal BT radio as hci0. I am running into an issue with getting bluebinder to run. When ran in the kali chroot terminal I receive the following error:
Failed to connect to bluetooth binder service.
GLib- Critical g_main_loop quit: assertion 'loop != NULL'failed
Glib- Critical g_io_channel_shutdown: assertion 'channel != NULL'failed
GLib- Critical g_io_channel_unref: assertion 'channel != NULL'failed
Any idea what the cause might be?
Can you please let me know where and how Bluez interacts with /dev/vhci?I understand the remaining part where bluebinder picks up the HCI frames received from /dev/vhci and invokes the HAL functions.
But I am not getting how and where Bluez interacts with /dev/vhci?
One the Oneplus 6T users report device freezes (obviously kernel crashes) with the latest Bluebinder. See here: https://paste.myself5.de/kayoxowope.yaml
Currently if Bluetooth is toggled off from UI the device will still be discoverable by other devices afterwards. I assume this for example causes my BT headset to stay connected for up to ~20 seconds before it disconnects properly (presumably due to it realizing there is no more data being transmitted either way).
Some more details on HelloVolla/ubuntu-touch-beta-tests#91.
Please set the full version in SPEC file as a part of the release. Right now we have 1.0 for 1.0.12
A declarative, efficient, and flexible JavaScript library for building user interfaces.
๐ Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. ๐๐๐
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google โค๏ธ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.