Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Banking apps not working #651

Closed
lippling opened this issue Sep 10, 2021 · 11 comments
Closed

Banking apps not working #651

lippling opened this issue Sep 10, 2021 · 11 comments
Labels
enhancement New feature or request

Comments

@lippling
Copy link

I have installed different banking apps which generate TANs in addition to > 50 apps which are all are working perfectly so it must be an issue with these individual apps.

Google Play Services are also installed and I also tried a second profile where I didn't install Google Play Services. No difference.

de.fiduciagad.securego.vr: logo
com.starfinanz.mobile.android.dkbpushtan: blank screen
de.fiducia.smartphone.android.securego.vr: blank screen
de.postbank.bestsign: works perfectly

Can I somehow provide additional help as these apps are important to me and this issue forces me to still use my iPhone.
@thestinger thestinger added the enhancement New feature or request label Sep 10, 2021
@thestinger
Copy link
Member

You'll need to gather logs with either the developer options bug report capture tool or adb logcat in order for us to do something about this. We need the logs from when the app is launched until the point that it internally crashes or stalls. It's likely that whatever is wrong with them can be determined from the logs. It's possible that the compatibility layer could be extended to support them.

@thestinger
Copy link
Member

If you use the bug report capture tool, note that it captures a huge amount of data including sensitive data. You can either extract the relevant logs from the zip file it generates yourself or send the zip to us over Matrix or via an email to contact@grapheneos.org. You're free to remove nearly all the information from the zip. Only the logs are relevant, which are in a single dedicated text file, and we really only need the logs for where the app is launched.

@lippling
Copy link
Author

So, for example like this? I filtered the output with de.fiduciagad.securego.vr:

2021-09-10 12:27:17.184 1659-1824/? I/ActivityManager: Start proc 9637:de.fiduciagad.securego.vr/u0a257 for top-activity {de.fiduciagad.securego.vr/de.fiduciagad.securego.MainActivity}
2021-09-10 12:27:05.419 1659-2060/? I/ActivityTaskManager: START u0 {act=android.intent.action.MAIN cat=[android.intent.category.LAUNCHER] flg=0x10200000 cmp=de.fiduciagad.securego.vr/de.fiduciagad.securego.MainActivity bnds=[37,1616][238,1956]} from uid 10155
2021-09-10 12:27:05.476 1659-1824/? I/ActivityManager: Start proc 8813:de.fiduciagad.securego.vr/u0a257 for pre-top-activity {de.fiduciagad.securego.vr/de.fiduciagad.securego.MainActivity}
2021-09-10 12:27:05.597 8813-8813/? W/Zygote: Can't access app profile directory: /data_mirror/cur_profiles/0/de.fiduciagad.securego.vr
2021-09-10 12:27:05.810 8813-8813/? W/gad.securego.vr: type=1400 audit(0.0:23017): avc: denied { read } for name="u:object_r:device_config_runtime_native_boot_prop:s0" dev="tmpfs" ino=27523 scontext=u:r:untrusted_app:s0:c1,c257,c512,c768 tcontext=u:object_r:device_config_runtime_native_boot_prop:s0 tclass=file permissive=0 app=de.fiduciagad.securego.vr
2021-09-10 12:27:05.820 8813-8813/? W/gad.securego.vr: type=1400 audit(0.0:23021): avc: denied { lock } for path="/apex/com.android.art/javalib/arm64/boot.art" dev="dm-12" ino=139 scontext=u:r:untrusted_app:s0:c1,c257,c512,c768 tcontext=u:object_r:system_file:s0 tclass=file permissive=0 app=de.fiduciagad.securego.vr
2021-09-10 12:27:05.975 8813-8813/? D/de.fiduciagad.securego.vr: Time zone APEX ICU file found: /apex/com.android.tzdata/etc/icu/icu_tzdata.dat
2021-09-10 12:27:05.976 8813-8813/? D/de.fiduciagad.securego.vr: I18n APEX ICU file found: /apex/com.android.i18n/etc/icu/icudt66l.dat
2021-09-10 12:27:06.011 8813-8813/? W/de.fiduciagad.securego.vr: JNI RegisterNativeMethods: attempt to register 0 native methods for android.media.AudioAttributes
2021-09-10 12:27:06.399 8813-8813/? W/de.fiduciagad.securego.vr: Insufficient pre-allocated space to mmap vdex.
2021-09-10 12:27:06.529 1659-6183/? I/ActivityManager: Process de.fiduciagad.securego.vr (pid 8813) has died: fg  TOP 
2021-09-10 12:27:06.561 1659-1824/? I/ActivityManager: Start proc 8848:de.fiduciagad.securego.vr/u0a257 for top-activity {de.fiduciagad.securego.vr/de.fiduciagad.securego.MainActivity}
2021-09-10 12:27:06.565 8848-8848/? W/Zygote: Can't access app profile directory: /data_mirror/cur_profiles/0/de.fiduciagad.securego.vr
2021-09-10 12:27:06.747 8848-8848/? D/de.fiduciagad.securego.vr: Time zone APEX ICU file found: /apex/com.android.tzdata/etc/icu/icu_tzdata.dat
2021-09-10 12:27:06.747 8848-8848/? D/de.fiduciagad.securego.vr: I18n APEX ICU file found: /apex/com.android.i18n/etc/icu/icudt66l.dat
2021-09-10 12:27:06.765 8848-8848/? W/de.fiduciagad.securego.vr: JNI RegisterNativeMethods: attempt to register 0 native methods for android.media.AudioAttributes
2021-09-10 12:27:06.912 8848-8848/? W/de.fiduciagad.securego.vr: Insufficient pre-allocated space to mmap vdex.
2021-09-10 12:27:06.926 8848-8848/? W/gad.securego.vr: type=1400 audit(0.0:23054): avc: granted { execute } for path="/data/app/~~XLuUDinT1_XgtLOoL3oZfg==/de.fiduciagad.securego.vr-kM4L_mJqGcYmxYbS9yhI7Q==/lib/arm64/libmekjoijjbeip.so" dev="dm-16" ino=18675 scontext=u:r:untrusted_app:s0:c1,c257,c512,c768 tcontext=u:object_r:apk_data_file:s0 tclass=file app=de.fiduciagad.securego.vr
2021-09-10 12:27:06.940 8848-8848/? W/gad.securego.vr: type=1400 audit(0.0:23055): avc: granted { execmem } for scontext=u:r:untrusted_app:s0:c1,c257,c512,c768 tcontext=u:r:untrusted_app:s0:c1,c257,c512,c768 tclass=process app=de.fiduciagad.securego.vr
2021-09-10 12:27:06.940 8848-8848/? W/gad.securego.vr: type=1400 audit(0.0:23056): avc: granted { execute } for path="/data/app/~~XLuUDinT1_XgtLOoL3oZfg==/de.fiduciagad.securego.vr-kM4L_mJqGcYmxYbS9yhI7Q==/lib/arm64/libmekjoijjbeip.so" dev="dm-16" ino=18675 scontext=u:r:untrusted_app:s0:c1,c257,c512,c768 tcontext=u:object_r:apk_data_file:s0 tclass=file app=de.fiduciagad.securego.vr
2021-09-10 12:27:06.970 8848-8848/? W/gad.securego.vr: type=1400 audit(0.0:23057): avc: granted { execute } for path="/data/app/~~XLuUDinT1_XgtLOoL3oZfg==/de.fiduciagad.securego.vr-kM4L_mJqGcYmxYbS9yhI7Q==/lib/arm64/libmekjoijjbeip.so" dev="dm-16" ino=18675 scontext=u:r:untrusted_app:s0:c1,c257,c512,c768 tcontext=u:object_r:apk_data_file:s0 tclass=file app=de.fiduciagad.securego.vr
2021-09-10 12:27:06.983 8848-8848/? W/gad.securego.vr: type=1400 audit(0.0:23058): avc: denied { read } for name="ptrace_scope" dev="proc" ino=663742 scontext=u:r:untrusted_app:s0:c1,c257,c512,c768 tcontext=u:object_r:proc_security:s0 tclass=file permissive=0 app=de.fiduciagad.securego.vr
2021-09-10 12:27:07.010 1659-2061/? I/ActivityManager: Process de.fiduciagad.securego.vr (pid 8848) has died: fg  TOP

@thestinger
Copy link
Member

I don't really see a critical error there. Can you try to get all the nearby logs rather than filtering it that way?

@flawedworld
Copy link
Member

flawedworld commented Sep 10, 2021
edited

Please enable the "Native debugging toggle" in Settings under Security. That may fix the app you posted a log for. @lippling

@thestinger
Copy link
Member

It looks like it's just trying to read the sysctl value rather than actually trying to use ptrace. It could be dying because of using ptrace but it's not shown in the log.

@lippling
Copy link
Author

Wow. It works. Thanks!

But why? What are the implications of this setting?

@thestinger
Copy link
Member

Are all of them working fine?

Native debugging disables native code debugging via ptrace for tracing processes. It's normally used by developers but some apps use it as an incredibly weak form of anti-debugging / anti-tampering.

Glad this is working for you now.

@lippling
Copy link
Author

Yes, all apps are working now.

So it makes sense to enable Native debugging only while using these apps as disabling Native debugging increases security?

@thestinger
Copy link
Member

Disabling native debugging improves the app sandbox and sandboxing elsewhere in the OS. It's up to you if you consider it worthwhile to disable it when you aren't using them. GrapheneOS leaves it enabled by default and just provides the option to disable it since it's a nice way of improving sandboxing and protecting against local privilege escalation. It's not a huge security benefit. It just disables the ability to use the ptrace system call which occasionally has vulnerabilities, and can also provide an attacker with lateral movement between processes within the same sandbox. For example, apps often run something in a separate process within their app sandbox rather than within a nested isolatedProcess sandbox (nested sandboxing isn't broadly used outside Chromium) and native debugging provides a way for an attacker who compromises that separate process to directly gain control of the main app process.

It's simply a global toggle right now because in theory it should only be needed by developers who need to do debugging. It's unfortunate that there are apps using native code debugging as a strange way of trying to put up barriers to analysis of the apps. They aren't really accomplishing anything by doing that beyond slightly annoying security researchers who look into the apps.

@lippling
Copy link
Author

Ok, thanks for your detailed answer. Very much appreciated.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
enhancement New feature or request
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@lippling @thestinger @flawedworld