The creator of the popular SuperSU and CF-Auto-Root tools has been quite vocal about his concerns regarding changes in the Android Open Source Project that affect rooting on Android. Now that Android 4.4.3, or 4.5, could just be around the corner, Chainfire is raising some potential issues that could change or even break the way devs and users approach root access on Android.
Ironically, all of the issues originate from Android’s adoption of SELinux, a framework that exists in order to to enhance security on Linux systems, which Android is ultimately based on. However, for the sake of making the platform more secure and robust even for Regular Joe, Android implements some very restrictive SELinux policies that would inevitably block how apps gain root access on Android. Chainfire has already warned about these things as early as January this year, but since then things haven’t exactly changed for the better.
Examining the AOSP source code changes, Chainfire noticed many changes, not all of them good. SELinux has been strengthened even further and the old ways of executing processes as privileged (root) users no longer work, nor does the old way of communicating with other processes. For the programmers in the crowd, Chainfire has updated his root guide to include the new methods that can be exploited. However, a new obstacle to worry-free rooting has entered the scene, this one less escapable than SELinux. This new character on stage is ART, the new Android Runtime. Thanks to a lethal combination of SELinux changes and ART’s own youth, in terms of being a Dalvik replacement, apps running on ART that try to call code they aren’t normally allowed to can cause the whole Android system to crash and reboot. And not only that, it will cause ART to once again re-optimize all Java packages, which could take some length of time.
There is some light at the end of the tunnel, however faint it may be. Chainfire has updated, but not formally released, a new version of SuperSU that already works on the latest AOSP builds. There is also the fact that AOSP doesn’t necessarily equate to Android 4.4.3 and there is a possibility that there will be changes in the final Android release, though the chances of that are pretty slim. Finally, getting around the potential ART crash is possible. Developers would have to immediately test their root-using apps against ART and adjust accordingly, while end users who use root apps should temporarily switch to using Dalvik once Android 4.4.3 rolls out, at least until the root apps they use have been updated.