Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Please do a graceful/normal shutdown #13

Open
rugk opened this issue May 10, 2016 · 11 comments
Open

Please do a graceful/normal shutdown #13

rugk opened this issue May 10, 2016 · 11 comments

Comments

@rugk
Copy link

rugk commented May 10, 2016
edited
Loading

Instead of - somekind of - "unplug" the device from battery could you just do a graceful/normal shutdown?

Otherwise it not only looks like a system crash it also seems to cause issues like this: #12

And I see no reasons for such a drastic shutdown method. During shutdown an attacker cannot unlock the device anyway...
@rugk rugk changed the title Please do a graceful/normal shutdown? Please do a graceful/normal shutdown May 10, 2016
@rugk rugk mentioned this issue May 10, 2016
Open
@xmikos
Copy link
Owner

xmikos commented Sep 1, 2016

I can't agree with this. If there is some sort of attack, I prefer shutdown to be as quick as possible. I would rather see some battery stats issue after reboot than giving attacker more opportunity to continue with attack. There could be e.g. some exploit found in graceful shutdown code in the future (yes, it is unlikely, but like I said I prefer shutdown to be as quick as possible).

@rugk
Copy link
Author

rugk commented Sep 1, 2016

than giving attacker more opportunity to continue with attack.

But they don't have any opportunity as nothing can be done to prevent the shutdown or to unlock the device when it is shutting down AFAIK.

@gene-pavlovsky
Copy link

I wonder if using reboot -p has the potential of harming the phone. E.g. the file systems don't get unmounted properly (or are they)?, etc.
According to this page, reboot -p command can be changed to am broadcast android.intent.action.ACTION_SHUTDOWN && sleep 5 && reboot -p, notifying apps about the impending shutdown. But I'm not sure this is enough time and if the filesystems will be unmounted?

@rugk
Copy link
Author

rugk commented Oct 13, 2016

At least it is a try, is not it?

@gene-pavlovsky
Copy link

I've checked logcat and am broadcast android.intent.action.ACTION_SHUTDOWN alone does warn apps about the shutdown, but doesn't actually shutdown (hence the && sleep 5 && reboot -p).

@gene-pavlovsky
Copy link

To do a regular reboot (same as if reboot is done from the Power button menu), the command is am start -a android.intent.action.REBOOT. I really wonder what is the -a option since it's not mentioned in the am's docs or it's built-in help. But reboot doesn't work without -a.

@gene-pavlovsky
Copy link

I've found some info on the safety of reboot -p with regards to the filesystems.
Both AOSP and Cyanogenmod do sync and emergency remount read-only (using the same mechanism as the magic SysRq-U) all the filesystems.
See comments before the remount_ro function. Here's the rationale behind this:
https://android.googlesource.com/platform/system/core/+/e3aeeb4de34dbb93e832e6554f494122ba633f3b
It looks to me like it would be quite safe to give apps a few seconds (is 5 enough?) to save their data, then just reboot -p.
I think it's more reliable than a regular reboot (using am start), which, if added, should be an option.

@DJCrashdummy
Copy link

DJCrashdummy commented Nov 5, 2017
edited
Loading

@gene-pavlovsky thanks for all the interesting research, you did!

so what shutdown-procedure do you suggest to use? special android-commands? with sync before or not, and which command for actual shutdown?
i use Wrong PIN Shutdown where the command can be modified, so i'm very interested in this. maybe have a look at the similar discussion there.

@xmikos may i suggest to simply give the possibility to change the command (maybe with corresponding warning, readme, links to recourses) by advanced users like Wrong PIN Shutdown does.

@gene-pavlovsky
Copy link

In the end I started using Automagic for various things, and the functionality of SnooperStopper is easily replicated as an Automagic flow. I'm just using "Reboot" Automagic action (requires root).

@DJCrashdummy
Copy link

well... i want to neither use non-FOSS software, nor have playstore installed! - so this is not an option for me.

if i understand this right, you are now using a predefined reboot-function of a proprietary app, where you don't even have an idea which command(s) are used...? 😕

@gene-pavlovsky
Copy link

gene-pavlovsky commented Nov 10, 2017
edited
Loading

I see and respect your point. Wish I was that strong principled on this.
Yes you understand me right.
If I was writing a reboot script myself (which is also an option with Automagic, just I'm lazy), I would do something like:

am broadcast android.intent.action.ACTION_SHUTDOWN
sleep 5
reboot -p

You might want to increase the sleep duration, personally I wouldn't worry too much about this stuff, considering my phone spuriously reboots all by itself for unknown reasons once a month or so, and I didn't notice any harm done or loss of data in my apps :)

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
4 participants
@gene-pavlovsky @xmikos @rugk @DJCrashdummy