As I’m currently the maintainer/builder of some Lenovo P2 (kuntao) custom ROMs (mostly LineageOS (LOS) unofficial), I wanted to have a word with our community regarding the recent kernel ban issued by Google.
In a given time between January and February 2024, Google issued a ban on some (maybe many) custom kernel strings (including those from LOS). The practical result of this was that suddenly custom ROM users noted that the Play Integrity check wasn’t passing anymore and that some apps (like the banking ones) that depend on it stopped working.
In the beginning of March, 2024, as reported by some sources (see here, here and here), a second wave of bans was issued by Google targeting device finger prints (FPs). Kuntao’s FP was affected by it.
A: Use this app “Play Integrity API Checker” by Nikolas Spiridakis
A: LOS officially stated that they wouldn’t be willing to apply nor release any patch that might help evading the Play Integrity checks. So I had to look somewhere else.
Short answer: No.
Long answer: To build Android ROMs for kuntao (and some other devices) we need the Android sources, a device tree (DT), vendor and kernel. The ban involves only the kernel strings, so I applied the patch on the kernel tree and I’ll be using it from now on my LOS18.1 Unofficial builds.
NOTE: As I know that having the official sources for some of you is important, in February, 2024 releases there will be two ZIP files (one using the official sources and other with the custom kernel). However I can’t promise I’ll keep making these separate releases for long as we are currently maintaining LOS18.1, 19.1, 20.0 and more recently 21.0 in a monthly basis.
Update (10/03/2024): The second ban wave was directed to device FPs, so I had to apply another patch on android frameworks tree. To try to keep all the folks happy, on March, 2024 I’ve made two releases too (one built from the official sources and other with the latest patch)
Please, see FAQ#4 below and FAQ#9 too
A: If your device is rooted (using Magisk), please, follow the instructions from this thread post (scroll down to the “Method #2 - Rooted/Magisk Install” part). Otherwise, if your device is not rooted you still need to wait some more days until the next release cycle*
* I can’t provide an ETA but the devs are working to try to fix this issue and I hope we will have patched working builds
As of February, 29th Google issued a new device finger print ban. This means that our builds will fail the device integrity check for now, even those using the PIF method. Stay tuned to new updates on this situation.
Update (08/03/2024): PIF method is working again, update your module
Update (10/03/2024): Hot fix builds already have been released for LOS18.1 and LOS21. Updated LOS19.1 and 20 builds will be out on the coming days, thanks for your patience.
A: Besides checking the Play Integrity status, apps can detect custom ROMs using other methods. You can try some things like hiding/renaming the Magisk app (app settings > Hide the Magisk app), deleting the TWRP folder from your phone’s internal storage, adding the banking app to the Magisk’s DenyList, change device props, change device finger print, etc. If none of this works, I don’t know what else you can do.
PS: If you find a working workaround, please, join our Telegram group (@p2community) and kindly share it with the community ;)
A: They will have the Play Integrity patch applied on the coming builds, so please, be patient. Hopefully I’ll be able to release those builds in the coming days.
A: Yes, as stated on Play Integrity Fix’s official FAQ Q6 and repository Wiki, the fix is only for device and basic checks.
A: From what I read from the online discussions, the fix should work for a long time (as far as Google or app developers don’t update/change their detection methods), however I can’t make any assumption, so I’m not sure.
A: Probably the patch isn’t working anymore. As mentioned on FAQ#3 above, this build was made with the latest patch available applied. However, Google dropped monthly security patches support for Android 11 which caused LOS to pause the development of LOS18.1. As my main objective in making the builds was serving updated security patches, I’ve decided that the time to stop updating LOS18.1 had come. So our last supported A11 ROM reached its End of Life.
NOTE: If you still use LOS18.1, you could prepare to migrate to LOS19.1 or, if storage encryption isn’t a requirement for you, to LOS20 (a clean flash will be required whichever option you choose)
A: If you are on LOS18.1, the unofficial support by me was dropped given that LOS stopped developing its sources (for more information please read this announcement here and the FAQ#9 above). If you are on LOS19.1, LOS20 or LOS21, I’ve made updated builds to merge the latest sources however google now requires that the builds are signed in order to pass the PI check. Currently I plan to work on this so unrooted installations can pass the check again, however I’ve to work to pay my bills, so I can’t provide an ETA right now. If you are in a hurry and really need to pass PI check, consider making a rooted installation and use the module suggested in this post here (scroll down to the Method #2).
A: On 21th October*, Google issued a new ban wave. As soon as a new working finger print or method is found I’ll try to release hotfix builds. If you are using Magisk, install latest version of PIF (currently v17.8).
* Some sources: PIF Telegram channel, PIF Next Telegram channel, Reddit’s r/ingress post
I’d like to thank Chiteroman, osm0sis and the PlayIntegrityFix community for their efforts in figuring it out what has happened and then helping with fixing it.
A huge thanks to Astridxx and Alucard-Storm for maintaining the kuntao DTs, for promptly applying and releasing the patch for our device, and for helping me apply them on my builds.
Page last updated on Oct 23rd, 2024