Device integrity with valid/validly faked HW attestation broken on A13+ (G company changes to PI API?) #3187
Description
Device Integrity has been completely broken for me on A16+MicroG+Companion since some months ago.
Even with a correct HW attestation setup (valid keybox with the root modules required for PI on an unlocked bootloader with a custom ROM -- same-ish [improved] setup* that used to work on my A15 device a few months back), MicroG and Vending as /system/priv-app, and "block hardware attestation" off.
I have seen multiple people suggest the same in Telegram and XDA (see the later pages of https://xdaforums.com/t/guide-strong-integrity-with-microg-2025.4752972 ), suggesting changes in Google's PI API for A13+ device integrity checks as of some months ago. Curiously, I can get PLAY_RECOGNIZED status on the PI report, but app licensing verdict is failing. Even with invasive modules such as Better Known Installed to make sure every app sees itself as installed by Vending, licensing verdict fails with Companion. I have seen people suggest device PI can work with official Play Store, but not Companion (and I do not plan on installing GAPPS on this device).
Steps to reproduce the behavior:
- Be on A13+ with valid HW attestation setup, either via root modules or locked BL
- Install MicroG, Companion (and maybe GsfProxy?) as system apps somehow (either by being on a custom ROM with them already as system apps, or by using root modules)
- Configure MicroG and Companion: grant all the right permissions and disable "block hardware attestation".
- Install and check any PI checker
- You would only see basic, but not device integrity nor strong.
Expected behavior is that device PI should be able to pass with a Companion/no official play store setup.
Besides normal 0.3.11 and 0.3.10, I also tried merging multiple MRs planned for 0.3.12, and bumping external vending and GMS version codes to the very latest, to no avail.
I am available to build whatever changes are necessary to test a possible fix or to root cause the issue, and
I have attached an adb logcat during the duration of the PI test in SPIC..
Android Version: Android 16
Custom ROM: CrDroid 12.3
*My root setup
Official KSU (3.0.0 git) + susfs (2.0.0 git) (both built as of 1 week or so ago, kernel 6.6.116)
Meta Hybrid Mount (CI build)
microG Installer Revived Again (modded to override max version string)
Play Integrity Fix inject-s (KOWX712 fork, CI build, Spoof Build, Spoof Build Play Store and Spoof Signature on only)
ReZygisk CI 437
Treat Wheel (v0.0.7, closed test)
TEESimulator (CI 42, v3.0)
Tricky Addon Update Target List (CI build, valid keybox set and all apps except uneeded targetted)
Miscellaneous modules:
Open Webview (v2.5.2)
SUSFS-FOR-KERNELSU (CI)
ZRAM Swap Configurator (v2.6)
ReLSPosed (v1.0.1 CI 7210)
LSPosed Modules:
HMA-OSS (CI)