Using RCS with Google Messages on GrapheneOS

MrRoboto1212

v1ct0r Yeah I had installed that Messages version, too, but RCS still didn't connect for me, even after reboot.

cb474

aaravchen Yeah, I don't think setting READ_DEVICE_IDENTIFIERS to allow for Play Services is a security risk, but it may have privacy implications. It would be nice if someone could clarify what the issues there may or may not be.

As you say, I also understood that with Play Services installed, Messages should be getting this permission anyway. And I had the phone and SMS permissions set as you describe. But for whatever reason, it did seem like for me, when I set READ_DEVICE_IDENTIFIERS to allow for Play Services using adb that solved the 36 hour reset problem, as well as allowing me to get 20241120_00_RC07 to provision Etouffee to "true" which it wouldn't before. So I don't know if it was working the way it was supposed to.

This bug report seems to be addressing this issue, although there is also more to it: https://github.com/GrapheneOS/os-issue-tracker/issues/6331. Although, interestingly the issue was closed four days ago, with the original author of the report saying the problem went away for some unexplained reason. They are not in the U.S., but don't state what carrier they are on.

More significantly, for many of us, two days ago, it looks like they started adding some code to Graphene that may solve the problem on T-Mobile: https://github.com/GrapheneOS/platform_packages_modules_Permission/pull/84. The code would add a toggle for users to allow Play Services to do the verification it needs to do for RCS. So, there may finally be light at the end of the tunnel.

MrRoboto1212

cb474 I wonder if there would be prerequisites to enabling it, like which version of Messages you have? Presuming it works.

cb474

MrRoboto1212 The person who developed the code says it works. And it looks like they just merged it into Graphene this morning. I don't know how long that means until it shows up in updates.

The person who wrote the code tested it on Tello (T-Mobile). And someone else tested it on T-Mobile itself. It sounds like with the latest Play Store version of Messsags. They were able to disable RCS with the swtich in settings, enable the new permission toggle, and then renable RCS and have Messages immediatelly connect and work properly.

Anyway, you can read what the dev says about what the solution is supposed to do, in the link I provide to Github above. It sounds like it's supposed to solve the problem with why up to date versions of Messages are unable to authenticate with RCS as it is currently designed on carriers like T-Mobile. So I don't know why the version of Messages would matter. It sounds like a real effort to solve the problem.

cb474

cb474 One question I have is, for those of us who did things like change READ_DEVICE_IDENTIFIERS permissions for Play Services, should we revert all that before updating and/or using the toggle? I guess I'll probably change READ_DEVICE_IDENTIFIERS for Play Services back to deny, before I try the new solution, whenever it comes around. Anyway, if there is soon (hopefully) a built in toggle that solves the problem, it would be nice to have some guidance on anything we should do to clean up the mess we've made with the workarounds.

mousetrapreplica

cb474 this is awesome news! Just read the info in the link. Thanks for sharing!

chenxiaolong

cb474 Explicitly enabling READ_DEVICE_IDENTIFIERS should not be needed (but also doesn't impact the new change). GrapheneOS will already grant it when needed.

AOSP automatically gives READ_DEVICE_IDENTIFIERS to whichever app is set as the default SMS app: https://github.com/GrapheneOS/platform_packages_modules_Permission/blob/1723ab9ff8b9dee2c94dfea51ed1576081084897/PermissionController/res/xml/roles.xml#L367

GrapheneOS has additional logic to also grant that to Google Play Services for RCS, but only when Google Messages is set as the default SMS app: https://github.com/GrapheneOS/platform_frameworks_base/pull/255 (This does not appear to be reflected in adb shell appops get com.google.android.gms READ_DEVICE_IDENTIFIERS though.)

eatinggrumble84

cb474

I updated to the latest version with the toggle. I then uninstalled the old version of Messages, changed the READ_DEVICE_IDENTIFIERS back to "deny" and enabled the new toggle. I then rebooted and installed the latest Play Store version 20260126_00_RC0 and RCS worked immediately with T-Mobile in the US.

eatinggrumble84

chenxiaolong

That is interesting and perhaps it may be more bugged than just not being reflected in adb shell appops get com.google.android.gms READ_DEVICE_IDENTIFIERS
As cb474 and I have noted above, it seemed impossible to get passed the 36 hour reset on T-Mobile prior to manually setting the READ_DEVICE_IDENTIFIERS to "allow" for Google Play Services. Forcing that setting to "allow" certainly seemed to change something to allow T-Mobile to then verify the device in a way that wasn't occurring properly prior to that.

Nevertheless, I will certainly try to revert this setting back to "deny" prior to enabling the new setting in the upcoming update.

cb474

chenxiaolong Thanks for the explanation. I really appreciate it. And thanks for being involved in testing the code for the new toggle to address the issue with RCS on T-Mobile (and other carriers with the same problem, I assume).

I do understand that READ_DEVICE_IDENTIFIERS is supposed to be granted to the default SMS app and to Play Services, when Messages is the default SMS app. But as @eatinggrumble84 notes, for several of us, it was only after we explicitly granted READ_DEVICE_IDENTIFIERS to Play Services that we stopped have the 36 hour reset issue and in my case only after that that I could get the 20241120_00_RC07 version of Messages to provision Etouffee to "true," so that RCS would work. Do you have any thoughts about what's going on there? It does seem like maybe there is a bug in how READ_DEVICE_IDENTIFIERS is supposed to be granted, but actually isn't.

chenxiaolong

cb474 Hmm, I'm not sure. I do wonder if there was some timing coincidence with Google changing things on their backend. Prior to testing @inthewaves's new PR, I had been using the old version + upgrade trick without explicitly allowing READ_DEVICE_IDENTIFIERS and did not get kicked out after 72 hours (nor after several days).

inthewaves

chenxiaolong I believe what's happening in https://github.com/GrapheneOS/platform_frameworks_base/pull/255 is that in PackageExtInit, this is being done:

            case BUGLE_NAME -> validate(BUGLE, 273168063L,
                    "f7e73d4edc2b7f55eecd3f898d3cca7da9cbbf51694eba14f816e2eccf015035");

This validates that the installed Google Messages (Bugle) has a minimum version code of 273168063L, and that the cert hash of the app matches that string. Version 20241120_00_RC07 has a version code of 262371063 which is less than the minimum version code. Validation will fail due to version code, and the installed Google Messages will be given PackageId.UNKNOWN instead of the desired PackageId.BUGLE.

So the if-condition in LegacyPackageManager,

if (buglePkgState != null && PackageExt.get(buglePkgState).getPackageId() == PackageId.BUGLE) {

will fail, since PackageExt.get(buglePkgState).getPackageId() will not be PackageId.BUGLE. So this never activates for older versions of Google Messages, which as far as I know is by design.

logdumpster

I'm on Mint, I've reinstalled GOS and installed the old Messages app and granted READ_DEVICE_IDENTIFIERS. My RCS status is now "connected" but it still won't use it for any of my conversations. I'm tired man I just wanna message hot girls on iPhones better. Has anyone else got it to where it says connected but still doesn't work? I'm gonna let that update above hit main and see if that fixes it, otherwise I'm gonna just bite the bullet and switch carriers. Is it confirmed that it's working consistently on Verizon or Google Fi?

logdumpster

NEVER MIND EVERYBODY, TURNS OUT ALL I HAD TO DO WAS TALK SHIT ON THE GRAPHENEOS FORUM AND IT STARTED WORKING WOO HOO

Bob4apples

logdumpster what was the estimated time between shit talking and the problem being resolved?

cb474

inthewaves Thanks. It's nice to get clear explanations of what's going on, since those of us who are not devs are often confused about what's really happening and simply trying to guess based on our experiences. I appreciate the detailed explanation.

Also thank you so much for developing the fix to give Messages the permissions it needs to work with RCS. I look forward to see it in an upcoming update.

elel

Following up with an update: installing the latest version of Messages and then switching from Ting to the Warp plan on US Mobile fixed my issues after about a day of waiting. I also got a text from Google that they were "verifying the phone# of this device" shortly after switching. Glad to see that there is other movement on this issue. I think Ting was a non-starter since a call to their customer support verified that they do not support RCS.

Luminier

alwarnecke
Also on Spectrum, doing this actually set my RCS status to connected, but all my texts sent were still SMS and I could not receive any messages at all. Really odd.

Guess I will just wait.

davek

RCS has been broken for a couple weeks for me, it stopped working after (regretfully) allowing GraphenOS to update itself... I knew I should have left well enough alone

This has become a problem as people are messaging me and Im not seeing them, they are not even going to SMS, just disappear for me completely

I've tried everything but avoided going to an older version of Google Messages because I am worried about installing a random APK off the internet but I will have to as nothing else is working

Johnnyloans

davek they are not even going to SMS

Try this. See my 2 replies

https://discuss.grapheneos.org/d/31531-cant-receive-mms-group-messages/3

dregrinfuces

The release notes for GOS v20260212 has this:

Sandboxed Google Play compatibility layer: add toggle for granting Play services access to ICC auth in order to support RCS with carriers requiring it for RCS in Google Messages including T-Mobile

I wonder if that will fix this problem.

ManatJack

dregrinfuces I can confirm enabling the toggle made RCS work with most recent app.

« Previous Page Next Page »