2020-12-06 03:07:47 -08:00
|
|
|
#include <sys/mount.h>
|
2019-05-27 00:29:43 -07:00
|
|
|
#include <sys/sysmacros.h>
|
2020-05-03 22:49:54 -07:00
|
|
|
#include <libgen.h>
|
2019-05-27 00:29:43 -07:00
|
|
|
|
2022-05-12 02:03:42 -07:00
|
|
|
#include <base.hpp>
|
2020-03-09 01:50:30 -07:00
|
|
|
#include <selinux.hpp>
|
|
|
|
#include <magisk.hpp>
|
2019-05-27 00:29:43 -07:00
|
|
|
|
2020-03-09 01:50:30 -07:00
|
|
|
#include "init.hpp"
|
2019-05-27 00:29:43 -07:00
|
|
|
|
|
|
|
using namespace std;
|
|
|
|
|
2019-05-27 02:55:46 -07:00
|
|
|
struct devinfo {
|
2020-12-30 22:11:24 -08:00
|
|
|
int major;
|
|
|
|
int minor;
|
|
|
|
char devname[32];
|
|
|
|
char partname[32];
|
|
|
|
char dmname[32];
|
2019-05-27 02:55:46 -07:00
|
|
|
};
|
|
|
|
|
|
|
|
static vector<devinfo> dev_list;
|
|
|
|
|
|
|
|
static void parse_device(devinfo *dev, const char *uevent) {
|
2020-12-30 22:11:24 -08:00
|
|
|
dev->partname[0] = '\0';
|
|
|
|
parse_prop_file(uevent, [=](string_view key, string_view value) -> bool {
|
|
|
|
if (key == "MAJOR")
|
|
|
|
dev->major = parse_int(value.data());
|
|
|
|
else if (key == "MINOR")
|
|
|
|
dev->minor = parse_int(value.data());
|
|
|
|
else if (key == "DEVNAME")
|
|
|
|
strcpy(dev->devname, value.data());
|
|
|
|
else if (key == "PARTNAME")
|
|
|
|
strcpy(dev->partname, value.data());
|
|
|
|
|
|
|
|
return true;
|
|
|
|
});
|
2019-05-27 02:55:46 -07:00
|
|
|
}
|
2019-05-27 00:29:43 -07:00
|
|
|
|
|
|
|
static void collect_devices() {
|
2020-12-30 22:11:24 -08:00
|
|
|
char path[128];
|
|
|
|
devinfo dev{};
|
|
|
|
if (auto dir = xopen_dir("/sys/dev/block"); dir) {
|
|
|
|
for (dirent *entry; (entry = readdir(dir.get()));) {
|
|
|
|
if (entry->d_name == "."sv || entry->d_name == ".."sv)
|
|
|
|
continue;
|
|
|
|
sprintf(path, "/sys/dev/block/%s/uevent", entry->d_name);
|
|
|
|
parse_device(&dev, path);
|
|
|
|
sprintf(path, "/sys/dev/block/%s/dm/name", entry->d_name);
|
|
|
|
if (access(path, F_OK) == 0) {
|
|
|
|
auto name = rtrim(full_read(path));
|
|
|
|
strcpy(dev.dmname, name.data());
|
|
|
|
}
|
|
|
|
dev_list.push_back(dev);
|
|
|
|
}
|
|
|
|
}
|
2019-05-27 00:29:43 -07:00
|
|
|
}
|
|
|
|
|
2020-05-03 22:49:54 -07:00
|
|
|
static struct {
|
2020-12-30 22:11:24 -08:00
|
|
|
char partname[32];
|
|
|
|
char block_dev[64];
|
2020-05-03 22:49:54 -07:00
|
|
|
} blk_info;
|
|
|
|
|
2022-03-16 21:31:22 -07:00
|
|
|
static int64_t setup_block() {
|
2020-12-30 22:11:24 -08:00
|
|
|
if (dev_list.empty())
|
|
|
|
collect_devices();
|
|
|
|
|
|
|
|
for (int tries = 0; tries < 3; ++tries) {
|
|
|
|
for (auto &dev : dev_list) {
|
|
|
|
if (strcasecmp(dev.partname, blk_info.partname) == 0)
|
|
|
|
LOGD("Setup %s: [%s] (%d, %d)\n", dev.partname, dev.devname, dev.major, dev.minor);
|
|
|
|
else if (strcasecmp(dev.dmname, blk_info.partname) == 0)
|
|
|
|
LOGD("Setup %s: [%s] (%d, %d)\n", dev.dmname, dev.devname, dev.major, dev.minor);
|
|
|
|
else
|
|
|
|
continue;
|
|
|
|
|
|
|
|
dev_t rdev = makedev(dev.major, dev.minor);
|
2021-01-25 00:19:10 -08:00
|
|
|
xmknod(blk_info.block_dev, S_IFBLK | 0600, rdev);
|
2020-12-30 22:11:24 -08:00
|
|
|
return rdev;
|
|
|
|
}
|
|
|
|
// Wait 10ms and try again
|
|
|
|
usleep(10000);
|
|
|
|
dev_list.clear();
|
|
|
|
collect_devices();
|
|
|
|
}
|
|
|
|
|
|
|
|
// The requested partname does not exist
|
|
|
|
return -1;
|
2019-05-27 00:29:43 -07:00
|
|
|
}
|
|
|
|
|
2019-06-23 15:14:47 -07:00
|
|
|
static void switch_root(const string &path) {
|
2020-12-30 22:11:24 -08:00
|
|
|
LOGD("Switch root to %s\n", path.data());
|
|
|
|
int root = xopen("/", O_RDONLY);
|
|
|
|
vector<string> mounts;
|
|
|
|
parse_mnt("/proc/mounts", [&](mntent *me) {
|
|
|
|
// Skip root and self
|
|
|
|
if (me->mnt_dir == "/"sv || me->mnt_dir == path)
|
|
|
|
return true;
|
|
|
|
// Do not include subtrees
|
|
|
|
for (const auto &m : mounts) {
|
|
|
|
if (strncmp(me->mnt_dir, m.data(), m.length()) == 0 && me->mnt_dir[m.length()] == '/')
|
|
|
|
return true;
|
|
|
|
}
|
|
|
|
mounts.emplace_back(me->mnt_dir);
|
|
|
|
return true;
|
|
|
|
});
|
|
|
|
for (auto &dir : mounts) {
|
|
|
|
auto new_path = path + dir;
|
2021-08-14 13:29:12 +08:00
|
|
|
xmkdir(new_path.data(), 0755);
|
2020-12-30 22:11:24 -08:00
|
|
|
xmount(dir.data(), new_path.data(), nullptr, MS_MOVE, nullptr);
|
|
|
|
}
|
|
|
|
chdir(path.data());
|
|
|
|
xmount(path.data(), "/", nullptr, MS_MOVE, nullptr);
|
|
|
|
chroot(".");
|
|
|
|
|
|
|
|
LOGD("Cleaning rootfs\n");
|
|
|
|
frm_rf(root);
|
2019-06-23 15:14:47 -07:00
|
|
|
}
|
|
|
|
|
2022-03-16 21:31:22 -07:00
|
|
|
void MagiskInit::mount_rules_dir() {
|
2020-12-30 22:11:24 -08:00
|
|
|
char path[128];
|
2022-03-16 21:31:22 -07:00
|
|
|
xrealpath(BLOCKDIR, blk_info.block_dev);
|
|
|
|
xrealpath(MIRRDIR, path);
|
2020-12-30 22:11:24 -08:00
|
|
|
char *b = blk_info.block_dev + strlen(blk_info.block_dev);
|
|
|
|
char *p = path + strlen(path);
|
|
|
|
|
|
|
|
auto do_mount = [&](const char *type) -> bool {
|
|
|
|
xmkdir(path, 0755);
|
|
|
|
bool success = xmount(blk_info.block_dev, path, type, 0, nullptr) == 0;
|
|
|
|
if (success)
|
|
|
|
mount_list.emplace_back(path);
|
|
|
|
return success;
|
|
|
|
};
|
|
|
|
|
|
|
|
// First try userdata
|
|
|
|
strcpy(blk_info.partname, "userdata");
|
|
|
|
strcpy(b, "/data");
|
|
|
|
strcpy(p, "/data");
|
2022-03-16 21:31:22 -07:00
|
|
|
if (setup_block() < 0) {
|
2020-12-30 22:11:24 -08:00
|
|
|
// Try NVIDIA naming scheme
|
|
|
|
strcpy(blk_info.partname, "UDA");
|
2022-03-16 21:31:22 -07:00
|
|
|
if (setup_block() < 0)
|
2020-12-30 22:11:24 -08:00
|
|
|
goto cache;
|
|
|
|
}
|
2021-01-15 02:23:53 -08:00
|
|
|
// WARNING: DO NOT ATTEMPT TO MOUNT F2FS AS IT MAY CRASH THE KERNEL
|
|
|
|
// Failure means either f2fs, FDE, or metadata encryption
|
|
|
|
if (!do_mount("ext4"))
|
2020-12-30 22:11:24 -08:00
|
|
|
goto cache;
|
|
|
|
|
|
|
|
strcpy(p, "/data/unencrypted");
|
2021-03-13 22:13:39 +08:00
|
|
|
if (xaccess(path, F_OK) == 0) {
|
2020-12-30 22:11:24 -08:00
|
|
|
// FBE, need to use an unencrypted path
|
|
|
|
custom_rules_dir = path + "/magisk"s;
|
|
|
|
} else {
|
|
|
|
// Skip if /data/adb does not exist
|
2021-03-13 22:13:39 +08:00
|
|
|
strcpy(p, SECURE_DIR);
|
|
|
|
if (xaccess(path, F_OK) != 0)
|
2020-12-30 22:11:24 -08:00
|
|
|
return;
|
2021-03-13 22:13:39 +08:00
|
|
|
strcpy(p, MODULEROOT);
|
|
|
|
if (xaccess(path, F_OK) != 0) {
|
|
|
|
goto cache;
|
|
|
|
}
|
2020-12-30 22:11:24 -08:00
|
|
|
// Unencrypted, directly use module paths
|
2021-03-13 22:13:39 +08:00
|
|
|
custom_rules_dir = string(path);
|
2020-12-30 22:11:24 -08:00
|
|
|
}
|
|
|
|
goto success;
|
2020-11-02 23:20:38 -08:00
|
|
|
|
|
|
|
cache:
|
2020-12-30 22:11:24 -08:00
|
|
|
// Fallback to cache
|
|
|
|
strcpy(blk_info.partname, "cache");
|
|
|
|
strcpy(b, "/cache");
|
|
|
|
strcpy(p, "/cache");
|
2022-03-16 21:31:22 -07:00
|
|
|
if (setup_block() < 0) {
|
2020-12-30 22:11:24 -08:00
|
|
|
// Try NVIDIA naming scheme
|
|
|
|
strcpy(blk_info.partname, "CAC");
|
2022-03-16 21:31:22 -07:00
|
|
|
if (setup_block() < 0)
|
2020-12-30 22:11:24 -08:00
|
|
|
goto metadata;
|
|
|
|
}
|
|
|
|
if (!do_mount("ext4"))
|
|
|
|
goto metadata;
|
|
|
|
custom_rules_dir = path + "/magisk"s;
|
|
|
|
goto success;
|
2020-11-02 23:20:38 -08:00
|
|
|
|
|
|
|
metadata:
|
2020-12-30 22:11:24 -08:00
|
|
|
// Fallback to metadata
|
|
|
|
strcpy(blk_info.partname, "metadata");
|
|
|
|
strcpy(b, "/metadata");
|
|
|
|
strcpy(p, "/metadata");
|
2022-03-16 21:31:22 -07:00
|
|
|
if (setup_block() < 0 || !do_mount("ext4"))
|
2020-12-30 22:11:24 -08:00
|
|
|
goto persist;
|
|
|
|
custom_rules_dir = path + "/magisk"s;
|
|
|
|
goto success;
|
2020-11-02 23:20:38 -08:00
|
|
|
|
|
|
|
persist:
|
2020-12-30 22:11:24 -08:00
|
|
|
// Fallback to persist
|
|
|
|
strcpy(blk_info.partname, "persist");
|
|
|
|
strcpy(b, "/persist");
|
|
|
|
strcpy(p, "/persist");
|
2022-03-16 21:31:22 -07:00
|
|
|
if (setup_block() < 0 || !do_mount("ext4"))
|
2020-12-30 22:11:24 -08:00
|
|
|
return;
|
|
|
|
custom_rules_dir = path + "/magisk"s;
|
2020-11-02 23:20:38 -08:00
|
|
|
|
|
|
|
success:
|
2020-12-30 22:11:24 -08:00
|
|
|
// Create symlinks so we don't need to go through this logic again
|
|
|
|
strcpy(p, "/sepolicy.rules");
|
|
|
|
xsymlink(custom_rules_dir.data(), path);
|
2020-01-08 22:42:54 +08:00
|
|
|
}
|
|
|
|
|
Introduce new sepolicy injection mechanism
In the current implementation, Magisk will either have to recreate
all early mount implementation (for legacy SAR and rootfs devices) or
delegate early mount to first stage init (for 2SI devices) to access
required partitions for loading sepolicy. It then has to recreate the
split sepolicy loading implementation in-house, apply patches, then
dump the compiled + patched policies into monolithic format somewhere.
Finally, it patches the original init to force it to load the sepolicy
file we just created.
With the increasing complexity involved in early mount and split
sepolicy (there is even APEX module involved in the future!),
it is about time to rethink Magisk's sepolicy strategy as rebuilding
init's functionality is not scalable and easy to maintain.
In this commit, instead of building sepolicy ourselves, we mock
selinuxfs with FIFO files connected to a pre-init daemon, waiting
for the actual init process to directly write the sepolicy file into
MagiskInit. We then patch the file and load it into the kernel. Some
FIFO tricks has to be used to hijack the original init process's
control flow and prevent race conditions, details are directly in the
comments in code.
At the moment, only system-as-root (read-only root) support is added.
Support for legacy rootfs devices will come with a follow up commit.
2022-03-16 00:31:53 -07:00
|
|
|
bool LegacySARInit::mount_system_root() {
|
|
|
|
backup_files();
|
|
|
|
|
|
|
|
LOGD("Mounting system_root\n");
|
2020-12-30 22:11:24 -08:00
|
|
|
strcpy(blk_info.block_dev, "/dev/root");
|
|
|
|
|
|
|
|
do {
|
|
|
|
// Try legacy SAR dm-verity
|
|
|
|
strcpy(blk_info.partname, "vroot");
|
2022-03-16 21:31:22 -07:00
|
|
|
auto dev = setup_block();
|
2020-12-30 22:11:24 -08:00
|
|
|
if (dev >= 0)
|
|
|
|
goto mount_root;
|
|
|
|
|
|
|
|
// Try NVIDIA naming scheme
|
|
|
|
strcpy(blk_info.partname, "APP");
|
2022-03-16 21:31:22 -07:00
|
|
|
dev = setup_block();
|
2020-12-30 22:11:24 -08:00
|
|
|
if (dev >= 0)
|
|
|
|
goto mount_root;
|
|
|
|
|
2021-10-26 00:35:55 -07:00
|
|
|
sprintf(blk_info.partname, "system%s", config->slot);
|
2022-03-16 21:31:22 -07:00
|
|
|
dev = setup_block();
|
2020-12-30 22:11:24 -08:00
|
|
|
if (dev >= 0)
|
|
|
|
goto mount_root;
|
|
|
|
|
|
|
|
// Poll forever if rootwait was given in cmdline
|
2021-10-26 00:35:55 -07:00
|
|
|
} while (config->rootwait);
|
2020-12-30 22:11:24 -08:00
|
|
|
|
|
|
|
// We don't really know what to do at this point...
|
|
|
|
LOGE("Cannot find root partition, abort\n");
|
|
|
|
exit(1);
|
Introduce new sepolicy injection mechanism
In the current implementation, Magisk will either have to recreate
all early mount implementation (for legacy SAR and rootfs devices) or
delegate early mount to first stage init (for 2SI devices) to access
required partitions for loading sepolicy. It then has to recreate the
split sepolicy loading implementation in-house, apply patches, then
dump the compiled + patched policies into monolithic format somewhere.
Finally, it patches the original init to force it to load the sepolicy
file we just created.
With the increasing complexity involved in early mount and split
sepolicy (there is even APEX module involved in the future!),
it is about time to rethink Magisk's sepolicy strategy as rebuilding
init's functionality is not scalable and easy to maintain.
In this commit, instead of building sepolicy ourselves, we mock
selinuxfs with FIFO files connected to a pre-init daemon, waiting
for the actual init process to directly write the sepolicy file into
MagiskInit. We then patch the file and load it into the kernel. Some
FIFO tricks has to be used to hijack the original init process's
control flow and prevent race conditions, details are directly in the
comments in code.
At the moment, only system-as-root (read-only root) support is added.
Support for legacy rootfs devices will come with a follow up commit.
2022-03-16 00:31:53 -07:00
|
|
|
|
2020-09-23 16:18:51 -05:00
|
|
|
mount_root:
|
2020-12-30 22:11:24 -08:00
|
|
|
xmkdir("/system_root", 0755);
|
2020-04-01 04:39:28 -07:00
|
|
|
|
Introduce new sepolicy injection mechanism
In the current implementation, Magisk will either have to recreate
all early mount implementation (for legacy SAR and rootfs devices) or
delegate early mount to first stage init (for 2SI devices) to access
required partitions for loading sepolicy. It then has to recreate the
split sepolicy loading implementation in-house, apply patches, then
dump the compiled + patched policies into monolithic format somewhere.
Finally, it patches the original init to force it to load the sepolicy
file we just created.
With the increasing complexity involved in early mount and split
sepolicy (there is even APEX module involved in the future!),
it is about time to rethink Magisk's sepolicy strategy as rebuilding
init's functionality is not scalable and easy to maintain.
In this commit, instead of building sepolicy ourselves, we mock
selinuxfs with FIFO files connected to a pre-init daemon, waiting
for the actual init process to directly write the sepolicy file into
MagiskInit. We then patch the file and load it into the kernel. Some
FIFO tricks has to be used to hijack the original init process's
control flow and prevent race conditions, details are directly in the
comments in code.
At the moment, only system-as-root (read-only root) support is added.
Support for legacy rootfs devices will come with a follow up commit.
2022-03-16 00:31:53 -07:00
|
|
|
if (xmount("/dev/root", "/system_root", "ext4", MS_RDONLY, nullptr)) {
|
|
|
|
if (xmount("/dev/root", "/system_root", "erofs", MS_RDONLY, nullptr)) {
|
|
|
|
// We don't really know what to do at this point...
|
|
|
|
LOGE("Cannot mount root partition, abort\n");
|
|
|
|
exit(1);
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
2020-12-30 22:11:24 -08:00
|
|
|
switch_root("/system_root");
|
|
|
|
|
2022-03-18 04:58:37 -07:00
|
|
|
// Make dev writable
|
|
|
|
xmkdir("/dev", 0755);
|
|
|
|
xmount("tmpfs", "/dev", "tmpfs", 0, "mode=755");
|
|
|
|
mount_list.emplace_back("/dev");
|
|
|
|
|
2021-01-15 02:44:40 -08:00
|
|
|
// Use the apex folder to determine whether 2SI (Android 10+)
|
2022-03-13 05:06:08 -07:00
|
|
|
bool is_two_stage = access("/apex", F_OK) == 0;
|
2020-12-30 22:11:24 -08:00
|
|
|
LOGD("is_two_stage: [%d]\n", is_two_stage);
|
|
|
|
|
2022-01-19 20:28:01 -08:00
|
|
|
#if ENABLE_AVD_HACK
|
Introduce new sepolicy injection mechanism
In the current implementation, Magisk will either have to recreate
all early mount implementation (for legacy SAR and rootfs devices) or
delegate early mount to first stage init (for 2SI devices) to access
required partitions for loading sepolicy. It then has to recreate the
split sepolicy loading implementation in-house, apply patches, then
dump the compiled + patched policies into monolithic format somewhere.
Finally, it patches the original init to force it to load the sepolicy
file we just created.
With the increasing complexity involved in early mount and split
sepolicy (there is even APEX module involved in the future!),
it is about time to rethink Magisk's sepolicy strategy as rebuilding
init's functionality is not scalable and easy to maintain.
In this commit, instead of building sepolicy ourselves, we mock
selinuxfs with FIFO files connected to a pre-init daemon, waiting
for the actual init process to directly write the sepolicy file into
MagiskInit. We then patch the file and load it into the kernel. Some
FIFO tricks has to be used to hijack the original init process's
control flow and prevent race conditions, details are directly in the
comments in code.
At the moment, only system-as-root (read-only root) support is added.
Support for legacy rootfs devices will come with a follow up commit.
2022-03-16 00:31:53 -07:00
|
|
|
if (!is_two_stage) {
|
|
|
|
if (config->emulator) {
|
|
|
|
avd_hack = true;
|
2022-03-16 21:31:22 -07:00
|
|
|
// These values are hardcoded for API 28 AVD
|
|
|
|
xmkdir("/dev/block", 0755);
|
|
|
|
strcpy(blk_info.block_dev, "/dev/block/vde1");
|
|
|
|
strcpy(blk_info.partname, "vendor");
|
|
|
|
setup_block();
|
|
|
|
xmount(blk_info.block_dev, "/vendor", "ext4", MS_RDONLY, nullptr);
|
Introduce new sepolicy injection mechanism
In the current implementation, Magisk will either have to recreate
all early mount implementation (for legacy SAR and rootfs devices) or
delegate early mount to first stage init (for 2SI devices) to access
required partitions for loading sepolicy. It then has to recreate the
split sepolicy loading implementation in-house, apply patches, then
dump the compiled + patched policies into monolithic format somewhere.
Finally, it patches the original init to force it to load the sepolicy
file we just created.
With the increasing complexity involved in early mount and split
sepolicy (there is even APEX module involved in the future!),
it is about time to rethink Magisk's sepolicy strategy as rebuilding
init's functionality is not scalable and easy to maintain.
In this commit, instead of building sepolicy ourselves, we mock
selinuxfs with FIFO files connected to a pre-init daemon, waiting
for the actual init process to directly write the sepolicy file into
MagiskInit. We then patch the file and load it into the kernel. Some
FIFO tricks has to be used to hijack the original init process's
control flow and prevent race conditions, details are directly in the
comments in code.
At the moment, only system-as-root (read-only root) support is added.
Support for legacy rootfs devices will come with a follow up commit.
2022-03-16 00:31:53 -07:00
|
|
|
}
|
2020-12-30 22:11:24 -08:00
|
|
|
}
|
Introduce new sepolicy injection mechanism
In the current implementation, Magisk will either have to recreate
all early mount implementation (for legacy SAR and rootfs devices) or
delegate early mount to first stage init (for 2SI devices) to access
required partitions for loading sepolicy. It then has to recreate the
split sepolicy loading implementation in-house, apply patches, then
dump the compiled + patched policies into monolithic format somewhere.
Finally, it patches the original init to force it to load the sepolicy
file we just created.
With the increasing complexity involved in early mount and split
sepolicy (there is even APEX module involved in the future!),
it is about time to rethink Magisk's sepolicy strategy as rebuilding
init's functionality is not scalable and easy to maintain.
In this commit, instead of building sepolicy ourselves, we mock
selinuxfs with FIFO files connected to a pre-init daemon, waiting
for the actual init process to directly write the sepolicy file into
MagiskInit. We then patch the file and load it into the kernel. Some
FIFO tricks has to be used to hijack the original init process's
control flow and prevent race conditions, details are directly in the
comments in code.
At the moment, only system-as-root (read-only root) support is added.
Support for legacy rootfs devices will come with a follow up commit.
2022-03-16 00:31:53 -07:00
|
|
|
#endif
|
Logical Resizable Android Partitions support
The way how logical partition, or "Logical Resizable Android Partitions"
as they say in AOSP source code, is setup makes it impossible to early
mount the partitions from the shared super partition with just
a few lines of code; in fact, AOSP has a whole "fs_mgr" folder which
consist of multiple complex libraries, with 15K lines of code just
to deal with the device mapper shenanigans.
In order to keep the already overly complicated MagiskInit more
managable, I chose NOT to go the route of including fs_mgr directly
into MagiskInit. Luckily, starting from Android Q, Google decided to
split init startup into 3 stages, with the first stage doing _only_
early mount. This is great news, because we can simply let the stock
init do its own thing for us, and we intercept the bootup sequence.
So the workflow can be visualized roughly below:
Magisk First Stage --> First Stage Mount --> Magisk Second Stage --+
(MagiskInit) (Original Init) (MagiskInit) +
+
+
...Rest of the boot... <-- Second Stage <-- Selinux Setup <--+
(__________________ Original Init ____________________)
The catch here is that after doing all the first stage mounting, /init
will pivot /system as root directory (/), leaving us impossible to
regain control after we hand it over. So the solution here is to patch
fstab in /first_stage_ramdisk on-the-fly to redirect /system to
/system_root, making the original init do all the hard work for
us and mount required early mount partitions, but skips the step of
switching root directory. It will also conveniently hand over execution
back to MagiskInit, which we will reuse the routine for patching
root directory in normal system-as-root situations.
2019-06-29 00:47:29 -07:00
|
|
|
|
2022-03-13 05:06:08 -07:00
|
|
|
return is_two_stage;
|
Logical Resizable Android Partitions support
The way how logical partition, or "Logical Resizable Android Partitions"
as they say in AOSP source code, is setup makes it impossible to early
mount the partitions from the shared super partition with just
a few lines of code; in fact, AOSP has a whole "fs_mgr" folder which
consist of multiple complex libraries, with 15K lines of code just
to deal with the device mapper shenanigans.
In order to keep the already overly complicated MagiskInit more
managable, I chose NOT to go the route of including fs_mgr directly
into MagiskInit. Luckily, starting from Android Q, Google decided to
split init startup into 3 stages, with the first stage doing _only_
early mount. This is great news, because we can simply let the stock
init do its own thing for us, and we intercept the bootup sequence.
So the workflow can be visualized roughly below:
Magisk First Stage --> First Stage Mount --> Magisk Second Stage --+
(MagiskInit) (Original Init) (MagiskInit) +
+
+
...Rest of the boot... <-- Second Stage <-- Selinux Setup <--+
(__________________ Original Init ____________________)
The catch here is that after doing all the first stage mounting, /init
will pivot /system as root directory (/), leaving us impossible to
regain control after we hand it over. So the solution here is to patch
fstab in /first_stage_ramdisk on-the-fly to redirect /system to
/system_root, making the original init do all the hard work for
us and mount required early mount partitions, but skips the step of
switching root directory. It will also conveniently hand over execution
back to MagiskInit, which we will reuse the routine for patching
root directory in normal system-as-root situations.
2019-06-29 00:47:29 -07:00
|
|
|
}
|
2019-12-05 16:29:45 -05:00
|
|
|
|
2020-12-06 03:07:47 -08:00
|
|
|
void BaseInit::exec_init() {
|
2020-12-30 22:11:24 -08:00
|
|
|
// Unmount in reverse order
|
|
|
|
for (auto &p : reversed(mount_list)) {
|
2022-01-19 05:12:11 -08:00
|
|
|
if (xumount2(p.data(), MNT_DETACH) == 0)
|
2020-12-30 22:11:24 -08:00
|
|
|
LOGD("Unmount [%s]\n", p.data());
|
|
|
|
}
|
|
|
|
execv("/init", argv);
|
|
|
|
exit(1);
|
2019-12-05 16:29:45 -05:00
|
|
|
}
|
2019-12-09 02:44:49 -05:00
|
|
|
|
2020-10-26 20:46:15 -07:00
|
|
|
void MagiskInit::setup_tmp(const char *path) {
|
2020-12-30 22:11:24 -08:00
|
|
|
LOGD("Setup Magisk tmp at %s\n", path);
|
|
|
|
xmount("tmpfs", path, "tmpfs", 0, "mode=755");
|
|
|
|
|
|
|
|
chdir(path);
|
|
|
|
|
|
|
|
xmkdir(INTLROOT, 0755);
|
|
|
|
xmkdir(MIRRDIR, 0);
|
|
|
|
xmkdir(BLOCKDIR, 0);
|
|
|
|
|
2022-03-16 21:31:22 -07:00
|
|
|
mount_rules_dir();
|
|
|
|
|
2020-12-30 22:11:24 -08:00
|
|
|
int fd = xopen(INTLROOT "/config", O_WRONLY | O_CREAT, 0);
|
2022-03-14 04:22:09 -07:00
|
|
|
xwrite(fd, magisk_cfg.buf, magisk_cfg.sz);
|
2020-12-30 22:11:24 -08:00
|
|
|
close(fd);
|
|
|
|
|
|
|
|
// Create applet symlinks
|
|
|
|
for (int i = 0; applet_names[i]; ++i)
|
|
|
|
xsymlink("./magisk", applet_names[i]);
|
2022-03-17 03:15:39 -07:00
|
|
|
xsymlink("./magiskpolicy", "supolicy");
|
2020-12-30 22:11:24 -08:00
|
|
|
|
|
|
|
chdir("/");
|
2019-12-09 02:44:49 -05:00
|
|
|
}
|