2019-05-27 07:29:43 +00:00
|
|
|
#include <sys/sysmacros.h>
|
|
|
|
#include <sys/types.h>
|
|
|
|
#include <sys/stat.h>
|
|
|
|
#include <linux/input.h>
|
|
|
|
#include <fcntl.h>
|
2019-07-02 05:58:19 +00:00
|
|
|
#include <vector>
|
2019-05-27 07:29:43 +00:00
|
|
|
|
2022-05-12 09:03:42 +00:00
|
|
|
#include <base.hpp>
|
2019-05-27 07:29:43 +00:00
|
|
|
|
2020-03-09 08:50:30 +00:00
|
|
|
#include "init.hpp"
|
2019-05-27 07:29:43 +00:00
|
|
|
|
|
|
|
using namespace std;
|
|
|
|
|
2021-01-15 05:14:54 +00:00
|
|
|
vector<string> mount_list;
|
|
|
|
|
2021-05-31 12:51:25 +00:00
|
|
|
template<char... cs> using chars = integer_sequence<char, cs...>;
|
|
|
|
|
2021-10-26 07:35:55 +00:00
|
|
|
// If quoted, parsing ends when we find char in [breaks]
|
|
|
|
// If not quoted, parsing ends when we find char in [breaks] + [escapes]
|
2021-05-31 12:51:25 +00:00
|
|
|
template<char... escapes, char... breaks>
|
2021-10-26 07:35:55 +00:00
|
|
|
static string extract_quoted_str_until(chars<escapes...>, chars<breaks...>,
|
|
|
|
string_view str, size_t &pos, bool "ed) {
|
2021-05-31 12:51:25 +00:00
|
|
|
string result;
|
|
|
|
char match_array[] = {escapes..., breaks..., '"'};
|
2021-10-26 07:35:55 +00:00
|
|
|
string_view match(match_array, std::size(match_array));
|
|
|
|
for (size_t cur = pos;; ++cur) {
|
|
|
|
cur = str.find_first_of(match, cur);
|
|
|
|
if (cur == string_view::npos ||
|
|
|
|
((str[cur] == breaks) || ...) ||
|
|
|
|
(!quoted && ((str[cur] == escapes) || ...))) {
|
|
|
|
result.append(str.substr(pos, cur - pos));
|
|
|
|
pos = cur;
|
2021-05-31 12:51:25 +00:00
|
|
|
return result;
|
2021-05-25 17:21:54 +00:00
|
|
|
}
|
2021-10-26 07:35:55 +00:00
|
|
|
if (str[cur] == '"') {
|
2021-05-31 12:51:25 +00:00
|
|
|
quoted = !quoted;
|
2021-10-26 07:35:55 +00:00
|
|
|
result.append(str.substr(pos, cur - pos));
|
|
|
|
pos = cur + 1;
|
2020-12-31 06:11:24 +00:00
|
|
|
}
|
|
|
|
}
|
2021-05-25 17:21:54 +00:00
|
|
|
}
|
|
|
|
|
2021-10-26 07:35:55 +00:00
|
|
|
// Parse string into key value pairs.
|
|
|
|
// The string format: [delim][key][padding]=[padding][value][delim]
|
|
|
|
template<char delim, char... padding>
|
|
|
|
static kv_pairs parse_impl(chars<padding...>, string_view str) {
|
|
|
|
kv_pairs kv;
|
|
|
|
char skip_array[] = {'=', padding...};
|
|
|
|
string_view skip(skip_array, std::size(skip_array));
|
2021-05-31 12:51:25 +00:00
|
|
|
bool quoted = false;
|
2021-10-26 07:35:55 +00:00
|
|
|
for (size_t pos = 0u; pos < str.size(); pos = str.find_first_not_of(delim, pos)) {
|
|
|
|
auto key = extract_quoted_str_until(
|
|
|
|
chars<padding..., delim>{}, chars<'='>{}, str, pos, quoted);
|
|
|
|
pos = str.find_first_not_of(skip, pos);
|
|
|
|
if (pos == string_view::npos || str[pos] == delim) {
|
2021-05-31 12:51:25 +00:00
|
|
|
kv.emplace_back(key, "");
|
|
|
|
continue;
|
2021-05-25 17:21:54 +00:00
|
|
|
}
|
2021-10-26 07:35:55 +00:00
|
|
|
auto value = extract_quoted_str_until(chars<delim>{}, chars<>{}, str, pos, quoted);
|
2021-05-31 12:51:25 +00:00
|
|
|
kv.emplace_back(key, value);
|
2021-05-25 17:21:54 +00:00
|
|
|
}
|
2021-05-31 12:51:25 +00:00
|
|
|
return kv;
|
|
|
|
}
|
|
|
|
|
2021-10-26 07:35:55 +00:00
|
|
|
static kv_pairs parse_cmdline(string_view str) {
|
|
|
|
return parse_impl<' '>(chars<>{}, str);
|
2021-05-31 12:51:25 +00:00
|
|
|
}
|
2021-10-26 07:35:55 +00:00
|
|
|
static kv_pairs parse_bootconfig(string_view str) {
|
|
|
|
return parse_impl<'\n'>(chars<' '>{}, str);
|
2019-05-27 07:29:43 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
#define test_bit(bit, array) (array[bit / 8] & (1 << (bit % 8)))
|
|
|
|
|
|
|
|
static bool check_key_combo() {
|
Introduce new sepolicy injection mechanism
In the current implementation, Magisk will either have to recreate
all early mount implementation (for legacy SAR and rootfs devices) or
delegate early mount to first stage init (for 2SI devices) to access
required partitions for loading sepolicy. It then has to recreate the
split sepolicy loading implementation in-house, apply patches, then
dump the compiled + patched policies into monolithic format somewhere.
Finally, it patches the original init to force it to load the sepolicy
file we just created.
With the increasing complexity involved in early mount and split
sepolicy (there is even APEX module involved in the future!),
it is about time to rethink Magisk's sepolicy strategy as rebuilding
init's functionality is not scalable and easy to maintain.
In this commit, instead of building sepolicy ourselves, we mock
selinuxfs with FIFO files connected to a pre-init daemon, waiting
for the actual init process to directly write the sepolicy file into
MagiskInit. We then patch the file and load it into the kernel. Some
FIFO tricks has to be used to hijack the original init process's
control flow and prevent race conditions, details are directly in the
comments in code.
At the moment, only system-as-root (read-only root) support is added.
Support for legacy rootfs devices will come with a follow up commit.
2022-03-16 07:31:53 +00:00
|
|
|
LOGD("Running in recovery mode, waiting for key...\n");
|
2020-12-31 06:11:24 +00:00
|
|
|
uint8_t bitmask[(KEY_MAX + 1) / 8];
|
|
|
|
vector<int> events;
|
|
|
|
constexpr const char *name = "/event";
|
|
|
|
|
|
|
|
for (int minor = 64; minor < 96; ++minor) {
|
|
|
|
if (xmknod(name, S_IFCHR | 0444, makedev(13, minor)))
|
|
|
|
continue;
|
|
|
|
int fd = open(name, O_RDONLY | O_CLOEXEC);
|
|
|
|
unlink(name);
|
|
|
|
if (fd < 0)
|
|
|
|
continue;
|
|
|
|
memset(bitmask, 0, sizeof(bitmask));
|
|
|
|
ioctl(fd, EVIOCGBIT(EV_KEY, sizeof(bitmask)), bitmask);
|
|
|
|
if (test_bit(KEY_VOLUMEUP, bitmask))
|
|
|
|
events.push_back(fd);
|
|
|
|
else
|
|
|
|
close(fd);
|
|
|
|
}
|
|
|
|
if (events.empty())
|
|
|
|
return false;
|
|
|
|
|
2021-05-31 12:51:25 +00:00
|
|
|
run_finally fin([&] { for_each(events.begin(), events.end(), close); });
|
2020-12-31 06:11:24 +00:00
|
|
|
|
|
|
|
// Return true if volume up key is held for more than 3 seconds
|
|
|
|
int count = 0;
|
|
|
|
for (int i = 0; i < 500; ++i) {
|
|
|
|
for (const int &fd : events) {
|
|
|
|
memset(bitmask, 0, sizeof(bitmask));
|
|
|
|
ioctl(fd, EVIOCGKEY(sizeof(bitmask)), bitmask);
|
|
|
|
if (test_bit(KEY_VOLUMEUP, bitmask)) {
|
|
|
|
count++;
|
|
|
|
break;
|
|
|
|
}
|
|
|
|
}
|
|
|
|
if (count >= 300) {
|
|
|
|
LOGD("KEY_VOLUMEUP detected: disable system-as-root\n");
|
|
|
|
return true;
|
|
|
|
}
|
|
|
|
// Check every 10ms
|
|
|
|
usleep(10000);
|
|
|
|
}
|
|
|
|
return false;
|
2019-05-27 07:29:43 +00:00
|
|
|
}
|
|
|
|
|
2020-06-01 11:15:37 +00:00
|
|
|
static FILE *kmsg;
|
|
|
|
static char kmsg_buf[4096];
|
|
|
|
static int vprintk(const char *fmt, va_list ap) {
|
2020-12-31 06:11:24 +00:00
|
|
|
vsnprintf(kmsg_buf + 12, sizeof(kmsg_buf) - 12, fmt, ap);
|
|
|
|
return fprintf(kmsg, "%s", kmsg_buf);
|
2020-06-01 11:15:37 +00:00
|
|
|
}
|
|
|
|
void setup_klog() {
|
2020-12-31 06:11:24 +00:00
|
|
|
// Shut down first 3 fds
|
|
|
|
int fd;
|
|
|
|
if (access("/dev/null", W_OK) == 0) {
|
|
|
|
fd = xopen("/dev/null", O_RDWR | O_CLOEXEC);
|
|
|
|
} else {
|
|
|
|
mknod("/null", S_IFCHR | 0666, makedev(1, 3));
|
|
|
|
fd = xopen("/null", O_RDWR | O_CLOEXEC);
|
|
|
|
unlink("/null");
|
|
|
|
}
|
|
|
|
xdup3(fd, STDIN_FILENO, O_CLOEXEC);
|
|
|
|
xdup3(fd, STDOUT_FILENO, O_CLOEXEC);
|
|
|
|
xdup3(fd, STDERR_FILENO, O_CLOEXEC);
|
|
|
|
if (fd > STDERR_FILENO)
|
|
|
|
close(fd);
|
|
|
|
|
|
|
|
if (access("/dev/kmsg", W_OK) == 0) {
|
|
|
|
fd = xopen("/dev/kmsg", O_WRONLY | O_CLOEXEC);
|
|
|
|
} else {
|
|
|
|
mknod("/kmsg", S_IFCHR | 0666, makedev(1, 11));
|
|
|
|
fd = xopen("/kmsg", O_WRONLY | O_CLOEXEC);
|
|
|
|
unlink("/kmsg");
|
|
|
|
}
|
|
|
|
|
|
|
|
kmsg = fdopen(fd, "w");
|
|
|
|
setbuf(kmsg, nullptr);
|
|
|
|
log_cb.d = log_cb.i = log_cb.w = log_cb.e = vprintk;
|
|
|
|
log_cb.ex = nop_ex;
|
|
|
|
strcpy(kmsg_buf, "magiskinit: ");
|
|
|
|
|
|
|
|
// Disable kmsg rate limiting
|
|
|
|
if (FILE *rate = fopen("/proc/sys/kernel/printk_devkmsg", "w")) {
|
|
|
|
fprintf(rate, "on\n");
|
|
|
|
fclose(rate);
|
|
|
|
}
|
2020-06-01 11:15:37 +00:00
|
|
|
}
|
|
|
|
|
2021-10-26 07:35:55 +00:00
|
|
|
void BootConfig::set(const kv_pairs &kv) {
|
|
|
|
for (const auto &[key, value] : kv) {
|
|
|
|
if (key == "androidboot.slot_suffix") {
|
2022-05-10 03:57:14 +00:00
|
|
|
// Many Amlogic devices are A-only but have slot_suffix...
|
|
|
|
if (value == "normal") {
|
|
|
|
LOGW("Skip invalid androidboot.slot_suffix=[normal]\n");
|
|
|
|
continue;
|
|
|
|
}
|
2021-10-26 07:35:55 +00:00
|
|
|
strlcpy(slot, value.data(), sizeof(slot));
|
|
|
|
} else if (key == "androidboot.slot") {
|
|
|
|
slot[0] = '_';
|
|
|
|
strlcpy(slot + 1, value.data(), sizeof(slot) - 1);
|
|
|
|
} else if (key == "skip_initramfs") {
|
|
|
|
skip_initramfs = true;
|
|
|
|
} else if (key == "androidboot.force_normal_boot") {
|
|
|
|
force_normal_boot = !value.empty() && value[0] == '1';
|
|
|
|
} else if (key == "rootwait") {
|
|
|
|
rootwait = true;
|
|
|
|
} else if (key == "androidboot.android_dt_dir") {
|
|
|
|
strlcpy(dt_dir, value.data(), sizeof(dt_dir));
|
|
|
|
} else if (key == "androidboot.hardware") {
|
|
|
|
strlcpy(hardware, value.data(), sizeof(hardware));
|
|
|
|
} else if (key == "androidboot.hardware.platform") {
|
|
|
|
strlcpy(hardware_plat, value.data(), sizeof(hardware_plat));
|
|
|
|
} else if (key == "androidboot.fstab_suffix") {
|
|
|
|
strlcpy(fstab_suffix, value.data(), sizeof(fstab_suffix));
|
2022-01-19 13:12:11 +00:00
|
|
|
} else if (key == "qemu") {
|
|
|
|
emulator = true;
|
2021-10-26 07:35:55 +00:00
|
|
|
}
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
void BootConfig::print() {
|
|
|
|
LOGD("skip_initramfs=[%d]\n", skip_initramfs);
|
|
|
|
LOGD("force_normal_boot=[%d]\n", force_normal_boot);
|
|
|
|
LOGD("rootwait=[%d]\n", rootwait);
|
|
|
|
LOGD("slot=[%s]\n", slot);
|
|
|
|
LOGD("dt_dir=[%s]\n", dt_dir);
|
|
|
|
LOGD("fstab_suffix=[%s]\n", fstab_suffix);
|
|
|
|
LOGD("hardware=[%s]\n", hardware);
|
|
|
|
LOGD("hardware.platform=[%s]\n", hardware_plat);
|
2022-01-19 13:12:11 +00:00
|
|
|
LOGD("emulator=[%d]\n", emulator);
|
2021-10-26 07:35:55 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
#define read_dt(name, key) \
|
2021-11-02 11:41:20 +00:00
|
|
|
snprintf(file_name, sizeof(file_name), "%s/" name, config->dt_dir); \
|
2021-10-26 07:35:55 +00:00
|
|
|
if (access(file_name, R_OK) == 0) { \
|
|
|
|
string data = full_read(file_name); \
|
|
|
|
if (!data.empty()) { \
|
|
|
|
data.pop_back(); \
|
|
|
|
strlcpy(config->key, data.data(), sizeof(config->key)); \
|
|
|
|
} \
|
2020-12-09 12:22:17 +00:00
|
|
|
}
|
|
|
|
|
2021-10-26 07:35:55 +00:00
|
|
|
void load_kernel_info(BootConfig *config) {
|
2020-12-31 06:11:24 +00:00
|
|
|
// Get kernel data using procfs and sysfs
|
|
|
|
xmkdir("/proc", 0755);
|
|
|
|
xmount("proc", "/proc", "proc", 0, nullptr);
|
|
|
|
xmkdir("/sys", 0755);
|
|
|
|
xmount("sysfs", "/sys", "sysfs", 0, nullptr);
|
|
|
|
|
2021-01-15 05:14:54 +00:00
|
|
|
mount_list.emplace_back("/proc");
|
|
|
|
mount_list.emplace_back("/sys");
|
|
|
|
|
2020-12-31 06:11:24 +00:00
|
|
|
// Log to kernel
|
|
|
|
setup_klog();
|
|
|
|
|
2021-10-26 07:35:55 +00:00
|
|
|
config->set(parse_cmdline(full_read("/proc/cmdline")));
|
|
|
|
config->set(parse_bootconfig(full_read("/proc/bootconfig")));
|
2021-05-25 17:21:54 +00:00
|
|
|
|
2020-12-31 06:11:24 +00:00
|
|
|
parse_prop_file("/.backup/.magisk", [=](auto key, auto value) -> bool {
|
|
|
|
if (key == "RECOVERYMODE" && value == "true") {
|
2022-01-19 13:12:11 +00:00
|
|
|
config->skip_initramfs = config->emulator || !check_key_combo();
|
2020-12-31 06:11:24 +00:00
|
|
|
return false;
|
|
|
|
}
|
|
|
|
return true;
|
|
|
|
});
|
|
|
|
|
2021-10-26 07:35:55 +00:00
|
|
|
if (config->dt_dir[0] == '\0')
|
|
|
|
strlcpy(config->dt_dir, DEFAULT_DT_DIR, sizeof(config->dt_dir));
|
2020-12-31 06:11:24 +00:00
|
|
|
|
|
|
|
char file_name[128];
|
|
|
|
read_dt("fstab_suffix", fstab_suffix)
|
|
|
|
read_dt("hardware", hardware)
|
|
|
|
read_dt("hardware.platform", hardware_plat)
|
2022-01-20 08:18:46 +00:00
|
|
|
|
|
|
|
LOGD("Device config:\n");
|
|
|
|
config->print();
|
2019-05-27 07:29:43 +00:00
|
|
|
}
|
2020-09-03 04:20:00 +00:00
|
|
|
|
|
|
|
bool check_two_stage() {
|
2020-12-31 06:11:24 +00:00
|
|
|
if (access("/apex", F_OK) == 0)
|
|
|
|
return true;
|
|
|
|
if (access("/system/bin/init", F_OK) == 0)
|
|
|
|
return true;
|
|
|
|
// If we still have no indication, parse the original init and see what's up
|
2021-11-30 09:50:55 +00:00
|
|
|
auto init = mmap_data(backup_init());
|
2020-12-31 06:11:24 +00:00
|
|
|
return init.contains("selinux_setup");
|
2020-09-03 04:20:00 +00:00
|
|
|
}
|
2021-10-31 01:59:20 +00:00
|
|
|
|
|
|
|
const char *backup_init() {
|
|
|
|
if (access("/.backup/init.real", F_OK) == 0)
|
|
|
|
return "/.backup/init.real";
|
|
|
|
return "/.backup/init";
|
|
|
|
}
|