Files
Magisk/native/src/core/module.cpp

488 lines
16 KiB
C++
Raw Normal View History

#include <sys/mount.h>
#include <map>
#include <utility>
2022-05-12 02:03:42 -07:00
#include <base.hpp>
#include <magisk.hpp>
2021-09-16 05:27:34 -07:00
#include <daemon.hpp>
#include <selinux.hpp>
#include <resetprop.hpp>
2021-01-11 02:19:10 -08:00
#include "core.hpp"
#include "node.hpp"
2021-01-11 02:19:10 -08:00
using namespace std;
2020-06-01 04:22:57 -07:00
#define VLOGD(tag, from, to) LOGD("%-8s: %s <- %s\n", tag, to, from)
static int bind_mount(const char *reason, const char *from, const char *to) {
Refactor magic mount to support overlayfs Previously, magic mount creates its own mirror devices and mount mirror mount points. With these mirror mount points, magic mount can get the original files and directory trees. However, some devices use overlayfs to modify some mount points, and thus after magic mount, the overlayed files are missing because the mirror mount points do not contain the overlayed files. To address this issue and make magic mount more compatible, this patch refactors how magic mount works. The new workflows are as follows: 1. make MAGISKTMP a private mount point so that we can create the private mount points there 2. for mirror mount points, we instead of creating our own mirror devices and mount the mirror mount points, we "copy" the original mount points by recursively mounting / 3. to prevent magic mount affecting the mirror mount points, we recursively set the mirror mount points private 4. to trace the mount points we created for reverting mounts, we again make the mirror mount points shared, and by this way we create a new peer group for each mirror mount points 5. as for tracing the newly created tmpfs mount point by magic mount, we create a dedicated tmpfs mount point for them, namely worker mount point, and obviously, it is shared as in a newly created peer group for tracing 6. when reverting mount points by magic mount, we can then trace the peer group id and unmount the mount points whose peer group ids are created by us The advantages are as follows: 1. it is more compatible, (e.g., with overlayfs, fix #2359) 2. it can mount more partitions for which previous implementation cannot create mirror mount points (fix #3338)
2022-12-27 04:30:12 +08:00
int ret = xmount(from, to, nullptr, MS_BIND | MS_REC, nullptr);
if (ret == 0)
VLOGD(reason, from, to);
return ret;
}
2021-08-28 10:27:45 -07:00
string node_entry::module_mnt;
string node_entry::mirror_dir;
/*************************
* Node Tree Construction
*************************/
2021-08-28 10:27:45 -07:00
tmpfs_node::tmpfs_node(node_entry *node) : dir_node(node, this) {
if (!skip_mirror) {
string mirror = mirror_path();
if (auto dir = open_dir(mirror.data())) {
set_exist(true);
for (dirent *entry; (entry = xreaddir(dir.get()));) {
if (entry->d_type == DT_DIR) {
// create a dummy inter_node to upgrade later
emplace<inter_node>(entry->d_name, entry->d_name);
} else {
// Insert mirror nodes
emplace<mirror_node>(entry->d_name, entry);
}
}
}
}
for (auto it = children.begin(); it != children.end(); ++it) {
2021-08-28 10:27:45 -07:00
// Need to upgrade all inter_node children to tmpfs_node
if (isa<inter_node>(it->second))
2021-08-28 10:27:45 -07:00
it = upgrade<tmpfs_node>(it);
}
}
bool dir_node::prepare() {
bool to_tmpfs = skip_mirror;
if (!exist()) {
// If not exist, we need to create it by mounting tmpfs
to_tmpfs = true;
set_exist(true);
}
for (auto it = children.begin(); it != children.end();) {
// We need to upgrade to tmpfs node if any child:
// - Target does not exist
// - Source or target is a symlink (since we cannot bind mount symlink)
bool cannot_mnt;
if (struct stat st{}; lstat(it->second->node_path().data(), &st) != 0) {
cannot_mnt = true;
} else {
it->second->set_exist(true);
cannot_mnt = it->second->is_lnk() || S_ISLNK(st.st_mode);
}
if (cannot_mnt) {
if (_node_type > type_id<tmpfs_node>()) {
// Upgrade will fail, remove the unsupported child node
LOGW("Unable to add: %s, skipped\n", it->second->node_path().data());
delete it->second;
it = children.erase(it);
continue;
}
2021-08-28 10:27:45 -07:00
// Tell parent to upgrade self to tmpfs
to_tmpfs = true;
}
if (auto dn = dyn_cast<dir_node>(it->second)) {
if (skip_mirror) {
dn->skip_mirror = true;
}
if (dn->prepare()) {
// Upgrade child to tmpfs
it = upgrade<tmpfs_node>(it);
}
}
++it;
}
return to_tmpfs;
}
void dir_node::collect_module_files(const char *module, int dfd) {
auto dir = xopen_dir(xopenat(dfd, name().data(), O_RDONLY | O_CLOEXEC));
if (!dir)
return;
for (dirent *entry; (entry = xreaddir(dir.get()));) {
inter_node *dn;
if (entry->d_name == ".replace"sv) {
skip_mirror = true;
continue;
}
if (entry->d_type == DT_DIR) {
if (auto it = children.find(entry->d_name); it == children.end()) {
dn = emplace<inter_node>(entry->d_name, entry->d_name);
} else {
dn = dyn_cast<inter_node>(it->second);
}
if (dn) {
dn->collect_module_files(module, dirfd(dir.get()));
}
} else {
emplace<module_node>(entry->d_name, module, entry);
}
}
}
/************************
* Mount Implementations
************************/
void node_entry::create_and_mount(const char *reason, const string &src) {
const string &dest = node_path();
if (is_lnk()) {
VLOGD("cp_link", src.data(), dest.data());
cp_afc(src.data(), dest.data());
} else {
if (is_dir())
xmkdir(dest.data(), 0);
else if (is_reg())
close(xopen(dest.data(), O_RDONLY | O_CREAT | O_CLOEXEC, 0));
else
return;
bind_mount(reason, src.data(), dest.data());
}
}
void mirror_node::mount() {
create_and_mount("mirror", mirror_path());
}
void module_node::mount() {
string src = module_mnt + module + parent()->root()->prefix + node_path();
if (exist())
clone_attr(mirror_path().data(), src.data());
2021-08-28 10:27:45 -07:00
if (isa<tmpfs_node>(parent()))
create_and_mount("module", src);
else
bind_mount("module", src.data(), node_path().data());
}
2021-08-28 10:27:45 -07:00
void tmpfs_node::mount() {
string src = mirror_path();
const string &dest = node_path();
file_attr a{};
if (access(src.data(), F_OK) == 0)
getattr(src.data(), &a);
else
getattr(parent()->node_path().data(), &a);
2021-08-28 10:27:45 -07:00
if (!isa<tmpfs_node>(parent())) {
auto worker_dir = MAGISKTMP + "/" WORKERDIR + dest;
mkdirs(worker_dir.data(), 0);
create_and_mount(skip_mirror ? "replace" : "tmpfs", worker_dir);
} else {
// We don't need another layer of tmpfs if parent is tmpfs
mkdir(dest.data(), 0);
}
setattr(dest.data(), &a);
dir_node::mount();
}
/****************
* Magisk Stuffs
****************/
2020-04-18 05:15:59 -07:00
class magisk_node : public node_entry {
public:
explicit magisk_node(const char *name) : node_entry(name, DT_REG, this) {}
void mount() override {
2022-07-22 16:53:33 +08:00
const string src = MAGISKTMP + "/" + name();
if (access(src.data(), F_OK))
return;
const string &dir_name = parent()->node_path();
if (name() == "magisk") {
for (int i = 0; applet_names[i]; ++i) {
string dest = dir_name + "/" + applet_names[i];
VLOGD("create", "./magisk", dest.data());
xsymlink("./magisk", dest.data());
}
} else {
2022-03-17 03:15:39 -07:00
string dest = dir_name + "/supolicy";
VLOGD("create", "./magiskpolicy", dest.data());
xsymlink("./magiskpolicy", dest.data());
}
create_and_mount("magisk", src);
}
2020-04-18 05:15:59 -07:00
};
static void inject_magisk_bins(root_node *system) {
auto bin = system->get_child<inter_node>("bin");
if (!bin) {
bin = new inter_node("bin");
system->insert(bin);
}
// Insert binaries
bin->insert(new magisk_node("magisk"));
2022-03-17 03:15:39 -07:00
bin->insert(new magisk_node("magiskpolicy"));
// Also delete all applets to make sure no modules can override it
for (int i = 0; applet_names[i]; ++i)
delete bin->extract(applet_names[i]);
2022-03-17 03:15:39 -07:00
delete bin->extract("supolicy");
2020-04-18 05:15:59 -07:00
}
2022-01-14 03:10:02 -08:00
vector<module_info> *module_list;
int app_process_32 = -1;
int app_process_64 = -1;
#define mount_zygisk(bit) \
if (access("/system/bin/app_process" #bit, F_OK) == 0) { \
app_process_##bit = xopen("/system/bin/app_process" #bit, O_RDONLY | O_CLOEXEC); \
string zbin = zygisk_bin + "/app_process" #bit; \
string mbin = MAGISKTMP + "/magisk" #bit; \
int src = xopen(mbin.data(), O_RDONLY | O_CLOEXEC); \
int out = xopen(zbin.data(), O_CREAT | O_WRONLY | O_CLOEXEC, 0); \
xsendfile(out, src, nullptr, INT_MAX); \
close(out); \
2022-06-01 01:50:42 -07:00
close(src); \
clone_attr("/system/bin/app_process" #bit, zbin.data()); \
bind_mount("zygisk", zbin.data(), "/system/bin/app_process" #bit); \
2021-09-15 01:59:43 -07:00
}
void load_modules() {
node_entry::mirror_dir = MAGISKTMP + "/" MIRRDIR;
node_entry::module_mnt = MAGISKTMP + "/" MODULEMNT "/";
auto root = make_unique<root_node>("");
auto system = new root_node("system");
root->insert(system);
char buf[4096];
LOGI("* Loading modules\n");
for (const auto &m : *module_list) {
const char *module = m.name.data();
char *b = buf + sprintf(buf, "%s/" MODULEMNT "/%s/", MAGISKTMP.data(), module);
// Read props
strcpy(b, "system.prop");
if (access(buf, F_OK) == 0) {
LOGI("%s: loading [system.prop]\n", module);
load_prop_file(buf, false);
}
// Check whether skip mounting
strcpy(b, "skip_mount");
if (access(buf, F_OK) == 0)
continue;
// Double check whether the system folder exists
strcpy(b, "system");
if (access(buf, F_OK) != 0)
continue;
LOGI("%s: loading mount files\n", module);
b[-1] = '\0';
int fd = xopen(buf, O_RDONLY | O_CLOEXEC);
system->collect_module_files(module, fd);
close(fd);
}
if (MAGISKTMP != "/sbin" || !str_contains(getenv("PATH") ?: "", "/sbin")) {
// Need to inject our binaries into /system/bin
inject_magisk_bins(system);
}
if (!system->is_empty()) {
// Handle special read-only partitions
Refactor magic mount to support overlayfs Previously, magic mount creates its own mirror devices and mount mirror mount points. With these mirror mount points, magic mount can get the original files and directory trees. However, some devices use overlayfs to modify some mount points, and thus after magic mount, the overlayed files are missing because the mirror mount points do not contain the overlayed files. To address this issue and make magic mount more compatible, this patch refactors how magic mount works. The new workflows are as follows: 1. make MAGISKTMP a private mount point so that we can create the private mount points there 2. for mirror mount points, we instead of creating our own mirror devices and mount the mirror mount points, we "copy" the original mount points by recursively mounting / 3. to prevent magic mount affecting the mirror mount points, we recursively set the mirror mount points private 4. to trace the mount points we created for reverting mounts, we again make the mirror mount points shared, and by this way we create a new peer group for each mirror mount points 5. as for tracing the newly created tmpfs mount point by magic mount, we create a dedicated tmpfs mount point for them, namely worker mount point, and obviously, it is shared as in a newly created peer group for tracing 6. when reverting mount points by magic mount, we can then trace the peer group id and unmount the mount points whose peer group ids are created by us The advantages are as follows: 1. it is more compatible, (e.g., with overlayfs, fix #2359) 2. it can mount more partitions for which previous implementation cannot create mirror mount points (fix #3338)
2022-12-27 04:30:12 +08:00
for (const char *part : { "/vendor", "/vendor_dlkm","/product",
"/system_ext", "/system_dlkm",
"/odm", "/odm_dlkm" }) {
2022-07-22 16:53:33 +08:00
struct stat st{};
if (lstat(part, &st) == 0 && S_ISDIR(st.st_mode)) {
if (auto old = system->extract(part + 1)) {
auto new_node = new root_node(old);
root->insert(new_node);
}
}
}
root->prepare();
root->mount();
}
2021-09-15 01:59:43 -07:00
// Mount on top of modules to enable zygisk
2021-09-15 02:49:54 -07:00
if (zygisk_enabled) {
string zygisk_bin = MAGISKTMP + "/" ZYGISKBIN;
mkdir(zygisk_bin.data(), 0);
mount_zygisk(32)
mount_zygisk(64)
}
}
/************************
* Filesystem operations
************************/
static void prepare_modules() {
// Upgrade modules
if (auto dir = open_dir(MODULEUPGRADE); dir) {
int ufd = dirfd(dir.get());
int mfd = xopen(MODULEROOT, O_RDONLY | O_CLOEXEC);
for (dirent *entry; (entry = xreaddir(dir.get()));) {
if (entry->d_type == DT_DIR) {
// Cleanup old module if exists
if (faccessat(mfd, entry->d_name, F_OK, 0) == 0) {
int modfd = xopenat(mfd, entry->d_name, O_RDONLY | O_CLOEXEC);
if (faccessat(modfd, "disable", F_OK, 0) == 0) {
auto disable = entry->d_name + "/disable"s;
close(xopenat(ufd, disable.data(), O_RDONLY | O_CREAT | O_CLOEXEC, 0));
}
frm_rf(modfd);
unlinkat(mfd, entry->d_name, AT_REMOVEDIR);
}
LOGI("Upgrade / New module: %s\n", entry->d_name);
renameat(ufd, entry->d_name, mfd, entry->d_name);
}
}
close(mfd);
rm_rf(MODULEUPGRADE);
}
}
template<typename Func>
2020-10-25 21:41:14 -07:00
static void foreach_module(Func fn) {
auto dir = open_dir(MODULEROOT);
if (!dir)
return;
int dfd = dirfd(dir.get());
for (dirent *entry; (entry = xreaddir(dir.get()));) {
if (entry->d_type == DT_DIR && entry->d_name != ".core"sv) {
int modfd = xopenat(dfd, entry->d_name, O_RDONLY | O_CLOEXEC);
fn(dfd, entry, modfd);
close(modfd);
}
}
}
2021-10-13 04:52:02 -07:00
static void collect_modules(bool open_zygisk) {
foreach_module([=](int dfd, dirent *entry, int modfd) {
if (faccessat(modfd, "remove", F_OK, 0) == 0) {
LOGI("%s: remove\n", entry->d_name);
auto uninstaller = MODULEROOT + "/"s + entry->d_name + "/uninstall.sh";
if (access(uninstaller.data(), F_OK) == 0)
exec_script(uninstaller.data());
frm_rf(xdup(modfd));
unlinkat(dfd, entry->d_name, AT_REMOVEDIR);
return;
}
unlinkat(modfd, "update", 0);
if (faccessat(modfd, "disable", F_OK, 0) == 0)
return;
2021-10-13 04:52:02 -07:00
module_info info;
if (zygisk_enabled) {
// Riru and its modules are not compatible with zygisk
if (entry->d_name == "riru-core"sv || faccessat(modfd, "riru", F_OK, 0) == 0) {
LOGI("%s: ignore\n", entry->d_name);
return;
}
if (open_zygisk) {
2021-10-13 04:52:02 -07:00
#if defined(__arm__)
info.z32 = openat(modfd, "zygisk/armeabi-v7a.so", O_RDONLY | O_CLOEXEC);
#elif defined(__aarch64__)
info.z32 = openat(modfd, "zygisk/armeabi-v7a.so", O_RDONLY | O_CLOEXEC);
info.z64 = openat(modfd, "zygisk/arm64-v8a.so", O_RDONLY | O_CLOEXEC);
#elif defined(__i386__)
info.z32 = openat(modfd, "zygisk/x86.so", O_RDONLY | O_CLOEXEC);
#elif defined(__x86_64__)
info.z32 = openat(modfd, "zygisk/x86.so", O_RDONLY | O_CLOEXEC);
info.z64 = openat(modfd, "zygisk/x86_64.so", O_RDONLY | O_CLOEXEC);
#else
#error Unsupported ABI
#endif
2022-01-21 04:43:27 -08:00
unlinkat(modfd, "zygisk/unloaded", 0);
}
} else {
// Ignore zygisk modules when zygisk is not enabled
if (faccessat(modfd, "zygisk", F_OK, 0) == 0) {
LOGI("%s: ignore\n", entry->d_name);
return;
}
2021-10-13 04:52:02 -07:00
}
info.name = entry->d_name;
2022-01-14 03:10:02 -08:00
module_list->push_back(info);
});
if (zygisk_enabled) {
bool use_memfd = true;
auto convert_to_memfd = [&](int fd) -> int {
if (fd < 0)
return -1;
if (use_memfd) {
int memfd = syscall(__NR_memfd_create, "jit-cache", MFD_CLOEXEC);
if (memfd >= 0) {
xsendfile(memfd, fd, nullptr, INT_MAX);
close(fd);
return memfd;
} else {
// memfd_create failed, just use what we had
use_memfd = false;
}
}
return fd;
};
2022-01-14 03:10:02 -08:00
std::for_each(module_list->begin(), module_list->end(), [&](module_info &info) {
info.z32 = convert_to_memfd(info.z32);
#if defined(__LP64__)
info.z64 = convert_to_memfd(info.z64);
#endif
});
}
}
void handle_modules() {
prepare_modules();
2021-10-13 04:52:02 -07:00
collect_modules(false);
exec_module_scripts("post-fs-data");
// Recollect modules (module scripts could remove itself)
2022-01-14 03:10:02 -08:00
module_list->clear();
2021-10-13 04:52:02 -07:00
collect_modules(true);
}
2020-04-30 01:26:50 -07:00
static int check_rules_dir(char *buf, size_t sz) {
int off = ssprintf(buf, sz, "%s/%s", MAGISKTMP.data(), RULESDIR);
struct stat st1{};
struct stat st2{};
if (xstat(buf, &st1) < 0 || xstat(MODULEROOT, &st2) < 0)
return 0;
if (st1.st_dev == st2.st_dev && st1.st_ino == st2.st_ino)
return 0;
return off;
}
void disable_modules() {
char buf[4096];
int off = check_rules_dir(buf, sizeof(buf));
foreach_module([&](int, dirent *entry, int modfd) {
close(xopenat(modfd, "disable", O_RDONLY | O_CREAT | O_CLOEXEC, 0));
if (off) {
2023-01-20 14:41:22 +08:00
ssprintf(buf + off, sizeof(buf) - off, "/%s/sepolicy.rule", entry->d_name);
unlink(buf);
}
});
}
2020-04-30 01:26:50 -07:00
void remove_modules() {
char buf[4096];
int off = check_rules_dir(buf, sizeof(buf));
foreach_module([&](int, dirent *entry, int) {
auto uninstaller = MODULEROOT + "/"s + entry->d_name + "/uninstall.sh";
if (access(uninstaller.data(), F_OK) == 0)
exec_script(uninstaller.data());
if (off) {
2023-01-20 14:41:22 +08:00
ssprintf(buf + off, sizeof(buf) - off, "/%s/sepolicy.rule", entry->d_name);
unlink(buf);
}
});
rm_rf(MODULEROOT);
2020-04-30 01:26:50 -07:00
}
2020-05-18 05:36:02 -07:00
void exec_module_scripts(const char *stage) {
2021-10-13 04:52:02 -07:00
vector<string_view> module_names;
2022-01-14 03:10:02 -08:00
std::transform(module_list->begin(), module_list->end(), std::back_inserter(module_names),
[](const module_info &info) -> string_view { return info.name; });
2021-10-13 04:52:02 -07:00
exec_module_scripts(stage, module_names);
}