mirror of
https://github.com/topjohnwu/Magisk.git
synced 2024-11-27 12:05:30 +00:00
Handle MagiskSU and MagiskHide differently
This commit is contained in:
parent
b4fe4f3d10
commit
0d10b812fe
@ -42,9 +42,10 @@ int hideMagisk() {
|
|||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
// First unmount the dummy skeletons and the cache mounts
|
// First unmount the dummy skeletons, cache mounts, and /sbin links
|
||||||
for(i = mount_size - 1; i >= 0; --i) {
|
for(i = mount_size - 1; i >= 0; --i) {
|
||||||
if (strstr(mount_list[i], "tmpfs /system") || strstr(mount_list[i], "tmpfs /vendor")
|
if (strstr(mount_list[i], "tmpfs /system") || strstr(mount_list[i], "tmpfs /vendor")
|
||||||
|
|| strstr(mount_list[i], "tmpfs /sbin")
|
||||||
|| (strstr(mount_list[i], cache_block) && strstr(mount_list[i], "/system/")) ) {
|
|| (strstr(mount_list[i], cache_block) && strstr(mount_list[i], "/system/")) ) {
|
||||||
sscanf(mount_list[i], "%*s %512s", buffer);
|
sscanf(mount_list[i], "%*s %512s", buffer);
|
||||||
lazy_unmount(buffer);
|
lazy_unmount(buffer);
|
||||||
|
@ -1 +1 @@
|
|||||||
Subproject commit ca75dd07283ff5fb9fec32f106ba8c58642742a0
|
Subproject commit 2e6bea23acc073aa9b3890c50342dd4a3dc8e754
|
@ -248,9 +248,11 @@ is_mounted /data && MAGISKBIN=/data/magisk || MAGISKBIN=/cache/data_bin
|
|||||||
# Copy required files
|
# Copy required files
|
||||||
rm -rf $MAGISKBIN 2>/dev/null
|
rm -rf $MAGISKBIN 2>/dev/null
|
||||||
mkdir -p $MAGISKBIN
|
mkdir -p $MAGISKBIN
|
||||||
cp -af $BINDIR/busybox $BINDIR/magiskpolicy $BINDIR/resetprop $BINDIR/magiskboot \
|
cp -af $BINDIR/. $COMMONDIR/ramdisk_patch.sh $COMMONDIR/magic_mask.sh \
|
||||||
$COMMONDIR/ramdisk_patch.sh $COMMONDIR/init.magisk.rc \
|
$COMMONDIR/init.magisk.rc $COMMONDIR/magisk.apk $MAGISKBIN
|
||||||
$COMMONDIR/magic_mask.sh $COMMONDIR/magisk.apk $MAGISKBIN
|
# Legacy support
|
||||||
|
ln -sf /data/magisk/magiskpolicy $MAGISKBIN/sepolicy-inject
|
||||||
|
|
||||||
chmod -R 755 $MAGISKBIN
|
chmod -R 755 $MAGISKBIN
|
||||||
chcon -h u:object_r:system_file:s0 $MAGISKBIN $MAGISKBIN/*
|
chcon -h u:object_r:system_file:s0 $MAGISKBIN $MAGISKBIN/*
|
||||||
|
|
||||||
@ -416,18 +418,10 @@ MAGISKLOOP=$LOOPDEVICE
|
|||||||
|
|
||||||
# Core folders and scripts
|
# Core folders and scripts
|
||||||
mkdir -p $COREDIR/magiskhide $COREDIR/post-fs-data.d $COREDIR/service.d 2>/dev/null
|
mkdir -p $COREDIR/magiskhide $COREDIR/post-fs-data.d $COREDIR/service.d 2>/dev/null
|
||||||
cp -af $COMMONDIR/magiskhide/. $BINDIR/magiskhide $COREDIR/magiskhide
|
cp -af $COMMONDIR/magiskhide/. $COREDIR/magiskhide
|
||||||
chmod -R 755 $COREDIR/magiskhide $COREDIR/post-fs-data.d $COREDIR/service.d
|
chmod -R 755 $COREDIR/magiskhide $COREDIR/post-fs-data.d $COREDIR/service.d
|
||||||
chown -R 0.0 $COREDIR/magiskhide $COREDIR/post-fs-data.d $COREDIR/service.d
|
chown -R 0.0 $COREDIR/magiskhide $COREDIR/post-fs-data.d $COREDIR/service.d
|
||||||
|
|
||||||
if ! $SUPERSU; then
|
|
||||||
ui_print "- Installing MagiskSU"
|
|
||||||
mkdir -p $COREDIR/su 2>/dev/null
|
|
||||||
cp -af $BINDIR/su $COMMONDIR/magisksu.sh $COREDIR/su
|
|
||||||
chmod -R 755 $COREDIR/su
|
|
||||||
chown -R 0.0 $COREDIR/su
|
|
||||||
fi
|
|
||||||
|
|
||||||
##########################################################################################
|
##########################################################################################
|
||||||
# Repack and flash
|
# Repack and flash
|
||||||
##########################################################################################
|
##########################################################################################
|
||||||
|
@ -3,13 +3,12 @@
|
|||||||
on post-fs
|
on post-fs
|
||||||
start magisk_pfs
|
start magisk_pfs
|
||||||
wait /dev/.magisk.unblock 20
|
wait /dev/.magisk.unblock 20
|
||||||
rm /dev/.magisk.unblock
|
|
||||||
|
|
||||||
on post-fs-data
|
on post-fs-data
|
||||||
|
rm /dev/.magisk.unblock
|
||||||
load_persist_props
|
load_persist_props
|
||||||
start magisk_pfsd
|
start magisk_pfsd
|
||||||
wait /dev/.magisk.unblock 60
|
wait /dev/.magisk.unblock 60
|
||||||
rm /dev/.magisk.unblock
|
|
||||||
|
|
||||||
on property:magisk.restart_pfsd=1
|
on property:magisk.restart_pfsd=1
|
||||||
trigger post-fs-data
|
trigger post-fs-data
|
||||||
|
@ -171,7 +171,7 @@ clone_dummy() {
|
|||||||
cp -afc "$ITEM" "$DUMMDIR$REAL"
|
cp -afc "$ITEM" "$DUMMDIR$REAL"
|
||||||
else
|
else
|
||||||
if $LINK && [ ! -e "$MOUNTINFO$REAL" ]; then
|
if $LINK && [ ! -e "$MOUNTINFO$REAL" ]; then
|
||||||
ln -s "$MIRRDIR$REAL" "$DUMMDIR$REAL"
|
ln -sf "$MIRRDIR$REAL" "$DUMMDIR$REAL"
|
||||||
else
|
else
|
||||||
if [ -d "$ITEM" ]; then
|
if [ -d "$ITEM" ]; then
|
||||||
mkdir -p "$DUMMDIR$REAL"
|
mkdir -p "$DUMMDIR$REAL"
|
||||||
@ -317,7 +317,7 @@ case $1 in
|
|||||||
# Set up environment
|
# Set up environment
|
||||||
mkdir -p $TOOLPATH
|
mkdir -p $TOOLPATH
|
||||||
$BINPATH/busybox --install -s $TOOLPATH
|
$BINPATH/busybox --install -s $TOOLPATH
|
||||||
ln -s $BINPATH/busybox $TOOLPATH/busybox
|
ln -sf $BINPATH/busybox $TOOLPATH/busybox
|
||||||
# Prevent issues
|
# Prevent issues
|
||||||
rm -f $TOOLPATH/su $TOOLPATH/sh $TOOLPATH/reboot
|
rm -f $TOOLPATH/su $TOOLPATH/sh $TOOLPATH/reboot
|
||||||
chmod -R 755 $TOOLPATH
|
chmod -R 755 $TOOLPATH
|
||||||
@ -346,7 +346,7 @@ case $1 in
|
|||||||
# Remove empty directories, legacy paths, symlinks, old temporary images
|
# Remove empty directories, legacy paths, symlinks, old temporary images
|
||||||
find $MOUNTPOINT -type d -depth ! -path "*core*" -exec rmdir {} \; 2>/dev/null
|
find $MOUNTPOINT -type d -depth ! -path "*core*" -exec rmdir {} \; 2>/dev/null
|
||||||
rm -rf $MOUNTPOINT/zzsupersu $MOUNTPOINT/phh $COREDIR/bin $COREDIR/dummy $COREDIR/mirror \
|
rm -rf $MOUNTPOINT/zzsupersu $MOUNTPOINT/phh $COREDIR/bin $COREDIR/dummy $COREDIR/mirror \
|
||||||
$COREDIR/busybox /data/magisk/*.img /data/busybox 2>/dev/null
|
$COREDIR/busybox $COREDIR/su /data/magisk/*.img /data/busybox 2>/dev/null
|
||||||
|
|
||||||
# Remove modules that are labeled to be removed
|
# Remove modules that are labeled to be removed
|
||||||
for MOD in $MOUNTPOINT/* ; do
|
for MOD in $MOUNTPOINT/* ; do
|
||||||
@ -374,10 +374,21 @@ case $1 in
|
|||||||
fi
|
fi
|
||||||
fi
|
fi
|
||||||
|
|
||||||
# Start MagiskSU if no SuperSU
|
log_print "* Linking binaries to /sbin"
|
||||||
export PATH=$OLDPATH
|
mount -o rw,remount rootfs /
|
||||||
[ ! -f /sbin/launch_daemonsu.sh ] && sh $COREDIR/su/magisksu.sh
|
chmod 755 /sbin
|
||||||
export PATH=$TOOLPATH:$OLDPATH
|
ln -sf $BINPATH/magiskpolicy /sbin/magiskpolicy
|
||||||
|
ln -sf $BINPATH/magiskpolicy /sbin/sepolicy-inject
|
||||||
|
ln -sf $BINPATH/resetprop /sbin/resetprop
|
||||||
|
if [ ! -f /sbin/launch_daemonsu.sh ]; then
|
||||||
|
log_print "* Starting MagiskSU"
|
||||||
|
export PATH=$OLDPATH
|
||||||
|
ln -sf $BINPATH/su /sbin/su
|
||||||
|
ln -sf $BINPATH/magiskpolicy /sbin/supolicy
|
||||||
|
/sbin/su --daemon
|
||||||
|
export PATH=$TOOLPATH:$OLDPATH
|
||||||
|
fi
|
||||||
|
mount -o ro,remount rootfs /
|
||||||
|
|
||||||
[ -f $DISABLEFILE ] && unblock
|
[ -f $DISABLEFILE ] && unblock
|
||||||
|
|
||||||
@ -389,7 +400,7 @@ case $1 in
|
|||||||
# Link vendor if not exist
|
# Link vendor if not exist
|
||||||
if [ ! -e /vendor ]; then
|
if [ ! -e /vendor ]; then
|
||||||
mount -o rw,remount rootfs /
|
mount -o rw,remount rootfs /
|
||||||
ln -s /system/vendor /vendor
|
ln -sf /system/vendor /vendor
|
||||||
mount -o ro,remount rootfs /
|
mount -o ro,remount rootfs /
|
||||||
fi
|
fi
|
||||||
|
|
||||||
@ -402,7 +413,7 @@ case $1 in
|
|||||||
(travel system)
|
(travel system)
|
||||||
rm -f $MOD/vendor 2>/dev/null
|
rm -f $MOD/vendor 2>/dev/null
|
||||||
if [ -d $MOD/system/vendor ]; then
|
if [ -d $MOD/system/vendor ]; then
|
||||||
ln -s $MOD/system/vendor $MOD/vendor
|
ln -sf $MOD/system/vendor $MOD/vendor
|
||||||
(travel vendor)
|
(travel vendor)
|
||||||
fi
|
fi
|
||||||
fi
|
fi
|
||||||
@ -434,7 +445,7 @@ case $1 in
|
|||||||
mkdir -p $MIRRDIR/vendor
|
mkdir -p $MIRRDIR/vendor
|
||||||
mount -o ro $VENDORBLOCK $MIRRDIR/vendor
|
mount -o ro $VENDORBLOCK $MIRRDIR/vendor
|
||||||
else
|
else
|
||||||
ln -s $MIRRDIR/system/vendor $MIRRDIR/vendor
|
ln -sf $MIRRDIR/system/vendor $MIRRDIR/vendor
|
||||||
fi
|
fi
|
||||||
|
|
||||||
# Since mirrors always exist, we load libraries and binaries from mirrors
|
# Since mirrors always exist, we load libraries and binaries from mirrors
|
||||||
|
@ -14,11 +14,33 @@ log_print() {
|
|||||||
# Only enable when isn't started
|
# Only enable when isn't started
|
||||||
ps | grep "magiskhide --daemon" | grep -v grep >/dev/null 2>&1 && exit
|
ps | grep "magiskhide --daemon" | grep -v grep >/dev/null 2>&1 && exit
|
||||||
|
|
||||||
log_print "Removing tampered read-only system props"
|
if [ ! -d /sbin_orig ]; then
|
||||||
|
log_print "Moving and re-linking /sbin binaries"
|
||||||
|
mount -o rw,remount rootfs /
|
||||||
|
mv -f /sbin /sbin_orig
|
||||||
|
mkdir /sbin
|
||||||
|
mount -o ro,remount rootfs /
|
||||||
|
mkdir -p /dev/sbin_bind
|
||||||
|
chmod 755 /dev/sbin_bind
|
||||||
|
ln -s /sbin_orig/* /dev/sbin_bind
|
||||||
|
chcon -h u:object_r:rootfs:s0 /dev/sbin_bind /dev/sbin_bind/*
|
||||||
|
mount -o bind /dev/sbin_bind /sbin
|
||||||
|
fi
|
||||||
|
|
||||||
|
# Sammy device like these permissions
|
||||||
|
chmod 640 /sys/fs/selinux/enforce
|
||||||
|
chmod 440 /sys/fs/selinux/policy
|
||||||
|
|
||||||
|
log_print "Removing dangerous read-only system props"
|
||||||
|
|
||||||
VERIFYBOOT=`getprop ro.boot.verifiedbootstate`
|
VERIFYBOOT=`getprop ro.boot.verifiedbootstate`
|
||||||
FLASHLOCKED=`getprop ro.boot.flash.locked`
|
FLASHLOCKED=`getprop ro.boot.flash.locked`
|
||||||
VERITYMODE=`getprop ro.boot.veritymode`
|
VERITYMODE=`getprop ro.boot.veritymode`
|
||||||
|
DEBUGGABLE=`getprop ro.debuggable`
|
||||||
|
SECURE=`getprop ro.secure`
|
||||||
|
BUILDTYPE=`getprop ro.build.type`
|
||||||
|
BUILDTAGS=`getprop ro.build.tags`
|
||||||
|
BUILDSELINUX=`getprop ro.build.selinux`
|
||||||
|
|
||||||
[ ! -z "$VERIFYBOOT" -a "$VERIFYBOOT" != "green" ] && \
|
[ ! -z "$VERIFYBOOT" -a "$VERIFYBOOT" != "green" ] && \
|
||||||
log_print "`$BINPATH/resetprop -v -n ro.boot.verifiedbootstate green`"
|
log_print "`$BINPATH/resetprop -v -n ro.boot.verifiedbootstate green`"
|
||||||
@ -26,6 +48,16 @@ log_print "`$BINPATH/resetprop -v -n ro.boot.verifiedbootstate green`"
|
|||||||
log_print "`$BINPATH/resetprop -v -n ro.boot.flash.locked 1`"
|
log_print "`$BINPATH/resetprop -v -n ro.boot.flash.locked 1`"
|
||||||
[ ! -z "$VERITYMODE" -a "$VERITYMODE" != "enforcing" ] && \
|
[ ! -z "$VERITYMODE" -a "$VERITYMODE" != "enforcing" ] && \
|
||||||
log_print "`$BINPATH/resetprop -v -n ro.boot.veritymode enforcing`"
|
log_print "`$BINPATH/resetprop -v -n ro.boot.veritymode enforcing`"
|
||||||
|
[ ! -z "$DEBUGGABLE" -a "$DEBUGGABLE" != "0" ] && \
|
||||||
|
log_print "`$BINPATH/resetprop -v -n ro.debuggable 0`"
|
||||||
|
[ ! -z "$SECURE" -a "$SECURE" != "1" ] && \
|
||||||
|
log_print "`$BINPATH/resetprop -v -n ro.secure 1`"
|
||||||
|
[ ! -z "$BUILDTYPE" -a "$BUILDTYPE" != "user" ] && \
|
||||||
|
log_print "`$BINPATH/resetprop -v -n ro.build.type user`"
|
||||||
|
[ ! -z "$BUILDTAGS" -a "$BUILDTAGS" != "release-keys" ] && \
|
||||||
|
log_print "`$BINPATH/resetprop -v -n ro.build.tags release-keys`"
|
||||||
|
[ ! -z "$BUILDSELINUX" -a "$BUILDSELINUX" != "0" ] && \
|
||||||
|
log_print "`$BINPATH/resetprop -v -n ro.build.selinux 0`"
|
||||||
|
|
||||||
touch $MODDIR/hidelist
|
touch $MODDIR/hidelist
|
||||||
chmod -R 755 $MODDIR
|
chmod -R 755 $MODDIR
|
||||||
@ -40,4 +72,4 @@ while read PROCESS; do
|
|||||||
done < $MODDIR/hidelist
|
done < $MODDIR/hidelist
|
||||||
|
|
||||||
log_print "Starting MagiskHide daemon"
|
log_print "Starting MagiskHide daemon"
|
||||||
$MODDIR/magiskhide --daemon
|
$BINPATH/magiskhide --daemon
|
||||||
|
Loading…
Reference in New Issue
Block a user