Introduce new sepolicy injection mechanism

In the current implementation, Magisk will either have to recreate
all early mount implementation (for legacy SAR and rootfs devices) or
delegate early mount to first stage init (for 2SI devices) to access
required partitions for loading sepolicy. It then has to recreate the
split sepolicy loading implementation in-house, apply patches, then
dump the compiled + patched policies into monolithic format somewhere.
Finally, it patches the original init to force it to load the sepolicy
file we just created.

With the increasing complexity involved in early mount and split
sepolicy (there is even APEX module involved in the future!),
it is about time to rethink Magisk's sepolicy strategy as rebuilding
init's functionality is not scalable and easy to maintain.

In this commit, instead of building sepolicy ourselves, we mock
selinuxfs with FIFO files connected to a pre-init daemon, waiting
for the actual init process to directly write the sepolicy file into
MagiskInit. We then patch the file and load it into the kernel. Some
FIFO tricks has to be used to hijack the original init process's
control flow and prevent race conditions, details are directly in the
comments in code.

At the moment, only system-as-root (read-only root) support is added.
Support for legacy rootfs devices will come with a follow up commit.

native/jni/init/init.hpp

@@ -5,7 +5,7 @@ using kv_pairs = std::vector<std::pair<std::string, std::string>>;
 // For API 28 AVD, it uses legacy SAR setup that requires
 // special hacks in magiskinit to work properly. We do not
 // necessarily want this enabled in production builds.
-#define ENABLE_AVD_HACK 0
+#define ENABLE_AVD_HACK 1
 
 struct BootConfig {
     bool skip_initramfs;
@@ -36,7 +36,6 @@ struct fstab_entry {
     fstab_entry &operator=(fstab_entry&&) = default;
 };
 
-#define INIT_SOCKET "MAGISKINIT"
 #define DEFAULT_DT_DIR "/proc/device-tree/firmware/android"
 
 extern std::vector<std::string> mount_list;
@@ -57,7 +56,6 @@ protected:
     char **argv = nullptr;
 
     [[noreturn]] void exec_init();
-    void read_dt_fstab(std::vector<fstab_entry> &fstab);
 public:
     BaseInit(char *argv[], BootConfig *config = nullptr) : config(config), argv(argv) {}
     virtual ~BaseInit() = default;
@@ -75,12 +73,12 @@ protected:
     // running magiskinit on legacy SAR AVD emulator
     bool avd_hack = false;
 #else
-    // Make it const so compiler can optimize hacks out of the code
-    static const bool avd_hack = false;
+    // Make it constexpr so compiler can optimize hacks out of the code
+    static constexpr bool avd_hack = false;
 #endif
 
-    void mount_with_dt();
     bool patch_sepolicy(const char *file);
+    void hijack_sepolicy();
     void setup_tmp(const char *path);
     void mount_rules_dir(const char *dev_base, const char *mnt_base);
     void patch_rw_root();
@@ -94,7 +92,6 @@ protected:
 
     void backup_files();
     void patch_ro_root();
-    void mount_system_root();
 public:
     using MagiskInit::MagiskInit;
 };
@@ -140,14 +137,14 @@ public:
 
 class LegacySARInit : public SARBase {
 private:
-    bool early_mount();
+    bool mount_system_root();
     void first_stage_prep();
 public:
     LegacySARInit(char *argv[], BootConfig *config) : SARBase(argv, config) {
         LOGD("%s\n", __FUNCTION__);
     };
     void start() override {
-        if (early_mount())
+        if (mount_system_root())
             first_stage_prep();
         else
             patch_ro_root();
@@ -176,6 +173,7 @@ public:
 class MagiskProxy : public MagiskInit {
 public:
     explicit MagiskProxy(char *argv[]) : MagiskInit(argv) {
+        setup_klog();
         LOGD("%s\n", __FUNCTION__);
     }
     void start() override;