mirror of
https://github.com/topjohnwu/Magisk.git
synced 2024-11-27 12:05:30 +00:00
Misc QoL changes
- su: Preserve correct capacity to avoid vector reallocation - su: Properly format code - daemon: Remove useless `if` - docs: Remove outdated info
This commit is contained in:
parent
e88eed9a8d
commit
4f1a1879e5
@ -90,11 +90,10 @@ DATABIN=$SECURE_DIR/magisk
|
||||
|
||||
`magiskinit` will replace `init` as the first program to run.
|
||||
|
||||
- Early mount required partitions. On legacy system-as-root devices, we switch root to system; on 2SI devices, we patch fstab and execute the original `init` to mount partitions for us.
|
||||
- Load sepolicy either from `/sepolicy`, precompiled sepolicy in vendor, or compile split sepolicy
|
||||
- Patch sepolicy rules and dump to `/sepolicy` or `/sbin/.se` or `/dev/.se`
|
||||
- Patch `init` or `libselinux.so` to force the system to load the patched policies
|
||||
- Early mount required partitions. On legacy system-as-root devices, we switch root to system; on 2SI devices, we patch the original `init` to redirect the 2nd stage init file to magiskinit and execute it to mount partitions for us.
|
||||
- Inject magisk services into `init.rc`
|
||||
- On devices using monolithic policy, load sepolicy from `/sepolicy`; otherwise we hijack nodes in selinuxfs with FIFO, set `LD_PRELOAD` to hook `security_load_policy` and assist hijacking on 2SI devices, and start a daemon to wait until init tries to load sepolicy.
|
||||
- Patch sepolicy rules. If we are using "hijack" method, load patched sepolicy into kernel, unblock init and exit daemon
|
||||
- Execute the original `init` to continue the boot process
|
||||
|
||||
### post-fs-data
|
||||
|
@ -1,6 +1,6 @@
|
||||
# Magisk Tools
|
||||
|
||||
Magisk comes with a huge collections of tools for installation, daemons, and utilities for developers. This documentation covers the 3 binaries and all included applets. The binaries and applets are shown below:
|
||||
Magisk comes with a huge collections of tools for installation, daemons, and utilities for developers. This documentation covers the 4 binaries and all included applets. The binaries and applets are shown below:
|
||||
|
||||
```
|
||||
magiskboot /* binary */
|
||||
@ -12,8 +12,6 @@ resetprop -> magisk
|
||||
su -> magisk
|
||||
```
|
||||
|
||||
Note: The Magisk zip you download only contains `magiskboot`, `magiskinit`, and `magiskinit64`. The binary `magisk` is compressed and embedded into `magiskinit(64)`. Push `magiskinit(64)` to your device and run `./magiskinit(64) -x magisk <path>` to extract `magisk` out of the binary.
|
||||
|
||||
### magiskboot
|
||||
|
||||
A tool to unpack / repack boot images, parse / patch / extract cpio, patch dtb, hex patch binaries, and compress / decompress files with multiple algorithms.
|
||||
|
@ -283,10 +283,7 @@ static void switch_cgroup(const char *cgroup, int pid) {
|
||||
if (fd == -1)
|
||||
return;
|
||||
snprintf(buf, sizeof(buf), "%d\n", pid);
|
||||
if (xwrite(fd, buf, strlen(buf)) == -1) {
|
||||
close(fd);
|
||||
return;
|
||||
}
|
||||
xwrite(fd, buf, strlen(buf));
|
||||
close(fd);
|
||||
}
|
||||
|
||||
|
@ -29,7 +29,7 @@ static void patch_init_rc(const char *src, const char *dest, const char *tmp_dir
|
||||
fprintf(rc, "service flash_recovery /system/bin/xxxxx\n");
|
||||
return true;
|
||||
}
|
||||
// Samsung's persist.sys.zygote.early will start zygotes before actual post-fs-data phase
|
||||
// Samsung's persist.sys.zygote.early will cause Zygote to start before post-fs-data
|
||||
if (str_starts(line, "on property:persist.sys.zygote.early=")) {
|
||||
LOGD("Invalidate persist.sys.zygote.early\n");
|
||||
fprintf(rc, "on property:persist.sys.zygote.early.xxxxx=true\n");
|
||||
|
@ -189,7 +189,7 @@ void app_log(const su_context &ctx) {
|
||||
void app_notify(const su_context &ctx) {
|
||||
if (fork_dont_care() == 0) {
|
||||
vector<Extra> extras;
|
||||
extras.reserve(2);
|
||||
extras.reserve(3);
|
||||
extras.emplace_back("from.uid", ctx.info->uid);
|
||||
extras.emplace_back("pid", ctx.pid);
|
||||
extras.emplace_back("policy", ctx.info->access.policy);
|
||||
@ -210,7 +210,7 @@ int app_request(const su_context &ctx) {
|
||||
|
||||
// Send request
|
||||
vector<Extra> extras;
|
||||
extras.reserve(2);
|
||||
extras.reserve(3);
|
||||
extras.emplace_back("fifo", fifo);
|
||||
extras.emplace_back("uid", ctx.info->eval_uid);
|
||||
extras.emplace_back("pid", ctx.pid);
|
||||
|
@ -220,7 +220,9 @@ void su_daemon_handler(int client, const sock_cred *cred) {
|
||||
};
|
||||
|
||||
// Read su_request
|
||||
if (xxread(client, &ctx.req, sizeof(su_req_base)) < 0 || !read_string(client, ctx.req.shell) || !read_string(client, ctx.req.command)) {
|
||||
if (xxread(client, &ctx.req, sizeof(su_req_base)) < 0
|
||||
|| !read_string(client, ctx.req.shell)
|
||||
|| !read_string(client, ctx.req.command)) {
|
||||
LOGW("su: remote process probably died, abort\n");
|
||||
ctx.info.reset();
|
||||
write_int(client, DENY);
|
||||
|
Loading…
Reference in New Issue
Block a user