1
0
mirror of https://github.com/topjohnwu/Magisk.git synced 2025-01-05 02:27:39 +00:00

Support Safe Mode detection

When detecting device is booting as Safe Mode, disable all modules and
MagiskHide and skip all operations. The only thing that'll be available
in this state is root (Magisk Manager will also be disabled by system).

Since the next normal boot will also have all modules disabled, this can
be used to rescue a device in the case when a rogue module causes
bootloop and no custom recovery is available (or recoveries without
the ability to decrypt data).
This commit is contained in:
topjohnwu 2020-05-08 00:45:11 -07:00
parent 232ae2a189
commit a5d7c41d20
7 changed files with 35 additions and 36 deletions

@ -299,7 +299,7 @@ def build_binary(args):
header('* Building binaries: ' + ' '.join(args.target)) header('* Building binaries: ' + ' '.join(args.target))
os.utime(op.join('native', 'jni', 'include', 'flags.h')) # os.utime(op.join('native', 'jni', 'include', 'flags.h'))
# Basic flags # Basic flags
global base_flags global base_flags

@ -21,6 +21,7 @@ using namespace std;
static bool no_secure_dir = false; static bool no_secure_dir = false;
static bool pfs_done = false; static bool pfs_done = false;
static bool safe_mode = false;
/********* /*********
* Setup * * Setup *
@ -224,12 +225,6 @@ static void dump_logs() {
pthread_exit(nullptr); pthread_exit(nullptr);
} }
[[noreturn]] static void core_only() {
pfs_done = true;
auto_start_magiskhide();
unblock_boot_process();
}
void post_fs_data(int client) { void post_fs_data(int client) {
// ack // ack
write_int(client, 0); write_int(client, 0);
@ -262,16 +257,21 @@ void post_fs_data(int client) {
unblock_boot_process(); unblock_boot_process();
} }
if (getprop("persist.sys.safemode", true) == "1") {
safe_mode = true;
// Disable all modules and magiskhide so next boot will be clean
foreach_modules("disable");
stop_magiskhide();
} else {
LOGI("* Running post-fs-data.d scripts\n"); LOGI("* Running post-fs-data.d scripts\n");
exec_common_script("post-fs-data"); exec_common_script("post-fs-data");
// Core only mode
if (access(DISABLEFILE, F_OK) == 0)
core_only();
handle_modules(); handle_modules();
auto_start_magiskhide();
}
core_only(); // We still want to do magic mount because root itself might need it
magic_mount();
unblock_boot_process();
} }
void late_start(int client) { void late_start(int client) {
@ -290,7 +290,7 @@ void late_start(int client) {
reboot(); reboot();
} }
if (!pfs_done) if (!pfs_done || safe_mode)
return; return;
auto_start_magiskhide(); auto_start_magiskhide();
@ -298,11 +298,8 @@ void late_start(int client) {
LOGI("* Running service.d scripts\n"); LOGI("* Running service.d scripts\n");
exec_common_script("service"); exec_common_script("service");
// Core only mode
if (access(DISABLEFILE, F_OK) != 0) {
LOGI("* Running module service scripts\n"); LOGI("* Running module service scripts\n");
exec_module_script("service", module_list); exec_module_script("service", module_list);
}
// All boot stage done, cleanup // All boot stage done, cleanup
module_list.clear(); module_list.clear();
@ -315,7 +312,7 @@ void boot_complete(int client) {
write_int(client, 0); write_int(client, 0);
close(client); close(client);
if (!pfs_done) if (!pfs_done || safe_mode)
return; return;
auto_start_magiskhide(); auto_start_magiskhide();

@ -96,9 +96,10 @@ static void *request_handler(void *args) {
exec_sql(client); exec_sql(client);
break; break;
case REMOVE_MODULES: case REMOVE_MODULES:
remove_modules(); foreach_modules("remove");
write_int(client, 0); write_int(client, 0);
close(client); close(client);
reboot();
break; break;
case GET_PATH: case GET_PATH:
write_string(client, MAGISKTMP.data()); write_string(client, MAGISKTMP.data());

@ -542,7 +542,7 @@ static void inject_magisk_bins(root_node *system) {
delete bin->extract(init_applet[i]); delete bin->extract(init_applet[i]);
} }
static void mount_modules() { void magic_mount() {
node_entry::mirror_dir = MAGISKTMP + "/" MIRRDIR; node_entry::mirror_dir = MAGISKTMP + "/" MIRRDIR;
node_entry::module_mnt = MAGISKTMP + "/" MODULEMNT "/"; node_entry::module_mnt = MAGISKTMP + "/" MODULEMNT "/";
@ -683,12 +683,10 @@ void handle_modules() {
// Recollect modules (module scripts could remove itself) // Recollect modules (module scripts could remove itself)
module_list.clear(); module_list.clear();
collect_modules(); collect_modules();
mount_modules();
} }
void remove_modules() { void foreach_modules(const char *name) {
LOGI("* Remove all modules and reboot\n"); LOGI("* Add %s to all modules\n", name);
auto dir = open_dir(MODULEROOT); auto dir = open_dir(MODULEROOT);
if (!dir) if (!dir)
return; return;
@ -700,9 +698,8 @@ void remove_modules() {
continue; continue;
int modfd = xopenat(dfd, entry->d_name, O_RDONLY | O_CLOEXEC); int modfd = xopenat(dfd, entry->d_name, O_RDONLY | O_CLOEXEC);
close(xopenat(modfd, "remove", O_RDONLY | O_CREAT | O_CLOEXEC, 0)); close(xopenat(modfd, name, O_RDONLY | O_CREAT | O_CLOEXEC, 0));
close(modfd); close(modfd);
} }
} }
reboot();
} }

@ -40,15 +40,19 @@ void late_start(int client);
void boot_complete(int client); void boot_complete(int client);
void magiskhide_handler(int client); void magiskhide_handler(int client);
void su_daemon_handler(int client, struct ucred *credential); void su_daemon_handler(int client, struct ucred *credential);
void remove_modules(); void foreach_modules(const char *name);
// Misc // Misc
int connect_daemon(bool create = false); int connect_daemon(bool create = false);
void auto_start_magiskhide();
void unlock_blocks(); void unlock_blocks();
void handle_modules(); void handle_modules();
void magic_mount();
void reboot(); void reboot();
// MagiskHide
void auto_start_magiskhide();
int stop_magiskhide();
// Scripting // Scripting
void exec_script(const char *script); void exec_script(const char *script);
void exec_common_script(const char *stage); void exec_common_script(const char *stage);

@ -7,7 +7,6 @@
#define JAVA_PACKAGE_NAME "com.topjohnwu.magisk" #define JAVA_PACKAGE_NAME "com.topjohnwu.magisk"
#define LOGFILE "/cache/magisk.log" #define LOGFILE "/cache/magisk.log"
#define UNBLOCKFILE "/dev/.magisk_unblock" #define UNBLOCKFILE "/dev/.magisk_unblock"
#define DISABLEFILE "/cache/.disable_magisk"
#define SECURE_DIR "/data/adb" #define SECURE_DIR "/data/adb"
#define MODULEROOT SECURE_DIR "/modules" #define MODULEROOT SECURE_DIR "/modules"
#define MODULEUPGRADE SECURE_DIR "/modules_update" #define MODULEUPGRADE SECURE_DIR "/modules_update"

@ -10,7 +10,6 @@
#include <magisk.hpp> #include <magisk.hpp>
#include <utils.hpp> #include <utils.hpp>
#include <db.hpp> #include <db.hpp>
#include <daemon.hpp>
#include "magiskhide.hpp" #include "magiskhide.hpp"
@ -267,9 +266,11 @@ void launch_magiskhide(int client) {
int stop_magiskhide() { int stop_magiskhide() {
LOGI("* Stopping MagiskHide\n"); LOGI("* Stopping MagiskHide\n");
if (hide_enabled)
pthread_kill(proc_monitor_thread, SIGTERMTHRD);
hide_enabled = false; hide_enabled = false;
set_hide_config(); set_hide_config();
pthread_kill(proc_monitor_thread, SIGTERMTHRD);
return DAEMON_SUCCESS; return DAEMON_SUCCESS;
} }