mirror of
https://github.com/topjohnwu/Magisk.git
synced 2024-11-30 13:35:27 +00:00
Refactor magic mount to support overlayfs
Previously, magic mount creates its own mirror devices and mount mirror mount points. With these mirror mount points, magic mount can get the original files and directory trees. However, some devices use overlayfs to modify some mount points, and thus after magic mount, the overlayed files are missing because the mirror mount points do not contain the overlayed files. To address this issue and make magic mount more compatible, this patch refactors how magic mount works. The new workflows are as follows: 1. make MAGISKTMP a private mount point so that we can create the private mount points there 2. for mirror mount points, we instead of creating our own mirror devices and mount the mirror mount points, we "copy" the original mount points by recursively mounting / 3. to prevent magic mount affecting the mirror mount points, we recursively set the mirror mount points private 4. to trace the mount points we created for reverting mounts, we again make the mirror mount points shared, and by this way we create a new peer group for each mirror mount points 5. as for tracing the newly created tmpfs mount point by magic mount, we create a dedicated tmpfs mount point for them, namely worker mount point, and obviously, it is shared as in a newly created peer group for tracing 6. when reverting mount points by magic mount, we can then trace the peer group id and unmount the mount points whose peer group ids are created by us The advantages are as follows: 1. it is more compatible, (e.g., with overlayfs, fix #2359) 2. it can mount more partitions for which previous implementation cannot create mirror mount points (fix #3338)
This commit is contained in:
parent
97ed1b16d0
commit
af01a36296
@ -120,7 +120,7 @@ All files you want to replace/inject should be placed in this folder. This folde
|
|||||||
|
|
||||||
If you place a file named `.replace` in any of the folders, instead of merging its contents, that folder will directly replace the one in the real system. This can be very handy for swapping out an entire folder.
|
If you place a file named `.replace` in any of the folders, instead of merging its contents, that folder will directly replace the one in the real system. This can be very handy for swapping out an entire folder.
|
||||||
|
|
||||||
If you want to replace files in `/vendor`, `/product`, or `/system_ext`, please place them under `system/vendor`, `system/product`, and `system/system_ext` respectively. Magisk will transparently handle whether these partitions are in a separate partition or not.
|
If you want to replace files in `/vendor`, `/vendor_dlkm`, `/product`, `/system_ext`, `/system_dlkm`, `/odm`, or `/odm_dlkm`, please place them under `system/vendor`, `system/product`, and `system/system_ext` respectively. Magisk will transparently handle whether these partitions are in a separate partition or not.
|
||||||
|
|
||||||
#### Zygisk
|
#### Zygisk
|
||||||
|
|
||||||
|
@ -1,6 +1,7 @@
|
|||||||
#include <sys/mount.h>
|
#include <sys/mount.h>
|
||||||
#include <sys/wait.h>
|
#include <sys/wait.h>
|
||||||
#include <sys/sysmacros.h>
|
#include <sys/sysmacros.h>
|
||||||
|
#include <sys/statvfs.h>
|
||||||
#include <linux/input.h>
|
#include <linux/input.h>
|
||||||
#include <libgen.h>
|
#include <libgen.h>
|
||||||
#include <vector>
|
#include <vector>
|
||||||
@ -34,103 +35,60 @@ bool zygisk_enabled = false;
|
|||||||
* Setup *
|
* Setup *
|
||||||
*********/
|
*********/
|
||||||
|
|
||||||
#define MNT_DIR_IS(dir) (me->mnt_dir == string_view(dir))
|
static bool mount_mirror(const std::string_view from, const std::string_view to) {
|
||||||
#define MNT_TYPE_IS(type) (me->mnt_type == string_view(type))
|
return !xmkdirs(to.data(), 0755) &&
|
||||||
#define SETMIR(b, part) ssprintf(b, sizeof(b), "%s/" MIRRDIR "/" #part, MAGISKTMP.data())
|
// recursively bind mount to mirror dir, rootfs will fail before 3.12 kernel
|
||||||
#define SETBLK(b, part) ssprintf(b, sizeof(b), "%s/" BLOCKDIR "/" #part, MAGISKTMP.data())
|
// because of MS_NOUSER
|
||||||
|
!mount(from.data(), to.data(), nullptr, MS_BIND | MS_REC, nullptr) &&
|
||||||
#define do_mount_mirror(part) { \
|
// make mirror dir as a private mount so that it won't be affected by magic mount
|
||||||
SETMIR(buf1, part); \
|
!xmount("", to.data(), nullptr, MS_PRIVATE | MS_REC, nullptr);
|
||||||
SETBLK(buf2, part); \
|
|
||||||
unlink(buf2); \
|
|
||||||
mknod(buf2, S_IFBLK | 0600, st.st_dev); \
|
|
||||||
xmkdir(buf1, 0755); \
|
|
||||||
int flags = 0; \
|
|
||||||
auto opts = split_ro(me->mnt_opts, ",");\
|
|
||||||
for (string_view s : opts) { \
|
|
||||||
if (s == "ro") { \
|
|
||||||
flags |= MS_RDONLY; \
|
|
||||||
break; \
|
|
||||||
} \
|
|
||||||
} \
|
|
||||||
xmount(buf2, buf1, me->mnt_type, flags, nullptr); \
|
|
||||||
LOGI("mount: %s\n", buf1); \
|
|
||||||
}
|
}
|
||||||
|
|
||||||
#define mount_mirror(part) \
|
|
||||||
if (MNT_DIR_IS("/" #part) \
|
|
||||||
&& !MNT_TYPE_IS("tmpfs") \
|
|
||||||
&& !MNT_TYPE_IS("overlay") \
|
|
||||||
&& lstat(me->mnt_dir, &st) == 0) { \
|
|
||||||
do_mount_mirror(part); \
|
|
||||||
break; \
|
|
||||||
}
|
|
||||||
|
|
||||||
#define link_mirror(part) \
|
|
||||||
SETMIR(buf1, part); \
|
|
||||||
if (access("/system/" #part, F_OK) == 0 && access(buf1, F_OK) != 0) { \
|
|
||||||
xsymlink("./system/" #part, buf1); \
|
|
||||||
LOGI("link: %s\n", buf1); \
|
|
||||||
}
|
|
||||||
|
|
||||||
#define link_orig_dir(dir, part) \
|
|
||||||
if (MNT_DIR_IS(dir) && !MNT_TYPE_IS("tmpfs") && !MNT_TYPE_IS("overlay")) { \
|
|
||||||
SETMIR(buf1, part); \
|
|
||||||
rmdir(buf1); \
|
|
||||||
xsymlink(dir, buf1); \
|
|
||||||
LOGI("link: %s\n", buf1); \
|
|
||||||
break; \
|
|
||||||
}
|
|
||||||
|
|
||||||
#define link_orig(part) link_orig_dir("/" #part, part)
|
|
||||||
|
|
||||||
static void mount_mirrors() {
|
static void mount_mirrors() {
|
||||||
char buf1[4096];
|
|
||||||
char buf2[4096];
|
|
||||||
|
|
||||||
LOGI("* Prepare worker\n");
|
LOGI("* Prepare worker\n");
|
||||||
|
if (auto worker_dir = MAGISKTMP + "/" WORKERDIR;
|
||||||
ssprintf(buf1, sizeof(buf1), "%s/" WORKERDIR, MAGISKTMP.data());
|
xmount(worker_dir.data(), worker_dir.data(), nullptr, MS_BIND, nullptr) == 0) {
|
||||||
xmount(buf1, buf1, nullptr, MS_BIND, nullptr);
|
xmount(nullptr, worker_dir.data(), nullptr, MS_PRIVATE, nullptr);
|
||||||
xmount(nullptr, buf1, nullptr, MS_PRIVATE, nullptr);
|
}
|
||||||
|
|
||||||
LOGI("* Mounting mirrors\n");
|
LOGI("* Mounting mirrors\n");
|
||||||
|
// recursively bind mount / to mirror dir
|
||||||
|
if (auto mirror_dir = MAGISKTMP + "/" MIRRDIR; !mount_mirror("/", mirror_dir)) {
|
||||||
|
LOGI("fallback to mount subtree\n");
|
||||||
|
// rootfs may fail, fallback to bind mount each mount point
|
||||||
|
std::vector<string> mounted_dirs {{ MAGISKTMP }};
|
||||||
|
for (const auto &info: parse_mount_info("self")) {
|
||||||
|
if (info.type == "rootfs"sv) continue;
|
||||||
|
bool mounted = std::any_of(mounted_dirs.begin(), mounted_dirs.end(), [&](const auto &dir) {
|
||||||
|
return str_starts(info.target, dir);
|
||||||
|
});
|
||||||
|
if (!mounted && mount_mirror(info.target, mirror_dir + info.target)) {
|
||||||
|
mounted_dirs.emplace_back(info.target);
|
||||||
|
}
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
parse_mnt("/proc/mounts", [&](mntent *me) {
|
LOGI("* Mounting module root\n");
|
||||||
struct stat st{};
|
if (access(SECURE_DIR, F_OK) == 0 || (SDK_INT < 24 && xmkdir(SECURE_DIR, 0700))) {
|
||||||
do {
|
if (auto dest = MAGISKTMP + "/" MODULEMNT; mount_mirror(MODULEROOT, dest)) {
|
||||||
mount_mirror(system)
|
// remount to clear nosuid flag
|
||||||
mount_mirror(vendor)
|
struct statvfs st{};
|
||||||
mount_mirror(product)
|
statvfs(dest.data(), &st);
|
||||||
mount_mirror(system_ext)
|
for (const auto &info: parse_mount_info("self")) {
|
||||||
mount_mirror(data)
|
if (info.target != dest) {
|
||||||
link_orig(cache)
|
continue;
|
||||||
link_orig(metadata)
|
}
|
||||||
link_orig(persist)
|
// strip rw, from fs options
|
||||||
link_orig_dir("/mnt/vendor/persist", persist)
|
if (auto pos = info.fs_option.find_first_of(','); pos != string::npos) {
|
||||||
if (SDK_INT >= 24 && MNT_DIR_IS("/proc") && !strstr(me->mnt_opts, "hidepid=2")) {
|
xmount("", dest.data(), nullptr, MS_REMOUNT | (st.f_flag & ~MS_NOSUID), info.fs_option.data() + pos + 1);
|
||||||
xmount(nullptr, "/proc", nullptr, MS_REMOUNT, "hidepid=2,gid=3009");
|
}
|
||||||
break;
|
break;
|
||||||
}
|
}
|
||||||
} while (false);
|
restorecon();
|
||||||
return true;
|
chmod(SECURE_DIR, 0700);
|
||||||
});
|
}
|
||||||
SETMIR(buf1, system);
|
|
||||||
if (access(buf1, F_OK) != 0) {
|
|
||||||
xsymlink("./system_root/system", buf1);
|
|
||||||
LOGI("link: %s\n", buf1);
|
|
||||||
parse_mnt("/proc/mounts", [&](mntent *me) {
|
|
||||||
struct stat st;
|
|
||||||
if (MNT_DIR_IS("/") && me->mnt_type != "rootfs"sv && stat("/", &st) == 0) {
|
|
||||||
do_mount_mirror(system_root)
|
|
||||||
return false;
|
|
||||||
}
|
|
||||||
return true;
|
|
||||||
});
|
|
||||||
}
|
}
|
||||||
link_mirror(vendor)
|
|
||||||
link_mirror(product)
|
|
||||||
link_mirror(system_ext)
|
|
||||||
}
|
}
|
||||||
|
|
||||||
static bool magisk_env() {
|
static bool magisk_env() {
|
||||||
@ -306,16 +264,8 @@ static void post_fs_data() {
|
|||||||
prune_su_access();
|
prune_su_access();
|
||||||
|
|
||||||
if (access(SECURE_DIR, F_OK) != 0) {
|
if (access(SECURE_DIR, F_OK) != 0) {
|
||||||
if (SDK_INT < 24) {
|
LOGE(SECURE_DIR " is not present, abort\n");
|
||||||
// There is no FBE pre 7.0, we can directly create the folder without issues
|
goto early_abort;
|
||||||
xmkdir(SECURE_DIR, 0700);
|
|
||||||
} else {
|
|
||||||
// If the folder is not automatically created by Android,
|
|
||||||
// do NOT proceed further. Manual creation of the folder
|
|
||||||
// will have no encryption flag, which will cause bootloops on FBE devices.
|
|
||||||
LOGE(SECURE_DIR " is not present, abort\n");
|
|
||||||
goto early_abort;
|
|
||||||
}
|
|
||||||
}
|
}
|
||||||
|
|
||||||
if (!magisk_env()) {
|
if (!magisk_env()) {
|
||||||
|
@ -32,7 +32,7 @@ class root_node;
|
|||||||
|
|
||||||
template<class T> static bool isa(node_entry *node);
|
template<class T> static bool isa(node_entry *node);
|
||||||
static int bind_mount(const char *reason, const char *from, const char *to) {
|
static int bind_mount(const char *reason, const char *from, const char *to) {
|
||||||
int ret = xmount(from, to, nullptr, MS_BIND, nullptr);
|
int ret = xmount(from, to, nullptr, MS_BIND | MS_REC, nullptr);
|
||||||
if (ret == 0)
|
if (ret == 0)
|
||||||
VLOGD(reason, from, to);
|
VLOGD(reason, from, to);
|
||||||
return ret;
|
return ret;
|
||||||
@ -623,7 +623,9 @@ void magic_mount() {
|
|||||||
|
|
||||||
if (!system->is_empty()) {
|
if (!system->is_empty()) {
|
||||||
// Handle special read-only partitions
|
// Handle special read-only partitions
|
||||||
for (const char *part : { "/vendor", "/product", "/system_ext" }) {
|
for (const char *part : { "/vendor", "/vendor_dlkm","/product",
|
||||||
|
"/system_ext", "/system_dlkm",
|
||||||
|
"/odm", "/odm_dlkm" }) {
|
||||||
struct stat st{};
|
struct stat st{};
|
||||||
if (lstat(part, &st) == 0 && S_ISDIR(st.st_mode)) {
|
if (lstat(part, &st) == 0 && S_ISDIR(st.st_mode)) {
|
||||||
if (auto old = system->extract(part + 1)) {
|
if (auto old = system->extract(part + 1)) {
|
||||||
@ -669,15 +671,6 @@ static void prepare_modules() {
|
|||||||
close(mfd);
|
close(mfd);
|
||||||
rm_rf(MODULEUPGRADE);
|
rm_rf(MODULEUPGRADE);
|
||||||
}
|
}
|
||||||
|
|
||||||
// Setup module mount (workaround nosuid selabel issue)
|
|
||||||
auto src = MAGISKTMP + "/" MIRRDIR MODULEROOT;
|
|
||||||
auto dest = MAGISKTMP + "/" MODULEMNT;
|
|
||||||
xmkdir(dest.data(), 0755);
|
|
||||||
bind_mount("mod_mnt", src.data(), dest.data());
|
|
||||||
|
|
||||||
restorecon();
|
|
||||||
chmod(SECURE_DIR, 0700);
|
|
||||||
}
|
}
|
||||||
|
|
||||||
template<typename Func>
|
template<typename Func>
|
||||||
|
Loading…
Reference in New Issue
Block a user