Remove randomness from Magisk

This commit is contained in:
topjohnwu 2023-06-14 17:05:49 -07:00
parent 9d6f6764cb
commit d7d0a44693
7 changed files with 19 additions and 58 deletions

View File

@ -57,31 +57,36 @@ class SuRequestHandler(
runCatching { output.close() } runCatching { output.close() }
} }
private suspend fun init(intent: Intent) = withContext(Dispatchers.IO) { private suspend fun init(intent: Intent): Boolean {
val uid = intent.getIntExtra("uid", -1)
if (uid <= 0) {
return false;
}
policy = SuPolicy(uid)
val pid = intent.getIntExtra("pid", -1)
if (pid <= 0) {
return false;
}
val fifo = intent.getStringExtra("fifo") ?: "/dev/socket/magisk_su_request_$pid"
try { try {
val fifo = intent.getStringExtra("fifo") ?: throw IOException("fifo == null")
output = DataOutputStream(FileOutputStream(fifo)) output = DataOutputStream(FileOutputStream(fifo))
val uid = intent.getIntExtra("uid", -1)
if (uid <= 0) {
throw IOException("uid == $uid")
}
policy = SuPolicy(uid)
val pid = intent.getIntExtra("pid", -1)
try { try {
pkgInfo = pm.getPackageInfo(uid, pid) ?: PackageInfo().apply { pkgInfo = pm.getPackageInfo(uid, pid) ?: PackageInfo().apply {
val name = pm.getNameForUid(uid) ?: throw PackageManager.NameNotFoundException() val name = pm.getNameForUid(uid) ?: throw PackageManager.NameNotFoundException()
// We only fill in sharedUserId and leave other fields uninitialized // We only fill in sharedUserId and leave other fields uninitialized
sharedUserId = name.split(":")[0] sharedUserId = name.split(":")[0]
} }
return@withContext true
} catch (e: PackageManager.NameNotFoundException) { } catch (e: PackageManager.NameNotFoundException) {
Timber.e(e)
respond(SuPolicy.DENY, -1) respond(SuPolicy.DENY, -1)
return@withContext false return false
} }
return true
} catch (e: IOException) { } catch (e: IOException) {
Timber.e(e) Timber.e(e)
close() close()
return@withContext false return false
} }
} }

View File

@ -70,38 +70,6 @@ int fork_no_orphan() {
return 0; return 0;
} }
mt19937_64 &get_rand(const void *seed_buf) {
static mt19937_64 gen([&] {
mt19937_64::result_type seed;
if (seed_buf == nullptr) {
int fd = xopen("/dev/urandom", O_RDONLY | O_CLOEXEC);
xxread(fd, &seed, sizeof(seed));
close(fd);
} else {
memcpy(&seed, seed_buf, sizeof(seed));
}
return seed;
}());
return gen;
}
int gen_rand_str(char *buf, int len, bool varlen) {
auto gen = get_rand();
if (len == 0)
return 0;
if (varlen) {
std::uniform_int_distribution<int> len_dist(len / 2, len);
len = len_dist(gen);
}
std::uniform_int_distribution<int> alphabet('a', 'z');
for (int i = 0; i < len - 1; ++i) {
buf[i] = static_cast<char>(alphabet(gen));
}
buf[len - 1] = '\0';
return len - 1;
}
int exec_command(exec_t &exec) { int exec_command(exec_t &exec) {
auto pipefd = array<int, 2>{-1, -1}; auto pipefd = array<int, 2>{-1, -1};
int outfd = -1; int outfd = -1;

View File

@ -251,8 +251,6 @@ void init_argv0(int argc, char **argv);
void set_nice_name(const char *name); void set_nice_name(const char *name);
uint32_t binary_gcd(uint32_t u, uint32_t v); uint32_t binary_gcd(uint32_t u, uint32_t v);
int switch_mnt_ns(int pid); int switch_mnt_ns(int pid);
std::mt19937_64 &get_rand(const void *seed_buf = nullptr);
int gen_rand_str(char *buf, int len, bool varlen = true);
std::string &replace_all(std::string &str, std::string_view from, std::string_view to); std::string &replace_all(std::string &str, std::string_view from, std::string_view to);
std::vector<std::string> split(std::string_view s, std::string_view delims); std::vector<std::string> split(std::string_view s, std::string_view delims);
std::vector<std::string_view> split_view(std::string_view, std::string_view delims); std::vector<std::string_view> split_view(std::string_view, std::string_view delims);

View File

@ -193,16 +193,14 @@ void app_notify(const su_context &ctx) {
int app_request(const su_context &ctx) { int app_request(const su_context &ctx) {
// Create FIFO // Create FIFO
char fifo[64]; char fifo[64];
strcpy(fifo, "/dev/socket/"); ssprintf(fifo, sizeof(fifo), "/dev/socket/magisk_su_request_%d", ctx.pid);
gen_rand_str(fifo + 12, 32);
mkfifo(fifo, 0600); mkfifo(fifo, 0600);
chown(fifo, ctx.info->mgr_uid, ctx.info->mgr_uid); chown(fifo, ctx.info->mgr_uid, ctx.info->mgr_uid);
setfilecon(fifo, MAGISK_FILE_CON); setfilecon(fifo, MAGISK_FILE_CON);
// Send request // Send request
vector<Extra> extras; vector<Extra> extras;
extras.reserve(3); extras.reserve(2);
extras.emplace_back("fifo", fifo);
extras.emplace_back("uid", ctx.info->eval_uid); extras.emplace_back("uid", ctx.info->eval_uid);
extras.emplace_back("pid", ctx.pid); extras.emplace_back("pid", ctx.pid);
exec_cmd("request", extras, ctx.info, false); exec_cmd("request", extras, ctx.info, false);

View File

@ -190,17 +190,13 @@ static void extract_files(bool sbin) {
} }
void MagiskInit::parse_config_file() { void MagiskInit::parse_config_file() {
uint64_t seed = 0;
parse_prop_file("/data/.backup/.magisk", [&](auto key, auto value) -> bool { parse_prop_file("/data/.backup/.magisk", [&](auto key, auto value) -> bool {
if (key == "PREINITDEVICE") { if (key == "PREINITDEVICE") {
preinit_dev = value; preinit_dev = value;
} else if (key == "RANDOMSEED") { return false;
value.remove_prefix(2); // 0x
seed = parse_uint64_hex(value);
} }
return true; return true;
}); });
get_rand(&seed);
} }
#define ROOTMIR MIRRDIR "/system_root" #define ROOTMIR MIRRDIR "/system_root"

View File

@ -65,8 +65,6 @@ fi
# For API 28, we also patch advancedFeatures.ini to disable SAR # For API 28, we also patch advancedFeatures.ini to disable SAR
# Manually override skip_initramfs by setting RECOVERYMODE=true # Manually override skip_initramfs by setting RECOVERYMODE=true
[ $API = "28" ] && echo 'RECOVERYMODE=true' >> config [ $API = "28" ] && echo 'RECOVERYMODE=true' >> config
RANDOMSEED=$(tr -dc 'a-f0-9' < /dev/urandom | head -c 16)
echo "RANDOMSEED=0x$RANDOMSEED" >> config
cat config cat config
SKIP32="#" SKIP32="#"

View File

@ -184,8 +184,6 @@ if [ -n "$PREINITDEVICE" ]; then
echo "PREINITDEVICE=$PREINITDEVICE" >> config echo "PREINITDEVICE=$PREINITDEVICE" >> config
fi fi
[ -n "$SHA1" ] && echo "SHA1=$SHA1" >> config [ -n "$SHA1" ] && echo "SHA1=$SHA1" >> config
RANDOMSEED=$(tr -dc 'a-f0-9' < /dev/urandom | head -c 16)
echo "RANDOMSEED=0x$RANDOMSEED" >> config
./magiskboot cpio ramdisk.cpio \ ./magiskboot cpio ramdisk.cpio \
"add 0750 $INIT magiskinit" \ "add 0750 $INIT magiskinit" \