mirror of
https://github.com/topjohnwu/Magisk.git
synced 2025-01-11 19:03:37 +00:00
Refactor magiskrc
This commit is contained in:
parent
87e036a190
commit
dba5020e4f
@ -412,7 +412,7 @@ static void boot_complete() {
|
||||
get_manager(0, nullptr, true);
|
||||
}
|
||||
|
||||
void boot_stage_handler(int code) {
|
||||
void boot_stage_handler(int client, int code) {
|
||||
// Make sure boot stage execution is always serialized
|
||||
static pthread_mutex_t stage_lock = PTHREAD_MUTEX_INITIALIZER;
|
||||
mutex_guard lock(stage_lock);
|
||||
@ -421,13 +421,15 @@ void boot_stage_handler(int code) {
|
||||
case MainRequest::POST_FS_DATA:
|
||||
if ((boot_state & FLAG_POST_FS_DATA_DONE) == 0)
|
||||
post_fs_data();
|
||||
close(xopen(UNBLOCKFILE, O_RDONLY | O_CREAT, 0));
|
||||
close(client);
|
||||
break;
|
||||
case MainRequest::LATE_START:
|
||||
close(client);
|
||||
if ((boot_state & FLAG_POST_FS_DATA_DONE) && (boot_state & FLAG_SAFE_MODE) == 0)
|
||||
late_start();
|
||||
break;
|
||||
case MainRequest::BOOT_COMPLETE:
|
||||
close(client);
|
||||
if ((boot_state & FLAG_SAFE_MODE) == 0)
|
||||
boot_complete();
|
||||
break;
|
||||
|
@ -274,8 +274,7 @@ static void handle_request(pollfd *pfd) {
|
||||
} else if (code < MainRequest::_STAGE_BARRIER_) {
|
||||
exec_task([=] { handle_request_async(client, code, cred); });
|
||||
} else {
|
||||
close(client);
|
||||
exec_task([=] { boot_stage_handler(code); });
|
||||
exec_task([=] { boot_stage_handler(client, code); });
|
||||
}
|
||||
return;
|
||||
|
||||
|
@ -90,7 +90,9 @@ int magisk_main(int argc, char *argv[]) {
|
||||
int fd = connect_daemon(MainRequest::STOP_DAEMON);
|
||||
return read_int(fd);
|
||||
} else if (argv[1] == "--post-fs-data"sv) {
|
||||
close(connect_daemon(MainRequest::POST_FS_DATA, true));
|
||||
int fd = connect_daemon(MainRequest::POST_FS_DATA, true);
|
||||
struct pollfd pfd = { fd, POLLIN, 0 };
|
||||
poll(&pfd, 1, 1000 * POST_FS_DATA_WAIT_TIME);
|
||||
return 0;
|
||||
} else if (argv[1] == "--service"sv) {
|
||||
close(connect_daemon(MainRequest::LATE_START, true));
|
||||
|
@ -88,7 +88,7 @@ extern std::atomic<int> logd_fd;
|
||||
extern "C" void magisk_log_write(int prio, const char *msg, int len);
|
||||
|
||||
// Daemon handlers
|
||||
void boot_stage_handler(int code);
|
||||
void boot_stage_handler(int client, int code);
|
||||
void denylist_handler(int client, const sock_cred *cred);
|
||||
void su_daemon_handler(int client, const sock_cred *cred);
|
||||
void zygisk_handler(int client, const sock_cred *cred);
|
||||
|
@ -7,7 +7,6 @@
|
||||
#define MAIN_SOCKET "d30138f2310a9fb9c54a3e0c21f58591\0"
|
||||
#define JAVA_PACKAGE_NAME "com.topjohnwu.magisk"
|
||||
#define LOGFILE "/cache/magisk.log"
|
||||
#define UNBLOCKFILE "/dev/.magisk_unblock"
|
||||
#define SECURE_DIR "/data/adb"
|
||||
#define MODULEROOT SECURE_DIR "/modules"
|
||||
#define MODULEUPGRADE SECURE_DIR "/modules_update"
|
||||
|
@ -1,42 +0,0 @@
|
||||
#include <magisk.hpp>
|
||||
#include <selinux.hpp>
|
||||
|
||||
#define quote(s) #s
|
||||
#define str(s) quote(s)
|
||||
|
||||
constexpr char MAGISK_RC[] =
|
||||
"\n"
|
||||
|
||||
"on post-fs-data\n"
|
||||
" start logd\n"
|
||||
" rm " UNBLOCKFILE "\n"
|
||||
" start %2$s\n"
|
||||
" wait " UNBLOCKFILE " " str(POST_FS_DATA_WAIT_TIME) "\n"
|
||||
" rm " UNBLOCKFILE "\n"
|
||||
"\n"
|
||||
|
||||
"service %2$s %1$s/magisk --post-fs-data\n"
|
||||
" user root\n"
|
||||
" seclabel u:r:" SEPOL_PROC_DOMAIN ":s0\n"
|
||||
" oneshot\n"
|
||||
"\n"
|
||||
|
||||
"service %3$s %1$s/magisk --service\n"
|
||||
" class late_start\n"
|
||||
" user root\n"
|
||||
" seclabel u:r:" SEPOL_PROC_DOMAIN ":s0\n"
|
||||
" oneshot\n"
|
||||
"\n"
|
||||
|
||||
"on property:sys.boot_completed=1\n"
|
||||
" exec %1$s/magisk --boot-complete\n"
|
||||
"\n"
|
||||
|
||||
"on property:init.svc.zygote=restarting\n"
|
||||
" exec %1$s/magisk --zygote-restart\n"
|
||||
"\n"
|
||||
|
||||
"on property:init.svc.zygote=stopped\n"
|
||||
" exec %1$s/magisk --zygote-restart\n"
|
||||
"\n"
|
||||
;
|
@ -4,9 +4,9 @@
|
||||
|
||||
#include <magisk.hpp>
|
||||
#include <base.hpp>
|
||||
#include <selinux.hpp>
|
||||
|
||||
#include "init.hpp"
|
||||
#include "magiskrc.inc"
|
||||
|
||||
using namespace std;
|
||||
|
||||
@ -52,11 +52,27 @@ static void patch_init_rc(const char *src, const char *dest, const char *tmp_dir
|
||||
rc_list.clear();
|
||||
|
||||
// Inject Magisk rc scripts
|
||||
char pfd_svc[16], ls_svc[16];
|
||||
gen_rand_str(pfd_svc, sizeof(pfd_svc));
|
||||
gen_rand_str(ls_svc, sizeof(ls_svc));
|
||||
LOGD("Inject magisk services: [%s] [%s]\n", pfd_svc, ls_svc);
|
||||
fprintf(rc, MAGISK_RC, tmp_dir, pfd_svc, ls_svc);
|
||||
LOGD("Inject magisk rc\n");
|
||||
fprintf(rc, R"EOF(
|
||||
on post-fs-data
|
||||
start logd
|
||||
exec %2$s 0 0 -- %1$s/magisk --post-fs-data
|
||||
|
||||
on property:vold.decrypt=trigger_restart_framework
|
||||
exec %2$s 0 0 -- %1$s/magisk --service
|
||||
|
||||
on nonencrypted
|
||||
exec %2$s 0 0 -- %1$s/magisk --service
|
||||
|
||||
on property:sys.boot_completed=1
|
||||
exec %2$s 0 0 -- %1$s/magisk --boot-complete
|
||||
|
||||
on property:init.svc.zygote=restarting
|
||||
exec %2$s 0 0 -- %1$s/magisk --zygote-restart
|
||||
|
||||
on property:init.svc.zygote=stopped
|
||||
exec %2$s 0 0 -- %1$s/magisk --zygote-restart
|
||||
)EOF", tmp_dir, "u:r:" SEPOL_PROC_DOMAIN ":s0");
|
||||
|
||||
fclose(rc);
|
||||
clone_attr(src, dest);
|
||||
|
@ -64,7 +64,7 @@ void sepolicy::magisk_rules() {
|
||||
}
|
||||
|
||||
// Allow these processes to access MagiskSU
|
||||
vector<const char *> clients{ "init", "shell", "update_engine", "appdomain" };
|
||||
vector<const char *> clients{ "shell", "update_engine", "appdomain" };
|
||||
for (auto type : clients) {
|
||||
if (!exists(type))
|
||||
continue;
|
||||
@ -137,6 +137,10 @@ void sepolicy::magisk_rules() {
|
||||
// Let init run stuffs
|
||||
allow("kernel", SEPOL_PROC_DOMAIN, "fd", "use");
|
||||
allow("init", SEPOL_PROC_DOMAIN, "process", ALL);
|
||||
allow("init", SEPOL_EXEC_TYPE, "file", "read");
|
||||
allow("init", SEPOL_EXEC_TYPE, "file", "open");
|
||||
allow("init", SEPOL_EXEC_TYPE, "file", "getattr");
|
||||
allow("init", SEPOL_EXEC_TYPE, "file", "execute");
|
||||
|
||||
// suRights
|
||||
allow("servicemanager", SEPOL_PROC_DOMAIN, "dir", "search");
|
||||
|
@ -149,7 +149,5 @@ touch $MAGISKTMP/.magisk/config
|
||||
|
||||
# Boot up
|
||||
$MAGISKTMP/magisk --post-fs-data
|
||||
while [ ! -f /dev/.magisk_unblock ]; do sleep 1; done
|
||||
rm /dev/.magisk_unblock
|
||||
start
|
||||
$MAGISKTMP/magisk --service
|
||||
|
Loading…
x
Reference in New Issue
Block a user