1743 Commits

Author SHA1 Message Date
topjohnwu
753808a4ce Also hijack plat_file_contexts if necessary
Since Android 13, sepolicy are also loaded from APEX modules. Part
of the change is to run restorecon before SELinux is set to enforce.
In order to support this situation, we also hijack plat_file_contexts
if necessary to properly order our operations.

Original idea credits to @yujincheng08, close #5603
2022-03-18 00:46:34 -07:00
topjohnwu
32cd694ad5 SAR can also have monolithic sepolicy 2022-03-17 22:32:49 -07:00
topjohnwu
f008420891 Make magiskinit not magiskpolicy 2022-03-17 03:36:40 -07:00
topjohnwu
fa8900be65 Use standalone magiskpolicy 2022-03-17 03:15:39 -07:00
LoveSy
69c2f407d6 Log if failed to dlopen a zygisk module 2022-03-17 02:25:31 -07:00
topjohnwu
8dbf93750f Reorganize magiskinit code 2022-03-16 21:41:20 -07:00
topjohnwu
e266a81167 Remove unused code 2022-03-16 21:31:22 -07:00
topjohnwu
e841aab9e7 Add hijack sepolicy support for rootfs devices
On older Android versions, pre-mounting selinuxfs will lead to errors,
so we have to use a different method to block init's control flow.
Since all devices that falls in this catagory must both:

1. Be Android 8.0 - 9.0
2. Have early mount fstab in its device tree

We can actually use the same FIFO trick, but this time not on selinuxfs,
but on the read-only device tree nodes in sysfs or procfs. By mocking
the fstab/compatible node in the device tree, we can block init when
it attempts to do early mount; at that point, we can then mock selinuxfs
as we normally would, successfully hijack and inject patched sepolicy.
2022-03-16 20:01:28 -07:00
topjohnwu
49f259065d Introduce new sepolicy injection mechanism
In the current implementation, Magisk will either have to recreate
all early mount implementation (for legacy SAR and rootfs devices) or
delegate early mount to first stage init (for 2SI devices) to access
required partitions for loading sepolicy. It then has to recreate the
split sepolicy loading implementation in-house, apply patches, then
dump the compiled + patched policies into monolithic format somewhere.
Finally, it patches the original init to force it to load the sepolicy
file we just created.

With the increasing complexity involved in early mount and split
sepolicy (there is even APEX module involved in the future!),
it is about time to rethink Magisk's sepolicy strategy as rebuilding
init's functionality is not scalable and easy to maintain.

In this commit, instead of building sepolicy ourselves, we mock
selinuxfs with FIFO files connected to a pre-init daemon, waiting
for the actual init process to directly write the sepolicy file into
MagiskInit. We then patch the file and load it into the kernel. Some
FIFO tricks has to be used to hijack the original init process's
control flow and prevent race conditions, details are directly in the
comments in code.

At the moment, only system-as-root (read-only root) support is added.
Support for legacy rootfs devices will come with a follow up commit.
2022-03-16 00:31:55 -07:00
topjohnwu
b10379e700 Cleanup inheritance 2022-03-14 04:22:09 -07:00
topjohnwu
810d27a618 Use /data as tmpfs mount point in 2SI setup
Design credit to @yujincheng08
Close #5146. Fix #5491, fix #3752

Previously, Magisk changes the mount point from /system to /system_root
by patching fstab to prevent the original init from changing root.
The reason why we want to prevent the original init from switching the
root directory is because it will then be read-only, making patching
and injecting magiskinit into the boot chain difficult.

This commit (ab)uses the fact that the /data folder will never be part
of early mount (because it is handled very late in the boot by vold),
so that we can use it as the mount point of tmpfs to store files.

Some advantages of this method:

- No need to switch root manually
- No need to modify fstab, which significantly improves compatibility
  e.g. avoid hacks for weird devices like those using oplus.fstab,
  and avoid hacking init to bypass fstab in device trees
- Supports skip_mount.cfg
- Support DSU
2022-03-13 05:06:08 -07:00
topjohnwu
9b60c005c7 Support multiple CPIO concatenated 2022-03-13 04:23:00 -07:00
topjohnwu
563a587882 Initialize local variables
Fix #5542
2022-03-09 20:43:42 -08:00
topjohnwu
0c681cdab4 Check null before dereferencing fds_to_ignore 2022-03-03 21:34:53 -08:00
topjohnwu
80dd37ee31 Add missing specialize arguments 2022-03-02 22:01:35 -08:00
topjohnwu
e0b5645064 Revert "Directly use getrandom system call if possible"
This reverts commit e7c82f20e3d7d7b47221b454508d07aefc14e7c0.
Fix #5516
2022-03-02 19:50:47 -08:00
topjohnwu
548d70f30c Mount with original option
Fix #5481, close #5486
2022-03-01 20:09:59 -08:00
topjohnwu
9968af0785 Move all permission check into daemon.cpp 2022-03-01 03:15:38 -08:00
topjohnwu
be7586137c Reduce C++ wizardry 2022-03-01 03:15:38 -08:00
LoveSy
7999b66c3c Refactor daemon connection 2022-03-01 03:15:38 -08:00
vvb2060
c82a46c1ee Check property before switch mem cgroup 2022-02-28 23:27:23 -08:00
vvb2060
666ab1941f Fix app request fifo wait 2022-02-28 23:26:59 -08:00
topjohnwu
e7c82f20e3 Directly use getrandom system call if possible 2022-02-16 23:57:28 -08:00
LoveSy
afa771a980 Set dlopen reserved size to unlimited 2022-02-16 23:05:17 -08:00
topjohnwu
4c80808997 Check packages.xml inode to trigger app rescan 2022-02-14 02:57:33 -08:00
topjohnwu
d021bca6ef Prevent app_process from setting umask
Fix #5435
2022-02-11 01:26:24 -08:00
topjohnwu
55ed6109c1 Use dynamic_bitset.emplace_back() 2022-02-11 01:10:26 -08:00
LoveSy
88e8f2bf83
Proper escape : and \ when binding intent 2022-02-11 01:07:28 -08:00
topjohnwu
605eae21bc Remove unnecessary read/write
Close #5425
2022-02-11 00:24:12 -08:00
topjohnwu
93eb277a88 Update error messages 2022-02-11 00:01:51 -08:00
LoveSy
8edf556c9e Fix lz4_lg compress 2022-02-10 23:50:19 -08:00
topjohnwu
7fcb63230f Support lz4_legacy archive with multiple magic
Multiple lz4_legacy archives can be directly concatenated
2022-02-10 23:49:17 -08:00
canyie
ebb0ec6c42 Make xmmap() returns nullptr when fails
In the constructor of mmap_data, there are two possible values when fails: nullptr if fstat() fails, and MAP_FAILED if mmap() fails, but mmap_data treated MAP_FAILED as valid address and crashes.
2022-02-08 00:49:47 -08:00
LoveSy
188546515c
Fix UID tracking 2022-02-08 00:49:22 -08:00
topjohnwu
c8990b0f68 Rewrite UID tracking 2022-02-07 02:46:47 -08:00
topjohnwu
3145e67feb Update data structure 2022-02-07 00:17:07 -08:00
topjohnwu
a7392ed3d7 Fix MULTIUSER_MODE_OWNER_MANAGED 2022-02-06 06:46:09 -08:00
topjohnwu
a4f97fa151 Fix buffer overflow in connect.cpp 2022-02-06 05:52:11 -08:00
LoveSy
ff7ac582f0
Refactor Zygisk loading
Co-authored-by: topjohnwu <topjohnwu@gmail.com>
2022-02-06 00:27:31 -08:00
LoveSy
d2c2456fbe
Don't use getmntent_r from system's libc
Fix #5354

Co-authored-by: topjohnwu <topjohnwu@gmail.com>
2022-02-04 23:19:12 -08:00
LoveSy
e9f562a8b7 Fix abuse of fdopendir
After `fdopendir`, the fd is no longer usable. Should dup and
make use of RAII

Co-authored-by: 残页 <31466456+canyie@users.noreply.github.com>
2022-02-04 22:54:34 -08:00
残页
79620c97d1
Invalidate Samsung's persist.sys.zygote.early
Samsung FDE devices with the "persist.sys.zygote.early=true" property will cause Zygote to start before post-fs-data. According to Magisk's document, the post-fs-data phase should always happen before Zygote is started. Features assuming this behavior (like Zygisk and modules that need to control zygote) will not work. To avoid breaking existing modules, we simply invalidate this property to prevent this non-standard behavior from happening

Fix #5299, fix #5328, fix #5308

Co-authored-by: LoveSy <shana@zju.edu.cn>
2022-02-03 00:46:52 -08:00
topjohnwu
7f65f7d3ca Separate libc.a hacks into its own component 2022-01-31 02:09:08 -08:00
topjohnwu
9fa096c6f4 Add runtime FORTIFY support
Gingerbread libc.a missing symbols
2022-01-31 01:49:37 -08:00
LoveSy
70415a396a Do not filter uid == 1000 for process info 2022-01-30 08:25:24 -08:00
topjohnwu
3bf47a6838 Update selinux 2022-01-30 08:18:04 -08:00
topjohnwu
d3d28f0623 Update to NDK r23b
Credits: @yujincheng08

Close #5193
2022-01-30 07:11:51 -08:00
topjohnwu
06531f6d06 Add annotations to suppress warnings 2022-01-25 04:16:14 -08:00
topjohnwu
2b303a7e23 Add a missing busybox patch back
Hopefully, fix #4174
2022-01-25 03:37:59 -08:00
topjohnwu
45483fde74 Update CLI usages 2022-01-25 02:04:15 -08:00
topjohnwu
2fe3082518 Update busybox 2022-01-24 23:20:36 -08:00
topjohnwu
5a889d28c8 Pick a more reasonable zopfli config
Close #4980
2022-01-24 23:07:49 -08:00
topjohnwu
c6dcff0ae7 Minor dynamic_bitset changes 2022-01-24 22:30:19 -08:00
LoveSy
02dd962601 Don't load zygisk module for magisk app 2022-01-24 03:05:12 -08:00
topjohnwu
cbe97cdfde Fix dynamic_bitset implementation 2022-01-23 04:39:00 -08:00
topjohnwu
407dfc7547 Always write 0 to fd 2022-01-23 04:19:07 -08:00
topjohnwu
fbe17dde03 Add flag for unloaded Zygisk modules 2022-01-21 05:37:47 -08:00
John Wu
c826318da4 Update CLI usage text 2022-01-20 01:59:01 -08:00
LoveSy
6582a4abd9 Make magiskpolicy supports multiple --apply 2022-01-20 01:59:01 -08:00
topjohnwu
195d885887 Reduce log spamming 2022-01-20 00:18:46 -08:00
topjohnwu
519bd2f30f Disable AVD hacks by default 2022-01-19 20:28:01 -08:00
topjohnwu
20ef724fad Add new build command avd_patch 2022-01-19 05:12:11 -08:00
vvb2060
f443cbaa2b Revert "Always run non disabled module post-fs-data scripts"
This reverts commit 4dfb193d10f24fbc96a88c1d13821f471621ba81.
2022-01-18 04:48:47 -08:00
topjohnwu
bb7a74e4b4 Add Zygisk API getFlags() 2022-01-17 19:54:33 -08:00
topjohnwu
76ddfeb93a Allow modifying denylist without enforcement 2022-01-15 23:46:22 -08:00
LoveSy
c38b826abf Skip overlayfs for post-fs-data mount
adb remount will introduce overlayfs for /system and /vendor, we should
skip mounting as overlayfs. This also helps us support overlayfs Magisk
later.
2022-01-14 03:42:37 -08:00
topjohnwu
21d7db0959 Add new Zygisk API to get module dir 2022-01-14 03:10:02 -08:00
LoveSy
b2cd24ed1b Fix an UB when cil compile error 2022-01-11 03:01:27 -08:00
topjohnwu
f4926cb822 Small refactoring 2022-01-02 16:09:03 -08:00
topjohnwu
1e77e0862a Separate fstab finding to its own function 2022-01-02 15:49:12 -08:00
topjohnwu
8c696cb8ca Minor code refactoring 2021-12-28 23:37:06 -08:00
LoveSy
62ef8ade8f
Skip loading Magisk when detecting DSU
Fix #4402

Co-authored-by: topjohnwu <topjohnwu@gmail.com>
2021-12-28 21:04:09 -08:00
LoveSy
3d88dd3123 Update dtc to fix a UB
See https://github.com/dgibson/dtc/pull/65
2021-12-28 17:18:32 -08:00
残页
880b348ce6 Add an old cgroup path
Fix topjohnwu#5125
cgroup root path might be mem cgroup instead of acct, especially on low-ram devices.
bc131c3244%5E%21/#F0
2021-12-28 17:12:15 -08:00
LoveSy
19182ffddf If dt fstab contains error, fallback to default fstab
See https://cs.android.com/android/platform/superproject/+/master:system/core/init/first_stage_mount.cpp;drc=master;l=155

From the source of `FirstStageMount`, dt fstab can fail gracefully and
if any error occurs it will fall back to default fstab. Magisk now
replaces the default fstab and dt fstab unconditionally, bringing potential
errors to the default fstab and causing init fails to load partitions.
2021-12-28 17:10:52 -08:00
topjohnwu
f4ed6274a4 Invert vbmeta header patching config
vbmeta header should not be patched in most cases
2021-12-14 04:52:25 -08:00
LoveSy
56eb1a1cf9 Load fstab from system/etc
Caused by this commit: e98afa2687

Fix #5057
2021-12-14 03:51:55 -08:00
LoveSy
a7c156a9e3
Further fix oplus.fstab support
* Further fix `oplus.fstab` support

In some oneplus devices, `oplus.fstab` does exists but `init` never
loaded it and those entries in `oplus.fstab` are written directly to
`fstab.qcom`. Previous implementation will introduce duplicate entries
to `fstab.qcom` and brick the device. This commit filters those entries
from `oplus.fstab` that are already in `fstab.qcom` and further filters
duplicated entries in `oplus.fstab` (keep only the last entry).

Fix #5016

* Fix UB

Since we moved entry, we need to explicitly copy its member.
For c++23 we can use `auto{}`.
2021-12-14 03:40:23 -08:00
残页
b5d80a88d1 Only care about mount namespace isolating 2021-12-14 03:08:55 -08:00
LoveSy
87c2f6ad14
xhook_clear after xhook_refresh 2021-12-14 03:06:57 -08:00
topjohnwu
e097c097fe Rename persist_properties.cpp -> persist.cpp 2021-11-30 01:58:31 -08:00
topjohnwu
1443a5b175 Use mmap_data more widely 2021-11-30 01:50:55 -08:00
topjohnwu
2d82ad93dd Macro -> template 2021-11-29 19:56:37 -08:00
topjohnwu
0a28dfe1e2 AVB blobs expect to be 4096-byte aligned 2021-11-28 13:21:05 -08:00
topjohnwu
228570640e Introduce KEEPVBMETAFLAG env variable
Close #4447, close #4906, close #4901, close #4964
2021-11-23 22:14:12 -08:00
topjohnwu
65a79610aa Fix crash and warnings 2021-11-23 18:46:06 -08:00
topjohnwu
24984ea4f2 Optimize stream for full-file writes 2021-11-23 18:08:14 -08:00
topjohnwu
048b2af0fc Improve zopfli encoder
Write in chunks for CLI compression
2021-11-23 16:50:08 -08:00
topjohnwu
449989ddd9 Always use zopfli for zImage compression 2021-11-23 14:24:05 -08:00
topjohnwu
01ebe5724a Cleanup zImage parsing code 2021-11-23 13:39:15 -08:00
topjohnwu
95fb230b8c Update to BusyBox 1.34.1 2021-11-22 19:46:52 -08:00
topjohnwu
632971af15 Properly support v4 image headers 2021-11-21 06:07:21 -08:00
topjohnwu
5787aa1078 Stream should always write all bytes 2021-11-21 06:05:59 -08:00
topjohnwu
d8b9265484 Pull out buffer-chunk logic into separate class 2021-11-21 06:05:55 -08:00
topjohnwu
9ea3169ca9 Do not allow modifying page sizes 2021-11-20 22:51:22 -08:00
topjohnwu
aebf2672cd Fix unpacking vendor boot images 2021-11-20 22:44:38 -08:00
topjohnwu
fef44bd24f Allow boot scripts to know Zygisk status 2021-11-20 13:05:15 -08:00
topjohnwu
4dfb193d10 Always run non disabled module post-fs-data scripts 2021-11-16 21:29:13 -08:00
vvb2060
d4ac458d17 Ignore zygisk modules when zygisk is not enabled 2021-11-16 21:14:35 -08:00
topjohnwu
e1b63d7dec Initialize mt19937 statically in function
This reduces startup time
2021-11-16 03:20:07 -08:00
topjohnwu
4b5651bd6f Revert logging after pre specialize 2021-11-16 03:12:01 -08:00
topjohnwu
50515d9128 Close unclosed fds from modules 2021-11-16 01:59:45 -08:00
topjohnwu
6935033db5 Prevent dangling pointers 2021-11-12 02:02:05 -08:00
topjohnwu
421277d730 Prevent race conditions in connect_companion 2021-11-12 01:55:55 -08:00
topjohnwu
56988944b5 No need to dup fd 2021-11-12 01:54:48 -08:00
topjohnwu
528601d25a Fix integer overflow and workaround seccomp
- Use ftruncate64 instead of ftruncate to workaround seccomp
- Cast uint32_t to off64_t before making it negative

Note: Using ftruncate with a modern NDK libc should actually be
fine as the syscall wrapper in bionic will use ftruncate64 internally.
However, since we are using the libc.a from r10e built for Gingerbread,
seccomp wasn't a thing back then, and also the ftruncate64 symbol is
missing; we have to create our own wrapper and call it instead on
32-bit ABIs.

Props to @jnotuo for discovering the overflow bug and seccomp issue

Fix #3703, close #4915
2021-11-10 03:07:20 -08:00
topjohnwu
b8c1588284 Always unload zygisk after specialize 2021-11-07 13:05:44 -08:00
Chaosmaster
16322ab30c Use full gzip-signature to find gzip-data.
Fall back to raw image if gzip is not found.

Fixes #4849
2021-11-03 22:23:21 -07:00
Chaosmaster
5682917356 Speed up zopfli compression
See #4810 for example
2021-11-03 22:22:29 -07:00
LoveSy
c91ccc8b4e Fix UB on dtb
`operator==` of string_view will create a tmp `string_view`.
It's an UB if the `const char *` is a nullptr.
`fdt_get_name` however will return a nullptr.
2021-11-03 22:21:48 -07:00
topjohnwu
63f670fc36 Move first stage unload before fork 2021-11-02 21:53:33 -07:00
LoveSy
e20b07fa24 Fix #4853 2021-11-02 19:31:17 -07:00
topjohnwu
d232cba02d Fix first stage unload 2021-11-02 04:12:56 -07:00
topjohnwu
48df6b8485 Use memmem instead of strstr
It might not be null terminated
2021-10-31 11:46:56 -07:00
Nullptr
e34e04af04 Make Api functions inline
Make Api functions inline to avoid duplicate symbols when including api.hpp in multiple cpps
2021-10-31 10:55:41 -07:00
topjohnwu
84e19ceef0 Tidy up bootimg.h
Close #4796
2021-10-31 10:52:12 -07:00
Chris Renshaw
59161efd08 Support Samsung 2SI with skip_initramfs in dtb cmdline
Samsung Galaxy A21S and Galaxy M12, probably others, are hdr_v2 boot.img with 2SI judging by the ramdisk contents, but the dtb contains an extra cmdline with skip_initramfs present, even though this shouldn't exist on 2SI and the kernel apparently doesn't even contain a skip_initramfs function

I can't find examples of other devices where skip_initramfs is present in the dtb other than these so patch it out like we do the kernel

Co-authored-by: topjohnwu <topjohnwu@gmail.com>
2021-10-30 21:20:10 -07:00
Chris Renshaw
6663fd3526
Support custom legacy Sony devices with init.real setup
Custom ROM bring-ups of legacy Sony devices contain the following:
/init (symlink to /bin/init_sony)
/init.real (the "real" Android init)
/bin/init_sony (this was /sbin/init_sony on Android <11)

Kernel loads the ramdisk and starts /init -> /bin/init_sony
/bin/init_sony does low-level device setup (see: https://github.com/LineageOS/android_device_sony_common/blob/lineage-18.1/init/init_main.cpp)
/bin/init_sony unlinks /init and renames /init.real to /init
/bin/init_sony starts /init

Since init_sony needs to run first magiskinit needs to replace init.real instead, so add workarounds based on detection of init.real to boot patcher and uninstaller

Thanks @115ek and @bleckdeth

Fixes #3636

Co-authored-by: topjohnwu <topjohnwu@gmail.com>
2021-10-30 18:59:20 -07:00
topjohnwu
2c44e1bb93 Update rules again 2021-10-29 03:37:14 -07:00
残页
e3f6399473 Don't use xwrite() when patching legacy rootfs init
Fix topjohnwu#4810
> [    2.927463]  [1:           init:    1] magiskinit: Replace [/system/etc/selinux/plat_sepolicy.cil] -> [xxx]
[    2.936801]  [1:           init:    1] magiskinit: write failed with 14: Bad address

Since topjohnwu#4596, magisk fails to patch `/init`, xwrite() fails with EFAULT, break the original `/init` file and make the device unbootable. Reverting this commit for legacy rootfs devices fixes the problem. I think this is a Samsung kernel magic since currently I can't reproduce this on other devices or find something special in the log currently we have.
2021-10-29 03:23:34 -07:00
残页
89c2c21774
Fix init.rc path detection
Fix #4319
Some devices store init.rc into the new path but still have the legacy /init.rc file
2021-10-29 03:21:20 -07:00
残页
a170acb9d7 Fix compilation when init debug toggle enabled 2021-10-29 03:15:16 -07:00
vvb2060
6a086bb222 Load *_compat_cil_file from system_ext
https://android-review.googlesource.com/c/platform/system/core/+/1650271
2021-10-29 03:14:26 -07:00
vvb2060
b2f152e641 realpath /proc/pid/cwd
prevent cross mount namespace
2021-10-29 03:13:20 -07:00
topjohnwu
6c5b261804 Update spolicy rules 2021-10-29 03:12:48 -07:00
topjohnwu
8bd0c44e83 Replace module fd with memfd if possible 2021-10-28 00:26:18 -07:00
topjohnwu
34c36984e9 Stop extreme verbose logging 2021-10-27 04:00:40 -07:00
topjohnwu
8bd6aca0dd DenyList unmount without magiskd 2021-10-27 04:00:40 -07:00
topjohnwu
983b74be77 Pass MAGISKTMP over to zygote 2021-10-27 03:25:54 -07:00
topjohnwu
ea75a09f95 Make zygisk survive zygote restarts
Close #4777
2021-10-27 01:53:16 -07:00
LoveSy
4c747c4148 Add rule: allow * magisk_file lnk_file { * } 2021-10-26 00:41:04 -07:00
LoveSy
49abfcafed Fix nullptr dereference when env abnormal 2021-10-26 00:40:00 -07:00
topjohnwu
50710c72ad Cleanup magiskinit code 2021-10-26 00:35:55 -07:00
vvb2060
2e299b3814 Add an old cgroup v2 path
https://android-review.googlesource.com/c/platform/system/core/+/1324649
2021-10-25 20:54:19 -07:00
vvb2060
3599384b38 Allow fallback to /dev/pts 2021-10-23 23:31:44 -07:00
topjohnwu
4b307cad2c Random minor changes 2021-10-23 22:20:07 -07:00
topjohnwu
7496d51580 Make zygiskd ABI aware 2021-10-23 14:38:30 -07:00
topjohnwu
4194ac894c Support setting more options 2021-10-21 03:20:04 -07:00
topjohnwu
ffb5d9ea9c Update libcxx 2021-10-21 02:08:13 -07:00
topjohnwu
770b28ca30 Build on API 21 headers 2021-10-20 03:17:42 -07:00
topjohnwu
8d0dc37ec0 Use SO_PEERSEC to get client secontext 2021-10-19 23:46:38 -07:00
topjohnwu
fe41df87bb pthread_cond_signal might wake multiple threads
Close #4759
2021-10-19 21:32:37 -07:00
topjohnwu
8276a0775d Fix API doc 2021-10-17 05:42:33 -07:00
LoveSy
abfb3bb3bb
Fix always log hook fails 2021-10-17 05:00:31 -07:00
LoveSy
e184eb4a23 Fix UB of loading modules
- The lambda here infers its return type as `std::string`,
  and since `info` is `const`, the labmda copies `info.name`
  and returns a `std::string&&`. After captured by the
  `std::string_view`, the `std::string&&` return value
  deconstructs and makes `std::string_view` refers to a
  dangling pointer.
2021-10-17 04:38:56 -07:00
topjohnwu
d0fc372ecd Implement Zygisk companion process 2021-10-17 04:36:18 -07:00
topjohnwu
6f54c57647 Allow fork in thread pool 2021-10-17 04:24:25 -07:00
topjohnwu
e8ae103d5f Update jni hooks 2021-10-14 02:43:56 -07:00
topjohnwu
b0198dab6c Update Zygisk logging 2021-10-14 02:13:23 -07:00
topjohnwu
b75ec09998 Load Zygisk modules even if no magic mount is needed
Close #4767
2021-10-14 01:35:29 -07:00
topjohnwu
c8ac6c07b0 Load Zygisk modules 2021-10-13 04:52:02 -07:00
topjohnwu
27814e3015 Minor Zygisk API changes 2021-10-09 11:53:40 -07:00
topjohnwu
f59309a445 Minor changes 2021-10-09 11:36:01 -07:00
vvb2060
b0292d7319 Add execmem to allow hook 2021-10-09 02:59:03 -07:00
topjohnwu
7f18616cc0 Prune unused nodes from trie 2021-10-09 02:15:03 -07:00
topjohnwu
2fef98a5af Wipe out prop_info data after delete 2021-10-09 00:27:11 -07:00
topjohnwu
36765caedc Fix thread pool implementation
Close #4759
2021-10-08 23:28:14 -07:00
topjohnwu
f7aed10ea2 Fix friend template function 2021-10-08 19:17:31 -07:00
topjohnwu
410bbb8285 Update Zygisk APIs 2021-10-05 22:42:55 -07:00
topjohnwu
f56ea52932 Add public Zygisk API
Still WIP
2021-10-05 03:53:22 -07:00
vvb2060
cb4361b7b7 Fix terminal on android 8
No need to handle untrusted_app_all_devpts on modern devices, but devpts policy is different for older devices.
2021-09-25 12:08:35 -07:00
vvb2060
ecd332c573 Close fd 2021-09-25 12:07:52 -07:00
topjohnwu
f642fb3b99 Properly handle child zygote
Close #4720
2021-09-24 01:23:58 -07:00
topjohnwu
e68dd866a3 Only create app_id_map if necessary 2021-09-24 00:22:19 -07:00
topjohnwu
73d36fdff0 Riru and its modules are not compatible with zygisk 2021-09-23 23:54:46 -07:00
vvb2060
d20517483e Prevent multiple mounts of devpts 2021-09-23 02:40:24 -07:00
topjohnwu
f3d39e7515 Update BusyBox
Fix #4657, close #4602
2021-09-23 02:31:42 -07:00
残页
61783ffc82 Prevent original libselinux.so to be unmounted
libselinux.so will be unmounted when magiskd starts. If magiskd restarts (like it died before boot completed), the files we want to unmount is the original files because the modified files is unmounted in previous start, which will causes many crashes due to missing libselinux.so.
2021-09-22 19:34:44 -07:00
topjohnwu
05c4ad01d5 Move first stage unload into second stage 2021-09-22 19:33:08 -07:00
topjohnwu
12647dcf30 Improve memory map tricks
- In `unmap_all`, replace readable pages atomically with mmap + mremap
- Create new function `remap_all` to replace pages with equivalent
  anonymous copies to prevent simple maps name scanning
2021-09-22 19:14:05 -07:00
topjohnwu
da38f59e62 Only run destructor if necessary 2021-09-22 02:52:33 -07:00
topjohnwu
cf4ef54dc5 Unload first stage on main thread 2021-09-22 02:46:07 -07:00
topjohnwu
12e9873514 Update zygisk entry implementation 2021-09-22 00:14:22 -07:00
RikkaW
f7c0e407ca Fix downgrade database 2021-09-20 05:50:34 -07:00
topjohnwu
82c7662cdf Cache Magisk app ID for performance 2021-09-20 05:47:15 -07:00
topjohnwu
4f0bced53e Track app ID instead of UID 2021-09-20 05:08:25 -07:00
topjohnwu
f1b6c9f4aa Refresh uid_map on package.xml change 2021-09-20 04:42:06 -07:00
topjohnwu
0ab31ab0df Fix log writer 2021-09-19 13:41:45 -07:00
topjohnwu
46e8f0779f Move denylist code into zygisk 2021-09-18 14:50:11 -07:00
topjohnwu
3fb72a4d20 Support polling on multiple fds 2021-09-18 14:40:12 -07:00
topjohnwu
db20f65d7c On denylist != do unmount 2021-09-18 12:44:42 -07:00
topjohnwu
63cfe7b47b Make sanitize_environ work properly 2021-09-18 05:11:10 -07:00
topjohnwu
db590091b3 Propagate Zygisk state to Magisk app 2021-09-18 02:38:53 -07:00
topjohnwu
7b25e74418 Simplify get manager app info logic 2021-09-17 02:07:32 -07:00
topjohnwu
706a492218 Update denylist config implementation 2021-09-16 05:27:34 -07:00
topjohnwu
c0be5383de Support enable/disable Zygisk 2021-09-15 02:49:54 -07:00
topjohnwu
3b8ce85092 Enable Zygisk 2021-09-15 01:59:43 -07:00
topjohnwu
65b0ea792e MagiskHide is no more 2021-09-12 12:40:34 -07:00
topjohnwu
24a8b41182 Fix indentation 2021-09-09 01:37:49 -07:00
vvb2060
810cf4dee8 Move config to buildSrc 2021-09-09 01:37:20 -07:00
topjohnwu
de2306bd12 Proper incremental builds
Auto generate flag.h for precise rebuilding
2021-09-07 19:35:28 -07:00
topjohnwu
f8f8c28fec Switch zopfli to official repo 2021-09-03 10:39:23 -07:00
vvb2060
f497867ba5 Update submodules 2021-09-03 10:24:33 -07:00
残页
c0a2e3674c Reset file context from adb_data_file
In some cases (like weird ROMs that allow init to relabel context from system_file), module files will have an incorrent context, which will causes module not working properly.
See https://github.com/RikkaApps/Riru/wiki/Explanation-about-incorrect-SELinux-rules-from-third-party-ROMs-cause-Riru-not-working
2021-09-02 21:55:08 -07:00
vvb2060
76f0602684 Make busybox cflag stable 2021-09-02 21:48:38 -07:00
vvb2060
f5c02be5bf Add new targetSdk domain
https://android-review.googlesource.com/c/platform/system/sepolicy/+/1752122
2021-09-02 01:48:25 -07:00
Wang Han
e990ffd4a0 Remove leftover DISABLE_ZYGISK flag 2021-09-01 20:14:53 -07:00
vvb2060
f98c68a280 Clean up unneeded rules 2021-08-29 13:03:50 -07:00
LoveSy
8079d456ab Use std::map instead 2021-08-29 03:27:15 -07:00
vvb2060
acf166cf9d Support oplus.fstab 2021-08-29 03:27:15 -07:00
vvb2060
439d497a13 boot image header v4 2021-08-29 03:14:23 -07:00
LoveSy
4bcfee397b Remove unnecessary umount 2021-08-29 02:45:49 -07:00
vvb2060
34bcb1dd26 Fix line editing on Android 8.0+ 2021-08-29 02:45:49 -07:00
LoveSy
117d1ed080 Fix always enter safe mode
`getprop("persist.sys.safemode", true) == "1"` -> `getprop("persist.sys.safemode", true) == ""`
2021-08-29 02:45:49 -07:00
vvb2060
f324252681 Use isolated devpts if kernel support
kernel version >= 4.7 or CONFIG_DEVPTS_MULTIPLE_INSTANCES=y
2021-08-29 02:45:49 -07:00
LoveSy
0dad06cdfe Fix meizu compatibility 2021-08-28 21:03:12 -07:00
LoveSy
f89f08833e Generic parsing methods 2021-08-28 20:50:17 -07:00
vvb2060
79e8962854 Support bootconfig
https://android-review.googlesource.com/c/platform/system/core/+/1615298
2021-08-28 20:50:17 -07:00
topjohnwu
34e5a7cd24 Zopfli is not always smaller 2021-08-28 17:16:20 -07:00
topjohnwu
7343c195b7 Cleanup compress.cpp 2021-08-28 17:01:08 -07:00
topjohnwu
0af041b54e Cleanup magiskboot code 2021-08-28 14:07:34 -07:00
Chaosmaster
92a8a3e91f Add zopfli gzip encoder for better compression 2021-08-28 11:00:30 -07:00
Chaosmaster
f41575d8b0 Add support for legacy ARM32 zImage 2021-08-28 10:53:45 -07:00
topjohnwu
6fe9b69aad Cleanup module.cpp 2021-08-28 10:27:45 -07:00
topjohnwu
5d162f81c4 Modernize db.hpp 2021-08-27 01:06:03 -07:00
topjohnwu
4771c2810b Significantly better AVD support 2021-08-26 03:09:56 -07:00
topjohnwu
0cd99712fa Implement cached thread pool 2021-08-24 02:39:54 -07:00
topjohnwu
b591af7803 Minor bug fixes 2021-08-22 03:26:48 -07:00
topjohnwu
171d68ca72 Connect to magiskd log daemon 2021-08-22 03:26:48 -07:00
topjohnwu
bade4f2c6a Make xhook log as Magisk 2021-08-22 03:26:48 -07:00
topjohnwu
5754782a4e Generalize gen_jni_hooks.py 2021-08-22 03:26:48 -07:00
topjohnwu
decdd54c19 Hook up denylist IPC routines 2021-08-22 03:26:48 -07:00
topjohnwu
ffe47300a1 Update recv/send fd function 2021-08-22 03:26:48 -07:00
topjohnwu
6f9c3c4ff3 Refactor hook.cpp 2021-08-19 01:54:12 -07:00
topjohnwu
9b3efffba9 Use magiskd to setup files 2021-08-18 03:44:32 -07:00
topjohnwu
003fea52b1 Remove all non-Magisk hiding code
Magisk no longer interferes with any signals/info that were not created
or caused by Magisk itself.
2021-08-18 02:01:54 -07:00
topjohnwu
2b17c77195 Make Zygisk 1st class citizen 2021-08-17 23:57:49 -07:00
topjohnwu
c252a50fd7 The name is Zygisk 2021-08-17 23:38:40 -07:00
topjohnwu
cf8f042a20 Cleanup magiskboot cpio code 2021-08-13 04:53:11 -07:00
topjohnwu
844bc2d808 Remove unused code 2021-08-13 03:30:58 -07:00
topjohnwu
27f7fa7153 Extend stream support 2021-08-13 02:08:56 -07:00
topjohnwu
b325aa4555 Fix log file writing 2021-08-13 00:13:44 -07:00
topjohnwu
c2c3bf0ba4 Don't depend on vtable ABI layout 2021-08-12 06:41:59 -07:00
topjohnwu
0d977b54f7 Revise logging code 2021-08-12 03:26:54 -07:00
topjohnwu
20860da4b4 Cleaner daemon handlers 2021-08-11 22:57:08 -07:00
topjohnwu
3ea10b7cf9 Reorganize injection code 2021-08-11 22:56:18 -07:00
topjohnwu
1ec33863bc Android 5.0 is actually supported 2021-08-11 17:14:22 -07:00
topjohnwu
a260e99090 Support code injection on Android 12 2021-08-11 00:00:21 -07:00
topjohnwu
25efdd3d6f Use code generator for jni_hooks 2021-08-02 03:20:19 -07:00
topjohnwu
00a1e18959 Store all native JNI methods in data structures 2021-08-01 14:35:16 -07:00
topjohnwu
5e1fba3603 Build a single APK for all ABIs 2021-05-13 00:21:04 -07:00
vvb2060
66cc9bc545 Pure 64bit support 2021-05-12 16:38:34 -07:00
topjohnwu
5b37de8fe5 Build our own zlib 2021-05-10 18:46:03 -07:00
topjohnwu
7df23ceb74 Prevent undefined behavior in magiskboot 2021-05-10 18:38:30 -07:00
topjohnwu
6099f3b015 Always resolve to canonical path 2021-05-10 01:14:53 -07:00
topjohnwu
775d095b3c Update busybox
Fix #4225
2021-05-08 16:45:31 -07:00
Wang Han
3798d50457 Kill processes with SIGKILL rather than SIGTERM 2021-05-04 22:14:46 -07:00
vvb2060
708fe514f8 Always use mirror path 2021-04-23 16:56:23 -07:00
vvb2060
f4ac7c8e7c
Ignore validating class name of isolated process name
Fix #4176

Co-authored-by: topjohnwu <topjohnwu@gmail.com>
2021-04-15 23:08:51 -07:00
Wang Han
44f005077d Don't copy sepolicy.rule to /persist on boot
* This seems to be a logic that has been abandoned for a
   long time. Now we automatically choose which partition
   to store sepolicy.rule. Furthermore, touching /persist is
   what we should avoid doing whenever possible.
2021-04-15 05:01:03 -07:00
LoveSy
013b6e68ec Fix perfect forwarding 2021-04-15 04:58:30 -07:00
LoveSy
95c964673d Initialized _root properly
Fix #4204

`_root` is uninitialized for non-root nodes. And it will cause `module_node::mount` fail because it uses `root()`. Once the bug is triggered, signal 11 is received but Magisk catch all signals and therefore stuck forever.
2021-04-15 04:58:30 -07:00
Wang Han
e136fb3a4f Remove outdated sepolicies
* Support deodexed ROM: This should not be done and dexpreopt is mandatory since P
   Xposed: Xposed handles them just fine, at least in the latest version 89.3
   suMiscL6: For whatever audio mods, a leftover of phh time
   Liveboot and suBackL6: Was for CF.lumen and LiveBoot, not needed now

 * Also cleanup binder sepolicies since we allow all binder transactions.
2021-04-09 21:34:51 -07:00
topjohnwu
01b985eded Remove more pre SDK 21 stuffs 2021-04-09 21:29:42 -07:00
Shaka Huang
3da318b48e
Fix random return value of faccessat() in x86
faccessat() should return 0 when success, but it returns random number with errno == 0 in x86 platform.

It’s a side effect of commit bf80b08b5febd3f311108ff1c6e6a6bf2d1113b7 when magisk binaries ‘corretly’ linked with library of API16 .. lol

Co-authored-by: John Wu <topjohnwu@gmail.com>
2021-04-04 03:04:09 -07:00
Shaka Huang
dfe1f2c108 Call freecon() when fgetfilecon() succeeds 2021-04-04 01:58:59 -07:00
topjohnwu
7da36079c1 Always delete existing ro props at setprop
Close #4113
2021-03-29 04:16:18 -07:00
topjohnwu
2bef967af1 Make systemproperties more match AOSP 2021-03-29 03:46:07 -07:00
topjohnwu
7e4194418a Update libcxx 2021-03-28 04:55:56 -07:00
topjohnwu
66e30a7723 Build libc++ ourselves 2021-03-25 01:00:10 -07:00
vvb2060
8ddab84745 Don't auto hide microG
close #3559
2021-03-24 04:43:45 -07:00
vvb2060
6865652125 Fix process name in MagiskHide
close #3997
2021-03-24 04:43:45 -07:00
Shaka Huang
e3801d6965
Fix overflow
`totalsize` might be a big (invalid) number so instead of checking the end address we check the size of the image.

Fix #4049
2021-03-24 03:02:46 -07:00
topjohnwu
336f1687c1 Be more careful with signals
Fix #4040
2021-03-18 03:28:02 -07:00
vvb2060
7a007b342a Correct comment
For file-based encryption, /data/adb is always required to encrypt
https://android.googlesource.com/platform/system/extras/+/refs/tags/android-7.0.0_r36/ext4_utils/ext4_crypt_init_extensions.cpp
68258e8444%5E%21/
2021-03-13 21:10:02 -08:00
vvb2060
0783f3d5b6 Fix mount rules dir
close #4006
2021-03-13 21:10:02 -08:00
topjohnwu
82f8948fd4 Separate setting log functions and starting log daemon 2021-03-13 17:50:48 -08:00
Shaka Huang
b9cdc755d1 Returned fds[0] in socketpair() might be STDOUT
* There will be garbage output when executing `su` (#4016)
* Failed to check root status and showing N/A in status (#4005)

Signed-off-by: Shaka Huang <shakalaca@gmail.com>
2021-03-13 17:50:48 -08:00
topjohnwu
a6f81c66e5 Bypass stdio 2021-03-13 16:17:28 -08:00
topjohnwu
1ff45ac5f5 Proper pattern matching
Fix #3998
2021-03-09 04:08:34 -08:00
topjohnwu
43c1105d62 Use dedicated thread for writing logfile 2021-03-09 02:40:12 -08:00
vvb2060
b693d13b93 Proper implementation of cgroup migration
https://www.kernel.org/doc/Documentation/admin-guide/cgroup-v1/cgroups.rst
https://www.kernel.org/doc/Documentation/admin-guide/cgroup-v2.rst
2021-03-07 01:55:19 -08:00
topjohnwu
39982d57ef Fix logging implementation
- Block signals in logging routine (fix #3976)
- Prevent possible deadlock after fork (stdio locks internally)
  by creating a new FILE pointer per logging call (thread/stack local)
2021-03-06 13:55:30 -08:00
topjohnwu
851404205b Update NDK to r21e 2021-03-02 23:18:44 -08:00
topjohnwu
117ae71025 Use custom class instead of std::map 2021-03-02 23:16:10 -08:00
topjohnwu
027ec70262 Patch AVB structures
Disable vbmeta verification in flags
2021-03-02 20:37:37 -08:00
topjohnwu
55fdee4d65 Use memmem for searching byte patterns 2021-02-28 14:37:12 -08:00
topjohnwu
0d42f937dd Refactor magiskboot 2021-02-28 14:37:12 -08:00
vvb2060
ac8372dd26 Add cgroup2 path
https://android-review.googlesource.com/c/platform/system/core/+/1585101
2021-02-26 21:36:58 -08:00
Shaka Huang
ba1ce16b8b Fix error in pure 64-bit environment
In Android S preview, there’s no 32-bit libraries in x86_64 system image for emulator.

Signed-off-by: Shaka Huang <shakalaca@gmail.com>
2021-02-22 03:28:54 -08:00
topjohnwu
ccb55205e6 Fix pre 21 support 2021-02-20 03:38:39 -08:00
vvb2060
b76c80e2ce Fix apex path 2021-02-14 13:37:38 -08:00
topjohnwu
501bc9f438 Restore init from backup rather than symlink
Because of course Samsung don't follow AOSP norms.
I mean, why would they?
2021-02-13 16:43:06 -08:00
topjohnwu
2963747d14 Fix LZ4_LG format decompression
Fix #3802, fix #3722, fix #3770, fix #3635, fix #3787, close #3812
2021-02-07 17:40:59 -08:00
topjohnwu
f1295cb7d6 Fix root on Android 7.0 and lower 2021-01-26 02:16:11 -08:00
topjohnwu
b1dbbdef12 Remove unneeded busybox redirection 2021-01-25 00:23:42 -08:00
topjohnwu
3e479726ec Fix legacy rootfs devices 2021-01-25 00:19:10 -08:00
vvb2060
5113f6d375 Fix stop magiskhide 2021-01-23 18:13:15 -08:00
vvb2060
317336f771 Add isolated processes log 2021-01-23 17:31:11 -08:00
topjohnwu
61d52991f1 Update BusyBox 2021-01-21 00:35:22 -08:00
topjohnwu
d2bc2cfcf8 Install both 32 and 64 bit binaries 2021-01-18 12:37:08 -08:00
topjohnwu
5a71998b4e Stop embedding magisk in magiskinit 2021-01-18 04:25:26 -08:00
topjohnwu
42278f12ff Fix typo in init daemon 2021-01-18 04:13:54 -08:00
topjohnwu
79140c7636 Proper xxread and xwrite implementation 2021-01-17 01:42:45 -08:00
topjohnwu
1f4c595cd3 Revert to old su -c behavior 2021-01-16 23:59:31 -08:00
topjohnwu
67e2a4720e Fix xxread false negatives
Fix #3710
2021-01-16 21:43:53 -08:00
topjohnwu
f5c2d72429 Also log pid and tid 2021-01-16 16:10:47 -08:00
topjohnwu
13fbf397d1 Isolated processes might still be hide-able 2021-01-15 20:22:49 -08:00
topjohnwu
04c53c3578 Legacy SAR: use a simpler method to detect is_two_stage 2021-01-15 02:44:40 -08:00
topjohnwu
51bc27a869 Avoid F2FS like a plague 2021-01-15 02:24:11 -08:00
topjohnwu
71b083794c Maintain global mount list 2021-01-14 21:14:54 -08:00
topjohnwu
b100d0c503 Revert DTB fstab changes 2021-01-14 19:48:00 -08:00
topjohnwu
76061296c9 Let MagiskBoot handle dtb fstab patching 2021-01-14 06:20:12 -08:00
topjohnwu
bb303d2da1 Remove old unused code 2021-01-14 05:59:53 -08:00
topjohnwu
c91c070343 Re-enable DTB table rebuilding 2021-01-14 05:45:05 -08:00
topjohnwu
aec06a6f61 Get proper total image size 2021-01-14 03:55:27 -08:00
topjohnwu
e8ba671fc2 Guard all injection features behind a global flag 2021-01-13 20:07:23 -08:00
topjohnwu
1860e5d133 Dynamically find libselinux.so path 2021-01-13 19:41:57 -08:00
topjohnwu
f2cb3c38fe Update mmap implementation
Always map memory as writable, but private when read-only
2021-01-12 22:50:55 -08:00
topjohnwu
9a28dd4f6e Implement MagiskHide through code injection 2021-01-12 03:28:00 -08:00
topjohnwu
d2acd59ea8 Minor code refactoring 2021-01-12 00:07:48 -08:00
topjohnwu
eb21c8b42e Code cleanups 2021-01-11 02:19:10 -08:00
topjohnwu
70d67728fd Add global toggle for ptrace monitor 2021-01-10 19:27:54 -08:00
topjohnwu
e546884b08 Remove isolated process handling in ptrace
Impossible to achieve only through ptrace
2021-01-10 17:18:42 -08:00
topjohnwu
b36e6d987d Reorganize MagiskHide code
Prepare for zygote injection hiding
2021-01-10 17:11:00 -08:00
topjohnwu
53c3dd5e8b Auto track JNI method hooks 2021-01-10 05:07:17 -08:00
topjohnwu
da723b207a Allow 3rd party code to load pre-specializing
Magisk's policy is to never allow 3rd party code to be loaded in the
zygote daemon process so we have 100% control over injection and hiding.
However, this makes it impossible for 3rd party modules to run anything
before process specialization, which includes the ability to modify the
arguments being sent to these original nativeForkAndXXX methods.

The trick here is to fork before calling the original nativeForkAndXXX
methods, and hook `fork` in libandroid_runtime.so to skip the next
invocation; basically, we're moving the responsibility of process
forking to our own hands.
2021-01-10 01:25:30 -08:00
topjohnwu
e050f77198 Don't hook SystemProperties#set
Doesn't seem necessary
2021-01-09 20:39:59 -08:00
topjohnwu
540b4b7ea9 Update pre/post hooks implementation 2021-01-09 17:41:25 -08:00
topjohnwu
bbef22daf7 More macro magic to automate more code 2021-01-09 04:28:26 -08:00
topjohnwu
9ed110c91b Add JNI hooks to critical methods 2021-01-08 05:25:44 -08:00
topjohnwu
a30d510eb1 Use xHook to hook functions in PLT 2021-01-08 00:53:24 -08:00
topjohnwu
ef98eaed8f Proper injection entry and unloading 2021-01-06 23:59:05 -08:00
topjohnwu
2a257f327c Sanitize /proc/PID/environ 2021-01-06 23:41:37 -08:00
topjohnwu
4060c2107c Add preliminary zygote code injection support
Prototyping the injection setup and a clean "self unloading" mechanism.
2021-01-06 22:21:17 -08:00
topjohnwu
cd23d27048 Fix remote_write implementation 2021-01-06 21:56:29 -08:00
topjohnwu
18b86e4fd2 Update Android.mk for test binary
Make Android Studio happy
2021-01-05 00:01:02 -08:00
topjohnwu
5f2e22a259 Support remote function call with ptrace
End up not used for anything, but keep it for good
2021-01-02 21:29:45 -08:00
topjohnwu
4e97b18977 Move libsystemproperties to external 2020-12-31 15:06:19 -08:00
topjohnwu
f9bde347bc Convert indentation to spaces
The tab war is lost
2020-12-30 22:11:24 -08:00
Billy Laws
947a7d6a2f Support rootwait cmdline parameter on legacy SAR
On devices where the primary storage is slow to probe it makes sense to
wait forever for the system partition to mount, this emulates the
kernel's behaviour when waiting for rootfs on SAR if the rootwait
parameter is supplied.

This issue was encountered with some SD cards on the Nintendo Switch.
2020-12-30 16:43:28 -08:00
topjohnwu
79fa0d3a90 Hide selection improvements 2020-12-30 16:40:22 -08:00
topjohnwu
8e61080a4a Preparation for hiding isolated processes 2020-12-30 15:55:53 -08:00
topjohnwu
db4f78d463 Unblock signals before executing commands 2020-12-27 15:05:39 -08:00
vvb2060
c5b452f369 Get boot config properly
https://android.googlesource.com/platform/system/core/+/refs/tags/android-11.0.0_r16/fs_mgr/fs_mgr_boot_config.cpp#93
2020-12-19 15:55:33 -08:00
topjohnwu
eee7f097e3 Make post-fs-data scripts block at most 35 secs 2020-12-17 16:54:53 -08:00
topjohnwu
086059ec30 Make sure boot stages are mutually exclusive 2020-12-15 03:40:37 -08:00
topjohnwu
7ff22c68c7 Only try to install APK when no manager is active 2020-12-09 02:15:16 -08:00
topjohnwu
0c28b23224 Fix install_module command 2020-12-09 00:37:15 -08:00
topjohnwu
c62dfc1bcc Make logging less error prone 2020-12-06 23:09:24 -08:00
topjohnwu
aabe2696fe Cleanup implementations 2020-12-06 03:07:47 -08:00
topjohnwu
ae0d605310 Make sure patch_rootdir does not cause crashes 2020-12-06 02:19:57 -08:00
topjohnwu
2a694596b5 Better error handling and logging 2020-12-05 10:23:49 -08:00
topjohnwu
ff0a76606e Detect 2SI after system_root mount on legacy SAR 2020-12-04 03:06:21 -08:00
topjohnwu
dead74801d Setup log file when manually starting daemon 2020-12-04 01:07:47 -08:00
topjohnwu
ab207a1bb3 va_list cannot be reused on x86 2020-12-03 20:53:19 -08:00
topjohnwu
f152e8c33d Directly log to log file 2020-12-03 20:15:18 -08:00
topjohnwu
797ba4fbf4 Make sure all logging ends with newline 2020-12-02 00:55:22 -08:00
topjohnwu
552ec1eb35 Header v3 does not have name entry 2020-11-20 22:52:09 -08:00
topjohnwu
0064b01ae0 Trim out \r from string
Fix #3490
2020-11-15 06:30:29 -08:00
topjohnwu
e0afbb647b Minor changes 2020-11-13 02:31:54 -08:00
topjohnwu
f9c7a4c933 Redirect /data/adb/magisk/busybox
Workaround some stupid Samsung kernel restrictions
2020-11-11 02:26:07 -08:00
topjohnwu
2b759b84b0 Properly reset string 2020-11-09 21:17:21 -08:00
topjohnwu
1e45c63ea5 Scan for zygote periodically
Fix #3417
2020-11-08 03:44:43 -08:00
topjohnwu
b14a260827 Offset pid_set by 1
PID starts at 1, not 0
2020-11-08 02:12:35 -08:00
topjohnwu
ade1597e03 Support hiding apps not installed in main user
Fix #2181, close #1840
2020-11-08 01:53:18 -08:00
topjohnwu
afebe734b8 Fix several things regarding scripting 2020-11-07 14:36:13 -08:00
topjohnwu
e21a78164e Properly handle factory resets
Close #3345
2020-11-04 04:50:04 -08:00
topjohnwu
1e0f96d0fd Prefer platform implementation over internal 2020-11-04 04:42:02 -08:00
topjohnwu
bf650332d8 Update nanopb 2020-11-04 01:56:49 -08:00
topjohnwu
f32e0af830 Update resetprop help msg 2020-11-03 01:21:05 -08:00
topjohnwu
4c94f90e5d Templatize function callbacks 2020-11-03 01:16:55 -08:00
topjohnwu
ffb4224640 Don't use reserved symbols 2020-11-03 01:12:33 -08:00
topjohnwu
89fff4830b Mount proper system_root mirror in magiskd 2020-11-03 00:37:08 -08:00
topjohnwu
16e4c67992 Significantly broaden sepolicy.rule compatibility
Previously, Magisk uses persist or cache for storing modules' custom
sepolicy rules. In this commit, we significantly broaden its
compatibility and also prevent mounting errors.

The persist partition is non-standard and also critical for Snapdragon
devices, so we prefer not to use it by default.

We will go through the following logic to find the best suitable
non-volatile, writable location to store and load sepolicy.rule files:

Unencrypted data -> FBE data unencrypted dir -> cache -> metadata -> persist

This should cover almost all possible cases: very old devices have
cache partitions; newer devices will use FBE; latest devices will use
metadata FBE (which guarantees a metadata parition); and finally,
all Snapdragon devices have the persist partition (as a last resort).

Fix #3179
2020-11-02 23:20:38 -08:00
topjohnwu
0feab753fb Fix coding errors and minor changes 2020-10-28 04:17:34 -07:00
Leorize
d0b6318b90 init/mount: support for dm-verity verified root
This commit adds support for kernel initialized dm-verity on legacy SAR
devices.

Tested on a Pixel 2 XL with a kernel patch to initialize mappings
specified via the `dm=` kernel parameter even when an initramfs is used.
2020-10-27 03:47:50 -07:00
topjohnwu
966e23b846 magiskinit code tidy-up 2020-10-26 20:46:15 -07:00
topjohnwu
5b8a1fc2a7 Minor renames 2020-10-25 21:41:14 -07:00
topjohnwu
02ea3ca525 Headers doesn't always occupy 1 page 2020-10-25 06:25:42 -07:00
topjohnwu
0632b146b8 Add vendor boot image support to magiskboot 2020-10-25 06:09:36 -07:00
topjohnwu
1b0b180761 Fix COMPRESSED macro
Fix #3383
2020-10-25 05:10:19 -07:00
topjohnwu
a079966f97 Migrate to AGP 4.1.0 2020-10-17 06:32:49 -07:00
topjohnwu
aaaaa3d044 Minor refactoring 2020-10-15 00:19:11 -07:00
topjohnwu
1edc4449d5 Update lz4 to v1.9.2
Close #3334
2020-10-15 00:04:48 -07:00
topjohnwu
f3cd4da026 Make lz4_lg an exception of lz4_legacy 2020-10-14 23:45:06 -07:00
vvb2060
872c55207c Add com.android.i18n to apex path 2020-10-12 01:59:41 -07:00
topjohnwu
339ca6d666 Improve magiskboot info logging 2020-10-12 01:55:33 -07:00
topjohnwu
4aeac3b8f4 Support header_version 3 2020-10-12 01:06:42 -07:00
topjohnwu
d625beb7f3 Update --remove-modules implementation 2020-10-11 18:30:03 -07:00
topjohnwu
0499588107 Support androidboot.fstab_suffix cmdline flag
Fix #3187
2020-10-08 03:04:12 -07:00
topjohnwu
8b5652ced5 Skip image padding on Pixel C 2020-09-29 02:49:10 -07:00
topjohnwu
6abd9aa8a4 Add new --install-module command
Close #2253
2020-09-26 16:50:41 -07:00
topjohnwu
c91ebfbcc1 Pad images to original sizes with zero
Close #2005
2020-09-26 14:36:57 -07:00
topjohnwu
4fd04e62af Remove compressed ramdisk support
It is causing more issues than it addresses
2020-09-24 02:49:09 -07:00
topjohnwu
17b5291bbb Fix Android 8.0 selinux rules 2020-09-20 14:39:11 -07:00
topjohnwu
30e45f863d Remove unnecessary workaround 2020-09-10 01:01:51 -07:00
topjohnwu
434efec860 Use FIFO for su request communication
Fix #3159
2020-09-10 00:38:29 -07:00
topjohnwu
c3586fe0a5 Upstream external/selinux
Fix #2645
2020-09-04 19:20:08 -07:00
topjohnwu
11f254e5e5 Fix SELinux support for Android 8.0 - 10
Fix #3139
2020-09-04 14:42:09 -07:00
topjohnwu
c61ec2465f Rename function to be more descriptive 2020-09-04 06:21:25 -07:00
topjohnwu
fd5ad91d26 Proper 2SI detection 2020-09-04 06:06:03 -07:00
topjohnwu
5c4c391f94 Fix typo causing rootfs device bootloops
Fix #3134
2020-09-04 04:43:46 -07:00
topjohnwu
4dacffd7a1 Fix some issues with selinux rules 2020-09-04 00:03:24 -07:00
topjohnwu
61599059d5 Fix typo for SAR first stage init 2020-09-03 19:17:25 -07:00
topjohnwu
f32a29911b Properly detect 2SI init
Fix #2994
2020-09-02 21:20:15 -07:00
topjohnwu
b73d5753f2 Minor code cleanups 2020-09-02 02:49:32 -07:00
Simon Shi
2eee335b5f Track more sepolicy cil files.
Reference: https://android.googlesource.com/platform/system/core/+/refs/tags/android-r-beta-3/init/selinux.cpp
2020-08-31 21:38:55 -07:00
vvb2060
e458215f27 Let isolation namespace base on app namespace 2020-08-08 05:21:03 -07:00
vvb2060
fee4031d0f Keep disable file when module update 2020-08-08 05:19:41 -07:00
topjohnwu
7fc9b908d4 Update Android 11 emulator support 2020-07-27 03:33:11 -07:00
classic-gentleman
0ed524f173 Test for NVIDIA/Tegra partition naming scheme first
Fixes https://github.com/topjohnwu/Magisk/issues/3014
2020-07-24 00:26:51 -07:00
topjohnwu
97b72a5941 Revert to old SElinux rules on pre 8.0 devices
Fix #2910
2020-07-06 01:13:50 -07:00
topjohnwu
7922f65243 Welcome Gradle Kotlin DSL 2020-07-04 06:54:53 -07:00
Shaka Huang
6dbd9bfb12 Place pthread_mutex_init() before init_list()
Fix crash in #2900

Signed-off-by: Shaka Huang <shakalaca@gmail.com>
2020-06-28 07:06:19 -07:00
topjohnwu
6150055a05 Update BusyBox 2020-06-25 04:34:16 -07:00
topjohnwu
43146b8316 Update su request process
Due to changes in ec3705f2ed187863efc34af5415495e1ee7775d2, the app can
no longer communicate with the dameon through a socket opened on the
daemon side due to SELinux restrictions. The workaround here is to have
the daemon decide a socket name, send it to the app, have the app create
the socket server, then finally the daemon connects to the app through
the socket.
2020-06-19 03:52:25 -07:00
topjohnwu
44895a86b8 Fix compilation of single applets 2020-06-19 02:45:57 -07:00
topjohnwu
1e2f776b83 Move logging.hpp 2020-06-17 01:17:28 -07:00
topjohnwu
ec3705f2ed Redesign of MagiskSU's sepolicy model
Introduce new domain `magisk_client` and new file type `magisk_exec`.

Connection to magiskd's always-on socket is restricted to magisk_client
only. Whitelisted process domains can transit to magisk_client through
executing files labelled magisk_exec. The main magisk binary shall be
the only file labelled as magisk_exec throughout the whole system.
All processes thus are no longer allowed to connect to magiskd directly
without going through the proper magisk binary.

Connection failures are silenced from audit logs with dontaudit rules,
so crazy processes which traverse through all unix domain sockets to try
connection can no longer check logcat to know the actual reason behind
EACCES, leaking the denied process policy (which is u:r:magisk:s0).

This also allows us to remove many rules that open up holes in
untrusted_app domains that were used to make remote shell work properly.
Since all processes establishing the remote shell are now restricted to
the magisk_client domain, all these rules are moved to magisk_client.
This makes Magisk require fewer compromises in Android's security model.

Note: as of this commit, requesting new root access via Magisk Manager
will stop working as Magisk Manager can no longer communicate with
magiskd directly. This will be addressed in a future commit that
involves changes in both native and application side.
2020-06-03 23:29:42 -07:00
topjohnwu
ae0dcabf43 Fix typo in sepolicy.cpp 2020-06-03 03:11:10 -07:00
topjohnwu
cb7148a24c Switch to debug logging in modules 2020-06-01 04:22:57 -07:00
topjohnwu
2f824f59dc Better logging system
Use C++ magic to strip out debug logs at compile time
2020-06-01 04:15:37 -07:00
osm0sis
e50295d337 magiskboot: add support for lz4 compressed dt (extra)
- legacy devices brought up to Android 10 may now use a compressed dt in a hdr_v0 AOSP dt variant extra section, so detect, decompress and recompress this
- so far these have only been done using lz4 compression (latest format revision magic), e.g. LOS 17.1 victara (Moto X)
2020-05-30 12:52:15 -07:00
topjohnwu
fde78be2b4 Update Android Studio 2020-05-30 12:50:08 -07:00
topjohnwu
c071ac8973 Remove unused code 2020-05-29 10:41:52 -07:00
topjohnwu
599ee57d39 Simplify sepolicy rules 2020-05-25 02:30:39 -07:00
topjohnwu
4499cebcd9 Support new sepolicy rules
Support declare new type with attribute and declare new attributes
2020-05-25 02:09:43 -07:00
topjohnwu
cd6eca1dc2 Optimize match-all-type rules
For match-all-type rules (e.g. "allow magisk * * *" used in Magisk),
we used to iterate and apply rules on all existing types. However, this
is actually unnecessary as all selinux types should have at least 1
attributes assigned to it (process types "domain", file context types
"file_type" etc.). This means in order to create rules that applies to
all types, we actually only need to create rules for all attributes.

This optimization SIGNIFICANTLY reduces the patched sepolicy that is
loaded into the kernel when running Magisk. For example on Pixel 4 XL
running Android R DP4, the sepolicy sizes are
patched (before) : 3455948
patched (after)  : 843176
stock            : 630229

The active sepolicy size actually impacts the performance of every single
operation in the operating system, because the larger the policies gets,
the longer it takes for the kernel to lookup and match rules.
2020-05-24 05:41:19 -07:00
topjohnwu
951273f8ef Cleanup some implementations 2020-05-24 04:16:40 -07:00
vvb2060
51eeb89f67 Allow consecutive points 2020-05-23 14:58:17 -07:00
topjohnwu
0efa73d96c Update selinux libs 2020-05-23 05:02:26 -07:00
topjohnwu
f392ade78d Rewrite sepolicy.c in C++ 2020-05-23 00:18:25 -07:00
topjohnwu
0236ab887e Several statement parsing improvements
- Update help message to match the spec
- Make tokenization not seg fault in certain conditions
- Moar template + macro magic to reduce boilerplate
2020-05-22 14:05:56 -07:00
topjohnwu
d4baae411b Modernize magiskpolicy 2020-05-21 06:48:02 -07:00
topjohnwu
e02e46d0fc Detect volume down key combo for safe mode
It is possible that a module is breaking the device so bad that zygote
cannot even be started. In this case, system_server cannot start and
detect the safe mode key combo, set the persist property, and reboot.

Also on old Android versions, the system directly goes to safe mode
after detecting a key combo without rebooting, defeating the purpose of
Magisk's safe mode protection if we only check for the persist property.

Directly adding key combo check natively in magiskd allows us to enter
Magisk safe mode before the system is even aware of it.
2020-05-19 04:57:47 -07:00
Chris Renshaw
3c04dab472 magiskhide: fix late_prop_key setprop, reorganize props slightly 2020-05-18 23:31:22 -07:00
topjohnwu
fc1844b4df Update policy for handling /data/adb 2020-05-18 23:29:26 -07:00
topjohnwu
99ef20627a Remove unused code 2020-05-18 05:45:08 -07:00
topjohnwu
4497e0aaca Don't expose module_list 2020-05-18 05:36:02 -07:00
topjohnwu
c3e045e367 Use daemon state to determine late prop hiding 2020-05-18 05:21:47 -07:00
topjohnwu
501d3e6c32 Maintain global daemon status 2020-05-18 05:18:49 -07:00
topjohnwu
b27b9c1d18 Minor code changes 2020-05-18 04:56:51 -07:00
topjohnwu
f7d3d1eeaf Increase post-fs-data mode to 40 secs 2020-05-18 04:56:51 -07:00
topjohnwu
0d72a4c8ba Fix compile error 2020-05-18 04:56:51 -07:00
topjohnwu
dbdb0a2560 Move late props to boot complete 2020-05-18 03:51:41 -07:00
topjohnwu
bc6a14d30f Remove property ro.build.selinux 2020-05-17 15:01:37 -07:00
topjohnwu
97db49a57b Move vendor property manipulation to late start 2020-05-17 15:01:37 -07:00
topjohnwu
eca2168685 Guard magiskhide state with mutexes 2020-05-17 15:01:37 -07:00
topjohnwu
aac6ad73da Fix collect modules 2020-05-16 13:45:22 -07:00
topjohnwu
122b4d66b6 Move Android logging out of libutils 2020-05-10 00:48:41 -07:00
topjohnwu
0f8f4e361b Update collect log logic 2020-05-10 00:30:11 -07:00
Chris Renshaw
3733b589ac native: fix slower build on non-Windows platforms 2020-05-09 04:41:07 -07:00
Chris Renshaw
6a2e781db2 magiskhide: add vendor.* props 2020-05-09 04:40:55 -07:00
vvb2060
c6569ce022 Fix service scripts 2020-05-09 04:40:05 -07:00
topjohnwu
a62bdc58cb Use env variables to enable standalone mode 2020-05-08 04:09:58 -07:00
topjohnwu
a5d7c41d20 Support Safe Mode detection
When detecting device is booting as Safe Mode, disable all modules and
MagiskHide and skip all operations. The only thing that'll be available
in this state is root (Magisk Manager will also be disabled by system).

Since the next normal boot will also have all modules disabled, this can
be used to rescue a device in the case when a rogue module causes
bootloop and no custom recovery is available (or recoveries without
the ability to decrypt data).
2020-05-08 00:45:11 -07:00
topjohnwu
232ae2a189 Update resetprop to partially use system impl 2020-05-07 23:54:00 -07:00
topjohnwu
aa8b23105f Modernize resetprop with fancy C++ 2020-05-07 06:08:30 -07:00
topjohnwu
c113f854a2 Fix overlay.d on SAR again 2020-05-07 02:30:43 -07:00
topjohnwu
87de0e7a0e Force remove AVB for 2SI since it may bootloop some devices 2020-05-05 03:29:36 -07:00
topjohnwu
02dc1172be Revert DTB patches to in-place binary patches
Since we no longer need to add new properties in the device tree, and
all the patches we do removes strings, we can just directly patch
the flat device tree in-place, ignoring basically all the higher level
DTB structure and format to accomplish 100% compatibility.
2020-05-05 01:03:09 -07:00
topjohnwu
dbf8c41209 Force init to load fstab from file in 2SI
Patching DTBs is proven to be difficult and problematic as there are
tons of different formats out there. Adding support for all the formats
in magiskboot has been quite an headache in the past year, and it still
definitely does not cover all possible cases of them out there.

There is another issue: fake dt fstabs. Some super old devices do not
have device trees in their boot images, so some custom ROM developers
had came up with a "genius" solution: hardcode fstab entries directly
in the kernel source code and create fake device tree nodes even if
Android 10+ init can graciously take fstab files instead (-_-) 。。。

And there is YET another issue: DTBs are not always in boot images!
Google is crazy enough to litter DTBs all over the place, it is like
they cannot make up their minds (duh). This means the dt fstabs can be
either concatnated after the kernel (1), in the DTB partition (2), in
the DTBO partition (3), in the recovery_dtbo section in boot images (4),
or in the dtb section in boot images (5). FIVE f**king places, how can
anyone keep up with that!

With Android 10+ that uses 2 stage inits, it is crutual for Magisk to
be able to modify fstab mount points in order to let the original init
mount partitions for us, but NOT switch root and continue booting. For
devices using dt for early mount fstab, we used to patch the DTB at
install time with magiskboot. However these changes are permanent and
cannot be restored back at reinstallation.

With this commit, Magisk will read dt fstabs and write them to ramdisk
at boot time. And in that case, the init binary will also be patched
to force it to NEVER use fstabs in device-tree. By doing so, we can
unify ramdisk based 2SI fstab patching as basically we are just patching
fstab files. This also means we can manipulate fstab whatever Magisk
needs in the future without the need to going through the headache that
is patching DTBs at installation.
2020-05-04 02:21:51 -07:00
topjohnwu
8c4fd759c6 Strip Huawei specific logic
Users should manually switch to recovery mode instead
2020-05-03 23:07:40 -07:00
topjohnwu
0c99c4d93f More complete support for fstab in dt 2020-05-03 22:49:54 -07:00
topjohnwu
8ab045331b Workaround realpath FORTIFY crashes 2020-05-03 22:11:39 -07:00
topjohnwu
a8d0936e04 Update BusyBox 2020-05-02 03:42:42 -07:00
topjohnwu
4e349acb50 Build libselinux without ANDROID defined 2020-05-01 00:45:23 -07:00
topjohnwu
947e3b06b4 Use template to get lambda for RAII 2020-04-30 01:27:48 -07:00
topjohnwu
5fd574a14f Fix --remove-modules command 2020-04-30 01:27:48 -07:00
topjohnwu
c7ed0ef5eb Fix SAR support for overlay.d 2020-04-25 23:19:36 -07:00
topjohnwu
15f155100c Rewrite skel_node mounting and construction logic
Close #2725
2020-04-24 02:07:46 -07:00
topjohnwu
2468f5a6c4 Fix custom sepolicy patches 2020-04-22 23:01:11 -07:00
topjohnwu
945a52a99f Handle extremely rare edge case 2020-04-22 05:07:50 -07:00
topjohnwu
486b2c82a7 Disable kmsg rate limiting 2020-04-22 05:07:50 -07:00
topjohnwu
8ca5a048d6 Support system_ext 2020-04-20 23:57:29 -07:00
topjohnwu
554ebe7206 Skel dest could not exist
Close #2713
2020-04-20 22:04:57 -07:00
vvb2060
d7b87fcb8e Add untrusted_app_29 for Android 11 2020-04-20 21:50:52 -07:00
topjohnwu
c94f9e1cc9 Use a binary that exists on all devices for hijacking 2020-04-20 04:41:11 -07:00
topjohnwu
e219867cdf Hijack another binary for 2nd stage
Instead of using ptrace hacks, use another hack instead :D
2020-04-19 22:15:12 -07:00
topjohnwu
765d5d9729 Small magiskinit cleanup 2020-04-19 04:57:18 -07:00
topjohnwu
43029f37b1 Cleanup our tracks 2020-04-19 04:57:18 -07:00
topjohnwu
dfbd1305b3 Android 11 support 🎉 2020-04-19 02:47:22 -07:00
topjohnwu
c9255ab31b Remove legacy migration
It has been quite a long time ago...
2020-04-18 23:46:56 -07:00
topjohnwu
1e714af3cf Support MagiskHide when /sbin does not exist 2020-04-18 23:45:00 -07:00
topjohnwu
4c959cd983 Support cases when /sbin does not exist 2020-04-18 23:19:19 -07:00
topjohnwu
d959c35723 Make cleaner mount info 2020-04-18 18:50:25 -07:00
topjohnwu
69a9d7485b Support injecting magisk bins 2020-04-18 05:15:59 -07:00
topjohnwu
dcf07ad8c7 Directly filter '.' and '..' in xreaddir 2020-04-18 04:20:21 -07:00
topjohnwu
ed6cdb2eb4 Rename file 2020-04-18 04:10:19 -07:00
topjohnwu
a73e7e9f99 Introduce new module mount implementation
Rewrite the whole module mounting logic from scratch.
Even the algorithm is different compared to the old one.

This new design focuses on a few key points:
- Modular: Custom nodes can be injected into the mount tree.
  It's the main reason for starting the rewrite (needed for Android 11)
- Efficient: Compared to the existing implementation, this is the most
  efficient (both in terms of computation and memory usage) design I
  currently can come up with.
- Accurate: The old mounting logic relies on handling specifically every
  edge case I can think of. During this rewrite I actually found some
  cases that the old design does not handle properly. This new design is
  architected in a way (node types and its rankings) that it should
  handle edge cases all by itself when constructing mount trees.
2020-04-18 02:00:48 -07:00
topjohnwu
ab853e1fcf Update dir traversal code 2020-04-12 13:38:57 -07:00
topjohnwu
e0a281583d Preparation for dynamic tmpfs path 2020-04-12 05:34:56 -07:00
topjohnwu
d739dcac2b Remove dependency on magisk.hpp in libutils 2020-04-11 04:40:40 -07:00
topjohnwu
cdd4cb8ec2 Update BusyBox to build on latest NDK 2020-04-11 04:05:58 -07:00
topjohnwu
93ef90cd24 Fix FORTIFY crashes 2020-04-11 04:05:34 -07:00
topjohnwu
4066e5bf14 Update Makefiles 2020-04-06 22:45:08 -07:00
topjohnwu
67d746a62c Let build.py setup NDK 2020-04-03 03:34:07 -07:00
topjohnwu
2f1f68f12f Prepare compilation for NDK r21 2020-04-03 02:58:39 -07:00
Shaka Huang
834561a5de Content in dt_fstab is not null terminated in emulator
Value of <dt>/fstab/<partition>/dev and <dt>/fstab/<partition>/type in official Android emulator ends with newline instead of \0, Magisk won’t be able to patch sepolicy and crash the system.

Signed-off-by: Shaka Huang <shakalaca@gmail.com>
2020-04-02 20:54:41 -07:00
topjohnwu
9820296e92 Update files.cpp in libutils 2020-04-02 02:17:45 -07:00
topjohnwu
dbfde74c1e Clean rootfs in switch_root 2020-04-01 23:37:11 -07:00
topjohnwu
b28668e18d Prevent possible race condition 2020-04-01 22:40:59 -07:00
topjohnwu
5f1174de27 Introduce new boot flow to handle SAR 2SI
The existing method for handling legacy SAR is:
1. Mount /sbin tmpfs overlay
2. Dump all patched/new files into /sbin
3. Magic mount root dir and re-exec patched stock init

With Android 11 removing the /sbin folder, it is quite obvious that
things completely break down right in step 1.

To overcome this issue, we have to find a way to swap out the init
binary AFTER we re-exec stock init. This is where 2SI comes to rescue!

2SI normal boot procedure is:
1st stage -> Load sepolicy -> 2nd stage -> boot continue...

2SI Magisk boot procedure is:
MagiskInit 1st stage -> Stock 1st stage -> MagiskInit 2nd Stage ->
-> Stock init load sepolicy -> Stock 2nd stage -> boot continue...

As you can see, the trick is to make stock 1st stage init re-exec back
into MagiskInit so we can do our setup. This is possible by manipulating
some ramdisk files on initramfs based 2SI devices (old ass non SAR
devices AND super modern devices like Pixel 3/4), but not possible
on device that are stuck using legacy SAR (device that are not that
modern but not too old, like Pixel 1/2. Fucking Google logic!!)

This commit introduces a new way to intercept stock init re-exec flow:
ptrace init with forked tracer, monitor PTRACE_EVENT_EXEC, then swap
out the init file with bind mounts right before execv returns!

Going through this flow however will lose some necessary backup files,
so some bookkeeping has to be done by making the tracer hold these
files in memory and act as a daemon. 2nd stage MagiskInit will ack the
daemon to release these files at the correct time.

It just works™  ¯\_(ツ)_/¯
2020-04-01 04:39:28 -07:00
topjohnwu
543ce937ec Don't need to find system_dev 2020-03-31 22:41:25 -07:00
Chris Renshaw
aa72a080b0 core: clean up /data/adb/magisk.img, etc. as well
- now that magisk.img -> /data/adb/modules migration is no longer taking place make sure all magisk.img locations get cleaned up
2020-03-26 03:39:49 -07:00
topjohnwu
ba7cb47383 Make version reporting consistent 2020-03-23 01:17:13 -07:00
topjohnwu
48d417f9af Add symlink for backwards compatibility
The native code has to run with an old verison of Magisk Manager,
add this back so things will work properly.
2020-03-22 21:00:40 -07:00
Zackptg5
d7cd1b37f8 add missing flags 2020-03-22 13:41:55 -07:00
Simon Shi
7768274b2f Fix build issue 2020-03-14 11:17:51 -07:00
topjohnwu
612b51d48f Disable MagiskHide by default
Since SafetyNet CTS is impossible to achieve, leaving MagiskHide on
by default no longer serves a purpose.

For more details regarding the latest SafetyNet changes, please check:
https://twitter.com/topjohnwu/status/1237656703929180160
https://twitter.com/topjohnwu/status/1237830555523149824

MagiskHide's functionality will continue to exist within the Magisk
project as it is still extremely effective to hide modifications in
userspace (including SafetyNet's basicIntegrity check).

Future MagiskHide improvements _may_ come, but since the holy grail
has been taken, any form of improvement is now a very low priority.
2020-03-13 01:48:14 -07:00
Fox2Code
c07775f5e3
Add missing ro.vendor(.boot).warranty_bit props
Co-authored-by: John Wu <topjohnwu@gmail.com>
2020-03-12 00:28:43 -07:00
topjohnwu
e261579e72 Use standalone mode in boot scripts 2020-03-11 00:11:15 -07:00
topjohnwu
cf54cad3ce deleteprop -> delprop 2020-03-09 02:05:24 -07:00
topjohnwu
a0998009c1 Small native code reorganization 2020-03-09 01:50:30 -07:00
YU-YEN HSU
df15606b00 prop compare fix 2020-03-08 22:58:37 -07:00
YU-YEN HSU
4dc0d13688 Xiaomi cross region flash hacks 2020-03-08 22:58:37 -07:00
topjohnwu
ee1f45aa91 Add new commandline option to get tmpfs root 2020-02-29 15:33:11 -08:00
topjohnwu
696ab677be New pre-init magic mount implementation 2020-02-21 00:49:58 -08:00
topjohnwu
0d229dac3b Support Android 11 SELinux paths
This is NOT proper Android 11 support
2020-02-21 00:49:33 -08:00
topjohnwu
3b8ea599f0 Fix switch_root implementation 2020-02-20 21:08:59 -08:00
topjohnwu
e5f50bb7e0 Update busybox 2020-02-07 21:57:26 -08:00
topjohnwu
84e4bd3d41 Move readlinkat fix into xwrap 2020-02-03 13:24:02 +08:00
Shaka Huang
0ecfb63cd6 Fix crash during boot in x86 platform
readlinkat() may return random value instead of the number of bytes placed in buf and crashing the system in two ways:
1. segmentation fault (buf[-7633350] = ‘\0’)
2. wrong link of watchdogd, resulting dog timeout

Confirmed working in ZenFone 2 x86 series, may fix #2247 and #2356

Signed-off-by: Shaka Huang <shakalaca@gmail.com>
2020-02-03 13:02:30 +08:00
topjohnwu
ebdd6ec40c Fallback to getprop to get SDK_INT
Close #2274, close #2279
2020-02-03 12:58:59 +08:00
topjohnwu
6180558068 Add support for genfscon sepolicy rules
Close #2367
2020-02-02 01:16:42 +08:00
Shaka Huang
cf589f8c64
Fix error loading libsqlite.so
Vendors are always adding “extra libraries” in /vendor/lib* for their own sake, in this case AS*S loaded with customized `libicuuc.so` for Zenf*ne 5z and led to the failure of dynamic loading libsqlite.so:

<quote>
db: dlopen failed: cannot locate symbol "UCNV_FROM_U_CALLBACK_ESCAPE_63" referenced by "/apex/com.android.runtime/lib64/libandroidicu.so"...
</quote>

Signed-off-by: Shaka Huang <shakalaca@gmail.com>

* Minor optimizations

Co-authored-by: John Wu <topjohnwu@gmail.com>
2020-02-01 14:36:34 +08:00
topjohnwu
e864919c0b Jellybean supports modules 2020-02-01 14:22:31 +08:00
osm0sis
a7435dad6d magiskboot: fix lzop detection 2020-02-01 01:09:12 +08:00
osm0sis
793f0b605c init: fix Tegra "APP" /system partition mounting
- thanks rootfan in https://github.com/topjohnwu/Magisk/issues/2063#issuecomment-573232567

Closes #2243
2020-02-01 01:09:12 +08:00
topjohnwu
5b56ca7ffc Use MAX_FDT_GROWTH instead of hardcode value 2020-02-01 00:58:33 +08:00
topjohnwu
5c988510b3 Preserve fdt paddings
Some Motorola devices (Qualcomm kernel with CONFIG_MMI_DEVICE_DTBS
configuration enabled) need 1k of padding to the DTBs to allow for
environment variables to be runtime added by the bootloader.
Those extra paddings will be removed during the process of dtb patch,
devices won’t be able to boot-up and return to fastboot mode immediately
after flashed the flawed boot.img.

Credits to @shakalaca, close #2273
2020-02-01 00:48:21 +08:00
topjohnwu
290624844b Reorganize dtb code 2020-02-01 00:15:52 +08:00
topjohnwu
e395c9442f Upstream system_properties 2020-01-27 19:50:03 +08:00
vvb2060
b90c65370e Fix build on Windows 2020-01-26 12:27:07 +08:00
topjohnwu
ba55e2bc32 Backup proper magiskinit in A-only 2SI 2020-01-22 05:12:04 +08:00
topjohnwu
0a2c99f1dc Use __LP64__ to detect 64 bit 2020-01-22 01:20:14 +08:00
topjohnwu
836bfbdd02 Wrapper is no longer needed 2020-01-22 01:17:30 +08:00
topjohnwu
b13a35057a Support building standalone resetprop 2020-01-21 00:48:52 +08:00
topjohnwu
c3e77b1ec1 Add BusyBox SELinux support
Close #1523
2020-01-20 20:48:05 +08:00
topjohnwu
fb60bea659 Update external/selinux 2020-01-20 18:36:16 +08:00
topjohnwu
b39f407596 Load libsqlite dynamically 2020-01-11 03:20:59 +08:00
osm0sis
615ad0cc5a core: remove remaining legacy workarounds/leftovers 2020-01-10 23:31:43 +08:00
topjohnwu
3a0e3c98f7 Minor adjustments to prevent crashes 2020-01-09 23:42:27 +08:00
topjohnwu
fafa92d44b Simplify rootfs persist mount 2020-01-08 22:42:54 +08:00
topjohnwu
242e64d72f Make write return something sane 2020-01-06 17:09:09 +08:00
topjohnwu
2262af728e Eliminate undefined behavior 2020-01-06 05:31:38 +08:00
topjohnwu
2db1e5cb74 Minor module related fixes 2019-12-30 13:21:39 +08:00
topjohnwu
78c64d39ec Add split command to magiskboot
Allow splitting image.*-dtb files to kernel and dtb
2019-12-30 13:04:39 +08:00
topjohnwu
b2cb2b8b75 Reduce socket name length
Some detectors simply ban long abstract sockets
2019-12-28 21:27:55 +08:00
Zackptg5
d19f65ce4a Ignore twrp fstabs 2019-12-28 13:47:05 +08:00
topjohnwu
3beffd84d6 Copy sepolicy rules to persist every boot 2019-12-22 03:44:07 -05:00
topjohnwu
3b9f7885e0 Stop using chdir 2019-12-21 05:29:38 -05:00
topjohnwu
7668e45890 Cleanup legacy code 2019-12-17 17:15:31 -05:00
topjohnwu
695c8bc5d0 Detect package name for copying binaries
Close #2152
2019-12-17 16:38:12 -05:00
topjohnwu
4f4f54a059 Remove unused code 2019-12-13 08:31:24 -05:00
topjohnwu
12fda29280 Add support for pre-init custom sepolicy patches
Close #1685
2019-12-13 06:05:12 -05:00
topjohnwu
af060b3132 General QoL changes 2019-12-13 00:37:06 -05:00
topjohnwu
8c500709e4 Remove SAR compatibility mode 2019-12-12 03:25:48 -05:00
topjohnwu
490e6a6f23 Add new API to load sepolicy rule file 2019-12-09 04:14:30 -05:00
topjohnwu
08177c3dd8 Mount persist partition mirror pre-init 2019-12-09 04:09:23 -05:00
topjohnwu
d22b9c26b6 Pull out common logic 2019-12-06 15:31:49 -05:00
topjohnwu
4bb8ad19cf Small init refactoring 2019-12-06 12:02:34 -05:00
topjohnwu
11b7076a43 Fix broken getxattr calls 2019-12-05 17:34:50 -05:00
topjohnwu
476b61c4c9 Support system_root with NVIDIA partition names
Fix #2063
2019-12-05 17:20:32 -05:00
topjohnwu
8cc5f096a2 Some minor changes 2019-12-05 17:20:32 -05:00
Alvin Wong
474d65207e Fix MagiskHide unmounting paths under /product
Fixes #2107
2019-12-03 05:42:10 -05:00
topjohnwu
03428329ef Add new verity and encryption patterns
Close #2118
2019-12-03 05:39:39 -05:00
topjohnwu
8d21988656 Support patching DTB/DTBO partition format 2019-12-02 04:34:21 -05:00
topjohnwu
276535dad6 Fix incorrect kmsg path
/proc/kmsg -> /dev/kmsg
2019-11-25 19:09:02 -05:00
topjohnwu
e373e59661 Make sure file descriptors are setup properly 2019-11-25 19:07:06 -05:00
topjohnwu
34bb18448c Fix compile errors 2019-11-23 17:18:55 -05:00
topjohnwu
01253f050a Use smart pointers 2019-11-23 04:57:52 -05:00
topjohnwu
5bee1c56a9 Properly use RAII to reduce complication 2019-11-22 03:01:49 -05:00
topjohnwu
bffdedddb4 Fix fwrite/fread params 2019-11-21 17:43:31 -05:00
topjohnwu
fd72f658c0 Fix SQL command when creating magiskdb 2019-11-21 14:40:12 -05:00
topjohnwu
d3b5cf82d8 Small adjustments 2019-11-21 06:17:28 -05:00
topjohnwu
d26d804cc2 Migrate to generic stream implementation 2019-11-21 06:08:02 -05:00
topjohnwu
4f9a25ee89 Create generic streams on top of stdio
WIP
2019-11-20 21:48:49 -05:00
topjohnwu
bb9ce0e897 Make sepolicy dump more efficient 2019-11-20 03:47:15 -05:00
topjohnwu
d6fb9868bf Small sepolicy refactor and fixes 2019-11-19 05:20:18 -05:00
topjohnwu
9aff1a57d3 Cleanup headers 2019-11-19 02:04:47 -05:00
topjohnwu
7681fde4d0 Record mounts to be cleaned up in a vector 2019-11-19 00:16:20 -05:00
topjohnwu
d3b7b41927 Fix kmsg logging in magiskinit 2019-11-18 17:18:56 -05:00
osm0sis
7f6a6016d6 magiskboot: add simple workaround for Samsung offset header variant
- some Samsung devices (e.g. Galaxy S5 SMG-900H) use a slightly different AOSP bootimg.h variant with `#define BOOT_NAME_SIZE 20` instead of 16
- since all known examples of these device images do not have anything in the NAME or CMDLINE fields, and the bootloader also accepts standard AOSP images, simply offset the SHA1/SHA256 detection by 4 bytes to avoid false positives from these images, remain an equally effective detection shortcut, and ensure a proper SHA1 checksum on repack

aosp-dtbhdt2-4offhash-seandroid-256sig-samsung_gs5-smg900h-boot.img
UNPACK CHECKSUM [00000000b11580f7d20f70297cdc31e02626def0356c82b90000000000000000]
REPACK CHECKSUM [73b18751202e56c433f89dfd1902c290eaf4eef3e167fcf03b814b59a5e984b6]
AIK CHECKSUM    [b11580f7d20f70297cdc31e02626def0356c82b9000000000000000000000000]

This patch should result in a `magiskboot unpack -n boot.img; magiskboot repack boot.img` new-boot.img matching the AIK CHECKSUM above.
2019-11-16 03:23:49 -05:00
topjohnwu
576efbdc1b Move su logs out of magiskdb 2019-11-14 00:01:06 -05:00
topjohnwu
1542447822 Reuse buffer 2019-11-13 02:36:45 -05:00
vvb2060
817cdf7113 fix multiuser owner_managed mode 2019-11-11 14:12:26 -05:00
topjohnwu
d952cc2327 Properly solve the connection problem 2019-11-07 17:41:59 -05:00
topjohnwu
46447f7cfd Proper string buffer size 2019-11-05 01:46:46 -05:00
topjohnwu
25c557248c Use ContentProvider call method for communication
Previously, we use either BroadcastReceivers or Activities to receive
messages from our native daemon, but both have their own downsides.
Some OEMs blocks broadcasts if the app is not running in the background,
regardless of who the caller is. Activities on the other hand, despite
working 100% of the time, will steal the focus of the current foreground
app, even though we are just doing some logging and showing a toast.
In addition, since stubs for hiding Magisk Manager is introduced, our
only communication method is left with the broadcast option, as
only broadcasting allows targeting a specific package name, not a
component name (which will be obfuscated in the case of stubs).

To make sure root requests will work on all devices, Magisk had to do
some experiments every boot to test whether broadcast is deliverable or
not. This makes the whole thing even more complicated then ever.

So lets take a look at another kind of component in Android apps:
ContentProviders. It is a vital part of Android's ecosystem, and as far
as I know no OEMs will block requests to ContentProviders (or else
tons of functionality will break catastrophically). Starting at API 11,
the system supports calling a specific method in ContentProviders,
optionally sending extra data along with the method call. This is
perfect for the native daemon to start a communication with Magisk
Manager. Another cool thing is that we no longer need to know the
component name of the reciever, as ContentProviders identify themselves
with an "authority" name, which in Magisk Manager's case is tied to the
package name. We already have a mechanism to keep track of our current
manager package name, so this works out of the box.

So yay! No more flaky broadcast tests, no more stupid OEMs blocking
broadcasts for some bizzare reasons. This method should in theory
work on almost all devices and situations.
2019-11-04 14:32:28 -05:00
topjohnwu
a9f11b28c8 Fix busybox scripts again 2019-11-02 01:16:54 -04:00
topjohnwu
a30f5b175f Fix busybox makefiles 2019-11-01 09:38:01 -04:00
topjohnwu
8277896ca1 Make sure uninstall.sh is executed on remove 2019-11-01 03:07:12 -04:00
topjohnwu
493068c073 Attempt to rescan zygote multiple times
Close #1654
2019-11-01 02:12:28 -04:00
topjohnwu
f4299fbea8 Update BusyBox to 1.31.1 2019-10-31 18:11:10 -04:00
topjohnwu
34c65e13bc Fix strings
Close #2012
2019-10-31 12:39:54 -04:00
John Wu
17a77e2577 Shortcut booleans 2019-10-31 02:44:25 -04:00
John Wu
0f219e5ae6 Better argument parsing logic 2019-10-31 02:44:25 -04:00
osm0sis
353c3c7d81 magiskboot: add unpack -n to help with repack validity tests
- support unpack without decompression to allow easy testing of magiskboot's header, structure and hashing handling by comparing repack checksum versus origbootimg
- make -n first to match repack
2019-10-31 02:44:25 -04:00
topjohnwu
e7155837d7 Make sure magisk daemon won't get killed by init
According to this comment in #1880:
https://github.com/topjohnwu/Magisk/issues/1880#issuecomment-546657588

If Linux recycled our PPID, and coincidentally the process that reused
the PPID is root, AND init wants to kill the whole process group,
magiskd will get killed as a result.

There is no real way to block a SIGKILL signal, so we simply make sure
our daemon PID is the process group leader by renaming the directory.

Close #1880
2019-10-31 01:57:47 -04:00
topjohnwu
3c1db7d2f7 Fix some A/B devices unable to boot into recovery
Some newer recovery ramdisk no longer have /sbin/recovery.
Add /system/bin/recovery as an additional indication for recovery.

Close #1920
2019-10-26 17:12:35 -04:00
osm0sis
1512c350df magiskboot: add SPRD dt support
- per https://github.com/USA-RedDragon/sprd-mkbootimg-tools/blob/master/dtbtool.c
- touch up hdr and table naming to be more uniform
2019-10-23 06:58:31 -04:00
topjohnwu
0f74e89b44 Introduce component agnostic communication
Usually, the communication between native and the app is done via
sending intents to either broadcast or activity. These communication
channels are for launching root requests dialogs, sending root request
notifications (the toast you see when an app gained root access), and
root request logging.

Sending intents by am (activity manager) usually requires specifying
the component name in the format of <pkg>/<class name>. This means parts
of Magisk Manager cannot be randomized or else the native daemon is
unable to know where to send data to the app.

On modern Android (not sure which API is it introduced), it is possible
to send broadcasts to a package, not a specific component. Which
component will receive the intent depends on the intent filter declared
in AndroidManifest.xml. Since we already have a mechanism in native code
to keep track of the package name of Magisk Manager, this makes it
perfect to pass intents to Magisk Manager that have components being
randomly obfuscated (stub APKs).

There are a few caveats though. Although this broadcasting method works
perfectly fine on AOSP and most systems, there are OEMs out there
shipping ROMs blocking broadcasts unexpectedly. In order to make sure
Magisk works in all kinds of scenarios, we run actual tests every boot
to determine which communication method should be used.

We have 3 methods in total, ordered in preference:
1. Broadcasting to a package
2. Broadcasting to a specific component
3. Starting a specific activity component

Method 3 will always work on any device, but the downside is anytime
a communication happens, Magisk Manager will steal foreground focus
regardless of whether UI is drawn. Method 1 is the only way to support
obfuscated stub APKs. The communication test will test method 1 and 2,
and if Magisk Manager is able to receive the messages, it will then
update the daemon configuration to use whichever is preferable. If none
of the broadcasts can be delivered, then the fallback method 3 will be
used.
2019-10-21 13:59:04 -04:00
topjohnwu
75306f658f Revert "Drop API 17 (Android 4.2) support"
Turns out that we cannot use AndroidKeystore anyways, so we don't
actually need to drop API 17. Revert this change.
2019-10-20 07:13:03 -04:00
topjohnwu
9c27d691dd Drop API 17 (Android 4.2) support 2019-10-19 03:11:54 -04:00
topjohnwu
9867a3bd60 Pedantic boot_img_hdr multi-version support 2019-10-15 01:46:29 -04:00
Simon Shi
f3d7f85063 Fix incorrect link path for /sbin/.core 2019-10-12 01:00:15 -04:00
topjohnwu
5e44b0b9d5 Use raw literals for scripts 2019-10-09 17:38:45 -04:00
topjohnwu
23c1a1dab8 Some code reorganizing 2019-10-09 16:01:21 -04:00