3493 Commits

Author SHA1 Message Date
topjohnwu
945f88105f Support system-as-root devices with monolithic sepolicy 2019-03-18 04:54:15 -04:00
topjohnwu
957feca626 Limit sepolicy load to Android Q only
It seems both Android cancers, Samsung and Huawei devices, don't
like preloading sepolicy. For a temporary solution now is to limit
the sepolicy loading to Android Q only.
2019-03-16 17:15:48 -04:00
topjohnwu
c0447009db Allow entrypoint for rootfs construction simulation 2019-03-16 04:45:56 -04:00
topjohnwu
8893cbd64a Modularize MagiskInit 2019-03-15 14:46:30 -04:00
topjohnwu
f0240b1f06 Support Android Q new split sepolicy setup 2019-03-15 06:17:37 -04:00
topjohnwu
e476c18c99 Don't load sepolicy on Huawei devices
Of course, the cancer of Android, Huawei, has to do some f**king weird
modifications to the Linux kernel. Its kernel only accepts 1 single
policy load in its lifetime, a second load will result in ENOMEM error.
Since Huawei devices always use their own stupid ramdisk setup and not
system-as-root, not loading sepolicy is not a concern (for now).
2019-03-14 22:48:23 -04:00
topjohnwu
a1b5185ecb Make sure rootfs file selabels are correct
Android Q init assumes rootfs to always be on EXT4 images, thus
never runs restorecon on the whole root directory. This is an issue
because some folders in rootfs were set with special selabels in
the system partition, but when copying over to initramfs by magiskinit,
these labels will not be preserved.

So the solution is to relabel the files in rootfs with the original
context right? Yes, but rootfs does not allow security xattr to be set
on files before the kernel SELinux initializes with genfs_contexts.
We have to load our sepolicy to the kernel before we clone the root
directory from system partition, which we will also restore the selabel
in the meantime.

Unfortunately this means that for each reboot, the exact same policy
will be loaded to the kernel twice: once in magiskinit so we can label
rootfs properly, and once by the original init, which is part of the
boot procedure. There is no easy way to prevent init from loading
sepolicy, as init will refuse to continue if policy loading has failed.
2019-03-14 22:27:29 -04:00
topjohnwu
981e90cc32 Don't remove SafetyNet from hide list 2019-03-14 07:00:36 -04:00
topjohnwu
da0a72e8b0 Improve builtin selinux implementation 2019-03-14 06:34:22 -04:00
topjohnwu
b7e2e972c7 Support boot_img_hdr_v2 2019-03-13 16:51:22 -04:00
topjohnwu
650b2ce6b1 Fix config bugs 2019-03-13 15:25:53 -04:00
topjohnwu
ecf3d30349 Only show expansion when necessary 2019-03-13 08:15:02 -04:00
topjohnwu
15ddd0e284 More MagiskHide list UI improvements 2019-03-13 07:49:12 -04:00
topjohnwu
18ac6b270f Make Expandable more extensible 2019-03-13 06:12:02 -04:00
topjohnwu
3e35de9b39 Small UI improvements 2019-03-13 05:11:18 -04:00
topjohnwu
1e24c72c11 Use our own existing implementation 2019-03-13 01:37:35 -04:00
vvb2060
217564963d New MagiskHide UI 2019-03-12 17:20:08 -04:00
topjohnwu
f2f4649ab0 Don't crash when encounter unexpected XML input 2019-03-12 17:19:29 -04:00
Oliver Cervera
4395ffec5f Update it-it stub
Better wording!
2019-03-12 17:04:23 -04:00
topjohnwu
9a7a26407a Update build script 2019-03-12 17:01:37 -04:00
topjohnwu
5072a67807 Update AGP and R8 2019-03-12 16:53:07 -04:00
topjohnwu
dce0b6c05a Always detach all child threads before leaving 2019-03-12 16:48:01 -04:00
topjohnwu
a4a661bf34 Small code restructuring 2019-03-11 12:44:50 -04:00
topjohnwu
771e500468 Use dark theme by default 2019-03-11 07:39:01 -04:00
topjohnwu
7e3ff03109 Default to canary channel if running canary build 2019-03-11 07:38:31 -04:00
topjohnwu
a1827fd680 Make sure to read db before 2019-03-11 07:30:37 -04:00
topjohnwu
9ce334feac Update the way to deal with configs 2019-03-11 07:03:36 -04:00
topjohnwu
ed11e0bff6 Fix repackage manager settings migration 2019-03-11 05:43:48 -04:00
topjohnwu
5111086637 Don't care if child threads were unknown 2019-03-10 01:46:32 -05:00
topjohnwu
20f204810e Use RAII to detach PIDs 2019-03-10 01:14:41 -05:00
topjohnwu
4581354e7a Allow zygote to execve
Allow zygote to execute other programs (such as dex2oat).
This fixes the bug that cause ART framework boot images failed to load
and result to extremely serious performance degradation.

Fix #1195
2019-03-09 22:58:05 -05:00
topjohnwu
faf4d76388 Use large vector<bool> instead of set<pid>
vector<bool> uses bitsets, so we actually only use 12k memory to
store all 3 possible PID info tables. PID checkup will be now become
O(1) instead of O(logn).

P.S. The reason why we don't use unordered_map is because including it
will result in significant binary size increase (might be due to the
complex hash table STL implementation? I really don't know).
2019-03-09 22:28:43 -05:00
topjohnwu
a46e255709 Fix strings.xml 2019-03-09 05:47:19 -05:00
Vladimír Kubala
63e2bbb4d1 Slovak translation update 2019-03-09 05:37:50 -05:00
bubuleur
c3dabae237 Update French Language
Small correction line 108 thank you
2019-03-09 05:37:41 -05:00
topjohnwu
f1abcbb7fb Update WorkManager 2019-03-09 05:36:49 -05:00
topjohnwu
70efddb90f Only use SELinux if necessary in init 2019-03-09 05:30:42 -05:00
topjohnwu
f24a5dfd45 More efficient xml parsing 2019-03-09 04:27:04 -05:00
topjohnwu
081074ad9d Better zygote process detection 2019-03-08 23:53:53 -05:00
topjohnwu
ab0cc78d2c Update README.md 2019-03-08 10:23:42 -05:00
topjohnwu
de5c902fdb Remove app-core module
Less confusion
2019-03-08 10:19:22 -05:00
topjohnwu
cf65169c99 Separate stub Magisk Manager to a module 2019-03-08 10:16:02 -05:00
topjohnwu
745865ee53 Add canary channels
Only show if user is already on canary channels
2019-03-08 06:23:13 -05:00
topjohnwu
c134fb1939 Remove unnecessary rules 2019-03-08 04:21:23 -05:00
topjohnwu
0204d05316 Remove Zygote notifier
Temporary trigger process scan on packages.xml updates, will find better methods
2019-03-08 03:35:17 -05:00
topjohnwu
c345633d80 Fix build error
Close #1182
2019-03-08 01:01:42 -05:00
topjohnwu
a57a94040e Update some format magics 2019-03-08 00:47:15 -05:00
topjohnwu
1bde78d121 Rename patch_level -> os_patch_level 2019-03-07 21:59:03 -05:00
topjohnwu
bbd014ad1b More saftey checks and improvements 2019-03-07 21:49:47 -05:00
topjohnwu
1287372f5a Support patching header in magiskboot 2019-03-07 21:32:01 -05:00