3573 Commits

Author SHA1 Message Date
topjohnwu
bb9ce0e897 Make sepolicy dump more efficient 2019-11-20 03:47:15 -05:00
topjohnwu
d6fb9868bf Small sepolicy refactor and fixes 2019-11-19 05:20:18 -05:00
topjohnwu
9aff1a57d3 Cleanup headers 2019-11-19 02:04:47 -05:00
topjohnwu
7681fde4d0 Record mounts to be cleaned up in a vector 2019-11-19 00:16:20 -05:00
topjohnwu
d3b7b41927 Fix kmsg logging in magiskinit 2019-11-18 17:18:56 -05:00
topjohnwu
da159e4655 Better environment status detection 2019-11-16 17:38:10 -05:00
osm0sis
7f6a6016d6 magiskboot: add simple workaround for Samsung offset header variant
- some Samsung devices (e.g. Galaxy S5 SMG-900H) use a slightly different AOSP bootimg.h variant with `#define BOOT_NAME_SIZE 20` instead of 16
- since all known examples of these device images do not have anything in the NAME or CMDLINE fields, and the bootloader also accepts standard AOSP images, simply offset the SHA1/SHA256 detection by 4 bytes to avoid false positives from these images, remain an equally effective detection shortcut, and ensure a proper SHA1 checksum on repack

aosp-dtbhdt2-4offhash-seandroid-256sig-samsung_gs5-smg900h-boot.img
UNPACK CHECKSUM [00000000b11580f7d20f70297cdc31e02626def0356c82b90000000000000000]
REPACK CHECKSUM [73b18751202e56c433f89dfd1902c290eaf4eef3e167fcf03b814b59a5e984b6]
AIK CHECKSUM    [b11580f7d20f70297cdc31e02626def0356c82b9000000000000000000000000]

This patch should result in a `magiskboot unpack -n boot.img; magiskboot repack boot.img` new-boot.img matching the AIK CHECKSUM above.
2019-11-16 03:23:49 -05:00
Nick
44ed0a3279 Update RU strings
Minor improvements and fixes
2019-11-16 03:23:32 -05:00
dark-basic
9964e1bb8e Update strings.xml 2019-11-16 03:23:20 -05:00
Viktor De Pasquale
8b8f725499 Fixed log items not being refreshed
Close #2079
2019-11-16 03:20:43 -05:00
topjohnwu
bab856bce2 Move biometric settings higher in the list 2019-11-16 03:19:25 -05:00
topjohnwu
3d285b91c6 Use ContextCompat 2019-11-15 11:01:39 -05:00
vvb2060
1dc531930d Update zh-rCN translation 2019-11-15 10:55:51 -05:00
Ilya Kushnir
3d3345acac Update RU strings 2019-11-15 10:55:41 -05:00
topjohnwu
b29f0ca4d1 Support using BiometricPrompt 2019-11-14 05:42:39 -05:00
topjohnwu
576efbdc1b Move su logs out of magiskdb 2019-11-14 00:01:06 -05:00
topjohnwu
a7f0510a3e Update build.gradle 2019-11-13 17:17:21 -05:00
topjohnwu
2ef088cb60 Update RepoDao 2019-11-13 13:23:58 -05:00
topjohnwu
7c320b6fc4 Reformat RxJava extensions 2019-11-13 13:22:51 -05:00
topjohnwu
5a4c82b860 Bump stub version 2019-11-13 03:01:38 -05:00
孟武.尼德霍格.龍
9b297b752e Update strings.xml 2019-11-13 02:37:35 -05:00
vvb2060
1d6ba58ccd Update zh-rCN translation 2019-11-13 02:37:10 -05:00
topjohnwu
1542447822 Reuse buffer 2019-11-13 02:36:45 -05:00
topjohnwu
a6f0aff659 Only store UID for current user 2019-11-13 02:36:34 -05:00
topjohnwu
171ddab32b Reorganize code handling su requests 2019-11-12 03:20:07 -05:00
topjohnwu
2aee0b0be0 Refactor code for handling MagiskDB 2019-11-11 15:46:02 -05:00
vvb2060
817cdf7113 fix multiuser owner_managed mode 2019-11-11 14:12:26 -05:00
topjohnwu
1a38f25bd9 Properly invoke method 2019-11-10 14:59:19 -05:00
topjohnwu
ad40e53349 Update hacks 2019-11-09 18:17:16 -05:00
topjohnwu
a2ddf362d8 Make a.a not extend AppComponentFactory
Fix #2053
2019-11-09 16:13:15 -05:00
Ilya Kushnir
65eca31635 Updating RU translation 2019-11-09 04:40:10 -05:00
osm0sis
8b0b4a2c39 SignBoot: also catch empty streamed signature as indicating not signed
- compare against new byte[] array as a quick tell, since when streaming from a partition with an unsigned image "signature" would of course read without issue but then remain filled by zero padding, resulting in the following:
    java.io.IOException: unexpected end-of-contents marker
        at org.bouncycastle.asn1.ASN1InputStream.readObject(Unknown Source:14)
        at com.topjohnwu.signing.SignBoot$BootSignature.<init>(SignBoot.java:235)
        at com.topjohnwu.signing.SignBoot.verifySignature(SignBoot.java:144)
        at com.topjohnwu.signing.BootSigner.main(BootSigner.java:15)
        at a.a.main(a.java:20)
2019-11-09 04:39:41 -05:00
topjohnwu
c0216c0653 Get XMLs directly 2019-11-08 02:59:09 -05:00
topjohnwu
61de63a518 Cleanup manifest 2019-11-08 02:15:30 -05:00
topjohnwu
d952cc2327 Properly solve the connection problem 2019-11-07 17:41:59 -05:00
topjohnwu
46447f7cfd Proper string buffer size 2019-11-05 01:46:46 -05:00
topjohnwu
a6e62e07a2 Sort modules ignore case
Close #2024
2019-11-04 17:14:18 -05:00
topjohnwu
b1d25e0503 Reuse ALPHANUM 2019-11-04 15:42:40 -05:00
topjohnwu
25c557248c Use ContentProvider call method for communication
Previously, we use either BroadcastReceivers or Activities to receive
messages from our native daemon, but both have their own downsides.
Some OEMs blocks broadcasts if the app is not running in the background,
regardless of who the caller is. Activities on the other hand, despite
working 100% of the time, will steal the focus of the current foreground
app, even though we are just doing some logging and showing a toast.
In addition, since stubs for hiding Magisk Manager is introduced, our
only communication method is left with the broadcast option, as
only broadcasting allows targeting a specific package name, not a
component name (which will be obfuscated in the case of stubs).

To make sure root requests will work on all devices, Magisk had to do
some experiments every boot to test whether broadcast is deliverable or
not. This makes the whole thing even more complicated then ever.

So lets take a look at another kind of component in Android apps:
ContentProviders. It is a vital part of Android's ecosystem, and as far
as I know no OEMs will block requests to ContentProviders (or else
tons of functionality will break catastrophically). Starting at API 11,
the system supports calling a specific method in ContentProviders,
optionally sending extra data along with the method call. This is
perfect for the native daemon to start a communication with Magisk
Manager. Another cool thing is that we no longer need to know the
component name of the reciever, as ContentProviders identify themselves
with an "authority" name, which in Magisk Manager's case is tied to the
package name. We already have a mechanism to keep track of our current
manager package name, so this works out of the box.

So yay! No more flaky broadcast tests, no more stupid OEMs blocking
broadcasts for some bizzare reasons. This method should in theory
work on almost all devices and situations.
2019-11-04 14:32:28 -05:00
topjohnwu
472cde29b8 Allow non supported Magisk to use Magisk Manager
Close #1576
2019-11-04 03:24:27 -05:00
linar10
73525d19e9 Update strings.xml 2019-11-03 17:15:17 -05:00
topjohnwu
26618f8d73 Don't do broadcast tests from app
Running broadcast tests from the app does not accurately verifies
whether the broadcasts can be delivered when the app is not running in
the foreground, which is why we are running the test.

The only sane way to verify broadcasts is to trigger the broadcast test
directly from the daemon on boot complete. If it is not deliverable,
then activity mode shall be chosen.

In the meantime, cleanup AndroidManifest.xml
2019-11-03 17:01:09 -05:00
topjohnwu
6f7c13b814 Refactor JarMap 2019-11-03 04:45:35 -05:00
osm0sis
e7d668502c SignBoot: improve error catching/reporting
- `!= remain` shouldn't indicate "not signed", it should indicate a read error as with `!= hdr.length`
- attempt to catch unsigned images at signature read, before they make it to `BootSignature bootsig = new BootSignature(signature);` and result in the following:
    java.io.IOException: unexpected end-of-contents marker
            at org.bouncycastle.asn1.ASN1InputStream.readObject(Unknown Source:14)
            at com.topjohnwu.signing.SignBoot$BootSignature.<init>(SignBoot.java:230)
            at com.topjohnwu.signing.SignBoot.verifySignature(SignBoot.java:139)
            at com.topjohnwu.signing.BootSigner.main(BootSigner.java:15)
            at a.a.main(a.java:20)
2019-11-03 04:22:21 -05:00
osm0sis
6fd357962f scripts: fix signing in recovery with addon.d-v1
- change to $TMPDIR in addon.d.sh since recovery addon.d-v1 backup + restore leaves you in /tmp/addon.d which the restore then deletes, which would break $BOOTSIGNER execution with the following:
    libc: Fatal signal 11 (SIGSEGV), code 1 (SEGV_MAPERR), fault addr 0x0 in tid 1078 (main), pid 1078 (main)
    Segmentation fault
- also move $BOOTSIGNER execution to after `cd $MAGISKBIN` to ensure it's in a working directory in all cases
- addon.d.sh data mount wasn't doing anything since /data has to already be mounted for the script to be running, so move it into /system/addon.d/99-magisk.sh stub script where it might be useful on recoveries that don't mount /data initially

Fixes #2013
2019-11-03 03:00:08 -05:00
topjohnwu
0c9feedb37 Support restarting app when obfuscated 2019-11-03 02:55:22 -05:00
Vladimír Kubala
14ba002cbc Update Slovak translation 2019-11-02 11:59:20 -04:00
topjohnwu
7da97489cc Add v7.4.0 release notes manager-v7.4.0 v20.1 2019-11-02 01:24:56 -04:00
topjohnwu
a9f11b28c8 Fix busybox scripts again 2019-11-02 01:16:54 -04:00
topjohnwu
b31d986c8d Update scripts 2019-11-02 00:41:51 -04:00