Commit Graph

459 Commits

Author SHA1 Message Date
topjohnwu
2d7f130d2c Introduce Java-like OutputStream 2019-02-23 04:51:13 -05:00
topjohnwu
f7ae72a36c Move CPIO to libutils 2019-02-23 02:42:26 -05:00
topjohnwu
391783e268 Introduce mmap based CPIO class 2019-02-23 02:23:24 -05:00
topjohnwu
6f12c08204 Use ordered map to store CPIO entries 2019-02-22 22:53:20 -05:00
topjohnwu
cb8fe70734 Modernize CPIO code 2019-02-22 02:56:18 -05:00
topjohnwu
69d10b747a Directly use FDT headers for detection 2019-02-21 05:24:05 -05:00
topjohnwu
da3394f34e Move image parsing out of header searching 2019-02-21 05:08:38 -05:00
topjohnwu
b4c2a9f49f More macro magic 2019-02-21 04:14:52 -05:00
topjohnwu
7cee77f57a Some C++ magic to make code cleaner 2019-02-21 02:54:37 -05:00
topjohnwu
f28bd1972f Adjust LZ4F block size 2019-02-21 00:52:47 -05:00
topjohnwu
0f92d1de1b Fix bzip2 decompression 2019-02-20 20:53:54 -05:00
topjohnwu
e59c5c8780 Modernize compress and decompress 2019-02-20 20:49:26 -05:00
kirill9617
86d8026301 Update format.h
GZIP magic is \x1f\x8b\x08 not \x1f\x8b\x08\x00
2019-02-20 03:53:41 -05:00
topjohnwu
d67b827338 Rewrite compression with OOP 2019-02-20 02:10:06 -05:00
topjohnwu
660e0dc09a Fix MagiskHide unmount daemon
Close #1101
2019-02-19 01:50:41 -05:00
John Wu
3ebc886f8a Make sure PPID exists 2019-02-18 03:45:01 -05:00
vvb2060
5b54ef840a Skip same mount namespace 2019-02-18 03:45:01 -05:00
corsicanu
0f61c627b1 Support deodexed ROM on Pie (Samsung)
- cc @abrahamgcc
2019-02-18 03:32:56 -05:00
topjohnwu
17ab55115a Add newlines before rc scripts
Based on #1090, thanks to @shakalaca. Close #1090, close #1086
2019-02-18 03:30:30 -05:00
topjohnwu
2708c74ebe Add O_CLOEXEC to opens 2019-02-18 03:25:21 -05:00
topjohnwu
50ff11405f Swap out inotify fd before adding watch targets 2019-02-18 03:18:11 -05:00
topjohnwu
31a27838f5 Fix help message for magisk 2019-02-18 03:09:01 -05:00
topjohnwu
2f1b0fe57f Remove unused scripts 2019-02-18 03:08:40 -05:00
topjohnwu
692f893e1f Monitor /data/system/packages.xml
Reinstalling system apps as data creates tons of issues.
Calling pm path <pkg> is extremely expensive and doesn't work in post-fs-data.
Parse through packages.xml to get APK path and UID at the same time.
As a bonus, we don't need to traverse /data/app for packages anymore.
2019-02-18 03:05:13 -05:00
topjohnwu
14aa6041ec Use a better function to read through files 2019-02-17 22:30:23 -05:00
topjohnwu
fb55fe184c Hide useless error message 2019-02-16 03:41:37 -05:00
topjohnwu
6412bfc7b5 Only care about the first event 2019-02-16 02:49:36 -05:00
topjohnwu
3c56f38229 Change most logs to debug logs 2019-02-16 02:30:48 -05:00
topjohnwu
f4f2274c60 Auto reinstall system apps on hide list
Since we are parsing through /data/app/ to find target APKs for
monitoring, system apps will not be covered in this case.
Automatically reinstall system apps as if they received an update
and refresh the monitor target after it's done.

As a bonus, use RAII idioms for locking pthread_mutex_t.
2019-02-16 02:24:35 -05:00
topjohnwu
19ee189468 Separate scripting code 2019-02-15 20:45:05 -05:00
topjohnwu
a19c7215d2 Better nice name 2019-02-15 04:31:39 -05:00
topjohnwu
8b84039f1f Run service scripts actually in parallel 2019-02-15 01:30:47 -05:00
topjohnwu
9430dbb96c Make sure logcat process does not become a zombie 2019-02-14 17:36:18 -05:00
topjohnwu
4872df6a46 Support old APK paths and don't crash when not match 2019-02-14 16:38:28 -05:00
topjohnwu
014105f0a0 Bring back log dumping 2019-02-14 04:27:30 -05:00
topjohnwu
b106d1c501 Fix stupid mistake 2019-02-14 04:24:30 -05:00
topjohnwu
99db0672b4 Minor MagiskHide adjustments
- Fail fast on unsupported systems
- Show proper fail message on unsupported systems
- inotify_fd shall be swapped out before closing to prevent
  the proc_monitor thread to read from incomplete inotify fd
2019-02-14 04:08:05 -05:00
topjohnwu
d584360de2 More optimized APK traversal 2019-02-14 00:52:59 -05:00
topjohnwu
4eed6794c7 More MagiskHide optimizations
- Use a general procfs traversal function with callbacks
- Much better functions for killing processes
2019-02-13 20:16:26 -05:00
topjohnwu
c66cabd80f Several MagiskHide improvements
- Directly get UID instead of traversing /data/data everytime
- Use /data/user_de/0 instead of /data/data on Android 7.0+
- Update hide_uid set incrementally when adding/initializing targets
- Guard hide_uid set with the same lock as hide_list vector
- Do not add GMS package into database; only add to in-memory list
2019-02-13 06:16:26 -05:00
Park Ju Hyung
24da3485bd Hardcode GMS unstable to MagiskHide
With the new detection method, it is impossible to check for components.

Remove additional checks for components and simply hardcode string to
proc_monitor.cpp and query cmdline to see if it's GMS unstable.

This addresses wasted resources on applying custom namespace
on all GMS processes.

Signed-off-by: Park Ju Hyung <qkrwngud825@gmail.com>
2019-02-12 23:39:57 -05:00
Park Ju Hyung
7384d2d330 Completely rework MagiskHide
Previous MagiskHide detects new app launches via listening through logcat
and filtering launch info messages.

This is extremely inefficient and prone to cause multiple issues both
theoratically and practically.

Rework this by using inotify to detect open() syscalls to target APKs.

This also solves issues related to Zygote-forked caching mechanisms such as
OnePlus OxygenOS' embryo.

Signed-off-by: Park Ju Hyung <qkrwngud825@gmail.com>
2019-02-12 23:39:57 -05:00
topjohnwu
0f55fcafe8 Migrate EXT4 images instead of removing them 2019-02-12 16:13:31 -05:00
topjohnwu
ed027ec3ee Refactor build flags 2019-02-12 05:17:02 -05:00
topjohnwu
b3fd79cbb9 Add more cmdline options and specify as internal API 2019-02-12 04:05:51 -05:00
topjohnwu
ed4df87b57 Remove imgtool 2019-02-12 02:44:46 -05:00
topjohnwu
1321f097b8 Remove usage of magisk.img
Mounting ext4 images causes tons of issues, such as unmountable with broken F2FS drivers.
Resizing is also very complicated and does not work properly on all devices.
Each step in either measuring free space, resizing, and shrinking the image is a
point of failure, and either step's failure could cause the module system completely broken.

The new method is to directly store modules into /data/adb/modules, and for module installation
on boot /data/adb/modules_update. Several compatibility layers has been done: the new path is
bind mounted to the old path (/sbin/.magisk/img), and the helper functions in util_functions.sh
will now transparently make existing modules install to the new location without any changes.

MagiskHide is also updated to unmount module files stored in this new location.
2019-02-12 02:14:57 -05:00
topjohnwu
ab47b717b1 Reorganize scripts 2019-02-11 17:14:07 -05:00
topjohnwu
992a9ea2f9 Fix EMUI 9 detection 2019-02-11 02:26:15 -05:00
topjohnwu
228351fc13 Prevent bootloop on non system-as-root devices
Close #1058
2019-02-10 13:51:41 -05:00
topjohnwu
8a5b6f2b86 Block all signals in daemon 2019-02-10 04:18:50 -05:00
topjohnwu
71ecbb3af3 Clean/refactor includes 2019-02-10 03:57:51 -05:00
topjohnwu
5746614ccf Keep track of timestamps and skip old logs 2019-02-10 03:16:52 -05:00
topjohnwu
3a422c3f15 Remove magisklogd, use threads and BlockingQueue 2019-02-10 01:05:19 -05:00
topjohnwu
b3242322fd Harden socket verification
- Do not allow connections to magiskd from binaries other than the one started the server
- Do not allow connections to magisklogd without root access
2019-02-09 15:02:46 -05:00
topjohnwu
1f5267204b Better cmdline parsing 2019-02-09 05:23:56 -05:00
topjohnwu
ed25e1bbd6 Directly inject services into init.rc 2019-02-09 02:48:05 -05:00
topjohnwu
c8491d008f Move sbin overlay creation to magiskinit 2019-02-09 01:51:46 -05:00
Erfan Abdi
6698c189fc Support non-ext4 filesystem for vendor and system
Signed-off-by: Erfan Abdi <erfangplus@gmail.com>
2019-02-07 00:45:30 -05:00
topjohnwu
72270825c1 Prevent segmentation fault when resetprop is unsupported 2019-02-03 09:48:57 -05:00
topjohnwu
093f971896 Fix small log error 2019-02-03 03:57:49 -05:00
topjohnwu
c30faad838 Allow all binder operations for root processes 2019-02-02 13:24:55 -05:00
vvb2060
2cf33d635d Setuid after read proc 2019-02-01 15:55:29 -05:00
topjohnwu
4df1047b07 Native project restructuring 2019-01-30 03:35:07 -05:00
topjohnwu
1c61feb368 Update native su connect broadcast code
Use -p <pkg> for supported platforms
2019-01-26 14:53:49 -05:00
topjohnwu
d32b788988 Rewrite exec_command 2019-01-26 13:39:24 -05:00
topjohnwu
7565ea2787 Remove strdup2 2019-01-26 13:00:19 -05:00
topjohnwu
9275975b2c Re-organize functions 2019-01-26 06:00:23 -05:00
topjohnwu
71638191ee Cleanup messy logging code 2019-01-26 02:41:25 -05:00
topjohnwu
b7f69238a1 Fix segfault on several devices 2019-01-22 17:19:10 -05:00
topjohnwu
f24342f117 Disable several features in Jellybean 2019-01-20 17:52:19 -05:00
topjohnwu
50b55a77de Don't mount images when running core-only mode 2019-01-20 17:01:59 -05:00
topjohnwu
fdf167db11 Get API level from build.prop 2019-01-20 15:20:34 -05:00
topjohnwu
a4f8bd4ee0 Bump to C++17 2019-01-20 00:07:58 -05:00
topjohnwu
3e4c12cf56 Migrate to STL 2019-01-19 23:59:37 -05:00
topjohnwu
03c39e692a Switch to libc++ 2019-01-19 13:47:33 -05:00
topjohnwu
23e5188422 Update scripts
1. Update build.py to use f-strings
2. Directly append busybox binaries to update-binary
3. Remove b64xz
2019-01-15 08:32:18 -05:00
Pierre-Hugues Husson
928c56bda2 Don't use (deleted) copy constructor, use constructor directly to fix build 2019-01-13 13:19:00 -05:00
Pierre-Hugues Husson
bc6f37eecc Fixes build error
device/phh/treble/magisk/Magisk/native/jni/systemproperties/prop_area.cpp:386:3: error: no matching function for call to 'atomic_store_explicit'
  atomic_store_explicit(&node->prop, 0, memory_order_release);
  ^~~~~~~~~~~~~~~~~~~~~
external/libcxx/include/atomic:1220:1: note: candidate template ignored: deduced conflicting types for parameter '_Tp' ('unsigned int' vs. 'int')
atomic_store_explicit(volatile atomic<_Tp>* __o, _Tp __d, memory_order __m) _NOEXCEPT
^
external/libcxx/include/atomic:1229:1: note: candidate template ignored: deduced conflicting types for parameter '_Tp' ('unsigned int' vs. 'int')
atomic_store_explicit(atomic<_Tp>* __o, _Tp __d, memory_order __m) _NOEXCEPT
2019-01-13 13:19:00 -05:00
topjohnwu
1df65940b9 Support Kirin 960 devices
Close #928
2018-12-31 16:09:14 +08:00
topjohnwu
3ccac8c3b8 Terminate forked children for exec after failure 2018-12-28 16:33:26 +08:00
topjohnwu
0be158afa1 Official KitKat support 2018-12-28 16:03:23 +08:00
topjohnwu
523e66294b Simpler su_info caching system 2018-12-26 11:56:49 +08:00
topjohnwu
23f8f35098 Stop using system STL since it is no longer supported 2018-12-25 19:38:44 +08:00
topjohnwu
8d210b5e37 Enhance EMUI 9 user experience 2018-12-25 01:08:46 +08:00
topjohnwu
3c6c0e6700 Support EMUI 9.0 2018-12-24 21:36:37 +08:00
topjohnwu
b245931c79 Prevent duplicates when "." or ".." occurs 2018-12-09 22:12:04 -05:00
topjohnwu
1fae89cbb6 Add new cpio command: "exists", to magiskboot 2018-12-05 20:27:48 -05:00
topjohnwu
109891d668 Make apk_install more portable 2018-12-05 18:36:27 -05:00
topjohnwu
a868118f6f Use defined symbols in SDK 16 libsqlite.so 2018-12-05 12:48:01 -05:00
topjohnwu
e5c62f5750 Allow post-fs-data module scripts to change module state 2018-12-05 12:47:29 -05:00
topjohnwu
08cd5b81d1 Try to repair boot_hdr v1 entries 2018-12-04 03:30:43 -05:00
topjohnwu
79b84da4b8 Adjust for new FrankeNDK 2018-12-04 02:08:51 -05:00
topjohnwu
68b07c5913 Use flags for smaller binary 2018-12-03 19:43:02 -05:00
topjohnwu
2a2e1236fc Use magic macros 2018-12-01 03:53:58 -05:00
topjohnwu
9b170f2b4f Switch from deprecated AUDITDENY to DONTAUDIT 2018-11-29 06:42:04 -05:00
topjohnwu
51e9ff59de Temporarily suppress warnings when applying Magisk rules 2018-11-29 06:31:05 -05:00
topjohnwu
2977dbcded Remove all dontaudit in magisk rules 2018-11-29 06:28:37 -05:00
topjohnwu
ac60b51035 Support removing redundant avtab nodes 2018-11-29 05:42:08 -05:00
topjohnwu
4c2f33a089 Remove '--install' 2018-11-29 04:35:43 -05:00
topjohnwu
3b071116ac Update magiskpolicy
- Generalize avtab node extraction and insertion
- Add new supported rules: type_change, type_member
- Update help message with official policy language
2018-11-29 03:46:29 -05:00
topjohnwu
f723427b8b Add built-in procfs protection on SDK 24+
More information in the Medium Post:
https://medium.com/@topjohnwu/from-anime-game-to-android-system-security-vulnerability-9b955a182f20
2018-11-28 01:27:32 -05:00
topjohnwu
f69a004c1c Use raw execve
Some devices have broken libc...
2018-11-28 00:07:57 -05:00
topjohnwu
e8cba3524e Kill target processes properly 2018-11-27 03:56:14 -05:00
topjohnwu
29457a1d28 Small adjustments 2018-11-26 03:26:45 -05:00
topjohnwu
731455f164 Update exec functions signatures 2018-11-26 03:06:48 -05:00
topjohnwu
b01a8cace6 Always try native accept4 2018-11-26 02:57:34 -05:00
topjohnwu
e67965a381 Silent some errors 2018-11-24 15:53:15 -05:00
topjohnwu
ec4723096f Prevent file descriptor from unclosed 2018-11-23 21:15:44 -05:00
topjohnwu
762b678d24 Prevent any SELinux issues of root shell streams 2018-11-23 21:08:06 -05:00
topjohnwu
38fcc57bbf Use component name as targets
Services can name their process name arbitrarily, for instance the service in
com.google.android.gms that is responsible for SafetyNet is named
com.google.android.gms.unstable. There are many apps out in the wild use
dedicated services with special names to detect root, and previously the user
is expected to add all of them to the hide list.

In this commit, we change from targeting process names to component names.
On Android, component names are composed of <pkg>/<cls>. When targeting
component names, we can always know what application spawned the new process.
This means that if the user adds a package name to the hidelist, MagiskHide can
now target ALL possible processes of that specific application.

To abide with this change, the default SafetyNet target is now changed from
com.google.android.gms.unstable (process name) to
com.google.android.gms/.droidguard.DroidGuardService (component name)
2018-11-23 15:47:49 -05:00
topjohnwu
c8c57c74cc Optimize proc_monitor 2018-11-23 14:32:33 -05:00
topjohnwu
0784448c69 Remove /.backup folder on start 2018-11-20 05:24:40 -05:00
topjohnwu
de0064af47 Fix SIGWINCH never followed
Close #786
2018-11-20 04:40:42 -05:00
topjohnwu
baae1fc84f Modernize selinux stub 2018-11-20 03:49:44 -05:00
topjohnwu
2ab999f4ca Fix bug in DB query wrapper 2018-11-20 02:20:49 -05:00
topjohnwu
c9f390d6e0 Abort upon any error occurred 2018-11-20 02:20:49 -05:00
topjohnwu
3622c49ce1 Update busybox 2018-11-18 15:58:41 -05:00
topjohnwu
0462e9a7d9 Update external dependencies 2018-11-18 03:34:59 -05:00
topjohnwu
c3a6091908 Update to 1.29.3 2018-11-18 02:45:21 -05:00
topjohnwu
ab5fedda0b Prevent Magisk database race condition
The database should only be accessed by a single process, which is magiskd.
This means 'magisk --sqlite [SQL]' has to be updated to pass the SQL command to the daemon.
In addition, open the database connection with SQLITE_OPEN_FULLMUTEX to support multithread in magiskd.
2018-11-16 03:20:30 -05:00
topjohnwu
ba70269398 Directly print output over socket 2018-11-16 01:49:15 -05:00
topjohnwu
77fd5fa7de Do not follow symlink when checking legacy paths 2018-11-16 01:16:25 -05:00
topjohnwu
ab74290fe3 Move magiskhide config into database 2018-11-16 01:15:34 -05:00
topjohnwu
3aad9d8166 Add CLI to detect MagiskHide status 2018-11-16 00:37:41 -05:00
topjohnwu
572e078d87 Fully deprecate <mount_point>/.core folder
Symlinks are preserved for backwards compatibility
2018-11-15 22:55:28 -05:00
topjohnwu
ee4548230b Disable native systemless hosts, add built-in systemless hosts module 2018-11-15 13:57:41 -05:00
topjohnwu
376e7977f0 Deprecate path /sbin/.core, switch to /sbin/.magisk
Symlink is preserved for backwards compatibility
2018-11-15 01:36:03 -05:00
topjohnwu
83ae66daea Change stock boot image SHA1 backup method 2018-11-15 00:33:20 -05:00
topjohnwu
89e0be0099 Fix a bug causing magiskhide CLI freezing 2018-11-13 02:22:55 -05:00
topjohnwu
ef40c1212e Prevent infinite loop if process is killed
Close #761
2018-11-13 02:11:02 -05:00
topjohnwu
3a2a2a4ffa Micro optimizations 2018-11-13 02:07:02 -05:00
topjohnwu
9592a69986 Prevent unmounting non-custom mount points 2018-11-13 01:53:48 -05:00
topjohnwu
c61c3ae0e9 Fix su shell environment setup 2018-11-10 02:17:13 -05:00
topjohnwu
3603b7c82b Move cmdline and extra_cmdline to the same line 2018-11-08 20:57:30 -05:00
topjohnwu
5743c72cca Minor cleanup 2018-11-08 15:23:36 -05:00
topjohnwu
4cdd66ceff Fix lowmemorykiller crash hell in Pixel 3 2018-11-08 13:41:03 -05:00
topjohnwu
d3947d2cfa Adjust logging in magiskpolicy 2018-11-08 06:43:11 -05:00
topjohnwu
07718b994a Fix magiskinit
The behavior of C and C++ is slightly different, and causes unable to set excl_list
2018-11-08 06:07:52 -05:00
topjohnwu
ef9d463bd7 Fix PLOGE 2018-11-08 06:07:02 -05:00
topjohnwu
8745c7884e Rename Array to Vector
Finally get rid of the C style vector, rename the template class to its proper name
2018-11-08 05:03:59 -05:00
topjohnwu
b6965105b7 Better parsing logic 2018-11-08 04:57:16 -05:00
topjohnwu
3d269fe8be Migrate MagiskInit to C++ 2018-11-08 04:20:16 -05:00
topjohnwu
be5f00aa1a Prevent stack overflow when managing hide list 2018-11-07 22:46:56 -05:00
topjohnwu
59ba350f34 Fix copy and move assigments of Array 2018-11-07 04:09:37 -05:00
topjohnwu
803c5377a6 Clean init.c 2018-11-07 02:21:15 -05:00
topjohnwu
7c12bf7fa1 Modernize code base 2018-11-07 02:10:38 -05:00
topjohnwu
ca35a9681f Minor code improvements 2018-11-06 05:02:30 -05:00
topjohnwu
9fe5f37337 Minor code improvements 2018-11-05 14:37:47 -05:00
topjohnwu
0742901cd2 Modernize database code 2018-11-04 18:24:08 -05:00