1613 Commits

Author SHA1 Message Date
topjohnwu
762b70ba9d Better string split implementation 2023-04-03 18:50:36 -07:00
topjohnwu
41b77e4f25 Make base as template argument for optimization 2023-04-03 18:32:11 -07:00
topjohnwu
2087e47300 Get random separately 2023-04-03 18:32:11 -07:00
vvb2060
46ce765860 Use stable random seed 2023-04-03 18:32:11 -07:00
LoveSy
15cab86152 Make module mirror read only 2023-04-02 22:03:02 -07:00
LoveSy
97731a519a Update zygisk API to avoid mem leak 2023-04-02 03:54:33 -07:00
LoveSy
4ff60ef9a9 No more patching libc.a on 64bit platforms 2023-04-01 03:51:57 -07:00
topjohnwu
23b1b69110 Consolidate zygisk cleanup routines 2023-04-01 03:37:17 -07:00
LoveSy
3a4fe53f27 New way to unload zygisk
Co-authored-by: 残页 <a1364259@163.com>
2023-04-01 03:37:17 -07:00
LoveSy
04324a7ebe Upgrade LSPlt to bypass a bionic bug 2023-03-23 20:56:35 -07:00
vvb2060
f54daa3469 Force ramdisk format to lz4_legacy for v4 2023-03-23 20:50:27 -07:00
LoveSy
07c22ccd39 Use app_dir to detect systemui instead
uid may be shared by other apps (e.g., in MIUI, systemui's uid
is 1000 and shared by many system apps).
2023-03-23 16:17:13 -07:00
LoveSy
e893c13cf1 Unlink preinit device if bind mount fails 2023-03-23 00:40:13 -07:00
LoveSy
dba5020e4f Refactor magiskrc 2023-03-22 17:53:15 -07:00
LoveSy
87e036a190 Update LSPlt to avoid crash when hooking libc 2023-03-22 12:02:33 -07:00
topjohnwu
4417997749 Make sure ro mmap region is not overwritten 2023-03-21 15:50:43 -07:00
LoveSy
2eef542054 Add amonet microloader support 2023-03-21 15:50:43 -07:00
LoveSy
b9d0a3b3d4 Use partition name or devpath's name 2023-03-21 00:40:11 -07:00
topjohnwu
76405bd984 Add more comments 2023-03-21 00:40:11 -07:00
topjohnwu
4e2b88b3d0 Rename rules to preinit
It is possible that we will allow more preinit files for modules.
Rename the partition and folders from rules to preinit.
2023-03-21 00:40:11 -07:00
LoveSy
7048aa1014 Rename sepolicy.rules -> rules 2023-03-21 00:40:11 -07:00
LoveSy
1c2fcd14b5 Mount sepolicy.rules for migration 2023-03-21 00:40:11 -07:00
vvb2060
362eea741f Refactor sepolicy.rules resolve native
Co-authored-by: LoveSy <shana@zju.edu.cn>
2023-03-21 00:40:11 -07:00
LoveSy
03cee0b8d4 Remove meaningless umount in magiskinit
This is no longer required since we redirect to /data/magiskinit
2023-03-19 23:35:18 -07:00
LoveSy
54ecc001f4 Clean up more codes 2023-03-19 23:20:19 -07:00
topjohnwu
af054e4e31 Bump minSdk to 23 2023-03-17 04:24:26 -07:00
LoveSy
d9f0aed571 Fix unpack -n and repack -n of ZIMAGE kernel 2023-03-17 02:00:46 -07:00
LoveSy
98813c24fb Drop trailing garbage of gzip decompress
I previously refered to minigzip from libz which copies all trailing
data to the output when decompressing. However, gzip, on the other
hand, drop trailing garbage by default. Consider ZIMAGE append
the kernel size with zero padding, we should drop trailing garbage
as well.
2023-03-17 02:00:25 -07:00
LoveSy
1a1646795f Support untrusted_app_32 2023-03-09 02:17:30 -08:00
南宫雪珊
4709a32641
Fix mkdir
Co-authored-by: LoveSy <shana@zju.edu.cn>
2023-03-07 01:47:26 -08:00
LoveSy
981ccabbef No support for partitions w/o symlink in /system 2023-03-06 05:23:40 -08:00
vvb2060
9e07eb592c Fix make private before remount 2023-03-06 05:18:16 -08:00
LoveSy
9555380818 Replace parse_mnt with parse_mount_info 2023-03-06 05:09:12 -08:00
topjohnwu
a1ce6f5f12 Fix race condition when switching root manager
Before this change, the root manager package name is only written into
the database after the repackaged APK is installed. In the time between
the repackaged APK being installed and the package name being written
into the database, if some operation calls `get_manager`, the Magisk
daemon will cache this result and ignore the repackaged APK, even if
the package name is set afterwards, because the cache won't be
invalidated. The result is that the repackaged manager APK will not be
recognized as the root manager, breaking the hide manager feature.

This race condition is more likely to happen when Zygisk is enabled,
because `get_manager` is called with a very high frequency in that case.

To fix the issue, we have to set the new package name into the database
BEFORE installing the repackaged APK. We also stop pruning the
database if the repackaged manager is not found, moving this logic into
the Magisk app. By doing so, we can guarantee that the instant after
the repackaged manager APK is installed, the Magisk daemon will
immediately pick it up and treat it as the root manager.

Another small optimization: when the requester is root, simply bypass
the whole database + manager package check. Since the Magisk app hiding
APK installation proces will call `su` several times to run `pm` under
different UIDs, doing this opimization will reduce the amount of
unnecessary database query + filesystem traversals.
2023-03-06 03:58:58 -08:00
LoveSy
1aade8f8a8 No greedy match to find parent mount point
This fixes /sys is considered as a parent mount point of /system
2023-03-03 11:09:03 -08:00
LoveSy
b6ea5b8984 Fix SYSTEM_ROOT not passed to boot patch 2023-03-02 23:39:50 -08:00
LoveSy
f59fbd5dca Filter duplicate mount points
This prevents umounting existing overlay mount points
2023-03-02 14:33:50 -08:00
LoveSy
da36e5bcd5 Make worker private 2023-03-02 02:25:44 -08:00
南宫雪珊
3726eb6032
Deny init relabel to adb_data_file
Co-authored-by: 残页 <a1364259@163.com>
Co-authored-by: LoveSy <shana@zju.edu.cn>
2023-03-02 02:20:38 -08:00
vvb2060
4772868d6a Move REMOUNT_ROOT 2023-03-02 02:05:38 -08:00
vvb2060
7dbfba76bf Umount by tmpfs id 2023-02-26 14:23:11 -08:00
vvb2060
2a4aa95a6f Identify tmpfs used by magisk 2023-02-26 14:23:11 -08:00
LoveSy
a1a87c9956 Get rid of vtable hook 2023-02-26 04:59:21 -08:00
vvb2060
2c53356bfd Remove unexpected files 2023-02-26 03:47:38 -08:00
topjohnwu
85d9756f62 Update Zygisk API documentation 2023-02-26 03:16:13 -08:00
LoveSy
d7158131e4 No need to manually parse mount flags 2023-02-26 01:15:18 -08:00
topjohnwu
3d3082bc82 Minor optimizations 2023-02-26 01:14:10 -08:00
topjohnwu
744ebca206 Don't let inter_node upgrade to module_node 2023-02-25 22:05:50 -08:00
topjohnwu
92077ebe53 Refactor module and node implementation 2023-02-25 18:19:46 -08:00
LoveSy
78ca682bc5 Always mount tmpfs for dirs
https://android-review.googlesource.com/c/platform/system/core/+/928592
2023-02-25 18:19:46 -08:00
LoveSy
af01a36296 Refactor magic mount to support overlayfs
Previously, magic mount creates its own mirror devices and mount
mirror mount points. With these mirror mount points, magic mount
can get the original files and directory trees. However, some
devices use overlayfs to modify some mount points, and thus after
magic mount, the overlayed files are missing because the mirror
mount points do not contain the overlayed files. To address this
issue and make magic mount more compatible, this patch refactors
how magic mount works.

The new workflows are as follows:
1. make MAGISKTMP a private mount point so that we can create the
   private mount points there
2. for mirror mount points, we instead of creating our own mirror
   devices and mount the mirror mount points, we "copy" the
   original mount points by recursively mounting /
3. to prevent magic mount affecting the mirror mount points, we
   recursively set the mirror mount points private
4. to trace the mount points we created for reverting mounts, we
   again make the mirror mount points shared, and by this way we
   create a new peer group for each mirror mount points
5. as for tracing the newly created tmpfs mount point by magic
   mount, we create a dedicated tmpfs mount point for them, namely
   worker mount point, and obviously, it is shared as in a newly
   created peer group for tracing
6. when reverting mount points by magic mount, we can then trace
   the peer group id and unmount the mount points whose peer group
   ids are created by us

The advantages are as follows:
1. it is more compatible, (e.g., with overlayfs, fix #2359)
2. it can mount more partitions for which previous implementation
   cannot create mirror mount points (fix #3338)
2023-02-25 18:19:46 -08:00
LoveSy
97ed1b16d0 Fix gzip decompression 2023-02-20 18:26:04 -08:00
残页
ae34659b26
No kernel repack if it isn't patched at all
It turns out that decompressing and recompressing the kernel is enough to break booting on many devices that use MT6763.
Fix #5124, fix #6204, fix #6566 

Co-authored-by: LoveSy <shana@zju.edu.cn>
Co-authored-by: 南宫雪珊 <vvb2060@gmail.com>
2023-02-17 15:00:14 -08:00
LoveSy
79a85f5937 Use mountinfo for revert unmount 2023-02-17 12:36:19 -08:00
LoveSy
b249832571 Use statfs to check rootfs
This helps support adb remount
2023-02-12 22:49:27 -08:00
LoveSy
577b5912af Fix SKIP_FD_SANITIZATION false positive
Fix #6523
2023-02-12 00:40:09 -08:00
LoveSy
9e8c68af12
Refactor sepolicy.rules resolve
We resolve available partitions for sepolicy.rules when patching
boot and bind mount the partition by magiskinit.

For older devices, the previous logic won't work because the part name
is never readable.

Co-authored-by: topjohnwu <topjohnwu@gmail.com>
2023-02-12 00:36:38 -08:00
shìwēi nguyen
03418ddcbf
run module uninstall.sh on Magisk uninstallation 2023-02-09 20:36:58 -08:00
LoveSy
220a1c84ce Zygisk v4 module's plt commit should not use regex 2023-02-09 20:19:53 -08:00
vvb2060
7a9e6d2ad2 Remove unexpected /sbin/overlay.d 2023-02-09 20:08:59 -08:00
canyie
6ecc04a4df Fix auto install stub 2023-01-23 01:55:28 +08:00
LoveSy
0329f00129 Upgrade LSPlt
Fix #6533
2023-01-20 19:29:55 +08:00
topjohnwu
cd8a2edefb Reduce unnecessary formatting 2023-01-20 14:41:34 +08:00
LoveSy
4318ab5cd2 Reuse tmpfs for magic mount
As we already have a tmpfs (magisktmp), we can reuse them for
magic mount
2023-01-20 03:49:40 +08:00
topjohnwu
3517e6d752 Handle nullptr char* in Rust 2023-01-20 03:45:16 +08:00
LoveSy
67845f9c21
Clear sepolicy rules when disable/remove modules
Co-authored-by: topjohnwu <topjohnwu@gmail.com>
2023-01-19 04:25:44 +08:00
Kian-Meng Ang
f562710438 Fix typos
Found via `codespell -S *.xml,*.kt,./native/src/external -L crate,bu`
2023-01-18 16:35:37 +08:00
vvb2060
e836909c50 umount old hijack binary 2023-01-18 13:06:17 +08:00
topjohnwu
8f7d6dfb77 Cleanup unused functions 2023-01-12 23:17:41 +08:00
canyie
e73f87b758 Update LSPlt 2023-01-12 01:18:56 +08:00
topjohnwu
636223b289 Cleanup APIs 2023-01-10 02:42:45 +08:00
LoveSy
aa0a2f77cf Add inode plt hook APIs 2023-01-10 02:42:45 +08:00
LoveSy
37b81ad1f6 Refine module preparation return value 2022-12-26 17:17:41 -08:00
topjohnwu
57d83635c6 Check stub.xz existence 2022-12-26 16:07:04 -08:00
vvb2060
ad0e6511e1 Stop embedding stub.apk in magiskinit 2022-12-26 16:07:04 -08:00
LoveSy
5763a3d908
Support replacing existing .rc by overlay.d
Co-authored-by: topjohnwu <topjohnwu@gmail.com>
2022-12-26 03:28:10 -08:00
topjohnwu
a848783b97 Guard boot stages more precisely
Close #6468, fix #6148
2022-12-26 00:04:58 -08:00
LoveSy
4d876f0145 Support detecting safemode by ro.sys.safemode 2022-12-24 15:16:53 -08:00
LoveSy
bdfedea4e0 Close missing fd
Fix #6463
2022-12-24 15:16:27 -08:00
topjohnwu
dadae20960 Remove unused implementations 2022-12-23 17:20:39 -08:00
LoveSy
4ed34cd648 Eliminate unnecessarily copy on magiskinit
This patch reuses the abused /data tmpfs for magisktmp
2022-12-23 17:03:16 -08:00
残页
33f5154269
Inject binaries into /system if sbin not accessible
Some Android 11+ devices have the /sbin partition but not accessible by the global shell (`PATH` doesn't contain `/sbin`). Not only custom ROMs but also some stock ROMs have the same behavior so I believe it is something we need to deal with.
Fix #6427, fix #4309, fix #5728, fix #3593
2022-12-13 13:54:55 -08:00
topjohnwu
ed37ddd570 Stricter validation 2022-11-22 14:47:37 -08:00
LoveSy
cd5384f13e Fix crashes whenever a zygisk module has ver > 4 2022-11-22 14:47:37 -08:00
LoveSy
11b2ddbad8
Fix zygisk v4 ApiTable abi
Also refactor some code to let the compiler check the abi

Co-authored-by: topjohnwu <topjohnwu@gmail.com>
2022-11-22 11:49:31 -08:00
topjohnwu
cf9957ce4d Properly detect SysUI appId
Fix #6322
2022-11-01 02:04:50 -07:00
topjohnwu
44643ad7b3 Restrict pointer aliasing
Close #6354, close #6353
2022-10-31 16:35:33 -07:00
topjohnwu
616adc22e1 Support Linux < 3.6 2022-10-31 16:00:42 -07:00
残页
a468fd946d Fix #6314 2022-10-11 13:01:34 -07:00
topjohnwu
c3b4678f6e Properly detect SysUI 2022-10-10 21:28:13 -07:00
残页
44cfe94e4d
Always cleanup init LD_PRELOAD hooks
Fix #6296
2022-10-03 08:26:33 -07:00
topjohnwu
095d821240 Don't use xopen in readlink 2022-09-25 16:35:28 -07:00
topjohnwu
48f829b76e Minor refactoring 2022-09-21 03:09:46 +02:00
topjohnwu
af99c1b843 Don't crash when nullptr paired with len = 0 2022-09-15 16:56:22 -07:00
topjohnwu
c6646efe68 Move all xwrap to Rust 2022-09-15 01:17:05 -07:00
canyie
9474750bdf Close fd of erroneous daemon socket connections 2022-09-13 04:29:29 -07:00
LoveSy
e86db0bd61 Reset stack guard after fork from Zygote 2022-09-13 04:18:34 -07:00
topjohnwu
a66a3b7438 Make sure logs are always ended with newline 2022-09-09 04:29:50 -07:00
topjohnwu
44029875a6 Add new API exemptFd 2022-09-09 03:27:19 -07:00
topjohnwu
ccf21b0992 Zygisk code refactor 2022-09-07 13:48:20 -07:00
topjohnwu
4e14dab60a Specialize does not need to close logd_fd 2022-09-06 03:01:39 -07:00
topjohnwu
6e299018a4 Preserve logd_fd after specialization
Also add more comments regarding FD checks
2022-09-02 01:49:17 -07:00
topjohnwu
555a54ec53 Avoid doing any unmounts for SysUI 2022-08-31 00:15:15 -07:00
topjohnwu
1565bf5442 Make Zygisk API 0BSD 2022-08-30 01:58:40 -07:00
topjohnwu
14b830027b Cleanup zygisk headers 2022-08-30 01:40:14 -07:00
topjohnwu
38325e708e Make private applets hidden 2022-08-27 14:50:28 -07:00
topjohnwu
646260ad6d Fix typo 2022-08-27 05:27:23 -07:00
topjohnwu
d1d26f4481 Fix building individual applet 2022-08-27 05:06:28 -07:00
vvb2060
77d8445bfd Avoid hardcode package name 2022-08-24 03:18:55 -07:00
topjohnwu
a54114f149 Pre-grant permissions if possible 2022-08-23 05:09:50 -07:00
vvb2060
c2f96975ce Pre grant as much as possible 2022-08-23 01:33:10 -07:00
topjohnwu
4737c5117a Update to ONDK r25.2 2022-08-19 16:26:25 -07:00
topjohnwu
9806b38d8e Introduce zygisk loader
Use a separate library for 1st stage
2022-08-19 04:49:19 -07:00
topjohnwu
34dd9eb7d6 More Rust 2022-08-19 02:21:52 -07:00
topjohnwu
4d9b7e7114 More Rust 2022-08-15 11:53:51 -07:00
topjohnwu
40aab13601 Make IDE recognize we are targeting Android 2022-08-09 14:09:39 -07:00
topjohnwu
4c0f72f68f Move part of libbase to Rust 2022-08-08 22:53:37 -07:00
残页
1735a713cb
Use ANDROID_DLEXT_FORCE_LOAD to load second stage if possible
Fix #6095
2022-08-08 02:43:19 -07:00
残页
52ba6d11bc
Don't let remote errors crash Zygisk
Fix #6095
2022-08-07 05:09:46 -07:00
topjohnwu
7357a35f8d Fix build errors 2022-08-07 05:03:18 -07:00
Acetylcholine
aeb7fd7cb3
Fix denylist add_list
Signed-off-by: ACh Sulfate <xenonhydride@gmail.com>
Co-authored-by: John Wu <topjohnwu@gmail.com>
2022-08-07 04:48:47 -07:00
topjohnwu
1b4a6850b8 Ensure parent folders exist before extract 2022-08-07 04:06:18 -07:00
canyie
1d0b873950 Fix sepolicy attribute rule parsing
Fix #6166
2022-08-07 03:35:50 -07:00
canyie
e8787b5cfd Fix UB when remote process died
If remote process died, `xreadlink` fails and leaves `buf` uninitialized. Then the daemon calls `str_ends`, creates a temp `std::string_view` with the uninitialized buffer and undefined behavior occurs.
2022-08-02 12:54:54 -07:00
topjohnwu
b496923cbb Update Cargo.toml 2022-07-24 06:14:49 -07:00
topjohnwu
759d196aad Update cxx.rs 2022-07-24 05:45:23 -07:00
topjohnwu
a7ab8216ce Proper build scripts 2022-07-24 05:39:14 -07:00
topjohnwu
b9e89a1a2d Restructure the native module
Consolidate all code into the src folder
2022-07-23 13:51:56 -07:00
vvb2060
c7c9fb9576 Restore context before copy
fix magiskpolicy context
2022-07-23 03:57:43 -07:00
vvb2060
8b095de04d Fix app_zygote context 2022-07-23 03:14:44 -07:00
vvb2060
d4b9ef736d Check magisk32 exists 2022-07-23 02:41:36 -07:00
vvb2060
00d3cb0908 magisk_node: check target exists 2022-07-23 02:40:13 -07:00
vvb2060
d35072d4e6 Match app_zygote by context 2022-07-23 02:39:28 -07:00
topjohnwu
4264ae49c0 Format with rustfmt 2022-07-22 03:56:09 -07:00
LoveSy
3906fe75dc Clean up code 2022-07-21 00:52:28 -07:00
topjohnwu
910a36fdc1 Make sepolicy.rules relative if possible 2022-07-20 19:28:38 -07:00
canyie
8423dc8d63 Later check persistent_properties
`daemon_entry` calls `getprop` which initializes sysprop impl and checks whether we need to load persistent property file. On FDE devices, magiskd starts before /data is actually decrypted, and the check always fails. Thus `persist_getprop("persist.sys.safemode")` will always fail.
2022-07-20 09:58:20 -07:00
Andrew Gunnerson
1f8c063dc6 Fix booting into recovery with Android 13 GKI kernels
With Android 13 GKI kernels, the boot partition has no ramdisk, so
Magisk constructs one from scratch. In this scenario, there's no backup
init binary at /.backup/init. For normal boot, magiskinit will symlink
/init -> /system/bin/init if needed. This commit implements the same
for booting into recovery. Before, magiskinit would just exec itself
over and over again because it couldn't restore the backup init.

Signed-off-by: Andrew Gunnerson <chillermillerlong@hotmail.com>
2022-07-18 13:33:50 -07:00
topjohnwu
70fd03d5fc Rearchitect logging 2022-07-06 01:16:08 -07:00
topjohnwu
2e52875b50 Move all logging into Rust 2022-07-05 21:13:09 -07:00
vvb2060
c2978eb9c3 More log for get_manager 2022-07-01 15:13:38 -07:00
topjohnwu
b4863eb51b Setup logging infra in the Rust side 2022-07-01 04:54:00 -07:00
LoveSy
3817167ba1 Correct ro.crypto.state check
Fix #6042

Co-authored-by: vvb2060 <vvb2060@gmail.com>
2022-06-30 19:32:43 -07:00
topjohnwu
26116ac414 Setup preliminary rust infrastructure 2022-06-30 14:50:21 -07:00
LoveSy
3ae7344747
Create /dev on stub cpio 2022-06-22 04:05:50 -07:00
canyie
00247c7901 Fix meizu non-SAR 2SI compatibility again
Meizu devices using 2SI won't switch root to /system and still on rootfs, and /init is the 1st stage's, which cannot handle the 2nd stage. So we have to manually execute /system/bin/init for the 2nd stage.
2022-06-19 01:22:18 -07:00
topjohnwu
3c75f474c6 Embed version info in prop format 2022-06-19 00:43:38 -07:00
topjohnwu
db1f5b0397 Reduce files relying on flags.h 2022-06-19 00:43:38 -07:00
vvb2060
b9c93c66f6 Force app version not lower than daemon 2022-06-17 11:53:16 -07:00
topjohnwu
741b679306 Cleanup libbase 2022-06-17 02:36:04 -07:00
LoveSy
4e2ecdb920
Fix env overflow
Fix #5989
2022-06-17 02:02:44 -07:00
topjohnwu
9469e79e3c Proper namespacing
The IDE will get confused when #include is in a namespace
2022-06-15 02:38:56 -07:00
topjohnwu
db78c20161 Add dtb test command 2022-06-15 02:26:50 -07:00
topjohnwu
1699da1754 Update help message and make behavior consistent 2022-06-14 21:19:17 -07:00
canyie
754e690274 Fix config backup for legacy SAR 2022-06-14 02:57:47 -07:00
vvb2060
42606efe56 Always remove task 2022-06-09 21:02:31 -07:00
vvb2060
cae58c8790 Update hijack bins 2022-06-08 23:30:22 -07:00
topjohnwu
3a39dd4049 Update ramdisk restore implementation 2022-06-08 23:23:39 -07:00
canyie
89ff3c6572 Don't backup ramdisk created by Magisk
Fix topjohnwu#5938, fix topjohnwu#5944
2022-06-08 04:53:43 -07:00
topjohnwu
7bf9c74216 Don't skip backup even if original does not exist
Close #5945, fix #5944
2022-06-08 03:58:25 -07:00
vvb2060
569e9ad937 Use noHistory attribute for SuRequestActivity 2022-06-06 02:58:52 -07:00
vvb2060
9679874874 Disable repack on android 5.0
am does not support -p
2022-06-01 02:05:15 -07:00
topjohnwu
8186f253e8 Fix zygisk code unloading 2022-06-01 01:50:42 -07:00
topjohnwu
d4fe8632ec Support SELinux disabled on debug builds 2022-05-31 22:24:13 -07:00
vvb2060
d7776f6597 Return empty on failure to get context 2022-05-31 18:35:56 -07:00
topjohnwu
e4094c0caa Update build scripts 2022-05-30 03:47:31 -07:00
topjohnwu
2e51fe20a1 Move things to the correct location 2022-05-30 02:09:07 -07:00
topjohnwu
50e2f33d1c More debug indication in UI
Close #5874
2022-05-30 01:53:07 -07:00
topjohnwu
5e6eb8dd01 Avoid non-blocking I/O 2022-05-30 01:21:38 -07:00
topjohnwu
bf2f823b8c Prune unused UID at boot 2022-05-29 23:43:22 -07:00
topjohnwu
d0c4226997 Proper package state management 2022-05-29 23:31:57 -07:00
topjohnwu
4ea8bd0229 Fix incorrect use of compare_exchange 2022-05-29 22:19:56 -07:00
vvb2060
d19fcd5e21 Check path when start daemon 2022-05-29 09:08:05 -07:00
vvb2060
0b5f973b31 Print message when getting original app_process fails 2022-05-29 03:46:31 -07:00
topjohnwu
490a784993 Handle zygote restarts 2022-05-28 22:39:44 -07:00
topjohnwu
9c774f96db Use exec for boot_complete 2022-05-28 16:53:04 -07:00
topjohnwu
8dfb30fefe Skip cert check on debug builds 2022-05-24 05:39:16 -07:00
topjohnwu
2a252d13b8 Enforce dyn APK signature in stub app 2022-05-24 05:21:36 -07:00
topjohnwu
083ef803fe Enforce package signature verification 2022-05-20 04:37:58 -07:00
topjohnwu
351f0269ae Install stub if necessary 2022-05-19 22:54:49 -07:00
topjohnwu
a29ae15ff7 Proper get_manager implementation 2022-05-19 02:39:57 -07:00
topjohnwu
34dded3b25 Fix denylist on shared UID apps 2022-05-18 01:59:45 -07:00
topjohnwu
975b1a5e36 Prune unused UIDs from su policies 2022-05-18 01:55:58 -07:00
topjohnwu
c11ccbae2d Extract vbmeta from footer
Do not scan manually, extract properly from footer like libavb
2022-05-13 02:49:18 -07:00
topjohnwu
985249c3d0 Support GKIs without ramdisk
Fix #5819
2022-05-12 03:04:55 -07:00
topjohnwu
622e09862a Restructure native codebase 2022-05-12 02:03:51 -07:00
残页
7505599ea0 Skip invalid slot_suffix argument
Many Amlogic devices (e.g. FireTV 2nd gen Cube, Vero 4k+, MI Smart Speaker, etc.) are A-only with androidboot.slot_suffix=normal argument. I think "normal" actually means A-only in this case so just ignore it.

Fix topjohnwu#5806
2022-05-12 00:37:22 -07:00
topjohnwu
575c417403 More detailed comments and documentation 2022-05-11 21:12:37 -07:00
topjohnwu
9f7a3db8be Move cert extraction to its own file 2022-05-11 21:12:37 -07:00
topjohnwu
029422679c Remove enforcement
Enforcement will be re-implemented later
2022-05-11 21:12:37 -07:00
vvb2060
05d6d2b51b Verify app signature 2022-05-11 21:12:37 -07:00
topjohnwu
24603b3cef Update Android Studio 2022-05-09 20:53:47 -07:00
topjohnwu
90545057e9 Always initialize module_list
Close #5712
2022-05-06 01:40:19 -07:00
canyie
4f1a1879e5 Misc QoL changes
- su: Preserve correct capacity to avoid vector reallocation
- su: Properly format code
- daemon: Remove useless `if`
- docs: Remove outdated info
2022-05-06 01:01:58 -07:00
topjohnwu
134508193d Mock selinuxfs load with regular file
The hijacked load node does not need to be a FIFO. A FIFO is only
required for blocking init's control flow, which is already achieved
by hijacking the enforce node.
2022-04-16 07:28:20 -07:00
topjohnwu
3358eab991 Switch to use ONDK 2022-04-15 12:20:18 -07:00
vvb2060
f97866a961 Close stub fd 2022-04-13 23:19:14 -07:00
vvb2060
e1987c42c4 Cleanup SELinux mock files 2022-04-13 23:18:55 -07:00
canyie
18566715e1 Fix MAGISKTMP unmount for CLI 2022-04-10 01:44:16 -07:00
topjohnwu
63a89d9f04 Fix init dmesg logs 2022-04-08 02:38:30 -07:00
canyie
b4099fc5f9 Support sepolicy.unlocked
Fix topjohnwu#4914
2022-04-08 02:24:20 -07:00
topjohnwu
ff2513e276 Use LD_PRELOAD to intercept sepolicy on 2SI init 2022-04-08 02:13:31 -07:00
topjohnwu
f24d52436b Deduplicate logic 2022-04-08 00:20:21 -07:00
vvb2060
9de6e8846b Dump stub app to MAGISKTMP/stub.apk 2022-04-07 23:20:42 -07:00
vvb2060
01a1213463 /data/adb/magisk/magisk.apk no longer exists 2022-04-07 23:20:42 -07:00
canyie
448384af06 Guard su request IPC
Previously `read_string()` calls `std::string.resize()` with a int read from remote process. When I/O error occurs, -1 will be used for resizing the string, `std::bad_alloc` is thrown and since magisk is compiled with `-fno-exceptions`, it will crash the whole daemon process.

May fix topjohnwu#5681
2022-04-06 21:15:07 -07:00
canyie
3f840f53a0 Check device tree fstab entries are compatible
Fix topjohnwu#5664
2022-04-02 04:28:30 -07:00
topjohnwu
704f91545e Reorganize magiskpolicy source code 2022-03-29 22:26:38 -07:00
topjohnwu
efb3239cbd Drop package_name column 2022-03-28 02:05:09 -07:00
topjohnwu
7e7ddeb9e2 Cleanup database migration code 2022-03-28 00:59:16 -07:00
LoveSy
9e8218089b Only dlopen valid fd 2022-03-26 13:48:53 -07:00
topjohnwu
9f1740cc4f Add preliminary shared UID app support 2022-03-25 13:08:13 -07:00
topjohnwu
b1faa5eed4 Update BusyBox
Close #5620
2022-03-22 04:18:12 -07:00
LoveSy
7f1f0b9048 Proper support multiple modules adding same dir 2022-03-21 15:53:49 -07:00
LoveSy
183e5f2ecc
Fix xhook cannot hook app_process
Co-authored-by: canyie <31466456+canyie@users.noreply.github.com>
Co-authored-by: John Wu <topjohnwu@gmail.com>
2022-03-21 15:52:38 -07:00
topjohnwu
3dc7d77ea9 Patch monolithic sepolicy only if not treble 2022-03-19 20:21:31 -07:00
残页
0f07bbb3e5 Device using split policy can still have monolithic sepolicy file 2022-03-19 12:37:48 -07:00
LoveSy
dd5a3416bf Fix multiple modules adding the same subdirectory 2022-03-19 12:28:54 -07:00
LoveSy
2fb49ad780 Don't always mock selinux enforce as "0" 2022-03-19 12:28:32 -07:00
topjohnwu
876132694d Make /dev always writable 2022-03-18 04:58:37 -07:00
topjohnwu
753808a4ce Also hijack plat_file_contexts if necessary
Since Android 13, sepolicy are also loaded from APEX modules. Part
of the change is to run restorecon before SELinux is set to enforce.
In order to support this situation, we also hijack plat_file_contexts
if necessary to properly order our operations.

Original idea credits to @yujincheng08, close #5603
2022-03-18 00:46:34 -07:00
topjohnwu
32cd694ad5 SAR can also have monolithic sepolicy 2022-03-17 22:32:49 -07:00
topjohnwu
f008420891 Make magiskinit not magiskpolicy 2022-03-17 03:36:40 -07:00
topjohnwu
fa8900be65 Use standalone magiskpolicy 2022-03-17 03:15:39 -07:00
LoveSy
69c2f407d6 Log if failed to dlopen a zygisk module 2022-03-17 02:25:31 -07:00
topjohnwu
8dbf93750f Reorganize magiskinit code 2022-03-16 21:41:20 -07:00
topjohnwu
e266a81167 Remove unused code 2022-03-16 21:31:22 -07:00
topjohnwu
e841aab9e7 Add hijack sepolicy support for rootfs devices
On older Android versions, pre-mounting selinuxfs will lead to errors,
so we have to use a different method to block init's control flow.
Since all devices that falls in this catagory must both:

1. Be Android 8.0 - 9.0
2. Have early mount fstab in its device tree

We can actually use the same FIFO trick, but this time not on selinuxfs,
but on the read-only device tree nodes in sysfs or procfs. By mocking
the fstab/compatible node in the device tree, we can block init when
it attempts to do early mount; at that point, we can then mock selinuxfs
as we normally would, successfully hijack and inject patched sepolicy.
2022-03-16 20:01:28 -07:00
topjohnwu
49f259065d Introduce new sepolicy injection mechanism
In the current implementation, Magisk will either have to recreate
all early mount implementation (for legacy SAR and rootfs devices) or
delegate early mount to first stage init (for 2SI devices) to access
required partitions for loading sepolicy. It then has to recreate the
split sepolicy loading implementation in-house, apply patches, then
dump the compiled + patched policies into monolithic format somewhere.
Finally, it patches the original init to force it to load the sepolicy
file we just created.

With the increasing complexity involved in early mount and split
sepolicy (there is even APEX module involved in the future!),
it is about time to rethink Magisk's sepolicy strategy as rebuilding
init's functionality is not scalable and easy to maintain.

In this commit, instead of building sepolicy ourselves, we mock
selinuxfs with FIFO files connected to a pre-init daemon, waiting
for the actual init process to directly write the sepolicy file into
MagiskInit. We then patch the file and load it into the kernel. Some
FIFO tricks has to be used to hijack the original init process's
control flow and prevent race conditions, details are directly in the
comments in code.

At the moment, only system-as-root (read-only root) support is added.
Support for legacy rootfs devices will come with a follow up commit.
2022-03-16 00:31:55 -07:00
topjohnwu
b10379e700 Cleanup inheritance 2022-03-14 04:22:09 -07:00
topjohnwu
810d27a618 Use /data as tmpfs mount point in 2SI setup
Design credit to @yujincheng08
Close #5146. Fix #5491, fix #3752

Previously, Magisk changes the mount point from /system to /system_root
by patching fstab to prevent the original init from changing root.
The reason why we want to prevent the original init from switching the
root directory is because it will then be read-only, making patching
and injecting magiskinit into the boot chain difficult.

This commit (ab)uses the fact that the /data folder will never be part
of early mount (because it is handled very late in the boot by vold),
so that we can use it as the mount point of tmpfs to store files.

Some advantages of this method:

- No need to switch root manually
- No need to modify fstab, which significantly improves compatibility
  e.g. avoid hacks for weird devices like those using oplus.fstab,
  and avoid hacking init to bypass fstab in device trees
- Supports skip_mount.cfg
- Support DSU
2022-03-13 05:06:08 -07:00
topjohnwu
9b60c005c7 Support multiple CPIO concatenated 2022-03-13 04:23:00 -07:00
topjohnwu
563a587882 Initialize local variables
Fix #5542
2022-03-09 20:43:42 -08:00
topjohnwu
0c681cdab4 Check null before dereferencing fds_to_ignore 2022-03-03 21:34:53 -08:00
topjohnwu
80dd37ee31 Add missing specialize arguments 2022-03-02 22:01:35 -08:00
topjohnwu
e0b5645064 Revert "Directly use getrandom system call if possible"
This reverts commit e7c82f20e3d7d7b47221b454508d07aefc14e7c0.
Fix #5516
2022-03-02 19:50:47 -08:00
topjohnwu
548d70f30c Mount with original option
Fix #5481, close #5486
2022-03-01 20:09:59 -08:00
topjohnwu
9968af0785 Move all permission check into daemon.cpp 2022-03-01 03:15:38 -08:00
topjohnwu
be7586137c Reduce C++ wizardry 2022-03-01 03:15:38 -08:00
LoveSy
7999b66c3c Refactor daemon connection 2022-03-01 03:15:38 -08:00
vvb2060
c82a46c1ee Check property before switch mem cgroup 2022-02-28 23:27:23 -08:00
vvb2060
666ab1941f Fix app request fifo wait 2022-02-28 23:26:59 -08:00
topjohnwu
e7c82f20e3 Directly use getrandom system call if possible 2022-02-16 23:57:28 -08:00
LoveSy
afa771a980 Set dlopen reserved size to unlimited 2022-02-16 23:05:17 -08:00
topjohnwu
4c80808997 Check packages.xml inode to trigger app rescan 2022-02-14 02:57:33 -08:00
topjohnwu
d021bca6ef Prevent app_process from setting umask
Fix #5435
2022-02-11 01:26:24 -08:00
topjohnwu
55ed6109c1 Use dynamic_bitset.emplace_back() 2022-02-11 01:10:26 -08:00
LoveSy
88e8f2bf83
Proper escape : and \ when binding intent 2022-02-11 01:07:28 -08:00
topjohnwu
605eae21bc Remove unnecessary read/write
Close #5425
2022-02-11 00:24:12 -08:00
topjohnwu
93eb277a88 Update error messages 2022-02-11 00:01:51 -08:00