Several improvements

1. Add new trigger "load_magisk_props_action" in init.magisk.rc
2. Patch init*.rc with new trigger
3. Update resetprop to handle prop value with spaces
4. Handle the case when modules contains file/folder names with spaces

.gitignore

@@ -14,7 +14,11 @@ uninstaller/x64/*
 ziptools/zipadjust
 
 # Generated scripts
+uninstaller/common/
 zip_static/common/magic_mask.sh
+zip_static/common/magisksu.sh
+zip_static/common/init.magisk.rc
+zip_static/common/custom_ramdisk_patch.sh
 zip_static/META-INF/com/google/android/update-binary
 
 # Leave all busybox!

build.cmd

@@ -53,11 +53,11 @@ EXIT /B %ERRORLEVEL%
   ECHO ************************
   ECHO * Copying binaries
   ECHO ************************
-  COPY /Y libs\armeabi\* zip_static\arm
+  COPY /Y libs\armeabi-v7a\* zip_static\arm
   COPY /Y libs\arm64-v8a\* zip_static\arm64
   COPY /Y libs\x86\* zip_static\x86
   COPY /Y libs\x86_64\* zip_static\x64
-  CALL :mkcp libs\armeabi\bootimgtools uninstaller\arm
+  CALL :mkcp libs\armeabi-v7a\bootimgtools uninstaller\arm
   CALL :mkcp libs\arm64-v8a\bootimgtools uninstaller\arm64
   CALL :mkcp libs\x86\bootimgtools uninstaller\x86
   CALL :mkcp libs\x86_64\bootimgtools uninstaller\x64
@@ -74,7 +74,11 @@ EXIT /B %ERRORLEVEL%
   forfiles /P zip_static\x86 /C "cmd /C IF NOT @file == \"busybox\" DEL @file"
   forfiles /P zip_static\x64 /C "cmd /C IF NOT @file == \"busybox\" DEL @file"
   2>NUL DEL zip_static\META-INF\com\google\android\update-binary
+  2>NUL DEL zip_static\common\custom_ramdisk_patch.sh
+  2>NUL DEL zip_static\common\magisksu.sh
+  2>NUL DEL zip_static\common\init.magisk.rc
   2>NUL DEL zip_static\common\magic_mask.sh
+  2>NUL RMDIR /S /Q uninstaller\common
   2>NUL RMDIR /S /Q uninstaller\arm
   2>NUL RMDIR /S /Q uninstaller\arm64
   2>NUL RMDIR /S /Q uninstaller\x86
@@ -98,6 +102,9 @@ EXIT /B %ERRORLEVEL%
   ECHO ************************
   ECHO * Zipping Magisk v%~1
   ECHO ************************
+  COPY /Y scripts\custom_ramdisk_patch.sh zip_static\common\custom_ramdisk_patch.sh
+  COPY /Y scripts\magisksu.sh zip_static\common\magisksu.sh
+  COPY /Y scripts\init.magisk.rc zip_static\common\init.magisk.rc
   CD zip_static
   2>NUL DEL "..\Magisk-v%~1.zip"
   ..\ziptools\win_bin\zip "..\Magisk-v%~1.zip" -r .
@@ -112,6 +119,7 @@ EXIT /B %ERRORLEVEL%
   ECHO ************************
   ECHO * Zipping uninstaller
   ECHO ************************
+  CALL :mkcp scripts\magisk_uninstaller.sh uninstaller\common
   FOR /F "tokens=* USEBACKQ" %%F IN (`ziptools\win_bin\date "+%%Y%%m%%d"`) DO (set timestamp=%%F)
   CD uninstaller
   2>NUL DEL "../Magisk-uninstaller-%timestamp%.zip"

build.sh

@@ -24,8 +24,12 @@ cleanup() {
   ls zip_static/arm64/* | grep -v "busybox" | xargs rm -rfv
   ls zip_static/x86/* | grep -v "busybox" | xargs rm -rfv
   ls zip_static/x64/* | grep -v "busybox" | xargs rm -rfv
-  rm -rfv zip_static/META-INF/com/google/android/update-binary 
+  rm -rfv zip_static/META-INF/com/google/android/update-binary
+  rm -rfv zip_static/common/custom_ramdisk_patch.sh
+  rm -rfv zip_static/common/magisksu.sh
+  rm -rfv zip_static/common/init.magisk.rc
   rm -rfv zip_static/common/magic_mask.sh
+  rm -rfv uninstaller/common
   rm -rfv uninstaller/arm
   rm -rfv uninstaller/arm64
   rm -rfv uninstaller/x86
@@ -51,8 +55,8 @@ build_bin() {
   echo "************************"
   echo "* Copying binaries"
   echo "************************"
-  mkcp "libs/armeabi/*" zip_static/arm
-  mkcp libs/armeabi/bootimgtools uninstaller/arm
+  mkcp "libs/armeabi-v7a/*" zip_static/arm
+  mkcp libs/armeabi-v7a/bootimgtools uninstaller/arm
   mkcp "libs/arm64-v8a/*" zip_static/arm64
   mkcp libs/arm64-v8a/bootimgtools uninstaller/arm64
   mkcp "libs/x86/*" zip_static/x86
@@ -71,6 +75,9 @@ zip_package() {
   echo "************************"
   echo "* Zipping Magisk v$1"
   echo "************************"
+  cp -afv scripts/custom_ramdisk_patch.sh zip_static/common/custom_ramdisk_patch.sh
+  cp -afv scripts/magisksu.sh zip_static/common/magisksu.sh
+  cp -afv scripts/init.magisk.rc zip_static/common/init.magisk.rc
   cd zip_static
   find . -type f -exec chmod 644 {} \;
   find . -type d -exec chmod 755 {} \;
@@ -85,6 +92,7 @@ zip_uninstaller() {
   echo "************************"
   echo "* Zipping uninstaller"
   echo "************************"
+  mkcp scripts/magisk_uninstaller.sh uninstaller/common
   cd uninstaller
   find . -type f -exec chmod 644 {} \;
   find . -type d -exec chmod 755 {} \;

jni/Application.mk

@@ -1,4 +1,4 @@
-APP_ABI := x86 x86_64 armeabi arm64-v8a
+APP_ABI := x86 x86_64 armeabi-v7a arm64-v8a
 APP_PIE = true
 APP_PLATFORM := android-21
 APP_CPPFLAGS += -std=c++11

jni/magiskhide/hide.c

@@ -12,6 +12,8 @@ int hideMagisk() {
 		// Termination called
 		if(pid == -1) break;
 
+		manage_selinux();
+
 		snprintf(buffer, sizeof(buffer), "/proc/%d/ns/mnt", pid);
 		if((fd = open(buffer, O_RDONLY)) == -1) continue; // Maybe process died..
 		if(setns(fd, 0) == -1) {

jni/magiskhide/magiskhide.h

@@ -18,9 +18,11 @@
 #include <sys/stat.h>
 #include <sys/resource.h>
 
-#define LOGFILE 	"/cache/magisk.log"
-#define HIDELIST 	"/magisk/.core/magiskhide/hidelist"
-#define DUMMYPATH	"/dev/magisk/dummy"
+#define LOGFILE 		"/cache/magisk.log"
+#define HIDELIST 		"/magisk/.core/magiskhide/hidelist"
+#define DUMMYPATH		"/dev/magisk/dummy"
+#define ENFORCE_FILE 	"/sys/fs/selinux/enforce"
+#define SEPOLICY_INJECT "/data/magisk/sepolicy-inject"
 
 // Main thread
 void monitor_proc();
@@ -38,6 +40,7 @@ char **file_to_str_arr(FILE *fp, int *size);
 void read_namespace(const int pid, char* target, const size_t size);
 void lazy_unmount(const char* mountpoint);
 void run_as_daemon();
+void manage_selinux();
 
 // Global variable sharing through process/threads
 extern FILE *logfile;

jni/magiskhide/proc_monitor.c

@@ -10,7 +10,7 @@ void monitor_proc() {
 	printf("%s\n", init_ns);
 
 	// Get the mount namespace of zygote
-	FILE *p = popen("/data/busybox/ps | grep zygote | grep -v grep", "r");
+	FILE *p = popen("ps | grep zygote | grep -v grep", "r");
 	while(fgets(buffer, sizeof(buffer), p)) {
 		if (zygote_num == 2) break;
 		sscanf(buffer, "%d", &pid);

jni/magiskhide/util.c

@@ -56,4 +56,36 @@ void run_as_daemon() {
 		default:
 			exit(0); 
 	}
-}
+}
+
+void manage_selinux() {
+	char *argv[] = { SEPOLICY_INJECT, "--live", "permissive *", NULL };
+	char str[20];
+	int fd, ret;
+	fd = open(ENFORCE_FILE, O_RDONLY);
+	if (fd < 0)
+		return;
+	ret = read(fd, str, 20);
+	close(fd);
+	if (ret < 1)
+		return;
+	// Permissive
+	if (str[0] == '0') {
+		fprintf(logfile, "MagiskHide: Permissive detected, switching to pseudo enforced\n");
+		fd = open(ENFORCE_FILE, O_RDWR);
+		if (fd < 0)
+			return;
+		ret = write(fd, "1", 1);
+		close(fd);
+		if (ret < 1)
+			return;
+		switch(fork()) {
+			case -1:
+				return;
+			case 0:
+				execvp(argv[0], argv);
+			default:
+				return;
+		}
+	}
+}

scripts/custom_ramdisk_patch.sh

@@ -1,8 +1,9 @@
 #!/system/bin/sh
 
 RAMDISK=$1
-BINDIR=$2
-[ -z $BINDIR ] && BINDIR=/data/magisk
+BINDIR=/data/magisk
+[ ! -e $BINDIR ] && BINDIR=/cache/data_bin
+[ ! -e $BINDIR ] && exit
 SYSTEMLIB=/system/lib
 [ -d /system/lib64 ] && SYSTEMLIB=/system/lib64
 
@@ -30,29 +31,34 @@ cpio_rm() {
   fi
 }
 
+file_contain() {
+  grep "$1" "$2" >/dev/null 2>&1
+  return $?
+}
+
 rm -rf /tmp/magisk/ramdisk 2>/dev/null
 mkdir -p /tmp/magisk/ramdisk
 cd /tmp/magisk/ramdisk
 
 cat $RAMDISK | cpio -i
 
-# Patch ramdisk
-echo "- Patching ramdisk"
-
 # Cleanup SuperSU backups
 cpio_rm -r .subackup
 
 # Add magisk entrypoint
-for INIT in init*.rc; do
-  if [ `grep -c "import /init.environ.rc" $INIT` -ne "0" ] && [ `grep -c "import /init.magisk.rc" $INIT` -eq "0" ]; then
-    sed -i "/import \/init\.environ\.rc/iimport /init.magisk.rc" $INIT
-    cpio_add $INIT 750
-    break
+for RC in init*.rc; do
+  if file_contain "import /init.environ.rc" $RC && ! file_contain "import /init.magisk.rc" $RC; then
+    sed -i "/import \/init\.environ\.rc/iimport /init.magisk.rc" $RC
+    cpio_add $RC 750
+  fi
+  if file_contain "selinux.reload_policy" $RC; then
+    sed -i "/selinux.reload_policy/d" $RC
+    cpio_add $RC 750
   fi
 done
 
 # sepolicy patches
-LD_LIBRARY_PATH=$SYSTEMLIB $BINDIR/sepolicy-inject --magisk -P sepolicy
+LD_LIBRARY_PATH=$SYSTEMLIB $BINDIR/sepolicy-inject --load sepolicy --save sepolicy --minimal
 cpio_add sepolicy 644
 
 # Add new items

scripts/flash_script.sh

@@ -149,6 +149,11 @@ grep_prop() {
   cat $FILES 2>/dev/null | sed -n $REGEX | head -n 1
 }
 
+file_contain() {
+  grep "$1" "$2" >/dev/null 2>&1
+  return $?
+}
+
 unpack_boot() {
   rm -rf $UNPACKDIR $RAMDISK 2>/dev/null
   mkdir -p $UNPACKDIR
@@ -170,6 +175,7 @@ repack_boot() {
   cd $UNPACKDIR
   LD_LIBRARY_PATH=$SYSTEMLIB $BINDIR/bootimgtools --repack $BOOTIMAGE
   if [ -f chromeos ]; then
+    cp -af $CHROMEDIR /data/magisk
     echo " " > config
     echo " " > bootloader
     LD_LIBRARY_PATH=$SYSTEMLIB $CHROMEDIR/futility vbutil_kernel --pack new-boot.img.signed --keyblock $CHROMEDIR/kernel.keyblock --signprivate $CHROMEDIR/kernel_data_key.vbprivk --version 1 --vmlinuz new-boot.img --config config --arch arm --bootloader bootloader --flags 0x1
@@ -315,34 +321,37 @@ fi
 ui_print "- Constructing environment"
 
 if (is_mounted /data); then
-  rm -rf /data/busybox /data/magisk 2>/dev/null
-  mkdir -p /data/busybox
-  cp -af $BINDIR /data/magisk
-  cp -af $INSTALLER/common/init.magisk.rc $INSTALLER/common/magic_mask.sh /data/magisk
+  rm -rf /data/magisk 2>/dev/null
+  mkdir -p /data/magisk
+  cp -af $BINDIR/busybox $BINDIR/sepolicy-inject $BINDIR/resetprop $BINDIR/bootimgtools \
+         $INSTALLER/common/init.magisk.rc $INSTALLER/common/magic_mask.sh /data/magisk
   cp -af $INSTALLER/common/magisk.apk /data/magisk.apk
-  /data/magisk/busybox --install -s /data/busybox
-  ln -s /data/magisk/busybox /data/busybox/busybox
-  # Prevent issues
-  rm -f /data/busybox/su /data/busybox/sh /data/busybox/reboot
-  chcon -hR "u:object_r:system_file:s0" /data/magisk /data/busybox
-  chmod -R 755 /data/magisk /data/busybox
+  chmod -R 755 /data/magisk
+  chcon -h u:object_r:system_file:s0 /data/magisk /data/magisk/*
   PATH=/data/busybox:$PATH
-  BINDIR=/data/magisk
 else
   rm -rf /cache/data_bin 2>/dev/null
-  cp -af $BINDIR /cache/data_bin
-  cp -af $INSTALLER/common/init.magisk.rc $INSTALLER/common/magic_mask.sh /cache/data_bin
+  mkdir -p /cache/data_bin
+  cp -af $BINDIR/busybox $BINDIR/sepolicy-inject $BINDIR/resetprop $BINDIR/bootimgtools \
+         $INSTALLER/common/custom_ramdisk_patch.sh $INSTALLER/common/init.magisk.rc \
+         $INSTALLER/common/magic_mask.sh /cache/data_bin
   cp -af $INSTALLER/common/magisk.apk /cache/magisk.apk
   chmod -R 755 /cache/data_bin
-  BINDIR=/cache/data_bin
 fi
 
+# Temporary busybox for installation
+mkdir -p $TMPDIR/busybox
+$BINDIR/busybox --install -s $TMPDIR/busybox
+rm -f $TMPDIR/busybox/su $TMPDIR/busybox/sh $TMPDIR/busybox/reboot
+PATH=$TMPDIR/busybox:$PATH
+
+
 ##########################################################################################
 # Image
 ##########################################################################################
 
 # Fix SuperSU.....
-($BOOTMODE) && $BINDIR/sepolicy-inject -s fsck --live
+($BOOTMODE) && $BINDIR/sepolicy-inject --live "allow fsck * * *"
 
 if (is_mounted /data); then
   IMG=/data/magisk.img
@@ -365,8 +374,11 @@ if (! is_mounted /magisk); then
 fi
 MAGISKLOOP=$LOOPDEVICE
 
-mkdir -p /magisk/.core/magiskhide 2>/dev/null
-cp -af $INSTALLER/common/magiskhide/. /magisk/.core/magiskhide
+# Core folders and scripts
+mkdir -p $COREDIR/magiskhide $COREDIR/post-fs-data.d $COREDIR/service.d 2>/dev/null
+cp -af $INSTALLER/common/magiskhide/. $BINDIR/magiskhide $COREDIR/magiskhide
+chmod -R 755 $COREDIR/magiskhide $COREDIR/post-fs-data.d $COREDIR/service.d
+chown -R 0.0 $COREDIR/magiskhide $COREDIR/post-fs-data.d $COREDIR/service.d
 
 ##########################################################################################
 # Boot image patch
@@ -429,7 +441,7 @@ if ($SUPERSU); then
   fi
   rm -f $TMPDIR/boottmp/stock_boot.img $UNPACKDIR/ramdisk.orig.gz $UNPACKDIR/ramdisk.gz 2>/dev/null
   ui_print "- Patching ramdisk with sukernel"
-  sh /data/custom_ramdisk_patch.sh $UNPACKDIR/ramdisk $BINDIR
+  sh /data/custom_ramdisk_patch.sh $UNPACKDIR/ramdisk
   LD_LIBRARY_PATH=$SYSTEMLIB /su/bin/sukernel --cpio-backup $UNPACKDIR/ramdisk.orig $UNPACKDIR/ramdisk $UNPACKDIR/ramdisk
   gzip -9 < $UNPACKDIR/ramdisk > $UNPACKDIR/ramdisk.gz
   rm -f $UNPACKDIR/ramdisk $UNPACKDIR/ramdisk.orig
@@ -476,41 +488,33 @@ else
     fi
   fi
 
-  # Root
-  ROOT=false
-  if [ ! -d /magisk/phh ]; then
-    ui_print "- Installing phh's SuperUser"
-    ROOT=true
-  elif [ `grep_prop versionCode /magisk/phh/module.prop` -lt `grep_prop versionCode $INSTALLER/common/phh/module.prop` ]; then
-    ui_print "- Upgrading phh's SuperUser"
-    ROOT=true
-  fi
-
-  if ($ROOT); then
-    mkdir -p /magisk/phh/bin 2>/dev/null
-    mkdir -p /magisk/phh/su.d 2>/dev/null
-    cp -af $INSTALLER/common/phh/. /magisk/phh
-    cp -af $BINDIR/su $BINDIR/sepolicy-inject /magisk/phh/bin
-    chmod -R 755 /magisk/phh/bin
-  fi
+  # MagiskSU
+  ui_print "- Installing MagiskSU"
+  mkdir -p $COREDIR/su 2>/dev/null
+  cp -af $BINDIR/su $INSTALLER/common/magisksu.sh $COREDIR/su
+  chmod 755 $COREDIR/su/su $COREDIR/su/magisksu.sh
+  chown -R 0.0 $COREDIR/su/su $COREDIR/su/magisksu.sh
 
   # Patch ramdisk
   ui_print "- Patching ramdisk"
 
-  # Add magisk entrypoint
-  for INIT in init*.rc; do
-    if [ `grep -c "import /init.environ.rc" $INIT` -ne "0" ] && [ `grep -c "import /init.magisk.rc" $INIT` -eq "0" ]; then
-      cp $INIT .backup
-      sed -i "/import \/init\.environ\.rc/iimport /init.magisk.rc" $INIT
-      break
+  # Add magisk entrypoints
+  for RC in init*.rc; do
+    if file_contain "import /init.environ.rc" $RC && ! file_contain "import /init.magisk.rc" $RC; then
+      [ ! -f .backup/$RC ] && cp -af $RC .backup
+      sed -i "/import \/init\.environ\.rc/iimport /init.magisk.rc" $RC
+    fi
+    if file_contain "selinux.reload_policy" $RC; then
+      [ ! -f .backup/$RC ] && cp -af $RC .backup
+      sed -i "/selinux.reload_policy/d" $RC
     fi
   done
 
-  sed -i "/selinux.reload_policy/d" init.rc
-  find . -type f -name "*fstab*" 2>/dev/null | while read FSTAB ; do
+  for FSTAB in *fstab*; do
+    [ -L $FSTAB ] && continue
     if (! $KEEPVERITY); then
       sed -i "s/,support_scfs//g" $FSTAB
-      sed -i 's;,\{0,1\}verify\(=[^,]*\)\{0,1\};;g' $FSTAB
+      sed -i 's/,\{0,1\}verify\(=[^,]*\)\{0,1\}//g' $FSTAB
     fi
     if (! $KEEPFORCEENCRYPT); then
       sed -i "s/forceencrypt/encryptable/g" $FSTAB
@@ -521,8 +525,8 @@ else
     rm verity_key 2>/dev/null
   fi
 
-  # sepolicy patches
-  LD_LIBRARY_PATH=$SYSTEMLIB $BINDIR/sepolicy-inject --magisk -P sepolicy
+  # minimal sepolicy patches
+  LD_LIBRARY_PATH=$SYSTEMLIB $BINDIR/sepolicy-inject --load sepolicy --save sepolicy --minimal
 
   # Add new items
   mkdir -p magisk 2>/dev/null
@@ -531,6 +535,7 @@ else
 
   chmod 0755 magisk
   chmod 0750 init.magisk.rc sbin/magic_mask.sh
+  chown 0.0 magisk init.magisk.rc sbin/magic_mask.sh
 fi
 
 ui_print "- Repacking boot image"

scripts/init.magisk.rc

@@ -6,6 +6,7 @@ on post-fs
     rm /dev/.magisk.unblock
 
 on post-fs-data
+    load_persist_props
     start magisk_pfsd
     wait /dev/.magisk.unblock 60
     rm /dev/.magisk.unblock

scripts/magic_mask.sh

@@ -1,6 +1,8 @@
 #!/system/bin/sh
 
 LOGFILE=/cache/magisk.log
+DISABLEFILE=/cache/.disable_magisk
+UNINSTALLER=/cache/magisk_uninstaller.sh
 IMG=/data/magisk.img
 WHITELIST="/system/bin"
 
@@ -15,8 +17,12 @@ MOUNTINFO=$TMPDIR/mnt
 
 # Use the included busybox for maximum compatibility and reliable results
 # e.g. we rely on the option "-c" for cp (reserve contexts), and -exec for find
-TOOLPATH=/data/busybox
+TOOLPATH=/dev/busybox
 BINPATH=/data/magisk
+OLDPATH=$PATH
+export PATH=$TOOLPATH:$OLDPATH
+
+APPDIR=/data/data/com.topjohnwu.magisk/files
 
 # Default permissions
 umask 022
@@ -28,7 +34,7 @@ log_print() {
 }
 
 mktouch() {
-  mkdir -p ${1%/*} 2>/dev/null
+  mkdir -p "${1%/*}" 2>/dev/null
   if [ -z "$2" ]; then
     touch "$1" 2>/dev/null
   else
@@ -45,6 +51,7 @@ in_list() {
 
 unblock() {
   touch /dev/.magisk.unblock
+  chcon u:object_r:device:s0 /dev/.magisk.unblock
   exit
 }
 
@@ -54,12 +61,20 @@ run_scripts() {
     if [ ! -f $MOD/disable ]; then
       if [ -f $MOD/$1.sh ]; then
         chmod 755 $MOD/$1.sh
-        chcon "u:object_r:system_file:s0" "$MOD/$1.sh"
+        chcon u:object_r:system_file:s0 $MOD/$1.sh
         log_print "$1: $MOD/$1.sh"
         sh $MOD/$1.sh
       fi
     fi
   done
+  for SCRIPT in $COREDIR/${1}.d/* ; do
+    if [ -f "$SCRIPT" ]; then
+      chmod 755 $SCRIPT
+      chcon u:object_r:system_file:s0 $SCRIPT
+      log_print "${1}.d: $SCRIPT"
+      sh $SCRIPT
+    fi
+  done
 }
 
 loopsetup() {
@@ -73,7 +88,7 @@ loopsetup() {
 }
 
 target_size_check() {
-  e2fsck -p -f $1
+  e2fsck -p -f "$1"
   curBlocks=`e2fsck -n $1 2>/dev/null | cut -d, -f3 | cut -d\  -f2`;
   curUsedM=$((`echo "$curBlocks" | cut -d/ -f1` * 4 / 1024));
   curSizeM=$((`echo "$curBlocks" | cut -d/ -f2` * 4 / 1024));
@@ -84,39 +99,41 @@ travel() {
   # Ignore /system/vendor, we will handle it differently
   [ "$1" = "system/vendor" ] && return
 
-  cd $TRAVEL_ROOT/$1
+  cd "$TRAVEL_ROOT/$1"
   if [ -f .replace ]; then
-    rm -rf $MOUNTINFO/$1
-    mktouch $MOUNTINFO/$1 $TRAVEL_ROOT
+    rm -rf "$MOUNTINFO/$1"
+    mktouch "$MOUNTINFO/$1" "$TRAVEL_ROOT"
   else
     for ITEM in * ; do
-      if [ ! -e /$1/$ITEM ]; then
-        # New item found
+      # This means it an empty folder (shouldn't happen, but better to be safe)
+      [ "$ITEM" = "*" ] && return;
+      # Target not found or target/file is a symlink
+      if [ ! -e "/$1/$ITEM" -o -L "/$1/$ITEM" -o -L "$ITEM" ]; then
         # If we are in a higher level, delete the lower levels
-        rm -rf $MOUNTINFO/dummy/$1
+        rm -rf "$MOUNTINFO/dummy/$1" 2>/dev/null
         # Mount the dummy parent
-        mktouch $MOUNTINFO/dummy/$1
+        mktouch "$MOUNTINFO/dummy/$1"
 
-        if [ -d $ITEM ]; then
+        if [ -d "$ITEM" ]; then
           # Create new dummy directory and mount it
-          mkdir -p $DUMMDIR/$1/$ITEM
-          mktouch $MOUNTINFO/$1/$ITEM $TRAVEL_ROOT
-        elif [ -L $ITEM ]; then
-          # Symlinks are small, copy them
-          mkdir -p $DUMMDIR/$1 2>/dev/null
-          cp -afc $ITEM $DUMMDIR/$1/$ITEM
+          mkdir -p "$DUMMDIR/$1/$ITEM"
+          mktouch "$MOUNTINFO/$1/$ITEM" "$TRAVEL_ROOT"
+        elif [ -L "$ITEM" ]; then
+          # Copy symlinks
+          mkdir -p "$DUMMDIR/$1" 2>/dev/null
+          cp -afc "$ITEM" $"DUMMDIR/$1/$ITEM"
         else
           # Create new dummy file and mount it
-          mktouch $DUMMDIR/$1/$ITEM
-          mktouch $MOUNTINFO/$1/$ITEM $TRAVEL_ROOT
+          mktouch "$DUMMDIR/$1/$ITEM"
+          mktouch "$MOUNTINFO/$1/$ITEM" "$TRAVEL_ROOT"
         fi
       else
-        if [ -d $ITEM ]; then
+        if [ -d "$ITEM" ]; then
           # It's an directory, travel deeper
-          (travel $1/$ITEM)
-        elif [ ! -L $ITEM ]; then
+          (travel "$1/$ITEM")
+        elif [ ! -L "$ITEM" ]; then
           # Mount this file
-          mktouch $MOUNTINFO/$1/$ITEM $TRAVEL_ROOT
+          mktouch "$MOUNTINFO/$1/$ITEM" "$TRAVEL_ROOT"
         fi
       fi
     done
@@ -125,28 +142,29 @@ travel() {
 
 clone_dummy() {
   LINK=false
-  in_list $1 "$WHITELIST" && LINK=true
+  in_list "$1" "$WHITELIST" && LINK=true
 
   for ITEM in $MIRRDIR$1/* ; do
-    REAL=${ITEM#$MIRRDIR}
-    if [ -d $MOUNTINFO$REAL ]; then
+    REAL="${ITEM#$MIRRDIR}"
+    if [ -d "$MOUNTINFO$REAL" ]; then
       # Need to clone deeper
-      mkdir -p $DUMMDIR$REAL
-      (clone_dummy $REAL)
-    else
-      if [ -L $ITEM ]; then
+      mkdir -p "$DUMMDIR$REAL"
+      (clone_dummy "$REAL")
+    elif [ ! -f "$DUMMDIR$REAL" ]; then
+      # It's not the file to be added/replaced, clone it
+      if [ -L "$ITEM" ]; then
         # Copy original symlink
-        cp -afc $ITEM $DUMMDIR$REAL
+        cp -afc "$ITEM" "$DUMMDIR$REAL"
       else
-        if $LINK && [ ! -e $MOUNTINFO$REAL ]; then
-          ln -s $MIRRDIR$REAL $DUMMDIR$REAL
+        if $LINK && [ ! -e "$MOUNTINFO$REAL" ]; then
+          ln -s "$MIRRDIR$REAL" "$DUMMDIR$REAL"
         else
-          if [ -d $ITEM ]; then
-            mkdir -p $DUMMDIR$REAL
+          if [ -d "$ITEM" ]; then
+            mkdir -p "$DUMMDIR$REAL"
           else
-            mktouch $DUMMDIR$REAL
+            mktouch "$DUMMDIR$REAL"
           fi
-          [ ! -e $MOUNTINFO$REAL ] && mktouch $MOUNTINFO/mirror$REAL
+          [ ! -e "$MOUNTINFO$REAL" ] && mktouch "$MOUNTINFO/mirror$REAL"
         fi
       fi
     fi
@@ -154,8 +172,8 @@ clone_dummy() {
 }
 
 bind_mount() {
-  if [ -e $1 -a -e $2 ]; then
-    mount -o bind $1 $2
+  if [ -e "$1" -a -e "$2" ]; then
+    mount -o bind "$1" "$2"
     if [ $? -eq 0 ]; then 
       log_print "Mount: $1"
     else 
@@ -245,13 +263,15 @@ case $1 in
     # Cleanup legacy stuffs...
     rm -rf /cache/magisk /cache/magisk_merge /cache/magiskhide.log
 
+    [ -f $DISABLEFILE -o -f $UNINSTALLER ] && unblock
+
     if [ -d /cache/magisk_mount ]; then
       log_print "* Mounting cache files"
       find /cache/magisk_mount -type f 2>/dev/null | while read ITEM ; do
-        chmod 644 $ITEM
-        chcon "u:object_r:system_file:s0" $ITEM
-        TARGET=${ITEM#/cache/magisk_mount}
-        bind_mount $ITEM $TARGET
+        chmod 644 "$ITEM"
+        chcon u:object_r:system_file:s0 "$ITEM"
+        TARGET="${ITEM#/cache/magisk_mount}"
+        bind_mount "$ITEM" "$TARGET"
       done
     fi
 
@@ -266,32 +286,40 @@ case $1 in
     # Don't run twice
     if [ "`getprop magisk.restart_pfsd`" != "1" ]; then
 
-      export OLDPATH=$PATH
-      export PATH=$TOOLPATH:$OLDPATH
-
       log_print "** Magisk post-fs-data mode running..."
 
       # Cache support
-      if [ -d "/cache/data_bin" ]; then
-        rm -rf $BINPATH $TOOLPATH
-        mkdir -p $TOOLPATH
-        mv /cache/data_bin $BINPATH
-        chmod -R 755 $BINPATH $TOOLPATH
-        $BINPATH/busybox --install -s $TOOLPATH
-        ln -s $BINPATH/busybox $TOOLPATH/busybox
-        # Prevent issues
-        rm -f $TOOLPATH/su $TOOLPATH/sh $TOOLPATH/reboot
-      fi
-
       mv /cache/stock_boot.img /data/stock_boot.img 2>/dev/null
       mv /cache/magisk.apk /data/magisk.apk 2>/dev/null
+      mv /cache/custom_ramdisk_patch.sh /data/custom_ramdisk_patch.sh 2>/dev/null
 
-      find $BINPATH -exec chcon -h "u:object_r:system_file:s0" {} \;
-      find $TOOLPATH -exec chcon -h "u:object_r:system_file:s0" {} \;
-      chmod -R 755 $BINPATH $TOOLPATH
+      if [ -d /cache/data_bin ]; then
+        rm -rf $BINPATH
+        mv /cache/data_bin $BINPATH
+      fi
+
+      chmod -R 755 $BINPATH
+      chown -R 0.0 $BINPATH
 
       # Live patch sepolicy
-      $BINPATH/sepolicy-inject --live -s su
+      $BINPATH/sepolicy-inject --live
+
+      if [ -f $UNINSTALLER ]; then
+        touch /dev/.magisk.unblock
+        chcon u:object_r:device:s0 /dev/.magisk.unblock
+        BOOTMODE=true sh $UNINSTALLER
+        exit
+      fi
+
+      # Set up environment
+      mkdir -p $TOOLPATH
+      $BINPATH/busybox --install -s $TOOLPATH
+      ln -s $BINPATH/busybox $TOOLPATH/busybox
+      # Prevent issues
+      rm -f $TOOLPATH/su $TOOLPATH/sh $TOOLPATH/reboot
+      chmod -R 755 $TOOLPATH
+      chown -R 0.0 $TOOLPATH
+      find $BINPATH $TOOLPATH -exec chcon -h u:object_r:system_file:s0 {} \;
 
       # Multirom functions should go here, not available right now
       MULTIROM=false
@@ -314,12 +342,13 @@ case $1 in
 
       # Remove empty directories, legacy paths, symlinks, old temporary images
       find $MOUNTPOINT -type d -depth ! -path "*core*" -exec rmdir {} \; 2>/dev/null
-      rm -rf $COREDIR/bin $COREDIR/dummy $COREDIR/mirror /data/magisk/*.img 2>/dev/null
+      rm -rf $MOUNTPOINT/zzsupersu $MOUNTPOINT/phh $COREDIR/bin $COREDIR/dummy $COREDIR/mirror \
+             $COREDIR/busybox /data/magisk/*.img /data/busybox 2>/dev/null
 
-      # Remove modules that is labeled to be removed
+      # Remove modules that are labeled to be removed
       for MOD in $MOUNTPOINT/* ; do
         rm -f $MOD/system/placeholder 2>/dev/null
-        if [ -f $MOD/remove ] || [ $MOD = zzsupersu ]; then
+        if [ -f $MOD/remove ]; then
           log_print "Remove module: $MOD"
           rm -rf $MOD
         fi
@@ -327,7 +356,7 @@ case $1 in
 
       # Unmount, shrink, remount
       if umount $MOUNTPOINT; then
-        losetup -d $LOOPDEVICE
+        losetup -d $LOOPDEVICE 2>/dev/null
         target_size_check $IMG
         NEWDATASIZE=$(((curUsedM / 32 + 2) * 32))
         if [ "$curSizeM" -gt "$NEWDATASIZE" ]; then
@@ -342,13 +371,14 @@ case $1 in
         fi
       fi
 
-      log_print "* Preparing modules"
+      # Start MagiskSU if no SuperSU
+      export PATH=$OLDPATH
+      [ ! -f /sbin/launch_daemonsu.sh ] && sh $COREDIR/su/magisksu.sh
+      export PATH=$TOOLPATH:$OLDPATH
 
-      # Disable phh and Magisk Hide for SuperSU
-      if [ -f /sbin/launch_daemonsu.sh ]; then
-        touch /magisk/phh/disable 2>/dev/null
-        rm -f $COREDIR/magiskhide/enable 2>/dev/null
-      fi
+      [ -f $DISABLEFILE ] && unblock
+
+      log_print "* Preparing modules"
 
       mkdir -p $DUMMDIR
       mkdir -p $MIRRDIR/system
@@ -365,8 +395,6 @@ case $1 in
 
       # Travel through all mods
       for MOD in $MOUNTPOINT/* ; do
-        # Read in defined system props
-        [ -f $MOD/system.prop ] && /data/magisk/resetprop --file $MOD/system.prop
         if [ -f $MOD/auto_mount -a -d $MOD/system -a ! -f $MOD/disable ]; then
           TRAVEL_ROOT=$MOD
           (travel system)
@@ -379,7 +407,7 @@ case $1 in
       done
 
       # Proper permissions for generated items
-      find $TMPDIR -exec chcon -h "u:object_r:system_file:s0" {} \;
+      find $TMPDIR -exec chcon -h u:object_r:system_file:s0 {} \;
 
       # linker(64), t*box required for bin
       if [ -f $MOUNTINFO/dummy/system/bin ]; then
@@ -411,10 +439,10 @@ case $1 in
       mv -f $MOUNTINFO/dummy/system/vendor $MOUNTINFO/dummy/vendor 2>/dev/null
       mv -f $DUMMDIR/system/vendor $DUMMDIR/vendor 2>/dev/null
       find $MOUNTINFO/dummy -type f 2>/dev/null | while read ITEM ; do
-        TARGET=${ITEM#$MOUNTINFO/dummy}
-        ORIG=$DUMMDIR$TARGET
-        (clone_dummy $TARGET)
-        bind_mount $ORIG $TARGET
+        TARGET="${ITEM#$MOUNTINFO/dummy}"
+        ORIG="$DUMMDIR$TARGET"
+        (clone_dummy "$TARGET")
+        bind_mount "$ORIG" "$TARGET"
       done
 
       # Check if the dummy /system/bin is empty, it shouldn't
@@ -422,27 +450,22 @@ case $1 in
 
       # Stage 3
       log_print "* Stage 3: Mount module items"
-      find $MOUNTINFO/system -type f 2>/dev/null | while read ITEM ; do
-        TARGET=${ITEM#$MOUNTINFO}
-        ORIG=`cat $ITEM`$TARGET
-        bind_mount $ORIG $TARGET
-      done
-      find $MOUNTINFO/vendor -type f 2>/dev/null | while read ITEM ; do
-        TARGET=${ITEM#$MOUNTINFO}
-        ORIG=`cat $ITEM`$TARGET
-        bind_mount $ORIG $TARGET
+      find $MOUNTINFO/system $MOUNTINFO/vendor -type f 2>/dev/null | while read ITEM ; do
+        TARGET="${ITEM#$MOUNTINFO}"
+        ORIG="`cat "$ITEM"`$TARGET"
+        bind_mount "$ORIG" "$TARGET"
       done
 
       # Stage 4
-      log_print "* Stage 4: Execute module scripts"
+      log_print "* Stage 4: Execute scripts"
       run_scripts post-fs-data
 
       # Stage 5
       log_print "* Stage 5: Mount mirrored items back to dummy"
       find $MOUNTINFO/mirror -type f 2>/dev/null | while read ITEM ; do
-        TARGET=${ITEM#$MOUNTINFO/mirror}
-        ORIG=$MIRRDIR$TARGET
-        bind_mount $ORIG $TARGET
+        TARGET="${ITEM#$MOUNTINFO/mirror}"
+        ORIG="$MIRRDIR$TARGET"
+        bind_mount "$ORIG" "$TARGET"
       done
 
       # Bind hosts for Adblock apps
@@ -451,16 +474,6 @@ case $1 in
         bind_mount $COREDIR/hosts /system/etc/hosts
       fi
 
-      # Expose busybox
-      if [ -f $COREDIR/busybox/enable ]; then
-        log_print "* Enabling BusyBox"
-        cp -afc /data/busybox/. $COREDIR/busybox
-        cp -afc /system/xbin/. $COREDIR/busybox
-        chmod -R 755 $COREDIR/busybox
-        chcon -hR "u:object_r:system_file:s0" $COREDIR/busybox
-        bind_mount $COREDIR/busybox /system/xbin
-      fi
-
       if [ -f /data/magisk.apk ]; then
         if [ -z `ls /data/app | grep com.topjohnwu.magisk` ]; then
           mkdir /data/app/com.topjohnwu.magisk-1
@@ -475,6 +488,17 @@ case $1 in
         rm -f /data/magisk.apk 2>/dev/null
       fi
 
+      for MOD in $MOUNTPOINT/* ; do
+        # Read in defined system props
+        if [ -f $MOD/system.prop ]; then
+          log_print "* Reading props from $MOD/system.prop"
+          /data/magisk/resetprop --file $MOD/system.prop
+        fi
+      done
+
+      # Expose busybox
+      [ "`getprop persist.magisk.busybox`" = "1" ] && sh /sbin/magic_mask.sh mount_busybox
+
       # Restart post-fs-data if necessary (multirom)
       $MULTIROM && setprop magisk.restart_pfsd 1
 
@@ -482,34 +506,25 @@ case $1 in
     unblock
     ;;
 
+  mount_busybox )
+    log_print "* Enabling BusyBox"
+    cp -afc /system/xbin/. $TOOLPATH
+    umount /system/xbin 2>/dev/null
+    bind_mount $TOOLPATH /system/xbin
+    ;;
+
   service )
     # Version info
     MAGISK_VERSION_STUB
     log_print "** Magisk late_start service mode running..."
-    run_scripts service
-
-    # Magisk Hide
-    if [ -f $COREDIR/magiskhide/enable ]; then
-      log_print "* Removing tampered read-only system props"
-
-      VERIFYBOOT=`getprop ro.boot.verifiedbootstate`
-      FLASHLOCKED=`getprop ro.boot.flash.locked`
-      VERITYMODE=`getprop ro.boot.veritymode`
-
-      [ ! -z "$VERIFYBOOT" -a "$VERIFYBOOT" != "green" ] && \
-      log_print "`$BINPATH/resetprop -v -n ro.boot.verifiedbootstate green`"
-      [ ! -z "$FLASHLOCKED" -a "$FLASHLOCKED" != "1" ] && \
-      log_print "`$BINPATH/resetprop -v -n ro.boot.flash.locked 1`"
-      [ ! -z "$VERITYMODE" -a "$VERITYMODE" != "enforcing" ] && \
-      log_print "`$BINPATH/resetprop -v -n ro.boot.veritymode enforcing`"
-
-      mktouch $COREDIR/magiskhide/hidelist
-      chmod -R 755 $COREDIR/magiskhide
-      # Add Safety Net preset
-      $COREDIR/magiskhide/add com.google.android.gms.unstable
-      log_print "* Starting Magisk Hide"
-      /data/magisk/magiskhide --daemon
+    if [ -f $DISABLEFILE ]; then
+      setprop ro.magisk.disable 1
+      exit
     fi
+    run_scripts service
+    
+    # Start MagiskHide
+    [ "`getprop persist.magisk.hide`" = "1" ] && sh $COREDIR/magiskhide/enable
     ;;
 
 esac

scripts/magisk_uninstaller.sh

@@ -0,0 +1,150 @@
+#!/system/bin/sh
+
+[ -z $BOOTMODE ] && BOOTMODE=false
+TMPDIR=/tmp
+($BOOTMODE) && TMPDIR=/dev/tmp
+
+BINDIR=/data/magisk
+CHROMEDIR=$BINDIR/chromeos
+
+NEWBOOT=$TMPDIR/boottmp/new-boot.img
+UNPACKDIR=$TMPDIR/boottmp/bootunpack
+RAMDISK=$TMPDIR/boottmp/ramdisk
+
+SYSTEMLIB=/system/lib
+[ -d /system/lib64 ] && SYSTEMLIB=/system/lib64
+
+ui_print() {
+  echo "$1"
+}
+
+grep_prop() {
+  REGEX="s/^$1=//p"
+  shift
+  FILES=$@
+  if [ -z "$FILES" ]; then
+    FILES='/system/build.prop'
+  fi
+  cat $FILES 2>/dev/null | sed -n $REGEX | head -n 1
+}
+
+find_boot_image() {
+  if [ -z "$BOOTIMAGE" ]; then
+    for PARTITION in kern-a KERN-A android_boot ANDROID_BOOT kernel KERNEL boot BOOT lnx LNX; do
+      BOOTIMAGE=`readlink /dev/block/by-name/$PARTITION || readlink /dev/block/platform/*/by-name/$PARTITION || readlink /dev/block/platform/*/*/by-name/$PARTITION`
+      if [ ! -z "$BOOTIMAGE" ]; then break; fi
+    done
+  fi
+  if [ -z "$BOOTIMAGE" ]; then
+    FSTAB="/etc/recovery.fstab"
+    [ ! -f "$FSTAB" ] && FSTAB="/etc/recovery.fstab.bak"
+    [ -f "$FSTAB" ] && BOOTIMAGE=`grep -E '\b/boot\b' "$FSTAB" | grep -oE '/dev/[a-zA-Z0-9_./-]*'`
+  fi
+}
+
+unpack_boot() {
+  rm -rf $UNPACKDIR $RAMDISK 2>/dev/null
+  mkdir -p $UNPACKDIR
+  mkdir -p $RAMDISK
+  cd $UNPACKDIR
+  LD_LIBRARY_PATH=$SYSTEMLIB $BINDIR/bootimgtools --extract $1
+
+  cd $RAMDISK
+  $BINDIR/busybox gunzip -c < $UNPACKDIR/ramdisk.gz | cpio -i
+}
+
+repack_boot() {
+  cd $RAMDISK
+  find . | cpio -o -H newc 2>/dev/null | gzip -9 > $UNPACKDIR/ramdisk.gz
+  cd $UNPACKDIR
+  LD_LIBRARY_PATH=$SYSTEMLIB $BINDIR/bootimgtools --repack $BOOTIMAGE
+  if [ -f chromeos ]; then
+    echo " " > config
+    echo " " > bootloader
+    LD_LIBRARY_PATH=$SYSTEMLIB $CHROMEDIR/futility vbutil_kernel --pack new-boot.img.signed --keyblock $CHROMEDIR/kernel.keyblock --signprivate $CHROMEDIR/kernel_data_key.vbprivk --version 1 --vmlinuz new-boot.img --config config --arch arm --bootloader bootloader --flags 0x1
+    rm -f new-boot.img
+    mv new-boot.img.signed new-boot.img
+  fi
+  if ($SAMSUNG); then
+    SAMSUNG_CHECK=$(cat new-boot.img | grep SEANDROIDENFORCE)
+    if [ $? -ne 0 ]; then
+      echo -n "SEANDROIDENFORCE" >> new-boot.img
+    fi
+  fi
+  if ($LGE_G); then
+    # Prevent secure boot error on LG G2/G3.
+    # Just for know, It's a pattern which bootloader verifies at boot. Thanks to LG hackers.
+    echo -n -e "\x41\xa9\xe4\x67\x74\x4d\x1d\x1b\xa4\x29\xf2\xec\xea\x65\x52\x79" >> new-boot.img
+  fi
+  mv new-boot.img $NEWBOOT
+}
+
+# Set permissions
+chmod -R 755 $CHROMEDIR/futility $BINDIR
+
+# Find the boot image
+find_boot_image
+if [ -z "$BOOTIMAGE" ]; then
+  ui_print "! Unable to detect boot image"
+  exit 1
+fi
+
+ui_print "- Found Boot Image: $BOOTIMAGE"
+
+# Detect special vendors 
+SAMSUNG=false
+SAMSUNG_CHECK=$(cat /system/build.prop | grep "ro.build.fingerprint=" | grep -i "samsung")
+if [ $? -eq 0 ]; then
+  SAMSUNG=true
+fi
+LGE_G=false
+RBRAND=$(grep_prop ro.product.brand)
+RMODEL=$(grep_prop ro.product.device)
+if [ "$RBRAND" = "lge" ] || [ "$RBRAND" = "LGE" ];  then 
+  if [ "$RMODEL" = "*D80*" ] || 
+     [ "$RMODEL" = "*S98*" ] || 
+     [ "$RMODEL" = "*D85*" ] ||
+     [ "$RMODEL" = "*F40*" ]; then
+    LGE_G=true
+    ui_print "! Bump device detected"
+  fi
+fi
+
+# First unpack the boot image
+unpack_boot $BOOTIMAGE
+
+SUPERSU=false
+[ -f sbin/launch_daemonsu.sh ] && SUPERSU=true
+
+if ($SUPERSU); then
+  ui_print "- SuperSU patched image detected"
+  rm -f magisk sbin/init.magisk.rc sbin/magic_mask.sh
+  repack_boot
+else
+  if [ -f /data/stock_boot.img ]; then
+    ui_print "- Boot image backup found!"
+    NEWBOOT=/data/stock_boot.img
+  else
+    ui_print "! Boot image backup unavailable"
+    if [ -d ".backup" ]; then
+      ui_print "- Restoring ramdisk with backup"
+      cp -af .backup/. .
+    fi
+    rm -f magisk sbin/init.magisk.rc sbin/magic_mask.sh
+    repack_boot
+  fi
+fi
+
+chmod 644 $NEWBOOT
+
+ui_print "- Flashing stock/reverted image"
+[ ! -L "$BOOTIMAGE" ] && dd if=/dev/zero of=$BOOTIMAGE bs=4096 2>/dev/null
+dd if=$NEWBOOT of=$BOOTIMAGE bs=4096
+
+ui_print "- Removing Magisk files"
+rm -rf  /cache/magisk.log /cache/last_magisk.log /cache/magiskhide.log /cache/.disable_magisk \
+        /cache/magisk /cache/magisk_merge /cache/magisk_mount  /cache/unblock /cache/magisk_uninstaller.sh \
+        /data/Magisk.apk /data/magisk.apk /data/magisk.img /data/magisk_merge.img \
+        /data/busybox /data/magisk /data/custom_ramdisk_patch.sh 2>/dev/null
+
+($BOOTMODE) && reboot

scripts/magisksu.sh

@@ -0,0 +1,28 @@
+#!/system/bin/sh
+
+MODDIR=${0%/*}
+LOGFILE=/cache/magisk.log
+
+log_print() {
+  echo "MagiskSU: $1"
+  echo "MagiskSU: $1" >> $LOGFILE
+  log -p i -t Magisk "MagiskSU: $1"
+}
+
+log_print "Moving and linking /sbin binaries"
+mount -o rw,remount rootfs /
+cp -af /sbin /sbin_orig
+mount -o ro,remount rootfs /
+
+log_print "Exposing su binary"
+rm -rf /magisk/.core/bin $MODDIR/sbin_bind
+mkdir -p $MODDIR/sbin_bind
+ln -s /sbin_orig/* $MODDIR/sbin_bind
+chcon -h u:object_r:rootfs:s0 $MODDIR/sbin_bind/*
+chmod 755 $MODDIR/sbin_bind
+ln -s $MODDIR/su $MODDIR/sbin_bind/su
+ln -s /data/magisk/sepolicy-inject $MODDIR/sbin_bind/sepolicy-inject
+mount -o bind $MODDIR/sbin_bind /sbin
+
+log_print "Starting su daemon"
+/sbin/su --daemon

uninstaller/META-INF/com/google/android/update-binary

@@ -10,12 +10,6 @@
 
 INSTALLER=/tmp/uninstall
 
-# Boot Image Variables
-CHROMEDIR=$INSTALLER/chromeos
-NEWBOOT=$TMPDIR/boottmp/new-boot.img
-UNPACKDIR=$TMPDIR/boottmp/bootunpack
-RAMDISK=$TMPDIR/boottmp/ramdisk
-
 # Default permissions
 umask 022
 
@@ -69,20 +63,6 @@ getvar() {
   eval $VARNAME=\$VALUE
 }
 
-find_boot_image() {
-  if [ -z "$BOOTIMAGE" ]; then
-    for PARTITION in kern-a KERN-A android_boot ANDROID_BOOT kernel KERNEL boot BOOT lnx LNX; do
-      BOOTIMAGE=`readlink /dev/block/by-name/$PARTITION || readlink /dev/block/platform/*/by-name/$PARTITION || readlink /dev/block/platform/*/*/by-name/$PARTITION`
-      if [ ! -z "$BOOTIMAGE" ]; then break; fi
-    done
-  fi
-  if [ -z "$BOOTIMAGE" ]; then
-    FSTAB="/etc/recovery.fstab"
-    [ ! -f "$FSTAB" ] && FSTAB="/etc/recovery.fstab.bak"
-    [ -f "$FSTAB" ] && BOOTIMAGE=`grep -E '\b/boot\b' "$FSTAB" | grep -oE '/dev/[a-zA-Z0-9_./-]*'`
-  fi
-}
-
 is_mounted() {
   if [ ! -z "$2" ]; then
     cat /proc/mounts | grep $1 | grep $2, >/dev/null
@@ -102,122 +82,6 @@ grep_prop() {
   cat $FILES 2>/dev/null | sed -n $REGEX | head -n 1
 }
 
-mount_image() {
-  if [ ! -d "$2" ]; then
-    mount -o rw,remount rootfs /
-    mkdir -p $2 2>/dev/null
-    ($BOOTMODE) && mount -o ro,remount rootfs /
-    [ ! -d "$2" ] && return 1
-  fi
-  if (! is_mounted $2); then
-    LOOPDEVICE=
-    for LOOP in 0 1 2 3 4 5 6 7; do
-      if (! is_mounted $2); then
-        LOOPDEVICE=/dev/block/loop$LOOP
-        if [ ! -f "$LOOPDEVICE" ]; then
-          mknod $LOOPDEVICE b 7 $LOOP 2>/dev/null
-        fi
-        losetup $LOOPDEVICE $1
-        if [ "$?" -eq "0" ]; then
-          mount -t ext4 -o loop $LOOPDEVICE $2
-          if (! is_mounted $2); then
-            /system/bin/toolbox mount -t ext4 -o loop $LOOPDEVICE $2
-          fi
-          if (! is_mounted $2); then
-            /system/bin/toybox mount -t ext4 -o loop $LOOPDEVICE $2
-          fi
-        fi
-        if (is_mounted $2); then
-          ui_print "- Mounting $1 to $2"
-          break;
-        fi
-      fi
-    done
-  fi
-}
-
-unpack_boot() {
-  rm -rf $UNPACKDIR $RAMDISK 2>/dev/null
-  mkdir -p $UNPACKDIR
-  mkdir -p $RAMDISK
-  cd $UNPACKDIR
-  LD_LIBRARY_PATH=$SYSTEMLIB $BINDIR/bootimgtools --extract $1
-
-  cd $RAMDISK
-  gunzip -c < $UNPACKDIR/ramdisk.gz | cpio -i
-}
-
-repack_boot() {
-  cd $RAMDISK
-  find . | cpio -o -H newc 2>/dev/null | gzip -9 > $UNPACKDIR/ramdisk.gz
-  cd $UNPACKDIR
-  LD_LIBRARY_PATH=$SYSTEMLIB $BINDIR/bootimgtools --repack $BOOTIMAGE
-  if [ -f chromeos ]; then
-    echo " " > config
-    echo " " > bootloader
-    LD_LIBRARY_PATH=$SYSTEMLIB $CHROMEDIR/futility vbutil_kernel --pack new-boot.img.signed --keyblock $CHROMEDIR/kernel.keyblock --signprivate $CHROMEDIR/kernel_data_key.vbprivk --version 1 --vmlinuz new-boot.img --config config --arch arm --bootloader bootloader --flags 0x1
-    rm -f new-boot.img
-    mv new-boot.img.signed new-boot.img
-  fi
-  if ($SAMSUNG); then
-    SAMSUNG_CHECK=$(cat new-boot.img | grep SEANDROIDENFORCE)
-    if [ $? -ne 0 ]; then
-      echo -n "SEANDROIDENFORCE" >> new-boot.img
-    fi
-  fi
-  if ($LGE_G); then
-    # Prevent secure boot error on LG G2/G3.
-    # Just for know, It's a pattern which bootloader verifies at boot. Thanks to LG hackers.
-    echo -n -e "\x41\xa9\xe4\x67\x74\x4d\x1d\x1b\xa4\x29\xf2\xec\xea\x65\x52\x79" >> new-boot.img
-  fi
-  mv new-boot.img $NEWBOOT
-}
-
-revert_boot() {
-  rm -rf $TMPDIR/boottmp 2>/dev/null
-  mkdir -p $TMPDIR/boottmp
-
-  ui_print "- Unpacking boot image"
-  unpack_boot $BOOTIMAGE
-
-  SUPERSU=false
-  [ -f sbin/launch_daemonsu.sh ] && SUPERSU=true
-
-  if ($SUPERSU); then
-    ui_print "- SuperSU patched boot detected!"
-    SUIMG=/data/su.img
-    mount_image $SUIMG /su
-    if (is_mounted /su); then
-      SUPERSULOOP=$LOOPDEVICE
-      gunzip -c < $UNPACKDIR/ramdisk.gz > $UNPACKDIR/ramdisk
-      ui_print "- Using sukernel to restore ramdisk"
-      # Restore ramdisk
-      LD_LIBRARY_PATH=$SYSTEMLIB /su/bin/sukernel --cpio-restore $UNPACKDIR/ramdisk $UNPACKDIR/ramdisk
-      if [ $? -ne 0 ]; then
-        ui_print "! Unable to restore ramdisk"
-        ui_print "! Will still remove Magisk additions"
-      fi
-      rm -rf $RAMDISK
-      mkdir -p $RAMDISK
-      cd $RAMDISK
-      cpio -i < $UNPACKDIR/ramdisk
-      rm -f $UNPACKDIR/ramdisk
-    fi
-  elif [ -d ".backup" ]; then
-    ui_print "- Restoring ramdisk with backup"
-    cp -af .backup/. .
-  else
-    ui_print "! No ramdisk backup found"
-    ui_print "! Will still remove Magisk additions"
-  fi
-
-  # Remove possible boot modifications
-  rm -rf magisk init.magisk.rc sbin/magic_mask.sh .backup 2>/dev/null
-
-  ui_print "- Repacking boot image"
-  repack_boot
-}
-
 ##########################################################################################
 # Main
 ##########################################################################################
@@ -241,25 +105,6 @@ if [ ! -f '/system/build.prop' ]; then
   exit 1
 fi
 
-SAMSUNG=false
-SAMSUNG_CHECK=$(cat /system/build.prop | grep "ro.build.fingerprint=" | grep -i "samsung")
-if [ $? -eq 0 ]; then
-  SAMSUNG=true
-fi
-
-LGE_G=false
-RBRAND=$(grep_prop ro.product.brand)
-RMODEL=$(grep_prop ro.product.device)
-if [ "$RBRAND" = "lge" ] || [ "$RBRAND" = "LGE" ];  then 
-  if [ "$RMODEL" = "*D80*" ] || 
-     [ "$RMODEL" = "*S98*" ] || 
-     [ "$RMODEL" = "*D85*" ] ||
-     [ "$RMODEL" = "*F40*" ]; then
-    LGE_G=true
-    ui_print "! Bump device detected"
-  fi
-fi
-
 API=$(grep_prop ro.build.version.sdk)
 ABI=$(grep_prop ro.product.cpu.abi | cut -c-3)
 ABI2=$(grep_prop ro.product.cpu.abi2 | cut -c-3)
@@ -273,18 +118,12 @@ if [ "$ABILONG" = "arm64-v8a" ]; then ARCH=arm64; IS64BIT=true; fi;
 if [ "$ABILONG" = "x86_64" ]; then ARCH=x64; IS64BIT=true; fi;
 
 ui_print "- Device platform: $ARCH"
-
+CHROMEDIR=$INSTALLER/chromeos
 BINDIR=$INSTALLER/$ARCH
-chmod -R 755 $CHROMEDIR/futility $BINDIR
 
-SYSTEMLIB=/system/lib
-($IS64BIT) && SYSTEMLIB=/system/lib64
-
-find_boot_image
-if [ -z "$BOOTIMAGE" ]; then
-  ui_print "! Unable to detect boot image"
-  exit 1
-fi
+# Copy the binaries to /data/magisk
+mkdir -p /data/magisk 2>/dev/null
+cp -af $BINDIR/bootimgtools $CHROMEDIR /data/magisk
 
 ##########################################################################################
 # Detection all done, start installing
@@ -293,48 +132,20 @@ fi
 ui_print "- Found Boot Image: $BOOTIMAGE"
 
 if (is_mounted /data); then
-  PATH=/data/busybox:$PATH
-  cp -f /data/stock_boot_*.gz /data/stock_boot.img.gz 2>/dev/null
-  gunzip -d < /data/stock_boot.img.gz > /data/stock_boot.img 2>/dev/null
-  rm -f /data/stock_boot.img.gz 2>/dev/null
-  if [ -f /data/stock_boot.img ]; then
-    ui_print "- Boot image backup found!"
-    NEWBOOT=/data/stock_boot.img
-  else
-    ui_print "! Boot image backup unavalible, try using ramdisk backup"
-    revert_boot
-  fi
-  ui_print "- Removing Magisk files"
-  rm -rf  /cache/magisk.log /cache/last_magisk.log /cache/magiskhide.log \
-          /cache/magisk /cache/magisk_merge /cache/magisk_mount  /cache/unblock \
-          /data/Magisk.apk /data/magisk.apk /data/magisk.img /data/magisk_merge.img \
-          /data/busybox /data/magisk /data/custom_ramdisk_patch.sh 2>/dev/null
+  ui_print "- Running uninstaller scripts"
+  sh $INSTALLER/common/magisk_uninstaller.sh
 else
   ui_print "! Data unavailable"
-  ui_print "! Impossible to restore original boot image"
-  ui_print "! Try using ramdisk backup"
-  revert_boot
-  ui_print "- Removing Magisk files"
-  rm -rf  /cache/magisk.log /cache/last_magisk.log /cache/magiskhide.log \
-          /cache/magisk /cache/magisk_merge /cache/magisk_mount /cache/unblock 2>/dev/null
-  ui_print "*****************************************"
-  ui_print "     Magisk is not fully removed yet     "
-  ui_print " Please manually remove /data/magisk.img "
-  ui_print "*****************************************"
+  ui_print "! Placing uninstall script to /cache"
+  ui_print "! The device will reboot multiple times"
+  cp -af $INSTALLER/common/magisk_uninstaller.sh /cache/magisk_uninstaller.sh
+  umount /system
+  sleep 5
+  reboot
 fi
 
 chmod 644 $NEWBOOT
 
-ui_print "- Flashing reverted image"
-[ ! -L "$BOOTIMAGE" ] && dd if=/dev/zero of=$BOOTIMAGE bs=4096 2>/dev/null
-dd if=$NEWBOOT of=$BOOTIMAGE bs=4096
-
 umount /system
-if [ ! -z $SUPERSU ]; then
-  umount /su
-  losetup -d $SUPERSULOOP
-  rmdir /su
-fi
-
 ui_print "- Done"
 exit 0

zip_static/common/magiskhide/add

@@ -1,11 +1,14 @@
 #!/system/bin/sh
 
 HIDELIST=/magisk/.core/magiskhide/hidelist
+PROCESS=$1
+TOOLPATH=/dev/busybox
 
-if [ ! -z "$1" ]; then
-  if [ $(grep -c "^$1$" $HIDELIST) -eq "0" ]; then
-    echo "$1" >> $HIDELIST
-    set `/data/busybox/ps -o pid,args | grep "$1" | grep -v "grep"`
-    kill "$1"
+if [ ! -z "$PROCESS" ]; then
+  if [ `grep -c "^$PROCESS$" $HIDELIST` -eq "0" ]; then
+    echo "$PROCESS" >> $HIDELIST
+    set --
+    set `$TOOLPATH/ps -o pid,args | grep "$PROCESS" | grep -v grep` >/dev/null
+    [ ! -z "$1" ] && kill "$1"
   fi
 fi

zip_static/common/magiskhide/disable

@@ -0,0 +1,27 @@
+#!/system/bin/sh
+
+MODDIR=/magisk/.core/magiskhide
+LOGFILE=/cache/magisk.log
+TOOLPATH=/dev/busybox
+
+log_print() {
+  echo "MagiskHide: $1"
+  echo "MagiskHide: $1" >> $LOGFILE
+  log -p i -t Magisk "MagiskHide: $1"
+}
+
+# Only disable when MagiskHide is started
+ps | grep "magiskhide --daemon" | grep -v grep >/dev/null 2>&1 || exit
+
+log_print "Stopping MagiskHide daemon"
+
+set --
+set `$TOOLPATH/ps -o pid,args | grep "magiskhide" | grep -v grep | head -1` >/dev/null
+[ ! -z "$1" ] && kill "$1"
+
+while read PROCESS; do
+  log_print "Killing $PROCESS"
+  set --
+  set `$TOOLPATH/ps -o pid,args | grep "$PROCESS" | grep -v grep` >/dev/null
+  [ ! -z "$1" ] && kill "$1"
+done < $MODDIR/hidelist

zip_static/common/magiskhide/enable

@@ -0,0 +1,43 @@
+#!/system/bin/sh
+
+MODDIR=/magisk/.core/magiskhide
+BINPATH=/data/magisk
+LOGFILE=/cache/magisk.log
+TOOLPATH=/dev/busybox
+
+log_print() {
+  echo "MagiskHide: $1"
+  echo "MagiskHide: $1" >> $LOGFILE
+  log -p i -t Magisk "MagiskHide: $1"
+}
+
+# Only enable when isn't started
+ps | grep "magiskhide --daemon" | grep -v grep >/dev/null 2>&1 && exit
+
+log_print "Removing tampered read-only system props"
+
+VERIFYBOOT=`getprop ro.boot.verifiedbootstate`
+FLASHLOCKED=`getprop ro.boot.flash.locked`
+VERITYMODE=`getprop ro.boot.veritymode`
+
+[ ! -z "$VERIFYBOOT" -a "$VERIFYBOOT" != "green" ] && \
+log_print "`$BINPATH/resetprop -v -n ro.boot.verifiedbootstate green`"
+[ ! -z "$FLASHLOCKED" -a "$FLASHLOCKED" != "1" ] && \
+log_print "`$BINPATH/resetprop -v -n ro.boot.flash.locked 1`"
+[ ! -z "$VERITYMODE" -a "$VERITYMODE" != "enforcing" ] && \
+log_print "`$BINPATH/resetprop -v -n ro.boot.veritymode enforcing`"
+
+touch $MODDIR/hidelist
+chmod -R 755 $MODDIR
+# Add Safety Net preset
+$MODDIR/add com.google.android.gms.unstable
+
+while read PROCESS; do
+  log_print "Killing $PROCESS"
+  set --
+  set `$TOOLPATH/ps -o pid,args | grep "$PROCESS" | grep -v grep` >/dev/null
+  [ ! -z "$1" ] && kill "$1"
+done < $MODDIR/hidelist
+
+log_print "Starting MagiskHide daemon"
+$MODDIR/magiskhide --daemon

zip_static/common/magiskhide/rm

@@ -1,11 +1,14 @@
 #!/system/bin/sh
 
 HIDELIST=/magisk/.core/magiskhide/hidelist
+PROCESS=$1
+TOOLPATH=/dev/busybox
 
-if [ ! -z "$1" ]; then
+if [ ! -z "$PROCESS" ]; then
   cp -af $HIDELIST $HIDELIST.tmp
-  cat $HIDELIST.tmp | grep -v "^$1$" > $HIDELIST
+  cat $HIDELIST.tmp | grep -v "^$PROCESS$" > $HIDELIST
   rm -f $HIDELIST.tmp
-  set `/data/busybox/ps -o pid,args | grep "$1" | grep -v "grep"`
-  kill "$1"
+  set --
+  set `$TOOLPATH/ps -o pid,args | grep "$PROCESS" | grep -v grep` >/dev/null
+  [ ! -z "$1" ] && kill "$1"
 fi

zip_static/common/phh/module.prop

@@ -1,8 +0,0 @@
-id=phh
-name=phh's SuperUser
-version=topjohnwu r2
-versionCode=7
-author=phhusson & topjohnwu
-description=OpenSource SELinux-capable SuperUser
-support=http://forum.xda-developers.com/showthread.php?t=3216394
-donate=http://forum.xda-developers.com/donatetome.php?u=1915408

zip_static/common/phh/service.sh

@@ -1,46 +0,0 @@
-#!/system/bin/sh
-
-LOGFILE=/cache/magisk.log
-MODDIR=${0%/*}
-
-log_print() {
-  echo $1
-  echo "phh: $1" >> $LOGFILE
-  log -p i -t phh "$1"
-}
-
-# Disable the other root
-[ -d "/magisk/zzsupersu" ] && touch /magisk/zzsupersu/disable
-
-log_print "Live patching sepolicy"
-$MODDIR/bin/sepolicy-inject --live
-
-log_print "Moving and linking /sbin binaries"
-mount -o rw,remount rootfs /
-mv /sbin /sbin_orig
-mkdir /sbin
-chmod 755 /sbin
-ln -s /sbin_orig/* /sbin
-mount -o ro,remount rootfs /
-
-# Expose the root path
-log_print "Mounting supath"
-rm -rf /magisk/.core/bin $MODDIR/sbin_bind
-mkdir -p $MODDIR/sbin_bind 
-/data/busybox/cp -afc /sbin/. $MODDIR/sbin_bind
-chmod 755 $MODDIR/sbin_bind
-ln -s $MODDIR/bin/* $MODDIR/sbin_bind
-mount -o bind $MODDIR/sbin_bind /sbin
-
-# Run su.d
-for script in $MODDIR/su.d/* ; do
-  if [ -f "$script" ]; then
-    chmod 755 $script
-    log_print "su.d: $script"
-    sh $script
-  fi
-done
-
-log_print "Starting su daemon"
-[ ! -z $OLDPATH ] && export PATH=$OLDPATH
-/sbin/su --daemon