TheArchive/Magisk
1
0
Fork 0
mirror of https://github.com/topjohnwu/Magisk.git synced 2025-12-11 17:35:40 +00:00
Code Issues Packages Projects Releases Wiki Activity

Compare commits

base: TheArchive:v13.0
Branches Tags
TheArchive:master
TheArchive:v30.6 TheArchive:v30.5 TheArchive:v30.4 TheArchive:v30.3 TheArchive:v30.2 TheArchive:v30.1 TheArchive:v30.0 TheArchive:canary-29001 TheArchive:v29.0 TheArchive:canary-28104 TheArchive:canary-28103 TheArchive:canary-28102 TheArchive:canary-28101 TheArchive:v28.1 TheArchive:canary-28003 TheArchive:canary-28002 TheArchive:canary-28001 TheArchive:v28.0 TheArchive:canary-27008 TheArchive:canary-27007 TheArchive:canary-27006 TheArchive:canary-27005 TheArchive:v27.0 TheArchive:v26.4 TheArchive:v26.3 TheArchive:v26.2 TheArchive:v26.1 TheArchive:v26.0 TheArchive:v25.2 TheArchive:v25.1 TheArchive:v25.0 TheArchive:v24.3 TheArchive:v24.2 TheArchive:v24.1 TheArchive:v24.0 TheArchive:v23.0 TheArchive:v22.1 TheArchive:v22.0 TheArchive:manager-v8.0.7 TheArchive:v21.4 TheArchive:manager-v8.0.6 TheArchive:v21.3 TheArchive:manager-v8.0.5 TheArchive:manager-v8.0.4 TheArchive:v21.2 TheArchive:v21.1 TheArchive:manager-v8.0.3 TheArchive:manager-v8.0.2 TheArchive:manager-v8.0.1 TheArchive:v21.0 TheArchive:manager-v8.0.0 TheArchive:v20.4 TheArchive:v20.3 TheArchive:manager-v7.5.1 TheArchive:manager-v7.5.0 TheArchive:v20.2 TheArchive:v20.1 TheArchive:manager-v7.4.0 TheArchive:v20.0 TheArchive:manager-v7.3.5 TheArchive:manager-v7.3.4 TheArchive:v19.4 TheArchive:manager-v7.3.2 TheArchive:manager-v7.3.1 TheArchive:manager-v7.3.0 TheArchive:v19.3 TheArchive:manager-v7.2.0 TheArchive:v19.2 TheArchive:manager-v7.1.2 TheArchive:v19.1 TheArchive:manager-v7.1.1 TheArchive:manager-v7.1.0 TheArchive:v19.0 TheArchive:manager-v7.0.0 TheArchive:v18.1 TheArchive:manager-v6.1.0 TheArchive:v18.0 TheArchive:v17.3 TheArchive:manager-v6.0.1 TheArchive:v17.2 TheArchive:manager-v6.0.0 TheArchive:v17.1 TheArchive:manager-v5.9.1 TheArchive:v17.0 TheArchive:manager-v5.9.0 TheArchive:v16.7 TheArchive:manager-v5.8.3 TheArchive:manager-v5.8.2 TheArchive:manager-v5.8.1 TheArchive:v16.6 TheArchive:manager-v5.8.0 TheArchive:v16.4 TheArchive:manager-v5.7.0 TheArchive:v16.3 TheArchive:manager-v5.6.4 TheArchive:v16.2 TheArchive:manager-v5.6.3 TheArchive:v16.1 TheArchive:manager-v5.6.2 TheArchive:v16.0 TheArchive:manager-v5.6.1 TheArchive:v15.4 TheArchive:manager-v5.6.0 TheArchive:v15.3 TheArchive:manager-v5.5.5 TheArchive:manager-v5.5.4 TheArchive:v15.2 TheArchive:manager-v5.5.3 TheArchive:v15.1 TheArchive:manager-v5.5.2 TheArchive:v15.0 TheArchive:manager-v5.5.1 TheArchive:v14.6 TheArchive:manager-v5.5.0 TheArchive:v14.5 TheArchive:manager-v5.4.3 TheArchive:manager-v5.4.2 TheArchive:v14.3 TheArchive:manager-v5.4.0 TheArchive:v14.2 TheArchive:manager-v5.3.5 TheArchive:v14.0 TheArchive:manager-v5.3.0 TheArchive:manager-v5.2.0 TheArchive:manager-v5.1.1 TheArchive:v13.3 TheArchive:manager-v5.1.0 TheArchive:manager-v5.0.6 TheArchive:manager-v5.0.5 TheArchive:v13.2 TheArchive:v13.1 TheArchive:manager-v5.0.4 TheArchive:v13.0 TheArchive:manager-v4.3.3 TheArchive:manager-v4.3.2 TheArchive:manager-v4.3.1 TheArchive:manager-v4.3.0 TheArchive:v12.0 TheArchive:v11.6 TheArchive:manager-v4.2.7 TheArchive:v11.5 TheArchive:manager-v4.2.6 TheArchive:manager-v4.2.5 TheArchive:manager-v4.2 TheArchive:v11.1 TheArchive:manager-v4.1 TheArchive:manager-v4.0 TheArchive:v11.0 TheArchive:manager-v3.1 TheArchive:v10.1 TheArchive:manager-v3.0 TheArchive:v10 TheArchive:v9 TheArchive:v8 TheArchive:v7
..
compare: TheArchive:v14.0
Branches Tags
TheArchive:master
TheArchive:v30.6 TheArchive:v30.5 TheArchive:v30.4 TheArchive:v30.3 TheArchive:v30.2 TheArchive:v30.1 TheArchive:v30.0 TheArchive:canary-29001 TheArchive:v29.0 TheArchive:canary-28104 TheArchive:canary-28103 TheArchive:canary-28102 TheArchive:canary-28101 TheArchive:v28.1 TheArchive:canary-28003 TheArchive:canary-28002 TheArchive:canary-28001 TheArchive:v28.0 TheArchive:canary-27008 TheArchive:canary-27007 TheArchive:canary-27006 TheArchive:canary-27005 TheArchive:v27.0 TheArchive:v26.4 TheArchive:v26.3 TheArchive:v26.2 TheArchive:v26.1 TheArchive:v26.0 TheArchive:v25.2 TheArchive:v25.1 TheArchive:v25.0 TheArchive:v24.3 TheArchive:v24.2 TheArchive:v24.1 TheArchive:v24.0 TheArchive:v23.0 TheArchive:v22.1 TheArchive:v22.0 TheArchive:manager-v8.0.7 TheArchive:v21.4 TheArchive:manager-v8.0.6 TheArchive:v21.3 TheArchive:manager-v8.0.5 TheArchive:manager-v8.0.4 TheArchive:v21.2 TheArchive:v21.1 TheArchive:manager-v8.0.3 TheArchive:manager-v8.0.2 TheArchive:manager-v8.0.1 TheArchive:v21.0 TheArchive:manager-v8.0.0 TheArchive:v20.4 TheArchive:v20.3 TheArchive:manager-v7.5.1 TheArchive:manager-v7.5.0 TheArchive:v20.2 TheArchive:v20.1 TheArchive:manager-v7.4.0 TheArchive:v20.0 TheArchive:manager-v7.3.5 TheArchive:manager-v7.3.4 TheArchive:v19.4 TheArchive:manager-v7.3.2 TheArchive:manager-v7.3.1 TheArchive:manager-v7.3.0 TheArchive:v19.3 TheArchive:manager-v7.2.0 TheArchive:v19.2 TheArchive:manager-v7.1.2 TheArchive:v19.1 TheArchive:manager-v7.1.1 TheArchive:manager-v7.1.0 TheArchive:v19.0 TheArchive:manager-v7.0.0 TheArchive:v18.1 TheArchive:manager-v6.1.0 TheArchive:v18.0 TheArchive:v17.3 TheArchive:manager-v6.0.1 TheArchive:v17.2 TheArchive:manager-v6.0.0 TheArchive:v17.1 TheArchive:manager-v5.9.1 TheArchive:v17.0 TheArchive:manager-v5.9.0 TheArchive:v16.7 TheArchive:manager-v5.8.3 TheArchive:manager-v5.8.2 TheArchive:manager-v5.8.1 TheArchive:v16.6 TheArchive:manager-v5.8.0 TheArchive:v16.4 TheArchive:manager-v5.7.0 TheArchive:v16.3 TheArchive:manager-v5.6.4 TheArchive:v16.2 TheArchive:manager-v5.6.3 TheArchive:v16.1 TheArchive:manager-v5.6.2 TheArchive:v16.0 TheArchive:manager-v5.6.1 TheArchive:v15.4 TheArchive:manager-v5.6.0 TheArchive:v15.3 TheArchive:manager-v5.5.5 TheArchive:manager-v5.5.4 TheArchive:v15.2 TheArchive:manager-v5.5.3 TheArchive:v15.1 TheArchive:manager-v5.5.2 TheArchive:v15.0 TheArchive:manager-v5.5.1 TheArchive:v14.6 TheArchive:manager-v5.5.0 TheArchive:v14.5 TheArchive:manager-v5.4.3 TheArchive:manager-v5.4.2 TheArchive:v14.3 TheArchive:manager-v5.4.0 TheArchive:v14.2 TheArchive:manager-v5.3.5 TheArchive:v14.0 TheArchive:manager-v5.3.0 TheArchive:manager-v5.2.0 TheArchive:manager-v5.1.1 TheArchive:v13.3 TheArchive:manager-v5.1.0 TheArchive:manager-v5.0.6 TheArchive:manager-v5.0.5 TheArchive:v13.2 TheArchive:v13.1 TheArchive:manager-v5.0.4 TheArchive:v13.0 TheArchive:manager-v4.3.3 TheArchive:manager-v4.3.2 TheArchive:manager-v4.3.1 TheArchive:manager-v4.3.0 TheArchive:v12.0 TheArchive:v11.6 TheArchive:manager-v4.2.7 TheArchive:v11.5 TheArchive:manager-v4.2.6 TheArchive:manager-v4.2.5 TheArchive:manager-v4.2 TheArchive:v11.1 TheArchive:manager-v4.1 TheArchive:manager-v4.0 TheArchive:v11.0 TheArchive:manager-v3.1 TheArchive:v10.1 TheArchive:manager-v3.0 TheArchive:v10 TheArchive:v9 TheArchive:v8 TheArchive:v7

118 Commits
v13.0 ... v14.0

Author SHA1 Message Date
topjohnwu
44b93e7cc4 Bump Magisk Manager version 2017-09-06 23:33:46 +08:00
topjohnwu
0eb79e5acd Update scripts 2017-09-06 23:33:46 +08:00
topjohnwu
eceba26894 Make MagiskHide work without magisk.img 2017-09-06 02:25:40 +08:00
topjohnwu
0bf404f75e Bump busybox to 1.27.2 2017-09-05 21:45:13 +08:00
topjohnwu
cd8dd65a65 chcon on Android 5.0 doesn't support -h options 2017-09-05 21:44:53 +08:00
topjohnwu
50c56f8b50 Simplify flash scripts 2017-09-05 21:44:22 +08:00
topjohnwu
9e9f8ca8f3 Restore cwd 2017-09-02 23:28:17 +08:00
topjohnwu
f63af0601c Support Magisk Manager boot image file patch 2017-08-31 03:08:09 +08:00
topjohnwu
189c671ce2 Rewrite environment setup 2017-08-31 02:20:06 +08:00
topjohnwu
bb39a01361 Minor adjust magiskpolicy 2017-08-28 02:14:14 +08:00
topjohnwu
764999704a Collect va_list before fork 2017-08-27 02:17:37 +08:00
topjohnwu
ecfa4aafc1 Fix clone_attr 2017-08-26 23:19:56 +08:00
topjohnwu
a1e33c4d2f Build everything ourselves 2017-08-24 12:14:17 +08:00
topjohnwu
7f8ba74dac Add hide Magisk Manager feature 2017-08-22 03:02:08 +08:00
topjohnwu
e3df62d812 Refactor several utility functions 2017-08-20 21:36:32 +08:00
topjohnwu
1913125881 Update README.MD 2017-08-20 15:03:26 +08:00
topjohnwu
e8e58f3fed Adjust run_command 2017-08-19 19:27:51 +08:00
topjohnwu
1ca9ec384b Fix typo in cloning attribute 2017-08-19 18:59:06 +08:00
topjohnwu
9522255e3a Proper magisk manual injection support 2017-08-17 03:46:01 +08:00
topjohnwu
2a22fa694e Fix removing modules from images 2017-08-17 02:19:14 +08:00
topjohnwu
1591f5a0ca Update magiskpolicy help message 2017-08-17 00:58:02 +08:00
topjohnwu
3bc4e9a724 Finalize docs 2017-08-17 00:41:50 +08:00
topjohnwu
f7a6bb0723 Add more details and tips 2017-08-15 10:13:19 +08:00
topjohnwu
e9c17a3ef7 Add bootstages docs 2017-08-15 02:27:07 +08:00
topjohnwu
29bb5840b5 Fix duplicate in applets.md 2017-08-15 01:38:22 +08:00
topjohnwu
c9d8d860f6 Update diagram link 2017-08-15 01:32:24 +08:00
topjohnwu
cc18096882 Update docs 2017-08-15 01:28:45 +08:00
topjohnwu
15f2a664d1 Update help messages 2017-08-15 01:25:54 +08:00
topjohnwu
70b4f62ddc Update links 2017-08-14 03:54:05 +08:00
topjohnwu
e1023fdfaf Fix typo in procedure chart 2017-08-14 03:52:37 +08:00
topjohnwu
5e9648387a Merge module and repo docs 2017-08-14 03:46:23 +08:00
topjohnwu
2ba8b4df67 Complete module.md 2017-08-14 03:25:11 +08:00
topjohnwu
3a084c5d7b Add docs 2017-08-14 02:41:27 +08:00
topjohnwu
f7200e39c3 Bump MagiskManager version 2017-08-13 01:50:36 +08:00
topjohnwu
a7dfc20967 Adjust several operation orders 2017-08-13 01:15:18 +08:00
topjohnwu
6eb7c0b5d6 Add new util functions for new template version 2017-08-12 23:15:39 +08:00
topjohnwu
0b3c078aeb Fix README.MD 2017-08-12 19:17:06 +08:00
topjohnwu
750872cc37 Add boot actions 2017-08-12 17:03:31 +08:00
topjohnwu
29895ff474 Fix multiuser in user independent mode 2017-08-12 01:09:20 +08:00
topjohnwu
44adccc147 Add magisk binary mirror 2017-08-11 17:43:36 +08:00
topjohnwu
2a7e2c70b5 Extract functions 2017-08-11 14:53:24 +08:00
topjohnwu
8d431b6762 Remove IS_VENDOR flag (not needed) 2017-08-11 14:53:17 +08:00
topjohnwu
273849c0c8 Reorganize functions 2017-08-11 11:07:58 +08:00
topjohnwu
5cc14405c7 Combine image related functions 2017-08-10 17:26:37 +08:00
topjohnwu
f0cfd60e62 Fix multiuser 2017-08-07 00:32:04 +08:00
topjohnwu
d6547f0701 Fix installer options not read properly 2017-08-04 23:49:22 +08:00
topjohnwu
3b68905037 Swap buffer to fix module scripts 2017-08-03 18:07:34 +08:00
topjohnwu
eae611c54d Add b64xz to handle busybox decode/decompress in scripts 2017-08-02 18:25:24 +08:00
topjohnwu
b37bad35c2 Fuse busybox into update-binary and remove from Magisk Manager APK 2017-08-02 02:22:33 +08:00
topjohnwu
5fab15fee5 Add busybox into PATH for scripts 2017-08-01 15:34:16 +08:00
topjohnwu
10c8ea17aa Fix debug message 2017-08-01 01:24:27 +08:00
topjohnwu
7058c8ff5a Force main binaries recompile everytime 2017-07-31 23:52:50 +08:00
topjohnwu
64e85da59f Merge Android.mk 2017-07-31 23:47:50 +08:00
topjohnwu
f79fad64aa Fix several script issues 2017-07-31 23:31:40 +08:00
topjohnwu
cb70eebb08 Update scripts 2017-07-31 03:03:52 +08:00
topjohnwu
edaf8787d1 Provide external files to Magisk Manager with build script 2017-07-31 00:59:41 +08:00
topjohnwu
24164c8580 Add busybox to source 2017-07-30 20:14:12 +08:00
topjohnwu
9fca7011aa Move headers 2017-07-30 18:15:00 +08:00
topjohnwu
b13eb3fd40 Force start logd ASAP 2017-07-25 05:33:25 +08:00
topjohnwu
b7986a351c Overcome some quirks in Android Lollipop 2017-07-25 05:33:25 +08:00
topjohnwu
ce87591c62 Fix unable to get SHA1 value issue 2017-07-25 02:40:26 +08:00
topjohnwu
25c289ad3e Fix typo in uninstaller 2017-07-19 03:24:07 +08:00
topjohnwu
8c5f11b7dd Update Magisk Manager 2017-07-19 02:34:23 +08:00
topjohnwu
7f7dda9ec2 Update uninstaller 2017-07-19 02:22:07 +08:00
topjohnwu
9c1005ff0c Update to Google CTS (2017.7.17) 2017-07-19 02:22:07 +08:00
topjohnwu
5b36b4472c Update and add new resetprop features 2017-07-19 02:22:07 +08:00
topjohnwu
a3fcc64aaa MagiskBoot log to stderr 2017-07-18 11:53:28 +08:00
topjohnwu
f3078bc903 Update MagiskSU 2017-07-16 23:39:27 +08:00
topjohnwu
6072744f7e Prevent logcat monitors crashing 2017-07-16 23:39:27 +08:00
topjohnwu
a87ad35a50 Check Android version before actually doing anything 
Close #233
 2017-07-14 01:13:49 +08:00
topjohnwu
cf56d7e4ed Let core-only mode run hosts and magiskhide 2017-07-14 00:54:43 +08:00
topjohnwu
e33a5eb307 Set proper selinux context for /sbin re-link 2017-07-14 00:51:42 +08:00
topjohnwu
e5b704eb32 Several cleanups 2017-07-13 23:42:01 +08:00
topjohnwu
56457bd325 Fix lzma compressed ramdisk 
Fix issue #222
 2017-07-13 10:22:55 +08:00
topjohnwu
bdbb3c6657 Eliminate a potential segfault in magiskpolicy 
Huge props to @jenslody for finding out the issue!
Fix #278
 2017-07-13 10:13:14 +08:00
topjohnwu
c4d7001489 Fix Pixel C flashing errors 
Use return values instead of creating a file to indicate a chromeos image
Fix #264
 2017-07-13 02:14:10 +08:00
topjohnwu
c07bac9a63 Bump MagiskManager version 2017-07-11 01:54:26 +08:00
topjohnwu
d27d04783f Add version info into util_functions 2017-07-11 01:54:11 +08:00
topjohnwu
58de5a7ec7 Prevent a slight chance to crash 2017-07-11 01:53:45 +08:00
topjohnwu
504a9b4746 MagiskHide refactor 2017-07-10 23:41:21 +08:00
topjohnwu
cccb5a3e08 Update comments 2017-07-10 22:48:14 +08:00
topjohnwu
d75fa62cab Adjust run_command function 2017-07-10 22:29:53 +08:00
topjohnwu
3d43c3c5bc Update scripts 2017-07-10 00:17:34 +08:00
topjohnwu
b570b363d9 Cleanup file descriptors and add more info 2017-07-08 23:51:58 +08:00
topjohnwu
b9968aa1e6 Add mount-master option to su 2017-07-08 01:13:12 +08:00
topjohnwu
c0d77808f6 Update selinux from upstream 2017-07-07 23:08:18 +08:00
topjohnwu
9679492c28 Match resetprop files with AOSP 2017-07-07 22:29:55 +08:00
topjohnwu
f3b68e6543 Seperate external shared libraries 2017-07-07 22:11:00 +08:00
topjohnwu
0dcfaaf5ff Adjust hide policies 2017-07-07 17:52:25 +08:00
topjohnwu
ba513dcb9a Use sqlite stub 2017-07-07 17:14:37 +08:00
topjohnwu
ebabc60477 Update Magisk Manager 2017-07-03 01:19:15 +08:00
topjohnwu
cf565d0145 Add mount ns kernel support detection 2017-07-03 01:19:15 +08:00
topjohnwu
52a23e7904 Add more props for hiding 2017-07-03 01:19:15 +08:00
topjohnwu
9e22b80714 Update unmounting policies 2017-07-03 01:19:15 +08:00
topjohnwu
7eed9c4a6d Several improvements 2017-07-03 01:19:15 +08:00
topjohnwu
bf42fce17e Update boot patch method and scripts 2017-07-03 01:19:15 +08:00
topjohnwu
9d421226a7 Update list implementation 2017-07-03 01:15:11 +08:00
topjohnwu
7b9be8369e Enable magiskhide by default 2017-07-01 15:45:22 +08:00
topjohnwu
7cf4b819ae Several small tweaks 2017-07-01 14:05:54 +08:00
topjohnwu
9e1aea33c3 Improve xmkdir 2017-06-30 23:22:51 +08:00
topjohnwu
8767a88854 Check/fix ext4 image before mounting 2017-06-30 23:22:26 +08:00
topjohnwu
47c0084641 Fix cache mount bug 2017-06-30 21:49:35 +08:00
topjohnwu
54e6a790cf Update Magisk Manager 2017-06-24 23:46:44 +09:00
topjohnwu
2a86bc8695 Update scripts 2017-06-24 23:39:24 +09:00
topjohnwu
04538372c6 Add more image commands 2017-06-24 23:37:45 +09:00
topjohnwu
9430ed66cd Add addon.d survival script 2017-06-19 00:15:44 +08:00
topjohnwu
96f8efc27a Several small fixes 2017-06-16 15:27:28 +08:00
topjohnwu
a90e8b6112 Only use binaries/libs in /system 2017-06-16 04:09:36 +08:00
topjohnwu
561c1fb798 Update MagiskManager 2017-06-16 04:07:45 +08:00
topjohnwu
806fec7017 Add new rules to unmount 2017-06-15 18:32:24 +08:00
topjohnwu
b3da28eade Don't compile shell.c for sqlite 2017-06-14 03:29:59 +08:00
topjohnwu
166f6412c2 Fix a flaw in mounting logic 2017-06-14 00:55:41 +08:00
topjohnwu
1e877808bc Fix link errors for flash scripts 2017-06-13 00:46:20 +08:00
topjohnwu
1777d9f751 Magic Mount algorithm massive bug fix 2017-06-12 03:29:01 +08:00
topjohnwu
309b99eac0 Always init for resetprop 2017-06-11 20:22:10 +08:00
topjohnwu
a5aa1b3917 Don't use system and collect logs 2017-06-11 20:20:24 +08:00
topjohnwu
aced0632ec Improve image merging 2017-06-11 16:51:44 +08:00
topjohnwu
4e801788d7 Fix shared library linking error 2017-06-11 01:40:08 +08:00
101 changed files with 8022 additions and 212549 deletions
Expand all files Collapse all files

2
.gitattributes vendored
View File

@@ -8,9 +8,11 @@
# Declare files that will always have CRLF line endings on checkout.
*.cmd text eol=crlf
*.bat text eol=crlf
# Denote all files that are truly binary and should not be modified.
chromeos/** binary
*.jar binary
*.exe binary
*.apk binary
*.png binary

3
.gitmodules vendored
View File

@@ -13,3 +13,6 @@
[submodule "MagiskManager"]
path = MagiskManager
url = https://github.com/topjohnwu/MagiskManager.git
[submodule "jni/busybox"]
path = jni/busybox
url = https://github.com/topjohnwu/ndk-busybox.git

2
MagiskManager

Submodule MagiskManager updated: d3ff482c9b...b362c0ef38

59
README.MD
View File

@@ -4,33 +4,35 @@
#### Building has been tested on 3 major platforms:
***macOS 10.12.5***
***Ubuntu 17.04 x64***
***Windows 10 Creators Update x64***
**macOS 10.12**
**Ubuntu 17.04 x64**
**Windows 10 x64**
#### Environment Requirements
1. Python 3 **(>= 3.5)**: `python3` (or in some cases `python`) should be accessible
2. Java runtime: `java` should be accessible
3. (Unix only) C compiler: `gcc` should be accessible
4. Android SDK: `ANDROID_HOME` environment variable should point to the Android SDK folder
5. NDK: Install NDK using `sdkmanager`, or through Android SDK Manager
6. Android build-tools: Should have build-tools version matching `MagiskManager/app/build.gradle` installed
1. A 64-bit machine: `cmake` for Android is only available in 64-bit
2. Python 3.5+: to run the build script
3. Java Development Kit (JDK) 8: To compile Magisk Manager and sign zips
4. C compiler (Unix only): To build `zipadjust`. Windows users can use the pre-built `zipadjust.exe`
5. Android SDK: `ANDROID_HOME` environment variable should point to the Android SDK folder
6. Android NDK: Install NDK via `sdkmanager`, or via Android SDK Manager in Android Studio
#### Instructions and Notes
1. The python build script uses ANSI color codes to change the color of the terminal output. For Windows, this **only** works on Windows 10, as previous Windows console do not support them. If you insist to use an older Windows version, a quick Google search should provide many workarounds
2. After installing the latest Python 3 on Windows (allow the installer to add Python to PATH, or you'll have to manually set the environment), instead of calling `python3` like most Unix environment, you should call `python` in shell (cmd or Powershell both OK). You can double check the version by `python --version`
3. The build script will do several checks, it will refuse to run if the environment doesn't meet the requirements
4. For further instructions, please check the built in help message by `python3 build.py -h`
(Unix users can simply `./build.py -h`, Windows users, as mentioned, call `python` instead)
5. Each action has its own help message, access them by commands like `python3 build.py all -h`
6. To build Magisk for release (enabled through the `--release` flag, the script builds in debug mode by default), you will need to provide a Java keystore file, and place it in `release_signature.jks` to sign Magisk Manager APK for release builds. For more information, check out [Google's Official Documentation](https://developer.android.com/studio/publish/app-signing.html#signing-manually)
7. To properly setup the Android SDK environment, the easiest way is to use Android Studio and open Magisk Manager. If gradle sync passed, your build-tools etc. should be set properly. You can also access SDK Manager GUI within Android Studio to download NDK. Don't forget to add Android Studio's SDK path into environment variable ANDROID_HOME.
1. The easiest way to setup a working environment is to open Magisk Manager with Android Studio. The IDE will download required components and construct the environment for you. Don't forget to set `ANDROID_HOME` environment variable to the SDK path.
2. Windows users: while installing Python 3 on Windows, allow the installer to add Python to `PATH`, or you'll have to add it manually afterwards. By default, the Python executable is setup as `python`, not `python3` like most Unix environment. If you have both Python 2 and Python 3 installed, you'll have to deal with the executable name and `PATH` yourself. To double check the Python version, call `python --version`.
3. To run the script, on Windows call `python build.py [args...]`; on Unix call `python3 build.py [args...]`, or simply `./build.py [args...]`. To see the built-in help message, call the script with `-h` as an argument. The `-h` option also works for each supported actions to see the help message for the specific action.
4. By default, the script will build binaries and Magisk Manager in debug mode, which will enable verbose debugging messages. If you want to build Magisk Manager in release mode (through the flag `--release`), you will need to place your Java Keystore file in `release_signature.jks` to sign Magisk Manager's APK. For more information, check out [Google's Official Documentation](https://developer.android.com/studio/publish/app-signing.html#signing-manually).
5. The python build script uses ANSI color codes to change the color of the terminal output. For Windows, this **only** works on Windows 10, as previous Windows console do not support them. If you use an older Windows version, a quick Google search should provide many workarounds.
## License
Magisk, including all subprojects (git submodule) is free software: you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation, either version 3 of the License, or (at your option) any later version.
```
Magisk, including all subprojects (git submodule) is free software:
you can redistribute it and/or modify it under the terms of the
GNU General Public License as published by the Free Software Foundation,
either version 3 of the License, or (at your option) any later version.
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
@@ -39,14 +41,17 @@ GNU General Public License for more details.
You should have received a copy of the GNU General Public License
along with this program. If not, see <http://www.gnu.org/licenses/>.
```
## Credits
**MagiskManager** (`MagiskManager`)
* Copyright 2016-2017, John Wu (@topjohnwu)
* All contributors and translators
**MagiskSU** (`jni/su`)
* Copyright 2016-2017, John Wu (@topjohnwu)
* Copyright 2015, Pierre-Hugues Husson (phh@phh.me)
* Copyright 2013, Koushik Dutta (@koush)
@@ -54,25 +59,37 @@ along with this program. If not, see <http://www.gnu.org/licenses/>.
* Copyright 2008, Zinx Verituse (@zinxv)
**MagiskPolicy** (`jni/magiskpolicy`)
* Copyright 2016-2017, John Wu (@topjohnwu)
* Copyright 2015, Pierre-Hugues Husson (phh@phh.me)
* Copyright 2015, Joshua Brindle (@joshua_brindle)
**MagiskHide** (`jni/magiskhide`)
* Copyright 2016-2017, John Wu (@topjohnwu)
* Copyright 2016, Pierre-Hugues Husson (phh@phh.me) (original hidesu)
**resetprop** (`jni/resetprop`)
* Copyright 2016-2017 John Wu (@topjohnwu)
* Copyright 2016 nkk71 (nkk71x@gmail.com)
**SELinux** (`jni/selinux`)
* Makefile for NDK: Copyright 2016-2017, John Wu (@topjohnwu)
* It is maintained by many developers in SELinux project, copyright belongs to them
* Maintained by many developers in SELinux project
**ndk-compression** (`jni/ndk-compression`)
* Makefile for NDK: Copyright 2017, John Wu (@topjohnwu)
* Each library has its own copyright message in each directories
* Each library has its own copyright message in corresponding directories
**ndk-busybox** (`jni/busybox`)
* Makefile for NDK, generated by [ndk-busybox-kitchen](https://github.com/topjohnwu/ndk-busybox-kitchen): Copyright 2017, John Wu (@topjohnwu)
* Patches for NDK: Many contributors along the way, all placed in [osm0sis/android-busybox-ndk](https://github.com/osm0sis/android-busybox-ndk)
* The copyright message for busybox should be included in its own directory
**Others Not Mentioned**
* Copyright 2016-2017, John Wu (@topjohnwu)

206
build.py
View File

@@ -34,6 +34,9 @@ import multiprocessing
import zipfile
import datetime
import errno
import shutil
import lzma
import base64
def silentremove(file):
try:
@@ -45,7 +48,7 @@ def silentremove(file):
def zip_with_msg(zipfile, source, target):
if not os.path.exists(source):
error('{} does not exist! Try build \'binary\' and \'apk\' before zipping!'.format(source))
print('zip: ' + source + ' -> ' + target)
print('zip: {} -> {}'.format(source, target))
zipfile.write(source, target)
def build_all(args):
@@ -57,8 +60,11 @@ def build_all(args):
def build_binary(args):
header('* Building Magisk binaries')
# Force update Android.mk timestamp to trigger recompilation
os.utime(os.path.join('jni', 'Android.mk'))
ndk_build = os.path.join(os.environ['ANDROID_HOME'], 'ndk-bundle', 'ndk-build')
debug_flag = '' if args.release else '-DDEBUG'
debug_flag = '' if args.release else '-DMAGISK_DEBUG'
proc = subprocess.run('{} APP_CFLAGS=\"-DMAGISK_VERSION=\\\"{}\\\" -DMAGISK_VER_CODE={} {}\" -j{}'.format(
ndk_build, args.versionString, args.versionCode, debug_flag, multiprocessing.cpu_count()), shell=True)
if proc.returncode != 0:
@@ -67,18 +73,42 @@ def build_binary(args):
def build_apk(args):
header('* Building Magisk Manager')
for key in ['public.certificate.x509.pem', 'private.key.pk8']:
source = os.path.join('ziptools', key)
target = os.path.join('MagiskManager', 'app', 'src', 'main', 'assets', key)
print('cp: {} -> {}'.format(source, target))
shutil.copyfile(source, target)
for script in ['magisk_uninstaller.sh', 'util_functions.sh']:
source = os.path.join('scripts', script)
target = os.path.join('MagiskManager', 'app', 'src', 'main', 'assets', script)
print('cp: {} -> {}'.format(source, target))
shutil.copyfile(source, target)
os.chdir('MagiskManager')
# Build unhide app and place in assets
proc = subprocess.run('{} unhide::assembleRelease'.format(os.path.join('.', 'gradlew')), shell=True)
if proc.returncode != 0:
error('Build Magisk Manager failed!')
source = os.path.join('unhide', 'build', 'outputs', 'apk', 'release', 'unhide-release-unsigned.apk')
target = os.path.join('app', 'src', 'main', 'assets', 'unhide.apk')
print('cp: {} -> {}'.format(source, target))
shutil.copyfile(source, target)
print('')
if args.release:
if not os.path.exists(os.path.join('..', 'release_signature.jks')):
error('Please generate a java keystore and place it in \'release_signature.jks\'')
proc = subprocess.run('{} assembleRelease'.format(os.path.join('.', 'gradlew')), shell=True)
proc = subprocess.run('{} app::assembleRelease'.format(os.path.join('.', 'gradlew')), shell=True)
if proc.returncode != 0:
error('Build Magisk Manager failed!')
unsigned = os.path.join('app', 'build', 'outputs', 'apk', 'app-release-unsigned.apk')
aligned = os.path.join('app', 'build', 'outputs', 'apk', 'app-release-aligned.apk')
release = os.path.join('app', 'build', 'outputs', 'apk', 'app-release.apk')
unsigned = os.path.join('app', 'build', 'outputs', 'apk', 'release', 'app-release-unsigned.apk')
aligned = os.path.join('app', 'build', 'outputs', 'apk', 'release', 'app-release-aligned.apk')
release = os.path.join('app', 'build', 'outputs', 'apk', 'release', 'app-release.apk')
# Find the latest build tools
build_tool = sorted(os.listdir(os.path.join(os.environ['ANDROID_HOME'], 'build-tools')))[-1]
@@ -88,12 +118,21 @@ def build_apk(args):
proc = subprocess.run([
os.path.join(os.environ['ANDROID_HOME'], 'build-tools', build_tool, 'zipalign'),
'-v', '-p', '4', unsigned, aligned])
'-v', '-p', '4', unsigned, aligned], stdout=subprocess.DEVNULL)
if proc.returncode != 0:
error('Zipalign Magisk Manager failed!')
proc = subprocess.run('{} sign --ks {} --out {} {}'.format(
os.path.join(os.environ['ANDROID_HOME'], 'build-tools', build_tool, 'apksigner'),
# Find apksigner.jar
apksigner = ''
for root, dirs, files in os.walk(os.path.join(os.environ['ANDROID_HOME'], 'build-tools', build_tool)):
if 'apksigner.jar' in files:
apksigner = os.path.join(root, 'apksigner.jar')
break
if not apksigner:
error('Cannot find apksigner.jar in Android SDK build tools')
proc = subprocess.run('java -jar {} sign --ks {} --out {} {}'.format(
apksigner,
os.path.join('..', 'release_signature.jks'),
release, aligned), shell=True)
if proc.returncode != 0:
@@ -102,7 +141,7 @@ def build_apk(args):
silentremove(unsigned)
silentremove(aligned)
else:
proc = subprocess.run('{} assembleDebug'.format(os.path.join('.', 'gradlew')), shell=True)
proc = subprocess.run('{} app::assembleDebug'.format(os.path.join('.', 'gradlew')), shell=True)
if proc.returncode != 0:
error('Build Magisk Manager failed!')
@@ -110,20 +149,33 @@ def build_apk(args):
os.chdir('..')
def sign_adjust_zip(unsigned, output):
header('* Signing / Adjusting Zip')
# Unsigned->signed
proc = subprocess.run(['java', '-jar', os.path.join('ziptools', 'signapk.jar'),
os.path.join('ziptools', 'test.certificate.x509.pem'),
os.path.join('ziptools', 'test.key.pk8'), unsigned, 'tmp_signed.zip'])
if proc.returncode != 0:
error('First sign flashable zip failed!')
zipsigner = os.path.join('ziptools', 'zipsigner', 'build', 'libs', 'zipsigner.jar')
if os.name != 'nt' and not os.path.exists(os.path.join('ziptools', 'zipadjust')):
header('* Building zipadjust')
# Compile zipadjust
proc = subprocess.run('gcc -o ziptools/zipadjust ziptools/src/*.c -lz', shell=True)
proc = subprocess.run('gcc -o ziptools/zipadjust ziptools/zipadjust_src/*.c -lz', shell=True)
if proc.returncode != 0:
error('Build zipadjust failed!')
if not os.path.exists(zipsigner):
header('* Building zipsigner.jar')
os.chdir(os.path.join('ziptools', 'zipsigner'))
proc = subprocess.run('{} shadowJar'.format(os.path.join('.', 'gradlew')), shell=True)
if proc.returncode != 0:
error('Build zipsigner.jar failed!')
os.chdir(os.path.join('..', '..'))
header('* Signing / Adjusting Zip')
publicKey = os.path.join('ziptools', 'public.certificate.x509.pem')
privateKey = os.path.join('ziptools', 'private.key.pk8')
# Unsigned->signed
proc = subprocess.run(['java', '-jar', zipsigner,
publicKey, privateKey, unsigned, 'tmp_signed.zip'])
if proc.returncode != 0:
error('First sign flashable zip failed!')
# Adjust zip
proc = subprocess.run([os.path.join('ziptools', 'zipadjust'), 'tmp_signed.zip', 'tmp_adjusted.zip'])
@@ -131,9 +183,8 @@ def sign_adjust_zip(unsigned, output):
error('Adjust flashable zip failed!')
# Adjusted -> output
proc = subprocess.run(['java', '-jar', os.path.join('ziptools', 'minsignapk.jar'),
os.path.join('ziptools', 'test.certificate.x509.pem'),
os.path.join('ziptools', 'test.key.pk8'), 'tmp_adjusted.zip', output])
proc = subprocess.run(['java', '-jar', zipsigner,
"-m", publicKey, privateKey, 'tmp_adjusted.zip', output])
if proc.returncode != 0:
error('Second sign flashable zip failed!')
@@ -142,11 +193,46 @@ def sign_adjust_zip(unsigned, output):
silentremove('tmp_signed.zip')
silentremove('tmp_adjusted.zip')
def gen_update_binary():
update_bin = []
binary = os.path.join('libs', 'armeabi-v7a', 'b64xz')
if not os.path.exists(binary):
error('Please build \'binary\' before zipping!')
with open(binary, 'rb') as b64xz:
update_bin.append('#! /sbin/sh\nEX_ARM=')
update_bin.append(''.join("\\\\x{:02X}".format(c) for c in b64xz.read()))
binary = os.path.join('libs', 'x86', 'b64xz')
with open(binary, 'rb') as b64xz:
update_bin.append('\nEX_X86=')
update_bin.append(''.join("\\\\x{:02X}".format(c) for c in b64xz.read()))
binary = os.path.join('libs', 'armeabi-v7a', 'busybox')
with open(binary, 'rb') as busybox:
update_bin.append('\nBB_ARM=')
update_bin.append(base64.b64encode(lzma.compress(busybox.read())).decode('ascii'))
binary = os.path.join('libs', 'x86', 'busybox')
with open(binary, 'rb') as busybox:
update_bin.append('\nBB_X86=')
update_bin.append(base64.b64encode(lzma.compress(busybox.read())).decode('ascii'))
update_bin.append('\n')
with open(os.path.join('scripts', 'update_binary.sh'), 'r') as script:
update_bin.append(script.read())
return ''.join(update_bin)
def zip_main(args):
header('* Packing Flashable Zip')
with zipfile.ZipFile('tmp_unsigned.zip', 'w', compression=zipfile.ZIP_DEFLATED) as zipf:
# Compiled Binaries
with zipfile.ZipFile('tmp_unsigned.zip', 'w', compression=zipfile.ZIP_DEFLATED, allowZip64=False) as zipf:
# META-INF
# update-binary
target = os.path.join('META-INF', 'com', 'google', 'android', 'update-binary')
print('zip: ' + target)
zipf.writestr(target, gen_update_binary())
# updater-script
source = os.path.join('scripts', 'flash_script.sh')
target = os.path.join('META-INF', 'com', 'google', 'android', 'updater-script')
zip_with_msg(zipf, source, target)
# Binaries
for lib_dir, zip_dir in [('arm64-v8a', 'arm64'), ('armeabi-v7a', 'arm'), ('x86', 'x86'), ('x86_64', 'x64')]:
for binary in ['magisk', 'magiskboot']:
source = os.path.join('libs', lib_dir, binary)
@@ -154,28 +240,33 @@ def zip_main(args):
zip_with_msg(zipf, source, target)
# APK
source = os.path.join('MagiskManager', 'app', 'build', 'outputs', 'apk', 'app-release.apk' if args.release else 'app-debug.apk')
source = os.path.join('MagiskManager', 'app', 'build', 'outputs', 'apk',
'release' if args.release else 'debug', 'app-release.apk' if args.release else 'app-debug.apk')
target = os.path.join('common', 'magisk.apk')
zip_with_msg(zipf, source, target)
# Scripts
source = os.path.join('scripts', 'flash_script.sh')
with open(source, 'r') as flash_script:
# Add version info into flash script
update_binary = flash_script.read().replace(
'MAGISK_VERSION_STUB', 'Magisk v{} Installer'.format(args.versionString))
target = os.path.join('META-INF', 'com', 'google', 'android', 'update-binary')
print('zip: ' + source + ' -> ' + target)
zipf.writestr(target, update_binary)
target = os.path.join('META-INF', 'com', 'google', 'android', 'updater-script')
print('zip: ' + target)
zipf.writestr(target, '#MAGISK\n')
source = os.path.join('scripts', 'init.magisk.rc')
target = os.path.join('common', 'init.magisk.rc')
zip_with_msg(zipf, source, target)
# boot_patch.sh
source = os.path.join('scripts', 'boot_patch.sh')
target = os.path.join('common', 'boot_patch.sh')
zip_with_msg(zipf, source, target)
# util_functions.sh
source = os.path.join('scripts', 'util_functions.sh')
with open(source, 'r') as script:
# Add version info util_functions.sh
util_func = script.read().replace(
'MAGISK_VERSION_STUB', 'MAGISK_VER="{}"\nMAGISK_VER_CODE={}'.format(args.versionString, args.versionCode))
target = os.path.join('common', 'util_functions.sh')
print('zip: ' + source + ' -> ' + target)
zipf.writestr(target, util_func)
# addon.d.sh
source = os.path.join('scripts', 'addon.d.sh')
target = os.path.join('addon.d', '99-magisk.sh')
zip_with_msg(zipf, source, target)
# init.magisk.rc
source = os.path.join('scripts', 'init.magisk.rc')
target = os.path.join('common', 'init.magisk.rc')
zip_with_msg(zipf, source, target)
# Prebuilts
for chromeos in ['futility', 'kernel_data_key.vbprivk', 'kernel.keyblock']:
@@ -190,8 +281,18 @@ def zip_main(args):
def zip_uninstaller(args):
header('* Packing Uninstaller Zip')
with zipfile.ZipFile('tmp_unsigned.zip', 'w', compression=zipfile.ZIP_DEFLATED) as zipf:
# Compiled Binaries
with zipfile.ZipFile('tmp_unsigned.zip', 'w', compression=zipfile.ZIP_DEFLATED, allowZip64=False) as zipf:
# META-INF
# update-binary
target = os.path.join('META-INF', 'com', 'google', 'android', 'update-binary')
print('zip: ' + target)
zipf.writestr(target, gen_update_binary())
# updater-script
source = os.path.join('scripts', 'uninstaller_loader.sh')
target = os.path.join('META-INF', 'com', 'google', 'android', 'updater-script')
zip_with_msg(zipf, source, target)
# Binaries
for lib_dir, zip_dir in [('arm64-v8a', 'arm64'), ('armeabi-v7a', 'arm'), ('x86', 'x86'), ('x86_64', 'x64')]:
source = os.path.join('libs', lib_dir, 'magiskboot')
target = os.path.join(zip_dir, 'magiskboot')
@@ -201,13 +302,23 @@ def zip_uninstaller(args):
target = 'magisk_uninstaller.sh'
zip_with_msg(zipf, source, target)
source = os.path.join('scripts', 'uninstaller_loader.sh')
target = os.path.join('META-INF', 'com', 'google', 'android', 'update-binary')
zip_with_msg(zipf, source, target)
# Scripts
# util_functions.sh
source = os.path.join('scripts', 'util_functions.sh')
with open(source, 'r') as script:
# Remove the stub
util_func = script.read().replace(
'MAGISK_VERSION_STUB', '')
target = os.path.join('util_functions.sh')
print('zip: ' + source + ' -> ' + target)
zipf.writestr(target, util_func)
target = os.path.join('META-INF', 'com', 'google', 'android', 'updater-script')
print('zip: ' + target)
zipf.writestr(target, '#MAGISK\n')
# Prebuilts
for chromeos in ['futility', 'kernel_data_key.vbprivk', 'kernel.keyblock']:
source = os.path.join('chromeos', chromeos)
zip_with_msg(zipf, source, source)
# End of zipping
output = 'Magisk-uninstaller-{}.zip'.format(datetime.datetime.now().strftime('%Y%m%d'))
sign_adjust_zip('tmp_unsigned.zip', output)
@@ -252,12 +363,13 @@ apk_parser.set_defaults(func=build_apk)
zip_parser = subparsers.add_parser('zip', help='zip and sign Magisk into a flashable zip')
zip_parser.add_argument('versionString')
zip_parser.add_argument('versionCode', type=int)
zip_parser.set_defaults(func=zip_main)
uninstaller_parser = subparsers.add_parser('uninstaller', help='create flashable uninstaller')
uninstaller_parser.set_defaults(func=zip_uninstaller)
clean_parser = subparsers.add_parser('clean', help='clean [target...] Targets: binary apk zip (default: all)')
clean_parser = subparsers.add_parser('clean', help='clean [target...] targets: binary apk zip')
clean_parser.add_argument('target', nargs='*')
clean_parser.set_defaults(func=cleanup)

27
docs/README.MD Normal file
View File

@@ -0,0 +1,27 @@
# Magisk Documentations
(Updated on 2017.8.16) ([Changelog](changelog.md))
## Table of Content
- [Introduction](#introduction)
- [Procedure Diagram](https://cdn.rawgit.com/topjohnwu/Magisk/cc1809688299f1f8b5db494a234850852712c0c9/docs/procedures.html)
- [Magisk Details](details.md)
- [Boot Stages](details.md#boot-stages)
- [Magic Mount Details](details.md#magic-mount-details)
- [Simple Mount Details](details.md#simple-mount-details)
- [Available Applets](applets.md)
- [magisk](applets.md#magisk)
- [su](applets.md#su)
- [resetprop](applets.md#resetprop)
- [magiskpolicy](applets.md#magiskpolicy)
- [magiskhide](applets.md#magiskhide)
- [Modules and Repos](module_repo.md)
- [Modules and Templates](module_repo.md#magisk-module-format)
- [Submit Modules to Repo](module_repo.md#submit-your-module-to-magisk-modules-repo)
- [Tips and Tricks](tips.md)
- [Remove Files](tips.md#remove-files)
- [Remove Folders](tips.md#remove-folders)
## Introduction
Magisk is a suite of open source tools for devices running Android version higher than 5.0 Lollipop (API 21). It establishes an environment which covers most Android aftermarket customization needs, such as root, boot scripts, SELinux patches, dm-verity/forceencrypt patches etc.. Furthermore, Magisk also provides a **Systemless Interface** to alter the system (or vendor) arbitrarily while the actual partitions stay completely intact, all of which accomplished by only patching the boot image, and adding some files into `/data`. With its systemless nature along with several other hacks, Magisk can hide modifications from device integrity verifications, one of the main target is to hide from [Google's SafetyNet API](https://developer.android.com/training/safetynet/index.html).

171
docs/applets.md Normal file
View File

@@ -0,0 +1,171 @@
## Available Applets
Magisk has a core binary which acts as a multi-call program with many applets. Here is an introduction to all available applets.
### magisk
The magisk binary itself provides a lot of utility functions when called with the name `magisk`. They are used in both Magisk installation and module installation. The entry point for `init` to invoke magisk's boot procedures are also listed here.
Command help message:
```
Usage: magisk [applet [arguments]...]
or: magisk --install [SOURCE] DIR
if SOURCE not provided, will link itself
or: magisk --list
or: magisk --createimg IMG SIZE
create ext4 image, SIZE is interpreted in MB
or: magisk --imgsize IMG
or: magisk --resizeimg IMG SIZE
SIZE is interpreted in MB
or: magisk --mountimg IMG PATH
mount IMG to PATH and prints the loop device
or: magisk --umountimg PATH LOOP
or: magisk --[boot stage]
start boot stage service
or: magisk [options]
or: applet [arguments]...
Supported boot stages:
post-fs, post-fs-data, service
Options:
-c print client version
-v print daemon version
-V print daemon version code
Supported applets:
su, resetprop, magiskpolicy, supolicy, sepolicy-inject, magiskhide
```
### su
The MagiskSU entrypoint. Call `su` to gain a root shell.
Command help message:
```
Usage: su [options] [--] [-] [LOGIN] [--] [args...]
Options:
-c, --command COMMAND pass COMMAND to the invoked shell
-h, --help display this help message and exit
-, -l, --login pretend the shell to be a login shell
-m, -p,
--preserve-environment do not change environment variables
-s, --shell SHELL use SHELL instead of the default /system/bin/sh
-u display the multiuser mode and exit
-v, --version display version number and exit
-V display version code and exit,
this is used almost exclusively by Superuser.apk
-mm, -M,
--mount-master run in the global mount namespace,
use if you need to publicly apply mounts
```
Note: even though the `-Z, --context` option is not listed above, it actually still exists. However MagiskSU will silently ignore the option since it's not needed anymore. It is still left over because some apps still request root shell with specific contexts as an option.
### resetprop
An advanced system prop manipulation utility; you can arbitrarily alter system props using this tool. Here's some background knowledge:
> System props are stored in a hybrid trie/binary tree data structure in memory; it was originally designed to only support adding nodes, and no nodes should be removed. Props can be read by many processes (e.g. via the `getprop` command); however, only the `init` process have write access to the property data. `init` provides a `property_service` to accept property update requests, so all property changes are monitored and controlled by `init` Restrictions such as **read-only** props (props that starts with `ro.`), which can only be set once and cannot be changed afterwards, is therefore implemented in `init`.
**resetprop** acts just like `init`: directly access the data structure, bypassing the whole `property_service` part. Doing so, we gain **arbitrary modification** power, including altering read-only props and deleting properties. Delete properties, which was stated *"forbidden"* in the data structure, is implemented through some tricks in the data structure.
One subtle thing to be aware of is that if we change props by directly modifying the data structure, `on property:foo=bar` triggers registered in `*.rc` scripts will not be triggered properly. This may be a good thing or a bad thing, depending on what behavior you expect. I made the default behavior to match the original setprop command, which **WILL** trigger events, but of course I provide a flag (`-n`) to disable it if you need this special behavior.
Command help message:
```
Usage: resetprop [options] [args...]
Options:
-v show verbose output
-n only modify property in memory
resetprop NAME VALUE set property entry NAME with VALUE
resetprop --file FILE load props from FILE
resetprop --delete NAME remove prop entry NAME
```
### magiskpolicy
(This tool is aliased to `supolicy` and `sepolicy-injection` for legacy reasons)
A tool to patch `sepolicy`. **magiskpolicy** also comes with built-in rules to unleash restrictions to make Magisk work properly. `sepolicy` is a compiled binary containing SELinux rules; we directly patch rules in the binary format since we don't have access to the SELinux policy source (`*.te`) files.
The Magisk daemon itself, the root shell, and all processes spawned from the daemon and root shell are all running in the context `u:r:su:s0`. This context is not only patched to be permissive, but also patched to allow any transition from `u:r:su:s0` to any domain. This was done because Samsung devices do not support permissive out of the box.
The built in patches are split to 3 parts: minimal, medium, and large. The full patch will result in a huge policy file, which might cause the `sepolicy` file unable to fit in `boot.img`.
- The minimal patch is just enough to start Magisk daemon and allow the daemon to further patch the policy during boot time (which is called **live patch**). It is done at installation and directly into `boot.img`.
- The medium patch covers most common operations, and is live patched as soon as Magisk daemon is started (blocking boot process).
- The large patch contains the full patch. Due to the concern of greatly increasing the boot time, it is designed to run in the background until it's joined in the non-blocking late_start bootstage.
What this all means is that **only late_start service mode is guaranteed to run in a fully patched environment**. If any script is not time critical, it is **highly recommended to run those scripts in late_start service mode**.
Command help message:
```
Usage: magiskpolicy [--options...] [policystatements...]
Options:
--live directly load patched policy to device
--minimal minimal patches, used for boot image patches
--load <infile> load policies from <infile>
(load from live policies if not specified)
--save <outfile> save policies to <outfile>
One policy statement should be treated as one parameter;
this means a full policy statement should be enclosed in quotes;
multiple policy statements can be provided in a single command
The statements has a format of "<action> [args...]"
Use '*' in args to represent every possible match.
Collections wrapped in curly brackets can also be used as args.
Supported policy statements:
Type 1:
"<action> source-class target-class permission-class permission"
Action: allow, deny, auditallow, auditdeny
Type 2:
"<action> source-class target-class permission-class ioctl range"
Action: allowxperm, auditallowxperm, dontauditxperm
Type 3:
"<action> class"
Action: create, permissive, enforcing
Type 4:
"attradd class attribute"
Type 5:
"typetrans source-class target-class permission-class default-class (optional: object-name)"
Notes:
- typetrans does not support the all match '*' syntax
- permission-class cannot be collections
- source-class and target-class can also be attributes
Example: allow { source1 source2 } { target1 target2 } permission-class *
Will be expanded to:
allow source1 target1 permission-class { all-permissions }
allow source1 target2 permission-class { all-permissions }
allow source2 target1 permission-class { all-permissions }
allow source2 target2 permission-class { all-permissions }
```
### magiskhide
This is the CLI to control the state of MagiskHide.
Command help message:
```
Usage: magiskhide [--options [arguments...] ]
Options:
--enable Start magiskhide
--disable Stop magiskhide
--add PROCESS Add PROCESS to the hide list
--rm PROCESS Remove PROCESS from the hide list
--ls Print out the current hide list
```

3
docs/changelog.md Normal file
View File

@@ -0,0 +1,3 @@
# Changelog
- 2017.8.16
- Initial version for Magisk v13.5+

60
docs/details.md Normal file
View File

@@ -0,0 +1,60 @@
## Boot Stages
If you are working on complicated projects, you shall need more control to the whole process. Magisk can run scripts in different boot stages, so you can fine tune exactly what you want to do. It's recommended to read this documentation along with the procedure graph.
- post-fs mode
- **This stage is BLOCKING. Boot process will NOT continue until everything is done, or 20 seconds has passed**
- Happens after most partitions are mounted, except `/data`
- Magisk will bind mount files under `/cache/magisk_mount/system` to corresponding paths
- It is only **Simple Mount**, which means it will replace existing files, but cannot add/remove files.
- post-fs-data mode
- **This stage is BLOCKING. Boot process will NOT continue until everything is done, or 60 seconds has passed**
- Happens after `/data` is ready (including the case when `/data` is encrypted)
- Happens before Zygote and system servers are started (which means pretty much everything)
- Mirrors will be mounted. These mirrors play a critical role in **Magic Mount**
- `/data/magisk.img` will be merged, trimmed, and mounted to `/magisk`
- Magisk will run scripts under `/magisk/.core/post-fs-data.d`
- Magisk will run scripts: `/magisk/$MODID/post-fs-data.sh` (placed in each module directory)
- Magisk will finally **Magisk Mount** module files
- late_start service mode
- **This stage is NON-BLOCKING, it will run in parallel with other processes**
- Happens when class late_start is started
- Put time consuming but non time critical tasks here. Boot process will be stuck if it took too long to finish your tasks in previous modes
- SELinux is guaranteed to be fully patched in this stage; **it is recommended to run most scripts in this stage**, unless your scripts require some time critical operations
- Magisk will run scripts under `/magisk/.core/service.d`
- Magisk will run scripts: `/magisk/$MODID/service.sh` (placed in each module directory)
## Magic Mount Details
### Terminology
- **Item**: A folder, file, or symbolic link
- **Leaf**: The very end of a directory structure tree, can be either a file or symbolic link
- **`$MODPATH`**: A variable to represent the path of a module folder
- **Source item**: An item under `$MODPATH/system`, for example, `$MODPATH/system/build.prop` is a source item
- **Existing item**: An item under `/system`, for example, `/system/bin/app_process` is an existing item
- **Target item**: A corresponding item of a source item. For example, the target item of `$MODPATH/system/build.prop` is `/system/build.prop`
Note: A target item does not imply it is an existing item. A target item might not exist in the actual `/system`
### Policies
- For a source leaf: if its target item is also an existing item, the existing item will be replaced with the source leaf
- For a source leaf: if its target item is not an existing item, the source leaf will be added to the path of its target item
- For any existing item that's not a target item, it will stay intact
Above is the rule of thumb. Basically it means that Magic Mount merges the files from `$MODPATH/system` into the real `/system`. A simpler way to understand is to think as it dirty copies the contents from `$MODPATH/system` into `/system`.
However, an addition rule will override the above policies:
- For a source folder containing the file `.replace`, the source folder will be treated as if it is a source leaf. That is, the items within the target folder will be completely discarded, and the target folder will be replaced with the source folder.
Directories containing a file named `.replace` will NOT be merged into the system. It will directly replace the target directory. A simpler way to understand is to think as if it wipes the target folder, and then copies the whole folder to the target path.
### Notes
- Sometimes, completely replacing a folder is inevitable. For example you want to replace `/system/priv-app/SystemUI` in your stock rom. In stock roms, system apps usually comes with pre-optimized files. If your replacement `SystemUI.apk` is deodexed (which is most likely the case), you would want to replace the whole `/system/priv-app/SystemUI` to make sure the folder only contains the modified `SystemUI.apk` and **NOT** merge with the pre-optimized files.
- If you are using the [Magisk Module Template](https://github.com/topjohnwu/magisk-module-template), you can create a list of folders you want to replace in the file `config.sh`. The installation scripts will handle the creation of `.replace` files into the listed folders for you.
- Adding non-existing target items is a relatively expensive operation. Magisk would need to do **MANY** under-the-hood tasks to achieve it. Replacing a whole folder is recommended if viable, it reduces the complexity of the construction of the mounting tree and could speed up the booting time
## Simple Mount Details
Some files require to be mounted much earlier in the boot process, currently known are bootanimation and some libs (most users won't change them). You can simply place your modified files into the corresponding path under `/cache/magisk_mount`. At boot time, Magisk will **clone all the attributes from the target file**, which includes selinux context, permission mode, owner, group. It'll then bind mount the file to the target. This means you don't need to worry about the metadatas for files placed under `/cache/magisk_mount`: copy the file to the correct place, reboot then you're done!
This mode does not feature the same complex Magic Mount implementation, it will mount a source leaf to an existing target item under `/system`.
For example, you want to replace `/system/media/bootanimation.zip`, copy your new boot animation zip to `/cache/magisk_mount/system/media/bootanimation.zip,` Magisk will mount your files in the next reboot.

76
docs/module_repo.md Normal file
View File

@@ -0,0 +1,76 @@
# Magisk Modules and Online Repo
## Magisk Module Format
The Magisk module is a folder under `magisk`, which has a structure as described below:
```
magisk
├── .
├── .
├── a_module <--- The ID of the module, should match with module.prop
│   ├── auto_mount <--- If this file exists, auto mount is enabled
│   ├── disable <--- If this file exists, the module is disabled
│   ├── module.prop <--- This files stores the indentity and properties of the module
│   ├── post-fs-data.sh <--- This script will be executed in post-fs-data
│   ├── remove <--- If this file exists, the module will be removed next reboot
│   ├── service.sh <--- This script will be executed in late_start service
│   ├── system.prop <--- This file will be loaded as system props
│   ├── system <--- If auto mount is enabled, Magisk will "Magic Mount" this folder
│   │   ├── app
│   │   ├── .
│   │   └── .
│   ├── vendor <--- Auto generated. A symlink to $MODID/system/vendor
│   ├── . <--- Any other files/folders are allowed
│   └── .
├── another_module
│   ├── .
│   └── .
├── .
├── .
```
## Magisk Module Template
The **Magisk Module Template** is hosted **[here](https://github.com/topjohnwu/magisk-module-template)**.
It is a template to create a flashable zip to install Magisk Modules. It is created to be simple to use so that anyone can create their own modules easily. The template itself contains minimal scripting for installation; most of the functions are located externally in [util_functions.sh](https://github.com/topjohnwu/Magisk/blob/master/scripts/util_functions.sh), which will be installed along with Magisk, and can be upgraded through a Magisk upgrade without the need of a template update.
The template should meet most modules' needs. Add files into `system`, which will be cloned into `/system` by Magisk after installing the module, and in addition to module files, `system.prop`, `post-fs-data.sh`, `service.sh` are also installable through this template.
Here are some files you would want to know:
- `config.sh`: A simple script used as a configuration file for the actual installation file to correctly install your module. It is the place you can select which features your module needs/disables.
- `module.prop`: This file contains your module's indentity and properties, including name and versions etc.. This file will be used to identify your module on an actual device and in the [Magisk Modules Repo](https://github.com/Magisk-Modules-Repo)
- `common/*`: These files will be installed to the module with the correspond role
- `META-INF/com/google/android/update-binary`: The actual installation script. Modify this file for advanced custom behavior
## Create a Magisk Module With The Template
1. Clone / download [this repo](https://github.com/topjohnwu/magisk-module-template)
1. Open `config.sh` and carefully read the fully documented file. Follow the instructions within the script
1. You should at least have `config.sh` and `module.prop` modified
1. Directly zip all files; the result zip file is a flashable zip that can be used in both Magisk Manager and custom recoveries
1. Please check [**Notes**](#notes) for several precautions
## Submit Your Module to Magisk Modules Repo
If you want to share your module with others, you can submit your modules to [Magisk Modules Repo](https://github.com/Magisk-Modules-Repo). You would need some basic `git` knowledge here.
1. Create a module as stated above, and test if it works properly
1. Fork [this repo](https://github.com/topjohnwu/magisk-module-template) to your account
1. Commit and push your changes to your forked repo
1. Open an issue in [topjohnwu/Magisk_Repo_Central](https://github.com/topjohnwu/Magisk_Repo_Central/issues/new) with your repo link
1. I will review your module, and once accepted, your repo should be cloned into [Magisk-Modules-Repo](https://github.com/Magisk-Modules-Repo)
1. You should receive an email to become the collaborator so you can edit the repo in the future.
#### Once your module is live on the Modules Repo, the description of your repo should be the ID of your module. Please do NOT change the description, repeat, do NOT change the description.
![repo_description.png](repo_description.png)
## Notes
- The Module Template depends on external scripts, be aware of the minimal required Magisk version of the template.
- **Windows users please check here!!** The line endings of all text files should be in the **Unix format**. Please use advanced text editors like Sublime, Atom, Notepad++ etc. to edit **ALL** text files, **NEVER** use Windows Notepad.
- In `module.prop`, `version` can be an arbitrary string, so any fancy version name (e.g. ultra-beta-v1.1.1.1) is allowed. However, `versionCode` **MUST** be an integer. The value is used for version comparison.
- Make sure your module ID **does not contain any spaces**.
## Notes For Repo Developers
- Magisk Manager monitors all repo's `master` branch. Any changes to the branch `master` will be reflected to all users immediately. If you are working on an update for a module, please work on another branch, make sure it works, then finally merge the changes back to `master`.
- Once you finished upgrading your repo, increase at least the `versionCode` in `module.prop`. Magisk Manager uses this value to compare with the local installed module to determine whether an update is availible.
- The description of your repo should be the same as your module ID. If you changed your description, Magisk Manager will fail to identify your repo, and cannot relate installed module to the online repo together.

11
docs/procedures.html Normal file
View File

File diff suppressed because one or more lines are too long

BIN
docs/repo_description.png Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 39 KiB

6
docs/tips.md Normal file
View File

@@ -0,0 +1,6 @@
# Tips and Tricks
## Remove Files
How to efficiently remove a file systemless-ly? To actually make the file **disappear** within the folder is complicated (possible, not worth the effort). **Replacing it with a dummy file should be good enough**! Create an empty file with the same name and place it in the same path within a module, then you're basically done!
## Remove Folders
Same as mentioned above, actually making the folder to **disappear** is not worth the effort. **Replacing it with an empty folder should be good enough**! A handy trick for module developers using [Magisk Module Template](https://github.com/topjohnwu/magisk-module-template) is to add the folder you want to remove into the `REPLACE` list within `config.sh`. If your module doesn't provide a correspond folder, it will create an empty folder, and automatically add `.replace` into the empty folder so the dummy folder will properly replace the one in `/system`.

98
jni/Android.mk
View File

@@ -1,34 +1,34 @@
LOCAL_PATH := $(call my-dir)
########################
# Binaries
########################
# magisk main binary
include $(CLEAR_VARS)
LOCAL_MODULE := magisk
LOCAL_STATIC_LIBRARIES := libsepol
LOCAL_SHARED_LIBRARIES := libsqlite libselinux
LOCAL_C_INCLUDES := \
$(LOCAL_PATH)/utils \
$(LOCAL_PATH)/daemon \
$(LOCAL_PATH)/resetprop \
$(LOCAL_PATH)/magiskpolicy \
$(LOCAL_PATH)/selinux/libselinux/include \
$(LOCAL_PATH)/selinux/libsepol/include \
$(LOCAL_PATH)/sqlite3
$(LOCAL_PATH)/include \
$(LOCAL_PATH)/external \
$(LOCAL_PATH)/selinux/libsepol/include
LOCAL_SRC_FILES := \
main.c \
utils/misc.c \
utils/vector.c \
utils/xwrap.c \
utils/list.c \
daemon/magisk.c \
daemon/daemon.c \
daemon/socket_trans.c \
daemon/log_monitor.c \
daemon/bootstages.c \
utils/misc.c \
utils/vector.c \
utils/xwrap.c \
utils/list.c \
utils/img.c \
magiskhide/magiskhide.c \
magiskhide/hide_daemon.c \
magiskhide/proc_monitor.c \
magiskhide/pre_process.c \
magiskhide/list_manager.c \
magiskhide/hide_utils.c \
magiskpolicy/magiskpolicy.c \
magiskpolicy/rules.c \
magiskpolicy/sepolicy.c \
@@ -44,22 +44,64 @@ LOCAL_SRC_FILES := \
su/su_socket.c
LOCAL_CFLAGS := -Wno-implicit-exception-spec-mismatch
LOCAL_CPPFLAGS := -std=c++11
LOCAL_LDLIBS := -llog
include $(BUILD_EXECUTABLE)
# magiskboot
include $(CLEAR_VARS)
LOCAL_MODULE := magiskboot
LOCAL_STATIC_LIBRARIES := libz liblzma liblz4 libbz2
LOCAL_C_INCLUDES := \
$(LOCAL_PATH)/magiskboot \
$(LOCAL_PATH)/include \
$(LOCAL_PATH)/ndk-compression/zlib \
$(LOCAL_PATH)/ndk-compression/xz/src/liblzma/api \
$(LOCAL_PATH)/ndk-compression/lz4/lib \
$(LOCAL_PATH)/ndk-compression/bzip2
LOCAL_SRC_FILES := \
magiskboot/main.c \
magiskboot/bootimg.c \
magiskboot/hexpatch.c \
magiskboot/compress.c \
magiskboot/boot_utils.c \
magiskboot/cpio.c \
magiskboot/sha1.c \
utils/xwrap.c \
utils/vector.c \
utils/list.c
LOCAL_CFLAGS := -DZLIB_CONST
include $(BUILD_EXECUTABLE)
# 32-bit static binaries
ifneq ($(TARGET_ARCH_ABI), x86_64)
ifneq ($(TARGET_ARCH_ABI), arm64-v8a)
# b64xz
include $(CLEAR_VARS)
LOCAL_MODULE := b64xz
LOCAL_STATIC_LIBRARIES := liblzma
LOCAL_C_INCLUDES := $(LOCAL_PATH)/ndk-compression/xz/src/liblzma/api
LOCAL_SRC_FILES := b64xz.c
LOCAL_LDFLAGS := -static
include $(BUILD_EXECUTABLE)
# Busybox
include jni/busybox/Android.mk
endif
endif
########################
# Libraries
include jni/selinux/libselinux/Android.mk
########################
# External shared libraries, include stub libselinux and libsqlite
include jni/external/Android.mk
# libsepol, static library
include jni/selinux/libsepol/Android.mk
include jni/sqlite3/Android.mk
#####################################################################
# In order to build separate binaries, please comment out everything
# starting from line 3 (including the 3 lines for libraries)
# Then, uncomment the line you want below
#####################################################################
# include jni/resetprop/Android.mk
# include jni/magiskpolicy/Android.mk
# Build magiskboot
include jni/magiskboot/Android.mk
# Compression libraries for magiskboot
include jni/ndk-compression/zlib/Android.mk
include jni/ndk-compression/xz/src/liblzma/Android.mk
include jni/ndk-compression/lz4/lib/Android.mk
include jni/ndk-compression/bzip2/Android.mk

2
jni/Application.mk
View File

@@ -1,4 +1,2 @@
APP_ABI := x86 x86_64 armeabi-v7a arm64-v8a
APP_PLATFORM := android-21
APP_UNIFIED_HEADERS := true
APP_CPPFLAGS += -std=c++11

83
jni/b64xz.c Normal file
View File

@@ -0,0 +1,83 @@
/* b64xz.c - Base64-XZ Extractor
*
* This program expects data from stdin. The data should be compressed with xz and
* then encoded into base64 format. What b64xz does is basically the reverse of the
* mentioned process: decode base64 to uint8_ts, decompress xz, then dump to stdout
*
* The compiled binary will be hex-dumped into update-binary
* Busybox will be xz-compressed, base64 encoded and dumped into update-binary
* This program is to recover busybox for Magisk installation environment
*
* I intentionally removed stdio. This will result in a smaller binary size because
* all I/O are handled by system calls (read/write) instead of libc wrappers
*/
#include <unistd.h>
#include <lzma.h>
#define BUFSIZE 8192
static const char trans_tbl[] =
"|$$$}rstuvwxyz{$$$$$$$>?@ABCDEFGHIJKLMNOPQRSTUVW$$$$$$XYZ[\\]^_`abcdefghijklmnopq";
static void decodeblock(uint8_t* in, uint8_t* out) {
out[0] = (uint8_t)(in[0] << 2 | in[1] >> 4);
out[1] = (uint8_t)(in[1] << 4 | in[2] >> 2);
out[2] = (uint8_t)(((in[2] << 6) & 0xc0) | in[3]);
}
static int unxz(lzma_stream *strm, void *buf, size_t size) {
lzma_ret ret = 0;
uint8_t out[BUFSIZE];
strm->next_in = buf;
strm->avail_in = size;
do {
strm->next_out = out;
strm->avail_out = sizeof(out);
ret = lzma_code(strm, LZMA_RUN);
write(STDOUT_FILENO, out, sizeof(out) - strm->avail_out);
} while (strm->avail_out == 0 && ret == LZMA_OK);
if (ret != LZMA_OK && ret != LZMA_STREAM_END)
write(STDERR_FILENO, "LZMA error!\n", 13);
return ret;
}
int main(int argc, char const* argv[]) {
if (argc > 1)
return 0;
uint8_t in[4], buf[BUFSIZE];
int len = 0, pos = 0;
char c;
// Setup lzma stream
lzma_stream strm = LZMA_STREAM_INIT;
if (lzma_auto_decoder(&strm, UINT64_MAX, 0) != LZMA_OK) {
write(STDERR_FILENO, "Unable to init lzma stream\n", 28);
return 1;
}
while (read(STDIN_FILENO, &c, sizeof(c)) == 1) {
c = ((c < 43 || c > 122) ? -1 : (trans_tbl[c - 43] == '$' ? -1 : trans_tbl[c - 43] - 62));
if (c >= 0)
in[len++] = c;
if (len < 4)
continue;
len = 0;
decodeblock(in, buf + pos);
pos += 3;
if (pos > sizeof(buf) - 3) {
// Buffer is full, unxz
if (unxz(&strm, buf, pos))
return 1;
pos = 0;
}
}
if (pos) {
if (unxz(&strm, buf, pos))
return 1;
}
lzma_end(&strm);
return 0;
}

1
jni/busybox Submodule

Submodule jni/busybox added at 90c9c4fd96

804
jni/daemon/bootstages.c
View File

@@ -1,4 +1,8 @@
/* post_fs_data.c - post-fs-data actions
/* bootstages.c - Core bootstage operations
*
* All bootstage operations, including simple mount in post-fs,
* magisk mount in post-fs-data, various image handling, script
* execution, load modules, install Magisk Manager etc.
*/
#include <stdlib.h>
@@ -20,8 +24,11 @@
static char *buf, *buf2;
static struct vector module_list;
static int seperate_vendor = 0;
#ifdef DEBUG
extern char **environ;
#ifdef MAGISK_DEBUG
static int debug_log_pid, debug_log_fd;
#endif
@@ -29,11 +36,15 @@ static int debug_log_pid, debug_log_fd;
* Node structure *
******************/
// Precedence: MODULE > SKEL > DUMMY
#define DO_NOTHING 0x0 /* intermediate node */
#define IS_DUMMY 0x1 /* mount from mirror */
#define IS_SKEL 0x2 /* mount from skeleton */
#define IS_MODULE 0x4 /* mount from module */
// Precedence: MODULE > SKEL > INTER > DUMMY
#define IS_DUMMY 0x01 /* mount from mirror */
#define IS_INTER 0x02 /* intermediate node */
#define IS_SKEL 0x04 /* mount from skeleton */
#define IS_MODULE 0x08 /* mount from module */
#define IS_DIR(n) (n->type == DT_DIR)
#define IS_LNK(n) (n->type == DT_LNK)
#define IS_REG(n) (n->type == DT_REG)
struct node_entry {
const char *module; /* Only used when status & IS_MODULE */
@@ -44,177 +55,18 @@ struct node_entry {
struct vector *children;
};
#define IS_DIR(n) (n->type == DT_DIR)
#define IS_LNK(n) (n->type == DT_LNK)
#define IS_REG(n) (n->type == DT_REG)
/******************
* Image handling *
******************/
static char *loopsetup(const char *img) {
char device[20];
struct loop_info64 info;
int i, lfd, ffd;
memset(&info, 0, sizeof(info));
// First get an empty loop device
for (i = 0; i <= 7; ++i) {
sprintf(device, "/dev/block/loop%d", i);
lfd = xopen(device, O_RDWR);
if (ioctl(lfd, LOOP_GET_STATUS64, &info) == -1)
break;
close(lfd);
}
if (i == 8) return NULL;
ffd = xopen(img, O_RDWR);
if (ioctl(lfd, LOOP_SET_FD, ffd) == -1)
return NULL;
strcpy((char *) info.lo_file_name, img);
ioctl(lfd, LOOP_SET_STATUS64, &info);
close(lfd);
close(ffd);
return strdup(device);
static void concat_path(struct node_entry *node) {
if (node->parent)
concat_path(node->parent);
int len = strlen(buf);
buf[len] = '/';
strcpy(buf + len + 1, node->name);
}
static char *mount_image(const char *img, const char *target) {
char *device = loopsetup(img);
if (device)
xmount(device, target, "ext4", 0, NULL);
return device;
}
static void umount_image(const char *target, const char *device) {
xumount(target);
int fd = xopen(device, O_RDWR);
ioctl(fd, LOOP_CLR_FD);
close(fd);
}
#define round_size(a) ((((a) / 32) + 2) * 32)
static int merge_img(const char *source, const char *target) {
if (access(source, F_OK) == -1)
return 0;
if (access(target, F_OK) == -1) {
rename(source, target);
return 0;
}
// resize target to worst case
int s_used, s_total, t_used, t_total, n_total;
get_img_size(source, &s_used, &s_total);
get_img_size(target, &t_used, &t_total);
n_total = round_size(s_used + t_used);
if (n_total != t_total && resize_img(target, n_total))
return 1;
xmkdir("/cache/source", 0755);
xmkdir("/cache/target", 0755);
char *s_loop, *t_loop;
s_loop = mount_image(source, "/cache/source");
if (s_loop == NULL) return 1;
t_loop = mount_image(target, "/cache/target");
if (t_loop == NULL) return 1;
DIR *dir;
struct dirent *entry;
if (!(dir = opendir("/cache/source")))
return 1;
while ((entry = xreaddir(dir))) {
if (entry->d_type == DT_DIR) {
if (strcmp(entry->d_name, ".") == 0 ||
strcmp(entry->d_name, "..") == 0 ||
strcmp(entry->d_name, ".core") == 0 ||
strcmp(entry->d_name, "lost+found") == 0)
continue;
// Cleanup old module
snprintf(buf, PATH_MAX, "/cache/target/%s", entry->d_name);
if (access(buf, F_OK) == 0) {
LOGI("merge module %s\n", entry->d_name);
rm_rf(buf);
}
}
}
closedir(dir);
clone_dir("/cache/source", "/cache/target");
// Unmount all loop devices
umount_image("/cache/source", s_loop);
umount_image("/cache/target", t_loop);
rmdir("/cache/source");
rmdir("/cache/target");
free(s_loop);
free(t_loop);
unlink(source);
return 0;
}
static void trim_img(const char *img) {
int used, total, new_size;
get_img_size(img, &used, &total);
new_size = round_size(used);
if (new_size != total)
resize_img(img, new_size);
}
/***********
* Scripts *
***********/
void exec_common_script(const char* stage) {
DIR *dir;
struct dirent *entry;
snprintf(buf, PATH_MAX, "%s/%s.d", COREDIR, stage);
if (!(dir = opendir(buf)))
return;
while ((entry = xreaddir(dir))) {
if (entry->d_type == DT_REG) {
snprintf(buf2, PATH_MAX, "%s/%s", buf, entry->d_name);
if (access(buf2, X_OK) == -1)
continue;
LOGI("%s.d: exec [%s]\n", stage, entry->d_name);
char *const command[] = { "sh", buf2, NULL };
int pid = run_command(0, NULL, "/system/bin/sh", command);
if (pid != -1)
waitpid(pid, NULL, 0);
}
}
closedir(dir);
}
void exec_module_script(const char* stage) {
char *module;
vec_for_each(&module_list, module) {
snprintf(buf, PATH_MAX, "%s/%s/%s.sh", MOUNTPOINT, module, stage);
if (access(buf, F_OK) == -1)
continue;
LOGI("%s: exec [%s.sh]\n", module, stage);
char *const command[] = { "sh", buf, NULL };
int pid = run_command(0, NULL, "/system/bin/sh", command);
if (pid != -1)
waitpid(pid, NULL, 0);
}
}
/***************
* Magic Mount *
***************/
static char *get_full_path(struct node_entry *node) {
char buffer[PATH_MAX], temp[PATH_MAX];
// Concat the paths
struct node_entry *cur = node;
strcpy(buffer, node->name);
while (cur->parent) {
strcpy(temp, buffer);
snprintf(buffer, sizeof(buffer), "%s/%s", cur->parent->name, temp);
cur = cur->parent;
}
return strdup(buffer);
buf[0] = '\0';
concat_path(node);
return strdup(buf);
}
// Free the node
@@ -248,9 +100,7 @@ static struct node_entry *insert_child(struct node_entry *p, struct node_entry *
// Exist duplicate
if (c->status > e->status) {
// Precedence is higher, replace with new node
c->children = e->children; // Preserve all children
free(e->name);
free(e);
destroy_subtree(e);
vec_entry(p->children)[_] = c;
return c;
} else {
@@ -265,6 +115,77 @@ static struct node_entry *insert_child(struct node_entry *p, struct node_entry *
return c;
}
/***********
* setenvs *
***********/
static void bb_setenv(struct vector *v) {
for (int i = 0; environ[i]; ++i) {
if (strncmp(environ[i], "PATH=", 5) == 0) {
snprintf(buf, PATH_MAX, "PATH=%s:%s", BBPATH, strchr(environ[i], '=') + 1);
vec_push_back(v, strdup(buf));
} else {
vec_push_back(v, strdup(environ[i]));
}
}
vec_push_back(v, NULL);
}
static void pm_setenv(struct vector *v) {
for (int i = 0; environ[i]; ++i) {
if (strncmp(environ[i], "CLASSPATH=", 10) != 0)
vec_push_back(v, strdup(environ[i]));
}
vec_push_back(v, strdup("CLASSPATH=/system/framework/pm.jar"));
vec_push_back(v, NULL);
}
/***********
* Scripts *
***********/
static void exec_common_script(const char* stage) {
DIR *dir;
struct dirent *entry;
snprintf(buf, PATH_MAX, "%s/%s.d", COREDIR, stage);
if (!(dir = opendir(buf)))
return;
while ((entry = xreaddir(dir))) {
if (entry->d_type == DT_REG) {
snprintf(buf2, PATH_MAX, "%s/%s", buf, entry->d_name);
if (access(buf2, X_OK) == -1)
continue;
LOGI("%s.d: exec [%s]\n", stage, entry->d_name);
int pid = exec_command(0, NULL, bb_setenv, "sh", buf2, NULL);
if (pid != -1)
waitpid(pid, NULL, 0);
}
}
closedir(dir);
}
static void exec_module_script(const char* stage) {
char *module;
vec_for_each(&module_list, module) {
snprintf(buf2, PATH_MAX, "%s/%s/%s.sh", MOUNTPOINT, module, stage);
snprintf(buf, PATH_MAX, "%s/%s/disable", MOUNTPOINT, module);
if (access(buf2, F_OK) == -1 || access(buf, F_OK) == 0)
continue;
LOGI("%s: exec [%s.sh]\n", module, stage);
int pid = exec_command(0, NULL, bb_setenv, "sh", buf2, NULL);
if (pid != -1)
waitpid(pid, NULL, 0);
}
}
/***************
* Magic Mount *
***************/
static void construct_tree(const char *module, struct node_entry *parent) {
DIR *dir;
struct dirent *entry;
@@ -285,29 +206,48 @@ static void construct_tree(const char *module, struct node_entry *parent) {
node->name = strdup(entry->d_name);
node->type = entry->d_type;
snprintf(buf, PATH_MAX, "%s/%s", parent_path, node->name);
// Check if the entry has a correspond target
/*
* Clone the parent in the following condition:
* 1. File in module is a symlink
* 2. Target file do not exist
* 3. Target file is a symlink, but not /system/vendor
*/
int clone = 0;
if (IS_LNK(node) || access(buf, F_OK) == -1) {
clone = 1;
} else if (parent->parent != NULL || strcmp(node->name, "vendor") != 0) {
struct stat s;
xstat(buf, &s);
if (S_ISLNK(s.st_mode))
clone = 1;
}
if (clone) {
// Mark the parent folder as a skeleton
parent->status |= IS_SKEL;
node->status |= IS_MODULE;
parent->status |= IS_SKEL; /* This will not overwrite if parent is module */
node->status = IS_MODULE;
} else if (IS_DIR(node)) {
// Check if marked as replace
snprintf(buf2, PATH_MAX, "%s/%s%s/.replace", MOUNTPOINT, module, buf);
if (access(buf2, F_OK) == 0) {
// Replace everything, mark as leaf
node->status |= IS_MODULE;
node->status = IS_MODULE;
} else {
// This will be an intermediate node
node->status = IS_INTER;
}
} else if (IS_REG(node)) {
// This is a leaf, mark as target
node->status |= IS_MODULE;
node->status = IS_MODULE;
}
node = insert_child(parent, node);
if (IS_DIR(node) && !(node->status & IS_MODULE)) {
// Intermediate node, travel deeper
if (node->status & (IS_SKEL | IS_INTER)) {
// Intermediate folder, travel deeper
construct_tree(module, node);
}
}
closedir(dir);
cleanup:
@@ -321,7 +261,8 @@ static void clone_skeleton(struct node_entry *node) {
// Clone the structure
char *full_path = get_full_path(node);
if (!(dir = opendir(full_path)))
snprintf(buf, PATH_MAX, "%s%s", MIRRDIR, full_path);
if (!(dir = opendir(buf)))
goto cleanup;
while ((entry = xreaddir(dir))) {
if (strcmp(entry->d_name, ".") == 0 || strcmp(entry->d_name, "..") == 0)
@@ -330,7 +271,7 @@ static void clone_skeleton(struct node_entry *node) {
dummy = xcalloc(sizeof(*dummy), 1);
dummy->name = strdup(entry->d_name);
dummy->type = entry->d_type;
dummy->status |= IS_DUMMY;
dummy->status = IS_DUMMY;
insert_child(node, dummy);
}
closedir(dir);
@@ -338,21 +279,31 @@ static void clone_skeleton(struct node_entry *node) {
snprintf(buf, PATH_MAX, "%s%s", DUMMDIR, full_path);
mkdir_p(buf, 0755);
clone_attr(full_path, buf);
bind_mount(buf, full_path);
if (node->status & IS_SKEL)
bind_mount(buf, full_path);
vec_for_each(node->children, child) {
snprintf(buf, PATH_MAX, "%s%s/%s", DUMMDIR, full_path, child->name);
// Create the dummy file/directory
if (IS_DIR(child))
xmkdir(buf, 0755);
else if (IS_REG(child))
close(open_new(buf));
// Links will be handled later
if (child->status & IS_MODULE) {
if (child->parent->parent == NULL && strcmp(child->name, "vendor") == 0) {
if (IS_LNK(child)) {
cp_afc(MIRRDIR "/system/vendor", "/system/vendor");
LOGI("cplink: %s -> %s\n", MIRRDIR "/system/vendor", "/system/vendor");
}
// Skip
continue;
} else if (child->status & IS_MODULE) {
// Mount from module file to dummy file
snprintf(buf2, PATH_MAX, "%s/%s%s/%s", MOUNTPOINT, child->module, full_path, child->name);
} else if (child->status & IS_SKEL) {
// It's another skeleton, recursive call and end
} else if (child->status & (IS_SKEL | IS_INTER)) {
// It's a intermediate folder, recursive clone
clone_skeleton(child);
continue;
} else if (child->status & IS_DUMMY) {
@@ -361,11 +312,8 @@ static void clone_skeleton(struct node_entry *node) {
}
if (IS_LNK(child)) {
// Symlink special treatments
char *temp = xmalloc(PATH_MAX);
xreadlink(buf2, temp, PATH_MAX);
symlink(temp, buf);
free(temp);
// Copy symlinks directly
cp_afc(buf2, buf);
LOGI("cplink: %s -> %s\n", buf2, buf);
} else {
snprintf(buf, PATH_MAX, "%s/%s", full_path, child->name);
@@ -381,31 +329,22 @@ static void magic_mount(struct node_entry *node) {
char *real_path;
struct node_entry *child;
if (strcmp(node->name, "vendor") == 0 && strcmp(node->parent->name, "/system") == 0) {
snprintf(buf, PATH_MAX, "%s/%s/system/vendor", MOUNTPOINT, node->module);
snprintf(buf2, PATH_MAX, "%s/%s/vendor", MOUNTPOINT, node->module);
unlink(buf2);
symlink(buf, buf2);
return;
}
if (node->status) {
if (node->status & IS_MODULE) {
// The real deal, mount module item
real_path = get_full_path(node);
snprintf(buf, PATH_MAX, "%s/%s%s", MOUNTPOINT, node->module, real_path);
bind_mount(buf, real_path);
free(real_path);
} else if (node->status & IS_SKEL) {
// The node is labeled to be cloned with skeleton, lets do it
clone_skeleton(node);
}
// We should not see dummies, so no need to handle it here
} else {
if (node->status & IS_MODULE) {
// The real deal, mount module item
real_path = get_full_path(node);
snprintf(buf, PATH_MAX, "%s/%s%s", MOUNTPOINT, node->module, real_path);
bind_mount(buf, real_path);
free(real_path);
} else if (node->status & IS_SKEL) {
// The node is labeled to be cloned with skeleton, lets do it
clone_skeleton(node);
} else if (node->status & IS_INTER) {
// It's an intermediate node, travel deeper
vec_for_each(node->children, child)
magic_mount(child);
}
// The only thing goes here should be vendor placeholder
// There should be no dummies, so don't need to handle it here
}
/****************
@@ -434,7 +373,7 @@ static void simple_mount(const char *path) {
free(new_path);
} else if (entry->d_type == DT_REG) {
// Actual file path
snprintf(buf, PATH_MAX, "%s/%s", buf, entry->d_name);
snprintf(buf, PATH_MAX, "%s%s", CACHEMOUNT, buf2);
// Clone all attributes
clone_attr(buf2, buf);
// Finally, mount the file
@@ -445,6 +384,107 @@ static void simple_mount(const char *path) {
closedir(dir);
}
/*****************
* Miscellaneous *
*****************/
static void mount_mirrors() {
LOGI("* Mounting mirrors");
struct vector mounts;
vec_init(&mounts);
file_to_vector("/proc/mounts", &mounts);
char *line;
vec_for_each(&mounts, line) {
if (strstr(line, " /system ")) {
sscanf(line, "%s", buf);
xmkdir_p(MIRRDIR "/system", 0755);
xmount(buf, MIRRDIR "/system", "ext4", MS_RDONLY, NULL);
LOGI("mount: %s -> %s\n", buf, MIRRDIR "/system");
continue;
}
if (strstr(line, " /vendor ")) {
seperate_vendor = 1;
sscanf(line, "%s", buf);
xmkdir_p(MIRRDIR "/vendor", 0755);
xmount(buf, MIRRDIR "/vendor", "ext4", MS_RDONLY, NULL);
LOGI("mount: %s -> %s\n", buf, MIRRDIR "/vendor");
continue;
}
}
vec_deep_destroy(&mounts);
if (!seperate_vendor) {
symlink(MIRRDIR "/system/vendor", MIRRDIR "/vendor");
LOGI("link: %s -> %s\n", MIRRDIR "/system/vendor", MIRRDIR "/vendor");
}
mkdir_p(MIRRDIR "/bin", 0755);
bind_mount(DATABIN, MIRRDIR "/bin");
}
static void link_busybox() {
mkdir_p(BBPATH, 0755);
exec_command_sync(MIRRDIR "/bin/busybox", "--install", "-s", BBPATH, NULL);
symlink(MIRRDIR "/bin/busybox", BBPATH "/busybox");
}
static int prepare_img() {
int new_img = 0;
if (access(MAINIMG, F_OK) == -1) {
if (create_img(MAINIMG, 64))
return 1;
new_img = 1;
}
LOGI("* Mounting " MAINIMG "\n");
// Mounting magisk image
char *magiskloop = mount_image(MAINIMG, MOUNTPOINT);
if (magiskloop == NULL)
return 1;
vec_init(&module_list);
if (new_img) {
xmkdir(COREDIR, 0755);
xmkdir(COREDIR "/post-fs-data.d", 0755);
xmkdir(COREDIR "/service.d", 0755);
xmkdir(COREDIR "/props", 0755);
} else {
DIR *dir = xopendir(MOUNTPOINT);
struct dirent *entry;
while ((entry = xreaddir(dir))) {
if (entry->d_type == DT_DIR) {
if (strcmp(entry->d_name, ".") == 0 ||
strcmp(entry->d_name, "..") == 0 ||
strcmp(entry->d_name, ".core") == 0 ||
strcmp(entry->d_name, "lost+found") == 0)
continue;
snprintf(buf, PATH_MAX, "%s/%s/remove", MOUNTPOINT, entry->d_name);
if (access(buf, F_OK) == 0) {
snprintf(buf, PATH_MAX, "%s/%s", MOUNTPOINT, entry->d_name);
exec_command_sync(BBPATH "/rm", "-rf", buf, NULL);
continue;
}
snprintf(buf, PATH_MAX, "%s/%s/disable", MOUNTPOINT, entry->d_name);
if (access(buf, F_OK) == 0)
continue;
vec_push_back(&module_list, strdup(entry->d_name));
}
}
closedir(dir);
// Trim image
umount_image(MOUNTPOINT, magiskloop);
free(magiskloop);
trim_img(MAINIMG);
// Remount them back :)
magiskloop = mount_image(MAINIMG, MOUNTPOINT);
free(magiskloop);
}
return 0;
}
/****************
* Entry points *
****************/
@@ -496,224 +536,154 @@ void post_fs_data(int client) {
if (!check_data())
goto unblock;
#ifdef DEBUG
#ifdef MAGISK_DEBUG
// Start debug logs in new process
debug_log_fd = xopen(DEBUG_LOG, O_WRONLY | O_CREAT | O_CLOEXEC | O_TRUNC, 0644);
char *const command[] = { "logcat", "-v", "brief", NULL };
debug_log_pid = run_command(0, &debug_log_fd, "/system/bin/logcat", command);
debug_log_pid = exec_command(0, &debug_log_fd, NULL, "logcat", "-v", "brief", NULL);
close(debug_log_fd);
#endif
LOGI("** post-fs-data mode running\n");
// uninstaller
if (access(UNINSTALLER, F_OK) == 0) {
close(open(UNBLOCKFILE, O_RDONLY | O_CREAT));
system("(BOOTMODE=true sh " UNINSTALLER ") &");
return;
}
// Allocate buffer
if (buf == NULL) buf = xmalloc(PATH_MAX);
if (buf2 == NULL) buf2 = xmalloc(PATH_MAX);
// Cache support
if (access("/cache/data_bin", F_OK) == 0) {
rm_rf(DATABIN);
rename("/cache/data_bin", DATABIN);
// Magisk binaries
char *bin_path = NULL;
if (access("/cache/data_bin", F_OK) == 0)
bin_path = "/cache/data_bin";
else if (access("/data/data/com.topjohnwu.magisk/install", F_OK) == 0)
bin_path = "/data/data/com.topjohnwu.magisk/install";
if (bin_path) {
exec_command_sync("rm", "-rf", DATABIN, NULL);
exec_command_sync("cp", "-r", bin_path, DATABIN, NULL);
exec_command_sync("rm", "-rf", bin_path, NULL);
exec_command_sync("chmod", "-R", "755", bin_path, NULL);
// Lazy.... use shell blob to match files
exec_command_sync("sh", "-c", "mv /data/magisk/stock_boot* /data", NULL);
}
// Magisk Manual Injector support
if (access("/data/local/tmp/magisk", F_OK) == 0) {
rm_rf(DATABIN);
rename("/data/local/tmp/magisk", DATABIN);
}
// Lazy.... use shell blob
system("mv /data/magisk/stock_boot* /data;");
// Link busybox
mount_mirrors();
link_busybox();
// Merge images
if (merge_img("/cache/magisk.img", MAINIMG))
if (merge_img("/cache/magisk.img", MAINIMG)) {
LOGE("Image merge %s -> %s failed!\n", "/cache/magisk.img", MAINIMG);
goto unblock;
if (merge_img("/data/magisk_merge.img", MAINIMG))
}
if (merge_img("/data/magisk_merge.img", MAINIMG)) {
LOGE("Image merge %s -> %s failed!\n", "/data/magisk_merge.img", MAINIMG);
goto unblock;
int new_img = 0;
if (access(MAINIMG, F_OK) == -1) {
if (create_img(MAINIMG, 64))
goto unblock;
new_img = 1;
}
// Initialize resetprop for the daemon
init_resetprop();
LOGI("* Mounting " MAINIMG "\n");
// Mounting magisk image
char *magiskloop = mount_image(MAINIMG, MOUNTPOINT);
if (magiskloop == NULL)
goto unblock;
if (new_img) {
mkdir(COREDIR, 0755);
mkdir(COREDIR "/post-fs-data.d", 0755);
mkdir(COREDIR "/service.d", 0755);
mkdir(COREDIR "/props", 0755);
// uninstaller
if (access(UNINSTALLER, F_OK) == 0) {
close(open(UNBLOCKFILE, O_RDONLY | O_CREAT));
setenv("BOOTMODE", "true", 1);
exec_command(0, NULL, bb_setenv, "sh", UNINSTALLER, NULL);
return;
}
// Trim, mount magisk.img, which will also travel through the modules
// After this, it will create the module list
if (prepare_img())
goto core_only; // Mounting fails, we can only do core only stuffs
// Run common scripts
LOGI("* Running post-fs-data.d scripts\n");
exec_common_script("post-fs-data");
// Core only mode
if (access(DISABLEFILE, F_OK) == 0)
goto unblock;
DIR *dir;
struct dirent *entry;
char *module;
struct node_entry *sys_root, *ven_root = NULL, *child;
dir = xopendir(MOUNTPOINT);
// Create the system root entry
sys_root = xcalloc(sizeof(*sys_root), 1);
sys_root->name = strdup("/system");
int has_modules = 0;
// Travel through each modules
vec_init(&module_list);
LOGI("* Loading modules\n");
while ((entry = xreaddir(dir))) {
if (entry->d_type == DT_DIR) {
if (strcmp(entry->d_name, ".") == 0 ||
strcmp(entry->d_name, "..") == 0 ||
strcmp(entry->d_name, ".core") == 0 ||
strcmp(entry->d_name, "lost+found") == 0)
continue;
snprintf(buf, PATH_MAX, "%s/%s", MOUNTPOINT, entry->d_name);
// Check whether remove
snprintf(buf2, PATH_MAX, "%s/remove", buf);
if (access(buf2, F_OK) == 0) {
rm_rf(buf);
continue;
}
// Check whether disable
snprintf(buf2, PATH_MAX, "%s/disable", buf);
if (access(buf2, F_OK) == 0)
continue;
// Add the module to list
module = strdup(entry->d_name);
vec_push_back(&module_list, module);
// Read props
snprintf(buf2, PATH_MAX, "%s/system.prop", buf);
if (access(buf2, F_OK) == 0) {
LOGI("%s: loading [system.prop]\n", module);
read_prop_file(buf2, 0);
}
// Check whether enable auto_mount
snprintf(buf2, PATH_MAX, "%s/auto_mount", buf);
if (access(buf2, F_OK) == -1)
continue;
// Double check whether the system folder exists
snprintf(buf2, PATH_MAX, "%s/system", buf);
if (access(buf2, F_OK) == -1)
continue;
// Construct structure
has_modules = 1;
LOGI("%s: constructing magic mount structure\n", module);
construct_tree(module, sys_root);
}
}
closedir(dir);
// Trim image
umount_image(MOUNTPOINT, magiskloop);
free(magiskloop);
trim_img(MAINIMG);
// Remount them back :)
magiskloop = mount_image(MAINIMG, MOUNTPOINT);
free(magiskloop);
if (has_modules) {
// Mount mirrors
LOGI("* Mounting system/vendor mirrors");
int seperate_vendor = 0;
struct vector mounts;
vec_init(&mounts);
file_to_vector("/proc/mounts", &mounts);
char *line;
vec_for_each(&mounts, line) {
if (strstr(line, " /system ")) {
sscanf(line, "%s", buf);
snprintf(buf2, PATH_MAX, "%s/system", MIRRDIR);
xmkdir_p(buf2, 0755);
xmount(buf, buf2, "ext4", MS_RDONLY, NULL);
LOGI("mount: %s -> %s\n", buf, buf2);
continue;
}
if (strstr(line, " /vendor ")) {
seperate_vendor = 1;
sscanf(line, "%s", buf);
snprintf(buf2, PATH_MAX, "%s/vendor", MIRRDIR);
xmkdir_p(buf2, 0755);
xmount(buf, buf2, "ext4", MS_RDONLY, NULL);
LOGI("mount: %s -> %s\n", buf, buf2);
continue;
}
}
vec_deep_destroy(&mounts);
if (!seperate_vendor) {
snprintf(buf, PATH_MAX, "%s/system/vendor", MIRRDIR);
snprintf(buf2, PATH_MAX, "%s/vendor", MIRRDIR);
symlink(buf, buf2);
LOGI("link: %s -> %s\n", buf, buf2);
}
// Magic!!
magic_mount(sys_root);
// Get the vendor node if exists
vec_for_each(sys_root->children, child) {
if (strcmp(child->name, "vendor") == 0) {
ven_root = child;
free(ven_root->name);
ven_root->name = strdup("/vendor");
ven_root->parent = NULL;
break;
}
}
if (ven_root)
magic_mount(ven_root);
}
// Cleanup memory
destroy_subtree(sys_root);
goto core_only;
// Execute module scripts
LOGI("* Running module post-fs-data scripts\n");
exec_module_script("post-fs-data");
char *module;
struct node_entry *sys_root, *ven_root = NULL, *child;
// Create the system root entry
sys_root = xcalloc(sizeof(*sys_root), 1);
sys_root->name = strdup("system");
sys_root->status = IS_INTER;
int has_modules = 0;
LOGI("* Loading modules\n");
vec_for_each(&module_list, module) {
// Read props
snprintf(buf, PATH_MAX, "%s/%s/system.prop", MOUNTPOINT, module);
if (access(buf, F_OK) == 0) {
LOGI("%s: loading [system.prop]\n", module);
read_prop_file(buf, 0);
}
// Check whether enable auto_mount
snprintf(buf, PATH_MAX, "%s/%s/auto_mount", MOUNTPOINT, module);
if (access(buf, F_OK) == -1)
continue;
// Double check whether the system folder exists
snprintf(buf, PATH_MAX, "%s/%s/system", MOUNTPOINT, module);
if (access(buf, F_OK) == -1)
continue;
// Construct structure
has_modules = 1;
LOGI("%s: constructing magic mount structure\n", module);
// If /system/vendor exists in module, create a link outside
snprintf(buf, PATH_MAX, "%s/%s/system/vendor", MOUNTPOINT, module);
if (access(buf, F_OK) == 0) {
snprintf(buf2, PATH_MAX, "%s/%s/vendor", MOUNTPOINT, module);
unlink(buf2);
symlink(buf, buf2);
}
construct_tree(module, sys_root);
}
if (has_modules) {
// Extract the vendor node out of system tree and swap with placeholder
vec_for_each(sys_root->children, child) {
if (strcmp(child->name, "vendor") == 0) {
ven_root = child;
child = xcalloc(sizeof(*child), 1);
child->type = seperate_vendor ? DT_LNK : DT_DIR;
child->parent = ven_root->parent;
child->name = strdup("vendor");
child->status = 0;
// Swap!
vec_entry(sys_root->children)[_] = child;
ven_root->parent = NULL;
break;
}
}
// Magic!!
magic_mount(sys_root);
if (ven_root) magic_mount(ven_root);
}
// Cleanup memory
destroy_subtree(sys_root);
if (ven_root) destroy_subtree(ven_root);
core_only:
// Systemless hosts
if (access(HOSTSFILE, F_OK) == 0) {
LOGI("* Enabling systemless hosts file support");
bind_mount(HOSTSFILE, "/system/etc/hosts");
}
// Start magiskhide if enabled
// Enable magiskhide by default, only disable when set explicitly
char *hide_prop = getprop(MAGISKHIDE_PROP);
if (hide_prop) {
if (strcmp(hide_prop, "1") == 0) {
pthread_t thread;
xpthread_create(&thread, NULL, start_magisk_hide, NULL);
pthread_detach(thread);
}
free(hide_prop);
if (hide_prop == NULL || strcmp(hide_prop, "0") != 0) {
pthread_t thread;
xpthread_create(&thread, NULL, start_magisk_hide, NULL);
pthread_detach(thread);
}
free(hide_prop);
unblock:
unblock_boot_process();
@@ -735,25 +705,32 @@ void late_start(int client) {
// Run scripts after full patch, most reliable way to run scripts
LOGI("* Running service.d scripts\n");
exec_common_script("service");
// Core only mode
if (access(DISABLEFILE, F_OK) == 0)
goto core_only;
LOGI("* Running module service scripts\n");
exec_module_script("service");
core_only:
// Install Magisk Manager if exists
if (access(MANAGERAPK, F_OK) == 0) {
while(1) {
while (1) {
sleep(5);
char *const command[] = { "sh", "-c",
"CLASSPATH=/system/framework/pm.jar "
"/system/bin/app_process /system/bin "
"com.android.commands.pm.Pm install -r " MANAGERAPK, NULL };
int apk_res = 0, pid;
pid = run_command(1, &apk_res, "/system/bin/sh", command);
waitpid(pid, NULL, 0);
fdgets(buf, PATH_MAX, apk_res);
close(apk_res);
// Keep trying until pm is started
if (strstr(buf, "Error:") == NULL)
break;
int apk_res = -1, pid;
pid = exec_command(1, &apk_res, pm_setenv,
"app_process",
"/system/bin", "com.android.commands.pm.Pm",
"install", "-r", MANAGERAPK, NULL);
if (pid != -1) {
waitpid(pid, NULL, 0);
fdgets(buf, PATH_MAX, apk_res);
close(apk_res);
// Keep trying until pm is started
if (strstr(buf, "Error:") == NULL)
break;
}
}
unlink(MANAGERAPK);
}
@@ -761,13 +738,12 @@ void late_start(int client) {
// All boot stage done, cleanup everything
free(buf);
free(buf2);
buf = buf2 = NULL;
vec_deep_destroy(&module_list);
#ifdef DEBUG
#ifdef MAGISK_DEBUG
// Stop recording the boot logcat after every boot task is done
extern int debug_log_pid, debug_log_fd;
kill(debug_log_pid, SIGTERM);
waitpid(debug_log_pid, NULL, 0);
close(debug_log_fd);
#endif
}

34
jni/daemon/daemon.c
View File

@@ -23,7 +23,6 @@
#include "magiskpolicy.h"
pthread_t sepol_patch;
int null_fd;
static void *request_handler(void *args) {
// Setup the default error handler for threads
@@ -41,6 +40,7 @@ static void *request_handler(void *args) {
case STOP_MAGISKHIDE:
case ADD_HIDELIST:
case RM_HIDELIST:
case LS_HIDELIST:
case POST_FS:
case POST_FS_DATA:
case LATE_START:
@@ -66,6 +66,9 @@ static void *request_handler(void *args) {
case RM_HIDELIST:
rm_hide_list(client);
break;
case LS_HIDELIST:
ls_hide_list(client);
break;
case SUPERUSER:
su_daemon_receiver(client);
break;
@@ -89,20 +92,15 @@ static void *request_handler(void *args) {
default:
break;
}
// Just in case
close(client);
return NULL;
}
/* Setup the address and return socket fd */
static int setup_socket(struct sockaddr_un *sun) {
int fd = xsocket(AF_LOCAL, SOCK_STREAM, 0);
if (fcntl(fd, F_SETFD, FD_CLOEXEC))
PLOGE("fcntl FD_CLOEXEC");
int fd = xsocket(AF_LOCAL, SOCK_STREAM | SOCK_CLOEXEC, 0);
memset(sun, 0, sizeof(*sun));
sun->sun_family = AF_LOCAL;
memcpy(sun->sun_path, REQUESTOR_DAEMON_PATH, REQUESTOR_DAEMON_PATH_LEN);
memcpy(sun->sun_path, REQUESTOR_DAEMON_PATH, sizeof(REQUESTOR_DAEMON_PATH) - 1);
return fd;
}
@@ -137,10 +135,11 @@ void start_daemon(int client) {
xsetsid();
setcon("u:r:su:s0");
umask(022);
null_fd = xopen("/dev/null", O_RDWR | O_CLOEXEC);
xdup2(null_fd, STDIN_FILENO);
xdup2(null_fd, STDOUT_FILENO);
xdup2(null_fd, STDERR_FILENO);
int fd = xopen("/dev/null", O_RDWR | O_CLOEXEC);
xdup2(fd, STDIN_FILENO);
xdup2(fd, STDOUT_FILENO);
xdup2(fd, STDERR_FILENO);
close(fd);
// Patch selinux with medium patch before we do anything
load_policydb(SELINUX_POLICY);
@@ -151,7 +150,7 @@ void start_daemon(int client) {
pthread_create(&sepol_patch, NULL, large_sepol_patch, NULL);
struct sockaddr_un sun;
int fd = setup_socket(&sun);
fd = setup_socket(&sun);
xbind(fd, (struct sockaddr*) &sun, sizeof(sun));
xlisten(fd, 10);
@@ -162,7 +161,7 @@ void start_daemon(int client) {
// It should stay intact under any circumstances
err_handler = do_nothing;
LOGI("Magisk v" xstr(MAGISK_VERSION) " daemon started\n");
LOGI("Magisk v" xstr(MAGISK_VERSION) "(" xstr(MAGISK_VER_CODE) ") daemon started\n");
// Unlock all blocks for rw
unlock_blocks();
@@ -171,16 +170,14 @@ void start_daemon(int client) {
xmount(NULL, "/", NULL, MS_REMOUNT, NULL);
create_links(NULL, "/sbin");
xchmod("/sbin", 0755);
mkdir("/magisk", 0755);
xmkdir("/magisk", 0755);
xchmod("/magisk", 0755);
xmount(NULL, "/", NULL, MS_REMOUNT | MS_RDONLY, NULL);
// Loop forever to listen for requests
while(1) {
int *client = xmalloc(sizeof(int));
*client = xaccept(fd, NULL, NULL);
// Just in case, set to close on exec
fcntl(*client, F_SETFD, FD_CLOEXEC);
*client = xaccept4(fd, NULL, NULL, SOCK_CLOEXEC);
pthread_t thread;
xpthread_create(&thread, NULL, request_handler, client);
// Detach the thread, we will never join it
@@ -192,7 +189,6 @@ void start_daemon(int client) {
int connect_daemon() {
struct sockaddr_un sun;
int fd = setup_socket(&sun);
// LOGD("client: trying to connect socket\n");
if (connect(fd, (struct sockaddr*) &sun, sizeof(sun))) {
/* If we cannot access the daemon, we start the daemon
* since there is no clear entry point when the daemon should be started

9
jni/daemon/log_monitor.c
View File

@@ -26,15 +26,14 @@ static void *logger_thread(void *args) {
while (1) {
// Start logcat
char *const command[] = { "logcat", "-s", "Magisk", "-v", "thread", NULL };
log_pid = run_command(0, &log_fd, "/system/bin/logcat", command);
waitpid(log_pid, NULL, 0);
log_pid = exec_command(0, &log_fd, NULL, "logcat", "-s", "Magisk", "-v", "thread", NULL);
if (log_pid > 0)
waitpid(log_pid, NULL, 0);
// For some reason it went here, clear buffer and restart
system("logcat -c");
exec_command_sync("logcat", "-c", NULL);
}
// Should never be here, but well...
close(log_fd);
return NULL;
}

43
jni/main.c → jni/daemon/magisk.c
View File

@@ -22,34 +22,38 @@ __thread void (*err_handler)(void);
static void usage() {
fprintf(stderr,
"Magisk v" xstr(MAGISK_VERSION) " multi-call binary\n"
"Magisk v" xstr(MAGISK_VERSION) "(" xstr(MAGISK_VER_CODE) ") (by topjohnwu) multi-call binary\n"
"\n"
"Usage: %s [applet [arguments]...]\n"
" or: %s --install [SOURCE] <DIR> \n"
" or: %s --install [SOURCE] DIR\n"
" if SOURCE not provided, will link itself\n"
" or: %s --list\n"
" or: %s --createimg <PATH> <SIZE>\n"
" or: %s --createimg IMG SIZE\n"
" create ext4 image, SIZE is interpreted in MB\n"
" or: %s --imgsize <PATH>\n"
" or: %s --resizeimg <PATH> <SIZE>\n"
" or: %s --imgsize IMG\n"
" or: %s --resizeimg IMG SIZE\n"
" SIZE is interpreted in MB\n"
" or: %s --mountimg IMG PATH\n"
" mount IMG to PATH and prints the loop device\n"
" or: %s --umountimg PATH LOOP\n"
" or: %s --[boot stage]\n"
" start boot stage service\n"
" or: %s [options]\n"
" or: applet [arguments]...\n"
"\n"
"Supported boot stages:\n"
" post-fs, post-fs-data, service\n"
" post-fs, post-fs-data, service\n"
"\n"
"Options:\n"
" -c print client version\n"
" -v print daemon version\n"
" -V print daemon version code\n"
" -c print client version\n"
" -v print daemon version\n"
" -V print daemon version code\n"
"\n"
"Supported applets:\n"
, argv0, argv0, argv0, argv0, argv0, argv0, argv0, argv0);
, argv0, argv0, argv0, argv0, argv0, argv0, argv0, argv0, argv0, argv0);
for (int i = 0; applet[i]; ++i) {
fprintf(stderr, i ? ", %s" : " %s", applet[i]);
fprintf(stderr, i ? ", %s" : " %s", applet[i]);
}
fprintf(stderr, "\n");
exit(1);
@@ -99,7 +103,7 @@ int main(int argc, char *argv[]) {
fprintf(stderr, "Cannot check %s size\n", argv[2]);
return 1;
}
printf("Used: %dM\tTotal: %dM\n", used, total);
printf("%d %d\n", used, total);
return 0;
} else if (strcmp(argv[1], "--resizeimg") == 0) {
if (argc < 4) usage();
@@ -114,6 +118,21 @@ int main(int argc, char *argv[]) {
return 1;
}
return resize_img(argv[2], size);
} else if (strcmp(argv[1], "--mountimg") == 0) {
if (argc < 4) usage();
char *loop = mount_image(argv[2], argv[3]);
if (loop == NULL) {
fprintf(stderr, "Cannot mount image!\n");
return 1;
} else {
printf("%s\n", loop);
free(loop);
return 0;
}
} else if (strcmp(argv[1], "--umountimg") == 0) {
if (argc < 4) usage();
umount_image(argv[2], argv[3]);
return 0;
} else if (strcmp(argv[1], "--post-fs") == 0) {
int fd = connect_daemon();
write_int(fd, POST_FS);

13
jni/external/Android.mk vendored Normal file
View File

@@ -0,0 +1,13 @@
LOCAL_PATH:= $(call my-dir)
# libsqlite.so (stub)
include $(CLEAR_VARS)
LOCAL_MODULE:= libsqlite
LOCAL_SRC_FILES := sqlite3_stub.c
include $(BUILD_SHARED_LIBRARY)
# libselinux.so (stub)
include $(CLEAR_VARS)
LOCAL_MODULE:= libselinux
LOCAL_SRC_FILES := selinux_stub.c
include $(BUILD_SHARED_LIBRARY)

1029
jni/external/selinux/av_permissions.h vendored Normal file
View File

File diff suppressed because it is too large Load Diff

511
jni/external/selinux/avc.h vendored Normal file
View File

@@ -0,0 +1,511 @@
/*
* Access vector cache interface for object managers.
*
* Author : Eamon Walsh <ewalsh@epoch.ncsc.mil>
*/
#ifndef _SELINUX_AVC_H_
#define _SELINUX_AVC_H_
#include <stdint.h>
#include <errno.h>
#include <stdlib.h>
#include <selinux/selinux.h>
#ifdef __cplusplus
extern "C" {
#endif
/*
* SID format and operations
*/
struct security_id {
char * ctx;
unsigned int refcnt;
};
typedef struct security_id *security_id_t;
#define SECSID_WILD (security_id_t)NULL /* unspecified SID */
/**
* avc_sid_to_context - get copy of context corresponding to SID.
* @sid: input SID
* @ctx: pointer to context reference
*
* Return a copy of the security context corresponding to the input
* @sid in the memory referenced by @ctx. The caller is expected to
* free the context with freecon(). Return %0 on success, -%1 on
* failure, with @errno set to %ENOMEM if insufficient memory was
* available to make the copy, or %EINVAL if the input SID is invalid.
*/
int avc_sid_to_context(security_id_t sid, char ** ctx);
int avc_sid_to_context_raw(security_id_t sid, char ** ctx);
/**
* avc_context_to_sid - get SID for context.
* @ctx: input security context
* @sid: pointer to SID reference
*
* Look up security context @ctx in SID table, making
* a new entry if @ctx is not found. Increment the
* reference counter for the SID. Store a pointer
* to the SID structure into the memory referenced by @sid,
* returning %0 on success or -%1 on error with @errno set.
*/
int avc_context_to_sid(const char * ctx, security_id_t * sid);
int avc_context_to_sid_raw(const char * ctx, security_id_t * sid);
/**
* sidget - increment SID reference counter.
* @sid: SID reference
*
* Increment the reference counter for @sid, indicating that
* @sid is in use by an (additional) object. Return the
* new reference count, or zero if @sid is invalid (has zero
* reference count). Note that avc_context_to_sid() also
* increments reference counts.
*/
int sidget(security_id_t sid);
/**
* sidput - decrement SID reference counter.
* @sid: SID reference
*
* Decrement the reference counter for @sid, indicating that
* a reference to @sid is no longer in use. Return the
* new reference count. When the reference count reaches
* zero, the SID is invalid, and avc_context_to_sid() must
* be called to obtain a new SID for the security context.
*/
int sidput(security_id_t sid);
/**
* avc_get_initial_sid - get SID for an initial kernel security identifier
* @name: input name of initial kernel security identifier
* @sid: pointer to a SID reference
*
* Get the context for an initial kernel security identifier specified by
* @name using security_get_initial_context() and then call
* avc_context_to_sid() to get the corresponding SID.
*/
int avc_get_initial_sid(const char *name, security_id_t * sid);
/*
* AVC entry
*/
struct avc_entry;
struct avc_entry_ref {
struct avc_entry *ae;
};
/**
* avc_entry_ref_init - initialize an AVC entry reference.
* @aeref: pointer to avc entry reference structure
*
* Use this macro to initialize an avc entry reference structure
* before first use. These structures are passed to avc_has_perm(),
* which stores cache entry references in them. They can increase
* performance on repeated queries.
*/
#define avc_entry_ref_init(aeref) ((aeref)->ae = NULL)
/*
* User-provided callbacks for memory, auditing, and locking
*/
/* These structures are passed by reference to avc_init(). Passing
* a NULL reference will cause the AVC to use a default. The default
* memory callbacks are malloc() and free(). The default logging method
* is to print on stderr. If no thread callbacks are passed, a separate
* listening thread won't be started for kernel policy change messages.
* If no locking callbacks are passed, no locking will take place.
*/
struct avc_memory_callback {
/* malloc() equivalent. */
void *(*func_malloc) (size_t size);
/* free() equivalent. */
void (*func_free) (void *ptr);
/* Note that these functions should set errno on failure.
If not, some avc routines may return -1 without errno set. */
};
struct avc_log_callback {
/* log the printf-style format and arguments. */
void
#ifdef __GNUC__
__attribute__ ((format(printf, 1, 2)))
#endif
(*func_log) (const char *fmt, ...);
/* store a string representation of auditdata (corresponding
to the given security class) into msgbuf. */
void (*func_audit) (void *auditdata, security_class_t cls,
char *msgbuf, size_t msgbufsize);
};
struct avc_thread_callback {
/* create and start a thread, returning an opaque pointer to it;
the thread should run the given function. */
void *(*func_create_thread) (void (*run) (void));
/* cancel a given thread and free its resources. */
void (*func_stop_thread) (void *thread);
};
struct avc_lock_callback {
/* create a lock and return an opaque pointer to it. */
void *(*func_alloc_lock) (void);
/* obtain a given lock, blocking if necessary. */
void (*func_get_lock) (void *lock);
/* release a given lock. */
void (*func_release_lock) (void *lock);
/* destroy a given lock (free memory, etc.) */
void (*func_free_lock) (void *lock);
};
/*
* Available options
*/
/* no-op option, useful for unused slots in an array of options */
#define AVC_OPT_UNUSED 0
/* override kernel enforcing mode (boolean value) */
#define AVC_OPT_SETENFORCE 1
/*
* AVC operations
*/
/**
* avc_init - Initialize the AVC.
* @msgprefix: prefix for log messages
* @mem_callbacks: user-supplied memory callbacks
* @log_callbacks: user-supplied logging callbacks
* @thread_callbacks: user-supplied threading callbacks
* @lock_callbacks: user-supplied locking callbacks
*
* Initialize the access vector cache. Return %0 on
* success or -%1 with @errno set on failure.
* If @msgprefix is NULL, use "uavc". If any callback
* structure references are NULL, use default methods
* for those callbacks (see the definition of the callback
* structures above).
*/
int avc_init(const char *msgprefix,
const struct avc_memory_callback *mem_callbacks,
const struct avc_log_callback *log_callbacks,
const struct avc_thread_callback *thread_callbacks,
const struct avc_lock_callback *lock_callbacks);
/**
* avc_open - Initialize the AVC.
* @opts: array of selabel_opt structures specifying AVC options or NULL.
* @nopts: number of elements in opts array or zero for no options.
*
* This function is identical to avc_init(), except the message prefix
* is set to "avc" and any callbacks desired should be specified via
* selinux_set_callback(). Available options are listed above.
*/
int avc_open(struct selinux_opt *opts, unsigned nopts);
/**
* avc_cleanup - Remove unused SIDs and AVC entries.
*
* Search the SID table for SID structures with zero
* reference counts, and remove them along with all
* AVC entries that reference them. This can be used
* to return memory to the system.
*/
void avc_cleanup(void);
/**
* avc_reset - Flush the cache and reset statistics.
*
* Remove all entries from the cache and reset all access
* statistics (as returned by avc_cache_stats()) to zero.
* The SID mapping is not affected. Return %0 on success,
* -%1 with @errno set on error.
*/
int avc_reset(void);
/**
* avc_destroy - Free all AVC structures.
*
* Destroy all AVC structures and free all allocated
* memory. User-supplied locking, memory, and audit
* callbacks will be retained, but security-event
* callbacks will not. All SID's will be invalidated.
* User must call avc_init() if further use of AVC is desired.
*/
void avc_destroy(void);
/**
* avc_has_perm_noaudit - Check permissions but perform no auditing.
* @ssid: source security identifier
* @tsid: target security identifier
* @tclass: target security class
* @requested: requested permissions, interpreted based on @tclass
* @aeref: AVC entry reference
* @avd: access vector decisions
*
* Check the AVC to determine whether the @requested permissions are granted
* for the SID pair (@ssid, @tsid), interpreting the permissions
* based on @tclass, and call the security server on a cache miss to obtain
* a new decision and add it to the cache. Update @aeref to refer to an AVC
* entry with the resulting decisions, and return a copy of the decisions
* in @avd. Return %0 if all @requested permissions are granted, -%1 with
* @errno set to %EACCES if any permissions are denied, or to another value
* upon other errors. This function is typically called by avc_has_perm(),
* but may also be called directly to separate permission checking from
* auditing, e.g. in cases where a lock must be held for the check but
* should be released for the auditing.
*/
int avc_has_perm_noaudit(security_id_t ssid,
security_id_t tsid,
security_class_t tclass,
access_vector_t requested,
struct avc_entry_ref *aeref, struct av_decision *avd);
/**
* avc_has_perm - Check permissions and perform any appropriate auditing.
* @ssid: source security identifier
* @tsid: target security identifier
* @tclass: target security class
* @requested: requested permissions, interpreted based on @tclass
* @aeref: AVC entry reference
* @auditdata: auxiliary audit data
*
* Check the AVC to determine whether the @requested permissions are granted
* for the SID pair (@ssid, @tsid), interpreting the permissions
* based on @tclass, and call the security server on a cache miss to obtain
* a new decision and add it to the cache. Update @aeref to refer to an AVC
* entry with the resulting decisions. Audit the granting or denial of
* permissions in accordance with the policy. Return %0 if all @requested
* permissions are granted, -%1 with @errno set to %EACCES if any permissions
* are denied or to another value upon other errors.
*/
int avc_has_perm(security_id_t ssid, security_id_t tsid,
security_class_t tclass, access_vector_t requested,
struct avc_entry_ref *aeref, void *auditdata);
/**
* avc_audit - Audit the granting or denial of permissions.
* @ssid: source security identifier
* @tsid: target security identifier
* @tclass: target security class
* @requested: requested permissions
* @avd: access vector decisions
* @result: result from avc_has_perm_noaudit
* @auditdata: auxiliary audit data
*
* Audit the granting or denial of permissions in accordance
* with the policy. This function is typically called by
* avc_has_perm() after a permission check, but can also be
* called directly by callers who use avc_has_perm_noaudit()
* in order to separate the permission check from the auditing.
* For example, this separation is useful when the permission check must
* be performed under a lock, to allow the lock to be released
* before calling the auditing code.
*/
void avc_audit(security_id_t ssid, security_id_t tsid,
security_class_t tclass, access_vector_t requested,
struct av_decision *avd, int result, void *auditdata);
/**
* avc_compute_create - Compute SID for labeling a new object.
* @ssid: source security identifier
* @tsid: target security identifier
* @tclass: target security class
* @newsid: pointer to SID reference
*
* Call the security server to obtain a context for labeling a
* new object. Look up the context in the SID table, making
* a new entry if not found. Increment the reference counter
* for the SID. Store a pointer to the SID structure into the
* memory referenced by @newsid, returning %0 on success or -%1 on
* error with @errno set.
*/
int avc_compute_create(security_id_t ssid,
security_id_t tsid,
security_class_t tclass, security_id_t * newsid);
/**
* avc_compute_member - Compute SID for polyinstantation.
* @ssid: source security identifier
* @tsid: target security identifier
* @tclass: target security class
* @newsid: pointer to SID reference
*
* Call the security server to obtain a context for labeling an
* object instance. Look up the context in the SID table, making
* a new entry if not found. Increment the reference counter
* for the SID. Store a pointer to the SID structure into the
* memory referenced by @newsid, returning %0 on success or -%1 on
* error with @errno set.
*/
int avc_compute_member(security_id_t ssid,
security_id_t tsid,
security_class_t tclass, security_id_t * newsid);
/*
* security event callback facility
*/
/* security events */
#define AVC_CALLBACK_GRANT 1
#define AVC_CALLBACK_TRY_REVOKE 2
#define AVC_CALLBACK_REVOKE 4
#define AVC_CALLBACK_RESET 8
#define AVC_CALLBACK_AUDITALLOW_ENABLE 16
#define AVC_CALLBACK_AUDITALLOW_DISABLE 32
#define AVC_CALLBACK_AUDITDENY_ENABLE 64
#define AVC_CALLBACK_AUDITDENY_DISABLE 128
/**
* avc_add_callback - Register a callback for security events.
* @callback: callback function
* @events: bitwise OR of desired security events
* @ssid: source security identifier or %SECSID_WILD
* @tsid: target security identifier or %SECSID_WILD
* @tclass: target security class
* @perms: permissions
*
* Register a callback function for events in the set @events
* related to the SID pair (@ssid, @tsid) and
* and the permissions @perms, interpreting
* @perms based on @tclass. Returns %0 on success or
* -%1 if insufficient memory exists to add the callback.
*/
int avc_add_callback(int (*callback)
(uint32_t event, security_id_t ssid,
security_id_t tsid, security_class_t tclass,
access_vector_t perms,
access_vector_t * out_retained),
uint32_t events, security_id_t ssid,
security_id_t tsid, security_class_t tclass,
access_vector_t perms);
/*
* AVC statistics
*/
/* If set, cache statistics are tracked. This may
* become a compile-time option in the future.
*/
#define AVC_CACHE_STATS 1
struct avc_cache_stats {
unsigned entry_lookups;
unsigned entry_hits;
unsigned entry_misses;
unsigned entry_discards;
unsigned cav_lookups;
unsigned cav_hits;
unsigned cav_probes;
unsigned cav_misses;
};
/**
* avc_cache_stats - get cache access statistics.
* @stats: reference to statistics structure
*
* Fill the supplied structure with information about AVC
* activity since the last call to avc_init() or
* avc_reset(). See the structure definition for
* details.
*/
void avc_cache_stats(struct avc_cache_stats *stats);
/**
* avc_av_stats - log av table statistics.
*
* Log a message with information about the size and
* distribution of the access vector table. The audit
* callback is used to print the message.
*/
void avc_av_stats(void);
/**
* avc_sid_stats - log SID table statistics.
*
* Log a message with information about the size and
* distribution of the SID table. The audit callback
* is used to print the message.
*/
void avc_sid_stats(void);
/**
* avc_netlink_open - Create a netlink socket and connect to the kernel.
*/
int avc_netlink_open(int blocking);
/**
* avc_netlink_loop - Wait for netlink messages from the kernel
*/
void avc_netlink_loop(void);
/**
* avc_netlink_close - Close the netlink socket
*/
void avc_netlink_close(void);
/**
* avc_netlink_acquire_fd - Acquire netlink socket fd.
*
* Allows the application to manage messages from the netlink socket in
* its own main loop.
*/
int avc_netlink_acquire_fd(void);
/**
* avc_netlink_release_fd - Release netlink socket fd.
*
* Returns ownership of the netlink socket to the library.
*/
void avc_netlink_release_fd(void);
/**
* avc_netlink_check_nb - Check netlink socket for new messages.
*
* Called by the application when using avc_netlink_acquire_fd() to
* process kernel netlink events.
*/
int avc_netlink_check_nb(void);
/**
* selinux_status_open - Open and map SELinux kernel status page
*
*/
int selinux_status_open(int fallback);
/**
* selinux_status_close - Unmap and close SELinux kernel status page
*
*/
void selinux_status_close(void);
/**
* selinux_status_updated - Inform us whether the kernel status has been updated
*
*/
int selinux_status_updated(void);
/**
* selinux_status_getenforce - Get the enforce flag value
*
*/
int selinux_status_getenforce(void);
/**
* selinux_status_policyload - Get the number of policy reloaded
*
*/
int selinux_status_policyload(void);
/**
* selinux_status_deny_unknown - Get the behavior for undefined classes/permissions
*
*/
int selinux_status_deny_unknown(void);
#ifdef __cplusplus
}
#endif
#endif /* _SELINUX_AVC_H_ */

50
jni/external/selinux/context.h vendored Normal file
View File

@@ -0,0 +1,50 @@
#ifndef _SELINUX_CONTEXT_H_
#define _SELINUX_CONTEXT_H_
#ifdef __cplusplus
extern "C" {
#endif
/*
* Functions to deal with security contexts in user space.
*/
typedef struct {
void *ptr;
} context_s_t;
typedef context_s_t *context_t;
/* Return a new context initialized to a context string */
extern context_t context_new(const char *);
/*
* Return a pointer to the string value of the context_t
* Valid until the next call to context_str or context_free
* for the same context_t*
*/
extern char *context_str(context_t);
/* Free the storage used by a context */
extern void context_free(context_t);
/* Get a pointer to the string value of a context component */
extern const char *context_type_get(context_t);
extern const char *context_range_get(context_t);
extern const char *context_role_get(context_t);
extern const char *context_user_get(context_t);
/* Set a context component. Returns nonzero if unsuccessful */
extern int context_type_set(context_t, const char *);
extern int context_range_set(context_t, const char *);
extern int context_role_set(context_t, const char *);
extern int context_user_set(context_t, const char *);
#ifdef __cplusplus
}
#endif
#endif

118
jni/external/selinux/flask.h vendored Normal file
View File

@@ -0,0 +1,118 @@
/* This file is automatically generated. Do not edit. */
#ifndef _SELINUX_FLASK_H_
#define _SELINUX_FLASK_H_
#warning "Please remove any #include's of this header in your source code."
#warning "Instead, use string_to_security_class() to map the class name to a value."
/*
* Security object class definitions
*/
#define SECCLASS_SECURITY 1
#define SECCLASS_PROCESS 2
#define SECCLASS_SYSTEM 3
#define SECCLASS_CAPABILITY 4
#define SECCLASS_FILESYSTEM 5
#define SECCLASS_FILE 6
#define SECCLASS_DIR 7
#define SECCLASS_FD 8
#define SECCLASS_LNK_FILE 9
#define SECCLASS_CHR_FILE 10
#define SECCLASS_BLK_FILE 11
#define SECCLASS_SOCK_FILE 12
#define SECCLASS_FIFO_FILE 13
#define SECCLASS_SOCKET 14
#define SECCLASS_TCP_SOCKET 15
#define SECCLASS_UDP_SOCKET 16
#define SECCLASS_RAWIP_SOCKET 17
#define SECCLASS_NODE 18
#define SECCLASS_NETIF 19
#define SECCLASS_NETLINK_SOCKET 20
#define SECCLASS_PACKET_SOCKET 21
#define SECCLASS_KEY_SOCKET 22
#define SECCLASS_UNIX_STREAM_SOCKET 23
#define SECCLASS_UNIX_DGRAM_SOCKET 24
#define SECCLASS_SEM 25
#define SECCLASS_MSG 26
#define SECCLASS_MSGQ 27
#define SECCLASS_SHM 28
#define SECCLASS_IPC 29
#define SECCLASS_PASSWD 30
#define SECCLASS_X_DRAWABLE 31
#define SECCLASS_X_SCREEN 32
#define SECCLASS_X_GC 33
#define SECCLASS_X_FONT 34
#define SECCLASS_X_COLORMAP 35
#define SECCLASS_X_PROPERTY 36
#define SECCLASS_X_SELECTION 37
#define SECCLASS_X_CURSOR 38
#define SECCLASS_X_CLIENT 39
#define SECCLASS_X_DEVICE 40
#define SECCLASS_X_SERVER 41
#define SECCLASS_X_EXTENSION 42
#define SECCLASS_NETLINK_ROUTE_SOCKET 43
#define SECCLASS_NETLINK_FIREWALL_SOCKET 44
#define SECCLASS_NETLINK_TCPDIAG_SOCKET 45
#define SECCLASS_NETLINK_NFLOG_SOCKET 46
#define SECCLASS_NETLINK_XFRM_SOCKET 47
#define SECCLASS_NETLINK_SELINUX_SOCKET 48
#define SECCLASS_NETLINK_AUDIT_SOCKET 49
#define SECCLASS_NETLINK_IP6FW_SOCKET 50
#define SECCLASS_NETLINK_DNRT_SOCKET 51
#define SECCLASS_DBUS 52
#define SECCLASS_NSCD 53
#define SECCLASS_ASSOCIATION 54
#define SECCLASS_NETLINK_KOBJECT_UEVENT_SOCKET 55
#define SECCLASS_APPLETALK_SOCKET 56
#define SECCLASS_PACKET 57
#define SECCLASS_KEY 58
#define SECCLASS_CONTEXT 59
#define SECCLASS_DCCP_SOCKET 60
#define SECCLASS_MEMPROTECT 61
#define SECCLASS_DB_DATABASE 62
#define SECCLASS_DB_TABLE 63
#define SECCLASS_DB_PROCEDURE 64
#define SECCLASS_DB_COLUMN 65
#define SECCLASS_DB_TUPLE 66
#define SECCLASS_DB_BLOB 67
#define SECCLASS_PEER 68
#define SECCLASS_CAPABILITY2 69
#define SECCLASS_X_RESOURCE 70
#define SECCLASS_X_EVENT 71
#define SECCLASS_X_SYNTHETIC_EVENT 72
#define SECCLASS_X_APPLICATION_DATA 73
/*
* Security identifier indices for initial entities
*/
#define SECINITSID_KERNEL 1
#define SECINITSID_SECURITY 2
#define SECINITSID_UNLABELED 3
#define SECINITSID_FS 4
#define SECINITSID_FILE 5
#define SECINITSID_FILE_LABELS 6
#define SECINITSID_INIT 7
#define SECINITSID_ANY_SOCKET 8
#define SECINITSID_PORT 9
#define SECINITSID_NETIF 10
#define SECINITSID_NETMSG 11
#define SECINITSID_NODE 12
#define SECINITSID_IGMP_PACKET 13
#define SECINITSID_ICMP_SOCKET 14
#define SECINITSID_TCP_SOCKET 15
#define SECINITSID_SYSCTL_MODPROBE 16
#define SECINITSID_SYSCTL 17
#define SECINITSID_SYSCTL_FS 18
#define SECINITSID_SYSCTL_KERNEL 19
#define SECINITSID_SYSCTL_NET 20
#define SECINITSID_SYSCTL_NET_UNIX 21
#define SECINITSID_SYSCTL_VM 22
#define SECINITSID_SYSCTL_DEV 23
#define SECINITSID_KMOD 24
#define SECINITSID_POLICY 25
#define SECINITSID_SCMP_PACKET 26
#define SECINITSID_DEVNULL 27
#define SECINITSID_NUM 27
#endif

82
jni/external/selinux/get_context_list.h vendored Normal file
View File

@@ -0,0 +1,82 @@
#ifndef _SELINUX_GET_SID_LIST_H_
#define _SELINUX_GET_SID_LIST_H_
#include <selinux/selinux.h>
#ifdef __cplusplus
extern "C" {
#endif
#define SELINUX_DEFAULTUSER "user_u"
/* Get an ordered list of authorized security contexts for a user session
for 'user' spawned by 'fromcon' and set *conary to refer to the
NULL-terminated array of contexts. Every entry in the list will
be authorized by the policy, but the ordering is subject to user
customizable preferences. Returns number of entries in *conary.
If 'fromcon' is NULL, defaults to current context.
Caller must free via freeconary. */
extern int get_ordered_context_list(const char *user,
char * fromcon,
char *** list);
/* As above, but use the provided MLS level rather than the
default level for the user. */
int get_ordered_context_list_with_level(const char *user,
const char *level,
char * fromcon,
char *** list);
/* Get the default security context for a user session for 'user'
spawned by 'fromcon' and set *newcon to refer to it. The context
will be one of those authorized by the policy, but the selection
of a default is subject to user customizable preferences.
If 'fromcon' is NULL, defaults to current context.
Returns 0 on success or -1 otherwise.
Caller must free via freecon. */
extern int get_default_context(const char *user,
char * fromcon,
char ** newcon);
/* As above, but use the provided MLS level rather than the
default level for the user. */
int get_default_context_with_level(const char *user,
const char *level,
char * fromcon,
char ** newcon);
/* Same as get_default_context, but only return a context
that has the specified role. If no reachable context exists
for the user with that role, then return -1. */
int get_default_context_with_role(const char *user,
const char *role,
char * fromcon,
char ** newcon);
/* Same as get_default_context, but only return a context
that has the specified role and level. If no reachable context exists
for the user with that role, then return -1. */
int get_default_context_with_rolelevel(const char *user,
const char *role,
const char *level,
char * fromcon,
char ** newcon);
/* Given a list of authorized security contexts for the user,
query the user to select one and set *newcon to refer to it.
Caller must free via freecon.
Returns 0 on sucess or -1 otherwise. */
extern int query_user_context(char ** list,
char ** newcon);
/* Allow the user to manually enter a context as a fallback
if a list of authorized contexts could not be obtained.
Caller must free via freecon.
Returns 0 on success or -1 otherwise. */
extern int manual_user_enter_context(const char *user,
char ** newcon);
#ifdef __cplusplus
}
#endif
#endif

23
jni/external/selinux/get_default_type.h vendored Normal file
View File

@@ -0,0 +1,23 @@
/* get_default_type.h - contains header information and function prototypes
* for functions to get the default type for a role
*/
#ifndef _SELINUX_GET_DEFAULT_TYPE_H_
#define _SELINUX_GET_DEFAULT_TYPE_H_
#ifdef __cplusplus
extern "C" {
#endif
/* Return path to default type file. */
const char *selinux_default_type_path(void);
/* Get the default type (domain) for 'role' and set 'type' to refer to it.
Caller must free via free().
Return 0 on success or -1 otherwise. */
int get_default_type(const char *role, char **type);
#ifdef __cplusplus
}
#endif
#endif /* ifndef _GET_DEFAULT_TYPE_H_ */

190
jni/external/selinux/label.h vendored Normal file
View File

@@ -0,0 +1,190 @@
/*
* Labeling interface for userspace object managers and others.
*
* Author : Eamon Walsh <ewalsh@tycho.nsa.gov>
*/
#ifndef _SELABEL_H_
#define _SELABEL_H_
#include <stdbool.h>
#include <sys/types.h>
#include <selinux/selinux.h>
#ifdef __cplusplus
extern "C" {
#endif
/*
* Opaque type used for all label handles.
*/
struct selabel_handle;
/*
* Available backends.
*/
/* file contexts */
#define SELABEL_CTX_FILE 0
/* media contexts */
#define SELABEL_CTX_MEDIA 1
/* x contexts */
#define SELABEL_CTX_X 2
/* db objects */
#define SELABEL_CTX_DB 3
/* Android property service contexts */
#define SELABEL_CTX_ANDROID_PROP 4
/* Android service contexts */
#define SELABEL_CTX_ANDROID_SERVICE 5
/*
* Available options
*/
/* no-op option, useful for unused slots in an array of options */
#define SELABEL_OPT_UNUSED 0
/* validate contexts before returning them (boolean value) */
#define SELABEL_OPT_VALIDATE 1
/* don't use local customizations to backend data (boolean value) */
#define SELABEL_OPT_BASEONLY 2
/* specify an alternate path to use when loading backend data */
#define SELABEL_OPT_PATH 3
/* select a subset of the search space as an optimization (file backend) */
#define SELABEL_OPT_SUBSET 4
/* require a hash calculation on spec files */
#define SELABEL_OPT_DIGEST 5
/* total number of options */
#define SELABEL_NOPT 6
/*
* Label operations
*/
/**
* selabel_open - Create a labeling handle.
* @backend: one of the constants specifying a supported labeling backend.
* @opts: array of selabel_opt structures specifying label options or NULL.
* @nopts: number of elements in opts array or zero for no options.
*
* Open a labeling backend for use. The available backend identifiers are
* listed above. Options may be provided via the opts parameter; available
* options are listed above. Not all options may be supported by every
* backend. Return value is the created handle on success or NULL with
* @errno set on failure.
*/
struct selabel_handle *selabel_open(unsigned int backend,
const struct selinux_opt *opts,
unsigned nopts);
/**
* selabel_close - Close a labeling handle.
* @handle: specifies handle to close
*
* Destroy the specified handle, closing files, freeing allocated memory,
* etc. The handle may not be further used after it has been closed.
*/
void selabel_close(struct selabel_handle *handle);
/**
* selabel_lookup - Perform labeling lookup operation.
* @handle: specifies backend instance to query
* @con: returns the appropriate context with which to label the object
* @key: string input to lookup operation
* @type: numeric input to the lookup operation
*
* Perform a labeling lookup operation. Return %0 on success, -%1 with
* @errno set on failure. The key and type arguments are the inputs to the
* lookup operation; appropriate values are dictated by the backend in use.
* The result is returned in the memory pointed to by @con and must be freed
* by the user with freecon().
*/
int selabel_lookup(struct selabel_handle *handle, char **con,
const char *key, int type);
int selabel_lookup_raw(struct selabel_handle *handle, char **con,
const char *key, int type);
bool selabel_partial_match(struct selabel_handle *handle, const char *key);
int selabel_lookup_best_match(struct selabel_handle *rec, char **con,
const char *key, const char **aliases, int type);
int selabel_lookup_best_match_raw(struct selabel_handle *rec, char **con,
const char *key, const char **aliases, int type);
/**
* selabel_digest - Retrieve the SHA1 digest and the list of specfiles used to
* generate the digest. The SELABEL_OPT_DIGEST option must
* be set in selabel_open() to initiate the digest generation.
* @handle: specifies backend instance to query
* @digest: returns a pointer to the SHA1 digest.
* @digest_len: returns length of digest in bytes.
* @specfiles: a list of specfiles used in the SHA1 digest generation.
* The list is NULL terminated and will hold @num_specfiles entries.
* @num_specfiles: number of specfiles in the list.
*
* Return %0 on success, -%1 with @errno set on failure.
*/
int selabel_digest(struct selabel_handle *rec,
unsigned char **digest, size_t *digest_len,
char ***specfiles, size_t *num_specfiles);
enum selabel_cmp_result {
SELABEL_SUBSET,
SELABEL_EQUAL,
SELABEL_SUPERSET,
SELABEL_INCOMPARABLE
};
/**
* selabel_cmp - Compare two label configurations.
* @h1: handle for the first label configuration
* @h2: handle for the first label configuration
*
* Compare two label configurations.
* Return %SELABEL_SUBSET if @h1 is a subset of @h2, %SELABEL_EQUAL
* if @h1 is identical to @h2, %SELABEL_SUPERSET if @h1 is a superset
* of @h2, and %SELABEL_INCOMPARABLE if @h1 and @h2 are incomparable.
*/
enum selabel_cmp_result selabel_cmp(struct selabel_handle *h1,
struct selabel_handle *h2);
/**
* selabel_stats - log labeling operation statistics.
* @handle: specifies backend instance to query
*
* Log a message with information about the number of queries performed,
* number of unused matching entries, or other operational statistics.
* Message is backend-specific, some backends may not output a message.
*/
void selabel_stats(struct selabel_handle *handle);
/*
* Type codes used by specific backends
*/
/* X backend */
#define SELABEL_X_PROP 1
#define SELABEL_X_EXT 2
#define SELABEL_X_CLIENT 3
#define SELABEL_X_EVENT 4
#define SELABEL_X_SELN 5
#define SELABEL_X_POLYPROP 6
#define SELABEL_X_POLYSELN 7
/* DB backend */
#define SELABEL_DB_DATABASE 1
#define SELABEL_DB_SCHEMA 2
#define SELABEL_DB_TABLE 3
#define SELABEL_DB_COLUMN 4
#define SELABEL_DB_SEQUENCE 5
#define SELABEL_DB_VIEW 6
#define SELABEL_DB_PROCEDURE 7
#define SELABEL_DB_BLOB 8
#define SELABEL_DB_TUPLE 9
#define SELABEL_DB_LANGUAGE 10
#define SELABEL_DB_EXCEPTION 11
#define SELABEL_DB_DATATYPE 12
#ifdef __cplusplus
}
#endif
#endif /* _SELABEL_H_ */

187
jni/external/selinux/restorecon.h vendored Normal file
View File

@@ -0,0 +1,187 @@
#ifndef _RESTORECON_H_
#define _RESTORECON_H_
#include <sys/types.h>
#include <stdarg.h>
#ifdef __cplusplus
extern "C" {
#endif
/**
* selinux_restorecon - Relabel files.
* @pathname: specifies file/directory to relabel.
* @restorecon_flags: specifies the actions to be performed when relabeling.
*
* selinux_restorecon(3) will automatically call
* selinux_restorecon_default_handle(3) and selinux_restorecon_set_sehandle(3)
* first time through to set the selabel_open(3) parameters to use the
* currently loaded policy file_contexts and request their computed digest.
*
* Should other selabel_open(3) parameters be required see
* selinux_restorecon_set_sehandle(3).
*/
extern int selinux_restorecon(const char *pathname,
unsigned int restorecon_flags);
/*
* restorecon_flags options
*/
/*
* Force the checking of labels even if the stored SHA1
* digest matches the specfiles SHA1 digest.
*/
#define SELINUX_RESTORECON_IGNORE_DIGEST 0x0001
/*
* Do not change file labels.
*/
#define SELINUX_RESTORECON_NOCHANGE 0x0002
/*
* If set set change file label to that in spec file.
* If not only change type component to that in spec file.
*/
#define SELINUX_RESTORECON_SET_SPECFILE_CTX 0x0004
/*
* Recursively descend directories.
*/
#define SELINUX_RESTORECON_RECURSE 0x0008
/*
* Log changes to selinux log. Note that if VERBOSE and
* PROGRESS are set, then PROGRESS will take precedence.
*/
#define SELINUX_RESTORECON_VERBOSE 0x0010
/*
* If SELINUX_RESTORECON_PROGRESS is true and
* SELINUX_RESTORECON_MASS_RELABEL is true, then output approx % complete,
* else output the number of files in 1k blocks processed to stdout.
*/
#define SELINUX_RESTORECON_PROGRESS 0x0020
/*
* Convert passed-in pathname to canonical pathname.
*/
#define SELINUX_RESTORECON_REALPATH 0x0040
/*
* Prevent descending into directories that have a different
* device number than the pathname from which the descent began.
*/
#define SELINUX_RESTORECON_XDEV 0x0080
/*
* Attempt to add an association between an inode and a specification.
* If there is already an association for the inode and it conflicts
* with the specification, then use the last matching specification.
*/
#define SELINUX_RESTORECON_ADD_ASSOC 0x0100
/*
* Abort on errors during the file tree walk.
*/
#define SELINUX_RESTORECON_ABORT_ON_ERROR 0x0200
/*
* Log any label changes to syslog.
*/
#define SELINUX_RESTORECON_SYSLOG_CHANGES 0x0400
/*
* Log what spec matched each file.
*/
#define SELINUX_RESTORECON_LOG_MATCHES 0x0800
/*
* Ignore files that do not exist.
*/
#define SELINUX_RESTORECON_IGNORE_NOENTRY 0x1000
/*
* Do not read /proc/mounts to obtain a list of non-seclabel
* mounts to be excluded from relabeling checks.
*/
#define SELINUX_RESTORECON_IGNORE_MOUNTS 0x2000
/*
* Set if there is a mass relabel required.
* See SELINUX_RESTORECON_PROGRESS flag for details.
*/
#define SELINUX_RESTORECON_MASS_RELABEL 0x4000
/**
* selinux_restorecon_set_sehandle - Set the global fc handle.
* @hndl: specifies handle to set as the global fc handle.
*
* Called by a process that has already called selabel_open(3) with it's
* required parameters, or if selinux_restorecon_default_handle(3) has been
* called to set the default selabel_open(3) parameters.
*/
// extern void selinux_restorecon_set_sehandle(struct selabel_handle *hndl);
/**
* selinux_restorecon_default_handle - Sets default selabel_open(3) parameters
* to use the currently loaded policy and
* file_contexts, also requests the digest.
*
* Return value is the created handle on success or NULL with @errno set on
* failure.
*/
extern struct selabel_handle *selinux_restorecon_default_handle(void);
/**
* selinux_restorecon_set_exclude_list - Add a list of directories that are
* to be excluded from relabeling.
* @exclude_list: containing a NULL terminated list of one or more
* directories not to be relabeled.
*/
extern void selinux_restorecon_set_exclude_list(const char **exclude_list);
/**
* selinux_restorecon_set_alt_rootpath - Use alternate rootpath.
* @alt_rootpath: containing the alternate rootpath to be used.
*
* Return %0 on success, -%1 with @errno set on failure.
*/
extern int selinux_restorecon_set_alt_rootpath(const char *alt_rootpath);
/**
* selinux_restorecon_xattr - Read/remove RESTORECON_LAST xattr entries.
* @pathname: specifies directory path to check.
* @xattr_flags: specifies the actions to be performed.
* @xattr_list: a linked list of struct dir_xattr structures containing
* the directory, digest and result of the action on the
* RESTORECON_LAST entry.
*
* selinux_restorecon_xattr(3) will automatically call
* selinux_restorecon_default_handle(3) and selinux_restorecon_set_sehandle(3)
* first time through to set the selabel_open(3) parameters to use the
* currently loaded policy file_contexts and request their computed digest.
*
* Should other selabel_open(3) parameters be required see
* selinux_restorecon_set_sehandle(3), however note that a file_contexts
* computed digest is required for selinux_restorecon_xattr().
*/
enum digest_result {
MATCH = 0,
NOMATCH,
DELETED_MATCH,
DELETED_NOMATCH,
ERROR
};
struct dir_xattr {
char *directory;
char *digest; /* A hex encoded string that can be printed. */
enum digest_result result;
struct dir_xattr *next;
};
extern int selinux_restorecon_xattr(const char *pathname,
unsigned int xattr_flags,
struct dir_xattr ***xattr_list);
/*
* xattr_flags options
*/
/* Recursively descend directories. */
#define SELINUX_RESTORECON_XATTR_RECURSE 0x0001
/* Delete non-matching digests from each directory in pathname. */
#define SELINUX_RESTORECON_XATTR_DELETE_NONMATCH_DIGESTS 0x0002
/* Delete all digests found in pathname. */
#define SELINUX_RESTORECON_XATTR_DELETE_ALL_DIGESTS 0x0004
/* Do not read /proc/mounts. */
#define SELINUX_RESTORECON_XATTR_IGNORE_MOUNTS 0x0008
#ifdef __cplusplus
}
#endif
#endif

673
jni/external/selinux/selinux.h vendored Normal file
View File

@@ -0,0 +1,673 @@
#ifndef _SELINUX_H_
#define _SELINUX_H_
#include <sys/types.h>
#include <stdarg.h>
#ifdef __cplusplus
extern "C" {
#endif
/* Return 1 if we are running on a SELinux kernel, or 0 if not or -1 if we get an error. */
extern int is_selinux_enabled(void);
/* Return 1 if we are running on a SELinux MLS kernel, or 0 otherwise. */
extern int is_selinux_mls_enabled(void);
/* No longer used; here for compatibility with legacy callers. */
typedef char *security_context_t;
/* Free the memory allocated for a context by any of the below get* calls. */
extern void freecon(char * con);
/* Free the memory allocated for a context array by security_compute_user. */
extern void freeconary(char ** con);
/* Wrappers for the /proc/pid/attr API. */
/* Get current context, and set *con to refer to it.
Caller must free via freecon. */
extern int getcon(char ** con);
extern int getcon_raw(char ** con);
/* Set the current security context to con.
Note that use of this function requires that the entire application
be trusted to maintain any desired separation between the old and new
security contexts, unlike exec-based transitions performed via setexeccon.
When possible, decompose your application and use setexeccon()+execve()
instead. Note that the application may lose access to its open descriptors
as a result of a setcon() unless policy allows it to use descriptors opened
by the old context. */
extern int setcon(const char * con);
extern int setcon_raw(const char * con);
/* Get context of process identified by pid, and
set *con to refer to it. Caller must free via freecon. */
extern int getpidcon(pid_t pid, char ** con);
extern int getpidcon_raw(pid_t pid, char ** con);
/* Get previous context (prior to last exec), and set *con to refer to it.
Caller must free via freecon. */
extern int getprevcon(char ** con);
extern int getprevcon_raw(char ** con);
/* Get exec context, and set *con to refer to it.
Sets *con to NULL if no exec context has been set, i.e. using default.
If non-NULL, caller must free via freecon. */
extern int getexeccon(char ** con);
extern int getexeccon_raw(char ** con);
/* Set exec security context for the next execve.
Call with NULL if you want to reset to the default. */
extern int setexeccon(const char * con);
extern int setexeccon_raw(const char * con);
/* Get fscreate context, and set *con to refer to it.
Sets *con to NULL if no fs create context has been set, i.e. using default.
If non-NULL, caller must free via freecon. */
extern int getfscreatecon(char ** con);
extern int getfscreatecon_raw(char ** con);
/* Set the fscreate security context for subsequent file creations.
Call with NULL if you want to reset to the default. */
extern int setfscreatecon(const char * context);
extern int setfscreatecon_raw(const char * context);
/* Get keycreate context, and set *con to refer to it.
Sets *con to NULL if no key create context has been set, i.e. using default.
If non-NULL, caller must free via freecon. */
extern int getkeycreatecon(char ** con);
extern int getkeycreatecon_raw(char ** con);
/* Set the keycreate security context for subsequent key creations.
Call with NULL if you want to reset to the default. */
extern int setkeycreatecon(const char * context);
extern int setkeycreatecon_raw(const char * context);
/* Get sockcreate context, and set *con to refer to it.
Sets *con to NULL if no socket create context has been set, i.e. using default.
If non-NULL, caller must free via freecon. */
extern int getsockcreatecon(char ** con);
extern int getsockcreatecon_raw(char ** con);
/* Set the sockcreate security context for subsequent socket creations.
Call with NULL if you want to reset to the default. */
extern int setsockcreatecon(const char * context);
extern int setsockcreatecon_raw(const char * context);
/* Wrappers for the xattr API. */
/* Get file context, and set *con to refer to it.
Caller must free via freecon. */
extern int getfilecon(const char *path, char ** con);
extern int getfilecon_raw(const char *path, char ** con);
extern int lgetfilecon(const char *path, char ** con);
extern int lgetfilecon_raw(const char *path, char ** con);
extern int fgetfilecon(int fd, char ** con);
extern int fgetfilecon_raw(int fd, char ** con);
/* Set file context */
extern int setfilecon(const char *path, const char * con);
extern int setfilecon_raw(const char *path, const char * con);
extern int lsetfilecon(const char *path, const char * con);
extern int lsetfilecon_raw(const char *path, const char * con);
extern int fsetfilecon(int fd, const char * con);
extern int fsetfilecon_raw(int fd, const char * con);
/* Wrappers for the socket API */
/* Get context of peer socket, and set *con to refer to it.
Caller must free via freecon. */
extern int getpeercon(int fd, char ** con);
extern int getpeercon_raw(int fd, char ** con);
/* Wrappers for the selinuxfs (policy) API. */
typedef unsigned int access_vector_t;
typedef unsigned short security_class_t;
struct av_decision {
access_vector_t allowed;
access_vector_t decided;
access_vector_t auditallow;
access_vector_t auditdeny;
unsigned int seqno;
unsigned int flags;
};
/* Definitions of av_decision.flags */
#define SELINUX_AVD_FLAGS_PERMISSIVE 0x0001
/* Structure for passing options, used by AVC and label subsystems */
struct selinux_opt {
int type;
const char *value;
};
/* Callback facilities */
union selinux_callback {
/* log the printf-style format and arguments,
with the type code indicating the type of message */
int
#ifdef __GNUC__
__attribute__ ((format(printf, 2, 3)))
#endif
(*func_log) (int type, const char *fmt, ...);
/* store a string representation of auditdata (corresponding
to the given security class) into msgbuf. */
int (*func_audit) (void *auditdata, security_class_t cls,
char *msgbuf, size_t msgbufsize);
/* validate the supplied context, modifying if necessary */
int (*func_validate) (char **ctx);
/* netlink callback for setenforce message */
int (*func_setenforce) (int enforcing);
/* netlink callback for policyload message */
int (*func_policyload) (int seqno);
};
#define SELINUX_CB_LOG 0
#define SELINUX_CB_AUDIT 1
#define SELINUX_CB_VALIDATE 2
#define SELINUX_CB_SETENFORCE 3
#define SELINUX_CB_POLICYLOAD 4
extern union selinux_callback selinux_get_callback(int type);
extern void selinux_set_callback(int type, union selinux_callback cb);
/* Logging type codes, passed to the logging callback */
#define SELINUX_ERROR 0
#define SELINUX_WARNING 1
#define SELINUX_INFO 2
#define SELINUX_AVC 3
#define SELINUX_TRANS_DIR "/var/run/setrans"
/* Compute an access decision. */
extern int security_compute_av(const char * scon,
const char * tcon,
security_class_t tclass,
access_vector_t requested,
struct av_decision *avd);
extern int security_compute_av_raw(const char * scon,
const char * tcon,
security_class_t tclass,
access_vector_t requested,
struct av_decision *avd);
extern int security_compute_av_flags(const char * scon,
const char * tcon,
security_class_t tclass,
access_vector_t requested,
struct av_decision *avd);
extern int security_compute_av_flags_raw(const char * scon,
const char * tcon,
security_class_t tclass,
access_vector_t requested,
struct av_decision *avd);
/* Compute a labeling decision and set *newcon to refer to it.
Caller must free via freecon. */
extern int security_compute_create(const char * scon,
const char * tcon,
security_class_t tclass,
char ** newcon);
extern int security_compute_create_raw(const char * scon,
const char * tcon,
security_class_t tclass,
char ** newcon);
extern int security_compute_create_name(const char * scon,
const char * tcon,
security_class_t tclass,
const char *objname,
char ** newcon);
extern int security_compute_create_name_raw(const char * scon,
const char * tcon,
security_class_t tclass,
const char *objname,
char ** newcon);
/* Compute a relabeling decision and set *newcon to refer to it.
Caller must free via freecon. */
extern int security_compute_relabel(const char * scon,
const char * tcon,
security_class_t tclass,
char ** newcon);
extern int security_compute_relabel_raw(const char * scon,
const char * tcon,
security_class_t tclass,
char ** newcon);
/* Compute a polyinstantiation member decision and set *newcon to refer to it.
Caller must free via freecon. */
extern int security_compute_member(const char * scon,
const char * tcon,
security_class_t tclass,
char ** newcon);
extern int security_compute_member_raw(const char * scon,
const char * tcon,
security_class_t tclass,
char ** newcon);
/* Compute the set of reachable user contexts and set *con to refer to
the NULL-terminated array of contexts. Caller must free via freeconary. */
extern int security_compute_user(const char * scon,
const char *username,
char *** con);
extern int security_compute_user_raw(const char * scon,
const char *username,
char *** con);
/* Load a policy configuration. */
extern int security_load_policy(void *data, size_t len);
/* Get the context of an initial kernel security identifier by name.
Caller must free via freecon */
extern int security_get_initial_context(const char *name,
char ** con);
extern int security_get_initial_context_raw(const char *name,
char ** con);
/*
* Make a policy image and load it.
* This function provides a higher level interface for loading policy
* than security_load_policy, internally determining the right policy
* version, locating and opening the policy file, mapping it into memory,
* manipulating it as needed for current boolean settings and/or local
* definitions, and then calling security_load_policy to load it.
*
* 'preservebools' is a boolean flag indicating whether current
* policy boolean values should be preserved into the new policy (if 1)
* or reset to the saved policy settings (if 0). The former case is the
* default for policy reloads, while the latter case is an option for policy
* reloads but is primarily for the initial policy load.
*/
extern int selinux_mkload_policy(int preservebools);
/*
* Perform the initial policy load.
* This function determines the desired enforcing mode, sets the
* the *enforce argument accordingly for the caller to use, sets the
* SELinux kernel enforcing status to match it, and loads the policy.
* It also internally handles the initial selinuxfs mount required to
* perform these actions.
*
* The function returns 0 if everything including the policy load succeeds.
* In this case, init is expected to re-exec itself in order to transition
* to the proper security context.
* Otherwise, the function returns -1, and init must check *enforce to
* determine how to proceed. If enforcing (*enforce > 0), then init should
* halt the system. Otherwise, init may proceed normally without a re-exec.
*/
extern int selinux_init_load_policy(int *enforce);
/* Translate boolean strict to name value pair. */
typedef struct {
char *name;
int value;
} SELboolean;
/* save a list of booleans in a single transaction. */
extern int security_set_boolean_list(size_t boolcnt,
SELboolean * boollist, int permanent);
/* Load policy boolean settings.
Path may be NULL, in which case the booleans are loaded from
the active policy boolean configuration file. */
extern int security_load_booleans(char *path);
/* Check the validity of a security context. */
extern int security_check_context(const char * con);
extern int security_check_context_raw(const char * con);
/* Canonicalize a security context. */
extern int security_canonicalize_context(const char * con,
char ** canoncon);
extern int security_canonicalize_context_raw(const char * con,
char ** canoncon);
/* Get the enforce flag value. */
extern int security_getenforce(void);
/* Set the enforce flag value. */
extern int security_setenforce(int value);
/* Get the behavior for undefined classes/permissions */
extern int security_deny_unknown(void);
/* Disable SELinux at runtime (must be done prior to initial policy load). */
extern int security_disable(void);
/* Get the policy version number. */
extern int security_policyvers(void);
/* Get the boolean names */
extern int security_get_boolean_names(char ***names, int *len);
/* Get the pending value for the boolean */
extern int security_get_boolean_pending(const char *name);
/* Get the active value for the boolean */
extern int security_get_boolean_active(const char *name);
/* Set the pending value for the boolean */
extern int security_set_boolean(const char *name, int value);
/* Commit the pending values for the booleans */
extern int security_commit_booleans(void);
/* Userspace class mapping support */
struct security_class_mapping {
const char *name;
const char *perms[sizeof(access_vector_t) * 8 + 1];
};
/**
* selinux_set_mapping - Enable dynamic mapping between integer offsets and security class names
* @map: array of security_class_mapping structures
*
* The core avc_has_perm() API uses integers to represent security
* classes; previous to the introduction of this function, it was
* common for userspace object managers to be compiled using generated
* offsets for a particular policy. However, that strongly ties the build of the userspace components to a particular policy.
*
* By using this function to map between integer offsets and security
* class names, it's possible to replace a system policies that have
* at least the same set of security class names as used by the
* userspace object managers.
*
* To correctly use this function, you should override the generated
* security class defines from the system policy in a local header,
* starting at 1, and have one security_class_mapping structure entry
* per define.
*/
extern int selinux_set_mapping(struct security_class_mapping *map);
/* Common helpers */
/* Convert between mode and security class values */
extern security_class_t mode_to_security_class(mode_t mode);
/* Convert between security class values and string names */
extern security_class_t string_to_security_class(const char *name);
extern const char *security_class_to_string(security_class_t cls);
/* Convert between individual access vector permissions and string names */
extern const char *security_av_perm_to_string(security_class_t tclass,
access_vector_t perm);
extern access_vector_t string_to_av_perm(security_class_t tclass,
const char *name);
/* Returns an access vector in a string representation. User must free the
* returned string via free(). */
extern int security_av_string(security_class_t tclass,
access_vector_t av, char **result);
/* Display an access vector in a string representation. */
extern void print_access_vector(security_class_t tclass, access_vector_t av);
/* Set the function used by matchpathcon_init when displaying
errors about the file_contexts configuration. If not set,
then this defaults to fprintf(stderr, fmt, ...). */
extern void set_matchpathcon_printf(void (*f) (const char *fmt, ...));
/* Set the function used by matchpathcon_init when checking the
validity of a context in the file contexts configuration. If not set,
then this defaults to a test based on security_check_context().
The function is also responsible for reporting any such error, and
may include the 'path' and 'lineno' in such error messages. */
extern void set_matchpathcon_invalidcon(int (*f) (const char *path,
unsigned lineno,
char *context));
/* Same as above, but also allows canonicalization of the context,
by changing *context to refer to the canonical form. If not set,
and invalidcon is also not set, then this defaults to calling
security_canonicalize_context(). */
extern void set_matchpathcon_canoncon(int (*f) (const char *path,
unsigned lineno,
char **context));
/* Set flags controlling operation of matchpathcon_init or matchpathcon. */
#define MATCHPATHCON_BASEONLY 1 /* Only process the base file_contexts file. */
#define MATCHPATHCON_NOTRANS 2 /* Do not perform any context translation. */
#define MATCHPATHCON_VALIDATE 4 /* Validate/canonicalize contexts at init time. */
extern void set_matchpathcon_flags(unsigned int flags);
/* Load the file contexts configuration specified by 'path'
into memory for use by subsequent matchpathcon calls.
If 'path' is NULL, then load the active file contexts configuration,
i.e. the path returned by selinux_file_context_path().
Unless the MATCHPATHCON_BASEONLY flag has been set, this
function also checks for a 'path'.homedirs file and
a 'path'.local file and loads additional specifications
from them if present. */
extern int matchpathcon_init(const char *path);
/* Same as matchpathcon_init, but only load entries with
regexes that have stems that are prefixes of 'prefix'. */
extern int matchpathcon_init_prefix(const char *path, const char *prefix);
/* Free the memory allocated by matchpathcon_init. */
extern void matchpathcon_fini(void);
/* Resolve all of the symlinks and relative portions of a pathname, but NOT
* the final component (same a realpath() unless the final component is a
* symlink. Resolved path must be a path of size PATH_MAX + 1 */
extern int realpath_not_final(const char *name, char *resolved_path);
/* Match the specified pathname and mode against the file contexts
configuration and set *con to refer to the resulting context.
'mode' can be 0 to disable mode matching.
Caller must free via freecon.
If matchpathcon_init has not already been called, then this function
will call it upon its first invocation with a NULL path. */
extern int matchpathcon(const char *path,
mode_t mode, char ** con);
/* Same as above, but return a specification index for
later use in a matchpathcon_filespec_add() call - see below. */
extern int matchpathcon_index(const char *path,
mode_t mode, char ** con);
/* Maintain an association between an inode and a specification index,
and check whether a conflicting specification is already associated
with the same inode (e.g. due to multiple hard links). If so, then
use the latter of the two specifications based on their order in the
file contexts configuration. Return the used specification index. */
extern int matchpathcon_filespec_add(ino_t ino, int specind, const char *file);
/* Destroy any inode associations that have been added, e.g. to restart
for a new filesystem. */
extern void matchpathcon_filespec_destroy(void);
/* Display statistics on the hash table usage for the associations. */
extern void matchpathcon_filespec_eval(void);
/* Check to see whether any specifications had no matches and report them.
The 'str' is used as a prefix for any warning messages. */
extern void matchpathcon_checkmatches(char *str);
/* Match the specified media and against the media contexts
configuration and set *con to refer to the resulting context.
Caller must free con via freecon. */
extern int matchmediacon(const char *media, char ** con);
/*
selinux_getenforcemode reads the /etc/selinux/config file and determines
whether the machine should be started in enforcing (1), permissive (0) or
disabled (-1) mode.
*/
extern int selinux_getenforcemode(int *enforce);
/*
selinux_boolean_sub reads the /etc/selinux/TYPE/booleans.subs_dist file
looking for a record with boolean_name. If a record exists selinux_boolean_sub
returns the translated name otherwise it returns the original name.
The returned value needs to be freed. On failure NULL will be returned.
*/
extern char *selinux_boolean_sub(const char *boolean_name);
/*
selinux_getpolicytype reads the /etc/selinux/config file and determines
what the default policy for the machine is. Calling application must
free policytype.
*/
extern int selinux_getpolicytype(char **policytype);
/*
selinux_policy_root reads the /etc/selinux/config file and returns
the directory path under which the compiled policy file and context
configuration files exist.
*/
extern const char *selinux_policy_root(void);
/*
selinux_set_policy_root sets an alternate policy root directory path under
which the compiled policy file and context configuration files exist.
*/
extern int selinux_set_policy_root(const char *rootpath);
/* These functions return the paths to specific files under the
policy root directory. */
extern const char *selinux_current_policy_path(void);
extern const char *selinux_binary_policy_path(void);
extern const char *selinux_failsafe_context_path(void);
extern const char *selinux_removable_context_path(void);
extern const char *selinux_default_context_path(void);
extern const char *selinux_user_contexts_path(void);
extern const char *selinux_file_context_path(void);
extern const char *selinux_file_context_homedir_path(void);
extern const char *selinux_file_context_local_path(void);
extern const char *selinux_file_context_subs_path(void);
extern const char *selinux_file_context_subs_dist_path(void);
extern const char *selinux_homedir_context_path(void);
extern const char *selinux_media_context_path(void);
extern const char *selinux_virtual_domain_context_path(void);
extern const char *selinux_virtual_image_context_path(void);
extern const char *selinux_lxc_contexts_path(void);
extern const char *selinux_x_context_path(void);
extern const char *selinux_sepgsql_context_path(void);
extern const char *selinux_openrc_contexts_path(void);
extern const char *selinux_openssh_contexts_path(void);
extern const char *selinux_snapperd_contexts_path(void);
extern const char *selinux_systemd_contexts_path(void);
extern const char *selinux_contexts_path(void);
extern const char *selinux_securetty_types_path(void);
extern const char *selinux_booleans_subs_path(void);
extern const char *selinux_booleans_path(void);
extern const char *selinux_customizable_types_path(void);
extern const char *selinux_users_path(void);
extern const char *selinux_usersconf_path(void);
extern const char *selinux_translations_path(void);
extern const char *selinux_colors_path(void);
extern const char *selinux_netfilter_context_path(void);
extern const char *selinux_path(void);
/**
* selinux_check_access - Check permissions and perform appropriate auditing.
* @scon: source security context
* @tcon: target security context
* @tclass: target security class string
* @perm: requested permissions string, interpreted based on @tclass
* @auditdata: auxiliary audit data
*
* Check the AVC to determine whether the @perm permissions are granted
* for the SID pair (@scon, @tcon), interpreting the permissions
* based on @tclass.
* Return %0 if all @perm permissions are granted, -%1 with
* @errno set to %EACCES if any permissions are denied or to another
* value upon other errors.
* If auditing or logging is configured the appropriate callbacks will be called
* and passed the auditdata field
*/
extern int selinux_check_access(const char * scon, const char * tcon, const char *tclass, const char *perm, void *auditdata);
/* Check a permission in the passwd class.
Return 0 if granted or -1 otherwise. */
extern int selinux_check_passwd_access(access_vector_t requested);
extern int checkPasswdAccess(access_vector_t requested);
/* Check if the tty_context is defined as a securetty
Return 0 if secure, < 0 otherwise. */
extern int selinux_check_securetty_context(const char * tty_context);
/* Set the path to the selinuxfs mount point explicitly.
Normally, this is determined automatically during libselinux
initialization, but this is not always possible, e.g. for /sbin/init
which performs the initial mount of selinuxfs. */
void set_selinuxmnt(const char *mnt);
/* Check if selinuxfs exists as a kernel filesystem */
int selinuxfs_exists(void);
/* clear selinuxmnt variable and free allocated memory */
void fini_selinuxmnt(void);
/* Set an appropriate security context based on the filename of a helper
* program, falling back to a new context with the specified type. */
extern int setexecfilecon(const char *filename, const char *fallback_type);
#ifndef DISABLE_RPM
/* Execute a helper for rpm in an appropriate security context. */
extern int rpm_execcon(unsigned int verified,
const char *filename,
char *const argv[], char *const envp[]);
#endif
/* Returns whether a file context is customizable, and should not
be relabeled . */
extern int is_context_customizable(const char * scontext);
/* Perform context translation between the human-readable format
("translated") and the internal system format ("raw").
Caller must free the resulting context via freecon.
Returns -1 upon an error or 0 otherwise.
If passed NULL, sets the returned context to NULL and returns 0. */
extern int selinux_trans_to_raw_context(const char * trans,
char ** rawp);
extern int selinux_raw_to_trans_context(const char * raw,
char ** transp);
/* Perform context translation between security contexts
and display colors. Returns a space-separated list of ten
ten hex RGB triples prefixed by hash marks, e.g. "#ff0000".
Caller must free the resulting string via free.
Returns -1 upon an error or 0 otherwise. */
extern int selinux_raw_context_to_color(const char * raw,
char **color_str);
/* Get the SELinux username and level to use for a given Linux username.
These values may then be passed into the get_ordered_context_list*
and get_default_context* functions to obtain a context for the user.
Returns 0 on success or -1 otherwise.
Caller must free the returned strings via free. */
extern int getseuserbyname(const char *linuxuser, char **seuser, char **level);
/* Get the SELinux username and level to use for a given Linux username and service.
These values may then be passed into the get_ordered_context_list*
and get_default_context* functions to obtain a context for the user.
Returns 0 on success or -1 otherwise.
Caller must free the returned strings via free. */
extern int getseuser(const char *username, const char *service,
char **r_seuser, char **r_level);
/* Compare two file contexts, return 0 if equivalent. */
extern int selinux_file_context_cmp(const char * a,
const char * b);
/*
* Verify the context of the file 'path' against policy.
* Return 1 if match, 0 if not and -1 on error.
*/
extern int selinux_file_context_verify(const char *path, mode_t mode);
/* This function sets the file context on to the system defaults returns 0 on success */
extern int selinux_lsetfilecon_default(const char *path);
/*
* Force a reset of the loaded configuration
* WARNING: This is not thread safe. Be very sure that no other threads
* are calling into libselinux when this is called.
*/
extern void selinux_reset_config(void);
#ifdef __cplusplus
}
#endif
#endif

355
jni/external/selinux_stub.c vendored Normal file
View File

@@ -0,0 +1,355 @@
#include <stdbool.h>
#include "selinux/avc.h"
#include "selinux/context.h"
#include "selinux/get_context_list.h"
#include "selinux/get_default_type.h"
#include "selinux/restorecon.h"
#include "selinux/selinux.h"
int is_selinux_enabled(void) { return 0; }
int is_selinux_mls_enabled(void) { return 0; }
void freecon(char * con) { }
void freeconary(char ** con) { }
int getcon(char ** con) { return 0; }
int getcon_raw(char ** con) { return 0; }
int setcon(const char * con) { return 0; }
int setcon_raw(const char * con) { return 0; }
int getpidcon(pid_t pid, char ** con) { return 0; }
int getpidcon_raw(pid_t pid, char ** con) { return 0; }
int getprevcon(char ** con) { return 0; }
int getprevcon_raw(char ** con) { return 0; }
int getexeccon(char ** con) { return 0; }
int getexeccon_raw(char ** con) { return 0; }
int setexeccon(const char * con) { return 0; }
int setexeccon_raw(const char * con) { return 0; }
int getfscreatecon(char ** con) { return 0; }
int getfscreatecon_raw(char ** con) { return 0; }
int setfscreatecon(const char * context) { return 0; }
int setfscreatecon_raw(const char * context) { return 0; }
int getkeycreatecon(char ** con) { return 0; }
int getkeycreatecon_raw(char ** con) { return 0; }
int setkeycreatecon(const char * context) { return 0; }
int setkeycreatecon_raw(const char * context) { return 0; }
int getsockcreatecon(char ** con) { return 0; }
int getsockcreatecon_raw(char ** con) { return 0; }
int setsockcreatecon(const char * context) { return 0; }
int setsockcreatecon_raw(const char * context) { return 0; }
int getfilecon(const char *path, char ** con) { return 0; }
int getfilecon_raw(const char *path, char ** con) { return 0; }
int lgetfilecon(const char *path, char ** con) { return 0; }
int lgetfilecon_raw(const char *path, char ** con) { return 0; }
int fgetfilecon(int fd, char ** con) { return 0; }
int fgetfilecon_raw(int fd, char ** con) { return 0; }
int setfilecon(const char *path, const char * con) { return 0; }
int setfilecon_raw(const char *path, const char * con) { return 0; }
int lsetfilecon(const char *path, const char * con) { return 0; }
int lsetfilecon_raw(const char *path, const char * con) { return 0; }
int fsetfilecon(int fd, const char * con) { return 0; }
int fsetfilecon_raw(int fd, const char * con) { return 0; }
int getpeercon(int fd, char ** con) { return 0; }
int getpeercon_raw(int fd, char ** con) { return 0; }
void selinux_set_callback(int type, union selinux_callback cb) { }
int security_compute_av(const char * scon,
const char * tcon,
security_class_t tclass,
access_vector_t requested,
struct av_decision *avd) { return 0; }
int security_compute_av_raw(const char * scon,
const char * tcon,
security_class_t tclass,
access_vector_t requested,
struct av_decision *avd) { return 0; }
int security_compute_av_flags(const char * scon,
const char * tcon,
security_class_t tclass,
access_vector_t requested,
struct av_decision *avd) { return 0; }
int security_compute_av_flags_raw(const char * scon,
const char * tcon,
security_class_t tclass,
access_vector_t requested,
struct av_decision *avd) { return 0; }
int security_compute_create(const char * scon,
const char * tcon,
security_class_t tclass,
char ** newcon) { return 0; }
int security_compute_create_raw(const char * scon,
const char * tcon,
security_class_t tclass,
char ** newcon) { return 0; }
int security_compute_create_name(const char * scon,
const char * tcon,
security_class_t tclass,
const char *objname,
char ** newcon) { return 0; }
int security_compute_create_name_raw(const char * scon,
const char * tcon,
security_class_t tclass,
const char *objname,
char ** newcon) { return 0; }
int security_compute_relabel(const char * scon,
const char * tcon,
security_class_t tclass,
char ** newcon) { return 0; }
int security_compute_relabel_raw(const char * scon,
const char * tcon,
security_class_t tclass,
char ** newcon) { return 0; }
int security_compute_member(const char * scon,
const char * tcon,
security_class_t tclass,
char ** newcon) { return 0; }
int security_compute_member_raw(const char * scon,
const char * tcon,
security_class_t tclass,
char ** newcon) { return 0; }
int security_compute_user(const char * scon,
const char *username,
char *** con) { return 0; }
int security_compute_user_raw(const char * scon,
const char *username,
char *** con) { return 0; }
int security_load_policy(void *data, size_t len) { return 0; }
int security_get_initial_context(const char *name,
char ** con) { return 0; }
int security_get_initial_context_raw(const char *name,
char ** con) { return 0; }
int selinux_mkload_policy(int preservebools) { return 0; }
int selinux_init_load_policy(int *enforce) { return 0; }
int security_set_boolean_list(size_t boolcnt,
SELboolean * boollist, int permanent) { return 0; }
int security_load_booleans(char *path) { return 0; }
int security_check_context(const char * con) { return 0; }
int security_check_context_raw(const char * con) { return 0; }
int security_canonicalize_context(const char * con,
char ** canoncon) { return 0; }
int security_canonicalize_context_raw(const char * con,
char ** canoncon) { return 0; }
int security_getenforce(void) { return 0; }
int security_setenforce(int value) { return 0; }
int security_deny_unknown(void) { return 0; }
int security_disable(void) { return 0; }
int security_policyvers(void) { return 0; }
int security_get_boolean_names(char ***names, int *len) { return 0; }
int security_get_boolean_pending(const char *name) { return 0; }
int security_get_boolean_active(const char *name) { return 0; }
int security_set_boolean(const char *name, int value) { return 0; }
int security_commit_booleans(void) { return 0; }
int selinux_set_mapping(struct security_class_mapping *map) { return 0; }
security_class_t mode_to_security_class(mode_t mode) { return 0; }
security_class_t string_to_security_class(const char *name) { return 0; }
const char *security_class_to_string(security_class_t cls) { return 0; }
const char *security_av_perm_to_string(security_class_t tclass,
access_vector_t perm) { return 0; }
access_vector_t string_to_av_perm(security_class_t tclass,
const char *name) { return 0; }
int security_av_string(security_class_t tclass,
access_vector_t av, char **result) { return 0; }
void print_access_vector(security_class_t tclass, access_vector_t av) { }
void set_matchpathcon_printf(void (*f) (const char *fmt, ...)) { }
void set_matchpathcon_invalidcon(int (*f) (const char *path,
unsigned lineno,
char *context)) { }
void set_matchpathcon_canoncon(int (*f) (const char *path,
unsigned lineno,
char **context)) { }
void set_matchpathcon_flags(unsigned int flags) { }
int matchpathcon_init(const char *path) { return 0; }
int matchpathcon_init_prefix(const char *path, const char *prefix) { return 0; }
void matchpathcon_fini(void) { }
int realpath_not_final(const char *name, char *resolved_path) { return 0; }
int matchpathcon(const char *path,
mode_t mode, char ** con) { return 0; }
int matchpathcon_index(const char *path,
mode_t mode, char ** con) { return 0; }
int matchpathcon_filespec_add(ino_t ino, int specind, const char *file) { return 0; }
void matchpathcon_filespec_destroy(void) { }
void matchpathcon_filespec_eval(void) { }
void matchpathcon_checkmatches(char *str) { }
int matchmediacon(const char *media, char ** con) { return 0; }
int selinux_getenforcemode(int *enforce) { return 0; }
char *selinux_boolean_sub(const char *boolean_name) { return 0; }
int selinux_getpolicytype(char **policytype) { return 0; }
const char *selinux_policy_root(void) { return 0; }
int selinux_set_policy_root(const char *rootpath) { return 0; }
const char *selinux_current_policy_path(void) { return 0; }
const char *selinux_binary_policy_path(void) { return 0; }
const char *selinux_failsafe_context_path(void) { return 0; }
const char *selinux_removable_context_path(void) { return 0; }
const char *selinux_default_context_path(void) { return 0; }
const char *selinux_user_contexts_path(void) { return 0; }
const char *selinux_file_context_path(void) { return 0; }
const char *selinux_file_context_homedir_path(void) { return 0; }
const char *selinux_file_context_local_path(void) { return 0; }
const char *selinux_file_context_subs_path(void) { return 0; }
const char *selinux_file_context_subs_dist_path(void) { return 0; }
const char *selinux_homedir_context_path(void) { return 0; }
const char *selinux_media_context_path(void) { return 0; }
const char *selinux_virtual_domain_context_path(void) { return 0; }
const char *selinux_virtual_image_context_path(void) { return 0; }
const char *selinux_lxc_contexts_path(void) { return 0; }
const char *selinux_x_context_path(void) { return 0; }
const char *selinux_sepgsql_context_path(void) { return 0; }
const char *selinux_openrc_contexts_path(void) { return 0; }
const char *selinux_openssh_contexts_path(void) { return 0; }
const char *selinux_snapperd_contexts_path(void) { return 0; }
const char *selinux_systemd_contexts_path(void) { return 0; }
const char *selinux_contexts_path(void) { return 0; }
const char *selinux_securetty_types_path(void) { return 0; }
const char *selinux_booleans_subs_path(void) { return 0; }
const char *selinux_booleans_path(void) { return 0; }
const char *selinux_customizable_types_path(void) { return 0; }
const char *selinux_users_path(void) { return 0; }
const char *selinux_usersconf_path(void) { return 0; }
const char *selinux_translations_path(void) { return 0; }
const char *selinux_colors_path(void) { return 0; }
const char *selinux_netfilter_context_path(void) { return 0; }
const char *selinux_path(void) { return 0; }
int selinux_check_access(const char * scon, const char * tcon, const char *tclass, const char *perm, void *auditdata) { return 0; }
int selinux_check_passwd_access(access_vector_t requested) { return 0; }
int checkPasswdAccess(access_vector_t requested) { return 0; }
int selinux_check_securetty_context(const char * tty_context) { return 0; }
void set_selinuxmnt(const char *mnt) { }
int selinuxfs_exists(void) { return 0; }
void fini_selinuxmnt(void) {}
int setexecfilecon(const char *filename, const char *fallback_type) { return 0; }
#ifndef DISABLE_RPM
int rpm_execcon(unsigned int verified,
const char *filename,
char *const argv[], char *const envp[]) { return 0; }
#endif
int is_context_customizable(const char * scontext) { return 0; }
int selinux_trans_to_raw_context(const char * trans,
char ** rawp) { return 0; }
int selinux_raw_to_trans_context(const char * raw,
char ** transp) { return 0; }
int selinux_raw_context_to_color(const char * raw,
char **color_str) { return 0; }
int getseuserbyname(const char *linuxuser, char **seuser, char **level) { return 0; }
int getseuser(const char *username, const char *service,
char **r_seuser, char **r_level) { return 0; }
int selinux_file_context_cmp(const char * a,
const char * b) { return 0; }
int selinux_file_context_verify(const char *path, mode_t mode) { return 0; }
int selinux_lsetfilecon_default(const char *path) { return 0; }
void selinux_reset_config(void) { }
int avc_sid_to_context(security_id_t sid, char ** ctx) { return 0; }
int avc_sid_to_context_raw(security_id_t sid, char ** ctx) { return 0; }
int avc_context_to_sid(const char * ctx, security_id_t * sid) { return 0; }
int avc_context_to_sid_raw(const char * ctx, security_id_t * sid) { return 0; }
int sidget(security_id_t sid) { return 0; }
int sidput(security_id_t sid) { return 0; }
int avc_get_initial_sid(const char *name, security_id_t * sid) { return 0; }
int avc_init(const char *msgprefix,
const struct avc_memory_callback *mem_callbacks,
const struct avc_log_callback *log_callbacks,
const struct avc_thread_callback *thread_callbacks,
const struct avc_lock_callback *lock_callbacks) { return 0; }
int avc_open(struct selinux_opt *opts, unsigned nopts) { return 0; }
void avc_cleanup(void) { }
int avc_reset(void) { return 0; }
void avc_destroy(void) { }
int avc_has_perm_noaudit(security_id_t ssid,
security_id_t tsid,
security_class_t tclass,
access_vector_t requested,
struct avc_entry_ref *aeref, struct av_decision *avd) { return 0; }
int avc_has_perm(security_id_t ssid, security_id_t tsid,
security_class_t tclass, access_vector_t requested,
struct avc_entry_ref *aeref, void *auditdata) { return 0; }
void avc_audit(security_id_t ssid, security_id_t tsid,
security_class_t tclass, access_vector_t requested,
struct av_decision *avd, int result, void *auditdata) { }
int avc_compute_create(security_id_t ssid,
security_id_t tsid,
security_class_t tclass, security_id_t * newsid) { return 0; }
int avc_compute_member(security_id_t ssid,
security_id_t tsid,
security_class_t tclass, security_id_t * newsid) { return 0; }
int avc_add_callback(int (*callback)
(uint32_t event, security_id_t ssid,
security_id_t tsid, security_class_t tclass,
access_vector_t perms,
access_vector_t * out_retained),
uint32_t events, security_id_t ssid,
security_id_t tsid, security_class_t tclass,
access_vector_t perms) { return 0; }
void avc_cache_stats(struct avc_cache_stats *stats) { }
void avc_av_stats(void) { }
void avc_sid_stats(void) { }
int avc_netlink_open(int blocking) { return 0; }
void avc_netlink_loop(void) { }
void avc_netlink_close(void) { }
int avc_netlink_acquire_fd(void) { return 0; }
void avc_netlink_release_fd(void) { }
int avc_netlink_check_nb(void) { return 0; }
int selinux_status_open(int fallback) { return 0; }
void selinux_status_close(void) { }
int selinux_status_updated(void) { return 0; }
int selinux_status_getenforce(void) { return 0; }
int selinux_status_policyload(void) { return 0; }
int selinux_status_deny_unknown(void) { return 0; }
context_t context_new(const char *s) { return 0; }
char *context_str(context_t c) { return 0; }
void context_free(context_t c) { }
const char *context_type_get(context_t c) { return 0; }
const char *context_range_get(context_t c) { return 0; }
const char *context_role_get(context_t c) { return 0; }
const char *context_user_get(context_t c) { return 0; }
int context_type_set(context_t c, const char *s) { return 0; }
int context_range_set(context_t c, const char *s) { return 0; }
int context_role_set(context_t c, const char *s) { return 0; }
int context_user_set(context_t c, const char *s) { return 0; }
int get_ordered_context_list(const char *user,
char * fromcon,
char *** list) { return 0; }
int get_ordered_context_list_with_level(const char *user,
const char *level,
char * fromcon,
char *** list) { return 0; }
int get_default_context(const char *user,
char * fromcon,
char ** newcon) { return 0; }
int get_default_context_with_level(const char *user,
const char *level,
char * fromcon,
char ** newcon) { return 0; }
int get_default_context_with_role(const char *user,
const char *role,
char * fromcon,
char ** newcon) { return 0; }
int get_default_context_with_rolelevel(const char *user,
const char *role,
const char *level,
char * fromcon,
char ** newcon) { return 0; }
int query_user_context(char ** list,
char ** newcon) { return 0; }
int manual_user_enter_context(const char *user,
char ** newcon) { return 0; }
const char *selinux_default_type_path(void) { return 0; }
int get_default_type(const char *role, char **type) { return 0; }
struct selabel_handle *selabel_open(unsigned int backend,
const struct selinux_opt *opts,
unsigned nopts) { return 0; }
void selabel_close(struct selabel_handle *handle) { }
int selabel_lookup(struct selabel_handle *handle, char **con,
const char *key, int type) { return 0; }
int selabel_lookup_raw(struct selabel_handle *handle, char **con,
const char *key, int type) { return 0; }
bool selabel_partial_match(struct selabel_handle *handle, const char *key) { return 0; }
int selabel_lookup_best_match(struct selabel_handle *rec, char **con,
const char *key, const char **aliases, int type) { return 0; }
int selabel_lookup_best_match_raw(struct selabel_handle *rec, char **con,
const char *key, const char **aliases, int type) { return 0; }
int selabel_digest(struct selabel_handle *rec,
unsigned char **digest, size_t *digest_len,
char ***specfiles, size_t *num_specfiles) { return 0; }
void selabel_stats(struct selabel_handle *handle) { }
int selinux_restorecon(const char *pathname,
unsigned int restorecon_flags) { return 0; }
struct selabel_handle *selinux_restorecon_default_handle(void) { return 0; }
void selinux_restorecon_set_exclude_list(const char **exclude_list) { }
int selinux_restorecon_set_alt_rootpath(const char *alt_rootpath) { return 0; }
int selinux_restorecon_xattr(const char *pathname,
unsigned int xattr_flags,
struct dir_xattr ***xattr_list) { return 0; }

0
jni/sqlite3/sqlite3.h → jni/external/sqlite3.h vendored
View File

676
jni/external/sqlite3_stub.c vendored Normal file
View File

@@ -0,0 +1,676 @@
#include "sqlite3.h"
SQLITE_API const char *sqlite3_libversion(void) { return 0; }
SQLITE_API const char *sqlite3_sourceid(void) { return 0; }
SQLITE_API int sqlite3_libversion_number(void) { return 0; }
#ifndef SQLITE_OMIT_COMPILEOPTION_DIAGS
SQLITE_API int sqlite3_compileoption_used(const char *zOptName) { return 0; }
SQLITE_API const char *sqlite3_compileoption_get(int N) { return 0; }
#endif
SQLITE_API int sqlite3_threadsafe(void) { return 0; }
SQLITE_API int sqlite3_close(sqlite3 *db) { return 0; }
SQLITE_API int sqlite3_close_v2(sqlite3 *db) { return 0; }
SQLITE_API int sqlite3_exec(
sqlite3 *db,
const char *sql,
int (*callback)(void*,int,char**,char**),
void *v,
char **errmsg
) { return 0; }
SQLITE_API int sqlite3_initialize(void) { return 0; }
SQLITE_API int sqlite3_shutdown(void) { return 0; }
SQLITE_API int sqlite3_os_init(void) { return 0; }
SQLITE_API int sqlite3_os_end(void) { return 0; }
SQLITE_API int sqlite3_config(int i, ...) { return 0; }
SQLITE_API int sqlite3_db_config(sqlite3 *db, int op, ...) { return 0; }
SQLITE_API int sqlite3_extended_result_codes(sqlite3 *db, int onoff) { return 0; }
SQLITE_API sqlite3_int64 sqlite3_last_insert_rowid(sqlite3 *db) { return 0; }
SQLITE_API void sqlite3_set_last_insert_rowid(sqlite3 *db,sqlite3_int64 i) { }
SQLITE_API int sqlite3_changes(sqlite3 *db) { return 0; }
SQLITE_API int sqlite3_total_changes(sqlite3 *db) { return 0; }
SQLITE_API void sqlite3_interrupt(sqlite3 *db) { }
SQLITE_API int sqlite3_complete(const char *sql) { return 0; }
SQLITE_API int sqlite3_complete16(const void *sql) { return 0; }
SQLITE_API int sqlite3_busy_handler(sqlite3 *db, int(*f) (void *v,int i), void* v) { return 0; }
SQLITE_API int sqlite3_busy_timeout(sqlite3 *db, int ms) { return 0; }
SQLITE_API int sqlite3_get_table(
sqlite3 *db,
const char *zSql,
char ***pazResult,
int *pnRow,
int *pnColumn,
char **pzErrmsg
) { return 0; }
SQLITE_API void sqlite3_free_table(char **result) { }
SQLITE_API char *sqlite3_mprintf(const char* s,...) { return 0; }
SQLITE_API char *sqlite3_vmprintf(const char* s, va_list v) { return 0; }
SQLITE_API char *sqlite3_snprintf(int i, char* s, const char* st, ...) { return 0; }
SQLITE_API char *sqlite3_vsnprintf(int i, char* s, const char* st, va_list v) { return 0; }
SQLITE_API void *sqlite3_malloc(int i) { return 0; }
SQLITE_API void *sqlite3_malloc64(sqlite3_uint64 i) { return 0; }
SQLITE_API void *sqlite3_realloc(void* v, int i) { return 0; }
SQLITE_API void *sqlite3_realloc64(void* v, sqlite3_uint64 i) { return 0; }
SQLITE_API void sqlite3_free(void* v) { }
SQLITE_API sqlite3_uint64 sqlite3_msize(void* v) { return 0; }
SQLITE_API sqlite3_int64 sqlite3_memory_used(void) { return 0; }
SQLITE_API sqlite3_int64 sqlite3_memory_highwater(int resetFlag) { return 0; }
SQLITE_API void sqlite3_randomness(int N, void *P) { }
SQLITE_API int sqlite3_set_authorizer(
sqlite3 *db,
int (*xAuth)(void *v,int i,const char*,const char*,const char*,const char*),
void *pUserData
) { return 0; }
SQLITE_API SQLITE_DEPRECATED void *sqlite3_trace(sqlite3 *db,
void(*xTrace)(void *v,const char*), void* v) { return 0; }
SQLITE_API SQLITE_DEPRECATED void *sqlite3_profile(sqlite3 *db,
void(*xProfile)(void *v,const char*,sqlite3_uint64), void* v) { return 0; }
SQLITE_API int sqlite3_trace_v2(
sqlite3 *db,
unsigned uMask,
int(*xCallback)(unsigned,void *v,void *vv,void*),
void *pCtx
) { return 0; }
SQLITE_API void sqlite3_progress_handler(sqlite3 *db, int i, int(*f)(void*), void* v) { }
SQLITE_API int sqlite3_open(
const char *filename,
sqlite3 **ppDb
) { return 0; }
SQLITE_API int sqlite3_open16(
const void *filename,
sqlite3 **ppDb
) { return 0; }
SQLITE_API int sqlite3_open_v2(
const char *filename,
sqlite3 **ppDb,
int flags,
const char *zVfs
) { return 0; }
SQLITE_API const char *sqlite3_uri_parameter(const char *zFilename, const char *zParam) { return 0; }
SQLITE_API int sqlite3_uri_boolean(const char *zFile, const char *zParam, int bDefault) { return 0; }
SQLITE_API sqlite3_int64 sqlite3_uri_int64(const char* s, const char* st, sqlite3_int64 i) { return 0; }
SQLITE_API int sqlite3_errcode(sqlite3 *db) { return 0; }
SQLITE_API int sqlite3_extended_errcode(sqlite3 *db) { return 0; }
SQLITE_API const char *sqlite3_errmsg(sqlite3 *db) { return 0; }
SQLITE_API const void *sqlite3_errmsg16(sqlite3 *db) { return 0; }
SQLITE_API const char *sqlite3_errstr(int i) { return 0; }
SQLITE_API int sqlite3_limit(sqlite3 *db, int id, int newVal) { return 0; }
SQLITE_API int sqlite3_prepare(
sqlite3 *db,
const char *zSql,
int nByte,
sqlite3_stmt **ppStmt,
const char **pzTail
) { return 0; }
SQLITE_API int sqlite3_prepare_v2(
sqlite3 *db,
const char *zSql,
int nByte,
sqlite3_stmt **ppStmt,
const char **pzTail
) { return 0; }
SQLITE_API int sqlite3_prepare16(
sqlite3 *db,
const void *zSql,
int nByte,
sqlite3_stmt **ppStmt,
const void **pzTail
) { return 0; }
SQLITE_API int sqlite3_prepare16_v2(
sqlite3 *db,
const void *zSql,
int nByte,
sqlite3_stmt **ppStmt,
const void **pzTail
) { return 0; }
SQLITE_API const char *sqlite3_sql(sqlite3_stmt *pStmt) { return 0; }
SQLITE_API char *sqlite3_expanded_sql(sqlite3_stmt *pStmt) { return 0; }
SQLITE_API int sqlite3_stmt_readonly(sqlite3_stmt *pStmt) { return 0; }
SQLITE_API int sqlite3_stmt_busy(sqlite3_stmt* s) { return 0; }
SQLITE_API int sqlite3_bind_blob(sqlite3_stmt* s, int i, const void*v, int n, void(*f)(void*)) { return 0; }
SQLITE_API int sqlite3_bind_blob64(sqlite3_stmt* s, int i, const void *v, sqlite3_uint64 ii,
void(*f)(void*)) { return 0; }
SQLITE_API int sqlite3_bind_double(sqlite3_stmt* s, int i, double d) { return 0; }
SQLITE_API int sqlite3_bind_int(sqlite3_stmt* s, int i, int ii) { return 0; }
SQLITE_API int sqlite3_bind_int64(sqlite3_stmt* s, int i, sqlite3_int64 ii) { return 0; }
SQLITE_API int sqlite3_bind_null(sqlite3_stmt* s, int i) { return 0; }
SQLITE_API int sqlite3_bind_text(sqlite3_stmt* s,int i,const char* str, int ii, void(*f)(void*)) { return 0; }
SQLITE_API int sqlite3_bind_text16(sqlite3_stmt* s, int i, const void *v, int ii, void(*f)(void*)) { return 0; }
SQLITE_API int sqlite3_bind_text64(sqlite3_stmt* s, int i, const char* str, sqlite3_uint64 ii,
void(*f)(void*), unsigned char encoding) { return 0; }
SQLITE_API int sqlite3_bind_value(sqlite3_stmt* s, int i, const sqlite3_value* v) { return 0; }
SQLITE_API int sqlite3_bind_zeroblob(sqlite3_stmt* s, int i, int n) { return 0; }
SQLITE_API int sqlite3_bind_zeroblob64(sqlite3_stmt* s, int i, sqlite3_uint64 ii) { return 0; }
SQLITE_API int sqlite3_bind_parameter_count(sqlite3_stmt* s) { return 0; }
SQLITE_API const char *sqlite3_bind_parameter_name(sqlite3_stmt* s, int i) { return 0; }
SQLITE_API int sqlite3_bind_parameter_index(sqlite3_stmt* s, const char *zName) { return 0; }
SQLITE_API int sqlite3_clear_bindings(sqlite3_stmt* s) { return 0; }
SQLITE_API int sqlite3_column_count(sqlite3_stmt *pStmt) { return 0; }
SQLITE_API const char *sqlite3_column_name(sqlite3_stmt* s, int N) { return 0; }
SQLITE_API const void *sqlite3_column_name16(sqlite3_stmt* s, int N) { return 0; }
SQLITE_API const char *sqlite3_column_database_name(sqlite3_stmt* s,int i) { return 0; }
SQLITE_API const void *sqlite3_column_database_name16(sqlite3_stmt* s,int i){ return 0; }
SQLITE_API const char *sqlite3_column_table_name(sqlite3_stmt* s,int i) { return 0; }
SQLITE_API const void *sqlite3_column_table_name16(sqlite3_stmt* s,int i) { return 0; }
SQLITE_API const char *sqlite3_column_origin_name(sqlite3_stmt* s,int i) { return 0; }
SQLITE_API const void *sqlite3_column_origin_name16(sqlite3_stmt* s,int i) { return 0; }
SQLITE_API const char *sqlite3_column_decltype(sqlite3_stmt* s,int i) { return 0; }
SQLITE_API const void *sqlite3_column_decltype16(sqlite3_stmt* s,int i) { return 0; }
SQLITE_API int sqlite3_step(sqlite3_stmt* s) { return 0; }
SQLITE_API int sqlite3_data_count(sqlite3_stmt *pStmt) { return 0; }
SQLITE_API const void *sqlite3_column_blob(sqlite3_stmt* s, int iCol) { return 0; }
SQLITE_API int sqlite3_column_bytes(sqlite3_stmt* s, int iCol) { return 0; }
SQLITE_API int sqlite3_column_bytes16(sqlite3_stmt* s, int iCol) { return 0; }
SQLITE_API double sqlite3_column_double(sqlite3_stmt* s, int iCol) { return 0; }
SQLITE_API int sqlite3_column_int(sqlite3_stmt* s, int iCol) { return 0; }
SQLITE_API sqlite3_int64 sqlite3_column_int64(sqlite3_stmt* s, int iCol) { return 0; }
SQLITE_API const unsigned char *sqlite3_column_text(sqlite3_stmt* s, int iCol) { return 0; }
SQLITE_API const void *sqlite3_column_text16(sqlite3_stmt* s, int iCol) { return 0; }
SQLITE_API int sqlite3_column_type(sqlite3_stmt* s, int iCol) { return 0; }
SQLITE_API sqlite3_value *sqlite3_column_value(sqlite3_stmt* s, int iCol) { return 0; }
SQLITE_API int sqlite3_finalize(sqlite3_stmt *pStmt) { return 0; }
SQLITE_API int sqlite3_reset(sqlite3_stmt *pStmt) { return 0; }
SQLITE_API int sqlite3_create_function(
sqlite3 *db,
const char *zFunctionName,
int nArg,
int eTextRep,
void *pApp,
void (*xFunc)(sqlite3_context* c,int i,sqlite3_value**),
void (*xStep)(sqlite3_context* c,int i,sqlite3_value**),
void (*xFinal)(sqlite3_context* c)
) { return 0; }
SQLITE_API int sqlite3_create_function16(
sqlite3 *db,
const void *zFunctionName,
int nArg,
int eTextRep,
void *pApp,
void (*xFunc)(sqlite3_context* c,int i,sqlite3_value**),
void (*xStep)(sqlite3_context* c,int i,sqlite3_value**),
void (*xFinal)(sqlite3_context* c)
) { return 0; }
SQLITE_API int sqlite3_create_function_v2(
sqlite3 *db,
const char *zFunctionName,
int nArg,
int eTextRep,
void *pApp,
void (*xFunc)(sqlite3_context* c,int i,sqlite3_value**),
void (*xStep)(sqlite3_context* c,int i,sqlite3_value**),
void (*xFinal)(sqlite3_context* c),
void(*xDestroy)(void*)
) { return 0; }
#ifndef SQLITE_OMIT_DEPRECATED
SQLITE_API SQLITE_DEPRECATED int sqlite3_aggregate_count(sqlite3_context* c) { return 0; }
SQLITE_API SQLITE_DEPRECATED int sqlite3_expired(sqlite3_stmt* s) { return 0; }
SQLITE_API SQLITE_DEPRECATED int sqlite3_transfer_bindings(sqlite3_stmt* s, sqlite3_stmt* ss) { return 0; }
SQLITE_API SQLITE_DEPRECATED int sqlite3_global_recover(void) { return 0; }
SQLITE_API SQLITE_DEPRECATED void sqlite3_thread_cleanup(void) { }
SQLITE_API SQLITE_DEPRECATED int sqlite3_memory_alarm(void(*f)(void *v,sqlite3_int64,int),
void *v,sqlite3_int64 i) { return 0; }
#endif
SQLITE_API const void *sqlite3_value_blob(sqlite3_value* v) { return 0; }
SQLITE_API int sqlite3_value_bytes(sqlite3_value* v) { return 0; }
SQLITE_API int sqlite3_value_bytes16(sqlite3_value* v) { return 0; }
SQLITE_API double sqlite3_value_double(sqlite3_value* v) { return 0; }
SQLITE_API int sqlite3_value_int(sqlite3_value* v) { return 0; }
SQLITE_API sqlite3_int64 sqlite3_value_int64(sqlite3_value* v) { return 0; }
SQLITE_API const unsigned char *sqlite3_value_text(sqlite3_value* v) { return 0; }
SQLITE_API const void *sqlite3_value_text16(sqlite3_value* v) { return 0; }
SQLITE_API const void *sqlite3_value_text16le(sqlite3_value* v) { return 0; }
SQLITE_API const void *sqlite3_value_text16be(sqlite3_value* v) { return 0; }
SQLITE_API int sqlite3_value_type(sqlite3_value* v) { return 0; }
SQLITE_API int sqlite3_value_numeric_type(sqlite3_value* v) { return 0; }
SQLITE_API unsigned int sqlite3_value_subtype(sqlite3_value* v) { return 0; }
SQLITE_API sqlite3_value *sqlite3_value_dup(const sqlite3_value* v) { return 0; }
SQLITE_API void sqlite3_value_free(sqlite3_value* v) { }
SQLITE_API void *sqlite3_aggregate_context(sqlite3_context* c, int nBytes) { return 0; }
SQLITE_API void *sqlite3_user_data(sqlite3_context* c) { return 0; }
SQLITE_API sqlite3 *sqlite3_context_db_handle(sqlite3_context* c) { return 0; }
SQLITE_API void *sqlite3_get_auxdata(sqlite3_context* c, int N) { return 0; }
SQLITE_API void sqlite3_set_auxdata(sqlite3_context* c, int N, void *v, void (*f)(void*)) { }
SQLITE_API void sqlite3_result_blob(sqlite3_context* c, const void *v, int i, void(*f)(void*)) { }
SQLITE_API void sqlite3_result_blob64(sqlite3_context* c,const void *v,
sqlite3_uint64 i,void(*f)(void*)) { }
SQLITE_API void sqlite3_result_double(sqlite3_context* c, double d) { }
SQLITE_API void sqlite3_result_error(sqlite3_context* c, const char* s, int i) { }
SQLITE_API void sqlite3_result_error16(sqlite3_context* c, const void *v, int i) { }
SQLITE_API void sqlite3_result_error_toobig(sqlite3_context* c) { }
SQLITE_API void sqlite3_result_error_nomem(sqlite3_context* c) { }
SQLITE_API void sqlite3_result_error_code(sqlite3_context* c, int i) { }
SQLITE_API void sqlite3_result_int(sqlite3_context* c, int i) { }
SQLITE_API void sqlite3_result_int64(sqlite3_context* c, sqlite3_int64 i) { }
SQLITE_API void sqlite3_result_null(sqlite3_context* c) { }
SQLITE_API void sqlite3_result_text(sqlite3_context* c, const char* s, int i, void(*f)(void*)) { }
SQLITE_API void sqlite3_result_text64(sqlite3_context* c, const char* s, sqlite3_uint64 i,
void(*f)(void*), unsigned char encoding) { }
SQLITE_API void sqlite3_result_text16(sqlite3_context* c, const void *v, int i, void(*f)(void*)) { }
SQLITE_API void sqlite3_result_text16le(sqlite3_context* c, const void *v, int i,void(*f)(void*)) { }
SQLITE_API void sqlite3_result_text16be(sqlite3_context* c, const void *v, int i,void(*f)(void*)) { }
SQLITE_API void sqlite3_result_value(sqlite3_context* c, sqlite3_value* v) { }
SQLITE_API void sqlite3_result_zeroblob(sqlite3_context* c, int n) { }
SQLITE_API int sqlite3_result_zeroblob64(sqlite3_context* c, sqlite3_uint64 n) { return 0; }
SQLITE_API void sqlite3_result_subtype(sqlite3_context* c,unsigned int i) { }
SQLITE_API int sqlite3_create_collation(
sqlite3 *db,
const char *zName,
int eTextRep,
void *pArg,
int(*xCompare)(void *,int,const void *,int,const void*)
) { return 0; }
SQLITE_API int sqlite3_create_collation_v2(
sqlite3 *db,
const char *zName,
int eTextRep,
void *pArg,
int(*xCompare)(void *,int,const void*,int,const void*),
void(*xDestroy)(void*)
) { return 0; }
SQLITE_API int sqlite3_create_collation16(
sqlite3 *db,
const void *zName,
int eTextRep,
void *pArg,
int(*xCompare)(void *,int,const void *,int,const void*)
) { return 0; }
SQLITE_API int sqlite3_collation_needed(
sqlite3 *db,
void *v,
void(*f)(void *v,sqlite3 *db,int eTextRep,const char*)
) { return 0; }
SQLITE_API int sqlite3_collation_needed16(
sqlite3 *db,
void *v,
void(*f)(void *v,sqlite3 *db,int eTextRep,const void*)
) { return 0; }
#ifdef SQLITE_HAS_CODEC
SQLITE_API int sqlite3_key(
sqlite3 *db,
const void *pKey, int nKey
) { return 0; }
SQLITE_API int sqlite3_key_v2(
sqlite3 *db,
const char *zDbName,
const void *pKey, int nKey
) { return 0; }
SQLITE_API int sqlite3_rekey(
sqlite3 *db,
const void *pKey, int nKey
) { return 0; }
SQLITE_API int sqlite3_rekey_v2(
sqlite3 *db,
const char *zDbName,
const void *pKey, int nKey
) { return 0; }
SQLITE_API void sqlite3_activate_see(
const char *zPassPhrase
) { return 0; }
#endif
#ifdef SQLITE_ENABLE_CEROD
SQLITE_API void sqlite3_activate_cerod(
const char *zPassPhrase
) { return 0; }
#endif
SQLITE_API int sqlite3_sleep(int i) { return 0; }
SQLITE_API int sqlite3_get_autocommit(sqlite3 *db) { return 0; }
SQLITE_API sqlite3 *sqlite3_db_handle(sqlite3_stmt *s) { return 0; }
SQLITE_API const char *sqlite3_db_filename(sqlite3 *db, const char *zDbName) { return 0; }
SQLITE_API int sqlite3_db_readonly(sqlite3 *db, const char *zDbName) { return 0; }
SQLITE_API sqlite3_stmt *sqlite3_next_stmt(sqlite3 *pDb, sqlite3_stmt *pStmt) { return 0; }
SQLITE_API void *sqlite3_commit_hook(sqlite3 *db, int(*f)(void*), void *v) { return 0; }
SQLITE_API void *sqlite3_rollback_hook(sqlite3 *db, void(*f)(void *), void *v) { return 0; }
SQLITE_API void *sqlite3_update_hook(
sqlite3 *db,
void(*f)(void *,int ,char const *,char const *,sqlite3_int64),
void *v
) { return 0; }
SQLITE_API int sqlite3_enable_shared_cache(int i) { return 0; }
SQLITE_API int sqlite3_release_memory(int i) { return 0; }
SQLITE_API int sqlite3_db_release_memory(sqlite3 *db) { return 0; }
SQLITE_API sqlite3_int64 sqlite3_soft_heap_limit64(sqlite3_int64 N) { return 0; }
SQLITE_API SQLITE_DEPRECATED void sqlite3_soft_heap_limit(int N) { }
SQLITE_API int sqlite3_table_column_metadata(
sqlite3 *db,
const char *zDbName,
const char *zTableName,
const char *zColumnName,
char const **pzDataType,
char const **pzCollSeq,
int *pNotNull,
int *pPrimaryKey,
int *pAutoinc
) { return 0; }
SQLITE_API int sqlite3_load_extension(
sqlite3 *db,
const char *zFile,
const char *zProc,
char **pzErrMsg
) { return 0; }
SQLITE_API int sqlite3_enable_load_extension(sqlite3 *db, int onoff) { return 0; }
SQLITE_API int sqlite3_auto_extension(void(*xEntryPoint)(void)) { return 0; }
SQLITE_API int sqlite3_cancel_auto_extension(void(*xEntryPoint)(void)) { return 0; }
SQLITE_API void sqlite3_reset_auto_extension(void) { }
SQLITE_API int sqlite3_create_module(
sqlite3 *db,
const char *zName,
const sqlite3_module *p,
void *pClientData
) { return 0; }
SQLITE_API int sqlite3_create_module_v2(
sqlite3 *db,
const char *zName,
const sqlite3_module *p,
void *pClientData,
void(*xDestroy)(void*)
) { return 0; }
SQLITE_API int sqlite3_declare_vtab(sqlite3 *db, const char *zSQL) { return 0; }
SQLITE_API int sqlite3_overload_function(sqlite3 *db, const char *zFuncName, int nArg) { return 0; }
SQLITE_API int sqlite3_blob_open(
sqlite3 *db,
const char *zDb,
const char *zTable,
const char *zColumn,
sqlite3_int64 iRow,
int flags,
sqlite3_blob **ppBlob
) { return 0; }
SQLITE_API int sqlite3_blob_reopen(sqlite3_blob *b, sqlite3_int64 i) { return 0; }
SQLITE_API int sqlite3_blob_close(sqlite3_blob *b) { return 0; }
SQLITE_API int sqlite3_blob_bytes(sqlite3_blob *b) { return 0; }
SQLITE_API int sqlite3_blob_read(sqlite3_blob *b, void *Z, int N, int iOffset) { return 0; }
SQLITE_API int sqlite3_blob_write(sqlite3_blob *b, const void *z, int n, int iOffset) { return 0; }
SQLITE_API sqlite3_vfs *sqlite3_vfs_find(const char *zVfsName) { return 0; }
SQLITE_API int sqlite3_vfs_register(sqlite3_vfs *v, int makeDflt) { return 0; }
SQLITE_API int sqlite3_vfs_unregister(sqlite3_vfs *v) { return 0; }
SQLITE_API sqlite3_mutex *sqlite3_mutex_alloc(int i) { return 0; }
SQLITE_API void sqlite3_mutex_free(sqlite3_mutex *m) { }
SQLITE_API void sqlite3_mutex_enter(sqlite3_mutex *m) { }
SQLITE_API int sqlite3_mutex_try(sqlite3_mutex *m) { return 0; }
SQLITE_API void sqlite3_mutex_leave(sqlite3_mutex *m) { }
#ifndef NDEBUG
SQLITE_API int sqlite3_mutex_held(sqlite3_mutex *m) { return 0; }
SQLITE_API int sqlite3_mutex_notheld(sqlite3_mutex *m) { return 0; }
#endif
SQLITE_API sqlite3_mutex *sqlite3_db_mutex(sqlite3* db) { return 0; }
SQLITE_API int sqlite3_file_control(sqlite3 *db, const char *zDbName, int op, void* v) { return 0; }
SQLITE_API int sqlite3_test_control(int op, ...) { return 0; }
SQLITE_API int sqlite3_status(int op, int *pCurrent, int *pHighwater, int resetFlag) { return 0; }
SQLITE_API int sqlite3_status64(
int op,
sqlite3_int64 *pCurrent,
sqlite3_int64 *pHighwater,
int resetFlag
) { return 0; }
SQLITE_API int sqlite3_db_status(sqlite3 *db, int op, int *pCur, int *pHiwtr, int resetFlg) { return 0; }
SQLITE_API int sqlite3_stmt_status(sqlite3_stmt* s, int op,int resetFlg) { return 0; }
SQLITE_API sqlite3_backup *sqlite3_backup_init(
sqlite3 *pDest,
const char *zDestName,
sqlite3 *pSource,
const char *zSourceName
) { return 0; }
SQLITE_API int sqlite3_backup_step(sqlite3_backup *p, int nPage) { return 0; }
SQLITE_API int sqlite3_backup_finish(sqlite3_backup *p) { return 0; }
SQLITE_API int sqlite3_backup_remaining(sqlite3_backup *p) { return 0; }
SQLITE_API int sqlite3_backup_pagecount(sqlite3_backup *p) { return 0; }
SQLITE_API int sqlite3_unlock_notify(
sqlite3 *pBlocked,
void (*xNotify)(void **apArg, int nArg),
void *pNotifyArg
) { return 0; }
SQLITE_API int sqlite3_stricmp(const char *s, const char *ss) { return 0; }
SQLITE_API int sqlite3_strnicmp(const char *s, const char *ss, int i) { return 0; }
SQLITE_API int sqlite3_strglob(const char *zGlob, const char *zStr) { return 0; }
SQLITE_API int sqlite3_strlike(const char *zGlob, const char *zStr, unsigned int cEsc) { return 0; }
SQLITE_API void sqlite3_log(int iErrCode, const char *zFormat, ...) { }
SQLITE_API void *sqlite3_wal_hook(
sqlite3 *db,
int(*f)(void *,sqlite3 *db,const char*,int i),
void *v
) { return 0; }
SQLITE_API int sqlite3_wal_autocheckpoint(sqlite3 *db, int N) { return 0; }
SQLITE_API int sqlite3_wal_checkpoint(sqlite3 *db, const char *zDb) { return 0; }
SQLITE_API int sqlite3_wal_checkpoint_v2(
sqlite3 *db,
const char *zDb,
int eMode,
int *pnLog,
int *pnCkpt
) { return 0; }
#define SQLITE_CHECKPOINT_PASSIVE 0
#define SQLITE_CHECKPOINT_FULL 1
#define SQLITE_CHECKPOINT_RESTART 2
#define SQLITE_CHECKPOINT_TRUNCATE 3
SQLITE_API int sqlite3_vtab_config(sqlite3 *db, int op, ...) { return 0; }
#define SQLITE_VTAB_CONSTRAINT_SUPPORT 1
SQLITE_API int sqlite3_vtab_on_conflict(sqlite3 *db) { return 0; }
#define SQLITE_ROLLBACK 1
#define SQLITE_FAIL 3
#define SQLITE_REPLACE 5
#define SQLITE_SCANSTAT_NLOOP 0
#define SQLITE_SCANSTAT_NVISIT 1
#define SQLITE_SCANSTAT_EST 2
#define SQLITE_SCANSTAT_NAME 3
#define SQLITE_SCANSTAT_EXPLAIN 4
#define SQLITE_SCANSTAT_SELECTID 5
SQLITE_API int sqlite3_stmt_scanstatus(
sqlite3_stmt *pStmt,
int idx,
int iScanStatusOp,
void *pOut
) { return 0; }
SQLITE_API void sqlite3_stmt_scanstatus_reset(sqlite3_stmt *s) { }
SQLITE_API int sqlite3_db_cacheflush(sqlite3* db) { return 0; }
#if defined(SQLITE_ENABLE_PREUPDATE_HOOK)
SQLITE_API void *sqlite3_preupdate_hook(
sqlite3 *db,
void(*xPreUpdate)(
void *pCtx,
sqlite3 *db,
int op,
char const *zDb,
char const *zName,
sqlite3_int64 iKey1,
sqlite3_int64 iKey2
),
void*
) { return 0; }
SQLITE_API int sqlite3_preupdate_old(sqlite3 *, int i, sqlite3_value **) { return 0; }
SQLITE_API int sqlite3_preupdate_count(sqlite3 *) { return 0; }
SQLITE_API int sqlite3_preupdate_depth(sqlite3 *) { return 0; }
SQLITE_API int sqlite3_preupdate_new(sqlite3 *, int i, sqlite3_value **) { return 0; }
#endif
SQLITE_API int sqlite3_system_errno(sqlite3 *db) { return 0; }
SQLITE_API SQLITE_EXPERIMENTAL int sqlite3_snapshot_get(
sqlite3 *db,
const char *zSchema,
sqlite3_snapshot **ppSnapshot
) { return 0; }
SQLITE_API SQLITE_EXPERIMENTAL int sqlite3_snapshot_open(
sqlite3 *db,
const char *zSchema,
sqlite3_snapshot *pSnapshot
) { return 0; }
SQLITE_API SQLITE_EXPERIMENTAL void sqlite3_snapshot_free(sqlite3_snapshot* s) { }
SQLITE_API SQLITE_EXPERIMENTAL int sqlite3_snapshot_cmp(
sqlite3_snapshot *p1,
sqlite3_snapshot *p2
) { return 0; }
SQLITE_API SQLITE_EXPERIMENTAL int sqlite3_snapshot_recover(sqlite3 *db, const char *zDb) { return 0; }
SQLITE_API int sqlite3_rtree_geometry_callback(
sqlite3 *db,
const char *zGeom,
int (*xGeom)(sqlite3_rtree_geometry*, int i, sqlite3_rtree_dbl*,int*),
void *pContext
) { return 0; }
SQLITE_API int sqlite3_rtree_query_callback(
sqlite3 *db,
const char *zQueryFunc,
int (*xQueryFunc)(sqlite3_rtree_query_info*),
void *pContext,
void (*xDestructor)(void*)
) { return 0; }
typedef struct sqlite3_session sqlite3_session;
typedef struct sqlite3_changeset_iter sqlite3_changeset_iter;
SQLITE_API int sqlite3session_create(
sqlite3 *db,
const char *zDb,
sqlite3_session **ppSession
) { return 0; }
SQLITE_API void sqlite3session_delete(sqlite3_session *pSession) { }
SQLITE_API int sqlite3session_enable(sqlite3_session *pSession, int bEnable) { return 0; }
SQLITE_API int sqlite3session_indirect(sqlite3_session *pSession, int bIndirect) { return 0; }
SQLITE_API int sqlite3session_attach(
sqlite3_session *pSession,
const char *zTab
) { return 0; }
SQLITE_API void sqlite3session_table_filter(
sqlite3_session *pSession,
int(*xFilter)(
void *pCtx,
const char *zTab
),
void *pCtx
) { }
SQLITE_API int sqlite3session_changeset(
sqlite3_session *pSession,
int *pnChangeset,
void **ppChangeset
) { return 0; }
SQLITE_API int sqlite3session_diff(
sqlite3_session *pSession,
const char *zFromDb,
const char *zTbl,
char **pzErrMsg
) { return 0; }
SQLITE_API int sqlite3session_patchset(
sqlite3_session *pSession,
int *pnPatchset,
void **ppPatchset
) { return 0; }
SQLITE_API int sqlite3session_isempty(sqlite3_session *pSession) { return 0; }
SQLITE_API int sqlite3changeset_start(
sqlite3_changeset_iter **pp,
int nChangeset,
void *pChangeset
) { return 0; }
SQLITE_API int sqlite3changeset_next(sqlite3_changeset_iter *pIter) { return 0; }
SQLITE_API int sqlite3changeset_op(
sqlite3_changeset_iter *pIter,
const char **pzTab,
int *pnCol,
int *pOp,
int *pbIndirect
) { return 0; }
SQLITE_API int sqlite3changeset_pk(
sqlite3_changeset_iter *pIter,
unsigned char **pabPK,
int *pnCol
) { return 0; }
SQLITE_API int sqlite3changeset_old(
sqlite3_changeset_iter *pIter,
int iVal,
sqlite3_value **ppValue
) { return 0; }
SQLITE_API int sqlite3changeset_new(
sqlite3_changeset_iter *pIter,
int iVal,
sqlite3_value **ppValue
) { return 0; }
SQLITE_API int sqlite3changeset_conflict(
sqlite3_changeset_iter *pIter,
int iVal,
sqlite3_value **ppValue
) { return 0; }
SQLITE_API int sqlite3changeset_fk_conflicts(
sqlite3_changeset_iter *pIter,
int *pnOut
) { return 0; }
SQLITE_API int sqlite3changeset_finalize(sqlite3_changeset_iter *pIter) { return 0; }
SQLITE_API int sqlite3changeset_invert(
int nIn, const void *pIn,
int *pnOut, void **ppOut
) { return 0; }
SQLITE_API int sqlite3changeset_concat(
int nA,
void *pA,
int nB,
void *pB,
int *pnOut,
void **ppOut
) { return 0; }
typedef struct sqlite3_changegroup sqlite3_changegroup;
int sqlite3changegroup_new(sqlite3_changegroup **pp) { return 0; }
int sqlite3changegroup_add(sqlite3_changegroup *c, int nData, void *pData) { return 0; }
int sqlite3changegroup_output(
sqlite3_changegroup *c,
int *pnData,
void **ppData
) { return 0; }
void sqlite3changegroup_delete(sqlite3_changegroup *c) { }
SQLITE_API int sqlite3changeset_apply(
sqlite3 *db,
int nChangeset,
void *pChangeset,
int(*xFilter)(
void *pCtx,
const char *zTab
),
int(*xConflict)(
void *pCtx,
int eConflict,
sqlite3_changeset_iter *p
),
void *pCtx
) { return 0; }
SQLITE_API int sqlite3changeset_apply_strm(
sqlite3 *db,
int (*xInput)(void *pIn, void *pData, int *pnData),
void *pIn,
int(*xFilter)(
void *pCtx,
const char *zTab
),
int(*xConflict)(
void *pCtx,
int eConflict,
sqlite3_changeset_iter *p
),
void *pCtx
) { return 0; }
SQLITE_API int sqlite3changeset_concat_strm(
int (*xInputA)(void *pIn, void *pData, int *pnData),
void *pInA,
int (*xInputB)(void *pIn, void *pData, int *pnData),
void *pInB,
int (*xOutput)(void *pOut, const void *pData, int nData),
void *pOut
) { return 0; }
SQLITE_API int sqlite3changeset_invert_strm(
int (*xInput)(void *pIn, void *pData, int *pnData),
void *pIn,
int (*xOutput)(void *pOut, const void *pData, int nData),
void *pOut
) { return 0; }
SQLITE_API int sqlite3changeset_start_strm(
sqlite3_changeset_iter **pp,
int (*xInput)(void *pIn, void *pData, int *pnData),
void *pIn
) { return 0; }
SQLITE_API int sqlite3session_changeset_strm(
sqlite3_session *pSession,
int (*xOutput)(void *pOut, const void *pData, int nData),
void *pOut
) { return 0; }
SQLITE_API int sqlite3session_patchset_strm(
sqlite3_session *pSession,
int (*xOutput)(void *pOut, const void *pData, int nData),
void *pOut
) { return 0; }
int sqlite3changegroup_add_strm(sqlite3_changegroup *c,
int (*xInput)(void *pIn, void *pData, int *pnData),
void *pIn
) { return 0; }
int sqlite3changegroup_output_strm(sqlite3_changegroup *c,
int (*xOutput)(void *pOut, const void *pData, int nData),
void *pOut
) { return 0; }

2
jni/daemon/daemon.h → jni/include/daemon.h
View File

@@ -15,6 +15,7 @@ typedef enum {
STOP_MAGISKHIDE,
ADD_HIDELIST,
RM_HIDELIST,
LS_HIDELIST,
SUPERUSER,
CHECK_VERSION,
CHECK_VERSION_CODE,
@@ -69,6 +70,7 @@ void launch_magiskhide(int client);
void stop_magiskhide(int client);
void add_hide_list(int client);
void rm_hide_list(int client);
void ls_hide_list(int client);
/*************
* Superuser *

43
jni/include/list.h Normal file
View File

@@ -0,0 +1,43 @@
/* list.h - Double link list implementation
*/
#ifndef _LIST_H_
#define _LIST_H_
#include <stddef.h>
struct list_head {
struct list_head *next;
struct list_head *prev;
};
void init_list_head(struct list_head *head);
void list_insert(struct list_head *pos, struct list_head *node);
void list_insert_end(struct list_head *head, struct list_head *node);
struct list_head *list_pop(struct list_head *pos);
struct list_head *list_pop_end(struct list_head *head);
#define list_entry(pos, type, member) ({ \
const typeof( ((type *)0)->member ) *__mptr = (pos); \
(type *)( (char *)__mptr - offsetof(type,member) );})
#define list_for_each(ptr, head, type, member) \
ptr = list_entry((head)->next, type, member); \
for (struct list_head *__ = (head)->next; __ != (head); __ = __->next, ptr = list_entry(__, type, member))
#define list_for_each_r(ptr, head, type, member) \
ptr = list_entry((head)->prev, type, member); \
for (struct list_head *__ = (head)->prev; __ != (head); __ = __->prev, ptr = list_entry(__, type, member))
#define list_destory(head, type, member, func) ({ \
struct list_head *node = head->next; \
while(node != head) { \
node = node->next; \
if (func) func(list_entry(node->prev, line_list, pos)); \
free(list_entry(node->prev, line_list, pos)); \
} \
head->next = head; \
head->prev = head; \
})
#endif

8
jni/magisk.h → jni/include/magisk.h
View File

@@ -10,13 +10,11 @@
#include <pthread.h>
#include <android/log.h>
#define MAGISK_VER_STR xstr(MAGISK_VERSION) ":MAGISK"
#define str(a) #a
#define xstr(a) str(a)
#define MAGISK_VER_STR xstr(MAGISK_VERSION) ":MAGISK"
#define REQUESTOR_DAEMON_PATH "\0MAGISK"
#define REQUESTOR_DAEMON_PATH_LEN 7
#define LOG_TAG "Magisk"
@@ -40,6 +38,7 @@
#define MAGISKTMP "/dev/magisk"
#define MIRRDIR MAGISKTMP "/mirror"
#define DUMMDIR MAGISKTMP "/dummy"
#define BBPATH MAGISKTMP "/bin"
#define CACHEMOUNT "/cache/magisk_mount"
#define SELINUX_PATH "/sys/fs/selinux/"
@@ -60,7 +59,7 @@ static inline void do_nothing() {}
// Dummy function to depress debug message
static inline void stub(const char *fmt, ...) {}
#ifdef DEBUG
#ifdef MAGISK_DEBUG
#define LOGD(...) __android_log_print(ANDROID_LOG_DEBUG, LOG_TAG, __VA_ARGS__)
#else
#define LOGD(...) stub(__VA_ARGS__)
@@ -75,7 +74,6 @@ extern char *argv0; /* For changing process name */
extern char *applet[];
extern int (*applet_main[]) (int, char *[]);
extern int null_fd;
// Multi-call entrypoints
int magiskhide_main(int argc, char *argv[]);

36
jni/include/magiskpolicy.h Normal file
View File

@@ -0,0 +1,36 @@
/* magiskpolicy.h - Public API for policy patching
*/
#ifndef _MAGISKPOLICY_H
#define _MAGISKPOLICY_H
#include <stdlib.h>
#define ALL NULL
// policydb functions
int load_policydb(const char *filename);
int dump_policydb(const char *filename);
void destroy_policydb();
// Handy functions
int sepol_allow(char *s, char *t, char *c, char *p);
int sepol_deny(char *s, char *t, char *c, char *p);
int sepol_auditallow(char *s, char *t, char *c, char *p);
int sepol_auditdeny(char *s, char *t, char *c, char *p);
int sepol_typetrans(char *s, char *t, char *c, char *d, char *o);
int sepol_allowxperm(char *s, char *t, char *c, char *range);
int sepol_auditallowxperm(char *s, char *t, char *c, char *range);
int sepol_dontauditxperm(char *s, char *t, char *c, char *range);
int sepol_create(char *s);
int sepol_permissive(char *s);
int sepol_enforce(char *s);
int sepol_attradd(char *s, char *a);
int sepol_exists(char *source);
// Built in rules
void sepol_min_rules();
void sepol_med_rules();
void sepol_full_rules();
#endif

5
jni/resetprop/resetprop.h → jni/include/resetprop.h
View File

@@ -8,12 +8,13 @@
extern "C" {
#endif
int init_resetprop();
int prop_exist(const char *name);
int setprop(const char *name, const char *value);
int setprop2(const char *name, const char *value, const int trigger);
char *getprop(const char *name);
int deleteprop(const char *name);
int deleteprop(const char *name, const int trigger);
int read_prop_file(const char* filename, const int trigger);
void getprop_all(void (*cbk)(const char *name));
#ifdef __cplusplus
}

24
jni/utils/utils.h → jni/include/utils.h
View File

@@ -31,7 +31,7 @@ int xopen3(const char *pathname, int flags, mode_t mode);
ssize_t xwrite(int fd, const void *buf, size_t count);
ssize_t xread(int fd, void *buf, size_t count);
ssize_t xxread(int fd, void *buf, size_t count);
int xpipe(int pipefd[2]);
int xpipe2(int pipefd[2], int flags);
int xsetns(int fd, int nstype);
DIR *xopendir(const char *name);
struct dirent *xreaddir(DIR *dirp);
@@ -40,7 +40,7 @@ int xsocket(int domain, int type, int protocol);
int xbind(int sockfd, const struct sockaddr *addr, socklen_t addrlen);
int xconnect(int sockfd, const struct sockaddr *addr, socklen_t addrlen);
int xlisten(int sockfd, int backlog);
int xaccept(int sockfd, struct sockaddr *addr, socklen_t *addrlen);
int xaccept4(int sockfd, struct sockaddr *addr, socklen_t *addrlen, int flags);
void *xmalloc(size_t size);
void *xcalloc(size_t nmemb, size_t size);
void *xrealloc(void *ptr, size_t size);
@@ -75,25 +75,35 @@ unsigned get_radio_uid();
int check_data();
int file_to_vector(const char* filename, struct vector *v);
int vector_to_file(const char* filename, struct vector *v);
int isNum(const char *s);
ssize_t fdgets(char *buf, size_t size, int fd);
void ps(void (*func)(int));
void ps_filter_proc_name(const char *filter, void (*func)(int));
int create_links(const char *bin, const char *path);
void unlock_blocks();
void setup_sighandlers(void (*handler)(int));
int run_command(int err, int *fd, const char *path, char *const argv[]);
int exec_command(int err, int *fd, void (*setupenv)(struct vector*), const char *argv0, ...);
int exec_command_sync(char *const argv0, ...);
int mkdir_p(const char *pathname, mode_t mode);
int bind_mount(const char *from, const char *to);
int open_new(const char *filename);
int cp_afc(const char *source, const char *target);
int clone_dir(const char *source, const char *target);
int rm_rf(const char *target);
void fclone_attr(const int sourcefd, const int targetfd);
void clone_attr(const char *source, const char *target);
void get_client_cred(int fd, struct ucred *cred);
int switch_mnt_ns(int pid);
// img.c
#define round_size(a) ((((a) / 32) + 2) * 32)
#define SOURCE_TMP "/dev/source"
#define TARGET_TMP "/dev/target"
int create_img(const char *img, int size);
int get_img_size(const char *img, int *used, int *total);
int resize_img(const char *img, int size);
int switch_mnt_ns(int pid);
char *mount_image(const char *img, const char *target);
void umount_image(const char *target, const char *device);
int merge_img(const char *source, const char *target);
void trim_img(const char *img);
#endif

2
jni/utils/vector.h → jni/include/vector.h
View File

@@ -32,4 +32,4 @@ struct vector *vec_dup(struct vector *v);
e = v ? (v)->data[(v)->size - 1] : NULL; \
for (size_t _ = (v)->size; v && _ > 0; --_, e = (v)->data[_ - 1])
#endif
#endif

31
jni/magiskboot/Android.mk
View File

@@ -1,31 +0,0 @@
LOCAL_PATH := $(call my-dir)
include $(CLEAR_VARS)
LOCAL_MODULE := magiskboot
LOCAL_STATIC_LIBRARIES := libz liblzma liblz4 libbz2
LOCAL_C_INCLUDES := \
jni/utils \
jni/ndk-compression/zlib/ \
jni/ndk-compression/xz/src/liblzma/api/ \
jni/ndk-compression/lz4/lib/ \
jni/ndk-compression/bzip2/
LOCAL_SRC_FILES := \
main.c \
unpack.c \
repack.c \
hexpatch.c \
parseimg.c \
compress.c \
utils.c \
cpio.c \
sha1.c \
../utils/xwrap.c \
../utils/vector.c
LOCAL_CFLAGS += -DZLIB_CONST
include $(BUILD_EXECUTABLE)
include jni/ndk-compression/zlib/Android.mk
include jni/ndk-compression/xz/src/liblzma/Android.mk
include jni/ndk-compression/lz4/lib/Android.mk
include jni/ndk-compression/bzip2/Android.mk

51
jni/magiskboot/utils.c → jni/magiskboot/boot_utils.c
View File

@@ -82,57 +82,8 @@ int open_new(const char *filename) {
return xopen(filename, O_WRONLY | O_CREAT | O_TRUNC, 0644);
}
void print_info() {
printf("KERNEL [%d] @ 0x%08x\n", hdr.kernel_size, hdr.kernel_addr);
printf("RAMDISK [%d] @ 0x%08x\n", hdr.ramdisk_size, hdr.ramdisk_addr);
printf("SECOND [%d] @ 0x%08x\n", hdr.second_size, hdr.second_addr);
printf("DTB [%d] @ 0x%08x\n", hdr.dt_size, hdr.tags_addr);
printf("PAGESIZE [%d]\n", hdr.page_size);
if (hdr.os_version != 0) {
int a,b,c,y,m = 0;
int os_version, os_patch_level;
os_version = hdr.os_version >> 11;
os_patch_level = hdr.os_version & 0x7ff;
a = (os_version >> 14) & 0x7f;
b = (os_version >> 7) & 0x7f;
c = os_version & 0x7f;
printf("OS_VERSION [%d.%d.%d]\n", a, b, c);
y = (os_patch_level >> 4) + 2000;
m = os_patch_level & 0xf;
printf("PATCH_LEVEL [%d-%02d]\n", y, m);
}
printf("NAME [%s]\n", hdr.name);
printf("CMDLINE [%s]\n", hdr.cmdline);
switch (ramdisk_type) {
case GZIP:
printf("COMPRESSION [%s]\n", "gzip");
break;
case XZ:
printf("COMPRESSION [%s]\n", "xz");
break;
case LZMA:
printf("COMPRESSION [%s]\n", "lzma");
break;
case BZIP2:
printf("COMPRESSION [%s]\n", "bzip2");
break;
case LZ4:
printf("COMPRESSION [%s]\n", "lz4");
break;
case LZ4_LEGACY:
printf("COMPRESSION [%s]\n", "lz4_legacy");
break;
default:
fprintf(stderr, "Unknown ramdisk format!\n");
}
printf("\n");
}
void cleanup() {
printf("Cleaning up...\n");
fprintf(stderr, "Cleaning up...\n");
char name[PATH_MAX];
unlink(KERNEL_FILE);
unlink(RAMDISK_FILE);

310
jni/magiskboot/bootimg.c Normal file
View File

@@ -0,0 +1,310 @@
#include "bootimg.h"
#include "magiskboot.h"
static unsigned char *kernel, *ramdisk, *second, *dtb, *extra;
static boot_img_hdr hdr;
static int mtk_kernel = 0, mtk_ramdisk = 0;
static file_t ramdisk_type;
static void dump(unsigned char *buf, size_t size, const char *filename) {
int fd = open_new(filename);
xwrite(fd, buf, size);
close(fd);
}
static size_t restore(const char *filename, int fd) {
int ifd = xopen(filename, O_RDONLY);
size_t size = lseek(ifd, 0, SEEK_END);
lseek(ifd, 0, SEEK_SET);
xsendfile(fd, ifd, NULL, size);
close(ifd);
return size;
}
static void restore_buf(int fd, const void *buf, size_t size) {
xwrite(fd, buf, size);
}
static void print_info() {
fprintf(stderr, "KERNEL [%d] @ 0x%08x\n", hdr.kernel_size, hdr.kernel_addr);
fprintf(stderr, "RAMDISK [%d] @ 0x%08x\n", hdr.ramdisk_size, hdr.ramdisk_addr);
fprintf(stderr, "SECOND [%d] @ 0x%08x\n", hdr.second_size, hdr.second_addr);
fprintf(stderr, "DTB [%d] @ 0x%08x\n", hdr.dt_size, hdr.tags_addr);
fprintf(stderr, "PAGESIZE [%d]\n", hdr.page_size);
if (hdr.os_version != 0) {
int a,b,c,y,m = 0;
int os_version, os_patch_level;
os_version = hdr.os_version >> 11;
os_patch_level = hdr.os_version & 0x7ff;
a = (os_version >> 14) & 0x7f;
b = (os_version >> 7) & 0x7f;
c = os_version & 0x7f;
fprintf(stderr, "OS_VERSION [%d.%d.%d]\n", a, b, c);
y = (os_patch_level >> 4) + 2000;
m = os_patch_level & 0xf;
fprintf(stderr, "PATCH_LEVEL [%d-%02d]\n", y, m);
}
fprintf(stderr, "NAME [%s]\n", hdr.name);
fprintf(stderr, "CMDLINE [%s]\n", hdr.cmdline);
switch (ramdisk_type) {
case GZIP:
fprintf(stderr, "COMPRESSION [%s]\n", "gzip");
break;
case XZ:
fprintf(stderr, "COMPRESSION [%s]\n", "xz");
break;
case LZMA:
fprintf(stderr, "COMPRESSION [%s]\n", "lzma");
break;
case BZIP2:
fprintf(stderr, "COMPRESSION [%s]\n", "bzip2");
break;
case LZ4:
fprintf(stderr, "COMPRESSION [%s]\n", "lz4");
break;
case LZ4_LEGACY:
fprintf(stderr, "COMPRESSION [%s]\n", "lz4_legacy");
break;
default:
fprintf(stderr, "Unknown ramdisk format!\n");
}
fprintf(stderr, "\n");
}
int parse_img(unsigned char *orig, size_t size) {
unsigned char *base, *end;
size_t pos = 0;
int ret = 0;
for(base = orig, end = orig + size; base < end; base += 256, size -= 256) {
switch (check_type(base)) {
case CHROMEOS:
// The caller should know it's chromeos, as it needs additional signing
ret = 2;
continue;
case ELF32:
exit(3);
case ELF64:
exit(4);
case AOSP:
// Read the header
memcpy(&hdr, base, sizeof(hdr));
pos += hdr.page_size;
// Kernel position
kernel = base + pos;
pos += hdr.kernel_size;
mem_align(&pos, hdr.page_size);
// Ramdisk position
ramdisk = base + pos;
pos += hdr.ramdisk_size;
mem_align(&pos, hdr.page_size);
if (hdr.second_size) {
// Second position
second = base + pos;
pos += hdr.second_size;
mem_align(&pos, hdr.page_size);
}
if (hdr.dt_size) {
// dtb position
dtb = base + pos;
pos += hdr.dt_size;
mem_align(&pos, hdr.page_size);
}
if (pos < size) {
extra = base + pos;
}
// Check ramdisk compression type
ramdisk_type = check_type(ramdisk);
// Check MTK
if (check_type(kernel) == MTK) {
fprintf(stderr, "MTK header found in kernel\n");
mtk_kernel = 1;
}
if (ramdisk_type == MTK) {
fprintf(stderr, "MTK header found in ramdisk\n");
mtk_ramdisk = 1;
ramdisk_type = check_type(ramdisk + 512);
}
// Print info
print_info();
return ret;
default:
continue;
}
}
LOGE(1, "No boot image magic found!\n");
}
void unpack(const char* image) {
size_t size;
unsigned char *orig;
mmap_ro(image, &orig, &size);
// Parse image
fprintf(stderr, "Parsing boot image: [%s]\n\n", image);
int ret = parse_img(orig, size);
// Dump kernel
if (mtk_kernel) {
kernel += 512;
hdr.kernel_size -= 512;
}
dump(kernel, hdr.kernel_size, KERNEL_FILE);
// Dump ramdisk
if (mtk_ramdisk) {
ramdisk += 512;
hdr.ramdisk_size -= 512;
}
if (decomp(ramdisk_type, RAMDISK_FILE, ramdisk, hdr.ramdisk_size)) {
// Dump the compressed ramdisk
dump(ramdisk, hdr.ramdisk_size, RAMDISK_FILE ".unsupport");
LOGE(1, "Unsupported ramdisk format! Dumped to %s\n", RAMDISK_FILE ".unsupport");
}
if (hdr.second_size) {
// Dump second
dump(second, hdr.second_size, SECOND_FILE);
}
if (hdr.dt_size) {
// Dump dtb
dump(dtb, hdr.dt_size, DTB_FILE);
}
munmap(orig, size);
exit(ret);
}
void repack(const char* orig_image, const char* out_image) {
size_t size;
unsigned char *orig;
char name[PATH_MAX];
// There are possible two MTK headers
mtk_hdr mtk_kernel_hdr, mtk_ramdisk_hdr;
size_t mtk_kernel_off, mtk_ramdisk_off;
// Load original image
mmap_ro(orig_image, &orig, &size);
// Parse original image
fprintf(stderr, "Parsing boot image: [%s]\n\n", orig_image);
parse_img(orig, size);
fprintf(stderr, "Repack to boot image: [%s]\n\n", out_image);
// Create new image
int fd = open_new(out_image);
// Set all sizes to 0
hdr.kernel_size = 0;
hdr.ramdisk_size = 0;
hdr.second_size = 0;
hdr.dt_size = 0;
// Skip a page for header
write_zero(fd, hdr.page_size);
// Restore kernel
if (mtk_kernel) {
mtk_kernel_off = lseek(fd, 0, SEEK_CUR);
restore_buf(fd, kernel, 512);
memcpy(&mtk_kernel_hdr, kernel, sizeof(mtk_kernel_hdr));
}
hdr.kernel_size = restore(KERNEL_FILE, fd);
file_align(fd, hdr.page_size, 1);
// Restore ramdisk
if (mtk_ramdisk) {
mtk_ramdisk_off = lseek(fd, 0, SEEK_CUR);
restore_buf(fd, ramdisk, 512);
memcpy(&mtk_ramdisk_hdr, ramdisk, sizeof(mtk_ramdisk_hdr));
}
if (access(RAMDISK_FILE, R_OK) == 0) {
// If we found raw cpio, compress to original format
// Before we start, clean up previous compressed files
for (int i = 0; SUP_EXT_LIST[i]; ++i) {
sprintf(name, "%s.%s", RAMDISK_FILE, SUP_EXT_LIST[i]);
unlink(name);
}
size_t cpio_size;
unsigned char *cpio;
mmap_ro(RAMDISK_FILE, &cpio, &cpio_size);
if (comp(ramdisk_type, RAMDISK_FILE, cpio, cpio_size))
LOGE(1, "Unsupported ramdisk format!\n");
munmap(cpio, cpio_size);
}
int found = 0;
for (int i = 0; SUP_EXT_LIST[i]; ++i) {
sprintf(name, "%s.%s", RAMDISK_FILE, SUP_EXT_LIST[i]);
if (access(name, R_OK) == 0) {
ramdisk_type = SUP_TYPE_LIST[i];
found = 1;
break;
}
}
if (!found)
LOGE(1, "No ramdisk exists!\n");
hdr.ramdisk_size = restore(name, fd);
file_align(fd, hdr.page_size, 1);
// Restore second
if (access(SECOND_FILE, R_OK) == 0) {
hdr.second_size = restore(SECOND_FILE, fd);
file_align(fd, hdr.page_size, 1);
}
// Restore dtb
if (access(DTB_FILE, R_OK) == 0) {
hdr.dt_size = restore(DTB_FILE, fd);
file_align(fd, hdr.page_size, 1);
}
// Check extra info, currently only for LG Bump and Samsung SEANDROIDENFORCE
if (extra) {
if (memcmp(extra, "SEANDROIDENFORCE", 16) == 0 ||
memcmp(extra, "\x41\xa9\xe4\x67\x74\x4d\x1d\x1b\xa4\x29\xf2\xec\xea\x65\x52\x79", 16) == 0 ) {
restore_buf(fd, extra, 16);
}
}
// Write headers back
if (mtk_kernel) {
lseek(fd, mtk_kernel_off, SEEK_SET);
mtk_kernel_hdr.size = hdr.kernel_size;
hdr.kernel_size += 512;
restore_buf(fd, &mtk_kernel_hdr, sizeof(mtk_kernel_hdr));
}
if (mtk_ramdisk) {
lseek(fd, mtk_ramdisk_off, SEEK_SET);
mtk_ramdisk_hdr.size = hdr.ramdisk_size;
hdr.ramdisk_size += 512;
restore_buf(fd, &mtk_ramdisk_hdr, sizeof(mtk_ramdisk_hdr));
}
// Main header
lseek(fd, 0, SEEK_SET);
restore_buf(fd, &hdr, sizeof(hdr));
// Print new image info
print_info();
munmap(orig, size);
close(fd);
}

6
jni/magiskboot/compress.c
View File

@@ -22,10 +22,10 @@ static void write_file(const int fd, const void *buf, const size_t size, const c
static void report(const int mode, const char* filename) {
switch(mode) {
case 0:
printf("Decompressing to [%s]\n\n", filename);
fprintf(stderr, "Decompressing to [%s]\n\n", filename);
break;
default:
printf("Compressing to [%s]\n\n", filename);
fprintf(stderr, "Compressing to [%s]\n\n", filename);
break;
}
}
@@ -125,7 +125,7 @@ void lzma(int mode, const char* filename, const unsigned char* buf, size_t size)
ret = lzma_auto_decoder(&strm, UINT64_MAX, 0);
break;
case 1:
ret = lzma_stream_encoder(&strm, filters, LZMA_CHECK_CRC64);
ret = lzma_stream_encoder(&strm, filters, LZMA_CHECK_CRC32);
break;
case 2:
ret = lzma_alone_encoder(&strm, &opt);

233
jni/magiskboot/cpio.c
View File

@@ -1,6 +1,7 @@
#include "magiskboot.h"
#include "cpio.h"
#include "vector.h"
#include "list.h"
static uint32_t x8u(char *hex) {
uint32_t val, inpos = 8, outpos;
@@ -61,7 +62,7 @@ static int cpio_compare(const void *a, const void *b) {
// Parse cpio file to a vector of cpio_file
static void parse_cpio(const char *filename, struct vector *v) {
printf("Loading cpio: [%s]\n\n", filename);
fprintf(stderr, "Loading cpio: [%s]\n\n", filename);
int fd = xopen(filename, O_RDONLY);
cpio_newc_header header;
cpio_file *f;
@@ -104,7 +105,7 @@ static void parse_cpio(const char *filename, struct vector *v) {
}
static void dump_cpio(const char *filename, struct vector *v) {
printf("\nDump cpio: [%s]\n\n", filename);
fprintf(stderr, "\nDump cpio: [%s]\n\n", filename);
int fd = open_new(filename);
unsigned inode = 300000;
char header[111];
@@ -157,7 +158,7 @@ static void cpio_rm(int recursive, const char *entry, struct vector *v) {
if ((recursive && strncmp(f->filename, entry, strlen(entry)) == 0)
|| (strcmp(f->filename, entry) == 0) ) {
if (!f->remove) {
printf("Remove [%s]\n", entry);
fprintf(stderr, "Remove [%s]\n", entry);
f->remove = 1;
}
if (!recursive) return;
@@ -172,7 +173,7 @@ static void cpio_mkdir(mode_t mode, const char *entry, struct vector *v) {
f->filename = xmalloc(f->namesize);
memcpy(f->filename, entry, f->namesize);
cpio_vec_insert(v, f);
printf("Create directory [%s] (%04o)\n",entry, mode);
fprintf(stderr, "Create directory [%s] (%04o)\n",entry, mode);
}
static void cpio_add(mode_t mode, const char *entry, const char *filename, struct vector *v) {
@@ -188,7 +189,7 @@ static void cpio_add(mode_t mode, const char *entry, const char *filename, struc
xxread(fd, f->data, f->filesize);
close(fd);
cpio_vec_insert(v, f);
printf("Add entry [%s] (%04o)\n", entry, mode);
fprintf(stderr, "Add entry [%s] (%04o)\n", entry, mode);
}
static void cpio_test(struct vector *v) {
@@ -220,47 +221,109 @@ static int check_verity_pattern(const char *s) {
return pos;
}
static void cpio_dmverity(struct vector *v) {
cpio_file *f;
size_t read, write;
int skip;
vec_for_each(v, f) {
if (strstr(f->filename, "fstab") != NULL && S_ISREG(f->mode)) {
for (read = 0, write = 0; read < f->filesize; ++read, ++write) {
skip = check_verity_pattern(f->data + read);
if (skip > 0) {
printf("Remove pattern [%.*s] in [%s]\n", (int) skip, f->data + read, f->filename);
read += skip;
}
f->data[write] = f->data[read];
}
f->filesize = write;
} else if (strcmp(f->filename, "verity_key") == 0) {
f->remove = 1;
break;
}
static struct list_head *block_to_list(char *data) {
struct list_head *head = xmalloc(sizeof(*head));
line_list *line;
init_list_head(head);
char *tok;
tok = strsep(&data, "\n");
while (tok) {
line = xcalloc(sizeof(*line), 1);
line->line = tok;
list_insert_end(head, &line->pos);
tok = strsep(&data, "\n");
}
return head;
}
static void cpio_forceencrypt(struct vector *v) {
static char *list_to_block(struct list_head *head, uint32_t filesize) {
line_list *line;
char *data = xmalloc(filesize);
uint32_t off = 0;
list_for_each(line, head, line_list, pos) {
strcpy(data + off, line->line);
off += strlen(line->line);
data[off++] = '\n';
}
return data;
}
static void free_newline(line_list *line) {
if (line->isNew)
free(line->line);
}
static void cpio_patch(struct vector *v, int keepverity, int keepforceencrypt) {
struct list_head *head;
line_list *line;
cpio_file *f;
int skip, injected = 0;
size_t read, write;
const char *ENCRYPT_LIST[] = { "forceencrypt", "forcefdeorfbe", "fileencryptioninline", NULL };
vec_for_each(v, f) {
if (strstr(f->filename, "fstab") != NULL && S_ISREG(f->mode)) {
for (read = 0, write = 0; read < f->filesize; ++read, ++write) {
for (int i = 0 ; ENCRYPT_LIST[i]; ++i) {
if (strncmp(f->data + read, ENCRYPT_LIST[i], strlen(ENCRYPT_LIST[i])) == 0) {
memcpy(f->data + write, "encryptable", 11);
printf("Replace [%s] with [%s] in [%s]\n", ENCRYPT_LIST[i], "encryptable", f->filename);
write += 11;
read += strlen(ENCRYPT_LIST[i]);
break;
}
if (strcmp(f->filename, "init.rc") == 0) {
head = block_to_list(f->data);
list_for_each(line, head, line_list, pos) {
if (strstr(line->line, "import")) {
if (strstr(line->line, "init.magisk.rc"))
injected = 1;
if (injected)
continue;
// Inject magisk script as import
fprintf(stderr, "Inject new line [import /init.magisk.rc] in [init.rc]\n");
line = xcalloc(sizeof(*line), 1);
line->line = strdup("import /init.magisk.rc");
line->isNew = 1;
f->filesize += 23;
list_insert(__->prev, &line->pos);
injected = 1;
} else if (strstr(line->line, "selinux.reload_policy")) {
// Remove this line
fprintf(stderr, "Remove line [%s] in [init.rc]\n", line->line);
f->filesize -= strlen(line->line) + 1;
__ = list_pop(&line->pos);
free(line);
}
}
char *temp = list_to_block(head, f->filesize);
free(f->data);
f->data = temp;
list_destory(head, list_head, pos, free_newline);
free(head);
} else {
if (!keepverity) {
if (strstr(f->filename, "fstab") != NULL && S_ISREG(f->mode)) {
for (read = 0, write = 0; read < f->filesize; ++read, ++write) {
skip = check_verity_pattern(f->data + read);
if (skip > 0) {
fprintf(stderr, "Remove pattern [%.*s] in [%s]\n", skip, f->data + read, f->filename);
read += skip;
}
f->data[write] = f->data[read];
}
f->filesize = write;
} else if (strcmp(f->filename, "verity_key") == 0) {
fprintf(stderr, "Remove [verity_key]\n");
f->remove = 1;
}
}
if (!keepforceencrypt) {
if (strstr(f->filename, "fstab") != NULL && S_ISREG(f->mode)) {
for (read = 0, write = 0; read < f->filesize; ++read, ++write) {
for (int i = 0 ; ENCRYPT_LIST[i]; ++i) {
if (strncmp(f->data + read, ENCRYPT_LIST[i], strlen(ENCRYPT_LIST[i])) == 0) {
memcpy(f->data + write, "encryptable", 11);
fprintf(stderr, "Replace [%s] with [%s] in [%s]\n", ENCRYPT_LIST[i], "encryptable", f->filename);
write += 11;
read += strlen(ENCRYPT_LIST[i]);
break;
}
}
f->data[write] = f->data[read];
}
f->filesize = write;
}
f->data[write] = f->data[read];
}
f->filesize = write;
}
}
}
@@ -269,7 +332,7 @@ static void cpio_extract(const char *entry, const char *filename, struct vector
cpio_file *f;
vec_for_each(v, f) {
if (strcmp(f->filename, entry) == 0 && S_ISREG(f->mode)) {
printf("Extracting [%s] to [%s]\n\n", entry, filename);
fprintf(stderr, "Extracting [%s] to [%s]\n\n", entry, filename);
int fd = open_new(filename);
xwrite(fd, f->data, f->filesize);
fchmod(fd, f->mode);
@@ -327,14 +390,14 @@ static void cpio_backup(const char *orig, struct vector *v) {
// Something is missing in new ramdisk, backup!
++i;
doBak = 1;
printf("Backup missing entry: ");
fprintf(stderr, "Backup missing entry: ");
} else if (res == 0) {
++i; ++j;
if (m->filesize == n->filesize && memcmp(m->data, n->data, m->filesize) == 0)
continue;
// Not the same!
doBak = 1;
printf("Backup mismatch entry: ");
fprintf(stderr, "Backup mismatch entry: ");
} else {
// Someting new in ramdisk, record in rem
++j;
@@ -342,14 +405,14 @@ static void cpio_backup(const char *orig, struct vector *v) {
rem->data = xrealloc(rem->data, rem->filesize + n->namesize);
memcpy(rem->data + rem->filesize, n->filename, n->namesize);
rem->filesize += n->namesize;
printf("Record new entry: [%s] -> [.backup/.rmlist]\n", n->filename);
fprintf(stderr, "Record new entry: [%s] -> [.backup/.rmlist]\n", n->filename);
}
if (doBak) {
m->namesize += 8;
m->filename = realloc(m->filename, m->namesize);
strcpy(buf, m->filename);
sprintf(m->filename, ".backup/%s", buf);
printf("[%s] -> [%s]\n", buf, m->filename);
fprintf(stderr, "[%s] -> [%s]\n", buf, m->filename);
vec_push_back(&bak, m);
// NULL the original entry, so it won't be freed
vec_entry(o)[i - 1] = NULL;
@@ -396,7 +459,7 @@ static int cpio_restore(struct vector *v) {
n->data = xmalloc(n->filesize);
memcpy(n->data, f->data, n->filesize);
n->remove = 0;
printf("Restoring [%s] -> [%s]\n", f->filename, n->filename);
fprintf(stderr, "Restoring [%s] -> [%s]\n", f->filename, n->filename);
cpio_vec_insert(v, n);
}
}
@@ -407,6 +470,24 @@ static int cpio_restore(struct vector *v) {
return ret;
}
static void cpio_stocksha1(struct vector *v) {
cpio_file *f;
char sha1[41];
vec_for_each(v, f) {
if (strcmp(f->filename, "init.magisk.rc") == 0) {
for (char *pos = f->data; pos < f->data + f->filesize; pos = strchr(pos + 1, '\n') + 1) {
if (memcmp(pos, "# STOCKSHA1=", 12) == 0) {
pos += 12;
memcpy(sha1, pos, 40);
sha1[40] = '\0';
printf("%s\n", sha1);
return;
}
}
}
}
}
int cpio_commands(const char *command, int argc, char *argv[]) {
int recursive = 0, ret = 0;
command_t cmd;
@@ -415,12 +496,10 @@ int cpio_commands(const char *command, int argc, char *argv[]) {
--argc;
if (strcmp(command, "test") == 0) {
cmd = TEST;
} else if (strcmp(command, "patch-dmverity") == 0) {
cmd = DMVERITY;
} else if (strcmp(command, "patch-forceencrypt") == 0) {
cmd = FORCEENCRYPT;
} else if (strcmp(command, "restore") == 0) {
cmd = RESTORE;
} else if (strcmp(command, "stocksha1") == 0) {
cmd = STOCKSHA1;
} else if (argc == 1 && strcmp(command, "backup") == 0) {
cmd = BACKUP;
} else if (argc > 0 && strcmp(command, "rm") == 0) {
@@ -430,6 +509,8 @@ int cpio_commands(const char *command, int argc, char *argv[]) {
++argv;
--argc;
}
} else if (argc == 2 && strcmp(command, "patch") == 0) {
cmd = PATCH;
} else if (argc == 2 && strcmp(command, "extract") == 0) {
cmd = EXTRACT;
} else if (argc == 2 && strcmp(command, "mkdir") == 0) {
@@ -438,41 +519,39 @@ int cpio_commands(const char *command, int argc, char *argv[]) {
cmd = ADD;
} else {
cmd = NONE;
return 1;
}
struct vector v;
vec_init(&v);
parse_cpio(incpio, &v);
switch(cmd) {
case TEST:
cpio_test(&v);
break;
case DMVERITY:
cpio_dmverity(&v);
break;
case FORCEENCRYPT:
cpio_forceencrypt(&v);
break;
case RESTORE:
ret = cpio_restore(&v);
break;
case BACKUP:
cpio_backup(argv[0], &v);
case RM:
cpio_rm(recursive, argv[0], &v);
break;
case EXTRACT:
cpio_extract(argv[0], argv[1], &v);
break;
case MKDIR:
cpio_mkdir(strtoul(argv[0], NULL, 8), argv[1], &v);
break;
case ADD:
cpio_add(strtoul(argv[0], NULL, 8), argv[1], argv[2], &v);
break;
default:
// Never happen
break;
case TEST:
cpio_test(&v);
break;
case RESTORE:
ret = cpio_restore(&v);
break;
case STOCKSHA1:
cpio_stocksha1(&v);
return 0;
case BACKUP:
cpio_backup(argv[0], &v);
case RM:
cpio_rm(recursive, argv[0], &v);
break;
case PATCH:
cpio_patch(&v, strcmp(argv[0], "true") == 0, strcmp(argv[1], "true") == 0);
break;
case EXTRACT:
cpio_extract(argv[0], argv[1], &v);
break;
case MKDIR:
cpio_mkdir(strtoul(argv[0], NULL, 8), argv[1], &v);
break;
case ADD:
cpio_add(strtoul(argv[0], NULL, 8), argv[1], argv[2], &v);
break;
case NONE:
return 1;
}
dump_cpio(incpio, &v);
cpio_vec_destroy(&v);

8
jni/magiskboot/cpio.h
View File

@@ -3,6 +3,8 @@
#include <stdint.h>
#include "list.h"
typedef struct cpio_file {
// uint32_t ino;
uint32_t mode;
@@ -22,6 +24,12 @@ typedef struct cpio_file {
int remove;
} cpio_file;
typedef struct line_list {
char *line;
int isNew;
struct list_head pos;
} line_list;
typedef struct cpio_newc_header {
char magic[6];
char ino[8];

2
jni/magiskboot/hexpatch.c
View File

@@ -20,7 +20,7 @@ void hexpatch(const char *image, const char *from, const char *to) {
hex2byte(to, patch);
for (size_t i = 0; i < filesize - patternsize; ++i) {
if (memcmp(file + i, pattern, patternsize) == 0) {
printf("Pattern %s found!\nPatching to %s\n", from, to);
fprintf(stderr, "Pattern %s found!\nPatching to %s\n", from, to);
memset(file + i, 0, patternsize);
memcpy(file + i, patch, patchsize);
i += patternsize - 1;

15
jni/magiskboot/magiskboot.h
View File

@@ -53,27 +53,21 @@ typedef enum {
ADD,
EXTRACT,
TEST,
DMVERITY,
FORCEENCRYPT,
PATCH,
BACKUP,
RESTORE
RESTORE,
STOCKSHA1
} command_t;
extern char *SUP_LIST[];
extern char *SUP_EXT_LIST[];
extern file_t SUP_TYPE_LIST[];
// Global variables
extern unsigned char *kernel, *ramdisk, *second, *dtb, *extra;
extern boot_img_hdr hdr;
extern file_t ramdisk_type;
extern int mtk_kernel, mtk_ramdisk;
// Main entries
void unpack(const char *image);
void repack(const char* orig_image, const char* out_image);
void hexpatch(const char *image, const char *from, const char *to);
void parse_img(unsigned char *orig, size_t size);
int parse_img(unsigned char *orig, size_t size);
int cpio_commands(const char *command, int argc, char *argv[]);
void cleanup();
@@ -96,6 +90,5 @@ void write_zero(int fd, size_t size);
void mem_align(size_t *pos, size_t align);
void file_align(int fd, size_t align, int out);
int open_new(const char *filename);
void print_info();
#endif

22
jni/magiskboot/main.c
View File

@@ -20,16 +20,16 @@ static void usage(char *arg0) {
" Search <hexpattern1> in <file>, and replace with <hexpattern2>\n"
"\n"
"%s --cpio-<cmd> <incpio> [flags...] [params...]\n"
" Do cpio related cmds to <incpio> (modifications are done directly)\n Supported commands:\n"
" --cpio-rm <incpio> [-r] <entry>\n Remove entry from cpio, flag -r to remove recursively\n"
" --cpio-mkdir <incpio> <mode> <entry>\n Create directory as an <entry>\n"
" --cpio-add <incpio> <mode> <entry> <infile>\n Add <infile> as an <entry>; replaces <entry> if already exists\n"
" --cpio-extract <incpio> <entry> <outfile>\n Extract <entry> to <outfile>\n"
" --cpio-test <incpio>\n Return value: 0/not patched 1/Magisk 2/SuperSU\n"
" --cpio-patch-dmverity <incpio>\n Remove dm-verity\n"
" --cpio-patch-forceencrypt <incpio>\n Change forceencrypt flag to encryptable\n"
" --cpio-backup <incpio> <origcpio>\n Create ramdisk backups into <incpio> from <origcpio>\n"
" --cpio-restore <incpio>\n Restore ramdisk from ramdisk backup within <incpio>\n"
" Do cpio related cmds to <incpio> (modifications are done directly)\n Supported commands and params:\n"
" -rm [-r] <entry>\n Remove entry from <incpio>, flag -r to remove recursively\n"
" -mkdir <mode> <entry>\n Create directory as an <entry>\n"
" -add <mode> <entry> <infile>\n Add <infile> as an <entry>; replaces <entry> if already exists\n"
" -extract <entry> <outfile>\n Extract <entry> to <outfile>\n"
" -test \n Return value: 0/not patched 1/Magisk 2/Other (e.g. phh, SuperSU)\n"
" -patch <KEEPVERITY> <KEEPFORCEENCRYPT>\n Patch cpio for Magisk. KEEP**** are true/false values\n"
" -backup <origcpio>\n Create ramdisk backups into <incpio> from <origcpio>\n"
" -restore\n Restore ramdisk from ramdisk backup within <incpio>\n"
" -stocksha1\n Get stock boot SHA1 recorded within <incpio>\n"
"\n"
"%s --compress[=method] <infile> [outfile]\n"
" Compress <infile> with [method] (default: gzip), optionally to [outfile]\n Supported methods: "
@@ -59,7 +59,7 @@ static void usage(char *arg0) {
}
int main(int argc, char *argv[]) {
printf("MagiskBoot v" xstr(MAGISK_VERSION) " (by topjohnwu) - Boot Image Modification Tool\n\n");
fprintf(stderr, "MagiskBoot v" xstr(MAGISK_VERSION) "(" xstr(MAGISK_VER_CODE) ") (by topjohnwu) - Boot Image Modification Tool\n\n");
if (argc > 1 && strcmp(argv[1], "--cleanup") == 0) {
cleanup();

91
jni/magiskboot/parseimg.c
View File

@@ -1,91 +0,0 @@
#include "bootimg.h"
#include "magiskboot.h"
unsigned char *kernel, *ramdisk, *second, *dtb, *extra;
boot_img_hdr hdr;
int mtk_kernel = 0, mtk_ramdisk = 0;
file_t ramdisk_type;
static void check_headers() {
// Check ramdisk compression type
ramdisk_type = check_type(ramdisk);
// Check MTK
if (check_type(kernel) == MTK) {
printf("MTK header found in kernel\n");
mtk_kernel = 1;
}
if (ramdisk_type == MTK) {
printf("MTK header found in ramdisk\n");
mtk_ramdisk = 1;
ramdisk_type = check_type(ramdisk + 512);
}
// Print info
print_info();
}
static void parse_aosp(unsigned char *base, size_t size) {
// printf("IMG [AOSP]\n");
size_t pos = 0;
// Read the header
memcpy(&hdr, base, sizeof(hdr));
pos += hdr.page_size;
// Kernel position
kernel = base + pos;
pos += hdr.kernel_size;
mem_align(&pos, hdr.page_size);
// Ramdisk position
ramdisk = base + pos;
pos += hdr.ramdisk_size;
mem_align(&pos, hdr.page_size);
if (hdr.second_size) {
// Second position
second = base + pos;
pos += hdr.second_size;
mem_align(&pos, hdr.page_size);
}
if (hdr.dt_size) {
// dtb position
dtb = base + pos;
pos += hdr.dt_size;
mem_align(&pos, hdr.page_size);
}
if (pos < size) {
extra = base + pos;
}
check_headers();
}
void parse_img(unsigned char *orig, size_t size) {
unsigned char *base, *end;
for(base = orig, end = orig + size; base < end; base += 256, size -= 256) {
switch (check_type(base)) {
case CHROMEOS:
// The caller should know it's chromeos, as it needs additional signing
close(open_new("chromeos"));
continue;
case ELF32:
exit(2);
return;
case ELF64:
exit(3);
return;
case AOSP:
parse_aosp(base, size);
return;
default:
continue;
}
}
LOGE(1, "No boot image magic found!\n");
}

136
jni/magiskboot/repack.c
View File

@@ -1,136 +0,0 @@
#include "magiskboot.h"
static size_t restore(const char *filename, int fd) {
int ifd = xopen(filename, O_RDONLY);
size_t size = lseek(ifd, 0, SEEK_END);
lseek(ifd, 0, SEEK_SET);
xsendfile(fd, ifd, NULL, size);
close(ifd);
return size;
}
static void restore_buf(int fd, const void *buf, size_t size) {
xwrite(fd, buf, size);
}
void repack(const char* orig_image, const char* out_image) {
size_t size;
unsigned char *orig;
char name[PATH_MAX];
// There are possible two MTK headers
mtk_hdr mtk_kernel_hdr, mtk_ramdisk_hdr;
size_t mtk_kernel_off, mtk_ramdisk_off;
// Load original image
mmap_ro(orig_image, &orig, &size);
// Parse original image
printf("Parsing boot image: [%s]\n\n", orig_image);
parse_img(orig, size);
printf("Repack to boot image: [%s]\n\n", out_image);
// Create new image
int fd = open_new(out_image);
// Set all sizes to 0
hdr.kernel_size = 0;
hdr.ramdisk_size = 0;
hdr.second_size = 0;
hdr.dt_size = 0;
// Skip a page for header
write_zero(fd, hdr.page_size);
// Restore kernel
if (mtk_kernel) {
mtk_kernel_off = lseek(fd, 0, SEEK_CUR);
restore_buf(fd, kernel, 512);
memcpy(&mtk_kernel_hdr, kernel, sizeof(mtk_kernel_hdr));
}
hdr.kernel_size = restore(KERNEL_FILE, fd);
file_align(fd, hdr.page_size, 1);
// Restore ramdisk
if (mtk_ramdisk) {
mtk_ramdisk_off = lseek(fd, 0, SEEK_CUR);
restore_buf(fd, ramdisk, 512);
memcpy(&mtk_ramdisk_hdr, ramdisk, sizeof(mtk_ramdisk_hdr));
}
if (access(RAMDISK_FILE, R_OK) == 0) {
// If we found raw cpio, compress to original format
// Before we start, clean up previous compressed files
for (int i = 0; SUP_EXT_LIST[i]; ++i) {
sprintf(name, "%s.%s", RAMDISK_FILE, SUP_EXT_LIST[i]);
unlink(name);
}
size_t cpio_size;
unsigned char *cpio;
mmap_ro(RAMDISK_FILE, &cpio, &cpio_size);
if (comp(ramdisk_type, RAMDISK_FILE, cpio, cpio_size))
LOGE(1, "Unsupported ramdisk format!\n");
munmap(cpio, cpio_size);
}
int found = 0;
for (int i = 0; SUP_EXT_LIST[i]; ++i) {
sprintf(name, "%s.%s", RAMDISK_FILE, SUP_EXT_LIST[i]);
if (access(name, R_OK) == 0) {
ramdisk_type = SUP_TYPE_LIST[i];
found = 1;
break;
}
}
if (!found)
LOGE(1, "No ramdisk exists!\n");
hdr.ramdisk_size = restore(name, fd);
file_align(fd, hdr.page_size, 1);
// Restore second
if (access(SECOND_FILE, R_OK) == 0) {
hdr.second_size = restore(SECOND_FILE, fd);
file_align(fd, hdr.page_size, 1);
}
// Restore dtb
if (access(DTB_FILE, R_OK) == 0) {
hdr.dt_size = restore(DTB_FILE, fd);
file_align(fd, hdr.page_size, 1);
}
// Check extra info, currently only for LG Bump and Samsung SEANDROIDENFORCE
if (extra) {
if (memcmp(extra, "SEANDROIDENFORCE", 16) == 0 ||
memcmp(extra, "\x41\xa9\xe4\x67\x74\x4d\x1d\x1b\xa4\x29\xf2\xec\xea\x65\x52\x79", 16) == 0 ) {
restore_buf(fd, extra, 16);
}
}
// Write headers back
if (mtk_kernel) {
lseek(fd, mtk_kernel_off, SEEK_SET);
mtk_kernel_hdr.size = hdr.kernel_size;
hdr.kernel_size += 512;
restore_buf(fd, &mtk_kernel_hdr, sizeof(mtk_kernel_hdr));
}
if (mtk_ramdisk) {
lseek(fd, mtk_ramdisk_off, SEEK_SET);
mtk_ramdisk_hdr.size = hdr.ramdisk_size;
hdr.ramdisk_size += 512;
restore_buf(fd, &mtk_ramdisk_hdr, sizeof(mtk_ramdisk_hdr));
}
// Main header
lseek(fd, 0, SEEK_SET);
restore_buf(fd, &hdr, sizeof(hdr));
// Print new image info
print_info();
munmap(orig, size);
close(fd);
}

48
jni/magiskboot/unpack.c
View File

@@ -1,48 +0,0 @@
#include "magiskboot.h"
static void dump(unsigned char *buf, size_t size, const char *filename) {
int fd = open_new(filename);
xwrite(fd, buf, size);
close(fd);
}
void unpack(const char* image) {
size_t size;
unsigned char *orig;
mmap_ro(image, &orig, &size);
// Parse image
printf("Parsing boot image: [%s]\n\n", image);
parse_img(orig, size);
// Dump kernel
if (mtk_kernel) {
kernel += 512;
hdr.kernel_size -= 512;
}
dump(kernel, hdr.kernel_size, KERNEL_FILE);
// Dump ramdisk
if (mtk_ramdisk) {
ramdisk += 512;
hdr.ramdisk_size -= 512;
}
if (decomp(ramdisk_type, RAMDISK_FILE, ramdisk, hdr.ramdisk_size)) {
// Dump the compressed ramdisk
dump(ramdisk, hdr.ramdisk_size, RAMDISK_FILE ".unsupport");
LOGE(1, "Unsupported ramdisk format! Dumped to %s\n", RAMDISK_FILE ".unsupport");
}
if (hdr.second_size) {
// Dump second
dump(second, hdr.second_size, SECOND_FILE);
}
if (hdr.dt_size) {
// Dump dtb
dump(dtb, hdr.dt_size, DTB_FILE);
}
munmap(orig, size);
}

127
jni/magiskhide/hide_daemon.c
View File

@@ -1,127 +0,0 @@
/* hide_daemon.c - MagiskHide daemon
*
* A dedicated process to join the target namespace,
* and hide all traces in that particular namespace
*/
#include <stdio.h>
#include <stdlib.h>
#include <unistd.h>
#include <string.h>
#include <fcntl.h>
#include <signal.h>
#include <sys/types.h>
#include <sys/stat.h>
#include <sys/mount.h>
#include "magisk.h"
#include "utils.h"
#include "magiskhide.h"
static int pid;
static void lazy_unmount(const char* mountpoint) {
if (umount2(mountpoint, MNT_DETACH) != -1)
LOGI("hide_daemon: Unmounted (%s)\n", mountpoint);
else
LOGI("hide_daemon: Unmount Failed (%s)\n", mountpoint);
}
static void hide_daemon_err() {
LOGD("hide_daemon: error occured, stopping magiskhide services\n");
// Resume process if possible
kill(pid, SIGCONT);
int err = 1;
write(sv[1], &err, sizeof(err));
_exit(-1);
}
int hide_daemon() {
// Fork to a new process
hide_pid = fork();
switch(hide_pid) {
case -1:
PLOGE("fork");
return 1;
case 0:
break;
default:
return 0;
}
close(sv[0]);
// Set the process name
strcpy(argv0, "magiskhide_daemon");
// When an error occurs, report its failure to main process
err_handler = hide_daemon_err;
char buffer[4096], cache_block[256], *line;
struct vector mount_list;
cache_block[0] = '\0';
while(1) {
xxread(sv[1], &pid, sizeof(pid));
// Termination called
if(pid == -1) {
LOGD("hide_daemon: received termination request\n");
_exit(0);
}
manage_selinux();
relink_sbin();
if (switch_mnt_ns(pid))
continue;
snprintf(buffer, sizeof(buffer), "/proc/%d/mounts", pid);
vec_init(&mount_list);
file_to_vector(buffer, &mount_list);
// Find the cache block name if not found yet
if (strlen(cache_block) == 0) {
vec_for_each(&mount_list, line) {
if (strstr(line, " /cache ")) {
sscanf(line, "%256s", cache_block);
break;
}
}
}
// First unmount the dummy skeletons, cache mounts, and /sbin links
vec_for_each_r(&mount_list, line) {
if (strstr(line, "tmpfs /system") || strstr(line, "tmpfs /vendor") || strstr(line, "tmpfs /sbin")
|| (strstr(line, cache_block) && strstr(line, "/system/")) ) {
sscanf(line, "%*s %512s", buffer);
lazy_unmount(buffer);
}
free(line);
}
vec_destroy(&mount_list);
// Re-read mount infos
snprintf(buffer, sizeof(buffer), "/proc/%d/mounts", pid);
vec_init(&mount_list);
file_to_vector(buffer, &mount_list);
// Unmount loop mounts
vec_for_each_r(&mount_list, line) {
if (strstr(line, "/dev/block/loop") && !strstr(line, DUMMDIR)) {
sscanf(line, "%*s %512s", buffer);
lazy_unmount(buffer);
}
free(line);
}
vec_destroy(&mount_list);
// All done, send resume signal
kill(pid, SIGCONT);
// Tell main process all is well
pid = 0;
xwrite(sv[1], &pid, sizeof(pid));
}
// Should never go here
}

254
jni/magiskhide/hide_utils.c Normal file
View File

@@ -0,0 +1,254 @@
/* hide_utils.c - Some utility functions for MagiskHide
*/
#include <stdio.h>
#include <stdlib.h>
#include <unistd.h>
#include <errno.h>
#include <dirent.h>
#include <string.h>
#include <sys/mount.h>
#include <sys/types.h>
#include <sys/stat.h>
#include <selinux/selinux.h>
#include "magisk.h"
#include "utils.h"
#include "resetprop.h"
#include "magiskhide.h"
#include "daemon.h"
static char *prop_key[] =
{ "ro.boot.verifiedbootstate", "ro.boot.flash.locked", "ro.boot.veritymode", "ro.boot.warranty_bit", "ro.warranty_bit",
"ro.debuggable", "ro.secure", "ro.build.type", "ro.build.tags", "ro.build.selinux", NULL };
static char *prop_value[] =
{ "green", "1", "enforcing", "0", "0", "0", "1", "user", "release-keys", "0", NULL };
static int mocked = 0;
void manage_selinux() {
if (mocked) return;
char val[1];
int fd = xopen(SELINUX_ENFORCE, O_RDONLY);
xxread(fd, val, 1);
close(fd);
// Permissive
if (val[0] == '0') {
LOGI("hide_daemon: Permissive detected, hide the state\n");
chmod(SELINUX_ENFORCE, 0640);
chmod(SELINUX_POLICY, 0440);
mocked = 1;
}
}
void hide_sensitive_props() {
LOGI("hide_utils: Hiding sensitive props\n");
// Hide all sensitive props
char *value;
for (int i = 0; prop_key[i]; ++i) {
value = getprop(prop_key[i]);
if (value) {
if (strcmp(value, prop_value[i]) != 0)
setprop2(prop_key[i], prop_value[i], 0);
free(value);
}
}
}
static void rm_magisk_prop(const char *name) {
if (strstr(name, "magisk")) {
deleteprop(name, 0);
}
}
void clean_magisk_props() {
LOGD("hide_utils: Cleaning magisk props\n");
getprop_all(rm_magisk_prop);
}
void relink_sbin() {
struct stat st;
if (stat("/sbin_orig", &st) == -1 && errno == ENOENT) {
// Re-link all binaries and bind mount
DIR *dir;
struct dirent *entry;
char from[PATH_MAX], to[PATH_MAX];
LOGI("hide_utils: Re-linking /sbin\n");
xmount(NULL, "/", NULL, MS_REMOUNT, NULL);
xrename("/sbin", "/sbin_orig");
xmkdir("/sbin", 0755);
xchmod("/sbin", 0755);
xmount(NULL, "/", NULL, MS_REMOUNT | MS_RDONLY, NULL);
xmkdir("/dev/sbin_bind", 0755);
xchmod("/dev/sbin_bind", 0755);
dir = xopendir("/sbin_orig");
while ((entry = xreaddir(dir))) {
if (strcmp(entry->d_name, "..") == 0)
continue;
snprintf(from, sizeof(from), "/sbin_orig/%s", entry->d_name);
if (entry->d_type == DT_LNK)
xreadlink(from, from, sizeof(from));
snprintf(to, sizeof(to), "/dev/sbin_bind/%s", entry->d_name);
symlink(from, to);
lsetfilecon(to, "u:object_r:rootfs:s0");
}
closedir(dir);
xmount("/dev/sbin_bind", "/sbin", NULL, MS_BIND, NULL);
}
}
int add_list(char *proc) {
if (!hideEnabled) {
free(proc);
return HIDE_NOT_ENABLED;
}
char *line;
struct vector *new_list = xmalloc(sizeof(*new_list));
if (new_list == NULL)
return DAEMON_ERROR;
vec_init(new_list);
vec_for_each(hide_list, line) {
// They should be unique
if (strcmp(line, proc) == 0) {
free(proc);
vec_destroy(new_list);
free(new_list);
return HIDE_ITEM_EXIST;
}
vec_push_back(new_list, line);
}
vec_push_back(new_list, proc);
LOGI("hide_list add: [%s]\n", proc);
ps_filter_proc_name(proc, kill_proc);
// Critical region
pthread_mutex_lock(&hide_lock);
vec_destroy(hide_list);
free(hide_list);
hide_list = new_list;
pthread_mutex_unlock(&hide_lock);
pthread_mutex_lock(&file_lock);
vector_to_file(HIDELIST, hide_list); // Do not complain if file not found
pthread_mutex_unlock(&file_lock);
return DAEMON_SUCCESS;
}
int rm_list(char *proc) {
if (!hideEnabled) {
free(proc);
return HIDE_NOT_ENABLED;
}
daemon_response ret = DAEMON_ERROR;
char *line;
int do_rm = 0;
struct vector *new_list = xmalloc(sizeof(*new_list));
if (new_list == NULL)
goto error;
vec_init(new_list);
vec_for_each(hide_list, line) {
if (strcmp(line, proc) == 0) {
free(proc);
proc = line;
do_rm = 1;
continue;
}
vec_push_back(new_list, line);
}
if (do_rm) {
LOGI("hide_list rm: [%s]\n", proc);
ps_filter_proc_name(proc, kill_proc);
// Critical region
pthread_mutex_lock(&hide_lock);
vec_destroy(hide_list);
free(hide_list);
hide_list = new_list;
pthread_mutex_unlock(&hide_lock);
ret = DAEMON_SUCCESS;
pthread_mutex_lock(&file_lock);
vector_to_file(HIDELIST, hide_list); // Do not complain if file not found
pthread_mutex_unlock(&file_lock);
} else {
ret = HIDE_ITEM_NOT_EXIST;
vec_destroy(new_list);
free(new_list);
}
error:
free(proc);
return ret;
}
int init_list() {
LOGD("hide_list: initialize...\n");
if ((hide_list = xmalloc(sizeof(*hide_list))) == NULL)
return 1;
vec_init(hide_list);
// Might error if file doesn't exist, no need to report
file_to_vector(HIDELIST, hide_list);
char *line;
vec_for_each(hide_list, line) {
LOGI("hide_list: [%s]\n", line);
ps_filter_proc_name(line, kill_proc);
}
return 0;
}
int destroy_list() {
char *line;
vec_for_each(hide_list, line) {
ps_filter_proc_name(line, kill_proc);
}
vec_deep_destroy(hide_list);
free(hide_list);
hide_list = NULL;
return 0;
}
void add_hide_list(int client) {
err_handler = do_nothing;
char *proc = read_string(client);
// ack
write_int(client, add_list(proc));
close(client);
}
void rm_hide_list(int client) {
err_handler = do_nothing;
char *proc = read_string(client);
// ack
write_int(client, rm_list(proc));
close(client);
}
void ls_hide_list(int client) {
err_handler = do_nothing;
if (!hideEnabled) {
write_int(client, HIDE_NOT_ENABLED);
return;
}
write_int(client, DAEMON_SUCCESS);
write_int(client, vec_size(hide_list));
char *s;
vec_for_each(hide_list, s) {
write_string(client, s);
}
close(client);
}

148
jni/magiskhide/list_manager.c
View File

@@ -1,148 +0,0 @@
/* list_manager.c - Hide list management
*/
#include <string.h>
#include <unistd.h>
#include <pthread.h>
#include "magisk.h"
#include "utils.h"
#include "daemon.h"
#include "magiskhide.h"
int add_list(char *proc) {
if (!hideEnabled) {
free(proc);
return HIDE_NOT_ENABLED;
}
char *line;
struct vector *new_list = xmalloc(sizeof(*new_list));
if (new_list == NULL)
return DAEMON_ERROR;
vec_init(new_list);
vec_for_each(hide_list, line) {
// They should be unique
if (strcmp(line, proc) == 0) {
free(proc);
vec_destroy(new_list);
free(new_list);
return HIDE_ITEM_EXIST;
}
vec_push_back(new_list, line);
}
vec_push_back(new_list, proc);
LOGI("hide_list add: [%s]\n", proc);
ps_filter_proc_name(proc, kill_proc);
// Critical region
pthread_mutex_lock(&hide_lock);
vec_destroy(hide_list);
free(hide_list);
hide_list = new_list;
pthread_mutex_unlock(&hide_lock);
pthread_mutex_lock(&file_lock);
if (vector_to_file(HIDELIST, hide_list)) {
pthread_mutex_unlock(&file_lock);
return DAEMON_ERROR;
}
pthread_mutex_unlock(&file_lock);
return DAEMON_SUCCESS;
}
int rm_list(char *proc) {
if (!hideEnabled) {
free(proc);
return HIDE_NOT_ENABLED;
}
daemon_response ret = DAEMON_ERROR;
char *line;
int do_rm = 0;
struct vector *new_list = xmalloc(sizeof(*new_list));
if (new_list == NULL)
goto error;
vec_init(new_list);
vec_for_each(hide_list, line) {
if (strcmp(line, proc) == 0) {
free(proc);
proc = line;
do_rm = 1;
continue;
}
vec_push_back(new_list, line);
}
if (do_rm) {
LOGI("hide_list rm: [%s]\n", proc);
ps_filter_proc_name(proc, kill_proc);
// Critical region
pthread_mutex_lock(&hide_lock);
vec_destroy(hide_list);
free(hide_list);
hide_list = new_list;
pthread_mutex_unlock(&hide_lock);
ret = DAEMON_SUCCESS;
pthread_mutex_lock(&file_lock);
if (vector_to_file(HIDELIST, hide_list))
ret = DAEMON_ERROR;
pthread_mutex_unlock(&file_lock);
} else {
ret = HIDE_ITEM_NOT_EXIST;
vec_destroy(new_list);
free(new_list);
}
error:
free(proc);
return ret;
}
int init_list() {
LOGD("hide_list: initialize...\n");
if ((hide_list = xmalloc(sizeof(*hide_list))) == NULL)
return 1;
vec_init(hide_list);
// Might error if file doesn't exist, no need to report
file_to_vector(HIDELIST, hide_list);
char *line;
vec_for_each(hide_list, line) {
LOGI("hide_list: [%s]\n", line);
ps_filter_proc_name(line, kill_proc);
}
return 0;
}
int destroy_list() {
char *line;
vec_for_each(hide_list, line) {
ps_filter_proc_name(line, kill_proc);
}
vec_deep_destroy(hide_list);
free(hide_list);
hide_list = NULL;
return 0;
}
void add_hide_list(int client) {
err_handler = do_nothing;
char *proc = read_string(client);
// ack
write_int(client, add_list(proc));
close(client);
}
void rm_hide_list(int client) {
err_handler = do_nothing;
char *proc = read_string(client);
// ack
write_int(client, rm_list(proc));
close(client);
}

98
jni/magiskhide/magiskhide.c
View File

@@ -16,7 +16,6 @@
#include "daemon.h"
#include "resetprop.h"
int sv[2], hide_pid = -1;
struct vector *hide_list = NULL;
int hideEnabled = 0;
@@ -29,14 +28,14 @@ void kill_proc(int pid) {
static void usage(char *arg0) {
fprintf(stderr,
"MagiskHide v" xstr(MAGISK_VERSION) " (by topjohnwu) - Hide Magisk!\n\n"
"%s [--options [arguments...] ]\n\n"
"MagiskHide v" xstr(MAGISK_VERSION) "(" xstr(MAGISK_VER_CODE) ") (by topjohnwu) - Hide Magisk!\n\n"
"Usage: %s [--options [arguments...] ]\n\n"
"Options:\n"
" --enable: Start the magiskhide daemon\n"
" --disable: Stop the magiskhide daemon\n"
" --add <process name>: Add <process name> to the list\n"
" --rm <process name>: Remove <process name> from the list\n"
" --ls: Print out the current hide list\n"
" --enable Start magiskhide\n"
" --disable Stop magiskhide\n"
" --add PROCESS Add PROCESS to the hide list\n"
" --rm PROCESS Remove PROCESS from the hide list\n"
" --ls Print out the current hide list\n"
, arg0);
exit(1);
}
@@ -46,35 +45,20 @@ void launch_magiskhide(int client) {
err_handler = do_nothing;
if (hideEnabled) {
write_int(client, HIDE_IS_ENABLED);
close(client);
if (client > 0) {
write_int(client, HIDE_IS_ENABLED);
close(client);
}
return;
}
hideEnabled = 1;
LOGI("* Starting MagiskHide\n");
hideEnabled = 1;
if (client != -1) {
if (setprop(MAGISKHIDE_PROP, "1"))
goto error;
}
deleteprop(MAGISKHIDE_PROP, 1);
hide_sensitive_props();
if (socketpair(AF_LOCAL, SOCK_STREAM, 0, sv) == -1)
goto error;
/*
* The setns system call do not support multithread processes
* We have to fork a new process, and communicate with sockets
*/
if (hide_daemon())
goto error;
close(sv[1]);
// Initialize the mutex lock
pthread_mutex_init(&hide_lock, NULL);
pthread_mutex_init(&file_lock, NULL);
@@ -86,8 +70,10 @@ void launch_magiskhide(int client) {
// Add SafetyNet by default
add_list(strdup("com.google.android.gms.unstable"));
write_int(client, DAEMON_SUCCESS);
close(client);
if (client > 0) {
write_int(client, DAEMON_SUCCESS);
close(client);
}
// Get thread reference
proc_monitor_thread = pthread_self();
@@ -97,15 +83,9 @@ void launch_magiskhide(int client) {
error:
hideEnabled = 0;
write_int(client, DAEMON_ERROR);
close(client);
if (hide_pid != -1) {
int kill = -1;
// Kill hide daemon
write(sv[0], &kill, sizeof(kill));
close(sv[0]);
waitpid(hide_pid, NULL, 0);
hide_pid = -1;
if (client > 0) {
write_int(client, DAEMON_ERROR);
close(client);
}
return;
}
@@ -121,6 +101,8 @@ void stop_magiskhide(int client) {
hideEnabled = 0;
setprop(MAGISKHIDE_PROP, "0");
// Remove without actually removing persist props
deleteprop(MAGISKHIDE_PROP, 0);
pthread_kill(proc_monitor_thread, SIGUSR1);
write_int(client, DAEMON_SUCCESS);
@@ -141,15 +123,7 @@ int magiskhide_main(int argc, char *argv[]) {
} else if (strcmp(argv[1], "--rm") == 0 && argc > 2) {
req = RM_HIDELIST;
} else if (strcmp(argv[1], "--ls") == 0) {
FILE *fp = fopen(HIDELIST, "r");
if (fp == NULL)
return 1;
char buffer[512];
while (fgets(buffer, sizeof(buffer), fp)) {
printf("%s", buffer);
}
fclose(fp);
return 0;
req = LS_HIDELIST;
}
int fd = connect_daemon();
write_int(fd, req);
@@ -157,28 +131,38 @@ int magiskhide_main(int argc, char *argv[]) {
write_string(fd, argv[2]);
}
daemon_response code = read_int(fd);
close(fd);
switch (code) {
case DAEMON_ERROR:
fprintf(stderr, "Error occured in daemon...\n");
break;
return code;
case DAEMON_SUCCESS:
break;
case ROOT_REQUIRED:
fprintf(stderr, "Root is required for this operation\n");
break;
return code;
case HIDE_NOT_ENABLED:
fprintf(stderr, "Magisk hide is not enabled yet\n");
break;
return code;
case HIDE_IS_ENABLED:
fprintf(stderr, "Magisk hide is already enabled\n");
break;
return code;
case HIDE_ITEM_EXIST:
fprintf(stderr, "Process [%s] already exists in hide list\n", argv[2]);
break;
return code;
case HIDE_ITEM_NOT_EXIST:
fprintf(stderr, "Process [%s] does not exist in hide list\n", argv[2]);
break;
return code;
}
return code;
if (req == LS_HIDELIST) {
int argc = read_int(fd);
for (int i = 0; i < argc; ++i) {
char *s = read_string(fd);
printf("%s\n", s);
free(s);
}
}
close(fd);
return 0;
}

8
jni/magiskhide/magiskhide.h
View File

@@ -6,16 +6,14 @@
// Kill process
void kill_proc(int pid);
// Hide daemon
int hide_daemon();
// Process monitor
void proc_monitor();
// Preprocess
// Utility functions
void manage_selinux();
void hide_sensitive_props();
void relink_sbin();
void clean_magisk_props();
// List managements
int add_list(char *proc);
@@ -23,7 +21,7 @@ int rm_list(char *proc);
int init_list();
int destroy_list();
extern int sv[2], hide_pid, hideEnabled;
extern int hideEnabled;
extern struct vector *hide_list;
extern pthread_mutex_t hide_lock, file_lock;

90
jni/magiskhide/pre_process.c
View File

@@ -1,90 +0,0 @@
/* pre_process.c - Some pre-processes for MagiskHide to hide properly
*/
#include <stdio.h>
#include <stdlib.h>
#include <unistd.h>
#include <errno.h>
#include <dirent.h>
#include <string.h>
#include <sys/mount.h>
#include <sys/types.h>
#include <sys/stat.h>
#include <selinux/selinux.h>
#include "magisk.h"
#include "utils.h"
#include "resetprop.h"
#include "magiskhide.h"
static char *prop_key[] =
{ "ro.boot.verifiedbootstate", "ro.boot.flash.locked", "ro.boot.veritymode", "ro.boot.warranty_bit", "ro.warranty_bit",
"ro.debuggable", "ro.secure", NULL };
static char *prop_value[] =
{ "green", "1", "enforcing", "0", "0", "0", "1", NULL };
static int isMocked = 0;
void manage_selinux() {
if (isMocked) return;
char val[1];
int fd = xopen(SELINUX_ENFORCE, O_RDONLY);
xxread(fd, val, 1);
close(fd);
// Permissive
if (val[0] == '0') {
LOGI("hide_daemon: Permissive detected, hide the state\n");
chmod(SELINUX_ENFORCE, 0640);
chmod(SELINUX_POLICY, 0440);
isMocked = 1;
}
}
void hide_sensitive_props() {
LOGI("hide_pre_proc: Hiding sensitive props\n");
// Hide all sensitive props
char *value;
for (int i = 0; prop_key[i]; ++i) {
value = getprop(prop_key[i]);
if (value) {
if (strcmp(value, prop_value[i]) != 0)
setprop2(prop_key[i], prop_value[i], 0);
free(value);
}
}
}
void relink_sbin() {
struct stat st;
if (stat("/sbin_orig", &st) == -1 && errno == ENOENT) {
// Re-link all binaries and bind mount
DIR *dir;
struct dirent *entry;
char from[PATH_MAX], to[PATH_MAX];
LOGI("hide_pre_proc: Re-linking /sbin\n");
xmount(NULL, "/", NULL, MS_REMOUNT, NULL);
xrename("/sbin", "/sbin_orig");
xmkdir("/sbin", 0755);
xchmod("/sbin", 0755);
xmount(NULL, "/", NULL, MS_REMOUNT | MS_RDONLY, NULL);
xmkdir("/dev/sbin_bind", 0755);
xchmod("/dev/sbin_bind", 0755);
dir = xopendir("/sbin_orig");
while ((entry = xreaddir(dir))) {
snprintf(from, sizeof(from), "%s/%s", "/sbin_orig", entry->d_name);
snprintf(to, sizeof(to), "%s/%s", "/dev/sbin_bind", entry->d_name);
symlink(from, to);
lsetfilecon(to, "u:object_r:system_file:s0");
}
closedir(dir);
xmount("/dev/sbin_bind", "/sbin", NULL, MS_BIND, NULL);
}
}

187
jni/magiskhide/proc_monitor.c
View File

@@ -1,7 +1,8 @@
/* proc_monitor.c - Monitor am_proc_start events
*
* We monitor the logcat am_proc_start events, pause it,
* and send the target PID to hide daemon ASAP
/* proc_monitor.c - Monitor am_proc_start events and unmount
*
* We monitor the logcat am_proc_start events. When a target starts up,
* we pause it ASAP, and fork a new process to join its mount namespace
* and do all the unmounting/mocking
*/
#include <stdlib.h>
@@ -12,22 +13,17 @@
#include <pthread.h>
#include <sys/types.h>
#include <sys/wait.h>
#include <sys/mount.h>
#include "magisk.h"
#include "utils.h"
#include "magiskhide.h"
static int zygote_num = 0;
static char init_ns[32], zygote_ns[2][32];
static int log_pid = 0, log_fd = 0;
static int zygote_num;
static char init_ns[32], zygote_ns[2][32], cache_block[256];
static int log_pid, log_fd, target_pid;
static char *buffer;
static void read_namespace(const int pid, char* target, const size_t size) {
char path[32];
snprintf(path, sizeof(path), "/proc/%d/ns/mnt", pid);
xreadlink(path, target, size);
}
// Workaround for the lack of pthread_cancel
static void quit_pthread(int sig) {
err_handler = do_nothing;
@@ -36,23 +32,34 @@ static void quit_pthread(int sig) {
free(buffer);
hideEnabled = 0;
// Kill the logging if needed
if (log_pid) {
if (log_pid > 0) {
kill(log_pid, SIGTERM);
waitpid(log_pid, NULL, 0);
close(log_fd);
log_fd = log_pid = 0;
}
int kill = -1;
// If process monitor dies, kill hide daemon too
write(sv[0], &kill, sizeof(kill));
close(sv[0]);
waitpid(hide_pid, NULL, 0);
// Resume process if possible
if (target_pid > 0)
kill(target_pid, SIGCONT);
pthread_mutex_destroy(&hide_lock);
pthread_mutex_destroy(&file_lock);
LOGD("proc_monitor: terminating...\n");
pthread_exit(NULL);
}
static void proc_monitor_err() {
LOGD("proc_monitor: error occured, stopping magiskhide services\n");
quit_pthread(SIGUSR1);
}
static int read_namespace(const int pid, char* target, const size_t size) {
char path[32];
snprintf(path, sizeof(path), "/proc/%d/ns/mnt", pid);
if (access(path, R_OK) == -1)
return 1;
xreadlink(path, target, size);
return 0;
}
static void store_zygote_ns(int pid) {
if (zygote_num == 2) return;
do {
@@ -62,9 +69,75 @@ static void store_zygote_ns(int pid) {
++zygote_num;
}
static void proc_monitor_err() {
LOGD("proc_monitor: error occured, stopping magiskhide services\n");
quit_pthread(SIGUSR1);
static void lazy_unmount(const char* mountpoint) {
if (umount2(mountpoint, MNT_DETACH) != -1)
LOGD("hide_daemon: Unmounted (%s)\n", mountpoint);
else
LOGD("hide_daemon: Unmount Failed (%s)\n", mountpoint);
}
static void hide_daemon_err() {
LOGD("hide_daemon: error occured, stopping magiskhide services\n");
_exit(-1);
}
static void hide_daemon(int pid) {
LOGD("hide_daemon: start unmount for pid=[%d]\n", pid);
// When an error occurs, report its failure to main process
err_handler = hide_daemon_err;
char *line;
struct vector mount_list;
manage_selinux();
relink_sbin();
clean_magisk_props();
if (switch_mnt_ns(pid))
return;
snprintf(buffer, PATH_MAX, "/proc/%d/mounts", pid);
vec_init(&mount_list);
file_to_vector(buffer, &mount_list);
// Find the cache block name if not found yet
if (cache_block[0] == '\0') {
vec_for_each(&mount_list, line) {
if (strstr(line, " /cache ")) {
sscanf(line, "%256s", cache_block);
break;
}
}
}
// First unmount dummy skeletons, /sbin links, cache mounts, and mirrors
vec_for_each(&mount_list, line) {
if (strstr(line, "tmpfs /system") || strstr(line, "tmpfs /vendor") || strstr(line, "tmpfs /sbin")
|| (strstr(line, cache_block) && (strstr(line, " /system") || strstr(line, " /vendor")))
|| strstr(line, MIRRDIR)) {
sscanf(line, "%*s %4096s", buffer);
lazy_unmount(buffer);
}
free(line);
}
vec_destroy(&mount_list);
// Re-read mount infos
snprintf(buffer, PATH_MAX, "/proc/%d/mounts", pid);
vec_init(&mount_list);
file_to_vector(buffer, &mount_list);
// Unmount any loop mounts and dummy mounts
vec_for_each(&mount_list, line) {
if (strstr(line, "/dev/block/loop") || strstr(line, DUMMDIR)) {
sscanf(line, "%*s %4096s", buffer);
lazy_unmount(buffer);
}
free(line);
}
// Free uo memory
vec_destroy(&mount_list);
}
void proc_monitor() {
@@ -76,15 +149,20 @@ void proc_monitor() {
// The error handler should stop magiskhide services
err_handler = proc_monitor_err;
log_pid = target_pid = -1;
int pid;
buffer = xmalloc(PATH_MAX);
cache_block[0] = '\0';
// Get the mount namespace of init
read_namespace(1, init_ns, 32);
if (read_namespace(1, init_ns, 32)) {
LOGE("proc_monitor: Your kernel doesn't support mount namespace :(\n");
proc_monitor_err();
}
LOGI("proc_monitor: init ns=%s\n", init_ns);
// Get the mount namespace of zygote
zygote_num = 0;
while(!zygote_num) {
// Check zygote every 2 secs
sleep(2);
@@ -97,20 +175,23 @@ void proc_monitor() {
LOGI("proc_monitor: zygote ns=%s\n", zygote_ns[0]);
break;
case 2:
LOGI("proc_monitor: zygote (32-bit) ns=%s (64-bit) ns=%s\n", zygote_ns[0], zygote_ns[1]);
LOGI("proc_monitor: zygote ns=%s zygote64 ns=%s\n", zygote_ns[0], zygote_ns[1]);
break;
}
while (1) {
// Clear previous buffer
system("logcat -b events -c");
// Clear previous logcat buffer
exec_command_sync("logcat", "-b", "events", "-c", NULL);
// Monitor am_proc_start
char *const command[] = { "logcat", "-b", "events", "-v", "raw", "-s", "am_proc_start", NULL };
log_pid = run_command(0, &log_fd, "/system/bin/logcat", command);
log_fd = -1;
log_pid = exec_command(0, &log_fd, NULL, "logcat", "-b", "events", "-v", "raw", "-s", "am_proc_start", NULL);
if (log_pid < 0) continue;
if (kill(log_pid, 0)) continue;
while(fdgets(buffer, PATH_MAX, log_fd)) {
int ret, comma = 0;
int pid, ret, comma = 0;
char *pos = buffer, *line, processName[256];
while(1) {
@@ -135,10 +216,11 @@ void proc_monitor() {
pthread_mutex_lock(&hide_lock);
vec_for_each(hide_list, line) {
if (strcmp(processName, line) == 0) {
target_pid = pid;
while(1) {
ret = 1;
for (int i = 0; i < zygote_num; ++i) {
read_namespace(pid, buffer, 32);
read_namespace(target_pid, buffer, 32);
if (strcmp(buffer, zygote_ns[i]) == 0) {
usleep(50);
ret = 0;
@@ -148,35 +230,44 @@ void proc_monitor() {
if (ret) break;
}
ret = 0;
// Send pause signal ASAP
if (kill(pid, SIGSTOP) == -1) continue;
if (kill(target_pid, SIGSTOP) == -1) continue;
LOGI("proc_monitor: %s (PID=%d ns=%s)\n", processName, pid, buffer);
LOGI("proc_monitor: %s (PID=%d ns=%s)\n", processName, target_pid, buffer);
// Unmount start
xwrite(sv[0], &pid, sizeof(pid));
/*
* The setns system call do not support multithread processes
* We have to fork a new process, setns, then do the unmounts
*/
int hide_pid = fork();
switch(hide_pid) {
case -1:
PLOGE("fork");
return;
case 0:
hide_daemon(target_pid);
_exit(0);
default:
break;
}
// Get the hide daemon return code
xxread(sv[0], &ret, sizeof(ret));
LOGD("proc_monitor: hide daemon response code: %d\n", ret);
// Wait till the unmount process is done
waitpid(hide_pid, &ret, 0);
if (WEXITSTATUS(ret))
quit_pthread(SIGUSR1);
// All done, send resume signal
kill(target_pid, SIGCONT);
target_pid = -1;
break;
}
}
pthread_mutex_unlock(&hide_lock);
if (ret) {
// Wait hide process to kill itself
waitpid(hide_pid, NULL, 0);
quit_pthread(SIGUSR1);
}
}
// For some reason it went here, restart logging
kill(log_pid, SIGTERM);
waitpid(log_pid, NULL, 0);
close(log_fd);
log_pid = 0;
}
}

2
jni/magiskpolicy

Submodule jni/magiskpolicy updated: 193d160bed...3c6a170138

24
jni/resetprop/_system_properties.h
View File

@@ -73,22 +73,22 @@ int __system_property_area_init2();
/* Read the global serial number of the system properties
**
** Called to predict if a series of cached __system_property_find2
** objects will have seen __system_property_serial2 values change.
** Called to predict if a series of cached __system_property_find
** objects will have seen __system_property_serial values change.
** But also aids the converse, as changes in the global serial can
** also be used to predict if a failed __system_property_find2
** also be used to predict if a failed __system_property_find
** could in-turn now find a new object; thus preventing the
** cycles of effort to poll __system_property_find2.
** cycles of effort to poll __system_property_find.
**
** Typically called at beginning of a cache cycle to signal if _any_ possible
** changes have occurred since last. If there is, one may check each individual
** __system_property_serial2 to confirm dirty, or __system_property_find2
** to check if the property now exists. If a call to __system_property_add2
** or __system_property_update2 has completed between two calls to
** __system_property_area_serial2 then the second call will return a larger
** __system_property_serial to confirm dirty, or __system_property_find
** to check if the property now exists. If a call to __system_property_add
** or __system_property_update has completed between two calls to
** __system_property_area_serial then the second call will return a larger
** value than the first call. Beware of race conditions as changes to the
** properties are not atomic, the main value of this call is to determine
** whether the expensive __system_property_find2 is worth retrying to see if
** whether the expensive __system_property_find is worth retrying to see if
** a property now exists.
**
** Returns the serial number on success, -1 on error.
@@ -112,7 +112,7 @@ int __system_property_add2(const char *name, unsigned int namelen, const char *v
int __system_property_del(const char *name);
/* Update the value of a system property returned by
** __system_property_find2. Can only be done by a single process
** __system_property_find. Can only be done by a single process
** that has write access to the property area, and that process
** must handle sequencing to ensure that only one property is
** updated at a time.
@@ -122,7 +122,7 @@ int __system_property_del(const char *name);
int __system_property_update2(prop_info *pi, const char *value, unsigned int len);
/* Read the serial number of a system property returned by
** __system_property_find2.
** __system_property_find.
**
** Returns the serial number on success, -1 on error.
*/
@@ -136,7 +136,7 @@ uint32_t __system_property_serial2(const prop_info* pi);
*/
int __system_properties_init2();
/* Deprecated: use __system_property_wait2 instead. */
/* Deprecated: use __system_property_wait instead. */
uint32_t __system_property_wait_any2(uint32_t old_serial);
__END_DECLS

20
jni/resetprop/bionic_macros.h
View File

@@ -17,6 +17,8 @@
#ifndef _BIONIC_MACROS_H_
#define _BIONIC_MACROS_H_
#include <stdint.h>
// Frameworks OpenGL code currently leaks this header and allows
// collisions with other declarations, e.g., from libnativehelper.
// TODO: Remove once cleaned up. b/18334516
@@ -46,4 +48,22 @@
? (1UL << (64 - __builtin_clzl(static_cast<unsigned long>(value)))) \
: (1UL << (32 - __builtin_clz(static_cast<unsigned int>(value)))))
static constexpr uintptr_t align_down(uintptr_t p, size_t align) {
return p & ~(align - 1);
}
static constexpr uintptr_t align_up(uintptr_t p, size_t align) {
return (p + align - 1) & ~(align - 1);
}
template <typename T>
static inline T* align_down(T* p, size_t align) {
return reinterpret_cast<T*>(align_down(reinterpret_cast<uintptr_t>(p), align));
}
template <typename T>
static inline T* align_up(T* p, size_t align) {
return reinterpret_cast<T*>(align_up(reinterpret_cast<uintptr_t>(p), align));
}
#endif // _BIONIC_MACROS_H_

115
jni/resetprop/resetprop.cpp
View File

@@ -1,10 +1,10 @@
/* resetprop.cpp - Manipulate any system props
*
*
* Copyright 2016 nkk71 <nkk71x@gmail.com>
* Copyright 2016 topjohnwu <topjohnwu@gmail.com>
*
*
* Info:
*
*
* all changes are in
*
* bionic/libc/bionic/system_properties.cpp
@@ -26,23 +26,23 @@
*
* static prop_area* map_fd_ro(const int fd)
* we dont want this read only so change: 'PROT_READ' to 'PROT_READ | PROT_WRITE'
*
*
*
* Copy the code of prop_info *prop_area::find_property, and modify to delete props
* const prop_info *prop_area::find_property_and_del(prop_bt *const trie, const char *name)
* {
* ...
* ...
* ... Do not alloc a new prop_bt here, remove all code involve alloc_if_needed
* ...
*
*
* if (prop_offset != 0) {
* atomic_store_explicit(&current->prop, 0, memory_order_release); // Add this line to nullify the prop entry
* return to_prop_info(&current->prop);
* } else {
*
*
* ....
* }
*
*
*
* by patching just those functions directly, all other functions should be ok
* as is.
@@ -60,43 +60,31 @@
#define _REALLY_INCLUDE_SYS__SYSTEM_PROPERTIES_H_
#include "_system_properties.h"
#include <sys/system_properties.h>
#ifdef INDEP_BINARY
int resetprop_main(int argc, char *argv[]);
int main(int argc, char *argv[]) {
return resetprop_main(argc, argv);
}
#define PRINT_D(...) if (verbose) printf(__VA_ARGS__)
#define PRINT_E(...) fprintf(stderr, __VA_ARGS__)
#else
#include "system_properties.h"
#include "magisk.h"
#include "resetprop.h"
#define PRINT_D(...) { LOGD(__VA_ARGS__); if (verbose) printf(__VA_ARGS__); }
#define PRINT_E(...) { LOGE(__VA_ARGS__); fprintf(stderr, __VA_ARGS__); }
#endif
#include "resetprop.h"
#define PERSISTENT_PROPERTY_DIR "/data/property"
static int verbose = 0;
static bool is_legal_property_name(const char* name, size_t namelen) {
static bool is_legal_property_name(const char *name, size_t namelen) {
if (namelen < 1) return false;
if (name[0] == '.') return false;
if (name[namelen - 1] == '.') return false;
/* Only allow alphanumeric, plus '.', '-', or '_' */
/* Only allow alphanumeric, plus '.', '-', '@', ':', or '_' */
/* Don't allow ".." to appear in a property name */
for (size_t i = 0; i < namelen; i++) {
if (name[i] == '.') {
// i=0 is guaranteed to never have a dot. See above.
if (name[i - 1] == '.') return false;
if (name[i-1] == '.') return false;
continue;
}
if (name[i] == '_' || name[i] == '-') continue;
if (name[i] == '_' || name[i] == '-' || name[i] == '@' || name[i] == ':') continue;
if (name[i] >= 'a' && name[i] <= 'z') continue;
if (name[i] >= 'A' && name[i] <= 'Z') continue;
if (name[i] >= '0' && name[i] <= '9') continue;
@@ -108,21 +96,23 @@ static bool is_legal_property_name(const char* name, size_t namelen) {
static int usage(char* arg0) {
fprintf(stderr,
"resetprop v" xstr(MAGISK_VERSION) " (by topjohnwu & nkk71) - System Props Modification Tool\n\n"
"resetprop v" xstr(MAGISK_VERSION) "(" xstr(MAGISK_VER_CODE) ") (by topjohnwu & nkk71) - System Props Modification Tool\n\n"
"Usage: %s [options] [args...]\n"
"%s <name> <value>: Set property entry <name> with <value>\n"
"%s --file <prop file>: Load props from <prop file>\n"
"%s --delete <name>: Remove prop entry <name>\n"
"\n"
"Options:\n"
" -v verbose output\n"
" -n don't trigger events when changing props\n"
" -v show verbose output\n"
" -n only modify property in memory\n"
"\n"
"%s NAME VALUE set property entry NAME with VALUE\n"
"%s --file FILE load props from FILE\n"
"%s --delete NAME remove prop entry NAME\n"
"\n"
, arg0, arg0, arg0, arg0);
return 1;
}
int init_resetprop() {
PRINT_D("resetprop: Initializing...\n");
static int init_resetprop() {
if (__system_properties_init2()) {
PRINT_E("resetprop: Initialize error\n");
return -1;
@@ -130,15 +120,21 @@ int init_resetprop() {
return 0;
}
int prop_exist(const char *name) {
if (init_resetprop()) return 0;
return __system_property_find2(name) != NULL;
}
static void read_prop_info(void* cookie, const char *name, const char *value, uint32_t serial) {
strcpy((char *) cookie, value);
}
// Get prop by name, return string (should free manually!)
char *getprop(const char *name) {
if (init_resetprop()) return NULL;
const prop_info *pi = __system_property_find2(name);
if (pi == NULL) {
PRINT_D("resetprop: failed to get [%s]\n", name);
PRINT_D("resetprop: prop [%s] does not exist\n", name);
return NULL;
}
char value[PROP_VALUE_MAX];
@@ -147,21 +143,37 @@ char *getprop(const char *name) {
return strdup(value);
}
static void (*cb)(const char *);
static void run_actual_cb(void* cookie, const char *name, const char *value, uint32_t serial) {
cb(name);
}
static void prop_foreach_cb(const prop_info* pi, void* cookie) {
__system_property_read_callback2(pi, run_actual_cb, NULL);
}
void getprop_all(void (*cbk)(const char *name)) {
if (init_resetprop()) return;
cb = cbk;
__system_property_foreach2(prop_foreach_cb, NULL);
}
int setprop(const char *name, const char *value) {
return setprop2(name, value, 1);
}
int setprop2(const char *name, const char *value, const int trigger) {
if (init_resetprop()) return -1;
int ret;
char *check = getprop(name);
if (check) {
free(check);
prop_info *pi = (prop_info*) __system_property_find2(name);
if (pi != NULL) {
if (trigger) {
if (!strncmp(name, "ro.", 3)) deleteprop(name);
if (!strncmp(name, "ro.", 3)) deleteprop(name, trigger);
ret = __system_property_set2(name, value);
} else {
ret = __system_property_update2((prop_info*) __system_property_find2(name), value, strlen(value));
ret = __system_property_update2(pi, value, strlen(value));
}
} else {
PRINT_D("resetprop: New prop [%s]\n", name);
@@ -181,16 +193,23 @@ int setprop2(const char *name, const char *value, const int trigger) {
return ret;
}
int deleteprop(const char *name) {
int deleteprop(const char *name, const int trigger) {
if (init_resetprop()) return -1;
PRINT_D("resetprop: deleteprop [%s]\n", name);
if (__system_property_del(name)) {
PRINT_E("resetprop: delete prop: [%s] error\n", name);
PRINT_D("resetprop: delete prop: [%s] error\n", name);
return -1;
}
if (trigger && strstr(name, "persist.")) {
char buffer[PATH_MAX];
snprintf(buffer, sizeof(buffer), "%s/%s", PERSISTENT_PROPERTY_DIR, name);
unlink(buffer);
}
return 0;
}
int read_prop_file(const char* filename, const int trigger) {
if (init_resetprop()) return -1;
PRINT_D("resetprop: Load prop file [%s]\n", filename);
FILE *fp = fopen(filename, "r");
if (fp == NULL) {
@@ -233,7 +252,7 @@ int read_prop_file(const char* filename, const int trigger) {
int resetprop_main(int argc, char *argv[]) {
int del = 0, file = 0, trigger = 1;
int exp_arg = 2;
char *name, *value, *filename;
@@ -277,12 +296,10 @@ int resetprop_main(int argc, char *argv[]) {
}
}
init_resetprop();
if (file) {
return read_prop_file(filename, trigger);
} else if (del) {
return deleteprop(name);
return deleteprop(name, trigger);
} else {
return setprop2(name, value, trigger);
}

8
jni/resetprop/system_properties.cpp
View File

@@ -1149,9 +1149,7 @@ int __system_properties_init2() {
if (initialized) {
// list_foreach(contexts, [](context_node* l) { l->reset_access(); }); // resetprop remove
// return 0; // resetprop remove
free_and_unmap_contexts(); // resetprop add
initialized = false; // resetprop add
return 0;
}
if (is_dir(property_filename)) {
if (!initialize_properties()) {
@@ -1207,7 +1205,7 @@ uint32_t __system_property_area_serial2() {
if (!pa) {
return -1;
}
// Make sure this read fulfilled before __system_property_serial2
// Make sure this read fulfilled before __system_property_serial
return atomic_load_explicit(pa->serial(), memory_order_acquire);
}
@@ -1298,7 +1296,7 @@ void __system_property_read_callback2(const prop_info* pi,
memcpy(value_buf, pi->value, len);
value_buf[len] = '\0';
// TODO: see todo in __system_property_read2 function
// TODO: see todo in __system_property_read function
atomic_thread_fence(memory_order_acquire);
if (serial == load_const_atomic(&(pi->serial), memory_order_relaxed)) {
callback(cookie, pi->name, value_buf, serial);

10
jni/resetprop/system_properties.h
View File

@@ -47,7 +47,7 @@ int __system_property_set2(const char* key, const char* value) __INTRODUCED_IN(1
/*
* Returns a `prop_info` corresponding system property `name`, or nullptr if it doesn't exist.
* Use __system_property_read_callback2 to query the current value.
* Use __system_property_read_callback to query the current value.
*
* Property lookup is expensive, so it can be useful to cache the result of this function.
*/
@@ -62,7 +62,7 @@ void __system_property_read_callback2(const prop_info *pi,
/*
* Passes a `prop_info` for each system property to the provided
* callback. Use __system_property_read_callback2() to read the value.
* callback. Use __system_property_read_callback() to read the value.
*
* This method is for inspecting and debugging the property system, and not generally useful.
*/
@@ -90,11 +90,11 @@ bool __system_property_wait2(const prop_info* pi,
/* Deprecated. In Android O and above, there's no limit on property name length. */
#define PROP_NAME_MAX 32
/* Deprecated. Use __system_property_read_callback2 instead. */
/* Deprecated. Use __system_property_read_callback instead. */
int __system_property_read2(const prop_info* pi, char* name, char* value);
/* Deprecated. Use __system_property_read_callback2 instead. */
/* Deprecated. Use __system_property_read_callback instead. */
int __system_property_get2(const char* name, char* value);
/* Deprecated. Use __system_property_foreach2 instead. */
/* Deprecated. Use __system_property_foreach instead. */
const prop_info* __system_property_find_nth2(unsigned n);
__END_DECLS

2
jni/selinux

Submodule jni/selinux updated: 0b14ed89aa...3d9b8bcb05

10
jni/sqlite3/Android.mk
View File

@@ -1,10 +0,0 @@
LOCAL_PATH:= $(call my-dir)
##
# libsqlite.so
#
include $(CLEAR_VARS)
LOCAL_MODULE:= libsqlite
LOCAL_SRC_FILES := sqlite3.c shell.c
include $(BUILD_SHARED_LIBRARY)

7387
jni/sqlite3/shell.c
View File

File diff suppressed because it is too large Load Diff

202113
jni/sqlite3/sqlite3.c
View File

File diff suppressed because it is too large Load Diff

564
jni/sqlite3/sqlite3ext.h
View File

@@ -1,564 +0,0 @@
/*
** 2006 June 7
**
** The author disclaims copyright to this source code. In place of
** a legal notice, here is a blessing:
**
** May you do good and not evil.
** May you find forgiveness for yourself and forgive others.
** May you share freely, never taking more than you give.
**
*************************************************************************
** This header file defines the SQLite interface for use by
** shared libraries that want to be imported as extensions into
** an SQLite instance. Shared libraries that intend to be loaded
** as extensions by SQLite should #include this file instead of
** sqlite3.h.
*/
#ifndef SQLITE3EXT_H
#define SQLITE3EXT_H
#include "sqlite3.h"
/*
** The following structure holds pointers to all of the SQLite API
** routines.
**
** WARNING: In order to maintain backwards compatibility, add new
** interfaces to the end of this structure only. If you insert new
** interfaces in the middle of this structure, then older different
** versions of SQLite will not be able to load each other's shared
** libraries!
*/
struct sqlite3_api_routines {
void * (*aggregate_context)(sqlite3_context*,int nBytes);
int (*aggregate_count)(sqlite3_context*);
int (*bind_blob)(sqlite3_stmt*,int,const void*,int n,void(*)(void*));
int (*bind_double)(sqlite3_stmt*,int,double);
int (*bind_int)(sqlite3_stmt*,int,int);
int (*bind_int64)(sqlite3_stmt*,int,sqlite_int64);
int (*bind_null)(sqlite3_stmt*,int);
int (*bind_parameter_count)(sqlite3_stmt*);
int (*bind_parameter_index)(sqlite3_stmt*,const char*zName);
const char * (*bind_parameter_name)(sqlite3_stmt*,int);
int (*bind_text)(sqlite3_stmt*,int,const char*,int n,void(*)(void*));
int (*bind_text16)(sqlite3_stmt*,int,const void*,int,void(*)(void*));
int (*bind_value)(sqlite3_stmt*,int,const sqlite3_value*);
int (*busy_handler)(sqlite3*,int(*)(void*,int),void*);
int (*busy_timeout)(sqlite3*,int ms);
int (*changes)(sqlite3*);
int (*close)(sqlite3*);
int (*collation_needed)(sqlite3*,void*,void(*)(void*,sqlite3*,
int eTextRep,const char*));
int (*collation_needed16)(sqlite3*,void*,void(*)(void*,sqlite3*,
int eTextRep,const void*));
const void * (*column_blob)(sqlite3_stmt*,int iCol);
int (*column_bytes)(sqlite3_stmt*,int iCol);
int (*column_bytes16)(sqlite3_stmt*,int iCol);
int (*column_count)(sqlite3_stmt*pStmt);
const char * (*column_database_name)(sqlite3_stmt*,int);
const void * (*column_database_name16)(sqlite3_stmt*,int);
const char * (*column_decltype)(sqlite3_stmt*,int i);
const void * (*column_decltype16)(sqlite3_stmt*,int);
double (*column_double)(sqlite3_stmt*,int iCol);
int (*column_int)(sqlite3_stmt*,int iCol);
sqlite_int64 (*column_int64)(sqlite3_stmt*,int iCol);
const char * (*column_name)(sqlite3_stmt*,int);
const void * (*column_name16)(sqlite3_stmt*,int);
const char * (*column_origin_name)(sqlite3_stmt*,int);
const void * (*column_origin_name16)(sqlite3_stmt*,int);
const char * (*column_table_name)(sqlite3_stmt*,int);
const void * (*column_table_name16)(sqlite3_stmt*,int);
const unsigned char * (*column_text)(sqlite3_stmt*,int iCol);
const void * (*column_text16)(sqlite3_stmt*,int iCol);
int (*column_type)(sqlite3_stmt*,int iCol);
sqlite3_value* (*column_value)(sqlite3_stmt*,int iCol);
void * (*commit_hook)(sqlite3*,int(*)(void*),void*);
int (*complete)(const char*sql);
int (*complete16)(const void*sql);
int (*create_collation)(sqlite3*,const char*,int,void*,
int(*)(void*,int,const void*,int,const void*));
int (*create_collation16)(sqlite3*,const void*,int,void*,
int(*)(void*,int,const void*,int,const void*));
int (*create_function)(sqlite3*,const char*,int,int,void*,
void (*xFunc)(sqlite3_context*,int,sqlite3_value**),
void (*xStep)(sqlite3_context*,int,sqlite3_value**),
void (*xFinal)(sqlite3_context*));
int (*create_function16)(sqlite3*,const void*,int,int,void*,
void (*xFunc)(sqlite3_context*,int,sqlite3_value**),
void (*xStep)(sqlite3_context*,int,sqlite3_value**),
void (*xFinal)(sqlite3_context*));
int (*create_module)(sqlite3*,const char*,const sqlite3_module*,void*);
int (*data_count)(sqlite3_stmt*pStmt);
sqlite3 * (*db_handle)(sqlite3_stmt*);
int (*declare_vtab)(sqlite3*,const char*);
int (*enable_shared_cache)(int);
int (*errcode)(sqlite3*db);
const char * (*errmsg)(sqlite3*);
const void * (*errmsg16)(sqlite3*);
int (*exec)(sqlite3*,const char*,sqlite3_callback,void*,char**);
int (*expired)(sqlite3_stmt*);
int (*finalize)(sqlite3_stmt*pStmt);
void (*free)(void*);
void (*free_table)(char**result);
int (*get_autocommit)(sqlite3*);
void * (*get_auxdata)(sqlite3_context*,int);
int (*get_table)(sqlite3*,const char*,char***,int*,int*,char**);
int (*global_recover)(void);
void (*interruptx)(sqlite3*);
sqlite_int64 (*last_insert_rowid)(sqlite3*);
const char * (*libversion)(void);
int (*libversion_number)(void);
void *(*malloc)(int);
char * (*mprintf)(const char*,...);
int (*open)(const char*,sqlite3**);
int (*open16)(const void*,sqlite3**);
int (*prepare)(sqlite3*,const char*,int,sqlite3_stmt**,const char**);
int (*prepare16)(sqlite3*,const void*,int,sqlite3_stmt**,const void**);
void * (*profile)(sqlite3*,void(*)(void*,const char*,sqlite_uint64),void*);
void (*progress_handler)(sqlite3*,int,int(*)(void*),void*);
void *(*realloc)(void*,int);
int (*reset)(sqlite3_stmt*pStmt);
void (*result_blob)(sqlite3_context*,const void*,int,void(*)(void*));
void (*result_double)(sqlite3_context*,double);
void (*result_error)(sqlite3_context*,const char*,int);
void (*result_error16)(sqlite3_context*,const void*,int);
void (*result_int)(sqlite3_context*,int);
void (*result_int64)(sqlite3_context*,sqlite_int64);
void (*result_null)(sqlite3_context*);
void (*result_text)(sqlite3_context*,const char*,int,void(*)(void*));
void (*result_text16)(sqlite3_context*,const void*,int,void(*)(void*));
void (*result_text16be)(sqlite3_context*,const void*,int,void(*)(void*));
void (*result_text16le)(sqlite3_context*,const void*,int,void(*)(void*));
void (*result_value)(sqlite3_context*,sqlite3_value*);
void * (*rollback_hook)(sqlite3*,void(*)(void*),void*);
int (*set_authorizer)(sqlite3*,int(*)(void*,int,const char*,const char*,
const char*,const char*),void*);
void (*set_auxdata)(sqlite3_context*,int,void*,void (*)(void*));
char * (*snprintf)(int,char*,const char*,...);
int (*step)(sqlite3_stmt*);
int (*table_column_metadata)(sqlite3*,const char*,const char*,const char*,
char const**,char const**,int*,int*,int*);
void (*thread_cleanup)(void);
int (*total_changes)(sqlite3*);
void * (*trace)(sqlite3*,void(*xTrace)(void*,const char*),void*);
int (*transfer_bindings)(sqlite3_stmt*,sqlite3_stmt*);
void * (*update_hook)(sqlite3*,void(*)(void*,int ,char const*,char const*,
sqlite_int64),void*);
void * (*user_data)(sqlite3_context*);
const void * (*value_blob)(sqlite3_value*);
int (*value_bytes)(sqlite3_value*);
int (*value_bytes16)(sqlite3_value*);
double (*value_double)(sqlite3_value*);
int (*value_int)(sqlite3_value*);
sqlite_int64 (*value_int64)(sqlite3_value*);
int (*value_numeric_type)(sqlite3_value*);
const unsigned char * (*value_text)(sqlite3_value*);
const void * (*value_text16)(sqlite3_value*);
const void * (*value_text16be)(sqlite3_value*);
const void * (*value_text16le)(sqlite3_value*);
int (*value_type)(sqlite3_value*);
char *(*vmprintf)(const char*,va_list);
/* Added ??? */
int (*overload_function)(sqlite3*, const char *zFuncName, int nArg);
/* Added by 3.3.13 */
int (*prepare_v2)(sqlite3*,const char*,int,sqlite3_stmt**,const char**);
int (*prepare16_v2)(sqlite3*,const void*,int,sqlite3_stmt**,const void**);
int (*clear_bindings)(sqlite3_stmt*);
/* Added by 3.4.1 */
int (*create_module_v2)(sqlite3*,const char*,const sqlite3_module*,void*,
void (*xDestroy)(void *));
/* Added by 3.5.0 */
int (*bind_zeroblob)(sqlite3_stmt*,int,int);
int (*blob_bytes)(sqlite3_blob*);
int (*blob_close)(sqlite3_blob*);
int (*blob_open)(sqlite3*,const char*,const char*,const char*,sqlite3_int64,
int,sqlite3_blob**);
int (*blob_read)(sqlite3_blob*,void*,int,int);
int (*blob_write)(sqlite3_blob*,const void*,int,int);
int (*create_collation_v2)(sqlite3*,const char*,int,void*,
int(*)(void*,int,const void*,int,const void*),
void(*)(void*));
int (*file_control)(sqlite3*,const char*,int,void*);
sqlite3_int64 (*memory_highwater)(int);
sqlite3_int64 (*memory_used)(void);
sqlite3_mutex *(*mutex_alloc)(int);
void (*mutex_enter)(sqlite3_mutex*);
void (*mutex_free)(sqlite3_mutex*);
void (*mutex_leave)(sqlite3_mutex*);
int (*mutex_try)(sqlite3_mutex*);
int (*open_v2)(const char*,sqlite3**,int,const char*);
int (*release_memory)(int);
void (*result_error_nomem)(sqlite3_context*);
void (*result_error_toobig)(sqlite3_context*);
int (*sleep)(int);
void (*soft_heap_limit)(int);
sqlite3_vfs *(*vfs_find)(const char*);
int (*vfs_register)(sqlite3_vfs*,int);
int (*vfs_unregister)(sqlite3_vfs*);
int (*xthreadsafe)(void);
void (*result_zeroblob)(sqlite3_context*,int);
void (*result_error_code)(sqlite3_context*,int);
int (*test_control)(int, ...);
void (*randomness)(int,void*);
sqlite3 *(*context_db_handle)(sqlite3_context*);
int (*extended_result_codes)(sqlite3*,int);
int (*limit)(sqlite3*,int,int);
sqlite3_stmt *(*next_stmt)(sqlite3*,sqlite3_stmt*);
const char *(*sql)(sqlite3_stmt*);
int (*status)(int,int*,int*,int);
int (*backup_finish)(sqlite3_backup*);
sqlite3_backup *(*backup_init)(sqlite3*,const char*,sqlite3*,const char*);
int (*backup_pagecount)(sqlite3_backup*);
int (*backup_remaining)(sqlite3_backup*);
int (*backup_step)(sqlite3_backup*,int);
const char *(*compileoption_get)(int);
int (*compileoption_used)(const char*);
int (*create_function_v2)(sqlite3*,const char*,int,int,void*,
void (*xFunc)(sqlite3_context*,int,sqlite3_value**),
void (*xStep)(sqlite3_context*,int,sqlite3_value**),
void (*xFinal)(sqlite3_context*),
void(*xDestroy)(void*));
int (*db_config)(sqlite3*,int,...);
sqlite3_mutex *(*db_mutex)(sqlite3*);
int (*db_status)(sqlite3*,int,int*,int*,int);
int (*extended_errcode)(sqlite3*);
void (*log)(int,const char*,...);
sqlite3_int64 (*soft_heap_limit64)(sqlite3_int64);
const char *(*sourceid)(void);
int (*stmt_status)(sqlite3_stmt*,int,int);
int (*strnicmp)(const char*,const char*,int);
int (*unlock_notify)(sqlite3*,void(*)(void**,int),void*);
int (*wal_autocheckpoint)(sqlite3*,int);
int (*wal_checkpoint)(sqlite3*,const char*);
void *(*wal_hook)(sqlite3*,int(*)(void*,sqlite3*,const char*,int),void*);
int (*blob_reopen)(sqlite3_blob*,sqlite3_int64);
int (*vtab_config)(sqlite3*,int op,...);
int (*vtab_on_conflict)(sqlite3*);
/* Version 3.7.16 and later */
int (*close_v2)(sqlite3*);
const char *(*db_filename)(sqlite3*,const char*);
int (*db_readonly)(sqlite3*,const char*);
int (*db_release_memory)(sqlite3*);
const char *(*errstr)(int);
int (*stmt_busy)(sqlite3_stmt*);
int (*stmt_readonly)(sqlite3_stmt*);
int (*stricmp)(const char*,const char*);
int (*uri_boolean)(const char*,const char*,int);
sqlite3_int64 (*uri_int64)(const char*,const char*,sqlite3_int64);
const char *(*uri_parameter)(const char*,const char*);
char *(*vsnprintf)(int,char*,const char*,va_list);
int (*wal_checkpoint_v2)(sqlite3*,const char*,int,int*,int*);
/* Version 3.8.7 and later */
int (*auto_extension)(void(*)(void));
int (*bind_blob64)(sqlite3_stmt*,int,const void*,sqlite3_uint64,
void(*)(void*));
int (*bind_text64)(sqlite3_stmt*,int,const char*,sqlite3_uint64,
void(*)(void*),unsigned char);
int (*cancel_auto_extension)(void(*)(void));
int (*load_extension)(sqlite3*,const char*,const char*,char**);
void *(*malloc64)(sqlite3_uint64);
sqlite3_uint64 (*msize)(void*);
void *(*realloc64)(void*,sqlite3_uint64);
void (*reset_auto_extension)(void);
void (*result_blob64)(sqlite3_context*,const void*,sqlite3_uint64,
void(*)(void*));
void (*result_text64)(sqlite3_context*,const char*,sqlite3_uint64,
void(*)(void*), unsigned char);
int (*strglob)(const char*,const char*);
/* Version 3.8.11 and later */
sqlite3_value *(*value_dup)(const sqlite3_value*);
void (*value_free)(sqlite3_value*);
int (*result_zeroblob64)(sqlite3_context*,sqlite3_uint64);
int (*bind_zeroblob64)(sqlite3_stmt*, int, sqlite3_uint64);
/* Version 3.9.0 and later */
unsigned int (*value_subtype)(sqlite3_value*);
void (*result_subtype)(sqlite3_context*,unsigned int);
/* Version 3.10.0 and later */
int (*status64)(int,sqlite3_int64*,sqlite3_int64*,int);
int (*strlike)(const char*,const char*,unsigned int);
int (*db_cacheflush)(sqlite3*);
/* Version 3.12.0 and later */
int (*system_errno)(sqlite3*);
/* Version 3.14.0 and later */
int (*trace_v2)(sqlite3*,unsigned,int(*)(unsigned,void*,void*,void*),void*);
char *(*expanded_sql)(sqlite3_stmt*);
/* Version 3.18.0 and later */
void (*set_last_insert_rowid)(sqlite3*,sqlite3_int64);
};
/*
** This is the function signature used for all extension entry points. It
** is also defined in the file "loadext.c".
*/
typedef int (*sqlite3_loadext_entry)(
sqlite3 *db, /* Handle to the database. */
char **pzErrMsg, /* Used to set error string on failure. */
const sqlite3_api_routines *pThunk /* Extension API function pointers. */
);
/*
** The following macros redefine the API routines so that they are
** redirected through the global sqlite3_api structure.
**
** This header file is also used by the loadext.c source file
** (part of the main SQLite library - not an extension) so that
** it can get access to the sqlite3_api_routines structure
** definition. But the main library does not want to redefine
** the API. So the redefinition macros are only valid if the
** SQLITE_CORE macros is undefined.
*/
#if !defined(SQLITE_CORE) && !defined(SQLITE_OMIT_LOAD_EXTENSION)
#define sqlite3_aggregate_context sqlite3_api->aggregate_context
#ifndef SQLITE_OMIT_DEPRECATED
#define sqlite3_aggregate_count sqlite3_api->aggregate_count
#endif
#define sqlite3_bind_blob sqlite3_api->bind_blob
#define sqlite3_bind_double sqlite3_api->bind_double
#define sqlite3_bind_int sqlite3_api->bind_int
#define sqlite3_bind_int64 sqlite3_api->bind_int64
#define sqlite3_bind_null sqlite3_api->bind_null
#define sqlite3_bind_parameter_count sqlite3_api->bind_parameter_count
#define sqlite3_bind_parameter_index sqlite3_api->bind_parameter_index
#define sqlite3_bind_parameter_name sqlite3_api->bind_parameter_name
#define sqlite3_bind_text sqlite3_api->bind_text
#define sqlite3_bind_text16 sqlite3_api->bind_text16
#define sqlite3_bind_value sqlite3_api->bind_value
#define sqlite3_busy_handler sqlite3_api->busy_handler
#define sqlite3_busy_timeout sqlite3_api->busy_timeout
#define sqlite3_changes sqlite3_api->changes
#define sqlite3_close sqlite3_api->close
#define sqlite3_collation_needed sqlite3_api->collation_needed
#define sqlite3_collation_needed16 sqlite3_api->collation_needed16
#define sqlite3_column_blob sqlite3_api->column_blob
#define sqlite3_column_bytes sqlite3_api->column_bytes
#define sqlite3_column_bytes16 sqlite3_api->column_bytes16
#define sqlite3_column_count sqlite3_api->column_count
#define sqlite3_column_database_name sqlite3_api->column_database_name
#define sqlite3_column_database_name16 sqlite3_api->column_database_name16
#define sqlite3_column_decltype sqlite3_api->column_decltype
#define sqlite3_column_decltype16 sqlite3_api->column_decltype16
#define sqlite3_column_double sqlite3_api->column_double
#define sqlite3_column_int sqlite3_api->column_int
#define sqlite3_column_int64 sqlite3_api->column_int64
#define sqlite3_column_name sqlite3_api->column_name
#define sqlite3_column_name16 sqlite3_api->column_name16
#define sqlite3_column_origin_name sqlite3_api->column_origin_name
#define sqlite3_column_origin_name16 sqlite3_api->column_origin_name16
#define sqlite3_column_table_name sqlite3_api->column_table_name
#define sqlite3_column_table_name16 sqlite3_api->column_table_name16
#define sqlite3_column_text sqlite3_api->column_text
#define sqlite3_column_text16 sqlite3_api->column_text16
#define sqlite3_column_type sqlite3_api->column_type
#define sqlite3_column_value sqlite3_api->column_value
#define sqlite3_commit_hook sqlite3_api->commit_hook
#define sqlite3_complete sqlite3_api->complete
#define sqlite3_complete16 sqlite3_api->complete16
#define sqlite3_create_collation sqlite3_api->create_collation
#define sqlite3_create_collation16 sqlite3_api->create_collation16
#define sqlite3_create_function sqlite3_api->create_function
#define sqlite3_create_function16 sqlite3_api->create_function16
#define sqlite3_create_module sqlite3_api->create_module
#define sqlite3_create_module_v2 sqlite3_api->create_module_v2
#define sqlite3_data_count sqlite3_api->data_count
#define sqlite3_db_handle sqlite3_api->db_handle
#define sqlite3_declare_vtab sqlite3_api->declare_vtab
#define sqlite3_enable_shared_cache sqlite3_api->enable_shared_cache
#define sqlite3_errcode sqlite3_api->errcode
#define sqlite3_errmsg sqlite3_api->errmsg
#define sqlite3_errmsg16 sqlite3_api->errmsg16
#define sqlite3_exec sqlite3_api->exec
#ifndef SQLITE_OMIT_DEPRECATED
#define sqlite3_expired sqlite3_api->expired
#endif
#define sqlite3_finalize sqlite3_api->finalize
#define sqlite3_free sqlite3_api->free
#define sqlite3_free_table sqlite3_api->free_table
#define sqlite3_get_autocommit sqlite3_api->get_autocommit
#define sqlite3_get_auxdata sqlite3_api->get_auxdata
#define sqlite3_get_table sqlite3_api->get_table
#ifndef SQLITE_OMIT_DEPRECATED
#define sqlite3_global_recover sqlite3_api->global_recover
#endif
#define sqlite3_interrupt sqlite3_api->interruptx
#define sqlite3_last_insert_rowid sqlite3_api->last_insert_rowid
#define sqlite3_libversion sqlite3_api->libversion
#define sqlite3_libversion_number sqlite3_api->libversion_number
#define sqlite3_malloc sqlite3_api->malloc
#define sqlite3_mprintf sqlite3_api->mprintf
#define sqlite3_open sqlite3_api->open
#define sqlite3_open16 sqlite3_api->open16
#define sqlite3_prepare sqlite3_api->prepare
#define sqlite3_prepare16 sqlite3_api->prepare16
#define sqlite3_prepare_v2 sqlite3_api->prepare_v2
#define sqlite3_prepare16_v2 sqlite3_api->prepare16_v2
#define sqlite3_profile sqlite3_api->profile
#define sqlite3_progress_handler sqlite3_api->progress_handler
#define sqlite3_realloc sqlite3_api->realloc
#define sqlite3_reset sqlite3_api->reset
#define sqlite3_result_blob sqlite3_api->result_blob
#define sqlite3_result_double sqlite3_api->result_double
#define sqlite3_result_error sqlite3_api->result_error
#define sqlite3_result_error16 sqlite3_api->result_error16
#define sqlite3_result_int sqlite3_api->result_int
#define sqlite3_result_int64 sqlite3_api->result_int64
#define sqlite3_result_null sqlite3_api->result_null
#define sqlite3_result_text sqlite3_api->result_text
#define sqlite3_result_text16 sqlite3_api->result_text16
#define sqlite3_result_text16be sqlite3_api->result_text16be
#define sqlite3_result_text16le sqlite3_api->result_text16le
#define sqlite3_result_value sqlite3_api->result_value
#define sqlite3_rollback_hook sqlite3_api->rollback_hook
#define sqlite3_set_authorizer sqlite3_api->set_authorizer
#define sqlite3_set_auxdata sqlite3_api->set_auxdata
#define sqlite3_snprintf sqlite3_api->snprintf
#define sqlite3_step sqlite3_api->step
#define sqlite3_table_column_metadata sqlite3_api->table_column_metadata
#define sqlite3_thread_cleanup sqlite3_api->thread_cleanup
#define sqlite3_total_changes sqlite3_api->total_changes
#define sqlite3_trace sqlite3_api->trace
#ifndef SQLITE_OMIT_DEPRECATED
#define sqlite3_transfer_bindings sqlite3_api->transfer_bindings
#endif
#define sqlite3_update_hook sqlite3_api->update_hook
#define sqlite3_user_data sqlite3_api->user_data
#define sqlite3_value_blob sqlite3_api->value_blob
#define sqlite3_value_bytes sqlite3_api->value_bytes
#define sqlite3_value_bytes16 sqlite3_api->value_bytes16
#define sqlite3_value_double sqlite3_api->value_double
#define sqlite3_value_int sqlite3_api->value_int
#define sqlite3_value_int64 sqlite3_api->value_int64
#define sqlite3_value_numeric_type sqlite3_api->value_numeric_type
#define sqlite3_value_text sqlite3_api->value_text
#define sqlite3_value_text16 sqlite3_api->value_text16
#define sqlite3_value_text16be sqlite3_api->value_text16be
#define sqlite3_value_text16le sqlite3_api->value_text16le
#define sqlite3_value_type sqlite3_api->value_type
#define sqlite3_vmprintf sqlite3_api->vmprintf
#define sqlite3_vsnprintf sqlite3_api->vsnprintf
#define sqlite3_overload_function sqlite3_api->overload_function
#define sqlite3_prepare_v2 sqlite3_api->prepare_v2
#define sqlite3_prepare16_v2 sqlite3_api->prepare16_v2
#define sqlite3_clear_bindings sqlite3_api->clear_bindings
#define sqlite3_bind_zeroblob sqlite3_api->bind_zeroblob
#define sqlite3_blob_bytes sqlite3_api->blob_bytes
#define sqlite3_blob_close sqlite3_api->blob_close
#define sqlite3_blob_open sqlite3_api->blob_open
#define sqlite3_blob_read sqlite3_api->blob_read
#define sqlite3_blob_write sqlite3_api->blob_write
#define sqlite3_create_collation_v2 sqlite3_api->create_collation_v2
#define sqlite3_file_control sqlite3_api->file_control
#define sqlite3_memory_highwater sqlite3_api->memory_highwater
#define sqlite3_memory_used sqlite3_api->memory_used
#define sqlite3_mutex_alloc sqlite3_api->mutex_alloc
#define sqlite3_mutex_enter sqlite3_api->mutex_enter
#define sqlite3_mutex_free sqlite3_api->mutex_free
#define sqlite3_mutex_leave sqlite3_api->mutex_leave
#define sqlite3_mutex_try sqlite3_api->mutex_try
#define sqlite3_open_v2 sqlite3_api->open_v2
#define sqlite3_release_memory sqlite3_api->release_memory
#define sqlite3_result_error_nomem sqlite3_api->result_error_nomem
#define sqlite3_result_error_toobig sqlite3_api->result_error_toobig
#define sqlite3_sleep sqlite3_api->sleep
#define sqlite3_soft_heap_limit sqlite3_api->soft_heap_limit
#define sqlite3_vfs_find sqlite3_api->vfs_find
#define sqlite3_vfs_register sqlite3_api->vfs_register
#define sqlite3_vfs_unregister sqlite3_api->vfs_unregister
#define sqlite3_threadsafe sqlite3_api->xthreadsafe
#define sqlite3_result_zeroblob sqlite3_api->result_zeroblob
#define sqlite3_result_error_code sqlite3_api->result_error_code
#define sqlite3_test_control sqlite3_api->test_control
#define sqlite3_randomness sqlite3_api->randomness
#define sqlite3_context_db_handle sqlite3_api->context_db_handle
#define sqlite3_extended_result_codes sqlite3_api->extended_result_codes
#define sqlite3_limit sqlite3_api->limit
#define sqlite3_next_stmt sqlite3_api->next_stmt
#define sqlite3_sql sqlite3_api->sql
#define sqlite3_status sqlite3_api->status
#define sqlite3_backup_finish sqlite3_api->backup_finish
#define sqlite3_backup_init sqlite3_api->backup_init
#define sqlite3_backup_pagecount sqlite3_api->backup_pagecount
#define sqlite3_backup_remaining sqlite3_api->backup_remaining
#define sqlite3_backup_step sqlite3_api->backup_step
#define sqlite3_compileoption_get sqlite3_api->compileoption_get
#define sqlite3_compileoption_used sqlite3_api->compileoption_used
#define sqlite3_create_function_v2 sqlite3_api->create_function_v2
#define sqlite3_db_config sqlite3_api->db_config
#define sqlite3_db_mutex sqlite3_api->db_mutex
#define sqlite3_db_status sqlite3_api->db_status
#define sqlite3_extended_errcode sqlite3_api->extended_errcode
#define sqlite3_log sqlite3_api->log
#define sqlite3_soft_heap_limit64 sqlite3_api->soft_heap_limit64
#define sqlite3_sourceid sqlite3_api->sourceid
#define sqlite3_stmt_status sqlite3_api->stmt_status
#define sqlite3_strnicmp sqlite3_api->strnicmp
#define sqlite3_unlock_notify sqlite3_api->unlock_notify
#define sqlite3_wal_autocheckpoint sqlite3_api->wal_autocheckpoint
#define sqlite3_wal_checkpoint sqlite3_api->wal_checkpoint
#define sqlite3_wal_hook sqlite3_api->wal_hook
#define sqlite3_blob_reopen sqlite3_api->blob_reopen
#define sqlite3_vtab_config sqlite3_api->vtab_config
#define sqlite3_vtab_on_conflict sqlite3_api->vtab_on_conflict
/* Version 3.7.16 and later */
#define sqlite3_close_v2 sqlite3_api->close_v2
#define sqlite3_db_filename sqlite3_api->db_filename
#define sqlite3_db_readonly sqlite3_api->db_readonly
#define sqlite3_db_release_memory sqlite3_api->db_release_memory
#define sqlite3_errstr sqlite3_api->errstr
#define sqlite3_stmt_busy sqlite3_api->stmt_busy
#define sqlite3_stmt_readonly sqlite3_api->stmt_readonly
#define sqlite3_stricmp sqlite3_api->stricmp
#define sqlite3_uri_boolean sqlite3_api->uri_boolean
#define sqlite3_uri_int64 sqlite3_api->uri_int64
#define sqlite3_uri_parameter sqlite3_api->uri_parameter
#define sqlite3_uri_vsnprintf sqlite3_api->vsnprintf
#define sqlite3_wal_checkpoint_v2 sqlite3_api->wal_checkpoint_v2
/* Version 3.8.7 and later */
#define sqlite3_auto_extension sqlite3_api->auto_extension
#define sqlite3_bind_blob64 sqlite3_api->bind_blob64
#define sqlite3_bind_text64 sqlite3_api->bind_text64
#define sqlite3_cancel_auto_extension sqlite3_api->cancel_auto_extension
#define sqlite3_load_extension sqlite3_api->load_extension
#define sqlite3_malloc64 sqlite3_api->malloc64
#define sqlite3_msize sqlite3_api->msize
#define sqlite3_realloc64 sqlite3_api->realloc64
#define sqlite3_reset_auto_extension sqlite3_api->reset_auto_extension
#define sqlite3_result_blob64 sqlite3_api->result_blob64
#define sqlite3_result_text64 sqlite3_api->result_text64
#define sqlite3_strglob sqlite3_api->strglob
/* Version 3.8.11 and later */
#define sqlite3_value_dup sqlite3_api->value_dup
#define sqlite3_value_free sqlite3_api->value_free
#define sqlite3_result_zeroblob64 sqlite3_api->result_zeroblob64
#define sqlite3_bind_zeroblob64 sqlite3_api->bind_zeroblob64
/* Version 3.9.0 and later */
#define sqlite3_value_subtype sqlite3_api->value_subtype
#define sqlite3_result_subtype sqlite3_api->result_subtype
/* Version 3.10.0 and later */
#define sqlite3_status64 sqlite3_api->status64
#define sqlite3_strlike sqlite3_api->strlike
#define sqlite3_db_cacheflush sqlite3_api->db_cacheflush
/* Version 3.12.0 and later */
#define sqlite3_system_errno sqlite3_api->system_errno
/* Version 3.14.0 and later */
#define sqlite3_trace_v2 sqlite3_api->trace_v2
#define sqlite3_expanded_sql sqlite3_api->expanded_sql
/* Version 3.18.0 and later */
#define sqlite3_set_last_insert_rowid sqlite3_api->set_last_insert_rowid
#endif /* !defined(SQLITE_CORE) && !defined(SQLITE_OMIT_LOAD_EXTENSION) */
#if !defined(SQLITE_CORE) && !defined(SQLITE_OMIT_LOAD_EXTENSION)
/* This case when the file really is being compiled as a loadable
** extension */
# define SQLITE_EXTENSION_INIT1 const sqlite3_api_routines *sqlite3_api=0;
# define SQLITE_EXTENSION_INIT2(v) sqlite3_api=v;
# define SQLITE_EXTENSION_INIT3 \
extern const sqlite3_api_routines *sqlite3_api;
#else
/* This case when the file is being statically linked into the
** application */
# define SQLITE_EXTENSION_INIT1 /*no-op*/
# define SQLITE_EXTENSION_INIT2(v) (void)v; /* unused parameter */
# define SQLITE_EXTENSION_INIT3 /*no-op*/
#endif
#endif /* SQLITE3EXT_H */

2
jni/su

Submodule jni/su updated: 1bbf96a0a7...c66632227b

212
jni/utils/img.c Normal file
View File

@@ -0,0 +1,212 @@
/* img.c - All image related functions
*/
#include <unistd.h>
#include <sys/types.h>
#include <sys/wait.h>
#include <sys/mount.h>
#include <linux/loop.h>
#include "magisk.h"
#include "utils.h"
static int e2fsck(const char *img) {
// Check and repair ext4 image
char buffer[128];
int pid, fd = -1;
pid = exec_command(1, &fd, NULL, "e2fsck", "-yf", img, NULL);
if (pid < 0)
return 1;
while (fdgets(buffer, sizeof(buffer), fd))
LOGD("magisk_img: %s", buffer);
waitpid(pid, NULL, 0);
close(fd);
return 0;
}
static char *loopsetup(const char *img) {
char device[20];
struct loop_info64 info;
int i, lfd, ffd;
memset(&info, 0, sizeof(info));
// First get an empty loop device
for (i = 0; i <= 7; ++i) {
sprintf(device, "/dev/block/loop%d", i);
lfd = xopen(device, O_RDWR);
if (ioctl(lfd, LOOP_GET_STATUS64, &info) == -1)
break;
close(lfd);
}
if (i == 8) return NULL;
ffd = xopen(img, O_RDWR);
if (ioctl(lfd, LOOP_SET_FD, ffd) == -1)
return NULL;
strcpy((char *) info.lo_file_name, img);
ioctl(lfd, LOOP_SET_STATUS64, &info);
close(lfd);
close(ffd);
return strdup(device);
}
int create_img(const char *img, int size) {
unlink(img);
LOGI("Create %s with size %dM\n", img, size);
// Create a temp file with the file contexts
char file_contexts[] = "/magisk(/.*)? u:object_r:system_file:s0\n";
// If not root, attempt to create in current diretory
char *filename = getuid() == UID_ROOT ? "/dev/file_contexts_image" : "file_contexts_image";
int ret, fd = xopen(filename, O_WRONLY | O_CREAT | O_TRUNC, 0644);
xwrite(fd, file_contexts, sizeof(file_contexts));
close(fd);
char buffer[16];
snprintf(buffer, sizeof(buffer), "%dM", size);
ret = exec_command_sync("make_ext4fs", "-l", buffer, "-a", "/magisk", "-S", filename, img, NULL);
if (ret < 0)
return 1;
unlink(filename);
return ret;
}
int get_img_size(const char *img, int *used, int *total) {
if (access(img, R_OK) == -1)
return 1;
char buffer[PATH_MAX];
int pid, fd = -1, status = 1;
pid = exec_command(1, &fd, NULL, "e2fsck", "-n", img, NULL);
if (pid < 0)
return 1;
while (fdgets(buffer, sizeof(buffer), fd)) {
if (strstr(buffer, img)) {
char *tok = strtok(buffer, ",");
while(tok != NULL) {
if (strstr(tok, "blocks")) {
status = 0;
break;
}
tok = strtok(NULL, ",");
}
if (status) continue;
sscanf(tok, "%d/%d", used, total);
*used = *used / 256 + 1;
*total /= 256;
break;
}
}
close(fd);
waitpid(pid, NULL, 0);
return 0;
}
int resize_img(const char *img, int size) {
LOGI("Resize %s to %dM\n", img, size);
if (e2fsck(img))
return 1;
char buffer[128];
int pid, status, fd = -1;
snprintf(buffer, sizeof(buffer), "%dM", size);
pid = exec_command(1, &fd, NULL, "resize2fs", img, buffer, NULL);
if (pid < 0)
return 1;
while (fdgets(buffer, sizeof(buffer), fd))
LOGD("magisk_img: %s", buffer);
close(fd);
waitpid(pid, &status, 0);
return WEXITSTATUS(status);
}
char *mount_image(const char *img, const char *target) {
if (access(img, F_OK) == -1)
return NULL;
if (access(target, F_OK) == -1) {
if (xmkdir(target, 0755) == -1) {
xmount(NULL, "/", NULL, MS_REMOUNT, NULL);
xmkdir(target, 0755);
xmount(NULL, "/", NULL, MS_REMOUNT | MS_RDONLY, NULL);
}
}
if (e2fsck(img))
return NULL;
char *device = loopsetup(img);
if (device)
xmount(device, target, "ext4", 0, NULL);
return device;
}
void umount_image(const char *target, const char *device) {
xumount(target);
int fd = xopen(device, O_RDWR);
ioctl(fd, LOOP_CLR_FD);
close(fd);
}
int merge_img(const char *source, const char *target) {
if (access(source, F_OK) == -1)
return 0;
if (access(target, F_OK) == -1) {
rename(source, target);
return 0;
}
char buffer[PATH_MAX];
// resize target to worst case
int s_used, s_total, t_used, t_total, n_total;
get_img_size(source, &s_used, &s_total);
get_img_size(target, &t_used, &t_total);
n_total = round_size(s_used + t_used);
if (n_total != t_total)
resize_img(target, n_total);
xmkdir(SOURCE_TMP, 0755);
xmkdir(TARGET_TMP, 0755);
char *s_loop, *t_loop;
s_loop = mount_image(source, SOURCE_TMP);
if (s_loop == NULL) return 1;
t_loop = mount_image(target, TARGET_TMP);
if (t_loop == NULL) return 1;
DIR *dir;
struct dirent *entry;
if (!(dir = opendir(SOURCE_TMP)))
return 1;
while ((entry = xreaddir(dir))) {
if (entry->d_type == DT_DIR) {
if (strcmp(entry->d_name, ".") == 0 ||
strcmp(entry->d_name, "..") == 0 ||
strcmp(entry->d_name, ".core") == 0 ||
strcmp(entry->d_name, "lost+found") == 0)
continue;
// Cleanup old module if exists
snprintf(buffer, sizeof(buffer), "%s/%s", TARGET_TMP, entry->d_name);
if (access(buffer, F_OK) == 0) {
LOGI("Upgrade module: %s\n", entry->d_name);
exec_command_sync(BBPATH "/rm", "-rf", buffer, NULL);
} else {
LOGI("New module: %s\n", entry->d_name);
}
}
}
closedir(dir);
cp_afc(SOURCE_TMP, TARGET_TMP);
// Unmount all loop devices
umount_image(SOURCE_TMP, s_loop);
umount_image(TARGET_TMP, t_loop);
rmdir(SOURCE_TMP);
rmdir(TARGET_TMP);
free(s_loop);
free(t_loop);
unlink(source);
return 0;
}
void trim_img(const char *img) {
int used, total, new_size;
get_img_size(img, &used, &total);
new_size = round_size(used);
if (new_size != total)
resize_img(img, new_size);
}

8
jni/utils/list.c
View File

@@ -24,15 +24,19 @@ void list_insert_end(struct list_head *head, struct list_head *node) {
list_insert(head->prev, node);
}
void list_pop(struct list_head *pos) {
struct list_head *list_pop(struct list_head *pos) {
struct list_head *ret;
ret = pos->prev;
// Maintain the list
pos->prev->next = pos->next;
pos->next->prev = pos->prev;
// Remove references
pos->next = pos;
pos->prev = pos;
// Return the previous node in the list
return ret;
}
void list_pop_end(struct list_head *head) {
struct list_head *list_pop_end(struct list_head *head) {
return list_pop(head->prev);
}

30
jni/utils/list.h
View File

@@ -1,30 +0,0 @@
/* list.h - Double link list implementation
*/
#ifndef _LIST_H_
#define _LIST_H_
#include <stddef.h>
struct list_head {
struct list_head *next;
struct list_head *prev;
};
void init_list_head(struct list_head *head);
void list_insert(struct list_head *pos, struct list_head *node);
void list_insert_end(struct list_head *head, struct list_head *node);
void list_pop(struct list_head *pos);
void list_pop_end(struct list_head *head);
#define list_entry(ptr, type, member) ({ \
const typeof( ((type *)0)->member ) *__mptr = (ptr); \
(type *)( (char *)__mptr - offsetof(type,member) );})
#define list_for_each(pos, head) \
for (pos = (head)->next; pos != (head); pos = pos->next)
#define list_for_each_r(pos, head) \
for (pos = (head)->prev; pos != (head); pos = pos->prev)
#endif

272
jni/utils/misc.c
View File

@@ -5,6 +5,7 @@
#include <string.h>
#include <stdio.h>
#include <stdlib.h>
#include <stdarg.h>
#include <dirent.h>
#include <unistd.h>
#include <fcntl.h>
@@ -69,7 +70,7 @@ int file_to_vector(const char* filename, struct vector *v) {
size_t len = 0;
ssize_t read;
FILE *fp = fopen(filename, "r");
FILE *fp = xfopen(filename, "r");
if (fp == NULL)
return 1;
@@ -97,7 +98,7 @@ int vector_to_file(const char *filename, struct vector *v) {
}
/* Check if the string only contains digits */
int isNum(const char *s) {
static int is_num(const char *s) {
int len = strlen(s);
for (int i = 0; i < len; ++i)
if (s[i] < '0' || s[i] > '9')
@@ -129,11 +130,11 @@ void ps(void (*func)(int)) {
while ((entry = xreaddir(dir))) {
if (entry->d_type == DT_DIR) {
if (isNum(entry->d_name))
if (is_num(entry->d_name))
func(atoi(entry->d_name));
}
}
closedir(dir);
}
@@ -183,7 +184,7 @@ int create_links(const char *bin, const char *path) {
#define DEV_BLOCK "/dev/block"
void unlock_blocks() {
void unlock_blocks() {
char path[PATH_MAX];
DIR *dir;
struct dirent *entry;
@@ -221,39 +222,88 @@ void setup_sighandlers(void (*handler)(int)) {
/*
fd == NULL -> Ignore output
*fd == 0 -> Open pipe and set *fd to the read end
*fd != 0 -> STDOUT (or STDERR) will be redirected to *fd
*fd < 0 -> Open pipe and set *fd to the read end
*fd >= 0 -> STDOUT (or STDERR) will be redirected to *fd
*cb -> A callback function which runs after fork
*/
int run_command(int err, int *fd, const char *path, char *const argv[]) {
int pipefd[2], writeEnd = 0;
static int v_exec_command(int err, int *fd, void (*setupenv)(struct vector*), const char *argv0, va_list argv) {
int pipefd[2], writeEnd = -1;
if (fd) {
if (*fd == 0) {
if (pipe(pipefd) == -1)
if (*fd < 0) {
if (xpipe2(pipefd, O_CLOEXEC) == -1)
return -1;
writeEnd = pipefd[1];
// Give the read end of the pipe
*fd = pipefd[0];
} else {
writeEnd = *fd;
}
}
// Collect va_list into vector
struct vector args;
vec_init(&args);
vec_push_back(&args, strdup(argv0));
for (void *arg = va_arg(argv, void*); arg; arg = va_arg(argv, void*))
vec_push_back(&args, strdup(arg));
vec_push_back(&args, NULL);
// Setup environment
char *const *envp;
struct vector env;
vec_init(&env);
if (setupenv) {
setupenv(&env);
envp = (char **) vec_entry(&env);
} else {
extern char **environ;
envp = environ;
}
int pid = fork();
if (pid != 0) {
if (writeEnd) close(writeEnd);
if (fd && *fd < 0) {
// Give the read end and close write end
*fd = pipefd[0];
close(pipefd[1]);
}
vec_deep_destroy(&args);
vec_deep_destroy(&env);
return pid;
}
// Don't return to the daemon if anything goes wrong
err_handler = exit_proc;
if (fd) {
if (writeEnd == 0) writeEnd = *fd;
xdup2(writeEnd, STDOUT_FILENO);
if (err) xdup2(writeEnd, STDERR_FILENO);
}
execv(path, argv);
PLOGE("execv");
execvpe(argv0, (char **) vec_entry(&args), envp);
PLOGE("execvpe");
return -1;
}
int exec_command_sync(char *const argv0, ...) {
va_list argv;
va_start(argv, argv0);
int pid, status;
pid = v_exec_command(0, NULL, NULL, argv0, argv);
va_end(argv);
if (pid < 0)
return pid;
waitpid(pid, &status, 0);
return WEXITSTATUS(status);
}
int exec_command(int err, int *fd, void (*setupenv)(struct vector*), const char *argv0, ...) {
va_list argv;
va_start(argv, argv0);
int pid = v_exec_command(err, fd, setupenv, argv0, argv);
va_end(argv);
return pid;
}
int mkdir_p(const char *pathname, mode_t mode) {
char *path = strdup(pathname), *p;
errno = 0;
@@ -277,11 +327,11 @@ int mkdir_p(const char *pathname, mode_t mode) {
int bind_mount(const char *from, const char *to) {
int ret = xmount(from, to, NULL, MS_BIND, NULL);
#ifdef DEBUG
#ifdef MAGISK_DEBUG
LOGD("bind_mount: %s -> %s\n", from, to);
#else
#else
LOGI("bind_mount: %s\n", to);
#endif
#endif
return ret;
}
@@ -289,113 +339,60 @@ int open_new(const char *filename) {
return xopen(filename, O_WRONLY | O_CREAT | O_TRUNC, 0644);
}
// file/link -> file/link only!!
int cp_afc(const char *source, const char *target) {
struct stat buf;
xlstat(source, &buf);
unlink(target);
char *con;
if (S_ISREG(buf.st_mode)) {
int sfd, tfd;
sfd = xopen(source, O_RDONLY);
tfd = xopen(target, O_WRONLY | O_CREAT | O_TRUNC);
xsendfile(tfd, sfd, NULL, buf.st_size);
fchmod(tfd, buf.st_mode & 0777);
fchown(tfd, buf.st_uid, buf.st_gid);
fgetfilecon(sfd, &con);
fsetfilecon(tfd, con);
free(con);
close(sfd);
close(tfd);
} else if (S_ISLNK(buf.st_mode)) {
char buffer[PATH_MAX];
xreadlink(source, buffer, sizeof(buffer));
xsymlink(buffer, target);
lgetfilecon(source, &con);
lsetfilecon(target, con);
free(con);
} else {
return 1;
}
return 0;
}
int clone_dir(const char *source, const char *target) {
DIR *dir;
struct dirent *entry;
char *s_path, *t_path;
if (!(dir = xopendir(source)))
return 1;
s_path = xmalloc(PATH_MAX);
t_path = xmalloc(PATH_MAX);
mkdir_p(target, 0755);
clone_attr(source, target);
while ((entry = xreaddir(dir))) {
if (strcmp(entry->d_name, ".") == 0 || strcmp(entry->d_name, "..") == 0)
continue;
snprintf(s_path, PATH_MAX, "%s/%s", source, entry->d_name);
snprintf(t_path, PATH_MAX, "%s/%s", target, entry->d_name);
switch (entry->d_type) {
case DT_DIR:
clone_dir(s_path, t_path);
break;
case DT_REG:
case DT_LNK:
cp_afc(s_path, t_path);
break;
}
}
free(s_path);
free(t_path);
closedir(dir);
return 0;
}
int rm_rf(const char *target) {
if (access(target, F_OK) == -1)
return 0;
struct stat buf;
xlstat(target, &buf);
char *next;
if (S_ISDIR(buf.st_mode)) {
DIR *dir;
struct dirent *entry;
if (!(dir = xopendir(target)))
char *s_path, *t_path;
if (!(dir = xopendir(source)))
return 1;
next = xmalloc(PATH_MAX);
s_path = xmalloc(PATH_MAX);
t_path = xmalloc(PATH_MAX);
mkdir_p(target, 0755);
clone_attr(source, target);
while ((entry = xreaddir(dir))) {
if (strcmp(entry->d_name, ".") == 0 || strcmp(entry->d_name, "..") == 0)
continue;
snprintf(next, PATH_MAX, "%s/%s", target, entry->d_name);
switch (entry->d_type) {
case DT_DIR:
rm_rf(next);
break;
case DT_REG:
case DT_LNK:
unlink(next);
break;
}
snprintf(s_path, PATH_MAX, "%s/%s", source, entry->d_name);
snprintf(t_path, PATH_MAX, "%s/%s", target, entry->d_name);
cp_afc(s_path, t_path);
}
free(next);
free(s_path);
free(t_path);
closedir(dir);
rmdir(target);
} else if (S_ISREG(buf.st_mode) || S_ISLNK(buf.st_mode)) {
} else{
unlink(target);
} else {
return 1;
if (S_ISREG(buf.st_mode)) {
int sfd, tfd;
sfd = xopen(source, O_RDONLY);
tfd = xopen(target, O_WRONLY | O_CREAT | O_TRUNC);
xsendfile(tfd, sfd, NULL, buf.st_size);
fclone_attr(sfd, tfd);
close(sfd);
close(tfd);
} else if (S_ISLNK(buf.st_mode)) {
char buffer[PATH_MAX];
xreadlink(source, buffer, sizeof(buffer));
xsymlink(buffer, target);
clone_attr(source, target);
} else {
return 1;
}
}
return 0;
}
void clone_attr(const char *source, const char *target) {
struct stat buf;
xstat(source, &buf);
lstat(target, &buf);
chmod(target, buf.st_mode & 0777);
chown(target, buf.st_uid, buf.st_gid);
char *con;
@@ -404,62 +401,23 @@ void clone_attr(const char *source, const char *target) {
free(con);
}
void fclone_attr(const int sourcefd, const int targetfd) {
struct stat buf;
fstat(sourcefd, &buf);
fchmod(targetfd, buf.st_mode & 0777);
fchown(targetfd, buf.st_uid, buf.st_gid);
char *con;
fgetfilecon(sourcefd, &con);
fsetfilecon(targetfd, con);
free(con);
}
void get_client_cred(int fd, struct ucred *cred) {
socklen_t ucred_length = sizeof(*cred);
if(getsockopt(fd, SOL_SOCKET, SO_PEERCRED, cred, &ucred_length))
PLOGE("getsockopt");
}
int create_img(const char *img, int size) {
unlink(img);
LOGI("Create %s with size %dM\n", img, size);
// Create a temp file with the file contexts
char file_contexts[] = "/magisk(/.*)? u:object_r:system_file:s0\n";
int fd = xopen("/dev/file_contexts_image", O_WRONLY | O_CREAT | O_TRUNC, 0644);
xwrite(fd, file_contexts, sizeof(file_contexts));
close(fd);
char command[PATH_MAX];
snprintf(command, sizeof(command),
"make_ext4fs -l %dM -a /magisk -S /dev/file_contexts_image %s", size, img);
int ret = system(command);
unlink("/dev/file_contexts_image");
return ret;
}
int get_img_size(const char *img, int *used, int *total) {
if (access(img, R_OK) == -1)
return 1;
char buffer[PATH_MAX];
snprintf(buffer, sizeof(buffer), "e2fsck -n %s 2>/dev/null | tail -n 1", img);
char *const command[] = { "sh", "-c", buffer, NULL };
int pid, fd = 0;
pid = run_command(0, &fd, "/system/bin/sh", command);
fdgets(buffer, sizeof(buffer), fd);
close(fd);
if (pid == -1)
return 1;
waitpid(pid, NULL, 0);
char *tok;
tok = strtok(buffer, ",");
while(tok != NULL) {
if (strstr(tok, "blocks"))
break;
tok = strtok(NULL, ",");
}
sscanf(tok, "%d/%d", used, total);
*used = *used / 256 + 1;
*total /= 256;
return 0;
}
int resize_img(const char *img, int size) {
LOGI("Resize %s to %dM\n", img, size);
char buffer[PATH_MAX];
snprintf(buffer, PATH_MAX, "e2fsck -yf %s; resize2fs %s %dM;", img, img, size);
return system(buffer);
}
int switch_mnt_ns(int pid) {
char mnt[32];
snprintf(mnt, sizeof(mnt), "/proc/%d/ns/mnt", pid);

12
jni/utils/xwrap.c
View File

@@ -82,10 +82,10 @@ ssize_t xxread(int fd, void *buf, size_t count) {
return ret;
}
int xpipe(int pipefd[2]) {
int ret = pipe(pipefd);
int xpipe2(int pipefd[2], int flags) {
int ret = pipe2(pipefd, flags);
if (ret == -1) {
PLOGE("pipe");
PLOGE("pipe2");
}
return ret;
}
@@ -155,8 +155,8 @@ int xlisten(int sockfd, int backlog) {
return ret;
}
int xaccept(int sockfd, struct sockaddr *addr, socklen_t *addrlen) {
int fd = accept(sockfd, addr, addrlen);
int xaccept4(int sockfd, struct sockaddr *addr, socklen_t *addrlen, int flags) {
int fd = accept4(sockfd, addr, addrlen, flags);
if (fd == -1) {
PLOGE("accept");
}
@@ -307,7 +307,7 @@ int xrename(const char *oldpath, const char *newpath) {
int xmkdir(const char *pathname, mode_t mode) {
int ret = mkdir(pathname, mode);
if (ret == -1) {
if (ret == -1 && errno != EEXIST) {
PLOGE("mkdir %s %u", pathname, mode);
}
return ret;

97
scripts/addon.d.sh Normal file
View File

@@ -0,0 +1,97 @@
#!/sbin/sh
##########################################################################################
#
# Magisk Survival Script for ROMs with addon.d support
# by topjohnwu
#
# Inspired by 99-flashafterupdate.sh of osm0sis @ xda-developers
#
##########################################################################################
. /tmp/backuptool.functions
main() {
# Magisk binaries
MAGISKBIN=/data/magisk
# This script always run in recovery
BOOTMODE=false
if [ ! -d $MAGISKBIN ]; then
echo "! Cannot find Magisk binaries!"
exit 1
fi
# Wait for post addon.d processes to finish
sleep 5
mount -o ro /system 2>/dev/null
mount -o ro /vendor 2>/dev/null
mount /data 2>/dev/null
# Load utility functions
. $MAGISKBIN/util_functions.sh
[ -f /system/build.prop ] || abort "! /system could not be mounted!"
ui_print "************************"
ui_print "* Magisk v$MAGISK_VER addon.d"
ui_print "************************"
api_level_arch_detect
# Check if system root is installed and remove
remove_system_su
recovery_actions
find_boot_image
[ -z $BOOTIMAGE ] && abort "! Unable to detect boot image"
ui_print "- Found Boot Image: $BOOTIMAGE"
SOURCEDMODE=true
cd $MAGISKBIN
# Source the boot patcher
. $MAGISKBIN/boot_patch.sh "$BOOTIMAGE"
[ -f stock_boot* ] && rm -f /data/stock_boot* 2>/dev/null
ui_print "- Flashing new boot image"
if [ -L "$BOOTIMAGE" ]; then
dd if=new-boot.img of="$BOOTIMAGE" bs=4096
else
cat new-boot.img /dev/zero | dd of="$BOOTIMAGE" bs=4096 >/dev/null 2>&1
fi
rm -f new-boot.img
cd /
recovery_cleanup
ui_print "- Done"
exit 0
}
case "$1" in
backup)
# Stub
;;
restore)
# Stub
;;
pre-backup)
# Stub
;;
post-backup)
# Stub
;;
pre-restore)
# Stub
;;
post-restore)
# Get the FD for ui_print
OUTFD=`ps | grep -v grep | grep -oE "update(.*)" | cut -d" " -f3`
# Run the main function in a parallel subshell
(main) &
;;
esac

171
scripts/boot_patch.sh
View File

@@ -3,43 +3,31 @@
#
# Magisk Boot Image Patcher
# by topjohnwu
#
# This script should be placed in a directory with at least the following files:
#
#
# This script should be placed in a directory with the following files:
#
# File name type Description
#
#
# boot_patch.sh script A script to patch boot. Expect path to boot image as parameter.
# (this file) The script will use binaries and files in its same directory
# to complete the patching process
# magisk binary The main binary for all Magisk operations.
# It is also used to patch the sepolicy in the ramdisk.
# magiskboot binary A tool to unpack boot image, decompress ramdisk, extract ramdisk
# and patch common patches such as forceencrypt, remove dm-verity.
# , and patch the ramdisk for Magisk support
# init.magisk.rc script A new line will be added to init.rc to import this script.
# All magisk entrypoints are defined here
#
# chromeos folder This folder should store all the utilities and keys to sign
# (optional) a chromeos device, used in the tablet Pixel C
#
# If the script is not running as root, then the input boot image should be a stock image
# or have a backup included in ramdisk internally, since we cannot access the stock boot
# image placed under /data we've created when previously installing
#
##########################################################################################
CWD=`pwd`
cd `dirname $1`
BOOTIMAGE="`pwd`/`basename $1`"
cd "$CWD"
if [ -z $BOOTIMAGE ]; then
ui_print_wrap "This script requires a boot image as a parameter"
exit 1
fi
# Presets
[ -z $KEEPVERITY ] && KEEPVERITY=false
[ -z $KEEPFORCEENCRYPT ] && KEEPFORCEENCRYPT=false
# Detect whether running as root
[ `id -u` -eq 0 ] && ROOT=true || ROOT=false
##########################################################################################
# Functions
##########################################################################################
# Call ui_print_wrap if exists, or else simply use echo
# Useful when wrapped in flashable zip
@@ -47,6 +35,36 @@ ui_print_wrap() {
type ui_print >/dev/null 2>&1 && ui_print "$1" || echo "$1"
}
# Call abort if exists, or else show error message and exit
# Essential when wrapped in flashable zip
abort_wrap() {
type abort >/dev/null 2>&1
if [ $? -ne 0 ]; then
ui_print_wrap "$1"
exit 1
else
abort "$1"
fi
}
# Pure bash dirname implementation
dirname_wrap() {
case "$1" in
*/*)
dir=${1%/*}
[ -z $dir ] && echo "/" || echo $dir
;;
*)
echo "."
;;
esac
}
# Pure bash basename implementation
basename_wrap() {
echo ${1##*/}
}
grep_prop() {
REGEX="s/^$1=//p"
shift
@@ -59,47 +77,68 @@ grep_prop() {
# --cpio-add <incpio> <mode> <entry> <infile>
cpio_add() {
LD_LIBRARY_PATH=$SYSTEMLIB ./magiskboot --cpio-add ramdisk.cpio $1 $2 $3
./magiskboot --cpio-add ramdisk.cpio $1 $2 $3
}
# --cpio-extract <incpio> <entry> <outfile>
cpio_extract() {
LD_LIBRARY_PATH=$SYSTEMLIB ./magiskboot --cpio-extract ramdisk.cpio $1 $2
./magiskboot --cpio-extract ramdisk.cpio $1 $2
}
# --cpio-mkdir <incpio> <mode> <entry>
cpio_mkdir() {
LD_LIBRARY_PATH=$SYSTEMLIB ./magiskboot --cpio-mkdir ramdisk.cpio $1 $2
./magiskboot --cpio-mkdir ramdisk.cpio $1 $2
}
##########################################################################################
# Prework
# Initialization
##########################################################################################
# Switch to the location of the script file
[ -z $SOURCEDMODE ] && cd "`dirname "${BASH_SOURCE:-$0}"`"
chmod +x ./*
[ -z $1 ] && abort_wrap "This script requires a boot image as a parameter"
# Detect ARCH
[ -d /system/lib64 ] && SYSTEMLIB=/system/lib64 || SYSTEMLIB=/system/lib
cwd=`pwd`
cd "`dirname_wrap $1`"
BOOTIMAGE="`pwd`/`basename_wrap $1`"
cd $cwd
[ -e "$BOOTIMAGE" ] || abort_wrap "$BOOTIMAGE does not exist!"
# Presets
[ -z $KEEPVERITY ] && KEEPVERITY=false
[ -z $KEEPFORCEENCRYPT ] && KEEPFORCEENCRYPT=false
# Detect whether running as root
id | grep "uid=0" >/dev/null 2>&1 && ROOT=true || ROOT=false
# Switch to the location of the script file
[ -z $SOURCEDMODE ] && cd "`dirname_wrap "${BASH_SOURCE:-$0}"`"
chmod -R 755 .
##########################################################################################
# Unpack
##########################################################################################
migrate_boot_backup
CHROMEOS=false
ui_print_wrap "- Unpacking boot image"
LD_LIBRARY_PATH=$SYSTEMLIB ./magiskboot --unpack $BOOTIMAGE
./magiskboot --unpack "$BOOTIMAGE"
case $? in
1 )
ui_print_wrap "! Unable to unpack boot image"
exit 1
abort_wrap "! Unable to unpack boot image"
;;
2 )
ui_print_wrap "! Sony ELF32 format detected"
ui_print_wrap "! Please use BootBridge from @AdrianDC to flash Magisk"
exit 1
CHROMEOS=true
;;
3 )
ui_print_wrap "! Sony ELF32 format detected"
abort_wrap "! Please use BootBridge from @AdrianDC to flash Magisk"
;;
4 )
ui_print_wrap "! Sony ELF64 format detected"
ui_print_wrap "! Stock kernel cannot be patched, please use a custom kernel"
exit 1
abort_wrap "! Stock kernel cannot be patched, please use a custom kernel"
esac
##########################################################################################
@@ -108,28 +147,23 @@ esac
# Test patch status and do restore, after this section, ramdisk.cpio.orig is guaranteed to exist
ui_print_wrap "- Checking ramdisk status"
LD_LIBRARY_PATH=$SYSTEMLIB ./magiskboot --cpio-test ramdisk.cpio
./magiskboot --cpio-test ramdisk.cpio
case $? in
0 ) # Stock boot
ui_print_wrap "- Stock boot image detected!"
ui_print_wrap "- Backing up stock boot image"
SHA1=`LD_LIBRARY_PATH=$SYSTEMLIB ./magiskboot --sha1 $BOOTIMAGE | tail -n 1`
SHA1=`./magiskboot --sha1 "$BOOTIMAGE" 2>/dev/null`
STOCKDUMP=stock_boot_${SHA1}.img
dd if=$BOOTIMAGE of=$STOCKDUMP
LD_LIBRARY_PATH=$SYSTEMLIB ./magiskboot --compress $STOCKDUMP
dd if="$BOOTIMAGE" of=$STOCKDUMP
./magiskboot --compress $STOCKDUMP
cp -af ramdisk.cpio ramdisk.cpio.orig
;;
1 ) # Magisk patched
ui_print_wrap "- Magisk patched image detected!"
# Find SHA1 of stock boot image
if [ -z $SHA1 ]; then
LD_LIBRARY_PATH=$SYSTEMLIB ./magiskboot --cpio-extract ramdisk.cpio init.magisk.rc init.magisk.rc.old
SHA1=`grep_prop "# STOCKSHA1" init.magisk.rc.old`
rm -f init.magisk.rc.old
fi
[ -z $SHA1 ] && SHA1=`./magiskboot --cpio-stocksha1 ramdisk.cpio 2>/dev/null`
OK=false
LD_LIBRARY_PATH=$SYSTEMLIB ./magiskboot --cpio-restore ramdisk.cpio
./magiskboot --cpio-restore ramdisk.cpio
if [ $? -eq 0 ]; then
ui_print_wrap "- Ramdisk restored from internal backup"
OK=true
@@ -141,8 +175,8 @@ case $? in
STOCKDUMP=/data/stock_boot_${SHA1}.img
if [ -f ${STOCKDUMP}.gz ]; then
ui_print_wrap "- Stock boot image backup found"
LD_LIBRARY_PATH=$SYSTEMLIB ./magiskboot --decompress ${STOCKDUMP}.gz stock_boot.img
LD_LIBRARY_PATH=$SYSTEMLIB ./magiskboot --unpack stock_boot.img
./magiskboot --decompress ${STOCKDUMP}.gz stock_boot.img
./magiskboot --unpack stock_boot.img
rm -f stock_boot.img
OK=true
fi
@@ -156,8 +190,7 @@ case $? in
;;
2 ) # Other patched
ui_print_wrap "! Boot image patched by other programs!"
ui_print_wrap "! Please restore stock boot image"
exit 1
abort_wrap "! Please restore stock boot image"
;;
esac
@@ -167,20 +200,12 @@ esac
ui_print_wrap "- Patching ramdisk"
# The common patches
$KEEPVERITY || LD_LIBRARY_PATH=$SYSTEMLIB ./magiskboot --cpio-patch-dmverity ramdisk.cpio
$KEEPFORCEENCRYPT || LD_LIBRARY_PATH=$SYSTEMLIB ./magiskboot --cpio-patch-forceencrypt ramdisk.cpio
# Add magisk entrypoint
cpio_extract init.rc init.rc
grep "import /init.magisk.rc" init.rc >/dev/null || sed -i '1,/.*import.*/s/.*import.*/import \/init.magisk.rc\n&/' init.rc
sed -i "/selinux.reload_policy/d" init.rc
cpio_add 750 init.rc init.rc
rm -f init.rc
./magiskboot --cpio-patch ramdisk.cpio $KEEPVERITY $KEEPFORCEENCRYPT
# sepolicy patches
cpio_extract sepolicy sepolicy
LD_LIBRARY_PATH=$SYSTEMLIB ./magisk magiskpolicy --load sepolicy --save sepolicy --minimal
./magisk magiskpolicy --load sepolicy --save sepolicy --minimal
cpio_add 644 sepolicy sepolicy
rm -f sepolicy
@@ -190,11 +215,11 @@ if [ ! -z $SHA1 ]; then
echo "# STOCKSHA1=$SHA1" >> init.magisk.rc
fi
cpio_add 750 init.magisk.rc init.magisk.rc
[ -f init.magisk.rc.bak ] && mv init.magisk.rc.bak init.magisk.rc
mv init.magisk.rc.bak init.magisk.rc 2>/dev/null
cpio_add 755 sbin/magisk magisk
# Create ramdisk backups
LD_LIBRARY_PATH=$SYSTEMLIB ./magiskboot --cpio-backup ramdisk.cpio ramdisk.cpio.orig
./magiskboot --cpio-backup ramdisk.cpio ramdisk.cpio.orig
rm -f ramdisk.cpio.orig
@@ -205,16 +230,14 @@ rm -f ramdisk.cpio.orig
# Hexpatches
# Remove Samsung RKP in stock kernel
LD_LIBRARY_PATH=$SYSTEMLIB ./magiskboot --hexpatch kernel \
./magiskboot --hexpatch kernel \
49010054011440B93FA00F71E9000054010840B93FA00F7189000054001840B91FA00F7188010054 \
A1020054011440B93FA00F7140020054010840B93FA00F71E0010054001840B91FA00F7181010054
ui_print_wrap "- Repacking boot image"
LD_LIBRARY_PATH=$SYSTEMLIB ./magiskboot --repack $BOOTIMAGE
./magiskboot --repack "$BOOTIMAGE" || abort_wrap "! Unable to repack boot image!"
if [ $? -ne 0 ]; then
ui_print_wrap "! Unable to repack boot image!"
exit 1
fi
# Sign chromeos boot
$CHROMEOS && sign_chromeos
LD_LIBRARY_PATH=$SYSTEMLIB ./magiskboot --cleanup
./magiskboot --cleanup

305
scripts/flash_script.sh
View File

@@ -1,238 +1,80 @@
#!/sbin/sh
#MAGISK
##########################################################################################
#
# Magisk Flash Script
# by topjohnwu
#
#
# This script will detect, construct the environment for Magisk
# It will then call boot_patch.sh to patch the boot image
#
##########################################################################################
##########################################################################################
# Preparation
##########################################################################################
# Detect whether in boot mode
ps | grep zygote | grep -v grep >/dev/null && BOOTMODE=true || BOOTMODE=false
$BOOTMODE || ps -A | grep zygote | grep -v grep >/dev/null && BOOTMODE=true
$BOOTMODE || ps -A 2>/dev/null | grep zygote | grep -v grep >/dev/null && BOOTMODE=true
# This path should work in any cases
TMPDIR=/dev/tmp
INSTALLER=$TMPDIR/magisk
INSTALLER=$TMPDIR/install
COMMONDIR=$INSTALLER/common
BOOTTMP=$TMPDIR/boottmp
COREDIR=/magisk/.core
CHROMEDIR=$INSTALLER/chromeos
COREDIR=/magisk/.core
# Default permissions
umask 022
##########################################################################################
# Flashable update-binary preparation
##########################################################################################
OUTFD=$2
ZIP=$3
readlink /proc/$$/fd/$OUTFD 2>/dev/null | grep /tmp >/dev/null
if [ "$?" -eq "0" ]; then
OUTFD=0
for FD in `ls /proc/$$/fd`; do
readlink /proc/$$/fd/$FD 2>/dev/null | grep pipe >/dev/null
if [ "$?" -eq "0" ]; then
ps | grep " 3 $FD " | grep -v grep >/dev/null
if [ "$?" -eq "0" ]; then
OUTFD=$FD
break
fi
fi
done
if [ ! -d "$COMMONDIR" ]; then
echo "! Unable to extract zip file!"
exit 1
fi
mkdir -p $INSTALLER
cd $INSTALLER
unzip -o "$ZIP"
# Load utility fuctions
. $COMMONDIR/util_functions.sh
##########################################################################################
# Functions
##########################################################################################
ui_print() {
if $BOOTMODE; then
echo "$1"
else
echo -n -e "ui_print $1\n" >> /proc/self/fd/$OUTFD
echo -n -e "ui_print\n" >> /proc/self/fd/$OUTFD
fi
}
getvar() {
local VARNAME=$1
local VALUE=$(eval echo \$"$VARNAME");
for FILE in /dev/.magisk /data/.magisk /cache/.magisk /system/.magisk; do
if [ -z "$VALUE" ]; then
LINE=$(cat $FILE 2>/dev/null | grep "$VARNAME=")
if [ ! -z "$LINE" ]; then
VALUE=${LINE#*=}
fi
fi
done
eval $VARNAME=\$VALUE
}
find_boot_image() {
if [ -z "$BOOTIMAGE" ]; then
for PARTITION in kern-a KERN-A android_boot ANDROID_BOOT kernel KERNEL boot BOOT lnx LNX; do
BOOTIMAGE=`readlink /dev/block/by-name/$PARTITION || readlink /dev/block/platform/*/by-name/$PARTITION || readlink /dev/block/platform/*/*/by-name/$PARTITION`
if [ ! -z "$BOOTIMAGE" ]; then break; fi
done
fi
if [ -z "$BOOTIMAGE" ]; then
FSTAB="/etc/recovery.fstab"
[ ! -f "$FSTAB" ] && FSTAB="/etc/recovery.fstab.bak"
[ -f "$FSTAB" ] && BOOTIMAGE=`grep -E '\b/boot\b' "$FSTAB" | grep -oE '/dev/[a-zA-Z0-9_./-]*'`
fi
}
is_mounted() {
if [ ! -z "$2" ]; then
cat /proc/mounts | grep $1 | grep $2, >/dev/null
else
cat /proc/mounts | grep $1 >/dev/null
fi
return $?
}
mount_image() {
if [ ! -d "$2" ]; then
mount -o rw,remount rootfs /
mkdir -p $2 2>/dev/null
($BOOTMODE) && mount -o ro,remount rootfs /
[ ! -d "$2" ] && return 1
fi
if (! is_mounted $2); then
LOOPDEVICE=
for LOOP in 0 1 2 3 4 5 6 7; do
if (! is_mounted $2); then
LOOPDEVICE=/dev/block/loop$LOOP
if [ ! -f "$LOOPDEVICE" ]; then
mknod $LOOPDEVICE b 7 $LOOP 2>/dev/null
fi
losetup $LOOPDEVICE $1
if [ "$?" -eq "0" ]; then
mount -t ext4 -o loop $LOOPDEVICE $2
if (! is_mounted $2); then
/system/bin/toolbox mount -t ext4 -o loop $LOOPDEVICE $2
fi
if (! is_mounted $2); then
/system/bin/toybox mount -t ext4 -o loop $LOOPDEVICE $2
fi
fi
if (is_mounted $2); then
ui_print "- Mounting $1 to $2"
break;
fi
fi
done
fi
}
grep_prop() {
REGEX="s/^$1=//p"
shift
FILES=$@
if [ -z "$FILES" ]; then
FILES='/system/build.prop'
fi
cat $FILES 2>/dev/null | sed -n "$REGEX" | head -n 1
}
remove_system_su() {
if [ -f /system/bin/su -o -f /system/xbin/su ] && [ ! -f /su/bin/su ]; then
ui_print "! System installed root detected, mount rw :("
mount -o rw,remount /system
# SuperSU
if [ -e /system/bin/.ext/.su ]; then
mv -f /system/bin/app_process32_original /system/bin/app_process32 2>/dev/null
mv -f /system/bin/app_process64_original /system/bin/app_process64 2>/dev/null
mv -f /system/bin/install-recovery_original.sh /system/bin/install-recovery.sh 2>/dev/null
cd /system/bin
if [ -e app_process64 ]; then
ln -sf app_process64 app_process
else
ln -sf app_process32 app_process
fi
fi
rm -rf /system/.pin /system/bin/.ext /system/etc/.installed_su_daemon /system/etc/.has_su_daemon \
/system/xbin/daemonsu /system/xbin/su /system/xbin/sugote /system/xbin/sugote-mksh /system/xbin/supolicy \
/system/bin/app_process_init /system/bin/su /cache/su /system/lib/libsupol.so /system/lib64/libsupol.so \
/system/su.d /system/etc/install-recovery.sh /system/etc/init.d/99SuperSUDaemon /cache/install-recovery.sh \
/system/.supersu /cache/.supersu /data/.supersu \
/system/app/Superuser.apk /system/app/SuperSU /cache/Superuser.apk 2>/dev/null
fi
}
get_outfd
##########################################################################################
# Detection
##########################################################################################
ui_print "************************"
ui_print "* MAGISK_VERSION_STUB"
ui_print "* Magisk v$MAGISK_VER Installer"
ui_print "************************"
if [ ! -d "$COMMONDIR" ]; then
ui_print "! Failed: Unable to extract zip file!"
exit 1
fi
ui_print "- Mounting /system(ro), /cache, /data"
ui_print "- Mounting /system, /vendor, /cache, /data"
mount -o ro /system 2>/dev/null
mount -o ro /vendor 2>/dev/null
mount /cache 2>/dev/null
mount /data 2>/dev/null
if [ ! -f '/system/build.prop' ]; then
ui_print "! Failed: /system could not be mounted!"
exit 1
fi
[ -f /system/build.prop ] || abort "! /system could not be mounted!"
# read override variables
getvar KEEPVERITY
getvar KEEPFORCEENCRYPT
getvar BOOTIMAGE
# Detect version and architecture
api_level_arch_detect
[ $API -lt 21 ] && abort "! Magisk is only for Lollipop 5.0+ (SDK 21+)"
# Check if system root is installed and remove
remove_system_su
API=`grep_prop ro.build.version.sdk`
ABI=`grep_prop ro.product.cpu.abi | cut -c-3`
ABI2=`grep_prop ro.product.cpu.abi2 | cut -c-3`
ABILONG=`grep_prop ro.product.cpu.abi`
ARCH=arm
IS64BIT=false
if [ "$ABI" = "x86" ]; then ARCH=x86; fi;
if [ "$ABI2" = "x86" ]; then ARCH=x86; fi;
if [ "$ABILONG" = "arm64-v8a" ]; then ARCH=arm64; IS64BIT=true; fi;
if [ "$ABILONG" = "x86_64" ]; then ARCH=x64; IS64BIT=true; fi;
if [ "$API" -lt "21" ]; then
ui_print "! Magisk is only for Lollipop 5.0+ (SDK 21+)"
exit 1
fi
ui_print "- Device platform: $ARCH"
BINDIR=$INSTALLER/$ARCH
chmod -R 755 $CHROMEDIR $BINDIR
$IS64BIT && SYSTEMLIB=/system/lib64 || SYSTEMLIB=/system/lib
find_boot_image
if [ -z $BOOTIMAGE ]; then
ui_print "! Unable to detect boot image"
exit 1
fi
##########################################################################################
# Environment
##########################################################################################
@@ -241,106 +83,57 @@ ui_print "- Constructing environment"
is_mounted /data && MAGISKBIN=/data/magisk || MAGISKBIN=/cache/data_bin
if $BOOTMODE; then
# Cleanup binary mirrors
umount -l /dev/magisk/mirror/bin 2>/dev/null
rm -rf /dev/magisk/mirror/bin 2>/dev/null
fi
# Copy required files
rm -rf $MAGISKBIN 2>/dev/null
mkdir -p $MAGISKBIN
cp -af $BINDIR/. $COMMONDIR/. $MAGISKBIN
cp -af $BINDIR/. $COMMONDIR/. $CHROMEDIR $TMPDIR/bin/busybox $MAGISKBIN
chmod -R 755 $MAGISKBIN
chcon -hR u:object_r:system_file:s0 $MAGISKBIN
##########################################################################################
# Magisk Image
##########################################################################################
# Fix SuperSU.....
$BOOTMODE && $BINDIR/magiskpolicy --live "allow fsck * * *"
if (is_mounted /data); then
IMG=/data/magisk.img
else
IMG=/cache/magisk.img
ui_print "- Data unavailable, use cache workaround"
# addon.d
if [ -d /system/addon.d ]; then
ui_print "- Adding addon.d survival script"
mount -o rw,remount /system
cp -af $INSTALLER/addon.d/99-magisk.sh /system/addon.d/99-magisk.sh
chmod 755 /system/addon.d/99-magisk.sh
fi
if [ -f $IMG ]; then
ui_print "- $IMG detected!"
else
ui_print "- Creating $IMG"
$BINDIR/magisk --createimg $IMG 64M
fi
mount_image $IMG /magisk
if (! is_mounted /magisk); then
ui_print "! Magisk image mount failed..."
exit 1
fi
MAGISKLOOP=$LOOPDEVICE
# Core folders
mkdir -p $COREDIR/props $COREDIR/post-fs-data.d $COREDIR/service.d 2>/dev/null
chmod -R 755 $COREDIR/post-fs-data.d $COREDIR/service.d
chown -R 0.0 $COREDIR/post-fs-data.d $COREDIR/service.d
# Legacy cleanup
mv $COREDIR/magiskhide/hidelist $COREDIR/hidelist 2>/dev/null
rm -rf $COREDIR/magiskhide $COREDIR/bin
$BOOTMODE && boot_actions || recovery_actions
##########################################################################################
# Unpack boot
# Boot patching
##########################################################################################
find_boot_image
[ -z $BOOTIMAGE ] && abort "! Unable to detect boot image"
ui_print "- Found Boot Image: $BOOTIMAGE"
# Update our previous backup to new format if exists
if [ -f /data/stock_boot.img ]; then
SHA1=`LD_LIBRARY_PATH=$SYSTEMLIB $BINDIR/magiskboot --sha1 /data/stock_boot.img | tail -n 1`
STOCKDUMP=/data/stock_boot_${SHA1}.img
mv /data/stock_boot.img $STOCKDUMP
LD_LIBRARY_PATH=$SYSTEMLIB $BINDIR/magiskboot --compress $STOCKDUMP
fi
SOURCEDMODE=true
cd $MAGISKBIN
# Source the boot patcher
. $COMMONDIR/boot_patch.sh $BOOTIMAGE
. $COMMONDIR/boot_patch.sh "$BOOTIMAGE"
# Sign chromeos boot
if [ -f chromeos ]; then
echo > empty
LD_LIBRARY_PATH=$SYSTEMLIB $CHROMEDIR/futility vbutil_kernel --pack new-boot.img.signed \
--keyblock $CHROMEDIR/kernel.keyblock --signprivate $CHROMEDIR/kernel_data_key.vbprivk \
--version 1 --vmlinuz new-boot.img --config empty --arch arm --bootloader empty --flags 0x1
rm -f empty new-boot.img
mv new-boot.img.signed new-boot.img
fi
if is_mounted /data; then
rm -f /data/stock_boot*
mv stock_boot* /data
fi
[ -f stock_boot* ] && rm -f /data/stock_boot* 2>/dev/null
ui_print "- Flashing new boot image"
if [ -L $BOOTIMAGE ]; then
dd if=new-boot.img of=$BOOTIMAGE bs=4096
if [ -L "$BOOTIMAGE" ]; then
dd if=new-boot.img of="$BOOTIMAGE" bs=4096
else
cat new-boot.img /dev/zero | dd of=$BOOTIMAGE bs=4096
cat new-boot.img /dev/zero | dd of="$BOOTIMAGE" bs=4096 >/dev/null 2>&1
fi
rm -f new-boot.img
cd /
if ! $BOOTMODE; then
ui_print "- Unmounting partitions"
umount /magisk
losetup -d $MAGISKLOOP 2>/dev/null
rmdir /magisk
umount /system
fi
# Cleanups
$BOOTMODE || recovery_cleanup
rm -rf $TMPDIR
ui_print "- Done"
exit 0

1
scripts/init.magisk.rc
View File

@@ -1,6 +1,7 @@
# Triggers
on post-fs
start logd
start magisk_pfs
wait /dev/.magisk.unblock 20

174
scripts/magisk_uninstaller.sh
View File

@@ -3,152 +3,112 @@
#
# Magisk Uninstaller
# by topjohnwu
#
#
# This script can be placed in /cache/magisk_uninstaller.sh
# The Magisk main binary will pick up the script, and uninstall itself, following a reboot
# This script can also be used in flashable zip with the uninstaller_loader.sh
#
# This script will try to do restoration in the following order:
# 1. Find and restore the original stock boot image dump (OTA proof)
# 2. Restore ramdisk from the internal backup (ramdisk fully restored, not OTA friendly)
# 3. Remove added files in ramdisk, modified files are remained intact. By doing so, Magisk
# will not be started at boot, but not removed clean enough
#
# Finally, this uninstaller will remove all Magisk related files
# (The list is LARGE, most likely due to bad decision in early versions
# the latest versions has much less bloat to cleanup)
#
# This script will try to do restoration with the following:
# 1-1. Find and restore the original stock boot image dump (OTA proof)
# 1-2. If 1-1 fails, restore ramdisk from the internal backup
# (ramdisk fully restored, not OTA friendly)
# 1-3. If 1-2 fails, it will remove added files in ramdisk, however modified files
# are remained modified, because we have no backups. By doing so, Magisk will
# not be started at boot, but this isn't actually 100% cleaned up
# 2. Remove all Magisk related files
# (The list is LARGE, most likely due to bad decision in early versions
# the latest versions has much less bloat to cleanup)
#
##########################################################################################
[ -z $BOOTMODE ] && BOOTMODE=false
MAGISKBIN=/data/magisk
CHROMEDIR=$MAGISKBIN/chromeos
[ -d /system/lib64 ] && SYSTEMLIB=/system/lib64 || SYSTEMLIB=/system/lib
if [ ! -f $MAGISKBIN/magiskboot -o ! -f $MAGISKBIN/util_functions.sh ]; then
echo "! Cannot find $MAGISKBIN"
exit 1
fi
# Default permissions
umask 022
# Call ui_print_wrap if exists, or else simply use echo
# Useful when wrapped in flashable zip
ui_print_wrap() {
type ui_print >/dev/null 2>&1 && ui_print "$1" || echo "$1"
}
grep_prop() {
REGEX="s/^$1=//p"
shift
FILES=$@
if [ -z "$FILES" ]; then
FILES='/system/build.prop'
fi
cat $FILES 2>/dev/null | sed -n "$REGEX" | head -n 1
}
find_boot_image() {
if [ -z "$BOOTIMAGE" ]; then
for PARTITION in kern-a KERN-A android_boot ANDROID_BOOT kernel KERNEL boot BOOT lnx LNX; do
BOOTIMAGE=`readlink /dev/block/by-name/$PARTITION || readlink /dev/block/platform/*/by-name/$PARTITION || readlink /dev/block/platform/*/*/by-name/$PARTITION`
if [ ! -z "$BOOTIMAGE" ]; then break; fi
done
fi
if [ -z "$BOOTIMAGE" ]; then
FSTAB="/etc/recovery.fstab"
[ ! -f "$FSTAB" ] && FSTAB="/etc/recovery.fstab.bak"
[ -f "$FSTAB" ] && BOOTIMAGE=`grep -E '\b/boot\b' "$FSTAB" | grep -oE '/dev/[a-zA-Z0-9_./-]*'`
fi
}
# Environments
# Set permissions
chmod -R 755 $CHROMEDIR/futility $MAGISKBIN 2>/dev/null
# Load utility functions
. $MAGISKBIN/util_functions.sh
# Find the boot image
find_boot_image
if [ -z "$BOOTIMAGE" ]; then
ui_print_wrap "! Unable to detect boot image"
exit 1
fi
[ -z $BOOTIMAGE ] && abort "! Unable to detect boot image"
ui_print_wrap "- Found Boot Image: $BOOTIMAGE"
ui_print "- Found Boot Image: $BOOTIMAGE"
cd $MAGISKBIN
ui_print_wrap "- Unpacking boot image"
LD_LIBRARY_PATH=$SYSTEMLIB ./magiskboot --unpack $BOOTIMAGE
if [ $? -ne 0 ]; then
ui_print_wrap "! Unable to unpack boot image"
exit 1
fi
ui_print "- Unpacking boot image"
./magiskboot --unpack "$BOOTIMAGE"
CHROMEOS=false
case $? in
1 )
abort "! Unable to unpack boot image"
;;
2 )
CHROMEOS=true
;;
3 )
ui_print "! Sony ELF32 format detected"
abort "! Please use BootBridge from @AdrianDC to flash Magisk"
;;
4 )
ui_print "! Sony ELF64 format detected"
abort "! Stock kernel cannot be patched, please use a custom kernel"
esac
# Update our previous backups to new format if exists
if [ -f /data/stock_boot.img ]; then
SHA1=`LD_LIBRARY_PATH=$SYSTEMLIB ./magiskboot --sha1 /data/stock_boot.img | tail -n 1`
STOCKDUMP=/data/stock_boot_${SHA1}.img
mv /data/stock_boot.img $STOCKDUMP
LD_LIBRARY_PATH=$SYSTEMLIB ./magiskboot --compress $STOCKDUMP
fi
migrate_boot_backup
# Detect boot image state
LD_LIBRARY_PATH=$SYSTEMLIB ./magiskboot --cpio-test ramdisk.cpio
./magiskboot --cpio-test ramdisk.cpio
case $? in
0 )
ui_print_wrap "- Stock boot image detected!"
ui_print_wrap "! Magisk is not installed!"
exit
0 ) # Stock boot
ui_print "- Stock boot image detected!"
abort "! Magisk is not installed!"
;;
1 )
ui_print_wrap "- Magisk patched image detected!"
1 ) # Magisk patched
ui_print "- Magisk patched image detected!"
# Find SHA1 of stock boot image
if [ -z $SHA1 ]; then
LD_LIBRARY_PATH=$SYSTEMLIB ./magiskboot --cpio-extract ramdisk.cpio init.magisk.rc init.magisk.rc.old
SHA1=`grep_prop "# STOCKSHA1" init.magisk.rc.old`
[ ! -z $SHA1 ] && STOCKDUMP=/data/stock_boot_${SHA1}.img
rm -f init.magisk.rc.old
fi
[ -z $SHA1 ] && SHA1=`./magiskboot --cpio-stocksha1 ramdisk.cpio 2>/dev/null`
[ ! -z $SHA1 ] && STOCKDUMP=/data/stock_boot_${SHA1}.img
if [ -f ${STOCKDUMP}.gz ]; then
ui_print_wrap "- Boot image backup found!"
LD_LIBRARY_PATH=$SYSTEMLIB ./magiskboot --decompress ${STOCKDUMP}.gz stock_boot.img
ui_print "- Boot image backup found!"
./magiskboot --decompress ${STOCKDUMP}.gz new-boot.img
else
ui_print_wrap "! Boot image backup unavailable"
ui_print_wrap "- Restoring ramdisk with backup"
LD_LIBRARY_PATH=$SYSTEMLIB ./magiskboot --cpio-restore ramdisk.cpio
LD_LIBRARY_PATH=$SYSTEMLIB ./magiskboot --repack $BOOTIMAGE stock_boot.img
ui_print "! Boot image backup unavailable"
ui_print "- Restoring ramdisk with internal backup"
./magiskboot --cpio-restore ramdisk.cpio
./magiskboot --repack $BOOTIMAGE new-boot.img
fi
;;
2 ) # Other patched
ui_print_wrap "! Boot image patched by other programs!"
ui_print_wrap "! Cannot uninstall with this uninstaller"
exit 1
ui_print "! Boot image patched by other programs!"
abort "! Cannot uninstall"
;;
esac
# Sign chromeos boot
if [ -f chromeos ]; then
echo > empty
$CHROMEOS && sign_chromeos
LD_LIBRARY_PATH=$SYSTEMLIB $CHROMEDIR/futility vbutil_kernel --pack stock_boot.img.signed \
--keyblock $CHROMEDIR/kernel.keyblock --signprivate $CHROMEDIR/kernel_data_key.vbprivk \
--version 1 --vmlinuz stock_boot.img --config empty --arch arm --bootloader empty --flags 0x1
rm -f empty stock_boot.img
mv stock_boot.img.signed stock_boot.img
fi
ui_print_wrap "- Flashing stock/reverted image"
if [ -L $BOOTIMAGE ]; then
dd if=stock_boot.img of=$BOOTIMAGE bs=4096
ui_print "- Flashing stock/reverted image"
if [ -L "$BOOTIMAGE" ]; then
dd if=new-boot.img of="$BOOTIMAGE" bs=4096
else
cat stock_boot.img /dev/zero | dd of=$BOOTIMAGE bs=4096
cat new-boot.img /dev/zero | dd of="$BOOTIMAGE" bs=4096 >/dev/null 2>&1
fi
rm -f stock_boot.img
rm -f new-boot.img
ui_print_wrap "- Removing Magisk files"
cd /
ui_print "- Removing Magisk files"
rm -rf /cache/magisk.log /cache/last_magisk.log /cache/magiskhide.log /cache/.disable_magisk \
/cache/magisk /cache/magisk_merge /cache/magisk_mount /cache/unblock /cache/magisk_uninstaller.sh \
/cache/magisk /cache/magisk_merge /cache/magisk_mount /cache/unblock /cache/magisk_uninstaller.sh \
/data/Magisk.apk /data/magisk.apk /data/magisk.img /data/magisk_merge.img /data/magisk_debug.log \
/data/busybox /data/magisk /data/custom_ramdisk_patch.sh 2>/dev/null
/data/busybox /data/magisk /data/custom_ramdisk_patch.sh /data/property/*magisk* \
/data/app/com.topjohnwu.magisk* /data/user/*/com.topjohnwu.magisk 2>/dev/null
$BOOTMODE && reboot

112
scripts/uninstaller_loader.sh
View File

@@ -3,105 +3,52 @@
#
# Magisk Uninstaller (used in recovery)
# by topjohnwu
#
#
# This script will load the real uninstaller in a flashable zip
#
##########################################################################################
INSTALLER=/tmp/uninstall
##########################################################################################
# Preparation
##########################################################################################
BOOTMODE=false
# This path should work in any cases
TMPDIR=/dev/tmp
INSTALLER=$TMPDIR/install
# Default permissions
umask 022
##########################################################################################
# Flashable update-binary preparation
##########################################################################################
OUTFD=$2
ZIP=$3
readlink /proc/$$/fd/$OUTFD 2>/dev/null | grep /tmp >/dev/null
if [ "$?" -eq "0" ]; then
OUTFD=0
for FD in `ls /proc/$$/fd`; do
readlink /proc/$$/fd/$FD 2>/dev/null | grep pipe >/dev/null
if [ "$?" -eq "0" ]; then
ps | grep " 3 $FD " | grep -v grep >/dev/null
if [ "$?" -eq "0" ]; then
OUTFD=$FD
break
fi
fi
done
if [ ! -f $INSTALLER/util_functions.sh ]; then
echo "! Failed: Unable to extract zip file!"
exit 1
fi
mkdir -p $INSTALLER
cd $INSTALLER
unzip -o "$ZIP"
##########################################################################################
# Functions
##########################################################################################
ui_print() {
echo -n -e "ui_print $1\n" >> /proc/self/fd/$OUTFD
echo -n -e "ui_print\n" >> /proc/self/fd/$OUTFD
}
is_mounted() {
if [ ! -z "$2" ]; then
cat /proc/mounts | grep $1 | grep $2, >/dev/null
else
cat /proc/mounts | grep $1 >/dev/null
fi
return $?
}
grep_prop() {
REGEX="s/^$1=//p"
shift
FILES=$@
if [ -z "$FILES" ]; then
FILES='/system/build.prop'
fi
cat $FILES 2>/dev/null | sed -n $REGEX | head -n 1
}
# Load utility functions
. $INSTALLER/util_functions.sh
get_outfd
##########################################################################################
# Main
##########################################################################################
ui_print "*****************************"
ui_print " Magisk Uninstaller "
ui_print "*****************************"
ui_print "************************"
ui_print " Magisk Uninstaller "
ui_print "************************"
if [ ! -d "$INSTALLER/arm" ]; then
ui_print "! Failed: Unable to extract zip file!"
exit 1
fi
ui_print "- Mounting /system(ro), /cache, /data"
ui_print "- Mounting /system, /vendor, /cache, /data"
mount -o ro /system 2>/dev/null
mount -o ro /vendor 2>/dev/null
mount /cache 2>/dev/null
mount /data 2>/dev/null
if [ ! -f '/system/build.prop' ]; then
ui_print "! Failed: /system could not be mounted!"
exit 1
fi
[ -f /system/build.prop ] || abort "! /system could not be mounted!"
API=`grep_prop ro.build.version.sdk`
ABI=`grep_prop ro.product.cpu.abi | cut -c-3`
ABI2=`grep_prop ro.product.cpu.abi2 | cut -c-3`
ABILONG=`grep_prop ro.product.cpu.abi`
ARCH=arm
IS64BIT=false
if [ "$ABI" = "x86" ]; then ARCH=x86; fi;
if [ "$ABI2" = "x86" ]; then ARCH=x86; fi;
if [ "$ABILONG" = "arm64-v8a" ]; then ARCH=arm64; IS64BIT=true; fi;
if [ "$ABILONG" = "x86_64" ]; then ARCH=x64; IS64BIT=true; fi;
api_level_arch_detect
ui_print "- Device platform: $ARCH"
CHROMEDIR=$INSTALLER/chromeos
@@ -111,12 +58,18 @@ BINDIR=$INSTALLER/$ARCH
# Detection all done, start installing
##########################################################################################
if (is_mounted /data); then
MAGISKBIN=/data/magisk
if is_mounted /data; then
# Copy the binaries to /data/magisk, in case they do not exist
rm -rf /data/magisk 2>/dev/null
mkdir -p /data/magisk 2>/dev/null
cp -af $BINDIR/. $CHROMEDIR /data/magisk
rm -rf $MAGISKBIN 2>/dev/null
mkdir -p $MAGISKBIN
cp -af $BINDIR/. $CHROMEDIR $TMPDIR/bin/busybox $INSTALLER/util_functions.sh $MAGISKBIN
chmod -R 755 $MAGISKBIN
# Run the acttual uninstallation
recovery_actions
. $INSTALLER/magisk_uninstaller.sh
recovery_cleanup
else
ui_print "! Data unavailable"
ui_print "! Placing uninstall script to /cache"
@@ -128,6 +81,5 @@ else
reboot
fi
umount /system
ui_print "- Done"
exit 0

31
scripts/update_binary.sh Normal file
View File

@@ -0,0 +1,31 @@
# EX_ARM, EX_X86, BB_ARM, and BB_X86 should be generated in build.py
dirname_wrap() {
case "$1" in
*/*) dir=${1%/*}; [ -z $dir ] && echo "/" || echo $dir ;;
*) echo "." ;;
esac
}
[ "$1" = "indep" ] && INDEP=true || INDEP=false
$INDEP && TMPDIR="`cd "\`dirname_wrap "${BASH_SOURCE:-$0}"\`" && pwd`" || TMPDIR=/dev/tmp
INSTALLER=$TMPDIR/install; BBDIR=$TMPDIR/bin
EXBIN=$BBDIR/b64xz; BBBIN=$BBDIR/busybox
$INDEP || rm -rf $TMPDIR 2>/dev/null;
mkdir -p $BBDIR 2>/dev/null
touch $EXBIN $BBBIN; chmod 755 $EXBIN $BBBIN
echo -ne $EX_ARM > $EXBIN
if $EXBIN --test 2>/dev/null; then
echo $BB_ARM | $EXBIN > $BBBIN
else
echo -ne $EX_x86 > $EXBIN
echo $BB_x86 | $EXBIN > $BBBIN
fi
$BBBIN --install -s $TMPDIR/bin
export PATH=$BBDIR:$PATH
if $INDEP; then
shift
exec sh "$@"
else
mkdir -p $INSTALLER
unzip -o "$3" -d $INSTALLER
exec sh $INSTALLER/META-INF/com/google/android/updater-script $@
fi

230
scripts/util_functions.sh Normal file
View File

@@ -0,0 +1,230 @@
##########################################################################################
#
# Magisk General Utility Functions
# by topjohnwu
#
# Used in flash_script.sh, addon.d.sh, magisk module installers, and uninstaller
#
##########################################################################################
MAGISK_VERSION_STUB
SCRIPT_VERSION=$MAGISK_VER_CODE
get_outfd() {
readlink /proc/$$/fd/$OUTFD 2>/dev/null | grep /tmp >/dev/null
if [ "$?" -eq "0" ]; then
OUTFD=0
for FD in `ls /proc/$$/fd`; do
readlink /proc/$$/fd/$FD 2>/dev/null | grep pipe >/dev/null
if [ "$?" -eq "0" ]; then
ps | grep " 3 $FD " | grep -v grep >/dev/null
if [ "$?" -eq "0" ]; then
OUTFD=$FD
break
fi
fi
done
fi
}
ui_print() {
if $BOOTMODE; then
echo "$1"
else
echo -n -e "ui_print $1\n" >> /proc/self/fd/$OUTFD
echo -n -e "ui_print\n" >> /proc/self/fd/$OUTFD
fi
}
grep_prop() {
REGEX="s/^$1=//p"
shift
FILES=$@
[ -z "$FILES" ] && FILES='/system/build.prop'
sed -n "$REGEX" $FILES 2>/dev/null | head -n 1
}
getvar() {
local VARNAME=$1
local VALUE=$(eval echo \$$VARNAME)
[ ! -z $VALUE ] && return
for DIR in /dev /data /cache /system; do
VALUE=`grep_prop $VARNAME $DIR/.magisk`
[ ! -z $VALUE ] && break;
done
eval $VARNAME=\$VALUE
}
find_boot_image() {
if [ -z "$BOOTIMAGE" ]; then
for BLOCK in boot_a kern-a android_boot kernel boot lnx; do
BOOTIMAGE=`find /dev/block -iname $BLOCK | head -n 1` 2>/dev/null
[ ! -z $BOOTIMAGE ] && break
done
fi
# Recovery fallback
if [ -z "$BOOTIMAGE" ]; then
for FSTAB in /etc/*fstab*; do
BOOTIMAGE=`grep -v '#' $FSTAB | grep -E '\b/boot\b' | grep -oE '/dev/[a-zA-Z0-9_./-]*'`
[ ! -z $BOOTIMAGE ] && break
done
fi
[ -L "$BOOTIMAGE" ] && BOOTIMAGE=`readlink $BOOTIMAGE`
}
migrate_boot_backup() {
# Update the broken boot backup
if [ -f /data/stock_boot_.img.gz ]; then
./magiskboot --decompress /data/stock_boot_.img.gz
mv /data/stock_boot_.img /data/stock_boot.img
fi
# Update our previous backup to new format if exists
if [ -f /data/stock_boot.img ]; then
ui_print "- Migrating boot image backup"
SHA1=`./magiskboot --sha1 /data/stock_boot.img 2>/dev/null`
STOCKDUMP=/data/stock_boot_${SHA1}.img
mv /data/stock_boot.img $STOCKDUMP
./magiskboot --compress $STOCKDUMP
fi
}
sign_chromeos() {
echo > empty
./chromeos/futility vbutil_kernel --pack new-boot.img.signed \
--keyblock ./chromeos/kernel.keyblock --signprivate ./chromeos/kernel_data_key.vbprivk \
--version 1 --vmlinuz new-boot.img --config empty --arch arm --bootloader empty --flags 0x1
rm -f empty new-boot.img
mv new-boot.img.signed new-boot.img
}
is_mounted() {
if [ ! -z "$2" ]; then
cat /proc/mounts | grep $1 | grep $2, >/dev/null
else
cat /proc/mounts | grep $1 >/dev/null
fi
return $?
}
remove_system_su() {
if [ -f /system/bin/su -o -f /system/xbin/su ] && [ ! -f /su/bin/su ]; then
ui_print "! System installed root detected, mount rw :("
mount -o rw,remount /system
# SuperSU
if [ -e /system/bin/.ext/.su ]; then
mv -f /system/bin/app_process32_original /system/bin/app_process32 2>/dev/null
mv -f /system/bin/app_process64_original /system/bin/app_process64 2>/dev/null
mv -f /system/bin/install-recovery_original.sh /system/bin/install-recovery.sh 2>/dev/null
cd /system/bin
if [ -e app_process64 ]; then
ln -sf app_process64 app_process
else
ln -sf app_process32 app_process
fi
fi
rm -rf /system/.pin /system/bin/.ext /system/etc/.installed_su_daemon /system/etc/.has_su_daemon \
/system/xbin/daemonsu /system/xbin/su /system/xbin/sugote /system/xbin/sugote-mksh /system/xbin/supolicy \
/system/bin/app_process_init /system/bin/su /cache/su /system/lib/libsupol.so /system/lib64/libsupol.so \
/system/su.d /system/etc/install-recovery.sh /system/etc/init.d/99SuperSUDaemon /cache/install-recovery.sh \
/system/.supersu /cache/.supersu /data/.supersu \
/system/app/Superuser.apk /system/app/SuperSU /cache/Superuser.apk 2>/dev/null
fi
}
api_level_arch_detect() {
API=`grep_prop ro.build.version.sdk`
ABI=`grep_prop ro.product.cpu.abi | cut -c-3`
ABI2=`grep_prop ro.product.cpu.abi2 | cut -c-3`
ABILONG=`grep_prop ro.product.cpu.abi`
ARCH=arm
IS64BIT=false
if [ "$ABI" = "x86" ]; then ARCH=x86; fi;
if [ "$ABI2" = "x86" ]; then ARCH=x86; fi;
if [ "$ABILONG" = "arm64-v8a" ]; then ARCH=arm64; IS64BIT=true; fi;
if [ "$ABILONG" = "x86_64" ]; then ARCH=x64; IS64BIT=true; fi;
}
boot_actions() {
if [ ! -d /dev/magisk/mirror/bin ]; then
mkdir -p /dev/magisk/mirror/bin
mount -o bind $MAGISKBIN /dev/magisk/mirror/bin
fi
MAGISKBIN=/dev/magisk/mirror/bin
}
recovery_actions() {
# TWRP bug fix
mount -o bind /dev/urandom /dev/random
# Preserve environment varibles
OLD_PATH=$PATH
OLD_LD_PATH=$LD_LIBRARY_PATH
if [ ! -d $TMPDIR/bin ]; then
# Add busybox to PATH
mkdir -p $TMPDIR/bin
ln -s $MAGISKBIN/busybox $TMPDIR/bin/busybox
$MAGISKBIN/busybox --install -s $TMPDIR/bin
export PATH=$TMPDIR/bin:$PATH
fi
# Temporarily block out all custom recovery binaries/libs
mv /sbin /sbin_tmp
# Add all possible library paths
$IS64BIT && export LD_LIBRARY_PATH=/system/lib64:/system/vendor/lib64 || export LD_LIBRARY_PATH=/system/lib:/system/vendor/lib
}
recovery_cleanup() {
mv /sbin_tmp /sbin 2>/dev/null
export LD_LIBRARY_PATH=$OLD_LD_PATH
[ -z $OLD_PATH ] || export PATH=$OLD_PATH
ui_print "- Unmounting partitions"
umount -l /system 2>/dev/null
umount -l /vendor 2>/dev/null
umount -l /dev/random 2>/dev/null
}
abort() {
ui_print "$1"
$BOOTMODE || recovery_cleanup
exit 1
}
set_perm() {
chown $2:$3 $1 || exit 1
chmod $4 $1 || exit 1
[ -z $5 ] && chcon 'u:object_r:system_file:s0' $1 || chcon $5 $1
}
set_perm_recursive() {
find $1 -type d 2>/dev/null | while read dir; do
set_perm $dir $2 $3 $4 $6
done
find $1 -type f -o -type l 2>/dev/null | while read file; do
set_perm $file $2 $3 $5 $6
done
}
mktouch() {
mkdir -p ${1%/*} 2>/dev/null
[ -z $2 ] && touch $1 || echo $2 > $1
chmod 644 $1
}
request_size_check() {
reqSizeM=`du -s $1 | cut -f1`
reqSizeM=$((reqSizeM / 1024 + 1))
}
request_zip_size_check() {
reqSizeM=`unzip -l "$1" | tail -n 1 | awk '{ print int($1 / 1048567 + 1) }'`
}
image_size_check() {
SIZE="`$MAGISKBIN/magisk --imgsize $IMG`"
curUsedM=`echo "$SIZE" | cut -d" " -f1`
curSizeM=`echo "$SIZE" | cut -d" " -f2`
curFreeM=$((curSizeM - curUsedM))
}

BIN
ziptools/minsignapk.jar
View File

Binary file not shown.

0
ziptools/test.key.pk8 → ziptools/private.key.pk8
View File

0
ziptools/test.certificate.x509.pem → ziptools/public.certificate.x509.pem
View File

BIN
ziptools/signapk.jar
View File

Binary file not shown.

191
ziptools/src/MinSignAPK.java
View File

@@ -1,191 +0,0 @@
/*
* Copyright (C) 2008 The Android Open Source Project
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
/* This is just a copy/paste/cut job from original SignAPK sources. This
* adaptation adds only the whole-file signature to a ZIP(jar,apk) file, and
* doesn't do any of the per-file signing, creating manifests, etc. This is
* useful when you've changed the structure itself of an existing (signed!)
* ZIP file, but the extracted contents are still identical. Using
* the normal SignAPK may re-arrange other things inside the ZIP, which may
* be unwanted behavior. This version only changes the ZIP's tail and keeps
* the rest the same - CF
*/
package eu.chainfire.minsignapk;
import java.io.ByteArrayOutputStream;
import java.io.DataInputStream;
import java.io.File;
import java.io.FileInputStream;
import java.io.FileOutputStream;
import java.io.IOException;
import java.io.InputStream;
import java.io.OutputStream;
import java.security.GeneralSecurityException;
import java.security.KeyFactory;
import java.security.PrivateKey;
import java.security.Signature;
import java.security.cert.CertificateFactory;
import java.security.cert.X509Certificate;
import java.security.spec.InvalidKeySpecException;
import java.security.spec.KeySpec;
import java.security.spec.PKCS8EncodedKeySpec;
import sun.security.pkcs.ContentInfo;
import sun.security.pkcs.PKCS7;
import sun.security.pkcs.SignerInfo;
import sun.security.x509.AlgorithmId;
import sun.security.x509.X500Name;
public class MinSignAPK {
/** Write a .RSA file with a digital signature. */
private static void writeSignatureBlock(Signature signature, X509Certificate publicKey, OutputStream out)
throws IOException, GeneralSecurityException {
SignerInfo signerInfo = new SignerInfo(new X500Name(publicKey.getIssuerX500Principal().getName()),
publicKey.getSerialNumber(), AlgorithmId.get("SHA1"), AlgorithmId.get("RSA"), signature.sign());
PKCS7 pkcs7 = new PKCS7(new AlgorithmId[] { AlgorithmId.get("SHA1") }, new ContentInfo(ContentInfo.DATA_OID,
null), new X509Certificate[] { publicKey }, new SignerInfo[] { signerInfo });
pkcs7.encodeSignedData(out);
}
private static void signWholeOutputFile(byte[] zipData, OutputStream outputStream, X509Certificate publicKey,
PrivateKey privateKey) throws IOException, GeneralSecurityException {
// For a zip with no archive comment, the
// end-of-central-directory record will be 22 bytes long, so
// we expect to find the EOCD marker 22 bytes from the end.
if (zipData[zipData.length - 22] != 0x50 || zipData[zipData.length - 21] != 0x4b
|| zipData[zipData.length - 20] != 0x05 || zipData[zipData.length - 19] != 0x06) {
throw new IllegalArgumentException("zip data already has an archive comment");
}
Signature signature = Signature.getInstance("SHA1withRSA");
signature.initSign(privateKey);
signature.update(zipData, 0, zipData.length - 2);
ByteArrayOutputStream temp = new ByteArrayOutputStream();
// put a readable message and a null char at the start of the
// archive comment, so that tools that display the comment
// (hopefully) show something sensible.
// TODO: anything more useful we can put in this message?
byte[] message = "signed by SignApk".getBytes("UTF-8");
temp.write(message);
temp.write(0);
writeSignatureBlock(signature, publicKey, temp);
int total_size = temp.size() + 6;
if (total_size > 0xffff) {
throw new IllegalArgumentException("signature is too big for ZIP file comment");
}
// signature starts this many bytes from the end of the file
int signature_start = total_size - message.length - 1;
temp.write(signature_start & 0xff);
temp.write((signature_start >> 8) & 0xff);
// Why the 0xff bytes? In a zip file with no archive comment,
// bytes [-6:-2] of the file are the little-endian offset from
// the start of the file to the central directory. So for the
// two high bytes to be 0xff 0xff, the archive would have to
// be nearly 4GB in side. So it's unlikely that a real
// commentless archive would have 0xffs here, and lets us tell
// an old signed archive from a new one.
temp.write(0xff);
temp.write(0xff);
temp.write(total_size & 0xff);
temp.write((total_size >> 8) & 0xff);
temp.flush();
// Signature verification checks that the EOCD header is the
// last such sequence in the file (to avoid minzip finding a
// fake EOCD appended after the signature in its scan). The
// odds of producing this sequence by chance are very low, but
// let's catch it here if it does.
byte[] b = temp.toByteArray();
for (int i = 0; i < b.length - 3; ++i) {
if (b[i] == 0x50 && b[i + 1] == 0x4b && b[i + 2] == 0x05 && b[i + 3] == 0x06) {
throw new IllegalArgumentException("found spurious EOCD header at " + i);
}
}
outputStream.write(zipData, 0, zipData.length - 2);
outputStream.write(total_size & 0xff);
outputStream.write((total_size >> 8) & 0xff);
temp.writeTo(outputStream);
}
private static PrivateKey readPrivateKey(File file)
throws IOException, GeneralSecurityException {
DataInputStream input = new DataInputStream(new FileInputStream(file));
try {
byte[] bytes = new byte[(int) file.length()];
input.read(bytes);
// dont support encrypted keys atm
//KeySpec spec = decryptPrivateKey(bytes, file);
//if (spec == null) {
KeySpec spec = new PKCS8EncodedKeySpec(bytes);
//}
try {
return KeyFactory.getInstance("RSA").generatePrivate(spec);
} catch (InvalidKeySpecException ex) {
return KeyFactory.getInstance("DSA").generatePrivate(spec);
}
} finally {
input.close();
}
}
private static X509Certificate readPublicKey(File file)
throws IOException, GeneralSecurityException {
FileInputStream input = new FileInputStream(file);
try {
CertificateFactory cf = CertificateFactory.getInstance("X.509");
return (X509Certificate) cf.generateCertificate(input);
} finally {
input.close();
}
}
public static void main(String[] args) {
if (args.length < 4) {
System.out.println("MinSignAPK pemfile pk8file inzip outzip");
System.out.println("- only adds whole-file signature to zip");
return;
}
String pemFile = args[0];
String pk8File = args[1];
String inFile = args[2];
String outFile = args[3];
try {
X509Certificate publicKey = readPublicKey(new File(pemFile));
PrivateKey privateKey = readPrivateKey(new File(pk8File));
InputStream fis = new FileInputStream(inFile);
byte[] buffer = new byte[(int)(new File(inFile)).length()];
fis.read(buffer);
fis.close();
OutputStream fos = new FileOutputStream(outFile, false);
signWholeOutputFile(buffer, fos, publicKey, privateKey);
fos.close();
} catch (Exception e) {
e.printStackTrace();
}
}
}

0
ziptools/src/zipadjust.c → ziptools/zipadjust_src/zipadjust.c
View File

0
ziptools/src/zipadjust.h → ziptools/zipadjust_src/zipadjust.h
View File

0
ziptools/src/zipadjust_run.c → ziptools/zipadjust_src/zipadjust_run.c
View File

7
ziptools/zipsigner/.gitignore vendored Normal file
View File

@@ -0,0 +1,7 @@
*.iml
.gradle
/local.properties
.idea/
/build
*.hprof
app/.externalNativeBuild/

36
ziptools/zipsigner/build.gradle Normal file
View File

@@ -0,0 +1,36 @@
group 'com.topjohnwu'
version '1.0.0'
apply plugin: 'java'
apply plugin: 'com.github.johnrengelman.shadow'
sourceCompatibility = 1.8
jar {
manifest {
attributes 'Main-Class': 'com.topjohnwu.ZipSigner'
}
}
shadowJar {
classifier = null
version = null
}
buildscript {
repositories {
jcenter()
}
dependencies {
classpath 'com.github.jengelman.gradle.plugins:shadow:2.0.1'
}
}
repositories {
mavenCentral()
}
dependencies {
compile 'org.bouncycastle:bcprov-jdk15on:1.57'
compile 'org.bouncycastle:bcpkix-jdk15on:1.57'
}

BIN
ziptools/zipsigner/gradle/wrapper/gradle-wrapper.jar vendored Normal file
View File

Binary file not shown.

6
ziptools/zipsigner/gradle/wrapper/gradle-wrapper.properties vendored Normal file
View File

@@ -0,0 +1,6 @@
#Thu Aug 24 10:35:40 CST 2017
distributionBase=GRADLE_USER_HOME
distributionPath=wrapper/dists
zipStoreBase=GRADLE_USER_HOME
zipStorePath=wrapper/dists
distributionUrl=https\://services.gradle.org/distributions/gradle-3.5-rc-2-bin.zip

172
ziptools/zipsigner/gradlew vendored Executable file
View File

@@ -0,0 +1,172 @@
#!/usr/bin/env sh
##############################################################################
##
## Gradle start up script for UN*X
##
##############################################################################
# Attempt to set APP_HOME
# Resolve links: $0 may be a link
PRG="$0"
# Need this for relative symlinks.
while [ -h "$PRG" ] ; do
ls=`ls -ld "$PRG"`
link=`expr "$ls" : '.*-> \(.*\)$'`
if expr "$link" : '/.*' > /dev/null; then
PRG="$link"
else
PRG=`dirname "$PRG"`"/$link"
fi
done
SAVED="`pwd`"
cd "`dirname \"$PRG\"`/" >/dev/null
APP_HOME="`pwd -P`"
cd "$SAVED" >/dev/null
APP_NAME="Gradle"
APP_BASE_NAME=`basename "$0"`
# Add default JVM options here. You can also use JAVA_OPTS and GRADLE_OPTS to pass JVM options to this script.
DEFAULT_JVM_OPTS=""
# Use the maximum available, or set MAX_FD != -1 to use that value.
MAX_FD="maximum"
warn ( ) {
echo "$*"
}
die ( ) {
echo
echo "$*"
echo
exit 1
}
# OS specific support (must be 'true' or 'false').
cygwin=false
msys=false
darwin=false
nonstop=false
case "`uname`" in
CYGWIN* )
cygwin=true
;;
Darwin* )
darwin=true
;;
MINGW* )
msys=true
;;
NONSTOP* )
nonstop=true
;;
esac
CLASSPATH=$APP_HOME/gradle/wrapper/gradle-wrapper.jar
# Determine the Java command to use to start the JVM.
if [ -n "$JAVA_HOME" ] ; then
if [ -x "$JAVA_HOME/jre/sh/java" ] ; then
# IBM's JDK on AIX uses strange locations for the executables
JAVACMD="$JAVA_HOME/jre/sh/java"
else
JAVACMD="$JAVA_HOME/bin/java"
fi
if [ ! -x "$JAVACMD" ] ; then
die "ERROR: JAVA_HOME is set to an invalid directory: $JAVA_HOME
Please set the JAVA_HOME variable in your environment to match the
location of your Java installation."
fi
else
JAVACMD="java"
which java >/dev/null 2>&1 || die "ERROR: JAVA_HOME is not set and no 'java' command could be found in your PATH.
Please set the JAVA_HOME variable in your environment to match the
location of your Java installation."
fi
# Increase the maximum file descriptors if we can.
if [ "$cygwin" = "false" -a "$darwin" = "false" -a "$nonstop" = "false" ] ; then
MAX_FD_LIMIT=`ulimit -H -n`
if [ $? -eq 0 ] ; then
if [ "$MAX_FD" = "maximum" -o "$MAX_FD" = "max" ] ; then
MAX_FD="$MAX_FD_LIMIT"
fi
ulimit -n $MAX_FD
if [ $? -ne 0 ] ; then
warn "Could not set maximum file descriptor limit: $MAX_FD"
fi
else
warn "Could not query maximum file descriptor limit: $MAX_FD_LIMIT"
fi
fi
# For Darwin, add options to specify how the application appears in the dock
if $darwin; then
GRADLE_OPTS="$GRADLE_OPTS \"-Xdock:name=$APP_NAME\" \"-Xdock:icon=$APP_HOME/media/gradle.icns\""
fi
# For Cygwin, switch paths to Windows format before running java
if $cygwin ; then
APP_HOME=`cygpath --path --mixed "$APP_HOME"`
CLASSPATH=`cygpath --path --mixed "$CLASSPATH"`
JAVACMD=`cygpath --unix "$JAVACMD"`
# We build the pattern for arguments to be converted via cygpath
ROOTDIRSRAW=`find -L / -maxdepth 1 -mindepth 1 -type d 2>/dev/null`
SEP=""
for dir in $ROOTDIRSRAW ; do
ROOTDIRS="$ROOTDIRS$SEP$dir"
SEP="|"
done
OURCYGPATTERN="(^($ROOTDIRS))"
# Add a user-defined pattern to the cygpath arguments
if [ "$GRADLE_CYGPATTERN" != "" ] ; then
OURCYGPATTERN="$OURCYGPATTERN|($GRADLE_CYGPATTERN)"
fi
# Now convert the arguments - kludge to limit ourselves to /bin/sh
i=0
for arg in "$@" ; do
CHECK=`echo "$arg"|egrep -c "$OURCYGPATTERN" -`
CHECK2=`echo "$arg"|egrep -c "^-"` ### Determine if an option
if [ $CHECK -ne 0 ] && [ $CHECK2 -eq 0 ] ; then ### Added a condition
eval `echo args$i`=`cygpath --path --ignore --mixed "$arg"`
else
eval `echo args$i`="\"$arg\""
fi
i=$((i+1))
done
case $i in
(0) set -- ;;
(1) set -- "$args0" ;;
(2) set -- "$args0" "$args1" ;;
(3) set -- "$args0" "$args1" "$args2" ;;
(4) set -- "$args0" "$args1" "$args2" "$args3" ;;
(5) set -- "$args0" "$args1" "$args2" "$args3" "$args4" ;;
(6) set -- "$args0" "$args1" "$args2" "$args3" "$args4" "$args5" ;;
(7) set -- "$args0" "$args1" "$args2" "$args3" "$args4" "$args5" "$args6" ;;
(8) set -- "$args0" "$args1" "$args2" "$args3" "$args4" "$args5" "$args6" "$args7" ;;
(9) set -- "$args0" "$args1" "$args2" "$args3" "$args4" "$args5" "$args6" "$args7" "$args8" ;;
esac
fi
# Escape application args
save ( ) {
for i do printf %s\\n "$i" | sed "s/'/'\\\\''/g;1s/^/'/;\$s/\$/' \\\\/" ; done
echo " "
}
APP_ARGS=$(save "$@")
# Collect all arguments for the java command, following the shell quoting and substitution rules
eval set -- $DEFAULT_JVM_OPTS $JAVA_OPTS $GRADLE_OPTS "\"-Dorg.gradle.appname=$APP_BASE_NAME\"" -classpath "\"$CLASSPATH\"" org.gradle.wrapper.GradleWrapperMain "$APP_ARGS"
# by default we should be in the correct project dir, but when run from Finder on Mac, the cwd is wrong
if [ "$(uname)" = "Darwin" ] && [ "$HOME" = "$PWD" ]; then
cd "$(dirname "$0")"
fi
exec "$JAVACMD" "$@"

84
ziptools/zipsigner/gradlew.bat vendored Normal file
View File

@@ -0,0 +1,84 @@
@if "%DEBUG%" == "" @echo off
@rem ##########################################################################
@rem
@rem Gradle startup script for Windows
@rem
@rem ##########################################################################
@rem Set local scope for the variables with windows NT shell
if "%OS%"=="Windows_NT" setlocal
set DIRNAME=%~dp0
if "%DIRNAME%" == "" set DIRNAME=.
set APP_BASE_NAME=%~n0
set APP_HOME=%DIRNAME%
@rem Add default JVM options here. You can also use JAVA_OPTS and GRADLE_OPTS to pass JVM options to this script.
set DEFAULT_JVM_OPTS=
@rem Find java.exe
if defined JAVA_HOME goto findJavaFromJavaHome
set JAVA_EXE=java.exe
%JAVA_EXE% -version >NUL 2>&1
if "%ERRORLEVEL%" == "0" goto init
echo.
echo ERROR: JAVA_HOME is not set and no 'java' command could be found in your PATH.
echo.
echo Please set the JAVA_HOME variable in your environment to match the
echo location of your Java installation.
goto fail
:findJavaFromJavaHome
set JAVA_HOME=%JAVA_HOME:"=%
set JAVA_EXE=%JAVA_HOME%/bin/java.exe
if exist "%JAVA_EXE%" goto init
echo.
echo ERROR: JAVA_HOME is set to an invalid directory: %JAVA_HOME%
echo.
echo Please set the JAVA_HOME variable in your environment to match the
echo location of your Java installation.
goto fail
:init
@rem Get command-line arguments, handling Windows variants
if not "%OS%" == "Windows_NT" goto win9xME_args
:win9xME_args
@rem Slurp the command line arguments.
set CMD_LINE_ARGS=
set _SKIP=2
:win9xME_args_slurp
if "x%~1" == "x" goto execute
set CMD_LINE_ARGS=%*
:execute
@rem Setup the command line
set CLASSPATH=%APP_HOME%\gradle\wrapper\gradle-wrapper.jar
@rem Execute Gradle
"%JAVA_EXE%" %DEFAULT_JVM_OPTS% %JAVA_OPTS% %GRADLE_OPTS% "-Dorg.gradle.appname=%APP_BASE_NAME%" -classpath "%CLASSPATH%" org.gradle.wrapper.GradleWrapperMain %CMD_LINE_ARGS%
:end
@rem End local scope for the variables with windows NT shell
if "%ERRORLEVEL%"=="0" goto mainEnd
:fail
rem Set variable GRADLE_EXIT_CONSOLE if you need the _script_ return code instead of
rem the _cmd.exe /c_ return code!
if not "" == "%GRADLE_EXIT_CONSOLE%" exit 1
exit /b 1
:mainEnd
if "%OS%"=="Windows_NT" endlocal
:omega

4
ziptools/zipsigner/settings.gradle Normal file
View File

@@ -0,0 +1,4 @@
rootProject.name = 'zipsigner'
include 'apksigner'
rootProject.name = 'zipsigner'

Some files were not shown because too many files have changed in this diff Show More