TheArchive/Magisk
1
0
Fork 0
mirror of https://github.com/topjohnwu/Magisk.git synced 2025-08-14 15:17:32 +00:00
Code Issues Packages Projects Releases Wiki Activity

Compare commits

base: TheArchive:v24.1
Branches Tags
TheArchive:master TheArchive:dev
TheArchive:canary-28101 TheArchive:v28.1 TheArchive:canary-28003 TheArchive:canary-28002 TheArchive:canary-28001 TheArchive:v28.0 TheArchive:canary-27008 TheArchive:canary-27007 TheArchive:canary-27006 TheArchive:canary-27005 TheArchive:v27.0 TheArchive:v26.4 TheArchive:v26.3 TheArchive:v26.2 TheArchive:v26.1 TheArchive:v26.0 TheArchive:v25.2 TheArchive:v25.1 TheArchive:v25.0 TheArchive:v24.3 TheArchive:v24.2 TheArchive:v24.1 TheArchive:v24.0 TheArchive:v23.0 TheArchive:v22.1 TheArchive:v22.0 TheArchive:manager-v8.0.7 TheArchive:v21.4 TheArchive:manager-v8.0.6 TheArchive:v21.3 TheArchive:manager-v8.0.5 TheArchive:manager-v8.0.4 TheArchive:v21.2 TheArchive:v21.1 TheArchive:manager-v8.0.3 TheArchive:manager-v8.0.2 TheArchive:manager-v8.0.1 TheArchive:v21.0 TheArchive:manager-v8.0.0 TheArchive:v20.4 TheArchive:v20.3 TheArchive:manager-v7.5.1 TheArchive:manager-v7.5.0 TheArchive:v20.2 TheArchive:v20.1 TheArchive:manager-v7.4.0 TheArchive:v20.0 TheArchive:manager-v7.3.5 TheArchive:manager-v7.3.4 TheArchive:v19.4 TheArchive:manager-v7.3.2 TheArchive:manager-v7.3.1 TheArchive:manager-v7.3.0 TheArchive:v19.3 TheArchive:manager-v7.2.0 TheArchive:v19.2 TheArchive:manager-v7.1.2 TheArchive:v19.1 TheArchive:manager-v7.1.1 TheArchive:manager-v7.1.0 TheArchive:v19.0 TheArchive:manager-v7.0.0 TheArchive:v18.1 TheArchive:manager-v6.1.0 TheArchive:v18.0 TheArchive:v17.3 TheArchive:manager-v6.0.1 TheArchive:v17.2 TheArchive:manager-v6.0.0 TheArchive:v17.1 TheArchive:manager-v5.9.1 TheArchive:v17.0 TheArchive:manager-v5.9.0 TheArchive:v16.7 TheArchive:manager-v5.8.3 TheArchive:manager-v5.8.2 TheArchive:manager-v5.8.1 TheArchive:v16.6 TheArchive:manager-v5.8.0 TheArchive:v16.4 TheArchive:manager-v5.7.0 TheArchive:v16.3 TheArchive:manager-v5.6.4 TheArchive:v16.2 TheArchive:manager-v5.6.3 TheArchive:v16.1 TheArchive:manager-v5.6.2 TheArchive:v16.0 TheArchive:manager-v5.6.1 TheArchive:v15.4 TheArchive:manager-v5.6.0 TheArchive:v15.3 TheArchive:manager-v5.5.5 TheArchive:manager-v5.5.4 TheArchive:v15.2 TheArchive:manager-v5.5.3 TheArchive:v15.1 TheArchive:manager-v5.5.2 TheArchive:v15.0 TheArchive:manager-v5.5.1 TheArchive:v14.6 TheArchive:manager-v5.5.0 TheArchive:v14.5 TheArchive:manager-v5.4.3 TheArchive:manager-v5.4.2 TheArchive:v14.3 TheArchive:manager-v5.4.0 TheArchive:v14.2 TheArchive:manager-v5.3.5 TheArchive:v14.0 TheArchive:manager-v5.3.0 TheArchive:manager-v5.2.0 TheArchive:manager-v5.1.1 TheArchive:v13.3 TheArchive:manager-v5.1.0 TheArchive:manager-v5.0.6 TheArchive:manager-v5.0.5 TheArchive:v13.2 TheArchive:v13.1 TheArchive:manager-v5.0.4 TheArchive:manager-v4.3.3 TheArchive:manager-v4.3.2 TheArchive:manager-v4.3.1 TheArchive:manager-v4.3.0 TheArchive:v12.0 TheArchive:v11.6 TheArchive:manager-v4.2.7 TheArchive:v11.5 TheArchive:manager-v4.2.6 TheArchive:manager-v4.2.5 TheArchive:manager-v4.2 TheArchive:v11.1 TheArchive:manager-v4.1 TheArchive:manager-v4.0 TheArchive:v11.0 TheArchive:manager-v3.1 TheArchive:v10.1 TheArchive:manager-v3.0 TheArchive:v10 TheArchive:v9 TheArchive:v8 TheArchive:v7
...
compare: TheArchive:v24.2
Branches Tags
TheArchive:dev TheArchive:master
TheArchive:canary-28101 TheArchive:v28.1 TheArchive:canary-28003 TheArchive:canary-28002 TheArchive:canary-28001 TheArchive:v28.0 TheArchive:canary-27008 TheArchive:canary-27007 TheArchive:canary-27006 TheArchive:canary-27005 TheArchive:v27.0 TheArchive:v26.4 TheArchive:v26.3 TheArchive:v26.2 TheArchive:v26.1 TheArchive:v26.0 TheArchive:v25.2 TheArchive:v25.1 TheArchive:v25.0 TheArchive:v24.3 TheArchive:v24.2 TheArchive:v24.1 TheArchive:v24.0 TheArchive:v23.0 TheArchive:v22.1 TheArchive:v22.0 TheArchive:manager-v8.0.7 TheArchive:v21.4 TheArchive:manager-v8.0.6 TheArchive:v21.3 TheArchive:manager-v8.0.5 TheArchive:manager-v8.0.4 TheArchive:v21.2 TheArchive:v21.1 TheArchive:manager-v8.0.3 TheArchive:manager-v8.0.2 TheArchive:manager-v8.0.1 TheArchive:v21.0 TheArchive:manager-v8.0.0 TheArchive:v20.4 TheArchive:v20.3 TheArchive:manager-v7.5.1 TheArchive:manager-v7.5.0 TheArchive:v20.2 TheArchive:v20.1 TheArchive:manager-v7.4.0 TheArchive:v20.0 TheArchive:manager-v7.3.5 TheArchive:manager-v7.3.4 TheArchive:v19.4 TheArchive:manager-v7.3.2 TheArchive:manager-v7.3.1 TheArchive:manager-v7.3.0 TheArchive:v19.3 TheArchive:manager-v7.2.0 TheArchive:v19.2 TheArchive:manager-v7.1.2 TheArchive:v19.1 TheArchive:manager-v7.1.1 TheArchive:manager-v7.1.0 TheArchive:v19.0 TheArchive:manager-v7.0.0 TheArchive:v18.1 TheArchive:manager-v6.1.0 TheArchive:v18.0 TheArchive:v17.3 TheArchive:manager-v6.0.1 TheArchive:v17.2 TheArchive:manager-v6.0.0 TheArchive:v17.1 TheArchive:manager-v5.9.1 TheArchive:v17.0 TheArchive:manager-v5.9.0 TheArchive:v16.7 TheArchive:manager-v5.8.3 TheArchive:manager-v5.8.2 TheArchive:manager-v5.8.1 TheArchive:v16.6 TheArchive:manager-v5.8.0 TheArchive:v16.4 TheArchive:manager-v5.7.0 TheArchive:v16.3 TheArchive:manager-v5.6.4 TheArchive:v16.2 TheArchive:manager-v5.6.3 TheArchive:v16.1 TheArchive:manager-v5.6.2 TheArchive:v16.0 TheArchive:manager-v5.6.1 TheArchive:v15.4 TheArchive:manager-v5.6.0 TheArchive:v15.3 TheArchive:manager-v5.5.5 TheArchive:manager-v5.5.4 TheArchive:v15.2 TheArchive:manager-v5.5.3 TheArchive:v15.1 TheArchive:manager-v5.5.2 TheArchive:v15.0 TheArchive:manager-v5.5.1 TheArchive:v14.6 TheArchive:manager-v5.5.0 TheArchive:v14.5 TheArchive:manager-v5.4.3 TheArchive:manager-v5.4.2 TheArchive:v14.3 TheArchive:manager-v5.4.0 TheArchive:v14.2 TheArchive:manager-v5.3.5 TheArchive:v14.0 TheArchive:manager-v5.3.0 TheArchive:manager-v5.2.0 TheArchive:manager-v5.1.1 TheArchive:v13.3 TheArchive:manager-v5.1.0 TheArchive:manager-v5.0.6 TheArchive:manager-v5.0.5 TheArchive:v13.2 TheArchive:v13.1 TheArchive:manager-v5.0.4 TheArchive:manager-v4.3.3 TheArchive:manager-v4.3.2 TheArchive:manager-v4.3.1 TheArchive:manager-v4.3.0 TheArchive:v12.0 TheArchive:v11.6 TheArchive:manager-v4.2.7 TheArchive:v11.5 TheArchive:manager-v4.2.6 TheArchive:manager-v4.2.5 TheArchive:manager-v4.2 TheArchive:v11.1 TheArchive:manager-v4.1 TheArchive:manager-v4.0 TheArchive:v11.0 TheArchive:manager-v3.1 TheArchive:v10.1 TheArchive:manager-v3.0 TheArchive:v10 TheArchive:v9 TheArchive:v8 TheArchive:v7

83 Commits
v24.1 ... v24.2

Author SHA1 Message Date
topjohnwu
7cfce9ff7a Release Magisk v24.2 2022-03-01 23:35:56 -08:00
topjohnwu
7f088d6241 Add v24.2 release notes 2022-03-01 23:26:44 -08:00
vvb2060
d11038f3de Directly stream apk into install session 2022-03-01 23:05:06 -08:00
vvb2060
6df42a4be7 Handle install failure 2022-03-01 23:05:06 -08:00
Francesco Saltori
7fd111b91f Bring English strings changes to Italian translation 2022-03-01 22:51:07 -08:00
Sirichai Chulee
dd7dc2ec5a Fix typo in thai translation 2022-03-01 22:50:37 -08:00
Vladimír Kubala
86c586d882 Update Slovak translation 2022-03-01 22:50:12 -08:00
Arbri çoçka
66ac6f72fc update Albania translator 2022-03-01 22:49:44 -08:00
CDzungx
f21f448099 Update Vietnamese Translation 
Fix, added some translations.
Added note for technicality word in case user don't know the word mean in English like "boot image", "image" is translated to "đĩa ảnh", I can't really understand it if I use Vietnamese lang 😂.
 2022-03-01 22:49:29 -08:00
topjohnwu
548d70f30c Mount with original option 
Fix #5481, close #5486
 2022-03-01 20:09:59 -08:00
topjohnwu
39e714c6d8 Release new canary build 2022-03-01 03:44:21 -08:00
topjohnwu
9968af0785 Move all permission check into daemon.cpp 2022-03-01 03:15:38 -08:00
topjohnwu
be7586137c Reduce C++ wizardry 2022-03-01 03:15:38 -08:00
LoveSy
7999b66c3c Refactor daemon connection 2022-03-01 03:15:38 -08:00
vvb2060
c82a46c1ee Check property before switch mem cgroup 2022-02-28 23:27:23 -08:00
vvb2060
666ab1941f Fix app request fifo wait 2022-02-28 23:26:59 -08:00
topjohnwu
71e37345b4 Update libsu 2022-02-28 20:14:58 -08:00
topjohnwu
e7c82f20e3 Directly use getrandom system call if possible 2022-02-16 23:57:28 -08:00
LoveSy
afa771a980 Set dlopen reserved size to unlimited 2022-02-16 23:05:17 -08:00
vvb2060
0d1de98cca Update zh-rCN translation 2022-02-16 23:04:57 -08:00
vvb2060
02bf7dca01 Check apk before patch 2022-02-16 23:04:39 -08:00
vvb2060
8cc76b1d86 Fix restore dialog 2022-02-16 23:04:19 -08:00
vvb2060
77a275cbcd Show notification when stub is updated to full 2022-02-16 23:04:03 -08:00
vvb2060
3956cbe2d2 ActivityTracker ignore SuRequestActivity 2022-02-16 23:03:42 -08:00
vvb2060
945de8d9a0 Directly stream APK into install session 2022-02-16 23:03:32 -08:00
vvb2060
6dabd3bb2d Abandon unsuccessful session 2022-02-16 23:03:01 -08:00
topjohnwu
4c80808997 Check packages.xml inode to trigger app rescan 2022-02-14 02:57:33 -08:00
topjohnwu
5a39f7cdde Reduce duplicate initialization 2022-02-14 02:28:48 -08:00
topjohnwu
5d400fbe90 Check REQUEST_INSTALL_PACKAGES before actions 2022-02-14 02:15:50 -08:00
topjohnwu
e36596470c Minor adjustments 2022-02-13 20:16:23 -08:00
topjohnwu
668e549208 Refactor APKInstall 2022-02-13 19:54:59 -08:00
topjohnwu
256ff31d11 Show notification after app upgrade 2022-02-13 18:35:35 -08:00
topjohnwu
2414d5d7f5 Minor changes 2022-02-13 14:23:06 -08:00
topjohnwu
b7fc15d399 Code refactoring 2022-02-13 07:24:34 -08:00
topjohnwu
c09b4dabc4 Generate class mapping at runtime 2022-02-13 06:22:42 -08:00
topjohnwu
a4aa4a91a3 Refactor DynLoad 2022-02-13 03:32:11 -08:00
topjohnwu
8f0ea5925a Relaunch process without second process 2022-02-13 02:58:55 -08:00
南宫雪珊
936ad1aa20 Handle download fail 
Co-authored-by: topjohnwu <topjohnwu@gmail.com>
 2022-02-13 02:30:09 -08:00
topjohnwu
d021bca6ef Prevent app_process from setting umask 
Fix #5435
 2022-02-11 01:26:24 -08:00
topjohnwu
55ed6109c1 Use dynamic_bitset.emplace_back() 2022-02-11 01:10:26 -08:00
vvb2060
f6d765bf81 Su request activity has no affinity for any task 2022-02-11 01:08:04 -08:00
LoveSy
88e8f2bf83 Proper escape : and \ when binding intent 2022-02-11 01:07:28 -08:00
LoveSy
c849759682 Use magiskboot to patch avd 
Fix #5421
 2022-02-11 00:25:07 -08:00
topjohnwu
605eae21bc Remove unnecessary read/write 
Close #5425
 2022-02-11 00:24:12 -08:00
topjohnwu
93eb277a88 Update error messages 2022-02-11 00:01:51 -08:00
LoveSy
8edf556c9e Fix lz4_lg compress 2022-02-10 23:50:19 -08:00
topjohnwu
7fcb63230f Support lz4_legacy archive with multiple magic 
Multiple lz4_legacy archives can be directly concatenated
 2022-02-10 23:49:17 -08:00
LoveSy
12093a3dad Update elf-cleaner 2022-02-08 00:53:02 -08:00
canyie
ebb0ec6c42 Make xmmap() returns nullptr when fails 
In the constructor of mmap_data, there are two possible values when fails: nullptr if fstat() fails, and MAP_FAILED if mmap() fails, but mmap_data treated MAP_FAILED as valid address and crashes.
 2022-02-08 00:49:47 -08:00
LoveSy
188546515c Fix UID tracking 2022-02-08 00:49:22 -08:00
topjohnwu
c8990b0f68 Rewrite UID tracking 2022-02-07 02:46:47 -08:00
topjohnwu
7dced4b9d9 Update AGP 2022-02-07 00:19:36 -08:00
topjohnwu
3145e67feb Update data structure 2022-02-07 00:17:07 -08:00
topjohnwu
e9348d9b6a Release new canary build 2022-02-06 07:19:27 -08:00
topjohnwu
1a1b346c05 Fix #5377 2022-02-06 07:12:26 -08:00
Donatello
920d059837 Update italian translation 
Added missing string.

Co-authored-by: Madis Otenurm <Madis0@users.noreply.github.com>
 2022-02-06 06:51:49 -08:00
xDonatello
bef5c3bd1b Update italian translation 2022-02-06 06:51:49 -08:00
Madis Otenurm
97037f7d03 Update strings.xml 2022-02-06 06:51:11 -08:00
topjohnwu
a7392ed3d7 Fix MULTIUSER_MODE_OWNER_MANAGED 2022-02-06 06:46:09 -08:00
Madis Otenurm
3eb1a7e384 Update Estonian 2022-02-06 05:59:09 -08:00
Arbri çoçka
1ecdc78c2f fix translante in Albania language 2022-02-06 05:58:39 -08:00
孟武.尼德霍格.龍
d279dba37e Update Traditional Chinese Strings 
Co-authored-by: LoveSy <631499712@qq.com>
 2022-02-06 05:58:03 -08:00
topjohnwu
a4f97fa151 Fix buffer overflow in connect.cpp 2022-02-06 05:52:11 -08:00
LoveSy
ff7ac582f0 Refactor Zygisk loading 
Co-authored-by: topjohnwu <topjohnwu@gmail.com>
 2022-02-06 00:27:31 -08:00
LoveSy
d2c2456fbe Don't use getmntent_r from system's libc 
Fix #5354

Co-authored-by: topjohnwu <topjohnwu@gmail.com>
 2022-02-04 23:19:12 -08:00
LoveSy
e9f562a8b7 Fix abuse of fdopendir 
After `fdopendir`, the fd is no longer usable. Should dup and
make use of RAII

Co-authored-by: 残页 <31466456+canyie@users.noreply.github.com>
 2022-02-04 22:54:34 -08:00
topjohnwu
084e0a73dc Cleanup DownloadService 2022-02-03 03:50:52 -08:00
topjohnwu
10f991b8d0 Directly stream APK into install session 2022-02-03 03:50:52 -08:00
残页
79620c97d1 Invalidate Samsung's persist.sys.zygote.early 
Samsung FDE devices with the "persist.sys.zygote.early=true" property will cause Zygote to start before post-fs-data. According to Magisk's document, the post-fs-data phase should always happen before Zygote is started. Features assuming this behavior (like Zygisk and modules that need to control zygote) will not work. To avoid breaking existing modules, we simply invalidate this property to prevent this non-standard behavior from happening

Fix #5299, fix #5328, fix #5308

Co-authored-by: LoveSy <shana@zju.edu.cn>
 2022-02-03 00:46:52 -08:00
topjohnwu
ffec9a4ddd Minor changes 2022-02-02 05:06:12 -08:00
topjohnwu
9b18960bbd Getting APK doesn't need ContentProvider 2022-02-02 04:58:31 -08:00
topjohnwu
a009fdbdc3 Fix root service on stub 2022-02-02 04:49:23 -08:00
topjohnwu
c1fc3f373c Proper app relaunch for stub 2022-02-02 04:44:22 -08:00
topjohnwu
f4cf5dc0cd Rename class 2022-02-02 02:50:27 -08:00
topjohnwu
355341f0ab Use AppComponentFactory to replace ClassLoader 2022-02-01 22:43:44 -08:00
topjohnwu
7f65f7d3ca Separate libc.a hacks into its own component 2022-01-31 02:09:08 -08:00
topjohnwu
9fa096c6f4 Add runtime FORTIFY support 
Gingerbread libc.a missing symbols
 2022-01-31 01:49:37 -08:00
LoveSy
70415a396a Do not filter uid == 1000 for process info 2022-01-30 08:25:24 -08:00
canyie
c921964938 Make sure busybox can be executed recursively 
Busybox will execute itself. On some older Samsung devices, when it is located in /data, it will not have rights to execute other programs including itself. We should also relocate busybox in this case to workaround Samsung bullshit.
See topjohnwu/ndk-busybox@bdc8655
Fix the "app doesn't detect installed Magisk" issue in topjohnwu#4174
 2022-01-30 08:24:32 -08:00
topjohnwu
3bf47a6838 Update selinux 2022-01-30 08:18:04 -08:00
topjohnwu
d3d28f0623 Update to NDK r23b 
Credits: @yujincheng08

Close #5193
 2022-01-30 07:11:51 -08:00
topjohnwu
f880b57544 Update README 2022-01-28 04:02:57 -08:00
topjohnwu
32b7a26fa6 Release new canary build 2022-01-28 03:58:53 -08:00
116 changed files with 2301 additions and 1566 deletions
Expand all files Collapse all files

4
README.MD
View File

@@ -18,8 +18,8 @@ Some highlight features:
[Github](https://github.com/topjohnwu/Magisk/) is the only source where you can get official Magisk information and downloads.
[![](https://img.shields.io/badge/Magisk-v23.0-blue)](https://github.com/topjohnwu/Magisk/releases/tag/v23.0)
[![](https://img.shields.io/badge/Magisk%20Beta-v24.0-blue)](https://github.com/topjohnwu/Magisk/releases/tag/v24.0)
[![](https://img.shields.io/badge/Magisk-v24.1-blue)](https://github.com/topjohnwu/Magisk/releases/tag/v24.1)
[![](https://img.shields.io/badge/Magisk%20Beta-v24.1-blue)](https://github.com/topjohnwu/Magisk/releases/tag/v24.1)
[![](https://img.shields.io/badge/Magisk-Canary-red)](https://raw.githubusercontent.com/topjohnwu/magisk-files/canary/app-debug.apk)
## Useful Links

2
app/build.gradle.kts
View File

@@ -86,7 +86,7 @@ dependencies {
implementation("${bindingAdapter}:${vBAdapt}")
implementation("${bindingAdapter}-recyclerview:${vBAdapt}")
val vLibsu = "3.2.1"
val vLibsu = "4.0.0"
implementation("com.github.topjohnwu.libsu:core:${vLibsu}")
implementation("com.github.topjohnwu.libsu:io:${vLibsu}")
implementation("com.github.topjohnwu.libsu:service:${vLibsu}")

38
app/shared/src/main/java/com/topjohnwu/magisk/DynAPK.java → app/shared/src/main/java/com/topjohnwu/magisk/StubApk.java
View File

@@ -2,7 +2,10 @@ package com.topjohnwu.magisk;
import static android.os.Build.VERSION.SDK_INT;
import android.app.Activity;
import android.content.Context;
import android.content.Intent;
import android.content.pm.ApplicationInfo;
import android.content.res.AssetManager;
import java.io.File;
@@ -12,28 +15,39 @@ import java.util.Map;
import io.michaelrocks.paranoid.Obfuscate;
@Obfuscate
public class DynAPK {
public class StubApk {
private static File dynDir;
private static Method addAssetPath;
private static File getDynDir(Context c) {
private static File getDynDir(ApplicationInfo info) {
if (dynDir == null) {
final String dataDir;
if (SDK_INT >= 24) {
// Use protected context to allow directBootAware
c = c.createDeviceProtectedStorageContext();
// Use device protected path to allow directBootAware
dataDir = info.deviceProtectedDataDir;
} else {
dataDir = info.dataDir;
}
dynDir = new File(c.getFilesDir().getParent(), "dyn");
dynDir.mkdir();
dynDir = new File(dataDir, "dyn");
dynDir.mkdirs();
}
return dynDir;
}
public static File current(Context c) {
return new File(getDynDir(c), "current.apk");
return new File(getDynDir(c.getApplicationInfo()), "current.apk");
}
public static File current(ApplicationInfo info) {
return new File(getDynDir(info), "current.apk");
}
public static File update(Context c) {
return new File(getDynDir(c), "update.apk");
return new File(getDynDir(c.getApplicationInfo()), "update.apk");
}
public static File update(ApplicationInfo info) {
return new File(getDynDir(info), "update.apk");
}
public static void addAssetPath(AssetManager asset, String path) {
@@ -44,6 +58,14 @@ public class DynAPK {
} catch (Exception ignored) {}
}
public static void restartProcess(Activity activity) {
Intent intent = activity.getPackageManager()
.getLaunchIntentForPackage(activity.getPackageName());
activity.finishAffinity();
activity.startActivity(intent);
Runtime.getRuntime().exit(0);
}
public static class Data {
// Indices of the object array
private static final int STUB_VERSION = 0;

169
app/shared/src/main/java/com/topjohnwu/magisk/utils/APKInstall.java
View File

@@ -1,5 +1,6 @@
package com.topjohnwu.magisk.utils;
import static android.content.pm.PackageInstaller.EXTRA_SESSION_ID;
import static android.content.pm.PackageInstaller.EXTRA_STATUS;
import static android.content.pm.PackageInstaller.STATUS_FAILURE_INVALID;
import static android.content.pm.PackageInstaller.STATUS_PENDING_USER_ACTION;
@@ -10,17 +11,17 @@ import android.content.BroadcastReceiver;
import android.content.Context;
import android.content.Intent;
import android.content.IntentFilter;
import android.content.pm.PackageInstaller.Session;
import android.content.pm.PackageInstaller.SessionParams;
import android.net.Uri;
import android.os.Build;
import android.util.Log;
import java.io.File;
import java.io.FileInputStream;
import java.io.FilterOutputStream;
import java.io.IOException;
import java.io.InputStream;
import java.io.OutputStream;
import java.util.UUID;
import java.util.concurrent.CountDownLatch;
import java.util.concurrent.TimeUnit;
@@ -28,29 +29,6 @@ import io.michaelrocks.paranoid.Obfuscate;
@Obfuscate
public final class APKInstall {
// @WorkerThread
public static void installapk(Context context, File apk) {
//noinspection InlinedApi
var flag = PendingIntent.FLAG_UPDATE_CURRENT | PendingIntent.FLAG_MUTABLE;
var action = APKInstall.class.getName();
var intent = new Intent(action).setPackage(context.getPackageName());
var pending = PendingIntent.getBroadcast(context, 0, intent, flag);
var installer = context.getPackageManager().getPackageInstaller();
var params = new SessionParams(SessionParams.MODE_FULL_INSTALL);
if (Build.VERSION.SDK_INT >= Build.VERSION_CODES.S) {
params.setRequireUserAction(SessionParams.USER_ACTION_NOT_REQUIRED);
}
try (Session session = installer.openSession(installer.createSession(params))) {
OutputStream out = session.openWrite(apk.getName(), 0, apk.length());
try (var in = new FileInputStream(apk); out) {
transfer(in, out);
}
session.commit(pending.getIntentSender());
} catch (IOException e) {
Log.e(APKInstall.class.getSimpleName(), "", e);
}
}
public static void transfer(InputStream in, OutputStream out) throws IOException {
int size = 8192;
@@ -61,61 +39,136 @@ public final class APKInstall {
}
}
public static InstallReceiver register(Context context, String packageName, Runnable onSuccess) {
var receiver = new InstallReceiver(context, packageName, onSuccess);
var filter = new IntentFilter(Intent.ACTION_PACKAGE_ADDED);
filter.addDataScheme("package");
context.registerReceiver(receiver, filter);
context.registerReceiver(receiver, new IntentFilter(APKInstall.class.getName()));
public static Session startSession(Context context) {
return startSession(context, null, null, null);
}
public static Session startSession(Context context, String pkg,
Runnable onFailure, Runnable onSuccess) {
var receiver = new InstallReceiver(pkg, onSuccess, onFailure);
context = context.getApplicationContext();
if (pkg != null) {
// If pkg is not null, look for package added event
var filter = new IntentFilter(Intent.ACTION_PACKAGE_ADDED);
filter.addDataScheme("package");
context.registerReceiver(receiver, filter);
}
context.registerReceiver(receiver, new IntentFilter(receiver.sessionId));
return receiver;
}
public static class InstallReceiver extends BroadcastReceiver {
private final Context context;
public interface Session {
// @WorkerThread
OutputStream openStream(Context context) throws IOException;
// @WorkerThread
void install(Context context, File apk) throws IOException;
// @WorkerThread @Nullable
Intent waitIntent();
}
private static class InstallReceiver extends BroadcastReceiver implements Session {
private final String packageName;
private final Runnable onSuccess;
private final Runnable onFailure;
private final CountDownLatch latch = new CountDownLatch(1);
private Intent intent = null;
private Intent userAction = null;
private InstallReceiver(Context context, String packageName, Runnable onSuccess) {
this.context = context;
final String sessionId = UUID.randomUUID().toString();
private InstallReceiver(String packageName, Runnable onSuccess, Runnable onFailure) {
this.packageName = packageName;
this.onSuccess = onSuccess;
this.onFailure = onFailure;
}
@Override
public void onReceive(Context c, Intent i) {
if (Intent.ACTION_PACKAGE_ADDED.equals(i.getAction())) {
Uri data = i.getData();
if (data == null || onSuccess == null) return;
public void onReceive(Context context, Intent intent) {
if (Intent.ACTION_PACKAGE_ADDED.equals(intent.getAction())) {
Uri data = intent.getData();
if (data == null)
return;
String pkg = data.getSchemeSpecificPart();
if (pkg.equals(packageName)) {
onSuccess.run();
context.unregisterReceiver(this);
onSuccess(context);
}
return;
} else if (sessionId.equals(intent.getAction())) {
int status = intent.getIntExtra(EXTRA_STATUS, STATUS_FAILURE_INVALID);
switch (status) {
case STATUS_PENDING_USER_ACTION:
userAction = intent.getParcelableExtra(Intent.EXTRA_INTENT);
break;
case STATUS_SUCCESS:
if (packageName == null) {
onSuccess(context);
}
break;
default:
int id = intent.getIntExtra(EXTRA_SESSION_ID, 0);
if (id > 0) {
var installer = context.getPackageManager().getPackageInstaller();
var info = installer.getSessionInfo(id);
if (info != null) {
installer.abandonSession(info.getSessionId());
}
}
if (onFailure != null) {
onFailure.run();
}
context.getApplicationContext().unregisterReceiver(this);
}
latch.countDown();
}
int status = i.getIntExtra(EXTRA_STATUS, STATUS_FAILURE_INVALID);
switch (status) {
case STATUS_PENDING_USER_ACTION:
intent = i.getParcelableExtra(Intent.EXTRA_INTENT);
break;
case STATUS_SUCCESS:
if (onSuccess != null) onSuccess.run();
default:
context.unregisterReceiver(this);
}
latch.countDown();
}
// @WorkerThread @Nullable
private void onSuccess(Context context) {
if (onSuccess != null)
onSuccess.run();
context.getApplicationContext().unregisterReceiver(this);
}
@Override
public Intent waitIntent() {
try {
//noinspection ResultOfMethodCallIgnored
// noinspection ResultOfMethodCallIgnored
latch.await(5, TimeUnit.SECONDS);
} catch (Exception ignored) {
} catch (Exception ignored) {}
return userAction;
}
@Override
public OutputStream openStream(Context context) throws IOException {
// noinspection InlinedApi
var flag = PendingIntent.FLAG_UPDATE_CURRENT | PendingIntent.FLAG_MUTABLE;
var intent = new Intent(sessionId).setPackage(context.getPackageName());
var pending = PendingIntent.getBroadcast(context, 0, intent, flag);
var installer = context.getPackageManager().getPackageInstaller();
var params = new SessionParams(SessionParams.MODE_FULL_INSTALL);
if (Build.VERSION.SDK_INT >= Build.VERSION_CODES.S) {
params.setRequireUserAction(SessionParams.USER_ACTION_NOT_REQUIRED);
}
var session = installer.openSession(installer.createSession(params));
var out = session.openWrite(sessionId, 0, -1);
return new FilterOutputStream(out) {
@Override
public void write(byte[] b, int off, int len) throws IOException {
out.write(b, off, len);
}
@Override
public void close() throws IOException {
super.close();
session.commit(pending.getIntentSender());
session.close();
}
};
}
@Override
public void install(Context context, File apk) throws IOException {
try (var src = new FileInputStream(apk);
var out = openStream(context)) {
transfer(src, out);
}
return intent;
}
}
}

2
app/src/main/AndroidManifest.xml
View File

@@ -31,6 +31,7 @@
android:directBootAware="true"
android:excludeFromRecents="true"
android:exported="false"
android:taskAffinity=""
tools:ignore="AppLinkUrlError">
<intent-filter>
<action android:name="android.intent.action.VIEW" />
@@ -45,6 +46,7 @@
<intent-filter>
<action android:name="android.intent.action.LOCALE_CHANGED" />
<action android:name="android.intent.action.UID_REMOVED" />
<action android:name="android.intent.action.MY_PACKAGE_REPLACED" />
</intent-filter>
<intent-filter>
<action android:name="android.intent.action.PACKAGE_REPLACED" />

70
app/src/main/java/com/topjohnwu/magisk/arch/BaseMainActivity.kt
View File

@@ -1,23 +1,27 @@
package com.topjohnwu.magisk.arch
import android.content.Context
import android.content.Intent
import android.net.Uri
import android.Manifest.permission.REQUEST_INSTALL_PACKAGES
import android.annotation.SuppressLint
import android.os.Bundle
import androidx.activity.result.contract.ActivityResultContract
import android.widget.Toast
import androidx.core.splashscreen.SplashScreen.Companion.installSplashScreen
import androidx.databinding.ViewDataBinding
import androidx.lifecycle.lifecycleScope
import com.topjohnwu.magisk.BuildConfig.APPLICATION_ID
import com.topjohnwu.magisk.R
import com.topjohnwu.magisk.core.*
import com.topjohnwu.magisk.core.Config
import com.topjohnwu.magisk.core.Const
import com.topjohnwu.magisk.core.JobService
import com.topjohnwu.magisk.core.isRunningAsStub
import com.topjohnwu.magisk.core.tasks.HideAPK
import com.topjohnwu.magisk.di.ServiceLocator
import com.topjohnwu.magisk.ui.theme.Theme
import com.topjohnwu.magisk.utils.Utils
import com.topjohnwu.magisk.view.MagiskDialog
import com.topjohnwu.magisk.view.Notifications
import com.topjohnwu.magisk.view.Shortcuts
import com.topjohnwu.superuser.Shell
import java.util.concurrent.CountDownLatch
import kotlinx.coroutines.launch
abstract class BaseMainActivity<Binding : ViewDataBinding> : NavigationActivity<Binding>() {
@@ -25,9 +29,6 @@ abstract class BaseMainActivity<Binding : ViewDataBinding> : NavigationActivity<
private var doPreload = true
}
private val latch = CountDownLatch(1)
private val uninstallPkg = registerForActivityResult(UninstallPackage) { latch.countDown() }
override fun onCreate(savedInstanceState: Bundle?) {
setTheme(Theme.selected.themeRes)
@@ -67,18 +68,28 @@ abstract class BaseMainActivity<Binding : ViewDataBinding> : NavigationActivity<
abstract fun showMainUI(savedInstanceState: Bundle?)
private fun showInvalidStateMessage() {
runOnUiThread {
MagiskDialog(this).apply {
setTitle(R.string.unsupport_nonroot_stub_title)
setMessage(R.string.unsupport_nonroot_stub_msg)
setButton(MagiskDialog.ButtonType.POSITIVE) {
text = R.string.install
onClick { HideAPK.restore(this@BaseMainActivity) }
@SuppressLint("InlinedApi")
private fun showInvalidStateMessage(): Unit = runOnUiThread {
MagiskDialog(this).apply {
setTitle(R.string.unsupport_nonroot_stub_title)
setMessage(R.string.unsupport_nonroot_stub_msg)
setButton(MagiskDialog.ButtonType.POSITIVE) {
text = R.string.install
onClick {
withPermission(REQUEST_INSTALL_PACKAGES) {
if (!it) {
Utils.toast(R.string.install_unknown_denied, Toast.LENGTH_SHORT)
showInvalidStateMessage()
} else {
lifecycleScope.launch {
HideAPK.restore(this@BaseMainActivity)
}
}
}
}
setCancelable(false)
show()
}
setCancelable(false)
show()
}
}
@@ -100,30 +111,17 @@ abstract class BaseMainActivity<Binding : ViewDataBinding> : NavigationActivity<
runCatching {
// Hidden, remove com.topjohnwu.magisk if exist as it could be malware
packageManager.getApplicationInfo(APPLICATION_ID, 0)
Shell.su("(pm uninstall $APPLICATION_ID)& >/dev/null 2>&1").exec()
Shell.cmd("(pm uninstall $APPLICATION_ID)& >/dev/null 2>&1").exec()
}
} else {
if (Config.suManager.isNotEmpty())
Config.suManager = ""
pkg ?: return
if (!Shell.su("(pm uninstall $pkg)& >/dev/null 2>&1").exec().isSuccess) {
uninstallPkg.launch(pkg)
// Wait for the uninstallation to finish
latch.await()
if (!Shell.cmd("(pm uninstall $pkg)& >/dev/null 2>&1").exec().isSuccess) {
// Uninstall through Android API
uninstallAndWait(pkg)
}
}
}
object UninstallPackage : ActivityResultContract<String, Boolean>() {
@Suppress("DEPRECATION")
override fun createIntent(context: Context, input: String): Intent {
val uri = Uri.Builder().scheme("package").opaquePart(input).build()
val intent = Intent(Intent.ACTION_UNINSTALL_PACKAGE, uri)
intent.putExtra(Intent.EXTRA_RETURN_RESULT, true)
return intent
}
override fun parseResult(resultCode: Int, intent: Intent?) = resultCode == RESULT_OK
}
}

17
app/src/main/java/com/topjohnwu/magisk/arch/BaseViewModel.kt
View File

@@ -1,6 +1,8 @@
package com.topjohnwu.magisk.arch
import android.Manifest
import android.Manifest.permission.REQUEST_INSTALL_PACKAGES
import android.Manifest.permission.WRITE_EXTERNAL_STORAGE
import android.annotation.SuppressLint
import androidx.annotation.CallSuper
import androidx.databinding.Bindable
import androidx.databinding.Observable
@@ -78,7 +80,7 @@ abstract class BaseViewModel(
}
inline fun withExternalRW(crossinline callback: () -> Unit) {
withPermission(Manifest.permission.WRITE_EXTERNAL_STORAGE) {
withPermission(WRITE_EXTERNAL_STORAGE) {
if (!it) {
SnackbarEvent(R.string.external_rw_permission_denied).publish()
} else {
@@ -87,6 +89,17 @@ abstract class BaseViewModel(
}
}
@SuppressLint("InlinedApi")
inline fun withInstallPermission(crossinline callback: () -> Unit) {
withPermission(REQUEST_INSTALL_PACKAGES) {
if (!it) {
SnackbarEvent(R.string.install_unknown_denied).publish()
} else {
callback()
}
}
}
fun back() = BackPressEvent().publish()
fun <Event : ViewEvent> Event.publish() {

8
app/src/main/java/com/topjohnwu/magisk/arch/UIActivity.kt
View File

@@ -10,6 +10,7 @@ import androidx.core.content.res.use
import androidx.core.view.WindowCompat
import androidx.databinding.DataBindingUtil
import androidx.databinding.ViewDataBinding
import com.google.android.material.snackbar.Snackbar
import com.topjohnwu.magisk.BR
import com.topjohnwu.magisk.core.Config
import com.topjohnwu.magisk.core.base.BaseActivity
@@ -74,6 +75,13 @@ abstract class UIActivity<Binding : ViewDataBinding> : BaseActivity(), ViewModel
binding.root.rootView.accessibilityDelegate = delegate
}
fun showSnackbar(
message: CharSequence,
length: Int = Snackbar.LENGTH_SHORT,
builder: Snackbar.() -> Unit = {}
) = Snackbar.make(snackbarView, message, length)
.setAnchorView(snackbarAnchorView).apply(builder).show()
override fun onResume() {
super.onResume()
viewModel.requestRefresh()

13
app/src/main/java/com/topjohnwu/magisk/core/App.kt
View File

@@ -6,9 +6,10 @@ import android.app.Application
import android.content.Context
import android.content.res.Configuration
import android.os.Bundle
import com.topjohnwu.magisk.DynAPK
import com.topjohnwu.magisk.StubApk
import com.topjohnwu.magisk.core.utils.*
import com.topjohnwu.magisk.di.ServiceLocator
import com.topjohnwu.magisk.ui.surequest.SuRequestActivity
import com.topjohnwu.superuser.Shell
import com.topjohnwu.superuser.internal.UiThreadHandler
import com.topjohnwu.superuser.ipc.RootService
@@ -19,7 +20,7 @@ import kotlin.system.exitProcess
open class App() : Application() {
constructor(o: Any) : this() {
val data = DynAPK.Data(o)
val data = StubApk.Data(o)
// Add the root service name mapping
data.classToComponent[RootRegistry::class.java.name] = data.rootService.name
// Send back the actual root service class
@@ -58,7 +59,7 @@ open class App() : Application() {
refreshLocale()
AppApkPath = if (isRunningAsStub) {
DynAPK.current(base).path
StubApk.current(base).path
} else {
base.packageResourcePath
}
@@ -69,7 +70,7 @@ open class App() : Application() {
override fun onCreate() {
super.onCreate()
RootRegistry.bindTask = RootService.createBindTask(
RootRegistry.bindTask = RootService.bindOrTask(
intent<RootRegistry>(),
UiThreadHandler.executor,
RootRegistry.Connection
@@ -91,13 +92,13 @@ object ActivityTracker : Application.ActivityLifecycleCallbacks {
@Volatile
var foreground: Activity? = null
val hasForeground get() = foreground != null
override fun onActivityResumed(activity: Activity) {
if (activity is SuRequestActivity) return
foreground = activity
}
override fun onActivityPaused(activity: Activity) {
if (activity is SuRequestActivity) return
foreground = null
}

2
app/src/main/java/com/topjohnwu/magisk/core/Const.kt
View File

@@ -37,8 +37,6 @@ object Const {
object ID {
const val JOB_SERVICE_ID = 7
const val UPDATE_NOTIFICATION_CHANNEL = "update"
const val PROGRESS_NOTIFICATION_CHANNEL = "progress"
}
object Url {

4
app/src/main/java/com/topjohnwu/magisk/core/Hacks.kt
View File

@@ -11,14 +11,14 @@ import android.content.res.AssetManager
import android.content.res.Configuration
import android.content.res.Resources
import android.util.DisplayMetrics
import com.topjohnwu.magisk.DynAPK
import com.topjohnwu.magisk.R
import com.topjohnwu.magisk.StubApk
import com.topjohnwu.magisk.core.utils.syncLocale
import com.topjohnwu.magisk.di.AppContext
lateinit var AppApkPath: String
fun AssetManager.addAssetPath(path: String) = DynAPK.addAssetPath(this, path)
fun AssetManager.addAssetPath(path: String) = StubApk.addAssetPath(this, path)
fun Context.wrap(): Context = if (this is PatchedContext) this else PatchedContext(this)

4
app/src/main/java/com/topjohnwu/magisk/core/Info.kt
View File

@@ -2,7 +2,7 @@ package com.topjohnwu.magisk.core
import android.os.Build
import androidx.databinding.ObservableBoolean
import com.topjohnwu.magisk.DynAPK
import com.topjohnwu.magisk.StubApk
import com.topjohnwu.magisk.core.model.UpdateInfo
import com.topjohnwu.magisk.core.utils.net.NetworkObserver
import com.topjohnwu.magisk.data.repository.NetworkService
@@ -16,7 +16,7 @@ val isRunningAsStub get() = Info.stub != null
object Info {
var stub: DynAPK.Data? = null
var stub: StubApk.Data? = null
val EMPTY_REMOTE = UpdateInfo()
var remote = EMPTY_REMOTE

14
app/src/main/java/com/topjohnwu/magisk/core/JobService.kt
View File

@@ -23,16 +23,20 @@ class JobService : BaseJobService() {
override fun onStartJob(params: JobParameters): Boolean {
val coroutineScope = CoroutineScope(Dispatchers.IO + job)
coroutineScope.launch {
svc.fetchUpdate()?.run {
Info.remote = this
if (Info.env.isActive && BuildConfig.VERSION_CODE < magisk.versionCode)
Notifications.managerUpdate(this@JobService)
}
doWork()
jobFinished(params, false)
}
return false
}
private suspend fun doWork() {
svc.fetchUpdate()?.let {
Info.remote = it
if (Info.env.isActive && BuildConfig.VERSION_CODE < it.magisk.versionCode)
Notifications.updateAvailable(this)
}
}
override fun onStopJob(params: JobParameters): Boolean {
job.cancel()
return false

10
app/src/main/java/com/topjohnwu/magisk/core/Receiver.kt
View File

@@ -5,6 +5,7 @@ import android.content.ContextWrapper
import android.content.Intent
import com.topjohnwu.magisk.core.base.BaseReceiver
import com.topjohnwu.magisk.di.ServiceLocator
import com.topjohnwu.magisk.view.Notifications
import com.topjohnwu.magisk.view.Shortcuts
import com.topjohnwu.superuser.Shell
import kotlinx.coroutines.GlobalScope
@@ -42,9 +43,16 @@ open class Receiver : BaseReceiver() {
getUid(intent)?.let { rmPolicy(it) }
}
Intent.ACTION_PACKAGE_FULLY_REMOVED -> {
getPkg(intent)?.let { Shell.su("magisk --denylist rm $it").submit() }
getPkg(intent)?.let { Shell.cmd("magisk --denylist rm $it").submit() }
}
Intent.ACTION_LOCALE_CHANGED -> Shortcuts.setupDynamic(context)
Intent.ACTION_MY_PACKAGE_REPLACED -> {
@Suppress("DEPRECATION")
val installer = context.packageManager.getInstallerPackageName(context.packageName)
if (installer == context.packageName) {
Notifications.updateDone(context)
}
}
}
}
}

28
app/src/main/java/com/topjohnwu/magisk/core/base/BaseActivity.kt
View File

@@ -1,5 +1,6 @@
package com.topjohnwu.magisk.core.base
import android.Manifest.permission.REQUEST_INSTALL_PACKAGES
import android.Manifest.permission.WRITE_EXTERNAL_STORAGE
import android.content.Context
import android.content.Intent
@@ -9,11 +10,16 @@ import android.os.Build
import android.os.Bundle
import androidx.activity.result.contract.ActivityResultContracts.GetContent
import androidx.activity.result.contract.ActivityResultContracts.RequestPermission
import androidx.annotation.WorkerThread
import androidx.appcompat.app.AppCompatActivity
import com.topjohnwu.magisk.core.isRunningAsStub
import com.topjohnwu.magisk.core.utils.RequestInstall
import com.topjohnwu.magisk.core.utils.UninstallPackage
import com.topjohnwu.magisk.core.utils.currentLocale
import com.topjohnwu.magisk.core.wrap
import com.topjohnwu.magisk.ktx.reflectField
import java.util.concurrent.CountDownLatch
import java.util.concurrent.TimeUnit
abstract class BaseActivity : AppCompatActivity() {
@@ -22,6 +28,10 @@ abstract class BaseActivity : AppCompatActivity() {
permissionCallback?.invoke(it)
permissionCallback = null
}
private val requestInstall = registerForActivityResult(RequestInstall()) {
permissionCallback?.invoke(it)
permissionCallback = null
}
private var contentCallback: ((Uri) -> Unit)? = null
private val getContent = registerForActivityResult(GetContent()) {
@@ -29,6 +39,11 @@ abstract class BaseActivity : AppCompatActivity() {
contentCallback = null
}
private var uninstallLatch = CountDownLatch(1)
private val uninstallPkg = registerForActivityResult(UninstallPackage()) {
uninstallLatch.countDown()
}
override fun applyOverrideConfiguration(config: Configuration?) {
// Force applying our preferred local
config?.setLocale(currentLocale)
@@ -57,7 +72,11 @@ abstract class BaseActivity : AppCompatActivity() {
return
}
permissionCallback = callback
requestPermission.launch(permission)
if (permission == REQUEST_INSTALL_PACKAGES) {
requestInstall.launch(Unit)
} else {
requestPermission.launch(permission)
}
}
fun getContent(type: String, callback: (Uri) -> Unit) {
@@ -65,6 +84,13 @@ abstract class BaseActivity : AppCompatActivity() {
getContent.launch(type)
}
@WorkerThread
fun uninstallAndWait(pkg: String) {
uninstallLatch = CountDownLatch(1)
uninstallPkg.launch(pkg)
uninstallLatch.await(3, TimeUnit.SECONDS)
}
override fun recreate() {
startActivity(Intent().setComponent(intent.component))
finish()

225
app/src/main/java/com/topjohnwu/magisk/core/download/DownloadService.kt
View File

@@ -1,79 +1,70 @@
package com.topjohnwu.magisk.core.download
import android.annotation.SuppressLint
import android.app.Notification
import android.app.PendingIntent
import android.app.PendingIntent.*
import android.content.Context
import android.content.Intent
import android.net.Uri
import android.os.Build
import android.os.IBinder
import androidx.core.net.toFile
import androidx.lifecycle.LifecycleOwner
import androidx.lifecycle.MutableLiveData
import com.topjohnwu.magisk.R
import com.topjohnwu.magisk.core.ActivityTracker
import com.topjohnwu.magisk.core.base.BaseService
import com.topjohnwu.magisk.core.intent
import com.topjohnwu.magisk.core.utils.ProgressInputStream
import com.topjohnwu.magisk.di.ServiceLocator
import com.topjohnwu.magisk.ktx.synchronized
import com.topjohnwu.magisk.StubApk
import com.topjohnwu.magisk.core.*
import com.topjohnwu.magisk.core.tasks.HideAPK
import com.topjohnwu.magisk.core.utils.MediaStoreUtils
import com.topjohnwu.magisk.core.utils.MediaStoreUtils.outputStream
import com.topjohnwu.magisk.ktx.copyAndClose
import com.topjohnwu.magisk.ktx.forEach
import com.topjohnwu.magisk.ktx.withStreams
import com.topjohnwu.magisk.ktx.writeTo
import com.topjohnwu.magisk.utils.APKInstall
import com.topjohnwu.magisk.view.Notifications
import com.topjohnwu.magisk.view.Notifications.mgr
import kotlinx.coroutines.CoroutineScope
import kotlinx.coroutines.Dispatchers
import kotlinx.coroutines.Job
import kotlinx.coroutines.launch
import okhttp3.ResponseBody
import timber.log.Timber
import java.io.IOException
import java.io.InputStream
import java.io.OutputStream
import java.util.zip.ZipEntry
import java.util.zip.ZipInputStream
import java.util.zip.ZipOutputStream
class DownloadService : BaseService() {
class DownloadService : NotificationService() {
private val hasNotifications get() = notifications.isNotEmpty()
private val notifications = HashMap<Int, Notification.Builder>().synchronized()
private val job = Job()
val service get() = ServiceLocator.networkService
// -- Service overrides
override fun onBind(intent: Intent?): IBinder? = null
override fun onStartCommand(intent: Intent, flags: Int, startId: Int): Int {
intent.getParcelableExtra<Subject>(SUBJECT_KEY)?.let { doDownload(it) }
intent.getParcelableExtra<Subject>(SUBJECT_KEY)?.let { download(it) }
return START_NOT_STICKY
}
override fun onTaskRemoved(rootIntent: Intent?) {
super.onTaskRemoved(rootIntent)
notifications.forEach { mgr.cancel(it.key) }
notifications.clear()
}
override fun onDestroy() {
super.onDestroy()
job.cancel()
}
// -- Download logic
private fun doDownload(subject: Subject) {
private fun download(subject: Subject) {
update(subject.notifyId)
val coroutineScope = CoroutineScope(job + Dispatchers.IO)
coroutineScope.launch {
try {
val stream = service.fetchFile(subject.url).toProgressStream(subject)
when (subject) {
is Subject.Manager -> handleAPK(subject, stream)
is Subject.Module -> stream.toModule(subject.file, assets.open("module_installer.sh"))
is Subject.App -> handleApp(stream, subject)
is Subject.Module -> handleModule(stream, subject.file)
}
val activity = ActivityTracker.foreground
if (activity != null && subject.autoStart) {
if (activity != null && subject.autoLaunch) {
remove(subject.notifyId)
subject.pendingIntent(activity).send()
subject.pendingIntent(activity)?.send()
} else {
notifyFinish(subject)
}
subject.postDownload?.invoke()
if (!hasNotifications)
stopSelf()
} catch (e: Exception) {
@@ -83,88 +74,113 @@ class DownloadService : BaseService() {
}
}
private fun ResponseBody.toProgressStream(subject: Subject): InputStream {
val max = contentLength()
val total = max.toFloat() / 1048576
val id = subject.notifyId
private suspend fun handleApp(stream: InputStream, subject: Subject.App) {
fun writeTee(output: OutputStream) {
val uri = MediaStoreUtils.getFile("${subject.title}.apk").uri
val external = uri.outputStream()
stream.copyAndClose(TeeOutputStream(external, output))
}
update(id) { it.setContentTitle(subject.title) }
if (isRunningAsStub) {
val updateApk = StubApk.update(this)
try {
// Download full APK to stub update path
writeTee(updateApk.outputStream())
return ProgressInputStream(byteStream()) {
val progress = it.toFloat() / 1048576
update(id) { notification ->
if (max > 0) {
broadcast(progress / total, subject)
notification
.setProgress(max.toInt(), it.toInt(), false)
.setContentText("%.2f / %.2f MB".format(progress, total))
if (Info.stub!!.version < subject.stub.versionCode) {
// Also upgrade stub
update(subject.notifyId) {
it.setProgress(0, 0, true)
.setContentTitle(getString(R.string.hide_app_title))
.setContentText("")
}
// Download
val apk = subject.file.toFile()
service.fetchFile(subject.stub.link).byteStream().writeTo(apk)
// Patch and install
val session = APKInstall.startSession(this)
session.openStream(this).use {
val label = applicationInfo.nonLocalizedLabel
if (!HideAPK.patch(this, apk, it, packageName, label)) {
throw IOException("HideAPK patch error")
}
}
apk.delete()
subject.intent = session.waitIntent()
} else {
broadcast(-1f, subject)
notification.setContentText("%.2f MB / ??".format(progress))
ActivityTracker.foreground?.let {
// Relaunch the process if we are foreground
StubApk.restartProcess(it)
} ?: run {
// Or else kill the current process after posting notification
subject.intent = Notifications.selfLaunchIntent(this)
subject.postDownload = { Runtime.getRuntime().exit(0) }
}
return
}
} catch (e: Exception) {
// If any error occurred, do not let stub load the new APK
updateApk.delete()
throw e
}
} else {
val session = APKInstall.startSession(this)
writeTee(session.openStream(this))
subject.intent = session.waitIntent()
}
}
private fun handleModule(src: InputStream, file: Uri) {
val input = ZipInputStream(src.buffered())
val output = ZipOutputStream(file.outputStream().buffered())
withStreams(input, output) { zin, zout ->
zout.putNextEntry(ZipEntry("META-INF/"))
zout.putNextEntry(ZipEntry("META-INF/com/"))
zout.putNextEntry(ZipEntry("META-INF/com/google/"))
zout.putNextEntry(ZipEntry("META-INF/com/google/android/"))
zout.putNextEntry(ZipEntry("META-INF/com/google/android/update-binary"))
assets.open("module_installer.sh").copyTo(zout)
zout.putNextEntry(ZipEntry("META-INF/com/google/android/updater-script"))
zout.write("#MAGISK\n".toByteArray())
zin.forEach { entry ->
val path = entry.name
if (path.isNotEmpty() && !path.startsWith("META-INF")) {
zout.putNextEntry(ZipEntry(path))
if (!entry.isDirectory) {
zin.copyTo(zout)
}
}
}
}
}
// --- Notification management
private fun notifyFail(subject: Subject) = finalNotify(subject.notifyId) {
broadcast(-2f, subject)
it.setContentText(getString(R.string.download_file_error))
.setSmallIcon(android.R.drawable.stat_notify_error)
.setOngoing(false)
}
private fun notifyFinish(subject: Subject) = finalNotify(subject.notifyId) {
broadcast(1f, subject)
it.setContentIntent(subject.pendingIntent(this))
.setContentTitle(subject.title)
.setContentText(getString(R.string.download_complete))
.setSmallIcon(android.R.drawable.stat_sys_download_done)
.setProgress(0, 0, false)
.setOngoing(false)
.setAutoCancel(true)
}
private fun finalNotify(id: Int, editor: (Notification.Builder) -> Unit): Int {
val notification = remove(id)?.also(editor) ?: return -1
val newId = Notifications.nextId()
mgr.notify(newId, notification.build())
return newId
}
private fun create() = Notifications.progress(this, "")
fun update(id: Int, editor: (Notification.Builder) -> Unit = {}) {
val wasEmpty = !hasNotifications
val notification = notifications.getOrPut(id, ::create).also(editor)
if (wasEmpty)
updateForeground()
else
mgr.notify(id, notification.build())
}
private fun remove(id: Int): Notification.Builder? {
val n = notifications.remove(id)?.also { updateForeground() }
mgr.cancel(id)
return n
}
private fun updateForeground() {
if (hasNotifications) {
val (id, notification) = notifications.entries.first()
startForeground(id, notification.build())
} else {
stopForeground(false)
private class TeeOutputStream(
private val o1: OutputStream,
private val o2: OutputStream
) : OutputStream() {
override fun write(b: Int) {
o1.write(b)
o2.write(b)
}
override fun write(b: ByteArray?, off: Int, len: Int) {
o1.write(b, off, len)
o2.write(b, off, len)
}
override fun close() {
o1.close()
o2.close()
}
}
companion object {
private const val SUBJECT_KEY = "download_subject"
private const val SUBJECT_KEY = "subject"
private const val REQUEST_CODE = 1
private val progressBroadcast = MutableLiveData<Pair<Float, Subject>?>()
fun observeProgress(owner: LifecycleOwner, callback: (Float, Subject) -> Unit) {
progressBroadcast.value = null
progressBroadcast.observe(owner) {
@@ -173,10 +189,6 @@ class DownloadService : BaseService() {
}
}
private fun broadcast(progress: Float, subject: Subject) {
progressBroadcast.postValue(progress to subject)
}
private fun intent(context: Context, subject: Subject) =
context.intent<DownloadService>().putExtra(SUBJECT_KEY, subject)
@@ -200,5 +212,4 @@ class DownloadService : BaseService() {
}
}
}
}

77
app/src/main/java/com/topjohnwu/magisk/core/download/ManagerHandler.kt
View File

@@ -1,77 +0,0 @@
package com.topjohnwu.magisk.core.download
import android.app.AlarmManager
import android.app.PendingIntent
import android.content.Intent
import androidx.core.content.getSystemService
import androidx.core.net.toFile
import com.topjohnwu.magisk.DynAPK
import com.topjohnwu.magisk.R
import com.topjohnwu.magisk.core.ActivityTracker
import com.topjohnwu.magisk.core.Info
import com.topjohnwu.magisk.core.isRunningAsStub
import com.topjohnwu.magisk.core.tasks.HideAPK
import com.topjohnwu.magisk.core.utils.MediaStoreUtils.outputStream
import com.topjohnwu.magisk.ktx.copyAndClose
import com.topjohnwu.magisk.ktx.writeTo
import java.io.File
import java.io.InputStream
import java.io.OutputStream
private class TeeOutputStream(
private val o1: OutputStream,
private val o2: OutputStream
) : OutputStream() {
override fun write(b: Int) {
o1.write(b)
o2.write(b)
}
override fun write(b: ByteArray?, off: Int, len: Int) {
o1.write(b, off, len)
o2.write(b, off, len)
}
override fun close() {
o1.close()
o2.close()
}
}
suspend fun DownloadService.handleAPK(subject: Subject.Manager, stream: InputStream) {
fun write(output: OutputStream) {
val external = subject.externalFile.outputStream()
stream.copyAndClose(TeeOutputStream(external, output))
}
if (isRunningAsStub) {
val apk = subject.file.toFile()
val id = subject.notifyId
write(DynAPK.update(this).outputStream())
if (Info.stub!!.version < subject.stub.versionCode) {
// Also upgrade stub
update(id) {
it.setProgress(0, 0, true)
.setContentTitle(getString(R.string.hide_app_title))
.setContentText("")
}
service.fetchFile(subject.stub.link).byteStream().writeTo(apk)
val patched = File(apk.parent, "patched.apk")
HideAPK.patch(this, apk, patched, packageName, applicationInfo.nonLocalizedLabel)
apk.delete()
patched.renameTo(apk)
} else {
val intent = packageManager.getLaunchIntentForPackage(packageName)
intent!!.addFlags(Intent.FLAG_ACTIVITY_NEW_TASK)
//noinspection InlinedApi
val flag = PendingIntent.FLAG_IMMUTABLE or PendingIntent.FLAG_UPDATE_CURRENT
val pending = PendingIntent.getActivity(this, id, intent, flag)
if (ActivityTracker.hasForeground) {
val alarm = getSystemService<AlarmManager>()
alarm!!.set(AlarmManager.RTC, System.currentTimeMillis() + 1000, pending)
}
stopSelf()
Runtime.getRuntime().exit(0)
}
} else {
write(subject.file.outputStream())
}
}

38
app/src/main/java/com/topjohnwu/magisk/core/download/ModuleProcessor.kt
View File

@@ -1,38 +0,0 @@
package com.topjohnwu.magisk.core.download
import android.net.Uri
import com.topjohnwu.magisk.core.utils.MediaStoreUtils.outputStream
import com.topjohnwu.magisk.ktx.forEach
import com.topjohnwu.magisk.ktx.withStreams
import java.io.InputStream
import java.util.zip.ZipEntry
import java.util.zip.ZipInputStream
import java.util.zip.ZipOutputStream
fun InputStream.toModule(file: Uri, installer: InputStream) {
val input = ZipInputStream(buffered())
val output = ZipOutputStream(file.outputStream().buffered())
withStreams(input, output) { zin, zout ->
zout.putNextEntry(ZipEntry("META-INF/"))
zout.putNextEntry(ZipEntry("META-INF/com/"))
zout.putNextEntry(ZipEntry("META-INF/com/google/"))
zout.putNextEntry(ZipEntry("META-INF/com/google/android/"))
zout.putNextEntry(ZipEntry("META-INF/com/google/android/update-binary"))
installer.copyTo(zout)
zout.putNextEntry(ZipEntry("META-INF/com/google/android/updater-script"))
zout.write("#MAGISK\n".toByteArray(charset("UTF-8")))
zin.forEach { entry ->
val path = entry.name
if (path.isNotEmpty() && !path.startsWith("META-INF")) {
zout.putNextEntry(ZipEntry(path))
if (!entry.isDirectory) {
zin.copyTo(zout)
}
}
}
}
}

113
app/src/main/java/com/topjohnwu/magisk/core/download/NotificationService.kt Normal file
View File

@@ -0,0 +1,113 @@
package com.topjohnwu.magisk.core.download
import android.app.Notification
import android.content.Intent
import android.os.IBinder
import androidx.lifecycle.MutableLiveData
import com.topjohnwu.magisk.R
import com.topjohnwu.magisk.core.base.BaseService
import com.topjohnwu.magisk.core.utils.ProgressInputStream
import com.topjohnwu.magisk.di.ServiceLocator
import com.topjohnwu.magisk.ktx.synchronized
import com.topjohnwu.magisk.view.Notifications
import okhttp3.ResponseBody
import java.io.InputStream
open class NotificationService : BaseService() {
private val notifications = HashMap<Int, Notification.Builder>().synchronized()
protected val hasNotifications get() = notifications.isNotEmpty()
protected val service get() = ServiceLocator.networkService
override fun onBind(intent: Intent?): IBinder? = null
override fun onTaskRemoved(rootIntent: Intent?) {
super.onTaskRemoved(rootIntent)
notifications.forEach { Notifications.mgr.cancel(it.key) }
notifications.clear()
}
protected fun ResponseBody.toProgressStream(subject: Subject): InputStream {
val max = contentLength()
val total = max.toFloat() / 1048576
val id = subject.notifyId
update(id) { it.setContentTitle(subject.title) }
return ProgressInputStream(byteStream()) {
val progress = it.toFloat() / 1048576
update(id) { notification ->
if (max > 0) {
broadcast(progress / total, subject)
notification
.setProgress(max.toInt(), it.toInt(), false)
.setContentText("%.2f / %.2f MB".format(progress, total))
} else {
broadcast(-1f, subject)
notification.setContentText("%.2f MB / ??".format(progress))
}
}
}
}
private fun finalNotify(id: Int, editor: (Notification.Builder) -> Unit): Int {
val notification = remove(id)?.also(editor) ?: return -1
val newId = Notifications.nextId()
Notifications.mgr.notify(newId, notification.build())
return newId
}
protected fun notifyFail(subject: Subject) = finalNotify(subject.notifyId) {
broadcast(-2f, subject)
it.setContentText(getString(R.string.download_file_error))
.setSmallIcon(android.R.drawable.stat_notify_error)
.setOngoing(false)
}
protected fun notifyFinish(subject: Subject) = finalNotify(subject.notifyId) {
broadcast(1f, subject)
it.setContentTitle(subject.title)
.setContentText(getString(R.string.download_complete))
.setSmallIcon(android.R.drawable.stat_sys_download_done)
.setProgress(0, 0, false)
.setOngoing(false)
.setAutoCancel(true)
subject.pendingIntent(this)?.let { intent -> it.setContentIntent(intent) }
}
private fun create() = Notifications.progress(this, "")
private fun updateForeground() {
if (hasNotifications) {
val (id, notification) = notifications.entries.first()
startForeground(id, notification.build())
} else {
stopForeground(false)
}
}
protected fun update(id: Int, editor: (Notification.Builder) -> Unit = {}) {
val wasEmpty = !hasNotifications
val notification = notifications.getOrPut(id, ::create).also(editor)
if (wasEmpty)
updateForeground()
else
Notifications.mgr.notify(id, notification.build())
}
protected fun remove(id: Int): Notification.Builder? {
val n = notifications.remove(id)?.also { updateForeground() }
Notifications.mgr.cancel(id)
return n
}
companion object {
@JvmStatic
protected val progressBroadcast = MutableLiveData<Pair<Float, Subject>?>()
private fun broadcast(progress: Float, subject: Subject) {
progressBroadcast.postValue(progress to subject)
}
}
}

23
app/src/main/java/com/topjohnwu/magisk/core/download/Subject.kt
View File

@@ -6,7 +6,6 @@ import android.content.Context
import android.content.Intent
import android.net.Uri
import android.os.Parcelable
import androidx.core.net.toFile
import androidx.core.net.toUri
import com.topjohnwu.magisk.core.Info
import com.topjohnwu.magisk.core.model.MagiskJson
@@ -16,7 +15,6 @@ import com.topjohnwu.magisk.core.utils.MediaStoreUtils
import com.topjohnwu.magisk.di.AppContext
import com.topjohnwu.magisk.ktx.cachedFile
import com.topjohnwu.magisk.ui.flash.FlashFragment
import com.topjohnwu.magisk.utils.APKInstall
import com.topjohnwu.magisk.view.Notifications
import kotlinx.parcelize.IgnoredOnParcel
import kotlinx.parcelize.Parcelize
@@ -34,9 +32,10 @@ sealed class Subject : Parcelable {
abstract val file: Uri
abstract val title: String
abstract val notifyId: Int
open val autoStart: Boolean get() = true
open val autoLaunch: Boolean get() = true
open val postDownload: (() -> Unit)? get() = null
abstract fun pendingIntent(context: Context): PendingIntent
abstract fun pendingIntent(context: Context): PendingIntent?
@Parcelize
class Module(
@@ -46,7 +45,7 @@ sealed class Subject : Parcelable {
) : Subject() {
override val url: String get() = module.zipUrl
override val title: String get() = module.downloadFilename
override val autoStart: Boolean get() = action == Action.Flash
override val autoLaunch: Boolean get() = action == Action.Flash
@IgnoredOnParcel
override val file by lazy {
@@ -58,7 +57,7 @@ sealed class Subject : Parcelable {
}
@Parcelize
class Manager(
class App(
private val json: MagiskJson = Info.remote.magisk,
val stub: StubJson = Info.remote.stub,
override val notifyId: Int = Notifications.nextId()
@@ -71,14 +70,12 @@ sealed class Subject : Parcelable {
cachedFile("manager.apk")
}
val externalFile get() = MediaStoreUtils.getFile("$title.apk").uri
@IgnoredOnParcel
override var postDownload: (() -> Unit)? = null
override fun pendingIntent(context: Context): PendingIntent {
val receiver = APKInstall.register(context, null, null)
APKInstall.installapk(context, file.toFile())
val intent = receiver.waitIntent() ?: Intent()
return intent.toPending(context)
}
@IgnoredOnParcel
var intent: Intent? = null
override fun pendingIntent(context: Context) = intent?.toPending(context)
}
@SuppressLint("InlinedApi")

4
app/src/main/java/com/topjohnwu/magisk/core/magiskdb/Query.kt
View File

@@ -18,7 +18,7 @@ class Query(private val _query: String) {
suspend inline fun <R : Any> query(crossinline mapper: (Map<String, String>) -> R?): List<R> =
withContext(Dispatchers.Default) {
Shell.su(query).await().out.map { line ->
Shell.cmd(query).await().out.map { line ->
async {
line.split("\\|".toRegex())
.map { it.split("=", limit = 2) }
@@ -32,7 +32,7 @@ class Query(private val _query: String) {
suspend inline fun query() = query { it }
suspend inline fun commit() = Shell.su(query).to(null).await()
suspend inline fun commit() = Shell.cmd(query).to(null).await()
}
class Delete : Query.Builder {

18
app/src/main/java/com/topjohnwu/magisk/core/model/module/LocalModule.kt
View File

@@ -46,15 +46,15 @@ data class LocalModule(
if (enable) {
disableFile.delete()
if (Const.Version.atLeast_21_2())
Shell.su("copy_sepolicy_rules").submit()
Shell.cmd("copy_sepolicy_rules").submit()
else
Shell.su("mkdir -p $dir", "cp -af $ruleFile $dir").submit()
Shell.cmd("mkdir -p $dir", "cp -af $ruleFile $dir").submit()
} else {
!disableFile.createNewFile()
if (Const.Version.atLeast_21_2())
Shell.su("copy_sepolicy_rules").submit()
Shell.cmd("copy_sepolicy_rules").submit()
else
Shell.su("rm -rf $dir").submit()
Shell.cmd("rm -rf $dir").submit()
}
}
@@ -65,15 +65,15 @@ data class LocalModule(
if (updateFile.exists()) return
removeFile.createNewFile()
if (Const.Version.atLeast_21_2())
Shell.su("copy_sepolicy_rules").submit()
Shell.cmd("copy_sepolicy_rules").submit()
else
Shell.su("rm -rf $PERSIST/$id").submit()
Shell.cmd("rm -rf $PERSIST/$id").submit()
} else {
removeFile.delete()
if (Const.Version.atLeast_21_2())
Shell.su("copy_sepolicy_rules").submit()
Shell.cmd("copy_sepolicy_rules").submit()
else
Shell.su("cp -af $ruleFile $PERSIST/$id").submit()
Shell.cmd("cp -af $ruleFile $PERSIST/$id").submit()
}
}
@@ -103,7 +103,7 @@ data class LocalModule(
init {
runCatching {
parseProps(Shell.su("dos2unix < $path/module.prop").exec().out)
parseProps(Shell.cmd("dos2unix < $path/module.prop").exec().out)
}
if (id.isEmpty()) {

2
app/src/main/java/com/topjohnwu/magisk/core/su/SuRequestHandler.kt
View File

@@ -36,7 +36,7 @@ class SuRequestHandler(
// Never allow com.topjohnwu.magisk (could be malware)
if (policy.packageName == BuildConfig.APPLICATION_ID) {
Shell.su("(pm uninstall ${BuildConfig.APPLICATION_ID})& >/dev/null 2>&1").exec()
Shell.cmd("(pm uninstall ${BuildConfig.APPLICATION_ID})& >/dev/null 2>&1").exec()
return false
}

4
app/src/main/java/com/topjohnwu/magisk/core/tasks/FlashZip.kt
View File

@@ -63,7 +63,7 @@ open class FlashZip(
console.add("- Installing ${mUri.displayName}")
return Shell.su("sh $installDir/update-binary dummy 1 \'$zipFile\'")
return Shell.cmd("sh $installDir/update-binary dummy 1 \'$zipFile\'")
.to(console, logs).exec().isSuccess
}
@@ -79,7 +79,7 @@ open class FlashZip(
Timber.e(e)
false
} finally {
Shell.su("cd /", "rm -rf $installDir ${Const.TMPDIR}").submit()
Shell.cmd("cd /", "rm -rf $installDir ${Const.TMPDIR}").submit()
}
}
}

90
app/src/main/java/com/topjohnwu/magisk/core/tasks/HideAPK.kt
View File

@@ -5,8 +5,8 @@ import android.content.Context
import android.content.Intent
import android.widget.Toast
import com.topjohnwu.magisk.BuildConfig.APPLICATION_ID
import com.topjohnwu.magisk.DynAPK
import com.topjohnwu.magisk.R
import com.topjohnwu.magisk.StubApk
import com.topjohnwu.magisk.core.Config
import com.topjohnwu.magisk.core.Const
import com.topjohnwu.magisk.core.Info
@@ -21,18 +21,18 @@ import com.topjohnwu.magisk.utils.APKInstall
import com.topjohnwu.magisk.utils.Utils
import com.topjohnwu.superuser.Shell
import kotlinx.coroutines.Dispatchers
import kotlinx.coroutines.Runnable
import kotlinx.coroutines.withContext
import timber.log.Timber
import java.io.File
import java.io.FileOutputStream
import java.io.IOException
import java.io.OutputStream
import java.security.SecureRandom
object HideAPK {
private const val ALPHA = "abcdefghijklmnopqrstuvwxyz"
private const val ALPHADOTS = "$ALPHA....."
private const val APP_NAME = "Magisk"
private const val ANDROID_MANIFEST = "AndroidManifest.xml"
// Some arbitrary limit
@@ -65,27 +65,29 @@ object HideAPK {
fun patch(
context: Context,
apk: File, out: File,
apk: File, out: OutputStream,
pkg: String, label: CharSequence
): Boolean {
val info = context.packageManager.getPackageArchiveInfo(apk.path, 0) ?: return false
val name = info.applicationInfo.nonLocalizedLabel.toString()
try {
val jar = JarMap.open(apk, true)
val je = jar.getJarEntry(ANDROID_MANIFEST)
val xml = AXML(jar.getRawData(je))
JarMap.open(apk, true).use { jar ->
val je = jar.getJarEntry(ANDROID_MANIFEST)
val xml = AXML(jar.getRawData(je))
if (!xml.findAndPatch(APPLICATION_ID to pkg, APP_NAME to label.toString()))
return false
if (!xml.findAndPatch(APPLICATION_ID to pkg, name to label.toString()))
return false
// Write apk changes
jar.getOutputStream(je).write(xml.bytes)
val keys = Keygen(context)
SignApk.sign(keys.cert, keys.key, jar, FileOutputStream(out))
// Write apk changes
jar.getOutputStream(je).use { it.write(xml.bytes) }
val keys = Keygen(context)
SignApk.sign(keys.cert, keys.key, jar, out)
return true
}
} catch (e: Exception) {
Timber.e(e)
return false
}
return true
}
private fun launchApp(activity: Activity, pkg: String) {
@@ -100,7 +102,7 @@ object HideAPK {
activity.finish()
}
private suspend fun patchAndHide(activity: Activity, label: String): Boolean {
private suspend fun patchAndHide(activity: Activity, label: String, onFailure: Runnable): Boolean {
val stub = File(activity.cacheDir, "stub.apk")
try {
svc.fetchFile(Info.remote.stub.link).byteStream().writeTo(stub)
@@ -108,26 +110,28 @@ object HideAPK {
Timber.e(e)
stub.createNewFile()
val cmd = "\$MAGISKBIN/magiskinit -x manager ${stub.path}"
if (!Shell.su(cmd).exec().isSuccess) return false
if (!Shell.cmd(cmd).exec().isSuccess)
return false
}
// Generate a new random package name and signature
val repack = File(activity.cacheDir, "patched.apk")
val pkg = genPackageName()
Config.keyStoreRaw = ""
if (!patch(activity, stub, repack, pkg, label))
return false
// Install and auto launch app
val receiver = APKInstall.register(activity, pkg) {
val session = APKInstall.startSession(activity, pkg, onFailure) {
launchApp(activity, pkg)
}
val cmd = "adb_pm_install $repack ${activity.applicationInfo.uid}"
if (!Shell.su(cmd).exec().isSuccess) {
APKInstall.installapk(activity, repack)
receiver.waitIntent()?.let { activity.startActivity(it) }
try {
val success = session.openStream(activity).use {
patch(activity, stub, it, pkg, label)
}
if (!success) return false
} catch (e: IOException) {
Timber.e(e)
return false
}
session.waitIntent()?.let { activity.startActivity(it) } ?: return false
return true
}
@@ -139,33 +143,43 @@ object HideAPK {
setCancelable(false)
show()
}
val result = withContext(Dispatchers.IO) {
patchAndHide(activity, label)
}
if (!result) {
val onFailure = Runnable {
dialog.dismiss()
Utils.toast(R.string.failure, Toast.LENGTH_LONG)
}
val success = withContext(Dispatchers.IO) {
patchAndHide(activity, label, onFailure)
}
if (!success) onFailure.run()
}
@Suppress("DEPRECATION")
fun restore(activity: Activity) {
suspend fun restore(activity: Activity) {
val dialog = android.app.ProgressDialog(activity).apply {
setTitle(activity.getString(R.string.restore_img_msg))
isIndeterminate = true
setCancelable(false)
show()
}
val apk = DynAPK.current(activity)
val receiver = APKInstall.register(activity, APPLICATION_ID) {
val onFailure = Runnable {
dialog.dismiss()
Utils.toast(R.string.failure, Toast.LENGTH_LONG)
}
val apk = StubApk.current(activity)
val session = APKInstall.startSession(activity, APPLICATION_ID, onFailure) {
launchApp(activity, APPLICATION_ID)
dialog.dismiss()
}
val cmd = "adb_pm_install $apk ${activity.applicationInfo.uid}"
Shell.su(cmd).submit(Shell.EXECUTOR) { ret ->
if (ret.isSuccess) return@submit
APKInstall.installapk(activity, apk)
receiver.waitIntent()?.let { activity.startActivity(it) }
val success = withContext(Dispatchers.IO) {
try {
session.install(activity, apk)
} catch (e: IOException) {
Timber.e(e)
return@withContext false
}
session.waitIntent()?.let { activity.startActivity(it) } ?: return@withContext false
return@withContext true
}
if (!success) onFailure.run()
}
}

8
app/src/main/java/com/topjohnwu/magisk/core/tasks/MagiskInstaller.kt
View File

@@ -6,8 +6,8 @@ import android.widget.Toast
import androidx.annotation.WorkerThread
import androidx.core.os.postDelayed
import com.topjohnwu.magisk.BuildConfig
import com.topjohnwu.magisk.DynAPK
import com.topjohnwu.magisk.R
import com.topjohnwu.magisk.StubApk
import com.topjohnwu.magisk.core.*
import com.topjohnwu.magisk.core.utils.MediaStoreUtils
import com.topjohnwu.magisk.core.utils.MediaStoreUtils.inputStream
@@ -93,7 +93,7 @@ abstract class MagiskInstallImpl protected constructor(
try {
// Extract binaries
if (isRunningAsStub) {
val zf = ZipFile(DynAPK.current(context))
val zf = ZipFile(StubApk.current(context))
// Also extract magisk32 on non 64-bit only 64-bit devices
val is32lib = Const.CPU_ABI_32?.let {
@@ -452,7 +452,7 @@ abstract class MagiskInstaller(
if (success) {
console.add("- All done!")
} else {
Shell.sh("rm -rf $installDir").submit()
Shell.cmd("rm -rf $installDir").submit()
console.add("! Installation failed")
}
return success
@@ -497,7 +497,7 @@ abstract class MagiskInstaller(
val success = super.exec()
if (success) {
UiThreadHandler.handler.postDelayed(3000) {
Shell.su("pm uninstall ${context.packageName}").exec()
Shell.cmd("pm uninstall ${context.packageName}").exec()
}
}
return success

34
app/src/main/java/com/topjohnwu/magisk/core/utils/RequestInstall.kt Normal file
View File

@@ -0,0 +1,34 @@
package com.topjohnwu.magisk.core.utils
import android.annotation.TargetApi
import android.app.Activity
import android.content.Context
import android.content.Intent
import android.net.Uri
import android.os.Build
import android.provider.Settings
import androidx.activity.result.contract.ActivityResultContract
class RequestInstall : ActivityResultContract<Unit, Boolean>() {
@TargetApi(26)
override fun createIntent(context: Context, input: Unit): Intent {
// This will only be called on API 26+
return Intent(Settings.ACTION_MANAGE_UNKNOWN_APP_SOURCES)
.setData(Uri.parse("package:${context.packageName}"))
}
override fun parseResult(resultCode: Int, intent: Intent?) =
resultCode == Activity.RESULT_OK
override fun getSynchronousResult(
context: Context,
input: Unit
): SynchronousResult<Boolean>? {
if (Build.VERSION.SDK_INT < 26)
return SynchronousResult(true)
if (context.packageManager.canRequestPackageInstalls())
return SynchronousResult(true)
return null
}
}

11
app/src/main/java/com/topjohnwu/magisk/core/utils/RootRegistry.kt
View File

@@ -5,6 +5,7 @@ import android.content.Intent
import android.content.ServiceConnection
import android.os.Binder
import android.os.IBinder
import com.topjohnwu.superuser.Shell
import com.topjohnwu.superuser.ipc.RootService
import timber.log.Timber
import java.util.concurrent.CountDownLatch
@@ -12,11 +13,7 @@ import kotlin.system.exitProcess
class RootRegistry(stub: Any?) : RootService() {
constructor() : this(null)
private val className: String? = stub?.javaClass?.name
init {
constructor() : this(null) {
// Always log full stack trace with Timber
Timber.plant(Timber.DebugTree())
Thread.setDefaultUncaughtExceptionHandler { _, e ->
@@ -25,6 +22,8 @@ class RootRegistry(stub: Any?) : RootService() {
}
}
private val className: String? = stub?.javaClass?.name
override fun onBind(intent: Intent): IBinder {
// TODO: PLACEHOLDER
return Binder()
@@ -50,6 +49,6 @@ class RootRegistry(stub: Any?) : RootService() {
}
companion object {
var bindTask: Runnable? = null
var bindTask: Shell.Task? = null
}
}

8
app/src/main/java/com/topjohnwu/magisk/core/utils/ShellInit.kt
View File

@@ -1,8 +1,8 @@
package com.topjohnwu.magisk.core.utils
import android.content.Context
import com.topjohnwu.magisk.DynAPK
import com.topjohnwu.magisk.R
import com.topjohnwu.magisk.StubApk
import com.topjohnwu.magisk.core.Config
import com.topjohnwu.magisk.core.Const
import com.topjohnwu.magisk.core.Info
@@ -19,7 +19,7 @@ import java.util.jar.JarFile
class ShellInit : Shell.Initializer() {
override fun onInit(context: Context, shell: Shell): Boolean {
if (shell.isRoot) {
RootRegistry.bindTask?.run()
RootRegistry.bindTask?.let { shell.execTask(it) }
RootRegistry.bindTask = null
}
shell.newJob().apply {
@@ -29,7 +29,7 @@ class ShellInit : Shell.Initializer() {
if (isRunningAsStub) {
if (!shell.isRoot)
return true
val jar = JarFile(DynAPK.current(context))
val jar = JarFile(StubApk.current(context))
val bb = jar.getJarEntry("lib/${Const.CPU_ABI}/libbusybox.so")
localBB = context.deviceProtectedContext.cachedFile("busybox")
localBB.delete()
@@ -42,7 +42,7 @@ class ShellInit : Shell.Initializer() {
if (shell.isRoot) {
add("export MAGISKTMP=\$(magisk --path)/.magisk")
// Test if we can properly execute stuff in /data
Info.noDataExec = !shell.newJob().add("$localBB true").exec().isSuccess
Info.noDataExec = !shell.newJob().add("$localBB sh -c \"$localBB true\"").exec().isSuccess
}
if (Info.noDataExec) {

21
app/src/main/java/com/topjohnwu/magisk/core/utils/UninstallPackage.kt Normal file
View File

@@ -0,0 +1,21 @@
package com.topjohnwu.magisk.core.utils
import android.app.Activity
import android.content.Context
import android.content.Intent
import android.net.Uri
import androidx.activity.result.contract.ActivityResultContract
class UninstallPackage : ActivityResultContract<String, Boolean>() {
@Suppress("DEPRECATION")
override fun createIntent(context: Context, input: String): Intent {
val uri = Uri.Builder().scheme("package").opaquePart(input).build()
val intent = Intent(Intent.ACTION_UNINSTALL_PACKAGE, uri)
intent.putExtra(Intent.EXTRA_RETURN_RESULT, true)
return intent
}
override fun parseResult(resultCode: Int, intent: Intent?) =
resultCode == Activity.RESULT_OK
}

6
app/src/main/java/com/topjohnwu/magisk/data/repository/LogRepository.kt
View File

@@ -29,9 +29,9 @@ class LogRepository(
}
}
if (Info.env.isActive) {
Shell.su("cat ${Const.MAGISK_LOG} || logcat -d -s Magisk").to(list).await()
Shell.cmd("cat ${Const.MAGISK_LOG} || logcat -d -s Magisk").to(list).await()
} else {
Shell.sh("logcat -d").to(list).await()
Shell.cmd("logcat -d").to(list).await()
}
return list.buf.toString()
}
@@ -39,7 +39,7 @@ class LogRepository(
suspend fun clearLogs() = logDao.deleteAll()
fun clearMagiskLogs(cb: (Shell.Result) -> Unit) =
Shell.su("echo -n > ${Const.MAGISK_LOG}").submit(cb)
Shell.cmd("echo -n > ${Const.MAGISK_LOG}").submit(cb)
suspend fun insert(log: SuLog) = logDao.insert(log)

2
app/src/main/java/com/topjohnwu/magisk/events/RebootEvent.kt
View File

@@ -20,7 +20,7 @@ object RebootEvent {
R.id.action_reboot_bootloader -> systemReboot("bootloader")
R.id.action_reboot_download -> systemReboot("download")
R.id.action_reboot_edl -> systemReboot("edl")
R.id.action_reboot_recovery -> Shell.su("/system/bin/reboot recovery").submit()
R.id.action_reboot_recovery -> Shell.cmd("/system/bin/reboot recovery").submit()
else -> Unit
}
return true

44
app/src/main/java/com/topjohnwu/magisk/events/SnackbarEvent.kt
View File

@@ -1,44 +0,0 @@
package com.topjohnwu.magisk.events
import android.view.View
import androidx.annotation.StringRes
import com.google.android.material.snackbar.Snackbar
import com.topjohnwu.magisk.arch.ActivityExecutor
import com.topjohnwu.magisk.arch.UIActivity
import com.topjohnwu.magisk.arch.ViewEvent
import com.topjohnwu.magisk.utils.TextHolder
import com.topjohnwu.magisk.utils.asText
class SnackbarEvent constructor(
private val msg: TextHolder,
private val length: Int = Snackbar.LENGTH_SHORT,
private val builder: Snackbar.() -> Unit = {}
) : ViewEvent(), ActivityExecutor {
constructor(
@StringRes res: Int,
length: Int = Snackbar.LENGTH_SHORT,
builder: Snackbar.() -> Unit = {}
) : this(res.asText(), length, builder)
constructor(
msg: String,
length: Int = Snackbar.LENGTH_SHORT,
builder: Snackbar.() -> Unit = {}
) : this(msg.asText(), length, builder)
private fun snackbar(
view: View,
anchor: View?,
message: String,
length: Int,
builder: Snackbar.() -> Unit
) = Snackbar.make(view, message, length).setAnchorView(anchor).apply(builder).show()
override fun invoke(activity: UIActivity<*>) {
snackbar(activity.snackbarView, activity.snackbarAnchorView,
msg.getText(activity.resources).toString(),
length, builder)
}
}

29
app/src/main/java/com/topjohnwu/magisk/events/ViewEvents.kt
View File

@@ -5,12 +5,16 @@ import android.content.Context
import android.net.Uri
import android.view.View
import android.widget.Toast
import androidx.annotation.StringRes
import androidx.navigation.NavDirections
import com.google.android.material.snackbar.Snackbar
import com.topjohnwu.magisk.MainDirections
import com.topjohnwu.magisk.R
import com.topjohnwu.magisk.arch.*
import com.topjohnwu.magisk.core.Const
import com.topjohnwu.magisk.utils.TextHolder
import com.topjohnwu.magisk.utils.Utils
import com.topjohnwu.magisk.utils.asText
import com.topjohnwu.magisk.view.Shortcuts
class PermissionEvent(
@@ -67,7 +71,7 @@ class NavigationEvent(
) : ViewEvent(), ActivityExecutor {
override fun invoke(activity: UIActivity<*>) {
(activity as? NavigationActivity<*>)?.apply {
if (pop) navigation?.popBackStack()
if (pop) navigation.popBackStack()
directions.navigate()
}
}
@@ -92,3 +96,26 @@ class SelectModuleEvent : ViewEvent(), FragmentExecutor {
}
}
}
class SnackbarEvent(
private val msg: TextHolder,
private val length: Int = Snackbar.LENGTH_SHORT,
private val builder: Snackbar.() -> Unit = {}
) : ViewEvent(), ActivityExecutor {
constructor(
@StringRes res: Int,
length: Int = Snackbar.LENGTH_SHORT,
builder: Snackbar.() -> Unit = {}
) : this(res.asText(), length, builder)
constructor(
msg: String,
length: Int = Snackbar.LENGTH_SHORT,
builder: Snackbar.() -> Unit = {}
) : this(msg.asText(), length, builder)
override fun invoke(activity: UIActivity<*>) {
activity.showSnackbar(msg.getText(activity.resources), length, builder)
}
}

2
app/src/main/java/com/topjohnwu/magisk/events/dialog/ManagerInstallDialog.kt
View File

@@ -29,7 +29,7 @@ class ManagerInstallDialog : MarkDownDialog() {
setCancelable(true)
setButton(MagiskDialog.ButtonType.POSITIVE) {
text = R.string.install
onClick { DownloadService.start(context, Subject.Manager()) }
onClick { DownloadService.start(context, Subject.App()) }
}
setButton(MagiskDialog.ButtonType.NEGATIVE) {
text = android.R.string.cancel

22
app/src/main/java/com/topjohnwu/magisk/events/dialog/RestoreAppDialog.kt
View File

@@ -1,22 +0,0 @@
package com.topjohnwu.magisk.events.dialog
import com.topjohnwu.magisk.R
import com.topjohnwu.magisk.core.tasks.HideAPK
import com.topjohnwu.magisk.view.MagiskDialog
class RestoreAppDialog : DialogEvent() {
override fun build(dialog: MagiskDialog) {
dialog.apply {
setTitle(R.string.settings_restore_app_title)
setMessage(R.string.restore_app_confirmation)
setButton(MagiskDialog.ButtonType.POSITIVE) {
text = android.R.string.ok
onClick { HideAPK.restore(dialog.ownerActivity!!) }
}
setButton(MagiskDialog.ButtonType.NEGATIVE) {
text = android.R.string.cancel
}
setCancelable(true)
}
}
}

2
app/src/main/java/com/topjohnwu/magisk/events/dialog/UninstallDialog.kt
View File

@@ -34,7 +34,7 @@ class UninstallDialog : DialogEvent() {
show()
}
Shell.su("restore_imgs").submit { result ->
Shell.cmd("restore_imgs").submit { result ->
dialog.dismiss()
if (result.isSuccess) {
Utils.toast(R.string.restore_done, Toast.LENGTH_SHORT)

2
app/src/main/java/com/topjohnwu/magisk/ktx/XAndroid.kt
View File

@@ -84,7 +84,7 @@ fun Intent.startActivity(context: Context) = context.startActivity(this)
fun Intent.startActivityWithRoot() {
val args = mutableListOf("am", "start", "--user", Const.USER_ID.toString())
val cmd = toCommand(args).joinToString(" ")
Shell.su(cmd).submit()
Shell.cmd(cmd).submit()
}
fun Intent.toCommand(args: MutableList<String> = mutableListOf()): MutableList<String> {

4
app/src/main/java/com/topjohnwu/magisk/ktx/XSU.kt
View File

@@ -8,14 +8,14 @@ import kotlinx.coroutines.Dispatchers
import kotlinx.coroutines.withContext
fun reboot(reason: String = if (Config.recovery) "recovery" else "") {
Shell.su("/system/bin/svc power reboot $reason || /system/bin/reboot $reason").submit()
Shell.cmd("/system/bin/svc power reboot $reason || /system/bin/reboot $reason").submit()
}
fun relaunchApp(context: Context) {
val intent = context.packageManager.getLaunchIntentForPackage(context.packageName) ?: return
val args = mutableListOf("am", "start", "--user", Const.USER_ID.toString())
val cmd = intent.toCommand(args).joinToString(separator = " ")
Shell.su("run_delay 1 \"$cmd\"").exec()
Shell.cmd("run_delay 1 \"$cmd\"").exec()
Runtime.getRuntime().exit(0)
}

4
app/src/main/java/com/topjohnwu/magisk/signing/SignApk.java
View File

@@ -492,7 +492,7 @@ public class SignApk {
}
public static void sign(X509Certificate cert, PrivateKey key,
JarMap inputJar, FileOutputStream outputFile) throws Exception {
JarMap inputJar, OutputStream outputStream) throws Exception {
int alignment = 4;
int hashes = 0;
@@ -531,7 +531,7 @@ public class SignApk {
// This assumes outputChunks are array-backed. To avoid this assumption, the
// code could be rewritten to use FileChannel.
for (ByteBuffer outputChunk : outputChunks) {
outputFile.write(outputChunk.array(),
outputStream.write(outputChunk.array(),
outputChunk.arrayOffset() + outputChunk.position(), outputChunk.remaining());
outputChunk.position(outputChunk.limit());
}

7
app/src/main/java/com/topjohnwu/magisk/ui/MainActivity.kt
View File

@@ -15,7 +15,10 @@ import com.topjohnwu.magisk.MainDirections
import com.topjohnwu.magisk.R
import com.topjohnwu.magisk.arch.BaseMainActivity
import com.topjohnwu.magisk.arch.BaseViewModel
import com.topjohnwu.magisk.core.*
import com.topjohnwu.magisk.core.Config
import com.topjohnwu.magisk.core.Const
import com.topjohnwu.magisk.core.Info
import com.topjohnwu.magisk.core.isRunningAsStub
import com.topjohnwu.magisk.databinding.ActivityMainMd2Binding
import com.topjohnwu.magisk.di.viewModel
import com.topjohnwu.magisk.ktx.startAnimations
@@ -51,7 +54,7 @@ class MainActivity : BaseMainActivity<ActivityMainMd2Binding>() {
window.setSoftInputMode(WindowManager.LayoutParams.SOFT_INPUT_ADJUST_RESIZE)
navigation?.addOnDestinationChangedListener { _, destination, _ ->
navigation.addOnDestinationChangedListener { _, destination, _ ->
isRootFragment = when (destination.id) {
R.id.homeFragment,
R.id.modulesFragment,

2
app/src/main/java/com/topjohnwu/magisk/ui/deny/DenyListRvItem.kt
View File

@@ -103,7 +103,7 @@ class ProcessRvItem(
set(value) = set(value, process.isEnabled, { process.isEnabled = it }, BR.enabled) {
val arg = if (it) "add" else "rm"
val (name, pkg) = process
Shell.su("magisk --denylist $arg $pkg \'$name\'").submit()
Shell.cmd("magisk --denylist $arg $pkg \'$name\'").submit()
}
fun toggle() {

2
app/src/main/java/com/topjohnwu/magisk/ui/deny/DenyListViewModel.kt
View File

@@ -52,7 +52,7 @@ class DenyListViewModel : BaseViewModel() {
state = State.LOADING
val (apps, diff) = withContext(Dispatchers.Default) {
val pm = AppContext.packageManager
val denyList = Shell.su("magisk --denylist ls").exec().out
val denyList = Shell.cmd("magisk --denylist ls").exec().out
.map { CmdlineListItem(it) }
val apps = pm.getInstalledApplications(MATCH_UNINSTALLED_PACKAGES).run {
asFlow()

12
app/src/main/java/com/topjohnwu/magisk/ui/home/HomeViewModel.kt
View File

@@ -10,7 +10,7 @@ import com.topjohnwu.magisk.arch.*
import com.topjohnwu.magisk.core.Config
import com.topjohnwu.magisk.core.Info
import com.topjohnwu.magisk.core.download.Subject
import com.topjohnwu.magisk.core.download.Subject.Manager
import com.topjohnwu.magisk.core.download.Subject.App
import com.topjohnwu.magisk.data.repository.NetworkService
import com.topjohnwu.magisk.databinding.itemBindingOf
import com.topjohnwu.magisk.databinding.set
@@ -112,7 +112,7 @@ class HomeViewModel(
}.publish()
fun onProgressUpdate(progress: Float, subject: Subject) {
if (subject is Manager)
if (subject is App)
stateManagerProgress = progress.times(100f).roundToInt()
}
@@ -123,7 +123,11 @@ class HomeViewModel(
fun onDeletePressed() = UninstallDialog().publish()
fun onManagerPressed() = when (state) {
State.LOADED -> withExternalRW { ManagerInstallDialog().publish() }
State.LOADED -> withExternalRW {
withInstallPermission {
ManagerInstallDialog().publish()
}
}
State.LOADING -> SnackbarEvent(R.string.loading).publish()
else -> SnackbarEvent(R.string.no_connection).publish()
}
@@ -140,7 +144,7 @@ class HomeViewModel(
private suspend fun ensureEnv() {
if (MagiskState.NOT_INSTALLED == stateMagisk || checkedEnv) return
val cmd = "env_check ${Info.env.versionString} ${Info.env.versionCode}"
if (!Shell.su(cmd).await().isSuccess) {
if (!Shell.cmd(cmd).await().isSuccess) {
EnvFixDialog(this).publish()
}
checkedEnv = true

23
app/src/main/java/com/topjohnwu/magisk/ui/settings/SettingsItems.kt
View File

@@ -25,6 +25,7 @@ import com.topjohnwu.magisk.databinding.set
import com.topjohnwu.magisk.di.AppContext
import com.topjohnwu.magisk.utils.Utils
import com.topjohnwu.magisk.utils.asText
import com.topjohnwu.magisk.view.MagiskDialog
import com.topjohnwu.superuser.Shell
import kotlinx.coroutines.CoroutineScope
import kotlinx.coroutines.launch
@@ -105,6 +106,26 @@ object Hide : BaseSettingsItem.Input() {
object Restore : BaseSettingsItem.Blank() {
override val title = R.string.settings_restore_app_title.asText()
override val description = R.string.settings_restore_app_summary.asText()
override fun onPressed(view: View, handler: Handler) {
handler.onItemPressed(view, this) {
MagiskDialog(view.context).apply {
setTitle(R.string.settings_restore_app_title)
setMessage(R.string.restore_app_confirmation)
setButton(MagiskDialog.ButtonType.POSITIVE) {
text = android.R.string.ok
onClick {
handler.onItemAction(view, this@Restore)
}
}
setButton(MagiskDialog.ButtonType.NEGATIVE) {
text = android.R.string.cancel
}
setCancelable(true)
show()
}
}
}
}
object AddShortcut : BaseSettingsItem.Blank() {
@@ -236,7 +257,7 @@ object DenyList : BaseSettingsItem.Toggle() {
set(value) {
field = value
val cmd = if (value) "enable" else "disable"
Shell.su("magisk --denylist $cmd").submit { result ->
Shell.cmd("magisk --denylist $cmd").submit { result ->
if (result.isSuccess) {
Config.denyList = value
} else {

6
app/src/main/java/com/topjohnwu/magisk/ui/settings/SettingsViewModel.kt
View File

@@ -20,7 +20,6 @@ import com.topjohnwu.magisk.events.AddHomeIconEvent
import com.topjohnwu.magisk.events.RecreateEvent
import com.topjohnwu.magisk.events.SnackbarEvent
import com.topjohnwu.magisk.events.dialog.BiometricEvent
import com.topjohnwu.magisk.events.dialog.RestoreAppDialog
import com.topjohnwu.magisk.ktx.activity
import com.topjohnwu.magisk.utils.Utils
import com.topjohnwu.superuser.Shell
@@ -103,7 +102,7 @@ class SettingsViewModel : BaseViewModel(), BaseSettingsItem.Handler {
Theme -> SettingsFragmentDirections.actionSettingsFragmentToThemeFragment().navigate()
DenyListConfig -> SettingsFragmentDirections.actionSettingsFragmentToDenyFragment().navigate()
SystemlessHosts -> createHosts()
Restore -> RestoreAppDialog().publish()
Hide, Restore -> withInstallPermission(andThen)
AddShortcut -> AddHomeIconEvent().publish()
else -> andThen()
}
@@ -114,6 +113,7 @@ class SettingsViewModel : BaseViewModel(), BaseSettingsItem.Handler {
Language -> RecreateEvent().publish()
UpdateChannel -> openUrlIfNecessary(view)
is Hide -> viewModelScope.launch { HideAPK.hide(view.activity, item.value) }
Restore -> viewModelScope.launch { HideAPK.restore(view.activity) }
Zygisk -> if (Zygisk.mismatch) SnackbarEvent(R.string.reboot_apply_change).publish()
else -> Unit
}
@@ -134,7 +134,7 @@ class SettingsViewModel : BaseViewModel(), BaseSettingsItem.Handler {
}
private fun createHosts() {
Shell.su("add_hosts_module").submit {
Shell.cmd("add_hosts_module").submit {
Utils.toast(R.string.settings_hosts_toast, Toast.LENGTH_SHORT)
}
}

78
app/src/main/java/com/topjohnwu/magisk/view/Notifications.kt
View File

@@ -1,15 +1,16 @@
package com.topjohnwu.magisk.view
import android.annotation.SuppressLint
import android.app.Notification
import android.app.NotificationChannel
import android.app.NotificationManager
import android.app.PendingIntent
import android.content.Context
import android.content.Intent
import android.os.Build.VERSION.SDK_INT
import androidx.core.content.getSystemService
import androidx.core.graphics.drawable.toIcon
import com.topjohnwu.magisk.R
import com.topjohnwu.magisk.core.Const.ID.PROGRESS_NOTIFICATION_CHANNEL
import com.topjohnwu.magisk.core.Const.ID.UPDATE_NOTIFICATION_CHANNEL
import com.topjohnwu.magisk.core.download.DownloadService
import com.topjohnwu.magisk.core.download.Subject
import com.topjohnwu.magisk.di.AppContext
@@ -21,51 +22,80 @@ object Notifications {
val mgr by lazy { AppContext.getSystemService<NotificationManager>()!! }
private const val APK_UPDATE_NOTIFICATION_ID = 5
private val nextId = AtomicInteger(APK_UPDATE_NOTIFICATION_ID)
private const val APP_UPDATED_NOTIFICATION_ID = 4
private const val APP_UPDATE_NOTIFICATION_ID = 5
private const val UPDATE_CHANNEL = "update"
private const val PROGRESS_CHANNEL = "progress"
private const val UPDATED_CHANNEL = "updated"
private val nextId = AtomicInteger(APP_UPDATE_NOTIFICATION_ID)
fun setup(context: Context) {
if (SDK_INT >= 26) {
val channel = NotificationChannel(UPDATE_NOTIFICATION_CHANNEL,
val channel = NotificationChannel(UPDATE_CHANNEL,
context.getString(R.string.update_channel), NotificationManager.IMPORTANCE_DEFAULT)
val channel2 = NotificationChannel(PROGRESS_NOTIFICATION_CHANNEL,
val channel2 = NotificationChannel(PROGRESS_CHANNEL,
context.getString(R.string.progress_channel), NotificationManager.IMPORTANCE_LOW)
mgr.createNotificationChannels(listOf(channel, channel2))
val channel3 = NotificationChannel(UPDATED_CHANNEL,
context.getString(R.string.updated_channel), NotificationManager.IMPORTANCE_HIGH)
mgr.createNotificationChannels(listOf(channel, channel2, channel3))
}
}
private fun updateBuilder(context: Context): Notification.Builder {
return Notification.Builder(context).apply {
val bitmap = context.getBitmap(R.drawable.ic_magisk_outline)
setLargeIcon(bitmap)
if (SDK_INT >= 26) {
setSmallIcon(bitmap.toIcon())
setChannelId(UPDATE_NOTIFICATION_CHANNEL)
} else {
setSmallIcon(R.drawable.ic_magisk_outline)
}
}
fun selfLaunchIntent(context: Context): Intent {
val pm = context.packageManager
val intent = pm.getLaunchIntentForPackage(context.packageName)!!
intent.addFlags(Intent.FLAG_ACTIVITY_NEW_TASK or Intent.FLAG_ACTIVITY_CLEAR_TASK)
return intent
}
fun managerUpdate(context: Context) {
val intent = DownloadService.getPendingIntent(context, Subject.Manager())
@SuppressLint("InlinedApi")
fun updateDone(context: Context) {
setup(context)
val flag = PendingIntent.FLAG_IMMUTABLE or PendingIntent.FLAG_UPDATE_CURRENT
val pending = PendingIntent.getActivity(context, 0, selfLaunchIntent(context), flag)
val builder = if (SDK_INT >= 26) {
Notification.Builder(context, UPDATED_CHANNEL)
.setSmallIcon(context.getBitmap(R.drawable.ic_magisk_outline).toIcon())
} else {
Notification.Builder(context).setPriority(Notification.PRIORITY_HIGH)
.setSmallIcon(R.drawable.ic_magisk_outline)
}
.setContentIntent(pending)
.setContentTitle(context.getText(R.string.updated_title))
.setContentText(context.getText(R.string.updated_text))
.setAutoCancel(true)
mgr.notify(APP_UPDATED_NOTIFICATION_ID, builder.build())
}
val builder = updateBuilder(context)
fun updateAvailable(context: Context) {
val intent = DownloadService.getPendingIntent(context, Subject.App())
val bitmap = context.getBitmap(R.drawable.ic_magisk_outline)
val builder = if (SDK_INT >= 26) {
Notification.Builder(context, UPDATE_CHANNEL)
.setSmallIcon(bitmap.toIcon())
} else {
Notification.Builder(context)
.setSmallIcon(R.drawable.ic_magisk_outline)
}
.setLargeIcon(bitmap)
.setContentTitle(context.getString(R.string.magisk_update_title))
.setContentText(context.getString(R.string.manager_download_install))
.setAutoCancel(true)
.setContentIntent(intent)
mgr.notify(APK_UPDATE_NOTIFICATION_ID, builder.build())
mgr.notify(APP_UPDATE_NOTIFICATION_ID, builder.build())
}
fun progress(context: Context, title: CharSequence): Notification.Builder {
val builder = if (SDK_INT >= 26) {
Notification.Builder(context, PROGRESS_NOTIFICATION_CHANNEL)
Notification.Builder(context, PROGRESS_CHANNEL)
} else {
Notification.Builder(context).setPriority(Notification.PRIORITY_LOW)
}
builder.setSmallIcon(android.R.drawable.stat_sys_download)
.setSmallIcon(android.R.drawable.stat_sys_download)
.setContentTitle(title)
.setProgress(0, 0, true)
.setOngoing(true)

64
app/src/main/res/values-et/strings.xml
View File

@@ -8,16 +8,19 @@
<string name="install">Installi</string>
<string name="section_home">Kodu</string>
<string name="section_theme">Teemad</string>
<string name="denylist">Keeluloend</string>
<!--Home-->
<string name="no_connection">Ühendus puudub</string>
<string name="app_changelog">Muudatuste logi</string>
<string name="loading">Laadimine…</string>
<string name="update">Uuenda</string>
<string name="not_available">puudub</string>
<string name="not_available">teadmata</string>
<string name="hide">Peida</string>
<string name="home_package">Pakett</string>
<string name="home_app_title">Rakendus</string>
<string name="home_notice_content">Laadi Magisk alla vaid ametlikult GitHubi lehelt. Tundmatutest allikatest laaditud failid võivad olla pahatahtlikud!</string>
<string name="home_support_title">Toeta meid</string>
<string name="home_item_source">Lähtekood</string>
<string name="home_support_content">Magisk on ja jääb alati tasuta ning avatud lähtekoodiga kättesaadavaks. Siiski, sa võid meile väikese annetuse näol toetust üles näidata.</string>
@@ -25,20 +28,21 @@
<string name="home_latest_version">Viimatine</string>
<string name="invalid_update_channel">Sobimatu uuenduste kanal</string>
<string name="uninstall_magisk_title">Eemalda Magisk</string>
<string name="uninstall_magisk_msg">Kõik moodulid keelatakse/eemaldatakse!\nJuurkasutaja eemaldatakse!\nSinu andmeid võidakse krüpteerida, kui need juba ei ole krüpteeritud!</string>
<string name="uninstall_magisk_msg">Kõik moodulid keelatakse/eemaldatakse!\nJuurkasutaja eemaldatakse!\nMistahes sisemälu failid, millelt eemaldati Magiski tarbeks krüpteering, krüpteeritakse taas!</string>
<!--Install-->
<string name="keep_force_encryption">Säilita sunnitud krüpteering</string>
<string name="keep_dm_verity">Säilita AVB 2.0/dm-verity</string>
<string name="patch_vbmeta">Paika käivitustõmmises vbmeta</string>
<string name="recovery_mode">Taastusrežiim</string>
<string name="install_options_title">Valikud</string>
<string name="install_method_title">Meetod</string>
<string name="install_next">Edasi</string>
<string name="install_start">Läksime</string>
<string name="manager_download_install">Vajuta allalaadimiseks ja installimiseks.</string>
<string name="manager_download_install">Vajuta allalaadimiseks ja installimiseks</string>
<string name="direct_install">Otsene install (soovitatud)</string>
<string name="install_inactive_slot">Installi ebaaktiivsesse lahtrisse (pärast üle-õhu uuendust)</string>
<string name="install_inactive_slot_msg">Sinu seade SUNNITAKSE peale taaskäivitust käivituma praegusesse ebaaktiivsesse lahtrisse!\nKasuta seda valikut vaid peale üle-õhu uuenduse teostamist.\nJätkad?</string>
<string name="install_inactive_slot_msg">Pärast taaskäivitust SUNNITAKSE sinu seade käivituma praegusesse ebaaktiivsesse lahtrisse!\nKasuta seda valikut vaid peale üle-õhu uuenduse teostamist.\nJätkad?</string>
<string name="setup_title">Lisaseadistus</string>
<string name="select_patch_file">Vali ja paika fail</string>
<string name="patch_file_msg">Vali toortõmmis (*.img) või ODIN tar-fail (*.tar)</string>
@@ -47,6 +51,7 @@
<!--Superuser-->
<string name="su_request_title">Superkasutaja taotlus</string>
<string name="touch_filtered_warning">Kuna rakendus varjab superkasutaja päringut, ei saa Magisk sinu vastust kinnitada</string>
<string name="deny">Keela</string>
<string name="prompt">Küsi</string>
<string name="grant">Luba</string>
@@ -75,8 +80,8 @@
<string name="superuser_policy_none">Ükski rakendus ei ole veel superkasutaja õigusi küsinud.</string>
<!--Logs-->
<string name="log_data_none">Sa oled logivaba, proovi oma superkasutaja õigustega rakendusi rohkem kasutada.</string>
<string name="log_data_magisk_none">Magiski logid on tühjad, see on imelik.</string>
<string name="log_data_none">Sa oled logivaba, proovi oma superkasutaja õigustega rakendusi rohkem kasutada</string>
<string name="log_data_magisk_none">Magiski logid on tühjad, see on imelik</string>
<string name="menuSaveLog">Salvesta logi</string>
<string name="menuClearLog">Tühjenda logi nüüd</string>
<string name="logs_cleared">Logi edukalt tühjendatud.</string>
@@ -85,13 +90,15 @@
<!--SafetyNet-->
<!-- MagiskHide -->
<string name="show_system_app">Kuva süsteemirakendused</string>
<!--MagiskHide-->
<string name="show_system_app">Kuva uuendatavad süsteemirakendused</string>
<string name="show_os_app">Kuva fikseeritud süsteemirakendused</string>
<string name="hide_filter_hint">Filtreeri nime järgi</string>
<string name="hide_search">Otsing</string>
<!--Module -->
<!--Module-->
<string name="no_info_provided">(Info puudub)</string>
<string name="reboot_userspace">Pehme taaskäivitus</string>
<string name="reboot_recovery">Taaskäivita taastusesse</string>
<string name="reboot_bootloader">Taaskäivita käivitushaldurisse</string>
<string name="reboot_download">Taaskäivita allalaadimisrežiimi</string>
@@ -101,8 +108,11 @@
<string name="module_state_restore">Taasta</string>
<string name="module_action_install_external">Installi sisemälust</string>
<string name="update_available">Uuendus saadaval</string>
<string name="suspend_text_riru">Moodul keelatud %1$s lubamise tõttu</string>
<string name="suspend_text_zygisk">Moodul keelatud %1$s mittelubamise tõttu</string>
<string name="zygisk_module_unloaded">Zygisk-moodulit ei laaditud ühildumatuse tõttu</string>
<!--Settings -->
<!--Settings-->
<string name="settings_dark_mode_title">Teema režiim</string>
<string name="settings_dark_mode_message">Vali režiim, mis ühtib sinu stiiliga!</string>
<string name="settings_dark_mode_light">Alati hele</string>
@@ -110,20 +120,30 @@
<string name="settings_dark_mode_dark">Alati tume</string>
<string name="settings_download_path_title">Allalaadimise failitee</string>
<string name="settings_download_path_message">Failid salvestatakse kausta %1$s</string>
<string name="settings_hide_app_title">Peida Magiski rakendus</string>
<string name="settings_hide_app_summary">Paigalda juhusliku paketi-ID ja kohandatud nimega puhverrakendus</string>
<string name="settings_restore_app_title">Taasta Magiski rakendus</string>
<string name="settings_restore_app_summary">Too rakendus peidust välja, taastades originaalse APK</string>
<string name="language">Keel</string>
<string name="system_default">(Süsteemi vaikesäte)</string>
<string name="settings_check_update_title">Kontrolli uuendusi</string>
<string name="settings_check_update_summary">Kontrolli taustal perioodiliselt uuendusi.</string>
<string name="settings_check_update_summary">Kontrolli taustal perioodiliselt uuendusi</string>
<string name="settings_update_channel_title">Uuenduste kanal</string>
<string name="settings_update_stable">Stabiilne</string>
<string name="settings_update_beta">Beeta</string>
<string name="settings_update_custom">Kohandatud</string>
<string name="settings_update_custom_msg">Sisesta kohandatud URL</string>
<string name="settings_update_custom_msg">Sisesta kohandatud kanali URL</string>
<string name="settings_zygisk_summary">Käivita teatud Magiski osi zygote-protsessis</string>
<string name="settings_denylist_title">Jõusta keeluloend</string>
<string name="settings_denylist_summary">Keeluloendis olevatel protsessidel tühistatakse kõik Magiski muudatused</string>
<string name="settings_denylist_error">See funktsioon eeldab %1$s lubamist</string>
<string name="settings_denylist_config_title">Seadista keeluloendit</string>
<string name="settings_denylist_config_summary">Vali keeluloendisse lisatavad protsessid</string>
<string name="settings_hosts_title">Süsteemivaba hosts</string>
<string name="settings_hosts_summary">Süsteemivaba hosts-tugi reklaamiblokeerijatest rakendustele</string>
<string name="settings_hosts_toast">Süsteemivaba hostsi moodul lisatud</string>
<string name="settings_app_name_hint">Uus nimi</string>
<string name="settings_app_name_helper">Rakendus pakitakse selle nimega</string>
<string name="settings_app_name_helper">Rakendus taaspakitakse selle nimega</string>
<string name="settings_app_name_error">Sobimatu vorming</string>
<string name="settings_su_app_adb">Rakendused ja ADB</string>
<string name="settings_su_app">Ainult rakendused</string>
@@ -140,12 +160,14 @@
<string name="request_timeout">Taotluse ajalõpp</string>
<string name="superuser_notification">Superkasutaja teavitus</string>
<string name="settings_su_reauth_title">Taas-autendi peale uuendust</string>
<string name="settings_su_reauth_summary">Taas-autendi superkasutaja õigused peale rakenduse uuendamist</string>
<string name="settings_su_reauth_summary">Pärast rakenduste uuendamist küsi superkasutaja luba uuesti</string>
<string name="settings_su_tapjack_title">Nupu varjamise kaitse</string>
<string name="settings_su_tapjack_summary">Superkasutaja taotluse hüpik ei reageeri vajutusele, kui seda katab mõni teine aken või ülekate</string>
<string name="settings_su_biometric_title">Luba biomeetriaga autentimine</string>
<string name="settings_su_biometric_summary">Kasuta superkasutaja taotluste kinnitamiseks biomeetrilist autentimist</string>
<string name="no_biometric">Mittetoetatud seade või ükski biomeetriaseadistus pole lubatud</string>
<string name="settings_customization">Kohandamine</string>
<string name="setting_add_shortcut_summary">Lisa avakuvale ilus otsetee, juhul kui nime ja ikooni on pärast rakenduse peitmist raske tuvastada</string>
<string name="setting_add_shortcut_summary">Lisa avakuvale ilus otsetee juhuks, kui nime ja ikooni on pärast rakenduse peitmist raske tuvastada</string>
<string name="settings_doh_title">DNS üle HTTPSi</string>
<string name="settings_doh_description">Väldi mõnes riigis DNSi mürgitamist</string>
@@ -182,6 +204,7 @@
<string name="flashing">Välgutamine…</string>
<string name="done">Valmis!</string>
<string name="failure">Ebaõnnestus</string>
<string name="hide_app_title">Magiski rakenduse peitmine…</string>
<string name="open_link_failed_toast">Lingi avamiseks sobivat rakendust ei leitud.</string>
<string name="complete_uninstall">Täielik eemaldus</string>
<string name="restore_img">Taasta tõmmised</string>
@@ -190,11 +213,22 @@
<string name="restore_fail">Originaalne varundus puudub!</string>
<string name="setup_fail">Seadistus ebaõnnnestus</string>
<string name="env_fix_title">Vajab lisaseadistust</string>
<string name="env_fix_msg">Sinu seade vajab Magiski korralikuks toimimiseks lisaseadistust. Kas soovid jätkata ning seadme taaskäivitada?</string>
<string name="setup_msg">Käivitan keskkonnaseadistust…</string>
<string name="authenticate">Autendi</string>
<string name="unsupport_magisk_title">Mittetoetatud Magiski versioon</string>
<string name="unsupport_magisk_msg">See rakenduse versioon ei toeta Magiski versioone, mis on vanemad kui %1$s.\n\nRakendus käitub nii, nagu Magisk ei olekski installitud, palun täienda Magiskit esimesel võimalusel.</string>
<string name="unsupport_general_title">Ebanormaalne seisund</string>
<string name="unsupport_system_app_msg">Selle rakenduse käitamine süsteemirakendusena ei ole toetatud. Palun taasta see kasutajarakenduseks.</string>
<string name="unsupport_other_su_msg">Tuvastati \"su\"-binaar, mida ei installinud Magisk. Palun eemalda mistahes konkureeriv juurkasutaja paigaldus ja/või taasinstalli Magisk.</string>
<string name="unsupport_external_storage_msg">Magisk on paigaldatud välismällu. Palun liiguta rakendus sisemällu.</string>
<string name="unsupport_nonroot_stub_msg">Peidetud Magiski rakendus ei saa enam töötada, kuna juurkasutaja on kadunud. Palun taasta originaalne APK.</string>
<string name="unsupport_nonroot_stub_title">@string/settings_restore_app_title</string>
<string name="external_rw_permission_denied">Selle funktsionaalsuse lubamiseks anna mäluruumi haldamise luba</string>
<string name="add_shortcut_title">Lisa avakuvale otsetee</string>
<string name="add_shortcut_msg">Pärast selle rakenduse peitmist võib selle nimi ja ikoon olla raskesti tuvastatav. Kas soovid avakuvale lisada ilusa otsetee?</string>
<string name="app_not_found">Selle tegevuse teostamiseks ei leitud ühtegi rakendust</string>
<string name="reboot_apply_change">Muudatuste rakendamiseks taaskäivita</string>
<string name="restore_app_confirmation">See taastab peidetud rakenduse uuesti originaalseks rakenduseks. Kas soovid tõesti seda teha?</string>
</resources>

29
app/src/main/res/values-it/strings.xml
View File

@@ -23,16 +23,17 @@
<string name="home_notice_content">Scarica Magisk SOLTANTO dalla pagina GitHub ufficiale. I file provenienti da fonti sconosciute possono essere dannosi!</string>
<string name="home_support_title">Supportaci</string>
<string name="home_item_source">Codice sorgente</string>
<string name="home_support_content">Magisk è e sempre sarà gratuito ed open source. Puoi comunque mostrarci il tuo apprezzamento inviando una piccola donazione.</string>
<string name="home_support_content">Magisk è, e sempre sarà, gratuito ed open source. Puoi comunque mostrarci il tuo apprezzamento facendo una donazione.</string>
<string name="home_installed_version">Installata</string>
<string name="home_latest_version">Ultima</string>
<string name="invalid_update_channel">Canale di aggiornamento non valido</string>
<string name="uninstall_magisk_title">Disinstalla Magisk</string>
<string name="uninstall_magisk_msg">Tutti i moduli verranno disabilitati/rimossi!\nIl root verrà rimosso e i tuoi dati potrebbero essere criptati, nel caso non lo siano già.</string>
<string name="uninstall_magisk_msg">Tutti i moduli verranno disabilitati/rimossi!\nIl root verrà rimosso!\nGli spazi di archiviazione interni decriptati tramite l\'uso di Magisk verranno nuovamente criptati!</string>
<!--Install-->
<string name="keep_force_encryption">Mantieni crittografia forzata</string>
<string name="keep_dm_verity">Mantieni AVB 2.0/dm-verity</string>
<string name="patch_vbmeta">Correggi vbmeta nell\'immagine di boot</string>
<string name="recovery_mode">Modalità recovery</string>
<string name="install_options_title">Opzioni</string>
<string name="install_method_title">Metodo</string>
@@ -87,8 +88,6 @@
<string name="pid">PID: %1$d</string>
<string name="target_uid">Target UID: %1$d</string>
<!--SafetyNet-->
<!-- MagiskHide -->
<string name="show_system_app">Mostra app di sistema</string>
<string name="show_os_app">Mostra app del sistema operativo</string>
@@ -130,8 +129,8 @@
<string name="settings_update_channel_title">Canale di aggiornamento</string>
<string name="settings_update_stable">Stabile</string>
<string name="settings_update_beta">Beta</string>
<string name="settings_update_custom">Canale personalizzato</string>
<string name="settings_update_custom_msg">Inserisci un URL personalizzato</string>
<string name="settings_update_custom">Personalizzato</string>
<string name="settings_update_custom_msg">Inserisci l\'URL del canale personalizzato</string>
<string name="settings_zygisk_summary">Esegui parti di Magisk nel processo zygote</string>
<string name="settings_denylist_title">Applica lista di blocco</string>
<string name="settings_denylist_summary">Tutte le modifiche apportate da Magisk verranno annullate per i processi in lista di blocco</string>
@@ -160,15 +159,15 @@
<string name="superuser_notification">Notifica di accesso root</string>
<string name="settings_su_reauth_title">Riautentica dopo aggiornamento</string>
<string name="settings_su_reauth_summary">Richiedi nuovamente i permessi di root dopo l\'aggiornamento di un\'app</string>
<string name="settings_su_tapjack_title">Abilita protezione anti-tapjacking</string>
<string name="settings_su_tapjack_title">Protezione anti-tapjacking</string>
<string name="settings_su_tapjack_summary">La schermata di richiesta dei permessi di root non risponderà al tocco mentre è oscurata da altre finestre o elementi in sovraimpressione</string>
<string name="settings_su_biometric_title">Abilita autenticazione biometrica</string>
<string name="settings_su_biometric_title">Autenticazione biometrica</string>
<string name="settings_su_biometric_summary">Utilizza l\'autenticazione biometrica per accettare le richieste di accesso root</string>
<string name="no_biometric">Il dispositivo non è supportato o le impostazioni biometriche sono disattivate</string>
<string name="settings_customization">Personalizzazione</string>
<string name="setting_add_shortcut_summary">Aggiungi un collegamento alla schermata iniziale se il nome e l\'icona sono difficili da riconoscere dopo aver nascosto l\'app</string>
<string name="settings_doh_title">DNS over HTTPS</string>
<string name="settings_doh_description">Soluzione alternativa al DNS poisoning in alcune nazioni</string>
<string name="settings_doh_description">Aggira il DNS poisoning in alcune nazioni</string>
<string name="multiuser_mode">Modalità multiutente</string>
<string name="settings_owner_only">Solo per il proprietario del dispositivo</string>
@@ -187,11 +186,14 @@
<string name="isolate_summary">Ogni sessione di root avrà il suo namespace isolato</string>
<!--Notifications-->
<string name="update_channel">Aggiornamenti Magisk</string>
<string name="update_channel">Aggiornamenti di Magisk</string>
<string name="progress_channel">Notifiche di avanzamento</string>
<string name="updated_channel">Aggiornamento completato</string>
<string name="download_complete">Download completato</string>
<string name="download_file_error">Errore durante il download del file</string>
<string name="magisk_update_title">È disponibile un aggiornamento di Magisk!</string>
<string name="updated_title">Magisk è stato aggiornato</string>
<string name="updated_text">Tocca per aprire l\'app</string>
<!--Toasts, Dialogs-->
<string name="yes"></string>
@@ -216,14 +218,15 @@
<string name="setup_msg">Configurazione dell\'ambiente in corso…</string>
<string name="authenticate">Autentica</string>
<string name="unsupport_magisk_title">Versione di Magisk non supportata</string>
<string name="unsupport_magisk_msg">Questa versione dell\'app non supporta versioni di Magisk inferiori a %1$s.\n\nL\'app si comporterà come se Magisk non fosse installato: aggiornalo il prima possibile.</string>
<string name="unsupport_magisk_msg">Questa versione dell\'app non supporta le versioni di Magisk inferiori a %1$s.\n\nL\'app si comporterà come se Magisk non fosse installato: aggiornalo il prima possibile.</string>
<string name="unsupport_general_title">Stato anomalo rilevato</string>
<string name="unsupport_system_app_msg">L\'esecuzione di quest\'app come app di sistema non è supportata. Reinstallala come applicazione utente.</string>
<string name="unsupport_other_su_msg">È stato rilevato un comando \"su\" che non appartiene a Magisk. Rimuovilo per evitare malfunzionamenti.</string>
<string name="unsupport_other_su_msg">È stato rilevato un binario \"su\" che non appartiene a Magisk. Rimuovi qualsiasi altro sistema di root e/o reinstalla Magisk.</string>
<string name="unsupport_external_storage_msg">Magisk è installato nella memoria esterna. Sposta l\'app nella memoria interna.</string>
<string name="unsupport_nonroot_stub_msg">Dal momento che i permessi di root sono stati persi, l\'app non può più funzionare rimanendo nascosta. Ripristina l\'APK originale.</string>
<string name="unsupport_nonroot_stub_msg">Dal momento che i permessi di root sono stati persi, l\'app di Magisk nascosta non può più funzionare. Ripristina l\'APK originale.</string>
<string name="unsupport_nonroot_stub_title">@string/settings_restore_app_title</string>
<string name="external_rw_permission_denied">Consenti l\'accesso alla memoria del dispositivo per abilitare questa opzione</string>
<string name="install_unknown_denied">Consenti l\'installazione di app sconosciute per abilitare questa funzionalità</string>
<string name="add_shortcut_title">Aggiungi collegamento alla schermata iniziale</string>
<string name="add_shortcut_msg">Dopo aver nascosto quest\'app, il suo nome e la sua icona potrebbero diventare difficili da riconoscere. Vuoi aggiungere una scorciatoia alla schermata principale?</string>
<string name="app_not_found">Non è stata trovata un\'app per gestire questa azione</string>

5
app/src/main/res/values-sk/strings.xml
View File

@@ -33,6 +33,7 @@
<!--Install-->
<string name="keep_force_encryption">Ponechať vynútené šifrovanie</string>
<string name="keep_dm_verity">Ponechať AVB 2.0/dm-verity</string>
<string name="patch_vbmeta">Zaplátať vbmeta v boot image</string>
<string name="recovery_mode">Režim Recovery</string>
<string name="install_options_title">Možnosti</string>
<string name="install_method_title">Metóda</string>
@@ -189,9 +190,12 @@
<!--Notifications-->
<string name="update_channel">Aktualizácie Magisku</string>
<string name="progress_channel">Upozornenia o priebehu</string>
<string name="updated_channel">Aktualizácia dokončená</string>
<string name="download_complete">Sťahovanie ukončené</string>
<string name="download_file_error">Chyba sťahovania súboru</string>
<string name="magisk_update_title">Je dostupná aktualizácia Magisku!</string>
<string name="updated_title">Magisk aktualizovaný</string>
<string name="updated_text">Ťuknutím otvoríte apku</string>
<!--Toasts, Dialogs-->
<string name="yes">Áno</string>
@@ -224,6 +228,7 @@
<string name="unsupport_nonroot_stub_msg">Skrytá aplikácia Magisk nemôže pokračovať v práci, lebo root sa stratil. Prosím, obnovte ju z pôvodného súboru APK.</string>
<string name="unsupport_nonroot_stub_title">@string/settings_restore_app_title</string>
<string name="external_rw_permission_denied">Udeľte povolenie pre povolenie tejto funkcie</string>
<string name="install_unknown_denied">Povoľte "inštaláciu neznámych aplikácii" na povolenie tejto funkcie</string>
<string name="add_shortcut_title">Pridať odkaz na domovskú obrazovku</string>
<string name="add_shortcut_msg">Po skrytí tejto aplikácie sa jej názov a ikona môžu stať ťažko rozoznateľnými. Chcete pridať krajší odkaz na domovskú obrazovku?</string>
<string name="app_not_found">Nenašla sa žiadna aplikácia, ktorá dokáže spracovať túto akciu</string>

6
app/src/main/res/values-sq/strings.xml
View File

@@ -133,7 +133,7 @@
<string name="settings_update_beta">Beta</string>
<string name="settings_update_custom">Kanal me porosi</string>
<string name="settings_update_custom_msg">Fut një URL të personalizuar</string>
<string name="settings_zygisk_summary">Drejtoni pjesë të Magisk në demonin zigotë</string>
<string name="settings_zygisk_summary">Drejtoni pjesë të Magisk në demonin zygote</string>
<string name="settings_denylist_title">Zbato Listën e Mohimit</string>
<string name="settings_denylist_summary">Proceset në listën e mohimit do të kenë të gjitha modifikimet e Magisk</string>
<string name="settings_denylist_error">Ky funksion kërkon %1$s për tu aktivizuar</string>
@@ -187,10 +187,13 @@
<!--Notifications-->
<string name="update_channel">Përditësimet e magisk</string>
<string name="updated_channel">Përditësimi përfundoi</string>
<string name="progress_channel">Njoftimet e progresit</string>
<string name="download_complete">Shkarkimi përfundoi</string>
<string name="download_file_error">Gabim në shkarkimin e skedarit</string>
<string name="magisk_update_title">Përditësimi Magisk i disponueshëm!</string>
<string name="updated_title">Magisk u përditësua</string>
<string name="updated_text">Prekni për të hapur aplikacionin</string>
<!--Toasts, Dialogs-->
<string name="yes">Po</string>
@@ -223,6 +226,7 @@
<string name="unsupport_nonroot_stub_msg">Aplikacioni nuk mund të vazhdojë të punojë në gjendjen e fshehur pasi rrënja ishte e humbur. Ju lutemi rivendoseni përsëri në APK-në origjinale.</string>
<string name="unsupport_nonroot_stub_title">@string/settings_restore_app_title</string>
<string name="external_rw_permission_denied">Jepni lejen e ruajtjes për të aktivizuar këtë funksion</string>
<string name="install_unknown_denied">Lejo "instaloni aplikacione të panjohura" për të aktivizuar këtë funksion</string>
<string name="add_shortcut_title">Shto shkurtore në ekranin bazë</string>
<string name="add_shortcut_msg">Pas fshehjes së këtij aplikacioni, emri dhe ikona e tij mund të bëhen të vështira për tu njohur. Dëshironi të shtoni një shkurtore mjaft të bukur në ekranin bazë?</string>
<string name="app_not_found">Asnjë aplikacion nuk u gjet për të trajtuar këtë veprim</string>

24
app/src/main/res/values-th/strings.xml
View File

@@ -8,12 +8,12 @@
<string name="install">ติดตั้ง</string>
<!--Status Fragment-->
<string name="invalid_update_channel">ช่องทางการอัเดตไม่ถูกต้อง</string>
<string name="invalid_update_channel">ช่องทางการอัเดตไม่ถูกต้อง</string>
<string name="keep_force_encryption">เก็บค่าบังคับการเข้ารหัส</string>
<string name="keep_dm_verity">เก็บค่า AVB 2.0/dm-verity</string>
<string name="uninstall_magisk_title">ถอนการติดตั้ง Magisk</string>
<string name="uninstall_magisk_msg">โมดูลทั้งหมดจะถูกปิดการใช้งาน/ถูกลบ, สิทธิการเข้าถึง Root จะถูกลบ และข้อมูลของคุณอาจถูกเข้ารหัส</string>
<string name="update">อัเดต</string>
<string name="update">อัเดต</string>
<!--Module Fragment-->
<string name="no_info_provided">(ไม่มีข้อมูล)</string>
@@ -22,7 +22,7 @@
<string name="reboot_download">รีบู๊ตไป Download</string>
<!--Repo Fragment-->
<string name="update_available">มีการอัเดต</string>
<string name="update_available">มีการอัเดต</string>
<string name="home_installed_version">ติดตั้งแล้ว</string>
<!--Log Fragment-->
@@ -34,17 +34,17 @@
<string name="app_changelog">สิ่งที่เพิ่มใหม่</string>
<!-- System Components, Notifications -->
<string name="update_channel">การอัเดต Magisk</string>
<string name="update_channel">การอัเดต Magisk</string>
<string name="progress_channel">สถานะ</string>
<string name="download_complete">ดาวน์โหลดสำเร็จ</string>
<string name="download_file_error">เกิดข้อผิดพลาดในการดาวน์โหลดไฟล์</string>
<string name="magisk_update_title">มีการอัเดต Magisk!</string>
<string name="magisk_update_title">มีการอัเดต Magisk!</string>
<!--Toasts, Dialogs-->
<string name="repo_install_title">ติดตั้ง %1$s %2$s(%3$d)</string>
<string name="download">ดาวน์โหลด</string>
<string name="reboot">รีบู๊ต</string>
<string name="release_notes">-้อมูลเพิ่มเติม</string>
<string name="release_notes">้อมูลเพิ่มเติม</string>
<string name="manager_download_install">แตะเพื่อดาวน์โหลดและติดตั้ง</string>
<string name="flashing">กำลังแฟลช</string>
<string name="open_link_failed_toast">ไม่พบแอปพลิเคชันสำหรับเปิดลิ้งค์</string>
@@ -64,9 +64,9 @@
<!--Settings Activity -->
<string name="language">ภาษา</string>
<string name="system_default">(มาตรฐานระบบ)</string>
<string name="settings_check_update_title">ตรวจสอบการอัเดต</string>
<string name="settings_check_update_summary">ตรวจสอบการอัเดตเป็นระยะในพื้นหลัง</string>
<string name="settings_update_channel_title">ช่องทางการอัเดต</string>
<string name="settings_check_update_title">ตรวจสอบการอัเดต</string>
<string name="settings_check_update_summary">ตรวจสอบการอัเดตเป็นระยะในพื้นหลัง</string>
<string name="settings_update_channel_title">ช่องทางการอัเดต</string>
<string name="settings_update_stable">เสถียร</string>
<string name="settings_update_beta">เบต้า</string>
<string name="settings_update_custom">กำหนดเอง</string>
@@ -89,8 +89,8 @@
<string name="auto_response">การตอบกลับ</string>
<string name="request_timeout">เวลาการขอใช้งาน</string>
<string name="superuser_notification">การแจ้งเตือน Superuser</string>
<string name="settings_su_reauth_title">ขอสิทธิ์ใหม่หลังจากอัเกรด</string>
<string name="settings_su_reauth_summary">ขอสิทธิ์ superuser ใหม่หลังจากแอปถูกอัเกรด</string>
<string name="settings_su_reauth_title">ขอสิทธิ์ใหม่หลังจากอัเกรด</string>
<string name="settings_su_reauth_summary">ขอสิทธิ์ superuser ใหม่หลังจากแอปถูกอัเกรด</string>
<string name="multiuser_mode">โหมดผู้ใช้หลายคน</string>
<string name="settings_owner_only">เจ้าของอุปกรณ์เท่านั้น</string>
@@ -115,7 +115,7 @@
<string name="grant">อนุญาต</string>
<string name="su_warning">จะให้การเข้าถึงอุปกรณ์ในทุกรูปแบบ กรุณาปฏิเสธหากคุณไม่มั่นใจ!</string>
<string name="forever">ตลอดกาล</string>
<string name="once">คั้งเดียว</string>
<string name="once">ั้งเดียว</string>
<string name="tenmin">10 นาที</string>
<string name="twentymin">20 นาที</string>
<string name="thirtymin">30 นาที</string>

35
app/src/main/res/values-vi/strings.xml
View File

@@ -6,7 +6,7 @@
<string name="logs">Nhật ký</string>
<string name="settings">Cài đặt</string>
<string name="install">Cài đặt</string>
<string name="section_home">Home</string>
<string name="section_home">Trang chủ</string>
<string name="section_theme">Chủ đề</string>
<string name="denylist">DenyList</string>
@@ -23,16 +23,17 @@
<string name="home_notice_content">Chỉ nên tải Magisk từ trang GitHub chính thức. Tải tệp từ các nguồn không rõ có thể gây hại!</string>
<string name="home_support_title">Hỗ trợ chúng tôi</string>
<string name="home_item_source">Nguồn</string>
<string name="home_support_content">Magisk, và sẽ luôn luôn là, miễn phí và mã nguồn mở. Tuy nhiên, bạn có thể cho chúng tôi thấy rằng bạn quan tâm bằng cách gửi một khoản đóng góp nhỏ.</string>
<string name="home_support_content">Magisk sẽ, và luôn luôn là, miễn phí và mã nguồn mở. Tuy nhiên, bạn có thể cho chúng tôi thấy rằng bạn quan tâm bằng cách gửi một khoản đóng góp nhỏ.</string>
<string name="home_installed_version">Cài đặt</string>
<string name="home_latest_version">Mới nhất</string>
<string name="invalid_update_channel">Kênh cập nhật không hợp lệ</string>
<string name="uninstall_magisk_title">Gỡ cài đặt Magisk</string>
<string name="uninstall_magisk_msg">Tất cả các mô-đun sẽ bị tắt hoặc bị xóa!\nRoot sẽ bị gỡ bỏ\nDữ liệu của bạn có thể bị mã hóa lại nếu nó không mã hóa!</string>
<!--Settings-->
<!--Install-->
<string name="keep_force_encryption">Giữ bắt buộc mã hóa</string>
<string name="keep_dm_verity">Giữ AVB 2.0/dm-verity</string>
<string name="patch_vbmeta">Vá vbmeta trong boot image</string>
<string name="recovery_mode">Chế độ Recovery</string>
<string name="install_options_title">Tùy chọn</string>
<string name="install_method_title">Phương pháp</string>
@@ -41,7 +42,7 @@
<string name="manager_download_install">Nhấn để tải xuống và cài đặt</string>
<string name="direct_install">Cài đặt trực tiếp (Khuyến nghị)</string>
<string name="install_inactive_slot">Cài đặt vào vùng không hoạt động (Sau OTA)</string>
<string name="install_inactive_slot_msg">Thiết bị của bạn sẽ BẮT BUỘC khởi động vào vị trí không hoạt động hiện tại sau khi khởi động lại!\nChỉ sử dụng tùy chọn này sau khi hoàn tất OTA.\nTiếp tục chứ?</string>
<string name="install_inactive_slot_msg">Thiết bị của bạn sẽ bị BUỘC khởi động vào vị trí không hoạt động hiện tại sau khi khởi động lại!\nChỉ sử dụng tùy chọn này sau khi hoàn tất OTA.\nTiếp tục chứ?</string>
<string name="setup_title">Thiết lập bổ sung</string>
<string name="select_patch_file">Chọn và vá tệp</string>
<string name="patch_file_msg">Chọn đĩa ảnh (*.img) hoặc tệp tarfile ODIN (*.tar)</string>
@@ -50,7 +51,7 @@
<!--Superuser-->
<string name="su_request_title">Yêu cầu Superuser</string>
<string name="touch_filtered_warning">Vì một ứng dụng đang che phủ yêu cầu Superuser, Magisk không thể xác minh đó là phản hồi của bạn</string>
<string name="touch_filtered_warning">Vì một ứng dụng đang che phủ yêu cầu Superuser, Magisk không thể xác minh phản hồi của bạn</string>
<string name="deny">Từ chối</string>
<string name="prompt">Nhắc nhở</string>
<string name="grant">Cấp phép</string>
@@ -79,7 +80,7 @@
<string name="superuser_policy_none">Chưa có ứng dụng nào yêu cầu Superuser.</string>
<!--Logs-->
<string name="log_data_none">Nhật ký của bạn đang trống, hãy thử sử dụng các ứng dụng hỗ trợ SU của bạn nhiều hơn</string>
<string name="log_data_none">Nhật ký của bạn đang trống, hãy thử sử dụng các ứng dụng root của bạn nhiều hơn</string>
<string name="log_data_magisk_none">Nhật ký Magisk trống, điều đó thật kỳ lạ</string>
<string name="menuSaveLog">Lưu nhật ký</string>
<string name="menuClearLog">Xóa nhật ký ngay bây giờ</string>
@@ -102,14 +103,15 @@
<string name="reboot_bootloader">Khởi động lại vào Bootloader</string>
<string name="reboot_download">Khởi động lại vào Download</string>
<string name="reboot_edl">Khởi động lại vào EDL</string>
<string name="module_version_author">%1$s x %2$s</string>
<string name="module_state_remove">Loại bỏ</string>
<string name="module_version_author">%1$s bởi %2$s</string>
<string name="module_state_remove">Gỡ bỏ</string>
<string name="module_state_restore">Khôi phục</string>
<string name="module_action_install_external">Cài đặt từ bộ nhớ</string>
<string name="update_available">Cập nhật có sẵn</string>
<string name="suspend_text_riru">Mô-đun bị vô hiệu hóa vì %1$s được bật</string>
<string name="suspend_text_zygisk">Mô-đun bị vô hiệu hóa vì %1$s không được bật</string>
<string name="zygisk_module_unloaded">Không tải mô-đun Zygisk vì không tương thích</string>
<!--Settings-->
<string name="settings_dark_mode_title">Chế độ chủ đề</string>
<string name="settings_dark_mode_message">Chọn chế độ phù hợp nhất với phong cách của bạn!</string>
@@ -159,13 +161,15 @@
<string name="superuser_notification">Thông báo của Superuser</string>
<string name="settings_su_reauth_title">Xác thực lại sau khi nâng cấp</string>
<string name="settings_su_reauth_summary">Xác thực lại quyền Superuser sau khi nâng cấp ứng dụng</string>
<string name="settings_su_tapjack_title">Kích hoạt tính năng bảo vệ bằng Tapjacking</string>
<string name="settings_su_tapjack_title">Bảo vệ khỏi Tapjacking</string>
<string name="settings_su_tapjack_summary">Hộp thoại nhắc Superuser sẽ không trả lời đầu vào khi bị che khuất bởi bất kỳ cửa sổ hoặc lớp phủ nào khác</string>
<string name="settings_su_biometric_title">Bật xác thực sinh trắc học</string>
<string name="settings_su_biometric_summary">Sử dụng xác thực sinh trắc học để xác nhận yêu cầu Superuser</string>
<string name="no_biometric">Thiết bị của bạn không được hỗ trợ hoặc không có phương pháp xác thực sinh trắc học nào được kích hoạt</string>
<string name="settings_customization">Tùy biến</string>
<string name="setting_add_shortcut_summary">Thêm một phím tắt đẹp vào màn hình trong trường hợp khó nhận ra tên và biểu tượng sau khi ẩn ứng dụng</string>
<string name="settings_doh_title">DNS over HTTPS</string>
<string name="settings_doh_description">Workaround DNS poisoning in some nations</string>
<string name="multiuser_mode">Chế độ đa người dùng</string>
<string name="settings_owner_only">Chỉ chủ sở hữu thiết bị</string>
@@ -186,9 +190,12 @@
<!--Thông báo-->
<string name="update_channel">Cập nhật Magisk</string>
<string name="progress_channel">Thông báo tiến độ</string>
<string name="updated_channel">Cập nhật hoàn tất</string>
<string name="download_complete">Tải về hoàn tất</string>
<string name="download_file_error">Lỗi khi tải xuống tệp</string>
<string name="magisk_update_title">Cập nhật Magisk có sẵn!</string>
<string name="updated_title">Đã cập nhật Magisk</string>
<string name="updated_text">Chạm để mở ứng dụng</string>
<!--Toasts, Dialogs-->
<string name="yes">Đồng ý</string>
@@ -203,10 +210,10 @@
<string name="hide_app_title">Đang ẩn ứng dụng Magisk…</string>
<string name="open_link_failed_toast">Không tìm thấy ứng dụng nào để mở liên kết</string>
<string name="complete_uninstall">Hoàn thành Gỡ cài đặt</string>
<string name="restore_img">Khôi phục đĩa ảnh boot</string>
<string name="restore_img">Khôi phục đĩa ảnh boot (image)</string>
<string name="restore_img_msg">Đang khôi phục…</string>
<string name="restore_done">Đã khôi phục xong!</string>
<string name="restore_fail">Bản gốc không tồn tại!</string>
<string name="restore_fail">Bản sao lưu gốc không tồn tại!</string>
<string name="setup_fail">Thiết lập không thành công</string>
<string name="env_fix_title">Yêu cầu thiết lập bổ sung</string>
<string name="env_fix_msg">Thiết bị của bạn cần thiết lập bổ sung để Magisk hoạt động bình thường. Bạn có muốn tiếp tục và khởi động lại không?</string>
@@ -216,14 +223,16 @@
<string name="unsupport_magisk_msg">Phiên bản hiện tại của ứng dụng không hỗ trợ phiên bản Magisk thấp hơn %1$s.\n\nỨng dụng sẽ hoạt động như thể Magisk chưa được cài đặt. Vui lòng nâng cấp lên phiên bản mới nhất.</string>
<string name="unsupport_general_title">Trạng thái bất thường</string>
<string name="unsupport_system_app_msg">Không hỗ trợ chạy ứng dụng này dưới dạng ứng dụng hệ thống. Vui lòng hoàn nguyên ứng dụng về ứng dụng người dùng.</string>
<string name="unsupport_other_su_msg">Một lệnh \"su\" không thuộc về Magisk được phát hiện. Vui lòng loại bỏ su không được hỗ trợ khác.</string>
<string name="unsupport_other_su_msg">Một lệnh \"su\" không thuộc về Magisk được phát hiện. Vui lòng gỡ bỏ bất kì phương pháp root khác và/hoặc cài đặt lại Magisk.</string>
<string name="unsupport_external_storage_msg">Magisk được cài đặt vào bộ nhớ ngoài. Vui lòng chuyển ứng dụng vào bộ nhớ trong.</string>
<string name="unsupport_nonroot_stub_msg">Ứng dụng không thể tiếp tục hoạt động ở trạng thái ẩn vì mất quyền root. Vui lòng khôi phục nó trở lại APK ban đầu.</string>
<string name="unsupport_nonroot_stub_title">@string/settings_restore_app_title</string>
<string name="external_rw_permission_denied">Cấp quyền lưu trữ để bật chức năng này</string>
<string name="install_unknown_denied">Cho phép "cài đặt ứng dụng không rõ nguồn gốc" để bật chức năng này</string>
<string name="add_shortcut_title">Thêm lối tắt vào màn hình chính</string>
<string name="add_shortcut_msg">Sau khi ẩn ứng dụng này, tên và biểu tượng của nó có thể trở nên khó nhận ra. Bạn có muốn thêm một phím tắt đẹp vào màn hình chính không?</string>
<string name="app_not_found">Không tìm thấy ứng dụng nào để xử lý hành động này</string>
<string name="reboot_apply_change">Khởi động lại để áp dụng các thay đổi</string>
<string name="restore_app_confirmation">Điều này sẽ khôi phục ứng dụng ẩn về nguyên bản. Bạn chắc chắn muốn làm điều này chứ?</string>
</resources>

6
app/src/main/res/values-zh-rCN/strings.xml
View File

@@ -23,7 +23,7 @@
<string name="home_notice_content">仅从官方 GitHub 页面下载 Magisk。未知来源的文件可能具有恶意行为</string>
<string name="home_support_title">支持开发</string>
<string name="home_item_source">源代码</string>
<string name="home_support_content">Magisk 将一直保持自由且开源,向开发者捐赠以表示支持。</string>
<string name="home_support_content">Magisk 将一直保持免费且开源,向开发者捐赠以表示支持。</string>
<string name="home_installed_version">当前</string>
<string name="home_latest_version">最新</string>
<string name="invalid_update_channel">无效的更新通道</string>
@@ -190,9 +190,12 @@
<!--Notifications-->
<string name="update_channel">更新提示</string>
<string name="progress_channel">下载进度</string>
<string name="updated_channel">更新完成</string>
<string name="download_complete">下载完成</string>
<string name="download_file_error">下载失败</string>
<string name="magisk_update_title">Magisk 已发布新版本!</string>
<string name="updated_title">Magisk 已完成更新</string>
<string name="updated_text">点按即可打开应用</string>
<!--Toasts, Dialogs-->
<string name="yes"></string>
@@ -225,6 +228,7 @@
<string name="unsupport_nonroot_stub_msg">超级用户权限丢失,应用无法在隐藏状态下继续工作,请恢复到原始 Magisk 应用。</string>
<string name="unsupport_nonroot_stub_title">@string/settings_restore_app_title</string>
<string name="external_rw_permission_denied">允许访问存储空间以使用此功能</string>
<string name="install_unknown_denied">允许安装未知应用以使用此功能</string>
<string name="add_shortcut_title">添加快捷方式到桌面</string>
<string name="add_shortcut_msg">隐藏后应用的名字和图标可能难以识别。需要在桌面上添加具有原始名称和图标的快捷方式吗?</string>
<string name="app_not_found">找不到可处理此操作的应用</string>

7
app/src/main/res/values-zh-rTW/strings.xml
View File

@@ -33,6 +33,7 @@
<!--Install-->
<string name="keep_force_encryption">保持強制加密</string>
<string name="keep_dm_verity">保持 AVB 2.0/dm-verity</string>
<string name="patch_vbmeta">修補 vbmeta 到開機映像檔</string>
<string name="recovery_mode">安裝至 Recovery</string>
<string name="install_options_title">選項</string>
<string name="install_method_title">安裝方式</string>
@@ -107,6 +108,9 @@
<string name="module_state_restore">還原</string>
<string name="module_action_install_external">從本機安裝</string>
<string name="update_available">有可用的更新</string>
<string name="suspend_text_riru">此模組因 %1$s 已啟用而暫停運作</string>
<string name="suspend_text_zygisk">此模組因 %1$s 未啟用而暫停運作</string>
<string name="zygisk_module_unloaded">此 Zygisk 模組因未相容而不載入</string>
<!--Settings -->
<string name="settings_dark_mode_title">主題模式</string>
@@ -224,6 +228,7 @@
<string name="add_shortcut_title">新增捷徑到首頁</string>
<string name="add_shortcut_msg">在隱藏 Magisk 之後,其名稱與圖示將難以辨識。您想要新增一個精緻的捷徑到桌面嗎?</string>
<string name="app_not_found">沒有可以處理這個操作的應用程式</string>
<string name="reboot_apply_change">重新啟動裝置以套用設變更</string>
<string name="reboot_apply_change">重新啟動裝置以套用設變更</string>
<string name="restore_app_confirmation">這將會還原隱藏的應用程式回到原本的應用程式。請問您確定要執行?</string>
</resources>

8
app/src/main/res/values/strings.xml
View File

@@ -131,8 +131,8 @@
<string name="settings_update_channel_title">Update Channel</string>
<string name="settings_update_stable">Stable</string>
<string name="settings_update_beta">Beta</string>
<string name="settings_update_custom">Custom Channel</string>
<string name="settings_update_custom_msg">Insert a custom URL</string>
<string name="settings_update_custom">Custom</string>
<string name="settings_update_custom_msg">Insert a custom channel URL</string>
<string name="settings_zygisk_summary">Run parts of Magisk in the zygote daemon</string>
<string name="settings_denylist_title">Enforce DenyList</string>
<string name="settings_denylist_summary">Processes on the denylist will have all Magisk modifications reverted</string>
@@ -190,9 +190,12 @@
<!--Notifications-->
<string name="update_channel">Magisk Updates</string>
<string name="progress_channel">Progress Notifications</string>
<string name="updated_channel">Update Complete</string>
<string name="download_complete">Download complete</string>
<string name="download_file_error">Error downloading file</string>
<string name="magisk_update_title">Magisk Update Available!</string>
<string name="updated_title">Magisk Updated</string>
<string name="updated_text">Tap to open app</string>
<!--Toasts, Dialogs-->
<string name="yes">Yes</string>
@@ -225,6 +228,7 @@
<string name="unsupport_nonroot_stub_msg">The hidden Magisk app cannot continue to work because root was lost. Please restore the original APK.</string>
<string name="unsupport_nonroot_stub_title">@string/settings_restore_app_title</string>
<string name="external_rw_permission_denied">Grant storage permission to enable this functionality</string>
<string name="install_unknown_denied">Allow "install unknown apps" to enable this functionality</string>
<string name="add_shortcut_title">Add shortcut to home screen</string>
<string name="add_shortcut_msg">After hiding this app, its name and icon might become difficult to recognize. Do you want to add a pretty shortcut to the home screen?</string>
<string name="app_not_found">No app found to handle this action</string>

6
build.py
View File

@@ -405,7 +405,7 @@ def cleanup(args):
def setup_ndk(args):
os_name = platform.system().lower()
ndk_ver = config['ndkVersion']
url = f'https://dl.google.com/android/repository/android-ndk-r{ndk_ver}-{os_name}-x86_64.zip'
url = f'https://dl.google.com/android/repository/android-ndk-r{ndk_ver}-{os_name}.zip'
ndk_zip = url.split('/')[-1]
header(f'* Downloading {ndk_zip}')
@@ -417,7 +417,7 @@ def setup_ndk(args):
with zipfile.ZipFile(ndk_zip, 'r') as zf:
for info in zf.infolist():
vprint(f'Extracting {info.filename}')
if info.external_attr == 2716663808: # symlink
if info.external_attr >> 28 == 0xA: # symlink
src = zf.read(info).decode("utf-8")
dest = op.join(ndk_root, info.filename)
os.symlink(src, dest)
@@ -491,7 +491,7 @@ def patch_avd_ramdisk(args):
'scripts/avd_patch.sh', '/data/local/tmp'])
if proc.returncode != 0:
error('adb push failed!')
proc = execv([adb_path, 'push', backup, '/data/local/tmp/ramdisk.cpio.gz'])
proc = execv([adb_path, 'push', backup, '/data/local/tmp/ramdisk.cpio.tmp'])
if proc.returncode != 0:
error('adb push failed!')

2
buildSrc/build.gradle.kts
View File

@@ -25,7 +25,7 @@ tasks.withType<KotlinCompile> {
dependencies {
implementation(kotlin("gradle-plugin", "1.6.10"))
implementation("com.android.tools.build:gradle:7.1.0")
implementation("com.android.tools.build:gradle:7.1.2")
implementation("androidx.navigation:navigation-safe-args-gradle-plugin:2.5.0-alpha01")
implementation("io.michaelrocks:paranoid-gradle-plugin:0.3.7")
implementation("org.eclipse.jgit:org.eclipse.jgit:5.12.0.202106070339-r")

126
buildSrc/src/main/java/Codegen.kt
View File

@@ -74,36 +74,13 @@ fun genKeyData(keysDir: File, outSrc: File) {
}
fun genStubManifest(srcDir: File, outDir: File): String {
class Component(
val real: String,
val stub: String,
val xml: String
)
outDir.deleteRecursively()
val mainPkgDir = File(outDir, "com/topjohnwu/magisk")
mainPkgDir.mkdirs()
fun String.ind(level: Int) = replaceIndentByMargin(" ".repeat(level))
val cmpList = mutableListOf<Component>()
val cmpList = mutableListOf<String>()
cmpList.add(Component(
"androidx.core.app.CoreComponentFactory",
"DelegateComponentFactory",
""
))
cmpList.add(Component(
"com.topjohnwu.magisk.core.App",
"DelegateApplication",
""
))
cmpList.add(Component(
"com.topjohnwu.magisk.core.Provider",
"dummy.DummyProvider",
cmpList.add(
"""
|<provider
| android:name="%s"
@@ -111,11 +88,9 @@ fun genStubManifest(srcDir: File, outDir: File): String {
| android:directBootAware="true"
| android:exported="false"
| android:grantUriPermissions="true" />""".ind(2)
))
)
cmpList.add(Component(
"com.topjohnwu.magisk.core.Receiver",
"dummy.DummyReceiver",
cmpList.add(
"""
|<receiver
| android:name="%s"
@@ -124,6 +99,7 @@ fun genStubManifest(srcDir: File, outDir: File): String {
| <intent-filter>
| <action android:name="android.intent.action.LOCALE_CHANGED" />
| <action android:name="android.intent.action.UID_REMOVED" />
| <action android:name="android.intent.action.MY_PACKAGE_REPLACED" />
| </intent-filter>
| <intent-filter>
| <action android:name="android.intent.action.PACKAGE_REPLACED" />
@@ -132,11 +108,9 @@ fun genStubManifest(srcDir: File, outDir: File): String {
| <data android:scheme="package" />
| </intent-filter>
|</receiver>""".ind(2)
))
)
cmpList.add(Component(
"com.topjohnwu.magisk.ui.MainActivity",
"DownloadActivity",
cmpList.add(
"""
|<activity
| android:name="%s"
@@ -146,43 +120,38 @@ fun genStubManifest(srcDir: File, outDir: File): String {
| <category android:name="android.intent.category.LAUNCHER" />
| </intent-filter>
|</activity>""".ind(2)
))
)
cmpList.add(Component(
"com.topjohnwu.magisk.ui.surequest.SuRequestActivity",
"",
cmpList.add(
"""
|<activity
| android:name="%s"
| android:directBootAware="true"
| android:excludeFromRecents="true"
| android:exported="false"
| android:taskAffinity=""
| tools:ignore="AppLinkUrlError">
| <intent-filter>
| <action android:name="android.intent.action.VIEW"/>
| <category android:name="android.intent.category.DEFAULT"/>
| </intent-filter>
|</activity>""".ind(2)
))
)
cmpList.add(Component(
"com.topjohnwu.magisk.core.download.DownloadService",
"",
cmpList.add(
"""
|<service
| android:name="%s"
| android:exported="false" />""".trimIndent().ind(2)
))
| android:exported="false" />""".ind(2)
)
cmpList.add(Component(
"com.topjohnwu.magisk.core.JobService",
"",
cmpList.add(
"""
|<service
| android:name="%s"
| android:exported="false"
| android:permission="android.permission.BIND_JOB_SERVICE" />""".ind(2)
))
)
val names = mutableListOf<String>()
names.addAll(c1)
@@ -190,77 +159,66 @@ fun genStubManifest(srcDir: File, outDir: File): String {
names.addAll(c3.subList(0, 10))
names.shuffle(RANDOM)
// Distinct by lower case to support case insensitive file systems
val pkgNames = names.distinctBy { it.toLowerCase(Locale.ROOT) }
val pkgNames = names
// Distinct by lower case to support case insensitive file systems
.distinctBy { it.toLowerCase(Locale.ROOT) }
// Old Android does not support capitalized package names
// Check Android 7.0.0 PackageParser#buildClassName
.map { it.decapitalize(Locale.ROOT) }
var idx = 0
fun isJavaKeyword(name: String) = when (name) {
"do", "if", "for", "int", "new", "try" -> true
else -> false
}
fun genCmpName() : String {
var pkgName : String
val cmps = mutableListOf<String>()
val usedNames = mutableListOf<String>()
fun genCmpName(): String {
var pkgName: String
do {
pkgName = pkgNames[idx++]
pkgName = pkgNames.random(kRANDOM)
} while (isJavaKeyword(pkgName))
var clzName : String
var clzName: String
do {
clzName = names.random(kRANDOM)
} while (isJavaKeyword(clzName))
return "${pkgName}.${clzName}"
val cmp = "${pkgName}.${clzName}"
usedNames.add(cmp)
return cmp
}
fun genClass(clzName: String, type: String) {
fun genClass(type: String) {
val clzName = genCmpName()
val (pkg, name) = clzName.split('.')
val pkgDir = File(outDir, pkg)
pkgDir.mkdir()
pkgDir.mkdirs()
PrintStream(File(pkgDir, "$name.java")).use {
it.println("package $pkg;")
it.println("public class $name extends com.topjohnwu.magisk.$type {}")
}
}
val cmps = mutableListOf<String>()
val usedNames = mutableListOf<String>()
val maps = StringBuilder()
// Generate 2 non redirect-able classes
genClass("DelegateComponentFactory")
genClass("DelegateApplication")
for (gen in cmpList) {
val name = genCmpName()
usedNames.add(name)
maps.append("|map.put(\"$name\", \"${gen.real}\");".ind(2))
maps.append('\n')
if (gen.stub.isNotEmpty()) {
if (gen.stub != "DelegateComponentFactory") {
maps.append("|internalMap.put(\"$name\", com.topjohnwu.magisk.${gen.stub}.class);".ind(2))
maps.append('\n')
}
if (gen.stub.startsWith("Delegate")) {
genClass(name, gen.stub)
}
}
if (gen.xml.isNotEmpty()) {
cmps.add(gen.xml.format(name))
}
cmps.add(gen.format(name))
}
// Shuffle the order of the components
cmps.shuffle(RANDOM)
val xml = File(srcDir, "AndroidManifest.xml").readText()
val genXml = xml.format(usedNames[0], usedNames[1], cmps.joinToString("\n\n"))
// Write mapping information to code
val mapping = File(srcDir, "Mapping.java").readText().format(maps)
PrintStream(File(mainPkgDir, "Mapping.java")).use {
it.print(mapping)
}
return genXml
return xml.format(usedNames[0], usedNames[1], cmps.joinToString("\n\n"))
}
fun genEncryptedResources(res: InputStream, outDir: File) {
val mainPkgDir = File(outDir, "com/topjohnwu/magisk")
mainPkgDir.mkdirs()
// Generate iv and key
val iv = ByteArray(16)

2
buildSrc/src/main/java/Setup.kt
View File

@@ -188,8 +188,6 @@ fun Project.setupStub() {
val apkTmp = File("${apk}.tmp")
val genManifestTask = tasks.register("generate${variantCapped}ObfuscatedManifest") {
inputs.property("versionCode", Config.versionCode)
outputs.file(manifest)
doLast {
val xml = genStubManifest(templateDir, outSrcDir)
manifest.parentFile.mkdirs()

19
docs/releases/24200.md Normal file
View File

@@ -0,0 +1,19 @@
## 2022.3.1 Magisk v24.2
Maintenance release fixing various issues.
- [MagiskSU] Fix buffer overflow
- [MagiskSU] Fix owner managed multiuser superuser settings
- [MagiskSU] Fix command logging when using `su -c <cmd>`
- [MagiskSU] Prevent su request indefinite blocking
- [MagiskBoot] Support `lz4_legacy` archive with multiple magic
- [MagiskBoot] Fix `lz4_lg` compression
- [DenyList] Allow targeting processes running as system UID
- [Zygisk] Workaround Samsung's "early zygote"
- [Zygisk] Improved Zygisk loading mechanism
- [Zygisk] Fix application UID tracking
- [Zygisk] Fix improper `umask` being set in zygote
- [App] Fix BusyBox execution test
- [App] Improve stub loading mechanism
- [App] Major app upgrade flow improvements
- [General] Improve commandline error handling and messaging

1
docs/releases/index.md
View File

@@ -1,5 +1,6 @@
# Release Notes
- [v24.2](24200.md)
- [v24.1](24100.md)
- [v24.0](24000.md)
- [v23.0](23000.md)

8
gradle.properties
View File

@@ -27,7 +27,7 @@ android.injected.testOnly=false
android.nonTransitiveRClass=true
# Magisk
magisk.stubVersion=24
magisk.versionCode=24100
magisk.ndkVersion=21e
magisk.fullNdkVersion=21.4.7075529
magisk.stubVersion=26
magisk.versionCode=24200
magisk.ndkVersion=23b
magisk.fullNdkVersion=23.1.7779620

39
native/jni/Android.mk
View File

@@ -8,7 +8,12 @@ ifdef B_MAGISK
include $(CLEAR_VARS)
LOCAL_MODULE := magisk
LOCAL_STATIC_LIBRARIES := libnanopb libsystemproperties libutils-shared libphmap libxhook
LOCAL_STATIC_LIBRARIES := \
libutils \
libnanopb \
libsystemproperties \
libphmap \
libxhook
LOCAL_SRC_FILES := \
core/applets.cpp \
@@ -43,12 +48,14 @@ include $(BUILD_EXECUTABLE)
endif
include $(CLEAR_VARS)
ifdef B_INIT
include $(CLEAR_VARS)
LOCAL_MODULE := magiskinit
LOCAL_STATIC_LIBRARIES := libsepol libxz libutils
LOCAL_STATIC_LIBRARIES := \
libutilx \
libsepol \
libxz
LOCAL_SRC_FILES := \
init/init.cpp \
@@ -73,7 +80,15 @@ ifdef B_BOOT
include $(CLEAR_VARS)
LOCAL_MODULE := magiskboot
LOCAL_STATIC_LIBRARIES := libmincrypt liblzma liblz4 libbz2 libfdt libutils libz libzopfli
LOCAL_STATIC_LIBRARIES := \
libutilx \
libmincrypt \
liblzma \
liblz4 \
libbz2 \
libfdt \
libz \
libzopfli
LOCAL_SRC_FILES := \
magiskboot/main.cpp \
@@ -95,7 +110,9 @@ ifdef B_POLICY
include $(CLEAR_VARS)
LOCAL_MODULE := magiskpolicy
LOCAL_STATIC_LIBRARIES := libsepol libutils
LOCAL_STATIC_LIBRARIES := \
libutilx \
libsepol
LOCAL_SRC_FILES := \
core/applet_stub.cpp \
@@ -115,7 +132,10 @@ ifdef B_PROP
include $(CLEAR_VARS)
LOCAL_MODULE := resetprop
LOCAL_STATIC_LIBRARIES := libnanopb libsystemproperties libutils
LOCAL_STATIC_LIBRARIES := \
libutilx \
libnanopb \
libsystemproperties
LOCAL_SRC_FILES := \
core/applet_stub.cpp \
@@ -133,7 +153,10 @@ ifneq (,$(wildcard jni/test.cpp))
include $(CLEAR_VARS)
LOCAL_MODULE := test
LOCAL_STATIC_LIBRARIES := libutils-shared libphmap
LOCAL_STATIC_LIBRARIES := \
libutils \
libphmap
LOCAL_SRC_FILES := test.cpp
include $(BUILD_EXECUTABLE)

13
native/jni/Application.mk
View File

@@ -1,24 +1,21 @@
APP_ABI := armeabi-v7a arm64-v8a x86 x86_64
APP_CFLAGS := -Wall -Oz -fomit-frame-pointer -flto
APP_LDFLAGS := -flto
APP_CPPFLAGS := -std=c++17
APP_CPPFLAGS := -std=c++20
APP_STL := none
APP_PLATFORM := android-21
APP_THIN_ARCHIVE := true
APP_STRIP_MODE := --strip-all
ifneq ($(TARGET_ARCH),arm64)
ifneq ($(TARGET_ARCH),x86_64)
ifndef B_SHARED
# Disable fortify on static 32-bit targets
APP_CFLAGS += -D_FORTIFY_SOURCE=0 -Wno-macro-redefined
endif
endif
# Fix static variables' ctor/dtor when using LTO
# See: https://github.com/android/ndk/issues/1461
APP_LDFLAGS += -T jni/lto_fix.lds
endif
# Busybox should use stock libc.a
ifdef B_BB
APP_PLATFORM := android-22
APP_PLATFORM := android-24
ifeq ($(OS),Windows_NT)
APP_SHORT_COMMANDS := true
endif

11
native/jni/core/applets.cpp
View File

@@ -21,20 +21,23 @@ static int call_applet(int argc, char *argv[]) {
return (*applet_mains[i])(argc, argv);
}
}
if (str_starts(base, "app_process")) {
return app_process_main(argc, argv);
}
fprintf(stderr, "%s: applet not found\n", base.data());
return 1;
}
int main(int argc, char *argv[]) {
umask(0);
enable_selinux();
cmdline_logging();
init_argv0(argc, argv);
string_view base = basename(argv[0]);
// app_process is actually not an applet
if (str_starts(base, "app_process")) {
return app_process_main(argc, argv);
}
umask(0);
if (base == "magisk" || base == "magisk32" || base == "magisk64") {
if (argc > 1 && argv[1][0] != '-') {
// Calling applet via magisk [applet] args

78
native/jni/core/bootstages.cpp
View File

@@ -25,22 +25,36 @@ bool zygisk_enabled = false;
*********/
#define MNT_DIR_IS(dir) (me->mnt_dir == string_view(dir))
#define MNT_TYPE_IS(type) (me->mnt_type == string_view(type))
#define SETMIR(b, part) snprintf(b, sizeof(b), "%s/" MIRRDIR "/" #part, MAGISKTMP.data())
#define SETBLK(b, part) snprintf(b, sizeof(b), "%s/" BLOCKDIR "/" #part, MAGISKTMP.data())
#define do_mount_mirror(part, flag) {\
SETMIR(buf1, part); \
SETBLK(buf2, part); \
unlink(buf2); \
#define do_mount_mirror(part) { \
SETMIR(buf1, part); \
SETBLK(buf2, part); \
unlink(buf2); \
mknod(buf2, S_IFBLK | 0600, st.st_dev); \
xmkdir(buf1, 0755); \
xmount(buf2, buf1, me->mnt_type, flag, nullptr); \
LOGI("mount: %s\n", buf1); \
xmkdir(buf1, 0755); \
int flags = 0; \
auto opts = split_ro(me->mnt_opts, ",");\
for (string_view s : opts) { \
if (s == "ro") { \
flags |= MS_RDONLY; \
break; \
} \
} \
xmount(buf2, buf1, me->mnt_type, flags, nullptr); \
LOGI("mount: %s\n", buf1); \
}
#define mount_mirror(part, flag) \
else if (MNT_DIR_IS("/" #part) && me->mnt_type != "tmpfs"sv && me->mnt_type != "overlay"sv && lstat(me->mnt_dir, &st) == 0) \
do_mount_mirror(part, flag)
#define mount_mirror(part) \
if (MNT_DIR_IS("/" #part) \
&& !MNT_TYPE_IS("tmpfs") \
&& !MNT_TYPE_IS("overlay") \
&& lstat(me->mnt_dir, &st) == 0) { \
do_mount_mirror(part); \
break; \
}
#define link_mirror(part) \
SETMIR(buf1, part); \
@@ -50,11 +64,12 @@ if (access("/system/" #part, F_OK) == 0 && access(buf1, F_OK) != 0) { \
}
#define link_orig_dir(dir, part) \
else if (MNT_DIR_IS(dir) && me->mnt_type != "tmpfs"sv && me->mnt_type != "overlay"sv) { \
SETMIR(buf1, part); \
rmdir(buf1); \
xsymlink(dir, buf1); \
LOGI("link: %s\n", buf1); \
if (MNT_DIR_IS(dir) && !MNT_TYPE_IS("tmpfs") && !MNT_TYPE_IS("overlay")) { \
SETMIR(buf1, part); \
rmdir(buf1); \
xsymlink(dir, buf1); \
LOGI("link: %s\n", buf1); \
break; \
}
#define link_orig(part) link_orig_dir("/" #part, part)
@@ -66,20 +81,22 @@ static void mount_mirrors() {
LOGI("* Mounting mirrors\n");
parse_mnt("/proc/mounts", [&](mntent *me) {
struct stat st;
if (0) {}
mount_mirror(system, MS_RDONLY)
mount_mirror(vendor, MS_RDONLY)
mount_mirror(product, MS_RDONLY)
mount_mirror(system_ext, MS_RDONLY)
mount_mirror(data, 0)
link_orig(cache)
link_orig(metadata)
link_orig(persist)
link_orig_dir("/mnt/vendor/persist", persist)
else if (SDK_INT >= 24 && MNT_DIR_IS("/proc") && !strstr(me->mnt_opts, "hidepid=2")) {
xmount(nullptr, "/proc", nullptr, MS_REMOUNT, "hidepid=2,gid=3009");
}
struct stat st{};
do {
mount_mirror(system)
mount_mirror(vendor)
mount_mirror(product)
mount_mirror(system_ext)
mount_mirror(data)
link_orig(cache)
link_orig(metadata)
link_orig(persist)
link_orig_dir("/mnt/vendor/persist", persist)
if (SDK_INT >= 24 && MNT_DIR_IS("/proc") && !strstr(me->mnt_opts, "hidepid=2")) {
xmount(nullptr, "/proc", nullptr, MS_REMOUNT, "hidepid=2,gid=3009");
break;
}
} while (false);
return true;
});
SETMIR(buf1, system);
@@ -89,7 +106,7 @@ static void mount_mirrors() {
parse_mnt("/proc/mounts", [&](mntent *me) {
struct stat st;
if (MNT_DIR_IS("/") && me->mnt_type != "rootfs"sv && stat("/", &st) == 0) {
do_mount_mirror(system_root, MS_RDONLY)
do_mount_mirror(system_root)
return false;
}
return true;
@@ -256,6 +273,7 @@ static bool check_key_combo() {
***********************/
static pthread_mutex_t stage_lock = PTHREAD_MUTEX_INITIALIZER;
extern int disable_deny();
void post_fs_data(int client) {
// ack

140
native/jni/core/daemon.cpp
View File

@@ -86,20 +86,20 @@ void clear_poll() {
static void poll_ctrl_handler(pollfd *pfd) {
int code = read_int(pfd->fd);
switch (code) {
case POLL_CTRL_NEW: {
pollfd new_fd;
poll_callback cb;
xxread(pfd->fd, &new_fd, sizeof(new_fd));
xxread(pfd->fd, &cb, sizeof(cb));
register_poll(&new_fd, cb);
break;
}
case POLL_CTRL_RM: {
int fd = read_int(pfd->fd);
bool auto_close = read_int(pfd->fd);
unregister_poll(fd, auto_close);
break;
}
case POLL_CTRL_NEW: {
pollfd new_fd;
poll_callback cb;
xxread(pfd->fd, &new_fd, sizeof(new_fd));
xxread(pfd->fd, &cb, sizeof(cb));
register_poll(&new_fd, cb);
break;
}
case POLL_CTRL_RM: {
int fd = read_int(pfd->fd);
bool auto_close = read_int(pfd->fd);
unregister_poll(fd, auto_close);
break;
}
}
}
@@ -135,59 +135,60 @@ static void poll_ctrl_handler(pollfd *pfd) {
static void handle_request_async(int client, int code, const sock_cred &cred) {
switch (code) {
case DENYLIST:
case MainRequest::DENYLIST:
denylist_handler(client, &cred);
break;
case SUPERUSER:
case MainRequest::SUPERUSER:
su_daemon_handler(client, &cred);
break;
case POST_FS_DATA:
case MainRequest::POST_FS_DATA:
post_fs_data(client);
break;
case LATE_START:
case MainRequest::LATE_START:
late_start(client);
break;
case BOOT_COMPLETE:
case MainRequest::BOOT_COMPLETE:
boot_complete(client);
break;
case SQLITE_CMD:
case MainRequest::SQLITE_CMD:
exec_sql(client);
break;
case REMOVE_MODULES:
case MainRequest::REMOVE_MODULES:
remove_modules();
write_int(client, 0);
close(client);
reboot();
break;
case ZYGISK_REQUEST:
case ZYGISK_PASSTHROUGH:
case MainRequest::ZYGISK:
case MainRequest::ZYGISK_PASSTHROUGH:
zygisk_handler(client, &cred);
break;
default:
close(client);
break;
__builtin_unreachable();
}
}
static void handle_request_sync(int client, int code) {
switch (code) {
case CHECK_VERSION:
case MainRequest::CHECK_VERSION:
write_string(client, MAGISK_VERSION ":MAGISK");
break;
case CHECK_VERSION_CODE:
case MainRequest::CHECK_VERSION_CODE:
write_int(client, MAGISK_VER_CODE);
break;
case GET_PATH:
case MainRequest::GET_PATH:
write_string(client, MAGISKTMP.data());
break;
case START_DAEMON:
case MainRequest::START_DAEMON:
setup_logfile(true);
break;
case STOP_DAEMON:
case MainRequest::STOP_DAEMON:
denylist_handler(-1, nullptr);
write_int(client, 0);
// Terminate the daemon!
exit(0);
default:
__builtin_unreachable();
}
}
@@ -195,7 +196,7 @@ static bool is_client(pid_t pid) {
// Verify caller is the same as server
char path[32];
sprintf(path, "/proc/%d/exe", pid);
struct stat st;
struct stat st{};
return !(stat(path, &st) || st.st_dev != self_st.st_dev || st.st_ino != self_st.st_ino);
}
@@ -208,52 +209,64 @@ static void handle_request(pollfd *pfd) {
bool is_zygote;
int code;
if (!get_client_cred(client, &cred))
if (!get_client_cred(client, &cred)) {
// Client died
goto done;
}
is_root = cred.uid == UID_ROOT;
is_zygote = cred.context == "u:r:zygote:s0";
if (!is_root && !is_zygote && !is_client(cred.pid))
if (!is_root && !is_zygote && !is_client(cred.pid)) {
// Unsupported client state
write_int(client, MainResponse::ACCESS_DENIED);
goto done;
}
code = read_int(client);
if (code < 0 || (code & DAEMON_CODE_MASK) >= DAEMON_CODE_END)
if (code < 0 || code >= MainRequest::END || code == MainRequest::_SYNC_BARRIER_) {
// Unknown request code
goto done;
}
// Check client permissions
switch (code) {
case POST_FS_DATA:
case LATE_START:
case BOOT_COMPLETE:
case SQLITE_CMD:
case GET_PATH:
case DENYLIST:
case STOP_DAEMON:
case MainRequest::POST_FS_DATA:
case MainRequest::LATE_START:
case MainRequest::BOOT_COMPLETE:
case MainRequest::SQLITE_CMD:
case MainRequest::GET_PATH:
case MainRequest::DENYLIST:
case MainRequest::STOP_DAEMON:
if (!is_root) {
write_int(client, ROOT_REQUIRED);
write_int(client, MainResponse::ROOT_REQUIRED);
goto done;
}
break;
case REMOVE_MODULES:
case MainRequest::REMOVE_MODULES:
if (!is_root && cred.uid != UID_SHELL) {
write_int(client, 1);
write_int(client, MainResponse::ACCESS_DENIED);
goto done;
}
break;
case ZYGISK_REQUEST:
case MainRequest::ZYGISK:
if (!is_zygote) {
write_int(client, DAEMON_ERROR);
// Invalid client context
write_int(client, MainResponse::ACCESS_DENIED);
goto done;
}
break;
default:
break;
}
if (code & SYNC_FLAG) {
write_int(client, MainResponse::OK);
if (code < MainRequest::_SYNC_BARRIER_) {
handle_request_sync(client, code);
goto done;
}
// Handle complex requests in another thread
// Handle async requests in another thread
exec_task([=] { handle_request_async(client, code, cred); });
return;
@@ -308,9 +321,11 @@ static void daemon_entry() {
// Escape from cgroup
int pid = getpid();
switch_cgroup("/acct", pid);
switch_cgroup("/dev/memcg/apps", pid);
switch_cgroup("/dev/cg2_bpf", pid);
switch_cgroup("/sys/fs/cgroup", pid);
if (getprop("ro.config.per_app_memcg") != "false") {
switch_cgroup("/dev/memcg/apps", pid);
}
// Get self stat
char buf[64];
@@ -374,7 +389,7 @@ static void daemon_entry() {
sockaddr_un sun{};
socklen_t len = setup_sockaddr(&sun, MAIN_SOCKET);
fd = xsocket(AF_LOCAL, SOCK_STREAM | SOCK_CLOEXEC, 0);
if (xbind(fd, (sockaddr*) &sun, len))
if (xbind(fd, (sockaddr *) &sun, len))
exit(1);
xlisten(fd, 10);
@@ -389,11 +404,11 @@ static void daemon_entry() {
poll_loop();
}
int connect_daemon(bool create) {
int connect_daemon(int req, bool create) {
sockaddr_un sun{};
socklen_t len = setup_sockaddr(&sun, MAIN_SOCKET);
int fd = xsocket(AF_UNIX, SOCK_STREAM | SOCK_CLOEXEC, 0);
if (connect(fd, (sockaddr*) &sun, len)) {
if (connect(fd, (sockaddr *) &sun, len)) {
if (!create || getuid() != UID_ROOT) {
LOGE("No daemon is currently running!\n");
close(fd);
@@ -405,8 +420,27 @@ int connect_daemon(bool create) {
daemon_entry();
}
while (connect(fd, (struct sockaddr*) &sun, len))
while (connect(fd, (struct sockaddr *) &sun, len))
usleep(10000);
}
write_int(fd, req);
int res = read_int(fd);
if (res < MainResponse::ERROR || res >= MainResponse::END)
res = MainResponse::ERROR;
switch (res) {
case MainResponse::OK:
break;
case MainResponse::ERROR:
LOGE("Daemon error\n");
exit(-1);
case MainResponse::ROOT_REQUIRED:
LOGE("Root is required for this operation\n");
exit(-1);
case MainResponse::ACCESS_DENIED:
LOGE("Access denied\n");
exit(-1);
default:
__builtin_unreachable();
}
return fd;
}

35
native/jni/core/magisk.cpp
View File

@@ -56,14 +56,12 @@ int magisk_main(int argc, char *argv[]) {
printf(MAGISK_VERSION ":MAGISK (" str(MAGISK_VER_CODE) ")\n");
return 0;
} else if (argv[1] == "-v"sv) {
int fd = connect_daemon();
write_int(fd, CHECK_VERSION);
int fd = connect_daemon(MainRequest::CHECK_VERSION);
string v = read_string(fd);
printf("%s\n", v.data());
return 0;
} else if (argv[1] == "-V"sv) {
int fd = connect_daemon();
write_int(fd, CHECK_VERSION_CODE);
int fd = connect_daemon(MainRequest::CHECK_VERSION_CODE);
printf("%d\n", read_int(fd));
return 0;
} else if (argv[1] == "--list"sv) {
@@ -76,37 +74,32 @@ int magisk_main(int argc, char *argv[]) {
} else if (argv[1] == "--restorecon"sv) {
restorecon();
return 0;
} else if (argc >= 4 && argv[1] == "--clone-attr"sv) {;
} else if (argc >= 4 && argv[1] == "--clone-attr"sv) {
clone_attr(argv[2], argv[3]);
return 0;
} else if (argc >= 4 && argv[1] == "--clone"sv) {
cp_afc(argv[2], argv[3]);
return 0;
} else if (argv[1] == "--daemon"sv) {
int fd = connect_daemon(true);
write_int(fd, START_DAEMON);
int fd = connect_daemon(MainRequest::START_DAEMON, true);
close(fd);
return 0;
} else if (argv[1] == "--stop"sv) {
int fd = connect_daemon();
write_int(fd, STOP_DAEMON);
int fd = connect_daemon(MainRequest::STOP_DAEMON);
return read_int(fd);
} else if (argv[1] == "--post-fs-data"sv) {
int fd = connect_daemon(true);
write_int(fd, POST_FS_DATA);
int fd = connect_daemon(MainRequest::POST_FS_DATA, true);
return read_int(fd);
} else if (argv[1] == "--service"sv) {
int fd = connect_daemon(true);
write_int(fd, LATE_START);
int fd = connect_daemon(MainRequest::LATE_START, true);
return read_int(fd);
} else if (argv[1] == "--boot-complete"sv) {
int fd = connect_daemon(true);
write_int(fd, BOOT_COMPLETE);
int fd = connect_daemon(MainRequest::BOOT_COMPLETE, true);
return read_int(fd);
} else if (argv[1] == "--denylist"sv) {
return denylist_cli(argc - 1, argv + 1);
}else if (argc >= 3 && argv[1] == "--sqlite"sv) {
int fd = connect_daemon();
write_int(fd, SQLITE_CMD);
} else if (argc >= 3 && argv[1] == "--sqlite"sv) {
int fd = connect_daemon(MainRequest::SQLITE_CMD);
write_string(fd, argv[2]);
string res;
for (;;) {
@@ -116,12 +109,10 @@ int magisk_main(int argc, char *argv[]) {
printf("%s\n", res.data());
}
} else if (argv[1] == "--remove-modules"sv) {
int fd = connect_daemon();
write_int(fd, REMOVE_MODULES);
int fd = connect_daemon(MainRequest::REMOVE_MODULES);
return read_int(fd);
} else if (argv[1] == "--path"sv) {
int fd = connect_daemon();
write_int(fd, GET_PATH);
int fd = connect_daemon(MainRequest::GET_PATH);
string path = read_string(fd);
printf("%s\n", path.data());
return 0;

20
native/jni/core/restorecon.cpp
View File

@@ -15,7 +15,6 @@ using namespace std;
static void restore_syscon(int dirfd) {
struct dirent *entry;
DIR *dir;
char *con;
if (fgetfilecon(dirfd, &con) >= 0) {
@@ -24,11 +23,12 @@ static void restore_syscon(int dirfd) {
freecon(con);
}
dir = xfdopendir(dirfd);
while ((entry = xreaddir(dir))) {
auto dir = xopen_dir(dirfd);
while ((entry = xreaddir(dir.get()))) {
int fd = openat(dirfd, entry->d_name, O_RDONLY | O_CLOEXEC);
if (entry->d_type == DT_DIR) {
restore_syscon(fd);
continue;
} else if (entry->d_type == DT_REG) {
if (fgetfilecon(fd, &con) >= 0) {
if (con[0] == '\0' || strcmp(con, UNLABEL_CON) == 0 || strcmp(con, ADB_CON) == 0)
@@ -47,16 +47,16 @@ static void restore_syscon(int dirfd) {
static void restore_magiskcon(int dirfd) {
struct dirent *entry;
DIR *dir;
fsetfilecon(dirfd, MAGISK_CON);
fchown(dirfd, 0, 0);
dir = xfdopendir(dirfd);
while ((entry = xreaddir(dir))) {
auto dir = xopen_dir(dirfd);
while ((entry = xreaddir(dir.get()))) {
int fd = xopenat(dirfd, entry->d_name, O_RDONLY | O_CLOEXEC);
if (entry->d_type == DT_DIR) {
restore_magiskcon(fd);
continue;
} else if (entry->d_type) {
fsetfilecon(fd, MAGISK_CON);
fchown(fd, 0, 0);
@@ -71,12 +71,8 @@ void restorecon() {
lsetfilecon(SECURE_DIR, ADB_CON);
close(fd);
lsetfilecon(MODULEROOT, SYSTEM_CON);
fd = xopen(MODULEROOT, O_RDONLY | O_CLOEXEC);
restore_syscon(fd);
close(fd);
fd = xopen(DATABIN, O_RDONLY | O_CLOEXEC);
restore_magiskcon(fd);
close(fd);
restore_syscon(xopen(MODULEROOT, O_RDONLY | O_CLOEXEC));
restore_magiskcon(xopen(DATABIN, O_RDONLY | O_CLOEXEC));
}
void restore_tmpcon() {

7
native/jni/external/Android.mk vendored
View File

@@ -191,7 +191,6 @@ LOCAL_SRC_FILES := \
selinux/libsepol/src/context.c \
selinux/libsepol/src/context_record.c \
selinux/libsepol/src/debug.c \
selinux/libsepol/src/deprecated_funcs.c \
selinux/libsepol/src/ebitmap.c \
selinux/libsepol/src/expand.c \
selinux/libsepol/src/handle.c \
@@ -217,9 +216,9 @@ LOCAL_SRC_FILES := \
selinux/libsepol/src/policydb.c \
selinux/libsepol/src/policydb_convert.c \
selinux/libsepol/src/policydb_public.c \
selinux/libsepol/src/policydb_validate.c \
selinux/libsepol/src/port_record.c \
selinux/libsepol/src/ports.c \
selinux/libsepol/src/roles.c \
selinux/libsepol/src/services.c \
selinux/libsepol/src/sidtab.c \
selinux/libsepol/src/symtab.c \
@@ -246,7 +245,9 @@ LOCAL_SRC_FILES := \
selinux/libsepol/cil/src/cil_strpool.c \
selinux/libsepol/cil/src/cil_symtab.c \
selinux/libsepol/cil/src/cil_tree.c \
selinux/libsepol/cil/src/cil_verify.c
selinux/libsepol/cil/src/cil_verify.c \
selinux/libsepol/cil/src/cil_write_ast.c
LOCAL_CFLAGS := -Dgetline=__getline -Wno-implicit-function-declaration
include $(BUILD_STATIC_LIBRARY)

2
native/jni/external/busybox vendored

Submodule native/jni/external/busybox updated: c4f0c98aeb...e68ef09273

2
native/jni/external/libcxx vendored

Submodule native/jni/external/libcxx updated: b74fd5905f...0aa67c3ffe

2
native/jni/external/selinux vendored

Submodule native/jni/external/selinux updated: 969114cff6...d0f582372b

8
native/jni/external/systemproperties/prop_area.cpp vendored
View File

@@ -384,21 +384,21 @@ bool prop_area::prune_node(prop_bt * const node) {
bool is_leaf = true;
if (atomic_load_explicit(&node->children, memory_order_relaxed) != 0) {
if (prune_node(to_prop_bt(&node->children))) {
atomic_store_explicit(&node->children, 0, memory_order_release);
atomic_store_explicit(&node->children, 0u, memory_order_release);
} else {
is_leaf = false;
}
}
if (atomic_load_explicit(&node->left, memory_order_relaxed) != 0) {
if (prune_node(to_prop_bt(&node->left))) {
atomic_store_explicit(&node->left, 0, memory_order_release);
atomic_store_explicit(&node->left, 0u, memory_order_release);
} else {
is_leaf = false;
}
}
if (atomic_load_explicit(&node->right, memory_order_relaxed) != 0) {
if (prune_node(to_prop_bt(&node->right))) {
atomic_store_explicit(&node->right, 0, memory_order_release);
atomic_store_explicit(&node->right, 0u, memory_order_release);
} else {
is_leaf = false;
}
@@ -425,7 +425,7 @@ bool prop_area::rm(const char *name, bool trim_node) {
}
// De-reference the existing property ASAP
atomic_store_explicit(&node->prop, 0, memory_order_release);
atomic_store_explicit(&node->prop, 0u, memory_order_release);
if (info) {
// Wipe out the old info

39
native/jni/include/daemon.hpp
View File

@@ -9,38 +9,40 @@
#include <socket.hpp>
// Daemon command code flags/masks
enum : int {
SYNC_FLAG = (1 << 30),
DAEMON_CODE_MASK = std::numeric_limits<int>::max() >> 1
};
// Daemon command codes
namespace MainRequest {
enum : int {
START_DAEMON = SYNC_FLAG | 0,
CHECK_VERSION = SYNC_FLAG | 1,
CHECK_VERSION_CODE = SYNC_FLAG | 2,
GET_PATH = SYNC_FLAG | 3,
STOP_DAEMON = SYNC_FLAG | 4,
SUPERUSER = 5,
START_DAEMON,
CHECK_VERSION,
CHECK_VERSION_CODE,
GET_PATH,
STOP_DAEMON,
_SYNC_BARRIER_,
SUPERUSER,
POST_FS_DATA,
LATE_START,
BOOT_COMPLETE,
DENYLIST,
SQLITE_CMD,
REMOVE_MODULES,
ZYGISK_REQUEST,
ZYGISK,
ZYGISK_PASSTHROUGH,
DAEMON_CODE_END,
END,
};
}
// Return codes for daemon
namespace MainResponse {
enum : int {
DAEMON_ERROR = -1,
DAEMON_SUCCESS = 0,
ERROR = -1,
OK = 0,
ROOT_REQUIRED,
DAEMON_LAST
ACCESS_DENIED,
END
};
}
struct module_info {
std::string name;
@@ -55,7 +57,7 @@ extern int app_process_32;
extern int app_process_64;
extern std::vector<module_info> *module_list;
int connect_daemon(bool create = false);
int connect_daemon(int req, bool create = false);
// Poll control
using poll_callback = void(*)(pollfd*);
@@ -81,5 +83,4 @@ void zygisk_handler(int client, const sock_cred *cred);
// Denylist
void initialize_denylist();
int disable_deny();
int denylist_cli(int argc, char **argv);

8
native/jni/init/rootdir.cpp
View File

@@ -31,6 +31,12 @@ static void patch_init_rc(const char *src, const char *dest, const char *tmp_dir
fprintf(rc, "service flash_recovery /system/bin/xxxxx\n");
return true;
}
// Samsung's persist.sys.zygote.early will start zygotes before actual post-fs-data phase
if (str_starts(line, "on property:persist.sys.zygote.early=")) {
LOGD("Invalidate persist.sys.zygote.early\n");
fprintf(rc, "on property:persist.sys.zygote.early.xxxxx=true\n");
return true;
}
// Else just write the line
fprintf(rc, "%s", line.data());
return true;
@@ -234,7 +240,7 @@ void SARBase::patch_rootdir() {
make_pair(SPLIT_PLAT_CIL, "xxx"), /* Force loading monolithic sepolicy */
make_pair(MONOPOLICY, sepol) /* Redirect /sepolicy to custom path */
});
if (avd_hack) {
if constexpr (avd_hack) {
// Force disable early mount on original init
init.patch({ make_pair("android,fstab", "xxx") });
}

8
native/jni/init/twostage.cpp
View File

@@ -1,11 +1,3 @@
// Force using legacy_signal_inlines.h
#define __ANDROID_API_BACKUP__ __ANDROID_API__
#undef __ANDROID_API__
#define __ANDROID_API__ 20
#include <android/legacy_signal_inlines.h>
#undef __ANDROID_API__
#define __ANDROID_API__ __ANDROID_API_BACKUP__
#include <sys/mount.h>
#include <map>
#include <set>

12
native/jni/lto_fix.lds Normal file
View File

@@ -0,0 +1,12 @@
SECTIONS {
.init_array : {
*(SORT_BY_INIT_PRIORITY(.init_array.*))
*(EXCLUDE_FILE(*crtend_android.o) .init_array)
}
} INSERT AFTER .fini_array;
SECTIONS {
.fini_array : {
*(SORT_BY_INIT_PRIORITY(.fini_array.*))
*(EXCLUDE_FILE(*crtend_android.o) .fini_array)
}
} INSERT BEFORE .init_array;

22
native/jni/magiskboot/compress.cpp
View File

@@ -438,7 +438,11 @@ public:
~LZ4F_encoder() override {
size_t len = LZ4F_compressEnd(ctx, out_buf, outCapacity, nullptr);
bwrite(out_buf, len);
if (LZ4F_isError(len)) {
LOGE("LZ4F end of frame error: %s\n", LZ4F_getErrorName(len));
} else if (!bwrite(out_buf, len)) {
LOGE("LZ4F end of frame error: I/O error\n");
}
LZ4F_freeCompressionContext(ctx);
delete[] out_buf;
}
@@ -454,7 +458,7 @@ private:
class LZ4_decoder : public chunk_out_stream {
public:
explicit LZ4_decoder(stream_ptr &&base) :
chunk_out_stream(std::move(base), LZ4_COMPRESSED, sizeof(block_sz) + 4),
chunk_out_stream(std::move(base), LZ4_COMPRESSED, sizeof(block_sz)),
out_buf(new char[LZ4_UNCOMPRESSED]), block_sz(0) {}
~LZ4_decoder() override {
@@ -471,12 +475,14 @@ protected:
auto in = reinterpret_cast<const char *>(buf);
if (block_sz == 0) {
if (chunk_sz == sizeof(block_sz) + 4) {
// Skip the first 4 bytes, which is magic
memcpy(&block_sz, in + 4, sizeof(block_sz));
} else {
memcpy(&block_sz, in, sizeof(block_sz));
memcpy(&block_sz, in, sizeof(block_sz));
if (block_sz == 0x184C2102) {
// This is actually the lz4 magic, read the next 4 bytes
block_sz = 0;
chunk_sz = sizeof(block_sz);
return true;
}
// Read the next block chunk
chunk_sz = block_sz;
return true;
} else {
@@ -520,7 +526,7 @@ protected:
return false;
}
if (bwrite(&block_sz, sizeof(block_sz)) && bwrite(out_buf, block_sz)) {
in_total += sizeof(block_sz) + block_sz;
in_total += len;
return true;
}
return false;

2
native/jni/magiskpolicy/policydb.cpp
View File

@@ -110,7 +110,7 @@ sepolicy *sepolicy::compile_split() {
#if MAGISK_DEBUG
cil_set_log_level(CIL_INFO);
#endif
cil_set_log_handler(+[](int lvl, char* msg) {
cil_set_log_handler(+[](int lvl, const char *msg) {
if (lvl == CIL_ERR) {
LOGE("cil: %s", msg);
} else if (lvl == CIL_WARN) {

109
native/jni/su/connect.cpp
View File

@@ -7,13 +7,9 @@
#include "su.hpp"
#include "daemon.hpp"
using namespace std;
extern int SDK_INT;
enum {
NAMED_ACTIVITY,
PKG_ACTIVITY,
CONTENT_PROVIDER
};
using namespace std;
#define CALL_PROVIDER \
exe, "/system/bin", "com.android.commands.content.Content", \
@@ -26,12 +22,10 @@ exe, "/system/bin", "com.android.commands.am.Am", \
// 0x18000020 = FLAG_ACTIVITY_NEW_TASK|FLAG_ACTIVITY_MULTIPLE_TASK|FLAG_INCLUDE_STOPPED_PACKAGES
#define get_user(info) \
(info->cfg[SU_MULTIUSER_MODE] == MULTIUSER_MODE_USER \
? info->uid / 100000 : 0)
#define get_cmd(to) \
(to.command.empty() ? (to.shell.empty() ? DEFAULT_SHELL : to.shell.data()) : to.command.data())
((to).command.empty() ? \
((to).shell.empty() ? DEFAULT_SHELL : (to).shell.data()) : \
(to).command.data())
class Extra {
const char *key;
@@ -45,47 +39,62 @@ class Extra {
bool bool_val;
const char *str_val;
};
char buf[32];
string str;
public:
Extra(const char *k, int v): key(k), type(INT), int_val(v) {}
Extra(const char *k, bool v): key(k), type(BOOL), bool_val(v) {}
Extra(const char *k, const char *v): key(k), type(STRING), str_val(v) {}
void add_intent(vector<const char *> &vec) {
char buf[32];
const char *val;
switch (type) {
case INT:
vec.push_back("--ei");
sprintf(buf, "%d", int_val);
val = buf;
break;
case BOOL:
vec.push_back("--ez");
val = bool_val ? "true" : "false";
break;
case STRING:
vec.push_back("--es");
val = str_val;
break;
case INT:
vec.push_back("--ei");
snprintf(buf, sizeof(buf), "%d", int_val);
str = buf;
val = str.data();
break;
case BOOL:
vec.push_back("--ez");
val = bool_val ? "true" : "false";
break;
case STRING:
vec.push_back("--es");
val = str_val;
break;
}
vec.push_back(key);
vec.push_back(val);
}
void add_bind(vector<const char *> &vec) {
char buf[32];
str = key;
switch (type) {
case INT:
sprintf(buf, "%s:i:%d", key, int_val);
break;
case BOOL:
sprintf(buf, "%s:b:%s", key, bool_val ? "true" : "false");
break;
case STRING:
sprintf(buf, "%s:s:%s", key, str_val);
break;
case INT:
str += ":i:";
snprintf(buf, sizeof(buf), "%d", int_val);
str += buf;
break;
case BOOL:
str += ":b:";
str += bool_val ? "true" : "false";
break;
case STRING:
str += ":s:";
if (SDK_INT >= 30) {
string tmp = str_val;
replace_all(tmp, "\\", "\\\\");
replace_all(tmp, ":", "\\:");
str += tmp;
} else {
str += str_val;
}
break;
}
vec.push_back("--extra");
vec.push_back(buf);
vec.push_back(str.data());
}
};
@@ -100,11 +109,11 @@ static bool check_no_error(int fd) {
}
static void exec_cmd(const char *action, vector<Extra> &data,
const shared_ptr<su_info> &info, int mode = CONTENT_PROVIDER) {
const shared_ptr<su_info> &info, bool provider = true) {
char exe[128];
char target[128];
char user[4];
snprintf(user, sizeof(user), "%d", get_user(info));
snprintf(user, sizeof(user), "%d", to_user_id(info->eval_uid));
if (zygisk_enabled) {
#if defined(__LP64__)
@@ -117,8 +126,8 @@ static void exec_cmd(const char *action, vector<Extra> &data,
}
// First try content provider call method
if (mode >= CONTENT_PROVIDER) {
sprintf(target, "content://%s.provider", info->mgr_pkg.data());
if (provider) {
snprintf(target, sizeof(target), "content://%s.provider", info->mgr_pkg.data());
vector<const char *> args{ CALL_PROVIDER };
for (auto &e : data) {
e.add_bind(args);
@@ -147,17 +156,15 @@ static void exec_cmd(const char *action, vector<Extra> &data,
.argv = args.data()
};
if (mode >= PKG_ACTIVITY) {
// Then try start activity without component name
strcpy(target, info->mgr_pkg.data());
exec_command_sync(exec);
if (check_no_error(exec.fd))
return;
}
// Then try start activity without package name
strlcpy(target, info->mgr_pkg.data(), sizeof(target));
exec_command_sync(exec);
if (check_no_error(exec.fd))
return;
// Finally, fallback to start activity with component name
args[4] = "-n";
sprintf(target, "%s/.ui.surequest.SuRequestActivity", info->mgr_pkg.data());
snprintf(target, sizeof(target), "%s/.ui.surequest.SuRequestActivity", info->mgr_pkg.data());
exec.fd = -2;
exec.fork = fork_dont_care;
exec_command(exec);
@@ -204,14 +211,14 @@ int app_request(const shared_ptr<su_info> &info) {
vector<Extra> extras;
extras.reserve(2);
extras.emplace_back("fifo", fifo);
extras.emplace_back("uid", info->uid);
exec_cmd("request", extras, info, PKG_ACTIVITY);
extras.emplace_back("uid", info->eval_uid);
exec_cmd("request", extras, info, false);
// Wait for data input for at most 70 seconds
int fd = xopen(fifo, O_RDONLY | O_CLOEXEC);
int fd = xopen(fifo, O_RDONLY | O_CLOEXEC | O_NONBLOCK);
struct pollfd pfd = {
.fd = fd,
.events = POLL_IN
.events = POLLIN
};
if (xpoll(&pfd, 1, 70 * 1000) <= 0) {
close(fd);

5
native/jni/su/su.cpp
View File

@@ -159,10 +159,7 @@ int su_client_main(int argc, char *argv[]) {
int ptmx, fd;
// Connect to client
fd = connect_daemon();
// Tell the daemon we are su
write_int(fd, SUPERUSER);
fd = connect_daemon(MainRequest::SUPERUSER);
// Send su_request
xwrite(fd, &su_req, sizeof(su_req_base));

21
native/jni/su/su.hpp
View File

@@ -15,26 +15,29 @@
class su_info {
public:
/* Unique key */
// Unique key
const int uid;
/* These should be guarded with internal lock */
// These should be guarded with internal lock
int eval_uid; // The effective UID, taking multiuser settings into consideration
db_settings cfg;
su_access access;
std::string mgr_pkg;
struct stat mgr_st;
void check_db();
/* This should be guarded with global cache lock */
long timestamp;
su_info(unsigned uid = 0);
~su_info();
mutex_guard lock();
// These should be guarded with global cache lock
bool is_fresh();
void refresh();
su_info(int uid);
~su_info();
mutex_guard lock();
private:
pthread_mutex_t _lock; /* Internal lock */
long timestamp;
// Internal lock
pthread_mutex_t _lock;
};
struct su_req_base {

60
native/jni/su/su_daemon.cpp
View File

@@ -19,9 +19,9 @@ using namespace std;
static pthread_mutex_t cache_lock = PTHREAD_MUTEX_INITIALIZER;
static shared_ptr<su_info> cached;
su_info::su_info(unsigned uid) :
uid(uid), access(DEFAULT_SU_ACCESS), mgr_st({}),
timestamp(0), _lock(PTHREAD_MUTEX_INITIALIZER) {}
su_info::su_info(int uid) :
uid(uid), eval_uid(-1), access(DEFAULT_SU_ACCESS), mgr_st{},
timestamp(0), _lock(PTHREAD_MUTEX_INITIALIZER) {}
su_info::~su_info() {
pthread_mutex_destroy(&_lock);
@@ -44,47 +44,45 @@ void su_info::refresh() {
timestamp = ts.tv_sec * 1000L + ts.tv_nsec / 1000000L;
}
static void database_check(const shared_ptr<su_info> &info) {
int uid = info->uid;
get_db_settings(info->cfg);
void su_info::check_db() {
eval_uid = uid;
get_db_settings(cfg);
// Check multiuser settings
switch (info->cfg[SU_MULTIUSER_MODE]) {
case MULTIUSER_MODE_OWNER_ONLY:
if (to_user_id(uid) != 0) {
uid = -1;
info->access = NO_SU_ACCESS;
}
break;
case MULTIUSER_MODE_OWNER_MANAGED:
uid = to_app_id(uid);
break;
case MULTIUSER_MODE_USER:
default:
break;
switch (cfg[SU_MULTIUSER_MODE]) {
case MULTIUSER_MODE_OWNER_ONLY:
if (to_user_id(uid) != 0) {
eval_uid = -1;
access = NO_SU_ACCESS;
}
break;
case MULTIUSER_MODE_OWNER_MANAGED:
eval_uid = to_app_id(uid);
break;
case MULTIUSER_MODE_USER:
default:
break;
}
su_access &su = info->access;
if (uid > 0) {
if (eval_uid > 0) {
char query[256], *err;
sprintf(query,
snprintf(query, sizeof(query),
"SELECT policy, logging, notification FROM policies "
"WHERE uid=%d AND (until=0 OR until>%li)", uid, time(nullptr));
"WHERE uid=%d AND (until=0 OR until>%li)", eval_uid, time(nullptr));
err = db_exec(query, [&](db_row &row) -> bool {
su.policy = (policy_t) parse_int(row["policy"]);
su.log = parse_int(row["logging"]);
su.notify = parse_int(row["notification"]);
access.policy = (policy_t) parse_int(row["policy"]);
access.log = parse_int(row["logging"]);
access.notify = parse_int(row["notification"]);
LOGD("magiskdb: query policy=[%d] log=[%d] notify=[%d]\n",
su.policy, su.log, su.notify);
access.policy, access.log, access.notify);
return true;
});
db_err_cmd(err, return);
}
// We need to check our manager
if (su.log || su.notify)
get_manager(to_user_id(uid), &info->mgr_pkg, &info->mgr_st);
if (access.log || access.notify)
get_manager(to_user_id(eval_uid), &mgr_pkg, &mgr_st);
}
bool uid_granted_root(int uid) {
@@ -156,7 +154,7 @@ static shared_ptr<su_info> get_su_info(unsigned uid) {
if (info->access.policy == QUERY) {
// Not cached, get data from database
database_check(info);
info->check_db();
// If it's root or the manager, allow it silently
if (info->uid == UID_ROOT || to_app_id(info->uid) == to_app_id(info->mgr_st.st_uid)) {

36
native/jni/utils/Android.mk
View File

@@ -1,15 +1,6 @@
LOCAL_PATH := $(call my-dir)
# All Magisk common code lives here
UTILS_SRC_FILES := \
new.cpp \
files.cpp \
misc.cpp \
selinux.cpp \
logging.cpp \
xwrap.cpp \
stream.cpp
# Magisk project-wide common code
include $(CLEAR_VARS)
LOCAL_MODULE:= libutils
@@ -17,14 +8,25 @@ LOCAL_C_INCLUDES := jni/include $(LOCAL_PATH)/include out/generated
LOCAL_EXPORT_C_INCLUDES := $(LOCAL_C_INCLUDES)
LOCAL_EXPORT_STATIC_LIBRARIES := libcxx
LOCAL_STATIC_LIBRARIES := libcxx
LOCAL_SRC_FILES := $(UTILS_SRC_FILES) missing.cpp
LOCAL_SRC_FILES := \
new.cpp \
files.cpp \
misc.cpp \
selinux.cpp \
logging.cpp \
xwrap.cpp \
stream.cpp
include $(BUILD_STATIC_LIBRARY)
# libutils + "hacky" libc.a missing symbols
# To build Magisk with vanilla NDK, simply
# remove compat.cpp from sources, or replace
# all usage of libutilx to libutils
include $(CLEAR_VARS)
LOCAL_MODULE:= libutils-shared
LOCAL_C_INCLUDES := jni/include $(LOCAL_PATH)/include out/generated
LOCAL_EXPORT_C_INCLUDES := $(LOCAL_C_INCLUDES)
LOCAL_EXPORT_STATIC_LIBRARIES := libcxx
LOCAL_STATIC_LIBRARIES := libcxx
LOCAL_SRC_FILES := $(UTILS_SRC_FILES)
LOCAL_MODULE:= libutilx
LOCAL_EXPORT_STATIC_LIBRARIES := libutils
LOCAL_STATIC_LIBRARIES := libutils
LOCAL_SRC_FILES := compat/compat.cpp
include $(BUILD_STATIC_LIBRARY)

56
native/jni/utils/missing.cpp → native/jni/utils/compat/compat.cpp
View File

@@ -10,8 +10,8 @@
extern "C" {
/* Original source: https://github.com/freebsd/freebsd/blob/master/contrib/file/src/getline.c
* License: BSD, full copyright notice please check original source */
// Original source: https://github.com/freebsd/freebsd/blob/master/contrib/file/src/getline.c
// License: BSD, full copyright notice please check original source
ssize_t getdelim(char **buf, size_t *bufsiz, int delimiter, FILE *fp) {
char *ptr, *eptr;
@@ -53,32 +53,6 @@ ssize_t getline(char **buf, size_t *bufsiz, FILE *fp) {
return getdelim(buf, bufsiz, '\n', fp);
}
/* Original source: https://android.googlesource.com/platform/bionic/+/master/libc/bionic/mntent.cpp
* License: AOSP, full copyright notice please check original source */
struct mntent *getmntent_r(FILE *fp, struct mntent *e, char *buf, int buf_len) {
memset(e, 0, sizeof(*e));
while (fgets(buf, buf_len, fp) != nullptr) {
// Entries look like "proc /proc proc rw,nosuid,nodev,noexec,relatime 0 0".
// That is: mnt_fsname mnt_dir mnt_type mnt_opts 0 0.
int fsname0, fsname1, dir0, dir1, type0, type1, opts0, opts1;
if (sscanf(buf, " %n%*s%n %n%*s%n %n%*s%n %n%*s%n %d %d",
&fsname0, &fsname1, &dir0, &dir1, &type0, &type1, &opts0, &opts1,
&e->mnt_freq, &e->mnt_passno) == 2) {
e->mnt_fsname = &buf[fsname0];
buf[fsname1] = '\0';
e->mnt_dir = &buf[dir0];
buf[dir1] = '\0';
e->mnt_type = &buf[type0];
buf[type1] = '\0';
e->mnt_opts = &buf[opts0];
buf[opts1] = '\0';
return e;
}
}
return nullptr;
}
FILE *setmntent(const char *path, const char *mode) {
return fopen(path, mode);
}
@@ -143,7 +117,31 @@ int ftruncate64(int fd, off64_t length) {
#endif
#if !defined(__LP64__)
void android_set_abort_message(const char *msg) {}
void android_set_abort_message(const char *) {}
// Original source: <android/legacy_signal_inlines.h>
int sigaddset(sigset_t *set, int signum) {
/* Signal numbers start at 1, but bit positions start at 0. */
int bit = signum - 1;
auto *local_set = (unsigned long *)set;
if (set == nullptr || bit < 0 || bit >= (int)(8 * sizeof(sigset_t))) {
errno = EINVAL;
return -1;
}
local_set[bit / LONG_BIT] |= 1UL << (bit % LONG_BIT);
return 0;
}
int sigemptyset(sigset_t *set) {
if (set == nullptr) {
errno = EINVAL;
return -1;
}
memset(set, 0, sizeof(sigset_t));
return 0;
}
#include "fortify.hpp"
#endif
} // extern "C"

110
native/jni/utils/compat/fortify.hpp Normal file
View File

@@ -0,0 +1,110 @@
// Original source: https://android.googlesource.com/platform/bionic/+/master/libc/bionic/fortify.cpp
// License: AOSP, full copyright notice please check original source
#include <sys/stat.h>
#include <fcntl.h>
#include <logging.hpp>
#undef _FORTIFY_SOURCE
static inline __noreturn __printflike(1, 2) void __fortify_fatal(const char* fmt, ...) {
va_list args;
va_start(args, fmt);
log_cb.e(fmt, args);
va_end(args);
abort();
}
static inline void __check_count(const char* fn, const char* identifier, size_t value) {
if (__predict_false(value > SSIZE_MAX)) {
__fortify_fatal("%s: %s %zu > SSIZE_MAX", fn, identifier, value);
}
}
static inline void __check_buffer_access(const char* fn, const char* action,
size_t claim, size_t actual) {
if (__predict_false(claim > actual)) {
__fortify_fatal("%s: prevented %zu-byte %s %zu-byte buffer", fn, claim, action, actual);
}
}
char* __strcpy_chk(char* dst, const char* src, size_t dst_len) {
// TODO: optimize so we don't scan src twice.
size_t src_len = __builtin_strlen(src) + 1;
__check_buffer_access("strcpy", "write into", src_len, dst_len);
return __builtin_strcpy(dst, src);
}
size_t __strlcpy_chk(char* dst, const char* src,
size_t supplied_size, size_t dst_len_from_compiler) {
__check_buffer_access("strlcpy", "write into", supplied_size, dst_len_from_compiler);
return __call_bypassing_fortify(strlcpy)(dst, src, supplied_size);
}
char* __strchr_chk(const char* p, int ch, size_t s_len) {
for (;; ++p, s_len--) {
if (__predict_false(s_len == 0)) {
__fortify_fatal("strchr: prevented read past end of buffer");
}
if (*p == static_cast<char>(ch)) {
return const_cast<char*>(p);
}
if (*p == '\0') {
return nullptr;
}
}
}
char* __strcat_chk(char* dst, const char* src, size_t dst_buf_size) {
char* save = dst;
size_t dst_len = __strlen_chk(dst, dst_buf_size);
dst += dst_len;
dst_buf_size -= dst_len;
while ((*dst++ = *src++) != '\0') {
dst_buf_size--;
if (__predict_false(dst_buf_size == 0)) {
__fortify_fatal("strcat: prevented write past end of %zu-byte buffer", dst_buf_size);
}
}
return save;
}
size_t __strlen_chk(const char* s, size_t s_len) {
// TODO: "prevented" here would be a lie because this strlen can run off the end.
// strlen is too important to be expensive, so we wanted to be able to call the optimized
// implementation, but I think we need to implement optimized assembler __strlen_chk routines.
size_t ret = __builtin_strlen(s);
if (__predict_false(ret >= s_len)) {
__fortify_fatal("strlen: detected read past end of buffer");
}
return ret;
}
int __vsprintf_chk(char* dst, int /*flags*/,
size_t dst_len_from_compiler, const char* format, va_list va) {
// The compiler uses SIZE_MAX to mean "no idea", but our vsnprintf rejects sizes that large.
int result = __call_bypassing_fortify(vsnprintf)(dst,
dst_len_from_compiler == SIZE_MAX ? SSIZE_MAX : dst_len_from_compiler,
format, va);
// Try to catch failures after the fact...
__check_buffer_access("vsprintf", "write into", result + 1, dst_len_from_compiler);
return result;
}
mode_t __umask_chk(mode_t mode) {
if (__predict_false((mode & 0777) != mode)) {
__fortify_fatal("umask: called with invalid mask %o", mode);
}
return __umask_real(mode);
}
ssize_t __read_chk(int fd, void* buf, size_t count, size_t buf_size) {
__check_count("read", "count", count);
__check_buffer_access("read", "write into", count, buf_size);
return __call_bypassing_fortify(read)(fd, buf, count);
}
static inline bool needs_mode(int flags) {
return ((flags & O_CREAT) == O_CREAT) || ((flags & O_TMPFILE) == O_TMPFILE);
}
static inline int force_O_LARGEFILE(int flags) {
return flags | O_LARGEFILE;
}
int __open_2(const char* pathname, int flags) {
if (needs_mode(flags)) __fortify_fatal("open: called with O_CREAT/O_TMPFILE but no mode");
return __openat_real(AT_FDCWD, pathname, force_O_LARGEFILE(flags), 0);
}
int __openat_2(int fd, const char* pathname, int flags) {
if (needs_mode(flags)) __fortify_fatal("open: called with O_CREAT/O_TMPFILE but no mode");
return __openat_real(fd, pathname, force_O_LARGEFILE(flags), 0);
}

29
native/jni/utils/files.cpp
View File

@@ -352,12 +352,39 @@ void parse_prop_file(const char *file, const function<bool(string_view, string_v
});
}
// Original source: https://android.googlesource.com/platform/bionic/+/master/libc/bionic/mntent.cpp
// License: AOSP, full copyright notice please check original source
static struct mntent *compat_getmntent_r(FILE *fp, struct mntent *e, char *buf, int buf_len) {
memset(e, 0, sizeof(*e));
while (fgets(buf, buf_len, fp) != nullptr) {
// Entries look like "proc /proc proc rw,nosuid,nodev,noexec,relatime 0 0".
// That is: mnt_fsname mnt_dir mnt_type mnt_opts 0 0.
int fsname0, fsname1, dir0, dir1, type0, type1, opts0, opts1;
if (sscanf(buf, " %n%*s%n %n%*s%n %n%*s%n %n%*s%n %d %d",
&fsname0, &fsname1, &dir0, &dir1, &type0, &type1, &opts0, &opts1,
&e->mnt_freq, &e->mnt_passno) == 2) {
e->mnt_fsname = &buf[fsname0];
buf[fsname1] = '\0';
e->mnt_dir = &buf[dir0];
buf[dir1] = '\0';
e->mnt_type = &buf[type0];
buf[type1] = '\0';
e->mnt_opts = &buf[opts0];
buf[opts1] = '\0';
return e;
}
}
return nullptr;
}
void parse_mnt(const char *file, const function<bool(mntent*)> &fn) {
auto fp = sFILE(setmntent(file, "re"), endmntent);
if (fp) {
mntent mentry{};
char buf[4096];
while (getmntent_r(fp.get(), &mentry, buf, sizeof(buf))) {
// getmntent_r from system's libc.so is broken on old platform
// use the compat one instead
while (compat_getmntent_r(fp.get(), &mentry, buf, sizeof(buf))) {
if (!fn(&mentry))
break;
}

38
native/jni/utils/misc.cpp
View File

@@ -35,17 +35,21 @@ int fork_no_orphan() {
int gen_rand_str(char *buf, int len, bool varlen) {
constexpr char ALPHANUM[] = "abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789";
static std::mt19937 gen([]{
if (access("/dev/urandom", F_OK) != 0)
mknod("/dev/urandom", 0600 | S_IFCHR, makedev(1, 9));
int fd = xopen("/dev/urandom", O_RDONLY | O_CLOEXEC);
unsigned seed;
xxread(fd, &seed, sizeof(seed));
static mt19937 gen([]{
mt19937::result_type seed;
if (syscall(__NR_getrandom, &seed, sizeof(seed), 0) < 0) {
// This can happen if device is running a too low Linux version
if (access("/dev/urandom", F_OK) != 0)
mknod("/dev/urandom", 0600 | S_IFCHR, makedev(1, 9));
int fd = xopen("/dev/urandom", O_RDONLY | O_CLOEXEC);
xxread(fd, &seed, sizeof(seed));
close(fd);
}
return seed;
}());
std::uniform_int_distribution<int> dist(0, sizeof(ALPHANUM) - 2);
uniform_int_distribution<int> dist(0, sizeof(ALPHANUM) - 2);
if (varlen) {
std::uniform_int_distribution<int> len_dist(len / 2, len);
uniform_int_distribution<int> len_dist(len / 2, len);
len = len_dist(gen);
}
for (int i = 0; i < len - 1; ++i)
@@ -185,15 +189,25 @@ string &replace_all(string &str, string_view from, string_view to) {
return str;
}
vector<string> split(const string& s, const string& delimiters) {
vector<string> result;
template <class T>
static auto split_impl(T s, T delims) {
vector<std::decay_t<T>> result;
size_t base = 0;
size_t found;
while (true) {
found = s.find_first_of(delimiters, base);
found = s.find_first_of(delims, base);
result.push_back(s.substr(base, found - base));
if (found == string::npos) break;
if (found == string::npos)
break;
base = found + 1;
}
return result;
}
vector<string> split(const string &s, const string &delims) {
return split_impl<const string&>(s, delims);
}
vector<string_view> split_ro(string_view s, string_view delims) {
return split_impl<string_view>(s, delims);
}

36
native/jni/utils/misc.hpp
View File

@@ -65,6 +65,9 @@ reversed_container<T> reversed(T &base) {
template<class T>
static inline void default_new(T *&p) { p = new T(); }
template<class T>
static inline void default_new(std::unique_ptr<T> &p) { p.reset(new T()); }
template<typename T, typename Impl>
class stateless_allocator {
public:
@@ -80,13 +83,21 @@ public:
bool operator!=(const stateless_allocator&) { return false; }
};
class dynamic_bitset {
class dynamic_bitset_impl {
public:
using slot_type = unsigned long;
constexpr static int slot_size = sizeof(slot_type) * 8;
using slot_bits = std::bitset<slot_size>;
slot_bits::reference operator[] (size_t pos) {
size_t slots() const { return slot_list.size(); }
slot_type get_slot(size_t slot) const {
return slot_list.size() > slot ? slot_list[slot].to_ulong() : 0ul;
}
void emplace_back(slot_type l) {
slot_list.emplace_back(l);
}
protected:
slot_bits::reference get(size_t pos) {
size_t slot = pos / slot_size;
size_t index = pos % slot_size;
if (slot_list.size() <= slot) {
@@ -94,19 +105,25 @@ public:
}
return slot_list[slot][index];
}
bool operator[] (size_t pos) const {
bool get(size_t pos) const {
size_t slot = pos / slot_size;
size_t index = pos % slot_size;
return slot_list.size() > slot && slot_list[slot][index];
}
size_t slots() const { return slot_list.size(); }
slot_type get_slot(size_t slot) const {
return slot_list.size() > slot ? slot_list[slot].to_ulong() : 0ul;
}
private:
std::vector<slot_bits> slot_list;
};
struct dynamic_bitset : public dynamic_bitset_impl {
slot_bits::reference operator[] (size_t pos) { return get(pos); }
bool operator[] (size_t pos) const { return get(pos); }
};
struct StringCmp {
using is_transparent = void;
bool operator()(std::string_view a, std::string_view b) const { return a < b; }
};
int parse_int(std::string_view s);
using thread_entry = void *(*)(void *);
@@ -142,7 +159,8 @@ uint32_t binary_gcd(uint32_t u, uint32_t v);
int switch_mnt_ns(int pid);
int gen_rand_str(char *buf, int len, bool varlen = true);
std::string &replace_all(std::string &str, std::string_view from, std::string_view to);
std::vector<std::string> split(const std::string& s, const std::string& delimiters);
std::vector<std::string> split(const std::string &s, const std::string &delims);
std::vector<std::string_view> split_ro(std::string_view, std::string_view delims);
struct exec_t {
bool err = false;
@@ -175,8 +193,8 @@ template <class ...Args>
void exec_command_async(Args &&...args) {
const char *argv[] = {args..., nullptr};
exec_t exec {
.fork = fork_dont_care,
.argv = argv,
.fork = fork_dont_care
};
exec_command(exec);
}

13
native/jni/utils/missing.hpp
View File

@@ -1,7 +1,10 @@
#pragma once
#include <sys/syscall.h>
#include <linux/fcntl.h>
#include <unistd.h>
#include <cerrno>
#include <cstdio>
static inline int sigtimedwait(const sigset_t* set, siginfo_t* info, const timespec* timeout) {
union {
@@ -11,3 +14,13 @@ static inline int sigtimedwait(const sigset_t* set, siginfo_t* info, const times
s.set = *set;
return syscall(__NR_rt_sigtimedwait, &s.set64, info, timeout, sizeof(sigset64_t));
}
static inline int fexecve(int fd, char* const* argv, char* const* envp) {
syscall(__NR_execveat, fd, "", argv, envp, AT_EMPTY_PATH);
if (errno == ENOSYS) {
char buf[256];
std::snprintf(buf, sizeof(buf), "/proc/self/fd/%d", fd);
execve(buf, argv, envp);
}
return -1;
}

4
native/jni/utils/stream.cpp
View File

@@ -163,7 +163,9 @@ bool chunk_out_stream::write(const void *_in, size_t len, bool final) {
void chunk_out_stream::finalize() {
if (buf_off) {
write_chunk(_buf, buf_off, true);
if (!write_chunk(_buf, buf_off, true)) {
LOGE("Error in finalize, file truncated\n");
}
delete[] _buf;
_buf = nullptr;
buf_off = 0;

9
native/jni/utils/xwrap.cpp
View File

@@ -288,6 +288,14 @@ int xfstat(int fd, struct stat *buf) {
return ret;
}
int xfstatat(int dirfd, const char *pathname, struct stat *buf, int flags) {
int ret = fstatat(dirfd, pathname, buf, flags);
if (ret < 0) {
PLOGE("fstatat %s", pathname);
}
return ret;
}
int xdup(int fd) {
int ret = dup(fd);
if (ret < 0) {
@@ -444,6 +452,7 @@ void *xmmap(void *addr, size_t length, int prot, int flags,
void *ret = mmap(addr, length, prot, flags, fd, offset);
if (ret == MAP_FAILED) {
PLOGE("mmap");
return nullptr;
}
return ret;
}

7
native/jni/utils/xwrap.hpp
View File

@@ -26,9 +26,9 @@ int xbind(int sockfd, const struct sockaddr *addr, socklen_t addrlen);
int xconnect(int sockfd, const struct sockaddr *addr, socklen_t addrlen);
int xlisten(int sockfd, int backlog);
int xaccept4(int sockfd, struct sockaddr *addr, socklen_t *addrlen, int flags);
extern "C" void *xmalloc(size_t size);
extern "C" void *xcalloc(size_t nmemb, size_t size);
extern "C" void *xrealloc(void *ptr, size_t size);
void *xmalloc(size_t size);
void *xcalloc(size_t nmemb, size_t size);
void *xrealloc(void *ptr, size_t size);
ssize_t xsendmsg(int sockfd, const struct msghdr *msg, int flags);
ssize_t xrecvmsg(int sockfd, struct msghdr *msg, int flags);
int xpthread_create(pthread_t *thread, const pthread_attr_t *attr,
@@ -37,6 +37,7 @@ int xaccess(const char *path, int mode);
int xstat(const char *pathname, struct stat *buf);
int xlstat(const char *pathname, struct stat *buf);
int xfstat(int fd, struct stat *buf);
int xfstatat(int dirfd, const char *pathname, struct stat *buf, int flags);
int xdup(int fd);
int xdup2(int oldfd, int newfd);
int xdup3(int oldfd, int newfd, int flags);

82
native/jni/zygisk/deny/cli.cpp
View File

@@ -33,29 +33,32 @@ void denylist_handler(int client, const sock_cred *cred) {
}
int req = read_int(client);
int res = DAEMON_ERROR;
int res = DenyResponse::ERROR;
switch (req) {
case ENFORCE_DENY:
case DenyRequest::ENFORCE:
res = enable_deny();
break;
case DISABLE_DENY:
case DenyRequest::DISABLE:
res = disable_deny();
break;
case ADD_LIST:
case DenyRequest::ADD:
res = add_list(client);
break;
case RM_LIST:
case DenyRequest::REMOVE:
res = rm_list(client);
break;
case LS_LIST:
case DenyRequest::LIST:
ls_list(client);
return;
case DENY_STATUS:
res = (zygisk_enabled && denylist_enforced) ? DENY_IS_ENFORCED : DENY_NOT_ENFORCED;
case DenyRequest::STATUS:
res = (zygisk_enabled && denylist_enforced)
? DenyResponse::ENFORCED : DenyResponse::NOT_ENFORCED;
break;
default:
// Unknown request code
break;
}
write_int(client, res);
close(client);
}
@@ -66,17 +69,17 @@ int denylist_cli(int argc, char **argv) {
int req;
if (argv[1] == "enable"sv)
req = ENFORCE_DENY;
req = DenyRequest::ENFORCE;
else if (argv[1] == "disable"sv)
req = DISABLE_DENY;
req = DenyRequest::DISABLE;
else if (argv[1] == "add"sv)
req = ADD_LIST;
req = DenyRequest::ADD;
else if (argv[1] == "rm"sv)
req = RM_LIST;
req = DenyRequest::REMOVE;
else if (argv[1] == "ls"sv)
req = LS_LIST;
req = DenyRequest::LIST;
else if (argv[1] == "status"sv)
req = DENY_STATUS;
req = DenyRequest::STATUS;
else if (argv[1] == "exec"sv && argc > 2) {
xunshare(CLONE_NEWNS);
xmount(nullptr, "/", nullptr, MS_PRIVATE | MS_REC, nullptr);
@@ -88,56 +91,55 @@ int denylist_cli(int argc, char **argv) {
}
// Send request
int fd = connect_daemon();
write_int(fd, DENYLIST);
int fd = connect_daemon(MainRequest::DENYLIST);
write_int(fd, req);
if (req == ADD_LIST || req == RM_LIST) {
if (req == DenyRequest::ADD || req == DenyRequest::REMOVE) {
write_string(fd, argv[2]);
write_string(fd, argv[3] ? argv[3] : "");
}
// Get response
int code = read_int(fd);
switch (code) {
case DAEMON_SUCCESS:
break;
case DENY_NOT_ENFORCED:
int res = read_int(fd);
if (res < 0 || res >= DenyResponse::END)
res = DenyResponse::ERROR;
switch (res) {
case DenyResponse::NOT_ENFORCED:
fprintf(stderr, "Denylist is not enforced\n");
goto return_code;
case DENY_IS_ENFORCED:
case DenyResponse::ENFORCED:
fprintf(stderr, "Denylist is enforced\n");
goto return_code;
case DENYLIST_ITEM_EXIST:
case DenyResponse::ITEM_EXIST:
fprintf(stderr, "Target already exists in denylist\n");
goto return_code;
case DENYLIST_ITEM_NOT_EXIST:
case DenyResponse::ITEM_NOT_EXIST:
fprintf(stderr, "Target does not exist in denylist\n");
goto return_code;
case DENY_NO_NS:
case DenyResponse::NO_NS:
fprintf(stderr, "The kernel does not support mount namespace\n");
goto return_code;
case DENYLIST_INVALID_PKG:
case DenyResponse::INVALID_PKG:
fprintf(stderr, "Invalid package / process name\n");
goto return_code;
case ROOT_REQUIRED:
fprintf(stderr, "Root is required for this operation\n");
goto return_code;
case DAEMON_ERROR:
case DenyResponse::ERROR:
fprintf(stderr, "deny: Daemon error\n");
return -1;
case DenyResponse::OK:
break;
default:
fprintf(stderr, "Daemon error\n");
return DAEMON_ERROR;
__builtin_unreachable();
}
if (req == LS_LIST) {
string res;
if (req == DenyRequest::LIST) {
string out;
for (;;) {
read_string(fd, res);
if (res.empty())
read_string(fd, out);
if (out.empty())
break;
printf("%s\n", res.data());
printf("%s\n", out.data());
}
}
return_code:
return req == DENY_STATUS ? (code == DENY_IS_ENFORCED ? 0 : 1) : code != DAEMON_SUCCESS;
return req == DenyRequest::STATUS ? res != DenyResponse::ENFORCED : res != DenyResponse::OK;
}

46
native/jni/zygisk/deny/deny.hpp
View File

@@ -10,6 +10,34 @@
#define ISOLATED_MAGIC "isolated"
namespace DenyRequest {
enum : int {
ENFORCE,
DISABLE,
ADD,
REMOVE,
LIST,
STATUS,
END
};
}
namespace DenyResponse {
enum : int {
OK,
ENFORCED,
NOT_ENFORCED,
ITEM_EXIST,
ITEM_NOT_EXIST,
INVALID_PKG,
NO_NS,
ERROR,
END
};
}
// CLI entries
int enable_deny();
int disable_deny();
@@ -24,21 +52,3 @@ void revert_unmount();
extern std::atomic<bool> denylist_enforced;
extern std::atomic<int> cached_manager_app_id;
enum : int {
ENFORCE_DENY,
DISABLE_DENY,
ADD_LIST,
RM_LIST,
LS_LIST,
DENY_STATUS,
};
enum : int {
DENY_IS_ENFORCED = DAEMON_LAST + 1,
DENY_NOT_ENFORCED,
DENYLIST_ITEM_EXIST,
DENYLIST_ITEM_NOT_EXIST,
DENYLIST_INVALID_PKG,
DENY_NO_NS,
};

268
native/jni/zygisk/deny/utils.cpp
View File

@@ -14,55 +14,92 @@
using namespace std;
static set<pair<string, string>> *deny_set; /* set of <pkg, process> pair */
static map<int, vector<string_view>> *app_id_proc_map; /* app ID -> list of process */
static int inotify_fd = -1;
// For the following data structures:
// If package name == ISOLATED_MAGIC, or app ID == -1, it means isolated service
// Locks the variables above
// Package name -> list of process names
static unique_ptr<map<string, set<string, StringCmp>, StringCmp>> pkg_to_procs_;
#define pkg_to_procs (*pkg_to_procs_)
// app ID -> list of pkg names (string_view points to a pkg_to_procs key)
static unique_ptr<map<int, set<string_view>>> app_id_to_pkgs_;
#define app_id_to_pkgs (*app_id_to_pkgs_)
// Locks the data structures above
static pthread_mutex_t data_lock = PTHREAD_MUTEX_INITIALIZER;
atomic<bool> denylist_enforced = false;
#define do_kill (zygisk_enabled && denylist_enforced)
static void rebuild_map() {
app_id_proc_map->clear();
string data_path(APP_DATA_DIR);
size_t len = data_path.length();
static unsigned long long pkg_xml_ino = 0;
// Collect all user IDs
vector<string> users;
if (auto dir = open_dir(APP_DATA_DIR)) {
for (dirent *entry; (entry = xreaddir(dir.get()));) {
users.emplace_back(entry->d_name);
static void rescan_apps() {
{
struct stat st{};
stat("/data/system/packages.xml", &st);
if (pkg_xml_ino == st.st_ino) {
// Packages has not changed, do not rescan
return;
}
} else {
return;
pkg_xml_ino = st.st_ino;
}
string_view prev_pkg;
struct stat st;
for (const auto &target : *deny_set) {
if (target.first == ISOLATED_MAGIC) {
// Isolated process
(*app_id_proc_map)[-1].emplace_back(target.second);
} else if (prev_pkg == target.first) {
// Optimize the case when it's the same package as previous iteration
(*app_id_proc_map)[to_app_id(st.st_uid)].emplace_back(target.second);
} else {
// Traverse the filesystem to find app ID
for (const auto &user_id : users) {
data_path.resize(len);
data_path += '/';
data_path += user_id;
data_path += '/';
data_path += target.first;
if (stat(data_path.data(), &st) == 0) {
prev_pkg = target.first;
(*app_id_proc_map)[to_app_id(st.st_uid)].emplace_back(target.second);
break;
LOGD("denylist: rescanning apps\n");
app_id_to_pkgs.clear();
cached_manager_app_id = -1;
auto data_dir = xopen_dir(APP_DATA_DIR);
if (!data_dir)
return;
dirent *entry;
while ((entry = xreaddir(data_dir.get()))) {
// For each user
int dfd = xopenat(dirfd(data_dir.get()), entry->d_name, O_RDONLY);
if (auto dir = xopen_dir(dfd)) {
while ((entry = xreaddir(dir.get()))) {
// For each package
struct stat st{};
xfstatat(dfd, entry->d_name, &st, 0);
int app_id = to_app_id(st.st_uid);
if (app_id_to_pkgs.contains(app_id)) {
// This app ID has been handled
continue;
}
if (auto it = pkg_to_procs.find(entry->d_name); it != pkg_to_procs.end()) {
app_id_to_pkgs[app_id].insert(it->first);
}
}
} else {
close(dfd);
}
}
}
static void update_pkg_uid(const string &pkg, bool remove) {
auto data_dir = xopen_dir(APP_DATA_DIR);
if (!data_dir)
return;
dirent *entry;
struct stat st{};
char buf[PATH_MAX] = {0};
// For each user
while ((entry = xreaddir(data_dir.get()))) {
snprintf(buf, sizeof(buf), "%s/%s", entry->d_name, pkg.data());
if (fstatat(dirfd(data_dir.get()), buf, &st, 0) == 0) {
int app_id = to_app_id(st.st_uid);
if (remove) {
if (auto it = app_id_to_pkgs.find(app_id); it != app_id_to_pkgs.end()) {
it->second.erase(pkg);
if (it->second.empty()) {
app_id_to_pkgs.erase(it);
}
}
} else {
app_id_to_pkgs[app_id].insert(pkg);
}
break;
}
}
}
@@ -71,7 +108,7 @@ static void rebuild_map() {
static DIR *procfp;
template<class F>
static void crawl_procfs(F &&fn) {
static void crawl_procfs(const F &fn) {
rewinddir(procfp);
dirent *dp;
int pid;
@@ -145,68 +182,42 @@ static bool validate(const char *pkg, const char *proc) {
return pkg_valid && proc_valid;
}
static void add_hide_set(const char *pkg, const char *proc) {
static auto add_hide_set(const char *pkg, const char *proc) {
auto p = pkg_to_procs[pkg].emplace(proc);
if (!p.second)
return p;
LOGI("denylist add: [%s/%s]\n", pkg, proc);
deny_set->emplace(pkg, proc);
if (!do_kill)
return;
return p;
if (str_eql(pkg, ISOLATED_MAGIC)) {
// Kill all matching isolated processes
kill_process<&str_starts>(proc, true);
} else {
kill_process(proc);
}
return p;
}
static void clear_data() {
delete deny_set;
delete app_id_proc_map;
deny_set = nullptr;
app_id_proc_map = nullptr;
unregister_poll(inotify_fd, true);
inotify_fd = -1;
}
static void inotify_handler(pollfd *pfd) {
union {
inotify_event event;
char buf[512];
} u{};
read(pfd->fd, u.buf, sizeof(u.buf));
if (u.event.name == "packages.xml"sv) {
cached_manager_app_id = -1;
exec_task([] {
mutex_guard lock(data_lock);
rebuild_map();
});
}
pkg_to_procs_.reset(nullptr);
app_id_to_pkgs_.reset(nullptr);
}
static bool ensure_data() {
if (app_id_proc_map)
if (pkg_to_procs_)
return true;
LOGI("denylist: initializing internal data structures\n");
default_new(deny_set);
default_new(pkg_to_procs_);
char *err = db_exec("SELECT * FROM denylist", [](db_row &row) -> bool {
add_hide_set(row["package_name"].data(), row["process"].data());
return true;
});
db_err_cmd(err, goto error);
db_err_cmd(err, goto error)
default_new(app_id_proc_map);
rebuild_map();
inotify_fd = xinotify_init1(IN_CLOEXEC);
if (inotify_fd < 0) {
goto error;
} else {
// Monitor packages.xml
inotify_add_watch(inotify_fd, "/data/system", IN_CLOSE_WRITE);
pollfd inotify_pfd = { inotify_fd, POLLIN, 0 };
register_poll(&inotify_pfd, inotify_handler);
}
default_new(app_id_to_pkgs_);
rescan_apps();
return true;
@@ -220,18 +231,16 @@ static int add_list(const char *pkg, const char *proc) {
proc = pkg;
if (!validate(pkg, proc))
return DENYLIST_INVALID_PKG;
return DenyResponse::INVALID_PKG;
{
mutex_guard lock(data_lock);
if (!ensure_data())
return DAEMON_ERROR;
for (const auto &hide : *deny_set)
if (hide.first == pkg && hide.second == proc)
return DENYLIST_ITEM_EXIST;
add_hide_set(pkg, proc);
rebuild_map();
return DenyResponse::ERROR;
auto p = add_hide_set(pkg, proc);
if (!p.second)
return DenyResponse::ITEM_EXIST;
update_pkg_uid(*p.first, false);
}
// Add to database
@@ -239,8 +248,8 @@ static int add_list(const char *pkg, const char *proc) {
snprintf(sql, sizeof(sql),
"INSERT INTO denylist (package_name, process) VALUES('%s', '%s')", pkg, proc);
char *err = db_exec(sql);
db_err_cmd(err, return DAEMON_ERROR);
return DAEMON_SUCCESS;
db_err_cmd(err, return DenyResponse::ERROR)
return DenyResponse::OK;
}
int add_list(int client) {
@@ -253,21 +262,29 @@ static int rm_list(const char *pkg, const char *proc) {
{
mutex_guard lock(data_lock);
if (!ensure_data())
return DAEMON_ERROR;
return DenyResponse::ERROR;
bool remove = false;
for (auto it = deny_set->begin(); it != deny_set->end();) {
if (it->first == pkg && (proc[0] == '\0' || it->second == proc)) {
auto it = pkg_to_procs.find(pkg);
if (it != pkg_to_procs.end()) {
if (proc[0] == '\0') {
update_pkg_uid(it->first, true);
pkg_to_procs.erase(it);
remove = true;
LOGI("denylist rm: [%s/%s]\n", it->first.data(), it->second.data());
it = deny_set->erase(it);
} else {
++it;
LOGI("denylist rm: [%s]\n", pkg);
} else if (it->second.erase(proc) != 0) {
remove = true;
LOGI("denylist rm: [%s/%s]\n", pkg, proc);
if (it->second.empty()) {
update_pkg_uid(it->first, true);
pkg_to_procs.erase(it);
}
}
}
if (!remove)
return DENYLIST_ITEM_NOT_EXIST;
rebuild_map();
return DenyResponse::ITEM_NOT_EXIST;
}
char sql[4096];
@@ -277,8 +294,8 @@ static int rm_list(const char *pkg, const char *proc) {
snprintf(sql, sizeof(sql),
"DELETE FROM denylist WHERE package_name='%s' AND process='%s'", pkg, proc);
char *err = db_exec(sql);
db_err_cmd(err, return DAEMON_ERROR);
return DAEMON_SUCCESS;
db_err_cmd(err, return DenyResponse::ERROR)
return DenyResponse::OK;
}
int rm_list(int client) {
@@ -291,16 +308,19 @@ void ls_list(int client) {
{
mutex_guard lock(data_lock);
if (!ensure_data()) {
write_int(client, DAEMON_ERROR);
write_int(client, static_cast<int>(DenyResponse::ERROR));
return;
}
write_int(client, DAEMON_SUCCESS);
for (const auto &hide : *deny_set) {
write_int(client, hide.first.size() + hide.second.size() + 1);
xwrite(client, hide.first.data(), hide.first.size());
xwrite(client, "|", 1);
xwrite(client, hide.second.data(), hide.second.size());
write_int(client,static_cast<int>(DenyResponse::OK));
for (const auto &[pkg, procs] : pkg_to_procs) {
for (const auto &proc : procs) {
write_int(client, pkg.size() + proc.size() + 1);
xwrite(client, pkg.data(), pkg.size());
xwrite(client, "|", 1);
xwrite(client, proc.data(), proc.size());
}
}
}
write_int(client, 0);
@@ -324,17 +344,17 @@ static void update_deny_config() {
int enable_deny() {
if (denylist_enforced) {
return DAEMON_SUCCESS;
return DenyResponse::OK;
} else {
mutex_guard lock(data_lock);
if (access("/proc/self/ns/mnt", F_OK) != 0) {
LOGW("The kernel does not support mount namespace\n");
return DENY_NO_NS;
return DenyResponse::NO_NS;
}
if (procfp == nullptr && (procfp = opendir("/proc")) == nullptr)
return DAEMON_ERROR;
return DenyResponse::ERROR;
LOGI("* Enable DenyList\n");
@@ -342,7 +362,7 @@ int enable_deny() {
if (!ensure_data()) {
denylist_enforced = false;
return DAEMON_ERROR;
return DenyResponse::ERROR;
}
// On Android Q+, also kill blastula pool and all app zygotes
@@ -354,19 +374,16 @@ int enable_deny() {
}
update_deny_config();
return DAEMON_SUCCESS;
return DenyResponse::OK;
}
int disable_deny() {
if (denylist_enforced) {
denylist_enforced = false;
LOGI("* Disable DenyList\n");
mutex_guard lock(data_lock);
clear_data();
}
update_deny_config();
return DAEMON_SUCCESS;
return DenyResponse::OK;
}
void initialize_denylist() {
@@ -383,24 +400,23 @@ bool is_deny_target(int uid, string_view process) {
if (!ensure_data())
return false;
rescan_apps();
int app_id = to_app_id(uid);
if (app_id >= 90000) {
// Isolated processes
auto it = app_id_proc_map->find(-1);
if (it == app_id_proc_map->end())
return false;
for (const auto &s : it->second) {
if (str_starts(process, s))
return true;
if (auto it = pkg_to_procs.find(ISOLATED_MAGIC); it != pkg_to_procs.end()) {
for (const auto &s : it->second) {
if (str_starts(process, s))
return true;
}
}
return false;
} else {
auto it = app_id_proc_map->find(app_id);
if (it == app_id_proc_map->end())
auto it = app_id_to_pkgs.find(app_id);
if (it == app_id_to_pkgs.end())
return false;
for (const auto &s : it->second) {
if (s == process)
for (const auto &pkg : it->second) {
if (pkg_to_procs.find(pkg)->second.count(process))
return true;
}
}

207
native/jni/zygisk/entry.cpp
View File

@@ -2,6 +2,7 @@
#include <dlfcn.h>
#include <sys/prctl.h>
#include <android/log.h>
#include <android/dlext.h>
#include <utils.hpp>
#include <daemon.hpp>
@@ -27,15 +28,6 @@ static void zygisk_logging() {
log_cb.ex = nop_ex;
}
static char *first_stage_path = nullptr;
void unload_first_stage() {
if (first_stage_path) {
unmap_all(first_stage_path);
free(first_stage_path);
first_stage_path = nullptr;
}
}
// Make sure /proc/self/environ is sanitized
// Filter env and reset MM_ENV_END
static void sanitize_environ() {
@@ -43,7 +35,7 @@ static void sanitize_environ() {
for (int i = 0; environ[i]; ++i) {
// Copy all env onto the original stack
int len = strlen(environ[i]);
size_t len = strlen(environ[i]);
memmove(cur, environ[i], len + 1);
environ[i] = cur;
cur += len + 1;
@@ -52,7 +44,7 @@ static void sanitize_environ() {
prctl(PR_SET_MM, PR_SET_MM_ENV_END, cur, 0, 0);
}
__attribute__((destructor))
[[gnu::destructor]] [[maybe_unused]]
static void zygisk_cleanup_wait() {
if (self_handle) {
// Wait 10us to make sure none of our code is executing
@@ -61,71 +53,84 @@ static void zygisk_cleanup_wait() {
}
}
#define SECOND_STAGE_PTR "ZYGISK_PTR"
static void second_stage_entry(void *handle, const char *tmp, char *path) {
self_handle = handle;
MAGISKTMP = tmp;
unsetenv(INJECT_ENV_2);
unsetenv(SECOND_STAGE_PTR);
static void second_stage_entry() {
zygisk_logging();
ZLOGD("inject 2nd stage\n");
hook_functions();
// First stage will be unloaded before the first fork
first_stage_path = path;
char path[PATH_MAX];
MAGISKTMP = getenv(MAGISKTMP_ENV);
int fd = parse_int(getenv(MAGISKFD_ENV));
snprintf(path, sizeof(path), "/proc/self/fd/%d", fd);
xreadlink(path, path, PATH_MAX);
android_dlextinfo info {
.flags = ANDROID_DLEXT_USE_LIBRARY_FD,
.library_fd = fd,
};
self_handle = android_dlopen_ext(path, RTLD_LAZY, &info);
dlclose(self_handle);
close(fd);
unsetenv(MAGISKTMP_ENV);
unsetenv(MAGISKFD_ENV);
sanitize_environ();
hook_functions();
}
static void first_stage_entry() {
android_logging();
ZLOGD("inject 1st stage\n");
char path[PATH_MAX];
char buf[256];
char *ld = getenv("LD_PRELOAD");
char tmp[128];
strlcpy(tmp, getenv("MAGISKTMP"), sizeof(tmp));
char *path;
if (char *c = strrchr(ld, ':')) {
*c = '\0';
strlcpy(path, c + 1, sizeof(path));
setenv("LD_PRELOAD", ld, 1); // Restore original LD_PRELOAD
path = strdup(c + 1);
} else {
unsetenv("LD_PRELOAD");
path = strdup(ld);
strlcpy(path, ld, sizeof(path));
}
unsetenv(INJECT_ENV_1);
unsetenv("MAGISKTMP");
sanitize_environ();
char *num = strrchr(path, '.') - 1;
// Force the linker to load the library on top of ourselves, so we do not
// need to unmap the 1st stage library that was loaded with LD_PRELOAD.
// Update path to 2nd stage lib
*num = '2';
int fd = xopen(path, O_RDONLY | O_CLOEXEC);
// Use fd here instead of path to make sure inode is the same as 2nd stage
snprintf(buf, sizeof(buf), "%d", fd);
setenv(MAGISKFD_ENV, buf, 1);
struct stat s{};
xfstat(fd, &s);
android_dlextinfo info {
.flags = ANDROID_DLEXT_FORCE_LOAD | ANDROID_DLEXT_USE_LIBRARY_FD,
.library_fd = fd,
};
auto [addr, size] = find_map_range(path, s.st_ino);
if (addr && size) {
info.flags |= ANDROID_DLEXT_RESERVED_ADDRESS;
info.reserved_addr = addr;
// The existing address is guaranteed to fit, as 1st stage and 2nd stage
// are exactly the same ELF (same inode). However, the linker could over
// estimate the required size and refuse to dlopen. The estimated size
// is not accurate so size the size to unlimited.
info.reserved_size = -1;
}
// Load second stage
setenv(INJECT_ENV_2, "1", 1);
void *handle = dlopen(path, RTLD_LAZY);
remap_all(path);
// Revert path to 1st stage lib
*num = '1';
// Run second stage entry
char *env = getenv(SECOND_STAGE_PTR);
decltype(&second_stage_entry) second_stage;
sscanf(env, "%p", &second_stage);
second_stage(handle, tmp, path);
// Force dlopen ourselves to make ourselves dlclose-able.
// After this call, all global variables will be reset.
android_dlopen_ext(path, RTLD_LAZY, &info);
}
__attribute__((constructor))
[[gnu::constructor]] [[maybe_unused]]
static void zygisk_init() {
if (getenv(INJECT_ENV_2)) {
// Return function pointer to first stage
char buf[128];
snprintf(buf, sizeof(buf), "%p", &second_stage_entry);
setenv(SECOND_STAGE_PTR, buf, 1);
} else if (getenv(INJECT_ENV_1)) {
if (getenv(INJECT_ENV_1)) {
unsetenv(INJECT_ENV_1);
first_stage_entry();
} else if (getenv(INJECT_ENV_2)) {
unsetenv(INJECT_ENV_2);
second_stage_entry();
}
}
@@ -137,9 +142,7 @@ static int zygisk_log(int prio, const char *fmt, va_list ap) {
if (logd_fd < 0) {
// Change logging temporarily to prevent infinite recursion and stack overflow
android_logging();
if (int fd = connect_daemon(); fd >= 0) {
write_int(fd, ZYGISK_REQUEST);
write_int(fd, ZYGISK_GET_LOG_PIPE);
if (int fd = zygisk_request(ZygiskRequest::GET_LOG_PIPE); fd >= 0) {
if (read_int(fd) == 0) {
logd_fd = recv_fd(fd);
}
@@ -167,16 +170,13 @@ static int zygisk_log(int prio, const char *fmt, va_list ap) {
return ret;
}
static inline bool should_load_modules(int flags) {
static inline bool should_load_modules(uint32_t flags) {
return (flags & UNMOUNT_MASK) != UNMOUNT_MASK &&
(flags & PROCESS_IS_MAGISK_APP) != PROCESS_IS_MAGISK_APP;
}
int remote_get_info(int uid, const char *process, uint32_t *flags, vector<int> &fds) {
if (int fd = connect_daemon(); fd >= 0) {
write_int(fd, ZYGISK_REQUEST);
write_int(fd, ZYGISK_GET_INFO);
if (int fd = zygisk_request(ZygiskRequest::GET_INFO); fd >= 0) {
write_int(fd, uid);
write_string(fd, process);
xxread(fd, flags, sizeof(*flags));
@@ -304,10 +304,6 @@ static void setup_files(int client, const sock_cred *cred) {
write_int(client, 0);
send_fd(client, is_64_bit ? app_process_64 : app_process_32);
string path = MAGISKTMP + "/" ZYGISKBIN "/zygisk." + basename(buf);
cp_afc(buf, (path + ".1.so").data());
cp_afc(buf, (path + ".2.so").data());
write_string(client, MAGISKTMP);
}
@@ -329,29 +325,24 @@ static void get_process_info(int client, const sock_cred *cred) {
// This function is called on every single zygote process specialization,
// so performance is critical. get_manager_app_id() is expensive as it goes
// through a SQLite query and potentially multiple filesystem stats, so we
// really want to cache the app ID value. inotify will invalidate the app ID
// cache for us.
// really want to cache its app ID value.
if (uid != 1000) {
int manager_app_id = cached_manager_app_id;
if (manager_app_id < 0) {
manager_app_id = get_manager_app_id();
cached_manager_app_id = manager_app_id;
}
if (to_app_id(uid) == manager_app_id) {
flags |= PROCESS_IS_MAGISK_APP;
}
if (denylist_enforced) {
flags |= DENYLIST_ENFORCING;
}
if (is_deny_target(uid, process)) {
flags |= PROCESS_ON_DENYLIST;
}
if (uid_granted_root(uid)) {
flags |= PROCESS_GRANTED_ROOT;
}
if (is_deny_target(uid, process)) {
flags |= PROCESS_ON_DENYLIST;
}
int manager_app_id = cached_manager_app_id;
if (manager_app_id < 0) {
manager_app_id = get_manager_app_id();
cached_manager_app_id = manager_app_id;
}
if (to_app_id(uid) == manager_app_id) {
flags |= PROCESS_IS_MAGISK_APP;
}
if (denylist_enforced) {
flags |= DENYLIST_ENFORCING;
}
if (uid_granted_root(uid)) {
flags |= PROCESS_GRANTED_ROOT;
}
xwrite(client, &flags, sizeof(flags));
@@ -363,23 +354,26 @@ static void get_process_info(int client, const sock_cred *cred) {
send_fds(client, fds.data(), fds.size());
}
// The following will only happen for system_server
if (uid != 1000 || process != "system_server")
return;
// Collect module status from system_server
int slots = read_int(client);
int id = 0;
dynamic_bitset bits;
for (int i = 0; i < slots; ++i) {
dynamic_bitset::slot_type l = 0;
xxread(client, &l, sizeof(l));
dynamic_bitset::slot_bits bits(l);
for (int j = 0; id < module_list->size(); ++j, ++id) {
if (!bits[j]) {
// Either not a zygisk module, or incompatible
char buf[4096];
snprintf(buf, sizeof(buf), MODULEROOT "/%s/zygisk",
module_list->operator[](id).name.data());
if (int dirfd = open(buf, O_RDONLY | O_CLOEXEC); dirfd >= 0) {
close(xopenat(dirfd, "unloaded", O_CREAT | O_RDONLY, 0644));
close(dirfd);
}
bits.emplace_back(l);
}
for (int id = 0; id < module_list->size(); ++id) {
if (!as_const(bits)[id]) {
// Either not a zygisk module, or incompatible
char buf[4096];
snprintf(buf, sizeof(buf), MODULEROOT "/%s/zygisk",
module_list->operator[](id).name.data());
if (int dirfd = open(buf, O_RDONLY | O_CLOEXEC); dirfd >= 0) {
close(xopenat(dirfd, "unloaded", O_CREAT | O_RDONLY, 0644));
close(dirfd);
}
}
}
@@ -408,25 +402,28 @@ void zygisk_handler(int client, const sock_cred *cred) {
int code = read_int(client);
char buf[256];
switch (code) {
case ZYGISK_SETUP:
case ZygiskRequest::SETUP:
setup_files(client, cred);
break;
case ZYGISK_PASSTHROUGH:
case ZygiskRequest::PASSTHROUGH:
magiskd_passthrough(client);
break;
case ZYGISK_GET_INFO:
case ZygiskRequest::GET_INFO:
get_process_info(client, cred);
break;
case ZYGISK_GET_LOG_PIPE:
case ZygiskRequest::GET_LOG_PIPE:
send_log_pipe(client);
break;
case ZYGISK_CONNECT_COMPANION:
case ZygiskRequest::CONNECT_COMPANION:
get_exe(cred->pid, buf, sizeof(buf));
connect_companion(client, str_ends(buf, "64"));
break;
case ZYGISK_GET_MODDIR:
case ZygiskRequest::GET_MODDIR:
get_moddir(client);
break;
default:
// Unknown code
break;
}
close(client);
}

29
native/jni/zygisk/hook.cpp
View File

@@ -1,8 +1,10 @@
#include <dlfcn.h>
#include <android/dlext.h>
#include <sys/mount.h>
#include <xhook.h>
#include <dlfcn.h>
#include <bitset>
#include <xhook.h>
#include <utils.hpp>
#include <flags.h>
#include <daemon.hpp>
@@ -67,11 +69,6 @@ struct HookContext {
#undef DCL_PRE_POST
struct StringCmp {
using is_transparent = void;
bool operator()(string_view a, string_view b) const { return a < b; }
};
// Global variables
vector<tuple<const char *, const char *, void **>> *xhook_list;
map<string, vector<JNINativeMethod>, StringCmp> *jni_hook_list;
@@ -147,7 +144,6 @@ DCL_HOOK_FUNC(int, jniRegisterNativeMethods,
// Skip actual fork and return cached result if applicable
// Also unload first stage zygisk if necessary
DCL_HOOK_FUNC(int, fork) {
unload_first_stage();
return (g_ctx && g_ctx->pid >= 0) ? g_ctx->pid : old_fork();
}
@@ -321,9 +317,7 @@ bool ZygiskModule::RegisterModule(ApiTable *table, long *module) {
}
int ZygiskModule::connectCompanion() const {
if (int fd = connect_daemon(); fd >= 0) {
write_int(fd, ZYGISK_REQUEST);
write_int(fd, ZYGISK_CONNECT_COMPANION);
if (int fd = zygisk_request(ZygiskRequest::CONNECT_COMPANION); fd >= 0) {
write_int(fd, id);
return fd;
}
@@ -331,9 +325,7 @@ int ZygiskModule::connectCompanion() const {
}
int ZygiskModule::getModuleDir() const {
if (int fd = connect_daemon(); fd >= 0) {
write_int(fd, ZYGISK_REQUEST);
write_int(fd, ZYGISK_GET_MODDIR);
if (int fd = zygisk_request(ZygiskRequest::GET_MODDIR); fd >= 0) {
write_int(fd, id);
int dfd = recv_fd(fd);
close(fd);
@@ -360,15 +352,17 @@ uint32_t ZygiskModule::getFlags() {
}
void HookContext::run_modules_pre(const vector<int> &fds) {
char buf[256];
// Since we directly use the pointer to elements in the vector, in order to prevent dangling
// pointers, the vector has to be pre-allocated to ensure reallocation does not occur
modules.reserve(fds.size());
for (int i = 0; i < fds.size(); ++i) {
snprintf(buf, sizeof(buf), "/proc/self/fd/%d", fds[i]);
if (void *h = dlopen(buf, RTLD_LAZY)) {
android_dlextinfo info {
.flags = ANDROID_DLEXT_USE_LIBRARY_FD,
.library_fd = fds[i],
};
if (void *h = android_dlopen_ext("/jit-cache", RTLD_LAZY, &info)) {
if (void *e = dlsym(h, "zygisk_module_entry")) {
modules.emplace_back(i, h, e);
}
@@ -458,7 +452,6 @@ void HookContext::nativeSpecializeAppProcess_pre() {
} else if (fd >= 0) {
run_modules_pre(module_fds);
}
write_int(fd, 0);
close(fd);
close_fds();

Some files were not shown because too many files have changed in this diff Show More