#!/system/bin/sh ########################################################################################## # # Magisk Boot Image Patcher # by topjohnwu # # This script should be placed in a directory with the following files: # # File name type Description # # boot_patch.sh script A script to patch boot. Expect path to boot image as parameter. # (this file) The script will use binaries and files in its same directory # to complete the patching process # magisk binary The main binary for all Magisk operations. # It is also used to patch the sepolicy in the ramdisk. # magiskboot binary A tool to unpack boot image, decompress ramdisk, extract ramdisk # , and patch the ramdisk for Magisk support # init.magisk.rc script A new line will be added to init.rc to import this script. # All magisk entrypoints are defined here # chromeos folder This folder should store all the utilities and keys to sign # (optional) a chromeos device, used in the tablet Pixel C # # If the script is not running as root, then the input boot image should be a stock image # or have a backup included in ramdisk internally, since we cannot access the stock boot # image placed under /data we've created when previously installing # ########################################################################################## ########################################################################################## # Functions ########################################################################################## # Call ui_print_wrap if exists, or else simply use echo # Useful when wrapped in flashable zip ui_print_wrap() { type ui_print >/dev/null 2>&1 && ui_print "$1" || echo "$1" } # Call abort if exists, or else show error message and exit # Essential when wrapped in flashable zip abort_wrap() { type abort >/dev/null 2>&1 if [ $? -ne 0 ]; then ui_print_wrap "$1" exit 1 else abort "$1" fi } # Pure bash dirname implementation dirname_wrap() { case "$1" in */*) dir=${1%/*} [ -z $dir ] && echo "/" || echo $dir ;; *) echo "." ;; esac } # Pure bash basename implementation basename_wrap() { echo ${1##*/} } grep_prop() { REGEX="s/^$1=//p" shift FILES=$@ if [ -z "$FILES" ]; then FILES='/system/build.prop' fi cat $FILES 2>/dev/null | sed -n "$REGEX" | head -n 1 } # --cpio-add cpio_add() { ./magiskboot --cpio-add ramdisk.cpio $1 $2 $3 } # --cpio-extract cpio_extract() { ./magiskboot --cpio-extract ramdisk.cpio $1 $2 } # --cpio-mkdir cpio_mkdir() { ./magiskboot --cpio-mkdir ramdisk.cpio $1 $2 } ########################################################################################## # Initialization ########################################################################################## [ -z $1 ] && abort_wrap "This script requires a boot image as a parameter" cwd=`pwd` cd "`dirname_wrap $1`" BOOTIMAGE="`pwd`/`basename_wrap $1`" cd $cwd [ -e "$BOOTIMAGE" ] || abort_wrap "$BOOTIMAGE does not exist!" # Presets [ -z $KEEPVERITY ] && KEEPVERITY=false [ -z $KEEPFORCEENCRYPT ] && KEEPFORCEENCRYPT=false # Detect whether running as root id | grep "uid=0" >/dev/null 2>&1 && ROOT=true || ROOT=false if [ -z $SOURCEDMODE ]; then # Switch to the location of the script file cd "`dirname_wrap "${BASH_SOURCE:-$0}"`" # Load utility functions . ./util_functions.sh # Detect current status mount_partitions fi chmod -R 755 . ########################################################################################## # Unpack ########################################################################################## migrate_boot_backup CHROMEOS=false ui_print_wrap "- Unpacking boot image" ./magiskboot --unpack "$BOOTIMAGE" case $? in 1 ) abort_wrap "! Unable to unpack boot image" ;; 2 ) CHROMEOS=true ;; 3 ) ui_print_wrap "! Sony ELF32 format detected" abort_wrap "! Please use BootBridge from @AdrianDC to flash Magisk" ;; 4 ) ui_print_wrap "! Sony ELF64 format detected" abort_wrap "! Stock kernel cannot be patched, please use a custom kernel" esac ########################################################################################## # Ramdisk restores ########################################################################################## # Test patch status and do restore, after this section, ramdisk.cpio.orig is guaranteed to exist ui_print_wrap "- Checking ramdisk status" ./magiskboot --cpio-test ramdisk.cpio case $? in 0 ) # Stock boot ui_print_wrap "- Stock boot image detected!" ui_print_wrap "- Backing up stock boot image" SHA1=`./magiskboot --sha1 "$BOOTIMAGE" 2>/dev/null` STOCKDUMP=stock_boot_${SHA1}.img dd if="$BOOTIMAGE" of=$STOCKDUMP ./magiskboot --compress $STOCKDUMP cp -af ramdisk.cpio ramdisk.cpio.orig ;; 1 ) # Magisk patched ui_print_wrap "- Magisk patched image detected!" # Find SHA1 of stock boot image [ -z $SHA1 ] && SHA1=`./magiskboot --cpio-stocksha1 ramdisk.cpio 2>/dev/null` OK=false ./magiskboot --cpio-restore ramdisk.cpio if [ $? -eq 0 ]; then ui_print_wrap "- Ramdisk restored from internal backup" OK=true else # Restore failed ui_print_wrap "! Cannot restore from internal backup" # If we are root and SHA1 known, we try to find the stock backup if $ROOT && [ ! -z $SHA1 ]; then STOCKDUMP=/data/stock_boot_${SHA1}.img if [ -f ${STOCKDUMP}.gz ]; then ui_print_wrap "- Stock boot image backup found" ./magiskboot --decompress ${STOCKDUMP}.gz stock_boot.img ./magiskboot --unpack stock_boot.img rm -f stock_boot.img OK=true fi fi fi if ! $OK; then ui_print_wrap "! Ramdisk restoration incomplete" ui_print_wrap "! Will still try to continue installation" fi cp -af ramdisk.cpio ramdisk.cpio.orig ;; 2 ) # Other patched ui_print_wrap "! Boot image patched by other programs!" abort_wrap "! Please restore stock boot image" ;; esac ########################################################################################## # Ramdisk patches ########################################################################################## ui_print_wrap "- Patching ramdisk" if [ ! -z $SHA1 ]; then cp init.magisk.rc init.magisk.rc.bak echo "# STOCKSHA1=$SHA1" >> init.magisk.rc fi if $SKIP_INITRAMFS; then # First check precompiled ones [ -f /system_root/sepolicy ] && cp /system_root/sepolicy sepolicy if [ ! -f sepolicy -a -f /vendor/etc/selinux/precompiled_sepolicy ]; then # Check SHA256 SYSTEMSHA256=`find /system/etc/selinux -name '*.sha256' -exec cat {} \; 2>/dev/null` VENDORSHA256=`find /vendor/etc/selinux -name '*.sha256' -exec cat {} \; 2>/dev/null` [ "$SYSTEMSHA256" = "$VENDORSHA256" ] && cp /vendor/etc/selinux/precompiled_sepolicy sepolicy fi if [ ! -f sepolicy ]; then ui_print_wrap "- Compiling split cil policies" # Compile the split policies POLICY_VER=`cat /sys/fs/selinux/policyvers` PLAT_CIL=/system/etc/selinux/plat_sepolicy.cil NONPLAT_CIL=`find /vendor/etc/selinux -name '*.cil' 2>/dev/null` VENDOR_PLAT_VER=`cat /vendor/etc/selinux/plat_sepolicy_vers.txt` MAPPING_CIL=/system/etc/selinux/mapping/${VENDOR_PLAT_VER}.cil ./magisk magisksecilc -M true -c $POLICY_VER -o sepolicy -f /dev/null $PLAT_CIL $NONPLAT_CIL $MAPPING_CIL fi [ -f sepolicy ] || abort_wrap "! Cannot get sepolicy" cpio_add 750 init ./magiskinit cpio_mkdir 000 overlay cpio_add 750 overlay/init.magisk.rc init.magisk.rc cpio_mkdir 750 overlay/sbin cpio_add 755 overlay/sbin/magisk magisk else ./magiskboot --cpio-patch ramdisk.cpio $KEEPVERITY $KEEPFORCEENCRYPT cpio_extract sepolicy sepolicy cpio_add 750 init.magisk.rc init.magisk.rc cpio_add 755 sbin/magisk magisk fi mv init.magisk.rc.bak init.magisk.rc 2>/dev/null # sepolicy patches ./magisk magiskpolicy --load sepolicy --save sepolicy --minimal $SKIP_INITRAMFS && cpio_add 644 overlay/sepolicy sepolicy || cpio_add 644 sepolicy sepolicy rm -f sepolicy # Create ramdisk backups ./magiskboot --cpio-backup ramdisk.cpio ramdisk.cpio.orig if ! $KEEPVERITY && [ -f dtb ]; then ./magiskboot --dtb-patch dtb && ui_print "- Patching fstab in dtb to remove dm-verity" fi rm -f ramdisk.cpio.orig ########################################################################################## # Repack and flash ########################################################################################## # Hexpatches # Remove Samsung RKP in stock kernel ./magiskboot --hexpatch kernel \ 49010054011440B93FA00F71E9000054010840B93FA00F7189000054001840B91FA00F7188010054 \ A1020054011440B93FA00F7140020054010840B93FA00F71E0010054001840B91FA00F7181010054 # skip_initramfs -> want_initramfs ./magiskboot --hexpatch kernel \ 736B69705F696E697472616D6673 \ 77616E745F696E697472616D6673 ui_print_wrap "- Repacking boot image" ./magiskboot --repack "$BOOTIMAGE" || abort_wrap "! Unable to repack boot image!" # Sign chromeos boot $CHROMEOS && sign_chromeos ./magiskboot --cleanup