mirror of
https://github.com/topjohnwu/Magisk.git
synced 2024-12-27 22:47:39 +00:00
003e44fb84
We used to construct /sbin tmpfs overlay in early-init stage after SELinux is properly initialized. However the way it is implemented (forking daemon from magiskinit with complicated file waiting triggers) is extremely complicated and error prone. This commit moves the construction of the sbin overlay to pre-init stage. The catch is that since SELinux is not present at that point, proper selabel has to be reconstructed afterwards. Some additional SEPolicy rules are added to make sure init can access magisk binaries, and the secontext relabeling task is assigned to the main Magisk daemon.
39 lines
733 B
C++
39 lines
733 B
C++
#include <magisk.h>
|
|
#include <magiskpolicy.h>
|
|
|
|
constexpr const char magiskrc[] =
|
|
"\n\n"
|
|
|
|
"on post-fs-data\n"
|
|
" start logd\n"
|
|
" load_persist_props\n"
|
|
" rm " UNBLOCKFILE "\n"
|
|
" start %s\n"
|
|
" wait " UNBLOCKFILE " 10\n"
|
|
" rm " UNBLOCKFILE "\n"
|
|
"\n"
|
|
|
|
"service %s /sbin/magisk --post-fs-data\n"
|
|
" user root\n"
|
|
" seclabel u:r:" SEPOL_PROC_DOMAIN ":s0\n"
|
|
" oneshot\n"
|
|
"\n"
|
|
|
|
"service %s /sbin/magisk --service\n"
|
|
" class late_start\n"
|
|
" user root\n"
|
|
" seclabel u:r:" SEPOL_PROC_DOMAIN ":s0\n"
|
|
" oneshot\n"
|
|
"\n"
|
|
|
|
"on property:sys.boot_completed=1\n"
|
|
" start %s\n"
|
|
"\n"
|
|
|
|
"service %s /sbin/magisk --boot-complete\n"
|
|
" user root\n"
|
|
" seclabel u:r:" SEPOL_PROC_DOMAIN ":s0\n"
|
|
" oneshot\n"
|
|
"\n"
|
|
;
|