Magisk/scripts/boot_patch.sh

280 lines
9.0 KiB
Bash
Raw Normal View History

2017-06-03 14:19:01 +02:00
#!/system/bin/sh
##########################################################################################
#
# Magisk Boot Image Patcher
# by topjohnwu
2017-07-24 20:02:19 +02:00
#
2017-07-09 18:17:34 +02:00
# This script should be placed in a directory with the following files:
2017-07-24 20:02:19 +02:00
#
2017-06-03 14:19:01 +02:00
# File name type Description
2017-07-24 20:02:19 +02:00
#
2017-06-03 14:19:01 +02:00
# boot_patch.sh script A script to patch boot. Expect path to boot image as parameter.
# (this file) The script will use binaries and files in its same directory
# to complete the patching process
# magisk binary The main binary for all Magisk operations.
# It is also used to patch the sepolicy in the ramdisk.
# magiskboot binary A tool to unpack boot image, decompress ramdisk, extract ramdisk
2017-07-09 18:17:34 +02:00
# , and patch the ramdisk for Magisk support
2017-06-03 14:19:01 +02:00
# init.magisk.rc script A new line will be added to init.rc to import this script.
# All magisk entrypoints are defined here
2017-07-09 18:17:34 +02:00
# chromeos folder This folder should store all the utilities and keys to sign
# (optional) a chromeos device, used in the tablet Pixel C
2017-07-24 20:02:19 +02:00
#
2017-06-03 14:19:01 +02:00
# If the script is not running as root, then the input boot image should be a stock image
# or have a backup included in ramdisk internally, since we cannot access the stock boot
# image placed under /data we've created when previously installing
#
##########################################################################################
2017-06-24 16:38:20 +02:00
##########################################################################################
# Functions
##########################################################################################
2017-06-03 14:19:01 +02:00
# Call ui_print_wrap if exists, or else simply use echo
# Useful when wrapped in flashable zip
ui_print_wrap() {
type ui_print >/dev/null 2>&1 && ui_print "$1" || echo "$1"
}
2017-06-15 22:08:34 +02:00
# Call abort if exists, or else show error message and exit
# Essential when wrapped in flashable zip
abort_wrap() {
type abort >/dev/null 2>&1
if [ $? -ne 0 ]; then
ui_print_wrap "$1"
exit 1
else
abort "$1"
fi
}
2017-06-24 16:38:20 +02:00
# Pure bash dirname implementation
dirname_wrap() {
case "$1" in
*/*)
dir=${1%/*}
[ -z $dir ] && echo "/" || echo $dir
;;
*)
echo "."
;;
esac
2017-06-24 16:38:20 +02:00
}
# Pure bash basename implementation
basename_wrap() {
echo ${1##*/}
}
2017-06-03 14:19:01 +02:00
grep_prop() {
REGEX="s/^$1=//p"
shift
FILES=$@
if [ -z "$FILES" ]; then
FILES='/system/build.prop'
fi
cat $FILES 2>/dev/null | sed -n "$REGEX" | head -n 1
}
# --cpio-add <incpio> <mode> <entry> <infile>
cpio_add() {
2017-06-15 22:08:34 +02:00
./magiskboot --cpio-add ramdisk.cpio $1 $2 $3
2017-06-03 14:19:01 +02:00
}
# --cpio-extract <incpio> <entry> <outfile>
cpio_extract() {
2017-06-15 22:08:34 +02:00
./magiskboot --cpio-extract ramdisk.cpio $1 $2
2017-06-03 14:19:01 +02:00
}
# --cpio-mkdir <incpio> <mode> <entry>
cpio_mkdir() {
2017-06-15 22:08:34 +02:00
./magiskboot --cpio-mkdir ramdisk.cpio $1 $2
2017-06-03 14:19:01 +02:00
}
##########################################################################################
2017-06-24 16:38:20 +02:00
# Initialization
2017-06-03 14:19:01 +02:00
##########################################################################################
2017-08-16 21:46:01 +02:00
[ -z $1 ] && abort_wrap "This script requires a boot image as a parameter"
2017-09-02 17:24:34 +02:00
cwd=`pwd`
2017-06-24 16:38:20 +02:00
cd "`dirname_wrap $1`"
BOOTIMAGE="`pwd`/`basename_wrap $1`"
2017-09-02 17:24:34 +02:00
cd $cwd
2017-06-24 16:38:20 +02:00
2017-08-16 21:46:01 +02:00
[ -e "$BOOTIMAGE" ] || abort_wrap "$BOOTIMAGE does not exist!"
2017-06-24 16:38:20 +02:00
# Presets
[ -z $KEEPVERITY ] && KEEPVERITY=false
[ -z $KEEPFORCEENCRYPT ] && KEEPFORCEENCRYPT=false
# Detect whether running as root
id | grep "uid=0" >/dev/null 2>&1 && ROOT=true || ROOT=false
2017-06-24 16:38:20 +02:00
2017-06-03 14:19:01 +02:00
# Switch to the location of the script file
2017-06-24 16:38:20 +02:00
[ -z $SOURCEDMODE ] && cd "`dirname_wrap "${BASH_SOURCE:-$0}"`"
2017-09-02 17:24:34 +02:00
chmod -R 755 .
2017-06-03 14:19:01 +02:00
2017-06-24 16:38:20 +02:00
##########################################################################################
# Unpack
##########################################################################################
2017-09-06 10:13:23 +02:00
migrate_boot_backup
2017-08-16 21:46:01 +02:00
CHROMEOS=false
2017-06-24 16:38:20 +02:00
2017-06-03 14:19:01 +02:00
ui_print_wrap "- Unpacking boot image"
2017-06-15 22:08:34 +02:00
./magiskboot --unpack "$BOOTIMAGE"
2017-06-03 14:19:01 +02:00
case $? in
1 )
2017-06-15 22:08:34 +02:00
abort_wrap "! Unable to unpack boot image"
2017-06-03 14:19:01 +02:00
;;
2 )
CHROMEOS=true
;;
3 )
2017-06-03 14:19:01 +02:00
ui_print_wrap "! Sony ELF32 format detected"
2017-06-15 22:08:34 +02:00
abort_wrap "! Please use BootBridge from @AdrianDC to flash Magisk"
2017-06-03 14:19:01 +02:00
;;
4 )
2017-06-03 14:19:01 +02:00
ui_print_wrap "! Sony ELF64 format detected"
2017-06-15 22:08:34 +02:00
abort_wrap "! Stock kernel cannot be patched, please use a custom kernel"
2017-06-03 14:19:01 +02:00
esac
##########################################################################################
# Ramdisk restores
##########################################################################################
# Test patch status and do restore, after this section, ramdisk.cpio.orig is guaranteed to exist
ui_print_wrap "- Checking ramdisk status"
2017-06-15 22:08:34 +02:00
./magiskboot --cpio-test ramdisk.cpio
2017-06-03 14:19:01 +02:00
case $? in
0 ) # Stock boot
ui_print_wrap "- Stock boot image detected!"
ui_print_wrap "- Backing up stock boot image"
2017-07-24 20:02:19 +02:00
SHA1=`./magiskboot --sha1 "$BOOTIMAGE" 2>/dev/null`
2017-06-03 14:19:01 +02:00
STOCKDUMP=stock_boot_${SHA1}.img
2017-06-10 19:40:08 +02:00
dd if="$BOOTIMAGE" of=$STOCKDUMP
2017-06-15 22:08:34 +02:00
./magiskboot --compress $STOCKDUMP
2017-06-03 14:19:01 +02:00
cp -af ramdisk.cpio ramdisk.cpio.orig
;;
1 ) # Magisk patched
ui_print_wrap "- Magisk patched image detected!"
# Find SHA1 of stock boot image
2017-09-06 10:13:23 +02:00
[ -z $SHA1 ] && SHA1=`./magiskboot --cpio-stocksha1 ramdisk.cpio 2>/dev/null`
2017-06-03 14:19:01 +02:00
OK=false
2017-06-15 22:08:34 +02:00
./magiskboot --cpio-restore ramdisk.cpio
2017-06-03 14:19:01 +02:00
if [ $? -eq 0 ]; then
ui_print_wrap "- Ramdisk restored from internal backup"
OK=true
else
# Restore failed
ui_print_wrap "! Cannot restore from internal backup"
# If we are root and SHA1 known, we try to find the stock backup
if $ROOT && [ ! -z $SHA1 ]; then
STOCKDUMP=/data/stock_boot_${SHA1}.img
if [ -f ${STOCKDUMP}.gz ]; then
ui_print_wrap "- Stock boot image backup found"
2017-06-15 22:08:34 +02:00
./magiskboot --decompress ${STOCKDUMP}.gz stock_boot.img
./magiskboot --unpack stock_boot.img
2017-06-03 14:19:01 +02:00
rm -f stock_boot.img
OK=true
fi
fi
fi
if ! $OK; then
ui_print_wrap "! Ramdisk restoration incomplete"
ui_print_wrap "! Will still try to continue installation"
fi
cp -af ramdisk.cpio ramdisk.cpio.orig
;;
2 ) # Other patched
2017-06-03 18:03:36 +02:00
ui_print_wrap "! Boot image patched by other programs!"
2017-06-15 22:08:34 +02:00
abort_wrap "! Please restore stock boot image"
2017-06-03 14:19:01 +02:00
;;
esac
##########################################################################################
# Ramdisk patches
##########################################################################################
ui_print_wrap "- Patching ramdisk"
if [ ! -z $SHA1 ]; then
cp init.magisk.rc init.magisk.rc.bak
echo "# STOCKSHA1=$SHA1" >> init.magisk.rc
fi
2017-09-12 22:07:25 +02:00
if $SKIP_INITRAMFS; then
# First check precompiled ones
[ -f /system_root/sepolicy ] && cp /system_root/sepolicy sepolicy
if [ ! -f sepolicy -a -f /vendor/etc/selinux/precompiled_sepolicy ]; then
# Check SHA256
SYSTEMSHA256=`find /system/etc/selinux -name '*.sha256' -exec cat {} \; 2>/dev/null`
VENDORSHA256=`find /vendor/etc/selinux -name '*.sha256' -exec cat {} \; 2>/dev/null`
[ "$SYSTEMSHA256" = "$VENDORSHA256" ] && cp /vendor/etc/selinux/precompiled_sepolicy sepolicy
fi
if [ ! -f sepolicy ]; then
ui_print_wrap "- Compiling split cil policies"
# Compile the split policies
POLICY_VER=`cat /sys/fs/selinux/policyvers`
PLAT_CIL=/system/etc/selinux/plat_sepolicy.cil
NONPLAT_CIL=`find /vendor/etc/selinux -name '*.cil' 2>/dev/null`
VENDOR_PLAT_VER=`cat /vendor/etc/selinux/plat_sepolicy_vers.txt`
MAPPING_CIL=/system/etc/selinux/mapping/${VENDOR_PLAT_VER}.cil
./magisk magisksecilc -M true -c $POLICY_VER -o sepolicy -f /dev/null $PLAT_CIL $NONPLAT_CIL $MAPPING_CIL
fi
[ -f sepolicy ] || abort_wrap "! Cannot get sepolicy"
# TODO: Patch dm-verity
cpio_add 750 init ./magiskinit
cpio_mkdir 000 overlay
cpio_add 750 overlay/init.magisk.rc init.magisk.rc
cpio_mkdir 750 overlay/sbin
cpio_add 755 overlay/sbin/magisk magisk
else
./magiskboot --cpio-patch ramdisk.cpio $KEEPVERITY $KEEPFORCEENCRYPT
cpio_extract sepolicy sepolicy
cpio_add 750 init.magisk.rc init.magisk.rc
cpio_add 755 sbin/magisk magisk
fi
2017-06-12 18:46:20 +02:00
mv init.magisk.rc.bak init.magisk.rc 2>/dev/null
2017-09-12 22:07:25 +02:00
# sepolicy patches
./magisk magiskpolicy --load sepolicy --save sepolicy --minimal
$SKIP_INITRAMFS && cpio_add 644 overlay/sepolicy sepolicy || cpio_add 644 sepolicy sepolicy
rm -f sepolicy
2017-06-03 14:19:01 +02:00
# Create ramdisk backups
2017-06-15 22:08:34 +02:00
./magiskboot --cpio-backup ramdisk.cpio ramdisk.cpio.orig
2017-06-03 14:19:01 +02:00
rm -f ramdisk.cpio.orig
##########################################################################################
# Repack and flash
##########################################################################################
# Hexpatches
# Remove Samsung RKP in stock kernel
2017-06-15 22:08:34 +02:00
./magiskboot --hexpatch kernel \
2017-06-03 14:19:01 +02:00
49010054011440B93FA00F71E9000054010840B93FA00F7189000054001840B91FA00F7188010054 \
A1020054011440B93FA00F7140020054010840B93FA00F71E0010054001840B91FA00F7181010054
2017-09-12 22:07:25 +02:00
# skip_initramfs -> want_initramfs
./magiskboot --hexpatch kernel \
736B69705F696E697472616D6673 \
77616E745F696E697472616D6673
2017-06-03 14:19:01 +02:00
ui_print_wrap "- Repacking boot image"
2017-07-02 15:36:09 +02:00
./magiskboot --repack "$BOOTIMAGE" || abort_wrap "! Unable to repack boot image!"
2017-06-03 14:19:01 +02:00
2017-07-09 18:17:34 +02:00
# Sign chromeos boot
2017-09-06 10:13:23 +02:00
$CHROMEOS && sign_chromeos
2017-07-09 18:17:34 +02:00
2017-06-15 22:08:34 +02:00
./magiskboot --cleanup