Auto start magiskhide
This commit is contained in:
topjohnwu
parent
d9c3a3c9a9
commit
08527dde9b
@ -28,6 +28,7 @@ LOCAL_SRC_FILES := \
|
||||
magiskhide/magiskhide.c \
|
||||
magiskhide/hide_daemon.c \
|
||||
magiskhide/proc_monitor.c \
|
||||
magiskhide/pre_process.c \
|
||||
magiskpolicy/magiskpolicy.c \
|
||||
magiskpolicy/rules.c \
|
||||
magiskpolicy/sepolicy.c \
|
||||
|
||||
@ -83,7 +83,6 @@ static int setup_socket(struct sockaddr_un *sun) {
|
||||
return fd;
|
||||
}
|
||||
|
||||
|
||||
static void do_nothing() {}
|
||||
|
||||
static void *large_sepol_patch(void *args) {
|
||||
@ -142,10 +141,10 @@ void start_daemon() {
|
||||
unlock_blocks();
|
||||
|
||||
// Setup links under /sbin
|
||||
mount(NULL, "/", NULL, MS_REMOUNT, NULL);
|
||||
xmount(NULL, "/", NULL, MS_REMOUNT, NULL);
|
||||
create_links(NULL, "/sbin");
|
||||
chmod("/sbin", 0755);
|
||||
mount(NULL, "/", NULL, MS_REMOUNT | MS_RDONLY, NULL);
|
||||
xmount(NULL, "/", NULL, MS_REMOUNT | MS_RDONLY, NULL);
|
||||
|
||||
// Loop forever to listen to requests
|
||||
while(1) {
|
||||
@ -157,14 +156,16 @@ void start_daemon() {
|
||||
int connect_daemon() {
|
||||
struct sockaddr_un sun;
|
||||
int fd = setup_socket(&sun);
|
||||
// LOGD("client: trying to connect socket\n");
|
||||
if (connect(fd, (struct sockaddr*) &sun, sizeof(sun))) {
|
||||
/* If we cannot access the daemon, we start the daemon
|
||||
* since there is no clear entry point when the daemon should be started
|
||||
*/
|
||||
LOGD("client: connect fail, try launching new daemon process\n");
|
||||
start_daemon();
|
||||
do {
|
||||
// Wait for 10ms
|
||||
usleep(10000);
|
||||
usleep(10);
|
||||
} while (connect(fd, (struct sockaddr*) &sun, sizeof(sun)));
|
||||
}
|
||||
return fd;
|
||||
|
||||
@ -4,9 +4,11 @@
|
||||
#include <unistd.h>
|
||||
#include <pthread.h>
|
||||
|
||||
#include "magisk.h"
|
||||
#include "daemon.h"
|
||||
|
||||
void late_start(int client) {
|
||||
LOGI("** late_start service mode running\n");
|
||||
// ack
|
||||
write_int(client, 0);
|
||||
// TODO: Do something
|
||||
|
||||
@ -15,14 +15,13 @@
|
||||
|
||||
static void *logger_thread(void *args) {
|
||||
char buffer[PATH_MAX];
|
||||
// rename("/cache/magisk.log", "/cache/last_magisk.log");
|
||||
// FILE *logfile = xfopen("/cache/magisk_test.log", "w");
|
||||
xrename("/cache/magisk.log", "/cache/last_magisk.log");
|
||||
FILE *logfile = xfopen("/cache/magisk.log", "w");
|
||||
// Disable buffering
|
||||
setbuf(logfile, NULL);
|
||||
// Start logcat
|
||||
FILE *p = popen("logcat -s Magisk", "r");
|
||||
while (fgets(buffer, sizeof(buffer), p)) {
|
||||
FILE *log_monitor = popen("logcat -s Magisk -v time", "r");
|
||||
while (fgets(buffer, sizeof(buffer), log_monitor)) {
|
||||
fprintf(logfile, "%s", buffer);
|
||||
}
|
||||
return NULL;
|
||||
@ -30,6 +29,6 @@ static void *logger_thread(void *args) {
|
||||
|
||||
/* Start a new thread to monitor logcat and dump to logfile */
|
||||
void monitor_logs() {
|
||||
pthread_t log_monitor;
|
||||
pthread_create(&log_monitor, NULL, logger_thread, NULL);
|
||||
}
|
||||
pthread_t log_monitor_thread;
|
||||
pthread_create(&log_monitor_thread, NULL, logger_thread, NULL);
|
||||
}
|
||||
|
||||
@ -3,10 +3,12 @@
|
||||
|
||||
#include <unistd.h>
|
||||
|
||||
#include "magisk.h"
|
||||
#include "utils.h"
|
||||
#include "daemon.h"
|
||||
|
||||
void post_fs(int client) {
|
||||
LOGI("** post-fs mode running\n");
|
||||
// ack
|
||||
write_int(client, 0);
|
||||
// TODO: Do something
|
||||
|
||||
@ -1,15 +1,68 @@
|
||||
/* post_fs_data.c - post-fs-data actions
|
||||
*/
|
||||
|
||||
#include <stdlib.h>
|
||||
#include <stdio.h>
|
||||
#include <unistd.h>
|
||||
#include <fcntl.h>
|
||||
#include <string.h>
|
||||
#include <linux/loop.h>
|
||||
#include <sys/ioctl.h>
|
||||
#include <sys/mount.h>
|
||||
|
||||
#include "magisk.h"
|
||||
#include "utils.h"
|
||||
#include "daemon.h"
|
||||
#include "resetprop.h"
|
||||
|
||||
static char *loopsetup(const char *img) {
|
||||
char device[20];
|
||||
struct loop_info64 info;
|
||||
int i, lfd, ffd;
|
||||
// First get an empty loop device
|
||||
for (i = 0; i <= 7; ++i) {
|
||||
sprintf(device, "/dev/block/loop%d", i);
|
||||
lfd = xopen(device, O_RDWR);
|
||||
if (ioctl(lfd, LOOP_GET_STATUS64, &info) == -1)
|
||||
break;
|
||||
close(lfd);
|
||||
}
|
||||
if (i == 8) return NULL;
|
||||
ffd = xopen(img, O_RDWR);
|
||||
if (ioctl(lfd, LOOP_SET_FD, ffd) == -1)
|
||||
return NULL;
|
||||
return strdup(device);
|
||||
}
|
||||
|
||||
char *mount_image(const char *img, const char *target) {
|
||||
char *device = loopsetup(img);
|
||||
if (device)
|
||||
mount(device, target, "ext4", 0, NULL);
|
||||
return device;
|
||||
}
|
||||
|
||||
void post_fs_data(int client) {
|
||||
// ack
|
||||
write_int(client, 0);
|
||||
// TODO: Do something
|
||||
close(client);
|
||||
if (!check_data())
|
||||
goto unblock;
|
||||
|
||||
LOGI("** post-fs-data mode running\n");
|
||||
LOGI("* Mounting magisk.img\n");
|
||||
// Mounting magisk image
|
||||
char *magiskimg = mount_image("/data/magisk.img", "/magisk");
|
||||
free(magiskimg);
|
||||
|
||||
// Start magiskhide if enabled
|
||||
char *hide_prop = getprop("persist.magisk.hide");
|
||||
if (hide_prop) {
|
||||
if (strcmp(hide_prop, "1") == 0)
|
||||
launch_magiskhide(-1);
|
||||
free(hide_prop);
|
||||
}
|
||||
|
||||
unblock:
|
||||
unblock_boot_process();
|
||||
return;
|
||||
}
|
||||
|
||||
@ -124,6 +124,7 @@ int read_int(int fd) {
|
||||
}
|
||||
|
||||
void write_int(int fd, int val) {
|
||||
if (fd < 0) return;
|
||||
xwrite(fd, &val, sizeof(int));
|
||||
}
|
||||
|
||||
@ -140,6 +141,7 @@ char* read_string(int fd) {
|
||||
}
|
||||
|
||||
void write_string(int fd, const char* val) {
|
||||
if (fd < 0) return;
|
||||
int len = strlen(val);
|
||||
write_int(fd, len);
|
||||
xwrite(fd, val, len);
|
||||
|
||||
@ -18,23 +18,7 @@
|
||||
#include "utils.h"
|
||||
#include "magiskhide.h"
|
||||
|
||||
static int isMocked = 0, pid;
|
||||
|
||||
static void manage_selinux() {
|
||||
if (isMocked) return;
|
||||
char val[1];
|
||||
int fd = xopen(ENFORCE_FILE, O_RDONLY);
|
||||
xxread(fd, val, 1);
|
||||
close(fd);
|
||||
// Permissive
|
||||
if (val[0] == '0') {
|
||||
LOGI("hide_daemon: Permissive detected, hide the state\n");
|
||||
|
||||
chmod(ENFORCE_FILE, 0640);
|
||||
chmod(POLICY_FILE, 0440);
|
||||
isMocked = 1;
|
||||
}
|
||||
}
|
||||
static int pid;
|
||||
|
||||
static void lazy_unmount(const char* mountpoint) {
|
||||
if (umount2(mountpoint, MNT_DETACH) != -1)
|
||||
@ -87,6 +71,9 @@ int hide_daemon() {
|
||||
_exit(0);
|
||||
}
|
||||
|
||||
manage_selinux();
|
||||
relink_sbin();
|
||||
|
||||
snprintf(buffer, sizeof(buffer), "/proc/%d/ns/mnt", pid);
|
||||
if(access(buffer, F_OK) == -1) continue; // Maybe process died..
|
||||
|
||||
@ -95,8 +82,6 @@ int hide_daemon() {
|
||||
xsetns(fd, 0);
|
||||
close(fd);
|
||||
|
||||
manage_selinux();
|
||||
|
||||
snprintf(buffer, sizeof(buffer), "/proc/%d/mounts", pid);
|
||||
fp = xfopen(buffer, "r");
|
||||
vec_init(&mount_list);
|
||||
|
||||
@ -52,6 +52,8 @@ void launch_magiskhide(int client) {
|
||||
|
||||
LOGI("* Starting MagiskHide\n");
|
||||
|
||||
hide_sensitive_props();
|
||||
|
||||
if (socketpair(AF_LOCAL, SOCK_STREAM, 0, sv) == -1)
|
||||
goto error;
|
||||
|
||||
@ -94,6 +96,7 @@ error:
|
||||
write(sv[0], &kill, sizeof(kill));
|
||||
close(sv[0]);
|
||||
waitpid(hide_pid, NULL, 0);
|
||||
hide_pid = -1;
|
||||
}
|
||||
return;
|
||||
}
|
||||
|
||||
@ -15,6 +15,11 @@ int hide_daemon();
|
||||
// Process monitor
|
||||
void *proc_monitor(void *args);
|
||||
|
||||
// Preprocess
|
||||
void manage_selinux();
|
||||
void hide_sensitive_props();
|
||||
void relink_sbin();
|
||||
|
||||
extern int sv[2], hide_pid, isEnabled;
|
||||
extern struct vector *hide_list, *new_list;
|
||||
|
||||
|
||||
91
jni/magiskhide/pre_process.c
Normal file
91
jni/magiskhide/pre_process.c
Normal file
@ -0,0 +1,91 @@
|
||||
/* pre_process.c - Some pre-processes for MagiskHide to hide properly
|
||||
*/
|
||||
|
||||
#include <stdio.h>
|
||||
#include <stdlib.h>
|
||||
#include <unistd.h>
|
||||
#include <errno.h>
|
||||
#include <dirent.h>
|
||||
#include <string.h>
|
||||
#include <sys/mount.h>
|
||||
#include <sys/types.h>
|
||||
#include <sys/stat.h>
|
||||
#include <selinux/selinux.h>
|
||||
|
||||
#include "magisk.h"
|
||||
#include "utils.h"
|
||||
#include "resetprop.h"
|
||||
#include "magiskhide.h"
|
||||
|
||||
static char *prop_key[] =
|
||||
{ "ro.boot.verifiedbootstate", "ro.boot.flash.locked", "ro.boot.veritymode", "ro.boot.warranty_bit", "ro.warranty_bit",
|
||||
"ro.debuggable", "ro.secure", NULL };
|
||||
|
||||
static char *prop_value[] =
|
||||
{ "green", "1", "enforcing", "0", "0", "0", "1", NULL };
|
||||
|
||||
static int isMocked = 0;
|
||||
|
||||
void manage_selinux() {
|
||||
if (isMocked) return;
|
||||
char val[1];
|
||||
int fd = xopen(ENFORCE_FILE, O_RDONLY);
|
||||
xxread(fd, val, 1);
|
||||
close(fd);
|
||||
// Permissive
|
||||
if (val[0] == '0') {
|
||||
LOGI("hide_daemon: Permissive detected, hide the state\n");
|
||||
|
||||
chmod(ENFORCE_FILE, 0640);
|
||||
chmod(POLICY_FILE, 0440);
|
||||
isMocked = 1;
|
||||
}
|
||||
}
|
||||
|
||||
void hide_sensitive_props() {
|
||||
LOGI("hide_pre_proc: Hiding sensitive props\n");
|
||||
|
||||
// Hide all sensitive props
|
||||
init_resetprop();
|
||||
char *value;
|
||||
for (int i = 0; prop_key[i]; ++i) {
|
||||
value = getprop(prop_key[i]);
|
||||
if (value) {
|
||||
if (strcmp(value, prop_value[i]) != 0)
|
||||
setprop2(prop_key[i], prop_value[i], 0);
|
||||
free(value);
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
void relink_sbin() {
|
||||
struct stat st;
|
||||
if (stat("/sbin_orig", &st) == -1 && errno == ENOENT) {
|
||||
// Re-link all binaries and bind mount
|
||||
DIR *dir;
|
||||
struct dirent *entry;
|
||||
char from[PATH_MAX], to[PATH_MAX];
|
||||
|
||||
LOGI("hide_pre_proc: Re-linking /sbin\n");
|
||||
|
||||
xmount(NULL, "/", NULL, MS_REMOUNT, NULL);
|
||||
xrename("/sbin", "/sbin_orig");
|
||||
xmkdir("/sbin", 0755);
|
||||
xchmod("/sbin", 0755);
|
||||
xmount(NULL, "/", NULL, MS_REMOUNT | MS_RDONLY, NULL);
|
||||
xmkdir("/dev/sbin_bind", 0755);
|
||||
xchmod("/dev/sbin_bind", 0755);
|
||||
dir = xopendir("/sbin_orig");
|
||||
|
||||
while ((entry = xreaddir(dir))) {
|
||||
snprintf(from, sizeof(from), "%s/%s", "/sbin_orig", entry->d_name);
|
||||
snprintf(to, sizeof(to), "%s/%s", "/dev/sbin_bind", entry->d_name);
|
||||
symlink(from, to);
|
||||
lsetfilecon(to, "u:object_r:system_file:s0");
|
||||
}
|
||||
|
||||
closedir(dir);
|
||||
|
||||
xmount("/dev/sbin_bind", "/sbin", NULL, MS_BIND, NULL);
|
||||
}
|
||||
}
|
||||
@ -19,13 +19,11 @@
|
||||
|
||||
static int zygote_num = 0;
|
||||
static char init_ns[32], zygote_ns[2][32];
|
||||
static FILE *p;
|
||||
|
||||
static void read_namespace(const int pid, char* target, const size_t size) {
|
||||
char path[32];
|
||||
snprintf(path, sizeof(path), "/proc/%d/ns/mnt", pid);
|
||||
ssize_t len = readlink(path, target, size);
|
||||
target[len] = '\0';
|
||||
xreadlink(path, target, size);
|
||||
}
|
||||
|
||||
// Workaround for the lack of pthread_cancel
|
||||
@ -44,7 +42,6 @@ static void quit_pthread(int sig) {
|
||||
hide_list = new_list = NULL;
|
||||
isEnabled = 0;
|
||||
LOGD("proc_monitor: terminating...\n");
|
||||
pclose(p);
|
||||
pthread_exit(NULL);
|
||||
}
|
||||
|
||||
@ -80,7 +77,11 @@ void *proc_monitor(void *args) {
|
||||
LOGI("proc_monitor: init ns=%s\n", init_ns);
|
||||
|
||||
// Get the mount namespace of zygote
|
||||
ps_filter_proc_name("zygote", store_zygote_ns);
|
||||
while(!zygote_num) {
|
||||
// Check zygote every 2 secs
|
||||
sleep(2);
|
||||
ps_filter_proc_name("zygote", store_zygote_ns);
|
||||
}
|
||||
|
||||
switch(zygote_num) {
|
||||
case 1:
|
||||
@ -92,7 +93,7 @@ void *proc_monitor(void *args) {
|
||||
}
|
||||
|
||||
// Monitor am_proc_start (the command shall never end)
|
||||
p = popen("while true; do logcat -b events -c; logcat -b events -v raw -s am_proc_start; sleep 1; done", "r");
|
||||
FILE *p = popen("while true; do logcat -b events -c; logcat -b events -v raw -s am_proc_start; sleep 1; done", "r");
|
||||
|
||||
while(fgets(buffer, sizeof(buffer), p)) {
|
||||
int ret, comma = 0;
|
||||
@ -130,7 +131,7 @@ void *proc_monitor(void *args) {
|
||||
ret = 1;
|
||||
for (int i = 0; i < zygote_num; ++i) {
|
||||
if (strcmp(buffer, zygote_ns[i]) == 0) {
|
||||
usleep(500);
|
||||
usleep(50);
|
||||
ret = 0;
|
||||
break;
|
||||
}
|
||||
|
||||
@ -8,6 +8,7 @@
|
||||
#include <unistd.h>
|
||||
#include <fcntl.h>
|
||||
#include <pwd.h>
|
||||
#include <signal.h>
|
||||
#include <sys/types.h>
|
||||
#include <sys/ioctl.h>
|
||||
#include <sys/mount.h>
|
||||
@ -15,6 +16,8 @@
|
||||
#include "magisk.h"
|
||||
#include "utils.h"
|
||||
|
||||
int quit_signals[] = { SIGALRM, SIGABRT, SIGHUP, SIGPIPE, SIGQUIT, SIGTERM, SIGINT, 0 };
|
||||
|
||||
unsigned get_shell_uid() {
|
||||
struct passwd* ppwd = getpwnam("shell");
|
||||
if (NULL == ppwd)
|
||||
@ -171,7 +174,7 @@ void unlock_blocks() {
|
||||
continue;
|
||||
|
||||
if (ioctl(fd, BLKROSET, &OFF) == -1)
|
||||
PLOGE("ioctl");
|
||||
PLOGE("unlock %s", path);
|
||||
close(fd);
|
||||
}
|
||||
}
|
||||
@ -183,3 +186,17 @@ void unblock_boot_process() {
|
||||
int fd = open("/dev/.magisk.unblock", O_RDONLY | O_CREAT);
|
||||
close(fd);
|
||||
}
|
||||
|
||||
void setup_sighandlers(void (*handler)(int)) {
|
||||
struct sigaction act;
|
||||
|
||||
// Install the termination handlers
|
||||
// Note: we're assuming that none of these signal handlers are already trapped.
|
||||
// If they are, we'll need to modify this code to save the previous handler and
|
||||
// call it after we restore stdin to its previous state.
|
||||
memset(&act, 0, sizeof(act));
|
||||
act.sa_handler = handler;
|
||||
for (int i = 0; quit_signals[i]; ++i) {
|
||||
sigaction(quit_signals[i], &act, NULL);
|
||||
}
|
||||
}
|
||||
|
||||
@ -18,6 +18,8 @@
|
||||
#define UID_SYSTEM (get_system_uid())
|
||||
#define UID_RADIO (get_radio_uid())
|
||||
|
||||
extern int quit_signals[];
|
||||
|
||||
// xwrap.c
|
||||
|
||||
FILE *xfopen(const char *pathname, const char *mode);
|
||||
@ -42,12 +44,18 @@ void *xrealloc(void *ptr, size_t size);
|
||||
ssize_t xsendmsg(int sockfd, const struct msghdr *msg, int flags);
|
||||
ssize_t xrecvmsg(int sockfd, struct msghdr *msg, int flags);
|
||||
int xpthread_create(pthread_t *thread, const pthread_attr_t *attr,
|
||||
void *(*start_routine) (void *), void *arg);
|
||||
void *(*start_routine) (void *), void *arg);
|
||||
int xsocketpair(int domain, int type, int protocol, int sv[2]);
|
||||
int xstat(const char *pathname, struct stat *buf);
|
||||
int xdup2(int oldfd, int newfd);
|
||||
ssize_t xreadlink(const char *pathname, char *buf, size_t bufsiz);
|
||||
int xsymlink(const char *target, const char *linkpath);
|
||||
int xmount(const char *source, const char *target,
|
||||
const char *filesystemtype, unsigned long mountflags,
|
||||
const void *data);
|
||||
int xchmod(const char *pathname, mode_t mode);
|
||||
int xrename(const char *oldpath, const char *newpath);
|
||||
int xmkdir(const char *pathname, mode_t mode);
|
||||
|
||||
// misc.c
|
||||
|
||||
@ -63,5 +71,6 @@ void ps_filter_proc_name(const char *filter, void (*func)(int));
|
||||
int create_links(const char *bin, const char *path);
|
||||
void unlock_blocks();
|
||||
void unblock_boot_process();
|
||||
void setup_sighandlers(void (*handler)(int));
|
||||
|
||||
#endif
|
||||
|
||||
@ -17,6 +17,7 @@
|
||||
#include <sys/socket.h>
|
||||
#include <sys/types.h>
|
||||
#include <sys/stat.h>
|
||||
#include <sys/mount.h>
|
||||
#include <selinux/selinux.h>
|
||||
|
||||
#include "magisk.h"
|
||||
@ -232,6 +233,7 @@ ssize_t xreadlink(const char *pathname, char *buf, size_t bufsiz) {
|
||||
PLOGE("readlink %s", pathname);
|
||||
} else {
|
||||
buf[ret] = '\0';
|
||||
++ret;
|
||||
}
|
||||
return ret;
|
||||
}
|
||||
@ -244,4 +246,38 @@ int xsymlink(const char *target, const char *linkpath) {
|
||||
return ret;
|
||||
}
|
||||
|
||||
int xmount(const char *source, const char *target,
|
||||
const char *filesystemtype, unsigned long mountflags,
|
||||
const void *data) {
|
||||
int ret = mount(source, target, filesystemtype, mountflags, data);
|
||||
if (ret == -1) {
|
||||
PLOGE("mount %s->%s", source, target);
|
||||
}
|
||||
return ret;
|
||||
}
|
||||
|
||||
int xchmod(const char *pathname, mode_t mode) {
|
||||
int ret = chmod(pathname, mode);
|
||||
if (ret == -1) {
|
||||
PLOGE("chmod %s %u", pathname, mode);
|
||||
}
|
||||
return ret;
|
||||
}
|
||||
|
||||
int xrename(const char *oldpath, const char *newpath) {
|
||||
int ret = rename(oldpath, newpath);
|
||||
if (ret == -1) {
|
||||
PLOGE("rename %s->%s", oldpath, newpath);
|
||||
}
|
||||
return ret;
|
||||
}
|
||||
|
||||
int xmkdir(const char *pathname, mode_t mode) {
|
||||
int ret = mkdir(pathname, mode);
|
||||
if (ret == -1) {
|
||||
PLOGE("mkdir %s %u", pathname, mode);
|
||||
}
|
||||
return ret;
|
||||
}
|
||||
|
||||
|
||||
|
||||
@ -286,39 +286,36 @@ fi
|
||||
|
||||
# TODO: Magisk Image
|
||||
|
||||
# # Fix SuperSU.....
|
||||
# $BOOTMODE && $BINDIR/magiskpolicy --live "allow fsck * * *"
|
||||
# Fix SuperSU.....
|
||||
$BOOTMODE && $BINDIR/magiskpolicy --live "allow fsck * * *"
|
||||
|
||||
# if (is_mounted /data); then
|
||||
# IMG=/data/magisk.img
|
||||
# else
|
||||
# IMG=/cache/magisk.img
|
||||
# ui_print "- Data unavailable, use cache workaround"
|
||||
# fi
|
||||
if (is_mounted /data); then
|
||||
IMG=/data/magisk.img
|
||||
else
|
||||
IMG=/cache/magisk.img
|
||||
ui_print "- Data unavailable, use cache workaround"
|
||||
fi
|
||||
|
||||
# if [ -f $IMG ]; then
|
||||
# ui_print "- $IMG detected!"
|
||||
# else
|
||||
# ui_print "- Creating $IMG"
|
||||
# make_ext4fs -l 64M -a /magisk -S $COMMONDIR/file_contexts_image $IMG
|
||||
# fi
|
||||
if [ -f $IMG ]; then
|
||||
ui_print "- $IMG detected!"
|
||||
else
|
||||
ui_print "- Creating $IMG"
|
||||
make_ext4fs -l 64M -a /magisk -S $COMMONDIR/file_contexts_image $IMG
|
||||
fi
|
||||
|
||||
# mount_image $IMG /magisk
|
||||
# if (! is_mounted /magisk); then
|
||||
# ui_print "! Magisk image mount failed..."
|
||||
# exit 1
|
||||
# fi
|
||||
# MAGISKLOOP=$LOOPDEVICE
|
||||
mount_image $IMG /magisk
|
||||
if (! is_mounted /magisk); then
|
||||
ui_print "! Magisk image mount failed..."
|
||||
exit 1
|
||||
fi
|
||||
MAGISKLOOP=$LOOPDEVICE
|
||||
|
||||
# # Core folders and scripts
|
||||
# mkdir -p $COREDIR/bin $COREDIR/props $COREDIR/magiskhide $COREDIR/post-fs-data.d $COREDIR/service.d 2>/dev/null
|
||||
# cp -af $COMMONDIR/magiskhide/. $COREDIR/magiskhide
|
||||
# cp -af $BINDIR/resetprop $BINDIR/magiskhide $BINDIR/su $BINDIR/magiskpolicy $COREDIR/bin
|
||||
# # Legacy support
|
||||
# ln -sf $COREDIR/bin/resetprop $MAGISKBIN/resetprop
|
||||
# Core folders and scripts
|
||||
mkdir -p $COREDIR/bin $COREDIR/props $COREDIR/magiskhide $COREDIR/post-fs-data.d $COREDIR/service.d 2>/dev/null
|
||||
cp -af $COMMONDIR/magiskhide/. $COREDIR/magiskhide
|
||||
|
||||
# chmod -R 755 $COREDIR/bin $COREDIR/magiskhide $COREDIR/post-fs-data.d $COREDIR/service.d
|
||||
# chown -R 0.0 $COREDIR/bin $COREDIR/magiskhide $COREDIR/post-fs-data.d $COREDIR/service.d
|
||||
chmod -R 755 $COREDIR/bin $COREDIR/magiskhide $COREDIR/post-fs-data.d $COREDIR/service.d
|
||||
chown -R 0.0 $COREDIR/bin $COREDIR/magiskhide $COREDIR/post-fs-data.d $COREDIR/service.d
|
||||
|
||||
##########################################################################################
|
||||
# Unpack boot
|
||||
|
||||
@ -1,14 +1,5 @@
|
||||
#!/system/bin/sh
|
||||
|
||||
HIDELIST=/magisk/.core/magiskhide/hidelist
|
||||
PROCESS=$1
|
||||
TOOLPATH=/dev/busybox
|
||||
PROCESS="$1"
|
||||
|
||||
if [ ! -z "$PROCESS" ]; then
|
||||
if [ `grep -c "^$PROCESS$" $HIDELIST` -eq "0" ]; then
|
||||
echo "$PROCESS" >> $HIDELIST
|
||||
set --
|
||||
set `$TOOLPATH/ps -o pid,args | grep "$PROCESS" | grep -v grep` >/dev/null
|
||||
[ ! -z "$1" ] && kill "$1"
|
||||
fi
|
||||
fi
|
||||
magiskhide --add "$PROCESS"
|
||||
|
||||
@ -1,27 +1,3 @@
|
||||
#!/system/bin/sh
|
||||
|
||||
MODDIR=/magisk/.core/magiskhide
|
||||
LOGFILE=/cache/magisk.log
|
||||
TOOLPATH=/dev/busybox
|
||||
|
||||
log_print() {
|
||||
echo "MagiskHide: $1"
|
||||
echo "MagiskHide: $1" >> $LOGFILE
|
||||
log -p i -t Magisk "MagiskHide: $1"
|
||||
}
|
||||
|
||||
# Only disable when MagiskHide is started
|
||||
$TOOLPATH/ps | grep "magiskhide --daemon" | grep -v grep >/dev/null 2>&1 || exit
|
||||
|
||||
log_print "Stopping MagiskHide daemon"
|
||||
|
||||
set --
|
||||
set `$TOOLPATH/ps -o pid,args | grep "magiskhide" | grep -v grep | head -1` >/dev/null
|
||||
[ ! -z "$1" ] && kill "$1"
|
||||
|
||||
while read PROCESS; do
|
||||
log_print "Killing $PROCESS"
|
||||
set --
|
||||
set `$TOOLPATH/ps -o pid,args | grep "$PROCESS" | grep -v grep` >/dev/null
|
||||
[ ! -z "$1" ] && kill "$1"
|
||||
done < $MODDIR/hidelist
|
||||
magiskhide --disable
|
||||
|
||||
@ -1,68 +1,3 @@
|
||||
#!/system/bin/sh
|
||||
|
||||
MODDIR=/magisk/.core/magiskhide
|
||||
BINPATH=/magisk/.core/bin
|
||||
LOGFILE=/cache/magisk.log
|
||||
TOOLPATH=/dev/busybox
|
||||
|
||||
log_print() {
|
||||
echo "MagiskHide: $1"
|
||||
echo "MagiskHide: $1" >> $LOGFILE
|
||||
log -p i -t Magisk "MagiskHide: $1"
|
||||
}
|
||||
|
||||
# Only enable when isn't started
|
||||
$TOOLPATH/ps | grep "magiskhide --daemon" | grep -v grep >/dev/null 2>&1 && exit
|
||||
|
||||
if [ ! -d /sbin_orig ]; then
|
||||
log_print "Moving and re-linking /sbin binaries"
|
||||
mount -o rw,remount rootfs /
|
||||
mv -f /sbin /sbin_orig
|
||||
mkdir /sbin
|
||||
mount -o ro,remount rootfs /
|
||||
mkdir -p /dev/sbin_bind
|
||||
chmod 755 /dev/sbin_bind
|
||||
ln -s /sbin_orig/* /dev/sbin_bind
|
||||
chcon -h u:object_r:system_file:s0 /dev/sbin_bind /dev/sbin_bind/*
|
||||
mount -o bind /dev/sbin_bind /sbin
|
||||
fi
|
||||
|
||||
log_print "Removing dangerous read-only system props"
|
||||
|
||||
VERIFYBOOT=`getprop ro.boot.verifiedbootstate`
|
||||
FLASHLOCKED=`getprop ro.boot.flash.locked`
|
||||
VERITYMODE=`getprop ro.boot.veritymode`
|
||||
KNOX1=`getprop ro.boot.warranty_bit`
|
||||
KNOX2=`getprop ro.warranty_bit`
|
||||
DEBUGGABLE=`getprop ro.debuggable`
|
||||
SECURE=`getprop ro.secure`
|
||||
|
||||
[ ! -z "$VERIFYBOOT" -a "$VERIFYBOOT" != "green" ] && \
|
||||
log_print "`$BINPATH/resetprop -v -n ro.boot.verifiedbootstate green`"
|
||||
[ ! -z "$FLASHLOCKED" -a "$FLASHLOCKED" != "1" ] && \
|
||||
log_print "`$BINPATH/resetprop -v -n ro.boot.flash.locked 1`"
|
||||
[ ! -z "$VERITYMODE" -a "$VERITYMODE" != "enforcing" ] && \
|
||||
log_print "`$BINPATH/resetprop -v -n ro.boot.veritymode enforcing`"
|
||||
[ ! -z "$KNOX1" -a "$KNOX1" != "0" ] && \
|
||||
log_print "`$BINPATH/resetprop -v -n ro.boot.warranty_bit 0`"
|
||||
[ ! -z "$KNOX2" -a "$KNOX2" != "0" ] && \
|
||||
log_print "`$BINPATH/resetprop -v -n ro.warranty_bit 0`"
|
||||
[ ! -z "$DEBUGGABLE" -a "$DEBUGGABLE" != "0" ] && \
|
||||
log_print "`$BINPATH/resetprop -v -n ro.debuggable 0`"
|
||||
[ ! -z "$SECURE" -a "$SECURE" != "1" ] && \
|
||||
log_print "`$BINPATH/resetprop -v -n ro.secure 1`"
|
||||
|
||||
touch $MODDIR/hidelist
|
||||
chmod -R 755 $MODDIR
|
||||
# Add Safety Net preset
|
||||
$MODDIR/add com.google.android.gms.unstable
|
||||
|
||||
while read PROCESS; do
|
||||
log_print "Killing $PROCESS"
|
||||
set --
|
||||
set `$TOOLPATH/ps -o pid,args | grep "$PROCESS" | grep -v grep` >/dev/null
|
||||
[ ! -z "$1" ] && kill "$1"
|
||||
done < $MODDIR/hidelist
|
||||
|
||||
log_print "Starting MagiskHide daemon"
|
||||
($BINPATH/magiskhide --daemon)
|
||||
magiskhide --enable
|
||||
|
||||
@ -1,5 +1,3 @@
|
||||
#!/system/bin/sh
|
||||
|
||||
HIDELIST=/magisk/.core/magiskhide/hidelist
|
||||
|
||||
cat $HIDELIST
|
||||
magiskhide --ls
|
||||
|
||||
@ -1,14 +1,5 @@
|
||||
#!/system/bin/sh
|
||||
|
||||
HIDELIST=/magisk/.core/magiskhide/hidelist
|
||||
PROCESS=$1
|
||||
TOOLPATH=/dev/busybox
|
||||
PROCESS="$1"
|
||||
|
||||
if [ ! -z "$PROCESS" ]; then
|
||||
cp -af $HIDELIST $HIDELIST.tmp
|
||||
cat $HIDELIST.tmp | grep -v "^$PROCESS$" > $HIDELIST
|
||||
rm -f $HIDELIST.tmp
|
||||
set --
|
||||
set `$TOOLPATH/ps -o pid,args | grep "$PROCESS" | grep -v grep` >/dev/null
|
||||
[ ! -z "$1" ] && kill "$1"
|
||||
fi
|
||||
magiskhide --rm "$PROCESS"
|
||||
|
||||
Loading…
Reference in New Issue
Block a user