diff --git a/jni/Android.mk b/jni/Android.mk index 12921d7ce..9943583f2 100644 --- a/jni/Android.mk +++ b/jni/Android.mk @@ -28,6 +28,7 @@ LOCAL_SRC_FILES := \ magiskhide/magiskhide.c \ magiskhide/hide_daemon.c \ magiskhide/proc_monitor.c \ + magiskhide/pre_process.c \ magiskpolicy/magiskpolicy.c \ magiskpolicy/rules.c \ magiskpolicy/sepolicy.c \ diff --git a/jni/daemon/daemon.c b/jni/daemon/daemon.c index 7b7aa4ba7..f9cc093dd 100644 --- a/jni/daemon/daemon.c +++ b/jni/daemon/daemon.c @@ -83,7 +83,6 @@ static int setup_socket(struct sockaddr_un *sun) { return fd; } - static void do_nothing() {} static void *large_sepol_patch(void *args) { @@ -142,10 +141,10 @@ void start_daemon() { unlock_blocks(); // Setup links under /sbin - mount(NULL, "/", NULL, MS_REMOUNT, NULL); + xmount(NULL, "/", NULL, MS_REMOUNT, NULL); create_links(NULL, "/sbin"); chmod("/sbin", 0755); - mount(NULL, "/", NULL, MS_REMOUNT | MS_RDONLY, NULL); + xmount(NULL, "/", NULL, MS_REMOUNT | MS_RDONLY, NULL); // Loop forever to listen to requests while(1) { @@ -157,14 +156,16 @@ void start_daemon() { int connect_daemon() { struct sockaddr_un sun; int fd = setup_socket(&sun); + // LOGD("client: trying to connect socket\n"); if (connect(fd, (struct sockaddr*) &sun, sizeof(sun))) { /* If we cannot access the daemon, we start the daemon * since there is no clear entry point when the daemon should be started */ + LOGD("client: connect fail, try launching new daemon process\n"); start_daemon(); do { // Wait for 10ms - usleep(10000); + usleep(10); } while (connect(fd, (struct sockaddr*) &sun, sizeof(sun))); } return fd; diff --git a/jni/daemon/late_start.c b/jni/daemon/late_start.c index 2d964e8a6..e7ce857af 100644 --- a/jni/daemon/late_start.c +++ b/jni/daemon/late_start.c @@ -4,9 +4,11 @@ #include #include +#include "magisk.h" #include "daemon.h" void late_start(int client) { + LOGI("** late_start service mode running\n"); // ack write_int(client, 0); // TODO: Do something diff --git a/jni/daemon/log_monitor.c b/jni/daemon/log_monitor.c index 1542839a4..1580e3fd1 100644 --- a/jni/daemon/log_monitor.c +++ b/jni/daemon/log_monitor.c @@ -15,14 +15,13 @@ static void *logger_thread(void *args) { char buffer[PATH_MAX]; - // rename("/cache/magisk.log", "/cache/last_magisk.log"); - // FILE *logfile = xfopen("/cache/magisk_test.log", "w"); + xrename("/cache/magisk.log", "/cache/last_magisk.log"); FILE *logfile = xfopen("/cache/magisk.log", "w"); // Disable buffering setbuf(logfile, NULL); // Start logcat - FILE *p = popen("logcat -s Magisk", "r"); - while (fgets(buffer, sizeof(buffer), p)) { + FILE *log_monitor = popen("logcat -s Magisk -v time", "r"); + while (fgets(buffer, sizeof(buffer), log_monitor)) { fprintf(logfile, "%s", buffer); } return NULL; @@ -30,6 +29,6 @@ static void *logger_thread(void *args) { /* Start a new thread to monitor logcat and dump to logfile */ void monitor_logs() { - pthread_t log_monitor; - pthread_create(&log_monitor, NULL, logger_thread, NULL); -} \ No newline at end of file + pthread_t log_monitor_thread; + pthread_create(&log_monitor_thread, NULL, logger_thread, NULL); +} diff --git a/jni/daemon/post_fs.c b/jni/daemon/post_fs.c index 576428a92..8b18cf35a 100644 --- a/jni/daemon/post_fs.c +++ b/jni/daemon/post_fs.c @@ -3,10 +3,12 @@ #include +#include "magisk.h" #include "utils.h" #include "daemon.h" void post_fs(int client) { + LOGI("** post-fs mode running\n"); // ack write_int(client, 0); // TODO: Do something diff --git a/jni/daemon/post_fs_data.c b/jni/daemon/post_fs_data.c index a35899ea2..2d307f6e9 100644 --- a/jni/daemon/post_fs_data.c +++ b/jni/daemon/post_fs_data.c @@ -1,15 +1,68 @@ /* post_fs_data.c - post-fs-data actions */ +#include +#include #include +#include +#include +#include +#include +#include +#include "magisk.h" #include "utils.h" #include "daemon.h" +#include "resetprop.h" + +static char *loopsetup(const char *img) { + char device[20]; + struct loop_info64 info; + int i, lfd, ffd; + // First get an empty loop device + for (i = 0; i <= 7; ++i) { + sprintf(device, "/dev/block/loop%d", i); + lfd = xopen(device, O_RDWR); + if (ioctl(lfd, LOOP_GET_STATUS64, &info) == -1) + break; + close(lfd); + } + if (i == 8) return NULL; + ffd = xopen(img, O_RDWR); + if (ioctl(lfd, LOOP_SET_FD, ffd) == -1) + return NULL; + return strdup(device); +} + +char *mount_image(const char *img, const char *target) { + char *device = loopsetup(img); + if (device) + mount(device, target, "ext4", 0, NULL); + return device; +} void post_fs_data(int client) { // ack write_int(client, 0); - // TODO: Do something close(client); + if (!check_data()) + goto unblock; + + LOGI("** post-fs-data mode running\n"); + LOGI("* Mounting magisk.img\n"); + // Mounting magisk image + char *magiskimg = mount_image("/data/magisk.img", "/magisk"); + free(magiskimg); + + // Start magiskhide if enabled + char *hide_prop = getprop("persist.magisk.hide"); + if (hide_prop) { + if (strcmp(hide_prop, "1") == 0) + launch_magiskhide(-1); + free(hide_prop); + } + +unblock: unblock_boot_process(); + return; } diff --git a/jni/daemon/socket_trans.c b/jni/daemon/socket_trans.c index 3b0224ec5..f057d64f3 100644 --- a/jni/daemon/socket_trans.c +++ b/jni/daemon/socket_trans.c @@ -124,6 +124,7 @@ int read_int(int fd) { } void write_int(int fd, int val) { + if (fd < 0) return; xwrite(fd, &val, sizeof(int)); } @@ -140,6 +141,7 @@ char* read_string(int fd) { } void write_string(int fd, const char* val) { + if (fd < 0) return; int len = strlen(val); write_int(fd, len); xwrite(fd, val, len); diff --git a/jni/magiskhide/hide_daemon.c b/jni/magiskhide/hide_daemon.c index 06ad4d6c5..35d952311 100644 --- a/jni/magiskhide/hide_daemon.c +++ b/jni/magiskhide/hide_daemon.c @@ -18,23 +18,7 @@ #include "utils.h" #include "magiskhide.h" -static int isMocked = 0, pid; - -static void manage_selinux() { - if (isMocked) return; - char val[1]; - int fd = xopen(ENFORCE_FILE, O_RDONLY); - xxread(fd, val, 1); - close(fd); - // Permissive - if (val[0] == '0') { - LOGI("hide_daemon: Permissive detected, hide the state\n"); - - chmod(ENFORCE_FILE, 0640); - chmod(POLICY_FILE, 0440); - isMocked = 1; - } -} +static int pid; static void lazy_unmount(const char* mountpoint) { if (umount2(mountpoint, MNT_DETACH) != -1) @@ -87,6 +71,9 @@ int hide_daemon() { _exit(0); } + manage_selinux(); + relink_sbin(); + snprintf(buffer, sizeof(buffer), "/proc/%d/ns/mnt", pid); if(access(buffer, F_OK) == -1) continue; // Maybe process died.. @@ -95,8 +82,6 @@ int hide_daemon() { xsetns(fd, 0); close(fd); - manage_selinux(); - snprintf(buffer, sizeof(buffer), "/proc/%d/mounts", pid); fp = xfopen(buffer, "r"); vec_init(&mount_list); diff --git a/jni/magiskhide/magiskhide.c b/jni/magiskhide/magiskhide.c index d533c30c3..dc179ca96 100644 --- a/jni/magiskhide/magiskhide.c +++ b/jni/magiskhide/magiskhide.c @@ -52,6 +52,8 @@ void launch_magiskhide(int client) { LOGI("* Starting MagiskHide\n"); + hide_sensitive_props(); + if (socketpair(AF_LOCAL, SOCK_STREAM, 0, sv) == -1) goto error; @@ -94,6 +96,7 @@ error: write(sv[0], &kill, sizeof(kill)); close(sv[0]); waitpid(hide_pid, NULL, 0); + hide_pid = -1; } return; } diff --git a/jni/magiskhide/magiskhide.h b/jni/magiskhide/magiskhide.h index 740d28ee7..e955e34c0 100644 --- a/jni/magiskhide/magiskhide.h +++ b/jni/magiskhide/magiskhide.h @@ -15,6 +15,11 @@ int hide_daemon(); // Process monitor void *proc_monitor(void *args); +// Preprocess +void manage_selinux(); +void hide_sensitive_props(); +void relink_sbin(); + extern int sv[2], hide_pid, isEnabled; extern struct vector *hide_list, *new_list; diff --git a/jni/magiskhide/pre_process.c b/jni/magiskhide/pre_process.c new file mode 100644 index 000000000..20a48a058 --- /dev/null +++ b/jni/magiskhide/pre_process.c @@ -0,0 +1,91 @@ +/* pre_process.c - Some pre-processes for MagiskHide to hide properly + */ + +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include + +#include "magisk.h" +#include "utils.h" +#include "resetprop.h" +#include "magiskhide.h" + +static char *prop_key[] = + { "ro.boot.verifiedbootstate", "ro.boot.flash.locked", "ro.boot.veritymode", "ro.boot.warranty_bit", "ro.warranty_bit", + "ro.debuggable", "ro.secure", NULL }; + +static char *prop_value[] = + { "green", "1", "enforcing", "0", "0", "0", "1", NULL }; + +static int isMocked = 0; + +void manage_selinux() { + if (isMocked) return; + char val[1]; + int fd = xopen(ENFORCE_FILE, O_RDONLY); + xxread(fd, val, 1); + close(fd); + // Permissive + if (val[0] == '0') { + LOGI("hide_daemon: Permissive detected, hide the state\n"); + + chmod(ENFORCE_FILE, 0640); + chmod(POLICY_FILE, 0440); + isMocked = 1; + } +} + +void hide_sensitive_props() { + LOGI("hide_pre_proc: Hiding sensitive props\n"); + + // Hide all sensitive props + init_resetprop(); + char *value; + for (int i = 0; prop_key[i]; ++i) { + value = getprop(prop_key[i]); + if (value) { + if (strcmp(value, prop_value[i]) != 0) + setprop2(prop_key[i], prop_value[i], 0); + free(value); + } + } +} + +void relink_sbin() { + struct stat st; + if (stat("/sbin_orig", &st) == -1 && errno == ENOENT) { + // Re-link all binaries and bind mount + DIR *dir; + struct dirent *entry; + char from[PATH_MAX], to[PATH_MAX]; + + LOGI("hide_pre_proc: Re-linking /sbin\n"); + + xmount(NULL, "/", NULL, MS_REMOUNT, NULL); + xrename("/sbin", "/sbin_orig"); + xmkdir("/sbin", 0755); + xchmod("/sbin", 0755); + xmount(NULL, "/", NULL, MS_REMOUNT | MS_RDONLY, NULL); + xmkdir("/dev/sbin_bind", 0755); + xchmod("/dev/sbin_bind", 0755); + dir = xopendir("/sbin_orig"); + + while ((entry = xreaddir(dir))) { + snprintf(from, sizeof(from), "%s/%s", "/sbin_orig", entry->d_name); + snprintf(to, sizeof(to), "%s/%s", "/dev/sbin_bind", entry->d_name); + symlink(from, to); + lsetfilecon(to, "u:object_r:system_file:s0"); + } + + closedir(dir); + + xmount("/dev/sbin_bind", "/sbin", NULL, MS_BIND, NULL); + } +} diff --git a/jni/magiskhide/proc_monitor.c b/jni/magiskhide/proc_monitor.c index b0442beed..1a1c1f25b 100644 --- a/jni/magiskhide/proc_monitor.c +++ b/jni/magiskhide/proc_monitor.c @@ -19,13 +19,11 @@ static int zygote_num = 0; static char init_ns[32], zygote_ns[2][32]; -static FILE *p; static void read_namespace(const int pid, char* target, const size_t size) { char path[32]; snprintf(path, sizeof(path), "/proc/%d/ns/mnt", pid); - ssize_t len = readlink(path, target, size); - target[len] = '\0'; + xreadlink(path, target, size); } // Workaround for the lack of pthread_cancel @@ -44,7 +42,6 @@ static void quit_pthread(int sig) { hide_list = new_list = NULL; isEnabled = 0; LOGD("proc_monitor: terminating...\n"); - pclose(p); pthread_exit(NULL); } @@ -80,7 +77,11 @@ void *proc_monitor(void *args) { LOGI("proc_monitor: init ns=%s\n", init_ns); // Get the mount namespace of zygote - ps_filter_proc_name("zygote", store_zygote_ns); + while(!zygote_num) { + // Check zygote every 2 secs + sleep(2); + ps_filter_proc_name("zygote", store_zygote_ns); + } switch(zygote_num) { case 1: @@ -92,7 +93,7 @@ void *proc_monitor(void *args) { } // Monitor am_proc_start (the command shall never end) - p = popen("while true; do logcat -b events -c; logcat -b events -v raw -s am_proc_start; sleep 1; done", "r"); + FILE *p = popen("while true; do logcat -b events -c; logcat -b events -v raw -s am_proc_start; sleep 1; done", "r"); while(fgets(buffer, sizeof(buffer), p)) { int ret, comma = 0; @@ -130,7 +131,7 @@ void *proc_monitor(void *args) { ret = 1; for (int i = 0; i < zygote_num; ++i) { if (strcmp(buffer, zygote_ns[i]) == 0) { - usleep(500); + usleep(50); ret = 0; break; } diff --git a/jni/utils/misc.c b/jni/utils/misc.c index a77016e47..479486a41 100644 --- a/jni/utils/misc.c +++ b/jni/utils/misc.c @@ -8,6 +8,7 @@ #include #include #include +#include #include #include #include @@ -15,6 +16,8 @@ #include "magisk.h" #include "utils.h" +int quit_signals[] = { SIGALRM, SIGABRT, SIGHUP, SIGPIPE, SIGQUIT, SIGTERM, SIGINT, 0 }; + unsigned get_shell_uid() { struct passwd* ppwd = getpwnam("shell"); if (NULL == ppwd) @@ -171,7 +174,7 @@ void unlock_blocks() { continue; if (ioctl(fd, BLKROSET, &OFF) == -1) - PLOGE("ioctl"); + PLOGE("unlock %s", path); close(fd); } } @@ -183,3 +186,17 @@ void unblock_boot_process() { int fd = open("/dev/.magisk.unblock", O_RDONLY | O_CREAT); close(fd); } + +void setup_sighandlers(void (*handler)(int)) { + struct sigaction act; + + // Install the termination handlers + // Note: we're assuming that none of these signal handlers are already trapped. + // If they are, we'll need to modify this code to save the previous handler and + // call it after we restore stdin to its previous state. + memset(&act, 0, sizeof(act)); + act.sa_handler = handler; + for (int i = 0; quit_signals[i]; ++i) { + sigaction(quit_signals[i], &act, NULL); + } +} diff --git a/jni/utils/utils.h b/jni/utils/utils.h index 672121e19..889972a71 100644 --- a/jni/utils/utils.h +++ b/jni/utils/utils.h @@ -18,6 +18,8 @@ #define UID_SYSTEM (get_system_uid()) #define UID_RADIO (get_radio_uid()) +extern int quit_signals[]; + // xwrap.c FILE *xfopen(const char *pathname, const char *mode); @@ -42,12 +44,18 @@ void *xrealloc(void *ptr, size_t size); ssize_t xsendmsg(int sockfd, const struct msghdr *msg, int flags); ssize_t xrecvmsg(int sockfd, struct msghdr *msg, int flags); int xpthread_create(pthread_t *thread, const pthread_attr_t *attr, - void *(*start_routine) (void *), void *arg); + void *(*start_routine) (void *), void *arg); int xsocketpair(int domain, int type, int protocol, int sv[2]); int xstat(const char *pathname, struct stat *buf); int xdup2(int oldfd, int newfd); ssize_t xreadlink(const char *pathname, char *buf, size_t bufsiz); int xsymlink(const char *target, const char *linkpath); +int xmount(const char *source, const char *target, + const char *filesystemtype, unsigned long mountflags, + const void *data); +int xchmod(const char *pathname, mode_t mode); +int xrename(const char *oldpath, const char *newpath); +int xmkdir(const char *pathname, mode_t mode); // misc.c @@ -63,5 +71,6 @@ void ps_filter_proc_name(const char *filter, void (*func)(int)); int create_links(const char *bin, const char *path); void unlock_blocks(); void unblock_boot_process(); +void setup_sighandlers(void (*handler)(int)); #endif diff --git a/jni/utils/xwrap.c b/jni/utils/xwrap.c index eb92cd660..7d022781e 100644 --- a/jni/utils/xwrap.c +++ b/jni/utils/xwrap.c @@ -17,6 +17,7 @@ #include #include #include +#include #include #include "magisk.h" @@ -232,6 +233,7 @@ ssize_t xreadlink(const char *pathname, char *buf, size_t bufsiz) { PLOGE("readlink %s", pathname); } else { buf[ret] = '\0'; + ++ret; } return ret; } @@ -244,4 +246,38 @@ int xsymlink(const char *target, const char *linkpath) { return ret; } +int xmount(const char *source, const char *target, + const char *filesystemtype, unsigned long mountflags, + const void *data) { + int ret = mount(source, target, filesystemtype, mountflags, data); + if (ret == -1) { + PLOGE("mount %s->%s", source, target); + } + return ret; +} + +int xchmod(const char *pathname, mode_t mode) { + int ret = chmod(pathname, mode); + if (ret == -1) { + PLOGE("chmod %s %u", pathname, mode); + } + return ret; +} + +int xrename(const char *oldpath, const char *newpath) { + int ret = rename(oldpath, newpath); + if (ret == -1) { + PLOGE("rename %s->%s", oldpath, newpath); + } + return ret; +} + +int xmkdir(const char *pathname, mode_t mode) { + int ret = mkdir(pathname, mode); + if (ret == -1) { + PLOGE("mkdir %s %u", pathname, mode); + } + return ret; +} + diff --git a/scripts/flash_script.sh b/scripts/flash_script.sh index b3d8796d7..292cc7531 100644 --- a/scripts/flash_script.sh +++ b/scripts/flash_script.sh @@ -286,39 +286,36 @@ fi # TODO: Magisk Image -# # Fix SuperSU..... -# $BOOTMODE && $BINDIR/magiskpolicy --live "allow fsck * * *" +# Fix SuperSU..... +$BOOTMODE && $BINDIR/magiskpolicy --live "allow fsck * * *" -# if (is_mounted /data); then -# IMG=/data/magisk.img -# else -# IMG=/cache/magisk.img -# ui_print "- Data unavailable, use cache workaround" -# fi +if (is_mounted /data); then + IMG=/data/magisk.img +else + IMG=/cache/magisk.img + ui_print "- Data unavailable, use cache workaround" +fi -# if [ -f $IMG ]; then -# ui_print "- $IMG detected!" -# else -# ui_print "- Creating $IMG" -# make_ext4fs -l 64M -a /magisk -S $COMMONDIR/file_contexts_image $IMG -# fi +if [ -f $IMG ]; then + ui_print "- $IMG detected!" +else + ui_print "- Creating $IMG" + make_ext4fs -l 64M -a /magisk -S $COMMONDIR/file_contexts_image $IMG +fi -# mount_image $IMG /magisk -# if (! is_mounted /magisk); then -# ui_print "! Magisk image mount failed..." -# exit 1 -# fi -# MAGISKLOOP=$LOOPDEVICE +mount_image $IMG /magisk +if (! is_mounted /magisk); then + ui_print "! Magisk image mount failed..." + exit 1 +fi +MAGISKLOOP=$LOOPDEVICE -# # Core folders and scripts -# mkdir -p $COREDIR/bin $COREDIR/props $COREDIR/magiskhide $COREDIR/post-fs-data.d $COREDIR/service.d 2>/dev/null -# cp -af $COMMONDIR/magiskhide/. $COREDIR/magiskhide -# cp -af $BINDIR/resetprop $BINDIR/magiskhide $BINDIR/su $BINDIR/magiskpolicy $COREDIR/bin -# # Legacy support -# ln -sf $COREDIR/bin/resetprop $MAGISKBIN/resetprop +# Core folders and scripts +mkdir -p $COREDIR/bin $COREDIR/props $COREDIR/magiskhide $COREDIR/post-fs-data.d $COREDIR/service.d 2>/dev/null +cp -af $COMMONDIR/magiskhide/. $COREDIR/magiskhide -# chmod -R 755 $COREDIR/bin $COREDIR/magiskhide $COREDIR/post-fs-data.d $COREDIR/service.d -# chown -R 0.0 $COREDIR/bin $COREDIR/magiskhide $COREDIR/post-fs-data.d $COREDIR/service.d +chmod -R 755 $COREDIR/bin $COREDIR/magiskhide $COREDIR/post-fs-data.d $COREDIR/service.d +chown -R 0.0 $COREDIR/bin $COREDIR/magiskhide $COREDIR/post-fs-data.d $COREDIR/service.d ########################################################################################## # Unpack boot diff --git a/zip_static/common/magiskhide/add b/zip_static/common/magiskhide/add index c723bc65c..ac8aba2c6 100644 --- a/zip_static/common/magiskhide/add +++ b/zip_static/common/magiskhide/add @@ -1,14 +1,5 @@ #!/system/bin/sh -HIDELIST=/magisk/.core/magiskhide/hidelist -PROCESS=$1 -TOOLPATH=/dev/busybox +PROCESS="$1" -if [ ! -z "$PROCESS" ]; then - if [ `grep -c "^$PROCESS$" $HIDELIST` -eq "0" ]; then - echo "$PROCESS" >> $HIDELIST - set -- - set `$TOOLPATH/ps -o pid,args | grep "$PROCESS" | grep -v grep` >/dev/null - [ ! -z "$1" ] && kill "$1" - fi -fi +magiskhide --add "$PROCESS" diff --git a/zip_static/common/magiskhide/disable b/zip_static/common/magiskhide/disable index 15fab83ee..6fc99de5d 100644 --- a/zip_static/common/magiskhide/disable +++ b/zip_static/common/magiskhide/disable @@ -1,27 +1,3 @@ #!/system/bin/sh -MODDIR=/magisk/.core/magiskhide -LOGFILE=/cache/magisk.log -TOOLPATH=/dev/busybox - -log_print() { - echo "MagiskHide: $1" - echo "MagiskHide: $1" >> $LOGFILE - log -p i -t Magisk "MagiskHide: $1" -} - -# Only disable when MagiskHide is started -$TOOLPATH/ps | grep "magiskhide --daemon" | grep -v grep >/dev/null 2>&1 || exit - -log_print "Stopping MagiskHide daemon" - -set -- -set `$TOOLPATH/ps -o pid,args | grep "magiskhide" | grep -v grep | head -1` >/dev/null -[ ! -z "$1" ] && kill "$1" - -while read PROCESS; do - log_print "Killing $PROCESS" - set -- - set `$TOOLPATH/ps -o pid,args | grep "$PROCESS" | grep -v grep` >/dev/null - [ ! -z "$1" ] && kill "$1" -done < $MODDIR/hidelist +magiskhide --disable diff --git a/zip_static/common/magiskhide/enable b/zip_static/common/magiskhide/enable index 521503996..7be029197 100644 --- a/zip_static/common/magiskhide/enable +++ b/zip_static/common/magiskhide/enable @@ -1,68 +1,3 @@ #!/system/bin/sh -MODDIR=/magisk/.core/magiskhide -BINPATH=/magisk/.core/bin -LOGFILE=/cache/magisk.log -TOOLPATH=/dev/busybox - -log_print() { - echo "MagiskHide: $1" - echo "MagiskHide: $1" >> $LOGFILE - log -p i -t Magisk "MagiskHide: $1" -} - -# Only enable when isn't started -$TOOLPATH/ps | grep "magiskhide --daemon" | grep -v grep >/dev/null 2>&1 && exit - -if [ ! -d /sbin_orig ]; then - log_print "Moving and re-linking /sbin binaries" - mount -o rw,remount rootfs / - mv -f /sbin /sbin_orig - mkdir /sbin - mount -o ro,remount rootfs / - mkdir -p /dev/sbin_bind - chmod 755 /dev/sbin_bind - ln -s /sbin_orig/* /dev/sbin_bind - chcon -h u:object_r:system_file:s0 /dev/sbin_bind /dev/sbin_bind/* - mount -o bind /dev/sbin_bind /sbin -fi - -log_print "Removing dangerous read-only system props" - -VERIFYBOOT=`getprop ro.boot.verifiedbootstate` -FLASHLOCKED=`getprop ro.boot.flash.locked` -VERITYMODE=`getprop ro.boot.veritymode` -KNOX1=`getprop ro.boot.warranty_bit` -KNOX2=`getprop ro.warranty_bit` -DEBUGGABLE=`getprop ro.debuggable` -SECURE=`getprop ro.secure` - -[ ! -z "$VERIFYBOOT" -a "$VERIFYBOOT" != "green" ] && \ -log_print "`$BINPATH/resetprop -v -n ro.boot.verifiedbootstate green`" -[ ! -z "$FLASHLOCKED" -a "$FLASHLOCKED" != "1" ] && \ -log_print "`$BINPATH/resetprop -v -n ro.boot.flash.locked 1`" -[ ! -z "$VERITYMODE" -a "$VERITYMODE" != "enforcing" ] && \ -log_print "`$BINPATH/resetprop -v -n ro.boot.veritymode enforcing`" -[ ! -z "$KNOX1" -a "$KNOX1" != "0" ] && \ -log_print "`$BINPATH/resetprop -v -n ro.boot.warranty_bit 0`" -[ ! -z "$KNOX2" -a "$KNOX2" != "0" ] && \ -log_print "`$BINPATH/resetprop -v -n ro.warranty_bit 0`" -[ ! -z "$DEBUGGABLE" -a "$DEBUGGABLE" != "0" ] && \ -log_print "`$BINPATH/resetprop -v -n ro.debuggable 0`" -[ ! -z "$SECURE" -a "$SECURE" != "1" ] && \ -log_print "`$BINPATH/resetprop -v -n ro.secure 1`" - -touch $MODDIR/hidelist -chmod -R 755 $MODDIR -# Add Safety Net preset -$MODDIR/add com.google.android.gms.unstable - -while read PROCESS; do - log_print "Killing $PROCESS" - set -- - set `$TOOLPATH/ps -o pid,args | grep "$PROCESS" | grep -v grep` >/dev/null - [ ! -z "$1" ] && kill "$1" -done < $MODDIR/hidelist - -log_print "Starting MagiskHide daemon" -($BINPATH/magiskhide --daemon) +magiskhide --enable diff --git a/zip_static/common/magiskhide/list b/zip_static/common/magiskhide/list index a1dcbb7c2..b73256443 100644 --- a/zip_static/common/magiskhide/list +++ b/zip_static/common/magiskhide/list @@ -1,5 +1,3 @@ #!/system/bin/sh -HIDELIST=/magisk/.core/magiskhide/hidelist - -cat $HIDELIST +magiskhide --ls diff --git a/zip_static/common/magiskhide/rm b/zip_static/common/magiskhide/rm index ba5c7c749..35f8ae3d5 100644 --- a/zip_static/common/magiskhide/rm +++ b/zip_static/common/magiskhide/rm @@ -1,14 +1,5 @@ #!/system/bin/sh -HIDELIST=/magisk/.core/magiskhide/hidelist -PROCESS=$1 -TOOLPATH=/dev/busybox +PROCESS="$1" -if [ ! -z "$PROCESS" ]; then - cp -af $HIDELIST $HIDELIST.tmp - cat $HIDELIST.tmp | grep -v "^$PROCESS$" > $HIDELIST - rm -f $HIDELIST.tmp - set -- - set `$TOOLPATH/ps -o pid,args | grep "$PROCESS" | grep -v grep` >/dev/null - [ ! -z "$1" ] && kill "$1" -fi +magiskhide --rm "$PROCESS"