Auto start magiskhide
This commit is contained in:
parent
d9c3a3c9a9
commit
08527dde9b
@ -28,6 +28,7 @@ LOCAL_SRC_FILES := \
|
|||||||
magiskhide/magiskhide.c \
|
magiskhide/magiskhide.c \
|
||||||
magiskhide/hide_daemon.c \
|
magiskhide/hide_daemon.c \
|
||||||
magiskhide/proc_monitor.c \
|
magiskhide/proc_monitor.c \
|
||||||
|
magiskhide/pre_process.c \
|
||||||
magiskpolicy/magiskpolicy.c \
|
magiskpolicy/magiskpolicy.c \
|
||||||
magiskpolicy/rules.c \
|
magiskpolicy/rules.c \
|
||||||
magiskpolicy/sepolicy.c \
|
magiskpolicy/sepolicy.c \
|
||||||
|
@ -83,7 +83,6 @@ static int setup_socket(struct sockaddr_un *sun) {
|
|||||||
return fd;
|
return fd;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
static void do_nothing() {}
|
static void do_nothing() {}
|
||||||
|
|
||||||
static void *large_sepol_patch(void *args) {
|
static void *large_sepol_patch(void *args) {
|
||||||
@ -142,10 +141,10 @@ void start_daemon() {
|
|||||||
unlock_blocks();
|
unlock_blocks();
|
||||||
|
|
||||||
// Setup links under /sbin
|
// Setup links under /sbin
|
||||||
mount(NULL, "/", NULL, MS_REMOUNT, NULL);
|
xmount(NULL, "/", NULL, MS_REMOUNT, NULL);
|
||||||
create_links(NULL, "/sbin");
|
create_links(NULL, "/sbin");
|
||||||
chmod("/sbin", 0755);
|
chmod("/sbin", 0755);
|
||||||
mount(NULL, "/", NULL, MS_REMOUNT | MS_RDONLY, NULL);
|
xmount(NULL, "/", NULL, MS_REMOUNT | MS_RDONLY, NULL);
|
||||||
|
|
||||||
// Loop forever to listen to requests
|
// Loop forever to listen to requests
|
||||||
while(1) {
|
while(1) {
|
||||||
@ -157,14 +156,16 @@ void start_daemon() {
|
|||||||
int connect_daemon() {
|
int connect_daemon() {
|
||||||
struct sockaddr_un sun;
|
struct sockaddr_un sun;
|
||||||
int fd = setup_socket(&sun);
|
int fd = setup_socket(&sun);
|
||||||
|
// LOGD("client: trying to connect socket\n");
|
||||||
if (connect(fd, (struct sockaddr*) &sun, sizeof(sun))) {
|
if (connect(fd, (struct sockaddr*) &sun, sizeof(sun))) {
|
||||||
/* If we cannot access the daemon, we start the daemon
|
/* If we cannot access the daemon, we start the daemon
|
||||||
* since there is no clear entry point when the daemon should be started
|
* since there is no clear entry point when the daemon should be started
|
||||||
*/
|
*/
|
||||||
|
LOGD("client: connect fail, try launching new daemon process\n");
|
||||||
start_daemon();
|
start_daemon();
|
||||||
do {
|
do {
|
||||||
// Wait for 10ms
|
// Wait for 10ms
|
||||||
usleep(10000);
|
usleep(10);
|
||||||
} while (connect(fd, (struct sockaddr*) &sun, sizeof(sun)));
|
} while (connect(fd, (struct sockaddr*) &sun, sizeof(sun)));
|
||||||
}
|
}
|
||||||
return fd;
|
return fd;
|
||||||
|
@ -4,9 +4,11 @@
|
|||||||
#include <unistd.h>
|
#include <unistd.h>
|
||||||
#include <pthread.h>
|
#include <pthread.h>
|
||||||
|
|
||||||
|
#include "magisk.h"
|
||||||
#include "daemon.h"
|
#include "daemon.h"
|
||||||
|
|
||||||
void late_start(int client) {
|
void late_start(int client) {
|
||||||
|
LOGI("** late_start service mode running\n");
|
||||||
// ack
|
// ack
|
||||||
write_int(client, 0);
|
write_int(client, 0);
|
||||||
// TODO: Do something
|
// TODO: Do something
|
||||||
|
@ -15,14 +15,13 @@
|
|||||||
|
|
||||||
static void *logger_thread(void *args) {
|
static void *logger_thread(void *args) {
|
||||||
char buffer[PATH_MAX];
|
char buffer[PATH_MAX];
|
||||||
// rename("/cache/magisk.log", "/cache/last_magisk.log");
|
xrename("/cache/magisk.log", "/cache/last_magisk.log");
|
||||||
// FILE *logfile = xfopen("/cache/magisk_test.log", "w");
|
|
||||||
FILE *logfile = xfopen("/cache/magisk.log", "w");
|
FILE *logfile = xfopen("/cache/magisk.log", "w");
|
||||||
// Disable buffering
|
// Disable buffering
|
||||||
setbuf(logfile, NULL);
|
setbuf(logfile, NULL);
|
||||||
// Start logcat
|
// Start logcat
|
||||||
FILE *p = popen("logcat -s Magisk", "r");
|
FILE *log_monitor = popen("logcat -s Magisk -v time", "r");
|
||||||
while (fgets(buffer, sizeof(buffer), p)) {
|
while (fgets(buffer, sizeof(buffer), log_monitor)) {
|
||||||
fprintf(logfile, "%s", buffer);
|
fprintf(logfile, "%s", buffer);
|
||||||
}
|
}
|
||||||
return NULL;
|
return NULL;
|
||||||
@ -30,6 +29,6 @@ static void *logger_thread(void *args) {
|
|||||||
|
|
||||||
/* Start a new thread to monitor logcat and dump to logfile */
|
/* Start a new thread to monitor logcat and dump to logfile */
|
||||||
void monitor_logs() {
|
void monitor_logs() {
|
||||||
pthread_t log_monitor;
|
pthread_t log_monitor_thread;
|
||||||
pthread_create(&log_monitor, NULL, logger_thread, NULL);
|
pthread_create(&log_monitor_thread, NULL, logger_thread, NULL);
|
||||||
}
|
}
|
@ -3,10 +3,12 @@
|
|||||||
|
|
||||||
#include <unistd.h>
|
#include <unistd.h>
|
||||||
|
|
||||||
|
#include "magisk.h"
|
||||||
#include "utils.h"
|
#include "utils.h"
|
||||||
#include "daemon.h"
|
#include "daemon.h"
|
||||||
|
|
||||||
void post_fs(int client) {
|
void post_fs(int client) {
|
||||||
|
LOGI("** post-fs mode running\n");
|
||||||
// ack
|
// ack
|
||||||
write_int(client, 0);
|
write_int(client, 0);
|
||||||
// TODO: Do something
|
// TODO: Do something
|
||||||
|
@ -1,15 +1,68 @@
|
|||||||
/* post_fs_data.c - post-fs-data actions
|
/* post_fs_data.c - post-fs-data actions
|
||||||
*/
|
*/
|
||||||
|
|
||||||
|
#include <stdlib.h>
|
||||||
|
#include <stdio.h>
|
||||||
#include <unistd.h>
|
#include <unistd.h>
|
||||||
|
#include <fcntl.h>
|
||||||
|
#include <string.h>
|
||||||
|
#include <linux/loop.h>
|
||||||
|
#include <sys/ioctl.h>
|
||||||
|
#include <sys/mount.h>
|
||||||
|
|
||||||
|
#include "magisk.h"
|
||||||
#include "utils.h"
|
#include "utils.h"
|
||||||
#include "daemon.h"
|
#include "daemon.h"
|
||||||
|
#include "resetprop.h"
|
||||||
|
|
||||||
|
static char *loopsetup(const char *img) {
|
||||||
|
char device[20];
|
||||||
|
struct loop_info64 info;
|
||||||
|
int i, lfd, ffd;
|
||||||
|
// First get an empty loop device
|
||||||
|
for (i = 0; i <= 7; ++i) {
|
||||||
|
sprintf(device, "/dev/block/loop%d", i);
|
||||||
|
lfd = xopen(device, O_RDWR);
|
||||||
|
if (ioctl(lfd, LOOP_GET_STATUS64, &info) == -1)
|
||||||
|
break;
|
||||||
|
close(lfd);
|
||||||
|
}
|
||||||
|
if (i == 8) return NULL;
|
||||||
|
ffd = xopen(img, O_RDWR);
|
||||||
|
if (ioctl(lfd, LOOP_SET_FD, ffd) == -1)
|
||||||
|
return NULL;
|
||||||
|
return strdup(device);
|
||||||
|
}
|
||||||
|
|
||||||
|
char *mount_image(const char *img, const char *target) {
|
||||||
|
char *device = loopsetup(img);
|
||||||
|
if (device)
|
||||||
|
mount(device, target, "ext4", 0, NULL);
|
||||||
|
return device;
|
||||||
|
}
|
||||||
|
|
||||||
void post_fs_data(int client) {
|
void post_fs_data(int client) {
|
||||||
// ack
|
// ack
|
||||||
write_int(client, 0);
|
write_int(client, 0);
|
||||||
// TODO: Do something
|
|
||||||
close(client);
|
close(client);
|
||||||
|
if (!check_data())
|
||||||
|
goto unblock;
|
||||||
|
|
||||||
|
LOGI("** post-fs-data mode running\n");
|
||||||
|
LOGI("* Mounting magisk.img\n");
|
||||||
|
// Mounting magisk image
|
||||||
|
char *magiskimg = mount_image("/data/magisk.img", "/magisk");
|
||||||
|
free(magiskimg);
|
||||||
|
|
||||||
|
// Start magiskhide if enabled
|
||||||
|
char *hide_prop = getprop("persist.magisk.hide");
|
||||||
|
if (hide_prop) {
|
||||||
|
if (strcmp(hide_prop, "1") == 0)
|
||||||
|
launch_magiskhide(-1);
|
||||||
|
free(hide_prop);
|
||||||
|
}
|
||||||
|
|
||||||
|
unblock:
|
||||||
unblock_boot_process();
|
unblock_boot_process();
|
||||||
|
return;
|
||||||
}
|
}
|
||||||
|
@ -124,6 +124,7 @@ int read_int(int fd) {
|
|||||||
}
|
}
|
||||||
|
|
||||||
void write_int(int fd, int val) {
|
void write_int(int fd, int val) {
|
||||||
|
if (fd < 0) return;
|
||||||
xwrite(fd, &val, sizeof(int));
|
xwrite(fd, &val, sizeof(int));
|
||||||
}
|
}
|
||||||
|
|
||||||
@ -140,6 +141,7 @@ char* read_string(int fd) {
|
|||||||
}
|
}
|
||||||
|
|
||||||
void write_string(int fd, const char* val) {
|
void write_string(int fd, const char* val) {
|
||||||
|
if (fd < 0) return;
|
||||||
int len = strlen(val);
|
int len = strlen(val);
|
||||||
write_int(fd, len);
|
write_int(fd, len);
|
||||||
xwrite(fd, val, len);
|
xwrite(fd, val, len);
|
||||||
|
@ -18,23 +18,7 @@
|
|||||||
#include "utils.h"
|
#include "utils.h"
|
||||||
#include "magiskhide.h"
|
#include "magiskhide.h"
|
||||||
|
|
||||||
static int isMocked = 0, pid;
|
static int pid;
|
||||||
|
|
||||||
static void manage_selinux() {
|
|
||||||
if (isMocked) return;
|
|
||||||
char val[1];
|
|
||||||
int fd = xopen(ENFORCE_FILE, O_RDONLY);
|
|
||||||
xxread(fd, val, 1);
|
|
||||||
close(fd);
|
|
||||||
// Permissive
|
|
||||||
if (val[0] == '0') {
|
|
||||||
LOGI("hide_daemon: Permissive detected, hide the state\n");
|
|
||||||
|
|
||||||
chmod(ENFORCE_FILE, 0640);
|
|
||||||
chmod(POLICY_FILE, 0440);
|
|
||||||
isMocked = 1;
|
|
||||||
}
|
|
||||||
}
|
|
||||||
|
|
||||||
static void lazy_unmount(const char* mountpoint) {
|
static void lazy_unmount(const char* mountpoint) {
|
||||||
if (umount2(mountpoint, MNT_DETACH) != -1)
|
if (umount2(mountpoint, MNT_DETACH) != -1)
|
||||||
@ -87,6 +71,9 @@ int hide_daemon() {
|
|||||||
_exit(0);
|
_exit(0);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
manage_selinux();
|
||||||
|
relink_sbin();
|
||||||
|
|
||||||
snprintf(buffer, sizeof(buffer), "/proc/%d/ns/mnt", pid);
|
snprintf(buffer, sizeof(buffer), "/proc/%d/ns/mnt", pid);
|
||||||
if(access(buffer, F_OK) == -1) continue; // Maybe process died..
|
if(access(buffer, F_OK) == -1) continue; // Maybe process died..
|
||||||
|
|
||||||
@ -95,8 +82,6 @@ int hide_daemon() {
|
|||||||
xsetns(fd, 0);
|
xsetns(fd, 0);
|
||||||
close(fd);
|
close(fd);
|
||||||
|
|
||||||
manage_selinux();
|
|
||||||
|
|
||||||
snprintf(buffer, sizeof(buffer), "/proc/%d/mounts", pid);
|
snprintf(buffer, sizeof(buffer), "/proc/%d/mounts", pid);
|
||||||
fp = xfopen(buffer, "r");
|
fp = xfopen(buffer, "r");
|
||||||
vec_init(&mount_list);
|
vec_init(&mount_list);
|
||||||
|
@ -52,6 +52,8 @@ void launch_magiskhide(int client) {
|
|||||||
|
|
||||||
LOGI("* Starting MagiskHide\n");
|
LOGI("* Starting MagiskHide\n");
|
||||||
|
|
||||||
|
hide_sensitive_props();
|
||||||
|
|
||||||
if (socketpair(AF_LOCAL, SOCK_STREAM, 0, sv) == -1)
|
if (socketpair(AF_LOCAL, SOCK_STREAM, 0, sv) == -1)
|
||||||
goto error;
|
goto error;
|
||||||
|
|
||||||
@ -94,6 +96,7 @@ error:
|
|||||||
write(sv[0], &kill, sizeof(kill));
|
write(sv[0], &kill, sizeof(kill));
|
||||||
close(sv[0]);
|
close(sv[0]);
|
||||||
waitpid(hide_pid, NULL, 0);
|
waitpid(hide_pid, NULL, 0);
|
||||||
|
hide_pid = -1;
|
||||||
}
|
}
|
||||||
return;
|
return;
|
||||||
}
|
}
|
||||||
|
@ -15,6 +15,11 @@ int hide_daemon();
|
|||||||
// Process monitor
|
// Process monitor
|
||||||
void *proc_monitor(void *args);
|
void *proc_monitor(void *args);
|
||||||
|
|
||||||
|
// Preprocess
|
||||||
|
void manage_selinux();
|
||||||
|
void hide_sensitive_props();
|
||||||
|
void relink_sbin();
|
||||||
|
|
||||||
extern int sv[2], hide_pid, isEnabled;
|
extern int sv[2], hide_pid, isEnabled;
|
||||||
extern struct vector *hide_list, *new_list;
|
extern struct vector *hide_list, *new_list;
|
||||||
|
|
||||||
|
91
jni/magiskhide/pre_process.c
Normal file
91
jni/magiskhide/pre_process.c
Normal file
@ -0,0 +1,91 @@
|
|||||||
|
/* pre_process.c - Some pre-processes for MagiskHide to hide properly
|
||||||
|
*/
|
||||||
|
|
||||||
|
#include <stdio.h>
|
||||||
|
#include <stdlib.h>
|
||||||
|
#include <unistd.h>
|
||||||
|
#include <errno.h>
|
||||||
|
#include <dirent.h>
|
||||||
|
#include <string.h>
|
||||||
|
#include <sys/mount.h>
|
||||||
|
#include <sys/types.h>
|
||||||
|
#include <sys/stat.h>
|
||||||
|
#include <selinux/selinux.h>
|
||||||
|
|
||||||
|
#include "magisk.h"
|
||||||
|
#include "utils.h"
|
||||||
|
#include "resetprop.h"
|
||||||
|
#include "magiskhide.h"
|
||||||
|
|
||||||
|
static char *prop_key[] =
|
||||||
|
{ "ro.boot.verifiedbootstate", "ro.boot.flash.locked", "ro.boot.veritymode", "ro.boot.warranty_bit", "ro.warranty_bit",
|
||||||
|
"ro.debuggable", "ro.secure", NULL };
|
||||||
|
|
||||||
|
static char *prop_value[] =
|
||||||
|
{ "green", "1", "enforcing", "0", "0", "0", "1", NULL };
|
||||||
|
|
||||||
|
static int isMocked = 0;
|
||||||
|
|
||||||
|
void manage_selinux() {
|
||||||
|
if (isMocked) return;
|
||||||
|
char val[1];
|
||||||
|
int fd = xopen(ENFORCE_FILE, O_RDONLY);
|
||||||
|
xxread(fd, val, 1);
|
||||||
|
close(fd);
|
||||||
|
// Permissive
|
||||||
|
if (val[0] == '0') {
|
||||||
|
LOGI("hide_daemon: Permissive detected, hide the state\n");
|
||||||
|
|
||||||
|
chmod(ENFORCE_FILE, 0640);
|
||||||
|
chmod(POLICY_FILE, 0440);
|
||||||
|
isMocked = 1;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
void hide_sensitive_props() {
|
||||||
|
LOGI("hide_pre_proc: Hiding sensitive props\n");
|
||||||
|
|
||||||
|
// Hide all sensitive props
|
||||||
|
init_resetprop();
|
||||||
|
char *value;
|
||||||
|
for (int i = 0; prop_key[i]; ++i) {
|
||||||
|
value = getprop(prop_key[i]);
|
||||||
|
if (value) {
|
||||||
|
if (strcmp(value, prop_value[i]) != 0)
|
||||||
|
setprop2(prop_key[i], prop_value[i], 0);
|
||||||
|
free(value);
|
||||||
|
}
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
void relink_sbin() {
|
||||||
|
struct stat st;
|
||||||
|
if (stat("/sbin_orig", &st) == -1 && errno == ENOENT) {
|
||||||
|
// Re-link all binaries and bind mount
|
||||||
|
DIR *dir;
|
||||||
|
struct dirent *entry;
|
||||||
|
char from[PATH_MAX], to[PATH_MAX];
|
||||||
|
|
||||||
|
LOGI("hide_pre_proc: Re-linking /sbin\n");
|
||||||
|
|
||||||
|
xmount(NULL, "/", NULL, MS_REMOUNT, NULL);
|
||||||
|
xrename("/sbin", "/sbin_orig");
|
||||||
|
xmkdir("/sbin", 0755);
|
||||||
|
xchmod("/sbin", 0755);
|
||||||
|
xmount(NULL, "/", NULL, MS_REMOUNT | MS_RDONLY, NULL);
|
||||||
|
xmkdir("/dev/sbin_bind", 0755);
|
||||||
|
xchmod("/dev/sbin_bind", 0755);
|
||||||
|
dir = xopendir("/sbin_orig");
|
||||||
|
|
||||||
|
while ((entry = xreaddir(dir))) {
|
||||||
|
snprintf(from, sizeof(from), "%s/%s", "/sbin_orig", entry->d_name);
|
||||||
|
snprintf(to, sizeof(to), "%s/%s", "/dev/sbin_bind", entry->d_name);
|
||||||
|
symlink(from, to);
|
||||||
|
lsetfilecon(to, "u:object_r:system_file:s0");
|
||||||
|
}
|
||||||
|
|
||||||
|
closedir(dir);
|
||||||
|
|
||||||
|
xmount("/dev/sbin_bind", "/sbin", NULL, MS_BIND, NULL);
|
||||||
|
}
|
||||||
|
}
|
@ -19,13 +19,11 @@
|
|||||||
|
|
||||||
static int zygote_num = 0;
|
static int zygote_num = 0;
|
||||||
static char init_ns[32], zygote_ns[2][32];
|
static char init_ns[32], zygote_ns[2][32];
|
||||||
static FILE *p;
|
|
||||||
|
|
||||||
static void read_namespace(const int pid, char* target, const size_t size) {
|
static void read_namespace(const int pid, char* target, const size_t size) {
|
||||||
char path[32];
|
char path[32];
|
||||||
snprintf(path, sizeof(path), "/proc/%d/ns/mnt", pid);
|
snprintf(path, sizeof(path), "/proc/%d/ns/mnt", pid);
|
||||||
ssize_t len = readlink(path, target, size);
|
xreadlink(path, target, size);
|
||||||
target[len] = '\0';
|
|
||||||
}
|
}
|
||||||
|
|
||||||
// Workaround for the lack of pthread_cancel
|
// Workaround for the lack of pthread_cancel
|
||||||
@ -44,7 +42,6 @@ static void quit_pthread(int sig) {
|
|||||||
hide_list = new_list = NULL;
|
hide_list = new_list = NULL;
|
||||||
isEnabled = 0;
|
isEnabled = 0;
|
||||||
LOGD("proc_monitor: terminating...\n");
|
LOGD("proc_monitor: terminating...\n");
|
||||||
pclose(p);
|
|
||||||
pthread_exit(NULL);
|
pthread_exit(NULL);
|
||||||
}
|
}
|
||||||
|
|
||||||
@ -80,7 +77,11 @@ void *proc_monitor(void *args) {
|
|||||||
LOGI("proc_monitor: init ns=%s\n", init_ns);
|
LOGI("proc_monitor: init ns=%s\n", init_ns);
|
||||||
|
|
||||||
// Get the mount namespace of zygote
|
// Get the mount namespace of zygote
|
||||||
ps_filter_proc_name("zygote", store_zygote_ns);
|
while(!zygote_num) {
|
||||||
|
// Check zygote every 2 secs
|
||||||
|
sleep(2);
|
||||||
|
ps_filter_proc_name("zygote", store_zygote_ns);
|
||||||
|
}
|
||||||
|
|
||||||
switch(zygote_num) {
|
switch(zygote_num) {
|
||||||
case 1:
|
case 1:
|
||||||
@ -92,7 +93,7 @@ void *proc_monitor(void *args) {
|
|||||||
}
|
}
|
||||||
|
|
||||||
// Monitor am_proc_start (the command shall never end)
|
// Monitor am_proc_start (the command shall never end)
|
||||||
p = popen("while true; do logcat -b events -c; logcat -b events -v raw -s am_proc_start; sleep 1; done", "r");
|
FILE *p = popen("while true; do logcat -b events -c; logcat -b events -v raw -s am_proc_start; sleep 1; done", "r");
|
||||||
|
|
||||||
while(fgets(buffer, sizeof(buffer), p)) {
|
while(fgets(buffer, sizeof(buffer), p)) {
|
||||||
int ret, comma = 0;
|
int ret, comma = 0;
|
||||||
@ -130,7 +131,7 @@ void *proc_monitor(void *args) {
|
|||||||
ret = 1;
|
ret = 1;
|
||||||
for (int i = 0; i < zygote_num; ++i) {
|
for (int i = 0; i < zygote_num; ++i) {
|
||||||
if (strcmp(buffer, zygote_ns[i]) == 0) {
|
if (strcmp(buffer, zygote_ns[i]) == 0) {
|
||||||
usleep(500);
|
usleep(50);
|
||||||
ret = 0;
|
ret = 0;
|
||||||
break;
|
break;
|
||||||
}
|
}
|
||||||
|
@ -8,6 +8,7 @@
|
|||||||
#include <unistd.h>
|
#include <unistd.h>
|
||||||
#include <fcntl.h>
|
#include <fcntl.h>
|
||||||
#include <pwd.h>
|
#include <pwd.h>
|
||||||
|
#include <signal.h>
|
||||||
#include <sys/types.h>
|
#include <sys/types.h>
|
||||||
#include <sys/ioctl.h>
|
#include <sys/ioctl.h>
|
||||||
#include <sys/mount.h>
|
#include <sys/mount.h>
|
||||||
@ -15,6 +16,8 @@
|
|||||||
#include "magisk.h"
|
#include "magisk.h"
|
||||||
#include "utils.h"
|
#include "utils.h"
|
||||||
|
|
||||||
|
int quit_signals[] = { SIGALRM, SIGABRT, SIGHUP, SIGPIPE, SIGQUIT, SIGTERM, SIGINT, 0 };
|
||||||
|
|
||||||
unsigned get_shell_uid() {
|
unsigned get_shell_uid() {
|
||||||
struct passwd* ppwd = getpwnam("shell");
|
struct passwd* ppwd = getpwnam("shell");
|
||||||
if (NULL == ppwd)
|
if (NULL == ppwd)
|
||||||
@ -171,7 +174,7 @@ void unlock_blocks() {
|
|||||||
continue;
|
continue;
|
||||||
|
|
||||||
if (ioctl(fd, BLKROSET, &OFF) == -1)
|
if (ioctl(fd, BLKROSET, &OFF) == -1)
|
||||||
PLOGE("ioctl");
|
PLOGE("unlock %s", path);
|
||||||
close(fd);
|
close(fd);
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
@ -183,3 +186,17 @@ void unblock_boot_process() {
|
|||||||
int fd = open("/dev/.magisk.unblock", O_RDONLY | O_CREAT);
|
int fd = open("/dev/.magisk.unblock", O_RDONLY | O_CREAT);
|
||||||
close(fd);
|
close(fd);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
void setup_sighandlers(void (*handler)(int)) {
|
||||||
|
struct sigaction act;
|
||||||
|
|
||||||
|
// Install the termination handlers
|
||||||
|
// Note: we're assuming that none of these signal handlers are already trapped.
|
||||||
|
// If they are, we'll need to modify this code to save the previous handler and
|
||||||
|
// call it after we restore stdin to its previous state.
|
||||||
|
memset(&act, 0, sizeof(act));
|
||||||
|
act.sa_handler = handler;
|
||||||
|
for (int i = 0; quit_signals[i]; ++i) {
|
||||||
|
sigaction(quit_signals[i], &act, NULL);
|
||||||
|
}
|
||||||
|
}
|
||||||
|
@ -18,6 +18,8 @@
|
|||||||
#define UID_SYSTEM (get_system_uid())
|
#define UID_SYSTEM (get_system_uid())
|
||||||
#define UID_RADIO (get_radio_uid())
|
#define UID_RADIO (get_radio_uid())
|
||||||
|
|
||||||
|
extern int quit_signals[];
|
||||||
|
|
||||||
// xwrap.c
|
// xwrap.c
|
||||||
|
|
||||||
FILE *xfopen(const char *pathname, const char *mode);
|
FILE *xfopen(const char *pathname, const char *mode);
|
||||||
@ -42,12 +44,18 @@ void *xrealloc(void *ptr, size_t size);
|
|||||||
ssize_t xsendmsg(int sockfd, const struct msghdr *msg, int flags);
|
ssize_t xsendmsg(int sockfd, const struct msghdr *msg, int flags);
|
||||||
ssize_t xrecvmsg(int sockfd, struct msghdr *msg, int flags);
|
ssize_t xrecvmsg(int sockfd, struct msghdr *msg, int flags);
|
||||||
int xpthread_create(pthread_t *thread, const pthread_attr_t *attr,
|
int xpthread_create(pthread_t *thread, const pthread_attr_t *attr,
|
||||||
void *(*start_routine) (void *), void *arg);
|
void *(*start_routine) (void *), void *arg);
|
||||||
int xsocketpair(int domain, int type, int protocol, int sv[2]);
|
int xsocketpair(int domain, int type, int protocol, int sv[2]);
|
||||||
int xstat(const char *pathname, struct stat *buf);
|
int xstat(const char *pathname, struct stat *buf);
|
||||||
int xdup2(int oldfd, int newfd);
|
int xdup2(int oldfd, int newfd);
|
||||||
ssize_t xreadlink(const char *pathname, char *buf, size_t bufsiz);
|
ssize_t xreadlink(const char *pathname, char *buf, size_t bufsiz);
|
||||||
int xsymlink(const char *target, const char *linkpath);
|
int xsymlink(const char *target, const char *linkpath);
|
||||||
|
int xmount(const char *source, const char *target,
|
||||||
|
const char *filesystemtype, unsigned long mountflags,
|
||||||
|
const void *data);
|
||||||
|
int xchmod(const char *pathname, mode_t mode);
|
||||||
|
int xrename(const char *oldpath, const char *newpath);
|
||||||
|
int xmkdir(const char *pathname, mode_t mode);
|
||||||
|
|
||||||
// misc.c
|
// misc.c
|
||||||
|
|
||||||
@ -63,5 +71,6 @@ void ps_filter_proc_name(const char *filter, void (*func)(int));
|
|||||||
int create_links(const char *bin, const char *path);
|
int create_links(const char *bin, const char *path);
|
||||||
void unlock_blocks();
|
void unlock_blocks();
|
||||||
void unblock_boot_process();
|
void unblock_boot_process();
|
||||||
|
void setup_sighandlers(void (*handler)(int));
|
||||||
|
|
||||||
#endif
|
#endif
|
||||||
|
@ -17,6 +17,7 @@
|
|||||||
#include <sys/socket.h>
|
#include <sys/socket.h>
|
||||||
#include <sys/types.h>
|
#include <sys/types.h>
|
||||||
#include <sys/stat.h>
|
#include <sys/stat.h>
|
||||||
|
#include <sys/mount.h>
|
||||||
#include <selinux/selinux.h>
|
#include <selinux/selinux.h>
|
||||||
|
|
||||||
#include "magisk.h"
|
#include "magisk.h"
|
||||||
@ -232,6 +233,7 @@ ssize_t xreadlink(const char *pathname, char *buf, size_t bufsiz) {
|
|||||||
PLOGE("readlink %s", pathname);
|
PLOGE("readlink %s", pathname);
|
||||||
} else {
|
} else {
|
||||||
buf[ret] = '\0';
|
buf[ret] = '\0';
|
||||||
|
++ret;
|
||||||
}
|
}
|
||||||
return ret;
|
return ret;
|
||||||
}
|
}
|
||||||
@ -244,4 +246,38 @@ int xsymlink(const char *target, const char *linkpath) {
|
|||||||
return ret;
|
return ret;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
int xmount(const char *source, const char *target,
|
||||||
|
const char *filesystemtype, unsigned long mountflags,
|
||||||
|
const void *data) {
|
||||||
|
int ret = mount(source, target, filesystemtype, mountflags, data);
|
||||||
|
if (ret == -1) {
|
||||||
|
PLOGE("mount %s->%s", source, target);
|
||||||
|
}
|
||||||
|
return ret;
|
||||||
|
}
|
||||||
|
|
||||||
|
int xchmod(const char *pathname, mode_t mode) {
|
||||||
|
int ret = chmod(pathname, mode);
|
||||||
|
if (ret == -1) {
|
||||||
|
PLOGE("chmod %s %u", pathname, mode);
|
||||||
|
}
|
||||||
|
return ret;
|
||||||
|
}
|
||||||
|
|
||||||
|
int xrename(const char *oldpath, const char *newpath) {
|
||||||
|
int ret = rename(oldpath, newpath);
|
||||||
|
if (ret == -1) {
|
||||||
|
PLOGE("rename %s->%s", oldpath, newpath);
|
||||||
|
}
|
||||||
|
return ret;
|
||||||
|
}
|
||||||
|
|
||||||
|
int xmkdir(const char *pathname, mode_t mode) {
|
||||||
|
int ret = mkdir(pathname, mode);
|
||||||
|
if (ret == -1) {
|
||||||
|
PLOGE("mkdir %s %u", pathname, mode);
|
||||||
|
}
|
||||||
|
return ret;
|
||||||
|
}
|
||||||
|
|
||||||
|
|
||||||
|
@ -286,39 +286,36 @@ fi
|
|||||||
|
|
||||||
# TODO: Magisk Image
|
# TODO: Magisk Image
|
||||||
|
|
||||||
# # Fix SuperSU.....
|
# Fix SuperSU.....
|
||||||
# $BOOTMODE && $BINDIR/magiskpolicy --live "allow fsck * * *"
|
$BOOTMODE && $BINDIR/magiskpolicy --live "allow fsck * * *"
|
||||||
|
|
||||||
# if (is_mounted /data); then
|
if (is_mounted /data); then
|
||||||
# IMG=/data/magisk.img
|
IMG=/data/magisk.img
|
||||||
# else
|
else
|
||||||
# IMG=/cache/magisk.img
|
IMG=/cache/magisk.img
|
||||||
# ui_print "- Data unavailable, use cache workaround"
|
ui_print "- Data unavailable, use cache workaround"
|
||||||
# fi
|
fi
|
||||||
|
|
||||||
# if [ -f $IMG ]; then
|
if [ -f $IMG ]; then
|
||||||
# ui_print "- $IMG detected!"
|
ui_print "- $IMG detected!"
|
||||||
# else
|
else
|
||||||
# ui_print "- Creating $IMG"
|
ui_print "- Creating $IMG"
|
||||||
# make_ext4fs -l 64M -a /magisk -S $COMMONDIR/file_contexts_image $IMG
|
make_ext4fs -l 64M -a /magisk -S $COMMONDIR/file_contexts_image $IMG
|
||||||
# fi
|
fi
|
||||||
|
|
||||||
# mount_image $IMG /magisk
|
mount_image $IMG /magisk
|
||||||
# if (! is_mounted /magisk); then
|
if (! is_mounted /magisk); then
|
||||||
# ui_print "! Magisk image mount failed..."
|
ui_print "! Magisk image mount failed..."
|
||||||
# exit 1
|
exit 1
|
||||||
# fi
|
fi
|
||||||
# MAGISKLOOP=$LOOPDEVICE
|
MAGISKLOOP=$LOOPDEVICE
|
||||||
|
|
||||||
# # Core folders and scripts
|
# Core folders and scripts
|
||||||
# mkdir -p $COREDIR/bin $COREDIR/props $COREDIR/magiskhide $COREDIR/post-fs-data.d $COREDIR/service.d 2>/dev/null
|
mkdir -p $COREDIR/bin $COREDIR/props $COREDIR/magiskhide $COREDIR/post-fs-data.d $COREDIR/service.d 2>/dev/null
|
||||||
# cp -af $COMMONDIR/magiskhide/. $COREDIR/magiskhide
|
cp -af $COMMONDIR/magiskhide/. $COREDIR/magiskhide
|
||||||
# cp -af $BINDIR/resetprop $BINDIR/magiskhide $BINDIR/su $BINDIR/magiskpolicy $COREDIR/bin
|
|
||||||
# # Legacy support
|
|
||||||
# ln -sf $COREDIR/bin/resetprop $MAGISKBIN/resetprop
|
|
||||||
|
|
||||||
# chmod -R 755 $COREDIR/bin $COREDIR/magiskhide $COREDIR/post-fs-data.d $COREDIR/service.d
|
chmod -R 755 $COREDIR/bin $COREDIR/magiskhide $COREDIR/post-fs-data.d $COREDIR/service.d
|
||||||
# chown -R 0.0 $COREDIR/bin $COREDIR/magiskhide $COREDIR/post-fs-data.d $COREDIR/service.d
|
chown -R 0.0 $COREDIR/bin $COREDIR/magiskhide $COREDIR/post-fs-data.d $COREDIR/service.d
|
||||||
|
|
||||||
##########################################################################################
|
##########################################################################################
|
||||||
# Unpack boot
|
# Unpack boot
|
||||||
|
@ -1,14 +1,5 @@
|
|||||||
#!/system/bin/sh
|
#!/system/bin/sh
|
||||||
|
|
||||||
HIDELIST=/magisk/.core/magiskhide/hidelist
|
PROCESS="$1"
|
||||||
PROCESS=$1
|
|
||||||
TOOLPATH=/dev/busybox
|
|
||||||
|
|
||||||
if [ ! -z "$PROCESS" ]; then
|
magiskhide --add "$PROCESS"
|
||||||
if [ `grep -c "^$PROCESS$" $HIDELIST` -eq "0" ]; then
|
|
||||||
echo "$PROCESS" >> $HIDELIST
|
|
||||||
set --
|
|
||||||
set `$TOOLPATH/ps -o pid,args | grep "$PROCESS" | grep -v grep` >/dev/null
|
|
||||||
[ ! -z "$1" ] && kill "$1"
|
|
||||||
fi
|
|
||||||
fi
|
|
||||||
|
@ -1,27 +1,3 @@
|
|||||||
#!/system/bin/sh
|
#!/system/bin/sh
|
||||||
|
|
||||||
MODDIR=/magisk/.core/magiskhide
|
magiskhide --disable
|
||||||
LOGFILE=/cache/magisk.log
|
|
||||||
TOOLPATH=/dev/busybox
|
|
||||||
|
|
||||||
log_print() {
|
|
||||||
echo "MagiskHide: $1"
|
|
||||||
echo "MagiskHide: $1" >> $LOGFILE
|
|
||||||
log -p i -t Magisk "MagiskHide: $1"
|
|
||||||
}
|
|
||||||
|
|
||||||
# Only disable when MagiskHide is started
|
|
||||||
$TOOLPATH/ps | grep "magiskhide --daemon" | grep -v grep >/dev/null 2>&1 || exit
|
|
||||||
|
|
||||||
log_print "Stopping MagiskHide daemon"
|
|
||||||
|
|
||||||
set --
|
|
||||||
set `$TOOLPATH/ps -o pid,args | grep "magiskhide" | grep -v grep | head -1` >/dev/null
|
|
||||||
[ ! -z "$1" ] && kill "$1"
|
|
||||||
|
|
||||||
while read PROCESS; do
|
|
||||||
log_print "Killing $PROCESS"
|
|
||||||
set --
|
|
||||||
set `$TOOLPATH/ps -o pid,args | grep "$PROCESS" | grep -v grep` >/dev/null
|
|
||||||
[ ! -z "$1" ] && kill "$1"
|
|
||||||
done < $MODDIR/hidelist
|
|
||||||
|
@ -1,68 +1,3 @@
|
|||||||
#!/system/bin/sh
|
#!/system/bin/sh
|
||||||
|
|
||||||
MODDIR=/magisk/.core/magiskhide
|
magiskhide --enable
|
||||||
BINPATH=/magisk/.core/bin
|
|
||||||
LOGFILE=/cache/magisk.log
|
|
||||||
TOOLPATH=/dev/busybox
|
|
||||||
|
|
||||||
log_print() {
|
|
||||||
echo "MagiskHide: $1"
|
|
||||||
echo "MagiskHide: $1" >> $LOGFILE
|
|
||||||
log -p i -t Magisk "MagiskHide: $1"
|
|
||||||
}
|
|
||||||
|
|
||||||
# Only enable when isn't started
|
|
||||||
$TOOLPATH/ps | grep "magiskhide --daemon" | grep -v grep >/dev/null 2>&1 && exit
|
|
||||||
|
|
||||||
if [ ! -d /sbin_orig ]; then
|
|
||||||
log_print "Moving and re-linking /sbin binaries"
|
|
||||||
mount -o rw,remount rootfs /
|
|
||||||
mv -f /sbin /sbin_orig
|
|
||||||
mkdir /sbin
|
|
||||||
mount -o ro,remount rootfs /
|
|
||||||
mkdir -p /dev/sbin_bind
|
|
||||||
chmod 755 /dev/sbin_bind
|
|
||||||
ln -s /sbin_orig/* /dev/sbin_bind
|
|
||||||
chcon -h u:object_r:system_file:s0 /dev/sbin_bind /dev/sbin_bind/*
|
|
||||||
mount -o bind /dev/sbin_bind /sbin
|
|
||||||
fi
|
|
||||||
|
|
||||||
log_print "Removing dangerous read-only system props"
|
|
||||||
|
|
||||||
VERIFYBOOT=`getprop ro.boot.verifiedbootstate`
|
|
||||||
FLASHLOCKED=`getprop ro.boot.flash.locked`
|
|
||||||
VERITYMODE=`getprop ro.boot.veritymode`
|
|
||||||
KNOX1=`getprop ro.boot.warranty_bit`
|
|
||||||
KNOX2=`getprop ro.warranty_bit`
|
|
||||||
DEBUGGABLE=`getprop ro.debuggable`
|
|
||||||
SECURE=`getprop ro.secure`
|
|
||||||
|
|
||||||
[ ! -z "$VERIFYBOOT" -a "$VERIFYBOOT" != "green" ] && \
|
|
||||||
log_print "`$BINPATH/resetprop -v -n ro.boot.verifiedbootstate green`"
|
|
||||||
[ ! -z "$FLASHLOCKED" -a "$FLASHLOCKED" != "1" ] && \
|
|
||||||
log_print "`$BINPATH/resetprop -v -n ro.boot.flash.locked 1`"
|
|
||||||
[ ! -z "$VERITYMODE" -a "$VERITYMODE" != "enforcing" ] && \
|
|
||||||
log_print "`$BINPATH/resetprop -v -n ro.boot.veritymode enforcing`"
|
|
||||||
[ ! -z "$KNOX1" -a "$KNOX1" != "0" ] && \
|
|
||||||
log_print "`$BINPATH/resetprop -v -n ro.boot.warranty_bit 0`"
|
|
||||||
[ ! -z "$KNOX2" -a "$KNOX2" != "0" ] && \
|
|
||||||
log_print "`$BINPATH/resetprop -v -n ro.warranty_bit 0`"
|
|
||||||
[ ! -z "$DEBUGGABLE" -a "$DEBUGGABLE" != "0" ] && \
|
|
||||||
log_print "`$BINPATH/resetprop -v -n ro.debuggable 0`"
|
|
||||||
[ ! -z "$SECURE" -a "$SECURE" != "1" ] && \
|
|
||||||
log_print "`$BINPATH/resetprop -v -n ro.secure 1`"
|
|
||||||
|
|
||||||
touch $MODDIR/hidelist
|
|
||||||
chmod -R 755 $MODDIR
|
|
||||||
# Add Safety Net preset
|
|
||||||
$MODDIR/add com.google.android.gms.unstable
|
|
||||||
|
|
||||||
while read PROCESS; do
|
|
||||||
log_print "Killing $PROCESS"
|
|
||||||
set --
|
|
||||||
set `$TOOLPATH/ps -o pid,args | grep "$PROCESS" | grep -v grep` >/dev/null
|
|
||||||
[ ! -z "$1" ] && kill "$1"
|
|
||||||
done < $MODDIR/hidelist
|
|
||||||
|
|
||||||
log_print "Starting MagiskHide daemon"
|
|
||||||
($BINPATH/magiskhide --daemon)
|
|
||||||
|
@ -1,5 +1,3 @@
|
|||||||
#!/system/bin/sh
|
#!/system/bin/sh
|
||||||
|
|
||||||
HIDELIST=/magisk/.core/magiskhide/hidelist
|
magiskhide --ls
|
||||||
|
|
||||||
cat $HIDELIST
|
|
||||||
|
@ -1,14 +1,5 @@
|
|||||||
#!/system/bin/sh
|
#!/system/bin/sh
|
||||||
|
|
||||||
HIDELIST=/magisk/.core/magiskhide/hidelist
|
PROCESS="$1"
|
||||||
PROCESS=$1
|
|
||||||
TOOLPATH=/dev/busybox
|
|
||||||
|
|
||||||
if [ ! -z "$PROCESS" ]; then
|
magiskhide --rm "$PROCESS"
|
||||||
cp -af $HIDELIST $HIDELIST.tmp
|
|
||||||
cat $HIDELIST.tmp | grep -v "^$PROCESS$" > $HIDELIST
|
|
||||||
rm -f $HIDELIST.tmp
|
|
||||||
set --
|
|
||||||
set `$TOOLPATH/ps -o pid,args | grep "$PROCESS" | grep -v grep` >/dev/null
|
|
||||||
[ ! -z "$1" ] && kill "$1"
|
|
||||||
fi
|
|
||||||
|
Loading…
Reference in New Issue
Block a user