MarcoBuster/Magisk
1
1
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

Update boot patch method and scripts

Browse Source
This commit is contained in:
topjohnwu 2017-07-02 21:36:09 +08:00
parent 9d421226a7
commit bf42fce17e
10 changed files with 183 additions and 119 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
jni/magiskboot/Android.mk
View File

@ -17,11 +17,12 @@ LOCAL_SRC_FILES := \
hexpatch.c \ hexpatch.c \
parseimg.c \ parseimg.c \
compress.c \ compress.c \
utils.c \ boot_utils.c \
cpio.c \ cpio.c \
sha1.c \ sha1.c \
../utils/xwrap.c \ ../utils/xwrap.c \
../utils/vector.c ../utils/vector.c \
../utils/list.c
LOCAL_CFLAGS += -DZLIB_CONST LOCAL_CFLAGS += -DZLIB_CONST
include $(BUILD_EXECUTABLE) include $(BUILD_EXECUTABLE)

0
jni/magiskboot/utils.c → jni/magiskboot/boot_utils.c
View File

188
jni/magiskboot/cpio.c
View File

@ -1,6 +1,7 @@
#include "magiskboot.h" #include "magiskboot.h"
#include "cpio.h" #include "cpio.h"
#include "vector.h" #include "vector.h"
#include "list.h"
static uint32_t x8u(char *hex) { static uint32_t x8u(char *hex) {
uint32_t val, inpos = 8, outpos; uint32_t val, inpos = 8, outpos;
@ -220,47 +221,109 @@ static int check_verity_pattern(const char *s) {
return pos; return pos;
} }
static void cpio_dmverity(struct vector *v) { static struct list_head *block_to_list(char *data) {
cpio_file *f; struct list_head *head = xmalloc(sizeof(*head));
size_t read, write; line_list *line;
int skip; init_list_head(head);
vec_for_each(v, f) { char *tok;
if (strstr(f->filename, "fstab") != NULL && S_ISREG(f->mode)) { tok = strsep(&data, "\n");
for (read = 0, write = 0; read < f->filesize; ++read, ++write) { while (tok) {
skip = check_verity_pattern(f->data + read); line = xcalloc(sizeof(*line), 1);
if (skip > 0) { line->line = tok;
printf("Remove pattern [%.*s] in [%s]\n", (int) skip, f->data + read, f->filename); list_insert_end(head, &line->pos);
read += skip; tok = strsep(&data, "\n");
}
f->data[write] = f->data[read];
}
f->filesize = write;
} else if (strcmp(f->filename, "verity_key") == 0) {
f->remove = 1;
break;
}
} }
return head;
} }
static void cpio_forceencrypt(struct vector *v) { static char *list_to_block(struct list_head *head, uint32_t filesize) {
line_list *line;
char *data = xmalloc(filesize);
uint32_t off = 0;
list_for_each(line, head, line_list, pos) {
strcpy(data + off, line->line);
off += strlen(line->line);
data[off++] = '\n';
}
return data;
}
static void free_newline(line_list *line) {
if (line->isNew)
free(line->line);
}
static void cpio_patch(struct vector *v, int keepverity, int keepforceencrypt) {
struct list_head *head;
line_list *line;
cpio_file *f; cpio_file *f;
int skip, injected = 0;
size_t read, write; size_t read, write;
const char *ENCRYPT_LIST[] = { "forceencrypt", "forcefdeorfbe", "fileencryptioninline", NULL }; const char *ENCRYPT_LIST[] = { "forceencrypt", "forcefdeorfbe", "fileencryptioninline", NULL };
vec_for_each(v, f) { vec_for_each(v, f) {
if (strstr(f->filename, "fstab") != NULL && S_ISREG(f->mode)) { if (strcmp(f->filename, "init.rc") == 0) {
for (read = 0, write = 0; read < f->filesize; ++read, ++write) { head = block_to_list(f->data);
for (int i = 0 ; ENCRYPT_LIST[i]; ++i) { list_for_each(line, head, line_list, pos) {
if (strncmp(f->data + read, ENCRYPT_LIST[i], strlen(ENCRYPT_LIST[i])) == 0) { if (strstr(line->line, "import")) {
memcpy(f->data + write, "encryptable", 11); if (strstr(line->line, "init.magisk.rc"))
printf("Replace [%s] with [%s] in [%s]\n", ENCRYPT_LIST[i], "encryptable", f->filename); injected = 1;
write += 11; if (injected)
read += strlen(ENCRYPT_LIST[i]); continue;
break; // Inject magisk script as import
} printf("Inject new line [import /init.magisk.rc] in [init.rc]\n");
line = xcalloc(sizeof(*line), 1);
line->line = strdup("import /init.magisk.rc");
line->isNew = 1;
f->filesize += 23;
list_insert(__->prev, &line->pos);
injected = 1;
} else if (strstr(line->line, "selinux.reload_policy")) {
// Remove this line
printf("Remove line [%s] in [init.rc]\n", line->line);
f->filesize -= strlen(line->line) + 1;
__ = list_pop(&line->pos);
free(line);
}
}
char *temp = list_to_block(head, f->filesize);
free(f->data);
f->data = temp;
list_destory(head, list_head, pos, free_newline);
free(head);
} else {
if (!keepverity) {
if (strstr(f->filename, "fstab") != NULL && S_ISREG(f->mode)) {
for (read = 0, write = 0; read < f->filesize; ++read, ++write) {
skip = check_verity_pattern(f->data + read);
if (skip > 0) {
printf("Remove pattern [%.*s] in [%s]\n", skip, f->data + read, f->filename);
read += skip;
}
f->data[write] = f->data[read];
}
f->filesize = write;
} else if (strcmp(f->filename, "verity_key") == 0) {
printf("Remove [verity_key]\n");
f->remove = 1;
}
}
if (!keepforceencrypt) {
if (strstr(f->filename, "fstab") != NULL && S_ISREG(f->mode)) {
for (read = 0, write = 0; read < f->filesize; ++read, ++write) {
for (int i = 0 ; ENCRYPT_LIST[i]; ++i) {
if (strncmp(f->data + read, ENCRYPT_LIST[i], strlen(ENCRYPT_LIST[i])) == 0) {
memcpy(f->data + write, "encryptable", 11);
printf("Replace [%s] with [%s] in [%s]\n", ENCRYPT_LIST[i], "encryptable", f->filename);
write += 11;
read += strlen(ENCRYPT_LIST[i]);
break;
}
}
f->data[write] = f->data[read];
}
f->filesize = write;
} }
f->data[write] = f->data[read];
} }
f->filesize = write;
} }
} }
} }
@ -415,10 +478,6 @@ int cpio_commands(const char *command, int argc, char *argv[]) {
--argc; --argc;
if (strcmp(command, "test") == 0) { if (strcmp(command, "test") == 0) {
cmd = TEST; cmd = TEST;
} else if (strcmp(command, "patch-dmverity") == 0) {
cmd = DMVERITY;
} else if (strcmp(command, "patch-forceencrypt") == 0) {
cmd = FORCEENCRYPT;
} else if (strcmp(command, "restore") == 0) { } else if (strcmp(command, "restore") == 0) {
cmd = RESTORE; cmd = RESTORE;
} else if (argc == 1 && strcmp(command, "backup") == 0) { } else if (argc == 1 && strcmp(command, "backup") == 0) {
@ -430,6 +489,8 @@ int cpio_commands(const char *command, int argc, char *argv[]) {
++argv; ++argv;
--argc; --argc;
} }
} else if (argc == 2 && strcmp(command, "patch") == 0) {
cmd = PATCH;
} else if (argc == 2 && strcmp(command, "extract") == 0) { } else if (argc == 2 && strcmp(command, "extract") == 0) {
cmd = EXTRACT; cmd = EXTRACT;
} else if (argc == 2 && strcmp(command, "mkdir") == 0) { } else if (argc == 2 && strcmp(command, "mkdir") == 0) {
@ -438,41 +499,36 @@ int cpio_commands(const char *command, int argc, char *argv[]) {
cmd = ADD; cmd = ADD;
} else { } else {
cmd = NONE; cmd = NONE;
return 1;
} }
struct vector v; struct vector v;
vec_init(&v); vec_init(&v);
parse_cpio(incpio, &v); parse_cpio(incpio, &v);
switch(cmd) { switch(cmd) {
case TEST: case TEST:
cpio_test(&v); cpio_test(&v);
break; break;
case DMVERITY: case RESTORE:
cpio_dmverity(&v); ret = cpio_restore(&v);
break; break;
case FORCEENCRYPT: case BACKUP:
cpio_forceencrypt(&v); cpio_backup(argv[0], &v);
break; case RM:
case RESTORE: cpio_rm(recursive, argv[0], &v);
ret = cpio_restore(&v); break;
break; case PATCH:
case BACKUP: cpio_patch(&v, strcmp(argv[0], "true") == 0, strcmp(argv[1], "true") == 0);
cpio_backup(argv[0], &v); break;
case RM: case EXTRACT:
cpio_rm(recursive, argv[0], &v); cpio_extract(argv[0], argv[1], &v);
break; break;
case EXTRACT: case MKDIR:
cpio_extract(argv[0], argv[1], &v); cpio_mkdir(strtoul(argv[0], NULL, 8), argv[1], &v);
break; break;
case MKDIR: case ADD:
cpio_mkdir(strtoul(argv[0], NULL, 8), argv[1], &v); cpio_add(strtoul(argv[0], NULL, 8), argv[1], argv[2], &v);
break; break;
case ADD: case NONE:
cpio_add(strtoul(argv[0], NULL, 8), argv[1], argv[2], &v); return 1;
break;
default:
// Never happen
break;
} }
dump_cpio(incpio, &v); dump_cpio(incpio, &v);
cpio_vec_destroy(&v); cpio_vec_destroy(&v);

8
jni/magiskboot/cpio.h
View File

@ -3,6 +3,8 @@
#include <stdint.h> #include <stdint.h>
#include "list.h"
typedef struct cpio_file { typedef struct cpio_file {
// uint32_t ino; // uint32_t ino;
uint32_t mode; uint32_t mode;
@ -22,6 +24,12 @@ typedef struct cpio_file {
int remove; int remove;
} cpio_file; } cpio_file;
typedef struct line_list {
char *line;
int isNew;
struct list_head pos;
} line_list;
typedef struct cpio_newc_header { typedef struct cpio_newc_header {
char magic[6]; char magic[6];
char ino[8]; char ino[8];

3
jni/magiskboot/magiskboot.h
View File

@ -53,8 +53,7 @@ typedef enum {
ADD, ADD,
EXTRACT, EXTRACT,
TEST, TEST,
DMVERITY, PATCH,
FORCEENCRYPT,
BACKUP, BACKUP,
RESTORE RESTORE
} command_t; } command_t;

5
jni/magiskboot/main.c
View File

@ -25,9 +25,8 @@ static void usage(char *arg0) {
" --cpio-mkdir <incpio> <mode> <entry>\n Create directory as an <entry>\n" " --cpio-mkdir <incpio> <mode> <entry>\n Create directory as an <entry>\n"
" --cpio-add <incpio> <mode> <entry> <infile>\n Add <infile> as an <entry>; replaces <entry> if already exists\n" " --cpio-add <incpio> <mode> <entry> <infile>\n Add <infile> as an <entry>; replaces <entry> if already exists\n"
" --cpio-extract <incpio> <entry> <outfile>\n Extract <entry> to <outfile>\n" " --cpio-extract <incpio> <entry> <outfile>\n Extract <entry> to <outfile>\n"
" --cpio-test <incpio>\n Return value: 0/not patched 1/Magisk 2/SuperSU\n" " --cpio-test <incpio>\n Return value: 0/not patched 1/Magisk 2/Other (e.g. phh, SuperSU)\n"
" --cpio-patch-dmverity <incpio>\n Remove dm-verity\n" " --cpio-patch <KEEPVERITY> <KEEPFORCEENCRYPT>\n Patch cpio for Magisk. KEEP**** are true/false values\n"
" --cpio-patch-forceencrypt <incpio>\n Change forceencrypt flag to encryptable\n"
" --cpio-backup <incpio> <origcpio>\n Create ramdisk backups into <incpio> from <origcpio>\n" " --cpio-backup <incpio> <origcpio>\n Create ramdisk backups into <incpio> from <origcpio>\n"
" --cpio-restore <incpio>\n Restore ramdisk from ramdisk backup within <incpio>\n" " --cpio-restore <incpio>\n Restore ramdisk from ramdisk backup within <incpio>\n"
"\n" "\n"

16
scripts/addon.d.sh
View File

@ -16,6 +16,11 @@ main() {
# This script always run in recovery # This script always run in recovery
BOOTMODE=false BOOTMODE=false
if [ ! -d $MAGISKBIN ]; then
echo "! Cannot find Magisk binaries!"
exit 1
fi
# Wait for post addon.d processes to finish # Wait for post addon.d processes to finish
sleep 5 sleep 5
@ -23,11 +28,6 @@ main() {
mount -o ro /vendor 2>/dev/null mount -o ro /vendor 2>/dev/null
mount /data 2>/dev/null mount /data 2>/dev/null
if [ ! -d $MAGISKBIN ]; then
echo "! Cannot find Magisk binaries!"
exit 1
fi
# Load all functions # Load all functions
. $MAGISKBIN/util_functions.sh . $MAGISKBIN/util_functions.sh
@ -37,6 +37,8 @@ main() {
ui_print "* MAGISK_VERSION_STUB" ui_print "* MAGISK_VERSION_STUB"
ui_print "************************" ui_print "************************"
api_level_arch_detect
recovery_actions recovery_actions
find_boot_image find_boot_image
@ -61,9 +63,7 @@ main() {
cd / cd /
mv /sbin_tmp /sbin recovery_cleanup
ui_print "- Unmounting partitions"
umount -l /system
ui_print "- Done" ui_print "- Done"
exit 0 exit 0

14
scripts/boot_patch.sh
View File

@ -194,16 +194,8 @@ esac
ui_print_wrap "- Patching ramdisk" ui_print_wrap "- Patching ramdisk"
# The common patches
$KEEPVERITY || ./magiskboot --cpio-patch-dmverity ramdisk.cpio
$KEEPFORCEENCRYPT || ./magiskboot --cpio-patch-forceencrypt ramdisk.cpio
# Add magisk entrypoint # Add magisk entrypoint
cpio_extract init.rc init.rc ./magiskboot --cpio-patch ramdisk.cpio $KEEPVERITY $KEEPFORCEENCRYPT
grep "import /init.magisk.rc" init.rc >/dev/null || sed -i '1,/.*import.*/s/.*import.*/import \/init.magisk.rc\n&/' init.rc
sed -i "/selinux.reload_policy/d" init.rc
cpio_add 750 init.rc init.rc
rm -f init.rc
# sepolicy patches # sepolicy patches
cpio_extract sepolicy sepolicy cpio_extract sepolicy sepolicy
@ -237,8 +229,6 @@ rm -f ramdisk.cpio.orig
A1020054011440B93FA00F7140020054010840B93FA00F71E0010054001840B91FA00F7181010054 A1020054011440B93FA00F7140020054010840B93FA00F71E0010054001840B91FA00F7181010054
ui_print_wrap "- Repacking boot image" ui_print_wrap "- Repacking boot image"
./magiskboot --repack "$BOOTIMAGE" ./magiskboot --repack "$BOOTIMAGE" || abort_wrap "! Unable to repack boot image!"
[ $? -ne 0 ] && abort_wrap "! Unable to repack boot image!"
./magiskboot --cleanup ./magiskboot --cleanup

28
scripts/flash_script.sh
View File

@ -67,7 +67,7 @@ ui_print "************************"
ui_print "* MAGISK_VERSION_STUB" ui_print "* MAGISK_VERSION_STUB"
ui_print "************************" ui_print "************************"
ui_print "- Mounting /system(ro), /vendor(ro), /cache, /data" ui_print "- Mounting /system, /vendor, /cache, /data"
mount -o ro /system 2>/dev/null mount -o ro /system 2>/dev/null
mount -o ro /vendor 2>/dev/null mount -o ro /vendor 2>/dev/null
mount /cache 2>/dev/null mount /cache 2>/dev/null
@ -83,17 +83,8 @@ getvar BOOTIMAGE
# Check if system root is installed and remove # Check if system root is installed and remove
remove_system_su remove_system_su
API=`grep_prop ro.build.version.sdk` # Detect version and architecture
ABI=`grep_prop ro.product.cpu.abi | cut -c-3` api_level_arch_detect
ABI2=`grep_prop ro.product.cpu.abi2 | cut -c-3`
ABILONG=`grep_prop ro.product.cpu.abi`
ARCH=arm
BBPATH=armeabi-v7a
if [ "$ABI" = "x86" ]; then ARCH=x86; fi;
if [ "$ABI2" = "x86" ]; then ARCH=x86; fi;
if [ "$ABILONG" = "arm64-v8a" ]; then ARCH=arm64; fi;
if [ "$ABILONG" = "x86_64" ]; then ARCH=x64; fi;
[ $API -lt 21 ] && abort "! Magisk is only for Lollipop 5.0+ (SDK 21+)" [ $API -lt 21 ] && abort "! Magisk is only for Lollipop 5.0+ (SDK 21+)"
@ -110,8 +101,6 @@ find_boot_image
########################################################################################## ##########################################################################################
ui_print "- Constructing environment" ui_print "- Constructing environment"
$BOOTMODE || recovery_actions
is_mounted /data && MAGISKBIN=/data/magisk || MAGISKBIN=/cache/data_bin is_mounted /data && MAGISKBIN=/data/magisk || MAGISKBIN=/cache/data_bin
@ -119,9 +108,7 @@ is_mounted /data && MAGISKBIN=/data/magisk || MAGISKBIN=/cache/data_bin
rm -rf $MAGISKBIN 2>/dev/null rm -rf $MAGISKBIN 2>/dev/null
mkdir -p $MAGISKBIN mkdir -p $MAGISKBIN
cp -af $BINDIR/. $COMMONDIR/. $MAGISKBIN cp -af $BINDIR/. $COMMONDIR/. $MAGISKBIN
chmod -R 755 $MAGISKBIN chmod -R 755 $MAGISKBIN
chcon -hR u:object_r:system_file:s0 $MAGISKBIN
# addon.d # addon.d
if [ -d /system/addon.d ]; then if [ -d /system/addon.d ]; then
@ -135,6 +122,8 @@ fi
# Magisk Image # Magisk Image
########################################################################################## ##########################################################################################
$BOOTMODE || recovery_actions
# Fix SuperSU..... # Fix SuperSU.....
$BOOTMODE && $BINDIR/magisk magiskpolicy --live "allow fsck * * *" $BOOTMODE && $BINDIR/magisk magiskpolicy --live "allow fsck * * *"
@ -206,19 +195,16 @@ ui_print "- Flashing new boot image"
if [ -L "$BOOTIMAGE" ]; then if [ -L "$BOOTIMAGE" ]; then
dd if=new-boot.img of="$BOOTIMAGE" bs=4096 dd if=new-boot.img of="$BOOTIMAGE" bs=4096
else else
cat new-boot.img /dev/zero | dd of="$BOOTIMAGE" bs=4096 cat new-boot.img /dev/zero | dd of="$BOOTIMAGE" bs=4096 >/dev/null 2>&1
fi fi
rm -f new-boot.img rm -f new-boot.img
cd / cd /
if ! $BOOTMODE; then if ! $BOOTMODE; then
ui_print "- Unmounting partitions"
$BINDIR/magisk --umountimg /magisk $MAGISKLOOP $BINDIR/magisk --umountimg /magisk $MAGISKLOOP
rmdir /magisk rmdir /magisk
mv /sbin_tmp /sbin recovery_cleanup
umount -l /system
umount -l /vendor 2>/dev/null
fi fi
ui_print "- Done" ui_print "- Done"

35
scripts/util_functions.sh
View File

@ -32,15 +32,15 @@ getvar() {
find_boot_image() { find_boot_image() {
if [ -z "$BOOTIMAGE" ]; then if [ -z "$BOOTIMAGE" ]; then
for PARTITION in kern-a android_boot kernel boot lnx; do for BLOCK in boot_a BOOT_A kern-a KERN-A android_boot ANDROID_BOOT kernel KERNEL boot BOOT lnx LNX; do
BOOTIMAGE=`find /dev/block -iname "$PARTITION" | head -n 1` BOOTIMAGE=`ls /dev/block/by-name/$BLOCK || ls /dev/block/platform/*/by-name/$BLOCK || ls /dev/block/platform/*/*/by-name/$BLOCK` 2>/dev/null
[ ! -z $BOOTIMAGE ] && break [ ! -z $BOOTIMAGE ] && break
done done
fi fi
# Recovery fallback # Recovery fallback
if [ -z "$BOOTIMAGE" ]; then if [ -z "$BOOTIMAGE" ]; then
for FSTAB in /etc/*fstab*; do for FSTAB in /etc/*fstab*; do
BOOTIMAGE=`grep -E '\b/boot\b' $FSTAB | grep -oE '/dev/[a-zA-Z0-9_./-]*'` BOOTIMAGE=`grep -E '\b/boot\b' $FSTAB | grep -v "#" | grep -oE '/dev/[a-zA-Z0-9_./-]*'`
[ ! -z $BOOTIMAGE ] && break [ ! -z $BOOTIMAGE ] && break
done done
fi fi
@ -91,13 +91,38 @@ remove_system_su() {
fi fi
} }
api_level_arch_detect() {
API=`grep_prop ro.build.version.sdk`
ABI=`grep_prop ro.product.cpu.abi | cut -c-3`
ABI2=`grep_prop ro.product.cpu.abi2 | cut -c-3`
ABILONG=`grep_prop ro.product.cpu.abi`
ARCH=arm
IS64BIT=false
if [ "$ABI" = "x86" ]; then ARCH=x86; fi;
if [ "$ABI2" = "x86" ]; then ARCH=x86; fi;
if [ "$ABILONG" = "arm64-v8a" ]; then ARCH=arm64; IS64BIT=true; fi;
if [ "$ABILONG" = "x86_64" ]; then ARCH=x64; IS64BIT=true; fi;
}
recovery_actions() { recovery_actions() {
# TWRP bug fix # TWRP bug fix
mount -o bind /dev/urandom /dev/random mount -o bind /dev/urandom /dev/random
# Clear out possible lib paths, let the binaries find them itself
export LD_LIBRARY_PATH=
# Temporarily block out all custom recovery binaries/libs # Temporarily block out all custom recovery binaries/libs
mv /sbin /sbin_tmp mv /sbin /sbin_tmp
# Add all possible library paths
OLD_LD_PATH=$LD_LIBRARY_PATH
$IS64BIT && export LD_LIBRARY_PATH=/system/lib64:/system/vendor/lib64 || export LD_LIBRARY_PATH=/system/lib:/system/vendor/lib
}
recovery_cleanup() {
mv /sbin_tmp /sbin
# Clear LD_LIBRARY_PATH
export LD_LIBRARY_PATH=$OLD_LD_PATH
ui_print "- Unmounting partitions"
umount -l /system
umount -l /vendor 2>/dev/null
umount -l /dev/random
} }
abort() { abort() {