193 lines
4.8 KiB
Bash
193 lines
4.8 KiB
Bash
#!/system/bin/sh
|
|
###########################################################################################
|
|
#
|
|
# Magisk Boot Image Patcher
|
|
# by topjohnwu
|
|
#
|
|
# Usage: boot_patch.sh <bootimage>
|
|
#
|
|
# The following flags can be set in environment variables:
|
|
# KEEPVERITY, KEEPFORCEENCRYPT, RECOVERYMODE
|
|
#
|
|
# This script should be placed in a directory with the following files:
|
|
#
|
|
# File name Type Description
|
|
#
|
|
# boot_patch.sh script A script to patch boot image for Magisk.
|
|
# (this file) The script will use binaries and files in its same directory
|
|
# to complete the patching process
|
|
# util_functions.sh script A script which hosts all functions required for this script
|
|
# to work properly
|
|
# magiskinit binary The binary to replace /init; magisk binary embedded
|
|
# magiskboot binary A tool to manipulate boot images
|
|
# chromeos folder This folder includes all the utilities and keys to sign
|
|
# (optional) chromeos boot images. Currently only used for Pixel C
|
|
#
|
|
###########################################################################################
|
|
|
|
############
|
|
# Functions
|
|
############
|
|
|
|
# Pure bash dirname implementation
|
|
getdir() {
|
|
case "$1" in
|
|
*/*)
|
|
dir=${1%/*}
|
|
if [ -z $dir ]; then
|
|
echo "/"
|
|
else
|
|
echo $dir
|
|
fi
|
|
;;
|
|
*) echo "." ;;
|
|
esac
|
|
}
|
|
|
|
#################
|
|
# Initialization
|
|
#################
|
|
|
|
if [ -z $SOURCEDMODE ]; then
|
|
# Switch to the location of the script file
|
|
cd "`getdir "${BASH_SOURCE:-$0}"`"
|
|
# Load utility functions
|
|
. ./util_functions.sh
|
|
fi
|
|
|
|
BOOTIMAGE="$1"
|
|
[ -e "$BOOTIMAGE" ] || abort "$BOOTIMAGE does not exist!"
|
|
|
|
# Flags
|
|
[ -z $KEEPVERITY ] && KEEPVERITY=false
|
|
[ -z $KEEPFORCEENCRYPT ] && KEEPFORCEENCRYPT=false
|
|
[ -z $RECOVERYMODE ] && RECOVERYMODE=false
|
|
export KEEPVERITY
|
|
export KEEPFORCEENCRYPT
|
|
|
|
chmod -R 755 .
|
|
|
|
# Extract magisk if doesn't exist
|
|
[ -e magisk ] || ./magiskinit -x magisk magisk
|
|
|
|
#########
|
|
# Unpack
|
|
#########
|
|
|
|
CHROMEOS=false
|
|
|
|
ui_print "- Unpacking boot image"
|
|
./magiskboot unpack "$BOOTIMAGE"
|
|
|
|
case $? in
|
|
1 )
|
|
abort "! Unsupported/Unknown image format"
|
|
;;
|
|
2 )
|
|
ui_print "- ChromeOS boot image detected"
|
|
CHROMEOS=true
|
|
;;
|
|
esac
|
|
|
|
[ -f recovery_dtbo ] && RECOVERYMODE=true
|
|
|
|
###################
|
|
# Ramdisk Restores
|
|
###################
|
|
|
|
# Test patch status and do restore
|
|
ui_print "- Checking ramdisk status"
|
|
if [ -e ramdisk.cpio ]; then
|
|
./magiskboot cpio ramdisk.cpio test
|
|
STATUS=$?
|
|
else
|
|
# Stock A only system-as-root
|
|
STATUS=0
|
|
fi
|
|
case $((STATUS & 3)) in
|
|
0 ) # Stock boot
|
|
ui_print "- Stock boot image detected"
|
|
SHA1=`./magiskboot sha1 "$BOOTIMAGE" 2>/dev/null`
|
|
cat $BOOTIMAGE > stock_boot.img
|
|
cp -af ramdisk.cpio ramdisk.cpio.orig 2>/dev/null
|
|
;;
|
|
1 ) # Magisk patched
|
|
ui_print "- Magisk patched boot image detected"
|
|
# Find SHA1 of stock boot image
|
|
[ -z $SHA1 ] && SHA1=`./magiskboot cpio ramdisk.cpio sha1 2>/dev/null`
|
|
./magiskboot cpio ramdisk.cpio restore
|
|
cp -af ramdisk.cpio ramdisk.cpio.orig
|
|
;;
|
|
2 ) # Unsupported
|
|
ui_print "! Boot image patched by unsupported programs"
|
|
abort "! Please restore back to stock boot image"
|
|
;;
|
|
esac
|
|
|
|
##################
|
|
# Ramdisk Patches
|
|
##################
|
|
|
|
ui_print "- Patching ramdisk"
|
|
|
|
echo "KEEPVERITY=$KEEPVERITY" > config
|
|
echo "KEEPFORCEENCRYPT=$KEEPFORCEENCRYPT" >> config
|
|
echo "RECOVERYMODE=$RECOVERYMODE" >> config
|
|
[ ! -z $SHA1 ] && echo "SHA1=$SHA1" >> config
|
|
|
|
./magiskboot cpio ramdisk.cpio \
|
|
"add 750 init magiskinit" \
|
|
"patch" \
|
|
"backup ramdisk.cpio.orig" \
|
|
"mkdir 000 .backup" \
|
|
"add 000 .backup/.magisk config"
|
|
|
|
if [ $((STATUS & 4)) -ne 0 ]; then
|
|
ui_print "- Compressing ramdisk"
|
|
./magiskboot cpio ramdisk.cpio compress
|
|
fi
|
|
|
|
rm -f ramdisk.cpio.orig config
|
|
|
|
#################
|
|
# Binary Patches
|
|
#################
|
|
|
|
for dt in dtb kernel_dtb extra recovery_dtbo; do
|
|
[ -f $dt ] && ./magiskboot dtb $dt patch && ui_print "- Patch fstab in $dt"
|
|
done
|
|
|
|
if [ -f kernel ]; then
|
|
# Remove Samsung RKP
|
|
./magiskboot hexpatch kernel \
|
|
49010054011440B93FA00F71E9000054010840B93FA00F7189000054001840B91FA00F7188010054 \
|
|
A1020054011440B93FA00F7140020054010840B93FA00F71E0010054001840B91FA00F7181010054
|
|
|
|
# Remove Samsung defex
|
|
# Before: [mov w2, #-221] (-__NR_execve)
|
|
# After: [mov w2, #-32768]
|
|
./magiskboot hexpatch kernel 821B8012 E2FF8F12
|
|
|
|
# Force kernel to load rootfs
|
|
# skip_initramfs -> want_initramfs
|
|
./magiskboot hexpatch kernel \
|
|
736B69705F696E697472616D667300 \
|
|
77616E745F696E697472616D667300
|
|
fi
|
|
|
|
#################
|
|
# Repack & Flash
|
|
#################
|
|
|
|
ui_print "- Repacking boot image"
|
|
./magiskboot repack "$BOOTIMAGE" || abort "! Unable to repack boot image!"
|
|
|
|
# Sign chromeos boot
|
|
$CHROMEOS && sign_chromeos
|
|
|
|
# Copy existing rules for migration
|
|
$BOOTMODE && copy_sepolicy_rules
|
|
|
|
# Reset any error code
|
|
true
|