diff --git a/jni/Android.mk b/jni/Android.mk index 7dabbee1a..12921d7ce 100644 --- a/jni/Android.mk +++ b/jni/Android.mk @@ -9,6 +9,7 @@ LOCAL_C_INCLUDES := \ $(LOCAL_PATH)/utils \ $(LOCAL_PATH)/daemon \ $(LOCAL_PATH)/resetprop \ + $(LOCAL_PATH)/magiskpolicy \ $(LOCAL_PATH)/selinux/libselinux/include \ $(LOCAL_PATH)/selinux/libsepol/include \ $(LOCAL_PATH)/sqlite3 @@ -21,13 +22,16 @@ LOCAL_SRC_FILES := \ daemon/daemon.c \ daemon/socket_trans.c \ daemon/log_monitor.c \ + daemon/post_fs.c \ + daemon/post_fs_data.c \ + daemon/late_start.c \ magiskhide/magiskhide.c \ magiskhide/hide_daemon.c \ magiskhide/proc_monitor.c \ magiskpolicy/magiskpolicy.c \ magiskpolicy/rules.c \ magiskpolicy/sepolicy.c \ - magiskpolicy/utils.c \ + magiskpolicy/api.c \ resetprop/resetprop.cpp \ resetprop/libc_logging.cpp \ resetprop/system_properties.cpp \ @@ -58,4 +62,4 @@ include jni/sqlite3/Android.mk # include jni/magiskpolicy/Android.mk # Build magiskboot -# include jni/magiskboot/Android.mk +include jni/magiskboot/Android.mk diff --git a/jni/daemon/daemon.c b/jni/daemon/daemon.c index fb508e1df..7b7aa4ba7 100644 --- a/jni/daemon/daemon.c +++ b/jni/daemon/daemon.c @@ -9,6 +9,7 @@ #include #include #include +#include #include #include #include @@ -18,6 +19,9 @@ #include "magisk.h" #include "utils.h" #include "daemon.h" +#include "magiskpolicy.h" + +pthread_t sepol_patch; static void request_handler(int client) { client_request req = read_int(client); @@ -48,13 +52,13 @@ static void request_handler(int client) { close(client); break; case POST_FS: - // TODO: post-fs + post_fs(client); break; case POST_FS_DATA: - // TODO: post-fs-data + post_fs_data(client); break; - case LATE_START_SERVICE: - // TODO: late_start service + case LATE_START: + late_start(client); break; case TEST: s = read_string(client); @@ -82,6 +86,16 @@ static int setup_socket(struct sockaddr_un *sun) { static void do_nothing() {} +static void *large_sepol_patch(void *args) { + LOGD("sepol: Starting large patch thread\n"); + // Patch su to everything + sepol_allow("su", ALL, ALL, ALL); + dump_policydb("/sys/fs/selinux/load"); + LOGD("sepol: Large patch done\n"); + destroy_policydb(); + return NULL; +} + void start_daemon() { // Launch the daemon, create new session, set proper context if (getuid() != UID_ROOT || getgid() != UID_ROOT) { @@ -99,6 +113,14 @@ void start_daemon() { xsetsid(); xsetcon("u:r:su:s0"); + // Patch selinux with medium patch, blocking + load_policydb("/sys/fs/selinux/policy"); + sepol_med_rules(); + dump_policydb("/sys/fs/selinux/load"); + + // Continue the larger patch in another thread, will join later + pthread_create(&sepol_patch, NULL, large_sepol_patch, NULL); + struct sockaddr_un sun; int fd = setup_socket(&sun); @@ -114,12 +136,15 @@ void start_daemon() { // Start log monitor monitor_logs(); + LOGI("Magisk v" xstr(VERSION) " daemon started\n"); + // Unlock all blocks for rw unlock_blocks(); // Setup links under /sbin mount(NULL, "/", NULL, MS_REMOUNT, NULL); create_links(NULL, "/sbin"); + chmod("/sbin", 0755); mount(NULL, "/", NULL, MS_REMOUNT | MS_RDONLY, NULL); // Loop forever to listen to requests diff --git a/jni/daemon/daemon.h b/jni/daemon/daemon.h index 76061f163..9a225499a 100644 --- a/jni/daemon/daemon.h +++ b/jni/daemon/daemon.h @@ -4,6 +4,9 @@ #ifndef _DAEMON_H_ #define _DAEMON_H_ +#include + +extern pthread_t sepol_patch; // Commands require connecting to daemon typedef enum { @@ -16,7 +19,7 @@ typedef enum { CHECK_VERSION_CODE, POST_FS, POST_FS_DATA, - LATE_START_SERVICE, + LATE_START, TEST } client_request; @@ -38,6 +41,13 @@ void write_string(int fd, const char* val); void monitor_logs(); +/*************** + * Boot Stages * + ***************/ + +void post_fs(int client); +void post_fs_data(int client); +void late_start(int client); /************** * MagiskHide * diff --git a/jni/daemon/late_start.c b/jni/daemon/late_start.c new file mode 100644 index 000000000..2d964e8a6 --- /dev/null +++ b/jni/daemon/late_start.c @@ -0,0 +1,17 @@ +/* late_start.c - late_start service actions + */ + +#include +#include + +#include "daemon.h" + +void late_start(int client) { + // ack + write_int(client, 0); + // TODO: Do something + close(client); + + // Wait till the full patch is done + pthread_join(sepol_patch, NULL); +} diff --git a/jni/daemon/log_monitor.c b/jni/daemon/log_monitor.c index 03ad8d385..1542839a4 100644 --- a/jni/daemon/log_monitor.c +++ b/jni/daemon/log_monitor.c @@ -16,7 +16,8 @@ static void *logger_thread(void *args) { char buffer[PATH_MAX]; // rename("/cache/magisk.log", "/cache/last_magisk.log"); - FILE *logfile = xfopen("/cache/magisk_test.log", "w"); + // FILE *logfile = xfopen("/cache/magisk_test.log", "w"); + FILE *logfile = xfopen("/cache/magisk.log", "w"); // Disable buffering setbuf(logfile, NULL); // Start logcat diff --git a/jni/daemon/post_fs.c b/jni/daemon/post_fs.c new file mode 100644 index 000000000..576428a92 --- /dev/null +++ b/jni/daemon/post_fs.c @@ -0,0 +1,15 @@ +/* post_fs.c - post-fs actions + */ + +#include + +#include "utils.h" +#include "daemon.h" + +void post_fs(int client) { + // ack + write_int(client, 0); + // TODO: Do something + close(client); + unblock_boot_process(); +} diff --git a/jni/daemon/post_fs_data.c b/jni/daemon/post_fs_data.c new file mode 100644 index 000000000..a35899ea2 --- /dev/null +++ b/jni/daemon/post_fs_data.c @@ -0,0 +1,15 @@ +/* post_fs_data.c - post-fs-data actions + */ + +#include + +#include "utils.h" +#include "daemon.h" + +void post_fs_data(int client) { + // ack + write_int(client, 0); + // TODO: Do something + close(client); + unblock_boot_process(); +} diff --git a/jni/magiskpolicy b/jni/magiskpolicy index 7bb8b9039..a65c7ee2f 160000 --- a/jni/magiskpolicy +++ b/jni/magiskpolicy @@ -1 +1 @@ -Subproject commit 7bb8b9039c96278f904e3e7fa07953cd5e5b5113 +Subproject commit a65c7ee2fcb0ecc546603e97384ef49ad6f245d5 diff --git a/jni/main.c b/jni/main.c index 628229853..79e2d551c 100644 --- a/jni/main.c +++ b/jni/main.c @@ -54,6 +54,7 @@ int main(int argc, char *argv[]) { err_handler = exit_proc; char * arg = strrchr(argv[0], '/'); if (arg) ++arg; + else arg = argv[0]; if (strcmp(arg, "magisk") == 0) { if (argc < 2) usage(); if (strcmp(argv[1], "-v") == 0) { @@ -78,14 +79,17 @@ int main(int argc, char *argv[]) { printf("%s\n", applet[i]); return 0; } else if (strcmp(argv[1], "--post-fs") == 0) { - // TODO: post-fs mode - return 0; + int fd = connect_daemon(); + write_int(fd, POST_FS); + return read_int(fd); } else if (strcmp(argv[1], "--post-fs-data") == 0) { - // TODO: post-fs-data mode - return 0; + int fd = connect_daemon(); + write_int(fd, POST_FS_DATA); + return read_int(fd); } else if (strcmp(argv[1], "--service") == 0) { - // TODO: late_start service mode - return 0; + int fd = connect_daemon(); + write_int(fd, LATE_START); + return read_int(fd); } else if (strcmp(argv[1], "--test") == 0) { // Temporary testing entry int fd = connect_daemon(); diff --git a/jni/su b/jni/su index c42c44a55..85b080113 160000 --- a/jni/su +++ b/jni/su @@ -1 +1 @@ -Subproject commit c42c44a55254416fc2ccdb89395f42e8a580a67f +Subproject commit 85b080113f43bccd6764cefe9144d82dc0492426 diff --git a/jni/utils/misc.c b/jni/utils/misc.c index a986c0074..a77016e47 100644 --- a/jni/utils/misc.c +++ b/jni/utils/misc.c @@ -178,3 +178,8 @@ void unlock_blocks() { closedir(dir); } + +void unblock_boot_process() { + int fd = open("/dev/.magisk.unblock", O_RDONLY | O_CREAT); + close(fd); +} diff --git a/jni/utils/utils.h b/jni/utils/utils.h index e7eb8af0b..672121e19 100644 --- a/jni/utils/utils.h +++ b/jni/utils/utils.h @@ -62,5 +62,6 @@ void ps(void (*func)(int)); void ps_filter_proc_name(const char *filter, void (*func)(int)); int create_links(const char *bin, const char *path); void unlock_blocks(); +void unblock_boot_process(); #endif