github
/
Magisk
mirror of https://github.com/topjohnwu/Magisk
1
Fork 0
Code Releases Activity

Refactor magiskrc

This commit is contained in:
LoveSy 2023-03-16 10:26:27 +08:00 committed by John Wu
parent 87e036a190
commit dba5020e4f
9 changed files with 36 additions and 58 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
native/src/core/bootstages.cpp
View File

@ -412,7 +412,7 @@ static void boot_complete() {
get_manager(0, nullptr, true);
}
void boot_stage_handler(int code) {
void boot_stage_handler(int client, int code) {
// Make sure boot stage execution is always serialized
static pthread_mutex_t stage_lock = PTHREAD_MUTEX_INITIALIZER;
mutex_guard lock(stage_lock);
@ -421,13 +421,15 @@ void boot_stage_handler(int code) {
case MainRequest::POST_FS_DATA:
if ((boot_state & FLAG_POST_FS_DATA_DONE) == 0)
post_fs_data();
close(xopen(UNBLOCKFILE, O_RDONLY | O_CREAT, 0));
close(client);
break;
case MainRequest::LATE_START:
close(client);
if ((boot_state & FLAG_POST_FS_DATA_DONE) && (boot_state & FLAG_SAFE_MODE) == 0)
late_start();
break;
case MainRequest::BOOT_COMPLETE:
close(client);
if ((boot_state & FLAG_SAFE_MODE) == 0)
boot_complete();
break;

3
native/src/core/daemon.cpp
View File

@ -274,8 +274,7 @@ static void handle_request(pollfd *pfd) {
} else if (code < MainRequest::_STAGE_BARRIER_) {
exec_task([=] { handle_request_async(client, code, cred); });
} else {
close(client);
exec_task([=] { boot_stage_handler(code); });
exec_task([=] { boot_stage_handler(client, code); });
}
return;

4
native/src/core/magisk.cpp
View File

@ -90,7 +90,9 @@ int magisk_main(int argc, char *argv[]) {
int fd = connect_daemon(MainRequest::STOP_DAEMON);
return read_int(fd);
} else if (argv[1] == "--post-fs-data"sv) {
close(connect_daemon(MainRequest::POST_FS_DATA, true));
int fd = connect_daemon(MainRequest::POST_FS_DATA, true);
struct pollfd pfd = { fd, POLLIN, 0 };
poll(&pfd, 1, 1000 * POST_FS_DATA_WAIT_TIME);
return 0;
} else if (argv[1] == "--service"sv) {
close(connect_daemon(MainRequest::LATE_START, true));

2
native/src/include/daemon.hpp
View File

@ -88,7 +88,7 @@ extern std::atomic<int> logd_fd;
extern "C" void magisk_log_write(int prio, const char *msg, int len);
// Daemon handlers
void boot_stage_handler(int code);
void boot_stage_handler(int client, int code);
void denylist_handler(int client, const sock_cred *cred);
void su_daemon_handler(int client, const sock_cred *cred);
void zygisk_handler(int client, const sock_cred *cred);

1
native/src/include/magisk.hpp
View File

@ -7,7 +7,6 @@
#define MAIN_SOCKET "d30138f2310a9fb9c54a3e0c21f58591\0"
#define JAVA_PACKAGE_NAME "com.topjohnwu.magisk"
#define LOGFILE "/cache/magisk.log"
#define UNBLOCKFILE "/dev/.magisk_unblock"
#define SECURE_DIR "/data/adb"
#define MODULEROOT SECURE_DIR "/modules"
#define MODULEUPGRADE SECURE_DIR "/modules_update"

42
native/src/init/magiskrc.inc
View File

@ -1,42 +0,0 @@
#include <magisk.hpp>
#include <selinux.hpp>
#define quote(s) #s
#define str(s) quote(s)
constexpr char MAGISK_RC[] =
"\n"
"on post-fs-data\n"
" start logd\n"
" rm " UNBLOCKFILE "\n"
" start %2$s\n"
" wait " UNBLOCKFILE " " str(POST_FS_DATA_WAIT_TIME) "\n"
" rm " UNBLOCKFILE "\n"
"\n"
"service %2$s %1$s/magisk --post-fs-data\n"
" user root\n"
" seclabel u:r:" SEPOL_PROC_DOMAIN ":s0\n"
" oneshot\n"
"\n"
"service %3$s %1$s/magisk --service\n"
" class late_start\n"
" user root\n"
" seclabel u:r:" SEPOL_PROC_DOMAIN ":s0\n"
" oneshot\n"
"\n"
"on property:sys.boot_completed=1\n"
" exec %1$s/magisk --boot-complete\n"
"\n"
"on property:init.svc.zygote=restarting\n"
" exec %1$s/magisk --zygote-restart\n"
"\n"
"on property:init.svc.zygote=stopped\n"
" exec %1$s/magisk --zygote-restart\n"
"\n"
;

28
native/src/init/rootdir.cpp
View File

@ -4,9 +4,9 @@
#include <magisk.hpp>
#include <base.hpp>
#include <selinux.hpp>
#include "init.hpp"
#include "magiskrc.inc"
using namespace std;
@ -52,11 +52,27 @@ static void patch_init_rc(const char *src, const char *dest, const char *tmp_dir
rc_list.clear();
// Inject Magisk rc scripts
char pfd_svc[16], ls_svc[16];
gen_rand_str(pfd_svc, sizeof(pfd_svc));
gen_rand_str(ls_svc, sizeof(ls_svc));
LOGD("Inject magisk services: [%s] [%s]\n", pfd_svc, ls_svc);
fprintf(rc, MAGISK_RC, tmp_dir, pfd_svc, ls_svc);
LOGD("Inject magisk rc\n");
fprintf(rc, R"EOF(
on post-fs-data
start logd
exec %2$s 0 0 -- %1$s/magisk --post-fs-data
on property:vold.decrypt=trigger_restart_framework
exec %2$s 0 0 -- %1$s/magisk --service
on nonencrypted
exec %2$s 0 0 -- %1$s/magisk --service
on property:sys.boot_completed=1
exec %2$s 0 0 -- %1$s/magisk --boot-complete
on property:init.svc.zygote=restarting
exec %2$s 0 0 -- %1$s/magisk --zygote-restart
on property:init.svc.zygote=stopped
exec %2$s 0 0 -- %1$s/magisk --zygote-restart
)EOF", tmp_dir, "u:r:" SEPOL_PROC_DOMAIN ":s0");
fclose(rc);
clone_attr(src, dest);

6
native/src/sepolicy/rules.cpp
View File

@ -64,7 +64,7 @@ void sepolicy::magisk_rules() {
}
// Allow these processes to access MagiskSU
vector<const char *> clients{ "init", "shell", "update_engine", "appdomain" };
vector<const char *> clients{ "shell", "update_engine", "appdomain" };
for (auto type : clients) {
if (!exists(type))
continue;
@ -137,6 +137,10 @@ void sepolicy::magisk_rules() {
// Let init run stuffs
allow("kernel", SEPOL_PROC_DOMAIN, "fd", "use");
allow("init", SEPOL_PROC_DOMAIN, "process", ALL);
allow("init", SEPOL_EXEC_TYPE, "file", "read");
allow("init", SEPOL_EXEC_TYPE, "file", "open");
allow("init", SEPOL_EXEC_TYPE, "file", "getattr");
allow("init", SEPOL_EXEC_TYPE, "file", "execute");
// suRights
allow("servicemanager", SEPOL_PROC_DOMAIN, "dir", "search");

2
scripts/avd_magisk.sh
View File

@ -149,7 +149,5 @@ touch $MAGISKTMP/.magisk/config
# Boot up
$MAGISKTMP/magisk --post-fs-data
while [ ! -f /dev/.magisk_unblock ]; do sleep 1; done
rm /dev/.magisk_unblock
start
$MAGISKTMP/magisk --service