From dba5020e4f8b1e4a6fc1e964670c6085a49d7a76 Mon Sep 17 00:00:00 2001
From: LoveSy <shana@zju.edu.cn>
Date: Thu, 16 Mar 2023 10:26:27 +0800
Subject: [PATCH] Refactor magiskrc

---
 native/src/core/bootstages.cpp |  6 +++--
 native/src/core/daemon.cpp     |  3 +--
 native/src/core/magisk.cpp     |  4 +++-
 native/src/include/daemon.hpp  |  2 +-
 native/src/include/magisk.hpp  |  1 -
 native/src/init/magiskrc.inc   | 42 ----------------------------------
 native/src/init/rootdir.cpp    | 28 ++++++++++++++++++-----
 native/src/sepolicy/rules.cpp  |  6 ++++-
 scripts/avd_magisk.sh          |  2 --
 9 files changed, 36 insertions(+), 58 deletions(-)
 delete mode 100644 native/src/init/magiskrc.inc

diff --git a/native/src/core/bootstages.cpp b/native/src/core/bootstages.cpp
index 09fba4c55..9372864fe 100644
--- a/native/src/core/bootstages.cpp
+++ b/native/src/core/bootstages.cpp
@@ -412,7 +412,7 @@ static void boot_complete() {
     get_manager(0, nullptr, true);
 }
 
-void boot_stage_handler(int code) {
+void boot_stage_handler(int client, int code) {
     // Make sure boot stage execution is always serialized
     static pthread_mutex_t stage_lock = PTHREAD_MUTEX_INITIALIZER;
     mutex_guard lock(stage_lock);
@@ -421,13 +421,15 @@ void boot_stage_handler(int code) {
     case MainRequest::POST_FS_DATA:
         if ((boot_state & FLAG_POST_FS_DATA_DONE) == 0)
             post_fs_data();
-        close(xopen(UNBLOCKFILE, O_RDONLY | O_CREAT, 0));
+        close(client);
         break;
     case MainRequest::LATE_START:
+        close(client);
         if ((boot_state & FLAG_POST_FS_DATA_DONE) && (boot_state & FLAG_SAFE_MODE) == 0)
             late_start();
         break;
     case MainRequest::BOOT_COMPLETE:
+        close(client);
         if ((boot_state & FLAG_SAFE_MODE) == 0)
             boot_complete();
         break;
diff --git a/native/src/core/daemon.cpp b/native/src/core/daemon.cpp
index e15993316..e7b5092fd 100644
--- a/native/src/core/daemon.cpp
+++ b/native/src/core/daemon.cpp
@@ -274,8 +274,7 @@ static void handle_request(pollfd *pfd) {
     } else if (code < MainRequest::_STAGE_BARRIER_) {
         exec_task([=] { handle_request_async(client, code, cred); });
     } else {
-        close(client);
-        exec_task([=] { boot_stage_handler(code); });
+        exec_task([=] { boot_stage_handler(client, code); });
     }
     return;
 
diff --git a/native/src/core/magisk.cpp b/native/src/core/magisk.cpp
index fb9d09b25..09603ae66 100644
--- a/native/src/core/magisk.cpp
+++ b/native/src/core/magisk.cpp
@@ -90,7 +90,9 @@ int magisk_main(int argc, char *argv[]) {
         int fd = connect_daemon(MainRequest::STOP_DAEMON);
         return read_int(fd);
     } else if (argv[1] == "--post-fs-data"sv) {
-        close(connect_daemon(MainRequest::POST_FS_DATA, true));
+        int fd = connect_daemon(MainRequest::POST_FS_DATA, true);
+        struct pollfd pfd = { fd, POLLIN, 0 };
+        poll(&pfd, 1, 1000 * POST_FS_DATA_WAIT_TIME);
         return 0;
     } else if (argv[1] == "--service"sv) {
         close(connect_daemon(MainRequest::LATE_START, true));
diff --git a/native/src/include/daemon.hpp b/native/src/include/daemon.hpp
index b2d812714..b90559fd9 100644
--- a/native/src/include/daemon.hpp
+++ b/native/src/include/daemon.hpp
@@ -88,7 +88,7 @@ extern std::atomic<int> logd_fd;
 extern "C" void magisk_log_write(int prio, const char *msg, int len);
 
 // Daemon handlers
-void boot_stage_handler(int code);
+void boot_stage_handler(int client, int code);
 void denylist_handler(int client, const sock_cred *cred);
 void su_daemon_handler(int client, const sock_cred *cred);
 void zygisk_handler(int client, const sock_cred *cred);
diff --git a/native/src/include/magisk.hpp b/native/src/include/magisk.hpp
index aa1aa9f3e..30aac3170 100644
--- a/native/src/include/magisk.hpp
+++ b/native/src/include/magisk.hpp
@@ -7,7 +7,6 @@
 #define MAIN_SOCKET  "d30138f2310a9fb9c54a3e0c21f58591\0"
 #define JAVA_PACKAGE_NAME "com.topjohnwu.magisk"
 #define LOGFILE         "/cache/magisk.log"
-#define UNBLOCKFILE     "/dev/.magisk_unblock"
 #define SECURE_DIR      "/data/adb"
 #define MODULEROOT      SECURE_DIR "/modules"
 #define MODULEUPGRADE   SECURE_DIR "/modules_update"
diff --git a/native/src/init/magiskrc.inc b/native/src/init/magiskrc.inc
deleted file mode 100644
index e8dd418db..000000000
--- a/native/src/init/magiskrc.inc
+++ /dev/null
@@ -1,42 +0,0 @@
-#include <magisk.hpp>
-#include <selinux.hpp>
-
-#define quote(s) #s
-#define str(s) quote(s)
-
-constexpr char MAGISK_RC[] =
-"\n"
-
-"on post-fs-data\n"
-"    start logd\n"
-"    rm " UNBLOCKFILE "\n"
-"    start %2$s\n"
-"    wait " UNBLOCKFILE " " str(POST_FS_DATA_WAIT_TIME) "\n"
-"    rm " UNBLOCKFILE "\n"
-"\n"
-
-"service %2$s %1$s/magisk --post-fs-data\n"
-"    user root\n"
-"    seclabel u:r:" SEPOL_PROC_DOMAIN ":s0\n"
-"    oneshot\n"
-"\n"
-
-"service %3$s %1$s/magisk --service\n"
-"    class late_start\n"
-"    user root\n"
-"    seclabel u:r:" SEPOL_PROC_DOMAIN ":s0\n"
-"    oneshot\n"
-"\n"
-
-"on property:sys.boot_completed=1\n"
-"    exec %1$s/magisk --boot-complete\n"
-"\n"
-
-"on property:init.svc.zygote=restarting\n"
-"    exec %1$s/magisk --zygote-restart\n"
-"\n"
-
-"on property:init.svc.zygote=stopped\n"
-"    exec %1$s/magisk --zygote-restart\n"
-"\n"
-;
diff --git a/native/src/init/rootdir.cpp b/native/src/init/rootdir.cpp
index 59f4bc6ab..7a84e151c 100644
--- a/native/src/init/rootdir.cpp
+++ b/native/src/init/rootdir.cpp
@@ -4,9 +4,9 @@
 
 #include <magisk.hpp>
 #include <base.hpp>
+#include <selinux.hpp>
 
 #include "init.hpp"
-#include "magiskrc.inc"
 
 using namespace std;
 
@@ -52,11 +52,27 @@ static void patch_init_rc(const char *src, const char *dest, const char *tmp_dir
     rc_list.clear();
 
     // Inject Magisk rc scripts
-    char pfd_svc[16], ls_svc[16];
-    gen_rand_str(pfd_svc, sizeof(pfd_svc));
-    gen_rand_str(ls_svc, sizeof(ls_svc));
-    LOGD("Inject magisk services: [%s] [%s]\n", pfd_svc, ls_svc);
-    fprintf(rc, MAGISK_RC, tmp_dir, pfd_svc, ls_svc);
+    LOGD("Inject magisk rc\n");
+    fprintf(rc, R"EOF(
+on post-fs-data
+    start logd
+    exec %2$s 0 0 -- %1$s/magisk --post-fs-data
+
+on property:vold.decrypt=trigger_restart_framework
+    exec %2$s 0 0 -- %1$s/magisk --service
+
+on nonencrypted
+    exec %2$s 0 0 -- %1$s/magisk --service
+
+on property:sys.boot_completed=1
+    exec %2$s 0 0 -- %1$s/magisk --boot-complete
+
+on property:init.svc.zygote=restarting
+    exec %2$s 0 0 -- %1$s/magisk --zygote-restart
+
+on property:init.svc.zygote=stopped
+    exec %2$s 0 0 -- %1$s/magisk --zygote-restart
+)EOF", tmp_dir, "u:r:" SEPOL_PROC_DOMAIN ":s0");
 
     fclose(rc);
     clone_attr(src, dest);
diff --git a/native/src/sepolicy/rules.cpp b/native/src/sepolicy/rules.cpp
index 738358deb..508746e49 100644
--- a/native/src/sepolicy/rules.cpp
+++ b/native/src/sepolicy/rules.cpp
@@ -64,7 +64,7 @@ void sepolicy::magisk_rules() {
         }
 
         // Allow these processes to access MagiskSU
-        vector<const char *> clients{ "init", "shell", "update_engine", "appdomain" };
+        vector<const char *> clients{ "shell", "update_engine", "appdomain" };
         for (auto type : clients) {
             if (!exists(type))
                 continue;
@@ -137,6 +137,10 @@ void sepolicy::magisk_rules() {
     // Let init run stuffs
     allow("kernel", SEPOL_PROC_DOMAIN, "fd", "use");
     allow("init", SEPOL_PROC_DOMAIN, "process", ALL);
+    allow("init", SEPOL_EXEC_TYPE, "file", "read");
+    allow("init", SEPOL_EXEC_TYPE, "file", "open");
+    allow("init", SEPOL_EXEC_TYPE, "file", "getattr");
+    allow("init", SEPOL_EXEC_TYPE, "file", "execute");
 
     // suRights
     allow("servicemanager", SEPOL_PROC_DOMAIN, "dir", "search");
diff --git a/scripts/avd_magisk.sh b/scripts/avd_magisk.sh
index 4f6feb020..910483510 100755
--- a/scripts/avd_magisk.sh
+++ b/scripts/avd_magisk.sh
@@ -149,7 +149,5 @@ touch $MAGISKTMP/.magisk/config
 
 # Boot up
 $MAGISKTMP/magisk --post-fs-data
-while [ ! -f /dev/.magisk_unblock ]; do sleep 1; done
-rm /dev/.magisk_unblock
 start
 $MAGISKTMP/magisk --service