Bump Magisk Manager version

Sorry I forgot to commit this change :p

.gitignore

@@ -2,9 +2,13 @@ out
 *.zip
 *.jks
 *.apk
+config.prop
+
+# Manually dumped jars
+snet/libs
 
 # Built binaries
-ziptools/zipadjust
+native/out
 
 # Android Studio / Gradle
 *.iml

README.MD

@@ -1,24 +1,19 @@
 # Magisk
 
-## How to build Magisk
-
-#### Building has been tested on 3 major platforms: macOS, Ubuntu, Windows 10
-
-### Environment Requirements
+## Building Environment Requirements
 
 1. Python 3.5+: run `build.py` script
 2. Java Development Kit (JDK) 8: Compile Magisk Manager and sign zips
-3. Latest Android SDK: `ANDROID_HOME` environment variable should point to the Android SDK folder
-4. Android NDK: Install NDK along with SDK (`$ANDROID_HOME/ndk-bundle`), or specify custom path `ANDROID_NDK`
+3. Latest Android SDK: set `ANDROID_HOME` environment variable to the path to Android SDK
+4. Android NDK: Install NDK along with SDK (`$ANDROID_HOME/ndk-bundle`), or optionally specify a custom path `ANDROID_NDK`
 5. (Windows Only) Python package Colorama: Install with `pip install colorama`, used for ANSI color codes
 
-### Instructions and Notes
-1. Magisk can be built with the latest NDK (r16 as of writing), however binaries released officially will be built with NDK r10e due to ELF incompatibilities with the binaries built from the newer NDKs.
-2. The easiest way to setup the environment is by importing the folder as an Android Studio project. The IDE will download required components and construct the environment for you. You still have to set the `ANDROID_HOME` environment variable to point to the SDK path.
+## Building Notes and Instructions
+1. Building is tested on macOS, Ubuntu, and Windows 10 using the latest stable NDK and NDK r10e. Officially released binaries were built with NDK r10e.
+2. Set configurations in `config.prop`. A sample file `config.prop.sample` is provided as an example.
 3. Run `build.py` with argument `-h` to see the built-in help message. The `-h` option also works for each supported actions, e.g. `./build.py binary -h`
-4. Build everything with `build.py`, don't directly call `gradlew` or `ndk-build`, since most requires special setup / dependencies.
-5. By default, `build.py` will build binaries and Magisk Manager in debug mode. If you want to build Magisk Manager in release mode (through the flag `--release`), you will need to place a Java Keystore file at `release_signature.jks` to sign Magisk Manager's APK. For more information, check out [Google's Official Documentation](https://developer.android.com/studio/publish/app-signing.html#signing-manually).
-
+4. By default, `build.py` build binaries and Magisk Manager in debug mode. If you want to build Magisk Manager in release mode (via the `--release` flag), you need a Java Keystore file `release-key.jks` to sign Magisk Manager's APK. For more information, check out [Google's Official Documentation](https://developer.android.com/studio/publish/app-signing.html#signing-manually).
+5. The SafetyNet extension pack requires the full Magisk Manager as a `compileOnly` dependency. Build the **release** APK, convert it back to Java `.class` files (I use [dex2jar](https://github.com/pxb1988/dex2jar)), and place the converted JAR under `snet/libs` before compiling.
 
 ## License
 

build.gradle

@@ -7,7 +7,7 @@ buildscript {
         jcenter()
     }
     dependencies {
-        classpath 'com.android.tools.build:gradle:3.1.2'
+        classpath 'com.android.tools.build:gradle:3.1.3'
         
 
         // NOTE: Do not place your application dependencies here; they belong
@@ -24,8 +24,8 @@ allprojects {
 }
 
 ext {
-    compileSdkVersion = 27
-    buildToolsVersion = "28.0.0-rc1"
+    compileSdkVersion = 28
+    buildToolsVersion = "28.0.0"
     supportLibVersion = "27.1.1"
 }
 

config.prop.sample

@@ -0,0 +1,15 @@
+# The version string and version code of Magisk
+version=
+versionCode=
+
+outdir=out
+
+# Whether use pretty names for zips, e.g. Magisk-v${version}.zip, Magisk-uninstaller-${date}.zip
+# The default output names are magisk-${release/debug/uninstaller}.zip
+prettyName=false
+
+# These pwds are passed to apksigner for release-key.jks. Necessary when building release apks
+# keyPass is the pwd for the specified keyAlias
+keyStorePass=
+keyAlias=
+keyPass=

gradle.properties

@@ -20,3 +20,6 @@ org.gradle.parallel=true
 # When set to true the Gradle daemon is used to run the build. For local developer builds this is our favorite property.
 # The developer environment is optimized for speed and feedback so we nearly always run Gradle jobs with the daemon.
 org.gradle.daemon=true
+
+# Configuration on demand is not supported by the current version of the Android Gradle plugin since you are using Gradle version 4.6 or above
+org.gradle.configureondemand=false

native/build.gradle

@@ -13,8 +13,9 @@ android {
     defaultConfig {
         externalNativeBuild {
             ndkBuild {
-                // Passes an optional argument to ndk-build.
-                arguments "GRADLE=true"
+                // Pass arguments to ndk-build.
+                arguments('B_MAGISK=1', 'B_INIT=1', 'B_BOOT=1', 'MAGISK_VERSION=debug',
+                        'MAGISK_VER_CODE=99999', 'MAGISK_DEBUG=-DMAGISK_DEBUG')
             }
         }
     }

native/jni/Android.mk

@@ -23,7 +23,7 @@ UTIL_SRC := utils/cpio.c \
 # Binaries
 ########################
 
-ifneq "$(or $(PRECOMPILE), $(GRADLE))" ""
+ifdef B_MAGISK
 
 # magisk main binary
 include $(CLEAR_VARS)
@@ -40,9 +40,10 @@ LOCAL_C_INCLUDES := \
 LOCAL_SRC_FILES := \
 	core/magisk.c \
 	core/daemon.c \
-	core/log_monitor.c \
+	core/log_daemon.c \
 	core/bootstages.c \
 	core/socket.c \
+	core/db.c \
 	magiskhide/magiskhide.c \
 	magiskhide/proc_monitor.c \
 	magiskhide/hide_utils.c \
@@ -51,7 +52,6 @@ LOCAL_SRC_FILES := \
 	resetprop/system_properties.cpp \
 	su/su.c \
 	su/activity.c \
-	su/db.c \
 	su/pts.c \
 	su/su_daemon.c \
 	su/su_socket.c \
@@ -63,7 +63,7 @@ include $(BUILD_EXECUTABLE)
 
 endif
 
-ifndef PRECOMPILE
+ifdef B_INIT
 
 # magiskinit
 include $(CLEAR_VARS)
@@ -72,7 +72,8 @@ LOCAL_STATIC_LIBRARIES := libsepol liblzma
 LOCAL_C_INCLUDES := \
 	jni/include \
 	jni/magiskpolicy \
-	../out/$(TARGET_ARCH_ABI) \
+	out \
+	out/$(TARGET_ARCH_ABI) \
 	$(LIBSEPOL) \
 	$(LIBLZMA)
 
@@ -87,6 +88,10 @@ LOCAL_SRC_FILES := \
 LOCAL_LDFLAGS := -static
 include $(BUILD_EXECUTABLE)
 
+endif
+
+ifdef B_BOOT
+
 # magiskboot
 include $(CLEAR_VARS)
 LOCAL_MODULE := magiskboot
@@ -113,8 +118,10 @@ LOCAL_CFLAGS := -DXWRAP_EXIT
 LOCAL_LDLIBS := -lz
 include $(BUILD_EXECUTABLE)
 
-# static binaries
-ifndef GRADLE  # Do not run gradle sync on these binaries
+endif
+
+ifdef B_BXZ
+
 # b64xz
 include $(CLEAR_VARS)
 LOCAL_MODULE := b64xz
@@ -123,11 +130,14 @@ LOCAL_C_INCLUDES := $(LIBLZMA)
 LOCAL_SRC_FILES := b64xz.c
 LOCAL_LDFLAGS := -static
 include $(BUILD_EXECUTABLE)
-# Busybox
-include jni/external/busybox/Android.mk
+
 endif
 
-# Precompile
+ifdef B_BB
+
+# Busybox
+include jni/external/busybox/Android.mk
+
 endif
 
 ########################

native/jni/Application.mk

@@ -1,5 +1,10 @@
 APP_ABI := x86 armeabi-v7a
-APP_PLATFORM := android-21
-APP_CFLAGS := $(MAGISK_FLAGS) -std=gnu99
+APP_CFLAGS := -std=gnu99 ${MAGISK_DEBUG} \
+	-DMAGISK_VERSION="${MAGISK_VERSION}" -DMAGISK_VER_CODE=${MAGISK_VER_CODE} 
 APP_CPPFLAGS := -std=c++11
 APP_SHORT_COMMANDS := true
+ifdef OLD_PLAT
+APP_PLATFORM := android-9
+else
+APP_PLATFORM := android-21	
+endif

native/jni/core/daemon.c

@@ -21,8 +21,9 @@
 #include "resetprop.h"
 #include "magiskpolicy.h"
 
+int setup_done = 0;
 int seperate_vendor = 0;
-int full_patch_pid;
+int full_patch_pid = -1;
 
 static void *request_handler(void *args) {
 	int client = *((int *) args);
@@ -82,7 +83,11 @@ static void *request_handler(void *args) {
 	case LATE_START:
 		late_start(client);
 		break;
+	case HANDSHAKE:
+		/* Do NOT close the client, make it hold */
+		break;
 	default:
+		close(client);
 		break;
 	}
 	return NULL;
@@ -94,30 +99,6 @@ static void *start_magisk_hide(void *args) {
 	return NULL;
 }
 
-static void daemon_saver() {
-	int fd, val;
-	struct sockaddr_un sun;
-
-	// Change process name
-	strcpy(argv0, "magisk_saver");
-
-	while (1) {
-		fd = setup_socket(&sun);
-		while(connect(fd, (struct sockaddr*) &sun, sizeof(sun)))
-			usleep(10000);
-
-		write_int(fd, DO_NOTHING);
-
-		// Should hold forever unless the other side is closed
-		read(fd, &val, sizeof(int));
-
-		// If it came here, the daemon is terminated
-		close(fd);
-		if (fork_dont_care() == 0)
-			start_daemon(0);
-	}
-}
-
 void auto_start_magiskhide() {
 	char *hide_prop = getprop2(MAGISKHIDE_PROP, 1);
 	if (hide_prop == NULL || strcmp(hide_prop, "0") != 0) {
@@ -128,46 +109,48 @@ void auto_start_magiskhide() {
 	free(hide_prop);
 }
 
-void start_daemon(int post_fs_data) {
+void main_daemon() {
 	setsid();
 	setcon("u:r:"SEPOL_PROC_DOMAIN":s0");
 	int fd = xopen("/dev/null", O_RDWR | O_CLOEXEC);
-	xdup2(fd, STDIN_FILENO);
 	xdup2(fd, STDOUT_FILENO);
 	xdup2(fd, STDERR_FILENO);
 	close(fd);
+	fd = xopen("/dev/zero", O_RDWR | O_CLOEXEC);
+	xdup2(fd, STDIN_FILENO);
+	close(fd);
 
-	if (post_fs_data && fork_dont_care() == 0)
-		daemon_saver();
+	// Start the log monitor
+	loggable = exec_command_sync("/system/bin/logcat", "-d", "-f", "/dev/null", NULL) == 0;
+	if (loggable) {
+		connect_daemon2(LOG_DAEMON, &fd);
+		write_int(fd, HANDSHAKE);
+		close(fd);
+	}
 
-	// Block user signals
+	struct sockaddr_un sun;
+	fd = setup_socket(&sun, MAIN_DAEMON);
+
+	if (xbind(fd, (struct sockaddr*) &sun, sizeof(sun)))
+		exit(1);
+	xlisten(fd, 10);
+	LOGI("Magisk v" xstr(MAGISK_VERSION) "(" xstr(MAGISK_VER_CODE) ") daemon started\n");
+
+	// Change process name
+	strcpy(argv0, "magiskd");
+
+	// Block all user signals
 	sigset_t block_set;
 	sigemptyset(&block_set);
 	sigaddset(&block_set, SIGUSR1);
 	sigaddset(&block_set, SIGUSR2);
 	pthread_sigmask(SIG_SETMASK, &block_set, NULL);
 
-	struct sockaddr_un sun;
-	fd = setup_socket(&sun);
-
-	if (xbind(fd, (struct sockaddr*) &sun, sizeof(sun)))
-		exit(1);
-	xlisten(fd, 10);
-
-	// Start the log monitor
-	monitor_logs();
-
-	if (!post_fs_data && (access(MAGISKTMP, F_OK) == 0)) {
-		// Restart stuffs if the daemon is restarted
-		exec_command_sync("logcat", "-b", "all", "-c", NULL);
-		auto_start_magiskhide();
-		start_debug_log();
-	}
-
-	LOGI("Magisk v" xstr(MAGISK_VERSION) "(" xstr(MAGISK_VER_CODE) ") daemon started\n");
-
-	// Change process name
-	strcpy(argv0, "magiskd");
+	// Ignore SIGPIPE
+	struct sigaction act;
+	memset(&act, 0, sizeof(act));
+	act.sa_handler = SIG_IGN;
+	sigaction(SIGPIPE, &act, NULL);
 
 	// Loop forever to listen for requests
 	while(1) {
@@ -180,13 +163,11 @@ void start_daemon(int post_fs_data) {
 	}
 }
 
-/* Connect the daemon, and return a socketfd */
-int connect_daemon(int post_fs_data) {
+/* Connect the daemon, set sockfd, and return if new daemon is spawned */
+int connect_daemon2(daemon_t d, int *sockfd) {
 	struct sockaddr_un sun;
-	int fd = setup_socket(&sun);
-	if (connect(fd, (struct sockaddr*) &sun, sizeof(sun))) {
-		// If we cannot access the daemon, we start a daemon in the child process if possible
-
+	*sockfd = setup_socket(&sun, d);
+	if (connect(*sockfd, (struct sockaddr*) &sun, sizeof(sun))) {
 		if (getuid() != UID_ROOT || getgid() != UID_ROOT) {
 			fprintf(stderr, "No daemon is currently running!\n");
 			exit(1);
@@ -194,12 +175,26 @@ int connect_daemon(int post_fs_data) {
 
 		if (fork_dont_care() == 0) {
 			LOGD("client: connect fail, try launching new daemon process\n");
-			close(fd);
-			start_daemon(post_fs_data);
+			close(*sockfd);
+			switch (d) {
+				case MAIN_DAEMON:
+					main_daemon();
+					break;
+				case LOG_DAEMON:
+					log_daemon();
+					break;
+			}
 		}
 
-		while (connect(fd, (struct sockaddr*) &sun, sizeof(sun)))
+		while (connect(*sockfd, (struct sockaddr*) &sun, sizeof(sun)))
 			usleep(10000);
+		return 1;
 	}
+	return 0;
+}
+
+int connect_daemon() {
+	int fd;
+	connect_daemon2(MAIN_DAEMON, &fd);
 	return fd;
 }

native/jni/core/db.c

@@ -0,0 +1,158 @@
+#include <stdlib.h>
+#include <stdio.h>
+#include <time.h>
+#include <string.h>
+#include <unistd.h>
+#include <sys/stat.h>
+
+#include "magisk.h"
+#include "db.h"
+
+void INIT_DB_STRINGS(struct db_strings *str) {
+	for (int i = 0; i < DB_STRING_NUM; ++i)
+		str->s[i][0] = '\0';
+}
+
+static int policy_cb(void *v, int col_num, char **data, char **col_name) {
+	struct su_access *su = v;
+	for (int i = 0; i < col_num; i++) {
+		if (strcmp(col_name[i], "policy") == 0)
+			su->policy = (policy_t) atoi(data[i]);
+		else if (strcmp(col_name[i], "logging") == 0)
+			su->log = atoi(data[i]);
+		else if (strcmp(col_name[i], "notification") == 0)
+			su->notify = atoi(data[i]);
+	}
+	LOGD("magiskdb: query policy=[%d] log=[%d] notify=[%d]\n", su->policy, su->log, su->notify);
+	return 0;
+}
+
+static int settings_cb(void *v, int col_num, char **data, char **col_name) {
+	struct db_settings *dbs = v;
+	int key = -1, value;
+	for (int i = 0; i < col_num; ++i) {
+		if (strcmp(col_name[i], "key") == 0) {
+			for (int k = 0; k < DB_SETTINGS_NUM; ++k) {
+				if (strcmp(data[i], DB_SETTING_KEYS[k]) == 0)
+					key = k;
+			}
+		} else if (strcmp(col_name[i], "value") == 0) {
+			value = atoi(data[i]);
+		}
+	}
+	if (key >= 0) {
+		dbs->v[key] = value;
+		LOGD("magiskdb: query %s=[%d]\n", DB_SETTING_KEYS[key], value);
+	}
+	return 0;
+}
+
+static int strings_cb(void *v, int col_num, char **data, char **col_name) {
+	struct db_strings *dbs = v;
+	int key = -1;
+	char *value;
+	for (int i = 0; i < col_num; ++i) {
+		if (strcmp(col_name[i], "key") == 0) {
+			for (int k = 0; k < DB_STRING_NUM; ++k) {
+				if (strcmp(data[i], DB_STRING_KEYS[k]) == 0)
+					key = k;
+			}
+		} else if (strcmp(col_name[i], "value") == 0) {
+			value = data[i];
+		}
+	}
+	if (key >= 0) {
+		strcpy(dbs->s[key], value);
+		LOGD("magiskdb: query %s=[%s]\n", DB_STRING_KEYS[key], value);
+	}
+	return 0;
+}
+
+sqlite3 *get_magiskdb() {
+	sqlite3 *db = NULL;
+	if (access(MAGISKDB, R_OK) == 0) {
+		// Open database
+		int ret = sqlite3_open_v2(MAGISKDB, &db, SQLITE_OPEN_READONLY, NULL);
+		if (ret) {
+			LOGE("sqlite3 open failure: %s\n", sqlite3_errstr(ret));
+			sqlite3_close(db);
+			db = NULL;
+		}
+	}
+	return db;
+}
+
+int get_db_settings(sqlite3 *db, int key, struct db_settings *dbs) {
+	if (db == NULL)
+		return 1;
+	char *err;
+	if (key > 0) {
+		char query[128];
+		sprintf(query, "SELECT key, value FROM settings WHERE key=%d", key);
+		sqlite3_exec(db, query, settings_cb, dbs, &err);
+	} else {
+		sqlite3_exec(db, "SELECT key, value FROM settings", settings_cb, dbs, &err);
+	}
+	if (err) {
+		LOGE("sqlite3_exec: %s\n", err);
+		return 1;
+	}
+	return 0;
+}
+
+int get_db_strings(sqlite3 *db, int key, struct db_strings *str) {
+	if (db == NULL)
+		return 1;
+	char *err;
+	if (key > 0) {
+		char query[128];
+		sprintf(query, "SELECT key, value FROM strings WHERE key=%d", key);
+		sqlite3_exec(db, query, strings_cb, str, &err);
+	} else {
+		sqlite3_exec(db, "SELECT key, value FROM strings", strings_cb, str, &err);
+	}
+	if (err) {
+		LOGE("sqlite3_exec: %s\n", err);
+		return 1;
+	}
+	return 0;
+}
+
+int get_uid_policy(sqlite3 *db, int uid, struct su_access *su) {
+	if (db == NULL)
+		return 1;
+	char query[256], *err;
+	sprintf(query, "SELECT policy, logging, notification FROM policies "
+			"WHERE uid=%d AND (until=0 OR until>%li)", uid, time(NULL));
+	sqlite3_exec(db, query, policy_cb, su, &err);
+	if (err) {
+		LOGE("sqlite3_exec: %s\n", err);
+		return 1;
+	}
+	return 0;
+}
+
+int validate_manager(char *pkg, int userid, struct stat *st) {
+	if (st == NULL) {
+		struct stat stat;
+		st = &stat;
+	}
+	// Prefer DE storage
+	const char *base = access("/data/user_de", F_OK) == 0 ? "/data/user_de" : "/data/user";
+	char app_path[128];
+	sprintf(app_path, "%s/%d/%s", base, userid, pkg[0] ? pkg : "xxx");
+	if (stat(app_path, st)) {
+		// Check the official package name
+		sprintf(app_path, "%s/%d/"JAVA_PACKAGE_NAME, base, userid);
+		if (stat(app_path, st)) {
+			LOGE("su: cannot find manager");
+			memset(st, 0, sizeof(*st));
+			pkg[0] = '\0';
+			return 1;
+		} else {
+			// Switch to official package if exists
+			strcpy(pkg, JAVA_PACKAGE_NAME);
+		}
+	}
+	return 0;
+}

native/jni/core/log_daemon.c

@@ -0,0 +1,166 @@
+/* log_daemon.c - A dedicated daemon to monitor logcat
+ *
+ * A universal logcat monitor for many usages. Add listeners to the list,
+ * and the new log line will be sent through sockets to trigger
+ * asynchronous events without polling
+ */
+
+#include <stdio.h>
+#include <pthread.h>
+#include <unistd.h>
+#include <sys/wait.h>
+#include <fcntl.h>
+
+#include "magisk.h"
+#include "utils.h"
+#include "daemon.h"
+
+int loggable = 1;
+static struct vector log_cmd, clear_cmd;
+static int sockfd;
+static pthread_mutex_t lock = PTHREAD_MUTEX_INITIALIZER;
+
+enum {
+	HIDE_EVENT,
+	LOG_EVENT
+};
+
+struct log_listener {
+	int fd;
+	int (*filter) (const char*);
+};
+
+static int am_proc_start_filter(const char *log) {
+	return strstr(log, "am_proc_start") != NULL;
+}
+
+static int magisk_log_filter(const char *log) {
+	return !am_proc_start_filter(log);
+}
+
+static struct log_listener events[] = {
+	{	/* HIDE_EVENT */
+		.fd = -1,
+		.filter = am_proc_start_filter
+	},
+	{	/* LOG_EVENT */
+		.fd = -1,
+		.filter = magisk_log_filter
+	}
+};
+#define EVENT_NUM (sizeof(events) / sizeof(struct log_listener))
+
+static void sigpipe_handler(int sig) {
+	close(events[HIDE_EVENT].fd);
+	events[HIDE_EVENT].fd = -1;
+}
+
+static void *monitor_thread(void *args) {
+	// Block SIGPIPE to prevent interruption
+	sigset_t block_set;
+	sigemptyset(&block_set);
+	sigaddset(&block_set, SIGPIPE);
+	pthread_sigmask(SIG_SETMASK, &block_set, NULL);
+	// Give the main daemon some time before we monitor it
+	sleep(5);
+	int fd;
+	char b;
+	while (1) {
+		fd = connect_daemon();
+		write_int(fd, HANDSHAKE);
+		// This should hold unless the daemon is killed
+		read(fd, &b, sizeof(b));
+		// The main daemon crashed, spawn a new one
+		close(fd);
+	}
+}
+
+static void *logcat_thread(void *args) {
+	int log_fd = -1, log_pid;
+	char line[4096];
+	while (1) {
+		// Start logcat
+		log_pid = exec_array(0, &log_fd, NULL, (char **) vec_entry(&log_cmd));
+		FILE *logs = fdopen(log_fd, "r");
+		while (fgets(line, sizeof(line), logs)) {
+			if (line[0] == '-')
+				continue;
+			size_t len = strlen(line);
+			pthread_mutex_lock(&lock);
+			for (int i = 0; i < EVENT_NUM; ++i) {
+				if (events[i].fd > 0 && events[i].filter(line))
+					write(events[i].fd, line, len);
+			}
+			pthread_mutex_unlock(&lock);
+		}
+
+		fclose(logs);
+		log_fd = -1;
+		kill(log_pid, SIGTERM);
+		waitpid(log_pid, NULL, 0);
+
+		LOGI("magisklogd: logcat output EOF");
+		// Clear buffer
+		log_pid = exec_array(0, NULL, NULL, (char **) vec_entry(&clear_cmd));
+		waitpid(log_pid, NULL, 0);
+	}
+}
+
+void log_daemon() {
+	setsid();
+	struct sockaddr_un sun;
+	sockfd = setup_socket(&sun, LOG_DAEMON);
+	if (xbind(sockfd, (struct sockaddr*) &sun, sizeof(sun)))
+		exit(1);
+	xlisten(sockfd, 10);
+	LOGI("Magisk v" xstr(MAGISK_VERSION) "(" xstr(MAGISK_VER_CODE) ") logger started\n");
+	strcpy(argv0, "magisklogd");
+
+	// Set SIGPIPE handler
+	struct sigaction act;
+	memset(&act, 0, sizeof(act));
+	act.sa_handler = sigpipe_handler;
+	sigaction(SIGPIPE, &act, NULL);
+
+	// Setup log dumps
+	rename(LOGFILE, LOGFILE ".bak");
+	events[LOG_EVENT].fd = xopen(LOGFILE, O_CREAT | O_WRONLY | O_TRUNC | O_CLOEXEC | O_APPEND, 0644);
+
+	// Construct cmdline
+	vec_init(&log_cmd);
+	vec_push_back(&log_cmd, "/system/bin/logcat");
+	// Test whether these buffers actually works
+	const char* b[] = { "main", "events", "crash" };
+	for (int i = 0; i < 3; ++i) {
+		if (exec_command_sync("/system/bin/logcat", "-b", b[i], "-d", "-f", "/dev/null", NULL) == 0)
+			vec_push_back_all(&log_cmd, "-b", b[i], NULL);
+	}
+	vec_dup(&log_cmd, &clear_cmd);
+	vec_push_back_all(&log_cmd, "-v", "threadtime", "-s", "am_proc_start", "Magisk", "*:F", NULL);
+	vec_push_back(&log_cmd, NULL);
+	vec_push_back(&clear_cmd, "-c");
+	vec_push_back(&clear_cmd, NULL);
+
+	// Start worker threads
+	pthread_t thread;
+	pthread_create(&thread, NULL, monitor_thread, NULL);
+	pthread_detach(thread);
+	xpthread_create(&thread, NULL, logcat_thread, NULL);
+	pthread_detach(thread);
+
+	while(1) {
+		int fd = xaccept4(sockfd, NULL, NULL, SOCK_CLOEXEC);
+		switch(read_int(fd)) {
+			case HIDE_CONNECT:
+				pthread_mutex_lock(&lock);
+				close(events[HIDE_EVENT].fd);
+				events[HIDE_EVENT].fd = fd;
+				pthread_mutex_unlock(&lock);
+				break;
+			case HANDSHAKE:
+			default:
+				close(fd);
+				break;
+		}
+	}
+}

native/jni/core/log_monitor.c

@@ -1,193 +0,0 @@
-/* log_monitor.c - New thread to monitor logcat
- *
- * A universal logcat monitor for many usages. Add listeners to the list,
- * and the pointer of the new log line will be sent through pipes to trigger
- * asynchronous events without polling
- */
-
-#include <stdio.h>
-#include <pthread.h>
-#include <unistd.h>
-#include <sys/wait.h>
-
-#include "magisk.h"
-#include "utils.h"
-#include "resetprop.h"
-
-int loggable = 1;
-
-static int am_proc_start_filter(const char *log) {
-	return strstr(log, "am_proc_start") != NULL;
-}
-
-static int magisk_log_filter(const char *log) {
-	char *ss;
-	return (ss = strstr(log, " Magisk")) && (ss[-1] != 'D') && (ss[-1] != 'V');
-}
-
-static int magisk_debug_log_filter(const char *log) {
-	return strstr(log, "Magisk") != NULL;
-}
-
-struct log_listener log_events[] = {
-	{	/* HIDE_EVENT */
-		.fd = -1,
-		.filter = am_proc_start_filter
-	},
-	{	/* LOG_EVENT */
-		.fd = -1,
-		.filter = magisk_log_filter
-	},
-	{	/* DEBUG_EVENT */
-		.fd = -1,
-		.filter = magisk_debug_log_filter
-	}
-};
-
-#ifdef MAGISK_DEBUG
-static int debug_log_pid = -1, debug_log_fd = -1;
-#endif
-
-static void test_logcat() {
-	int log_fd = -1, log_pid;
-	char buf[1];
-	log_pid = exec_command(0, &log_fd, NULL, "logcat", NULL);
-	if (read(log_fd, buf, sizeof(buf)) != sizeof(buf)) {
-		loggable = 0;
-		LOGD("log_monitor: cannot read from logcat, disable logging");
-	}
-	kill(log_pid, SIGTERM);
-	waitpid(log_pid, NULL, 0);
-}
-
-static void *logger_thread(void *args) {
-	int log_fd = -1, log_pid;
-	char line[4096];
-
-	LOGD("log_monitor: logger start");
-
-	while (1) {
-		if (!loggable) {
-			// Disable all services
-			for (int i = 0; i < (sizeof(log_events) / sizeof(struct log_listener)); ++i) {
-				close(log_events[i].fd);
-				log_events[i].fd = -1;
-			}
-			return NULL;
-		}
-
-		// Start logcat
-		log_pid = exec_command(0, &log_fd, NULL, "logcat", "-b", "events", "-b", "main", "-v", "threadtime", "-s", "am_proc_start", "-s", "Magisk", NULL);
-		while (fdgets(line, sizeof(line), log_fd)) {
-			for (int i = 0; i < (sizeof(log_events) / sizeof(struct log_listener)); ++i) {
-				if (log_events[i].fd > 0 && log_events[i].filter(line)) {
-					char *s = strdup(line);
-					xwrite(log_events[i].fd, &s, sizeof(s));
-				}
-			}
-			if (kill(log_pid, 0))
-				break;
-		}
-
-		// Cleanup
-		close(log_fd);
-		log_fd = -1;
-		kill(log_pid, SIGTERM);
-		waitpid(log_pid, NULL, 0);
-
-		// Clear buffer before restart
-		exec_command_sync("logcat", "-b", "events", "-b", "main", "-c", NULL);
-
-		test_logcat();
-	}
-
-	// Should never be here, but well...
-	return NULL;
-}
-
-static void *magisk_log_thread(void *args) {
-	FILE *log = xfopen(LOGFILE, "w");
-	setbuf(log, NULL);
-	int pipefd[2];
-	if (xpipe2(pipefd, O_CLOEXEC) == -1)
-		return NULL;
-
-	LOGD("log_monitor: magisk log dumper start");
-
-	// Register our listener
-	log_events[LOG_EVENT].fd = pipefd[1];
-
-	for (char *line; xxread(pipefd[0], &line, sizeof(line)) > 0; free(line))
-		fprintf(log, "%s", line);
-
-	return NULL;
-}
-
-static void *debug_magisk_log_thread(void *args) {
-	FILE *log = xfopen(DEBUG_LOG, "a");
-	setbuf(log, NULL);
-	int pipefd[2];
-	if (xpipe2(pipefd, O_CLOEXEC) == -1)
-		return NULL;
-
-	LOGD("log_monitor: debug log dumper start");
-
-	// Register our listener
-	log_events[DEBUG_EVENT].fd = pipefd[1];
-
-	for (char *line; xxread(pipefd[0], &line, sizeof(line)) > 0; free(line))
-		fprintf(log, "%s", line);
-
-	return NULL;
-}
-
-/* Start new threads to monitor logcat and dump to logfile */
-void monitor_logs() {
-	pthread_t thread;
-
-	test_logcat();
-
-	if (loggable) {
-		// Start log file dumper before monitor
-		xpthread_create(&thread, NULL, magisk_log_thread, NULL);
-		pthread_detach(thread);
-
-		// Start logcat monitor
-		xpthread_create(&thread, NULL, logger_thread, NULL);
-		pthread_detach(thread);
-	}
-}
-
-void start_debug_full_log() {
-#ifdef MAGISK_DEBUG
-	if (loggable) {
-		// Log everything initially
-		debug_log_fd = xopen(DEBUG_LOG, O_WRONLY | O_CREAT | O_CLOEXEC | O_TRUNC, 0644);
-		debug_log_pid = exec_command(0, &debug_log_fd, NULL, "logcat", "-v", "threadtime", NULL);
-		close(debug_log_fd);
-	}
-#endif
-}
-
-void stop_debug_full_log() {
-#ifdef MAGISK_DEBUG
-	// Stop recording the boot logcat after every boot task is done
-	if (debug_log_pid > 0) {
-		kill(debug_log_pid, SIGTERM);
-		waitpid(debug_log_pid, NULL, 0);
-		// Start debug thread
-		start_debug_log();
-	}
-#endif
-}
-
-void start_debug_log() {
-#ifdef MAGISK_DEBUG
-	if (loggable) {
-		pthread_t thread;
-		// Start debug thread
-		xpthread_create(&thread, NULL, debug_magisk_log_thread, NULL);
-		pthread_detach(thread);
-	}
-#endif
-}

native/jni/core/magisk.c

@@ -12,7 +12,8 @@
 
 char *argv0;
 
-int (*applet_main[]) (int, char *[]) = { su_client_main, resetprop_main, magiskhide_main, NULL };
+int (*applet_main[]) (int, char *[]) =
+		{ su_client_main, resetprop_main, magiskhide_main, imgtool_main, NULL };
 
 int create_links(const char *bin, const char *path) {
 	char self[PATH_MAX], linkpath[PATH_MAX];
@@ -33,8 +34,8 @@ static void usage() {
 	fprintf(stderr,
 		"Magisk v" xstr(MAGISK_VERSION) "(" xstr(MAGISK_VER_CODE) ") (by topjohnwu) multi-call binary\n"
 		"\n"
-		"Usage: %s [applet [arguments]...]\n"
-		"   or: %s [options]...\n"
+		"Usage: magisk [applet [arguments]...]\n"
+		"   or: magisk [options]...\n"
 		"\n"
 		"Options:\n"
 		"   -c                        print current binary version\n"
@@ -42,11 +43,6 @@ static void usage() {
 		"   -V                        print running daemon version code\n"
 		"   --list                    list all available applets\n"
 		"   --install [SOURCE] DIR    symlink all applets to DIR. SOURCE is optional\n"
-		"   --createimg IMG SIZE      create ext4 image. SIZE is interpreted in MB\n"
-		"   --imgsize IMG             report ext4 image used/total size\n"
-		"   --resizeimg IMG SIZE      resize ext4 image. SIZE is interpreted in MB\n"
-		"   --mountimg IMG PATH       mount IMG to PATH and prints the loop device\n"
-		"   --umountimg PATH LOOP     unmount PATH and delete LOOP device\n"
 		"   --daemon                  manually start magisk daemon\n"
 		"   --[init trigger]          start service for init trigger\n"
 		"   --unlock-blocks           set BLKROSET flag to OFF for all block devices\n"
@@ -56,8 +52,7 @@ static void usage() {
 		"Supported init triggers:\n"
 		"   startup, post-fs-data, service\n"
 		"\n"
-		"Supported applets:\n"
-	, argv0, argv0);
+		"Supported applets:\n");
 
 	for (int i = 0; applet[i]; ++i)
 		fprintf(stderr, i ? ", %s" : "    %s", applet[i]);
@@ -65,102 +60,78 @@ static void usage() {
 	exit(1);
 }
 
+int magisk_main(int argc, char *argv[]) {
+	if (argc < 2)
+		usage();
+	if (strcmp(argv[1], "-c") == 0) {
+		printf("%s (%d)\n", MAGISK_VER_STR, MAGISK_VER_CODE);
+		return 0;
+	} else if (strcmp(argv[1], "-v") == 0) {
+		int fd = connect_daemon();
+		write_int(fd, CHECK_VERSION);
+		char *v = read_string(fd);
+		printf("%s\n", v);
+		free(v);
+		return 0;
+	} else if (strcmp(argv[1], "-V") == 0) {
+		int fd = connect_daemon();
+		write_int(fd, CHECK_VERSION_CODE);
+		printf("%d\n", read_int(fd));
+		return 0;
+	} else if (strcmp(argv[1], "--install") == 0) {
+		if (argc < 3) usage();
+		if (argc == 3) return create_links(NULL, argv[2]);
+		else return create_links(argv[2], argv[3]);
+	} else if (strcmp(argv[1], "--list") == 0) {
+		for (int i = 0; applet[i]; ++i)
+			printf("%s\n", applet[i]);
+		return 0;
+	} else if (strcmp(argv[1], "--unlock-blocks") == 0) {
+		unlock_blocks();
+		return 0;
+	} else if (strcmp(argv[1], "--restorecon") == 0) {
+		restorecon();
+		return 0;
+	} else if (strcmp(argv[1], "--clone-attr") == 0) {
+		if (argc < 4) usage();
+		clone_attr(argv[2], argv[3]);
+		return 0;
+	} else if (strcmp(argv[1], "--daemon") == 0) {
+		int fd = connect_daemon();
+		write_int(fd, DO_NOTHING);
+		return 0;
+	} else if (strcmp(argv[1], "--startup") == 0) {
+		startup();
+		return 0;
+	} else if (strcmp(argv[1], "--post-fs-data") == 0) {
+		int fd = connect_daemon();
+		write_int(fd, POST_FS_DATA);
+		return read_int(fd);
+	} else if (strcmp(argv[1], "--service") == 0) {
+		int fd = connect_daemon();
+		write_int(fd, LATE_START);
+		return read_int(fd);
+	}
+
+	// Applets
+	argc--;
+	argv++;
+	for (int i = 0; applet[i]; ++i) {
+		if (strcmp(basename(argv[0]), applet[i]) == 0) {
+			strcpy(argv0, basename(argv[0]));
+			return (*applet_main[i])(argc, argv);
+		}
+	}
+
+	usage();
+	return 1;
+}
+
 int main(int argc, char *argv[]) {
 	umask(0);
 	argv0 = argv[0];
-	if (strcmp(basename(argv[0]), "magisk") == 0) {
-		if (argc < 2) usage();
-		if (strcmp(argv[1], "-c") == 0) {
-			printf("%s (%d)\n", MAGISK_VER_STR, MAGISK_VER_CODE);
-			return 0;
-		} else if (strcmp(argv[1], "-v") == 0) {
-			int fd = connect_daemon(0);
-			write_int(fd, CHECK_VERSION);
-			char *v = read_string(fd);
-			printf("%s\n", v);
-			free(v);
-			return 0;
-		} else if (strcmp(argv[1], "-V") == 0) {
-			int fd = connect_daemon(0);
-			write_int(fd, CHECK_VERSION_CODE);
-			printf("%d\n", read_int(fd));
-			return 0;
-		} else if (strcmp(argv[1], "--install") == 0) {
-			if (argc < 3) usage();
-			if (argc == 3) return create_links(NULL, argv[2]);
-			else return create_links(argv[2], argv[3]);
-		} else if (strcmp(argv[1], "--list") == 0) {
-			for (int i = 0; applet[i]; ++i)
-				printf("%s\n", applet[i]);
-			return 0;
-		} else if (strcmp(argv[1], "--createimg") == 0) {
-			if (argc < 4) usage();
-			int size;
-			sscanf(argv[3], "%d", &size);
-			return create_img(argv[2], size);
-		} else if (strcmp(argv[1], "--imgsize") == 0) {
-			if (argc < 3) usage();
-			int used, total;
-			if (get_img_size(argv[2], &used, &total)) {
-				fprintf(stderr, "Cannot check %s size\n", argv[2]);
-				return 1;
-			}
-			printf("%d %d\n", used, total);
-			return 0;
-		} else if (strcmp(argv[1], "--resizeimg") == 0) {
-			if (argc < 4) usage();
-			int used, total, size;
-			sscanf(argv[3], "%d", &size);
-			if (get_img_size(argv[2], &used, &total)) {
-				fprintf(stderr, "Cannot check %s size\n", argv[2]);
-				return 1;
-			}
-			if (size <= used) {
-				fprintf(stderr, "Cannot resize smaller than %dM\n", used);
-				return 1;
-			}
-			return resize_img(argv[2], size);
-		} else if (strcmp(argv[1], "--mountimg") == 0) {
-			if (argc < 4) usage();
-			char *loop = mount_image(argv[2], argv[3]);
-			if (loop == NULL) {
-				fprintf(stderr, "Cannot mount image!\n");
-				return 1;
-			} else {
-				printf("%s\n", loop);
-				free(loop);
-				return 0;
-			}
-		} else if (strcmp(argv[1], "--umountimg") == 0) {
-			if (argc < 4) usage();
-			umount_image(argv[2], argv[3]);
-			return 0;
-		} else if (strcmp(argv[1], "--unlock-blocks") == 0) {
-			unlock_blocks();
-			return 0;
-		} else if (strcmp(argv[1], "--restorecon") == 0) {
-			fix_filecon();
-			return 0;
-		} else if (strcmp(argv[1], "--clone-attr") == 0) {
-			if (argc < 4) usage();
-			clone_attr(argv[2], argv[3]);
-			return 0;
-		} else if (strcmp(argv[1], "--daemon") == 0) {
-			int fd = connect_daemon(0);
-			close(fd);
-			return 0;
-		} else if (strcmp(argv[1], "--startup") == 0) {
-			startup();
-			return 0;
-		} else if (strcmp(argv[1], "--post-fs-data") == 0) {
-			int fd = connect_daemon(1);
-			write_int(fd, POST_FS_DATA);
-			return read_int(fd);
-		} else if (strcmp(argv[1], "--service") == 0) {
-			int fd = connect_daemon(0);
-			write_int(fd, LATE_START);
-			return read_int(fd);
-		} else {
+	if (strcmp(basename(argv0), "magisk.bin") == 0) {
+		if (argc >= 2) {
 			// It's calling applets
 			--argc;
 			++argv;
@@ -169,10 +140,12 @@ int main(int argc, char *argv[]) {
 
 	// Applets
 	for (int i = 0; applet[i]; ++i) {
-		if (strcmp(basename(argv[0]), applet[i]) == 0)
+		if (strcmp(basename(argv[0]), applet[i]) == 0) {
+			strcpy(argv0, basename(argv[0]));
 			return (*applet_main[i])(argc, argv);
+		}
 	}
 
-	fprintf(stderr, "%s: applet not found\n", basename(argv[0]));
-	return 1;
+	// Not an applet
+	return magisk_main(argc, argv);
 }

native/jni/core/magiskinit.c

@@ -39,7 +39,9 @@
 #include <lzma.h>
 #include <cil/cil.h>
 
-#include "dump.h"
+#include "binaries_xz.h"
+#include "binaries_arch_xz.h"
+
 #include "magiskrc.h"
 #include "utils.h"
 #include "magiskpolicy.h"
@@ -55,8 +57,6 @@
 
 extern policydb_t *policydb;
 int (*init_applet_main[]) (int, char *[]) = { magiskpolicy_main, magiskpolicy_main, NULL };
-static char RAND_SOCKET_NAME[sizeof(SOCKET_NAME)];
-static int SOCKET_OFF = -1;
 
 struct cmdline {
 	char skip_initramfs;
@@ -73,7 +73,7 @@ struct device {
 
 static void parse_cmdline(struct cmdline *cmd) {
 	// cleanup
-	memset(cmd, 0, sizeof(&cmd));
+	memset(cmd, 0, sizeof(*cmd));
 
 	char cmdline[4096];
 	mkdir("/proc", 0555);
@@ -131,7 +131,7 @@ static int setup_block(struct device *dev, const char *partname) {
 		buffer[size] = '\0';
 		close(fd);
 		parse_device(dev, buffer);
-		if (strcmp(dev->partname, partname) == 0) {
+		if (strcasecmp(dev->partname, partname) == 0) {
 			snprintf(dev->path, sizeof(dev->path), "/dev/block/%s", dev->devname);
 			found = 1;
 			break;
@@ -321,7 +321,15 @@ static int unxz(const void *buf, size_t size, int fd) {
 static int dump_magisk(const char *path, mode_t mode) {
 	unlink(path);
 	int fd = creat(path, mode);
-	int ret = unxz(magisk_dump, sizeof(magisk_dump), fd);
+	int ret = unxz(magisk_xz, sizeof(magisk_xz), fd);
+	close(fd);
+	return ret;
+}
+
+static int dump_manager(const char *path, mode_t mode) {
+	unlink(path);
+	int fd = creat(path, mode);
+	int ret = unxz(manager_xz, sizeof(manager_xz), fd);
 	close(fd);
 	return ret;
 }
@@ -335,18 +343,21 @@ static int dump_magiskrc(const char *path, mode_t mode) {
 
 static void patch_socket_name(const char *path) {
 	void *buf;
+	char name[sizeof(MAIN_SOCKET)];
 	size_t size;
 	mmap_rw(path, &buf, &size);
-	if (SOCKET_OFF < 0) {
-		for (int i = 0; i < size; ++i) {
-			if (memcmp(buf + i, SOCKET_NAME, sizeof(SOCKET_NAME)) == 0) {
-				SOCKET_OFF = i;
-				break;
-			}
+	for (int i = 0; i < size; ++i) {
+		if (memcmp(buf + i, MAIN_SOCKET, sizeof(MAIN_SOCKET)) == 0) {
+			gen_rand_str(name, sizeof(name));
+			memcpy(buf + i, name, sizeof(name));
+			i += sizeof(name);
+		}
+		if (memcmp(buf + i, LOG_SOCKET, sizeof(LOG_SOCKET)) == 0) {
+			gen_rand_str(name, sizeof(name));
+			memcpy(buf + i, name, sizeof(name));
+			i += sizeof(name);
 		}
 	}
-	gen_rand_str(RAND_SOCKET_NAME, sizeof(SOCKET_NAME));
-	memcpy(buf + SOCKET_OFF, RAND_SOCKET_NAME, sizeof(SOCKET_NAME));
 	munmap(buf, size);
 }
 
@@ -361,6 +372,8 @@ int main(int argc, char *argv[]) {
 	if (argc > 1 && strcmp(argv[1], "-x") == 0) {
 		if (strcmp(argv[2], "magisk") == 0)
 			return dump_magisk(argv[3], 0755);
+		else if (strcmp(argv[2], "manager") == 0)
+			return dump_manager(argv[3], 0644);
 		else if (strcmp(argv[2], "magiskrc") == 0)
 			return dump_magiskrc(argv[3], 0755);
 	}
@@ -418,6 +431,9 @@ int main(int argc, char *argv[]) {
 	 * Early Mount
 	 * ************/
 
+	int mounted_system = 0;
+	int mounted_vendor = 0;
+
 	// If skip_initramfs or using split policies, we need early mount
 	if (cmd.skip_initramfs || access("/sepolicy", R_OK) != 0) {
 		char partname[32];
@@ -444,12 +460,15 @@ int main(int argc, char *argv[]) {
 			xmount("/system_root/system", "/system", NULL, MS_BIND, NULL);
 		} else {
 			xmount(dev.path, "/system", "ext4", MS_RDONLY, NULL);
+			mounted_system = 1;
 		}
 
 		// Mount vendor
 		snprintf(partname, sizeof(partname), "vendor%s", cmd.slot);
-		if (setup_block(&dev, partname) == 0)
+		if (setup_block(&dev, partname) == 0) {
 			xmount(dev.path, "/vendor", "ext4", MS_RDONLY, NULL);
+			mounted_vendor = 1;
+		}
 	}
 
 	/* *************
@@ -480,9 +499,10 @@ int main(int argc, char *argv[]) {
 
 	// Clean up
 	close(root);
-	if (!cmd.skip_initramfs)
+	if (mounted_system)
 		umount("/system");
-	umount("/vendor");
+	if (mounted_vendor)
+		umount("/vendor");
 
 	// Finally, give control back!
 	execv("/init", argv);

native/jni/core/socket.c

@@ -8,19 +8,25 @@
 #include "utils.h"
 #include "magisk.h"
 
-static char socket_name[] = SOCKET_NAME;  /* Workaround compiler bug pre NDK r13 */
-
 /* Setup the address and return socket fd */
-int setup_socket(struct sockaddr_un *sun) {
+int setup_socket(struct sockaddr_un *sun, daemon_t d) {
 	int fd = xsocket(AF_LOCAL, SOCK_STREAM | SOCK_CLOEXEC, 0);
 	memset(sun, 0, sizeof(*sun));
 	sun->sun_family = AF_LOCAL;
 	sun->sun_path[0] = '\0';
-	memcpy(sun->sun_path + 1, socket_name, sizeof(SOCKET_NAME));
+	const char *name;
+	switch (d) {
+		case MAIN_DAEMON:
+			name = MAIN_SOCKET;
+			break;
+		case LOG_DAEMON:
+			name = LOG_SOCKET;
+			break;
+	}
+	strcpy(sun->sun_path + 1, name);
 	return fd;
 }
 
-
 /*
  * Receive a file descriptor from a Unix socket.
  * Contributed by @mkasick

native/jni/external/Android.mk

@@ -1,4 +1,4 @@
-LOCAL_PATH:= $(call my-dir)
+LOCAL_PATH := $(call my-dir)
 
 # libsqlite.so (stub)
 include $(CLEAR_VARS)
@@ -175,7 +175,7 @@ LOCAL_SRC_FILES := \
 	xz/src/liblzma/simple/simple_encoder.c \
 	xz/src/liblzma/simple/sparc.c \
 	xz/src/liblzma/simple/x86.c
-LOCAL_CFLAGS += -DHAVE_CONFIG_H -std=c99
+LOCAL_CFLAGS += -DHAVE_CONFIG_H -Wno-implicit-function-declaration
 include $(BUILD_STATIC_LIBRARY)
 
 # libsepol.a

native/jni/include/daemon.h

@@ -8,7 +8,7 @@
 #include <sys/un.h>
 #include <sys/socket.h>
 
-extern int is_daemon_init;
+extern int setup_done;
 extern int seperate_vendor;
 extern int full_patch_pid;
 
@@ -24,7 +24,9 @@ enum {
 	STOP_MAGISKHIDE,
 	ADD_HIDELIST,
 	RM_HIDELIST,
-	LS_HIDELIST
+	LS_HIDELIST,
+	HIDE_CONNECT,
+	HANDSHAKE
 };
 
 // Return codes for daemon
@@ -39,15 +41,26 @@ enum {
 	HIDE_ITEM_NOT_EXIST,
 };
 
+typedef enum {
+	MAIN_DAEMON,
+	LOG_DAEMON
+} daemon_t;
+
 // daemon.c
 
-void start_daemon(int post_fs_data);
-int connect_daemon(int post_fs_data);
+void main_daemon();
+int connect_daemon();
+int connect_daemon2(daemon_t d, int *sockfd);
 void auto_start_magiskhide();
 
+// log_monitor.c
+
+extern int loggable;
+void log_daemon();
+
 // socket.c
 
-int setup_socket(struct sockaddr_un *sun);
+int setup_socket(struct sockaddr_un *sun, daemon_t d);
 int recv_fd(int sockfd);
 void send_fd(int sockfd, int fd);
 int read_int(int fd);
@@ -62,7 +75,6 @@ void write_string(int fd, const char* val);
 void startup();
 void post_fs_data(int client);
 void late_start(int client);
-void fix_filecon();
 
 /**************
  * MagiskHide *

native/jni/include/db.h

@@ -0,0 +1,123 @@
+#ifndef DB_H
+#define DB_H
+
+#include <sqlite3.h>
+#include <sys/stat.h>
+
+/***************
+ * DB Settings *
+ ***************/
+
+#define DB_SETTING_KEYS ((char *[]) { \
+"root_access", \
+"multiuser_mode", \
+"mnt_ns" \
+})
+
+#define DB_SETTINGS_NUM (sizeof(DB_SETTING_KEYS) / sizeof(char*))
+
+// Settings indices
+enum {
+	ROOT_ACCESS = 0,
+	SU_MULTIUSER_MODE,
+	SU_MNT_NS
+};
+
+// Values for root_access
+enum {
+	ROOT_ACCESS_DISABLED = 0,
+	ROOT_ACCESS_APPS_ONLY,
+	ROOT_ACCESS_ADB_ONLY,
+	ROOT_ACCESS_APPS_AND_ADB
+};
+
+// Values for multiuser_mode
+enum {
+	MULTIUSER_MODE_OWNER_ONLY = 0,
+	MULTIUSER_MODE_OWNER_MANAGED,
+	MULTIUSER_MODE_USER
+};
+
+// Values for mnt_ns
+enum {
+	NAMESPACE_MODE_GLOBAL = 0,
+	NAMESPACE_MODE_REQUESTER,
+	NAMESPACE_MODE_ISOLATE
+};
+
+struct db_settings {
+	int v[DB_SETTINGS_NUM];
+};
+
+#define DEFAULT_DB_SETTINGS (struct db_settings) { .v = {\
+ROOT_ACCESS_APPS_AND_ADB, \
+MULTIUSER_MODE_OWNER_ONLY, \
+NAMESPACE_MODE_REQUESTER \
+}}
+
+/**************
+ * DB Strings *
+ **************/
+
+#define DB_STRING_KEYS ((char *[]) { \
+"requester" \
+})
+
+#define DB_STRING_NUM (sizeof(DB_STRING_KEYS) / sizeof(char*))
+
+// Strings indices
+enum {
+	SU_MANAGER = 0
+};
+
+struct db_strings {
+	char s[DB_STRING_NUM][128];
+};
+
+void INIT_DB_STRINGS(struct db_strings *str);
+
+/*************
+ * SU Access *
+ *************/
+
+typedef enum {
+	QUERY = 0,
+	DENY = 1,
+	ALLOW = 2,
+} policy_t;
+
+struct su_access {
+	policy_t policy;
+	int log;
+	int notify;
+};
+
+#define DEFAULT_SU_ACCESS (struct su_access) { \
+.policy = QUERY, \
+.log = 1, \
+.notify = 1 \
+}
+
+#define SILENT_SU_ACCESS (struct su_access) { \
+.policy = ALLOW, \
+.log = 0, \
+.notify = 0 \
+}
+
+#define NO_SU_ACCESS (struct su_access) { \
+.policy = DENY, \
+.log = 0, \
+.notify = 0 \
+}
+
+/********************
+ * Public Functions *
+ ********************/
+
+sqlite3 *get_magiskdb();
+int get_db_settings(sqlite3 *db, int key, struct db_settings *dbs);
+int get_db_strings(sqlite3 *db, int key, struct db_strings *str);
+int get_uid_policy(sqlite3 *db, int uid, struct su_access *su);
+int validate_manager(char *pkg, int userid, struct stat *st);
+
+#endif //DB_H

native/jni/include/logging.h

@@ -46,25 +46,6 @@
 #define LOGE(...)  __android_log_print(ANDROID_LOG_ERROR, LOG_TAG, __VA_ARGS__)
 #define PLOGE(fmt, args...) LOGE(fmt " failed with %d: %s", ##args, errno, strerror(errno))
 
-enum {
-	HIDE_EVENT,
-	LOG_EVENT,
-	DEBUG_EVENT
-};
-
-struct log_listener {
-	int fd;
-	int (*filter) (const char*);
-};
-
-extern struct log_listener log_events[];
-extern int loggable;
-
-void monitor_logs();
-void start_debug_full_log();
-void stop_debug_full_log();
-void start_debug_log();
-
 #endif
 
 /********************

native/jni/include/magisk.h

@@ -7,7 +7,9 @@
 #include "logging.h"
 
 #define MAGISK_VER_STR  xstr(MAGISK_VERSION) ":MAGISK"
-#define SOCKET_NAME     "d30138f2310a9fb9c54a3e0c21f58591"
+#define MAIN_SOCKET  "d30138f2310a9fb9c54a3e0c21f58591"
+#define LOG_SOCKET   "5864cd77f2f8c59b3882e2d35dbf51e4"
+#define JAVA_PACKAGE_NAME "com.topjohnwu.magisk"
 
 #ifndef ARG_MAX
 #define ARG_MAX 4096
@@ -16,29 +18,29 @@
 #define LOGFILE         "/cache/magisk.log"
 #define UNBLOCKFILE     "/dev/.magisk.unblock"
 #define DISABLEFILE     "/cache/.disable_magisk"
-#define UNINSTALLER     "/cache/magisk_uninstaller.sh"
 #define MAGISKTMP       "/sbin/.core"
+#define BLOCKDIR        MAGISKTMP "/block"
 #define MIRRDIR         MAGISKTMP "/mirror"
 #define BBPATH          MAGISKTMP "/busybox"
 #define MOUNTPOINT      MAGISKTMP "/img"
 #define COREDIR         MOUNTPOINT "/.core"
 #define HOSTSFILE       COREDIR "/hosts"
 #define HIDELIST        COREDIR "/hidelist"
-#define SECURE_DIR      "/data/adb/"
-#define MAINIMG         SECURE_DIR "magisk.img"
-#define DATABIN         SECURE_DIR "magisk"
-#define MAGISKDB        SECURE_DIR "magisk.db"
-#define SIMPLEMOUNT     SECURE_DIR "magisk_simple"
-#define DEBUG_LOG       SECURE_DIR "magisk_debug.log"
+#define SECURE_DIR      "/data/adb"
+#define MAINIMG         SECURE_DIR "/magisk.img"
+#define DATABIN         SECURE_DIR "/magisk"
+#define MAGISKDB        SECURE_DIR "/magisk.db"
+#define SIMPLEMOUNT     SECURE_DIR "/magisk_simple"
 #define MANAGERAPK      DATABIN "/magisk.apk"
 #define MAGISKRC        "/init.magisk.rc"
 
 
 // selinuxfs paths
-#define SELINUX_PATH        "/sys/fs/selinux/"
-#define SELINUX_ENFORCE     SELINUX_PATH "enforce"
-#define SELINUX_POLICY      SELINUX_PATH "policy"
-#define SELINUX_LOAD        SELINUX_PATH "load"
+#define SELINUX_PATH        "/sys/fs/selinux"
+#define SELINUX_ENFORCE     SELINUX_PATH "/enforce"
+#define SELINUX_POLICY      SELINUX_PATH "/policy"
+#define SELINUX_LOAD        SELINUX_PATH "/load"
+#define SELINUX_CONTEXT     SELINUX_PATH "/context"
 
 // split policy paths
 #define PLAT_POLICY_DIR     "/system/etc/selinux/"
@@ -52,7 +54,7 @@
 
 extern char *argv0;     /* For changing process name */
 
-#define applet          ((char *[]) { "su", "resetprop", "magiskhide", NULL })
+#define applet          ((char *[]) { "su", "resetprop", "magiskhide", "imgtool", NULL })
 #define init_applet     ((char *[]) { "magiskpolicy", "supolicy", NULL })
 
 extern int (*applet_main[]) (int, char *[]), (*init_applet_main[]) (int, char *[]);
@@ -64,5 +66,6 @@ int magiskhide_main(int argc, char *argv[]);
 int magiskpolicy_main(int argc, char *argv[]);
 int su_client_main(int argc, char *argv[]);
 int resetprop_main(int argc, char *argv[]);
+int imgtool_main(int argc, char *argv[]);
 
 #endif

native/jni/include/magiskrc.h

@@ -1,3 +1,4 @@
+#include "magisk.h"
 #include "magiskpolicy.h"
 
 const char magiskrc[] =
@@ -10,9 +11,9 @@ const char magiskrc[] =
 
 "on post-fs-data\n"
 "   load_persist_props\n"
-"   rm /dev/.magisk.unblock\n"
+"   rm "UNBLOCKFILE"\n"
 "   start magisk_startup\n"
-"   wait /dev/.magisk.unblock 10\n"
+"   wait "UNBLOCKFILE" 10\n"
 "   rm /dev/.magisk.unblock\n"
 "\n"
 

native/jni/include/utils.h

@@ -83,7 +83,8 @@ void ps(void (*func)(int));
 void ps_filter_proc_name(const char *filter, void (*func)(int));
 void unlock_blocks();
 void setup_sighandlers(void (*handler)(int));
-int exec_command(int err, int *fd, void (*setupenv)(struct vector*), const char *argv0, ...);
+int exec_array(int err, int *fd, void (*setenv)(struct vector *), char *const *argv);
+int exec_command(int err, int *fd, void (*setenv)(struct vector*), const char *argv0, ...);
 int exec_command_sync(char *const argv0, ...);
 int bind_mount(const char *from, const char *to);
 void get_client_cred(int fd, struct ucred *cred);
@@ -122,7 +123,7 @@ int setattrat(int dirfd, const char *pathname, struct file_attr *a);
 int fsetattr(int fd, struct file_attr *a);
 void fclone_attr(const int sourcefd, const int targetfd);
 void clone_attr(const char *source, const char *target);
-void restorecon(int dirfd);
+void restorecon();
 int mmap_ro(const char *filename, void **buf, size_t *size);
 int mmap_rw(const char *filename, void **buf, size_t *size);
 void fd_full_read(int fd, void **buf, size_t *size);
@@ -133,17 +134,12 @@ void write_zero(int fd, size_t size);
 
 // img.c
 
-#define round_size(a) ((((a) / 32) + 2) * 32)
-#define SOURCE_TMP "/dev/source"
-#define TARGET_TMP "/dev/target"
-
 int create_img(const char *img, int size);
-int get_img_size(const char *img, int *used, int *total);
 int resize_img(const char *img, int size);
 char *mount_image(const char *img, const char *target);
-void umount_image(const char *target, const char *device);
+int umount_image(const char *target, const char *device);
 int merge_img(const char *source, const char *target);
-void trim_img(const char *img);
+int trim_img(const char *img, const char *mount, char *loop);
 
 // pattern.c
 

native/jni/include/vector.h

@@ -14,11 +14,12 @@ struct vector {
 
 void vec_init(struct vector *v);
 void vec_push_back(struct vector *v, void *p);
+void vec_push_back_all(struct vector *v, void *p, ...);
 void *vec_pop_back(struct vector *v);
 void vec_sort(struct vector *v, int (*compar)(const void *, const void *));
 void vec_destroy(struct vector *v);
 void vec_deep_destroy(struct vector *v);
-struct vector *vec_dup(struct vector *v);
+void vec_dup(struct vector *v, struct vector *vv);
 
 #define vec_size(v) (v)->size
 #define vec_cap(v) (v)->cap

native/jni/magiskboot/bootimg.c

@@ -1,6 +1,7 @@
 #include <stdlib.h>
 #include <unistd.h>
 #include <fcntl.h>
+#include <libfdt.h>
 #include <sys/mman.h>
 
 #include "bootimg.h"
@@ -181,6 +182,29 @@ int parse_img(const char *image, boot_img *boot) {
 			// Search for dtb in kernel
 			for (uint32_t i = 0; i < header(boot, kernel_size); ++i) {
 				if (memcmp(boot->kernel + i, DTB_MAGIC, 4) == 0) {
+					// Check that fdt_header.totalsize does not overflow kernel image size
+					uint32_t dt_size = fdt32_to_cpu(*(uint32_t *)(boot->kernel + i + 4));
+					if (dt_size > header(boot, kernel_size) - i) {
+						fprintf(stderr, "Invalid DTB detection at 0x%x: size (%u) > remaining (%u)\n",
+								i, dt_size, header(boot, kernel_size) - i);
+						continue;
+					}
+
+					// Check that fdt_header.off_dt_struct does not overflow kernel image size
+					uint32_t dt_struct_offset = fdt32_to_cpu(*(uint32_t *)(boot->kernel + i + 8));
+					if (dt_struct_offset > header(boot, kernel_size) - i) {
+						fprintf(stderr, "Invalid DTB detection at 0x%x: struct offset (%u) > remaining (%u)\n",
+								i, dt_struct_offset, header(boot, kernel_size) - i);
+						continue;
+					}
+
+					// Check that fdt_node_header.tag of first node is FDT_BEGIN_NODE
+					uint32_t dt_begin_node = fdt32_to_cpu(*(uint32_t *)(boot->kernel + i + dt_struct_offset));
+					if (dt_begin_node != FDT_BEGIN_NODE) {
+						fprintf(stderr, "Invalid DTB detection at 0x%x: header tag of first node != FDT_BEGIN_NODE\n", i);
+						continue;
+					}
+
 					boot->dtb = boot->kernel + i;
 					boot->dt_size = header(boot, kernel_size) - i;
 					lheader(boot, kernel_size, = i);

native/jni/magiskboot/main.c

@@ -17,92 +17,92 @@ static void usage(char *arg0) {
 		"Usage: %s <action> [args...]\n"
 		"\n"
 		"Supported actions:\n"
-		" --parse <bootimg>\n"
-		"  Parse <bootimg> only, do not unpack. Return values: \n"
+		"  --parse <bootimg>\n"
+		"    Parse <bootimg> only, do not unpack. Return values: \n"
 		"    0:OK   1:error   2:insufficient boot partition size\n"
 		"    3:chromeos   4:ELF32   5:ELF64\n"
 		"\n"
-		" --unpack <bootimg>\n"
-		"  Unpack <bootimg> to kernel, ramdisk.cpio, (second), (dtb), (extra) into\n"
-		"  the current directory. Return value is the same as --parse\n"
+		"  --unpack <bootimg>\n"
+		"     Unpack <bootimg> to kernel, ramdisk.cpio, (second), (dtb), (extra) into\n"
+		"     the current directory. Return value is the same as --parse\n"
 		"\n"
-		" --repack <origbootimg> [outbootimg]\n"
-		"  Repack kernel, ramdisk.cpio[.ext], second, dtb... from current directory\n"
-		"  to [outbootimg], or new-boot.img if not specified.\n"
-		"  It will compress ramdisk.cpio with the same method used in <origbootimg>,\n"
-		"  or attempt to find ramdisk.cpio.[ext], and repack directly with the\n"
-		"  compressed ramdisk file\n"
+		"  --repack <origbootimg> [outbootimg]\n"
+		"    Repack kernel, ramdisk.cpio[.ext], second, dtb... from current directory\n"
+		"    to [outbootimg], or new-boot.img if not specified.\n"
+		"    It will compress ramdisk.cpio with the same method used in <origbootimg>,\n"
+		"    or attempt to find ramdisk.cpio.[ext], and repack directly with the\n"
+		"    compressed ramdisk file\n"
 		"\n"
-		" --hexpatch <file> <hexpattern1> <hexpattern2>\n"
-		"  Search <hexpattern1> in <file>, and replace with <hexpattern2>\n"
+		"  --hexpatch <file> <hexpattern1> <hexpattern2>\n"
+		"    Search <hexpattern1> in <file>, and replace with <hexpattern2>\n"
 		"\n"
-		" --cpio <incpio> [commands...]\n"
-		"  Do cpio commands to <incpio> (modifications are done directly)\n"
-		"  Each command is a single argument, use quotes if necessary\n"
-		"  Supported commands:\n"
-		"    rm [-r] ENTRY\n"
-		"      Remove ENTRY, specify [-r] to remove recursively\n"
-		"    mkdir MODE ENTRY\n"
-		"      Create directory ENTRY in permissions MODE\n"
-		"    ln TARGET ENTRY\n"
-		"      Create a symlink to TARGET with the name ENTRY\n"
-		"    mv SOURCE DEST\n"
-		"      Move SOURCE to DEST\n"
-		"    add MODE ENTRY INFILE\n"
-		"      Add INFILE as ENTRY in permissions MODE; replaces ENTRY if exists\n"
-		"    extract [ENTRY OUT]\n"
-		"      Extract ENTRY to OUT, or extract all entries to current directory\n"
-		"    test\n"
-		"      Test the current cpio's patch status\n"
-		"      Return value: 0/stock 1/Magisk 2/other (phh, SuperSU, Xposed)\n"
-		"    patch KEEPVERITY KEEPFORCEENCRYPT\n"
-		"      Ramdisk patches. KEEP**** are boolean values\n"
-		"    backup ORIG [SHA1]\n"
-		"      Create ramdisk backups from ORIG\n"
-		"      SHA1 of stock boot image is optional\n"
-		"    restore\n"
-		"      Restore ramdisk from ramdisk backup stored within incpio\n"
-		"    magisk ORIG HIGHCOMP KEEPVERITY KEEPFORCEENCRYPT [SHA1]\n"
-		"      Do Magisk patches and backups all in one step\n"
-		"      Create ramdisk backups from ORIG\n"
-		"      HIGHCOMP, KEEP**** are boolean values\n"
-		"      SHA1 of stock boot image is optional\n"
-		"    sha1\n"
-		"      Print stock boot SHA1 if previously stored\n"
+		"  --cpio <incpio> [commands...]\n"
+		"    Do cpio commands to <incpio> (modifications are done directly)\n"
+		"    Each command is a single argument, use quotes if necessary\n"
+		"    Supported commands:\n"
+		"      rm [-r] ENTRY\n"
+		"        Remove ENTRY, specify [-r] to remove recursively\n"
+		"      mkdir MODE ENTRY\n"
+		"        Create directory ENTRY in permissions MODE\n"
+		"      ln TARGET ENTRY\n"
+		"        Create a symlink to TARGET with the name ENTRY\n"
+		"      mv SOURCE DEST\n"
+		"        Move SOURCE to DEST\n"
+		"      add MODE ENTRY INFILE\n"
+		"        Add INFILE as ENTRY in permissions MODE; replaces ENTRY if exists\n"
+		"      extract [ENTRY OUT]\n"
+		"        Extract ENTRY to OUT, or extract all entries to current directory\n"
+		"      test\n"
+		"        Test the current cpio's patch status\n"
+		"        Return value: 0/stock 1/Magisk 2/other (phh, SuperSU, Xposed)\n"
+		"      patch KEEPVERITY KEEPFORCEENCRYPT\n"
+		"        Ramdisk patches. KEEP**** are boolean values\n"
+		"      backup ORIG [SHA1]\n"
+		"        Create ramdisk backups from ORIG\n"
+		"        SHA1 of stock boot image is optional\n"
+		"      restore\n"
+		"        Restore ramdisk from ramdisk backup stored within incpio\n"
+		"      magisk ORIG HIGHCOMP KEEPVERITY KEEPFORCEENCRYPT [SHA1]\n"
+		"        Do Magisk patches and backups all in one step\n"
+		"        Create ramdisk backups from ORIG\n"
+		"        HIGHCOMP, KEEP**** are boolean values\n"
+		"        SHA1 of stock boot image is optional\n"
+		"      sha1\n"
+		"        Print stock boot SHA1 if previously stored\n"
 		"\n"
-		" --dtb-<cmd> <dtb>\n"
-		"  Do dtb related cmds to <dtb> (modifications are done directly)\n"
-		"  Supported commands:\n"
-		"    dump\n"
-		"      Dump all contents from dtb for debugging\n"
-		"    test\n"
-		"      Check if fstab has verity/avb flags\n"
-		"      Return value: 0/no flags 1/flag exists\n"
-		"    patch\n"
-		"      Search for fstab and remove verity/avb\n"
+		"  --dtb-<cmd> <dtb>\n"
+		"    Do dtb related cmds to <dtb> (modifications are done directly)\n"
+		"    Supported commands:\n"
+		"      dump\n"
+		"        Dump all contents from dtb for debugging\n"
+		"      test\n"
+		"        Check if fstab has verity/avb flags\n"
+		"        Return value: 0/no flags 1/flag exists\n"
+		"      patch\n"
+		"        Search for fstab and remove verity/avb\n"
 		"\n"
-		" --compress[=method] <infile> [outfile]\n"
-		"  Compress <infile> with [method] (default: gzip), optionally to [outfile]\n"
-		"  <infile>/[outfile] can be '-' to be STDIN/STDOUT\n"
-		"  Supported methods: "
+		"  --compress[=method] <infile> [outfile]\n"
+		"    Compress <infile> with [method] (default: gzip), optionally to [outfile]\n"
+		"    <infile>/[outfile] can be '-' to be STDIN/STDOUT\n"
+		"    Supported methods: "
 	, arg0);
 	for (int i = 0; SUP_LIST[i]; ++i)
 		fprintf(stderr, "%s ", SUP_LIST[i]);
 	fprintf(stderr,
 		"\n\n"
-		" --decompress <infile> [outfile]\n"
-		"  Detect method and decompress <infile>, optionally to [outfile]\n"
-		"  <infile>/[outfile] can be '-' to be STDIN/STDOUT\n"
-		"  Supported methods: ");
+		"  --decompress <infile> [outfile]\n"
+		"    Detect method and decompress <infile>, optionally to [outfile]\n"
+		"    <infile>/[outfile] can be '-' to be STDIN/STDOUT\n"
+		"    Supported methods: ");
 	for (int i = 0; SUP_LIST[i]; ++i)
 		fprintf(stderr, "%s ", SUP_LIST[i]);
 	fprintf(stderr,
 		"\n\n"
-		" --sha1 <file>\n"
-		"  Print the SHA1 checksum for <file>\n"
+		"  --sha1 <file>\n"
+		"    Print the SHA1 checksum for <file>\n"
 		"\n"
-		" --cleanup\n"
-		"  Cleanup the current working directory\n"
+		"  --cleanup\n"
+		"    Cleanup the current working directory\n"
 		"\n");
 
 	exit(1);

native/jni/magiskhide/hide_utils.c

@@ -17,27 +17,24 @@
 #include "daemon.h"
 
 static char *prop_key[] =
-	{ "ro.boot.verifiedbootstate", "ro.boot.flash.locked", "ro.boot.veritymode", "ro.boot.warranty_bit", "ro.warranty_bit",
-	  "ro.debuggable", "ro.secure", "ro.build.type", "ro.build.tags", "ro.build.selinux", NULL };
+	{ "ro.boot.vbmeta.device_state", "ro.boot.verifiedbootstate", "ro.boot.flash.locked", "ro.boot.veritymode",
+	  "ro.boot.warranty_bit", "ro.warranty_bit", "ro.debuggable", "ro.secure",
+	  "ro.build.type", "ro.build.tags", "ro.build.selinux", NULL };
 
 static char *prop_value[] =
-	{ "green", "1", "enforcing", "0", "0", "0", "1", "user", "release-keys", "0", NULL };
-
-static int mocked = 0;
+	{ "locked", "green", "1", "enforcing",
+	  "0", "0", "0", "1",
+	  "user", "release-keys", "0", NULL };
 
 void manage_selinux() {
-	if (mocked) return;
-	char val[1];
+	char val;
 	int fd = xopen(SELINUX_ENFORCE, O_RDONLY);
-	xxread(fd, val, 1);
+	xxread(fd, &val, sizeof(val));
 	close(fd);
 	// Permissive
-	if (val[0] == '0') {
-		LOGI("hide_daemon: Permissive detected, hide the state\n");
-
+	if (val == '0') {
 		chmod(SELINUX_ENFORCE, 0640);
 		chmod(SELINUX_POLICY, 0440);
-		mocked = 1;
 	}
 }
 
@@ -62,6 +59,10 @@ static void rm_magisk_prop(const char *name, const char *value, void *v) {
 	}
 }
 
+static void kill_proc(int pid) {
+	kill(pid, SIGTERM);
+}
+
 void clean_magisk_props() {
 	LOGD("hide_utils: Cleaning magisk props\n");
 	getprop_all(rm_magisk_prop, NULL);

native/jni/magiskhide/magiskhide.c

@@ -22,10 +22,6 @@ int hideEnabled = 0;
 static pthread_t proc_monitor_thread;
 pthread_mutex_t hide_lock, file_lock;
 
-void kill_proc(int pid) {
-	kill(pid, SIGTERM);
-}
-
 static void usage(char *arg0) {
 	fprintf(stderr,
 		"MagiskHide v" xstr(MAGISK_VERSION) "(" xstr(MAGISK_VER_CODE) ") (by topjohnwu) - Hide Magisk!\n\n"
@@ -135,7 +131,7 @@ int magiskhide_main(int argc, char *argv[]) {
 	} else {
 		usage(argv[0]);
 	}
-	int fd = connect_daemon(0);
+	int fd = connect_daemon();
 	write_int(fd, req);
 	if (req == ADD_HIDELIST || req == RM_HIDELIST) {
 		write_string(fd, argv[2]);